This is the README file for the free Beltane distribution.
Public domain.

BELTANE
=======

BELTANE is a package for central management of the samhain file 
integrity / intrusion detection system. To fully benefit from this package,
you need to use SAMHAIN in client/server configuration, with file signature 
databases and configuration files on the central server, and with logging
to a MySQL/PostgreSQL server enabled. 

This package is for Beltane v1, distributed under the GPL, from
http://savannah.nongnu.org/projects/freebeltane.
Beltane v2 is not free, and all the Beltane web pages refer prominently
to v2, so the FSF is supporting this alternative distribution.

The original developers are making only occasional bug fixes to Beltane v1 
(not surprisingly).  If you would like to maintain this free Beltane more
actively, please mail karl@gnu.org.  (I have merely created the project
and checked in the sources from Beltane 1.0.7, at rms' request.  I can't
do any actual maintenance myself.  Oh, I did rename Changelog to ChangeLog :)

If an active maintainer is found, perhaps the package should be renamed,
to, say, "Mayday".


The main components are:

A) beltane_update
=================

This is a small C program that can read the file signature database of the
samhain daemon, and/or update/insert/remove a record for a file as specified 
on the command line. This program will be called from the WWW interface when 
you acknowledge a file change reported by a SAMHAIN client, and will update
the file signature database for this client according to the details of
the received file change report. 

In addition, beltane_update will write (append) to a log file the
timestamp, the current command line, and a 'reverse' command that will
undo the current action, in the format:

	#
	# timestamp
	# command line
	reverse command

Thus to undo all changes, you can use a command like:

	$ tac LOGFILE | /bin/sh 

(tac(1) - write file(s) to standard output, last line first). 

The name of the log file is 'FILE_SIGNATURE_DB.log', i.e. '.log' appended
to the name of the file signature database.

A backup file 'FILE_SIGNATURE_DB.bak' will be written storing the state before
the last update/insert/remove action.

Basic options
-------------

  -h                   help
  -v                   verbose
  -d DATABASE          list content of DATABASE
  -u DATABASE -f FILE  update record for FILE in DATABASE
  -r DATABASE -f FILE  remove record for FILE from DATABASE
  -i DATABASE -f FILE  insert record for FILE into DATABASE

  -[CLgGoOxXtTHDISamc] ARG   item to update 

	i) 	use '-L -' to specify link path when inserting a non-link file
	ii)	use format YYYY-MM-DDTHH:MM:SS for time

Configure options
-----------------

	--with-stealth=XOR_VAL	Required if samhain is used in 'stealth' mode
	--with-caller=UID	The user who is allowed to run beltane_update
	--with-dataroot-prefix=PFX	The database directory

Security checks
---------------

beltane_update will perform the following checks before accessing a
database file:

	 1) is the database name given ?
	 2) is the (real) user a valid user ?
	 3) is the (real) user allowed to run the program ?
	 4) does the database name have an unsafe hierarchical reference ?
	    ( ../ or leading / are not allowed)
	 5) does the database directory exist AND is a directory ?
	 6) is the database directory NOT world writeable ?
	 7) is the database directory NOT (group writeable AND owned by another
	    group than the one of the effective user) ?
	 8) does the database file exist AND is a regular file ?	
	 9) is the database file NOT world writeable ?
	10) is the database file NOT (group writeable AND owned by another
	    group than the one of the effective user) ?
