[Pkg-ossec-devel] [SCM] Git repository for pkg-ossec branch, debian, updated. f89fb2c00b1a2606035e5cd0e35b4ebe99f049ac
Javier Fernandez-Sanguino
jfs at debian.org
Wed Aug 29 12:57:39 UTC 2012
The following commit has been merged in the debian branch:
commit fe1d7972433f0e25a1eda4bd5c0c9cf718fadf0e
Author: Javier Fernandez-Sanguino <jfs at debian.org>
Date: Sun Aug 26 14:04:59 2012 +0200
Add new patch to disable chrooting the software by default
(Debian-specific)
diff --git a/debian/patches/03-disable-chroot-default.patch b/debian/patches/03-disable-chroot-default.patch
new file mode 100644
index 0000000..ebe7466
--- /dev/null
+++ b/debian/patches/03-disable-chroot-default.patch
@@ -0,0 +1,326 @@
+Index: pkg-ossec/src/addagent/main.c
+===================================================================
+--- pkg-ossec.orig/src/addagent/main.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/addagent/main.c 2012-08-26 14:01:57.000000000 +0200
+@@ -24,8 +24,8 @@
+ printf("\t-l List available agents.\n");
+ printf("\t-e <id> Extracts key for an agent (Manager only).\n");
+ printf("\t-i <id> Import authentication key (Agent only).\n\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+Index: pkg-ossec/src/analysisd/analysisd.c
+===================================================================
+--- pkg-ossec.orig/src/analysisd/analysisd.c 2012-08-26 14:01:17.000000000 +0200
++++ pkg-ossec/src/analysisd/analysisd.c 2012-08-26 14:01:57.000000000 +0200
+@@ -132,7 +132,7 @@
+ #endif
+ {
+ int c = 0, m_queue = 0, test_config = 0,run_foreground = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ char *dir = DEFAULTDIR;
+ char *user = USER;
+ char *group = GROUPGLOBAL;
+Index: pkg-ossec/src/analysisd/makelists.c
+===================================================================
+--- pkg-ossec.orig/src/analysisd/makelists.c 2012-08-26 14:01:17.000000000 +0200
++++ pkg-ossec/src/analysisd/makelists.c 2012-08-26 14:01:57.000000000 +0200
+@@ -67,8 +67,8 @@
+ print_out(" -g <group> Run as 'group'");
+ print_out(" -c <config> Read the 'config' file");
+ print_out(" -D <dir> Chroot to 'dir'");
+- print_out(" -N Do not chroot");
+- print_out(" -C Chroot the daemon (default behaviour)");
++ print_out(" -N Do not chroot (default behaviour)");
++ print_out(" -C Chroot the daemon");
+ print_out(" ");
+ exit(1);
+ }
+@@ -78,7 +78,7 @@
+ int main(int argc, char **argv)
+ {
+ int c = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ char *dir = DEFAULTDIR;
+ char *user = USER;
+ char *group = GROUPGLOBAL;
+Index: pkg-ossec/src/client-agent/main.c
+===================================================================
+--- pkg-ossec.orig/src/client-agent/main.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/client-agent/main.c 2012-08-26 14:01:57.000000000 +0200
+@@ -42,7 +42,7 @@
+
+ int uid = 0;
+ int gid = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+
+
+ /* Setting the name */
+Index: pkg-ossec/src/monitord/main.c
+===================================================================
+--- pkg-ossec.orig/src/monitord/main.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/monitord/main.c 2012-08-26 14:01:57.000000000 +0200
+@@ -19,7 +19,7 @@
+ int main(int argc, char **argv)
+ {
+ int c, test_config = 0, run_foreground = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ int uid=0,gid=0;
+ char *dir = DEFAULTDIR;
+ char *user = USER;
+Index: pkg-ossec/src/monitord/report.c
+===================================================================
+--- pkg-ossec.orig/src/monitord/report.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/monitord/report.c 2012-08-26 14:01:57.000000000 +0200
+@@ -24,8 +24,8 @@
+ printf("\t-r <filter> <value> Show related entries.\n");
+ printf("\t-n Creates a description for the report.\n");
+ printf("\t-s Show the alert dump.\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ printf("\n");
