reinit the tree, so we can have metadata

9 files changed, 693 insertions, 0 deletions

diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest
new file mode 100644
index 000000000000..9079b903a4bf
--- /dev/null
+++ b/app-forensics/aide/Manifest
@@ -0,0 +1,11 @@
+AUX aide-0.16-add-missing-include.patch 512 SHA256 1d42d7568b4a46478554bf9830359542208ba27c9f04b615dec31da2ffdcd1f6 SHA512 084be3c787a19f57bf140cd809df61edfd16a8798a1344adeee0aba0f4207c1e4a9c47c4c6d7606650e20cc202747208c0f0c00c21c0b68e1b739fb9d269da68 WHIRLPOOL 6a24037fdaa4dc2b216a213c2f3380060ca216cc9d705fc3e2c0b4c92f3f5ea9bff3e6e4a51ed8109608004ca037a07d9b973745cf4b58cf1a9a5e1263598071
+AUX aide-0.16-fix-LIBS-LDFLAGS-mixing.patch 874 SHA256 2ee350938116bc25a5cd8539035e0dd06323cb7cb51c3e93f3c1d72f0d7d6c08 SHA512 930967c1c7be54d10beb26e4281083a0f7cf500a5f161cf2af6c0a7b377e9bce092942a3a88c6cbb080e3eab500ec8a7bec1ff295f774ef70146240837961a8f WHIRLPOOL 8c4f20abf6d4b589b7f35a17329c111a58fa60ba1926ddc5a621369d17b1ad04a1781091f623489a0fa61ac9a206f631f602bd8040278e001b1c7fa6084df2a1
+AUX aide-0.16-fix-acl-configure-option.patch 728 SHA256 4a9c34863299028f952ee0a118c6b6cca59273e1217682471fcab8f60e2f0f1e SHA512 65b93cd01ebfe6696e35872bc012126794e5e1e5756c2ce041d9a914722806f6079274b0fbb64bc795488f530c33106deba204ee2982a5a8d485b7cd88382497 WHIRLPOOL 9918813e797fbe4d3b2de999c0b68f8da83ce0723af8e262e7e4eecebc72e55dd512e1e115512c29d5b8255a16a4558d83702e9d7e5b1a3d16e5933a192e2dc7
+AUX aide.conf 2713 SHA256 093c6397a4e26ab24127684eb8f9bb223ee5f2c2f9720e54c8ad8b425d52ba49 SHA512 cf6c17ab40b0bf9a0fb21ce015c6c35a8f7a595fdeb7d67e793424ed5243660a56cb33c1169038f4b116463cb055a48232f33db8ed497181be4e084449632b28 WHIRLPOOL 6526447bb7037dcf6e21b9bde649aa38f25590103e9546e323d246758ff332663996309c01727a3edd88214ef047d9b88d1bea4acbeb54f5cbd948b716162228
+AUX aide.cron 5997 SHA256 f4874c85d808c9f1726421c5f1146c4aa6a6bf831f61962c8265d5e7272f4558 SHA512 0931c1b9185e0b9a563c3589858b0ba20716344f29d6d1fc7226498f3c744af1d3c3fd72824f101f9b3e08710f443c9fdad312e28c0bcb93665d1dcb076f4b47 WHIRLPOOL 0eab354620d184c947076db26c6f83ca7ef13eb77b8f41603b26864c7644b6a96b4a23090b156e7c8680e736b2beffb2038030af51c497a5cc853daede92f1db
+AUX aideinit 2949 SHA256 1b4a01b8f50eb0b9217df55686ccd103ea92fca3892fe3a6a0364f83cae3548f SHA512 a6bce52432251458b977fb363d5801206c273fb9404c55f7bcb82b9d5a65aa19d1660d61d457c9af87f1a8fada95e2f8203489b1876b2b2a259e6374e15cdc57 WHIRLPOOL ef6237e12ed06c0a121ce96d5e0d4f4aea339f70907c2e4091cab988969a489a961bfbdd61cbcf6c2e7f90936d8cac39ea04e5fc8a75ac9e35c9608f443992c0
+DIST aide-0.16.tar.gz 391009 SHA256 a81c53a131c4fd130b169b3a26ac35386a2f6e1e014f12807524cc273ed97345 SHA512 29ad97756e3e2fb21dc332ed03b494a1c73e621266f8622ec80bdba23092a38ee975b97f3cff2330e4c16e64e2f672259eea9291ca706a4009e7399b4e14e6a7 WHIRLPOOL d9ecba06d8367ed2ef622ee6b3ccf6a0ed37bad52548063c5c153bd31b856ed8a3379e6057cc1d4aebd29473ded71e9190c8c17dbeaa65eec3365be1d43d5f46
