github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-06-28 16:41:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/openappsec/openappsec

Browse Source
This commit is contained in:
Ned Wright 2023-10-05 13:51:42 +00:00
commit de6f1033bd
11 changed files with 219 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -63,7 +63,7 @@ $ ./open-appsec-k8s-install
For Kubernetes (NGINX or Kong) using Helm: follow [documentation](https://docs.openappsec.io/getting-started/start-with-kubernetes/install-using-helm-ingress-nginx-and-kong) use this method if youve built your own containers. For Kubernetes (NGINX or Kong) using Helm: follow [documentation](https://docs.openappsec.io/getting-started/start-with-kubernetes/install-using-helm-ingress-nginx-and-kong) use this method if youve built your own containers.
For Linux (NGINX or Kong) using the installer (list of supported/pre-compiled NGINX attachments is available [here](https://downloads.openappsec.io/supported-nginx.txt)): For Linux (NGINX or Kong) using the installer (list of supported/pre-compiled NGINX attachments is available [here](https://downloads.openappsec.io/packages/supported-nginx.txt)):
```bash ```bash
$ wget https://downloads.openappsec.io/open-appsec-install && chmod +x open-appsec-install $ wget https://downloads.openappsec.io/open-appsec-install && chmod +x open-appsec-install
@ -104,13 +104,14 @@ Before compiling the services, you'll need to ensure the latest development vers
* GTest * GTest
* GMock * GMock
* cURL * cURL
* Redis
* Hiredis * Hiredis
An example of installing the packages on Alpine: An example of installing the packages on Alpine:
```bash ```bash
$ apk update $ apk update
$ apk add boost-dev openssl-dev pcre2-dev libxml2-dev gtest-dev curl-dev hiredis-dev $ apk add boost-dev openssl-dev pcre2-dev libxml2-dev gtest-dev curl-dev hiredis-dev redis
``` ```
## Compiling and packaging the agent code ## Compiling and packaging the agent code

2
build_system/docker/entry.sh
View File

@ -5,6 +5,7 @@ CROWDSEC_INSTALLATION_SCRIPT="install-cp-crowdsec-aux.sh"
HTTP_TRANSACTION_HANDLER_SERVICE="install-cp-nano-service-http-transaction-handler.sh" HTTP_TRANSACTION_HANDLER_SERVICE="install-cp-nano-service-http-transaction-handler.sh"
ATTACHMENT_REGISTRATION_SERVICE="install-cp-nano-attachment-registration-manager.sh" ATTACHMENT_REGISTRATION_SERVICE="install-cp-nano-attachment-registration-manager.sh"
ORCHESTRATION_INSTALLATION_SCRIPT="install-cp-nano-agent.sh" ORCHESTRATION_INSTALLATION_SCRIPT="install-cp-nano-agent.sh"
CACHE_INSTALLATION_SCRIPT="install-cp-nano-agent-cache.sh"
var_fog_address= var_fog_address=
var_proxy= var_proxy=
@ -63,6 +64,7 @@ if [ -f /var/run/secrets/kubernetes.io/serviceaccount/token ]; then
fi fi
/nano-service-installers/$ATTACHMENT_REGISTRATION_SERVICE --install /nano-service-installers/$ATTACHMENT_REGISTRATION_SERVICE --install
/nano-service-installers/$CACHE_INSTALLATION_SCRIPT --install
/nano-service-installers/$HTTP_TRANSACTION_HANDLER_SERVICE --install /nano-service-installers/$HTTP_TRANSACTION_HANDLER_SERVICE --install
if [ ! -z $CROWDSEC_ENABLED ]; then if [ ! -z $CROWDSEC_ENABLED ]; then

1
nodes/CMakeLists.txt
View File

@ -11,5 +11,6 @@ set(COMMON_LIBRARIES "-lngen_core;-lcompression_utils;-lssl;-lcrypto;-lz;-lboost
include(packaging.cmake) include(packaging.cmake)
add_subdirectory(orchestration) add_subdirectory(orchestration)
add_subdirectory(agent_cache)
add_subdirectory(http_transaction_handler) add_subdirectory(http_transaction_handler)
add_subdirectory(attachment_registration_manager) add_subdirectory(attachment_registration_manager)

8
nodes/agent_cache/CMakeLists.txt Executable file
View File

@ -0,0 +1,8 @@
add_subdirectory(package)
gen_package(
install-cp-nano-agent-cache.sh
agent_cache
./install-cp-nano-agent-cache.sh
Check Point Cache Nano Service Version ${PACKAGE_VERSION} Install Package
)

44
nodes/agent_cache/package/CMakeLists.txt Executable file
View File

@ -0,0 +1,44 @@
execute_process (
COMMAND sh -c "which redis-server"
OUTPUT_VARIABLE redis_server_path
OUTPUT_STRIP_TRAILING_WHITESPACE
)
if (IS_SYMLINK ${redis_server_path})
execute_process (
COMMAND sh -c "readlink -f ${redis_server_path}"
OUTPUT_VARIABLE redis_server_path
OUTPUT_STRIP_TRAILING_WHITESPACE
)
endif()
execute_process (
COMMAND sh -c "which redis-cli"
OUTPUT_VARIABLE redis_cli_path
OUTPUT_STRIP_TRAILING_WHITESPACE
)
execute_process (
COMMAND sh -c "find /usr/lib -name \"libatomic.so*\" | awk '{printf \$0\";\"}'"
OUTPUT_VARIABLE atomic
)
execute_process (
COMMAND sh -c "find /usr/lib -name \"libjemalloc*\" | awk '{printf \$0\";\"}'"
OUTPUT_VARIABLE jemalloc
)
execute_process (
COMMAND sh -c "find /usr/lib -name \"liblua*\" | awk '{printf \$0\";\"}'"
OUTPUT_VARIABLE lua
)
install(FILES ${atomic} DESTINATION agent_cache/lib)
install(FILES ${jemalloc} DESTINATION agent_cache/lib)
install(FILES ${lua} DESTINATION agent_cache/lib)
install(FILES install-cp-nano-agent-cache.sh DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
install(FILES cp-nano-agent-cache.cfg DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
install(FILES cache.conf DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
install(FILES ${redis_conf_path} DESTINATION agent_cache/)
install(FILES ${redis_server_path} DESTINATION agent_cache/bin/ RENAME redis-server PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
install(FILES ${redis_cli_path} DESTINATION agent_cache/bin PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)

6
nodes/agent_cache/package/cache.conf Executable file
View File

@ -0,0 +1,6 @@
bind 127.0.0.1
port 6379
appendonly no
save ""
maxmemory 500mb
maxmemory-policy allkeys-lru

1
nodes/agent_cache/package/cp-nano-agent-cache.cfg Executable file
View File

@ -0,0 +1 @@
execution_flags=" /etc/cp/conf/redis.conf"

131
nodes/agent_cache/package/install-cp-nano-agent-cache.sh Executable file
View File

@ -0,0 +1,131 @@
#!/bin/sh
FORCE_STDOUT=true
INSTALLATION_LOG_FILE="/var/log/nano_agent/install-cp-nano-agent-cache.log"
INSTALLATION_TIME=$(date)
CONF_PATH=/etc/cp/conf
CACHE_SERVICE_PATH=/etc/cp/agentCache
WATCHDOG_PATH=/etc/cp/watchdog/cp-nano-watchdog
USR_LIB_PATH="/usr/lib"
export INSTALL_COMMAND
is_install="$(command -v install)"
if [ -z ${is_install} ]; then
INSTALL_COMMAND="cp -f"
cp_print "[WARNING]: install command not found - using cp instead" ${FORCE_STDOUT}
else
INSTALL_COMMAND=install
fi
mkdir -p /var/log/nano_agent
cp_print()
{
var_text=$1
var_std_out=$2
touch $INSTALLATION_LOG_FILE
if [ -n "$var_std_out" ]; then
if [ "$var_std_out" = "true" ]; then
printf "%b\n" "$var_text"
fi
fi
printf "%b\n" "$var_text" >> $INSTALLATION_LOG_FILE
}
cp_exec()
{
var_cmd=$1
var_std_out=$2
# Send exec output to RES
RES=$($var_cmd 2>&1)
if [ -n "$RES" ]; then
cp_print "$RES" "$var_std_out"
fi
}
run_installation()
{
cp_print "Starting installation of Check Point Cache service [$INSTALLATION_TIME]\n" $FORCE_STDOUT
cp_exec "${WATCHDOG_PATH} --un-register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
cp_exec "mkdir -p ${CACHE_SERVICE_PATH}"
cp_exec "mkdir -p ${USR_LIB_PATH}/cpnano"
cp_exec "cp -rf lib/* ${USR_LIB_PATH}/cpnano"
cp_exec "cp -rf bin/redis-server ${CACHE_SERVICE_PATH}/"
cp_exec "cp -rf bin/redis-cli ${CACHE_SERVICE_PATH}/"
cp_exec "cp -f cp-nano-agent-cache.cfg ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
cp_exec "cp -f cache.conf ${CONF_PATH}/redis.conf"
cp_exec "mv ${CACHE_SERVICE_PATH}/redis-server ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
cp_exec "mv ${CACHE_SERVICE_PATH}/redis-cli ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
cp_exec "chmod 600 ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
cp_exec "chmod 600 ${CONF_PATH}/redis.conf"
cp_exec "${WATCHDOG_PATH} --register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
cp_print "Installation completed successfully." $FORCE_STDOUT
}
usage()
{
echo "Check Point: available flags are"
echo "--install : install agent inteligence Service"
echo "--uninstall : remove agent inteligenceService"
echo "--pre_install_test : run Pre-installation test for agent inteligence Service install package"
echo "--post_install_test : run Post-installation test for agent inteligence Service install package"
exit 255
}
run_uninstall()
{
cp_print "Starting uninstall of Check Point Cache service [$INSTALLATION_TIME]\n" $FORCE_STDOUT
cp_exec "${WATCHDOG_PATH} --un-register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
cp_exec "rm -rf ${CACHE_SERVICE_PATH}/"
cp_exec "rm -rf ${CONF_PATH}/redis.conf"
cp_print "Check Point Cache service was removed successfully\n" $FORCE_STDOUT
}
run_pre_install_test()
{
cp_print "Successfully finished pre-installation test for Check Point Cache service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
exit 0
}
run_post_install_test()
{
if [ ! -d ${CACHE_SERVICE_PATH} ]; then
cp_print "Failed post-installation test for Check Point Cache service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
exit 1
fi
cp_print "Successfully finished post-installation test for Check Point Cache service installation package [$INSTALLATION_TIME]\n" $FORCE_STDOUT
exit 0
}
run()
{
if [ '--install' = "$1" ]; then
run_installation "${@}"
elif [ '--uninstall' = "$1" ]; then
run_uninstall
elif [ '--pre_install_test' = "$1" ]; then
run_pre_install_test
elif [ '--post_install_test' = "$1" ]; then
run_post_install_test
else
usage
exit 1
fi
}
if [ "$(id -u)" != "0" ]; then
echo "Administrative privileges required for this Package (use su or sudo)"
exit 1
fi
shift
run "${@}"
exit 0

8
nodes/http_transaction_handler/CMakeLists.txt
View File

@ -45,25 +45,25 @@ install(TARGETS cp-nano-http-transaction-handler DESTINATION bin)
install(TARGETS cp-nano-http-transaction-handler DESTINATION http_transaction_handler_service/bin) install(TARGETS cp-nano-http-transaction-handler DESTINATION http_transaction_handler_service/bin)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libpcre2-8.so*\" | awk '{printf \$0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libpcre2-8.so*\" | awk '{printf \$0\";\"}'"
OUTPUT_VARIABLE pcre2-8 OUTPUT_VARIABLE pcre2-8
) )
install(FILES ${pcre2-8} DESTINATION http_transaction_handler_service/lib) install(FILES ${pcre2-8} DESTINATION http_transaction_handler_service/lib)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libpcre2-posix.so*\" | awk '{printf \$0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libpcre2-posix.so*\" | awk '{printf \$0\";\"}'"
OUTPUT_VARIABLE pcre2-posix OUTPUT_VARIABLE pcre2-posix
) )
install(FILES ${pcre2-posix} DESTINATION http_transaction_handler_service/lib) install(FILES ${pcre2-posix} DESTINATION http_transaction_handler_service/lib)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libhiredis.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libhiredis.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE hiredis OUTPUT_VARIABLE hiredis
) )
