now use both cowrie.cfg.dist and cowrie.cfg

CHANGELOG.md

@@ -1,4 +1,4 @@
-* 2017-05-16 now reads config files: etc/system/cowrie.cfg cowrie.cfg and etc/local/cowrie.cfg in this order
+* 2017-05-16 now combines config files: cowrie.cfg.dist and cowrie.cfg in this order
 * 2017-05-09 start.sh and stop.sh have been replace by bin/cowrie start|stop
 * 2017-04-27 New syntax "listen_endpoints" for configuring listening IP addresses/portnumbers
 * 2017-03-15 SSH Forwarding/SFTP/keys/version config have been moved to [ssh]. Change your config file!

INSTALL.md

@@ -80,15 +80,22 @@ $ source cowrie-env/bin/activate
 
 ## Step 5: Install configuration file
 
-Take a look at the configuration file and make changes as desired.  The defaults work well in most cases.
+The configuration for Cowrie is stored in cowrie.cfg.dist and
+cowrie.cfg. Both files are read, where entries from cowrie.cfg take
+precedence. The .dist file can be overwritten on upgrades, cowrie.cfg
+will not be changed. To run with a standard configuration, there
+is no need to change anything. To enable telnet, for example, create
+cowrie.cfg and input only the following:
+
 ```
-$ cp cowrie.cfg.dist cowrie.cfg
+[telnet]
+enabled = true
 ```
 
 ## Step 6: Generate a DSA key
 
 This step should not be necessary, however some versions of twisted
-are not compatible.  To avoid problems in advance, run:
+are not compatible. To avoid problems in advance, run:
 
 ```
 $ cd data
@@ -100,7 +107,7 @@ $ cd ..
 
 Cowrie is implemented as a module for Twisted, but to properly
 import everything the top-level source directory needs to be in
-python's os.path.  This sometimes won't happen correctly, so make
+python's os.path. This sometimes won't happen correctly, so make
 it explicit:
 
 ```
@@ -129,7 +136,7 @@ $ sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 222
 ```
 
 Note that you should test this rule only from another host; it
-doesn't apply to loopback connections.  Alternatively you can run
+doesn't apply to loopback connections. Alternatively you can run
 authbind to listen as non-root on port 22 directly:
 
 ```
@@ -196,8 +203,8 @@ $ ssh-keygen -t rsa -b 2048 -f ssh_host_rsa_key
 ```
 
 * If you see `twistd: Unknown command: cowrie` there are two
-possibilities.  If there's a python stack trace, it probably means
-there's a missing or broken dependency.  If there's no stack trace,
+possibilities. If there's a python stack trace, it probably means
+there's a missing or broken dependency. If there's no stack trace,
 double check that your PYTHONPATH is set to the source code directory.
 * Default file permissions
 

twisted/plugins/cowrie_plugin.py

@@ -118,7 +118,7 @@ Makes a Cowrie SSH/Telnet honeypot.
             print('ERROR: You must not run cowrie as root!')
             sys.exit(1)
 
-        cfg = readConfigFile(("etc/default/cowrie.cfg","cowrie.cfg","etc/local/cowrie.cfg"))
+        cfg = readConfigFile(("cowrie.cfg.dist","cowrie.cfg"))
 
         # ssh is enabled by default
         if cfg.has_option('ssh', 'enabled') == False or \