Date: Mon, 21 Dec 2015 16:02:55 +0000 (UTC) From: Mathieu Arnold <mat@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r404124 - in head/security/ossec-hids-server: . files Message-ID: <201512211602.tBLG2tob009022@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mat Date: Mon Dec 21 16:02:55 2015 New Revision: 404124 URL: https://svnweb.freebsd.org/changeset/ports/404124 Log: Fix build as a user. While there, merge do-install and post-install, and use an option target helper. Sponsored by: Absolight Modified: head/security/ossec-hids-server/Makefile head/security/ossec-hids-server/files/patch-src__InstallAgent.sh head/security/ossec-hids-server/files/patch-src__InstallServer.sh Modified: head/security/ossec-hids-server/Makefile ============================================================================== --- head/security/ossec-hids-server/Makefile Mon Dec 21 16:02:50 2015 (r404123) +++ head/security/ossec-hids-server/Makefile Mon Dec 21 16:02:55 2015 (r404124) @@ -101,8 +101,6 @@ do-install: .else @cd ${WRKSRC}/src; ${MAKE} server .endif - -post-install: @${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc .for file in ${STRIP_FILES} ${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file} @@ -116,9 +114,8 @@ post-install: ${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample .endif -.if ${PORT_OPTIONS:MDOCS} +post-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} -.endif .include <bsd.port.post.mk> Modified: head/security/ossec-hids-server/files/patch-src__InstallAgent.sh ============================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Mon Dec 21 16:02:50 2015 (r404123) +++ head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Mon Dec 21 16:02:55 2015 (r404124) @@ -1,6 +1,6 @@ ---- ./src/InstallAgent.sh.orig 2014-07-13 15:25:05.161395378 -0600 -+++ ./src/InstallAgent.sh 2014-07-13 15:25:35.972393742 -0600 -@@ -37,11 +37,11 @@ +--- src/InstallAgent.sh.orig 2015-06-10 15:38:32 UTC ++++ src/InstallAgent.sh +@@ -37,11 +37,11 @@ fi # Creating groups/users if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then @@ -17,3 +17,107 @@ elif [ "$UNAME" = "SunOS" ]; then grep "^${USER}" /etc/passwd > /dev/null 2>&1 +@@ -106,22 +106,17 @@ for i in ${subdirs}; do + done + + # Default for all directories +-chmod -R 550 ${DIR} +-chown -R root:${GROUP} ${DIR} ++chmod -R 750 ${DIR} + + # To the ossec queue (default for agentd to read) +-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec + chmod -R 770 ${DIR}/queue/ossec + + # For the logging user +-chown -R ${USER}:${GROUP} ${DIR}/logs + chmod -R 750 ${DIR}/logs + chmod -R 775 ${DIR}/queue/rids + touch ${DIR}/logs/ossec.log +-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log + chmod 664 ${DIR}/logs/ossec.log + +-chown -R ${USER}:${GROUP} ${DIR}/queue/diff + chmod -R 750 ${DIR}/queue/diff + chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 + +@@ -129,8 +124,7 @@ chmod 740 ${DIR}/queue/diff/* > /dev/nul + + + # For the etc dir +-chmod 550 ${DIR}/etc +-chown -R root:${GROUP} ${DIR}/etc ++chmod 750 ${DIR}/etc + + ls /etc/localtime > /dev/null 2>&1 + if [ $? = 0 ]; then +@@ -142,13 +136,11 @@ if [ "$UNAME" = "SunOS" ]; then + mkdir -p ${DIR}/usr/share/lib/zoneinfo/ + chmod -R 555 ${DIR}/usr/ + cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ +- chown -R root:${GROUP} ${DIR}/usr/ + fi + + ls /etc/TIMEZONE > /dev/null 2>&1 + if [ $? = 0 ]; then + cp -p /etc/TIMEZONE ${DIR}/etc/; +- chown root:${GROUP} ${DIR}/etc/TIMEZONE + chmod 555 ${DIR}/etc/TIMEZONE + fi + +@@ -168,25 +160,17 @@ cp -pr ../etc/local_internal_options.con + cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 + cp -pr agentlessd/scripts/* ${DIR}/agentless/ + +-chown root:${GROUP} ${DIR}/etc/internal_options.conf +-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/agentless/* +-chown ${USER}:${GROUP} ${DIR}/.ssh +-chown -R root:${GROUP} ${DIR}/etc/shared +- +-chmod 550 ${DIR}/etc ++chmod 750 ${DIR}/etc + chmod 440 ${DIR}/etc/internal_options.conf + chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 + chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1 + chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it +-chmod 550 ${DIR}/agentless/* ++chmod 750 ${DIR}/agentless/* + chmod 700 ${DIR}/.ssh + + + # For the /var/run + chmod 770 ${DIR}/var/run +-chown root:${GROUP} ${DIR}/var/run + + + # Moving the binary files +@@ -200,7 +184,6 @@ cp -pr addagent/manage_agents ${DIR}/bin + cp -pr ../contrib/util.sh ${DIR}/bin/ + cp -pr external/lua/src/ossec-lua ${DIR}/bin/ + cp -pr external/lua/src/ossec-luac ${DIR}/bin/ +-chown root:${GROUP} ${DIR}/bin/util.sh + chmod +x ${DIR}/bin/util.sh + + # Copying active response modules +@@ -208,10 +191,8 @@ sh ./init/fw-check.sh execute > /dev/nul + cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ + cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ + chmod 755 ${DIR}/active-response/bin/* +-chown root:${GROUP} ${DIR}/active-response/bin/* + +-chown root:${GROUP} ${DIR}/bin/* +-chmod 550 ${DIR}/bin/* ++chmod 750 ${DIR}/bin/* + + + # Moving the config file +@@ -227,7 +208,6 @@ if [ $? = 0 ]; then + else + cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf + fi +-chown root:${GROUP} ${DIR}/etc/ossec.conf + chmod 440 ${DIR}/etc/ossec.conf + + Modified: head/security/ossec-hids-server/files/patch-src__InstallServer.sh ============================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallServer.sh Mon Dec 21 16:02:50 2015 (r404123) +++ head/security/ossec-hids-server/files/patch-src__InstallServer.sh Mon Dec 21 16:02:55 2015 (r404124) @@ -1,6 +1,6 @@ ---- ./src/InstallServer.sh.orig 2014-05-22 07:10:57.000000000 -0600 -+++ ./src/InstallServer.sh 2014-07-13 15:24:45.552390120 -0600 -@@ -44,13 +44,13 @@ +--- src/InstallServer.sh.orig 2015-06-10 15:38:32 UTC ++++ src/InstallServer.sh +@@ -44,13 +44,13 @@ fi # Creating groups/users if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then @@ -21,85 +21,73 @@ elif [ "$UNAME" = "SunOS" ]; then grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 -@@ -123,61 +123,61 @@ +@@ -121,63 +121,47 @@ for i in ${subdirs}; do + done + # Default for all directories - chmod 550 ${DIR} - chmod 550 ${DIR}/* +-chmod 550 ${DIR} +-chmod 550 ${DIR}/* -chown root:${GROUP} ${DIR} -chown root:${GROUP} ${DIR}/* -+#chown root:${GROUP} ${DIR} -+#chown root:${GROUP} ${DIR}/* ++chmod 750 ${DIR} ++chmod 750 ${DIR}/* # AnalysisD needs to write to alerts: log, mail and cmds -chown -R ${USER}:${GROUP} ${DIR}/queue/alerts -+#chown -R ${USER}:${GROUP} ${DIR}/queue/alerts chmod -R 770 ${DIR}/queue/alerts # To the ossec queue (default for analysisd to read) -chown -R ${USER}:${GROUP} ${DIR}/queue/ossec -+#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec chmod -R 770 ${DIR}/queue/ossec # To the ossec fts queue -chown -R ${USER}:${GROUP} ${DIR}/queue/fts -+#chown -R ${USER}:${GROUP} ${DIR}/queue/fts chmod -R 750 ${DIR}/queue/fts chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1 # To the ossec syscheck/rootcheck queue -chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck -+#chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck chmod -R 750 ${DIR}/queue/syscheck chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1 -chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck -+#chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck chmod -R 750 ${DIR}/queue/rootcheck chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1 -chown ${USER}:${GROUP} ${DIR}/queue/diff -chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1 -+#chown ${USER}:${GROUP} ${DIR}/queue/diff -+#chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1 chmod 750 ${DIR}/queue/diff chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 -chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info -+#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info chmod -R 750 ${DIR}/queue/agent-info chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1 -chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids -+#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids chmod -R 750 ${DIR}/queue/rids chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1 -chown -R ${USER}:${GROUP} ${DIR}/queue/agentless -+#chown -R ${USER}:${GROUP} ${DIR}/queue/agentless chmod -R 750 ${DIR}/queue/agentless chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1 # For the stats directory -chown -R ${USER}:${GROUP} ${DIR}/stats -+#chown -R ${USER}:${GROUP} ${DIR}/stats chmod -R 750 ${DIR}/stats # For the logging user -chown -R ${USER}:${GROUP} ${DIR}/logs -+#chown -R ${USER}:${GROUP} ${DIR}/logs chmod -R 750 ${DIR}/logs touch ${DIR}/logs/ossec.log -chown ${USER}:${GROUP} ${DIR}/logs/ossec.log -+#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log chmod 660 ${DIR}/logs/ossec.log touch ${DIR}/logs/active-responses.log -chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log -+#chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log chmod 660 ${DIR}/logs/active-responses.log # For the rules directory -@@ -195,7 +195,7 @@ +@@ -195,7 +179,7 @@ if [ $? = 0 ]; then fi fi @@ -108,47 +96,57 @@ find ${DIR}/rules/ -type f -exec chmod 440 {} \; # If the local_rules is saved, moved it back -@@ -204,18 +204,18 @@ +@@ -204,37 +188,33 @@ if [ $? = 0 ]; then mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml fi -chown -R root:${GROUP} ${DIR}/rules -+#chown -R root:${GROUP} ${DIR}/rules - chmod -R 550 ${DIR}/rules +-chmod -R 550 ${DIR}/rules ++chmod -R 750 ${DIR}/rules # For the etc dir - chmod 550 ${DIR}/etc +-chmod 550 ${DIR}/etc -chown -R root:${GROUP} ${DIR}/etc -+#chown -R root:${GROUP} ${DIR}/etc ++chmod 750 ${DIR}/etc ls /etc/localtime > /dev/null 2>&1 if [ $? = 0 ]; then cp -pL /etc/localtime ${DIR}/etc/; chmod 440 ${DIR}/etc/localtime - chown root:${GROUP} ${DIR}/etc/localtime -+ #chown root:${GROUP} ${DIR}/etc/localtime fi # Solaris Needs some extra files -@@ -234,7 +234,7 @@ + if [ "$UNAME" = "SunOS" ]; then + mkdir -p ${DIR}/usr/share/lib/zoneinfo/ +- chmod -R 550 ${DIR}/usr/ ++ chmod -R 750 ${DIR}/usr/ + cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ + fi + + ls /etc/TIMEZONE > /dev/null 2>&1 + if [ $? = 0 ]; then + cp -p /etc/TIMEZONE ${DIR}/etc/; +- chmod 550 ${DIR}/etc/TIMEZONE ++ chmod 750 ${DIR}/etc/TIMEZONE + fi + # For the /var/run chmod 770 ${DIR}/var/run -chown root:${GROUP} ${DIR}/var/run -+#chown root:${GROUP} ${DIR}/var/run # Moving the binary files cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \ -@@ -257,7 +257,7 @@ +@@ -257,7 +237,6 @@ cp -pr util/rootcheck_control ${DIR}/bin cp -pr external/lua/src/ossec-lua ${DIR}/bin/ cp -pr external/lua/src/ossec-luac ${DIR}/bin/ cp -pr ../contrib/util.sh ${DIR}/bin/ -chown root:${GROUP} ${DIR}/bin/util.sh -+#chown root:${GROUP} ${DIR}/bin/util.sh chmod +x ${DIR}/bin/util.sh # Local install chosen -@@ -287,14 +287,14 @@ +@@ -287,23 +266,15 @@ fi cp -pr ../etc/internal_options.conf ${DIR}/etc/ cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/ @@ -160,30 +158,35 @@ -chown root:${GROUP} ${DIR}/etc/shared/* -chown root:${GROUP} ${DIR}/agentless/* -chown ${USER}:${GROUP} ${DIR}/.ssh -+#chown root:${GROUP} ${DIR}/etc/decoder.xml -+#chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 -+#chown root:${GROUP} ${DIR}/etc/internal_options.conf -+#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 -+#chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1 -+#chown root:${GROUP} ${DIR}/etc/shared/* -+#chown root:${GROUP} ${DIR}/agentless/* -+#chown ${USER}:${GROUP} ${DIR}/.ssh chmod 440 ${DIR}/etc/decoder.xml chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 chmod 440 ${DIR}/etc/internal_options.conf -@@ -314,9 +314,9 @@ + chmod 440 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 + chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 +-chmod 550 ${DIR}/etc ++chmod 750 ${DIR}/etc + chmod 770 ${DIR}/etc/shared + chmod 440 ${DIR}/etc/shared/* +-chmod 550 ${DIR}/agentless/* ++chmod 750 ${DIR}/agentless/* + rm ${DIR}/etc/shared/merged.mg >/dev/null 2>&1 + chmod 700 ${DIR}/.ssh + +@@ -313,11 +284,9 @@ sh ./init/fw-check.sh execute > /dev/nul + cp -p ../active-response/*.sh ${DIR}/active-response/bin/ cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ - chmod 550 ${DIR}/active-response/bin/* +-chmod 550 ${DIR}/active-response/bin/* -chown root:${GROUP} ${DIR}/active-response/bin/* -+#chown root:${GROUP} ${DIR}/active-response/bin/* ++chmod 750 ${DIR}/active-response/bin/* -chown root:${GROUP} ${DIR}/bin/* -+#chown root:${GROUP} ${DIR}/bin/* - chmod 550 ${DIR}/bin/* +-chmod 550 ${DIR}/bin/* ++chmod 750 ${DIR}/bin/* -@@ -328,12 +328,12 @@ + # Moving the config file +@@ -328,12 +297,11 @@ fi ls ../etc/ossec.mc > /dev/null 2>&1 if [ $? = 0 ]; then @@ -195,8 +198,7 @@ fi -chown root:${GROUP} ${DIR}/etc/ossec.conf -chmod 440 ${DIR}/etc/ossec.conf -+#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample -+chmod 440 ${DIR}/etc/ossec.conf.sample ++chmod 640 ${DIR}/etc/ossec.conf.sample
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201512211602.tBLG2tob009022>