#!/bin/bash LOG=/root/asl-uninstall.log DATE=$(date +%Y%m%d-%H:%M) export LANG=en_US.UTF-8 # make sure no instance of the installer is running if [ ! -e /asl-uninstaller.lock ]; then touch /asl-uninstaller.lock else echo "Another uninstaller is already running." app_exit 1 fi function app_exit { EXIT_CODE=$1 echo # remove lock file rm -f /asl-uninstaller.lock # exit exit $EXIT_CODE } if ! rpm -q asl ; then echo "ASL installation not detected" echo "`date -u`: ASL Installation not detected " >> $LOG app_exit 1 fi if [ -f /etc/asl/config ]; then source /etc/asl/config fi if grep -q "^assumeyes=1" "/etc/yum.conf"; then echo "Not supported: assumeyes=1 was detected in yum.conf, the uninstaller will not run" echo "`date -u`: Not Supported: assumeyes=1 was detected in yum.conf" >> $LOG app_exit 1 fi if [ ! $SSH_TTY ]; then UNINSTALL_TTY="/dev/$(ps -p$$ --no-heading | awk '{print $2}')" else UNINSTALL_TTY=$SSH_TTY fi cd /root echo "`date -u`: Uninstall initiated" >> $LOG if [ -d /usr/local/directadmin ] ; then TYPE=directadmin elif [ -d /usr/local/cpanel ]; then TYPE=cpanel else TYPE=normal fi echo "`date -u`: Environment $TYPE detected " >> $LOG echo echo " WARNING: This utility will remove ASL entirely from the system." read -p " Are you sure this is what you want to do? Type CONTINUE if you are sure you want to do this. (CONTINUE/STOP): " INPUT < $UNINSTALL_TTY echo "`date -u`: User selected $INPUT " >> $LOG if [ "$INPUT" != "CONTINUE" ]; then echo echo " Exiting..." echo echo "`date -u`: User did not agree to uninstall " >> $LOG echo "`date -u`: uninstaller exiting " >> $LOG exit else echo "`date -u`: User selected $INPUT " >> $LOG fi # Normal service asl-firewall stop >> $LOG service crond stop >> $LOG service psmon stop >> $LOG service ossec-hids stop >> $LOG service clamd stop >> $LOG # make sure no asl processes are running for pid in `ps auxwww | grep asl | grep -v grep | awk '{print $2}'` ; do kill -9 $pid done # TODO: database drop event COMMON_LIST="roadsend-php-libs" FULL_LIST="mod_security mod_sed asl mod_evasive ossec-hids psmon rkhunter skdet unhide paxtest clamd clamav-db clamav asl-web gradm asl-web tortixd asl-php* aum aqueduct* asl-stream* tortix-release asl-php* rblcheck bigloo-libs chkrootkit inotify-tools" echo "`date -u`: starting yum remove " >> $LOG /usr/bin/yum remove $FULL_LIST $COMMON_LIST if [ $? -ge 1 ]; then echo "No packages removed, exiting" app_exit 1 fi echo "`date -u`: yum remove complete (exit $?) " >> $LOG # Cpanel if [ -f /scripts/posteasyapache ]; then rm -f /scripts/posteasyapache fi if [ -f /scripts/preeasyapache ]; then rm -f /scripts/preeasyapache fi # killall -9 psmon >/dev/null 2>&1 if [ -f /var/lock/subsys/psmon ]; then rm -f /var/lock/subsys/psmon fi # Remove users userdel tortix | tee -a $LOG userdel asl-web | tee -a $LOG groupdel tortix | tee -a $LOG if [ -d /etc/httpd/modsecurity.d/ ]; then rm -f /etc/httpd/modsecurity.d/* fi echo "Clearing the /var/asl tree. This could take a few minutes, please be patient" echo -n " Removing /var/asl :" rm -rf /var/asl echo "Complete" echo "`date -u` removed /var/asl" >> $LOG service crond start >> $LOG if [ "$TYPE" == "cpanel" ]; then if [ -f /etc/httpd/modsecurity.d/00_mod_security.conf ]; then rm -f /etc/httpd/modsecurity.d/00_mod_security.conf fi touch /usr/local/apache/conf/modsec2.conf touch /usr/local/apache/modsecurity.d/tortix_waf.conf echo "`date -u` removed /etc/httpd/modsecurity.d/00_mod_security.conf" >> $LOG service httpd restart >> $LOG fi # Drop database if [ $OSSEC_DATABASE ]; then /usr/bin/mysqladmin drop $OSSEC_DATABASE | tee -a $LOG fi rm -rf /etc/asl rm -rf /var/ossec rm -f /etc/yum.repos.d/asl.repo rm -f /etc/yum.repos.d/tortix-common.repo >> $LOG sed -i "s/=kernel-asl/=kernel/g" /etc/sysconfig/kernel # final kernel check if ! rpm -qa |grep ^kernel- ; then echo echo "WARNING****WARNING****WARNING" echo echo "No kernels were detected after uninstallation. This could mean that your system is now" echo "unbootable" echo echo "If this is anything other than an openvz or virtuozzo system you need to fix this." echo "WARNING****WARNING****WARNING" echo echo echo "`date -u` WARNING: no kernels detected" >> $LOG fi echo "`date -u`: uninstall complete" >> $LOG