From owner-svn-ports-head@FreeBSD.ORG Sun May 10 20:59:02 2015 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D7DF57EC; Sun, 10 May 2015 20:59:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C59621A44; Sun, 10 May 2015 20:59:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t4AKx1MH062045; Sun, 10 May 2015 20:59:01 GMT (envelope-from zi@FreeBSD.org) Received: (from zi@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t4AKx0pO062030; Sun, 10 May 2015 20:59:00 GMT (envelope-from zi@FreeBSD.org) Message-Id: <201505102059.t4AKx0pO062030@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: zi set sender to zi@FreeBSD.org using -f From: Ryan Steinmetz Date: Sun, 10 May 2015 20:59:00 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r386029 - in head/sysutils/osquery: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 May 2015 20:59:02 -0000 Author: zi Date: Sun May 10 20:58:59 2015 New Revision: 386029 URL: https://svnweb.freebsd.org/changeset/ports/386029 Log: - Add users/groups table support for FreeBSD - Update default config file locations - Bump PORTREVISION Added: head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_groups.cpp (contents, props changed) head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_users.cpp (contents, props changed) Modified: head/sysutils/osquery/Makefile head/sysutils/osquery/files/patch-osquery_tables_specs_blacklist head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_sysctl__utils.cpp Modified: head/sysutils/osquery/Makefile ============================================================================== --- head/sysutils/osquery/Makefile Sun May 10 20:38:22 2015 (r386028) +++ head/sysutils/osquery/Makefile Sun May 10 20:58:59 2015 (r386029) @@ -3,6 +3,7 @@ PORTNAME= osquery PORTVERSION= 1.4.5 +PORTREVISION= 1 CATEGORIES= sysutils MASTER_SITES= GH:ghc \ https://codeload.github.com/${PORTNAME}/third-party/tar.gz/${PORTVERSION}?dummy=/:gh @@ -52,6 +53,12 @@ post-extract: ${LN} -sf ${WRKDIR}/third-party-${PORTVERSION} ${WRKSRC}/third-party post-patch: + ${REINPLACE_CMD} -e 's|/var/osquery|/var/db/osquery|g' \ + ${WRKSRC}/osquery/core/init.cpp + ${REINPLACE_CMD} -e 's|/var/osquery/osquery.em|/var/run/osquery.em|g' \ + -e 's|/etc/osquery/extensions.load|${PREFIX}/etc/osquery.extensions|g' \ + -e 's|/etc/osquery/modules.load|${PREFIX}/etc/osquery.modules|g' \ + ${WRKSRC}/osquery/extensions/extensions.cpp ${REINPLACE_CMD} -e 's|/var/osquery/osquery.conf|${PREFIX}/etc/osquery.conf|g' \ ${WRKSRC}/osquery/config/plugins/filesystem.cpp ${REINPLACE_CMD} -e 's|/var/osquery/|/var/db/osquery/|g' \ Modified: head/sysutils/osquery/files/patch-osquery_tables_specs_blacklist ============================================================================== --- head/sysutils/osquery/files/patch-osquery_tables_specs_blacklist Sun May 10 20:38:22 2015 (r386028) +++ head/sysutils/osquery/files/patch-osquery_tables_specs_blacklist Sun May 10 20:58:59 2015 (r386029) @@ -33,7 +33,7 @@ +freebsd:routes +freebsd:system_controls +freebsd:usb_devices -+freebsd:users ++#freebsd:users +freebsd:yara_events +freebsd:yara +freebsd:system_controls Added: head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_groups.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_groups.cpp Sun May 10 20:58:59 2015 (r386029) @@ -0,0 +1,43 @@ +--- osquery/tables/system/freebsd/groups.cpp.orig 2015-05-05 00:16:41 UTC ++++ osquery/tables/system/freebsd/groups.cpp +@@ -8,6 +8,11 @@ + * + */ + ++#include ++#include ++ ++#include ++ + #include + #include + +@@ -16,10 +21,26 @@ namespace tables { + + std::mutex grpEnumerationMutex; + +-QueryData genGroups(QueryContext& context) { ++QueryData genGroups(QueryContext &context) { ++ std::lock_guard lock(grpEnumerationMutex); + QueryData results; ++ struct group *grp = nullptr; ++ std::set groups_in; + +- throw std::domain_error("Table not implemented for FreeBSD"); ++ setgrent(); ++ while ((grp = getgrent()) != nullptr) { ++ if (std::find(groups_in.begin(), groups_in.end(), grp->gr_gid) == ++ groups_in.end()) { ++ Row r; ++ r["gid"] = INTEGER(grp->gr_gid); ++ r["gid_signed"] = INTEGER((int32_t) grp->gr_gid); ++ r["groupname"] = TEXT(grp->gr_name); ++ results.push_back(r); ++ groups_in.insert(grp->gr_gid); ++ } ++ } ++ endgrent(); ++ groups_in.clear(); + + return results; + } Modified: head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_sysctl__utils.cpp ============================================================================== --- head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_sysctl__utils.cpp Sun May 10 20:38:22 2015 (r386028) +++ head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_sysctl__utils.cpp Sun May 10 20:58:59 2015 (r386029) @@ -1,4 +1,4 @@ ---- osquery/tables/system/freebsd/sysctl_utils.cpp.orig 2015-05-08 22:20:24 UTC +--- osquery/tables/system/freebsd/sysctl_utils.cpp.orig 2015-05-10 20:45:08 UTC +++ osquery/tables/system/freebsd/sysctl_utils.cpp @@ -0,0 +1,36 @@ +/* Added: head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_users.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sysutils/osquery/files/patch-osquery_tables_system_freebsd_users.cpp Sun May 10 20:58:59 2015 (r386029) @@ -0,0 +1,49 @@ +--- osquery/tables/system/freebsd/users.cpp.orig 2015-05-05 00:16:41 UTC ++++ osquery/tables/system/freebsd/users.cpp +@@ -8,16 +8,45 @@ + * + */ + ++#include ++#include ++#include ++#include ++ ++#include ++ + #include + #include + + namespace osquery { + namespace tables { + ++std::mutex pwdEnumerationMutex; ++ + QueryData genUsers(QueryContext& context) { ++ std::lock_guard lock(pwdEnumerationMutex); + QueryData results; ++ struct passwd *pwd = nullptr; ++ std::set users_in; + +- throw std::domain_error("Table not implemented for FreeBSD"); ++ while ((pwd = getpwent()) != nullptr) { ++ if (std::find(users_in.begin(), users_in.end(), pwd->pw_uid) == ++ users_in.end()) { ++ Row r; ++ r["uid"] = BIGINT(pwd->pw_uid); ++ r["gid"] = BIGINT(pwd->pw_gid); ++ r["uid_signed"] = BIGINT((int32_t) pwd->pw_uid); ++ r["gid_signed"] = BIGINT((int32_t) pwd->pw_gid); ++ r["username"] = TEXT(pwd->pw_name); ++ r["description"] = TEXT(pwd->pw_gecos); ++ r["directory"] = TEXT(pwd->pw_dir); ++ r["shell"] = TEXT(pwd->pw_shell); ++ results.push_back(r); ++ users_in.insert(pwd->pw_uid); ++ } ++ } ++ endpwent(); ++ users_in.clear(); + + return results; + }