/usr/share/doc/samhain/examples/README is in samhain 3.1.0-5ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 | This directory contains miscellaneous useful scripts, some of them contributed
by various users. Additions and/or improvements are welcome.
chroot.sh: prepare chroot environment for the log server
---------
Usage: chroot.sh <chroot_directory>
Tested on Debian Linux. Your mileage may vary.
After running the script, review <chroot_directory>/etc/passwd
to replace passwords with a *, and to fix the
path to the home directory of the yule user.
If using a signed configuration file, you need
a working copy of GnuPG inside the chroot jail.
This script will probably fail on systems other than Linux,
mainly because of the mknod commands to create devices
in the chroot jail.
NO WARRANTY !!!
samhainadmin.pl
---------------
Perform various tasks useful if you are using signed configuration
and database files.
Run 'samhainadmin.pl -h' for usage instructions.
yuleadmin.pl
------------
Perl script (by Riccardo Murri) to list, add, and remove clients
from the yulerc file.
Run 'yuleadmin.pl -h' for usage instructions.
samhainrc_update.sh
-------------------
If you are using the --with-kcheck option on Linux, after a kernel
update you need to change some option (addresses of kernel functions)
in the samhainrc configuration file. The correct new addresses must
be looked up in the System.map file
This script will do this automatically. Run 'samhainrc_update.sh -h'
for usage instructions. You may need to change the location of the
samhainrc file by editing the line 'cfgfile="/etc/samhainrc"'
at the beginning of the script.
check_samhain.pl
----------------
Nagios plugin for samhain. Will execute samhain and report results
in the way expected by nagios. Drop this into your nagios/libexec/
directory.
samhain.logrotator: logrotate script
------------------
This is a logrotate script (contributed by Simon Bailey)
concat.pl
---------
Concatenate samhain file signature databases and write the resulting
database file to stdout. Does not work on signed or otherwise modified
file signature databases.
samhain.{cgi|dtd|xsl}: display XML logfile in XML capable browser
--------------------- (works with Mozilla 1.2, possibly Mozilla 1.0, IE 6)
Usage: 1. review samhain.cgi (see remarks in file)
2. drop samhain.cgi, samhain.dtd, samhain.xsl in some
directory on your webserver
3. use .htaccess to protect access to that directory
4. point your browser at samhain.cgi
You may need to rename samhain.cgi to samhain.php if you use
mod_php. Also, you will certainly need to edit the path to the
logfile in samhain.cgi.
CAVEAT: There is no built-in access restriction (use .htaccess to
password-protect the directory).
The XSL stylesheet is based on a contribution by Olivier Salaun.
samhain.spec: RPM spec file for building a vanilla single-host RPM
------------
Contributed by Andre Oliveira da Costa <brblueser@uol.com.br>
This is a spec file to produce a vanilla single-host samhain RPM
(no fancy options, standard directory layout :).
Accepted parameters for 'rpmbuild':
--with gpg - enables gpg support
--with tests - make tests before building
redhat_i386.client.spec: RPM spec file for building a RedHat client RPM
------------
Contributed by Philipp Stadler <philipp@stadler.priv.at>
Does not install documentation or local config file.
|