3 # Uncomment this to turn on verbose mode.
8 PKGDIR = $(CURDIR)/debian/ossec-hids
9 DESTDIR = $(PKGDIR)/var/ossec
11 # OSSEC INSTALL SUBDIRS
12 SUBDIRS = .ssh active-response active-response/bin agentless bin etc etc/shared logs logs/alerts logs/archives logs/firewall queue queue/agent-info queue/agentless queue/alerts queue/diff queue/fts queue/ossec queue/rids queue/rootcheck queue/syscheck rules stats tmp var var/run
14 ###################### hardening #################
16 export DEB_BUILD_HARDENING=1
18 ###################### main ######################
25 $(MAKE) -C $(SRCDIR) setlocal all build
37 # Add here commands to clean up after the build process.
38 $(MAKE) -C $(SRCDIR) clean
41 rm -f $(SRCDIR)/Config.OS \
42 $(SRCDIR)/analysisd/compiled_rules/compiled_rules.h \
43 $(SRCDIR)/analysisd/ossec-logtest \
44 $(SRCDIR)/isbigendian \
45 $(SRCDIR)/isbigendian.c \
46 $(SRCDIR)/analysisd/ossec-makelists
57 # ugly directory creation
58 for i in $(SUBDIRS); do \
59 mkdir -p -m 700 $(DESTDIR)/$$i; \
62 # various files installation
63 install -m 644 etc/internal_options.conf $(DESTDIR)/etc
64 install -m 644 etc/decoder.xml $(DESTDIR)/etc
65 install -m 644 src/rootcheck/db/*.txt $(DESTDIR)/etc/shared
66 if [ -e ossec-debian.conf ]; then \
67 install -m 440 ossec-debian.conf $(DESTDIR)/etc/ossec.conf; \
69 install -m 440 etc/ossec-local.conf $(DESTDIR)/etc/ossec.conf; \
71 install -m 440 etc/ossec-*.conf $(DESTDIR)/etc
72 cp -r etc/rules/* $(DESTDIR)/rules
73 install -m 750 src/agentlessd/scripts/* $(DESTDIR)/agentless
74 install -s -m 755 bin/* $(DESTDIR)/bin
75 install -m 755 src/init/ossec-*.sh $(DESTDIR)/bin
76 ln -s ossec-local.sh $(DESTDIR)/bin/ossec-control
77 install -m 755 active-response/*.sh $(DESTDIR)/active-response/bin
78 install -m 755 active-response/firewalls/*.sh \
79 $(DESTDIR)/active-response/bin
82 chmod -R 550 $(DESTDIR)
83 chmod -R 770 $(DESTDIR)/queue/alerts
84 chmod -R 770 $(DESTDIR)/queue/ossec
85 chmod -R 750 $(DESTDIR)/queue/fts
86 chmod -R 750 $(DESTDIR)/queue/syscheck
87 chmod -R 750 $(DESTDIR)/queue/rootcheck
88 chmod -R 750 $(DESTDIR)/queue/diff
89 chmod -R 755 $(DESTDIR)/queue/agent-info
90 chmod -R 755 $(DESTDIR)/queue/rids
91 chmod -R 755 $(DESTDIR)/queue/agentless
92 chmod -R 750 $(DESTDIR)/stats
93 chmod -R 750 $(DESTDIR)/logs
94 chmod -R 550 $(DESTDIR)/rules
95 chmod 770 $(DESTDIR)/var/run
96 chmod 550 $(DESTDIR)/etc
97 chmod 440 $(DESTDIR)/etc/internal_options.conf
98 chmod -R 770 $(DESTDIR)/etc/shared
99 chmod 700 $(DESTDIR)/.ssh
100 chmod 755 $(DESTDIR)/active-response/bin/*
101 chmod 550 $(DESTDIR)/bin/*
102 chmod 440 $(DESTDIR)/etc/ossec.conf
104 # fixups: no need for execute bits on files there
105 find $(DESTDIR)/rules -type f -exec chmod ugo-x '{}' ';'
106 find $(DESTDIR)/etc -type f -exec chmod ugo-x '{}' ';'
109 mkdir -p $(PKGDIR)/etc/init.d
110 if [ -e ossec-hids-debian.init ]; then \
111 install -m 755 ossec-hids-debian.init \
112 $(PKGDIR)/etc/init.d/ossec-hids; \
114 install -m 755 src/init/ossec-hids.init \
115 $(PKGDIR)/etc/init.d/ossec-hids; \
119 echo "DIRECTORY=\"/var/ossec\"" > $(PKGDIR)/etc/ossec-init.conf
120 echo "VERSION=\"`cat src/VERSION`\"" >> $(PKGDIR)/etc/ossec-init.conf
121 echo "DATE=\"$(shell date --utc -d "$(shell dpkg-parsechangelog | sed -ne 's/Date: //p')")\"" >> $(PKGDIR)/etc/ossec-init.conf
122 echo "TYPE=\"local\"" >> $(PKGDIR)/etc/ossec-init.conf
124 # Build architecture-independent files here.
125 binary-indep: build install
126 # We have nothing to do by default.
128 # Build architecture-dependent files here.
129 binary-arch: build install
137 # dh_installlogrotate
159 binary: binary-indep binary-arch
160 .PHONY: build clean binary-indep binary-arch binary install