46982 – The Samhain Intrusion Detection System

Bug 46982 - The Samhain Intrusion Detection System

Summary: The Samhain Intrusion Detection System

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Edwin Groothuis

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-01-11 23:10 UTC by David Thiel
Modified:	2003-04-13 14:14 UTC (History)
CC List:	0 users

See Also:

Attachments
samhain.shar (5.79 KB, text/plain) 2003-01-11 23:10 UTC, David Thiel	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description David Thiel 2003-01-11 23:10:03 UTC

	Samhain is a host-based Intrusion Detection System and integrity
	checker with advanced features such as centralized logging, 
	MySQL/PostgreSQL support, and rootkit detection.

Comment 1 Edwin Groothuis freebsd_committer

2003-04-05 10:03:00 UTC

State Changed
From-To: open->feedback

Distfiles are not available anymore. Could you see if you can get 
a new location for them or update the port?

Comment 2 Edwin Groothuis freebsd_committer

2003-04-05 10:03:00 UTC

Responsible Changed
From-To: freebsd-ports-bugs->edwin

I'll handle it with the maintainer.

Comment 3 David Thiel 2003-04-05 22:03:44 UTC

Here's an update to 1.7.4.  

diff -ur samhain/Makefile samhain-devel/Makefile
--- samhain/Makefile	Sat Apr  5 12:48:00 2003
+++ samhain-devel/Makefile	Mon Mar 31 17:56:37 2003
@@ -6,12 +6,17 @@
 #
 
 PORTNAME=      samhain
-PORTVERSION=   1.7.1a
+PORTVERSION=   1.7.4
 CATEGORIES=    security
 MASTER_SITES=  http://la-samhna.de/samhain/
 DISTFILES=      samhain_signed-${PORTVERSION}.tar.gz
 
-MAINTAINER=    lx@redundancy.redundancy.org
+MAINTAINER=	lx@redundancy.redundancy.org
+COMMENT=	The Samhain Intrusion Detection System
+
+.if defined(WITH_GPG)
+RUN_DEPENDS=	gpg:${PORTSDIR}/security/gnupg
+.endif
 
 GNU_CONFIGURE= yes
 CONFIGURE_ARGS= --enable-login-watch --localstatedir=/var --mandir=${PREFIX}/man
@@ -19,9 +24,11 @@
 .if defined(TRUSTED_USER)
 CONFIGURE_ARGS+=  --enable-identity=${TRUSTED_USER}
 .endif
+.if defined(WITH_KCHECK)
+CONFIGURE_ARGS+=  --with-kcheck
+.endif
 .if defined(WITH_GPG)
 CONFIGURE_ARGS+=  --with-gpg=${PREFIX}/bin/gpg
-RUN_DEPENDS=	gnupg:${PORTSDIR}/security/gnupg
 .endif
 .if defined(WITH_MYSQL)
 CONFIGURE_ARGS+=  --with-database=mysql
@@ -59,13 +66,18 @@
 
 post-install:
 .if !defined(SERVER)
-	@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh
+	@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh.sample
 .else
-	@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh
+	@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh.sample
 .endif
 .if !defined(NOPORTDOCS)
 	${MKDIR} ${PREFIX}/share/doc/samhain
-	${INSTALL_MAN} ${WRKSRC}/MANUAL-1_7.ps.gz ${PREFIX}/share/doc/samhain
+	${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-1_7.ps ${PREFIX}/share/doc/samhain
+	${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-1_7.html.tar ${PREFIX}/share/doc/samhain
+	${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-client+server.html ${PREFIX}/share/doc/samhain
+.if defined(WITH_GPG)
+	${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-samhain+GnuPG.html ${PREFIX}/share/doc/samhain
+.endif
 .endif
 
 install-user:
diff -ur samhain/distinfo samhain-devel/distinfo
--- samhain/distinfo	Sat Apr  5 12:48:00 2003
+++ samhain-devel/distinfo	Sat Mar 29 15:30:23 2003
@@ -1 +1 @@
-MD5 (samhain_signed-1.7.1a.tar.gz) = f30db157a4c28c3cba6965197d332034
+MD5 (samhain_signed-1.7.4.tar.gz) = 1399d9cc28edb942d5b236c5596eb4ce
diff -ur samhain/files/patch-aa samhain-devel/files/patch-aa
--- samhain/files/patch-aa	Sat Apr  5 12:48:00 2003
+++ samhain-devel/files/patch-aa	Sat Mar 29 15:37:19 2003
@@ -1,11 +1,25 @@
---- configure   Wed Jan  8 09:50:51 2003
-+++ configure   Fri Jan 10 17:25:04 2003
-@@ -10451,7 +10451,7 @@
+--- Makefile.in	Thu Mar 20 15:28:01 2003
++++ Makefile.in.new	Sat Mar 29 15:37:05 2003
+@@ -263,13 +263,6 @@
+ #----------------------------------------------------------
  
