Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2025-12-06 08:25:01 +01:00
Code Issues Projects Releases Wiki Activity

samhain: 4.4.0 bump

Browse source
This commit is contained in:
blshkv 2020-01-10 09:30:28 +08:00
parent 7be20345f5
commit aa769b24ee
No known key found for this signature in database
GPG key ID: 273E3E90D1A6294F
4 changed files with 25 additions and 253 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
app-forensics/samhain/Manifest
View file

@ -1,3 +1,2 @@
DIST samhain_signed-4.3.1.tar.gz 2141139 BLAKE2B 958f5864e817e8b6d73b97876e9c5afcc122e382c13ff5f94db2ad6219553de6b1ab5f2d4cd48e31ebe3e32f471b63d67db54fd25683d29531d4ec8207bb03e0 SHA512 5f524db9586d1e8be69c8f7aa199c4b2edb699922cd957d5d02d66c749286c8131a07906ea59dad1871758b8dda9f7a7d8d1c3c09a91de854dfbaccede56833d
DIST samhain_signed-4.3.2.tar.gz 2142763 BLAKE2B 8236689cbdeae6cc1b9fad4432c8ea718691ced65435eafd5956b7ff9330716a816fcecb22129bbe3aaedc6804655f75e6028cdbd0deb9ffac4adbf45c31f4d2 SHA512 aaa4c9e384715fffaa55d3d5838bf137f199bd7a8da2f2005e165ead03f82c401de74806c4a2687eaa217927d50c5400417805ac37dfd36c4b0ad959c3bf2d1e
DIST samhain_signed-4.3.3.tar.gz 2142337 BLAKE2B 7746477de00a2ee58e482fb9b021c29af2fdf307af54b717501df517430f39360b0d4bd6be9e810b406617c2ae4d23ef4827f80912dffb36b5f2ca7cc1ca53ce SHA512 b99400086d4d71c7cc9d6740fa913ed0ebf2d3af79690cc30a93708f350e9fb36f7aae62f1a5a1f0d565ecc0102f95e79c3c4ac9460c3f9b40e5c5b0c6b597ab DIST samhain_signed-4.3.3.tar.gz 2142337 BLAKE2B 7746477de00a2ee58e482fb9b021c29af2fdf307af54b717501df517430f39360b0d4bd6be9e810b406617c2ae4d23ef4827f80912dffb36b5f2ca7cc1ca53ce SHA512 b99400086d4d71c7cc9d6740fa913ed0ebf2d3af79690cc30a93708f350e9fb36f7aae62f1a5a1f0d565ecc0102f95e79c3c4ac9460c3f9b40e5c5b0c6b597ab
DIST samhain_signed-4.4.0.tar.gz 2159532 BLAKE2B 409e434878466d2b7dfbd8d47e8ed186781c0f0ffe69a7e0f011246aff0735602920b33f2ee734235f2584de5045a38f06fc38f56b2147bed20058703fffedcb SHA512 21152a2a01d216f72729237403f5bd5e7c323a78f91ce7d05045655addad1415dad47183b0a7828d8b5dd4283a4436cfa5ba1c0b5aa95256a3da41293a151ff8

