1 |
commit: 9fcab634ffa351e9821d8ae2539aef280f751a25 |
2 |
Author: Ralph Seichter <github <AT> seichter <DOT> de> |
3 |
AuthorDate: Sat Oct 20 19:30:21 2018 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Oct 30 10:27:49 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9fcab634 |
7 |
|
8 |
net-analyzer/ossec-hids: open source HIDS (new package) |
9 |
|
10 |
OSSEC is a full platform to monitor and control your systems. It mixes |
11 |
together all the aspects of HIDS (host-based intrusion detection), log |
12 |
monitoring and SIM/SIEM together in a simple, powerful and open source |
13 |
solution. |
14 |
|
15 |
Signed-off-by: Ralph Seichter <gentoo <AT> seichter.de> |
16 |
Closes: https://bugs.gentoo.org/545788 |
17 |
Package-Manager: Portage-2.3.49, Repoman-2.3.11 |
18 |
Closes: https://github.com/gentoo/gentoo/pull/10189 |
19 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
20 |
|
21 |
net-analyzer/ossec-hids/Manifest | 1 + |
22 |
net-analyzer/ossec-hids/files/makefile.patch | 28 ++++++++++ |
23 |
net-analyzer/ossec-hids/metadata.xml | 30 +++++++++++ |
24 |
net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild | 68 +++++++++++++++++++++++++ |
25 |
4 files changed, 127 insertions(+) |
26 |
|
27 |
diff --git a/net-analyzer/ossec-hids/Manifest b/net-analyzer/ossec-hids/Manifest |
28 |
new file mode 100644 |
29 |
index 00000000000..f36a96f0d3e |
30 |
--- /dev/null |
31 |
+++ b/net-analyzer/ossec-hids/Manifest |
32 |
@@ -0,0 +1 @@ |
33 |
+DIST ossec-hids-3.1.0.tar.gz 1886469 BLAKE2B c175c8659a8b5d0d269a5cb6bf142276f29e6f676afc6029accf854d68299d71147ba65a667601e77c6db8ca49a29afa49534e5683369f420f6389059ae61fc3 SHA512 fe55f82ac354d9fcd767d8379a492279644308788535780bb029d46688c93f259771686462570137555b40082c6756daad44bbdd1ddc953ed0bb22b65c6cb566 |
34 |
|
35 |
diff --git a/net-analyzer/ossec-hids/files/makefile.patch b/net-analyzer/ossec-hids/files/makefile.patch |
36 |
new file mode 100644 |
37 |
index 00000000000..2169b5287fd |
38 |
--- /dev/null |
39 |
+++ b/net-analyzer/ossec-hids/files/makefile.patch |
40 |
@@ -0,0 +1,28 @@ |
41 |
+--- a/Makefile 2018-10-12 00:25:16.000000000 +0200 |
42 |
++++ b/Makefile 2018-10-26 17:59:44.458689842 +0200 |
43 |
+@@ -378,7 +378,6 @@ |
44 |
+ install-server: install-server-generic |
45 |
+ |
46 |
+ install-common: build |
47 |
+- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX} |
48 |
+ install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/ |
49 |
+ install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs |
50 |
+ install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log |
51 |
+@@ -1166,7 +1165,7 @@ |
52 |
+ #### test ########## |
53 |
+ #################### |
54 |
+ |
55 |
+-CFLAGS_TEST = -g -O0 --coverage |
56 |
++CFLAGS_TEST = -g -O0 |
57 |
+ |
58 |
+ LDFLAGS_TEST = -lcheck -lm -pthread -lrt |
59 |
+ |
60 |
+@@ -1177,7 +1176,7 @@ |
61 |
+ |
62 |
+ test_programs = test_os_zlib test_os_xml test_os_regex test_os_crypto test_shared |
63 |
+ |
64 |
+-.PHONY: test run_tests build_tests test_valgrind test_coverage |
65 |
++.PHONY: test run_tests build_tests test_valgrind |
66 |
+ |
67 |
+ test: build_tests |
68 |
+ ${MAKE} run_tests |
69 |
|
70 |
diff --git a/net-analyzer/ossec-hids/metadata.xml b/net-analyzer/ossec-hids/metadata.xml |
71 |
new file mode 100644 |
72 |
index 00000000000..a6ba742f6ee |
73 |
--- /dev/null |
74 |
+++ b/net-analyzer/ossec-hids/metadata.xml |
75 |
@@ -0,0 +1,30 @@ |
76 |
+<?xml version="1.0" encoding="UTF-8"?> |
77 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
78 |
+<pkgmetadata> |
79 |
+ <maintainer type="person"> |
80 |
+ <email>gentoo@××××××××.de</email> |
81 |
+ <name>Ralph Seichter</name> |
82 |
+ </maintainer> |
83 |
+ <maintainer type="project"> |
84 |
+ <email>proxy-maint@g.o</email> |
85 |
+ <name>Proxy Maintainers</name> |
86 |
+ </maintainer> |
87 |
+ <longdescription> |
88 |
+ OSSEC is a full platform to monitor and control your systems. It mixes |
89 |
+ together all the aspects of HIDS (host-based intrusion detection), log |
90 |
+ monitoring and SIM/SIEM together in a simple, powerful and open source |
91 |
+ solution. |
92 |
+ To determine which build target (agent, server, hybrid or local) best |
93 |
+ suits your needs, please visit https://www.ossec.net/ and review the |
94 |
+ documentation provided there. |
95 |
+ </longdescription> |
96 |
+ <use> |
97 |
+ <flag name="agent">Build "agent" installation target (see package description)</flag> |
98 |
+ <flag name="hybrid">Build "hybrid" installation target</flag> |
99 |
+ <flag name="local">Build "local" installation target</flag> |
100 |
+ <flag name="server">Build "server" installation target</flag> |
101 |
+ </use> |
102 |
+ <upstream> |
103 |
+ <remote-id type="github">ossec/ossec-hids</remote-id> |
104 |
+ </upstream> |
105 |
+</pkgmetadata> |
106 |
|
107 |
diff --git a/net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild b/net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild |
108 |
new file mode 100644 |
109 |
index 00000000000..9df4ea46973 |
110 |
--- /dev/null |
111 |
+++ b/net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild |
112 |
@@ -0,0 +1,68 @@ |
113 |
+# Copyright 1999-2018 Gentoo Authors |
114 |
+# Distributed under the terms of the GNU General Public License v2 |
115 |
+ |
116 |
+EAPI=7 |
117 |
+ |
118 |
+inherit user |
119 |
+ |
120 |
+DESCRIPTION="Open Source Host-based Intrusion Detection System" |
121 |
+HOMEPAGE="https://www.ossec.net/" |
122 |
+SRC_URI="https://github.com/ossec/ossec-hids/archive/${PV}.tar.gz -> ${P}.tar.gz" |
123 |
+ |
124 |
+LICENSE="GPL-2" |
125 |
+SLOT="0" |
126 |
+KEYWORDS="~amd64" |
127 |
+IUSE="agent hybrid local mysql postgres server sqlite" |
128 |
+REQUIRED_USE="^^ ( agent hybrid local server ) |
129 |
+ ?? ( mysql postgres )" |
130 |
+ |
131 |
+DEPEND="mysql? ( virtual/mysql ) |
132 |
+ sqlite? ( dev-db/sqlite:3 ) |
133 |
+ postgres? ( dev-db/postgresql:= ) |
134 |
+ sys-libs/zlib:=" |
135 |
+RDEPEND="${DEPEND}" |
136 |
+S="${WORKDIR}/${P}/src" |
137 |
+ |
138 |
+declare -a MY_OPT |
139 |
+ |
140 |
+pkg_setup() { |
141 |
+ enewuser ossec -1 -1 /var/ossec |
142 |
+ enewuser ossecm -1 -1 -1 ossec |
143 |
+ enewuser ossecr -1 -1 -1 ossec |
144 |
+} |
145 |
+ |
146 |
+src_prepare() { |
147 |
+ default |
148 |
+ eapply "${FILESDIR}/makefile.patch" |
149 |
+} |
150 |
+ |
151 |
+src_configure() { |
152 |
+ local target="local" |
153 |
+ use agent && target="agent" |
154 |
+ use hybrid && target="hybrid" |
155 |
+ use server && target="server" |
156 |
+ MY_OPT=( |
157 |
+ TARGET=${target} |
158 |
+ USE_SQLITE=$(usex sqlite) |
159 |
+ V=0 |
160 |
+ ZLIB_SYSTEM=yes |
161 |
+ ) |
162 |
+ use mysql && MY_OPT+=( DATABASE=mysql ) |
163 |
+ use postgres && MY_OPT+=( DATABASE=pgsql ) |
164 |
+} |
165 |
+ |
166 |
+src_compile() { |
167 |
+ emake "${MY_OPT[@]}" PREFIX=/var/ossec |
168 |
+} |
169 |
+ |
170 |
+src_test() { |
171 |
+ emake "${MY_OPT[@]}" PREFIX=/var/ossec test |
172 |
+} |
173 |
+ |
174 |
+src_install() { |
175 |
+ keepdir /var/ossec/logs/{alerts,archives,firewall} |
176 |
+ keepdir /var/ossec/lua/{compiled,native} |
177 |
+ keepdir /var/ossec/queue/{agent-info,agentless,alerts,diff,fts,ossec,rids,rootcheck,syscheck} |
178 |
+ keepdir /var/ossec/{.ssh,stats,tmp,var/run} |
179 |
+ emake "${MY_OPT[@]}" PREFIX="${D}/var/ossec" install |
180 |
+} |