diff options
Diffstat (limited to 'recipes-ids/samhain/files/samhain-samhainrc.patch')
-rw-r--r-- | recipes-ids/samhain/files/samhain-samhainrc.patch | 158 |
1 files changed, 158 insertions, 0 deletions
diff --git a/recipes-ids/samhain/files/samhain-samhainrc.patch b/recipes-ids/samhain/files/samhain-samhainrc.patch new file mode 100644 index 0000000..145700a --- /dev/null +++ b/recipes-ids/samhain/files/samhain-samhainrc.patch | |||
@@ -0,0 +1,158 @@ | |||
1 | commit 4c6658441eb3ffc4e51ed70f78cbdab046957580 | ||
2 | Author: Aws Ismail <aws.ismail@windriver.com> | ||
3 | Date: Fri Jun 22 16:38:20 2012 -0400 | ||
4 | |||
5 | Make samhainrc OE-friendly. | ||
6 | |||
7 | Patch the samhainrc that will be installed | ||
8 | as part of the 'make install' step to more | ||
9 | accurately reflect what will be found, and | ||
10 | what will be of concern, on a OE install. | ||
11 | |||
12 | Upstream-Status: Inappropriate [configuration] | ||
13 | |||
14 | Signed-off-by: Aws Ismail <aws.ismail@windriver.com> | ||
15 | |||
16 | diff --git a/samhainrc.linux b/samhainrc.linux | ||
17 | index 9bc5ca4..10a8176 100644 | ||
18 | --- a/samhainrc.linux | ||
19 | +++ b/samhainrc.linux | ||
20 | @@ -74,7 +74,6 @@ dir = 0/ | ||
21 | [Attributes] | ||
22 | file = /tmp | ||
23 | file = /dev | ||
24 | -file = /media | ||
25 | file = /proc | ||
26 | file = /sys | ||
27 | |||
28 | @@ -93,19 +92,10 @@ dir = 99/etc | ||
29 | ## check permission and ownership | ||
30 | ## | ||
31 | file = /etc/mtab | ||
32 | +file = /etc/fstab | ||
33 | file = /etc/adjtime | ||
34 | file = /etc/motd | ||
35 | -file = /etc/lvm/.cache | ||
36 | - | ||
37 | -# On Ubuntu, these are in /var/lib rather than /etc | ||
38 | -file = /etc/cups/certs | ||
39 | -file = /etc/cups/certs/0 | ||
40 | - | ||
41 | -# managed by fstab-sync on Fedora Core | ||
42 | -file = /etc/fstab | ||
43 | - | ||
44 | -# modified when booting | ||
45 | -file = /etc/sysconfig/hwconf | ||
46 | +file = /etc/lvm/lvm.conf | ||
47 | |||
48 | # There are files in /etc that might change, thus changing the directory | ||
49 | # timestamps. Put it here as 'file', and in the ReadOnly section as 'dir'. | ||
50 | @@ -147,10 +137,6 @@ dir = 99/dev | ||
51 | ## | ||
52 | dir = -1/dev/pts | ||
53 | |||
54 | -# dir = -1/dev/.udevdb | ||
55 | - | ||
56 | -file = /dev/ppp | ||
57 | - | ||
58 | # | ||
59 | # --------- /usr ----------- | ||
60 | # | ||
61 | @@ -167,50 +153,21 @@ dir = 99/var | ||
62 | |||
63 | [IgnoreAll] | ||
64 | dir = -1/var/cache | ||
65 | -dir = -1/var/backups | ||
66 | -dir = -1/var/games | ||
67 | -dir = -1/var/gdm | ||
68 | dir = -1/var/lock | ||
69 | dir = -1/var/mail | ||
70 | dir = -1/var/run | ||
71 | dir = -1/var/spool | ||
72 | dir = -1/var/tmp | ||
73 | -dir = -1/var/lib/texmf | ||
74 | -dir = -1/var/lib/scrollkeeper | ||
