FreeBSD Bugzilla – Attachment 203276 Details for
Bug 236919
security/ossec-hids: update from 3.1.0 to 3.2.0
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
ossec-hids-3.2.0.diff
ossec-hids-3.2.0.diff (text/plain), 42.25 KB, created by
Dominik Lisiak
on 2019-03-31 22:03:43 UTC
(
hide
)
Description:
ossec-hids-3.2.0.diff
Filename:
MIME Type:
Creator:
Dominik Lisiak
Created:
2019-03-31 22:03:43 UTC
Size:
42.25 KB
patch
obsolete
>Index: security/ossec-hids/Makefile >=================================================================== >--- security/ossec-hids/Makefile (revision 497449) >+++ security/ossec-hids/Makefile (working copy) >@@ -1,7 +1,7 @@ > # $FreeBSD$ > > PORTNAME= ossec-hids >-PORTVERSION= 3.1.0 >+PORTVERSION= 3.2.0 > PORTREVISION= > CATEGORIES= security > >Index: security/ossec-hids-local/Makefile >=================================================================== >--- security/ossec-hids-local/Makefile (revision 497449) >+++ security/ossec-hids-local/Makefile (working copy) >@@ -1,8 +1,8 @@ > # $FreeBSD$ > > PORTNAME= ossec-hids >-PORTVERSION= 3.1.0 >-PORTREVISION= 2 >+PORTVERSION= 3.2.0 >+PORTREVISION= > CATEGORIES= security > PKGNAMESUFFIX= -${OSSEC_TYPE} > >@@ -12,7 +12,7 @@ > LICENSE= GPLv2 > LICENSE_FILE= ${WRKSRC}/LICENSE > >-USES= gmake readline ssl >+USES= gmake ssl > > OSSEC_TYPE?= local > >@@ -38,6 +38,8 @@ > PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude > ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq > >+INOTIFY_USES= pkgconfig >+LUA_USES= readline > MYSQL_USE= mysql > PGSQL_USES= pgsql > >@@ -64,7 +66,7 @@ > .endif > > OPTIONS_SUB= yes >-OPTIONS_DEFINE= DOCS INOTIFY >+OPTIONS_DEFINE= DOCS INOTIFY LUA > > .if ${OSSEC_TYPE} != agent > OPTIONS_DEFINE+= PRELUDE ZEROMQ >@@ -81,6 +83,7 @@ > DATABASE_DESC= Database output > > INOTIFY_VARS= OSSEC_ARGS+=USE_INOTIFY=yes >+LUA_VARS= OSSEC_ARGS+=LUA_ENABLE=yes STRIP_FILES+=ossec-lua STRIP_FILES+=ossec-luac > PRELUDE_VARS= OSSEC_ARGS+=USE_PRELUDE=yes > ZEROMQ_VARS= OSSEC_ARGS+=USE_ZEROMQ=yes > MYSQL_VARS= OSSEC_ARGS+=DATABASE=mysql PKGMSG_FILES+=message-database DB_TYPE=mysql DB_SCHEMA=mysql.schema >@@ -92,8 +95,6 @@ > ossec-agentd \ > ossec-execd \ > ossec-logcollector \ >- ossec-lua \ >- ossec-luac \ > ossec-syscheckd > .else > STRIP_FILES= agent_control \ >@@ -108,8 +109,6 @@ > ossec-execd \ > ossec-logcollector \ > ossec-logtest \ >- ossec-lua \ >- ossec-luac \ > ossec-maild \ > ossec-makelists \ > ossec-monitord \ >@@ -159,7 +158,6 @@ > VERSION=${PORTVERSION} \ > DB_TYPE=${DB_TYPE} \ > DB_SCHEMA=${DOCSDIR}/${DB_SCHEMA} \ >- USER=${USER} \ > OSSEC_USER=${OSSEC_USER} \ > OSSEC_GROUP=${OSSEC_GROUP} \ > OSSEC_RC=${OSSEC_RC} >@@ -179,7 +177,10 @@ > PKGMESSAGE= ${WRKDIR}/pkg-message > PKGMSG_FILES= message-header > >+PKG_CONFIG= ${CONFIGURE_ENV:MPKG_CONFIG=*:S/PKG_CONFIG=//} > CFLAGS+= -I${LOCALBASE}/include >+INOTIFY_CFLAGS= $$(${PKG_CONFIG} --cflags libinotify) >+INOTIFY_LDFLAGS=$$(${PKG_CONFIG} --libs libinotify) > > OSSEC_ARGS+= TARGET=${OSSEC_TYPE} INSTALL_LOCALTIME=no > .if !defined(MAINTAINER_MODE) >@@ -216,12 +217,12 @@ > .endif > > .if ${OSSEC_TYPE} == agent >-.if defined(MAINTAINER_MODE) >+. if defined(MAINTAINER_MODE) > @for file_name in $$(find "${STAGEDIR}${SHARED_DIR}" -type f); do ${CHMOD} 0644 $${file_name}; ${CHOWN} ${OSSEC_USER}:${OSSEC_GROUP} $${file_name}; done >-.else >+. else > @for file_name in $$(find "${STAGEDIR}${SHARED_DIR}" -type f); do ${CHMOD} 0644 $${file_name}; done >+. endif > .endif >-.endif > @${ECHO_CMD} -n > ${PKGMESSAGE} > .for file_name in ${PKGMSG_FILES} > @${CAT} ${WRKDIR}/${file_name} >> ${PKGMESSAGE} >Index: security/ossec-hids-local/distinfo >=================================================================== >--- security/ossec-hids-local/distinfo (revision 497449) >+++ security/ossec-hids-local/distinfo (working copy) >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1539457911 >-SHA256 (ossec-ossec-hids-3.1.0_GH0.tar.gz) = e0e2987751badb95c2bf618531c7853b2289c910f796da85ff394c0faea43f50 >-SIZE (ossec-ossec-hids-3.1.0_GH0.tar.gz) = 1886469 >+TIMESTAMP = 1553010288 >+SHA256 (ossec-ossec-hids-3.2.0_GH0.tar.gz) = b36cc4db73c265f5fd65f2b5450d69e332316612b5602a3e310ae8907e9d2548 >+SIZE (ossec-ossec-hids-3.2.0_GH0.tar.gz) = 1896977 >Index: security/ossec-hids-local/files/ossec-hids.in >=================================================================== >--- security/ossec-hids-local/files/ossec-hids.in (revision 497449) >+++ security/ossec-hids-local/files/ossec-hids.in (working copy) >@@ -34,6 +34,10 @@ > ossec_type="%%OSSEC_TYPE%%" > ossec_home="%%OSSEC_HOME%%" > >+if [ -z "${ossec_hids_user}" ]; then >+ ossec_hids_user=$(stat -f '%Su' "${ossec_home}") >+fi >+ > ossec_conf="${ossec_home}/etc/ossec.conf" > ossec_conf_dir="${ossec_home}/etc/ossec.conf.d" > ossec_conf_bin="${ossec_home}/bin/config/ossec-conf" >@@ -353,7 +357,7 @@ > if [ -x "${agent_conf_bin}" ]; then > # Merge agent.conf.d files into agent.conf > if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${agent_conf}" "${agent_conf_dir}"; then >- ossec_hids_create_file "${agent_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 >+ ossec_hids_create_file "${agent_conf}" ${ossec_hids_user}:%%OSSEC_GROUP%% 0640 > "${agent_conf_bin}" > "${agent_conf}" > fi > fi >@@ -363,7 +367,7 @@ > if [ -x "${ossec_conf_bin}" ]; then > # Merge ossec.conf.d files into ossec.conf > if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${ossec_conf}" "${ossec_conf_dir}"; then >- ossec_hids_create_file "${ossec_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 >+ ossec_hids_create_file "${ossec_conf}" ${ossec_hids_user}:%%OSSEC_GROUP%% 0640 > "${ossec_conf_bin}" > "${ossec_conf}" > fi > fi >@@ -378,7 +382,7 @@ > echo > return 1 > fi >- install -o %%USER%% -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}" >+ install -o ${ossec_hids_user} -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}" > > return 0 > } >Index: security/ossec-hids-local/files/patch-src_Makefile >=================================================================== >--- security/ossec-hids-local/files/patch-src_Makefile (revision 497449) >+++ security/ossec-hids-local/files/patch-src_Makefile (nonexistent) >@@ -1,231 +0,0 @@ >---- src/Makefile.orig 2018-10-11 22:25:16 UTC >-+++ src/Makefile >-@@ -20,6 +20,9 @@ OSSEC_USER?=ossec >- OSSEC_USER_MAIL?=ossecm >- OSSEC_USER_REM?=ossecr >- >-+INSTALL_CMD?=install -m $(1) -o $(2) -g $(3) >-+INSTALL_LOCALTIME?=yes >-+ >- USE_PRELUDE?=no >- USE_ZEROMQ?=no >- USE_GEOIP?=no >-@@ -366,10 +369,10 @@ endif >- install: install-${TARGET} >- >- install-agent: install-common >-- install -m 0550 -o root -g 0 ossec-agentd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 agent-auth ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin >- >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids >- >- install-local: install-server-generic >- >-@@ -379,127 +382,129 @@ install-server: install-server-generic >- >- install-common: build >- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX} >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/ >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs >-- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/ >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs >-+ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log >- >-- install -d -m 0550 -o root -g 0 ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-logcollector ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-syscheckd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-execd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 manage_agents ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ../contrib/util.sh ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control >-+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control >- >- ifeq (${LUA_ENABLE},yes) >-- install -d -m 0550 -o root -g 0 ${PREFIX}/lua >-- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/native >-- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/compiled >-- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua >-+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native >-+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled >-+ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ >- endif >- >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/queue >-- install -d -m 0770 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/alerts >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/ossec >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/syscheck >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue >-+ $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff >- >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc >-- install -m 0440 -o root -g ${OSSEC_GROUP} /etc/localtime ${PREFIX}/etc >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc >-+ifeq (${INSTALL_LOCALTIME},yes) >-+ $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc >-+endif >- >-- install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp >-+ $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp >- >- ifneq (,$(wildcard /etc/TIMEZONE)) >-- install -m 440 -o root -g ${OSSEC_GROUP} /etc/TIMEZONE ${PREFIX}/etc/ >-+ $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/ >- endif >- # Solaris Needs some extra files >- ifeq (${uname_S},SunOS) >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/usr/share/lib/zoneinfo/ >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/ >- cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/ >- endif >-- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/internal_options.conf ${PREFIX}/etc/ >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/ >- ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf)) >-- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf >- endif >- ifeq (,$(wildcard ${PREFIX}/etc/client.keys)) >-- install -m 0640 -o root -g ${OSSEC_GROUP} /dev/null ${PREFIX}/etc/client.keys >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys >- endif >- ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf)) >- ifneq (,$(wildcard ../etc/ossec.mc)) >-- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/ossec.mc ${PREFIX}/etc/ossec.conf >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf >- else >-- install -m 0640 -o root -g ${OSSEC_GROUP} ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf >- endif >- endif >- >-- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc/shared >-- install -m 0640 -o ${OSSEC_USER} -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/ >-+ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared >-+ $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/ >- >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response/bin >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/agentless >-- install -m 0550 -o root -g ${OSSEC_GROUP} agentlessd/scripts/* ${PREFIX}/agentless/ >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/ >- >-- install -d -m 0700 -o root -g ${OSSEC_GROUP} ${PREFIX}/.ssh >-+ $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh >- >-- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/*.sh ${PREFIX}/active-response/bin/ >-- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/ >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ >- >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/var >-- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/var/run >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var >-+ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run >- >- ./init/fw-check.sh execute >- >- >- >- install-server-generic: install-common >-- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/active-responses.log >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/archives >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/alerts >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/firewall >-+ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall >- >-- install -m 0550 -o root -g 0 ossec-agentlessd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-analysisd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-monitord ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-reportd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-maild ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-remoted ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-logtest ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-csyslogd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-authd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-dbd ${PREFIX}/bin >-- install -m 0550 -o root -g 0 ossec-makelists ${PREFIX}/bin >-- install -m 0550 -o root -g 0 verify-agent-conf ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 clear_stats ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 list_agents ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 ossec-regex ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 syscheck_update ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 agent_control ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 syscheck_control ${PREFIX}/bin/ >-- install -m 0550 -o root -g 0 rootcheck_control ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin >-+ $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/ >-+ $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/ >- >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/stats >-- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats >-+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules >- ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml)) >- cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup >-- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules >-- install -m 0640 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml >- rm ${PREFIX}/rules/local_rules.xml.installbackup >- else >-- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules >- endif >- >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/fts >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts >- >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rootcheck >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck >- >-- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/agent-info >-- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/agentless >-+ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info >-+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless >- >-- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids >-+ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids >- >-- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/decoder.xml ${PREFIX}/etc/ >-+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/ >- >- rm -f ${PREFIX}/etc/shared/merged.mg >- > >Property changes on: security/ossec-hids-local/files/patch-src_Makefile >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/pkg-deinstall.in >=================================================================== >--- security/ossec-hids-local/files/pkg-deinstall.in (revision 497449) >+++ security/ossec-hids-local/files/pkg-deinstall.in (working copy) >@@ -4,7 +4,6 @@ > ar_conf="${ossec_home}/etc/shared/ar.conf" > merged_mg="${ossec_home}/etc/shared/merged.mg" > client_keys="${ossec_home}/etc/client.keys" >-firewall_drop="${ossec_home}/active-response/bin/firewall-drop.sh" > local_time="${ossec_home}/etc/localtime" > > if [ "$2" == "DEINSTALL" ]; then >@@ -13,6 +12,5 @@ > if [ ! -s "${client_keys}" ]; then > rm -f "${client_keys}" > fi >- rm -f "${firewall_drop}" > rm -f "${local_time}" > fi >Index: security/ossec-hids-local/files/pkg-install.in >=================================================================== >--- security/ossec-hids-local/files/pkg-install.in (revision 497449) >+++ security/ossec-hids-local/files/pkg-install.in (working copy) >@@ -14,10 +14,14 @@ > } > > if [ "$2" == "POST-INSTALL" ]; then >+ if [ -z "${USER}" ]; then >+ USER=$(id -un) >+ fi >+ > pw usermod %%OSSEC_USER%% -d "${ossec_home}" > pw usermod ossecm -d "${ossec_home}" > pw usermod ossecr -d "${ossec_home}" >- chown %%USER%%:%%OSSEC_GROUP%% "${ossec_home}" >+ chown ${USER}:%%OSSEC_GROUP%% "${ossec_home}" > >- create_file "${client_keys}" root:ossec 0640 >+ create_file "${client_keys}" ${USER}:%%OSSEC_GROUP%% 0640 > fi >Index: security/ossec-hids-local/pkg-plist-agent >=================================================================== >--- security/ossec-hids-local/pkg-plist-agent (revision 497449) >+++ security/ossec-hids-local/pkg-plist-agent (working copy) >@@ -22,8 +22,6 @@ > @(,,0550) %%OSSEC_HOME%%/bin/ossec-control > @(,,0550) %%OSSEC_HOME%%/bin/ossec-execd > @(,,0550) %%OSSEC_HOME%%/bin/ossec-logcollector >-@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >-@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac > @(,,0550) %%OSSEC_HOME%%/bin/ossec-syscheckd > @(,,0550) %%OSSEC_HOME%%/bin/util.sh > @dir(,ossec,0550) %%OSSEC_HOME%%/etc >@@ -43,6 +41,7 @@ > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_rhel_linux_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_sles11_linux_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_solaris11_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L1_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L2_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL1_rcl.txt >@@ -55,6 +54,7 @@ > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL2_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/rootkit_files.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/system_audit_pw.