Attachment #228652 for bug #258983

View | Details | Raw Unified | Return to bug 258983 | Differences between
Collapse All | Expand All




PORTNAME=	wazuh
DISTVERSIONPREFIX=	v
DISTVERSION=	4.2.3
CATEGORIES=	security
MASTER_SITES=	https://packages.wazuh.com/deps/13/libraries/sources/
PKGNAMESUFFIX=	-agent
DISTFILES=	cJSON.tar.gz libplist.tar.gz curl.tar.gz libdb.tar.gz libffi.tar.gz \
		libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz zlib.tar.gz \

BROKEN_aarch64=		fails to compile: rootcheck/os_string.c:188:20: use of undeclared identifier '__LDPGSZ'
BROKEN_i386=		fails to build external OpenSSL dependency

BUILD_DEPENDS=	curl:ftp/curl

USES=		gmake perl5 readline shebangfix uidfix
USE_GITHUB=	yes
USE_RC_SUBR=	${PORTNAME}-agent

SHEBANG_FILES=	${WRKSRC}/src/external/openssl/Configurations/unix-checker.pm \
		${WRKSRC}/src/init/wazuh-client.sh \
		${WRKSRC}/src/init/ossec-client.sh \
		${WRKSRC}/wodles/oscap/oscap.py \
		${WRKSRC}/active-response/*.sh

CONFLICTS_INSTALL=	ossec-*


OSSEC_GROUP=	ossec
OSSEC_USER=	ossec

WAZUHMOD750=	/ /logs/ossec /logs/wazuh /bin /lib /queue /queue/diff /ruleset /ruleset/sca /wodles \
		/active-response /active-response/bin /agentless /var /backup /queue/rids \
		/queue/logcollector /wodles/oscap /wodles/oscap/content

WAZUHMOD770=	/logs /queue/alerts /queue/fim /queue/fim/db /queue/ossec /etc /etc/shared \
		/.ssh /var/run /var/upgrade /var/wodles /var/incoming /queue/ossec/fim \
		/queue/ossec/fim/db /queue/sockets /queue/syscollector /queue/syscollector/db

WAZUHPREFIX=	/var/ossec


	done

do-build:
	@cd ${WRKSRC}/src && ${GMAKE} -j deps && ${GMAKE} TARGET=agent -j

do-install:
	@for mod750 in ${WAZUHMOD750}; do \

	done

	${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp
	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-logcollector ${STAGEDIR}${WAZUHPREFIX}/bin
	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-syscheckd ${STAGEDIR}${WAZUHPREFIX}/bin
	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-execd ${STAGEDIR}${WAZUHPREFIX}/bin
	${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX}/bin
	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFIX}/bin/
	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-agentd ${STAGEDIR}${WAZUHPREFIX}/bin
	${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib
	${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/bin
	${CP} ${WRKSRC}/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/
	${CP} ${WRKSRC}/active-response/firewalls/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/
	${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/
	${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf
	${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf

	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log
	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json
	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-responses.log
	${INSTALL_SCRIPT} ${WRKSRC}/src/init/wazuh-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/wazuh-control
	${INSTALL_SCRIPT} ${WRKSRC}/src/init/ossec-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/ossec-control
	${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/
	${INSTALL_SCRIPT} ${WRKSRC}/src/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/
	${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/
	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap
	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap




TIMESTAMP = 1634050994
SHA256 (wazuh-4.2.3/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1
SIZE (wazuh-4.2.3/cJSON.tar.gz) = 27863
SHA256 (wazuh-4.2.3/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c
SIZE (wazuh-4.2.3/libplist.tar.gz) = 1520623
SHA256 (wazuh-4.2.3/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66
SIZE (wazuh-4.2.3/curl.tar.gz) = 3692998
SHA256 (wazuh-4.2.3/libdb.tar.gz) = 885f01aebcca995bcef48d8dc47acb8c4bd5eab06ec188e76cb5863e4f9b2d9b
SIZE (wazuh-4.2.3/libdb.tar.gz) = 4283467
SHA256 (wazuh-4.2.3/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69
SIZE (wazuh-4.2.3/libffi.tar.gz) = 964576
SHA256 (wazuh-4.2.3/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a
SIZE (wazuh-4.2.3/libyaml.tar.gz) = 424656
SHA256 (wazuh-4.2.3/openssl.tar.gz) = a88f46d7dd7b1a88db1faa94943911bf24a0081f90fd1a28bbf06ad54eeab013
SIZE (wazuh-4.2.3/openssl.tar.gz) = 12936469
SHA256 (wazuh-4.2.3/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07
SIZE (wazuh-4.2.3/procps.tar.gz) = 55897
SHA256 (wazuh-4.2.3/sqlite.tar.gz) = 23e109ee91ed16b4a95b2d361ecfd82820842fc337a80aa8032590b96eebddd2
SIZE (wazuh-4.2.3/sqlite.tar.gz) = 1980218
SHA256 (wazuh-4.2.3/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01
SIZE (wazuh-4.2.3/zlib.tar.gz) = 643568
SHA256 (wazuh-4.2.3/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434
SIZE (wazuh-4.2.3/audit-userspace.tar.gz) = 1682820
SHA256 (wazuh-4.2.3/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2
SIZE (wazuh-4.2.3/msgpack.tar.gz) = 591294
SHA256 (wazuh-4.2.3/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd
SIZE (wazuh-4.2.3/bzip2.tar.gz) = 71277
SHA256 (wazuh-4.2.3/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa
SIZE (wazuh-4.2.3/libpcre2.tar.gz) = 1252173
SHA256 (wazuh-4.2.3/wazuh-wazuh-v4.2.3_GH0.tar.gz) = 8d0accb8d5ec61fc4a43e5a7e31df6234932977d8dee4ffaee8284da32ea34b1
SIZE (wazuh-4.2.3/wazuh-wazuh-v4.2.3_GH0.tar.gz) = 6281351




@info(root,ossec,0750) /var/ossec/active-response/bin/default-firewall-drop.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/disable-account.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/firewalld-drop.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/host-deny.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ip-customblock.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw_mac.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/kaspersky.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/npf.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-slack.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-tweeter.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/pf.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/restart-ossec.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/restart.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/route-null.sh
@info(root,ossec,0750) /var/ossec/agentless/main.exp
@info(root,ossec,0750) /var/ossec/agentless/register_host.sh
@info(root,ossec,0750) /var/ossec/agentless/ssh.exp

@info(root,ossec,0750) /var/ossec/agentless/su.exp
@info(root,root,0750) /var/ossec/bin/agent-auth
@info(root,root,0750) /var/ossec/bin/manage_agents
@info(root,root,0750) /var/ossec/bin/wazuh-agentd
@info(root,root,0750) /var/ossec/bin/wazuh-control
@info(root,root,0750) /var/ossec/bin/wazuh-execd
@info(root,root,0750) /var/ossec/bin/wazuh-logcollector
@info(root,root,0750) /var/ossec/bin/ossec-syscheckd
@info(root,root,0750) /var/ossec/bin/util.sh
@info(root,root,0750) /var/ossec/bin/wazuh-modulesd
@info(root,root,0750) /var/ossec/bin/wazuh-syscheckd
@info(root,ossec,0640) /var/ossec/etc/client.keys
@info(root,ossec,0640) /var/ossec/etc/internal_options.conf
@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf
@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample
@info(root,ossec,0640) /var/ossec/etc/ossec.conf
@info(root,ossec,0660) /var/ossec/etc/shared/cis_apache2224_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_debian_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles11_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles12_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_files.txt
@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_trojans.txt
@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_ssh.txt
@info(root,ossec,0660) /var/ossec/etc/shared/win_applications_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/win_audit_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/win_malware_rcl.txt
@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem
@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so
@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log

@dir(ossec,ossec,0770) /var/ossec/etc
@dir(root,ossec,0750) /var/ossec/lib
@dir(ossec,ossec,0750) /var/ossec/logs/ossec
@dir(ossec,ossec,0750) /var/ossec/logs/wazuh
@dir(ossec,ossec,0770) /var/ossec/logs
@dir(ossec,ossec,0770) /var/ossec/queue/alerts
@dir(ossec,ossec,0750) /var/ossec/queue/diff
@dir(ossec,ossec,0770) /var/ossec/queue/fim/db
@dir(ossec,ossec,0770) /var/ossec/queue/fim
@dir(ossec,ossec,0750) /var/ossec/queue/logcollector
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim/db
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim
@dir(ossec,ossec,0770) /var/ossec/queue/ossec
@dir(ossec,ossec,0750) /var/ossec/queue/rids
@dir(ossec,ossec,0770) /var/ossec/queue/sockets
@dir(ossec,ossec,0770) /var/ossec/queue/syscollector/db
@dir(ossec,ossec,0770) /var/ossec/queue/syscollector
@dir(root,ossec,0750) /var/ossec/queue
@dir(root,ossec,0750) /var/ossec/ruleset/sca
@dir(root,ossec,0750) /var/ossec/ruleset

Return to bug 258983

Lines 1-8 Link Here

(-)b/security/wazuh-agent/Makefile (-20 / +16 lines)
1	PORTNAME= wazuh	1	PORTNAME= wazuh
2	DISTVERSIONPREFIX= v	2	DISTVERSIONPREFIX= v
3	DISTVERSION= 4.1.5	3	DISTVERSION= 4.2.3
4	CATEGORIES= security	4	CATEGORIES= security
5	MASTER_SITES= https://packages.wazuh.com/deps/11/libraries/sources/	5	MASTER_SITES= https://packages.wazuh.com/deps/13/libraries/sources/
6	PKGNAMESUFFIX= -agent	6	PKGNAMESUFFIX= -agent
7	DISTFILES= cJSON.tar.gz libplist.tar.gz curl.tar.gz libdb.tar.gz libffi.tar.gz \	7	DISTFILES= cJSON.tar.gz libplist.tar.gz curl.tar.gz libdb.tar.gz libffi.tar.gz \
8	libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz zlib.tar.gz \	8	libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz zlib.tar.gz \
Lines 19-33 LICENSE_FILE= ${WRKSRC}/LICENSE Link Here
19	BROKEN_aarch64= fails to compile: rootcheck/os_string.c:188:20: use of undeclared identifier '__LDPGSZ'	19	BROKEN_aarch64= fails to compile: rootcheck/os_string.c:188:20: use of undeclared identifier '__LDPGSZ'
20	BROKEN_i386= fails to build external OpenSSL dependency	20	BROKEN_i386= fails to build external OpenSSL dependency
21		21
22	USES= cpe gmake perl5 readline shebangfix uidfix	22	BUILD_DEPENDS= curl:ftp/curl
		23
		24	USES= gmake perl5 readline shebangfix uidfix
23	USE_GITHUB= yes	25	USE_GITHUB= yes
24	USE_RC_SUBR= ${PORTNAME}-agent	26	USE_RC_SUBR= ${PORTNAME}-agent
25		27
26	SHEBANG_FILES= ${WRKSRC}/contrib/util.sh \	28	SHEBANG_FILES= ${WRKSRC}/src/external/openssl/Configurations/unix-checker.pm \
27	${WRKSRC}/src/external/openssl/Configurations/unix-checker.pm \	29	${WRKSRC}/src/init/wazuh-client.sh \
28	${WRKSRC}/src/init/ossec-client.sh \
29	${WRKSRC}/wodles/oscap/oscap.py \	30	${WRKSRC}/wodles/oscap/oscap.py \
30	${WRKSRC}/active-response/*.sh
31		31
32	CONFLICTS_INSTALL= ossec-*	32	CONFLICTS_INSTALL= ossec-*
33		33
Lines 37-49 GROUPS= ossec Link Here
37	OSSEC_GROUP= ossec	37	OSSEC_GROUP= ossec
38	OSSEC_USER= ossec	38	OSSEC_USER= ossec
39		39
40	WAZUHMOD750= / /logs/ossec /bin /lib /queue /queue/diff /ruleset /ruleset/sca /wodles \	40	WAZUHMOD750= / /logs/ossec /logs/wazuh /bin /lib /queue /queue/diff /ruleset /ruleset/sca /wodles \
41	/active-response /active-response/bin /agentless /var /backup /queue/rids \	41	/active-response /active-response/bin /agentless /var /backup /queue/rids \
42	/wodles/oscap /wodles/oscap/content	42	/queue/logcollector /wodles/oscap /wodles/oscap/content
43		43
44	WAZUHMOD770= /logs /queue/alerts /queue/fim /queue/fim/db /queue/ossec /etc /etc/shared \	44	WAZUHMOD770= /logs /queue/alerts /queue/fim /queue/fim/db /queue/ossec /etc /etc/shared \
45	/.ssh /var/run /var/upgrade /var/wodles /var/incoming /queue/ossec/fim \	45	/.ssh /var/run /var/upgrade /var/wodles /var/incoming /queue/ossec/fim \
