From owner-freebsd-ports@FreeBSD.ORG  Thu Feb 23 00:49:52 2012
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C9C04106564A
	for <ports@freebsd.org>; Thu, 23 Feb 2012 00:49:52 +0000 (UTC)
	(envelope-from Cy.Schubert@komquats.com)
Received: from idcmail-mo2no.shaw.ca (idcmail-mo2no.shaw.ca [64.59.134.9])
	by mx1.freebsd.org (Postfix) with ESMTP id 890C88FC17
	for <ports@freebsd.org>; Thu, 23 Feb 2012 00:49:52 +0000 (UTC)
Received: from lb7f8hsrpno-svcs.dcs.int.inet (HELO pd6ml1no-ssvc.prod.shaw.ca)
	([10.0.144.222])
	by pd6mo1no-svcs.prod.shaw.ca with ESMTP; 22 Feb 2012 17:34:51 -0700
X-Cloudmark-SP-Filtered: true
X-Cloudmark-SP-Result: v=1.1 cv=Cufqhujp69hR+MhiHu40yK/USb/hlYs0+irVU46A6+k=
	c=1 sm=1
	a=KxcSwAjcfCcA:10 a=QrugwKR0C_UA:10 a=wAGQQ9Az6v0A:10 a=BLceEmwcHowA:10
	a=ICAaq7hcmGcA:10 a=kj9zAlcOel0A:10 a=IbtKDeXwb2+SRU442/pi3A==:17
	a=BWvPGDcYAAAA:8 a=6I5d2MoRAAAA:8 a=EdYECB-ZAAAA:8
	a=BO6zRlZH7ebzKu6tI6oA:9
	a=vrc1ZQbHa9Wjdc7ABlkA:7 a=CjuIK1q_8ugA:10 a=M3uUUNbqYQcA:10
	a=V7tsTZBp22UA:10 a=SV7veod9ZcQA:10 a=pt2i9VEdflGl8I2G:21
	a=XJMUvuO9CuCt67bH:21 a=HpAAvcLHHh0Zw7uRqdWCyQ==:117
Received: from unknown (HELO spqr.komquats.com) ([96.50.7.119])
	by pd6ml1no-dmz.prod.shaw.ca with ESMTP; 22 Feb 2012 17:34:51 -0700
Received: from slippy.cwsent.com (slippy8 [10.2.2.6])
	by spqr.komquats.com (Postfix) with ESMTP id E3EF246B72;
	Wed, 22 Feb 2012 16:34:50 -0800 (PST)
Received: from slippy (localhost [127.0.0.1])
	by slippy.cwsent.com (8.14.5/8.14.5) with ESMTP id q1N0Yoin004455;
	Wed, 22 Feb 2012 16:34:50 -0800 (PST)
	(envelope-from Cy.Schubert@komquats.com)
Message-Id: <201202230034.q1N0Yoin004455@slippy.cwsent.com>
X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.3
From: Cy Schubert <Cy.Schubert@komquats.com>
X-os: FreeBSD
X-Sender: cy@cwsent.com
X-URL: http://www.komquats.com/
To: Joe Greco <jgreco@ns.sol.net>
In-Reply-To: Message from Joe Greco <jgreco@ns.sol.net> of "Wed,
	22 Feb 2012 15:57:11 CST." <201202222157.q1MLvBKV052020@aurora.sol.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 22 Feb 2012 16:34:50 -0800
Cc: ports@freebsd.org
Subject: Re: Req update for ports/security/tripwire12
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Cy Schubert <Cy.Schubert@komquats.com>
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Feb 2012 00:49:52 -0000

Committed.

Berkeley unified diffs are preferred.


-- 
Cheers,
Cy Schubert <Cy.Schubert@komquats.com>
FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  http://www.FreeBSD.org


