kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/security/samhain/Makefile
Edwin Groothuis 5cf3ad9d98 iUpdate of Samhain to 1.7.8 
Update to version 1.7.8
	Fix build when MySQL logging is enabled
	Add LOG_SERVER and ALT_LOG_SERVER tunables
	Require LOG_SERVER be defined for clients
	Have clients request config and signatures from server by default
	Change TRUSTED_USER to a more accurate name (RUNAS_USER)
	Fix sample config file install/deinstall
	Add documentation on tunables

PR:		ports/52912
Submitted by:	David Thiel <lx@redundancy.redundancy.org>
2003-06-04 09:20:58 +00:00

150 lines
4.3 KiB
Makefile
Raw Blame History

# New ports collection makefile for: samhain
# Date created: 9 January 2003
# Whom: lx
#
# $FreeBSD$
#
#
# This port recognizes the following tunables:
#
# RUNAS_USER:
# The username of the account Samhain/Yule will run as.
# Usually just "samhain" or "yule".
#
# WITH_GPG:
# Instructs the port to sign configuration files using the
# GNU Privacy Guard.
#
# WITH_KCHECK:
# Enable support for rogue kernel module detection.
#
# WITH_MYSQL:
# Enable support for logging to a MySQL database. Due to there
# being multiple current versions of MySQL, dependency for this
# is NOT checked.
#
# WITH_POSTGRESQL:
# Enable support for logging to a Postgres database. Untested.
#
# SERVER:
# Builds as Yule, Samhain's central logging server. Mutually exclusive
# with CLIENT.
#
# CLIENT:
# Builds as a client to Yule. Fetches configuration files
# and signature database from LOG_SERVER, and optionally, ALT_LOG_SERVER.
#
PORTNAME= samhain
PORTVERSION= 1.7.8
CATEGORIES= security
MASTER_SITES= http://samhain.securecirt.org/
DISTFILES= samhain_signed-${PORTVERSION}.tar.gz
MAINTAINER= lx@redundancy.redundancy.org
COMMENT= The Samhain Intrusion Detection System
.if defined(WITH_GPG)
BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg
.endif
GNU_CONFIGURE= yes
CONFIGURE_ARGS= --enable-login-watch --localstatedir=/var \
--mandir=${PREFIX}/man --enable-suidcheck
.if defined(RUNAS_USER)
CONFIGURE_ARGS+= --enable-identity=${RUNAS_USER}
.endif
.if defined(WITH_KCHECK)
CONFIGURE_ARGS+= --with-kcheck
.endif
.if defined(WITH_GPG)
CONFIGURE_ARGS+= --with-gpg=${PREFIX}/bin/gpg
.endif
.if defined(WITH_MYSQL)
CONFIGURE_ARGS+= --with-database=mysql \
--with-cflags=-I${LOCALBASE}/include/mysql \
--with-libs=-L${LOCALBASE}/lib/mysql --enable-xml-log
.endif
.if defined(WITH_POSTGRES)
CONFIGURE_ARGS+= --with-database=postgresql --enable-xml-log
.endif
.if defined(CLIENT)
CONFIGURE_ARGS+= --enable-network=client \
--with-data-file=REQ_FROM_SERVER/var/lib/samhain/data.samhain \
--with-config-file=REQ_FROM_SERVER --with-logserver=${LOG_SERVER}
PLIST_SUB+= SAMHAIN="" SETPWD="" YULE="@comment "
EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch
MAN5= samhainrc.5
MAN8= samhain.8
.elif defined(SERVER)
CONFIGURE_ARGS+= --enable-network=server
PLIST_SUB+= YULE="" SAMHAIN="@comment " SETPWD="@comment "
EXTRA_PATCHES+= ${FILESDIR}/fixyulerc.patch
MAN5= yulerc.5
MAN8= yule.8
.else
PLIST_SUB+= SAMHAIN="" YULE="@comment " SETPWD="@comment "
EXTRA_PATCHES+= ${FILESDIR}/fixsamhainrc.patch
MAN5= samhainrc.5
MAN8= samhain.8
.endif
.if defined(ALT_LOG_SERVER)
CONFIGURE_ARGS+= --with-altlogserver=${ALT_LOG_SERVER}
.endif
pre-everything::
.if !defined(CLIENT) && !defined(SERVER)
@${ECHO_MSG}
@${ECHO_MSG} "Building in standalone mode."
@${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C"
@${ECHO_MSG} "now and make with SERVER=yes or CLIENT=yes."
@${ECHO_MSG}
.endif
.if defined(CLIENT) && defined(SERVER)
@${ECHO_MSG}
@${ECHO_MSG} "Can't build client and server at once!"
@${ECHO_MSG}
.error "Can't build client and server at once!"
.endif
.if defined(CLIENT) && !defined(LOG_SERVER)
@${ECHO_MSG}
@${ECHO_MSG} "Please define LOG_SERVER (and ALT_LOG_SERVER, if "
@${ECHO_MSG} "applicable), the machine(s) this client will log to."
@${ECHO_MSG}
.error "Please define LOG_SERVER."
.endif
.if defined(WITH_KCHECK)
@${ECHO_MSG}
@${ECHO_MSG} "Building with kernel checking requires reading /dev/kmem."
@${ECHO_MSG} "If you're not building as root, please hit Control-C and"
@${ECHO_MSG} "restart the build as root."
@${ECHO_MSG}
.endif
post-extract:
@${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz
@${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc
post-install:
.if !defined(SERVER)
@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/samhain.sh.sample
.else
@${CP} ${WRKSRC}/init/samhain.startFreeBSD ${PREFIX}/etc/rc.d/yule.sh.sample
.endif
.if !defined(NOPORTDOCS)
${MKDIR} ${PREFIX}/share/doc/samhain
${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-1_7.ps ${PREFIX}/share/doc/samhain
${INSTALL_MAN} ${WRKSRC}/docs/MANUAL-1_7.html.tar ${PREFIX}/share/doc/samhain
${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-client+server.html ${PREFIX}/share/doc/samhain
${INSTALL_MAN} ${WRKSRC}/docs/HOWTO-samhain+GnuPG.html ${PREFIX}/share/doc/samhain
.endif
install-user:
@(cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} install-user)
.include <bsd.port.mk>
Reference in a new issue View git blame Copy permalink