46	/queue/ossec/fim/db	46	/queue/ossec/fim/db /queue/sockets /queue/syscollector /queue/syscollector/db
47		47
48	WAZUHPREFIX= /var/ossec	48	WAZUHPREFIX= /var/ossec
49		49
Lines 57-63 post-extract: Link Here
57	done	57	done
58		58
59	do-build:	59	do-build:
60	@cd ${WRKSRC}/src && ${GMAKE} TARGET=agent	60	@cd ${WRKSRC}/src && ${GMAKE} -j deps && ${GMAKE} TARGET=agent -j
61		61
62	do-install:	62	do-install:
63	@for mod750 in ${WAZUHMOD750}; do \	63	@for mod750 in ${WAZUHMOD750}; do \
Lines 69-84 do-install: Link Here
69	done	69	done
70		70
71	${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp	71	${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp
72	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-logcollector ${STAGEDIR}${WAZUHPREFIX}/bin	72	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-logcollector ${STAGEDIR}${WAZUHPREFIX}/bin
73	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-syscheckd ${STAGEDIR}${WAZUHPREFIX}/bin	73	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-syscheckd ${STAGEDIR}${WAZUHPREFIX}/bin
74	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-execd ${STAGEDIR}${WAZUHPREFIX}/bin	74	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-execd ${STAGEDIR}${WAZUHPREFIX}/bin
75	${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX}/bin	75	${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX}/bin
76	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFIX}/bin/	76	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFIX}/bin/
77	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-agentd ${STAGEDIR}${WAZUHPREFIX}/bin	77	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-agentd ${STAGEDIR}${WAZUHPREFIX}/bin
78	${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib	78	${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib
79	${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/bin	79	${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/bin
80	${CP} ${WRKSRC}/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/
81	${CP} ${WRKSRC}/active-response/firewalls/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/
82	${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/	80	${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/
83	${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf	81	${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf
84	${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf	82	${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf
Lines 87-96 do-install: Link Here
87	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log	85	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log
88	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json	86	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json
89	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-responses.log	87	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-responses.log
90	${INSTALL_SCRIPT} ${WRKSRC}/contrib/util.sh ${STAGEDIR}${WAZUHPREFIX}/bin/	88	${INSTALL_SCRIPT} ${WRKSRC}/src/init/wazuh-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/wazuh-control
91	${INSTALL_SCRIPT} ${WRKSRC}/src/init/ossec-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/ossec-control
92	${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/	89	${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/
93	${INSTALL_SCRIPT} ${WRKSRC}/src/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/
94	${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/	90	${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/
95	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap	91	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap
96	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap	92	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap

Lines 1-31 Link Here

(-)b/security/wazuh-agent/distinfo (-31 / +31 lines)
1	TIMESTAMP = 1620770195	1	TIMESTAMP = 1634050994
2	SHA256 (wazuh-4.1.5/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1	2	SHA256 (wazuh-4.2.3/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1
3	SIZE (wazuh-4.1.5/cJSON.tar.gz) = 27863	3	SIZE (wazuh-4.2.3/cJSON.tar.gz) = 27863
4	SHA256 (wazuh-4.1.5/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c	4	SHA256 (wazuh-4.2.3/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c
5	SIZE (wazuh-4.1.5/libplist.tar.gz) = 1520623	5	SIZE (wazuh-4.2.3/libplist.tar.gz) = 1520623
6	SHA256 (wazuh-4.1.5/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66	6	SHA256 (wazuh-4.2.3/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66
7	SIZE (wazuh-4.1.5/curl.tar.gz) = 3692998	7	SIZE (wazuh-4.2.3/curl.tar.gz) = 3692998
8	SHA256 (wazuh-4.1.5/libdb.tar.gz) = 885f01aebcca995bcef48d8dc47acb8c4bd5eab06ec188e76cb5863e4f9b2d9b	8	SHA256 (wazuh-4.2.3/libdb.tar.gz) = 885f01aebcca995bcef48d8dc47acb8c4bd5eab06ec188e76cb5863e4f9b2d9b
9	SIZE (wazuh-4.1.5/libdb.tar.gz) = 4283467	9	SIZE (wazuh-4.2.3/libdb.tar.gz) = 4283467
10	SHA256 (wazuh-4.1.5/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69	10	SHA256 (wazuh-4.2.3/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69
11	SIZE (wazuh-4.1.5/libffi.tar.gz) = 964576	11	SIZE (wazuh-4.2.3/libffi.tar.gz) = 964576
12	SHA256 (wazuh-4.1.5/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a	12	SHA256 (wazuh-4.2.3/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a
13	SIZE (wazuh-4.1.5/libyaml.tar.gz) = 424656	13	SIZE (wazuh-4.2.3/libyaml.tar.gz) = 424656
14	SHA256 (wazuh-4.1.5/openssl.tar.gz) = a88f46d7dd7b1a88db1faa94943911bf24a0081f90fd1a28bbf06ad54eeab013	14	SHA256 (wazuh-4.2.3/openssl.tar.gz) = a88f46d7dd7b1a88db1faa94943911bf24a0081f90fd1a28bbf06ad54eeab013
15	SIZE (wazuh-4.1.5/openssl.tar.gz) = 12936469	15	SIZE (wazuh-4.2.3/openssl.tar.gz) = 12936469
16	SHA256 (wazuh-4.1.5/procps.tar.gz) = 87336a7860f5116ac5c5222b6b0d5c892e202ce136947e4776037bb7670ce6e2	16	SHA256 (wazuh-4.2.3/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07
17	SIZE (wazuh-4.1.5/procps.tar.gz) = 55692	17	SIZE (wazuh-4.2.3/procps.tar.gz) = 55897
18	SHA256 (wazuh-4.1.5/sqlite.tar.gz) = 23e109ee91ed16b4a95b2d361ecfd82820842fc337a80aa8032590b96eebddd2	18	SHA256 (wazuh-4.2.3/sqlite.tar.gz) = 23e109ee91ed16b4a95b2d361ecfd82820842fc337a80aa8032590b96eebddd2
19	SIZE (wazuh-4.1.5/sqlite.tar.gz) = 1980218	19	SIZE (wazuh-4.2.3/sqlite.tar.gz) = 1980218
20	SHA256 (wazuh-4.1.5/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01	20	SHA256 (wazuh-4.2.3/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01
21	SIZE (wazuh-4.1.5/zlib.tar.gz) = 643568	21	SIZE (wazuh-4.2.3/zlib.tar.gz) = 643568
22	SHA256 (wazuh-4.1.5/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434	22	SHA256 (wazuh-4.2.3/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434
23	SIZE (wazuh-4.1.5/audit-userspace.tar.gz) = 1682820	23	SIZE (wazuh-4.2.3/audit-userspace.tar.gz) = 1682820
24	SHA256 (wazuh-4.1.5/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2	24	SHA256 (wazuh-4.2.3/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2
25	SIZE (wazuh-4.1.5/msgpack.tar.gz) = 591294	25	SIZE (wazuh-4.2.3/msgpack.tar.gz) = 591294
26	SHA256 (wazuh-4.1.5/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd	26	SHA256 (wazuh-4.2.3/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd
27	SIZE (wazuh-4.1.5/bzip2.tar.gz) = 71277	27	SIZE (wazuh-4.2.3/bzip2.tar.gz) = 71277
28	SHA256 (wazuh-4.1.5/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa	28	SHA256 (wazuh-4.2.3/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa
29	SIZE (wazuh-4.1.5/libpcre2.tar.gz) = 1252173	29	SIZE (wazuh-4.2.3/libpcre2.tar.gz) = 1252173
30	SHA256 (wazuh-4.1.5/wazuh-wazuh-v4.1.5_GH0.tar.gz) = 506161168fc4fdf45988c2e88f9938ac829bb79a441035c9061bf84173c6a179	30	SHA256 (wazuh-4.2.3/wazuh-wazuh-v4.2.3_GH0.tar.gz) = 8d0accb8d5ec61fc4a43e5a7e31df6234932977d8dee4ffaee8284da32ea34b1
31	SIZE (wazuh-4.1.5/wazuh-wazuh-v4.1.5_GH0.tar.gz) = 18380705	31	SIZE (wazuh-4.2.3/wazuh-wazuh-v4.2.3_GH0.tar.gz) = 6281351