+EBUILD aide-0.16.ebuild 3664 SHA256 b5502339c66ad5f3d3cc62ce4f9e3439ebe8a81ee75aa6dfa11c8326c46284a9 SHA512 703646999c5c5d4826bb71da4ba0c1f60d6877b3a58d024396b1c2795b9cabf1c537a47b6c0492350f136785684e2e848d37ed087087ee4042b9ec8c9f00c552 WHIRLPOOL 3d8945386ae80b4f06febfb2a63454fec0b0593f1cb0688e32fe372f00f90a61a6cd1443c673e26c9932f818b8d2e17a87360c246ca8e690d96218f426596757
+MISC ChangeLog 3787 SHA256 1941d2d94157d549e77bfa9e4fe2fdf11b98366be2932faba96f2d0775dbc80d SHA512 41f9be7269af6ff34f30147cd59efcdca69a5d765513034c88d895590b51d5de529b059851253aa1b2005cd18f8581b3aee6341df38edb7c394fda21fc362745 WHIRLPOOL 0097cc928acf07a30a180cafe2825a89847995cac4e67afc7ed4491b660e08f5092d55cf9d1b36eece8ffb5270cf084da43e2774e983a4297989f5b253c5bb12
+MISC ChangeLog-2015 12383 SHA256 211a2bd2eb42e132c16d3557996ad9298bf5e8fe99991bbdc51d25d44f61b362 SHA512 38af0d8fdd593f30b1f47b3f4051451f5db42f3b4cc9d104482aed79fb0ef2cf1b748c7bedf95b8f0e814ac65e3ff7291e19b1251daf074b7f3956e8a01a4884 WHIRLPOOL 899403ca9ff993d1c1ae8faa2ce5d830f88fcb000d4db7874d020b311154db5960b7d424fb7ed1123f119ae623d9020de76faf80bae70ba69264a9cef1a56c84
+MISC metadata.xml 631 SHA256 edbabddc6d1e2ec3e2cdf7ff08a956eaafc489e2fd9e56e9de8c0dd65a25134c SHA512 9f6eb547a55e72d2b75d3145282127abfdc737c68526995e628b98f2dd7930732eff9dbc492ddd4425e4090e8449a89c585b563618415d05dee6777273c5d4f6 WHIRLPOOL 0c8f6878559cb9412e64bc82f13ef0f761d579367aac102e9aa2071c1ef810900217fd392e3a738a2639bf1409e194c8c909c4ebf97b1b4affa6bb2565b4498f
diff --git a/app-forensics/aide/aide-0.16.ebuild b/app-forensics/aide/aide-0.16.ebuild
new file mode 100644
index 000000000000..cebc5fea7321
--- /dev/null
+++ b/app-forensics/aide/aide-0.16.ebuild
@@ -0,0 +1,141 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools readme.gentoo-r1
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a file integrity checker"
+HOMEPAGE="http://aide.sourceforge.net/"
+SRC_URI="mirror://sourceforge/aide/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 x86"
+IUSE="acl audit curl e2fs mhash postgres prelink selinux static xattr zlib"
+
+COMMON_DEPEND="
+	!mhash? (
+		dev-libs/libgcrypt:0=
+		dev-libs/libgpg-error
+	)
+	mhash? ( app-crypt/mhash )
+	dev-libs/libpcre
+	acl? ( virtual/acl )
+	audit? ( sys-process/audit )
+	curl? ( net-misc/curl )
+	e2fs? ( sys-fs/e2fsprogs )
+	postgres? ( dev-db/postgresql:= )
+	prelink? ( dev-libs/elfutils )
+	selinux? ( sys-libs/libselinux )
+	xattr? ( sys-apps/attr )
+	zlib? ( sys-libs/zlib )
+"
+RDEPEND="
+	!static? ( ${COMMON_DEPEND} )
+	prelink? ( sys-devel/prelink )
+	selinux? ( sec-policy/selinux-aide )
+"
+DEPEND="${COMMON_DEPEND}
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	static? (
+		!mhash? (
+			dev-libs/libgcrypt:0[static-libs]
+			dev-libs/libgpg-error[static-libs]
+		)
+		mhash? ( app-crypt/mhash[static-libs] )
+		dev-libs/libpcre[static-libs]
+		acl? ( virtual/acl[static-libs] )
+		e2fs? ( sys-fs/e2fsprogs[static-libs] )
+		prelink? ( dev-libs/elfutils[static-libs] )
+		selinux? ( sys-libs/libselinux[static-libs] )
+		xattr? ( sys-apps/attr[static-libs] )
+		zlib? ( sys-libs/zlib[static-libs] )
+	)
+"
+
+REQUIRED_USE="
+	postgres? ( !mhash )
+	static? ( !audit !curl !postgres )
+"
+
+HTML_DOCS=( doc/manual.html )
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="
+Example configuration file was installed at '${EPREFIX}/etc/aide/aide.conf'.
+Please edit it to meet your needs. Refer to aide.conf(5) manual page
+for more information.
+
+A helper script, aideinit, was installed and can be used to make AIDE
+management easier. Please run 'aideinit --help' for more information.
+"
+
+PATCHES=(
+	"${FILESDIR}/${P}-add-missing-include.patch"
+	"${FILESDIR}/${P}-fix-LIBS-LDFLAGS-mixing.patch"
+	"${FILESDIR}/${P}-fix-acl-configure-option.patch"
+)
+
+src_prepare() {
+	default_src_prepare
+	sed -i -e 's| -Werror||g' configure.ac || die
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--sysconfdir="${EPREFIX}/etc/${PN}"
+		--with-confighmactype="sha512"		# Override default weak MD5 hash.
+		--with-dbhmackey="sha512"			# Override default weak MD5 hash.
+		# Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/
+		# This doesn't affect anything because there are no localizations yet.
+		--without-locale
+		$(use_enable static)
+		$(use_with zlib)
+		$(use_with curl)
+		$(use_with acl posix-acl)
+		$(use_with selinux)
+		$(use_with prelink prelink "${EPREFIX}/usr/sbin/prelink")
+		$(use_with xattr)
+		$(use_with e2fs e2fsattrs)
+		$(use_with mhash mhash)
+		$(use_with !mhash gcrypt)
+		$(use_with postgres psql)
+		$(use_with audit)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default_src_install
+	readme.gentoo_create_doc
+
+	insinto /etc/${PN}
+	doins "${FILESDIR}"/aide.conf
+
+	dosbin "${FILESDIR}"/aideinit
+	dodoc "${FILESDIR}"/aide.cron
+
+	keepdir /var/{lib,log}/${PN}
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+
+	if use postgres; then
+		elog
+		elog "Due to a bad assumption by aide, you must issue the following"
+		elog "command after the database initialization (aide --init ...):"
+		elog
+		elog 'psql -c "update pg_index set indisunique=false from pg_class \\ '
+		elog "  where pg_class.relname='TABLE_pkey' and \ "
+		elog '  pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER'
+		elog
+		elog "where TABLE, HOSTNAME, PORT, DBASE, and USER are the same as"
+		elog "in your aide.conf."
+		elog
+	fi
+}
diff --git a/app-forensics/aide/files/aide-0.16-add-missing-include.patch b/app-forensics/aide/files/aide-0.16-add-missing-include.patch
new file mode 100644
index 000000000000..75f0403c968e
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16-add-missing-include.patch
@@ -0,0 +1,24 @@
+commit 1cbb888d55388d6bb88141c946bd6993b3e9872f
+Author: Ilya Tumaykin <itumaykin@gmail.com>
+Date:   Tue May 23 17:24:29 2017 +0300
+
+db: add missing include
+
+url_fclose() function used in this file is defined in fopen.h.
+See https://sourceforge.net/p/aide/bugs/99/
+
+diff --git a/src/db.c b/src/db.c
+index dd133d4..858240d 100644
+--- a/src/db.c
++++ b/src/db.c
+@@ -28,6 +28,10 @@
+ #include "db_disk.h"
+ #include "md.h"
+
++#ifdef WITH_CURL
++#include "fopen.h"
++#endif
++
+ #ifdef WITH_PSQL
+ #include "db_sql.h"
+ #endif
diff --git a/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch b/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch
new file mode 100644
index 000000000000..453abe5f1eae
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch
@@ -0,0 +1,23 @@
+commit 6da37687ba7cf259ac19cae2e1c16115b6848143
+Author: Ilya Tumaykin <itumaykin@gmail.com>
+Date:   Thu May 25 13:34:55 2017 +0300
+
+build: fix incorrect LIBS/LDFLAGS mixing
+
+Otherwise build with LDFLAGS='-Wl,--as-needed' and curl support fails.
+See https://bugs.gentoo.org/show_bug.cgi?id=271326
+and https://sourceforge.net/p/aide/bugs/96/
+
+diff --git a/configure.ac b/configure.ac
+index 3598ebe..0c5cb0c 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -713,7 +713,7 @@ if test x$with_curl = xyes; then
+   AC_CHECK_HEADERS(curl/curl.h,,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])])
+   CFLAGS="$CFLAGS $CURL_CFLAGS"
+-  LDFLAGS="$LDFLAGS $CURL_LIBS"
++  LIBS="$LIBS $CURL_LIBS"
+   AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]
+ )
diff --git a/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch b/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
new file mode 100644
index 000000000000..a989e379039c
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
@@ -0,0 +1,23 @@
+commit 3d9746bccbb50809e4c3de90ab5145a17af39aeb
+Author: Ilya Tumaykin <itumaykin@gmail.com>
+Date:   Thu May 25 14:38:02 2017 +0300
+
+build: respect user choice for posix-acl configure option
+
+Otherwise acl support is enabled automagically, which is bad.
+See https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Automagic_dependencies
+and https://sourceforge.net/p/aide/bugs/97/
+
+diff --git a/configure.ac b/configure.ac
+index 3598ebe..c45bbee 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -450,7 +450,7 @@ AC_MSG_CHECKING(for posix-acl-support)
+ AC_ARG_WITH([posix-acl],
+ 	[AC_HELP_STRING([--with-posix-acl],
+ 		[use POSIX ACLs (no checking)])],
+-	[],
++	[with_posix_acl_support="$withval"],
+ 	[with_posix_acl_support=no]
+ )
+
diff --git a/app-forensics/aide/files/aide.conf b/app-forensics/aide/files/aide.conf
new file mode 100644
index 000000000000..cef1813db9f8
--- /dev/null
+++ b/app-forensics/aide/files/aide.conf
@@ -0,0 +1,115 @@
+# AIDE conf
+
+database=file:/var/lib/aide/aide.db
+database_out=file:/var/lib/aide/aide.db.new
+
+# Change this to "no" or remove it to not gzip output
+# (only useful on systems with few CPU cycles to spare)
+gzip_dbout=yes
+
+# Here are all the things we can check - these are the default rules 
+#
+#p:      permissions
+#i:      inode
+#n:      number of links
+#u:      user
+#g:      group
+#s:      size
+#b:      block count
+#m:      mtime
+#a:      atime
+#c:      ctime
+#S:      check for growing size
+#md5:    md5 checksum
+#sha1:   sha1 checksum
+#rmd160: rmd160 checksum
+#tiger:  tiger checksum
+#R:      p+i+n+u+g+s+m+c+md5
+#L:      p+i+n+u+g
+#E:      Empty group
+#>:      Growing logfile p+u+g+i+n+S
+#haval:         haval checksum
+#gost:          gost checksum
+#crc32:         crc32 checksum
+
+# Defines formerly set here have been moved to /etc/default/aide.
