ossec-hids: add new pkg

Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Armin Kuster <akuster808@gmail.com> 2021-04-21 04:17:35 +0000
committer: Armin Kuster <akuster808@gmail.com> 2021-04-26 14:32:51 +0000
commit: f1f517c919bcf50cdbcacc00779e801c17dec3b7 (patch)
tree: cfaa4ca3dd060d1a2b04a07a6a4debea3b2ed14b
parent: 30da585d2a08b09b4553ff573b5fcfe159867b5a (diff)
download: meta-security-f1f517c919bcf50cdbcacc00779e801c17dec3b7.tar.gz
3 files changed, 449 insertions, 0 deletions
diff --git a/recipes-ids/ossec/files/0001-Makefile-drop-running-scrips-install.patch b/recipes-ids/ossec/files/0001-Makefile-drop-running-scrips-install.patch
new file mode 100644
index 0000000..08e018f
--- /dev/null
+++ b/recipes-ids/ossec/files/0001-Makefile-drop-running-scrips-install.patch
@@ -0,0 +1,37 @@
+From b948d36a8ca8e04794381f0f6eba29daf7e3fd01 Mon Sep 17 00:00:00 2001
+From: Armin Kuster <akuster808@gmail.com>
+Date: Wed, 21 Apr 2021 00:56:53 +0000
+Subject: [PATCH 1/2] Makefile: drop running scrips @ install
+Upstream-Status: Inappropriate [embedded specific]
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+---
+ src/Makefile | 4 ----
+ 1 file changed, 4 deletions(-)
+diff --git a/src/Makefile b/src/Makefile
+index 06a7094c..dfb8cb58 100644
+--- a/src/Makefile
+++ b/src/Makefile
+@@ -409,7 +409,6 @@ install-hybrid: install-server-generic
+ install-server: install-server-generic
+ 
+ install-common: build
+-       ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
+        $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
+        $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
+        $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
+@@ -485,9 +484,6 @@ endif
+        $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
+        $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
+ 
+-       ./init/fw-check.sh execute
+-
+-
+ 
+ install-server-generic: install-common
+        $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
+-- 
+2.25.1
diff --git a/recipes-ids/ossec/files/0002-Makefile-don-t-set-uid-gid.patch b/recipes-ids/ossec/files/0002-Makefile-don-t-set-uid-gid.patch
new file mode 100644
index 0000000..d5e3403
--- /dev/null
+++ b/recipes-ids/ossec/files/0002-Makefile-don-t-set-uid-gid.patch
@@ -0,0 +1,251 @@
+From d9ec907881b72d42b4918f7cfb46516ce8e77772 Mon Sep 17 00:00:00 2001
+From: Armin Kuster <akuster808@gmail.com>
+Date: Sat, 24 Apr 2021 23:07:29 +0000
+Subject: [PATCH 2/2] Makefile: don't set uid/gid
+Upstream-Status: Inappropriate [embedded specific]
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+---
+ src/Makefile | 166 +++++++++++++++++++++++++--------------------------
+ 1 file changed, 83 insertions(+), 83 deletions(-)
+diff --git a/src/Makefile b/src/Makefile
+index dfb8cb58..a4d69ef6 100644
+--- a/src/Makefile
+++ b/src/Makefile
+@@ -21,7 +21,7 @@ OSSEC_USER?=ossec
+ OSSEC_USER_MAIL?=ossecm
+ OSSEC_USER_REM?=ossecr
+ 
+-INSTALL_CMD?=install -m $(1) -o $(2) -g $(3)
+INSTALL_CMD?=install -m $(1) 
+ INSTALL_LOCALTIME?=yes
+ INSTALL_RESOLVCONF?=yes
+ 
+@@ -397,10 +397,10 @@ endif
+ install: install-${TARGET}
+ 
+ install-agent: install-common
+-       $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-agentd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) agent-auth ${PREFIX}/bin
+ 
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rids
+ 
+ install-local: install-server-generic
+ 
+@@ -409,129 +409,129 @@ install-hybrid: install-server-generic
+ install-server: install-server-generic
+ 
+ install-common: build
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
+-       $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
+-
+-       $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/logs
+       $(call INSTALL_CMD,0660) /dev/null ${PREFIX}/logs/ossec.log
+
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-logcollector ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-syscheckd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-execd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) manage_agents ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ../contrib/util.sh ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
+ 
+ ifeq (${LUA_ENABLE},yes)
+-       $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua
+-       $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native
+-       $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled
+-       $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/lua
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/lua/native
