summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatsuu Takuto <matsuu@gentoo.org>2009-04-16 14:59:20 +0000
committerMatsuu Takuto <matsuu@gentoo.org>2009-04-16 14:59:20 +0000
commitcf4134d9a7d3c97c3a156aa4aa00111f2bf496e9 (patch)
treeb8fa2dd54f1b06f31355faaac6e23c0b82e7cc9a /app-forensics/aide
parentfix bug #260786 (diff)
downloadhistorical-cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9.tar.gz
historical-cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9.tar.bz2
historical-cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9.zip
Fixed bug #204217 and #266175.
Package-Manager: portage-2.1.6.11/cvs/Linux x86_64
Diffstat (limited to 'app-forensics/aide')
-rw-r--r--app-forensics/aide/ChangeLog10
-rw-r--r--app-forensics/aide/Manifest5
-rw-r--r--app-forensics/aide/aide-0.13.1-r3.ebuild143
-rw-r--r--app-forensics/aide/files/aide-0.13.1-equ-matching.patch83
-rw-r--r--app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch49
5 files changed, 288 insertions, 2 deletions
diff --git a/app-forensics/aide/ChangeLog b/app-forensics/aide/ChangeLog
index 88bdbd70348f..3fa810333930 100644
--- a/app-forensics/aide/ChangeLog
+++ b/app-forensics/aide/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for app-forensics/aide
# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/ChangeLog,v 1.38 2009/03/01 01:52:37 patrick Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/ChangeLog,v 1.39 2009/04/16 14:59:20 matsuu Exp $
+
+*aide-0.13.1-r3 (16 Apr 2009)
+
+ 16 Apr 2009; MATSUU Takuto <matsuu@gentoo.org>
+ +files/aide-0.13.1-equ-matching.patch,
+ +files/aide-0.13.1-libgrypt_init.patch, +aide-0.13.1-r3.ebuild:
+ Fixed equal match issue, bug #204217. Fixed libgcrypt issue, bug #266175.
+ RESTRICT="test" Removed --with-extra-lib.
01 Mar 2009; Patrick Lauer <patrick@gentoo.org> aide-0.13.1-r2.ebuild:
Fixing elog messages to reflect changes from #195690. Closes #249793
diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest
index 6563e50c1916..fbc341aaa870 100644
--- a/app-forensics/aide/Manifest
+++ b/app-forensics/aide/Manifest
@@ -1,10 +1,13 @@
AUX aide-0.13.1-configure.patch 2201 RMD160 46f6cf31c0446ce238733d0434c4e3b1126b87fc SHA1 68bb2ced2ebd17ab1f5c5a940e0804f71cd903af SHA256 aa1b35d3d692d6844b3fc1b39e9ae3ed1779d7699f111bd6852a01dde228457d
+AUX aide-0.13.1-equ-matching.patch 2451 RMD160 515a0762483224fdfdca4197ee318f1048a7573a SHA1 e4606aaf4935955d0c4f144b415485ad5871248e SHA256 1eddf47fe7f1fb5a7868b22e2af00c2ab7b89b807c4e696621a6e74443d1e323
AUX aide-0.13.1-gentoo.patch 1218 RMD160 a696dfa3819a9be30e34de1d87dcd218283bfd44 SHA1 44085e22669cc2a616979d559afccd3deff37724 SHA256 c78aed624a51f683b83f2cc45239748861e14fe9e3a94277b0e1040b9a87eb00
+AUX aide-0.13.1-libgrypt_init.patch 1957 RMD160 9d515a5e21f758dc11ac417f276b180c745e7235 SHA1 c89d092744ba2a7bf47bfa2c5b75a1702b46ba2c SHA256 66c01f0a43cde218151e7e34c9505ce7438235a779c0cd8235111d1b85392750
AUX aide.conf 2713 RMD160 4f1de8580deb49af8bf93fb2df19f411f2990841 SHA1 0970af5c16aee29aed81f394575be27a66cfcdd4 SHA256 093c6397a4e26ab24127684eb8f9bb223ee5f2c2f9720e54c8ad8b425d52ba49
