1DESCRIPTION = "Provides file integrity checking and log file monitoring/analysis" 2HOMEPAGE = "http://www.la-samhna.de/samhain/" 3LICENSE = "GPL-2.0-only" 4LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b" 5 6PV = "4.4.10" 7 8SRC_URI = "https://la-samhna.de/archive/samhain_signed-${PV}.tar.gz \ 9 file://${INITSCRIPT_NAME}.init \ 10 file://${INITSCRIPT_NAME}.default \ 11 file://samhain.service \ 12 file://samhain-mips64-aarch64-dnmalloc-hash-fix.patch \ 13 file://samhain-samhainrc.patch \ 14 file://samhain-samhainrc-fix-files-dirs-path.patch \ 15 file://samhain-pid-path.patch \ 16 file://samhain-sha256-big-endian.patch \ 17 file://samhain-configure-add-option-for-ps.patch \ 18 file://samhain-avoid-searching-host-for-postgresql.patch \ 19 file://samhain-add-LDFLAGS-variable-for-samhain_setpwd.patch \ 20 file://fix-build-with-new-version-attr.patch \ 21 file://samhain-fix-initializer-element-is-not-constant.patch \ 22 " 23 24SRC_URI[sha256sum] = "ae6ee8eff3cb111b7fc14a57bcc258443dd0bcf1bfacfdf229935ed053c1ce3d" 25 26UPSTREAM_CHECK_URI = "https://www.la-samhna.de/samhain/archive.html" 27UPSTREAM_CHECK_REGEX = "samhain_signed-(?P<pver>(\d+(\.\d+)+))\.tar" 28 29S = "${WORKDIR}/samhain-${PV}" 30 31inherit autotools-brokensep update-rc.d pkgconfig systemd 32 33SAMHAIN_PORT ??= "49777" 34SAMHAIN_SERVER ??= "NULL" 35 36INITSCRIPT_NAME = "${BPN}" 37INITSCRIPT_PARAMS ?= "defaults" 38 39SYSTEMD_PACKAGES = "${PN}" 40SYSTEMD_SERVICE:${PN} = "${INITSCRIPT_NAME}.service" 41SYSTEMD_AUTO_ENABLE = "disable" 42 43# supports mysql|postgresql|oracle|odbc but postgresql is the only one available 44 45PACKAGECONFIG ??= "postgresql ps \ 46 ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \ 47 ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit', '', d)} \ 48 ${@bb.utils.contains('DISTRO_FEATURES', 'acl', 'acl', '', d)} \ 49" 50 51PACKAGECONFIG[postgresql] = "--with-database=postgresql --enable-xml-log PGSQL_INC_DIR=${STAGING_INCDIR} PGSQL_LIB_DIR=${STAGING_LIBDIR}, , postgresql" 52PACKAGECONFIG[suidcheck] = "--enable-suidcheck, , " 53PACKAGECONFIG[logwatch] = "--enable-login-watch, , " 54PACKAGECONFIG[mounts] = "--enable-mounts-check, , " 55PACKAGECONFIG[userfiles] = "--enable-userfiles, , " 56PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," 57PACKAGECONFIG[selinux] = "--enable-selinux, --disable-selinux, libselinux attr" 58PACKAGECONFIG[acl] = " --enable-posix-acl , --disable-posix-acl, acl" 59PACKAGECONFIG[audit] = "ac_cv_header_auparse_h=yes,ac_cv_header_auparse_h=no,audit" 60PACKAGECONFIG[ps] = "--with-ps-path=${base_bindir}/ps,,,procps" 61 62EXTRA_OECONF += "INSTALL='install -p'" 63EXTRA_OEMAKE:append:aarch64 = " CPPFLAGS+=-DCONFIG_ARCH_AARCH64=1" 64EXTRA_OEMAKE:append:mips64 = " CPPFLAGS+=-DCONFIG_ARCH_MIPS64=1" 65 66do_unpack_samhain() { 67 cd ${WORKDIR} 68 tar -xzvf samhain-${PV}.tar.gz 69} 70 71python do_unpack:append() { 72 bb.build.exec_func('do_unpack_samhain', d) 73} 74 75do_configure:prepend:arm() { 76 export sh_cv___va_copy=yes 77} 78 79do_configure:prepend:aarch64() { 80 export sh_cv___va_copy=yes 81} 82 83# If we use oe_runconf in do_configure() it will by default 84# use the prefix --oldincludedir=/usr/include which is not 85# recognized by Samhain's configure script and would invariably 86# throw back the error "unrecognized option: --oldincludedir=/usr/include" 87do_configure:prepend () { 88 cat << EOF > ${S}/config-site.