gentoo resync : 25.08.2020

5 files changed, 342 insertions, 2 deletions

diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest
index ccecbd019135..49e6fb9c1918 100644
--- a/app-forensics/aide/Manifest
+++ b/app-forensics/aide/Manifest
@@ -2,9 +2,13 @@ AUX aide-0.16-add-missing-include.patch 512 BLAKE2B c3c25bbad549f8d2864b4ce91f33
 AUX aide-0.16-fix-LIBS-LDFLAGS-mixing.patch 874 BLAKE2B e61f6b269dcc3679d68714c315cfff8e8feb4146028abc33e780cb7429c4466c78b7e50c427fb78ffdc310335450a012f7a08b6ecd5aaf562b8ab18565c5f927 SHA512 930967c1c7be54d10beb26e4281083a0f7cf500a5f161cf2af6c0a7b377e9bce092942a3a88c6cbb080e3eab500ec8a7bec1ff295f774ef70146240837961a8f
 AUX aide-0.16-fix-acl-configure-option.patch 728 BLAKE2B a4edf60d7ffbae5f624645dd48f6cce0da6bd228d2b8aa04b08b1a2270fb9fb420175270a694ea225b2ccca6a1e4524001b042e12eb671b9758653c83893a7ee SHA512 65b93cd01ebfe6696e35872bc012126794e5e1e5756c2ce041d9a914722806f6079274b0fbb64bc795488f530c33106deba204ee2982a5a8d485b7cd88382497
 AUX aide-0.16-support-attr-2.4.48.patch 907 BLAKE2B 9d5c2c13a59c8ea1489e5353a2715926b7c0de2292050de166ea7959955a733487d68d047c23382370ccf2e91ea25dd5e4ffc6c55f47768e58da25775843133b SHA512 ea12a1aadc8ac8720dd5495318a0706f720422cdd0a7e7f6d794db4291b9a735468b7a1783922a1e489b738436a5d6e324d3ec66dc40b9b2b09d08ce4b3409e0
+AUX aide-0.16.2_p20200614_define_hash_use_gcrypt.patch 1174 BLAKE2B 694c7859a43f814f1b9ab18c0e0fa458bdbc6ebc0fb1d076cf51839cf48c341f13b84ae08c2ef419a62b53ffe12879fa2b230f546e57c89a5816fd4d2bff902b SHA512 ec31e674141feb03fbe4eb94c82f2c7b366bd31c4d845818650303c7e971ff9c814de8112c818da9de78bb32ca087f75ff313f35d18301775915ecc8b9975e52
 AUX aide.conf 2713 BLAKE2B c6868a81450bb3e66d73a60df258e0c6e1166fb0126a0664cf78db021fb4c32049d92032f8ba92b0c08b58e0267ccafcc6e948daed69a856db2703991776f977 SHA512 cf6c17ab40b0bf9a0fb21ce015c6c35a8f7a595fdeb7d67e793424ed5243660a56cb33c1169038f4b116463cb055a48232f33db8ed497181be4e084449632b28
+AUX aide.conf-r1 3194 BLAKE2B a911d5623adb4122cae21494c5e7542adbfa787bda78f840e1385219adfec19c5a3079b34e16f2c8e9afbe8554b6fc2ae291f7bdd1728b8ac77c7b16135260ae SHA512 24f6af48767e4edd69c4b806c418501583f03574f05bbf87e98659ba36b64acf8e95a772ce690175071127910248a9c6761392ca889cfee235a475341d3a7a77
 AUX aide.cron 5997 BLAKE2B 2273eb902b9ba8fc5e999375d0dfa59e2c5c56a919bf3bd06e7b638213332b34c4a1240c717c2189f787dc249847f7115e2a21ac139b5db1df2151ade9f5a154 SHA512 0931c1b9185e0b9a563c3589858b0ba20716344f29d6d1fc7226498f3c744af1d3c3fd72824f101f9b3e08710f443c9fdad312e28c0bcb93665d1dcb076f4b47
 AUX aideinit 2949 BLAKE2B 244aaec9a38f19c6a7af706572a896e922215d6321aee4537ef5ce47326f41fd84880331a86ec71dcf7ee4e2ac2a11bf979ce66eff73dd2e8a2072e9eb7e8aab SHA512 a6bce52432251458b977fb363d5801206c273fb9404c55f7bcb82b9d5a65aa19d1660d61d457c9af87f1a8fada95e2f8203489b1876b2b2a259e6374e15cdc57
+DIST aide-0.16.2_p20200614.tar.gz 144202 BLAKE2B a2533eaf0dd6caa82718eaa89878ddc101f64767788eeac3a250ceb584a2c5958ef8a5481b89eeb720e21af07da8f3576fb46d8ee9966fd2361354a35a7eaa6e SHA512 f5f83b8401465471043c60aeb6314f7bcab24c9f962f6ce550445bec8d866a5c8c00eba9e9f157f1223cde58631de139533c7de64fb3c861a5d8e7b5e367e106
 DIST aide-0.16.tar.gz 391009 BLAKE2B 8769d8c6bdf72f307b75f3c1feaa2effdeaead00a0c65ab25bbb50dc6f7c7b53fda4d0a3a54dd5030de1444a34a81c294437d45193aeb8aec7ef0af83a173d47 SHA512 29ad97756e3e2fb21dc332ed03b494a1c73e621266f8622ec80bdba23092a38ee975b97f3cff2330e4c16e64e2f672259eea9291ca706a4009e7399b4e14e6a7
 EBUILD aide-0.16-r1.ebuild 3710 BLAKE2B 0be0b1ecc9c7bec42d475c2ccdf79b942572777af15addd5a524affd8dfd329f21ecb2b7fa18238270a9c67cf520127496056f6a7c3dba2682ca064024e3d8af SHA512 5acfa1daa419af465a3c1f2f305f4edddf38e095d18849565d7a41ba55a98c40d3f86bdf6888d48c9f05fd2d71a27086a3577bd78e9ef80947cfb0ebccc11b04
-MISC metadata.xml 432 BLAKE2B e7466cdb1d65c8c56f2fdd287d5a0d2182e749946f51fd3ae44dba7416f279c413aa8f9a507edc402d515670a68eb4a6058eb17c03faa065c66a84fbf89b76dd SHA512 0b365eae19d5fcf28beaba0858430a0b02ac06991c24bb4b6bf01e43ad9b53d0d5f883b3830f0d0e9bb9d4225502a5d38b2e703e61d2cb0fa7a209bb6c147edb
+EBUILD aide-0.16.2_p20200614.ebuild 4326 BLAKE2B bcd8d1f30b15da37fbf5eddacf177d81ad0468ade3a2772d8654df707a86b489193cea15a176be6559226f256d8722743de61d994b9232de90da021a402db7d9 SHA512 0bf37916431339fd506fb1a6cdc03de4bd45e1554e02752c8348898ed71e9bbbd9df6b6835e81d28d81c49b7dedeae098412c1de36a9ea7cbaceba1bf79282a8
+MISC metadata.xml 819 BLAKE2B ea807e78f806beaf63b28b99d5dd95054e247333612d35ea6004bf4720699d4c5a503ca893e0df172086935dd927c6e165410df74c51949108ee6d2fa5766af9 SHA512 22792dd087461ca8b147db6a03a5198127f19ea8473ce5691d9630e36655365a9dde4377f6d62e0457b65a634e23c0b2852db9dadc7d00c3fcec4a84e21b3054
diff --git a/app-forensics/aide/aide-0.16.2_p20200614.ebuild b/app-forensics/aide/aide-0.16.2_p20200614.ebuild
new file mode 100644
index 000000000000..794fd0db7d74
--- /dev/null
+++ b/app-forensics/aide/aide-0.16.2_p20200614.ebuild
@@ -0,0 +1,156 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools readme.gentoo-r1
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a file integrity checker"
+HOMEPAGE="https://aide.github.io/ https://github.com/aide/aide"
+
+COMMIT="7949feff20501724a43929ee7894b005812ffb4f" # 20200614
+SRC_URI="https://github.com/aide/aide/archive/${COMMIT}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="acl audit curl e2fs mhash postgres prelink selinux static xattr zlib"
+