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt > @(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/win_applications_rcl.txt >@@ -77,3 +77,5 @@ > %%PORTDOCS%%%%DOCSDIR%%/README.md > %%PORTDOCS%%%%DOCSDIR%%/SUPPORT.md > %%PORTDOCS%%%%DOCSDIR%%/ossec.conf.sample >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac >Index: security/ossec-hids-local/pkg-plist-local >=================================================================== >--- security/ossec-hids-local/pkg-plist-local (revision 497449) >+++ security/ossec-hids-local/pkg-plist-local (working copy) >@@ -42,8 +42,6 @@ > @(,,0550) %%OSSEC_HOME%%/bin/ossec-execd > @(,,0550) %%OSSEC_HOME%%/bin/ossec-logcollector > @(,,0550) %%OSSEC_HOME%%/bin/ossec-logtest >-@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >-@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac > @(,,0550) %%OSSEC_HOME%%/bin/ossec-maild > @(,,0550) %%OSSEC_HOME%%/bin/ossec-makelists > @(,,0550) %%OSSEC_HOME%%/bin/ossec-monitord >@@ -74,6 +72,7 @@ > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel_linux_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles11_linux_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_solaris11_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L1_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L2_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL1_rcl.txt >@@ -86,6 +85,7 @@ > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL2_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_files.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_pw.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_applications_rcl.txt >@@ -112,10 +112,13 @@ > @(,ossec,0640) %%OSSEC_HOME%%/rules/hordeimp_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ids_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/imapd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/kesl_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/linux_usbdetect_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/mailscanner_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/mcafee_av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mhn_cowrie_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mhn_dionaea_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms-exchange_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms-se_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms1016_usbdetect_rules.xml >@@ -123,6 +126,7 @@ > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms_firewall_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ftpd_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ipsec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_powershell_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/msauth_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/mysql_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/named_rules.xml >@@ -196,5 +200,7 @@ > %%PORTDOCS%%%%DOCSDIR%%/README.md > %%PORTDOCS%%%%DOCSDIR%%/SUPPORT.md > %%PORTDOCS%%%%DOCSDIR%%/ossec.conf.sample >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac > %%MYSQL%%%%DOCSDIR%%/mysql.schema > %%PGSQL%%%%DOCSDIR%%/postgresql.schema >Index: security/ossec-hids-local/pkg-plist-server >=================================================================== >--- security/ossec-hids-local/pkg-plist-server (revision 497449) >+++ security/ossec-hids-local/pkg-plist-server (working copy) >@@ -42,8 +42,6 @@ > @(,,0550) %%OSSEC_HOME%%/bin/ossec-execd > @(,,0550) %%OSSEC_HOME%%/bin/ossec-logcollector > @(,,0550) %%OSSEC_HOME%%/bin/ossec-logtest >-@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >-@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac > @(,,0550) %%OSSEC_HOME%%/bin/ossec-maild > @(,,0550) %%OSSEC_HOME%%/bin/ossec-makelists > @(,,0550) %%OSSEC_HOME%%/bin/ossec-monitord >@@ -74,6 +72,7 @@ > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel_linux_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles11_linux_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_solaris11_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L1_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L2_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL1_rcl.txt >@@ -86,6 +85,7 @@ > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL2_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_files.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_pw.