I'm trying to write up a script to install tenable agents. It runs through a maintenance window every hour and will skip the install if the agent already exists. I currently have 2 tasks, one for RHEL and one for Amazon Linux 2, but RHEL for some reason keeps failing, so I wanted to swap the script for the linux one to just include RHEL.
The problem is, Amazon Linux and RHEL both spit back VERY similar information when using uname (Linux) and $OSTYPE (linux-gnu) But each needs a different Nessus file:
Amazon Linux 2 requires - "NessusAgent-8.2.0-amzn.x86_64.rpm"
Redhat EL 8 requires - "NessusAgent-8.2.0-es8.x86_64.rpm"
Does anyone know of a good way to differentiate?
Here is what I have so far. I swapped the OSTYPE value to show what I need in place:
serviceName="nessusagent"
if systemctl --all --type service | grep -q "$serviceName";then
echo "$serviceName exists."
else
if [[ "$OSTYPE" == "Amazon Linux 2"* ]]; then
wget "https://lmi-infosec-tenable.s3.amazonaws.com/NessusAgent-8.2.0-amzn.x86_64.rpm" -P /tmp/nessus/
sudo rpm -ivh /tmp/nessus/NessusAgent-8.2.0-amzn.x86_64.rpm
sudo /sbin/service nessusagent start
sudo /opt/nessus_agent/sbin/nessuscli agent link --key=<key_value>--groups=<groups> --cloud
else [[ "$OSTYPE" == "Redhat Enterprise Linux 8"* ]]; then
mkdir /tmp/nessus/
curl "https://lmi-infosec-tenable.s3.amazonaws.com/NessusAgent-8.2.0-es8.x86_64.rpm" --output /tmp/nessus/NessusAgent-8.2.0-es8.x86_64.rpm --silent
sudo rpm -ivh /tmp/nessus/NessusAgent-8.2.0-es8.x86_64.rpm
sudo /sbin/service nessusagent start
sudo /opt/nessus_agent/sbin/nessuscli agent link --key=<key_value>--groups=<groups> --cloud
fi
fi
As an update. I found that the simplest way to differentiate was actually with the wget tool. It's native on AL2 but on RHEL 8 you have to install it, so I modified the script to essentially attempt to retrieve a file with wget, if it fails, then it proceeds with curl and downloads the RHEL agent file. The finished script looks like this:
serviceName="nessusagent"
if systemctl --all --type service | grep -q "$serviceName";then
echo "$serviceName exists."
else
wget "https://<bucket-name>/NessusAgent-8.2.0-amzn.x86_64.rpm" -P /tmp/nessus/
if [ $? -ne 0 ] then
mkdir /tmp/nessus/
curl "https://<bucket-name>/NessusAgent-8.2.0-es8.x86_64.rpm" --output /tmp/nessus/NessusAgent-8.2.0-es8.x86_64.rpm --silent
sudo rpm -ivh /tmp/nessus/NessusAgent-8.2.0-es8.x86_64.rpm
sudo /sbin/service nessusagent start
sudo /opt/nessus_agent/sbin/nessuscli agent link --key=<key>--groups=<groups> --cloud
else
sudo rpm -ivh /tmp/nessus/NessusAgent-8.2.0-amzn.x86_64.rpm
sudo /sbin/service nessusagent start
sudo /opt/nessus_agent/sbin/nessuscli agent link --key=<key>--groups=<groups> --cloud
fi
fi
I know it's a relatively rudimentary way to accomplish this, but it suits my needs for the time crunch. I will evaluate more efficient options later down the road!
Thanks for the help!