diff options
| author | Dominik Lisiak <dominik.lisiak@bemsoft.pl> | 2019-06-02 18:14:05 +0200 |
|---|---|---|
| committer | Dominik Lisiak <dominik.lisiak@bemsoft.pl> | 2019-06-02 18:14:05 +0200 |
| commit | 1b81f7ecbcd98e895d9bb2fd87114ea8afa59a69 (patch) | |
| tree | 7931c4b22b7a288319e8df847124a59854a55599 | |
| parent | Upgrade to 3.3.0. (diff) | |
| download | ossec-1b81f7ecbcd98e895d9bb2fd87114ea8afa59a69.tar.xz | |
Removed false positives from "poudriere testport".
| -rw-r--r-- | security/ossec-hids-local-config/scripts/plist.conf | 10 | ||||
| -rw-r--r-- | security/ossec-hids-local-config/scripts/plist.sh | 9 | ||||
| -rw-r--r-- | security/ossec-hids-local/Makefile | 9 | ||||
| -rw-r--r-- | security/ossec-hids-local/scripts/plist.conf | 30 | ||||
| -rw-r--r-- | security/ossec-hids-local/scripts/plist.sh | 29 | ||||
| -rw-r--r-- | security/ossec-hids-local/scripts/sanitize-stage.sh | 16 |
6 files changed, 65 insertions, 38 deletions
diff --git a/security/ossec-hids-local-config/scripts/plist.conf b/security/ossec-hids-local-config/scripts/plist.conf new file mode 100644 index 0000000..1f03dd1 --- /dev/null +++ b/security/ossec-hids-local-config/scripts/plist.conf @@ -0,0 +1,10 @@ +#!/bin/sh + +fixed_lines="" +skip_lines="" +skip_paths="" + +sample_paths=" +/etc/command.conf.sample +/etc/ossec.conf.d/900.local.conf.sample +/etc/agent.conf.d/900.local.conf.sample" diff --git a/security/ossec-hids-local-config/scripts/plist.sh b/security/ossec-hids-local-config/scripts/plist.sh index a58b25a..b1915c4 100644 --- a/security/ossec-hids-local-config/scripts/plist.sh +++ b/security/ossec-hids-local-config/scripts/plist.sh @@ -11,14 +11,7 @@ PLIST=$3 WORKDIR=$4 STAGEDIR=$5 -fixed_lines="" -skip_lines="" -skip_paths="" - -sample_paths=" -/etc/command.conf.sample -/etc/ossec.conf.d/900.local.conf.sample -/etc/agent.conf.d/900.local.conf.sample" +. $(dirname "$0")/plist.conf NL=$'\n' IFS=${NL} diff --git a/security/ossec-hids-local/Makefile b/security/ossec-hids-local/Makefile index 54433b3..b6de6c5 100644 --- a/security/ossec-hids-local/Makefile +++ b/security/ossec-hids-local/Makefile @@ -46,14 +46,17 @@ PGSQL_USES= pgsql USE_GITHUB= yes GH_ACCOUNT= ossec + USE_RC_SUBR= ossec-hids -.if ${OSSEC_TYPE} != agent USES+= shebangfix +SHEBANG_FILES= active-response/ossec-pagerduty.sh + +.if ${OSSEC_TYPE} != agent SHEBANG_LANG= expect expect_OLD_CMD= "/usr/bin/env expect" expect_CMD= ${LOCALBASE}/bin/expect -SHEBANG_FILES= src/agentlessd/scripts/main.exp \ +SHEBANG_FILES+= src/agentlessd/scripts/main.exp \ src/agentlessd/scripts/ssh.exp \ src/agentlessd/scripts/ssh_asa-fwsmconfig_diff \ src/agentlessd/scripts/ssh_foundry_diff \ @@ -215,6 +218,8 @@ post-install: @${CHMOD} 550 ${STAGEDIR}${RESTART_OSSEC_BIN} .if defined(MAINTAINER_MODE) @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${RESTART_OSSEC_BIN} +.else + @${SH} ${SCRIPTDIR}/sanitize-stage.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${STAGEDIR} .endif .if ${OSSEC_TYPE} == agent diff --git a/security/ossec-hids-local/scripts/plist.conf b/security/ossec-hids-local/scripts/plist.conf new file mode 100644 index 0000000..847f6a8 --- /dev/null +++ b/security/ossec-hids-local/scripts/plist.conf @@ -0,0 +1,30 @@ +#!/bin/sh + +fixed_lines=" +%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua +%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac" +if [ "${OSSEC_TYPE}" != "agent" ]; then + fixed_lines="${fixed_lines} +%%MYSQL%%%%DOCSDIR%%/mysql.schema +%%PGSQL%%%%DOCSDIR%%/postgresql.schema" +fi + +skip_lines=" +%%PORTDOCS%%%%DOCSDIR%%/mysql.schema +%%PORTDOCS%%%%DOCSDIR%%/postgresql.schema" + +skip_paths=" +/etc/ossec.conf +/etc/client.keys +/logs/active-responses.log +/logs/ossec.log +/lua" +if [ "${OSSEC_TYPE}" = "agent" ]; then + skip_paths="${skip_paths} +/rules +/agentless +/.ssh" +fi + +sample_paths=" +/etc/local_internal_options.conf.sample" diff --git a/security/ossec-hids-local/scripts/plist.sh b/security/ossec-hids-local/scripts/plist.sh index e5ef2c1..b1915c4 100644 --- a/security/ossec-hids-local/scripts/plist.sh +++ b/security/ossec-hids-local/scripts/plist.sh @@ -11,34 +11,7 @@ PLIST=$3 WORKDIR=$4 STAGEDIR=$5 -fixed_lines=" -%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua -%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac" -if [ "${OSSEC_TYPE}" != "agent" ]; then - fixed_lines="${fixed_lines} -%%MYSQL%%%%DOCSDIR%%/mysql.schema -%%PGSQL%%%%DOCSDIR%%/postgresql.schema" -fi - -skip_lines=" -%%PORTDOCS%%%%DOCSDIR%%/mysql.schema -%%PORTDOCS%%%%DOCSDIR%%/postgresql.schema" - -skip_paths=" -/etc/ossec.conf -/etc/client.keys -/logs/active-responses.log -/logs/ossec.log -/lua" -if [ "${OSSEC_TYPE}" = "agent" ]; then - skip_paths="${skip_paths} -/rules -/agentless -/.ssh" -fi - -sample_paths=" -/etc/local_internal_options.conf.sample" +. $(dirname "$0")/plist.conf NL=$'\n' IFS=${NL} diff --git a/security/ossec-hids-local/scripts/sanitize-stage.sh b/security/ossec-hids-local/scripts/sanitize-stage.sh new file mode 100644 index 0000000..dfceb5b --- /dev/null +++ b/security/ossec-hids-local/scripts/sanitize-stage.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +# Script removes paths from stage to make stage-qa happy about "orphaned" files + +OSSEC_TYPE=$1 +OSSEC_HOME=$2 +STAGEDIR=$3 + +. $(dirname "$0")/plist.conf + +NL=$'\n' +IFS=${NL} + +for path in ${skip_paths}; do + rm -rf "${STAGEDIR}${OSSEC_HOME}${path}" +done |