summaryrefslogtreecommitdiff
path: root/security/logcheck
diff options
context:
space:
mode:
authorYen-Ming Lee <leeym@FreeBSD.org>2003-04-09 05:41:27 +0000
committerYen-Ming Lee <leeym@FreeBSD.org>2003-04-09 05:41:27 +0000
commit51eb8aee7af439adbd7f19056127bb4225f75c5b (patch)
tree14197539fd1f9d524c9db6196bc84a630394fdfe /security/logcheck
parentMaintainer update: New version released. Fixes security (diff)
- Remove BROKEN: change temp dir from /tmp to /var/run/logcheck
(it has to be mode 700) - now complies with hier(7) - Psionic has been acquired by Cisco in late 2002 and now www.psionic.com is an alias to www.cisco.com. Unfortunately, the latter does not have any mention of LogSentry or other Abacus tools, so remove www.psionic.com from the MASTER_SITES and WWW: tag - Reword pkg-descr to better reflect reality - Dont use logcheck's Makefile - build/install completely from port's Makefile - Make PREFIX-clean - Install useful documentation - Assign maintainership to submitter Removed files: - files/patch-aa - pkg-message PR: 50730 Submitted by: Sergei Kolobov <sergei@kolobov.com>
Diffstat (limited to 'security/logcheck')
-rw-r--r--security/logcheck/Makefile46
-rw-r--r--security/logcheck/files/patch-aa81
-rw-r--r--security/logcheck/pkg-descr12
-rw-r--r--security/logcheck/pkg-message14
-rw-r--r--security/logcheck/pkg-plist24
5 files changed, 54 insertions, 123 deletions
diff --git a/security/logcheck/Makefile b/security/logcheck/Makefile
index 6968eebb06b6..393e13c6aa01 100644
--- a/security/logcheck/Makefile
+++ b/security/logcheck/Makefile
@@ -7,32 +7,50 @@
PORTNAME= logcheck
PORTVERSION= 1.1.1
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= ftp://sensimilia.eu.org/pub/software/sys/ \
http://www.ukc.mirror.ac.uk/sites/ftp.freebsd.org/pub/FreeBSD/ports/distfiles/ \
- http://www.psionic.com/downloads/ \
http://people.FreeBSD.org/~foxfair/distfiles/
DISTNAME= logsentry-${PORTVERSION}
-MAINTAINER= ports@FreeBSD.org
+MAINTAINER= sergei@kolobov.com
COMMENT= Auditing tool for system logs on Unix boxes
-BROKEN= "Changes permissions on /tmp to mode 0700"
-
USE_REINPLACE= yes
+
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
-PKGMESSAGE= ${WRKDIR}/MESSAGE
-pre-configure:
- ${REINPLACE_CMD} -e "s@/usr/local/etc/tmp@/tmp@g; \
- s@/usr/local@${PREFIX}@" ${WRKSRC}/Makefile \
- ${WRKSRC}/systems/freebsd/logcheck.sh
- ${REINPLACE_CMD} -e "s@/bin/mkdir@${MKDIR}@g" ${WRKSRC}/Makefile
+# Install binaries and config files readable to root only
+BINMODE= 700
+SHAREMODE= 600
-post-build:
- @${SED} -e 's,%%PREFIX%%,${PREFIX},g' ${PKGDIR}/pkg-message > ${PKGMESSAGE}
+LOGCHECK_TMP?= /var/run/logcheck
+PLIST_SUB+= LOGCHECK_TMP=${LOGCHECK_TMP}
+
+CONFIG_FILES= logcheck.hacking logcheck.ignore \
+ logcheck.violations logcheck.violations.ignore
+DOCS= CREDITS INSTALL README README.how.to.interpret README.keywords
+
+do-build:
+ cd ${WRKSRC}/src && ${CC} ${CFLAGS} -o logtail logtail.c
+ ${REINPLACE_CMD} -e 's!/usr/local/bin/logtail!${PREFIX}/bin/logtail!' \
+ -e 's!/usr/local/etc/tmp!${LOGCHECK_TMP}!' \
+ -e 's!/usr/local/etc/logcheck!${PREFIX}/etc/logcheck!' \
+ ${WRKSRC}/systems/freebsd/logcheck.sh
-post-install:
- @${CAT} ${PKGMESSAGE}
+do-install:
+ ${INSTALL_PROGRAM} ${WRKSRC}/src/logtail ${PREFIX}/bin
+ ${INSTALL_SCRIPT} ${WRKSRC}/systems/freebsd/logcheck.sh ${PREFIX}/etc
+ ${MKDIR} ${EXAMPLESDIR}
+ cd ${WRKSRC}/systems/freebsd && \
+ ${INSTALL_DATA} ${CONFIG_FILES} ${EXAMPLESDIR} && \
+ ${INSTALL_DATA} ${CONFIG_FILES} ${PREFIX}/etc
+ ${TEST} -d ${LOGCHECK_TMP} || ${MKDIR} -m 700 ${LOGCHECK_TMP}
+ ${CHOWN} root:wheel ${LOGCHECK_TMP}
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+ cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
+.endif
.include <bsd.port.mk>
diff --git a/security/logcheck/files/patch-aa b/security/logcheck/files/patch-aa
deleted file mode 100644
index 47b35dde4f4b..000000000000
--- a/security/logcheck/files/patch-aa
+++ /dev/null
@@ -1,81 +0,0 @@
---- Makefile.orig Sun Oct 31 07:07:29 1999
-+++ Makefile Thu Jan 20 09:14:40 2000
-@@ -5,13 +5,15 @@
- # Thanks to rbulling@obscure.org for cleaning this Makefile up..
- #
-
-+SYSTYPE=freebsd
-+
- # Generic compiler
-- CC = cc
-+ CC ?= cc
- # GNU..
- # CC = gcc
-
- # Normal systems flags
--CFLAGS = -O
-+CFLAGS ?= -O
- # Braindead HPUX compiler flags
- #CFLAGS = -O -Aa
-
-@@ -35,19 +37,7 @@
- # Debug mode for logtail
- # CFLAGS = -g -DDEBUG
-
--all:
-- @echo "Usage: make <systype>"
-- @echo "<systype> is one of: "
-- @echo " linux, bsdos, freebsd, sun, generic, hpux, digital"
-- @echo ""
-- @echo "NOTE: This will make and install the package in these"
-- @echo " directories:"
-- @echo " logcheck configuration files : $(INSTALLDIR)"
-- @echo " logcheck.sh shell script : $(INSTALLDIR_SH)"
-- @echo " logtail program : $(INSTALLDIR_BIN)"
-- @echo ""
-- @echo "Edit the makefile if you wish to change these paths."
-- @echo "Any existing files will be overwritten."
-+all: build
-
- clean:
- /bin/rm ./src/logtail ./src/logtail.o
-@@ -60,27 +50,29 @@
- /bin/rm $(INSTALLDIR)/logcheck.violations.ignore
- /bin/rm $(INSTALLDIR_BIN)/logtail
-
--install:
-+build:
- @echo "Making $(SYSTYPE)"
- $(CC) $(CFLAGS) -o ./src/logtail ./src/logtail.c
-+
-+install:
- @echo "Creating temp directory $(TMPDIR)"
- @if [ ! -d $(TMPDIR) ]; then /bin/mkdir $(TMPDIR); fi
- @echo "Setting temp directory permissions"
- chmod 700 $(TMPDIR)
- @echo "Copying files"
-- cp ./systems/$(SYSTYPE)/logcheck.hacking $(INSTALLDIR)
-- cp ./systems/$(SYSTYPE)/logcheck.violations $(INSTALLDIR)
-- cp ./systems/$(SYSTYPE)/logcheck.violations.ignore $(INSTALLDIR)
-- cp ./systems/$(SYSTYPE)/logcheck.ignore $(INSTALLDIR)
-- cp ./systems/$(SYSTYPE)/logcheck.sh $(INSTALLDIR_SH)
-+ cp ./systems/$(SYSTYPE)/logcheck.hacking $(INSTALLDIR)/logcheck.hacking.sample
-+ cp ./systems/$(SYSTYPE)/logcheck.violations $(INSTALLDIR)/logcheck.violations.sample
-+ cp ./systems/$(SYSTYPE)/logcheck.violations.ignore $(INSTALLDIR)/logcheck.violations.ignore.sample
-+ cp ./systems/$(SYSTYPE)/logcheck.ignore $(INSTALLDIR)/logcheck.ignore.sample
-+ cp ./systems/$(SYSTYPE)/logcheck.sh $(INSTALLDIR_SH)/logcheck.sh
- cp ./src/logtail $(INSTALLDIR_BIN)
- @echo "Setting permissions"
- chmod 700 $(INSTALLDIR_SH)/logcheck.sh
- chmod 700 $(INSTALLDIR_BIN)/logtail
-- chmod 600 $(INSTALLDIR)/logcheck.violations.ignore
-- chmod 600 $(INSTALLDIR)/logcheck.violations
-- chmod 600 $(INSTALLDIR)/logcheck.hacking
-- chmod 600 $(INSTALLDIR)/logcheck.ignore
-+ chmod 600 $(INSTALLDIR)/logcheck.violations.ignore.sample
-+ chmod 600 $(INSTALLDIR)/logcheck.violations.sample
-+ chmod 600 $(INSTALLDIR)/logcheck.hacking.sample
-+ chmod 600 $(INSTALLDIR)/logcheck.ignore.sample
- @echo "Done. Don't forget to set your crontab."
-
- generic:
diff --git a/security/logcheck/pkg-descr b/security/logcheck/pkg-descr
index 91ccbe4c5b7f..71abf6ac953e 100644
--- a/security/logcheck/pkg-descr
+++ b/security/logcheck/pkg-descr
@@ -1,14 +1,10 @@
Logcheck helps spot problems and security violations in your logfiles
automatically and will send the results to you in e-mail.
-Logcheck is part of the Abacus Project of security tools. It is a program
-created to help in the processing of UNIX system logfiles generated by the
-various Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper
-and Log Daemon packages, and the Firewall Toolkit(c) by Trusted Information
-Systems Inc.(TIS). Logcheck also works very well at reporting on other
-common operating system security violations and strange events.
-
-WWW: http://www.psionic.com/
+It is a program created to help in the processing of UNIX system logfiles
+generated by the various system daemons. Logcheck also works very well at
+reporting on other common operating system security violations and strange
+events.
- Dan Langille
dan@freebsddiary.org
diff --git a/security/logcheck/pkg-message b/security/logcheck/pkg-message
deleted file mode 100644
index 5dae1b02af91..000000000000
--- a/security/logcheck/pkg-message
+++ /dev/null
@@ -1,14 +0,0 @@
-----------------------------------------------------------------------------
-
- Remember to copy the sample files to the real file names.
- Here is an example what you need to do:
-
- cd %%PREFIX%%/etc/
- cp logcheck.ignore.sample logcheck.ignore
- cp logcheck.violations.ignore.sample logcheck.violations.ignore
- cp logcheck.violations.sample logcheck.violations
- cp logcheck.hacking.sample logcheck.hacking
-
- Note that logcheck is started with %%PREFIX%%/etc/logcheck.sh
-
-----------------------------------------------------------------------------
diff --git a/security/logcheck/pkg-plist b/security/logcheck/pkg-plist
index 8c321882f382..91f352dac5ed 100644
--- a/security/logcheck/pkg-plist
+++ b/security/logcheck/pkg-plist
@@ -1,8 +1,20 @@
bin/logtail
-etc/logcheck.hacking.sample
-etc/logcheck.ignore.sample
etc/logcheck.sh
-etc/logcheck.violations.ignore.sample
-etc/logcheck.violations.sample
-@dirrm var/tmp
-@dirrm var
+etc/logcheck.hacking
+etc/logcheck.ignore
+etc/logcheck.violations
+etc/logcheck.violations.ignore
+%%EXAMPLESDIR%%/logcheck.hacking
+%%EXAMPLESDIR%%/logcheck.ignore
+%%EXAMPLESDIR%%/logcheck.violations.ignore
+%%EXAMPLESDIR%%/logcheck.violations
+@dirrm %%EXAMPLESDIR%%
+%%PORTDOCS%%%%DOCSDIR%%/CREDITS
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/README.how.to.interpret
+%%PORTDOCS%%%%DOCSDIR%%/README.keywords
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
+@cwd /
+@exec test -d %%LOGCHECK_TMP%% || mkdir -m 700 %%LOGCHECK_TMP%% && chown root:wheel %%LOGCHECK_TMP%%
+@unexec rmdir %%LOGCHECK_TMP%% 2>/dev/null || true