summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRalph Seichter <github@seichter.de>2018-10-20 21:30:21 +0200
committerMichał Górny <mgorny@gentoo.org>2018-10-30 11:27:49 +0100
commit9fcab634ffa351e9821d8ae2539aef280f751a25 (patch)
tree8baab2c0e443e9d4d14951d951267a47182494b8 /net-analyzer
parentdev-lang/erlang: Old (diff)
downloadgentoo-9fcab634ffa351e9821d8ae2539aef280f751a25.tar.gz
gentoo-9fcab634ffa351e9821d8ae2539aef280f751a25.tar.bz2
gentoo-9fcab634ffa351e9821d8ae2539aef280f751a25.zip
net-analyzer/ossec-hids: open source HIDS (new package)
OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution. Signed-off-by: Ralph Seichter <gentoo@seichter.de> Closes: https://bugs.gentoo.org/545788 Package-Manager: Portage-2.3.49, Repoman-2.3.11 Closes: https://github.com/gentoo/gentoo/pull/10189 Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/ossec-hids/Manifest1
-rw-r--r--net-analyzer/ossec-hids/files/makefile.patch28
-rw-r--r--net-analyzer/ossec-hids/metadata.xml30
-rw-r--r--net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild68
4 files changed, 127 insertions, 0 deletions
diff --git a/net-analyzer/ossec-hids/Manifest b/net-analyzer/ossec-hids/Manifest
new file mode 100644
index 000000000000..f36a96f0d3e3
--- /dev/null
+++ b/net-analyzer/ossec-hids/Manifest
@@ -0,0 +1 @@
+DIST ossec-hids-3.1.0.tar.gz 1886469 BLAKE2B c175c8659a8b5d0d269a5cb6bf142276f29e6f676afc6029accf854d68299d71147ba65a667601e77c6db8ca49a29afa49534e5683369f420f6389059ae61fc3 SHA512 fe55f82ac354d9fcd767d8379a492279644308788535780bb029d46688c93f259771686462570137555b40082c6756daad44bbdd1ddc953ed0bb22b65c6cb566
diff --git a/net-analyzer/ossec-hids/files/makefile.patch b/net-analyzer/ossec-hids/files/makefile.patch
new file mode 100644
index 000000000000..2169b5287fd7
--- /dev/null
+++ b/net-analyzer/ossec-hids/files/makefile.patch
@@ -0,0 +1,28 @@
+--- a/Makefile 2018-10-12 00:25:16.000000000 +0200
++++ b/Makefile 2018-10-26 17:59:44.458689842 +0200
+@@ -378,7 +378,6 @@
+ install-server: install-server-generic
+
+ install-common: build
+- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
+ install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/
+ install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/logs
+ install -m 0660 -o ${OSSEC_USER} -g ${OSSEC_GROUP} /dev/null ${PREFIX}/logs/ossec.log
+@@ -1166,7 +1165,7 @@
+ #### test ##########
+ ####################
+
+-CFLAGS_TEST = -g -O0 --coverage
++CFLAGS_TEST = -g -O0
+
+ LDFLAGS_TEST = -lcheck -lm -pthread -lrt
+
+@@ -1177,7 +1176,7 @@
+
+ test_programs = test_os_zlib test_os_xml test_os_regex test_os_crypto test_shared
+
+-.PHONY: test run_tests build_tests test_valgrind test_coverage
++.PHONY: test run_tests build_tests test_valgrind
+
+ test: build_tests
+ ${MAKE} run_tests
diff --git a/net-analyzer/ossec-hids/metadata.xml b/net-analyzer/ossec-hids/metadata.xml
new file mode 100644
index 000000000000..a6ba742f6ee0
--- /dev/null
+++ b/net-analyzer/ossec-hids/metadata.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>gentoo@seichter.de</email>
+ <name>Ralph Seichter</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>proxy-maint@gentoo.org</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+ <longdescription>
+ OSSEC is a full platform to monitor and control your systems. It mixes
+ together all the aspects of HIDS (host-based intrusion detection), log
+ monitoring and SIM/SIEM together in a simple, powerful and open source
+ solution.
+ To determine which build target (agent, server, hybrid or local) best
+ suits your needs, please visit https://www.ossec.net/ and review the
+ documentation provided there.
+ </longdescription>
+ <use>
+ <flag name="agent">Build "agent" installation target (see package description)</flag>
+ <flag name="hybrid">Build "hybrid" installation target</flag>
+ <flag name="local">Build "local" installation target</flag>
+ <flag name="server">Build "server" installation target</flag>
+ </use>
+ <upstream>
+ <remote-id type="github">ossec/ossec-hids</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild b/net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild
new file mode 100644
index 000000000000..9df4ea46973f
--- /dev/null
+++ b/net-analyzer/ossec-hids/ossec-hids-3.1.0.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit user
+
+DESCRIPTION="Open Source Host-based Intrusion Detection System"
+HOMEPAGE="https://www.ossec.net/"
+SRC_URI="https://github.com/ossec/ossec-hids/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="agent hybrid local mysql postgres server sqlite"
+REQUIRED_USE="^^ ( agent hybrid local server )
+ ?? ( mysql postgres )"
+
+DEPEND="mysql? ( virtual/mysql )
+ sqlite? ( dev-db/sqlite:3 )
+ postgres? ( dev-db/postgresql:= )
+ sys-libs/zlib:="
+RDEPEND="${DEPEND}"
+S="${WORKDIR}/${P}/src"
+
+declare -a MY_OPT
+
+pkg_setup() {
+ enewuser ossec -1 -1 /var/ossec
+ enewuser ossecm -1 -1 -1 ossec
+ enewuser ossecr -1 -1 -1 ossec
+}
+
+src_prepare() {
+ default
+ eapply "${FILESDIR}/makefile.patch"
+}
+
+src_configure() {
+ local target="local"
+ use agent && target="agent"
+ use hybrid && target="hybrid"
+ use server && target="server"
+ MY_OPT=(
+ TARGET=${target}
+ USE_SQLITE=$(usex sqlite)
+ V=0
+ ZLIB_SYSTEM=yes
+ )
+ use mysql && MY_OPT+=( DATABASE=mysql )
+ use postgres && MY_OPT+=( DATABASE=pgsql )
+}
+
+src_compile() {
+ emake "${MY_OPT[@]}" PREFIX=/var/ossec
+}
+
+src_test() {
+ emake "${MY_OPT[@]}" PREFIX=/var/ossec test
+}
+
+src_install() {
+ keepdir /var/ossec/logs/{alerts,archives,firewall}
+ keepdir /var/ossec/lua/{compiled,native}
+ keepdir /var/ossec/queue/{agent-info,agentless,alerts,diff,fts,ossec,rids,rootcheck,syscheck}
+ keepdir /var/ossec/{.ssh,stats,tmp,var/run}
+ emake "${MY_OPT[@]}" PREFIX="${D}/var/ossec" install
+}