1From d9ec907881b72d42b4918f7cfb46516ce8e77772 Mon Sep 17 00:00:00 2001 2From: Armin Kuster <akuster808@gmail.com> 3Date: Sat, 24 Apr 2021 23:07:29 +0000 4Subject: [PATCH 2/2] Makefile: don't set uid/gid 5 6Upstream-Status: Inappropriate [embedded specific] 7 8Signed-off-by: Armin Kuster <akuster808@gmail.com> 9--- 10 src/Makefile | 166 +++++++++++++++++++++++++-------------------------- 11 1 file changed, 83 insertions(+), 83 deletions(-) 12 13diff --git a/src/Makefile b/src/Makefile 14index dfb8cb58..a4d69ef6 100644 15--- a/src/Makefile 16+++ b/src/Makefile 17@@ -21,7 +21,7 @@ OSSEC_USER?=ossec 18 OSSEC_USER_MAIL?=ossecm 19 OSSEC_USER_REM?=ossecr 20 21-INSTALL_CMD?=install -m $(1) -o $(2) -g $(3) 22+INSTALL_CMD?=install -m $(1) 23 INSTALL_LOCALTIME?=yes 24 INSTALL_RESOLVCONF?=yes 25 26@@ -397,10 +397,10 @@ endif 27 install: install-${TARGET} 28 29 install-agent: install-common 30- $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin 31- $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin 32+ $(call INSTALL_CMD,0550) ossec-agentd ${PREFIX}/bin 33+ $(call INSTALL_CMD,0550) agent-auth ${PREFIX}/bin 34 35- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids 36+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rids 37 38 install-local: install-server-generic 39 40@@ -409,129 +409,129 @@ install-hybrid: install-server-generic 41 install-server: install-server-generic 42 43 install-common: build 44- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/ 45- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs 46- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log 47- 48- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin 49- $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin 50- $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin 51- $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin 52- $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin 53- $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/ 54- $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control 55+ $(call INSTALL_CMD,0550) -d ${PREFIX}/ 56+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs 57+ $(call INSTALL_CMD,0660) /dev/null ${PREFIX}/logs/ossec.log 58+ 59+ $(call INSTALL_CMD,0550) -d ${PREFIX}/bin 60+ $(call INSTALL_CMD,0550) ossec-logcollector ${PREFIX}/bin 61+ $(call INSTALL_CMD,0550) ossec-syscheckd ${PREFIX}/bin 62+ $(call INSTALL_CMD,0550) ossec-execd ${PREFIX}/bin 63+ $(call INSTALL_CMD,0550) manage_agents ${PREFIX}/bin 64+ $(call INSTALL_CMD,0550) ../contrib/util.sh ${PREFIX}/bin/ 65+ $(call INSTALL_CMD,0550) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control 66 67 ifeq (${LUA_ENABLE},yes) 68- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua 69- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native 70- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled 71- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ 72- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ 73+ $(call INSTALL_CMD,0550) -d ${PREFIX}/lua 74+ $(call INSTALL_CMD,0550) -d ${PREFIX}/lua/native 75+ $(call INSTALL_CMD,0550) -d ${PREFIX}/lua/compiled 76+ $(call INSTALL_CMD,0550) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/ 77+ $(call INSTALL_CMD,0550) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/ 78 endif 79 80- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue 81- $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts 82- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec 83- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck 84- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff 85+ $(call INSTALL_CMD,0550) -d ${PREFIX}/queue 86+ $(call INSTALL_CMD,0770) -d ${PREFIX}/queue/alerts 87+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/ossec 88+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/syscheck 89+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/diff 90 91- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc 92+ $(call INSTALL_CMD,0550) -d ${PREFIX}/etc 93 ifeq (${INSTALL_LOCALTIME},yes) 94- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc 95+ $(call INSTALL_CMD,0440) /etc/localtime ${PREFIX}/etc 96 endif 97 ifeq (${INSTALL_RESOLVCONF},yes) 98- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/resolv.conf ${PREFIX}/etc 99+ $(call INSTALL_CMD,0440) /etc/resolv.conf ${PREFIX}/etc 100 endif 101 102- $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp 103+ $(call INSTALL_CMD,1550) -d ${PREFIX}/tmp 104 105 ifneq (,$(wildcard /etc/TIMEZONE)) 106- $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/ 107+ $(call INSTALL_CMD,440) /etc/TIMEZONE ${PREFIX}/etc/ 108 endif 109 # Solaris Needs some extra files 110 ifeq (${uname_S},SunOS) 111- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/ 112+ $(call INSTALL_CMD,0550) -d ${PREFIX}/usr/share/lib/zoneinfo/ 113 cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/ 114 endif 115- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/ 116+ $(call INSTALL_CMD,0640) -b ../etc/internal_options.conf ${PREFIX}/etc/ 117 ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf)) 118- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf 119+ $(call INSTALL_CMD,0640) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf 120 endif 121 ifeq (,$(wildcard ${PREFIX}/etc/client.keys)) 122- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys 123+ $(call INSTALL_CMD,0640) /dev/null ${PREFIX}/etc/client.keys 124 endif 125 ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf)) 126 ifneq (,$(wildcard ../etc/ossec.mc)) 127- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf 128+ $(call INSTALL_CMD,0640) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf 129 else 130- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf 131+ $(call INSTALL_CMD,0640) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf 132 endif 133 endif 134 135- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared 136- $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/ 137+ $(call INSTALL_CMD,0770) -d ${PREFIX}/etc/shared 138+ $(call INSTALL_CMD,0640) rootcheck/db/*.txt ${PREFIX}/etc/shared/ 139 140- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response 141- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin 142- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless 143- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/ 144+ $(call INSTALL_CMD,0550) -d ${PREFIX}/active-response 145+ $(call INSTALL_CMD,0550) -d ${PREFIX}/active-response/bin 146+ $(call INSTALL_CMD,0550) -d ${PREFIX}/agentless 147+ $(call INSTALL_CMD,0550) agentlessd/scripts/* ${PREFIX}/agentless/ 148 149- $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh 150+ $(call INSTALL_CMD,0700) -d ${PREFIX}/.ssh 151 152- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/ 153- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ 154+ $(call INSTALL_CMD,0550) ../active-response/*.sh ${PREFIX}/active-response/bin/ 155+ $(call INSTALL_CMD,0550) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/ 156 157- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var 158- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run 159+ $(call INSTALL_CMD,0550) -d ${PREFIX}/var 160+ $(call INSTALL_CMD,0770) -d ${PREFIX}/var/run 161 162 163 install-server-generic: install-common 164- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log 165- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives 166- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts 167- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall 168- 169- $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin 170- $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin 171- $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin 172- $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin 173- $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin 174- $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin 175- $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin 176- $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin 177- $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin 178- $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin 179- $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin 180- $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/ 181- $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/ 182- $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/ 183- $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/ 184- $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/ 185- $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/ 186- $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/ 187- $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/ 188- 189- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats 190- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules 191+ $(call INSTALL_CMD,0660) /dev/null ${PREFIX}/logs/active-responses.log 192+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/archives 193+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/alerts 194+ $(call INSTALL_CMD,0750) -d ${PREFIX}/logs/firewall 195+ 196+ $(call INSTALL_CMD,0550) ossec-agentlessd ${PREFIX}/bin 197+ $(call INSTALL_CMD,0550) ossec-analysisd ${PREFIX}/bin 198+ $(call INSTALL_CMD,0550) ossec-monitord ${PREFIX}/bin 199+ $(call INSTALL_CMD,0550) ossec-reportd ${PREFIX}/bin 200+ $(call INSTALL_CMD,0550) ossec-maild ${PREFIX}/bin 201+ $(call INSTALL_CMD,0550) ossec-remoted ${PREFIX}/bin 202+ $(call INSTALL_CMD,0550) ossec-logtest ${PREFIX}/bin 203+ $(call INSTALL_CMD,0550) ossec-csyslogd ${PREFIX}/bin 204+ $(call INSTALL_CMD,0550) ossec-authd ${PREFIX}/bin 205+ $(call INSTALL_CMD,0550) ossec-dbd ${PREFIX}/bin 206+ $(call INSTALL_CMD,0550) ossec-makelists ${PREFIX}/bin 207+ $(call INSTALL_CMD,0550) verify-agent-conf ${PREFIX}/bin/ 208+ $(call INSTALL_CMD,0550) clear_stats ${PREFIX}/bin/ 209+ $(call INSTALL_CMD,0550) list_agents ${PREFIX}/bin/ 210+ $(call INSTALL_CMD,0550) ossec-regex ${PREFIX}/bin/ 211+ $(call INSTALL_CMD,0550) syscheck_update ${PREFIX}/bin/ 212+ $(call INSTALL_CMD,0550) agent_control ${PREFIX}/bin/ 213+ $(call INSTALL_CMD,0550) syscheck_control ${PREFIX}/bin/ 214+ $(call INSTALL_CMD,0550) rootcheck_control ${PREFIX}/bin/ 215+ 216+ $(call INSTALL_CMD,0750) -d ${PREFIX}/stats 217+ $(call INSTALL_CMD,0550) -d ${PREFIX}/rules 218 ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml)) 219 cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup 220- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules 221- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml 222+ $(call INSTALL_CMD,0640) -b ../etc/rules/*.xml ${PREFIX}/rules 223+ $(call INSTALL_CMD,0640) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml 224 rm ${PREFIX}/rules/local_rules.xml.installbackup 225 else 226- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules 227+ $(call INSTALL_CMD,0640) -b ../etc/rules/*.xml ${PREFIX}/rules 228 endif 229 230- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts 231+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/fts 232 233- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck 234+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rootcheck 235 236- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info 237- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless 238+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/agent-info 239+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/agentless 240 241- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids 242+ $(call INSTALL_CMD,0750) -d ${PREFIX}/queue/rids 243 244- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/ 245+ $(call INSTALL_CMD,0640) ../etc/decoder.xml ${PREFIX}/etc/ 246 247 rm -f ${PREFIX}/etc/shared/merged.mg 248 249-- 2502.25.1 251 252