Skip site navigation (1)Skip section navigation (2)
Date:      11 Jan 2003 23:08:52 -0000
From:      David Thiel <lx@redundancy.redundancy.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/46982: The Samhain Intrusion Detection System
Message-ID:  <20030111230852.28002.qmail@redundancy.redundancy.org>

next in thread | raw e-mail | index | archive | help

>Number:         46982
>Category:       ports
>Synopsis:       The Samhain Intrusion Detection System
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 11 15:10:03 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     David Thiel <lx@redundancy.redundancy.org>
>Release:        FreeBSD 4.7-STABLE i386
>Organization:
>Environment:
System: FreeBSD redundancy.redundancy.org 4.7-STABLE FreeBSD 4.7-STABLE #35: Thu Jan 2 17:44:25 PST 2003 lx@redundancy.redundancy.org:/usr/obj/usr/src/sys/REDUNDANCY i386


	
>Description:
	Samhain is a host-based Intrusion Detection System and integrity
	checker with advanced features such as centralized logging, 
	MySQL/PostgreSQL support, and rootkit detection.
>How-To-Repeat:
	
>Fix:

	

--- samhain.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	samhain
#	samhain/Makefile
#	samhain/pkg-comment
#	samhain/pkg-descr
#	samhain/distinfo
#	samhain/pkg-plist
#	samhain/files
#	samhain/files/patch-aa
#	samhain/files/patch-ab
#
echo c - samhain
mkdir -p samhain > /dev/null 2>&1
echo x - samhain/Makefile
sed 's/^X//' >samhain/Makefile << 'END-of-samhain/Makefile'
X# New ports collection makefile for:   samhain
X# Date created:        9 January 2003
X# Whom:                lx
X#
X# $FreeBSD$
X#
X
XPORTNAME=      samhain
XPORTVERSION=   1.7.1a
XCATEGORIES=    security
XMASTER_SITES=  http://la-samhna.de/samhain/
XDISTFILES=      samhain_signed-${PORTVERSION}.tar.gz
X
XMAINTAINER=    lx@redundancy.redundancy.org
X
XGNU_CONFIGURE= yes
XCONFIGURE_ARGS= --enable-login-watch --localstatedir=/var --mandir=${PREFIX}/man
X
X.if defined(TRUSTED_USER)
XCONFIGURE_ARGS+=  --enable-identity=${TRUSTED_USER}
X.endif
X.if defined(WITH_GPG)
XCONFIGURE_ARGS+=  --with-gpg=${PREFIX}/bin/gpg
XRUN_DEPENDS=	gnupg:${PORTSDIR}/security/gnupg
X.endif
X.if defined(WITH_MYSQL)
XCONFIGURE_ARGS+=  --with-database=mysql
X.endif
X.if defined(WITH_POSTGRES)
XCONFIGURE_ARGS+=  --with-database=postgresql
X.endif
X.if defined(CLIENT)
XCONFIGURE_ARGS+=  --enable-network=client
XPLIST_SUB+=	SAMHAIN="" SETPWD="" YULE="@comment "
XMAN5= samhainrc.5
XMAN8= samhain.8
X.elif defined(SERVER)
XCONFIGURE_ARGS+=  --enable-network=server
XPLIST_SUB+=	YULE="" SAMHAIN="@comment " SETPWD="@comment "
XMAN5= yulerc.5
XMAN8= yule.8
X.else
XPLIST_SUB+=	SAMHAIN="" YULE="@comment " SETPWD="@comment "
XMAN5= samhainrc.5
XMAN8= samhain.8
X.endif
X
Xpre-everything::
X
X.if !defined(CLIENT) && !defined(SERVER)
X	@${ECHO_MSG} "Building in standalone mode."
X	@${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C"
X	@${ECHO_MSG} "now and make with SERVER=yes or CLIENT=yes."
X.endif
X
Xpost-extract:
X	@${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz
X	@${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc
X
Xpost-install:
X.if !defined(SERVER)
X	@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh
X.else
X	@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh
X.endif
X.if !defined(NOPORTDOCS)
X	${MKDIR} ${PREFIX}/share/doc/samhain
X	${INSTALL_MAN} ${WRKSRC}/MANUAL-1_7.ps.gz ${PREFIX}/share/doc/samhain
X.endif
X
Xinstall-user:
X	@(cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} install-user)
X
X.include <bsd.port.mk>
END-of-samhain/Makefile
echo x - samhain/pkg-comment
sed 's/^X//' >samhain/pkg-comment << 'END-of-samhain/pkg-comment'
XThe Samhain Intrusion Detection System
END-of-samhain/pkg-comment
echo x - samhain/pkg-descr
sed 's/^X//' >samhain/pkg-descr << 'END-of-samhain/pkg-descr'
XSamhain is an open source file integrity and host-based intrusion
Xdetection system for Linux and Unix. It can run as a daemon process,
Xand and thus can remember file changes - contrary to a tool that runs
Xfrom cron, if a file is modified you will get only one report, while
Xsubsequent checks of that file will ignore the modification as it is
Xalready reported (unless the file is modified again).
X
XSamhain can optionally be used as client/server system to provide
Xcentralized monitoring for multiple host. Logging to a (MySQL or
XPostgreSQL) database is supported.
END-of-samhain/pkg-descr
echo x - samhain/distinfo
sed 's/^X//' >samhain/distinfo << 'END-of-samhain/distinfo'
XMD5 (samhain_signed-1.7.1a.tar.gz) = f30db157a4c28c3cba6965197d332034
END-of-samhain/distinfo
echo x - samhain/pkg-plist
sed 's/^X//' >samhain/pkg-plist << 'END-of-samhain/pkg-plist'
X%%YULE%%etc/yulerc.sample
X%%YULE%%sbin/yule_setpwd
X%%YULE%%sbin/yule
X%%YULE%%etc/rc.d/yule.sh
X%%YULE%%@unexec rmdir /var/lib/yule 2>/dev/null || true
X%%SAMHAIN%%etc/samhainrc.sample
X%%SAMHAIN%%sbin/samhain
X%%SAMHAIN%%etc/rc.d/samhain.sh
X%%SAMHAIN%%@unexec rmdir /var/lib/samhain 2>/dev/null || true
X%%SETPWD%%sbin/samhain_setpwd
X%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.ps.gz
X%%PORTDOCS%%@dirrm share/doc/samhain
END-of-samhain/pkg-plist
echo c - samhain/files
mkdir -p samhain/files > /dev/null 2>&1
echo x - samhain/files/patch-aa
sed 's/^X//' >samhain/files/patch-aa << 'END-of-samhain/files/patch-aa'
X--- configure   Wed Jan  8 09:50:51 2003
X+++ configure   Fri Jan 10 17:25:04 2003
X@@ -10451,7 +10451,7 @@
X 
X else
X 
X-	myconffile="${sysconfdir}/${install_name}rc"
X+	myconffile="${sysconfdir}/${install_name}rc.sample"
X 
X 
X fi;
END-of-samhain/files/patch-aa
echo x - samhain/files/patch-ab
sed 's/^X//' >samhain/files/patch-ab << 'END-of-samhain/files/patch-ab'
X--- Makefile.in	Sat Jan  4 07:05:28 2003
X+++ Makefile.in	Fri Jan 10 10:54:57 2003
X@@ -265,14 +265,6 @@
X #----------------------------------------------------------
X 
X install: install-lkm install-program install-man install-data
X-	@echo; \
X-	echo "  You can use 'samhain-install.sh uninstall' for uninstalling"; \
X-	echo "  i.e. you might consider saving that script for future use";\
X-	echo; \
X-	echo "  Use 'make install-boot' if you want @install_name@ to start"; \
X-	echo "  on system boot."; \
X-	echo
X-
X 
X purge: uninstall-lkm uninstall-program uninstall-man 
X 	@echo "./samhain-install.sh --destdir=$(DESTDIR) --force --verbose uninstall-data"; \
X@@ -423,7 +415,7 @@
X 	    echo "  -----------------------------------------------------";\
X 	    echo "  The server will run as user @myident@ if started with";\
X 	    echo "  root privileges, otherwise as the user of the parent ";\
X-	    echo "  process (use --enable-identity=USER to change).";\
X+	    echo "  process (use TRUSTED_USER=USER to change).";\
X 	    echo;\
X 	    echo "  You may want to use: make install-user";\
X 	    echo;\
END-of-samhain/files/patch-ab
exit
--- samhain.shar ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030111230852.28002.qmail>