Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
How to make an ebuild.. or - Lets make an ossec-hids ebuild!
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
redgsturbo
Apprentice
Apprentice


Joined: 24 Jun 2005
Posts: 283

PostPosted: Tue Sep 09, 2008 4:02 pm    Post subject: How to make an ebuild.. or - Lets make an ossec-hids ebuild! Reply with quote

Ok... so I have a need to install OSSEC HIDS with prelude support. It is not in portage. the agent is simple enough. The ebuild should have one use variable "prelude" that alters the install in this way: http://www.ossec.net/wiki/index.php/Know_How:PreludeOutput

Anyone want to walk me through this?

Here's what I got so far
Code:
SLOT="0"
LICENSE="GPL-3"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~ppc-macos ~s390 ~sh ~sparc x86 ~x86-fbsd"
DESCRIPTION="OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)"
SRC_URI="http://www.ossec.net/files/${P}.tar.gz"
HOMEPAGE="http://wwww.ossec.net"
IUSE="prelude"

inherit eutils

src_unpack()   # This function unpacks our files
{
   unpack ${A}
   cd "${S}
   
   if use prelude ; then
      cd src
      einfo "Setting up prelude support"
      make setprelude
      cd "${S}"
   fi
   
   
}

src_compile() {

}

src_install()
{
   
}


./install.sh installs it... the script prompts for input which I am unsure how to address in the ebuild (never made one before) These prompts are, in order:
language selection
hitting enter to confirm installation
choosing a server, agent, or local install
the installation enviroment (default is /var/ossec... don't know that this is the gentoo way)
email notification support
if so, enter email & smtp server
choose if the integrity check daemon will be enabled
choose if the root kit detection will be enabled
choose if the active response is enabled
choose if the firewall drop response is enabled
optionally add white listed IPs
choose if remote syslog will be enabled
a final confirmation, and then it compiles and installs everything including detecting it is running Gentoo and modifing default runlevel to start ossec



SO, anyone wanna teach me how to accomplish this? (ossec should really be in portage anyway)

If someone will help me make this using good gentoo standard practices and error checking and whatnot, I'll make the ossec web interface ebuild myself :)


Last edited by redgsturbo on Wed Sep 10, 2008 9:37 pm; edited 1 time in total
Back to top
View user's profile Send private message
slackline
Veteran
Veteran


Joined: 01 Apr 2005
Posts: 1401
Location: /uk/sheffield

PostPosted: Tue Sep 09, 2008 4:14 pm    Post subject: Reply with quote

I\'ve only written a few simple ebuilds myself, so can't really comment, but a good place to start is by reading through the well commented /usr/portage/skel.ebuild. Use this as a basis for your ebuild.

More information is available if you have portage emerged with the USE="doc" flag which (at least with portage-2.2_rc8) will leave html documentation in /usr/share/doc/portage-[version]/html/index.html

slack
_________________
"Science is what we understand well enough to explain to a computer.  Art is everything else we do." - Donald Knuth


Last edited by slackline on Tue Sep 09, 2008 6:47 pm; edited 1 time in total
Back to top
View user's profile Send private message
ppurka
Advocate
Advocate


Joined: 26 Dec 2004
Posts: 3247

PostPosted: Tue Sep 09, 2008 5:10 pm    Post subject: Reply with quote

http://devmanual.gentoo.org/
In gentoo, the installation should proceed with the installation being temporarily done in /var/tmp/portage.., and then being migrated to the main system. Since that script manages the installation, I wonder if portage will have a record of the files which have been copied to the main system.
_________________
emerge --quiet redefined | E17 vids: I, II | Now using e from git | e18, e19, and kde4 sucks :-/
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 12484

PostPosted: Tue Sep 09, 2008 11:22 pm    Post subject: Reply with quote

That installation script is far too interactive. You have a few options for dealing with it. The first is to identify what inputs you need to provide to make it do the right thing, then feed those to it non-interactively, either by writing them to a file and redirecting its stdin from that file or by piping the commands to it. Your second choice is to patch the installation script so that the answers are hardcoded in it and are not read. I believe some of the Qt ebuilds use this method to deal with the Qt build asking the user to accept a license. The ebuild rewrites that line to set the accepted field to indicate the user accepted the GPL. Your third choice is to delete the entire install.sh and write a proper build system from scratch.

Also, as ppurka notes, the Gentoo way is to do all this in a staging area. The package manager will collect all files from the image directory and merge those to the live filesystem. If OSSEC tries to write directly into the live filesystem, that needs to be fixed as well.
Back to top
View user's profile Send private message
redgsturbo
Apprentice
Apprentice


Joined: 24 Jun 2005
Posts: 283

PostPosted: Wed Sep 10, 2008 3:14 pm    Post subject: Reply with quote

So, there is a predefined file to automate the installation... how should I handle all of the options available to the user... use variables? how do I ensure everything is installed into a staging area, and then how do I then make emerge take care of merging it into the live filesystem?
Back to top
View user's profile Send private message
redgsturbo
Apprentice
Apprentice


Joined: 24 Jun 2005
Posts: 283

PostPosted: Wed Sep 10, 2008 5:05 pm    Post subject: Reply with quote

Here is the preloaded variables file to make their script automated. This seems to be the most appropriate way to go so a) I'm not reinventing, likely with bugs, the install script, and b) will hopefully make later maintenance of the ebuild easier

Code:
# preloaded-vars.conf, Daniel B. Cid (dcid @ ossec.net).
#
# Use this file to customize your installations.
# It will make the install.sh script pre-load some
# specific options to make it run automatically
# or with less questions.

