diff options
author | Luca Longinotti <chtekk@gentoo.org> | 2006-05-24 13:10:34 +0000 |
---|---|---|
committer | Luca Longinotti <chtekk@gentoo.org> | 2006-05-24 13:10:34 +0000 |
commit | c2c199cd187bca4c911af86c2831660e505c6b44 (patch) | |
tree | 4dc2060fb76851a3ae69bf4756a77cf04aec685f /app-forensics/samhain | |
parent | Stable on sparc (diff) | |
download | historical-c2c199cd187bca4c911af86c2831660e505c6b44.tar.gz historical-c2c199cd187bca4c911af86c2831660e505c6b44.tar.bz2 historical-c2c199cd187bca4c911af86c2831660e505c6b44.zip |
Update samhain.
Package-Manager: portage-2.1_rc1-r3
Diffstat (limited to 'app-forensics/samhain')
-rw-r--r-- | app-forensics/samhain/ChangeLog | 12 | ||||
-rw-r--r-- | app-forensics/samhain/files/digest-samhain-2.1.3 | 3 | ||||
-rw-r--r-- | app-forensics/samhain/files/digest-samhain-2.2.0 | 3 | ||||
-rw-r--r-- | app-forensics/samhain/samhain-2.1.3.ebuild | 209 | ||||
-rw-r--r-- | app-forensics/samhain/samhain-2.2.0.ebuild | 209 |
5 files changed, 434 insertions, 2 deletions
diff --git a/app-forensics/samhain/ChangeLog b/app-forensics/samhain/ChangeLog index 9252712386bf..6396097271d4 100644 --- a/app-forensics/samhain/ChangeLog +++ b/app-forensics/samhain/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-forensics/samhain -# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-forensics/samhain/ChangeLog,v 1.2 2005/12/26 00:42:11 chtekk Exp $ +# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-forensics/samhain/ChangeLog,v 1.3 2006/05/24 13:10:34 chtekk Exp $ + +*samhain-2.2.0 (24 May 2006) +*samhain-2.1.3 (24 May 2006) + + 24 May 2006; Luca Longinotti <chtekk@gentoo.org> -samhain-2.1.1a.ebuild, + +samhain-2.1.3.ebuild, +samhain-2.2.0.ebuild: + Fix bug #125035 by adding both 2.1.3 and 2.2.0 to the tree, remove 2.1.1a. + Fix bug #130988, the libdir is now created if not emerged in stealth mode. 26 Dec 2005; Luca Longinotti <chtekk@gentoo.org> samhain-2.1.1a.ebuild: Fix bug #116739. diff --git a/app-forensics/samhain/files/digest-samhain-2.1.3 b/app-forensics/samhain/files/digest-samhain-2.1.3 new file mode 100644 index 000000000000..861d02ea8c71 --- /dev/null +++ b/app-forensics/samhain/files/digest-samhain-2.1.3 @@ -0,0 +1,3 @@ +MD5 bc85d4ce0d92cea47eab3e355bb0341f samhain_signed-2.1.3.tar.gz 1326778 +RMD160 26d3b2519d33a814d122e214a1b35a2f82534112 samhain_signed-2.1.3.tar.gz 1326778 +SHA256 351efd78f0f07a9d3eb128c7f1bb8959e32c0a783632890ab850365e9dfd1a5f samhain_signed-2.1.3.tar.gz 1326778 diff --git a/app-forensics/samhain/files/digest-samhain-2.2.0 b/app-forensics/samhain/files/digest-samhain-2.2.0 new file mode 100644 index 000000000000..a8b877eed76f --- /dev/null +++ b/app-forensics/samhain/files/digest-samhain-2.2.0 @@ -0,0 +1,3 @@ +MD5 a645a9d669f654e0273dd48c26f1daf3 samhain_signed-2.2.0.tar.gz 1520179 +RMD160 c61e9b1bd71ff3e2a8592badef788a4aba26f22b samhain_signed-2.2.0.tar.gz 1520179 +SHA256 6b02ccae95a46c831569026d43da517440213f6d407cd1bd19a287114167554a samhain_signed-2.2.0.tar.gz 1520179 diff --git a/app-forensics/samhain/samhain-2.1.3.ebuild b/app-forensics/samhain/samhain-2.1.3.ebuild new file mode 100644 index 000000000000..df40dd1590b3 --- /dev/null +++ b/app-forensics/samhain/samhain-2.1.3.ebuild @@ -0,0 +1,209 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-forensics/samhain/samhain-2.1.3.ebuild,v 1.1 2006/05/24 13:10:34 chtekk Exp $ + +KEYWORDS="~x86" +DESCRIPTION="Advanced file integrity and intrusion detection tool." +HOMEPAGE="http://la-samhna.de/samhain/" +SRC_URI="http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +IUSE="crypt debug login-watch mounts-check mysql netclient netserver postgres prelude static suidcheck userfiles xml" + +RESTRICT="nostrip" + +DEPEND="crypt? ( >=app-crypt/gnupg-1.2 ) + mysql? ( >=dev-db/mysql-3.23.26 ) + postgres? ( >=dev-db/postgresql-7.2 ) + prelude? ( >=dev-libs/libprelude-0.8.10 ) + >=sys-apps/sed-4 + app-arch/tar + app-arch/gzip" + +# Samhain stealth mode options +# +# If you would like to enable stealth mode, please set and uncomment the +# following options or pass them as enviroment variables when emerging +# the package (like INSTALL_NAME="asd" emerge samhain). +# If you set the variables here, don't forget to redigest the ebuild by +# issuing 'ebuild samhain-2.1.1a.ebuild digest', also remember that with +# your next emerge sync, the changes to the ebuild will be lost! +# +# Read the Samhain manual for additional information. +# +# STEALTH should be set to either 'full' or 'micro' (mandatory) +#STEALTH="" +# +# XOR_VALUE should be a whole number from 128 to 255 (mandatory) +#XOR_VALUE="" +# +# INSTALL_NAME can be set to change the name of the Samhain binaries +# to the name you specify (optional) +#INSTALL_NAME="" + +if [[ "${STEALTH}" == "full" ]] ; then + RDEPEND="media-gfx/imagemagick" +fi + +pkg_setup() { + if use static ; then + if use postgres || use prelude ; then + ewarn "At the moment it isn't possible to build a static Samhain with" + ewarn "Prelude and/or PostgreSQL support on Gentoo, the compilation" + ewarn "fails during the linking process." + echo + ewarn "This will be looked at and fixed in the future, in the meantime," + ewarn "patches to fix this are always welcome and appreciated! ;)" + ewarn "(Open a bug on bugs.gentoo.org for them or send them to" + ewarn "the maintainer directly, thanks!)" + die "Please turn the 'postgres' and/or 'prelude' USE flags off when building with 'static'" + fi + fi + + if use mysql && use postgres ; then + ewarn "You cannot compile both database backends into Samhain at once," + ewarn "you need to choose between MySQL or PostgreSQL and disable the" + ewarn "one you don't want to use." + die "Please choose between 'mysql' or 'postgres' USE flags" + fi +} + +src_unpack() { + unpack ${A} + tar -xzf "samhain-${PV}.tar.gz" +} + +src_compile() { + local myconf + + if use crypt ; then + myconf="${myconf} --with-gpg=/usr/bin/gpg --with-checksum=no" + + if [[ -n "${KEY_FPR}" ]] ; then + einfo "Setting built-in key fingerprint to ${KEY_FPR}" + FPR=`echo ${KEY_FPR} | sed "s/ //g"` + myconf="${myconf} --with-fp=${FPR}" + fi + fi + + if [[ -n "${STEALTH}" ]] ; then + [[ -z "${XOR_VALUE}" ]] && die "Variable XOR_VALUE must be set for stealth mode" + echo + einfo "Enabling stealth mode '${STEALTH}', setting XOR_VALUE to ${XOR_VALUE}" + + if [[ "${STEALTH}" == "full" ]] ; then + myconf="${myconf} --enable-stealth=${XOR_VALUE}" + sed -e "s:STEGIN=@stegin_prg@:STEGIN=:g" -i samhain-install.sh.in + elif [[ "${STEALTH}" == "micro" ]] ; then + myconf="${myconf} --enable-micro-stealth=${XOR_VALUE}" + else + die "STEALTH must be set to either 'full' or 'micro'" + fi + + if [[ -n "${INSTALL_NAME}" ]] ; then + echo + einfo "Setting alternative samhain name to ${INSTALL_NAME}" + echo + myconf="${myconf} --enable-install-name=${INSTALL_NAME}" + fi + fi + + use mysql && myconf="${myconf} --with-database=mysql --enable-xml-log" + use postgres && myconf="${myconf} --with-database=postgresql --enable-xml-log" + use prelude && myconf="${myconf} --with-prelude --with-libprelude-prefix=/usr" + use xml && myconf="${myconf} --enable-xml-log" + use static && myconf="${myconf} --enable-static" + use debug && myconf="${myconf} --enable-debug" + + use netclient && myconf="${myconf} --enable-network=client" + use netserver && myconf="${myconf} --enable-network=server" + + use login-watch && myconf="${myconf} --enable-login-watch" + use mounts-check && myconf="${myconf} --enable-mounts-check" + use suidcheck && myconf="${myconf} --enable-suidcheck" + use userfiles && myconf="${myconf} --enable-userfiles" + + myconf="${myconf} --localstatedir=/var" + + econf ${myconf} || die "configure failed" + make || die "compile failed" +} + +src_install() { + make DESTDIR="${D}" install || die "make install failed" + + rm -Rf "${D}/var/log" + rm -Rf "${D}/var/run" + rm -Rf "${D}/var/state" + + if [[ -n "${STEALTH}" ]] ; then + rm -Rf "${D}/usr/share" + else + dodoc COPYING LICENSE docs/BUGS docs/MANUAL* docs/README* docs/TODO docs/*.txt + dohtml docs/*.html + docinto scripts + dodoc scripts/* + insinto /etc + insopts -m0600 + newins samhainrc.linux samhainrc + exeinto /etc/init.d + newexe init/samhain.startGentoo samhain + keepdir "/var/lib/samhain" + fi + + if use netserver ; then + keepdir "/var/lib/yule" + chown daemon:daemon "${D}/var/lib/yule" + keepdir "/var/log/yule" + chown daemon:daemon "${D}/var/log/yule" + fi +} + +pkg_postinst() { + if [[ -n "${STEALTH}" ]] ; then + echo + einfo "Manual pages, documentation, and init script were NOT installed in order to" + einfo "obscure Samhain's presence. You should also remove samhain's installation" + einfo "traces from /var/cache/edb/world and /var/db/pkg." + fi + + if [[ "${STEALTH}" == "full" ]] ; then + echo + einfo "In stealth mode, the configuration file must be steganographically hidden" + einfo "in a postscript image file. The sample config has been created this way by" + einfo "the installation process. Use the samhain_stealth utility to modify or" + einfo "create your own configuration file." + fi + + if [[ -z "${KEY_FPR}" ]] ; then + echo + ewarn "GnuPG support has been enabled, but fingerprint verification will be" + ewarn "ignored. To enable fingerprint verification (strongly recommended)," + ewarn "you must re-emerge this package with the KEY_FPR variable set to" + ewarn "your default signing key fingerprint." + ewarn "Please read the Samhain manual for more details." + echo + einfo "Enabling GnuPG support in Samhain requires that you sign your configuration" + einfo "and and database files. Please run the following commands as root:" + einfo + einfo " gpg -a --clearsign --not-dash-escaped /etc/samhainrc" + einfo " mv /etc/samhainrc.asc /etc/samhainrc" + einfo " chmod 600 /etc/samhainrc" + einfo + einfo "Run the same commands on /var/lib/samhain/samhain_file after initialization." + fi + + echo + einfo "Be sure to check your settings in /etc/samhainrc. When ready, run:" + einfo " samhain -t init" + einfo "to initialize Samhain." + + echo + einfo "Samhain stealth-mode options are also available. Please view the comments" + einfo "in the Samhain ebuild for further configuration instructions." + + echo + ewarn "Please be sure to read the Samhain manual to understand and correctly" + ewarn "configure the Samhain utility." + ewarn "HTML version available for viewing at http://la-samhna.de/samhain/manual/ ." +} diff --git a/app-forensics/samhain/samhain-2.2.0.ebuild b/app-forensics/samhain/samhain-2.2.0.ebuild new file mode 100644 index 000000000000..a0911a6cccd6 --- /dev/null +++ b/app-forensics/samhain/samhain-2.2.0.ebuild @@ -0,0 +1,209 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-forensics/samhain/samhain-2.2.0.ebuild,v 1.1 2006/05/24 13:10:34 chtekk Exp $ + +KEYWORDS="~x86" +DESCRIPTION="Advanced file integrity and intrusion detection tool." +HOMEPAGE="http://la-samhna.de/samhain/" +SRC_URI="http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +IUSE="crypt debug login-watch mounts-check mysql netclient netserver postgres prelude static suidcheck userfiles xml" + +RESTRICT="nostrip" + +DEPEND="crypt? ( >=app-crypt/gnupg-1.2 ) + mysql? ( >=dev-db/mysql-3.23.26 ) + postgres? ( >=dev-db/postgresql-7.2 ) + prelude? ( >=dev-libs/libprelude-0.8.10 ) + >=sys-apps/sed-4 + app-arch/tar + app-arch/gzip" + +# Samhain stealth mode options +# +# If you would like to enable stealth mode, please set and uncomment the +# following options or pass them as enviroment variables when emerging +# the package (like INSTALL_NAME="asd" emerge samhain). +# If you set the variables here, don't forget to redigest the ebuild by +# issuing 'ebuild samhain-2.1.1a.ebuild digest', also remember that with +# your next emerge sync, the changes to the ebuild will be lost! +# +# Read the Samhain manual for additional information. +# +# STEALTH should be set to either 'full' or 'micro' (mandatory) +#STEALTH="" +# +# XOR_VALUE should be a whole number from 128 to 255 (mandatory) +#XOR_VALUE="" +# +# INSTALL_NAME can be set to change the name of the Samhain binaries +# to the name you specify (optional) +#INSTALL_NAME="" + +if [[ "${STEALTH}" == "full" ]] ; then + RDEPEND="media-gfx/imagemagick" +fi + +pkg_setup() { + if use static ; then + if use postgres || use prelude ; then + ewarn "At the moment it isn't possible to build a static Samhain with" + ewarn "Prelude and/or PostgreSQL support on Gentoo, the compilation" + ewarn "fails during the linking process." + echo + ewarn "This will be looked at and fixed in the future, in the meantime," + ewarn "patches to fix this are always welcome and appreciated! ;)" + ewarn "(Open a bug on bugs.gentoo.org for them or send them to" + ewarn "the maintainer directly, thanks!)" + die "Please turn the 'postgres' and/or 'prelude' USE flags off when building with 'static'" + fi + fi + + if use mysql && use postgres ; then + ewarn "You cannot compile both database backends into Samhain at once," + ewarn "you need to choose between MySQL or PostgreSQL and disable the" + ewarn "one you don't want to use." + die "Please choose between 'mysql' or 'postgres' USE flags" + fi +} + +src_unpack() { + unpack ${A} + tar -xzf "samhain-${PV}.tar.gz" +} + +src_compile() { + local myconf + + if use crypt ; then + myconf="${myconf} --with-gpg=/usr/bin/gpg --with-checksum=no" + + if [[ -n "${KEY_FPR}" ]] ; then + einfo "Setting built-in key fingerprint to ${KEY_FPR}" + FPR=`echo ${KEY_FPR} | sed "s/ //g"` + myconf="${myconf} --with-fp=${FPR}" + fi + fi + + if [[ -n "${STEALTH}" ]] ; then + [[ -z "${XOR_VALUE}" ]] && die "Variable XOR_VALUE must be set for stealth mode" + echo + einfo "Enabling stealth mode '${STEALTH}', setting XOR_VALUE to ${XOR_VALUE}" + + if [[ "${STEALTH}" == "full" ]] ; then + myconf="${myconf} --enable-stealth=${XOR_VALUE}" + sed -e "s:STEGIN=@stegin_prg@:STEGIN=:g" -i samhain-install.sh.in + elif [[ "${STEALTH}" == "micro" ]] ; then + myconf="${myconf} --enable-micro-stealth=${XOR_VALUE}" + else + die "STEALTH must be set to either 'full' or 'micro'" + fi + + if [[ -n "${INSTALL_NAME}" ]] ; then + echo + einfo "Setting alternative samhain name to ${INSTALL_NAME}" + echo + myconf="${myconf} --enable-install-name=${INSTALL_NAME}" + fi + fi + + use mysql && myconf="${myconf} --with-database=mysql --enable-xml-log" + use postgres && myconf="${myconf} --with-database=postgresql --enable-xml-log" + use prelude && myconf="${myconf} --with-prelude --with-libprelude-prefix=/usr" + use xml && myconf="${myconf} --enable-xml-log" + use static && myconf="${myconf} --enable-static" + use debug && myconf="${myconf} --enable-debug" + + use netclient && myconf="${myconf} --enable-network=client" + use netserver && myconf="${myconf} --enable-network=server" + + use login-watch && myconf="${myconf} --enable-login-watch" + use mounts-check && myconf="${myconf} --enable-mounts-check" + use suidcheck && myconf="${myconf} --enable-suidcheck" + use userfiles && myconf="${myconf} --enable-userfiles" + + myconf="${myconf} --localstatedir=/var" + + econf ${myconf} || die "configure failed" + make || die "compile failed" +} + +src_install() { + make DESTDIR="${D}" install || die "make install failed" + + rm -Rf "${D}/var/log" + rm -Rf "${D}/var/run" + rm -Rf "${D}/var/state" + + if [[ -n "${STEALTH}" ]] ; then + rm -Rf "${D}/usr/share" + else + dodoc COPYING LICENSE docs/BUGS docs/MANUAL* docs/README* docs/TODO docs/*.txt + dohtml docs/*.html + docinto scripts + dodoc scripts/* + insinto /etc + insopts -m0600 + newins samhainrc.linux samhainrc + exeinto /etc/init.d + newexe init/samhain.startGentoo samhain + keepdir "/var/lib/samhain" + fi + + if use netserver ; then + keepdir "/var/lib/yule" + chown daemon:daemon "${D}/var/lib/yule" + keepdir "/var/log/yule" + chown daemon:daemon "${D}/var/log/yule" + fi +} + +pkg_postinst() { + if [[ -n "${STEALTH}" ]] ; then + echo + einfo "Manual pages, documentation, and init script were NOT installed in order to" + einfo "obscure Samhain's presence. You should also remove samhain's installation" + einfo "traces from /var/cache/edb/world and /var/db/pkg." + fi + + if [[ "${STEALTH}" == "full" ]] ; then + echo + einfo "In stealth mode, the configuration file must be steganographically hidden" + einfo "in a postscript image file. The sample config has been created this way by" + einfo "the installation process. Use the samhain_stealth utility to modify or" + einfo "create your own configuration file." + fi + + if [[ -z "${KEY_FPR}" ]] ; then + echo + ewarn "GnuPG support has been enabled, but fingerprint verification will be" + ewarn "ignored. To enable fingerprint verification (strongly recommended)," + ewarn "you must re-emerge this package with the KEY_FPR variable set to" + ewarn "your default signing key fingerprint." + ewarn "Please read the Samhain manual for more details." + echo + einfo "Enabling GnuPG support in Samhain requires that you sign your configuration" + einfo "and and database files. Please run the following commands as root:" + einfo + einfo " gpg -a --clearsign --not-dash-escaped /etc/samhainrc" + einfo " mv /etc/samhainrc.asc /etc/samhainrc" + einfo " chmod 600 /etc/samhainrc" + einfo + einfo "Run the same commands on /var/lib/samhain/samhain_file after initialization." + fi + + echo + einfo "Be sure to check your settings in /etc/samhainrc. When ready, run:" + einfo " samhain -t init" + einfo "to initialize Samhain." + + echo + einfo "Samhain stealth-mode options are also available. Please view the comments" + einfo "in the Samhain ebuild for further configuration instructions." + + echo + ewarn "Please be sure to read the Samhain manual to understand and correctly" + ewarn "configure the Samhain utility." + ewarn "HTML version available for viewing at http://la-samhna.de/samhain/manual/ ." +} |