From owner-freebsd-ports-bugs@FreeBSD.ORG Sat Jun 2 17:40:04 2007 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 816EF16A469 for ; Sat, 2 Jun 2007 17:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 62D3613C448 for ; Sat, 2 Jun 2007 17:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l52He4Pj025599 for ; Sat, 2 Jun 2007 17:40:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l52He4bm025598; Sat, 2 Jun 2007 17:40:04 GMT (envelope-from gnats) Resent-Date: Sat, 2 Jun 2007 17:40:04 GMT Resent-Message-Id: <200706021740.l52He4bm025598@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Paul Schmehl Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8068416A46D for ; Sat, 2 Jun 2007 17:31:54 +0000 (UTC) (envelope-from root+utd59514@utdallas.edu) Received: from smtp2.utdallas.edu (smtp2.utdallas.edu [129.110.10.33]) by mx1.freebsd.org (Postfix) with ESMTP id 4E3D313C45B for ; Sat, 2 Jun 2007 17:31:54 +0000 (UTC) (envelope-from root+utd59514@utdallas.edu) Received: from utd59514.utdallas.edu (utd59514.utdallas.edu [129.110.3.28]) by smtp2.utdallas.edu (Postfix) with ESMTP id 0B6835C13B for ; Sat, 2 Jun 2007 12:31:54 -0500 (CDT) Received: by utd59514.utdallas.edu (Postfix, from userid 0) id 0942326183A; Sat, 2 Jun 2007 12:31:54 -0500 (CDT) Message-Id: <20070602173154.0942326183A@utd59514.utdallas.edu> Date: Sat, 2 Jun 2007 12:31:54 -0500 (CDT) From: Paul Schmehl To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/113260: security/ossec-hids-client X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Paul Schmehl List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Jun 2007 17:40:04 -0000 >Number: 113260 >Category: ports >Synopsis: security/ossec-hids-client >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sat Jun 02 17:40:03 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Paul Schmehl >Release: FreeBSD 6.0-SECURITY i386 >Organization: The University of Texas at Dallas >Environment: System: FreeBSD hostname.utdallas.edu 6.0-SECURITY FreeBSD 6.0-SECURITY #0: Wed Feb 14 12:22:36 UTC 2007 root@builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: The pkg-plist for this port was placed in the master port and called from the master port Makefile, so it didn't work. This PR patches the Makefile to call the pkg-plist correctly and adds a corrected pkg-plist which is added to this port. The pkg-plist was corrected to use @dirrmtry instead of @dirrm, because if the daemons have been started once, new directories and files are added to the ossec-hids directory structure that the port can't possibly know about in advance. Additional file removals were added to properly remove all the installed files if the port has never been used. PLEASE NOTE: I have not tested this port with the related server port, because I don't have the equipment to do that. On its own, the port generates errors when you try to start the daemons. Those may be related to the need for a running server and proper configuration of the port, but I did not test that. This PR simply ensures that the port will install and deinstall correctly. >How-To-Repeat: >Fix: Without this patch, this port will not uninstall correctly and will generate tons of errors about missing files. --- patch-Makefile begins here --- --- Makefile.orig Sat Jun 2 01:29:58 2007 +++ Makefile Sat Jun 2 01:24:25 2007 @@ -9,4 +9,6 @@ MASTERDIR= ${.CURDIR}/../ossec-hids-server +PLIST= pkg-plist.client + .include "${MASTERDIR}/Makefile" --- patch-Makefile ends here --- --- pkg-plist.client begins here --- %%PORTNAME%%/active-response/bin/firewalls/firewall-drop.sh %%PORTNAME%%/active-response/bin/firewalls/ipfw.sh %%PORTNAME%%/active-response/bin/firewalls/ipfw_mac.sh %%PORTNAME%%/active-response/bin/firewalls/pf.sh %%PORTNAME%%/active-response/bin/disable-account.sh %%PORTNAME%%/active-response/bin/firewall-drop.sh %%PORTNAME%%/active-response/bin/host-deny.sh %%PORTNAME%%/active-response/bin/route-null.sh %%PORTNAME%%/bin/manage_agents %%PORTNAME%%/bin/ossec-agentd %%PORTNAME%%/bin/ossec-control %%PORTNAME%%/bin/ossec-execd %%PORTNAME%%/bin/ossec-logcollector %%PORTNAME%%/bin/ossec-syscheckd %%PORTNAME%%/etc/internal_options.conf %%PORTNAME%%/etc/shared/rootkit_trojans.txt %%PORTNAME%%/etc/shared/rootkit_files.txt %%PORTNAME%%/etc/localtime @unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi %%PORTNAME%%/etc/ossec.conf.sample %%PORTNAME%%/logs/ossec.log @dirrmtry %%PORTNAME%%/active-response/bin/firewalls @dirrmtry %%PORTNAME%%/active-response/bin @dirrmtry %%PORTNAME%%/active-response @dirrmtry %%PORTNAME%%/etc/shared @dirrmtry %%PORTNAME%%/etc/ @dirrmtry %%PORTNAME%%/var/run @dirrmtry %%PORTNAME%%/var @dirrmtry %%PORTNAME%%/queue/syscheck @dirrmtry %%PORTNAME%%/queue/rids @dirrmtry %%PORTNAME%%/queue/ossec @dirrmtry %%PORTNAME%%/queue/alerts @dirrmtry %%PORTNAME%%/queue @dirrmtry %%PORTNAME%%/logs @dirrmtry %%PORTNAME%%/bin @dirrmtry %%PORTNAME%% --- pkg-plist.client ends here --- >Release-Note: >Audit-Trail: >Unformatted: