[Bug 256545] securuty/ossec-hids-server: 3.6.0_1 rc script fails to generate ossec.conf agent.conf

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 11 Jun 2021 07:17:00 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256545

            Bug ID: 256545
           Summary: securuty/ossec-hids-server: 3.6.0_1 rc script fails to
                    generate ossec.conf agent.conf
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs_at_FreeBSD.org
          Reporter: sa.inbox_at_gmail.com

Hello.

ossec-hids script fails to generate ossec.conf and agent.conf files with
default (right after installation) setup.

Diagnostic steps:
Install security/ossec-hids-server and security/ossec-hids-server-config ports.
Generation of configuration files fails right after installation (in default
configuration):
# /usr/local/etc/rc.d/ossec-hids ossec_conf
<!-- OSSEC HIDS 3.6.0 -->

<!-- DO NOT EDIT - file generated automatically - edit
"ossec.conf.d/900.local.conf" instead -->

<ossec_config>
  <rules>
sed: 1: "/^\s*$/d": RE error: trailing backslash (\)
  </rules>
  <rootcheck>
sed: 1: "/^\s*$/d": RE error: trailing backslash (\)
  </rootcheck>
  <syscheck>
sed: 1: "/^\s*$/d": RE error: trailing backslash (\)
  </syscheck>
sed: 1: "/^\s*$/d": RE error: trailing backslash (\)
</ossec_config>
# sudo /usr/local/etc/rc.d/ossec-hids agent_conf

<!-- OSSEC HIDS 3.6.0 -->

<!-- DO NOT EDIT - file generated automatically - edit
"agent.conf.d/900.local.conf" instead -->

sed: 1: "/^\s*$/d": RE error: trailing backslash (\)

-------------
Build options for security/ossec-hids-server security/ossec-hids-server-config
~ % cd /usr/ports/security/ossec-hids-server && make showconfig
===> The following configuration options are available for
ossec-hids-server-3.6.0_1:
     DOCS=on: Build and/or install documentation
     INOTIFY=on: Kevent based real time monitoring
     LUA=off: Lua scripting language support
     PRELUDE=off: Sensor support from Prelude SIEM
     ZEROMQ=off: ZeroMQ support (experimental)
====> Database output: you can only select none or one of them
     MYSQL=off: MySQL database support
     PGSQL=off: PostgreSQL database support
===> Use 'make config' to modify these settings
 % cd /usr/ports/security/ossec-hids-server-config && make showconfig
===> The following configuration options are available for
ossec-hids-server-config-3.6.0_1:
====> Alerting Rules
     DEFAULT_R=on: Rules provided by OSSEC
     CONFIG_R=on: Alert changes of the OSSEC main configuration files
     CMDOUT_R=on: Alert changes of output of the monitored commands
====> Active Response
     DEFAULT_C=on: Commands provided by OSSEC
     MERGE_C=on: Commands to merge configuration files
     MERGE_AR=on: Merge configuration files when they change
     RESTART_AR=on: Restart OSSEC when main configuration files change
     HOSTDENY_AR=off: Block the attacker's IP using access control files
     FWDROP_AR=off: Block the attacker's IP on the firewall
====> System Audit and Rootkit Detection (rootcheck)
     BASIC_RC=on: Basic audit and rootkits
====> File Integrity Checking (syscheck)
     NEWFILES_SC=on: Alert on new files created
     NOAUTO_SC=on: Disable auto_ignore feature
     BASIC_SC=on: "bin", "sbin" and "etc" directories
     OSSEC_SC=on: OSSEC directories
     PGSQL_SC=on: PostgreSQL configuration files
====> Command Output Monitoring
     LOGINS=on: Last logins
     PORTS_TCP=on: Open TCP ports
     PORTS_UDP=off: Open UDP ports
====> Log Monitoring
     BASIC=on: Basic system logs
     OSSEC=on: OSSEC active response logs
     APACHE=on: Apache logs
     NGINX=off: Nginx logs
     RADIUS=off: FreeRADIUS logs
     VSFTPD=off: Vsftpd logs
====> Pushed System Audit and Rootkit Detection (rootcheck)
     BASIC_RC_P=on: Basic audit and rootkits (profile: basic)
     CIS_RC_P=on: CIS benchmark - Legacy (profile: cis)
     CIS_L1_RC_P=on: CIS benchmark - Level 1 (profile: cis-level1)
     CIS_L2_RC_P=on: CIS benchmark - Level 2 (profile: cis-level2)
====> Pushed File Integrity Checking (syscheck)
     BASIC_SC_P=on: "bin", "sbin" and "etc" directories (profile: basic)
     OSSEC_SC_P=on: OSSEC directories (profile: ossec)
     PGSQL_SC_P=on: PostgreSQL configuration files (profile: postgresql)
====> Pushed Log Monitoring
     BASIC_P=on: Basic system logs (profile: basic)
     OSSEC_P=on: OSSEC active response logs (profile: ossec)
     APACHE_P=on: Apache logs (profile: apache)
     NGINX_P=on: Nginx logs (profile: nginx)
     RADIUS_P=off: FreeRADIUS logs (profile: radius)
     VSFTPD_P=off: Vsftpd logs (profile: vsftpd)
====> Active Response Firewall: you have to select exactly one of them
     NOFW=off: Custom or no firewall
     IPF=off: ipfilter
     IPFW=off: ipfirewall
     PF=on: Packet Filter

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Fri Jun 11 2021 - 07:17:00 UTC

Original text of this message