From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Jul 21 18:20:24 2004 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 24CFC16A4CF for ; Wed, 21 Jul 2004 18:20:24 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 181D643D5C for ; Wed, 21 Jul 2004 18:20:24 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i6LIKNQW082715 for ; Wed, 21 Jul 2004 18:20:23 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i6LIKNLT082714; Wed, 21 Jul 2004 18:20:23 GMT (envelope-from gnats) Resent-Date: Wed, 21 Jul 2004 18:20:23 GMT Resent-Message-Id: <200407211820.i6LIKNLT082714@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, David Thiel Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72EA016A4CE for ; Wed, 21 Jul 2004 18:11:24 +0000 (GMT) Received: from redundancy.redundancy.org (redundancy.redundancy.org [198.144.201.242]) by mx1.FreeBSD.org (Postfix) with SMTP id 0803843D31 for ; Wed, 21 Jul 2004 18:11:24 +0000 (GMT) (envelope-from lx@redundancy.redundancy.org) Received: (qmail 93312 invoked by uid 1000); 21 Jul 2004 18:11:41 -0000 Message-Id: <20040721181141.93311.qmail@redundancy.redundancy.org> Date: 21 Jul 2004 18:11:41 -0000 From: David Thiel To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: krion@FreeBSD.org Subject: ports/69387: Update: security/samhain 1.8.9 -> 1.8.10b X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: David Thiel List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jul 2004 18:20:24 -0000 >Number: 69387 >Category: ports >Synopsis: Update: security/samhain 1.8.9 -> 1.8.10b >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Wed Jul 21 18:20:23 GMT 2004 >Closed-Date: >Last-Modified: >Originator: David Thiel >Release: FreeBSD 4.9-STABLE i386 >Organization: >Environment: System: FreeBSD redundancy.redundancy.org 4.9-STABLE FreeBSD 4.9-STABLE #15: Wed Nov 19 21:41:32 PST 2003 lx@redundancy.redundancy.org:/usr/obj/usr/src/sys/REDUNDANCY i386 >Description: Port changes: Add OPTIONS menu, remove most tunable info from comments. Change variable names to use the "WITH_*" standard. 1.8.10b info: Fixed FreeBSD make issue in the 1.8.10 release, fixes for default GrowingLogFiles policy, bugfixes in signal handling and kernel checking. See docs/Changelog for details. >How-To-Repeat: >Fix: diff -ruN samhain.old/Makefile samhain/Makefile --- samhain.old/Makefile Tue Jul 20 11:01:17 2004 +++ samhain/Makefile Wed Jul 21 10:27:21 2004 @@ -5,40 +5,19 @@ # $FreeBSD: ports/security/samhain/Makefile,v 1.16 2004/06/21 19:09:14 pav Exp $ # # -# This port recognizes the following tunables: +# This port recognizes the following non-binary tunables: # -# RUNAS_USER: -# The username of the account Yule will run as. Usually just "yule". -# -# WITH_GPG: -# Instructs the port to sign configuration files using the -# GNU Privacy Guard. -# -# WITH_KCHECK: -# Enable support for rogue kernel module detection. -# -# WITH_MYSQL: -# Enable support for logging to a MySQL database. Due to there -# being multiple current versions of MySQL, dependency for this -# is NOT checked. -# -# WITH_POSTGRESQL: -# Enable support for logging to a Postgres database. Untested. -# -# WITH_LIBWRAP: -# Enable support for TCP wrappers. -# -# SERVER: -# Builds as Yule, Samhain's central logging server. Mutually exclusive -# with CLIENT. -# -# CLIENT: -# Builds as a client to Yule. Fetches configuration files -# and signature database from LOG_SERVER, and optionally, ALT_LOG_SERVER. +# WITH_RUNAS_USER: +# Whe building with "WITH_SERVER" defined, the username of the +# account Yule will run as. Defaults to "yule". +# +# WITH_LOG_SERVER, WITH_ALT_LOG_SERVER. When "WITH_CLIENT" is defined, +# these specify what server the client will fetch configuration +# and database files from. This can also be defined at runtime. # PORTNAME= samhain -PORTVERSION= 1.8.9 +PORTVERSION= 1.8.10b CATEGORIES= security MASTER_SITES= http://la-samhna.de/archive/ \ http://cold.darkambient.net/ @@ -47,6 +26,15 @@ MAINTAINER= lx@redundancy.redundancy.org COMMENT= The Samhain Intrusion Detection System +OPTIONS= KCHECK "Enable rogue KLD detection" on \ + GPG "Enable GnuPG support" off \ + MYSQL "Enable MySQL logging" off \ + POSTGRESQL "Enable PostgreSQL logging" off \ + LIBWRAP "Enable TCP wrapper support" on \ + CLIENT "Build as Samhain network client" off \ + SERVER "Build as Yule network server" off + +.include .if defined(WITH_GPG) BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg .endif @@ -55,8 +43,8 @@ CONFIGURE_ARGS= --enable-login-watch --localstatedir=/var \ --mandir=${PREFIX}/man --enable-suidcheck -.if defined(RUNAS_USER) -CONFIGURE_ARGS+= --enable-identity=${RUNAS_USER} +.if defined(WITH_RUNAS_USER) +CONFIGURE_ARGS+= --enable-identity=${WITH_RUNAS_USER} .endif .if defined(WITH_KCHECK) CONFIGURE_ARGS+= --with-kcheck @@ -75,7 +63,7 @@ .if defined(WITH_LIBWRAP) CONFIGURE_ARGS+= --with-libwrap .endif -.if defined(CLIENT) +.if defined(WITH_CLIENT) CONFIGURE_ARGS+= --enable-network=client \ --with-data-file=REQ_FROM_SERVER/var/lib/samhain/data.samhain \ --with-config-file=REQ_FROM_SERVER @@ -83,7 +71,7 @@ EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch MAN5= samhainrc.5 MAN8= samhain.8 -.elif defined(SERVER) +.elif defined(WITH_SERVER) CONFIGURE_ARGS+= --enable-network=server PLIST_SUB+= YULE="" SAMHAIN="@comment " SETPWD="@comment " EXTRA_PATCHES+= ${FILESDIR}/fixyulerc.patch @@ -95,24 +83,25 @@ MAN5= samhainrc.5 MAN8= samhain.8 .endif -.if defined(LOG_SERVER) -CONFIGURE_ARGS+= --with-logserver=${LOG_SERVER} +.if defined(WITH_LOG_SERVER) +CONFIGURE_ARGS+= --with-logserver=${WITH_LOG_SERVER} .endif -.if defined(ALT_LOG_SERVER) -CONFIGURE_ARGS+= --with-altlogserver=${ALT_LOG_SERVER} +.if defined(WITH_ALT_LOG_SERVER) +CONFIGURE_ARGS+= --with-altlogserver=${WITH_ALT_LOG_SERVER} .endif pre-everything:: -.if !defined(CLIENT) && !defined(SERVER) +.if !defined(WITH_CLIENT) && !defined(WITH_SERVER) @${ECHO_MSG} @${ECHO_MSG} "Building in standalone mode." @${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C" - @${ECHO_MSG} "now and make with SERVER=yes or CLIENT=yes." + @${ECHO_MSG} "now, review the options in the Makefile, and make" + @${ECHO_MSG} "with WITH_SERVER=yes or WITH_CLIENT=yes." @${ECHO_MSG} .endif -.if defined(CLIENT) && defined(SERVER) +.if defined(WITH_CLIENT) && defined(WITH_SERVER) @${ECHO_MSG} @${ECHO_MSG} "Can't build client and server at once!" @${ECHO_MSG} @@ -132,7 +121,7 @@ @${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc post-install: -.if !defined(SERVER) +.if !defined(WITH_SERVER) @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh.sample .else @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh.sample @@ -148,4 +137,4 @@ install-user: @(cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} install-user) -.include +.include diff -ruN samhain.old/distinfo samhain/distinfo --- samhain.old/distinfo Tue Jul 20 11:01:17 2004 +++ samhain/distinfo Wed Jul 21 10:15:49 2004 @@ -1,2 +1,2 @@ -MD5 (samhain_signed-1.8.9.tar.gz) = 042b5bbee89d219dd9ac1f0043e29a64 -SIZE (samhain_signed-1.8.9.tar.gz) = 929295 +MD5 (samhain_signed-1.8.10b.tar.gz) = f7c638e6989cb44287e814cf008877cd +SIZE (samhain_signed-1.8.10b.tar.gz) = 972170 >Release-Note: >Audit-Trail: >Unformatted: