gentoo resync : 20.03.2022

author: V3n3RiX <venerix@koprulu.sector> 2022-03-20 00:40:44 +0000
committer: V3n3RiX <venerix@koprulu.sector> 2022-03-20 00:40:44 +0000
commit: 4cbcc855382a06088e2f016f62cafdbcb7e40665 (patch)
tree: 356496503d52354aa6d9f2d36126302fed5f3a73 /app-forensics/aide
parent: fcc5224904648a8e6eb528d7603154160a20022f (diff)
8 files changed, 502 insertions, 9 deletions
diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest
index d55fe4a3def9..16a8890381b6 100644
--- a/app-forensics/aide/Manifest
+++ b/app-forensics/aide/Manifest
@@ -1,9 +1,14 @@
 AUX aide-0.16-fix-LIBS-LDFLAGS-mixing.patch 874 BLAKE2B e61f6b269dcc3679d68714c315cfff8e8feb4146028abc33e780cb7429c4466c78b7e50c427fb78ffdc310335450a012f7a08b6ecd5aaf562b8ab18565c5f927 SHA512 930967c1c7be54d10beb26e4281083a0f7cf500a5f161cf2af6c0a7b377e9bce092942a3a88c6cbb080e3eab500ec8a7bec1ff295f774ef70146240837961a8f
-AUX aide-0.16-fix-acl-configure-option.patch 728 BLAKE2B a4edf60d7ffbae5f624645dd48f6cce0da6bd228d2b8aa04b08b1a2270fb9fb420175270a694ea225b2ccca6a1e4524001b042e12eb671b9758653c83893a7ee SHA512 65b93cd01ebfe6696e35872bc012126794e5e1e5756c2ce041d9a914722806f6079274b0fbb64bc795488f530c33106deba204ee2982a5a8d485b7cd88382497
+AUX aide-0.16-fix-acl-configure-option.patch 770 BLAKE2B 92d26163475e5a5ddd9b374cc4d50bc2c290aebedf1562b6d02b15f8b7c2f99b86d0eb414b58f9799b2cd63f9744fc5ce1a20965b7a7fa8984317f492db2173a SHA512 a2a5675ed0dec291724f08885bb4186c813c7ec99d90688e8db5d5f1e369d606c9dfb820a4735dff062476fd332e0d69dbd017022d6a9f1163956bd756fdc6d5
 AUX aide-0.16.2_p20200614_define_hash_use_gcrypt.patch 1174 BLAKE2B 694c7859a43f814f1b9ab18c0e0fa458bdbc6ebc0fb1d076cf51839cf48c341f13b84ae08c2ef419a62b53ffe12879fa2b230f546e57c89a5816fd4d2bff902b SHA512 ec31e674141feb03fbe4eb94c82f2c7b366bd31c4d845818650303c7e971ff9c814de8112c818da9de78bb32ca087f75ff313f35d18301775915ecc8b9975e52
+AUX aide-0.17.4-bashism.patch 2759 BLAKE2B 973ecaf273b2a5f69c3346d486a7df4f035e436b67dbc28b8aa878f19188fcf46d05b95a969da89c7c168e3c1c2d377d5525d98b47a6b434f2b97dfc29d1f7ab SHA512 1d4d8acbd3d7c035ef8c94ef2b477c446d268a418f95797fb0824570295b697cb498747fc091839671913ccaaedac0e5779b9e324712eefc8093c143660d2a00
 AUX aide.conf-r1 3194 BLAKE2B a911d5623adb4122cae21494c5e7542adbfa787bda78f840e1385219adfec19c5a3079b34e16f2c8e9afbe8554b6fc2ae291f7bdd1728b8ac77c7b16135260ae SHA512 24f6af48767e4edd69c4b806c418501583f03574f05bbf87e98659ba36b64acf8e95a772ce690175071127910248a9c6761392ca889cfee235a475341d3a7a77
+AUX aide.conf-r2 3277 BLAKE2B 9792a13c590d9c72d94f1a24ef700c4ff77f3c672fd3e67589b694ab7fff1779728f12f1b590323c64ea129a794be71235a825f2e0fcf7d3f4699bb4de75d2c1 SHA512 1fc31c986e785910918dbc33f8912efb442770d0974f996d7dfe6c525b8602ed609cd19a41b5edd759e0099b02de16bde21ca67fe8d5d3085f0c0812a8a460c1
 AUX aide.cron 5997 BLAKE2B 2273eb902b9ba8fc5e999375d0dfa59e2c5c56a919bf3bd06e7b638213332b34c4a1240c717c2189f787dc249847f7115e2a21ac139b5db1df2151ade9f5a154 SHA512 0931c1b9185e0b9a563c3589858b0ba20716344f29d6d1fc7226498f3c744af1d3c3fd72824f101f9b3e08710f443c9fdad312e28c0bcb93665d1dcb076f4b47
+AUX aide.cron-r2 5681 BLAKE2B 517f7a0a01bb6eb104d6f758191990c4da518fd15af9f88a5521e4b958d558ddb84d0fa9c7b089a62f8b11cd8b2df52c138f49d6b4f276eab2f70a0262f6d5f0 SHA512 104e7025f193d2e2cf93d18a52d66059c7a539d7d2c6f3f514f2cca4252260e1668cf18c6acfaf5069038a9f97f0052a38ea32fb75c0af7e2b2920a819e96922
 AUX aideinit 2949 BLAKE2B 244aaec9a38f19c6a7af706572a896e922215d6321aee4537ef5ce47326f41fd84880331a86ec71dcf7ee4e2ac2a11bf979ce66eff73dd2e8a2072e9eb7e8aab SHA512 a6bce52432251458b977fb363d5801206c273fb9404c55f7bcb82b9d5a65aa19d1660d61d457c9af87f1a8fada95e2f8203489b1876b2b2a259e6374e15cdc57
 DIST aide-0.16.2_p20200614.tar.gz 144202 BLAKE2B a2533eaf0dd6caa82718eaa89878ddc101f64767788eeac3a250ceb584a2c5958ef8a5481b89eeb720e21af07da8f3576fb46d8ee9966fd2361354a35a7eaa6e SHA512 f5f83b8401465471043c60aeb6314f7bcab24c9f962f6ce550445bec8d866a5c8c00eba9e9f157f1223cde58631de139533c7de64fb3c861a5d8e7b5e367e106
-EBUILD aide-0.16.2_p20200614.ebuild 3836 BLAKE2B 29ac2e585bbeaf41772fd1518232b68c069e7d2aefa2c01039d2d6ddc7e90b59f4cdfb1708b7f47e49e33d609bf65b3d6539d17dea483ebf0e8ecd7a30e87bea SHA512 11f6f63d4f617e28aed443f874a2dfbf4e6636ae95fae6cf28472f1deab105dcb0e30c8ca1005a1065867c7a303b0f53080857a3b1a06ebbcb981981f9dd9d9e
-MISC metadata.xml 718 BLAKE2B 932960c54bc120d08b807e570bb2db2a04ef96b045bf6345d0ff07c19a16f58c416a460192b99bc32747ba28e15de79223876d0c516d09e568e4b464e445993c SHA512 f81107390210fb97d80206eeef45ebebab21ae25ef9856db51ddbd5a19a1283945750f31609c1f554becb735e9a5340242a0e39c8eb04a2b9cfd728d4fffb068
+DIST aide-0.17.4.tar.gz 331783 BLAKE2B 584a385d0a0e80edf0b89eef202431adfea7fe8ba04c774e49dfb7230e766e19a48572e9d6c80386668572e459db9770b04978df484bd49c7de6433657500e13 SHA512 b6dba54fd204e1899d47b0b4139786cbeaa51c388027e2cfc1bb839297a70ae8ad6f37429594a730fac8007d62b4ba5b61a4aa22edbc55cbe986ccfaf5197f31
+EBUILD aide-0.16.2_p20200614.ebuild 3725 BLAKE2B cd6c5ddb8f94d0a35430f93d998d287b1b94f7a9fc06c7fb25b713cd7ef8b20cfb0119da3f2efad5db4c6064eb7c95816abf5f503468f60fe7c13cf18f279eca SHA512 7c019a53a53409f12da04a186e37be3ed4f0561e89d0ac0b2190065a84371e4dd9cf276ef42789fec907e31785fc4782abef5c0ca5886b32404d7046f44398b0
+EBUILD aide-0.17.4-r2.ebuild 2440 BLAKE2B c60cd6577e7887079f0876beb9121b7e8e3e3cb929738e328978113546cfb80b05dd45717475ff5dc92f1800685c12b1e213680aec483a05319a82f30971c672 SHA512 51b2772571329b90affc44cea3583eef127cade567f050188a78271c116d33c3795c89593a8d555e5f8d443664c7a6d8ad70210e7000cacae8c88aa88334a739
+MISC metadata.xml 643 BLAKE2B 7e5eb2247bb681683886521e9f58dae4de58db2719a5a47550134e89b4b9e3e3aaf7e8d63710a5bd81e74f9a8d63bede8f1eabf2def85f60370b69b6b44041ef SHA512 247e747485777b0e1794c623049d8fcdb348fb071d09ecb2d35d975d3785530ca4b8c8d1bae116cc8daa29cd154c871ba71c8d2dd313222707621e269a7d100d
diff --git a/app-forensics/aide/aide-0.16.2_p20200614.ebuild b/app-forensics/aide/aide-0.16.2_p20200614.ebuild
index 1089cf44d87c..cd9f0a7ea377 100644
--- a/app-forensics/aide/aide-0.16.2_p20200614.ebuild
+++ b/app-forensics/aide/aide-0.16.2_p20200614.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -14,7 +14,7 @@ SRC_URI="https://github.com/aide/aide/archive/${COMMIT}.tar.gz -> ${P}.tar.gz"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="amd64 ~arm64 x86"
-IUSE="acl audit curl e2fs mhash postgres prelink selinux xattr zlib"
+IUSE="acl audit curl e2fs mhash postgres selinux xattr zlib"
 
 REQUIRED_USE="
 	postgres? ( !mhash )
@@ -32,7 +32,6 @@ COMMON_DEPEND="
 	)
 	mhash? ( app-crypt/mhash )
 	postgres? ( dev-db/postgresql:= )
-	prelink? ( dev-libs/elfutils )
 	selinux? ( sys-libs/libselinux )
 	xattr? ( sys-apps/attr )
 	zlib? ( sys-libs/zlib )"
@@ -47,7 +46,7 @@ BDEPEND="
 	sys-devel/bison
 	sys-devel/flex
 	virtual/pkgconfig
-	prelink? ( sys-devel/prelink )"
+"
 
 HTML_DOCS=( doc/manual.html )
 
@@ -96,12 +95,12 @@ src_configure() {
 		# Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/
 		# This doesn't affect anything because there are no localizations yet.
 		--without-locale
+		--without-prelink
 		--disable-static
 		$(use_with zlib)
 		$(use_with curl)
 		$(use_with acl posix-acl)
 		$(use_with selinux)
-		$(use_with prelink prelink "${EPREFIX}/usr/sbin/prelink")
 		$(use_with xattr)
 		$(use_with e2fs e2fsattrs)
 		$(use_with mhash mhash)
diff --git a/app-forensics/aide/aide-0.17.4-r2.ebuild b/app-forensics/aide/aide-0.17.4-r2.ebuild
new file mode 100644
index 000000000000..eee74dece344
--- /dev/null
+++ b/app-forensics/aide/aide-0.17.4-r2.ebuild
@@ -0,0 +1,104 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools readme.gentoo-r1
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a file integrity checker"
+HOMEPAGE="https://aide.github.io/ https://github.com/aide/aide"
+SRC_URI="https://github.com/aide/aide/releases/download/v${PV}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~arm64 x86"
+IUSE="acl audit curl e2fs mhash selinux xattr zlib"
+
+DEPEND="dev-libs/libpcre
+	acl? ( virtual/acl )
+	audit? ( sys-process/audit )
+	curl? ( net-misc/curl )
+	e2fs? ( sys-fs/e2fsprogs )
+	!mhash? (
+		dev-libs/libgcrypt:0=
+		dev-libs/libgpg-error
+	)
+	mhash? ( app-crypt/mhash )
+	selinux? ( sys-libs/libselinux )
+	xattr? ( sys-apps/attr )
+	zlib? ( sys-libs/zlib )"
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-aide )"
+BDEPEND="sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig"
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="
+Example configuration file was installed at '${EPREFIX}/etc/aide/aide.conf'.
+Please edit it to meet your needs. Refer to aide.conf(5) manual page
+for more information.
+
+A helper script, aideinit, was installed and can be used to make AIDE
+management easier. Please run 'aideinit --help' for more information."
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.16-fix-acl-configure-option.patch
+	"${FILESDIR}"/${PN}-0.17.4-bashism.patch
+)
+
+src_prepare() {
+	default
+
+	sed -i -e 's| -Werror||g' configure.ac || die
+
+	# Only needed for snapshots.
+	if [[ ${PV} == *_p* ]] ; then
+		echo "m4_define([AIDE_VERSION], [${PV}])" > version.m4 || die
+	fi
+
+	# Can be dropped once Bashism patch is gone
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--sysconfdir="${EPREFIX}"/etc/${PN}
+
+		# Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/
+		# This doesn't affect anything because there are no localizations yet.
+		--without-locale
+
+		--without-prelink
+		$(use_with zlib)
+		$(use_with curl)
+		$(use_with acl posix-acl)
+		$(use_with selinux)
+		$(use_with xattr)
+		$(use_with e2fs e2fsattrs)
+		$(use_with mhash mhash)
+		$(use_with !mhash gcrypt)
+		$(use_with audit)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	readme.gentoo_create_doc
+
+	insinto /etc/${PN}
+	insopts -m0600
+	newins "${FILESDIR}"/aide.conf-r2 aide.conf
+
+	dosbin "${FILESDIR}"/aideinit
+	dodoc -r contrib/ "${FILESDIR}"/aide.cron-r2
+
+	keepdir /var/{lib,log}/${PN}
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+}
diff --git a/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch b/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
index a989e379039c..b860b39d73ee 100644
--- a/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
+++ b/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
@@ -1,3 +1,5 @@
+Fixes upstream in master but not 0.17.x.
+
 commit 3d9746bccbb50809e4c3de90ab5145a17af39aeb
 Author: Ilya Tumaykin <itumaykin@gmail.com>
 Date:   Thu May 25 14:38:02 2017 +0300
diff --git a/app-forensics/aide/files/aide-0.17.4-bashism.patch b/app-forensics/aide/files/aide-0.17.4-bashism.patch
new file mode 100644
index 000000000000..e25463dbf772
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.17.4-bashism.patch
@@ -0,0 +1,60 @@
+Fixed upstream, so backport to 0.17.4 of
+https://github.com/aide/aide/commit/5161886c49060228811eee6da319844ef62dff6d
+https://github.com/aide/aide/commit/007eb4f32e8874ce457b4f15d9789c2a9d61731b
+
+Fixed in master but not 0.17.x.