AUX aide.cron 5997 RMD160 07a10b1bae5373eb186d72ec9b0e9c0987dd1cee SHA1 09f8f66eaec409bc7e2cd77bb74da48fc6136d66 SHA256 f4874c85d808c9f1726421c5f1146c4aa6a6bf831f61962c8265d5e7272f4558
AUX aideinit 2948 RMD160 c5a3f7dd8de191b26f32830ff003d4488452e01e SHA1 cd3f73f3324d7b1655a68c18ef2a0b7543a5d28f SHA256 a7d82272bb381f08d7efcb4fdb9a1eace8c113b3fa2052cc23a2d2871381bba2
DIST aide-0.13.1.tar.gz 285400 RMD160 802ac5bd817032bf3a696db7f547bef322b2487a SHA1 0112ee0a974020b99f09d1f2a9fb05433a7b9681 SHA256 b55065413bad3c24af51a551e6ab7cd4a9ecd9f449929261a45fc2f53e040021
EBUILD aide-0.13.1-r2.ebuild 3654 RMD160 36f8301a03be780199e9c9300f39f0475d521a76 SHA1 0fb5b3a2681963456c927421c464f71b2a3a505e SHA256 01519d86cb4b9719a06d48fa265406dfea0180d14271a415d51d721c2999c119
+EBUILD aide-0.13.1-r3.ebuild 3786 RMD160 9f64381631a017c47556ec8fb701710e4c5baa4a SHA1 2ef6fbba3d68d80e0f45665c647156285c17db3a SHA256 72743cb65ef5afb2013b69194c5686fbc969d23d7af91e78055b1187ddfacb2d
EBUILD aide-0.13.1.ebuild 3909 RMD160 1055b7d279b3e9306dda868c5edee309ee780545 SHA1 8a1cd7dfd7bdbf19147a6e5ada9a7671ced1094d SHA256 3fcfcbcc5c6499dc09cb37bcd60903827df37d5c56ce48221c18a2d2c17f3320
-MISC ChangeLog 7974 RMD160 43b10faf7aba0a3980df7e0dac7c9e62e505f00c SHA1 b076b389cc7b8633563c944824b82b4877c1e349 SHA256 33764f4ec413a183a8299920c7f71585c86b3c699adabc3a08dd2d0e4fcaa0f5
+MISC ChangeLog 8281 RMD160 e8500953806ddc670bbfef48351d5ce21dd9c5dc SHA1 b8a398643e88e470397a6a1304868ef52201f469 SHA256 e606971946c77d0b8bd6d504971ad56c1b9eeb9a247ae48fc94a0b844c1fe6e3
MISC metadata.xml 227 RMD160 8fd92f1523d63aec4ec954abee49accf1064c6e6 SHA1 d1d36ec61b481027477edfb7a93cb1c42fb83ff6 SHA256 bb6f7d60ac5d9f18aaea588265033a77bfdeb50676739866d80241cfb869c77c
diff --git a/app-forensics/aide/aide-0.13.1-r3.ebuild b/app-forensics/aide/aide-0.13.1-r3.ebuild
new file mode 100644
index 000000000000..7e554d3d6b50
--- /dev/null
+++ b/app-forensics/aide/aide-0.13.1-r3.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/aide-0.13.1-r3.ebuild,v 1.1 2009/04/16 14:59:20 matsuu Exp $
+
+inherit autotools eutils
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire"
+HOMEPAGE="http://aide.sourceforge.net/"
+SRC_URI="mirror://sourceforge/aide/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
+IUSE="acl curl mhash nls postgres selinux static xattr zlib"
+#IUSE="acl audit curl mhash nls postgres selinux static xattr zlib"
+
+# libsandbox: Can't dlopen libc: (null)
+RESTRICT="test"
+
+DEPEND="acl? ( sys-apps/acl )
+ curl? ( net-misc/curl )
+ mhash? ( >=app-crypt/mhash-0.9.2 )
+ !mhash? ( dev-libs/libgcrypt )
+ nls? ( virtual/libintl )
+ postgres? ( virtual/postgresql-base )
+ selinux? ( sys-libs/libselinux )
+ xattr? ( sys-apps/attr )
+ zlib? ( sys-libs/zlib )"
+# audit? ( sys-process/audit )
+
+RDEPEND="!static? ( ${DEPEND} )"
+
+DEPEND="${DEPEND}
+ nls? ( sys-devel/gettext )
+ sys-devel/bison
+ sys-devel/flex"
+
+pkg_config() {
+ if use mhash && use postgres ; then
+ eerror "We cannot emerge aide with mhash and postgres USE flags at the same time."
+ eerror "Please remove mhash OR postgres USE flags."
+ die "Please remove either mhash or postgres USE flag."
