# Copyright 1999-2005 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 DESCRIPTION="Advanced file integrity and intrusion detection tool" HOMEPAGE="http://la-samhna.de/samhain/" SRC_URI="http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz" LICENSE="GPL-2" SLOT="0" KEYWORDS="~x86" IUSE="debug static postgres mysql prelude crypt xml netclient netserver suidcheck login-watch" DEPEND="crypt? ( >=app-crypt/gnupg-1.2* ) postgres? ( >=dev-db/postgresql-7.2 ) mysql? ( >=dev-db/mysql-3.23.26 ) prelude? ( >=dev-libs/libprelude-0.8.10 ) >=sys-apps/sed-4" # Samhain stealth mode options # # If you would like to enable stealth mode, please set and uncomment the # following options. Read the Samhain manual for additional information. # # STEALTH should be set to either 'full' or 'micro' (mandatory) #STEALTH="" # # XOR_VAL should be a whole number from 127 - 255 (mandatory) #XOR_VAL= # # INSTALL_NAME can be set to change the name of the samhain binaries (optional) #INSTALL_NAME="" if [ "${STEALTH}" == "full" ]; then RDEPEND="media-gfx/imagemagick" fi src_unpack() { unpack ${A} tar zxf samhain-${PV}.tar.gz chown -R root:root samhain-${PV} } src_compile() { local myconf if use crypt; then myconf="${myconf} --with-gpg=/usr/bin/gpg" if [ -n "${KEY_FPR}" ]; then einfo "Setting built-in key fingerprint to ${KEY_FPR}" FPR=`echo ${KEY_FPR} | sed "s/ //g"` myconf="${myconf} --with-fp=${FPR}" else echo ewarn "GnuPG support has been enabled, but fingerprint verification will be" ewarn "ignored. To enable fingerprint verification (strongly recommended)," ewarn "you must re-emerge this package with the KEY_FPR variable set to" ewarn "your default signing key fingerprint." ewarn "" ewarn "Please read the Samhain manual for more details." sleep 3 fi fi if [ -n "${STEALTH}" ]; then [ -z "${XOR_VALUE}" ] && die "Variable XOR_VALUE must be set for stealth mode" echo einfo "Enabling stealth mode, setting XOR_VALUE to ${XOR_VALUE}" if [ "${STEALTH}" == "full" ]; then myconf="${myconf} --enable-stealth=${XOR_VALUE} --enable-static" sed -i "s:STEGIN=@stegin_prg@:STEGIN=:g" samhain-install.sh.in elif [ "${STEALTH}" == "micro" ]; then myconf="${myconf} --enable-micro-stealth=${XOR} --enable-static" else die "STEALTH must be set to either 'full' or 'micro'" fi sleep 3 if [ -n "${INSTALL_NAME}" ]; then echo ewarn "Setting alternative samhain name to ${INSTALL_NAME}" myconf="${myconf} --enable-install-name=${INSTALL_NAME}" sleep 3 fi fi use postgres && myconf="${myconf} --with-database=postgresql --enable-xml-log" use mysql && myconf="${myconf} --with-database=mysql --enable-xml-log" use prelude && myconf="${myconf} --with-prelude" use xml && myconf="${myconf} --enable-xml-log" use static && myconf="${myconf} --enable-static" use debug && myconf="${myconf} --enable-debug" use suidcheck && myconf="${myconf} --enable-suidcheck" use netclient && myconf="${myconf} --enable-network=client" use netserver && myconf="${myconf} --enable-network=server" use login-watch && myconf="${myconf} --enable-login-watch" myconf="${myconf} --localstatedir=/var" econf ${myconf} || die "configure failed" make || die "compile failed" # this is done two times in order to compute gpg binary checksum if gpg # support is enabled if use crypt; then econf ${myconf} || die "second configure failed" make || die "second compile failed" fi } src_install() { make DESTDIR=${D} install || die rmdir ${D}/var/log rmdir ${D}/var/run rmdir ${D}/var/state if [ -n "${STEALTH}" ]; then rm -rf ${D}/usr/share else dodoc docs/* exeinto /etc/init.d newexe init/samhain.startGentoo samhain fi if use netserver; then chown daemon:daemon ${D}/var/lib/yule chown daemon:daemon ${D}/var/log/yule fi } pkg_postinst() { if [ -n "${STEALTH}" ]; then echo einfo "Manual pages, documentation, and init script were NOT installed in order to" einfo "obscure samhain's presence. You should also remove samhain's installation" einfo "traces from /var/cache/edb/world and /var/db/pkg." fi if [ "${STEALTH}" == "full" ]; then echo einfo "In stealth mode, the configuration file must be steganographically hidden" einfo "in a postscript image file. The sample config has been created this way by" einfo "the installation process. Use the samhain_stealth utility to modify or" einfo "or create your own configuration file." fi echo einfo "Remember to check your configuration file in /etc/samhainrc and initialize" einfo "the database with '/usr/sbin/samhain -t init' before starting the service!" echo einfo "Samhain stealth-mode options are also available. Please view the comments" einfo "in the Samhein ebuild for configuration instructions." echo }