+
+# Custom rules
+Binlib = p+i+n+u+g+s+b+m+c+md5+sha1
+ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha1
+Logs = p+i+n+u+g+S
+Devices = p+i+n+u+g+s+b+c+md5+sha1
+Databases = p+n+u+g
+StaticDir = p+i+n+u+g
+ManPages = p+i+n+u+g+s+b+m+c+md5+sha1
+
+# Next decide what directories/files you want in the database
+
+# Kernel, system map, etc.
+=/boot$ Binlib
+# Binaries
+/bin Binlib
+/sbin Binlib
+/usr/bin Binlib
+/usr/sbin Binlib
+/usr/local/bin Binlib
+/usr/local/sbin Binlib
+#/usr/games Binlib
+# Libraries
+/lib Binlib
+/usr/lib Binlib
+/usr/local/lib Binlib
+# Log files
+=/var/log$ StaticDir
+#!/var/log/ksymoops
+/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
+/var/log/aide/error.log(.[0-9])?(.gz)? Databases
+#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
+!/var/log/aide
+/var/log Logs
+# Devices
+!/dev/pts
+# If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr,
+# you may uncomment this to get rid of them. They're harmless but sometimes
+# annoying.
+#!/dev/cpu/mtrr
+#!/dev/xconsole
+/dev Devices
+# Other miscellaneous files
+/var/run$ StaticDir
+!/var/run
+# Test only the directory when dealing with /proc
+/proc$ StaticDir
+!/proc
+
+# You can look through these examples to get further ideas
+
+# MD5 sum files - especially useful with debsums -g
+#/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1
+
+# Check crontabs
+#/var/spool/anacron/cron.daily Databases
+#/var/spool/anacron/cron.monthly Databases
+#/var/spool/anacron/cron.weekly Databases
+#/var/spool/cron Databases
+#/var/spool/cron/crontabs Databases
+
+# manpages can be trojaned, especially depending on *roff implementation
+#/usr/man ManPages
+#/usr/share/man ManPages
+#/usr/local/man ManPages
+
+# docs
+#/usr/doc ManPages
+#/usr/share/doc ManPages
+
+# check users' home directories
+#/home Binlib
+
+# check sources for modifications
+#/usr/src L
+#/usr/local/src L
+
+# Check headers for same
+#/usr/include L
+#/usr/local/include L
diff --git a/app-forensics/aide/files/aide.cron b/app-forensics/aide/files/aide.cron
new file mode 100644
index 000000000000..c28b78f8e9db
--- /dev/null
+++ b/app-forensics/aide/files/aide.cron
@@ -0,0 +1,192 @@
+#!/bin/bash
+# Modified: Benjamin Smee
+# Date: Fri Sep 10 11:35:41 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Set this to suppress mailings when there's nothing to report
+QUIETREPORTS=1
+
+# This parameter defines which aide command to run from the cron script.
+# Sensible values are "update" and "check".
+# Default is "check", ensuring backwards compatibility.
+# Since "update" does not take any longer, it is recommended to use "update",
+# so that a new database is created every day. The new database needs to be
+# manually copied over the current one, though.
+COMMAND=update
+
+# This parameter defines how many lines to return per e-mail. Output longer
+# than this value will be truncated in the e-mail sent out.
