Index: head/sysutils/osquery/pkg-message =================================================================== --- head/sysutils/osquery/pkg-message (revision 438895) +++ head/sysutils/osquery/pkg-message (nonexistent) @@ -1,11 +0,0 @@ -This is the initial release of the FreeBSD port for osquery. - -We aren't anywhere near 100% feature parity when compared to -Linux, however, we are actively working to get there. - -osqueryd does not yet have the required functionality to run, -however, osqueryi (the interactive CLI version) can perform -basic tasks. - -Please submit patches as pull requests here: -https://github.com/facebook/osquery Property changes on: head/sysutils/osquery/pkg-message ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/Makefile =================================================================== --- head/sysutils/osquery/Makefile (revision 438895) +++ head/sysutils/osquery/Makefile (revision 438896) @@ -1,73 +1,61 @@ # Created by: Ryan Steinmetz # $FreeBSD$ PORTNAME= osquery -PORTVERSION= 1.4.7 -PORTREVISION= 7 +PORTVERSION= 2.4.0 CATEGORIES= sysutils MAINTAINER= zi@FreeBSD.org COMMENT= SQL powered OS instrumentation, monitoring, and analytics LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= snappy>0:archivers/snappy \ - rocksdb>0:databases/rocksdb \ - thrift>0:devel/thrift \ - thrift-cpp>0:devel/thrift-cpp \ +BUILD_DEPENDS= thrift>0:devel/thrift \ bash>0:shells/bash \ - yara>0:security/yara \ - doxygen:devel/doxygen \ - ${PYTHON_PKGNAMEPREFIX}MarkupSafe>0:textproc/py-MarkupSafe \ - ${PYTHON_PKGNAMEPREFIX}psutil>0:sysutils/py-psutil \ - ${PYTHON_PKGNAMEPREFIX}pexpect>0:misc/py-pexpect \ - ${PYTHON_PKGNAMEPREFIX}Jinja2>0:devel/py-Jinja2 \ - ${PYTHON_PKGNAMEPREFIX}thrift>0:devel/py-thrift \ - ${PYTHON_PKGNAMEPREFIX}pip>0:devel/py-pip -LIB_DEPENDS= libboost_regex.so:devel/boost-libs \ + linenoise-ng>0:devel/linenoise-ng \ + asio>0:net/asio \ + ${PYTHON_PKGNAMEPREFIX}Jinja2>0:devel/py-Jinja2 +LIB_DEPENDS= libaugeas.so:textproc/augeas \ + libboost_regex.so:devel/boost-libs \ libgflags.so:devel/gflags \ - libicuuc.so:devel/icu + libglog.so:devel/glog \ + libicuuc.so:devel/icu \ + libthrift.so:devel/thrift-cpp \ + libtsk.so:sysutils/sleuthkit \ + libcppnetlib-uri.so:devel/cpp-netlib \ + librocksdb-lite.so:databases/rocksdb-lite \ + libyara.so:security/yara \ + liblldpctl.so:net-mgmt/lldpd -BROKEN= does not build (error: no matching constructor for initialization of 'gflags::FlagRegisterer') -DEPRECATED= repeated build and dependency issues, upstream unable to assist -EXPIRATION_DATE=2017-04-28 - USES= cmake:outsource gmake libtool python:build compiler:c++11-lib CONFIGURE_ENV+= OSQUERY_BUILD_VERSION="${PORTVERSION}" HOME="${WRKDIR}" \ SKIP_TESTS="yes" CC="${CC}" CXX="${CXX}" CMAKE_ARGS+= -DFREEBSD=awesome -DCMAKE_SYSTEM_NAME="FreeBSD" BLDDIR= ${WRKDIR}/.build/${PORTNAME} USE_RC_SUBR= ${PORTNAME}d USE_GITHUB= yes GH_ACCOUNT= facebook ${PORTNAME}:tp GH_PROJECT= third-party:tp GH_SUBDIR= third-party:tp MAKE_JOBS_UNSAFE= yes post-patch: - ${REINPLACE_CMD} -e 's|/var/osquery|/var/db/osquery|g' \ - ${WRKSRC}/osquery/core/init.cpp - ${REINPLACE_CMD} -e 's|/var/osquery/osquery.em|/var/run/osquery.em|g' \ - -e 's|/etc/osquery/extensions.load|${PREFIX}/etc/osquery.extensions|g' \ - -e 's|/etc/osquery/modules.load|${PREFIX}/etc/osquery.modules|g' \ - ${WRKSRC}/osquery/extensions/extensions.cpp - ${REINPLACE_CMD} -e 's|/var/osquery/osquery.conf|${PREFIX}/etc/osquery.conf|g' \ - ${WRKSRC}/osquery/config/plugins/filesystem.cpp ${REINPLACE_CMD} -e 's|/var/osquery/|/var/db/osquery/|g' \ ${WRKSRC}/tools/deployment/osquery.example.conf - ${REINPLACE_CMD} -e 's|python |${PYTHON_CMD} |g' \ - ${WRKSRC}/CMake/CMakeLibs.cmake \ - ${WRKSRC}/CMakeLists.txt + ${REINPLACE_CMD} -e 's|python|${PYTHON_CMD}|g' \ + ${WRKSRC}/CMakeLists.txt \ + ${WRKSRC}/tools/get_platform.py do-install: ${INSTALL_PROGRAM} ${BLDDIR}/osqueryi ${STAGEDIR}${PREFIX}/bin ${INSTALL_PROGRAM} ${BLDDIR}/osqueryd ${STAGEDIR}${PREFIX}/sbin ${INSTALL_DATA} ${BLDDIR}/libosquery.a ${STAGEDIR}${PREFIX}/lib (cd ${WRKSRC}/include && ${COPYTREE_SHARE} ${PORTNAME} ${STAGEDIR}${PREFIX}/include) ${INSTALL_DATA} ${WRKSRC}/tools/deployment/osquery.example.conf \ ${STAGEDIR}${PREFIX}/etc/osquery.conf.sample ${MKDIR} ${STAGEDIR}/var/db/osquery + ${MKDIR} ${STAGEDIR}/var/log/osquery .include Index: head/sysutils/osquery/distinfo =================================================================== --- head/sysutils/osquery/distinfo (revision 438895) +++ head/sysutils/osquery/distinfo (revision 438896) @@ -1,4 +1,5 @@ -SHA256 (facebook-osquery-1.4.7_GH0.tar.gz) = da0b648159e8a9677152a2d2b3140d5a61e34b637c408c21462d07629d3b64c2 -SIZE (facebook-osquery-1.4.7_GH0.tar.gz) = 459762 -SHA256 (osquery-third-party-1.4.7_GH0.tar.gz) = baf57d27ca739d876e8da472c162552c6bb740cf4d723ffab4826a4abee83045 -SIZE (osquery-third-party-1.4.7_GH0.tar.gz) = 5509720 +TIMESTAMP = 1492024136 +SHA256 (facebook-osquery-2.4.0_GH0.tar.gz) = e5c3f01ac10ac9a9732f9610921cea8e8a7234a18061cf58e22dc86b2b74d685 +SIZE (facebook-osquery-2.4.0_GH0.tar.gz) = 874186 +SHA256 (osquery-third-party-2.4.0_GH0.tar.gz) = 729830902faa4f438c77dfdce849bfbc862501591e3a51154f0e0fbe14af7ede +SIZE (osquery-third-party-2.4.0_GH0.tar.gz) = 3864623 Index: head/sysutils/osquery/files/patch-osquery_core_init.cpp =================================================================== --- head/sysutils/osquery/files/patch-osquery_core_init.cpp (revision 438895) +++ head/sysutils/osquery/files/patch-osquery_core_init.cpp (nonexistent) @@ -1,22 +0,0 @@ ---- osquery/core/init.cpp.orig 2015-07-03 22:32:52 UTC -+++ osquery/core/init.cpp -@@ -31,6 +31,10 @@ - #include "osquery/core/watcher.h" - #include "osquery/database/db_handle.h" - -+#ifdef __FreeBSD__ -+#include -+#endif -+ - #ifdef __linux__ - #include - #include -@@ -238,7 +242,7 @@ void Initializer::initDaemon() { - #ifdef __linux__ - // Using: ioprio_set(IOPRIO_WHO_PGRP, 0, IOPRIO_CLASS_IDLE); - syscall(SYS_ioprio_set, IOPRIO_WHO_PGRP, 0, IOPRIO_CLASS_IDLE); --#elif defined(__APPLE__) || defined(__FreeBSD__) -+#elif defined(__APPLE__) - setiopolicy_np(IOPOL_TYPE_DISK, IOPOL_SCOPE_PROCESS, IOPOL_THROTTLE); - #endif - } Property changes on: head/sysutils/osquery/files/patch-osquery_core_init.cpp ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/patch-third-party_glog_src_logging__unittest.cc =================================================================== --- head/sysutils/osquery/files/patch-third-party_glog_src_logging__unittest.cc (revision 438895) +++ head/sysutils/osquery/files/patch-third-party_glog_src_logging__unittest.cc (nonexistent) @@ -1,10 +0,0 @@ ---- third-party/glog/src/logging_unittest.cc.orig 2015-05-10 14:03:15 UTC -+++ third-party/glog/src/logging_unittest.cc -@@ -61,6 +61,7 @@ DECLARE_string(log_backtrace_at); // lo - - #ifdef HAVE_LIB_GFLAGS - #include -+using namespace gflags; - #endif - - #ifdef HAVE_LIB_GMOCK Property changes on: head/sysutils/osquery/files/patch-third-party_glog_src_logging__unittest.cc ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/patch-third-party_glog_src_stacktrace__unittest.cc =================================================================== --- head/sysutils/osquery/files/patch-third-party_glog_src_stacktrace__unittest.cc (revision 438895) +++ head/sysutils/osquery/files/patch-third-party_glog_src_stacktrace__unittest.cc (nonexistent) @@ -1,19 +0,0 @@ ---- third-party/glog/src/stacktrace_unittest.cc.orig 2015-05-05 12:29:29 UTC -+++ third-party/glog/src/stacktrace_unittest.cc -@@ -125,16 +125,6 @@ void ATTRIBUTE_NOINLINE CheckStackTraceL - CHECK_GE(size, 1); - CHECK_LE(size, STACK_LEN); - -- if (1) { --#ifdef HAVE_EXECINFO_H -- char **strings = backtrace_symbols(stack, size); -- printf("Obtained %d stack frames.\n", size); -- for (int i = 0; i < size; i++) -- printf("%s %p\n", strings[i], stack[i]); -- printf("CheckStackTrace() addr: %p\n", &CheckStackTrace); -- free(strings); --#endif -- } - for (int i = 0; i < BACKTRACE_STEPS; i++) { - printf("Backtrace %d: expected: %p..%p actual: %p ... ", - i, expected_range[i].start, expected_range[i].end, stack[i]); Property changes on: head/sysutils/osquery/files/patch-third-party_glog_src_stacktrace__unittest.cc ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/patch-osquery_CMakeLists.txt =================================================================== --- head/sysutils/osquery/files/patch-osquery_CMakeLists.txt (revision 438895) +++ head/sysutils/osquery/files/patch-osquery_CMakeLists.txt (nonexistent) @@ -1,11 +0,0 @@ ---- osquery/CMakeLists.txt.orig 2015-07-03 23:09:06 UTC -+++ osquery/CMakeLists.txt -@@ -54,7 +54,7 @@ endif() - # The remaining boost libraries are discovered with find_library. - ADD_OSQUERY_LINK_CORE("boost_system") - ADD_OSQUERY_LINK_CORE("boost_filesystem") --ADD_OSQUERY_LINK_CORE("boost_regex") -+ADD_OSQUERY_LINK_CORE("-lboost_regex") - ADD_OSQUERY_LINK_CORE("yara") - - if(DEFINED ENV{SANITIZE}) Property changes on: head/sysutils/osquery/files/patch-osquery_CMakeLists.txt ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/patch-third-party_glog_src_glog_stl__logging.h.in =================================================================== --- head/sysutils/osquery/files/patch-third-party_glog_src_glog_stl__logging.h.in (revision 438895) +++ head/sysutils/osquery/files/patch-third-party_glog_src_glog_stl__logging.h.in (nonexistent) @@ -1,26 +0,0 @@ ---- third-party/glog/src/glog/stl_logging.h.in.orig 2015-04-16 17:06:51 UTC -+++ third-party/glog/src/glog/stl_logging.h.in -@@ -76,6 +76,9 @@ - #ifdef GLOG_STL_LOGGING_FOR_EXT_SLIST - # include - #endif -+#ifdef GLOG_STL_LOGGING_FOR_FORWARD_LIST -+# include -+#endif - - // Forward declare these two, and define them after all the container streams - // operators so that we can recurse from pair -> container -> container -> pair -@@ -101,9 +104,13 @@ inline std::ostream& operator<<(std::ost - OUTPUT_TWO_ARG_CONTAINER(std::vector) - OUTPUT_TWO_ARG_CONTAINER(std::deque) - OUTPUT_TWO_ARG_CONTAINER(std::list) -+ - #ifdef GLOG_STL_LOGGING_FOR_EXT_SLIST - OUTPUT_TWO_ARG_CONTAINER(__gnu_cxx::slist) - #endif -+#ifdef GLOG_STL_LOGGING_FOR_FORWARD_LIST -+OUTPUT_TWO_ARG_CONTAINER(std::forward_list) -+#endif - - #undef OUTPUT_TWO_ARG_CONTAINER - Property changes on: head/sysutils/osquery/files/patch-third-party_glog_src_glog_stl__logging.h.in ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/patch-third-party_glog_src_stl__logging__unittest.cc =================================================================== --- head/sysutils/osquery/files/patch-third-party_glog_src_stl__logging__unittest.cc (revision 438895) +++ head/sysutils/osquery/files/patch-third-party_glog_src_stl__logging__unittest.cc (nonexistent) @@ -1,10 +0,0 @@ ---- third-party/glog/src/stl_logging_unittest.cc.orig 2015-04-16 17:06:51 UTC -+++ third-party/glog/src/stl_logging_unittest.cc -@@ -41,6 +41,7 @@ - // C++0x isn't enabled by default in GCC and libc++ does not have - // non-standard ext/* and tr1/unordered_*. - # if defined(_LIBCPP_VERSION) -+# define GLOG_STL_LOGGING_FOR_FORWARD_LIST - # define GLOG_STL_LOGGING_FOR_UNORDERED - # else - # define GLOG_STL_LOGGING_FOR_EXT_HASH Property changes on: head/sysutils/osquery/files/patch-third-party_glog_src_stl__logging__unittest.cc ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/patch-third-party_glog_src_googletest.h =================================================================== --- head/sysutils/osquery/files/patch-third-party_glog_src_googletest.h (revision 438895) +++ head/sysutils/osquery/files/patch-third-party_glog_src_googletest.h (nonexistent) @@ -1,13 +0,0 @@ ---- third-party/glog/src/googletest.h.orig 2015-04-16 17:06:51 UTC -+++ third-party/glog/src/googletest.h -@@ -58,6 +58,10 @@ - - #include "base/commandlineflags.h" - -+#ifdef HAVE_LIB_GFLAGS -+#include -+using namespace gflags; -+#endif - using std::map; - using std::string; - using std::vector; Property changes on: head/sysutils/osquery/files/patch-third-party_glog_src_googletest.h ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/osquery/files/osqueryd.in =================================================================== --- head/sysutils/osquery/files/osqueryd.in (revision 438895) +++ head/sysutils/osquery/files/osqueryd.in (revision 438896) @@ -1,41 +1,41 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: osqueryd # REQUIRE: %%REQUIRE%% # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf to enable osqueryd: # # osqueryd_enable="YES" # . /etc/rc.subr name=osqueryd rcvar=osqueryd_enable load_rc_config $name command=%%PREFIX%%/sbin/osqueryd osqueryd_enable=${osqueryd_enable-"NO"} osqueryd_flags=${osqueryd_flags-""} osqueryd_config=${osqueryd_config-"%%PREFIX%%/etc/osquery.conf"} required_files=${osqueryd_config} -command_args="--pidfile /var/run/osqueryd.pid --disable_watchdog --daemonize=true --config_path=${osqueryd_config}" +command_args="--pidfile /var/run/osqueryd.pid --disable_watchdog --daemonize=true --database_path /var/db/osquery/osqueryd --extensions_socket /var/run/osquery.em --extensions_autoload %%PREFIX%%/etc/osquery.extensions --modules_autoload %%PREFIX%%/etc/osquery.modules --config_path=${osqueryd_config}" extra_commands="configtest" configtest_cmd="configtest" pidfile="/var/run/osqueryd.pid" start_precmd=prestart configtest() { ${command} ${osqueryd_flags} --config_check --config_path=${osqueryd_config} --verbose } prestart() { install -d /var/db/osquery } run_rc_command "$1" Index: head/sysutils/osquery/pkg-plist =================================================================== --- head/sysutils/osquery/pkg-plist (revision 438895) +++ head/sysutils/osquery/pkg-plist (revision 438896) @@ -1,20 +1,24 @@ bin/osqueryi @dir /var/db/osquery +@dir /var/log/osquery include/osquery/config.h include/osquery/core.h include/osquery/database.h +include/osquery/dispatcher.h +include/osquery/distributed.h include/osquery/enroll.h include/osquery/events.h include/osquery/extensions.h include/osquery/filesystem.h include/osquery/flags.h -include/osquery/hash.h include/osquery/logger.h +include/osquery/packs.h include/osquery/registry.h include/osquery/sdk.h include/osquery/sql.h include/osquery/status.h +include/osquery/system.h include/osquery/tables.h lib/libosquery.a sbin/osqueryd @sample etc/osquery.conf.sample