twb
/
neatoDeploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ex doc

Browse Source
main
Robert 2 years ago
parent 5924d306a6
commit 073f135b5e
2 changed files with 34 additions and 12 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 34
      README.md
  2. 12
      config_files/deploy_security_audit.php

34
README.md
Unescape View File

@ -1,14 +1,36 @@
# neatoDeploy # neatoDeploy
## Make self-extracting tar file for install
```
$ git clone https://git.mysnippetsofcode.com/tts/neatoDeploy.git
$ cd neatoDeploy
$ ./make-installer.sh $ ./make-installer.sh
```
Then scp over the neato_deploy.tar.gz.self to your sever. Then scp over the neato_deploy.tar.gz.self to your sever.
on the server: $ ./neato_deploy.tar.gz.self on the server: $ sudo ./neato_deploy.tar.gz.self
## Clean up ## Clean up
```
$ rm neato_deploy.tar.gz.self $ rm neato_deploy.tar.gz.self
$ rm install_neato.sh $ rm install_neato.sh
```
## Run neato_deploy ## Make sha256sum (& xor static pwd) on TRUSTED scripts
```
$ sudo -i
$ cd /opt/neatoDemployments
$./make-sums.sh
```
## Do Deployments...
```
$ cd /opt/neatoDemployments $ cd /opt/neatoDemployments
$ ./neato_deploy.sh http://site.com/deployment.txt
# Pull and RUN deployment script from your web site
$ ./neato_deploy.sh http://EXAMPLE_Site.com/MY_Deployment.txt
# OR Run a local file deployment
$ sudo ./neato_deploy.sh security_audit
```
Note that deployment files are named with the prefix of deploy_
and end with .php, they must be a valid PHP script...
A few example deployments are given from the config_files directory and will be extracted upon running the file: neato_deploy.tar.gz.self to the /opt/neatoDemployments ROOT DIR.

12
config_files/deploy_security_audit.php
Unescape View File

@ -62,20 +62,20 @@ if (count($output) > 0) {
} }
unset($output); unset($output);
display(getTermColors("Unwanted SUID and SGID bins", ['color'=>'blue'])); display(getTermColors("No-owner Files", ['color'=>'blue']));
exec(neato::get_bin . 'find / \( -perm -4000 -o -perm -2000 \) -print', $output, $exit_code); exec(neato::get_bin . 'find / -xdev \( -nouser -o -nogroup \) -print', $output, $exit_code);
if (count($output) > 0) { if (count($output) > 0) {
display(getTermColors($output, ['color'=>'red'])); display(getTermColors($output, ['color'=>'red']));
} else { } else {
display(getTermColors("No sticky bits found.", ['color'=>'green'])); display(getTermColors("All files have owner-ship.", ['color'=>'green']));
} }
unset($output); unset($output);
display(getTermColors("No-owner Files", ['color'=>'blue'])); display(getTermColors("Unwanted SUID and SGID bins", ['color'=>'blue']));
exec(neato::get_bin . 'find / -xdev \( -nouser -o -nogroup \) -print', $output, $exit_code); exec(neato::get_bin . 'find / \( -perm -4000 -o -perm -2000 \) -print', $output, $exit_code);
if (count($output) > 0) { if (count($output) > 0) {
display(getTermColors($output, ['color'=>'red'])); display(getTermColors($output, ['color'=>'red']));
} else { } else {
display(getTermColors("All files have owner-ship.", ['color'=>'green'])); display(getTermColors("No sticky bits found.", ['color'=>'green']));
} }
unset($output); unset($output);
Write Preview
Loading…
Cancel
Save