svn commit: r354143 - in head/security: ossec-hids-client ossec-hids-local ossec-hids-server ossec-hids-server/files
Brad Davis
brd at FreeBSD.org
Thu May 15 15:46:56 UTC 2014
Author: brd (doc committer)
Date: Thu May 15 15:46:52 2014
New Revision: 354143
URL: http://svnweb.freebsd.org/changeset/ports/354143
QAT: https://qat.redports.org/buildarchive/r354143/
Log:
- Update ossec to 2.7.1
- Stagify
- Fix build with clang
Reviewed by: zi@
Added:
head/security/ossec-hids-server/files/patch-install.sh (contents, props changed)
head/security/ossec-hids-server/files/patch-src__Config.Make (contents, props changed)
head/security/ossec-hids-server/files/patch-src__InstallAgent.sh (contents, props changed)
head/security/ossec-hids-server/files/patch-src__Makeall (contents, props changed)
head/security/ossec-hids-server/files/patch-src__init__shared.sh (contents, props changed)
head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__Makefile (contents, props changed)
head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__md32_common.h (contents, props changed)
Modified:
head/security/ossec-hids-client/Makefile
head/security/ossec-hids-client/pkg-plist.client
head/security/ossec-hids-local/Makefile
head/security/ossec-hids-server/Makefile
head/security/ossec-hids-server/distinfo
head/security/ossec-hids-server/files/patch-src__InstallServer.sh
head/security/ossec-hids-server/files/patch-src__headers__defs.h
head/security/ossec-hids-server/pkg-plist
Modified: head/security/ossec-hids-client/Makefile
==============================================================================
--- head/security/ossec-hids-client/Makefile Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-client/Makefile Thu May 15 15:46:52 2014 (r354143)
@@ -9,5 +9,4 @@ MASTERDIR= ${.CURDIR}/../ossec-hids-serv
PLIST= pkg-plist.client
-NO_STAGE= yes
.include "${MASTERDIR}/Makefile"
Modified: head/security/ossec-hids-client/pkg-plist.client
==============================================================================
--- head/security/ossec-hids-client/pkg-plist.client Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-client/pkg-plist.client Thu May 15 15:46:52 2014 (r354143)
@@ -1,6 +1,7 @@
%%PORTNAME%%/active-response/bin/disable-account.sh
%%PORTNAME%%/active-response/bin/firewall-drop.sh
%%PORTNAME%%/active-response/bin/host-deny.sh
+%%PORTNAME%%/active-response/bin/ip-customblock.sh
%%PORTNAME%%/active-response/bin/ipfw.sh
%%PORTNAME%%/active-response/bin/ipfw_mac.sh
%%PORTNAME%%/active-response/bin/ossec-tweeter.sh
@@ -24,10 +25,9 @@
%%PORTNAME%%/etc/shared/win_malware_rcl.txt
%%PORTNAME%%/etc/shared/win_audit_rcl.txt
%%PORTNAME%%/etc/shared/win_applications_rcl.txt
- at unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi
-%%PORTNAME%%/etc/ossec.conf.sample
+ at sample %%PORTNAME%%/etc/ossec.conf.sample
%%PORTNAME%%/etc/internal_options.conf
- at unexec if test ! -s %D/%%PORTNAME%%/logs/ossec.log; then rm -f %D/%%PORTNAME%%/logs/ossec.log; fi
+%%PORTNAME%%/logs/ossec.log
%%PORTNAME%%/agentless/main.exp
%%PORTNAME%%/agentless/sshlogin.exp
%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff
Modified: head/security/ossec-hids-local/Makefile
==============================================================================
--- head/security/ossec-hids-local/Makefile Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-local/Makefile Thu May 15 15:46:52 2014 (r354143)
