Re: [meta-cgl][PATCH] samhain: add new recipe

Yocto Project Discussions
 help / color / mirror / Atom feed

From: akuster808 <akuster808@gmail.com>
To: Li xin <lixin.fnst@cn.fujitsu.com>, yocto@yoctoproject.org
Subject: Re: [meta-cgl][PATCH] samhain: add new recipe
Date: Sat, 13 Dec 2014 10:15:07 -0800	[thread overview]
Message-ID: <548C822B.6090008@gmail.com> (raw)
In-Reply-To: <1418200430-2173-1-git-send-email-lixin.fnst@cn.fujitsu.com>


The current version in Meta-security is 3.1.3. Please check and send any 
changes to this list with [meta-security] in the subject.


- Armin

On 12/10/2014 12:33 AM, Li xin wrote:
> Samhain is an open source file integrity and intrusion detection
> system for Unix that uses cryptographic checksums of files to
> detect modifications, and allows you to trace: what changes have
> occured in your system, when these changes have occured, and who
> was logged into the system at the respective time.
>
> Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
> ---
>   .../samhain/0001-Makefile.in-error-fix.patch       | 31 ++++++++++++
>   .../samhain/samhain/config-site.samhain-3.1.3      |  2 +
>   .../recipes-cgl/samhain/samhain_3.1.3.bb           | 58 ++++++++++++++++++++++
>   3 files changed, 91 insertions(+)
>   create mode 100644 meta-cgl-common/recipes-cgl/samhain/samhain/0001-Makefile.in-error-fix.patch
>   create mode 100644 meta-cgl-common/recipes-cgl/samhain/samhain/config-site.samhain-3.1.3
>   create mode 100644 meta-cgl-common/recipes-cgl/samhain/samhain_3.1.3.bb
>
> diff --git a/meta-cgl-common/recipes-cgl/samhain/samhain/0001-Makefile.in-error-fix.patch b/meta-cgl-common/recipes-cgl/samhain/samhain/0001-Makefile.in-error-fix.patch
> new file mode 100644
> index 0000000..cd646f6
> --- /dev/null
> +++ b/meta-cgl-common/recipes-cgl/samhain/samhain/0001-Makefile.in-error-fix.patch
> @@ -0,0 +1,31 @@
> +From a9ce38c56bf7072f292d685a48b912e6e59260a6 Mon Sep 17 00:00:00 2001
> +From: Li xin <lixin.fnst@cn.fujitsu.com>
> +Date: Wed, 10 Dec 2014 14:45:28 +0900
> +Subject: [PATCH] Makefile.in: error fix
> +
> +error:File '/usr/sbin/samhain' from samhain was already stripped,
> +this will prevent future debugging!
> +
> +Upstream-Status: pending
> +
> +Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
> +---
> + Makefile.in | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/Makefile.in b/Makefile.in
> +index b1904d9..000de49 100644
> +--- a/Makefile.in
> ++++ b/Makefile.in
> +@@ -54,7 +54,7 @@ selectconfig = @selectconfig@
> + top_builddir = .
> +
> + INSTALL = @INSTALL@
> +-INSTALL_PROGRAM = @INSTALL@ -s -m 700
> ++INSTALL_PROGRAM = @INSTALL@ -m 700
> + INSTALL_SHELL = @INSTALL@ -m 700
> + INSTALL_DATA = @INSTALL@ -m 600
> + INSTALL_MAN = @INSTALL@ -m 644
> +--
> +1.8.4.2
> +
> diff --git a/meta-cgl-common/recipes-cgl/samhain/samhain/config-site.samhain-3.1.3 b/meta-cgl-common/recipes-cgl/samhain/samhain/config-site.samhain-3.1.3
> new file mode 100644
> index 0000000..2ce3769
> --- /dev/null
> +++ b/meta-cgl-common/recipes-cgl/samhain/samhain/config-site.samhain-3.1.3
> @@ -0,0 +1,2 @@
> +ssp_cv_lib=no
> +sh_cv_va_copy=yes
> diff --git a/meta-cgl-common/recipes-cgl/samhain/samhain_3.1.3.bb b/meta-cgl-common/recipes-cgl/samhain/samhain_3.1.3.bb
> new file mode 100644
> index 0000000..22c8577
> --- /dev/null
> +++ b/meta-cgl-common/recipes-cgl/samhain/samhain_3.1.3.bb
> @@ -0,0 +1,58 @@
> +SUMMARY = "File Integrity and Intrusion Detection System"
> +DESCRIPTION = "Samhain is an open source file integrity and intrusion detection \
> +system for Unix that uses cryptographic checksums of files to \
> +detect modifications, and allows you to trace: what changes have \
> +occured in your system, when these changes have occured, and who \
> +was logged into the system at the respective time."
> +
> +HOMEPAGE = "http://la-samhna.de/samhain/"
> +SECTION = "Filesystem"
> +
> +SRC_URI = "http://la-samhna.de/samhain/samhain-current.tar.gz;extract=samhain-3.1.3.tar.gz \
> +   file://0001-Makefile.in-error-fix.patch"
> +SRC_URI[md5sum] = "64572a4dbfdc8065d6e9f7ca0eab0a34"
> +SRC_URI[sha256sum] = "c234afaf9ba3c6b7d240858b74423f935185de66e996405b3016ec4a288a7e1e"
> +LICENSE = "GPLv2"
> +LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b"
> +
> +DEPENDS = "libpthread-stubs acl zlib attr"
> +inherit autotools-brokensep pkgconfig
> +
> +do_unpack2() {
> +    cd ${WORKDIR}
> +    tar zxvf ${PN}-${PV}.tar.gz
> +}
> +
> +S = "${WORKDIR}/${BP}"
> +
> +addtask unpack2 after do_unpack before do_patch
> +do_configure() {
> +    export CONFIG_SITE=./config-site.${BP}
> +    ./configure \
> +        --host=${HOST_SYS} \
> +        --build=${BUILD_SYS} \
> +        --prefix=${prefix} \
> +        --sbindir=${sbindir} \
> +        --mandir=${mandir} \
> +        --sysconfdir=${sysconfdir} \
> +        --localstatedir=${localstatedir} \
> +        --with-config-file=/etc/samhain/samhainrc \
> +        --with-state-dir=/var/samhain \
> +        --with-html-file=/var/samhain/samhain.html \
> +        --with-data-file=/var/samhain/samhain.data \
> +        --with-pid-file=/var/samhain/samhain.pid \
> +        --with-log-file=/var/samhain/samhain.log \
> +        --enable-login-watch \
> +        --disable-khide \
> +        --enable-suidcheck \
> +        --with-trusted=0
> +}
> +
> +do_install() {
> +    install -d -m 755 ${D}/var/samhain
> +    install -d  ${D}/${mandir}
> +    oe_runmake DESTDIR=${D} install-program install-man install-data
> +    chmod -R a+r ${D}/${mandir}
> +    install -d ${D}/etc/samhain
> +    install -c -m 644  samhainrc.linux ${D}/etc/samhain/samhainrc
> +}
>

     prev parent reply	other threads:[~2014-12-13 18:15 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-12-10  8:33 [meta-cgl][PATCH] samhain: add new recipe Li xin
2014-12-10 17:28 ` Khem Raj
2014-12-11  0:47 ` Joe MacDonald
2014-12-11  7:21   ` Alexandru Vaduva
2014-12-11  7:51     ` Alexandru Vaduva
2014-12-12 19:53       ` akuster808
2014-12-11  9:35     ` add files to dirctory in packages-split Neil.Wu
2014-12-11 10:04       ` Khem Raj
2014-12-12  1:59         ` Neil.Wu
2014-12-12  2:48           ` Khem Raj
2014-12-12  7:41             ` Neil.Wu
2014-12-17  9:30     ` problem of toolchain install directrory Neil.Wu
2014-12-17  9:46       ` Liviu Gheorghisan
2014-12-18  2:59         ` Neil.Wu
2015-01-15 10:03     ` can't find the source code of kernel Neil.Wu
2015-01-15 13:04       ` Bruce Ashfield
2015-01-16  1:13         ` Neil.Wu
2015-01-16  4:35           ` Bruce Ashfield
2015-01-20  1:48             ` Neil.Wu
2015-01-20  3:12     ` dependency eglibc resulted in conflicting PREFERRED_PROVIDER entries being found Neil.Wu
2015-01-21  6:59       ` the problem of poky 1.7 when building the custom rootfs Neil.Wu
2014-12-13 18:15 ` akuster808 [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=548C822B.6090008@gmail.com \
    --to=akuster808@gmail.com \
    --cc=lixin.fnst@cn.fujitsu.com \
    --cc=yocto@yoctoproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox