From owner-svn-ports-all@FreeBSD.ORG Mon Jul 14 02:46:40 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 46DA2AEF; Mon, 14 Jul 2014 02:46:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 27A202138; Mon, 14 Jul 2014 02:46:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6E2keLO064183; Mon, 14 Jul 2014 02:46:40 GMT (envelope-from brd@svn.freebsd.org) Received: (from brd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6E2kcJ0064174; Mon, 14 Jul 2014 02:46:38 GMT (envelope-from brd@svn.freebsd.org) Message-Id: <201407140246.s6E2kcJ0064174@svn.freebsd.org> From: Brad Davis Date: Mon, 14 Jul 2014 02:46:38 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r361730 - in head/security: ossec-hids-client ossec-hids-server ossec-hids-server/files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 02:46:40 -0000 Author: brd (doc committer) Date: Mon Jul 14 02:46:37 2014 New Revision: 361730 URL: http://svnweb.freebsd.org/changeset/ports/361730 QAT: https://qat.redports.org/buildarchive/r361730/ Log: - Update to 2.8 - Fix permissions preventing server and local from starting correctly Reviewed by: swills@ Deleted: head/security/ossec-hids-server/files/patch-install.sh head/security/ossec-hids-server/files/patch-src__Config.Make head/security/ossec-hids-server/files/patch-src__Makeall head/security/ossec-hids-server/files/patch-src__init__shared.sh head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__Makefile head/security/ossec-hids-server/files/patch-src__os_crypto__sha1__md32_common.h Modified: head/security/ossec-hids-client/Makefile head/security/ossec-hids-client/pkg-plist.client head/security/ossec-hids-server/Makefile head/security/ossec-hids-server/distinfo head/security/ossec-hids-server/files/patch-src__InstallAgent.sh head/security/ossec-hids-server/files/patch-src__InstallServer.sh head/security/ossec-hids-server/files/patch-src__LOCATION head/security/ossec-hids-server/files/patch-src__headers__defs.h head/security/ossec-hids-server/pkg-plist Modified: head/security/ossec-hids-client/Makefile ============================================================================== --- head/security/ossec-hids-client/Makefile Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-client/Makefile Mon Jul 14 02:46:37 2014 (r361730) @@ -1,7 +1,6 @@ # Created by: Valerio Daelli # $FreeBSD$ -PORTREVISION= 1 COMMENT= The client port of ossec-hids CLIENT_ONLY= yes Modified: head/security/ossec-hids-client/pkg-plist.client ============================================================================== --- head/security/ossec-hids-client/pkg-plist.client Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-client/pkg-plist.client Mon Jul 14 02:46:37 2014 (r361730) @@ -1,4 +1,3 @@ -@group ossec %%PORTNAME%%/active-response/bin/disable-account.sh %%PORTNAME%%/active-response/bin/firewall-drop.sh %%PORTNAME%%/active-response/bin/host-deny.sh @@ -15,8 +14,11 @@ %%PORTNAME%%/bin/ossec-control %%PORTNAME%%/bin/ossec-execd %%PORTNAME%%/bin/ossec-logcollector +%%PORTNAME%%/bin/ossec-lua +%%PORTNAME%%/bin/ossec-luac %%PORTNAME%%/bin/ossec-syscheckd %%PORTNAME%%/bin/util.sh +@group ossec %%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt %%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt %%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt Modified: head/security/ossec-hids-server/Makefile ============================================================================== --- head/security/ossec-hids-server/Makefile Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/Makefile Mon Jul 14 02:46:37 2014 (r361730) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= ossec-hids -PORTVERSION= 2.7.1 +PORTVERSION= 2.8 PORTREVISION?