diff options
| author | Edwin Groothuis <edwin@FreeBSD.org> | 2003-04-13 13:17:14 +0000 |
|---|---|---|
| committer | Edwin Groothuis <edwin@FreeBSD.org> | 2003-04-13 13:17:14 +0000 |
| commit | 5db5ae58ad96fdd52668ccb510982a808a54954a (patch) | |
| tree | 6877a47e3badb231e866f575877b380e73961def /security/samhain | |
| parent | x11/wmdrawer (diff) | |
The Samhain Intrusion Detection System
Samhain is a host-based Intrusion Detection System and
integrity checker with advanced features such as centralized
logging, MySQL/PostgreSQL support, and rootkit detection.
PR: ports/46982
Submitted by: David Thiel <lx@redundancy.redundancy.org>
Notes
Notes:
svn path=/head/; revision=78891
Diffstat (limited to 'security/samhain')
| -rw-r--r-- | security/samhain/Makefile | 86 | ||||
| -rw-r--r-- | security/samhain/distinfo | 1 | ||||
| -rw-r--r-- | security/samhain/files/patch-aa | 25 | ||||
| -rw-r--r-- | security/samhain/files/patch-ab | 11 | ||||
| -rw-r--r-- | security/samhain/pkg-descr | 10 | ||||
| -rw-r--r-- | security/samhain/pkg-plist | 13 |
6 files changed, 146 insertions, 0 deletions
diff --git a/security/samhain/Makefile b/security/samhain/Makefile new file mode 100644 index 000000000000..a2cbf419d424 --- /dev/null +++ b/security/samhain/Makefile @@ -0,0 +1,86 @@ +# New ports collection makefile for: samhain +# Date created: 9 January 2003 +# Whom: lx +# +# $FreeBSD$ +# + +PORTNAME= samhain +PORTVERSION= 1.7.4 +CATEGORIES= security +MASTER_SITES= http://la-samhna.de/samhain/ +DISTFILES= samhain_signed-${PORTVERSION}.tar.gz + +MAINTAINER= lx@redundancy.redundancy.org +COMMENT= The Samhain Intrusion Detection System + +.if defined(WITH_GPG) +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +.endif + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --enable-login-watch --localstatedir=/var --mandir=${PREFIX}/man + +.if defined(TRUSTED_USER) +CONFIGURE_ARGS+= --enable-identity=${TRUSTED_USER} +.endif +.if defined(WITH_KCHECK) +CONFIGURE_ARGS+= --with-kcheck +.endif +.if defined(WITH_GPG) +CONFIGURE_ARGS+= --with-gpg=${PREFIX}/bin/gpg +.endif +.if defined(WITH_MYSQL) +CONFIGURE_ARGS+= --with-database=mysql +.endif +.if defined(WITH_POSTGRES) +CONFIGURE_ARGS+= --with-database=postgresql +.endif +.if defined(CLIENT) +CONFIGURE_ARGS+= --enable-network=client +PLIST_SUB+= SAMHAIN="" SETPWD="" YULE="@comment " +MAN5= samhainrc.5 +MAN8= samhain.8 +.elif defined(SERVER) +CONFIGURE_ARGS+= --enable-network=server +PLIST_SUB+= YULE="" SAMHAIN="@comment " SETPWD="@comment " +MAN5= yulerc.5 +MAN8= yule.8 +.else +PLIST_SUB+= SAMHAIN="" YULE="@comment " SETPWD="@comment " +MAN5= samhainrc.5 +MAN8= samhain.8 +.endif + +pre-everything:: + +.if !defined(CLIENT) && !defined(SERVER) + @${ECHO_MSG} "Building in standalone mode." + @${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C" + @${ECHO_MSG} "now and make with SERVER=yes or CLIENT=yes." +.endif + +post-extract: + @${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz + @${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc + +post-install: +.if !defined(SERVER) + @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh.sample +.else + @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh.sample +.endif +.if !defined(NOPORTDOCS) + ${MKDIR} ${PREFIX}/share/doc/samhain + ${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-1_7.ps ${PREFIX}/share/doc/samhain + ${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-1_7.html.tar ${PREFIX}/share/doc/samhain + ${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-client+server.html ${PREFIX}/share/doc/samhain +.if defined(WITH_GPG) + ${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-samhain+GnuPG.html ${PREFIX}/share/doc/samhain +.endif +.endif + +install-user: + @(cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} install-user) + +.include <bsd.port.mk> diff --git a/security/samhain/distinfo b/security/samhain/distinfo new file mode 100644 index 000000000000..38d5262630f1 --- /dev/null +++ b/security/samhain/distinfo @@ -0,0 +1 @@ +MD5 (samhain_signed-1.7.4.tar.gz) = 1399d9cc28edb942d5b236c5596eb4ce diff --git a/security/samhain/files/patch-aa b/security/samhain/files/patch-aa new file mode 100644 index 000000000000..a949ba311057 --- /dev/null +++ b/security/samhain/files/patch-aa @@ -0,0 +1,25 @@ +--- Makefile.in Thu Mar 20 15:28:01 2003 ++++ Makefile.in.new Sat Mar 29 15:37:05 2003 +@@ -263,13 +263,6 @@ + #---------------------------------------------------------- + + install: install-lkm install-program install-man install-data +- @echo; \ +- echo " You can use 'samhain-install.sh uninstall' for uninstalling"; \ +- echo " i.e. you might consider saving that script for future use";\ +- echo; \ +- echo " Use 'make install-boot' if you want @install_name@ to start on system boot"; \ +- echo +- + + purge: uninstall-lkm uninstall-program uninstall-man + @echo "./samhain-install.sh --destdir=$(DESTDIR) --force --verbose uninstall-data"; \ +@@ -419,7 +412,7 @@ + echo " -----------------------------------------------------";\ + echo " The server will run as user @myident@ if started with";\ + echo " root privileges, otherwise as the user of the parent ";\ +- echo " process (use --enable-identity=USER to change).";\ ++ echo " process (use TRUSTED_USER=USER to change).";\ + echo;\ + echo " You may want to use: make install-user";\ + echo;\ diff --git a/security/samhain/files/patch-ab b/security/samhain/files/patch-ab new file mode 100644 index 000000000000..eed29c37b062 --- /dev/null +++ b/security/samhain/files/patch-ab @@ -0,0 +1,11 @@ +--- samhain-install.sh.in Wed Jan 15 16:51:57 2003 ++++ samhain-install.sh.in Wed Jan 15 16:52:10 2003 +@@ -13,7 +13,7 @@ + mandir=@mandir@ + + sysconfdir=@sysconfdir@ +-configfile=@myconffile@ ++configfile=/usr/local/etc/samhainrc.sample + + pid_file=@mylockfile@ + pid_dir=@mylockdir@ diff --git a/security/samhain/pkg-descr b/security/samhain/pkg-descr new file mode 100644 index 000000000000..823a5e986a0a --- /dev/null +++ b/security/samhain/pkg-descr @@ -0,0 +1,10 @@ +Samhain is an open source file integrity and host-based intrusion +detection system for Linux and Unix. It can run as a daemon process, +and and thus can remember file changes - contrary to a tool that runs +from cron, if a file is modified you will get only one report, while +subsequent checks of that file will ignore the modification as it is +already reported (unless the file is modified again). + +Samhain can optionally be used as client/server system to provide +centralized monitoring for multiple host. Logging to a (MySQL or +PostgreSQL) database is supported. diff --git a/security/samhain/pkg-plist b/security/samhain/pkg-plist new file mode 100644 index 000000000000..1fee54981c27 --- /dev/null +++ b/security/samhain/pkg-plist @@ -0,0 +1,13 @@ +%%YULE%%etc/yulerc.sample +%%YULE%%sbin/yule_setpwd +%%YULE%%sbin/yule +%%YULE%%etc/rc.d/yule.sh.sample +%%YULE%%@unexec rmdir /var/lib/yule 2>/dev/null || true +%%SAMHAIN%%sbin/samhain +%%SAMHAIN%%etc/rc.d/samhain.sh.sample +%%SAMHAIN%%@unexec rmdir /var/lib/samhain 2>/dev/null || true +%%SETPWD%%sbin/samhain_setpwd +%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.ps +%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.html.tar +%%PORTDOCS%%share/doc/samhain/HOWTO-client+server.html +%%PORTDOCS%%@dirrm share/doc/samhain |