momenbasel · February 23, 2025 02:00
diff --git a/trendmicro.sh b/trendmicro.sh
 #!/bin/bash

 ##############################################################################
 # install-trendmicro-dsa.sh
 #
 # Installs the Trend Micro Deep Security Agent (DSA) on Ubuntu/Debian 
 # and ensures it persists after reboot. 
 # Then you can create an AMI from this instance so that all future instances
 # automatically have DSA pre-installed.
 ##############################################################################

 # Exit on any error
 set -e

 echo "=== Checking if running as root..."
 if [[ $(id -u) -ne 0 ]]; then
  echo "[ERROR] Please run this script as root (sudo -i)."
  exit 1
 fi

 echo "=== Updating system and installing dependencies..."
 apt-get update -y
 # If you want to upgrade packages:
 # apt-get upgrade -y
 apt-get install -y wget curl

 echo "=== Creating persistent directory for Trend Micro files..."
 mkdir -p /opt/trendmicro

 echo "=== Downloading Trend Micro's Linux platform detection script..."
 MANAGERURL='https://workload.de-1.cloudone.trendmicro.com'
 curl -L "${MANAGERURL}/software/deploymentscript/platform/linuxdetectscriptv1/" \
     -o /opt/trendmicro/PlatformDetection \
     --silent --tlsv1.2

 if [[ ! -s /opt/trendmicro/PlatformDetection ]]; then
  echo "[ERROR] Failed to download Trend Micro platform detection script."
  exit 1
 fi

 # Load detection script
 source /opt/trendmicro/PlatformDetection

 echo "=== Detecting platform..."
 platform_detect

 if [[ -z "${linuxPlatform}" ]] || [[ -z "${isRPM}" ]]; then
  echo "[ERROR] Unsupported platform detected."
  exit 1
 fi

 # Decide on .deb or .rpm
 if [[ $isRPM == 1 ]]; then
  PKG_NAME='agent.rpm'
 else
  PKG_NAME='agent.deb'
 fi

 echo "=== Downloading Trend Micro DSA package ($PKG_NAME)..."
 curl -L "${MANAGERURL}/software/agent/${runningPlatform}${majorVersion}/${archType}/${PKG_NAME}?tenantID=30643" \
     -o "/opt/trendmicro/${PKG_NAME}" \
     --silent --tlsv1.2

 if [[ ! -s "/opt/trendmicro/${PKG_NAME}" ]]; then
  echo "[ERROR] Trend Micro DSA package download failed."
  exit 1
 fi

 echo "=== Installing Trend Micro DSA..."
 if [[ $isRPM == 1 ]]; then
  rpm -ihv "/opt/trendmicro/agent.rpm"
 else
  dpkg -i "/opt/trendmicro/agent.deb"
 fi

 echo "=== Enabling and starting ds_agent service..."
 systemctl enable ds_agent || {
  echo "[WARNING] Could not enable ds_agent. Possibly not a systemd unit, or another issue."
 }
 systemctl start ds_agent || {
  echo "[ERROR] Could not start ds_agent service."
  exit 1
 }

 # Check if ds_agent is running
 echo "=== Checking ds_agent status..."
 if systemctl status ds_agent | grep -q "active (running)"; then
  echo "Trend Micro DSA is running successfully!"
 else
  echo "[WARNING] ds_agent did not appear to start correctly. Investigate logs with:"
  echo "          sudo journalctl -u ds_agent"
 fi

 echo "=== Trend Micro Deep Security Agent installation completed! ==="
 echo "You can now create a new AMI from this instance to permanently preserve the agent."
	#!/bin/bash

	##############################################################################
	# install-trendmicro-dsa.sh
	#
	# Installs the Trend Micro Deep Security Agent (DSA) on Ubuntu/Debian
	# and ensures it persists after reboot.
	# Then you can create an AMI from this instance so that all future instances
	# automatically have DSA pre-installed.
	##############################################################################

	# Exit on any error
	set -e

	echo "=== Checking if running as root..."
	if [[ $(id -u) -ne 0 ]]; then
	echo "[ERROR] Please run this script as root (sudo -i)."
	exit 1
	fi

	echo "=== Updating system and installing dependencies..."
	apt-get update -y
	# If you want to upgrade packages:
	# apt-get upgrade -y
	apt-get install -y wget curl

	echo "=== Creating persistent directory for Trend Micro files..."
	mkdir -p /opt/trendmicro

	echo "=== Downloading Trend Micro's Linux platform detection script..."
	MANAGERURL='https://workload.de-1.cloudone.trendmicro.com'
	curl -L "${MANAGERURL}/software/deploymentscript/platform/linuxdetectscriptv1/" \
	-o /opt/trendmicro/PlatformDetection \
	--silent --tlsv1.2

	if [[ ! -s /opt/trendmicro/PlatformDetection ]]; then
	echo "[ERROR] Failed to download Trend Micro platform detection script."
	exit 1
	fi

	# Load detection script
	source /opt/trendmicro/PlatformDetection

	echo "=== Detecting platform..."
	platform_detect

	if [[ -z "${linuxPlatform}" ]] \|\| [[ -z "${isRPM}" ]]; then
	echo "[ERROR] Unsupported platform detected."
	exit 1
	fi

	# Decide on .deb or .rpm
	if [[ $isRPM == 1 ]]; then
	PKG_NAME='agent.rpm'
	else
	PKG_NAME='agent.deb'
	fi

	echo "=== Downloading Trend Micro DSA package ($PKG_NAME)..."
	curl -L "${MANAGERURL}/software/agent/${runningPlatform}${majorVersion}/${archType}/${PKG_NAME}?tenantID=30643" \
	-o "/opt/trendmicro/${PKG_NAME}" \
	--silent --tlsv1.2

	if [[ ! -s "/opt/trendmicro/${PKG_NAME}" ]]; then
	echo "[ERROR] Trend Micro DSA package download failed."
	exit 1
	fi

	echo "=== Installing Trend Micro DSA..."
	if [[ $isRPM == 1 ]]; then
	rpm -ihv "/opt/trendmicro/agent.rpm"
	else
	dpkg -i "/opt/trendmicro/agent.deb"
	fi

	echo "=== Enabling and starting ds_agent service..."
	systemctl enable ds_agent \|\| {
	echo "[WARNING] Could not enable ds_agent. Possibly not a systemd unit, or another issue."
	}
	systemctl start ds_agent \|\| {
	echo "[ERROR] Could not start ds_agent service."
	exit 1
	}

	# Check if ds_agent is running
	echo "=== Checking ds_agent status..."
	if systemctl status ds_agent \| grep -q "active (running)"; then
	echo "Trend Micro DSA is running successfully!"
	else
	echo "[WARNING] ds_agent did not appear to start correctly. Investigate logs with:"
	echo " sudo journalctl -u ds_agent"
	fi

	echo "=== Trend Micro Deep Security Agent installation completed! ==="
	echo "You can now create a new AMI from this instance to permanently preserve the agent."