aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/ossec-hids-local-config/Makefile24
-rw-r--r--security/ossec-hids-local-config/files/template-syscheck-pgsql.xml.in16
-rw-r--r--security/ossec-hids-local-config/opt-logs.mk4
-rw-r--r--security/ossec-hids-local-config/opt-syscheck.mk40
-rw-r--r--security/ossec-hids-local/Makefile12
-rw-r--r--security/ossec-hids-local/files/patch-src_Makefile174
6 files changed, 156 insertions, 114 deletions
diff --git a/security/ossec-hids-local-config/Makefile b/security/ossec-hids-local-config/Makefile
index 9a8b11fc901a..c493ac28b667 100644
--- a/security/ossec-hids-local-config/Makefile
+++ b/security/ossec-hids-local-config/Makefile
@@ -2,7 +2,7 @@
PORTNAME= ossec-hids
PORTVERSION= 3.1.0
-PORTREVISION=
+PORTREVISION= 1
CATEGORIES= security
PKGNAMESUFFIX= -${OSSEC_TYPE}-config
@@ -427,17 +427,17 @@ agent-conf-local:
do-install: ossec-dirs ossec-scripts ossec-rules ossec-conf-managed ossec-conf-local ossec-conf-sample agent-conf-managed agent-conf-local
ossec-permissions:
+.if defined(MAINTAINER_MODE)
@${CHMOD} -R 550 ${OSSEC_DIR}
- @${CHMOD} 640 ${COMMAND_CONF} ${OSSEC_CONF_DIR}/* ${OSSEC_LOCAL_CONF_DIR}/*
- @${CHMOD} 550 ${OSSEC_CONF_DIR} ${OSSEC_LOCAL_CONF_DIR}
-.if ${OSSEC_TYPE} != agent
+ @${CHMOD} 640 ${COMMAND_CONF} ${OSSEC_LOCAL_CONF_DIR}/* ${OSSEC_CONF_DIR}/*
+ @${CHMOD} 550 ${OSSEC_LOCAL_CONF_DIR} ${OSSEC_CONF_DIR}
+. if ${OSSEC_TYPE} != agent
@${CHMOD} 640 ${RULES_DIR}/*
-.endif
-.if ${OSSEC_TYPE} == server
- @${CHMOD} 640 ${AGENT_CONF_DIR}/* ${AGENT_LOCAL_CONF_DIR}/*
- @${CHMOD} 550 ${AGENT_CONF_DIR} ${AGENT_LOCAL_CONF_DIR}
-.endif
-.if defined(MAINTAINER_MODE)
+. endif
+. if ${OSSEC_TYPE} == server
+ @${CHMOD} 640 ${AGENT_LOCAL_CONF_DIR}/* ${AGENT_CONF_DIR}/*
+ @${CHMOD} 550 ${AGENT_LOCAL_CONF_DIR} ${AGENT_CONF_DIR}
+. endif
@${CHOWN} -R ${USER}:${OSSEC_GROUP} ${OSSEC_DIR}
@${CHOWN} -R ${USER}:${GROUP} ${BIN_DIR}
.endif
@@ -451,10 +451,10 @@ post-install: ossec-permissions
.if defined(MAINTAINER_MODE)
plist: makeplist
- @${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${PLIST} ${WRKDIR} ${STAGEDIR}
+ @${SH} ${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${PLIST} ${WRKDIR} ${STAGEDIR}
rules: extract
- @${SCRIPTDIR}/rules.sh ${FILESDIR}/${RULES_DEFAULT_TEMPLATE}.in ${WRKSRC}
+ @${SH} ${SCRIPTDIR}/rules.sh ${FILESDIR}/${RULES_DEFAULT_TEMPLATE}.in ${WRKSRC}
.endif
.include <bsd.port.post.mk>
diff --git a/security/ossec-hids-local-config/files/template-syscheck-pgsql.xml.in b/security/ossec-hids-local-config/files/template-syscheck-pgsql.xml.in
new file mode 100644
index 000000000000..f8f8ad802310
--- /dev/null
+++ b/security/ossec-hids-local-config/files/template-syscheck-pgsql.xml.in
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<template_config os="FreeBSD" profile="%%SYSCHECK_PGSQL_PROFILE%%">
+
+ <syscheck>
+ <directories realtime="yes" check_all="yes" restrict=".conf">/var/db/postgres</directories>
+ </syscheck>
+
+</template_config>
+
+<template_config os="Linux" profile="%%SYSCHECK_PGSQL_PROFILE%%">
+
+ <syscheck>
+ <directories realtime="yes" check_all="yes" restrict=".conf">/var/lib/postgresql</directories>
+ </syscheck>
+
+</template_config>
diff --git a/security/ossec-hids-local-config/opt-logs.mk b/security/ossec-hids-local-config/opt-logs.mk
index b706eee3c382..687e93a1782c 100644
--- a/security/ossec-hids-local-config/opt-logs.mk
+++ b/security/ossec-hids-local-config/opt-logs.mk
@@ -6,7 +6,7 @@ LOGS_DESC= Log Monitoring
# Default logs support
LOGS_BASIC_OPTION= BASIC
LOGS_BASIC_PROFILE= basic
-LOGS_BASIC_DESC= Default system logs
+LOGS_BASIC_DESC= Basic system logs
LOGS_BASIC_DEFINE= server local agent pushed
LOGS_BASIC_DEFAULT= server local pushed
