Opened 10 years ago

Last modified 10 years ago

#42535 new submission

[NEW] samhain

Reported by: jul_bsd@… Owned by: macports-tickets@…
Priority: Normal Milestone:
Component: ports Version: 2.2.1
Keywords: Cc:
Port: samhain

Description

another host-based intrusion detection system

  • work in progress
  • 3.1.0
  • build/run
  • some options failing to compile or deprecated
  • no '--enable-login-watch' as wtmp/utmp is deprecated on macosx. right?
  • no --enable-process-check: 
    Undefined symbols for architecture x86_64: "_sched_getparam", referenced from:
  • variants need to be reviewed and tested

Attachments (3)

org.macports.samhain.plist.example (689 bytes) - added by jul_bsd@… 10 years ago.
samhainrc (21.3 KB) - added by jul_bsd@… 10 years ago.
Portfile (6.6 KB) - added by jul_bsd@… 10 years ago.

Download all attachments as: .zip

Change History (7)

comment:1 Changed 10 years ago by jul_bsd@…

  • reviewed Portfile, replace startupitem w cron-like plist at regular interval
  • respect existing config

comment:2 Changed 10 years ago by jul_bsd@…

  • destroot variants tested: some post-destroot error w server, can't test prelude as libprelude fails to build, not all database/too heavy
  • plist launchd
  • mac config file
  • mores notes to finish install
  • change tabs to 4 spaces
  • add description to most variants
  • check dependencies of binaries w otool

Changed 10 years ago by jul_bsd@…

Attachment: org.macports.samhain.plist.example added

Changed 10 years ago by jul_bsd@…

Attachment: samhainrc added

comment:3 Changed 10 years ago by jul_bsd@…

  • port lint --nitpick
  • livecheck
  • /tab/spacex4/

comment:4 Changed 10 years ago by jul_bsd@…

  • could update to 3.1.1 but seems there is packaging update (latest containt something named 3.1.0 ...)
  • try to use compiler.blacklist but still doing llvm-gcc4.2 ???
  • use LaunchDaemons

Changed 10 years ago by jul_bsd@…

Attachment: Portfile added
Note: See TracTickets for help on using tickets.