+--- a/configure.ac
++++ b/configure.ac
+@@ -329,7 +329,7 @@ fi
+ AC_CHECK_HEADERS(syslog.h inttypes.h fcntl.h ctype.h)
+ 
+ PCRELIB="-lpcre"
+-if test "$aide_static_choice" == "yes"; then
++if test "$aide_static_choice" = "yes"; then
+     PCRELIB="$PCRELIB -pthread"
+ fi
+ AC_CHECK_LIB(pcre, pcre_exec, [
+@@ -426,14 +426,14 @@ AS_IF([test "x$with_selinux_support" != xno],
+     AC_DEFINE(WITH_SELINUX,1,[use SELinux])
+     [AC_MSG_RESULT(yes)
+     if test "x$PKG_CONFIG" != xno && $PKG_CONFIG --exists libselinux; then
+-        if test "$aide_static_choice" == "yes"; then
++        if test "$aide_static_choice" = "yes"; then
+             SELINUXLIB=$(${PKG_CONFIG} --libs libselinux --static)
+         else
+             SELINUXLIB=$(${PKG_CONFIG} --libs libselinux)
+         fi
+     else
+     SELINUXLIB="-lselinux"
+-    if test "$aide_static_choice" == "yes"; then
++    if test "$aide_static_choice" = "yes"; then
+         saveLIBS=$LIBS
+         LIBS="-static $SELINUXLIB"
+         AC_SEARCH_LIBS([lgetfilecon_raw], [], [], [SELINUXLIB="$SELINUXLIB -lpthread"])
+@@ -555,7 +555,7 @@ AC_ARG_ENABLE([default_db],
+     [do not set default values for database_in and database_out config options]),
+     [enable_default_db=$enableval],[enable_default_db=yes])
+ 
+-if test "$enable_default_db" == "yes"; then
++if test "$enable_default_db" = "yes"; then
+ 
+ if test "x$sysconfdir" != x'${prefix}/etc'; then
+ 	evalled_sysconfdir=`eval echo "$sysconfdir"`
+@@ -592,7 +592,7 @@ AC_ARG_WITH([curl],
+   [use curl library for http, https and ftp database backend (default: no)]),
+  [with_curl=$withval], [with_curl=no])
+ AS_IF([test "x$with_curl" = "xyes"], [
+-       if test "$aide_static_choice" == "yes"; then
++       if test "$aide_static_choice" = "yes"; then
+            PKG_CHECK_MODULES_STATIC(CURL, [libcurl], , [AC_MSG_RESULT([libcurl not found by pkg-config - Try --without-curl or add directory containing libcurl.pc to PKG_CONFIG_PATH environment variable])])
+         else
+            PKG_CHECK_MODULES(CURL, [libcurl], , [AC_MSG_RESULT([libcurl not found by pkg-config - Try --without-curl or add directory containing libcurl.pc to PKG_CONFIG_PATH environment variable])])
+@@ -671,7 +671,7 @@ AS_IF([test "x$with_audit" != xno],
+ 		AC_MSG_ERROR(You don't have libaudit properly installed. Install it if you need it.)
+ 	)
+ 	AUDITLIB="-laudit"
+-	if test "$aide_static_choice" == "yes"; then
++	if test "$aide_static_choice" = "yes"; then
+ 		saveLIBS=$LIBS
+ 		LIBS="-static $AUDITLIB"
+ 		AC_CHECK_LIB([audit], [audit_log_user_message], [], [
diff --git a/app-forensics/aide/files/aide.conf-r2 b/app-forensics/aide/files/aide.conf-r2
new file mode 100644
index 000000000000..4bce675f7da3
--- /dev/null
+++ b/app-forensics/aide/files/aide.conf-r2
@@ -0,0 +1,136 @@
+# Example configuration file for AIDE
+# See more: man 5 aide.conf
+
+database_in=file:/var/lib/aide/aide.db
+database_out=file:/var/lib/aide/aide.db.new
+
+# Change this to "no" or remove it to not gzip output
+# (only useful on systems with few CPU cycles to spare)
+gzip_dbout=yes
+
+# Default: warning
+#log_level=info
+
+# Default: changed_attributes
+#report_level=added_removed_attributes
+
+report_url=file:/var/log/aide/aide.log
+report_url=stdout
+#report_url=stderr
+
+# Here are all the things we can check - these are the default rules
+#
+# p:   permissions
+# ftype: file type
+# i:   inode
+# l:   link name
+# n:   number of links
+# u:   user
+# g:   group
+# s:   size
+# b:   block count
+# m:   mtime (modification time)
+# a:   atime (access time)
+# c:   ctime (change time)
+# S:   check for growing size
+# I:   ignore changed filename
+# ANF: allow new files
+# ARF: allow removed files
+# md5: md5 checksum
+# sha1: sha1 checksum
+# sha256: sha256 checksum
+# sha512: sha512 checksum
+# rmd160: rmd160 checksum
+# tiger: tiger checksum
+# crc32:    crc32 checksum
+# R:   p+ftype+i+l+n+u+g+s+m+c+md5+X
+# L:   p+ftype+i+l+n+u+g+X
+# E:   Empty group
+# X:   acl+selinux+xattrs+e2fsattrs (if groups are explicitly enabled)
+# >:   Growing file p+ftype+l+u+g+i+n+S+X
+
+# Defines formerly set here have been moved to /etc/default/aide.
+
+# Custom rules
+Binlib = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160
+ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160
+Logs = p+i+n+u+g+S
+Devices = p+i+n+u+g+s+b+c+md5+sha256+rmd160
+Databases = p+n+u+g
+StaticDir = p+i+n+u+g
+ManPages = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160
+
+# Next decide what directories/files you want in the database
+
+# Kernel, system map, etc.
+=/boot$ Binlib
+# Configs
+/etc ConfFiles
+!/etc/mtab
+# Binaries
+/bin Binlib
+/sbin Binlib
+/usr/bin Binlib
+/usr/sbin Binlib
+/usr/libexec Binlib
+/usr/local/bin Binlib
+/usr/local/sbin Binlib
+#/usr/games Binlib
+# Libraries
+/lib(64)? Binlib
+/usr/lib(64)? Binlib
+/usr/local/lib(64)? Binlib
+# Log files
+=/var/log$ StaticDir
+#!/var/log/ksymoops
+/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
+/var/log/aide/error.log(.[0-9])?(.gz)? Databases
+#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
+!/var/log/aide
+/var/log Logs
+# Devices
+!/dev/pts
+# If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr,
+# you may uncomment this to get rid of them. They're harmless but sometimes
+# annoying.
+#!/dev/cpu/mtrr
+#!/dev/xconsole
+/dev Devices
+# Other miscellaneous files
+/var/run$ StaticDir
+!/var/run
+# Test only the directory when dealing with /proc
+/proc$ StaticDir
+!/proc
+
+# You can look through these examples to get further ideas
+
+# MD5 sum files - especially useful with debsums -g
+#/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1
+
+# Check crontabs
+#/var/spool/anacron/cron.daily Databases
+#/var/spool/anacron/cron.monthly Databases
+#/var/spool/anacron/cron.weekly Databases
+#/var/spool/cron Databases
+#/var/spool/cron/crontabs Databases
+
+# manpages can be trojaned, especially depending on *roff implementation
+#/usr/man ManPages
+#/usr/share/man ManPages
+#/usr/local/man ManPages
+
+# docs
+#/usr/doc ManPages
+#/usr/share/doc ManPages
+
+# check users' home directories
+#/home Binlib
+
+# check sources for modifications
+#/usr/src L
+#/usr/local/src L
+
+# Check headers for same
+#/usr/include L
+#/usr/local/include L
diff --git a/app-forensics/aide/files/aide.cron-r2 b/app-forensics/aide/files/aide.cron-r2
new file mode 100644
index 000000000000..b8a78ba2a856
--- /dev/null
+++ b/app-forensics/aide/files/aide.cron-r2
@@ -0,0 +1,188 @@
+#!/bin/bash
+# Modified: Benjamin Smee
+# Date: Fri Sep 10 11:35:41 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Set this to suppress mailings when there's nothing to report
+QUIETREPORTS=1
+
+# This parameter defines which aide command to run from the cron script.
+# Sensible values are "update" and "check".
+# Default is "check", ensuring backwards compatibility.