211
app-forensics/samhain/samhain-4.3.1.ebuild
View file

@ -1,211 +0,0 @@
# Copyright 1999-2019 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=5
DESCRIPTION="Advanced file integrity and intrusion detection tool."
HOMEPAGE="http://la-samhna.de/samhain/"
SRC_URI="http://la-samhna.de/archive/samhain_signed-${PV}.tar.gz"
KEYWORDS="~amd64 ~x86"
LICENSE="GPL-2"
SLOT="0"
IUSE="crypt debug login-watch mounts-check mysql netclient netserver postgres static suidcheck userfiles xml"
DEPEND="crypt? ( >=app-crypt/gnupg-1.2 )
mysql? ( dev-db/mysql )
postgres? ( dev-db/postgresql )
>=sys-apps/sed-4
app-arch/tar
app-arch/gzip"
# Samhain stealth mode options
#
# If you would like to enable stealth mode, please set and uncomment the
# following options or pass them as enviroment variables when emerging
# the package (like INSTALL_NAME="asd" emerge samhain).
# If you set the variables here, don't forget to redigest the ebuild by
# issuing 'ebuild samhain-<thisversion>.ebuild digest', also remember that with
# your next emerge sync, the changes to the ebuild will be lost!
#
# Read the Samhain manual for additional information.
#
# STEALTH should be set to either 'full' or 'micro' (mandatory)
#STEALTH=""
#
# XOR_VALUE should be a whole number from 128 to 255 (mandatory)
#XOR_VALUE=""
#
# INSTALL_NAME can be set to change the name of the Samhain binaries
# to the name you specify (optional)
#INSTALL_NAME=""
if [[ "${STEALTH}" == "full" ]] ; then
RDEPEND="media-gfx/imagemagick"
fi
pkg_setup() {
if use static ; then
if use postgres ; then
ewarn "At the moment it isn't possible to build a static Samhain with"
ewarn "PostgreSQL support on Gentoo, the compilation"
ewarn "fails during the linking process."
echo
ewarn "This will be looked at and fixed in the future, in the meantime,"
ewarn "patches to fix this are always welcome and appreciated! ;)"
ewarn "(Open a bug on bugs.gentoo.org for them or send them to"
ewarn "the maintainer directly, thanks!)"
die "Please turn the 'postgres' USE flags off when building with 'static'"
fi
fi
if use mysql && use postgres ; then
ewarn "You cannot compile both database backends into Samhain at once,"
ewarn "you need to choose between MySQL or PostgreSQL and disable the"
ewarn "one you don't want to use."
die "Please choose between 'mysql' or 'postgres' USE flags"
fi
}
src_unpack() {
unpack ${A}
tar -xzf "samhain-${PV}.tar.gz"
cd "${S}"
}
src_prepare() {
sed -i -e 's/INSTALL_PROGRAM = @INSTALL@ -s/INSTALL_PROGRAM = @INSTALL@/' Makefile.in || die "Failed to patch Makefile"
}
src_configure() {
local myconf
if use crypt ; then
myconf="${myconf} --with-gpg=/usr/bin/gpg --with-checksum=no"
if [[ -n "${KEY_FPR}" ]] ; then
einfo "Setting built-in key fingerprint to ${KEY_FPR}"
FPR=`echo ${KEY_FPR} | sed "s/ //g"`
myconf="${myconf} --with-fp=${FPR}"
fi
fi
if [[ -n "${STEALTH}" ]] ; then
[[ -z "${XOR_VALUE}" ]] && die "Variable XOR_VALUE must be set for stealth mode"
echo
einfo "Enabling stealth mode '${STEALTH}', setting XOR_VALUE to ${XOR_VALUE}"
if [[ "${STEALTH}" == "full" ]] ; then
myconf="${myconf} --enable-stealth=${XOR_VALUE}"
sed -e "s:STEGIN=@stegin_prg@:STEGIN=:g" -i samhain-install.sh.in
elif [[ "${STEALTH}" == "micro" ]] ; then
myconf="${myconf} --enable-micro-stealth=${XOR_VALUE}"
else
die "STEALTH must be set to either 'full' or 'micro'"
fi
if [[ -n "${INSTALL_NAME}" ]] ; then
echo
