ossec-agent,ossec-server: drop (3901ded5) · Commits · nix / nixpkgs

pkgs/tools/security/ossec/agent.nix

deleted100644 → 0

+0 −82

Original line number	Diff line number	Diff line
		{
		lib,
		stdenv,
		fetchFromGitHub,
		which,
		pcre2,
		zlib,
		ncurses,
		openssl,
		}:
		let
		version = "unstable-2023-08-09";
		in
		stdenv.mkDerivation {
		pname = "ossec-agent";
		inherit version;

		src = fetchFromGitHub {
		owner = "ossec";
		repo = "ossec-hids";
		rev = "c8a36b0af3d4ee5252855b90236407cbfb996eb2";
		sha256 = "sha256-AZ8iubyhNHXGR/l+hA61ifNDUoan7AQ42l/uRTt5GmE=";
		};

		# clear is used during the build process
		nativeBuildInputs = [ ncurses ];

		buildInputs = [
		which
		pcre2
		zlib
		openssl
		];

		# patch to remove root manipulation, install phase which tries to add users to the system, and init phase which tries to modify the system to launch files
		patches = [ ./no-root.patch ];

		# Workaround build failure on -fno-common toolchains like upstream
		# gcc-10. Otherwise build fails as:
		# ld: src/common/mgmt/pint-worker-external.po:(.data.rel.local+0x0): multiple definition of
		# `PINT_worker_external_impl'; src/common/mgmt/pint-mgmt.po:(.bss+0x20): first defined here
		env.NIX_CFLAGS_COMPILE = "-fcommon";

		buildPhase = ''
		mkdir $out
		export USER_DIR="$out" # just to satisy the script
		./install.sh <<EOF
		en

		agent
		127.0.0.1
		yes
		yes
		yes
		EOF

		'';

		installPhase = ''
		runHook preInstall

		mkdir -p $out/share
		mv $out/active-response/bin/* $out/bin
		mv $out/etc $out/share
		mv $out/queue $out/share
		mv $out/var $out/share
		mv $out/agentless $out/share
		mv $out/.ssh $out/share
		rm -r $out/active-response
		rm -r $out/tmp

		runHook postInstall
		'';

		meta = with lib; {
		description = "Open source host-based instrusion detection system";
		homepage = "https://www.ossec.net";
		license = licenses.gpl2Only;
		maintainers = with maintainers; [ happysalada ];
		platforms = platforms.all;
		};
		}

pkgs/tools/security/ossec/no-root.patch

deleted100644 → 0

+0 −297

Original line number	Diff line number	Diff line
		diff --git a/install.sh b/install.sh
		index 387bde1a..cb6dcbf2 100755
		--- a/install.sh
		+++ b/install.sh
		@@ -126,14 +126,14 @@ Install()
		# Generate the /etc/ossec-init.conf
		VERSION_FILE="./src/VERSION"
		VERSION=`cat ${VERSION_FILE}`
		- chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
		- echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
		- echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
		- echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
		- echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
		- chmod 600 ${OSSEC_INIT}
		- cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
		- chmod 640 ${INSTALLDIR}${OSSEC_INIT}
		+ # chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
		+ # echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
		+ # echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
		+ # echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
		+ # echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
		+ # chmod 600 ${OSSEC_INIT}
		+ # cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
		+ # chmod 640 ${INSTALLDIR}${OSSEC_INIT}


		# If update_rules is set, we need to tweak
		@@ -148,12 +148,12 @@ Install()
		fi

		# Calling the init script to start ossec hids during boot
		- if [ "X${update_only}" = "X" ]; then
		- runInit
		- if [ $? = 1 ]; then
		- notmodified="yes"
		- fi
		- fi
		+ # if [ "X${update_only}" = "X" ]; then
		+ # runInit
		+ # if [ $? = 1 ]; then
		+ # notmodified="yes"
		+ # fi
		+ # fi

		}

		@@ -965,10 +965,10 @@ main()
		catError "0x1-location";
		fi

		- # Must be root
		- if [ ! "X$ME" = "Xroot" ]; then
		- catError "0x2-beroot";
		- fi
		+ # # Must be root
		+ # if [ ! "X$ME" = "Xroot" ]; then
		+ # catError "0x2-beroot";
		+ # fi

		# Checking dependencies
		checkDependencies
		diff --git a/src/Makefile b/src/Makefile
		index 7fc04c0b..0eb27a0a 100644
		--- a/src/Makefile
		+++ b/src/Makefile
		@@ -144,7 +144,7 @@ endif
		ifeq (${uname_S},AIX)
		INSTALL_CMD?=./install-shim-aix.ksh -m $(1) -o $(2) -g $(3)
		else
		- INSTALL_CMD?=install -m $(1) -o $(2) -g $(3)
		+ INSTALL_CMD?=install
		endif

		ifdef DEBUGAD
		@@ -404,10 +404,10 @@ endif
		install: install-${TARGET}

		install-agent: install-common
		- $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-agentd ${PREFIX}/bin
		+ $(call INSTALL_CMD) agent-auth ${PREFIX}/bin

