Date: Mon, 7 Oct 2019 17:32:02 +0200 From: Baptiste Daroussin <bapt@FreeBSD.org> To: Bernhard Froehlich <decke@FreeBSD.org> Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r511915 - in head/security: . wazuh-agent wazuh-agent/files Message-ID: <20191007153202.oe3a2432j7rjobyp@ivaldir.net> In-Reply-To: <201909130745.x8D7jbFg072399@repo.freebsd.org> References: <201909130745.x8D7jbFg072399@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--ihxcoct5tfpgiqzl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 13, 2019 at 07:45:37AM +0000, Bernhard Froehlich wrote: > Author: decke > Date: Fri Sep 13 07:45:37 2019 > New Revision: 511915 > URL: https://svnweb.freebsd.org/changeset/ports/511915 >=20 > Log: > The Wazuh agent runs on the hosts that you want to monitor. > It is multi-platform and provides the following capabilities: > =20 > - Log and data collection > - File integrity monitoring > - Rootkit and malware detection > - Security policy monitoring. > - Configuration assessments > - Software inventory > =20 > In addition, it communicates with the Wazuh manager, sending data in ne= ar > real-time through an encrypted and authenticated channel. > =20 > WWW: https://github.com/wazuh/wazuh > =20 > PR: 237900 > Submitted by: Michael Muenz <m.muenz@gmail.com> >=20 > Added: > head/security/wazuh-agent/ > head/security/wazuh-agent/Makefile (contents, props changed) > head/security/wazuh-agent/distinfo (contents, props changed) > head/security/wazuh-agent/files/ > head/security/wazuh-agent/files/patch-src_external_openssl_Makefile (= contents, props changed) > head/security/wazuh-agent/pkg-descr (contents, props changed) > head/security/wazuh-agent/pkg-plist (contents, props changed) > Modified: > head/security/Makefile >=20 > Modified: head/security/Makefile > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/security/Makefile Fri Sep 13 07:21:51 2019 (r511914) > +++ head/security/Makefile Fri Sep 13 07:45:37 2019 (r511915) > @@ -1307,6 +1307,7 @@ > SUBDIR +=3D vxquery > SUBDIR +=3D w3af > SUBDIR +=3D wapiti > + SUBDIR +=3D wazuh-agent > SUBDIR +=3D webfwlog > SUBDIR +=3D webscarab > SUBDIR +=3D whatweb >=20 > Added: head/security/wazuh-agent/Makefile > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/security/wazuh-agent/Makefile Fri Sep 13 07:45:37 2019 (r511915) > @@ -0,0 +1,104 @@ > +# $FreeBSD$ > + > +PORTNAME=3D wazuh > +DISTVERSIONPREFIX=3D v > +DISTVERSION=3D 3.9.5 > +CATEGORIES=3D security > +MASTER_SITES=3D https://packages.wazuh.com/deps/3.9/ > +PKGNAMESUFFIX=3D -agent > +DISTFILES=3D cJSON.tar.gz src_cpython.tar.gz curl.tar.gz libdb.tar.gz li= bffi.tar.gz \ > + libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz zlib.tar.gz= \ > + audit-userspace.tar.gz msgpack.tar.gz > +DIST_SUBDIR=3D ${PORTNAME}-${DISTVERSION} > +EXTRACT_ONLY=3D ${DISTNAME}${EXTRACT_SUFX} > + > +MAINTAINER=3D m.muenz@gmail.com > +COMMENT=3D Security tool to monitor and check logs and intrusions > + > +LICENSE=3D GPLv2 > +LICENSE_FILE=3D ${WRKSRC}/LICENSE > + > +BUILD_DEPENDS=3D curl:ftp/curl > +RUN_DEPENDS=3D curl:ftp/curl > + > +USES=3D gmake perl5 readline shebangfix uidfix > + > +USE_GITHUB=3D yes > + > +CONFLICTS_INSTALL=3D ossec-* > + > +SHEBANG_FILES=3D ${WRKSRC}/contrib/util.sh \ > + ${WRKSRC}/src/external/openssl/Configurations/unix-checker.pm \ > + ${WRKSRC}/src/init/ossec-client.sh \ > + ${WRKSRC}/wodles/oscap/oscap.py \ > + ${WRKSRC}/active-response/*.sh > + > +USERS=3D ossec ossecm ossecr > +GROUPS=3D ossec > + > +OSSEC_GROUP=3D ossec > +OSSEC_USER=3D ossec > + > +WAZUHPREFIX=3D /var/ossec > + > +WAZUHMOD750=3D / /logs/ossec /bin /lib /queue /queue/diff /ruleset /rule= set/sca /wodles \ > + /active-response /active-response/bin /agentless /var /backup /queue/r= ids \ > + /wodles/oscap /wodles/oscap/content > + > +WAZUHMOD770=3D /logs /queue/alerts /queue/ossec /etc /etc/shared /.ssh /= var/run /var/upgrade \ > + /var/wodles /var/incoming > + > +# extract all extra distfiles in src/external > +post-extract: > + @for file in ${DISTFILES}; do \ > + if ! (cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARG= S} ${_DISTDIR}/$$file ${EXTRACT_AFTER_ARGS}); \ > + then \ > + exit 1; \ > + fi; \ > + done > + > +post-patch: > + @${REINPLACE_CMD} -e 's|/usr/bin/perl|${PERL}|g' \ > + ${WRKSRC}/src/external/openssl/Makefile \ > + ${WRKSRC}/src/external/openssl/configdata.pm > + > +do-build: > + @cd ${WRKSRC}/src && ${GMAKE} TARGET=3Dagent > + > +do-install: > + @for mod750 in ${WAZUHMOD750}; do \ > + ${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}$$mod750; \ > + done > + > + @for mod770 in ${WAZUHMOD770}; do \ > + ${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}$$mod770; \ > + done > + > + ${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp > + ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-logcollector ${STAGEDIR}${WAZUHP= REFIX}/bin > + ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-syscheckd ${STAGEDIR}${WAZUHPREF= IX}/bin > + ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-execd ${STAGEDIR}${WAZUHPREFIX}/= bin > + ${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX= }/bin > + ${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFI= X}/bin/ > + ${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-agentd ${STAGEDIR}${WAZUHPREFIX}= /bin > + ${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFI= X}/lib > + ${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/b= in > + ${CP} ${WRKSRC}/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-r= esponse/bin/ > + ${CP} ${WRKSRC}/active-response/firewalls/*.sh ${STAGEDIR}${WAZUHPREFIX= }/active-response/bin/ > + ${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ > + ${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFI= X}/etc/local_internal_options.conf > + ${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/osse= c.conf > + ${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/osse= c.conf.sample > + ${CP} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys > + ${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log > + ${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json > + ${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-respo= nses.log > + ${INSTALL_SCRIPT} ${WRKSRC}/contrib/util.sh ${STAGEDIR}${WAZUHPREFIX}/b= in/ > + ${INSTALL_SCRIPT} ${WRKSRC}/src/init/ossec-client.sh ${STAGEDIR}${WAZUH= PREFIX}/bin/ossec-control > + ${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUH= PREFIX}/agentless/ > + ${INSTALL_SCRIPT} ${WRKSRC}/src/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPR= EFIX}/etc/shared/ > + ${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/= etc/ > + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPRE= FIX}/wodles/oscap > + ${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WA= ZUHPREFIX}/wodles/oscap > + > +.include <bsd.port.mk> >=20 > Added: head/security/wazuh-agent/distinfo > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/security/wazuh-agent/distinfo Fri Sep 13 07:45:37 2019 (r511915) > @@ -0,0 +1,27 @@ > +TIMESTAMP =3D 1568194130 > +SHA256 (wazuh-3.9.5/cJSON.tar.gz) =3D 8c517c658209cb96c2dcdfdd6bf7bb434a= dfb2fff3484b3464d2750cafd74e76 > +SIZE (wazuh-3.9.5/cJSON.tar.gz) =3D 20001 > +SHA256 (wazuh-3.9.5/src_cpython.tar.gz) =3D 7df9bf6560b77de0ab0279cb0b9e= 1f51dd28d0d20c26f640feab976208daf2d7 > +SIZE (wazuh-3.9.5/src_cpython.tar.gz) =3D 78209203 > +SHA256 (wazuh-3.9.5/curl.tar.gz) =3D 78ad4a75fec89dd83c75cf35203c1c757c2= 1cb2a6ff574647b13bf86c8798d66 > +SIZE (wazuh-3.9.5/curl.tar.gz) =3D 3692998 > +SHA256 (wazuh-3.9.5/libdb.tar.gz) =3D 885f01aebcca995bcef48d8dc47acb8c4b= d5eab06ec188e76cb5863e4f9b2d9b > +SIZE (wazuh-3.9.5/libdb.tar.gz) =3D 4283467 > +SHA256 (wazuh-3.9.5/libffi.tar.gz) =3D 0e971f64bacc22094e89f034bba075b40= ecc2c2c2900eecd7ae85815fd6c9f69 > +SIZE (wazuh-3.9.5/libffi.tar.gz) =3D 964576 > +SHA256 (wazuh-3.9.5/libyaml.tar.gz) =3D 35daad608b372d5ce099f738c0f21bfc= c03d6920d92f448386c584e664f1376a > +SIZE (wazuh-3.9.5/libyaml.tar.gz) =3D 424656 > +SHA256 (wazuh-3.9.5/openssl.tar.gz) =3D ed55973f4b604b9c27bb660fcdf85f69= 335b80b07c3bf4c63528ed8fcd74a678 > +SIZE (wazuh-3.9.5/openssl.tar.gz) =3D 5603935 > +SHA256 (wazuh-3.9.5/procps.tar.gz) =3D 87336a7860f5116ac5c5222b6b0d5c892= e202ce136947e4776037bb7670ce6e2 > +SIZE (wazuh-3.9.5/procps.tar.gz) =3D 55692 > +SHA256 (wazuh-3.9.5/sqlite.tar.gz) =3D 23e109ee91ed16b4a95b2d361ecfd8282= 0842fc337a80aa8032590b96eebddd2 > +SIZE (wazuh-3.9.5/sqlite.tar.gz) =3D 1980218 > +SHA256 (wazuh-3.9.5/zlib.tar.gz) =3D ddbeac924cc7fc3274ad0d5cfcf2a72792f= 0500e9607c65d02e8753f3a510a01 > +SIZE (wazuh-3.9.5/zlib.tar.gz) =3D 643568 > +SHA256 (wazuh-3.9.5/audit-userspace.tar.gz) =3D e82a32e5edf93b055160e14b= c97f41dead39287925851dc80a7638e2d4d30434 > +SIZE (wazuh-3.9.5/audit-userspace.tar.gz) =3D 1682820 > +SHA256 (wazuh-3.9.5/msgpack.tar.gz) =3D 06d63bcf32896cd0af5480c401134b1a= d1c166fd84ebe5b486e792101ee854e2 > +SIZE (wazuh-3.9.5/msgpack.tar.gz) =3D 591294 > +SHA256 (wazuh-3.9.5/wazuh-wazuh-v3.9.5_GH0.tar.gz) =3D 3761377e6e0f639c9= b4542a72a5519f36323a251f04eddaf802205ebded42334 > +SIZE (wazuh-3.9.5/wazuh-wazuh-v3.9.5_GH0.tar.gz) =3D 14789176 >=20 It sounds like a long list of bundle stuff which is not exactly fitting wit= h our policy... which includes some scary stuff like openssl, libyaml, zlib, libc= url. probably we will benefit in the maintenance to unbundle all of this. Best regards, Bapt --ihxcoct5tfpgiqzl Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEgOTj3suS2urGXVU3Y4mL3PG3PloFAl2bWnAACgkQY4mL3PG3 Plpv9RAAgBdikr47PmJa/7Y2j2Kccc7E9kzm5fzHsonAtwOY1R5va7EaUWhNIoh3 ieA1zUjHuZ8B7XLhuh4sbbx0afibU8dgA9mfQTgbW/YLq+8+Qr/RpwwTxsUm91xN WMomTMB6t/Gvmi5nFSL1JlxV0ZoYFzAt8TjP+Hyx5F3UvYLxeTM3vyHA4o3fb7qN k5qcWheD+izHJuHpvX7YIPJP5wK1O/3/qWAzDkQ2WtJJJhs1jGjIYTAAcoUmHFng stGjlSHx4bKATGx1NkIGdd6Dt3bdhO1VTiJcpd38H6RiNgMsZOAnGFxxUiFGxHD6 tyFk8DWwZQebb61qEuQIWBg3rk0UkXE02nhHAHCbwKHaKsRBloy15uxtaNiVa3qt J+r/N51XTbp2/VNFhEmSn93Z4xKz+v528fZd5bJh1SmxcauUaBHWjQ1QtifCHtxd e++UMaVuDV39C00hqsAB5eLa0ZvYf4v5x2EttIze+HXD2bhrY1lkkW1AVYVgGndy n0vA9E5wyW5Lhc74x5DGT24U+9e9PmzCd44pEyxysYUkGcJvBmv5iH4g0cYv8uDK R7b8ZSei4dLoJOtz9EwSVE3XWP0hGYNXAs/PeytDlqJFUSfge7gUmAM1yiJ5HKpP 3tvKpkHN20d+u3mC19kq4uy6R5wnb/R77+gJlsPmrqDxduNyYPM= =N5jl -----END PGP SIGNATURE----- --ihxcoct5tfpgiqzl--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191007153202.oe3a2432j7rjobyp>