diff options
| author | Kurt Jaeger <pi@FreeBSD.org> | 2019-06-01 19:39:09 +0000 |
|---|---|---|
| committer | Kurt Jaeger <pi@FreeBSD.org> | 2019-06-01 19:39:09 +0000 |
| commit | b747f9fc07e78f2e4947293e01e96f3d9e126dc2 (patch) | |
| tree | 6099d48d168431a899dd9df09dd7d6de2c1e81d6 /security/ossec-hids-local/files | |
| parent | 282b17a9e8f9645dcdbdd7c32b112d994d07ba72 (diff) | |
| download | ports-b747f9fc07e78f2e4947293e01e96f3d9e126dc2.tar.gz ports-b747f9fc07e78f2e4947293e01e96f3d9e126dc2.zip | |
security/ossec-hids: upgrade 3.1.0 -> 3.3.0
security/ossec-hids-local: upgrade 3.1.0 -> 3.3.0
security/ossec-hids-local-config: upgrade 3.1.0 -> 3.3.0
- Added LUA option. Bundled Lua support is no longer compiled in by default
PR: 237632
Submitted by: Dominik Lisiak <dominik.lisiak@bemsoft.pl> (maintainer)
Relnotes: https://github.com/ossec/ossec-hids/releases/tag/3.3.0
https://github.com/ossec/ossec-hids/releases/tag/3.2.0
Notes
Notes:
svn path=/head/; revision=503254
Diffstat (limited to 'security/ossec-hids-local/files')
| -rw-r--r-- | security/ossec-hids-local/files/ossec-hids.in | 17 | ||||
| -rw-r--r-- | security/ossec-hids-local/files/patch-src_Makefile | 231 | ||||
| -rw-r--r-- | security/ossec-hids-local/files/pkg-deinstall.in | 7 | ||||
| -rw-r--r-- | security/ossec-hids-local/files/pkg-install.in | 8 |
4 files changed, 22 insertions, 241 deletions
diff --git a/security/ossec-hids-local/files/ossec-hids.in b/security/ossec-hids-local/files/ossec-hids.in index 31ccfb4b984d..56573ea98b99 100644 --- a/security/ossec-hids-local/files/ossec-hids.in +++ b/security/ossec-hids-local/files/ossec-hids.in @@ -34,6 +34,10 @@ load_rc_config $name ossec_type="%%OSSEC_TYPE%%" ossec_home="%%OSSEC_HOME%%" +if [ -z "${ossec_hids_user}" ]; then + ossec_hids_user=$(stat -f '%Su' "${ossec_home}") +fi + ossec_conf="${ossec_home}/etc/ossec.conf" ossec_conf_dir="${ossec_home}/etc/ossec.conf.d" ossec_conf_bin="${ossec_home}/bin/config/ossec-conf" @@ -49,6 +53,7 @@ ossec_ar_log="${ossec_home}/logs/active-responses.log" ossec_merged="${ossec_home}/etc/shared/merged.mg" ossec_local_time="/etc/localtime" +ossec_resolv_conf="/etc/resolv.conf" extra_commands="help status reload ossec_conf" case ${ossec_type} in @@ -353,7 +358,7 @@ ossec_hids_create_config() { if [ -x "${agent_conf_bin}" ]; then # Merge agent.conf.d files into agent.conf if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${agent_conf}" "${agent_conf_dir}"; then - ossec_hids_create_file "${agent_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 + ossec_hids_create_file "${agent_conf}" ${ossec_hids_user}:%%OSSEC_GROUP%% 0640 "${agent_conf_bin}" > "${agent_conf}" fi fi @@ -363,7 +368,7 @@ ossec_hids_create_config() { if [ -x "${ossec_conf_bin}" ]; then # Merge ossec.conf.d files into ossec.conf if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${ossec_conf}" "${ossec_conf_dir}"; then - ossec_hids_create_file "${ossec_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 + ossec_hids_create_file "${ossec_conf}" ${ossec_hids_user}:%%OSSEC_GROUP%% 0640 "${ossec_conf_bin}" > "${ossec_conf}" fi fi @@ -378,7 +383,13 @@ ossec_hids_create_env() { echo return 1 fi - install -o %%USER%% -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}" + if [ ! -e "${ossec_resolv_conf}" ]; then + echo "ERROR: Missing \"${ossec_resolv_conf}\"." + echo + return 1 + fi + install -o ${ossec_hids_user} -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}" + install -o ${ossec_hids_user} -g %%OSSEC_GROUP%% -m 0440 "${ossec_resolv_conf}" "${ossec_home}${ossec_resolv_conf}" return 0 } diff --git a/security/ossec-hids-local/files/patch-src_Makefile b/security/ossec-hids-local/files/patch-src_Makefile deleted file mode 100644 index 03afeb1ea800..000000000000 --- a/security/ossec-hids-local/files/patch-src_Makefile +++ /dev/null @@ -1,231 +0,0 @@ ---- src/Makefile.orig 2018-10-11 22:25:16 UTC -+++ src/Makefile -@@ -20,6 +20,9 @@ OSSEC_USER?=ossec - OSSEC_USER_MAIL?=ossecm - OSSEC_USER_REM?=ossecr - -+INSTALL_CMD?=install -m $(1) -o $(2) -g $(3) -+INSTALL_LOCALTIME?=yes -+ - USE_PRELUDE?=no - USE_ZEROMQ?=no - USE_GEOIP?