Date: 11 Jan 2003 23:08:52 -0000 From: David Thiel <lx@redundancy.redundancy.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/46982: The Samhain Intrusion Detection System Message-ID: <20030111230852.28002.qmail@redundancy.redundancy.org>
next in thread | raw e-mail | index | archive | help
>Number: 46982 >Category: ports >Synopsis: The Samhain Intrusion Detection System >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jan 11 15:10:03 PST 2003 >Closed-Date: >Last-Modified: >Originator: David Thiel <lx@redundancy.redundancy.org> >Release: FreeBSD 4.7-STABLE i386 >Organization: >Environment: System: FreeBSD redundancy.redundancy.org 4.7-STABLE FreeBSD 4.7-STABLE #35: Thu Jan 2 17:44:25 PST 2003 lx@redundancy.redundancy.org:/usr/obj/usr/src/sys/REDUNDANCY i386 >Description: Samhain is a host-based Intrusion Detection System and integrity checker with advanced features such as centralized logging, MySQL/PostgreSQL support, and rootkit detection. >How-To-Repeat: >Fix: --- samhain.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # samhain # samhain/Makefile # samhain/pkg-comment # samhain/pkg-descr # samhain/distinfo # samhain/pkg-plist # samhain/files # samhain/files/patch-aa # samhain/files/patch-ab # echo c - samhain mkdir -p samhain > /dev/null 2>&1 echo x - samhain/Makefile sed 's/^X//' >samhain/Makefile << 'END-of-samhain/Makefile' X# New ports collection makefile for: samhain X# Date created: 9 January 2003 X# Whom: lx X# X# $FreeBSD$ X# X XPORTNAME= samhain XPORTVERSION= 1.7.1a XCATEGORIES= security XMASTER_SITES= http://la-samhna.de/samhain/ XDISTFILES= samhain_signed-${PORTVERSION}.tar.gz X XMAINTAINER= lx@redundancy.redundancy.org X XGNU_CONFIGURE= yes XCONFIGURE_ARGS= --enable-login-watch --localstatedir=/var --mandir=${PREFIX}/man X X.if defined(TRUSTED_USER) XCONFIGURE_ARGS+= --enable-identity=${TRUSTED_USER} X.endif X.if defined(WITH_GPG) XCONFIGURE_ARGS+= --with-gpg=${PREFIX}/bin/gpg XRUN_DEPENDS= gnupg:${PORTSDIR}/security/gnupg X.endif X.if defined(WITH_MYSQL) XCONFIGURE_ARGS+= --with-database=mysql X.endif X.if defined(WITH_POSTGRES) XCONFIGURE_ARGS+= --with-database=postgresql X.endif X.if defined(CLIENT) XCONFIGURE_ARGS+= --enable-network=client XPLIST_SUB+= SAMHAIN="" SETPWD="" YULE="@comment " XMAN5= samhainrc.5 XMAN8= samhain.8 X.elif defined(SERVER) XCONFIGURE_ARGS+= --enable-network=server XPLIST_SUB+= YULE="" SAMHAIN="@comment " SETPWD="@comment " XMAN5= yulerc.5 XMAN8= yule.8 X.else XPLIST_SUB+= SAMHAIN="" YULE="@comment " SETPWD="@comment " XMAN5= samhainrc.5 XMAN8= samhain.8 X.endif X Xpre-everything:: X X.if !defined(CLIENT) && !defined(SERVER) X @${ECHO_MSG} "Building in standalone mode." X @${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C" X @${ECHO_MSG} "now and make with SERVER=yes or CLIENT=yes." X.endif X Xpost-extract: X @${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz X @${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc X Xpost-install: X.if !defined(SERVER) X @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh X.else X @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh X.endif X.if !defined(NOPORTDOCS) X ${MKDIR} ${PREFIX}/share/doc/samhain X ${INSTALL_MAN} ${WRKSRC}/MANUAL-1_7.ps.gz ${PREFIX}/share/doc/samhain X.endif X Xinstall-user: X @(cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} install-user) X X.include <bsd.port.mk> END-of-samhain/Makefile echo x - samhain/pkg-comment sed 's/^X//' >samhain/pkg-comment << 'END-of-samhain/pkg-comment' XThe Samhain Intrusion Detection System END-of-samhain/pkg-comment echo x - samhain/pkg-descr sed 's/^X//' >samhain/pkg-descr << 'END-of-samhain/pkg-descr' XSamhain is an open source file integrity and host-based intrusion Xdetection system for Linux and Unix. It can run as a daemon process, Xand and thus can remember file changes - contrary to a tool that runs Xfrom cron, if a file is modified you will get only one report, while Xsubsequent checks of that file will ignore the modification as it is Xalready reported (unless the file is modified again). X XSamhain can optionally be used as client/server system to provide Xcentralized monitoring for multiple host. Logging to a (MySQL or XPostgreSQL) database is supported. END-of-samhain/pkg-descr echo x - samhain/distinfo sed 's/^X//' >samhain/distinfo << 'END-of-samhain/distinfo' XMD5 (samhain_signed-1.7.1a.tar.gz) = f30db157a4c28c3cba6965197d332034 END-of-samhain/distinfo echo x - samhain/pkg-plist sed 's/^X//' >samhain/pkg-plist << 'END-of-samhain/pkg-plist' X%%YULE%%etc/yulerc.sample X%%YULE%%sbin/yule_setpwd X%%YULE%%sbin/yule X%%YULE%%etc/rc.d/yule.sh X%%YULE%%@unexec rmdir /var/lib/yule 2>/dev/null || true X%%SAMHAIN%%etc/samhainrc.sample X%%SAMHAIN%%sbin/samhain X%%SAMHAIN%%etc/rc.d/samhain.sh X%%SAMHAIN%%@unexec rmdir /var/lib/samhain 2>/dev/null || true X%%SETPWD%%sbin/samhain_setpwd X%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.ps.gz X%%PORTDOCS%%@dirrm share/doc/samhain END-of-samhain/pkg-plist echo c - samhain/files mkdir -p samhain/files > /dev/null 2>&1 echo x - samhain/files/patch-aa sed 's/^X//' >samhain/files/patch-aa << 'END-of-samhain/files/patch-aa' X--- configure Wed Jan 8 09:50:51 2003 X+++ configure Fri Jan 10 17:25:04 2003 X@@ -10451,7 +10451,7 @@ X X else X X- myconffile="${sysconfdir}/${install_name}rc" X+ myconffile="${sysconfdir}/${install_name}rc.sample" X X X fi; END-of-samhain/files/patch-aa echo x - samhain/files/patch-ab sed 's/^X//' >samhain/files/patch-ab << 'END-of-samhain/files/patch-ab' X--- Makefile.in Sat Jan 4 07:05:28 2003 X+++ Makefile.in Fri Jan 10 10:54:57 2003 X@@ -265,14 +265,6 @@ X #---------------------------------------------------------- X X install: install-lkm install-program install-man install-data X- @echo; \ X- echo " You can use 'samhain-install.sh uninstall' for uninstalling"; \ X- echo " i.e. you might consider saving that script for future use";\ X- echo; \ X- echo " Use 'make install-boot' if you want @install_name@ to start"; \ X- echo " on system boot."; \ X- echo X- X X purge: uninstall-lkm uninstall-program uninstall-man X @echo "./samhain-install.sh --destdir=$(DESTDIR) --force --verbose uninstall-data"; \ X@@ -423,7 +415,7 @@ X echo " -----------------------------------------------------";\ X echo " The server will run as user @myident@ if started with";\ X echo " root privileges, otherwise as the user of the parent ";\ X- echo " process (use --enable-identity=USER to change).";\ X+ echo " process (use TRUSTED_USER=USER to change).";\ X echo;\ X echo " You may want to use: make install-user";\ X echo;\ END-of-samhain/files/patch-ab exit --- samhain.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030111230852.28002.qmail>