testing/ossec-hids: upgrade to 3.6.0

ossec-hids can work as server,agent,local config.
Each one wants different build options, but have something
in common (like the init). So this becomes a dependency of
the various different types of ossec-hids.

4 files changed, 8 insertions, 174 deletions

diff --git a/testing/ossec-hids/APKBUILD b/testing/ossec-hids/APKBUILD
index e9a2883f4dc..d3e9bdf07e1 100644
--- a/testing/ossec-hids/APKBUILD
+++ b/testing/ossec-hids/APKBUILD
@@ -1,27 +1,21 @@
 # Contributor: Francesco Colista <fcolista@alpinelinux.org>
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=ossec-hids
-pkgver=3.5.0
+pkgver=3.6.0
 pkgrel=0
-pkgdesc="Open Source Host-based Intrusion Detection System"
+pkgdesc="Open Source Host-based Intrusion Detection System - meta package"
 url="https://www.ossec.net/"
-arch="all !aarch64 !armhf !armv7"
+arch="noarch"
 license="GPL-2.0-only WITH openssl-exception"
 depends="inotify-tools procps"
 makedepends="linux-headers bsd-compat-headers openssl-dev
 libevent-dev inotify-tools-dev findutils file zlib-dev pcre2-dev
 sqlite-dev lua5.3-dev"
 install="$pkgname.pre-install"
-options="!check"
 subpackages="$pkgname-doc $pkgname-contrib::noarch $pkgname-openrc"
 pkgusers="ossec ossecm ossecr"
 pkggroups="ossec"
-source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/$pkgname/archive/v$pkgver.tar.gz
-	$pkgname.initd
-	$pkgname.logrotate
-	musl_lack_of_a_out_h.patch
-	makefile.patch
-	config"
+source="$pkgname-$pkgver.tar.gz::https://github.com/ossec/ossec-hids/archive/v$pkgver.tar.gz"
 
 prepare() {
 	default_prepare
@@ -32,42 +26,12 @@ prepare() {
 }
 
 build() {
-	cd "$builddir"/src
-	for t in server agent; do
-		make clean
-		make TARGET=$t \
-			USE_INOTIFY=yes \
-			USE_SQLITE=yes \
-			LUA_ENABLE=yes \
-			V=1
-	done
+	return 0
 }
 
 package() {
-	install -D -m755 "$srcdir"/$pkgname.initd \
-		"$pkgdir"/etc/init.d/$pkgname
-	install -m644 -D "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname
-
-	mkdir -p "$pkgdir"/var/ossec/etc
-    cat << EOF > "$pkgdir"/var/ossec/etc/ossec-init.conf
-DIRECTORY="/var/ossec"
-VERSION="$(cat src/VERSION)"
-DATE="$(date)"
-TYPE="server"
-EOF
-
-	set -- $pkgusers
-	cd "$builddir"/src
-	find "$pkgdir" -user nobody -exec chown 524 '{}' ';'
-	find "$pkgdir" -user mail -exec chown 525 '{}' ';'
-	find "$pkgdir" -user daemon -exec chown 526 '{}' ';'
-	find "$pkgdir" -group nobody -exec chgrp 525 '{}' ';'
-
-	mkdir -p "$pkgdir"/var/ossec
-
-	for t in server agent; do
-		make TARGET="$t" PREFIX="$pkgdir"/var/ossec install
-	done
+	install -Dm755 -D src/init/ossec-hids-alpine.init "$pkgdir"/etc/init.d/ossec-hids
+	install -Dm644 -D etc/ossec.conf "$pkgdir"/etc/ossec.conf
 }
 
 doc() {
@@ -87,9 +51,4 @@ contrib() {
 	done
 }
 
-sha512sums="8d23c2fd17f793a3c92e9088578e67273d9e4119ecb7ec2ef41e6bce5ca1c35eb3191ba7a5a8eae7859ecb93d8432b658d7691e41926684868a1b4947b7b1df6  ossec-hids-3.5.0.tar.gz
-62f52d91de3751c149b1c354ebb87c0a8c4a81129403b80a8448c5e6542a67b4aa9e132aab2429781913eb909320b431b381828e414d44235bb8e9a8959e0d8b  ossec-hids.initd
-6cdf4852feabfdd043405e2570bb9a3013eb11c1865e9178fb67a019717d44fb0fedba05ab74c4334a1bae0a0c45912213dd7d6c7e1eab31853d40beea7596a0  ossec-hids.logrotate
-4e076581cc3977c527f30da6c43552db18bc35ea7b745c1504f4d15ebfbcef42c9604804af28fc90744a85f847a0f0c5bf991476cae71e3d860adb7cfa33a63b  musl_lack_of_a_out_h.patch
-cf747dce1b9b744faed55a7c7df30c203286bcbec7ea97c0b34c5c3c2db7dd7793f88335fa4d2e2c37c0ec60f8140e875bfe1fb40f77266b121335c24e4ef257  makefile.patch
-be6d503defc03bb1f39dbeeba793ed552243630403def629b35ced46b0441ffa34455ee942ca018c8ec33ca4661901b569eed8dc52e96951312814e492e94eb3  config"
+sha512sums="1f5e897de757df264dfb56def74b7d8f886b6b9d772b5b3d0197c9cd00a32fd7fd8a7b53566851fea3cd74d433b5594cbd074e50b7dbe36305fb3c243e8ddcf5  ossec-hids-3.6.0.tar.gz"
diff --git a/testing/ossec-hids/config b/testing/ossec-hids/config
deleted file mode 100644
index abcece68177..00000000000
--- a/testing/ossec-hids/config
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh
-
-# Do you want to update it? (y/n) [y]:
-export USER_UPDATE=y
-
-# Do you want to update the rules? (y/n) [y]:
-export USER_UPDATE_RULES=y
-
-# User Language:
-export USER_LANGUAGE=en
-
-# Do you want e-mail notification? (y/n) [y]:
-export USER_ENABLE_EMAIL=y
-# What's your e-mail address?
-export USER_EMAIL_ADDRESS=foo@example.com
-#  What's your SMTP server ip/host?
-export USER_EMAIL_SMTP=localhost
-
-# Do you want to run the integrity check daemon? (y/n) [y]:
-export USER_ENABLE_SYSCHECK=y
-
-#Do you want to run the rootkit detection engine? (y/n) [y]:
-export USER_ENABLE_ROOTCHECK=y
-
-#       Active response allows you to execute a specific 
-#       command based on the events received. For example,
-#       you can block an IP address or disable access for
-#       a specific user.  
-#       More information at:
-#       https://ossec.github.io/docs/manual/ar/
-#       
-#   - Do you want to enable active response? (y/n) [y]: 
-export USER_ENABLE_ACTIVE_RESPONSE=y
-
-#   - By default, we can enable the host-deny and the 
-#     firewall-drop responses. The first one will add
-#     a host to the /etc/hosts.deny and the second one
-#     will block the host on iptables (if linux) or on
-#     ipfilter (if Solaris, FreeBSD or NetBSD).
-#   - They can be used to stop SSHD brute force scans, 
-#     portscans and some other forms of attacks. You can 
-#     also add them to block on snort events, for example.
-#
-#   - Do you want to enable the firewall-drop response? (y/n) [y]:
-export USER_ENABLE_FIREWALL_RESPONSE=y
-
-# Do you want to add more IPs to the white list? (y/n)? [n]:
-# if set to y, installer will ask you to enter the list of IPs
-# if you want to use this feature, you must also export USER_NO_STOP=no
-export USER_WHITE_LIST=n
-
-# Do you want to enable remote syslog (port 514 udp)? (y/n) [y]:
-export USER_ENABLE_SYSLOG=y
-
-# IP address or hostname of the ossec server. Only used on agent installations.
-export USER_AGENT_SERVER_IP="127.0.0.1"
-# export USER_AGENT_SERVER_NAME
-# Agent's config profile name. This is used to create agent.conf configuration profiles
-# for this particular profile name. Only used on agent installations.
-# Can be any string. E.g. LinuxDBServer or WindowsDomainController
-export USER_AGENT_CONFIG_PROFILE="generic"
-
-
diff --git a/testing/ossec-hids/ossec-hids.initd b/testing/ossec-hids/ossec-hids.initd
deleted file mode 100755
index fd08d0b4083..00000000000
--- a/testing/ossec-hids/ossec-hids.initd
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/sbin/openrc-run
-DIRECTORY="/var/ossec"
-OSSEC_CONTROL="${DIRECTORY}/bin/ossec-control"
-
-depend() {
-	need net
-	use logger
-}
-
-configtest() {
-	ebegin "Checking OSSEC Configuration"
-	checkconfig
-	eend $?
-}
-
-checkconfig() {
-	CONFIGFILE="${CONFIGFILE:-${DIRECTORY}/etc/ossec.conf}"
-	if [ ! -r "${CONFIGFILE}" ]; then
-		eerror "Unable to read configuration file: ${CONFIGFILE}"
-		return 1
-	fi
-
-	# Maybe put some kind of config file syntax checking in here?  XML is a little different
-	# so maybe not.	
-	return $ret
-}
-
-start() {
-	checkconfig || return 1
-	ebegin "Starting ossec-hids"
-	${OSSEC_CONTROL} start > /dev/null 2>&1
-	eend $?
-}
-
-stop() {
-	checkconfig || return 1
-	ebegin "Stopping ossec-hids"
-	${OSSEC_CONTROL} stop > /dev/null 2>&1
-	eend $?
-}
-
-restart() {
-	if ! service_started "${myservice}" ; then
-		eerror "OSSEC is not running! Please start it before trying to reload it."
-	else
-		checkconfig || return 1
-		ebegin "Reloading ossec"
-		svc_stop ${OSSEC_CONTROL}
-		svc_start ${OSSEC_CONTROL}
-		eend $?
-	fi
-}
-
-status() {
-	checkconfig || return 1
-	${OSSEC_CONTROL} status
-}
diff --git a/testing/ossec-hids/ossec-hids.logrotate b/testing/ossec-hids/ossec-hids.logrotate
deleted file mode 100644
index 7b6406819f6..00000000000
--- a/testing/ossec-hids/ossec-hids.logrotate
+++ /dev/null
@@ -1,5 +0,0 @@
-/var/ossec/logs/active-responses.log /var/ossec/logs/ossec.log {
-    missingok
-    notifempty
-    copytruncate
-}