+LINES=1000
+
+# This parameter gives a grep regular expression. If given, all output lines
+# that _don't_ match the regexp are listed first in the script's output. This
+# allows to easily remove noise from the aide report.
+NOISE="(/var/cache/|/var/lib/|/var/tmp)"
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+LOGDIR="/var/log/aide"
+LOGFILE="aide.log"
+CONFFILE="/etc/aide/aide.conf"
+ERRORLOG="aide_error.log"
+MAILLOG="aide_mail.log"
+ERRORTMP=`tempfile --directory "/tmp" --prefix "$ERRORLOG"`
+
+[ -f /usr/bin/aide ] || exit 0
+
+DATABASE=`grep "^database=file:/" $CONFFILE | head -n 1 | cut --delimiter=: --fields=2`
+FQDN=`hostname -f`
+DATE=`date +"at %Y-%m-%d %H:%M"`
+
+# default values
+
+DATABASE="${DATABASE:-/var/lib/aide/aide.db}"
+
+AIDEARGS="-V4"
+
+if [ ! -f $DATABASE ]; then
+	/usr/sbin/sendmail $MAILTO <<EOF
+Subject: Daily AIDE report for $FQDN
+From: root@${FQDN}
+To: ${MAILTO}
+Fatal error: The AIDE database does not exist!
+This may mean you haven't created it, or it may mean that someone has removed it.
+EOF
+	exit 0
+fi
+
+# Removed so no deps on debianutils - strerror
+#[ -f "$LOGDIR/$LOGFILE" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$LOGFILE" > /dev/null
+#[ -f "$LOGDIR/$ERRORLOG" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$ERRORLOG" > /dev/null
+
+aide $AIDEARGS --$COMMAND >"$LOGDIR/$LOGFILE" 2>"$ERRORTMP"
+RETVAL=$?
+
+if [ -n "$QUIETREPORTS" ] && [ $QUIETREPORTS -a \! -s $LOGDIR/$LOGFILE -a \! -s $ERRORTMP ]; then
+	# Bail now because there was no output and QUIETREPORTS is set
+	exit 0
+fi
+
+MAILTMP=`tempfile --directory "/tmp" --prefix "$MAILLOG"`
+
+(cat << EOF
+This is an automated report generated by the Advanced Intrusion Detection
+Environment on $FQDN ${DATE}.
+
+EOF
+
+# include error log in daily report e-mail
+
+if [ "$RETVAL" != "0" ]; then
+	cat > "$LOGDIR/$ERRORLOG" << EOF
+	
+*****************************************************************************
+*                    aide returned a non-zero exit value                    *
+*****************************************************************************
+
+EOF
+	echo "exit value is: $RETVAL" >> "$LOGDIR/$ERRORLOG"
+else
+	touch "$LOGDIR/$ERRORLOG"
+fi
+< "$ERRORTMP" cat >> "$LOGDIR/$ERRORLOG"
+rm -f "$ERRORTMP"
+
+if [ -s "$LOGDIR/$ERRORLOG" ]; then
+	errorlines=`wc -l "$LOGDIR/$ERRORLOG" | awk '{ print $1 }'`
+	if [ ${errorlines:=0} -gt $LINES ]; then
+		cat << EOF
+
+****************************************************************************
+*                      aide has returned many errors.                      *
+*           the error log output has been truncated in this mail           *
+****************************************************************************
+
+EOF
+		echo "Error output is $errorlines lines, truncated to $LINES."
+		head -$LINES "$LOGDIR/$ERRORLOG"
+		echo "The full output can be found in $LOGDIR/$ERRORLOG."
+	else
+		echo "Errors produced  ($errorlines lines):"
+		cat "$LOGDIR/$ERRORLOG"
+	fi
+else
+	echo "AIDE produced no errors."
+fi
+
+# include de-noised log
+
+if [ -n "$NOISE" ]; then
+	NOISETMP=`tempfile --directory "/tmp" --prefix "aidenoise"`
+	NOISETMP2=`tempfile --directory "/tmp" --prefix "aidenoise"`
+	sed -n '1,/^Detailed information about changes:/p' "$LOGDIR/$LOGFILE" | \
+	grep '^\(changed\|removed\|added\):' | \
+	grep -v "^added: THERE WERE ALSO [0-9]\+ FILES ADDED UNDER THIS DIRECTORY" > $NOISETMP2
+	
+	if [ -n "$NOISE" ]; then
+		< $NOISETMP2 grep -v "^\(changed\|removed\|added\):$NOISE" > $NOISETMP
+		rm -f $NOISETMP2
+		echo "De-Noised output removes everything matching $NOISE."
+	else
+		mv $NOISETMP2 $NOISETMP
+		echo "No noise expression was given."
+	fi
+	
+	if [ -s "$NOISETMP" ]; then
+		loglines=`< $NOISETMP wc -l | awk '{ print $1 }'`
+		if [ ${loglines:=0} -gt $LINES ]; then
+			cat << EOF
+
+****************************************************************************
+*   aide has returned long output which has been truncated in this mail    *
+****************************************************************************
+
+EOF
+			echo "De-Noised output is $loglines lines, truncated to $LINES."
+			< $NOISETMP head -$LINES
+			echo "The full output can be found in $LOGDIR/$LOGFILE."
+		else
+			echo "De-Noised output of the daily AIDE run ($loglines lines):"
+			cat $NOISETMP
+		fi
+	else
+		echo "AIDE detected no changes after removing noise."
+	fi
+	rm -f $NOISETMP
+	echo "============================================================================"
+fi
+
+# include non-de-noised log
+
+if [ -s "$LOGDIR/$LOGFILE" ]; then
+	loglines=`wc -l "$LOGDIR/$LOGFILE" | awk '{ print $1 }'`
+	if [ ${loglines:=0} -gt $LINES ]; then
+		cat << EOF
+
+****************************************************************************
+*   aide has returned long output which has been truncated in this mail    *
+****************************************************************************
+
+EOF
+		echo "Output is $loglines lines, truncated to $LINES."
+		head -$LINES "$LOGDIR/$LOGFILE"
+		echo "The full output can be found in $LOGDIR/$LOGFILE."
+	else
+		echo "Output of the daily AIDE run ($loglines lines):"
+		cat "$LOGDIR/$LOGFILE"
+	fi
+else
+	echo "AIDE detected no changes."
+fi
+) > ${MAILTMP}
+
+(
+cat <<EOF
+Subject: Daily AIDE report for $FQDN
+From: root@${FQDN}
+To: ${MAILTO}
+EOF
+cat ${MAILTMP}
+) | /usr/sbin/sendmail $MAILTO
+
+rm -f "$MAILTMP"
diff --git a/app-forensics/aide/files/aideinit b/app-forensics/aide/files/aideinit
new file mode 100644
index 000000000000..6a3c60c37837
--- /dev/null
+++ b/app-forensics/aide/files/aideinit
@@ -0,0 +1,145 @@
+#!/bin/sh
+# Copyright 2003 Mike Markley <mike@markley.org>
+# This script is free for any purpose whatseoever so long as the above
+# copyright notice remains in place.
