From 4db7a54c27aa55f42c5239fb963d4b1cf0ff6ab5 Mon Sep 17 00:00:00 2001
From: Daniel Eisenberg <danielei@checkpoint.com>
Date: Wed, 4 Oct 2023 21:35:52 +0300
Subject: [PATCH 1/8] adding agent cache service

---
 nodes/CMakeLists.txt                          |   1 +
 nodes/agent_cache/CMakeLists.txt              |   8 ++
 nodes/agent_cache/package/CMakeLists.txt      |  49 +++++++
 .../package/cp-nano-agent-cache.cfg           |   1 +
 .../package/install-cp-nano-agent-cache.sh    | 130 ++++++++++++++++++
 nodes/orchestration/package/watchdog/watchdog |   6 +-
 6 files changed, 192 insertions(+), 3 deletions(-)
 create mode 100755 nodes/agent_cache/CMakeLists.txt
 create mode 100755 nodes/agent_cache/package/CMakeLists.txt
 create mode 100755 nodes/agent_cache/package/cp-nano-agent-cache.cfg
 create mode 100755 nodes/agent_cache/package/install-cp-nano-agent-cache.sh

diff --git a/nodes/CMakeLists.txt b/nodes/CMakeLists.txt
index 84f401c..6937a7a 100644
--- a/nodes/CMakeLists.txt
+++ b/nodes/CMakeLists.txt
@@ -11,5 +11,6 @@ set(COMMON_LIBRARIES "-lngen_core;-lcompression_utils;-lssl;-lcrypto;-lz;-lboost
 include(packaging.cmake)
 
 add_subdirectory(orchestration)
+add_subdirectory(agent_cache)
 add_subdirectory(http_transaction_handler)
 add_subdirectory(attachment_registration_manager)
diff --git a/nodes/agent_cache/CMakeLists.txt b/nodes/agent_cache/CMakeLists.txt
new file mode 100755
index 0000000..803b5ee
--- /dev/null
+++ b/nodes/agent_cache/CMakeLists.txt
@@ -0,0 +1,8 @@
+add_subdirectory(package)
+
+gen_package(
+	install-cp-nano-agent-cache.sh
+	agent_cache
+	./install-cp-nano-agent-cache.sh
+	Check Point Cache Nano Service Version ${PACKAGE_VERSION} Install Package
+)
diff --git a/nodes/agent_cache/package/CMakeLists.txt b/nodes/agent_cache/package/CMakeLists.txt
new file mode 100755
index 0000000..c06c27a
--- /dev/null
+++ b/nodes/agent_cache/package/CMakeLists.txt
@@ -0,0 +1,49 @@
+execute_process (
+	COMMAND bash -c "find / -name \"redis.conf\""
+	OUTPUT_VARIABLE redis_conf_path
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+)
+
+execute_process (
+	COMMAND bash -c "which redis-server"
+	OUTPUT_VARIABLE redis_server_path
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+)
+
+if (IS_SYMLINK ${redis_server_path})
+    execute_process (
+        COMMAND bash -c "readlink -f ${redis_server_path}"
+        OUTPUT_VARIABLE redis_server_path
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+    )
+endif()
+
+execute_process (
+	COMMAND bash -c "which redis-cli"
+	OUTPUT_VARIABLE redis_cli_path
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+)
+
+execute_process (
+	COMMAND bash -c "find /usr/lib -name \"libatomic.so*\" | awk '{printf \$0\";\"}'"
+	OUTPUT_VARIABLE atomic
+)
+
+execute_process (
+	COMMAND bash -c "find /usr/lib -name \"libjemalloc*\" | awk '{printf \$0\";\"}'"
+	OUTPUT_VARIABLE jemalloc
+)
+
+execute_process (
+	COMMAND bash -c "find /usr/lib -name \"liblua*\" | awk '{printf \$0\";\"}'"
+	OUTPUT_VARIABLE lua
+)
+
+install(FILES ${atomic} DESTINATION agent_cache/lib)
+install(FILES ${jemalloc} DESTINATION agent_cache/lib)
+install(FILES ${lua} DESTINATION agent_cache/lib)
+install(FILES install-cp-nano-agent-cache.sh  DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cp-nano-agent-cache.cfg DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES ${redis_conf_path}  DESTINATION agent_cache/)
+install(FILES ${redis_server_path}  DESTINATION agent_cache/bin/ RENAME redis-server PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES ${redis_cli_path}  DESTINATION agent_cache/bin PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
diff --git a/nodes/agent_cache/package/cp-nano-agent-cache.cfg b/nodes/agent_cache/package/cp-nano-agent-cache.cfg
new file mode 100755
index 0000000..866fb69
--- /dev/null
+++ b/nodes/agent_cache/package/cp-nano-agent-cache.cfg
@@ -0,0 +1 @@
+execution_flags=" /etc/cp/conf/redis.conf"
\ No newline at end of file
diff --git a/nodes/agent_cache/package/install-cp-nano-agent-cache.sh b/nodes/agent_cache/package/install-cp-nano-agent-cache.sh
new file mode 100755
index 0000000..6e8822d
--- /dev/null
+++ b/nodes/agent_cache/package/install-cp-nano-agent-cache.sh
@@ -0,0 +1,130 @@
+#!/bin/sh
+
+FORCE_STDOUT=true
+INSTALLATION_LOG_FILE="/var/log/nano_agent/install-cp-nano-agent-cache.log"
+INSTALLATION_TIME=$(date)
+CONF_PATH=/etc/cp/conf
+CACHE_SERVICE_PATH=/etc/cp/agentCache
+WATCHDOG_PATH=/etc/cp/watchdog/cp-nano-watchdog
+USR_LIB_PATH="/usr/lib"
+
+export INSTALL_COMMAND
+is_install="$(command -v install)"
+if [ -z ${is_install} ]; then
+    INSTALL_COMMAND="cp -f"
+    cp_print "[WARNING]: install command not found - using cp instead" ${FORCE_STDOUT}
+else
+    INSTALL_COMMAND=install
+fi
+
+mkdir -p /var/log/nano_agent
+
+cp_print()
+{
+    var_text=$1
+    var_std_out=$2
+    touch $INSTALLATION_LOG_FILE
+    if [ -n "$var_std_out" ]; then
+        if [ "$var_std_out" = "true" ]; then
+            printf "%b\n" "$var_text"
+        fi
+    fi
+    printf "%b\n" "$var_text" >> $INSTALLATION_LOG_FILE
+}
+
+cp_exec()
+{
+    var_cmd=$1
+    var_std_out=$2
+    # Send exec output to RES
+    RES=$($var_cmd 2>&1)
+    if [ -n "$RES" ]; then
+        cp_print "$RES" "$var_std_out"
+    fi
+}
+
+run_installation()
+{
+    cp_print "Starting installation of Check Point Cache service [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+    cp_exec "${WATCHDOG_PATH} --un-register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
+    cp_exec "mkdir -p ${CACHE_SERVICE_PATH}"
+    cp_exec "mkdir -p ${USR_LIB_PATH}/cpnano"
+    cp_exec "cp -rf lib/* ${USR_LIB_PATH}/cpnano"
+    cp_exec "cp -rf bin/redis-server ${CACHE_SERVICE_PATH}/"
+    cp_exec "cp -rf bin/redis-cli ${CACHE_SERVICE_PATH}/"
+    cp_exec "cp -f redis.conf ${CONF_PATH}/redis.conf"
+    cp_exec "cp -f cp-nano-agent-cache.cfg ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
+    cp_exec "mv ${CACHE_SERVICE_PATH}/redis-server ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
+    cp_exec "mv ${CACHE_SERVICE_PATH}/redis-cli ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
+    cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
+    cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
+    cp_exec "chmod 600 ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
+
+    cp_exec "${WATCHDOG_PATH} --register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
+    cp_print "Installation completed successfully." $FORCE_STDOUT
+}
+
+usage()
+{
+    echo "Check Point: available flags are"
+    echo "--install           : install agent inteligence Service"
+    echo "--uninstall         : remove agent inteligenceService"
+    echo "--pre_install_test  : run Pre-installation test for agent inteligence Service install package"
+    echo "--post_install_test : run Post-installation test for agent inteligence Service install package"
+    exit 255
+}
+
+run_uninstall()
+{
+    cp_print "Starting uninstall of Check Point Cache service [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+
+    cp_exec "${WATCHDOG_PATH} --un-register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
+    cp_exec "rm -rf ${CACHE_SERVICE_PATH}/"
+    cp_exec "rm -rf ${CONF_PATH}/redis.conf"
+
+    cp_print "Check Point Cache service was removed successfully\n" $FORCE_STDOUT
+}
+
+run_pre_install_test()
+{
+    cp_print "Successfully finished pre-installation test for Check Point Cache service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+    exit 0
+}
+
+run_post_install_test()
+{
+    if [ ! -d ${CACHE_SERVICE_PATH} ]; then
+        cp_print "Failed post-installation test for Check Point Cache service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+        exit 1
+    fi
+
+    cp_print "Successfully finished post-installation test for Check Point Cache service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
+    exit 0
+}
+
+
+run()
+{
+    if [ '--install' = "$1" ]; then
+        run_installation "${@}"
+    elif [ '--uninstall' = "$1" ]; then
+        run_uninstall
+    elif [ '--pre_install_test' = "$1" ]; then
+        run_pre_install_test
+    elif [ '--post_install_test' = "$1" ]; then
+        run_post_install_test
+    else
+        usage
+        exit 1
+    fi
+}
+
+if [ "$(id -u)" != "0" ]; then
+    echo "Administrative privileges required for this Package (use su or sudo)"
+    exit 1
+fi
+
+shift
+run "${@}"
+
+exit 0
diff --git a/nodes/orchestration/package/watchdog/watchdog b/nodes/orchestration/package/watchdog/watchdog
index 5dd8869..546069f 100755
--- a/nodes/orchestration/package/watchdog/watchdog
+++ b/nodes/orchestration/package/watchdog/watchdog
@@ -56,7 +56,7 @@ load_paths()
     if [ -n "${CP_INIT_D_PATH}" ]; then
         INIT_D_PATH=$CP_INIT_D_PATH
     fi
-	
+
     if [ -z "${MAX_FILE_SIZE}" ]; then
         MAX_FILE_SIZE=$DEFAULT_MAX_FILE_SIZE
 	fi
@@ -123,7 +123,7 @@ if [ -f /pfrm2.0/bin/cposd ]; then
 
     SUB_HW_VER=`fw_printenv -n sub_hw_ver`
 
-    # Clear TMPDIR(set by nano-egg in SMB), 
+    # Clear TMPDIR(set by nano-egg in SMB),
     # so the nano-agent will use the default tmp dir(/tmp).
     export TMPDIR=
 fi
@@ -667,7 +667,7 @@ load_services()
             fi
 
             log "load_services" "Respawn ${service}"
-            if [ "${service}" == "/etc/cp/agentIntelligence/redis/redis-server" ] || [ "${service}" = "/etc/cp/crowdsecAux/cp-nano-crowdsec-aux" ]; then
+            if [ "${service}" = "${FILESYSTEM_PATH}/agentCache/cp-nano-agent-cache" ] || [ "${service}" == "/etc/cp/agentIntelligence/redis/redis-server" ] || [ "${service}" = "/etc/cp/crowdsecAux/cp-nano-crowdsec-aux" ]; then
                 eval "LD_LIBRARY_PATH=${NGEN_LIB_PATH} ${service} ${execution_flags} &"
             else
                 eval "LD_LIBRARY_PATH=${NGEN_LIB_PATH} ${service} ${execution_flags} --filesystem_path=${FILESYSTEM_PATH} --log_files_path=${LOG_FILE_PATH} &"

From d6599cc7bc7767e86a96533abc9b0d97ee1231c3 Mon Sep 17 00:00:00 2001
From: orianelou <126462046+orianelou@users.noreply.github.com>
Date: Thu, 5 Oct 2023 13:34:25 +0300
Subject: [PATCH 2/8] Update README.md

updated supported versions
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 217d408..fba740b 100644
--- a/README.md
+++ b/README.md
@@ -63,7 +63,7 @@ $ ./open-appsec-k8s-install
 
 For Kubernetes (NGINX or Kong) using Helm: follow [documentation](https://docs.openappsec.io/getting-started/start-with-kubernetes/install-using-helm-ingress-nginx-and-kong) – use this method if you’ve built your own containers. 
 
-For Linux (NGINX or Kong) using the installer (list of supported/pre-compiled NGINX attachments is available [here](https://downloads.openappsec.io/supported-nginx.txt)):
+For Linux (NGINX or Kong) using the installer (list of supported/pre-compiled NGINX attachments is available [here](https://downloads.openappsec.io/packages/supported-nginx.txt)):
 
 ```bash
 $ wget https://downloads.openappsec.io/open-appsec-install && chmod +x open-appsec-install

From 5b9769e94ea47e6586c2cb3eb6eb9d4032adb10c Mon Sep 17 00:00:00 2001
From: roybarda <roybarda@gmail.com>
Date: Thu, 5 Oct 2023 13:58:09 +0300
Subject: [PATCH 3/8] Update README.md

add redis for rate limit packaging purposes
---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index fba740b..b78bff9 100644
--- a/README.md
+++ b/README.md
@@ -104,13 +104,14 @@ Before compiling the services, you'll need to ensure the latest development vers
 * GTest
 * GMock
 * cURL
+* Redis
 * Hiredis
 
 An example of installing the packages on Alpine:
 
 ```bash
  $ apk update
- $ apk add boost-dev openssl-dev pcre2-dev libxml2-dev gtest-dev curl-dev hiredis-dev
+ $ apk add boost-dev openssl-dev pcre2-dev libxml2-dev gtest-dev curl-dev hiredis-dev redis
 ```
 
 ## Compiling and packaging the agent code

From 6bda60ae84f169f654029fc493e0ee635d5c63b8 Mon Sep 17 00:00:00 2001
From: Daniel Eisenberg <danielei@checkpoint.com>
Date: Thu, 5 Oct 2023 14:03:00 +0300
Subject: [PATCH 4/8] adding agent cache service to entry.sh

---
 build_system/docker/entry.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/build_system/docker/entry.sh b/build_system/docker/entry.sh
index 16f359b..9d900ff 100644
--- a/build_system/docker/entry.sh
+++ b/build_system/docker/entry.sh
@@ -5,6 +5,7 @@ CROWDSEC_INSTALLATION_SCRIPT="install-cp-crowdsec-aux.sh"
 HTTP_TRANSACTION_HANDLER_SERVICE="install-cp-nano-service-http-transaction-handler.sh"
 ATTACHMENT_REGISTRATION_SERVICE="install-cp-nano-attachment-registration-manager.sh"
 ORCHESTRATION_INSTALLATION_SCRIPT="install-cp-nano-agent.sh"
+CACHE_INSTALLATION_SCRIPT="install-cp-nano-agent-cache.sh"
 
 var_fog_address=
 var_proxy=
@@ -63,6 +64,7 @@ if [ -f /var/run/secrets/kubernetes.io/serviceaccount/token ]; then
 fi
 
 /nano-service-installers/$ATTACHMENT_REGISTRATION_SERVICE --install
+/nano-service-installers/$CACHE_INSTALLATION_SCRIPT --install
 /nano-service-installers/$HTTP_TRANSACTION_HANDLER_SERVICE --install
 
 if [ ! -z $CROWDSEC_ENABLED ]; then

From da911582a5b56774ec9e865b51a1186f4c883ee0 Mon Sep 17 00:00:00 2001
From: Daniel Eisenberg <danielei@checkpoint.com>
Date: Thu, 5 Oct 2023 14:49:07 +0300
Subject: [PATCH 5/8] use sh instead of bash

---
 nodes/agent_cache/package/CMakeLists.txt      | 14 ++++----
 nodes/http_transaction_handler/CMakeLists.txt |  8 ++---
 nodes/orchestration/CMakeLists.txt            | 32 +++++++++----------
 3 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/nodes/agent_cache/package/CMakeLists.txt b/nodes/agent_cache/package/CMakeLists.txt
index c06c27a..e2750f5 100755
--- a/nodes/agent_cache/package/CMakeLists.txt
+++ b/nodes/agent_cache/package/CMakeLists.txt
@@ -1,41 +1,41 @@
 execute_process (
-	COMMAND bash -c "find / -name \"redis.conf\""
+	COMMAND sh -c "find / -name \"redis.conf\""
 	OUTPUT_VARIABLE redis_conf_path
     OUTPUT_STRIP_TRAILING_WHITESPACE
 )
 
 execute_process (
-	COMMAND bash -c "which redis-server"
+	COMMAND sh -c "which redis-server"
 	OUTPUT_VARIABLE redis_server_path
     OUTPUT_STRIP_TRAILING_WHITESPACE
 )
 
 if (IS_SYMLINK ${redis_server_path})
     execute_process (
-        COMMAND bash -c "readlink -f ${redis_server_path}"