einfo "Setting alternative samhain name to ${INSTALL_NAME}"
echo
myconf="${myconf} --enable-install-name=${INSTALL_NAME}"
fi
fi
use mysql && myconf="${myconf} --with-database=mysql --enable-xml-log"
use postgres && myconf="${myconf} --with-database=postgresql --enable-xml-log"
# use prelude && myconf="${myconf} --with-prelude --with-libprelude-prefix=/usr"
use xml && myconf="${myconf} --enable-xml-log"
use static && myconf="${myconf} --enable-static"
use debug && myconf="${myconf} --enable-debug"
use netclient && myconf="${myconf} --enable-network=client"
use netserver && myconf="${myconf} --enable-network=server"
use login-watch && myconf="${myconf} --enable-login-watch"
use mounts-check && myconf="${myconf} --enable-mounts-check"
use suidcheck && myconf="${myconf} --enable-suidcheck"
use userfiles && myconf="${myconf} --enable-userfiles"
myconf="${myconf} --localstatedir=/var --disable-asm"
econf ${myconf}
}
src_install() {
make DESTDIR="${D}" install || die "make install failed"
rm -Rf "${D}/var/log"
rm -Rf "${D}/var/run"
rm -Rf "${D}/var/state"
if [[ -n "${STEALTH}" ]] ; then
rm -Rf "${D}/usr/share"
else
dodoc docs/BUGS docs/MANUAL* docs/README* docs/*.txt
dohtml docs/*.html
# docinto scripts
# dodoc scripts/*
insinto /etc
insopts -m0600
newins samhainrc.linux samhainrc
newinitd init/samhain.startGentoo samhain
keepdir "/var/lib/samhain"
fi
if use netserver ; then
keepdir "/var/lib/yule"
chown daemon:daemon "${D}/var/lib/yule"
keepdir "/var/log/yule"
chown daemon:daemon "${D}/var/log/yule"
fi
}
pkg_postinst() {
if [[ -n "${STEALTH}" ]] ; then
elog
elog "Manual pages, documentation, and init script were NOT installed in order to"
elog "obscure Samhain's presence. You should also remove samhain's installation"
elog "traces from /var/cache/edb/world and /var/db/pkg."
fi
if [[ "${STEALTH}" == "full" ]] ; then
elog
elog "In stealth mode, the configuration file must be steganographically hidden"
elog "in a postscript image file. The sample config has been created this way by"
elog "the installation process. Use the samhain_stealth utility to modify or"
elog "create your own configuration file."
fi
if [[ -z "${KEY_FPR}" ]] ; then
elog
ewarn "GnuPG support has been enabled, but fingerprint verification will be"
ewarn "ignored. To enable fingerprint verification (strongly recommended),"
ewarn "you must re-emerge this package with the KEY_FPR variable set to"
ewarn "your default signing key fingerprint."
ewarn "Please read the Samhain manual for more details."
elog
elog "Enabling GnuPG support in Samhain requires that you sign your configuration"
elog "and database files. Please run the following commands as root:"
elog
elog " gpg -a --clearsign --not-dash-escaped /etc/samhainrc"
elog " mv /etc/samhainrc.asc /etc/samhainrc"
elog " chmod 600 /etc/samhainrc"
elog
elog "Run the same commands on /var/lib/samhain/samhain_file after initialization."
fi
elog
elog "Be sure to check your settings in /etc/samhainrc. When ready, run:"
elog " samhain -t init"
elog "to initialize Samhain."
elog
elog "Samhain stealth-mode options are also available. Please view the comments"
elog "in the Samhain ebuild for further configuration instructions."
elog
ewarn "Please be sure to read the Samhain manual to understand and correctly"
ewarn "configure the Samhain utility."
ewarn "HTML version available for viewing at http://la-samhna.de/samhain/manual/ ."
}

7
app-forensics/samhain/samhain-4.3.2.ebuild → app-forensics/samhain/samhain-4.4.0.ebuild
View file

@ -1,4 +1,4 @@
# Copyright 1999-2019 Gentoo Authors # Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
EAPI=7 EAPI=7
@ -80,7 +80,7 @@ src_unpack() {
src_prepare() { src_prepare() {
sed -i -e 's/INSTALL_PROGRAM = @INSTALL@ -s/INSTALL_PROGRAM = @INSTALL@/' Makefile.in || die "Failed to patch Makefile" sed -i -e 's/INSTALL_PROGRAM = @INSTALL@ -s/INSTALL_PROGRAM = @INSTALL@/' Makefile.in || die "Failed to patch Makefile"
#unable to configure these options #unable to configure these options
sed -i -e '/--docdir/d' -e '/--htmldir/d' configure || die sed -i -e '/--docdir/d' -e '/--htmldir/d' configure || die "Failed to patch configure"
eapply_user eapply_user
} }
@ -104,7 +104,7 @@ src_configure() {
if [[ "${STEALTH}" == "full" ]] ; then if [[ "${STEALTH}" == "full" ]] ; then
myconf="${myconf} --enable-stealth=${XOR_VALUE}" myconf="${myconf} --enable-stealth=${XOR_VALUE}"
sed -e "s:STEGIN=@stegin_prg@:STEGIN=:g" -i samhain-install.sh.in sed -e "s:STEGIN=@stegin_prg@:STEGIN=:g" -i samhain-install.sh.in || die "Failed to patch install.sh"
elif [[ "${STEALTH}" == "micro" ]] ; then elif [[ "${STEALTH}" == "micro" ]] ; then
myconf="${myconf} --enable-micro-stealth=${XOR_VALUE}" myconf="${myconf} --enable-micro-stealth=${XOR_VALUE}"
else else
@ -143,6 +143,7 @@ src_install() {
rm -Rf "${D}/var/log" rm -Rf "${D}/var/log"
rm -Rf "${D}/var/run" rm -Rf "${D}/var/run"
rm -Rf "${D}/run"
rm -Rf "${D}/var/state" rm -Rf "${D}/var/state"
if [[ -n "${STEALTH}" ]] ; then if [[ -n "${STEALTH}" ]] ; then

57
profiles/pentoo/base/package.accept_keywords/app-forensics
View file

@ -1,54 +1,37 @@
# Pentoo # Pentoo
app-forensics/dff
app-forensics/eagleeye
=app-forensics/guymager-0.8*
~app-forensics/inception-0.4.1
app-forensics/libbfio
app-forensics/libewf
~app-forensics/libforensic1394-0.2
app-forensics/libpff
app-forensics/libvshadow
app-forensics/maltego
=app-forensics/origami-pdf-2.1*
app-forensics/pdf-parser
=app-forensics/rdd-3*
~app-forensics/reglookup-1.0.1
app-forensics/samhain
~app-forensics/scap-security-guide-0.1.46
app-forensics/spiderfoot
app-forensics/thehive
app-forensics/volatility
=app-forensics/xmount-0.7*
app-forensics/bulk_extractor app-forensics/bulk_extractor
dev-libs/hashdb dev-libs/hashdb
app-forensics/pdf-parser
=app-forensics/rdd-3*
app-forensics/volatility
=app-forensics/guymager-0.8*
app-forensics/dff
app-forensics/libbfio
app-forensics/libpff
~app-forensics/reglookup-1.0.1
~app-forensics/inception-0.4.1
~app-forensics/libforensic1394-0.2
app-forensics/pcileech app-forensics/pcileech
=dev-libs/LeechCore-1* =dev-libs/LeechCore-1*
~app-misc/hivex-1.3.11
app-forensics/libvshadow
~app-forensics/samhain-4.1.2
=app-forensics/xmount-0.7*
=app-forensics/origami-pdf-2.1*
app-forensics/libewf
=app-forensics/samhain-4.2*
=app-forensics/yara-3* =app-forensics/yara-3*
=dev-python/yara-python-3* =dev-python/yara-python-3*
app-forensics/spiderfoot
app-forensics/maltego
app-forensics/thehive
~app-forensics/scap-security-guide-0.1.46
app-forensics/openscap app-forensics/openscap
=app-admin/ansible-lint-4* =app-admin/ansible-lint-4*
app-forensics/eagleeye
# Gentoo # Gentoo
=app-forensics/sleuthkit-4.7* =app-forensics/sleuthkit-4.7*
~app-forensics/pasco-20040505_p1 ~app-forensics/pasco-20040505_p1