blob: dec36c17d601ecdc796ad5fd41a0223bd3d3f1e2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
|
# Created by: Nikola Kolev <koue@chaosophia.net>
PORTNAME= samhain
PORTVERSION= 4.4.3
CATEGORIES= security
MASTER_SITES= http://la-samhna.de/archive/
DISTNAME= samhain_signed-${PORTVERSION}
MAINTAINER= freebsd@gregv.net
COMMENT= Samhain Intrusion Detection System
LICENSE= GPLv2
BROKEN_aarch64= fails to link: missing sbrk
BROKEN_mips= fails to configure: error: Could not find the libwrap library
BROKEN_mips64= fails to configure: error: Could not find the libwrap library
BROKEN_riscv64= fails to link: missing sbrk
USES= shebangfix
SHEBANG_FILES= scripts/samhainadmin-gpg.pl.in \
scripts/samhainadmin-sig.pl.in
GNU_CONFIGURE= yes
CONFIGURE_ARGS= --localstatedir=/var \
--with-logserver=true \
--with-altlogserver=true \
--with-timeserver=true \
--with-alttimeserver=true
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
OPTIONS_DEFINE= ASM DB_RELOAD DEBUG DNMALLOC DOCS ENCRYPT GNUPG IPV6 \
LIBWRAP LOGFILE_MONITOR LOGIN_WATCH MAIL \
MOUNTS_CHECK PORT_CHECK POSIX_ACL PRELUDE PROCESS_CHECK \
PTRACE SRP STATIC SUIDCHECK UDP USERFILES XML_LOGS
OPTIONS_DEFAULT= ASM DNMALLOC ENCRYPT LIBWRAP MAIL SRP
OPTIONS_RADIO= DB
OPTIONS_RADIO_DB= MYSQL ODBC PGSQL
OPTIONS_SUB= yes
DB_DESC= Database support
DB_RELOAD_DESC= Enable database reload on SIGHUP
DNMALLOC_DESC= Enable dnmalloc
ENCRYPT_DESC= Enable client/server encryption
LOGFILE_MONITOR_DESC= Enable monitor logfiles
LOGIN_WATCH_DESC= Enable watch for login/logout
MAIL_DESC= Enable internal SMTP mailer
MOUNTS_CHECK_DESC= Enable check mount options on filesystems
PORT_CHECK_DESC= Enable check ports
POSIX_ACL_DESC= Enable check posix acls
PRELUDE_DESC= Enable Prelude Framework support
PROCESS_CHECK_DESC= Enable check processes
PTRACE_DESC= Enable use anti-debugger options
SRP_DESC= Enable SRP for authentication
SUIDCHECK_DESC= Enable check for suid/sgid files
UDP_DESC= Enable UDP server
USERFILES_DESC= Enable check for users config files
XML_LOGS_DESC= Enable XML-formatted logs
ASM_CONFIGURE_ENABLE= asm
DB_RELOAD_CONFIGURE_ENABLE= db-reload
DEBUG_CONFIGURE_ENABLE= debug
DNMALLOC_CONFIGURE_ENABLE= dnmalloc
ENCRYPT_CONFIGURE_ENABLE= encrypt
GNUPG_BUILD_DEPENDS= gpg:security/gnupg
GNUPG_CONFIGURE_WITH= gpg=${PREFIX}/bin/gpg
IPV6_CONFIGURE_ENABLE= ipv6
LIBWRAP_CONFIGURE_WITH= libwrap
LOGFILE_MONITOR_CONFIGURE_ENABLE= logfile-monitor
LOGIN_WATCH_CONFIGURE_ENABLE= login-watch
MAIL_CONFIGURE_ENABLE= mail
MOUNTS_CHECK_CONFIGURE_ENABLE= mounts-check
MYSQL_IMPLIES= XML_LOGS
MYSQL_USES= mysql
MYSQL_CONFIGURE_ON= --with-database=mysql
ODBC_IMPLIES= XML_LOGS
ODBC_LIB_DEPENDS= libodbc.so:databases/unixODBC
ODBC_CONFIGURE_ON= --with-database=odbc
PGSQL_IMPLIES= XML_LOGS
PGSQL_USES= pgsql
PGSQL_CONFIGURE_ON= --with-database=postgresql
PORT_CHECK_CONFIGURE_ENABLE= port-check
POSIX_ACL_CONFIGURE_ENABLE= posix-acl
PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude
PRELUDE_CONFIGURE_WITH= prelude
PROCESS_CHECK_CONFIGURE_ENABLE= process-check
PTRACE_CONFIGURE_ENABLE= ptrace
SRP_CONFIGURE_ENABLE= srp
STATIC_CONFIGURE_ENABLE= static
SUIDCHECK_CONFIGURE_ENABLE= suidcheck
