From 0854af9ee501e2ec7fabd27dcfb5672c2245aa87 Mon Sep 17 00:00:00 2001 From: Vincent BENOIT Date: Fri, 21 Jul 2023 13:22:41 +0000 Subject: [PATCH] =?UTF-8?q?mise=20=C3=A0=20jour=20de=20la=20recette=20wazu?= =?UTF-8?q?h-agent?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../wazuh/files-4.4/0001-Makefile.patch | 37 +- .../files-4.4/0002-headers-correction.patch | 418 ++++++++++++++++++ .../wazuh/files-4.4/0003-CMakeLists.patch | 190 +++++++- recipes-scanners/wazuh/wazuh-agent_4.4.0.bb | 275 ++++++------ 4 files changed, 760 insertions(+), 160 deletions(-) create mode 100644 recipes-scanners/wazuh/files-4.4/0002-headers-correction.patch diff --git a/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch b/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch index c6a36c7..4648030 100644 --- a/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch +++ b/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch @@ -1,8 +1,24 @@ diff --git a/src/Makefile b/src/Makefile -index 58eb041a33..c807ed5f3d 100644 +index 58eb041a33..9f5bc49238 100644 --- a/src/Makefile +++ b/src/Makefile -@@ -391,7 +391,7 @@ ifeq (,$(filter ${V},YES yes y Y 1)) +@@ -39,9 +39,12 @@ endif + + HAS_CHECKMODULE = $(shell command -v checkmodule > /dev/null && echo YES) + HAS_SEMODULE_PACKAGE = $(shell command -v semodule_package > /dev/null && echo YES) +-CHECK_ARCHLINUX := $(shell sh -c 'grep "Arch Linux" /etc/os-release > /dev/null && echo YES || echo not') +-CHECK_CENTOS5 := $(shell sh -c 'grep "CentOS release 5." /etc/redhat-release 2>&1 > /dev/null && echo YES || echo not') +-CHECK_ALPINE := $(shell sh -c 'grep "Alpine Linux" /etc/os-release 2>&1 > /dev/null && echo YES || echo not') ++#CHECK_ARCHLINUX := $(shell sh -c 'grep "Arch Linux" /etc/os-release > /dev/null && echo YES || echo not') ++#CHECK_CENTOS5 := $(shell sh -c 'grep "CentOS release 5." /etc/redhat-release 2>&1 > /dev/null && echo YES || echo not') ++#CHECK_ALPINE := $(shell sh -c 'grep "Alpine Linux" /etc/os-release 2>&1 > /dev/null && echo YES || echo not') ++CHECK_ARCHLINUX := not ++CHECK_CENTOS5 := not ++CHECK_ALPINE := not + + ARCH_FLAGS = + +@@ -391,7 +394,7 @@ ifeq (,$(filter ${V},YES yes y Y 1)) QUIET_ENDCOLOR= @printf '%b' ${ENDCOLOR} 1>&2; endif @@ -11,7 +27,7 @@ index 58eb041a33..c807ed5f3d 100644 ifeq (${TARGET}, winagent) # Avoid passing environment variables such CFLAGS to external Makefiles ifeq (${CC}, gcc) -@@ -447,8 +447,8 @@ endif #winagent +@@ -447,8 +450,8 @@ endif #winagent OSSEC_CC =${QUIET_CC}${MING_BASE}${CC} OSSEC_CCBIN =${QUIET_CCBIN}${MING_BASE}${CC} OSSEC_SHARED =${QUIET_CCBIN}${MING_BASE}${CC} -shared @@ -22,7 +38,7 @@ index 58eb041a33..c807ed5f3d 100644 OSSEC_WINDRES =${QUIET_CCBIN}${MING_BASE}windres -@@ -765,7 +765,7 @@ ifeq (${MAKECMDGOALS},agent) +@@ -765,7 +768,7 @@ ifeq (${MAKECMDGOALS},agent) $(error Do not use 'agent' directly, use 'TARGET=agent') endif @@ -31,7 +47,7 @@ index 58eb041a33..c807ed5f3d 100644 ifneq (${uname_S},HP-UX) ${MAKE} ${BUILD_CMAKE_PROJECTS} endif -@@ -883,6 +883,7 @@ ifeq (${uname_S},Darwin) +@@ -883,6 +886,7 @@ ifeq (${uname_S},Darwin) EXTERNAL_LIBS += ${LIBPLIST_LIB} endif @@ -39,7 +55,7 @@ index 58eb041a33..c807ed5f3d 100644 .PHONY: external test_external external: test_external $(EXTERNAL_LIBS) $(JEMALLOC_LIB) -@@ -1334,7 +1335,7 @@ endif +@@ -1334,7 +1338,7 @@ endif #################### WAZUHEXT_LIB = libwazuhext.$(SHARED) WAZUH_LIB = libwazuhshared.$(SHARED) @@ -48,3 +64,12 @@ index 58eb041a33..c807ed5f3d 100644 $(BUILD_SERVER) $(BUILD_AGENT) $(WINDOWS_BINS): $(BUILD_LIBS) +@@ -1583,7 +1587,7 @@ build_sysinfo: $(WAZUHEXT_LIB) + #### Syscollector ## + ifeq (,$(filter ${DISABLE_SYSC}, YES yes y Y 1)) + build_syscollector: build_shared_modules build_sysinfo +- cd ${SYSCOLLECTOR} && mkdir -p build && cd build && cmake ${CMAKE_OPTS} ${SOLARIS_CMAKE_OPTS} ${SYSCOLLECTOR_TEST} ${SYSCOLLECTOR_RELEASE_TYPE} .. && ${MAKE} ++ cd ${SYSCOLLECTOR} && mkdir -p build && cd build && cmake ${CMAKE_OPTS} ${SOLARIS_CMAKE_OPTS} ${SYSCOLLECTOR_TEST} ${SYSCOLLECTOR_RELEASE_TYPE} .. && ${MAKE} -Wno-psabi + endif + + #### Wazuh modules ## diff --git a/recipes-scanners/wazuh/files-4.4/0002-headers-correction.patch b/recipes-scanners/wazuh/files-4.4/0002-headers-correction.patch new file mode 100644 index 0000000..c22a30d --- /dev/null +++ b/recipes-scanners/wazuh/files-4.4/0002-headers-correction.patch @@ -0,0 +1,418 @@ +diff --git a/src/shared_modules/common/commonDefs.h b/src/shared_modules/common/commonDefs.h +index 7622530447..9afdfef316 100644 +--- a/src/shared_modules/common/commonDefs.h ++++ b/src/shared_modules/common/commonDefs.h +@@ -12,7 +12,7 @@ + #ifndef _COMMON_DEFS_H_ + #define _COMMON_DEFS_H_ + +-#include "cJSON.h" ++#include + + /** + * @brief Represents the different host types to be used. +diff --git a/src/headers/debug_op.h b/src/headers/debug_op.h +index c64c93c34f..d57484db0c 100644 +--- a/src/headers/debug_op.h ++++ b/src/headers/debug_op.h +@@ -24,7 +24,7 @@ + #endif + + #include +-#include ++#include + /* For internal logs */ + #ifndef LOGFILE + #ifndef WIN32 +diff --git a/src/headers/agent_op.h b/src/headers/agent_op.h +index 27d2a3c02f..b8014e2799 100644 +--- a/src/headers/agent_op.h ++++ b/src/headers/agent_op.h +@@ -11,7 +11,7 @@ + #ifndef AGENT_OP_H + #define AGENT_OP_H + +-#include "external/cJSON/cJSON.h" ++#include + #include "config/authd-config.h" + + /** +diff --git a/src/headers/file_op.h b/src/headers/file_op.h +index c5fc4ad68c..02e9c8122f 100644 +--- a/src/headers/file_op.h ++++ b/src/headers/file_op.h +@@ -17,7 +17,7 @@ + #include + #include + #include +-#include ++#include + + #ifdef WIN32 + #include +diff --git a/src/headers/expression.h b/src/headers/expression.h +index de3a8aaf2d..6f780b751c 100644 +--- a/src/headers/expression.h ++++ b/src/headers/expression.h +@@ -12,7 +12,7 @@ + #define EXPRESSION_H_ + #define PCRE2_CODE_UNIT_WIDTH 8 + +-#include "external/libpcre2/include/pcre2.h" ++#include + #include "os_regex/os_regex.h" + + #define OSMATCH_STR "osmatch" +diff --git a/src/headers/regex_op.h b/src/headers/regex_op.h +index e0a225606a..8512e6f5b5 100644 +--- a/src/headers/regex_op.h ++++ b/src/headers/regex_op.h +@@ -13,7 +13,7 @@ + + #ifndef WIN32 + #include +-#include "external/sqlite/sqlite3.h" ++#include + + /** + * @brief Compare a string with a regular expression. +diff --git a/src/headers/json-queue.h b/src/headers/json-queue.h +index 58b75f34fc..f8db6f2921 100644 +--- a/src/headers/json-queue.h ++++ b/src/headers/json-queue.h +@@ -10,7 +10,7 @@ + #ifndef JSON_QUEUE_H + #define JSON_QUEUE_H + +-#include ++#include + #include "file-queue.h" + + // Initializes queue. Equivalent to initialize every field to 0. +diff --git a/src/headers/read-agents.h b/src/headers/read-agents.h +index 0ea6e983d1..a5d36faa74 100644 +--- a/src/headers/read-agents.h ++++ b/src/headers/read-agents.h +@@ -11,7 +11,7 @@ + #ifndef CRAGENT_H + #define CRAGENT_H + +-#include ++#include + + /* Status */ + typedef enum agent_status_t { +diff --git a/src/headers/string_op.h b/src/headers/string_op.h +index 56616aad74..1e1b352bec 100644 +--- a/src/headers/string_op.h ++++ b/src/headers/string_op.h +@@ -11,7 +11,7 @@ + #ifndef H_STRINGOP_OS + #define H_STRINGOP_OS + +-#include ++#include + #include + + #ifdef WIN32 +diff --git a/src/headers/json_op.h b/src/headers/json_op.h +index fea303bca8..585ac4dcf2 100644 +--- a/src/headers/json_op.h ++++ b/src/headers/json_op.h +@@ -14,7 +14,7 @@ + + #define JSON_MAX_FSIZE 536870912 + +-#include ++#include + + cJSON * json_fread(const char * path, char retry); + int json_fwrite(const char * path, const cJSON * item); +diff --git a/src/headers/url.h b/src/headers/url.h +index 02d27907b7..e013b97bf6 100644 +--- a/src/headers/url.h ++++ b/src/headers/url.h +@@ -12,7 +12,7 @@ + #ifndef URL_GET_H_ + #define URL_GET_H_ + +-#include ++#include + + #define WURL_WRITE_FILE_ERROR "Cannot open file '%s'" + #define WURL_DOWNLOAD_FILE_ERROR "Cannot download file '%s' from URL: '%s'" +diff --git a/src/headers/yaml2json.h b/src/headers/yaml2json.h +index ddbce4c1d9..e363fac7d5 100644 +--- a/src/headers/yaml2json.h ++++ b/src/headers/yaml2json.h +@@ -11,8 +11,8 @@ + #ifndef YAML2JSON_H + #define YAML2JSON_H + +-#include +-#include ++#include ++#include + + int yaml_parse_stdin(yaml_document_t * document); + int yaml_parse_file(const char * path, yaml_document_t * document); +diff --git a/src/config/syscheck-config.h b/src/config/syscheck-config.h +index 9c451c8020..159da5d7d8 100644 +--- a/src/config/syscheck-config.h ++++ b/src/config/syscheck-config.h +@@ -143,7 +143,7 @@ typedef enum fdb_stmt { + + #include "os_crypto/md5_sha1_sha256/md5_sha1_sha256_op.h" + #include "headers/integrity_op.h" +-#include "external/sqlite/sqlite3.h" ++#include + #include "headers/list_op.h" + + #ifdef WIN32 +diff --git a/src/syscheckd/syscheck.h b/src/syscheckd/syscheck.h +index e2077eb4fe..6923b5ddcd 100644 +--- a/src/syscheckd/syscheck.h ++++ b/src/syscheckd/syscheck.h +@@ -13,7 +13,7 @@ + + #include "config/syscheck-config.h" + #include "syscheck_op.h" +-#include "external/cJSON/cJSON.h" ++#include + + #define MAX_LINE PATH_MAX+256 + +diff --git a/src/monitord/compress_log.c b/src/monitord/compress_log.c +index 8865df9762..52ae95c122 100644 +--- a/src/monitord/compress_log.c ++++ b/src/monitord/compress_log.c +@@ -10,7 +10,7 @@ + + #include "shared.h" + #include "monitord.h" +-#include "../external/zlib/zlib.h" ++#include + + + /* gzip a log file */ +diff --git a/src/wazuh_db/wdb.h b/src/wazuh_db/wdb.h +index c0e14eefe1..a35cc7bc57 100644 +--- a/src/wazuh_db/wdb.h ++++ b/src/wazuh_db/wdb.h +@@ -15,7 +15,7 @@ + #include + #include + #include +-#include "external/sqlite/sqlite3.h" ++#include + #include "syscheck_op.h" + #include "rootcheck_op.h" + #include "wazuhdb_op.h" +diff --git a/src/wazuh_modules/wm_control.c b/src/wazuh_modules/wm_control.c +index a91e054f47..d040ab3c09 100644 +--- a/src/wazuh_modules/wm_control.c ++++ b/src/wazuh_modules/wm_control.c +@@ -20,7 +20,7 @@ + #include "wm_control.h" + #include "sysInfo.h" + #include "sym_load.h" +-#include "external/cJSON/cJSON.h" ++#include + #include "file_op.h" + #include "../os_net/os_net.h" + static void *wm_control_main(); +diff --git a/src/addagent/manage_agents.h b/src/addagent/manage_agents.h +index afdb5b3aa3..96d29791c6 100644 +--- a/src/addagent/manage_agents.h ++++ b/src/addagent/manage_agents.h +@@ -13,7 +13,7 @@ + + #include "shared.h" + #include "sec.h" +-#include "external/cJSON/cJSON.h" ++#include + + /** Prototypes **/ + +diff --git a/src/wazuh_modules/agent_upgrade/agent/wm_agent_upgrade_com.c b/src/wazuh_modules/agent_upgrade/agent/wm_agent_upgrade_com.c +index 8ec79628d1..b4bf3efc17 100644 +--- a/src/wazuh_modules/agent_upgrade/agent/wm_agent_upgrade_com.c ++++ b/src/wazuh_modules/agent_upgrade/agent/wm_agent_upgrade_com.c +@@ -21,7 +21,7 @@ + #endif + + #include +-#include "external/zlib/zlib.h" ++#include + #include "os_crypto/sha1/sha1_op.h" + #include "os_crypto/signature/signature.h" + #include "wazuh_modules/wmodules.h" +diff --git a/src/wazuh_modules/wm_database.c b/src/wazuh_modules/wm_database.c +index 3f0ac3c04f..65c90dfbae 100644 +--- a/src/wazuh_modules/wm_database.c ++++ b/src/wazuh_modules/wm_database.c +@@ -14,7 +14,7 @@ + #include "remoted_op.h" + #include "wazuh_db/helpers/wdb_global_helpers.h" + #include "addagent/manage_agents.h" // FILE_SIZE +-#include "external/cJSON/cJSON.h" ++#include + + #ifndef CLIENT + +diff --git a/src/wazuh_db/wdb_parser.c b/src/wazuh_db/wdb_parser.c +index 094d9190a1..950142454e 100644 +--- a/src/wazuh_db/wdb_parser.c ++++ b/src/wazuh_db/wdb_parser.c +@@ -12,7 +12,7 @@ + #include "wazuhdb_op.h" + #include "wdb.h" + #include "wdb_agents.h" +-#include "external/cJSON/cJSON.h" ++#include + #include "wdb_state.h" + + #define HOTFIXES_FIELD_COUNT 3 +diff --git a/src/shared/debug_op.c b/src/shared/debug_op.c +index 67b8d031cf..c9bb9724de 100644 +--- a/src/shared/debug_op.c ++++ b/src/shared/debug_op.c +@@ -9,7 +9,7 @@ + */ + + #include "headers/shared.h" +-#include ++#include + + #ifdef WIN32 + #define localtime_r(x, y) localtime_s(y, x) +diff --git a/src/shared/file_op.c b/src/shared/file_op.c +index 6b95b832a6..c34a92b536 100644 +--- a/src/shared/file_op.c ++++ b/src/shared/file_op.c +@@ -14,7 +14,7 @@ + #include "shared.h" + #include "version_op.h" + +-#include "../external/zlib/zlib.h" ++#include + + #ifdef WAZUH_UNIT_TESTING + #ifdef WIN32 +diff --git a/src/os_zlib/os_zlib.c b/src/os_zlib/os_zlib.c +index 1244fdcdbe..dc44eb54bc 100644 +--- a/src/os_zlib/os_zlib.c ++++ b/src/os_zlib/os_zlib.c +@@ -10,7 +10,7 @@ + + #include "os_zlib.h" + +-#include "../external/zlib/zlib.h" ++#include + + unsigned long int os_zlib_compress(const char *src, char *dst, + unsigned long int src_size, +diff --git a/src/rootcheck/rootcheck.h b/src/rootcheck/rootcheck.h +index 3a183fc72b..347acc1596 100644 +--- a/src/rootcheck/rootcheck.h ++++ b/src/rootcheck/rootcheck.h +@@ -13,7 +13,7 @@ + + #include "list_op.h" + #include "config/rootcheck-config.h" +-#include "external/cJSON/cJSON.h" ++#include + + #ifdef WIN32 + #define PATH_SEP '\\' +diff --git a/src/syscheckd/db/fim_db.h b/src/syscheckd/db/fim_db.h +index 3ae93cb9cd..cf4b0b0d88 100644 +--- a/src/syscheckd/db/fim_db.h ++++ b/src/syscheckd/db/fim_db.h +@@ -14,7 +14,7 @@ + #include "shared.h" + #include + #include "../syscheck.h" +-#include "external/sqlite/sqlite3.h" ++#include + #include "config/syscheck-config.h" + #include "fim_db_files.h" + #include "fim_db_registries.h" +diff --git a/src/syscheckd/whodata/syscheck_audit.c b/src/syscheckd/whodata/syscheck_audit.c +index 2926f24f68..5b47417048 100644 +--- a/src/syscheckd/whodata/syscheck_audit.c ++++ b/src/syscheckd/whodata/syscheck_audit.c +@@ -9,7 +9,7 @@ + */ + #ifdef __linux__ + #include "syscheck_audit.h" +-#include "external/procps/readproc.h" ++#include + + #include + #include +diff --git a/src/rootcheck/config.c b/src/rootcheck/config.c +index 26b672330b..c0cd806939 100644 +--- a/src/rootcheck/config.c ++++ b/src/rootcheck/config.c +@@ -12,7 +12,7 @@ + #include "shared.h" + #include "rootcheck.h" + #include "config/config.h" +-#include "external/cJSON/cJSON.h" ++#include + + + /* Read the rootcheck config */ +diff --git a/src/os_execd/execd.c b/src/os_execd/execd.c +index d0c86b2547..e2cc526421 100644 +--- a/src/os_execd/execd.c ++++ b/src/os_execd/execd.c +@@ -13,7 +13,7 @@ + #include "os_regex/os_regex.h" + #include "os_net/os_net.h" + #include "wazuh_modules/wmodules.h" +-#include "../external/cJSON/cJSON.h" ++#include + #include "execd.h" + #include "active-response/active_responses.h" + +diff --git a/src/os_execd/wcom.c b/src/os_execd/wcom.c +index 3d04e822af..b58ac99bdf 100644 +--- a/src/os_execd/wcom.c ++++ b/src/os_execd/wcom.c +@@ -15,7 +15,7 @@ + #include "os_crypto/sha1/sha1_op.h" + #include "os_crypto/signature/signature.h" + #include "wazuh_modules/wmodules.h" +-#include "external/zlib/zlib.h" ++#include + #include "client-agent/agentd.h" + #include "logcollector/logcollector.h" + #include "syscheckd/syscheck.h" +diff --git a/src/addagent/manage_agents.c b/src/addagent/manage_agents.c +index 3f32cac1ea..0daeca3266 100644 +--- a/src/addagent/manage_agents.c ++++ b/src/addagent/manage_agents.c +@@ -16,7 +16,7 @@ + #include "debug_op.h" + #include "defs.h" + #include "os_crypto/md5/md5_op.h" +-#include "external/cJSON/cJSON.h" ++#include + #include "os_err.h" + #include + #include +diff --git a/src/addagent/manage_keys.c b/src/addagent/manage_keys.c +index c1cd1e8245..ee0fe79af3 100644 +--- a/src/addagent/manage_keys.c ++++ b/src/addagent/manage_keys.c +@@ -10,7 +10,7 @@ + + #include "manage_agents.h" + #include "os_crypto/md5/md5_op.h" +-#include "external/cJSON/cJSON.h" ++#include + #include + #include "config/authd-config.h" + diff --git a/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch b/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch index f35dbf9..85548c1 100644 --- a/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch +++ b/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch @@ -1,7 +1,98 @@ +diff --git a/src/data_provider/CMakeLists.txt b/src/data_provider/CMakeLists.txt +index 84c5710d1a..7c56e30567 100644 +--- a/src/data_provider/CMakeLists.txt ++++ b/src/data_provider/CMakeLists.txt +@@ -14,7 +14,7 @@ if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14") ++set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -Wno-psabi") + + set(CMAKE_CXX_FLAGS_DEBUG "-g") + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") +@@ -50,6 +50,11 @@ include_directories(${SRC_FOLDER}/external/pacman/lib/libalpm/) + include_directories(${SRC_FOLDER}/external/libarchive/libarchive/) + include_directories(${SRC_FOLDER}/external/rpm/builddir/output/include/) + endif(NOT CMAKE_CHECK_CENTOS5) ++include_directories(${STAGING_DIR}/usr/include/) ++include_directories(${STAGING_DIR}/usr/include/cjson/) ++include_directories(${STAGING_DIR}/usr/include/curl/) ++include_directories(${STAGING_DIR}/usr/include/pacman/) ++include_directories(${STAGING_DIR}/usr/include/proc/) + + link_directories(${SRC_FOLDER}) + link_directories(${SRC_FOLDER}/external/sqlite/) +@@ -64,6 +69,8 @@ link_directories(${SRC_FOLDER}/external/libarchive/.libs/) + link_directories(${SRC_FOLDER}/external/rpm/builddir/) + endif(NOT CMAKE_CHECK_CENTOS5) + link_directories(${SRC_FOLDER}/external/openssl/) ++link_directories(${STAGING_DIR}/lib/) ++link_directories(${STAGING_DIR}/usr/lib/) + + + +@@ -85,6 +92,7 @@ elseif(CMAKE_CHECK_CENTOS5) + "${CMAKE_SOURCE_DIR}/src/packages/packageLinuxParserRpmLegacy.cpp") + add_definitions(-DLINUX_TYPE=LinuxType::LEGACY) # Partial compilation in legacy systems + elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux") ++ message(STATUS "Je suis passé par ici ...") + file(GLOB SYSINFO_SRC + "${CMAKE_SOURCE_DIR}/src/*Linux.cpp" + "${CMAKE_SOURCE_DIR}/src/network/*Linux.cpp" +diff --git a/src/data_provider/testtool/CMakeLists.txt b/src/data_provider/testtool/CMakeLists.txt +index aa2fc9827e..3c822de961 100644 +--- a/src/data_provider/testtool/CMakeLists.txt ++++ b/src/data_provider/testtool/CMakeLists.txt +@@ -6,14 +6,18 @@ include_directories(${CMAKE_SOURCE_DIR}/include/) + include_directories(${CMAKE_SOURCE_DIR}/src/) + include_directories(${SRC_FOLDER}/shared_modules/common/) + include_directories(${SRC_FOLDER}/external/nlohmann/) ++include_directories(${STAGING_DIR}/usr/include/) ++include_directories(${STAGING_DIR}/usr/include/proc/) + + link_directories(${SRC_FOLDER}/external/procps/) ++link_directories(${STAGING_DIR}/lib/) ++link_directories(${STAGING_DIR}/usr/lib/) + + if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14") ++set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -Wno-psabi") + + if(FSANITIZE) + set(CMAKE_CXX_FLAGS_DEBUG "-pthread -fsanitize=address,leak,undefined") +@@ -50,7 +54,7 @@ else() + sysinfo + dl + pthread +- proc ++ procps + ) + + if(SOLARIS) +@@ -71,4 +75,4 @@ add_custom_command(TARGET sysinfo_test_tool + POST_BUILD COMMAND + ${CMAKE_INSTALL_NAME_TOOL} -change "@rpath/libwazuhext.dylib" "@executable_path/../../../libwazuhext.dylib" + $) +-endif(APPLE) +\ No newline at end of file ++endif(APPLE) diff --git a/src/shared_modules/dbsync/CMakeLists.txt b/src/shared_modules/dbsync/CMakeLists.txt -index 02bf1aa7f7..a9e9bda451 100644 +index 02bf1aa7f7..96c94d4ad9 100644 --- a/src/shared_modules/dbsync/CMakeLists.txt +++ b/src/shared_modules/dbsync/CMakeLists.txt +@@ -15,7 +15,7 @@ if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread") ++set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread -Wno-psabi") + + set(CMAKE_CXX_FLAGS_DEBUG "-g") + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") @@ -43,10 +43,15 @@ include_directories(${CMAKE_SOURCE_DIR}/include/) include_directories(${CMAKE_SOURCE_DIR}/src/) include_directories(${SHARED_MODULES}/utils/) @@ -19,9 +110,18 @@ index 02bf1aa7f7..a9e9bda451 100644 file(GLOB DBSYNC_SRC "${CMAKE_SOURCE_DIR}/src/*.cpp" diff --git a/src/shared_modules/rsync/CMakeLists.txt b/src/shared_modules/rsync/CMakeLists.txt -index 22c791405e..6dd2182b89 100644 +index 22c791405e..eb682fae46 100644 --- a/src/shared_modules/rsync/CMakeLists.txt +++ b/src/shared_modules/rsync/CMakeLists.txt +@@ -16,7 +16,7 @@ if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread") ++set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread -Wno-psabi") + + set(CMAKE_CXX_FLAGS_DEBUG "-g") + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") @@ -45,11 +45,16 @@ include_directories(${CMAKE_SOURCE_DIR}/src/) include_directories(${SHARED_MODULES}/dbsync/include/) include_directories(${SHARED_MODULES}/utils/) @@ -39,27 +139,85 @@ index 22c791405e..6dd2182b89 100644 file(GLOB RSYNC_SRC "${CMAKE_SOURCE_DIR}/src/*.cpp") -diff --git a/src/data_provider/CMakeLists.txt b/src/data_provider/CMakeLists.txt -index 84c5710d1a..5493364c7b 100644 ---- a/src/data_provider/CMakeLists.txt -+++ b/src/data_provider/CMakeLists.txt -@@ -50,6 +50,10 @@ include_directories(${SRC_FOLDER}/external/pacman/lib/libalpm/) - include_directories(${SRC_FOLDER}/external/libarchive/libarchive/) - include_directories(${SRC_FOLDER}/external/rpm/builddir/output/include/) - endif(NOT CMAKE_CHECK_CENTOS5) +diff --git a/src/shared_modules/dbsync/testtool/CMakeLists.txt b/src/shared_modules/dbsync/testtool/CMakeLists.txt +index 952decf282..5c83e26fc0 100644 +--- a/src/shared_modules/dbsync/testtool/CMakeLists.txt ++++ b/src/shared_modules/dbsync/testtool/CMakeLists.txt +@@ -11,7 +11,7 @@ if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -std=c++14 -pthread") ++set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -Wno-psabi -std=c++14 -pthread") + + if(FSANITIZE) + set(CMAKE_CXX_FLAGS_DEBUG "-fsanitize=address,leak,undefined") +diff --git a/src/shared_modules/rsync/testtool/CMakeLists.txt b/src/shared_modules/rsync/testtool/CMakeLists.txt +index 95d2bb97be..3242146106 100644 +--- a/src/shared_modules/rsync/testtool/CMakeLists.txt ++++ b/src/shared_modules/rsync/testtool/CMakeLists.txt +@@ -12,7 +12,7 @@ if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -std=c++14 -pthread") ++set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -Wno-psabi -std=c++14 -pthread") + + if(FSANITIZE) + set(CMAKE_CXX_FLAGS_DEBUG "-fsanitize=address,leak,undefined") +diff --git a/src/wazuh_modules/syscollector/CMakeLists.txt b/src/wazuh_modules/syscollector/CMakeLists.txt +index b0c6cf400c..50387afa3f 100644 +--- a/src/wazuh_modules/syscollector/CMakeLists.txt ++++ b/src/wazuh_modules/syscollector/CMakeLists.txt +@@ -14,7 +14,7 @@ if(COVERITY) + add_definitions(-D__GNUC__=8) + endif(COVERITY) + +-set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread") ++set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread -Wno-psabi") + + set(CMAKE_CXX_FLAGS_DEBUG "-g") + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") +@@ -48,6 +48,10 @@ include_directories(${SRC_FOLDER}/shared_modules/rsync/include/) + include_directories(${SRC_FOLDER}/shared_modules/common/) + include_directories(${SRC_FOLDER}/data_provider/include/) + include_directories(${CMAKE_SOURCE_DIR}/include) +include_directories(${STAGING_DIR}/usr/include/) +include_directories(${STAGING_DIR}/usr/include/cjson/) +include_directories(${STAGING_DIR}/usr/include/curl/) + - link_directories(${SRC_FOLDER}) - link_directories(${SRC_FOLDER}/external/sqlite/) -@@ -64,6 +68,8 @@ link_directories(${SRC_FOLDER}/external/libarchive/.libs/) - link_directories(${SRC_FOLDER}/external/rpm/builddir/) - endif(NOT CMAKE_CHECK_CENTOS5) - link_directories(${SRC_FOLDER}/external/openssl/) + link_directories(${SRC_FOLDER}/shared_modules/dbsync/build/lib) + link_directories(${SRC_FOLDER}/shared_modules/rsync/build/lib) +@@ -60,6 +64,9 @@ link_directories(${SRC_FOLDER}/external/cJSON/) + link_directories(${SRC_FOLDER}/external/procps/) + link_directories(${SRC_FOLDER}/external/bzip2/) + +link_directories(${STAGING_DIR}/lib/) +link_directories(${STAGING_DIR}/usr/lib/) ++ + if(CMAKE_SYSTEM_NAME STREQUAL "Windows") + add_definitions(-DWIN32=1 +diff --git a/src/wazuh_modules/syscollector/testtool/CMakeLists.txt b/src/wazuh_modules/syscollector/testtool/CMakeLists.txt +index 3dac44034f..b2a723ca45 100644 +--- a/src/wazuh_modules/syscollector/testtool/CMakeLists.txt ++++ b/src/wazuh_modules/syscollector/testtool/CMakeLists.txt +@@ -21,7 +21,7 @@ if(COVERITY) + endif(COVERITY) + add_definitions(-DWAZUH_UNIT_TESTING) +-set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread") ++set(CMAKE_CXX_FLAGS "-g -Wall -Wextra -Wshadow -Wnon-virtual-dtor -Woverloaded-virtual -Wunused -Wcast-align -Wformat=2 -std=c++14 -pthread -Wno-psabi") + if(FSANITIZE) + set(CMAKE_CXX_FLAGS_DEBUG "-fsanitize=address,leak,undefined") +@@ -70,7 +70,7 @@ else() + sysinfo + syscollector + dl +- proc ++ procps + ) + + if(SOLARIS) diff --git a/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb b/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb index a63db82..105daf3 100644 --- a/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb +++ b/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb @@ -31,6 +31,7 @@ DEPENDS = "curl-native \ popt \ msgpack-c \ rpm \ + db \ pacman \ cmake-native \ wazuh-users \ @@ -45,6 +46,7 @@ SRC_URI = " \ file://ossec.conf \ file://wazuh-agent.service \ file://0001-Makefile.patch \ + file://0002-headers-correction.patch \ file://0003-CMakeLists.patch \ " @@ -62,7 +64,7 @@ EXTRA_OEMAKE = ' \ RANLIB="${RANLIB}" \ AR="${AR}" \ CFLAGS="${CFLAGS} -I${STAGING_INCDIR} -I${STAGING_INCDIR}/cjson -I${STAGING_INCDIR}/curl" \ - LDFLAGS="-Wl,--sysroot=${STAGING_DIR_TARGET} -L${STAGING_LIBDIR} -lm -lcjson -lssl -lcrypto -lpcre2-8 -lz -lsqlite3 -lyaml -lcurl -lmsgpackc -laudit -lprocps" \ + LDFLAGS="-Wl,--sysroot=${STAGING_DIR_TARGET} -L${STAGING_LIBDIR} -lm -lcjson -lssl -lcrypto -lpcre2-8 -lz -lsqlite3 -lyaml -lcurl -lmsgpackc -laudit -lprocps -lrpm -lalpm -ldb" \ CMAKE_OPTS="-DSTAGING_DIR=${STAGING_DIR_TARGET}" \ ' do_compile() { @@ -73,29 +75,31 @@ do_install() { install -d ${D}${systemd_unitdir}/system/ install -m 0644 ${WORKDIR}/wazuh-agent.service ${D}${systemd_unitdir}/system/ - install -d -o root -g wazuh ${D}/var/ossec - install -d ${D}/var/ossec/lib - install -m 0750 -o root -g wazuh ${S}/src/libwazuhext.so ${D}/var/ossec/lib/ - install -m 0750 -o root -g wazuh ${S}/src/libwazuhshared.so ${D}/var/ossec/lib/ - install -m 0750 -o root -g wazuh ${S}/src/shared_modules/dbsync/build/lib/libdbsync.so ${D}/var/ossec/lib/ - install -m 0750 -o root -g wazuh ${S}/src/shared_modules/rsync/build/lib/librsync.so ${D}/var/ossec/lib/ - install -m 0750 -o root -g wazuh ${S}/src/syscheckd/build/lib/libfimdb.so ${D}/var/ossec/lib/ + install -d -o root -g wazuh ${D}${localstatedir}/ossec + install -d ${D}${localstatedir}/ossec/lib + install -m 0750 -o root -g wazuh ${S}/src/libwazuhext.so ${D}${localstatedir}/ossec/lib/ + install -m 0750 -o root -g wazuh ${S}/src/libwazuhshared.so ${D}${localstatedir}/ossec/lib/ + install -m 0750 -o root -g wazuh ${S}/src/shared_modules/dbsync/build/lib/libdbsync.so ${D}${localstatedir}/ossec/lib/ + install -m 0750 -o root -g wazuh ${S}/src/shared_modules/rsync/build/lib/librsync.so ${D}${localstatedir}/ossec/lib/ + install -m 0750 -o root -g wazuh ${S}/src/data_provider/build/lib/libsysinfo.so ${D}${localstatedir}/ossec/lib/ + install -m 0750 -o root -g wazuh ${S}/src/wazuh_modules/syscollector/build/lib/libsyscollector.so ${D}${localstatedir}/ossec/lib/ - chrpath -d ${D}/var/ossec/lib/libfimdb.so - chrpath -d ${D}/var/ossec/lib/librsync.so - chrpath -d ${D}/var/ossec/lib/libdbsync.so + chrpath -d ${D}${localstatedir}/ossec/lib/librsync.so + chrpath -d ${D}${localstatedir}/ossec/lib/libdbsync.so + chrpath -d ${D}${localstatedir}/ossec/lib/libsysinfo.so + chrpath -d ${D}${localstatedir}/ossec/lib/libsyscollector.so - install -d ${D}/var/ossec/bin - install -m 0750 ${S}/src/wazuh-agentd ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/agent-auth ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/wazuh-logcollector ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/syscheckd/build/bin/wazuh-syscheckd ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/wazuh-execd ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/manage_agents ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/wazuh-modulesd ${D}/var/ossec/bin/ - install -m 0750 ${S}/src/init/wazuh-client.sh ${D}/var/ossec/bin/wazuh-control + install -d ${D}${localstatedir}/ossec/bin + install -m 0750 ${S}/src/wazuh-agentd ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/agent-auth ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/wazuh-logcollector ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/wazuh-syscheckd ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/wazuh-execd ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/manage_agents ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/wazuh-modulesd ${D}${localstatedir}/ossec/bin/ + install -m 0750 ${S}/src/init/wazuh-client.sh ${D}${localstatedir}/ossec/bin/wazuh-control - chrpath -d ${D}/var/ossec/bin/wazuh-syscheckd + chrpath -d ${D}${localstatedir}/ossec/bin/wazuh-syscheckd install -d -o root -g wazuh ${D}${localstatedir}/ossec/tmp @@ -107,146 +111,141 @@ do_install() { install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/fim install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/fim/db install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/syscollector + install -m 0640 -o root -g wazuh ${S}/src/wazuh_modules/syscollector/norm_config.json ${D}${localstatedir}/ossec/queue/syscollector/ install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/syscollector/db - install -m 0640 ${S}/src/wazuh_modules/syscollector/norm_config.json ${D}/var/ossec/queue/syscollector/ - chown root:wazuh ${D}/var/ossec/queue/syscollector/norm_config.json install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/logcollector - install -d -o root -g wazuh ${D}${localstatedir}/ossec/incoming + #install -d -o root -g wazuh ${D}${localstatedir}/ossec/incoming install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca - install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/generic - install -m 0640 -o root -g wazuh ${S}/ruleset/sca/generic/*.yml ${D}/var/ossec/ruleset/sca/generic/ - install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/mongodb - install -m 0640 -o root -g wazuh ${S}/ruleset/sca/mongodb/*.yml ${D}/var/ossec/ruleset/sca/mongodb/ - install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/applications - install -m 0640 -o root -g wazuh ${S}/ruleset/sca/applications/*.yml ${D}/var/ossec/ruleset/sca/applications/ - install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/nginx - install -m 0640 -o root -g wazuh ${S}/ruleset/sca/nginx/*.yml ${D}/var/ossec/ruleset/sca/nginx/ - + install -m 0640 -o root -g wazuh ${S}/ruleset/sca/generic/*.yml ${D}${localstatedir}/ossec/ruleset/sca/ + install -m 0640 -o root -g wazuh ${S}/ruleset/sca/mongodb/*.yml ${D}${localstatedir}/ossec/ruleset/sca/ + install -m 0640 -o root -g wazuh ${S}/ruleset/sca/applications/*.yml ${D}${localstatedir}/ossec/ruleset/sca/ + install -m 0640 -o root -g wazuh ${S}/ruleset/sca/nginx/*.yml ${D}${localstatedir}/ossec/ruleset/sca/ + install -m 0640 -o root -g wazuh ${S}/ruleset/sca/debian/*.yml ${D}${localstatedir}/ossec/ruleset/sca/ + install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/etc/shared + install -m 0660 -o root -g wazuh ${S}/ruleset/rootcheck/db/*.txt ${D}${localstatedir}/ossec/etc/shared/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud/pubsub install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud/buckets install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/wodles - install -m 0750 -o root -g wazuh ${S}/wodles/__init__.py ${D}/var/ossec/wodles/ - install -m 0750 -o root -g wazuh ${S}/wodles/utils.py ${D}/var/ossec/wodles/ + install -m 0750 -o root -g wazuh ${S}/wodles/__init__.py ${D}${localstatedir}/ossec/wodles/ + install -m 0750 -o root -g wazuh ${S}/wodles/utils.py ${D}${localstatedir}/ossec/wodles/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/aws - install -m 0750 -o root -g wazuh ${S}/wodles/aws/aws_s3.py ${D}/var/ossec/wodles/aws/aws-s3 - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/gcloud.py ${D}/var/ossec/wodles/gcloud/gcloud - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/integration.py ${D}/var/ossec/wodles/gcloud/ - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/tools.py ${D}/var/ossec/wodles/gcloud/ - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/exceptions.py ${D}/var/ossec/wodles/gcloud/ - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/bucket.py ${D}/var/ossec/wodles/gcloud/buckets/ - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/access_logs.py ${D}/var/ossec/wodles/gcloud/buckets/ - install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/pubsub/subscriber.py ${D}/var/ossec/wodles/gcloud/pubsub/ + install -m 0750 -o root -g wazuh ${S}/wodles/aws/aws_s3.py ${D}${localstatedir}/ossec/wodles/aws/aws-s3 + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/gcloud.py ${D}${localstatedir}/ossec/wodles/gcloud/gcloud + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/integration.py ${D}${localstatedir}/ossec/wodles/gcloud/ + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/tools.py ${D}${localstatedir}/ossec/wodles/gcloud/ + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/exceptions.py ${D}${localstatedir}/ossec/wodles/gcloud/ + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/bucket.py ${D}${localstatedir}/ossec/wodles/gcloud/buckets/ + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/access_logs.py ${D}${localstatedir}/ossec/wodles/gcloud/buckets/ + install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/pubsub/subscriber.py ${D}${localstatedir}/ossec/wodles/gcloud/pubsub/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/docker - install -m 0750 -o root -g wazuh ${S}/wodles/docker-listener/DockerListener.py ${D}/var/ossec/wodles/docker/DockerListener + install -m 0750 -o root -g wazuh ${S}/wodles/docker-listener/DockerListener.py ${D}${localstatedir}/ossec/wodles/docker/DockerListener install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/azure - install -m 0750 -o root -g wazuh ${S}/wodles/azure/azure-logs.py ${D}/var/ossec/wodles/azure/azure-logs - install -m 0750 -o root -g wazuh ${S}/wodles/azure/orm.py ${D}/var/ossec/wodles/azure/ + install -m 0750 -o root -g wazuh ${S}/wodles/azure/azure-logs.py ${D}${localstatedir}/ossec/wodles/azure/azure-logs + install -m 0750 -o root -g wazuh ${S}/wodles/azure/orm.py ${D}${localstatedir}/ossec/wodles/azure/ - install -d -o wazuh -g wazuh ${D}/var/ossec/etc - install -d -o root -g wazuh ${D}/var/ossec/etc/shared - install -m 0660 -o root -g wazuh ${WORKDIR}/ossec.conf ${D}/var/ossec/etc/ - install -m 0660 -o root -g wazuh ${S}/ruleset/rootcheck/db/*.txt ${D}/var/ossec/etc/shared/ - install -m 0640 -o root -g wazuh ${S}/etc/wpk_root.pem ${D}/var/ossec/etc/ - touch ${D}/var/ossec/etc/client.keys - chown -R root:wazuh ${D}/var/ossec/etc/client.keys + install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/etc + install -m 0660 -o root -g wazuh ${WORKDIR}/ossec.conf ${D}${localstatedir}/ossec/etc/ + install -m 0640 -o root -g wazuh ${S}/etc/wpk_root.pem ${D}${localstatedir}/ossec/etc/ + touch ${D}${localstatedir}/ossec/etc/client.keys + chown -R root:wazuh ${D}${localstatedir}/ossec/etc/client.keys - install -m 0640 -o root -g wazuh ${S}/etc/internal_options.conf ${D}/var/ossec/etc/ - install -m 0640 -o root -g wazuh ${S}/etc/local_internal_options.conf ${D}/var/ossec/etc/ + install -m 0640 -o root -g wazuh ${S}/etc/internal_options.conf ${D}${localstatedir}/ossec/etc/ + install -m 0640 -o root -g wazuh ${S}/etc/local_internal_options.conf ${D}${localstatedir}/ossec/etc/ - install -d -o root -g wazuh ${D}/var/ossec/active-response - install -d -o root -g wazuh ${D}/var/ossec/active-response/bin - install -m 0750 -o root -g wazuh ${S}/src/firewalld-drop ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/wazuh-slack ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/route-null ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/restart-wazuh ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/kaspersky ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/ip-customblock ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/pf ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/npf ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/ipfw ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/default-firewall-drop ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/disable-account ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/host-deny ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/active-response/kaspersky.py ${D}/var/ossec/active-response/bin/ - install -m 0750 -o root -g wazuh ${S}/src/active-response/restart.sh ${D}/var/ossec/active-response/bin/ + install -d -o root -g wazuh ${D}${localstatedir}/ossec/active-response + install -d -o root -g wazuh ${D}${localstatedir}/ossec/active-response/bin + install -m 0750 -o root -g wazuh ${S}/src/firewalld-drop ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/wazuh-slack ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/route-null ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/restart-wazuh ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/kaspersky ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/ip-customblock ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/pf ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/npf ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/ipfw ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/default-firewall-drop ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/disable-account ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/host-deny ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/active-response/kaspersky.py ${D}${localstatedir}/ossec/active-response/bin/ + install -m 0750 -o root -g wazuh ${S}/src/active-response/restart.sh ${D}${localstatedir}/ossec/active-response/bin/ - install -d -o root -g wazuh ${D}/var/ossec/agentless - install -m 0750 -o root -g wazuh ${S}/src/agentlessd/scripts/* ${D}/var/ossec/agentless/ + install -d -o root -g wazuh ${D}${localstatedir}/ossec/agentless + install -m 0750 -o root -g wazuh ${S}/src/agentlessd/scripts/* ${D}${localstatedir}/ossec/agentless/ - install -d -o root -g wazuh ${D}/var/ossec/var - install -d -o wazuh -g wazuh ${D}/var/ossec/var/run - install -d -o root -g wazuh ${D}/var/ossec/var/upgrade - install -d -o root -g wazuh ${D}/var/ossec/var/selinux - install -d -o root -g wazuh ${D}/var/ossec/var/incoming - install -d -o root -g wazuh ${D}/var/ossec/backup + install -d -o root -g wazuh ${D}${localstatedir}/ossec/var + install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/var/run + install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/upgrade + install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/selinux + install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/incoming + install -d -o root -g wazuh ${D}${localstatedir}/ossec/backup - install -d -o wazuh -g wazuh ${D}/var/ossec/logs - touch ${D}/var/ossec/logs/ossec.log - chown -R wazuh:wazuh ${D}/var/ossec/logs/ossec.log + install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/logs + touch ${D}${localstatedir}/ossec/logs/ossec.log + chown -R wazuh:wazuh ${D}${localstatedir}/ossec/logs/ossec.log + touch ${D}${localstatedir}/ossec/logs/active-responses.log + chown -R wazuh:wazuh ${D}${localstatedir}/ossec/logs/active-responses.log - touch ${D}/var/ossec/logs/ossec.json - chown -R wazuh:wazuh ${D}/var/ossec/logs/ossec.json - install -d -o wazuh -g wazuh ${D}/var/ossec/logs/wazuh + touch ${D}${localstatedir}/ossec/logs/ossec.json + chown -R wazuh:wazuh ${D}${localstatedir}/ossec/logs/ossec.json + install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/logs/wazuh } FILES:${PN} += " \ ${systemd_unitdir}/system/wazuh-agent.service \ - /var/ossec/lib/libwazuhext.so \ - /var/ossec/lib/libwazuhshared.so \ - /var/ossec/lib/libdbsync.so \ - /var/ossec/lib/librsync.so \ - /var/ossec/lib/libfimdb.so \ - /var/ossec/bin/wazuh-agentd \ - /var/ossec/bin/agent-auth \ - /var/ossec/bin/wazuh-logcollector \ - /var/ossec/bin/wazuh-syscheckd \ - /var/ossec/bin/wazuh-execd \ - /var/ossec/bin/manage_agents \ - /var/ossec/bin/wazuh-modulesd \ - /var/ossec/bin/wazuh-control \ - /var/ossec/etc/ossec.conf \ - /var/ossec/etc/shared/*.txt \ - /var/ossec/etc/wpk_root.pem \ - /var/ossec/etc/client.keys \ - /var/ossec/etc/internal_options.conf \ - /var/ossec/etc/local_internal_options.conf \ - /var/ossec/active-response/bin/firewalld-drop \ - /var/ossec/active-response/bin/wazuh-slack \ - /var/ossec/active-response/bin/route-null \ - /var/ossec/active-response/bin/restart-wazuh \ - /var/ossec/active-response/bin/kaspersky \ - /var/ossec/active-response/bin/ip-customblock \ - /var/ossec/active-response/bin/pf \ - /var/ossec/active-response/bin/npf \ - /var/ossec/active-response/bin/ipfw \ - /var/ossec/active-response/bin/default-firewall-drop \ - /var/ossec/active-response/bin/disable-account \ - /var/ossec/active-response/bin/host-deny \ - /var/ossec/active-response/bin/kapersky.py \ - /var/ossec/active-response/bin/restart.sh \ - /var/ossec/ruleset/sca/generic/*.yml \ - /var/ossec/ruleset/sca/mongodb/*.yml \ - /var/ossec/ruleset/sca/applications/*.yml \ - /var/ossec/ruleset/sca/nginx/*.yml \ - /var/ossec/wodles/__init__.py \ - /var/ossec/wodles/utils.py \ - /var/ossec/wodles/aws/aws-s3 \ - /var/ossec/wodles/gcloud/gcloud \ - /var/ossec/wodles/gcloud/integration.py \ - /var/ossec/wodles/gcloud/tools.py \ - /var/ossec/wodles/gcloud/exceptions.py \ - /var/ossec/wodles/gcloud/buckets/bucket.py \ - /var/ossec/wodles/gcloud/buckets/access_logs.py \ - /var/ossec/wodles/gcloud/pubsub/subscriber.py \ - /var/ossec/wodles/docker/DockerListener \ - /var/ossec/wodles/azure/azure-logs \ - /var/ossec/wodles/azure/orm.py \ - /var/ossec/agentless/* \ - /var/ossec/logs/ossec.log \ - /var/ossec/logs/ossec.json \ + ${localstatedir}/ossec/lib/*.so \ + ${localstatedir}/ossec/bin/wazuh-agentd \ + ${localstatedir}/ossec/bin/agent-auth \ + ${localstatedir}/ossec/bin/wazuh-logcollector \ + ${localstatedir}/ossec/bin/wazuh-syscheckd \ + ${localstatedir}/ossec/bin/wazuh-execd \ + ${localstatedir}/ossec/bin/manage_agents \ + ${localstatedir}/ossec/bin/wazuh-modulesd \ + ${localstatedir}/ossec/bin/wazuh-control \ + ${localstatedir}/ossec/queue/syscollector/norm_config.json \ + ${localstatedir}/ossec/etc/ossec.conf \ + ${localstatedir}/ossec/etc/shared/*.txt \ + ${localstatedir}/ossec/etc/wpk_root.pem \ + ${localstatedir}/ossec/etc/client.keys \ + ${localstatedir}/ossec/etc/internal_options.conf \ + ${localstatedir}/ossec/etc/local_internal_options.conf \ + ${localstatedir}/ossec/active-response/bin/firewalld-drop \ + ${localstatedir}/ossec/active-response/bin/wazuh-slack \ + ${localstatedir}/ossec/active-response/bin/route-null \ + ${localstatedir}/ossec/active-response/bin/restart-wazuh \ + ${localstatedir}/ossec/active-response/bin/kaspersky \ + ${localstatedir}/ossec/active-response/bin/ip-customblock \ + ${localstatedir}/ossec/active-response/bin/pf \ + ${localstatedir}/ossec/active-response/bin/npf \ + ${localstatedir}/ossec/active-response/bin/ipfw \ + ${localstatedir}/ossec/active-response/bin/default-firewall-drop \ + ${localstatedir}/ossec/active-response/bin/disable-account \ + ${localstatedir}/ossec/active-response/bin/host-deny \ + ${localstatedir}/ossec/active-response/bin/kapersky.py \ + ${localstatedir}/ossec/active-response/bin/restart.sh \ + ${localstatedir}/ossec/ruleset/sca/generic/*.yml \ + ${localstatedir}/ossec/ruleset/sca/mongodb/*.yml \ + ${localstatedir}/ossec/ruleset/sca/applications/*.yml \ + ${localstatedir}/ossec/ruleset/sca/nginx/*.yml \ + ${localstatedir}/ossec/ruleset/sca/debian/*.yml \ + ${localstatedir}/ossec/wodles/__init__.py \ + ${localstatedir}/ossec/wodles/utils.py \ + ${localstatedir}/ossec/wodles/aws/aws-s3 \ + ${localstatedir}/ossec/wodles/gcloud/gcloud \ + ${localstatedir}/ossec/wodles/gcloud/integration.py \ + ${localstatedir}/ossec/wodles/gcloud/tools.py \ + ${localstatedir}/ossec/wodles/gcloud/exceptions.py \ + ${localstatedir}/ossec/wodles/gcloud/buckets/bucket.py \ + ${localstatedir}/ossec/wodles/gcloud/buckets/access_logs.py \ + ${localstatedir}/ossec/wodles/gcloud/pubsub/subscriber.py \ + ${localstatedir}/ossec/wodles/docker/DockerListener \ + ${localstatedir}/ossec/wodles/azure/azure-logs \ + ${localstatedir}/ossec/wodles/azure/orm.py \ + ${localstatedir}/ossec/agentless/* \ + ${localstatedir}/ossec/logs/ossec.log \ + ${localstatedir}/ossec/logs/ossec.json \ " INSANE_SKIP:${PN} = "ldflags already-stripped"