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/lua/compiled
+       $(call INSTALL_CMD,0550) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
+ endif
+ 
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue
+-       $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/queue
+       $(call INSTALL_CMD,0770) -d ${PREFIX}/queue/alerts
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/ossec
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/syscheck
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/diff
+ 
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/etc
+ ifeq (${INSTALL_LOCALTIME},yes)
+-       $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc
+       $(call INSTALL_CMD,0440) /etc/localtime ${PREFIX}/etc
+ endif
+ ifeq (${INSTALL_RESOLVCONF},yes)
+-       $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/resolv.conf ${PREFIX}/etc
+       $(call INSTALL_CMD,0440) /etc/resolv.conf ${PREFIX}/etc
+ endif
+ 
+-       $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp
+       $(call INSTALL_CMD,1550) -d ${PREFIX}/tmp
+ 
+ ifneq (,$(wildcard /etc/TIMEZONE))
+-       $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/
+       $(call INSTALL_CMD,440) /etc/TIMEZONE ${PREFIX}/etc/
+ endif
+ # Solaris Needs some extra files
+ ifeq (${uname_S},SunOS)
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/usr/share/lib/zoneinfo/
+        cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/
+ endif
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/
+       $(call INSTALL_CMD,0640) -b ../etc/internal_options.conf ${PREFIX}/etc/
+ ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf))
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
+       $(call INSTALL_CMD,0640) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
+ endif
+ ifeq (,$(wildcard ${PREFIX}/etc/client.keys))
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys
+       $(call INSTALL_CMD,0640) /dev/null ${PREFIX}/etc/client.keys
+ endif
+ ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf))
+ ifneq (,$(wildcard ../etc/ossec.mc))
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
+       $(call INSTALL_CMD,0640) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
+ else
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
+       $(call INSTALL_CMD,0640) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
+ endif
+ endif
+ 
+-       $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared
+-       $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/
+       $(call INSTALL_CMD,0770) -d ${PREFIX}/etc/shared
+       $(call INSTALL_CMD,0640) rootcheck/db/*.txt ${PREFIX}/etc/shared/
+ 
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/active-response
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/active-response/bin
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/agentless
+       $(call INSTALL_CMD,0550) agentlessd/scripts/* ${PREFIX}/agentless/
+ 
+-       $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh
+       $(call INSTALL_CMD,0700) -d ${PREFIX}/.ssh
+ 
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
+       $(call INSTALL_CMD,0550) ../active-response/*.sh ${PREFIX}/active-response/bin/
+       $(call INSTALL_CMD,0550) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
+ 
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
+-       $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/var
+       $(call INSTALL_CMD,0770) -d ${PREFIX}/var/run
+ 
+ 
+ install-server-generic: install-common
+-       $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall
+-
+-       $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin
+-       $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/
+-       $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/
+-
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats
+-       $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules
+       $(call INSTALL_CMD,0660) /dev/null ${PREFIX}/logs/active-responses.log
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/archives
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/alerts
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/firewall
+
+       $(call INSTALL_CMD,0550) ossec-agentlessd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-analysisd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-monitord ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-reportd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-maild ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-remoted ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-logtest ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-csyslogd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-authd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-dbd ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) ossec-makelists ${PREFIX}/bin
+       $(call INSTALL_CMD,0550) verify-agent-conf ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) clear_stats ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) list_agents ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) ossec-regex ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) syscheck_update ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) agent_control ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) syscheck_control ${PREFIX}/bin/
+       $(call INSTALL_CMD,0550) rootcheck_control ${PREFIX}/bin/
+
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/stats
+       $(call INSTALL_CMD,0550) -d ${PREFIX}/rules
+ ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml))
+        cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
+       $(call INSTALL_CMD,0640) -b ../etc/rules/*.xml ${PREFIX}/rules
+       $(call INSTALL_CMD,0640) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
+        rm ${PREFIX}/rules/local_rules.xml.installbackup
+ else
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
+       $(call INSTALL_CMD,0640) -b ../etc/rules/*.xml ${PREFIX}/rules
+ endif
+ 
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/fts
+ 
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rootcheck
+ 
+-       $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info
+-       $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/agent-info
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/agentless
+ 
+-       $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
+       $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rids
+ 
+-       $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/
+       $(call INSTALL_CMD,0640) ../etc/decoder.xml ${PREFIX}/etc/
+ 
+        rm -f ${PREFIX}/etc/shared/merged.mg
+ 
+-- 
+2.25.1
diff --git a/recipes-ids/ossec/ossec-hids_3.6.0.bb b/recipes-ids/ossec/ossec-hids_3.6.0.bb
new file mode 100644
index 0000000..10354a7
--- /dev/null
+++ b/recipes-ids/ossec/ossec-hids_3.6.0.bb
@@ -0,0 +1,161 @@
+SUMMARY = "A full platform to monitor and control your systems"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=d625d1520b5e38faefb81cf9772badc9"
+DEPENDS = "openssl libpcre2 zlib libevent"
+SRC_URI = "git://github.com/ossec/ossec-hids;branch=master \
+           file://0001-Makefile-drop-running-scrips-install.patch  \
+           file://0002-Makefile-don-t-set-uid-gid.patch \
+           "
+SRCREV = "1303c78e2c67d7acee0508cb00c3bc63baaa27c2"
+inherit autotools-brokensep  useradd
+S = "${WORKDIR}/git"
+OSSEC_UID ?= "ossec"
+OSSEC_RUID ?= "ossecr"
+OSSEC_GID ?= "ossec"
+OSSEC_EMAIL ?= "ossecm"
+do_configure[noexec] = "1"
+do_compile() {
+  cd ${S}/src
+  make PREFIX=${prefix} TARGET=local USE_SYSTEMD=No build 
+}
+do_install(){
+  install -d ${D}${sysconfdir}
+  install -d ${D}/var/ossec/${sysconfdir}
+  cd ${S}/src
+  make TARGET=local  PREFIX=${D}/var/ossec install
+  echo "DIRECTORY=\"/var/ossec\"" > ${D}/${sysconfdir}/ossec-init.conf
+  echo "VERSION=\"${PV}\"" >> ${D}/${sysconfdir}/ossec-init.conf
+  echo "DATE=\"`date`\"" >> ${D}/${sysconfdir}/ossec-init.conf
+  echo "TYPE=\"local\"" >> ${D}/${sysconfdir}/ossec-init.conf
+  chmod 600  ${D}/${sysconfdir}/ossec-init.conf
+  install -m 640 ${D}/${sysconfdir}/ossec-init.conf ${D}/var/ossec/${sysconfdir}/ossec-init.conf
+}
+pkg_postinst_ontarget_${PN} () {
+    DIR="/var/ossec"
+    usermod -g ossec -G ossec -a root
+    # Default for all directories
+    chmod -R 550 ${DIR}
+    chown -R root:${OSSEC_GID} ${DIR}
+    # To the ossec queue (default for agentd to read)
+    chown -R ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/queue/ossec
+    chmod -R 770 ${DIR}/queue/ossec
+    # For the logging user
+    chown -R ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/logs
+    chmod -R 750 ${DIR}/logs
+    chmod -R 775 ${DIR}/queue/rids
+    touch ${DIR}/logs/ossec.log
+    chown ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/logs/ossec.log
+    chmod 664 ${DIR}/logs/ossec.log
+    chown -R ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/queue/diff
+    chmod -R 750 ${DIR}/queue/diff
+        chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 || true
+        # For the etc dir
+        chmod 550 ${DIR}/etc
+        chown -R root:${OSSEC_GID} ${DIR}/etc
+        if [ -f /etc/localtime ]; then
+            cp -pL /etc/localtime ${DIR}/etc/;
+            chmod 555 ${DIR}/etc/localtime
+            chown root:${OSSEC_GID} ${DIR}/etc/localtime
+        fi
+        if [ -f /etc/TIMEZONE ]; then
+            cp -p /etc/TIMEZONE ${DIR}/etc/;
+            chmod 555 ${DIR}/etc/TIMEZONE
+        fi
+        # More files
+        chown root:${OSSEC_GID} ${DIR}/etc/internal_options.conf
+        chown root:${OSSEC_GID} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 || true
+        chown root:${OSSEC_GID} ${DIR}/etc/client.keys >/dev/null 2>&1 || true
+        chown root:${OSSEC_GID} ${DIR}/agentless/*
+        chown ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/.ssh
+        chown root:${OSSEC_GID} ${DIR}/etc/shared/*
+        chmod 550 ${DIR}/etc
+        chmod 440 ${DIR}/etc/internal_options.conf
+        chmod 660 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 || true
+        chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 || true
+        chmod 550 ${DIR}/agentless/*
+        chmod 700 ${DIR}/.ssh
+        chmod 770 ${DIR}/etc/shared
+        chmod 660 ${DIR}/etc/shared/*
+        # For the /var/run
+        chmod 770 ${DIR}/var/run
+        chown root:${OSSEC_GID} ${DIR}/var/run
+        # For util.sh 
+        chown root:${OSSEC_GID} ${DIR}/bin/util.sh
+        chmod +x ${DIR}/bin/util.sh
+        # For binaries and active response
+        chmod 755 ${DIR}/active-response/bin/*
+        chown root:${OSSEC_GID} ${DIR}/active-response/bin/*
+        chown root:${OSSEC_GID} ${DIR}/bin/*
+        chmod 550 ${DIR}/bin/*
+        # For ossec.conf
+        chown root:${OSSEC_GID} ${DIR}/etc/ossec.conf
+        chmod 660 ${DIR}/etc/ossec.conf
+        # Debconf
+        . /usr/share/debconf/confmodule
+        db_input high ossec-hids-agent/server-ip || true
+        db_go
+        db_get ossec-hids-agent/server-ip
+        SERVER_IP=$RET
+        sed -i "s/<server-ip>[^<]\+<\/server-ip>/<server-ip>${SERVER_IP}<\/server-ip>/" ${DIR}/etc/ossec.conf
+        db_stop
+        # ossec-init.conf
+        if [ -e ${DIR}/etc/ossec-init.conf ] && [ -d /etc/ ]; then
+            if [ -e /etc/ossec-init.conf ]; then
+                rm -f /etc/ossec-init.conf
+            fi
+            ln -s ${DIR}/etc/ossec-init.conf /etc/ossec-init.conf
+        fi
+        # init.d/ossec file
+        if [ -x ${DIR}/etc/init.d/ossec ] && [ -d /etc/init.d/ ]; then
+            if [ -e /etc/init.d/ossec ]; then
+                rm -f /etc/init.d/ossec
+            fi
+            ln -s ${DIR}/etc/init.d/ossec /etc/init.d/ossec
+        fi
+        # Service
+        if [ -x /etc/init.d/ossec ]; then
+            update-rc.d -f ossec defaults
+        fi
+        # Delete tmp directory
+        if [ -d ${OSSEC_HIDS_TMP_DIR} ]; then
+            rm -r ${OSSEC_HIDS_TMP_DIR}
+        fi
+}
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system --home-dir /var/ossec -g ossec --shell /bin/false ossec"
+GROUPADD_PARAM_${PN} = "--system ossec"
+RDEPENDS_${PN} = "openssl bash"
author	Armin Kuster <akuster808@gmail.com>	2021-04-21 04:17:35 +0000
committer	Armin Kuster <akuster808@gmail.com>	2021-04-26 14:32:51 +0000
commit	f1f517c919bcf50cdbcacc00779e801c17dec3b7 (patch)
tree	cfaa4ca3dd060d1a2b04a07a6a4debea3b2ed14b
parent	30da585d2a08b09b4553ff573b5fcfe159867b5a (diff)
download	meta-security-f1f517c919bcf50cdbcacc00779e801c17dec3b7.tar.gz

diff --git a/recipes-ids/ossec/files/0001-Makefile-drop-running-scrips-install.patch b/recipes-ids/ossec/files/0001-Makefile-drop-running-scrips-install.patch new file mode 100644 index 0000000..08e018f --- /dev/null +++ b/recipes-ids/ossec/files/0001-Makefile-drop-running-scrips-install.patch
@@ -0,0 +1,37 @@
	1	From b948d36a8ca8e04794381f0f6eba29daf7e3fd01 Mon Sep 17 00:00:00 2001
	2	From: Armin Kuster <akuster808@gmail.com>
	3	Date: Wed, 21 Apr 2021 00:56:53 +0000
	4	Subject: [PATCH 1/2] Makefile: drop running scrips @ install
	5
	6	Upstream-Status: Inappropriate [embedded specific]
	7
	8	Signed-off-by: Armin Kuster <akuster808@gmail.com>
	9	---
	10	src/Makefile \| 4 ----
	11	1 file changed, 4 deletions(-)
	12
	13	diff --git a/src/Makefile b/src/Makefile
	14	index 06a7094c..dfb8cb58 100644
	15	--- a/src/Makefile
	16	+++ b/src/Makefile
	17	@@ -409,7 +409,6 @@ install-hybrid: install-server-generic
	18	install-server: install-server-generic
	19
	20	install-common: build
	21	- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
	22	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
	23	$(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
	24	$(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
	25	@@ -485,9 +484,6 @@ endif
	26	$(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
	27	$(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
	28
	29	- ./init/fw-check.sh execute
	30	-
	31	-
	32
	33	install-server-generic: install-common
	34	$(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
	35	--
	36	2.25.1
	37


diff --git a/recipes-ids/ossec/files/0002-Makefile-don-t-set-uid-gid.patch b/recipes-ids/ossec/files/0002-Makefile-don-t-set-uid-gid.patch new file mode 100644 index 0000000..d5e3403 --- /dev/null +++ b/recipes-ids/ossec/files/0002-Makefile-don-t-set-uid-gid.patch
@@ -0,0 +1,251 @@
	1	From d9ec907881b72d42b4918f7cfb46516ce8e77772 Mon Sep 17 00:00:00 2001
	2	From: Armin Kuster <akuster808@gmail.com>
	3	Date: Sat, 24 Apr 2021 23:07:29 +0000
	4	Subject: [PATCH 2/2] Makefile: don't set uid/gid
	5
	6	Upstream-Status: Inappropriate [embedded specific]
	7
	8	Signed-off-by: Armin Kuster <akuster808@gmail.com>
	9	---
	10	src/Makefile \| 166 +++++++++++++++++++++++++--------------------------
	11	1 file changed, 83 insertions(+), 83 deletions(-)
	12
	13	diff --git a/src/Makefile b/src/Makefile
	14	index dfb8cb58..a4d69ef6 100644
	15	--- a/src/Makefile
	16	+++ b/src/Makefile
	17	@@ -21,7 +21,7 @@ OSSEC_USER?=ossec
	18	OSSEC_USER_MAIL?=ossecm
	19	OSSEC_USER_REM?=ossecr
	20
	21	-INSTALL_CMD?=install -m $(1) -o $(2) -g $(3)
	22	+INSTALL_CMD?=install -m $(1)
	23	INSTALL_LOCALTIME?=yes
	24	INSTALL_RESOLVCONF?=yes
	25
	26	@@ -397,10 +397,10 @@ endif
	27	install: install-${TARGET}
	28
	29	install-agent: install-common
	30	- $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin
	31	- $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin
	32	+ $(call INSTALL_CMD,0550) ossec-agentd ${PREFIX}/bin
	33	+ $(call INSTALL_CMD,0550) agent-auth ${PREFIX}/bin
	34
	35	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
	36	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rids
	37
	38	install-local: install-server-generic
	39
	40	@@ -409,129 +409,129 @@ install-hybrid: install-server-generic
	41	install-server: install-server-generic
	42
	43	install-common: build
	44	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
	45	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
	46	- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
	47	-
	48	- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin
	49	- $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin
	50	- $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin
	51	- $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin
	52	- $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin
	53	- $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/
	54	- $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
	55	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/
	56	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs
	57	+ $(call INSTALL_CMD,0660) /dev/null ${PREFIX}/logs/ossec.log
	58	+
	59	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/bin
	60	+ $(call INSTALL_CMD,0550) ossec-logcollector ${PREFIX}/bin
	61	+ $(call INSTALL_CMD,0550) ossec-syscheckd ${PREFIX}/bin
	62	+ $(call INSTALL_CMD,0550) ossec-execd ${PREFIX}/bin
	63	+ $(call INSTALL_CMD,0550) manage_agents ${PREFIX}/bin
	64	+ $(call INSTALL_CMD,0550) ../contrib/util.sh ${PREFIX}/bin/
	65	+ $(call INSTALL_CMD,0550) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
	66
	67	ifeq (${LUA_ENABLE},yes)
	68	- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua
	69	- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native
	70	- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled
	71	- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
	72	- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
	73	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/lua
	74	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/lua/native
	75	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/lua/compiled
	76	+ $(call INSTALL_CMD,0550) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
	77	+ $(call INSTALL_CMD,0550) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
	78	endif
	79
	80	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue
	81	- $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts
	82	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec
	83	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck
	84	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff
	85	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/queue
	86	+ $(call INSTALL_CMD,0770) -d ${PREFIX}/queue/alerts
	87	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/ossec
	88	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/syscheck
	89	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/diff
	90
	91	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc
	92	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/etc
	93	ifeq (${INSTALL_LOCALTIME},yes)
	94	- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc
	95	+ $(call INSTALL_CMD,0440) /etc/localtime ${PREFIX}/etc
	96	endif
	97	ifeq (${INSTALL_RESOLVCONF},yes)
	98	- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/resolv.conf ${PREFIX}/etc
	99	+ $(call INSTALL_CMD,0440) /etc/resolv.conf ${PREFIX}/etc
	100	endif
	101
	102	- $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp
	103	+ $(call INSTALL_CMD,1550) -d ${PREFIX}/tmp
	104
	105	ifneq (,$(wildcard /etc/TIMEZONE))
	106	- $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/
	107	+ $(call INSTALL_CMD,440) /etc/TIMEZONE ${PREFIX}/etc/
	108	endif
	109	# Solaris Needs some extra files
	110	ifeq (${uname_S},SunOS)
	111	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/
	112	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/usr/share/lib/zoneinfo/
	113	cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/
	114	endif
	115	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/
	116	+ $(call INSTALL_CMD,0640) -b ../etc/internal_options.conf ${PREFIX}/etc/
	117	ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf))
	118	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
	119	+ $(call INSTALL_CMD,0640) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
	120	endif
	121	ifeq (,$(wildcard ${PREFIX}/etc/client.keys))
	122	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys
	123	+ $(call INSTALL_CMD,0640) /dev/null ${PREFIX}/etc/client.keys
	124	endif
	125	ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf))
	126	ifneq (,$(wildcard ../etc/ossec.mc))
	127	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
	128	+ $(call INSTALL_CMD,0640) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
	129	else
	130	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
	131	+ $(call INSTALL_CMD,0640) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
	132	endif
	133	endif
	134
	135	- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared
	136	- $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/
	137	+ $(call INSTALL_CMD,0770) -d ${PREFIX}/etc/shared
	138	+ $(call INSTALL_CMD,0640) rootcheck/db/*.txt ${PREFIX}/etc/shared/
	139
	140	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response
	141	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin
	142	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless
	143	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/
	144	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/active-response
	145	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/active-response/bin
	146	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/agentless
	147	+ $(call INSTALL_CMD,0550) agentlessd/scripts/* ${PREFIX}/agentless/
	148
	149	- $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh
	150	+ $(call INSTALL_CMD,0700) -d ${PREFIX}/.ssh
	151
	152	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/
	153	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
	154	+ $(call INSTALL_CMD,0550) ../active-response/*.sh ${PREFIX}/active-response/bin/
	155	+ $(call INSTALL_CMD,0550) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
	156
	157	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
	158	- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
	159	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/var
	160	+ $(call INSTALL_CMD,0770) -d ${PREFIX}/var/run
	161
	162
	163	install-server-generic: install-common
	164	- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
	165	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives
	166	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts
	167	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall
	168	-
	169	- $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin
	170	- $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin
	171	- $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin
	172	- $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin
	173	- $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin
	174	- $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin
	175	- $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin
	176	- $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin
	177	- $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin
	178	- $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin
	179	- $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin
	180	- $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/
	181	- $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/
	182	- $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/
	183	- $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/
	184	- $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/
	185	- $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/
	186	- $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/
	187	- $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/
	188	-
	189	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats
	190	- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules
	191	+ $(call INSTALL_CMD,0660) /dev/null ${PREFIX}/logs/active-responses.log
	192	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/archives
	193	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/alerts
	194	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/firewall
	195	+
	196	+ $(call INSTALL_CMD,0550) ossec-agentlessd ${PREFIX}/bin
	197	+ $(call INSTALL_CMD,0550) ossec-analysisd ${PREFIX}/bin
	198	+ $(call INSTALL_CMD,0550) ossec-monitord ${PREFIX}/bin
	199	+ $(call INSTALL_CMD,0550) ossec-reportd ${PREFIX}/bin
	200	+ $(call INSTALL_CMD,0550) ossec-maild ${PREFIX}/bin
	201	+ $(call INSTALL_CMD,0550) ossec-remoted ${PREFIX}/bin
	202	+ $(call INSTALL_CMD,0550) ossec-logtest ${PREFIX}/bin
	203	+ $(call INSTALL_CMD,0550) ossec-csyslogd ${PREFIX}/bin
	204	+ $(call INSTALL_CMD,0550) ossec-authd ${PREFIX}/bin
	205	+ $(call INSTALL_CMD,0550) ossec-dbd ${PREFIX}/bin
	206	+ $(call INSTALL_CMD,0550) ossec-makelists ${PREFIX}/bin
	207	+ $(call INSTALL_CMD,0550) verify-agent-conf ${PREFIX}/bin/
	208	+ $(call INSTALL_CMD,0550) clear_stats ${PREFIX}/bin/
	209	+ $(call INSTALL_CMD,0550) list_agents ${PREFIX}/bin/
	210	+ $(call INSTALL_CMD,0550) ossec-regex ${PREFIX}/bin/
	211	+ $(call INSTALL_CMD,0550) syscheck_update ${PREFIX}/bin/
	212	+ $(call INSTALL_CMD,0550) agent_control ${PREFIX}/bin/
	213	+ $(call INSTALL_CMD,0550) syscheck_control ${PREFIX}/bin/
	214	+ $(call INSTALL_CMD,0550) rootcheck_control ${PREFIX}/bin/
	215	+
	216	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/stats
	217	+ $(call INSTALL_CMD,0550) -d ${PREFIX}/rules
	218	ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml))
	219	cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup
	220	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
	221	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
	222	+ $(call INSTALL_CMD,0640) -b ../etc/rules/*.xml ${PREFIX}/rules
	223	+ $(call INSTALL_CMD,0640) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
	224	rm ${PREFIX}/rules/local_rules.xml.installbackup
	225	else
	226	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
	227	+ $(call INSTALL_CMD,0640) -b ../etc/rules/*.xml ${PREFIX}/rules
	228	endif
	229
	230	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts
	231	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/fts
	232
	233	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck
	234	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rootcheck
	235
	236	- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info
	237	- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless
	238	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/agent-info
	239	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/agentless
	240
	241	- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
	242	+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rids
	243
	244	- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/
	245	+ $(call INSTALL_CMD,0640) ../etc/decoder.xml ${PREFIX}/etc/
	246
	247	rm -f ${PREFIX}/etc/shared/merged.mg
	248
	249	--
	250	2.25.1
	251


diff --git a/recipes-ids/ossec/ossec-hids_3.6.0.bb b/recipes-ids/ossec/ossec-hids_3.6.0.bb new file mode 100644 index 0000000..10354a7 --- /dev/null +++ b/recipes-ids/ossec/ossec-hids_3.6.0.bb
@@ -0,0 +1,161 @@
	1	SUMMARY = "A full platform to monitor and control your systems"
	2	LICENSE = "GPL-2.0"
	3	LIC_FILES_CHKSUM = "file://LICENSE;md5=d625d1520b5e38faefb81cf9772badc9"
	4
	5
	6	DEPENDS = "openssl libpcre2 zlib libevent"
	7	SRC_URI = "git://github.com/ossec/ossec-hids;branch=master \
	8	file://0001-Makefile-drop-running-scrips-install.patch \
	9	file://0002-Makefile-don-t-set-uid-gid.patch \
	10	"
	11
	12	SRCREV = "1303c78e2c67d7acee0508cb00c3bc63baaa27c2"
	13
	14	inherit autotools-brokensep useradd
	15
	16	S = "${WORKDIR}/git"
	17
	18	OSSEC_UID ?= "ossec"
