254 lines
14 KiB
BlitzBasic
254 lines
14 KiB
BlitzBasic
# Copyright (C) 2023 Vincent BENOIT <vincent.benoit@scle.fr>
|
|
# Release under the MIT license (see COPYING.MIT for the terms)
|
|
HOMEPAGE = "https://documentation.wazuh.com/current/installation-guide/wazuh-agent/wazuh-agent-package-linux.html"
|
|
SUMMARY = "The agent runs on the host you want to monitor and communicates with the Wazuh server"
|
|
MAINTAINER = "Vincent BENOIT <vincent.benoit@benserv.fr>"
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=i522ae3a9266aa0b86a5f314c85dbb560"
|
|
LICENSE = "CLOSED"
|
|
FILESEXTRAPATHS:prepend := "${THISDIR}/files-4.4:"
|
|
|
|
DEPENDS = "curl-native \
|
|
audit-userspace \
|
|
cjson \
|
|
curl \
|
|
libffi \
|
|
procps \
|
|
openssl \
|
|
libyaml \
|
|
libdbi \
|
|
libffi \
|
|
libyaml \
|
|
openssl \
|
|
procps \
|
|
sqlite3 \
|
|
zlib \
|
|
bzip2 \
|
|
nlohmann-json \
|
|
googletest \
|
|
libpcre2 \
|
|
libplist \
|
|
libarchive \
|
|
popt \
|
|
msgpack-c \
|
|
rpm \
|
|
db \
|
|
pacman \
|
|
cmake-native \
|
|
wazuh-users \
|
|
"
|
|
|
|
RDEPENDS:${PN} += "wazuh-users"
|
|
|
|
inherit systemd
|
|
|
|
SRC_URI = " \
|
|
git://github.com/wazuh/wazuh.git;protocol=https;branch=master \
|
|
file://ossec.conf \
|
|
file://wazuh-agent.service \
|
|
file://0001-Makefile.patch \
|
|
file://0002-headers-correction.patch \
|
|
file://0003-CMakeLists.patch \
|
|
"
|
|
|
|
SRCREV = "c7fc9bac7ccfdda6edfa6befc77545533ded039b"
|
|
PV = "4.4.0"
|
|
S = "${WORKDIR}/git"
|
|
|
|
SYSTEMD_AUTO_ENABLE = "enable"
|
|
SYSTEMD_SERVICE:${PN} = "wazuh-agent.service"
|
|
|
|
EXTRA_OEMAKE = ' \
|
|
-j 1 \
|
|
CC="${CC}" \
|
|
CXX="${CXX}" \
|
|
RANLIB="${RANLIB}" \
|
|
AR="${AR}" \
|
|
CFLAGS="${CFLAGS} -I${STAGING_INCDIR} -I${STAGING_INCDIR}/cjson -I${STAGING_INCDIR}/curl" \
|
|
LDFLAGS="-Wl,--sysroot=${STAGING_DIR_TARGET} -L${STAGING_LIBDIR} -lm -lcjson -lssl -lcrypto -lpcre2-8 -lz -lsqlite3 -lyaml -lcurl -lmsgpackc -laudit -lprocps -lrpm -lalpm -ldb" \
|
|
CMAKE_OPTS="-DSTAGING_DIR=${STAGING_DIR_TARGET}" \
|
|
'
|
|
do_compile() {
|
|
(cd src && oe_runmake TARGET=agent INSTALLDIR="/var/ossec")
|
|
}
|
|
|
|
do_install() {
|
|
install -d ${D}${systemd_unitdir}/system/
|
|
install -m 0644 ${WORKDIR}/wazuh-agent.service ${D}${systemd_unitdir}/system/
|
|
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec
|
|
install -d ${D}${localstatedir}/ossec/lib
|
|
install -m 0750 -o root -g wazuh ${S}/src/libwazuhext.so ${D}${localstatedir}/ossec/lib/
|
|
install -m 0750 -o root -g wazuh ${S}/src/libwazuhshared.so ${D}${localstatedir}/ossec/lib/
|
|
install -m 0750 -o root -g wazuh ${S}/src/shared_modules/dbsync/build/lib/libdbsync.so ${D}${localstatedir}/ossec/lib/
|
|
install -m 0750 -o root -g wazuh ${S}/src/shared_modules/rsync/build/lib/librsync.so ${D}${localstatedir}/ossec/lib/
|
|
install -m 0750 -o root -g wazuh ${S}/src/data_provider/build/lib/libsysinfo.so ${D}${localstatedir}/ossec/lib/
|
|
install -m 0750 -o root -g wazuh ${S}/src/wazuh_modules/syscollector/build/lib/libsyscollector.so ${D}${localstatedir}/ossec/lib/
|
|
|
|
chrpath -d ${D}${localstatedir}/ossec/lib/librsync.so
|
|
chrpath -d ${D}${localstatedir}/ossec/lib/libdbsync.so
|
|
chrpath -d ${D}${localstatedir}/ossec/lib/libsysinfo.so
|
|
chrpath -d ${D}${localstatedir}/ossec/lib/libsyscollector.so
|
|
|
|
install -d ${D}${localstatedir}/ossec/bin
|
|
install -m 0750 ${S}/src/wazuh-agentd ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/agent-auth ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/wazuh-logcollector ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/wazuh-syscheckd ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/wazuh-execd ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/manage_agents ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/wazuh-modulesd ${D}${localstatedir}/ossec/bin/
|
|
install -m 0750 ${S}/src/init/wazuh-client.sh ${D}${localstatedir}/ossec/bin/wazuh-control
|
|
|
|
chrpath -d ${D}${localstatedir}/ossec/bin/wazuh-syscheckd
|
|
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/tmp
|
|
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/queue
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/rids
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/alerts
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/sockets
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/diff
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/fim
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/fim/db
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/syscollector
|
|
install -m 0640 -o root -g wazuh ${S}/src/wazuh_modules/syscollector/norm_config.json ${D}${localstatedir}/ossec/queue/syscollector/
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/syscollector/db
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/queue/logcollector
|
|
#install -d -o root -g wazuh ${D}${localstatedir}/ossec/incoming
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/ruleset/sca
|
|
install -m 0640 -o root -g wazuh ${S}/ruleset/sca/generic/*.yml ${D}${localstatedir}/ossec/ruleset/sca/
|
|
install -m 0640 -o root -g wazuh ${S}/ruleset/sca/mongodb/*.yml ${D}${localstatedir}/ossec/ruleset/sca/
|
|
install -m 0640 -o root -g wazuh ${S}/ruleset/sca/applications/*.yml ${D}${localstatedir}/ossec/ruleset/sca/
|
|
install -m 0640 -o root -g wazuh ${S}/ruleset/sca/nginx/*.yml ${D}${localstatedir}/ossec/ruleset/sca/
|
|
install -m 0640 -o root -g wazuh ${S}/ruleset/sca/debian/*.yml ${D}${localstatedir}/ossec/ruleset/sca/
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/etc/shared
|
|
install -m 0660 -o root -g wazuh ${S}/ruleset/rootcheck/db/*.txt ${D}${localstatedir}/ossec/etc/shared/
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud/pubsub
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/gcloud/buckets
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/wodles
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/__init__.py ${D}${localstatedir}/ossec/wodles/
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/utils.py ${D}${localstatedir}/ossec/wodles/
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/aws
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/aws/aws_s3.py ${D}${localstatedir}/ossec/wodles/aws/aws-s3
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/gcloud.py ${D}${localstatedir}/ossec/wodles/gcloud/gcloud
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/integration.py ${D}${localstatedir}/ossec/wodles/gcloud/
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/tools.py ${D}${localstatedir}/ossec/wodles/gcloud/
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/exceptions.py ${D}${localstatedir}/ossec/wodles/gcloud/
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/bucket.py ${D}${localstatedir}/ossec/wodles/gcloud/buckets/
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/buckets/access_logs.py ${D}${localstatedir}/ossec/wodles/gcloud/buckets/
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/gcloud/pubsub/subscriber.py ${D}${localstatedir}/ossec/wodles/gcloud/pubsub/
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/docker
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/docker-listener/DockerListener.py ${D}${localstatedir}/ossec/wodles/docker/DockerListener
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/wodles/azure
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/azure/azure-logs.py ${D}${localstatedir}/ossec/wodles/azure/azure-logs
|
|
install -m 0750 -o root -g wazuh ${S}/wodles/azure/orm.py ${D}${localstatedir}/ossec/wodles/azure/
|
|
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/etc
|
|
install -m 0660 -o root -g wazuh ${WORKDIR}/ossec.conf ${D}${localstatedir}/ossec/etc/
|
|
install -m 0640 -o root -g wazuh ${S}/etc/wpk_root.pem ${D}${localstatedir}/ossec/etc/
|
|
touch ${D}${localstatedir}/ossec/etc/client.keys
|
|
chown -R root:wazuh ${D}${localstatedir}/ossec/etc/client.keys
|
|
|
|
install -m 0640 -o root -g wazuh ${S}/etc/internal_options.conf ${D}${localstatedir}/ossec/etc/
|
|
install -m 0640 -o root -g wazuh ${S}/etc/local_internal_options.conf ${D}${localstatedir}/ossec/etc/
|
|
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/active-response
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/active-response/bin
|
|
install -m 0750 -o root -g wazuh ${S}/src/firewalld-drop ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/wazuh-slack ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/route-null ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/restart-wazuh ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/kaspersky ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/ip-customblock ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/pf ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/npf ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/ipfw ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/default-firewall-drop ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/disable-account ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/host-deny ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/active-response/kaspersky.py ${D}${localstatedir}/ossec/active-response/bin/
