FreeBSD Bugzilla – Attachment 205389 Details for
Bug 237900
[NEW PORT] security/wazuh-agent: Security tool to monitor and check logs and intrusions
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
wazuh 3.9.2 cleanup
wazuh-agent.shar (text/plain), 12.93 KB, created by
Michael Muenz
on 2019-06-28 05:15:28 UTC
(
hide
)
Description:
wazuh 3.9.2 cleanup
Filename:
MIME Type:
Creator:
Michael Muenz
Created:
2019-06-28 05:15:28 UTC
Size:
12.93 KB
patch
obsolete
># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># wazuh-agent ># wazuh-agent/Makefile ># wazuh-agent/distinfo ># wazuh-agent/pkg-descr ># wazuh-agent/pkg-plist ># >echo c - wazuh-agent >mkdir -p wazuh-agent > /dev/null 2>&1 >echo x - wazuh-agent/Makefile >sed 's/^X//' >wazuh-agent/Makefile << '0b7710b42ec63aaad4f97d788c5dbeed' >X# $FreeBSD$ >X >XPORTNAME= wazuh >XDISTVERSIONPREFIX= v >XDISTVERSION= 3.9.2 >XCATEGORIES= security >XMASTER_SITES= https://packages.wazuh.com/deps/3.9/ >XPKGNAMESUFFIX= -agent >XDISTFILES= cJSON.tar.gz src_cpython.tar.gz curl.tar.gz libdb.tar.gz libffi.tar.gz \ >X libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz zlib.tar.gz \ >X audit-userspace.tar.gz msgpack.tar.gz >XDIST_SUBDIR= ${PORTNAME}-${DISTVERSION} >XEXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} >X >XMAINTAINER= m.muenz@gmail.com >XCOMMENT= Security tool to monitor and check logs and intrusions >X >XLICENSE= GPLv2 >XLICENSE_FILE= ${WRKSRC}/LICENSE >X >XBUILD_DEPENDS= curl:ftp/curl >XRUN_DEPENDS= curl:ftp/curl >X >XUSES= gmake perl5 readline shebangfix uidfix >X >XUSE_GITHUB= yes >X >XCONFLICTS_INSTALL= ossec-* >X >XSHEBANG_FILES= ${WRKSRC}/contrib/util.sh \ >X ${WRKSRC}/src/init/ossec-client.sh \ >X ${WRKSRC}/wodles/oscap/oscap.py \ >X ${WRKSRC}/active-response/*.sh \ >X >XUSERS= ossec ossecm ossecr >XGROUPS= ossec >X >XOSSEC_GROUP= ossec >XOSSEC_USER= ossec >X >XWAZUHPREFIX= /var/ossec >X >XWAZUHMOD750= / /logs/ossec /bin /lib /queue /queue/diff /ruleset /ruleset/sca /wodles \ >X /active-response /active-response/bin /agentless /var /backup /queue/rids \ >X /wodles/oscap /wodles/oscap/content >X >XWAZUHMOD770= /logs /queue/alerts /queue/ossec /etc /etc/shared /.ssh /var/run /var/upgrade \ >X /var/wodles /var/incoming >X >X# extract all extra distfiles in src/external >Xpost-extract: >X @for file in ${DISTFILES}; do \ >X if ! (cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/$$file ${EXTRACT_AFTER_ARGS}); \ >X then \ >X exit 1; \ >X fi; \ >X done >X >Xdo-build: >X @cd ${WRKSRC}/src && ${GMAKE} TARGET=agent >X >Xdo-install: >X @for mod750 in ${WAZUHMOD750}; do \ >X ${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}$$mod750; \ >X done >X >X @for mod770 in ${WAZUHMOD770}; do \ >X ${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}$$mod770; \ >X done >X >X ${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp >X ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-logcollector ${STAGEDIR}${WAZUHPREFIX}/bin >X ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-syscheckd ${STAGEDIR}${WAZUHPREFIX}/bin >X ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-execd ${STAGEDIR}${WAZUHPREFIX}/bin >X ${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX}/bin >X ${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFIX}/bin/ >X ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-agentd ${STAGEDIR}${WAZUHPREFIX}/bin >X ${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib >X ${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/bin >X ${CP} ${WRKSRC}/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/ >X ${CP} ${WRKSRC}/active-response/firewalls/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/ >X ${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ >X ${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf >X ${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf >X ${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf.sample >X ${CP} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys >X ${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log >X ${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json >X ${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-responses.log >X ${INSTALL_SCRIPT} ${WRKSRC}/contrib/util.sh ${STAGEDIR}${WAZUHPREFIX}/bin/ >X ${INSTALL_SCRIPT} ${WRKSRC}/src/init/ossec-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/ossec-control >X ${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/ >X ${INSTALL_SCRIPT} ${WRKSRC}/src/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/ >X ${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/ >X ${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap >X ${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap >X >X.include <bsd.port.mk> >0b7710b42ec63aaad4f97d788c5dbeed >echo x - wazuh-agent/distinfo >sed 's/^X//' >wazuh-agent/distinfo << '0f051aa68c30350db60aebbbe4aefb63' >XTIMESTAMP = 1561290425 >XSHA256 (wazuh-3.9.2/cJSON.tar.gz) = 8c517c658209cb96c2dcdfdd6bf7bb434adfb2fff3484b3464d2750cafd74e76 >XSIZE (wazuh-3.9.2/cJSON.tar.gz) = 20001 >XSHA256 (wazuh-3.9.2/src_cpython.tar.gz) = c82f7b62c086379bfd3f91d0a36293f889e66d7ae2aca122a16af3dbb67fd32f >XSIZE (wazuh-3.9.2/src_cpython.tar.gz) = 78216338 >XSHA256 (wazuh-3.9.2/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66 >XSIZE (wazuh-3.9.2/curl.tar.gz) = 3692998 >XSHA256 (wazuh-3.9.2/libdb.tar.gz) = 885f01aebcca995bcef48d8dc47acb8c4bd5eab06ec188e76cb5863e4f9b2d9b >XSIZE (wazuh-3.9.2/libdb.tar.gz) = 4283467 >XSHA256 (wazuh-3.9.2/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69 >XSIZE (wazuh-3.9.2/libffi.tar.gz) = 964576 >XSHA256 (wazuh-3.9.2/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a >XSIZE (wazuh-3.9.2/libyaml.tar.gz) = 424656 >XSHA256 (wazuh-3.9.2/openssl.tar.gz) = ed55973f4b604b9c27bb660fcdf85f69335b80b07c3bf4c63528ed8fcd74a678 >XSIZE (wazuh-3.9.2/openssl.tar.gz) = 5603935 >XSHA256 (wazuh-3.9.2/procps.tar.gz) = 87336a7860f5116ac5c5222b6b0d5c892e202ce136947e4776037bb7670ce6e2 >XSIZE (wazuh-3.9.2/procps.tar.gz) = 55692 >XSHA256 (wazuh-3.9.2/sqlite.tar.gz) = 23e109ee91ed16b4a95b2d361ecfd82820842fc337a80aa8032590b96eebddd2 >XSIZE (wazuh-3.9.2/sqlite.tar.gz) = 1980218 >XSHA256 (wazuh-3.9.2/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01 >XSIZE (wazuh-3.9.2/zlib.tar.gz) = 643568 >XSHA256 (wazuh-3.9.2/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434 >XSIZE (wazuh-3.9.2/audit-userspace.tar.gz) = 1682820 >XSHA256 (wazuh-3.9.2/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2 >XSIZE (wazuh-3.9.2/msgpack.tar.gz) = 591294 >XSHA256 (wazuh-3.9.2/wazuh-wazuh-v3.9.2_GH0.tar.gz) = 6014009740967ff2cc768471577a97e72fe5c4ec950aba82937d26fb36a4f10e >XSIZE (wazuh-3.9.2/wazuh-wazuh-v3.9.2_GH0.tar.gz) = 14779485 >0f051aa68c30350db60aebbbe4aefb63 >echo x - wazuh-agent/pkg-descr >sed 's/^X//' >wazuh-agent/pkg-descr << '72dfc1290a3d32bac7e221ca468631dc' >XThe Wazuh agent runs on the hosts that you want to monitor. >XIt is multi-platform and provides the following capabilities: >X >X- Log and data collection >X- File integrity monitoring >X- Rootkit and malware detection >X- Security policy monitoring. >X- Configuration assessments >X- Software inventory >X >XIn addition, it communicates with the Wazuh manager, sending data in near >Xreal-time through an encrypted and authenticated channel. >X >XWWW: https://github.com/wazuh/wazuh >72dfc1290a3d32bac7e221ca468631dc >echo x - wazuh-agent/pkg-plist >sed 's/^X//' >wazuh-agent/pkg-plist << '96137c8c6244327e03ff3561e76db4eb' >X@info(root,ossec,0750) /var/ossec/active-response/bin/default-firewall-drop.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/disable-account.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/firewalld-drop.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/host-deny.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/ip-customblock.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw_mac.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/kaspersky.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/npf.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-slack.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-tweeter.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/pf.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/restart-ossec.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/restart.sh >X@info(root,ossec,0750) /var/ossec/active-response/bin/route-null.sh >X@info(root,ossec,0750) /var/ossec/agentless/main.exp >X@info(root,ossec,0750) /var/ossec/agentless/register_host.sh >X@info(root,ossec,0750) /var/ossec/agentless/ssh.exp >X@info(root,ossec,0750) /var/ossec/agentless/ssh_asa-fwsmconfig_diff >X@info(root,ossec,0750) /var/ossec/agentless/ssh_foundry_diff >X@info(root,ossec,0750) /var/ossec/agentless/ssh_generic_diff >X@info(root,ossec,0750) /var/ossec/agentless/ssh_integrity_check_bsd >X@info(root,ossec,0750) /var/ossec/agentless/ssh_integrity_check_linux >X@info(root,ossec,0750) /var/ossec/agentless/ssh_nopass.exp >X@info(root,ossec,0750) /var/ossec/agentless/ssh_pixconfig_diff >X@info(root,ossec,0750) /var/ossec/agentless/sshlogin.exp >X@info(root,ossec,0750) /var/ossec/agentless/su.exp >X@info(root,root,0750) /var/ossec/bin/agent-auth >X@info(root,root,0750) /var/ossec/bin/manage_agents >X@info(root,root,0750) /var/ossec/bin/ossec-agentd >X@info(root,root,0750) /var/ossec/bin/ossec-control >X@info(root,root,0750) /var/ossec/bin/ossec-execd >X@info(root,root,0750) /var/ossec/bin/ossec-logcollector >X@info(root,root,0750) /var/ossec/bin/ossec-syscheckd >X@info(root,root,0750) /var/ossec/bin/util.sh >X@info(root,root,0750) /var/ossec/bin/wazuh-modulesd >X@info(root,ossec,0640) /var/ossec/etc/client.keys >X@info(root,ossec,0640) /var/ossec/etc/internal_options.conf >X@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf >X@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample >X@info(root,ossec,0640) /var/ossec/etc/ossec.conf >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_apache2224_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_debian_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel5_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel6_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel7_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles11_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles12_linux_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_files.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_trojans.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_ssh.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/win_applications_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/win_audit_rcl.txt >X@info(root,ossec,0660) /var/ossec/etc/shared/win_malware_rcl.txt >X@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem >X@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so >X@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log >X@info(ossec,ossec,0666) /var/ossec/logs/ossec.json >X@info(ossec,ossec,0666) /var/ossec/logs/ossec.log >X@info(root,ossec,0750) /var/ossec/wodles/oscap/oscap.py >X@info(root,ossec,0750) /var/ossec/wodles/oscap/template_oval.xsl >X@info(root,ossec,0750) /var/ossec/wodles/oscap/template_xccdf.xsl >X@dir(root,ossec,0770) /var/ossec/.ssh >X@dir(root,ossec,0750) /var/ossec/active-response/bin >X@dir(root,ossec,0750) /var/ossec/active-response >X@dir(root,ossec,0750) /var/ossec/agentless >X@dir(root,ossec,0750) /var/ossec/backup >X@dir(root,wheel,0750) /var/ossec/bin >X@dir(root,ossec,0770) /var/ossec/etc/shared >X@dir(ossec,ossec,0770) /var/ossec/etc >X@dir(root,ossec,0750) /var/ossec/lib >X@dir(ossec,ossec,0750) /var/ossec/logs/ossec >X@dir(ossec,ossec,0770) /var/ossec/logs >X@dir(ossec,ossec,0770) /var/ossec/queue/alerts >X@dir(ossec,ossec,0750) /var/ossec/queue/diff >X@dir(ossec,ossec,0770) /var/ossec/queue/ossec >X@dir(ossec,ossec,0750) /var/ossec/queue/rids >X@dir(root,ossec,0750) /var/ossec/queue >X@dir(root,ossec,0750) /var/ossec/ruleset/sca >X@dir(root,ossec,0750) /var/ossec/ruleset >X@dir(root,ossec,1770) /var/ossec/tmp >X@dir(root,ossec,0770) /var/ossec/var/incoming >X@dir(root,ossec,0770) /var/ossec/var/run >X@dir(root,ossec,0770) /var/ossec/var/upgrade >X@dir(root,ossec,0770) /var/ossec/var/wodles >X@dir(root,ossec,0750) /var/ossec/var >X@dir(root,ossec,0750) /var/ossec/wodles/oscap/content >X@dir(root,ossec,0750) /var/ossec/wodles/oscap >X@dir(root,ossec,0750) /var/ossec/wodles >X@dir(root,ossec,0750) /var/ossec >96137c8c6244327e03ff3561e76db4eb >exit >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=205389">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 237900
:
204379
|
205371
| 205389