aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-security/samhain/samhain.inc
AgeCommit message (Collapse)Author
2017-09-15samhain: fix QA issue for GNU_HASHJackie Huang
Add LDFLAGS variable to fix QA issue for GNU_HASH: | ERROR: samhain-client-4.2.2-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: '/builddir/usr/sbin/samhain_setpwd' [ldflags] Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-15samhain: avoid searching host dir for postgresqlJackie Huang
Add a patch to avoid searching host dir for postgresql, and set PGSQL_INC_DIR and PGSQL_LIB_DIR instead. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-15samhain: fix for the PACKAGECONFIGJackie Huang
* The "??=" assignment for PACKAGECONFIG is overridden by the following "+=" assignments, which is not expected, so combine them into one assignment with multiple lines. * Fix a typo for postgresql. * Remove unneeded quotation marks. * run aotoconf to regenerate the configure, or the patch for ps option doesn't work: | configure: error: unrecognized option: --with-ps-path=/bin/ps Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-09-15samhain: depends on attr when selinux is enabledJackie Huang
The extended attribute is required by selinux feature, so add the dependency when selinux is enabled. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-08-31samhain: update to 4.2.2Jackie Huang
* update to version 4.2.2 * Add new recipe for standalone mode * Add systemd support * Add patches to fix several issues * samhain-standalone: add ptest support * samhain-server: no need to depend on samhain-server-native * Move common things from the bb to the inc file Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-04-25samhain: update to 4.2.1Armin Kuster
remove patch integrated into update Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-03-27samhain: fix build issues when using muslArmin Kuster
[v2]: Correct musl malloc fix. remove HAVE_MALLOC_H define; this enables using the included defined mallinfo. [V1]: Fix c99 x_dnmalloc.c:563:26: error: return type is an incomplete type | #define public_mALLINFo mallinfo | ^ | x_dnmalloc.c:1689:17: note: in expansion of macro 'public_mALLINFo' | struct mallinfo public_mALLINFo() { and _dnmalloc.c:5527:17: error: unknown type name 'u_int' | u_int rnd[(128 - 2*sizeof(struct timeval)) / sizeof(u_int)]; | ^~~~~ Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-11-10samhain: update to 4.2.0Armin Kuster
* Changes: - New option 'SetAuditdFlags = r|w|x|a' to (re-)define the flags supplied to auditd. - New option 'PortCheckDevice = device' for the port check module, to monitor a device regardless of the address assigned to it. - Fix for the case sensitivity of the arguments to the Severity/Class options. - Compiler warnings with gcc 6.2 and a few minor bugs have been fixed. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-11-01samhain: recipe cleanupArmin Kuster
add a few distro feature checks. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-10-11samhain: 4.1.4 -> 4.1.5Wang Xin
1) Upgrade samhain from 4.1.4 to 4.1.5. 2) Add TARGET_CC_ARCH.Fix error. ERROR: samhain-server-4.1.5-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yule_setpwd' No GNU_HASH in the elf binary: '/yocto/work001/fnst/wangx/poky/build/tmp/work/i586-poky-linux/samhain-server/4.1.5-r0/packages-split/samhain-server/usr/sbin/yulectl' [ldflags] Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-06-26samhain: update to 4.1.4Armin Kuster
4.1.4: - Fix for issues with re-evaluation of paths with wildcard patterns: - no re-evaluation if no match at process startup - if same pattern used for a file=.. and dir=.. directive, only one (the first in config file) is re-evaluated - Fix for issues with new directories created when inotify is used: - recursion depth is not properly set for new directory - directory gets watched even if recursion depth should be below zero 4.1.3: - Fix for a regression in DNS resolving if samhain is compiled with '--enable-static' - On Cygwin/Windows, the default for the 'AvoidBlock' option is now 'off' because of problems reported for this platform. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
2016-06-26samhain: Avoid empty source archiverLei Maohui
It is better to put necessary work into do_patch task than add a new task. Otherwise,you can not get correct source code in some functions(such as archiver.bbclass). Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
2016-03-14samhain-client: Erorr FixLi Xin
The Error is as following: # /usr/sbin/samhain -t init -p info ...... Segmentation fault # echo $? 139 Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-01-17Samhain: package update to 4.1.2Armin Kuster
4.1.1 Changes: - Fix for broken libwrap support. - Fix for broken baseline update (-t update) on FreeBSD and maybe other non GNU/Linux systems. - Fix for ungraceful handling of rotated logiles if logfile content is always zero or constant. - Fix for timezone offset calculation on month rollover for timezones west of GMT. 4.1.2 Changes: - Fix for broken rpm / rpm-light makefile targets. - Fix for the failure to detect open UDP ports sometimes. - Fix for reporting file changes with the wrong policy if both inotify is used and the file change occurs during a configuration reload. - New configure options --enable-posix-acl and --enable-selinux to turn the soft failure (no support for checking compiled in) into a hard failure if required headers/libraries are missing for this feature. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2015-10-30Fix an error when samhain -t checkLi Xin
Fixes an error when "samhain -t check" is executed. The error is like this: 'ERROR: msg=<Record with bad version number in file signature database>, subroutine=<sh_dbIO_getdataent>, path=<(null)>' Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2015-10-30samhain: update to 4.1.0Armin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2015-10-08samhain-client: update to 4.0.0Armin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2015-04-15samhain: update client and server to 3.1.5Armin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com> fix missing bash depends in server recipe
2015-02-01samhain: fix aarch64 build issuesArmin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2014-11-28samhain: update to 3.1.3Armin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2014-10-26samhain: update to 3.1.2Armin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2014-08-27samhain: arm build failureArmin Kuster
| x_sh_error.c: In function 'sh_error_string': | x_sh_error.c:1580:31: error: incompatible type for argument 1 of 'memmove' | #define VA_COPY(ap1, ap2) memmove ((ap1), (ap2), sizeof (va_list)) | ^ | x_sh_error.c:1720:14: note: in expansion of macro 'VA_COPY' | /*@i@*/VA_COPY(vl2, vl); | ^ this patch fixes the arm build failure. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2014-08-27samhain: New ISD packageArmin Kuster
These are the base files needed by both client and server recipes. Signed-off-by: Armin Kuster <akuster808@gmail.com>