143233 – OSSEC HIDS ebuild request

Bug 143233 - OSSEC HIDS ebuild request

Summary: OSSEC HIDS ebuild request

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Other

Importance:	High enhancement (vote)
Assignee:	Default Assignee for New Packages

URL:	http://www.ossec.net/
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-08-08 11:37 UTC by Caleb Cushing
Modified:	2015-08-28 14:40 UTC (History)
CC List:	8 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Caleb Cushing 2006-08-08 11:37:46 UTC

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.

It should work on any POSIX compliant system( Linux, BSDs, etc) with an ANSI C compiler. We have tested it on the following systems:

    * OpenBSD 3.5, 3.6, 3.7, 3.8 and 3.9
    * Slackware 10.1 and 10.2
    * FreeBSD 5.2.1, 4.10-BETA, 5.4-RELEASE, 6.0-STABLE
    * RedHat 8.0 and 9.0
    * Ubuntu 5.04, 5.10 and 6.06
    * Debian 3.1 Sarge
    * Solaris 2.8, 2.9 (Sparc) and 10 (x86)
    * AIX 5.2 ML-07
    * MacOSX 10
    * Fedora Core 2,3,4 and 5
    * Suse ES 9
    * Windows XP/2000 (agent only)

what? all these and no gentoo package?

Comment 1 gentuxx 2006-08-25 16:15:42 UTC

I am currently running ossec-hids on several gentoo (x86) and gentoo-sparc systems, quite successfully I might add.  Have been considering making an ebuild, so was checking bugzilla (according to the "Ebuild HOWTO" doc) and found this.  This bug is only 17 days old, but if no one is going to take it, I would be happy to do it.

Comment 2 Caleb Cushing 2006-09-01 14:18:45 UTC

I'm no one officially gentoo but since no one has replied I'd say go ahead and make an ebuild and attach it to this bug.

Comment 3 gentuxx 2006-09-01 17:40:09 UTC

(In reply to comment #2)
> I'm no one officially gentoo but since no one has replied I'd say go ahead and
> make an ebuild and attach it to this bug.
> 

I've already started working on it.  But since this is my first ebuild, it's taking a lot of research.  There are some challenges, the biggest of which is getting the time.

Comment 4 Caleb Cushing 2006-09-01 17:47:33 UTC

I understand I've modified a few... but I don't want to write them yet.

Comment 5 Stuart Herbert (RETIRED) gentoo-dev

2006-10-13 16:28:11 UTC

Hi,

I've added an ebuild for this package to my overlay.  You can install my overlay by installing layman, and then running 'layman -a stuart-server'.

The only reason this isn't in the Portage tree yet is that I don't yet know whether or not I want to maintain this package.  If another Gentoo dev wants to maintain this package, please feel free!

Best regards,
Stu

Comment 6 Matthew Gregory Sr. 2007-08-29 16:43:30 UTC

I'm going to evaluate this product and I may get the existing ebuild and update it.

I'm working on several other things right now so it might take me a week to get back to this.

Comment 7 Jakub Moc (RETIRED) gentoo-dev

2007-09-14 11:24:58 UTC

No progress for over 1 year, closing WONTFIX. Feel free to reopen with an ebuild.