Date: Mon, 25 Oct 1999 05:43:02 -0700 (PDT) From: Cy.Schubert@uumail.gov.bc.ca To: FreeBSD-gnats-submit@freebsd.org Subject: ports/14515: New Tripwire 1.3 Port Message-ID: <199910251243.FAA71650@cwsys.cwsent.com>
next in thread | raw e-mail | index | archive | help
>Number: 14515 >Category: ports >Synopsis: New Tripwire 1.3 Port >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Oct 25 05:50:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Cy Schubert >Release: FreeBSD 3.3-RELEASE i386 >Organization: ITSD, Province of BC >Environment: FreeBSD cwsys 3.3-RELEASE FreeBSD 3.3-RELEASE #0: Wed Oct 13 08:09:56 PDT 1999 root@cwsys:/opt2/cvs-330/src/sys/compile/CWSYS i386 >Description: New Tripwire 1.3 port. The copyright does not appear restrictive, however the sales staff at TripwireSecurity call it the "academic version". >How-To-Repeat: N/A >Fix: Enclosed is a shar archive. This has been running on various FreeBSD systems for about 1 year. # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # tripwire13 # tripwire13/files # tripwire13/files/twcheck # tripwire13/files/md5 # tripwire13/files/conf-freebsd2.h # tripwire13/files/tw.conf.freebsd2 # tripwire13/patches # tripwire13/patches/patch-ad # tripwire13/patches/patch-aa # tripwire13/patches/patch-ab # tripwire13/patches/patch-ac # tripwire13/pkg # tripwire13/pkg/COMMENT # tripwire13/pkg/DESCR # tripwire13/pkg/PLIST # tripwire13/Makefile # echo c - tripwire13 mkdir -p tripwire13 > /dev/null 2>&1 echo c - tripwire13/files mkdir -p tripwire13/files > /dev/null 2>&1 echo x - tripwire13/files/twcheck sed 's/^X//' >tripwire13/files/twcheck << 'END-of-tripwire13/files/twcheck' X#! /bin/sh - X X./gunzip < tw.db_`hostname`.gz | ./tripwire -dfd 0 -c tw.config END-of-tripwire13/files/twcheck echo x - tripwire13/files/md5 sed 's/^X//' >tripwire13/files/md5 << 'END-of-tripwire13/files/md5' XMD5 (tripwire-1.30-1.tar.gz) = fd3374db2ba26fe11428e5fac3a98cfa END-of-tripwire13/files/md5 echo x - tripwire13/files/conf-freebsd2.h sed 's/^X//' >tripwire13/files/conf-freebsd2.h << 'END-of-tripwire13/files/conf-freebsd2.h' X/* $Id: conf-freebsd2.h,v 1.1.1.1 1997/04/01 04:44:00 jdp Exp $ */ X X/* X * conf-freebsd2.h X * X * Tripwire configuration file X * X * Joe Greco X * sol.net Network Services X * Derived from the other BSD config.h's X */ X X/*** X *** Operating System specifics X *** X *** If the answer to a question in the comment is "Yes", then X *** change the corresponding "#undef" to a "#define" X ***/ X X/* X * is your OS a System V derivitive? if so, what version? X * (e.g., define SYSV 4) X */ X X#undef SYSV X X/* X * does your system have a <malloc.h> like System V? X */ X X#undef MALLOCH X X/* X * does your system have a <stdlib.h> like POSIX says you should? X */ X X#define STDLIBH X X/* X * does your system use readdir(3) that returns (struct dirent *)? X */ X X#define DIRENT X X/* X * is #include <string.h> ok? (as opposed to <strings.h>) X */ X X#define STRINGH X X/* X * does your system have gethostname(2) (instead of uname(2))? X */ X X#define GETHOSTNAME END-of-tripwire13/files/conf-freebsd2.h echo x - tripwire13/files/tw.conf.freebsd2 sed 's/^X//' >tripwire13/files/tw.conf.freebsd2 << 'END-of-tripwire13/files/tw.conf.freebsd2' X# $Id: tw.conf.freebsd2,v 1.3 1998/07/28 17:54:21 obrien Exp $ X# X# tripwire.config X# Generic version for FreeBSD X# Will need editing...see comments below X# X# This file contains a list of files and directories that System X# Preener will scan. Information collected from these files will be X# stored in the tripwire.database file. X# X# Format: [!|=] entry [ignore-flags] X# X# where: '!' signifies the entry is to be pruned (inclusive) from X# the list of files to be scanned. X# '=' signifies the entry is to be added, but if it is X# a directory, then all its contents are pruned X# (useful for /tmp). X# X# where: entry is the absolute pathname of a file or a directory X# X# where ignore-flags are in the format: X# [template][ [+|-][pinugsam12] ... ] X# X# - : ignore the following atributes X# + : do not ignore the following attributes X# X# p : permission and file mode bits a: access timestamp X# i : inode number m: modification timestamp X# n : number of links (ref count) c: inode creation timestamp X# u : user id of owner 1: signature 1 X# g : group id of owner 2: signature 2 X# s : size of file X# X# X# Ex: The following entry will scan all the files in /etc, and report X# any changes in mode bits, inode number, reference count, uid, X# gid, modification and creation timestamp, and the signatures. X# However, it will ignore any changes in the access timestamp. X# X# /etc +pinugsm12-a X# X# The following templates have been pre-defined to make these long ignore X# mask descriptions unecessary. X# X# Templates: (default) R : [R]ead-only (+pinugsm12-a) X# L : [L]og file (+pinug-sam12) X# N : ignore [N]othing (+pinusgsamc12) X# E : ignore [E]verything (-pinusgsamc12) X# X# By default, Tripwire uses the R template -- it ignores X# only the access timestamp. X# X# You can use templates with modifiers, like: X# Ex: /etc/lp E+ug X# X# Example configuration file: X# /etc R # all system files X# !/etc/lp R # ...but not those logs X# =/tmp N # just the directory, not its files X# X# Note the difference between pruning (via "!") and ignoring everything X# (via "E" template): Ignoring everything in a directory still monitors X# for added and deleted files. Pruning a directory will prevent Tripwire X# from even looking in the specified directory. X# X# X# Tripwire running slowly? Modify your tripwire.config entries to X# ignore the (signature 2) attribute when this computationally-exorbitant X# protection is not needed. (See README and design document for further X# details.) X# X X# First, root's traditional "home". Note that FreeBSD's root's home (/root) X# is protected by R-2 protections in the default config file. X=/ L X/.rhosts R # may not exist X/.profile R # may not exist X/.cshrc R # may not exist X/.login R # may not exist X/.exrc R # may not exist X/.logout R # may not exist X/.forward R # may not exist X X# Unix itself X/kernel R X X# /bin X/bin R-2 X X# /dev X/dev L X X# /etc X/etc R-2 X/etc/aliases L X/etc/dumpdates L X/etc/motd L X X# my passwd database should be static at time of system build. yours may X# not be, if not, uncomment the lines below. X X# /etc/passwd L X# /etc/master.passwd L X# /etc/pwd.db L X# /etc/spwd.db L X X# /home X=/home X X# /lkm X/lkm R-2 X X# /root X/root R-2 X/root/.history L X X# /sbin X/sbin R-2 X X# /stand X/stand R-2 X X# /usr/bin X/usr/bin R-2 X X/usr/include R-12 X X/usr/lib R-2 X X/usr/libdata R-2 X X/usr/libexec R-2 X X/usr/local/bin R-2 X X/usr/local/etc L X X/usr/local/lib R-2 X X/usr/local/libexec R-2 X X/usr/local/sbin R-2 X X/usr/local/share R-2 X X/usr/sbin R-2 X X/usr/share R-2 X X########################################### END-of-tripwire13/files/tw.conf.freebsd2 echo c - tripwire13/patches mkdir -p tripwire13/patches > /dev/null 2>&1 echo x - tripwire13/patches/patch-ad sed 's/^X//' >tripwire13/patches/patch-ad << 'END-of-tripwire13/patches/patch-ad' X--- src/Makefile.orig Mon Jul 20 11:11:48 1998 X+++ src/Makefile Fri Mar 19 16:54:23 1999 X@@ -104,8 +104,8 @@ X $(CC) $(CFLAGS) -c $< X X install: tripwire X- $(INSTALL) tripwire $(DESTDIR) -m 555 X- $(INSTALL) siggen $(DESTDIR) -m 555 X+ $(INSTALL) -f noschg -s -m 555 tripwire $(DESTDIR) X+ $(INSTALL) -f noschg -s -m 555 siggen $(DESTDIR) X X clean: X -rm -f $(OFILES) config.lex.c config.pre.c y.tab.c lex.yy.c help.c \ END-of-tripwire13/patches/patch-ad echo x - tripwire13/patches/patch-aa sed 's/^X//' >tripwire13/patches/patch-aa << 'END-of-tripwire13/patches/patch-aa' X*** include/config.h.orig Fri Jul 15 06:02:52 1994 X--- include/config.h Sun Dec 31 18:56:20 1989 X*************** X*** 17,23 **** X *** file that corresponds with your operating system. X ***/ X X! #include "../configs/conf-svr4.h" X X #ifdef TW_TYPE32 X typedef TW_TYPE32 int32; X--- 17,23 ---- X *** file that corresponds with your operating system. X ***/ X X! #include "../configs/conf-freebsd2.h" X X #ifdef TW_TYPE32 X typedef TW_TYPE32 int32; X*************** X*** 103,110 **** X #endif X */ X X! #define CONFIG_PATH "/usr/local/bin/tw" X! #define DATABASE_PATH "/var/tripwire" X X /******* name of Tripwire files ************************************** X * X--- 103,110 ---- X #endif X */ X X! # define CONFIG_PATH "/var/adm/tcheck" X! # define DATABASE_PATH "/var/adm/tcheck/databases" X X /******* name of Tripwire files ************************************** X * END-of-tripwire13/patches/patch-aa echo x - tripwire13/patches/patch-ab sed 's/^X//' >tripwire13/patches/patch-ab << 'END-of-tripwire13/patches/patch-ab' X--- Makefile.orig Mon Jul 20 11:11:48 1998 X+++ Makefile Fri Mar 19 17:19:27 1999 X@@ -10,11 +10,11 @@ X ### X X # destination directory for final executables X-DESTDIR = /usr/local/bin/tw X-DATADIR = /var/tripwire X+DESTDIR = /usr/local/bin X+DATADIR = /var/adm/tcheck X X # destination for man pages X-MANDIR = /usr/man X+MANDIR = /usr/local/man X X # system utilities X LEX = lex X@@ -106,10 +106,8 @@ X $(INSTALL) -d $(DESTDIR) X (cd src; make INSTALL=$(INSTALL) DESTDIR=$(DESTDIR) install) X (cd man; make INSTALL=$(INSTALL) MANDIR=$(MANDIR) install) X- (cd configs; $(INSTALL) tw.config $(DESTDIR) -m 444) X- chmod 555 $(DESTDIR) X- $(INSTALL) -d $(DATADIR) -m 0755 X- $(INSTALL) tests/tw.db_TEST $(DATADIR) -m 444 X+ $(INSTALL) -m 0755 -d $(DATADIR) X+ (cd configs; $(INSTALL) -m 444 tw.config $(DATADIR)) X X test: all X (cd tests; make HOSTNAME=$(HOSTNAME) DIST=$(DIST) SHELL=$(SHELL) \ END-of-tripwire13/patches/patch-ab echo x - tripwire13/patches/patch-ac sed 's/^X//' >tripwire13/patches/patch-ac << 'END-of-tripwire13/patches/patch-ac' XThis patch eliminates a compiler warning about LITTLE_ENDIAN begin Xredefined. X X*** sigs/sha/sha.c.orig Mon Jul 25 08:46:45 1994 X--- sigs/sha/sha.c Mon Mar 31 19:55:23 1997 X*************** X*** 47,52 **** X--- 47,54 ---- X #include "sha.h" X X #if BYTEORDER == 0x1234 X+ #undef BIG_ENDIAN X+ #undef LITTLE_ENDIAN X #define LITTLE_ENDIAN X #endif X END-of-tripwire13/patches/patch-ac echo c - tripwire13/pkg mkdir -p tripwire13/pkg > /dev/null 2>&1 echo x - tripwire13/pkg/COMMENT sed 's/^X//' >tripwire13/pkg/COMMENT << 'END-of-tripwire13/pkg/COMMENT' XFile system security and verification program. END-of-tripwire13/pkg/COMMENT echo x - tripwire13/pkg/DESCR sed 's/^X//' >tripwire13/pkg/DESCR << 'END-of-tripwire13/pkg/DESCR' XTripwire is a tool that aids system administrators and Xusers in monitoring a designated set of files for any changes. XUsed with system files on a regular (e.g., daily) basis, Tripwire Xcan notify system administrators of corrupted or tampered files, Xso damage control measures can be taken in a timely manner. X XIf "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the X"make" command line, this port will write the tripwire database to Xa floppy disk, which should then be write-protected and used as a Xreference for future runs. The diskette should be formatted and Xpresent in the "A" drive before starting the "make install" step. X XJoe Greco <jgreco@ns.sol.net> END-of-tripwire13/pkg/DESCR echo x - tripwire13/pkg/PLIST sed 's/^X//' >tripwire13/pkg/PLIST << 'END-of-tripwire13/pkg/PLIST' Xbin/tripwire Xbin/siggen END-of-tripwire13/pkg/PLIST echo x - tripwire13/Makefile sed 's/^X//' >tripwire13/Makefile << 'END-of-tripwire13/Makefile' X# New ports collection makefile for: tripwire X# Version required: 1.2 X# Date created: 31 Mar 1997 X# Whom: Joe Greco <jgreco@ns.sol.net> X# X# $Id: Makefile,v 1.4 1998/12/01 08:33:29 asami Exp $ X# X XDISTNAME= tripwire-1.30-1 XCATEGORIES= security net X XMAINTAINER= Cy.Schubert@uumail.gov.bc.ca X XMAN5= tw.config.5 XMAN8= siggen.8 tripwire.8 XNO_CDROM= "cannot be redistributed for more than the cost of duplication" XNO_PACKAGE= "requires local database to be built" XRESTRICTED= "contains crypto class algorithms" X X# .if !exists(${DISTDIR}/${DISTNAME}${EXTRACT_SUFX}) X# IGNORE='Please read http://www.tripwiresecurity.com/ for details of how to obtain the Tripwire source. Put the file ${DISTNAME}${EXTRACT_SUFX} into the directory ${DISTDIR} and run make again.' X# .endif X Xpre-configure: X @ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs X @ ${CP} ${FILESDIR}/tw.conf.freebsd2 ${WRKSRC}/configs/tw.conf.freebsd2 X Xpost-install: X @ ${MKDIR} /var/adm/tcheck X @ ${CP} ${FILESDIR}/tw.conf.freebsd2 /var/adm/tcheck/tw.config X @ ${ECHO} Creating tripwire database X @ (cd /var/adm/tcheck; tripwire -initialize) X.if defined(TRIPWIRE_FLOPPY) && ${TRIPWIRE_FLOPPY} == YES X @ disklabel -w -B /dev/rfd0c fd1440 X @ newfs -u 0 -t 0 -i 196608 -m 0 -T minimum -o space /dev/rfd0c X @ mount /dev/fd0c /mnt X @ ${GZIP_CMD} < ${PREFIX}/bin/tripwire > /mnt/tripwire X @ ${CP} -p /var/adm/tcheck/tw.config /mnt/tw.config X @ ${GZIP_CMD} < /var/adm/tcheck/databases/tw.db_`hostname` \ X > /mnt/tw.db_`hostname`.gz X @ ${CP} -p ${FILESDIR}/twcheck /mnt/twcheck X @ ${GZIP_CMD} < /usr/bin/gunzip > /mnt/gunzip X @ chmod 555 /mnt/tripwire /mnt/gunzip /mnt/twcheck X @ umount /mnt X @ ${ECHO} Do not forget to remove and write-protect the floppy. X.endif X X.include <bsd.port.mk> END-of-tripwire13/Makefile exit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910251243.FAA71650>