ports/62714: New port: security/lockdown "Hardening system for FreeBSD"

[Daniel Blankensteiner <db@TruNet.dk>]

>Number:         62714
>Category:       ports
>Synopsis:       New port: security/lockdown "Hardening system for FreeBSD"
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 11 15:40:12 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Daniel Blankensteiner <db at TruNet.dk>
>Release:        FreeBSD 5.2.1-RC i386
>Organization:
>Environment:


System: FreeBSD main.trunet.dk 5.2.1-RC FreeBSD 5.2.1-RC #1: Tue Feb  3 13:50:02 CET 2004     db at main.trunet.dk:/usr/obj/usr/src/sys/MAIN i386


>Description:


Lockdown is a hardening system written in C++ for FreeBSD and released under the BSD license.
Please read http://lockdown.trunet.dk/ for more info.



>How-To-Repeat:





>Fix:


# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	lockdown
#	lockdown/Makefile
#	lockdown/pkg-plist
#	lockdown/pkg-message
#	lockdown/pkg-descr
#
echo c - lockdown
mkdir -p lockdown > /dev/null 2>&1
echo x - lockdown/Makefile
sed 's/^X//' >lockdown/Makefile << 'END-of-lockdown/Makefile'
X# New ports collection makefile for: lockdown
X# Date created:		11 Feb 2004
X# Whom:			Daniel Blankensteiner <db at TruNet.dk>
X# $FreeBSD$
X#
X
XPORTNAME=	lockdown
XPORTVERSION=	0.1
XCATEGORIES=	security
XMASTER_SITES=	http://lockdown.trunet.dk/
X
XMAINTAINER=	db at TruNet.dk
XCOMMENT=	Hardening system for FreeBSD
X
XMAN1=		lockdown.1
X
XWRKSRC=		${WRKDIR}/lockdown
X
Xdo-install:
X	${INSTALL_PROGRAM} ${WRKSRC}/lockdown ${PREFIX}/bin/lockdown
X	${INSTALL_MAN} ${WRKSRC}/lockdown.1 ${PREFIX}/man/man1/lockdown.1
X	${INSTALL_DATA} ${WRKSRC}/lockdown.conf.sample ${PREFIX}/etc/lockdown.conf.sample
X
Xpost-install:
X	${CAT} ${PKGMESSAGE}
X	@${ECHO_CMD} ""
X
X.include <bsd.port.mk>
END-of-lockdown/Makefile
echo x - lockdown/pkg-plist
sed 's/^X//' >lockdown/pkg-plist << 'END-of-lockdown/pkg-plist'
Xbin/lockdown
Xetc/lockdown.conf.sample
END-of-lockdown/pkg-plist
echo x - lockdown/pkg-message
sed 's/^X//' >lockdown/pkg-message << 'END-of-lockdown/pkg-message'
X	
XWARNING: Until version 1.0 is released, lockdown should only be run on test coputers!
END-of-lockdown/pkg-message
echo x - lockdown/pkg-descr
sed 's/^X//' >lockdown/pkg-descr << 'END-of-lockdown/pkg-descr'
XLockdown is a hardening system written in C++ for FreeBSD and released under the BSD license.
X
XLockdown was designed to harden FreeBSD's base system. It does so by editing the systems configuration files and set permissions, flags and ownership on SUID, GID and information files.
XLockdown was meant to be run only once, so you can quickly and without forgetting something, get a secure system running.
X
XWWW: http://lockdown.TruNet.dk/
X
X- Daniel Blankensteiner
Xdb at TruNet.dk
END-of-lockdown/pkg-descr
exit


>Release-Note:
>Audit-Trail:
>Unformatted: