aboutsummaryrefslogtreecommitdiff
path: root/system/ossec-local
diff options
context:
space:
mode:
authorMario Preksavec <mario@slackware.hr>2020-03-13 00:51:53 +0100
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2020-03-14 08:46:19 +0700
commite97f9a1b0b3bdc11b0ab09f6a7f475b1a5afc990 (patch)
treed685961d0ef5c0218770978a45f588251f86c685 /system/ossec-local
parentb08ae04f38fd92752a5c94eae9e0722d193fbe79 (diff)
system/ossec-local: Updated for version 3.6.0.
Signed-off-by: Mario Preksavec <mario@slackware.hr>
Diffstat (limited to 'system/ossec-local')
-rw-r--r--system/ossec-local/README9
-rw-r--r--system/ossec-local/ossec-local.SlackBuild19
-rw-r--r--system/ossec-local/ossec-local.info8
3 files changed, 28 insertions, 8 deletions
diff --git a/system/ossec-local/README b/system/ossec-local/README
index f9733320313b..abc215b6ebbe 100644
--- a/system/ossec-local/README
+++ b/system/ossec-local/README
@@ -2,4 +2,13 @@ OSSEC is an Open Source Host-based Intrusion Detection System that performs log
analysis, file integrity checking, policy monitoring, rootkit detection,
real-time alerting and active response.
+The following build options are available:
+
+ GEOIP=yes Enable GeoIP support (requires GeoIP)
+ INOTIFY=yes Enable inotify for monitoring filesystem events
+
+Example of enabling the GeoIP and inotify support:
+
+ GEOIP=yes INOTIFY=yes ./ossec-local.SlackBuild
+
See README.SLACKWARE for installation instructions.
diff --git a/system/ossec-local/ossec-local.SlackBuild b/system/ossec-local/ossec-local.SlackBuild
index 51a29e778626..5001c1db237a 100644
--- a/system/ossec-local/ossec-local.SlackBuild
+++ b/system/ossec-local/ossec-local.SlackBuild
@@ -23,7 +23,7 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM=ossec-local
-VERSION=${VERSION:-2.9.1}
+VERSION=${VERSION:-3.6.0}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
@@ -61,6 +61,14 @@ USERID_MAIL=${USERID_MAIL:-334}
USERID_REMOTE=${USERID_REMOTE:-335}
GROUPID=${GROUPID:-333}
+if [ "$GEOIP" != "yes" ]; then
+ GEOIP=no
+fi
+
+if [ "$INOTIFY" != "yes" ]; then
+ INOTIFY=no
+fi
+
if ! grep ^ossec: /etc/group 2>&1 > /dev/null \
|| ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then
echo -e "\n You must have ossec users and a group to run this script\n"
@@ -113,8 +121,10 @@ sed -e 's|\(./init/adduser.sh.*\)|#\1|' \
# There is no configure script and install.sh is a bit limited
( cd src
- make PREFIX=$PKG/var/ossec TARGET=local build
- make PREFIX=$PKG/var/ossec TARGET=local install
+ make USE_GEOIP=$GEOIP USE_INOTIFY=$INOTIFY \
+ PREFIX=$PKG/var/ossec TARGET=local build
+ make USE_GEOIP=$GEOIP USE_INOTIFY=$INOTIFY \
+ PREFIX=$PKG/var/ossec TARGET=local install
)
# Prepare system /etc
@@ -141,7 +151,8 @@ find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | gr
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
-cp -a BUGS CHANGELOG CONFIG CONTRIBUTORS LICENSE README.md doc/{*.txt,README.*} \
+cp -a BUGS CHANGELOG.md CONFIG CONTRIBUTORS INSTALL LICENSE README.md SUPPORT.md \
+ doc/{*.txt,README.*} \
$CWD/README.SLACKWARE $PKG/usr/doc/$PRGNAM-$VERSION
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
diff --git a/system/ossec-local/ossec-local.info b/system/ossec-local/ossec-local.info
index f195b5f1fae4..8deedf1ab306 100644
--- a/system/ossec-local/ossec-local.info
+++ b/system/ossec-local/ossec-local.info
@@ -1,10 +1,10 @@
PRGNAM="ossec-local"
-VERSION="2.9.1"
+VERSION="3.6.0"
HOMEPAGE="https://ossec.github.io/"
-DOWNLOAD="https://github.com/ossec/ossec-hids/archive/2.9.1/ossec-hids-2.9.1.tar.gz"
-MD5SUM="51eb7958a752a8f1651395b1fe61e864"
+DOWNLOAD="https://github.com/ossec/ossec-hids/archive/3.6.0/ossec-hids-3.6.0.tar.gz"
+MD5SUM="03fe101f736e834b3804bac8bb4aa980"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
-REQUIRES=""
+REQUIRES="pcre2"
MAINTAINER="Mario Preksavec"
EMAIL="mario at slackware dot hr"