OSSEC server and agent packages for Ubuntu
This repository contains all of the code and documentation related to the generic OSSEC packages maintained by the Freedom of the Press Foundation for all SecureDrop instances.
OSSEC doesn't provide a sha256 checksum for their download. They do provide a MD5 and SHA1. OSSEC also doesn't sign their checksum file but the download page is over HTTPS now.
Ansible only has options to check a sha256 or md5 checksum not a sha1 checksum.
- Download OSSEC archive and checksum file to your host.
- The OSSEC download url is: http://www.ossec.net/?page_id=19
- Follow the stable download link for the
ossec-hids-{{ VERSION }}-tar.gz
andchecksum
:
Latest Stable Release (2.8.2)
Server/Agent 2.8.2 โ Linux/BSD
- Verify sha1 and md5 checksum
- Generate the sha256 checksum of the verified download
The vars for building the deb packages are in ansible/build-deb-pkgs.yml
version
is correct upstream OSSEC versiondownload_checksum_sha256
is the upstream OSSEC downloads sha256 checksum derived earlier.download_checksum_md5
is the value from thechecksum
file on the OSSEC download page.
- The download url did not change. If it did update
download_url
- The naming convention for the file name in the url did not change. If it did update
download_name
- The naming convention for the OSSEC archive did not change. If it did update
archive_name
The ossec-server
and ossec-agent
control files and changelog are not currently managed by ansible. They currently require maually changing for each release. This will be fixed in a future release.
Versions need to be updated in
ossec-agent/DEBIAN/control
ossec-server/DEBIAN/control
The changelogs need to be updated:
ossec-server/usr/share/doc/ossec-server/changelog.Debian
ossec-agent/usr/share/doc/ossec-agent/changelog.Debian
For OSSEC version 2.8.2 updated and verified these values in ansible/build-deb-pkgs.yml
version: "2.8.2"
download_url: "https://github.com/ossec/ossec-hids/archive"
download_name: "{{ version }}.tar.gz"
download_checksum_sha256: "61e0892175a79fe119c8bab886cd41fcc3be9b84526600b06c18fa178a59cb34"
download_checksum_md5: "3036d5babc96216135759338466e1f79"
archive_name: "ossec-hids-{{ download_name }}"
-
First time, run
vagrant up
. -
To rebuild packages you can just run
vagrant provision
.
The ossec-server-VERSION-amd64.deb
and ossec-agent-VERSION-amd64.deb
packages will be in the ./build directory.
These package will need to be moved to the securedrop repo's ./build directory for testing in that environment.