diff options
| author | Francesco Colista <fcolista@alpinelinux.org> | 2018-01-18 13:16:27 +0000 |
|---|---|---|
| committer | Francesco Colista <fcolista@alpinelinux.org> | 2018-01-18 13:16:27 +0000 |
| commit | 3159a149be7b063198c17457c5400ddcab29e092 (patch) | |
| tree | b9aeeee304ca07a9852297014fd938aa08a21a47 /testing/ossec-hids | |
| parent | ffd94bf618e16a63aedba794852b15a34b531a33 (diff) | |
| download | aports-3159a149be7b063198c17457c5400ddcab29e092.tar.bz2 aports-3159a149be7b063198c17457c5400ddcab29e092.tar.xz | |
testing/ossec-hids: upgrade to 2.9.3
Diffstat (limited to 'testing/ossec-hids')
| -rw-r--r-- | testing/ossec-hids/APKBUILD | 44 | ||||
| -rw-r--r-- | testing/ossec-hids/config | 54 | ||||
| -rw-r--r-- | testing/ossec-hids/musl_lack_of_a_out_h.patch | 13 |
3 files changed, 88 insertions, 23 deletions
diff --git a/testing/ossec-hids/APKBUILD b/testing/ossec-hids/APKBUILD index 5577eeb86c..7f1926f383 100644 --- a/testing/ossec-hids/APKBUILD +++ b/testing/ossec-hids/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Francesco Colista <fcolista@alpinelinux.org> # Maintainer: Francesco Colista <fcolista@alpinelinux.org> pkgname=ossec-hids -pkgver=2.8.3 +pkgver=2.9.3 pkgrel=0 pkgdesc="Open Source Host-based Intrusion Detection System" url="http://www.ossec.net/" @@ -16,24 +16,34 @@ pkggroups="ossec" source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/$pkgname/archive/v$pkgver.tar.gz $pkgname.initd $pkgname.logrotate - 00_a-out-h-path.patch - 01_makefile.patch - 02_ossec-server.conf.patch musl_lack_of_a_out_h.patch - alpine-install-server.patch" + config" builddir="$srcdir/$pkgname-$pkgver" -build() { +prepare() { + default_prepare cd "$builddir" - make all || return 1 + export USER_INSTALL_TYPE=server + export USER_NO_STOP=yes + export USER_DIR=/var/ossec + export USER_BINARYINSTALL=x + sed -i "s|^OSSEC_INIT.*|OSSEC_INIT=\"$pkgdir/etc/ossec-init.conf\"|" src/init/shared.sh +} + +build() { + . "$srcdir"/config + cd "$builddir"/src + make TARGET=$USER_INSTALL_TYPE } package() { cd "$builddir" - make DESTDIR="$pkgdir" install + mkdir -p "$pkgdir"/etc + USER_DIR="$pkgdir"/var/ossec ./install.sh + sed -i '/DIRECTORY=/c\DIRECTORY="/var/ossec"' "$pkgdir/etc/ossec-init.conf" install -D -m755 "$srcdir"/$pkgname.initd \ - "$pkgdir"/etc/init.d/$pkgname || return 1 - install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname || return 1 + "$pkgdir"/etc/init.d/$pkgname + install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname cat << EOF > "$pkgdir"/etc/ossec-init.conf DIRECTORY="/var/ossec" VERSION="$(cat src/VERSION)" @@ -43,7 +53,10 @@ EOF mkdir -p "$pkgdir"/var/ossec/logs set -- $pkgusers cd src - ./InstallServer.sh $1 $2 $3 $pkggroups $pkgdir + find "$pkgdir" -user nobody -exec chown 524 '{}' ';' + find "$pkgdir" -user mail -exec chown 525 '{}' ';' + find "$pkgdir" -user daemon -exec chown 526 '{}' ';' + find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';' } doc() { @@ -54,11 +67,8 @@ doc() { "$subpkgdir"/usr/share/doc/$pkgname } -sha512sums="3ec9504b5a6d36c303710b3aa9cfbe616b40deca671f4814340008b6e5edd9b2094bb7f1b441da788a5eec0f8095a0624ed42b8a8fc922274cd99db634994d1a ossec-hids-2.8.3.tar.gz +sha512sums="cfc993ef698d479ead99d4b0fe598208831960af589b7119b6bc680073c5b8aef2395387cadcca00f90a33aab2f0d4a71787b265acf700fb341c377648a245cd ossec-hids-2.9.3.tar.gz 62f52d91de3751c149b1c354ebb87c0a8c4a81129403b80a8448c5e6542a67b4aa9e132aab2429781913eb909320b431b381828e414d44235bb8e9a8959e0d8b ossec-hids.initd 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0 ossec-hids.logrotate -f99f53ce5b84228de33ec3fc0bc4419714d2d7d2167d33629ab6c0d7372060c0eeb3cfc1f0696ddcacfcb7f3280f515b67427f85e5e925aeb0a6c5f6cc54f411 00_a-out-h-path.patch -1ba449afa65a9374c8fd2b1c2d00897b54c5e8ef2e0be95a1d8a8dd45dfe27d5b19c12f3a075d6021449bc1d2946fdc8c7654ddfce1e55d79d104a3add7e2850 01_makefile.patch -ee0baecaeacae782f43849e8c3c4afc0aef3cb238748209f8d1d0b2bd94bea59384474caba6a45bb4022e496ef1a50a3877447a3ccd1885a0a942c9cb6051c74 02_ossec-server.conf.patch -2649b0992c62511c587b5787c5dbb2e997088f905df0a0c3530906224ec000e0ac519c75979d460202c7881df51099787f070ac74a6f8b1d9905509d1154f129 musl_lack_of_a_out_h.patch -46ada63e1f9ddaf6eb6ed6f2cfaa1e4f16b665307fbab15e34e39444075b9a0e8efef63164d4f90bc47a95720cf3afc0c6f7ff6d892ca018f3739116ca961bd5 alpine-install-server.patch" +4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b musl_lack_of_a_out_h.patch +df760cb8a24c080b016c4cad4d4b1df56ae26d4f94517a7b9d6ccc3d507a7a53f3a46abdddccad3244cacca12857dc3d5b4646ac763788c88cf59686504122d0 config" diff --git a/testing/ossec-hids/config b/testing/ossec-hids/config new file mode 100644 index 0000000000..e4c94af827 --- /dev/null +++ b/testing/ossec-hids/config @@ -0,0 +1,54 @@ +#!/bin/sh + +# Do you want to update it? (y/n) [y]: +export USER_UPDATE=y + +# Do you want to update the rules? (y/n) [y]: +export USER_UPDATE_RULES=y + +# User Language: +export USER_LANGUAGE=en + +# Do you want e-mail notification? (y/n) [y]: +export USER_ENABLE_EMAIL=y +# What's your e-mail address? +export USER_EMAIL_ADDRESS=foo@example.com +# What's your SMTP server ip/host? +export USER_EMAIL_SMTP=localhost + +# Do you want to run the integrity check daemon? (y/n) [y]: +export USER_ENABLE_SYSCHECK=y + +#Do you want to run the rootkit detection engine? (y/n) [y]: +export USER_ENABLE_ROOTCHECK=y + +# Active response allows you to execute a specific +# command based on the events received. For example, +# you can block an IP address or disable access for +# a specific user. +# More information at: +# https://ossec.github.io/docs/manual/ar/ +# +# - Do you want to enable active response? (y/n) [y]: +export USER_ENABLE_ACTIVE_RESPONSE=y + +# - By default, we can enable the host-deny and the +# firewall-drop responses. The first one will add +# a host to the /etc/hosts.deny and the second one +# will block the host on iptables (if linux) or on +# ipfilter (if Solaris, FreeBSD or NetBSD). +# - They can be used to stop SSHD brute force scans, +# portscans and some other forms of attacks. You can +# also add them to block on snort events, for example. +# +# - Do you want to enable the firewall-drop response? (y/n) [y]: +export USER_ENABLE_FIREWALL_RESPONSE=y + +# Do you want to add more IPs to the white list? (y/n)? [n]: +# if set to y, installer will ask you to enter the list of IPs +# if you want to use this feature, you must also export USER_NO_STOP=no +export USER_WHITE_LIST=n + +# Do you want to enable remote syslog (port 514 udp)? (y/n) [y]: +export USER_ENABLE_SYSLOG=y + diff --git a/testing/ossec-hids/musl_lack_of_a_out_h.patch b/testing/ossec-hids/musl_lack_of_a_out_h.patch index 2660c2a5cc..a4d2b12a61 100644 --- a/testing/ossec-hids/musl_lack_of_a_out_h.patch +++ b/testing/ossec-hids/musl_lack_of_a_out_h.patch @@ -1,12 +1,13 @@ ---- a/src/rootcheck/os_string.c.old 2017-05-03 21:21:43.796000000 +0000 -+++ b/src/rootcheck/os_string.c 2017-05-03 21:22:28.128000000 +0000 -@@ -54,7 +54,8 @@ +diff --git a/src/rootcheck/os_string.c b/src/rootcheck/os_string.c +index e7ca284..85b6d9b 100644 +--- a/src/rootcheck/os_string.c ++++ b/src/rootcheck/os_string.c +@@ -44,7 +44,7 @@ + #ifdef SOLARIS #include <sys/exechdr.h> - -#elif defined Darwin || defined HPUX -+// linux here means musl-linux +#elif defined Darwin || defined HPUX || defined linux /* For some reason darwin does not have that */ - struct exec + struct exec { |