LOGS_OPTIONS+= LOGS_BASIC
@@ -14,7 +14,7 @@ LOGS_OPTIONS+= LOGS_BASIC
# Active response log support
LOGS_OSSEC_OPTION= OSSEC
LOGS_OSSEC_PROFILE= ossec
-LOGS_OSSEC_DESC= Active response logs
+LOGS_OSSEC_DESC= OSSEC active response logs
LOGS_OSSEC_DEFINE= server local agent pushed
LOGS_OSSEC_DEFAULT= server local pushed
LOGS_OPTIONS+= LOGS_OSSEC
diff --git a/security/ossec-hids-local-config/opt-syscheck.mk b/security/ossec-hids-local-config/opt-syscheck.mk
index 9b4e6efd7387..c3d4f6ed2a09 100644
--- a/security/ossec-hids-local-config/opt-syscheck.mk
+++ b/security/ossec-hids-local-config/opt-syscheck.mk
@@ -3,22 +3,6 @@ SYSCHECK_LOCAL_CONF= 530.syscheck.local.conf
SYSCHECK_DESC= File Integrity Checking (syscheck)
-# Default direcotries
-SYSCHECK_BASIC_OPTION= BASIC_SC
-SYSCHECK_BASIC_PROFILE= basic
-SYSCHECK_BASIC_DESC= "bin", "sbin" and "etc"
-SYSCHECK_BASIC_DEFINE= server local agent pushed
-SYSCHECK_BASIC_DEFAULT= server local pushed
-SYSCHECK_OPTIONS+= SYSCHECK_BASIC
-
-# OSSEC directories
-SYSCHECK_OSSEC_OPTION= OSSEC_SC
-SYSCHECK_OSSEC_PROFILE= ossec
-SYSCHECK_OSSEC_DESC= OSSEC directories
-SYSCHECK_OSSEC_DEFINE= server local agent pushed
-SYSCHECK_OSSEC_DEFAULT= server local pushed
-SYSCHECK_OPTIONS+= SYSCHECK_OSSEC
-
# Alert new files
SYSCHECK_NEWFILES_OPTION= NEWFILES_SC
SYSCHECK_NEWFILES_DESC= Alert on new files created
@@ -40,3 +24,27 @@ SYSCHECK_HOSTDENY_DESC= Ignore access control files
SYSCHECK_HOSTDENY_DEFINE= server local agent pushed
SYSCHECK_HOSTDENY_DEFAULT= server local pushed
SYSCHECK_OPTIONS+= SYSCHECK_HOSTDENY
+
+# Default direcotries
+SYSCHECK_BASIC_OPTION= BASIC_SC
+SYSCHECK_BASIC_PROFILE= basic
+SYSCHECK_BASIC_DESC= "bin", "sbin" and "etc" directories
+SYSCHECK_BASIC_DEFINE= server local agent pushed
+SYSCHECK_BASIC_DEFAULT= server local pushed
+SYSCHECK_OPTIONS+= SYSCHECK_BASIC
+
+# OSSEC directories
+SYSCHECK_OSSEC_OPTION= OSSEC_SC
+SYSCHECK_OSSEC_PROFILE= ossec
+SYSCHECK_OSSEC_DESC= OSSEC directories
+SYSCHECK_OSSEC_DEFINE= server local agent pushed
+SYSCHECK_OSSEC_DEFAULT= server local pushed
+SYSCHECK_OPTIONS+= SYSCHECK_OSSEC
+
+# PostgreSQL directory
+SYSCHECK_PGSQL_OPTION= PGSQL_SC
+SYSCHECK_PGSQL_PROFILE= postgresql
+SYSCHECK_PGSQL_DESC= PostgreSQL configuration files
+SYSCHECK_PGSQL_DEFINE= server local agent pushed
+SYSCHECK_PGSQL_DEFAULT= pushed
+SYSCHECK_OPTIONS+= SYSCHECK_PGSQL
diff --git a/security/ossec-hids-local/Makefile b/security/ossec-hids-local/Makefile
index 06c8754f0f0a..bd67ed2c114a 100644
--- a/security/ossec-hids-local/Makefile
+++ b/security/ossec-hids-local/Makefile
@@ -2,7 +2,7 @@
PORTNAME= ossec-hids
PORTVERSION= 3.1.0
-PORTREVISION=
+PORTREVISION= 1
CATEGORIES= security
PKGNAMESUFFIX= -${OSSEC_TYPE}
@@ -88,7 +88,6 @@ ZEROMQ_VARS= OSSEC_ARGS+=USE_ZEROMQ=yes
MYSQL_VARS= OSSEC_ARGS+=DATABASE=mysql PKGMSG_FILES+=message-database DB_TYPE=mysql DB_SCHEMA=mysql.schema
PGSQL_VARS= OSSEC_ARGS+=DATABASE=pgsql PKGMSG_FILES+=message-database DB_TYPE=postgresql DB_SCHEMA=postgresql.schema
-OSSEC_ARGS+= TARGET=${OSSEC_TYPE}
.if ${OSSEC_TYPE} == agent
STRIP_FILES= agent-auth \
manage_agents \
@@ -184,6 +183,10 @@ PKGMSG_FILES= message-header
CFLAGS+= -I${LOCALBASE}/include
+OSSEC_ARGS+= TARGET=${OSSEC_TYPE} INSTALL_LOCALTIME=no
+.if !defined(MAINTAINER_MODE)
+OSSEC_ARGS+= INSTALL_CMD=install
+.endif
BUILD_ARGS+= ${MAKE_ARGS} ${OSSEC_ARGS} PREFIX=${OSSEC_HOME}
INSTALL_ARGS+= ${USER_ARGS} ${OSSEC_ARGS} PREFIX=${STAGEDIR}${OSSEC_HOME}
@@ -195,6 +198,9 @@ post-patch:
@${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \
-e 's|-lreadline|& ${LDFLAGS}|' \
${WRKSRC}/src/external/lua/src/Makefile
+.if ${ARCH:Mmips*} || ${ARCH:Mpowerpc*} || ${ARCH} == sparc64
+ @${REINPLACE_CMD} -e 's|-Wno-implicit-fallthrough||g' ${WRKSRC}/src/Makefile
+.endif
do-build:
@cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${BUILD_ARGS} build
@@ -229,7 +235,7 @@ post-install:
.if defined(MAINTAINER_MODE)
plist: makeplist
- @${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${PLIST} ${WRKDIR} ${STAGEDIR}
+ @${SH} ${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${PLIST} ${WRKDIR} ${STAGEDIR}
.endif
post-install-DOCS-on:
diff --git a/security/ossec-hids-local/files/patch-src_Makefile b/security/ossec-hids-local/files/patch-src_Makefile
index 3297c972c40b..03afeb1ea800 100644
--- a/security/ossec-hids-local/files/patch-src_Makefile
+++ b/security/ossec-hids-local/files/patch-src_Makefile
@@ -1,30 +1,39 @@
--- src/Makefile.orig 2018-10-11 22:25:16 UTC
+++ src/Makefile
-@@ -366,10 +366,10 @@ endif
+@@ -20,6 +20,9 @@ OSSEC_USER?=ossec
+ OSSEC_USER_MAIL?=ossecm
+ OSSEC_USER_REM?=ossecr
+
++INSTALL_CMD?=install -m $(1) -o $(2) -g $(3)
++INSTALL_LOCALTIME?=yes
++
+ USE_PRELUDE?=no
+ USE_ZEROMQ?=no
+ USE_GEOIP?=no
+@@ -366,10 +369,10 @@ endif
install: install-${TARGET}
install-agent: install-common
- install -m 0550 -o root -g 0 ossec-agentd ${PREFIX}/bin
- install -m 0550 -o root -g 0 agent-auth ${PREFIX}/bin
-+ install -m 0550 ossec-agentd ${PREFIX}/bin
-+ install -m 0550 agent-auth ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids
-+ install -d ${PREFIX}/queue/rids
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
install-local: install-server-generic
-@@ -378,128 +378,126 @@ install-hybrid: install-server-generic
- install-server: install-server-generic
+@@ -379,127 +382,129 @@ install-server: install-server-generic
install-common: build
-- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
+ ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs
- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log
-+ install -d ${PREFIX}
-+ install -d ${PREFIX}/logs
-+ install /dev/null ${PREFIX}/logs/ossec.log
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
++ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
- install -d -m 0550 -o root -g 0 ${PREFIX}/bin
- install -m 0550 -o root -g 0 ossec-logcollector ${PREFIX}/bin
@@ -33,13 +42,13 @@
- install -m 0550 -o root -g 0 manage_agents ${PREFIX}/bin
- install -m 0550 -o root -g 0 ../contrib/util.sh ${PREFIX}/bin/
- install -m 0550 -o root -g 0 ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
-+ install -d ${PREFIX}/bin
-+ install -m 0550 ossec-logcollector ${PREFIX}/bin
-+ install -m 0550 ossec-syscheckd ${PREFIX}/bin
-+ install -m 0550 ossec-execd ${PREFIX}/bin
-+ install -m 0550 manage_agents ${PREFIX}/bin
-+ install -m 0550 ../contrib/util.sh ${PREFIX}/bin/
-+ install -m 0550 ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
ifeq (${LUA_ENABLE},yes)
- install -d -m 0550 -o root -g 0 ${PREFIX}/lua
@@ -47,11 +56,11 @@
- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/compiled
- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
-+ install -d ${PREFIX}/lua
-+ install -d ${PREFIX}/lua/native
-+ install -d ${PREFIX}/lua/compiled
-+ install -m 0550 ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
-+ install -m 0550 ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua
++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native
++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled
++ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
endif
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/queue
@@ -59,75 +68,78 @@
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/ossec
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/syscheck
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff
-+ install -d ${PREFIX}/queue
-+ install -d ${PREFIX}/queue/alerts
-+ install -d ${PREFIX}/queue/ossec
-+ install -d ${PREFIX}/queue/syscheck
-+ install -d ${PREFIX}/queue/diff
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue
++ $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc
- install -m 0440 -o root -g ${OSSEC_GROUP} /etc/localtime ${PREFIX}/etc
-+ install -d ${PREFIX}/etc
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc
++ifeq (${INSTALL_LOCALTIME},yes)
++ $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc
++endif
- install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp
-+ install -d -m 1550 ${PREFIX}/tmp
++ $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp
ifneq (,$(wildcard /etc/TIMEZONE))
- install -m 440 -o root -g ${OSSEC_GROUP} /etc/TIMEZONE ${PREFIX}/etc/
-+ install -m 440 /etc/TIMEZONE ${PREFIX}/etc/
++ $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/
endif
# Solaris Needs some extra files
ifeq (${uname_S},SunOS)
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/usr/share/lib/zoneinfo/
-+ install -d ${PREFIX}/usr/share/lib/zoneinfo/
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/
cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/
endif
- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/internal_options.conf ${PREFIX}/etc/
-+ install -m 0640 -b ../etc/internal_options.conf ${PREFIX}/etc/
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/
ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf))
- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
-+ install -m 0640 ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
endif
ifeq (,$(wildcard ${PREFIX}/etc/client.keys))
- install -m 0640 -o root -g ${OSSEC_GROUP} /dev/null ${PREFIX}/etc/client.keys
-+ install -m 0640 /dev/null ${PREFIX}/etc/client.keys
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys
endif
ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf))
ifneq (,$(wildcard ../etc/ossec.mc))
- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
-+ install -m 0640 ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
else
- install -m 0640 -o root -g ${OSSEC_GROUP} ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
-+ install -m 0640 ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
endif
endif
- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc/shared
- install -m 0640 -o ${OSSEC_USER} -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/
-+ install -d ${PREFIX}/etc/shared
-+ install -m 0640 rootcheck/db/*.txt ${PREFIX}/etc/shared/
++ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared
++ $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response/bin
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/agentless
- install -m 0550 -o root -g ${OSSEC_GROUP} agentlessd/scripts/* ${PREFIX}/agentless/
-+ install -d ${PREFIX}/active-response
-+ install -d ${PREFIX}/active-response/bin
-+ install -d ${PREFIX}/agentless
-+ install -m 0550 agentlessd/scripts/* ${PREFIX}/agentless/
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/
- install -d -m 0700 -o root -g ${OSSEC_GROUP} ${PREFIX}/.ssh
-+ install -d ${PREFIX}/.ssh
++ $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh
- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/*.sh ${PREFIX}/active-response/bin/
- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
-+ install -m 0550 ../active-response/*.sh ${PREFIX}/active-response/bin/
-+ install -m 0550 ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/var
- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/var/run
-+ install -d ${PREFIX}/var
-+ install -d ${PREFIX}/var/run
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
++ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
./init/fw-check.sh execute
@@ -138,10 +150,10 @@
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/archives
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/alerts
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/firewall
-+ install -m 0660 /dev/null ${PREFIX}/logs/active-responses.log
-+ install -d ${PREFIX}/logs/archives
-+ install -d ${PREFIX}/logs/alerts
-+ install -d ${PREFIX}/logs/firewall
++ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall
- install -m 0550 -o root -g 0 ossec-agentlessd ${PREFIX}/bin
- install -m 0550 -o root -g 0 ossec-analysisd ${PREFIX}/bin
@@ -162,58 +174,58 @@
- install -m 0550 -o root -g 0 agent_control ${PREFIX}/bin/
- install -m 0550 -o root -g 0 syscheck_control ${PREFIX}/bin/
- install -m 0550 -o root -g 0 rootcheck_control ${PREFIX}/bin/
-+ install -m 0550 ossec-agentlessd ${PREFIX}/bin
-+ install -m 0550 ossec-analysisd ${PREFIX}/bin
-+ install -m 0550 ossec-monitord ${PREFIX}/bin
-+ install -m 0550 ossec-reportd ${PREFIX}/bin
-+ install -m 0550 ossec-maild ${PREFIX}/bin
-+ install -m 0550 ossec-remoted ${PREFIX}/bin
-+ install -m 0550 ossec-logtest ${PREFIX}/bin
-+ install -m 0550 ossec-csyslogd ${PREFIX}/bin
-+ install -m 0550 ossec-authd ${PREFIX}/bin
-+ install -m 0550 ossec-dbd ${PREFIX}/bin
-+ install -m 0550 ossec-makelists ${PREFIX}/bin
-+ install -m 0550 verify-agent-conf ${PREFIX}/bin/
-+ install -m 0550 clear_stats ${PREFIX}/bin/
-+ install -m 0550 list_agents ${PREFIX}/bin/
-+ install -m 0550 ossec-regex ${PREFIX}/bin/
-+ install -m 0550 syscheck_update ${PREFIX}/bin/
-+ install -m 0550 agent_control ${PREFIX}/bin/
-+ install -m 0550 syscheck_control ${PREFIX}/bin/
-+ install -m 0550 rootcheck_control ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin
++ $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/
++ $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/stats
- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules
-+ install -d ${PREFIX}/stats
-+ install -d ${PREFIX}/rules
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats
++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules
ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml))
cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup
- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules
- install -m 0640 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
-+ install -m 0640 -b ../etc/rules/*.xml ${PREFIX}/rules
-+ install -m 0640 ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
rm ${PREFIX}/rules/local_rules.xml.installbackup
else
- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules
-+ install -m 0640 -b ../etc/rules/*.xml ${PREFIX}/rules
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
endif
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/fts
-+ install -d ${PREFIX}/queue/fts
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rootcheck
-+ install -d ${PREFIX}/queue/rootcheck
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck
- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/agent-info
- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/agentless
-+ install -d ${PREFIX}/queue/agent-info
-+ install -d ${PREFIX}/queue/agentless
++ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info
++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless
- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids
-+ install -d ${PREFIX}/queue/rids
++ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/decoder.xml ${PREFIX}/etc/
-+ install -m 0640 ../etc/decoder.xml ${PREFIX}/etc/
++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/
rm -f ${PREFIX}/etc/shared/merged.mg
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-23 22:26:49 +0000