1+ #! /bin/bash
2+ # Run this script from within the ACASVM
3+ # this script should be run in the same directory as the 'TenableCore-Builder.tar.gz' file
4+
5+ set -e
6+
7+ # Global Vars
8+ NO_CLEAN=
9+ export INSTALL_TEMPDIR=_ACAS_OS_INSTALL
10+
11+ function usage(){
12+ echo ' '
13+ echo ' USAGE: ./build_tenablecore.sh [--noclean] [--temp-dir PATH]'
14+ echo ' Arguments:'
15+ echo ' --noclean: does not remove extracted files from the "temp-dir"'
16+ echo ' --temp-dir PATH: specify path to extract tar to (Default: /tmp/_ACAS_OS_INSTALL)'
17+ }
18+
19+ function install_rpms(){
20+ yum install -y java nessus nmap cdrecord mkisofs tar
21+ # install rpm extras
22+ rpm -ivh " $INSTALL_TEMPDIR /install/rpms/jdk-11/*.rpm" || true
23+ }
24+
25+ function configure_nessus(){
26+ systemctl start nessusd || true
27+ ln -s /opt/nessus/sbin/nessuscli /usr/sbin/nessuscli || true
28+ ln -s /opt/nessus/sbin/nessusd /usr/sbin/nessusd || true
29+
30+
31+ echo " Creating Nessus User Account"
32+ # need to wait till nessus is fully up here?
33+ nessuscli adduser || true
34+
35+ # reset nessus to use SecurityCenter
36+ systemctl stop nessusd || true
37+ nessuscli fix --set path_to_java=/bin/java
38+ nessuscli fix --reset
39+ nessuscli fetch --security-center
40+
41+ # start nessus
42+ systemctl start nessusd || true
43+
44+ }
45+
46+ function configure_networking(){
47+ # turn off firewalld
48+ systemctl disable --now firewalld || true
49+
50+ # install NetworkManager profiles
51+ cp " $INSTALL_TEMPDIR " * .nmconnection /etc/NetworkManager/system-connections/
52+ chmod 600 /etc/NetworkManager/system-connections/* .nmconnection
53+ chown root:root /etc/NetworkManager/system-connections/* .nmconnection
54+
55+ # install networkctl
56+ cp " $INSTALL_TEMPDIR /TenableCore/NetworkManager/networkctl.sh"
57+ chmod 755 /opt/networkctl.sh
58+ systemctl restart NetworkManager || true
59+ }
60+
61+ function install_notes(){
62+ cp -r " $INSTALL_TEMPDIR /Notes"
63+ }
64+
65+ function install_api(){
66+ # install pip packages (includes pyinstaller)
67+ su acasuser bash -c ' python -m ensurepip'
68+ sudo -Eu acasuser bash -c ' /home/acasuser/.local/bin/pip3 install --no-index --find-links "$INSTALL_TEMPDIR/install/python/oracle/" -r "$INSTALL_TEMPDIR/NessusAPI/requirements.txt"'
69+
70+ # install nessus-configure src and configs
71+ mkdir -p /opt/NessusAPI/{bin,src}
72+ cp -r " $INSTALL_TEMPDIR "
73+ cp " $INSTALL_TEMPDIR " * .py /opt/NessusAPI/src/
74+
75+ ln -s /opt/NessusAPI/src/nessus-configure.py /usr/bin/nessus-configure || true
76+ ln -s /opt/NessusAPI/src/nessus-update-policy.py /usr/bin/nessus-update-policy || true
77+ }
78+
79+ function install_utility_scripts(){
80+ cp -r " $INSTALL_TEMPDIR "
81+ # force ownership and permissions
82+ chmod 755 /opt/scripts/*
83+ chown -R root:root /opt/scripts/*
84+ # symlink only bins so all users can see it
85+ ln -s /opt/scripts/bin/* /usr/bin/
86+ # other scripts get stored here
87+
88+ }
89+
90+ # ###################### Main #######################
91+
92+ # ensure required file is present first
93+ if [ ! -f " TenableCore-Builder.tar.gz" ; then
94+ echo -n " ERROR: TenableCore-Builder.tar.gz not in current directory"
95+ usage
96+ exit 1
97+ fi
98+
99+ # Parse arguments
100+ while [[ " $# " -gt 0 ]]; do
101+ case $1 in
102+ --noclean)
103+ NO_CLEAN=true ;;
104+ --temp-dir)
105+ INSTALL_TEMPDIR=" $2 "
106+ shift
107+ ;;
108+ --help)
109+ usage
110+ ;;
111+ * )
112+ echo " ERROR: Unknown parameter passed: $1 " ;
113+ usage
114+ exit 1
115+ ;;
116+ esac
117+ shift
118+ done
119+
120+ mkdir -p " $INSTALL_TEMPDIR "
121+
122+ install_rpms
123+
124+ tar -xzvf TenableCore-Builder.tar.gz -C " $INSTALL_TEMPDIR "
125+
126+ configure_nessus
127+ configure_networking
128+ install_notes
129+ install_api
130+
131+ echo " Nessus Install Completed"
132+
133+ if [ -z " $NO_CLEAN " ; then
134+ rm -rf " $INSTALL_TEMPDIR "
135+ fi
0 commit comments