From b30f31f2dd6af18495c9b0bea17830e2edcf73df Mon Sep 17 00:00:00 2001 From: wazuhci Date: Thu, 14 Oct 2021 15:58:33 +0000 Subject: [PATCH 1/4] Bumped version to 4.2.4 --- CHANGELOG.md | 3 + VERSION | 2 +- aix/SPECS/4.2.4/wazuh-agent-4.2.4-aix.spec | 382 +++ arch/SPECS/4.2.4/wazuh-agent/arch/PKGBUILD | 128 ++ .../4.2.4/wazuh-agent/arch/wazuh.install | 82 + .../4.2.4/wazuh-agent/arch/wazuh.sysusers | 2 + debs/SPECS/4.2.4/wazuh-agent/debian/changelog | 439 ++++ debs/SPECS/4.2.4/wazuh-agent/debian/compat | 1 + debs/SPECS/4.2.4/wazuh-agent/debian/conffiles | 0 debs/SPECS/4.2.4/wazuh-agent/debian/control | 14 + debs/SPECS/4.2.4/wazuh-agent/debian/copyright | 38 + debs/SPECS/4.2.4/wazuh-agent/debian/postinst | 188 ++ debs/SPECS/4.2.4/wazuh-agent/debian/postrm | 74 + debs/SPECS/4.2.4/wazuh-agent/debian/preinst | 85 + debs/SPECS/4.2.4/wazuh-agent/debian/prerm | 64 + debs/SPECS/4.2.4/wazuh-agent/debian/rules | 148 ++ .../4.2.4/wazuh-agent/debian/source/format | 1 + debs/SPECS/4.2.4/wazuh-agent/debian/templates | 4 + .../debian/wazuh-agent.lintian-overrides | 9 + .../4.2.4/wazuh-manager/debian/changelog | 376 +++ debs/SPECS/4.2.4/wazuh-manager/debian/compat | 1 + .../4.2.4/wazuh-manager/debian/conffiles | 0 debs/SPECS/4.2.4/wazuh-manager/debian/control | 15 + .../4.2.4/wazuh-manager/debian/copyright | 38 + .../SPECS/4.2.4/wazuh-manager/debian/postinst | 288 +++ debs/SPECS/4.2.4/wazuh-manager/debian/postrm | 89 + debs/SPECS/4.2.4/wazuh-manager/debian/preinst | 151 ++ debs/SPECS/4.2.4/wazuh-manager/debian/prerm | 85 + debs/SPECS/4.2.4/wazuh-manager/debian/rules | 205 ++ .../4.2.4/wazuh-manager/debian/source/format | 1 + .../debian/wazuh-manager.lintian-overrides | 9 + macos/package_files/4.2.4/build.sh | 79 + macos/package_files/4.2.4/postinstall.sh | 124 + macos/package_files/4.2.4/preinstall.sh | 228 ++ macos/specs/4.x/wazuh-agent-4.2.4.pkgproj | 1238 ++++++++++ rpms/SPECS/4.2.4/wazuh-agent-4.2.4.spec | 732 ++++++ rpms/SPECS/4.2.4/wazuh-manager-4.2.4.spec | 986 ++++++++ .../SPECS/template_agent_v4.2.4.json | 2043 +++++++++++++++++ .../all-in-one-installation.sh | 2 +- .../distributed/elastic-stack-installation.sh | 2 +- .../distributed/elastic-stack-installation.sh | 2 +- .../distributed/wazuh-server-installation.sh | 2 +- .../unattended-installation.sh | 2 +- 43 files changed, 8356 insertions(+), 6 deletions(-) create mode 100644 aix/SPECS/4.2.4/wazuh-agent-4.2.4-aix.spec create mode 100644 arch/SPECS/4.2.4/wazuh-agent/arch/PKGBUILD create mode 100644 arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.install create mode 100644 arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.sysusers create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/changelog create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/compat create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/conffiles create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/control create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/copyright create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/postinst create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/postrm create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/preinst create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/prerm create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/rules create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/source/format create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/templates create mode 100644 debs/SPECS/4.2.4/wazuh-agent/debian/wazuh-agent.lintian-overrides create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/changelog create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/compat create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/conffiles create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/control create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/copyright create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/postinst create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/postrm create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/preinst create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/prerm create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/rules create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/source/format create mode 100644 debs/SPECS/4.2.4/wazuh-manager/debian/wazuh-manager.lintian-overrides create mode 100755 macos/package_files/4.2.4/build.sh create mode 100755 macos/package_files/4.2.4/postinstall.sh create mode 100755 macos/package_files/4.2.4/preinstall.sh create mode 100644 macos/specs/4.x/wazuh-agent-4.2.4.pkgproj create mode 100644 rpms/SPECS/4.2.4/wazuh-agent-4.2.4.spec create mode 100644 rpms/SPECS/4.2.4/wazuh-manager-4.2.4.spec create mode 100644 solaris/solaris11/SPECS/template_agent_v4.2.4.json diff --git a/CHANGELOG.md b/CHANGELOG.md index f98b0df6df..d7d68480a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,9 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.2.4] + +- Update SPECS [#927](https://github.com/wazuh/wazuh-packages/pull/927) ## [v4.2.3] - Update SPECS [#915](https://github.com/wazuh/wazuh-packages/pull/915) diff --git a/VERSION b/VERSION index ec87108d82..74ecad8a34 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.2.3 \ No newline at end of file +4.2.4 \ No newline at end of file diff --git a/aix/SPECS/4.2.4/wazuh-agent-4.2.4-aix.spec b/aix/SPECS/4.2.4/wazuh-agent-4.2.4-aix.spec new file mode 100644 index 0000000000..bbc330d950 --- /dev/null +++ b/aix/SPECS/4.2.4/wazuh-agent-4.2.4-aix.spec @@ -0,0 +1,382 @@ +# Spec file for AIX systems +Name: wazuh-agent +Version: 4.2.4 +Release: 1 +License: GPL +URL: https://www.wazuh.com/ +Vendor: Wazuh, Inc +Packager: Wazuh, Inc +Summary: The Wazuh agent, used for threat detection, incident response and integrity monitoring. + +Group: System Environment/Daemons +AutoReqProv: no +Source0: %{name}-%{version}.tar.gz +Conflicts: ossec-hids ossec-hids-agent wazuh-manager wazuh-local +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +BuildRequires: coreutils automake autoconf libtool + +%description +Wazuh is an open source security monitoring solution for threat detection, integrity monitoring, incident response and compliance. + +%prep +%setup -q +deps_version=`cat src/Makefile | grep "DEPS_VERSION =" | cut -d " " -f 3` +cd src && gmake clean && gmake deps RESOURCES_URL=http://packages.wazuh.com/deps/${deps_version} TARGET=agent +gmake TARGET=agent USE_SELINUX=no +cd .. + +%install +# Clean BUILDROOT +rm -fr %{buildroot} + +echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf +echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf +echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf +echo 'USER_DIR="%{_localstatedir}"' >> ./etc/preloaded-vars.conf +echo 'USER_DELETE_DIR="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_ACTIVE_RESPONSE="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_SYSCHECK="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_ROOTCHECK="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_CISCAT="n"' >> ./etc/preloaded-vars.conf +echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf +echo 'USER_AGENT_SERVER_IP="MANAGER_IP"' >> ./etc/preloaded-vars.conf +echo 'USER_CA_STORE="/path/to/my_cert.pem"' >> ./etc/preloaded-vars.conf +echo 'USER_AUTO_START="n"' >> ./etc/preloaded-vars.conf +./install.sh + +# Remove unnecessary files or directories +rm -rf %{_localstatedir}/selinux + +# Create directories +mkdir -p ${RPM_BUILD_ROOT}%{_init_scripts} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh + +# Copy the files into RPM_BUILD_ROOT directory +sed "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-aix.init > src/init/templates/ossec-hids-aix.init.tmp +mv src/init/templates/ossec-hids-aix.init.tmp src/init/templates/ossec-hids-aix.init +install -m 0750 src/init/templates/ossec-hids-aix.init ${RPM_BUILD_ROOT}%{_init_scripts}/wazuh-agent +cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ + +# Add configuration scripts +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/ +cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/ +cp add_localfiles.sh ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/ + +# Support files for dynamic creation of configuraiton file +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic +cp -pr etc/templates/config/generic/* ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic/localfile-logs +cp -pr etc/templates/config/generic/localfile-logs/* ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic/localfile-logs + +# Support scripts for post installation +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/init +cp src/init/*.sh ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/init + +# Add installation scripts +cp src/VERSION ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/ +cp src/REVISION ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/ + +exit 0 + +%pre + +# Create ossec user and group +if ! grep "^ossec:" /etc/group > /dev/null 2>&1; then + /usr/bin/mkgroup ossec +fi +if ! grep "^ossec" /etc/passwd > /dev/null 2>&1; then + /usr/sbin/useradd ossec + /usr/sbin/usermod -G ossec ossec +fi + +# Remove existent config file and notify user for new installations +if [ $1 = 1 ]; then + if [ -f %{_localstatedir}/etc/ossec.conf ]; then + echo "A backup from your ossec.conf has been created at %{_localstatedir}/etc/ossec.conf.rpmorig" + echo "Please verify your ossec.conf configuration at %{_localstatedir}/etc/ossec.conf" + mv %{_localstatedir}/etc/ossec.conf %{_localstatedir}/etc/ossec.conf.rpmorig + fi +fi + +if [ $1 = 2 ]; then + if /etc/rc.d/init.d/wazuh-agent status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + /etc/rc.d/init.d/wazuh-agent stop > /dev/null 2>&1 || : + touch %{_localstatedir}/tmp/wazuh.restart + fi + %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 +fi + +if [ $1 = 2 ]; then + if [ -d %{_localstatedir}/logs/ossec ]; then + cp -rp %{_localstatedir}/logs/ossec %{_localstatedir}/tmp/logs/wazuh > /dev/null 2>&1 + rm -rf %{_localstatedir}/logs/ossec/* + rm -rf %{_localstatedir}/logs/ossec/.??* + fi + + if [ -d %{_localstatedir}/queue/ossec ]; then + cp -rp %{_localstatedir}/queue/ossec %{_localstatedir}/tmp/queue/sockets > /dev/null 2>&1 + rm -rf %{_localstatedir}/queue/ossec/* + rm -rf %{_localstatedir}/queue/ossec/.??* + fi +fi + +%post + +if [ $1 = 2 ]; then + if [ -d %{_localstatedir}/tmp/logs/wazuh ]; then + rm -rf %{_localstatedir}/logs/wazuh + mv %{_localstatedir}/tmp/logs/ossec %{_localstatedir}/logs/wazuh> /dev/null 2>&1 + fi + + if [ -d %{_localstatedir}/tmp/queue/sockets ]; then + rm -rf %{_localstatedir}/queue/sockets + mv %{_localstatedir}/tmp/queue/ossec %{_localstatedir}/queue/sockets > /dev/null 2>&1 + fi +fi + +# New installations +if [ $1 = 1 ]; then + + # Generating ossec.conf file + . %{_localstatedir}/tmp/src/init/dist-detect.sh + %{_localstatedir}/tmp/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} %{_localstatedir} > %{_localstatedir}/etc/ossec.conf + + # Add default local_files to ossec.conf + %{_localstatedir}/tmp/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf + + # Restore Wazuh manager configuration + if [ -f %{_localstatedir}/etc/ossec.conf.rpmorig ]; then + %{_localstatedir}/tmp/src/init/replace_manager_ip.sh %{_localstatedir}/etc/ossec.conf.rpmorig %{_localstatedir}/etc/ossec.conf + fi + + # Fix for AIX: netstat command + sed 's/netstat -tulpn/netstat -tu/' %{_localstatedir}/etc/ossec.conf > %{_localstatedir}/etc/ossec.conf.tmp + mv %{_localstatedir}/etc/ossec.conf.tmp %{_localstatedir}/etc/ossec.conf + sed 's/sort -k 4 -g/sort -n -k 4/' %{_localstatedir}/etc/ossec.conf > %{_localstatedir}/etc/ossec.conf.tmp + mv %{_localstatedir}/etc/ossec.conf.tmp %{_localstatedir}/etc/ossec.conf + + # Generate the active-responses.log file + touch %{_localstatedir}/logs/active-responses.log + chown ossec:ossec %{_localstatedir}/logs/active-responses.log + chmod 0660 %{_localstatedir}/logs/active-responses.log + + %{_localstatedir}/tmp/src/init/register_configure_agent.sh %{_localstatedir} > /dev/null || : + +fi +chown root:ossec %{_localstatedir}/etc/ossec.conf +ln -fs /etc/rc.d/init.d/wazuh-agent /etc/rc.d/rc2.d/S97wazuh-agent +ln -fs /etc/rc.d/init.d/wazuh-agent /etc/rc.d/rc3.d/S97wazuh-agent + +rm -rf %{_localstatedir}/tmp/etc +rm -rf %{_localstatedir}/tmp/src +rm -f %{_localstatedir}/tmp/add_localfiles.sh + +chmod 0660 %{_localstatedir}/etc/ossec.conf + +if [ -f %{_localstatedir}/tmp/wazuh.restart ]; then + rm -f %{_localstatedir}/tmp/wazuh.restart + /etc/rc.d/init.d/wazuh-agent restart > /dev/null 2>&1 || : +fi + +%preun + +if [ $1 = 0 ]; then + + /etc/rc.d/init.d/wazuh-agent stop > /dev/null 2>&1 || : + rm -f %{_localstatedir}/queue/sockets/* + rm -f %{_localstatedir}/queue/sockets/.agent_info || : + rm -f %{_localstatedir}/queue/sockets/.wait || : + rm -f %{_localstatedir}/queue/diff/* + rm -f %{_localstatedir}/queue/alerts/* + rm -f %{_localstatedir}/queue/rids/* + +fi + + +%postun + +# Remove ossec user and group +if [ $1 = 0 ];then + if grep "^ossec" /etc/passwd > /dev/null 2>&1; then + userdel ossec + fi + if grep "^ossec:" /etc/group > /dev/null 2>&1; then + rmgroup ossec + fi + + rm -rf %{_localstatedir}/ruleset +fi + + +%clean +rm -fr %{buildroot} + +%files +%{_init_scripts}/* + +%dir %attr(750,root,ossec) %{_localstatedir} +%attr(750,root,ossec) %{_localstatedir}/agentless +%dir %attr(770,root,ossec) %{_localstatedir}/.ssh +%dir %attr(750,root,ossec) %{_localstatedir}/active-response +%dir %attr(750,root,ossec) %{_localstatedir}/active-response/bin +%attr(750,root,ossec) %{_localstatedir}/active-response/bin/* +%dir %attr(750,root,system) %{_localstatedir}/bin +%attr(750,root,system) %{_localstatedir}/bin/* +%dir %attr(750,root,ossec) %{_localstatedir}/backup +%dir %attr(770,ossec,ossec) %{_localstatedir}/etc +%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/client.keys +%attr(640,root,ossec) %{_localstatedir}/etc/internal_options* +%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/local_internal_options.conf +%attr(660,root,ossec) %config(noreplace) %{_localstatedir}/etc/ossec.conf +%attr(640,root,ossec) %{_localstatedir}/etc/wpk_root.pem +%dir %attr(770,root,ossec) %{_localstatedir}/etc/shared +%attr(660,root,ossec) %config(missingok,noreplace) %{_localstatedir}/etc/shared/* +%dir %attr(750,root,system) %{_localstatedir}/lib +%attr(750,root,ossec) %{_localstatedir}/lib/* +%dir %attr(770,ossec,ossec) %{_localstatedir}/logs +%attr(660,ossec,ossec) %ghost %{_localstatedir}/logs/active-responses.log +%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.log +%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.json +%dir %attr(750,ossec,ossec) %{_localstatedir}/logs/wazuh +%dir %attr(750,root,ossec) %{_localstatedir}/queue +%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/sockets +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/diff +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim/db +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector/db +%attr(640, root,ossec) %{_localstatedir}/queue/syscollector/norm_config.json +%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/alerts +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/rids +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/logcollector +%dir %attr(750, ossec, ossec) %{_localstatedir}/ruleset/sca +%dir %attr(1750,root,ossec) %{_localstatedir}/tmp +%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/add_localfiles.sh +%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/gen_ossec.sh +%dir %attr(1750,root,ossec) %config(missingok) %{_localstatedir}/tmp/etc/templates +%dir %attr(1750,root,ossec) %config(missingok) %{_localstatedir}/tmp/etc/templates/config +%dir %attr(1750,root,ossec) %config(missingok) %{_localstatedir}/tmp/etc/templates/config/generic +%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/etc/templates/config/generic/*.template +%dir %attr(1750,root,ossec) %config(missingok) /var/ossec/tmp/etc/templates/config/generic/localfile-logs +%attr(750,root,system) %config(missingok) /var/ossec/tmp/etc/templates/config/generic/localfile-logs/*.template +%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/src/* +%dir %attr(750,root,ossec) %{_localstatedir}/var +%dir %attr(770,root,ossec) %{_localstatedir}/var/incoming +%dir %attr(770,root,ossec) %{_localstatedir}/var/run +%dir %attr(770,root,ossec) %{_localstatedir}/var/upgrade +%dir %attr(770,root,ossec) %{_localstatedir}/var/wodles +%dir %attr(750,root,ossec) %{_localstatedir}/wodles +%attr(750,root,ossec) %{_localstatedir}/wodles/* + + +%changelog +* Thu Oct 21 2021 support - 4.2.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Oct 06 2021 support - 4.2.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Sep 28 2021 support - 4.2.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Sep 25 2021 support - 4.2.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 26 2021 support - 4.2.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Apr 24 2021 support - 3.13.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 22 2021 support - 4.1.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Mar 29 2021 support - 4.1.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Mar 20 2021 support - 4.1.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Mar 08 2021 support - 4.1.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Mar 05 2021 support - 4.1.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 19 2021 support - 4.1.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 30 2020 support - 4.0.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 23 2020 support - 4.0.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Oct 31 2020 support - 4.0.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 19 2020 support - 4.0.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Aug 21 2020 support - 3.13.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jul 14 2020 support - 3.13.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 29 2020 support - 3.13.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 13 2020 support - 3.12.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Apr 9 2020 support - 3.12.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Apr 8 2020 support - 3.12.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Mar 25 2020 support - 3.12.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Feb 24 2020 support - 3.11.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 22 2020 support - 3.11.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 7 2020 support - 3.11.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Dec 26 2019 support - 3.11.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 7 2019 support - 3.11.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 23 2019 support - 3.10.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Sep 19 2019 support - 3.10.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Aug 26 2019 support - 3.10.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Aug 8 2019 support - 3.9.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jul 12 2019 support - 3.9.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jul 02 2019 support - 3.9.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 11 2019 support - 3.9.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 01 2019 support - 3.9.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Feb 25 2019 support - 3.9.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 30 2019 support - 3.8.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Jan 24 2019 support - 3.8.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Jan 18 2019 support - 3.8.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Nov 7 2018 support - 3.7.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 10 2018 support - 3.6.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Sep 7 2018 support - 3.6.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jul 25 2018 support - 3.5.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jul 11 2018 support - 3.4.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 18 2018 support - 3.3.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 11 2018 support - 3.3.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 30 2018 support - 3.2.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu May 10 2018 support - 3.2.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 09 2018 support - 3.2.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Feb 21 2018 support - 3.2.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Feb 07 2018 support - 3.2.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Dec 21 2017 support - 3.1.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 06 2017 support - 3.0.0 +- More info: https://documentation.wazuh.com/current/release-notes/ diff --git a/arch/SPECS/4.2.4/wazuh-agent/arch/PKGBUILD b/arch/SPECS/4.2.4/wazuh-agent/arch/PKGBUILD new file mode 100644 index 0000000000..368db81955 --- /dev/null +++ b/arch/SPECS/4.2.4/wazuh-agent/arch/PKGBUILD @@ -0,0 +1,128 @@ +pkgname=wazuh-agent +pkgver=PARAM_VERSION +pkgrel=PARAM_RELEASE +pkgdesc="Wazuh agent" +arch=(x86_64) +url='https://github.com/wazuh/wazuh' +license=(GPL2) +source=('PARAM_SOURCE_FILE' + 'wazuh.sysusers') +sha512sums=('SKIP' + 'adce723356b0b533854700d4c367cedf4caba13146e1b754d60e72939d301d248a48f7b61d82c9104616f1e7720e4712cca9f37d3d4de37f1d0b5581c159f3d6') +depends=('python' 'brotli') +noextract=('PARAM_SOURCE_FILE') +backup=('PARAM_INSTALLATION_BACKUP_DIR/etc/client.keys' + 'PARAM_INSTALLATION_BACKUP_DIR/etc/local_internal_options.conf' + 'PARAM_INSTALLATION_BACKUP_DIR/etc/ossec.conf') +install=wazuh.install + +build() { + mkdir -p ${srcdir}/wazuh + tar xzf ${srcdir}/"PARAM_SOURCE_FILE" -C ${srcdir}/wazuh + cd ${srcdir}/wazuh + make -C src deps + make -jPARAM_JOBS -C src TARGET=agent DEBUG=PARAM_DEBUG PREFIX="PARAM_INSTALLATION_DIR" + + rm -f /tmp/fake-install.saved + USER_LANGUAGE="en" \ + USER_NO_STOP="y" \ + USER_INSTALL_TYPE="agent" \ + USER_DIR="PARAM_INSTALLATION_DIR" \ + USER_DELETE_DIR="n" \ + USER_ENABLE_ACTIVE_RESPONSE="y" \ + USER_ENABLE_SYSCHECK="y" \ + USER_ENABLE_ROOTCHECK="y" \ + USER_ENABLE_OPENSCAP="y" \ + USER_ENABLE_CISCAT="y" \ + USER_ENABLE_SYSCOLLECTOR="y" \ + USER_UPDATE="n" \ + USER_AGENT_SERVER_IP="MANAGER_IP" \ + USER_CA_STORE="/path/to/my_cert.pem" \ + USER_AUTO_START="n" \ + fakeroot ./install.sh + + echo "#!/bin/sh" > ${srcdir}/wazuh/fix_owner.sh + cat /tmp/fake-install.saved >> ${srcdir}/wazuh/fix_owner.sh + chmod +x ${srcdir}/wazuh/fix_owner.sh +} + +package() { + install -Dm0644 ${srcdir}/wazuh.sysusers ${pkgdir}/usr/lib/sysusers.d/wazuh.conf + cd ${srcdir}/wazuh + + # Copying systemd file + mkdir -p ${pkgdir}/usr/lib/systemd/system/ + install -m 0644 src/init/templates/wazuh-agent.service ${pkgdir}/usr/lib/systemd/system/ + + # Generating permission restoration file for postinstall + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR" + + # Remove preinstalled log files + rm -rf "PARAM_INSTALLATION_DIR"/logs/*.log + rm -rf "PARAM_INSTALLATION_DIR"/logs/*.json + + # Clean the preinstalled configuration assesment files + rm -rf ${pkgdir}/"PARAM_INSTALLATION_DIR"/ruleset/sca + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_DIR"/ruleset/sca + + # Copying to target + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_DIR"/ + cp -rp "PARAM_INSTALLATION_DIR"/. ${pkgdir}/"PARAM_INSTALLATION_DIR"/ + + # Copying install scripts to /usr/share + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ + cp -p gen_ossec.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ + cp -p add_localfiles.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ + cp -p fix_owner.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR" + + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src + + # Install configuration assesment files and files templates + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/applications + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/amzn/1 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/amzn/2 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/5 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/6 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/7 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/15 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/16 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/17 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/18 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/7 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/8 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/9 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/5 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/6 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/7 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sles/11 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sles/12 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sunos + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/suse/11 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/suse/12 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/12/04 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/14/04 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/16/04 + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/windows + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sunos/5/11 + + cp -r ruleset/sca/* ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca + + cp etc/templates/config/generic/sca.files ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic + cp etc/templates/config/generic/sca.manager.files ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic + + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src/init + cp -r src/init/* ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src/init + + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/generic + cp -r etc/templates/config/generic ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ + + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/debian + cp -r etc/templates/config/debian ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ + + mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ubuntu + cp -r etc/templates/config/ubuntu ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ + + # Generate ossec-init.conf + ./gen_ossec.sh conf agent $(lsb_release -si) $(lsb_release -sr) "PARAM_INSTALLATION_DIR" > ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ossec-init.conf +} diff --git a/arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.install b/arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.install new file mode 100644 index 0000000000..8eb3a6c675 --- /dev/null +++ b/arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.install @@ -0,0 +1,82 @@ +DIR="PARAM_INSTALLATION_DIR" +SCRIPTS_DIR="PARAM_INSTALLATION_SCRIPTS_DIR" +SCA_BASE_DIR="${SCRIPTS_DIR}/sca" +USER="ossec" +GROUP="ossec" + +common() { + # Install the SCA files + if [ -d "${SCA_BASE_DIR}" ]; then + + . ${SCRIPTS_DIR}/src/init/dist-detect.sh + + SCA_DIR="${DIST_NAME}/${DIST_VER}" + + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" + mkdir -p ${DIR}/ruleset/sca + + # Install the configuration files needed for this hosts + if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" + elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" + elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" + else + SCA_TMP_DIR="${SCA_BASE_DIR}/generic" + fi + + SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" + + if [ -r ${SCA_TMP_FILE} ]; then + + for sca_file in $(cat ${SCA_TMP_FILE}); do + cp ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca + done + fi + + # Set correct permissions, owner and group + chmod 640 ${DIR}/ruleset/sca/* + chown root:${GROUP} ${DIR}/ruleset/sca/* + + fi + + touch ${DIR}/logs/active-responses.log + chown ossec:ossec ${DIR}/logs/active-responses.log + chmod 0660 ${DIR}/logs/active-responses.log + + # Register and configure agent if Wazuh environment variables are defined + if [ -z "$2" ] ; then + ${SCRIPTS_DIR}/src/init/register_configure_agent.sh > /dev/null || : + fi + + # Restoring file permissions + ${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || : + + # Fix /etc/ossec-init.conf + chmod 640 /etc/ossec-init.conf + chown root:ossec /etc/ossec-init.conf + ${SCRIPTS_DIR}/fix_owner.sh 2>/dev/null +} + +post_upgrade() { + ${SCRIPTS_DIR}/gen_ossec.sh conf agent Arch rolling > ${DIR}/etc/ossec.conf.new + chmod 660 ${DIR}/etc/ossec.conf.new + + common +} + +post_install() { + if ! getent group | grep -q "^ossec" ; then + systemd-sysusers + fi + + if [ -f ${SCRIPTS_DIR}/ossec-init.conf ] ; then + cp ${SCRIPTS_DIR}/ossec-init.conf /etc/ossec-init.conf + fi + + ${SCRIPTS_DIR}/gen_ossec.sh conf agent Arch rolling > ${DIR}/etc/ossec.conf + ${SCRIPTS_DIR}/add_localfiles.sh >> ${DIR}/etc/ossec.conf + + common +} diff --git a/arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.sysusers b/arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.sysusers new file mode 100644 index 0000000000..0c3f362b47 --- /dev/null +++ b/arch/SPECS/4.2.4/wazuh-agent/arch/wazuh.sysusers @@ -0,0 +1,2 @@ +u ossec - - - +g ossec - - - diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/changelog b/debs/SPECS/4.2.4/wazuh-agent/debian/changelog new file mode 100644 index 0000000000..d8de0c7de5 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/changelog @@ -0,0 +1,439 @@ +wazuh-agent (4.2.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 21 Oct 2021 15:57:51 +0000 + +wazuh-agent (4.2.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 06 Oct 2021 15:07:13 +0000 + +wazuh-agent (4.2.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 28 Sep 2021 08:58:38 +0000 + +wazuh-agent (4.2.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 25 Sep 2021 07:04:22 +0000 + +wazuh-agent (4.2.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 26 Apr 2021 11:51:55 +0000 + +wazuh-agent (4.1.5-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 22 Apr 2021 16:50:05 +0000 + +wazuh-agent (4.1.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 29 Mar 2021 16:23:09 +0000 + +wazuh-agent (4.1.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 20 Mar 2021 13:41:26 +0000 + +wazuh-agent (4.1.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 08 Mar 2021 14:00:25 +0000 + +wazuh-agent (4.1.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 05 Mar 2021 13:24:41 +0000 + +wazuh-agent (4.1.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 19 Jan 2021 06:25:59 +0000 + + wazuh-agent (4.0.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 12 Jan 2021 09:30:15 +0000 + +wazuh-agent (4.0.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 30 Nov 2020 10:00:15 +0000 + +wazuh-agent (4.0.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 23 Nov 2020 12:16:36 +0000 + +wazuh-agent (4.0.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 31 Oct 2020 12:16:36 +0000 + +wazuh-agent (4.0.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 19 Oct 2020 06:59:39 +0000 + +wazuh-agent (3.13.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 24 Apr 2021 07:01:55 +0000 + +wazuh-agent (3.13.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 21 Aug 2020 10:05:02 +0000 + +wazuh-agent (3.13.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 14 Jul 2020 10:05:02 +0000 + +wazuh-agent (3.13.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 29 Jun 2020 10:05:02 +0000 + +wazuh-agent (3.12.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 9 Apr 2020 08:47:14 +0000 + +wazuh-agent (3.12.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 8 Apr 2020 16:12:28 +0000 + +wazuh-agent (3.12.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 25 Mar 2020 10:20:48 +0000 + +wazuh-agent (3.11.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 24 Feb 2020 10:01:00 +0000 + +wazuh-agent (3.11.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 22 Jan 2020 10:01:00 +0000 + +wazuh-agent (3.11.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 7 Jan 2020 10:01:00 +0000 + +wazuh-agent (3.11.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 26 Dec 2019 13:33:00 +0000 + +wazuh-agent (3.11.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 7 Oct 2019 13:33:00 +0000 + +wazuh-agent (3.10.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 23 Sep 2019 10:19:00 +0000 + +wazuh-agent (3.10.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 19 Sep 2019 13:33:00 +0000 + +wazuh-agent (3.10.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 26 Aug 2019 13:33:00 +0000 + +wazuh-agent (3.9.5-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 8 Aug 2019 16:31:00 +0000 + +wazuh-agent (3.9.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 12 Jul 2019 16:31:00 +0000 + +wazuh-agent (3.9.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 11 Jun 2019 16:31:00 +0000 + +wazuh-agent (3.9.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 6 Jun 2019 13:33:00 +0000 + +wazuh-agent (3.9.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 6 May 2019 13:33:00 +0000 + +wazuh-agent (3.9.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 25 Feb 2019 11:00:00 +0000 + +wazuh-agent (3.8.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 30 Jan 2019 11:00:00 +0000 + +wazuh-agent (3.8.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 24 Jan 2019 09:28:34 +0000 + +wazuh-agent (3.8.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 16 Jan 2019 11:00:00 +0000 + +wazuh-agent (3.7.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 10 Dec 2018 11:00:00 +0000 + +wazuh-agent (3.7.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 12 Nov 2018 11:00:00 +0000 + +wazuh-agent (3.7.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 10 Nov 2018 11:00:00 +0000 + +wazuh-agent (3.6.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 3 Sep 2018 11:00:00 +0000 + +wazuh-agent (3.6.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 24 Aug 2018 11:00:00 +0000 + +wazuh-agent (3.5.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 25 Jul 2018 20:12:41 +0000 + +wazuh-agent (3.4.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 28 Jun 2018 20:12:41 +0000 + +wazuh-agent (3.3.1-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 14 Jun 2018 9:29:41 +0000 + +wazuh-agent (3.3.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 07 Jun 2018 10:00:31 +0000 + +wazuh-agent (3.2.4-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 30 May 2018 12:44:31 +0000 + +wazuh-agent (3.2.3-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 15 May 2018 12:35:30 +0000 + +wazuh-agent (3.2.2-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 13 Mar 2018 12:35:30 +0000 + +wazuh-agent (3.2.1-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 21 Feb 2018 15:26:30 +0000 + +wazuh-agent (3.2.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 11 Dec 2017 15:19:24 +0000 + + +wazuh-agent (3.1.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 19 Dec 2017 08:00:10 +0000 + + +wazuh-agent (3.0.0-2) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 01 Nov 2017 08:00:10 +0000 + +wazuh-agent (2.1.1-1) stable; urgency=low + + * Labels configuration for agents to show data on alerts. + * Added group property for agents to customize shared files set. + * Send shared files to multiple agents in parallel. + * New decoder plugin for logs in JSON format with dynamic fields definition. + * Brought framework from API to Wazuh project. + * Show merged files MD5 checksum by agent_control and framework. + * New reliable request protocol for manager-agent communication. + * Remote agent upgrades with signed WPK packages. + * Added option for Remoted to prevent it from writing shared merged file. + * Added state for Agentd and Windows agent to notify connection state and metrics. + * Added new json log format for local file monitoring. + * Added OpenSCAP SSG datastream content for Ubuntu Trusty Tahr. + * Increased shared file delivery speed when using TCP. + * Increased TCP listening socket backlog. + * Changed Windows agent UI panel to show revision number instead of installation date. + * Group every decoded field (static and dynamic fields-1) into a data object for JSON alerts. + * Reload shared files by Remoted every 10 minutes. + * Increased string size limit for XML reader to 4096 bytes. + * Updated Logstash configuration and Elasticsearch mappings. + * Changed template fields structure for Kibana dashboards. + * Increased dynamic field limit to 1024, and default to 256. + * Changed agent buffer 'length' parameter to 'queue_size'. + * Changed some Rootcheck error messages to verbose logs. + * Removed unnecessary message by manage_agents advising to restart Wazuh manager. + * Fixed wrong queries to get last Syscheck and Rootcheck date. + * Prevent Logcollector keep-alives from being stored on archives.json. + * Fixed length of random message within keep-alives. + * Fixed Windows version detection for Windows 8 and newer. + * Fixed incorrect CIDR writing on client.keys by Authd. + * Fixed missing buffer flush by Analysisd when updating Rootcheck database. + * Stop Wazuh service before removing folder to reinstall. + + -- Wazuh, Inc Mon, 01 Aug 2016 08:00:10 +0000 + +wazuh-agent (2.1.0-1) stable; urgency=low + + * Rotate and compress log feature. + * Labeling data for agents to be shown in alerts. + * New 'auth' configuration template. + * Make manage_agents capable of add and remove agents via Authd. + * Implemented XML configuration for Authd. + * Option -F for Authd to force insertion if it finds duplicated name. + * Local auth client to manage agent keys. + * Added OS name and version into global.db. + * Option for logging in JSON format. + * Allow maild to send through a sendmail-like executable (by James Le Cuirot). + * Leaky bucket-like buffer for agents to prevent network flooding. + * Allow Syslog client to read JSON alerts. + * Allow Mail reporter to read JSON alerts. + * Added internal option to tune Rootcheck sleep time. + * Added route-null Active Response script for Windows 2012 (by @CrazyLlama). + * Updated SQLite library to 3.19.2. + * Updated zlib to 1.2.11. + * Updated cJSON library to 1.4.7. + * Change some manage_agents option parameters. + * Run Auth in background by default. + * Log classification as debug, info, warning, error and critical. + * Limit number of reads per cycle by Logcollector to prevent log starvation. + * Limit OpenSCAP module's event forwarding speed. + * Increased debug level of repeated Rootcheck messages. + * Send events when OpenSCAP starts and finishes scans. + * Delete PID files when a process exits not due to a signal. + * Change error messages due to SSL handshake failure to debug messages. + * Force group addition on installation for compatibility with LDAP (thanks to Gary Feltham). + * Fixed compiling error on systems with no OpenSSL. + * Fixed compiling warning at manage_agents. + * Fixed ossec-control enable/disable help message. + * Fixed unique aperture of random device on Unix. + * Fixed file sum comparison bug at Syscheck realtime engine. (Thanks to Arshad Khan) + * Close analysisd if alert outputs are disabled for all formats. + * Read Windows version name for versions newer than Windows 8 / Windows Server 2012. + * Fixed error in Analysisd that wrote Syscheck and Rootcheck databases of re-added agents on deleted files. + * Fixed internal option to configure the maximum labels' cache time. + * Fixed Auth password parsing on client side. + * Fix bad agent ID assignation in Authd on i686 architecture. + * Fixed Logcollector misconfiguration in Windows agents. + + -- Wazuh, Inc Mon, 01 Jul 2016 08:43:10 +0000 + +wazuh-agent (2.0.1-1) stable; urgency=low + + * Changed random data generator for a secure OS-provided generator. + * Changed Windows installer file name (depending on version). + * Linux distro detection using standard os-release file. + * Changed some URLs to documentation. + * Disable synchronization with SQLite databases for Syscheck by default. + * Minor changes at Rootcheck formatter for JSON alerts. + * Added debugging messages to Integrator logs. + * Show agent ID when possible on logs about incorrectly formatted messages. + * Use default maximum inotify event queue size. + * Show remote IP on encoding format errors when unencrypting messages. + + -- Wazuh, Inc Thu, 06 Jun 2017 08:43:10 +0000 + +wazuh-agent (2.0-1) stable; urgency=low + + * Wazuh-agent - base 2.0 + + -- Wazuh, Inc Mon, 30 Sep 2016 08:43:10 +0000 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/compat b/debs/SPECS/4.2.4/wazuh-agent/debian/compat new file mode 100644 index 0000000000..7f8f011eb7 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/conffiles b/debs/SPECS/4.2.4/wazuh-agent/debian/conffiles new file mode 100644 index 0000000000..e69de29bb2 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/control b/debs/SPECS/4.2.4/wazuh-agent/debian/control new file mode 100644 index 0000000000..c6c6cb0b1d --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/control @@ -0,0 +1,14 @@ +Source: wazuh-agent +Section: admin +Priority: extra +Maintainer: Wazuh, Inc +Build-Depends: debhelper (>= 7.0.50~), make, gcc, linux-libc-dev, gawk, libaudit-dev, selinux-basics +Standards-Version: 3.8.4 +Homepage: https://www.wazuh.com + +Package: wazuh-agent +Architecture: any +Depends: ${shlibs:Depends}, libc6 (>= 2.7), lsb-release, debconf, adduser +Conflicts: ossec-hids-agent, wazuh-manager, ossec-hids, wazuh-api +Breaks: ossec-hids-agent, wazuh-manager, ossec-hids +Description: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/copyright b/debs/SPECS/4.2.4/wazuh-agent/debian/copyright new file mode 100644 index 0000000000..710a27bb6d --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/copyright @@ -0,0 +1,38 @@ +This work was packaged for Debian by: + + Wazuh, Inc on Thu, 21 Oct 2021 15:57:51 +0000 + +It was downloaded from: + + https://www.wazuh.com + +Upstream Authors: + + dcid@dcid.me + Jia-BingJB_Cheng@trendmicro.com + vichargrave@gmail.com + ossec@michaelstarks.com + ddpbsd@gmail.com + scott@atomicorp.com + brad.lhotsky@gmail.com + jeremy@jeremyrossy.com + santiago.bassett@gmail.com + pedro@wazuh.com + alberto.rodriguez@wazuh.com + braulio@wazuh.com + jose.fernandez@wazuh.com + +Copyright: + + GNU General Public License version 2. + +License: + + GNU General Public License version 2. + +The Debian packaging is: + + Copyright (C) 2015-2020 Wazuh, Inc + +and is licensed under the GPL version 2, +see "/usr/share/common-licenses/GPL-2". diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/postinst b/debs/SPECS/4.2.4/wazuh-agent/debian/postinst new file mode 100644 index 0000000000..1bc5c7205d --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/postinst @@ -0,0 +1,188 @@ +#!/bin/sh +# postinst script for wazuh-agent +# Wazuh, Inc 2015-2020 + +set -e + +case "$1" in + configure) + + OS=$(lsb_release -si) + VER=$(lsb_release -sr) + DIR="/var/ossec" + USER="ossec" + GROUP="ossec" + WAZUH_GLOBAL_TMP_DIR="${DIR}/packages_files" + WAZUH_TMP_DIR="${WAZUH_GLOBAL_TMP_DIR}/agent_config_files" + SCRIPTS_DIR="${WAZUH_GLOBAL_TMP_DIR}/agent_installation_scripts" + SCA_BASE_DIR="${SCRIPTS_DIR}/sca" + + OSMYSHELL="/sbin/nologin" + + if [ ! -f ${OSMYSHELL} ]; then + if [ -f "/bin/false" ]; then + OSMYSHELL="/bin/false" + fi + fi + + if ! getent group | grep -q "^ossec" ; then + addgroup --system ossec > /dev/null 2>&1 + fi + if ! getent passwd | grep -q "^ossec" ; then + adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER} > /dev/null 2>&1 + fi + + if [ -z "$2" ] || [ -f ${WAZUH_TMP_DIR}/create_conf ] ; then + + ${SCRIPTS_DIR}/gen_ossec.sh conf agent ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf + ${SCRIPTS_DIR}/add_localfiles.sh ${DIR} >> ${DIR}/etc/ossec.conf + + else + ${SCRIPTS_DIR}/gen_ossec.sh conf agent ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf.new + chmod 660 ${DIR}/etc/ossec.conf.new + fi + + # For the etc dir + if [ -f /etc/localtime ]; then + cp -pL /etc/localtime ${DIR}/etc/; + chmod 640 ${DIR}/etc/localtime + chown root:${GROUP} ${DIR}/etc/localtime + fi + + # Restore the local rules, client.keys and local_decoder + if [ -f ${WAZUH_TMP_DIR}/client.keys ]; then + cp ${WAZUH_TMP_DIR}/client.keys ${DIR}/etc/client.keys + fi + # Restore ossec.conf configuration + if [ -f ${WAZUH_TMP_DIR}/ossec.conf ]; then + mv ${WAZUH_TMP_DIR}/ossec.conf ${DIR}/etc/ossec.conf + fi + # Restore internal options configuration + if [ -f ${WAZUH_TMP_DIR}/local_internal_options.conf ]; then + mv ${WAZUH_TMP_DIR}/local_internal_options.conf ${DIR}/etc/local_internal_options.conf + fi + + # Install the SCA files + if [ -d "${SCA_BASE_DIR}" ]; then + + . ${SCRIPTS_DIR}/src/init/dist-detect.sh + + SCA_DIR="${DIST_NAME}/${DIST_VER}" + + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" + mkdir -p ${DIR}/ruleset/sca + + # Install the configuration files needed for this hosts + if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" + elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" + elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" + else + SCA_TMP_DIR="${SCA_BASE_DIR}/generic" + fi + + SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" + + if [ -r ${SCA_TMP_FILE} ]; then + + rm -f ${DIR}/ruleset/sca/* || true + + for sca_file in $(cat ${SCA_TMP_FILE}); do + mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca + done + fi + + # Set correct permissions, owner and group + chmod 640 ${DIR}/ruleset/sca/* + chown root:${GROUP} ${DIR}/ruleset/sca/* + # Delete the temporary directory + rm -rf ${SCA_BASE_DIR} + + fi + + # Restore group files + if [ -d ${WAZUH_TMP_DIR}/group ]; then + for file in ${WAZUH_TMP_DIR}/group/* ; do + mv ${file} ${DIR}/etc/shared/ + done + rm -rf ${WAZUH_TMP_DIR}/group + fi + + touch ${DIR}/logs/active-responses.log + chown ossec:ossec ${DIR}/logs/active-responses.log + chmod 0660 ${DIR}/logs/active-responses.log + + # Check if SELinux is installed and enabled + if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + semodule -i ${DIR}/var/selinux/wazuh.pp + semodule -e wazuh + fi + fi + + # Register and configure agent if Wazuh environment variables are defined + if [ -z "$2" ] ; then + ${SCRIPTS_DIR}/src/init/register_configure_agent.sh ${DIR} > /dev/null || : + fi + + # Restoring file permissions + ${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || : + + if [ -f /etc/systemd/system/wazuh-agent.service ]; then + rm -f /etc/systemd/system/wazuh-agent.service + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl daemon-reload > /dev/null 2>&1 + fi + fi + + if [ ! -z "$2" ]; then + if [ -f ${WAZUH_TMP_DIR}/wazuh.restart ] ; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl daemon-reload > /dev/null 2>&1 + systemctl restart wazuh-agent.service > /dev/null 2>&1 + elif command -v service > /dev/null 2>&1 ; then + service wazuh-agent restart > /dev/null 2>&1 + else + ${DIR}/bin/wazuh-control restart > /dev/null 2>&1 + fi + fi + fi + + #Delete obsolete files + if [ -f /etc/ossec-init.conf ]; then + rm -f /etc/ossec-init.conf + fi + + # Delete installation scripts + if [ -d ${SCRIPTS_DIR} ]; then + rm -rf ${SCRIPTS_DIR} + fi + + # Delete tmp directory + if [ -d ${WAZUH_TMP_DIR} ]; then + rm -rf ${WAZUH_TMP_DIR} + fi + + # If the parent directory is empty, delete it + if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then + rm -rf ${WAZUH_GLOBAL_TMP_DIR} + fi + + ;; + + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + + *) + echo "postinst called with unknown argument \`$1'" >22 + exit 1 + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/postrm b/debs/SPECS/4.2.4/wazuh-agent/debian/postrm new file mode 100644 index 0000000000..d8e30b4251 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/postrm @@ -0,0 +1,74 @@ +#!/bin/sh +# postrm script for wazuh-agent +# Wazuh, Inc 2015-2020 + +set -e + +DIR="/var/ossec" +WAZUH_TMP_DIR="${DIR}/packages_files/agent_config_files" + +case "$1" in + remove|failed-upgrade|abort-install|abort-upgrade|disappear) + + if [ -d ${WAZUH_TMP_DIR} ]; then + rm -rf ${WAZUH_TMP_DIR} + fi + + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then + systemctl disable wazuh-agent > /dev/null 2>&1 + systemctl daemon-reload > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then + update-rc.d -f wazuh-agent remove > /dev/null 2>&1 + fi + + # Back up the old configuration files as .save + if [ ! -d ${DIR}/etc ]; then + mkdir -p ${DIR}/etc + fi + + # If the directory is not empty, copy the files into ${DIR}/etc + if ls -A ${DIR}/tmp/conffiles > /dev/null 2>&1 ; then + mv ${DIR}/tmp/conffiles/* ${DIR}/etc + fi + rm -rf ${DIR}/tmp + if [ "$1" = "remove" ]; then + rm -rf ${DIR}/ruleset + rm -rf ${DIR}/var + rm -rf ${DIR}/logs + fi + + # Delete old .save + find ${DIR}/etc/ -type f -name "*save" -exec rm -f {} \; + + # Rename the files + find ${DIR}/etc/ -type f -exec mv {} {}.save \; + + ;; + + purge) + + if getent passwd | grep -q "^ossec" ; then + deluser ossec > /dev/null 2>&1 + fi + if getent group | grep -q "^ossec" ; then + delgroup ossec > /dev/null 2>&1 + fi + rm -rf ${DIR}/* + + ;; + + upgrade) + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/preinst b/debs/SPECS/4.2.4/wazuh-agent/debian/preinst new file mode 100644 index 0000000000..fbb87731b5 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/preinst @@ -0,0 +1,85 @@ +#!/bin/sh +# preinst script for wazuh-agent + +set -e + +# configuration variables +DIR="/var/ossec" +WAZUH_TMP_DIR="${DIR}/packages_files/agent_config_files" + +# environment configuration +if [ ! -d ${WAZUH_TMP_DIR} ]; then + mkdir -p ${WAZUH_TMP_DIR} +else + rm -rf ${WAZUH_TMP_DIR} + mkdir -p ${WAZUH_TMP_DIR} +fi + +case "$1" in + install|upgrade) + + if [ "$1" = "upgrade" ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then + systemctl stop wazuh-agent.service > /dev/null 2>&1 + touch ${WAZUH_TMP_DIR}/wazuh.restart + elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + service wazuh-agent stop > /dev/null 2>&1 + touch ${WAZUH_TMP_DIR}/wazuh.restart + elif ${DIR}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + touch ${WAZUH_TMP_DIR}/wazuh.restart + elif ${DIR}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + touch ${WAZUH_TMP_DIR}/wazuh.restart + fi + ${DIR}/bin/ossec-control stop > /dev/null 2>&1 || ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 + + if [ -d ${DIR}/logs/ossec ]; then + mv ${DIR}/logs/ossec ${DIR}/logs/wazuh + fi + + if [ -d ${DIR}/queue/ossec ]; then + mv ${DIR}/queue/ossec ${DIR}/queue/sockets + fi + fi + + if [ ! -z "$2" ] && [ ! -f ${DIR}/etc/ossec.conf ] ; then + touch ${WAZUH_TMP_DIR}/create_conf + fi + + # Delete old service + if [ -f /etc/init.d/ossec ]; then + rm /etc/init.d/ossec + fi + # back up the current user rules + if [ -f ${DIR}/etc/client.keys ]; then + cp ${DIR}/etc/client.keys ${WAZUH_TMP_DIR}/client.keys + fi + if [ -f ${DIR}/etc/local_internal_options.conf ]; then + cp -p ${DIR}/etc/local_internal_options.conf ${WAZUH_TMP_DIR}/local_internal_options.conf + fi + if [ -f ${DIR}/etc/ossec.conf ]; then + cp -p ${DIR}/etc/ossec.conf ${WAZUH_TMP_DIR}/ossec.conf + fi + + if [ -d ${DIR}/etc/shared ]; then + files="$(ls -A ${DIR}/etc/shared/*)" + fi + + if [ ! -z "$files" ]; then + mkdir -p ${WAZUH_TMP_DIR}/group + cp -rp ${DIR}/etc/shared/* ${WAZUH_TMP_DIR}/group/ + fi + ;; + + abort-upgrade) + + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/prerm b/debs/SPECS/4.2.4/wazuh-agent/debian/prerm new file mode 100644 index 0000000000..d87ec748ff --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/prerm @@ -0,0 +1,64 @@ +#!