+ fi
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ epatch "${FILESDIR}/${P}-gentoo.patch"
+
+ # fix configure switch
+ epatch "${FILESDIR}/${P}-configure.patch"
+
+ # fix equal match issue, bug #204217
+ epatch "${FILESDIR}/${P}-equ-matching.patch"
+
+ # fix libgcrypt issue, bug #266175
+ epatch "${FILESDIR}/${P}-libgrypt_init.patch"
+
+ if ! use mhash ; then
+ # dev-libs/libgcrypt doesn't support whirlpool algorithm
+ sed -i -e 's/\+whirlpool//' doc/aide.conf.in || die
+ fi
+
+ if ! use selinux ; then
+ sed -i -e 's/\+selinux//' doc/aide.conf.in || die
+ fi
+
+ if ! use xattr ; then
+ sed -i -e 's/\+xattrs//' doc/aide.conf.in || die
+ fi
+
+ if ! use acl ; then
+ sed -i -e 's/\+acl//' doc/aide.conf.in || die
+ fi
+
+ eautoreconf
+}
+
+src_compile() {
+ local myconf="
+ $(use_with acl posix-acl)
+ $(use_with !mhash gcrypt)
+ $(use_with mhash mhash)
+ $(use_with nls locale)
+ $(use_with postgres psql)
+ $(use_with selinux)
+ $(use_enable static)
+ $(use_with xattr)
+ $(use_with zlib)
+ --sysconfdir=/etc/aide"
+# $(use_with audit)
+
+ # curl doesn't work with static
+ use curl && ! use static && myconf="${myconf} --with-curl"
+
+ econf ${myconf} || die "econf failed"
+ # parallel make borked
+ emake -j1 || die "emake failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed"
+
+ keepdir /var/lib/aide
+ fowners root:0 /var/lib/aide
+ fperms 0755 /var/lib/aide
+
+ keepdir /var/log/aide
+
+ insinto /etc/aide
+ doins "${FILESDIR}"/aide.conf
+
+ dosbin "${FILESDIR}"/aideinit
+
+ dodoc ChangeLog AUTHORS NEWS README "${FILESDIR}"/aide.cron
+ dohtml doc/manual.html
+}
+
+pkg_postinst() {
+ elog
+ elog "A sample configuration file has been installed as"
+ elog "/etc/aide/aide.conf. Please edit to meet your needs."
+ elog "Read the aide.conf(5) manual page for more information."
+ elog "A helper script, aideinit, has been installed and can"
+ elog "be used to make AIDE management easier. Please run"
+ elog "aideinit --help for more information"
+ elog
+
+ if use postgres; then
+ elog "Due to a bad assumption by aide, you must issue the following"
+ elog "command after the database initialization (aide --init ...):"
+ elog
+ elog 'psql -c "update pg_index set indisunique=false from pg_class \\ '
+ elog " where pg_class.relname='TABLE_pkey' and \ "
+ elog ' pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER'
+ elog
+ elog "where TABLE, HOSTNAME, PORT, DBASE, and USER are the same as"
+ elog "your aide.conf."
+ elog
+ fi
+}
diff --git a/app-forensics/aide/files/aide-0.13.1-equ-matching.patch b/app-forensics/aide/files/aide-0.13.1-equ-matching.patch
new file mode 100644
index 000000000000..e5d02a5ea7d5
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-equ-matching.patch
@@ -0,0 +1,83 @@
+--- src/gen_list.c.orig 2007-12-19 15:37:13.000000000 -0800
++++ src/gen_list.c 2007-12-19 16:19:43.000000000 -0800
+@@ -732,33 +732,6 @@
+ return retval;
+ }
+
+-//this is used to check if $text if equal to a node in $rxrlist
+-//should be used to check equ_rx_lst only
+-int check_list_for_equal(list* rxrlist,char* text,DB_ATTR_TYPE* attr)
+-{
+- list* r=NULL;
+- int retval=1;
+- char *temp;
+-
+- for(r=rxrlist;r;r=r->next){
+- temp=((rx_rule*)r->data)->rx;
+-
+- //FIXME, if rx not begin with ^, may need to do something else
+- if(temp[0]=='^') //^ is for reg exp, we can ignore this character
+- temp++;
+-
+- //we don't need to worry about buff-overflow, so strcmp is safe
+- if((retval=strcmp(temp, text))==0){
+- *attr=((rx_rule*)r->data)->attr;
+- error(231,"\"%s\" matches string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx);
+- break;
+- } else {
+- error(231,"\"%s\" doesn't match string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx);
+- }
+- }
+- return retval;
+-}
+-
+ /*
+ * Function check_node_for_match()
+ * calls itself recursively to go to the top and then back down.
