git: a4242bfeafc2 - main - security/wazuh-*: Improve ports
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 02 Jan 2026 09:12:33 UTC
The branch main has been updated by acm:
URL: https://cgit.FreeBSD.org/ports/commit/?id=a4242bfeafc2dd423cf145060abb9b5562958c72
commit a4242bfeafc2dd423cf145060abb9b5562958c72
Author: Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
AuthorDate: 2026-01-02 09:04:43 +0000
Commit: Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
CommitDate: 2026-01-02 09:10:01 +0000
security/wazuh-*: Improve ports
- agent and manager: Avoid change permissions to local.sqlite file.
Now it uses read-only mode.
- manager: dos2unix to api.yaml file
- server: logstash8 was updated to 8.19.9 and it needs openjdk21+
- Bump PORTREVISION
Reported by: dtxdf
---
security/wazuh-agent/Makefile | 2 +-
.../patch-src-data_provider-src_sysInfoFreeBSD.cpp | 92 +++++++++++-----------
...ch-src-shared_modules-utils_sqliteWrapperTemp.h | 34 ++++++++
security/wazuh-manager/Makefile | 6 +-
.../patch-src-data_provider-src_sysInfoFreeBSD.cpp | 92 +++++++++++-----------
...ch-src-shared_modules-utils_sqliteWrapperTemp.h | 34 ++++++++
security/wazuh-server/Makefile | 2 +-
security/wazuh-server/files/pkg-message.in | 2 +-
8 files changed, 165 insertions(+), 99 deletions(-)
diff --git a/security/wazuh-agent/Makefile b/security/wazuh-agent/Makefile
index 40268cb0adb2..b3a01c28f3dc 100644
--- a/security/wazuh-agent/Makefile
+++ b/security/wazuh-agent/Makefile
@@ -1,7 +1,7 @@
PORTNAME= wazuh
DISTVERSION= 4.14.1
DISTVERSIONPREFIX= v
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= https://packages.wazuh.com/deps/47/libraries/sources/:wazuh_sources
PKGNAMESUFFIX= -agent
diff --git a/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp b/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp
index 7765db26eb93..58bb3ac01b91 100644
--- a/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp
+++ b/security/wazuh-agent/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp
@@ -1,5 +1,5 @@
---- src/data_provider/src/sysInfoFreeBSD.cpp.orig 2025-12-29 18:29:38.128837000 -0400
-+++ src/data_provider/src/sysInfoFreeBSD.cpp 2025-12-30 01:04:57.828191000 -0400
+--- src/data_provider/src/sysInfoFreeBSD.cpp 2025-11-07 00:46:03.000000000 -0800
++++ src/data_provider/src/sysInfoFreeBSD.cpp 2026-01-01 13:18:42.411755000 -0800
@@ -11,20 +11,28 @@
#include "sysInfo.hpp"
#include "cmdHelper.h"
@@ -102,7 +102,7 @@
if (uname(&uts) >= 0)
{
ret["sysname"] = uts.sysname;
-@@ -215,44 +240,257 @@
+@@ -215,43 +240,256 @@
nlohmann::json SysInfo::getPorts() const
{
@@ -119,23 +119,19 @@
-void SysInfo::getProcessesInfo(std::function<void(nlohmann::json&)> /*callback*/) const
-{
- // Currently not supported for this OS.
--}
+ if (!query.empty())
+ {
+ nlohmann::json portsjson;
+ portsjson = nlohmann::json::parse(query);
+ auto &portsResult = portsjson["sockstat"]["socket"];
-
--void SysInfo::getPackages(std::function<void(nlohmann::json&)> callback) const
--{
-- const auto query{Utils::exec(R"(pkg query -a "%n|%m|%v|%q|%c")")};
++
+ for(auto &port : portsResult) {
+ std::string localip = "";
+ std::string localport = "";
+ std::string remoteip = "";
+ std::string remoteport = "";
+ std::string statedata = "";
-
++
+ if (port["pid"] != nullptr) {
+
+ localip = port["local"]["address"];
@@ -183,32 +179,16 @@
+#else
+ const auto query{Utils::exec(R"(sockstat -46qs)")};
+
- if (!query.empty())
- {
-- const auto lines{Utils::split(query, '\n')};
++ if (!query.empty())
++ {
+ const auto lines{Utils::split(Utils::trimToOneSpace(query), '\n')};
-
++
+ std::regex expression(R"(^(\S+)\s+(\S+)\s+(\d+)\s+(\d+)\s*(\S+)\s+(\S+)\s+(\S+)(?:\s+(\S+))?\s*$)");
+
- for (const auto& line : lines)
- {
-- const auto data{Utils::split(line, '|')};
-- nlohmann::json package;
++ for (const auto& line : lines)
++ {
+ std::smatch data;
-
-- package["name"] = data[0];
-- package["vendor"] = data[1];
-- package["version"] = data[2];
-- package["install_time"] = UNKNOWN_VALUE;
-- package["location"] = UNKNOWN_VALUE;
-- package["architecture"] = data[3];
-- package["groups"] = UNKNOWN_VALUE;
-- package["description"] = data[4];
-- package["size"] = 0;
-- package["priority"] = UNKNOWN_VALUE;
-- package["source"] = UNKNOWN_VALUE;
-- package["format"] = "pkg";
-- // The multiarch field won't have a default value
++
+ if (std::regex_search(line, data, expression))
+ {
+ std::string localip = "";
@@ -216,8 +196,7 @@
+ std::string remoteip = "";
+ std::string remoteport = "";
+ std::string statedata = "";
-
-- callback(package);
++
+ auto localdata{Utils::split(data[6], ':')};
+ auto remotedata{Utils::split(data[7], ':')};
+
@@ -270,18 +249,22 @@
+ }
+#endif
+ return ports;
-+}
-+
+ }
+
+-void SysInfo::getPackages(std::function<void(nlohmann::json&)> callback) const
+void SysInfo::getProcessesInfo(std::function<void(nlohmann::json&)> callback) const
-+{
+ {
+- const auto query{Utils::exec(R"(pkg query -a "%n|%m|%v|%q|%c")")};
+ const auto query{Utils::exec(R"(ps -ax -w -o pid,comm,state,ppid,usertime,systime,user,ruser,svuid,group,rgroup,svgid,pri,nice,ssiz,vsz,rss,pmem,etimes,sid,pgid,tpgid,tty,cpu,nlwp,args --libxo json)")};
-+
-+ if (!query.empty())
-+ {
+
+ if (!query.empty())
+ {
+- const auto lines{Utils::split(query, '\n')};
+ nlohmann::json psjson;
+ psjson = nlohmann::json::parse(query);
+ auto &processes = psjson["process-information"]["process"];
-+
+
+- for (const auto& line : lines)
+ for(auto &process : processes) {
+ std::string user_time{""};
+ std::string system_time{""};
@@ -329,15 +312,31 @@
+ if (Utils::existsRegular(PKG_DB_PATHNAME))
+ {
+ try
-+ {
-+ std::shared_ptr<SQLite::IConnection> sqliteConnection = std::make_shared<SQLite::Connection>(PKG_DB_PATHNAME);
-+
+ {
+- const auto data{Utils::split(line, '|')};
+- nlohmann::json package;
++ std::shared_ptr<SQLite::IConnection> sqliteConnection = std::make_shared<SQLite::Connection>(PKG_DB_PATHNAME, SQLITE_OPEN_READONLY);
+
+- package["name"] = data[0];
+- package["vendor"] = data[1];
+- package["version"] = data[2];
+- package["install_time"] = UNKNOWN_VALUE;
+- package["location"] = UNKNOWN_VALUE;
+- package["architecture"] = data[3];
+- package["groups"] = UNKNOWN_VALUE;
+- package["description"] = data[4];
+- package["size"] = 0;
+- package["priority"] = UNKNOWN_VALUE;
+- package["source"] = UNKNOWN_VALUE;
+- package["format"] = "pkg";
+- // The multiarch field won't have a default value
+ SQLite::Statement stmt
+ {
+ sqliteConnection,
