PID file

samhain generates a PID file if (a) it is run as a daemon process, or (b) if a log file is written (i.e. logging to a local log file is enabled). In the latter case, the PID file serves as a lock to make sure that only one samhain process can access the log file. You can configure the path to the lock file at compile time, either explicitely using the ./configure --with-lock-file=FILE option, or via the ./configure --prefix=PREFIX option.