Updating the Samhain integrity checking system from 1.8.10b to 1.8.11.
Code changes include:
o for files in the IgnoreAll policy, there are no warnings
(anymore) about 'no such user/group' and/or non-printable filenames
o there is a new option HardlinkOffset=... to specify an
offset from the canonical hardlink count for a directory
o ... and a new option AddOKChars=... to modify the set of
characters in a filename for which a warning (about
obscure/non-printable) filename is issued.
Port changes:
Turn off kernel integrity checking by default - building
this into packages wouldn't work anyhow, since it would
only work with an identical kernel as on the build cluster.
PR: ports/71169
Submitted by: David Thiel <lx@redundancy.redundancy.org>
new option SetBindAddress (--bind-address=...) to force
interface for outgoing connections on multi-interface box
use persistent connection to database by default
PR: ports/62290
Submitted by: David Thiel <lx@redundancy.redundancy.org>
- Updating Samhain to 1.7.12, which contains fixes for a heap overflow
in e-mail parsing.
PR: 57965
Submitted by: David Thiel <lx@redundancy.redundancy.org> (maintainer)
Update to version 1.7.8
Fix build when MySQL logging is enabled
Add LOG_SERVER and ALT_LOG_SERVER tunables
Require LOG_SERVER be defined for clients
Have clients request config and signatures from server by default
Change TRUSTED_USER to a more accurate name (RUNAS_USER)
Fix sample config file install/deinstall
Add documentation on tunables
PR: ports/52912
Submitted by: David Thiel <lx@redundancy.redundancy.org>
Samhain is a host-based Intrusion Detection System and
integrity checker with advanced features such as centralized
logging, MySQL/PostgreSQL support, and rootkit detection.
PR: ports/46982
Submitted by: David Thiel <lx@redundancy.redundancy.org>
