Index: head/security/ossec-hids-server/Makefile =================================================================== --- head/security/ossec-hids-server/Makefile (revision 413753) +++ head/security/ossec-hids-server/Makefile (revision 413754) @@ -1,121 +1,146 @@ # Created by: Valerio Daelli # $FreeBSD$ PORTNAME= ossec-hids -PORTVERSION= 2.8.2 +PORTVERSION= 2.8.3 +DISTVERSIONPREFIX= v PORTREVISION?= 0 CATEGORIES= security USE_GITHUB= yes GH_ACCOUNT= ossec PKGNAMESUFFIX= -server MAINTAINER= brd@FreeBSD.org COMMENT?= Security tool to monitor and check logs and intrusions USE_RC_SUBR= ossec-hids CFLAGS+= -ferror-limit=0 USES= readline USE_OPENSSL= yes .if defined(MAINTAINER_MODE) UID_FILES+= ../../UIDs GID_FILES+= ../../GIDs .endif USERS= ossec ossecm ossecr GROUPS= ossec .if !defined(CLIENT_ONLY) OPTIONS_DEFINE= MYSQL PGSQL + +MYSQL_VARS= WITH_DB=yes +MYSQL_USE= MYSQL=client +MYSQL_PORTDOCS= mysql.schema + +PGSQL_VARS= WITH_DB=yes +PGSQL_USES= pgsql +PGSQL_PORTDOCS= postgresql.schema + +RUN_DEPENDS= expect:lang/expect + +USES+= shebangfix +SHEBANG_LANG= expect +expect_OLD_CMD= "/usr/bin/env expect" +expect_CMD= ${LOCALBASE}/bin/expect +SHEBANG_FILES= src/agentlessd/scripts/main.exp \ + src/agentlessd/scripts/ssh.exp \ + src/agentlessd/scripts/ssh_asa-fwsmconfig_diff \ + src/agentlessd/scripts/ssh_foundry_diff \ + src/agentlessd/scripts/ssh_generic_diff \ + src/agentlessd/scripts/ssh_integrity_check_bsd \ + src/agentlessd/scripts/ssh_integrity_check_linux \ + src/agentlessd/scripts/ssh_nopass.exp \ + src/agentlessd/scripts/ssh_pixconfig_diff \ + src/agentlessd/scripts/sshlogin.exp \ + src/agentlessd/scripts/su.exp .endif OPTIONS_DEFINE+= DOCS SUB_LIST= PORTNAME=${PORTNAME} SUB_FILES= pkg-message PLIST_SUB= PORTNAME=${PORTNAME} -PORTDOCS= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE +DOCSFILES= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE +PORTDOCS= ${DOCSFILES} .include -.if !defined(CLIENT_ONLY) -.if ${PORT_OPTIONS:MMYSQL} -WITH_DB= yes -USE_MYSQL= client -.endif -.if ${PORT_OPTIONS:MPGSQL} -WITH_DB= yes -USES+= pgsql -.endif -.endif - STRIP_FILES= ossec-luac agent_control ossec-lua ossec-dbd ossec-regex ossec-monitord ossec-makelists verify-agent-conf ossec-analysisd ossec-agentlessd syscheck_control ossec-execd manage_agents ossec-csyslogd ossec-syscheckd ossec-logtest ossec-authd ossec-logcollector list_agents ossec-maild clear_stats ossec-remoted ossec-reportd rootcheck_control syscheck_update .if defined(CLIENT_ONLY) SUB_LIST+= PRECMD=: PKGNAMESUFFIX= -client -CONFLICTS= ossec-hids-server-[0-9]* ossec-hids-local-[0-9]* +CONFLICTS_INSTALL= ossec-hids-server-[0-9]* ossec-hids-local-[0-9]* STRIP_FILES= agent-auth manage_agents ossec-agentd ossec-execd ossec-logcollector ossec-lua ossec-luac ossec-syscheckd .elif defined(LOCAL_ONLY) SUB_LIST+= PRECMD=ossechids_start_precmd PKGNAMESUFFIX= -local -CONFLICTS= ossec-hids-client-[0-9]* ossec-hids-server-[0-9]* +CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-server-[0-9]* .else SUB_LIST+= PRECMD=ossechids_start_precmd -CONFLICTS= ossec-hids-client-[0-9]* ossec-hids-local-[0-9]* +CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-local-[0-9]* .endif post-patch: @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/headers/defs.h @${ECHO} "DIR=\"${STAGEDIR}${PREFIX}/${PORTNAME}\"" > ${WRKSRC}/src/LOCATION @${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \ -e 's|-lreadline|& ${LDFLAGS}|' \ ${WRKSRC}/src/external/lua-5.2.3/src/Makefile do-build: .if defined(WITH_DB) .if defined(CLIENT_ONLY) @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build .elif defined(LOCAL_ONLY) @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build .else @cd ${WRKSRC}/src;${MAKE} setdb;${MAKE} all;${MAKE} build .endif .else .if defined(CLIENT_ONLY) @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build; \ ${MAKE} unsetdb .elif defined(LOCAL_ONLY) @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build; \ ${MAKE} unsetdb .else @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build;${MAKE} unsetdb .endif .endif do-install: .if defined(CLIENT_ONLY) @cd ${WRKSRC}/src; ${MAKE} agent .elif defined(LOCAL_ONLY) @cd ${WRKSRC}/src; ${MAKE} local .else @cd ${WRKSRC}/src; ${MAKE} server .endif @${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc .for file in ${STRIP_FILES} ${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file} .endfor .if defined(CLIENT_ONLY) @${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample .elif defined(LOCAL_ONLY) ${CP} ${WRKSRC}/etc/ossec-local.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample .else ${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample .endif post-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} - @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} + @cd ${WRKSRC} && ${INSTALL_DATA} ${DOCSFILES} ${STAGEDIR}${DOCSDIR} + +post-install-MYSQL-on: + @${MKDIR} ${STAGEDIR}${DOCSDIR} + @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/mysql.schema ${STAGEDIR}${DOCSDIR} + +post-install-PGSQL-on: + @${MKDIR} ${STAGEDIR}${DOCSDIR} + @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/postgresql.schema ${STAGEDIR}${DOCSDIR} .include Index: head/security/ossec-hids-server/distinfo =================================================================== --- head/security/ossec-hids-server/distinfo (revision 413753) +++ head/security/ossec-hids-server/distinfo (revision 413754) @@ -1,2 +1,2 @@ -SHA256 (ossec-ossec-hids-2.8.2_GH0.tar.gz) = 61e0892175a79fe119c8bab886cd41fcc3be9b84526600b06c18fa178a59cb34 -SIZE (ossec-ossec-hids-2.8.2_GH0.tar.gz) = 1635142 +SHA256 (ossec-ossec-hids-v2.8.3_GH0.tar.gz) = 917989e23330d18b0d900e8722392cdbe4f17364a547508742c0fd005a1df7dd +SIZE (ossec-ossec-hids-v2.8.3_GH0.tar.gz) = 1642095 Index: head/security/ossec-hids-server/files/ossec-hids.in =================================================================== --- head/security/ossec-hids-server/files/ossec-hids.in (revision 413753) +++ head/security/ossec-hids-server/files/ossec-hids.in (revision 413754) @@ -1,52 +1,65 @@ #!/bin/sh # # PROVIDE: ossechids # REQUIRE: DAEMON # BEFORE: LOGIN # KEYWORD: shutdown . /etc/rc.subr name="ossechids" rcvar=ossechids_enable load_rc_config $name : ${ossechids_enable="NO"} : ${ossechids_user="ossec"} : ${ossechids_group="ossec"} start_precmd=%%PRECMD%% start_cmd="ossechids_command start" stop_cmd="ossechids_command stop" restart_cmd="ossechids_command restart" status_cmd="ossechids_command status" +reload_cmd="ossechids_command reload" command="%%PREFIX%%/%%PORTNAME%%/bin/ossec-control" required_files="%%PREFIX%%/%%PORTNAME%%/etc/ossec.conf" +extra_commands="reload" fts_queue=%%PREFIX%%/%%PORTNAME%%/queue/fts/fts-queue ig_queue=%%PREFIX%%/%%PORTNAME%%/queue/fts/ig-queue +ossec_log=%%PREFIX%%/%%PORTNAME%%/logs/ossec.log +active_responses_log=%%PREFIX%%/%%PORTNAME%%/logs/active-responses.log ossechids_start_precmd() { # These files are not created by the daemons with the correct # ownership, so create them here before starting up the system, # if they don't already exist. This is only done for the "local" and # "server" installation types. if [ ! -e ${fts_queue} ]; then touch ${fts_queue} chown ${ossechids_user}:${ossechids_group} ${fts_queue} chmod 640 ${fts_queue} fi if [ ! -e ${ig_queue} ]; then touch ${ig_queue} chown ${ossechids_user}:${ossechids_group} ${ig_queue} chmod 640 ${ig_queue} fi + + # Ensure logfiles are created with the correct ownership and mode + for log in ${ossec_log} ${active_responses_log}; do + if [ ! -e ${log} ]; then + touch ${log} + chown ${ossechids_user}:${ossechids_group} ${log} + chmod 660 ${log} + fi + done } ossechids_command() { ${command} ${rc_arg} } run_rc_command "$1" Index: head/security/ossec-hids-server/files/patch-src__InstallAgent.sh =================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallAgent.sh (revision 413753) +++ head/security/ossec-hids-server/files/patch-src__InstallAgent.sh (revision 413754) @@ -1,123 +1,123 @@ ---- src/InstallAgent.sh.orig 2015-06-10 15:38:32 UTC +--- src/InstallAgent.sh.orig 2015-10-12 21:21:06 UTC +++ src/InstallAgent.sh @@ -37,11 +37,11 @@ fi # Creating groups/users if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then - grep "^${USER}" /etc/passwd > /dev/null 2>&1 - if [ ! $? = 0 ]; then - /usr/sbin/pw groupadd ${GROUP} - /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} - fi + #grep "^${USER}" /etc/passwd > /dev/null 2>&1 + #if [ ! $? = 0 ]; then + #/usr/sbin/pw groupadd ${GROUP} + #/usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} + #fi elif [ "$UNAME" = "SunOS" ]; then grep "^${USER}" /etc/passwd > /dev/null 2>&1 @@ -106,22 +106,17 @@ for i in ${subdirs}; do done # Default for all directories -chmod -R 550 ${DIR} -chown -R root:${GROUP} ${DIR} +chmod -R 750 ${DIR} # To the ossec queue (default for agentd to read) -chown -R ${USER}:${GROUP} ${DIR}/queue/ossec chmod -R 770 ${DIR}/queue/ossec # For the logging user -chown -R ${USER}:${GROUP} ${DIR}/logs chmod -R 750 ${DIR}/logs chmod -R 775 ${DIR}/queue/rids touch ${DIR}/logs/ossec.log -chown ${USER}:${GROUP} ${DIR}/logs/ossec.log chmod 664 ${DIR}/logs/ossec.log -chown -R ${USER}:${GROUP} ${DIR}/queue/diff chmod -R 750 ${DIR}/queue/diff chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 -@@ -129,8 +124,7 @@ chmod 740 ${DIR}/queue/diff/* > /dev/nul +@@ -131,8 +126,7 @@ chmod 1550 ${DIR}/tmp # For the etc dir -chmod 550 ${DIR}/etc -chown -R root:${GROUP} ${DIR}/etc +chmod 750 ${DIR}/etc ls /etc/localtime > /dev/null 2>&1 if [ $? = 0 ]; then -@@ -142,13 +136,11 @@ if [ "$UNAME" = "SunOS" ]; then +@@ -144,13 +138,11 @@ if [ "$UNAME" = "SunOS" ]; then mkdir -p ${DIR}/usr/share/lib/zoneinfo/ chmod -R 555 ${DIR}/usr/ cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ - chown -R root:${GROUP} ${DIR}/usr/ fi ls /etc/TIMEZONE > /dev/null 2>&1 if [ $? = 0 ]; then cp -p /etc/TIMEZONE ${DIR}/etc/; - chown root:${GROUP} ${DIR}/etc/TIMEZONE chmod 555 ${DIR}/etc/TIMEZONE fi -@@ -168,25 +160,17 @@ cp -pr ../etc/local_internal_options.con +@@ -170,25 +162,17 @@ cp -pr ../etc/local_internal_options.con cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 cp -pr agentlessd/scripts/* ${DIR}/agentless/ -chown root:${GROUP} ${DIR}/etc/internal_options.conf -chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 -chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 -chown root:${GROUP} ${DIR}/agentless/* -chown ${USER}:${GROUP} ${DIR}/.ssh -chown -R root:${GROUP} ${DIR}/etc/shared - -chmod 550 ${DIR}/etc +chmod 750 ${DIR}/etc chmod 440 ${DIR}/etc/internal_options.conf chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1 chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it -chmod 550 ${DIR}/agentless/* +chmod 750 ${DIR}/agentless/* chmod 700 ${DIR}/.ssh # For the /var/run chmod 770 ${DIR}/var/run -chown root:${GROUP} ${DIR}/var/run # Moving the binary files -@@ -200,7 +184,6 @@ cp -pr addagent/manage_agents ${DIR}/bin +@@ -202,7 +186,6 @@ cp -pr addagent/manage_agents ${DIR}/bin cp -pr ../contrib/util.sh ${DIR}/bin/ cp -pr external/lua/src/ossec-lua ${DIR}/bin/ cp -pr external/lua/src/ossec-luac ${DIR}/bin/ -chown root:${GROUP} ${DIR}/bin/util.sh chmod +x ${DIR}/bin/util.sh # Copying active response modules -@@ -208,10 +191,8 @@ sh ./init/fw-check.sh execute > /dev/nul +@@ -210,10 +193,8 @@ sh ./init/fw-check.sh execute > /dev/nul cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ chmod 755 ${DIR}/active-response/bin/* -chown root:${GROUP} ${DIR}/active-response/bin/* -chown root:${GROUP} ${DIR}/bin/* -chmod 550 ${DIR}/bin/* +chmod 750 ${DIR}/bin/* # Moving the config file -@@ -227,7 +208,6 @@ if [ $? = 0 ]; then +@@ -229,7 +210,6 @@ if [ $? = 0 ]; then else cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf fi -chown root:${GROUP} ${DIR}/etc/ossec.conf chmod 440 ${DIR}/etc/ossec.conf Index: head/security/ossec-hids-server/files/patch-src__InstallServer.sh =================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallServer.sh (revision 413753) +++ head/security/ossec-hids-server/files/patch-src__InstallServer.sh (revision 413754) @@ -1,204 +1,208 @@ ---- src/InstallServer.sh.orig 2015-06-10 15:38:32 UTC +--- src/InstallServer.sh.orig 2015-10-12 21:21:06 UTC +++ src/InstallServer.sh @@ -44,13 +44,13 @@ fi # Creating groups/users if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then - grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 - if [ ! $? = 0 ]; then - /usr/sbin/pw groupadd ${GROUP} - /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} - /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP} - /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP} - fi +# grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 +# if [ ! $? = 0 ]; then +# /usr/sbin/pw groupadd ${GROUP} +# /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} +# /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP} +# /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP} +# fi elif [ "$UNAME" = "SunOS" ]; then grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 -@@ -121,63 +121,47 @@ for i in ${subdirs}; do +@@ -121,66 +121,49 @@ for i in ${subdirs}; do done # Default for all directories -chmod 550 ${DIR} -chmod 550 ${DIR}/* -chown root:${GROUP} ${DIR} -chown root:${GROUP} ${DIR}/* +chmod 750 ${DIR} +chmod 750 ${DIR}/* # AnalysisD needs to write to alerts: log, mail and cmds -chown -R ${USER}:${GROUP} ${DIR}/queue/alerts chmod -R 770 ${DIR}/queue/alerts # To the ossec queue (default for analysisd to read) -chown -R ${USER}:${GROUP} ${DIR}/queue/ossec chmod -R 770 ${DIR}/queue/ossec # To the ossec fts queue -chown -R ${USER}:${GROUP} ${DIR}/queue/fts chmod -R 750 ${DIR}/queue/fts chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1 # To the ossec syscheck/rootcheck queue -chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck chmod -R 750 ${DIR}/queue/syscheck chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1 -chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck chmod -R 750 ${DIR}/queue/rootcheck chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1 -chown ${USER}:${GROUP} ${DIR}/queue/diff -chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1 chmod 750 ${DIR}/queue/diff chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 -chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info chmod -R 750 ${DIR}/queue/agent-info chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1 -chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids chmod -R 750 ${DIR}/queue/rids chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1 -chown -R ${USER}:${GROUP} ${DIR}/queue/agentless chmod -R 750 ${DIR}/queue/agentless chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1 +-chown -R root:${GROUP} ${DIR}/tmp +-chmod 1550 ${DIR}/tmp ++chmod 1750 ${DIR}/tmp + # For the stats directory -chown -R ${USER}:${GROUP} ${DIR}/stats chmod -R 750 ${DIR}/stats # For the logging user -chown -R ${USER}:${GROUP} ${DIR}/logs chmod -R 750 ${DIR}/logs touch ${DIR}/logs/ossec.log -chown ${USER}:${GROUP} ${DIR}/logs/ossec.log chmod 660 ${DIR}/logs/ossec.log touch ${DIR}/logs/active-responses.log -chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log chmod 660 ${DIR}/logs/active-responses.log # For the rules directory -@@ -195,7 +179,7 @@ if [ $? = 0 ]; then +@@ -198,7 +181,7 @@ if [ $? = 0 ]; then fi fi -cp -pr ../etc/rules/* ${DIR}/rules/ +cp -pr ../etc/rules/*.xml ${DIR}/rules/ find ${DIR}/rules/ -type f -exec chmod 440 {} \; # If the local_rules is saved, moved it back -@@ -204,37 +188,33 @@ if [ $? = 0 ]; then +@@ -207,37 +190,33 @@ if [ $? = 0 ]; then mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml fi -chown -R root:${GROUP} ${DIR}/rules -chmod -R 550 ${DIR}/rules +chmod -R 750 ${DIR}/rules # For the etc dir -chmod 550 ${DIR}/etc -chown -R root:${GROUP} ${DIR}/etc +chmod 750 ${DIR}/etc ls /etc/localtime > /dev/null 2>&1 if [ $? = 0 ]; then cp -pL /etc/localtime ${DIR}/etc/; chmod 440 ${DIR}/etc/localtime - chown root:${GROUP} ${DIR}/etc/localtime fi # Solaris Needs some extra files if [ "$UNAME" = "SunOS" ]; then mkdir -p ${DIR}/usr/share/lib/zoneinfo/ - chmod -R 550 ${DIR}/usr/ + chmod -R 750 ${DIR}/usr/ cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ fi ls /etc/TIMEZONE > /dev/null 2>&1 if [ $? = 0 ]; then cp -p /etc/TIMEZONE ${DIR}/etc/; - chmod 550 ${DIR}/etc/TIMEZONE + chmod 750 ${DIR}/etc/TIMEZONE fi # For the /var/run chmod 770 ${DIR}/var/run -chown root:${GROUP} ${DIR}/var/run # Moving the binary files cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \ -@@ -257,7 +237,6 @@ cp -pr util/rootcheck_control ${DIR}/bin +@@ -260,7 +239,6 @@ cp -pr util/rootcheck_control ${DIR}/bin cp -pr external/lua/src/ossec-lua ${DIR}/bin/ cp -pr external/lua/src/ossec-luac ${DIR}/bin/ cp -pr ../contrib/util.sh ${DIR}/bin/ -chown root:${GROUP} ${DIR}/bin/util.sh chmod +x ${DIR}/bin/util.sh # Local install chosen -@@ -287,23 +266,15 @@ fi +@@ -290,23 +268,15 @@ fi cp -pr ../etc/internal_options.conf ${DIR}/etc/ cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/ -chown root:${GROUP} ${DIR}/etc/decoder.xml -chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 -chown root:${GROUP} ${DIR}/etc/internal_options.conf -chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 -chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1 -chown root:${GROUP} ${DIR}/etc/shared/* -chown root:${GROUP} ${DIR}/agentless/* -chown ${USER}:${GROUP} ${DIR}/.ssh chmod 440 ${DIR}/etc/decoder.xml chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 chmod 440 ${DIR}/etc/internal_options.conf chmod 440 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 -chmod 550 ${DIR}/etc +chmod 750 ${DIR}/etc chmod 770 ${DIR}/etc/shared chmod 440 ${DIR}/etc/shared/* -chmod 550 ${DIR}/agentless/* +chmod 750 ${DIR}/agentless/* rm ${DIR}/etc/shared/merged.mg >/dev/null 2>&1 chmod 700 ${DIR}/.ssh -@@ -313,11 +284,9 @@ sh ./init/fw-check.sh execute > /dev/nul +@@ -316,11 +286,9 @@ sh ./init/fw-check.sh execute > /dev/nul cp -p ../active-response/*.sh ${DIR}/active-response/bin/ cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ -chmod 550 ${DIR}/active-response/bin/* -chown root:${GROUP} ${DIR}/active-response/bin/* +chmod 750 ${DIR}/active-response/bin/* -chown root:${GROUP} ${DIR}/bin/* -chmod 550 ${DIR}/bin/* +chmod 750 ${DIR}/bin/* # Moving the config file -@@ -328,12 +297,11 @@ fi +@@ -331,12 +299,11 @@ fi ls ../etc/ossec.mc > /dev/null 2>&1 if [ $? = 0 ]; then - cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf + cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf.sample else - cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf + cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf.sample fi -chown root:${GROUP} ${DIR}/etc/ossec.conf -chmod 440 ${DIR}/etc/ossec.conf +chmod 640 ${DIR}/etc/ossec.conf.sample Index: head/security/ossec-hids-server/files/patch-src__LOCATION =================================================================== --- head/security/ossec-hids-server/files/patch-src__LOCATION (revision 413753) +++ head/security/ossec-hids-server/files/patch-src__LOCATION (revision 413754) @@ -1,5 +1,5 @@ ---- ./src/LOCATION.orig 2014-05-22 07:10:57.000000000 -0600 -+++ ./src/LOCATION 2014-07-13 15:24:45.561388082 -0600 +--- src/LOCATION.orig 2015-10-12 21:21:06 UTC ++++ src/LOCATION @@ -1 +1 @@ -DIR="/var/ossec" -+DIR="/usr/local/poudriere/ports/svn/security/ossec-hids-server/work/stage/usr/local/ossec-hids" ++DIR="/usr/ports/security/ossec-hids-server/work/stage/usr/local/ossec-hids" Index: head/security/ossec-hids-server/files/patch-src__headers__defs.h =================================================================== --- head/security/ossec-hids-server/files/patch-src__headers__defs.h (revision 413753) +++ head/security/ossec-hids-server/files/patch-src__headers__defs.h (revision 413754) @@ -1,11 +1,11 @@ ---- ./src/headers/defs.h.orig 2014-05-22 07:10:57.000000000 -0600 -+++ ./src/headers/defs.h 2014-07-13 15:24:45.559389869 -0600 -@@ -98,7 +98,7 @@ +--- src/headers/defs.h.orig 2015-10-12 21:21:06 UTC ++++ src/headers/defs.h +@@ -98,7 +98,7 @@ http://www.ossec.net/main/license/\n" #endif #ifndef DEFAULTDIR - #define DEFAULTDIR "/var/ossec" + #define DEFAULTDIR "/usr/local/ossec-hids" #endif Index: head/security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema =================================================================== --- head/security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema (nonexistent) +++ head/security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema (revision 413754) @@ -0,0 +1,11 @@ +--- src/os_dbd/mysql.schema.orig 2015-10-12 21:21:06 UTC ++++ src/os_dbd/mysql.schema +@@ -45,7 +45,7 @@ CREATE TABLE server + last_contact INT UNSIGNED NOT NULL, + version VARCHAR(32) NOT NULL, + hostname VARCHAR(64) NOT NULL UNIQUE, +- information VARCHAR(128) NOT NULL, ++ information TEXT NOT NULL, + PRIMARY KEY (id) + ); + Property changes on: head/security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema =================================================================== --- head/security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema (nonexistent) +++ head/security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema (revision 413754) @@ -0,0 +1,11 @@ +--- src/os_dbd/postgresql.schema.orig 2015-10-12 21:21:06 UTC ++++ src/os_dbd/postgresql.schema +@@ -47,7 +47,7 @@ CREATE TABLE server + last_contact INT8 NOT NULL, + version VARCHAR(32) NOT NULL, + hostname VARCHAR(64) NOT NULL UNIQUE, +- information VARCHAR(128) NOT NULL, ++ information TEXT NOT NULL, + PRIMARY KEY (id) + ); + Property changes on: head/security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/security/ossec-hids-server/pkg-plist =================================================================== --- head/security/ossec-hids-server/pkg-plist (revision 413753) +++ head/security/ossec-hids-server/pkg-plist (revision 413754) @@ -1,170 +1,166 @@ %%PORTNAME%%/active-response/bin/disable-account.sh %%PORTNAME%%/active-response/bin/firewall-drop.sh %%PORTNAME%%/active-response/bin/host-deny.sh %%PORTNAME%%/active-response/bin/ip-customblock.sh %%PORTNAME%%/active-response/bin/ipfw_mac.sh %%PORTNAME%%/active-response/bin/ipfw.sh %%PORTNAME%%/active-response/bin/ossec-tweeter.sh %%PORTNAME%%/active-response/bin/pf.sh %%PORTNAME%%/active-response/bin/restart-ossec.sh %%PORTNAME%%/active-response/bin/route-null.sh %%PORTNAME%%/bin/agent_control %%PORTNAME%%/bin/clear_stats %%PORTNAME%%/bin/list_agents %%PORTNAME%%/bin/manage_agents %%PORTNAME%%/bin/ossec-agentlessd %%PORTNAME%%/bin/ossec-analysisd %%PORTNAME%%/bin/ossec-authd %%PORTNAME%%/bin/ossec-control %%PORTNAME%%/bin/ossec-csyslogd %%PORTNAME%%/bin/ossec-dbd %%PORTNAME%%/bin/ossec-execd %%PORTNAME%%/bin/ossec-logcollector %%PORTNAME%%/bin/ossec-logtest %%PORTNAME%%/bin/ossec-lua %%PORTNAME%%/bin/ossec-luac %%PORTNAME%%/bin/ossec-maild %%PORTNAME%%/bin/ossec-makelists %%PORTNAME%%/bin/ossec-monitord %%PORTNAME%%/bin/ossec-regex %%PORTNAME%%/bin/ossec-remoted %%PORTNAME%%/bin/ossec-reportd %%PORTNAME%%/bin/ossec-syscheckd %%PORTNAME%%/bin/rootcheck_control %%PORTNAME%%/bin/syscheck_control %%PORTNAME%%/bin/syscheck_update %%PORTNAME%%/bin/util.sh %%PORTNAME%%/bin/verify-agent-conf @group ossec %%PORTNAME%%/etc/decoder.xml %%PORTNAME%%/etc/internal_options.conf @sample %%PORTNAME%%/etc/ossec.conf.sample %%PORTNAME%%/etc/shared/rootkit_files.txt %%PORTNAME%%/etc/shared/rootkit_trojans.txt %%PORTNAME%%/etc/shared/system_audit_rcl.txt %%PORTNAME%%/etc/shared/win_applications_rcl.txt %%PORTNAME%%/etc/shared/win_audit_rcl.txt %%PORTNAME%%/etc/shared/win_malware_rcl.txt %%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt %%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt %%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt -@owner ossec -@mode 660 -%%PORTNAME%%/logs/active-responses.log -%%PORTNAME%%/logs/ossec.log @owner @group @mode %%PORTNAME%%/rules/apache_rules.xml %%PORTNAME%%/rules/arpwatch_rules.xml %%PORTNAME%%/rules/asterisk_rules.xml %%PORTNAME%%/rules/attack_rules.xml %%PORTNAME%%/rules/cimserver_rules.xml %%PORTNAME%%/rules/cisco-ios_rules.xml %%PORTNAME%%/rules/clam_av_rules.xml %%PORTNAME%%/rules/courier_rules.xml %%PORTNAME%%/rules/dovecot_rules.xml %%PORTNAME%%/rules/dropbear_rules.xml %%PORTNAME%%/rules/firewall_rules.xml %%PORTNAME%%/rules/ftpd_rules.xml %%PORTNAME%%/rules/hordeimp_rules.xml %%PORTNAME%%/rules/ids_rules.xml %%PORTNAME%%/rules/imapd_rules.xml %%PORTNAME%%/rules/local_rules.xml %%PORTNAME%%/rules/mailscanner_rules.xml %%PORTNAME%%/rules/mcafee_av_rules.xml %%PORTNAME%%/rules/ms-exchange_rules.xml %%PORTNAME%%/rules/ms-se_rules.xml %%PORTNAME%%/rules/ms_dhcp_rules.xml %%PORTNAME%%/rules/ms_ftpd_rules.xml %%PORTNAME%%/rules/msauth_rules.xml %%PORTNAME%%/rules/mysql_rules.xml %%PORTNAME%%/rules/named_rules.xml %%PORTNAME%%/rules/netscreenfw_rules.xml %%PORTNAME%%/rules/nginx_rules.xml %%PORTNAME%%/rules/openbsd_rules.xml %%PORTNAME%%/rules/ossec_rules.xml %%PORTNAME%%/rules/pam_rules.xml %%PORTNAME%%/rules/php_rules.xml %%PORTNAME%%/rules/pix_rules.xml %%PORTNAME%%/rules/policy_rules.xml %%PORTNAME%%/rules/postfix_rules.xml %%PORTNAME%%/rules/postgresql_rules.xml %%PORTNAME%%/rules/proftpd_rules.xml %%PORTNAME%%/rules/pure-ftpd_rules.xml %%PORTNAME%%/rules/racoon_rules.xml %%PORTNAME%%/rules/roundcube_rules.xml %%PORTNAME%%/rules/rules_config.xml %%PORTNAME%%/rules/sendmail_rules.xml %%PORTNAME%%/rules/smbd_rules.xml %%PORTNAME%%/rules/solaris_bsm_rules.xml %%PORTNAME%%/rules/sonicwall_rules.xml %%PORTNAME%%/rules/spamd_rules.xml %%PORTNAME%%/rules/squid_rules.xml %%PORTNAME%%/rules/sshd_rules.xml %%PORTNAME%%/rules/symantec-av_rules.xml %%PORTNAME%%/rules/symantec-ws_rules.xml %%PORTNAME%%/rules/syslog_rules.xml %%PORTNAME%%/rules/telnetd_rules.xml %%PORTNAME%%/rules/trend-osce_rules.xml %%PORTNAME%%/rules/vmpop3d_rules.xml %%PORTNAME%%/rules/vmware_rules.xml %%PORTNAME%%/rules/vpn_concentrator_rules.xml %%PORTNAME%%/rules/vpopmail_rules.xml %%PORTNAME%%/rules/vsftpd_rules.xml %%PORTNAME%%/rules/web_appsec_rules.xml %%PORTNAME%%/rules/web_rules.xml %%PORTNAME%%/rules/wordpress_rules.xml %%PORTNAME%%/rules/zeus_rules.xml +@owner root +@group ossec %%PORTNAME%%/agentless/main.exp %%PORTNAME%%/agentless/register_host.sh %%PORTNAME%%/agentless/ssh.exp %%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff %%PORTNAME%%/agentless/ssh_foundry_diff %%PORTNAME%%/agentless/ssh_generic_diff %%PORTNAME%%/agentless/ssh_integrity_check_bsd %%PORTNAME%%/agentless/ssh_integrity_check_linux %%PORTNAME%%/agentless/ssh_nopass.exp %%PORTNAME%%/agentless/ssh_pixconfig_diff %%PORTNAME%%/agentless/sshlogin.exp %%PORTNAME%%/agentless/su.exp -@owner root -@group ossec @mode 550 @dir %%PORTNAME%%/.ssh @dir %%PORTNAME%%/active-response/bin @dir %%PORTNAME%%/active-response @dir %%PORTNAME%%/agentless @dir %%PORTNAME%%/bin @dir %%PORTNAME%%/etc/shared @dir %%PORTNAME%%/etc @dir %%PORTNAME%%/queue/rootcheck @dir %%PORTNAME%%/rules @dir %%PORTNAME%%/tmp @mode 770 @dir %%PORTNAME%%/var/run @mode 550 @dir %%PORTNAME%%/var @owner ossec @mode 770 @dir %%PORTNAME%%/queue/alerts @dir %%PORTNAME%%/queue/ossec @mode 750 @dir %%PORTNAME%%/queue/fts @dir %%PORTNAME%%/queue/syscheck @dir %%PORTNAME%%/queue/diff @dir %%PORTNAME%%/queue/agentless @dir %%PORTNAME%%/stats @dir %%PORTNAME%%/logs/alerts @dir %%PORTNAME%%/logs/archives @dir %%PORTNAME%%/logs/firewall @dir %%PORTNAME%%/logs @owner ossecr @dir %%PORTNAME%%/queue/agent-info @dir %%PORTNAME%%/queue/rids @owner ossec @mode 550 @dir %%PORTNAME%%/queue @owner root @mode 550 @dir %%PORTNAME%%