You are not logged in.
- Topics: Active | Unanswered
#1 2007-08-27 13:38:21
- .:B:.
- Forum Fellow
- Registered: 2006-11-26
- Posts: 5,819
- Website
Samhain PKGBUILD - static binary segfaults, dynamic one not executable
Since I find tripwire a bit of a mess to set up, I am looking into using Samhain as an IDS. I have written the following PKGBUILD:
# This PKGBUILD requires root powers (due to /dev/kmem
# access and the copying of a header to /usr/include/asm)
# First we do some checks on the privileges & variables
[ "$(id -u)" != "0" ] && echo "This script must be run as root!" && exit 67
pkgname="samhain"
pkgver="2.3.5"
pkgrel="3"
pkgdesc="A file integrity / intrusion detection system"
# Custom variables - since they change often (depending on package/software
# versions, it's better to change them here rather than in the body of the
# PKGBUILD
_systemmap=""
_gpgpubkey=""
url="http://la-samhna.de/samhain/index.html"
license="GPL"
arch=('i686')
depends=('glibc' 'attr' 'acl' 'gnupg')
install=
backup=(etc/samhainrc)
source=($pkgname-$pkgver.tar.gz)
md5sums=('0351a6baee5d177432c6b7200b096105')
[ "${_systemmap}" = "" ] && echo "Please specify your kernel before building Samhain!" && exit 1
[ "${_gpgpubkey}" = "" ] && echo "Please insert your GnuPG key before building Samhain!" && exit 1
build() {
# The rootkit checking functionality depends on the segment.h
# header, usually present in /usr/include/asm, but on Arch it
# is in the kernel header tree under /usr/src
ln /usr/{src/linux-`uname -r`/,}include/asm/segment.h -sv
# Now we can build cleanly
cd $startdir/src/$pkgname-$pkgver
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--mandir=/usr/man \
--enable-static \
--with-rnd=dev \
--enable-debug \
--enable-identity=nobody \
--enable-process-check \
--enable-port-check \
--enable-mounts-check \
--enable-suidcheck \
--enable-login-watch \
--enable-userfiles \
--with-libwrap=/usr/lib \
--with-gpg=/usr/bin/gpg \
--without-checksum \
--with-fp="${_gpgpubkey}" \
--with-timeserver=europe.pool.ntp.org \
--with-alttimeserver=pool.ntp.org \
--with-log-file=/var/log/$pkgname.log \
--with-kcheck="${_systemmap}" \
--enable-micro-stealth=232 || return 1
make || return 1
make DESTDIR=$startdir/pkg install
# Clean up
rm -v /usr/include/asm/segment.h
}Samhain itself builds fine. However, the static build segfaults immediately (no errors whatsoever except for 'segmentation fault'), when i compile a dynamic binary it says 'samhain: cannot execute binary file'. Anybody any clues?
Last edited by B (2007-12-13 20:36:06)
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline