svn commit: r310500 - in head: . security/ossec-hids-client security/ossec-hids-local security/ossec-hids-server security/ossec-hids-server/files
Greg Larkin
glarkin at FreeBSD.org
Wed Jan 16 16:01:46 UTC 2013
Author: glarkin
Date: Wed Jan 16 16:01:43 2013
New Revision: 310500
URL: http://svnweb.freebsd.org/changeset/ports/310500
Log:
- Updated to 2.7 (ChangeLog: http://www.ossec.net/?p=577)
- Trimmed Makefile headers
- Removed patches incorporated into upstream
- Added conditional patch for compilation on 7.x, early 8.x systems
- Fixed QAT-reported plist problems
- Added new users and group for use with daemons
Requested by: various users (via private email)
Added:
head/security/ossec-hids-server/files/extra-patch-src__os_csyslogd__csyslogd.c (contents, props changed)
Deleted:
head/security/ossec-hids-server/files/patch-src__init__ossec-local.sh
head/security/ossec-hids-server/files/patch-src__init__ossec-server.sh
Modified:
head/GIDs
head/UIDs
head/security/ossec-hids-client/Makefile
head/security/ossec-hids-client/pkg-plist.client
head/security/ossec-hids-local/Makefile
head/security/ossec-hids-server/Makefile
head/security/ossec-hids-server/distinfo
head/security/ossec-hids-server/files/patch-src__InstallServer.sh
head/security/ossec-hids-server/pkg-plist
Modified: head/GIDs
==============================================================================
--- head/GIDs Wed Jan 16 15:42:06 2013 (r310499)
+++ head/GIDs Wed Jan 16 16:01:43 2013 (r310500)
@@ -246,5 +246,6 @@ zookeeper:*:962:
fluentd:*:963:
git_daemon:*:964:
elasticsearch:*:965:
+ossec:*:966:
nogroup:*:65533:
nobody:*:65534:
Modified: head/UIDs
==============================================================================
--- head/UIDs Wed Jan 16 15:42:06 2013 (r310499)
+++ head/UIDs Wed Jan 16 16:01:43 2013 (r310500)
@@ -250,4 +250,7 @@ zookeeper:*:962:962::0:0:zookeeper user:
fluentd:*:963:963::0:0:fluentd user:/nonexistent:/usr/sbin/nologin
git_daemon:*:964:964::0:0:git daemon:/nonexistent:/usr/sbin/nologin
elasticsearch:*:965:965::0:0:elasticsearch user:/nonexistent:/usr/sbin/nologin
+ossec:*:966:966::0:0:OSSEC user:/usr/local/ossec-hids:/usr/sbin/nologin
+ossecm:*:967:966::0:0:OSSEC mail user:/usr/local/ossec-hids:/usr/sbin/nologin
+ossecr:*:968:966::0:0:OSSEC rem user:/usr/local/ossec-hids:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
Modified: head/security/ossec-hids-client/Makefile
==============================================================================
--- head/security/ossec-hids-client/Makefile Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-client/Makefile Wed Jan 16 16:01:43 2013 (r310500)
@@ -1,9 +1,5 @@
-# New ports collection makefile for: ossec-hids-client
-# Date created: 23 July 2006
-# Whom: Valerio Daelli <valerio.daelli at gmail.com>
-#
+# Created by: Valerio Daelli <valerio.daelli at gmail.com>
# $FreeBSD$
-#
COMMENT= The client port of ossec-hids
Modified: head/security/ossec-hids-client/pkg-plist.client
==============================================================================
--- head/security/ossec-hids-client/pkg-plist.client Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-client/pkg-plist.client Wed Jan 16 16:01:43 2013 (r310500)
@@ -14,6 +14,7 @@
%%PORTNAME%%/bin/ossec-execd
%%PORTNAME%%/bin/ossec-logcollector
%%PORTNAME%%/bin/ossec-syscheckd
+%%PORTNAME%%/bin/util.sh
%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt
%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt
%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt
@@ -26,7 +27,7 @@
@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi
%%PORTNAME%%/etc/ossec.conf.sample
%%PORTNAME%%/etc/internal_options.conf
-%%PORTNAME%%/logs/ossec.log
+ at unexec if test ! -s %D/%%PORTNAME%%/logs/ossec.log; then rm -f %D/%%PORTNAME%%/logs/ossec.log; fi
%%PORTNAME%%/agentless/main.exp
%%PORTNAME%%/agentless/sshlogin.exp
%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff
Modified: head/security/ossec-hids-local/Makefile
==============================================================================
--- head/security/ossec-hids-local/Makefile Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-local/Makefile Wed Jan 16 16:01:43 2013 (r310500)
@@ -1,9 +1,5 @@
-# New ports collection makefile for: ossec-hids-client
-# Date created: 23 July 2006
-# Whom: Valerio Daelli <valerio.daelli at gmail.com>
-#
+# Created by: Valerio Daelli <valerio.daelli at gmail.com>
# $FreeBSD$
-#
COMMENT= The client and server (local) port of ossec-hids
Modified: head/security/ossec-hids-server/Makefile
==============================================================================
--- head/security/ossec-hids-server/Makefile Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-server/Makefile Wed Jan 16 16:01:43 2013 (r310500)
@@ -1,13 +1,9 @@
-# New ports collection makefile for: ossec-hids-server
-# Date created: 23 July 2006
-# Whom: Valerio Daelli <valerio.daelli at gmail.com>
-#
+# Created by: Valerio Daelli <valerio.daelli at gmail.com>
# $FreeBSD$
-#
PORTNAME= ossec-hids
-PORTVERSION= 2.6
-PORTREVISION= 2
+PORTVERSION= 2.7
+PORTREVISION?= 0
CATEGORIES= security
MASTER_SITES= http://www.ossec.net/files/ \
http://www.ossec.net/files/old/
@@ -18,10 +14,17 @@ COMMENT?= A security tool to monitor and
USE_RC_SUBR= ossec-hids
+.if defined(MAINTAINER_MODE)
+UID_FILES+= ../../UIDs
+GID_FILES+= ../../GIDs
+.endif
+USERS= ossec ossecm ossecr
+GROUPS= ossec
+
.if !defined(CLIENT_ONLY)
-OPTIONS= MYSQL "Enable MySQL support" off \
- PGSQL "Enable PostgreSQL support" off
+OPTIONS_DEFINE= MYSQL PGSQL
.endif
+OPTIONS_DEFINE+= DOCS
SUB_LIST= PORTNAME=${PORTNAME}
SUB_FILES= pkg-message
@@ -29,14 +32,18 @@ PLIST_SUB= PORTNAME=${PORTNAME}
PORTDOCS= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE README
.include <bsd.port.pre.mk>
+.if ${OSVERSION} < 800067
+# Add string function that didn't exist until 8.x
+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-src__os_csyslogd__csyslogd.c
+.endif
.if !defined(CLIENT_ONLY)
-.if defined(WITH_MYSQL)
+.if ${PORT_OPTIONS:MMYSQL}
WITH_DB= yes
-USE_MYSQL= yes
+USE_MYSQL= client
.endif
-.if defined(WITH_PGSQL)
+.if ${PORT_OPTIONS:MPGSQL}
WITH_DB= yes
USE_PGSQL= yes
.endif
@@ -63,31 +70,37 @@ do-build:
.if defined(WITH_DB)
.if defined(CLIENT_ONLY)
@cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build
+.elif defined(LOCAL_ONLY)
+ @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build
.else
@cd ${WRKSRC}/src;${MAKE} setdb;${MAKE} all;${MAKE} build
.endif
.else
.if defined(CLIENT_ONLY)
- @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build
+ @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build; \
+ ${MAKE} unsetdb
+.elif defined(LOCAL_ONLY)
+ @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build; \
+ ${MAKE} unsetdb
.else
- @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build
+ @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build;${MAKE} unsetdb
.endif
.endif
-.if defined(CLIENT_ONLY)
do-install:
+.if defined(CLIENT_ONLY)
@cd ${WRKSRC}/src; ${MAKE} agent
.elif defined(LOCAL_ONLY)
-do-install:
@cd ${WRKSRC}/src; ${MAKE} local
.else
-do-install:
@cd ${WRKSRC}/src; ${MAKE} server
.endif
post-install:
+ @${MKDIR} ${PREFIX}/${PORTNAME}/etc
+
.if defined(CLIENT_ONLY)
- ${CP} ${WRKSRC}/etc/ossec-agent.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
+ @${CP} ${WRKSRC}/etc/ossec-agent.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
@if [ ! -f ${PREFIX}/${PORTNAME}/etc/ossec.conf ]; then \
${CP} ${WRKSRC}/etc/ossec-agent.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf; \
fi
@@ -102,7 +115,7 @@ post-install:
fi
.endif
-.if !defined(NOPORTDOCS)
+.if ${PORT_OPTIONS:MDOCS}
@${MKDIR} ${DOCSDIR}
@cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
.endif
Modified: head/security/ossec-hids-server/distinfo
==============================================================================
--- head/security/ossec-hids-server/distinfo Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-server/distinfo Wed Jan 16 16:01:43 2013 (r310500)
@@ -1,2 +1,2 @@
-SHA256 (ossec-hids-2.6.tar.gz) = 37a6b14a0c41252852b51fd06cc186a8b66bd9e01821efd70305a6dd782a2b4c
-SIZE (ossec-hids-2.6.tar.gz) = 758125
+SHA256 (ossec-hids-2.7.tar.gz) = f8ac4a7d74068a8ca4f14e3c906bfa3a68a87fd026b463422bea79fe9d747249
+SIZE (ossec-hids-2.7.tar.gz) = 818656
Added: head/security/ossec-hids-server/files/extra-patch-src__os_csyslogd__csyslogd.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/extra-patch-src__os_csyslogd__csyslogd.c Wed Jan 16 16:01:43 2013 (r310500)
@@ -0,0 +1,19 @@
+--- ./src/os_csyslogd/csyslogd.c.orig 2013-01-15 16:31:13.000000000 -0500
++++ ./src/os_csyslogd/csyslogd.c 2013-01-15 16:32:23.000000000 -0500
+@@ -23,7 +23,16 @@
+ #include "csyslogd.h"
+ #include "os_net/os_net.h"
+
++#ifndef HAVE_STRNLEN
++size_t strnlen(char *s, size_t maxlen)
++{
++ size_t i;
+
++ for (i= 0; i < maxlen && *s != '\0'; i++, s++)
++ ;
++ return i;
++}
++#endif
+
+ /* OS_SyslogD: Monitor the alerts and sends them via syslog.
