-
Notifications
You must be signed in to change notification settings - Fork 94
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
wazuhci
committed
May 30, 2022
1 parent
6e08feb
commit ae47d50
Showing
36 changed files
with
8,401 additions
and
0 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,128 @@ | ||
pkgname=wazuh-agent | ||
pkgver=PARAM_VERSION | ||
pkgrel=PARAM_RELEASE | ||
pkgdesc="Wazuh agent" | ||
arch=(x86_64) | ||
url='https://github.com/wazuh/wazuh' | ||
license=(GPL2) | ||
source=('PARAM_SOURCE_FILE' | ||
'wazuh.sysusers') | ||
sha512sums=('SKIP' | ||
'adce723356b0b533854700d4c367cedf4caba13146e1b754d60e72939d301d248a48f7b61d82c9104616f1e7720e4712cca9f37d3d4de37f1d0b5581c159f3d6') | ||
depends=('python' 'brotli') | ||
noextract=('PARAM_SOURCE_FILE') | ||
backup=('PARAM_INSTALLATION_BACKUP_DIR/etc/client.keys' | ||
'PARAM_INSTALLATION_BACKUP_DIR/etc/local_internal_options.conf' | ||
'PARAM_INSTALLATION_BACKUP_DIR/etc/ossec.conf') | ||
install=wazuh.install | ||
|
||
build() { | ||
mkdir -p ${srcdir}/wazuh | ||
tar xzf ${srcdir}/"PARAM_SOURCE_FILE" -C ${srcdir}/wazuh | ||
cd ${srcdir}/wazuh | ||
make -C src deps | ||
make -jPARAM_JOBS -C src TARGET=agent DEBUG=PARAM_DEBUG PREFIX="PARAM_INSTALLATION_DIR" | ||
|
||
rm -f /tmp/fake-install.saved | ||
USER_LANGUAGE="en" \ | ||
USER_NO_STOP="y" \ | ||
USER_INSTALL_TYPE="agent" \ | ||
USER_DIR="PARAM_INSTALLATION_DIR" \ | ||
USER_DELETE_DIR="n" \ | ||
USER_ENABLE_ACTIVE_RESPONSE="y" \ | ||
USER_ENABLE_SYSCHECK="y" \ | ||
USER_ENABLE_ROOTCHECK="y" \ | ||
USER_ENABLE_OPENSCAP="y" \ | ||
USER_ENABLE_CISCAT="y" \ | ||
USER_ENABLE_SYSCOLLECTOR="y" \ | ||
USER_UPDATE="n" \ | ||
USER_AGENT_SERVER_IP="MANAGER_IP" \ | ||
USER_CA_STORE="/path/to/my_cert.pem" \ | ||
USER_AUTO_START="n" \ | ||
fakeroot ./install.sh | ||
|
||
echo "#!/bin/sh" > ${srcdir}/wazuh/fix_owner.sh | ||
cat /tmp/fake-install.saved >> ${srcdir}/wazuh/fix_owner.sh | ||
chmod +x ${srcdir}/wazuh/fix_owner.sh | ||
} | ||
|
||
package() { | ||
install -Dm0644 ${srcdir}/wazuh.sysusers ${pkgdir}/usr/lib/sysusers.d/wazuh.conf | ||
cd ${srcdir}/wazuh | ||
|
||
# Copying systemd file | ||
mkdir -p ${pkgdir}/usr/lib/systemd/system/ | ||
install -m 0644 src/init/templates/wazuh-agent.service ${pkgdir}/usr/lib/systemd/system/ | ||
|
||
# Generating permission restoration file for postinstall | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR" | ||
|
||
# Remove preinstalled log files | ||
rm -rf "PARAM_INSTALLATION_DIR"/logs/*.log | ||
rm -rf "PARAM_INSTALLATION_DIR"/logs/*.json | ||
|
||
# Clean the preinstalled configuration assesment files | ||
rm -rf ${pkgdir}/"PARAM_INSTALLATION_DIR"/ruleset/sca | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_DIR"/ruleset/sca | ||
|
||
# Copying to target | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_DIR"/ | ||
cp -rp "PARAM_INSTALLATION_DIR"/. ${pkgdir}/"PARAM_INSTALLATION_DIR"/ | ||
|
||
# Copying install scripts to /usr/share | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ | ||
cp -p gen_ossec.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ | ||
cp -p add_localfiles.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ | ||
cp -p fix_owner.sh ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR" | ||
|
||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src | ||
|
||
# Install configuration assesment files and files templates | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/applications | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/amzn/1 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/amzn/2 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/5 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/6 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/centos/7 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/15 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/16 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/17 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/darwin/18 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/7 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/8 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/debian/9 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/5 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/6 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/rhel/7 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sles/11 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sles/12 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/sunos | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/suse/11 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/suse/12 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/12/04 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/14/04 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/ubuntu/16/04 | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/windows | ||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sunos/5/11 | ||
|
||
cp -r ruleset/sca/* ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca | ||
|
||
cp etc/templates/config/generic/sca.files ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic | ||
cp etc/templates/config/generic/sca.manager.files ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/sca/generic | ||
|
||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src/init | ||
cp -r src/init/* ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/src/init | ||
|
||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/generic | ||
cp -r etc/templates/config/generic ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ | ||
|
||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/debian | ||
cp -r etc/templates/config/debian ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ | ||
|
||
mkdir -p ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ubuntu | ||
cp -r etc/templates/config/ubuntu ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/etc/templates/config/ | ||
|
||
# Generate ossec-init.conf | ||
./gen_ossec.sh conf agent $(lsb_release -si) $(lsb_release -sr) "PARAM_INSTALLATION_DIR" > ${pkgdir}/"PARAM_INSTALLATION_SCRIPTS_DIR"/ossec-init.conf | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
DIR="PARAM_INSTALLATION_DIR" | ||
SCRIPTS_DIR="PARAM_INSTALLATION_SCRIPTS_DIR" | ||
SCA_BASE_DIR="${SCRIPTS_DIR}/sca" | ||
USER="ossec" | ||
GROUP="ossec" | ||
|
||
common() { | ||
# Install the SCA files | ||
if [ -d "${SCA_BASE_DIR}" ]; then | ||
|
||
. ${SCRIPTS_DIR}/src/init/dist-detect.sh | ||
|
||
SCA_DIR="${DIST_NAME}/${DIST_VER}" | ||
|
||
SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" | ||
mkdir -p ${DIR}/ruleset/sca | ||
|
||
# Install the configuration files needed for this hosts | ||
if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then | ||
SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" | ||
elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then | ||
SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" | ||
elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then | ||
SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" | ||
else | ||
SCA_TMP_DIR="${SCA_BASE_DIR}/generic" | ||
fi | ||
|
||
SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" | ||
|
||
if [ -r ${SCA_TMP_FILE} ]; then | ||
|
||
for sca_file in $(cat ${SCA_TMP_FILE}); do | ||
cp ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca | ||
done | ||
fi | ||
|
||
# Set correct permissions, owner and group | ||
chmod 640 ${DIR}/ruleset/sca/* | ||
chown root:${GROUP} ${DIR}/ruleset/sca/* | ||
|
||
fi | ||
|
||
touch ${DIR}/logs/active-responses.log | ||
chown ossec:ossec ${DIR}/logs/active-responses.log | ||
chmod 0660 ${DIR}/logs/active-responses.log | ||
|
||
# Register and configure agent if Wazuh environment variables are defined | ||
if [ -z "$2" ] ; then | ||
${SCRIPTS_DIR}/src/init/register_configure_agent.sh > /dev/null || : | ||
fi | ||
|
||
# Restoring file permissions | ||
${SCRIPTS_DIR}/restore-permissions.sh > /dev/null 2>&1 || : | ||
|
||
# Fix /etc/ossec-init.conf | ||
chmod 640 /etc/ossec-init.conf | ||
chown root:ossec /etc/ossec-init.conf | ||
${SCRIPTS_DIR}/fix_owner.sh 2>/dev/null | ||
} | ||
|
||
post_upgrade() { | ||
${SCRIPTS_DIR}/gen_ossec.sh conf agent Arch rolling > ${DIR}/etc/ossec.conf.new | ||
chmod 660 ${DIR}/etc/ossec.conf.new | ||
|
||
common | ||
} | ||
|
||
post_install() { | ||
if ! getent group | grep -q "^ossec" ; then | ||
systemd-sysusers | ||
fi | ||
|
||
if [ -f ${SCRIPTS_DIR}/ossec-init.conf ] ; then | ||
cp ${SCRIPTS_DIR}/ossec-init.conf /etc/ossec-init.conf | ||
fi | ||
|
||
${SCRIPTS_DIR}/gen_ossec.sh conf agent Arch rolling > ${DIR}/etc/ossec.conf | ||
${SCRIPTS_DIR}/add_localfiles.sh >> ${DIR}/etc/ossec.conf | ||
|
||
common | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
u ossec - - - | ||
g ossec - - - |
Oops, something went wrong.