+ printf("\tFilters allowed: group, rule, level, location,\n");
+ printf("\t user, srcip, filename\n");
+@@ -43,7 +43,7 @@
+ {
+ int c, test_config = 0;
+ int uid=0,gid=0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ char *dir = DEFAULTDIR;
+ char *user = USER;
+ char *group = GROUPGLOBAL;
+Index: pkg-ossec/src/os_auth/main-server.c
+===================================================================
+--- pkg-ossec.orig/src/os_auth/main-server.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/os_auth/main-server.c 2012-08-26 14:01:57.000000000 +0200
+@@ -48,7 +48,7 @@
+ FILE *fp;
+ int c, test_config = 0;
+ int gid = 0, client_sock = 0, sock = 0, port = 1515, ret = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ char *dir = DEFAULTDIR;
+ char *user = USER;
+ char *group = GROUPGLOBAL;
+Index: pkg-ossec/src/os_csyslogd/main.c
+===================================================================
+--- pkg-ossec.orig/src/os_csyslogd/main.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/os_csyslogd/main.c 2012-08-26 14:01:57.000000000 +0200
+@@ -20,7 +20,7 @@
+ int main(int argc, char **argv)
+ {
+ int c, test_config = 0,run_foreground = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ int uid = 0,gid = 0;
+
+ /* Using MAILUSER (read only) */
+Index: pkg-ossec/src/os_dbd/main.c
+===================================================================
+--- pkg-ossec.orig/src/os_dbd/main.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/os_dbd/main.c 2012-08-26 14:01:57.000000000 +0200
+@@ -55,7 +55,7 @@
+ {
+ int c, test_config = 0, run_foreground = 0;
+ int uid = 0,gid = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+
+ /* Using MAILUSER (read only) */
+ char *dir = DEFAULTDIR;
+Index: pkg-ossec/src/os_maild/maild.c
+===================================================================
+--- pkg-ossec.orig/src/os_maild/maild.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/os_maild/maild.c 2012-08-26 14:01:57.000000000 +0200
+@@ -31,7 +31,7 @@
+ int main(int argc, char **argv)
+ {
+ int c, test_config = 0,run_foreground = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ int uid = 0,gid = 0;
+ char *dir = DEFAULTDIR;
+ char *user = MAILUSER;
+Index: pkg-ossec/src/remoted/main.c
+===================================================================
+--- pkg-ossec.orig/src/remoted/main.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/remoted/main.c 2012-08-26 14:01:57.000000000 +0200
+@@ -20,7 +20,7 @@
+ int i = 0,c = 0;
+ int uid = 0, gid = 0;
+ int test_config = 0,run_foreground = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+
+ char *cfg = DEFAULTCPATH;
+ char *dir = DEFAULTDIR;
+Index: pkg-ossec/src/shared/help.c
+===================================================================
+--- pkg-ossec.orig/src/shared/help.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/shared/help.c 2012-08-26 14:01:57.000000000 +0200
+@@ -35,8 +35,8 @@
+ print_out(" -g <group> Run as 'group'");
+ print_out(" -c <config> Read the 'config' file");
+ print_out(" -D <dir> Chroot to 'dir'");
+- print_out(" -N Do not chroot");
+- print_out(" -C Chroot the program (default behaviour)");
++ print_out(" -N Do not chroot (default behaviour)");
++ print_out(" -C Chroot the program");
+ print_out(" ");
+ exit(1);
+ }
+Index: pkg-ossec/src/util/agent_control.c
+===================================================================
+--- pkg-ossec.orig/src/util/agent_control.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/util/agent_control.c 2012-08-26 14:01:57.000000000 +0200
+@@ -34,8 +34,8 @@
+ printf("\t-f <ar> Used with -b, specifies which response to run.\n");
+ printf("\t-L List available active responses.\n");
+ printf("\t-s Changes the output to CSV (comma delimited).\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+@@ -56,7 +56,7 @@
+ int c = 0, restart_syscheck = 0, restart_all_agents = 0, list_agents = 0;
+ int info_agent = 0, agt_id = 0, active_only = 0, csv_output = 0;
+ int list_responses = 0, end_time = 0, restart_agent = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+
+ char shost[512];
+
+Index: pkg-ossec/src/util/clear_stats.c
+===================================================================
+--- pkg-ossec.orig/src/util/clear_stats.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/util/clear_stats.c 2012-08-26 14:01:57.000000000 +0200
+@@ -27,8 +27,8 @@
+ printf("\t-a Clear all the stats (averages).\n");
+ printf("\t-d Clear the daily averages.\n");
+ printf("\t-w Clear the weekly averages.\n\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+@@ -44,7 +44,7 @@
+ char *user = USER;
+ int gid;
+ int uid;
+- int do_chroot = 1;
++ int do_chroot = 0;
+
+
+ /* Setting the name */
+Index: pkg-ossec/src/util/list_agents.c
+===================================================================
+--- pkg-ossec.orig/src/util/list_agents.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/util/list_agents.c 2012-08-26 14:01:57.000000000 +0200
+@@ -25,8 +25,8 @@
+ printf("\t-a List all agents.\n");
+ printf("\t-c List the connected (active) agents.\n");
+ printf("\t-n List the not connected (active) agents.\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+@@ -43,7 +43,7 @@
+ int gid;
+ int uid;
+ int flag;
+- int do_chroot = 1;
++ int do_chroot = 0;
+
+
+ /* Setting the name */
+Index: pkg-ossec/src/util/rootcheck_control.c
+===================================================================
+--- pkg-ossec.orig/src/util/rootcheck_control.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/util/rootcheck_control.c 2012-08-26 14:01:57.000000000 +0200
+@@ -34,8 +34,8 @@
+ printf("\t-q Used with -i, prints all the outstanding issues.\n");
+ printf("\t-L Used with -i, prints the last scan.\n");
+ printf("\t-s Changes the output to CSV (comma delimited).\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+@@ -50,7 +50,7 @@
+
+ int gid = 0;
+ int uid = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ int c = 0, info_agent = 0, update_rootcheck = 0,
+ list_agents = 0, show_last = 0,
+ resolved_only = 0;
+Index: pkg-ossec/src/util/syscheck_control.c
+===================================================================
+--- pkg-ossec.orig/src/util/syscheck_control.c 2012-08-26 14:01:49.000000000 +0200
++++ pkg-ossec/src/util/syscheck_control.c 2012-08-26 14:02:17.000000000 +0200
+@@ -36,8 +36,8 @@
+ printf("\t-z Used with the -f, zeroes the auto-ignore counter.\n");
+ printf("\t-d Used with the -f, ignores that file.\n");
+ printf("\t-s Changes the output to CSV (comma delimited).\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+@@ -53,7 +53,7 @@
+
+ int gid = 0;
+ int uid = 0;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ int c = 0, info_agent = 0, update_syscheck = 0,
+ list_agents = 0, zero_counter = 0,
+ registry_only = 0;
+Index: pkg-ossec/src/util/syscheck_update.c
+===================================================================
+--- pkg-ossec.orig/src/util/syscheck_update.c 2012-08-26 14:01:18.000000000 +0200
++++ pkg-ossec/src/util/syscheck_update.c 2012-08-26 14:01:57.000000000 +0200
+@@ -27,8 +27,8 @@
+ printf("\t-a Update syscheck database for all agents.\n");
+ printf("\t-u <id> Update syscheck database for a specific agent.\n");
+ printf("\t-u local Update syscheck database locally.\n\n");
+- printf("\t-N Do not chroot.\n");
+- printf("\t-C Chroot the program (default behaviour).\n");
++ printf("\t-N Do not chroot (default behaviour).\n");
++ printf("\t-C Chroot the program.\n");
+ exit(1);
+ }
+
+@@ -41,7 +41,7 @@
+ char *user = USER;
+ int gid;
+ int uid;
+- int do_chroot = 1;
++ int do_chroot = 0;
+ int list_agents, update_agents = 0;
+ char *agent_id = NULL;
+
--
Git repository for pkg-ossec
More information about the Pkg-ossec-devel
mailing list