= 0 CATEGORIES= security MASTER_SITES= http://www.ossec.net/files/ \ @@ -31,7 +31,7 @@ OPTIONS_DEFINE+= DOCS SUB_LIST= PORTNAME=${PORTNAME} SUB_FILES= pkg-message PLIST_SUB= PORTNAME=${PORTNAME} -PORTDOCS= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE README +PORTDOCS= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE .include .if ${OSVERSION} < 800067 Modified: head/security/ossec-hids-server/distinfo ============================================================================== --- head/security/ossec-hids-server/distinfo Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/distinfo Mon Jul 14 02:46:37 2014 (r361730) @@ -1,2 +1,2 @@ -SHA256 (ossec-hids-2.7.1.tar.gz) = a81d11cd6c3f21058968f5c72c25b160d3218ea28d648d8abd6a78f4ae4196ec -SIZE (ossec-hids-2.7.1.tar.gz) = 837818 +SHA256 (ossec-hids-2.8.tar.gz) = 991868627e4965d68ae453305d16bab5a73352aa3be411c302690223a938ff2b +SIZE (ossec-hids-2.8.tar.gz) = 1662990 Modified: head/security/ossec-hids-server/files/patch-src__InstallAgent.sh ============================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Mon Jul 14 02:46:37 2014 (r361730) @@ -1,5 +1,5 @@ ---- src/InstallAgent.sh.orig 2013-10-29 12:13:44.000000000 -0600 -+++ src/InstallAgent.sh 2014-06-20 10:30:22.531480743 -0600 +--- ./src/InstallAgent.sh.orig 2014-07-13 15:25:05.161395378 -0600 ++++ ./src/InstallAgent.sh 2014-07-13 15:25:35.972393742 -0600 @@ -37,11 +37,11 @@ # Creating groups/users @@ -9,110 +9,11 @@ - /usr/sbin/pw groupadd ${GROUP} - /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} - fi -+# grep "^${USER}" /etc/passwd > /dev/null 2>&1 -+# if [ ! $? = 0 ]; then -+# /usr/sbin/pw groupadd ${GROUP} -+# /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} -+# fi ++ #grep "^${USER}" /etc/passwd > /dev/null 2>&1 ++ #if [ ! $? = 0 ]; then ++ #/usr/sbin/pw groupadd ${GROUP} ++ #/usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} ++ #fi elif [ "$UNAME" = "SunOS" ]; then grep "^${USER}" /etc/passwd > /dev/null 2>&1 -@@ -107,21 +107,21 @@ - - # Default for all directories - chmod -R 550 ${DIR} --chown -R root:${GROUP} ${DIR} -+#chown -R root:${GROUP} ${DIR} - - # To the ossec queue (default for agentd to read) --chown -R ${USER}:${GROUP} ${DIR}/queue/ossec -+#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec - chmod -R 770 ${DIR}/queue/ossec - - # For the logging user --chown -R ${USER}:${GROUP} ${DIR}/logs -+#chown -R ${USER}:${GROUP} ${DIR}/logs - chmod -R 750 ${DIR}/logs - chmod -R 775 ${DIR}/queue/rids - touch ${DIR}/logs/ossec.log --chown ${USER}:${GROUP} ${DIR}/logs/ossec.log -+#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log - chmod 664 ${DIR}/logs/ossec.log - --chown -R ${USER}:${GROUP} ${DIR}/queue/diff -+#chown -R ${USER}:${GROUP} ${DIR}/queue/diff - chmod -R 750 ${DIR}/queue/diff - chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 - -@@ -130,7 +130,7 @@ - - # For the etc dir - chmod 550 ${DIR}/etc --chown -R root:${GROUP} ${DIR}/etc -+#chown -R root:${GROUP} ${DIR}/etc - - ls /etc/localtime > /dev/null 2>&1 - if [ $? = 0 ]; then -@@ -168,12 +168,12 @@ - cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 - cp -pr agentlessd/scripts/* ${DIR}/agentless/ - --chown root:${GROUP} ${DIR}/etc/internal_options.conf --chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 --chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 --chown root:${GROUP} ${DIR}/agentless/* --chown ${USER}:${GROUP} ${DIR}/.ssh --chown -R root:${GROUP} ${DIR}/etc/shared -+#chown root:${GROUP} ${DIR}/etc/internal_options.conf -+#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 -+#chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 -+#chown root:${GROUP} ${DIR}/agentless/* -+#chown ${USER}:${GROUP} ${DIR}/.ssh -+#chown -R root:${GROUP} ${DIR}/etc/shared - - chmod 550 ${DIR}/etc - chmod 440 ${DIR}/etc/internal_options.conf -@@ -186,7 +186,7 @@ - - # For the /var/run - chmod 770 ${DIR}/var/run --chown root:${GROUP} ${DIR}/var/run -+#chown root:${GROUP} ${DIR}/var/run - - - # Moving the binary files -@@ -198,7 +198,7 @@ - cp -pr ./init/ossec-client.sh ${DIR}/bin/ossec-control - cp -pr addagent/manage_agents ${DIR}/bin/ - cp -pr ../contrib/util.sh ${DIR}/bin/ --chown root:${GROUP} ${DIR}/bin/util.sh -+#chown root:${GROUP} ${DIR}/bin/util.sh - chmod +x ${DIR}/bin/util.sh - - # Copying active response modules -@@ -206,9 +206,9 @@ - cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ - cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ - chmod 755 ${DIR}/active-response/bin/* --chown root:${GROUP} ${DIR}/active-response/bin/* -+#chown root:${GROUP} ${DIR}/active-response/bin/* - --chown root:${GROUP} ${DIR}/bin/* -+#chown root:${GROUP} ${DIR}/bin/* - chmod 550 ${DIR}/bin/* - - -@@ -223,10 +223,10 @@ - if [ $? = 0 ]; then - cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf - else -- cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf -+ cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf.sample - fi --chown root:${GROUP} ${DIR}/etc/ossec.conf --chmod 440 ${DIR}/etc/ossec.conf -+#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample -+chmod 440 ${DIR}/etc/ossec.conf.sample - - - Modified: head/security/ossec-hids-server/files/patch-src__InstallServer.sh ============================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallServer.sh Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/files/patch-src__InstallServer.sh Mon Jul 14 02:46:37 2014 (r361730) @@ -1,5 +1,5 @@ ---- ./src/InstallServer.sh.orig 2013-10-29 12:13:44.000000000 -0600 -+++ ./src/InstallServer.sh 2014-04-21 19:56:55.000000000 -0600 +--- ./src/InstallServer.sh.orig 2014-05-22 07:10:57.000000000 -0600 ++++ ./src/InstallServer.sh 2014-07-13 15:24:45.552390120 -0600 @@ -44,13 +44,13 @@ # Creating groups/users @@ -139,16 +139,16 @@ # Moving the binary files cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \ -@@ -255,7 +255,7 @@ - cp -pr util/syscheck_control ${DIR}/bin/ - cp -pr util/rootcheck_control ${DIR}/bin/ +@@ -257,7 +257,7 @@ + cp -pr external/lua/src/ossec-lua ${DIR}/bin/ + cp -pr external/lua/src/ossec-luac ${DIR}/bin/ cp -pr ../contrib/util.sh ${DIR}/bin/ -chown root:${GROUP} ${DIR}/bin/util.sh +#chown root:${GROUP} ${DIR}/bin/util.sh chmod +x ${DIR}/bin/util.sh # Local install chosen -@@ -285,14 +285,14 @@ +@@ -287,14 +287,14 @@ cp -pr ../etc/internal_options.conf ${DIR}/etc/ cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/ @@ -171,7 +171,7 @@ chmod 440 ${DIR}/etc/decoder.xml chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 chmod 440 ${DIR}/etc/internal_options.conf -@@ -312,9 +312,9 @@ +@@ -314,9 +314,9 @@ cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ chmod 550 ${DIR}/active-response/bin/* @@ -183,7 +183,7 @@ chmod 550 ${DIR}/bin/* -@@ -326,12 +326,12 @@ +@@ -328,12 +328,12 @@ ls ../etc/ossec.mc > /dev/null 2>&1 if [ $? = 0 ]; then Modified: head/security/ossec-hids-server/files/patch-src__LOCATION ============================================================================== --- head/security/ossec-hids-server/files/patch-src__LOCATION Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/files/patch-src__LOCATION Mon Jul 14 02:46:37 2014 (r361730) @@ -1,7 +1,5 @@ -diff -ruN src/LOCATION.orig src/LOCATION ---- src/LOCATION.orig Tue Oct 25 18:18:50 2005 -+++ src/LOCATION Mon Apr 2 10:51:37 2007 -@@ -1,2 +1,2 @@ +--- ./src/LOCATION.orig 2014-05-22 07:10:57.000000000 -0600 ++++ ./src/LOCATION 2014-07-13 15:24:45.561388082 -0600 +@@ -1 +1 @@ -DIR="/var/ossec" -+DIR="PREFIX" - CC=gcc ++DIR="/usr/local/poudriere/ports/svn/security/ossec-hids-server/work/stage/usr/local/ossec-hids" Modified: head/security/ossec-hids-server/files/patch-src__headers__defs.h ============================================================================== --- head/security/ossec-hids-server/files/patch-src__headers__defs.h Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/files/patch-src__headers__defs.h Mon Jul 14 02:46:37 2014 (r361730) @@ -1,5 +1,5 @@ ---- ./src/headers/defs.h.orig 2013-10-29 12:13:44.000000000 -0600 -+++ ./src/headers/defs.h 2014-04-21 19:52:35.000000000 -0600 +--- ./src/headers/defs.h.orig 2014-05-22 07:10:57.000000000 -0600 ++++ ./src/headers/defs.h 2014-07-13 15:24:45.559389869 -0600 @@ -98,7 +98,7 @@ #endif Modified: head/security/ossec-hids-server/pkg-plist ============================================================================== --- head/security/ossec-hids-server/pkg-plist Mon Jul 14 01:29:26 2014 (r361729) +++ head/security/ossec-hids-server/pkg-plist Mon Jul 14 02:46:37 2014 (r361730) @@ -21,6 +21,8 @@ %%PORTNAME%%/bin/ossec-execd %%PORTNAME%%/bin/ossec-logcollector %%PORTNAME%%/bin/ossec-logtest +%%PORTNAME%%/bin/ossec-lua +%%PORTNAME%%/bin/ossec-luac %%PORTNAME%%/bin/ossec-maild %%PORTNAME%%/bin/ossec-makelists %%PORTNAME%%/bin/ossec-monitord @@ -33,6 +35,7 @@ %%PORTNAME%%/bin/syscheck_update %%PORTNAME%%/bin/util.sh %%PORTNAME%%/bin/verify-agent-conf +@group ossec %%PORTNAME%%/etc/decoder.xml %%PORTNAME%%/etc/internal_options.conf @sample %%PORTNAME%%/etc/ossec.conf.sample @@ -46,7 +49,6 @@ %%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt %%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt @owner ossec -@group ossec @mode 660 %%PORTNAME%%/logs/active-responses.log %%PORTNAME%%/logs/ossec.log @@ -57,7 +59,6 @@ %%PORTNAME%%/rules/arpwatch_rules.xml %%PORTNAME%%/rules/asterisk_rules.xml %%PORTNAME%%/rules/attack_rules.xml -%%PORTNAME%%/rules/bro-ids_rules.xml %%PORTNAME%%/rules/cimserver_rules.xml %%PORTNAME%%/rules/cisco-ios_rules.xml %%PORTNAME%%/rules/clam_av_rules.xml @@ -140,7 +141,9 @@ @dirrmtry %%PORTNAME%%/queue/rootcheck @dirrmtry %%PORTNAME%%/rules @dirrmtry %%PORTNAME%%/tmp +@mode 770 @dirrmtry %%PORTNAME%%/var/run +@mode 550 @dirrmtry %%PORTNAME%%/var @owner ossec @mode 770