@@ -7,5 +7,4 @@ LOCAL_ONLY= yes
MASTERDIR= ${.CURDIR}/../ossec-hids-server
-NO_STAGE= yes
.include "${MASTERDIR}/Makefile"
Modified: head/security/ossec-hids-server/Makefile
==============================================================================
--- head/security/ossec-hids-server/Makefile Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-server/Makefile Thu May 15 15:46:52 2014 (r354143)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= ossec-hids
-PORTVERSION= 2.7
+PORTVERSION= 2.7.1
PORTREVISION?= 0
CATEGORIES= security
MASTER_SITES= http://www.ossec.net/files/ \
@@ -14,6 +14,8 @@ COMMENT?= A security tool to monitor and
USE_RC_SUBR= ossec-hids
+CFLAGS+= -ferror-limit=0
+
.if defined(MAINTAINER_MODE)
UID_FILES+= ../../UIDs
GID_FILES+= ../../GIDs
@@ -31,7 +33,6 @@ SUB_FILES= pkg-message
PLIST_SUB= PORTNAME=${PORTNAME}
PORTDOCS= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE README
-NO_STAGE= yes
.include <bsd.port.pre.mk>
.if ${OSVERSION} < 800067
# Add string function that didn't exist until 8.x
@@ -64,8 +65,8 @@ CONFLICTS= ossec-hids-client-[0-9]* osse
.endif
post-patch:
- @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/LOCATION
@${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/headers/defs.h
+ @${ECHO} "DIR=\"${STAGEDIR}${PREFIX}/${PORTNAME}\"" > ${WRKSRC}/src/LOCATION
do-build:
.if defined(WITH_DB)
@@ -98,27 +99,19 @@ do-install:
.endif
post-install:
- @${MKDIR} ${PREFIX}/${PORTNAME}/etc
+ @${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc
.if defined(CLIENT_ONLY)
- @${CP} ${WRKSRC}/etc/ossec-agent.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
- @if [ ! -f ${PREFIX}/${PORTNAME}/etc/ossec.conf ]; then \
- ${CP} ${WRKSRC}/etc/ossec-agent.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf; \
- fi
+ @${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
.elif defined(LOCAL_ONLY)
- ${CP} ${WRKSRC}/etc/ossec-local.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
- @if [ ! -f ${PREFIX}/${PORTNAME}/etc/ossec.conf ]; then \
- ${CP} ${WRKSRC}/etc/ossec-local.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf; \
- fi
-.else
- @if [ ! -f ${PREFIX}/${PORTNAME}/etc/ossec.conf ]; then \
- ${CP} ${WRKSRC}/etc/ossec-server.conf ${PREFIX}/${PORTNAME}/etc/ossec.conf; \
- fi
+ ${CP} ${WRKSRC}/etc/ossec-local.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
+.else
+ ${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
.endif
.if ${PORT_OPTIONS:MDOCS}
- @${MKDIR} ${DOCSDIR}
- @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
+ @${MKDIR} ${STAGEDIR}${DOCSDIR}
+ @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}
.endif
@${CAT} ${PKGMESSAGE}
Modified: head/security/ossec-hids-server/distinfo
==============================================================================
--- head/security/ossec-hids-server/distinfo Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-server/distinfo Thu May 15 15:46:52 2014 (r354143)
@@ -1,2 +1,2 @@
-SHA256 (ossec-hids-2.7.tar.gz) = f8ac4a7d74068a8ca4f14e3c906bfa3a68a87fd026b463422bea79fe9d747249
-SIZE (ossec-hids-2.7.tar.gz) = 818656
+SHA256 (ossec-hids-2.7.1.tar.gz) = a81d11cd6c3f21058968f5c72c25b160d3218ea28d648d8abd6a78f4ae4196ec
+SIZE (ossec-hids-2.7.1.tar.gz) = 837818
Added: head/security/ossec-hids-server/files/patch-install.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-install.sh Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,32 @@
