Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 1 | DESCRIPTION = "Provides file integrity checking and log file monitoring/analysis" |
| 2 | HOMEPAGE = "http://www.la-samhna.de/samhain/" |
Patrick Williams | 03907ee | 2022-05-01 06:28:52 -0500 | [diff] [blame] | 3 | LICENSE = "GPL-2.0-only" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 4 | LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b" |
| 5 | |
Patrick Williams | de0582f | 2022-04-08 10:23:27 -0500 | [diff] [blame] | 6 | PV = "4.4.7" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 7 | |
Andrew Geissler | f31b8bd | 2020-11-30 19:54:56 -0600 | [diff] [blame] | 8 | SRC_URI = "https://la-samhna.de/archive/samhain_signed-${PV}.tar.gz \ |
| 9 | file://${INITSCRIPT_NAME}.init \ |
| 10 | file://${INITSCRIPT_NAME}.default \ |
| 11 | file://samhain.service \ |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 12 | file://samhain-mips64-aarch64-dnmalloc-hash-fix.patch \ |
| 13 | file://samhain-samhainrc.patch \ |
| 14 | file://samhain-samhainrc-fix-files-dirs-path.patch \ |
| 15 | file://samhain-pid-path.patch \ |
| 16 | file://samhain-sha256-big-endian.patch \ |
| 17 | file://samhain-configure-add-option-for-ps.patch \ |
| 18 | file://samhain-avoid-searching-host-for-postgresql.patch \ |
| 19 | file://samhain-add-LDFLAGS-variable-for-samhain_setpwd.patch \ |
Andrew Geissler | 1fe918a | 2020-05-15 14:16:47 -0500 | [diff] [blame] | 20 | file://fix-build-with-new-version-attr.patch \ |
Andrew Geissler | 9d3cc05 | 2021-03-31 13:36:22 -0500 | [diff] [blame] | 21 | file://samhain-fix-initializer-element-is-not-constant.patch \ |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 22 | " |
| 23 | |
Patrick Williams | de0582f | 2022-04-08 10:23:27 -0500 | [diff] [blame] | 24 | SRC_URI[sha256sum] = "0aa978accb635000c2d9170f307bff8a95836f8ec01615a53dbd9c2af9564d44" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 25 | |
| 26 | UPSTREAM_CHECK_URI = "https://www.la-samhna.de/samhain/archive.html" |
| 27 | UPSTREAM_CHECK_REGEX = "samhain_signed-(?P<pver>(\d+(\.\d+)+))\.tar" |
| 28 | |
| 29 | S = "${WORKDIR}/samhain-${PV}" |
| 30 | |
| 31 | inherit autotools-brokensep update-rc.d pkgconfig systemd |
| 32 | |
| 33 | SAMHAIN_PORT ??= "49777" |
| 34 | SAMHAIN_SERVER ??= "NULL" |
| 35 | |
| 36 | INITSCRIPT_NAME = "${BPN}" |
| 37 | INITSCRIPT_PARAMS ?= "defaults" |
| 38 | |
| 39 | SYSTEMD_PACKAGES = "${PN}" |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 40 | SYSTEMD_SERVICE:${PN} = "${INITSCRIPT_NAME}.service" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 41 | SYSTEMD_AUTO_ENABLE = "disable" |
| 42 | |
| 43 | # mode mapping: |
| 44 | # BPN MODE_NAME SAMHAIN_MODE |
| 45 | # samhain-standalone standalone no |
| 46 | # samhain-client client client |
| 47 | # samhain-server server server |
| 48 | MODE_NAME = "${@d.getVar('BPN').split('-')[1]}" |
| 49 | SAMHAIN_MODE = "${@oe.utils.ifelse(d.getVar('MODE_NAME') == 'standalone', 'no', '${MODE_NAME}')}" |
| 50 | |
| 51 | # supports mysql|postgresql|oracle|odbc but postgresql is the only one available |
| 52 | |
| 53 | PACKAGECONFIG ??= "postgresql ps \ |
| 54 | ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \ |
| 55 | ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit', '', d)} \ |
| 56 | ${@bb.utils.contains('DISTRO_FEATURES', 'acl', 'acl', '', d)} \ |
| 57 | " |
| 58 | |
| 59 | PACKAGECONFIG[postgresql] = "--with-database=postgresql --enable-xml-log PGSQL_INC_DIR=${STAGING_INCDIR} PGSQL_LIB_DIR=${STAGING_LIBDIR}, , postgresql" |
| 60 | PACKAGECONFIG[suidcheck] = "--enable-suidcheck, , " |
| 61 | PACKAGECONFIG[logwatch] = "--enable-login-watch, , " |
| 62 | PACKAGECONFIG[mounts] = "--enable-mounts-check, , " |
| 63 | PACKAGECONFIG[userfiles] = "--enable-userfiles, , " |
| 64 | PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," |
| 65 | PACKAGECONFIG[selinux] = "--enable-selinux, --disable-selinux, libselinux attr" |
| 66 | PACKAGECONFIG[acl] = " --enable-posix-acl , --disable-posix-acl, acl" |
| 67 | PACKAGECONFIG[audit] = "ac_cv_header_auparse_h=yes,ac_cv_header_auparse_h=no,audit" |
| 68 | PACKAGECONFIG[ps] = "--with-ps-path=${base_bindir}/ps,,,procps" |
| 69 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 70 | EXTRA_OEMAKE:append:aarch64 = " CPPFLAGS+=-DCONFIG_ARCH_AARCH64=1" |
| 71 | EXTRA_OEMAKE:append:mips64 = " CPPFLAGS+=-DCONFIG_ARCH_MIPS64=1" |
Andrew Geissler | 1fe918a | 2020-05-15 14:16:47 -0500 | [diff] [blame] | 72 | |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 73 | do_unpack_samhain() { |
| 74 | cd ${WORKDIR} |
| 75 | tar -xzvf samhain-${PV}.tar.gz |
| 76 | } |
| 77 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 78 | python do_unpack:append() { |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 79 | bb.build.exec_func('do_unpack_samhain', d) |
| 80 | } |
| 81 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 82 | do_configure:prepend:arm() { |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 83 | export sh_cv___va_copy=yes |
| 84 | } |
| 85 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 86 | do_configure:prepend:aarch64() { |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 87 | export sh_cv___va_copy=yes |
| 88 | } |
| 89 | |
| 90 | # If we use oe_runconf in do_configure() it will by default |
| 91 | # use the prefix --oldincludedir=/usr/include which is not |
| 92 | # recognized by Samhain's configure script and would invariably |
| 93 | # throw back the error "unrecognized option: --oldincludedir=/usr/include" |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 94 | do_configure:prepend () { |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 95 | cat << EOF > ${S}/config-site.${BP} |
| 96 | ssp_cv_lib=no |
| 97 | sh_cv_va_copy=yes |
| 98 | EOF |
| 99 | export CONFIG_SITE=${S}/config-site.${BP} |
| 100 | } |
| 101 | |
| 102 | do_configure () { |
| 103 | autoconf -f |
| 104 | ./configure \ |
| 105 | --build=${BUILD_SYS} \ |
| 106 | --host=${HOST_SYS} \ |
| 107 | --target=${TARGET_SYS} \ |
| 108 | --prefix=${prefix} \ |
| 109 | --exec_prefix=${exec_prefix} \ |
| 110 | --bindir=${bindir} \ |
| 111 | --sbindir=${sbindir} \ |
| 112 | --libexecdir=${libexecdir} \ |
| 113 | --datadir=${datadir} \ |
| 114 | --sysconfdir=${sysconfdir} \ |
| 115 | --sharedstatedir=${sharedstatedir} \ |
| 116 | --localstatedir=${localstatedir} \ |
| 117 | --libdir=${libdir} \ |
| 118 | --includedir=${includedir} \ |
| 119 | --infodir=${infodir} \ |
| 120 | --mandir=${mandir} \ |
| 121 | --enable-network=${SAMHAIN_MODE} \ |
| 122 | --with-pid-file=${localstatedir}/run/samhain.pid \ |
| 123 | --with-data-file=${localstatedir}/lib/samhain/samhain_file \ |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 124 | ${EXTRA_OECONF} |
| 125 | } |
| 126 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 127 | do_compile:prepend:libc-musl () { |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 128 | sed -i 's/^#define HAVE_MALLOC_H.*//' ${B}/config.h |
| 129 | } |
| 130 | |
| 131 | # Install the init script, it's default file, and the extraneous |
| 132 | # documentation. |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 133 | do_install:append () { |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 134 | oe_runmake install DESTDIR='${D}' INSTALL=install-boot |
| 135 | |
| 136 | install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.init \ |
| 137 | ${D}${sysconfdir}/init.d/${INITSCRIPT_NAME} |
| 138 | |
| 139 | install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.default \ |
| 140 | ${D}${sysconfdir}/default/${INITSCRIPT_NAME} |
| 141 | |
| 142 | if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then |
| 143 | if [ "${SAMHAIN_MODE}" = "no" ]; then |
| 144 | install -D -m 0644 ${WORKDIR}/samhain.service ${D}/${systemd_system_unitdir}/samhain.service |
| 145 | else |
| 146 | install -D -m 0644 ${WORKDIR}/samhain.service ${D}/${systemd_system_unitdir}/${BPN}.service |
| 147 | fi |
| 148 | install -D -m 0755 ${WORKDIR}/${BPN}.init ${D}/${libexecdir}/${BPN} |
| 149 | sed -i -e 's,@LIBDIR@,${libexecdir},' \ |
| 150 | -e 's,@SAMHAIN_HELPER@,${BPN},' \ |
| 151 | -e 's,@MODE_NAME@,${MODE_NAME},' \ |
| 152 | ${D}${systemd_system_unitdir}/samhain*.service |
| 153 | fi |
| 154 | |
| 155 | install -d ${D}${docdir}/${BPN} |
| 156 | cp -r docs/* ${D}${docdir}/${BPN} |
| 157 | cp -r scripts ${D}${docdir}/${BPN} |
| 158 | install -d -m 755 ${D}${localstatedir}/samhain |
| 159 | |
| 160 | # Prevent QA warnings about installed ${localstatedir}/run |
| 161 | if [ -d ${D}${localstatedir}/run ]; then |
| 162 | rmdir ${D}${localstatedir}/run |
| 163 | fi |
Andrew Geissler | 1fe918a | 2020-05-15 14:16:47 -0500 | [diff] [blame] | 164 | |
| 165 | rm -rf ${D}${localstatedir}/log |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 166 | } |
| 167 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 168 | FILES:${PN} += "${systemd_system_unitdir}" |