| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
status get by "systemctl status samhain" is not correct.
It is active(exited) now. but actually, there is a dameon
running, it should be active(running). so change Type of
servive.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
No packages depend on samhain-server-native and it doesn't
make sense to extend a server package to native, so remove
the BBCLASSEXTEND.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Remove the absolute path for start-stop-daemon
to fix samhain start-up as start-stop-daemon
sometimes located in /usr/sbin, not the expected
/sbin.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Add LDFLAGS variable to fix QA issue for GNU_HASH:
| ERROR: samhain-client-4.2.2-r0 do_package_qa: QA Issue:
No GNU_HASH in the elf binary: '/builddir/usr/sbin/samhain_setpwd' [ldflags]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add a patch to avoid searching host dir for postgresql,
and set PGSQL_INC_DIR and PGSQL_LIB_DIR instead.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* The "??=" assignment for PACKAGECONFIG is overridden by
the following "+=" assignments, which is not expected,
so combine them into one assignment with multiple lines.
* Fix a typo for postgresql.
* Remove unneeded quotation marks.
* run aotoconf to regenerate the configure, or the patch
for ps option doesn't work:
| configure: error: unrecognized option: --with-ps-path=/bin/ps
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
The extended attribute is required by selinux feature,
so add the dependency when selinux is enabled.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* update to version 4.2.2
* Add new recipe for standalone mode
* Add systemd support
* Add patches to fix several issues
* samhain-standalone: add ptest support
* samhain-server: no need to depend on samhain-server-native
* Move common things from the bb to the inc file
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
remove patch integrated into update
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[v2]: Correct musl malloc fix.
remove HAVE_MALLOC_H define; this enables using the included defined mallinfo.
[V1]: Fix c99
x_dnmalloc.c:563:26: error: return type is an incomplete type
| #define public_mALLINFo mallinfo
| ^
| x_dnmalloc.c:1689:17: note: in expansion of macro 'public_mALLINFo'
| struct mallinfo public_mALLINFo() {
and
_dnmalloc.c:5527:17: error: unknown type name 'u_int'
| u_int rnd[(128 - 2*sizeof(struct timeval)) / sizeof(u_int)];
| ^~~~~
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
when acl is enabled this error occurrs.
configure: error: in `/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/samhain-server-native/4.2.0-r0/samhain-4.2.0':
| configure: error: --enable-posix-acl was given, but test for acl support failed
add missing depends.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Changes:
- New option 'SetAuditdFlags = r|w|x|a' to (re-)define the flags supplied
to auditd.
- New option 'PortCheckDevice = device' for the port check module, to monitor
a device regardless of the address assigned to it.
- Fix for the case sensitivity of the arguments to the Severity/Class options.
- Compiler warnings with gcc 6.2 and a few minor bugs have been fixed.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
add a few distro feature checks.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
1) Upgrade samhain from 4.1.4 to 4.1.5.
2) Add TARGET_CC_ARCH.Fix error.
ERROR: samhain-server-4.1.5-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yule_setpwd'
No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yulectl' [ldflags]
Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
4.1.4:
- Fix for issues with re-evaluation of paths with wildcard patterns:
- no re-evaluation if no match at process startup
- if same pattern used for a file=.. and dir=.. directive, only
one (the first in config file) is re-evaluated
- Fix for issues with new directories created when inotify is used:
- recursion depth is not properly set for new directory
- directory gets watched even if recursion depth should be below zero
4.1.3:
- Fix for a regression in DNS resolving if samhain is compiled
with '--enable-static'
- On Cygwin/Windows, the default for the 'AvoidBlock' option is now 'off'
because of problems reported for this platform.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
| |
|
|
|
|
|
|
|
| |
It is better to put necessary work into do_patch task than add a new task.
Otherwise,you can not get correct source code in some functions(such as archiver.bbclass).
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The Error is as following:
# /usr/sbin/samhain -t init -p info
......
Segmentation fault
# echo $?
139
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
4.1.1 Changes:
- Fix for broken libwrap support.
- Fix for broken baseline update (-t update) on FreeBSD and maybe other non GNU/Linux systems.
- Fix for ungraceful handling of rotated logiles if logfile content is always zero or constant.
- Fix for timezone offset calculation on month rollover for timezones west of GMT.
4.1.2 Changes:
- Fix for broken rpm / rpm-light makefile targets.
- Fix for the failure to detect open UDP ports sometimes.
- Fix for reporting file changes with the wrong policy if both inotify is
used and the file change occurs during a configuration reload.
- New configure options --enable-posix-acl and --enable-selinux to turn the
soft failure (no support for checking compiled in) into a hard failure
if required headers/libraries are missing for this feature.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes an error when "samhain -t check" is executed.
The error is like this:
'ERROR: msg=<Record with bad version number in file signature database>,
subroutine=<sh_dbIO_getdataent>, path=<(null)>'
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
WARNING: QA Issue: /etc/init.d/samhain-server_samhain-server contained in package samhain-server requires /bin/bash, but no providers found in its RDEPENDS [file-rdeps]
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
fix missing bash depends in server recipe
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
WARNING: QA Issue: samhain-client requires /bin/bash, but no providers in its RDEPENDS [file-rdeps]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
| x_sh_error.c: In function 'sh_error_string':
| x_sh_error.c:1580:31: error: incompatible type for argument 1 of 'memmove'
| #define VA_COPY(ap1, ap2) memmove ((ap1), (ap2), sizeof (va_list))
| ^
| x_sh_error.c:1720:14: note: in expansion of macro 'VA_COPY'
| /*@i@*/VA_COPY(vl2, vl);
| ^
this patch fixes the arm build failure.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
This is the server portion.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
This is the client portion.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
These are the base files needed by both
client and server recipes.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