+#
+# Modified for Gentoo: Benjamin Smee
+# Date: Fri Sep 10 11:36:04 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Defaults
+#MAILTO="${MAILTO:-root}"
+
+# Options
+opt_f=0
+opt_y=0
+opt_c=0
+opt_b=0
+config="/etc/aide/aide.conf"
+
+aideinit_usage() {
+	echo "Usage: $0 [options] -- [aide options]"
+	echo "  -y|--yes         Overwrite output file"
+	echo "  -f|--force       Force overwrite of database"
+	echo "  -c|--config      Specify alternate config file"
+	echo "  -o|--output      Specify alternate output file"
+	echo "  -d|--database    Specify alternate database file"
+	echo "  -b|--background  Run in the background"
+}
+
+while [ -n "$1" ]; do
+	case "$1" in
+	    -h|--help)
+		aideinit_usage
+		exit 0
+		;;
+	    -f|--force)
+		opt_f=1
+		shift
+		;;
+	    -y|--yes)
+		opt_y=1
+		shift
+		;;
+	    -b|--background)
+		opt_b=1
+		shift
+		;;
+	    -o|--output)
+		shift
+		[ -z "$1" ] && aideinit_usage && exit 1
+		outfile=$1
+		shift
+		;;
+	    -d|--database)
+		shift
+		[ -z "$1" ] && aideinit_usage && exit 1
+		dbfile=$1
+		shift
+		;;
+	    -c|--config)
+		opt_c=1
+		shift
+		[ -z "$1" ] && aideinit_usage && exit 1
+		config=$1
+		shift
+		;;
+	    --)
+	    	shift
+		break 2
+		;;
+	    *)
+		echo "Unknown option $1 (use -- to delimit aideinit and aide options)"
+		exit
+		;;
+	esac
+done
+
+if [ ! -f "$config" ]; then
+	echo "$0: $config: file not found"
+	exit 1
+fi
+
+if [ -z "$outfile" ]; then
+	outfile=`egrep "database_out=file:" $config | cut -d: -f2`
+	[ -z "$outfile" ] && outfile="/var/lib/aide/aide.db.new"
+fi
+if [ -z "$dbfile" ]; then
+	dbfile=`egrep "database=file:" $config | cut -d: -f2`
+	[ -z "$dbfile" ] && dbfile="/var/lib/aide/aide.db"
+fi
+
+if [ -f $outfile ]; then
+	if [ $opt_y -eq 0 ]; then
+		echo -n "Overwrite existing $outfile [Yn]? "
+		read yn
+		case "$yn" in
+		    [Nn]*)
+			exit 0
+			;;
+		esac
+	fi
+fi
+
+extraflags=""
+
+if [ $opt_c -eq 1 ]; then
+	extraflags="$extraflags --config $config"
+fi
+
+if [ $opt_b -eq 1 ]; then
+	(aide --init $extraflags $@ >/var/log/aide/aideinit.log 2>/var/log/aide/aideinit.errors
+	if [ -f "$dbfile" -a $opt_f -eq 0 ]; then
+		echo "$dbfile exists and -f was not specified" >> /var/log/aide/aideinit.errors
+	fi
+	lines=`wc -l /var/log/aide/aideinit.errors | awk '{ print $1 }'`
+	if [ "$lines" -gt 0 ]; then
+		(echo "AIDE init errors:"; cat /var/log/aide/aideinit.errors) | /bin/mail -s "AIDE initialization problem" $MAILTO
+	else
+		cp -f $outfile $dbfile
+	fi) &
+	exit 0
+fi
+
+echo "Running aide --init..."
+aide --init $extraflags $@
+
+return=$?
+if [ $return -ne 0 ]; then
+	echo "Something didn't quite go right; see $outfile for details" >&2
+	exit $return
+fi
+
+if [ -f "$dbfile" -a $opt_f -eq 0 ]; then
+	echo -n "Overwrite $dbfile [yN]? "
+	read yn
+	case "$yn" in
+	    [yY]*)
+		cp -f $outfile $dbfile
+		;;
+	esac
+else
+	cp -f $outfile $dbfile
+fi
diff --git a/app-forensics/aide/metadata.xml b/app-forensics/aide/metadata.xml
new file mode 100644
index 000000000000..a03a8cb8d7a2
--- /dev/null
+++ b/app-forensics/aide/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>itumaykin+gentoo@gmail.com</email>
+		<name>Coacher</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<use>
+		<flag name="e2fs">Enable support for checking file attributes on ext2/ext3/ext4 filesystems</flag>
+		<flag name="prelink">Bypass prelinking when calculating checksums</flag>
+	</use>
+	<upstream>
+		<remote-id type="sourceforge">aide</remote-id>
+	</upstream>
+</pkgmetadata>