/bin/sh +# prerm script for wazuh-manager + +set -e + +DIR="/var/ossec" + +case "$1" in + upgrade|deconfigure) + + ;; + + remove) + + # Stop the services before uninstalling the package + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then + systemctl stop wazuh-agent > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then + service wazuh-agent stop > /dev/null 2>&1 + else + ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 + fi + + # Save the conffiles + mkdir -p ${DIR}/tmp/conffiles + # Save the client.keys + if [ -f ${DIR}/etc/client.keys ]; then + cp -p ${DIR}/etc/client.keys ${DIR}/tmp/conffiles + fi + # Save the local_internal_options.conf + if [ -f ${DIR}/etc/local_internal_options.conf ]; then + cp -p ${DIR}/etc/local_internal_options.conf ${DIR}/tmp/conffiles + fi + # Save the ossec.conf + if [ -f ${DIR}/etc/ossec.conf ]; then + cp -p ${DIR}/etc/ossec.conf ${DIR}/tmp/conffiles + fi + # Save the shared configuration files + if [ -d ${DIR}/etc/shared ]; then + cp -pr ${DIR}/etc/shared ${DIR}/tmp/conffiles + fi + + if [ -d ${DIR}/etc/shared/ ]; then + rm -rf ${DIR}/etc/shared/ + fi + + ;; + + failed-upgrade) + if [ -f ${DIR}/bin/wazuh-control ]; then + ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 + fi + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/rules b/debs/SPECS/4.2.4/wazuh-agent/debian/rules new file mode 100644 index 0000000000..0b4f141198 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/rules @@ -0,0 +1,148 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. +# +# Modified to make a template file for a multi-binary package with separated +# build-arch and build-indep targets by Bill Allombert 2001 + +# Uncomment this to turn on verbose mode. +export DH_VERBOSE=1 + +# This has to be exported to make some magic below work. +export DH_OPTIONS + +export TARGET_DIR=${CURDIR}/debian/wazuh-agent + +# Package build options +export INSTALLATION_DIR="/var/ossec" +export INSTALLATION_SCRIPTS_DIR="${INSTALLATION_DIR}/packages_files/agent_installation_scripts" +export JOBS="5" +export DEBUG_ENABLED="no" +export PATH="${PATH}" +export LD_LIBRARY_PATH="" + +%: + dh $@ + +override_dh_shlibdeps: + +override_dh_auto_configure: + +override_dh_auto_install: + +override_dh_install: + + rm -rf $(INSTALLATION_DIR)/ + + # Build the binaries + make -C src deps TARGET=agent + make -j$(JOBS) -C src/ TARGET=agent USE_SELINUX=yes DEBUG=$(DEBUG_ENABLED) + + USER_LANGUAGE="en" \ + USER_NO_STOP="y" \ + USER_INSTALL_TYPE="agent" \ + USER_DIR="$(INSTALLATION_DIR)" \ + USER_DELETE_DIR="y" \ + USER_ENABLE_ACTIVE_RESPONSE="y" \ + USER_ENABLE_SYSCHECK="y" \ + USER_ENABLE_ROOTCHECK="y" \ + USER_ENABLE_OPENSCAP="y" \ + USER_ENABLE_CISCAT="y" \ + USER_ENABLE_SYSCOLLECTOR="y" \ + USER_UPDATE="n" \ + USER_AGENT_SERVER_IP="MANAGER_IP" \ + USER_CA_STORE="/path/to/my_cert.pem" \ + USER_AUTO_START="n" \ + ./install.sh + + # Copying init.d script + mkdir -p ${TARGET_DIR}/etc/init.d/ + sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/ossec-hids-debian.init + + cp src/init/templates/ossec-hids-debian.init ${TARGET_DIR}/etc/init.d/wazuh-agent + + # Copying systemd file + mkdir -p ${TARGET_DIR}/usr/lib/systemd/system/ + sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/wazuh-agent.service + install -m 0644 src/init/templates/wazuh-agent.service ${TARGET_DIR}/usr/lib/systemd/system/ + + # Generating permission restoration file for postinstall + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR) + + # Remove preinstalled log files + rm -rf $(INSTALLATION_DIR)/logs/*.log + rm -rf $(INSTALLATION_DIR)/logs/*.json + + # Clean the preinstalled configuration assesment files + rm -rf ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca + mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca + + ./gen_permissions.sh $(INSTALLATION_DIR)/ ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/restore-permissions.sh + + # Copying to target + mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ + cp -r $(INSTALLATION_DIR)/. $(TARGET_DIR)$(INSTALLATION_DIR)/ + + # Copying install scripts to /usr/share + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + cp gen_ossec.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + cp add_localfiles.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src + cp src/VERSION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ + cp src/REVISION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ + + # Install configuration assesment files and files templates + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 + + cp -r ruleset/sca/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca + + cp etc/templates/config/generic/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic + cp etc/templates/config/generic/sca.manager.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic + + cp etc/templates/config/debian/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian + cp etc/templates/config/debian/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 + cp etc/templates/config/debian/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 + cp etc/templates/config/debian/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 + + cp etc/templates/config/ubuntu/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu + cp etc/templates/config/ubuntu/12/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 + cp etc/templates/config/ubuntu/14/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 + cp etc/templates/config/ubuntu/16/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init + cp -r src/init/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/generic + cp -r etc/templates/config/generic ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/debian + cp -r etc/templates/config/debian ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ubuntu + cp -r etc/templates/config/ubuntu ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ + + # Copying systemd file + mkdir -p ${TARGET_DIR}/etc/systemd/system/ + sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/wazuh-agent.service + cp src/init/templates/wazuh-agent.service ${TARGET_DIR}/etc/systemd/system/ + +override_dh_auto_clean: + $(MAKE) -C src clean + + +override_dh_strip: + dh_strip --no-automatic-dbgsym + +.PHONY: override_dh_install override_dh_strip override_dh_auto_clean override_dh_auto_build override_dh_auto_configure diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/source/format b/debs/SPECS/4.2.4/wazuh-agent/debian/source/format new file mode 100644 index 0000000000..163aaf8d82 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/templates b/debs/SPECS/4.2.4/wazuh-agent/debian/templates new file mode 100644 index 0000000000..3dbe63d83f --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/templates @@ -0,0 +1,4 @@ +Template: wazuh-agent/server-ip +Type: string +Default: 127.0.0.1 +Description: OSSEC server IP address for this agent. This server is also known as Manager and will receive information from the agent. You need to specify the IP address, the hostname is not valid. The agent still needs to be registered and started manually. diff --git a/debs/SPECS/4.2.4/wazuh-agent/debian/wazuh-agent.lintian-overrides b/debs/SPECS/4.2.4/wazuh-agent/debian/wazuh-agent.lintian-overrides new file mode 100644 index 0000000000..e1233f34da --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-agent/debian/wazuh-agent.lintian-overrides @@ -0,0 +1,9 @@ +wazuh-agent: embedded-library +wazuh-agent: embedded-zlib +wazuh-agent: possible-gpl-code-linked-with-openssl +wazuh-agent: new-package-should-close-itp-bug +wazuh-agent: possibly-insecure-handling-of-tmp-files-in-maintainer-script +wazuh-agent: non-standard-dir-in-var +wazuh-agent: file-in-unusual-dir +wazuh-agent: hardening-no-fortify-functions +wazuh-agent: hardening-no-relro diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/changelog b/debs/SPECS/4.2.4/wazuh-manager/debian/changelog new file mode 100644 index 0000000000..98a9eb8e6a --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/changelog @@ -0,0 +1,376 @@ +wazuh-manager (4.2.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 21 Oct 2021 15:57:51 +0000 + +wazuh-manager (4.2.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 06 Oct 2021 15:07:13 +0000 + +wazuh-manager (4.2.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 28 Sep 2021 08:58:38 +0000 + +wazuh-manager (4.2.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 25 Sep 2021 07:04:22 +0000 + +wazuh-manager (4.2.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 26 Apr 2021 11:51:55 +0000 + +wazuh-manager (4.1.5-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + +-- Wazuh, Inc Thu, 22 Apr 2021 16:50:05 +0000 + +wazuh-manager (4.1.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + +-- Wazuh, Inc Mon, 29 Mar 2021 16:23:09 +0000 + +wazuh-manager (4.1.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + +-- Wazuh, Inc Sat, 20 Mar 2021 13:41:26 +0000 + +wazuh-manager (4.1.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + +-- Wazuh, Inc Mon, 08 Mar 2021 14:00:25 +0000 + +wazuh-manager (4.1.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + +-- Wazuh, Inc Fri, 05 Mar 2021 13:24:41 +0000 + +wazuh-manager (4.1.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 19 Jan 2021 06:25:59 +0000 + + wazuh-manager (4.0.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 12 Jan 2021 09:30:15 +0000 + +wazuh-manager (4.0.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 30 Nov 2020 10:00:15 +0000 + +wazuh-manager (4.0.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 23 Nov 2020 12:16:36 +0000 + +wazuh-manager (4.0.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 31 Oct 2020 12:16:36 +0000 + +wazuh-manager (4.0.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 19 Oct 2020 06:59:39 +0000 + +wazuh-manager (4.0.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 19 Oct 2020 06:59:39 +0000 + +wazuh-manager (3.13.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 24 Apr 2021 07:01:55 +0000 + +wazuh-manager (3.13.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 21 Aug 2020 10:05:02 +0000 + +wazuh-manager (3.13.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 14 Jul 2020 10:05:02 +0000 + +wazuh-manager (3.13.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 29 Jun 2020 10:05:02 +0000 + +wazuh-manager (3.12.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 9 Apr 2020 08:47:14 +0000 + +wazuh-manager (3.12.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 8 Apr 2020 16:12:28 +0000 + +wazuh-manager (3.12.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 25 Mar 2020 10:20:48 +0000 + +wazuh-manager (3.11.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 24 Feb 2020 10:01:00 +0000 + +wazuh-manager (3.11.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 22 Jan 2020 10:01:00 +0000 + +wazuh-manager (3.11.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 7 Jan 2020 10:01:00 +0000 + +wazuh-manager (3.11.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 26 Dec 2019 13:33:00 +0000 + +wazuh-manager (3.11.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 7 Oct 2019 13:33:00 +0000 + +wazuh-manager (3.10.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 23 Sep 2019 10:19:00 +0000 + +wazuh-manager (3.10.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 19 Sep 2019 13:33:00 +0000 + +wazuh-manager (3.10.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 26 Aug 2019 13:33:00 +0000 + +wazuh-manager (3.9.5-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 8 Aug 2019 16:31:00 +0000 + +wazuh-manager (3.9.4-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 12 Jul 2019 16:31:00 +0000 + +wazuh-manager (3.9.3-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 11 Jun 2019 16:31:00 +0000 + +wazuh-manager (3.9.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 6 Jun 2019 13:33:00 +0000 + +wazuh-manager (3.9.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 6 May 2019 13:33:00 +0000 + +wazuh-manager (3.9.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 25 Feb 2019 11:00:00 +0000 + +wazuh-manager (3.8.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 30 Jan 2019 11:00:00 +0000 + +wazuh-manager (3.8.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 24 Jan 2019 09:28:34 +0000 + +wazuh-manager (3.8.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 16 Jan 2019 11:00:00 +0000 + +wazuh-manager (3.7.2-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 10 Dec 2018 11:00:00 +0000 + +wazuh-manager (3.7.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 12 Nov 2018 11:00:00 +0000 + +wazuh-manager (3.7.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Sat, 10 Nov 2018 11:00:00 +0000 + +wazuh-manager (3.6.1-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 3 Sep 2018 11:00:00 +0000 + +wazuh-manager (3.6.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Fri, 24 Aug 2018 11:00:00 +0000 + +wazuh-manager (3.5.0-RELEASE) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 25 Jul 2018 20:12:41 +0000 + +wazuh-manager (3.4.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 28 Jun 2018 20:12:41 +0000 + +wazuh-manager (3.3.1-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 14 Jun 2018 9:29:41 +0000 + +wazuh-manager (3.3.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 07 Jun 2018 10:00:00 +0000 + +wazuh-manager (3.2.4-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 30 May 2018 12:44:31 +0000 + +wazuh-manager (3.2.3-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 14 May 2018 12:35:30 +0000 + +wazuh-manager (3.2.2-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Tue, 13 Mar 2018 12:35:30 +0000 + +wazuh-manager (3.2.1-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Wed, 21 Feb 2018 15:26:30 +0000 + +wazuh-manager (3.2.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Thu, 11 Dec 2017 15:19:24 +0000 + + +wazuh-manager (3.1.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 01 Nov 2017 08:00:10 +0000 + + +wazuh-manager (3.0.0-2) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 01 Nov 2017 08:00:10 +0000 + +wazuh-manager (2.1.1-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 01 Aug 2016 08:43:10 +0000 + +wazuh-manager (2.1.0-1) stable; urgency=low + + * More info: https://documentation.wazuh.com/current/release-notes/ + + -- Wazuh, Inc Mon, 01 Jul 2016 08:43:10 +0000 + +wazuh-manager (2.0.1-1) stable; urgency=low + + * Changed random data generator for a secure OS-provided generator. + exi* Changed Windows installer file name (depending on version). + * Linux distro detection using standard os-release file. + * Changed some URLs to documentation. + * Disable synchronization with SQLite databases for Syscheck by default. + * Minor changes at Rootcheck formatter for JSON alerts. + * Added debugging messages to Integrator logs. + * Show agent ID when possible on logs about incorrectly formatted messages. + * Use default maximum inotify event queue size. + * Show remote IP on encoding format errors when unencrypting messages. + + -- Wazuh, Inc Thu, 06 Jun 2017 08:43:10 +0000 + +wazuh-manager (2.0-1) stable; urgency=low + + * wazuh-manager - base 2.0 + + -- Wazuh, Inc Mon, 01 Jul 2016 08:43:10 +0000 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/compat b/debs/SPECS/4.2.4/wazuh-manager/debian/compat new file mode 100644 index 0000000000..7f8f011eb7 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/conffiles b/debs/SPECS/4.2.4/wazuh-manager/debian/conffiles new file mode 100644 index 0000000000..e69de29bb2 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/control b/debs/SPECS/4.2.4/wazuh-manager/debian/control new file mode 100644 index 0000000000..bbdeb2a7c6 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/control @@ -0,0 +1,15 @@ +Source: wazuh-manager +Section: admin +Priority: extra +Maintainer: Wazuh, Inc +Build-Depends: debhelper (>= 7.0.50~), libssl-dev, linux-libc-dev, gawk, libaudit-dev, selinux-basics +Standards-Version: 3.8.4 +Homepage: http://www.wazuh.com + +Package: wazuh-manager +Architecture: any +Depends: ${shlibs:Depends}, libc6 (>= 2.7), lsb-release, debconf, adduser +Suggests: expect +Conflicts: ossec-hids-agent, wazuh-agent, ossec-hids, wazuh-api +Replaces: wazuh-api +Description: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/copyright b/debs/SPECS/4.2.4/wazuh-manager/debian/copyright new file mode 100644 index 0000000000..710a27bb6d --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/copyright @@ -0,0 +1,38 @@ +This work was packaged for Debian by: + + Wazuh, Inc on Thu, 21 Oct 2021 15:57:51 +0000 + +It was downloaded from: + + https://www.wazuh.com + +Upstream Authors: + + dcid@dcid.me + Jia-BingJB_Cheng@trendmicro.com + vichargrave@gmail.com + ossec@michaelstarks.com + ddpbsd@gmail.com + scott@atomicorp.com + brad.lhotsky@gmail.com + jeremy@jeremyrossy.com + santiago.bassett@gmail.com + pedro@wazuh.com + alberto.rodriguez@wazuh.com + braulio@wazuh.com + jose.fernandez@wazuh.com + +Copyright: + + GNU General Public License version 2. + +License: + + GNU General Public License version 2. + +The Debian packaging is: + + Copyright (C) 2015-2020 Wazuh, Inc + +and is licensed under the GPL version 2, +see "/usr/share/common-licenses/GPL-2". diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/postinst b/debs/SPECS/4.2.4/wazuh-manager/debian/postinst new file mode 100644 index 0000000000..675a7ad49d --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/postinst @@ -0,0 +1,288 @@ +#!/bin/sh +# postinst script for Wazuh +# Wazuh, Inc 2015-2020 +set -e +case "$1" in + configure) + + OS=$(lsb_release -si) + VER=$(lsb_release -sr) + DIR="/var/ossec" + USER="ossec" + USER_MAIL="ossecm" + USER_REM="ossecr" + GROUP="ossec" + WAZUH_GLOBAL_TMP_DIR="${DIR}/packages_files" + WAZUH_TMP_DIR="${WAZUH_GLOBAL_TMP_DIR}/manager_config_files" + OSMYSHELL="/sbin/nologin" + SCRIPTS_DIR="${WAZUH_GLOBAL_TMP_DIR}/manager_installation_scripts" + SCA_BASE_DIR="${SCRIPTS_DIR}/sca" + + if [ ! -f ${OSMYSHELL} ]; then + if [ -f "/bin/false" ]; then + OSMYSHELL="/bin/false" + fi + fi + + if ! getent group | grep -q "^ossec" ; then + addgroup --system ossec > /dev/null 2>&1 + fi + if ! getent passwd | grep -q "^ossec" ; then + adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER} > /dev/null 2>&1 + fi + if ! getent passwd | grep -q "^ossecm" ; then + adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER_MAIL} > /dev/null 2>&1 + fi + if ! getent passwd | grep -q "^ossecr" ; then + adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER_REM} > /dev/null 2>&1 + fi + + if [ -z "$2" ] || [ -f ${WAZUH_TMP_DIR}/create_conf ] ; then + + ${SCRIPTS_DIR}/gen_ossec.sh conf manager ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf + ${SCRIPTS_DIR}/add_localfiles.sh ${DIR} >> ${DIR}/etc/ossec.conf + + passlist="${DIR}/agentless/.passlist" + + if [ -f $passlist ] && ! base64 -d $passlist > /dev/null 2>&1; then + cp $passlist $passlist.bak + base64 $passlist.bak > $passlist + if [ $? = 0 ]; then + rm -f $passlist.bak + else + echo "ERROR: Couldn't encode Agentless passlist." + mv $passlist.bak $passlist + fi + fi + else + ${SCRIPTS_DIR}/gen_ossec.sh conf manager ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf.new + chmod 660 ${DIR}/etc/ossec.conf.new + fi + + # Remove/relocate existing SQLite databases + rm -f ${DIR}/var/db/cluster.db* || true + rm -f ${DIR}/var/db/.profile.db* || true + rm -f ${DIR}/var/db/agents/* || true + + if [ -f ${DIR}/var/db/global.db ]; then + mv ${DIR}/var/db/global.db ${DIR}/queue/db/ + rm -f ${DIR}/var/db/global.db* || true + rm -f ${DIR}/var/db/.template.db || true + fi + + if [ -f ${DIR}/queue/db/global.db ]; then + chmod 640 ${DIR}/queue/db/global.db* + chown ossec:ossec ${DIR}/queue/db/global.db* + fi + + # Delete uncompatible DBs versions + if [ ! -z $2 ]; then + + PREVIOUS_VERSION=$(echo $2 | cut -d"-" -f1) + + # Get the major and minor version + MAJOR=$(echo $PREVIOUS_VERSION | cut -d. -f1) + MINOR=$(echo $PREVIOUS_VERSION | cut -d. -f2) + + if [ $MAJOR = 3 ] && [ $MINOR -lt 7 ]; then + rm -f ${DIR}/queue/db/*.db* + rm -f ${DIR}/queue/db/.template.db + fi + fi + + # Remove Vuln-detector database + rm -f ${DIR}/queue/vulnerabilities/cve.db || true + + # Generation auto-signed certificate if not exists + if type openssl >/dev/null 2>&1 && [ ! -f "${DIR}/etc/sslmanager.key" ] && [ ! -f "${DIR}/etc/sslmanager.cert" ]; then + openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout ${DIR}/etc/sslmanager.key -out ${DIR}/etc/sslmanager.cert 2>/dev/null + fi + + chmod 640 ${DIR}/etc/sslmanager.cert ${DIR}/etc/sslmanager.key > /dev/null 2>&1 || true + + # For the etc dir + if [ -f /etc/localtime ]; then + cp -pL /etc/localtime ${DIR}/etc/; + chmod 640 ${DIR}/etc/localtime + chown root:${GROUP} ${DIR}/etc/localtime + fi + + if [ -f /etc/TIMEZONE ]; then + cp -p /etc/TIMEZONE ${DIR}/etc/; + chmod 640 ${DIR}/etc/TIMEZONE + chown root:${GROUP} ${DIR}/etc/localtime + fi + + # Restore client.keys configuration + if [ -f ${WAZUH_TMP_DIR}/client.keys ]; then + mv ${WAZUH_TMP_DIR}/client.keys ${DIR}/etc/client.keys + fi + # Restore local insternal options configuration + if [ -f ${WAZUH_TMP_DIR}/local_internal_options.conf ]; then + mv ${WAZUH_TMP_DIR}/local_internal_options.conf ${DIR}/etc/local_internal_options.conf + fi + # Restore lists + if [ -d ${WAZUH_TMP_DIR}/lists ]; then + cp -rp ${WAZUH_TMP_DIR}/lists ${DIR}/etc/ + fi + # Restore ossec.conf configuration + if [ -f ${WAZUH_TMP_DIR}/ossec.conf ]; then + mv ${WAZUH_TMP_DIR}/ossec.conf ${DIR}/etc/ossec.conf + fi + # Restore local_rules.xml configuration + if [ -f ${WAZUH_TMP_DIR}/local_rules.xml ]; then + mv ${WAZUH_TMP_DIR}/local_rules.xml ${DIR}/etc/rules/local_rules.xml + fi + # Restore local_decoders.xml configuration + if [ -f ${WAZUH_TMP_DIR}/local_decoder.xml ]; then + mv ${WAZUH_TMP_DIR}/local_decoder.xml ${DIR}/etc/decoders/local_decoder.xml + fi + + # Restore group files + if [ -d ${WAZUH_TMP_DIR}/group ]; then + cp -rfp ${WAZUH_TMP_DIR}/group/* ${DIR}/etc/shared + rm -rf ${WAZUH_TMP_DIR}/group/ + fi + + # Restore RBAC database + if [ -f ${WAZUH_TMP_DIR}/rbac.db ]; then + cp -fp ${WAZUH_TMP_DIR}/rbac.db ${DIR}/api/configuration/security/rbac.db + rm -rf ${WAZUH_TMP_DIR}/rbac.db + fi + + # Restore API configuration file + if [ -f ${WAZUH_TMP_DIR}/api.yaml ]; then + cp -fp ${WAZUH_TMP_DIR}/api.yaml ${DIR}/api/configuration/api.yaml + rm -rf ${WAZUH_TMP_DIR}/api.yaml + fi + + # More files + touch ${DIR}/etc/client.keys + + touch ${DIR}/logs/active-responses.log + touch ${DIR}/logs/integrations.log + chown ossec:ossec ${DIR}/logs/active-responses.log + chown ossecm:ossec ${DIR}/logs/integrations.log + chmod 0660 ${DIR}/logs/active-responses.log + chmod 0640 ${DIR}/logs/integrations.log + + + if [ -f ${DIR}/etc/shared/ar.conf ]; then + chown root:ossec ${DIR}/etc/shared/ar.conf + fi + + # Check if SELinux is installed and enabled + if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + semodule -i ${DIR}/var/selinux/wazuh.pp + semodule -e wazuh + fi + fi + + # Install the SCA files + if [ -d "${SCA_BASE_DIR}" ]; then + + . ${SCRIPTS_DIR}/src/init/dist-detect.sh + + SCA_DIR="${DIST_NAME}/${DIST_VER}" + + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" + mkdir -p ${DIR}/ruleset/sca + + # Install the configuration files needed for this hosts + if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" + elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" + elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" + else + SCA_TMP_DIR="${SCA_BASE_DIR}/generic" + fi + + SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" + + if [ -r ${SCA_TMP_FILE} ] && [ -r ${SCA_BASE_DIR}/generic/sca.manager.files ]; then + + rm -f ${DIR}/ruleset/sca/* || true + + for sca_file in $(cat ${SCA_TMP_FILE}); do + mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca + done + + for sca_file in $(cat ${SCA_BASE_DIR}/generic/sca.manager.files); do + filename=$(basename ${sca_file}) + if [ -f "${SCA_BASE_DIR}/${sca_file}" ] && [ ! -f "${DIR}/ruleset/sca/${filename}" ]; then + mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca/${filename}.disabled + fi + done + fi + + # Set correct permissions, owner and group + chmod 640 ${DIR}/ruleset/sca/* + chown root:${GROUP} ${DIR}/ruleset/sca/* + # Delete the temporary directory + rm -rf ${SCA_BASE_DIR} + + fi + + # Restoring file permissions + ${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || true + + # Remove old service file /etc/systemd/system/wazuh-manager.service if present + if [ -f /etc/systemd/system/wazuh-manager.service ]; then + rm -f /etc/systemd/system/wazuh-manager.service + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl daemon-reload > /dev/null 2>&1 + fi + fi + + if [ ! -z "$2" ]; then + if [ -f ${WAZUH_TMP_DIR}/wazuh.restart ] ; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl daemon-reload > /dev/null 2>&1 + systemctl restart wazuh-manager.service > /dev/null 2>&1 + elif command -v service > /dev/null 2>&1 ; then + service wazuh-manager restart > /dev/null 2>&1 + else + ${DIR}/bin/wazuh-control restart > /dev/null 2>&1 + fi + fi + fi + + #Delete obsolete files + if [ -f /etc/ossec-init.conf ]; then + rm -f /etc/ossec-init.conf + fi + + # Delete installation scripts + if [ -d ${SCRIPTS_DIR} ]; then + rm -rf ${SCRIPTS_DIR} + fi + + # Delete tmp directory + if [ -d ${WAZUH_TMP_DIR} ]; then + rm -r ${WAZUH_TMP_DIR} + fi + + # If the parent directory is empty, delete it + if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then + rm -rf ${WAZUH_GLOBAL_TMP_DIR} + fi + + ;; + + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + + *) + echo "postinst called with unknown argument \`$1'" >22 + exit 1 + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/postrm b/debs/SPECS/4.2.4/wazuh-manager/debian/postrm new file mode 100644 index 0000000000..3d960a9f4c --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/postrm @@ -0,0 +1,89 @@ +#!/bin/sh +# postrm script for Wazuh +# Wazuh, Inc 2015-2020 +set -e +DIR="/var/ossec" +WAZUH_TMP_DIR="${DIR}/packages_files/manager_config_files" + +case "$1" in + remove|failed-upgrade|abort-install|abort-upgrade|disappear) + + if [ -d ${WAZUH_TMP_DIR} ]; then + rm -rf ${WAZUH_TMP_DIR} + fi + + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then + systemctl disable wazuh-manager > /dev/null 2>&1 + systemctl daemon-reload > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "running" > /dev/null 2>&1; then + update-rc.d -f wazuh-manager remove > /dev/null 2>&1 + fi + + # Back up the old configuration files as .save + if [ ! -d ${DIR}/etc/shared/default ]; then + mkdir -p ${DIR}/etc/shared/default + fi + + # Move files from ${DIR}/tmp to ${DIR}/etc + if [ -f ${DIR}/tmp/conffiles/shared/default/agent.conf ]; then + mv ${DIR}/tmp/conffiles/shared/default/agent.conf ${DIR}/etc/shared/default/agent.conf.save + fi + + # Move files from ${DIR}/tmp to ${DIR}/etc + if [ -f ${DIR}/tmp/conffiles/api.yaml ]; then + mkdir -p ${DIR}/api/configuration + mv ${DIR}/tmp/conffiles/api.yaml ${DIR}/api/configuration/api.yaml + fi + + # If the directory is not empty, copy the files into ${DIR}/etc + if ls -A ${DIR}/tmp/conffiles > /dev/null 2>&1 ; then + cp -Rf ${DIR}/tmp/conffiles/* ${DIR}/etc + fi + rm -rf ${DIR}/tmp + if [ "$1" = "remove" ]; then + rm -rf ${DIR}/ruleset + rm -rf ${DIR}/var + rm -rf ${DIR}/logs + fi + + # Delete old .save + find ${DIR}/etc/ -type f -name "*save" -exec rm -f {} \; + find ${DIR}/api/ -type f -name "*save" -exec rm -f {} \; + + # Rename the files + find ${DIR}/etc/ -type f ! -name *shared* -exec mv {} {}.save \; + find ${DIR}/api/ -type f -exec mv {} {}.save \; + + ;; + + purge) + if getent passwd | grep -q "^ossecr" ; then + deluser ossecr > /dev/null 2>&1 + fi + if getent passwd | grep -q "^ossecm" ; then + deluser ossecm > /dev/null 2>&1 + fi + if getent passwd | grep -q "^ossec" ; then + deluser ossec > /dev/null 2>&1 + fi + if getent group | grep -q "^ossec" ; then + delgroup ossec > /dev/null 2>&1 + fi + rm -rf ${DIR} + ;; + + upgrade) + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 + + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/preinst b/debs/SPECS/4.2.4/wazuh-manager/debian/preinst new file mode 100644 index 0000000000..e863270a1d --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/preinst @@ -0,0 +1,151 @@ +#!/bin/sh +# preinst script for Wazuh + +set -e + +# configuration variables +DIR="/var/ossec" +WAZUH_TMP_DIR="${DIR}/packages_files/manager_config_files" +VERSION="$2" +MAJOR=$(echo "$VERSION" | cut -dv -f2 | cut -d. -f1) + +# environment configuration +if [ ! -d ${WAZUH_TMP_DIR} ]; then + mkdir -p ${WAZUH_TMP_DIR} +else + rm -rf ${WAZUH_TMP_DIR} + mkdir -p ${WAZUH_TMP_DIR} +fi + +case "$1" in + install|upgrade) + + if [ "$1" = "upgrade" ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then + systemctl stop wazuh-manager.service > /dev/null 2>&1 + touch ${WAZUH_TMP_DIR}/wazuh.restart + elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + service wazuh-manager stop > /dev/null 2>&1 + touch ${WAZUH_TMP_DIR}/wazuh.restart + elif ${DIR}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + touch ${WAZUH_TMP_DIR}/wazuh.restart + elif ${DIR}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + touch ${WAZUH_TMP_DIR}/wazuh.restart + fi + ${DIR}/bin/ossec-control stop > /dev/null 2>&1 || ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 + + if [ -d ${DIR}/logs/ossec ]; then + mv ${DIR}/logs/ossec ${DIR}/logs/wazuh + fi + + if [ -d ${DIR}/queue/ossec ]; then + mv ${DIR}/queue/ossec ${DIR}/queue/sockets + fi + + # Delete old API backups + if [ -d ${DIR}/~api ]; then + rm -rf ${DIR}/~api + fi + + # Get old package version + if [ -f /etc/ossec-init.conf ]; then + . /etc/ossec-init.conf + else + VERSION=$(${DIR}/bin/wazuh-control info -v) + fi + + # Get the major and minor version + MAJOR=$(echo $VERSION | cut -dv -f2 | cut -d. -f1) + MINOR=$(echo $VERSION | cut -d. -f2) + + # Delete 3.X Wazuh API service + if [ "$MAJOR" = "3" ] && [ -d ${DIR}/api ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && \ + systemctl list-unit-files --type service | grep wazuh-api; then + systemctl stop wazuh-api.service > /dev/null 2>&1 + systemctl disable wazuh-api.service > /dev/null 2>&1 + rm -f /etc/systemd/system/wazuh-api.service || true + fi + + if command -v service > /dev/null 2>&1 && service status wazuh-api > /dev/null 2>&1 ; then + service wazuh-api stop > /dev/null 2>&1 + update-rc.d wazuh-api remove > /dev/null 2>&1 + rm -f /etc/rc.d/init.d/wazuh-api || true + fi + fi + fi + + if [ ! -z "$2" ] && [ ! -f ${DIR}/etc/ossec.conf ] ; then + touch ${WAZUH_TMP_DIR}/create_conf + fi + + # RBAC database and API configuration file + if [ "$1" = "upgrade" ]; then + if [ -f ${DIR}/api/configuration/security/rbac.db ]; then + cp -fp ${DIR}/api/configuration/security/rbac.db ${WAZUH_TMP_DIR}/rbac.db + fi + if [ -f ${DIR}/api/configuration/api.yaml ]; then + cp -fp ${DIR}/api/configuration/api.yaml ${WAZUH_TMP_DIR}/api.yaml + fi + fi + + # Delete old service + if [ -f /etc/init.d/ossec ]; then + rm /etc/init.d/ossec + fi + + if [ -d ${DIR}/etc/lists ]; then + cp -rp ${DIR}/etc/lists ${WAZUH_TMP_DIR}/lists + fi + + if [ -f ${DIR}/etc/client.keys ]; then + cp -p ${DIR}/etc/client.keys ${WAZUH_TMP_DIR}/client.keys + fi + + if [ -f ${DIR}/etc/local_internal_options.conf ]; then + cp -p ${DIR}/etc/local_internal_options.conf ${WAZUH_TMP_DIR}/local_internal_options.conf + fi + + if [ -f ${DIR}/etc/rules/local_rules.xml ]; then + cp -p ${DIR}/etc/rules/local_rules.xml ${WAZUH_TMP_DIR}/local_rules.xml + fi + + if [ -f ${DIR}/etc/decoders/local_decoder.xml ]; then + cp -p ${DIR}/etc/decoders/local_decoder.xml ${WAZUH_TMP_DIR}/local_decoder.xml + fi + + if [ -f ${DIR}/etc/ossec.conf ]; then + cp -p ${DIR}/etc/ossec.conf ${WAZUH_TMP_DIR}/ossec.conf + fi + + if [ -d ${DIR}/etc/shared ]; then + cp -rp ${DIR}/etc/shared ${WAZUH_TMP_DIR}/group + fi + + if [ -d ${DIR}/var/db/agents ]; then + rm -f ${DIR}/var/db/agents/* + fi + + # Remove plain-text agent information if exists + if [ -d ${DIR}/queue/agent-info ]; then + rm -rf ${DIR}/queue/agent-info/* > /dev/null 2>&1 + fi + + if [ -d ${DIR}/queue/rootcheck ]; then + rm -rf ${DIR}/queue/rootcheck/* > /dev/null 2>&1 + fi + ;; + + abort-upgrade) + + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/prerm b/debs/SPECS/4.2.4/wazuh-manager/debian/prerm new file mode 100644 index 0000000000..4655d03dc3 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/prerm @@ -0,0 +1,85 @@ +#!/bin/sh +# prerm script for wazuh-manager + +set -e +DIR="/var/ossec" + +case "$1" in + upgrade|deconfigure) + + ;; + + remove) + # Stop the services before uninstalling the package + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then + systemctl stop wazuh-manager > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "running" > /dev/null 2>&1; then + service wazuh-manager stop > /dev/null 2>&1 + else + ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 + fi + + # Purging files + rm -rf ${DIR}/stats/* + rm -rf ${DIR}/queue/* + rm -rf ${DIR}/var/* + rm -rf ${DIR}/framework/* + + # Save the configuration files in ${DIR}/tmp/conffiles + mkdir -p ${DIR}/tmp/conffiles + + # Save the client.keys + if [ -f ${DIR}/etc/client.keys ]; then + cp -p ${DIR}/etc/client.keys ${DIR}/tmp/conffiles + fi + # Save the local_internal_options.conf + if [ -f ${DIR}/etc/local_internal_options.conf ]; then + cp -p ${DIR}/etc/local_internal_options.conf ${DIR}/tmp/conffiles + fi + # Save the ossec.conf + if [ -f ${DIR}/etc/ossec.conf ]; then + cp -p ${DIR}/etc/ossec.conf ${DIR}/tmp/conffiles + fi + # Save the local decoders + if [ -d ${DIR}/etc/decoders ]; then + cp -pr ${DIR}/etc/decoders ${DIR}/tmp/conffiles + fi + # Save the lists + if [ -d ${DIR}/etc/lists ]; then + cp -pr ${DIR}/etc/lists ${DIR}/tmp/conffiles + fi + # Save the rootcheck files + if [ -d ${DIR}/etc/rootcheck ]; then + cp -pr ${DIR}/etc/rootcheck ${DIR}/tmp/conffiles + fi + # Save the local rules + if [ -d ${DIR}/etc/rules ]; then + cp -pr ${DIR}/etc/rules ${DIR}/tmp/conffiles + fi + # Save the agent.conf from the group default + mkdir -p ${DIR}/tmp/conffiles/shared/default + if [ -f ${DIR}/etc/shared/default/agent.conf ]; then + cp -p ${DIR}/etc/shared/default/agent.conf ${DIR}/tmp/conffiles/shared/default + fi + # Save the client.keys + if [ -f ${DIR}/api/configuration/api.yaml ]; then + cp -p ${DIR}/api/configuration/api.yaml ${DIR}/tmp/conffiles + fi + ;; + + failed-upgrade) + if [ -f ${DIR}/bin/wazuh-control ]; then + ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 + fi + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; + +esac + +exit 0 diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/rules b/debs/SPECS/4.2.4/wazuh-manager/debian/rules new file mode 100644 index 0000000000..871fbd8d92 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/rules @@ -0,0 +1,205 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. +# +# Modified to make a template file for a multi-binary package with separated +# build-arch and build-indep targets by Bill Allombert 2001 + +# Uncomment this to turn on verbose mode. +export DH_VERBOSE=1 + +# This has to be exported to make some magic below work. +export DH_OPTIONS +export PKG_DIR=debian/wazuh-manager + +export TARGET_DIR=${CURDIR}/${PKG_DIR} + +# Package build options +export INSTALLATION_DIR="/var/ossec" +export INSTALLATION_SCRIPTS_DIR="${INSTALLATION_DIR}/packages_files/manager_installation_scripts" +export JOBS="5" +export DEBUG_ENABLED="no" +export PATH="${PATH}" +export LD_LIBRARY_PATH="" + +%: + dh $@ + +override_dh_shlibdeps: + +override_dh_auto_configure: + +override_dh_auto_install: + +override_dh_install: + + rm -rf $(INSTALLATION_DIR)/ + # Build the binaries + make -C src deps TARGET=server + make -j$(JOBS) -C src/ TARGET=server USE_SELINUX=yes DEBUG=$(DEBUG_ENABLED) + + USER_LANGUAGE="en" \ + USER_NO_STOP="y" \ + USER_INSTALL_TYPE="server" \ + USER_DIR="$(INSTALLATION_DIR)" \ + USER_DELETE_DIR="y" \ + USER_ENABLE_ACTIVE_RESPONSE="y" \ + USER_ENABLE_SYSCHECK="y" \ + USER_ENABLE_ROOTCHECK="y" \ + USER_ENABLE_OPENSCAP="y" \ + USER_ENABLE_CISCAT="y" \ + USER_ENABLE_SYSCOLLECTOR="y" \ + USER_UPDATE="n" \ + USER_ENABLE_EMAIL="n" \ + USER_WHITE_LIST="n" \ + USER_ENABLE_SYSLOG="y" \ + USER_ENABLE_AUTHD="y" \ + USER_SERVER_IP="MANAGER_IP" \ + USER_CA_STORE="/path/to/my_cert.pem" \ + USER_GENERATE_AUTHD_CERT="y" \ + USER_AUTO_START="n" \ + USER_CREATE_SSL_CERT="n" \ + ./install.sh + + # Copying init.d script + mkdir -p ${TARGET_DIR}/etc/init.d/ + sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/ossec-hids-debian.init + cp src/init/templates/ossec-hids-debian.init ${TARGET_DIR}/etc/init.d/wazuh-manager + + # Copying systemd file + mkdir -p ${TARGET_DIR}/usr/lib/systemd/system/ + sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/wazuh-manager.service + install -m 0644 src/init/templates/wazuh-manager.service ${TARGET_DIR}/usr/lib/systemd/system/ + + # Generating permission restoration file for postinstall + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + + # Remove preinstalled log files + rm -rf $(INSTALLATION_DIR)/logs/*.log + rm -rf $(INSTALLATION_DIR)/logs/*.json + + # Clean the preinstalled configuration assesment files + rm -rf ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca + mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca + + ./gen_permissions.sh $(INSTALLATION_DIR)/ ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/restore-permissions.sh + + # Copying to target + mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ + cp -r $(INSTALLATION_DIR)/. $(TARGET_DIR)$(INSTALLATION_DIR)/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + cp gen_ossec.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + cp add_localfiles.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src + cp src/VERSION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ + cp src/REVISION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init + cp -r src/init/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/generic + cp -r etc/templates/config/generic ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/debian + cp -r etc/templates/config/debian ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ + + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ubuntu + cp -r etc/templates/config/ubuntu ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ + + # Install configuration assesment files and files templates + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/applications + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/1 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/2 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/5 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/6 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/7 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/15 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/16 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/17 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/18 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/19 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/20 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/5 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/6 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/7 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles/11 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles/12 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sunos + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse/11 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse/12 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/windows + mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11 + + cp -r ruleset/sca/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca + + cp etc/templates/config/generic/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic + cp etc/templates/config/generic/sca.manager.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic + cp etc/templates/config/sunos/5/11/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11 + + cp etc/templates/config/amzn/1/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/1 + cp etc/templates/config/amzn/2/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/2 + + cp etc/templates/config/darwin/15/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/15 + cp etc/templates/config/darwin/16/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/16 + cp etc/templates/config/darwin/17/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/17 + cp etc/templates/config/darwin/18/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/18 + cp etc/templates/config/darwin/18/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/19 + cp etc/templates/config/darwin/20/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/20 + + cp etc/templates/config/debian/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian + cp etc/templates/config/debian/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 + cp etc/templates/config/debian/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 + cp etc/templates/config/debian/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 + + cp etc/templates/config/centos/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos + cp etc/templates/config/centos/5/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/5 + cp etc/templates/config/centos/6/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/6 + cp etc/templates/config/centos/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/7 + + cp etc/templates/config/rhel/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel + cp etc/templates/config/rhel/5/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/5 + cp etc/templates/config/rhel/6/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/6 + cp etc/templates/config/rhel/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/7 + + cp etc/templates/config/sles/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles + cp etc/templates/config/sles/11/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles/11 + + cp etc/templates/config/suse/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse + cp etc/templates/config/suse/11/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse/11 + + cp etc/templates/config/ubuntu/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu + cp etc/templates/config/ubuntu/12/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 + cp etc/templates/config/ubuntu/14/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 + cp etc/templates/config/ubuntu/16/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 + +override_dh_fixperms: + dh_fixperms + # Fix Python permissions + chmod 0750 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/bin/2to3-3.9 + chmod 0750 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/bin/pydoc3.9 + chmod 0750 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/bin/python3-config + chmod 0640 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/lib/pkgconfig/python-3.9-embed.pc + chmod 0640 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/lib/pkgconfig/python-3.9.pc + chmod 0640 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/lib/pkgconfig/python3.pc + +override_dh_auto_clean: + $(MAKE) -C src clean + +override_dh_strip: + dh_strip --no-automatic-dbgsym --exclude=dh_strip --no-automatic-dbgsym --exclude=${PKG_DIR}${INSTALLATION_DIR}/framework/python + +.PHONY: override_dh_install override_dh_strip override_dh_auto_clean override_dh_auto_build override_dh_auto_configure override_dh_fixperms diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/source/format b/debs/SPECS/4.2.4/wazuh-manager/debian/source/format new file mode 100644 index 0000000000..163aaf8d82 --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debs/SPECS/4.2.4/wazuh-manager/debian/wazuh-manager.lintian-overrides b/debs/SPECS/4.2.4/wazuh-manager/debian/wazuh-manager.lintian-overrides new file mode 100644 index 0000000000..c6d2185ecc --- /dev/null +++ b/debs/SPECS/4.2.4/wazuh-manager/debian/wazuh-manager.lintian-overrides @@ -0,0 +1,9 @@ +wazuh-manager: embedded-library +wazuh-manager: embedded-zlib +wazuh-manager: possible-gpl-code-linked-with-openssl +wazuh-manager: new-package-should-close-itp-bug +wazuh-manager: possibly-insecure-handling-of-tmp-files-in-maintainer-script +wazuh-manager: non-standard-dir-in-var +wazuh-manager: file-in-unusual-dir +wazuh-manager: hardening-no-fortify-functions +wazuh-manager: hardening-no-relro diff --git a/macos/package_files/4.2.4/build.sh b/macos/package_files/4.2.4/build.sh new file mode 100755 index 0000000000..d99b415d4f --- /dev/null +++ b/macos/package_files/4.2.4/build.sh @@ -0,0 +1,79 @@ +#!/bin/bash +# Program to build OSX wazuh-agent +# Wazuh package generator +# Copyright (C) 2015-2020, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. +set -exf +DESTINATION_PATH=$1 +SOURCES_PATH=$2 +BUILD_JOBS=$3 +INSTALLATION_SCRIPTS_DIR=${DESTINATION_PATH}/packages_files/agent_installation_scripts + +function configure() { + echo USER_LANGUAGE="en" > ${CONFIG} + echo USER_NO_STOP="y" >> ${CONFIG} + echo USER_INSTALL_TYPE="agent" >> ${CONFIG} + echo USER_DIR="${DESTINATION_PATH}" >> ${CONFIG} + echo USER_DELETE_DIR="y" >> ${CONFIG} + echo USER_CLEANINSTALL="y" >> ${CONFIG} + echo USER_BINARYINSTALL="y" >> ${CONFIG} + echo USER_AGENT_SERVER_IP="MANAGER_IP" >> ${CONFIG} + echo USER_ENABLE_SYSCHECK="y" >> ${CONFIG} + echo USER_ENABLE_ROOTCHECK="y" >> ${CONFIG} + echo USER_ENABLE_OPENSCAP="n" >> ${CONFIG} + echo USER_ENABLE_CISCAT="n" >> ${CONFIG} + echo USER_ENABLE_ACTIVE_RESPONSE="y" >> ${CONFIG} + echo USER_CA_STORE="n" >> ${CONFIG} +} + +function build() { + + configure + + if [ -z "${USER_BINARYINSTALL}" ]; then + make -C ${SOURCES_PATH}/src deps TARGET=agent + + echo "Generating Wazuh executables" + make -j$JOBS -C ${SOURCES_PATH}/src DYLD_FORCE_FLAT_NAMESPACE=1 TARGET=agent build + fi + + echo "Running install script" + ${SOURCES_PATH}/install.sh + + find ${DESTINATION_PATH}/ruleset/sca/ -type f -exec rm -f {} \; + + # Add the auxiliar script used while installing the package + mkdir -p ${INSTALLATION_SCRIPTS_DIR}/ + cp ${SOURCES_PATH}/gen_ossec.sh ${INSTALLATION_SCRIPTS_DIR}/ + cp ${SOURCES_PATH}/add_localfiles.sh ${INSTALLATION_SCRIPTS_DIR}/ + + mkdir -p ${INSTALLATION_SCRIPTS_DIR}/src/init + mkdir -p ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config/{generic,darwin} + + cp -r ${SOURCES_PATH}/etc/templates/config/generic ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config + cp -r ${SOURCES_PATH}/etc/templates/config/darwin ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config + + find ${SOURCES_PATH}/src/init/ -name *.sh -type f -exec install -m 0640 {} ${INSTALLATION_SCRIPTS_DIR}/src/init \; + + mkdir -p ${INSTALLATION_SCRIPTS_DIR}/sca/generic + mkdir -p ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/{15,16,17,18,20} + + cp -r ${SOURCES_PATH}/ruleset/sca/darwin ${INSTALLATION_SCRIPTS_DIR}/sca + cp -r ${SOURCES_PATH}/ruleset/sca/generic ${INSTALLATION_SCRIPTS_DIR}/sca + cp ${SOURCES_PATH}/etc/templates/config/generic/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/generic/ + cp ${SOURCES_PATH}/etc/templates/config/darwin/15/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/15/ + cp ${SOURCES_PATH}/etc/templates/config/darwin/16/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/16/ + cp ${SOURCES_PATH}/etc/templates/config/darwin/17/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/17/ + cp ${SOURCES_PATH}/etc/templates/config/darwin/18/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/18/ + cp ${SOURCES_PATH}/etc/templates/config/darwin/19/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/19/ + cp ${SOURCES_PATH}/etc/templates/config/darwin/20/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/20/ + + cp ${SOURCES_PATH}/src/VERSION ${INSTALLATION_SCRIPTS_DIR}/src/ + cp ${SOURCES_PATH}/src/REVISION ${INSTALLATION_SCRIPTS_DIR}/src/ +} + +build diff --git a/macos/package_files/4.2.4/postinstall.sh b/macos/package_files/4.2.4/postinstall.sh new file mode 100755 index 0000000000..7b269fc216 --- /dev/null +++ b/macos/package_files/4.2.4/postinstall.sh @@ -0,0 +1,124 @@ +#! /bin/bash +# By Spransy, Derek" and Charlie Scott +# Modified by Santiago Bassett (http://www.wazuh.com) - Feb 2016 +# alterations by bil hays 2013 +# -Switched to bash +# -Added some sanity checks +# -Added routine to find the first 3 contiguous UIDs above 100, +# starting at 600 puts this in user space +# -Added lines to append the ossec users to the group ossec +# so the the list GroupMembership works properly +GROUP="ossec" +USER="ossec" +DIR="/Library/Ossec" +INSTALLATION_SCRIPTS_DIR="${DIR}/packages_files/agent_installation_scripts" +SCA_BASE_DIR="${INSTALLATION_SCRIPTS_DIR}/sca" + +if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then + rm -rf ${DIR}/etc/{ossec.conf,client.keys,local_internal_options.conf,shared} + cp -rf ${DIR}/config_files/{ossec.conf,client.keys,local_internal_options.conf,shared} ${DIR}/etc/ + rm -rf ${DIR}/config_files/ +fi + +# Default for all directories +chmod -R 750 ${DIR}/ +chown -R root:${GROUP} ${DIR}/ + +chown -R root:wheel ${DIR}/bin +chown -R root:wheel ${DIR}/lib + +# To the ossec queue (default for agentd to read) +chown -R ${USER}:${GROUP} ${DIR}/queue/{alerts,diff,sockets,rids} + +chmod -R 770 ${DIR}/queue/{alerts,sockets} +chmod -R 750 ${DIR}/queue/{diff,sockets,rids} + +# For the logging user +chmod 770 ${DIR}/logs +chown -R ${USER}:${GROUP} ${DIR}/logs +find ${DIR}/logs/ -type d -exec chmod 750 {} \; +find ${DIR}/logs/ -type f -exec chmod 660 {} \; + +chown -R root:${GROUP} ${DIR}/tmp +chmod 1750 ${DIR}/tmp + +chmod 770 ${DIR}/etc +chown ${USER}:${GROUP} ${DIR}/etc +chmod 640 ${DIR}/etc/internal_options.conf +chown root:${GROUP} ${DIR}/etc/internal_options.conf +chmod 640 ${DIR}/etc/local_internal_options.conf +chown root:${GROUP} ${DIR}/etc/local_internal_options.conf +chmod 640 ${DIR}/etc/client.keys +chown root:${GROUP} ${DIR}/etc/client.keys +chmod 640 ${DIR}/etc/localtime +chmod 770 ${DIR}/etc/shared # ossec must be able to write to it +chown -R root:${GROUP} ${DIR}/etc/shared +find ${DIR}/etc/shared/ -type f -exec chmod 660 {} \; +chown root:${GROUP} ${DIR}/etc/ossec.conf +chmod 660 ${DIR}/etc/ossec.conf + + +chmod 770 ${DIR}/.ssh + +# For the /var/run +chmod -R 770 ${DIR}/var +chown -R root:${GROUP} ${DIR}/var + +. ${INSTALLATION_SCRIPTS_DIR}/src/init/dist-detect.sh + +upgrade=$(launchctl getenv WAZUH_PKG_UPGRADE) +restart=$(launchctl getenv WAZUH_RESTART) + +launchctl unsetenv WAZUH_PKG_UPGRADE +launchctl unsetenv WAZUH_RESTART + +if [ "${upgrade}" = "false" ]; then + ${INSTALLATION_SCRIPTS_DIR}/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} ${DIR} > ${DIR}/etc/ossec.conf + chown root:ossec ${DIR}/etc/ossec.conf + chmod 0640 ${DIR}/etc/ossec.conf +fi + +SCA_DIR="${DIST_NAME}/${DIST_VER}" +mkdir -p ${DIR}/ruleset/sca + +SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" + +# Install the configuration files needed for this hosts +if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" +elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" +elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" +else + SCA_TMP_DIR="${SCA_BASE_DIR}/generic" +fi + +SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" + +if [ -r ${SCA_TMP_FILE} ]; then + + rm -f ${DIR}/ruleset/sca/* || true + + for sca_file in $(cat ${SCA_TMP_FILE}); do + mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca + done +fi + +# Register and configure agent if Wazuh environment variables are defined +${INSTALLATION_SCRIPTS_DIR}/src/init/register_configure_agent.sh ${DIR} > /dev/null || : + +# Install the service +${INSTALLATION_SCRIPTS_DIR}/src/init/darwin-init.sh ${DIR} + +# Remove temporary directory +rm -rf ${DIR}/packages_files + +# Remove 4.1.5 patch +if [ -f ${DIR}/queue/alerts/sockets ]; then + rm ${DIR}/queue/alerts/sockets +fi + +if ${upgrade} && ${restart}; then + ${DIR}/bin/wazuh-control restart +fi diff --git a/macos/package_files/4.2.4/preinstall.sh b/macos/package_files/4.2.4/preinstall.sh new file mode 100755 index 0000000000..3b97800f41 --- /dev/null +++ b/macos/package_files/4.2.4/preinstall.sh @@ -0,0 +1,228 @@ +#! /bin/bash +# By Spransy, Derek" and Charlie Scott +# Modified by Wazuh, Inc. . +# This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2 + +##### +# This checks for an error and exits with a custom message +# Returns zero on success +# $1 is the message +# $2 is the error code + +DIR="/Library/Ossec" + +if [ ! -d ${DIR} ]; then + launchctl setenv WAZUH_PKG_UPGRADE false +else + launchctl setenv WAZUH_PKG_UPGRADE true + if ${DIR}/bin/wazuh-control status | grep "is running" > /dev/null 2>&1; then + launchctl setenv WAZUH_RESTART true + elif ${DIR}/bin/ossec-control status | grep "is running" > /dev/null 2>&1; then + launchctl setenv WAZUH_RESTART true + else + launchctl setenv WAZUH_RESTART false + fi +fi + +# Stops the agent before upgrading it +if [ -f ${DIR}/bin/wazuh-control ]; then + ${DIR}/bin/wazuh-control stop +elif [ -f ${DIR}/bin/ossec-control ]; then + ${DIR}/bin/ossec-control stop +fi + +if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then + mkdir -p ${DIR}/config_files/ + cp -r ${DIR}/etc/{ossec.conf,client.keys,local_internal_options.conf,shared} ${DIR}/config_files/ + + if [ -d ${DIR}/logs/ossec ]; then + mv ${DIR}/logs/ossec ${DIR}/logs/wazuh + fi + + if [ -d ${DIR}/queue/ossec ]; then + mv ${DIR}/queue/ossec ${DIR}/queue/sockets + fi +fi + +if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then + if pkgutil --pkgs | grep -i wazuh-agent-etc > /dev/null 2>&1 ; then + pkgutil --forget com.wazuh.pkg.wazuh-agent-etc + fi +fi + +if [[ ! -f "/usr/bin/dscl" ]] + then + echo "Error: I couldn't find dscl, dying here"; + exit +fi + +DSCL="/usr/bin/dscl"; + +function check_errm +{ + if [[ ${?