diff options
author | Matsuu Takuto <matsuu@gentoo.org> | 2009-04-16 14:59:20 +0000 |
---|---|---|
committer | Matsuu Takuto <matsuu@gentoo.org> | 2009-04-16 14:59:20 +0000 |
commit | cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9 (patch) | |
tree | b8fa2dd54f1b06f31355faaac6e23c0b82e7cc9a /app-forensics/aide | |
parent | fix bug #260786 (diff) | |
download | historical-cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9.tar.gz historical-cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9.tar.bz2 historical-cf4134d9a7d3c97c3a156aa4aa00111f2bf496e9.zip |
Fixed bug #204217 and #266175.
Package-Manager: portage-2.1.6.11/cvs/Linux x86_64
Diffstat (limited to 'app-forensics/aide')
-rw-r--r-- | app-forensics/aide/ChangeLog | 10 | ||||
-rw-r--r-- | app-forensics/aide/Manifest | 5 | ||||
-rw-r--r-- | app-forensics/aide/aide-0.13.1-r3.ebuild | 143 | ||||
-rw-r--r-- | app-forensics/aide/files/aide-0.13.1-equ-matching.patch | 83 | ||||
-rw-r--r-- | app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch | 49 |
5 files changed, 288 insertions, 2 deletions
diff --git a/app-forensics/aide/ChangeLog b/app-forensics/aide/ChangeLog index 88bdbd70348f..3fa810333930 100644 --- a/app-forensics/aide/ChangeLog +++ b/app-forensics/aide/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-forensics/aide # Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/ChangeLog,v 1.38 2009/03/01 01:52:37 patrick Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/ChangeLog,v 1.39 2009/04/16 14:59:20 matsuu Exp $ + +*aide-0.13.1-r3 (16 Apr 2009) + + 16 Apr 2009; MATSUU Takuto <matsuu@gentoo.org> + +files/aide-0.13.1-equ-matching.patch, + +files/aide-0.13.1-libgrypt_init.patch, +aide-0.13.1-r3.ebuild: + Fixed equal match issue, bug #204217. Fixed libgcrypt issue, bug #266175. + RESTRICT="test" Removed --with-extra-lib. 01 Mar 2009; Patrick Lauer <patrick@gentoo.org> aide-0.13.1-r2.ebuild: Fixing elog messages to reflect changes from #195690. Closes #249793 diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest index 6563e50c1916..fbc341aaa870 100644 --- a/app-forensics/aide/Manifest +++ b/app-forensics/aide/Manifest @@ -1,10 +1,13 @@ AUX aide-0.13.1-configure.patch 2201 RMD160 46f6cf31c0446ce238733d0434c4e3b1126b87fc SHA1 68bb2ced2ebd17ab1f5c5a940e0804f71cd903af SHA256 aa1b35d3d692d6844b3fc1b39e9ae3ed1779d7699f111bd6852a01dde228457d +AUX aide-0.13.1-equ-matching.patch 2451 RMD160 515a0762483224fdfdca4197ee318f1048a7573a SHA1 e4606aaf4935955d0c4f144b415485ad5871248e SHA256 1eddf47fe7f1fb5a7868b22e2af00c2ab7b89b807c4e696621a6e74443d1e323 AUX aide-0.13.1-gentoo.patch 1218 RMD160 a696dfa3819a9be30e34de1d87dcd218283bfd44 SHA1 44085e22669cc2a616979d559afccd3deff37724 SHA256 c78aed624a51f683b83f2cc45239748861e14fe9e3a94277b0e1040b9a87eb00 +AUX aide-0.13.1-libgrypt_init.patch 1957 RMD160 9d515a5e21f758dc11ac417f276b180c745e7235 SHA1 c89d092744ba2a7bf47bfa2c5b75a1702b46ba2c SHA256 66c01f0a43cde218151e7e34c9505ce7438235a779c0cd8235111d1b85392750 AUX aide.conf 2713 RMD160 4f1de8580deb49af8bf93fb2df19f411f2990841 SHA1 0970af5c16aee29aed81f394575be27a66cfcdd4 SHA256 093c6397a4e26ab24127684eb8f9bb223ee5f2c2f9720e54c8ad8b425d52ba49 AUX aide.cron 5997 RMD160 07a10b1bae5373eb186d72ec9b0e9c0987dd1cee SHA1 09f8f66eaec409bc7e2cd77bb74da48fc6136d66 SHA256 f4874c85d808c9f1726421c5f1146c4aa6a6bf831f61962c8265d5e7272f4558 AUX aideinit 2948 RMD160 c5a3f7dd8de191b26f32830ff003d4488452e01e SHA1 cd3f73f3324d7b1655a68c18ef2a0b7543a5d28f SHA256 a7d82272bb381f08d7efcb4fdb9a1eace8c113b3fa2052cc23a2d2871381bba2 DIST aide-0.13.1.tar.gz 285400 RMD160 802ac5bd817032bf3a696db7f547bef322b2487a SHA1 0112ee0a974020b99f09d1f2a9fb05433a7b9681 SHA256 b55065413bad3c24af51a551e6ab7cd4a9ecd9f449929261a45fc2f53e040021 EBUILD aide-0.13.1-r2.ebuild 3654 RMD160 36f8301a03be780199e9c9300f39f0475d521a76 SHA1 0fb5b3a2681963456c927421c464f71b2a3a505e SHA256 01519d86cb4b9719a06d48fa265406dfea0180d14271a415d51d721c2999c119 +EBUILD aide-0.13.1-r3.ebuild 3786 RMD160 9f64381631a017c47556ec8fb701710e4c5baa4a SHA1 2ef6fbba3d68d80e0f45665c647156285c17db3a SHA256 72743cb65ef5afb2013b69194c5686fbc969d23d7af91e78055b1187ddfacb2d EBUILD aide-0.13.1.ebuild 3909 RMD160 1055b7d279b3e9306dda868c5edee309ee780545 SHA1 8a1cd7dfd7bdbf19147a6e5ada9a7671ced1094d SHA256 3fcfcbcc5c6499dc09cb37bcd60903827df37d5c56ce48221c18a2d2c17f3320 -MISC ChangeLog 7974 RMD160 43b10faf7aba0a3980df7e0dac7c9e62e505f00c SHA1 b076b389cc7b8633563c944824b82b4877c1e349 SHA256 33764f4ec413a183a8299920c7f71585c86b3c699adabc3a08dd2d0e4fcaa0f5 +MISC ChangeLog 8281 RMD160 e8500953806ddc670bbfef48351d5ce21dd9c5dc SHA1 b8a398643e88e470397a6a1304868ef52201f469 SHA256 e606971946c77d0b8bd6d504971ad56c1b9eeb9a247ae48fc94a0b844c1fe6e3 MISC metadata.xml 227 RMD160 8fd92f1523d63aec4ec954abee49accf1064c6e6 SHA1 d1d36ec61b481027477edfb7a93cb1c42fb83ff6 SHA256 bb6f7d60ac5d9f18aaea588265033a77bfdeb50676739866d80241cfb869c77c diff --git a/app-forensics/aide/aide-0.13.1-r3.ebuild b/app-forensics/aide/aide-0.13.1-r3.ebuild new file mode 100644 index 000000000000..7e554d3d6b50 --- /dev/null +++ b/app-forensics/aide/aide-0.13.1-r3.ebuild @@ -0,0 +1,143 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/aide-0.13.1-r3.ebuild,v 1.1 2009/04/16 14:59:20 matsuu Exp $ + +inherit autotools eutils + +DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire" +HOMEPAGE="http://aide.sourceforge.net/" +SRC_URI="mirror://sourceforge/aide/${P}.tar.gz" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86" +IUSE="acl curl mhash nls postgres selinux static xattr zlib" +#IUSE="acl audit curl mhash nls postgres selinux static xattr zlib" + +# libsandbox: Can't dlopen libc: (null) +RESTRICT="test" + +DEPEND="acl? ( sys-apps/acl ) + curl? ( net-misc/curl ) + mhash? ( >=app-crypt/mhash-0.9.2 ) + !mhash? ( dev-libs/libgcrypt ) + nls? ( virtual/libintl ) + postgres? ( virtual/postgresql-base ) + selinux? ( sys-libs/libselinux ) + xattr? ( sys-apps/attr ) + zlib? ( sys-libs/zlib )" +# audit? ( sys-process/audit ) + +RDEPEND="!static? ( ${DEPEND} )" + +DEPEND="${DEPEND} + nls? ( sys-devel/gettext ) + sys-devel/bison + sys-devel/flex" + +pkg_config() { + if use mhash && use postgres ; then + eerror "We cannot emerge aide with mhash and postgres USE flags at the same time." + eerror "Please remove mhash OR postgres USE flags." + die "Please remove either mhash or postgres USE flag." + fi +} + +src_unpack() { + unpack ${A} + cd "${S}" + + epatch "${FILESDIR}/${P}-gentoo.patch" + + # fix configure switch + epatch "${FILESDIR}/${P}-configure.patch" + + # fix equal match issue, bug #204217 + epatch "${FILESDIR}/${P}-equ-matching.patch" + + # fix libgcrypt issue, bug #266175 + epatch "${FILESDIR}/${P}-libgrypt_init.patch" + + if ! use mhash ; then + # dev-libs/libgcrypt doesn't support whirlpool algorithm + sed -i -e 's/\+whirlpool//' doc/aide.conf.in || die + fi + + if ! use selinux ; then + sed -i -e 's/\+selinux//' doc/aide.conf.in || die + fi + + if ! use xattr ; then + sed -i -e 's/\+xattrs//' doc/aide.conf.in || die + fi + + if ! use acl ; then + sed -i -e 's/\+acl//' doc/aide.conf.in || die + fi + + eautoreconf +} + +src_compile() { + local myconf=" + $(use_with acl posix-acl) + $(use_with !mhash gcrypt) + $(use_with mhash mhash) + $(use_with nls locale) + $(use_with postgres psql) + $(use_with selinux) + $(use_enable static) + $(use_with xattr) + $(use_with zlib) + --sysconfdir=/etc/aide" +# $(use_with audit) + + # curl doesn't work with static + use curl && ! use static && myconf="${myconf} --with-curl" + + econf ${myconf} || die "econf failed" + # parallel make borked + emake -j1 || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed" + + keepdir /var/lib/aide + fowners root:0 /var/lib/aide + fperms 0755 /var/lib/aide + + keepdir /var/log/aide + + insinto /etc/aide + doins "${FILESDIR}"/aide.conf + + dosbin "${FILESDIR}"/aideinit + + dodoc ChangeLog AUTHORS NEWS README "${FILESDIR}"/aide.cron + dohtml doc/manual.html +} + +pkg_postinst() { + elog + elog "A sample configuration file has been installed as" + elog "/etc/aide/aide.conf. Please edit to meet your needs." + elog "Read the aide.conf(5) manual page for more information." + elog "A helper script, aideinit, has been installed and can" + elog "be used to make AIDE management easier. Please run" + elog "aideinit --help for more information" + elog + + if use postgres; then + elog "Due to a bad assumption by aide, you must issue the following" + elog "command after the database initialization (aide --init ...):" + elog + elog 'psql -c "update pg_index set indisunique=false from pg_class \\ ' + elog " where pg_class.relname='TABLE_pkey' and \ " + elog ' pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER' + elog + elog "where TABLE, HOSTNAME, PORT, DBASE, and USER are the same as" + elog "your aide.conf." + elog + fi +} diff --git a/app-forensics/aide/files/aide-0.13.1-equ-matching.patch b/app-forensics/aide/files/aide-0.13.1-equ-matching.patch new file mode 100644 index 000000000000..e5d02a5ea7d5 --- /dev/null +++ b/app-forensics/aide/files/aide-0.13.1-equ-matching.patch @@ -0,0 +1,83 @@ +--- src/gen_list.c.orig 2007-12-19 15:37:13.000000000 -0800 ++++ src/gen_list.c 2007-12-19 16:19:43.000000000 -0800 +@@ -732,33 +732,6 @@ + return retval; + } + +-//this is used to check if $text if equal to a node in $rxrlist +-//should be used to check equ_rx_lst only +-int check_list_for_equal(list* rxrlist,char* text,DB_ATTR_TYPE* attr) +-{ +- list* r=NULL; +- int retval=1; +- char *temp; +- +- for(r=rxrlist;r;r=r->next){ +- temp=((rx_rule*)r->data)->rx; +- +- //FIXME, if rx not begin with ^, may need to do something else +- if(temp[0]=='^') //^ is for reg exp, we can ignore this character +- temp++; +- +- //we don't need to worry about buff-overflow, so strcmp is safe +- if((retval=strcmp(temp, text))==0){ +- *attr=((rx_rule*)r->data)->attr; +- error(231,"\"%s\" matches string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx); +- break; +- } else { +- error(231,"\"%s\" doesn't match string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx); +- } +- } +- return retval; +-} +- + /* + * Function check_node_for_match() + * calls itself recursively to go to the top and then back down. +@@ -783,35 +756,24 @@ + return retval; + } + +- /* We need this to check whether this was the first one * +- * to be called and not a recursive call */ +- if(!