aboutsummaryrefslogtreecommitdiffstats
path: root/security/tripwire
diff options
context:
space:
mode:
authorjdp <jdp@FreeBSD.org>1997-04-01 12:44:00 +0800
committerjdp <jdp@FreeBSD.org>1997-04-01 12:44:00 +0800
commit194316931449845a4cbb04681f17bbbe1d0927e1 (patch)
treed585bf73b1b33e50d319db35e56d2def9248334c /security/tripwire
parent19ab1050c7ce74426a9ebced74e4c5ad71c5e87c (diff)
downloadfreebsd-ports-gnome-194316931449845a4cbb04681f17bbbe1d0927e1.tar.gz
freebsd-ports-gnome-194316931449845a4cbb04681f17bbbe1d0927e1.tar.zst
freebsd-ports-gnome-194316931449845a4cbb04681f17bbbe1d0927e1.zip
Initial import of Joe Greco's tripwire port.
Submitted by: jgreco@ns.sol.net
Diffstat (limited to 'security/tripwire')
-rw-r--r--security/tripwire/Makefile49
-rw-r--r--security/tripwire/distinfo1
-rw-r--r--security/tripwire/files/conf-freebsd2.h55
-rw-r--r--security/tripwire/files/patch-aa38
-rw-r--r--security/tripwire/files/patch-ab43
-rw-r--r--security/tripwire/files/patch-ac16
-rw-r--r--security/tripwire/files/tw.conf.freebsd2149
-rw-r--r--security/tripwire/files/twcheck3
-rw-r--r--security/tripwire/pkg-comment1
-rw-r--r--security/tripwire/pkg-descr13
-rw-r--r--security/tripwire/pkg-plist4
11 files changed, 372 insertions, 0 deletions
diff --git a/security/tripwire/Makefile b/security/tripwire/Makefile
new file mode 100644
index 000000000000..83ab0b135de9
--- /dev/null
+++ b/security/tripwire/Makefile
@@ -0,0 +1,49 @@
+# New ports collection makefile for: tripwire
+# Version required: 1.2
+# Date created: 31 Mar 1997
+# Whom: Joe Greco <jgreco@ns.sol.net>
+#
+# $Id$
+#
+
+DISTNAME= tripwire-1.2
+CATEGORIES= security net
+MASTER_SITES= ftp://info.cert.org/pub/tools/tripwire/
+EXTRACT_SUFX= .tar.Z
+
+MAINTAINER= jgreco@ns.sol.net
+
+MAN5= tw.config.5
+MAN8= siggen.8 tripwire.8
+NO_CDROM= "cannot be redistributed for more than the cost of duplication"
+NO_PACKAGE= "requires local database to be built"
+RESTRICTED= "contains crypto class algorithms"
+
+post-extract:
+ @ (cd work; tar xf T1.2.tar)
+
+pre-configure:
+ @ ${CP} ${FILESDIR}/conf-freebsd2.h ${WRKSRC}/configs
+ @ ${CP} ${FILESDIR}/tw.conf.freebsd2 ${WRKSRC}/configs/tw.conf.freebsd2
+
+post-install:
+ @ ${MKDIR} /var/adm/tcheck
+ @ ${CP} ${FILESDIR}/tw.conf.freebsd2 /var/adm/tcheck/tw.config
+ @ ${ECHO} Creating tripwire database
+ @ (cd /var/adm/tcheck; tripwire -initialize)
+.if defined(TRIPWIRE_FLOPPY) && ${TRIPWIRE_FLOPPY} == YES
+ @ disklabel -w -B /dev/rfd0c fd1440
+ @ newfs -u 0 -t 0 -i 196608 -m 0 -T minimum -o space /dev/rfd0c
+ @ mount /dev/fd0c /mnt
+ @ ${GZIP_CMD} < ${PREFIX}/bin/tripwire > /mnt/tripwire
+ @ chmod 555 /mnt/tripwire
+ @ ${CP} -p /var/adm/tcheck/tw.config /mnt/tw.config
+ @ ${GZIP_CMD} < /var/adm/tcheck/databases/tw.db_`hostname` \
+ > /mnt/tw.db_`hostname`.gz
+ @ ${CP} -p ${FILESDIR}/twcheck /mnt/twcheck
+ @ ${GZIP_CMD} < /usr/bin/gunzip > /mnt/gunzip
+ @ umount /mnt
+ @ ${ECHO} Do not forget to remove and write-protect the floppy.
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/tripwire/distinfo b/security/tripwire/distinfo
new file mode 100644
index 000000000000..99144795d9b7
--- /dev/null
+++ b/security/tripwire/distinfo
@@ -0,0 +1 @@
+MD5 (tripwire-1.2.tar.Z) = c82e0327e0caa1821e3e564fa1938d88
diff --git a/security/tripwire/files/conf-freebsd2.h b/security/tripwire/files/conf-freebsd2.h
new file mode 100644
index 000000000000..e97290da4786
--- /dev/null
+++ b/security/tripwire/files/conf-freebsd2.h
@@ -0,0 +1,55 @@
+/* $Id$ */
+
+/*
+ * conf-freebsd2.h
+ *
+ * Tripwire configuration file
+ *
+ * Joe Greco
+ * sol.net Network Services
+ * Derived from the other BSD config.h's
+ */
+
+/***
+ *** Operating System specifics
+ ***
+ *** If the answer to a question in the comment is "Yes", then
+ *** change the corresponding "#undef" to a "#define"
+ ***/
+
+/*
+ * is your OS a System V derivitive? if so, what version?
+ * (e.g., define SYSV 4)
+ */
+
+#undef SYSV
+
+/*
+ * does your system have a <malloc.h> like System V?
+ */
+
+#undef MALLOCH
+
+/*
+ * does your system have a <stdlib.h> like POSIX says you should?
+ */
+
+#define STDLIBH
+
+/*
+ * does your system use readdir(3) that returns (struct dirent *)?
+ */
+
+#define DIRENT
+
+/*
+ * is #include <string.h> ok? (as opposed to <strings.h>)
+ */
+
+#define STRINGH
+
+/*
+ * does your system have gethostname(2) (instead of uname(2))?
+ */
+
+#define GETHOSTNAME
diff --git a/security/tripwire/files/patch-aa b/security/tripwire/files/patch-aa
new file mode 100644
index 000000000000..81238bf9ae3a
--- /dev/null
+++ b/security/tripwire/files/patch-aa
@@ -0,0 +1,38 @@
+*** include/config.h.orig Fri Jul 15 06:02:52 1994
+--- include/config.h Sun Dec 31 18:56:20 1989
+***************
+*** 17,23 ****
+ *** file that corresponds with your operating system.
+ ***/
+
+! #include "../configs/conf-svr4.h"
+
+ #ifdef TW_TYPE32
+ typedef TW_TYPE32 int32;
+--- 17,23 ----
+ *** file that corresponds with your operating system.
