--- samhain-3.1.0.orig/Makefile.in +++ samhain-3.1.0/Makefile.in @@ -54,7 +54,7 @@ top_builddir = . INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL@ -s -m 700 +INSTALL_PROGRAM = @INSTALL@ -m 700 INSTALL_SHELL = @INSTALL@ -m 700 INSTALL_DATA = @INSTALL@ -m 600 INSTALL_MAN = @INSTALL@ -m 644 @@ -224,7 +224,7 @@ # #---------------------------------------------------------- -all: $(top_srcdir)/depend.sum $(SETPWD) $(STEGIN) $(SAMHAIN) $(YULECTL) @sh_lkm@ sstrip +all: $(top_srcdir)/depend.sum $(SETPWD) $(STEGIN) $(SAMHAIN) $(YULECTL) @sh_lkm@ #---------------------------------------------------------- @@ -375,7 +375,9 @@ deploy.sh sh_MK.h samhain-install.sh sh_gpg_chksum.h sh_gpg_fp.h \ rules.deb rules.deb-light \ scripts/samhainadmin.pl scripts/check_samhain.pl \ - scripts/samhain.ebuild scripts/samhain.ebuild-light + scripts/samhain.ebuild scripts/samhain.ebuild-light \ + scripts/yuleadmin.pl scripts/logrotate scripts/redhat_i386.client.spec \ + scripts/samhain.spec hp_ux.psf TESTCLEANFILES = samhain.build samhain.new yule.html \ test_ext test_ext.c test_ext.res testhash.tmp \ @@ -533,7 +535,7 @@ ./samhain-install.sh --destdir=$(DESTDIR) --express --verbose uninstall-lkm -install-program: $(PROGRAMS) sstrip +install-program: $(PROGRAMS) @$(mkinstalldirs) $(DESTDIR)$(sbindir) @if test x$(mytmpdir) != x; then \ $(mkinstalldirs) $(DESTDIR)$(mytmpdir); \ @@ -544,7 +546,6 @@ $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's%samhain%@install_name@%'|sed 's%yule%@install_name@%'`; \ chmod 0700 $(DESTDIR)$(sbindir)/`echo $$p|sed 's%samhain%@install_name@%'|sed 's%yule%@install_name@%'`; \ echo " ./sstrip $(DESTDIR)$(sbindir)/`echo $$p|sed 's%samhain%@install_name@%'|sed 's%yule%@install_name@%'`"; \ - ./sstrip $(DESTDIR)$(sbindir)/`echo $$p|sed 's%samhain%@install_name@%'|sed 's%yule%@install_name@%'`; \ else :; fi; \ done @@ -1305,9 +1306,8 @@ ./kern_head > sh_ks.h sh_ks_xor.h: encode sh_ks.h - @echo 'encode $(XOR_CODE) sh_ks.h'; \ - sleep 1; \ - ./encode $(XOR_CODE) sh_ks.h; \ + @echo 'encode $(XOR_CODE) sh_ks.h' + ./encode $(XOR_CODE) sh_ks.h mv x_sh_ks.h sh_ks_xor.h # For bignum @@ -1374,29 +1374,26 @@ echo "$(LINK) exepack_fill.o minilzo.o"; \ $(LINK) exepack_fill.o minilzo.o -samhain.pk: $(SAMHAIN) exepack exepack_fill sstrip +samhain.pk: $(SAMHAIN) exepack exepack_fill @echo "cp ./$(SAMHAIN) ./samhain.pk.data"; \ - cp ./$(SAMHAIN) ./samhain.pk.data; \ + cp ./$(SAMHAIN) ./samhain.pk.data echo "strip ./samhain.pk.data"; \ - strip ./samhain.pk.data > /dev/null 2>&1 || echo "... is already stripped"; \ - echo "./sstrip ./samhain.pk.data"; \ - ./sstrip ./samhain.pk.data > /dev/null 2>&1 || echo "sstrip returned false"; \ - test -f exepack.out && rm exepack.out; \ + strip ./samhain.pk.data > /dev/null 2>&1 || echo "... is already stripped" + test -f exepack.out && rm exepack.out echo "./exepack_fill exepack samhain.pk.data exepack.out"; \ - ./exepack_fill exepack samhain.pk.data exepack.out; \ - chmod +x exepack.out; \ + ./exepack_fill exepack samhain.pk.data exepack.out + chmod +x exepack.out echo "strip exepack.out"; \ - strip exepack.out > /dev/null 2>&1 || echo "... is already stripped"; \ - ./sstrip exepack.out > /dev/null 2>&1 || echo "sstrip returned false"; \ + strip exepack.out > /dev/null 2>&1 || echo "... is already stripped" echo "mv exepack.out samhain.pk"; \ rm -f samhain.pk; mv exepack.out samhain.pk samhain-packed: $(SAMHAIN) samhain_setpwd @echo "samhain_setpwd samhain new $(CLIENTPASSWD)"; \ - samhain_setpwd samhain new $(CLIENTPASSWD); \ + samhain_setpwd samhain new $(CLIENTPASSWD) echo "rm -f samhain; mv samhain.new samhain"; \ - rm -f samhain; mv samhain.new samhain; \ - $(MAKE) samhain.pk; \ + rm -f samhain; mv samhain.new samhain + $(MAKE) samhain.pk echo "rm -f samhain; mv samhain.pk samhain"; \ rm -f samhain; mv samhain.pk samhain --- samhain-3.1.0.orig/config.guess +++ samhain-3.1.0/config.guess @@ -1,14 +1,12 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 -# Free Software Foundation, Inc. +# Copyright 1992-2014 Free Software Foundation, Inc. -timestamp='2009-12-30' +timestamp='2014-03-23' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -17,26 +15,22 @@ # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program; if not, see . # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner. Please send patches (context -# diff format) to and include a ChangeLog -# entry. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). # -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. +# Originally written by Per Bothner. # # You can get the latest version of this script from: # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD +# +# Please send patches with a ChangeLog entry to config-patches@gnu.org. + me=`echo "$0" | sed -e 's,.*/,,'` @@ -56,9 +50,7 @@ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free -Software Foundation, Inc. +Copyright 1992-2014 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -140,12 +132,33 @@ UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` + ;; +esac + # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward @@ -181,7 +194,7 @@ fi ;; *) - os=netbsd + os=netbsd ;; esac # The OS release @@ -202,6 +215,10 @@ # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} @@ -224,7 +241,7 @@ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` ;; *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` ;; esac # According to Compaq, /usr/sbin/psrinfo has been available on @@ -270,7 +287,10 @@ # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit ;; + # Reset EXIT trap before exiting to avoid spurious non-zero exit code. + exitcode=$? + trap '' 0 + exit $exitcode ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead @@ -296,12 +316,12 @@ echo s390-ibm-zvmoe exit ;; *:OS400:*:*) - echo powerpc-ibm-os400 + echo powerpc-ibm-os400 exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) + arm*:riscos:*:*|arm*:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) @@ -395,23 +415,23 @@ # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit ;; + exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} exit ;; @@ -481,8 +501,8 @@ echo m88k-motorola-sysv3 exit ;; AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ @@ -495,7 +515,7 @@ else echo i586-dg-dgux${UNAME_RELEASE} fi - exit ;; + exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit ;; @@ -552,7 +572,7 @@ echo rs6000-ibm-aix3.2 fi exit ;; - *:AIX:*:[456]) + *:AIX:*:[4567]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 @@ -595,52 +615,52 @@ 9000/[678][0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac + esac ;; + esac fi if [ "${HP_ARCH}" = "" ]; then eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } EOF (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa @@ -731,22 +751,22 @@ exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd - exit ;; + exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit ;; + exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd - exit ;; + exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd - exit ;; + exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd - exit ;; + exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; @@ -770,14 +790,14 @@ exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} @@ -789,30 +809,35 @@ echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + UNAME_PROCESSOR=`/usr/bin/uname -p` + case ${UNAME_PROCESSOR} in amd64) echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; esac exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; + *:MSYS*:*) + echo ${UNAME_MACHINE}-pc-msys + exit ;; i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; *:Interix*:*) - case ${UNAME_MACHINE} in + case ${UNAME_MACHINE} in x86) echo i586-pc-interix${UNAME_RELEASE} exit ;; @@ -849,15 +874,22 @@ exit ;; *:GNU:*:*) # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; + aarch64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + aarch64_be:Linux:*:*) + UNAME_MACHINE=aarch64_be + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; @@ -867,52 +899,56 @@ EV6) UNAME_MACHINE=alphaev6 ;; EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; - esac + esac objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arc:Linux:*:* | arceb:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arm*:Linux:*:*) eval $set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} else - echo ${UNAME_MACHINE}-unknown-linux-gnueabi + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi + else + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf + fi fi exit ;; avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; cris:Linux:*:*) - echo cris-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; frv:Linux:*:*) - echo frv-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + hexagon:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + echo ${UNAME_MACHINE}-pc-linux-${LIBC} exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build @@ -931,51 +967,63 @@ #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu + openrisc*:Linux:*:*) + echo or1k-unknown-linux-${LIBC} + exit ;; + or32:Linux:*:* | or1k*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; padre:Linux:*:*) - echo sparc-unknown-linux-gnu + echo sparc-unknown-linux-${LIBC} exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + echo hppa64-unknown-linux-${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; esac exit ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu + echo powerpc64-unknown-linux-${LIBC} exit ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} exit ;; s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + tile*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu + echo ${UNAME_MACHINE}-dec-linux-${LIBC} exit ;; x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -984,11 +1032,11 @@ echo i386-sequent-sysv4 exit ;; i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. + # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit ;; i*86:OS/2:*:*) @@ -1020,7 +1068,7 @@ fi exit ;; i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. + # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; @@ -1048,13 +1096,13 @@ exit ;; pc:*:*:*) # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i586. + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configury will decide that # this is a cross-build. echo i586-pc-msdosdjgpp - exit ;; + exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit ;; @@ -1089,8 +1137,8 @@ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; NCR*:*:4.2:* | MPRAS*:*:4.2:*) OS_REL='.3' test -r /etc/.relid \ @@ -1133,10 +1181,10 @@ echo ns32k-sni-sysv fi exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm @@ -1162,11 +1210,11 @@ exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} + echo mips-nec-sysv${UNAME_RELEASE} else - echo mips-unknown-sysv${UNAME_RELEASE} + echo mips-unknown-sysv${UNAME_RELEASE} fi - exit ;; + exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit ;; @@ -1179,6 +1227,9 @@ BePC:Haiku:*:*) # Haiku running on Intel PC compatible. echo i586-pc-haiku exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1205,19 +1256,31 @@ exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + fi + elif test "$UNAME_PROCESSOR" = i386 ; then + # Avoid executing cc on OS X 10.9, as it ships with a stub + # that puts up a graphical alert prompting to install + # developer tools. Any system running Mac OS X 10.7 or + # later (Darwin 11 and later) is required to have a 64-bit + # processor. This is not true of the ARM version of Darwin + # that Apple uses in portable devices. + UNAME_PROCESSOR=x86_64 + fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) @@ -1231,7 +1294,10 @@ *:QNX:*:4*) echo i386-pc-qnx exit ;; - NSE-?:NONSTOP_KERNEL:*:*) + NEO-?:NONSTOP_KERNEL:*:*) + echo neo-tandem-nsk${UNAME_RELEASE} + exit ;; + NSE-*:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) @@ -1276,13 +1342,13 @@ echo pdp10-unknown-its exit ;; SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} + echo mips-sei-seiux${UNAME_RELEASE} exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` + UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in A*) echo alpha-dec-vms ; exit ;; I*) echo ia64-dec-vms ; exit ;; @@ -1300,158 +1366,10 @@ i*86:AROS:*:*) echo ${UNAME_MACHINE}-pc-aros exit ;; -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi + x86_64:VMkernel:*:*) + echo ${UNAME_MACHINE}-unknown-esx exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi +esac cat >&2 <. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). -# Please send patches to . Submit a context -# diff and a properly formatted GNU ChangeLog entry. +# Please send patches with a ChangeLog entry to config-patches@gnu.org. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. @@ -75,9 +68,7 @@ version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free -Software Foundation, Inc. +Copyright 1992-2014 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -124,13 +115,18 @@ # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ - uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ + linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ + knetbsd*-gnu* | netbsd*-gnu* | \ kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; + android-linux) + os=-linux-android + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown + ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] @@ -153,12 +149,12 @@ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze) + -apple | -axis | -knuth | -cray | -microblaze*) os= basic_machine=$1 ;; - -bluegene*) - os=-cnk + -bluegene*) + os=-cnk ;; -sim | -cisco | -oki | -wec | -winbond) os= @@ -174,10 +170,10 @@ os=-chorusos basic_machine=$1 ;; - -chorusrdb) - os=-chorusrdb + -chorusrdb) + os=-chorusrdb basic_machine=$1 - ;; + ;; -hiux*) os=-hiuxwe2 ;; @@ -222,6 +218,12 @@ -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; + -lynx*178) + os=-lynxos178 + ;; + -lynx*5) + os=-lynxos5 + ;; -lynx*) os=-lynxos ;; @@ -246,20 +248,28 @@ # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ + | aarch64 | aarch64_be \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | arc | arceb \ + | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ + | avr | avr32 \ + | be32 | be64 \ | bfin \ - | c4x | clipper \ + | c4x | c8051 | clipper \ | d10v | d30v | dlx | dsp16xx \ + | epiphany \ | fido | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ + | k1om \ + | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep | metag \ + | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -273,38 +283,51 @@ | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ + | mipsisa32r6 | mipsisa32r6el \ | mipsisa64 | mipsisa64el \ | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64r6 | mipsisa64r6el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | moxie \ | mt \ | msp430 \ - | nios | nios2 \ + | nds32 | nds32le | nds32be \ + | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ - | or32 \ + | open8 | or1k | or1knd | or32 \ | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ - | rx \ + | riscv32 | riscv64 \ + | rl78 | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu | strongarm \ - | tahoe | thumb | tic4x | tic80 | tron \ + | spu \ + | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ | ubicom32 \ - | v850 | v850e \ + | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ | we32k \ - | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ + | x86 | xc16x | xstormy16 | xtensa \ | z8k | z80) basic_machine=$basic_machine-unknown ;; - m6811 | m68hc11 | m6812 | m68hc12 | picochip) - # Motorola 68HC11/12. + c54x) + basic_machine=tic54x-unknown + ;; + c55x) + basic_machine=tic55x-unknown + ;; + c6x) + basic_machine=tic6x-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) basic_machine=$basic_machine-unknown os=-none ;; @@ -314,6 +337,21 @@ basic_machine=mt-unknown ;; + strongarm | thumb | xscale) + basic_machine=arm-unknown + ;; + xgate) + basic_machine=$basic_machine-unknown + os=-none + ;; + xscaleeb) + basic_machine=armeb-unknown + ;; + + xscaleel) + basic_machine=armel-unknown + ;; + # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. @@ -328,25 +366,31 @@ # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ + | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ + | be32-* | be64-* \ | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ - | clipper-* | craynv-* | cydra-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* \ + | c8051-* | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | hexagon-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ + | k1om-* \ + | le32-* | le64-* \ | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ + | microblaze-* | microblazeel-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ @@ -360,34 +404,41 @@ | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa32r6-* | mipsisa32r6el-* \ | mipsisa64-* | mipsisa64el-* \ | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64r6-* | mipsisa64r6el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipsr5900-* | mipsr5900el-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ - | nios-* | nios2-* \ + | nds32-* | nds32le-* | nds32be-* \ + | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ + | open8-* \ + | or1k*-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ | pyramid-* \ - | romp-* | rs6000-* | rx-* \ + | rl78-* | romp-* | rs6000-* | rx-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \ + | tahoe-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile-* | tilegx-* \ + | tile*-* \ | tron-* \ | ubicom32-* \ - | v850-* | v850e-* | vax-* \ + | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ + | vax-* \ | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* \ | xstormy16-* | xtensa*-* \ | ymp-* \ | z8k-* | z80-*) @@ -412,7 +463,7 @@ basic_machine=a29k-amd os=-udi ;; - abacus) + abacus) basic_machine=abacus-unknown ;; adobe68k) @@ -482,11 +533,20 @@ basic_machine=powerpc-ibm os=-cnk ;; + c54x-*) + basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c55x-*) + basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c6x-*) + basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; c90) basic_machine=c90-cray os=-unicos ;; - cegcc) + cegcc) basic_machine=arm-unknown os=-cegcc ;; @@ -518,7 +578,7 @@ basic_machine=craynv-cray os=-unicosmp ;; - cr16) + cr16 | cr16-*) basic_machine=cr16-unknown os=-elf ;; @@ -676,7 +736,6 @@ i370-ibm* | ibm*) basic_machine=i370-ibm ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 @@ -734,11 +793,15 @@ basic_machine=ns32k-utek os=-sysv ;; - microblaze) + microblaze*) basic_machine=microblaze-xilinx ;; + mingw64) + basic_machine=x86_64-pc + os=-mingw64 + ;; mingw32) - basic_machine=i386-pc + basic_machine=i686-pc os=-mingw32 ;; mingw32ce) @@ -766,6 +829,10 @@ basic_machine=powerpc-unknown os=-morphos ;; + moxiebox) + basic_machine=moxie-unknown + os=-moxiebox + ;; msdos) basic_machine=i386-pc os=-msdos @@ -773,10 +840,18 @@ ms1-*) basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; + msys) + basic_machine=i686-pc + os=-msys + ;; mvs) basic_machine=i370-ibm os=-mvs ;; + nacl) + basic_machine=le32-unknown + os=-nacl + ;; ncr3000) basic_machine=i486-ncr os=-sysv4 @@ -841,6 +916,12 @@ np1) basic_machine=np1-gould ;; + neo-tandem) + basic_machine=neo-tandem + ;; + nse-tandem) + basic_machine=nse-tandem + ;; nsr-tandem) basic_machine=nsr-tandem ;; @@ -923,9 +1004,10 @@ ;; power) basic_machine=power-ibm ;; - ppc) basic_machine=powerpc-unknown + ppc | ppcbe) basic_machine=powerpc-unknown ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ppc-* | ppcbe-*) + basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown @@ -950,7 +1032,11 @@ basic_machine=i586-unknown os=-pw32 ;; - rdos) + rdos | rdos64) + basic_machine=x86_64-pc + os=-rdos + ;; + rdos32) basic_machine=i386-pc os=-rdos ;; @@ -1019,6 +1105,9 @@ basic_machine=i860-stratus os=-sysv4 ;; + strongarm-* | thumb-*) + basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; sun2) basic_machine=m68000-sun ;; @@ -1075,25 +1164,8 @@ basic_machine=t90-cray os=-unicos ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tic55x | c55x*) - basic_machine=tic55x-unknown - os=-coff - ;; - tic6x | c6x*) - basic_machine=tic6x-unknown - os=-coff - ;; - # This must be matched before tile*. - tilegx*) - basic_machine=tilegx-unknown - os=-linux-gnu - ;; tile*) - basic_machine=tile-unknown + basic_machine=$basic_machine-unknown os=-linux-gnu ;; tx39) @@ -1163,6 +1235,9 @@ xps | xps100) basic_machine=xps100-honeywell ;; + xscale-* | xscalee[bl]-*) + basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'` + ;; ymp) basic_machine=ymp-cray os=-unicos @@ -1260,11 +1335,11 @@ if [ x"$os" != x"" ] then case $os in - # First match some system type aliases - # that might get confused with valid system types. + # First match some system type aliases + # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. - -auroraux) - os=-auroraux + -auroraux) + os=-auroraux ;; -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` @@ -1288,28 +1363,29 @@ -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* \ + | -sym* | -kopensolaris* | -plan9* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ + | -bitrig* | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ + | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ + | -linux-newlib* | -linux-musl* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* | -tirtos*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1348,7 +1424,7 @@ -opened*) os=-openedition ;; - -os400*) + -os400*) os=-os400 ;; -wince*) @@ -1397,7 +1473,7 @@ -sinix*) os=-sysv4 ;; - -tpf*) + -tpf*) os=-tpf ;; -triton*) @@ -1433,17 +1509,14 @@ -aros*) os=-aros ;; - -kaos*) - os=-kaos - ;; -zvmoe) os=-zvmoe ;; -dicos*) os=-dicos ;; - -nacl*) - ;; + -nacl*) + ;; -none) ;; *) @@ -1466,10 +1539,10 @@ # system, and we'll never get to this point. case $basic_machine in - score-*) + score-*) os=-elf ;; - spu-*) + spu-*) os=-elf ;; *-acorn) @@ -1481,8 +1554,23 @@ arm*-semi) os=-aout ;; - c4x-* | tic4x-*) - os=-coff + c4x-* | tic4x-*) + os=-coff + ;; + c8051-*) + os=-elf + ;; + hexagon-*) + os=-elf + ;; + tic54x-*) + os=-coff + ;; + tic55x-*) + os=-coff + ;; + tic6x-*) + os=-coff ;; # This must come before the *-dec entry. pdp10-*) @@ -1502,14 +1590,11 @@ ;; m68000-sun) os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 ;; m68*-cisco) os=-aout ;; - mep-*) + mep-*) os=-elf ;; mips*-cisco) @@ -1536,7 +1621,7 @@ *-ibm) os=-aix ;; - *-knuth) + *-knuth) os=-mmixware ;; *-wec) --- samhain-3.1.0.orig/configure +++ samhain-3.1.0/configure @@ -1,11 +1,9 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68. +# Generated by GNU Autoconf 2.69. # # -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software -# Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -134,6 +132,31 @@ # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -167,7 +190,8 @@ else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1" +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -212,21 +236,25 @@ if test "x$CONFIG_SHELL" != x; then : - # We cannot yet assume a decent shell, so we have to provide a - # neutralization value for shells without unset; and this also - # works around shells that cannot unset nonexistent variables. - # Preserve -v and -x to the replacement shell. - BASH_ENV=/dev/null - ENV=/dev/null - (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV - export CONFIG_SHELL - case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; - esac - exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 fi if test x$as_have_required = xno; then : @@ -328,6 +356,14 @@ } # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -449,6 +485,10 @@ chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -483,16 +523,16 @@ # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -504,28 +544,8 @@ as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -1520,9 +1540,9 @@ if $ac_init_version; then cat <<\_ACEOF configure -generated by GNU Autoconf 2.68 +generated by GNU Autoconf 2.69 -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1795,7 +1815,7 @@ test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || - $as_test_x conftest$ac_exeext + test -x conftest$ac_exeext }; then : ac_retval=0 else @@ -2001,7 +2021,8 @@ main () { static int test_array [1 - 2 * !(($2) >= 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2017,7 +2038,8 @@ main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2043,7 +2065,8 @@ main () { static int test_array [1 - 2 * !(($2) < 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2059,7 +2082,8 @@ main () { static int test_array [1 - 2 * !(($2) >= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2093,7 +2117,8 @@ main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2220,7 +2245,7 @@ running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was -generated by GNU Autoconf 2.68. Invocation command line was +generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2637,7 +2662,7 @@ # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. @@ -2840,7 +2865,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2880,7 +2905,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2933,7 +2958,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2974,7 +2999,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -3032,7 +3057,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3076,7 +3101,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3522,8 +3547,7 @@ /* end confdefs.h. */ #include #include -#include -#include +struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -3627,7 +3651,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_BUILD_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3821,7 +3845,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3957,7 +3981,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_cmd_hostname="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4038,7 +4062,7 @@ for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue + as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in @@ -4104,7 +4128,7 @@ for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue + as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -4309,7 +4333,7 @@ case "$host_os" in - *linux*) + *linux*|*-kfreebsd*-gnu|*-gnu*) sh_use_lcaps="yes" $as_echo "#define HOST_IS_LINUX 1" >>confdefs.h @@ -5276,7 +5300,7 @@ We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -5322,7 +5346,7 @@ We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -5346,7 +5370,7 @@ We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -5391,7 +5415,7 @@ We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -5415,7 +5439,7 @@ We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -5447,6 +5471,8 @@ esac rm -rf conftest* fi + + fi @@ -6764,7 +6790,8 @@ - (LDBL_MANT_DIG < DBL_MANT_DIG))) && (int) LDBL_EPSILON == 0 )]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -7776,11 +7803,11 @@ int main () { -/* FIXME: Include the comments suggested by Paul. */ + #ifndef __cplusplus - /* Ultrix mips cc rejects this. */ + /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; - const charset cs; + const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; @@ -7797,8 +7824,9 @@ ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; + { /* SCO 3.2v4 cc rejects this sort of thing. */ + char tx; + char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; @@ -7814,10 +7842,10 @@ iptr p = 0; ++p; } - { /* AIX XL C 1.02.0.0 rejects this saying + { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; + struct s { int j; const int *ap[3]; } bx; + struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; @@ -9130,7 +9158,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_acx_pthread_config="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9326,7 +9354,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_PTHREAD_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9621,7 +9649,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_LIBPRELUDE_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -10050,7 +10078,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_HAVE_MYSQL_CONFIG="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -12746,16 +12774,16 @@ # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -12815,28 +12843,16 @@ as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -12858,7 +12874,7 @@ # values after options handling. ac_log=" This file was extended by $as_me, which was -generated by GNU Autoconf 2.68. Invocation command line was +generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -12924,10 +12940,10 @@ ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ config.status -configured by $0, generated by GNU Autoconf 2.68, +configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -13017,7 +13033,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' --- samhain-3.1.0.orig/configure.ac +++ samhain-3.1.0/configure.ac @@ -58,7 +58,7 @@ case "$host_os" in - *linux*) + *linux*|*-kfreebsd*-gnu|*-gnu*) sh_use_lcaps="yes" AC_DEFINE(HOST_IS_LINUX) AC_DEFINE(HAVE_EXT2_IOCTLS) --- samhain-3.1.0.orig/debian/NEWS +++ samhain-3.1.0/debian/NEWS @@ -0,0 +1,26 @@ +samhain (2.5.4-1) unstable; urgency=low + + Since version 2.5.4 samhain uses the dnmalloc allocator as a proactive + security measure against heap buffer overflows. If you experience stability + problems, please report these issues as a bug report against the Debian + package providing information on your architecture. + + As a workaround you can use the sources and use recompile them using + --disable-dnmalloc flag. + + -- Javier Fernandez-Sanguino Pen~a Thu, 05 Mar 2009 09:04:22 +0100 + +samhain (1.7.10-4) unstable; urgency=low + + Since version 1.7.10-4 the postinst has been fixed and the integrity + database will not be initialized each time the package is upgrade. + Previous versions would do so and, as a consequence, the + /var/state/samhain/samhain_file would be appended an will grow with + each upgrade. Users that have frequently upgraded samhain are suggested + to review the size of that file and consider (if it's too big, i.e + over 2-3 MBs) to purge it and re-run 'samhain -t init' to recreate it. + When I find a good way to detect appended databases code will be added + to the package management scripts in order to remove and regenerate it + (just in case some users suffer from this issue). + + -- Javier Fernandez-Sanguino Pen~a Sat, 20 Sep 2003 23:13:12 +0200 --- samhain-3.1.0.orig/debian/README.Debian +++ samhain-3.1.0/debian/README.Debian @@ -0,0 +1,117 @@ +samhain for Debian +------------------ + +Samhain reports +--------------- +(in systems that are upgrade periodically) + +If you are running samhain and are constantly updating your system, +maybe because you are running Debian 'sid' (i.e. unstable, not advised +on production servers) you will find that when you run 'apt-get upgrade' +you will get a flood of e-mails warning of system changes. +You will also get them when the system is rebooted or samhain is restarted. + +The main reason for this is that samhain is esentially doing its job: +warning the administrator of file system changes, and will keep on doing +this until the administrator updates the file system integrity database. +Notice that in a production server this will also happen when a security +update is made and patches are installed from Debian sources. + +This package will _never_ include a cron job that will do this for you, +since it could open a way for attackers to leave samhain useless (kill +samhain, make your changes, wait until the cron job updates samhain, restart +samhain...) + +It's the administrator job to determine wether a change samhain has +reported since the database was initialized/updated is correct or not and +when this has been verified he needs to manually reset the database +('samhain -t update -m none'). + +If this is your situation, and your integrity database is in your system +in read-write media (again, not recommended) you might want to run +'samhain -t update' after each programmed upgrade. +Moreover, you could do this automatically by +changing apt.conf (again, not recommend): + +-------------------------------------------------------------------------- +DPkg +{ + Pre-Invoke { "/etc/init.d/samhain stop" }; + Post-Invoke { "echo Updating samhain database" ; + "/usr/sbin/samhain -t update --foreground -m none" ; + "/etc/init.d/samhain start" }; +}; +-------------------------------------------------------------------------- + +Notice this configuration opens up a "window of vulnerability" in which +an attacker can wait until you run an update through apt, and makes his +changes before all the packages are installed. Since samhain is stopped +before that and the database is updated before it's restarted, the attacker's +changes will go unnoticed. + +With this configuration you will only receive a mail of the fact that samhain +was stopped and started, but no mail regarding the changes done to the filesystem +(you can modify the '-m' switch to change this, however) + +Included functionality +---------------------- + +Whileas samhain provides a client/server model as well as some nifty +security features (such as using GNUpg to test the database) +and functionality features (such as logging to SQL databases) they +have not been (yet) included in the package. Please read the manual and +use the sources (adjusting as needed) if you want these options. + +You can still use the Debian sources, if you want, to create new packages with +those features. For example, if you want to compile the server instead you +have to use the --enable-network=server flag. You can change this in the +debian/rules file inside the sources of the Debian package and recompile the +package (dpkg-buildpackage). You could do something like this: + +$ apt-get source samhain +$ cd samhain-2.0.10a +$ vi debian/rules +[ change the --enable-network= call ] +$ dch --newversion 1:2.2.0-1 +[ ... introduce a relevant changelog entry ... ] +$ dpkg-buildpackage +[ ... builds the package ... ] + +If you change the Debian version of the package (using 'dch') apt will +not update your package from Debian sources if these get update with a new +release. That's what the 'dch --newversion 1:2.2.0-1' is for. +A package with this version should never be upgraded by apt (as it would be +higher to any other version I might introduce in the archive due to the '1:' +epoch). You can also put the samhain package 'on hold' will not be +upgraded either (read more on 'holding' packages in the dpkg or apt +documentation) + +Samhain does not provide the web-based console (Beltane) either, you can +retrieve it from http://la-samhna.de/beltane/index.html + +The feature to detect loadable kernel module rootkits has been disabled +for the time being (it is kernel specific) + +In any clase, please take you time to customise samhain's configuration +file (/etc/samhain/samhainrc) specially the places (and kind of errors) +which Samahin will log (by sending an email, printing to console or to +syslog), please do 'man samhainrc' + +FIXED? (check) +- Make samhainrc adapted to Debian system -> 1.6 comes with a profile for + Debian-i386linux (this one is installed) + +TODO list +- Write manpages for samhain_encode and samhain_pwd based on README +- Currently not compiled with options, but could be compiled with +GPG/PGP support +- postrm script should remove database (if any) +- create a samhain-stealth package that conflicts with sanhain and does not +include the manpages and provides kernel module for stealth +- probably separate the client and server stuff in different packages + + -- Javier Fernandez-Sanguino Pea +Thu, 1 Jun 2006 21:36:21 +0200 + + + --- samhain-3.1.0.orig/debian/TODO +++ samhain-3.1.0/debian/TODO @@ -0,0 +1,13 @@ + +* Check why the init script provided upstream and the Debian init script are different + +* Check why the daemon does not behave the same when sending mail locally if the MTA is + not listening in port 25. It seems not to be able to send mails directly to local users + +* Fix the issue with ELF headers in non-i386 architectures + +* Determine if old bugs are still relevant + +* Provide also the samhain LKM and the applet-monitor + +* Provide versions for mysql and postgres? --- samhain-3.1.0.orig/debian/changelog +++ samhain-3.1.0/debian/changelog @@ -0,0 +1,609 @@ +samhain (3.1.0-7build1) wily; urgency=medium + + * No-change rebuild against libprelude2v5 + + -- Steve Langasek Mon, 10 Aug 2015 23:27:14 +0000 + +samhain (3.1.0-7) unstable; urgency=medium + + * Applied patch provided by Andrea Claudi to move all non-volatile package + state from /var/state/samhain to /var/lib/samhain, according to the FHS + (Closes: #771461) + * debian/preinst: Move the contents of /var/state/samhain (if they exist) + to /var/lib/samhain on upgrades to avoid re-creating the Samhain state + database on upgrades from previous versions. + + -- Javier Fernández-Sanguino Peña Wed, 03 Dec 2014 00:57:15 +0100 + +samhain (3.1.0-6) unstable; urgency=medium + + * debian/rules: Add an option to disable the ASM code when building + on amd64 targets. Work around to fix the FTBFS on amd64 and kfreebsd + (Closes: #735530) + Patch provided by Adam Conrad. + * debian/control: Change build-deps to add autotools-dev. Build on new + architectures will get config.{sub,guess} automatically without you needing + to do a fresh upload to update the diff. + Patch provided by Adam Conrad. + * debian/samhain.init,debian/postinst: Initialise the integrity database if + it does not exist the first time the init.d script is run, do not do it in + postinst. This prevents package installation from sending a mail to root + which causes problems in automated testing tools (such as piuparts) + (Closes: #749602) + * debian/samhain.init: Fix call to pidofproc, provide it with the required + arguments (Closes: #751747) (LP: #1330424) + + + -- Javier Fernández-Sanguino Peña Wed, 18 Jun 2014 21:39:56 +0200 + +samhain (3.1.0-5) unstable; urgency=medium + + * debian/samhainrc: Use 'root@localhost' for SetMailAddress instead of just + 'root' since the basic mailer configuration requires that a domain is + provided in the RCPT TO. + * debian/samhain.init: Improve the init script: + - Do not fail in 'start' if the daemon is already started, use --oknodo + (Closes: #736375) + - Do not try to stop the daemon (and wait for it to stop) if it is not running + - If the pidfile has been lost, try to determine the status using the + process name instead + * debian/control: Do not require libauparse-dev in kfreebsd (Closes: #736169) + * debian/rules: update config.{sub,guess} on build if available and restore + on clean + + -- Javier Fernández-Sanguino Peña Thu, 23 Jan 2014 04:00:30 +0100 + +samhain (3.1.0-3) unstable; urgency=medium + + * debian/rules: + - Disable dnmalloc for all architectures expect those known to work. It + seems to be the source of problems and segfaults in many different + architectures (Closes: #533860, #657307) + + Even though dnmalloc improves samhain's security this is done to avoid + potential problematic situations while we wait more information from + upstream indicating in which architectures dnmalloc() can + be safely enabled. + + -- Javier Fernández-Sanguino Peña Thu, 16 Jan 2014 03:30:24 +0100 + +samhain (3.1.0-2) unstable; urgency=medium + + * debian/rules: + - Disable dnmalloc for s390x, as it is done for s390 already + (Closes: #733875) + - Preliminary code to build server (yule) and client although. This a + first step to fix #343346 + * debian/control + - Add libauparse-dev to the Build-dependencies to ensure that audit + support is enabled (Closes: #700156) + + -- Javier Fernández-Sanguino Peña Thu, 16 Jan 2014 01:57:57 +0100 + +samhain (3.1.0-1) unstable; urgency=medium + + * New upstream release. (Closes: #733468, #700109) + * This new upstream release builds with gcc 4.8 (Closes: #701353) + * Fix use of /var/run/samhain, which is created by the init.d script since + version 2.6.2-1: + - Remove the /var/run/samhain directory when the package is purged + - Do not ship /var/run/samhain in the package file + Thanks go to Thomas Goirand for spotting this issue and providing a patch, + which I used as a basis for the above changes + (Closes: #689902) + * Default samhainrc now uses SetMailAddress=root, SetMailRelay=localhost + since there have been reports of the previous confguration + (SetMailAddress=root@localhost, SetMailRelay=NULL) not working since + samhain tries to retrieve an MX record for 'localhost' from the DNS + (Closes: 709753) + + -- Javier Fernández-Sanguino Peña Fri, 10 Jan 2014 16:51:45 +0100 + +samhain (3.0.3-1) experimental; urgency=low + + * Updated to latest upstream version + * Updated config.sub and config.guess with latest autools-dev versions + * Update maintainer's name in debian/control + + -- Javier Fernández-Sanguino Peña Mon, 09 Apr 2012 23:28:06 +0200 + +samhain (2.8.3a-1) unstable; urgency=low + + * New upstream release (Closes: #602678) + - Remove call to sstrip in Makefile.in + * debian/samhain.init: + - Do not try to remove stale lockfile, its location was not + correct (it was /var/log/samhain/samhain.lock) and samhain + will start nevertheless (Closes: 645678) + - When restarting, check if the daemon is running before attempting + to start it and complain if it's still there + - Add a 'status' call to check if the daemon is running. + [ Changes by Stephen Gran ] + * debian/rules: + - Disable dnmalloc where we know it doesn't work (Closes: #618728, #501232) + According to upstream documentation dnmalloc doesn't work AMD64 + architectures including ia64 and freebsd-amd64 + (http://www.la-samhna.de/samhain/manual/dnmalloc.html) + * debian/samhain.init, debian/samhain.logrotate.d: + - Switch back to /var/run/samhain, as /var/run is now a symlink to /run, + and samhain won't run if it's piddir is a symlink. + (Closes: #645016, #631580) + + -- Javier Fernandez-Sanguino Pen~a Fri, 28 Oct 2011 10:36:35 +0200 + +samhain (2.6.2-2) unstable; urgency=low + + * Change configuration so that the pidfile used is /var/run/samhain.pid + instead of /var/run/samhain/samhain.pid + * Restore the NMU of version 2.2.3-6.1 in the debian/changelog history + and source (although the rmel alignment bug is currently commented + out) (Closes: #502820) + * Updated config.sub and config.guess (Closes: #539945) + * debian/rules changes: + - Use pidfile checks to stop the daemon (Closes: #533859) + - Use LSB messages + * Add /var/log/samhain/supervise to the directories to remove when purging + (this directory was created in older versions of Samhain) + * Include translations to debconf templates: + - Danish translation, provided by Joe Dalton (Closes: #586240) + - Brazilian Portuguese, provided by Flamarion Jorge (Closes: #619250) + + -- Javier Fernandez-Sanguino Pen~a Tue, 26 Apr 2011 00:08:29 +0200 + +samhain (2.6.2-1) unstable; urgency=low + + * New upstream release. + * Fix FTBFS on KFreeBSD by defining _GNU_SOURCE and adjusting + samhain-install.sh.in (Closes: #565820) + * Lintian fixes: + - Do not create /var/run/samhain in debian/dirs but, instead, do it in the + init script when the daemon is started. (LP: #391111, #878242) + - Fix debian/samhain.doc-base: section and PDf location + - debian/postinst: change absolute reference to samhain binary + - debian/control: Move Homepage to package header + - debian/copyright: Re-encode in UTF-8 + * Use debhelper compatibility version 5 adjusting debian/compat + and commenting out DH_COMPAT in debian/rules + + -- Javier Fernandez-Sanguino Pen~a Thu, 18 Feb 2010 23:24:52 +0100 + +samhain (2.5.4-2) unstable; urgency=low + + * Fix FTBFS on KFreeBSD by defining _GNU_SOURCE and adjusting + samhain-install.sh.in (Closes: #565820) + + -- Javier Fernandez-Sanguino Pen~a Thu, 18 Feb 2010 23:15:40 +0100 + +samhain (2.5.4-1) experimental; urgency=low + + * New upstream release, upload to experimental since it uses a new + dnmalloc allocator as a security measure against heap buffer overflows + and might introduce stability problems + + -- Javier Fernandez-Sanguino Pen~a Thu, 05 Mar 2009 09:03:09 +0100 + +samhain (2.4.6a-1) experimental; urgency=low + + * New upstream release (Closes: #493114) + * Update maintainer address + * Add procps to Build-Depends + * Adjust documentation handling for this new release in maintainer + build scripts + * Reenable GCC_STACK_PROTECT in the configure scripts to try to see if + #382617 reproduces. + + -- Javier Fernandez-Sanguino Pen~a Sun, 28 Sep 2008 18:05:27 +0200 + +samhain (2.2.3-6.