+REQUIRED_USE="
+	postgres? ( !mhash )
+	static? ( !audit !curl !postgres )"
+
+COMMON_DEPEND="
+	dev-libs/libpcre
+	acl? ( virtual/acl )
+	audit? ( sys-process/audit )
+	curl? ( net-misc/curl )
+	e2fs? ( sys-fs/e2fsprogs )
+	!mhash? (
+		dev-libs/libgcrypt:0=
+		dev-libs/libgpg-error
+	)
+	mhash? ( app-crypt/mhash )
+	postgres? ( dev-db/postgresql:= )
+	prelink? ( dev-libs/elfutils )
+	selinux? ( sys-libs/libselinux )
+	xattr? ( sys-apps/attr )
+	zlib? ( sys-libs/zlib )"
+
+RDEPEND="
+	!static? ( ${COMMON_DEPEND} )
+	selinux? ( sec-policy/selinux-aide )"
+
+DEPEND="${COMMON_DEPEND}
+	static? (
+		dev-libs/libpcre[static-libs]
+		acl? ( >=virtual/acl-0-r1[static-libs] )
+		e2fs? ( sys-fs/e2fsprogs[static-libs] )
+		!mhash? (
+			dev-libs/libgcrypt:0[static-libs]
+			dev-libs/libgpg-error[static-libs]
+		)
+		mhash? ( app-crypt/mhash[static-libs] )
+		prelink? ( dev-libs/elfutils[static-libs] )
+		selinux? ( sys-libs/libselinux[static-libs] )
+		xattr? ( sys-apps/attr[static-libs] )
+		zlib? ( sys-libs/zlib[static-libs] )
+	)"
+
+BDEPEND="
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	prelink? ( sys-devel/prelink )"
+
+HTML_DOCS=( doc/manual.html )
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="
+Example configuration file was installed at '${EPREFIX}/etc/aide/aide.conf'.
+Please edit it to meet your needs. Refer to aide.conf(5) manual page
+for more information.
+
+A helper script, aideinit, was installed and can be used to make AIDE
+management easier. Please run 'aideinit --help' for more information."
+
+PATCHES=(
+	"${FILESDIR}/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch"
+	"${FILESDIR}/aide-0.16-fix-acl-configure-option.patch"
+
+	# Remove not available gcrypt algorithm 7 DB_HAVAL
+	# See: https://sourceforge.net/p/aide/bugs/105/
+	"${FILESDIR}/${P}_define_hash_use_gcrypt.patch"
+)
+
+S="${WORKDIR}/${PN}-${COMMIT}"
+
+pkg_setup() {
+	if use postgres; then
+		ewarn "\nWARNING!"
+		ewarn "You need to choose one of the postgres versions before building"
+		ewarn "\nPlease select a target postgres version/slot using:\n"
+		ewarn "    ~# eselect postgresql list"
+		ewarn "    ~# eselect postgresql set <version>\n"
+	fi
+}
+
+src_prepare() {
+	default
+	sed -i -e 's| -Werror||g' configure.ac || die
+	echo "m4_define([AIDE_VERSION], [${PV}])" > version.m4 || die
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--sysconfdir="${EPREFIX}/etc/${PN}"
+		--with-confighmactype="sha512"		# Override default weak MD5 hash.
+		--with-dbhmackey="sha512"			# Override default weak MD5 hash.
+		# Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/
+		# This doesn't affect anything because there are no localizations yet.
+		--without-locale
+		$(use_enable static)
+		$(use_with zlib)
+		$(use_with curl)
+		$(use_with acl posix-acl)
+		$(use_with selinux)
+		$(use_with prelink prelink "${EPREFIX}/usr/sbin/prelink")
+		$(use_with xattr)
+		$(use_with e2fs e2fsattrs)
+		$(use_with mhash mhash)
+		$(use_with !mhash gcrypt)
+		$(use_with postgres psql)
+		$(use_with audit)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+	readme.gentoo_create_doc
+
+	insinto /etc/${PN}
+	insopts -m0600
+	newins "${FILESDIR}"/aide.conf-r1 aide.conf
+
+	dosbin "${FILESDIR}"/aideinit
+	dodoc -r contrib/ "${FILESDIR}"/aide.cron
+
+	keepdir /var/{lib,log}/${PN}
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+
+	if use postgres; then
+		elog "\nDue to a bad assumption by aide, you must issue the following"
+		elog "command after the database initialization (aide --init ...):"
+		elog '\n    ~# psql -c "update pg_index set indisunique=false from pg_class \\ '
+		elog "          where pg_class.relname='TABLE_pkey' and \ "
+		elog '          pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER'
+		elog "\nwhere TABLE, HOSTNAME, PORT, DBASE, and USER are the same as"
+		elog "in your aide.conf.\n"
+	fi
+}
diff --git a/app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch b/app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch
new file mode 100644
index 000000000000..e643a0017de8
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch
@@ -0,0 +1,37 @@
+diff -Nur aide-0.16/include/md.h aide-0.16.new/include/md.h
+--- aide-0.16/include/md.h	2016-07-25 22:56:55.000000000 +0200
++++ aide-0.16.new/include/md.h	2018-11-21 14:07:01.347479021 +0100
+@@ -48,7 +48,7 @@
+ #define HASH_GCRYPT_COUNT GCRY_MD_CRC32
+ #ifndef WITH_MHASH
+ #define HASH_USE_GCRYPT (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|\
+-                         DB_HAVAL|DB_CRC32|DB_SHA256|DB_SHA512)
++                         DB_CRC32B|DB_SHA256|DB_SHA512)
+ #endif
+ #endif
+ 
+diff -Nur aide-0.16/src/md.c aide-0.16.new/src/md.c
+--- aide-0.16/src/md.c	2016-07-25 22:56:55.000000000 +0200
++++ aide-0.16.new/src/md.c	2018-11-21 14:06:05.602295496 +0100
+@@ -55,10 +55,12 @@
+     r=DB_TIGER;
+     break;
+   }
++/* until libgcrypt-1.8.4 not implemented yet, see doc/gcrypt.info-1
+   case GCRY_MD_HAVAL: {
+     r=DB_HAVAL;
+     break;
+   }
++*/
+   case GCRY_MD_SHA256: {
+     r=DB_SHA256;
+     break;
+@@ -219,7 +221,7 @@
+ 			if(gcry_md_enable(md->mdh,i)==GPG_ERR_NO_ERROR){
+ 				md->calc_attr|=h;
+ 			} else {
+-				error(0,"gcry_md_enable %i failed",i);
++				error(0,"gcry_md_enable %i failed, see /usr/include/gcrypt.h enum gcry_md_algos",i);
+ 				md->todo_attr&=~h;
+ 			}
+ 		}
diff --git a/app-forensics/aide/files/aide.conf-r1 b/app-forensics/aide/files/aide.conf-r1
new file mode 100644
index 000000000000..87df5e168c80
--- /dev/null
+++ b/app-forensics/aide/files/aide.conf-r1
@@ -0,0 +1,133 @@
+# Example configuration file for AIDE
+# See more: man 5 aide.conf
+
+database=file:/var/lib/aide/aide.db
+database_out=file:/var/lib/aide/aide.db.new
+
+# Change this to "no" or remove it to not gzip output
+# (only useful on systems with few CPU cycles to spare)
+gzip_dbout=yes
+
+# Default: 5
+#verbose=5
+
+report_url=file:/var/log/aide/aide.log
+report_url=stdout
+#report_url=stderr
+
+# Here are all the things we can check - these are the default rules 
+#
+# p:   permissions
+# ftype: file type
+# i:   inode
+# l:   link name
+# n:   number of links
+# u:   user
+# g:   group
+# s:   size
+# b:   block count
+# m:   mtime (modification time)
+# a:   atime (access time)
+# c:   ctime (change time)
+# S:   check for growing size
+# I:   ignore changed filename
+# ANF: allow new files
+# ARF: allow removed files
+# md5: md5 checksum
+# sha1: sha1 checksum
+# sha256: sha256 checksum
+# sha512: sha512 checksum
+# rmd160: rmd160 checksum
+# tiger: tiger checksum
+# crc32:    crc32 checksum
+# R:   p+ftype+i+l+n+u+g+s+m+c+md5+X
+# L:   p+ftype+i+l+n+u+g+X
+# E:   Empty group
+# X:   acl+selinux+xattrs+e2fsattrs (if groups are explicitly enabled)
+# >:   Growing file p+ftype+l+u+g+i+n+S+X
+
+# Defines formerly set here have been moved to /etc/default/aide.
