[NEW PORT] security/jailaudit: Generate portaudit reports for jails from the hostsystem

This port contains a script for generating portaudit reports
	for jails running on a FreeBSD system.

	Jailaudit runs in the Host-system and uses portaudit to
	create reports for every jail currently running.

	It can also be used to send specific report-mails to the
	owner of a jail by running it as a cronjob.

	/etc/crontab example:
	0   4   *   *   *   *   root   /usr/local/bin/jailaudit mail admin@foo.bar "foo.example.com bar.example.com"

	Sends reports-mails of the jails with the hostnames
	foo.example.com and bar.example.com to the mailaddr.
	admin@example.com.

	WWW: http://outpost.h3q.org/software/jailaudit/

PR:		ports/87581
Submitted by:	Philipp Wuensche <cryx-ports@h3q.com>

ports-mgmt/jailaudit/Makefile

@@ -0,0 +1,34 @@
+# New ports collection makefile for:	jailaudit
+# Date created:				21 October 2005
+# Whom:					cryx
+#
+# $FreeBSD$
+#
+
+PORTNAME=	jailaudit
+PORTVERSION=	1.1
+CATEGORIES=	security
+MASTER_SITES=	http://outpost.h3q.com/software/jailaudit/
+
+MAINTAINER=	cryx-ports@h3q.com
+COMMENT=	Script to generate portaudit reports for jails
+
+RUN_DEPENDS=	${LOCALBASE}/sbin/portaudit:${PORTSDIR}/security/portaudit
+
+USE_BZIP2=	yes
+
+PERIODICDIR?=	${PREFIX}/etc/periodic
+REPORTDIR?=	${PREFIX}/jailaudit/reports
+TMPDIR?=	${PREFIX}/jailaudit/tmp
+
+PLIST_SUB+=	PERIODICDIR="${PERIODICDIR:S,^${PREFIX}/,,}" \
+		REPORTDIR="${REPORTDIR:S,^${PREFIX}/,,}" \
+		TMPDIR="${TMPDIR:S,^${PREFIX}/,,}"
+
+.include <bsd.port.pre.mk>
+
+.if ( ${OSVERSION} < 501000 )
+IGNORE=		needs the jls utility which was added in FreeBSD 5.1
+.endif
+
+.include <bsd.port.post.mk>

ports-mgmt/jailaudit/distinfo

@@ -0,0 +1,2 @@
+MD5 (jailaudit-1.1.tar.bz2) = 32f5b1973cc9eaa88b0e05792499a0c7
+SIZE (jailaudit-1.1.tar.bz2) = 2512

ports-mgmt/jailaudit/pkg-descr

@@ -0,0 +1,20 @@
+This port contains a script to generate portaudit reports for jails
+running on a FreeBSD system.
+
+Normally portaudit just creates reports for the Host-system or the jail
+it is installed in. With a large number of jails running on a system,
+installing and updating portaudit in every jail is time-consuming and
+error-prone. Jailaudit uses the portaudit installed in the Host-system
+to create a report for every jail.
+
+The reports are appended to the daily security run and can be sent to a
+specific mail address, which allows the Host-system administrator to
+dispatch portaudit reports to the owners of jails, keeping them informed
+about potential security advisories of their installed ports.
+
+Jailaudit can be used on FreeBSD 5.1 or larger.
+
+WWW: https://anonsvn.h3q.com/projects/jailaudit/
+
+- cryx
+Philipp Wuensche <cryx-ports@h3q.com>

ports-mgmt/jailaudit/pkg-plist

@@ -0,0 +1,11 @@
+bin/jailaudit
+etc/jailaudit.conf.sample
+%%PERIODICDIR%%/security/410.jailaudit
+@unexec rmdir %D/%%PERIODICDIR%%/security 2>/dev/null || true
+@unexec rmdir %D/%%PERIODICDIR%% 2>/dev/null || true
+@exec mkdir -p %D/%%REPORTDIR%%
+@unexec rmdir %D/%%REPORTDIR%% 2>/dev/null || true
+@exec mkdir -p %D/%%TMPDIR%%
+@unexec rmdir %D/%%TMPDIR%% 2>/dev/null || true
+@unexec rmdir %DPDIR%% 2>/dev/null || true
+@unexec rmdir %D/jailaudit 2>/dev/null || true

