From owner-freebsd-ports-bugs@FreeBSD.ORG  Thu Aug 25 17:30:12 2005
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
X-Original-To: freebsd-ports-bugs@hub.freebsd.org
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8BEAF16A426
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 25 Aug 2005 17:30:12 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0325C43D53
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 25 Aug 2005 17:30:10 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j7PHUAqf029994
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Thu, 25 Aug 2005 17:30:10 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j7PHUAT9029987;
	Thu, 25 Aug 2005 17:30:10 GMT (envelope-from gnats)
Resent-Date: Thu, 25 Aug 2005 17:30:10 GMT
Resent-Message-Id: <200508251730.j7PHUAT9029987@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	"Brian A. Seklecki" <lavalamp@spiritual-machines.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A7E8E16A41F
	for <freebsd-gnats-submit@FreeBSD.org>;
	Thu, 25 Aug 2005 17:24:18 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7561243D45
	for <freebsd-gnats-submit@FreeBSD.org>;
	Thu, 25 Aug 2005 17:24:18 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j7PHOHwM036247
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 25 Aug 2005 17:24:17 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j7PHOGcv036243;
	Thu, 25 Aug 2005 17:24:16 GMT (envelope-from nobody)
Message-Id: <200508251724.j7PHOGcv036243@www.freebsd.org>
Date: Thu, 25 Aug 2005 17:24:16 GMT
From: "Brian A. Seklecki" <lavalamp@spiritual-machines.org>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-2.3
Cc: 
Subject: ports/85294: Samhain Client / Server XML Logging 
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2005 17:30:12 -0000


>Number:         85294
>Category:       ports
>Synopsis:       Samhain Client / Server XML Logging
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 25 17:30:10 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Brian A. Seklecki
>Release:        FreeBSD 5.3-RELEASE-p20 i386
>Organization:
Spiritual Machines, Collaborative Fusion Inc.
>Environment:
FreeBSD soundwave 5.3-RELEASE-p20 FreeBSD 5.3-RELEASE-p20 #0: Wed Jul 27 16:03:34 EDT 2005     root@soundwave.collaborativefusion.com:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
1) ports/security/samhain sets "CONFIGURE_ARGS+= --enable-xml-log" if either WITH_POSTGRESQL or WITH_MYSQL are set.  

2) Both the network daemon (yule) and the network enabled client must both support XML log in order for database logging to work properly.

4) Database logging could probably be configured for a stand alone client and a Yule server could probably be configure not to log to a database, but neither are highly likely.

3) An admin is compiling a client agent for network support probably doesn't want to enable Database logging (and hence meeting the Ports dependency for the client, linking it against, etc.) just to get XML log support.

Therefore....(see fix)

>How-To-Repeat:
  See problem description.
  See:
http://la-samhna.de/forum/cgi-bin/wolfbbs_index.cgi?board=samhain&action=read&id=1807&showTime=2592000
http://la-samhna.de/forum/cgi-bin/wolfbbs_index.cgi?board=samhain&action=read&id=1803&showTime=2592000

Yule will fail to properly parse XML messages when writing them to the database.

When an admin begins to compile Samhain/Yule from ports, on the server the following make config options would be selected:
[X] SERVER
and
[ ] MYSQL or [ ] POSTGRESQL
optionally
WITH_RUNAS_USER (per my other PR) will be set in shell and KCHECK[ ]/GPG[ ] are NOT optional (they do not apply to Yule)

On client:
[X] CLIENT
and optionally KCHECK[ ] and GPG[ ]
>Fix:
      ...therefore WITH_CLIENT should imply "CONFIGURE_ARGS+= --enable-xml-log", or it should be implied nowhere and a new 'make config' option should be set, defaulting to on/yes/true/enabled.

~BAS
>Release-Note:
>Audit-Trail:
>Unformatted: