Skip to content

Commit 4e1c1bf

Browse files
atomicturtleatomicturtle
authored
Merge pull request ossec#2192 from atomicturtle/spec-01
Update for RPM builder
2 parents 57f92b8 + 3e234e4 commit 4e1c1bf

9 files changed

Lines changed: 101 additions & 81 deletions

File tree

Dockerfile

Lines changed: 0 additions & 26 deletions
This file was deleted.

build.sh

Lines changed: 0 additions & 8 deletions
This file was deleted.

contrib/specs/filter-requires.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/bin/sh
2+
# Wrapper for RPM dependency detection. Passes through to the system find-requires.
3+
# Customize to filter unwanted requires if needed.
4+
if [ -x /usr/lib/rpm/redhat/find-requires ]; then
5+
exec /usr/lib/rpm/redhat/find-requires "$@"
6+
fi
7+
if [ -x /usr/lib/rpm/find-requires ]; then
8+
exec /usr/lib/rpm/find-requires "$@"
9+
fi
10+
# Fallback: no-op (avoid breaking the build)
11+
exec cat

contrib/specs/ossec-authd

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
# Sysconfig for ossec-authd (agent auth daemon)
2+
# Options passed to ossec-authd when started by the init script or systemd
3+
4+
PORT=1515

contrib/specs/ossec-hids.logrotate

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
# Logrotate config for OSSEC HIDS
2+
/var/ossec/logs/ossec.log {
3+
missingok
4+
notifempty
5+
copytruncate
6+
rotate 4
7+
weekly
8+
}

ossec-hids.spec

Lines changed: 31 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -22,31 +22,14 @@ Summary: An Open Source Host-based Intrusion Detection System
2222
Name: ossec-hids
2323
Epoch: 1
2424
Version: 4.0.0
25-
Release: RELEASE-AUTO%{?dist}.art
25+
Release: 1%{?dist}.art
2626
License: GPL
2727
Group: Applications/System
2828
URL: https://www.ossec.net/
2929
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
3030
Vendor: https://www.ossec.net
3131
Packager: https://www.atomicorp.com
3232
Source0: https://github.com/ossec/ossec-hids/archive/%{version}/%{name}-%{version}.tar.gz
33-
Source1: filter-requires.sh
34-
Source2: %{name}.init
35-
Source3: ossec-hids-hybrid.conf
36-
Source4: ossec-hids.service
37-
Source5: ossec-hids-hybrid.service
38-
Source6: ossec-hids.logrotate
39-
Source7: zabbix-alert.sh
40-
Source8: ossec-configure
41-
Source9: ossec-hids-agent.conf
42-
Source10: ar-tracking.sh
43-
Source11: ossec-hids-authd.service
44-
Source12: ossec-hids-hybrid.init
45-
Source13: default-ossec-agent.conf
46-
Source14: ossec-hids-authd
47-
Source15: ossec-authd
48-
Source16: ossec-server.conf
49-
Source1000: exclusion_rules.xml
5033
Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd
5134
Requires(post): openssl
5235
BuildRequires: make
@@ -79,6 +62,11 @@ BuildRequires: pcre2-devel
7962
BuildRequires: systemd-devel
8063
%endif
8164

65+
%bcond_without magic
66+
%if %{with magic}
67+
BuildRequires: file-devel
68+
%endif
69+
8270

8371
Provides: ossec-%{version}-%{release}
8472
# Do we really need inotify-tools?
@@ -89,7 +77,7 @@ ExclusiveOS: linux
8977

9078

9179
%define _use_internal_dependency_generator 0
92-
%define __find_requires %{SOURCE1}
80+
%define __find_requires %{_builddir}/%{name}-%{version}/contrib/specs/filter-requires.sh
9381

9482
%description
9583
OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection
@@ -197,6 +185,12 @@ Postgresql connector for OSSEC
197185

198186
%build
199187

188+
%if %{without magic}
189+
%global make_magic_opt USE_MAGIC=no
190+
%else
191+
%global make_magic_opt %{nil}
192+
%endif
193+
200194
CFLAGS="$RPM_OPT_FLAGS -fpic -fPIE -Wformat -Wformat-security -fstack-protector-all -Wstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -fcommon"
201195

202196
%if 0%{?rhel} == 5
@@ -212,7 +206,7 @@ pushd src
212206

213207
# Agent
214208
mkdir clients/
215-
make TARGET=agent PCRE2_SYSTEM=yes
209+
make TARGET=agent PCRE2_SYSTEM=yes %{?make_magic_opt}
216210
mv manage_agents clients/manage_agent
217211
mv ossec-logcollector clients/client-logcollector
218212
mv ossec-syscheckd clients/client-syscheckd
@@ -223,7 +217,7 @@ mv agent-auth clients/
223217
# Hybrid
224218
make clean
225219
mkdir hybrid/
226-
make TARGET=agent PCRE2_SYSTEM=yes PREFIX=/var/ossec/ossec-agent
220+
make TARGET=agent PCRE2_SYSTEM=yes PREFIX=/var/ossec/ossec-agent %{?make_magic_opt}
227221
mv ossec-agentd hybrid/
228222
mv ossec-execd hybrid/
229223
mv ossec-logcollector hybrid/
@@ -235,19 +229,19 @@ mv manage_agents hybrid/manage_agent
235229
make clean
236230
# not on amzn22023
237231
#make DATABASE=pgsql MAXAGENTS=16384 GEOIP=1 TARGET=server PCRE2_SYSTEM=yes
238-
make DATABASE=pgsql MAXAGENTS=16384 TARGET=server PCRE2_SYSTEM=yes
232+
make DATABASE=pgsql MAXAGENTS=16384 TARGET=server PCRE2_SYSTEM=yes %{?make_magic_opt}
239233
mkdir postgres
240234
cp ossec-dbd postgres/
241235

242236
# Rebuild for mysql
243237
make clean
244238
# not on amzn2023
245239
#make DATABASE=mysql MAXAGENTS=16384 USE_GEOIP=1 TARGET=server PCRE2_SYSTEM=yes
246-
make DATABASE=mysql MAXAGENTS=16384 TARGET=server PCRE2_SYSTEM=yes
240+
make DATABASE=mysql MAXAGENTS=16384 TARGET=server PCRE2_SYSTEM=yes %{?make_magic_opt}
247241
mkdir mariadb
248242
cp ossec-dbd mariadb
249243
make clean
250-
make MAXAGENTS=16384 TARGET=server PCRE2_SYSTEM=yes
244+
make MAXAGENTS=16384 TARGET=server PCRE2_SYSTEM=yes %{?make_magic_opt}
251245
#make DATABASE=mysql MAXAGENTS=16384 TARGET=server
252246

253247
popd
@@ -313,31 +307,25 @@ install -m 0550 src/hybrid/ossec-syscheckd ${RPM_BUILD_ROOT}%{_localstatedir}/os
313307
# etc
314308
install -m 0644 etc/internal_options.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/ossec-agent/etc
315309
# TODO: local_internal_options, probably not needed
316-
install -m 0644 %{SOURCE3} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/ossec-agent/etc/ossec.conf
310+
install -m 0644 etc/ossec-agent.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/ossec-agent/etc/ossec.conf
317311
# TODO:ossec-init.conf
318312
# needs to be reviewed
319313
install -m 0644 src/rootcheck/db/*.txt ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/ossec-agent/etc/shared
320314

321315

322316
# Copy changelog
323-
#cp %{SOURCE1} CHANGELOG
317+
#cp CHANGELOG
324318

325-
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 7
326319
mkdir -p %{buildroot}%{_unitdir}
327-
%{__install} -Dp -m0644 %{SOURCE4} %{buildroot}%{_unitdir}/ossec-hids.service
328-
%{__install} -Dp -m0644 %{SOURCE5} %{buildroot}%{_unitdir}/ossec-hids-hybrid.service
329-
%{__install} -Dp -m0644 %{SOURCE11} %{buildroot}%{_unitdir}/ossec-hids-authd.service
330-
%else
331-
%{__install} -m 0755 %{SOURCE2} ${RPM_BUILD_ROOT}%{_initrddir}/%{name}
332-
%{__install} -m 0755 %{SOURCE14} ${RPM_BUILD_ROOT}%{_initrddir}/%{name}-authd
333-
%{__install} -m 0755 %{SOURCE12} ${RPM_BUILD_ROOT}%{_initrddir}/ossec-hids-hybrid
334-
%endif
335-
%{__install} -m 0755 %{SOURCE15} ${RPM_BUILD_ROOT}/etc/sysconfig/ossec-authd
320+
%{__install} -Dp -m0644 src/systemd/ossec-hids.service %{buildroot}%{_unitdir}/ossec-hids.service
321+
%{__install} -Dp -m0644 src/systemd/ossec-hids-hybrid.service %{buildroot}%{_unitdir}/ossec-hids-hybrid.service
322+
%{__install} -Dp -m0644 src/systemd/server/ossec-hids-authd.service %{buildroot}%{_unitdir}/ossec-hids-authd.service
323+
%{__install} -m 0755 contrib/specs/ossec-authd ${RPM_BUILD_ROOT}/etc/sysconfig/ossec-authd
336324

337325
install -m 0600 ossec-init.conf ${RPM_BUILD_ROOT}%{_sysconfdir}
338326
install -m 0644 etc/ossec.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/ossec.conf.sample
339-
install -m 0644 %{SOURCE16} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/ossec-server.conf
340-
install -m 0644 %{SOURCE13} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/ossec-agent.conf
327+
install -m 0644 etc/ossec-server.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/ossec-server.conf
328+
install -m 0644 etc/ossec-agent.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/ossec-agent.conf
341329
install -m 0644 etc/*.xml ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc
342330
install -m 0644 etc/internal_options* ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc
343331
install -m 0644 etc/rules/*xml ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/rules
@@ -395,8 +383,6 @@ install -m 0644 src/os_dbd/postgresql.schema ${RPM_BUILD_ROOT}%{_datadir}/ossec/
395383
install -m 0550 src/init/ossec-{client,server}.sh ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/bin
396384
install -m 0550 src/agentlessd/scripts/* ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/agentless
397385

398-
# Legacy file
399-
install -m 0644 %{SOURCE1000} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/rules/exclusion_rules.xml
400386

401387

402388
# Install contrib files
@@ -414,12 +400,10 @@ popd
414400
touch ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/ossec.conf
415401

416402
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
417-
install -m 0644 %{SOURCE6} ${RPM_BUILD_ROOT}/etc/logrotate.d/%{name}
418-
install -m 0755 %{SOURCE7} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/active-response/bin/zabbix-alert.sh
419-
install -m 0755 %{SOURCE10} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/active-response/bin/ar-tracking.sh
420-
install -m 0755 %{SOURCE8} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/bin/ossec-configure
421-
install -m 0644 %{SOURCE9} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/shared/agent.conf
422-
install -m 0644 %{SOURCE9} ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/ossec-agent/etc/shared/agent.conf
403+
install -m 0644 contrib/specs/ossec-hids.logrotate ${RPM_BUILD_ROOT}/etc/logrotate.d/%{name}
404+
install -m 0755 contrib/ossec-configure ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/bin/ossec-configure
405+
install -m 0644 etc/ossec-agent.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/etc/shared/agent.conf
406+
install -m 0644 etc/ossec-agent.conf ${RPM_BUILD_ROOT}%{_localstatedir}/ossec/ossec-agent/etc/shared/agent.conf
423407

424408

425409
%pre
@@ -767,7 +751,7 @@ fi
767751

768752
# Changes
769753
%changelog
770-
* Sat Feb 1 2026 Support <support@atomicorp.com> - 4.0.0-1
754+
* Sun Feb 1 2026 Support <support@atomicorp.com> - 4.0.0-1
771755
- Update to 4.0.0
772756

773757
* Tue Jan 7 2025 Support <support@atomicorp.com> - 3.8.0-1

src/systemd/ossec-hids-hybrid.service

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
[Unit]
2+
Description=OSSEC HIDS hybrid (local agent)
3+
After=network.target
4+
5+
[Service]
6+
Type=forking
7+
EnvironmentFile=/etc/ossec-init.conf
8+
Environment=DIRECTORY=/var/ossec
9+
10+
ExecStart=/usr/bin/env ${DIRECTORY}/ossec-agent/bin/ossec-control start
11+
ExecStop=/usr/bin/env ${DIRECTORY}/ossec-agent/bin/ossec-control stop
12+
TimeoutStartSec=120
13+
TimeoutStopSec=120
14+
15+
[Install]
16+
WantedBy=multi-user.target

src/systemd/ossec-hids.service

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
[Unit]
2+
Description=OSSEC HIDS (agent or server)
3+
After=network.target
4+
5+
[Service]
6+
Type=forking
7+
EnvironmentFile=/etc/ossec-init.conf
8+
Environment=DIRECTORY=/var/ossec
9+
10+
ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-control start
11+
ExecStop=/usr/bin/env ${DIRECTORY}/bin/ossec-control stop
12+
TimeoutStartSec=120
13+
TimeoutStopSec=120
14+
15+
[Install]
16+
WantedBy=multi-user.target

src/systemd/server/ossec-hids-authd.service

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
[Unit]
2+
Description=OSSEC HIDS agent authentication daemon
3+
After=network.target
4+
5+
[Service]
6+
Type=forking
7+
EnvironmentFile=/etc/ossec-init.conf
8+
Environment=DIRECTORY=/var/ossec
9+
10+
ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-authd -t
11+
ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-authd -f
12+
TimeoutStartSec=60
13+
14+
[Install]
15+
WantedBy=multi-user.target

0 commit comments

Comments
 (0)