[Pkg-ossec-devel] [SCM] Git repository for pkg-ossec branch, debian, updated. b87434475b559d7b77f4effa3fdc4240fe0a51ba

Javier Fernandez-Sanguino jfs at debian.org
Sat Jul 30 16:55:41 UTC 2011 

The following commit has been merged in the debian branch:
commit b87434475b559d7b77f4effa3fdc4240fe0a51ba
Author: Javier Fernandez-Sanguino <jfs at debian.org>
Date:   Sat Jul 30 18:55:35 2011 +0200

    Change directory permissions in postinst, once they have been created

diff --git a/debian/ossec-hids-server.postinst b/debian/ossec-hids-server.postinst
index 6c1822d..b319959 100644
--- a/debian/ossec-hids-server.postinst
+++ b/debian/ossec-hids-server.postinst
@@ -3,6 +3,14 @@
 . /usr/share/debconf/confmodule
 test $DEBIAN_SCRIPT_DEBUG && set -v -x
 
+# Initialise variables
+OSSECUSER="ossec"
+OSSECGROUP="ossec"
+LOGDIR="/var/log/ossec"
+HOMEDIR="/var/ossec"
+CONF_FILE=/etc/ossec/ossec-init.conf
+
+
 # summary of how this script can be called:
 #        * <postinst> `configure' <most-recently-configured-version>
 #        * <old-postinst> `abort-upgrade' <new version>
@@ -40,16 +48,52 @@ case "$1" in
 	[ -z "$EMAIL_SERVER" ] && EMAIL_SERVER="127.0.0.1"
 	[ -z "$SYSLOG" ] && SYSLOG="no"
 
+	db_stop
+
         # TODO - configure the configuration file
 
-        CONF_FILE=/etc/ossec/ossec-init.conf
+	# 5. adjust file and directory permissions
         if ! dpkg-statoverride --list ${CONF_FILE} >/dev/null && [ -e ${CONF_FILE} ] 
         then
             chown ossec:ossec ${CONF_FILE}
             chmod 640 ${CONF_FILE}
 	fi
 
-	db_stop
+	if ! dpkg-statoverride --list $LOGDIR >/dev/null
+	then
+		chown -R $OSSECUSER:adm $LOGDIR
+		chmod u=rwx,g=rxs,o= $LOGDIR
+	fi
+
+        { 
+        cat <<EOF
+queue/alerts     ossec:ossec 770
+queue/ossec      ossec:ossec 770
+queue/fts        ossec:ossec 750
+queue/syscheck   ossec:ossec 750
+queue/rootcheck  ossec:ossec 750
+queue/diff       ossec:ossec 750
+queue/agent-info ossec:ossec 755
+queue/rids       ossec:ossec 755
+queue/agentless  ossec:ossec 755
+stats            ossec:ossec 750
+EOF
+        } | while read dir owner mode; do
+                if ! echo "$dir" | grep -q "^/" ; then
+                    location=${HOMEDIR}$dir
+                else
+                    location=$dir
+                fi
+	        if ! dpkg-statoverride --list ${HOMEDIR}$dir  >/dev/null
+                then
+                    if [ -e "${HOMEDIR}$dir" ] then
+                        chown $owner ${HOMEDIR}$dir
+                        chmod $mode ${HOMEDIR}$dir
+                    else
+                        echo "ERROR: Could not find ${HOMEDIR}$dir, please send a bug the maintainer of ossec" >&2
+                    fi
+                fi
+        done
 
 	# Update the rc.d's
 	update-rc.d ossec-hids-server defaults >/dev/null
@@ -76,3 +120,23 @@ esac
 #DEBHELPER#
 
 exit 0
+
+        
+
+    ;;
+    configure)
+    ;;
+    abort-upgrade)
+    ;;
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 0
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0

-- 
Git repository for pkg-ossec

More information about the Pkg-ossec-devel mailing list