Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 7 Oct 2019 17:32:02 +0200
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        Bernhard Froehlich <decke@FreeBSD.org>
Cc:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r511915 - in head/security: . wazuh-agent wazuh-agent/files
Message-ID:  <20191007153202.oe3a2432j7rjobyp@ivaldir.net>
In-Reply-To: <201909130745.x8D7jbFg072399@repo.freebsd.org>
References:  <201909130745.x8D7jbFg072399@repo.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--ihxcoct5tfpgiqzl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Sep 13, 2019 at 07:45:37AM +0000, Bernhard Froehlich wrote:
> Author: decke
> Date: Fri Sep 13 07:45:37 2019
> New Revision: 511915
> URL: https://svnweb.freebsd.org/changeset/ports/511915
>=20
> Log:
>   The Wazuh agent runs on the hosts that you want to monitor.
>   It is multi-platform and provides the following capabilities:
>  =20
>   - Log and data collection
>   - File integrity monitoring
>   - Rootkit and malware detection
>   - Security policy monitoring.
>   - Configuration assessments
>   - Software inventory
>  =20
>   In addition, it communicates with the Wazuh manager, sending data in ne=
ar
>   real-time through an encrypted and authenticated channel.
>  =20
>   WWW: https://github.com/wazuh/wazuh
>  =20
>   PR:		237900
>   Submitted by:	Michael Muenz <m.muenz@gmail.com>
>=20
> Added:
>   head/security/wazuh-agent/
>   head/security/wazuh-agent/Makefile   (contents, props changed)
>   head/security/wazuh-agent/distinfo   (contents, props changed)
>   head/security/wazuh-agent/files/
>   head/security/wazuh-agent/files/patch-src_external_openssl_Makefile   (=
contents, props changed)
>   head/security/wazuh-agent/pkg-descr   (contents, props changed)
>   head/security/wazuh-agent/pkg-plist   (contents, props changed)
> Modified:
>   head/security/Makefile
>=20
> Modified: head/security/Makefile
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/security/Makefile	Fri Sep 13 07:21:51 2019	(r511914)
> +++ head/security/Makefile	Fri Sep 13 07:45:37 2019	(r511915)
> @@ -1307,6 +1307,7 @@
>      SUBDIR +=3D vxquery
>      SUBDIR +=3D w3af
>      SUBDIR +=3D wapiti
> +    SUBDIR +=3D wazuh-agent
>      SUBDIR +=3D webfwlog
>      SUBDIR +=3D webscarab
>      SUBDIR +=3D whatweb
>=20
> Added: head/security/wazuh-agent/Makefile
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- /dev/null	00:00:00 1970	(empty, because file is newly added)
> +++ head/security/wazuh-agent/Makefile	Fri Sep 13 07:45:37 2019	(r511915)
> @@ -0,0 +1,104 @@
> +# $FreeBSD$
> +
> +PORTNAME=3D	wazuh
> +DISTVERSIONPREFIX=3D	v
> +DISTVERSION=3D	3.9.5
> +CATEGORIES=3D	security
> +MASTER_SITES=3D	https://packages.wazuh.com/deps/3.9/
> +PKGNAMESUFFIX=3D	-agent
> +DISTFILES=3D	cJSON.tar.gz src_cpython.tar.gz curl.tar.gz libdb.tar.gz li=
bffi.tar.gz \
> +		libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz  zlib.tar.gz=
 \
> +		audit-userspace.tar.gz msgpack.tar.gz
> +DIST_SUBDIR=3D	${PORTNAME}-${DISTVERSION}
> +EXTRACT_ONLY=3D	${DISTNAME}${EXTRACT_SUFX}
> +
> +MAINTAINER=3D	m.muenz@gmail.com
> +COMMENT=3D	Security tool to monitor and check logs and intrusions
> +
> +LICENSE=3D	GPLv2
> +LICENSE_FILE=3D	${WRKSRC}/LICENSE
> +
> +BUILD_DEPENDS=3D	curl:ftp/curl
> +RUN_DEPENDS=3D	curl:ftp/curl
> +
> +USES=3D		gmake perl5 readline shebangfix uidfix
> +
> +USE_GITHUB=3D	yes
> +
> +CONFLICTS_INSTALL=3D	ossec-*
> +
> +SHEBANG_FILES=3D	${WRKSRC}/contrib/util.sh \
> +		${WRKSRC}/src/external/openssl/Configurations/unix-checker.pm \
> +		${WRKSRC}/src/init/ossec-client.sh \
> +		${WRKSRC}/wodles/oscap/oscap.py \
> +		${WRKSRC}/active-response/*.sh
> +
> +USERS=3D		ossec ossecm ossecr
> +GROUPS=3D		ossec
> +
> +OSSEC_GROUP=3D	ossec
> +OSSEC_USER=3D	ossec
> +
> +WAZUHPREFIX=3D	/var/ossec
> +
> +WAZUHMOD750=3D	/ /logs/ossec /bin /lib /queue /queue/diff /ruleset /rule=
set/sca /wodles \
> +		/active-response /active-response/bin /agentless /var /backup /queue/r=
ids \
> +		/wodles/oscap /wodles/oscap/content
> +
> +WAZUHMOD770=3D	/logs /queue/alerts /queue/ossec /etc /etc/shared /.ssh /=
var/run /var/upgrade \
> +		/var/wodles /var/incoming
> +
> +# extract all extra distfiles in src/external
> +post-extract:
> +	@for file in ${DISTFILES}; do \
> +		if ! (cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARG=
S} ${_DISTDIR}/$$file ${EXTRACT_AFTER_ARGS}); \
> +		then \
> +			exit 1; \
> +		fi; \
> +	done
> +
> +post-patch:
> +	@${REINPLACE_CMD} -e 's|/usr/bin/perl|${PERL}|g' \
> +		${WRKSRC}/src/external/openssl/Makefile \
> +		${WRKSRC}/src/external/openssl/configdata.pm
> +
> +do-build:
> +	@cd ${WRKSRC}/src && ${GMAKE} TARGET=3Dagent
> +
> +do-install:
> +	@for mod750 in ${WAZUHMOD750}; do \
> +		${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}$$mod750; \
> +	done
> +
> +	@for mod770 in ${WAZUHMOD770}; do \
> +		${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}$$mod770; \
> +	done
> +
> +	${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-logcollector ${STAGEDIR}${WAZUHP=
REFIX}/bin
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-syscheckd ${STAGEDIR}${WAZUHPREF=
IX}/bin
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-execd ${STAGEDIR}${WAZUHPREFIX}/=
bin
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX=
}/bin
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFI=
X}/bin/
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-agentd ${STAGEDIR}${WAZUHPREFIX}=
/bin
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFI=
X}/lib
> +	${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/b=
in
> +	${CP} ${WRKSRC}/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-r=
esponse/bin/
> +	${CP} ${WRKSRC}/active-response/firewalls/*.sh ${STAGEDIR}${WAZUHPREFIX=
}/active-response/bin/
> +	${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/
> +	${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFI=
X}/etc/local_internal_options.conf
> +	${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/osse=
c.conf
> +	${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/osse=
c.conf.sample
> +	${CP} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys
> +	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log
> +	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json
> +	${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-respo=
nses.log
> +	${INSTALL_SCRIPT} ${WRKSRC}/contrib/util.sh ${STAGEDIR}${WAZUHPREFIX}/b=
in/
> +	${INSTALL_SCRIPT} ${WRKSRC}/src/init/ossec-client.sh ${STAGEDIR}${WAZUH=
PREFIX}/bin/ossec-control
> +	${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUH=
PREFIX}/agentless/
> +	${INSTALL_SCRIPT} ${WRKSRC}/src/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPR=
EFIX}/etc/shared/
> +	${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/=
etc/
> +	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPRE=
FIX}/wodles/oscap
> +	${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WA=
ZUHPREFIX}/wodles/oscap
> +
> +.include <bsd.port.mk>
>=20
> Added: head/security/wazuh-agent/distinfo
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- /dev/null	00:00:00 1970	(empty, because file is newly added)
> +++ head/security/wazuh-agent/distinfo	Fri Sep 13 07:45:37 2019	(r511915)
> @@ -0,0 +1,27 @@
> +TIMESTAMP =3D 1568194130
> +SHA256 (wazuh-3.9.5/cJSON.tar.gz) =3D 8c517c658209cb96c2dcdfdd6bf7bb434a=
dfb2fff3484b3464d2750cafd74e76
> +SIZE (wazuh-3.9.5/cJSON.tar.gz) =3D 20001
> +SHA256 (wazuh-3.9.5/src_cpython.tar.gz) =3D 7df9bf6560b77de0ab0279cb0b9e=
1f51dd28d0d20c26f640feab976208daf2d7
> +SIZE (wazuh-3.9.5/src_cpython.tar.gz) =3D 78209203
> +SHA256 (wazuh-3.9.5/curl.tar.gz) =3D 78ad4a75fec89dd83c75cf35203c1c757c2=
1cb2a6ff574647b13bf86c8798d66
> +SIZE (wazuh-3.9.5/curl.tar.gz) =3D 3692998
> +SHA256 (wazuh-3.9.5/libdb.tar.gz) =3D 885f01aebcca995bcef48d8dc47acb8c4b=
d5eab06ec188e76cb5863e4f9b2d9b
> +SIZE (wazuh-3.9.5/libdb.tar.gz) =3D 4283467
> +SHA256 (wazuh-3.9.5/libffi.tar.gz) =3D 0e971f64bacc22094e89f034bba075b40=
ecc2c2c2900eecd7ae85815fd6c9f69
> +SIZE (wazuh-3.9.5/libffi.tar.gz) =3D 964576
> +SHA256 (wazuh-3.9.5/libyaml.tar.gz) =3D 35daad608b372d5ce099f738c0f21bfc=
c03d6920d92f448386c584e664f1376a
> +SIZE (wazuh-3.9.5/libyaml.tar.gz) =3D 424656
> +SHA256 (wazuh-3.9.5/openssl.tar.gz) =3D ed55973f4b604b9c27bb660fcdf85f69=
335b80b07c3bf4c63528ed8fcd74a678
> +SIZE (wazuh-3.9.5/openssl.tar.gz) =3D 5603935
> +SHA256 (wazuh-3.9.5/procps.tar.gz) =3D 87336a7860f5116ac5c5222b6b0d5c892=
e202ce136947e4776037bb7670ce6e2
> +SIZE (wazuh-3.9.5/procps.tar.gz) =3D 55692
> +SHA256 (wazuh-3.9.5/sqlite.tar.gz) =3D 23e109ee91ed16b4a95b2d361ecfd8282=
0842fc337a80aa8032590b96eebddd2
> +SIZE (wazuh-3.9.5/sqlite.tar.gz) =3D 1980218
> +SHA256 (wazuh-3.9.5/zlib.tar.gz) =3D ddbeac924cc7fc3274ad0d5cfcf2a72792f=
0500e9607c65d02e8753f3a510a01
> +SIZE (wazuh-3.9.5/zlib.tar.gz) =3D 643568
> +SHA256 (wazuh-3.9.5/audit-userspace.tar.gz) =3D e82a32e5edf93b055160e14b=
c97f41dead39287925851dc80a7638e2d4d30434
> +SIZE (wazuh-3.9.5/audit-userspace.tar.gz) =3D 1682820
> +SHA256 (wazuh-3.9.5/msgpack.tar.gz) =3D 06d63bcf32896cd0af5480c401134b1a=
d1c166fd84ebe5b486e792101ee854e2
> +SIZE (wazuh-3.9.5/msgpack.tar.gz) =3D 591294
> +SHA256 (wazuh-3.9.5/wazuh-wazuh-v3.9.5_GH0.tar.gz) =3D 3761377e6e0f639c9=
b4542a72a5519f36323a251f04eddaf802205ebded42334
> +SIZE (wazuh-3.9.5/wazuh-wazuh-v3.9.5_GH0.tar.gz) =3D 14789176
>=20
It sounds like a long list of bundle stuff which is not exactly fitting wit=
h our
policy... which includes some scary stuff like openssl, libyaml, zlib, libc=
url.
probably we will benefit in the maintenance to unbundle all of this.

Best regards,
Bapt

--ihxcoct5tfpgiqzl
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEgOTj3suS2urGXVU3Y4mL3PG3PloFAl2bWnAACgkQY4mL3PG3
Plpv9RAAgBdikr47PmJa/7Y2j2Kccc7E9kzm5fzHsonAtwOY1R5va7EaUWhNIoh3
ieA1zUjHuZ8B7XLhuh4sbbx0afibU8dgA9mfQTgbW/YLq+8+Qr/RpwwTxsUm91xN
WMomTMB6t/Gvmi5nFSL1JlxV0ZoYFzAt8TjP+Hyx5F3UvYLxeTM3vyHA4o3fb7qN
k5qcWheD+izHJuHpvX7YIPJP5wK1O/3/qWAzDkQ2WtJJJhs1jGjIYTAAcoUmHFng
stGjlSHx4bKATGx1NkIGdd6Dt3bdhO1VTiJcpd38H6RiNgMsZOAnGFxxUiFGxHD6
tyFk8DWwZQebb61qEuQIWBg3rk0UkXE02nhHAHCbwKHaKsRBloy15uxtaNiVa3qt
J+r/N51XTbp2/VNFhEmSn93Z4xKz+v528fZd5bJh1SmxcauUaBHWjQ1QtifCHtxd
e++UMaVuDV39C00hqsAB5eLa0ZvYf4v5x2EttIze+HXD2bhrY1lkkW1AVYVgGndy
n0vA9E5wyW5Lhc74x5DGT24U+9e9PmzCd44pEyxysYUkGcJvBmv5iH4g0cYv8uDK
R7b8ZSei4dLoJOtz9EwSVE3XWP0hGYNXAs/PeytDlqJFUSfge7gUmAM1yiJ5HKpP
3tvKpkHN20d+u3mC19kq4uy6R5wnb/R77+gJlsPmrqDxduNyYPM=
=N5jl
-----END PGP SIGNATURE-----

--ihxcoct5tfpgiqzl--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191007153202.oe3a2432j7rjobyp>