Fix build as a user.

While there, merge do-install and post-install, and use an option target helper. Sponsored by: Absolight
svn path=/head/; revision=404124
2015-12-21 16:02:55 +00:00 · 2015-12-21 16:02:55 +00:00 · 970c34a2dc · 2021-03-31 03:12:20 +00:00
commit 970c34a2dc
parent d091c3f049
3 changed files with 160 additions and 57 deletions
--- a/security/ossec-hids-server/Makefile
+++ b/security/ossec-hids-server/Makefile
@ -101,8 +101,6 @@ do-install:
 .else
 	@cd ${WRKSRC}/src; ${MAKE} server
 .endif
-
-post-install:
 	@${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc
 .for file in ${STRIP_FILES}
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file}
@ -116,9 +114,8 @@ post-install:
 	${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample
 .endif

-.if ${PORT_OPTIONS:MDOCS}
+post-install-DOCS-on:
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
 	@cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}
-.endif

 .include <bsd.port.post.mk>
--- a/security/ossec-hids-server/files/patch-src__InstallAgent.sh
+++ b/security/ossec-hids-server/files/patch-src__InstallAgent.sh
@ -1,6 +1,6 @@
--- ./src/InstallAgent.sh.orig	2014-07-13 15:25:05.161395378 -0600
-+++ ./src/InstallAgent.sh	2014-07-13 15:25:35.972393742 -0600
-@@ -37,11 +37,11 @@
+--- src/InstallAgent.sh.orig	2015-06-10 15:38:32 UTC
+++ src/InstallAgent.sh
+@@ -37,11 +37,11 @@ fi
 
 # Creating groups/users
 if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then
@ -17,3 +17,107 @@
 
 elif [ "$UNAME" = "SunOS" ]; then
     grep "^${USER}" /etc/passwd > /dev/null 2>&1
+@@ -106,22 +106,17 @@ for i in ${subdirs}; do
+ done
+ 
+ # Default for all directories
+-chmod -R 550 ${DIR}
+-chown -R root:${GROUP} ${DIR}
+chmod -R 750 ${DIR}
+ 
+ # To the ossec queue (default for agentd to read)
+-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
+ chmod -R 770 ${DIR}/queue/ossec
+ 
+ # For the logging user
+-chown -R ${USER}:${GROUP} ${DIR}/logs
+ chmod -R 750 ${DIR}/logs
+ chmod -R 775 ${DIR}/queue/rids
+ touch ${DIR}/logs/ossec.log
+-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
+ chmod 664 ${DIR}/logs/ossec.log
+ 
+-chown -R ${USER}:${GROUP} ${DIR}/queue/diff
+ chmod -R 750 ${DIR}/queue/diff
+ chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
+ 
+@@ -129,8 +124,7 @@ chmod 740 ${DIR}/queue/diff/* > /dev/nul
+ 
+ 
+ # For the etc dir
+-chmod 550 ${DIR}/etc
+-chown -R root:${GROUP} ${DIR}/etc
+chmod 750 ${DIR}/etc
+ 
+ ls /etc/localtime > /dev/null 2>&1
+ if [ $? = 0 ]; then
+@@ -142,13 +136,11 @@ if [ "$UNAME" = "SunOS" ]; then
+     mkdir -p ${DIR}/usr/share/lib/zoneinfo/
+     chmod -R 555 ${DIR}/usr/
+     cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/
+-    chown -R root:${GROUP} ${DIR}/usr/
+ fi    
+ 
+ ls /etc/TIMEZONE > /dev/null 2>&1
+ if [ $? = 0 ]; then
+     cp -p /etc/TIMEZONE ${DIR}/etc/;
+-    chown root:${GROUP} ${DIR}/etc/TIMEZONE
+     chmod 555 ${DIR}/etc/TIMEZONE
+ fi
+             
+@@ -168,25 +160,17 @@ cp -pr ../etc/local_internal_options.con
+ cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1
+ cp -pr agentlessd/scripts/* ${DIR}/agentless/
+ 
+-chown root:${GROUP} ${DIR}/etc/internal_options.conf
+-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
+-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1
+-chown root:${GROUP} ${DIR}/agentless/*
+-chown ${USER}:${GROUP} ${DIR}/.ssh
+-chown -R root:${GROUP} ${DIR}/etc/shared
+-
+-chmod 550 ${DIR}/etc
+chmod 750 ${DIR}/etc
+ chmod 440 ${DIR}/etc/internal_options.conf
+ chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
+ chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1
+ chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it
+-chmod 550 ${DIR}/agentless/*
+chmod 750 ${DIR}/agentless/*
+ chmod 700 ${DIR}/.ssh
+ 
+ 
+ # For the /var/run
+ chmod 770 ${DIR}/var/run
+-chown root:${GROUP} ${DIR}/var/run
+ 
+ 
+ # Moving the binary files
+@@ -200,7 +184,6 @@ cp -pr addagent/manage_agents ${DIR}/bin
+ cp -pr ../contrib/util.sh ${DIR}/bin/
+ cp -pr external/lua/src/ossec-lua ${DIR}/bin/
+ cp -pr external/lua/src/ossec-luac ${DIR}/bin/
+-chown root:${GROUP} ${DIR}/bin/util.sh
+ chmod +x ${DIR}/bin/util.sh
+ 
+ # Copying active response modules
+@@ -208,10 +191,8 @@ sh ./init/fw-check.sh execute > /dev/nul
+ cp -pr ../active-response/*.sh ${DIR}/active-response/bin/
+ cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
+ chmod 755 ${DIR}/active-response/bin/*
+-chown root:${GROUP} ${DIR}/active-response/bin/*
+ 
+-chown root:${GROUP} ${DIR}/bin/*
+-chmod 550 ${DIR}/bin/*
+chmod 750 ${DIR}/bin/*
+ 
+ 
+ # Moving the config file
+@@ -227,7 +208,6 @@ if [ $? = 0 ]; then
+ else    
+     cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf
+ fi
+-chown root:${GROUP} ${DIR}/etc/ossec.conf
+ chmod 440 ${DIR}/etc/ossec.conf
+ 
+ 
--- a/security/ossec-hids-server/files/patch-src__InstallServer.sh
+++ b/security/ossec-hids-server/files/patch-src__InstallServer.sh
@ -1,6 +1,6 @@
--- ./src/InstallServer.sh.orig	2014-05-22 07:10:57.000000000 -0600
-+++ ./src/InstallServer.sh	2014-07-13 15:24:45.552390120 -0600
-@@ -44,13 +44,13 @@
+--- src/InstallServer.sh.orig	2015-06-10 15:38:32 UTC
+++ src/InstallServer.sh
+@@ -44,13 +44,13 @@ fi
 
 # Creating groups/users
 if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then
@ -21,85 +21,73 @@
 
 elif [ "$UNAME" = "SunOS" ]; then
     grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1
-@@ -123,61 +123,61 @@
+@@ -121,63 +121,47 @@ for i in ${subdirs}; do
+ done
+ 
 # Default for all directories
- chmod 550 ${DIR}
- chmod 550 ${DIR}/*
+-chmod 550 ${DIR}
+-chmod 550 ${DIR}/*
 -chown root:${GROUP} ${DIR}
 -chown root:${GROUP} ${DIR}/*
-+#chown root:${GROUP} ${DIR}
-+#chown root:${GROUP} ${DIR}/*
+chmod 750 ${DIR}
+chmod 750 ${DIR}/*
 
 # AnalysisD needs to write to alerts: log, mail and cmds
 -chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
-+#chown -R ${USER}:${GROUP} ${DIR}/queue/alerts
 chmod -R 770 ${DIR}/queue/alerts
 
 # To the ossec queue (default for analysisd to read)
 -chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
-+#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
 chmod -R 770 ${DIR}/queue/ossec
 
 # To the ossec fts queue
 -chown -R ${USER}:${GROUP} ${DIR}/queue/fts
-+#chown -R ${USER}:${GROUP} ${DIR}/queue/fts
 chmod -R 750 ${DIR}/queue/fts
 chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1
 
 # To the ossec syscheck/rootcheck queue
 -chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck
-+#chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck
 chmod -R 750 ${DIR}/queue/syscheck
 chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1
 
 -chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
-+#chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck
 chmod -R 750 ${DIR}/queue/rootcheck
 chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1
 
 -chown ${USER}:${GROUP} ${DIR}/queue/diff
 -chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
-+#chown ${USER}:${GROUP} ${DIR}/queue/diff
-+#chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1
 chmod 750 ${DIR}/queue/diff
 chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
 
 -chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
-+#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info
 chmod -R 750 ${DIR}/queue/agent-info
 chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1
 -chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
-+#chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids
 chmod -R 750 ${DIR}/queue/rids
 chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1
 
 -chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
-+#chown -R ${USER}:${GROUP} ${DIR}/queue/agentless
 chmod -R 750 ${DIR}/queue/agentless
 chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1
 
 
 # For the stats directory
 -chown -R ${USER}:${GROUP} ${DIR}/stats
-+#chown -R ${USER}:${GROUP} ${DIR}/stats
 chmod -R 750 ${DIR}/stats
 
 # For the logging user
 -chown -R ${USER}:${GROUP} ${DIR}/logs
-+#chown -R ${USER}:${GROUP} ${DIR}/logs
 chmod -R 750 ${DIR}/logs
 touch ${DIR}/logs/ossec.log
 -chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
-+#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
 chmod 660 ${DIR}/logs/ossec.log
 
 touch ${DIR}/logs/active-responses.log
 -chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
-+#chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log
 chmod 660 ${DIR}/logs/active-responses.log
 
 # For the rules directory
-@@ -195,7 +195,7 @@
+@@ -195,7 +179,7 @@ if [ $? = 0 ]; then
     fi    
 fi
     
@ -108,47 +96,57 @@
 find ${DIR}/rules/ -type f -exec chmod 440 {} \;
 
 # If the local_rules is saved, moved it back
-@@ -204,18 +204,18 @@
+@@ -204,37 +188,33 @@ if [ $? = 0 ]; then
     mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml
 fi    
 
 -chown -R root:${GROUP} ${DIR}/rules
-+#chown -R root:${GROUP} ${DIR}/rules
- chmod -R 550 ${DIR}/rules
+-chmod -R 550 ${DIR}/rules
+chmod -R 750 ${DIR}/rules
 
 
 # For the etc dir
- chmod 550 ${DIR}/etc
+-chmod 550 ${DIR}/etc
 -chown -R root:${GROUP} ${DIR}/etc
-+#chown -R root:${GROUP} ${DIR}/etc
+chmod 750 ${DIR}/etc
 ls /etc/localtime > /dev/null 2>&1
 if [ $? = 0 ]; then
     cp -pL /etc/localtime ${DIR}/etc/;
     chmod 440 ${DIR}/etc/localtime
 -    chown root:${GROUP} ${DIR}/etc/localtime 
-+    #chown root:${GROUP} ${DIR}/etc/localtime 
 fi
 
 # Solaris Needs some extra files
-@@ -234,7 +234,7 @@
+ if [ "$UNAME" = "SunOS" ]; then
+     mkdir -p ${DIR}/usr/share/lib/zoneinfo/
+-    chmod -R 550 ${DIR}/usr/
+    chmod -R 750 ${DIR}/usr/
+     cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/
+ fi
+ 
+ ls /etc/TIMEZONE > /dev/null 2>&1
+ if [ $? = 0 ]; then
+     cp -p /etc/TIMEZONE ${DIR}/etc/;
+-    chmod 550 ${DIR}/etc/TIMEZONE
+    chmod 750 ${DIR}/etc/TIMEZONE
+ fi
+                         
 
