Date: Wed, 22 Feb 2012 15:57:11 -0600 (CST) From: Joe Greco <jgreco@ns.sol.net> To: ports@freebsd.org Subject: Req update for ports/security/tripwire12 Message-ID: <201202222157.q1MLvBKV052020@aurora.sol.net>
next in thread | raw e-mail | index | archive | help
misc fixes (not comprehensive) for freebsd8 diff -Ncr tripwire12.old/Makefile tripwire12/Makefile *** tripwire12.old/Makefile Sun Apr 26 02:22:57 2009 --- tripwire12/Makefile Wed Feb 22 15:22:52 2012 *************** *** 20,26 **** NO_PACKAGE= requires local database to be built USE_PERL5_BUILD=yes ! TWCONFIG?= ${FILESDIR}/tw.conf.freebsd2 post-extract: @ (cd ${WRKDIR}; tar xpf T1.2.tar) --- 20,26 ---- NO_PACKAGE= requires local database to be built USE_PERL5_BUILD=yes ! TWCONFIG?= ${FILESDIR}/tw.conf.freebsd8 post-extract: @ (cd ${WRKDIR}; tar xpf T1.2.tar) *************** *** 33,41 **** pre-configure: @ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs ! @ ${SED} s%/kernel%`/sbin/sysctl -bn kern.bootfile`% \ ! < ${TWCONFIG} \ ! > ${WRKSRC}/configs/tw.conf.freebsd2 post-install: @ ${MKDIR} /var/adm/tcheck --- 33,39 ---- pre-configure: @ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs ! @ ${cp} ${TWCONFIG} ${WRKSRC}/configs/tw.conf.freebsd8 post-install: @ ${MKDIR} /var/adm/tcheck diff -Ncr tripwire12.old/files/tw.conf.freebsd8 tripwire12/files/tw.conf.freebsd8 *** tripwire12.old/files/tw.conf.freebsd8 Wed Dec 31 18:00:00 1969 --- tripwire12/files/tw.conf.freebsd8 Wed Feb 22 15:52:37 2012 *************** *** 0 **** --- 1,165 ---- + # $FreeBSD$ + # + # tripwire.config + # Generic version for FreeBSD + # Will need editing...see comments below + # + # This file contains a list of files and directories that System + # Preener will scan. Information collected from these files will be + # stored in the tripwire.database file. + # + # Format: [!|=] entry [ignore-flags] + # + # where: '!' signifies the entry is to be pruned (inclusive) from + # the list of files to be scanned. + # '=' signifies the entry is to be added, but if it is + # a directory, then all its contents are pruned + # (useful for /tmp). + # + # where: entry is the absolute pathname of a file or a directory + # + # where ignore-flags are in the format: + # [template][ [+|-][pinugsam12] ... ] + # + # - : ignore the following atributes + # + : do not ignore the following attributes + # + # p : permission and file mode bits a: access timestamp + # i : inode number m: modification timestamp + # n : number of links (ref count) c: inode creation timestamp + # u : user id of owner 1: signature 1 + # g : group id of owner 2: signature 2 + # s : size of file + # + # + # Ex: The following entry will scan all the files in /etc, and report + # any changes in mode bits, inode number, reference count, uid, + # gid, modification and creation timestamp, and the signatures. + # However, it will ignore any changes in the access timestamp. + # + # /etc +pinugsm12-a + # + # The following templates have been pre-defined to make these long ignore + # mask descriptions unecessary. + # + # Templates: (default) R : [R]ead-only (+pinugsm12-a) + # L : [L]og file (+pinug-sam12) + # N : ignore [N]othing (+pinusgsamc12) + # E : ignore [E]verything (-pinusgsamc12) + # + # By default, Tripwire uses the R template -- it ignores + # only the access timestamp. + # + # You can use templates with modifiers, like: + # Ex: /etc/lp E+ug + # + # Example configuration file: + # /etc R # all system files + # !/etc/lp R # ...but not those logs + # =/tmp N # just the directory, not its files + # + # Note the difference between pruning (via "!") and ignoring everything + # (via "E" template): Ignoring everything in a directory still monitors + # for added and deleted files. Pruning a directory will prevent Tripwire + # from even looking in the specified directory. + # + # + # Tripwire running slowly? Modify your tripwire.config entries to + # ignore the (signature 2) attribute when this computationally-exorbitant + # protection is not needed. (See README and design document for further + # details.) + # + + # First, root's traditional "home". Note that FreeBSD's root's home (/root) + # is protected by R-2 protections in the default config file. + =/ L + /.rhosts R # may not exist + /.profile R # may not exist + /.cshrc R # may not exist + /.login R # may not exist + /.exrc R # may not exist + /.logout R # may not exist + /.forward R # may not exist + + # Unix itself + /kernel R + /boot R + /boot.config R + + # /bin + /bin R-2 + + # /dev + =/dev L + + # /etc + /etc R-2 + /etc/aliases L + /etc/dumpdates L + /etc/motd L + + # my passwd database should be static at time of system build. yours may + # not be, if not, uncomment the lines below. + + # /etc/passwd L + # /etc/master.passwd L + # /etc/pwd.db L + # /etc/spwd.db L + + # /home + =/home + + # /lib + /lib R-2 + + # /libexec + /libexec R-2 + + # /lkm and /modules + /lkm R-2 + /modules R-2 + + # /boot + /boot R-2 + + # /rescue + /rescue R-2 + + # /root + /root R-2 + /root/.history L + + # /sbin + /sbin R-2 + + # /stand + /stand R-2 + + # /usr/bin + /usr/bin R-2 + + /usr/include R-12 + + /usr/lib R-2 + + /usr/libdata R-2 + + /usr/libexec R-2 + + /usr/local/bin R-2 + + /usr/local/etc L + + /usr/local/lib R-2 + + /usr/local/libexec R-2 + + /usr/local/sbin R-2 + + /usr/local/share R-2 + + /usr/sbin R-2 + + /usr/share R-2 + + ########################################### ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201202222157.q1MLvBKV052020>