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix armel alignment issues by aligning a buffer in the Tiger implementation + in src/sh_tiger0.c on a 32-bit boundary (Closes: #501231) + + -- Paul Wise Mon, 20 Oct 2008 11:52:16 +0800 + +samhain (2.2.3-6) unstable; urgency=low + + * Take over maintainership. Previous upload was not a proper NMU. + - Acknowledge changes in previous NMU. Actually, the fix + to the init.d script also fixed a long-standing bug, which had the same + symptoms (Closes: #499799, #255435) + + -- Javier Fernandez-Sanguino Pen~a Sun, 28 Sep 2008 17:59:50 +0200 + +samhain (2.2.3-5) unstable; urgency=low + + * Use "--oknodo" when stopping the daemon when restarting it + Closes: #499799 + + -- Christian Perrier Sun, 28 Sep 2008 17:20:13 +0200 + +samhain (2.2.3-4) unstable; urgency=low + + * Add LSB header to the init.d script (Closes: #468167) + + -- Javier Fernandez-Sanguino Pen~a Fri, 21 Mar 2008 02:09:28 +0100 + +samhain (2.2.3-3) unstable; urgency=low + + * Add OS detection to support kFreeBSD and Hurd with patches provided + by Cyril Brulebois (Closes: #414151) + * Add --foreground option to the example in the README.Debian + (Closes: #390061) + * Add support for Prelude, using patch provided by Pierre Chifflier + (Closes: #312276) + * Add additional files to the default samhainrc as suggested by Olleg + Samoylov (Closes: #394622) + * Modify Makefile.in so that the samhain program is not installe the program + stripped, let dh_strip do his job (Closes: 437948) + + -- Javier Fernandez-Sanguino Pen~a Sun, 28 Oct 2007 21:53:52 +0100 + +samhain (2.2.3-2) unstable; urgency=low + + * Disable GCC_STACK_PROTECT from the autoconf definition as this + introduces a FTBFS currently. Should be reenabled once this + issue is fixed (Closes: #382617) + + -- Javier Fernandez-Sanguino Pen~a Sat, 19 Aug 2006 10:38:36 +0200 + +samhain (2.2.3-1) unstable; urgency=low + + * Upgrade to latest release + * Make samhain's configuration file mode 640 (instead of 644, users + don't need to read this file) + * Modify default samhainrc so it does not include /usr/X11R6/bin since + in the latest Xorg (v7) packages this directory is now a symlink + (Closes: #378320) + * Add /etc/nologin to the IgnoreAll section as suggested by Olleg Samoylov + (Closes: #381859) + * Add debconf translation to Portuguese contributed by Rui Branco (Note: had + to change the PO-Revision-Date since it was not properly defined and had + the default value) (Closes: #381446) + * Further modify Makefile.in so 'sstrip' doesn't even get compiled (as we + don't use it or redistribute it), it is also a pain to maintain as it + includes kernel headers and breaks occasionally. + + -- Javier Fernandez-Sanguino Pen~a Thu, 17 Aug 2006 01:10:22 +0200 + +samhain (2.2.0-2) unstable; urgency=low + + * Include patch provided by upstream fix build issues in amd64 with + gcc 4.1 (Closes: #370808) + + -- Javier Fernandez-Sanguino Pen~a Fri, 9 Jun 2006 16:15:08 +0200 + +samhain (2.2.0-1) unstable; urgency=low + + * New upstream release (Closes: #366826) + * Include patch provided by upstream to fix build error + when building with autoconf 2.59d (Closes: #369503) + * Provide Swedish Debconf translation sent by Daniel Nylander + (Closes: #331582) + * Add information on how to build the server version and make new + packages in the README.Debian file. + + -- Javier Fernandez-Sanguino Pen~a Mon, 5 Jun 2006 22:10:15 +0200 + +samhain (2.0.10a-4) unstable; urgency=low + + * Add Build-Depends on autoconf (Closes: #369387) + + -- Javier Fernandez-Sanguino Pen~a Tue, 30 May 2006 01:31:07 +0200 + +samhain (2.0.10a-3) unstable; urgency=low + + * Use AC_TRY_LINK instead of AC_TRY_COMPILE in aclocal.m4's + GCC_STACK_PROTECT_CC to prevent a FTBFS with gcc-4.1 in + mips (Closes: #358644) + + -- Javier Fernandez-Sanguino Pen~a Sun, 28 May 2006 19:17:49 +0200 + +samhain (2.0.10a-2) unstable; urgency=low + + * Make the package a non-native Debian package. + + -- Javier Fernandez-Sanguino Pen~a Sat, 5 Nov 2005 16:00:30 +0100 + +samhain (2.0.10a-1) unstable; urgency=low + + * New upstream release. + * Update FSF address in debian/copyright (Closes #329046) + * Added Swedish translation provided by Daniel Nylander (Closes #331582) + * Fixed example in HOWTO-samhain+GnuPG.html to use --with-ftp (Closes: + #306462) + * Added /etc/postfix/prng_exch to the default samhainrc so that + it is not checked for size change (Closes: #320110) + * Commented out [Kernel] and [Utmp] sections in the default samhainrc file + as they don't apply to Linux (Closes: #306971) + * Properly purge samhain generate files (Closes: #333422) + + -- Javier Fernandez-Sanguino Pen~a Tue, 11 Oct 2005 23:31:17 +0200 + +samhain (2.0.9-1) unstable; urgency=low + + * New upstream release (Closes: #319587) + * Use debhelper compatibility version 4, adjust debian/rules + and remove debian/conffiles + * Fix location of doc-base documents (Closes: #306471) + * Added Vietnamese debconf translation provided by Clytie Siddall + (Closes: #317877) + * Removed usr/bin from debian/dirs as it is not needed + * Add Dependency on "debconf | debconf-2.0" as requested by Joey Hess + * Added copyright statements from the included libraries in debian/copyright + after a review of the COPYING file and the source code. + * Minor fixes in the header of debian/rules (20001 -> 2001 :-) + + -- Javier Fernandez-Sanguino Pen~a Sun, 28 Aug 2005 17:21:30 +0200 + +samhain (2.0.2a-2) unstable; urgency=low + + * Added check translation provided by Miroslav Kure (Closes: #294780) + + -- Javier Fernandez-Sanguino Pen~a Sat, 12 Feb 2005 12:32:32 +0100 + +samhain (2.0.2a-1) unstable; urgency=low + + * New upstream release (Closes: #259275) + - Fixes buffer overflow which can lead to local root compromise. + (no CVE entry) (Closes: #281199) + - Adjusted locations of files used under debian/ since they have + been moved in upstream sources + * Since profiles have been removed provide a samhainrc file under debian/ + - This new samhainrc file is based in the samhainrc.linux file with + the default values used in previous releases. It changes, however, + the mail subject so it's clearer to the admin that the messages + are sent by samhain. + * Modified Makefile so errors related to used targets are trapped + (Closes: #259958) + * Fixed apt.conf example in README.Debian (Closes: #269843) + * Included italian debian/po translation provided by Luca Monducci + (Closes: #280140) + * Added a new 'get-orig-source' target to retrieve the latest version + from the homepage. + * Replaced dh_installmanpages by dh_installman + + -- Javier Fernandez-Sanguino Pen~a Sun, 14 Nov 2004 23:12:33 +0100 + +samhain (1.8.9-1) unstable; urgency=low + + * New upstream release (Closes: #238758) + * Added new docs provided in this release do debian/docs + + -- Javier Fernandez-Sanguino Pen~a Sat, 3 Jul 2004 16:29:25 +0200 + +samhain (1.8.2-4) unstable; urgency=low + + * Included Japanese translation provided by Hideki Yamane (Closes: #243274) + * Added logfile rotation as suggested by Max Goodman (Closes: #251799) + + -- Javier Fernandez-Sanguino Pen~a Mon, 7 Jun 2004 10:37:04 +0200 + +samhain (1.8.2-3) unstable; urgency=low + + * Added e2fslibs-dev to Build-Depends (Closes: #229851) + + -- Javier Fernandez-Sanguino Pen~a Tue, 27 Jan 2004 23:08:41 +0100 + +samhain (1.8.2-2) unstable; urgency=low + + * Removed redundant dependancy on libgmp3 (lintian error) + + -- Javier Fernandez-Sanguino Pen~a Mon, 26 Jan 2004 22:00:10 +0100 + +samhain (1.8.2-1) unstable; urgency=low + + * New upstream release (Closes: #228958) + * Added more example files contributed under scripts/ to the package. + * Added more documents provided under DOCS/ + * Added README.Debian note about using samhain on sid systems and over + reports generated there (Closes: #226731) + * Sh_unix.c now includes ext2fs/ext2fs.h instead of the Linux kernel headers + (which are bound to break and should not be included by applications + directly) + + -- Javier Fernandez-Sanguino Pen~a Mon, 26 Jan 2004 20:42:55 +0100 + +samhain (1.7.10-4) unstable; urgency=medium + + * Fixed postinst so the database is only initialised if it + does not exist, otherwise it will get appended and will + grow in each upgrade (potentially making samhain slower every + time..) + * Added NEWS file for users suggesting the revision of their + state files due to this unreported bug. + + -- Javier Fernandez-Sanguino Pen~a Sat, 20 Sep 2003 23:13:12 +0200 + +samhain (1.7.10-3) unstable; urgency=low + + * Added dutch po-debconf translation (Closes: #205167) + + -- Javier Fernandez-Sanguino Pen~a Sun, 24 Aug 2003 01:44:14 +0200 + +samhain (1.7.10-2) unstable; urgency=high + + * Updated config.sub and config.guess with latest version (Closes: #203795) + + -- Javier Fernandez-Sanguino Pen~a Sun, 3 Aug 2003 22:19:33 +0200 + +samhain (1.7.10-1) unstable; urgency=low + + * New upstream release (Closes: #199571) + * Moved to debconf po templates (Closes: #203671) + * Added french po translation (Closes: #203672) + + -- Javier Fernandez-Sanguino Pen~a Fri, 1 Aug 2003 17:37:42 +0200 + +samhain (1.7.8-1) unstable; urgency=low + + * New upstream release. + * Modified the debian/rules and debian/docs files in order to adjust + to the upstream changes in the upstream package. + + -- Javier Fernandez-Sanguino Pen~a Sat, 14 Jun 2003 22:26:31 +0200 + +samhain (1.7.1a-6) unstable; urgency=low + + * Added ${shlibs:Depends} since samhain is no longer compiled + staticly (Closes: #196602) + + -- Javier Fernandez-Sanguino Pen~a Sat, 14 Jun 2003 22:11:20 +0200 + +samhain (1.7.1a-5) unstable; urgency=low + + * Now _reall_ removed the samhain.1.todo file + * Added debconf versioned dependancy to ensure start-stop + of samhain. + + -- Javier Fernandez-Sanguino Pen~a Sat, 5 Apr 2003 18:12:21 +0200 + +samhain (1.7.1a-4) unstable; urgency=low + + * Changed from Architecture: all to any. Stupid me. + * Sstrip does not get called any longer (commented out in + # Makefile.in) (Closes: #148453) + * Re-enabled dh_strip + * Removed samhain.1.todo from Debian dir (was getting installed + as a manpage) + * Postinst was not starting properly the samhain database, when + was this removed???? + * Updating year in copyright file + * Improved the description of the package + * Removed dh_undocumented from debian/rules + * Added more info to the README file + * Modified Debian profiel so that nothing gets printed to /dev/console + (PrintSeverity) and so that higher priorities get logged to syslog + + -- Javier Fernandez-Sanguino Pen~a Fri, 4 Apr 2003 20:19:50 +0200 + +samhain (1.7.1a-3) unstable; urgency=low + + * Now Architecture: all (Closes: #178883) + + -- Javier Fernandez-Sanguino Pen~a Thu, 30 Jan 2003 22:33:03 +0100 + +samhain (1.7.1a-2) unstable; urgency=low + + * Added a TODO file + + -- Javier Fernandez-Sanguino Pen~a Fri, 10 Jan 2003 01:59:54 +0100 + +samhain (1.7.1a-1) unstable; urgency=low + + * New upstream release + * Added latest config.sub and config.guess files (Closes: #173073) + * Properly added an init script (I'm considering using the one provided in the package + for all Linux distributions, and have fixed a typo in it, but I'm not sure about doing + it just yet) + * Removed undocumented manpages of binaries no longer present + * Fixed many lintian errors + * Made it 'i386' only, still no clue about the ELF header bug #148453 + + -- Javier Fernandez-Sanguino Pen~a Thu, 9 Jan 2003 20:17:21 +0100 + +samhain (1.6.1-2) unstable; urgency=low + + * Fixed typo in templates (unreported bug sent by Thomas Gebhardt) + * Move template.ru to templates.ru (!) + + -- Javier Fernandez-Sanguino Pen~a Mon, 18 Nov 2002 12:17:34 +0100 + +samhain (1.6.1-1) unstable; urgency=low + + * New upstream release (missed 1.5, oh well...) + * This package installs correctly (Closes: #152925) + * Since yule is no longer installed the "ELF header" bug does no longer stand + (Closes: #148453) + * Fixed upstream's Makefile to clean the binaries properly. + * Added a doc-base file for the manual. + + -- Javier Fernandez-Sanguino Pen~a Fri, 6 Sep 2002 09:52:41 +0200 + +samhain (1.4.7-4) unstable; urgency=low + + * Compiled against libgmp3-dev and changed dependancies (Closes: #151218) + + -- Javier Fernandez-Sanguino Pen~a Sat, 29 Jun 2002 01:08:26 +0200 + +samhain (1.4.7-3) unstable; urgency=low + + * Added libgmp2 depends and build-depends (Closes: #148594) + + -- Javier Fernandez-Sanguino Pen~a Thu, 27 Jun 2002 01:56:05 +0200 + +samhain (1.4.7-2) unstable; urgency=low + + * Changed Makefile to strip and then sstrip (previous buildds did this + and worked for ia64). (Closes: #148463) + * Added (properly) german and russian template files + (Closes: #112158, #136607) + * Modified default samhainrc to properly work for Debian environments + (Closes: #131909) + * This *is* a new release upstream, should have closed this bug + previously (Closes: #148059) + + -- Javier Fernandez-Sanguino Pen~a Wed, 29 May 2002 14:09:56 +0200 + +samhain (1.4.7-1) unstable; urgency=low + + * Latest upstream release (stable) (Closes: + * Added missing dirs to debian/dirs. + * Added init.d as a conffile. + * Moved /var/samhain to /var/log/samhain and also make use of + other directories (/var/run, /var/lock/...) + * Fixed postinst script accordingly. + + -- Javier Fernandez-Sanguino Pen~a Fri, 24 May 2002 19:37:15 +0200 + +samhain (1.3.0-4) unstable; urgency=low + + * Fixed init script to properly run samhain (Closes: #148057) + * Added german template file (Closes: #112158) + + -- Javier Fernandez-Sanguino Pen~a Sun, 30 Dec 2001 17:23:19 +0100 + +samhain (1.3.0-3) unstable; urgency=medium + + * Fixed postinst issue (Closes: #120575) + + -- Javier Fernandez-Sanguino Pen~a Thu, 22 Nov 2001 21:42:30 +0100 + +samhain (1.3.0-2) unstable; urgency=low + + * Fixed positinst (Closes: #115890) + + -- Javier Fernandez-Sanguino Pen~a Tue, 20 Nov 2001 15:59:17 +0100 + +samhain (1.3.0-1) unstable; urgency=low + + * New upstream version. + * Postinst does not fork when creating database (Closes: #115888) + + -- Javier Fernandez-Sanguino Pen~a Mon, 19 Nov 2001 17:06:15 +0100 + +samhain (1.2.6-4) unstable; urgency=high + + * Added debconf note and samhain initialization in background (Closes: #110841) + * Changed section to admin. + + -- Javier Fernandez-Sanguino Pen~a Tue, 4 Sep 2001 19:42:25 +0200 + +samhain (1.2.6-3) unstable; urgency=low + + * Changed configure options so log files are installed in /var (Closes: #110668) + + -- Javier Fernandez-Sanguino Pen~a Thu, 30 Aug 2001 19:06:27 +0200 + +samhain (1.2.6-2) unstable; urgency=low + + * Added --oknodo to the Samhain stop in the init.d file (Closes: #110506) + + -- Javier Fernandez-Sanguino Pen~a Wed, 29 Aug 2001 15:55:44 +0200 + +samhain (1.2.6-1) unstable; urgency=low + + * Initial Release. + + -- Javier Fernandez-Sanguino Pen~a Mon, 20 Aug 2001 20:36:17 +0200 + --- samhain-3.1.0.orig/debian/compat +++ samhain-3.1.0/debian/compat @@ -0,0 +1 @@ +5 --- samhain-3.1.0.orig/debian/config +++ samhain-3.1.0/debian/config @@ -0,0 +1,9 @@ +# Debconf Config Script for samhain +# + +# Let's use debconf. +. /usr/share/debconf/confmodule + +# Show note. +db_input medium samhain/init-log || true +db_go --- samhain-3.1.0.orig/debian/control +++ samhain-3.1.0/debian/control @@ -0,0 +1,31 @@ +Source: samhain +Section: admin +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Javier Fernández-Sanguino Peña +Build-Depends: debhelper (>= 4.1.16), autoconf, procps, libgmp3-dev, e2fslibs-dev, libprelude-dev, libauparse-dev [linux-any], autotools-dev +Standards-Version: 3.5.8 +Homepage: http://la-samhna.de/samhain/index.html + +Package: samhain +Architecture: any +Depends: ${shlibs:Depends}, debconf (>= 1.2.9) | debconf-2.0 +Description: Data integrity and host intrusion alert system + Samhain is an integrity checker and host intrusion detection system that + can be used on single hosts as well as large, UNIX-based networks. + It supports central monitoring as well as powerful (and new) stealth + features to run undetected on memory using steganography. + . + Main features + * Complete integrity check + + uses cryptographic checksums of files to detect + modifications, + + can find rogue SUID executables anywhere on disk, and + * Centralized monitoring + + native support for logging to a central server via encrypted + and authenticated connections + * Tamper resistance + + database and configuration files can be signed + + logfile entries and e-mail reports are signed + + support for stealth operation + . --- samhain-3.1.0.orig/debian/copyright +++ samhain-3.1.0/debian/copyright @@ -0,0 +1,392 @@ +This package was debianized by Javier Fernandez-Sanguino Peña + on Mon, 20 Aug 2001 20:36:17 +0200. + +It was downloaded from http://la-samhna.de/samhain/index.html + +Upstream Author: Rainer Wichmann + +Copyright: (c) 1999-2005 Rainer Wichmann + +Some portions (see below for details) are + + * Copyright (C) Ross Anderson and Eli Biham + * Copyright (C) Matt Bishop + * Copyright (C) Henrik.Johansson@Nexus.Comm.SE + * Copyright (C) 1996-1999 Markus Franz Xaver Johannes Oberhumer + * Copyright (C) 1990, 91, 92, 93, 94 Free Software Foundation, Inc. + * Copyright (c) 2000 Virtual Unlimited B.V. + * Copyright (C) 1995, A.M. Kuchling + * Copyright (C) Eircom Net Computer Incident Response Team + * Copyright (c) 1997-1999 The Stanford SRP Authentication Project + * Copyright (C) 2005 Yoann Vandoorselaere, Prelude IDS Technologies + * Copyright (C) 2003 Red Hat, Inc + * Copyright (C) 1998,2001 Michael H. Buselli + * Copyright (C) 2000,2001,2002 Carnegie Mellon University + * Copyright (C) 2001 Jed Pickel + * Copyright (C) 2001 Andrew R. Baker + * Copyright (C) 2003 Manuel Novoa III + * Copyright (C) 1998 Kenneth Albanowski , + The Silver Hammer Group, Ltd. + * Copyright (c) 1985, 1993, 1994 The Regents of the University of California. + * Copyright (c) 1993 by Digital Equipment Corporation. + * Copyright (c) 1996-1999 by Internet Software Consortium. + * Copyright (c) 1996-2001, The PostgreSQL Global Development Group + * Copyright (C) 1999-2001 by Brian Raiter + * Copyright 1991 by the Massachusetts Institute of Technology + * Copyright (c) 2000-2002 Cable & Wireless Deutschland GmbH + * Copyright (c) 2000-2002 The OpenPKG Project + * Copyright (c) 2000-2002 Ralf S. Engelschall + +License: +-------- + +This program ('samhain') is free software; you can redistribute it +and/or modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 of the +License, or (at your option) any later version. +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You can find a copy of the GNU GPL license in your Debian system under +/usr/share/common-licenses + +Some code has been incorporated from other projects, the following section +describes the licenses of incorporated code. + +Incorporated code +----------------- + + (i) Support for the TIGER cryptographic checksum algorithm + is provided by the reference implementation, which includes + the following statement: + + * Tiger: A Fast New Hash Function + * + * Ross Anderson and Eli Biham + * + * Tiger has no usage restrictions nor patents. It can be used freely, + * with the reference implementation, + * with other implementations or with + * a modification to the reference implementation (as long as it still + * implements Tiger). We only ask you to let us know about your + * implementation and to cite the origin of Tiger and of the reference + * implementation. + * + * The authors' home pages can be found both in + * http://www.cs.technion.ac.il/~biham/ and in + * http://www.cl.cam.ac.uk/users/rja14/. + * The authors' email addresses are biham@cs.technion.ac.il + * and rja14@cl.cam.ac.uk. + + + (ii) Support for testing write access by untrusted users + to any element in the path of a file is provided by the + public domain trustfile library, which includes the following + statement: + + * Author information: + * Matt Bishop + * Department of Computer Science + * University of California at Davis + * Davis, CA 95616-8562 + * phone (916) 752-8060 + * email bishop@cs.ucdavis.edu + * + * This code is placed in the public domain. I do ask that + * you keep my name associated with it, that you not represent + * it as written by you, and that you preserve these comments. + * This software is provided "as is" and without any guarantees + * of any sort. + + (iii) Support for big integer arithmetic is provided by the bignum + package (v. 1.2) by Henrik.Johansson@Nexus.Comm.SE, + which includes the following statement: + + * Everyone is allowed to distribute this package to anyone + * else, as long as all changes are recorded and mentioned. + * If you are including this in a commercial product, be sure + * to distribute _all_ of the package with the product. + * + * (...writing more stuff here later, but I guess everyone + * knows the approximate contents of it - no warranty, no + * charge, and so on. I guess it is like the GNU concept. + * Read that for further details...) + + (iv) Support for compression is provided by the (mini) LZO library, + which includes the following statement: + + * Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer + * Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer + * Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer + * Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer + * + * The LZO library is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * The LZO library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with the LZO library; see the file COPYING. + * If not, write to the Free Software Foundation, Inc., + * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. + * + * Markus F.X.J. Oberhumer + * + * http://wildsau.idv.uni-linz.ac.at/mfx/lzo.html + + (v) Support for determining the type of a file system is provided by + code from the GNU find(1) utility which includes the following statement: + + /* fstype.c -- determine type of filesystems that files are on + Copyright (C) 1990, 91, 92, 93, 94 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301, USA. + */ + + /* Written by David MacKenzie . */ + + + (vi) Support for the MD5 hash algorithm is provided by code + from beecrypt which is distributed under the LGPL. + + /* + * md5.c + * + * MD5 hash function, code + * + * Copyright (c) 2000 Virtual Unlimited B.V. + * + * Author: Bob Deblier + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + * MA 02110-1301, USA. + */ + + (vi) Support for the SHA-1 hash algorithm is provided by code + from mhash which includes the following statement: + + /* sha.c - Implementation of the Secure Hash Algorithm + * + * Copyright (C) 1995, A.M. Kuchling + * + * Distribute and use freely; there are no restrictions on further + * dissemination and usage except those imposed by the laws of your + * country of residence. + * + * Adapted to pike and some cleanup by Niels Möller. + */ + + /* $Id: sha1.c,v 1.2 2001/01/24 08:20:29 nmav Exp $ */ + + /* SHA: NIST's Secure Hash Algorithm */ + + /* Based on SHA code originally posted to sci.crypt by Peter Gutmann + in message <30ajo5$oe8@ccu2.auckland.ac.nz>. + Modified to test for endianness on creation of SHA objects by AMK. + Also, the original specification of SHA was found to have a weakness + by NSA/NIST. This code implements the fixed version of SHA. + */ + + (vii) Support for AVL Trees is provided by code + from AVLTree which includes the following statement: + + /* zAVLTree.h: Header file for zAVLTrees. + * Copyright (C) 1998,2001 Michael H. Buselli + * This is version 0.1.3 (alpha). + * Generated from $Id: xAVLTree.h.sh,v 1.5 2001/06/07 06:58:28 cosine Exp $ + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, + * USA. + * + * The author of this library can be reached at the following address: + * Michael H. Buselli + * 30051 N. Waukegan Rd. Apt. 103 + * Lake Bluff, IL 60044-5412 + * + * Or you can send email to . + * The official web page for this product is: + * http://www.cosine.org/project/AVLTree/ + */ + + (viii) The modules sh_userfiles.c and sh_mounts.c have been + contributed by Eircom Net Computer Incident Response Team and + are authored by Jerry Connolly and Cian Synnott, respectively. + + They are released under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version: + + "Feel free to GPL those files - + they were fully released by our company to the project. + + Cian + + -- + Cian Synnott + Eircom Net Computer Incident Response Team" + + (ix) Enhanced functionality for the SUID check has been + contributed with a patch copyright by Rob Rati . + The patch is licensed under the GPL with the following statement: + + "Here is the patch with the aforementioned feature enhancements, and I + license all changes within this patch under the GNU Public License (GPL) + GNU General Public License as published by the Free Software Foundation; + either version 2 of the License, or (at your option) any later version." + + This package has been compiled to use the SRP authentication algorithm + (in an independent implementation, without any use of code from the + original SRP software). + The original SRP software contains the following license statement: + + The SRP License + --------------- + + SRP and all related technologies are free for both commercial and + non-commercial use. They are distributed under a standard + X11-style Open Source license which is shown below. + + The SRP distribution contains parts from various freeware + packages; these parts fall under both the SRP Open Source license + and any existing licenses. Care has been taken to ensure that + these licenses are compatible with Open Source distribution, + but it is the responsibility of the licensee to comply with these + licenses. The file "Copyrights" contains a list of the copyrights + incorporated by portions of the software. + + This software is covered under the following copyright: + + /* + * Copyright (c) 1997-1999 The Stanford SRP Authentication Project + * All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, + * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY + * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + * + * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL, + * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER + * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF + * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT + * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * In addition, the following conditions apply: + * + * 1. Any software that incorporates the SRP authentication technology + * must display the following acknowlegment: + * "This product uses the 'Secure Remote Password' cryptographic + * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)." + * + * 2. Any software that incorporates all or part of the SRP distribution + * itself must also display the following acknowledgment: + * "This product includes software developed by Tom Wu and Eugene + * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)." + * + * 3. Redistributions in source or binary form must retain an intact copy + * of this copyright notice and list of conditions. + */ + + + Prelude library is: + + /* + * Copyright (C) 2005 Yoann Vandoorselaere, Prelude IDS Technologies + * Rainer Wichmann + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; see the file COPYING. If not, write to + * the Free Software Foundation, 51 Franklin St, Fifth Floor, Boston, + * MA 02110-1301, USA. + * + */ + + Samhain also includes code from the GNOME vfs library: + +/* gnome-vfs-unix-mounts.c - read and monitor fstab/mtab + + Copyright (C) 2003 Red Hat, Inc + + The Gnome Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The Gnome Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the Gnome Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, + Boston, MA 02110-1301, USA. + + Author: Alexander Larsson +*/ + + --- samhain-3.1.0.orig/debian/dirs +++ samhain-3.1.0/debian/dirs @@ -0,0 +1,7 @@ +usr/sbin +usr/share/doc/samhain +etc/init.d +etc/samhain +var/log/samhain +var/lib/samhain +etc/logrotate.d --- samhain-3.1.0.orig/debian/docs +++ samhain-3.1.0/debian/docs @@ -0,0 +1,20 @@ +README +test/testtiger.txt +src/simple-bignum.tar.bz2 +samhain.jpg +docs/FAQ.html +docs/BUGS +docs/HOWTO-client+server.html +docs/HOWTO-client+server-troubleshooting.html +docs/HOWTO-samhain+GnuPG.html +docs/HOWTO-write-modules.html +docs/MANUAL-2_3.html.tar +docs/MANUAL-2_3.pdf +docs/README +docs/README.gcc_bug +docs/README.LZO +docs/README.sstrip +docs/README.UPGRADE +docs/sh_mounts.txt +docs/sh_userfiles.txt +docs/TODO --- samhain-3.1.0.orig/debian/po/POTFILES.in +++ samhain-3.1.0/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates --- samhain-3.1.0.orig/debian/po/cs.po +++ samhain-3.1.0/debian/po/cs.po @@ -0,0 +1,39 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2005-02-09 20:51+0100\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-2\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Inicializace Samhainu" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"Nyn bude inicializovna databze Samhainu. Veker chyby s inicializac " +"spojen budou uchovny v souboru /var/log/samhain/samhain-init.log." --- samhain-3.1.0.orig/debian/po/da.po +++ samhain-3.1.0/debian/po/da.po @@ -0,0 +1,35 @@ +# Danish translation Samhain. +# Copyright (C) 2010 Samhain & nedenstående oversættere. +# This file is distributed under the same license as the Samhain package. +# Joe Hansen , 2010. +# +msgid "" +msgstr "" +"Project-Id-Version: Samhain\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2010-02-20 10:31+0100\n" +"PO-Revision-Date: 2010-06-17 17:30+01:00\n" +"Last-Translator: Joe Hansen \n" +"Language-Team: Danish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Samhain initialization" +msgstr "Initialisering af Samhain" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"Databasen brugt til Samhain vil blive initialiseret nu. Alle fejl/beskeder " +"angående denne initialisering kan ses i /var/log/samhain/samhain-" +"init.log" + --- samhain-3.1.0.orig/debian/po/de.po +++ samhain-3.1.0/debian/po/de.po @@ -0,0 +1,40 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 1.7.10-1\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2003-08-01 16:40+0200\n" +"Last-Translator: Sebastian Feltel \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Initialisierung von Samhain" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"Die Datenbank fr Samhain wird jetzt initialisiert. Fehlermeldungen und " +"Hinweise dazu knnen Sie in der Datei /var/log/samhain/samhain-init.log " +"nachlesen." --- samhain-3.1.0.orig/debian/po/es.po +++ samhain-3.1.0/debian/po/es.po @@ -0,0 +1,41 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 1.7.10-1\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2003-08-01 16:40+0200\n" +"Last-Translator: Javier Fernandez-Sanguino \n" +"Language-Team: Spanish translation list \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Inicializacin de Samhain" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"Se va a inicializar ahora la base de datos utilizada por Samhain. Cualquier " +"error o mensaje de esta inicializacin puede ser consultado en /var/log/" +"samhain/samhain-init.log" --- samhain-3.1.0.orig/debian/po/fr.po +++ samhain-3.1.0/debian/po/fr.po @@ -0,0 +1,38 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain_1.7.1a-6\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2003-07-29 06:58+0200\n" +"Last-Translator: Michel Grentzinger \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Initialisation de Samhain" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"La base de donnes utilise pour Samhain va maintenant tre initialise. Les " +"messages et les erreurs relatifs cette initialisation seront consigns " +"dans /var/log/samhain/samhain-init.log." --- samhain-3.1.0.orig/debian/po/it.po +++ samhain-3.1.0/debian/po/it.po @@ -0,0 +1,32 @@ +# samhain po-debconf translation to italian +# Copyright (C) 2004 Software in the Public Interest +# This file is distributed under the same license as the samhain package. +# Luca Monducci , 2004. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 1.8.9 debconf templates\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2004-11-07 14:51+0100\n" +"Last-Translator: Luca Monducci \n" +"Language-Team: Italian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Inizializzazione di Samhain" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"Adesso verrà inizializzato il database usato da Samhain. Qualsiasi errore " +"o messaggio relativo a questa inizializzazione può essere consultato in " +"/var/log/samhain/samhain-init.log" --- samhain-3.1.0.orig/debian/po/ja.po +++ samhain-3.1.0/debian/po/ja.po @@ -0,0 +1,42 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 1.8.2-3\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2004-04-12 15:07+0900\n" +"PO-Revision-Date: 2004-04-12 15:18+0900\n" +"Last-Translator: Hideki Yamane \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=EUC-JP\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "samhain ν" + +#. Type: note +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"samhain ǻѤǡ١ޤν˴ؤ륨顼" +" /var/log/samhain/samhain-init.log dzǧǤޤ" --- samhain-3.1.0.orig/debian/po/nl.po +++ samhain-3.1.0/debian/po/nl.po @@ -0,0 +1,40 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2003-08-12 17:16+0100\n" +"Last-Translator: Bart Cornelis \n" +"Language-Team: dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Samhain initializatie" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"De voor Samhain gebruikte database zal nu genitializeerd worden. Alle " +"foutmelding betreffende deze initializatie vind u terug in /var/log/samhain/" +"samhain-init.log" --- samhain-3.1.0.orig/debian/po/pt.po +++ samhain-3.1.0/debian/po/pt.po @@ -0,0 +1,33 @@ +# Portuguese translation for samhain debconf messages. +# This file is distributed under the same license as the samhain package. +# Luísa Lourenço , 2006 +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 2.2.0-2\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2006-06-28 08:43-0600\n" +"PO-Revision-Date: 2006-08-04 14:48+0000\n" +"Last-Translator: Luísa Lourenço \n" +"Language-Team: Native Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Inicialização do Samhain" + +#. Type: note +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"A base de dados usada pelo Samhain será inicializada agora. Quaisquer " +"erros/mensagens acerca desta inicialização podem ser recuperadas em " +"/var/log/samhain/samhain-init.log" --- samhain-3.1.0.orig/debian/po/pt_BR.po +++ samhain-3.1.0/debian/po/pt_BR.po @@ -0,0 +1,36 @@ +# Debconf translations for samhain. +# Copyright (C) 2011 THE samhain'S COPYRIGHT HOLDER +# This file is distributed under the same license as the samhain package. +# Flamarion Jorge , 2011. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 2.6.2-1\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2010-02-20 10:31+0100\n" +"PO-Revision-Date: 2011-03-19 11:17-0300\n" +"Last-Translator: Flamarion Jorge \n" +"Language-Team: Brazilian Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: pt_BR\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Samhain initialization" +msgstr "Inicialização do Samhain" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"O banco de dados usado pelo Samhain será inicializado agora. Quaisquer erros/" +"mensagens relacionadas a essa inicialização podem ser recuperados a partir " +"de /var/log/samhain/samhain-init.log" --- samhain-3.1.0.orig/debian/po/ru.po +++ samhain-3.1.0/debian/po/ru.po @@ -0,0 +1,40 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 1.7.10-1\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2003-08-01 16:40+0200\n" +"Last-Translator: Ilgiz Kalmetev \n" +"Language-Team: Russian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=KOI8-R\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr " Samhain" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +" , Samhain, . " +"/ /var/" +"log/samhain/samhain-init.log" --- samhain-3.1.0.orig/debian/po/sv.po +++ samhain-3.1.0/debian/po/sv.po @@ -0,0 +1,39 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# , fuzzy +# +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 2.0.9-1\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2005-10-05 05:34+0200\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Samhain frbereder sig" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" +"Databasen som anvnds fr Samhain kommer att frberedas nu. Alla fel/meddelanden " +"som denna process kan hmtas frn /var/log/samhain/samhain-init.log" + --- samhain-3.1.0.orig/debian/po/templates.pot +++ samhain-3.1.0/debian/po/templates.pot @@ -0,0 +1,38 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "" --- samhain-3.1.0.orig/debian/po/vi.po +++ samhain-3.1.0/debian/po/vi.po @@ -0,0 +1,30 @@ +# Vietnamese translation for samhain. +# Copyright © 2005 Free Software Foundation, Inc. +# Clytie Siddall , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: samhain 2.0.2a-2\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2003-07-26 22:57+0200\n" +"PO-Revision-Date: 2005-07-12 16:26+0930\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0\n" +"X-Generator: LocFactoryEditor 1.2.2\n" + +#. Description +#: ../templates:3 +msgid "Samhain initialization" +msgstr "Khởi động Samhain" + +#. Description +#: ../templates:3 +msgid "" +"The database used for Samhain will be initialized now. Any errors/messages " +"regarding this initialization can be recovered from /var/log/samhain/samhain-" +"init.log" +msgstr "Lúc này sẽ khởi tạo cơ sở dữ liệu được dùng cho Samhain. Có thể phục hồi thông tin lỗi / thông điệp nào về việc khởi tạo này từ bản ghi «/var/log/samhain/samhain-init.log»." --- samhain-3.1.0.orig/debian/postinst +++ samhain-3.1.0/debian/postinst @@ -0,0 +1,28 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule +test $DEBIAN_SCRIPT_DEBUG && set -v -x + + +case "$1" in + install) + ;; + upgrade) + ;; + configure) + # Do not do anything. In the past we setup samhain's database but + # that would send a mail to root on installation and was determined + # to be unwise (see Debian Bug #749602) + ;; + abort-upgrade|abort-remove|abort-deconfigure) + ;; + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + + +#DEBHELPER# + +exit 0 --- samhain-3.1.0.orig/debian/postrm +++ samhain-3.1.0/debian/postrm @@ -0,0 +1,31 @@ +#! /bin/sh +# postrm script for samhain +# +# see: dh_installdeb(1) + +set -e + +case "$1" in + purge) + for dir in /var/log/samhain/supervise /var/log/samhain /var/lib/samhain /var/run/samhain /var/state/samhain + do + [ -d "$dir" ] && { + find $dir -type f -exec rm -f {} \; + rmdir $dir + } + done + + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) +# Do nothing + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# --- samhain-3.1.0.orig/debian/preinst +++ samhain-3.1.0/debian/preinst @@ -0,0 +1,26 @@ +# Preinstall file for samhain + + +case "$1" in + install|upgrade) +# If there are files in /var/state from previous version of Samhain +# them move all the files and remove the old directory (deprecated since +# 3.1.0-7) + if [ -e /var/state/samhain/ ] ; then + [ ! -e /var/lib/samhain ] && mkdir -p /var/lib/samhain + mv /var/state/samhain/* /var/lib/samhain + rmdir /var/state/samhain/ || true + fi + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + + +#DEBHELPER# + +exit 0 --- samhain-3.1.0.orig/debian/rules +++ samhain-3.1.0/debian/rules @@ -0,0 +1,187 @@ +#!/usr/bin/make -f +# debian/rules for samhain +# Copyright (C) 2001 to 2003 by Javier Fernandez-Sanguino +# based on +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# This is the debhelper compatability version to use. +# export DH_COMPAT=5 + +# Disable dnmalloc for most architectures except for +# those known to work (i386 and amd64). +# For more information see: +# http://www.la-samhna.de/samhain/manual/dnmalloc.html +ifeq (linux,$(DEB_HOST_ARCH_OS)) +ifeq (amd64,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else ifeq (i386,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else +DNMALLOC = --disable-dnmalloc +endif +else +ifeq (amd64,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else ifeq (i386,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else +DNMALLOC = --disable-dnmalloc +endif +endif + +ifeq (x86_64,$(DEB_HOST_GNU_CPU)) +DISABLE_ASM = --disable-asm +endif + +build: build-stamp +build-stamp: + dh_testdir +# dh_autoreconf +ifneq "$(wildcard /usr/share/misc/config.sub)" "" + cp -f config.sub config.sub.orig + cp -f /usr/share/misc/config.sub config.sub +endif +ifneq "$(wildcard /usr/share/misc/config.guess)" "" + cp -f config.guess config.guess.orig + cp -f /usr/share/misc/config.guess config.guess +endif + ./configure --prefix=/usr --mandir=\$${prefix}/share/man \ + --with-config-file=/etc/samhain/samhainrc \ + --with-state-dir=/var/lib/samhain \ + --with-prelude \ + $(DNMALLOC) \ + $(DISABLE_ASM) \ + --enable-network=no \ + --with-pid-file=/var/run/samhain/samhain.pid \ + --with-log-file=/var/log/samhain/samhain.log + $(MAKE) + touch build-stamp + +# Builds the server (Yule) +# See http://www.la-samhna.de/samhain/manual/yule.html +build-server: build-server-stamp +build-server-stamp: + dh_testdir +# dh_autoreconf + ./configure --prefix=/usr --mandir=\$${prefix}/share/man \ + --with-config-file=/etc/yule/yulerc \ + --with-state-dir=/var/lib/yule \ + --with-prelude \ + $(DNMALLOC) \ + --enable-network=server \ + --with-pid-file=/var/run/samhain/yule.pid \ + --with-log-file=/var/log/samhain/yule.log + $(MAKE) + touch build-server-stamp + +# Build the Samhain client +build-client: build-client-stamp +build-client-stamp: + dh_testdir +# dh_autoreconf + ./configure --prefix=/usr --mandir=\$${prefix}/share/man \ + --with-config-file=/etc/samhain/samhainrc \ + --with-state-dir=/var/lib/samhain \ + --with-prelude \ + $(DNMALLOC) \ + --enable-network=client \ + --with-pid-file=/var/run/samhain/samhain.pid \ + --with-log-file=/var/log/samhain/samhain.log + $(MAKE) + touch build-client-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp build-server-stamp build-client-stamp + -[ -f Makefile ] && $(MAKE) distclean + [ ! -f config.sub.orig ] || mv -f config.sub.orig config.sub + [ ! -f config.guess.orig ] || mv -f config.guess.orig config.guess + dh_clean + +# TODO: create install targets for client and server +install: build + dh_testdir + dh_testroot +# dh_autoreconf_clean + dh_clean -k + dh_installdirs + # Fix the permissions + chmod o-rX `pwd`/debian/samhain/var/log/samhain \ + `pwd`/debian/samhain/var/lib/samhain \ + `pwd`/debian/samhain/etc/samhain + + $(MAKE) install install-boot DESTDIR=`pwd`/debian/samhain + # However, remove the rc.d links + -rm -rf `pwd`/debian/samhain/etc/rc?.d + + # We no longer copy it, it does not seem useful +# install -m 755 encode `pwd`/debian/samhain/usr/bin/samhain_encode + # This one should be used, the default one provides + # much more configuration options which will make warnings appear + # in a stock Debian system, it is patched, however + install -m 640 debian/samhainrc `pwd`/debian/samhain/etc/samhain/samhainrc + install -m 644 debian/samhain.logrotate.d `pwd`/debian/samhain/etc/logrotate.d/samhain + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install +# dh_testversion + dh_testdir + dh_testroot + dh_installdebconf + dh_installdocs + [ -f debian/samhain/usr/share/doc/samhain/MANUAL-2_3.html.tar ] && \ + cd debian/samhain/usr/share/doc/samhain && \ + tar xf MANUAL-2_3.html.tar && mv MANUAL-2_3 manual.html && \ + rm -f MANUAL-2_3.html.tar + dh_installexamples scripts/example_pager.pl \ + scripts/example_sms.pl \ + yulerc.template \ + samhainrc.linux \ + scripts/README \ + scripts/samhainadmin.pl \ + scripts/samhain.cgi \ + scripts/samhain.xsl \ + scripts/samhain.dtd \ + scripts/chroot.sh \ + scripts/*spec + dh_installmenu + dh_installinit -- defaults 19 + dh_installman man/samhain.8 man/samhainrc.5 + dh_installchangelogs docs/Changelog + dh_link + dh_strip + # Remove /var/run/samhain from the package, it is created by the init script + -rm -rf `pwd`/debian/samhain/var/run/samhain + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +get-orig-source: + @echo "Retrieving source" + wget -q -O samhain-current.tar.gz http://la-samhna.de/samhain/samhain-current.tar.gz + @echo "Extracting source" + tar -zxf samhain-current.tar.gz + @echo "Verifying source" + # Take the latest version + file=`tar -ztf samhain-current.tar.gz |grep -v asc | head -1`; \ + gpgfile=`tar -ztf samhain-current.tar.gz |grep asc | head -1`; \ + newfile=`echo $$file | sed -e 's/-/_/; s/\.tar/.orig.tar/'`; \ + mv $$file $$newfile; \ + gpg -q --verify $$gpgfile $$newfile + rm -f samhain-current.tar.gz + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- samhain-3.1.0.orig/debian/samhain.doc-base +++ samhain-3.1.0/debian/samhain.doc-base @@ -0,0 +1,16 @@ +Document: samhain-manual +Title: Samhain Manual +Author: Rainer Wichmann +Abstract: This manual describes what samhain is + and how it can be used to check the file integrity of your + server. +Section: System/Security + + +Format: PDF +Files: /usr/share/doc/samhain/MANUAL-2_3.pdf.gz + +Format: HTML +Index: /usr/share/doc/samhain/manual.html/index.html +Files: /usr/share/doc/samhain/manual.html/*.html + --- samhain-3.1.0.orig/debian/samhain.init +++ samhain-3.1.0/debian/samhain.init @@ -0,0 +1,120 @@ +#! /bin/sh +# +# Init.d file for Samhain, based on the example init.d file written by +# Miquel van Smoorenburg and modified for Debian GNU/Linux by Ian Murdock +# +### BEGIN INIT INFO +# Provides: samhain +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +### END INIT INFO +# + +prefix="/usr" +exec_prefix="${prefix}" + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=${exec_prefix}/sbin/samhain +NAME=samhain +DESC="file integrity checker" +PIDFILE=/var/run/${NAME}/${NAME}.pid + +test -x $DAEMON || exit 0 + +. /lib/lsb/init-functions + +set -e + +# Check if a daemon is running +running() +{ +# Check with pidfile first, if available + if [ -r "$PIDFILE" ] ; then + pid=`cat $PIDFILE` +# No pid, probably no daemon present + if [ -n "$pid" ] ; then + pidofproc -p $PIDFILE $DAEMON + return $? + fi + fi +# Try to find the daemon by name + pidof $DAEMON >/dev/null + return $? +} + +# Initialize +init_db() +{ +# Initialize the database only if does not exist yet, abort if +# it cannot be created + [ -f /var/lib/samhain/samhain_file ] && return + log_progress_msg "Creating integrity database (this can take some minutes)." + samhain -t init >/var/log/samhain/samhain-init.log 2>&1 + if [ ! -f /var/lib/samhain/samhain_file ] ; then + log_failure_msg "Database could not be created. Review /var/log/samhain/samhain-init.log" + log_end_msg 1 + exit 1 + fi + log_progress_msg "Database created." +} + + + +case "$1" in + start) + [ ! -e /var/run/${NAME} ] && mkdir -p /var/run/${NAME} + log_begin_msg "Starting $DESC: $NAME" + init_db + start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON + log_end_msg $? + ;; + stop) + log_begin_msg "Stopping $DESC: $NAME" + start-stop-daemon --stop --quiet --retry 5 --oknodo --pidfile $PIDFILE --name $NAME + log_end_msg $? + ;; + reload) + log_begin_msg "Reloading $DESC configuration files: $NAME" + if running ; then + start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON + log_end_msg $? + else + log_daemon_msg " ERROR: $DAEMON is not running." + log_end_msg 1 + fi + + ;; + restart|force-reload) + log_begin_msg "Restarting $DESC: $NAME" + if running; then + start-stop-daemon --stop --quiet --retry 5 --oknodo --pidfile $PIDFILE --name $NAME + for i in 1 2 3 ; do + if ! running; then break ; fi + sleep 1 + done + fi + if ! running ; then + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON + log_end_msg $? + else + log_daemon_msg " ERROR: $DAEMON did not die in the expected time, will not restart/force-reload" + log_end_msg 1 + fi + ;; + status) + if [ -e $PIDFILE ] ; then + status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $? + else + status_of_proc $DAEMON $NAME && exit 0 || exit $? + fi + ;; + *) + N=/etc/init.d/${0##*/} + echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 --- samhain-3.1.0.orig/debian/samhain.logrotate.d +++ samhain-3.1.0/debian/samhain.logrotate.d @@ -0,0 +1,14 @@ +/var/log/samhain/*.log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + if [ -f /var/run/samhain/samhain.pid ]; then \ + /etc/init.d/samhain reload > /dev/null; fi + endscript +} --- samhain-3.1.0.orig/debian/samhainrc +++ samhain-3.1.0/debian/samhainrc @@ -0,0 +1,708 @@ +##################################################################### +# +# Configuration file template for samhain. +# +##################################################################### +# +# -- empty lines and lines starting with '#', ';' or '//' are ignored +# -- boolean options can be Yes/No or True/False or 1/0 +# -- you can PGP clearsign this file -- samhain will check (if compiled +# with support) or otherwise ignore the signature +# -- CHECK mail address +# +# To each log facility, you can assign a threshold severity. Only +# reports with at least the threshold severity will be logged +# to the respective facility (even further below). +# +##################################################################### +# +# SETUP for file system checking: +# +# (i) There are several policies, each has its own section. Put files +# into the section for the appropriate policy (see below). +# (ii) Section [EventSeverity]: +# To each policy, you can assign a severity (further below). +# (iii) Section [Log]: +# To each log facility, you can assign a threshold severity. Only +# reports with at least the threshold severity will be logged +# to the respective facility (even further below). +# +##################################################################### + +##################################################################### +# +# Files are defined with: file = /absolute/path +# +# Directories are defined with: dir = /absolute/path +# or with an optional recursion depth (N <= 99): dir = N/absolute/path +# +# Directory inodes are checked. If you only want to check files +# in a directory, but not the directory inode itself, use (e.g.): +# +# [ReadOnly] +# dir = /some/directory +# [IgnoreAll] +# file = /some/directory +# +# You can use shell-style globbing patterns, like: file = /path/foo* +# +###################################################################### + +[Misc] +## +## Add or subtract tests from the policies +## - if you want to change their definitions, +## you need to do that before using the policies +## +# RedefReadOnly = (no default) +# RedefAttributes=(no default) +# RedefLogFiles=(no default) +# RedefGrowingLogFiles=(no default) +# RedefIgnoreAll=(no default) +# RedefIgnoreNone=(no default) +# RedefUser0=(no default) +# RedefUser1=(no default) + +[Attributes] +## +## for these files, only changes in permissions and ownership are checked +## +file=/etc/mtab +file=/etc/ssh_random_seed +file=/etc/asound.conf +file=/etc/resolv.conf +file=/etc/localtime +file=/etc/ioctl.save +file=/etc/passwd.backup +file=/etc/shadow.backup +file=/etc/postfix/prng_exch +file=/etc/adjtime +file=/etc/network/run/ifstate +file=/etc/lvm/.cache +file=/etc/ld.so.cache + +# +# There are files in /etc that might change, thus changing the directory +# timestamps. Put it here as 'file', and in the ReadOnly section as 'dir'. +# +file=/etc + +[LogFiles] +## +## for these files, changes in signature, timestamps, and size are ignored +## +file=/var/run/utmp +file=/etc/motd + + + +##################################################################### +# +# This would be the proper syntax for parts that should only be +# included for certain hosts. +# You may enclose anything in a @HOSTNAME/@end bracket, as long as the +# result still has the proper syntax for the config file. +# You may have any number of @HOSTNAME/@end brackets. +# HOSTNAME should be the fully qualified 'official' name +# (e.g. 'nixon.watergate.com', not 'nixon'), no aliases. +# No IP number - except if samhain cannot determine the +# fully qualified hostname. +# +# @HOSTNAME +# file=/foo/bar +# @end +# +# These are two examples for conditional inclusion/exclusion +# of a machine based on the output from 'uname -srm' +# +# $Linux:2.*.7:i666 +# file=/foo/bar3 +# $end +# +# !$Linux:2.*.7:i686 +# file=/foo/bar2 +# $end +# +##################################################################### + +[GrowingLogFiles] +## +## for these files, changes in signature, timestamps, and increase in size +## are ignored +## +file=/var/log/warn +file=/var/log/messages +file=/var/log/wtmp +file=/var/log/faillog +file=/var/log/auth.log +file=/var/log/daemon.log +file=/var/log/user.log +file=/var/log/kern.log +file=/var/log/syslog + + +[IgnoreAll] +## +## for these files, no modifications are reported +## +## This file might be created or removed by the system sometimes. +## +file=/etc/resolv.conf.pcmcia.save +file=/etc/nologin +file=/etc/network/run + + +[IgnoreNone] +## +## for these files, all modifications (even access time) are reported +## - you may create some interesting-looking file (like /etc/safe_passwd), +## just to watch whether someone will access it ... +## + +[Prelink] +## +## Use for prelinked files or directories holding them +## + + +[ReadOnly] +## +## for these files, only access time is ignored +## +dir=/usr/bin +dir=/bin +dir=/boot +# +# SuSE (old) has the boot init scripts in /sbin/init.d/*, +# so we go 3 levels deep +# +dir=3/sbin +dir=/usr/sbin +dir=/lib +# +# RedHat and Debian have the bootinit scripts in /etc/init.d/* or /etc/rc.d/*, +# so we go 3 levels deep there too +# +dir=3/etc + +# Various directories / files that may include / be SUID/SGID binaries +# +# +file=/usr/lib/pt_chown +# X11, in Debian X7 this is now a symlink +#dir=/usr/X11R6/bin +#dir=/usr/X11R6/lib/X11/xmcd/bin +# Apache: +#file=/usr/lib/apache/suexec +#file=/usr/lib/apache/suexec.disabled +# Extra directories: +#dir=/opt/gnome/bin +#dir=/opt/kde/bin + +[User0] +[User1] +## User0 and User1 are sections for files/dirs with user-definable checking +## (see the manual) + + +[EventSeverity] +## +## Here you can assign severities to policy violations. +## If this severity exceeds the treshold of a log facility (see below), +## a policy violation will be logged to that facility. +## +## Severity for verification failures. +## +# SeverityReadOnly=crit +# SeverityLogFiles=crit +# SeverityGrowingLogs=crit +# SeverityIgnoreNone=crit +# SeverityAttributes=crit +# SeverityUser0=crit +# SeverityUser1=crit + +# Default behaviour +SeverityReadOnly=crit +SeverityLogFiles=crit +SeverityGrowingLogs=warn +SeverityIgnoreNone=crit +SeverityAttributes=crit + + +## +## We have a file in IgnoreAll that might or might not be present. +## Setting the severity to 'info' prevents messages about deleted/new file. +## +# SeverityIgnoreAll=crit +SeverityIgnoreAll=info + +## Files : file access problems +# SeverityFiles=crit + +## Dirs : directory access problems +# SeverityDirs=crit + +## Names : suspect (non-printable) characters in a pathname +# SeverityNames=crit + +# Default behaviour +SeverityFiles=crit +SeverityDirs=crit +SeverityNames=warn + + +[Log] +## +## Switch on/OFF log facilities and set their threshold severity +## +## Values: debug, info, notice, warn, mark, err, crit, alert, none. +## 'mark' is used for timestamps. +## +## +## Use 'none' to SWITCH OFF a log facility +## +## By default, everything equal to and above the threshold is logged. +## The specifiers '*', '!', and '=' are interpreted as +## 'all', 'all but', and 'only', respectively (like syslogd(8) does, +## at least on Linux). Examples: +## MailSeverity=* +## MailSeverity=!warn +## MailSeverity==crit + +## E-mail +## +# MailSeverity=none + +## Console +## +# PrintSeverity=info + +## Logfile +## +# LogSeverity=mark + +## Syslog +## +# SyslogSeverity=none + +## Remote server (yule) +## +# ExportSeverity=none + +## External script or program +## +# ExternalSeverity = none + +## Logging to a database +## +# DatabaseSeverity = none + +# Default behaviour +MailSeverity=crit +PrintSeverity=none +LogSeverity=info +SyslogSeverity=alert +ExportSeverity=none + + + + + +##################################################### +# +# Optional modules +# +##################################################### + +# [SuidCheck] +## +## --- Check the filesystem for SUID/SGID binaries +## + +## Switch on +# +# SuidCheckActive = yes + +## Interval for check (seconds) +# +# SuidCheckInterval = 7200 + +## Alternative: crontab-like schedule +# +# SuidCheckSchedule = NULL + +## Directory to exclude +# +# SuidCheckExclude = NULL + +## Limit on files per second (0 == no limit) +# +# SuidCheckFps = 0 + +## Alternative: yield after every file +# +# SuidCheckYield = no + +## Severity of a detection +# +# SeveritySuidCheck = crit + +## Quarantine SUID/SGID files if found +# +# SuidCheckQuarantineFiles = yes + +## Method for Quarantining files: +# 0 - Delete or truncate the file. +# 1 - Remove SUID/SGID permissions from file. +# 2 - Move SUID/SGID file to quarantine dir. +# +# SuidCheckQuarantineMethod = 0 + +## For method 1 and 3, really delete instead of truncating +# +# SuidCheckQuarantineDelete = yes + +# [Kernel] +## +## --- Check for loadable kernel module rootkits (Linux/FreeBSD only) +## + +## Switch on/off +# +# KernelCheckActive = True + +## Check interval (seconds); btw., the check is VERY fast +# +# KernelCheckInterval = 300 + +## Severity +# +# SeverityKernel = crit + + +# [Utmp] +## +## --- Logging of login/logout events +## + +## Switch on/off +# +# LoginCheckActive = True + +## Severity for logins, multiple logins, logouts +# +# SeverityLogin=info +# SeverityLoginMulti=warn +# SeverityLogout=info + +## Interval for login/logout checks +# +# LoginCheckInterval = 300 + + +# [Database] +## +## --- Logging to a relational database +## + +## Database name +# +# SetDBName = samhain + +## Database table +# +# SetDBTable = log + +## Database user +# +# SetDBUser = samhain + +## Database password +# +# SetDBPassword = (default: none) + +## Database host +# +# SetDBHost = localhost + +## Log the server timestamp for received messages +# +# SetDBServerTstamp = True + +## Use a persistent connection +# +# UsePersistent = True + +# [External] +## +## Interface to call external scripts/programs for logging +## + +## The absolute path to the command +## - Each invocation of this directive will end the definition of the +## preceding command, and start the definition of +## an additional, new command +# +# OpenCommand = (no default) + +## Type (log or rv) +## - log for log messages, srv for messages received by the server +# +# SetType = log + +## The command (full command line) to execute +# +# SetCommandLine = (no default) + +## The environment (KEY=value; repeat for more) +# +# SetEnviron = TZ=(your timezone) + +## The TIGER192 checksum (optional) +# +# SetChecksum = (no default) + +## User who runs the command +# +# SetCredentials = (default: samhain process uid) + +## Words not allowed in message +# +# SetFilterNot = (none) + +## Words required (ALL of them) +# +# SetFilterAnd = (none) + +## Words required (at least one) +# +# SetFilterOr = (none) + +## Deadtime between consecutive calls +# +# SetDeadtime = 0 + +## Add default environment (HOME, PATH, SHELL) +# +# SetDefault = no + + +##################################################### +# +# Miscellaneous configuration options +# +##################################################### + +[Misc] + +## whether to become a daemon process +## (this is not honoured on database initialisation) +# +# Daemon = no +Daemon = yes + +## whether to test signature of files (init/check/none) +## - if 'none', then we have to decide this on the command line - +# +# ChecksumTest = none +ChecksumTest=check + +## whether to drop linux capabilities that are not required +## - will make a root process a 'mere mortal' in many respects +# +# UseCaps = yes + +## Set nice level (-19 to 19, see 'man nice'), +## and I/O limit (kilobytes per second; 0 == off) +## to reduce load on host. +# +# SetNiceLevel = 0 +# SetIOLimit = 0 + +## The version string to embed in file signature