From owner-freebsd-ports  Sat Jul 21 22:20:45 2001
Delivered-To: freebsd-ports@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 5503037B405
	for <freebsd-ports@hub.freebsd.org>; Sat, 21 Jul 2001 22:20:00 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f6M5K0q54287;
	Sat, 21 Jul 2001 22:20:00 -0700 (PDT)
	(envelope-from gnats)
Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44])
	by hub.freebsd.org (Postfix) with ESMTP id 3FCA837B401
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jul 2001 22:11:45 -0700 (PDT)
	(envelope-from Cy.Schubert@uumail.gov.bc.ca)
Received: (from daemon@localhost)
	by point.osg.gov.bc.ca (8.8.7/8.8.8) id WAA08999
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jul 2001 22:11:45 -0700
Received: from passer.osg.gov.bc.ca(142.32.110.29)
 via SMTP by point.osg.gov.bc.ca, id smtpda08997; Sat Jul 21 22:11:29 2001
Received: (from uucp@localhost)
	by passer.osg.gov.bc.ca (8.11.4/8.9.1) id f6M5BOk70197
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jul 2001 22:11:24 -0700 (PDT)
Received: from UNKNOWN(10.1.2.1), claiming to be "cwsys.cwsent.com"
 via SMTP by passer9.cwsent.com, id smtpdD70195; Sat Jul 21 22:10:46 2001
Received: (from cy@localhost)
	by cwsys.cwsent.com (8.11.4/8.9.1) id f6M5AVU84580;
	Sat, 21 Jul 2001 22:10:31 -0700 (PDT)
Message-Id: <200107220510.f6M5AVU84580@cwsys.cwsent.com>
Date: Sat, 21 Jul 2001 22:10:31 -0700 (PDT)
From: Cy.Schubert@uumail.gov.bc.ca
Reply-To: Cy.Schubert@uumail.gov.bc.ca
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.113
Subject: ports/29137: Brand New Tripwire-2.3.1 Port
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org


>Number:         29137
>Category:       ports
>Synopsis:       Brand New Tripwire-2.3.1 Port
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jul 21 22:20:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Cy Schubert
>Release:        FreeBSD 4.3-RELEASE i386
>Organization:
ITSD Province of BC
>Environment:
System: FreeBSD cwsys 4.3-RELEASE FreeBSD 4.3-RELEASE #9: Thu Jul 19 07:21:29 PDT 2001 root@cwsys:/opt/cvs-430r/src/sys/compile/CWSYS i386


>Description:
Finally, a FreeBSD Tripwire-2.3.1 port, in shar format.


# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	tripwire-231
#	tripwire-231/files
#	tripwire-231/files/patch-ac
#	tripwire-231/files/patch-ab
#	tripwire-231/files/patch-ae
#	tripwire-231/files/twpol.txt
#	tripwire-231/files/patch-ad
#	tripwire-231/files/patch-aa
#	tripwire-231/files/patch-ba
#	tripwire-231/files/patch-mailmessage
#	tripwire-231/files/patch-open
#	tripwire-231/distinfo
#	tripwire-231/pkg-comment
#	tripwire-231/pkg-descr
#	tripwire-231/pkg-plist
#	tripwire-231/Makefile
#
echo c - tripwire-231
mkdir -p tripwire-231 > /dev/null 2>&1
echo c - tripwire-231/files
mkdir -p tripwire-231/files > /dev/null 2>&1
echo x - tripwire-231/files/patch-ac
sed 's/^X//' >tripwire-231/files/patch-ac << 'END-of-tripwire-231/files/patch-ac'
X--- install/install.cfg.orig	Fri Oct 27 17:26:25 2000
X+++ install/install.cfg	Wed Jul 11 20:33:05 2001
X@@ -24,19 +24,19 @@
X CLOBBER=false
X 
X # Tripwire binaries are stored in TWBIN.
X-TWBIN="/usr/sbin"
X+TWBIN="${PREFIX}/sbin"
X 
X # Tripwire policy files are stored in TWPOLICY.
X-TWPOLICY="/etc/tripwire"
X+TWPOLICY="/var/adm/tripwire/etc"
X 
X # Tripwire manual pages are stored in TWMAN.
X-TWMAN="/usr/man"
X+TWMAN="${PREFIX}/man"
X 
X # Tripwire database files are stored in TWDB.
X-TWDB="/var/lib/tripwire"
X+TWDB="/var/adm/tripwire/db"
X 
X # Tripwire documents directory
X-TWDOCS="/usr/doc/tripwire"
X+TWDOCS="${PREFIX}/share/doc/tripwire"
X 
X # The Tripwire site key files are stored in TWSITEKEYDIR.
X TWSITEKEYDIR="${TWPOLICY}"
X@@ -48,7 +48,7 @@
X TWREPORT="${TWDB}/report"
X 
X # This sets the default text editor for Tripwire.
X-TWEDITOR="/bin/vi"
X+TWEDITOR="/usr/bin/vi"
X 
X # TWLATEPROMTING controls the point when tripwire asks for a password.
X TWLATEPROMPTING=false
X@@ -85,7 +85,7 @@
X #####################################
X 
X TWMAILMETHOD=SENDMAIL
X-TWMAILPROGRAM="/usr/lib/sendmail -oi -t"
X+TWMAILPROGRAM="/usr/sbin/sendmail -oi -t"
X 
X #####################################
X # SMTP options
END-of-tripwire-231/files/patch-ac
echo x - tripwire-231/files/patch-ab
sed 's/^X//' >tripwire-231/files/patch-ab << 'END-of-tripwire-231/files/patch-ab'
X--- src/core/msystem.h.orig	Fri Oct 27 18:15:20 2000
X+++ src/core/msystem.h	Tue Mar  6 07:10:06 2001
X@@ -114,7 +114,7 @@
X #	define GID_RESET	-2		/* reset EGID to RGID */
X #endif
X #ifndef DEF_PATH
X-#	define DEF_PATH	"PATH=/bin:/usr/bin:/usr/ucb"  /* default search path */
X+#	define DEF_PATH	"PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin"  /* default search path */
X #endif
X #ifndef DEF_SHELL
X #	define DEF_SHELL	"SHELL=/bin/sh"	/* default shell */
END-of-tripwire-231/files/patch-ab
echo x - tripwire-231/files/patch-ae
sed 's/^X//' >tripwire-231/files/patch-ae << 'END-of-tripwire-231/files/patch-ae'
X--- src/core/stdcore.h.orig	Sat Feb 24 11:02:12 2001
X+++ src/core/stdcore.h	Wed Jul 11 20:53:58 2001
X@@ -47,7 +47,7 @@
X 
X //--Where the configuration file is to be found
X #if IS_BSD
X-# define CONFIG_FILE_ROOT	"/usr/local/etc/tripwire"
X+# define CONFIG_FILE_ROOT	"/var/adm/tripwire/etc"
X #elif defined(USE_FHS)
X # define CONFIG_FILE_ROOT	"/etc/tripwire"
X #else
END-of-tripwire-231/files/patch-ae
echo x - tripwire-231/files/twpol.txt
sed 's/^X//' >tripwire-231/files/twpol.txt << 'END-of-tripwire-231/files/twpol.txt'
X  ##############################################################################
X #                                                                            ##
X############################################################################## #
X#                                                                            # #
X#                      Policy file for FreeBSD 4.3                           # #
X#                                V1.0.0                                      # #
X#                            June 18, 2001                                   # #
X#                                                                            ##
X##############################################################################
X
X
X  ##############################################################################
X #                                                                            ##
X############################################################################## #
X#                                                                            # #
X# This is the example Tripwire Policy file.  It is intended as a place to    # #
X# start creating your own custom Tripwire Policy file.  Referring to it as   # #
X# well as the Tripwire Policy Guide should give you enough information to    # #
X# make a good custom Tripwire Policy file that better covers your            # #
X# configuration and security needs.  A text version of this policy file is   # #
X# called twpol.txt.                                                          # #
X#                                                                            # #
X# Note that this file is tuned to an install of FreeBSD 4.3 using            # #
X# buildworld.  If run unmodified, this file should create no errors on       # #
X# database creation, or violations on a subsiquent integrity check.          # #
X# However it is impossible for there to be one policy file for all machines, # #
X# so this existing one errs on the side of security.  Your FreeBSD           # #
X# configuration will most likey differ from the one our policy file was      # #
X# tuned to, and will therefore require some editing of the default           # #
X# Tripwire Policy file.                                                      # #
X#                                                                            # #
X# The example policy file is best run with 'Loose Directory Checking'        # #
X# enabled. Set LOOSEDIRECTORYCHECKING=TRUE in the Tripwire Configuration     # #
X# file.                                                                      # #
X#                                                                            # #
X# Email support is not included and must be added to this file.              # #
X# Add the 'emailto=' to the rule directive section of each rule (add a comma # #
X# after the 'severity=' line and add an 'emailto=' and include the email     # #
X# addresses you want the violation reports to go to).  Addresses are         # #
X# semi-colon delimited.                                                      # #
X#                                                                            ##
X##############################################################################
X
X
X
X  ##############################################################################
X #                                                                            ##
X############################################################################## #
X#                                                                            # #
X# Global Variable Definitions                                                # #
X#                                                                            # #
X# These are defined at install time by the installation script.  You may     # #
X# Manually edit these if you are using this file directly and not from the   # #
X# installation script itself.                                                # #
X#                                                                            ##
X##############################################################################
X
X@@section GLOBAL
XTWROOT=;
XTWBIN=;
XTWPOL=;
XTWDB=;
XTWSKEY=;
XTWLKEY=;
XTWREPORT=;
XHOSTNAME=;
X
X@@section FS
XSEC_CRIT      = $(IgnoreNone)-SHa ;  # Critical files that cannot change
XSEC_SUID      = $(IgnoreNone)-SHa ;  # Binaries with the SUID or SGID flags set
XSEC_BIN       = $(ReadOnly) ;        # Binaries that should not change
XSEC_CONFIG    = $(Dynamic) ;         # Config files that are changed infrequently but accessed often
XSEC_TTY    = $(Dynamic)-ugp ;        # Tty files that change ownership at login
XSEC_LOG       = $(Growing) ;         # Files that grow, but that should never change ownership
XSEC_INVARIANT = +tpug ;              # Directories that should never change permission or ownership
XSIG_LOW       = 33 ;                 # Non-critical files that are of minimal security impact
XSIG_MED       = 66 ;                 # Non-critical files that are of significant security impact
XSIG_HI        = 100 ;                # Critical files that are significant points of vulnerability
X
X
X# Tripwire Binaries
X(
X  rulename = "Tripwire Binaries",
X  severity = $(SIG_HI)
X)
X{
X  $(TWBIN)/siggen                      -> $(SEC_BIN) ;
X  $(TWBIN)/tripwire                    -> $(SEC_BIN) ;
X  $(TWBIN)/twadmin                     -> $(SEC_BIN) ;
X  $(TWBIN)/twprint                     -> $(SEC_BIN) ;
X}
X
X# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
X(
X  rulename = "Tripwire Data Files",
X  severity = $(SIG_HI)
X)
X{
X  # NOTE: We remove the inode attribute because when Tripwire creates a backup,
X  # it does so by renaming the old file and creating a new one (which will
X  # have a new inode number).  Inode is left turned on for keys, which shouldn't
X  # ever change.
X
X  # NOTE: The first integrity check triggers this rule and each integrity check
X  # afterward triggers this rule until a database update is run, since the
X  # database file does not exist before that point.