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt > @(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_applications_rcl.txt >@@ -112,10 +112,13 @@ > @(,ossec,0640) %%OSSEC_HOME%%/rules/hordeimp_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ids_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/imapd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/kesl_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/linux_usbdetect_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/mailscanner_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/mcafee_av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mhn_cowrie_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mhn_dionaea_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms-exchange_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms-se_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms1016_usbdetect_rules.xml >@@ -123,6 +126,7 @@ > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms_firewall_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ftpd_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ipsec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_powershell_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/msauth_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/mysql_rules.xml > @(,ossec,0640) %%OSSEC_HOME%%/rules/named_rules.xml >@@ -196,5 +200,7 @@ > %%PORTDOCS%%%%DOCSDIR%%/README.md > %%PORTDOCS%%%%DOCSDIR%%/SUPPORT.md > %%PORTDOCS%%%%DOCSDIR%%/ossec.conf.sample >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac > %%MYSQL%%%%DOCSDIR%%/mysql.schema > %%PGSQL%%%%DOCSDIR%%/postgresql.schema >Index: security/ossec-hids-local/scripts/plist.sh >=================================================================== >--- security/ossec-hids-local/scripts/plist.sh (revision 497449) >+++ security/ossec-hids-local/scripts/plist.sh (working copy) >@@ -11,18 +11,38 @@ > WORKDIR=$4 > STAGEDIR=$5 > >-staged_plist="${WORKDIR}/.staged-plist" >-fixed_lines="" >+fixed_lines=" >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac" > if [ "${OSSEC_TYPE}" != "agent" ]; then >- fixed_lines="${fixed_lines} %%MYSQL%%%%DOCSDIR%%/mysql.schema %%PGSQL%%%%DOCSDIR%%/postgresql.schema" >+ fixed_lines="${fixed_lines} >+%%MYSQL%%%%DOCSDIR%%/mysql.schema >+%%PGSQL%%%%DOCSDIR%%/postgresql.schema" > fi >-skip_lines="%%PORTDOCS%%%%DOCSDIR%%/mysql.schema %%PORTDOCS%%%%DOCSDIR%%/postgresql.schema" >-skip_paths="/etc/ossec.conf /etc/client.keys /logs/active-responses.log /logs/ossec.log /lua" >-sample_paths="/etc/local_internal_options.conf.sample" >-if [ "${OSSEC_TYPE}" == "agent" ]; then >- skip_paths="${skip_paths} /rules /agentless /.ssh" >+ >+skip_lines=" >+%%PORTDOCS%%%%DOCSDIR%%/mysql.schema >+%%PORTDOCS%%%%DOCSDIR%%/postgresql.schema" >+ >+skip_paths=" >+/etc/ossec.conf >+/etc/client.keys >+/logs/active-responses.log >+/logs/ossec.log >+/lua" >+if [ "${OSSEC_TYPE}" = "agent" ]; then >+ skip_paths="${skip_paths} >+/rules >+/agentless >+/.ssh" > fi > >+sample_paths=" >+/etc/local_internal_options.conf.sample" >+ >+NL=$'\n' >+IFS=${NL} >+ > print_path() { > local path="$1" > local command="$2" >@@ -34,17 +54,30 @@ > fi > fi > local user=`stat -f "%Su" "${full_path}"` >- if [ "${user}" == "${USER}" ]; then >+ if [ "${user}" = "${USER}" ]; then > user="" > fi > local group=`stat -f "%Sg" "${full_path}"` >- if [ "${group}" == "${GROUP}" ]; then >+ if [ "${group}" = "${GROUP}" ]; then > group="" > fi > local mode=`stat -f "%p" "${full_path}" | tail -c 5` >- echo -e "${command}(${user},${group},${mode}) %%OSSEC_HOME%%${path}" >> "${PLIST}" >+ echo "${command}(${user},${group},${mode}) %%OSSEC_HOME%%${path}" >> "${PLIST}" > } > >+contains() { >+ local list="$1" >+ local word="$2" >+ >+ for e in ${list}; do >+ if [ "${e}" = "${word}" ]; then >+ return 0 >+ fi >+ done >+ >+ return 1 >+} >+ > echo -n > "${PLIST}" > > print_path >@@ -51,16 +84,9 @@ > > done_paths="" > while read line; do >- skip_line="" >- for e in ${skip_lines}; do >- if [ "${e}" == "${line}" ]; then >- skip_line="${e}" >- break >- fi >- done >- if [ -z "${skip_line}" ]; then >+ if ! contains "${skip_lines}" "${line}"; then > path="" >- case $line in >+ case ${line} in > "@dir %%OSSEC_HOME%%"*) > path=`echo "${line}" | sed -e "s|@dir %%OSSEC_HOME%%||g"` > ;; >@@ -68,7 +94,7 @@ > path=`echo "${line}" | sed -e "s|%%OSSEC_HOME%%||g"` > ;; > "%%"*) >- unchanged_lines="${unchanged_lines} ${line}" >+ unchanged_lines="${unchanged_lines}${NL}${line}" > ;; > esac > if [ -n "${path}" ]; then >@@ -76,33 +102,12 @@ > path="" > for segment in ${segments}; do > path="${path}/${segment}" >- skip_path="" >- for e in ${skip_paths}; do >- if [ "${e}" == "${path}" ]; then >- skip_path="${e}" >- break >- fi >- done >- if [ -n "${skip_path}" ]; then >+ if contains "${skip_paths}" "${path}"; then > break > fi >- done_path="" >- for e in ${done_paths}; do >- if [ "${e}" == "${path}" ]; then >- done_path="${e}" >- break >- fi >- done >- if [ -z "${done_path}" ]; then >- done_paths="${done_paths} ${path}" >- sample_path="" >- for