You are not logged in.

#1 2007-08-27 13:38:21

.:B:.
Forum Fellow
Registered: 2006-11-26
Posts: 5,819
Website

Samhain PKGBUILD - static binary segfaults, dynamic one not executable

Since I find tripwire a bit of a mess to set up, I am looking into using Samhain as an IDS. I have written the following PKGBUILD:

# This PKGBUILD requires root powers (due to /dev/kmem
# access and the copying of a header to /usr/include/asm)
# First we do some checks on the privileges & variables
[ "$(id -u)" != "0" ] && echo "This script must be run as root!" && exit 67

pkgname="samhain"
pkgver="2.3.5"
pkgrel="3"
pkgdesc="A file integrity / intrusion detection system"
# Custom variables - since they change often (depending on package/software
# versions, it's better to change them here rather than in the body of the
# PKGBUILD 
_systemmap=""
_gpgpubkey=""
url="http://la-samhna.de/samhain/index.html"
license="GPL"
arch=('i686')
depends=('glibc' 'attr' 'acl' 'gnupg')
install=
backup=(etc/samhainrc)
source=($pkgname-$pkgver.tar.gz)
md5sums=('0351a6baee5d177432c6b7200b096105')

[ "${_systemmap}" = "" ] && echo "Please specify your kernel before building Samhain!" && exit 1
[ "${_gpgpubkey}" = "" ] && echo "Please insert your GnuPG key before building Samhain!" && exit 1

build() {
  # The rootkit checking functionality depends on the segment.h
  # header, usually present in /usr/include/asm, but on Arch it
  # is in the kernel header tree under /usr/src
  ln /usr/{src/linux-`uname -r`/,}include/asm/segment.h -sv
  # Now we can build cleanly
  cd $startdir/src/$pkgname-$pkgver
  ./configure \
    --prefix=/usr \
    --sysconfdir=/etc \
    --localstatedir=/var \
    --mandir=/usr/man \
    --enable-static \
    --with-rnd=dev \
    --enable-debug \
    --enable-identity=nobody \
    --enable-process-check \
    --enable-port-check \
    --enable-mounts-check \
    --enable-suidcheck \
    --enable-login-watch \
    --enable-userfiles \
    --with-libwrap=/usr/lib \
    --with-gpg=/usr/bin/gpg \
    --without-checksum \
    --with-fp="${_gpgpubkey}" \
    --with-timeserver=europe.pool.ntp.org \
    --with-alttimeserver=pool.ntp.org \
    --with-log-file=/var/log/$pkgname.log \
    --with-kcheck="${_systemmap}" \
    --enable-micro-stealth=232 || return 1
  make || return 1
  make DESTDIR=$startdir/pkg install
  # Clean up
  rm -v /usr/include/asm/segment.h
}

Samhain itself builds fine. However, the static build segfaults immediately (no errors whatsoever except for 'segmentation fault'), when i compile a dynamic binary it says 'samhain: cannot execute binary file'. Anybody any clues?

Last edited by B (2007-12-13 20:36:06)


Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy

Offline

Board footer

Powered by FluxBB