|
|
install -m 0750 -o root -g wazuh ${S}/src/active-response/restart.sh ${D}${localstatedir}/ossec/active-response/bin/
|
|
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/agentless
|
|
install -m 0750 -o root -g wazuh ${S}/src/agentlessd/scripts/* ${D}${localstatedir}/ossec/agentless/
|
|
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/var
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/var/run
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/upgrade
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/selinux
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/var/incoming
|
|
install -d -o root -g wazuh ${D}${localstatedir}/ossec/backup
|
|
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/logs
|
|
touch ${D}${localstatedir}/ossec/logs/ossec.log
|
|
chown -R wazuh:wazuh ${D}${localstatedir}/ossec/logs/ossec.log
|
|
touch ${D}${localstatedir}/ossec/logs/active-responses.log
|
|
chown -R wazuh:wazuh ${D}${localstatedir}/ossec/logs/active-responses.log
|
|
|
|
touch ${D}${localstatedir}/ossec/logs/ossec.json
|
|
chown -R wazuh:wazuh ${D}${localstatedir}/ossec/logs/ossec.json
|
|
install -d -o wazuh -g wazuh ${D}${localstatedir}/ossec/logs/wazuh
|
|
}
|
|
|
|
FILES:${PN} += " \
|
|
${systemd_unitdir}/system/wazuh-agent.service \
|
|
${localstatedir}/ossec/lib/*.so \
|
|
${localstatedir}/ossec/bin/wazuh-agentd \
|
|
${localstatedir}/ossec/bin/agent-auth \
|
|
${localstatedir}/ossec/bin/wazuh-logcollector \
|
|
${localstatedir}/ossec/bin/wazuh-syscheckd \
|
|
${localstatedir}/ossec/bin/wazuh-execd \
|
|
${localstatedir}/ossec/bin/manage_agents \
|
|
${localstatedir}/ossec/bin/wazuh-modulesd \
|
|
${localstatedir}/ossec/bin/wazuh-control \
|
|
${localstatedir}/ossec/queue/syscollector/norm_config.json \
|
|
${localstatedir}/ossec/etc/ossec.conf \
|
|
${localstatedir}/ossec/etc/shared/*.txt \
|
|
${localstatedir}/ossec/etc/wpk_root.pem \
|
|
${localstatedir}/ossec/etc/client.keys \
|
|
${localstatedir}/ossec/etc/internal_options.conf \
|
|
${localstatedir}/ossec/etc/local_internal_options.conf \
|
|
${localstatedir}/ossec/active-response/bin/firewalld-drop \
|
|
${localstatedir}/ossec/active-response/bin/wazuh-slack \
|
|
${localstatedir}/ossec/active-response/bin/route-null \
|
|
${localstatedir}/ossec/active-response/bin/restart-wazuh \
|
|
${localstatedir}/ossec/active-response/bin/kaspersky \
|
|
${localstatedir}/ossec/active-response/bin/ip-customblock \
|
|
${localstatedir}/ossec/active-response/bin/pf \
|
|
${localstatedir}/ossec/active-response/bin/npf \
|
|
${localstatedir}/ossec/active-response/bin/ipfw \
|
|
${localstatedir}/ossec/active-response/bin/default-firewall-drop \
|
|
${localstatedir}/ossec/active-response/bin/disable-account \
|
|
${localstatedir}/ossec/active-response/bin/host-deny \
|
|
${localstatedir}/ossec/active-response/bin/kapersky.py \
|
|
${localstatedir}/ossec/active-response/bin/restart.sh \
|
|
${localstatedir}/ossec/ruleset/sca/generic/*.yml \
|
|
${localstatedir}/ossec/ruleset/sca/mongodb/*.yml \
|
|
${localstatedir}/ossec/ruleset/sca/applications/*.yml \
|
|
${localstatedir}/ossec/ruleset/sca/nginx/*.yml \
|
|
${localstatedir}/ossec/ruleset/sca/debian/*.yml \
|
|
${localstatedir}/ossec/wodles/__init__.py \
|
|
${localstatedir}/ossec/wodles/utils.py \
|
|
${localstatedir}/ossec/wodles/aws/aws-s3 \
|
|
${localstatedir}/ossec/wodles/gcloud/gcloud \
|
|
${localstatedir}/ossec/wodles/gcloud/integration.py \
|
|
${localstatedir}/ossec/wodles/gcloud/tools.py \
|
|
${localstatedir}/ossec/wodles/gcloud/exceptions.py \
|
|
${localstatedir}/ossec/wodles/gcloud/buckets/bucket.py \
|
|
${localstatedir}/ossec/wodles/gcloud/buckets/access_logs.py \
|
|
${localstatedir}/ossec/wodles/gcloud/pubsub/subscriber.py \
|
|
${localstatedir}/ossec/wodles/docker/DockerListener \
|
|
${localstatedir}/ossec/wodles/azure/azure-logs \
|
|
${localstatedir}/ossec/wodles/azure/orm.py \
|
|
${localstatedir}/ossec/agentless/* \
|
|
${localstatedir}/ossec/logs/ossec.log \
|
|
${localstatedir}/ossec/logs/ossec.json \
|
|
"
|
|
|
|
INSANE_SKIP:${PN} = "ldflags already-stripped"
|
|
#For dev packages only
|
|
INSANE_SKIP:${PN}-dev = "ldflags already-stripped"
|