Fix build as a user.
While there, merge do-install and post-install, and use an option target helper. Sponsored by: Absolight
This commit is contained in:
parent
d091c3f049
commit
970c34a2dc
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=404124
@ -101,8 +101,6 @@ do-install:
|
||||
.else
|
||||
@cd ${WRKSRC}/src; ${MAKE} server
|
||||
.endif
|
||||
|
||||
post-install:
|
||||
@${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc
|
||||
.for file in ${STRIP_FILES}
|
||||
${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file}
|
||||
@ -116,9 +114,8 @@ post-install:
|
||||
${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MDOCS}
|
||||
post-install-DOCS-on:
|
||||
@${MKDIR} ${STAGEDIR}${DOCSDIR}
|
||||
@cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}
|
||||
.endif
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- ./src/InstallAgent.sh.orig 2014-07-13 15:25:05.161395378 -0600
|
||||
+++ ./src/InstallAgent.sh 2014-07-13 15:25:35.972393742 -0600
|
||||
@@ -37,11 +37,11 @@
|
||||
--- src/InstallAgent.sh.orig 2015-06-10 15:38:32 UTC
|
||||
+++ src/InstallAgent.sh
|
||||
@@ -37,11 +37,11 @@ fi
|
||||
|
||||
# Creating groups/users
|
||||
if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then
|
||||
@ -17,3 +17,107 @@
|
||||
|
||||
elif [ "$UNAME" = "SunOS" ]; then
|
||||
grep "^${USER}" /etc/passwd > /dev/null 2>&1
|
||||
@@ -106,22 +106,17 @@ for i in ${subdirs}; do
|
||||
done
|
||||
|
||||
# Default for all directories
|
||||
-chmod -R 550 ${DIR}
|
||||
-chown -R root:${GROUP} ${DIR}
|
||||
+chmod -R 750 ${DIR}
|
||||
|
||||
# To the ossec queue (default for agentd to read)
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
|
||||
chmod -R 770 ${DIR}/queue/ossec
|
||||
|
||||
# For the logging user
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/logs
|
||||
chmod -R 750 ${DIR}/logs
|
||||
chmod -R 775 ${DIR}/queue/rids
|
||||
touch ${DIR}/logs/ossec.log
|
||||
-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
|
||||
chmod 664 ${DIR}/logs/ossec.log
|
||||
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/diff
|
||||
chmod -R 750 ${DIR}/queue/diff
|
||||
chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
|
||||
|
||||
@@ -129,8 +124,7 @@ chmod 740 ${DIR}/queue/diff/* > /dev/nul
|
||||
|
||||
|
||||
# For the etc dir
|
||||
-chmod 550 ${DIR}/etc
|
||||
-chown -R root:${GROUP} ${DIR}/etc
|
||||
+chmod 750 ${DIR}/etc
|
||||
|
||||
ls /etc/localtime > /dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
@@ -142,13 +136,11 @@ if [ "$UNAME" = "SunOS" ]; then
|
||||
mkdir -p ${DIR}/usr/share/lib/zoneinfo/
|
||||
chmod -R 555 ${DIR}/usr/
|
||||
cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/
|
||||
- chown -R root:${GROUP} ${DIR}/usr/
|
||||
fi
|
||||
|
||||
ls /etc/TIMEZONE > /dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
cp -p /etc/TIMEZONE ${DIR}/etc/;
|
||||
- chown root:${GROUP} ${DIR}/etc/TIMEZONE
|
||||
chmod 555 ${DIR}/etc/TIMEZONE
|
||||
fi
|
||||
|
||||
@@ -168,25 +160,17 @@ cp -pr ../etc/local_internal_options.con
|
||||
cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1
|
||||
cp -pr agentlessd/scripts/* ${DIR}/agentless/
|
||||
|
||||
-chown root:${GROUP} ${DIR}/etc/internal_options.conf
|
||||
-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
|
||||
-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1
|
||||
-chown root:${GROUP} ${DIR}/agentless/*
|
||||
-chown ${USER}:${GROUP} ${DIR}/.ssh
|
||||
-chown -R root:${GROUP} ${DIR}/etc/shared
|
||||
-
|
||||
-chmod 550 ${DIR}/etc
|
||||
+chmod 750 ${DIR}/etc
|
||||
chmod 440 ${DIR}/etc/internal_options.conf
|
||||
chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
|
||||
chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1
|
||||
chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it
|
||||
-chmod 550 ${DIR}/agentless/*
|
||||
+chmod 750 ${DIR}/agentless/*
|
||||
chmod 700 ${DIR}/.ssh
|
||||
|
||||
|
||||
# For the /var/run
|
||||
chmod 770 ${DIR}/var/run
|
||||
-chown root:${GROUP} ${DIR}/var/run
|
||||
|
||||
|
||||
# Moving the binary files
|
||||
@@ -200,7 +184,6 @@ cp -pr addagent/manage_agents ${DIR}/bin
|
||||
cp -pr ../contrib/util.sh ${DIR}/bin/
|
||||
cp -pr external/lua/src/ossec-lua ${DIR}/bin/
|
||||
cp -pr external/lua/src/ossec-luac ${DIR}/bin/
|
||||
-chown root:${GROUP} ${DIR}/bin/util.sh
|
||||
chmod +x ${DIR}/bin/util.sh
|
||||
|
||||
# Copying active response modules
|
||||
@@ -208,10 +191,8 @@ sh ./init/fw-check.sh execute > /dev/nul
|
||||
cp -pr ../active-response/*.sh ${DIR}/active-response/bin/
|
||||
cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
|
||||
chmod 755 ${DIR}/active-response/bin/*
|
||||
-chown root:${GROUP} ${DIR}/active-response/bin/*
|
||||
|
||||
-chown root:${GROUP} ${DIR}/bin/*
|
||||
-chmod 550 ${DIR}/bin/*
|
||||
+chmod 750 ${DIR}/bin/*
|
||||
|
||||
|
||||
# Moving the config file
|
||||
@@ -227,7 +208,6 @@ if [ $? = 0 ]; then
|
||||
else
|
||||
cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf
|
||||
fi
|
||||
-chown root:${GROUP} ${DIR}/etc/ossec.conf
|
||||
chmod 440 ${DIR}/etc/ossec.conf
|
||||
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- ./src/InstallServer.sh.orig 2014-05-22 07:10:57.000000000 -0600
|
||||
+++ ./src/InstallServer.sh 2014-07-13 15:24:45.552390120 -0600
|
||||
@@ -44,13 +44,13 @@
|
||||
--- src/InstallServer.sh.orig 2015-06-10 15:38:32 UTC
|
||||
+++ src/InstallServer.sh
|
||||
@@ -44,13 +44,13 @@ fi
|
||||
|
||||
# Creating groups/users
|
||||
if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then
|
||||
@ -21,85 +21,73 @@
|
||||
|
||||
elif [ "$UNAME" = "SunOS" ]; then
|
||||
grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
|
||||
@@ -123,61 +123,61 @@
|
||||
@@ -121,63 +121,47 @@ for i in ${subdirs}; do
|
||||
done
|
||||
|
||||
# Default for all directories
|
||||
chmod 550 ${DIR}
|
||||
chmod 550 ${DIR}/*
|
||||
-chmod 550 ${DIR}
|
||||
-chmod 550 ${DIR}/*
|
||||
-chown root:${GROUP} ${DIR}
|
||||
-chown root:${GROUP} ${DIR}/*
|
||||
+#chown root:${GROUP} ${DIR}
|
||||
+#chown root:${GROUP} ${DIR}/*
|
||||
+chmod 750 ${DIR}
|
||||
+chmod 750 ${DIR}/*
|
||||
|
||||
# AnalysisD needs to write to alerts: log, mail and cmds
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
|
||||
chmod -R 770 ${DIR}/queue/alerts
|
||||
|
||||
# To the ossec queue (default for analysisd to read)
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
|
||||
chmod -R 770 ${DIR}/queue/ossec
|
||||
|
||||
# To the ossec fts queue
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/fts
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/queue/fts
|
||||
chmod -R 750 ${DIR}/queue/fts
|
||||
chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1
|
||||
|
||||
# To the ossec syscheck/rootcheck queue
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck
|
||||
chmod -R 750 ${DIR}/queue/syscheck
|
||||
chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1
|
||||
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
|
||||
chmod -R 750 ${DIR}/queue/rootcheck
|
||||
chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1
|
||||
|
||||
-chown ${USER}:${GROUP} ${DIR}/queue/diff
|
||||
-chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
|
||||
+#chown ${USER}:${GROUP} ${DIR}/queue/diff
|
||||
+#chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
|
||||
chmod 750 ${DIR}/queue/diff
|
||||
chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
|
||||
|
||||
-chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
|
||||
+#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
|
||||
chmod -R 750 ${DIR}/queue/agent-info
|
||||
chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1
|
||||
-chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
|
||||
+#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
|
||||
chmod -R 750 ${DIR}/queue/rids
|
||||
chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1
|
||||
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
|
||||
chmod -R 750 ${DIR}/queue/agentless
|
||||
chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1
|
||||
|
||||
|
||||
# For the stats directory
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/stats
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/stats
|
||||
chmod -R 750 ${DIR}/stats
|
||||
|
||||
# For the logging user
|
||||
-chown -R ${USER}:${GROUP} ${DIR}/logs
|
||||
+#chown -R ${USER}:${GROUP} ${DIR}/logs
|
||||
chmod -R 750 ${DIR}/logs
|
||||
touch ${DIR}/logs/ossec.log
|
||||
-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
|
||||
+#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
|
||||
chmod 660 ${DIR}/logs/ossec.log
|
||||
|
||||
touch ${DIR}/logs/active-responses.log
|
||||
-chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
|
||||
+#chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
|
||||
chmod 660 ${DIR}/logs/active-responses.log
|
||||
|
||||
# For the rules directory
|
||||
@@ -195,7 +195,7 @@
|
||||
@@ -195,7 +179,7 @@ if [ $? = 0 ]; then
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -108,47 +96,57 @@
|
||||
find ${DIR}/rules/ -type f -exec chmod 440 {} \;
|
||||
|
||||
# If the local_rules is saved, moved it back
|
||||
@@ -204,18 +204,18 @@
|
||||
@@ -204,37 +188,33 @@ if [ $? = 0 ]; then
|
||||
mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml
|
||||
fi
|
||||
|
||||
-chown -R root:${GROUP} ${DIR}/rules
|
||||
+#chown -R root:${GROUP} ${DIR}/rules
|
||||
chmod -R 550 ${DIR}/rules
|
||||
-chmod -R 550 ${DIR}/rules
|
||||
+chmod -R 750 ${DIR}/rules
|
||||
|
||||
|
||||
# For the etc dir
|
||||
chmod 550 ${DIR}/etc
|
||||
-chmod 550 ${DIR}/etc
|
||||
-chown -R root:${GROUP} ${DIR}/etc
|
||||
+#chown -R root:${GROUP} ${DIR}/etc
|
||||
+chmod 750 ${DIR}/etc
|
||||
ls /etc/localtime > /dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
cp -pL /etc/localtime ${DIR}/etc/;
|
||||
chmod 440 ${DIR}/etc/localtime
|
||||
- chown root:${GROUP} ${DIR}/etc/localtime
|
||||
+ #chown root:${GROUP} ${DIR}/etc/localtime
|
||||
fi
|
||||
|
||||
# Solaris Needs some extra files
|
||||
@@ -234,7 +234,7 @@
|
||||
if [ "$UNAME" = "SunOS" ]; then
|
||||
mkdir -p ${DIR}/usr/share/lib/zoneinfo/
|
||||
- chmod -R 550 ${DIR}/usr/
|
||||
+ chmod -R 750 ${DIR}/usr/
|
||||
cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/
|
||||
fi
|
||||
|
||||