+ PKG_QUERY
+ };
-+
+
+- callback(package);
+ while (SQLITE_ROW == stmt.step())
+ {
+ try
@@ -379,11 +378,10 @@
+ std::cerr << e.what() << std::endl;
+ }
+ }
- }
++ }
+ catch (const std::exception& e)
+ {
+ std::cerr << e.what() << std::endl;
-+ }
+ }
}
}
-
diff --git a/security/wazuh-agent/files/patch-src-shared_modules-utils_sqliteWrapperTemp.h b/security/wazuh-agent/files/patch-src-shared_modules-utils_sqliteWrapperTemp.h
new file mode 100644
index 000000000000..a6eeb2973d97
--- /dev/null
+++ b/security/wazuh-agent/files/patch-src-shared_modules-utils_sqliteWrapperTemp.h
@@ -0,0 +1,34 @@
+--- src/shared_modules/utils/sqliteWrapperTemp.h 2025-11-07 00:46:03.000000000 -0800
++++ src/shared_modules/utils/sqliteWrapperTemp.h 2026-01-01 13:52:11.656050000 -0800
+@@ -235,8 +235,8 @@
+ public:
+ ~Connection() = default;
+
+- explicit Connection(const std::string& path)
+- : m_db{ openSQLiteDb(path), [](sqlite3 * p)
++ explicit Connection(const std::string& path, const int flags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE)
++ : m_db{ openSQLiteDb(path, flags), [](sqlite3 * p)
+ {
+ sqlite3_close_v2(p);
+ } }
+@@ -245,7 +245,10 @@
+
+ if (path.compare(DB_MEMORY) != 0)
+ {
+- const auto result { chmod(path.c_str(), DB_PERMISSIONS) };
++ const auto result =
++ (flags == SQLITE_OPEN_READONLY)
++ ? 0
++ : chmod(path.c_str(), DB_PERMISSIONS);
+
+ if (result != 0)
+ {
+@@ -255,7 +258,7 @@
+ };
+ }
+
+- m_db.reset(openSQLiteDb(path, SQLITE_OPEN_READWRITE), [](sqlite3 * p)
++ m_db.reset(openSQLiteDb(path, flags), [](sqlite3 * p)
+ {
+ sqlite3_close_v2(p);
+ });
diff --git a/security/wazuh-manager/Makefile b/security/wazuh-manager/Makefile
index 372e09d50a67..3d9d2e467c60 100644
--- a/security/wazuh-manager/Makefile
+++ b/security/wazuh-manager/Makefile
@@ -1,7 +1,7 @@
PORTNAME= wazuh
DISTVERSIONPREFIX= v
DISTVERSION= 4.14.1
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= https://packages.wazuh.com/deps/47/libraries/sources/:wazuh_sources \
LOCAL/acm/${PORTNAME}/:wazuh_cache
@@ -33,7 +33,7 @@ LIB_DEPENDS+= libarrow.so:databases/arrow \
libopenblas.so:math/openblas
RUN_DEPENDS= bash>0:shells/bash
-USES= cpe gmake perl5 python:3.11 readline shebangfix sqlite:3 uidfix
+USES= cpe dos2unix gmake perl5 python:3.11 readline shebangfix sqlite:3 uidfix
USE_GITHUB= yes
GH_TUPLE= alonsobsd:wazuh-freebsd:${WAZUH_EXTRAFILE_TAGNAME}:wazuh
@@ -42,6 +42,8 @@ USE_RC_SUBR= ${PORTNAME}${PKGNAMESUFFIX}
MAKE_ARGS+= TARGET=server INSTALLDIR=${WAZUHPREFIX} INSTALL_SHARED="${INSTALL_LIB}" PYTHON_SOURCE=yes OPTIMIZE_CPYTHON=no
+DOS2UNIX_FILES= ${WRKSRC}/api/api/configuration/api.yaml
+
# WITH_CCACHE_BUILD= yes
# CCACHE_DIR= /zdata/ccache
diff --git a/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp b/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp
index 7765db26eb93..58bb3ac01b91 100644
--- a/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp
+++ b/security/wazuh-manager/files/patch-src-data_provider-src_sysInfoFreeBSD.cpp
@@ -1,5 +1,5 @@
---- src/data_provider/src/sysInfoFreeBSD.cpp.orig 2025-12-29 18:29:38.128837000 -0400
-+++ src/data_provider/src/sysInfoFreeBSD.cpp 2025-12-30 01:04:57.828191000 -0400
+--- src/data_provider/src/sysInfoFreeBSD.cpp 2025-11-07 00:46:03.000000000 -0800
++++ src/data_provider/src/sysInfoFreeBSD.cpp 2026-01-01 13:18:42.411755000 -0800
@@ -11,20 +11,28 @@
#include "sysInfo.hpp"
#include "cmdHelper.h"
@@ -102,7 +102,7 @@
if (uname(&uts) >= 0)
{
ret["sysname"] = uts.sysname;
-@@ -215,44 +240,257 @@
+@@ -215,43 +240,256 @@
nlohmann::json SysInfo::getPorts() const
{
@@ -119,23 +119,19 @@
-void SysInfo::getProcessesInfo(std::function<void(nlohmann::json&)> /*callback*/) const
-{
- // Currently not supported for this OS.
--}
+ if (!query.empty())
+ {
+ nlohmann::json portsjson;
+ portsjson = nlohmann::json::parse(query);
+ auto &portsResult = portsjson["sockstat"]["socket"];
-
--void SysInfo::getPackages(std::function<void(nlohmann::json&)> callback) const
--{
-- const auto query{Utils::exec(R"(pkg query -a "%n|%m|%v|%q|%c")")};
++
+ for(auto &port : portsResult) {
+ std::string localip = "";
+ std::string localport = "";
+ std::string remoteip = "";
+ std::string remoteport = "";
+ std::string statedata = "";
-
++
+ if (port["pid"] != nullptr) {
+
+ localip = port["local"]["address"];
@@ -183,32 +179,16 @@
+#else
+ const auto query{Utils::exec(R"(sockstat -46qs)")};
+
- if (!query.empty())
- {
-- const auto lines{Utils::split(query, '\n')};
++ if (!query.empty())
++ {
+ const auto lines{Utils::split(Utils::trimToOneSpace(query), '\n')};
-
++
+ std::regex expression(R"(^(\S+)\s+(\S+)\s+(\d+)\s+(\d+)\s*(\S+)\s+(\S+)\s+(\S+)(?:\s+(\S+))?\s*$)");
+
- for (const auto& line : lines)
- {
-- const auto data{Utils::split(line, '|')};
-- nlohmann::json package;
++ for (const auto& line : lines)
++ {
+ std::smatch data;
-
-- package["name"] = data[0];
-- package["vendor"] = data[1];
-- package["version"] = data[2];
-- package["install_time"] = UNKNOWN_VALUE;
-- package["location"] = UNKNOWN_VALUE;
-- package["architecture"] = data[3];
-- package["groups"] = UNKNOWN_VALUE;
-- package["description"] = data[4];
-- package["size"] = 0;
-- package["priority"] = UNKNOWN_VALUE;
-- package["source"] = UNKNOWN_VALUE;
-- package["format"] = "pkg";
-- // The multiarch field won't have a default value
++
+ if (std::regex_search(line, data, expression))
+ {
+ std::string localip = "";
@@ -216,8 +196,7 @@
+ std::string remoteip = "";
+ std::string remoteport = "";
+ std::string statedata = "";
-
-- callback(package);
++
+ auto localdata{Utils::split(data[6], ':')};
+ auto remotedata{Utils::split(data[7], ':')};
+
@@ -270,18 +249,22 @@
+ }
+#endif
+ return ports;
-+}
-+
+ }
+
+-void SysInfo::getPackages(std::function<void(nlohmann::json&)> callback) const
+void SysInfo::getProcessesInfo(std::function<void(nlohmann::json&)> callback) const
-+{
+ {
+- const auto query{Utils::exec(R"(pkg query -a "%n|%m|%v|%q|%c")")};
+ const auto query{Utils::exec(R"(ps -ax -w -o pid,comm,state,ppid,usertime,systime,user,ruser,svuid,group,rgroup,svgid,pri,nice,ssiz,vsz,rss,pmem,etimes,sid,pgid,tpgid,tty,cpu,nlwp,args --libxo json)")};
-+
-+ if (!query.empty())
-+ {
+
+ if (!query.empty())
+ {
+- const auto lines{Utils::split(query, '\n')};
+ nlohmann::json psjson;
+ psjson = nlohmann::json::parse(query);
+ auto &processes = psjson["process-information"]["process"];
-+
+
+- for (const auto& line : lines)
+ for(auto &process : processes) {
+ std::string user_time{""};
+ std::string system_time{""};
@@ -329,15 +312,31 @@
+ if (Utils::existsRegular(PKG_DB_PATHNAME))
+ {
+ try
-+ {
-+ std::shared_ptr<SQLite::IConnection> sqliteConnection = std::make_shared<SQLite::Connection>(PKG_DB_PATHNAME);
-+
+ {
+- const auto data{Utils::split(line, '|')};
+- nlohmann::json package;
++ std::shared_ptr<SQLite::IConnection> sqliteConnection = std::make_shared<SQLite::Connection>(PKG_DB_PATHNAME, SQLITE_OPEN_READONLY);
+
+- package["name"] = data[0];
