Merge pull request #878 from ddpbsd/2.9rc2

2.9rc2 - applying a couple of fixes
ossec · Jun 30, 2016 · 36a4287 · 36a4287
2 parents 3049e56 + b365452
commit 36a4287
Show file tree

Hide file tree

Showing 9 changed files with 34 additions and 12 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -41,9 +41,9 @@ before_script:
 - sudo apt-get update -qq
 - if [[ "${GEOIP}" == "yes"  ]]; then ( sudo apt-get install geoip-bin geoip-database libgeoip-dev libgeoip1 ); fi
 - if [[ "${PRELUDE}" == "yes" ]]; then ( sudo apt-get install libprelude-dev ); fi
-- if [[ "${ZEROMQ}" == "yes" ]]; then ( sudo apt-get install libzmq3-dev
-  && wget http://download.zeromq.org/czmq-2.2.0.tar.gz
-  && tar xfz czmq-2.2.0.tar.gz && cd czmq-2.2.0/
+- if [[ "${ZEROMQ}" == "yes" ]]; then ( sudo apt-get install libzmq3-dev libtool autoconf
+  && wget https://github.com/zeromq/czmq/archive/v2.2.0.tar.gz
+  && tar xzf v2.2.0.tar.gz && cd czmq-2.2.0/ && ./autogen.sh
   && ./configure && make all -j && sudo make install
   ); fi
 - if [[ "${OSSEC_TYPE}" == "winagent" ]]; then ( sudo apt-get install aptitude && sudo aptitude -y install mingw-w64 nsis ); fi

diff --git a/src/Makefile b/src/Makefile
@@ -410,7 +410,7 @@ endif
 endif
 
 	install -d -m 0770 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc/shared
-	install -m 0440 -o root -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/
+	install -m 0640 -o root -g ${OSSEC_GROUP} rootcheck/db/*.txt ${PREFIX}/etc/shared/
 
 	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response
 	install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/active-response/bin

diff --git a/src/analysisd/testrule.c b/src/analysisd/testrule.c
@@ -64,6 +64,10 @@ int main(int argc, char **argv)
     char *ut_str = NULL;
     const char *dir = DEFAULTDIR;
     const char *cfg = DEFAULTCPATH;
+    const char *user = USER;
+    const char *group = GROUPGLOBAL;
+    uid_t uid;
+    gid_t gid;
 
     /* Set the name */
     OS_SetName(ARGV0);
@@ -142,9 +146,23 @@ int main(int argc, char **argv)
         }
     }
 
-    if (chdir(dir) != 0) {
+    /* Check if the user/group given are valid */
+    uid = Privsep_GetUser(user);
+    gid = Privsep_GetGroup(group);
+    if (uid == (uid_t) - 1 || gid == (gid_t) - 1) {
+        ErrorExit(USER_ERROR, ARGV0, user, group);
+    }
+
+    /* Set the group */
+    if (Privsep_SetGroup(gid) < 0) {
+        ErrorExit(SETGID_ERROR, ARGV0, group, errno, strerror(errno));
+    }
+
+    /* Chroot */
+    if (Privsep_Chroot(dir) < 0) {
         ErrorExit(CHROOT_ERROR, ARGV0, dir, errno, strerror(errno));
     }
+    nowChroot();
 
     /*
      * Anonymous Section: Load rules, decoders, and lists
@@ -269,6 +287,11 @@ int main(int argc, char **argv)
         exit(0);
     }
 
+    /* Set the user */
+    if (Privsep_SetUser(uid) < 0) {
+        ErrorExit(SETUID_ERROR, ARGV0, user, errno, strerror(errno));
+    }
+
     /* Start up message */
     verbose(STARTUP_MSG, ARGV0, getpid());
 
@@ -571,4 +594,3 @@ void OS_ReadMSG(char *ut_str)
     }
     exit(exit_code);
 }
-
diff --git a/src/headers/defs.h b/src/headers/defs.h
@@ -36,7 +36,7 @@
 
 /* Some global names */
 #define __ossec_name    "OSSEC HIDS"
-#define __version       "v2.8"
+#define __version       "v2.9.0"
 #define __author        "Trend Micro Inc."
 #define __contact       "[email protected]"
 #define __site          "http://www.ossec.net"

diff --git a/src/init/ossec-client.sh b/src/init/ossec-client.sh
@@ -11,7 +11,7 @@ DIR=`dirname $PWD`;
 
 ###  Do not modify bellow here ###
 NAME="OSSEC HIDS"
-VERSION="v2.8"
+VERSION="v2.9.0"
 AUTHOR="Trend Micro Inc."
 DAEMONS="ossec-logcollector ossec-syscheckd ossec-agentd ossec-execd"
 

diff --git a/src/init/ossec-local.sh b/src/init/ossec-local.sh
@@ -19,7 +19,7 @@ if [ $? = 0 ]; then
 fi
 
 NAME="OSSEC HIDS"
-VERSION="v2.8"
+VERSION="v2.9.0"
 AUTHOR="Trend Micro Inc."
 DAEMONS="ossec-monitord ossec-logcollector ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
 

diff --git a/src/init/ossec-server.sh b/src/init/ossec-server.sh
@@ -19,7 +19,7 @@ if [ $? = 0 ]; then
 fi
 
 NAME="OSSEC HIDS"
-VERSION="v2.8"
+VERSION="v2.9.0"
 AUTHOR="Trend Micro Inc."
 
 [ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf;

diff --git a/src/win32/help.txt b/src/win32/help.txt
@@ -1,4 +1,4 @@
-** OSSEC Windows Agent v2.8 **
+** OSSEC Windows Agent v2.9 **
 ** Copyright (C) 2014 Trend Micro Inc. **
 
 

diff --git a/src/win32/ossec-installer.nsi b/src/win32/ossec-installer.nsi
@@ -25,7 +25,7 @@
 ; general
 !define MUI_ICON favicon.ico
 !define MUI_UNICON ossec-uninstall.ico
-!define VERSION "2.8"
+!define VERSION "2.9.0"
 !define NAME "OSSEC HIDS"
 !define SERVICE "OssecSvc"