ls /etc/TIMEZONE > /dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
cp -p /etc/TIMEZONE ${DIR}/etc/;
|
||||
- chmod 550 ${DIR}/etc/TIMEZONE
|
||||
+ chmod 750 ${DIR}/etc/TIMEZONE
|
||||
fi
|
||||
|
||||
|
||||
# For the /var/run
|
||||
chmod 770 ${DIR}/var/run
|
||||
-chown root:${GROUP} ${DIR}/var/run
|
||||
+#chown root:${GROUP} ${DIR}/var/run
|
||||
|
||||
# Moving the binary files
|
||||
cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \
|
||||
@@ -257,7 +257,7 @@
|
||||
@@ -257,7 +237,6 @@ cp -pr util/rootcheck_control ${DIR}/bin
|
||||
cp -pr external/lua/src/ossec-lua ${DIR}/bin/
|
||||
cp -pr external/lua/src/ossec-luac ${DIR}/bin/
|
||||
cp -pr ../contrib/util.sh ${DIR}/bin/
|
||||
-chown root:${GROUP} ${DIR}/bin/util.sh
|
||||
+#chown root:${GROUP} ${DIR}/bin/util.sh
|
||||
chmod +x ${DIR}/bin/util.sh
|
||||
|
||||
# Local install chosen
|
||||
@@ -287,14 +287,14 @@
|
||||
@@ -287,23 +266,15 @@ fi
|
||||
|
||||
cp -pr ../etc/internal_options.conf ${DIR}/etc/
|
||||
cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/
|
||||
@ -160,30 +158,35 @@
|
||||
-chown root:${GROUP} ${DIR}/etc/shared/*
|
||||
-chown root:${GROUP} ${DIR}/agentless/*
|
||||
-chown ${USER}:${GROUP} ${DIR}/.ssh
|
||||
+#chown root:${GROUP} ${DIR}/etc/decoder.xml
|
||||
+#chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
|
||||
+#chown root:${GROUP} ${DIR}/etc/internal_options.conf
|
||||
+#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1
|
||||
+#chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1
|
||||
+#chown root:${GROUP} ${DIR}/etc/shared/*
|
||||
+#chown root:${GROUP} ${DIR}/agentless/*
|
||||
+#chown ${USER}:${GROUP} ${DIR}/.ssh
|
||||
chmod 440 ${DIR}/etc/decoder.xml
|
||||
chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
|
||||
chmod 440 ${DIR}/etc/internal_options.conf
|
||||
@@ -314,9 +314,9 @@
|
||||
chmod 440 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1
|
||||
chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1
|
||||
-chmod 550 ${DIR}/etc
|
||||
+chmod 750 ${DIR}/etc
|
||||
chmod 770 ${DIR}/etc/shared
|
||||
chmod 440 ${DIR}/etc/shared/*
|
||||
-chmod 550 ${DIR}/agentless/*
|
||||
+chmod 750 ${DIR}/agentless/*
|
||||
rm ${DIR}/etc/shared/merged.mg >/dev/null 2>&1
|
||||
chmod 700 ${DIR}/.ssh
|
||||
|
||||
@@ -313,11 +284,9 @@ sh ./init/fw-check.sh execute > /dev/nul
|
||||
cp -p ../active-response/*.sh ${DIR}/active-response/bin/
|
||||
cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
|
||||
|
||||
chmod 550 ${DIR}/active-response/bin/*
|
||||
-chmod 550 ${DIR}/active-response/bin/*
|
||||
-chown root:${GROUP} ${DIR}/active-response/bin/*
|
||||
+#chown root:${GROUP} ${DIR}/active-response/bin/*
|
||||
+chmod 750 ${DIR}/active-response/bin/*
|
||||
|
||||
-chown root:${GROUP} ${DIR}/bin/*
|
||||
+#chown root:${GROUP} ${DIR}/bin/*
|
||||
chmod 550 ${DIR}/bin/*
|
||||
-chmod 550 ${DIR}/bin/*
|
||||
+chmod 750 ${DIR}/bin/*
|
||||
|
||||
|
||||
@@ -328,12 +328,12 @@
|
||||
# Moving the config file
|
||||
@@ -328,12 +297,11 @@ fi
|
||||
|
||||
ls ../etc/ossec.mc > /dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
@ -195,8 +198,7 @@
|
||||
fi
|
||||
-chown root:${GROUP} ${DIR}/etc/ossec.conf
|
||||
-chmod 440 ${DIR}/etc/ossec.conf
|
||||
+#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample
|
||||
+chmod 440 ${DIR}/etc/ossec.conf.sample
|
||||
+chmod 640 ${DIR}/etc/ossec.conf.sample
|
||||
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user