+@@ -783,35 +756,24 @@
+ return retval;
+ }
+
+- /* We need this to check whether this was the first one *
+- * to be called and not a recursive call */
+- if(!((retval&16)==16)){
+- retval|=16;
++ /* if this call is not recursive we check the equals list and we set top *
++ * and retval so we know following calls are recursive */
++ if(!(retval&16)){
+ top=1;
+- } else {
+- top=0;
+- }
+-
+- /* if no deeper match found */
+- if(!((retval&8)==8)&&!((retval&4)==4)){
++ retval|=16;
++
+ if(!check_list_for_match(node->equ_rx_lst,text,attr)){
+- /*
+- Zhi Wen Wong added this line to fix bug that equ not work for
+- compare
+- if we do "=/bin", we should only check /bin
+- so, /bin/bash or /bin/something should return 0 as neg
+- */
+- if(!check_list_for_equal(node->equ_rx_lst,text,attr))
+- retval|=(2|4);
+- };
+- };
++ retval|=2|4;
++ }
++ }
+ /* We'll use retval to pass information on whether to recurse
+ * the dir or not */
+
+
+- if(!((retval&8)==8)&&!((retval&4)==4)){
++ /* If 4 and 8 are not set, we will check for matches */
++ if(!(retval&(4|8))){
+ if(!check_list_for_match(node->sel_rx_lst,text,attr))
+- retval|=(1|8);
++ retval|=1|8;
+ }
+
+ /* Now let's check the ancestors */
diff --git a/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch b/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch
new file mode 100644
index 000000000000..56b39693f4ff
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch
@@ -0,0 +1,49 @@
+diff -urp aide-0.13.1.orig/doc/aide.1 aide-0.13.1/doc/aide.1
+--- aide-0.13.1.orig/doc/aide.1 2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/doc/aide.1 2009-04-14 15:49:18.000000000 -0700
+@@ -67,6 +67,7 @@ conditions:
+ .IP "16 Unimplemented function error"
+ .IP "17 Invalid configureline error"
+ .IP "18 IO error"
++.IP "19 Version mismatch error"
+ .PP
+ .SH NOTES
+ Please note that due to mmap issues, aide cannot be terminated with
+diff -urp aide-0.13.1.orig/doc/aide.1.in aide-0.13.1/doc/aide.1.in
+--- aide-0.13.1.orig/doc/aide.1.in 2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/doc/aide.1.in 2009-04-14 15:49:56.000000000 -0700
+@@ -67,6 +67,7 @@ conditions:
+ .IP "16 Unimplemented function error"
+ .IP "17 Invalid configureline error"
+ .IP "18 IO error"
++.IP "19 Version mismatch error"
+ .PP
+ .SH NOTES
+ Please note that due to mmap issues, aide cannot be terminated with
+diff -urp aide-0.13.1.orig/include/report.h aide-0.13.1/include/report.h
+--- aide-0.13.1.orig/include/report.h 2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/include/report.h 2009-04-14 15:46:28.000000000 -0700
+@@ -31,6 +31,7 @@
+ #define UNIMPLEMENTED_FUNCTION_ERROR 16
+ #define INVALID_CONFIGURELINE_ERROR 17
+ #define IO_ERROR 18
++#define VERSION_MISMATCH_ERROR 19
+
+ /* Errorcodes */
+ #define HASH_ALGO_ERROR 30
+diff -urp aide-0.13.1.orig/src/md.c aide-0.13.1/src/md.c
+--- aide-0.13.1.orig/src/md.c 2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/src/md.c 2009-04-14 15:46:28.000000000 -0700
+@@ -201,6 +201,12 @@ int init_md(struct md_container* md) {
+ #endif
+ #ifdef WITH_GCRYPT
+ error(255,"Gcrypt library initialization\n");
++ if(!gcry_check_version(GCRYPT_VERSION)) {
++ error(0,"libgcrypt version mismatch\n");
++ exit(VERSION_MISMATCH_ERROR);
++ }
++ gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
++ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+ if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){
+ error(0,"gcrypt_md_open failed\n");
+ exit(IO_ERROR);