Lines 1-18 Link Here

(-)b/security/wazuh-agent/pkg-plist (-42 / +10 lines)
1	@info(root,ossec,0750) /var/ossec/active-response/bin/default-firewall-drop.sh
2	@info(root,ossec,0750) /var/ossec/active-response/bin/disable-account.sh
3	@info(root,ossec,0750) /var/ossec/active-response/bin/firewalld-drop.sh
4	@info(root,ossec,0750) /var/ossec/active-response/bin/host-deny.sh
5	@info(root,ossec,0750) /var/ossec/active-response/bin/ip-customblock.sh
6	@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw.sh
7	@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw_mac.sh
8	@info(root,ossec,0750) /var/ossec/active-response/bin/kaspersky.sh
9	@info(root,ossec,0750) /var/ossec/active-response/bin/npf.sh
10	@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-slack.sh
11	@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-tweeter.sh
12	@info(root,ossec,0750) /var/ossec/active-response/bin/pf.sh
13	@info(root,ossec,0750) /var/ossec/active-response/bin/restart-ossec.sh
14	@info(root,ossec,0750) /var/ossec/active-response/bin/restart.sh
15	@info(root,ossec,0750) /var/ossec/active-response/bin/route-null.sh
16	@info(root,ossec,0750) /var/ossec/agentless/main.exp	1	@info(root,ossec,0750) /var/ossec/agentless/main.exp
17	@info(root,ossec,0750) /var/ossec/agentless/register_host.sh	2	@info(root,ossec,0750) /var/ossec/agentless/register_host.sh
18	@info(root,ossec,0750) /var/ossec/agentless/ssh.exp	3	@info(root,ossec,0750) /var/ossec/agentless/ssh.exp
Lines 27-65 Link Here
27	@info(root,ossec,0750) /var/ossec/agentless/su.exp	12	@info(root,ossec,0750) /var/ossec/agentless/su.exp
28	@info(root,root,0750) /var/ossec/bin/agent-auth	13	@info(root,root,0750) /var/ossec/bin/agent-auth
29	@info(root,root,0750) /var/ossec/bin/manage_agents	14	@info(root,root,0750) /var/ossec/bin/manage_agents
30	@info(root,root,0750) /var/ossec/bin/ossec-agentd	15	@info(root,root,0750) /var/ossec/bin/wazuh-agentd
31	@info(root,root,0750) /var/ossec/bin/ossec-control	16	@info(root,root,0750) /var/ossec/bin/wazuh-control
32	@info(root,root,0750) /var/ossec/bin/ossec-execd	17	@info(root,root,0750) /var/ossec/bin/wazuh-execd
33	@info(root,root,0750) /var/ossec/bin/ossec-logcollector	18	@info(root,root,0750) /var/ossec/bin/wazuh-logcollector
34	@info(root,root,0750) /var/ossec/bin/ossec-syscheckd
35	@info(root,root,0750) /var/ossec/bin/util.sh
36	@info(root,root,0750) /var/ossec/bin/wazuh-modulesd	19	@info(root,root,0750) /var/ossec/bin/wazuh-modulesd
		20	@info(root,root,0750) /var/ossec/bin/wazuh-syscheckd
37	@info(root,ossec,0640) /var/ossec/etc/client.keys	21	@info(root,ossec,0640) /var/ossec/etc/client.keys
38	@info(root,ossec,0640) /var/ossec/etc/internal_options.conf	22	@info(root,ossec,0640) /var/ossec/etc/internal_options.conf
39	@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf	23	@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf
40	@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample	24	@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample
41	@info(root,ossec,0640) /var/ossec/etc/ossec.conf	25	@info(root,ossec,0640) /var/ossec/etc/ossec.conf
42	@info(root,ossec,0660) /var/ossec/etc/shared/cis_apache2224_rcl.txt
43	@info(root,ossec,0660) /var/ossec/etc/shared/cis_debian_linux_rcl.txt
44	@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