		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/rids

		install-local: install-server-generic

		@@ -416,133 +416,126 @@ install-hybrid: install-server-generic
		install-server: install-server-generic

		install-common: build
		- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
		- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
		-
		- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
		+ $(call INSTALL_CMD) -d ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-logcollector ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-syscheckd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-execd ${PREFIX}/bin
		+ $(call INSTALL_CMD) manage_agents ${PREFIX}/bin
		+ $(call INSTALL_CMD) ../contrib/util.sh ${PREFIX}/bin/
		+ $(call INSTALL_CMD) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control

		ifeq (${LUA_ENABLE},yes)
		- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua
		- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native
		- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled
		- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
		+ $(call INSTALL_CMD) -d ${PREFIX}/lua
		+ $(call INSTALL_CMD) -d ${PREFIX}/lua/native
		+ $(call INSTALL_CMD) -d ${PREFIX}/lua/compiled
		+ $(call INSTALL_CMD) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
		+ $(call INSTALL_CMD) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
		endif

		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue
		- $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/alerts
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/ossec
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/syscheck
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/diff

		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc
		+ $(call INSTALL_CMD) -d ${PREFIX}/etc
		ifeq (${INSTALL_LOCALTIME},yes)
		- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc
		+ $(call INSTALL_CMD) /etc/localtime ${PREFIX}/etc
		endif
		ifeq (${INSTALL_RESOLVCONF},yes)
		- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/resolv.conf ${PREFIX}/etc
		+ $(call INSTALL_CMD) /etc/resolv.conf ${PREFIX}/etc
		endif

		- $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp
		+ $(call INSTALL_CMD) -d ${PREFIX}/tmp

		ifneq (,$(wildcard /etc/TIMEZONE))
		- $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/
		+ $(call INSTALL_CMD) /etc/TIMEZONE ${PREFIX}/etc/
		endif
		# Solaris Needs some extra files
		ifeq (${uname_S},SunOS)
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/
		+ $(call INSTALL_CMD) -d ${PREFIX}/usr/share/lib/zoneinfo/
		cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/
		endif
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/
		+ $(call INSTALL_CMD) -b ../etc/internal_options.conf ${PREFIX}/etc/
		ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf))
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
		+ $(call INSTALL_CMD) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
		endif
		ifeq (,$(wildcard ${PREFIX}/etc/client.keys))
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys
		+ $(call INSTALL_CMD) /dev/null ${PREFIX}/etc/client.keys
		endif
		ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf))
		ifneq (,$(wildcard ../etc/ossec.mc))
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
		+ $(call INSTALL_CMD) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
		else
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
		+ $(call INSTALL_CMD) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
		endif
		endif

		- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared
		- $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/
		+ $(call INSTALL_CMD) -d ${PREFIX}/etc/shared
		+ $(call INSTALL_CMD) rootcheck/db/*.txt ${PREFIX}/etc/shared/

		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/
		+ $(call INSTALL_CMD) -d ${PREFIX}/active-response
		+ $(call INSTALL_CMD) -d ${PREFIX}/active-response/bin
		+ $(call INSTALL_CMD) -d ${PREFIX}/agentless
		+ $(call INSTALL_CMD) agentlessd/scripts/* ${PREFIX}/agentless/

		- $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh
		+ $(call INSTALL_CMD) -d ${PREFIX}/.ssh

		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
		+ $(call INSTALL_CMD) ../active-response/*.sh ${PREFIX}/active-response/bin/
		+ $(call INSTALL_CMD) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/

		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
		- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
		-
		- ./init/fw-check.sh execute
		+ $(call INSTALL_CMD) -d ${PREFIX}/var
		+ $(call INSTALL_CMD) -d ${PREFIX}/var/run



		install-server-generic: install-common
		- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall
		-
		- $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin
		- $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/
		- $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/
		-
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats
		- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules
		+ $(call INSTALL_CMD) /dev/null ${PREFIX}/logs/active-responses.log
		+ $(call INSTALL_CMD) -d ${PREFIX}/logs/archives
		+ $(call INSTALL_CMD) -d ${PREFIX}/logs/alerts
		+ $(call INSTALL_CMD) -d ${PREFIX}/logs/firewall
		+
		+ $(call INSTALL_CMD) ossec-agentlessd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-analysisd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-monitord ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-reportd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-maild ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-remoted ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-logtest ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-csyslogd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-authd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-dbd ${PREFIX}/bin
		+ $(call INSTALL_CMD) ossec-makelists ${PREFIX}/bin
		+ $(call INSTALL_CMD) verify-agent-conf ${PREFIX}/bin/
		+ $(call INSTALL_CMD) clear_stats ${PREFIX}/bin/
		+ $(call INSTALL_CMD) list_agents ${PREFIX}/bin/
		+ $(call INSTALL_CMD) ossec-regex ${PREFIX}/bin/
		+ $(call INSTALL_CMD) syscheck_update ${PREFIX}/bin/
		+ $(call INSTALL_CMD) agent_control ${PREFIX}/bin/
		+ $(call INSTALL_CMD) syscheck_control ${PREFIX}/bin/
		+ $(call INSTALL_CMD) rootcheck_control ${PREFIX}/bin/
		+
		+ $(call INSTALL_CMD) -d ${PREFIX}/stats
		+ $(call INSTALL_CMD) -d ${PREFIX}/rules
		ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml))
		cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
		+ $(call INSTALL_CMD) -b ../etc/rules/*.xml ${PREFIX}/rules
		+ $(call INSTALL_CMD) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
		rm ${PREFIX}/rules/local_rules.xml.installbackup
		else
		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
		+ $(call INSTALL_CMD) -b ../etc/rules/*.xml ${PREFIX}/rules
		endif

