Add audit, tools for remote and centralized audit data collection.

svn path=/head/; revision=56536

security/Makefile

@@ -9,6 +9,7 @@
     SUBDIR += amavis-perl
     SUBDIR += apg
     SUBDIR += arirang
+    SUBDIR += audit
     SUBDIR += bcwipe
     SUBDIR += beecrypt
     SUBDIR += bfbtester

security/audit/Makefile

@@ -0,0 +1,74 @@
+# New ports collection makefile for:	audit
+# Date created:				24 March 2002
+# Whom:					anders
+#
+# $FreeBSD$
+#
+
+PORTNAME=	audit
+PORTVERSION=	1.0
+CATEGORIES=	security
+MASTER_SITES=	http://community.corest.com/pub/audit/ \
+		ftp://ftp.nuug.no/pub/anders/distfiles/
+DISTNAME=	${PORTNAME}-v${PORTVERSION}beta-src
+
+MAINTAINER=	anders@FreeBSD.org
+
+.if defined(WITH_MYSQL)
+LIB_DEPENDS+=	mysqlclient.10:${PORTSDIR}/databases/mysql323-client
+.endif
+.if defined(WITH_PGSQL)
+LIB_DEPENDS+=	pq.2:${PORTSDIR}/databases/postgresql7
+.endif
+
+WRKSRC=		${WRKDIR}/${PORTNAME}-v${PORTVERSION}beta
+
+GNU_CONFIGURE=	yes
+CONFIGURE_ARGS+=	--with-audit-libdir=${PREFIX}/lib/alat
+.if defined(WITH_MYSQL)
+CONFIGURE_ARGS+=	--with-mysql \
+			--with-mysql-libdir=${LOCALBASE}/lib/mysql \
+			--with-mysql-incdir=${LOCALBASE}/include
+PLIST_SUB+=	MYSQL=''
+.else
+PLIST_SUB+=	MYSQL='@comment '
+.endif
+.if defined(WITH_PGSQL)
+CONFIGURE_ARGS+=	--with-pgsql \
+			--with-pgsql-libdir=${LOCALBASE}/lib \
+			--with-pgsql-incdir=${LOCALBASE}/include
+PLIST_SUB+=	PGSQL=''
+.else
+PLIST_SUB+=	PGSQL='@comment '
+.endif
+INSTALLS_SHLIB=	yes
+LDCONFIG_DIRS=	%%PREFIX%%/lib/alat
+MANCOMPRESSED=	yes
+MAN1=	audit.1
+MAN8=	auditd.8
+
+DOCS=	COPYING README TODO
+FIXPREFIX_CONF=	src/include/audconf.h src/auditd/auditd.8
+LIBVERSION=	1
+
+post-patch:
+	${PERL} -pi -e "s@Linux@FreeBSD@g" ${WRKSRC}/configure
+	(${FIND} ${WRKSRC}/src/modules -name Makefile.in -exec ${PERL} -pi -e \
+		"s@^LIB=(.*){VERSION}@SOVERSION=\t${LIBVERSION}\nLIB=\1\{SOVERSION\}@" {} \;)
+	${PERL} -pi -e "s@AUDIT_VERSION@\"${LIBVERSION}\"@g" \
+		${WRKSRC}/src/lib/modules.c
+.for f in ${FIXPREFIX_CONF}
+	${PERL} -pi -e "s@/etc/auditd.conf@${PREFIX}/etc/auditd.conf@g" \
+		${WRKSRC}/${f}
+.endfor
+
+post-install:
+	${INSTALL_DATA}	${WRKSRC}/auditd.conf ${PREFIX}/etc/auditd.conf.sample
+.if !defined(NOPORTDOCS)
+	${INSTALL} -d -o root -g wheel -m 0775 ${DOCSDIR}
+.for f in ${DOCS}
+	${INSTALL_DATA} ${WRKSRC}/${f} ${DOCSDIR}
+.endfor
+.endif
+
+.include <bsd.port.mk>

security/audit/distinfo

@@ -0,0 +1 @@
+MD5 (audit-v1.0beta-src.tar.gz) = a45653b8809279c7d939189047f2bdd1

security/audit/pkg-comment

@@ -0,0 +1 @@
+Tools for remote and centralized audit data collection

security/audit/pkg-descr

@@ -0,0 +1,11 @@
+Audit is a client/server system that allows remote system logs auditing and
+centralizing. It supports standard and modular syslog output formats
+(non-standard logs can be easily supported due to its modular design). The
+server (auditd) runs on audited machines and the client (audit) runs on the
+auditors workstations. Multiple auditors are supported and managed by one or
+more 'chief' auditors. Auditors can be configured in a way that each of them
+can examine specific sets of logs.
+
+WWW: http://www.corest.com/products/corewisdom/CW02.php
+
+- Anders Nordby <anders@FreeBSD.org>

security/audit/pkg-plist

@@ -0,0 +1,17 @@
+bin/audit
+sbin/auditd
+etc/auditd.conf.sample
+lib/alat/libres_local.so.1
+lib/alat/libauth_raw.so.1
+lib/alat/libauth_srp.so.1
+lib/alat/libia_syslog.so.1
+lib/alat/libattr_classic.so.1
+lib/alat/libattr_peo.so.1
+lib/alat/libattr_regex.so.1
+lib/alat/libattr_tcp.so.1
+%%PGSQL%%lib/alat/libattr_pgsql.so.1
+%%MYSQL%%lib/alat/libattr_mysql.so.1
+%%PORTDOCS%%share/doc/audit/COPYING
+%%PORTDOCS%%share/doc/audit/README
+%%PORTDOCS%%share/doc/audit/TODO
+%%PORTDOCS%%@dirrm share/doc/audit