X
X  $(TWDB)                              -> $(SEC_CONFIG) -i ;
X  $(TWPOL)/tw.pol                      -> $(SEC_BIN) -i ;
X  $(TWPOL)/tw.cfg                      -> $(SEC_BIN) -i ;
X  $(TWPOL)/twcfg.txt                   -> $(SEC_BIN) ;
X  $(TWPOL)/twpol.txt                   -> $(SEC_BIN) ;
X  $(TWLKEY)/$(HOSTNAME)-local.key      -> $(SEC_BIN) ;
X  $(TWSKEY)/site.key                   -> $(SEC_BIN) ;
X
X  #don't scan the individual reports
X  $(TWREPORT)                          -> $(SEC_CONFIG) (recurse=0) ;
X}
X
X
X# Tripwire HQ Connector Binaries
X#(
X#  rulename = "Tripwire HQ Connector Binaries",
X#  severity = $(SIG_HI)
X#)
X#{
X#  $(TWBIN)/hqagent                     -> $(SEC_BIN) ;
X#}
X#
X# Tripwire HQ Connector - Configuration Files, Keys, and Logs
X
X  ##############################################################################
X #                                                                            ##
X############################################################################## #
X#                                                                            # #
X# Note: File locations here are different than in a stock HQ Connector       # #
X# installation.  This is because Tripwire 2.3 uses a different path          # #
X# structure than Tripwire 2.2.1.                                             # #
X#                                                                            # #
X# You may need to update your HQ Agent configuation file (or this policy     # #
X# file) to correct the paths.  We have attempted to support the FHS standard # #
X# here by placing the HQ Agent files similarly to the way Tripwire 2.3       # #
X# places them.                                                               # #
X#                                                                            ##
X##############################################################################
X
X#(
X#  rulename = "Tripwire HQ Connector Data Files",
X#  severity = $(SIG_HI)
X#)
X#{
X#   #############################################################################
X#  ##############################################################################
X#  # NOTE: Removing the inode attribute because when Tripwire creates a backup ##
X#  # it does so by renaming the old file and creating a new one (which will    ##
X#  # have a new inode number).  Leaving inode turned on for keys, which        ##
X#  # shouldn't ever change.                                                    ##
X#  #############################################################################
X#
X#  $(TWBIN)/agent.cfg                   -> $(SEC_BIN) -i ;
X#  $(TWLKEY)/authentication.key         -> $(SEC_BIN) ;
X#  $(TWDB)/tasks.dat                    -> $(SEC_CONFIG) ;
X#  $(TWDB)/schedule.dat                 -> $(SEC_CONFIG) ;
X#
X#  # Uncomment if you have agent logging enabled.
X#  #/var/log/tripwire/agent.log      -> $(SEC_LOG) ;
X#}
X
X
X
X# Commonly accessed directories that should remain static with regards to owner and group
X(
X  rulename = "Invariant Directories",
X  severity = $(SIG_MED)
X)
X{
X  /                                    -> $(SEC_INVARIANT) (recurse = false) ;
X  /home                                -> $(SEC_INVARIANT) (recurse = false) ;
X}
X
X  ########################
X #                      ##
X######################## #
X#                      # #
X# First, root's "home" # #
X#                      ##
X########################
X
X(
X  rulename = "Root's home",
X  severity = $(SIG_HI)
X)
X{
X  # /.rhosts				-> $(SEC_CRIT) ;
X  /.profile				-> $(SEC_CRIT) ;
X  /.cshrc				-> $(SEC_CRIT) ;
X  /.login				-> $(SEC_CRIT) ;
X  # /.exrc				-> $(SEC_CRIT) ;
X  # /.logout				-> $(SEC_CRIT) ;
X  # /.forward				-> $(SEC_CRIT) ;
X  /root					-> $(SEC_CRIT) (recurse = true) ;
X  !/root/.history ;
X  !/root/.bash_history ;
X  # !/root/.lsof_SYSTEM_NAME ;	# Uncomment if lsof is installed
X}
X
X
X  ##################
X #                ##
X################## #
X#                # #
X# FreeBSD Kernel # #
X#                ##
X##################
X
X(
X  rulename = "FreeBSD Kernel",
X  severity = $(SIG_HI)
X)
X{
X  /kernel				-> $(SEC_CRIT) ;
X  /kernel.old				-> $(SEC_CRIT) ;
X  /kernel.GENERIC			-> $(SEC_CRIT) ;
X}
X
X
X  ###################
X #                 ##
X################### #
X#                 # #
X# FreeBSD Modules # #
X#                 ##
X###################
X
X(
X  rulename = "FreeBSD Modules",
X  severity = $(SIG_HI)
X)
X{
X  /modules				-> $(SEC_CRIT) (recurse = true) ;
X  /modules.old				-> $(SEC_CRIT) (recurse = true) ;
X  # /lkm				-> $(SEC_CRIT) (recurse = true) ; # uncomment if using lkm kld
X}
X
X
X  ##################################
X #                                ##
X################################## #
X#                                # #
X# System Administration Programs # #
X#                                ##
X##################################
X
X(
X  rulename = "System Administration Programs",
X  severity = $(SIG_HI)
X)
X{
X  /sbin					-> $(SEC_CRIT) (recurse = true) ;
X  /usr/sbin				-> $(SEC_CRIT) (recurse = true) ;
X}
X
X
X  ##################
X #                ##
X################## #
X#                # #
X# User Utilities # #
X#                ##
X##################
X
X(
X  rulename = "User Utilities",
X  severity = $(SIG_HI)
X)
X{
X  /bin					-> $(SEC_CRIT) (recurse = true) ;
X  /usr/bin				-> $(SEC_CRIT) (recurse = true) ;
X}
X
X
X  ########
X #      ##
X######## #
X#      # #
X# /dev # #
X#      ##
X########
X
X(
X  rulename = "/dev",
X  severity = $(SIG_HI)
X)
X{
X  /dev					-> $(Device) (recurse = true) ;
X  !/dev/vga ;
X  !/dev/dri ;
X  /dev/console				-> $(SEC_TTY) ;
X  /dev/ttyv0				-> $(SEC_TTY) ;
X  /dev/ttyv1				-> $(SEC_TTY) ;
X  /dev/ttyv2				-> $(SEC_TTY) ;
X  /dev/ttyv3				-> $(SEC_TTY) ;
X  /dev/ttyv4				-> $(SEC_TTY) ;
X  /dev/ttyv5				-> $(SEC_TTY) ;
X  /dev/ttyv6				-> $(SEC_TTY) ;
X  /dev/ttyv7				-> $(SEC_TTY) ;
X  /dev/ttyp0				-> $(SEC_TTY) ;
X  /dev/ttyp1				-> $(SEC_TTY) ;
X  /dev/ttyp2				-> $(SEC_TTY) ;
X  /dev/ttyp3				-> $(SEC_TTY) ;
X  /dev/ttyp4				-> $(SEC_TTY) ;
X  /dev/ttyp5				-> $(SEC_TTY) ;
X  /dev/ttyp6				-> $(SEC_TTY) ;
X  /dev/ttyp7				-> $(SEC_TTY) ;
X  /dev/ttyp8				-> $(SEC_TTY) ;
X  /dev/ttyp9				-> $(SEC_TTY) ;
X  /dev/ttypa				-> $(SEC_TTY) ;
X  /dev/ttypb				-> $(SEC_TTY) ;
X  /dev/ttypc				-> $(SEC_TTY) ;
X  /dev/ttypd				-> $(SEC_TTY) ;
X  /dev/ttype				-> $(SEC_TTY) ;
X  /dev/ttypf				-> $(SEC_TTY) ;
X  /dev/ttypg				-> $(SEC_TTY) ;
X  /dev/ttyph				-> $(SEC_TTY) ;
X  /dev/ttypi				-> $(SEC_TTY) ;
X  /dev/ttypj				-> $(SEC_TTY) ;
X  /dev/ttypl				-> $(SEC_TTY) ;
X  /dev/ttypm				-> $(SEC_TTY) ;
X  /dev/ttypn				-> $(SEC_TTY) ;
X  /dev/ttypo				-> $(SEC_TTY) ;
X  /dev/ttypp				-> $(SEC_TTY) ;
X  /dev/ttypq				-> $(SEC_TTY) ;
X  /dev/ttypr				-> $(SEC_TTY) ;
X  /dev/ttyps				-> $(SEC_TTY) ;
X  /dev/ttypt				-> $(SEC_TTY) ;
X  /dev/ttypu				-> $(SEC_TTY) ;
X  /dev/ttypv				-> $(SEC_TTY) ;
X  /dev/cuaa0				-> $(SEC_TTY) ;	# modem
X}
X
X
X  ########
X #      ##
X######## #
X#      # #
X# /etc # #
X#      ##
X########
X
X(
X  rulename = "/etc",
X  severity = $(SIG_HI)
X)
X{
X  /etc					-> $(SEC_CRIT) (recurse = true) ;
X  # /etc/mail/aliases			-> $(SEC_CONFIG) ;
X  /etc/dumpdates			-> $(SEC_CONFIG) ;
X  /etc/motd				-> $(SEC_CONFIG) ;
X  !/etc/ppp/connect-errors ;
X  /etc/skeykeys				-> $(SEC_CONFIG) ;
X  # Uncomment the following 4 lines if your password file does not change
X  # /etc/passwd				-> $(SEC_CONFIG) ;
X  # /etc/master.passwd			-> $(SEC_CONFIG) ;
X  # /etc/pwd.db				-> $(SEC_CONFIG) ;
X  # /etc/spwd.db			-> $(SEC_CONFIG) ;
X}
X
X
X  ########################
X #                      ##
X######################## #
X#                      # #
X# Copatibility (Linux) # #
X#                      ##
X########################
X
X(
X  rulename = "Linux Compatibility",
X  severity = $(SIG_HI)
X)
X{
X  /compat				-> $(SEC_CRIT) (recurse = true) ;
X  !/compat/linux/etc/ld.so.cache ;
X  !/compat/linux/var/spool/mail ;
X}
X
X
X  ####################################################
X #                                                  ##
X#################################################### #
X#                                                  # #
X# Libraries, include files, and other system files # #
X#                                                  ##
X####################################################
X
X(
X  rulename = "Libraries, include files, and other system files",
X  severity = $(SIG_HI)
X)
X{
X  /usr/include				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/lib				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/libdata				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/libexec				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man			-> $(SEC_CONFIG) ;
X  !/usr/share/man/whatis ;
X  !/usr/share/man/.glimpse_filenames ;
X  !/usr/share/man/.glimpse_filenames_index ;
X  !/usr/share/man/.glimpse_filetimes ;
X  !/usr/share/man/.glimpse_filters ;
X  !/usr/share/man/.glimpse_index ;
X  !/usr/share/man/.glimpse_messages ;
X  !/usr/share/man/.glimpse_partitions ;
X  !/usr/share/man/.glimpse_statistics ;
X  !/usr/share/man/.glimpse_turbo ;
X  /usr/share/man/man1			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man2			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man3			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man4			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man5			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man6			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man7			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man8			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/man9			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/share/man/mann			-> $(SEC_CRIT) (recurse = true) ;
X  ! /usr/share/man/cat1 ;
X  ! /usr/share/man/cat2 ;
X  ! /usr/share/man/cat3 ;
X  ! /usr/share/man/cat4 ;
X  ! /usr/share/man/cat5 ;
X  ! /usr/share/man/cat6 ;
X  ! /usr/share/man/cat7 ;
X  ! /usr/share/man/cat8 ;
X  ! /usr/share/man/cat9 ;
X  ! /usr/share/man/catl ;
X  ! /usr/share/man/catn ;
X  /usr/share/perl/man			-> $(SEC_CONFIG) ;
X  !/usr/share/perl/man/whatis ;
X  !/usr/share/perl/man/.glimpse_filenames ;
X  !/usr/share/perl/man/.glimpse_filenames_index ;
X  !/usr/share/perl/man/.glimpse_filetimes ;
X  !/usr/share/perl/man/.glimpse_filters ;
X  !/usr/share/perl/man/.glimpse_index ;
X  !/usr/share/perl/man/.glimpse_messages ;
X  !/usr/share/perl/man/.glimpse_partitions ;
X  !/usr/share/perl/man/.glimpse_statistics ;
X  !/usr/share/perl/man/.glimpse_turbo ;
X  /usr/share/perl/man/man3		-> $(SEC_CRIT) (recurse = true) ;
X  ! /usr/share/perl/man/cat3 ;
X  /usr/local/lib/perl5/5.00503/man	-> $(SEC_CONFIG) ;
X  ! /usr/local/lib/perl5/5.00503/man/whatis ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_filters ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_filetimes ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_messages ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_statistics ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_index ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_turbo ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_partitions ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames ;
X  ! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames_index ;
X  /usr/local/lib/perl5/5.00503/man/man3		-> $(SEC_CRIT) (recurse = true) ;
X  ! /usr/local/lib/perl5/5.00503/man/cat3 ;
X}
X
X
X  #########
X #       ##
X######### #
X#       # #
X# X11R6 # #
X#       ##
X#########
X
X(
X  rulename = "X11R6",
X  severity = $(SIG_HI)
X)
X{
X  /usr/X11R6				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/lib/X11/xdm		-> $(SEC_CONFIG) (recurse = true) ;
X  !/usr/X11R6/lib/X11/xdm/xdm-errors ;
X  !/usr/X11R6/lib/X11/xdm/authdir/authfiles ;
X  !/usr/X11R6/lib/X11/xdm/xdm-pid ;
X  /usr/X11R6/lib/X11/xkb/compiled	-> $(SEC_CONFIG) (recurse = true) ;
X  /usr/X11R6/man			-> $(SEC_CONFIG) ;
X  !/usr/X11R6/man/whatis ;
X  !/usr/X11R6/man/.glimpse_filenames ;
X  !/usr/X11R6/man/.glimpse_filenames_index ;
X  !/usr/X11R6/man/.glimpse_filetimes ;
X  !/usr/X11R6/man/.glimpse_filters ;
X  !/usr/X11R6/man/.glimpse_index ;
X  !/usr/X11R6/man/.glimpse_messages ;
X  !/usr/X11R6/man/.glimpse_partitions ;
X  !/usr/X11R6/man/.glimpse_statistics ;
X  !/usr/X11R6/man/.glimpse_turbo ;
X  /usr/X11R6/man/man1			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man2			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man3			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man4			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man5			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man6			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man7			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man8			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/man9			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/manl			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/X11R6/man/mann			-> $(SEC_CRIT) (recurse = true) ;
X  ! /usr/X11R6/man/cat1 ;
X  ! /usr/X11R6/man/cat2 ;
X  ! /usr/X11R6/man/cat3 ;
X  ! /usr/X11R6/man/cat4 ;
X  ! /usr/X11R6/man/cat5 ;
X  ! /usr/X11R6/man/cat6 ;
X  ! /usr/X11R6/man/cat7 ;
X  ! /usr/X11R6/man/cat8 ;
X  ! /usr/X11R6/man/cat9 ;
X  ! /usr/X11R6/man/catl ;
X  ! /usr/X11R6/man/catn ;
X}
X
X
X  ###########
X #         ##
X########### #
X#         # #
X# sources # #
X#         ##
X###########
X
X(
X  rulename = "Sources",
X  severity = $(SIG_HI)
X)
X{
X  /usr/src				-> $(SEC_CRIT) (recurse = true) ;
X  /usr/src/sys/compile			-> $(SEC_CONFIG) (recurse = false) ;
X}
X
X
X  #######
X #     ##
X####### #
X#     # #
X# NIS # #
X#     ##
X#######
X
X(
X  rulename = "NIS",
X  severity = $(SIG_HI)
X)
X{
X  /var/yp				-> $(SEC_CRIT) (recurse = true) ;
X  !/var/yp/binding ;
X}
X
X
X  #########################
X #                       ##
X######################### #
X#                       # #
X# Temporary directories # #
X#                       ##
X#########################
X(
X  rulename = "Temporary directories",
X  recurse = false,
X  severity = $(SIG_LOW)
X)
X{
X  /usr/tmp                             -> $(SEC_INVARIANT) ;
X  /var/tmp                             -> $(SEC_INVARIANT) ;
X  /var/preserve                        -> $(SEC_INVARIANT) ;
X  /tmp                                 -> $(SEC_INVARIANT) ;
X}
X
X  ###############
X #             ##
X############### #
X#             # #
X# Local files # #
X#             ##
X###############
X
X(
X  rulename = "Local files",
X  severity = $(SIG_MED)
X)
X{
X  /usr/local/bin			-> $(SEC_BIN) (recurse = true) ;
X  /usr/local/sbin			-> $(SEC_BIN) (recurse = true) ;
X  /usr/local/etc		 	-> $(SEC_BIN) (recurse = true) ;
X  /usr/local/lib			-> $(SEC_BIN) (recurse = true ) ;
X  /usr/local/libexec			-> $(SEC_BIN) (recurse = true ) ;
X  /usr/local/share			-> $(SEC_BIN) (recurse = true ) ;
X  /usr/local/man			-> $(SEC_CONFIG) ;
X  !/usr/local/man/whatis ;
X  !/usr/local/man/.glimpse_filenames ;
X  !/usr/local/man/.glimpse_filenames_index ;
X  !/usr/local/man/.glimpse_filetimes ;
X  !/usr/local/man/.glimpse_filters ;
X  !/usr/local/man/.glimpse_index ;
X  !/usr/local/man/.glimpse_messages ;
X  !/usr/local/man/.glimpse_partitions ;
X  !/usr/local/man/.glimpse_statistics ;
X  !/usr/local/man/.glimpse_turbo ;
X  /usr/local/man/man1			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man2			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man3			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man4			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man5			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man6			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man7			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man8			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/man9			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/manl			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/man/mann			-> $(SEC_CRIT) (recurse = true) ;
X  ! /usr/local/man/cat1 ;
X  ! /usr/local/man/cat2 ;
X  ! /usr/local/man/cat3 ;
X  ! /usr/local/man/cat4 ;
X  ! /usr/local/man/cat5 ;
X  ! /usr/local/man/cat6 ;
X  ! /usr/local/man/cat7 ;
X  ! /usr/local/man/cat8 ;
X  ! /usr/local/man/cat9 ;
X  ! /usr/local/man/catl ;
X  ! /usr/local/man/catn ;
X  /usr/local/krb5			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man			-> $(SEC_CONFIG) ;
X  !/usr/local/krb5/man/whatis ;
X  !/usr/local/krb5/man/.glimpse_filenames ;
X  !/usr/local/krb5/man/.glimpse_filenames_index ;
X  !/usr/local/krb5/man/.glimpse_filetimes ;
X  !/usr/local/krb5/man/.glimpse_filters ;
X  !/usr/local/krb5/man/.glimpse_index ;
X  !/usr/local/krb5/man/.glimpse_messages ;
X  !/usr/local/krb5/man/.glimpse_partitions ;
X  !/usr/local/krb5/man/.glimpse_statistics ;
X  !/usr/local/krb5/man/.glimpse_turbo ;
X  /usr/local/krb5/man/man1			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man2			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man3			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man4			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man5			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man6			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man7			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man8			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/man9			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/manl			-> $(SEC_CRIT) (recurse = true) ;
X  /usr/local/krb5/man/mann			-> $(SEC_CRIT) (recurse = true) ;
X  ! /usr/local/krb5/man/cat1 ;
X  ! /usr/local/krb5/man/cat2 ;
X  ! /usr/local/krb5/man/cat3 ;
X  ! /usr/local/krb5/man/cat4 ;
X  ! /usr/local/krb5/man/cat5 ;
X  ! /usr/local/krb5/man/cat6 ;
X  ! /usr/local/krb5/man/cat7 ;
X  ! /usr/local/krb5/man/cat8 ;
X  ! /usr/local/krb5/man/cat9 ;
X  ! /usr/local/krb5/man/catl ;
X  ! /usr/local/krb5/man/catn ;
X  /usr/local/www			-> $(SEC_CONFIG) (recurse = true) ;
X}
X
X
X(
X  rulename = "Security Control",
X  severity = $(SIG_HI)
X)
X{
X  /etc/group                           -> $(SEC_CRIT) ;
X  /etc/security/                       -> $(SEC_CRIT) ;
X  /etc/crontab                         -> $(SEC_CRIT) ;
X}
X
X#=============================================================================
X#
X# Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
X# Inc. in the United States and other countries. All rights reserved.
X#
X# FreeBSD is a registered trademark of the FreeBSD Project Inc.
X#
X# UNIX is a registered trademark of The Open Group.
X#
X#=============================================================================
X#
X# Permission is granted to make and distribute verbatim copies of this document
X# provided the copyright notice and this permission notice are preserved on all
X# copies.
X#
X# Permission is granted to copy and distribute modified versions of this
X# document under the conditions for verbatim copying, provided that the entire
X# resulting derived work is distributed under the terms of a permission notice
X# identical to this one.
X#
X# Permission is granted to copy and distribute translations of this document
X# into another language, under the above conditions for modified versions,
X# except that this permission notice may be stated in a translation approved by
X# Tripwire, Inc.
X#
X# DCM
END-of-tripwire-231/files/twpol.txt
echo x - tripwire-231/files/patch-ad
sed 's/^X//' >tripwire-231/files/patch-ad << 'END-of-tripwire-231/files/patch-ad'
X--- install/install.sh.orig	Fri Oct 27 17:26:26 2000
X+++ install/install.sh	Tue Jul 10 22:02:02 2001
X@@ -257,7 +257,7 @@
X 	else
X 		unamHW=`uname -p`
X 	fi
X-	if (echo "$unamOS" | $GREP -i "Linux" > /dev/null); then
X+	if (echo "$unamOS" | $GREP -i "FreeBSD" > /dev/null); then
X 			osokay=1
X 	fi
X 	if [ "$osokay" -eq 0 ] ; then
X@@ -488,7 +488,7 @@
X BASE_DIR=`echo $0 | sed s/$BASE_DIR\$//`
X if [ ! -z "$BASE_DIR" ] ; then
X 	TAR_DIR="${BASE_DIR}"
X-	BIN_DIR="${BASE_DIR}bin/i686-pc-linux_r"
X+	BIN_DIR="${BASE_DIR}bin/i386-unknown-freebsd_r"
X else
X 	TAR_DIR="${BASE_DIR}"
X fi
X@@ -621,12 +621,12 @@
X f1=' ff=$README ; d="" ; dd=$TWDOCS ; rr=0444 '
X f2=' ff=$REL_NOTES ; d="" ; dd=$TWDOCS ; rr=0444 '
X f3=' ff=$TWLICENSEFILE ; d="" ; dd=$TWDOCS ; rr=0444 '
X-f4=' ff=tripwire ; d="/bin/i686-pc-linux_r" ; dd=$TWBIN ; rr=0550 '
X-f5=' ff=twadmin ; d="/bin/i686-pc-linux_r" ; dd=$TWBIN ; rr=0550 '
X-f6=' ff=twprint ; d="/bin/i686-pc-linux_r" ; dd=$TWBIN ; rr=0550 '
X-f7=' ff=siggen ; d="/bin/i686-pc-linux_r" ; dd=$TWBIN ; rr=0550 '
X+f4=' ff=tripwire ; d="/bin/i386-unknown-freebsd_r" ; dd=$TWBIN ; rr=0550 '
X+f5=' ff=twadmin ; d="/bin/i386-unknown-freebsd_r" ; dd=$TWBIN ; rr=0550 '
X+f6=' ff=twprint ; d="/bin/i386-unknown-freebsd_r" ; dd=$TWBIN ; rr=0550 '
X+f7=' ff=siggen ; d="/bin/i386-unknown-freebsd_r" ; dd=$TWBIN ; rr=0550 '
X f8=' ff=TRADEMARK ; d="" ; dd=$TWDOCS ; rr=0444 '
X-f9=' ff=policyguide.txt ; d="" ; dd=$TWDOCS ; rr=0444 '
X+f9=' ff=policyguide.txt ; d="/policy/" ; dd=$TWDOCS ; rr=0444 '
X f10=' ff=twpol.txt ; d="/policy/" ; dd=$TWPOLICY ; rr=0640 '
X f11=' ff=twpolicy.4 ; d="/man/man4" ; dd=$TWMAN/man4 ; rr=0444 '
X f12=' ff=twconfig.4 ; d="/man/man4" ; dd=$TWMAN/man4 ; rr=0444 '
END-of-tripwire-231/files/patch-ad
echo x - tripwire-231/files/patch-aa
sed 's/^X//' >tripwire-231/files/patch-aa << 'END-of-tripwire-231/files/patch-aa'
X--- src/Makefile.orig	Sat Mar  3 20:03:52 2001
X+++ src/Makefile	Tue Mar  6 07:04:45 2001
X@@ -79,9 +79,9 @@
X # sparc-linux == Linux Sparc (not fully implemented)
X #
X 
X-SYSPRE = i686-pc-linux
X+#SYSPRE = i686-pc-linux
X #SYSPRE = sparc-linux
X-#SYSPRE = i386-unknown-freebsd
X+SYSPRE = i386-unknown-freebsd
X #SYSPRE = i386-unknown-openbsd
X 
X 
END-of-tripwire-231/files/patch-aa
echo x - tripwire-231/files/patch-ba
sed 's/^X//' >tripwire-231/files/patch-ba << 'END-of-tripwire-231/files/patch-ba'
X--- src/core/unix/unixfsservices.cpp.orig	Sat Feb 24 11:02:12 2001
X+++ src/core/unix/unixfsservices.cpp	Tue Jul 10 21:40:37 2001
X@@ -243,6 +243,7 @@
X {
X     char* pchTempFileName;
X     char szTemplate[MAXPATHLEN];
X+    int fd;
X 
X #ifdef _UNICODE
X     // convert template from wide character to multi-byte string
X@@ -253,13 +254,14 @@
X     strcpy( szTemplate, strName.c_str() );
X #endif
X 
X-    // create temp filename
X-    pchTempFileName = mktemp( szTemplate );
X+    // create temp filename and check to see if mkstemp failed
X+   if ((fd = mkstemp( szTemplate )) == -1) {
X+     throw eFSServicesGeneric( strName );
X+   } else {
X+     close(fd);
X+   }
X+   pchTempFileName = szTemplate;
X 
X-    //check to see if mktemp failed
X-    if ( pchTempFileName == NULL || strlen(pchTempFileName) == 0) {
X-      throw eFSServicesGeneric( strName );
X-    }
X 
X     // change name so that it has the XXXXXX part filled in
X #ifdef _UNICODE
END-of-tripwire-231/files/patch-ba
echo x - tripwire-231/files/patch-mailmessage
sed 's/^X//' >tripwire-231/files/patch-mailmessage << 'END-of-tripwire-231/files/patch-mailmessage'
X--- src/tripwire/mailmessage.cpp.orig	Thu Jul  5 05:16:34 2001
X+++ src/tripwire/mailmessage.cpp	Thu Jul  5 05:16:47 2001
X@@ -241,7 +241,7 @@
X 	time_t current_time = time(NULL);
X 	tm = localtime ( &current_time );
X 	
X-	const TCHAR* szFormat = _T("%a %d %b %Y %H:%M:%S %z");
X+	const TCHAR* szFormat = _T("%a, %d %b %Y %H:%M:%S %z");
X 	
X 	size_t numChars = _tcsftime( szDate, countof( szDate ), szFormat, tm );
X 	
END-of-tripwire-231/files/patch-mailmessage
echo x - tripwire-231/files/patch-open
sed 's/^X//' >tripwire-231/files/patch-open << 'END-of-tripwire-231/files/patch-open'
X--- src/core/unix/file_unix.cpp	Sat Oct 28 04:15:21 2000
X+++ src/core/unix/file_unix.cpp	Wed Jun 13 09:29:07 2001
X@@ -155,10 +155,15 @@
X 	if( flags & OPEN_CREATE )
X 		perm |= O_CREAT;
X 
X+	mode_t openmode = 0664;
X+	if ( flags & OPEN_EXCLUSIVE ) {
X+		perm |= O_CREAT | O_EXCL;
X+		openmode = (mode_t) 0600; // Make sure only root can read the file
X+	}
X 	//
X 	// actually open the file
X 	//
X-	int fh = _topen( sFileName.c_str(), perm, 0664 );
X+	int fh = _topen( sFileName.c_str(), perm, openmode );
X 	if( fh == -1 )
X 	{
X 		throw( eFileOpen( sFileName, iFSServices::GetInstance()->GetErrString() ) );
X--- src/core/file.h	Sat Oct 28 04:15:20 2000
X+++ src/core/file.h	Wed Jun 13 09:07:20 2001
X@@ -96,7 +96,8 @@
X 		OPEN_LOCKED_TEMP	= 0x00000004,	// the file should not be readable by other processes and should be removed when closed
X 		OPEN_TRUNCATE		= 0x00000008,	// opens an empty file. creates it if it doesn't exist. Doesn't make much sense without OF_WRITE
X 		OPEN_CREATE			= 0x00000010,	// create the file if it doesn't exist; this is implicit if OF_TRUNCATE is set
X-		OPEN_TEXT			= 0x00000020
X+		OPEN_TEXT			= 0x00000020,
X+		OPEN_EXCLUSIVE = 0x0000040 // Use O_CREAT | O_EXCL
X 	};
X 
X 	//Ctor, Dtor, CpyCtor, Operator=:
X--- src/core/archive.cpp	Sat Feb 24 21:02:12 2001
X+++ src/core/archive.cpp	Wed Jun 13 09:15:25 2001
X@@ -896,8 +896,9 @@
X     // create file
X 
X     // set up flags
X-    uint32 flags = cFile::OPEN_WRITE | cFile::OPEN_LOCKED_TEMP | cFile::OPEN_CREATE;
X-    if ( openFlags & FA_OPEN_TRUNCATE ) 
X+    uint32 flags = cFile::OPEN_WRITE | cFile::OPEN_LOCKED_TEMP | cFile::OPEN_CREATE | cFile::OPEN_EXCLUSIVE;
X+
X+    if ( openFlags & FA_OPEN_TRUNCATE )
X       flags |= cFile::OPEN_TRUNCATE;
X     if ( openFlags & FA_OPEN_TEXT ) 
X       flags |= cFile::OPEN_TEXT;
END-of-tripwire-231/files/patch-open
echo x - tripwire-231/distinfo
sed 's/^X//' >tripwire-231/distinfo << 'END-of-tripwire-231/distinfo'
XMD5 (tripwire-2.3.1-2.tar.gz) = 6a15fe110565cef9ed33c1c7e070355e
END-of-tripwire-231/distinfo
echo x - tripwire-231/pkg-comment
sed 's/^X//' >tripwire-231/pkg-comment << 'END-of-tripwire-231/pkg-comment'
XFile system security and verification program
END-of-tripwire-231/pkg-comment
echo x - tripwire-231/pkg-descr
sed 's/^X//' >tripwire-231/pkg-descr << 'END-of-tripwire-231/pkg-descr'
XTripwire is a tool that aids system administrators and
Xusers in monitoring a designated set of files for any changes.