+--- ./install.sh.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./install.sh 2014-04-21 19:52:35.000000000 -0600
+@@ -67,9 +67,6 @@
+ echo "5- ${installing}"
+
+ echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION}
+- echo "CC=${CC}" >> ${LOCATION}
+- echo "GCC=${CC}" >> ${LOCATION}
+- echo "CLANG=clang" >> ${LOCATION}
+
+ # Changing Config.OS with the new C flags
+ # Checking if debug is enabled
+@@ -811,19 +808,6 @@
+ export PATH
+ fi
+
+- ls "`which gcc`" > /dev/null 2>&1
+- if [ ! $? = 0 ]; then
+- ls "`which cc`" > /dev/null 2>&1
+- if [ ! $? = 0 ]; then
+- if [ "X${USER_BINARYINSTALL}" = "X" ]; then
+- catError "0x3-dependencies"
+- fi
+- fi
+- CC="cc"
+- else
+- CC="gcc"
+- fi
+-
+ PATH=$OLDOPATH
+ export PATH
+ }
Added: head/security/ossec-hids-server/files/patch-src__Config.Make
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-src__Config.Make Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,11 @@
+--- ./src/Config.Make.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/Config.Make 2014-04-21 19:52:35.000000000 -0600
+@@ -7,7 +7,7 @@
+ include ${PT}LOCATION
+ include ${PT}Config.OS
+
+-
++CC?=cc
+ CFLAGS = -g -Wall -I${PT} -I${PT}headers ${CPATH} ${CEXTRA} ${DEXTRA} ${EEXTRA} ${FEXTRA} ${GEXTRA} ${HEXTRA} ${CGEOIP} -DARGV0=\"${NAME}\" -DXML_VAR=\"var\" -DOSSECHIDS
+
+ SOURCES = *.c
Added: head/security/ossec-hids-server/files/patch-src__InstallAgent.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,16 @@
+--- src/InstallAgent.sh.orig 2014-05-15 09:23:09.596592731 -0600
++++ src/InstallAgent.sh 2014-05-15 09:23:33.770590120 -0600
+@@ -223,10 +223,10 @@
+ if [ $? = 0 ]; then
+ cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf
+ else
+- cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf
++ cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf.sample
+ fi
+-chown root:${GROUP} ${DIR}/etc/ossec.conf
+-chmod 440 ${DIR}/etc/ossec.conf
++chown root:${GROUP} ${DIR}/etc/ossec.conf.sample
++chmod 440 ${DIR}/etc/ossec.conf.sample
+
+
+
Modified: head/security/ossec-hids-server/files/patch-src__InstallServer.sh
==============================================================================
--- head/security/ossec-hids-server/files/patch-src__InstallServer.sh Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-server/files/patch-src__InstallServer.sh Thu May 15 15:46:52 2014 (r354143)
@@ -1,5 +1,104 @@
---- ./src/InstallServer.sh.orig 2012-11-08 21:24:55.000000000 -0500
-+++ ./src/InstallServer.sh 2013-01-14 10:44:36.000000000 -0500
+--- ./src/InstallServer.sh.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/InstallServer.sh 2014-04-21 19:56:55.000000000 -0600
+@@ -44,13 +44,13 @@
+
+ # Creating groups/users
+ if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then
+- grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
+- if [ ! $? = 0 ]; then
+- /usr/sbin/pw groupadd ${GROUP}
+- /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP}
+- /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP}
+- /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP}
+- fi
++# grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
++# if [ ! $? = 0 ]; then
++# /usr/sbin/pw groupadd ${GROUP}
++# /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP}
++# /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP}
++# /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP}