	19	OSSEC_RUID ?= "ossecr"
	20	OSSEC_GID ?= "ossec"
	21	OSSEC_EMAIL ?= "ossecm"
	22
	23	do_configure[noexec] = "1"
	24
	25	do_compile() {
	26	cd ${S}/src
	27	make PREFIX=${prefix} TARGET=local USE_SYSTEMD=No build
	28	}
	29
	30	do_install(){
	31	install -d ${D}${sysconfdir}
	32	install -d ${D}/var/ossec/${sysconfdir}
	33
	34	cd ${S}/src
	35	make TARGET=local PREFIX=${D}/var/ossec install
	36
	37	echo "DIRECTORY=\"/var/ossec\"" > ${D}/${sysconfdir}/ossec-init.conf
	38	echo "VERSION=\"${PV}\"" >> ${D}/${sysconfdir}/ossec-init.conf
	39	echo "DATE=\"`date`\"" >> ${D}/${sysconfdir}/ossec-init.conf
	40	echo "TYPE=\"local\"" >> ${D}/${sysconfdir}/ossec-init.conf
	41	chmod 600 ${D}/${sysconfdir}/ossec-init.conf
	42	install -m 640 ${D}/${sysconfdir}/ossec-init.conf ${D}/var/ossec/${sysconfdir}/ossec-init.conf
	43	}
	44
	45	pkg_postinst_ontarget_${PN} () {
	46	DIR="/var/ossec"
	47
	48	usermod -g ossec -G ossec -a root
	49
	50	# Default for all directories
	51	chmod -R 550 ${DIR}
	52	chown -R root:${OSSEC_GID} ${DIR}
	53
	54	# To the ossec queue (default for agentd to read)
	55	chown -R ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/queue/ossec
	56	chmod -R 770 ${DIR}/queue/ossec
	57
	58	# For the logging user
	59	chown -R ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/logs
	60	chmod -R 750 ${DIR}/logs
	61	chmod -R 775 ${DIR}/queue/rids
	62	touch ${DIR}/logs/ossec.log
	63	chown ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/logs/ossec.log
	64	chmod 664 ${DIR}/logs/ossec.log
	65
	66	chown -R ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/queue/diff
	67	chmod -R 750 ${DIR}/queue/diff
	68	chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 \|\| true
	69
	70	# For the etc dir
	71	chmod 550 ${DIR}/etc
	72	chown -R root:${OSSEC_GID} ${DIR}/etc
	73	if [ -f /etc/localtime ]; then
	74	cp -pL /etc/localtime ${DIR}/etc/;
	75	chmod 555 ${DIR}/etc/localtime
	76	chown root:${OSSEC_GID} ${DIR}/etc/localtime
	77	fi
	78
	79	if [ -f /etc/TIMEZONE ]; then
	80	cp -p /etc/TIMEZONE ${DIR}/etc/;
	81	chmod 555 ${DIR}/etc/TIMEZONE
	82	fi
	83
	84	# More files
	85	chown root:${OSSEC_GID} ${DIR}/etc/internal_options.conf
	86	chown root:${OSSEC_GID} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 \|\| true
	87	chown root:${OSSEC_GID} ${DIR}/etc/client.keys >/dev/null 2>&1 \|\| true
	88	chown root:${OSSEC_GID} ${DIR}/agentless/*
	89	chown ${OSSEC_UUID}:${OSSEC_GID} ${DIR}/.ssh
	90	chown root:${OSSEC_GID} ${DIR}/etc/shared/*
	91
	92	chmod 550 ${DIR}/etc
	93	chmod 440 ${DIR}/etc/internal_options.conf
	94	chmod 660 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 \|\| true
	95	chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 \|\| true
	96	chmod 550 ${DIR}/agentless/*
	97	chmod 700 ${DIR}/.ssh
	98	chmod 770 ${DIR}/etc/shared
	99	chmod 660 ${DIR}/etc/shared/*
	100
	101	# For the /var/run
	102	chmod 770 ${DIR}/var/run
	103	chown root:${OSSEC_GID} ${DIR}/var/run
	104
	105	# For util.sh
	106	chown root:${OSSEC_GID} ${DIR}/bin/util.sh
	107	chmod +x ${DIR}/bin/util.sh
	108
	109	# For binaries and active response
	110	chmod 755 ${DIR}/active-response/bin/*
	111	chown root:${OSSEC_GID} ${DIR}/active-response/bin/*
	112	chown root:${OSSEC_GID} ${DIR}/bin/*
	113	chmod 550 ${DIR}/bin/*
	114
	115	# For ossec.conf
	116	chown root:${OSSEC_GID} ${DIR}/etc/ossec.conf
	117	chmod 660 ${DIR}/etc/ossec.conf
	118
	119	# Debconf
	120	. /usr/share/debconf/confmodule
	121	db_input high ossec-hids-agent/server-ip \|\| true
	122	db_go
	123
	124	db_get ossec-hids-agent/server-ip
	125	SERVER_IP=$RET
	126
	127	sed -i "s/<server-ip>[^<]\+<\/server-ip>/<server-ip>${SERVER_IP}<\/server-ip>/" ${DIR}/etc/ossec.conf
	128	db_stop
	129
	130	# ossec-init.conf
	131	if [ -e ${DIR}/etc/ossec-init.conf ] && [ -d /etc/ ]; then
	132	if [ -e /etc/ossec-init.conf ]; then
	133	rm -f /etc/ossec-init.conf
	134	fi
	135	ln -s ${DIR}/etc/ossec-init.conf /etc/ossec-init.conf
	136	fi
	137
	138	# init.d/ossec file
	139	if [ -x ${DIR}/etc/init.d/ossec ] && [ -d /etc/init.d/ ]; then
	140	if [ -e /etc/init.d/ossec ]; then
	141	rm -f /etc/init.d/ossec
	142	fi
	143	ln -s ${DIR}/etc/init.d/ossec /etc/init.d/ossec
	144	fi
	145
	146	# Service
	147	if [ -x /etc/init.d/ossec ]; then
	148	update-rc.d -f ossec defaults
	149	fi
	150
	151	# Delete tmp directory
	152	if [ -d ${OSSEC_HIDS_TMP_DIR} ]; then
	153	rm -r ${OSSEC_HIDS_TMP_DIR}
	154	fi
	155	}
	156
	157	USERADD_PACKAGES = "${PN}"
	158	USERADD_PARAM_${PN} = "--system --home-dir /var/ossec -g ossec --shell /bin/false ossec"
	159	GROUPADD_PARAM_${PN} = "--system ossec"
	160
	161	RDEPENDS_${PN} = "openssl bash"