# PLEASE NOTE:
# When we use "n" or "y" in here, it should be changed
# to "n" or "y" in the language your are doing the
# installation. For example, in portuguese it would
# be "s" or "n".


# USER_LANGUAGE defines to language to be used.
# It can be "en", "br", "tr", "it", "de" or "pl".
# In case of an invalid language, it will default
# to English "en"
#USER_LANGUAGE="en"     # For english
#USER_LANGUAGE="br"     # For portuguese


# If USER_NO_STOP is set to anything, the confirmation
# messages are not going to be asked.
#USER_NO_STOP="y"


# USER_INSTALL_TYPE defines the installation type to
# be used during install. It can only be "local",
# "agent" or "server".
#USER_INSTALL_TYPE="local"
#USER_INSTALL_TYPE="agent"
#USER_INSTALL_TYPE="server"


# USER_DIR defines the location to install ossec
#USER_DIR="/var/ossec"


# If USER_DELETE_DIR is set to "y", the directory
# to install OSSEC will be removed if present.
#USER_DELETE_DIR="y"


# If USER_ENABLE_ACTIVE_RESPONSE is set to "n",
# active response will be disabled.
#USER_ENABLE_ACTIVE_RESPONSE="y"


# If USER_ENABLE_SYSCHECK is set to "y",
# syscheck will be enabled. Set to "n" to
# disable it.
#USER_ENABLE_SYSCHECK="y"


# If USER_ENABLE_ROOTCHECK is set to "y",
# rootcheck will be enabled. Set to "n" to
# disable it.
#USER_ENABLE_ROOTCHECK="y"


# If USER_UPDATE is set to anything, the update
# installation will be done.
#USER_UPDATE="y"

# If USER_UPDATE_RULES is set to anything, the
# rules will also be updated.
#USER_UPDATE_RULES="y"

# If USER_BINARYINSTALL is set, the installation
# is not going to compile the code, but use the
# binaries from ./bin/
#USER_BINARYINSTALL="x"


### Agent Installation variables. ###

# USER_AGENT_SERVER_IP specifies the IP address of the
# ossec server. Only used on agent installations.
#USER_AGENT_SERVER_IP="1.2.3.4"



### Server/Local Installation variables. ###

# USER_ENABLE_EMAIL enables or disables email alerting.
#USER_ENABLE_EMAIL="y"

# USER_EMAIL_ADDRESS defines the destination e-mail of the alerts.
#USER_EMAIL_ADDRESS="dcid@test.ossec.net"

# USER_EMAIL_SMTP defines the SMTP server to send the e-mails.
#USER_EMAIL_SMTP="test.ossec.net"


# USER_ENABLE_SYSLOG enables or disables remote syslog.
#USER_ENABLE_SYSLOG="y"


# USER_ENABLE_FIREWALL_RESPONSE enables or disables
# the firewall response.
#USER_ENABLE_FIREWALL_RESPONSE="y"


# Enable PF firewall (OpenBSD and FreeBSD only)
#USER_ENABLE_PF="y"


# PF table to use (OpenBSD and FreeBSD only).
#USER_PF_TABLE="ossec_fwtable"


# USER_WHITE_LIST is a list of IPs or networks
# that are going to be set to never be blocked.
#USER_WHITE_LIST="192.168.2.1 192.168.1.0/24"


#### exit ? ###
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 12484

PostPosted: Thu Sep 11, 2008 2:22 am    Post subject: Reply with quote

redgsturbo wrote:
So, there is a predefined file to automate the installation... how should I handle all of the options available to the user... use variables? how do I ensure everything is installed into a staging area, and then how do I then make emerge take care of merging it into the live filesystem?


Installing into the staging area is package specific. For an autotools package, which this clearly is not, you would do emake DESTDIR="${D}" install. It is not clear from reading the preloaded-vars.conf whether their script even supports a staging area, or how to configure the staging area if it does support it. The package manager will set $D to the location of the staging area. Your src_install function should get the package products into $D, either by running the package install script or by using the do* and ins* helper calls in Portage.

Once you get $D populated correctly, just return. Portage will collect an inventory of everything in that directory and, if appropriate, merge it to the live filesystem.
Back to top
View user's profile Send private message
redgsturbo
Apprentice
Apprentice


Joined: 24 Jun 2005
Posts: 283

PostPosted: Thu Sep 11, 2008 7:28 pm    Post subject: Reply with quote

when the ebuild is being processed by emerge are all the env vars from "emerge --info" available... as an example, in the specific instance of setting the default language, is
Code:
sed -i "s:#USER_LANGUAGE=\"br\":USER_LANGUAGE=\"`echo $LINGUAS`\": etc/preloaded-vars.conf

both able to properly tailor the file prior to compile as well as the correct way to go about that in an ebuild? (assuming I properly deal with the LINGUAS variations).

Also, how do I correctly determine if I am on a bsd box in the ebuild?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum