testing/ossec-hids: upgrade to 2.9.3

2025-08-05 05:17:07 +02:00 · 2018-01-18 13:16:27 +00:00 · 2018-01-18 13:16:27 +00:00 · 3159a149be
commit 3159a149be
parent ffd94bf618
3 changed files with 88 additions and 23 deletions
--- a/testing/ossec-hids/APKBUILD
+++ b/testing/ossec-hids/APKBUILD
@ -1,7 +1,7 @@
 # Contributor: Francesco Colista <fcolista@alpinelinux.org>
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=ossec-hids
-pkgver=2.8.3
+pkgver=2.9.3
 pkgrel=0
 pkgdesc="Open Source Host-based Intrusion Detection System"
 url="http://www.ossec.net/"
@ -16,24 +16,34 @@ pkggroups="ossec"
 source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/$pkgname/archive/v$pkgver.tar.gz
 	$pkgname.initd
 	$pkgname.logrotate
-	00_a-out-h-path.patch
-	01_makefile.patch
-	02_ossec-server.conf.patch
 	musl_lack_of_a_out_h.patch
-	alpine-install-server.patch"
+	config"
 builddir="$srcdir/$pkgname-$pkgver"

-build() {
+prepare() {	
+	default_prepare
 	cd "$builddir"
-	make all || return 1
+	export USER_INSTALL_TYPE=server
+	export USER_NO_STOP=yes
+	export USER_DIR=/var/ossec
+	export USER_BINARYINSTALL=x
+	sed -i "s|^OSSEC_INIT.*|OSSEC_INIT=\"$pkgdir/etc/ossec-init.conf\"|" src/init/shared.sh
+}
+
+build() {
+	. "$srcdir"/config
+	cd "$builddir"/src
+	make TARGET=$USER_INSTALL_TYPE
 }

 package() {
 	cd "$builddir"
-	make DESTDIR="$pkgdir" install
+	mkdir -p "$pkgdir"/etc
+	USER_DIR="$pkgdir"/var/ossec ./install.sh
+	sed -i '/DIRECTORY=/c\DIRECTORY="/var/ossec"' "$pkgdir/etc/ossec-init.conf"
 	install -D -m755 "$srcdir"/$pkgname.initd \
-		"$pkgdir"/etc/init.d/$pkgname || return 1
-	install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname || return 1
+		"$pkgdir"/etc/init.d/$pkgname
+	install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname
 	cat << EOF > "$pkgdir"/etc/ossec-init.conf
 DIRECTORY="/var/ossec"
 VERSION="$(cat src/VERSION)"
@ -43,7 +53,10 @@ EOF
 	mkdir -p "$pkgdir"/var/ossec/logs
 	set -- $pkgusers
 	cd src
-	./InstallServer.sh $1 $2 $3 $pkggroups $pkgdir
+	find "$pkgdir" -user nobody -exec chown 524 '{}' ';'
+	find "$pkgdir" -user mail -exec chown 525 '{}' ';'
+	find "$pkgdir" -user daemon -exec chown 526 '{}' ';'
+	find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';'
 }

 doc() {
@ -54,11 +67,8 @@ doc() {
 	  "$subpkgdir"/usr/share/doc/$pkgname
 }

-sha512sums="3ec9504b5a6d36c303710b3aa9cfbe616b40deca671f4814340008b6e5edd9b2094bb7f1b441da788a5eec0f8095a0624ed42b8a8fc922274cd99db634994d1a  ossec-hids-2.8.3.tar.gz
+sha512sums="cfc993ef698d479ead99d4b0fe598208831960af589b7119b6bc680073c5b8aef2395387cadcca00f90a33aab2f0d4a71787b265acf700fb341c377648a245cd  ossec-hids-2.9.3.tar.gz
 62f52d91de3751c149b1c354ebb87c0a8c4a81129403b80a8448c5e6542a67b4aa9e132aab2429781913eb909320b431b381828e414d44235bb8e9a8959e0d8b  ossec-hids.initd
 6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0  ossec-hids.logrotate
-f99f53ce5b84228de33ec3fc0bc4419714d2d7d2167d33629ab6c0d7372060c0eeb3cfc1f0696ddcacfcb7f3280f515b67427f85e5e925aeb0a6c5f6cc54f411  00_a-out-h-path.patch
-1ba449afa65a9374c8fd2b1c2d00897b54c5e8ef2e0be95a1d8a8dd45dfe27d5b19c12f3a075d6021449bc1d2946fdc8c7654ddfce1e55d79d104a3add7e2850  01_makefile.patch
-ee0baecaeacae782f43849e8c3c4afc0aef3cb238748209f8d1d0b2bd94bea59384474caba6a45bb4022e496ef1a50a3877447a3ccd1885a0a942c9cb6051c74  02_ossec-server.conf.patch
-2649b0992c62511c587b5787c5dbb2e997088f905df0a0c3530906224ec000e0ac519c75979d460202c7881df51099787f070ac74a6f8b1d9905509d1154f129  musl_lack_of_a_out_h.patch
-46ada63e1f9ddaf6eb6ed6f2cfaa1e4f16b665307fbab15e34e39444075b9a0e8efef63164d4f90bc47a95720cf3afc0c6f7ff6d892ca018f3739116ca961bd5  alpine-install-server.patch"
+4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b  musl_lack_of_a_out_h.patch
+df760cb8a24c080b016c4cad4d4b1df56ae26d4f94517a7b9d6ccc3d507a7a53f3a46abdddccad3244cacca12857dc3d5b4646ac763788c88cf59686504122d0  config"
--- a/testing/ossec-hids/config
+++ b/testing/ossec-hids/config
@ -0,0 +1,54 @@
+#!/bin/sh
+
+# Do you want to update it? (y/n) [y]:
+export USER_UPDATE=y
+
+# Do you want to update the rules? (y/n) [y]:
+export USER_UPDATE_RULES=y
+
+# User Language:
+export USER_LANGUAGE=en
+
+# Do you want e-mail notification? (y/n) [y]:
+export USER_ENABLE_EMAIL=y
+# What's your e-mail address?
+export USER_EMAIL_ADDRESS=foo@example.com
+#  What's your SMTP server ip/host?
+export USER_EMAIL_SMTP=localhost
+
+# Do you want to run the integrity check daemon? (y/n) [y]:
+export USER_ENABLE_SYSCHECK=y
+
+#Do you want to run the rootkit detection engine? (y/n) [y]:
+export USER_ENABLE_ROOTCHECK=y
+
+#       Active response allows you to execute a specific 
+#       command based on the events received. For example,
+#       you can block an IP address or disable access for
+#       a specific user.  
+#       More information at:
+#       https://ossec.github.io/docs/manual/ar/
+#       
+#   - Do you want to enable active response? (y/n) [y]: 
+export USER_ENABLE_ACTIVE_RESPONSE=y
+
+#   - By default, we can enable the host-deny and the 
+#     firewall-drop responses. The first one will add
+#     a host to the /etc/hosts.deny and the second one
+#     will block the host on iptables (if linux) or on
+#     ipfilter (if Solaris, FreeBSD or NetBSD).
+#   - They can be used to stop SSHD brute force scans, 
+#     portscans and some other forms of attacks. You can 
+#     also add them to block on snort events, for example.
+#
+#   - Do you want to enable the firewall-drop response? (y/n) [y]:
+export USER_ENABLE_FIREWALL_RESPONSE=y
+
+# Do you want to add more IPs to the white list? (y/n)? [n]:
+# if set to y, installer will ask you to enter the list of IPs
+# if you want to use this feature, you must also export USER_NO_STOP=no
+export USER_WHITE_LIST=n
+
+# Do you want to enable remote syslog (port 514 udp)? (y/n) [y]:
+export USER_ENABLE_SYSLOG=y
+
--- a/testing/ossec-hids/musl_lack_of_a_out_h.patch
+++ b/testing/ossec-hids/musl_lack_of_a_out_h.patch
@ -1,12 +1,13 @@
--- a/src/rootcheck/os_string.c.old	2017-05-03 21:21:43.796000000 +0000
-+++ b/src/rootcheck/os_string.c	2017-05-03 21:22:28.128000000 +0000
-@@ -54,7 +54,8 @@
+diff --git a/src/rootcheck/os_string.c b/src/rootcheck/os_string.c
+index e7ca284..85b6d9b 100644
+--- a/src/rootcheck/os_string.c
+++ b/src/rootcheck/os_string.c
+@@ -44,7 +44,7 @@
+ 
 #ifdef SOLARIS
 #include <sys/exechdr.h>
- 
 -#elif defined Darwin || defined HPUX
-+// linux here means musl-linux
 +#elif defined Darwin || defined HPUX || defined linux
 
 /* For some reason darwin does not have that */
- struct exec
+ struct exec {