Date: Thu, 25 Aug 2005 17:24:16 GMT From: "Brian A. Seklecki" <lavalamp@spiritual-machines.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/85294: Samhain Client / Server XML Logging Message-ID: <200508251724.j7PHOGcv036243@www.freebsd.org> Resent-Message-ID: <200508251730.j7PHUAT9029987@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 85294 >Category: ports >Synopsis: Samhain Client / Server XML Logging >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Aug 25 17:30:10 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Brian A. Seklecki >Release: FreeBSD 5.3-RELEASE-p20 i386 >Organization: Spiritual Machines, Collaborative Fusion Inc. >Environment: FreeBSD soundwave 5.3-RELEASE-p20 FreeBSD 5.3-RELEASE-p20 #0: Wed Jul 27 16:03:34 EDT 2005 root@soundwave.collaborativefusion.com:/usr/obj/usr/src/sys/GENERIC i386 >Description: 1) ports/security/samhain sets "CONFIGURE_ARGS+= --enable-xml-log" if either WITH_POSTGRESQL or WITH_MYSQL are set. 2) Both the network daemon (yule) and the network enabled client must both support XML log in order for database logging to work properly. 4) Database logging could probably be configured for a stand alone client and a Yule server could probably be configure not to log to a database, but neither are highly likely. 3) An admin is compiling a client agent for network support probably doesn't want to enable Database logging (and hence meeting the Ports dependency for the client, linking it against, etc.) just to get XML log support. Therefore....(see fix) >How-To-Repeat: See problem description. See: http://la-samhna.de/forum/cgi-bin/wolfbbs_index.cgi?board=samhain&action=read&id=1807&showTime=2592000 http://la-samhna.de/forum/cgi-bin/wolfbbs_index.cgi?board=samhain&action=read&id=1803&showTime=2592000 Yule will fail to properly parse XML messages when writing them to the database. When an admin begins to compile Samhain/Yule from ports, on the server the following make config options would be selected: [X] SERVER and [ ] MYSQL or [ ] POSTGRESQL optionally WITH_RUNAS_USER (per my other PR) will be set in shell and KCHECK[ ]/GPG[ ] are NOT optional (they do not apply to Yule) On client: [X] CLIENT and optionally KCHECK[ ] and GPG[ ] >Fix: ...therefore WITH_CLIENT should imply "CONFIGURE_ARGS+= --enable-xml-log", or it should be implied nowhere and a new 'make config' option should be set, defaulting to on/yes/true/enabled. ~BAS >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508251724.j7PHOGcv036243>