testing/ossec-hids: new aport

author: Francesco Colista <fcolista@alpinelinux.org> 2016-11-18 09:56:40 +0000
committer: Francesco Colista <fcolista@alpinelinux.org> 2016-11-18 09:56:44 +0000
commit: e7ab352a8e3f4d163a179db32e3d9755a3c646fb (patch)
tree: d7ed2b397dca5cb762d376404e4ce0385d505d54 /testing/ossec-hids
parent: e97929951431659b385e74003db6cdc7f7f7dbd4 (diff)
download: aports-e7ab352a8e3f4d163a179db32e3d9755a3c646fb.tar.bz2
aports-e7ab352a8e3f4d163a179db32e3d9755a3c646fb.tar.xz
8 files changed, 483 insertions, 0 deletions
diff --git a/testing/ossec-hids/00_a-out-h-path.patch b/testing/ossec-hids/00_a-out-h-path.patch
new file mode 100644
index 0000000000..b9e5a246cd
--- /dev/null
+++ b/testing/ossec-hids/00_a-out-h-path.patch
@@ -0,0 +1,13 @@
+diff --git a/src/rootcheck/os_string.c b/src/rootcheck/os_string.c
+index 069f5bd..e5aafca 100755
+--- a/src/rootcheck/os_string.c
++++ b/src/rootcheck/os_string.c
+@@ -78,7 +78,7 @@ struct exec
+ 
+ #else
+ 
+-#include <a.out.h>
++#include <linux/a.out.h>
+ #endif
+ 
+ 
diff --git a/testing/ossec-hids/01_makefile.patch b/testing/ossec-hids/01_makefile.patch
new file mode 100644
index 0000000000..c0536f29d3
--- /dev/null
+++ b/testing/ossec-hids/01_makefile.patch
@@ -0,0 +1,76 @@
+Index: ossec-hids-2.8.2/Makefile
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ ossec-hids-2.8.2/Makefile	2015-08-10 04:36:27.819134760 +0000
+@@ -0,0 +1,71 @@
++#
++# Santiago Bassett <santiago.bassett@gmail.com>
++# 06/15/2015
++#
++
++DESTDIR?=/
++DIR=$(DESTDIR)/var/ossec
++OSSEC_INIT=$(DIR)/etc/ossec-init.conf
++
++all:
++	echo "HEXTRA=-DMAX_AGENTS=16384" >> src/Config.OS
++	(cd src; make all; make build)
++
++clean:
++	rm bin/* || /bin/true
++	mkdir -p $(DIR)/rules/translated/
++	chmod 750 $(DIR) || /bin/true
++	chmod 750 $(DIR)/* || /bin/true
++	chmod 750 $(DIR)/rules/translated/ || /bin/true
++	chmod 750 $(DIR)/rules/translated/* || /bin/true
++	(cd src; make clean)
++	rm -f src/Config.OS
++	rm -f src/analysisd/compiled_rules/compiled_rules.h
++	rm -f src/isbigendian.c
++	rm -f src/analysisd/ossec-makelists
++	rm -f src/analysisd/ossec-logtest
++	rm -f src/isbigendian
++
++install:
++	mkdir -p $(DIR)
++	(cd $(DIR); mkdir -p logs logs/archives logs/alerts logs/firewall bin stats rules queue queue/alerts queue/ossec queue/fts queue/syscheck queue/rootcheck queue/diff queue/agent-info queue/agentless queue/rids tmp var var/run etc etc/init.d etc/shared active-response active-response/bin agentless .ssh contrib)
++	cp -pr etc/rules/* $(DIR)/rules/
++	chmod -x $(DIR)/rules/*.xml
++	chmod -x $(DIR)/rules/log-entries/*
++	chmod -x $(DIR)/rules/translated/pure_ftpd/*.xml
++	cp -pL /etc/localtime $(DIR)/etc/ 2>/dev/null || /bin/true
++	cp -p /etc/TIMEZONE $(DIR)/etc/   2>/dev/null || /bin/true
++	cp -p contrib/compile_alerts.pl $(DIR)/contrib/
++	cp -p contrib/compile_alerts.txt $(DIR)/contrib/
++	cp -p contrib/config2xml $(DIR)/contrib/
++	cp -p contrib/ossec-batch-manager.pl $(DIR)/contrib/
++	cp -p contrib/ossec-eps.sh $(DIR)/contrib/
++	cp -pr bin/ossec* $(DIR)/bin/
++	cp -pr bin/manage_agents $(DIR)/bin/
++	cp -pr bin/syscheck_update $(DIR)/bin/
++	cp -pr bin/verify-agent-conf $(DIR)/bin/
++	cp -pr bin/clear_stats $(DIR)/bin/
++	cp -pr bin/list_agents $(DIR)/bin/
++	cp -pr bin/agent_control $(DIR)/bin/
++	cp -pr bin/syscheck_control $(DIR)/bin/
++	cp -pr bin/rootcheck_control $(DIR)/bin/
++	cp -pr contrib/util.sh $(DIR)/bin/
++	cp -pr src/init/ossec-server.sh $(DIR)/bin/ossec-control
++	cp -pr etc/decoder.xml $(DIR)/etc/
++	chmod -x $(DIR)/etc/decoder.xml
++	cp -pr etc/local_decoder.xml $(DIR)/etc/ > /dev/null 2>&1 || /bin/true
++	cp -pr etc/local_internal_options.conf $(DIR)/etc/ > /dev/null 2>&1 || /bin/true
++	cp -pr etc/client.keys $(DIR)/etc/ > /dev/null 2>&1 ||/bin/true
++	cp -pr src/agentlessd/scripts/* $(DIR)/agentless/
++	cp -pr etc/internal_options.conf $(DIR)/etc/
++	chmod -x $(DIR)/etc/internal_options.conf
++	cp -pr etc/ossec-server.conf $(DIR)/etc/ossec.conf
++	chmod -x $(DIR)/etc/ossec.conf
++	cp -pr src/rootcheck/db/*.txt $(DIR)/etc/shared/
++	chmod -x $(DIR)/etc/shared/*.txt
++	cp -p active-response/*.sh $(DIR)/active-response/bin/
++	cp -p active-response/firewalls/*.sh $(DIR)/active-response/bin/
++	echo "DIRECTORY=\"/var/ossec\"" > $(OSSEC_INIT)
++	echo "VERSION=\"$(cat src/VERSION)" >> $(OSSEC_INIT)
++	echo "DATE=\"`date`\"" >> $(OSSEC_INIT)
++	echo "TYPE=\"server\"" >> $(OSSEC_INIT)
diff --git a/testing/ossec-hids/02_ossec-server.conf.patch b/testing/ossec-hids/02_ossec-server.conf.patch
new file mode 100644
index 0000000000..f09a2045ed
--- /dev/null
+++ b/testing/ossec-hids/02_ossec-server.conf.patch
@@ -0,0 +1,84 @@
+diff --git a/etc/ossec-server.conf b/etc/ossec-server.conf
+index 1a4998c..da49262 100755
+--- a/etc/ossec-server.conf
++++ b/etc/ossec-server.conf
+@@ -2,10 +2,10 @@
+ 
+ <ossec_config>
+   <global>
+-    <email_notification>yes</email_notification>
+-    <email_to>daniel.cid@xxx.com</email_to>
+-    <smtp_server>smtp.xxx.com.</smtp_server>
+-    <email_from>ossecm@ossec.xxx.com.</email_from>
++    <email_notification>no</email_notification>
++    <email_to>your_email_address@example.com</email_to>
++    <smtp_server>smtp.your_domain.com.</smtp_server>
++    <email_from>ossecm@ossec.your_domain.com.</email_from>
+   </global>
+ 
+   <rules>
+@@ -94,10 +94,6 @@
+ 
+   <global>
+     <white_list>127.0.0.1</white_list>
+-    <white_list>192.168.2.1</white_list>
+-    <white_list>192.168.2.190</white_list>
+-    <white_list>192.168.2.32</white_list>
+-    <white_list>192.168.2.10</white_list>
+   </global>
+ 
+   <remote>
+@@ -138,6 +134,7 @@
+        - level (severity) >= 6.
+        - The IP is going to be blocked for  600 seconds.
+       -->
++	<disabled>yes</disabled>
+     <command>host-deny</command>
+     <location>local</location>
+     <level>6</level>
+@@ -149,6 +146,7 @@
+        - 600 seconds on the firewall (iptables,
+        - ipfilter, etc).
+       -->
++    <disabled>yes</disabled>
+     <command>firewall-drop</command>
+     <location>local</location>
+     <level>6</level>
+@@ -164,31 +162,31 @@
+ 
+   <localfile>
+     <log_format>syslog</log_format>
+-    <location>/var/log/authlog</location>
++    <location>/var/log/auth.log</location>
+   </localfile>
+ 
+   <localfile>
+     <log_format>syslog</log_format>
+-    <location>/var/log/secure</location>
++    <location>/var/log/syslog</location>
+   </localfile>
+ 
+   <localfile>
+     <log_format>syslog</log_format>
+-    <location>/var/log/xferlog</location>
++    <location>/var/log/daemon.log</location>
+   </localfile>
+ 
+   <localfile>
+     <log_format>syslog</log_format>
+-    <location>/var/log/maillog</location>
++    <location>/var/log/mail.log</location>
+   </localfile>
+ 
+   <localfile>
+     <log_format>apache</log_format>
+-    <location>/var/www/logs/access_log</location>
++    <location>/var/log/apache2/access_log</location>
+   </localfile>
+ 
+   <localfile>
+     <log_format>apache</log_format>
+-    <location>/var/www/logs/error_log</location>
++    <location>/var/log/apache2/error_log</location>
+   </localfile>
+ </ossec_config>
diff --git a/testing/ossec-hids/APKBUILD b/testing/ossec-hids/APKBUILD
new file mode 100644
index 0000000000..17ad40699f
--- /dev/null
+++ b/testing/ossec-hids/APKBUILD
@@ -0,0 +1,76 @@
+# Contributor: Francesco Colista <fcolista@alpinelinux.org>
+# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
+pkgname=ossec-hids
+pkgver=2.8.3
+pkgrel=0
+pkgdesc="Open Source Host-based Intrusion Detection System"
+url="http://www.ossec.net/"
+arch="all"
+license="GPL3"
+depends="inotify-tools procps"
+makedepends="linux-headers inotify-tools-dev findutils file"
+install="$pkgname.pre-install"
+subpackages="$pkgname-doc"
+pkgusers="ossec ossecm ossecr"
+pkggroups="ossec"
+source="https://github.com/ossec/$pkgname/archive/$_pkgver/$pkgname-$pkgver.tar.gz
+	$pkgname.initd
+	$pkgname.logrotate
+	00_a-out-h-path.patch
+	01_makefile.patch
+	02_ossec-server.conf.patch
+	alpine-install-server.patch"
+builddir="$srcdir/$pkgname-$pkgver"
+
+build() {
+	cd "$builddir"
+	make all || return 1
+}
+
+package() {
+	cd "$builddir"
+	make DESTDIR="$pkgdir" install
+	install -D -m755 "$srcdir"/$pkgname.initd \
+		"$pkgdir"/etc/init.d/$pkgname || return 1	
+	install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname || return 1
+	cat << EOF > "$pkgdir"/etc/ossec-init.conf
+DIRECTORY="/var/ossec"
+VERSION="$(cat src/VERSION)"
+DATE="$(date)"
+TYPE="server"
+EOF
+	mkdir -p "$pkgdir"/var/ossec/logs
+	set -- $pkgusers
+	cd src
+	./InstallServer.sh $1 $2 $3 $pkggroups $pkgdir
+}
+
+doc() {
+	pkgdesc="Documentation for $pkgname"
+	cd "$builddir"
+	mkdir -p "$subpkgdir"/usr/share/doc/$pkgname
+	cp -a doc/* \
+	  "$subpkgdir"/usr/share/doc/$pkgname
+}
+
+md5sums="bcf783c2273805e2a4c2112011fafb83  ossec-hids-2.8.3.tar.gz
+eb24bd8d360ae7f6e7e6f585b5256090  ossec-hids.initd
+0ccfe4ca38cea21d60317210bd909d24  ossec-hids.logrotate
+00139c3f9f9e0d1baf58bb5d59894be6  00_a-out-h-path.patch
+4a6c8f64ec4444cd75f5ba76556ed4eb  01_makefile.patch
+eda7f4b045633776043f492a4762be50  02_ossec-server.conf.patch
+12427250585507a9c7029c0db5ceb2a2  alpine-install-server.patch"
+sha256sums="917989e23330d18b0d900e8722392cdbe4f17364a547508742c0fd005a1df7dd  ossec-hids-2.8.3.tar.gz
+e0494b017f69c2059399564e33eba4f957d054c3a3fd291a10d8f015e1e4dd68  ossec-hids.initd
+e97742265e5f6b792e44846bf8ca71b8cc2afd0b762bbc4b226f625486e148ef  ossec-hids.logrotate
+fe5072a5fac89bc44ab0f91909e9a8781ea23df91ff6faec3f62a87151d06eee  00_a-out-h-path.patch
+11a629c2362b867087a78d01d1f7b4903bcb2e7ba704e7d406ccd50ff048f556  01_makefile.patch
+f38bd4077546d5d4fd2b65b28fdd1694eb40437590910303808f513f70e3231b  02_ossec-server.conf.patch
+ffce064fd087adf92107810fa8b4e65b7977d814b8a972814d69bb826ad365e5  alpine-install-server.patch"
+sha512sums="3ec9504b5a6d36c303710b3aa9cfbe616b40deca671f4814340008b6e5edd9b2094bb7f1b441da788a5eec0f8095a0624ed42b8a8fc922274cd99db634994d1a  ossec-hids-2.8.3.tar.gz
+62f52d91de3751c149b1c354ebb87c0a8c4a81129403b80a8448c5e6542a67b4aa9e132aab2429781913eb909320b431b381828e414d44235bb8e9a8959e0d8b  ossec-hids.initd
+6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0  ossec-hids.logrotate
+f99f53ce5b84228de33ec3fc0bc4419714d2d7d2167d33629ab6c0d7372060c0eeb3cfc1f0696ddcacfcb7f3280f515b67427f85e5e925aeb0a6c5f6cc54f411  00_a-out-h-path.patch
+1ba449afa65a9374c8fd2b1c2d00897b54c5e8ef2e0be95a1d8a8dd45dfe27d5b19c12f3a075d6021449bc1d2946fdc8c7654ddfce1e55d79d104a3add7e2850  01_makefile.patch
+ee0baecaeacae782f43849e8c3c4afc0aef3cb238748209f8d1d0b2bd94bea59384474caba6a45bb4022e496ef1a50a3877447a3ccd1885a0a942c9cb6051c74  02_ossec-server.conf.patch
+46ada63e1f9ddaf6eb6ed6f2cfaa1e4f16b665307fbab15e34e39444075b9a0e8efef63164d4f90bc47a95720cf3afc0c6f7ff6d892ca018f3739116ca961bd5  alpine-install-server.patch"
diff --git a/testing/ossec-hids/alpine-install-server.patch b/testing/ossec-hids/alpine-install-server.patch
new file mode 100644
index 0000000000..3399c2b0e2
--- /dev/null
+++ b/testing/ossec-hids/alpine-install-server.patch
@@ -0,0 +1,163 @@
+diff --git a/src/InstallServer.sh b/src/InstallServer.sh
+index e619d99..307ada7 100755
+--- a/src/InstallServer.sh
++++ b/src/InstallServer.sh
+@@ -1,37 +1,14 @@
+ #!/bin/sh
+ 
+-
+-# Checking if it is executed from the right place
+-LOCATION=./LOCATION
+-ls ${LOCATION} > /dev/null 2>&1
+-if [ $? != 0 ]; then
+-    echo "Cannot execute. Wrong directory"
+-    exit 1;
+-fi
+-
+-# Getting any argument
+-if [ "X$1" = "Xlocal" ]; then
+-    # Setting local install
+-    LOCAL="local"
+-fi
+-    
+ UNAME=`uname`;
+-
+-# Getting default variables
+-DIR=`grep DIR ${LOCATION} | cut -f2 -d\"`
+-GROUP="ossec"
+-USER="ossec"
+-USER_MAIL="ossecm"
+-USER_REM="ossecr"
++DIR=$5/var/ossec
++# Need this to have $pkgusers and $pkggroups being passed from APKBUILD
++GROUP="$4"
++USER="$1"
++USER_MAIL="$2"
++USER_REM="$3"
+ subdirs="logs logs/archives logs/alerts logs/firewall bin stats rules queue queue/alerts queue/ossec queue/fts queue/syscheck queue/rootcheck queue/diff queue/agent-info queue/agentless queue/rids tmp var var/run etc etc/shared active-response active-response/bin agentless .ssh"
+ 
+-# ${DIR} must be set 
+-if [ "X${DIR}" = "X" ]; then
+-    echo "Error building OSSEC HIDS."
+-    exit 1;
+-fi    
+-
+-    
+ # Creating root directory
+ ls ${DIR} > /dev/null 2>&1    
+ if [ $? != 0 ]; then mkdir -m 700 -p ${DIR}; fi
+@@ -42,78 +19,6 @@ if [ $? != 0 ]; then
+ fi
+ 
+ 
+-# Creating groups/users
+-if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then
+-    grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
+-    if [ ! $? = 0 ]; then
+-    /usr/sbin/pw groupadd ${GROUP}
+-	/usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP}
+-	/usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP}
+-	/usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP}
+-    fi
+-
+-elif [ "$UNAME" = "SunOS" ]; then
+-    grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
+-    if [ ! $? = 0 ]; then
+-    /usr/sbin/groupadd ${GROUP}
+-    /usr/sbin/useradd -d ${DIR} -s /bin/false -g ${GROUP} ${USER}
+-    /usr/sbin/useradd -d ${DIR} -s /bin/false -g ${GROUP} ${USER_MAIL}
+-    /usr/sbin/useradd -d ${DIR} -s /bin/false -g ${GROUP} ${USER_REM}
+-    fi
+-
+-elif [ "$UNAME" = "AIX" ]; then
+-    AIXSH=""
+-    ls -la /bin/false > /dev/null 2>&1
+-    if [ $? = 0 ]; then
+-        AIXSH="-s /bin/false"
+-    fi
+-
+-    grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
+-    if [ ! $? = 0 ]; then
+-    /usr/bin/mkgroup ${GROUP}
+-    /usr/sbin/useradd -d ${DIR} ${AIXSH} -g ${GROUP} ${USER}
+-    /usr/sbin/useradd -d ${DIR} ${AIXSH} -g ${GROUP} ${USER_MAIL}
+-    /usr/sbin/useradd -d ${DIR} ${AIXSH} -g ${GROUP} ${USER_REM}
+-    fi
+-
+-# Thanks Chuck L. for the mac addusers    
+-elif [ "$UNAME" = "Darwin" ]; then
+-    id -u ${USER} > /dev/null 2>&1
+-    if [ ! $? = 0 ]; then
+-
+-        # Creating for <= 10.4
+-        /usr/bin/sw_vers 2>/dev/null| grep "ProductVersion" | grep -E "10.2.|10.3|10.4" > /dev/null 2>&1
+-        if [ $? = 0 ]; then
+-            chmod +x ./init/darwin-addusers.pl
+-            ./init/darwin-addusers.pl    
+-        else
+-            chmod +x ./init/osx105-addusers.sh
+-            ./init/osx105-addusers.sh
+-        fi        
+-    fi    
+-else
+-    grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
+-    if [ ! $? = 0 ]; then
+-	/usr/sbin/groupadd ${GROUP}
+-
+-    # We first check if /sbin/nologin is present. If it is not,
+-    # we look for bin/false. If none of them is present, we
+-    # just stick with nologin (no need to fail the install for that).
+-    OSMYSHELL="/sbin/nologin"
+-    ls -la ${OSMYSHELL} > /dev/null 2>&1
+-    if [ ! $? = 0 ]; then
+-        ls -la /bin/false > /dev/null 2>&1
+-        if [ $? = 0 ]; then
+-            OSMYSHELL="/bin/false"
+-        fi    
+-    fi    
+-	/usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER}
+-	/usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER_MAIL}
+-	/usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER_REM}
+-    fi
+-fi
+-
+-
+ # Creating sub directories
+ for i in ${subdirs}; do
+     ls ${DIR}/${i} > /dev/null 2>&1
+@@ -221,13 +126,6 @@ if [ $? = 0 ]; then
+     chown root:${GROUP} ${DIR}/etc/localtime 
+ fi
+ 
+-# Solaris Needs some extra files
+-if [ "$UNAME" = "SunOS" ]; then
+-    mkdir -p ${DIR}/usr/share/lib/zoneinfo/
+-    chmod -R 550 ${DIR}/usr/
+-    cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/
+-fi
+-
+ ls /etc/TIMEZONE > /dev/null 2>&1
+ if [ $? = 0 ]; then
+     cp -p /etc/TIMEZONE ${DIR}/etc/;
+@@ -263,13 +161,6 @@ cp -pr ../contrib/util.sh ${DIR}/bin/
+ chown root:${GROUP} ${DIR}/bin/util.sh
+ chmod +x ${DIR}/bin/util.sh
+ 
+-# Local install chosen
+-if [ "X$LOCAL" = "Xlocal" ]; then
+-    cp -pr ./init/ossec-local.sh ${DIR}/bin/ossec-control
+-else    
+-    cp -pr ./init/ossec-server.sh ${DIR}/bin/ossec-control
+-fi
+-
+ # Moving the decoders/internal_conf file.
