From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Feb 11 15:40:13 2004 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 010D216A4CF for ; Wed, 11 Feb 2004 15:40:13 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id D990F43D39 for ; Wed, 11 Feb 2004 15:40:12 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i1BNeCbv057180 for ; Wed, 11 Feb 2004 15:40:12 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i1BNeCcu057177; Wed, 11 Feb 2004 15:40:12 -0800 (PST) (envelope-from gnats) Resent-Date: Wed, 11 Feb 2004 15:40:12 -0800 (PST) Resent-Message-Id: <200402112340.i1BNeCcu057177@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Daniel Blankensteiner " Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF90316A4CE for ; Wed, 11 Feb 2004 15:33:02 -0800 (PST) Received: from cicero2.cybercity.dk (cicero2.cybercity.dk [212.242.40.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id A2D4343D31 for ; Wed, 11 Feb 2004 15:33:02 -0800 (PST) (envelope-from db@TruNet.dk) Received: from user3.cybercity.dk (fxp0.user3.ip.cybercity.dk [212.242.41.36]) by cicero2.cybercity.dk (Postfix) with ESMTP id CDF2C18FB15 for ; Thu, 12 Feb 2004 00:33:00 +0100 (CET) Received: from main.trunet.dk (port132.ds1-arsy.adsl.cybercity.dk [212.242.239.73]) by user3.cybercity.dk (Postfix) with ESMTP id 4947494358 for ; Thu, 12 Feb 2004 00:33:00 +0100 (CET) Message-Id: <1076542704.0@main.trunet.dk> Date: Thu, 12 Feb 2004 00:38:24 +0100 From: "Daniel Blankensteiner " To: "FreeBSD gnats submit" X-Send-Pr-Version: gtk-send-pr 0.3.2 Subject: ports/62714: New port: security/lockdown "Hardening system for FreeBSD" X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2004 23:40:13 -0000 >Number: 62714 >Category: ports >Synopsis: New port: security/lockdown "Hardening system for FreeBSD" >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Feb 11 15:40:12 PST 2004 >Closed-Date: >Last-Modified: >Originator: Daniel Blankensteiner >Release: FreeBSD 5.2.1-RC i386 >Organization: >Environment: System: FreeBSD main.trunet.dk 5.2.1-RC FreeBSD 5.2.1-RC #1: Tue Feb 3 13:50:02 CET 2004 db@main.trunet.dk:/usr/obj/usr/src/sys/MAIN i386 >Description: Lockdown is a hardening system written in C++ for FreeBSD and released under the BSD license. Please read http://lockdown.trunet.dk/ for more info. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # lockdown # lockdown/Makefile # lockdown/pkg-plist # lockdown/pkg-message # lockdown/pkg-descr # echo c - lockdown mkdir -p lockdown > /dev/null 2>&1 echo x - lockdown/Makefile sed 's/^X//' >lockdown/Makefile << 'END-of-lockdown/Makefile' X# New ports collection makefile for: lockdown X# Date created: 11 Feb 2004 X# Whom: Daniel Blankensteiner X# $FreeBSD$ X# X XPORTNAME= lockdown XPORTVERSION= 0.1 XCATEGORIES= security XMASTER_SITES= http://lockdown.trunet.dk/ X XMAINTAINER= db@TruNet.dk XCOMMENT= Hardening system for FreeBSD X XMAN1= lockdown.1 X XWRKSRC= ${WRKDIR}/lockdown X Xdo-install: X ${INSTALL_PROGRAM} ${WRKSRC}/lockdown ${PREFIX}/bin/lockdown X ${INSTALL_MAN} ${WRKSRC}/lockdown.1 ${PREFIX}/man/man1/lockdown.1 X ${INSTALL_DATA} ${WRKSRC}/lockdown.conf.sample ${PREFIX}/etc/lockdown.conf.sample X Xpost-install: X ${CAT} ${PKGMESSAGE} X @${ECHO_CMD} "" X X.include END-of-lockdown/Makefile echo x - lockdown/pkg-plist sed 's/^X//' >lockdown/pkg-plist << 'END-of-lockdown/pkg-plist' Xbin/lockdown Xetc/lockdown.conf.sample END-of-lockdown/pkg-plist echo x - lockdown/pkg-message sed 's/^X//' >lockdown/pkg-message << 'END-of-lockdown/pkg-message' X XWARNING: Until version 1.0 is released, lockdown should only be run on test coputers! END-of-lockdown/pkg-message echo x - lockdown/pkg-descr sed 's/^X//' >lockdown/pkg-descr << 'END-of-lockdown/pkg-descr' XLockdown is a hardening system written in C++ for FreeBSD and released under the BSD license. X XLockdown was designed to harden FreeBSD's base system. It does so by editing the systems configuration files and set permissions, flags and ownership on SUID, GID and information files. XLockdown was meant to be run only once, so you can quickly and without forgetting something, get a secure system running. X XWWW: http://lockdown.TruNet.dk/ X X- Daniel Blankensteiner Xdb@TruNet.dk END-of-lockdown/pkg-descr exit >Release-Note: >Audit-Trail: >Unformatted: