Bug 190709 - PATCH: security/ossec-hids-client pkg-plist owner/group fixes + backported patches
Summary: PATCH: security/ossec-hids-client pkg-plist owner/group fixes + backported pa...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Brad Davis
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-06-06 11:59 UTC by Johan Ström
Modified: 2014-07-08 19:54 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johan Ström 2014-06-06 11:59:44 UTC
The ossec-hids-client port did not set owner/group properly on installed files, resulting in an unusable installation which did not start.
The updated pkg-plist.client is based on what InstallAgent.sh does. Permissions are set properly when staged, so no need to explicilty set those in pkg-plist.

In order to track down the problems, I did some bugfixes in the C files as well, more or less backports from master:
- Enable foreground mode in ossec-agentd (More or less https://github.com/ossec/ossec-hids/commit/4390529ea01672562ea33b230ef1ad118991c6c5)
- Fix crash wrong permissinos (https://github.com/ossec/ossec-hids/commit/9152f88ad1af49f1ad78bcaa4751e696254f4a26#diff-b9f5a46d9fc2812729f53e286ce13212)

Note: This problem arised when I upgraded ossec-client-hids from an earlier version, not sure about permissions/owner in earlier installation..

--- ossec-hids.patch begins here ---
--- ossec-hids-client/pkg-plist.client	2014-06-06 13:05:56.851752262 +0200
+++ ossec-hids-client/pkg-plist.client	2014-06-06 13:31:19.523750149 +0200
@@ -1,3 +1,4 @@
+@group ossec
 %%PORTNAME%%/active-response/bin/disable-account.sh
 %%PORTNAME%%/active-response/bin/firewall-drop.sh
 %%PORTNAME%%/active-response/bin/host-deny.sh
@@ -27,7 +28,9 @@
 %%PORTNAME%%/etc/shared/win_applications_rcl.txt
 @sample %%PORTNAME%%/etc/ossec.conf.sample
 %%PORTNAME%%/etc/internal_options.conf
+@owner ossec
 %%PORTNAME%%/logs/ossec.log
+@owner
 %%PORTNAME%%/agentless/main.exp
 %%PORTNAME%%/agentless/sshlogin.exp
 %%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff
@@ -49,11 +52,16 @@
 @dirrmtry %%PORTNAME%%/var
 @dirrmtry %%PORTNAME%%/queue/syscheck
 @dirrmtry %%PORTNAME%%/queue/rids
+@owner ossec
 @dirrmtry %%PORTNAME%%/queue/ossec
 @dirrmtry %%PORTNAME%%/queue/diff
+@owner
 @dirrmtry %%PORTNAME%%/queue/alerts
 @dirrmtry %%PORTNAME%%/queue
 @dirrmtry %%PORTNAME%%/logs
+@owner
 @dirrmtry %%PORTNAME%%/bin
+@owner ossec
 @dirrmtry %%PORTNAME%%/.ssh
+@owner
 @dirrmtry %%PORTNAME%%
--- ossec-hids-server/files/patch-src-client-agent-agentd.c	1970-01-01 01:00:00.000000000 +0100
+++ ossec-hids-server/files/patch-src-client-agent-agentd.c	2014-06-06 12:25:37.760750313 +0200
@@ -0,0 +1,25 @@
+--- src/client-agent/agentd.c	2014-06-06 12:18:18.409751472 +0200
++++ src/client-agent/agentd.c	2014-06-06 12:20:53.693751458 +0200
+@@ -25,7 +25,7 @@
+ /* AgentdStart v0.2, 2005/11/09
+  * Starts the agent daemon.
+  */
+-void AgentdStart(char *dir, int uid, int gid, char *user, char *group)
++void AgentdStart(char *dir, int uid, int gid, char *user, char *group, int run_foreground)
+ {
+     int rc = 0;
+     int pid = 0;
+@@ -39,9 +39,10 @@
+     /* Going daemon */
+     pid = getpid();
+     available_server = 0;
+-    nowDaemon();
+-    goDaemon();
+-
++    if(!run_foreground) {
++        nowDaemon();
++        goDaemon();
++   }
+ 
+     /* Setting group ID */
+     if(Privsep_SetGroup(gid) < 0)
--- ossec-hids-server/files/patch-src-client-agent-agentd.h	1970-01-01 01:00:00.000000000 +0100
+++ ossec-hids-server/files/patch-src-client-agent-agentd.h	2014-06-06 12:32:14.076752208 +0200
@@ -0,0 +1,11 @@
+--- src/client-agent/agentd.h 12:31:27.988751899 +0200
++++ src/client-agent/agentd.h	2014-06-06 12:31:46.085753047 +0200
+@@ -29,7 +29,7 @@
+ int ClientConf(char *cfgfile);
+ 
+ /* Agentd init function */
+-void AgentdStart(char *dir, int uid, int gid, char *user, char *group);
++void AgentdStart(char *dir, int uid, int gid, char *user, char *group, int run_foreground);
+ 
+ /* Event Forwarder */
+ void *EventForward();
--- ossec-hids-server/files/patch-src-client-agent-main.c	1970-01-01 01:00:00.000000000 +0100
+++ ossec-hids-server/files/patch-src-client-agent-main.c	2014-06-06 12:28:18.809751993 +0200
@@ -0,0 +1,39 @@
+--- src/client-agent/main.c	2014-06-06 12:26:41.849751148 +0200
++++ src/client-agent/main.c	2014-06-06 12:18:11.004752087 +0200
+@@ -35,7 +35,7 @@
+ int main(int argc, char **argv)
+ {
+     int c = 0;
+-    int test_config = 0;
++    int test_config = 0,run_foreground = 0;
+ 
+     char *dir = DEFAULTDIR;
+     char *user = USER;
+@@ -49,7 +49,7 @@
+     OS_SetName(ARGV0);
+ 
+ 
+-    while((c = getopt(argc, argv, "Vtdhu:g:D:")) != -1){
++    while((c = getopt(argc, argv, "Vtdhfu:g:D:")) != -1){
+         switch(c){
+             case 'V':
+                 print_version();
+@@ -60,6 +60,9 @@
+             case 'd':
+                 nowDebug();
+                 break;
++            case 'f':
++                run_foreground = 1;
++                break;
+             case 'u':
+                 if(!optarg)
+                     ErrorExit("%s: -u needs an argument",ARGV0);
+@@ -130,7 +133,7 @@
+ 
+ 
+     /* Agentd Start */
+-    AgentdStart(dir, uid, gid, user, group);
++    AgentdStart(dir, uid, gid, user, group, run_foreground);
+ 
+ 
+     return(0);
--- ossec-hids-server/files/patch-src-os_crypto-shared-msgs.c	1970-01-01 01:00:00.000000000 +0100
+++ ossec-hids-server/files/patch-src-os_crypto-shared-msgs.c	2014-06-06 12:52:23.606139979 +0200
@@ -0,0 +1,11 @@
+--- src/os_crypto/shared/msgs.c	2014-06-06 12:51:28.955750160 +0200
++++ src/os_crypto/shared/msgs.c	2014-06-06 12:51:37.334750679 +0200
+@@ -86,7 +86,7 @@
+                 int my_error = errno;
+ 
+                 /* Just in case we run out of file descriptiors */
+-                if((keys->keyentries[i -1]->fp) && (i > 10))
++                if((i > 10) && (keys->keyentries[i -1]->fp))
+                 {
+                     fclose(keys->keyentries[i -1]->fp);
+ 
--- ossec-hids.patch ends here ---
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2014-06-09 07:14:34 UTC
Over to maintainer.
Comment 2 Brad Davis freebsd_committer 2014-07-08 19:54:14 UTC
Fixed in r361282, thanks for the submission!