75 | |||
76 | |||
77 | [Attributes] | ||
78 | |||
79 | -dir = /var/lib/nfs | ||
80 | -dir = /var/lib/pcmcia | ||
81 | - | ||
82 | # /var/lib/rpm changes if packets are installed; | ||
83 | # /var/lib/rpm/__db.00[123] even more frequently | ||
84 | file = /var/lib/rpm/__db.00? | ||
85 | |||
86 | -file = /var/lib/acpi-support/vbestate | ||
87 | -file = /var/lib/alsa/asound.state | ||
88 | -file = /var/lib/apt/lists/lock | ||
89 | -file = /var/lib/apt/lists/partial | ||
90 | -file = /var/lib/cups/certs | ||
91 | -file = /var/lib/cups/certs/0 | ||
92 | -file = /var/lib/dpkg/lock | ||
93 | -file = /var/lib/gdm | ||
94 | -file = /var/lib/gdm/.cookie | ||
95 | -file = /var/lib/gdm/.gdmfifo | ||
96 | -file = /var/lib/gdm/:0.Xauth | ||
97 | -file = /var/lib/gdm/:0.Xservers | ||
98 | -file = /var/lib/logrotate/status | ||
99 | -file = /var/lib/mysql | ||
100 | -file = /var/lib/mysql/ib_logfile0 | ||
101 | -file = /var/lib/mysql/ibdata1 | ||
102 | -file = /var/lib/slocate | ||
103 | -file = /var/lib/slocate/slocate.db | ||
104 | -file = /var/lib/slocate/slocate.db.tmp | ||
105 | -file = /var/lib/urandom | ||
106 | -file = /var/lib/urandom/random-seed | ||
107 | +file = /var/lib/logrotate.status | ||
108 | file = /var/lib/random-seed | ||
109 | -file = /var/lib/xkb | ||
110 | |||
111 | |||
112 | [GrowingLogFiles] | ||
113 | @@ -325,7 +282,7 @@ IgnoreMissing = /var/lib/slocate/slocate.db.tmp | ||
114 | |||
115 | ## Console | ||
116 | ## | ||
117 | -# PrintSeverity=info | ||
118 | +PrintSeverity=warn | ||
119 | |||
120 | ## Logfile | ||
121 | ## | ||
122 | @@ -333,7 +290,7 @@ IgnoreMissing = /var/lib/slocate/slocate.db.tmp | ||
123 | |||
124 | ## Syslog | ||
125 | ## | ||
126 | -# SyslogSeverity=none | ||
127 | +SyslogSeverity=info | ||
128 | |||
129 | ## Remote server (yule) | ||
130 | ## | ||
131 | @@ -556,7 +513,8 @@ ChecksumTest=check | ||
132 | ## and I/O limit (kilobytes per second; 0 == off) | ||
133 | ## to reduce load on host. | ||
134 | # | ||
135 | -# SetNiceLevel = 0 | ||
136 | +# By default we configure samhain to be nice with everything else on the system | ||
137 | +SetNiceLevel = 10 | ||
138 | # SetIOLimit = 0 | ||
139 | |||
140 | ## The version string to embed in file signature databases | ||
141 | @@ -565,13 +523,14 @@ ChecksumTest=check | ||
142 | |||
143 | ## Interval between time stamp messages | ||
144 | # | ||
145 | -# SetLoopTime = 60 | ||
146 | -SetLoopTime = 600 | ||
147 | +# Log a timestamp every hour | ||
148 | +SetLoopTime = 3600 | ||
149 | |||
150 | ## Interval between file checks | ||
151 | # | ||
152 | # SetFileCheckTime = 600 | ||
153 | -SetFileCheckTime = 7200 | ||
154 | +# One file system check per day | ||
155 | +SetFileCheckTime = 86400 | ||
156 | |||
157 | ## Alternative: crontab-like schedule | ||
158 | # | ||