In message <201202222157.q1MLvBKV052020@aurora.sol.net>, Joe Greco writes:
> misc fixes (not comprehensive) for freebsd8
> 
> diff -Ncr tripwire12.old/Makefile tripwire12/Makefile
> *** tripwire12.old/Makefile	Sun Apr 26 02:22:57 2009
> --- tripwire12/Makefile	Wed Feb 22 15:22:52 2012
> ***************
> *** 20,26 ****
>   NO_PACKAGE=	requires local database to be built
>   USE_PERL5_BUILD=yes
>   
> ! TWCONFIG?=	${FILESDIR}/tw.conf.freebsd2
>   
>   post-extract:
>   	@ (cd ${WRKDIR}; tar xpf T1.2.tar)
> --- 20,26 ----
>   NO_PACKAGE=	requires local database to be built
>   USE_PERL5_BUILD=yes
>   
> ! TWCONFIG?=	${FILESDIR}/tw.conf.freebsd8
>   
>   post-extract:
>   	@ (cd ${WRKDIR}; tar xpf T1.2.tar)
> ***************
> *** 33,41 ****
>   
>   pre-configure:
>   	@ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs
> ! 	@ ${SED} s%/kernel%`/sbin/sysctl -bn kern.bootfile`% \
> ! 		< ${TWCONFIG} \
> ! 		> ${WRKSRC}/configs/tw.conf.freebsd2
>   
>   post-install:
>   	@ ${MKDIR} /var/adm/tcheck
> --- 33,39 ----
>   
>   pre-configure:
>   	@ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs
> ! 	@ ${cp} ${TWCONFIG} ${WRKSRC}/configs/tw.conf.freebsd8
>   
>   post-install:
>   	@ ${MKDIR} /var/adm/tcheck
> diff -Ncr tripwire12.old/files/tw.conf.freebsd8 tripwire12/files/tw.conf.free
> bsd8
> *** tripwire12.old/files/tw.conf.freebsd8	Wed Dec 31 18:00:00 1969
> --- tripwire12/files/tw.conf.freebsd8	Wed Feb 22 15:52:37 2012
> ***************
> *** 0 ****
> --- 1,165 ----
> + # $FreeBSD$
> + #
> + # tripwire.config
> + # Generic version for FreeBSD
> + #  Will need editing...see comments below
> + #
> + # This file contains a list of files and directories that System 
> + # Preener will scan.  Information collected from these files will be 
> + # stored in the tripwire.database file.
> + #
> + # Format: 			[!|=] entry [ignore-flags]
> + #
> + # where:	 '!' signifies the entry is to be pruned (inclusive) from
> + #				the list of files to be scanned.
> + #		 '=' signifies the entry is to be added, but if it is
> + #				a directory, then all its contents are pruned
> + #				(useful for /tmp).
> + #
> + # where:	entry is the absolute pathname of a file or a directory
> + #
> + # where ignore-flags are in the format:
> + #		[template][ [+|-][pinugsam12] ... ]
> + #
> + # 	- :  ignore the following atributes
> + #	+ :  do not ignore the following attributes
> + #
> + #	p :  permission and file mode bits 	a: access timestamp
> + #	i :  inode number			m: modification timestamp
> + #	n :  number of links (ref count)	c: inode creation timestamp
> + #	u :  user id of owner			1: signature 1
> + #	g :  group id of owner			2: signature 2
> + #	s :  size of file
> + #
> + #
> + # Ex:   The following entry will scan all the files in /etc, and report
> + #	any changes in mode bits, inode number, reference count, uid,
> + #	gid, modification and creation timestamp, and the signatures.
> + #	However, it will ignore any changes in the access timestamp.
> + #
> + #	/etc	+pinugsm12-a
> + #
> + # The following templates have been pre-defined to make these long ignore
> + # mask descriptions unecessary.
> + #
> + # Templates: 	(default)	R :  [R]ead-only (+pinugsm12-a)
> + #				L :  [L]og file (+pinug-sam12)
> + #				N :  ignore [N]othing (+pinusgsamc12)
> + #				E :  ignore [E]verything (-pinusgsamc12)
> + #
> + # By default, Tripwire uses the R template -- it ignores
> + # only the access timestamp.
> + #
> + # You can use templates with modifiers, like:
> + #	Ex:  /etc/lp	E+ug
> + #
> + #	Example configuration file:
> + #		/etc		R	# all system files
> + #		!/etc/lp	R	# ...but not those logs
> + #		=/tmp		N	# just the directory, not its files
> + #
> + # Note the difference between pruning (via "!") and ignoring everything
> + # (via "E" template):  Ignoring everything in a directory still monitors
> + # for added and deleted files.  Pruning a directory will prevent Tripwire
> + # from even looking in the specified directory.
> + #
> + #
> + # Tripwire running slowly?  Modify your tripwire.config entries to
> + # ignore the (signature 2) attribute when this computationally-exorbitant 
> + # protection is not needed.  (See README and design document for further
> + # details.)
> + #
> + 
> + #  First, root's traditional "home".  Note that FreeBSD's root's home (/roo
> t)
> + #  is protected by R-2 protections in the default config file.
> + =/		L
> + /.rhosts	R	# may not exist
> + /.profile	R	# may not exist
> + /.cshrc		R	# may not exist
> + /.login		R	# may not exist
> + /.exrc		R	# may not exist
> + /.logout	R	# may not exist
> + /.forward	R	# may not exist
> + 
> + # Unix itself
> + /kernel		R
> + /boot		R
> + /boot.config	R
> + 
> + # /bin
> + /bin		R-2
> + 
> + # /dev
> + =/dev	 	L
> + 
> + # /etc
> + /etc			R-2
> + /etc/aliases	 	L
> + /etc/dumpdates		L
> + /etc/motd		L
> + 
> + # my passwd database should be static at time of system build.  yours may
> + # not be, if not, uncomment the lines below.
> + 
> + # /etc/passwd		L
> + # /etc/master.passwd	L
> + # /etc/pwd.db		L
> + # /etc/spwd.db		L
> + 
> + # /home
> + =/home
> + 
> + # /lib
> + /lib			R-2
> + 
> + # /libexec
> + /libexec		R-2
> + 
> + # /lkm and /modules
> + /lkm			R-2
> + /modules		R-2
> + 
> + # /boot
> + /boot			R-2
> + 
> + # /rescue
> + /rescue			R-2
> + 
> + # /root
> + /root			R-2
> + /root/.history		L
> + 
> + # /sbin
> + /sbin			R-2
> + 
> + # /stand
> + /stand			R-2
> + 
> + # /usr/bin
> + /usr/bin		R-2
> + 
> + /usr/include		R-12
> + 
> + /usr/lib		R-2
> + 
> + /usr/libdata		R-2
> + 
> + /usr/libexec		R-2
> + 
> + /usr/local/bin		R-2
> + 
> + /usr/local/etc		L
> + 
> + /usr/local/lib		R-2
> + 
> + /usr/local/libexec	R-2
> + 
> + /usr/local/sbin		R-2
> + 
> + /usr/local/share	R-2
> + 
> + /usr/sbin		R-2
> + 
> + /usr/share		R-2
> + 
> + ###########################################
> 
> ... JG
> -- 
> Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
> "We call it the 'one bite at the apple' rule. Give me one chance [and] then I
> won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CN
> N)
> With 24 million small businesses in the US alone, that's way too many apples.
> _______________________________________________
> freebsd-ports@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
> 
>