${BP} 89ssp_cv_lib=no 90sh_cv_va_copy=yes 91EOF 92 export CONFIG_SITE=${S}/config-site.${BP} 93 # remove the buildpath 94 sed -i -e 's;mydefarg;mydefargholder;g' ${S}/scripts/samhain.ebuild.in 95 sed -i -e 's;mydefarg;mydefargholder;g' ${S}/scripts/samhain.ebuild-light.in 96} 97 98do_configure () { 99 autoconf -f 100 ./configure \ 101 --build=${BUILD_SYS} \ 102 --host=${HOST_SYS} \ 103 --target=${TARGET_SYS} \ 104 --prefix=${prefix} \ 105 --exec_prefix=${exec_prefix} \ 106 --bindir=${bindir} \ 107 --sbindir=${sbindir} \ 108 --libexecdir=${libexecdir} \ 109 --datadir=${datadir} \ 110 --sysconfdir=${sysconfdir} \ 111 --sharedstatedir=${sharedstatedir} \ 112 --localstatedir=${localstatedir} \ 113 --libdir=${libdir} \ 114 --includedir=${includedir} \ 115 --infodir=${infodir} \ 116 --mandir=${mandir} \ 117 --enable-network=${SAMHAIN_MODE} \ 118 --with-pid-file=${localstatedir}/run/samhain.pid \ 119 --with-data-file=${localstatedir}/lib/samhain/samhain_file \ 120 ${EXTRA_OECONF} 121} 122 123do_compile:prepend:libc-musl () { 124 sed -i 's/^#define HAVE_MALLOC_H.*//' ${B}/config.h 125} 126 127# Install the init script, it's default file, and the extraneous 128# documentation. 129do_install:append () { 130 oe_runmake install DESTDIR='${D}' INSTALL=install-boot 131 132 install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.init \ 133 ${D}${sysconfdir}/init.d/${INITSCRIPT_NAME} 134 135 install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.default \ 136 ${D}${sysconfdir}/default/${INITSCRIPT_NAME} 137 138 if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then 139 if [ "${SAMHAIN_MODE}" = "no" ]; then 140 install -D -m 0644 ${WORKDIR}/samhain.service ${D}/${systemd_system_unitdir}/samhain.service 141 else 142 install -D -m 0644 ${WORKDIR}/samhain.service ${D}/${systemd_system_unitdir}/${BPN}.service 143 fi 144 install -D -m 0755 ${WORKDIR}/${BPN}.init ${D}/${libexecdir}/${BPN} 145 sed -i -e 's,@LIBDIR@,${libexecdir},' \ 146 -e 's,@SAMHAIN_HELPER@,${BPN},' \ 147 -e 's,@MODE_NAME@,${MODE_NAME},' \ 148 ${D}${systemd_system_unitdir}/samhain*.service 149 fi 150 151 install -d ${D}${docdir}/${BPN} 152 cp -r docs/* ${D}${docdir}/${BPN} 153 cp -r scripts ${D}${docdir}/${BPN} 154 install -d -m 755 ${D}${localstatedir}/samhain 155 156 # Prevent QA warnings about installed ${localstatedir}/run 157 if [ -d ${D}${localstatedir}/run ]; then 158 rmdir ${D}${localstatedir}/run 159 fi 160 161 rm -rf ${D}${localstatedir}/log 162} 163 164FILES:${PN} += "${systemd_system_unitdir}" 165