FreeBSD Bugzilla – Attachment 217238 Details for
Bug 247140
security/honeytrap: Add option to run service as root
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
slight update
honeytrap-g20200625-rev6.diff (text/plain), 9.00 KB, created by
Steve Wills
on 2020-08-15 19:13:09 UTC
(
hide
)
Description:
slight update
Filename:
MIME Type:
Creator:
Steve Wills
Created:
2020-08-15 19:13:09 UTC
Size:
9.00 KB
patch
obsolete
>diff --git security/honeytrap/Makefile security/honeytrap/Makefile >index c6444e432862..c398d86b9038 100644 >--- security/honeytrap/Makefile >+++ security/honeytrap/Makefile >@@ -1,19 +1,19 @@ > # $FreeBSD$ > > PORTNAME= honeytrap >-DISTVERSION= g20200415 >+DISTVERSION= g20200625 > CATEGORIES= security > >-MAINTAINER= remco.verhoef@dutchsec.com >-COMMENT= HoneyTrap Freebsd port >+MAINTAINER= ezri.mudde@dutchsec.com >+COMMENT= Framework for running, monitoring and managing honeypots > > LICENSE= ART20 > > USES= go:modules >+GO_BUILDFLAGS= -ldflags '-X github.com/honeytrap/honeytrap/cmd.Version=2020-07-22T08:34:55 -X github.com/honeytrap/honeytrap/cmd.ReleaseTag=DEVELOPMENT.2020-07-22T08-34-55Z -X github.com/honeytrap/honeytrap/cmd.CommitID=33bbb2db3a3140b0ce4fbda14747bc954e0bcadd -X github.com/honeytrap/honeytrap/cmd.ShortCommitID=33bbb2db3a31 -extldflags "static"' > USE_GITHUB= yes >-GH_TAGNAME= d8d94c8f >-GH_TUPLE= \ >- AndreasBriese:bbloom:28f7e881ca57:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \ >+GH_TAGNAME= 33bbb2d >+GH_TUPLE= AndreasBriese:bbloom:28f7e881ca57:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \ > BurntSushi:toml:v0.3.0:burntsushi_toml/vendor/github.com/BurntSushi/toml \ > Logicalis:asn1:c9c836c1a3cd:logicalis_asn1/vendor/github.com/Logicalis/asn1 \ > Shopify:sarama:v1.16.0:shopify_sarama/vendor/github.com/Shopify/sarama \ >@@ -70,22 +70,24 @@ GH_TUPLE= \ > yuin:gopher-lua:8bfc7677f583:yuin_gopher_lua/vendor/github.com/yuin/gopher-lua \ > google:gvisor:3eb302470365:google_gvisor/vendor/gvisor.dev/gvisor > >-USERS= honeytrap >-GROUPS= honeytrap >+HONEYTRAP_USER?= honeytrap >+HONEYTRAP_GROUP?= honeytrap >+HONEYTRAP_DBDIR?= /var/db/${PORTNAME} >+ >+USERS= ${HONEYTRAP_USER} >+GROUPS= ${HONEYTRAP_GROUP} > USE_RC_SUBR= honeytrap >-PLIST_FILES= bin/honeytrap \ >- etc/honeytrap.toml \ >- "@dir(honeytrap,honeytrap,4744) /var/log/honeytrap" \ >- "@dir(honeytrap,honeytrap,4744) libdata/honeytrap" >+PLIST_FILES= "@sample(honeytrap,honeytrap,0600) ${ETCDIR}/honeytrap.toml.sample" \ >+ bin/honeytrap >+ >+SUB_LIST= GROUP=${HONEYTRAP_GROUP} \ >+ HONEYTRAP_DBDIR=${HONEYTRAP_DBDIR} \ >+ USER=${HONEYTRAP_USER} > > do-install: > ${MKDIR} ${STAGEDIR}${PREFIX}/bin > ${INSTALL_PROGRAM} ${WRKDIR}/bin/honeytrap ${STAGEDIR}${PREFIX}/bin/honeytrap >- ${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d >- ${INSTALL_DATA} ${FILESDIR}/etc/honeytrap.toml ${STAGEDIR}${PREFIX}/etc >- >-post-install: >- ${MKDIR} ${STAGEDIR}${PREFIX}/libdata/honeytrap >- ${MKDIR} ${STAGEDIR}/var/log/honeytrap >+ ${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d ${STAGEDIR}${ETCDIR} >+ ${INSTALL_DATA} ${FILESDIR}/honeytrap.toml ${STAGEDIR}${ETCDIR}/honeytrap.toml.sample > > .include <bsd.port.mk> >diff --git security/honeytrap/distinfo security/honeytrap/distinfo >index 7fcc17f1acc5..6f082e28ae61 100644 >--- security/honeytrap/distinfo >+++ security/honeytrap/distinfo >@@ -1,6 +1,6 @@ >-TIMESTAMP = 1587390791 >-SHA256 (honeytrap-honeytrap-g20200415-d8d94c8f_GH0.tar.gz) = f565e52e8f4bbebc3765bd2ead68b7ab141da4ef00073749ae55268290f5d13a >-SIZE (honeytrap-honeytrap-g20200415-d8d94c8f_GH0.tar.gz) = 379014 >+TIMESTAMP = 1595352531 >+SHA256 (honeytrap-honeytrap-g20200625-33bbb2d_GH0.tar.gz) = a6390179c0ba3282d7523f3633d4a15852f39081fd666f4ac3a4c37f95fef4c4 >+SIZE (honeytrap-honeytrap-g20200625-33bbb2d_GH0.tar.gz) = 379053 > SHA256 (AndreasBriese-bbloom-28f7e881ca57_GH0.tar.gz) = c87bf25d12aa9ef597c6a465dd2959d6d7e06d8341030d6d75c8a81ccc388ccd > SIZE (AndreasBriese-bbloom-28f7e881ca57_GH0.tar.gz) = 7141 > SHA256 (BurntSushi-toml-v0.3.0_GH0.tar.gz) = 2c49390424cfb043f803977bce80b1504495bada54f9e845ff8b30a05fab9a36 >diff --git security/honeytrap/files/honeytrap.in security/honeytrap/files/honeytrap.in >index e2d110cc54c0..21b1ad12d678 100644 >--- security/honeytrap/files/honeytrap.in >+++ security/honeytrap/files/honeytrap.in >@@ -3,18 +3,34 @@ > # $FreeBSD$ > # > # PROVIDE: honeytrap >-# REQUIRE: LOGIN >+# REQUIRE: NETWORKING SERVERS DAEMON > # KEYWORD: shutdown >+ >+# Add honeytrap_enable="YES" to /etc/rc.conf to enable Honeytrap >+ >+# Additional variables you can define are: >+ >+# honeytrap_config (path): Config file path. >+# Set to %%ETCDIR%%/honeytrap.toml by default. >+# honeytrap_datadir (dir): Set dir to store honeytrap data in. >+# Default is "%%HONEYTRAP_DBDIR%%" >+# honeytrap_logdir (dir): Set dir to store honeytrap logs in. >+# Default is "/var/log/honeytrap" >+# honeytrap_user (string): Set user to run honeytrap. >+# Default is "%%USER%%". >+# honeytrap_group (string): Set group to run honeytrap. >+# Default is "%%GROUP%%". >+# honeytrap_pidfile (string): Set full path to pid file >+# Default is "/var/run/honeytrap.pid" >+# honeytrap_syslog_output_enable (bool): Set to YES to enable syslog output >+# Default is "NO". See daemon(8). >+# honeytrap_syslog_output_tag (str): Set syslog tag if syslog enabled. >+# Default is "honeytrap". See daemon(8). >+# honeytrap_syslog_output_priority (str): Set syslog priority if syslog enabled. >+# Default is "info". See daemon(8). >+# honeytrap_syslog_output_facility (str): Set syslog facility if syslog enabled. >+# Default is "daemon". See daemon(8). > # >-# Add these lines to /etc/rc.conf.local or /etc/rc.conf >-# to enable this service: >-# >-# honeytrap_enable (bool): Set to NO by default. >-# Set it to YES to enable honeytrap. >-# honeytrap_datadir (path): Set to %%PREFIX%%/libdata/honeytrap >-# by default. >-# honeytrap_config (path): Set to %%PREFIX%%/etc/honeytrap.toml >-# by default. > > . /etc/rc.subr > >@@ -24,18 +40,49 @@ rcvar=honeytrap_enable > load_rc_config $name > > : ${honeytrap_enable:="NO"} >-: ${honeytrap_datadir="%%PREFIX%%/libdata/honeytrap"} >-: ${honeytrap_config="%%PREFIX%%/etc/honeytrap.toml"} >+: ${honeytrap_config="%%ETCDIR%%/honeytrap.toml"} >+: ${honeytrap_datadir:="%%HONEYTRAP_DBDIR%%"} >+: ${honeytrap_logdir:="/var/log/honeytrap"} >+: ${honeytrap_user:="%%USER%%"} >+: ${honeytrap_group:="%%GROUP%%"} >+: ${honeytrap_pidfile:="/var/run/${name}.pid"} >+: ${honeytrap_syslog_output_enable:="NO"} >+ >+pidfile=${honeytrap_pidfile} >+procname="%%PREFIX%%/bin/honeytrap" >+command="/usr/sbin/daemon" > >-start_cmd="${name}_start" >+start_precmd="honeytrap_start_precmd" > >-honeytrap_program="%%PREFIX%%/bin/honeytrap" >-honeytrap_flags="--data $honeytrap_datadir --config $honeytrap_config" >-pidfile=/var/run/${name}.pid >+if checkyesno honeytrap_syslog_output_enable; then >+ if [ -n "${honeytrap_syslog_output_tag}" ]; then >+ honeytrap_syslog_output_flags="-T ${honeytrap_syslog_output_tag}" >+ else >+ honeytrap_syslog_output_flags="-T ${name}" >+ fi >+ if [ -n "${honeytrap_syslog_output_priority}" ]; then >+ honeytrap_syslog_output_flags="${honeytrap_syslog_output_flags} -s ${honeytrap_syslog_output_priority}" >+ fi > >-honeytrap_start() >+ if [ -n "${honeytrap_syslog_output_facility}" ]; then >+ honeytrap_syslog_output_flags="${honeytrap_syslog_output_flags} -l ${honeytrap_syslog_output_facility}" >+ fi >+fi >+ >+command_args="-f -t ${name} ${honeytrap_syslog_output_flags} -p ${pidfile} /usr/bin/env ${honeytrap_env} ${procname} --data ${honeytrap_datadir} --config ${honeytrap_config} ${honeytrap_flags}" >+ >+honeytrap_start_precmd() > { >- daemon -o /var/log/honeytrap/service.log -p $pidfile -u $name $honeytrap_program $honeytrap_flags >-} >+ if [ ! -e ${pidfile} ]; then >+ install -o ${honeytrap_user} -g ${honeytrap_group} /dev/null ${pidfile} >+ fi > >+ if [ ! -d ${honeytrap_datadir} ]; then >+ install -d -m 0750 -o ${honeytrap_user} -g ${honeytrap_group} ${honeytrap_datadir} >+ fi >+ if [ ! -d ${honeytrap_logdir} ]; then >+ install -d -m 0750 -o ${honeytrap_user} -g ${honeytrap_group} ${honeytrap_logdir} >+ fi >+} >+ > run_rc_command "$@" >diff --git security/honeytrap/files/etc/honeytrap.toml security/honeytrap/files/honeytrap.toml >similarity index 100% >rename from security/honeytrap/files/etc/honeytrap.toml >rename to security/honeytrap/files/honeytrap.toml >diff --git security/honeytrap/files/patch-cmd_constants.go security/honeytrap/files/patch-cmd_constants.go >new file mode 100644 >index 000000000000..076b9dce9592 >--- /dev/null >+++ security/honeytrap/files/patch-cmd_constants.go >@@ -0,0 +1,21 @@ >+--- cmd/constants.go.orig 2020-08-11 10:18:40 UTC >++++ cmd/constants.go >+@@ -19,15 +19,12 @@ var ( >+ // GOPATH - GOPATH value at the time of build. >+ GOPATH = "" >+ >+- // Go get development tag. >+- goGetTag = "DEVELOPMENT.GOGET" >+- >+ // Version - version time.RFC3339. >+- Version = goGetTag >++ Version = "" >+ // ReleaseTag - release tag in TAG.%Y-%m-%dT%H-%M-%SZ. >+- ReleaseTag = goGetTag >++ ReleaseTag = "" >+ // CommitID - latest commit id. >+- CommitID = goGetTag >++ CommitID = "" >+ // ShortCommitID - first 12 characters from CommitID. >+ ShortCommitID = CommitID[:12] >+ )
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=217238">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 247140
:
215417
|
216631
|
216661
|
216962
|
217154
|
217238
|
217239