reorg ids: move ids recipes to recipes-ids

Signed-off-by: Armin Kuster <akuster808@gmail.com>

23 files changed, 1268 insertions, 0 deletions

diff --git a/recipes-ids/samhain/files/run-ptest b/recipes-ids/samhain/files/run-ptest
new file mode 100755
index 0000000..2a4a765
--- /dev/null
+++ b/recipes-ids/samhain/files/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+current_dir=$(dirname $(readlink -f $0))
+$current_dir/cutest
diff --git a/recipes-ids/samhain/files/samhain-add-LDFLAGS-variable-for-samhain_setpwd.patch b/recipes-ids/samhain/files/samhain-add-LDFLAGS-variable-for-samhain_setpwd.patch
new file mode 100644
index 0000000..088a938
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-add-LDFLAGS-variable-for-samhain_setpwd.patch
@@ -0,0 +1,28 @@
+From ae79606a6745dbbd429d1d4671dfe3045d735057 Mon Sep 17 00:00:00 2001
+From: Jackie Huang <jackie.huang@windriver.com>
+Date: Thu, 14 Sep 2017 13:26:55 +0800
+Subject: [PATCH] Add LDFLAGS variable for compiling samhain_setpwd
+
+Upstream-Status: Pending
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 01de987..49356cf 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -1128,7 +1128,7 @@ sh_tiger_i.o: $(srcsrc)/$(TIGER_SRC) Makefile config_xor.h
+ samhain_setpwd: encode config_xor.h $(srcsrc)/samhain_setpwd.c
+        @echo '$(COMPILE)  -o samhain_setpwd $(srcsrc)/samhain_setpwd.c'; \
+        ./encode $(XOR_CODE) $(srcsrc)/samhain_setpwd.c; \
+-       $(COMPILE)  -o samhain_setpwd x_samhain_setpwd.c; \
++       $(COMPILE) $(LDFLAGS) -o samhain_setpwd x_samhain_setpwd.c; \
+        rm x_samhain_setpwd.c
+ 
+ samhain_stealth: encode config_xor.h $(srcsrc)/samhain_stealth.c
+-- 
+2.11.0
+
diff --git a/recipes-ids/samhain/files/samhain-avoid-searching-host-for-postgresql.patch b/recipes-ids/samhain/files/samhain-avoid-searching-host-for-postgresql.patch
new file mode 100644
index 0000000..6bf67e0
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-avoid-searching-host-for-postgresql.patch
@@ -0,0 +1,134 @@
+From 3e2ca7e06b16ceff6d12beb5113312f6525df595 Mon Sep 17 00:00:00 2001
+From: Jackie Huang <jackie.huang@windriver.com>
+Date: Thu, 14 Sep 2017 11:02:12 +0800
+Subject: [PATCH] configure.ac: avoid searching host for postgresql
+
+Upstream-Status: Inappropriate [cross compile specific]
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ configure.ac | 101 +++--------------------------------------------------------
+ 1 file changed, 5 insertions(+), 96 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index a224c68..f658d53 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1278,90 +1278,11 @@ AC_ARG_WITH(database,
+           AC_DEFINE(WITH_POSTGRES)
+           AC_DEFINE(WITH_DATABASE)
+          #
+-         PGCONF="no"
+-         MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
+-         OLD_IFS="$IFS"
+-         IFS=":"
+-         for ff in ${MY_PATH}
+-         do
+-           if test -f "$ff/pg_config"
+-           then
+-               PGCONF="$ff/pg_config"
+-           fi
+-         done
+-         IFS="${OLD_IFS}"
+-         #
+-         #
+-         if test "x${PGCONF}" = "xno"
+-         then
+-           AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
+-           pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
+-           for i in $pgsql_directory; do 
+-             if test -r $i/include/pgsql/libpq-fe.h; then
+-                PGSQL_INC_DIR=$i/include
+-               PGSQL_DIR=$i
+-               # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
+-              fi
+-            done 
+-            if test -z "$PGSQL_DIR"; then
+-             for i in $pgsql_directory; do 
+-               if test -r $i/include/postgresql/libpq-fe.h; then
+-                  PGSQL_INC_DIR=$i/include
+-                 PGSQL_DIR=$i
+-                fi
+-              done
+-           fi
+-            if test -z "$PGSQL_DIR"; then
+-             for i in $pgsql_directory; do 
+-               if test -r $i/include/libpq-fe.h; then
+-                  PGSQL_INC_DIR=$i/include
+-                 PGSQL_DIR=$i
+-                fi
+-              done
+-           fi
+-           
+-            if test -z "$PGSQL_DIR"; then
+-              tmp=""
+-              for i in $pgsql_directory; do
+-                tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
+-              done
+-              FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
+-           fi
+-
+-           for i in lib lib/pgsql lib/postgresql; do
+-               str="$PGSQL_DIR/$i/libpq.*"
+-               for j in `echo $str`; do
+-                        if test -r $j; then
+-                          PGSQL_LIB_DIR="$PGSQL_DIR/$i"
+-                          break 2
+-                 fi
+-               done
+-           done
+-
+-           if test -z "$PGSQL_LIB_DIR"; then
+-             for ff in $pgsql_directory; do
+-               for i in lib lib/pgsql lib/postgresql; do
+-                 str="$ff/$i/libpq.*"
+-                 for j in `echo $str`; do
+-                           if test -r $j; then
+-                             PGSQL_LIB_DIR="$ff/$i"
+-                             break 3
+-                   fi
+-                 done
+-               done
+-              done
+-           fi
+-
+-           if test -z "$PGSQL_LIB_DIR"; then
+-              tmp=""
+-              for i in $pgsql_directory; do
+-                  tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
+-              done
+-              FAIL_MESSAGE("postgresql library libpq", $tmp)
+-            fi
+-
+-            AC_MSG_RESULT(yes)
+-
++         if test -z "${PGSQL_LIB_DIR}" ; then
++            FAIL_MESSAGE("PGSQL_LIB_DIR is not set!")
++         elif test -z "${PGSQL_INC_DIR}" ; then
++            FAIL_MESSAGE("PGSQL_INC_DIR is not set!")
++         else
+            LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
+            if test x"$enable_static" = xyes; then
+              LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
+@@ -1370,18 +1291,6 @@ AC_ARG_WITH(database,
+            fi
+            # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
+            CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
+-           AC_CHECK_HEADERS(pgsql/libpq-fe.h)
+-           AC_CHECK_HEADERS(postgresql/libpq-fe.h)
+-         else
+-           pg_lib_dir=`${PGCONF} --libdir`
+-           if test x"$enable_static" = xyes; then
+-             LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
+-            else
+-             LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
+-            fi
+-           pg_inc_dir=`${PGCONF} --includedir`
+-           # CFLAGS="$CFLAGS -I${pg_inc_dir}"
+-           CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
+          fi
+        elif test "x${withval}" = "xodbc"; then
+          AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
+-- 
+2.11.0
+
diff --git a/recipes-ids/samhain/files/samhain-client.default b/recipes-ids/samhain/files/samhain-client.default
new file mode 100644
index 0000000..9899577
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-client.default
@@ -0,0 +1,3 @@
+# Set this to "yes" to start the server, after you configure it, of
+# course.
+SAMHAIN_CLIENT_START="no"
\ No newline at end of file
diff --git a/recipes-ids/samhain/files/samhain-client.init b/recipes-ids/samhain/files/samhain-client.init
new file mode 100644
index 0000000..d5fabed
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-client.init
@@ -0,0 +1,122 @@
+#!/bin/bash
+# chkconfig: 2345 99 10
+# description: File Integrity Checking Daemon
+#
+# processname: samhain
+# config  : /etc/samhainrc
+# logfile : /var/log/samhain_log
+# database: /var/lib/samhain/samhain_file
+#
+
+NAME=samhain
+DAEMON=/usr/sbin/samhain
+RETVAL=0
+PIDFILE=/var/run/samhain.pid
+
+. /etc/default/rcS
+
+. /etc/default/samhain-client
+
+if [ "x$SAMHAIN_CLIENT_START" != "xyes" ]; then
+        echo "${0}: client disabled in /etc/default/samhain-client"
+        exit 0
+fi
+
+if [ -x $DAEMON ]; then
+        :
+else
+        echo "${0}: executable ${DAEMON} not found"
+        exit 1
+fi
+
+if [ ! -e /var/lib/samhain/samhain_file ]; then
+        echo "${0}: /var/lib/samhain/samhain_file does not exist.  You must"
+        echo "  run 'samhain -t init' before samhian-client can start."
+        exit 1
+fi
+
+samhain_done()
+{
+        if [ $RETVAL -eq 0 ]; then
+                echo "."
+        else
+                echo " failed."
+        fi
+}
+
+log_stat_msg () {
+case "$1" in
+        0)
+        echo "Service $NAME: Running";
+        ;;
+        1)
+        echo "Service $NAME: Stopped and /var/run pid file exists";
+        ;;
+        3)
+        echo "Service $NAME: Stopped";
+        ;;
+        *)
+        echo "Service $NAME: Status unknown";
+        ;;
+esac
+}
+
+case "$1" in
+  start)
+        #
+        # Remove a stale PID file, if found
+        #
+        if test -f ${PIDFILE}; then
+            /bin/rm -f ${PIDFILE}
+        fi
+        #
+        echo -n "Starting ${NAME}"
+        start-stop-daemon --start --quiet --exec $DAEMON
+        RETVAL=$?
+        samhain_done
+        ;;
+
+  stop)
+        echo -n "Stopping $NAME"
+        start-stop-daemon --stop --quiet --exec $DAEMON
+        RETVAL=$? 
+
+        #
+        # Remove a stale PID file, if found
+        #
+        if test -f ${PIDFILE}; then
+            /bin/rm -f ${PIDFILE}
+        fi
+        if test -S /var/run/${NAME}.sock; then
+            /bin/rm -f /var/run/${NAME}.sock
+        fi
+        samhain_done
+        ;;
+
+  restart)
+        $0 stop
+        sleep 3
+        $0 start
+        RETVAL=$?
+        ;;
+
+  reload|force-reload)
+        echo -n "Reloading $NAME configuration files"
+        start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON
+        RETVAL=$?
+        samhain_done
+        ;;
+
+  status)
+        $DAEMON status
+        RETVAL=$?
+        log_stat_msg ${RETVAL}
+        ;;
+
+  *)
+        echo "$0 usage: {start|stop|status|restart|reload}"
+        exit 1
+        ;;
+esac
+
+exit $RETVAL
diff --git a/recipes-ids/samhain/files/samhain-configure-add-option-for-ps.patch b/recipes-ids/samhain/files/samhain-configure-add-option-for-ps.patch
new file mode 100644
index 0000000..8de0735
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-configure-add-option-for-ps.patch
@@ -0,0 +1,108 @@
+From 02a143f0068cbc6cea71359169210fbb3606d4bb Mon Sep 17 00:00:00 2001
+From: Jackie Huang <jackie.huang@windriver.com>
+Date: Mon, 18 Jan 2016 00:24:57 -0500
+Subject: [PATCH] configure: add option for ps
+
+The configure searches hardcoded host paths for PSPATH
+and run ps commands to decide PSARG which will fail
+on host without ps:
+| configure: error: Cannot find ps in any of /usr/ucb /bin /usr/bin
+
+So add an option so we can specify the ps at configure
+to avoid host contamination.
+
+Upstream-Status: Inappropriate [cross compile specific]
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ aclocal.m4   |  2 +-
+ configure.ac | 60 ++++++++++--------------------------------------------------
+ 2 files changed, 11 insertions(+), 51 deletions(-)
+
+diff --git a/aclocal.m4 b/aclocal.m4
+index a2e59a6..cd20a2f 100644
+--- a/aclocal.m4
++++ b/aclocal.m4
+@@ -409,7 +409,7 @@ x_includes=NONE
+ x_libraries=NONE
+ DESTDIR=
+ SH_ENABLE_OPTS="selinux posix-acl asm ssp db-reload xml-log message-queue login-watch process-check port-check mounts-check logfile-monitor userfiles debug ptrace static network udp nocl stealth micro-stealth install-name identity khide suidcheck base largefile mail external-scripts encrypt srp dnmalloc ipv6 shellexpand suid"
+-SH_WITH_OPTS="prelude libprelude-prefix database libwrap cflags libs console altconsole timeserver alttimeserver rnd egd-socket port logserver altlogserver kcheck gpg keyid checksum fp recipient sender trusted tmp-dir config-file log-file pid-file state-dir data-file html-file"
++SH_WITH_OPTS="prelude libprelude-prefix database libwrap cflags libs console altconsole timeserver alttimeserver rnd egd-socket port logserver altlogserver kcheck gpg keyid checksum fp recipient sender trusted tmp-dir config-file log-file pid-file state-dir data-file html-file ps-path"
+ 
+ # Installation directory options.
+ # These are left unexpanded so users can "make install exec_prefix=/foo"
+diff --git a/configure.ac b/configure.ac
+index 5910b1f..8c3e087 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -730,56 +730,16 @@ then
+ fi
+ AC_CHECK_HEADERS(gmp.h)
+ 
+-AC_MSG_CHECKING([for ps])
+-PS=
+-for ff in /usr/ucb /bin /usr/bin; do
+-    if test -x "$ff/ps"; then
+-       PS="$ff/ps"
+-       AC_MSG_RESULT([$PS])
+-       break
+-    fi
+-done
+-if test x$PS = x
+-then
+-       AC_MSG_RESULT([no])
+-       AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
+-fi
+-AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
+-
+-AC_MSG_CHECKING([how to use ps])
+-$PS ax >/dev/null 2>&1
+-if test $? -eq 0; then
+-   case "$host_os" in
+-   *openbsd*)
+-   one=`$PS akx | wc -l`
+-   ;;
+-   *)
+-   one=`$PS ax | wc -l`
+-   ;;
+-   esac
+-else
+-   one=0
+-fi
+-$PS -e >/dev/null 2>&1
+-if test $? -eq 0; then
+-   two=`$PS -e | wc -l`
+-else
+-   two=0
+-fi
+-if test $one -ge $two 
+-then
+-   case "$host_os" in
+-   *openbsd*)
+-       PSARG="akx"
+-       ;;
+-   *)
+-       PSARG="ax"
+-       ;;
+-   esac
+-else
+-       PSARG="-e"
+-fi
+-AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
++AC_ARG_WITH(ps-path,
++       [  --with-ps-path=PATH         set path to ps command ],
++       [
++       if test "x${withval}" != xno; then
++               pspath="${withval}"
++               AC_DEFINE_UNQUOTED([PSPATH], _("${pspath}"), [Path to ps])
++               AC_DEFINE_UNQUOTED([PSARG], _("ax"), [Argument for ps])
++       fi
++       ])
++
+ AC_MSG_RESULT([$PS $PSARG])
+ 
+ dnl *****************************************
+-- 
+1.9.1
+
diff --git a/recipes-ids/samhain/files/samhain-cross-compile.patch b/recipes-ids/samhain/files/samhain-cross-compile.patch
new file mode 100644
index 0000000..7f80a5c
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-cross-compile.patch
@@ -0,0 +1,51 @@
+From f63908427b2adb1792c59edbe38618e14ef5bc7b Mon Sep 17 00:00:00 2001
+From: Jackie Huang <jackie.huang@windriver.com>
+Date: Fri, 15 Jan 2016 00:48:58 -0500
+Subject: [PATCH] Enable obfuscating binaries natively.
+
+Enable obfuscating binaries natively.
+
+The samhain build process involves an obfuscation step that attempts to
+defeat decompilation or other binary analysis techniques which might reveal
+secret information that should be known only to the system administrator.
+The obfuscation step builds several applications which run on the build host
+and then generate target code, which is then built into target binaries.
+
+This patch creates a basic infrastructure that supports building the
+obfuscation binaries natively then cross-compiling the target code by adding
+a special configure option.  In the absence of this option the old behaviour
+is preserved.
+
+Upstream-Status: Inappropriate [cross compile specific]
+    
+Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ Makefile.in | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 684e92b..fb090e2 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -54,7 +54,7 @@ selectconfig = @selectconfig@
+ top_builddir = .
+ 
+ INSTALL = @INSTALL@
+-INSTALL_PROGRAM = @INSTALL@ -s -m 700
++INSTALL_PROGRAM = @INSTALL@ -m 700
+ INSTALL_SHELL = @INSTALL@ -m 700
+ INSTALL_DATA = @INSTALL@ -m 600
+ INSTALL_MAN = @INSTALL@ -m 644
+@@ -525,8 +525,6 @@ install-program: $(PROGRAMS) sstrip
+              echo " $(INSTALL_PROGRAM) $$p $$target"; \
+              $(INSTALL_PROGRAM) $$p $$target; \
+              chmod 0700 $$target; \
+-             echo " ./sstrip $$target"; \
+-             ./sstrip $$target; \
+            else \
+              echo " $(INSTALL_SHELL) $$p $$target"; \
+              $(INSTALL_SHELL) $$p $$target; \
+-- 
+1.9.1
+
diff --git a/recipes-ids/samhain/files/samhain-mips64-aarch64-dnmalloc-hash-fix.patch b/recipes-ids/samhain/files/samhain-mips64-aarch64-dnmalloc-hash-fix.patch
new file mode 100644
index 0000000..0608660
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-mips64-aarch64-dnmalloc-hash-fix.patch
@@ -0,0 +1,44 @@
+commit 0f6bdc219e598de08a3f37887efa5dfa50e2b996
+Author: Aws Ismail <aws.ismail@windriver.com>
+Date:   Fri Jun 22 15:47:08 2012 -0400
+
+Hash fix for MIPS64 and AARCH64
+    
+Samhain uses the addresses of local variables in generating hash
+values.  The hashing function is designed only for 32-bit values.
+For MIPS64 when a 64-bit address is passed in the resulting hash
+exceeds the limits of the underlying mechanism and samhain
+ultimately fails.  The solution is to simply take the lower 
+32-bits of the address and use that in generating hash values.
+    
+Signed-off-by: Greg Moffatt <greg.moffatt@windriver.com>
+
+Upstream-Status: Pending
+    
+Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+
+diff --git a/src/dnmalloc.c b/src/dnmalloc.c
+index da9a5c5..fc91400 100644
+--- a/src/dnmalloc.c
++++ b/src/dnmalloc.c
+@@ -2703,11 +2703,19 @@ static void freecilst_add(chunkinfoptr p) {
+ }
+ 
+ /* Calculate the hash table entry for a chunk */
++#if defined(CONFIG_ARCH_MIPS64) || defined(CONFIG_ARCH_AARCH64)
++#ifdef STARTHEAP_IS_ZERO
++#define hash(p)  ((((unsigned long) p) & 0x7fffffff) >> 7)
++#else
++#define hash(p)  ((((unsigned long) p - (unsigned long) startheap) & 0x7fffffff) >> 7)
++#endif
++#else
+ #ifdef STARTHEAP_IS_ZERO
+ #define hash(p)  (((unsigned long) p) >> 7)
+ #else
+ #define hash(p)  (((unsigned long) p - (unsigned long) startheap) >> 7)
+ #endif
++#endif /* CONFIG_ARCH_MIPS64 */ 
+ 
+ static void
+ hashtable_add (chunkinfoptr ci)
diff --git a/recipes-ids/samhain/files/samhain-not-run-ptest-on-host.patch b/recipes-ids/samhain/files/samhain-not-run-ptest-on-host.patch
new file mode 100644
index 0000000..5284313
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-not-run-ptest-on-host.patch
@@ -0,0 +1,24 @@
+not run test on host, since we are doing cross-compile
+
+Upstream-status: Inappropriate [cross compile specific]
+
+Signed-off-by: Roy Li <rongqing.li@windriver.com>
+---
+ Makefile.in |    1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index e1b32a8..74bfdc9 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -1234,7 +1234,6 @@ intcutest: internal.h $(OBJECTS) $(CUTEST_OBJECTS) sh_tiger_i.o $(srcsrc)/CuTest
+        rm x_samhain.c; \
+        $(LINK) sh_tiger_i.o $(CUTEST_OBJECTS) CuTestMain.o CuTest.o $(OBJECTS) $(LIBS_TRY); \
+        test -f ./intcutest && mv ./intcutest ./cutest; \
+-       ./cutest
+ 
+ runcutest:
+        gdb ./cutest
+-- 
+1.7.10.4
+
diff --git a/recipes-ids/samhain/files/samhain-pid-path.patch b/recipes-ids/samhain/files/samhain-pid-path.patch
new file mode 100644
index 0000000..592bd16
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-pid-path.patch
@@ -0,0 +1,27 @@
+commit a932b03b65edeb02ccad2fce06bfa68a8f2fbb04
+Author: Aws Ismail <aws.ismail@windriver.com>
+Date:   Thu Jan 10 16:29:05 2013 -0500
+
+    Set the PID Lock path for samhain.pid
+    
+    The explicit path for samhain.pid inorder
+    for samhain to work properly after it initial
+    database build.
+    
+    Upstream-Status: Inappropriate [configuration]
+
+    Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
+
+diff --git a/samhainrc.linux b/samhainrc.linux
+index 10a8176..a7b06e6 100644
+--- a/samhainrc.linux
++++ b/samhainrc.linux
+@@ -639,7 +639,7 @@ SetFileCheckTime = 86400
+ 
+ ## Path to the PID file
+ #
+-# SetLockfilePath = (default: compiled-in)
++SetLockfilePath = /run/samhain.pid
+ 
+ 
+ ## The digest/checksum/hash algorithm
diff --git a/recipes-ids/samhain/files/samhain-samhainrc-fix-files-dirs-path.patch b/recipes-ids/samhain/files/samhain-samhainrc-fix-files-dirs-path.patch
new file mode 100644
index 0000000..dad6b15
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-samhainrc-fix-files-dirs-path.patch
@@ -0,0 +1,61 @@
+From 00fb527e45da42550156197647e01de9a6b1ad52 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan@windriver.com>
+Date: Mon, 3 Mar 2014 01:50:01 -0500
+Subject: [PATCH] fix real path for some files/dirs
+
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
+---
+ samhainrc.linux |   15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/samhainrc.linux b/samhainrc.linux
+index e9727b4..7775d83 100644
+--- a/samhainrc.linux
++++ b/samhainrc.linux
+@@ -93,7 +93,6 @@ dir = 99/etc
+ ##
+ file = /etc/mtab
+ file = /etc/fstab
+-file = /etc/adjtime
+ file = /etc/motd
+ file = /etc/lvm/lvm.conf
+ 
+@@ -153,11 +152,11 @@ dir = 99/var
+ 
+ [IgnoreAll]
+ dir = -1/var/cache
+-dir = -1/var/lock
+-dir = -1/var/mail
+-dir = -1/var/run
++dir = -1/run/lock
++dir = -1/var/spool/mail
++dir = -1/run
+ dir = -1/var/spool
+-dir = -1/var/tmp
++dir = -1/var/volatile/tmp
+ 
+ 
+ [Attributes]
+@@ -167,7 +166,7 @@ dir = -1/var/tmp
+ file = /var/lib/rpm/__db.00?
+ 
+ file = /var/lib/logrotate.status
+-file = /var/lib/random-seed
++file = /var/lib/urandom/random-seed
+ 
+ 
+ [GrowingLogFiles]
+@@ -176,7 +175,7 @@ file = /var/lib/random-seed
+ ## are ignored. Logfile rotation will cause a report because of shrinking
+ ## size and different inode. 
+ ##
+-dir = 99/var/log
++dir = 99/var/volatile/log
+ 
+ [Attributes]
+ #
+-- 
+1.7.9.5
+
diff --git a/recipes-ids/samhain/files/samhain-samhainrc.patch b/recipes-ids/samhain/files/samhain-samhainrc.patch
new file mode 100644
index 0000000..145700a
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-samhainrc.patch
@@ -0,0 +1,158 @@
+commit 4c6658441eb3ffc4e51ed70f78cbdab046957580
+Author: Aws Ismail <aws.ismail@windriver.com>
+Date:   Fri Jun 22 16:38:20 2012 -0400
+
+Make samhainrc OE-friendly.
+
+Patch the samhainrc that will be installed 
+as part of the 'make install' step to more
+accurately reflect what will be found, and
+what will be of concern, on a OE install.
+    
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
+
+diff --git a/samhainrc.linux b/samhainrc.linux
+index 9bc5ca4..10a8176 100644
+--- a/samhainrc.linux
++++ b/samhainrc.linux
+@@ -74,7 +74,6 @@ dir = 0/
+ [Attributes]
+ file = /tmp
+ file = /dev
+-file = /media
+ file = /proc
+ file = /sys
+ 
+@@ -93,19 +92,10 @@ dir = 99/etc
+ ## check permission and ownership
+ ##
+ file = /etc/mtab
++file = /etc/fstab
+ file = /etc/adjtime
+ file = /etc/motd
+-file = /etc/lvm/.cache
+-
+-# On Ubuntu, these are in /var/lib rather than /etc
+-file = /etc/cups/certs
+-file = /etc/cups/certs/0
+-
+-# managed by fstab-sync on Fedora Core
+-file = /etc/fstab
+-
+-# modified when booting 
+-file = /etc/sysconfig/hwconf
++file = /etc/lvm/lvm.conf
+ 
+ # There are files in /etc that might change, thus changing the directory
+ # timestamps. Put it here as 'file', and in the ReadOnly section as 'dir'.
+@@ -147,10 +137,6 @@ dir = 99/dev
+ ##
+ dir = -1/dev/pts
+ 
+-# dir = -1/dev/.udevdb
+-
+-file = /dev/ppp
+-
+ #
+ # --------- /usr -----------
+ #
+@@ -167,50 +153,21 @@ dir = 99/var
+ 
+ [IgnoreAll]
+ dir = -1/var/cache
+-dir = -1/var/backups
+-dir = -1/var/games
+-dir = -1/var/gdm
+ dir = -1/var/lock
+ dir = -1/var/mail
+ dir = -1/var/run
+ dir = -1/var/spool
+ dir = -1/var/tmp
+-dir = -1/var/lib/texmf
+-dir = -1/var/lib/scrollkeeper
+ 
+ 
+ [Attributes]
+ 
+-dir = /var/lib/nfs
+-dir = /var/lib/pcmcia
+-
+ # /var/lib/rpm changes if packets are installed;
+ # /var/lib/rpm/__db.00[123] even more frequently
+ file = /var/lib/rpm/__db.00?
+ 
+-file = /var/lib/acpi-support/vbestate
+-file = /var/lib/alsa/asound.state
+-file = /var/lib/apt/lists/lock
+-file = /var/lib/apt/lists/partial
+-file = /var/lib/cups/certs
+-file = /var/lib/cups/certs/0
+-file = /var/lib/dpkg/lock
+-file = /var/lib/gdm
+-file = /var/lib/gdm/.cookie
+-file = /var/lib/gdm/.gdmfifo
+-file = /var/lib/gdm/:0.Xauth
+-file = /var/lib/gdm/:0.Xservers
+-file = /var/lib/logrotate/status
+-file = /var/lib/mysql
+-file = /var/lib/mysql/ib_logfile0
+-file = /var/lib/mysql/ibdata1
+-file = /var/lib/slocate
+-file = /var/lib/slocate/slocate.db
+-file = /var/lib/slocate/slocate.db.tmp
+-file = /var/lib/urandom
+-file = /var/lib/urandom/random-seed
++file = /var/lib/logrotate.status
+ file = /var/lib/random-seed
+-file = /var/lib/xkb
+ 
+ 
+ [GrowingLogFiles]
+@@ -325,7 +282,7 @@ IgnoreMissing = /var/lib/slocate/slocate.db.tmp
+ 
+ ## Console
+ ##
+-# PrintSeverity=info
++PrintSeverity=warn
+ 
+ ## Logfile
+ ##
+@@ -333,7 +290,7 @@ IgnoreMissing = /var/lib/slocate/slocate.db.tmp
+ 
+ ## Syslog
+ ##
+-# SyslogSeverity=none
++SyslogSeverity=info
+ 
+ ## Remote server (yule)
+ ##
+@@ -556,7 +513,8 @@ ChecksumTest=check
+ ## and I/O limit (kilobytes per second; 0 == off)
+ ## to reduce load on host.
+ #
+-# SetNiceLevel = 0
++# By default we configure samhain to be nice with everything else on the system
++SetNiceLevel = 10
+ # SetIOLimit = 0
+ 
+ ## The version string to embed in file signature databases
+@@ -565,13 +523,14 @@ ChecksumTest=check
+ 
+ ## Interval between time stamp messages
+ #
+-# SetLoopTime = 60
+-SetLoopTime = 600
++# Log a timestamp every hour
++SetLoopTime = 3600
+ 
+ ## Interval between file checks 
+ #
+ # SetFileCheckTime = 600
+-SetFileCheckTime = 7200
++# One file system check per day
++SetFileCheckTime = 86400
+ 
+ ## Alternative: crontab-like schedule
+ #
diff --git a/recipes-ids/samhain/files/samhain-server-volatiles b/recipes-ids/samhain/files/samhain-server-volatiles
new file mode 100644
index 0000000..6b80709
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-server-volatiles
@@ -0,0 +1 @@
+d daemon daemon 0775 /var/log/yule none
diff --git a/recipes-ids/samhain/files/samhain-server.default b/recipes-ids/samhain/files/samhain-server.default
new file mode 100644
index 0000000..bc3d67c
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-server.default
@@ -0,0 +1,3 @@
+# Set this to "yes" to start the server, after you configure it, of
+# course.
+SAMHAIN_SERVER_START="no"
\ No newline at end of file
diff --git a/recipes-ids/samhain/files/samhain-server.init b/recipes-ids/samhain/files/samhain-server.init
new file mode 100644
index 0000000..c456e51
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-server.init
@@ -0,0 +1,116 @@
+#!/bin/bash
+# chkconfig: 2345 98 11
+# description: File Integrity Checking Daemon
+#
+# processname: yule
+# config  : /etc/yulerc
+# logfile : /var/log/yule/yule_log
+# database: /var/lib/yule/yule_file
+#
+
+NAME=yule
+DAEMON=/usr/sbin/yule
+RETVAL=0
+PIDFILE=/var/run/yule.pid
+
+. /etc/default/rcS
+
+. /etc/default/samhain-server
+
+if [ "x$SAMHAIN_SERVER_START" != "xyes" ]; then
+        echo "${0}: server disabled in /etc/default/samhain-server"
+        exit 0
+fi
+
+if [ -x $DAEMON ]; then
+        :
+else
+        echo "${0}: executable ${DAEMON} not found"
+        exit 1
+fi
+
+samhain_done()
+{
+        if [ $RETVAL -eq 0 ]; then
+                echo "."
+        else
+                echo " failed."
+        fi
+}
+
+log_stat_msg () {
+case "$1" in
+        0)
+        echo "Service $NAME: Running";
+        ;;
+        1)
+        echo "Service $NAME: Stopped and /var/run pid file exists";
+        ;;
+        3)
+        echo "Service $NAME: Stopped";
+        ;;
+        *)
+        echo "Service $NAME: Status unknown";
+        ;;
+esac
+}
+
+case "$1" in
+  start)
+        #
+        # Remove a stale PID file, if found
+        #
+        if test -f ${PIDFILE}; then
+            /bin/rm -f ${PIDFILE}
+        fi
+        #
+        echo -n "Starting ${NAME}"
+        start-stop-daemon --start --quiet --exec $DAEMON
+        RETVAL=$?
+        samhain_done
+        ;;
+
+  stop)
+        echo -n "Stopping $NAME"
+        start-stop-daemon --stop --quiet --exec $DAEMON
+        RETVAL=$? 
+
+        #
+        # Remove a stale PID file, if found
+        #
+        if test -f ${PIDFILE}; then
+            /bin/rm -f ${PIDFILE}
+        fi
+        if test -S /var/run/${NAME}.sock; then
+            /bin/rm -f /var/run/${NAME}.sock
+        fi
+        samhain_done
+        ;;
+
+  restart)
+        $0 stop
+        sleep 3
+        $0 start
+        RETVAL=$?
+        ;;
+
+  reload|force-reload)
+        echo -n "Reloading $NAME configuration files"
+        start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON
+        RETVAL=$?
+        samhain_done
+        ;;
+
+  status)
+        $DAEMON status
+        RETVAL=$?
+        log_stat_msg ${RETVAL}
+        ;;
+
+  *)
+        echo "$0 usage: {start|stop|status|restart|reload}"
+        exit 1
+        ;;
+esac
+
+exit $RETVAL
diff --git a/recipes-ids/samhain/files/samhain-sha256-big-endian.patch b/recipes-ids/samhain/files/samhain-sha256-big-endian.patch
new file mode 100644
index 0000000..3065c73
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-sha256-big-endian.patch
@@ -0,0 +1,22 @@
+samhain: fix sha256 for big-endian machines
+
+After computing the digest, big-endian machines would
+memset() the digest to the first byte of state instead
+of using memcpy() to transfer it.
+
+Upstream-Status: Pending
+
+Signed-off-by: Joe Slater <jslater@windriver.com>
+
+
+--- a/src/sh_checksum.c
++++ b/src/sh_checksum.c
+@@ -468,7 +468,7 @@ void SHA256_Final(sha2_byte digest[], SH
+       }
+     }
+ #else
+-    memset(d, context->state, SHA256_DIGEST_LENGTH);
++    memcpy(d, context->state, SHA256_DIGEST_LENGTH);
+     /* bcopy(context->state, d, SHA256_DIGEST_LENGTH); */
+ #endif
+   }
diff --git a/recipes-ids/samhain/files/samhain-standalone.default b/recipes-ids/samhain/files/samhain-standalone.default
new file mode 100644
index 0000000..507a59f
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-standalone.default
@@ -0,0 +1,3 @@
+# Set this to "yes" to start the server, after you configure it, of
+# course.
+SAMHAIN_STANDALONE_START="no"
diff --git a/recipes-ids/samhain/files/samhain-standalone.init b/recipes-ids/samhain/files/samhain-standalone.init
new file mode 100644
index 0000000..2f23bff
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain-standalone.init
@@ -0,0 +1,123 @@
+#!/bin/sh
+# chkconfig: 2345 99 10
+# description: File Integrity Checking Daemon
+#
+# processname: samhain
+# config  : /etc/samhainrc
+# logfile : /var/log/samhain_log
+# database: /var/lib/samhain/samhain_file
+#
+
+NAME=samhain
+DAEMON=/usr/sbin/samhain
+RETVAL=0
+VERBOSE=yes
+PIDFILE=/var/run/samhain.pid
+
+. /etc/default/samhain-standalone
+
+if [ "x$SAMHAIN_STANDALONE_START" != "xyes" ]; then
+        echo "${0}: samhain disabled in /etc/default/samhain-standalone"
+        exit 0
+fi
+
+if [ -x $DAEMON ]; then
+        :
+else
+        echo "${0}: executable ${DAEMON} not found"
+        exit 1
+fi
+
+if [ ! -e /var/lib/samhain/samhain_file ]; then
+        echo "${0}: /var/lib/samhain/samhain_file does not exist.  You must"
+        echo "  run 'samhain -t init' before samhian can start."
+        exit 1
+fi
+
+samhain_done()
+{
+        if [ $RETVAL -eq 0 ]; then
+                echo "."
+        else
+                echo " failed."
+        fi
+}
+
+log_stat_msg () {
+case "$1" in
+        0)
+        echo "Service $NAME: Running";
+        ;;
+        1)
+        echo "Service $NAME: Stopped and /var/run pid file exists";
+        ;;
+        3)
+        echo "Service $NAME: Stopped";
+        ;;
+        *)
+        echo "Service $NAME: Status unknown";
+        ;;
+esac
+}
+
+case "$1" in
+  start)
+        #
+        # Remove a stale PID file, if found
+        #
+        if test -f ${PIDFILE}; then
+            /bin/rm -f ${PIDFILE}
+        fi
+
+        echo -n "Starting ${NAME}"
+        start-stop-daemon --start --quiet --exec $DAEMON
+        RETVAL=$?
+        samhain_done
+        exit $RETVAL
+        ;;
+  stop)
+        echo -n "Stopping $NAME"
+        start-stop-daemon --stop --quiet --exec $DAEMON
+        RETVAL=$?
+        samhain_done
+        #
+        # Remove a stale PID file, if found
+        #
+        if test -f ${PIDFILE}; then
+            /bin/rm -f ${PIDFILE}
+        fi
+        if test -S /var/run/${NAME}.sock; then
+            /bin/rm -f /var/run/${NAME}.sock
+        fi
+        ;;
+
+  restart)
+        $0 stop
+        sleep 3
+        $0 start
+        RETVAL=$?
+        ;;
+
+  reload|force-reload)
+        echo -n "Reloading $NAME configuration files"
+        start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON
+    RETVAL=$?
+        samhain_done
+    ;;
+
+  status)
+        if pidof -o %PPID $DAEMON > /dev/null; then
+            echo "Samhain running"
+            RETVAL=0
+        else
+            echo "Samhain not running"
+            RETVAL=1
+        fi
+        ;;
+  *)
+        echo "$0 usage: {start|stop|status|restart|reload}"
+        exit 1
+        ;;
+esac
+
+exit $RETVAL
diff --git a/recipes-ids/samhain/files/samhain.service b/recipes-ids/samhain/files/samhain.service
new file mode 100644
index 0000000..e4f216a
--- /dev/null
+++ b/recipes-ids/samhain/files/samhain.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Samhain @MODE_NAME@ Daemon
+After=syslog.target network.target
+
+[Service]
+Type=forking
+RemainAfterExit=yes
+ExecStart=@LIBDIR@/@SAMHAIN_HELPER@ start
+ExecStop=@LIBDIR@/@SAMHAIN_HELPER@ stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/recipes-ids/samhain/samhain-client_4.3.2.bb b/recipes-ids/samhain/samhain-client_4.3.2.bb
new file mode 100644
index 0000000..812408e
--- /dev/null
+++ b/recipes-ids/samhain/samhain-client_4.3.2.bb
@@ -0,0 +1,11 @@
+INITSCRIPT_PARAMS = "defaults 15 85"
+
+require samhain.inc
+
+# Let the default Logserver be 127.0.0.1
+EXTRA_OECONF += " \
+        --with-logserver=${SAMHAIN_SERVER} \
+        --with-port=${SAMHAIN_PORT} \
+        "
+
+RDEPENDS_${PN} = "acl zlib attr bash"
diff --git a/recipes-ids/samhain/samhain-server_4.3.2.bb b/recipes-ids/samhain/samhain-server_4.3.2.bb
new file mode 100644
index 0000000..9341d44
--- /dev/null
+++ b/recipes-ids/samhain/samhain-server_4.3.2.bb
@@ -0,0 +1,20 @@
+INITSCRIPT_PARAMS = "defaults 14 86"
+
+require samhain.inc
+
+DEPENDS = "gmp"
+
+SRC_URI += "file://samhain-server-volatiles"
+
+TARGET_CC_ARCH += "${LDFLAGS}"
+
+do_install_append() {
+    install -d ${D}${sysconfdir}/default/volatiles
+    install -m 0644 ${WORKDIR}/samhain-server-volatiles \
+        ${D}${sysconfdir}/default/volatiles/samhain-server
+
+    install -m 700 samhain-install.sh init/samhain.startLinux \
+        init/samhain.startLSB ${D}/var/lib/samhain
+}
+
+RDEPENDS_${PN} += "gmp bash perl"
diff --git a/recipes-ids/samhain/samhain-standalone_4.3.2.bb b/recipes-ids/samhain/samhain-standalone_4.3.2.bb
new file mode 100644
index 0000000..4fed9e9
--- /dev/null
+++ b/recipes-ids/samhain/samhain-standalone_4.3.2.bb
@@ -0,0 +1,31 @@
+require samhain.inc
+
+SRC_URI += "file://samhain-not-run-ptest-on-host.patch \
+            file://run-ptest \
+"
+
+PROVIDES += "samhain"
+
+SYSTEMD_SERVICE_${PN} = "samhain.service"
+
+inherit ptest
+
+do_compile() {
+        if [ "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'yes', 'no', d)}" = "yes" ]; then
+                oe_runmake cutest
+                rm -f ${S}*.o config_xor.h internal.h
+        fi
+        oe_runmake "$@"
+}
+
+do_install_append() {
+    ln -sf ${INITSCRIPT_NAME} ${D}${sysconfdir}/init.d/samhain
+}
+
+do_install_ptest() {
+        mkdir -p ${D}${PTEST_PATH}
+        install ${S}/cutest ${D}${PTEST_PATH}
+}
+
+RPROVIDES_${PN} += "samhain"
+RCONFLICTS_${PN} = "samhain-client samhain-server"
diff --git a/recipes-ids/samhain/samhain.inc b/recipes-ids/samhain/samhain.inc
new file mode 100644
index 0000000..1b9af39
--- /dev/null
+++ b/recipes-ids/samhain/samhain.inc
@@ -0,0 +1,163 @@
+DESCRIPTION = "Provides file integrity checking and log file monitoring/analysis"
+HOMEPAGE    = "http://www.la-samhna.de/samhain/"
+LICENSE     = "GPLv2"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b"
+
+
+SRC_URI = "http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz \
+           file://samhain-cross-compile.patch \
+           file://samhain-mips64-aarch64-dnmalloc-hash-fix.patch \
+           file://samhain-samhainrc.patch \
+           file://samhain-samhainrc-fix-files-dirs-path.patch \
+           file://samhain-pid-path.patch \
+           file://samhain-sha256-big-endian.patch \
+           file://samhain-configure-add-option-for-ps.patch \
+           file://samhain-avoid-searching-host-for-postgresql.patch \
+           file://samhain-add-LDFLAGS-variable-for-samhain_setpwd.patch \
+           file://${INITSCRIPT_NAME}.init \
+           file://${INITSCRIPT_NAME}.default \
+           file://samhain.service \
+           "
+
+SRC_URI[md5sum] = "eae4674164d7c78f5bb39c72b7029c8b"
+SRC_URI[sha256sum] = "0582864ef56ab796031e8e611ed66c48adeb3a30ec34e1a8d0088572442035fc"
+
+UPSTREAM_CHECK_URI = "https://www.la-samhna.de/samhain/archive.html"
+UPSTREAM_CHECK_REGEX = "samhain_signed-(?P<pver>(\d+(\.\d+)+))\.tar"
+
+S = "${WORKDIR}/samhain-${PV}"
+
+inherit autotools-brokensep update-rc.d pkgconfig systemd
+
+SAMHAIN_PORT ??= "49777"
+SAMHAIN_SERVER ??= "NULL"
+
+INITSCRIPT_NAME = "${BPN}"
+INITSCRIPT_PARAMS ?= "defaults"
+
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE_${PN} = "${INITSCRIPT_NAME}.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
+# mode mapping:
+# BPN                MODE_NAME   SAMHAIN_MODE
+# samhain-standalone standalone  no
+# samhain-client     client      client
+# samhain-server     server      server
+MODE_NAME = "${@d.getVar('BPN').split('-')[1]}"
+SAMHAIN_MODE = "${@oe.utils.ifelse(d.getVar('MODE_NAME') == 'standalone', 'no', '${MODE_NAME}')}"
+
+# supports mysql|postgresql|oracle|odbc but postgresql is the only one available
+
+PACKAGECONFIG ??= "postgresql ps \
+    ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \
+    ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit', '', d)} \
+    ${@bb.utils.contains('DISTRO_FEATURES', 'acl', 'acl', '', d)} \
+"
+
+PACKAGECONFIG[postgresql]  = "--with-database=postgresql --enable-xml-log PGSQL_INC_DIR=${STAGING_INCDIR} PGSQL_LIB_DIR=${STAGING_LIBDIR}, , postgresql"
+PACKAGECONFIG[suidcheck]  = "--enable-suidcheck, , "
+PACKAGECONFIG[logwatch]  = "--enable-login-watch, , "
+PACKAGECONFIG[mounts]  = "--enable-mounts-check, , "
+PACKAGECONFIG[userfiles]  = "--enable-userfiles, , "
+PACKAGECONFIG[ipv6]  = "--enable-ipv6,--disable-ipv6,"
+PACKAGECONFIG[selinux] = "--enable-selinux, --disable-selinux, libselinux attr"
+PACKAGECONFIG[acl] = " --enable-posix-acl , --disable-posix-acl, acl"
+PACKAGECONFIG[audit] = "ac_cv_header_auparse_h=yes,ac_cv_header_auparse_h=no,audit"
+PACKAGECONFIG[ps] = "--with-ps-path=${base_bindir}/ps,,,procps"
+
+do_unpack_samhain() {
+    cd ${WORKDIR}
+    tar -xzvf samhain-${PV}.tar.gz
+}
+
+python do_unpack_append() {
+    bb.build.exec_func('do_unpack_samhain', d)
+}
+
+do_configure_prepend_arm() {
+    export sh_cv___va_copy=yes
+}
+
+do_configure_prepend_aarch64() {
+    export sh_cv___va_copy=yes
+}
+
+# If we use oe_runconf in do_configure() it will by default
+# use the prefix --oldincludedir=/usr/include which is not
+# recognized by Samhain's configure script and would invariably
+# throw back the error "unrecognized option: --oldincludedir=/usr/include"
+do_configure_prepend () {
+    cat << EOF > ${S}/config-site.${BP}
+ssp_cv_lib=no
+sh_cv_va_copy=yes
+EOF
+    export CONFIG_SITE=${S}/config-site.${BP}
+}
+
+do_configure () {
+        autoconf -f
+        ./configure \
+        --build=${BUILD_SYS} \
+        --host=${HOST_SYS} \
+        --target=${TARGET_SYS} \
+        --prefix=${prefix} \
+        --exec_prefix=${exec_prefix} \
+        --bindir=${bindir} \
+        --sbindir=${sbindir} \
+        --libexecdir=${libexecdir} \
+        --datadir=${datadir} \
+        --sysconfdir=${sysconfdir} \
+        --sharedstatedir=${sharedstatedir} \
+        --localstatedir=${localstatedir} \
+        --libdir=${libdir} \
+        --includedir=${includedir} \
+        --infodir=${infodir} \
+        --mandir=${mandir} \
+        --enable-network=${SAMHAIN_MODE} \
+        --with-pid-file=${localstatedir}/run/samhain.pid \
+        --with-data-file=${localstatedir}/lib/samhain/samhain_file \
+        --disable-dnmalloc \
+        ${EXTRA_OECONF}
+}
+
+do_compile_prepend_libc-musl () {
+        sed -i 's/^#define HAVE_MALLOC_H.*//' ${B}/config.h
+}
+
+# Install the init script, it's default file, and the extraneous
+# documentation.
+do_install_append () {
+        oe_runmake install DESTDIR='${D}' INSTALL=install-boot
+
+        install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.init \
+                ${D}${sysconfdir}/init.d/${INITSCRIPT_NAME}
+
+        install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.default \
+                ${D}${sysconfdir}/default/${INITSCRIPT_NAME}
+
+        if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+                if [ "${SAMHAIN_MODE}" = "no" ]; then
+                    install -D -m 0644 ${WORKDIR}/samhain.service ${D}/${systemd_system_unitdir}/samhain.service
+                else
+                    install -D -m 0644 ${WORKDIR}/samhain.service ${D}/${systemd_system_unitdir}/${BPN}.service
+                fi
+                install -D -m 0755 ${WORKDIR}/${BPN}.init ${D}/${libexecdir}/${BPN}
+                sed -i -e 's,@LIBDIR@,${libexecdir},' \
+                       -e 's,@SAMHAIN_HELPER@,${BPN},' \
+                       -e 's,@MODE_NAME@,${MODE_NAME},' \
+                       ${D}${systemd_system_unitdir}/samhain*.service
+    fi
+
+        install -d ${D}${docdir}/${BPN}
+        cp -r docs/* ${D}${docdir}/${BPN}
+        cp -r scripts ${D}${docdir}/${BPN}
+        install -d -m 755 ${D}${localstatedir}/samhain
+
+        # Prevent QA warnings about installed ${localstatedir}/run
+        if [ -d ${D}${localstatedir}/run ]; then
+                rmdir ${D}${localstatedir}/run
+        fi
+}
+
+FILES_${PN} += "${systemd_system_unitdir}"