		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/fts

		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/rootcheck

		- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info
		- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/agent-info
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/agentless

		- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
		+ $(call INSTALL_CMD) -d ${PREFIX}/queue/rids

		- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/
		+ $(call INSTALL_CMD) ../etc/decoder.xml ${PREFIX}/etc/

		rm -f ${PREFIX}/etc/shared/merged.mg

pkgs/tools/security/ossec/server.nix

deleted100644 → 0

+0 −82

Original line number	Diff line number	Diff line
		{
		lib,
		stdenv,
		fetchFromGitHub,
		which,
		pcre2,
		zlib,
		ncurses,
		openssl,
		}:
		let
		version = "unstable-2023-08-09";
		in
		stdenv.mkDerivation {
		pname = "ossec-server";
		inherit version;

		src = fetchFromGitHub {
		owner = "ossec";
		repo = "ossec-hids";
		rev = "c8a36b0af3d4ee5252855b90236407cbfb996eb2";
		sha256 = "sha256-AZ8iubyhNHXGR/l+hA61ifNDUoan7AQ42l/uRTt5GmE=";
		};

		# clear is used during the build process
		nativeBuildInputs = [ ncurses ];

		buildInputs = [
		which
		pcre2
		zlib
		openssl
		];

		# patch to remove root manipulation, install phase which tries to add users to the system, and init phase which tries to modify the system to launch files
		patches = [ ./no-root.patch ];

		# Workaround build failure on -fno-common toolchains like upstream
		# gcc-10. Otherwise build fails as:
		# ld: src/common/mgmt/pint-worker-external.po:(.data.rel.local+0x0): multiple definition of
		# `PINT_worker_external_impl'; src/common/mgmt/pint-mgmt.po:(.bss+0x20): first defined here
		env.NIX_CFLAGS_COMPILE = "-fcommon";

		buildPhase = ''
		mkdir -p $out/logs
		export USER_DIR="$out" # just to satisy the script
		./install.sh <<EOF
		en

		server
		n
		n
		EOF
		'';

		installPhase = ''
		runHook preInstall

		mkdir -p $out/share
		mv $out/active-response/bin/* $out/bin
		mv $out/etc $out/share
		mv $out/queue $out/share
		mv $out/var $out/share
		mv $out/agentless $out/share
		mv $out/.ssh $out/share
		mv $out/logs $out/share
		mv $out/rules $out/share
		mv $out/stats $out/share
		rm -r $out/active-response
		rm -r $out/tmp

		runHook postInstall
		'';

		meta = with lib; {
		description = "Open source host-based instrusion detection system";
		homepage = "https://www.ossec.net";
		license = licenses.gpl2Only;
		maintainers = with maintainers; [ happysalada ];
		platforms = platforms.all;
		};
		}

pkgs/top-level/aliases.nix

+2 −0

Original line number	Diff line number	Diff line
		@@ -1176,6 +1176,8 @@ mapAliases {
		ortp = throw "'ortp' has been moved to 'linphonePackages.ortp'"; # Added 2025-09-20
		OSCAR = throw "'OSCAR' has been renamed to/replaced by 'oscar'"; # Converted to throw 2025-10-27
		osm2xmap = throw "osm2xmap has been removed, as it is unmaintained upstream and depended on old dependencies with broken builds"; # Added 2025-09-16
		ossec-agent = throw "'ossec-agent' has been removed due to lack of maintenance"; # Added 2025-11-08
		ossec-server = throw "'ossec-server' has been removed due to lack of maintenance"; # Added 2025-11-08
		overrideLibcxx = throw "overrideLibcxx has been removed, as it was no longer used and Darwin now uses libc++ from the latest SDK; see the Nixpkgs 25.11 release notes for details"; # Added 2025-09-15
		overrideSDK = throw "overrideSDK has been removed as it was a legacy compatibility stub. See <https://nixos.org/manual/nixpkgs/stable/#sec-darwin-legacy-frameworks-overrides> for migration instructions"; # Added 2025-08-04
		pacup = throw "'pacup' has been renamed to/replaced by 'perlPackages.pacup'"; # Converted to throw 2025-10-27

pkgs/top-level/all-packages.nix

+0 −4

Original line number	Diff line number	Diff line
		@@ -3653,10 +3653,6 @@ with pkgs;
		llvm = llvm_19;
		};

		ossec-agent = callPackage ../tools/security/ossec/agent.nix { };

		ossec-server = callPackage ../tools/security/ossec/server.nix { };

		p4c = callPackage ../development/compilers/p4c {
		protobuf = protobuf_21;
		};