++# fi
+
+ elif [ "$UNAME" = "SunOS" ]; then
+ grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
+@@ -123,61 +123,61 @@
+ # Default for all directories
+ chmod 550 ${DIR}
+ chmod 550 ${DIR}/*
+-chown root:${GROUP} ${DIR}
+-chown root:${GROUP} ${DIR}/*
++#chown root:${GROUP} ${DIR}
++#chown root:${GROUP} ${DIR}/*
+
+ # AnalysisD needs to write to alerts: log, mail and cmds
+-chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
++#chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
+ chmod -R 770 ${DIR}/queue/alerts
+
+ # To the ossec queue (default for analysisd to read)
+-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
++#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
+ chmod -R 770 ${DIR}/queue/ossec
+
+ # To the ossec fts queue
+-chown -R ${USER}:${GROUP} ${DIR}/queue/fts
++#chown -R ${USER}:${GROUP} ${DIR}/queue/fts
+ chmod -R 750 ${DIR}/queue/fts
+ chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1
+
+ # To the ossec syscheck/rootcheck queue
+-chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck
++#chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck
+ chmod -R 750 ${DIR}/queue/syscheck
+ chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1
+
+-chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
++#chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
+ chmod -R 750 ${DIR}/queue/rootcheck
+ chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1
+
+-chown ${USER}:${GROUP} ${DIR}/queue/diff
+-chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
++#chown ${USER}:${GROUP} ${DIR}/queue/diff
++#chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
+ chmod 750 ${DIR}/queue/diff
+ chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
+
+-chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
++#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
+ chmod -R 750 ${DIR}/queue/agent-info
+ chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1
+-chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
++#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
+ chmod -R 750 ${DIR}/queue/rids
+ chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1
+
+-chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
++#chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
+ chmod -R 750 ${DIR}/queue/agentless
+ chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1
+
+
+ # For the stats directory
+-chown -R ${USER}:${GROUP} ${DIR}/stats
++#chown -R ${USER}:${GROUP} ${DIR}/stats
+ chmod -R 750 ${DIR}/stats
+
+ # For the logging user
+-chown -R ${USER}:${GROUP} ${DIR}/logs
++#chown -R ${USER}:${GROUP} ${DIR}/logs
+ chmod -R 750 ${DIR}/logs
+ touch ${DIR}/logs/ossec.log
+-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
++#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
+ chmod 660 ${DIR}/logs/ossec.log
+
+ touch ${DIR}/logs/active-responses.log
+-chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
++#chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
+ chmod 660 ${DIR}/logs/active-responses.log
+
+ # For the rules directory
@@ -195,7 +195,7 @@
fi
fi
@@ -9,7 +108,82 @@
find ${DIR}/rules/ -type f -exec chmod 440 {} \;
# If the local_rules is saved, moved it back
-@@ -318,12 +318,12 @@
+@@ -204,18 +204,18 @@
+ mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml
+ fi
+
+-chown -R root:${GROUP} ${DIR}/rules
++#chown -R root:${GROUP} ${DIR}/rules
+ chmod -R 550 ${DIR}/rules
+
+
+ # For the etc dir
+ chmod 550 ${DIR}/etc
+-chown -R root:${GROUP} ${DIR}/etc
++#chown -R root:${GROUP} ${DIR}/etc
+ ls /etc/localtime > /dev/null 2>&1
+ if [ $? = 0 ]; then
+ cp -pL /etc/localtime ${DIR}/etc/;
+ chmod 440 ${DIR}/etc/localtime
+- chown root:${GROUP} ${DIR}/etc/localtime
++ #chown root:${GROUP} ${DIR}/etc/localtime
+ fi
+
+ # Solaris Needs some extra files
+@@ -234,7 +234,7 @@
+
+ # For the /var/run
+ chmod 770 ${DIR}/var/run
+-chown root:${GROUP} ${DIR}/var/run
++#chown root:${GROUP} ${DIR}/var/run
+
+ # Moving the binary files
+ cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \
+@@ -255,7 +255,7 @@
+ cp -pr util/syscheck_control ${DIR}/bin/
+ cp -pr util/rootcheck_control ${DIR}/bin/
+ cp -pr ../contrib/util.sh ${DIR}/bin/
+-chown root:${GROUP} ${DIR}/bin/util.sh
++#chown root:${GROUP} ${DIR}/bin/util.sh
+ chmod +x ${DIR}/bin/util.sh
+
+ # Local install chosen
+@@ -285,14 +285,14 @@
+
+ cp -pr ../etc/internal_options.conf ${DIR}/etc/
+ cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/
+-chown root:${GROUP} ${DIR}/etc/decoder.xml
+-chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
+-chown root:${GROUP} ${DIR}/etc/internal_options.conf
+-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1
+-chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1
+-chown root:${GROUP} ${DIR}/etc/shared/*
+-chown root:${GROUP} ${DIR}/agentless/*
+-chown ${USER}:${GROUP} ${DIR}/.ssh
++#chown root:${GROUP} ${DIR}/etc/decoder.xml
++#chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
++#chown root:${GROUP} ${DIR}/etc/internal_options.conf
++#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1
++#chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1
++#chown root:${GROUP} ${DIR}/etc/shared/*
++#chown root:${GROUP} ${DIR}/agentless/*
++#chown ${USER}:${GROUP} ${DIR}/.ssh
+ chmod 440 ${DIR}/etc/decoder.xml
+ chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
+ chmod 440 ${DIR}/etc/internal_options.conf
+@@ -312,9 +312,9 @@
+ cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
+
+ chmod 550 ${DIR}/active-response/bin/*
+-chown root:${GROUP} ${DIR}/active-response/bin/*
++#chown root:${GROUP} ${DIR}/active-response/bin/*
+
+-chown root:${GROUP} ${DIR}/bin/*
++#chown root:${GROUP} ${DIR}/bin/*
+ chmod 550 ${DIR}/bin/*
+
+
+@@ -326,12 +326,12 @@
ls ../etc/ossec.mc > /dev/null 2>&1
if [ $? = 0 ]; then
@@ -21,7 +195,7 @@
fi
-chown root:${GROUP} ${DIR}/etc/ossec.conf
-chmod 440 ${DIR}/etc/ossec.conf
-+chown root:${GROUP} ${DIR}/etc/ossec.conf.sample
++#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample
+chmod 440 ${DIR}/etc/ossec.conf.sample
Added: head/security/ossec-hids-server/files/patch-src__Makeall
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-src__Makeall Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,19 @@
+--- ./src/Makeall.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/Makeall 2014-04-21 19:52:35.000000000 -0600
+@@ -44,6 +44,7 @@
+ ROOTCHECKBIN="rootcheck"
+ DIRECTORIES="" # Directories to make
+
++. ./LOCATION
+
+ # Setting SunOS path
+ if [ "X$OS" = "XSunOS" ]; then
+@@ -104,7 +105,7 @@
+ else
+
+ echo 'int main() { short one = 1; char *cp = (char*)&one; if ( *cp == 0 ) return(1); else return(0); }' > isbigendian.c
+- gcc -o isbigendian isbigendian.c
++ cc -o isbigendian isbigendian.c
+ ./isbigendian
+ if [ $? = 1 ]; then
+ echo "INFO: Big endian set."
Modified: head/security/ossec-hids-server/files/patch-src__headers__defs.h
==============================================================================
--- head/security/ossec-hids-server/files/patch-src__headers__defs.h Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-server/files/patch-src__headers__defs.h Thu May 15 15:46:52 2014 (r354143)
@@ -1,12 +1,11 @@
-diff -ruN src/headers/defs.h.orig src/headers/defs.h
---- src/headers/defs.h.orig Thu Feb 22 01:44:26 2007
-+++ src/headers/defs.h Mon Apr 2 10:54:45 2007
-@@ -86,7 +86,7 @@
- #endif
-
+--- ./src/headers/defs.h.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/headers/defs.h 2014-04-21 19:52:35.000000000 -0600
+@@ -98,7 +98,7 @@
+ #endif
+
#ifndef DEFAULTDIR
- #define DEFAULTDIR "/var/ossec"
-+ #define DEFAULTDIR "PREFIX"
++ #define DEFAULTDIR "/usr/local/ossec-hids"
#endif
Added: head/security/ossec-hids-server/files/patch-src__init__shared.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-src__init__shared.sh Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,10 @@
+--- ./src/init/shared.sh.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/init/shared.sh 2014-04-21 19:52:35.000000000 -0600
+@@ -28,7 +28,6 @@
+ NAMESERVERS=`cat /etc/resolv.conf | grep "^nameserver" | cut -d " " -sf 2`
+ NAMESERVERS2=`cat /etc/resolv.conf | grep "^nameserver" | cut -sf 2`
+ HOST_CMD=`which host`
+-CC=""
+ NAME="OSSEC HIDS"
+ INSTYPE="server"
+ DEFAULT_DIR=`grep DIR ${LOCATION} | cut -f2 -d\"`
Added: head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__Makefile Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,10 @@
+--- ./src/os_crypto/sha1/Makefile.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/os_crypto/sha1/Makefile 2014-04-21 19:52:35.000000000 -0600
+@@ -9,7 +9,6 @@
+
+ SRCS = sha1_op.c
+ sha1_OBJS = sha1_op.o
+-CC=$(GCC)
+
+
+ sha1:
Added: head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__md32_common.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__md32_common.h Thu May 15 15:46:52 2014 (r354143)
@@ -0,0 +1,11 @@
+--- ./src/os_crypto/sha1/md32_common.h.orig 2013-10-29 12:13:44.000000000 -0600
++++ ./src/os_crypto/sha1/md32_common.h 2014-04-21 19:52:35.000000000 -0600
+@@ -607,7 +607,7 @@
+ }
+
+ #ifndef MD32_REG_T
+-#define MD32_REG_T long
++#define MD32_REG_T int
+ /*
+ * This comment was originaly written for MD5, which is why it
+ * discusses A-D. But it basically applies to all 32-bit digests,
Modified: head/security/ossec-hids-server/pkg-plist
==============================================================================
--- head/security/ossec-hids-server/pkg-plist Thu May 15 15:41:24 2014 (r354142)
+++ head/security/ossec-hids-server/pkg-plist Thu May 15 15:46:52 2014 (r354143)
@@ -1,6 +1,7 @@
%%PORTNAME%%/active-response/bin/disable-account.sh
%%PORTNAME%%/active-response/bin/firewall-drop.sh
%%PORTNAME%%/active-response/bin/host-deny.sh
+%%PORTNAME%%/active-response/bin/ip-customblock.sh
%%PORTNAME%%/active-response/bin/ipfw_mac.sh
%%PORTNAME%%/active-response/bin/ipfw.sh
%%PORTNAME%%/active-response/bin/ossec-tweeter.sh
@@ -11,7 +12,6 @@
%%PORTNAME%%/bin/clear_stats