} != "0" ]] + then + echo "${1}"; + exit ${2}; + fi +} + +# get unique id numbers (uid, gid) that are greater than 100 +unset -v i new_uid new_gid idvar; +declare -i new_uid=0 new_gid=0 i=100 idvar=0; +while [[ $idvar -eq 0 ]]; do + i=$[i+1] + if [[ -z "$(/usr/bin/dscl . -search /Users uid ${i})" ]] && [[ -z "$(/usr/bin/dscl . -search /Groups gid ${i})" ]]; + then + new_uid=$i + new_gid=$i + idvar=1 + #break + fi +done + +echo "UID available for ossec user is:"; +echo ${new_uid} + +# Verify that the uid and gid exist and match +if [[ $new_uid -eq 0 ]] || [[ $new_gid -eq 0 ]]; + then + echo "Getting unique id numbers (uid, gid) failed!"; + exit 1; +fi +if [[ ${new_uid} != ${new_gid} ]] + then + echo "I failed to find matching free uid and gid!"; + exit 5; +fi + +# Creating the group +if [[ $(dscl . -read /Groups/ossec) ]] + then + echo "ossec group already exists."; +else + sudo ${DSCL} localhost -create /Local/Default/Groups/ossec + check_errm "Error creating group ossec" "67" + sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec PrimaryGroupID ${new_gid} + sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RealName ossec + sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordName ossec + sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordType: dsRecTypeStandard:Groups + sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec Password "*" +fi + +# Creating the user +if [[ $(dscl . -read /Users/ossec) ]] + then + echo "ossec user already exists."; +else + sudo ${DSCL} localhost -create /Local/Default/Users/ossec + check_errm "Error creating user ossec" "77" + sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RecordName ossec + sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RealName ossec + sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UserShell /usr/bin/false + sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec NFSHomeDirectory /var/ossec + sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UniqueID ${new_uid} + sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec PrimaryGroupID ${new_gid} + sudo ${DSCL} localhost -append /Local/Default/Groups/ossec GroupMembership ossec +sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec Password "*" +fi + +#Hide the fixed users +dscl . create /Users/ossec IsHidden 1 + +sudo tee /Library/LaunchDaemons/com.wazuh.agent.plist <<-'EOF' + + + + + Label + com.wazuh.agent + ProgramArguments + + /Library/StartupItems/WAZUH/launcher.sh + + RunAtLoad + + + +EOF +chown root:wheel /Library/LaunchDaemons/com.wazuh.agent.plist +chmod u=rw-,go=r-- /Library/LaunchDaemons/com.wazuh.agent.plist + +sudo mkdir /Library/StartupItems/WAZUH +chown root:wheel /Library/StartupItems/WAZUH + +sudo tee /Library/StartupItems/WAZUH/WAZUH <<-'EOF' +#!/bin/sh +. /etc/rc.common + +DIRECTORY="/Library/Ossec" + +StartService () +{ + ${DIRECTORY}/bin/wazuh-control start +} +StopService () +{ + ${DIRECTORY}/bin/wazuh-control stop +} +RestartService () +{ + ${DIRECTORY}/bin/wazuh-control restart +} +RunService "$1" +EOF +chown root:wheel /Library/StartupItems/WAZUH/WAZUH +chmod u=rwx,go=r-x /Library/StartupItems/WAZUH/WAZUH + +sudo tee /Library/StartupItems/WAZUH/StartupParameters.plist <<-'EOF' + + + + + Description + WAZUH Security agent + Messages + + start + Starting Wazuh agent + stop + Stopping Wazuh agent + + Provides + + WAZUH + + Requires + + IPFilter + + + +EOF +chown root:wheel /Library/StartupItems/WAZUH/StartupParameters.plist +chmod u=rw-,go=r-- /Library/StartupItems/WAZUH/StartupParameters.plist + +sudo tee /Library/StartupItems/WAZUH/launcher.sh <<-'EOF' +#!/bin/sh + +DIRECTORY="/Library/Ossec" + +capture_sigterm() { + ${DIRECTORY}/bin/wazuh-control stop + exit $? +} + +if ! ${DIRECTORY}/bin/wazuh-control start; then + ${DIRECTORY}/bin/wazuh-control stop +fi + +while : ; do + trap capture_sigterm SIGTERM + sleep 3 +done +EOF + +chown root:wheel /Library/StartupItems/WAZUH/launcher.sh +chmod u=rxw-,go=rx- /Library/StartupItems/WAZUH/launcher.sh diff --git a/macos/specs/4.x/wazuh-agent-4.2.4.pkgproj b/macos/specs/4.x/wazuh-agent-4.2.4.pkgproj new file mode 100644 index 0000000000..4051ea89b4 --- /dev/null +++ b/macos/specs/4.x/wazuh-agent-4.2.4.pkgproj @@ -0,0 +1,1238 @@ + + + + + PACKAGES + + + MUST-CLOSE-APPLICATION-ITEMS + + MUST-CLOSE-APPLICATIONS + + PACKAGE_FILES + + DEFAULT_INSTALL_LOCATION + / + HIERARCHY + + CHILDREN + + + CHILDREN + + GID + 80 + PATH + Applications + PATH_TYPE + 0 + PERMISSIONS + 509 + TYPE + 1 + UID + 0 + + + CHILDREN + + + CHILDREN + + GID + 80 + PATH + Application Support + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Automator + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Documentation + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Extensions + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Filesystems + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Frameworks + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Input Methods + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Internet Plug-Ins + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + LaunchAgents + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + LaunchDaemons + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/.ssh + PATH_TYPE + 0 + PERMISSIONS + 448 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/active-response + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/agentless + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/bin + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/etc/internal_options.conf + PATH_TYPE + 0 + PERMISSIONS + 416 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/etc/localtime + PATH_TYPE + 0 + PERMISSIONS + 416 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/etc/client.keys + PATH_TYPE + 0 + PERMISSIONS + 416 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/etc/local_internal_options.conf + PATH_TYPE + 0 + PERMISSIONS + 416 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/etc/ossec.conf + PATH_TYPE + 0 + PERMISSIONS + 416 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/etc/shared + PATH_TYPE + 0 + PERMISSIONS + 504 + TYPE + 3 + UID + 0 + + + EXPANDED + + GID + 0 + PATH + /Library/Ossec/etc + PATH_TYPE + 0 + PERMISSIONS + 504 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/lib + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/logs + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/queue + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/tmp + PATH_TYPE + 0 + PERMISSIONS + 1000 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/packages_files + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/var + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/wodles + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + /Library/Ossec/ruleset + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + EXPANDED + + GID + 0 + PATH + /Library/Ossec + PATH_TYPE + 0 + PERMISSIONS + 488 + TYPE + 3 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + PreferencePanes + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Preferences + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 80 + PATH + Printers + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + PrivilegedHelperTools + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + QuickLook + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + QuickTime + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Screen Savers + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Scripts + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Services + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + GID + 0 + PATH + Widgets + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + GID + 0 + PATH + Library + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + CHILDREN + + + CHILDREN + + GID + 0 + PATH + Shared + PATH_TYPE + 0 + PERMISSIONS + 1023 + TYPE + 1 + UID + 0 + + + GID + 80 + PATH + Users + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + + GID + 0 + PATH + / + PATH_TYPE + 0 + PERMISSIONS + 493 + TYPE + 1 + UID + 0 + + PAYLOAD_TYPE + 0 + SHOW_INVISIBLE + + SPLIT_FORKS + + TREAT_MISSING_FILES_AS_WARNING + + VERSION + 4 + + PACKAGE_SCRIPTS + + POSTINSTALL_PATH + + PATH + postinstall.sh + PATH_TYPE + 1 + + PREINSTALL_PATH + + PATH + preinstall.sh + PATH_TYPE + 1 + + RESOURCES + + + PACKAGE_SETTINGS + + AUTHENTICATION + 1 + CONCLUSION_ACTION + 0 + FOLLOW_SYMBOLIC_LINKS + + IDENTIFIER + com.wazuh.pkg.wazuh-agent + LOCATION + 0 + NAME + agent + OVERWRITE_PERMISSIONS + + PAYLOAD_SIZE + -1 + RELOCATABLE + + USE_HFS+_COMPRESSION + + VERSION + 4.2.4-1 + + TYPE + 0 + UUID + 7BC88EDC-74AB-498A-992B-DE940686D898 + + + PROJECT + + PROJECT_COMMENTS + + NOTES + + PCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBIVE1M + IDQuMDEvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIvaHRtbDQv + c3RyaWN0LmR0ZCI+CjxodG1sPgo8aGVhZD4KPG1ldGEgaHR0cC1l + cXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7 + IGNoYXJzZXQ9VVRGLTgiPgo8bWV0YSBodHRwLWVxdWl2PSJDb250 + ZW50LVN0eWxlLVR5cGUiIGNvbnRlbnQ9InRleHQvY3NzIj4KPHRp + dGxlPjwvdGl0bGU+CjxtZXRhIG5hbWU9IkdlbmVyYXRvciIgY29u + dGVudD0iQ29jb2EgSFRNTCBXcml0ZXIiPgo8bWV0YSBuYW1lPSJD + b2NvYVZlcnNpb24iIGNvbnRlbnQ9IjE1MDQuODMiPgo8c3R5bGUg + dHlwZT0idGV4dC9jc3MiPgo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5 + Pgo8L2JvZHk+CjwvaHRtbD4K + + + PROJECT_PRESENTATION + + BACKGROUND + + INSTALLATION TYPE + + HIERARCHIES + + INSTALLER + + LIST + + + DESCRIPTION + + OPTIONS + + HIDDEN + + STATE + 0 + + PACKAGE_UUID + 7BC88EDC-74AB-498A-992B-DE940686D898 + REQUIREMENTS + + TITLE + + + LANGUAGE + English + VALUE + Wazuh Agent + + + TOOLTIP + + TYPE + 0 + UUID + B5127C49-7EF4-4B73-97D7-2819981073A4 + + + REMOVED + + + + MODE + 0 + + INSTALLATION_STEPS + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewIntroductionController + INSTALLER_PLUGIN + Introduction + LIST_TITLE_KEY + InstallerSectionTitle + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewReadMeController + INSTALLER_PLUGIN + ReadMe + LIST_TITLE_KEY + InstallerSectionTitle + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewLicenseController + INSTALLER_PLUGIN + License + LIST_TITLE_KEY + InstallerSectionTitle + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewDestinationSelectController + INSTALLER_PLUGIN + TargetSelect + LIST_TITLE_KEY + InstallerSectionTitle + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewInstallationTypeController + INSTALLER_PLUGIN + PackageSelection + LIST_TITLE_KEY + InstallerSectionTitle + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewInstallationController + INSTALLER_PLUGIN + Install + LIST_TITLE_KEY + InstallerSectionTitle + + + ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS + ICPresentationViewSummaryController + INSTALLER_PLUGIN + Summary + LIST_TITLE_KEY + InstallerSectionTitle + + + INTRODUCTION + + LOCALIZATIONS + + + LANGUAGE + English + VALUE + + PATH + introduction.txt + PATH_TYPE + 1 + + + + + LICENSE + + LOCALIZATIONS + + MODE + 0 + + README + + LOCALIZATIONS + + + TITLE + + LOCALIZATIONS + + + LANGUAGE + English + VALUE + Wazuh Agent + + + + + PROJECT_REQUIREMENTS + + LIST + + + BEHAVIOR + 3 + DICTIONARY + + IC_REQUIREMENT_CPU_ARCHITECTURE_FAMILY + 2 + IC_REQUIREMENT_CPU_INTEL_ARCHITECTURE_TYPE + 2 + IC_REQUIREMENT_CPU_MINIMUM_CPU_CORES_COUNT + 1 + IC_REQUIREMENT_CPU_MINIMUM_FREQUENCY + 866666 + IC_REQUIREMENT_CPU_POWERPC_ARCHITECTURE_TYPE + 0 + + IC_REQUIREMENT_CHECK_TYPE + 0 + IDENTIFIER + fr.whitebox.Packages.requirement.cpu + MESSAGE + + + LANGUAGE + English + SECONDARY_VALUE + + VALUE + This installer has been built for 64-bit Intel architecture. It won't install in other platforms. + + + NAME + Processor + STATE + + + + BEHAVIOR + 3 + DICTIONARY + + IC_REQUIREMENT_OS_DISK_TYPE + 0 + IC_REQUIREMENT_OS_DISTRIBUTION_TYPE + 0 + IC_REQUIREMENT_OS_MINIMUM_VERSION + 100800 + + IC_REQUIREMENT_CHECK_TYPE + 1 + IDENTIFIER + fr.whitebox.Packages.requirement.os + MESSAGE + + NAME + Operating System + STATE + + + + RESOURCES + + ROOT_VOLUME_ONLY + + + PROJECT_SETTINGS + + BUILD_FORMAT + 0 + BUILD_PATH + + PATH + build + PATH_TYPE + 1 + + EXCLUDED_FILES + + + PATTERNS_ARRAY + + + REGULAR_EXPRESSION + + STRING + .DS_Store + TYPE + 0 + + + PROTECTED + + PROXY_NAME + Remove .DS_Store files + PROXY_TOOLTIP + Remove ".DS_Store" files created by the Finder. + STATE + + + + PATTERNS_ARRAY + + + REGULAR_EXPRESSION + + STRING + .pbdevelopment + TYPE + 0 + + + PROTECTED + + PROXY_NAME + Remove .pbdevelopment files + PROXY_TOOLTIP + Remove ".pbdevelopment" files created by ProjectBuilder or Xcode. + STATE + + + + PATTERNS_ARRAY + + + REGULAR_EXPRESSION + + STRING + CVS + TYPE + 1 + + + REGULAR_EXPRESSION + + STRING + .cvsignore + TYPE + 0 + + + REGULAR_EXPRESSION + + STRING + .cvspass + TYPE + 0 + + + REGULAR_EXPRESSION + + STRING + .svn + TYPE + 1 + + + REGULAR_EXPRESSION + + STRING + .git + TYPE + 1 + + + REGULAR_EXPRESSION + + STRING + .gitignore + TYPE + 0 + + + PROTECTED + + PROXY_NAME + Remove SCM metadata + PROXY_TOOLTIP + Remove helper files and folders used by the CVS, SVN or Git Source Code Management systems. + STATE + + + + PATTERNS_ARRAY + + + REGULAR_EXPRESSION + + STRING + classes.nib + TYPE + 0 + + + REGULAR_EXPRESSION + + STRING + designable.db + TYPE + 0 + + + REGULAR_EXPRESSION + + STRING + info.nib + TYPE + 0 + + + PROTECTED + + PROXY_NAME + Optimize nib files + PROXY_TOOLTIP + Remove "classes.nib", "info.nib" and "designable.nib" files within .nib bundles. + STATE + + + + PATTERNS_ARRAY + + + REGULAR_EXPRESSION + + STRING + Resources Disabled + TYPE + 1 + + + PROTECTED + + PROXY_NAME + Remove Resources Disabled folders + PROXY_TOOLTIP + Remove "Resources Disabled" folders. + STATE + + + + SEPARATOR + + + + NAME + wazuh-agent-4.2.4-1 + PAYLOAD_ONLY + + TREAT_MISSING_PRESENTATION_DOCUMENTS_AS_WARNING + + + + TYPE + 0 + VERSION + 2 + + diff --git a/rpms/SPECS/4.2.4/wazuh-agent-4.2.4.spec b/rpms/SPECS/4.2.4/wazuh-agent-4.2.4.spec new file mode 100644 index 0000000000..9fca97f37a --- /dev/null +++ b/rpms/SPECS/4.2.4/wazuh-agent-4.2.4.spec @@ -0,0 +1,732 @@ +Summary: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring +Name: wazuh-agent +Version: 4.2.4 +Release: %{_release} +License: GPL +Group: System Environment/Daemons +Source0: %{name}-%{version}.tar.gz +URL: https://www.wazuh.com/ +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Vendor: Wazuh, Inc +Packager: Wazuh, Inc +Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd +Requires(post): /sbin/chkconfig +Requires(preun): /sbin/chkconfig /sbin/service +Requires(postun): /sbin/service +Conflicts: ossec-hids ossec-hids-agent wazuh-manager wazuh-local +AutoReqProv: no + +Requires: coreutils +%if 0%{?el} >= 6 || 0%{?rhel} >= 6 +BuildRequires: coreutils glibc-devel automake autoconf libtool policycoreutils-python perl +%else +BuildRequires: coreutils glibc-devel automake autoconf libtool policycoreutils perl +%endif + +ExclusiveOS: linux + +%description +Wazuh helps you to gain security visibility into your infrastructure by monitoring +hosts at an operating system and application level. It provides the following capabilities: +log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring + +%prep +%setup -q + +./gen_ossec.sh conf agent centos %rhel %{_localstatedir} > etc/ossec-agent.conf + +%build +pushd src +# Rebuild for agent +make clean + +%if 0%{?el} >= 6 || 0%{?rhel} >= 6 + make deps TARGET=agent + make -j%{_threads} TARGET=agent USE_SELINUX=yes DEBUG=%{_debugenabled} +%else + %ifnarch x86_64 + MSGPACK="USE_MSGPACK_OPT=no" + %endif + deps_version=`cat Makefile | grep "DEPS_VERSION =" | cut -d " " -f 3` + make deps RESOURCES_URL=http://packages.wazuh.com/deps/${deps_version} TARGET=agent + make -j%{_threads} TARGET=agent USE_AUDIT=no USE_SELINUX=yes USE_EXEC_ENVIRON=no DEBUG=%{_debugenabled} ${MSGPACK} + +%endif + +popd + +%install +# Clean BUILDROOT +rm -fr %{buildroot} + +echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf +echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf +echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf +echo 'USER_DIR="%{_localstatedir}"' >> ./etc/preloaded-vars.conf +echo 'USER_DELETE_DIR="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_ACTIVE_RESPONSE="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_SYSCHECK="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_ROOTCHECK="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_SYSCOLLECTOR="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_CISCAT="y"' >> ./etc/preloaded-vars.conf +echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf +echo 'USER_AGENT_SERVER_IP="MANAGER_IP"' >> ./etc/preloaded-vars.conf +echo 'USER_CA_STORE="/path/to/my_cert.pem"' >> ./etc/preloaded-vars.conf +echo 'USER_AUTO_START="n"' >> ./etc/preloaded-vars.conf +./install.sh + +%if 0%{?el} < 6 || 0%{?rhel} < 6 + mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir} + touch ${RPM_BUILD_ROOT}%{_sysconfdir}/ossec-init.conf +%endif + +# Create directories +mkdir -p ${RPM_BUILD_ROOT}%{_initrddir} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh + +# Copy the installed files into RPM_BUILD_ROOT directory +cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ +mkdir -p ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ +sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-rh.init +install -m 0755 src/init/templates/ossec-hids-rh.init ${RPM_BUILD_ROOT}%{_initrddir}/wazuh-agent +sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/wazuh-agent.service +install -m 0644 src/init/templates/wazuh-agent.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ + +# Clean the preinstalled configuration assesment files +rm -f ${RPM_BUILD_ROOT}%{_localstatedir}/ruleset/sca/* + +# Install configuration assesment files and files templates +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/{generic} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/{1,2} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/{8,7,6,5} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/{8,7,6,5} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/{11,12} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/{11,12} + +cp -r ruleset/sca/{generic,centos,rhel,sles} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp + +cp etc/templates/config/generic/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic + +cp etc/templates/config/amzn/1/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 +cp etc/templates/config/amzn/2/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 + +cp etc/templates/config/centos/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos +cp etc/templates/config/centos/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 +cp etc/templates/config/centos/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 +cp etc/templates/config/centos/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 + +cp etc/templates/config/rhel/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel +cp etc/templates/config/rhel/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 +cp etc/templates/config/rhel/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 +cp etc/templates/config/rhel/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 + +cp etc/templates/config/sles/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles +cp etc/templates/config/sles/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 + +cp etc/templates/config/suse/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse +cp etc/templates/config/suse/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 + +# Add configuration scripts +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ +cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ +cp add_localfiles.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ + +# Templates for initscript +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/init +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/generic +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/centos +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/rhel +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/suse +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/sles + +# Add SUSE initscript +sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-suse.init +cp -rp src/init/templates/ossec-hids-suse.init ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/init/ + +# Copy scap templates +cp -rp etc/templates/config/generic/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/generic +cp -rp etc/templates/config/centos/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/centos +cp -rp etc/templates/config/rhel/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/rhel +cp -rp etc/templates/config/suse/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/suse +cp -rp etc/templates/config/sles/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/sles + +install -m 0640 src/init/*.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/init + +# Add installation scripts +cp src/VERSION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/ +cp src/REVISION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/ + +if [ %{_debugenabled} = "yes" ]; then + %{_rpmconfigdir}/find-debuginfo.sh +fi +exit 0 + +%pre + +# Create the ossec group if it doesn't exists +if command -v getent > /dev/null 2>&1 && ! getent group ossec > /dev/null 2>&1; then + groupadd -r ossec +elif ! id -g ossec > /dev/null 2>&1; then + groupadd -r ossec +fi +# Create the ossec user if it doesn't exists +if ! id -u ossec > /dev/null 2>&1; then + useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossec +fi + +# Stop the services to upgrade the package +if [ $1 = 2 ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then + systemctl stop wazuh-agent.service > /dev/null 2>&1 + touch %{_localstatedir}/tmp/wazuh.restart + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + service wazuh-agent stop > /dev/null 2>&1 + touch %{_localstatedir}/tmp/wazuh.restart + elif %{_localstatedir}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + touch %{_localstatedir}/tmp/wazuh.restart + elif %{_localstatedir}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + touch %{_localstatedir}/tmp/wazuh.restart + fi + %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 +fi + +%post + +echo "VERSION=\"$(%{_localstatedir}/bin/wazuh-control info -v)\"" > /etc/ossec-init.conf +if [ $1 = 2 ]; then + if [ -d %{_localstatedir}/logs/ossec ]; then + rm -rf %{_localstatedir}/logs/wazuh + cp -rp %{_localstatedir}/logs/ossec %{_localstatedir}/logs/wazuh + fi + + if [ -d %{_localstatedir}/queue/ossec ]; then + rm -rf %{_localstatedir}/queue/sockets + cp -rp %{_localstatedir}/queue/ossec %{_localstatedir}/queue/sockets + fi +fi +# If the package is being installed +if [ $1 = 1 ]; then + + sles="" + if [ -f /etc/SuSE-release ]; then + sles="suse" + elif [ -f /etc/os-release ]; then + if `grep -q "\"sles" /etc/os-release` ; then + sles="suse" + elif `grep -q -i "\"opensuse" /etc/os-release` ; then + sles="opensuse" + fi + fi + + if [ ! -z "$sles" ]; then + install -m 755 %{_localstatedir}/packages_files/agent_installation_scripts/src/init/ossec-hids-suse.init /etc/init.d/wazuh-agent + fi + + touch %{_localstatedir}/logs/active-responses.log + chown ossec:ossec %{_localstatedir}/logs/active-responses.log + chmod 0660 %{_localstatedir}/logs/active-responses.log + + . %{_localstatedir}/packages_files/agent_installation_scripts/src/init/dist-detect.sh + + # Generating osse.conf file + %{_localstatedir}/packages_files/agent_installation_scripts/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} %{_localstatedir} > %{_localstatedir}/etc/ossec.conf + chown root:ossec %{_localstatedir}/etc/ossec.conf + + # Add default local_files to ossec.conf + %{_localstatedir}/packages_files/agent_installation_scripts/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf + + + # Register and configure agent if Wazuh environment variables are defined + %{_localstatedir}/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh %{_localstatedir} > /dev/null || : +fi + +# Delete the installation files used to configure the agent +rm -rf %{_localstatedir}/packages_files + +# Remove unnecessary files from shared directory +rm -f %{_localstatedir}/etc/shared/*.rpmnew + +# CentOS +if [ -r "/etc/centos-release" ]; then + DIST_NAME="centos" + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/centos-release` +# Fedora +elif [ -r "/etc/fedora-release" ]; then + DIST_NAME="generic" + DIST_VER="" +# RedHat +elif [ -r "/etc/redhat-release" ]; then + if grep -q "CentOS" /etc/redhat-release; then + DIST_NAME="centos" + else + DIST_NAME="rhel" + fi + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/redhat-release` +# SUSE +elif [ -r "/etc/SuSE-release" ]; then + if grep -q "openSUSE" /etc/SuSE-release; then + DIST_NAME="generic" + DIST_VER="" + else + DIST_NAME="sles" + DIST_VER=`sed -rn 's/.*VERSION = ([0-9]{1,2}).*/\1/p' /etc/SuSE-release` + fi +elif [ -r "/etc/os-release" ]; then + . /etc/os-release + DIST_NAME=$ID + DIST_VER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*([0-9]+).*/\1/p') + if [ "X$DIST_VER" = "X" ]; then + DIST_VER="0" + fi + if [ "$DIST_NAME" = "amzn" ] && [ "$DIST_VER" != "2" ]; then + DIST_VER="1" + fi + DIST_SUBVER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*[0-9]+\.([0-9]+).*/\1/p') + if [ "X$DIST_SUBVER" = "X" ]; then + DIST_SUBVER="0" + fi +else + DIST_NAME="generic" + DIST_VER="" +fi + +SCA_DIR="${DIST_NAME}/${DIST_VER}" +SCA_BASE_DIR="%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp" +mkdir -p %{_localstatedir}/ruleset/sca + +SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" + +# Install the configuration files needed for this hosts +if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" +elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" +elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" +else + SCA_TMP_DIR="${SCA_BASE_DIR}/generic" +fi + +SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" + +if [ -r ${SCA_TMP_FILE} ]; then + + rm -f %{_localstatedir}/ruleset/sca/* || true + + for sca_file in $(cat ${SCA_TMP_FILE}); do + if [ -f ${SCA_BASE_DIR}/${sca_file} ]; then + mv ${SCA_BASE_DIR}/${sca_file} %{_localstatedir}/ruleset/sca + fi + done +fi + +# Set the proper selinux context +if ([ "X${DIST_NAME}" = "Xrhel" ] || [ "X${DIST_NAME}" = "Xcentos" ] || [ "X${DIST_NAME}" = "XCentOS" ]) && [ "${DIST_VER}" == "5" ]; then + if command -v getenforce > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + chcon -t textrel_shlib_t %{_localstatedir}/lib/libwazuhext.so + chcon -t textrel_shlib_t %{_localstatedir}/lib/libwazuhshared.so + fi + fi +else + # Add the SELinux policy + if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + semodule -i %{_localstatedir}/var/selinux/wazuh.pp + semodule -e wazuh + fi + fi +fi + +# Restore ossec.conf permissions after upgrading +chmod 0660 %{_localstatedir}/etc/ossec.conf + +%preun + +if [ $1 = 0 ]; then + + # Stop the services before uninstall the package + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then + systemctl stop wazuh-agent.service > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then + service wazuh-agent stop > /dev/null 2>&1 + else # Anything else + %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 + fi + + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl disable wazuh-agent > /dev/null 2>&1 + systemctl daemon-reload > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 ; then + chkconfig wazuh-agent off > /dev/null 2>&1 + chkconfig --del wazuh-agent > /dev/null 2>&1 + fi + + # Remove the SELinux policy + if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + if (semodule -l | grep wazuh > /dev/null); then + semodule -r wazuh > /dev/null + fi + fi + fi + # Remove the service file for SUSE hosts + if [ -f /etc/os-release ]; then + sles=$(grep "\"sles" /etc/os-release) + elif [ -f /etc/SuSE-release ]; then + sles=$(grep "SUSE Linux Enterprise Server" /etc/SuSE-release) + fi + if [ ! -z "$sles" ]; then + rm -f /etc/init.d/wazuh-agent + fi + + # Remove SCA files + rm -f %{_localstatedir}/ruleset/sca/* + +fi + +%triggerin -- glibc +[ -r %{_sysconfdir}/localtime ] && cp -fpL %{_sysconfdir}/localtime %{_localstatedir}/etc + chown root:ossec %{_localstatedir}/etc/localtime + chmod 0640 %{_localstatedir}/etc/localtime + +%postun + +# If the package is been uninstalled +if [ $1 = 0 ];then + # Remove the ossec user if it exists + if id -u ossec > /dev/null 2>&1; then + userdel ossec >/dev/null 2>&1 + fi + # Remove the ossec group if it exists + if command -v getent > /dev/null 2>&1 && getent group ossec > /dev/null 2>&1; then + groupdel ossec >/dev/null 2>&1 + elif id -g ossec > /dev/null 2>&1; then + groupdel ossec >/dev/null 2>&1 + fi + + # Remove lingering folders and files + rm -rf %{_localstatedir}/etc/shared/ + rm -rf %{_localstatedir}/queue/ + rm -rf %{_localstatedir}/var/ + rm -rf %{_localstatedir}/bin/ + rm -rf %{_localstatedir}/logs/ + rm -rf %{_localstatedir}/backup/ + rm -rf %{_localstatedir}/ruleset/ + rm -rf %{_localstatedir}/tmp +fi + +# posttrans code is the last thing executed in a install/upgrade +%posttrans +if [ -f %{_sysconfdir}/systemd/system/wazuh-agent.service ]; then + rm -rf %{_sysconfdir}/systemd/system/wazuh-agent.service + systemctl daemon-reload > /dev/null 2>&1 +fi + +if [ -f %{_localstatedir}/tmp/wazuh.restart ]; then + rm -f %{_localstatedir}/tmp/wazuh.restart + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 ; then + systemctl daemon-reload > /dev/null 2>&1 + systemctl restart wazuh-agent.service > /dev/null 2>&1 + elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then + service wazuh-agent restart > /dev/null 2>&1 + else + %{_localstatedir}/bin/wazuh-control restart > /dev/null 2>&1 + fi +fi + +if [ -d %{_localstatedir}/logs/ossec ]; then + rm -rf %{_localstatedir}/logs/ossec/ +fi + +if [ -d %{_localstatedir}/queue/ossec ]; then + rm -rf %{_localstatedir}/queue/ossec/ +fi + +if [ -f %{_sysconfdir}/ossec-init.conf ]; then + rm -f %{_sysconfdir}/ossec-init.conf + rm -f %{_localstatedir}/etc/ossec-init.conf +fi + +%clean +rm -fr %{buildroot} + +%files +%defattr(-,root,root) +%{_initrddir}/wazuh-agent +/usr/lib/systemd/system/wazuh-agent.service +%attr(640, root, ossec) %verify(not md5 size mtime) %ghost %{_sysconfdir}/ossec-init.conf +%dir %attr(750,root,ossec) %{_localstatedir} +%attr(750,root,ossec) %{_localstatedir}/agentless +%dir %attr(770,root,ossec) %{_localstatedir}/.ssh +%dir %attr(750,root,ossec) %{_localstatedir}/active-response +%dir %attr(750,root,ossec) %{_localstatedir}/active-response/bin +%attr(750,root,ossec) %{_localstatedir}/active-response/bin/* +%dir %attr(750,root,root) %{_localstatedir}/bin +%attr(750,root,root) %{_localstatedir}/bin/* +%dir %attr(750,root,ossec) %{_localstatedir}/backup +%dir %attr(770,ossec,ossec) %{_localstatedir}/etc +%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/client.keys +%attr(640,root,ossec) %{_localstatedir}/etc/internal_options* +%attr(640,root,ossec) %{_localstatedir}/etc/localtime +%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/local_internal_options.conf +%attr(660,root,ossec) %config(noreplace) %{_localstatedir}/etc/ossec.conf +%attr(640,root,ossec) %{_localstatedir}/etc/wpk_root.pem +%dir %attr(770,root,ossec) %{_localstatedir}/etc/shared +%attr(660,root,ossec) %config(missingok,noreplace) %{_localstatedir}/etc/shared/* +%dir %attr(750,root,ossec) %{_localstatedir}/lib +%attr(750,root,ossec) %{_localstatedir}/lib/* +%dir %attr(770,ossec,ossec) %{_localstatedir}/logs +%attr(660,ossec,ossec) %ghost %{_localstatedir}/logs/active-responses.log +%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.log +%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.json +%dir %attr(750,ossec,ossec) %{_localstatedir}/logs/wazuh +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/add_localfiles.sh +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/gen_ossec.sh +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/generic/* +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/centos/* +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/rhel/* +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/sles/* +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/suse/* +%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/src/* +%dir %attr(750,root,ossec) %{_localstatedir}/queue +%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/sockets +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/diff +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim/db +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector/db +%attr(640, root,ossec) %{_localstatedir}/queue/syscollector/norm_config.json +%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/alerts +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/rids +%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/logcollector +%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/ +%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/sca +%attr(750, root, ossec) %{_localstatedir}/lib/libdbsync.so +%attr(750, root, ossec) %{_localstatedir}/lib/librsync.so +%attr(750, root, ossec) %{_localstatedir}/lib/libsyscollector.so +%attr(750, root, ossec) %{_localstatedir}/lib/libsysinfo.so +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12/* +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/12 +%dir %attr(1770,root,ossec) %{_localstatedir}/tmp +%dir %attr(750,root,ossec) %{_localstatedir}/var +%dir %attr(770,root,ossec) %{_localstatedir}/var/incoming +%dir %attr(770,root,ossec) %{_localstatedir}/var/run +%dir %attr(770,root,ossec) %{_localstatedir}/var/selinux +%attr(640,root,ossec) %{_localstatedir}/var/selinux/* +%dir %attr(770,root,ossec) %{_localstatedir}/var/upgrade +%dir %attr(770,root,ossec) %{_localstatedir}/var/wodles +%dir %attr(750,root,ossec) %{_localstatedir}/wodles +%attr(750,root,ossec) %{_localstatedir}/wodles/* +%dir %attr(750,root,ossec) %{_localstatedir}/wodles/aws +%attr(750,root,ossec) %{_localstatedir}/wodles/aws/* +%dir %attr(750,root,ossec) %{_localstatedir}/wodles/docker +%attr(750,root,ossec) %{_localstatedir}/wodles/docker/* +%dir %attr(750, root, ossec) %{_localstatedir}/wodles/gcloud +%attr(750, root, ossec) %{_localstatedir}/wodles/gcloud/* + +%if %{_debugenabled} == "yes" +/usr/lib/debug/%{_localstatedir}/* +/usr/src/debug/%{name}-%{version}/* +%endif + + +%changelog +* Thu Oct 21 2021 support - 4.2.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Oct 06 2021 support - 4.2.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Sep 28 2021 support - 4.2.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Sep 25 2021 support - 4.2.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 26 2021 support - 4.2.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Apr 24 2021 support - 3.13.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 22 2021 support - 4.1.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Mar 29 2021 support - 4.1.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Mar 20 2021 support - 4.1.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Mar 08 2021 support - 4.1.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Mar 05 2021 support - 4.1.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 19 2021 support - 4.1.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 12 2021 support - 4.0.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 30 2020 support - 4.0.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 23 2020 support - 4.0.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Oct 31 2020 support - 4.0.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 19 2020 support - 4.0.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Aug 21 2020 support - 3.13.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jul 14 2020 support - 3.13.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 29 2020 support - 3.13.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 13 2020 support - 3.12.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Apr 9 2020 support - 3.12.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Apr 8 2020 support - 3.12.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Mar 25 2020 support - 3.12.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Feb 24 2020 support - 3.11.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 22 2020 support - 3.11.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 7 2020 support - 3.11.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Dec 26 2019 support - 3.11.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 7 2019 support - 3.11.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 23 2019 support - 3.10.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Sep 19 2019 support - 3.10.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Aug 26 2019 support - 3.10.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Aug 8 2019 support - 3.9.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Jul 12 2019 support - 3.9.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jun 11 2019 support - 3.9.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Jun 6 2019 support - 3.9.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon May 6 2019 support - 3.9.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Feb 25 2019 support - 3.9.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 30 2019 support - 3.8.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Jan 24 2019 support - 3.8.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 16 2019 support - 3.8.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Dec 10 2018 support - 3.7.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 12 2018 support - 3.7.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Nov 10 2018 support - 3.7.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 3 2018 support - 3.6.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Aug 23 2018 support - 3.6.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jul 25 2018 support - 3.5.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jul 11 2018 support - 3.4.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 18 2018 support - 3.3.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 11 2018 support - 3.3.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 30 2018 support - 3.2.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu May 10 2018 support - 3.2.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 09 2018 support - 3.2.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Feb 21 2018 support - 3.2.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Feb 07 2018 support - 3.2.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Dec 19 2017 support - 3.1.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 06 2017 support - 3.0.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jun 06 2017 support - 2.0.1 +- Changed random data generator for a secure OS-provided generator. +- Changed Windows installer file name (depending on version). +- Linux distro detection using standard os-release file. +- Changed some URLs to documentation. +- Disable synchronization with SQLite databases for Syscheck by default. +- Minor changes at Rootcheck formatter for JSON alerts. +- Added debugging messages to Integrator logs. +- Show agent ID when possible on logs about incorrectly formatted messages. +- Use default maximum inotify event queue size. +- Show remote IP on encoding format errors when unencrypting messages. +- Fix permissions in agent-info folder +- Fix permissions in rids folder. +* Fri Apr 21 2017 Jose Luis Ruiz - 2.0 +- Changed random data generator for a secure OS-provided generator. +- Changed Windows installer file name (depending on version). +- Linux distro detection using standard os-release file. +- Changed some URLs to documentation. +- Disable synchronization with SQLite databases for Syscheck by default. +- Minor changes at Rootcheck formatter for JSON alerts. +- Added debugging messages to Integrator logs. +- Show agent ID when possible on logs about incorrectly formatted messages. +- Use default maximum inotify event queue size. +- Show remote IP on encoding format errors when unencrypting messages. +- Fixed resource leaks at rules configuration parsing. +- Fixed memory leaks at rules parser. +- Fixed memory leaks at XML decoders parser. +- Fixed TOCTOU condition when removing directories recursively. +- Fixed insecure temporary file creation for old POSIX specifications. +- Fixed missing agentless devices identification at JSON alerts. +- Fixed FIM timestamp and file name issue at SQLite database. +- Fixed cryptographic context acquirement on Windows agents. +- Fixed debug mode for Analysisd. +- Fixed bad exclusion of BTRFS filesystem by Rootcheck. +- Fixed compile errors on macOS. +- Fixed option -V for Integrator. +- Exclude symbolic links to directories when sending FIM diffs (by Stephan Joerrens). +- Fixed daemon list for service reloading at wazuh-control. +- Fixed socket waiting issue on Windows agents. +- Fixed PCI_DSS definitions grouping issue at Rootcheck controls. diff --git a/rpms/SPECS/4.2.4/wazuh-manager-4.2.4.spec b/rpms/SPECS/4.2.4/wazuh-manager-4.2.4.spec new file mode 100644 index 0000000000..bbbbc705f8 --- /dev/null +++ b/rpms/SPECS/4.2.4/wazuh-manager-4.2.4.spec @@ -0,0 +1,986 @@ +Summary: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring +Name: wazuh-manager +Version: 4.2.4 +Release: %{_release} +License: GPL +Group: System Environment/Daemons +Source0: %{name}-%{version}.tar.gz +URL: https://www.wazuh.com/ +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Vendor: Wazuh, Inc +Packager: Wazuh, Inc +Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd +Requires(post): /sbin/chkconfig +Requires(preun): /sbin/chkconfig /sbin/service +Requires(postun): /sbin/service /usr/sbin/groupdel /usr/sbin/userdel +Conflicts: ossec-hids ossec-hids-agent wazuh-agent wazuh-local +Obsoletes: wazuh-api < 4.0.0 +AutoReqProv: no + +Requires: coreutils +BuildRequires: coreutils glibc-devel automake autoconf libtool policycoreutils-python curl perl + +ExclusiveOS: linux + +%description +Wazuh helps you to gain security visibility into your infrastructure by monitoring +hosts at an operating system and application level. It provides the following capabilities: +log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring + +%prep +%setup -q + +./gen_ossec.sh conf manager centos %rhel %{_localstatedir} > etc/ossec-server.conf + +%build +pushd src +# Rebuild for server +make clean + +# Build Wazuh sources +make deps TARGET=server +make -j%{_threads} TARGET=server USE_SELINUX=yes DEBUG=%{_debugenabled} + +popd + +%install +# Clean BUILDROOT +rm -fr %{buildroot} + +echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf +echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf +echo 'USER_INSTALL_TYPE="server"' >> ./etc/preloaded-vars.conf +echo 'USER_DIR="%{_localstatedir}"' >> ./etc/preloaded-vars.conf +echo 'USER_DELETE_DIR="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_ACTIVE_RESPONSE="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_SYSCHECK="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_ROOTCHECK="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_CISCAT="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_SYSCOLLECTOR="y"' >> ./etc/preloaded-vars.conf +echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_EMAIL="n"' >> ./etc/preloaded-vars.conf +echo 'USER_WHITE_LIST="n"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_SYSLOG="y"' >> ./etc/preloaded-vars.conf +echo 'USER_ENABLE_AUTHD="y"' >> ./etc/preloaded-vars.conf +echo 'USER_SERVER_IP="MANAGER_IP"' >> ./etc/preloaded-vars.conf +echo 'USER_CA_STORE="/path/to/my_cert.pem"' >> ./etc/preloaded-vars.conf +echo 'USER_GENERATE_AUTHD_CERT="y"' >> ./etc/preloaded-vars.conf +echo 'USER_AUTO_START="n"' >> ./etc/preloaded-vars.conf +echo 'USER_CREATE_SSL_CERT="n"' >> ./etc/preloaded-vars.conf +./install.sh + +# Create directories +mkdir -p ${RPM_BUILD_ROOT}%{_initrddir} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh + +# Copy the installed files into RPM_BUILD_ROOT directory +cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ +mkdir -p ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ +sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-rh.init +install -m 0755 src/init/templates/ossec-hids-rh.init ${RPM_BUILD_ROOT}%{_initrddir}/wazuh-manager +sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/wazuh-manager.service +install -m 0644 src/init/templates/wazuh-manager.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ + +# Clean the preinstalled configuration assesment files +rm -f ${RPM_BUILD_ROOT}%{_localstatedir}/ruleset/sca/* + +# Install Vulnerability Detector files +install -m 0440 src/wazuh_modules/vulnerability_detector/*.json ${RPM_BUILD_ROOT}%{_localstatedir}/queue/vulnerabilities/dictionaries + +# Add configuration scripts +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/ +cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/ +cp add_localfiles.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/ + +# Templates for initscript +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/suse +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/sles + +# Install configuration assesment files and files templates +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/{applications,generic} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/{1,2} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/{8,7,6,5} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/{15,16,17,18,19,20} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/{7,8,9} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/{12,14,16}/04 +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/{8,7,6,5} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/{11,12} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/{11,12} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows + +cp -r ruleset/sca/{applications,generic,centos,darwin,debian,rhel,sles,sunos,windows} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp + +cp etc/templates/config/generic/{sca.files,sca.manager.files} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic + +cp etc/templates/config/amzn/1/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 +cp etc/templates/config/amzn/2/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 + +cp etc/templates/config/centos/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos +cp etc/templates/config/centos/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 +cp etc/templates/config/centos/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 +cp etc/templates/config/centos/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 + +cp etc/templates/config/darwin/15/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/15 +cp etc/templates/config/darwin/16/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/16 +cp etc/templates/config/darwin/17/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/17 +cp etc/templates/config/darwin/18/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/18 +cp etc/templates/config/darwin/19/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/19 +cp etc/templates/config/darwin/20/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/20 + +cp etc/templates/config/rhel/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel +cp etc/templates/config/rhel/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 +cp etc/templates/config/rhel/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 +cp etc/templates/config/rhel/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 + +cp etc/templates/config/sles/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles +cp etc/templates/config/sles/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 + +cp etc/templates/config/suse/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse +cp etc/templates/config/suse/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 + +cp etc/templates/config/ubuntu/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu +cp etc/templates/config/ubuntu/12/04/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12/04 +cp etc/templates/config/ubuntu/14/04/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14/04 +cp etc/templates/config/ubuntu/16/04/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16/04 + +cp etc/templates/config/debian/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian +cp etc/templates/config/debian/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/7 +cp etc/templates/config/debian/8/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/8 +cp etc/templates/config/debian/9/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/9 + + +# Add SUSE initscript +sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-suse.init +cp -rp src/init/templates/ossec-hids-suse.init ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init/ + +# Copy scap templates +cp -rp etc/templates/config/generic/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic +cp -rp etc/templates/config/centos/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos +cp -rp etc/templates/config/rhel/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel + +install -m 0640 src/init/*.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init + +# Add installation scripts +cp src/VERSION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/ +cp src/REVISION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/ + +if [ %{_debugenabled} = "yes" ]; then + %{_rpmconfigdir}/find-debuginfo.sh +fi +exit 0 + +%pre + +# Create the ossec group if it doesn't exists +if command -v getent > /dev/null 2>&1 && ! getent group ossec > /dev/null 2>&1; then + groupadd -r ossec +elif ! id -g ossec > /dev/null 2>&1; then + groupadd -r ossec +fi + +# Stop the services to upgrade the package +if [ $1 = 2 ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then + systemctl stop wazuh-manager.service > /dev/null 2>&1 + %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 + touch %{_localstatedir}/tmp/wazuh.restart + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + service wazuh-manager stop > /dev/null 2>&1 + %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 + touch %{_localstatedir}/tmp/wazuh.restart + elif %{_localstatedir}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 + touch %{_localstatedir}/tmp/wazuh.restart + elif %{_localstatedir}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then + %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 + touch %{_localstatedir}/tmp/wazuh.restart + fi + %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 +fi + +# Create the ossec user if it doesn't exists +if ! id -u ossec > /dev/null 2>&1; then + useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossec +fi +# Create the ossecr user if it doesn't exists +if ! id -u ossecr > /dev/null 2>&1; then + useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossecr +fi +# Create the ossecm user if it doesn't exists +if ! id -u ossecm > /dev/null 2>&1; then + useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossecm +fi + +# Remove/relocate existing SQLite databases +rm -f %{_localstatedir}/var/db/cluster.db* || true +rm -f %{_localstatedir}/var/db/.profile.db* || true +rm -f %{_localstatedir}/var/db/agents/* || true + +if [ -f %{_localstatedir}/var/db/global.db ]; then + mv %{_localstatedir}/var/db/global.db %{_localstatedir}/queue/db/ + rm -f %{_localstatedir}/var/db/global.db* || true + rm -f %{_localstatedir}/var/db/.template.db || true +fi + +if [ -f %{_localstatedir}/queue/db/global.db ]; then + chmod 640 %{_localstatedir}/queue/db/global.db* + chown ossec:ossec %{_localstatedir}/queue/db/global.db* +fi + +# Remove Vuln-detector database +rm -f %{_localstatedir}/queue/vulnerabilities/cve.db || true + +# Remove plain-text agent information if exists +if [ -d %{_localstatedir}/queue/agent-info ]; then + rm -rf %{_localstatedir}/queue/agent-info/* > /dev/null 2>&1 +fi + +if [ -d %{_localstatedir}/queue/rootcheck ]; then + rm -rf %{_localstatedir}/queue/rootcheck/* > /dev/null 2>&1 +fi + +# Delete old API backups +if [ $1 = 2 ]; then + if [ -d %{_localstatedir}/~api ]; then + rm -rf %{_localstatedir}/~api + fi + + if [ -f %{_sysconfdir}/ossec-init.conf ]; then + # Import the variables from ossec-init.conf file + . %{_sysconfdir}/ossec-init.conf + else + # Ask wazuh-control the version + VERSION=$(%{_localstatedir}/bin/wazuh-control info -v) + fi + + # Get the major and minor version + MAJOR=$(echo $VERSION | cut -dv -f2 | cut -d. -f1) + MINOR=$(echo $VERSION | cut -d. -f2) + + # Delete uncompatible DBs versions + if [ $MAJOR = 3 ] && [ $MINOR -lt 7 ]; then + rm -f %{_localstatedir}/queue/db/*.db* + rm -f %{_localstatedir}/queue/db/.template.db + fi + + # Delete 3.X Wazuh API service + if [ "$MAJOR" = "3" ] && [ -d %{_localstatedir}/api ]; then + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 ; then + systemctl stop wazuh-api.service > /dev/null 2>&1 + systemctl disable wazuh-api.service > /dev/null 2>&1 + rm -f /etc/systemd/system/wazuh-api.service + elif command -v service > /dev/null 2>&1 ; then + service wazuh-api stop > /dev/null 2>&1 + chkconfig wazuh-api off > /dev/null 2>&1 + chkconfig --del wazuh-api > /dev/null 2>&1 + rm -f /etc/rc.d/init.d/wazuh-api || true + fi + fi +fi + +%post + +echo "VERSION=\"$(%{_localstatedir}/bin/wazuh-control info -v)\"" > /etc/ossec-init.conf +if [ $1 = 2 ]; then + if [ -d %{_localstatedir}/logs/ossec ]; then + rm -rf %{_localstatedir}/logs/wazuh + cp -rp %{_localstatedir}/logs/ossec %{_localstatedir}/logs/wazuh + fi + + if [ -d %{_localstatedir}/queue/ossec ]; then + rm -rf %{_localstatedir}/queue/sockets + cp -rp %{_localstatedir}/queue/ossec %{_localstatedir}/queue/sockets + fi +fi + +# Fresh install code block +if [ $1 = 1 ]; then + sles="" + if [ -f /etc/SuSE-release ]; then + sles="suse" + elif [ -f /etc/os-release ]; then + if `grep -q "\"sles" /etc/os-release` ; then + sles="suse" + elif `grep -q -i "\"opensuse" /etc/os-release` ; then + sles="opensuse" + fi + fi + + if [ ! -z "$sles" ]; then + install -m 755 %{_localstatedir}/packages_files/manager_installation_scripts/src/init/ossec-hids-suse.init /etc/init.d/wazuh-manager + fi + + . %{_localstatedir}/packages_files/manager_installation_scripts/src/init/dist-detect.sh + + # Generating ossec.conf file + %{_localstatedir}/packages_files/manager_installation_scripts/gen_ossec.sh conf manager ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} %{_localstatedir} > %{_localstatedir}/etc/ossec.conf + + touch %{_localstatedir}/logs/active-responses.log + touch %{_localstatedir}/logs/integrations.log + chown ossec:ossec %{_localstatedir}/logs/active-responses.log + chown ossecm:ossec %{_localstatedir}/logs/integrations.log + chmod 0660 %{_localstatedir}/logs/active-responses.log + chmod 0640 %{_localstatedir}/logs/integrations.log + + # Add default local_files to ossec.conf + %{_localstatedir}/packages_files/manager_installation_scripts/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf +fi + +# Generation auto-signed certificate if not exists +if type openssl >/dev/null 2>&1 && [ ! -f "%{_localstatedir}/etc/sslmanager.key" ] && [ ! -f "%{_localstatedir}/etc/sslmanager.cert" ]; then + openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout %{_localstatedir}/etc/sslmanager.key -out %{_localstatedir}/etc/sslmanager.cert 2>/dev/null + chmod 640 %{_localstatedir}/etc/sslmanager.key + chmod 640 %{_localstatedir}/etc/sslmanager.cert +fi + +rm -f %{_localstatedir}/etc/shared/ar.conf >/dev/null 2>&1 +rm -f %{_localstatedir}/etc/shared/merged.mg >/dev/null 2>&1 + +# CentOS +if [ -r "/etc/centos-release" ]; then + DIST_NAME="centos" + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/centos-release` +# Fedora +elif [ -r "/etc/fedora-release" ]; then + DIST_NAME="generic" + DIST_VER="" +# RedHat +elif [ -r "/etc/redhat-release" ]; then + if grep -q "CentOS" /etc/redhat-release; then + DIST_NAME="centos" + else + DIST_NAME="rhel" + fi + DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/redhat-release` +# SUSE +elif [ -r "/etc/SuSE-release" ]; then + if grep -q "openSUSE" /etc/SuSE-release; then + DIST_NAME="generic" + DIST_VER="" + else + DIST_NAME="sles" + DIST_VER=`sed -rn 's/.*VERSION = ([0-9]{1,2}).*/\1/p' /etc/SuSE-release` + fi +elif [ -r "/etc/os-release" ]; then + . /etc/os-release + DIST_NAME=$ID + DIST_VER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*([0-9]+).*/\1/p') + if [ "X$DIST_VER" = "X" ]; then + DIST_VER="0" + fi + if [ "$DIST_NAME" = "amzn" ] && [ "$DIST_VER" != "2" ]; then + DIST_VER="1" + fi + DIST_SUBVER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*[0-9]+\.([0-9]+).*/\1/p') + if [ "X$DIST_SUBVER" = "X" ]; then + DIST_SUBVER="0" + fi +else + DIST_NAME="generic" + DIST_VER="" +fi + +SCA_DIR="${DIST_NAME}/${DIST_VER}" +SCA_BASE_DIR="%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp" +mkdir -p %{_localstatedir}/ruleset/sca + +SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" + +# Install the configuration files needed for this hosts +if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" +elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" +elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then + SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" +else + SCA_TMP_DIR="${SCA_BASE_DIR}/generic" +fi + +SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" + +if [ -r ${SCA_TMP_FILE} ] && [ -r ${SCA_BASE_DIR}/generic/sca.manager.files ]; then + + rm -f %{_localstatedir}/ruleset/sca/* || true + + for sca_file in $(cat ${SCA_TMP_FILE}); do + if [ -f ${SCA_BASE_DIR}/${sca_file} ]; then + mv ${SCA_BASE_DIR}/${sca_file} %{_localstatedir}/ruleset/sca + fi + done + + for sca_file in $(cat ${SCA_BASE_DIR}/generic/sca.manager.files); do + filename=$(basename ${sca_file}) + if [ -f "${SCA_BASE_DIR}/${sca_file}" ] && [ ! -f "%{_localstatedir}/ruleset/sca/${filename}" ]; then + mv ${SCA_BASE_DIR}/${sca_file} %{_localstatedir}/ruleset/sca/${filename}.disabled + fi + done +fi + +# Fix sca permissions, group and owner +chmod 640 %{_localstatedir}/ruleset/sca/* +chown root:ossec %{_localstatedir}/ruleset/sca/* +# Delete the temporary directory +rm -rf ${SCA_BASE_DIR} + +# Add the SELinux policy +if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + semodule -i %{_localstatedir}/var/selinux/wazuh.pp + semodule -e wazuh + fi +fi + +# Delete the installation files used to configure the manager +rm -rf %{_localstatedir}/packages_files + +# Remove unnecessary files from default group +rm -f %{_localstatedir}/etc/shared/default/*.rpmnew + +%preun + +if [ $1 = 0 ]; then + + # Stop the services before uninstall the package + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then + systemctl stop wazuh-manager.service > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "running" > /dev/null 2>&1; then + service wazuh-manager stop > /dev/null 2>&1 + else # Anything else + %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 + fi + + # Check for systemd + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then + systemctl disable wazuh-manager > /dev/null 2>&1 + systemctl daemon-reload > /dev/null 2>&1 + # Check for SysV + elif command -v service > /dev/null 2>&1 ; then + chkconfig wazuh-manager off > /dev/null 2>&1 + chkconfig --del wazuh-manager > /dev/null 2>&1 + fi + + # Remove the SELinux policy + if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then + if [ $(getenforce) != "Disabled" ]; then + if (semodule -l | grep wazuh > /dev/null); then + semodule -r wazuh > /dev/null + fi + fi + fi + + # Remove SCA files + rm -f %{_localstatedir}/ruleset/sca/* +fi + +%postun + +# If the package is been uninstalled +if [ $1 = 0 ];then + # Remove the ossecr user if it exists + if id -u ossecr > /dev/null 2>&1; then + userdel ossecr >/dev/null 2>&1 + fi + # Remove the ossecm user if it exists + if id -u ossecm > /dev/null 2>&1; then + userdel ossecm >/dev/null 2>&1 + fi + # Remove the ossec user if it exists + if id -u ossec > /dev/null 2>&1; then + userdel ossec >/dev/null 2>&1 + fi + # Remove the ossec group if it exists + if command -v getent > /dev/null 2>&1 && getent group ossec > /dev/null 2>&1; then + groupdel ossec >/dev/null 2>&1 + elif id -g ossec > /dev/null 2>&1; then + groupdel ossec >/dev/null 2>&1 + fi + + # Backup agents centralized configuration (etc/shared) + if [ -d %{_localstatedir}/etc/shared ]; then + rm -rf %{_localstatedir}/etc/shared.save/ + mv %{_localstatedir}/etc/shared/ %{_localstatedir}/etc/shared.save/ + fi + + # Backup registration service certificates (sslmanager.cert,sslmanager.key) + if [ -f %{_localstatedir}/etc/sslmanager.cert ]; then + mv %{_localstatedir}/etc/sslmanager.cert %{_localstatedir}/etc/sslmanager.cert.save + fi + if [ -f %{_localstatedir}/etc/sslmanager.key ]; then + mv %{_localstatedir}/etc/sslmanager.key %{_localstatedir}/etc/sslmanager.key.save + fi + + # Remove lingering folders and files + rm -rf %{_localstatedir}/queue/ + rm -rf %{_localstatedir}/framework/ + rm -rf %{_localstatedir}/api/ + rm -rf %{_localstatedir}/stats/ + rm -rf %{_localstatedir}/var/ + rm -rf %{_localstatedir}/bin/ + rm -rf %{_localstatedir}/logs/ + rm -rf %{_localstatedir}/ruleset/ + rm -rf %{_localstatedir}/tmp +fi + +# posttrans code is the last thing executed in a install/upgrade +%posttrans + +if [ -f %{_sysconfdir}/systemd/system/wazuh-manager.service ]; then + rm -rf %{_sysconfdir}/systemd/system/wazuh-manager.service + systemctl daemon-reload > /dev/null 2>&1 +fi + +if [ -f %{_localstatedir}/tmp/wazuh.restart ]; then + rm -f %{_localstatedir}/tmp/wazuh.restart + if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 ; then + systemctl daemon-reload > /dev/null 2>&1 + systemctl restart wazuh-manager.service > /dev/null 2>&1 + elif command -v service > /dev/null 2>&1 ; then + service wazuh-manager restart > /dev/null 2>&1 + else + %{_localstatedir}/bin/wazuh-control restart > /dev/null 2>&1 + fi +fi + +if [ -d %{_localstatedir}/logs/ossec ]; then + rm -rf %{_localstatedir}/logs/ossec/ +fi + +if [ -d %{_localstatedir}/queue/ossec ]; then + rm -rf %{_localstatedir}/queue/ossec/ +fi + +if [ -f %{_sysconfdir}/ossec-init.conf ]; then + rm -f %{_sysconfdir}/ossec-init.conf + rm -f %{_localstatedir}/etc/ossec-init.conf +fi + +%triggerin -- glibc +[ -r %{_sysconfdir}/localtime ] && cp -fpL %{_sysconfdir}/localtime %{_localstatedir}/etc + chown root:ossec %{_localstatedir}/etc/localtime + chmod 0640 %{_localstatedir}/etc/localtime + +%clean +rm -fr %{buildroot} + +%files +%defattr(-,root,ossec) +%{_initrddir}/wazuh-manager +%attr(640, root, ossec) %verify(not md5 size mtime) %ghost %{_sysconfdir}/ossec-init.conf +/usr/lib/systemd/system/wazuh-manager.service +%dir %attr(750, root, ossec) %{_localstatedir} +%attr(750, root, ossec) %{_localstatedir}/agentless +%dir %attr(750, root, ossec) %{_localstatedir}/active-response +%dir %attr(750, root, ossec) %{_localstatedir}/active-response/bin +%attr(750, root, ossec) %{_localstatedir}/active-response/bin/* +%dir %attr(750, root, ossec) %{_localstatedir}/api +%dir %attr(770, root, ossec) %{_localstatedir}/api/configuration +%attr(660, root, ossec) %config(noreplace) %{_localstatedir}/api/configuration/api.yaml +%dir %attr(770, root, ossec) %{_localstatedir}/api/configuration/security +%dir %attr(770, root, ossec) %{_localstatedir}/api/configuration/ssl +%dir %attr(750, root, ossec) %{_localstatedir}/api/scripts +%attr(640, root, ossec) %{_localstatedir}/api/scripts/wazuh-apid.py +%dir %attr(750, root, ossec) %{_localstatedir}/backup +%dir %attr(750, ossec, ossec) %{_localstatedir}/backup/agents +%dir %attr(750, ossec, ossec) %{_localstatedir}/backup/groups +%dir %attr(750, root, ossec) %{_localstatedir}/backup/shared +%dir %attr(750, root, ossec) %{_localstatedir}/bin +%attr(750, root, root) %{_localstatedir}/bin/agent_control +%attr(750, root, ossec) %{_localstatedir}/bin/agent_groups +%attr(750, root, ossec) %{_localstatedir}/bin/agent_upgrade +%attr(750, root, root) %{_localstatedir}/bin/clear_stats +%attr(750, root, ossec) %{_localstatedir}/bin/cluster_control +%attr(750, root, root) %{_localstatedir}/bin/manage_agents +%attr(750, root, root) %{_localstatedir}/bin/wazuh-agentlessd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-analysisd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-authd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-control +%attr(750, root, root) %{_localstatedir}/bin/wazuh-csyslogd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-dbd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-execd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-integratord +%attr(750, root, root) %{_localstatedir}/bin/wazuh-logcollector +%attr(750, root, root) %{_localstatedir}/bin/wazuh-logtest-legacy +%attr(750, root, ossec) %{_localstatedir}/bin/wazuh-logtest +%attr(750, root, root) %{_localstatedir}/bin/wazuh-maild +%attr(750, root, root) %{_localstatedir}/bin/wazuh-monitord +%attr(750, root, root) %{_localstatedir}/bin/wazuh-regex +%attr(750, root, root) %{_localstatedir}/bin/wazuh-remoted +%attr(750, root, root) %{_localstatedir}/bin/wazuh-reportd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-syscheckd +%attr(750, root, ossec) %{_localstatedir}/bin/verify-agent-conf +%attr(750, root, ossec) %{_localstatedir}/bin/wazuh-apid +%attr(750, root, ossec) %{_localstatedir}/bin/wazuh-clusterd +%attr(750, root, root) %{_localstatedir}/bin/wazuh-db +%attr(750, root, root) %{_localstatedir}/bin/wazuh-modulesd +%dir %attr(770, ossec, ossec) %{_localstatedir}/etc +%attr(660, root, ossec) %config(noreplace) %{_localstatedir}/etc/ossec.conf +%attr(640, root, ossec) %config(noreplace) %{_localstatedir}/etc/client.keys +%attr(640, root, ossec) %{_localstatedir}/etc/internal_options* +%attr(640, root, ossec) %config(noreplace) %{_localstatedir}/etc/local_internal_options.conf +%attr(640, root, ossec) %{_localstatedir}/etc/localtime +%dir %attr(770, root, ossec) %{_localstatedir}/etc/decoders +%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/decoders/local_decoder.xml +%dir %attr(770, root, ossec) %{_localstatedir}/etc/lists +%dir %attr(770, ossec, ossec) %{_localstatedir}/etc/lists/amazon +%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/lists/amazon/* +%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/lists/audit-keys +%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/lists/security-eventchannel +%dir %attr(770, root, ossec) %{_localstatedir}/etc/shared +%dir %attr(770, ossec, ossec) %{_localstatedir}/etc/shared/default +%attr(660, ossec, ossec) %{_localstatedir}/etc/shared/agent-template.conf +%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/shared/default/* +%dir %attr(770, root, ossec) %{_localstatedir}/etc/rootcheck +%attr(660, root, ossec) %{_localstatedir}/etc/rootcheck/*.txt +%dir %attr(770, root, ossec) %{_localstatedir}/etc/rules +%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/rules/local_rules.xml +%dir %attr(750, root, ossec) %{_localstatedir}/framework +%dir %attr(750, root, ossec) %{_localstatedir}/framework/python +%{_localstatedir}/framework/python/* +%dir %attr(750, root, ossec) %{_localstatedir}/framework/scripts +%attr(640, root, ossec) %{_localstatedir}/framework/scripts/*.py +%dir %attr(750, root, ossec) %{_localstatedir}/framework/wazuh +%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/*.py +%dir %attr(750, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster +%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/*.py +%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/*.json +%dir %attr(750, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/dapi +%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/dapi/*.py +%dir %attr(750, root, ossec) %{_localstatedir}/integrations +%attr(750, root, ossec) %{_localstatedir}/integrations/* +%dir %attr(750, root, ossec) %{_localstatedir}/lib +%attr(750, root, ossec) %{_localstatedir}/lib/libwazuhext.so +%attr(750, root, ossec) %{_localstatedir}/lib/libwazuhshared.so +%attr(750, root, ossec) %{_localstatedir}/lib/libdbsync.so +%attr(750, root, ossec) %{_localstatedir}/lib/librsync.so +%attr(750, root, ossec) %{_localstatedir}/lib/libsyscollector.so +%attr(750, root, ossec) %{_localstatedir}/lib/libsysinfo.so +%{_localstatedir}/lib/libpython3.9.so.1.0 +%dir %attr(770, ossec, ossec) %{_localstatedir}/logs +%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/active-responses.log +%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/api.log +%attr(640, ossecm, ossec) %ghost %{_localstatedir}/logs/integrations.log +%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/ossec.log +%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/ossec.json +%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/api +%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/archives +%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/alerts +%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/cluster +%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/firewall +%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/wazuh +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/add_localfiles.sh +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/gen_ossec.sh +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/ +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/REVISION +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/VERSION +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/init/ +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/init/* +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic/* +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos/* +%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel +%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel/* +%dir %attr(750, root, ossec) %{_localstatedir}/queue +%attr(600, root, ossec) %ghost %{_localstatedir}/queue/agents-timestamp +%dir %attr(770, root, ossec) %{_localstatedir}/queue/agent-groups +%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/agentless +%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/alerts +%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/cluster +%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/db +%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/diff +%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/fim +%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/fim/db +%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/syscollector +%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/syscollector/db +%attr(640, root,ossec) %{_localstatedir}/queue/syscollector/norm_config.json +%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/fts +%dir %attr(770, ossecr, ossec) %{_localstatedir}/queue/rids +%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/tasks +%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/sockets +%dir %attr(660, root, ossec) %{_localstatedir}/queue/vulnerabilities +%dir %attr(440, root, ossec) %{_localstatedir}/queue/vulnerabilities/dictionaries +%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/logcollector +%attr(0440, root, ossec) %{_localstatedir}/queue/vulnerabilities/dictionaries/cpe_helper.json +%attr(0440, root, ossec) %ghost %{_localstatedir}/queue/vulnerabilities/dictionaries/msu.json.gz +%dir %attr(750, root, ossec) %{_localstatedir}/ruleset +%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/sca +%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/decoders +%attr(640, root, ossec) %{_localstatedir}/ruleset/decoders/* +%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/rules +%attr(640, root, ossec) %{_localstatedir}/ruleset/rules/* +%dir %attr(770, root, ossec) %{_localstatedir}/.ssh +%dir %attr(750, ossec, ossec) %{_localstatedir}/stats +%dir %attr(1770, root, ossec) %{_localstatedir}/tmp +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/applications +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/applications/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/15 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/15/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/16 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/16/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/17 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/17/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/18 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/18/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/19 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/19/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/20 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/20/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/sca.files +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/*yml +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/7 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/7/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/8 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/8/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/9 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/9/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos/* +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/12 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/sca.files +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12 +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12/04 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12/04/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14 +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14/04 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14/04/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16 +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16/04 +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16/04/* +%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows +%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows/* +%dir %attr(750, root, ossec) %{_localstatedir}/var +%dir %attr(770, root, ossec) %{_localstatedir}/var/db +%dir %attr(770, root, ossec) %{_localstatedir}/var/db/agents +%attr(660, root, ossec) %{_localstatedir}/var/db/mitre.db +%dir %attr(770, root, ossec) %{_localstatedir}/var/download +%dir %attr(770, ossec, ossec) %{_localstatedir}/var/multigroups +%dir %attr(770, root, ossec) %{_localstatedir}/var/run +%dir %attr(770, root, ossec) %{_localstatedir}/var/selinux +%attr(640, root, ossec) %{_localstatedir}/var/selinux/* +%dir %attr(770, root, ossec) %{_localstatedir}/var/upgrade +%dir %attr(770, root, ossec) %{_localstatedir}/var/wodles +%dir %attr(750, root, ossec) %{_localstatedir}/wodles +%attr(750,root,ossec) %{_localstatedir}/wodles/* +%dir %attr(750, root, ossec) %{_localstatedir}/wodles/aws +%attr(750, root, ossec) %{_localstatedir}/wodles/aws/* +%dir %attr(750, root, ossec) %{_localstatedir}/wodles/azure +%attr(750, root, ossec) %{_localstatedir}/wodles/azure/* +%dir %attr(750, root, ossec) %{_localstatedir}/wodles/docker +%attr(750, root, ossec) %{_localstatedir}/wodles/docker/* +%dir %attr(750, root, ossec) %{_localstatedir}/wodles/gcloud +%attr(750, root, ossec) %{_localstatedir}/wodles/gcloud/* + +%if %{_debugenabled} == "yes" +/usr/lib/debug/%{_localstatedir}/* +/usr/src/debug/%{name}-%{version}/* +%endif + + +%changelog +* Thu Oct 21 2021 support - 4.2.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Oct 06 2021 support - 4.2.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Sep 28 2021 support - 4.2.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Sep 25 2021 support - 4.2.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 26 2021 support - 4.2.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Apr 24 2021 support - 3.13.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 22 2021 support - 4.1.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Mar 29 2021 support - 4.1.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Mar 20 2021 support - 4.1.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Mar 08 2021 support - 4.1.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Mar 05 2021 support - 4.1.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 19 2021 support - 4.1.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 12 2021 support - 4.0.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 30 2020 support - 4.0.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 23 2020 support - 4.0.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Oct 31 2020 support - 4.0.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 19 2020 support - 4.0.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Aug 21 2020 support - 3.13.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jul 14 2020 support - 3.13.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 29 2020 support - 3.13.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 13 2020 support - 3.12.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Apr 9 2020 support - 3.12.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Apr 8 2020 support - 3.12.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Mar 25 2020 support - 3.12.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Feb 24 2020 support - 3.11.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 22 2020 support - 3.11.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jan 7 2020 support - 3.11.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Dec 26 2019 support - 3.11.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Oct 7 2019 support - 3.11.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 23 2019 support - 3.10.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Sep 19 2019 support - 3.10.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Aug 26 2019 support - 3.10.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Aug 8 2019 support - 3.9.5 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Fri Jul 12 2019 support - 3.9.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jun 11 2019 support - 3.9.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Jun 6 2019 support - 3.9.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon May 6 2019 support - 3.9.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Feb 25 2019 support - 3.9.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 30 2019 support - 3.8.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Jan 24 2019 support - 3.8.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jan 16 2019 support - 3.8.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Dec 10 2018 support - 3.7.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 12 2018 support - 3.7.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Sat Nov 10 2018 support - 3.7.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Sep 3 2018 support - 3.6.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu Aug 23 2018 support - 3.6.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jul 25 2018 support - 3.5.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Jul 11 2018 support - 3.4.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 18 2018 support - 3.3.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Jun 11 2018 support - 3.3.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed May 30 2018 support - 3.2.4 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Thu May 10 2018 support - 3.2.3 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Apr 09 2018 support - 3.2.2 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Feb 21 2018 support - 3.2.1 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Wed Feb 07 2018 support - 3.2.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Dec 19 2017 support - 3.1.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Mon Nov 06 2017 support - 3.0.0 +- More info: https://documentation.wazuh.com/current/release-notes/ +* Tue Jun 06 2017 support - 2.0.1 +- Changed random data generator for a secure OS-provided generator. +- Changed Windows installer file name (depending on version). +- Linux distro detection using standard os-release file. +- Changed some URLs to documentation. +- Disable synchronization with SQLite databases for Syscheck by default. +- Minor changes at Rootcheck formatter for JSON alerts. +- Added debugging messages to Integrator logs. +- Show agent ID when possible on logs about incorrectly formatted messages. +- Use default maximum inotify event queue size. +- Show remote IP on encoding format errors when unencrypting messages. +- Fix permissions in agent-info folder +- Fix permissions in rids folder. +* Fri Apr 21 2017 Jose Luis Ruiz - 2.0 +- Changed random data generator for a secure OS-provided generator. +- Changed Windows installer file name (depending on version). +- Linux distro detection using standard os-release file. +- Changed some URLs to documentation. +- Disable synchronization with SQLite databases for Syscheck by default. +- Minor changes at Rootcheck formatter for JSON alerts. +- Added debugging messages to Integrator logs. +- Show agent ID when possible on logs about incorrectly formatted messages. +- Use default maximum inotify event queue size. +- Show remote IP on encoding format errors when unencrypting messages. +- Fixed resource leaks at rules configuration parsing. +- Fixed memory leaks at rules parser. +- Fixed memory leaks at XML decoders parser. +- Fixed TOCTOU condition when removing directories recursively. +- Fixed insecure temporary file creation for old POSIX specifications. +- Fixed missing agentless devices identification at JSON alerts. +- Fixed FIM timestamp and file name issue at SQLite database. +- Fixed cryptographic context acquirement on Windows agents. +- Fixed debug mode for Analysisd. +- Fixed bad exclusion of BTRFS filesystem by Rootcheck. +- Fixed compile errors on macOS. +- Fixed option -V for Integrator. +- Exclude symbolic links to directories when sending FIM diffs (by Stephan Joerrens). +- Fixed daemon list for service reloading at ossec-control. +- Fixed socket waiting issue on Windows agents. +- Fixed PCI_DSS definitions grouping issue at Rootcheck controls. diff --git a/solaris/solaris11/SPECS/template_agent_v4.2.4.json b/solaris/solaris11/SPECS/template_agent_v4.2.4.json new file mode 100644 index 0000000000..707869896e --- /dev/null +++ b/solaris/solaris11/SPECS/template_agent_v4.2.4.json @@ -0,0 +1,2043 @@ +{ + "/var/ossec": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/.ssh": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/active-response": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/active-response/bin": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/active-response/bin/default-firewall-drop": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/disable-account": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/firewall-drop": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/firewalld-drop": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/host-deny": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/ip-customblock": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/ipfw": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/kaspersky.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/kaspersky": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/npf": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/wazuh-slack": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/pf": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/restart-wazuh": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/restart.sh": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/active-response/bin/route-null": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/agentless/main.exp": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/register_host.sh": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh.exp": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_asa-fwsmconfig_diff": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_foundry_diff": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_generic_diff": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_integrity_check_bsd": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_integrity_check_linux": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_nopass.exp": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/ssh_pixconfig_diff": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/sshlogin.exp": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/agentless/su.exp": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/backup": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/bin": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/bin/agent-auth": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/manage_agents": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/wazuh-agentd": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/wazuh-control": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/wazuh-execd": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/wazuh-logcollector": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/wazuh-syscheckd": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/util.sh": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/bin/wazuh-modulesd": { + "class": "static", + "group": "root", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/etc": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/etc/client.keys": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/client.keys.rpmnew": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/internal_options.conf": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/local_internal_options.conf": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/localtime": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/ossec.conf": { + "class": "static", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/ossec.conf.rpmnew": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/ossec.conf.new": { + "class": "dynamic", + "group": "root", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/shared": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/etc/shared/agent.conf": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/ar.conf": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/var/start-script-lock": { + "class": "dynamic", + "group": "ossec", + "mode": "0755", + "prot": "drwxr-xr-x", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/start-script-lock/pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "root" + }, + "/var/ossec/etc/shared/cis_apache2224_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_debian_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_rhel_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_sles11_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_sles12_linux_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/merged.mg": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/rootkit_files.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/rootkit_trojans.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/system_audit_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/system_audit_ssh.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/win_applications_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/win_audit_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/shared/win_malware_rcl.txt": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/etc/wpk_root.pem": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/lib": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/lib/libwazuhext.so": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/lib/libwazuhshared.so": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/lib/libdbsync.so": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/lib/librsync.so": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/lib/libsysinfo.so": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/lib/libsyscollector.so": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/logs": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/active-responses.log": { + "class": "static", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec.log": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/logs/ossec.json": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jan": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Feb": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Mar": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Apr": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/May": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jun": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jul": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Aug": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Sep": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Oct": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Nov": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Dec": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jan": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Feb": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Mar": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Apr": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/May": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jun": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jul": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Aug": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Sep": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Oct": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Nov": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Dec": { + "class": "dynamic", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].json.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].log.gz": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/queue": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/queue/alerts": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/alerts/cfgaq": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/alerts/execq": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/diff": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/diff/local": { + "class": "dynamic", + "group": "root", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/queue/diff/local/*": { + "class": "dynamic", + "group": "root", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/queue/diff/local/*/*.*": { + "class": "dynamic", + "group": "root", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/queue/diff/local/*/*/*.*": { + "class": "dynamic", + "group": "root", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/diff/local/*/*/last-entry": { + "class": "dynamic", + "group": "root", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/fim": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/fim/db": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/syscollector": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/syscollector/db": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/syscollector/norm_config.json": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/ossec": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/ossec/.*": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/queue/ossec/logcollector": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/ossec/syscheck": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/ossec/wmodules": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/ossec/queue": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/queue/ossec/com": { + "class": "static", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/ossec/control": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/sockets": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/sockets/.*": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/queue/sockets/logcollector": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/sockets/syscheck": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/sockets/wmodules": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/sockets/queue": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/queue/sockets/com": { + "class": "static", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/sockets/control": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/queue/rids": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/logcollector": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "ossec" + }, + "/var/ossec/queue/rids/*": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/ruleset": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/ruleset/sca": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + + "/var/ossec/ruleset/sca/cis_solaris11.yml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rwxr-----", + "type": "file", + "user": "root" + }, + "/var/ossec/tmp": { + "class": "static", + "group": "ossec", + "mode": "1770", + "prot": "drwxrwx--T", + "type": "directory", + "user": "root" + }, + "/var/ossec/var": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/db": { + "class": "dynamic", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/db/agents": { + "class": "dynamic", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/db/agents/001-*.db": { + "class": "dynamic", + "group": "ossec", + "mode": "0660", + "prot": "-rw-rw----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/incoming": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/run": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/run/.syscheck_run": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/var/run/wazuh-agentd.state": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/var/run/wazuh-agentd-*.pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "ossec" + }, + "/var/ossec/var/run/wazuh-execd-*.pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/run/wazuh-logcollector-*.pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/run/wazuh-logcollector.state": { + "class": "static", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "ossec" + }, + "/var/ossec/var/run/wazuh-syscheckd-*.pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/run/wazuh-modulesd-*.pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/run/agent-auth-*.pid": { + "class": "dynamic", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/selinux": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/selinux/wazuh.pp": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/var/upgrade": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/wodles": { + "class": "static", + "group": "ossec", + "mode": "0770", + "prot": "drwxrwx---", + "type": "directory", + "user": "root" + }, + "/var/ossec/var/wodles/syscollector": { + "class": "dynamic", + "group": "ossec", + "mode": "0644", + "prot": "-rw-r--r--", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/wodles/__init__.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/utils.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/aws": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/wodles/aws/aws-s3": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/docker": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/wodles/docker/DockerListener": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/gcloud": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/wodles/gcloud/gcloud": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/gcloud/gcloud.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/gcloud/integration.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/gcloud/tools.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/wodles/oscap/content": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "drwxr-x---", + "type": "directory", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/cve-debian-8-oval.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/cve-debian-9-oval.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/cve-redhat-6-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/cve-redhat-7-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/cve-ubuntu-xenial-oval.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-centos-6-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-centos-7-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-debian-8-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-fedora-24-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-rhel-6-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-rhel-7-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-ubuntu-1404-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/content/ssg-ubuntu-1604-ds.xml": { + "class": "static", + "group": "ossec", + "mode": "0640", + "prot": "-rw-r-----", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/oscap.py": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/template_oval.xsl": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + }, + "/var/ossec/wodles/oscap/template_xccdf.xsl": { + "class": "static", + "group": "ossec", + "mode": "0750", + "prot": "-rwxr-x---", + "type": "file", + "user": "root" + } +} diff --git a/unattended_scripts/elastic-stack/unattended-installation/all-in-one-installation.sh b/unattended_scripts/elastic-stack/unattended-installation/all-in-one-installation.sh index 53229c2305..35bbba62d8 100644 --- a/unattended_scripts/elastic-stack/unattended-installation/all-in-one-installation.sh +++ b/unattended_scripts/elastic-stack/unattended-installation/all-in-one-installation.sh @@ -8,7 +8,7 @@ # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_VER="4.2.3" +WAZUH_VER="4.2.4" WAZUH_REV="1" ELK_VER="7.12.1" WAZUH_KIB_PLUG_REV="1" diff --git a/unattended_scripts/elastic-stack/unattended-installation/distributed/elastic-stack-installation.sh b/unattended_scripts/elastic-stack/unattended-installation/distributed/elastic-stack-installation.sh index bb463f6e41..a4de7eb61b 100644 --- a/unattended_scripts/elastic-stack/unattended-installation/distributed/elastic-stack-installation.sh +++ b/unattended_scripts/elastic-stack/unattended-installation/distributed/elastic-stack-installation.sh @@ -9,7 +9,7 @@ # Foundation. WAZUH_MAJOR="4.2" -WAZUH_VER="4.2.3" +WAZUH_VER="4.2.4" WAZUH_REV="1" ELK_VER="7.12.1" WAZUH_KIB_PLUG_REV="1" diff --git a/unattended_scripts/open-distro/unattended-installation/distributed/elastic-stack-installation.sh b/unattended_scripts/open-distro/unattended-installation/distributed/elastic-stack-installation.sh index 8f1eaa2794..ed62701a63 100644 --- a/unattended_scripts/open-distro/unattended-installation/distributed/elastic-stack-installation.sh +++ b/unattended_scripts/open-distro/unattended-installation/distributed/elastic-stack-installation.sh @@ -10,7 +10,7 @@ char="." debug='> /dev/null 2>&1' -WAZUH_VER="4.2.3" +WAZUH_VER="4.2.4" WAZUH_MAJOR="4.2" WAZUH_REV="1" ELK_VER="7.10.2" diff --git a/unattended_scripts/open-distro/unattended-installation/distributed/wazuh-server-installation.sh b/unattended_scripts/open-distro/unattended-installation/distributed/wazuh-server-installation.sh index c51722df59..a8678d8b7f 100644 --- a/unattended_scripts/open-distro/unattended-installation/distributed/wazuh-server-installation.sh +++ b/unattended_scripts/open-distro/unattended-installation/distributed/wazuh-server-installation.sh @@ -11,7 +11,7 @@ ## Check if system is based on yum or apt-get char="." debug='> /dev/null 2>&1' -WAZUH_VER="4.2.3" +WAZUH_VER="4.2.4" WAZUH_REV="1" ELK_VER="7.10.2" OD_VER="1.13.2" diff --git a/unattended_scripts/open-distro/unattended-installation/unattended-installation.sh b/unattended_scripts/open-distro/unattended-installation/unattended-installation.sh index 64da03c84b..b1bf949c03 100644 --- a/unattended_scripts/open-distro/unattended-installation/unattended-installation.sh +++ b/unattended_scripts/open-distro/unattended-installation/unattended-installation.sh @@ -12,7 +12,7 @@ char="." debug='>> /var/log/wazuh-unattended-installation.log 2>&1' WAZUH_MAJOR="4.2" -WAZUH_VER="4.2.3" +WAZUH_VER="4.2.4" WAZUH_REV="1" ELK_VER="7.10.2" OD_VER="1.13.2" From 9e2ee24e32cf5fc3d336efb65bf15a21bf449c4b Mon Sep 17 00:00:00 2001 From: verd-x Date: Thu, 14 Oct 2021 18:08:13 +0200 Subject: [PATCH 2/4] Removed version 4.2.3 SPECS --- aix/SPECS/4.2.3/wazuh-agent-4.2.3-aix.spec | 380 --- arch/SPECS/4.2.3/wazuh-agent/arch/PKGBUILD | 128 -- .../4.2.3/wazuh-agent/arch/wazuh.install | 82 - .../4.2.3/wazuh-agent/arch/wazuh.sysusers | 2 - debs/SPECS/4.2.3/wazuh-agent/debian/changelog | 433 ---- debs/SPECS/4.2.3/wazuh-agent/debian/compat | 1 - debs/SPECS/4.2.3/wazuh-agent/debian/conffiles | 0 debs/SPECS/4.2.3/wazuh-agent/debian/control | 14 - debs/SPECS/4.2.3/wazuh-agent/debian/copyright | 38 - debs/SPECS/4.2.3/wazuh-agent/debian/postinst | 188 -- debs/SPECS/4.2.3/wazuh-agent/debian/postrm | 74 - debs/SPECS/4.2.3/wazuh-agent/debian/preinst | 85 - debs/SPECS/4.2.3/wazuh-agent/debian/prerm | 64 - debs/SPECS/4.2.3/wazuh-agent/debian/rules | 148 -- .../4.2.3/wazuh-agent/debian/source/format | 1 - debs/SPECS/4.2.3/wazuh-agent/debian/templates | 4 - .../debian/wazuh-agent.lintian-overrides | 9 - .../4.2.3/wazuh-manager/debian/changelog | 370 --- debs/SPECS/4.2.3/wazuh-manager/debian/compat | 1 - .../4.2.3/wazuh-manager/debian/conffiles | 0 debs/SPECS/4.2.3/wazuh-manager/debian/control | 15 - .../4.2.3/wazuh-manager/debian/copyright | 38 - .../SPECS/4.2.3/wazuh-manager/debian/postinst | 288 --- debs/SPECS/4.2.3/wazuh-manager/debian/postrm | 89 - debs/SPECS/4.2.3/wazuh-manager/debian/preinst | 151 -- debs/SPECS/4.2.3/wazuh-manager/debian/prerm | 85 - debs/SPECS/4.2.3/wazuh-manager/debian/rules | 205 -- .../4.2.3/wazuh-manager/debian/source/format | 1 - .../debian/wazuh-manager.lintian-overrides | 9 - rpms/SPECS/4.2.3/wazuh-agent-4.2.3.spec | 730 ------ rpms/SPECS/4.2.3/wazuh-manager-4.2.3.spec | 984 -------- .../SPECS/template_agent_v4.2.3.json | 2043 ----------------- 32 files changed, 6660 deletions(-) delete mode 100644 aix/SPECS/4.2.3/wazuh-agent-4.2.3-aix.spec delete mode 100644 arch/SPECS/4.2.3/wazuh-agent/arch/PKGBUILD delete mode 100644 arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.install delete mode 100644 arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.sysusers delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/changelog delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/compat delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/conffiles delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/control delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/copyright delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/postinst delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/postrm delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/preinst delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/prerm delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/rules delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/source/format delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/templates delete mode 100644 debs/SPECS/4.2.3/wazuh-agent/debian/wazuh-agent.lintian-overrides delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/changelog delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/compat delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/conffiles delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/control delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/copyright delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/postinst delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/postrm delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/preinst delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/prerm delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/rules delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/source/format delete mode 100644 debs/SPECS/4.2.3/wazuh-manager/debian/wazuh-manager.lintian-overrides delete mode 100644 rpms/SPECS/4.2.3/wazuh-agent-4.2.3.spec delete mode 100644 rpms/SPECS/4.2.3/wazuh-manager-4.2.3.spec delete mode 100644 solaris/solaris11/SPECS/template_agent_v4.2.3.json diff --git a/aix/SPECS/4.2.3/wazuh-agent-4.2.3-aix.spec b/aix/SPECS/4.2.3/wazuh-agent-4.2.3-aix.spec deleted file mode 100644 index 6e1df25a92..0000000000 --- a/aix/SPECS/4.2.3/wazuh-agent-4.2.3-aix.spec +++ /dev/null @@ -1,380 +0,0 @@ -# Spec file for AIX systems -Name: wazuh-agent -Version: 4.2.3 -Release: 1 -License: GPL -URL: https://www.wazuh.com/ -Vendor: Wazuh, Inc -Packager: Wazuh, Inc -Summary: The Wazuh agent, used for threat detection, incident response and integrity monitoring. - -Group: System Environment/Daemons -AutoReqProv: no -Source0: %{name}-%{version}.tar.gz -Conflicts: ossec-hids ossec-hids-agent wazuh-manager wazuh-local -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) - -BuildRequires: coreutils automake autoconf libtool - -%description -Wazuh is an open source security monitoring solution for threat detection, integrity monitoring, incident response and compliance. - -%prep -%setup -q -deps_version=`cat src/Makefile | grep "DEPS_VERSION =" | cut -d " " -f 3` -cd src && gmake clean && gmake deps RESOURCES_URL=http://packages.wazuh.com/deps/${deps_version} TARGET=agent -gmake TARGET=agent USE_SELINUX=no -cd .. - -%install -# Clean BUILDROOT -rm -fr %{buildroot} - -echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf -echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf -echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf -echo 'USER_DIR="%{_localstatedir}"' >> ./etc/preloaded-vars.conf -echo 'USER_DELETE_DIR="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_ACTIVE_RESPONSE="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_SYSCHECK="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_ROOTCHECK="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_CISCAT="n"' >> ./etc/preloaded-vars.conf -echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf -echo 'USER_AGENT_SERVER_IP="MANAGER_IP"' >> ./etc/preloaded-vars.conf -echo 'USER_CA_STORE="/path/to/my_cert.pem"' >> ./etc/preloaded-vars.conf -echo 'USER_AUTO_START="n"' >> ./etc/preloaded-vars.conf -./install.sh - -# Remove unnecessary files or directories -rm -rf %{_localstatedir}/selinux - -# Create directories -mkdir -p ${RPM_BUILD_ROOT}%{_init_scripts} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh - -# Copy the files into RPM_BUILD_ROOT directory -sed "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-aix.init > src/init/templates/ossec-hids-aix.init.tmp -mv src/init/templates/ossec-hids-aix.init.tmp src/init/templates/ossec-hids-aix.init -install -m 0750 src/init/templates/ossec-hids-aix.init ${RPM_BUILD_ROOT}%{_init_scripts}/wazuh-agent -cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ - -# Add configuration scripts -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/ -cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/ -cp add_localfiles.sh ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/ - -# Support files for dynamic creation of configuraiton file -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic -cp -pr etc/templates/config/generic/* ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic/localfile-logs -cp -pr etc/templates/config/generic/localfile-logs/* ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/etc/templates/config/generic/localfile-logs - -# Support scripts for post installation -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/init -cp src/init/*.sh ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/init - -# Add installation scripts -cp src/VERSION ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/ -cp src/REVISION ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/src/ - -exit 0 - -%pre - -# Create ossec user and group -if ! grep "^ossec:" /etc/group > /dev/null 2>&1; then - /usr/bin/mkgroup ossec -fi -if ! grep "^ossec" /etc/passwd > /dev/null 2>&1; then - /usr/sbin/useradd ossec - /usr/sbin/usermod -G ossec ossec -fi - -# Remove existent config file and notify user for new installations -if [ $1 = 1 ]; then - if [ -f %{_localstatedir}/etc/ossec.conf ]; then - echo "A backup from your ossec.conf has been created at %{_localstatedir}/etc/ossec.conf.rpmorig" - echo "Please verify your ossec.conf configuration at %{_localstatedir}/etc/ossec.conf" - mv %{_localstatedir}/etc/ossec.conf %{_localstatedir}/etc/ossec.conf.rpmorig - fi -fi - -if [ $1 = 2 ]; then - if /etc/rc.d/init.d/wazuh-agent status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - /etc/rc.d/init.d/wazuh-agent stop > /dev/null 2>&1 || : - touch %{_localstatedir}/tmp/wazuh.restart - fi - %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 -fi - -if [ $1 = 2 ]; then - if [ -d %{_localstatedir}/logs/ossec ]; then - cp -rp %{_localstatedir}/logs/ossec %{_localstatedir}/tmp/logs/wazuh > /dev/null 2>&1 - rm -rf %{_localstatedir}/logs/ossec/* - rm -rf %{_localstatedir}/logs/ossec/.??* - fi - - if [ -d %{_localstatedir}/queue/ossec ]; then - cp -rp %{_localstatedir}/queue/ossec %{_localstatedir}/tmp/queue/sockets > /dev/null 2>&1 - rm -rf %{_localstatedir}/queue/ossec/* - rm -rf %{_localstatedir}/queue/ossec/.??* - fi -fi - -%post - -if [ $1 = 2 ]; then - if [ -d %{_localstatedir}/tmp/logs/wazuh ]; then - rm -rf %{_localstatedir}/logs/wazuh - mv %{_localstatedir}/tmp/logs/ossec %{_localstatedir}/logs/wazuh> /dev/null 2>&1 - fi - - if [ -d %{_localstatedir}/tmp/queue/sockets ]; then - rm -rf %{_localstatedir}/queue/sockets - mv %{_localstatedir}/tmp/queue/ossec %{_localstatedir}/queue/sockets > /dev/null 2>&1 - fi -fi - -# New installations -if [ $1 = 1 ]; then - - # Generating ossec.conf file - . %{_localstatedir}/tmp/src/init/dist-detect.sh - %{_localstatedir}/tmp/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} %{_localstatedir} > %{_localstatedir}/etc/ossec.conf - - # Add default local_files to ossec.conf - %{_localstatedir}/tmp/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf - - # Restore Wazuh manager configuration - if [ -f %{_localstatedir}/etc/ossec.conf.rpmorig ]; then - %{_localstatedir}/tmp/src/init/replace_manager_ip.sh %{_localstatedir}/etc/ossec.conf.rpmorig %{_localstatedir}/etc/ossec.conf - fi - - # Fix for AIX: netstat command - sed 's/netstat -tulpn/netstat -tu/' %{_localstatedir}/etc/ossec.conf > %{_localstatedir}/etc/ossec.conf.tmp - mv %{_localstatedir}/etc/ossec.conf.tmp %{_localstatedir}/etc/ossec.conf - sed 's/sort -k 4 -g/sort -n -k 4/' %{_localstatedir}/etc/ossec.conf > %{_localstatedir}/etc/ossec.conf.tmp - mv %{_localstatedir}/etc/ossec.conf.tmp %{_localstatedir}/etc/ossec.conf - - # Generate the active-responses.log file - touch %{_localstatedir}/logs/active-responses.log - chown ossec:ossec %{_localstatedir}/logs/active-responses.log - chmod 0660 %{_localstatedir}/logs/active-responses.log - - %{_localstatedir}/tmp/src/init/register_configure_agent.sh %{_localstatedir} > /dev/null || : - -fi -chown root:ossec %{_localstatedir}/etc/ossec.conf -ln -fs /etc/rc.d/init.d/wazuh-agent /etc/rc.d/rc2.d/S97wazuh-agent -ln -fs /etc/rc.d/init.d/wazuh-agent /etc/rc.d/rc3.d/S97wazuh-agent - -rm -rf %{_localstatedir}/tmp/etc -rm -rf %{_localstatedir}/tmp/src -rm -f %{_localstatedir}/tmp/add_localfiles.sh - -chmod 0660 %{_localstatedir}/etc/ossec.conf - -if [ -f %{_localstatedir}/tmp/wazuh.restart ]; then - rm -f %{_localstatedir}/tmp/wazuh.restart - /etc/rc.d/init.d/wazuh-agent restart > /dev/null 2>&1 || : -fi - -%preun - -if [ $1 = 0 ]; then - - /etc/rc.d/init.d/wazuh-agent stop > /dev/null 2>&1 || : - rm -f %{_localstatedir}/queue/sockets/* - rm -f %{_localstatedir}/queue/sockets/.agent_info || : - rm -f %{_localstatedir}/queue/sockets/.wait || : - rm -f %{_localstatedir}/queue/diff/* - rm -f %{_localstatedir}/queue/alerts/* - rm -f %{_localstatedir}/queue/rids/* - -fi - - -%postun - -# Remove ossec user and group -if [ $1 = 0 ];then - if grep "^ossec" /etc/passwd > /dev/null 2>&1; then - userdel ossec - fi - if grep "^ossec:" /etc/group > /dev/null 2>&1; then - rmgroup ossec - fi - - rm -rf %{_localstatedir}/ruleset -fi - - -%clean -rm -fr %{buildroot} - -%files -%{_init_scripts}/* - -%dir %attr(750,root,ossec) %{_localstatedir} -%attr(750,root,ossec) %{_localstatedir}/agentless -%dir %attr(770,root,ossec) %{_localstatedir}/.ssh -%dir %attr(750,root,ossec) %{_localstatedir}/active-response -%dir %attr(750,root,ossec) %{_localstatedir}/active-response/bin -%attr(750,root,ossec) %{_localstatedir}/active-response/bin/* -%dir %attr(750,root,system) %{_localstatedir}/bin -%attr(750,root,system) %{_localstatedir}/bin/* -%dir %attr(750,root,ossec) %{_localstatedir}/backup -%dir %attr(770,ossec,ossec) %{_localstatedir}/etc -%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/client.keys -%attr(640,root,ossec) %{_localstatedir}/etc/internal_options* -%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/local_internal_options.conf -%attr(660,root,ossec) %config(noreplace) %{_localstatedir}/etc/ossec.conf -%attr(640,root,ossec) %{_localstatedir}/etc/wpk_root.pem -%dir %attr(770,root,ossec) %{_localstatedir}/etc/shared -%attr(660,root,ossec) %config(missingok,noreplace) %{_localstatedir}/etc/shared/* -%dir %attr(750,root,system) %{_localstatedir}/lib -%attr(750,root,ossec) %{_localstatedir}/lib/* -%dir %attr(770,ossec,ossec) %{_localstatedir}/logs -%attr(660,ossec,ossec) %ghost %{_localstatedir}/logs/active-responses.log -%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.log -%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.json -%dir %attr(750,ossec,ossec) %{_localstatedir}/logs/wazuh -%dir %attr(750,root,ossec) %{_localstatedir}/queue -%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/sockets -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/diff -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim/db -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector/db -%attr(640, root,ossec) %{_localstatedir}/queue/syscollector/norm_config.json -%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/alerts -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/rids -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/logcollector -%dir %attr(750, ossec, ossec) %{_localstatedir}/ruleset/sca -%dir %attr(1750,root,ossec) %{_localstatedir}/tmp -%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/add_localfiles.sh -%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/gen_ossec.sh -%dir %attr(1750,root,ossec) %config(missingok) %{_localstatedir}/tmp/etc/templates -%dir %attr(1750,root,ossec) %config(missingok) %{_localstatedir}/tmp/etc/templates/config -%dir %attr(1750,root,ossec) %config(missingok) %{_localstatedir}/tmp/etc/templates/config/generic -%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/etc/templates/config/generic/*.template -%dir %attr(1750,root,ossec) %config(missingok) /var/ossec/tmp/etc/templates/config/generic/localfile-logs -%attr(750,root,system) %config(missingok) /var/ossec/tmp/etc/templates/config/generic/localfile-logs/*.template -%attr(750,root,system) %config(missingok) %{_localstatedir}/tmp/src/* -%dir %attr(750,root,ossec) %{_localstatedir}/var -%dir %attr(770,root,ossec) %{_localstatedir}/var/incoming -%dir %attr(770,root,ossec) %{_localstatedir}/var/run -%dir %attr(770,root,ossec) %{_localstatedir}/var/upgrade -%dir %attr(770,root,ossec) %{_localstatedir}/var/wodles -%dir %attr(750,root,ossec) %{_localstatedir}/wodles -%attr(750,root,ossec) %{_localstatedir}/wodles/* - - -%changelog -* Wed Oct 06 2021 support - 4.2.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Sep 28 2021 support - 4.2.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Sep 25 2021 support - 4.2.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 26 2021 support - 4.2.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Apr 24 2021 support - 3.13.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 22 2021 support - 4.1.5 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Mar 29 2021 support - 4.1.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Mar 20 2021 support - 4.1.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Mar 08 2021 support - 4.1.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Mar 05 2021 support - 4.1.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 19 2021 support - 4.1.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 30 2020 support - 4.0.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 23 2020 support - 4.0.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Oct 31 2020 support - 4.0.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Oct 19 2020 support - 4.0.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Aug 21 2020 support - 3.13.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jul 14 2020 support - 3.13.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 29 2020 support - 3.13.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed May 13 2020 support - 3.12.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Apr 9 2020 support - 3.12.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Apr 8 2020 support - 3.12.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Mar 25 2020 support - 3.12.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Feb 24 2020 support - 3.11.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 22 2020 support - 3.11.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 7 2020 support - 3.11.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Dec 26 2019 support - 3.11.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Oct 7 2019 support - 3.11.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Sep 23 2019 support - 3.10.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Sep 19 2019 support - 3.10.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Aug 26 2019 support - 3.10.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Aug 8 2019 support - 3.9.5 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jul 12 2019 support - 3.9.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jul 02 2019 support - 3.9.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 11 2019 support - 3.9.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 01 2019 support - 3.9.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Feb 25 2019 support - 3.9.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 30 2019 support - 3.8.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Jan 24 2019 support - 3.8.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Jan 18 2019 support - 3.8.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Nov 7 2018 support - 3.7.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Sep 10 2018 support - 3.6.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Sep 7 2018 support - 3.6.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jul 25 2018 support - 3.5.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jul 11 2018 support - 3.4.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 18 2018 support - 3.3.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 11 2018 support - 3.3.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed May 30 2018 support - 3.2.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu May 10 2018 support - 3.2.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 09 2018 support - 3.2.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Feb 21 2018 support - 3.2.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Feb 07 2018 support - 3.2.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Dec 21 2017 support - 3.1.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 06 2017 support - 3.0.0 -- More info: https://documentation.wazuh.com/current/release-notes/ diff --git a/arch/SPECS/4.2.3/wazuh-agent/arch/PKGBUILD b/arch/SPECS/4.2.3/wazuh-agent/arch/PKGBUILD deleted file mode 100644 index 368db81955..0000000000 --- a/arch/SPECS/4.2.3/wazuh-agent/arch/PKGBUILD +++ /dev/null @@ -1,128 +0,0 @@ -pkgname=wazuh-agent -pkgver=PARAM_VERSION -pkgrel=PARAM_RELEASE -pkgdesc="Wazuh agent" -arch=(x86_64) -url='https://github.com/wazuh/wazuh' -license=(GPL2) -source=('PARAM_SOURCE_FILE' - 'wazuh.sysusers') -sha512sums=('SKIP' - 'adce723356b0b533854700d4c367cedf4caba13146e1b754d60e72939d301d248a48f7b61d82c9104616f1e7720e4712cca9f37d3d4de37f1d0b5581c159f3d6') -depends=('python' 'brotli') -noextract=('PARAM_SOURCE_FILE') -backup=('PARAM_INSTALLATION_BACKUP_DIR/etc/client.keys' - 'PARAM_INSTALLATION_BACKUP_DIR/etc/local_internal_options.conf' - 'PARAM_INSTALLATION_BACKUP_DIR/etc/ossec.conf') -install=wazuh.install - -build() { - mkdir -p ${srcdir}/wazuh - tar xzf ${srcdir}/"PARAM_SOURCE_FILE" -C ${srcdir}/wazuh - cd ${srcdir}/wazuh - make -C src deps - make -jPARAM_JOBS -C src TARGET=agent DEBUG=PARAM_DEBUG PREFIX="PARAM_INSTALLATION_DIR" - - rm -f /tmp/fake-install.saved - USER_LANGUAGE="en" \ - USER_NO_STOP="y" \ - USER_INSTALL_TYPE="agent" \ - USER_DIR="PARAM_INSTALLATION_DIR" \ - USER_DELETE_DIR="n" \ - USER_ENABLE_ACTIVE_RESPONSE="y" \ - USER_ENABLE_SYSCHECK="y" \ - USER_ENABLE_ROOTCHECK="y" \ - USER_ENABLE_OPENSCAP="y" \ - USER_ENABLE_CISCAT="y" \ - USER_ENABLE_SYSCOLLECTOR="y" \ - USER_UPDATE="n" \ - USER_AGENT_SERVER_IP="MANAGER_IP" \ - USER_CA_STORE="/path/to/my_cert.pem" \ - USER_AUTO_START="n" \ - fakeroot ./install.sh - - echo "#!/bin/sh" > ${srcdir}/wazuh/fix_owner.sh - cat /tmp/fake-install.saved >> ${srcdir}/wazuh/fix_owner.sh - chmod +x ${srcdir}/wazuh/fix_owner.sh -} - -package() { - install -Dm0644 ${srcdir}/wazuh.sysusers ${pkgdir}/usr/lib/sysusers.d/wazuh.conf - cd ${srcdir}/wazuh - - # Copying systemd file - mkdir -p ${pkgdir}/usr/lib/systemd/system/ - install -m 0644 src/init/templates/wazuh-agent.service ${pkgdir}/usr/lib/systemd/system/ - - # Generating permission restoration file for postinstall - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR" - - # Remove preinstalled log files - rm -rf "PARAM_INSTALLATION_DIR"/logs/*.log - rm -rf "PARAM_INSTALLATION_DIR"/logs/*.json - - # Clean the preinstalled configuration assesment files - rm -rf ${pkgdir}/"PARAM_INSTALLATION_DIR"/ruleset/sca - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_DIR"/ruleset/sca - - # Copying to target - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_DIR"/ - cp -rp "PARAM_INSTALLATION_DIR"/. ${pkgdir}/"PARAM_INSTALLATION_DIR"/ - - # Copying install scripts to /usr/share - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ - cp -p gen_ossec.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ - cp -p add_localfiles.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ - cp -p fix_owner.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR" - - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src - - # Install configuration assesment files and files templates - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/applications - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/amzn/1 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/amzn/2 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/5 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/6 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/7 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/15 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/16 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/17 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/18 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/7 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/8 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/9 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/5 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/6 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/7 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sles/11 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sles/12 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sunos - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/suse/11 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/suse/12 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/12/04 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/14/04 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/16/04 - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/windows - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sunos/5/11 - - cp -r ruleset/sca/* ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca - - cp etc/templates/config/generic/sca.files ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic - cp etc/templates/config/generic/sca.manager.files ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic - - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src/init - cp -r src/init/* ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src/init - - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/generic - cp -r etc/templates/config/generic ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ - - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/debian - cp -r etc/templates/config/debian ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ - - mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ubuntu - cp -r etc/templates/config/ubuntu ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ - - # Generate ossec-init.conf - ./gen_ossec.sh conf agent $(lsb_release -si) $(lsb_release -sr) "PARAM_INSTALLATION_DIR" > ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ossec-init.conf -} diff --git a/arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.install b/arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.install deleted file mode 100644 index 8eb3a6c675..0000000000 --- a/arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.install +++ /dev/null @@ -1,82 +0,0 @@ -DIR="PARAM_INSTALLATION_DIR" -SCRIPTS_DIR="PARAM_INSTALLATION_SCRIPTS_DIR" -SCA_BASE_DIR="${SCRIPTS_DIR}/sca" -USER="ossec" -GROUP="ossec" - -common() { - # Install the SCA files - if [ -d "${SCA_BASE_DIR}" ]; then - - . ${SCRIPTS_DIR}/src/init/dist-detect.sh - - SCA_DIR="${DIST_NAME}/${DIST_VER}" - - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" - mkdir -p ${DIR}/ruleset/sca - - # Install the configuration files needed for this hosts - if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" - elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" - elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" - else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" - fi - - SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - - if [ -r ${SCA_TMP_FILE} ]; then - - for sca_file in $(cat ${SCA_TMP_FILE}); do - cp ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca - done - fi - - # Set correct permissions, owner and group - chmod 640 ${DIR}/ruleset/sca/* - chown root:${GROUP} ${DIR}/ruleset/sca/* - - fi - - touch ${DIR}/logs/active-responses.log - chown ossec:ossec ${DIR}/logs/active-responses.log - chmod 0660 ${DIR}/logs/active-responses.log - - # Register and configure agent if Wazuh environment variables are defined - if [ -z "$2" ] ; then - ${SCRIPTS_DIR}/src/init/register_configure_agent.sh > /dev/null || : - fi - - # Restoring file permissions - ${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || : - - # Fix /etc/ossec-init.conf - chmod 640 /etc/ossec-init.conf - chown root:ossec /etc/ossec-init.conf - ${SCRIPTS_DIR}/fix_owner.sh 2>/dev/null -} - -post_upgrade() { - ${SCRIPTS_DIR}/gen_ossec.sh conf agent Arch rolling > ${DIR}/etc/ossec.conf.new - chmod 660 ${DIR}/etc/ossec.conf.new - - common -} - -post_install() { - if ! getent group | grep -q "^ossec" ; then - systemd-sysusers - fi - - if [ -f ${SCRIPTS_DIR}/ossec-init.conf ] ; then - cp ${SCRIPTS_DIR}/ossec-init.conf /etc/ossec-init.conf - fi - - ${SCRIPTS_DIR}/gen_ossec.sh conf agent Arch rolling > ${DIR}/etc/ossec.conf - ${SCRIPTS_DIR}/add_localfiles.sh >> ${DIR}/etc/ossec.conf - - common -} diff --git a/arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.sysusers b/arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.sysusers deleted file mode 100644 index 0c3f362b47..0000000000 --- a/arch/SPECS/4.2.3/wazuh-agent/arch/wazuh.sysusers +++ /dev/null @@ -1,2 +0,0 @@ -u ossec - - - -g ossec - - - diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/changelog b/debs/SPECS/4.2.3/wazuh-agent/debian/changelog deleted file mode 100644 index a1b21ba7bb..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/changelog +++ /dev/null @@ -1,433 +0,0 @@ -wazuh-agent (4.2.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 06 Oct 2021 15:07:13 +0000 - -wazuh-agent (4.2.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 28 Sep 2021 08:58:38 +0000 - -wazuh-agent (4.2.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 25 Sep 2021 07:04:22 +0000 - -wazuh-agent (4.2.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 26 Apr 2021 11:51:55 +0000 - -wazuh-agent (4.1.5-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 22 Apr 2021 16:50:05 +0000 - -wazuh-agent (4.1.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 29 Mar 2021 16:23:09 +0000 - -wazuh-agent (4.1.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 20 Mar 2021 13:41:26 +0000 - -wazuh-agent (4.1.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 08 Mar 2021 14:00:25 +0000 - -wazuh-agent (4.1.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Fri, 05 Mar 2021 13:24:41 +0000 - -wazuh-agent (4.1.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 19 Jan 2021 06:25:59 +0000 - - wazuh-agent (4.0.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 12 Jan 2021 09:30:15 +0000 - -wazuh-agent (4.0.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 30 Nov 2020 10:00:15 +0000 - -wazuh-agent (4.0.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 23 Nov 2020 12:16:36 +0000 - -wazuh-agent (4.0.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 31 Oct 2020 12:16:36 +0000 - -wazuh-agent (4.0.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 19 Oct 2020 06:59:39 +0000 - -wazuh-agent (3.13.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 24 Apr 2021 07:01:55 +0000 - -wazuh-agent (3.13.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Fri, 21 Aug 2020 10:05:02 +0000 - -wazuh-agent (3.13.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 14 Jul 2020 10:05:02 +0000 - -wazuh-agent (3.13.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 29 Jun 2020 10:05:02 +0000 - -wazuh-agent (3.12.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 9 Apr 2020 08:47:14 +0000 - -wazuh-agent (3.12.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 8 Apr 2020 16:12:28 +0000 - -wazuh-agent (3.12.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 25 Mar 2020 10:20:48 +0000 - -wazuh-agent (3.11.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 24 Feb 2020 10:01:00 +0000 - -wazuh-agent (3.11.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 22 Jan 2020 10:01:00 +0000 - -wazuh-agent (3.11.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 7 Jan 2020 10:01:00 +0000 - -wazuh-agent (3.11.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 26 Dec 2019 13:33:00 +0000 - -wazuh-agent (3.11.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 7 Oct 2019 13:33:00 +0000 - -wazuh-agent (3.10.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 23 Sep 2019 10:19:00 +0000 - -wazuh-agent (3.10.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 19 Sep 2019 13:33:00 +0000 - -wazuh-agent (3.10.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 26 Aug 2019 13:33:00 +0000 - -wazuh-agent (3.9.5-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 8 Aug 2019 16:31:00 +0000 - -wazuh-agent (3.9.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 12 Jul 2019 16:31:00 +0000 - -wazuh-agent (3.9.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 11 Jun 2019 16:31:00 +0000 - -wazuh-agent (3.9.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 6 Jun 2019 13:33:00 +0000 - -wazuh-agent (3.9.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 6 May 2019 13:33:00 +0000 - -wazuh-agent (3.9.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 25 Feb 2019 11:00:00 +0000 - -wazuh-agent (3.8.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 30 Jan 2019 11:00:00 +0000 - -wazuh-agent (3.8.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 24 Jan 2019 09:28:34 +0000 - -wazuh-agent (3.8.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 16 Jan 2019 11:00:00 +0000 - -wazuh-agent (3.7.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 10 Dec 2018 11:00:00 +0000 - -wazuh-agent (3.7.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 12 Nov 2018 11:00:00 +0000 - -wazuh-agent (3.7.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 10 Nov 2018 11:00:00 +0000 - -wazuh-agent (3.6.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 3 Sep 2018 11:00:00 +0000 - -wazuh-agent (3.6.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Fri, 24 Aug 2018 11:00:00 +0000 - -wazuh-agent (3.5.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 25 Jul 2018 20:12:41 +0000 - -wazuh-agent (3.4.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 28 Jun 2018 20:12:41 +0000 - -wazuh-agent (3.3.1-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 14 Jun 2018 9:29:41 +0000 - -wazuh-agent (3.3.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 07 Jun 2018 10:00:31 +0000 - -wazuh-agent (3.2.4-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 30 May 2018 12:44:31 +0000 - -wazuh-agent (3.2.3-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 15 May 2018 12:35:30 +0000 - -wazuh-agent (3.2.2-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 13 Mar 2018 12:35:30 +0000 - -wazuh-agent (3.2.1-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 21 Feb 2018 15:26:30 +0000 - -wazuh-agent (3.2.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 11 Dec 2017 15:19:24 +0000 - - -wazuh-agent (3.1.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 19 Dec 2017 08:00:10 +0000 - - -wazuh-agent (3.0.0-2) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 01 Nov 2017 08:00:10 +0000 - -wazuh-agent (2.1.1-1) stable; urgency=low - - * Labels configuration for agents to show data on alerts. - * Added group property for agents to customize shared files set. - * Send shared files to multiple agents in parallel. - * New decoder plugin for logs in JSON format with dynamic fields definition. - * Brought framework from API to Wazuh project. - * Show merged files MD5 checksum by agent_control and framework. - * New reliable request protocol for manager-agent communication. - * Remote agent upgrades with signed WPK packages. - * Added option for Remoted to prevent it from writing shared merged file. - * Added state for Agentd and Windows agent to notify connection state and metrics. - * Added new json log format for local file monitoring. - * Added OpenSCAP SSG datastream content for Ubuntu Trusty Tahr. - * Increased shared file delivery speed when using TCP. - * Increased TCP listening socket backlog. - * Changed Windows agent UI panel to show revision number instead of installation date. - * Group every decoded field (static and dynamic fields-1) into a data object for JSON alerts. - * Reload shared files by Remoted every 10 minutes. - * Increased string size limit for XML reader to 4096 bytes. - * Updated Logstash configuration and Elasticsearch mappings. - * Changed template fields structure for Kibana dashboards. - * Increased dynamic field limit to 1024, and default to 256. - * Changed agent buffer 'length' parameter to 'queue_size'. - * Changed some Rootcheck error messages to verbose logs. - * Removed unnecessary message by manage_agents advising to restart Wazuh manager. - * Fixed wrong queries to get last Syscheck and Rootcheck date. - * Prevent Logcollector keep-alives from being stored on archives.json. - * Fixed length of random message within keep-alives. - * Fixed Windows version detection for Windows 8 and newer. - * Fixed incorrect CIDR writing on client.keys by Authd. - * Fixed missing buffer flush by Analysisd when updating Rootcheck database. - * Stop Wazuh service before removing folder to reinstall. - - -- Wazuh, Inc Mon, 01 Aug 2016 08:00:10 +0000 - -wazuh-agent (2.1.0-1) stable; urgency=low - - * Rotate and compress log feature. - * Labeling data for agents to be shown in alerts. - * New 'auth' configuration template. - * Make manage_agents capable of add and remove agents via Authd. - * Implemented XML configuration for Authd. - * Option -F for Authd to force insertion if it finds duplicated name. - * Local auth client to manage agent keys. - * Added OS name and version into global.db. - * Option for logging in JSON format. - * Allow maild to send through a sendmail-like executable (by James Le Cuirot). - * Leaky bucket-like buffer for agents to prevent network flooding. - * Allow Syslog client to read JSON alerts. - * Allow Mail reporter to read JSON alerts. - * Added internal option to tune Rootcheck sleep time. - * Added route-null Active Response script for Windows 2012 (by @CrazyLlama). - * Updated SQLite library to 3.19.2. - * Updated zlib to 1.2.11. - * Updated cJSON library to 1.4.7. - * Change some manage_agents option parameters. - * Run Auth in background by default. - * Log classification as debug, info, warning, error and critical. - * Limit number of reads per cycle by Logcollector to prevent log starvation. - * Limit OpenSCAP module's event forwarding speed. - * Increased debug level of repeated Rootcheck messages. - * Send events when OpenSCAP starts and finishes scans. - * Delete PID files when a process exits not due to a signal. - * Change error messages due to SSL handshake failure to debug messages. - * Force group addition on installation for compatibility with LDAP (thanks to Gary Feltham). - * Fixed compiling error on systems with no OpenSSL. - * Fixed compiling warning at manage_agents. - * Fixed ossec-control enable/disable help message. - * Fixed unique aperture of random device on Unix. - * Fixed file sum comparison bug at Syscheck realtime engine. (Thanks to Arshad Khan) - * Close analysisd if alert outputs are disabled for all formats. - * Read Windows version name for versions newer than Windows 8 / Windows Server 2012. - * Fixed error in Analysisd that wrote Syscheck and Rootcheck databases of re-added agents on deleted files. - * Fixed internal option to configure the maximum labels' cache time. - * Fixed Auth password parsing on client side. - * Fix bad agent ID assignation in Authd on i686 architecture. - * Fixed Logcollector misconfiguration in Windows agents. - - -- Wazuh, Inc Mon, 01 Jul 2016 08:43:10 +0000 - -wazuh-agent (2.0.1-1) stable; urgency=low - - * Changed random data generator for a secure OS-provided generator. - * Changed Windows installer file name (depending on version). - * Linux distro detection using standard os-release file. - * Changed some URLs to documentation. - * Disable synchronization with SQLite databases for Syscheck by default. - * Minor changes at Rootcheck formatter for JSON alerts. - * Added debugging messages to Integrator logs. - * Show agent ID when possible on logs about incorrectly formatted messages. - * Use default maximum inotify event queue size. - * Show remote IP on encoding format errors when unencrypting messages. - - -- Wazuh, Inc Thu, 06 Jun 2017 08:43:10 +0000 - -wazuh-agent (2.0-1) stable; urgency=low - - * Wazuh-agent - base 2.0 - - -- Wazuh, Inc Mon, 30 Sep 2016 08:43:10 +0000 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/compat b/debs/SPECS/4.2.3/wazuh-agent/debian/compat deleted file mode 100644 index 7f8f011eb7..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/compat +++ /dev/null @@ -1 +0,0 @@ -7 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/conffiles b/debs/SPECS/4.2.3/wazuh-agent/debian/conffiles deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/control b/debs/SPECS/4.2.3/wazuh-agent/debian/control deleted file mode 100644 index c6c6cb0b1d..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/control +++ /dev/null @@ -1,14 +0,0 @@ -Source: wazuh-agent -Section: admin -Priority: extra -Maintainer: Wazuh, Inc -Build-Depends: debhelper (>= 7.0.50~), make, gcc, linux-libc-dev, gawk, libaudit-dev, selinux-basics -Standards-Version: 3.8.4 -Homepage: https://www.wazuh.com - -Package: wazuh-agent -Architecture: any -Depends: ${shlibs:Depends}, libc6 (>= 2.7), lsb-release, debconf, adduser -Conflicts: ossec-hids-agent, wazuh-manager, ossec-hids, wazuh-api -Breaks: ossec-hids-agent, wazuh-manager, ossec-hids -Description: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/copyright b/debs/SPECS/4.2.3/wazuh-agent/debian/copyright deleted file mode 100644 index c81ffc6807..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/copyright +++ /dev/null @@ -1,38 +0,0 @@ -This work was packaged for Debian by: - - Wazuh, Inc on Wed, 06 Oct 2021 15:07:13 +0000 - -It was downloaded from: - - https://www.wazuh.com - -Upstream Authors: - - dcid@dcid.me - Jia-BingJB_Cheng@trendmicro.com - vichargrave@gmail.com - ossec@michaelstarks.com - ddpbsd@gmail.com - scott@atomicorp.com - brad.lhotsky@gmail.com - jeremy@jeremyrossy.com - santiago.bassett@gmail.com - pedro@wazuh.com - alberto.rodriguez@wazuh.com - braulio@wazuh.com - jose.fernandez@wazuh.com - -Copyright: - - GNU General Public License version 2. - -License: - - GNU General Public License version 2. - -The Debian packaging is: - - Copyright (C) 2015-2020 Wazuh, Inc - -and is licensed under the GPL version 2, -see "/usr/share/common-licenses/GPL-2". diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/postinst b/debs/SPECS/4.2.3/wazuh-agent/debian/postinst deleted file mode 100644 index 1bc5c7205d..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/postinst +++ /dev/null @@ -1,188 +0,0 @@ -#!/bin/sh -# postinst script for wazuh-agent -# Wazuh, Inc 2015-2020 - -set -e - -case "$1" in - configure) - - OS=$(lsb_release -si) - VER=$(lsb_release -sr) - DIR="/var/ossec" - USER="ossec" - GROUP="ossec" - WAZUH_GLOBAL_TMP_DIR="${DIR}/packages_files" - WAZUH_TMP_DIR="${WAZUH_GLOBAL_TMP_DIR}/agent_config_files" - SCRIPTS_DIR="${WAZUH_GLOBAL_TMP_DIR}/agent_installation_scripts" - SCA_BASE_DIR="${SCRIPTS_DIR}/sca" - - OSMYSHELL="/sbin/nologin" - - if [ ! -f ${OSMYSHELL} ]; then - if [ -f "/bin/false" ]; then - OSMYSHELL="/bin/false" - fi - fi - - if ! getent group | grep -q "^ossec" ; then - addgroup --system ossec > /dev/null 2>&1 - fi - if ! getent passwd | grep -q "^ossec" ; then - adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER} > /dev/null 2>&1 - fi - - if [ -z "$2" ] || [ -f ${WAZUH_TMP_DIR}/create_conf ] ; then - - ${SCRIPTS_DIR}/gen_ossec.sh conf agent ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf - ${SCRIPTS_DIR}/add_localfiles.sh ${DIR} >> ${DIR}/etc/ossec.conf - - else - ${SCRIPTS_DIR}/gen_ossec.sh conf agent ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf.new - chmod 660 ${DIR}/etc/ossec.conf.new - fi - - # For the etc dir - if [ -f /etc/localtime ]; then - cp -pL /etc/localtime ${DIR}/etc/; - chmod 640 ${DIR}/etc/localtime - chown root:${GROUP} ${DIR}/etc/localtime - fi - - # Restore the local rules, client.keys and local_decoder - if [ -f ${WAZUH_TMP_DIR}/client.keys ]; then - cp ${WAZUH_TMP_DIR}/client.keys ${DIR}/etc/client.keys - fi - # Restore ossec.conf configuration - if [ -f ${WAZUH_TMP_DIR}/ossec.conf ]; then - mv ${WAZUH_TMP_DIR}/ossec.conf ${DIR}/etc/ossec.conf - fi - # Restore internal options configuration - if [ -f ${WAZUH_TMP_DIR}/local_internal_options.conf ]; then - mv ${WAZUH_TMP_DIR}/local_internal_options.conf ${DIR}/etc/local_internal_options.conf - fi - - # Install the SCA files - if [ -d "${SCA_BASE_DIR}" ]; then - - . ${SCRIPTS_DIR}/src/init/dist-detect.sh - - SCA_DIR="${DIST_NAME}/${DIST_VER}" - - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" - mkdir -p ${DIR}/ruleset/sca - - # Install the configuration files needed for this hosts - if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" - elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" - elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" - else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" - fi - - SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - - if [ -r ${SCA_TMP_FILE} ]; then - - rm -f ${DIR}/ruleset/sca/* || true - - for sca_file in $(cat ${SCA_TMP_FILE}); do - mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca - done - fi - - # Set correct permissions, owner and group - chmod 640 ${DIR}/ruleset/sca/* - chown root:${GROUP} ${DIR}/ruleset/sca/* - # Delete the temporary directory - rm -rf ${SCA_BASE_DIR} - - fi - - # Restore group files - if [ -d ${WAZUH_TMP_DIR}/group ]; then - for file in ${WAZUH_TMP_DIR}/group/* ; do - mv ${file} ${DIR}/etc/shared/ - done - rm -rf ${WAZUH_TMP_DIR}/group - fi - - touch ${DIR}/logs/active-responses.log - chown ossec:ossec ${DIR}/logs/active-responses.log - chmod 0660 ${DIR}/logs/active-responses.log - - # Check if SELinux is installed and enabled - if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - semodule -i ${DIR}/var/selinux/wazuh.pp - semodule -e wazuh - fi - fi - - # Register and configure agent if Wazuh environment variables are defined - if [ -z "$2" ] ; then - ${SCRIPTS_DIR}/src/init/register_configure_agent.sh ${DIR} > /dev/null || : - fi - - # Restoring file permissions - ${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || : - - if [ -f /etc/systemd/system/wazuh-agent.service ]; then - rm -f /etc/systemd/system/wazuh-agent.service - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then - systemctl daemon-reload > /dev/null 2>&1 - fi - fi - - if [ ! -z "$2" ]; then - if [ -f ${WAZUH_TMP_DIR}/wazuh.restart ] ; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then - systemctl daemon-reload > /dev/null 2>&1 - systemctl restart wazuh-agent.service > /dev/null 2>&1 - elif command -v service > /dev/null 2>&1 ; then - service wazuh-agent restart > /dev/null 2>&1 - else - ${DIR}/bin/wazuh-control restart > /dev/null 2>&1 - fi - fi - fi - - #Delete obsolete files - if [ -f /etc/ossec-init.conf ]; then - rm -f /etc/ossec-init.conf - fi - - # Delete installation scripts - if [ -d ${SCRIPTS_DIR} ]; then - rm -rf ${SCRIPTS_DIR} - fi - - # Delete tmp directory - if [ -d ${WAZUH_TMP_DIR} ]; then - rm -rf ${WAZUH_TMP_DIR} - fi - - # If the parent directory is empty, delete it - if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then - rm -rf ${WAZUH_GLOBAL_TMP_DIR} - fi - - ;; - - - abort-upgrade|abort-remove|abort-deconfigure) - - ;; - - - *) - echo "postinst called with unknown argument \`$1'" >22 - exit 1 - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/postrm b/debs/SPECS/4.2.3/wazuh-agent/debian/postrm deleted file mode 100644 index d8e30b4251..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/postrm +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/sh -# postrm script for wazuh-agent -# Wazuh, Inc 2015-2020 - -set -e - -DIR="/var/ossec" -WAZUH_TMP_DIR="${DIR}/packages_files/agent_config_files" - -case "$1" in - remove|failed-upgrade|abort-install|abort-upgrade|disappear) - - if [ -d ${WAZUH_TMP_DIR} ]; then - rm -rf ${WAZUH_TMP_DIR} - fi - - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then - systemctl disable wazuh-agent > /dev/null 2>&1 - systemctl daemon-reload > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then - update-rc.d -f wazuh-agent remove > /dev/null 2>&1 - fi - - # Back up the old configuration files as .save - if [ ! -d ${DIR}/etc ]; then - mkdir -p ${DIR}/etc - fi - - # If the directory is not empty, copy the files into ${DIR}/etc - if ls -A ${DIR}/tmp/conffiles > /dev/null 2>&1 ; then - mv ${DIR}/tmp/conffiles/* ${DIR}/etc - fi - rm -rf ${DIR}/tmp - if [ "$1" = "remove" ]; then - rm -rf ${DIR}/ruleset - rm -rf ${DIR}/var - rm -rf ${DIR}/logs - fi - - # Delete old .save - find ${DIR}/etc/ -type f -name "*save" -exec rm -f {} \; - - # Rename the files - find ${DIR}/etc/ -type f -exec mv {} {}.save \; - - ;; - - purge) - - if getent passwd | grep -q "^ossec" ; then - deluser ossec > /dev/null 2>&1 - fi - if getent group | grep -q "^ossec" ; then - delgroup ossec > /dev/null 2>&1 - fi - rm -rf ${DIR}/* - - ;; - - upgrade) - - ;; - - *) - echo "postrm called with unknown argument \`$1'" >&2 - exit 1 - - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/preinst b/debs/SPECS/4.2.3/wazuh-agent/debian/preinst deleted file mode 100644 index fbb87731b5..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/preinst +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/sh -# preinst script for wazuh-agent - -set -e - -# configuration variables -DIR="/var/ossec" -WAZUH_TMP_DIR="${DIR}/packages_files/agent_config_files" - -# environment configuration -if [ ! -d ${WAZUH_TMP_DIR} ]; then - mkdir -p ${WAZUH_TMP_DIR} -else - rm -rf ${WAZUH_TMP_DIR} - mkdir -p ${WAZUH_TMP_DIR} -fi - -case "$1" in - install|upgrade) - - if [ "$1" = "upgrade" ]; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then - systemctl stop wazuh-agent.service > /dev/null 2>&1 - touch ${WAZUH_TMP_DIR}/wazuh.restart - elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - service wazuh-agent stop > /dev/null 2>&1 - touch ${WAZUH_TMP_DIR}/wazuh.restart - elif ${DIR}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - touch ${WAZUH_TMP_DIR}/wazuh.restart - elif ${DIR}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - touch ${WAZUH_TMP_DIR}/wazuh.restart - fi - ${DIR}/bin/ossec-control stop > /dev/null 2>&1 || ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 - - if [ -d ${DIR}/logs/ossec ]; then - mv ${DIR}/logs/ossec ${DIR}/logs/wazuh - fi - - if [ -d ${DIR}/queue/ossec ]; then - mv ${DIR}/queue/ossec ${DIR}/queue/sockets - fi - fi - - if [ ! -z "$2" ] && [ ! -f ${DIR}/etc/ossec.conf ] ; then - touch ${WAZUH_TMP_DIR}/create_conf - fi - - # Delete old service - if [ -f /etc/init.d/ossec ]; then - rm /etc/init.d/ossec - fi - # back up the current user rules - if [ -f ${DIR}/etc/client.keys ]; then - cp ${DIR}/etc/client.keys ${WAZUH_TMP_DIR}/client.keys - fi - if [ -f ${DIR}/etc/local_internal_options.conf ]; then - cp -p ${DIR}/etc/local_internal_options.conf ${WAZUH_TMP_DIR}/local_internal_options.conf - fi - if [ -f ${DIR}/etc/ossec.conf ]; then - cp -p ${DIR}/etc/ossec.conf ${WAZUH_TMP_DIR}/ossec.conf - fi - - if [ -d ${DIR}/etc/shared ]; then - files="$(ls -A ${DIR}/etc/shared/*)" - fi - - if [ ! -z "$files" ]; then - mkdir -p ${WAZUH_TMP_DIR}/group - cp -rp ${DIR}/etc/shared/* ${WAZUH_TMP_DIR}/group/ - fi - ;; - - abort-upgrade) - - ;; - - *) - echo "preinst called with unknown argument \`$1'" >&2 - exit 1 - - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/prerm b/debs/SPECS/4.2.3/wazuh-agent/debian/prerm deleted file mode 100644 index d87ec748ff..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/prerm +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/sh -# prerm script for wazuh-manager - -set -e - -DIR="/var/ossec" - -case "$1" in - upgrade|deconfigure) - - ;; - - remove) - - # Stop the services before uninstalling the package - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then - systemctl stop wazuh-agent > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then - service wazuh-agent stop > /dev/null 2>&1 - else - ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 - fi - - # Save the conffiles - mkdir -p ${DIR}/tmp/conffiles - # Save the client.keys - if [ -f ${DIR}/etc/client.keys ]; then - cp -p ${DIR}/etc/client.keys ${DIR}/tmp/conffiles - fi - # Save the local_internal_options.conf - if [ -f ${DIR}/etc/local_internal_options.conf ]; then - cp -p ${DIR}/etc/local_internal_options.conf ${DIR}/tmp/conffiles - fi - # Save the ossec.conf - if [ -f ${DIR}/etc/ossec.conf ]; then - cp -p ${DIR}/etc/ossec.conf ${DIR}/tmp/conffiles - fi - # Save the shared configuration files - if [ -d ${DIR}/etc/shared ]; then - cp -pr ${DIR}/etc/shared ${DIR}/tmp/conffiles - fi - - if [ -d ${DIR}/etc/shared/ ]; then - rm -rf ${DIR}/etc/shared/ - fi - - ;; - - failed-upgrade) - if [ -f ${DIR}/bin/wazuh-control ]; then - ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 - fi - ;; - - *) - echo "prerm called with unknown argument \`$1'" >&2 - exit 1 - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/rules b/debs/SPECS/4.2.3/wazuh-agent/debian/rules deleted file mode 100644 index 0b4f141198..