+ ***/
+
+! #include "../configs/conf-freebsd2.h"
+
+ #ifdef TW_TYPE32
+ typedef TW_TYPE32 int32;
+***************
+*** 103,110 ****
+ #endif
+ */
+
+! #define CONFIG_PATH "/tmp/genek"
+! #define DATABASE_PATH "/tmp/genek"
+
+ /******* name of Tripwire files **************************************
+ *
+--- 103,110 ----
+ #endif
+ */
+
+! # define CONFIG_PATH "/var/adm/tcheck"
+! # define DATABASE_PATH "/var/adm/tcheck/databases"
+
+ /******* name of Tripwire files **************************************
+ *
diff --git a/security/tripwire/files/patch-ab b/security/tripwire/files/patch-ab
new file mode 100644
index 000000000000..b7db1c46c099
--- /dev/null
+++ b/security/tripwire/files/patch-ab
@@ -0,0 +1,43 @@
+*** Makefile.orig Mon Jul 25 10:59:41 1994
+--- Makefile Thu Jan 2 12:04:35 1997
+***************
+*** 12,21 ****
+ ###
+
+ # destination directory for final executables
+! DESTDIR = /secureplace/bin
+
+ # destination for man pages
+! MANDIR = /usr/man
+
+ # system utilities
+ LEX = lex
+--- 12,21 ----
+ ###
+
+ # destination directory for final executables
+! DESTDIR = /usr/local/bin
+
+ # destination for man pages
+! MANDIR = /usr/local/man
+
+ # system utilities
+ LEX = lex
+***************
+*** 60,66 ****
+ #CPP = /lib/cpp # on older systems
+
+ # make sure libraries are not linked dynamically (as a security measure)
+! LDFLAGS= # common
+ #LDFLAGS= -non_shared # OSF/1
+ #LDFLAGS= -Bstatic # SunOS 4 (cannot statically link tripwire
+ # on Solaris 2.3)
+--- 60,67 ----
+ #CPP = /lib/cpp # on older systems
+
+ # make sure libraries are not linked dynamically (as a security measure)
+! LDFLAGS= -static
+! #LDFLAGS= # common
+ #LDFLAGS= -non_shared # OSF/1
+ #LDFLAGS= -Bstatic # SunOS 4 (cannot statically link tripwire
+ # on Solaris 2.3)
diff --git a/security/tripwire/files/patch-ac b/security/tripwire/files/patch-ac
new file mode 100644
index 000000000000..bad090157860
--- /dev/null
+++ b/security/tripwire/files/patch-ac
@@ -0,0 +1,16 @@
+This patch eliminates a compiler warning about LITTLE_ENDIAN begin
+redefined.
+
+*** sigs/sha/sha.c.orig Mon Jul 25 08:46:45 1994
+--- sigs/sha/sha.c Mon Mar 31 19:55:23 1997
+***************
+*** 47,52 ****
+--- 47,54 ----
+ #include "sha.h"
+
+ #if BYTEORDER == 0x1234
++ #undef BIG_ENDIAN
++ #undef LITTLE_ENDIAN
+ #define LITTLE_ENDIAN
+ #endif
+
diff --git a/security/tripwire/files/tw.conf.freebsd2 b/security/tripwire/files/tw.conf.freebsd2
new file mode 100644
index 000000000000..3af8fa548d0f
--- /dev/null
+++ b/security/tripwire/files/tw.conf.freebsd2
@@ -0,0 +1,149 @@
+# $Id$
+#
+# tripwire.config
+# Generic version for FreeBSD
+# Will need editing...see comments below
+#
+# This file contains a list of files and directories that System
+# Preener will scan. Information collected from these files will be
+# stored in the tripwire.database file.
+#
+# Format: [!|=] entry [ignore-flags]
+#
+# where: '!' signifies the entry is to be pruned (inclusive) from
+# the list of files to be scanned.
+# '=' signifies the entry is to be added, but if it is
+# a directory, then all its contents are pruned
+# (useful for /tmp).
+#
+# where: entry is the absolute pathname of a file or a directory
+#
+# where ignore-flags are in the format:
+# [template][ [+|-][pinugsam12] ... ]
+#
+# - : ignore the following atributes
+# + : do not ignore the following attributes
+#
+# p : permission and file mode bits a: access timestamp
+# i : inode number m: modification timestamp
+# n : number of links (ref count) c: inode creation timestamp
+# u : user id of owner 1: signature 1
+# g : group id of owner 2: signature 2
+# s : size of file
+#
+#
+# Ex: The following entry will scan all the files in /etc, and report
+# any changes in mode bits, inode number, reference count, uid,
+# gid, modification and creation timestamp, and the signatures.
+# However, it will ignore any changes in the access timestamp.
+#
+# /etc +pinugsm12-a
+#
+# The following templates have been pre-defined to make these long ignore
+# mask descriptions unecessary.
+#
+# Templates: (default) R : [R]ead-only (+pinugsm12-a)
+# L : [L]og file (+pinug-sam12)
+# N : ignore [N]othing (+pinusgsamc12)
+# E : ignore [E]verything (-pinusgsamc12)
+#
+# By default, Tripwire uses the R template -- it ignores
+# only the access timestamp.
+#
+# You can use templates with modifiers, like:
+# Ex: /etc/lp E+ug
+#
+# Example configuration file:
+# /etc R # all system files
+# !/etc/lp R # ...but not those logs
+# =/tmp N # just the directory, not its files
+#
+# Note the difference between pruning (via "!") and ignoring everything
+# (via "E" template): Ignoring everything in a directory still monitors
+# for added and deleted files. Pruning a directory will prevent Tripwire
+# from even looking in the specified directory.
+#
+#
+# Tripwire running slowly? Modify your tripwire.config entries to
+# ignore the (signature 2) attribute when this computationally-exorbitant
+# protection is not needed. (See README and design document for further
+# details.)
+#
+
+# First, root's "home"
+=/ L
+/.rhosts R # may not exist
+/.profile R # may not exist
+/.cshrc R # may not exist
+/.login R # may not exist
+/.exrc R # may not exist
+/.logout R # may not exist
+/.forward R # may not exist
+
+# Unix itself
+/kernel R
+
+# /bin
+/bin R-2
+
+# /dev
+/dev L
+
+# /etc
+/etc R-2
+/etc/aliases L
+/etc/dumpdates L
+/etc/motd L
+
+# my passwd database should be static at time of system build. yours may
+# not be, if not, uncomment the lines below.
+
+# /etc/passwd L
+# /etc/master.passwd L
+# /etc/pwd.db L
+# /etc/spwd.db L
+
+# /home
+=/home
+
+# /lkm
+/lkm R-2
+
+# /root
+/root R-2
+/root/.history L
+
+# /sbin
+/sbin R-2
+
+# /stand
+/stand R-2
+
+# /usr/bin
+/usr/bin R-2
+
+/usr/include R-12
+
+/usr/lib R-2
+
+/usr/libdata R-2
+
+/usr/libexec R-2
+
+/usr/local/bin R-2
+
+/usr/local/etc L
+
+/usr/local/lib R-2
+
+/usr/local/libexec R-2
+
+/usr/local/sbin R-2
+
+/usr/local/share R-2
+
+/usr/sbin R-2
+
+/usr/share R-2
+
+###########################################
diff --git a/security/tripwire/files/twcheck b/security/tripwire/files/twcheck
new file mode 100644
index 000000000000..a4dffd2b61c9
--- /dev/null
+++ b/security/tripwire/files/twcheck
@@ -0,0 +1,3 @@
+#! /bin/sh -
+
+./gunzip < tw.db_`hostname`.gz | ./tripwire -dfd 0 -c tw.config
diff --git a/security/tripwire/pkg-comment b/security/tripwire/pkg-comment
new file mode 100644
index 000000000000..246b5375df52
--- /dev/null
+++ b/security/tripwire/pkg-comment
@@ -0,0 +1 @@
+File system security and verification program.
diff --git a/security/tripwire/pkg-descr b/security/tripwire/pkg-descr
new file mode 100644
index 000000000000..06132f876d9b
--- /dev/null
+++ b/security/tripwire/pkg-descr
@@ -0,0 +1,13 @@
+Tripwire is a tool that aids system administrators and
+users in monitoring a designated set of files for any changes.
+Used with system files on a regular (e.g., daily) basis, Tripwire
+can notify system administrators of corrupted or tampered files,
+so damage control measures can be taken in a timely manner.
+
+If "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the
+"make" command line, this port will write the tripwire database to
+a floppy disk, which should then be write-protected and used as a
+reference for future runs. The diskette should be formatted and
+present in the "A" drive before starting the "make install" step.
+
+Joe Greco <jgreco@ns.sol.net>
diff --git a/security/tripwire/pkg-plist b/security/tripwire/pkg-plist
new file mode 100644
index 000000000000..c22cb5607b45
--- /dev/null
+++ b/security/tripwire/pkg-plist
@@ -0,0 +1,4 @@
+bin/tripwire
+man/man5/tw.config.5.gz
+man/man8/siggen.8.gz
+man/man8/tripwire.8.gz