From b747f9fc07e78f2e4947293e01e96f3d9e126dc2 Mon Sep 17 00:00:00 2001
From: Kurt Jaeger <pi@FreeBSD.org>
Date: Sat, 1 Jun 2019 19:39:09 +0000
Subject: security/ossec-hids: upgrade 3.1.0 -> 3.3.0
 security/ossec-hids-local: upgrade 3.1.0 -> 3.3.0
 security/ossec-hids-local-config: upgrade 3.1.0 -> 3.3.0

- Added LUA option. Bundled Lua support is no longer compiled in by default

PR:		237632
Submitted by:	Dominik Lisiak <dominik.lisiak@bemsoft.pl> (maintainer)
Relnotes:	https://github.com/ossec/ossec-hids/releases/tag/3.3.0
		https://github.com/ossec/ossec-hids/releases/tag/3.2.0
---
 security/ossec-hids-local/files/ossec-hids.in      |  17 +-
 security/ossec-hids-local/files/patch-src_Makefile | 231 ---------------------
 security/ossec-hids-local/files/pkg-deinstall.in   |   7 +-
 security/ossec-hids-local/files/pkg-install.in     |   8 +-
 4 files changed, 22 insertions(+), 241 deletions(-)
 delete mode 100644 security/ossec-hids-local/files/patch-src_Makefile

(limited to 'security/ossec-hids-local/files')

diff --git a/security/ossec-hids-local/files/ossec-hids.in b/security/ossec-hids-local/files/ossec-hids.in
index 31ccfb4b984d..56573ea98b99 100644
--- a/security/ossec-hids-local/files/ossec-hids.in
+++ b/security/ossec-hids-local/files/ossec-hids.in
@@ -34,6 +34,10 @@ load_rc_config $name
 ossec_type="%%OSSEC_TYPE%%"
 ossec_home="%%OSSEC_HOME%%"
 
+if [ -z "${ossec_hids_user}" ]; then
+    ossec_hids_user=$(stat -f '%Su' "${ossec_home}")
+fi
+
 ossec_conf="${ossec_home}/etc/ossec.conf"
 ossec_conf_dir="${ossec_home}/etc/ossec.conf.d"
 ossec_conf_bin="${ossec_home}/bin/config/ossec-conf"
@@ -49,6 +53,7 @@ ossec_ar_log="${ossec_home}/logs/active-responses.log"
 ossec_merged="${ossec_home}/etc/shared/merged.mg"
 
 ossec_local_time="/etc/localtime"
+ossec_resolv_conf="/etc/resolv.conf"
 
 extra_commands="help status reload ossec_conf"
 case ${ossec_type} in
@@ -353,7 +358,7 @@ ossec_hids_create_config() {
             if [ -x "${agent_conf_bin}" ]; then
                 # Merge agent.conf.d files into agent.conf
                 if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${agent_conf}" "${agent_conf_dir}"; then
-                    ossec_hids_create_file "${agent_conf}" %%USER%%:%%OSSEC_GROUP%% 0640
+                    ossec_hids_create_file "${agent_conf}" ${ossec_hids_user}:%%OSSEC_GROUP%% 0640
                     "${agent_conf_bin}" > "${agent_conf}"
                 fi
             fi
@@ -363,7 +368,7 @@ ossec_hids_create_config() {
     if [ -x "${ossec_conf_bin}" ]; then
         # Merge ossec.conf.d files into ossec.conf
         if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${ossec_conf}" "${ossec_conf_dir}"; then
-            ossec_hids_create_file "${ossec_conf}" %%USER%%:%%OSSEC_GROUP%% 0640
+            ossec_hids_create_file "${ossec_conf}" ${ossec_hids_user}:%%OSSEC_GROUP%% 0640
             "${ossec_conf_bin}" > "${ossec_conf}"
         fi
     fi
@@ -378,7 +383,13 @@ ossec_hids_create_env() {
         echo
         return 1
     fi
-    install -o %%USER%% -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}"
+    if [ ! -e "${ossec_resolv_conf}" ]; then
+        echo "ERROR: Missing \"${ossec_resolv_conf}\"."
+        echo
+        return 1
+    fi
+    install -o ${ossec_hids_user} -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}"
+    install -o ${ossec_hids_user} -g %%OSSEC_GROUP%% -m 0440 "${ossec_resolv_conf}" "${ossec_home}${ossec_resolv_conf}"
 
     return 0
 }
diff --git a/security/ossec-hids-local/files/patch-src_Makefile b/security/ossec-hids-local/files/patch-src_Makefile
deleted file mode 100644
index 03afeb1ea800..000000000000
--- a/security/ossec-hids-local/files/patch-src_Makefile
+++ /dev/null
@@ -1,231 +0,0 @@
---- src/Makefile.orig	2018-10-11 22:25:16 UTC
-+++ src/Makefile
-@@ -20,6 +20,9 @@ OSSEC_USER?=ossec
- OSSEC_USER_MAIL?=ossecm
- OSSEC_USER_REM?=ossecr
- 
-+INSTALL_CMD?=install -m $(1) -o $(2) -g $(3)
-+INSTALL_LOCALTIME?=yes
-+
- USE_PRELUDE?=no
- USE_ZEROMQ?=no
- USE_GEOIP?=no
-@@ -366,10 +369,10 @@ endif
- install: install-${TARGET}
- 
- install-agent: install-common
--	install -m 0550 -o root -g 0 ossec-agentd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 agent-auth ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin
- 
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
- 
- install-local: install-server-generic
- 
-@@ -379,127 +382,129 @@ install-server: install-server-generic
- 
- install-common: build
- 	./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs
--	install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
-+	$(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
- 
--	install -d -m 0550 -o root -g 0 ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-logcollector ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-syscheckd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-execd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 manage_agents ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ../contrib/util.sh ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
-+	$(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
- 
- ifeq (${LUA_ENABLE},yes)
--	install -d -m 0550 -o root -g 0 ${PREFIX}/lua
--	install -d -m 0550 -o root -g 0 ${PREFIX}/lua/native
--	install -d -m 0550 -o root -g 0 ${PREFIX}/lua/compiled
--	install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua
-+	$(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native
-+	$(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled
-+	$(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
- endif
- 
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/queue
--	install -d -m 0770 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/alerts
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/ossec
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/syscheck
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue
-+	$(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff
- 
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc
--	install -m 0440 -o root -g ${OSSEC_GROUP} /etc/localtime ${PREFIX}/etc
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc
-+ifeq (${INSTALL_LOCALTIME},yes)
-+	$(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc
-+endif
- 
--	install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp
-+	$(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp
- 
- ifneq (,$(wildcard /etc/TIMEZONE))
--	install -m 440 -o root -g ${OSSEC_GROUP} /etc/TIMEZONE ${PREFIX}/etc/
-+	$(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/
- endif
- # Solaris Needs some extra files
- ifeq (${uname_S},SunOS)
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/usr/share/lib/zoneinfo/
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/
- 	cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/
- endif
--	install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/internal_options.conf ${PREFIX}/etc/
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/
- ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf))
--	install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
- endif
- ifeq (,$(wildcard ${PREFIX}/etc/client.keys))
--	install -m 0640 -o root -g ${OSSEC_GROUP} /dev/null ${PREFIX}/etc/client.keys
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys
- endif
- ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf))
- ifneq (,$(wildcard ../etc/ossec.mc))
--	install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
- else
--	install -m 0640 -o root -g ${OSSEC_GROUP} ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
- endif
- endif
- 
--	install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc/shared
--	install -m 0640 -o ${OSSEC_USER} -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/
-+	$(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared
-+	$(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/
- 
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response/bin
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/agentless
--	install -m 0550 -o root -g ${OSSEC_GROUP} agentlessd/scripts/* ${PREFIX}/agentless/
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/
- 
--	install -d -m 0700 -o root -g ${OSSEC_GROUP} ${PREFIX}/.ssh
-+	$(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh
- 
--	install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/*.sh ${PREFIX}/active-response/bin/
--	install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
- 
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/var
--	install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/var/run
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
-+	$(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
- 
- 	./init/fw-check.sh execute
- 
- 
- 
- install-server-generic: install-common
--	install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/active-responses.log
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/archives
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/alerts
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/firewall
-+	$(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall
- 
--	install -m 0550 -o root -g 0 ossec-agentlessd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-analysisd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-monitord ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-reportd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-maild ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-remoted ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-logtest ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-csyslogd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-authd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-dbd ${PREFIX}/bin
--	install -m 0550 -o root -g 0 ossec-makelists ${PREFIX}/bin
--	install -m 0550 -o root -g 0 verify-agent-conf ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 clear_stats ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 list_agents ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 ossec-regex ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 syscheck_update ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 agent_control ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 syscheck_control ${PREFIX}/bin/
--	install -m 0550 -o root -g 0 rootcheck_control ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin
-+	$(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/
-+	$(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/
- 
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/stats
--	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats
-+	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules
- ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml))
- 	cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup
--	install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules
--	install -m 0640 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
- 	rm ${PREFIX}/rules/local_rules.xml.installbackup
- else
--	install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
- endif
- 
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/fts
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts
- 
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rootcheck
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck
- 
--	install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/agent-info
--	install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/agentless
-+	$(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info
-+	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless
- 
--	install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids
-+	$(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
- 
--	install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/decoder.xml ${PREFIX}/etc/
-+	$(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/
- 
- 	rm -f ${PREFIX}/etc/shared/merged.mg
- 
diff --git a/security/ossec-hids-local/files/pkg-deinstall.in b/security/ossec-hids-local/files/pkg-deinstall.in
index d081d40b3764..24479ff33031 100644
--- a/security/ossec-hids-local/files/pkg-deinstall.in
+++ b/security/ossec-hids-local/files/pkg-deinstall.in
@@ -4,15 +4,12 @@ ossec_home="%%OSSEC_HOME%%"
 ar_conf="${ossec_home}/etc/shared/ar.conf"
 merged_mg="${ossec_home}/etc/shared/merged.mg"
 client_keys="${ossec_home}/etc/client.keys"
-firewall_drop="${ossec_home}/active-response/bin/firewall-drop.sh"
 local_time="${ossec_home}/etc/localtime"
+resolv_conf="${ossec_home}/etc/resolv.conf"
 
 if [ "$2" == "DEINSTALL"  ]; then
-    rm -f "${ar_conf}"
-    rm -f "${merged_mg}"
     if [ ! -s "${client_keys}" ]; then
         rm -f "${client_keys}"
     fi
-    rm -f "${firewall_drop}"
-    rm -f "${local_time}"
+    rm -f "${ar_conf}" "${merged_mg}" "${local_time}" "${resolv_conf}"
 fi
diff --git a/security/ossec-hids-local/files/pkg-install.in b/security/ossec-hids-local/files/pkg-install.in
index d819e70ba35e..01816078af72 100644
--- a/security/ossec-hids-local/files/pkg-install.in
+++ b/security/ossec-hids-local/files/pkg-install.in
@@ -14,10 +14,14 @@ create_file() {
 }
 
 if [ "$2" == "POST-INSTALL"  ]; then
+    if [ -z "${USER}" ]; then
+        USER=$(id -un)
+    fi
+
     pw usermod %%OSSEC_USER%% -d "${ossec_home}"
     pw usermod ossecm -d "${ossec_home}"
     pw usermod ossecr -d "${ossec_home}"
-    chown %%USER%%:%%OSSEC_GROUP%% "${ossec_home}"
+    chown ${USER}:%%OSSEC_GROUP%% "${ossec_home}"
 
-    create_file "${client_keys}" root:ossec 0640
+    create_file "${client_keys}" ${USER}:%%OSSEC_GROUP%% 0640
 fi
-- 
cgit v1.2.3