diff options
author | Nikolai Lifanov <lifanov@FreeBSD.org> | 2017-03-12 17:07:23 +0000 |
---|---|---|
committer | Nikolai Lifanov <lifanov@FreeBSD.org> | 2017-03-12 17:07:23 +0000 |
commit | be652c10974628da2c85e2945a766e8ae65125b2 (patch) | |
tree | f6735672a3440e2bbdb7e795cacade0cb6daa5eb /security/samhain | |
parent | 99d7fc48aab6577deee79a3ee3fce94578002529 (diff) | |
download | ports-be652c10974628da2c85e2945a766e8ae65125b2.tar.gz ports-be652c10974628da2c85e2945a766e8ae65125b2.zip |
Notes
Diffstat (limited to 'security/samhain')
-rw-r--r-- | security/samhain/Makefile | 220 | ||||
-rw-r--r-- | security/samhain/distinfo | 3 | ||||
-rw-r--r-- | security/samhain/files/fixsamhainrc.patch | 11 | ||||
-rw-r--r-- | security/samhain/files/fixyulerc.patch | 11 | ||||
-rw-r--r-- | security/samhain/files/patch-config.h.in | 15 | ||||
-rw-r--r-- | security/samhain/pkg-descr | 12 | ||||
-rw-r--r-- | security/samhain/pkg-message | 14 | ||||
-rw-r--r-- | security/samhain/pkg-plist | 31 |
8 files changed, 317 insertions, 0 deletions
diff --git a/security/samhain/Makefile b/security/samhain/Makefile new file mode 100644 index 000000000000..33cd4a143697 --- /dev/null +++ b/security/samhain/Makefile @@ -0,0 +1,220 @@ +# Created by: Nikola Kolev <koue@chaosophia.net> +# $FreeBSD$ + +PORTNAME= samhain +PORTVERSION= 4.2.0 +CATEGORIES= security +MASTER_SITES= http://la-samhna.de/archive/ +DISTNAME= samhain_signed-${PORTVERSION} + +MAINTAINER= koue@chaosophia.net +COMMENT= Samhain Intrusion Detection System + +LICENSE= GPLv2 + +OPTIONS_DEFINE= ASM DB_RELOAD DEBUG DNMALLOC ENCRYPT GNUPG IPV6 KCHECK LIBWRAP \ + LOGFILE_MONITOR LOGIN_WATCH MAIL MOUNTS_CHECK MYSQL ODBC PGSQL \ + PORT_CHECK PROCESS_CHECK POSIX_ACL PRELUDE PTRACE SRP STATIC \ + SUIDCHECK UDP USERFILES XML_LOGS +OPTIONS_DEFAULT=ASM DNMALLOC ENCRYPT IPV6 LIBWRAP MAIL SRP + +DB_RELOAD_DESC= Enable database reload on SIGHUP +DNMALLOC_DESC= Enable dnmalloc +ENCRYPT_DESC= Enable client/server encryption +KCHECK_DESC= Enable rogue KLD detection +LOGFILE_MONITOR_DESC= Enable monitor logfiles +LOGIN_WATCH_DESC= Enable watch for login/logout +MAIL_DESC= Enable internal SMTP mailer +MOUNTS_CHECK_DESC= Enable check mount options on filesystems +PORT_CHECK_DESC= Enable check ports +PROCESS_CHECK_DESC= Enable check processes +POSIX_ACL_DESC= Enable check posix acls +PRELUDE_DESC= Enable Prelude Framework support +PTRACE_DESC= Enable use anti-debugger options +SRP_DESC= Enable SRP for authentication +SUIDCHECK_DESC= Enable check for suid/sgid files +UDP_DESC= Enable UDP server +USERFILES_DESC= Enable check for users config files +XML_LOGS_DESC= Enable XML-formatted logs + +OPTIONS_SUB= yes + +WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --localstatedir=/var \ + --with-logserver=true \ + --with-altlogserver=true \ + --with-timeserver=true \ + --with-alttimeserver=true + +USES= shebangfix +SHEBANG_FILES= scripts/samhainadmin.pl.in + +ASM_CONFIGURE_ENABLE= asm + +DB_RELOAD_CONFIGURE_ENABLE= db-reload + +DEBUG_CONFIGURE_ENABLE= debug + +DNMALLOC_CONFIGURE_ENABLE= dnmalloc + +ENCRYPT_CONFIGURE_ENABLE= encrypt + +GNUPG_CONFIGURE_WITH= gpg=${PREFIX}/bin/gpg +GNUPG_BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg + +IPV6_CONFIGURE_ENABLE= ipv6 + +KCHECK_CONFIGURE_WITH= kcheck + +LIBWRAP_CONFIGURE_WITH= libwrap + +LOGFILE_MONITOR_CONFIGURE_ENABLE= logfile-monitor + +LOGIN_WATCH_CONFIGURE_ENABLE= login-watch + +MAIL_CONFIGURE_ENABLE= mail + +MOUNTS_CHECK_CONFIGURE_ENABLE= mounts-check + +MYSQL_USES= mysql +MYSQL_CONFIGURE_ARGS= --with-database=mysql + +ODBC_CONFIGURE_ARGS= --with-database=odbc +ODBC_LIB_DEPENDS= libodbc.so:databases/unixODBC + +PGSQL_USES= pgsql +PGSQL_CONFIGURE_ARGS= --with-database=postgresql + +PORT_CHECK_CONFIGURE_ENABLE= port-check + +PROCESS_CHECK_CONFIGURE_ENABLE= process-check + +POSIX_ACL_CONFIGURE_ENABLE= posix-acl + +PRELUDE_LIB_DEPENDS= prelude:${PORTSDIR}/security/libprelude +PRELUDE_CONFIGURE_WITH= prelude + +PTRACE_CONFIGURE_ENABLE= ptrace + +SRP_CONFIGURE_ENABLE= srp + +STATIC_CONFIGURE_ENABLE= static + +SUIDCHECK_CONFIGURE_ENABLE= suidcheck + +UDP_CONFIGURE_ENABLE= udp + +USERFILES_CONFIGURE_ENABLE= userfiles + +XML_LOGS_CONFIGURE_ENABLE= xml-log + +.include <bsd.port.pre.mk> + +.if ${ARCH} == "amd64" +CFLAGS+= -fPIC +.endif + +.if defined(WITH_RUNAS_USER) +CONFIGURE_ARGS+= --enable-identity=${WITH_RUNAS_USER} +.else +CONFIGURE_ARGS+= --enable-identity=yule +.endif + +.if defined(WITH_CLIENT) +CONFIGURE_ARGS+= --enable-network=client \ + --with-data-file=REQ_FROM_SERVER/var/lib/samhain/data.samhain \ + --with-config-file=REQ_FROM_SERVER +PLIST_SUB+= SAMHAIN="" SETPWD="" YULE="@comment " +EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch +MAN5+= samhainrc.5 +MAN8+= samhain.8 +.elif defined(WITH_SERVER) +USERS= yule +GROUPS= yule +CONFIGURE_ARGS+= --enable-network=server +SUB_LIST+= WITH_YULE="yes" +PLIST_SUB+= YULE="" SAMHAIN="@comment " SETPWD="@comment " +EXTRA_PATCHES+= ${FILESDIR}/fixyulerc.patch +MAN5+= yulerc.5 +MAN8+= yule.8 +.else +SUB_LIST+= WITH_YULE="" +PLIST_SUB+= SAMHAIN="" YULE="@comment " SETPWD="@comment " +EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch +MAN5+= samhainrc.5 +MAN8+= samhain.8 +.endif + +pre-everything:: + +.if !defined(WITH_CLIENT) && !defined(WITH_SERVER) + @${ECHO_MSG} + @${ECHO_MSG} "Building Samhain in standalone mode." + @${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C" + @${ECHO_MSG} "now, and build samhain from the samhain-client and" + @${ECHO_MSG} "samhain-server ports." + @${ECHO_MSG} +.endif + +.if defined(WITH_CLIENT) && defined(WITH_SERVER) +IGNORE= can't build client and server at once +.endif + +.if ${PORT_OPTIONS:MKCHECK} + @${ECHO_MSG} + @${ECHO_MSG} "Building with kernel checking requires reading /dev/kmem" + @${ECHO_MSG} "and /dev/mem. If you're not building as root, please hit" + @${ECHO_MSG} "Control-C and restart the build as root." + @${ECHO_MSG} +.endif + +.if ${PORT_OPTIONS:MMYSQL} && ! ${PORT_OPTIONS:MXML_LOGS} +IGNORE= xml logging is required to log to MySQL +.endif + +.if ${PORT_OPTIONS:MPGSQL} && ! ${PORT_OPTIONS:MXML_LOGS} +IGNORE= xml logging is required to log to Postgres +.endif + +post-extract: + @${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz + @${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc + +post-install: +.if !defined(WITH_SERVER) + @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${STAGEDIR}${PREFIX}/etc/rc.d/samhain.sh + @${CP} ${WRKSRC}/samhainrc ${STAGEDIR}${PREFIX}/etc/samhainrc.sample + @${CHGRP} wheel ${STAGEDIR}${PREFIX}/etc/samhainrc.sample +.else + @${CP} ${WRKSRC}/init/samhain.startFreeBSD ${STAGEDIR}${PREFIX}/etc/rc.d/yule.sh + @${CP} ${WRKSRC}/yulerc ${STAGEDIR}${PREFIX}/etc/yulerc.sample +.endif + ${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-2_4.pdf ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-client+server.html ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-client+server-troubleshooting.html ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-samhain+GnuPG.html ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-write-modules.html ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/FAQ.html ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/README.UPGRADE ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/README ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/BUGS ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/sh_mounts.txt ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/docs/sh_userfiles.txt ${STAGEDIR}${DOCSDIR} + +post-stage: +.if !defined(WITH_SERVER) + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/samhain +.endif +.if defined(WITH_CLIENT) + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/samhain_setpwd +.endif +.if defined(WITH_SERVER) + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yule + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yulectl + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yule_setpwd +.endif + +.include <bsd.port.post.mk> diff --git a/security/samhain/distinfo b/security/samhain/distinfo new file mode 100644 index 000000000000..0581b70b19e7 --- /dev/null +++ b/security/samhain/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1479294621 +SHA256 (samhain_signed-4.2.0.tar.gz) = 6b2db91fc92b3a9fc2edcc6ee16438156753c05f69c114856289e9f25ba0e50a +SIZE (samhain_signed-4.2.0.tar.gz) = 2134438 diff --git a/security/samhain/files/fixsamhainrc.patch b/security/samhain/files/fixsamhainrc.patch new file mode 100644 index 000000000000..eed29c37b062 --- /dev/null +++ b/security/samhain/files/fixsamhainrc.patch @@ -0,0 +1,11 @@ +--- samhain-install.sh.in Wed Jan 15 16:51:57 2003 ++++ samhain-install.sh.in Wed Jan 15 16:52:10 2003 +@@ -13,7 +13,7 @@ + mandir=@mandir@ + + sysconfdir=@sysconfdir@ +-configfile=@myconffile@ ++configfile=/usr/local/etc/samhainrc.sample + + pid_file=@mylockfile@ + pid_dir=@mylockdir@ diff --git a/security/samhain/files/fixyulerc.patch b/security/samhain/files/fixyulerc.patch new file mode 100644 index 000000000000..4686e725915e --- /dev/null +++ b/security/samhain/files/fixyulerc.patch @@ -0,0 +1,11 @@ +--- samhain-install.sh.in Wed Jan 15 16:51:57 2003 ++++ samhain-install.sh.in Wed Jan 15 16:52:10 2003 +@@ -13,7 +13,7 @@ + mandir=@mandir@ + + sysconfdir=@sysconfdir@ +-configfile=@myconffile@ ++configfile=/usr/local/etc/yulerc.sample + + pid_file=@mylockfile@ + pid_dir=@mylockdir@ diff --git a/security/samhain/files/patch-config.h.in b/security/samhain/files/patch-config.h.in new file mode 100644 index 000000000000..74aec07c1649 --- /dev/null +++ b/security/samhain/files/patch-config.h.in @@ -0,0 +1,15 @@ +--- config.h.in.orig 2016-11-16 12:14:22 UTC ++++ config.h.in +@@ -349,7 +349,11 @@ + #undef HAVE_UINT64_T + + /* Define if you have utmpx.h. */ +-#undef HAVE_UTMPX_H ++#define HAVE_UTMPX_H ++ ++#define UTMPX_FILE "/var/log/utx.active" ++ ++#define WTMPX_FILE "/var/log/utx.log" + + /* Define if your struct utmpx has ut_xtime. */ + #undef HAVE_UTXTIME diff --git a/security/samhain/pkg-descr b/security/samhain/pkg-descr new file mode 100644 index 000000000000..c2bde195e8f5 --- /dev/null +++ b/security/samhain/pkg-descr @@ -0,0 +1,12 @@ +Samhain is an open source file integrity and host-based intrusion +detection system for Linux and Unix. It can run as a daemon process, +and and thus can remember file changes - contrary to a tool that runs +from cron, if a file is modified you will get only one report, while +subsequent checks of that file will ignore the modification as it is +already reported (unless the file is modified again). + +Samhain can optionally be used as client/server system to provide +centralized monitoring for multiple host. Logging to a (MySQL or +PostgreSQL) database is supported. + +WWW: http://la-samhna.de/samhain/ diff --git a/security/samhain/pkg-message b/security/samhain/pkg-message new file mode 100644 index 000000000000..75a2751de0f0 --- /dev/null +++ b/security/samhain/pkg-message @@ -0,0 +1,14 @@ + +############################################################### + +To start the samhain daemon at system boot, add: + +samhain_enable="YES" + +and/or + +yule_enable="YES" + +to /etc/rc.conf. + +############################################################### diff --git a/security/samhain/pkg-plist b/security/samhain/pkg-plist new file mode 100644 index 000000000000..c8b90efd71a0 --- /dev/null +++ b/security/samhain/pkg-plist @@ -0,0 +1,31 @@ +%%PORTDOCS%%%%DOCSDIR%%/BUGS +%%PORTDOCS%%%%DOCSDIR%%/FAQ.html +%%PORTDOCS%%%%DOCSDIR%%/HOWTO-client+server-troubleshooting.html +%%PORTDOCS%%%%DOCSDIR%%/HOWTO-client+server.html +%%PORTDOCS%%%%DOCSDIR%%/HOWTO-samhain+GnuPG.html +%%PORTDOCS%%%%DOCSDIR%%/HOWTO-write-modules.html +%%PORTDOCS%%%%DOCSDIR%%/MANUAL-2_4.pdf +%%PORTDOCS%%%%DOCSDIR%%/README +%%PORTDOCS%%%%DOCSDIR%%/README.UPGRADE +%%PORTDOCS%%%%DOCSDIR%%/sh_mounts.txt +%%PORTDOCS%%%%DOCSDIR%%/sh_userfiles.txt +%%PORTDOCS%%@dir %%DOCSDIR%% +%%SAMHAIN%%@dir /var/lib +%%SAMHAIN%%@dir /var/lib/samhain +%%SAMHAIN%%@sample etc/samhainrc.sample +%%SAMHAIN%%etc/rc.d/samhain.sh +%%SAMHAIN%%man/man5/samhainrc.5.gz +%%SAMHAIN%%man/man8/samhain.8.gz +%%SAMHAIN%%sbin/samhain +%%SETPWD%%sbin/samhain_setpwd +%%YULE%%@dir /var/lib/yule +%%YULE%%@dir /var/log/yule +%%YULE%%@sample etc/yulerc.sample +%%YULE%%@unexec echo "To delete the yule user permanently, use 'pw userdel yule'" +%%YULE%%etc/rc.d/yule.sh +%%YULE%%man/man5/yulerc.5.gz +%%YULE%%man/man8/yule.8.gz +%%YULE%%sbin/yule +%%YULE%%sbin/yule_setpwd +%%YULE%%sbin/yuleadmin.pl +%%YULE%%sbin/yulectl |