45	@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
46	@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
47	@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
48	@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
49	@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel_linux_rcl.txt
50	@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles11_linux_rcl.txt
51	@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles12_linux_rcl.txt
52	@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
53	@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
54	@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
55	@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
56	@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_files.txt
57	@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_trojans.txt
58	@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_rcl.txt
59	@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_ssh.txt
60	@info(root,ossec,0660) /var/ossec/etc/shared/win_applications_rcl.txt
61	@info(root,ossec,0660) /var/ossec/etc/shared/win_audit_rcl.txt
62	@info(root,ossec,0660) /var/ossec/etc/shared/win_malware_rcl.txt
63	@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem	26	@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem
64	@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so	27	@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so
65	@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log	28	@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log
Lines 78-92 Link Here
78	@dir(ossec,ossec,0770) /var/ossec/etc	41	@dir(ossec,ossec,0770) /var/ossec/etc
79	@dir(root,ossec,0750) /var/ossec/lib	42	@dir(root,ossec,0750) /var/ossec/lib
80	@dir(ossec,ossec,0750) /var/ossec/logs/ossec	43	@dir(ossec,ossec,0750) /var/ossec/logs/ossec
		44	@dir(ossec,ossec,0750) /var/ossec/logs/wazuh
81	@dir(ossec,ossec,0770) /var/ossec/logs	45	@dir(ossec,ossec,0770) /var/ossec/logs
82	@dir(ossec,ossec,0770) /var/ossec/queue/alerts	46	@dir(ossec,ossec,0770) /var/ossec/queue/alerts
83	@dir(ossec,ossec,0750) /var/ossec/queue/diff	47	@dir(ossec,ossec,0750) /var/ossec/queue/diff
84	@dir(ossec,ossec,0770) /var/ossec/queue/fim/db	48	@dir(ossec,ossec,0770) /var/ossec/queue/fim/db
85	@dir(ossec,ossec,0770) /var/ossec/queue/fim	49	@dir(ossec,ossec,0770) /var/ossec/queue/fim
		50	@dir(ossec,ossec,0750) /var/ossec/queue/logcollector
86	@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim/db	51	@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim/db
87	@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim	52	@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim
88	@dir(ossec,ossec,0770) /var/ossec/queue/ossec	53	@dir(ossec,ossec,0770) /var/ossec/queue/ossec
89	@dir(ossec,ossec,0750) /var/ossec/queue/rids	54	@dir(ossec,ossec,0750) /var/ossec/queue/rids
		55	@dir(ossec,ossec,0770) /var/ossec/queue/sockets
		56	@dir(ossec,ossec,0770) /var/ossec/queue/syscollector/db
		57	@dir(ossec,ossec,0770) /var/ossec/queue/syscollector
90	@dir(root,ossec,0750) /var/ossec/queue	58	@dir(root,ossec,0750) /var/ossec/queue
91	@dir(root,ossec,0750) /var/ossec/ruleset/sca	59	@dir(root,ossec,0750) /var/ossec/ruleset/sca
92	@dir(root,ossec,0750) /var/ossec/ruleset	60	@dir(root,ossec,0750) /var/ossec/ruleset