+# Since "update" does not take any longer, it is recommended to use "update",
+# so that a new database is created every day. The new database needs to be
+# manually copied over the current one, though.
+COMMAND=update
+
+# This parameter defines how many lines to return per e-mail. Output longer
+# than this value will be truncated in the e-mail sent out.
+LINES=1000
+
+# This parameter gives a grep regular expression. If given, all output lines
+# that _don't_ match the regexp are listed first in the script's output. This
+# allows to easily remove noise from the aide report.
+NOISE="(/var/cache/|/var/lib/|/var/tmp)"
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+LOGDIR="/var/log/aide"
+LOGFILE="aide.log"
+CONFFILE="/etc/aide/aide.conf"
+ERRORLOG="aide_error.log"
+MAILLOG="aide_mail.log"
+ERRORTMP=$(mktemp "${ERRORLOG}.XXXXXX")
+
+[ -f /usr/bin/aide ] || exit 0
+
+DATABASE=$(grep "^database=file:/" $CONFFILE | head -n 1 | cut --delimiter=: --fields=2)
+FQDN=$(hostname -f)
+DATE=$(date +"at %Y-%m-%d %H:%M")
+
+# default values
+
+DATABASE="${DATABASE:-/var/lib/aide/aide.db}"
+
+AIDEARGS=""
+
+if [ ! -f "$DATABASE" ]; then
+	/usr/sbin/sendmail $MAILTO <<EOF
+Subject: Daily AIDE report for $FQDN
+From: root@${FQDN}
+To: ${MAILTO}
+Fatal error: The AIDE database does not exist!
+This may mean you haven't created it, or it may mean that someone has removed it.
+EOF
+	exit 0
+fi
+
+aide $AIDEARGS --$COMMAND >"$LOGDIR/$LOGFILE" 2>"$ERRORTMP"
+RETVAL=$?
+
+if [ -n "$QUIETREPORTS" ] && ! [ -s "$LOGDIR/$LOGFILE" ] && ! [ -s "$ERRORTMP" ] ; then
+	# Bail now because there was no output and QUIETREPORTS is set
+	exit 0
+fi
+
+MAILTMP=$(mktemp "${MAILLOG}.XXXXXX")
+
+(cat << EOF
+This is an automated report generated by the Advanced Intrusion Detection
+Environment on $FQDN ${DATE}.
+
+EOF
+
+# include error log in daily report e-mail
+
+if [ "$RETVAL" != "0" ]; then
+	cat > "$LOGDIR/$ERRORLOG" << EOF
+
+*****************************************************************************
+*                    aide returned a non-zero exit value                    *
+*****************************************************************************
+
+EOF
+	echo "exit value is: $RETVAL" >> "$LOGDIR/$ERRORLOG"
+else
+	touch "$LOGDIR/$ERRORLOG"
+fi
+< "$ERRORTMP" cat >> "$LOGDIR/$ERRORLOG"
+rm -f "$ERRORTMP"
+
+if [ -s "$LOGDIR/$ERRORLOG" ]; then
+	errorlines=$(wc -l "$LOGDIR/$ERRORLOG" | awk '{ print $1 }')
+	if [ "${errorlines:=0}" -gt $LINES ]; then
+		cat << EOF
+
+****************************************************************************
+*                      aide has returned many errors.                      *
+*           the error log output has been truncated in this mail           *
+****************************************************************************
+
+EOF
+		echo "Error output is $errorlines lines, truncated to $LINES."
+		head -$LINES "$LOGDIR/$ERRORLOG"
+		echo "The full output can be found in $LOGDIR/$ERRORLOG."
+	else
+		echo "Errors produced  ($errorlines lines):"
+		cat "$LOGDIR/$ERRORLOG"
+	fi
+else
+	echo "AIDE produced no errors."