=no -@@ -366,10 +369,10 @@ endif - install: install-${TARGET} - - install-agent: install-common -- install -m 0550 -o root -g 0 ossec-agentd ${PREFIX}/bin -- install -m 0550 -o root -g 0 agent-auth ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin - -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids - - install-local: install-server-generic - -@@ -379,127 +382,129 @@ install-server: install-server-generic - - install-common: build - ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX} -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/ -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs -- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/ -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs -+ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log - -- install -d -m 0550 -o root -g 0 ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-logcollector ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-syscheckd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-execd ${PREFIX}/bin -- install -m 0550 -o root -g 0 manage_agents ${PREFIX}/bin -- install -m 0550 -o root -g 0 ../contrib/util.sh ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control -+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control - - ifeq (${LUA_ENABLE},yes) -- install -d -m 0550 -o root -g 0 ${PREFIX}/lua -- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/native -- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/compiled -- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua -+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native -+ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled -+ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ - endif - -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/queue -- install -d -m 0770 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/alerts -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/ossec -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/syscheck -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue -+ $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff - -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc -- install -m 0440 -o root -g ${OSSEC_GROUP} /etc/localtime ${PREFIX}/etc -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc -+ifeq (${INSTALL_LOCALTIME},yes) -+ $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc -+endif - -- install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp -+ $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp - - ifneq (,$(wildcard /etc/TIMEZONE)) -- install -m 440 -o root -g ${OSSEC_GROUP} /etc/TIMEZONE ${PREFIX}/etc/ -+ $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/ - endif - # Solaris Needs some extra files - ifeq (${uname_S},SunOS) -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/usr/share/lib/zoneinfo/ -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/ - cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/ - endif -- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/internal_options.conf ${PREFIX}/etc/ -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/ - ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf)) -- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf - endif - ifeq (,$(wildcard ${PREFIX}/etc/client.keys)) -- install -m 0640 -o root -g ${OSSEC_GROUP} /dev/null ${PREFIX}/etc/client.keys -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys - endif - ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf)) - ifneq (,$(wildcard ../etc/ossec.mc)) -- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/ossec.mc ${PREFIX}/etc/ossec.conf -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf - else -- install -m 0640 -o root -g ${OSSEC_GROUP} ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf - endif - endif - -- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc/shared -- install -m 0640 -o ${OSSEC_USER} -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/ -+ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared -+ $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/ - -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response/bin -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/agentless -- install -m 0550 -o root -g ${OSSEC_GROUP} agentlessd/scripts/* ${PREFIX}/agentless/ -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/ - -- install -d -m 0700 -o root -g ${OSSEC_GROUP} ${PREFIX}/.ssh -+ $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh - -- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/*.sh ${PREFIX}/active-response/bin/ -- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/ -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ - -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/var -- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/var/run -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var -+ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run - - ./init/fw-check.sh execute - - - - install-server-generic: install-common -- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/active-responses.log -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/archives -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/alerts -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/firewall -+ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall - -- install -m 0550 -o root -g 0 ossec-agentlessd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-analysisd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-monitord ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-reportd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-maild ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-remoted ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-logtest ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-csyslogd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-authd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-dbd ${PREFIX}/bin -- install -m 0550 -o root -g 0 ossec-makelists ${PREFIX}/bin -- install -m 0550 -o root -g 0 verify-agent-conf ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 clear_stats ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 list_agents ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 ossec-regex ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 syscheck_update ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 agent_control ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 syscheck_control ${PREFIX}/bin/ -- install -m 0550 -o root -g 0 rootcheck_control ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin -+ $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/ -+ $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/ - -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/stats -- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats -+ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules - ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml)) - cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup -- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules -- install -m 0640 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml - rm ${PREFIX}/rules/local_rules.xml.installbackup - else -- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules - endif - -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/fts -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts - -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rootcheck -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck - -- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/agent-info -- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/agentless -+ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info -+ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless - -- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids -+ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids - -- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/decoder.xml ${PREFIX}/etc/ -+ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/ - - rm -f ${PREFIX}/etc/shared/merged.mg - diff --git a/security/ossec-hids-local/files/pkg-deinstall.in b/security/ossec-hids-local/files/pkg-deinstall.in index d081d40b3764..24479ff33031 100644 --- a/security/ossec-hids-local/files/pkg-deinstall.in +++ b/security/ossec-hids-local/files/pkg-deinstall.in @@ -4,15 +4,12 @@ ossec_home="%%OSSEC_HOME%%" ar_conf="${ossec_home}/etc/shared/ar.conf" merged_mg="${ossec_home}/etc/shared/merged.mg" client_keys="${ossec_home}/etc/client.keys" -firewall_drop="${ossec_home}/active-response/bin/firewall-drop.sh" local_time="${ossec_home}/etc/localtime" +resolv_conf="${ossec_home}/etc/resolv.conf" if [ "$2" == "DEINSTALL" ]; then - rm -f "${ar_conf}" - rm -f "${merged_mg}" if [ ! -s "${client_keys}" ]; then rm -f "${client_keys}" fi - rm -f "${firewall_drop}" - rm -f "${local_time}" + rm -f "${ar_conf}" "${merged_mg}" "${local_time}" "${resolv_conf}" fi diff --git a/security/ossec-hids-local/files/pkg-install.in b/security/ossec-hids-local/files/pkg-install.in index d819e70ba35e..01816078af72 100644 --- a/security/ossec-hids-local/files/pkg-install.in +++ b/security/ossec-hids-local/files/pkg-install.in @@ -14,10 +14,14 @@ create_file() { } if [ "$2" == "POST-INSTALL" ]; then + if [ -z "${USER}" ]; then + USER=$(id -un) + fi + pw usermod %%OSSEC_USER%% -d "${ossec_home}" pw usermod ossecm -d "${ossec_home}" pw usermod ossecr -d "${ossec_home}" - chown %%USER%%:%%OSSEC_GROUP%% "${ossec_home}" + chown ${USER}:%%OSSEC_GROUP%% "${ossec_home}" - create_file "${client_keys}" root:ossec 0640 + create_file "${client_keys}" ${USER}:%%OSSEC_GROUP%% 0640 fi |