# Copyright (C) 2023 Vincent BENOIT # Release under the MIT license (see COPYING.MIT for the terms) HOMEPAGE = "https://documentation.wazuh.com/current/installation-guide/wazuh-agent/wazuh-agent-package-linux.html" SUMMARY = "The agent runs on the host you want to monitor and communicates with the Wazuh server" MAINTAINER = "Vincent BENOIT " LIC_FILES_CHKSUM = "file://LICENSE;md5=i522ae3a9266aa0b86a5f314c85dbb560" LICENSE = "CLOSED" FILESEXTRAPATHS:prepend := "${THISDIR}/files-4.4:" DEPENDS = "curl-native \ audit-userspace \ cjson \ curl \ libffi \ procps \ openssl \ libyaml \ libdbi \ libffi \ libyaml \ openssl \ procps \ sqlite3 \ zlib \ bzip2 \ nlohmann-json \ googletest \ libpcre2 \ libplist \ libarchive \ popt \ msgpack-c \ rpm \ pacman \ cmake-native \ wazuh-users \ " RDEPENDS:${PN} += "wazuh-users" inherit systemd SRC_URI = " \ git://github.com/wazuh/wazuh.git;protocol=https;branch=master \ file://ossec.conf \ file://wazuh-agent.service \ file://0001-Makefile.patch \ file://0003-CMakeLists.patch \ " SRCREV = "c7fc9bac7ccfdda6edfa6befc77545533ded039b" PV = "4.4.0" S = "${WORKDIR}/git" SYSTEMD_AUTO_ENABLE = "enable" SYSTEMD_SERVICE:${PN} = "wazuh-agent.service" EXTRA_OEMAKE = ' \ -j 1 \ CC="${CC}" \ CXX="${CXX}" \ RANLIB="${RANLIB}" \ AR="${AR}" \ CFLAGS="${CFLAGS} -I${STAGING_INCDIR} -I${STAGING_INCDIR}/cjson -I${STAGING_INCDIR}/curl" \ LDFLAGS="-Wl,--sysroot=${STAGING_DIR_TARGET} -L${STAGING_LIBDIR} -lm -lcjson -lssl -lcrypto -lpcre2-8 -lz -lsqlite3 -lyaml -lcurl -lmsgpackc -laudit -lprocps" \ CMAKE_OPTS="-DSTAGING_DIR=${STAGING_DIR_TARGET}" \ ' do_compile() { (cd src && oe_runmake TARGET=agent INSTALLDIR="/var/ossec") } do_install() { install -d ${D}${systemd_unitdir}/system/ install -m 0644 ${WORKDIR}/wazuh-agent.service ${D}${systemd_unitdir}/system/ install -d -o root -g wazuh ${D}/var/ossec install -d ${D}/var/ossec/lib install -m 0750 -o root -g wazuh ${S}/src/libwazuhext.so ${D}/var/ossec/lib/ install -m 0750 -o root -g wazuh ${S}/src/libwazuhshared.so ${D}/var/ossec/lib/ install -m 0750 -o root -g wazuh ${S}/src/shared_modules/dbsync/build/lib/libdbsync.so ${D}/var/ossec/lib/ install -m 0750 -o root -g wazuh ${S}/src/shared_modules/rsync/build/lib/librsync.so ${D}/var/ossec/lib/ install -m 0750 -o root -g wazuh ${S}/src/syscheckd/build/lib/libfimdb.so ${D}/var/ossec/lib/ chrpath -d ${D}/var/ossec/lib/libfimdb.so chrpath -d ${D}/var/ossec/lib/librsync.so chrpath -d ${D}/var/ossec/lib/libdbsync.so install -d ${D}/var/ossec/bin install -m 0750 ${S}/src/wazuh-agentd ${D}/var/ossec/bin/ install -m 0750 ${S}/src/agent-auth ${D}/var/ossec/bin/ install -m 0750 ${S}/src/wazuh-logcollector ${D}/var/ossec/bin/ install -m 0750 ${S}/src/syscheckd/build/bin/wazuh-syscheckd ${D}/var/ossec/bin/ install -m 0750 ${S}/src/wazuh-execd ${D}/var/ossec/bin/ install -m 0750 ${S}/src/manage_agents ${D}/var/ossec/bin/ install -m 0750 ${S}/src/wazuh-modulesd ${D}/var/ossec/bin/ install -m 0750 ${S}/src/init/wazuh-client.sh ${D}/var/ossec/bin/wazuh-control chrpath -d ${D}/var/ossec/bin/wazuh-syscheckd install -d -o root -g wazuh ${D}${localstatedir}/ossec/tmp install -d -o root -g wazuh ${D}${localstatedir}/ossec/queue install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/rids install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/alerts install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/sockets install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/diff install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/fim install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/fim/db install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/syscollector install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/syscollector/db install -m 0640 ${S}/src/wazuh_modules/syscollector/norm_config.json ${D}/var/ossec/queue/syscollector/ chown root:wazuh ${D}/var/ossec/queue/syscollector/norm_config.json install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/logcollector install -d -o root -g wazuh ${D}${localstatedir}/ossec/incoming install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/generic install -m 0640 -o root -g wazuh ${S}/ruleset/sca/generic/*.yml ${D}/var/ossec/ruleset/sca/generic/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/mongodb install -m 0640 -o root -g wazuh ${S}/ruleset/sca/mongodb/*.yml ${D}/var/ossec/ruleset/sca/mongodb/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/applications install -m 0640 -o root -g wazuh ${S}/ruleset/sca/applications/*.yml ${D}/var/ossec/ruleset/sca/applications/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca/nginx install -m 0640 -o root -g wazuh ${S}/ruleset/sca/nginx/*.yml ${D}/var/ossec/ruleset/sca/nginx/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud/pubsub install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud/buckets install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/wodles install -m 0750 -o root -g wazuh ${S}/wodles/__init__.py ${D}/var/ossec/wodles/ install -m 0750 -o root -g wazuh ${S}/wodles/utils.py ${D}/var/ossec/wodles/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/aws install -m 0750 -o root -g wazuh ${S}/wodles/aws/aws_s3.py ${D}/var/ossec/wodles/aws/aws-s3 install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/gcloud.py ${D}/var/ossec/wodles/gcloud/gcloud install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/integration.py ${D}/var/ossec/wodles/gcloud/ install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/tools.py ${D}/var/ossec/wodles/gcloud/ install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/exceptions.py ${D}/var/ossec/wodles/gcloud/ install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/bucket.py ${D}/var/ossec/wodles/gcloud/buckets/ install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/access_logs.py ${D}/var/ossec/wodles/gcloud/buckets/ install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/pubsub/subscriber.py ${D}/var/ossec/wodles/gcloud/pubsub/ install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/docker install -m 0750 -o root -g wazuh ${S}/wodles/docker-listener/DockerListener.py ${D}/var/ossec/wodles/docker/DockerListener install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/azure install -m 0750 -o root -g wazuh ${S}/wodles/azure/azure-logs.py ${D}/var/ossec/wodles/azure/azure-logs install -m 0750 -o root -g wazuh ${S}/wodles/azure/orm.py ${D}/var/ossec/wodles/azure/ install -d -o wazuh -g wazuh ${D}/var/ossec/etc install -d -o root -g wazuh ${D}/var/ossec/etc/shared install -m 0660 -o root -g wazuh ${WORKDIR}/ossec.conf ${D}/var/ossec/etc/ install -m 0660 -o root -g wazuh ${S}/ruleset/rootcheck/db/*.txt ${D}/var/ossec/etc/shared/ install -m 0640 -o root -g wazuh ${S}/etc/wpk_root.pem ${D}/var/ossec/etc/ touch ${D}/var/ossec/etc/client.keys chown -R root:wazuh ${D}/var/ossec/etc/client.keys install -m 0640 -o root -g wazuh ${S}/etc/internal_options.conf ${D}/var/ossec/etc/ install -m 0640 -o root -g wazuh ${S}/etc/local_internal_options.conf ${D}/var/ossec/etc/ install -d -o root -g wazuh ${D}/var/ossec/active-response install -d -o root -g wazuh ${D}/var/ossec/active-response/bin install -m 0750 -o root -g wazuh ${S}/src/firewalld-drop ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/wazuh-slack ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/route-null ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/restart-wazuh ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/kaspersky ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/ip-customblock ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/pf ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/npf ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/ipfw ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/default-firewall-drop ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/disable-account ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/host-deny ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/active-response/kaspersky.py ${D}/var/ossec/active-response/bin/ install -m 0750 -o root -g wazuh ${S}/src/active-response/restart.sh ${D}/var/ossec/active-response/bin/ install -d -o root -g wazuh ${D}/var/ossec/agentless install -m 0750 -o root -g wazuh ${S}/src/agentlessd/scripts/* ${D}/var/ossec/agentless/ install -d -o root -g wazuh ${D}/var/ossec/var install -d -o wazuh -g wazuh ${D}/var/ossec/var/run install -d -o root -g wazuh ${D}/var/ossec/var/upgrade install -d -o root -g wazuh ${D}/var/ossec/var/selinux install -d -o root -g wazuh ${D}/var/ossec/var/incoming install -d -o root -g wazuh ${D}/var/ossec/backup install -d -o wazuh -g wazuh ${D}/var/ossec/logs touch ${D}/var/ossec/logs/ossec.log chown -R wazuh:wazuh ${D}/var/ossec/logs/ossec.log touch ${D}/var/ossec/logs/ossec.json chown -R wazuh:wazuh ${D}/var/ossec/logs/ossec.json install -d -o wazuh -g wazuh ${D}/var/ossec/logs/wazuh } FILES:${PN} += " \ ${systemd_unitdir}/system/wazuh-agent.service \ /var/ossec/lib/libwazuhext.so \ /var/ossec/lib/libwazuhshared.so \ /var/ossec/lib/libdbsync.so \ /var/ossec/lib/librsync.so \ /var/ossec/lib/libfimdb.so \ /var/ossec/bin/wazuh-agentd \ /var/ossec/bin/agent-auth \ /var/ossec/bin/wazuh-logcollector \ /var/ossec/bin/wazuh-syscheckd \ /var/ossec/bin/wazuh-execd \ /var/ossec/bin/manage_agents \ /var/ossec/bin/wazuh-modulesd \ /var/ossec/bin/wazuh-control \ /var/ossec/etc/ossec.conf \ /var/ossec/etc/shared/*.txt \ /var/ossec/etc/wpk_root.pem \ /var/ossec/etc/client.keys \ /var/ossec/etc/internal_options.conf \ /var/ossec/etc/local_internal_options.conf \ /var/ossec/active-response/bin/firewalld-drop \ /var/ossec/active-response/bin/wazuh-slack \ /var/ossec/active-response/bin/route-null \ /var/ossec/active-response/bin/restart-wazuh \ /var/ossec/active-response/bin/kaspersky \ /var/ossec/active-response/bin/ip-customblock \ /var/ossec/active-response/bin/pf \ /var/ossec/active-response/bin/npf \ /var/ossec/active-response/bin/ipfw \ /var/ossec/active-response/bin/default-firewall-drop \ /var/ossec/active-response/bin/disable-account \ /var/ossec/active-response/bin/host-deny \ /var/ossec/active-response/bin/kapersky.py \ /var/ossec/active-response/bin/restart.sh \ /var/ossec/ruleset/sca/generic/*.yml \ /var/ossec/ruleset/sca/mongodb/*.yml \ /var/ossec/ruleset/sca/applications/*.yml \ /var/ossec/ruleset/sca/nginx/*.yml \ /var/ossec/wodles/__init__.py \ /var/ossec/wodles/utils.py \ /var/ossec/wodles/aws/aws-s3 \ /var/ossec/wodles/gcloud/gcloud \ /var/ossec/wodles/gcloud/integration.py \ /var/ossec/wodles/gcloud/tools.py \ /var/ossec/wodles/gcloud/exceptions.py \ /var/ossec/wodles/gcloud/buckets/bucket.py \ /var/ossec/wodles/gcloud/buckets/access_logs.py \ /var/ossec/wodles/gcloud/pubsub/subscriber.py \ /var/ossec/wodles/docker/DockerListener \ /var/ossec/wodles/azure/azure-logs \ /var/ossec/wodles/azure/orm.py \ /var/ossec/agentless/* \ /var/ossec/logs/ossec.log \ /var/ossec/logs/ossec.json \ " INSANE_SKIP:${PN} = "ldflags already-stripped" #For dev packages only INSANE_SKIP:${PN}-dev = "ldflags already-stripped"