From 56bbd88dc6a8be80b31d535f5cc07dbfe29effe6 Mon Sep 17 00:00:00 2001 From: blshkv Date: Fri, 8 May 2020 14:55:03 +0800 Subject: [PATCH] pentoo-forensics: volatility3 --- app-forensics/volatility3/Manifest | 1 + .../volatility3-1.0.0_beta1.ebuild | 29 +++++++++++++++++++ ...uild => pentoo-forensics-2020.1-r2.ebuild} | 10 ++----- .../package.accept_keywords/app-forensics | 1 + 4 files changed, 34 insertions(+), 7 deletions(-) create mode 100644 app-forensics/volatility3/Manifest create mode 100644 app-forensics/volatility3/volatility3-1.0.0_beta1.ebuild rename pentoo/pentoo-forensics/{pentoo-forensics-2020.1-r1.ebuild => pentoo-forensics-2020.1-r2.ebuild} (90%) diff --git a/app-forensics/volatility3/Manifest b/app-forensics/volatility3/Manifest new file mode 100644 index 000000000..32de69152 --- /dev/null +++ b/app-forensics/volatility3/Manifest @@ -0,0 +1 @@ +DIST volatility3-1.0.0_beta1.tar.gz 273544 BLAKE2B 67f55f6291dd56901db679bd52dacedf73b8f944991c44844766e9728f68796a1916fa43ed9802f18aa9aba7a9de83ceaa2ae9a53667c0bb39f2ac557419c478 SHA512 28118e1c1e0092d10279f925296148ab312036daec74f4a3615c275f85fb927e2a38b27f7a9472e335b8eb5f41cd668273e549f2e593d774a33e31159988bde2 diff --git a/app-forensics/volatility3/volatility3-1.0.0_beta1.ebuild b/app-forensics/volatility3/volatility3-1.0.0_beta1.ebuild new file mode 100644 index 000000000..e8334c385 --- /dev/null +++ b/app-forensics/volatility3/volatility3-1.0.0_beta1.ebuild @@ -0,0 +1,29 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{6,7} ) +DISTUTILS_USE_SETUPTOOLS=rdepend +inherit distutils-r1 + +MY_PV=${PV//_beta/-beta.} + +DESCRIPTION="Framework for analyzing volatile memory" +HOMEPAGE="https://www.volatilityfoundation.org/" +SRC_URI="https://github.com/volatilityfoundation/volatility3/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="jsonschema yara disasm" + +S=${WORKDIR}/${PN}-${MY_PV} + +DEPEND="" +RDEPEND=" + dev-python/pefile[${PYTHON_USEDEP}] + jsonschema? ( >=dev-python/jsonschema-2.3.0[${PYTHON_USEDEP}] ) + yara? ( >=dev-python/yara-python-3.8.0[${PYTHON_USEDEP}] ) + disasm? ( dev-libs/capstone[python,${PYTHON_USEDEP}] ) + " diff --git a/pentoo/pentoo-forensics/pentoo-forensics-2020.1-r1.ebuild b/pentoo/pentoo-forensics/pentoo-forensics-2020.1-r2.ebuild similarity index 90% rename from pentoo/pentoo-forensics/pentoo-forensics-2020.1-r1.ebuild rename to pentoo/pentoo-forensics/pentoo-forensics-2020.1-r2.ebuild index ac5d15af1..cae32820a 100644 --- a/pentoo/pentoo-forensics/pentoo-forensics-2020.1-r1.ebuild +++ b/pentoo/pentoo-forensics/pentoo-forensics-2020.1-r2.ebuild @@ -8,7 +8,7 @@ HOMEPAGE="http://www.pentoo.ch" LICENSE="GPL-3" SLOT="0" -IUSE="pentoo-extra pentoo-full" +IUSE="pentoo-full" KEYWORDS="~amd64 ~x86" PDEPEND=" @@ -31,15 +31,11 @@ PDEPEND=" app-forensics/pdf-parser app-forensics/pdfid app-forensics/rdd + app-forensics/volatility3 app-misc/hivex sys-apps/dcfldd sys-block/partimage sys-fs/dd-rescue - ) - pentoo-extra? ( - app-forensics/volatility - ) - " - + )" #python2 only #https://github.com/volatilityfoundation/volatility/issues/693 diff --git a/profiles/pentoo/base/package.accept_keywords/app-forensics b/profiles/pentoo/base/package.accept_keywords/app-forensics index 0d50d1e1e..b5fa93cb5 100644 --- a/profiles/pentoo/base/package.accept_keywords/app-forensics +++ b/profiles/pentoo/base/package.accept_keywords/app-forensics @@ -18,6 +18,7 @@ app-forensics/samhain app-forensics/spiderfoot app-forensics/thehive app-forensics/volatility +app-forensics/volatility3 =app-forensics/xmount-0.7* app-forensics/bulk_extractor