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/rules +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/make -f -# -*- makefile -*- -# Sample debian/rules that uses debhelper. -# -# This file was originally written by Joey Hess and Craig Small. -# As a special exception, when this file is copied by dh-make into a -# dh-make output file, you may use that output file without restriction. -# This special exception was added by Craig Small in version 0.37 of dh-make. -# -# Modified to make a template file for a multi-binary package with separated -# build-arch and build-indep targets by Bill Allombert 2001 - -# Uncomment this to turn on verbose mode. -export DH_VERBOSE=1 - -# This has to be exported to make some magic below work. -export DH_OPTIONS - -export TARGET_DIR=${CURDIR}/debian/wazuh-agent - -# Package build options -export INSTALLATION_DIR="/var/ossec" -export INSTALLATION_SCRIPTS_DIR="${INSTALLATION_DIR}/packages_files/agent_installation_scripts" -export JOBS="5" -export DEBUG_ENABLED="no" -export PATH="${PATH}" -export LD_LIBRARY_PATH="" - -%: - dh $@ - -override_dh_shlibdeps: - -override_dh_auto_configure: - -override_dh_auto_install: - -override_dh_install: - - rm -rf $(INSTALLATION_DIR)/ - - # Build the binaries - make -C src deps TARGET=agent - make -j$(JOBS) -C src/ TARGET=agent USE_SELINUX=yes DEBUG=$(DEBUG_ENABLED) - - USER_LANGUAGE="en" \ - USER_NO_STOP="y" \ - USER_INSTALL_TYPE="agent" \ - USER_DIR="$(INSTALLATION_DIR)" \ - USER_DELETE_DIR="y" \ - USER_ENABLE_ACTIVE_RESPONSE="y" \ - USER_ENABLE_SYSCHECK="y" \ - USER_ENABLE_ROOTCHECK="y" \ - USER_ENABLE_OPENSCAP="y" \ - USER_ENABLE_CISCAT="y" \ - USER_ENABLE_SYSCOLLECTOR="y" \ - USER_UPDATE="n" \ - USER_AGENT_SERVER_IP="MANAGER_IP" \ - USER_CA_STORE="/path/to/my_cert.pem" \ - USER_AUTO_START="n" \ - ./install.sh - - # Copying init.d script - mkdir -p ${TARGET_DIR}/etc/init.d/ - sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/ossec-hids-debian.init - - cp src/init/templates/ossec-hids-debian.init ${TARGET_DIR}/etc/init.d/wazuh-agent - - # Copying systemd file - mkdir -p ${TARGET_DIR}/usr/lib/systemd/system/ - sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/wazuh-agent.service - install -m 0644 src/init/templates/wazuh-agent.service ${TARGET_DIR}/usr/lib/systemd/system/ - - # Generating permission restoration file for postinstall - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR) - - # Remove preinstalled log files - rm -rf $(INSTALLATION_DIR)/logs/*.log - rm -rf $(INSTALLATION_DIR)/logs/*.json - - # Clean the preinstalled configuration assesment files - rm -rf ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca - mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca - - ./gen_permissions.sh $(INSTALLATION_DIR)/ ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/restore-permissions.sh - - # Copying to target - mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ - cp -r $(INSTALLATION_DIR)/. $(TARGET_DIR)$(INSTALLATION_DIR)/ - - # Copying install scripts to /usr/share - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - cp gen_ossec.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - cp add_localfiles.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src - cp src/VERSION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ - cp src/REVISION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ - - # Install configuration assesment files and files templates - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 - - cp -r ruleset/sca/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca - - cp etc/templates/config/generic/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic - cp etc/templates/config/generic/sca.manager.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic - - cp etc/templates/config/debian/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian - cp etc/templates/config/debian/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 - cp etc/templates/config/debian/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 - cp etc/templates/config/debian/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 - - cp etc/templates/config/ubuntu/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu - cp etc/templates/config/ubuntu/12/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 - cp etc/templates/config/ubuntu/14/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 - cp etc/templates/config/ubuntu/16/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init - cp -r src/init/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/generic - cp -r etc/templates/config/generic ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/debian - cp -r etc/templates/config/debian ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ubuntu - cp -r etc/templates/config/ubuntu ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ - - # Copying systemd file - mkdir -p ${TARGET_DIR}/etc/systemd/system/ - sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/wazuh-agent.service - cp src/init/templates/wazuh-agent.service ${TARGET_DIR}/etc/systemd/system/ - -override_dh_auto_clean: - $(MAKE) -C src clean - - -override_dh_strip: - dh_strip --no-automatic-dbgsym - -.PHONY: override_dh_install override_dh_strip override_dh_auto_clean override_dh_auto_build override_dh_auto_configure diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/source/format b/debs/SPECS/4.2.3/wazuh-agent/debian/source/format deleted file mode 100644 index 163aaf8d82..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/source/format +++ /dev/null @@ -1 +0,0 @@ -3.0 (quilt) diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/templates b/debs/SPECS/4.2.3/wazuh-agent/debian/templates deleted file mode 100644 index 3dbe63d83f..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/templates +++ /dev/null @@ -1,4 +0,0 @@ -Template: wazuh-agent/server-ip -Type: string -Default: 127.0.0.1 -Description: OSSEC server IP address for this agent. This server is also known as Manager and will receive information from the agent. You need to specify the IP address, the hostname is not valid. The agent still needs to be registered and started manually. diff --git a/debs/SPECS/4.2.3/wazuh-agent/debian/wazuh-agent.lintian-overrides b/debs/SPECS/4.2.3/wazuh-agent/debian/wazuh-agent.lintian-overrides deleted file mode 100644 index e1233f34da..0000000000 --- a/debs/SPECS/4.2.3/wazuh-agent/debian/wazuh-agent.lintian-overrides +++ /dev/null @@ -1,9 +0,0 @@ -wazuh-agent: embedded-library -wazuh-agent: embedded-zlib -wazuh-agent: possible-gpl-code-linked-with-openssl -wazuh-agent: new-package-should-close-itp-bug -wazuh-agent: possibly-insecure-handling-of-tmp-files-in-maintainer-script -wazuh-agent: non-standard-dir-in-var -wazuh-agent: file-in-unusual-dir -wazuh-agent: hardening-no-fortify-functions -wazuh-agent: hardening-no-relro diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/changelog b/debs/SPECS/4.2.3/wazuh-manager/debian/changelog deleted file mode 100644 index 7503f969e8..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/changelog +++ /dev/null @@ -1,370 +0,0 @@ -wazuh-manager (4.2.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 06 Oct 2021 15:07:13 +0000 - -wazuh-manager (4.2.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 28 Sep 2021 08:58:38 +0000 - -wazuh-manager (4.2.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 25 Sep 2021 07:04:22 +0000 - -wazuh-manager (4.2.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 26 Apr 2021 11:51:55 +0000 - -wazuh-manager (4.1.5-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - --- Wazuh, Inc Thu, 22 Apr 2021 16:50:05 +0000 - -wazuh-manager (4.1.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - --- Wazuh, Inc Mon, 29 Mar 2021 16:23:09 +0000 - -wazuh-manager (4.1.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - --- Wazuh, Inc Sat, 20 Mar 2021 13:41:26 +0000 - -wazuh-manager (4.1.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - --- Wazuh, Inc Mon, 08 Mar 2021 14:00:25 +0000 - -wazuh-manager (4.1.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - --- Wazuh, Inc Fri, 05 Mar 2021 13:24:41 +0000 - -wazuh-manager (4.1.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 19 Jan 2021 06:25:59 +0000 - - wazuh-manager (4.0.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 12 Jan 2021 09:30:15 +0000 - -wazuh-manager (4.0.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 30 Nov 2020 10:00:15 +0000 - -wazuh-manager (4.0.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 23 Nov 2020 12:16:36 +0000 - -wazuh-manager (4.0.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 31 Oct 2020 12:16:36 +0000 - -wazuh-manager (4.0.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 19 Oct 2020 06:59:39 +0000 - -wazuh-manager (4.0.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 19 Oct 2020 06:59:39 +0000 - -wazuh-manager (3.13.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 24 Apr 2021 07:01:55 +0000 - -wazuh-manager (3.13.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Fri, 21 Aug 2020 10:05:02 +0000 - -wazuh-manager (3.13.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 14 Jul 2020 10:05:02 +0000 - -wazuh-manager (3.13.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 29 Jun 2020 10:05:02 +0000 - -wazuh-manager (3.12.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 9 Apr 2020 08:47:14 +0000 - -wazuh-manager (3.12.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 8 Apr 2020 16:12:28 +0000 - -wazuh-manager (3.12.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 25 Mar 2020 10:20:48 +0000 - -wazuh-manager (3.11.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 24 Feb 2020 10:01:00 +0000 - -wazuh-manager (3.11.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 22 Jan 2020 10:01:00 +0000 - -wazuh-manager (3.11.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 7 Jan 2020 10:01:00 +0000 - -wazuh-manager (3.11.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 26 Dec 2019 13:33:00 +0000 - -wazuh-manager (3.11.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 7 Oct 2019 13:33:00 +0000 - -wazuh-manager (3.10.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 23 Sep 2019 10:19:00 +0000 - -wazuh-manager (3.10.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 19 Sep 2019 13:33:00 +0000 - -wazuh-manager (3.10.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 26 Aug 2019 13:33:00 +0000 - -wazuh-manager (3.9.5-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 8 Aug 2019 16:31:00 +0000 - -wazuh-manager (3.9.4-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 12 Jul 2019 16:31:00 +0000 - -wazuh-manager (3.9.3-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 11 Jun 2019 16:31:00 +0000 - -wazuh-manager (3.9.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 6 Jun 2019 13:33:00 +0000 - -wazuh-manager (3.9.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 6 May 2019 13:33:00 +0000 - -wazuh-manager (3.9.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 25 Feb 2019 11:00:00 +0000 - -wazuh-manager (3.8.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 30 Jan 2019 11:00:00 +0000 - -wazuh-manager (3.8.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 24 Jan 2019 09:28:34 +0000 - -wazuh-manager (3.8.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 16 Jan 2019 11:00:00 +0000 - -wazuh-manager (3.7.2-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 10 Dec 2018 11:00:00 +0000 - -wazuh-manager (3.7.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 12 Nov 2018 11:00:00 +0000 - -wazuh-manager (3.7.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Sat, 10 Nov 2018 11:00:00 +0000 - -wazuh-manager (3.6.1-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 3 Sep 2018 11:00:00 +0000 - -wazuh-manager (3.6.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Fri, 24 Aug 2018 11:00:00 +0000 - -wazuh-manager (3.5.0-RELEASE) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 25 Jul 2018 20:12:41 +0000 - -wazuh-manager (3.4.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 28 Jun 2018 20:12:41 +0000 - -wazuh-manager (3.3.1-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 14 Jun 2018 9:29:41 +0000 - -wazuh-manager (3.3.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 07 Jun 2018 10:00:00 +0000 - -wazuh-manager (3.2.4-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 30 May 2018 12:44:31 +0000 - -wazuh-manager (3.2.3-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 14 May 2018 12:35:30 +0000 - -wazuh-manager (3.2.2-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Tue, 13 Mar 2018 12:35:30 +0000 - -wazuh-manager (3.2.1-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Wed, 21 Feb 2018 15:26:30 +0000 - -wazuh-manager (3.2.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Thu, 11 Dec 2017 15:19:24 +0000 - - -wazuh-manager (3.1.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 01 Nov 2017 08:00:10 +0000 - - -wazuh-manager (3.0.0-2) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 01 Nov 2017 08:00:10 +0000 - -wazuh-manager (2.1.1-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 01 Aug 2016 08:43:10 +0000 - -wazuh-manager (2.1.0-1) stable; urgency=low - - * More info: https://documentation.wazuh.com/current/release-notes/ - - -- Wazuh, Inc Mon, 01 Jul 2016 08:43:10 +0000 - -wazuh-manager (2.0.1-1) stable; urgency=low - - * Changed random data generator for a secure OS-provided generator. - exi* Changed Windows installer file name (depending on version). - * Linux distro detection using standard os-release file. - * Changed some URLs to documentation. - * Disable synchronization with SQLite databases for Syscheck by default. - * Minor changes at Rootcheck formatter for JSON alerts. - * Added debugging messages to Integrator logs. - * Show agent ID when possible on logs about incorrectly formatted messages. - * Use default maximum inotify event queue size. - * Show remote IP on encoding format errors when unencrypting messages. - - -- Wazuh, Inc Thu, 06 Jun 2017 08:43:10 +0000 - -wazuh-manager (2.0-1) stable; urgency=low - - * wazuh-manager - base 2.0 - - -- Wazuh, Inc Mon, 01 Jul 2016 08:43:10 +0000 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/compat b/debs/SPECS/4.2.3/wazuh-manager/debian/compat deleted file mode 100644 index 7f8f011eb7..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/compat +++ /dev/null @@ -1 +0,0 @@ -7 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/conffiles b/debs/SPECS/4.2.3/wazuh-manager/debian/conffiles deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/control b/debs/SPECS/4.2.3/wazuh-manager/debian/control deleted file mode 100644 index bbdeb2a7c6..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/control +++ /dev/null @@ -1,15 +0,0 @@ -Source: wazuh-manager -Section: admin -Priority: extra -Maintainer: Wazuh, Inc -Build-Depends: debhelper (>= 7.0.50~), libssl-dev, linux-libc-dev, gawk, libaudit-dev, selinux-basics -Standards-Version: 3.8.4 -Homepage: http://www.wazuh.com - -Package: wazuh-manager -Architecture: any -Depends: ${shlibs:Depends}, libc6 (>= 2.7), lsb-release, debconf, adduser -Suggests: expect -Conflicts: ossec-hids-agent, wazuh-agent, ossec-hids, wazuh-api -Replaces: wazuh-api -Description: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/copyright b/debs/SPECS/4.2.3/wazuh-manager/debian/copyright deleted file mode 100644 index c81ffc6807..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/copyright +++ /dev/null @@ -1,38 +0,0 @@ -This work was packaged for Debian by: - - Wazuh, Inc on Wed, 06 Oct 2021 15:07:13 +0000 - -It was downloaded from: - - https://www.wazuh.com - -Upstream Authors: - - dcid@dcid.me - Jia-BingJB_Cheng@trendmicro.com - vichargrave@gmail.com - ossec@michaelstarks.com - ddpbsd@gmail.com - scott@atomicorp.com - brad.lhotsky@gmail.com - jeremy@jeremyrossy.com - santiago.bassett@gmail.com - pedro@wazuh.com - alberto.rodriguez@wazuh.com - braulio@wazuh.com - jose.fernandez@wazuh.com - -Copyright: - - GNU General Public License version 2. - -License: - - GNU General Public License version 2. - -The Debian packaging is: - - Copyright (C) 2015-2020 Wazuh, Inc - -and is licensed under the GPL version 2, -see "/usr/share/common-licenses/GPL-2". diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/postinst b/debs/SPECS/4.2.3/wazuh-manager/debian/postinst deleted file mode 100644 index 675a7ad49d..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/postinst +++ /dev/null @@ -1,288 +0,0 @@ -#!/bin/sh -# postinst script for Wazuh -# Wazuh, Inc 2015-2020 -set -e -case "$1" in - configure) - - OS=$(lsb_release -si) - VER=$(lsb_release -sr) - DIR="/var/ossec" - USER="ossec" - USER_MAIL="ossecm" - USER_REM="ossecr" - GROUP="ossec" - WAZUH_GLOBAL_TMP_DIR="${DIR}/packages_files" - WAZUH_TMP_DIR="${WAZUH_GLOBAL_TMP_DIR}/manager_config_files" - OSMYSHELL="/sbin/nologin" - SCRIPTS_DIR="${WAZUH_GLOBAL_TMP_DIR}/manager_installation_scripts" - SCA_BASE_DIR="${SCRIPTS_DIR}/sca" - - if [ ! -f ${OSMYSHELL} ]; then - if [ -f "/bin/false" ]; then - OSMYSHELL="/bin/false" - fi - fi - - if ! getent group | grep -q "^ossec" ; then - addgroup --system ossec > /dev/null 2>&1 - fi - if ! getent passwd | grep -q "^ossec" ; then - adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER} > /dev/null 2>&1 - fi - if ! getent passwd | grep -q "^ossecm" ; then - adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER_MAIL} > /dev/null 2>&1 - fi - if ! getent passwd | grep -q "^ossecr" ; then - adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER_REM} > /dev/null 2>&1 - fi - - if [ -z "$2" ] || [ -f ${WAZUH_TMP_DIR}/create_conf ] ; then - - ${SCRIPTS_DIR}/gen_ossec.sh conf manager ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf - ${SCRIPTS_DIR}/add_localfiles.sh ${DIR} >> ${DIR}/etc/ossec.conf - - passlist="${DIR}/agentless/.passlist" - - if [ -f $passlist ] && ! base64 -d $passlist > /dev/null 2>&1; then - cp $passlist $passlist.bak - base64 $passlist.bak > $passlist - if [ $? = 0 ]; then - rm -f $passlist.bak - else - echo "ERROR: Couldn't encode Agentless passlist." - mv $passlist.bak $passlist - fi - fi - else - ${SCRIPTS_DIR}/gen_ossec.sh conf manager ${OS} ${VER} ${DIR} > ${DIR}/etc/ossec.conf.new - chmod 660 ${DIR}/etc/ossec.conf.new - fi - - # Remove/relocate existing SQLite databases - rm -f ${DIR}/var/db/cluster.db* || true - rm -f ${DIR}/var/db/.profile.db* || true - rm -f ${DIR}/var/db/agents/* || true - - if [ -f ${DIR}/var/db/global.db ]; then - mv ${DIR}/var/db/global.db ${DIR}/queue/db/ - rm -f ${DIR}/var/db/global.db* || true - rm -f ${DIR}/var/db/.template.db || true - fi - - if [ -f ${DIR}/queue/db/global.db ]; then - chmod 640 ${DIR}/queue/db/global.db* - chown ossec:ossec ${DIR}/queue/db/global.db* - fi - - # Delete uncompatible DBs versions - if [ ! -z $2 ]; then - - PREVIOUS_VERSION=$(echo $2 | cut -d"-" -f1) - - # Get the major and minor version - MAJOR=$(echo $PREVIOUS_VERSION | cut -d. -f1) - MINOR=$(echo $PREVIOUS_VERSION | cut -d. -f2) - - if [ $MAJOR = 3 ] && [ $MINOR -lt 7 ]; then - rm -f ${DIR}/queue/db/*.db* - rm -f ${DIR}/queue/db/.template.db - fi - fi - - # Remove Vuln-detector database - rm -f ${DIR}/queue/vulnerabilities/cve.db || true - - # Generation auto-signed certificate if not exists - if type openssl >/dev/null 2>&1 && [ ! -f "${DIR}/etc/sslmanager.key" ] && [ ! -f "${DIR}/etc/sslmanager.cert" ]; then - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout ${DIR}/etc/sslmanager.key -out ${DIR}/etc/sslmanager.cert 2>/dev/null - fi - - chmod 640 ${DIR}/etc/sslmanager.cert ${DIR}/etc/sslmanager.key > /dev/null 2>&1 || true - - # For the etc dir - if [ -f /etc/localtime ]; then - cp -pL /etc/localtime ${DIR}/etc/; - chmod 640 ${DIR}/etc/localtime - chown root:${GROUP} ${DIR}/etc/localtime - fi - - if [ -f /etc/TIMEZONE ]; then - cp -p /etc/TIMEZONE ${DIR}/etc/; - chmod 640 ${DIR}/etc/TIMEZONE - chown root:${GROUP} ${DIR}/etc/localtime - fi - - # Restore client.keys configuration - if [ -f ${WAZUH_TMP_DIR}/client.keys ]; then - mv ${WAZUH_TMP_DIR}/client.keys ${DIR}/etc/client.keys - fi - # Restore local insternal options configuration - if [ -f ${WAZUH_TMP_DIR}/local_internal_options.conf ]; then - mv ${WAZUH_TMP_DIR}/local_internal_options.conf ${DIR}/etc/local_internal_options.conf - fi - # Restore lists - if [ -d ${WAZUH_TMP_DIR}/lists ]; then - cp -rp ${WAZUH_TMP_DIR}/lists ${DIR}/etc/ - fi - # Restore ossec.conf configuration - if [ -f ${WAZUH_TMP_DIR}/ossec.conf ]; then - mv ${WAZUH_TMP_DIR}/ossec.conf ${DIR}/etc/ossec.conf - fi - # Restore local_rules.xml configuration - if [ -f ${WAZUH_TMP_DIR}/local_rules.xml ]; then - mv ${WAZUH_TMP_DIR}/local_rules.xml ${DIR}/etc/rules/local_rules.xml - fi - # Restore local_decoders.xml configuration - if [ -f ${WAZUH_TMP_DIR}/local_decoder.xml ]; then - mv ${WAZUH_TMP_DIR}/local_decoder.xml ${DIR}/etc/decoders/local_decoder.xml - fi - - # Restore group files - if [ -d ${WAZUH_TMP_DIR}/group ]; then - cp -rfp ${WAZUH_TMP_DIR}/group/* ${DIR}/etc/shared - rm -rf ${WAZUH_TMP_DIR}/group/ - fi - - # Restore RBAC database - if [ -f ${WAZUH_TMP_DIR}/rbac.db ]; then - cp -fp ${WAZUH_TMP_DIR}/rbac.db ${DIR}/api/configuration/security/rbac.db - rm -rf ${WAZUH_TMP_DIR}/rbac.db - fi - - # Restore API configuration file - if [ -f ${WAZUH_TMP_DIR}/api.yaml ]; then - cp -fp ${WAZUH_TMP_DIR}/api.yaml ${DIR}/api/configuration/api.yaml - rm -rf ${WAZUH_TMP_DIR}/api.yaml - fi - - # More files - touch ${DIR}/etc/client.keys - - touch ${DIR}/logs/active-responses.log - touch ${DIR}/logs/integrations.log - chown ossec:ossec ${DIR}/logs/active-responses.log - chown ossecm:ossec ${DIR}/logs/integrations.log - chmod 0660 ${DIR}/logs/active-responses.log - chmod 0640 ${DIR}/logs/integrations.log - - - if [ -f ${DIR}/etc/shared/ar.conf ]; then - chown root:ossec ${DIR}/etc/shared/ar.conf - fi - - # Check if SELinux is installed and enabled - if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - semodule -i ${DIR}/var/selinux/wazuh.pp - semodule -e wazuh - fi - fi - - # Install the SCA files - if [ -d "${SCA_BASE_DIR}" ]; then - - . ${SCRIPTS_DIR}/src/init/dist-detect.sh - - SCA_DIR="${DIST_NAME}/${DIST_VER}" - - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" - mkdir -p ${DIR}/ruleset/sca - - # Install the configuration files needed for this hosts - if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" - elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" - elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" - else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" - fi - - SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - - if [ -r ${SCA_TMP_FILE} ] && [ -r ${SCA_BASE_DIR}/generic/sca.manager.files ]; then - - rm -f ${DIR}/ruleset/sca/* || true - - for sca_file in $(cat ${SCA_TMP_FILE}); do - mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca - done - - for sca_file in $(cat ${SCA_BASE_DIR}/generic/sca.manager.files); do - filename=$(basename ${sca_file}) - if [ -f "${SCA_BASE_DIR}/${sca_file}" ] && [ ! -f "${DIR}/ruleset/sca/${filename}" ]; then - mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca/${filename}.disabled - fi - done - fi - - # Set correct permissions, owner and group - chmod 640 ${DIR}/ruleset/sca/* - chown root:${GROUP} ${DIR}/ruleset/sca/* - # Delete the temporary directory - rm -rf ${SCA_BASE_DIR} - - fi - - # Restoring file permissions - ${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || true - - # Remove old service file /etc/systemd/system/wazuh-manager.service if present - if [ -f /etc/systemd/system/wazuh-manager.service ]; then - rm -f /etc/systemd/system/wazuh-manager.service - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then - systemctl daemon-reload > /dev/null 2>&1 - fi - fi - - if [ ! -z "$2" ]; then - if [ -f ${WAZUH_TMP_DIR}/wazuh.restart ] ; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then - systemctl daemon-reload > /dev/null 2>&1 - systemctl restart wazuh-manager.service > /dev/null 2>&1 - elif command -v service > /dev/null 2>&1 ; then - service wazuh-manager restart > /dev/null 2>&1 - else - ${DIR}/bin/wazuh-control restart > /dev/null 2>&1 - fi - fi - fi - - #Delete obsolete files - if [ -f /etc/ossec-init.conf ]; then - rm -f /etc/ossec-init.conf - fi - - # Delete installation scripts - if [ -d ${SCRIPTS_DIR} ]; then - rm -rf ${SCRIPTS_DIR} - fi - - # Delete tmp directory - if [ -d ${WAZUH_TMP_DIR} ]; then - rm -r ${WAZUH_TMP_DIR} - fi - - # If the parent directory is empty, delete it - if [ -z "$(ls -A ${WAZUH_GLOBAL_TMP_DIR})" ]; then - rm -rf ${WAZUH_GLOBAL_TMP_DIR} - fi - - ;; - - - abort-upgrade|abort-remove|abort-deconfigure) - - ;; - - - *) - echo "postinst called with unknown argument \`$1'" >22 - exit 1 - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/postrm b/debs/SPECS/4.2.3/wazuh-manager/debian/postrm deleted file mode 100644 index 3d960a9f4c..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/postrm +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/sh -# postrm script for Wazuh -# Wazuh, Inc 2015-2020 -set -e -DIR="/var/ossec" -WAZUH_TMP_DIR="${DIR}/packages_files/manager_config_files" - -case "$1" in - remove|failed-upgrade|abort-install|abort-upgrade|disappear) - - if [ -d ${WAZUH_TMP_DIR} ]; then - rm -rf ${WAZUH_TMP_DIR} - fi - - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then - systemctl disable wazuh-manager > /dev/null 2>&1 - systemctl daemon-reload > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "running" > /dev/null 2>&1; then - update-rc.d -f wazuh-manager remove > /dev/null 2>&1 - fi - - # Back up the old configuration files as .save - if [ ! -d ${DIR}/etc/shared/default ]; then - mkdir -p ${DIR}/etc/shared/default - fi - - # Move files from ${DIR}/tmp to ${DIR}/etc - if [ -f ${DIR}/tmp/conffiles/shared/default/agent.conf ]; then - mv ${DIR}/tmp/conffiles/shared/default/agent.conf ${DIR}/etc/shared/default/agent.conf.save - fi - - # Move files from ${DIR}/tmp to ${DIR}/etc - if [ -f ${DIR}/tmp/conffiles/api.yaml ]; then - mkdir -p ${DIR}/api/configuration - mv ${DIR}/tmp/conffiles/api.yaml ${DIR}/api/configuration/api.yaml - fi - - # If the directory is not empty, copy the files into ${DIR}/etc - if ls -A ${DIR}/tmp/conffiles > /dev/null 2>&1 ; then - cp -Rf ${DIR}/tmp/conffiles/* ${DIR}/etc - fi - rm -rf ${DIR}/tmp - if [ "$1" = "remove" ]; then - rm -rf ${DIR}/ruleset - rm -rf ${DIR}/var - rm -rf ${DIR}/logs - fi - - # Delete old .save - find ${DIR}/etc/ -type f -name "*save" -exec rm -f {} \; - find ${DIR}/api/ -type f -name "*save" -exec rm -f {} \; - - # Rename the files - find ${DIR}/etc/ -type f ! -name *shared* -exec mv {} {}.save \; - find ${DIR}/api/ -type f -exec mv {} {}.save \; - - ;; - - purge) - if getent passwd | grep -q "^ossecr" ; then - deluser ossecr > /dev/null 2>&1 - fi - if getent passwd | grep -q "^ossecm" ; then - deluser ossecm > /dev/null 2>&1 - fi - if getent passwd | grep -q "^ossec" ; then - deluser ossec > /dev/null 2>&1 - fi - if getent group | grep -q "^ossec" ; then - delgroup ossec > /dev/null 2>&1 - fi - rm -rf ${DIR} - ;; - - upgrade) - - ;; - - *) - echo "postrm called with unknown argument \`$1'" >&2 - exit 0 - - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/preinst b/debs/SPECS/4.2.3/wazuh-manager/debian/preinst deleted file mode 100644 index e863270a1d..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/preinst +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/sh -# preinst script for Wazuh - -set -e - -# configuration variables -DIR="/var/ossec" -WAZUH_TMP_DIR="${DIR}/packages_files/manager_config_files" -VERSION="$2" -MAJOR=$(echo "$VERSION" | cut -dv -f2 | cut -d. -f1) - -# environment configuration -if [ ! -d ${WAZUH_TMP_DIR} ]; then - mkdir -p ${WAZUH_TMP_DIR} -else - rm -rf ${WAZUH_TMP_DIR} - mkdir -p ${WAZUH_TMP_DIR} -fi - -case "$1" in - install|upgrade) - - if [ "$1" = "upgrade" ]; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then - systemctl stop wazuh-manager.service > /dev/null 2>&1 - touch ${WAZUH_TMP_DIR}/wazuh.restart - elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - service wazuh-manager stop > /dev/null 2>&1 - touch ${WAZUH_TMP_DIR}/wazuh.restart - elif ${DIR}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - touch ${WAZUH_TMP_DIR}/wazuh.restart - elif ${DIR}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - touch ${WAZUH_TMP_DIR}/wazuh.restart - fi - ${DIR}/bin/ossec-control stop > /dev/null 2>&1 || ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 - - if [ -d ${DIR}/logs/ossec ]; then - mv ${DIR}/logs/ossec ${DIR}/logs/wazuh - fi - - if [ -d ${DIR}/queue/ossec ]; then - mv ${DIR}/queue/ossec ${DIR}/queue/sockets - fi - - # Delete old API backups - if [ -d ${DIR}/~api ]; then - rm -rf ${DIR}/~api - fi - - # Get old package version - if [ -f /etc/ossec-init.conf ]; then - . /etc/ossec-init.conf - else - VERSION=$(${DIR}/bin/wazuh-control info -v) - fi - - # Get the major and minor version - MAJOR=$(echo $VERSION | cut -dv -f2 | cut -d. -f1) - MINOR=$(echo $VERSION | cut -d. -f2) - - # Delete 3.X Wazuh API service - if [ "$MAJOR" = "3" ] && [ -d ${DIR}/api ]; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && \ - systemctl list-unit-files --type service | grep wazuh-api; then - systemctl stop wazuh-api.service > /dev/null 2>&1 - systemctl disable wazuh-api.service > /dev/null 2>&1 - rm -f /etc/systemd/system/wazuh-api.service || true - fi - - if command -v service > /dev/null 2>&1 && service status wazuh-api > /dev/null 2>&1 ; then - service wazuh-api stop > /dev/null 2>&1 - update-rc.d wazuh-api remove > /dev/null 2>&1 - rm -f /etc/rc.d/init.d/wazuh-api || true - fi - fi - fi - - if [ ! -z "$2" ] && [ ! -f ${DIR}/etc/ossec.conf ] ; then - touch ${WAZUH_TMP_DIR}/create_conf - fi - - # RBAC database and API configuration file - if [ "$1" = "upgrade" ]; then - if [ -f ${DIR}/api/configuration/security/rbac.db ]; then - cp -fp ${DIR}/api/configuration/security/rbac.db ${WAZUH_TMP_DIR}/rbac.db - fi - if [ -f ${DIR}/api/configuration/api.yaml ]; then - cp -fp ${DIR}/api/configuration/api.yaml ${WAZUH_TMP_DIR}/api.yaml - fi - fi - - # Delete old service - if [ -f /etc/init.d/ossec ]; then - rm /etc/init.d/ossec - fi - - if [ -d ${DIR}/etc/lists ]; then - cp -rp ${DIR}/etc/lists ${WAZUH_TMP_DIR}/lists - fi - - if [ -f ${DIR}/etc/client.keys ]; then - cp -p ${DIR}/etc/client.keys ${WAZUH_TMP_DIR}/client.keys - fi - - if [ -f ${DIR}/etc/local_internal_options.conf ]; then - cp -p ${DIR}/etc/local_internal_options.conf ${WAZUH_TMP_DIR}/local_internal_options.conf - fi - - if [ -f ${DIR}/etc/rules/local_rules.xml ]; then - cp -p ${DIR}/etc/rules/local_rules.xml ${WAZUH_TMP_DIR}/local_rules.xml - fi - - if [ -f ${DIR}/etc/decoders/local_decoder.xml ]; then - cp -p ${DIR}/etc/decoders/local_decoder.xml ${WAZUH_TMP_DIR}/local_decoder.xml - fi - - if [ -f ${DIR}/etc/ossec.conf ]; then - cp -p ${DIR}/etc/ossec.conf ${WAZUH_TMP_DIR}/ossec.conf - fi - - if [ -d ${DIR}/etc/shared ]; then - cp -rp ${DIR}/etc/shared ${WAZUH_TMP_DIR}/group - fi - - if [ -d ${DIR}/var/db/agents ]; then - rm -f ${DIR}/var/db/agents/* - fi - - # Remove plain-text agent information if exists - if [ -d ${DIR}/queue/agent-info ]; then - rm -rf ${DIR}/queue/agent-info/* > /dev/null 2>&1 - fi - - if [ -d ${DIR}/queue/rootcheck ]; then - rm -rf ${DIR}/queue/rootcheck/* > /dev/null 2>&1 - fi - ;; - - abort-upgrade) - - ;; - - *) - echo "preinst called with unknown argument \`$1'" >&2 - exit 0 - - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/prerm b/debs/SPECS/4.2.3/wazuh-manager/debian/prerm deleted file mode 100644 index 4655d03dc3..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/prerm +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/sh -# prerm script for wazuh-manager - -set -e -DIR="/var/ossec" - -case "$1" in - upgrade|deconfigure) - - ;; - - remove) - # Stop the services before uninstalling the package - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then - systemctl stop wazuh-manager > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "running" > /dev/null 2>&1; then - service wazuh-manager stop > /dev/null 2>&1 - else - ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 - fi - - # Purging files - rm -rf ${DIR}/stats/* - rm -rf ${DIR}/queue/* - rm -rf ${DIR}/var/* - rm -rf ${DIR}/framework/* - - # Save the configuration files in ${DIR}/tmp/conffiles - mkdir -p ${DIR}/tmp/conffiles - - # Save the client.keys - if [ -f ${DIR}/etc/client.keys ]; then - cp -p ${DIR}/etc/client.keys ${DIR}/tmp/conffiles - fi - # Save the local_internal_options.conf - if [ -f ${DIR}/etc/local_internal_options.conf ]; then - cp -p ${DIR}/etc/local_internal_options.conf ${DIR}/tmp/conffiles - fi - # Save the ossec.conf - if [ -f ${DIR}/etc/ossec.conf ]; then - cp -p ${DIR}/etc/ossec.conf ${DIR}/tmp/conffiles - fi - # Save the local decoders - if [ -d ${DIR}/etc/decoders ]; then - cp -pr ${DIR}/etc/decoders ${DIR}/tmp/conffiles - fi - # Save the lists - if [ -d ${DIR}/etc/lists ]; then - cp -pr ${DIR}/etc/lists ${DIR}/tmp/conffiles - fi - # Save the rootcheck files - if [ -d ${DIR}/etc/rootcheck ]; then - cp -pr ${DIR}/etc/rootcheck ${DIR}/tmp/conffiles - fi - # Save the local rules - if [ -d ${DIR}/etc/rules ]; then - cp -pr ${DIR}/etc/rules ${DIR}/tmp/conffiles - fi - # Save the agent.conf from the group default - mkdir -p ${DIR}/tmp/conffiles/shared/default - if [ -f ${DIR}/etc/shared/default/agent.conf ]; then - cp -p ${DIR}/etc/shared/default/agent.conf ${DIR}/tmp/conffiles/shared/default - fi - # Save the client.keys - if [ -f ${DIR}/api/configuration/api.yaml ]; then - cp -p ${DIR}/api/configuration/api.yaml ${DIR}/tmp/conffiles - fi - ;; - - failed-upgrade) - if [ -f ${DIR}/bin/wazuh-control ]; then - ${DIR}/bin/wazuh-control stop > /dev/null 2>&1 - fi - ;; - - *) - echo "prerm called with unknown argument \`$1'" >&2 - exit 0 - ;; - -esac - -exit 0 diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/rules b/debs/SPECS/4.2.3/wazuh-manager/debian/rules deleted file mode 100644 index 871fbd8d92..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/rules +++ /dev/null @@ -1,205 +0,0 @@ -#!/usr/bin/make -f -# -*- makefile -*- -# Sample debian/rules that uses debhelper. -# -# This file was originally written by Joey Hess and Craig Small. -# As a special exception, when this file is copied by dh-make into a -# dh-make output file, you may use that output file without restriction. -# This special exception was added by Craig Small in version 0.37 of dh-make. -# -# Modified to make a template file for a multi-binary package with separated -# build-arch and build-indep targets by Bill Allombert 2001 - -# Uncomment this to turn on verbose mode. -export DH_VERBOSE=1 - -# This has to be exported to make some magic below work. -export DH_OPTIONS -export PKG_DIR=debian/wazuh-manager - -export TARGET_DIR=${CURDIR}/${PKG_DIR} - -# Package build options -export INSTALLATION_DIR="/var/ossec" -export INSTALLATION_SCRIPTS_DIR="${INSTALLATION_DIR}/packages_files/manager_installation_scripts" -export JOBS="5" -export DEBUG_ENABLED="no" -export PATH="${PATH}" -export LD_LIBRARY_PATH="" - -%: - dh $@ - -override_dh_shlibdeps: - -override_dh_auto_configure: - -override_dh_auto_install: - -override_dh_install: - - rm -rf $(INSTALLATION_DIR)/ - # Build the binaries - make -C src deps TARGET=server - make -j$(JOBS) -C src/ TARGET=server USE_SELINUX=yes DEBUG=$(DEBUG_ENABLED) - - USER_LANGUAGE="en" \ - USER_NO_STOP="y" \ - USER_INSTALL_TYPE="server" \ - USER_DIR="$(INSTALLATION_DIR)" \ - USER_DELETE_DIR="y" \ - USER_ENABLE_ACTIVE_RESPONSE="y" \ - USER_ENABLE_SYSCHECK="y" \ - USER_ENABLE_ROOTCHECK="y" \ - USER_ENABLE_OPENSCAP="y" \ - USER_ENABLE_CISCAT="y" \ - USER_ENABLE_SYSCOLLECTOR="y" \ - USER_UPDATE="n" \ - USER_ENABLE_EMAIL="n" \ - USER_WHITE_LIST="n" \ - USER_ENABLE_SYSLOG="y" \ - USER_ENABLE_AUTHD="y" \ - USER_SERVER_IP="MANAGER_IP" \ - USER_CA_STORE="/path/to/my_cert.pem" \ - USER_GENERATE_AUTHD_CERT="y" \ - USER_AUTO_START="n" \ - USER_CREATE_SSL_CERT="n" \ - ./install.sh - - # Copying init.d script - mkdir -p ${TARGET_DIR}/etc/init.d/ - sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/ossec-hids-debian.init - cp src/init/templates/ossec-hids-debian.init ${TARGET_DIR}/etc/init.d/wazuh-manager - - # Copying systemd file - mkdir -p ${TARGET_DIR}/usr/lib/systemd/system/ - sed -i "s:WAZUH_HOME_TMP:${INSTALLATION_DIR}:g" src/init/templates/wazuh-manager.service - install -m 0644 src/init/templates/wazuh-manager.service ${TARGET_DIR}/usr/lib/systemd/system/ - - # Generating permission restoration file for postinstall - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - - # Remove preinstalled log files - rm -rf $(INSTALLATION_DIR)/logs/*.log - rm -rf $(INSTALLATION_DIR)/logs/*.json - - # Clean the preinstalled configuration assesment files - rm -rf ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca - mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ruleset/sca - - ./gen_permissions.sh $(INSTALLATION_DIR)/ ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/restore-permissions.sh - - # Copying to target - mkdir -p ${TARGET_DIR}$(INSTALLATION_DIR)/ - cp -r $(INSTALLATION_DIR)/. $(TARGET_DIR)$(INSTALLATION_DIR)/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - cp gen_ossec.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - cp add_localfiles.sh ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src - cp src/VERSION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ - cp src/REVISION ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init - cp -r src/init/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/src/init - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/generic - cp -r etc/templates/config/generic ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/debian - cp -r etc/templates/config/debian ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ - - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ubuntu - cp -r etc/templates/config/ubuntu ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/etc/templates/config/ - - # Install configuration assesment files and files templates - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/applications - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/1 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/2 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/5 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/6 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/7 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/15 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/16 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/17 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/18 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/19 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/20 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/5 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/6 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/7 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles/11 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles/12 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sunos - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse/11 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse/12 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/windows - mkdir -p ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11 - - cp -r ruleset/sca/* ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca - - cp etc/templates/config/generic/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic - cp etc/templates/config/generic/sca.manager.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/generic - cp etc/templates/config/sunos/5/11/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sunos/5/11 - - cp etc/templates/config/amzn/1/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/1 - cp etc/templates/config/amzn/2/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/amzn/2 - - cp etc/templates/config/darwin/15/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/15 - cp etc/templates/config/darwin/16/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/16 - cp etc/templates/config/darwin/17/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/17 - cp etc/templates/config/darwin/18/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/18 - cp etc/templates/config/darwin/18/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/19 - cp etc/templates/config/darwin/20/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/darwin/20 - - cp etc/templates/config/debian/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian - cp etc/templates/config/debian/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/7 - cp etc/templates/config/debian/8/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/8 - cp etc/templates/config/debian/9/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/debian/9 - - cp etc/templates/config/centos/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos - cp etc/templates/config/centos/5/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/5 - cp etc/templates/config/centos/6/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/6 - cp etc/templates/config/centos/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/centos/7 - - cp etc/templates/config/rhel/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel - cp etc/templates/config/rhel/5/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/5 - cp etc/templates/config/rhel/6/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/6 - cp etc/templates/config/rhel/7/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/rhel/7 - - cp etc/templates/config/sles/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles - cp etc/templates/config/sles/11/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/sles/11 - - cp etc/templates/config/suse/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse - cp etc/templates/config/suse/11/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/suse/11 - - cp etc/templates/config/ubuntu/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu - cp etc/templates/config/ubuntu/12/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/12/04 - cp etc/templates/config/ubuntu/14/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/14/04 - cp etc/templates/config/ubuntu/16/04/sca.files ${TARGET_DIR}$(INSTALLATION_SCRIPTS_DIR)/sca/ubuntu/16/04 - -override_dh_fixperms: - dh_fixperms - # Fix Python permissions - chmod 0750 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/bin/2to3-3.9 - chmod 0750 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/bin/pydoc3.9 - chmod 0750 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/bin/python3-config - chmod 0640 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/lib/pkgconfig/python-3.9-embed.pc - chmod 0640 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/lib/pkgconfig/python-3.9.pc - chmod 0640 ${TARGET_DIR}$(INSTALLATION_DIR)/framework/python/lib/pkgconfig/python3.pc - -override_dh_auto_clean: - $(MAKE) -C src clean - -override_dh_strip: - dh_strip --no-automatic-dbgsym --exclude=dh_strip --no-automatic-dbgsym --exclude=${PKG_DIR}${INSTALLATION_DIR}/framework/python - -.PHONY: override_dh_install override_dh_strip override_dh_auto_clean override_dh_auto_build override_dh_auto_configure override_dh_fixperms diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/source/format b/debs/SPECS/4.2.3/wazuh-manager/debian/source/format deleted file mode 100644 index 163aaf8d82..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/source/format +++ /dev/null @@ -1 +0,0 @@ -3.0 (quilt) diff --git a/debs/SPECS/4.2.3/wazuh-manager/debian/wazuh-manager.lintian-overrides b/debs/SPECS/4.2.3/wazuh-manager/debian/wazuh-manager.lintian-overrides deleted file mode 100644 index c6d2185ecc..0000000000 --- a/debs/SPECS/4.2.3/wazuh-manager/debian/wazuh-manager.lintian-overrides +++ /dev/null @@ -1,9 +0,0 @@ -wazuh-manager: embedded-library -wazuh-manager: embedded-zlib -wazuh-manager: possible-gpl-code-linked-with-openssl -wazuh-manager: new-package-should-close-itp-bug -wazuh-manager: possibly-insecure-handling-of-tmp-files-in-maintainer-script -wazuh-manager: non-standard-dir-in-var -wazuh-manager: file-in-unusual-dir -wazuh-manager: hardening-no-fortify-functions -wazuh-manager: hardening-no-relro diff --git a/rpms/SPECS/4.2.3/wazuh-agent-4.2.3.spec b/rpms/SPECS/4.2.3/wazuh-agent-4.2.3.spec deleted file mode 100644 index b432df61e3..0000000000 --- a/rpms/SPECS/4.2.3/wazuh-agent-4.2.3.spec +++ /dev/null @@ -1,730 +0,0 @@ -Summary: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring -Name: wazuh-agent -Version: 4.2.3 -Release: %{_release} -License: GPL -Group: System Environment/Daemons -Source0: %{name}-%{version}.tar.gz -URL: https://www.wazuh.com/ -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Vendor: Wazuh, Inc -Packager: Wazuh, Inc -Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd -Requires(post): /sbin/chkconfig -Requires(preun): /sbin/chkconfig /sbin/service -Requires(postun): /sbin/service -Conflicts: ossec-hids ossec-hids-agent wazuh-manager wazuh-local -AutoReqProv: no - -Requires: coreutils -%if 0%{?el} >= 6 || 0%{?rhel} >= 6 -BuildRequires: coreutils glibc-devel automake autoconf libtool policycoreutils-python perl -%else -BuildRequires: coreutils glibc-devel automake autoconf libtool policycoreutils perl -%endif - -ExclusiveOS: linux - -%description -Wazuh helps you to gain security visibility into your infrastructure by monitoring -hosts at an operating system and application level. It provides the following capabilities: -log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring - -%prep -%setup -q - -./gen_ossec.sh conf agent centos %rhel %{_localstatedir} > etc/ossec-agent.conf - -%build -pushd src -# Rebuild for agent -make clean - -%if 0%{?el} >= 6 || 0%{?rhel} >= 6 - make deps TARGET=agent - make -j%{_threads} TARGET=agent USE_SELINUX=yes DEBUG=%{_debugenabled} -%else - %ifnarch x86_64 - MSGPACK="USE_MSGPACK_OPT=no" - %endif - deps_version=`cat Makefile | grep "DEPS_VERSION =" | cut -d " " -f 3` - make deps RESOURCES_URL=http://packages.wazuh.com/deps/${deps_version} TARGET=agent - make -j%{_threads} TARGET=agent USE_AUDIT=no USE_SELINUX=yes USE_EXEC_ENVIRON=no DEBUG=%{_debugenabled} ${MSGPACK} - -%endif - -popd - -%install -# Clean BUILDROOT -rm -fr %{buildroot} - -echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf -echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf -echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf -echo 'USER_DIR="%{_localstatedir}"' >> ./etc/preloaded-vars.conf -echo 'USER_DELETE_DIR="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_ACTIVE_RESPONSE="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_SYSCHECK="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_ROOTCHECK="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_SYSCOLLECTOR="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_CISCAT="y"' >> ./etc/preloaded-vars.conf -echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf -echo 'USER_AGENT_SERVER_IP="MANAGER_IP"' >> ./etc/preloaded-vars.conf -echo 'USER_CA_STORE="/path/to/my_cert.pem"' >> ./etc/preloaded-vars.conf -echo 'USER_AUTO_START="n"' >> ./etc/preloaded-vars.conf -./install.sh - -%if 0%{?el} < 6 || 0%{?rhel} < 6 - mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir} - touch ${RPM_BUILD_ROOT}%{_sysconfdir}/ossec-init.conf -%endif - -# Create directories -mkdir -p ${RPM_BUILD_ROOT}%{_initrddir} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh - -# Copy the installed files into RPM_BUILD_ROOT directory -cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ -mkdir -p ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ -sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-rh.init -install -m 0755 src/init/templates/ossec-hids-rh.init ${RPM_BUILD_ROOT}%{_initrddir}/wazuh-agent -sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/wazuh-agent.service -install -m 0644 src/init/templates/wazuh-agent.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ - -# Clean the preinstalled configuration assesment files -rm -f ${RPM_BUILD_ROOT}%{_localstatedir}/ruleset/sca/* - -# Install configuration assesment files and files templates -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/{generic} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/{1,2} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/{8,7,6,5} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/{8,7,6,5} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/{11,12} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/{11,12} - -cp -r ruleset/sca/{generic,centos,rhel,sles} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp - -cp etc/templates/config/generic/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic - -cp etc/templates/config/amzn/1/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 -cp etc/templates/config/amzn/2/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 - -cp etc/templates/config/centos/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos -cp etc/templates/config/centos/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 -cp etc/templates/config/centos/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 -cp etc/templates/config/centos/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 - -cp etc/templates/config/rhel/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel -cp etc/templates/config/rhel/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 -cp etc/templates/config/rhel/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 -cp etc/templates/config/rhel/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 - -cp etc/templates/config/sles/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles -cp etc/templates/config/sles/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 - -cp etc/templates/config/suse/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse -cp etc/templates/config/suse/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 - -# Add configuration scripts -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ -cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ -cp add_localfiles.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/ - -# Templates for initscript -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/init -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/generic -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/centos -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/rhel -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/suse -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/sles - -# Add SUSE initscript -sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-suse.init -cp -rp src/init/templates/ossec-hids-suse.init ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/init/ - -# Copy scap templates -cp -rp etc/templates/config/generic/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/generic -cp -rp etc/templates/config/centos/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/centos -cp -rp etc/templates/config/rhel/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/rhel -cp -rp etc/templates/config/suse/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/suse -cp -rp etc/templates/config/sles/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/sles - -install -m 0640 src/init/*.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/init - -# Add installation scripts -cp src/VERSION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/ -cp src/REVISION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/agent_installation_scripts/src/ - -if [ %{_debugenabled} = "yes" ]; then - %{_rpmconfigdir}/find-debuginfo.sh -fi -exit 0 - -%pre - -# Create the ossec group if it doesn't exists -if command -v getent > /dev/null 2>&1 && ! getent group ossec > /dev/null 2>&1; then - groupadd -r ossec -elif ! id -g ossec > /dev/null 2>&1; then - groupadd -r ossec -fi -# Create the ossec user if it doesn't exists -if ! id -u ossec > /dev/null 2>&1; then - useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossec -fi - -# Stop the services to upgrade the package -if [ $1 = 2 ]; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then - systemctl stop wazuh-agent.service > /dev/null 2>&1 - touch %{_localstatedir}/tmp/wazuh.restart - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - service wazuh-agent stop > /dev/null 2>&1 - touch %{_localstatedir}/tmp/wazuh.restart - elif %{_localstatedir}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - touch %{_localstatedir}/tmp/wazuh.restart - elif %{_localstatedir}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - touch %{_localstatedir}/tmp/wazuh.restart - fi - %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 -fi - -%post - -echo "VERSION=\"$(%{_localstatedir}/bin/wazuh-control info -v)\"" > /etc/ossec-init.conf -if [ $1 = 2 ]; then - if [ -d %{_localstatedir}/logs/ossec ]; then - rm -rf %{_localstatedir}/logs/wazuh - cp -rp %{_localstatedir}/logs/ossec %{_localstatedir}/logs/wazuh - fi - - if [ -d %{_localstatedir}/queue/ossec ]; then - rm -rf %{_localstatedir}/queue/sockets - cp -rp %{_localstatedir}/queue/ossec %{_localstatedir}/queue/sockets - fi -fi -# If the package is being installed -if [ $1 = 1 ]; then - - sles="" - if [ -f /etc/SuSE-release ]; then - sles="suse" - elif [ -f /etc/os-release ]; then - if `grep -q "\"sles" /etc/os-release` ; then - sles="suse" - elif `grep -q -i "\"opensuse" /etc/os-release` ; then - sles="opensuse" - fi - fi - - if [ ! -z "$sles" ]; then - install -m 755 %{_localstatedir}/packages_files/agent_installation_scripts/src/init/ossec-hids-suse.init /etc/init.d/wazuh-agent - fi - - touch %{_localstatedir}/logs/active-responses.log - chown ossec:ossec %{_localstatedir}/logs/active-responses.log - chmod 0660 %{_localstatedir}/logs/active-responses.log - - . %{_localstatedir}/packages_files/agent_installation_scripts/src/init/dist-detect.sh - - # Generating osse.conf file - %{_localstatedir}/packages_files/agent_installation_scripts/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} %{_localstatedir} > %{_localstatedir}/etc/ossec.conf - chown root:ossec %{_localstatedir}/etc/ossec.conf - - # Add default local_files to ossec.conf - %{_localstatedir}/packages_files/agent_installation_scripts/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf - - - # Register and configure agent if Wazuh environment variables are defined - %{_localstatedir}/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh %{_localstatedir} > /dev/null || : -fi - -# Delete the installation files used to configure the agent -rm -rf %{_localstatedir}/packages_files - -# Remove unnecessary files from shared directory -rm -f %{_localstatedir}/etc/shared/*.rpmnew - -# CentOS -if [ -r "/etc/centos-release" ]; then - DIST_NAME="centos" - DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/centos-release` -# Fedora -elif [ -r "/etc/fedora-release" ]; then - DIST_NAME="generic" - DIST_VER="" -# RedHat -elif [ -r "/etc/redhat-release" ]; then - if grep -q "CentOS" /etc/redhat-release; then - DIST_NAME="centos" - else - DIST_NAME="rhel" - fi - DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/redhat-release` -# SUSE -elif [ -r "/etc/SuSE-release" ]; then - if grep -q "openSUSE" /etc/SuSE-release; then - DIST_NAME="generic" - DIST_VER="" - else - DIST_NAME="sles" - DIST_VER=`sed -rn 's/.*VERSION = ([0-9]{1,2}).*/\1/p' /etc/SuSE-release` - fi -elif [ -r "/etc/os-release" ]; then - . /etc/os-release - DIST_NAME=$ID - DIST_VER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*([0-9]+).*/\1/p') - if [ "X$DIST_VER" = "X" ]; then - DIST_VER="0" - fi - if [ "$DIST_NAME" = "amzn" ] && [ "$DIST_VER" != "2" ]; then - DIST_VER="1" - fi - DIST_SUBVER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*[0-9]+\.([0-9]+).*/\1/p') - if [ "X$DIST_SUBVER" = "X" ]; then - DIST_SUBVER="0" - fi -else - DIST_NAME="generic" - DIST_VER="" -fi - -SCA_DIR="${DIST_NAME}/${DIST_VER}" -SCA_BASE_DIR="%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp" -mkdir -p %{_localstatedir}/ruleset/sca - -SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" - -# Install the configuration files needed for this hosts -if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" -else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" -fi - -SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - -if [ -r ${SCA_TMP_FILE} ]; then - - rm -f %{_localstatedir}/ruleset/sca/* || true - - for sca_file in $(cat ${SCA_TMP_FILE}); do - if [ -f ${SCA_BASE_DIR}/${sca_file} ]; then - mv ${SCA_BASE_DIR}/${sca_file} %{_localstatedir}/ruleset/sca - fi - done -fi - -# Set the proper selinux context -if ([ "X${DIST_NAME}" = "Xrhel" ] || [ "X${DIST_NAME}" = "Xcentos" ] || [ "X${DIST_NAME}" = "XCentOS" ]) && [ "${DIST_VER}" == "5" ]; then - if command -v getenforce > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - chcon -t textrel_shlib_t %{_localstatedir}/lib/libwazuhext.so - chcon -t textrel_shlib_t %{_localstatedir}/lib/libwazuhshared.so - fi - fi -else - # Add the SELinux policy - if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - semodule -i %{_localstatedir}/var/selinux/wazuh.pp - semodule -e wazuh - fi - fi -fi - -# Restore ossec.conf permissions after upgrading -chmod 0660 %{_localstatedir}/etc/ossec.conf - -%preun - -if [ $1 = 0 ]; then - - # Stop the services before uninstall the package - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-agent > /dev/null 2>&1; then - systemctl stop wazuh-agent.service > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then - service wazuh-agent stop > /dev/null 2>&1 - else # Anything else - %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 - fi - - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then - systemctl disable wazuh-agent > /dev/null 2>&1 - systemctl daemon-reload > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 ; then - chkconfig wazuh-agent off > /dev/null 2>&1 - chkconfig --del wazuh-agent > /dev/null 2>&1 - fi - - # Remove the SELinux policy - if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - if (semodule -l | grep wazuh > /dev/null); then - semodule -r wazuh > /dev/null - fi - fi - fi - # Remove the service file for SUSE hosts - if [ -f /etc/os-release ]; then - sles=$(grep "\"sles" /etc/os-release) - elif [ -f /etc/SuSE-release ]; then - sles=$(grep "SUSE Linux Enterprise Server" /etc/SuSE-release) - fi - if [ ! -z "$sles" ]; then - rm -f /etc/init.d/wazuh-agent - fi - - # Remove SCA files - rm -f %{_localstatedir}/ruleset/sca/* - -fi - -%triggerin -- glibc -[ -r %{_sysconfdir}/localtime ] && cp -fpL %{_sysconfdir}/localtime %{_localstatedir}/etc - chown root:ossec %{_localstatedir}/etc/localtime - chmod 0640 %{_localstatedir}/etc/localtime - -%postun - -# If the package is been uninstalled -if [ $1 = 0 ];then - # Remove the ossec user if it exists - if id -u ossec > /dev/null 2>&1; then - userdel ossec >/dev/null 2>&1 - fi - # Remove the ossec group if it exists - if command -v getent > /dev/null 2>&1 && getent group ossec > /dev/null 2>&1; then - groupdel ossec >/dev/null 2>&1 - elif id -g ossec > /dev/null 2>&1; then - groupdel ossec >/dev/null 2>&1 - fi - - # Remove lingering folders and files - rm -rf %{_localstatedir}/etc/shared/ - rm -rf %{_localstatedir}/queue/ - rm -rf %{_localstatedir}/var/ - rm -rf %{_localstatedir}/bin/ - rm -rf %{_localstatedir}/logs/ - rm -rf %{_localstatedir}/backup/ - rm -rf %{_localstatedir}/ruleset/ - rm -rf %{_localstatedir}/tmp -fi - -# posttrans code is the last thing executed in a install/upgrade -%posttrans -if [ -f %{_sysconfdir}/systemd/system/wazuh-agent.service ]; then - rm -rf %{_sysconfdir}/systemd/system/wazuh-agent.service - systemctl daemon-reload > /dev/null 2>&1 -fi - -if [ -f %{_localstatedir}/tmp/wazuh.restart ]; then - rm -f %{_localstatedir}/tmp/wazuh.restart - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 ; then - systemctl daemon-reload > /dev/null 2>&1 - systemctl restart wazuh-agent.service > /dev/null 2>&1 - elif command -v service > /dev/null 2>&1 && service wazuh-agent status 2>/dev/null | grep "running" > /dev/null 2>&1; then - service wazuh-agent restart > /dev/null 2>&1 - else - %{_localstatedir}/bin/wazuh-control restart > /dev/null 2>&1 - fi -fi - -if [ -d %{_localstatedir}/logs/ossec ]; then - rm -rf %{_localstatedir}/logs/ossec/ -fi - -if [ -d %{_localstatedir}/queue/ossec ]; then - rm -rf %{_localstatedir}/queue/ossec/ -fi - -if [ -f %{_sysconfdir}/ossec-init.conf ]; then - rm -f %{_sysconfdir}/ossec-init.conf - rm -f %{_localstatedir}/etc/ossec-init.conf -fi - -%clean -rm -fr %{buildroot} - -%files -%defattr(-,root,root) -%{_initrddir}/wazuh-agent -/usr/lib/systemd/system/wazuh-agent.service -%attr(640, root, ossec) %verify(not md5 size mtime) %ghost %{_sysconfdir}/ossec-init.conf -%dir %attr(750,root,ossec) %{_localstatedir} -%attr(750,root,ossec) %{_localstatedir}/agentless -%dir %attr(770,root,ossec) %{_localstatedir}/.ssh -%dir %attr(750,root,ossec) %{_localstatedir}/active-response -%dir %attr(750,root,ossec) %{_localstatedir}/active-response/bin -%attr(750,root,ossec) %{_localstatedir}/active-response/bin/* -%dir %attr(750,root,root) %{_localstatedir}/bin -%attr(750,root,root) %{_localstatedir}/bin/* -%dir %attr(750,root,ossec) %{_localstatedir}/backup -%dir %attr(770,ossec,ossec) %{_localstatedir}/etc -%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/client.keys -%attr(640,root,ossec) %{_localstatedir}/etc/internal_options* -%attr(640,root,ossec) %{_localstatedir}/etc/localtime -%attr(640,root,ossec) %config(noreplace) %{_localstatedir}/etc/local_internal_options.conf -%attr(660,root,ossec) %config(noreplace) %{_localstatedir}/etc/ossec.conf -%attr(640,root,ossec) %{_localstatedir}/etc/wpk_root.pem -%dir %attr(770,root,ossec) %{_localstatedir}/etc/shared -%attr(660,root,ossec) %config(missingok,noreplace) %{_localstatedir}/etc/shared/* -%dir %attr(750,root,ossec) %{_localstatedir}/lib -%attr(750,root,ossec) %{_localstatedir}/lib/* -%dir %attr(770,ossec,ossec) %{_localstatedir}/logs -%attr(660,ossec,ossec) %ghost %{_localstatedir}/logs/active-responses.log -%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.log -%attr(660,root,ossec) %ghost %{_localstatedir}/logs/ossec.json -%dir %attr(750,ossec,ossec) %{_localstatedir}/logs/wazuh -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/add_localfiles.sh -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/gen_ossec.sh -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/generic/* -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/centos/* -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/rhel/* -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/sles/* -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/etc/templates/config/suse/* -%attr(750,root,root) %config(missingok) %{_localstatedir}/packages_files/agent_installation_scripts/src/* -%dir %attr(750,root,ossec) %{_localstatedir}/queue -%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/sockets -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/diff -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/fim/db -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/syscollector/db -%attr(640, root,ossec) %{_localstatedir}/queue/syscollector/norm_config.json -%dir %attr(770,ossec,ossec) %{_localstatedir}/queue/alerts -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/rids -%dir %attr(750,ossec,ossec) %{_localstatedir}/queue/logcollector -%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/ -%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/sca -%attr(750, root, ossec) %{_localstatedir}/lib/libdbsync.so -%attr(750, root, ossec) %{_localstatedir}/lib/librsync.so -%attr(750, root, ossec) %{_localstatedir}/lib/libsyscollector.so -%attr(750, root, ossec) %{_localstatedir}/lib/libsysinfo.so -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12/* -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/12 -%dir %attr(1770,root,ossec) %{_localstatedir}/tmp -%dir %attr(750,root,ossec) %{_localstatedir}/var -%dir %attr(770,root,ossec) %{_localstatedir}/var/incoming -%dir %attr(770,root,ossec) %{_localstatedir}/var/run -%dir %attr(770,root,ossec) %{_localstatedir}/var/selinux -%attr(640,root,ossec) %{_localstatedir}/var/selinux/* -%dir %attr(770,root,ossec) %{_localstatedir}/var/upgrade -%dir %attr(770,root,ossec) %{_localstatedir}/var/wodles -%dir %attr(750,root,ossec) %{_localstatedir}/wodles -%attr(750,root,ossec) %{_localstatedir}/wodles/* -%dir %attr(750,root,ossec) %{_localstatedir}/wodles/aws -%attr(750,root,ossec) %{_localstatedir}/wodles/aws/* -%dir %attr(750,root,ossec) %{_localstatedir}/wodles/docker -%attr(750,root,ossec) %{_localstatedir}/wodles/docker/* -%dir %attr(750, root, ossec) %{_localstatedir}/wodles/gcloud -%attr(750, root, ossec) %{_localstatedir}/wodles/gcloud/* - -%if %{_debugenabled} == "yes" -/usr/lib/debug/%{_localstatedir}/* -/usr/src/debug/%{name}-%{version}/* -%endif - - -%changelog -* Wed Oct 06 2021 support - 4.2.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Sep 28 2021 support - 4.2.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Sep 25 2021 support - 4.2.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 26 2021 support - 4.2.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Apr 24 2021 support - 3.13.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 22 2021 support - 4.1.5 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Mar 29 2021 support - 4.1.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Mar 20 2021 support - 4.1.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Mar 08 2021 support - 4.1.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Mar 05 2021 support - 4.1.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 19 2021 support - 4.1.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 12 2021 support - 4.0.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 30 2020 support - 4.0.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 23 2020 support - 4.0.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Oct 31 2020 support - 4.0.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Oct 19 2020 support - 4.0.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Aug 21 2020 support - 3.13.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jul 14 2020 support - 3.13.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 29 2020 support - 3.13.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed May 13 2020 support - 3.12.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Apr 9 2020 support - 3.12.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Apr 8 2020 support - 3.12.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Mar 25 2020 support - 3.12.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Feb 24 2020 support - 3.11.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 22 2020 support - 3.11.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 7 2020 support - 3.11.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Dec 26 2019 support - 3.11.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Oct 7 2019 support - 3.11.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Sep 23 2019 support - 3.10.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Sep 19 2019 support - 3.10.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Aug 26 2019 support - 3.10.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Aug 8 2019 support - 3.9.5 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Jul 12 2019 support - 3.9.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jun 11 2019 support - 3.9.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Jun 6 2019 support - 3.9.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon May 6 2019 support - 3.9.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Feb 25 2019 support - 3.9.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 30 2019 support - 3.8.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Jan 24 2019 support - 3.8.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 16 2019 support - 3.8.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Dec 10 2018 support - 3.7.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 12 2018 support - 3.7.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Nov 10 2018 support - 3.7.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Sep 3 2018 support - 3.6.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Aug 23 2018 support - 3.6.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jul 25 2018 support - 3.5.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jul 11 2018 support - 3.4.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 18 2018 support - 3.3.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 11 2018 support - 3.3.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed May 30 2018 support - 3.2.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu May 10 2018 support - 3.2.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 09 2018 support - 3.2.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Feb 21 2018 support - 3.2.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Feb 07 2018 support - 3.2.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Dec 19 2017 support - 3.1.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 06 2017 support - 3.0.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jun 06 2017 support - 2.0.1 -- Changed random data generator for a secure OS-provided generator. -- Changed Windows installer file name (depending on version). -- Linux distro detection using standard os-release file. -- Changed some URLs to documentation. -- Disable synchronization with SQLite databases for Syscheck by default. -- Minor changes at Rootcheck formatter for JSON alerts. -- Added debugging messages to Integrator logs. -- Show agent ID when possible on logs about incorrectly formatted messages. -- Use default maximum inotify event queue size. -- Show remote IP on encoding format errors when unencrypting messages. -- Fix permissions in agent-info folder -- Fix permissions in rids folder. -* Fri Apr 21 2017 Jose Luis Ruiz - 2.0 -- Changed random data generator for a secure OS-provided generator. -- Changed Windows installer file name (depending on version). -- Linux distro detection using standard os-release file. -- Changed some URLs to documentation. -- Disable synchronization with SQLite databases for Syscheck by default. -- Minor changes at Rootcheck formatter for JSON alerts. -- Added debugging messages to Integrator logs. -- Show agent ID when possible on logs about incorrectly formatted messages. -- Use default maximum inotify event queue size. -- Show remote IP on encoding format errors when unencrypting messages. -- Fixed resource leaks at rules configuration parsing. -- Fixed memory leaks at rules parser. -- Fixed memory leaks at XML decoders parser. -- Fixed TOCTOU condition when removing directories recursively. -- Fixed insecure temporary file creation for old POSIX specifications. -- Fixed missing agentless devices identification at JSON alerts. -- Fixed FIM timestamp and file name issue at SQLite database. -- Fixed cryptographic context acquirement on Windows agents. -- Fixed debug mode for Analysisd. -- Fixed bad exclusion of BTRFS filesystem by Rootcheck. -- Fixed compile errors on macOS. -- Fixed option -V for Integrator. -- Exclude symbolic links to directories when sending FIM diffs (by Stephan Joerrens). -- Fixed daemon list for service reloading at wazuh-control. -- Fixed socket waiting issue on Windows agents. -- Fixed PCI_DSS definitions grouping issue at Rootcheck controls. diff --git a/rpms/SPECS/4.2.3/wazuh-manager-4.2.3.spec b/rpms/SPECS/4.2.3/wazuh-manager-4.2.3.spec deleted file mode 100644 index deebfe48d0..0000000000 --- a/rpms/SPECS/4.2.3/wazuh-manager-4.2.3.spec +++ /dev/null @@ -1,984 +0,0 @@ -Summary: Wazuh helps you to gain security visibility into your infrastructure by monitoring hosts at an operating system and application level. It provides the following capabilities: log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring -Name: wazuh-manager -Version: 4.2.3 -Release: %{_release} -License: GPL -Group: System Environment/Daemons -Source0: %{name}-%{version}.tar.gz -URL: https://www.wazuh.com/ -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Vendor: Wazuh, Inc -Packager: Wazuh, Inc -Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd -Requires(post): /sbin/chkconfig -Requires(preun): /sbin/chkconfig /sbin/service -Requires(postun): /sbin/service /usr/sbin/groupdel /usr/sbin/userdel -Conflicts: ossec-hids ossec-hids-agent wazuh-agent wazuh-local -Obsoletes: wazuh-api < 4.0.0 -AutoReqProv: no - -Requires: coreutils -BuildRequires: coreutils glibc-devel automake autoconf libtool policycoreutils-python curl perl - -ExclusiveOS: linux - -%description -Wazuh helps you to gain security visibility into your infrastructure by monitoring -hosts at an operating system and application level. It provides the following capabilities: -log analysis, file integrity monitoring, intrusions detection and policy and compliance monitoring - -%prep -%setup -q - -./gen_ossec.sh conf manager centos %rhel %{_localstatedir} > etc/ossec-server.conf - -%build -pushd src -# Rebuild for server -make clean - -# Build Wazuh sources -make deps TARGET=server -make -j%{_threads} TARGET=server USE_SELINUX=yes DEBUG=%{_debugenabled} - -popd - -%install -# Clean BUILDROOT -rm -fr %{buildroot} - -echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf -echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf -echo 'USER_INSTALL_TYPE="server"' >> ./etc/preloaded-vars.conf -echo 'USER_DIR="%{_localstatedir}"' >> ./etc/preloaded-vars.conf -echo 'USER_DELETE_DIR="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_ACTIVE_RESPONSE="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_SYSCHECK="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_ROOTCHECK="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_OPENSCAP="n"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_CISCAT="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_SYSCOLLECTOR="y"' >> ./etc/preloaded-vars.conf -echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_EMAIL="n"' >> ./etc/preloaded-vars.conf -echo 'USER_WHITE_LIST="n"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_SYSLOG="y"' >> ./etc/preloaded-vars.conf -echo 'USER_ENABLE_AUTHD="y"' >> ./etc/preloaded-vars.conf -echo 'USER_SERVER_IP="MANAGER_IP"' >> ./etc/preloaded-vars.conf -echo 'USER_CA_STORE="/path/to/my_cert.pem"' >> ./etc/preloaded-vars.conf -echo 'USER_GENERATE_AUTHD_CERT="y"' >> ./etc/preloaded-vars.conf -echo 'USER_AUTO_START="n"' >> ./etc/preloaded-vars.conf -echo 'USER_CREATE_SSL_CERT="n"' >> ./etc/preloaded-vars.conf -./install.sh - -# Create directories -mkdir -p ${RPM_BUILD_ROOT}%{_initrddir} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/.ssh - -# Copy the installed files into RPM_BUILD_ROOT directory -cp -pr %{_localstatedir}/* ${RPM_BUILD_ROOT}%{_localstatedir}/ -mkdir -p ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ -sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-rh.init -install -m 0755 src/init/templates/ossec-hids-rh.init ${RPM_BUILD_ROOT}%{_initrddir}/wazuh-manager -sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/wazuh-manager.service -install -m 0644 src/init/templates/wazuh-manager.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/ - -# Clean the preinstalled configuration assesment files -rm -f ${RPM_BUILD_ROOT}%{_localstatedir}/ruleset/sca/* - -# Install Vulnerability Detector files -install -m 0440 src/wazuh_modules/vulnerability_detector/*.json ${RPM_BUILD_ROOT}%{_localstatedir}/queue/vulnerabilities/dictionaries - -# Add configuration scripts -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/ -cp gen_ossec.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/ -cp add_localfiles.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/ - -# Templates for initscript -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/suse -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/sles - -# Install configuration assesment files and files templates -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/{applications,generic} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/{1,2} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/{8,7,6,5} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/{15,16,17,18,19,20} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/{7,8,9} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/{12,14,16}/04 -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/{8,7,6,5} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/{11,12} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/{11,12} -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos -mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows - -cp -r ruleset/sca/{applications,generic,centos,darwin,debian,rhel,sles,sunos,windows} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp - -cp etc/templates/config/generic/{sca.files,sca.manager.files} ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic - -cp etc/templates/config/amzn/1/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 -cp etc/templates/config/amzn/2/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 - -cp etc/templates/config/centos/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos -cp etc/templates/config/centos/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 -cp etc/templates/config/centos/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 -cp etc/templates/config/centos/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 - -cp etc/templates/config/darwin/15/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/15 -cp etc/templates/config/darwin/16/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/16 -cp etc/templates/config/darwin/17/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/17 -cp etc/templates/config/darwin/18/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/18 -cp etc/templates/config/darwin/19/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/19 -cp etc/templates/config/darwin/20/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/20 - -cp etc/templates/config/rhel/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel -cp etc/templates/config/rhel/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 -cp etc/templates/config/rhel/6/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 -cp etc/templates/config/rhel/5/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 - -cp etc/templates/config/sles/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles -cp etc/templates/config/sles/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 - -cp etc/templates/config/suse/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse -cp etc/templates/config/suse/11/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 - -cp etc/templates/config/ubuntu/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu -cp etc/templates/config/ubuntu/12/04/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12/04 -cp etc/templates/config/ubuntu/14/04/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14/04 -cp etc/templates/config/ubuntu/16/04/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16/04 - -cp etc/templates/config/debian/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian -cp etc/templates/config/debian/7/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/7 -cp etc/templates/config/debian/8/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/8 -cp etc/templates/config/debian/9/sca.files ${RPM_BUILD_ROOT}%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/9 - - -# Add SUSE initscript -sed -i "s:WAZUH_HOME_TMP:%{_localstatedir}:g" src/init/templates/ossec-hids-suse.init -cp -rp src/init/templates/ossec-hids-suse.init ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init/ - -# Copy scap templates -cp -rp etc/templates/config/generic/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic -cp -rp etc/templates/config/centos/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos -cp -rp etc/templates/config/rhel/* ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel - -install -m 0640 src/init/*.sh ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/init - -# Add installation scripts -cp src/VERSION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/ -cp src/REVISION ${RPM_BUILD_ROOT}%{_localstatedir}/packages_files/manager_installation_scripts/src/ - -if [ %{_debugenabled} = "yes" ]; then - %{_rpmconfigdir}/find-debuginfo.sh -fi -exit 0 - -%pre - -# Create the ossec group if it doesn't exists -if command -v getent > /dev/null 2>&1 && ! getent group ossec > /dev/null 2>&1; then - groupadd -r ossec -elif ! id -g ossec > /dev/null 2>&1; then - groupadd -r ossec -fi - -# Stop the services to upgrade the package -if [ $1 = 2 ]; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then - systemctl stop wazuh-manager.service > /dev/null 2>&1 - %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 - touch %{_localstatedir}/tmp/wazuh.restart - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - service wazuh-manager stop > /dev/null 2>&1 - %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 - touch %{_localstatedir}/tmp/wazuh.restart - elif %{_localstatedir}/bin/wazuh-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 - touch %{_localstatedir}/tmp/wazuh.restart - elif %{_localstatedir}/bin/ossec-control status 2>/dev/null | grep "is running" > /dev/null 2>&1; then - %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 - touch %{_localstatedir}/tmp/wazuh.restart - fi - %{_localstatedir}/bin/ossec-control stop > /dev/null 2>&1 || %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 -fi - -# Create the ossec user if it doesn't exists -if ! id -u ossec > /dev/null 2>&1; then - useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossec -fi -# Create the ossecr user if it doesn't exists -if ! id -u ossecr > /dev/null 2>&1; then - useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossecr -fi -# Create the ossecm user if it doesn't exists -if ! id -u ossecm > /dev/null 2>&1; then - useradd -g ossec -G ossec -d %{_localstatedir} -r -s /sbin/nologin ossecm -fi - -# Remove/relocate existing SQLite databases -rm -f %{_localstatedir}/var/db/cluster.db* || true -rm -f %{_localstatedir}/var/db/.profile.db* || true -rm -f %{_localstatedir}/var/db/agents/* || true - -if [ -f %{_localstatedir}/var/db/global.db ]; then - mv %{_localstatedir}/var/db/global.db %{_localstatedir}/queue/db/ - rm -f %{_localstatedir}/var/db/global.db* || true - rm -f %{_localstatedir}/var/db/.template.db || true -fi - -if [ -f %{_localstatedir}/queue/db/global.db ]; then - chmod 640 %{_localstatedir}/queue/db/global.db* - chown ossec:ossec %{_localstatedir}/queue/db/global.db* -fi - -# Remove Vuln-detector database -rm -f %{_localstatedir}/queue/vulnerabilities/cve.db || true - -# Remove plain-text agent information if exists -if [ -d %{_localstatedir}/queue/agent-info ]; then - rm -rf %{_localstatedir}/queue/agent-info/* > /dev/null 2>&1 -fi - -if [ -d %{_localstatedir}/queue/rootcheck ]; then - rm -rf %{_localstatedir}/queue/rootcheck/* > /dev/null 2>&1 -fi - -# Delete old API backups -if [ $1 = 2 ]; then - if [ -d %{_localstatedir}/~api ]; then - rm -rf %{_localstatedir}/~api - fi - - if [ -f %{_sysconfdir}/ossec-init.conf ]; then - # Import the variables from ossec-init.conf file - . %{_sysconfdir}/ossec-init.conf - else - # Ask wazuh-control the version - VERSION=$(%{_localstatedir}/bin/wazuh-control info -v) - fi - - # Get the major and minor version - MAJOR=$(echo $VERSION | cut -dv -f2 | cut -d. -f1) - MINOR=$(echo $VERSION | cut -d. -f2) - - # Delete uncompatible DBs versions - if [ $MAJOR = 3 ] && [ $MINOR -lt 7 ]; then - rm -f %{_localstatedir}/queue/db/*.db* - rm -f %{_localstatedir}/queue/db/.template.db - fi - - # Delete 3.X Wazuh API service - if [ "$MAJOR" = "3" ] && [ -d %{_localstatedir}/api ]; then - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 ; then - systemctl stop wazuh-api.service > /dev/null 2>&1 - systemctl disable wazuh-api.service > /dev/null 2>&1 - rm -f /etc/systemd/system/wazuh-api.service - elif command -v service > /dev/null 2>&1 ; then - service wazuh-api stop > /dev/null 2>&1 - chkconfig wazuh-api off > /dev/null 2>&1 - chkconfig --del wazuh-api > /dev/null 2>&1 - rm -f /etc/rc.d/init.d/wazuh-api || true - fi - fi -fi - -%post - -echo "VERSION=\"$(%{_localstatedir}/bin/wazuh-control info -v)\"" > /etc/ossec-init.conf -if [ $1 = 2 ]; then - if [ -d %{_localstatedir}/logs/ossec ]; then - rm -rf %{_localstatedir}/logs/wazuh - cp -rp %{_localstatedir}/logs/ossec %{_localstatedir}/logs/wazuh - fi - - if [ -d %{_localstatedir}/queue/ossec ]; then - rm -rf %{_localstatedir}/queue/sockets - cp -rp %{_localstatedir}/queue/ossec %{_localstatedir}/queue/sockets - fi -fi - -# Fresh install code block -if [ $1 = 1 ]; then - sles="" - if [ -f /etc/SuSE-release ]; then - sles="suse" - elif [ -f /etc/os-release ]; then - if `grep -q "\"sles" /etc/os-release` ; then - sles="suse" - elif `grep -q -i "\"opensuse" /etc/os-release` ; then - sles="opensuse" - fi - fi - - if [ ! -z "$sles" ]; then - install -m 755 %{_localstatedir}/packages_files/manager_installation_scripts/src/init/ossec-hids-suse.init /etc/init.d/wazuh-manager - fi - - . %{_localstatedir}/packages_files/manager_installation_scripts/src/init/dist-detect.sh - - # Generating ossec.conf file - %{_localstatedir}/packages_files/manager_installation_scripts/gen_ossec.sh conf manager ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} %{_localstatedir} > %{_localstatedir}/etc/ossec.conf - - touch %{_localstatedir}/logs/active-responses.log - touch %{_localstatedir}/logs/integrations.log - chown ossec:ossec %{_localstatedir}/logs/active-responses.log - chown ossecm:ossec %{_localstatedir}/logs/integrations.log - chmod 0660 %{_localstatedir}/logs/active-responses.log - chmod 0640 %{_localstatedir}/logs/integrations.log - - # Add default local_files to ossec.conf - %{_localstatedir}/packages_files/manager_installation_scripts/add_localfiles.sh %{_localstatedir} >> %{_localstatedir}/etc/ossec.conf -fi - -# Generation auto-signed certificate if not exists -if type openssl >/dev/null 2>&1 && [ ! -f "%{_localstatedir}/etc/sslmanager.key" ] && [ ! -f "%{_localstatedir}/etc/sslmanager.cert" ]; then - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout %{_localstatedir}/etc/sslmanager.key -out %{_localstatedir}/etc/sslmanager.cert 2>/dev/null - chmod 640 %{_localstatedir}/etc/sslmanager.key - chmod 640 %{_localstatedir}/etc/sslmanager.cert -fi - -rm -f %{_localstatedir}/etc/shared/ar.conf >/dev/null 2>&1 -rm -f %{_localstatedir}/etc/shared/merged.mg >/dev/null 2>&1 - -# CentOS -if [ -r "/etc/centos-release" ]; then - DIST_NAME="centos" - DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/centos-release` -# Fedora -elif [ -r "/etc/fedora-release" ]; then - DIST_NAME="generic" - DIST_VER="" -# RedHat -elif [ -r "/etc/redhat-release" ]; then - if grep -q "CentOS" /etc/redhat-release; then - DIST_NAME="centos" - else - DIST_NAME="rhel" - fi - DIST_VER=`sed -rn 's/.* ([0-9]{1,2})\.*[0-9]{0,2}.*/\1/p' /etc/redhat-release` -# SUSE -elif [ -r "/etc/SuSE-release" ]; then - if grep -q "openSUSE" /etc/SuSE-release; then - DIST_NAME="generic" - DIST_VER="" - else - DIST_NAME="sles" - DIST_VER=`sed -rn 's/.*VERSION = ([0-9]{1,2}).*/\1/p' /etc/SuSE-release` - fi -elif [ -r "/etc/os-release" ]; then - . /etc/os-release - DIST_NAME=$ID - DIST_VER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*([0-9]+).*/\1/p') - if [ "X$DIST_VER" = "X" ]; then - DIST_VER="0" - fi - if [ "$DIST_NAME" = "amzn" ] && [ "$DIST_VER" != "2" ]; then - DIST_VER="1" - fi - DIST_SUBVER=$(echo $VERSION_ID | sed -rn 's/[^0-9]*[0-9]+\.([0-9]+).*/\1/p') - if [ "X$DIST_SUBVER" = "X" ]; then - DIST_SUBVER="0" - fi -else - DIST_NAME="generic" - DIST_VER="" -fi - -SCA_DIR="${DIST_NAME}/${DIST_VER}" -SCA_BASE_DIR="%{_localstatedir}/tmp/sca-%{version}-%{release}-tmp" -mkdir -p %{_localstatedir}/ruleset/sca - -SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" - -# Install the configuration files needed for this hosts -if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" -else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" -fi - -SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - -if [ -r ${SCA_TMP_FILE} ] && [ -r ${SCA_BASE_DIR}/generic/sca.manager.files ]; then - - rm -f %{_localstatedir}/ruleset/sca/* || true - - for sca_file in $(cat ${SCA_TMP_FILE}); do - if [ -f ${SCA_BASE_DIR}/${sca_file} ]; then - mv ${SCA_BASE_DIR}/${sca_file} %{_localstatedir}/ruleset/sca - fi - done - - for sca_file in $(cat ${SCA_BASE_DIR}/generic/sca.manager.files); do - filename=$(basename ${sca_file}) - if [ -f "${SCA_BASE_DIR}/${sca_file}" ] && [ ! -f "%{_localstatedir}/ruleset/sca/${filename}" ]; then - mv ${SCA_BASE_DIR}/${sca_file} %{_localstatedir}/ruleset/sca/${filename}.disabled - fi - done -fi - -# Fix sca permissions, group and owner -chmod 640 %{_localstatedir}/ruleset/sca/* -chown root:ossec %{_localstatedir}/ruleset/sca/* -# Delete the temporary directory -rm -rf ${SCA_BASE_DIR} - -# Add the SELinux policy -if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - semodule -i %{_localstatedir}/var/selinux/wazuh.pp - semodule -e wazuh - fi -fi - -# Delete the installation files used to configure the manager -rm -rf %{_localstatedir}/packages_files - -# Remove unnecessary files from default group -rm -f %{_localstatedir}/etc/shared/default/*.rpmnew - -%preun - -if [ $1 = 0 ]; then - - # Stop the services before uninstall the package - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 && systemctl is-active --quiet wazuh-manager > /dev/null 2>&1; then - systemctl stop wazuh-manager.service > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 && service wazuh-manager status 2>/dev/null | grep "running" > /dev/null 2>&1; then - service wazuh-manager stop > /dev/null 2>&1 - else # Anything else - %{_localstatedir}/bin/wazuh-control stop > /dev/null 2>&1 - fi - - # Check for systemd - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1; then - systemctl disable wazuh-manager > /dev/null 2>&1 - systemctl daemon-reload > /dev/null 2>&1 - # Check for SysV - elif command -v service > /dev/null 2>&1 ; then - chkconfig wazuh-manager off > /dev/null 2>&1 - chkconfig --del wazuh-manager > /dev/null 2>&1 - fi - - # Remove the SELinux policy - if command -v getenforce > /dev/null 2>&1 && command -v semodule > /dev/null 2>&1; then - if [ $(getenforce) != "Disabled" ]; then - if (semodule -l | grep wazuh > /dev/null); then - semodule -r wazuh > /dev/null - fi - fi - fi - - # Remove SCA files - rm -f %{_localstatedir}/ruleset/sca/* -fi - -%postun - -# If the package is been uninstalled -if [ $1 = 0 ];then - # Remove the ossecr user if it exists - if id -u ossecr > /dev/null 2>&1; then - userdel ossecr >/dev/null 2>&1 - fi - # Remove the ossecm user if it exists - if id -u ossecm > /dev/null 2>&1; then - userdel ossecm >/dev/null 2>&1 - fi - # Remove the ossec user if it exists - if id -u ossec > /dev/null 2>&1; then - userdel ossec >/dev/null 2>&1 - fi - # Remove the ossec group if it exists - if command -v getent > /dev/null 2>&1 && getent group ossec > /dev/null 2>&1; then - groupdel ossec >/dev/null 2>&1 - elif id -g ossec > /dev/null 2>&1; then - groupdel ossec >/dev/null 2>&1 - fi - - # Backup agents centralized configuration (etc/shared) - if [ -d %{_localstatedir}/etc/shared ]; then - rm -rf %{_localstatedir}/etc/shared.save/ - mv %{_localstatedir}/etc/shared/ %{_localstatedir}/etc/shared.save/ - fi - - # Backup registration service certificates (sslmanager.cert,sslmanager.key) - if [ -f %{_localstatedir}/etc/sslmanager.cert ]; then - mv %{_localstatedir}/etc/sslmanager.cert %{_localstatedir}/etc/sslmanager.cert.save - fi - if [ -f %{_localstatedir}/etc/sslmanager.key ]; then - mv %{_localstatedir}/etc/sslmanager.key %{_localstatedir}/etc/sslmanager.key.save - fi - - # Remove lingering folders and files - rm -rf %{_localstatedir}/queue/ - rm -rf %{_localstatedir}/framework/ - rm -rf %{_localstatedir}/api/ - rm -rf %{_localstatedir}/stats/ - rm -rf %{_localstatedir}/var/ - rm -rf %{_localstatedir}/bin/ - rm -rf %{_localstatedir}/logs/ - rm -rf %{_localstatedir}/ruleset/ - rm -rf %{_localstatedir}/tmp -fi - -# posttrans code is the last thing executed in a install/upgrade -%posttrans - -if [ -f %{_sysconfdir}/systemd/system/wazuh-manager.service ]; then - rm -rf %{_sysconfdir}/systemd/system/wazuh-manager.service - systemctl daemon-reload > /dev/null 2>&1 -fi - -if [ -f %{_localstatedir}/tmp/wazuh.restart ]; then - rm -f %{_localstatedir}/tmp/wazuh.restart - if command -v systemctl > /dev/null 2>&1 && systemctl > /dev/null 2>&1 ; then - systemctl daemon-reload > /dev/null 2>&1 - systemctl restart wazuh-manager.service > /dev/null 2>&1 - elif command -v service > /dev/null 2>&1 ; then - service wazuh-manager restart > /dev/null 2>&1 - else - %{_localstatedir}/bin/wazuh-control restart > /dev/null 2>&1 - fi -fi - -if [ -d %{_localstatedir}/logs/ossec ]; then - rm -rf %{_localstatedir}/logs/ossec/ -fi - -if [ -d %{_localstatedir}/queue/ossec ]; then - rm -rf %{_localstatedir}/queue/ossec/ -fi - -if [ -f %{_sysconfdir}/ossec-init.conf ]; then - rm -f %{_sysconfdir}/ossec-init.conf - rm -f %{_localstatedir}/etc/ossec-init.conf -fi - -%triggerin -- glibc -[ -r %{_sysconfdir}/localtime ] && cp -fpL %{_sysconfdir}/localtime %{_localstatedir}/etc - chown root:ossec %{_localstatedir}/etc/localtime - chmod 0640 %{_localstatedir}/etc/localtime - -%clean -rm -fr %{buildroot} - -%files -%defattr(-,root,ossec) -%{_initrddir}/wazuh-manager -%attr(640, root, ossec) %verify(not md5 size mtime) %ghost %{_sysconfdir}/ossec-init.conf -/usr/lib/systemd/system/wazuh-manager.service -%dir %attr(750, root, ossec) %{_localstatedir} -%attr(750, root, ossec) %{_localstatedir}/agentless -%dir %attr(750, root, ossec) %{_localstatedir}/active-response -%dir %attr(750, root, ossec) %{_localstatedir}/active-response/bin -%attr(750, root, ossec) %{_localstatedir}/active-response/bin/* -%dir %attr(750, root, ossec) %{_localstatedir}/api -%dir %attr(770, root, ossec) %{_localstatedir}/api/configuration -%attr(660, root, ossec) %config(noreplace) %{_localstatedir}/api/configuration/api.yaml -%dir %attr(770, root, ossec) %{_localstatedir}/api/configuration/security -%dir %attr(770, root, ossec) %{_localstatedir}/api/configuration/ssl -%dir %attr(750, root, ossec) %{_localstatedir}/api/scripts -%attr(640, root, ossec) %{_localstatedir}/api/scripts/wazuh-apid.py -%dir %attr(750, root, ossec) %{_localstatedir}/backup -%dir %attr(750, ossec, ossec) %{_localstatedir}/backup/agents -%dir %attr(750, ossec, ossec) %{_localstatedir}/backup/groups -%dir %attr(750, root, ossec) %{_localstatedir}/backup/shared -%dir %attr(750, root, ossec) %{_localstatedir}/bin -%attr(750, root, root) %{_localstatedir}/bin/agent_control -%attr(750, root, ossec) %{_localstatedir}/bin/agent_groups -%attr(750, root, ossec) %{_localstatedir}/bin/agent_upgrade -%attr(750, root, root) %{_localstatedir}/bin/clear_stats -%attr(750, root, ossec) %{_localstatedir}/bin/cluster_control -%attr(750, root, root) %{_localstatedir}/bin/manage_agents -%attr(750, root, root) %{_localstatedir}/bin/wazuh-agentlessd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-analysisd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-authd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-control -%attr(750, root, root) %{_localstatedir}/bin/wazuh-csyslogd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-dbd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-execd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-integratord -%attr(750, root, root) %{_localstatedir}/bin/wazuh-logcollector -%attr(750, root, root) %{_localstatedir}/bin/wazuh-logtest-legacy -%attr(750, root, ossec) %{_localstatedir}/bin/wazuh-logtest -%attr(750, root, root) %{_localstatedir}/bin/wazuh-maild -%attr(750, root, root) %{_localstatedir}/bin/wazuh-monitord -%attr(750, root, root) %{_localstatedir}/bin/wazuh-regex -%attr(750, root, root) %{_localstatedir}/bin/wazuh-remoted -%attr(750, root, root) %{_localstatedir}/bin/wazuh-reportd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-syscheckd -%attr(750, root, ossec) %{_localstatedir}/bin/verify-agent-conf -%attr(750, root, ossec) %{_localstatedir}/bin/wazuh-apid -%attr(750, root, ossec) %{_localstatedir}/bin/wazuh-clusterd -%attr(750, root, root) %{_localstatedir}/bin/wazuh-db -%attr(750, root, root) %{_localstatedir}/bin/wazuh-modulesd -%dir %attr(770, ossec, ossec) %{_localstatedir}/etc -%attr(660, root, ossec) %config(noreplace) %{_localstatedir}/etc/ossec.conf -%attr(640, root, ossec) %config(noreplace) %{_localstatedir}/etc/client.keys -%attr(640, root, ossec) %{_localstatedir}/etc/internal_options* -%attr(640, root, ossec) %config(noreplace) %{_localstatedir}/etc/local_internal_options.conf -%attr(640, root, ossec) %{_localstatedir}/etc/localtime -%dir %attr(770, root, ossec) %{_localstatedir}/etc/decoders -%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/decoders/local_decoder.xml -%dir %attr(770, root, ossec) %{_localstatedir}/etc/lists -%dir %attr(770, ossec, ossec) %{_localstatedir}/etc/lists/amazon -%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/lists/amazon/* -%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/lists/audit-keys -%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/lists/security-eventchannel -%dir %attr(770, root, ossec) %{_localstatedir}/etc/shared -%dir %attr(770, ossec, ossec) %{_localstatedir}/etc/shared/default -%attr(660, ossec, ossec) %{_localstatedir}/etc/shared/agent-template.conf -%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/shared/default/* -%dir %attr(770, root, ossec) %{_localstatedir}/etc/rootcheck -%attr(660, root, ossec) %{_localstatedir}/etc/rootcheck/*.txt -%dir %attr(770, root, ossec) %{_localstatedir}/etc/rules -%attr(660, ossec, ossec) %config(noreplace) %{_localstatedir}/etc/rules/local_rules.xml -%dir %attr(750, root, ossec) %{_localstatedir}/framework -%dir %attr(750, root, ossec) %{_localstatedir}/framework/python -%{_localstatedir}/framework/python/* -%dir %attr(750, root, ossec) %{_localstatedir}/framework/scripts -%attr(640, root, ossec) %{_localstatedir}/framework/scripts/*.py -%dir %attr(750, root, ossec) %{_localstatedir}/framework/wazuh -%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/*.py -%dir %attr(750, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster -%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/*.py -%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/*.json -%dir %attr(750, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/dapi -%attr(640, root, ossec) %{_localstatedir}/framework/wazuh/core/cluster/dapi/*.py -%dir %attr(750, root, ossec) %{_localstatedir}/integrations -%attr(750, root, ossec) %{_localstatedir}/integrations/* -%dir %attr(750, root, ossec) %{_localstatedir}/lib -%attr(750, root, ossec) %{_localstatedir}/lib/libwazuhext.so -%attr(750, root, ossec) %{_localstatedir}/lib/libwazuhshared.so -%attr(750, root, ossec) %{_localstatedir}/lib/libdbsync.so -%attr(750, root, ossec) %{_localstatedir}/lib/librsync.so -%attr(750, root, ossec) %{_localstatedir}/lib/libsyscollector.so -%attr(750, root, ossec) %{_localstatedir}/lib/libsysinfo.so -%{_localstatedir}/lib/libpython3.9.so.1.0 -%dir %attr(770, ossec, ossec) %{_localstatedir}/logs -%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/active-responses.log -%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/api.log -%attr(640, ossecm, ossec) %ghost %{_localstatedir}/logs/integrations.log -%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/ossec.log -%attr(660, ossec, ossec) %ghost %{_localstatedir}/logs/ossec.json -%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/api -%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/archives -%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/alerts -%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/cluster -%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/firewall -%dir %attr(750, ossec, ossec) %{_localstatedir}/logs/wazuh -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/add_localfiles.sh -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/gen_ossec.sh -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/ -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/REVISION -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/VERSION -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/init/ -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/src/init/* -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/generic/* -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/centos/* -%dir %attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel -%attr(750, root, root) %config(missingok) %{_localstatedir}/packages_files/manager_installation_scripts/etc/templates/config/rhel/* -%dir %attr(750, root, ossec) %{_localstatedir}/queue -%attr(600, root, ossec) %ghost %{_localstatedir}/queue/agents-timestamp -%dir %attr(770, root, ossec) %{_localstatedir}/queue/agent-groups -%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/agentless -%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/alerts -%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/cluster -%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/db -%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/diff -%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/fim -%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/fim/db -%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/syscollector -%dir %attr(750, ossec,ossec) %{_localstatedir}/queue/syscollector/db -%attr(640, root,ossec) %{_localstatedir}/queue/syscollector/norm_config.json -%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/fts -%dir %attr(770, ossecr, ossec) %{_localstatedir}/queue/rids -%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/tasks -%dir %attr(770, ossec, ossec) %{_localstatedir}/queue/sockets -%dir %attr(660, root, ossec) %{_localstatedir}/queue/vulnerabilities -%dir %attr(440, root, ossec) %{_localstatedir}/queue/vulnerabilities/dictionaries -%dir %attr(750, ossec, ossec) %{_localstatedir}/queue/logcollector -%attr(0440, root, ossec) %{_localstatedir}/queue/vulnerabilities/dictionaries/cpe_helper.json -%attr(0440, root, ossec) %ghost %{_localstatedir}/queue/vulnerabilities/dictionaries/msu.json.gz -%dir %attr(750, root, ossec) %{_localstatedir}/ruleset -%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/sca -%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/decoders -%attr(640, root, ossec) %{_localstatedir}/ruleset/decoders/* -%dir %attr(750, root, ossec) %{_localstatedir}/ruleset/rules -%attr(640, root, ossec) %{_localstatedir}/ruleset/rules/* -%dir %attr(770, root, ossec) %{_localstatedir}/.ssh -%dir %attr(750, ossec, ossec) %{_localstatedir}/stats -%dir %attr(1770, root, ossec) %{_localstatedir}/tmp -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/applications -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/applications/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/generic/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/1/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/amzn/2/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/5/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/6/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/7/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/centos/8/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/15 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/15/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/16 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/16/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/17 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/17/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/18 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/18/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/19 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/19/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/20 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/darwin/20/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/sca.files -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/*yml -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/7 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/7/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/8 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/8/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/9 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/debian/9/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/5/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/6/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/7/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/rhel/8/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/11/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sles/12/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/sunos/* -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/11/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/suse/12 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/sca.files -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12 -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12/04 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/12/04/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14 -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14/04 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/14/04/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16 -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16/04 -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/ubuntu/16/04/* -%dir %attr(750, ossec, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows -%attr(640, root, ossec) %config(missingok) %{_localstatedir}/tmp/sca-%{version}-%{release}-tmp/windows/* -%dir %attr(750, root, ossec) %{_localstatedir}/var -%dir %attr(770, root, ossec) %{_localstatedir}/var/db -%dir %attr(770, root, ossec) %{_localstatedir}/var/db/agents -%attr(660, root, ossec) %{_localstatedir}/var/db/mitre.db -%dir %attr(770, root, ossec) %{_localstatedir}/var/download -%dir %attr(770, ossec, ossec) %{_localstatedir}/var/multigroups -%dir %attr(770, root, ossec) %{_localstatedir}/var/run -%dir %attr(770, root, ossec) %{_localstatedir}/var/selinux -%attr(640, root, ossec) %{_localstatedir}/var/selinux/* -%dir %attr(770, root, ossec) %{_localstatedir}/var/upgrade -%dir %attr(770, root, ossec) %{_localstatedir}/var/wodles -%dir %attr(750, root, ossec) %{_localstatedir}/wodles -%attr(750,root,ossec) %{_localstatedir}/wodles/* -%dir %attr(750, root, ossec) %{_localstatedir}/wodles/aws -%attr(750, root, ossec) %{_localstatedir}/wodles/aws/* -%dir %attr(750, root, ossec) %{_localstatedir}/wodles/azure -%attr(750, root, ossec) %{_localstatedir}/wodles/azure/* -%dir %attr(750, root, ossec) %{_localstatedir}/wodles/docker -%attr(750, root, ossec) %{_localstatedir}/wodles/docker/* -%dir %attr(750, root, ossec) %{_localstatedir}/wodles/gcloud -%attr(750, root, ossec) %{_localstatedir}/wodles/gcloud/* - -%if %{_debugenabled} == "yes" -/usr/lib/debug/%{_localstatedir}/* -/usr/src/debug/%{name}-%{version}/* -%endif - - -%changelog -* Wed Oct 06 2021 support - 4.2.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Sep 28 2021 support - 4.2.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Sep 25 2021 support - 4.2.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 26 2021 support - 4.2.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Apr 24 2021 support - 3.13.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 22 2021 support - 4.1.5 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Mar 29 2021 support - 4.1.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Mar 20 2021 support - 4.1.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Mar 08 2021 support - 4.1.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Mar 05 2021 support - 4.1.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 19 2021 support - 4.1.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 12 2021 support - 4.0.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 30 2020 support - 4.0.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 23 2020 support - 4.0.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Oct 31 2020 support - 4.0.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Oct 19 2020 support - 4.0.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Aug 21 2020 support - 3.13.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jul 14 2020 support - 3.13.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 29 2020 support - 3.13.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed May 13 2020 support - 3.12.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Apr 9 2020 support - 3.12.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Apr 8 2020 support - 3.12.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Mar 25 2020 support - 3.12.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Feb 24 2020 support - 3.11.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 22 2020 support - 3.11.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jan 7 2020 support - 3.11.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Dec 26 2019 support - 3.11.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Oct 7 2019 support - 3.11.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Sep 23 2019 support - 3.10.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Sep 19 2019 support - 3.10.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Aug 26 2019 support - 3.10.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Aug 8 2019 support - 3.9.5 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Fri Jul 12 2019 support - 3.9.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jun 11 2019 support - 3.9.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Jun 6 2019 support - 3.9.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon May 6 2019 support - 3.9.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Feb 25 2019 support - 3.9.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 30 2019 support - 3.8.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Jan 24 2019 support - 3.8.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jan 16 2019 support - 3.8.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Dec 10 2018 support - 3.7.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 12 2018 support - 3.7.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Sat Nov 10 2018 support - 3.7.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Sep 3 2018 support - 3.6.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu Aug 23 2018 support - 3.6.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jul 25 2018 support - 3.5.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Jul 11 2018 support - 3.4.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 18 2018 support - 3.3.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Jun 11 2018 support - 3.3.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed May 30 2018 support - 3.2.4 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Thu May 10 2018 support - 3.2.3 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Apr 09 2018 support - 3.2.2 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Feb 21 2018 support - 3.2.1 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Wed Feb 07 2018 support - 3.2.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Dec 19 2017 support - 3.1.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Mon Nov 06 2017 support - 3.0.0 -- More info: https://documentation.wazuh.com/current/release-notes/ -* Tue Jun 06 2017 support - 2.0.1 -- Changed random data generator for a secure OS-provided generator. -- Changed Windows installer file name (depending on version). -- Linux distro detection using standard os-release file. -- Changed some URLs to documentation. -- Disable synchronization with SQLite databases for Syscheck by default. -- Minor changes at Rootcheck formatter for JSON alerts. -- Added debugging messages to Integrator logs. -- Show agent ID when possible on logs about incorrectly formatted messages. -- Use default maximum inotify event queue size. -- Show remote IP on encoding format errors when unencrypting messages. -- Fix permissions in agent-info folder -- Fix permissions in rids folder. -* Fri Apr 21 2017 Jose Luis Ruiz - 2.0 -- Changed random data generator for a secure OS-provided generator. -- Changed Windows installer file name (depending on version). -- Linux distro detection using standard os-release file. -- Changed some URLs to documentation. -- Disable synchronization with SQLite databases for Syscheck by default. -- Minor changes at Rootcheck formatter for JSON alerts. -- Added debugging messages to Integrator logs. -- Show agent ID when possible on logs about incorrectly formatted messages. -- Use default maximum inotify event queue size. -- Show remote IP on encoding format errors when unencrypting messages. -- Fixed resource leaks at rules configuration parsing. -- Fixed memory leaks at rules parser. -- Fixed memory leaks at XML decoders parser. -- Fixed TOCTOU condition when removing directories recursively. -- Fixed insecure temporary file creation for old POSIX specifications. -- Fixed missing agentless devices identification at JSON alerts. -- Fixed FIM timestamp and file name issue at SQLite database. -- Fixed cryptographic context acquirement on Windows agents. -- Fixed debug mode for Analysisd. -- Fixed bad exclusion of BTRFS filesystem by Rootcheck. -- Fixed compile errors on macOS. -- Fixed option -V for Integrator. -- Exclude symbolic links to directories when sending FIM diffs (by Stephan Joerrens). -- Fixed daemon list for service reloading at ossec-control. -- Fixed socket waiting issue on Windows agents. -- Fixed PCI_DSS definitions grouping issue at Rootcheck controls. diff --git a/solaris/solaris11/SPECS/template_agent_v4.2.3.json b/solaris/solaris11/SPECS/template_agent_v4.2.3.json deleted file mode 100644 index 707869896e..0000000000 --- a/solaris/solaris11/SPECS/template_agent_v4.2.3.json +++ /dev/null @@ -1,2043 +0,0 @@ -{ - "/var/ossec": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/.ssh": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/active-response": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/active-response/bin": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/active-response/bin/default-firewall-drop": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/disable-account": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/firewall-drop": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/firewalld-drop": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/host-deny": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/ip-customblock": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/ipfw": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/kaspersky.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/kaspersky": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/npf": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/wazuh-slack": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/pf": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/restart-wazuh": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/restart.sh": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/active-response/bin/route-null": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/agentless/main.exp": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/register_host.sh": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh.exp": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_asa-fwsmconfig_diff": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_foundry_diff": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_generic_diff": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_integrity_check_bsd": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_integrity_check_linux": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_nopass.exp": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/ssh_pixconfig_diff": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/sshlogin.exp": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/agentless/su.exp": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/backup": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/bin": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/bin/agent-auth": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/manage_agents": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/wazuh-agentd": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/wazuh-control": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/wazuh-execd": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/wazuh-logcollector": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/wazuh-syscheckd": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/util.sh": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/bin/wazuh-modulesd": { - "class": "static", - "group": "root", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/etc": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/etc/client.keys": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/client.keys.rpmnew": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/internal_options.conf": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/local_internal_options.conf": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/localtime": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/ossec.conf": { - "class": "static", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/ossec.conf.rpmnew": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/ossec.conf.new": { - "class": "dynamic", - "group": "root", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/shared": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/etc/shared/agent.conf": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/ar.conf": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/var/start-script-lock": { - "class": "dynamic", - "group": "ossec", - "mode": "0755", - "prot": "drwxr-xr-x", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/start-script-lock/pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "root" - }, - "/var/ossec/etc/shared/cis_apache2224_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_debian_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_rhel_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_sles11_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_sles12_linux_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/merged.mg": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/rootkit_files.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/rootkit_trojans.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/system_audit_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/system_audit_ssh.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/win_applications_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/win_audit_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/shared/win_malware_rcl.txt": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/etc/wpk_root.pem": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/lib": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/lib/libwazuhext.so": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/lib/libwazuhshared.so": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/lib/libdbsync.so": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/lib/librsync.so": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/lib/libsysinfo.so": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/lib/libsyscollector.so": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/logs": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/active-responses.log": { - "class": "static", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec.log": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/logs/ossec.json": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jan": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Feb": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Mar": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Apr": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/May": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jun": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jul": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Aug": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Sep": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Oct": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Nov": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Dec": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/wazuh/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jan": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Feb": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Mar": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Apr": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/May": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jun": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jul": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Aug": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Sep": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Oct": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Nov": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Dec": { - "class": "dynamic", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jan/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Feb/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Mar/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Apr/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/May/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jun/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Jul/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Aug/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Sep/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Oct/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Nov/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].json.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/logs/ossec/[0-9][0-9][0-9][0-9]/Dec/ossec-[0-9][0-9].log.gz": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/queue": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/queue/alerts": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/alerts/cfgaq": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/alerts/execq": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/diff": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/diff/local": { - "class": "dynamic", - "group": "root", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/queue/diff/local/*": { - "class": "dynamic", - "group": "root", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/queue/diff/local/*/*.*": { - "class": "dynamic", - "group": "root", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/queue/diff/local/*/*/*.*": { - "class": "dynamic", - "group": "root", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/diff/local/*/*/last-entry": { - "class": "dynamic", - "group": "root", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/fim": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/fim/db": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/syscollector": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/syscollector/db": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/syscollector/norm_config.json": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/ossec": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/ossec/.*": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/queue/ossec/logcollector": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/ossec/syscheck": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/ossec/wmodules": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/ossec/queue": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/queue/ossec/com": { - "class": "static", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/ossec/control": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/sockets": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/sockets/.*": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/queue/sockets/logcollector": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/sockets/syscheck": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/sockets/wmodules": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/sockets/queue": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/queue/sockets/com": { - "class": "static", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/sockets/control": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/queue/rids": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/logcollector": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "ossec" - }, - "/var/ossec/queue/rids/*": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/ruleset": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/ruleset/sca": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - - "/var/ossec/ruleset/sca/cis_solaris11.yml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rwxr-----", - "type": "file", - "user": "root" - }, - "/var/ossec/tmp": { - "class": "static", - "group": "ossec", - "mode": "1770", - "prot": "drwxrwx--T", - "type": "directory", - "user": "root" - }, - "/var/ossec/var": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/db": { - "class": "dynamic", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/db/agents": { - "class": "dynamic", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/db/agents/001-*.db": { - "class": "dynamic", - "group": "ossec", - "mode": "0660", - "prot": "-rw-rw----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/incoming": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/run": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/run/.syscheck_run": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/var/run/wazuh-agentd.state": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/var/run/wazuh-agentd-*.pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "ossec" - }, - "/var/ossec/var/run/wazuh-execd-*.pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/run/wazuh-logcollector-*.pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/run/wazuh-logcollector.state": { - "class": "static", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "ossec" - }, - "/var/ossec/var/run/wazuh-syscheckd-*.pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/run/wazuh-modulesd-*.pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/run/agent-auth-*.pid": { - "class": "dynamic", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/selinux": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/selinux/wazuh.pp": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/var/upgrade": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/wodles": { - "class": "static", - "group": "ossec", - "mode": "0770", - "prot": "drwxrwx---", - "type": "directory", - "user": "root" - }, - "/var/ossec/var/wodles/syscollector": { - "class": "dynamic", - "group": "ossec", - "mode": "0644", - "prot": "-rw-r--r--", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/wodles/__init__.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/utils.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/aws": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/wodles/aws/aws-s3": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/docker": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/wodles/docker/DockerListener": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/gcloud": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/wodles/gcloud/gcloud": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/gcloud/gcloud.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/gcloud/integration.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/gcloud/tools.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/wodles/oscap/content": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "drwxr-x---", - "type": "directory", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/cve-debian-8-oval.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/cve-debian-9-oval.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/cve-redhat-6-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/cve-redhat-7-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/cve-ubuntu-xenial-oval.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-centos-6-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-centos-7-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-debian-8-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-fedora-24-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-rhel-6-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-rhel-7-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-ubuntu-1404-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/content/ssg-ubuntu-1604-ds.xml": { - "class": "static", - "group": "ossec", - "mode": "0640", - "prot": "-rw-r-----", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/oscap.py": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/template_oval.xsl": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - }, - "/var/ossec/wodles/oscap/template_xccdf.xsl": { - "class": "static", - "group": "ossec", - "mode": "0750", - "prot": "-rwxr-x---", - "type": "file", - "user": "root" - } -} From 585df36d84d28cbec3b5977b3d4093b6dcff37e9 Mon Sep 17 00:00:00 2001 From: verd-x Date: Thu, 14 Oct 2021 18:21:18 +0200 Subject: [PATCH 3/4] Removed 4.2.3 SPECS file in macos --- macos/specs/4.x/wazuh-agent-4.2.3.pkgproj | 1238 --------------------- 1 file changed, 1238 deletions(-) delete mode 100644 macos/specs/4.x/wazuh-agent-4.2.3.pkgproj diff --git a/macos/specs/4.x/wazuh-agent-4.2.3.pkgproj b/macos/specs/4.x/wazuh-agent-4.2.3.pkgproj deleted file mode 100644 index f43684d46e..0000000000 --- a/macos/specs/4.x/wazuh-agent-4.2.3.pkgproj +++ /dev/null @@ -1,1238 +0,0 @@ - - - - - PACKAGES - - - MUST-CLOSE-APPLICATION-ITEMS - - MUST-CLOSE-APPLICATIONS - - PACKAGE_FILES - - DEFAULT_INSTALL_LOCATION - / - HIERARCHY - - CHILDREN - - - CHILDREN - - GID - 80 - PATH - Applications - PATH_TYPE - 0 - PERMISSIONS - 509 - TYPE - 1 - UID - 0 - - - CHILDREN - - - CHILDREN - - GID - 80 - PATH - Application Support - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Automator - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Documentation - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Extensions - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Filesystems - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Frameworks - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Input Methods - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Internet Plug-Ins - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - LaunchAgents - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - LaunchDaemons - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/.ssh - PATH_TYPE - 0 - PERMISSIONS - 448 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/active-response - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/agentless - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/bin - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/etc/internal_options.conf - PATH_TYPE - 0 - PERMISSIONS - 416 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/etc/localtime - PATH_TYPE - 0 - PERMISSIONS - 416 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/etc/client.keys - PATH_TYPE - 0 - PERMISSIONS - 416 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/etc/local_internal_options.conf - PATH_TYPE - 0 - PERMISSIONS - 416 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/etc/ossec.conf - PATH_TYPE - 0 - PERMISSIONS - 416 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/etc/shared - PATH_TYPE - 0 - PERMISSIONS - 504 - TYPE - 3 - UID - 0 - - - EXPANDED - - GID - 0 - PATH - /Library/Ossec/etc - PATH_TYPE - 0 - PERMISSIONS - 504 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/lib - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/logs - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/queue - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/tmp - PATH_TYPE - 0 - PERMISSIONS - 1000 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/packages_files - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/var - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/wodles - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - /Library/Ossec/ruleset - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - EXPANDED - - GID - 0 - PATH - /Library/Ossec - PATH_TYPE - 0 - PERMISSIONS - 488 - TYPE - 3 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - PreferencePanes - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Preferences - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 80 - PATH - Printers - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - PrivilegedHelperTools - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - QuickLook - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - QuickTime - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Screen Savers - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Scripts - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Services - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - GID - 0 - PATH - Widgets - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - GID - 0 - PATH - Library - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - CHILDREN - - - CHILDREN - - GID - 0 - PATH - Shared - PATH_TYPE - 0 - PERMISSIONS - 1023 - TYPE - 1 - UID - 0 - - - GID - 80 - PATH - Users - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - - GID - 0 - PATH - / - PATH_TYPE - 0 - PERMISSIONS - 493 - TYPE - 1 - UID - 0 - - PAYLOAD_TYPE - 0 - SHOW_INVISIBLE - - SPLIT_FORKS - - TREAT_MISSING_FILES_AS_WARNING - - VERSION - 4 - - PACKAGE_SCRIPTS - - POSTINSTALL_PATH - - PATH - postinstall.sh - PATH_TYPE - 1 - - PREINSTALL_PATH - - PATH - preinstall.sh - PATH_TYPE - 1 - - RESOURCES - - - PACKAGE_SETTINGS - - AUTHENTICATION - 1 - CONCLUSION_ACTION - 0 - FOLLOW_SYMBOLIC_LINKS - - IDENTIFIER - com.wazuh.pkg.wazuh-agent - LOCATION - 0 - NAME - agent - OVERWRITE_PERMISSIONS - - PAYLOAD_SIZE - -1 - RELOCATABLE - - USE_HFS+_COMPRESSION - - VERSION - 4.2.3-1 - - TYPE - 0 - UUID - 7BC88EDC-74AB-498A-992B-DE940686D898 - - - PROJECT - - PROJECT_COMMENTS - - NOTES - - PCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBIVE1M - IDQuMDEvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIvaHRtbDQv - c3RyaWN0LmR0ZCI+CjxodG1sPgo8aGVhZD4KPG1ldGEgaHR0cC1l - cXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7 - IGNoYXJzZXQ9VVRGLTgiPgo8bWV0YSBodHRwLWVxdWl2PSJDb250 - ZW50LVN0eWxlLVR5cGUiIGNvbnRlbnQ9InRleHQvY3NzIj4KPHRp - dGxlPjwvdGl0bGU+CjxtZXRhIG5hbWU9IkdlbmVyYXRvciIgY29u - dGVudD0iQ29jb2EgSFRNTCBXcml0ZXIiPgo8bWV0YSBuYW1lPSJD - b2NvYVZlcnNpb24iIGNvbnRlbnQ9IjE1MDQuODMiPgo8c3R5bGUg - dHlwZT0idGV4dC9jc3MiPgo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5 - Pgo8L2JvZHk+CjwvaHRtbD4K - - - PROJECT_PRESENTATION - - BACKGROUND - - INSTALLATION TYPE - - HIERARCHIES - - INSTALLER - - LIST - - - DESCRIPTION - - OPTIONS - - HIDDEN - - STATE - 0 - - PACKAGE_UUID - 7BC88EDC-74AB-498A-992B-DE940686D898 - REQUIREMENTS - - TITLE - - - LANGUAGE - English - VALUE - Wazuh Agent - - - TOOLTIP - - TYPE - 0 - UUID - B5127C49-7EF4-4B73-97D7-2819981073A4 - - - REMOVED - - - - MODE - 0 - - INSTALLATION_STEPS - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewIntroductionController - INSTALLER_PLUGIN - Introduction - LIST_TITLE_KEY - InstallerSectionTitle - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewReadMeController - INSTALLER_PLUGIN - ReadMe - LIST_TITLE_KEY - InstallerSectionTitle - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewLicenseController - INSTALLER_PLUGIN - License - LIST_TITLE_KEY - InstallerSectionTitle - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewDestinationSelectController - INSTALLER_PLUGIN - TargetSelect - LIST_TITLE_KEY - InstallerSectionTitle - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewInstallationTypeController - INSTALLER_PLUGIN - PackageSelection - LIST_TITLE_KEY - InstallerSectionTitle - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewInstallationController - INSTALLER_PLUGIN - Install - LIST_TITLE_KEY - InstallerSectionTitle - - - ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS - ICPresentationViewSummaryController - INSTALLER_PLUGIN - Summary - LIST_TITLE_KEY - InstallerSectionTitle - - - INTRODUCTION - - LOCALIZATIONS - - - LANGUAGE - English - VALUE - - PATH - introduction.txt - PATH_TYPE - 1 - - - - - LICENSE - - LOCALIZATIONS - - MODE - 0 - - README - - LOCALIZATIONS - - - TITLE - - LOCALIZATIONS - - - LANGUAGE - English - VALUE - Wazuh Agent - - - - - PROJECT_REQUIREMENTS - - LIST - - - BEHAVIOR - 3 - DICTIONARY - - IC_REQUIREMENT_CPU_ARCHITECTURE_FAMILY - 2 - IC_REQUIREMENT_CPU_INTEL_ARCHITECTURE_TYPE - 2 - IC_REQUIREMENT_CPU_MINIMUM_CPU_CORES_COUNT - 1 - IC_REQUIREMENT_CPU_MINIMUM_FREQUENCY - 866666 - IC_REQUIREMENT_CPU_POWERPC_ARCHITECTURE_TYPE - 0 - - IC_REQUIREMENT_CHECK_TYPE - 0 - IDENTIFIER - fr.whitebox.Packages.requirement.cpu - MESSAGE - - - LANGUAGE - English - SECONDARY_VALUE - - VALUE - This installer has been built for 64-bit Intel architecture. It won't install in other platforms. - - - NAME - Processor - STATE - - - - BEHAVIOR - 3 - DICTIONARY - - IC_REQUIREMENT_OS_DISK_TYPE - 0 - IC_REQUIREMENT_OS_DISTRIBUTION_TYPE - 0 - IC_REQUIREMENT_OS_MINIMUM_VERSION - 100800 - - IC_REQUIREMENT_CHECK_TYPE - 1 - IDENTIFIER - fr.whitebox.Packages.requirement.os - MESSAGE - - NAME - Operating System - STATE - - - - RESOURCES - - ROOT_VOLUME_ONLY - - - PROJECT_SETTINGS - - BUILD_FORMAT - 0 - BUILD_PATH - - PATH - build - PATH_TYPE - 1 - - EXCLUDED_FILES - - - PATTERNS_ARRAY - - - REGULAR_EXPRESSION - - STRING - .DS_Store - TYPE - 0 - - - PROTECTED - - PROXY_NAME - Remove .DS_Store files - PROXY_TOOLTIP - Remove ".DS_Store" files created by the Finder. - STATE - - - - PATTERNS_ARRAY - - - REGULAR_EXPRESSION - - STRING - .pbdevelopment - TYPE - 0 - - - PROTECTED - - PROXY_NAME - Remove .pbdevelopment files - PROXY_TOOLTIP - Remove ".pbdevelopment" files created by ProjectBuilder or Xcode. - STATE - - - - PATTERNS_ARRAY - - - REGULAR_EXPRESSION - - STRING - CVS - TYPE - 1 - - - REGULAR_EXPRESSION - - STRING - .cvsignore - TYPE - 0 - - - REGULAR_EXPRESSION - - STRING - .cvspass - TYPE - 0 - - - REGULAR_EXPRESSION - - STRING - .svn - TYPE - 1 - - - REGULAR_EXPRESSION - - STRING - .git - TYPE - 1 - - - REGULAR_EXPRESSION - - STRING - .gitignore - TYPE - 0 - - - PROTECTED - - PROXY_NAME - Remove SCM metadata - PROXY_TOOLTIP - Remove helper files and folders used by the CVS, SVN or Git Source Code Management systems. - STATE - - - - PATTERNS_ARRAY - - - REGULAR_EXPRESSION - - STRING - classes.nib - TYPE - 0 - - - REGULAR_EXPRESSION - - STRING - designable.db - TYPE - 0 - - - REGULAR_EXPRESSION - - STRING - info.nib - TYPE - 0 - - - PROTECTED - - PROXY_NAME - Optimize nib files - PROXY_TOOLTIP - Remove "classes.nib", "info.nib" and "designable.nib" files within .nib bundles. - STATE - - - - PATTERNS_ARRAY - - - REGULAR_EXPRESSION - - STRING - Resources Disabled - TYPE - 1 - - - PROTECTED - - PROXY_NAME - Remove Resources Disabled folders - PROXY_TOOLTIP - Remove "Resources Disabled" folders. - STATE - - - - SEPARATOR - - - - NAME - wazuh-agent-4.2.3-1 - PAYLOAD_ONLY - - TREAT_MISSING_PRESENTATION_DOCUMENTS_AS_WARNING - - - - TYPE - 0 - VERSION - 2 - - From b2056776f18777a6b736185959e7a088616727cd Mon Sep 17 00:00:00 2001 From: verd-x Date: Thu, 14 Oct 2021 18:22:01 +0200 Subject: [PATCH 4/4] Removed 4.2.3 SPECS file in macos --- macos/package_files/4.2.3/build.sh | 79 -------- macos/package_files/4.2.3/postinstall.sh | 124 ------------ macos/package_files/4.2.3/preinstall.sh | 228 ----------------------- 3 files changed, 431 deletions(-) delete mode 100755 macos/package_files/4.2.3/build.sh delete mode 100755 macos/package_files/4.2.3/postinstall.sh delete mode 100755 macos/package_files/4.2.3/preinstall.sh diff --git a/macos/package_files/4.2.3/build.sh b/macos/package_files/4.2.3/build.sh deleted file mode 100755 index d99b415d4f..0000000000 --- a/macos/package_files/4.2.3/build.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# Program to build OSX wazuh-agent -# Wazuh package generator -# Copyright (C) 2015-2020, Wazuh Inc. -# -# This program is a free software; you can redistribute it -# and/or modify it under the terms of the GNU General Public -# License (version 2) as published by the FSF - Free Software -# Foundation. -set -exf -DESTINATION_PATH=$1 -SOURCES_PATH=$2 -BUILD_JOBS=$3 -INSTALLATION_SCRIPTS_DIR=${DESTINATION_PATH}/packages_files/agent_installation_scripts - -function configure() { - echo USER_LANGUAGE="en" > ${CONFIG} - echo USER_NO_STOP="y" >> ${CONFIG} - echo USER_INSTALL_TYPE="agent" >> ${CONFIG} - echo USER_DIR="${DESTINATION_PATH}" >> ${CONFIG} - echo USER_DELETE_DIR="y" >> ${CONFIG} - echo USER_CLEANINSTALL="y" >> ${CONFIG} - echo USER_BINARYINSTALL="y" >> ${CONFIG} - echo USER_AGENT_SERVER_IP="MANAGER_IP" >> ${CONFIG} - echo USER_ENABLE_SYSCHECK="y" >> ${CONFIG} - echo USER_ENABLE_ROOTCHECK="y" >> ${CONFIG} - echo USER_ENABLE_OPENSCAP="n" >> ${CONFIG} - echo USER_ENABLE_CISCAT="n" >> ${CONFIG} - echo USER_ENABLE_ACTIVE_RESPONSE="y" >> ${CONFIG} - echo USER_CA_STORE="n" >> ${CONFIG} -} - -function build() { - - configure - - if [ -z "${USER_BINARYINSTALL}" ]; then - make -C ${SOURCES_PATH}/src deps TARGET=agent - - echo "Generating Wazuh executables" - make -j$JOBS -C ${SOURCES_PATH}/src DYLD_FORCE_FLAT_NAMESPACE=1 TARGET=agent build - fi - - echo "Running install script" - ${SOURCES_PATH}/install.sh - - find ${DESTINATION_PATH}/ruleset/sca/ -type f -exec rm -f {} \; - - # Add the auxiliar script used while installing the package - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/ - cp ${SOURCES_PATH}/gen_ossec.sh ${INSTALLATION_SCRIPTS_DIR}/ - cp ${SOURCES_PATH}/add_localfiles.sh ${INSTALLATION_SCRIPTS_DIR}/ - - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/src/init - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config/{generic,darwin} - - cp -r ${SOURCES_PATH}/etc/templates/config/generic ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config - cp -r ${SOURCES_PATH}/etc/templates/config/darwin ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config - - find ${SOURCES_PATH}/src/init/ -name *.sh -type f -exec install -m 0640 {} ${INSTALLATION_SCRIPTS_DIR}/src/init \; - - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/sca/generic - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/{15,16,17,18,20} - - cp -r ${SOURCES_PATH}/ruleset/sca/darwin ${INSTALLATION_SCRIPTS_DIR}/sca - cp -r ${SOURCES_PATH}/ruleset/sca/generic ${INSTALLATION_SCRIPTS_DIR}/sca - cp ${SOURCES_PATH}/etc/templates/config/generic/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/generic/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/15/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/15/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/16/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/16/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/17/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/17/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/18/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/18/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/19/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/19/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/20/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/20/ - - cp ${SOURCES_PATH}/src/VERSION ${INSTALLATION_SCRIPTS_DIR}/src/ - cp ${SOURCES_PATH}/src/REVISION ${INSTALLATION_SCRIPTS_DIR}/src/ -} - -build diff --git a/macos/package_files/4.2.3/postinstall.sh b/macos/package_files/4.2.3/postinstall.sh deleted file mode 100755 index 7b269fc216..0000000000 --- a/macos/package_files/4.2.3/postinstall.sh +++ /dev/null @@ -1,124 +0,0 @@ -#! /bin/bash -# By Spransy, Derek" and Charlie Scott -# Modified by Santiago Bassett (http://www.wazuh.com) - Feb 2016 -# alterations by bil hays 2013 -# -Switched to bash -# -Added some sanity checks -# -Added routine to find the first 3 contiguous UIDs above 100, -# starting at 600 puts this in user space -# -Added lines to append the ossec users to the group ossec -# so the the list GroupMembership works properly -GROUP="ossec" -USER="ossec" -DIR="/Library/Ossec" -INSTALLATION_SCRIPTS_DIR="${DIR}/packages_files/agent_installation_scripts" -SCA_BASE_DIR="${INSTALLATION_SCRIPTS_DIR}/sca" - -if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then - rm -rf ${DIR}/etc/{ossec.conf,client.keys,local_internal_options.conf,shared} - cp -rf ${DIR}/config_files/{ossec.conf,client.keys,local_internal_options.conf,shared} ${DIR}/etc/ - rm -rf ${DIR}/config_files/ -fi - -# Default for all directories -chmod -R 750 ${DIR}/ -chown -R root:${GROUP} ${DIR}/ - -chown -R root:wheel ${DIR}/bin -chown -R root:wheel ${DIR}/lib - -# To the ossec queue (default for agentd to read) -chown -R ${USER}:${GROUP} ${DIR}/queue/{alerts,diff,sockets,rids} - -chmod -R 770 ${DIR}/queue/{alerts,sockets} -chmod -R 750 ${DIR}/queue/{diff,sockets,rids} - -# For the logging user -chmod 770 ${DIR}/logs -chown -R ${USER}:${GROUP} ${DIR}/logs -find ${DIR}/logs/ -type d -exec chmod 750 {} \; -find ${DIR}/logs/ -type f -exec chmod 660 {} \; - -chown -R root:${GROUP} ${DIR}/tmp -chmod 1750 ${DIR}/tmp - -chmod 770 ${DIR}/etc -chown ${USER}:${GROUP} ${DIR}/etc -chmod 640 ${DIR}/etc/internal_options.conf -chown root:${GROUP} ${DIR}/etc/internal_options.conf -chmod 640 ${DIR}/etc/local_internal_options.conf -chown root:${GROUP} ${DIR}/etc/local_internal_options.conf -chmod 640 ${DIR}/etc/client.keys -chown root:${GROUP} ${DIR}/etc/client.keys -chmod 640 ${DIR}/etc/localtime -chmod 770 ${DIR}/etc/shared # ossec must be able to write to it -chown -R root:${GROUP} ${DIR}/etc/shared -find ${DIR}/etc/shared/ -type f -exec chmod 660 {} \; -chown root:${GROUP} ${DIR}/etc/ossec.conf -chmod 660 ${DIR}/etc/ossec.conf - - -chmod 770 ${DIR}/.ssh - -# For the /var/run -chmod -R 770 ${DIR}/var -chown -R root:${GROUP} ${DIR}/var - -. ${INSTALLATION_SCRIPTS_DIR}/src/init/dist-detect.sh - -upgrade=$(launchctl getenv WAZUH_PKG_UPGRADE) -restart=$(launchctl getenv WAZUH_RESTART) - -launchctl unsetenv WAZUH_PKG_UPGRADE -launchctl unsetenv WAZUH_RESTART - -if [ "${upgrade}" = "false" ]; then - ${INSTALLATION_SCRIPTS_DIR}/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} ${DIR} > ${DIR}/etc/ossec.conf - chown root:ossec ${DIR}/etc/ossec.conf - chmod 0640 ${DIR}/etc/ossec.conf -fi - -SCA_DIR="${DIST_NAME}/${DIST_VER}" -mkdir -p ${DIR}/ruleset/sca - -SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" - -# Install the configuration files needed for this hosts -if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" -else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" -fi - -SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - -if [ -r ${SCA_TMP_FILE} ]; then - - rm -f ${DIR}/ruleset/sca/* || true - - for sca_file in $(cat ${SCA_TMP_FILE}); do - mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca - done -fi - -# Register and configure agent if Wazuh environment variables are defined -${INSTALLATION_SCRIPTS_DIR}/src/init/register_configure_agent.sh ${DIR} > /dev/null || : - -# Install the service -${INSTALLATION_SCRIPTS_DIR}/src/init/darwin-init.sh ${DIR} - -# Remove temporary directory -rm -rf ${DIR}/packages_files - -# Remove 4.1.5 patch -if [ -f ${DIR}/queue/alerts/sockets ]; then - rm ${DIR}/queue/alerts/sockets -fi - -if ${upgrade} && ${restart}; then - ${DIR}/bin/wazuh-control restart -fi diff --git a/macos/package_files/4.2.3/preinstall.sh b/macos/package_files/4.2.3/preinstall.sh deleted file mode 100755 index 3b97800f41..0000000000 --- a/macos/package_files/4.2.3/preinstall.sh +++ /dev/null @@ -1,228 +0,0 @@ -#! /bin/bash -# By Spransy, Derek" and Charlie Scott -# Modified by Wazuh, Inc. . -# This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2 - -##### -# This checks for an error and exits with a custom message -# Returns zero on success -# $1 is the message -# $2 is the error code - -DIR="/Library/Ossec" - -if [ ! -d ${DIR} ]; then - launchctl setenv WAZUH_PKG_UPGRADE false -else - launchctl setenv WAZUH_PKG_UPGRADE true - if ${DIR}/bin/wazuh-control status | grep "is running" > /dev/null 2>&1; then - launchctl setenv WAZUH_RESTART true - elif ${DIR}/bin/ossec-control status | grep "is running" > /dev/null 2>&1; then - launchctl setenv WAZUH_RESTART true - else - launchctl setenv WAZUH_RESTART false - fi -fi - -# Stops the agent before upgrading it -if [ -f ${DIR}/bin/wazuh-control ]; then - ${DIR}/bin/wazuh-control stop -elif [ -f ${DIR}/bin/ossec-control ]; then - ${DIR}/bin/ossec-control stop -fi - -if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then - mkdir -p ${DIR}/config_files/ - cp -r ${DIR}/etc/{ossec.conf,client.keys,local_internal_options.conf,shared} ${DIR}/config_files/ - - if [ -d ${DIR}/logs/ossec ]; then - mv ${DIR}/logs/ossec ${DIR}/logs/wazuh - fi - - if [ -d ${DIR}/queue/ossec ]; then - mv ${DIR}/queue/ossec ${DIR}/queue/sockets - fi -fi - -if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then - if pkgutil --pkgs | grep -i wazuh-agent-etc > /dev/null 2>&1 ; then - pkgutil --forget com.wazuh.pkg.wazuh-agent-etc - fi -fi - -if [[ ! -f "/usr/bin/dscl" ]] - then - echo "Error: I couldn't find dscl, dying here"; - exit -fi - -DSCL="/usr/bin/dscl"; - -function check_errm -{ - if [[ ${?} != "0" ]] - then - echo "${1}"; - exit ${2}; - fi -} - -# get unique id numbers (uid, gid) that are greater than 100 -unset -v i new_uid new_gid idvar; -declare -i new_uid=0 new_gid=0 i=100 idvar=0; -while [[ $idvar -eq 0 ]]; do - i=$[i+1] - if [[ -z "$(/usr/bin/dscl . -search /Users uid ${i})" ]] && [[ -z "$(/usr/bin/dscl . -search /Groups gid ${i})" ]]; - then - new_uid=$i - new_gid=$i - idvar=1 - #break - fi -done - -echo "UID available for ossec user is:"; -echo ${new_uid} - -# Verify that the uid and gid exist and match -if [[ $new_uid -eq 0 ]] || [[ $new_gid -eq 0 ]]; - then - echo "Getting unique id numbers (uid, gid) failed!"; - exit 1; -fi -if [[ ${new_uid} != ${new_gid} ]] - then - echo "I failed to find matching free uid and gid!"; - exit 5; -fi - -# Creating the group -if [[ $(dscl . -read /Groups/ossec) ]] - then - echo "ossec group already exists."; -else - sudo ${DSCL} localhost -create /Local/Default/Groups/ossec - check_errm "Error creating group ossec" "67" - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec PrimaryGroupID ${new_gid} - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RealName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordType: dsRecTypeStandard:Groups - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec Password "*" -fi - -# Creating the user -if [[ $(dscl . -read /Users/ossec) ]] - then - echo "ossec user already exists."; -else - sudo ${DSCL} localhost -create /Local/Default/Users/ossec - check_errm "Error creating user ossec" "77" - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RecordName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RealName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UserShell /usr/bin/false - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec NFSHomeDirectory /var/ossec - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UniqueID ${new_uid} - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec PrimaryGroupID ${new_gid} - sudo ${DSCL} localhost -append /Local/Default/Groups/ossec GroupMembership ossec -sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec Password "*" -fi - -#Hide the fixed users -dscl . create /Users/ossec IsHidden 1 - -sudo tee /Library/LaunchDaemons/com.wazuh.agent.plist <<-'EOF' - - - - - Label - com.wazuh.agent - ProgramArguments - - /Library/StartupItems/WAZUH/launcher.sh - - RunAtLoad - - - -EOF -chown root:wheel /Library/LaunchDaemons/com.wazuh.agent.plist -chmod u=rw-,go=r-- /Library/LaunchDaemons/com.wazuh.agent.plist - -sudo mkdir /Library/StartupItems/WAZUH -chown root:wheel /Library/StartupItems/WAZUH - -sudo tee /Library/StartupItems/WAZUH/WAZUH <<-'EOF' -#!/bin/sh -. /etc/rc.common - -DIRECTORY="/Library/Ossec" - -StartService () -{ - ${DIRECTORY}/bin/wazuh-control start -} -StopService () -{ - ${DIRECTORY}/bin/wazuh-control stop -} -RestartService () -{ - ${DIRECTORY}/bin/wazuh-control restart -} -RunService "$1" -EOF -chown root:wheel /Library/StartupItems/WAZUH/WAZUH -chmod u=rwx,go=r-x /Library/StartupItems/WAZUH/WAZUH - -sudo tee /Library/StartupItems/WAZUH/StartupParameters.plist <<-'EOF' - - - - - Description - WAZUH Security agent - Messages - - start - Starting Wazuh agent - stop - Stopping Wazuh agent - - Provides - - WAZUH - - Requires - - IPFilter - - - -EOF -chown root:wheel /Library/StartupItems/WAZUH/StartupParameters.plist -chmod u=rw-,go=r-- /Library/StartupItems/WAZUH/StartupParameters.plist - -sudo tee /Library/StartupItems/WAZUH/launcher.sh <<-'EOF' -#!/bin/sh - -DIRECTORY="/Library/Ossec" - -capture_sigterm() { - ${DIRECTORY}/bin/wazuh-control stop - exit $? -} - -if ! ${DIRECTORY}/bin/wazuh-control start; then - ${DIRECTORY}/bin/wazuh-control stop -fi - -while : ; do - trap capture_sigterm SIGTERM - sleep 3 -done -EOF - -chown root:wheel /Library/StartupItems/WAZUH/launcher.sh -chmod u=rxw-,go=rx- /Library/StartupItems/WAZUH/launcher.sh