pentoo-forensics: volatility3

2026-01-14 20:24:08 +01:00 · 2020-05-08 14:55:03 +08:00 · 2020-05-08 14:55:03 +08:00 · 56bbd88dc6
commit 56bbd88dc6
parent 996999cb55
4 changed files with 34 additions and 7 deletions
--- a/app-forensics/volatility3/Manifest
+++ b/app-forensics/volatility3/Manifest
@ -0,0 +1 @@
+DIST volatility3-1.0.0_beta1.tar.gz 273544 BLAKE2B 67f55f6291dd56901db679bd52dacedf73b8f944991c44844766e9728f68796a1916fa43ed9802f18aa9aba7a9de83ceaa2ae9a53667c0bb39f2ac557419c478 SHA512 28118e1c1e0092d10279f925296148ab312036daec74f4a3615c275f85fb927e2a38b27f7a9472e335b8eb5f41cd668273e549f2e593d774a33e31159988bde2
--- a/app-forensics/volatility3/volatility3-1.0.0_beta1.ebuild
+++ b/app-forensics/volatility3/volatility3-1.0.0_beta1.ebuild
@ -0,0 +1,29 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6,7} )
+DISTUTILS_USE_SETUPTOOLS=rdepend
+inherit distutils-r1
+
+MY_PV=${PV//_beta/-beta.}
+
+DESCRIPTION="Framework for analyzing volatile memory"
+HOMEPAGE="https://www.volatilityfoundation.org/"
+SRC_URI="https://github.com/volatilityfoundation/volatility3/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="jsonschema yara disasm"
+
+S=${WORKDIR}/${PN}-${MY_PV}
+
+DEPEND=""
+RDEPEND="
+	dev-python/pefile[${PYTHON_USEDEP}]
+	jsonschema? ( >=dev-python/jsonschema-2.3.0[${PYTHON_USEDEP}] )
+	yara? ( >=dev-python/yara-python-3.8.0[${PYTHON_USEDEP}] )
+	disasm? ( dev-libs/capstone[python,${PYTHON_USEDEP}] )
+	"
--- a/pentoo/pentoo-forensics/pentoo-forensics-2020.1-r2.ebuild
+++ b/pentoo/pentoo-forensics/pentoo-forensics-2020.1-r2.ebuild
@ -8,7 +8,7 @@ HOMEPAGE="http://www.pentoo.ch"

 LICENSE="GPL-3"
 SLOT="0"
-IUSE="pentoo-extra pentoo-full"
+IUSE="pentoo-full"
 KEYWORDS="~amd64 ~x86"

 PDEPEND="
@ -31,15 +31,11 @@ PDEPEND="
 		app-forensics/pdf-parser
 		app-forensics/pdfid
 		app-forensics/rdd
+		app-forensics/volatility3
 		app-misc/hivex
 		sys-apps/dcfldd
 		sys-block/partimage
 		sys-fs/dd-rescue
-	)
-	pentoo-extra? (
-		app-forensics/volatility
-	)
-	"
-
+	)"
 #python2 only
 #https://github.com/volatilityfoundation/volatility/issues/693
--- a/profiles/pentoo/base/package.accept_keywords/app-forensics
+++ b/profiles/pentoo/base/package.accept_keywords/app-forensics
@ -18,6 +18,7 @@ app-forensics/samhain
 app-forensics/spiderfoot
 app-forensics/thehive
 app-forensics/volatility
+app-forensics/volatility3
 =app-forensics/xmount-0.7*

 app-forensics/bulk_extractor
				`@ -0,0 +1 @@`
				`DIST volatility3-1.0.0_beta1.tar.gz 273544 BLAKE2B 67f55f6291dd56901db679bd52dacedf73b8f944991c44844766e9728f68796a1916fa43ed9802f18aa9aba7a9de83ceaa2ae9a53667c0bb39f2ac557419c478 SHA512 28118e1c1e0092d10279f925296148ab312036daec74f4a3615c275f85fb927e2a38b27f7a9472e335b8eb5f41cd668273e549f2e593d774a33e31159988bde2`