install(FILES ${hiredis} DESTINATION http_transaction_handler_service/lib) install(FILES ${hiredis} DESTINATION http_transaction_handler_service/lib)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libxml2.so*\" | awk '{printf \$0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libxml2.so*\" | awk '{printf \$0\";\"}'"
OUTPUT_VARIABLE xml2 OUTPUT_VARIABLE xml2
) )
install(FILES ${xml2} DESTINATION http_transaction_handler_service/lib) install(FILES ${xml2} DESTINATION http_transaction_handler_service/lib)

32
nodes/orchestration/CMakeLists.txt
View File

@ -43,94 +43,94 @@ install(FILES package/certificate/public-keys/i2.pem DESTINATION orchestration/c
install(FILES package/certificate/public-keys/stg-i2.pem DESTINATION orchestration/certificate/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ) install(FILES package/certificate/public-keys/stg-i2.pem DESTINATION orchestration/certificate/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_regex.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_regex.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_regex OUTPUT_VARIABLE boost_regex
) )
install(FILES ${boost_regex} DESTINATION orchestration/lib/boost) install(FILES ${boost_regex} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_atomic.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_atomic.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_atomic OUTPUT_VARIABLE boost_atomic
) )
install(FILES ${boost_atomic} DESTINATION orchestration/lib/boost) install(FILES ${boost_atomic} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_chrono.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_chrono.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_chrono OUTPUT_VARIABLE boost_chrono
) )
install(FILES ${boost_chrono} DESTINATION orchestration/lib/boost) install(FILES ${boost_chrono} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_context.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_context.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_context OUTPUT_VARIABLE boost_context
) )
install(FILES ${boost_context} DESTINATION orchestration/lib/boost) install(FILES ${boost_context} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_filesystem.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_filesystem.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_filesystem OUTPUT_VARIABLE boost_filesystem
) )
install(FILES ${boost_filesystem} DESTINATION orchestration/lib/boost) install(FILES ${boost_filesystem} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_iostreams.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_iostreams.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_iostreams OUTPUT_VARIABLE boost_iostreams
) )
install(FILES ${boost_iostreams} DESTINATION orchestration/lib/boost) install(FILES ${boost_iostreams} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_system OUTPUT_VARIABLE boost_system
) )
install(FILES ${boost_system} DESTINATION orchestration/lib/boost) install(FILES ${boost_system} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_system OUTPUT_VARIABLE boost_system
) )
install(FILES ${boost_system} DESTINATION orchestration/lib/boost) install(FILES ${boost_system} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libboost_thread.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libboost_thread.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE boost_thread OUTPUT_VARIABLE boost_thread
) )
install(FILES ${boost_thread} DESTINATION orchestration/lib/boost) install(FILES ${boost_thread} DESTINATION orchestration/lib/boost)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libcrypto.so\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libcrypto.so\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE crypto OUTPUT_VARIABLE crypto
) )
install(FILES ${crypto} DESTINATION orchestration/lib) install(FILES ${crypto} DESTINATION orchestration/lib)
execute_process ( execute_process (
COMMAND bash -c "find /lib -name \"libcrypto.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /lib -name \"libcrypto.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE crypto2 OUTPUT_VARIABLE crypto2
) )
install(FILES ${crypto2} DESTINATION orchestration/lib) install(FILES ${crypto2} DESTINATION orchestration/lib)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libssl.so\" | awk '{printf $1\";\"}'" COMMAND sh -c "find /usr/lib -name \"libssl.so\" | awk '{printf $1\";\"}'"
OUTPUT_VARIABLE ssl OUTPUT_VARIABLE ssl
) )
install(FILES ${ssl} DESTINATION orchestration/lib) install(FILES ${ssl} DESTINATION orchestration/lib)
execute_process ( execute_process (
COMMAND bash -c "find /lib -name \"libssl.so*\" | awk '{printf $1\";\"}'" COMMAND sh -c "find /lib -name \"libssl.so*\" | awk '{printf $1\";\"}'"
OUTPUT_VARIABLE ssl2 OUTPUT_VARIABLE ssl2
) )
install(FILES ${ssl2} DESTINATION orchestration/lib) install(FILES ${ssl2} DESTINATION orchestration/lib)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'" COMMAND sh -c "find /usr/lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
OUTPUT_VARIABLE curl OUTPUT_VARIABLE curl
) )
install(FILES ${curl} DESTINATION orchestration/lib) install(FILES ${curl} DESTINATION orchestration/lib)
execute_process ( execute_process (
COMMAND bash -c "find /lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'" COMMAND sh -c "find /lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
OUTPUT_VARIABLE curl2 OUTPUT_VARIABLE curl2
) )
install(FILES ${curl2} DESTINATION orchestration/lib) install(FILES ${curl2} DESTINATION orchestration/lib)
execute_process ( execute_process (
COMMAND bash -c "find /usr/lib -name \"libz.so*\" | awk '{printf $0\";\"}'" COMMAND sh -c "find /usr/lib -name \"libz.so*\" | awk '{printf $0\";\"}'"
OUTPUT_VARIABLE z OUTPUT_VARIABLE z
) )
install(FILES ${z} DESTINATION orchestration/lib) install(FILES ${z} DESTINATION orchestration/lib)

6
nodes/orchestration/package/watchdog/watchdog
View File

@ -56,7 +56,7 @@ load_paths()
if [ -n "${CP_INIT_D_PATH}" ]; then if [ -n "${CP_INIT_D_PATH}" ]; then
INIT_D_PATH=$CP_INIT_D_PATH INIT_D_PATH=$CP_INIT_D_PATH
fi fi
if [ -z "${MAX_FILE_SIZE}" ]; then if [ -z "${MAX_FILE_SIZE}" ]; then
MAX_FILE_SIZE=$DEFAULT_MAX_FILE_SIZE MAX_FILE_SIZE=$DEFAULT_MAX_FILE_SIZE
fi fi
@ -123,7 +123,7 @@ if [ -f /pfrm2.0/bin/cposd ]; then
SUB_HW_VER=`fw_printenv -n sub_hw_ver` SUB_HW_VER=`fw_printenv -n sub_hw_ver`
# Clear TMPDIR(set by nano-egg in SMB), # Clear TMPDIR(set by nano-egg in SMB),
# so the nano-agent will use the default tmp dir(/tmp). # so the nano-agent will use the default tmp dir(/tmp).
export TMPDIR= export TMPDIR=
fi fi
@ -667,7 +667,7 @@ load_services()
fi fi
log "load_services" "Respawn ${service}" log "load_services" "Respawn ${service}"
if [ "${service}" == "/etc/cp/agentIntelligence/redis/redis-server" ] || [ "${service}" = "/etc/cp/crowdsecAux/cp-nano-crowdsec-aux" ]; then if [ "${service}" = "${FILESYSTEM_PATH}/agentCache/cp-nano-agent-cache" ] || [ "${service}" == "/etc/cp/agentIntelligence/redis/redis-server" ] || [ "${service}" = "/etc/cp/crowdsecAux/cp-nano-crowdsec-aux" ]; then
eval "LD_LIBRARY_PATH=${NGEN_LIB_PATH} ${service} ${execution_flags} &" eval "LD_LIBRARY_PATH=${NGEN_LIB_PATH} ${service} ${execution_flags} &"
else else
eval "LD_LIBRARY_PATH=${NGEN_LIB_PATH} ${service} ${execution_flags} --filesystem_path=${FILESYSTEM_PATH} --log_files_path=${LOG_FILE_PATH} &" eval "LD_LIBRARY_PATH=${NGEN_LIB_PATH} ${service} ${execution_flags} --filesystem_path=${FILESYSTEM_PATH} --log_files_path=${LOG_FILE_PATH} &"