Aum
Introduction
aum is the atomic update manager. It is used by many Atomicorp products to update components.
ASL
For users with an ASL license, aum can update the following:
- ASL, including aum
- Secure Kernel
- Host Based Intrusion Detection System (HIDS)
- Web Application Firewall (WAF)
- Transparent Web Application Firewall (T-WAF)
- modsecurityWeb Application Firewall
- Upload Protection
- RBLs
- Firewall components
- Log Intrusion Detection System (LIDS)
- Active Response System
- RBLs
- GeoIP databases
- Web console
- clamav signatures
- Support packages used by ASL
Note: This is controlled by the following options:
https://www.atomicorp.com/wiki/index.php/ASL_Configuration#AUTOMATIC_UPDATES
https://www.atomicorp.com/wiki/index.php/ASL_Configuration#UPDATE_TYPE
Rules Only
For users with just a rules license aum can update the follow:
- aum
- modsecurity rules
- modsecurity
Note: This is controlled by the users configuration of aum.
Installation
ASL
aum is included in ASL. There is no need to install it. Do not manually install aum with ASL.
Rules Only licenses
Please see the link below:
https://www.atomicorp.com/wiki/index.php/Downloading_Rules#Just_a_downloader
Frequently Asked Questions
ASL
aum is fully integrated into ASL and can be managed fully from the ASL web console. Please see the ASL_Configuration page for configuration options for ASL.
Rules only users
Does aum install more rules than asl-lite?
Yes, aum supports the full range of current rules available to rules only users. asl-lite did not.
How can I enable/disable rules if I dont have ASL?
aum can disable rule classs, it can not disable/enable specific rules. You need ASL for that level of granularity.
How can I enable/disable rule classes if I dont have ASL?
Rule classes are enabled/disabled in the /etc/asl/config file. Setting a rule class to "yes" enables it, and "no" disables it.
Does aum use the /etc/asl/config file settings
Yes.
Do rule sets still need to be manually disabled?
No, check enable/disable the class in /etc/asl/config
How can I disable automatic updates?
Change this setting in /etc/asl/config
AUTOMATIC_UPDATES
to:
AUTOMATIC_UPDATES="none"
What is the /var/asl/data/templates directory for
Warning: modifications of these templates is not supported.
Templates in this directory are used to generate various configuration files aum needs.
How can I change the tortix_waf.conf file?
aum will generate an initial configuration file. Except for ASL, aum will not change this file. Therefore, you can manually change it.
What are the asl-php rpms for?
aum has its own, independent PHP engine that is only used by aum. aum does not use your operating systems PHP installation, and aums independent PHP engine is not used by your web server, web applications or Operating system. aum will not remove, replace, modify or upgrade or otherwise change your existing PHP installation. The asl-php RPMs are a completely separate independent isolated PHP engine that is not used by your operating system, or web server (apache, nginx, litespeed or any other web server), nor will they have any effect on any other application on your system, including any web or PHP applications.
These rpms will not and do not have any effect on your operating systems and are only installed in /var/asl and are only used by aum.
The asl-php rpm packages will always start with the name "asl", for example:
asl-php-cli-5.4.17-15.el6.art.x86_64 asl-php-5.4.17-15.el6.art.x86_64 asl-php-process-5.4.17-15.el6.art.x86_64 asl-php-gd-5.4.17-15.el6.art.x86_64 asl-php-pecl-apc-3.1.13-4.el6.art.x86_64 asl-php-common-5.4.17-15.el6.art.x86_64 asl-php-mysqlnd-5.4.17-15.el6.art.x86_64 asl-php-pdo-5.4.17-15.el6.art.x86_64
Do not change, remove, configure, block the installation or upgrade of, or otherwise modify the asl-php rpms or their configuration files, they are only used by ASL for its web console.
If you are having problems with your operating systems PHP, webservers PHP handler, webservers PHP applications or other PHP applications: aum did not install, upgrade, replace, configure or remove any part of your systems or web servers PHP installation. Contact your PHP vendor for assistance.