Date: Tue, 8 Jul 2014 19:53:12 +0000 (UTC) From: Brad Davis <brd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r361282 - in head/security: ossec-hids-client ossec-hids-server/files Message-ID: <201407081953.s68JrCAT059329@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brd (doc committer) Date: Tue Jul 8 19:53:12 2014 New Revision: 361282 URL: http://svnweb.freebsd.org/changeset/ports/361282 QAT: https://qat.redports.org/buildarchive/r361282/ Log: - Fix the permissions so ossec-hids-client will actually start. 1: Based on a submission by Johan PR: 190709 [1] Submitted by: Johan Strom <johan@stromnet.se> [1] Reviewed by: swills@ Modified: head/security/ossec-hids-client/Makefile head/security/ossec-hids-client/pkg-plist.client head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Modified: head/security/ossec-hids-client/Makefile ============================================================================== --- head/security/ossec-hids-client/Makefile Tue Jul 8 19:50:24 2014 (r361281) +++ head/security/ossec-hids-client/Makefile Tue Jul 8 19:53:12 2014 (r361282) @@ -1,6 +1,7 @@ # Created by: Valerio Daelli <valerio.daelli@gmail.com> # $FreeBSD$ +PORTREVISION= 1 COMMENT= The client port of ossec-hids CLIENT_ONLY= yes Modified: head/security/ossec-hids-client/pkg-plist.client ============================================================================== --- head/security/ossec-hids-client/pkg-plist.client Tue Jul 8 19:50:24 2014 (r361281) +++ head/security/ossec-hids-client/pkg-plist.client Tue Jul 8 19:53:12 2014 (r361282) @@ -1,3 +1,4 @@ +@group ossec %%PORTNAME%%/active-response/bin/disable-account.sh %%PORTNAME%%/active-response/bin/firewall-drop.sh %%PORTNAME%%/active-response/bin/host-deny.sh @@ -27,7 +28,9 @@ %%PORTNAME%%/etc/shared/win_applications_rcl.txt @sample %%PORTNAME%%/etc/ossec.conf.sample %%PORTNAME%%/etc/internal_options.conf +@owner ossec %%PORTNAME%%/logs/ossec.log +@owner %%PORTNAME%%/agentless/main.exp %%PORTNAME%%/agentless/sshlogin.exp %%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff @@ -49,11 +52,15 @@ @dirrmtry %%PORTNAME%%/var @dirrmtry %%PORTNAME%%/queue/syscheck @dirrmtry %%PORTNAME%%/queue/rids +@owner ossec @dirrmtry %%PORTNAME%%/queue/ossec @dirrmtry %%PORTNAME%%/queue/diff +@owner @dirrmtry %%PORTNAME%%/queue/alerts @dirrmtry %%PORTNAME%%/queue @dirrmtry %%PORTNAME%%/logs @dirrmtry %%PORTNAME%%/bin +@owner ossec @dirrmtry %%PORTNAME%%/.ssh +@owner @dirrmtry %%PORTNAME%% Modified: head/security/ossec-hids-server/files/patch-src__InstallAgent.sh ============================================================================== --- head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Tue Jul 8 19:50:24 2014 (r361281) +++ head/security/ossec-hids-server/files/patch-src__InstallAgent.sh Tue Jul 8 19:53:12 2014 (r361282) @@ -1,5 +1,5 @@ ---- ./src/InstallAgent.sh.orig 2013-10-29 12:13:44.000000000 -0600 -+++ ./src/InstallAgent.sh 2014-05-16 07:12:31.133178776 -0600 +--- src/InstallAgent.sh.orig 2013-10-29 12:13:44.000000000 -0600 ++++ src/InstallAgent.sh 2014-06-20 10:30:22.531480743 -0600 @@ -37,11 +37,11 @@ # Creating groups/users @@ -17,6 +17,91 @@ elif [ "$UNAME" = "SunOS" ]; then grep "^${USER}" /etc/passwd > /dev/null 2>&1 +@@ -107,21 +107,21 @@ + + # Default for all directories + chmod -R 550 ${DIR} +-chown -R root:${GROUP} ${DIR} ++#chown -R root:${GROUP} ${DIR} + + # To the ossec queue (default for agentd to read) +-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec ++#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec + chmod -R 770 ${DIR}/queue/ossec + + # For the logging user +-chown -R ${USER}:${GROUP} ${DIR}/logs ++#chown -R ${USER}:${GROUP} ${DIR}/logs + chmod -R 750 ${DIR}/logs + chmod -R 775 ${DIR}/queue/rids + touch ${DIR}/logs/ossec.log +-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log ++#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log + chmod 664 ${DIR}/logs/ossec.log + +-chown -R ${USER}:${GROUP} ${DIR}/queue/diff ++#chown -R ${USER}:${GROUP} ${DIR}/queue/diff + chmod -R 750 ${DIR}/queue/diff + chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 + +@@ -130,7 +130,7 @@ + + # For the etc dir + chmod 550 ${DIR}/etc +-chown -R root:${GROUP} ${DIR}/etc ++#chown -R root:${GROUP} ${DIR}/etc + + ls /etc/localtime > /dev/null 2>&1 + if [ $? = 0 ]; then +@@ -168,12 +168,12 @@ + cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 + cp -pr agentlessd/scripts/* ${DIR}/agentless/ + +-chown root:${GROUP} ${DIR}/etc/internal_options.conf +-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/agentless/* +-chown ${USER}:${GROUP} ${DIR}/.ssh +-chown -R root:${GROUP} ${DIR}/etc/shared ++#chown root:${GROUP} ${DIR}/etc/internal_options.conf ++#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 ++#chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 ++#chown root:${GROUP} ${DIR}/agentless/* ++#chown ${USER}:${GROUP} ${DIR}/.ssh ++#chown -R root:${GROUP} ${DIR}/etc/shared + + chmod 550 ${DIR}/etc + chmod 440 ${DIR}/etc/internal_options.conf +@@ -186,7 +186,7 @@ + + # For the /var/run + chmod 770 ${DIR}/var/run +-chown root:${GROUP} ${DIR}/var/run ++#chown root:${GROUP} ${DIR}/var/run + + + # Moving the binary files +@@ -198,7 +198,7 @@ + cp -pr ./init/ossec-client.sh ${DIR}/bin/ossec-control + cp -pr addagent/manage_agents ${DIR}/bin/ + cp -pr ../contrib/util.sh ${DIR}/bin/ +-chown root:${GROUP} ${DIR}/bin/util.sh ++#chown root:${GROUP} ${DIR}/bin/util.sh + chmod +x ${DIR}/bin/util.sh + + # Copying active response modules +@@ -206,9 +206,9 @@ + cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ + cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ + chmod 755 ${DIR}/active-response/bin/* +-chown root:${GROUP} ${DIR}/active-response/bin/* ++#chown root:${GROUP} ${DIR}/active-response/bin/* + +-chown root:${GROUP} ${DIR}/bin/* ++#chown root:${GROUP} ${DIR}/bin/* + chmod 550 ${DIR}/bin/* + + @@ -223,10 +223,10 @@ if [ $? = 0 ]; then cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf @@ -26,7 +111,7 @@ fi -chown root:${GROUP} ${DIR}/etc/ossec.conf -chmod 440 ${DIR}/etc/ossec.conf -+chown root:${GROUP} ${DIR}/etc/ossec.conf.sample ++#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample +chmod 440 ${DIR}/etc/ossec.conf.sample
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201407081953.s68JrCAT059329>