XUsed with system files on a regular (e.g., daily) basis, Tripwire
Xcan notify system administrators of corrupted or tampered files,
Xso damage control measures can be taken in a timely manner.
X
XIf "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the
X"make" command line, this port will write the tripwire database to
Xa floppy disk, which should then be write-protected and used as a
Xreference for future runs.  The diskette should be formatted and
Xpresent in the "A" drive before starting the "make install" step.
X
XJoe Greco <jgreco@ns.sol.net>
END-of-tripwire-231/pkg-descr
echo x - tripwire-231/pkg-plist
sed 's/^X//' >tripwire-231/pkg-plist << 'END-of-tripwire-231/pkg-plist'
Xsbin/tripwire
Xsbin/twadmin
Xsbin/twprint
Xsbin/siggen
Xshare/doc/tripwire/README
Xshare/doc/tripwire/Release_Notes
Xshare/doc/tripwire/COPYING
Xshare/doc/tripwire/TRADEMARK
Xshare/doc/tripwire/policyguide.txt
X@dirrm share/doc/tripwire
X@unexec echo If permanently deleting this package, /var/adm/tripwire/etc must be removed manually
END-of-tripwire-231/pkg-plist
echo x - tripwire-231/Makefile
sed 's/^X//' >tripwire-231/Makefile << 'END-of-tripwire-231/Makefile'
X# New ports collection makefile for:	tripwire 2.3.1
X# Date created:		Tue Mar  6 06:57:58 PST 2001
X# Whom:			Cy Schubert <Cy.Schubert@osg.gov.bc.ca>
X#
X# $FreeBSD: ports/security/tripwire-231/Makefile,v 1.1 2001/01/16 17:32:22 cschuber Exp $
X#
X
XPORTNAME=	tripwire
XPORTVERSION=	2.3.1-2
XCATEGORIES=	security
XMASTER_SITES=	http://download.sourceforge.net/tripwire/
XDISTNAME=	tripwire-${PORTVERSION}
X
XMAINTAINER=	Cy.Schubert@osg.gov.bc.ca
X
XMAN4=		twconfig.4 twpolicy.4
XMAN5=		twfiles.5
XMAN8=		siggen.8 tripwire.8 twadmin.8 twintro.8 twprint.8
XNO_PACKAGE=	"requires local database to be built"
XRESTRICTED=	"contains crypto class algorithms"
XWRKSRC=		${WRKDIR}/${DISTNAME}
XBUILD_WRKSRC=	${WRKSRC}/src
XUSE_GMAKE=	yes
XALL_TARGET=	release
X
X.include <bsd.port.pre.mk>
X
Xpre-configure:
X	@ ${CP} ${FILESDIR}/twpol.txt ${WRKSRC}/policy/twpol.txt
X
Xdo-install:
X.if ( defined(TRIPWIRE_CLOBBER) && ${TRIPWIRE_CLOBBER} == "YES" ) || \
X    ( defined(TRIPWIRE_CLOBBER) && ${TRIPWIRE_CLOBBER} == "yes" ) || \
X    ( defined(FORCE_PKG_REGISTER) && ${FORCE_PKG_REGISTER} == "YES" ) || \
X    ( defined(FORCE_PKG_REGISTER) && ${FORCE_PKG_REGISTER} == "yes" )
X	@ cd ${WRKSRC} && PREFIX=${PREFIX} ./install.sh -f
X.else
X	@ cd ${WRKSRC} && PREFIX=${PREFIX} ./install.sh
X.endif
X
Xpre-install:
X	@ cd ${WRKSRC} && ${LN} -sf install/install.cfg install/install.sh .
X
Xpost-install:
X	@ ${MKDIR} -p /var/adm/tripwire
X	@ ${ECHO} Creating tripwire database
X	@ (cd /var/adm/tcheck; ${PREFIX}/sbin/tripwire --init)
X.if defined(TRIPWIRE_FLOPPY) && ${TRIPWIRE_FLOPPY} == YES
X	@ disklabel -w -B /dev/rfd0c fd1440
X	@ newfs -u 0 -t 0 -i 196608 -m 0 -T minimum -o space /dev/rfd0c
X	@ mount /dev/fd0c /mnt
X	@ ${GZIP_CMD} < ${PREFIX}/sbin/tripwire > /mnt/tripwire
X	@ ${CP} -p /var/adm/tcheck/tw.config /mnt/tw.config
X	@ ${GZIP_CMD} < /var/adm/tcheck/databases/tw.db_`hostname` \
X		> /mnt/tw.db_`hostname`.gz
X	@ ${CP} -p ${FILESDIR}/twcheck /mnt/twcheck
X	@ ${GZIP_CMD} < /usr/bin/gunzip > /mnt/gunzip
X	@ ${CHMOD} 555 /mnt/tripwire /mnt/gunzip /mnt/twcheck
X	@ umount /mnt
X	@ ${ECHO} Do not forget to remove and write-protect the floppy.
X.endif
X
X.include <bsd.port.post.mk>
END-of-tripwire-231/Makefile
exit


>How-To-Repeat:
N/A
>Fix:

N/A
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message