%%PORTNAME%%/bin/list_agents
%%PORTNAME%%/bin/manage_agents
-%%PORTNAME%%/bin/ossec-agentd
%%PORTNAME%%/bin/ossec-agentlessd
%%PORTNAME%%/bin/ossec-analysisd
%%PORTNAME%%/bin/ossec-authd
@@ -35,8 +35,7 @@
%%PORTNAME%%/bin/verify-agent-conf
%%PORTNAME%%/etc/decoder.xml
%%PORTNAME%%/etc/internal_options.conf
- at unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi
-%%PORTNAME%%/etc/ossec.conf.sample
+ at sample %%PORTNAME%%/etc/ossec.conf.sample
%%PORTNAME%%/etc/shared/rootkit_files.txt
%%PORTNAME%%/etc/shared/rootkit_trojans.txt
%%PORTNAME%%/etc/shared/system_audit_rcl.txt
@@ -46,8 +45,14 @@
%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt
%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt
%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt
- at unexec if test ! -s %D/%%PORTNAME%%/logs/ossec.log; then rm -f %D/%%PORTNAME%%/logs/ossec.log; fi
- at unexec if test ! -s %D/%%PORTNAME%%/logs/active-responses.log; then rm -f %D/%%PORTNAME%%/logs/active-responses.log; fi
+ at owner ossec
+ at group ossec
+ at mode 660
+%%PORTNAME%%/logs/active-responses.log
+%%PORTNAME%%/logs/ossec.log
+ at owner
+ at group
+ at mode
%%PORTNAME%%/rules/apache_rules.xml
%%PORTNAME%%/rules/arpwatch_rules.xml
%%PORTNAME%%/rules/asterisk_rules.xml
@@ -122,6 +127,9 @@
%%PORTNAME%%/agentless/ssh_pixconfig_diff
%%PORTNAME%%/agentless/sshlogin.exp
%%PORTNAME%%/agentless/su.exp
+ at owner root
+ at group ossec
+ at mode 550
@dirrmtry %%PORTNAME%%/.ssh
@dirrmtry %%PORTNAME%%/active-response/bin
@dirrmtry %%PORTNAME%%/active-response
@@ -129,26 +137,31 @@
@dirrmtry %%PORTNAME%%/bin
@dirrmtry %%PORTNAME%%/etc/shared
@dirrmtry %%PORTNAME%%/etc
+ at dirrmtry %%PORTNAME%%/queue/rootcheck
+ at dirrmtry %%PORTNAME%%/rules
+ at dirrmtry %%PORTNAME%%/tmp
+ at dirrmtry %%PORTNAME%%/var/run
+ at dirrmtry %%PORTNAME%%/var
+ at owner ossec
+ at mode 770
+ at dirrmtry %%PORTNAME%%/queue/alerts
+ at dirrmtry %%PORTNAME%%/queue/ossec
+ at mode 750
+ at dirrmtry %%PORTNAME%%/queue/fts
+ at dirrmtry %%PORTNAME%%/queue/syscheck
+ at dirrmtry %%PORTNAME%%/queue/diff
+ at dirrmtry %%PORTNAME%%/queue/agentless
+ at dirrmtry %%PORTNAME%%/stats
@dirrmtry %%PORTNAME%%/logs/alerts
@dirrmtry %%PORTNAME%%/logs/archives
@dirrmtry %%PORTNAME%%/logs/firewall
@dirrmtry %%PORTNAME%%/logs
+ at owner ossecr
@dirrmtry %%PORTNAME%%/queue/agent-info
- at dirrmtry %%PORTNAME%%/queue/agentless
- at dirrmtry %%PORTNAME%%/queue/alerts
- at dirrmtry %%PORTNAME%%/queue/diff
- at dirrmtry %%PORTNAME%%/queue/fts
- at dirrmtry %%PORTNAME%%/queue/ossec
@dirrmtry %%PORTNAME%%/queue/rids
- at dirrmtry %%PORTNAME%%/queue/rootcheck
- at dirrmtry %%PORTNAME%%/queue/syscheck
+ at owner ossec
+ at mode 550
@dirrmtry %%PORTNAME%%/queue
- at dirrmtry %%PORTNAME%%/rules
- at dirrmtry %%PORTNAME%%/stats/hourly-average
- at dirrmtry %%PORTNAME%%/stats/totals
- at dirrmtry %%PORTNAME%%/stats/weekly-average
- at dirrmtry %%PORTNAME%%/stats
- at dirrmtry %%PORTNAME%%/tmp
- at dirrmtry %%PORTNAME%%/var/run
- at dirrmtry %%PORTNAME%%/var
+ at owner root
+ at mode 550
@dirrmtry %%PORTNAME%%
More information about the svn-ports-all
mailing list