security/Makefile

@@ -171,6 +171,7 @@
     SUBDIR += ipsec-tools
     SUBDIR += isakmpd
     SUBDIR += its4
+    SUBDIR += jailaudit
     SUBDIR += jce_policy14
     SUBDIR += john
     SUBDIR += keychain

security/jailaudit/Makefile

@@ -0,0 +1,34 @@
+# New ports collection makefile for:	jailaudit
+# Date created:				21 October 2005
+# Whom:					cryx
+#
+# $FreeBSD$
+#
+
+PORTNAME=	jailaudit
+PORTVERSION=	1.1
+CATEGORIES=	security
+MASTER_SITES=	http://outpost.h3q.com/software/jailaudit/
+
+MAINTAINER=	cryx-ports@h3q.com
+COMMENT=	Script to generate portaudit reports for jails
+
+RUN_DEPENDS=	${LOCALBASE}/sbin/portaudit:${PORTSDIR}/security/portaudit
+
+USE_BZIP2=	yes
+
+PERIODICDIR?=	${PREFIX}/etc/periodic
+REPORTDIR?=	${PREFIX}/jailaudit/reports
+TMPDIR?=	${PREFIX}/jailaudit/tmp
+
+PLIST_SUB+=	PERIODICDIR="${PERIODICDIR:S,^${PREFIX}/,,}" \
+		REPORTDIR="${REPORTDIR:S,^${PREFIX}/,,}" \
+		TMPDIR="${TMPDIR:S,^${PREFIX}/,,}"
+
+.include <bsd.port.pre.mk>
+
+.if ( ${OSVERSION} < 501000 )
+IGNORE=		needs the jls utility which was added in FreeBSD 5.1
+.endif
+
+.include <bsd.port.post.mk>

security/jailaudit/distinfo

@@ -0,0 +1,2 @@
+MD5 (jailaudit-1.1.tar.bz2) = 32f5b1973cc9eaa88b0e05792499a0c7
+SIZE (jailaudit-1.1.tar.bz2) = 2512

security/jailaudit/pkg-descr

@@ -0,0 +1,20 @@
+This port contains a script to generate portaudit reports for jails
+running on a FreeBSD system.
+
+Normally portaudit just creates reports for the Host-system or the jail
+it is installed in. With a large number of jails running on a system,
+installing and updating portaudit in every jail is time-consuming and
+error-prone. Jailaudit uses the portaudit installed in the Host-system
+to create a report for every jail.
+
+The reports are appended to the daily security run and can be sent to a
+specific mail address, which allows the Host-system administrator to
+dispatch portaudit reports to the owners of jails, keeping them informed
+about potential security advisories of their installed ports.
+
+Jailaudit can be used on FreeBSD 5.1 or larger.
+
+WWW: https://anonsvn.h3q.com/projects/jailaudit/
+
+- cryx
+Philipp Wuensche <cryx-ports@h3q.com>

security/jailaudit/pkg-plist

@@ -0,0 +1,11 @@
+bin/jailaudit
+etc/jailaudit.conf.sample
+%%PERIODICDIR%%/security/410.jailaudit
+@unexec rmdir %D/%%PERIODICDIR%%/security 2>/dev/null || true
+@unexec rmdir %D/%%PERIODICDIR%% 2>/dev/null || true
+@exec mkdir -p %D/%%REPORTDIR%%
+@unexec rmdir %D/%%REPORTDIR%% 2>/dev/null || true
+@exec mkdir -p %D/%%TMPDIR%%
+@unexec rmdir %D/%%TMPDIR%% 2>/dev/null || true
+@unexec rmdir %DPDIR%% 2>/dev/null || true
+@unexec rmdir %D/jailaudit 2>/dev/null || true