((retval&16)==16)){ +- retval|=16; ++ /* if this call is not recursive we check the equals list and we set top * ++ * and retval so we know following calls are recursive */ ++ if(!(retval&16)){ + top=1; +- } else { +- top=0; +- } +- +- /* if no deeper match found */ +- if(!((retval&8)==8)&&!((retval&4)==4)){ ++ retval|=16; ++ + if(!check_list_for_match(node->equ_rx_lst,text,attr)){ +- /* +- Zhi Wen Wong added this line to fix bug that equ not work for +- compare +- if we do "=/bin", we should only check /bin +- so, /bin/bash or /bin/something should return 0 as neg +- */ +- if(!check_list_for_equal(node->equ_rx_lst,text,attr)) +- retval|=(2|4); +- }; +- }; ++ retval|=2|4; ++ } ++ } + /* We'll use retval to pass information on whether to recurse + * the dir or not */ + + +- if(!((retval&8)==8)&&!((retval&4)==4)){ ++ /* If 4 and 8 are not set, we will check for matches */ ++ if(!(retval&(4|8))){ + if(!check_list_for_match(node->sel_rx_lst,text,attr)) +- retval|=(1|8); ++ retval|=1|8; + } + + /* Now let's check the ancestors */ diff --git a/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch b/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch new file mode 100644 index 000000000000..56b39693f4ff --- /dev/null +++ b/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch @@ -0,0 +1,49 @@ +diff -urp aide-0.13.1.orig/doc/aide.1 aide-0.13.1/doc/aide.1 +--- aide-0.13.1.orig/doc/aide.1 2009-04-14 15:46:20.000000000 -0700 ++++ aide-0.13.1/doc/aide.1 2009-04-14 15:49:18.000000000 -0700 +@@ -67,6 +67,7 @@ conditions: + .IP "16 Unimplemented function error" + .IP "17 Invalid configureline error" + .IP "18 IO error" ++.IP "19 Version mismatch error" + .PP + .SH NOTES + Please note that due to mmap issues, aide cannot be terminated with +diff -urp aide-0.13.1.orig/doc/aide.1.in aide-0.13.1/doc/aide.1.in +--- aide-0.13.1.orig/doc/aide.1.in 2009-04-14 15:46:20.000000000 -0700 ++++ aide-0.13.1/doc/aide.1.in 2009-04-14 15:49:56.000000000 -0700 +@@ -67,6 +67,7 @@ conditions: + .IP "16 Unimplemented function error" + .IP "17 Invalid configureline error" + .IP "18 IO error" ++.IP "19 Version mismatch error" + .PP + .SH NOTES + Please note that due to mmap issues, aide cannot be terminated with +diff -urp aide-0.13.1.orig/include/report.h aide-0.13.1/include/report.h +--- aide-0.13.1.orig/include/report.h 2009-04-14 15:46:20.000000000 -0700 ++++ aide-0.13.1/include/report.h 2009-04-14 15:46:28.000000000 -0700 +@@ -31,6 +31,7 @@ + #define UNIMPLEMENTED_FUNCTION_ERROR 16 + #define INVALID_CONFIGURELINE_ERROR 17 + #define IO_ERROR 18 ++#define VERSION_MISMATCH_ERROR 19 + + /* Errorcodes */ + #define HASH_ALGO_ERROR 30 +diff -urp aide-0.13.1.orig/src/md.c aide-0.13.1/src/md.c +--- aide-0.13.1.orig/src/md.c 2009-04-14 15:46:20.000000000 -0700 ++++ aide-0.13.1/src/md.c 2009-04-14 15:46:28.000000000 -0700 +@@ -201,6 +201,12 @@ int init_md(struct md_container* md) { + #endif + #ifdef WITH_GCRYPT + error(255,"Gcrypt library initialization\n"); ++ if(!gcry_check_version(GCRYPT_VERSION)) { ++ error(0,"libgcrypt version mismatch\n"); ++ exit(VERSION_MISMATCH_ERROR); ++ } ++ gcry_control(GCRYCTL_DISABLE_SECMEM, 0); ++ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){ + error(0,"gcrypt_md_open failed\n"); + exit(IO_ERROR); |