+fi
+
+# include de-noised log
+
+if [ -n "$NOISE" ]; then
+	NOISETMP=$(mktemp "aidenoise.XXXXXX")
+	NOISETMP2=$(mktemp "aidenoise.XXXXXX")
+	sed -n '1,/^Detailed information about changes:/p' "$LOGDIR/$LOGFILE" | \
+	grep '^\(changed\|removed\|added\):' | \
+	grep -v "^added: THERE WERE ALSO [0-9]\+ FILES ADDED UNDER THIS DIRECTORY" > "$NOISETMP2"
+
+	if [ -n "$NOISE" ]; then
+		< "$NOISETMP2" grep -v "^\(changed\|removed\|added\):$NOISE" > "$NOISETMP"
+		rm -f "$NOISETMP2"
+		echo "De-Noised output removes everything matching $NOISE."
+	else
+		mv "$NOISETMP2" "$NOISETMP"
+		echo "No noise expression was given."
+	fi
+
+	if [ -s "$NOISETMP" ]; then
+		loglines=$(< "$NOISETMP" wc -l | awk '{ print $1 }')
+		if [ "${loglines:=0}" -gt $LINES ]; then
+			cat << EOF
+
+****************************************************************************
+*   aide has returned long output which has been truncated in this mail    *
+****************************************************************************
+
+EOF
+			echo "De-Noised output is $loglines lines, truncated to $LINES."
+			< "$NOISETMP" head -$LINES
+			echo "The full output can be found in $LOGDIR/$LOGFILE."
+		else
+			echo "De-Noised output of the daily AIDE run ($loglines lines):"
+			cat "$NOISETMP"
+		fi
+	else
+		echo "AIDE detected no changes after removing noise."
+	fi
+	rm -f "$NOISETMP"
+	echo "============================================================================"
+fi
+
+# include non-de-noised log
+
+if [ -s "$LOGDIR/$LOGFILE" ]; then
+	loglines=$(wc -l "$LOGDIR/$LOGFILE" | awk '{ print $1 }')
+	if [ "${loglines:=0}" -gt $LINES ]; then
+		cat << EOF
+
+****************************************************************************
+*   aide has returned long output which has been truncated in this mail    *
+****************************************************************************
+
+EOF
+		echo "Output is $loglines lines, truncated to $LINES."
+		head -$LINES "$LOGDIR/$LOGFILE"
+		echo "The full output can be found in $LOGDIR/$LOGFILE."
+	else
+		echo "Output of the daily AIDE run ($loglines lines):"
+		cat "$LOGDIR/$LOGFILE"
+	fi
+else
+	echo "AIDE detected no changes."
+fi
+) > "${MAILTMP}"
+
+(
+cat <<EOF
+Subject: Daily AIDE report for $FQDN
+From: root@${FQDN}
+To: ${MAILTO}
+EOF
+cat "${MAILTMP}"
+) | /usr/sbin/sendmail $MAILTO
+
+rm -f "$MAILTMP"
diff --git a/app-forensics/aide/metadata.xml b/app-forensics/aide/metadata.xml
index 1910aeda4b05..acd69e82070a 100644
--- a/app-forensics/aide/metadata.xml
+++ b/app-forensics/aide/metadata.xml
@@ -6,7 +6,6 @@
 		<flag name="e2fs">Enable support for checking file attributes on ext2/ext3/ext4 filesystems</flag>
 		<flag name="curl">Use curl for http,https and ftp backends</flag>
 		<flag name="postgres">Use postgresql library for storing databases</flag>
-		<flag name="prelink">Bypass prelinking when calculating checksums</flag>
 	</use>
 	<upstream>
 		<remote-id type="github">aide/aide</remote-id>
author	V3n3RiX <venerix@koprulu.sector>	2022-03-20 00:40:44 +0000
committer	V3n3RiX <venerix@koprulu.sector>	2022-03-20 00:40:44 +0000
commit	4cbcc855382a06088e2f016f62cafdbcb7e40665 (patch)
tree	356496503d52354aa6d9f2d36126302fed5f3a73 /app-forensics/aide
parent	fcc5224904648a8e6eb528d7603154160a20022f (diff)