e in ${sample_paths}; do >- if [ "${e}" == "${path}" ]; then >- sample_path="${e}" >- break >- fi >- done >- if [ -n "${sample_path}" ]; then >+ if ! contains "${done_paths}" "${path}"; then >+ done_paths="${done_paths}${NL}${path}" >+ if contains "${sample_paths}" "${path}"; then > print_path "${path}" @sample > else > print_path "${path}" >@@ -111,9 +116,9 @@ > done > fi > fi >-done < "${staged_plist}" >+done < "${WORKDIR}/.staged-plist" > >-unchanged_lines="${unchanged_lines} ${fixed_lines}" >+unchanged_lines="${unchanged_lines}${NL}${fixed_lines}" > for line in ${unchanged_lines}; do > echo "${line}" >> "${PLIST}" > done >Index: security/ossec-hids-local-config/Makefile >=================================================================== >--- security/ossec-hids-local-config/Makefile (revision 497449) >+++ security/ossec-hids-local-config/Makefile (working copy) >@@ -1,8 +1,8 @@ > # $FreeBSD$ > > PORTNAME= ossec-hids >-PORTVERSION= 3.1.0 >-PORTREVISION= 1 >+PORTVERSION= 3.2.0 >+PORTREVISION= > CATEGORIES= security > PKGNAMESUFFIX= -${OSSEC_TYPE}-config > >@@ -47,14 +47,15 @@ > OPTIONS_SUB= yes > > OPTIONS_SINGLE= FIREWALL >-OPTIONS_SINGLE_FIREWALL= IPF IPFW PF >+OPTIONS_SINGLE_FIREWALL= NOFW IPF IPFW PF > >-OPTIONS_DEFAULT+= IPF >+OPTIONS_DEFAULT+= NOFW > > FIREWALL_DESC= Active Response Firewall > PF_DESC= Packet Filter > IPFW_DESC= ipfirewall > IPF_DESC= ipfilter >+NOFW_DESC= Custom or no firewall > > TEMPL_ENABLED_HEADER= template-header-enabled.xml > TEMPL_DISABLED_HEADER= template-header-disabled.xml >@@ -68,6 +69,7 @@ > PF_VARS= FW_DROP=pf.sh PKGMSG_FILES+=message-pf > IPFW_VARS= FW_DROP=ipfw.sh > IPF_VARS= FW_DROP=ipfilter.sh >+NOFW_VARS= FW_DROP= > > .if defined(MAINTAINER_MODE) > OSSEC_HOME= ${PREFIX}/${PORTNAME} >Index: security/ossec-hids-local-config/distinfo >=================================================================== >--- security/ossec-hids-local-config/distinfo (revision 497449) >+++ security/ossec-hids-local-config/distinfo (working copy) >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1539459620 >-SHA256 (ossec-ossec-hids-3.1.0_GH0.tar.gz) = e0e2987751badb95c2bf618531c7853b2289c910f796da85ff394c0faea43f50 >-SIZE (ossec-ossec-hids-3.1.0_GH0.tar.gz) = 1886469 >+TIMESTAMP = 1553010491 >+SHA256 (ossec-ossec-hids-3.2.0_GH0.tar.gz) = b36cc4db73c265f5fd65f2b5450d69e332316612b5602a3e310ae8907e9d2548 >+SIZE (ossec-ossec-hids-3.2.0_GH0.tar.gz) = 1896977 >Index: security/ossec-hids-local-config/files/pkg-deinstall.in >=================================================================== >--- security/ossec-hids-local-config/files/pkg-deinstall.in (revision 497449) >+++ security/ossec-hids-local-config/files/pkg-deinstall.in (working copy) >@@ -1,6 +1,9 @@ > #!/bin/sh > > ossec_home="%%OSSEC_HOME%%" >+fw_drop="%%FW_DROP%%" >+ >+ar_bin_dir="${ossec_home}/active-response/bin" > ossec_conf="${ossec_home}/etc/ossec.conf" > agent_conf="${ossec_home}/etc/shared/agent.conf" > >@@ -7,4 +10,10 @@ > if [ "$2" == "DEINSTALL" ]; then > rm -f "${ossec_conf}" > rm -f "${agent_conf}" >+ >+ if [ -n "${fw_drop}" ]; then >+ if [ "${ar_bin_dir}/${fw_drop}" -ef "${ar_bin_dir}/firewall-drop.sh" ]; then >+ rm -f "${ar_bin_dir}/firewall-drop.sh" >+ fi >+ fi > fi >Index: security/ossec-hids-local-config/files/pkg-install.in >=================================================================== >--- security/ossec-hids-local-config/files/pkg-install.in (revision 497449) >+++ security/ossec-hids-local-config/files/pkg-install.in (working copy) >@@ -1,6 +1,8 @@ > #!/bin/sh > > ossec_home="%%OSSEC_HOME%%" >+fw_drop="%%FW_DROP%%" >+ > ar_bin_dir="${ossec_home}/active-response/bin" > ossec_conf="${ossec_home}/etc/ossec.conf" > ossec_conf_bak="${ossec_conf}.bak" >@@ -8,7 +10,9 @@ > agent_conf_bak="${ossec_home}/etc/agent.conf.bak" > > if [ "$2" == "POST-INSTALL" ]; then >- ln -f "${ar_bin_dir}/%%FW_DROP%%" "${ar_bin_dir}/firewall-drop.sh" >+ if [ -n "${fw_drop}" ]; then >+ ln -f "${ar_bin_dir}/${fw_drop}" "${ar_bin_dir}/firewall-drop.sh" >+ fi > > if [ -e "${ossec_conf}" ]; then > mv -f "${ossec_conf}" "${ossec_conf_bak}" >Index: security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in (revision 497449) >+++ security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in (working copy) >@@ -15,6 +15,7 @@ > <rootcheck> > <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files> > <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans> >+ <system_audit>/var/ossec/etc/shared/system_audit_pw.txt</system_audit> > <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit> > <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit> > </rootcheck> >Index: security/ossec-hids-local-config/files/template-rules-default.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rules-default.xml.in (revision 497449) >+++ security/ossec-hids-local-config/files/template-rules-default.xml.in (working copy) >@@ -51,6 +51,7 @@ > <include>ms_ipsec_rules.xml</include> > <include>vmware_rules.xml</include> > <include>ids_rules.xml</include> >+ <include>ms_powershell_rules.xml</include> > <include>apache_rules.xml</include> > <include>web_rules.xml</include> > <include>zeus_rules.xml</include> >@@ -78,6 +79,9 @@ > <include>ms_firewall_rules.xml</include> > <include>psad_rules.xml</include> > <include>unbound_rules.xml</include> >+ <include>kesl_rules.xml</include> >+ <include>mhn_dionaea_rules.xml</include> >+ <include>mhn_cowrie_rules.xml</include> > <include>local_rules.xml</include> > > <!-- Files not included by default --> >Index: security/ossec-hids-local-config/scripts/plist.sh >=================================================================== >--- security/ossec-hids-local-config/scripts/plist.sh (revision 497449) >+++ security/ossec-hids-local-config/scripts/plist.sh (working copy) >@@ -11,12 +11,18 @@ > WORKDIR=$4 > STAGEDIR=$5 > >-staged_plist="${WORKDIR}/.staged-plist" > fixed_lines="" > skip_lines="" > skip_paths="" >-sample_paths="/etc/command.conf.sample /etc/ossec.conf.d/900.local.conf.sample /etc/agent.conf.d/900.local.conf.sample" > >+sample_paths=" >+/etc/command.conf.sample >+/etc/ossec.conf.d/900.local.conf.sample >+/etc/agent.conf.d/900.local.conf.sample" >+ >+NL=$'\n' >+IFS=${NL} >+ > print_path() { > local path="$1" > local command="$2" >@@ -28,17 +34,30 @@ > fi > fi > local user=`stat -f "%Su" "${full_path}"` >- if [ "${user}" == "${USER}" ]; then >+ if [ "${user}" = "${USER}" ]; then > user="" > fi > local group=`stat -f "%Sg" "${full_path}"` >- if [ "${group}" == "${GROUP}" ]; then >+ if [ "${group}" = "${GROUP}" ]; then > group="" > fi > local mode=`stat -f "%p" "${full_path}" | tail -c 5` >- echo -e "${command}(${user},${group},${mode}) %%OSSEC_HOME%%${path}" >> "${PLIST}" >+ echo "${command}(${user},${group},${mode}) %%OSSEC_HOME%%${path}" >> "${PLIST}" > } > >+contains() { >+ local list="$1" >+ local word="$2" >+ >+ for e in ${list}; do >+ if [ "${e}" = "${word}" ]; then >+ return 0 >+ fi >+ done >+ >+ return 1 >+} >+ > echo -n > "${PLIST}" > > print_path >@@ -45,16 +64,9 @@ > > done_paths="" > while read line; do >- skip_line="" >- for e in ${skip_lines}; do >- if [ "${e}" == "${line}" ]; then >- skip_line="${e}" >- break >- fi >- done >- if [ -z "${skip_line}" ]; then >+ if ! contains "${skip_lines}" "${line}"; then > path="" >- case $line in >+ case ${line} in > "@dir %%OSSEC_HOME%%"*) > path=`echo "${line}" | sed -e "s|@dir %%OSSEC_HOME%%||g"` > ;; >@@ -62,7 +74,7 @@ > path=`echo "${line}" | sed -e "s|%%OSSEC_HOME%%||g"` > ;; > "%%"*) >- unchanged_lines="${unchanged_lines} ${line}" >+ unchanged_lines="${unchanged_lines}${NL}${line}" > ;; > esac > if [ -n "${path}" ]; then >@@ -70,33 +82,12 @@ > path="" > for segment in ${segments}; do > path="${path}/${segment}" >- skip_path="" >- for e in ${skip_paths}; do >- if [ "${e}" == "${path}" ]; then >- skip_path="${e}" >- break >- fi >- done >- if [ -n "${skip_path}" ]; then >+ if contains "${skip_paths}" "${path}"; then > break > fi >- done_path="" >- for e in ${done_paths}; do >- if [ "${e}" == "${path}" ]; then >- done_path="${e}" >- break >- fi >- done >- if [ -z "${done_path}" ]; then >- done_paths="${done_paths} ${path}" >- sample_path="" >- for e in ${sample_paths}; do >- if [ "${e}" == "${path}" ]; then >- sample_path="${e}" >- break >- fi >- done >- if [ -n "${sample_path}" ]; then >+ if ! contains "${done_paths}" "${path}"; then >+ done_paths="${done_paths}${NL}${path}" >+ if contains "${sample_paths}" "${path}"; then > print_path "${path}" @sample > else > print_path "${path}" >@@ -105,9 +96,9 @@ > done > fi > fi >-done < "${staged_plist}" >+done < "${WORKDIR}/.staged-plist" > >-unchanged_lines="${unchanged_lines} ${fixed_lines}" >+unchanged_lines="${unchanged_lines}${NL}${fixed_lines}" > for line in ${unchanged_lines}; do > echo "${line}" >> "${PLIST}" > done
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=203276">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 236919
: 203276