Prelude is a hybrid IDS consisting of multiple

sensors, managers, and a display console. This
is the display console.

This is one of several new Prelude packages.

6 files changed, 383 insertions, 0 deletions

diff --git a/security/py-prewikka/DESCR b/security/py-prewikka/DESCR
new file mode 100644
index 00000000000..050dab87898
--- /dev/null
+++ b/security/py-prewikka/DESCR
@@ -0,0 +1,3 @@
+Prelude is a hybrid IDS consisting of multiple
+sensors, managers, and a display console. This
+is the display console.
diff --git a/security/py-prewikka/Makefile b/security/py-prewikka/Makefile
new file mode 100644
index 00000000000..c39df7cb24f
--- /dev/null
+++ b/security/py-prewikka/Makefile
@@ -0,0 +1,46 @@
+# $NetBSD: Makefile,v 1.1.1.1 2006/01/29 16:00:44 shannonjr Exp $
+#
+
+DISTNAME=		prewikka-0.9.3
+CATEGORIES=		security
+MASTER_SITES=		http://prelude-ids.org/download/releases/
+
+MAINTAINER=		shannonjr@NetBSD.org
+HOMEPAGE=		http://prelude-ids.org/download/releases/
+COMMENT=		Prelude-IDS console
+
+.include "../../mk/bsd.prefs.mk"
+
+PYDISTUTILSPKG=		yes
+PYBINMODULE=		yes
+PYSETUP=		setup.py
+REPLACE_PYTHON=		prewikka-httpd
+PREWIKKA_USER?=		prewikka
+PREWIKKA_GROUP?=	prewikka
+PREWIKKA_HOME=		/nonexistent
+RCD_SCRIPTS=		prewikka
+
+PKG_USERS=	${PREWIKKA_USER}:${PREWIKKA_GROUP}::Prelude\-IDS\ console:${PREWIKKA_HOME}:${NOLOGIN}
+PKG_GROUPS=	${PREWIKKA_GROUP}
+
+SUBST_CLASSES+=		code
+SUBST_STAGE.code=	post-patch
+SUBST_FILES.code=	runPrewikka.c
+SUBST_SED.code=		-e 's,@PREFIX@,${PREFIX},g'
+SUBST_SED.code+=	-e 's,@PREWIKKA_USER@,${PREWIKKA_USER},g'
+FILES_SUBST+=	PREWIKKA_USER=${PREWIKKA_USER:Q}
+
+pre-patch:
+		${CP} ${FILESDIR}/runPrewikka.c ${WRKSRC}
+
+post-build:
+		cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${CC} ${CFLAGS} -o runPrewikka runPrewikka.c
+
+post-install:
+		${INSTALL_PROGRAM} ${WRKSRC}/runPrewikka ${PREFIX}/sbin/runPrewikka
+
+.include "../../lang/python/application.mk"
+.include "../../lang/python/extension.mk"
+.include "../../security/libpreludedb/buildlink3.mk"
+.include "../../security/libprelude/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/py-prewikka/PLIST b/security/py-prewikka/PLIST
new file mode 100644
index 00000000000..f6067998212
--- /dev/null
+++ b/security/py-prewikka/PLIST
@@ -0,0 +1,155 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2006/01/29 16:00:44 shannonjr Exp $
+bin/prewikka-httpd
+${PYSITELIB}/__init__.py
+${PYSITELIB}/__init__.pyc
+${PYSITELIB}/__init__.pyo
+${PYSITELIB}/prewikka/Auth.pyc
+${PYSITELIB}/prewikka/Auth.pyo
+${PYSITELIB}/prewikka/CheetahFilters.pyc
+${PYSITELIB}/prewikka/CheetahFilters.pyo
+${PYSITELIB}/prewikka/Config.pyc
+${PYSITELIB}/prewikka/Config.pyo
+${PYSITELIB}/prewikka/Core.pyc
+${PYSITELIB}/prewikka/Core.pyo
+${PYSITELIB}/prewikka/DataSet.pyc
+${PYSITELIB}/prewikka/DataSet.pyo
+${PYSITELIB}/prewikka/Database.pyc
+${PYSITELIB}/prewikka/Database.pyo
+${PYSITELIB}/prewikka/Error.pyc
+${PYSITELIB}/prewikka/Error.pyo
+${PYSITELIB}/prewikka/Filter.pyc
+${PYSITELIB}/prewikka/Filter.pyo
+${PYSITELIB}/prewikka/IDMEFDatabase.pyc
+${PYSITELIB}/prewikka/IDMEFDatabase.pyo
+${PYSITELIB}/prewikka/Log.pyc
+${PYSITELIB}/prewikka/Log.pyo
+${PYSITELIB}/prewikka/ModPythonHandler.pyc
+${PYSITELIB}/prewikka/ModPythonHandler.pyo
+${PYSITELIB}/prewikka/MyConfigParser.pyc
+${PYSITELIB}/prewikka/MyConfigParser.pyo
+${PYSITELIB}/prewikka/ParametersNormalizer.pyc
+${PYSITELIB}/prewikka/ParametersNormalizer.pyo
+${PYSITELIB}/prewikka/Request.pyc
+${PYSITELIB}/prewikka/Request.pyo
+${PYSITELIB}/prewikka/User.pyc
+${PYSITELIB}/prewikka/User.pyo
+${PYSITELIB}/prewikka/__init__.py
+${PYSITELIB}/prewikka/__init__.pyc
+${PYSITELIB}/prewikka/__init__.pyo
+${PYSITELIB}/prewikka/modules/__init__.pyc
+${PYSITELIB}/prewikka/modules/__init__.pyo
+${PYSITELIB}/prewikka/modules/auth/__init__.pyc
+${PYSITELIB}/prewikka/modules/auth/__init__.pyo
+${PYSITELIB}/prewikka/modules/auth/loginpassword/__init__.pyc
+${PYSITELIB}/prewikka/modules/auth/loginpassword/__init__.pyo
+${PYSITELIB}/prewikka/modules/auth/loginpassword/loginpassword.pyc
+${PYSITELIB}/prewikka/modules/auth/loginpassword/loginpassword.pyo
+${PYSITELIB}/prewikka/modules/log/__init__.pyc
+${PYSITELIB}/prewikka/modules/log/__init__.pyo
+${PYSITELIB}/prewikka/modules/log/stderr/__init__.pyc
+${PYSITELIB}/prewikka/modules/log/stderr/__init__.pyo
+${PYSITELIB}/prewikka/modules/log/stderr/stderr.pyc
+${PYSITELIB}/prewikka/modules/log/stderr/stderr.pyo
+${PYSITELIB}/prewikka/siteconfig.py
+${PYSITELIB}/prewikka/siteconfig.pyc
+${PYSITELIB}/prewikka/siteconfig.pyo
+${PYSITELIB}/prewikka/templates/About.py
+${PYSITELIB}/prewikka/templates/About.pyc
+${PYSITELIB}/prewikka/templates/About.pyo
+${PYSITELIB}/prewikka/templates/AlertListing.py
+${PYSITELIB}/prewikka/templates/AlertListing.pyc
+${PYSITELIB}/prewikka/templates/AlertListing.pyo
+${PYSITELIB}/prewikka/templates/ClassicLayout.py
+${PYSITELIB}/prewikka/templates/ClassicLayout.pyc
+${PYSITELIB}/prewikka/templates/ClassicLayout.pyo
+${PYSITELIB}/prewikka/templates/Command.py
+${PYSITELIB}/prewikka/templates/Command.pyc
+${PYSITELIB}/prewikka/templates/Command.pyo
+${PYSITELIB}/prewikka/templates/ErrorTemplate.py
+${PYSITELIB}/prewikka/templates/ErrorTemplate.pyc
+${PYSITELIB}/prewikka/templates/ErrorTemplate.pyo
+${PYSITELIB}/prewikka/templates/FilterEdition.py
+${PYSITELIB}/prewikka/templates/FilterEdition.pyc
+${PYSITELIB}/prewikka/templates/FilterEdition.pyo
+${PYSITELIB}/prewikka/templates/HTMLDocument.py
+${PYSITELIB}/prewikka/templates/HTMLDocument.pyc
+${PYSITELIB}/prewikka/templates/HTMLDocument.pyo
+${PYSITELIB}/prewikka/templates/HeartbeatAnalyze.py
+${PYSITELIB}/prewikka/templates/HeartbeatAnalyze.pyc
+${PYSITELIB}/prewikka/templates/HeartbeatAnalyze.pyo
+${PYSITELIB}/prewikka/templates/HeartbeatListing.py
+${PYSITELIB}/prewikka/templates/HeartbeatListing.pyc
+${PYSITELIB}/prewikka/templates/HeartbeatListing.pyo
+${PYSITELIB}/prewikka/templates/LoginPasswordForm.py
+${PYSITELIB}/prewikka/templates/LoginPasswordForm.pyc
+${PYSITELIB}/prewikka/templates/LoginPasswordForm.pyo
+${PYSITELIB}/prewikka/templates/MessageDetails.py
+${PYSITELIB}/prewikka/templates/MessageDetails.pyc
+${PYSITELIB}/prewikka/templates/MessageDetails.pyo
+${PYSITELIB}/prewikka/templates/MessageListing.py
+${PYSITELIB}/prewikka/templates/MessageListing.pyc
+${PYSITELIB}/prewikka/templates/MessageListing.pyo
+${PYSITELIB}/prewikka/templates/MessageSummary.py
+${PYSITELIB}/prewikka/templates/MessageSummary.pyc
+${PYSITELIB}/prewikka/templates/MessageSummary.pyo
+${PYSITELIB}/prewikka/templates/PropertiesChangeForm.py
+${PYSITELIB}/prewikka/templates/PropertiesChangeForm.pyc
+${PYSITELIB}/prewikka/templates/PropertiesChangeForm.pyo
+${PYSITELIB}/prewikka/templates/SensorAlertListing.py
+${PYSITELIB}/prewikka/templates/SensorAlertListing.pyc
+${PYSITELIB}/prewikka/templates/SensorAlertListing.pyo
+${PYSITELIB}/prewikka/templates/SensorHeartbeatListing.py
+${PYSITELIB}/prewikka/templates/SensorHeartbeatListing.pyc
+${PYSITELIB}/prewikka/templates/SensorHeartbeatListing.pyo
+${PYSITELIB}/prewikka/templates/SensorListing.py
+${PYSITELIB}/prewikka/templates/SensorListing.pyc
+${PYSITELIB}/prewikka/templates/SensorListing.pyo
+${PYSITELIB}/prewikka/templates/TopLayout.py
+${PYSITELIB}/prewikka/templates/TopLayout.pyc
+${PYSITELIB}/prewikka/templates/TopLayout.pyo
+${PYSITELIB}/prewikka/templates/UserListing.py
+${PYSITELIB}/prewikka/templates/UserListing.pyc
+${PYSITELIB}/prewikka/templates/UserListing.pyo
+${PYSITELIB}/prewikka/templates/UserSettings.py
+${PYSITELIB}/prewikka/templates/UserSettings.pyc
+${PYSITELIB}/prewikka/templates/UserSettings.pyo
+${PYSITELIB}/prewikka/templates/__init__.py
+${PYSITELIB}/prewikka/templates/__init__.pyc
+${PYSITELIB}/prewikka/templates/__init__.pyo
+${PYSITELIB}/prewikka/templates/utils.py
+${PYSITELIB}/prewikka/templates/utils.pyc
+${PYSITELIB}/prewikka/templates/utils.pyo
+${PYSITELIB}/prewikka/utils.pyc
+${PYSITELIB}/prewikka/utils.pyo
+${PYSITELIB}/prewikka/view.pyc
+${PYSITELIB}/prewikka/view.pyo
+${PYSITELIB}/prewikka/views/__init__.pyc
+${PYSITELIB}/prewikka/views/__init__.pyo
+${PYSITELIB}/prewikka/views/commands.pyc
+${PYSITELIB}/prewikka/views/commands.pyo
+${PYSITELIB}/prewikka/views/filter.pyc
+${PYSITELIB}/prewikka/views/filter.pyo
+${PYSITELIB}/prewikka/views/messagedetails.pyc
+${PYSITELIB}/prewikka/views/messagedetails.pyo
+${PYSITELIB}/prewikka/views/messagelisting.pyc
+${PYSITELIB}/prewikka/views/messagelisting.pyo
+${PYSITELIB}/prewikka/views/messagesummary.pyc
+${PYSITELIB}/prewikka/views/messagesummary.pyo
+${PYSITELIB}/prewikka/views/misc.pyc
+${PYSITELIB}/prewikka/views/misc.pyo
+${PYSITELIB}/prewikka/views/sensor.pyc
+${PYSITELIB}/prewikka/views/sensor.pyo
+${PYSITELIB}/prewikka/views/usermanagement.pyc
+${PYSITELIB}/prewikka/views/usermanagement.pyo
+sbin/runPrewikka
+share/examples/rc.d/prewikka
+share/prewikka/database/sqlite.sql
+@dirrm share/prewikka/database
+@dirrm ${PYSITELIB}/prewikka/views
+@dirrm ${PYSITELIB}/prewikka/templates
+@dirrm ${PYSITELIB}/prewikka/modules/log/stderr
+@dirrm ${PYSITELIB}/prewikka/modules/log
+@dirrm ${PYSITELIB}/prewikka/modules/auth/loginpassword
+@dirrm ${PYSITELIB}/prewikka/modules/auth
+@dirrm ${PYSITELIB}/prewikka/modules
+@dirrm ${PYSITELIB}/prewikka
diff --git a/security/py-prewikka/distinfo b/security/py-prewikka/distinfo
new file mode 100644
index 00000000000..144eb00b49b
--- /dev/null
+++ b/security/py-prewikka/distinfo
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1.1.1 2006/01/29 16:00:44 shannonjr Exp $
+
+SHA1 (prewikka-0.9.3.tar.gz) = bdc7db4145ba554d8cc834480ebcf26426da276d
+RMD160 (prewikka-0.9.3.tar.gz) = 177d29089354b7bfad120521868663505375799e
+Size (prewikka-0.9.3.tar.gz) = 149503 bytes
diff --git a/security/py-prewikka/files/prewikka.sh b/security/py-prewikka/files/prewikka.sh
new file mode 100644
index 00000000000..e048e0a8e3d
--- /dev/null
+++ b/security/py-prewikka/files/prewikka.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# $NetBSD: prewikka.sh,v 1.1.1.1 2006/01/29 16:00:44 shannonjr Exp $
+#
+
+# PROVIDE: prewikka
+# REQUIRE: mysqld LOGIN
+
+$_rc_subr_loaded . /etc/rc.subr
+
+name="prewikka"
+rcvar=$name
+required_files="@PKG_SYSCONFDIR@/prewikka/prewikka.conf"
+start_precmd="prewikka_precommand"
+command="@PREFIX@/sbin/runPrewikka -p 8080 -a 192.168.1.8"
+
+prewikka_precommand()
+{
+	for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do
+		if [ -S /tmp/mysql.sock ]; then
+			break
+		else
+			sleep 1
+			echo -n '.'
+		fi
+	done
+}
+
+load_rc_config $name
+run_rc_command "$1"
diff --git a/security/py-prewikka/files/runPrewikka.c b/security/py-prewikka/files/runPrewikka.c
new file mode 100644
index 00000000000..19741147146
--- /dev/null
+++ b/security/py-prewikka/files/runPrewikka.c
@@ -0,0 +1,144 @@
+#define PREWIKKA_HTTPD_USER "@PREWIKKA_USER@"
+#define PREWIKKA_HTTPD_PATH "@PREFIX@/bin/prewikka-httpd"
+
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <sys/wait.h>
+#include <pwd.h>
+#include <syslog.h>
+
+#define MAX_ARGS 40
+#ifndef         TRUE
+#define         TRUE                            1
+#endif                          /* TRUE */
+
+#ifndef         FALSE
+#define         FALSE                           0
+#endif                          /* FALSE */
+
+
+void error_sys(char *str)
+
+{
+    /* Output error message to syslog */
+    char msg[1024];
+    snprintf(msg, sizeof(msg), "run-prewikka-httpd : %s : %s", str, strerror(errno));
+    syslog(LOG_ALERT, msg);
+
+}
+
+
+int obtainUIDandGID(const char *name, uid_t *pw_uid, gid_t *pw_gid)
+{
+    /* Obtain UID and GID from passwd entry identified by name */
+    struct passwd *pw_entry;
+    char msg[100];
+
+    if ((pw_entry = getpwnam(name)) == NULL)
+    {
+        snprintf(msg, sizeof(msg), "failed to get password entry for %s", name);
+        error_sys(msg);
+        return FALSE;
+    }
+    else
+    {
+        *pw_uid = pw_entry->pw_uid;
+        *pw_gid = pw_entry->pw_gid;
+        return TRUE;
+
+    }
+}
+
+
+int main (int argc, char **argv )
+
+{
+
+    pid_t pid;
+    uid_t UID;
+    gid_t GID;
+    pid_t pidwait;
+    int waitstat;
+
+    /* Sanity check */
+    if (argc > MAX_ARGS)
+    {
+        error_sys("arg buffer too small");
+        exit(-1);
+    }
+
+    /* fork child that will become prewikka-httpd */
+    if ((pid = fork()) < 0)
+
+        error_sys("fork error");
+
+    else
+
+    {
+
+        if (pid == 0)
+
+        {
+
+            /* We're the child */
+            char *args[MAX_ARGS];
+            unsigned int i;
+
+            /* Become session leader */
+            setsid();
+
+            /* Clear out file creation mask */
+            umask(0);
+
+            if (!obtainUIDandGID(PREWIKKA_HTTPD_USER, &UID, &GID))
+                exit(-1);
+
+            /* Drop privileges immediately */
+            if (setgid(GID) < 0)
+            {
+                /* It is VERY important to check return
+                   value and not continue if setgid fails
+                */
+                error_sys ("setgid failed");
+                exit (-1);
+            }
+
+            if (setuid(UID) < 0)
+            {
+                /* It is VERY important to check return
+                   value and not continue if setuid fails
+                */
+                error_sys ("setuid failed");
+                exit (-1);
+            }
+
+            /* Build calling argv */
+            args[0] = PREWIKKA_HTTPD_PATH;
+            for (i=1;i<argc;i++)
+            {
+                args[i] = argv[i];
+            }
+            args[i++] = NULL;
+
+            /* Finally transform self into prewikka-httpd */
+            if (execvp(PREWIKKA_HTTPD_PATH, args) < 0)
+                error_sys("execve error");
+            else
+                ; /* avoid if-then ambiguity */
+        }
+
+        else
+
+        {
+            /* We're the parent
+               Terminate
+            */
+            exit(0);
+        }
+
+    }
+
+}