 # For the /var/run
 chmod 770 ${DIR}/var/run
 -chown root:${GROUP} ${DIR}/var/run
-+#chown root:${GROUP} ${DIR}/var/run
 
 # Moving the binary files
 cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \
-@@ -257,7 +257,7 @@
+@@ -257,7 +237,6 @@ cp -pr util/rootcheck_control ${DIR}/bin
 cp -pr external/lua/src/ossec-lua ${DIR}/bin/
 cp -pr external/lua/src/ossec-luac ${DIR}/bin/
 cp -pr ../contrib/util.sh ${DIR}/bin/
 -chown root:${GROUP} ${DIR}/bin/util.sh
-+#chown root:${GROUP} ${DIR}/bin/util.sh
 chmod +x ${DIR}/bin/util.sh
 
 # Local install chosen
-@@ -287,14 +287,14 @@
+@@ -287,23 +266,15 @@ fi
   
 cp -pr ../etc/internal_options.conf ${DIR}/etc/
 cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/
@ -160,30 +158,35 @@
 -chown root:${GROUP} ${DIR}/etc/shared/*
 -chown root:${GROUP} ${DIR}/agentless/*
 -chown ${USER}:${GROUP} ${DIR}/.ssh
-+#chown root:${GROUP} ${DIR}/etc/decoder.xml
-+#chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
-+#chown root:${GROUP} ${DIR}/etc/internal_options.conf
-+#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1
-+#chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1
-+#chown root:${GROUP} ${DIR}/etc/shared/*
-+#chown root:${GROUP} ${DIR}/agentless/*
-+#chown ${USER}:${GROUP} ${DIR}/.ssh
 chmod 440 ${DIR}/etc/decoder.xml
 chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1
 chmod 440 ${DIR}/etc/internal_options.conf
-@@ -314,9 +314,9 @@
+ chmod 440 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1
+ chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1
+-chmod 550 ${DIR}/etc
+chmod 750 ${DIR}/etc
+ chmod 770 ${DIR}/etc/shared
+ chmod 440 ${DIR}/etc/shared/*
+-chmod 550 ${DIR}/agentless/*
+chmod 750 ${DIR}/agentless/*
+ rm ${DIR}/etc/shared/merged.mg >/dev/null 2>&1
+ chmod 700 ${DIR}/.ssh
+ 
+@@ -313,11 +284,9 @@ sh ./init/fw-check.sh execute > /dev/nul
+ cp -p ../active-response/*.sh ${DIR}/active-response/bin/
 cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
 
- chmod 550 ${DIR}/active-response/bin/*
+-chmod 550 ${DIR}/active-response/bin/*
 -chown root:${GROUP} ${DIR}/active-response/bin/*
-+#chown root:${GROUP} ${DIR}/active-response/bin/*
+chmod 750 ${DIR}/active-response/bin/*
 
 -chown root:${GROUP} ${DIR}/bin/*
-+#chown root:${GROUP} ${DIR}/bin/*
- chmod 550 ${DIR}/bin/*
+-chmod 550 ${DIR}/bin/*
+chmod 750 ${DIR}/bin/*
 
 
-@@ -328,12 +328,12 @@
+ # Moving the config file
+@@ -328,12 +297,11 @@ fi
 
 ls ../etc/ossec.mc > /dev/null 2>&1
 if [ $? = 0 ]; then
@ -195,8 +198,7 @@
 fi
 -chown root:${GROUP} ${DIR}/etc/ossec.conf
 -chmod 440 ${DIR}/etc/ossec.conf
-+#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample
-+chmod 440 ${DIR}/etc/ossec.conf.sample
+chmod 640 ${DIR}/etc/ossec.conf.sample