- else
+ install: install-lkm install-program install-man install-data
+-	@echo; \
+-	echo "  You can use 'samhain-install.sh uninstall' for uninstalling"; \
+-	echo "  i.e. you might consider saving that script for future use";\
+-	echo; \
+-	echo "  Use 'make install-boot' if you want @install_name@ to start on system boot"; \
+-	echo
+-
  
--	myconffile="${sysconfdir}/${install_name}rc"
-+	myconffile="${sysconfdir}/${install_name}rc.sample"
- 
- 
- fi;
+ purge: uninstall-lkm uninstall-program uninstall-man 
+ 	@echo "./samhain-install.sh --destdir=$(DESTDIR) --force --verbose uninstall-data"; \
+@@ -419,7 +412,7 @@
+ 	    echo "  -----------------------------------------------------";\
+ 	    echo "  The server will run as user @myident@ if started with";\
+ 	    echo "  root privileges, otherwise as the user of the parent ";\
+-	    echo "  process (use --enable-identity=USER to change).";\
++	    echo "  process (use TRUSTED_USER=USER to change).";\
+ 	    echo;\
+ 	    echo "  You may want to use: make install-user";\
+ 	    echo;\
diff -ur samhain/files/patch-ab samhain-devel/files/patch-ab
--- samhain/files/patch-ab	Sat Apr  5 12:48:00 2003
+++ samhain-devel/files/patch-ab	Wed Jan 15 16:54:23 2003
@@ -1,26 +1,11 @@
---- Makefile.in	Sat Jan  4 07:05:28 2003
-+++ Makefile.in	Fri Jan 10 10:54:57 2003
-@@ -265,14 +265,6 @@
- #----------------------------------------------------------
+--- samhain-install.sh.in	Wed Jan 15 16:51:57 2003
++++ samhain-install.sh.in	Wed Jan 15 16:52:10 2003
+@@ -13,7 +13,7 @@
+ mandir=@mandir@
  
- install: install-lkm install-program install-man install-data
--	@echo; \
--	echo "  You can use 'samhain-install.sh uninstall' for uninstalling"; \
--	echo "  i.e. you might consider saving that script for future use";\
--	echo; \
--	echo "  Use 'make install-boot' if you want @install_name@ to start"; \
--	echo "  on system boot."; \
--	echo
--
+ sysconfdir=@sysconfdir@
+-configfile=@myconffile@
++configfile=/usr/local/etc/samhainrc.sample
  
- purge: uninstall-lkm uninstall-program uninstall-man 
- 	@echo "./samhain-install.sh --destdir=$(DESTDIR) --force --verbose uninstall-data"; \
-@@ -423,7 +415,7 @@
- 	    echo "  -----------------------------------------------------";\
- 	    echo "  The server will run as user @myident@ if started with";\
- 	    echo "  root privileges, otherwise as the user of the parent ";\
--	    echo "  process (use --enable-identity=USER to change).";\
-+	    echo "  process (use TRUSTED_USER=USER to change).";\
- 	    echo;\
- 	    echo "  You may want to use: make install-user";\
- 	    echo;\
+ pid_file=@mylockfile@
+ pid_dir=@mylockdir@
Only in samhain: pkg-comment
diff -ur samhain/pkg-plist samhain-devel/pkg-plist
--- samhain/pkg-plist	Sat Apr  5 12:48:00 2003
+++ samhain-devel/pkg-plist	Sat Mar 29 15:50:42 2003
@@ -1,12 +1,15 @@
 %%YULE%%etc/yulerc.sample
 %%YULE%%sbin/yule_setpwd
 %%YULE%%sbin/yule
-%%YULE%%etc/rc.d/yule.sh
+%%YULE%%etc/rc.d/yule.sh.sample
 %%YULE%%@unexec rmdir /var/lib/yule 2>/dev/null || true
 %%SAMHAIN%%etc/samhainrc.sample
 %%SAMHAIN%%sbin/samhain
-%%SAMHAIN%%etc/rc.d/samhain.sh
+%%SAMHAIN%%etc/rc.d/samhain.sh.sample
 %%SAMHAIN%%@unexec rmdir /var/lib/samhain 2>/dev/null || true
 %%SETPWD%%sbin/samhain_setpwd
-%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.ps.gz
+%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.ps
+%%PORTDOCS%%share/doc/samhain/MANUAL-1_7.html.tar
+%%PORTDOCS%%share/doc/samhain/HOWTO-client+server.html
+%%PORTDOCS%%share/doc/samhain/HOWTO-samhain+GnuPG.html
 %%PORTDOCS%%@dirrm share/doc/samhain

Comment 4 Edwin Groothuis freebsd_committer

2003-04-13 14:11:57 UTC

State Changed
From-To: feedback->closed

Commited, thanks! 

I noticed that etc/samhainrc.sample and 
share/doc/samhain/HOWTO-samhain+GnuPG.html didn't get installed, 
while they are in the work source. 

Maybe you can have a look to see if you can add conditional installed 
files for them when WITH_PGP or SERVER is used. 

In the mean time, the port is commited.