+
+# Custom rules
+Binlib = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160
+ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160
+Logs = p+i+n+u+g+S
+Devices = p+i+n+u+g+s+b+c+md5+sha256+rmd160
+Databases = p+n+u+g
+StaticDir = p+i+n+u+g
+ManPages = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160
+
+# Next decide what directories/files you want in the database
+
+# Kernel, system map, etc.
+=/boot$ Binlib
+# Configs
+/etc ConfFiles
+!/etc/mtab
+# Binaries
+/bin Binlib
+/sbin Binlib
+/usr/bin Binlib
+/usr/sbin Binlib
+/usr/libexec Binlib
+/usr/local/bin Binlib
+/usr/local/sbin Binlib
+#/usr/games Binlib
+# Libraries
+/lib(64)? Binlib
+/usr/lib(64)? Binlib
+/usr/local/lib(64)? Binlib
+# Log files
+=/var/log$ StaticDir
+#!/var/log/ksymoops
+/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
+/var/log/aide/error.log(.[0-9])?(.gz)? Databases
+#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
+!/var/log/aide
+/var/log Logs
+# Devices
+!/dev/pts
+# If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr,
+# you may uncomment this to get rid of them. They're harmless but sometimes
+# annoying.
+#!/dev/cpu/mtrr
+#!/dev/xconsole
+/dev Devices
+# Other miscellaneous files
+/var/run$ StaticDir
+!/var/run
+# Test only the directory when dealing with /proc
+/proc$ StaticDir
+!/proc
+
+# You can look through these examples to get further ideas
+
+# MD5 sum files - especially useful with debsums -g
+#/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1
+
+# Check crontabs
+#/var/spool/anacron/cron.daily Databases
+#/var/spool/anacron/cron.monthly Databases
+#/var/spool/anacron/cron.weekly Databases
+#/var/spool/cron Databases
+#/var/spool/cron/crontabs Databases
+
+# manpages can be trojaned, especially depending on *roff implementation
+#/usr/man ManPages
+#/usr/share/man ManPages
+#/usr/local/man ManPages
+
+# docs
+#/usr/doc ManPages
+#/usr/share/doc ManPages
+
+# check users' home directories
+#/home Binlib
+
+# check sources for modifications
+#/usr/src L
+#/usr/local/src L
+
+# Check headers for same
+#/usr/include L
+#/usr/local/include L
diff --git a/app-forensics/aide/metadata.xml b/app-forensics/aide/metadata.xml
index f661f6e69f05..c7da79793a7f 100644
--- a/app-forensics/aide/metadata.xml
+++ b/app-forensics/aide/metadata.xml
@@ -1,12 +1,22 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-	<!-- maintainer-needed -->
+	<maintainer type="person">
+		<email>email@linxon.ru</email>
+		<name>Yury Martynov</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
 	<use>
 		<flag name="e2fs">Enable support for checking file attributes on ext2/ext3/ext4 filesystems</flag>
+		<flag name="curl">Use curl for http,https and ftp backends</flag>
+		<flag name="postgres">Use postgresql library for storing databases</flag>
 		<flag name="prelink">Bypass prelinking when calculating checksums</flag>
 	</use>
 	<upstream>
+		<remote-id type="github">aide/aide</remote-id>
 		<remote-id type="sourceforge">aide</remote-id>
 	</upstream>
 </pkgmetadata>