[Pkg-ossec-devel] [SCM] Git repository for pkg-ossec branch, master, updated. f89fb2c00b1a2606035e5cd0e35b4ebe99f049ac

Wed Aug 29 16:31:37 UTC 2012

The following commit has been merged in the master branch:
commit 22a3c1ea845d90d55845dc1ad73680b7998f8009
Author: Javier Fernandez-Sanguino <jfs at debian.org>
Date:   Wed Aug 29 13:39:03 2012 +0200

    Add scripts to create and update an OSSEC chroot based on the contents distributed in the package

diff --git a/debian/ossec-hids-create-chroot b/debian/ossec-hids-create-chroot
new file mode 100755
index 0000000..ee21b7f
--- /dev/null
+++ b/debian/ossec-hids-create-chroot
@@ -0,0 +1,113 @@
+#!/bin/sh
+# 
+# Script to create a chroot for OSSEC using as a basis
+# the contents of the DIRECTORY definition in /etc/ossec-init.conf
+#
+# (c) 2012 Javier Fernandez-Sanguino <jfs at debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+
+
+INSTALLDIR=/var/ossec   # Directory where OSSEC is installed
+CHROOTDIR=/var/chroot/ossec # Directory where we create the chroot
+ORIG_TARGET_FILE=.ossec-orig-target # File that describes the original directory and the symlinks made
+verbose="no"
+changed_chroot="no"
+
+sanity_check() {
+	if [ -e "$CHROOTDIR" ] ; then
+		echo "ERROR: The chroot directory ($CHROOTDIR) already exists."
+		echo "ERROR: If you want to update the contents use the ossec-hids-update-chroot script instead."
+		echo "To recreate the chroot, remove the directory manually and rerun the script."
+		exit 1
+	fi
+	if [ ! -e "$INSTALLDIR" ] ; then
+		echo "ERROR: The OSSEC installation directory ($INSTALLDIR) does not exist."
+		echo "Is one of the ossec-hids packages installed?"
+		exit 1
+	fi
+	if [ ! -e "${INSTALLDIR}/${ORIG_TARGET_FILE}" ] ; then
+		echo "ERROR: Cannot find the ${ORIG_TARGET_FILE} in ${INSTALLDIR}."
+		exit 1
+	fi
+}
+
+parse_args() {
+	while [ x"$1" != x ]; do
+		case $1 in
+			-h) 
+				helpmsg
+				exit 0;;
+			-v) 
+				verbose=yes
+				shift
+				continue;;
+			-*)
+				echo "WARNING: Unknown option $1"
+				shift
+				continue;;
+			*)
+				if [ "$changed_chroot" = "no" ]; then
+					CHROOTDIR=$1 # Argument changes the chroot directory
+					changed_chroot=yes
+					shift
+				else 
+					echo "ERROR: Too many arguments"
+					exit 1
+				fi
+				continue;;
+		esac
+	done	
+
+}
+
+helpmsg() {
+
+	echo "Usage: $0 [chroot_directory]"
+	echo "Creates a chroot directory for OSSEC."
+	echo "By default the directory is created in $CHROOTDIR."
+}
+
+parse_args $*
+sanity_check
+
+# Chreate the chroot directory
+[ "$verbose" = "yes" ] && echo "INFO: Creating chroot directory"
+mkdir -p $CHROOTDIR
+if [ ! -e "$CHROOTDIR" ] ; then
+	echo "ERROR: Could not create the chroot directory ($CHROOTDIR)"
+	exit 1
+fi
+
+# Now copy the contents of DIRECTORY
+cpargs=""
+[ "$verbose" = "yes" ] && echo "INFO: Copying the contents into $CHROOTDIR"
+[ "$verbose" = "yes" ] && cpargs="-v"
+cp -aPu $cpargs $INSTALLDIR/* $CHROOTDIR
+
+# Now go through the symlinks and copy the contents of the directories instead
+cat "${INSTALLDIR}/${ORIG_TARGET_FILE}" |
+grep -v ^# |
+while read linkdir targetdir; do
+	chrootlinkdir=`echo $linkdir | sed -e "s|^$INSTALLDIR|$CHROOTDIR|"`
+	if [ ! -L "$chrootlinkdir" ] ; then
+		echo "WARNING: $chrootlinkdir is not a symbolic link, not touching it" 
+	else
+		[ "$verbose" = "yes" ] && echo "INFO: Recreating $chrootlinkdir and copying files from $targetdir"
+		rm $chrootlinkdir # Remove symbolic link
+		mkdir -p $chrootlinkdir  # Recreate the directory
+		# only copy if there are any files there
+		if [ -n "`ls  $targetdir/* 2>/dev/null`" ] ; then
+			cp -aPu $cpargs $targetdir/* $chrootlinkdir
+		fi
+	fi
+done
+
+echo "A chroot for OSSEC has been created in $CHROOTDIR."
+echo "You have to manually adjust the configuration file /etc/ossec-init.conf to use it."
+
+exit 0
+
diff --git a/debian/ossec-hids-update-chroot b/debian/ossec-hids-update-chroot
new file mode 100755
index 0000000..270a7ed
--- /dev/null
+++ b/debian/ossec-hids-update-chroot
@@ -0,0 +1,116 @@
+#!/bin/sh
+# 
+# Script to update a chroot for OSSEC using as a basis
+# the contents of the DIRECTORY definition in /etc/ossec-init.conf
+#
+# (c) 2012 Javier Fernandez-Sanguino <jfs at debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+
+INSTALLDIR=/var/ossec   # Directory where OSSEC is installed
+ORIG_TARGET_FILE=.ossec-orig-target # File that describes the original directory and the symlinks made
+verbose="no"
+changed_chroot="no"
+
+# Source /etc/ossec-init.conf
+[ -r /etc/ossec-init.conf ] && . /etc/ossec-init.conf
+CHROOTDIR=$DIRECTORY
+
+
+sanity_check() {
+	if [ ! -r /etc/ossec-init.conf ] ; then
+		echo "ERROR: Cannot read /etc/ossec-init.conf. Aborting."
+		exit 1
+	fi
+
+	if [ -z "$DIRECTORY" ] ; then
+		echo "ERROR: DIRECTORY variable not defined in /etc/ossec-init.conf. Aborting"
+		exit 1
+	fi
+
+	if [ "$DIRECTORY" = "/var/ossec" ] ; then
+		echo "ERROR: DIRECTORY variable in /etc/ossec-init.conf does not point to a chroot."
+		echo "Please fix this and rerun this script. Aborting."
+		exit 1
+	fi
+
+	if [ ! -e "$CHROOTDIR" ] ; then
+		echo "ERROR: The chroot directory ($CHROOTDIR) does not exist."
+		echo "ERROR: If you want to create it use the ossec-hids-create-chroot script instead."
+		exit 1
+	fi
+	if [ ! -e "$INSTALLDIR" ] ; then
+		echo "ERROR: The OSSEC installation directory ($INSTALLDIR) does not exist."
+		echo "Is one of the ossec-hids packages installed?"
+		exit 1
+	fi
+	if [ ! -e "${INSTALLDIR}/${ORIG_TARGET_FILE}" ] ; then
+		echo "ERROR: Cannot find the ${ORIG_TARGET_FILE} in ${INSTALLDIR}."
+		exit 1
+	fi
+}
+
+parse_args() {
+	while [ x"$1" != x ]; do
+		case $1 in
+			-h) 
+				helpmsg
+				exit 0;;
+			-v) 
+				verbose=yes
+				shift
+				continue;;
+			-*)
+				echo "WARNING: Unknown option $1"
+				shift
+				continue;;
+			*)
+				if [ "$changed_chroot" = "no" ]; then
+					CHROOTDIR=$1 # Argument changes the chroot directory
+					changed_chroot=yes
+					shift
+				else 
+					echo "ERROR: Too many arguments"
+					exit 1
+				fi
+				continue;;
+		esac
+	done	
+
+}
+
+helpmsg() {
+
+	echo "Usage: $0 [chroot_directory]"
+	echo "Updates OSSEC's chroot directory."
+}
+
+parse_args $*
+sanity_check
+
+# Chreate the chroot directory
+[ "$verbose" = "yes" ] && echo "INFO: Creating chroot directory"
+
+# Go through the symlinks and copy the contents of the directories instead
+cat "${INSTALLDIR}/${ORIG_TARGET_FILE}" |
+grep -v ^# |
+while read linkdir targetdir; do
+	chrootlinkdir=`echo $linkdir | sed -e "s|^$INSTALLDIR|$CHROOTDIR|"`
+	if [ ! -e "$chrootlinkdir" ] ; then
+		echo "ERROR: $chrootlinkdir does not exist"
+	else
+		[ "$verbose" = "yes" ] && echo "INFO: Updating files in $chrootlinkdir (from $targetdir)"
+		# only copy if there are any files there
+		if [ -n "`ls  $targetdir/* 2>/dev/null`" ] ; then
+			cp -aPu $cpargs $targetdir/* $chrootlinkdir
+		fi
+	fi
+done
+
+echo "The OSSEC chroot at $CHROOTDIR has been updated."
+
+exit 0
+

-- 
Git repository for pkg-ossec