UDP_CONFIGURE_ENABLE= udp
USERFILES_CONFIGURE_ENABLE= userfiles
XML_LOGS_CONFIGURE_ENABLE= xml-log
.include <bsd.port.pre.mk>
.if ${ARCH} == "amd64"
CFLAGS+= -fPIC
.endif
.if defined(WITH_RUNAS_USER)
CONFIGURE_ARGS+= --enable-identity=${WITH_RUNAS_USER}
.else
CONFIGURE_ARGS+= --enable-identity=yule
.endif
.if defined(WITH_CLIENT)
CONFIGURE_ARGS+= --enable-network=client \
--with-data-file=REQ_FROM_SERVER/var/lib/samhain/data.samhain \
--with-config-file=REQ_FROM_SERVER
PLIST_SUB+= SAMHAIN="" SETPWD="" YULE="@comment "
EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch
.elif defined(WITH_SERVER)
USERS= yule
GROUPS= yule
CONFIGURE_ARGS+= --enable-network=server
SUB_LIST+= WITH_YULE="yes"
PLIST_SUB+= YULE="" SAMHAIN="@comment " SETPWD="@comment "
EXTRA_PATCHES+= ${FILESDIR}/fixyulerc.patch
.else
SUB_LIST+= WITH_YULE=""
PLIST_SUB+= SAMHAIN="" YULE="@comment " SETPWD="@comment "
EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch
.endif
pre-everything::
.if !defined(WITH_CLIENT) && !defined(WITH_SERVER)
@${ECHO_MSG}
@${ECHO_MSG} "Building Samhain in standalone mode."
@${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C"
@${ECHO_MSG} "now, and build samhain from the samhain-client and"
@${ECHO_MSG} "samhain-server ports."
@${ECHO_MSG}
.endif
.if defined(WITH_CLIENT) && defined(WITH_SERVER)
IGNORE= can't build client and server at once
.endif
post-extract:
@${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz
@${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc
post-install:
.if !defined(WITH_SERVER)
${INSTALL_SCRIPT} ${WRKSRC}/init/samhain.startFreeBSD ${STAGEDIR}${PREFIX}/etc/rc.d/samhain
@${CP} ${WRKSRC}/samhainrc ${STAGEDIR}${PREFIX}/etc/samhainrc.sample
@${CHGRP} wheel ${STAGEDIR}${PREFIX}/etc/samhainrc.sample
${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/samhain
.else
${INSTALL_SCRIPT} ${WRKSRC}/init/samhain.startFreeBSD ${STAGEDIR}${PREFIX}/etc/rc.d/yule
@${CP} ${WRKSRC}/yulerc ${STAGEDIR}${PREFIX}/etc/yulerc.sample
${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yule
${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yulectl
${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yule_setpwd
.endif
.if defined(WITH_CLIENT)
${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/samhain_setpwd
.endif
post-install-DOCS-on:
${MKDIR} ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/MANUAL-2_4.pdf ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-client+server.html ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-client+server-troubleshooting.html ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-samhain+GnuPG.html ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-write-modules.html ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/FAQ.html ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/README.UPGRADE ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/README ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/BUGS ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/sh_mounts.txt ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/docs/sh_userfiles.txt ${STAGEDIR}${DOCSDIR}
.include <bsd.port.post.mk>
|
