From 1b81f7ecbcd98e895d9bb2fd87114ea8afa59a69 Mon Sep 17 00:00:00 2001
From: Dominik Lisiak <dominik.lisiak@bemsoft.pl>
Date: Sun, 2 Jun 2019 18:14:05 +0200
Subject: Removed false positives from "poudriere testport".

---
 .../ossec-hids-local-config/scripts/plist.conf     | 10 ++++++++
 security/ossec-hids-local-config/scripts/plist.sh  |  9 +------
 security/ossec-hids-local/Makefile                 |  9 +++++--
 security/ossec-hids-local/scripts/plist.conf       | 30 ++++++++++++++++++++++
 security/ossec-hids-local/scripts/plist.sh         | 29 +--------------------
 .../ossec-hids-local/scripts/sanitize-stage.sh     | 16 ++++++++++++
 6 files changed, 65 insertions(+), 38 deletions(-)
 create mode 100644 security/ossec-hids-local-config/scripts/plist.conf
 create mode 100644 security/ossec-hids-local/scripts/plist.conf
 create mode 100644 security/ossec-hids-local/scripts/sanitize-stage.sh

(limited to 'security')

diff --git a/security/ossec-hids-local-config/scripts/plist.conf b/security/ossec-hids-local-config/scripts/plist.conf
new file mode 100644
index 0000000..1f03dd1
--- /dev/null
+++ b/security/ossec-hids-local-config/scripts/plist.conf
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+fixed_lines=""
+skip_lines=""
+skip_paths=""
+
+sample_paths="
+/etc/command.conf.sample
+/etc/ossec.conf.d/900.local.conf.sample
+/etc/agent.conf.d/900.local.conf.sample"
diff --git a/security/ossec-hids-local-config/scripts/plist.sh b/security/ossec-hids-local-config/scripts/plist.sh
index a58b25a..b1915c4 100644
--- a/security/ossec-hids-local-config/scripts/plist.sh
+++ b/security/ossec-hids-local-config/scripts/plist.sh
@@ -11,14 +11,7 @@ PLIST=$3
 WORKDIR=$4
 STAGEDIR=$5
 
-fixed_lines=""
-skip_lines=""
-skip_paths=""
-
-sample_paths="
-/etc/command.conf.sample
-/etc/ossec.conf.d/900.local.conf.sample
-/etc/agent.conf.d/900.local.conf.sample"
+. $(dirname "$0")/plist.conf
 
 NL=$'\n'
 IFS=${NL}
diff --git a/security/ossec-hids-local/Makefile b/security/ossec-hids-local/Makefile
index 54433b3..b6de6c5 100644
--- a/security/ossec-hids-local/Makefile
+++ b/security/ossec-hids-local/Makefile
@@ -46,14 +46,17 @@ PGSQL_USES=	pgsql
 
 USE_GITHUB=	yes
 GH_ACCOUNT=	ossec
+
 USE_RC_SUBR=	ossec-hids
 
-.if ${OSSEC_TYPE} != agent
 USES+=		shebangfix
+SHEBANG_FILES=	active-response/ossec-pagerduty.sh
+
+.if ${OSSEC_TYPE} != agent
 SHEBANG_LANG=	expect
 expect_OLD_CMD=	"/usr/bin/env expect"
 expect_CMD=	${LOCALBASE}/bin/expect
-SHEBANG_FILES=	src/agentlessd/scripts/main.exp \
+SHEBANG_FILES+=	src/agentlessd/scripts/main.exp \
 		src/agentlessd/scripts/ssh.exp \
 		src/agentlessd/scripts/ssh_asa-fwsmconfig_diff \
 		src/agentlessd/scripts/ssh_foundry_diff \
@@ -215,6 +218,8 @@ post-install:
 	@${CHMOD} 550 ${STAGEDIR}${RESTART_OSSEC_BIN}
 .if defined(MAINTAINER_MODE)
 	@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${RESTART_OSSEC_BIN}
+.else
+	@${SH} ${SCRIPTDIR}/sanitize-stage.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${STAGEDIR}
 .endif
 
 .if ${OSSEC_TYPE} == agent
diff --git a/security/ossec-hids-local/scripts/plist.conf b/security/ossec-hids-local/scripts/plist.conf
new file mode 100644
index 0000000..847f6a8
--- /dev/null
+++ b/security/ossec-hids-local/scripts/plist.conf
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+fixed_lines="
+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua
+%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac"
+if [ "${OSSEC_TYPE}" != "agent" ]; then
+    fixed_lines="${fixed_lines}
+%%MYSQL%%%%DOCSDIR%%/mysql.schema
+%%PGSQL%%%%DOCSDIR%%/postgresql.schema"
+fi
+
+skip_lines="
+%%PORTDOCS%%%%DOCSDIR%%/mysql.schema
+%%PORTDOCS%%%%DOCSDIR%%/postgresql.schema"
+
+skip_paths="
+/etc/ossec.conf
+/etc/client.keys
+/logs/active-responses.log
+/logs/ossec.log
+/lua"
+if [ "${OSSEC_TYPE}" = "agent" ]; then
+    skip_paths="${skip_paths}
+/rules
+/agentless
+/.ssh"
+fi
+
+sample_paths="
+/etc/local_internal_options.conf.sample"
diff --git a/security/ossec-hids-local/scripts/plist.sh b/security/ossec-hids-local/scripts/plist.sh
index e5ef2c1..b1915c4 100644
--- a/security/ossec-hids-local/scripts/plist.sh
+++ b/security/ossec-hids-local/scripts/plist.sh
@@ -11,34 +11,7 @@ PLIST=$3
 WORKDIR=$4
 STAGEDIR=$5
 
-fixed_lines="
-%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua
-%%LUA%%@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac"
-if [ "${OSSEC_TYPE}" != "agent" ]; then
-    fixed_lines="${fixed_lines}
-%%MYSQL%%%%DOCSDIR%%/mysql.schema
-%%PGSQL%%%%DOCSDIR%%/postgresql.schema"
-fi
-
-skip_lines="
-%%PORTDOCS%%%%DOCSDIR%%/mysql.schema
-%%PORTDOCS%%%%DOCSDIR%%/postgresql.schema"
-
-skip_paths="
-/etc/ossec.conf
-/etc/client.keys
-/logs/active-responses.log
-/logs/ossec.log
-/lua"
-if [ "${OSSEC_TYPE}" = "agent" ]; then
-    skip_paths="${skip_paths}
-/rules
-/agentless
-/.ssh"
-fi
-
-sample_paths="
-/etc/local_internal_options.conf.sample"
+. $(dirname "$0")/plist.conf
 
 NL=$'\n'
 IFS=${NL}
diff --git a/security/ossec-hids-local/scripts/sanitize-stage.sh b/security/ossec-hids-local/scripts/sanitize-stage.sh
new file mode 100644
index 0000000..dfceb5b
--- /dev/null
+++ b/security/ossec-hids-local/scripts/sanitize-stage.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Script removes paths from stage to make stage-qa happy about "orphaned" files
+
+OSSEC_TYPE=$1
+OSSEC_HOME=$2
+STAGEDIR=$3
+
+. $(dirname "$0")/plist.conf
+
+NL=$'\n'
+IFS=${NL}
+
+for path in ${skip_paths}; do
+    rm -rf "${STAGEDIR}${OSSEC_HOME}${path}"
+done
-- 
cgit v1.2.3