+- package["vendor"] = data[1];
+- package["version"] = data[2];
+- package["install_time"] = UNKNOWN_VALUE;
+- package["location"] = UNKNOWN_VALUE;
+- package["architecture"] = data[3];
+- package["groups"] = UNKNOWN_VALUE;
+- package["description"] = data[4];
+- package["size"] = 0;
+- package["priority"] = UNKNOWN_VALUE;
+- package["source"] = UNKNOWN_VALUE;
+- package["format"] = "pkg";
+- // The multiarch field won't have a default value
+ SQLite::Statement stmt
+ {
+ sqliteConnection,
+ PKG_QUERY
+ };
-+
+
+- callback(package);
+ while (SQLITE_ROW == stmt.step())
+ {
+ try
@@ -379,11 +378,10 @@
+ std::cerr << e.what() << std::endl;
+ }
+ }
- }
++ }
+ catch (const std::exception& e)
+ {
+ std::cerr << e.what() << std::endl;
-+ }
+ }
}
}
-
diff --git a/security/wazuh-manager/files/patch-src-shared_modules-utils_sqliteWrapperTemp.h b/security/wazuh-manager/files/patch-src-shared_modules-utils_sqliteWrapperTemp.h
new file mode 100644
index 000000000000..a6eeb2973d97
--- /dev/null
+++ b/security/wazuh-manager/files/patch-src-shared_modules-utils_sqliteWrapperTemp.h
@@ -0,0 +1,34 @@
+--- src/shared_modules/utils/sqliteWrapperTemp.h 2025-11-07 00:46:03.000000000 -0800
++++ src/shared_modules/utils/sqliteWrapperTemp.h 2026-01-01 13:52:11.656050000 -0800
+@@ -235,8 +235,8 @@
+ public:
+ ~Connection() = default;
+
+- explicit Connection(const std::string& path)
+- : m_db{ openSQLiteDb(path), [](sqlite3 * p)
++ explicit Connection(const std::string& path, const int flags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE)
++ : m_db{ openSQLiteDb(path, flags), [](sqlite3 * p)
+ {
+ sqlite3_close_v2(p);
+ } }
+@@ -245,7 +245,10 @@
+
+ if (path.compare(DB_MEMORY) != 0)
+ {
+- const auto result { chmod(path.c_str(), DB_PERMISSIONS) };
++ const auto result =
++ (flags == SQLITE_OPEN_READONLY)
++ ? 0
++ : chmod(path.c_str(), DB_PERMISSIONS);
+
+ if (result != 0)
+ {
+@@ -255,7 +258,7 @@
+ };
+ }
+
+- m_db.reset(openSQLiteDb(path, SQLITE_OPEN_READWRITE), [](sqlite3 * p)
++ m_db.reset(openSQLiteDb(path, flags), [](sqlite3 * p)
+ {
+ sqlite3_close_v2(p);
+ });
diff --git a/security/wazuh-server/Makefile b/security/wazuh-server/Makefile
index 42b85ea3a53a..e0a09cf3873c 100644
--- a/security/wazuh-server/Makefile
+++ b/security/wazuh-server/Makefile
@@ -1,6 +1,6 @@
PORTNAME= wazuh
PORTVERSION= 4.14.1
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= LOCAL/acm/${PORTNAME}/:config_samples \
https://packages.wazuh.com/4.x/filebeat/:wazuh_module \
diff --git a/security/wazuh-server/files/pkg-message.in b/security/wazuh-server/files/pkg-message.in
index 258f0696829f..12e19d9cce62 100644
--- a/security/wazuh-server/files/pkg-message.in
+++ b/security/wazuh-server/files/pkg-message.in
@@ -34,7 +34,7 @@ Wazuh server components were installed
7) Install logstash-output-opensearch plugin. Fetch it from rubygems site or opensearch github
# cd %%PREFIX%%/logstash/bin
- # sh -c "JAVA_HOME=%%PREFIX%%/openjdk17 ./logstash-plugin install /tmp/logstash-output-opensearch"
+ # sh -c "JAVA_HOME=%%PREFIX%%/openjdk21 ./logstash-plugin install /tmp/logstash-output-opensearch"
There are some issues installing this plugin on latest version of sysutils/logstash8.
Try installing gem file directly