Date: Sun, 31 Jul 2022 20:20:37 GMT From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: d7fcd1c31b8f - main - security/wazuh-manager: New port: Security tool to monitor and check logs and intrusions (server) Message-ID: <202207312020.26VKKbiQ070275@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=d7fcd1c31b8f4455a2d9bcd62b454364108e4687 commit d7fcd1c31b8f4455a2d9bcd62b454364108e4687 Author: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> AuthorDate: 2022-07-31 20:18:58 +0000 Commit: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> CommitDate: 2022-07-31 20:20:14 +0000 security/wazuh-manager: New port: Security tool to monitor and check logs and intrusions (server) Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Besides, Wazuh has been fully integrated with the Elastic Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts. WWW: https://wazuh.com/ --- security/Makefile | 1 + security/wazuh-manager/Makefile | 282 + security/wazuh-manager/distinfo | 47 + security/wazuh-manager/files/patch-api_Makefile | 19 + .../wazuh-manager/files/patch-framework_Makefile | 21 + security/wazuh-manager/files/patch-src-Makefile | 76 + .../patch-src-external-cpython_Makefile.pre.in | 118 + .../files/patch-tools-mitre_mitredb-py | 16 + security/wazuh-manager/files/pkg-message.in | 40 + security/wazuh-manager/files/wazuh-manager.in | 60 + security/wazuh-manager/pkg-descr | 11 + security/wazuh-manager/pkg-plist | 25300 +++++++++++++++++++ 12 files changed, 25991 insertions(+) diff --git a/security/Makefile b/security/Makefile index 23519f2fc4b4..b952b97afbb8 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1264,6 +1264,7 @@ SUBDIR += vxquery SUBDIR += wapiti SUBDIR += wazuh-agent + SUBDIR += wazuh-manager SUBDIR += webfwlog SUBDIR += weggli SUBDIR += whatweb diff --git a/security/wazuh-manager/Makefile b/security/wazuh-manager/Makefile new file mode 100644 index 000000000000..2c04e6209d4a --- /dev/null +++ b/security/wazuh-manager/Makefile @@ -0,0 +1,282 @@ +PORTNAME= wazuh +DISTVERSION= 4.3.6 +DISTVERSIONPREFIX= v +CATEGORIES= security +MASTER_SITES= https://packages.wazuh.com/deps/16/libraries/sources/:wazuh_sources \ + LOCAL/acm/${PORTNAME}/:wazuh_cache +PKGNAMESUFFIX= -manager +DISTFILES= ${EXTERNAL_DISTFILES} \ + ${PORTNAME}-cache-any${EXTRACT_SUFX}:wazuh_cache +DIST_SUBDIR= ${PORTNAME}-${DISTVERSION} +EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} + +MAINTAINER= acm@FreeBSD.org +COMMENT= Security tool to monitor and check logs and intrusions (manager) + +LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= cmake:devel/cmake +LIB_DEPENDS+= libgdbm.so:databases/gdbm \ + libnghttp2.so:www/libnghttp2 + +USES= cpe gmake perl5 python:3.9 readline shebangfix sqlite:3 uidfix + +USE_GITHUB= yes +USE_RC_SUBR= ${PORTNAME}${PKGNAMESUFFIX} + +MAKE_ARGS+= TARGET=server INSTALLDIR=${WAZUHPREFIX} INSTALL_SHARED="${INSTALL_LIB}" PYTHON_SOURCE=yes + +WAZUH_CACHEFILE= ${PORTNAME}-cache-any${EXTRACT_SUFX} +EXTERNAL_DISTFILES= cJSON.tar.gz:wazuh_sources \ + curl.tar.gz:wazuh_sources \ + libdb.tar.gz:wazuh_sources \ + libffi.tar.gz:wazuh_sources \ + libyaml.tar.gz:wazuh_sources \ + openssl.tar.gz:wazuh_sources \ + procps.tar.gz:wazuh_sources \ + sqlite.tar.gz:wazuh_sources \ + zlib.tar.gz:wazuh_sources \ + audit-userspace.tar.gz:wazuh_sources \ + msgpack.tar.gz:wazuh_sources \ + bzip2.tar.gz:wazuh_sources \ + nlohmann.tar.gz:wazuh_sources \ + googletest.tar.gz:wazuh_sources \ + libpcre2.tar.gz:wazuh_sources \ + libplist.tar.gz:wazuh_sources \ + libarchive.tar.gz:wazuh_sources \ + popt.tar.gz:wazuh_sources \ + cpython.tar.gz:wazuh_sources + +OPTIONS_DEFINE= INOTIFY PRELUDE ZEROMQ +OPTIONS_GROUP_DATABASE= MYSQL PGSQL +OPTIONS_GROUP= DATABASE + +INOTIFY_LIB_DEPENDS= libinotify.so:devel/libinotify +PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude +ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq + +INOTIFY_DESC= Kevent based real time monitoring +PRELUDE_DESC= Sensor support from Prelude SIEM +ZEROMQ_DESC= ZeroMQ support + +ZEROMQ_MAKE_ENV= USE_ZEROMQ=yes +PRELUDE_MAKE_ENV= USE_PRELUDE=yes +INOTIFY_MAKE_ENV= USE_INOTIFY=yes +INOTIFY_USES= pkgconfig +PGSQL_MAKE_ARGS=DATABASE=pgsql +PGSQL_USES= pgsql +MYSQL_MAKE_ARGS=DATABASE=mysql +MYSQL_USES= mysql + +WAZUH_USER= wazuh +WAZUH_GROUP= wazuh +USERS= ${WAZUH_USER} +GROUPS= ${WAZUH_GROUP} + +SUB_FILES= pkg-message +CONFLICTS= ossec-* wazuh-agent + +WZBIN_FILES= wazuh-logcollector wazuh-syscheckd wazuh-execd manage_agents wazuh-modulesd \ + wazuh-agentlessd wazuh-analysisd wazuh-monitord wazuh-reportd wazuh-maild \ + wazuh-logtest-legacy wazuh-csyslogd wazuh-dbd verify-agent-conf clear_stats \ + wazuh-regex agent_control wazuh-integratord wazuh-db wazuh-remoted wazuh-authd + +WZARBIN_FILES= default-firewall-drop pf npf ipfw firewalld-drop disable-account \ + host-deny ip-customblock restart-wazuh route-null kaspersky wazuh-slack + +WZSHEBANG_FILES=fixup_pubsub_v1_keywords.py pasteurize rst2xetex.py connexion rst2man.py rst2odt.py \ + pyrsa-priv2pub pyrsa-encrypt cygdb pyrsa-sign rstpep2html.py rst2s5.py rst2latex.py \ + chardetect futurize cython rst2pseudoxml.py pyrsa-keygen wsdump.py rst2odt_prepstyles.py \ + jp.py cythonize pyrsa-verify normalizer rst2html.py rst2html5.py openapi-spec-validator \ + rst2html4.py jsonschema rst2xml.py tabulate flask pyrsa-decrypt + +WAZUHMOD750= / /logs/wazuh /logs/archives /logs/alerts /logs/firewall \ + /logs/api /logs/cluster /bin /lib /queue /queue/agentless \ + /queue/db /queue/diff /queue/fts /queue/logcollector \ + /queue/syscollector /queue/syscollector/db /ruleset \ + /ruleset/decoders /ruleset/rules /ruleset/sca /wodles \ + /active-response /active-response/bin /agentless /var /backup \ + /backup/agents /backup/groups /backup/shared /queue/rids \ + /wodles/aws /wodles/azure /wodles/docker /wodles/gcloud \ + /wodles/gcloud/buckets /wodles/gcloud/pubsub /wodles/oscap \ + /wodles/oscap/content /stats /integrations + +WAZUHMOD770= /etc/decoders /etc/lists /etc/lists/amazon /etc/rootcheck \ + /etc/rules /etc/shared/default /logs /queue/agent-groups \ + /queue/alerts /queue/cluster /queue/fim /queue/fim/db \ + /queue/rids /queue/sockets /queue/tasks /etc /etc/shared \ + /.ssh /var/db /var/download /var/db/agents /var/run /var/upgrade \ + /var/selinux /var/wodles /var/incoming /var/multigroups \ + +WAZUHPREFIX= /var/ossec + +.include <bsd.port.pre.mk> + +.if ${OSVERSION} >= 1200500 && ${OSVERSION} < 1300000 +WAZUH_CACHENAME=${PORTNAME}-cache-fbsd12-${ARCH} +DISTFILES+= ${WAZUH_CACHENAME}${EXTRACT_SUFX}:wazuh_cache +.elif ${OSVERSION} >= 1300500 && ${OSVERSION} < 1400000 +WAZUH_CACHENAME=${PORTNAME}-cache-fbsd13-${ARCH} +DISTFILES+= ${WAZUH_CACHENAME}${EXTRACT_SUFX}:wazuh_cache +.endif + +post-extract: +.for FILE in ${EXTERNAL_DISTFILES} + @cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${FILE:S/:wazuh_sources//} ${EXTRACT_AFTER_ARGS} +.endfor + @cd ${WRKSRC}/src && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${WAZUH_CACHEFILE} ${EXTRACT_AFTER_ARGS} + @cd ${WRKSRC}/src && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${WAZUH_CACHENAME}${EXTRACT_SUFX} ${EXTRACT_AFTER_ARGS} + @${RM} ${WRKSRC}/src/external/cpython/python + +post-patch: + ${REINPLACE_CMD} -e 's|HOST_NAME_MAX|_POSIX_HOST_NAME_MAX|g' ${WRKSRC}/src/wazuh_modules/wm_database.c + ${REINPLACE_CMD} -e 's|CC=|CC?=|g' -e 's|AR=|AR?=|g' ${WRKSRC}/src/external/bzip2/Makefile + ${REINPLACE_CMD} '115d' ${WRKSRC}/src/wazuh_modules/syscollector/CMakeLists.txt + ${REINPLACE_CMD} -e 's|^\( *MULTIARCH=\).*--print-multiarch.*|\1|' ${WRKSRC}/src/external/cpython/configure + +do-build: + cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ + ${MAKE_CMD} ${MAKE_ARGS} + +do-install: + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/bin + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/lib + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/tmp + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/.ssh + +.for DIRE in ${WAZUHMOD750} + ${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}${DIRE} +.endfor + +.for DIRE in ${WAZUHMOD770} + ${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}${DIRE} +.endfor + + ${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log + ${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json + ${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-responses.log + +.for FILE in ${WZBIN_FILES} + ${INSTALL_PROGRAM} ${WRKSRC}/src/${FILE} ${STAGEDIR}${WAZUHPREFIX}/bin +.endfor + ${INSTALL_SCRIPT} ${WRKSRC}/src/init/wazuh-server.sh ${STAGEDIR}${WAZUHPREFIX}/bin/wazuh-control + + ${TOUCH} ${STAGEDIR}${WAZUHPREFIX}/etc/localtime + + ${INSTALL_DATA} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc + ${INSTALL_DATA} ${WRKSRC}/src/wazuh_modules/syscollector/norm_config.json ${STAGEDIR}${WAZUHPREFIX}/queue/syscollector + ${INSTALL_DATA} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf + + ${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys + + ${INSTALL_DATA} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf.sample + + ${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/ + +.for FILE in ${WZARBIN_FILES} + ${INSTALL_PROGRAM} ${WRKSRC}/src/${FILE} ${STAGEDIR}${WAZUHPREFIX}/active-response/bin +.endfor + ${INSTALL_SCRIPT} ${WRKSRC}/src/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin + ${INSTALL_SCRIPT} ${WRKSRC}/src/active-response/*.py ${STAGEDIR}${WAZUHPREFIX}/active-response/bin + + ${INSTALL_PROGRAM} ${WRKSRC}/src/default-firewall-drop ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/firewall-drop + + ${INSTALL_DATA} ${WRKSRC}/ruleset/rules/*.xml ${STAGEDIR}${WAZUHPREFIX}/ruleset/rules + + ${INSTALL_DATA} ${WRKSRC}/ruleset/decoders/*.xml ${STAGEDIR}${WAZUHPREFIX}/ruleset/decoders + ${INSTALL_DATA} ${WRKSRC}/ruleset/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/rootcheck + + ${INSTALL_DATA} ${WRKSRC}/etc/local_decoder.xml ${STAGEDIR}${WAZUHPREFIX}/etc/decoders/local_decoder.xml + ${INSTALL_DATA} ${WRKSRC}/etc/local_rules.xml ${STAGEDIR}${WAZUHPREFIX}/etc/rules/local_rules.xml + + ${INSTALL_DATA} ${WRKSRC}/ruleset/lists/amazon/* ${STAGEDIR}${WAZUHPREFIX}/etc/lists/amazon/ + ${INSTALL_DATA} ${WRKSRC}/ruleset/lists/audit-keys ${STAGEDIR}${WAZUHPREFIX}/etc/lists/audit-keys + ${INSTALL_DATA} ${WRKSRC}/ruleset/lists/security-eventchannel ${STAGEDIR}${WAZUHPREFIX}/etc/lists/security-eventchannel + + ${INSTALL_SCRIPT} ${WRKSRC}/integrations/pagerduty ${STAGEDIR}${WAZUHPREFIX}/integrations/pagerduty + ${INSTALL_SCRIPT} ${WRKSRC}/integrations/slack ${STAGEDIR}${WAZUHPREFIX}/integrations/slack.py + ${INSTALL_SCRIPT} ${WRKSRC}/integrations/virustotal ${STAGEDIR}${WAZUHPREFIX}/integrations/virustotal.py + + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/queue/vulnerabilities/dictionaries + ${INSTALL_DATA} ${WRKSRC}/src/wazuh_modules/vulnerability_detector/cpe_helper.json ${STAGEDIR}${WAZUHPREFIX}/queue/vulnerabilities/dictionaries + + ${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/queue/agents-timestamp + ${INSTALL_DATA} ${WRKSRC}/ruleset/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/default + ${INSTALL_DATA} ${WRKSRC}/etc/agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/shared/default + ${INSTALL_DATA} ${WRKSRC}/etc/agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/shared/agent-template.conf + + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/__init__.py ${STAGEDIR}${WAZUHPREFIX}/wodles/__init__.py + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/utils.py ${STAGEDIR}${WAZUHPREFIX}/wodles/utils.py + + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/aws/aws_s3.py ${STAGEDIR}${WAZUHPREFIX}/wodles/aws/aws-s3.py + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/aws/aws-s3 + + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/gcloud.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/gcloud.py + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/integration.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/integration.py + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/tools.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/tools.py + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/buckets/bucket.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/buckets/bucket.py + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/buckets/access_logs.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/buckets/access_logs.py + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/pubsub/subscriber.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/pubsub/subscriber.py + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/gcloud + + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/docker-listener/DockerListener.py ${STAGEDIR}${WAZUHPREFIX}/wodles/docker/DockerListener.py + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/docker/DockerListener + + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/azure/azure-logs.py ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs.py + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs + + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/slack + ${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/integrations/virustotal + + ${FIND} ${WRKSRC}/ruleset/sca -type f -name "*.yml" -exec ${INSTALL_DATA} "{}" ${STAGEDIR}${WAZUHPREFIX}/ruleset/sca \; + + ${INSTALL_LIB} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib + ${INSTALL_LIB} ${WRKSRC}/src/libwazuhshared.so ${STAGEDIR}${WAZUHPREFIX}/lib + ${INSTALL_LIB} ${WRKSRC}/src/shared_modules/dbsync/build/lib/libdbsync.so ${STAGEDIR}${WAZUHPREFIX}/lib + ${INSTALL_LIB} ${WRKSRC}/src/shared_modules/rsync/build/lib/librsync.so ${STAGEDIR}${WAZUHPREFIX}/lib + ${INSTALL_LIB} ${WRKSRC}/src/wazuh_modules/syscollector/build/lib/libsyscollector.so ${STAGEDIR}${WAZUHPREFIX}/lib + ${INSTALL_LIB} ${WRKSRC}/src/data_provider/build/lib/libsysinfo.so ${STAGEDIR}${WAZUHPREFIX}/lib + + cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ + ${MAKE_CMD} install_python ${MAKE_ARGS} + cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ + ${MAKE_CMD} install_dependencies ${MAKE_ARGS} + cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ + ${MAKE_CMD} install_framework ${MAKE_ARGS} + cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ + ${MAKE_CMD} install_api ${MAKE_ARGS} + cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \ + ${MAKE_CMD} install_mitre ${MAKE_ARGS} + cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} \ + ${MAKE_CMD} --quiet -C framework install INSTALLDIR=${STAGEDIR}${WAZUHPREFIX} + cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} \ + ${MAKE_CMD} --quiet -C api install INSTALLDIR=${STAGEDIR}${WAZUHPREFIX} + + @cd ${STAGEDIR}${WAZUHPREFIX}/framework/python/lib && \ + ${STAGEDIR}${WAZUHPREFIX}/framework/python/bin/python3 -m compileall -x 'bad_coding|badsyntax|lib2to3/tests/data' -f -p ${WAZUHPREFIX}/framework/python/lib/ "python3.9" + @cd ${STAGEDIR}${WAZUHPREFIX}/framework/python/lib && \ + ${STAGEDIR}${WAZUHPREFIX}/framework/python/bin/python3 -O -m compileall -x 'bad_coding|badsyntax|lib2to3/tests/data' -f -p ${WAZUHPREFIX}/framework/python/lib/ "python3.9" + @cd ${STAGEDIR}${WAZUHPREFIX}/framework/python/lib && \ + ${STAGEDIR}${WAZUHPREFIX}/framework/python/bin/python3 -OO -m compileall -x 'bad_coding|badsyntax|lib2to3/tests/data' -f -p ${WAZUHPREFIX}/framework/python/lib/ "python3.9" + + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/etc/templates + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/databases + ${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/src + + cd ${WRKSRC}/etc/templates && ${COPYTREE_SHARE} config \ + ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/etc/templates/ + cd ${WRKSRC}/src && ${COPYTREE_SHARE} init \ + ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/src/ + + ${INSTALL_SCRIPT} ${WRKSRC}/gen_ossec.sh ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/ + ${INSTALL_SCRIPT} ${WRKSRC}/add_localfiles.sh ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/ + ${INSTALL_DATA} ${WRKSRC}/src/os_dbd/mysql.schema ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/databases + ${INSTALL_DATA} ${WRKSRC}/src/os_dbd/postgresql.schema ${STAGEDIR}${WAZUHPREFIX}/packages_files/manager_installation_scripts/databases + +post-install: +.for FILE in ${WZSHEBANG_FILES} + @${REINPLACE_CMD} -i "" -e 's|${STAGEDIR}||g' ${STAGEDIR}${WAZUHPREFIX}/framework/python/bin/${FILE} +.endfor + +.include <bsd.port.post.mk> diff --git a/security/wazuh-manager/distinfo b/security/wazuh-manager/distinfo new file mode 100644 index 000000000000..2a33bb34e6df --- /dev/null +++ b/security/wazuh-manager/distinfo @@ -0,0 +1,47 @@ +TIMESTAMP = 1658812218 +SHA256 (wazuh-4.3.6/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1 +SIZE (wazuh-4.3.6/cJSON.tar.gz) = 27863 +SHA256 (wazuh-4.3.6/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66 +SIZE (wazuh-4.3.6/curl.tar.gz) = 3692998 +SHA256 (wazuh-4.3.6/libdb.tar.gz) = 7e9c44e8c7fdb186ff521a8d085b1bfa634d342dcc777ecea1fbf9a98ab5dc5e +SIZE (wazuh-4.3.6/libdb.tar.gz) = 3874990 +SHA256 (wazuh-4.3.6/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69 +SIZE (wazuh-4.3.6/libffi.tar.gz) = 964576 +SHA256 (wazuh-4.3.6/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a +SIZE (wazuh-4.3.6/libyaml.tar.gz) = 424656 +SHA256 (wazuh-4.3.6/openssl.tar.gz) = cdd47d1de792c94eef02344a768afee151c16f5fb92582ba3b97168a7b65ffc0 +SIZE (wazuh-4.3.6/openssl.tar.gz) = 10162682 +SHA256 (wazuh-4.3.6/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07 +SIZE (wazuh-4.3.6/procps.tar.gz) = 55897 +SHA256 (wazuh-4.3.6/sqlite.tar.gz) = e68521637d9e4e60115707cd7f35275a92ce6d0fc1ff04e22d7bbf0c393f8ff1 +SIZE (wazuh-4.3.6/sqlite.tar.gz) = 2296429 +SHA256 (wazuh-4.3.6/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01 +SIZE (wazuh-4.3.6/zlib.tar.gz) = 643568 +SHA256 (wazuh-4.3.6/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434 +SIZE (wazuh-4.3.6/audit-userspace.tar.gz) = 1682820 +SHA256 (wazuh-4.3.6/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2 +SIZE (wazuh-4.3.6/msgpack.tar.gz) = 591294 +SHA256 (wazuh-4.3.6/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd +SIZE (wazuh-4.3.6/bzip2.tar.gz) = 71277 +SHA256 (wazuh-4.3.6/nlohmann.tar.gz) = b5c3a99e9eb5331d958e2bdd3a6283c4b9ea7ad674dd4669ee26d5c5eef845fe +SIZE (wazuh-4.3.6/nlohmann.tar.gz) = 134429 +SHA256 (wazuh-4.3.6/googletest.tar.gz) = 8c1e8a0a7f221c2125e99e6acb709da2ba472476b4d057c58de504bebf38d417 +SIZE (wazuh-4.3.6/googletest.tar.gz) = 885874 +SHA256 (wazuh-4.3.6/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa +SIZE (wazuh-4.3.6/libpcre2.tar.gz) = 1252173 +SHA256 (wazuh-4.3.6/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c +SIZE (wazuh-4.3.6/libplist.tar.gz) = 1520623 +SHA256 (wazuh-4.3.6/libarchive.tar.gz) = f863f382ead9f61abc560ff0ead0be3aa9e95b6f8c62756e1f034f4c2386ba79 +SIZE (wazuh-4.3.6/libarchive.tar.gz) = 7040169 +SHA256 (wazuh-4.3.6/popt.tar.gz) = d6880a06622ca32dc4aa39ad5dcf7bef2faa81bd931afbe64ba434ad8fee1daa +SIZE (wazuh-4.3.6/popt.tar.gz) = 891309 +SHA256 (wazuh-4.3.6/cpython.tar.gz) = 7a332209f04103cdb4137e30b4cd9eedcc88274bbb67f34935aa1aaa651a1e75 +SIZE (wazuh-4.3.6/cpython.tar.gz) = 147005657 +SHA256 (wazuh-4.3.6/wazuh-cache-any.tar.gz) = 3d6d2e4e69d7e5cbe133a4fc8b80e38f2c2fb57603f1e82475540a2e8d189b6e +SIZE (wazuh-4.3.6/wazuh-cache-any.tar.gz) = 87439198 +SHA256 (wazuh-4.3.6/wazuh-cache-fbsd12-amd64.tar.gz) = dc4b28b74c37fc7f76790c4883565080a94b95c887681c4ec9dea153bfcd9d1a +SIZE (wazuh-4.3.6/wazuh-cache-fbsd12-amd64.tar.gz) = 8436214 +SHA256 (wazuh-4.3.6/wazuh-cache-fbsd13-amd64.tar.gz) = 9bd1770537681f0bae4c7d9adf7a7750dcf5cccf64a7edc335d5afcb16acd22b +SIZE (wazuh-4.3.6/wazuh-cache-fbsd13-amd64.tar.gz) = 8397011 +SHA256 (wazuh-4.3.6/wazuh-wazuh-v4.3.6_GH0.tar.gz) = 81b7d549b5956e59ba2ded9f1305cfda57377858a8560891573a27b9139d2472 +SIZE (wazuh-4.3.6/wazuh-wazuh-v4.3.6_GH0.tar.gz) = 8346134 diff --git a/security/wazuh-manager/files/patch-api_Makefile b/security/wazuh-manager/files/patch-api_Makefile new file mode 100644 index 000000000000..de54bfba725e --- /dev/null +++ b/security/wazuh-manager/files/patch-api_Makefile @@ -0,0 +1,19 @@ +--- api/Makefile 2022-07-26 15:51:47.002374000 -0500 ++++ api/Makefile 2022-07-26 15:52:25.960498000 -0500 +@@ -8,11 +8,11 @@ + INSTALLDIR ?= /var/ossec + + RM_FILE = rm -f +-INSTALL_DIR = install -o root -g ${WAZUH_GROUP} -m 0750 -d +-INSTALL_RW_DIR = install -o root -g ${WAZUH_GROUP} -m 0770 -d +-INSTALL_EXEC = install -o root -g ${WAZUH_GROUP} -m 0750 +-INSTALL_FILE = install -o root -g ${WAZUH_GROUP} -m 0640 +-INSTALL_CONFIG_FILE = install -o root -g ${WAZUH_GROUP} -m 0660 ++INSTALL_DIR = install -m 0750 -d ++INSTALL_RW_DIR = install -m 0770 -d ++INSTALL_EXEC = install -m 0750 ++INSTALL_FILE = install -m 0640 ++INSTALL_CONFIG_FILE = install -m 0660 + PYTHON_BIN = $(INSTALLDIR)/framework/python/bin/python3 + + diff --git a/security/wazuh-manager/files/patch-framework_Makefile b/security/wazuh-manager/files/patch-framework_Makefile new file mode 100644 index 000000000000..0a225f120456 --- /dev/null +++ b/security/wazuh-manager/files/patch-framework_Makefile @@ -0,0 +1,21 @@ +--- framework/Makefile 2022-07-26 15:50:26.898033000 -0500 ++++ framework/Makefile 2022-07-26 15:51:11.464092000 -0500 +@@ -7,13 +7,13 @@ + WAZUH_GROUP = wazuh + INSTALLDIR ?= /var/ossec + +-CC = gcc +-CFLAGS = -pipe -Wall -Wextra ++CC ?= gcc ++CFLAGS ?= -pipe -Wall -Wextra + THREAD_FLAGS = -pthread + RM_FILE = rm -f +-INSTALL_DIR = install -o root -g ${WAZUH_GROUP} -m 0750 -d +-INSTALL_EXEC = install -o root -g ${WAZUH_GROUP} -m 0750 +-INSTALL_FILE = install -o root -g ${WAZUH_GROUP} -m 0640 ++INSTALL_DIR = install -m 0750 -d ++INSTALL_EXEC = install -m 0750 ++INSTALL_FILE = install -m 0640 + + ifdef DEBUG + CFLAGS+=-g -I ../src diff --git a/security/wazuh-manager/files/patch-src-Makefile b/security/wazuh-manager/files/patch-src-Makefile new file mode 100644 index 000000000000..c778601ff76c --- /dev/null +++ b/security/wazuh-manager/files/patch-src-Makefile @@ -0,0 +1,76 @@ +--- src/Makefile 2022-07-15 04:10:46.000000000 -0500 ++++ src/Makefile 2022-07-29 01:20:22.816107000 -0500 +@@ -16,8 +16,10 @@ + uname_M := $(shell sh -c 'uname -m 2>/dev/null || echo not') + HAS_CHECKMODULE = $(shell command -v checkmodule > /dev/null && echo YES) + HAS_SEMODULE_PACKAGE = $(shell command -v semodule_package > /dev/null && echo YES) ++ifeq (${uname_S},Linux) + CHECK_ARCHLINUX := $(shell sh -c 'grep "Arch Linux" /etc/os-release > /dev/null && echo YES || echo not') + CHECK_CENTOS5 := $(shell sh -c 'grep "CentOS release 5." /etc/redhat-release > /dev/null && echo YES || echo not') ++endif + + ARCH_FLAGS = + +@@ -208,10 +210,10 @@ + ifeq (${uname_S},FreeBSD) + DEFINES+=-DFreeBSD + OSSEC_CFLAGS+=-pthread -I/usr/local/include +- OSSEC_LDFLAGS+=-pthread ++ OSSEC_LDFLAGS+=-pthread -lnghttp2 + OSSEC_LDFLAGS+=-L/usr/local/lib + OSSEC_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../lib' +- AR_LDFLAGS+=-pthread ++ AR_LDFLAGS+=-pthread -lnghttp2 + AR_LDFLAGS+=-L/usr/local/lib + AR_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../../lib' + PRECOMPILED_OS:=freebsd +@@ -812,6 +814,8 @@ + EXTERNAL_LIBS += $(LIBCURL_LIB) + else ifeq (${uname_S},Linux) + EXTERNAL_LIBS += $(LIBCURL_LIB) ++else ifeq (${uname_S},FreeBSD) ++ EXTERNAL_LIBS += $(LIBCURL_LIB) + else ifeq (${uname_S},Darwin) + EXTERNAL_LIBS += $(LIBCURL_LIB) + endif +@@ -2112,26 +2116,28 @@ + mkdir -p ${WPYTHON_DIR} + cp external/${WPYTHON_TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} && ${TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} -C ${WPYTHON_DIR} && rm -rf ${WPYTHON_DIR}/${WPYTHON_TAR} + endif +- find ${WPYTHON_DIR} -name "*${WLIBPYTHON}" -exec ln -f {} ${INSTALLDIR}/lib/${WLIBPYTHON} \; + ++ mkdir -p $(STAGEDIR)${INSTALLDIR}/lib ++ find $(STAGEDIR)${WPYTHON_DIR} -name "*${WLIBPYTHON}" -exec ln -f {} $(STAGEDIR)${INSTALLDIR}/lib/${WLIBPYTHON} \; ++ + python_dependencies := requirements.txt + +-install_dependencies: install_python ++install_dependencies: + ifneq (,$(wildcard ${EXTERNAL_CPYTHON})) +- ${WPYTHON_DIR}/bin/python3 -m pip install --upgrade pip --index-url=file://${ROUTE_PATH}/${EXTERNAL_CPYTHON}/Dependencies/simple +- LD_LIBRARY_PATH="${INSTALLDIR}/lib" LDFLAGS="-L${INSTALLDIR}/lib" ${WPYTHON_DIR}/bin/pip3 install -r ../framework/${python_dependencies} --index-url=file://${ROUTE_PATH}/${EXTERNAL_CPYTHON}/Dependencies/simple ++ $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B -m pip install --upgrade pip --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --no-index --find-links=wazuh-cache/ --cache-dir=wazuh-cache/ --no-compile ++ LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-cache-any/*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile ++ LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-cache-${uname_M}/*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile + endif + +-install_framework: install_python +- cd ../framework && ${WPYTHON_DIR}/bin/python3 setup.py clean --all install --prefix=${WPYTHON_DIR} --wazuh-version=$(shell cat VERSION) --install-type=${TARGET} +- chown -R root:${WAZUH_GROUP} ${WPYTHON_DIR} +- chmod -R o=- ${WPYTHON_DIR} ++install_framework: ++ cd ../framework && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B setup.py clean --all install --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --wazuh-version=$(shell cat VERSION) --install-type=${TARGET} --no-compile ++ chmod -R o=- $(STAGEDIR)${WPYTHON_DIR} + +-install_api: install_python +- cd ../api && ${WPYTHON_DIR}/bin/python3 setup.py clean --all install --prefix=${WPYTHON_DIR} ++install_api: ++ cd ../api && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B setup.py clean --all install --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --no-compile + +-install_mitre: install_python +- cd ../tools/mitre && ${WPYTHON_DIR}/bin/python3 mitredb.py -d ${INSTALLDIR}/var/db/mitre.db ++install_mitre: ++ cd ../tools/mitre && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 mitredb.py -d $(STAGEDIR)${INSTALLDIR}/var/db/mitre.db + + + #################### diff --git a/security/wazuh-manager/files/patch-src-external-cpython_Makefile.pre.in b/security/wazuh-manager/files/patch-src-external-cpython_Makefile.pre.in new file mode 100644 index 000000000000..1b2b40726ef7 --- /dev/null +++ b/security/wazuh-manager/files/patch-src-external-cpython_Makefile.pre.in @@ -0,0 +1,118 @@ +--- src/external/cpython/Makefile.pre.in 2022-02-08 10:05:54.000000000 -0500 ++++ src/external/cpython/Makefile.pre.in 2022-07-29 16:26:56.387414000 -0500 +@@ -70,7 +70,7 @@ + INSTALL_DATA= @INSTALL_DATA@ + # Shared libraries must be installed with executable mode on some systems; + # rather than figuring out exactly which, we always give them executable mode. +-INSTALL_SHARED= ${INSTALL} -m 755 ++INSTALL_SHARED= ${INSTALL} -s -m 755 + + MKDIR_P= @MKDIR_P@ + +@@ -474,7 +474,7 @@ + # Default target + all: @DEF_MAKE_ALL_RULE@ + build_all: check-clean-src $(BUILDPYTHON) oldsharedmods sharedmods gdbhooks \ +- Programs/_testembed python-config ++ python-config + + # Check that the source is clean when building out of source. + check-clean-src: +@@ -723,8 +723,8 @@ + @echo "The Makefile was updated, you may need to re-run make." + + +-Programs/_testembed: Programs/_testembed.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) +- $(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/_testembed.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) ++: .o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) ++ $(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ .o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) + + ############################################################################ + # Importlib +@@ -797,8 +797,8 @@ + Programs/python.o: $(srcdir)/Programs/python.c + $(MAINCC) -c $(PY_CORE_CFLAGS) -o $@ $(srcdir)/Programs/python.c + +-Programs/_testembed.o: $(srcdir)/Programs/_testembed.c +- $(MAINCC) -c $(PY_CORE_CFLAGS) -o $@ $(srcdir)/Programs/_testembed.c ++.o: $(srcdir)/.c ++ $(MAINCC) -c $(PY_CORE_CFLAGS) -o $@ $(srcdir)/.c + + Modules/_sre.o: $(srcdir)/Modules/_sre.c $(srcdir)/Modules/sre.h $(srcdir)/Modules/sre_constants.h $(srcdir)/Modules/sre_lib.h + +@@ -1254,7 +1254,7 @@ + upgrade) ensurepip="--upgrade" ;; \ + install|*) ensurepip="" ;; \ + esac; \ +- $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ ++ $(RUNSHARED) $(PYTHON_FOR_BUILD) -B -m ensurepip \ + $$ensurepip --root=$(DESTDIR)/ ; \ + fi + +@@ -1264,7 +1264,7 @@ + upgrade) ensurepip="--altinstall --upgrade" ;; \ + install|*) ensurepip="--altinstall" ;; \ + esac; \ +- $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ ++ $(RUNSHARED) $(PYTHON_FOR_BUILD) -B -m ensurepip \ + $$ensurepip --root=$(DESTDIR)/ ; \ + fi + +@@ -1549,37 +1549,10 @@ + $(INSTALL_DATA) $(srcdir)/Modules/xxmodule.c \ + $(DESTDIR)$(LIBDEST)/distutils/tests ; \ + fi +- -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -Wi $(DESTDIR)$(LIBDEST)/compileall.py \ +- -j0 -d $(LIBDEST) -f \ +- -x 'bad_coding|badsyntax|site-packages|lib2to3/tests/data' \ +- $(DESTDIR)$(LIBDEST) + -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -Wi -O $(DESTDIR)$(LIBDEST)/compileall.py \ +- -j0 -d $(LIBDEST) -f \ +- -x 'bad_coding|badsyntax|site-packages|lib2to3/tests/data' \ +- $(DESTDIR)$(LIBDEST) ++ $(PYTHON_FOR_BUILD) -B -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/Grammar.txt + -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -Wi -OO $(DESTDIR)$(LIBDEST)/compileall.py \ +- -j0 -d $(LIBDEST) -f \ +- -x 'bad_coding|badsyntax|site-packages|lib2to3/tests/data' \ +- $(DESTDIR)$(LIBDEST) +- -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -Wi $(DESTDIR)$(LIBDEST)/compileall.py \ +- -j0 -d $(LIBDEST)/site-packages -f \ +- -x badsyntax $(DESTDIR)$(LIBDEST)/site-packages +- -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -Wi -O $(DESTDIR)$(LIBDEST)/compileall.py \ +- -j0 -d $(LIBDEST)/site-packages -f \ +- -x badsyntax $(DESTDIR)$(LIBDEST)/site-packages +- -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -Wi -OO $(DESTDIR)$(LIBDEST)/compileall.py \ +- -j0 -d $(LIBDEST)/site-packages -f \ +- -x badsyntax $(DESTDIR)$(LIBDEST)/site-packages +- -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/Grammar.txt +- -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ +- $(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/PatternGrammar.txt ++ $(PYTHON_FOR_BUILD) -B -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/PatternGrammar.txt + + # bpo-21536: Misc/python-config.sh is generated in the build directory + # from $(srcdir)Misc/python-config.sh.in. +@@ -1693,7 +1666,7 @@ + # Install the dynamically loadable modules + # This goes into $(exec_prefix) + sharedinstall: sharedmods +- $(RUNSHARED) $(PYTHON_FOR_BUILD) $(srcdir)/setup.py install \ ++ $(RUNSHARED) $(PYTHON_FOR_BUILD) -B $(srcdir)/setup.py install \ + --prefix=$(prefix) \ + --install-scripts=$(BINDIR) \ + --install-platlib=$(DESTSHARED) \ +@@ -1859,7 +1832,7 @@ + find build -name '*.py[co]' -exec rm -f {} ';' || true + -rm -f pybuilddir.txt + -rm -f Lib/lib2to3/*Grammar*.pickle +- -rm -f Programs/_testembed Programs/_freeze_importlib ++ -rm -f Programs/_freeze_importlib + -find build -type f -a ! -name '*.gc??' -exec rm -f {} ';' + -rm -f Include/pydtrace_probes.h + -rm -f profile-gen-stamp diff --git a/security/wazuh-manager/files/patch-tools-mitre_mitredb-py b/security/wazuh-manager/files/patch-tools-mitre_mitredb-py new file mode 100644 index 000000000000..58c0b5aa4b92 --- /dev/null +++ b/security/wazuh-manager/files/patch-tools-mitre_mitredb-py @@ -0,0 +1,16 @@ +--- tools/mitre/mitredb.py 2022-07-26 14:50:02.401104000 -0500 ++++ tools/mitre/mitredb.py 2022-07-26 15:25:13.375626000 -0500 +@@ -763,13 +763,6 @@ + # Parse enterprise-attack.json file: + parse_json(pathfile, session, database) + +- # User and group permissions +- os.chmod(database, 0o660) +- uid = pwd.getpwnam("root").pw_uid +- gid = grp.getgrnam("wazuh").gr_gid +- os.chown(database, uid, gid) +- +- + if __name__ == '__main__': + parser = argparse.ArgumentParser(description='This script installs mitre.db in a directory.') + parser.add_argument('--database', '-d', help='-d /your/directory/mitre.db (default: /var/ossec/var/db/mitre.db') diff --git a/security/wazuh-manager/files/pkg-message.in b/security/wazuh-manager/files/pkg-message.in new file mode 100644 index 000000000000..62c75efbb0f1 --- /dev/null +++ b/security/wazuh-manager/files/pkg-message.in @@ -0,0 +1,40 @@ +[ +{ type: install + message: <<EOM +Wazuh Manager was installed + +1) Copy /etc/locatime to /var/ossec/etc directory + + # cp /etc/localtime /var/ossec/etc + +2) You must edit /var/ossec/etc/ossec.conf.sample for your setup and rename/copy + it to ossec.conf. + + Take a look wazuh manager configuration at the following url: + + https://documentation.wazuh.com/current/user-manual/manager/index.html + +3) You can find additional useful files installed at + + # /var/ossec/packages_files/manager_installation_scripts + +4) Do not forget generate auth certificate + + # openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 \ + -subj "/C=US/ST=California/CN=Wazuh/" \ + -keyout /var/ossec/etc/sslmanager.key -out /var/ossec/etc/sslmanager.cert + # chmod 640 /var/ossec/etc/sslmanager.key + # chmod 640 /var/ossec/etc/sslmanager.cert + +5) Add Wazuh manager to /etc/rc.conf + + # sysrc wazuh_manager_enable="YES" + +6) Start Wazuh manager + + # service wazuh_manager start + +7) Enjoy it ;) +EOM +} +] diff --git a/security/wazuh-manager/files/wazuh-manager.in b/security/wazuh-manager/files/wazuh-manager.in new file mode 100644 index 000000000000..e49211d40300 --- /dev/null +++ b/security/wazuh-manager/files/wazuh-manager.in @@ -0,0 +1,60 @@ +#!/bin/sh + +# PROVIDE: wazuh_manager +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Add these lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# wazuh_manager_enable (bool): Set to NO by default. +# Set it to YES to enable Wazuh Agent. +# + +. /etc/rc.subr + +name="wazuh_manager" # How the service will be invoked from service +rcvar="${name}_enable" # The variable in rc.conf that will allow this service to run + +load_rc_config $name # Loads the config file, if relevant. + +: ${wazuh_manager_enable:="NO"} + +command="/var/ossec/bin/wazuh-control" +extra_commands="status" + +start_cmd="wazuh_manager_start" +stop_cmd="wazuh_manager_stop" +status_cmd="wazuh_manager_status" + +wazuh_manager_start() { + echo -n "Starting Wazuh Manager: " + ${command} start > /dev/null + RETVAL=$? + if [ $RETVAL -eq 0 ]; then + echo success + else + echo failure + fi + echo + return $RETVAL +} + +wazuh_manager_stop() { + echo -n "Stopping Wazuh Manager: " + ${command} stop > /dev/null + RETVAL=$? + if [ $RETVAL -eq 0 ]; then + echo success + else + echo failure + fi + echo + return $RETVAL +} + +wazuh_manager_status() { + ${command} status +} + +run_rc_command "$@" + diff --git a/security/wazuh-manager/pkg-descr b/security/wazuh-manager/pkg-descr new file mode 100644 index 000000000000..e8689bb32fb7 --- /dev/null +++ b/security/wazuh-manager/pkg-descr @@ -0,0 +1,11 @@ +Wazuh is a free and open source platform used for threat prevention, detection, +and response. It is capable of protecting workloads across on-premises, +virtualized, containerized, and cloud-based environments. + +Wazuh solution consists of an endpoint security agent, deployed to the +monitored systems, and a management server, which collects and analyzes data +gathered by the agents. Besides, Wazuh has been fully integrated with the +Elastic Stack, providing a search engine and data visualization tool that +allows users to navigate through their security alerts. + +WWW: https://wazuh.com/ diff --git a/security/wazuh-manager/pkg-plist b/security/wazuh-manager/pkg-plist new file mode 100644 index 000000000000..95d0b82256c4 --- /dev/null +++ b/security/wazuh-manager/pkg-plist @@ -0,0 +1,25300 @@ +@mode 750 +@owner root +@group wazuh +/var/ossec/active-response/bin/default-firewall-drop +/var/ossec/active-response/bin/disable-account +/var/ossec/active-response/bin/firewall-drop +/var/ossec/active-response/bin/firewalld-drop +/var/ossec/active-response/bin/host-deny +/var/ossec/active-response/bin/ip-customblock +/var/ossec/active-response/bin/ipfw +/var/ossec/active-response/bin/kaspersky +/var/ossec/active-response/bin/kaspersky.py +/var/ossec/active-response/bin/npf +/var/ossec/active-response/bin/pf +/var/ossec/active-response/bin/restart-wazuh +/var/ossec/active-response/bin/restart.sh +/var/ossec/active-response/bin/route-null +/var/ossec/active-response/bin/wazuh-slack +@mode 750 +@owner root +@group wazuh +/var/ossec/agentless/main.exp +/var/ossec/agentless/register_host.sh +/var/ossec/agentless/ssh.exp +/var/ossec/agentless/ssh_asa-fwsmconfig_diff +/var/ossec/agentless/ssh_foundry_diff +/var/ossec/agentless/ssh_generic_diff +/var/ossec/agentless/ssh_integrity_check_bsd +/var/ossec/agentless/ssh_integrity_check_linux +/var/ossec/agentless/ssh_nopass.exp +/var/ossec/agentless/ssh_pixconfig_diff +/var/ossec/agentless/sshlogin.exp +/var/ossec/agentless/su.exp +/var/ossec/api/configuration/api.yaml +/var/ossec/api/scripts/wazuh-apid.py +@mode 750 +@owner root +@group wheel +/var/ossec/bin/agent_control +/var/ossec/bin/agent_groups +/var/ossec/bin/agent_upgrade +/var/ossec/bin/clear_stats +/var/ossec/bin/cluster_control +/var/ossec/bin/manage_agents +@(root,wazuh,750) /var/ossec/bin/verify-agent-conf +@mode 750 +@owner root +@group wheel +/var/ossec/bin/wazuh-agentlessd +/var/ossec/bin/wazuh-analysisd +/var/ossec/bin/wazuh-apid +/var/ossec/bin/wazuh-authd +/var/ossec/bin/wazuh-clusterd +/var/ossec/bin/wazuh-control +/var/ossec/bin/wazuh-csyslogd +/var/ossec/bin/wazuh-db +/var/ossec/bin/wazuh-dbd +/var/ossec/bin/wazuh-execd +/var/ossec/bin/wazuh-integratord +/var/ossec/bin/wazuh-logcollector +/var/ossec/bin/wazuh-logtest +/var/ossec/bin/wazuh-logtest-legacy +/var/ossec/bin/wazuh-maild +/var/ossec/bin/wazuh-modulesd +/var/ossec/bin/wazuh-monitord +/var/ossec/bin/wazuh-regex +/var/ossec/bin/wazuh-remoted +/var/ossec/bin/wazuh-reportd +/var/ossec/bin/wazuh-syscheckd +@mode 640 +@owner root +@group wazuh +/var/ossec/etc/client.keys +/var/ossec/etc/internal_options.conf +/var/ossec/etc/lists/amazon/aws-eventnames +/var/ossec/etc/lists/amazon/aws-sources +/var/ossec/etc/lists/audit-keys +/var/ossec/etc/lists/security-eventchannel +/var/ossec/etc/local_internal_options.conf +/var/ossec/etc/localtime +@mode 660 +@owner root +@group wazuh +@sample /var/ossec/etc/ossec.conf.sample +/var/ossec/etc/rootcheck/cis_apache2224_rcl.txt +/var/ossec/etc/rootcheck/cis_debian_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_mysql5-6_community_rcl.txt +/var/ossec/etc/rootcheck/cis_mysql5-6_enterprise_rcl.txt +/var/ossec/etc/rootcheck/cis_rhel5_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_rhel6_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_rhel7_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_rhel_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_sles11_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_sles12_linux_rcl.txt +/var/ossec/etc/rootcheck/cis_win2012r2_domainL1_rcl.txt +/var/ossec/etc/rootcheck/cis_win2012r2_domainL2_rcl.txt +/var/ossec/etc/rootcheck/cis_win2012r2_memberL1_rcl.txt +/var/ossec/etc/rootcheck/cis_win2012r2_memberL2_rcl.txt +/var/ossec/etc/rootcheck/rootkit_files.txt +/var/ossec/etc/rootcheck/rootkit_trojans.txt +/var/ossec/etc/rootcheck/system_audit_rcl.txt +/var/ossec/etc/rootcheck/system_audit_ssh.txt +/var/ossec/etc/rootcheck/win_applications_rcl.txt +/var/ossec/etc/rootcheck/win_audit_rcl.txt +/var/ossec/etc/rootcheck/win_malware_rcl.txt +@mode 660 +@owner wazuh +@group wazuh +/var/ossec/etc/rules/local_rules.xml +/var/ossec/etc/decoders/local_decoder.xml +/var/ossec/etc/shared/agent-template.conf +/var/ossec/etc/shared/default/agent.conf +/var/ossec/etc/shared/default/cis_apache2224_rcl.txt +/var/ossec/etc/shared/default/cis_debian_linux_rcl.txt +/var/ossec/etc/shared/default/cis_mysql5-6_community_rcl.txt +/var/ossec/etc/shared/default/cis_mysql5-6_enterprise_rcl.txt +/var/ossec/etc/shared/default/cis_rhel5_linux_rcl.txt +/var/ossec/etc/shared/default/cis_rhel6_linux_rcl.txt +/var/ossec/etc/shared/default/cis_rhel7_linux_rcl.txt +/var/ossec/etc/shared/default/cis_rhel_linux_rcl.txt +/var/ossec/etc/shared/default/cis_sles11_linux_rcl.txt +/var/ossec/etc/shared/default/cis_sles12_linux_rcl.txt +/var/ossec/etc/shared/default/cis_win2012r2_domainL1_rcl.txt +/var/ossec/etc/shared/default/cis_win2012r2_domainL2_rcl.txt +/var/ossec/etc/shared/default/cis_win2012r2_memberL1_rcl.txt +/var/ossec/etc/shared/default/cis_win2012r2_memberL2_rcl.txt +/var/ossec/etc/shared/default/rootkit_files.txt +/var/ossec/etc/shared/default/rootkit_trojans.txt +/var/ossec/etc/shared/default/system_audit_rcl.txt +/var/ossec/etc/shared/default/system_audit_ssh.txt +/var/ossec/etc/shared/default/win_applications_rcl.txt +/var/ossec/etc/shared/default/win_audit_rcl.txt +/var/ossec/etc/shared/default/win_malware_rcl.txt +@mode 750 +@owner root +@group wazuh +/var/ossec/framework/python/bin/2to3 +/var/ossec/framework/python/bin/2to3-%%PYTHON_VER%% +/var/ossec/framework/python/bin/chardetect +/var/ossec/framework/python/bin/connexion +/var/ossec/framework/python/bin/cygdb +/var/ossec/framework/python/bin/cython +/var/ossec/framework/python/bin/cythonize +/var/ossec/framework/python/bin/fixup_pubsub_v1_keywords.py +/var/ossec/framework/python/bin/flask +/var/ossec/framework/python/bin/futurize +/var/ossec/framework/python/bin/idle3 +/var/ossec/framework/python/bin/idle%%PYTHON_VER%% +/var/ossec/framework/python/bin/jp.py +/var/ossec/framework/python/bin/jsonschema +/var/ossec/framework/python/bin/normalizer +/var/ossec/framework/python/bin/openapi-spec-validator +/var/ossec/framework/python/bin/pasteurize +/var/ossec/framework/python/bin/pip3 +/var/ossec/framework/python/bin/pip%%PYTHON_VER%% +/var/ossec/framework/python/bin/pydoc3 +/var/ossec/framework/python/bin/pydoc%%PYTHON_VER%% +/var/ossec/framework/python/bin/pyrsa-decrypt +/var/ossec/framework/python/bin/pyrsa-encrypt +/var/ossec/framework/python/bin/pyrsa-keygen +/var/ossec/framework/python/bin/pyrsa-priv2pub +/var/ossec/framework/python/bin/pyrsa-sign +/var/ossec/framework/python/bin/pyrsa-verify +/var/ossec/framework/python/bin/python3 +/var/ossec/framework/python/bin/python3-config +/var/ossec/framework/python/bin/%%PYTHON_VERSION%% +/var/ossec/framework/python/bin/%%PYTHON_VERSION%%-config +/var/ossec/framework/python/bin/rst2html.py +/var/ossec/framework/python/bin/rst2html4.py +/var/ossec/framework/python/bin/rst2html5.py +/var/ossec/framework/python/bin/rst2latex.py +/var/ossec/framework/python/bin/rst2man.py +/var/ossec/framework/python/bin/rst2odt.py +/var/ossec/framework/python/bin/rst2odt_prepstyles.py +/var/ossec/framework/python/bin/rst2pseudoxml.py +/var/ossec/framework/python/bin/rst2s5.py +/var/ossec/framework/python/bin/rst2xetex.py +/var/ossec/framework/python/bin/rst2xml.py +/var/ossec/framework/python/bin/rstpep2html.py +/var/ossec/framework/python/bin/tabulate +/var/ossec/framework/python/bin/wsdump.py *** 25119 LINES SKIPPED ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202207312020.26VKKbiQ070275>