On 2018/10/03 15:08, Paul Irofti wrote:
> On Fri, Sep 21, 2018 at 12:01:55PM +0300, Paul Irofti wrote:
> > Hi,
> >
> > Attached is a new port for ossec-hids.
> >
> > OSSEC is a scalable, multi-platform, open source Host-based Intrusion
> > Detection
> > System (HIDS). It has a powerful correlation and analysis engine,
> > integrating
> > log analysis, file integrity checking, Windows registry monitoring,
> > centralized
> > policy enforcement, rootkit detection, real-time alerting and active
> > response.
> >
> >
> > Testing has shown encouraging results. The only issue that I am aware of
> > at this moment is that real-time file monitoring sometime stops working
> > without anything in the logs or any daemons crashing. I plan on testing
> > this further, but it might be a software defect not a porting omission
> > on my end.
> >
> >
> > Any comments? OK to import?
> >
> > Thanks,
> > Paul
>
> Here is an updated tarbal with a few fixes. I plan on importing this
> later today or tomorrow morning if noboday objects.
Sorry I don't think it's ready for commit yet, there are a few problems ..
- Bad distfile name, it's already using an on-the-fly
tarball from github anyway so the easy fix is to use the GH_* scaffolding
- Compiler command lines are hidden which makes it hard to track down some
problems in bulk build logs
- Needs WANTLIB etc.
(Diff for the above three attached)
- In the build of the embedded copy of libz, it's forcing "gcc -O3"
and for lua it does use ${CC} but forces -O2, looks like forced -O2 in
ossec's own files too?
- Patches have hardcoded /usr/local
- (also it's not ideal that it's NO_BUILD and everything is built in
"make install", though upstream doesn't make this easy to fix..)
diff --git a/Makefile b/Makefile
index 6a0d1f1..03ec83c 100644
--- a/Makefile
+++ b/Makefile
@@ -2,23 +2,22 @@
COMMENT = host-based intrusion detection system
-V = 3.0.0
-DISTNAME = ${V}
+GH_ACCOUNT = ossec
+GH_PROJECT = ossec-hids
+GH_TAGNAME = 3.0.0
+
CATEGORIES = security
-PKGNAME = ossec-hids-${V}
-WRKDIST = ${WRKDIR}/${PKGNAME}
-HOMEPAGE = http://www.ossec.net/
-MASTER_SITES = https://github.com/ossec/ossec-hids/archive/
+HOMEPAGE = https://www.ossec.net/
MAINTAINER = Paul Irofti <[email protected]>
# GPLv2
PERMIT_PACKAGE_CDROM = Yes
-BUILD_DEPENDS = devel/libinotify \
- devel/libmagic
-RUN_DEPENDS = devel/libinotify \
+WANTLIB += c crypto lib/inotify/inotify m magic pthread ssl
+
+LIB_DEPENDS = devel/libinotify \
devel/libmagic
USE_GMAKE = Yes
@@ -39,7 +38,8 @@ INSTALL_FLAGS = USER_NO_STOP=y \
USER_ENABLE_FIREWALL_RESPONSE=y \
USER_ENABLE_SYSLOG=y \
USER_AGENT_SERVER_IP="127.0.0.1" \
- USE_INOTIFY=y
+ USE_INOTIFY=y \
+ V=1
do-install:
cd ${WRKBUILD} && ${INSTALL_FLAGS} /bin/sh install.sh