+ cp -pr ../etc/decoder.xml ${DIR}/etc/
+ 
+@@ -281,7 +172,6 @@ cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1
+ # Copying agentless files.
+ cp -pr agentlessd/scripts/* ${DIR}/agentless/
+ 
+-
+ # Backup currently internal_options file.
+ ls ${DIR}/etc/internal_options.conf > /dev/null 2>&1
+ if [ $? = 0 ]; then
diff --git a/testing/ossec-hids/ossec-hids.initd b/testing/ossec-hids/ossec-hids.initd
new file mode 100755
index 0000000000..fd08d0b408
--- /dev/null
+++ b/testing/ossec-hids/ossec-hids.initd
@@ -0,0 +1,57 @@
+#!/sbin/openrc-run
+DIRECTORY="/var/ossec"
+OSSEC_CONTROL="${DIRECTORY}/bin/ossec-control"
+
+depend() {
+	need net
+	use logger
+}
+
+configtest() {
+	ebegin "Checking OSSEC Configuration"
+	checkconfig
+	eend $?
+}
+
+checkconfig() {
+	CONFIGFILE="${CONFIGFILE:-${DIRECTORY}/etc/ossec.conf}"
+	if [ ! -r "${CONFIGFILE}" ]; then
+		eerror "Unable to read configuration file: ${CONFIGFILE}"
+		return 1
+	fi
+
+	# Maybe put some kind of config file syntax checking in here?  XML is a little different
+	# so maybe not.	
+	return $ret
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting ossec-hids"
+	${OSSEC_CONTROL} start > /dev/null 2>&1
+	eend $?
+}
+
+stop() {
+	checkconfig || return 1
+	ebegin "Stopping ossec-hids"
+	${OSSEC_CONTROL} stop > /dev/null 2>&1
+	eend $?
+}
+
+restart() {
+	if ! service_started "${myservice}" ; then
+		eerror "OSSEC is not running! Please start it before trying to reload it."
+	else
+		checkconfig || return 1
+		ebegin "Reloading ossec"
+		svc_stop ${OSSEC_CONTROL}
+		svc_start ${OSSEC_CONTROL}
+		eend $?
+	fi
+}
+
+status() {
+	checkconfig || return 1
+	${OSSEC_CONTROL} status
+}
diff --git a/testing/ossec-hids/ossec-hids.logrotate b/testing/ossec-hids/ossec-hids.logrotate
new file mode 100644
index 0000000000..7b6406819f
--- /dev/null
+++ b/testing/ossec-hids/ossec-hids.logrotate
@@ -0,0 +1,5 @@
+/var/ossec/logs/active-responses.log /var/ossec/logs/ossec.log {
+    missingok
+    notifempty
+    copytruncate
+}
diff --git a/testing/ossec-hids/ossec-hids.pre-install b/testing/ossec-hids/ossec-hids.pre-install
new file mode 100755
index 0000000000..8993001c8f
--- /dev/null
+++ b/testing/ossec-hids/ossec-hids.pre-install
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+addgroup -S ossec 2>/dev/null
+adduser -S -D -s /bin/false -h /var/ossec -G ossec -g ossec ossec 2>/dev/null
+adduser -S -D -s /bin/false -h /var/ossec -G ossec -g ossec ossecm 2>/dev/null
+adduser -S -D -s /bin/false -h /var/ossec -G ossec -g ossec ossecr 2>/dev/null
+
+exit 0
+
author	Francesco Colista <fcolista@alpinelinux.org>	2016-11-18 09:56:40 +0000
committer	Francesco Colista <fcolista@alpinelinux.org>	2016-11-18 09:56:44 +0000
commit	e7ab352a8e3f4d163a179db32e3d9755a3c646fb (patch)
tree	d7ed2b397dca5cb762d376404e4ce0385d505d54 /testing/ossec-hids
parent	e97929951431659b385e74003db6cdc7f7f7dbd4 (diff)
download	aports-e7ab352a8e3f4d163a179db32e3d9755a3c646fb.tar.bz2 aports-e7ab352a8e3f4d163a179db32e3d9755a3c646fb.tar.xz