databases +# +# VersionString = NULL + +## Interval between time stamp messages +# +# SetLoopTime = 60 +SetLoopTime = 600 + +## Interval between file checks +# +# SetFileCheckTime = 600 +SetFileCheckTime = 7200 + +## Alternative: crontab-like schedule +# +# FileCheckScheduleOne = NULL + +## Alternative: crontab-like schedule(2) +# +# FileCheckScheduleTwo = NULL + +## Report only once on modified fles +## Setting this to 'FALSE' will generate a report for any policy +## violation (old and new ones) each time the daemon checks the file system. +# +# ReportOnlyOnce = True + +## Report in full detail +# +# ReportFullDetail = False + +## Report file timestamps in local time rather than GMT +# +# UseLocalTime = No + +## The console device (can also be a file or named pipe) +## - There are two console devices. Accordingly, you can use +## this directive a second time to set the second console device. +## If you have not defined the second device at compile time, +## and you don't want to use it, then: +## setting it to /dev/null is less effective than just leaving +## it alone (setting to /dev/null will waste time by opening +## /dev/null and writing to it) +# +# SetConsole = /dev/console + +## Activate the SysV IPC message queue +# +# MessageQueueActive = False + + +## If false, skip reverse lookup when connecting to a host known +## by name rather than IP address (i.e. trust the DNS) +# +# SetReverseLookup = True + +## --- E-Mail --- + +# Only highest-level (alert) reports will be mailed immediately, +# others will be queued. Here you can define, when the queue will +# be flushed (Note: the queue is automatically flushed after +# completing a file check). +# +SetMailTime = 86400 + +## Maximum number of mails to queue +# +SetMailNum = 10 + +## Recipient (max. 8) +# +SetMailAddress=root@localhost + +## Mail relay (IP address) +# +SetMailRelay = localhost + +## Custom subject format +# +MailSubject = [Samhain at %H] %T: %S + +## --- end E-Mail --- + +## Path to the prelink executable +# +# SetPrelinkPath = /usr/sbin/prelink + +## TIGER192 checksum of the prelink executable +# +# SetPrelinkChecksum = (no default) + + +## Path to the executable. If set, will be checksummed after startup +## and before exit. +# +# SamhainPath = (no default) + + +## The IP address of the log server +# +# SetLogServer = (default: compiled-in) + +## The IP address of the time server +# +# SetTimeServer = (default: compiled-in) + +## Trusted Users (comma delimited list of user names) +# +# TrustedUser = (no default; this adds to the compiled-in list) + +## Path to the file signature database +# +# SetDatabasePath = (default: compiled-in) + +## Path to the log file +# +# SetLogfilePath = (default: compiled-in) + +## Path to the PID file +# +# SetLockPath = (default: compiled-in) + + +## The digest/checksum/hash algorithm +# +# DigestAlgo = TIGER192 + + +## Custom format for message header. +## CAREFUL if you use XML logfile format. +## +## %S severity +## %T timestamp +## %C class +## +## %F source file +## %L source line +# +# MessageHeader="%S %T " + + +## Don't log path to config/database file on startup +# +# HideSetup = False + +## The syslog facility, if you log to syslog +# +# SyslogFacility = LOG_AUTHPRIV +SyslogFacility=LOG_LOCAL2 + +## The message authentication method +## - If you change this, you *must* change it +## on client *and* server +# +# MACType = HMAC-TIGER + + +## everything below is ignored +[EOF] + +##################################################################### +# This would be the proper syntax for parts that should only be +# included for certain hosts. +# You may enclose anything in a @HOSTNAME/@end bracket, as long as the +# result still has the proper syntax for the config file. +# You may have any number of @HOSTNAME/@end brackets. +# HOSTNAME should be the fully qualified 'official' name +# (e.g. 'nixon.watergate.com', not 'nixon'), no aliases. +# No IP number - except if samhain cannot determine the +# fully qualified hostname. +# +# @HOSTNAME +# file=/foo/bar +# @end +# +# These are two examples for conditional inclusion/exclusion +# of a machine based on the output from 'uname -srm' +# $Linux:2.*.7:i666 +# file=/foo/bar3 +# $end +# +# !$Linux:2.*.7:i686 +# file=/foo/bar2 +# $end +# +##################################################################### --- samhain-3.1.0.orig/debian/templates +++ samhain-3.1.0/debian/templates @@ -0,0 +1,6 @@ +Template: samhain/init-log +Type: note +_Description: Samhain initialization + The database used for Samhain will be initialized now. Any errors/messages + regarding this initialization can be recovered from + /var/log/samhain/samhain-init.log --- samhain-3.1.0.orig/rules.deb.in +++ samhain-3.1.0/rules.deb.in @@ -51,7 +51,7 @@ # Fix the permissions #chmod o-rX `pwd`/debian/tmp/var/log/samhain \ # `pwd`/debian/tmp/var/run/samhain \ - # `pwd`/debian/tmp/var/state/samhain \ + # `pwd`/debian/tmp/var/lib/samhain \ # `pwd`/debian/tmp/etc/samhain # $(MAKE) install install-boot DESTDIR=`pwd`/debian/tmp --- samhain-3.1.0.orig/samhain-install.sh.in +++ samhain-3.1.0/samhain-install.sh.in @@ -679,7 +679,7 @@ update="(PATH=\$PATH:/usr/sbin; pwd_mkdb -p /etc/master.passwd)" break ;; - Linux/* ) + Linux/* | GNU/kFreeBSD/* | GNU/* ) file=/etc/passwd entry="${user}:*:${uid}:${gid}:${realname}:${home}:${shell}" update="(PATH=\$PATH:/usr/sbin; pwconv)" @@ -885,7 +885,7 @@ rc_uinst="rm -f ${DESTDIR}/etc/init.d/@install_name@; rm -f ${DESTDIR}/etc/rc0.d/K10@install_name@; rm -f ${DESTDIR}/etc/rc1.d/K10@install_name@; rm -f ${DESTDIR}/etc/rc3.d/S99@install_name@" ;; - Linux/*) + Linux/* | GNU/kFreeBSD/* | GNU/* ) rlv="2 3 4 5" linkopt="-f -s" # find rc directories --- samhain-3.1.0.orig/src/dnmalloc.c +++ samhain-3.1.0/src/dnmalloc.c @@ -216,10 +216,10 @@ kernel versions newer than 1.3.77. */ +#define _GNU_SOURCE 1 #ifndef HAVE_MREMAP #ifdef linux #define HAVE_MREMAP 1 -#define _GNU_SOURCE #else #define HAVE_MREMAP 0 #endif --- samhain-3.1.0.orig/src/sh_tiger0.c +++ samhain-3.1.0/src/sh_tiger0.c @@ -101,7 +101,7 @@ * implementation */ -/* static sh_byte buffer[PRIV_MAX + 72]; */ +/* static sh_byte buffer[PRIV_MAX + 72] __attribute__((aligned(4))); */ #if defined(TIGER_64_BIT) static --- samhain-3.1.0.orig/stamp-dep +++ samhain-3.1.0/stamp-dep @@ -0,0 +1 @@ +./src --- samhain-3.1.0.orig/stamp-h +++ samhain-3.1.0/stamp-h @@ -0,0 +1 @@ +timestamp --- samhain-3.1.0.orig/yulerc +++ samhain-3.1.0/yulerc @@ -0,0 +1,338 @@ +##################################################################### +# +# Configuration file template for yule. +# +##################################################################### +# +# NOTE: This is a log server-only configuration file TEMPLATE. +# +# NOTE: The log server ('yule') will look for THAT configuration file +# that has been defined at compile time with the configure option +# ./configure --with-config-file=FILE +# The default is "/usr/local/etc/.samhainrc" (NOT "yulerc"). +# +##################################################################### +# +# -- empty lines and lines starting with '#', ';' or '//' are ignored +# -- you can PGP clearsign this file -- samhain will check (if compiled +# with support) or otherwise ignore the signature +# -- CHECK mail address +# +# To each log facility, you can assign a threshold severity. Only +# reports with at least the threshold severity will be logged +# to the respective facility (even further below). +# +##################################################################### + + +[Log] +## +## Switch on/OFF log facilities and set their threshold severity +## +## Values: debug, info, notice, warn, mark, err, crit, alert, none. +## 'mark' is used for timestamps. +## +## +## Use 'none' to SWITCH OFF a log facility +## +## By default, everything equal to and above the threshold is logged. +## The specifiers '*', '!', and '=' are interpreted as +## 'all', 'all but', and 'only', respectively (like syslogd(8) does, +## at least on Linux). Examples: +## MailSeverity=* +## MailSeverity=!warn +## MailSeverity==crit + +## E-mail +## +# MailSeverity=none +MailSeverity=crit + +## Console +## +# PrintSeverity=info + +## Logfile +## +# LogSeverity=none + +## Syslog +## +# SyslogSeverity=none + +## External script or program +## +# ExternalSeverity = none + +## Logging to a database +## +# DatabaseSeverity = none + + +# [Database] +## +## --- Logging to a relational database +## + +## Database name +# +# SetDBName = samhain + +## Database table +# +# SetDBTable = log + +## Database user +# +# SetDBUser = samhain + +## Database password +# +# SetDBPassword = (default: none) + +## Database host +# +# SetDBHost = localhost + +## Log the server timestamp for received messages +# +SetDBServerTstamp = True + +## Use a persistent connection +# +UsePersistent = True + + + +# [External] +## +## Interface to call external scripts/programs for logging +## + +## The absolute path to the command +## - Each invocation of this directive will end the definition of the +## preceding command, and start the definition of +## an additional, new command +# +# OpenCommand = (no default) + +## Type (log or rv) +## - log for log messages, srv for messages received by the server +# +# SetType = log + +## The command (full command line) to execute +# +# SetCommandLine = (no default) + +## The environment (KEY=value; repeat for more) +# +# SetEnviron = TZ=(your timezone) + +## The TIGER192 checksum (optional) +# +# SetChecksum = (no default) + +## User who runs the command +# +# SetCredentials = (default: samhain process uid) + +## Words not allowed in message +# +# SetFilterNot = (none) + +## Words required (ALL of them) +# +# SetFilterAnd = (none) + +## Words required (at least one) +# +# SetFilterOr = (none) + +## Deadtime between consecutive calls +# +# SetDeadtime = 0 + +## Add default environment (HOME, PATH, SHELL) +# +# SetDefault = no + + +##################################################### +# +# Miscellaneous configuration options +# +##################################################### + +[Misc] + +## whether to become a daemon process +## (this is not honoured on database initialisation) +# +# Daemon = no +Daemon = yes + + + +[Misc] +# whether to become a daemon process +Daemon=yes + +## Interval between time stamp messages +# +# SetLoopTime = 60 +SetLoopTime = 600 + +## The maximum time between client messages (seconds) +## This allows the server to flag clients that have exceeded +## the timeout limits; i.e. might have died for some reason. +# +# SetClientTimeLimit = 86400 + +## Use client address as known to the communication layer (might be +## incorrect if the client is behind NAT). The default is to use +## the client name as claimed by the client, and verify it against +## the former (might be incorrect if the client has several +## interfaces, and its hostname resolves to the wrong interface). +# +# SetClientFromAccept = False + +## If SetClientFromAccept is False (default), severity of a +## failure to resolve the hostname claimed by the client +## to the IP address of the socket peer. +# +# SeverityLookup = crit + +## The console device (can also be a file or named pipe) +## - There are two console devices. Accordingly, you can use +## this directive a second time to set the second console device. +## If you have not defined the second device at compile time, +## and you don't want to use it, then: +## setting it to /dev/null is less effective than just leaving +## it alone (setting to /dev/null will waste time by opening +## /dev/null and writing to it) +# +# SetConsole = /dev/console + +## Use separate logfiles for individual clients +# +# UseSeparateLogs = False + +## Enable listening on port 514/udp for logging of remote syslog +## messages (if optionally compiled with support for this) +# +# SetUDPActive = False + + +## Activate the SysV IPC message queue +# +# MessageQueueActive = False + + +## If false, skip reverse lookup when connecting to a host known +## by name rather than IP address (i.e. trust the DNS) +# +# SetReverseLookup = True + +## If true, open a Unix domain socket to listen for commands that should +## be passed to clients upon next connection. Only works on systems +## that support passing of peer credentials (for authentication) via sockets. +## Use yulectl to access the socket. +# +# SetUseSocket = False + +## The UID of the user that is allowed to pass commands to the server +## via the Unix domain socket. +# +# SetSocketAllowUid = 0 + +## --- E-Mail --- + +# Only highest-level (alert) reports will be mailed immediately, +# others will be queued. Here you can define, when the queue will +# be flushed (Note: the queue is automatically flushed after +# completing a file check). +# +# SetMailTime = 86400 + +## Maximum number of mails to queue +# +# SetMailNum = 10 + +## Recipient (max. 8) +# +# SetMailAddress=root@localhost + +## Mail relay (IP address) +# +# SetMailRelay = NULL + +## Custom subject format +# +# MailSubject = NULL + +## --- end E-Mail --- + +# The binary. Setting the path will allow +# samhain to check for modifications between +# startup and exit. +# +# SamhainPath=/usr/local/bin/yule + +## The IP address of the time server +# +# SetTimeServer = (default: compiled-in) + +## Trusted Users (comma delimited list of user names) +# +# TrustedUser = (no default; this adds to the compiled-in list) + +## Custom format for message header. +## CAREFUL if you use XML logfile format. +## +## %S severity +## %T timestamp +## %C class +## +## %F source file +## %L source line +# +# MessageHeader="%S %T " + + +## Don't log path to config/database file on startup +# +# HideSetup = False + +## The syslog facility, if you log to syslog +# +# SyslogFacility = LOG_AUTHPRIV + + +## The message authentication method +## - If you change this, you *must* change it +## on client *and* server +# +# MACType = HMAC-TIGER + + +[Clients] +## +## This is a sample registry entry for a client at host 'HOSTNAME'. This entry +## is valid for the default password. +## You are STRONGLY ADVISED to reset te password (see the README) and +## compute your own entries using 'samhain -P ' +## +## Usually, HOSTNAME should be a fully qualified hostname, +## no numerical address. +## -- exception: if the client (samhain) cannot determine the +## fully qualified hostname of its host, +## the numerical address may be required. +## You will know if you get a message like: +## 'Invalid connection attempt: Not in +## client list what.ever.it.is' +## +## First entry is for challenge/response, second one for SRP authentication. +# +# Client=HOSTNAME@00000000@C39F0EEFBC64E4A8BBF72349637CC07577F714B420B62882 +# Client=HOSTNAME@8F81BA58956F8F42@8932D08C49CA76BD843C51EDD1D6640510FA032A7A2403E572BBDA2E5C6B753991CF7E091141D20A2499C5CD3E14C1639D17482E14E1548E5246ACF4E7193D524CDDAC9C9D6A9A36C596B4ECC68BEB0C5BB7082224946FC98E3ADE214EA1343E2DA8DF4229D4D8572AD8679228928A787B6E5390D3A713102FFCC9D0B2188C92