From 6d7efefda34594888cf14e0bcddb685e677da7cf Mon Sep 17 00:00:00 2001 From: vbenoit Date: Wed, 19 Jul 2023 06:44:05 +0000 Subject: [PATCH] ajout de la recette pacman pour compiler wazuh-agent --- conf/distro/rpi-distro.conf | 2 +- .../pacman/files/0001-disable-po.patch | 78 ++++++++ recipes-devtools/pacman/pacman_5.2.2.bb | 46 +++++ .../wazuh/files-4.4/0001-Makefile.patch | 50 +++++ .../wazuh/files-4.4/0003-CMakeLists.patch | 65 ++++++ recipes-scanners/wazuh/files-4.4/ossec.conf | 188 ++++++++++++++++++ .../wazuh/files-4.4/wazuh-agent.service | 18 ++ recipes-scanners/wazuh/wazuh-agent_4.4.0.bb | 5 +- scripts/envsetup.sh | 4 +- 9 files changed, 451 insertions(+), 5 deletions(-) create mode 100644 recipes-devtools/pacman/files/0001-disable-po.patch create mode 100644 recipes-devtools/pacman/pacman_5.2.2.bb create mode 100644 recipes-scanners/wazuh/files-4.4/0001-Makefile.patch create mode 100644 recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch create mode 100644 recipes-scanners/wazuh/files-4.4/ossec.conf create mode 100644 recipes-scanners/wazuh/files-4.4/wazuh-agent.service diff --git a/conf/distro/rpi-distro.conf b/conf/distro/rpi-distro.conf index 71136e6..676f9b9 100644 --- a/conf/distro/rpi-distro.conf +++ b/conf/distro/rpi-distro.conf @@ -59,4 +59,4 @@ EXTRA_USERS_PARAMS += "usermod -p '\$6\$sclecyber\$n9LKVtEnhPIDEbFdRFVPWbuRoYabz MACHINE_EXTRA_RRECOMMENDS += "kernel-module-rtl8188eus" -RM_WORK_EXCLUDE += "wazuh-agent" +RM_WORK_EXCLUDE += "pacman wazuh-agent" diff --git a/recipes-devtools/pacman/files/0001-disable-po.patch b/recipes-devtools/pacman/files/0001-disable-po.patch new file mode 100644 index 0000000..b664cfe --- /dev/null +++ b/recipes-devtools/pacman/files/0001-disable-po.patch @@ -0,0 +1,78 @@ +diff --git a/Makefile.am b/Makefile.am +index c661f447..3d6e9b45 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -72,14 +72,9 @@ install-data-local: + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done + +-update-po: +- $(MAKE) -C lib/libalpm/po update-po +- $(MAKE) -C scripts/po update-po +- $(MAKE) -C src/pacman/po update-po +- + update-copyright: + for file in $(shell sh -c 'git grep -l "Copyright .* Pacman Development" | grep -v "\.po"'); do \ + sed -i -e "/Copyright (/s/-$(OLD)/-$(NEW)/" -e "/Copyright (/s/ $(OLD)/ $(OLD)-$(NEW)/" "$$file"; \ + done + +-.PHONY: update-po update-copyright ++.PHONY: update-copyright +diff --git a/lib/libalpm/Makefile.am b/lib/libalpm/Makefile.am +index e4f83223..f428aa3b 100644 +--- a/lib/libalpm/Makefile.am ++++ b/lib/libalpm/Makefile.am +@@ -1,8 +1,6 @@ + AUTOMAKE_OPTIONS = gnu + +-SUBDIRS = po +- +-EXTRA_DIST = meson.build po/meson.build ++EXTRA_DIST = meson.build + + lib_LTLIBRARIES = libalpm.la + include_HEADERS = alpm_list.h alpm.h +diff --git a/configure.ac b/configure.ac +index a116bc3e..4c53429d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -538,14 +538,11 @@ AC_DEFINE_UNQUOTED([LDCONFIG], "$LDCONFIG", [The full path to ldconfig]) + # Configuration files + AC_CONFIG_FILES([ + lib/libalpm/Makefile +-lib/libalpm/po/Makefile.in + lib/libalpm/libalpm.pc + src/common/Makefile + src/pacman/Makefile +-src/pacman/po/Makefile.in + src/util/Makefile + scripts/Makefile +-scripts/po/Makefile.in + doc/Makefile + etc/Makefile + test/pacman/Makefile +diff --git a/src/pacman/Makefile.am b/src/pacman/Makefile.am +index ac2f8e46..e7b6fa02 100644 +--- a/src/pacman/Makefile.am ++++ b/src/pacman/Makefile.am +@@ -1,6 +1,5 @@ +-SUBDIRS = po + +-EXTRA_DIST = meson.build po/meson.build ++EXTRA_DIST = meson.build + + # paths set at make time + conffile = ${sysconfdir}/pacman.conf +diff --git a/scripts/Makefile.am b/scripts/Makefile.am +index 63d09767..ef818576 100644 +--- a/scripts/Makefile.am ++++ b/scripts/Makefile.am +@@ -3,8 +3,6 @@ AUTOMAKE_OPTIONS = std-options + AM_INSTALLCHECK_STD_OPTIONS_EXEMPT = \ + $(WRAPPER) + +-SUBDIRS = po +- + pkgconfigdir = $(datarootdir)/pkgconfig + pkgconfig_DATA = libmakepkg.pc + diff --git a/recipes-devtools/pacman/pacman_5.2.2.bb b/recipes-devtools/pacman/pacman_5.2.2.bb new file mode 100644 index 0000000..9d871e7 --- /dev/null +++ b/recipes-devtools/pacman/pacman_5.2.2.bb @@ -0,0 +1,46 @@ +DESCRIPTION = "ALPM library" +HOMEPAGE = "https://gitlab.archlinux.org/pacman/pacman" +SECTION = "libs" +LICENSE = "GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" + +FILESEXTRAPATHS:prepend := "${THISDIR}/files:" + +SRC_URI = "git://gitlab.archlinux.org/pacman/pacman.git;protocol=https;nobranch=1" +SRCREV = "5537881b2525a4f114fcf10b00413b4575a74968" +SRC_URI += " \ + file://0001-disable-po.patch \ + " +S = "${WORKDIR}/git" + +DEPENDS = "libtool-native autoconf-archive-native libarchive openssl bash" +RDEPENDS:${PN} += "bash perl" + +EXTRA_OECONF = ' \ + --disable-doc \ + --disable-nls \ + --with-crypto=openssl \ + CC="${CC}" \ + ' + +do_configure:prepend() { + install -d ${S}/build-aux + touch ${S}/build-aux/config.rpath +} + +do_install:append() { + rm -rf ${D}/usr/share + rm -rf ${D}/usr/bin/repo-add + rm -rf ${D}/usr/bin/pacman-key + rm -rf ${D}/usr/bin/pacman-db-upgrade + rm -rf ${D}/usr/bin/makepkg + + install -d ${D}/usr/include + install -m 0644 ${S}/lib/libalpm/*.h ${D}/usr/include/ +} + +inherit autotools pkgconfig gettext + +FILES:${PN}-dev += " \ + /usr/include/*.h \ + " diff --git a/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch b/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch new file mode 100644 index 0000000..c6a36c7 --- /dev/null +++ b/recipes-scanners/wazuh/files-4.4/0001-Makefile.patch @@ -0,0 +1,50 @@ +diff --git a/src/Makefile b/src/Makefile +index 58eb041a33..c807ed5f3d 100644 +--- a/src/Makefile ++++ b/src/Makefile +@@ -391,7 +391,7 @@ ifeq (,$(filter ${V},YES yes y Y 1)) + QUIET_ENDCOLOR= @printf '%b' ${ENDCOLOR} 1>&2; + endif + +-MING_BASE:= ++#MING_BASE:= + ifeq (${TARGET}, winagent) + # Avoid passing environment variables such CFLAGS to external Makefiles + ifeq (${CC}, gcc) +@@ -447,8 +447,8 @@ endif #winagent + OSSEC_CC =${QUIET_CC}${MING_BASE}${CC} + OSSEC_CCBIN =${QUIET_CCBIN}${MING_BASE}${CC} + OSSEC_SHARED =${QUIET_CCBIN}${MING_BASE}${CC} -shared +-OSSEC_LINK =${QUIET_LINK}${MING_BASE}ar -crus +-OSSEC_RANLIB =${QUIET_RANLIB}${MING_BASE}ranlib ++OSSEC_LINK =${QUIET_LINK}${MING_BASE}${AR} -crus ++OSSEC_RANLIB =${QUIET_RANLIB}${MING_BASE}${RANLIB} + OSSEC_WINDRES =${QUIET_CCBIN}${MING_BASE}windres + + +@@ -765,7 +765,7 @@ ifeq (${MAKECMDGOALS},agent) + $(error Do not use 'agent' directly, use 'TARGET=agent') + endif + +-agent: external ${CPPLIBDEPS} ++agent: + ifneq (${uname_S},HP-UX) + ${MAKE} ${BUILD_CMAKE_PROJECTS} + endif +@@ -883,6 +883,7 @@ ifeq (${uname_S},Darwin) + EXTERNAL_LIBS += ${LIBPLIST_LIB} + endif + ++EXTERNAL_LIBS := + + .PHONY: external test_external + external: test_external $(EXTERNAL_LIBS) $(JEMALLOC_LIB) +@@ -1334,7 +1335,7 @@ endif + #################### + WAZUHEXT_LIB = libwazuhext.$(SHARED) + WAZUH_LIB = libwazuhshared.$(SHARED) +-BUILD_LIBS = libwazuh.a $(WAZUHEXT_LIB) ++BUILD_LIBS = libwazuh.a + + $(BUILD_SERVER) $(BUILD_AGENT) $(WINDOWS_BINS): $(BUILD_LIBS) + diff --git a/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch b/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch new file mode 100644 index 0000000..f35dbf9 --- /dev/null +++ b/recipes-scanners/wazuh/files-4.4/0003-CMakeLists.patch @@ -0,0 +1,65 @@ +diff --git a/src/shared_modules/dbsync/CMakeLists.txt b/src/shared_modules/dbsync/CMakeLists.txt +index 02bf1aa7f7..a9e9bda451 100644 +--- a/src/shared_modules/dbsync/CMakeLists.txt ++++ b/src/shared_modules/dbsync/CMakeLists.txt +@@ -43,10 +43,15 @@ include_directories(${CMAKE_SOURCE_DIR}/include/) + include_directories(${CMAKE_SOURCE_DIR}/src/) + include_directories(${SHARED_MODULES}/utils/) + include_directories(${SHARED_MODULES}/common/) ++include_directories(${STAGING_DIR}/usr/include/) ++include_directories(${STAGING_DIR}/usr/include/cjson/) ++include_directories(${STAGING_DIR}/usr/include/curl/) + + link_directories(${SRC_FOLDER}) + link_directories(${SRC_FOLDER}/external/sqlite/) + link_directories(${SRC_FOLDER}/external/cJSON/) ++link_directories(${STAGING_DIR}/lib/) ++link_directories(${STAGING_DIR}/usr/lib/) + + file(GLOB DBSYNC_SRC + "${CMAKE_SOURCE_DIR}/src/*.cpp" +diff --git a/src/shared_modules/rsync/CMakeLists.txt b/src/shared_modules/rsync/CMakeLists.txt +index 22c791405e..6dd2182b89 100644 +--- a/src/shared_modules/rsync/CMakeLists.txt ++++ b/src/shared_modules/rsync/CMakeLists.txt +@@ -45,11 +45,16 @@ include_directories(${CMAKE_SOURCE_DIR}/src/) + include_directories(${SHARED_MODULES}/dbsync/include/) + include_directories(${SHARED_MODULES}/utils/) + include_directories(${SHARED_MODULES}/common/) ++include_directories(${STAGING_DIR}/usr/include/) ++include_directories(${STAGING_DIR}/usr/include/cjson/) ++include_directories(${STAGING_DIR}/usr/include/curl/) + + link_directories(${SHARED_MODULES}/dbsync/build/lib/) + link_directories(${SRC_FOLDER}) + link_directories(${SRC_FOLDER}/external/cJSON/) + link_directories(${SRC_FOLDER}/external/openssl/) ++link_directories(${STAGING_DIR}/lib/) ++link_directories(${STAGING_DIR}/usr/lib/) + + file(GLOB RSYNC_SRC + "${CMAKE_SOURCE_DIR}/src/*.cpp") +diff --git a/src/data_provider/CMakeLists.txt b/src/data_provider/CMakeLists.txt +index 84c5710d1a..5493364c7b 100644 +--- a/src/data_provider/CMakeLists.txt ++++ b/src/data_provider/CMakeLists.txt +@@ -50,6 +50,10 @@ include_directories(${SRC_FOLDER}/external/pacman/lib/libalpm/) + include_directories(${SRC_FOLDER}/external/libarchive/libarchive/) + include_directories(${SRC_FOLDER}/external/rpm/builddir/output/include/) + endif(NOT CMAKE_CHECK_CENTOS5) ++include_directories(${STAGING_DIR}/usr/include/) ++include_directories(${STAGING_DIR}/usr/include/cjson/) ++include_directories(${STAGING_DIR}/usr/include/curl/) ++ + + link_directories(${SRC_FOLDER}) + link_directories(${SRC_FOLDER}/external/sqlite/) +@@ -64,6 +68,8 @@ link_directories(${SRC_FOLDER}/external/libarchive/.libs/) + link_directories(${SRC_FOLDER}/external/rpm/builddir/) + endif(NOT CMAKE_CHECK_CENTOS5) + link_directories(${SRC_FOLDER}/external/openssl/) ++link_directories(${STAGING_DIR}/lib/) ++link_directories(${STAGING_DIR}/usr/lib/) + + + diff --git a/recipes-scanners/wazuh/files-4.4/ossec.conf b/recipes-scanners/wazuh/files-4.4/ossec.conf new file mode 100644 index 0000000..01b87b4 --- /dev/null +++ b/recipes-scanners/wazuh/files-4.4/ossec.conf @@ -0,0 +1,188 @@ + + + + + +
MANAGER_IP
+ 1514 + tcp + + yocto, zeus + 10 + 60 + yes + aes + + + + + no + 5000 + 500 + + + + + no + yes + yes + yes + yes + yes + yes + yes + + + 43200 + + etc/shared/rootkit_files.txt + etc/shared/rootkit_trojans.txt + + yes + + + + yes + 1800 + 1d + yes + + wodles/java + wodles/ciscat + + + + + yes + yes + /var/log/osquery/osqueryd.results.log + /etc/osquery/osquery.conf + yes + + + + + no + 1h + yes + yes + yes + yes + yes + yes + yes + + + + 10 + + + + + yes + yes + 12h + yes + + + + + no + + + 43200 + + yes + + + /etc,/usr/bin,/usr/sbin + /bin,/sbin,/boot + + + /etc/mtab + /etc/hosts.deny + /etc/mail/statistics + /etc/random-seed + /etc/random.seed + /etc/adjtime + /etc/httpd/logs + /etc/utmpx + /etc/wtmpx + /etc/cups/certs + /etc/dumpdates + /etc/svc/volatile + + + .log$|.swp$ + + + /etc/ssl/private.key + + yes + yes + yes + yes + + + 10 + + + 100 + + + + yes + 5m + 1h + 10 + + + + + + syslog + /var/ossec/logs/active-responses.log + + + + syslog + /var/log/dpkg.log + + + + command + df -P + 360 + + + + full_command + netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d + netstat listening ports + 360 + + + + full_command + last -n 20 + 360 + + + + + no + etc/wpk_root.pem + /path/to/my_cert.pem + yes + + + + + plain + + + diff --git a/recipes-scanners/wazuh/files-4.4/wazuh-agent.service b/recipes-scanners/wazuh/files-4.4/wazuh-agent.service new file mode 100644 index 0000000..2b6529c --- /dev/null +++ b/recipes-scanners/wazuh/files-4.4/wazuh-agent.service @@ -0,0 +1,18 @@ +[Unit] +Description=Wazuh agent +Wants=network-online.target +After=network.target network-online.target + +[Service] +Type=forking + +Environment="LD_LIBRARY_PATH=/var/ossec/lib" +ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start +ExecStop=/usr/bin/env /var/ossec/bin/wazuh-control stop +ExecReload=/usr/bin/env /var/ossec/bin/wazuh-control reload + +KillMode=process +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb b/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb index d179698..a63db82 100644 --- a/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb +++ b/recipes-scanners/wazuh/wazuh-agent_4.4.0.bb @@ -5,7 +5,7 @@ SUMMARY = "The agent runs on the host you want to monitor and communicates with MAINTAINER = "Vincent BENOIT " LIC_FILES_CHKSUM = "file://LICENSE;md5=i522ae3a9266aa0b86a5f314c85dbb560" LICENSE = "CLOSED" -FILESEXTRAPATHS:prepend := "${THISDIR}/files:" +FILESEXTRAPATHS:prepend := "${THISDIR}/files-4.4:" DEPENDS = "curl-native \ audit-userspace \ @@ -31,6 +31,7 @@ DEPENDS = "curl-native \ popt \ msgpack-c \ rpm \ + pacman \ cmake-native \ wazuh-users \ " @@ -44,7 +45,6 @@ SRC_URI = " \ file://ossec.conf \ file://wazuh-agent.service \ file://0001-Makefile.patch \ - file://0002-headers-correction.patch \ file://0003-CMakeLists.patch \ " @@ -56,6 +56,7 @@ SYSTEMD_AUTO_ENABLE = "enable" SYSTEMD_SERVICE:${PN} = "wazuh-agent.service" EXTRA_OEMAKE = ' \ + -j 1 \ CC="${CC}" \ CXX="${CXX}" \ RANLIB="${RANLIB}" \ diff --git a/scripts/envsetup.sh b/scripts/envsetup.sh index 7445b19..4e03359 100644 --- a/scripts/envsetup.sh +++ b/scripts/envsetup.sh @@ -31,11 +31,11 @@ then fi if [ "a${DISTRO}" = "a" ]; then - DISTRO="pengwyn-distro" + DISTRO="rpi-distro" fi if [ "a${MACHINE}" = "a" ]; then - MACHINE="pengwyn" + MACHINE="raspberrypi" fi if [ "a${VERS}" = "a" ]; then