+ * Only return in case of error.
Modified: head/security/ossec-hids-server/files/patch-src__InstallServer.sh
==============================================================================
--- head/security/ossec-hids-server/files/patch-src__InstallServer.sh Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-server/files/patch-src__InstallServer.sh Wed Jan 16 16:01:43 2013 (r310500)
@@ -1,15 +1,15 @@
---- ./src/InstallServer.sh.orig 2011-07-11 15:36:58.000000000 -0400
-+++ ./src/InstallServer.sh 2011-10-18 15:26:57.000000000 -0400
-@@ -188,7 +188,7 @@
+--- ./src/InstallServer.sh.orig 2012-11-08 21:24:55.000000000 -0500
++++ ./src/InstallServer.sh 2013-01-14 10:44:36.000000000 -0500
+@@ -195,7 +195,7 @@
fi
fi
-cp -pr ../etc/rules/* ${DIR}/rules/
+cp -pr ../etc/rules/*.xml ${DIR}/rules/
+ find ${DIR}/rules/ -type f -exec chmod 440 {} \;
# If the local_rules is saved, moved it back
- ls ${DIR}/rules/saved_local_rules.xml.$$ > /dev/null 2>&1
-@@ -307,12 +307,12 @@
+@@ -318,12 +318,12 @@
ls ../etc/ossec.mc > /dev/null 2>&1
if [ $? = 0 ]; then
Modified: head/security/ossec-hids-server/pkg-plist
==============================================================================
--- head/security/ossec-hids-server/pkg-plist Wed Jan 16 15:42:06 2013 (r310499)
+++ head/security/ossec-hids-server/pkg-plist Wed Jan 16 16:01:43 2013 (r310500)
@@ -31,6 +31,7 @@
%%PORTNAME%%/bin/rootcheck_control
%%PORTNAME%%/bin/syscheck_control
%%PORTNAME%%/bin/syscheck_update
+%%PORTNAME%%/bin/util.sh
%%PORTNAME%%/bin/verify-agent-conf
%%PORTNAME%%/etc/decoder.xml
%%PORTNAME%%/etc/internal_options.conf
@@ -45,7 +46,8 @@
%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt
%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt
%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt
-%%PORTNAME%%/logs/ossec.log
+ at unexec if test ! -s %D/%%PORTNAME%%/logs/ossec.log; then rm -f %D/%%PORTNAME%%/logs/ossec.log; fi
+ at unexec if test ! -s %D/%%PORTNAME%%/logs/active-responses.log; then rm -f %D/%%PORTNAME%%/logs/active-responses.log; fi
%%PORTNAME%%/rules/apache_rules.xml
%%PORTNAME%%/rules/arpwatch_rules.xml
%%PORTNAME%%/rules/asterisk_rules.xml
@@ -104,6 +106,7 @@
%%PORTNAME%%/rules/vpn_concentrator_rules.xml
%%PORTNAME%%/rules/vpopmail_rules.xml
%%PORTNAME%%/rules/vsftpd_rules.xml
+%%PORTNAME%%/rules/web_appsec_rules.xml
%%PORTNAME%%/rules/web_rules.xml
%%PORTNAME%%/rules/wordpress_rules.xml
%%PORTNAME%%/rules/zeus_rules.xml
More information about the svn-ports-all
mailing list