diff options
| author | Dominik Lisiak <dominik.lisiak@bemsoft.pl> | 2018-11-12 16:56:31 +0100 |
|---|---|---|
| committer | Dominik Lisiak <dominik.lisiak@bemsoft.pl> | 2018-11-12 16:56:31 +0100 |
| commit | 0624f21d0fad3d7a153681100668d17ac9242c2d (patch) | |
| tree | ff467351a83ca0c934a94b90bddc0fb78d36632e | |
| parent | Added PostgreSQL support. (diff) | |
| download | ossec-0624f21d0fad3d7a153681100668d17ac9242c2d.tar.xz | |
Allow building as non-root user.
| -rw-r--r-- | security/ossec-hids-local-config/Makefile | 20 | ||||
| -rw-r--r-- | security/ossec-hids-local-config/opt-syscheck.mk | 32 | ||||
| -rw-r--r-- | security/ossec-hids-local/Makefile | 7 | ||||
| -rw-r--r-- | security/ossec-hids-local/files/patch-src_Makefile | 229 |
4 files changed, 256 insertions, 32 deletions
diff --git a/security/ossec-hids-local-config/Makefile b/security/ossec-hids-local-config/Makefile index 4eaaca8..711b299 100644 --- a/security/ossec-hids-local-config/Makefile +++ b/security/ossec-hids-local-config/Makefile @@ -2,7 +2,7 @@ PORTNAME= ossec-hids PORTVERSION= 3.1.0 -PORTREVISION= +PORTREVISION= 1 CATEGORIES= security PKGNAMESUFFIX= -${OSSEC_TYPE}-config @@ -427,17 +427,17 @@ agent-conf-local: do-install: ossec-dirs ossec-scripts ossec-rules ossec-conf-managed ossec-conf-local ossec-conf-sample agent-conf-managed agent-conf-local ossec-permissions: +.if defined(MAINTAINER_MODE) @${CHMOD} -R 550 ${OSSEC_DIR} - @${CHMOD} 640 ${COMMAND_CONF} ${OSSEC_CONF_DIR}/* ${OSSEC_LOCAL_CONF_DIR}/* - @${CHMOD} 550 ${OSSEC_CONF_DIR} ${OSSEC_LOCAL_CONF_DIR} -.if ${OSSEC_TYPE} != agent + @${CHMOD} 640 ${COMMAND_CONF} ${OSSEC_LOCAL_CONF_DIR}/* ${OSSEC_CONF_DIR}/* + @${CHMOD} 550 ${OSSEC_LOCAL_CONF_DIR} ${OSSEC_CONF_DIR} +. if ${OSSEC_TYPE} != agent @${CHMOD} 640 ${RULES_DIR}/* -.endif -.if ${OSSEC_TYPE} == server - @${CHMOD} 640 ${AGENT_CONF_DIR}/* ${AGENT_LOCAL_CONF_DIR}/* - @${CHMOD} 550 ${AGENT_CONF_DIR} ${AGENT_LOCAL_CONF_DIR} -.endif -.if defined(MAINTAINER_MODE) +. endif +. if ${OSSEC_TYPE} == server + @${CHMOD} 640 ${AGENT_LOCAL_CONF_DIR}/* ${AGENT_CONF_DIR}/* + @${CHMOD} 550 ${AGENT_LOCAL_CONF_DIR} ${AGENT_CONF_DIR} +. endif @${CHOWN} -R ${USER}:${OSSEC_GROUP} ${OSSEC_DIR} @${CHOWN} -R ${USER}:${GROUP} ${BIN_DIR} .endif diff --git a/security/ossec-hids-local-config/opt-syscheck.mk b/security/ossec-hids-local-config/opt-syscheck.mk index 5162515..c3d4f6e 100644 --- a/security/ossec-hids-local-config/opt-syscheck.mk +++ b/security/ossec-hids-local-config/opt-syscheck.mk @@ -3,22 +3,6 @@ SYSCHECK_LOCAL_CONF= 530.syscheck.local.conf SYSCHECK_DESC= File Integrity Checking (syscheck) -# Default direcotries -SYSCHECK_BASIC_OPTION= BASIC_SC -SYSCHECK_BASIC_PROFILE= basic -SYSCHECK_BASIC_DESC= "bin", "sbin" and "etc" directories -SYSCHECK_BASIC_DEFINE= server local agent pushed -SYSCHECK_BASIC_DEFAULT= server local pushed -SYSCHECK_OPTIONS+= SYSCHECK_BASIC - -# OSSEC directories -SYSCHECK_OSSEC_OPTION= OSSEC_SC -SYSCHECK_OSSEC_PROFILE= ossec -SYSCHECK_OSSEC_DESC= OSSEC directories -SYSCHECK_OSSEC_DEFINE= server local agent pushed -SYSCHECK_OSSEC_DEFAULT= server local pushed -SYSCHECK_OPTIONS+= SYSCHECK_OSSEC - # Alert new files SYSCHECK_NEWFILES_OPTION= NEWFILES_SC SYSCHECK_NEWFILES_DESC= Alert on new files created @@ -41,6 +25,22 @@ SYSCHECK_HOSTDENY_DEFINE= server local agent pushed SYSCHECK_HOSTDENY_DEFAULT= server local pushed SYSCHECK_OPTIONS+= SYSCHECK_HOSTDENY +# Default direcotries +SYSCHECK_BASIC_OPTION= BASIC_SC +SYSCHECK_BASIC_PROFILE= basic +SYSCHECK_BASIC_DESC= "bin", "sbin" and "etc" directories +SYSCHECK_BASIC_DEFINE= server local agent pushed +SYSCHECK_BASIC_DEFAULT= server local pushed +SYSCHECK_OPTIONS+= SYSCHECK_BASIC + +# OSSEC directories +SYSCHECK_OSSEC_OPTION= OSSEC_SC +SYSCHECK_OSSEC_PROFILE= ossec +SYSCHECK_OSSEC_DESC= OSSEC directories +SYSCHECK_OSSEC_DEFINE= server local agent pushed +SYSCHECK_OSSEC_DEFAULT= server local pushed +SYSCHECK_OPTIONS+= SYSCHECK_OSSEC + # PostgreSQL directory SYSCHECK_PGSQL_OPTION= PGSQL_SC SYSCHECK_PGSQL_PROFILE= postgresql diff --git a/security/ossec-hids-local/Makefile b/security/ossec-hids-local/Makefile index 8a9e538..196b503 100644 --- a/security/ossec-hids-local/Makefile +++ b/security/ossec-hids-local/Makefile @@ -2,7 +2,7 @@ PORTNAME= ossec-hids PORTVERSION= 3.1.0 -PORTREVISION= +PORTREVISION= 1 CATEGORIES= security PKGNAMESUFFIX= -${OSSEC_TYPE} @@ -88,7 +88,6 @@ ZEROMQ_VARS= OSSEC_ARGS+=USE_ZEROMQ=yes MYSQL_VARS= OSSEC_ARGS+=DATABASE=mysql PKGMSG_FILES+=message-database DB_TYPE=mysql DB_SCHEMA=mysql.schema PGSQL_VARS= OSSEC_ARGS+=DATABASE=pgsql PKGMSG_FILES+=message-database DB_TYPE=postgresql DB_SCHEMA=postgresql.schema -OSSEC_ARGS+= TARGET=${OSSEC_TYPE} .if ${OSSEC_TYPE} == agent STRIP_FILES= agent-auth \ manage_agents \ @@ -184,6 +183,10 @@ PKGMSG_FILES= message-header CFLAGS+= -I${LOCALBASE}/include +OSSEC_ARGS+= TARGET=${OSSEC_TYPE} INSTALL_LOCALTIME=no +.if !defined(MAINTAINER_MODE) +OSSEC_ARGS+= INSTALL_CMD=install +.endif BUILD_ARGS+= ${MAKE_ARGS} ${OSSEC_ARGS} PREFIX=${OSSEC_HOME} INSTALL_ARGS+= ${USER_ARGS} ${OSSEC_ARGS} PREFIX=${STAGEDIR}${OSSEC_HOME} diff --git a/security/ossec-hids-local/files/patch-src_Makefile b/security/ossec-hids-local/files/patch-src_Makefile index 18a9290..03afeb1 100644 --- a/security/ossec-hids-local/files/patch-src_Makefile +++ b/security/ossec-hids-local/files/patch-src_Makefile @@ -1,10 +1,231 @@ --- src/Makefile.orig 2018-10-11 22:25:16 UTC +++ src/Makefile -@@ -406,7 +406,6 @@ endif - install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff +@@ -20,6 +20,9 @@ OSSEC_USER?=ossec + OSSEC_USER_MAIL?=ossecm + OSSEC_USER_REM?=ossecr - install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc ++INSTALL_CMD?=install -m $(1) -o $(2) -g $(3) ++INSTALL_LOCALTIME?=yes ++ + USE_PRELUDE?=no + USE_ZEROMQ?=no + USE_GEOIP?=no +@@ -366,10 +369,10 @@ endif + install: install-${TARGET} + + install-agent: install-common +- install -m 0550 -o root -g 0 ossec-agentd ${PREFIX}/bin +- install -m 0550 -o root -g 0 agent-auth ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin + +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids + + install-local: install-server-generic + +@@ -379,127 +382,129 @@ install-server: install-server-generic + + install-common: build + ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX} +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/ +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs +- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/ ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs ++ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log + +- install -d -m 0550 -o root -g 0 ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-logcollector ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-syscheckd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-execd ${PREFIX}/bin +- install -m 0550 -o root -g 0 manage_agents ${PREFIX}/bin +- install -m 0550 -o root -g 0 ../contrib/util.sh ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control ++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control + + ifeq (${LUA_ENABLE},yes) +- install -d -m 0550 -o root -g 0 ${PREFIX}/lua +- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/native +- install -d -m 0550 -o root -g 0 ${PREFIX}/lua/compiled +- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua ++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native ++ $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled ++ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ + endif + +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/queue +- install -d -m 0770 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/alerts +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/ossec +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/syscheck +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue ++ $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff + +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc - install -m 0440 -o root -g ${OSSEC_GROUP} /etc/localtime ${PREFIX}/etc ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc ++ifeq (${INSTALL_LOCALTIME},yes) ++ $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc ++endif + +- install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp ++ $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp + + ifneq (,$(wildcard /etc/TIMEZONE)) +- install -m 440 -o root -g ${OSSEC_GROUP} /etc/TIMEZONE ${PREFIX}/etc/ ++ $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/ + endif + # Solaris Needs some extra files + ifeq (${uname_S},SunOS) +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/usr/share/lib/zoneinfo/ ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/ + cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/ + endif +- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/internal_options.conf ${PREFIX}/etc/ ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/ + ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf)) +- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf + endif + ifeq (,$(wildcard ${PREFIX}/etc/client.keys)) +- install -m 0640 -o root -g ${OSSEC_GROUP} /dev/null ${PREFIX}/etc/client.keys ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys + endif + ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf)) + ifneq (,$(wildcard ../etc/ossec.mc)) +- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/ossec.mc ${PREFIX}/etc/ossec.conf ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf + else +- install -m 0640 -o root -g ${OSSEC_GROUP} ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf + endif + endif + +- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc/shared +- install -m 0640 -o ${OSSEC_USER} -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/ ++ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared ++ $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/ + +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response/bin +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/agentless +- install -m 0550 -o root -g ${OSSEC_GROUP} agentlessd/scripts/* ${PREFIX}/agentless/ ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/ + +- install -d -m 0700 -o root -g ${OSSEC_GROUP} ${PREFIX}/.ssh ++ $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh + +- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/*.sh ${PREFIX}/active-response/bin/ +- install -m 0550 -o root -g ${OSSEC_GROUP} ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/ ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ + +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/var +- install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/var/run ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var ++ $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run + + ./init/fw-check.sh execute + + + + install-server-generic: install-common +- install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/active-responses.log +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/archives +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/alerts +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs/firewall ++ $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall + +- install -m 0550 -o root -g 0 ossec-agentlessd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-analysisd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-monitord ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-reportd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-maild ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-remoted ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-logtest ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-csyslogd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-authd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-dbd ${PREFIX}/bin +- install -m 0550 -o root -g 0 ossec-makelists ${PREFIX}/bin +- install -m 0550 -o root -g 0 verify-agent-conf ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 clear_stats ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 list_agents ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 ossec-regex ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 syscheck_update ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 agent_control ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 syscheck_control ${PREFIX}/bin/ +- install -m 0550 -o root -g 0 rootcheck_control ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin ++ $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/ ++ $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/ + +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/stats +- install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats ++ $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules + ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml)) + cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup +- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules +- install -m 0640 -o root -g ${OSSEC_GROUP} ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml + rm ${PREFIX}/rules/local_rules.xml.installbackup + else +- install -m 0640 -o root -g ${OSSEC_GROUP} -b ../etc/rules/*.xml ${PREFIX}/rules ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules + endif + +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/fts ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts + +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/rootcheck ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck + +- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/agent-info +- install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/agentless ++ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info ++ $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless + +- install -d -m 0750 -o ${OSSEC_USER_REM} -g ${OSSEC_GROUP} ${PREFIX}/queue/rids ++ $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids + +- install -m 0640 -o root -g ${OSSEC_GROUP} ../etc/decoder.xml ${PREFIX}/etc/ ++ $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/ - install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp + rm -f ${PREFIX}/etc/shared/merged.mg |