+        COMMAND sh -c "readlink -f ${redis_server_path}"
         OUTPUT_VARIABLE redis_server_path
         OUTPUT_STRIP_TRAILING_WHITESPACE
     )
 endif()
 
 execute_process (
-	COMMAND bash -c "which redis-cli"
+	COMMAND sh -c "which redis-cli"
 	OUTPUT_VARIABLE redis_cli_path
     OUTPUT_STRIP_TRAILING_WHITESPACE
 )
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libatomic.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libatomic.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE atomic
 )
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libjemalloc*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libjemalloc*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE jemalloc
 )
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"liblua*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"liblua*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE lua
 )
 
diff --git a/nodes/http_transaction_handler/CMakeLists.txt b/nodes/http_transaction_handler/CMakeLists.txt
index cf999e2..ae48dfd 100755
--- a/nodes/http_transaction_handler/CMakeLists.txt
+++ b/nodes/http_transaction_handler/CMakeLists.txt
@@ -45,25 +45,25 @@ install(TARGETS cp-nano-http-transaction-handler DESTINATION bin)
 install(TARGETS cp-nano-http-transaction-handler DESTINATION http_transaction_handler_service/bin)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libpcre2-8.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libpcre2-8.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE pcre2-8
 )
 install(FILES ${pcre2-8} DESTINATION http_transaction_handler_service/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libpcre2-posix.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libpcre2-posix.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE pcre2-posix
 )
 install(FILES ${pcre2-posix} DESTINATION http_transaction_handler_service/lib)
 
 execute_process (
-        COMMAND bash -c "find /usr/lib -name \"libhiredis.so*\" | awk '{printf $0\";\"}'"
+        COMMAND sh -c "find /usr/lib -name \"libhiredis.so*\" | awk '{printf $0\";\"}'"
         OUTPUT_VARIABLE hiredis
 )
 install(FILES ${hiredis} DESTINATION http_transaction_handler_service/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libxml2.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libxml2.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE xml2
 )
 install(FILES ${xml2} DESTINATION http_transaction_handler_service/lib)
diff --git a/nodes/orchestration/CMakeLists.txt b/nodes/orchestration/CMakeLists.txt
index 1d4367c..1ed1c55 100755
--- a/nodes/orchestration/CMakeLists.txt
+++ b/nodes/orchestration/CMakeLists.txt
@@ -43,94 +43,94 @@ install(FILES package/certificate/public-keys/i2.pem DESTINATION orchestration/c
 install(FILES package/certificate/public-keys/stg-i2.pem DESTINATION orchestration/certificate/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_regex.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_regex.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_regex
 )
 install(FILES ${boost_regex} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_atomic.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_atomic.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_atomic
 )
 install(FILES ${boost_atomic} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_chrono.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_chrono.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_chrono
 )
 install(FILES ${boost_chrono} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_context.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_context.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_context
 )
 install(FILES ${boost_context} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_filesystem.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_filesystem.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_filesystem
 )
 install(FILES ${boost_filesystem} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_iostreams.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_iostreams.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_iostreams
 )
 install(FILES ${boost_iostreams} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_system
 )
 install(FILES ${boost_system} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_system
 )
 install(FILES ${boost_system} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_thread.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_thread.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_thread
 )
 install(FILES ${boost_thread} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libcrypto.so\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libcrypto.so\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE crypto
 )
 install(FILES ${crypto} DESTINATION orchestration/lib)
 execute_process (
-        COMMAND bash -c "find /lib -name \"libcrypto.so*\" | awk '{printf $0\";\"}'"
+        COMMAND sh -c "find /lib -name \"libcrypto.so*\" | awk '{printf $0\";\"}'"
         OUTPUT_VARIABLE crypto2
 )
 install(FILES ${crypto2} DESTINATION orchestration/lib)
 
 execute_process (
-	 COMMAND bash -c "find /usr/lib -name \"libssl.so\" | awk '{printf $1\";\"}'"
+	 COMMAND sh -c "find /usr/lib -name \"libssl.so\" | awk '{printf $1\";\"}'"
 	 OUTPUT_VARIABLE ssl
 )
 install(FILES ${ssl} DESTINATION orchestration/lib)
 execute_process (
-         COMMAND bash -c "find /lib -name \"libssl.so*\" | awk '{printf $1\";\"}'"
+         COMMAND sh -c "find /lib -name \"libssl.so*\" | awk '{printf $1\";\"}'"
          OUTPUT_VARIABLE ssl2
 )
 install(FILES ${ssl2} DESTINATION orchestration/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
 	OUTPUT_VARIABLE curl
 )
 install(FILES ${curl} DESTINATION orchestration/lib)
 execute_process (
-        COMMAND bash -c "find /lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
+        COMMAND sh -c "find /lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
         OUTPUT_VARIABLE curl2
 )
 install(FILES ${curl2} DESTINATION orchestration/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libz.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libz.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE z
 )
 install(FILES ${z} DESTINATION orchestration/lib)

From fd1a77628e4e7f1b1219621ebbf9ca8eb927dd13 Mon Sep 17 00:00:00 2001
From: Daniel Eisenberg <danielei@checkpoint.com>
Date: Thu, 5 Oct 2023 15:16:58 +0300
Subject: [PATCH 6/8] add cache conf file

---
 nodes/agent_cache/package/CMakeLists.txt                 | 6 ------
 nodes/agent_cache/package/cache.conf                     | 6 ++++++
 nodes/agent_cache/package/install-cp-nano-agent-cache.sh | 3 ++-
 3 files changed, 8 insertions(+), 7 deletions(-)
 create mode 100755 nodes/agent_cache/package/cache.conf

diff --git a/nodes/agent_cache/package/CMakeLists.txt b/nodes/agent_cache/package/CMakeLists.txt
index e2750f5..a4c1246 100755
--- a/nodes/agent_cache/package/CMakeLists.txt
+++ b/nodes/agent_cache/package/CMakeLists.txt
@@ -1,9 +1,3 @@
-execute_process (
-	COMMAND sh -c "find / -name \"redis.conf\""
-	OUTPUT_VARIABLE redis_conf_path
-    OUTPUT_STRIP_TRAILING_WHITESPACE
-)
-
 execute_process (
 	COMMAND sh -c "which redis-server"
 	OUTPUT_VARIABLE redis_server_path
diff --git a/nodes/agent_cache/package/cache.conf b/nodes/agent_cache/package/cache.conf
new file mode 100755
index 0000000..9b6b271
--- /dev/null
+++ b/nodes/agent_cache/package/cache.conf
@@ -0,0 +1,6 @@
+bind 127.0.0.1
+port 6379
+appendonly no
+save ""
+maxmemory 500mb
+maxmemory-policy allkeys-lru
\ No newline at end of file
diff --git a/nodes/agent_cache/package/install-cp-nano-agent-cache.sh b/nodes/agent_cache/package/install-cp-nano-agent-cache.sh
index 6e8822d..8a13326 100755
--- a/nodes/agent_cache/package/install-cp-nano-agent-cache.sh
+++ b/nodes/agent_cache/package/install-cp-nano-agent-cache.sh
@@ -52,13 +52,14 @@ run_installation()
     cp_exec "cp -rf lib/* ${USR_LIB_PATH}/cpnano"
     cp_exec "cp -rf bin/redis-server ${CACHE_SERVICE_PATH}/"
     cp_exec "cp -rf bin/redis-cli ${CACHE_SERVICE_PATH}/"
-    cp_exec "cp -f redis.conf ${CONF_PATH}/redis.conf"
     cp_exec "cp -f cp-nano-agent-cache.cfg ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
+    cp_exec "cp -f cache.conf ${CONF_PATH}/redis.conf"
     cp_exec "mv ${CACHE_SERVICE_PATH}/redis-server ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
     cp_exec "mv ${CACHE_SERVICE_PATH}/redis-cli ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
     cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
     cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
     cp_exec "chmod 600 ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
+    cp_exec "chmod 600 ${CONF_PATH}/redis.conf"
 
     cp_exec "${WATCHDOG_PATH} --register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
     cp_print "Installation completed successfully." $FORCE_STDOUT

From 0386431eee00afe101514c9372941c8432955c18 Mon Sep 17 00:00:00 2001
From: Daniel Eisenberg <danielei@checkpoint.com>
Date: Thu, 5 Oct 2023 15:21:12 +0300
Subject: [PATCH 7/8] add cache conf file

---
 nodes/agent_cache/package/cache.conf | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/nodes/agent_cache/package/cache.conf b/nodes/agent_cache/package/cache.conf
index 9b6b271..5290df9 100755
--- a/nodes/agent_cache/package/cache.conf
+++ b/nodes/agent_cache/package/cache.conf
@@ -1,6 +1,6 @@
-bind 127.0.0.1
-port 6379
-appendonly no
-save ""
-maxmemory 500mb
+bind 127.0.0.1
+port 6379
+appendonly no
+save ""
+maxmemory 500mb
 maxmemory-policy allkeys-lru
\ No newline at end of file

From e102b25b7dcc6bcc55cbd2729ef3230ce6b58bad Mon Sep 17 00:00:00 2001
From: Daniel Eisenberg <danielei@checkpoint.com>
Date: Thu, 5 Oct 2023 15:27:19 +0300
Subject: [PATCH 8/8] add cache conf file

---
 nodes/agent_cache/package/CMakeLists.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nodes/agent_cache/package/CMakeLists.txt b/nodes/agent_cache/package/CMakeLists.txt
index a4c1246..7f3264b 100755
--- a/nodes/agent_cache/package/CMakeLists.txt
+++ b/nodes/agent_cache/package/CMakeLists.txt
@@ -38,6 +38,7 @@ install(FILES ${jemalloc} DESTINATION agent_cache/lib)
 install(FILES ${lua} DESTINATION agent_cache/lib)
 install(FILES install-cp-nano-agent-cache.sh  DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES cp-nano-agent-cache.cfg DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cache.conf DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES ${redis_conf_path}  DESTINATION agent_cache/)
 install(FILES ${redis_server_path}  DESTINATION agent_cache/bin/ RENAME redis-server PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES ${redis_cli_path}  DESTINATION agent_cache/bin PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)