diff options
author | V3n3RiX <venerix@koprulu.sector> | 2022-05-12 16:42:50 +0300 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2022-05-12 16:42:50 +0300 |
commit | 752d6256e5204b958b0ef7905675a940b5e9172f (patch) | |
tree | 330d16e6362a49cbed8875a777fe641a43376cd3 /app-forensics/aide | |
parent | 0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff) |
gentoo resync : 12.05.2022
Diffstat (limited to 'app-forensics/aide')
-rw-r--r-- | app-forensics/aide/Manifest | 8 | ||||
-rw-r--r-- | app-forensics/aide/aide-0.16.2_p20200614.ebuild | 141 | ||||
-rw-r--r-- | app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch | 23 | ||||
-rw-r--r-- | app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch | 37 | ||||
-rw-r--r-- | app-forensics/aide/files/aide.conf-r1 | 133 | ||||
-rw-r--r-- | app-forensics/aide/files/aide.cron | 192 | ||||
-rw-r--r-- | app-forensics/aide/metadata.xml | 1 |
7 files changed, 1 insertions, 534 deletions
diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest index 16a8890381b6..bcbe8354d26d 100644 --- a/app-forensics/aide/Manifest +++ b/app-forensics/aide/Manifest @@ -1,14 +1,8 @@ -AUX aide-0.16-fix-LIBS-LDFLAGS-mixing.patch 874 BLAKE2B e61f6b269dcc3679d68714c315cfff8e8feb4146028abc33e780cb7429c4466c78b7e50c427fb78ffdc310335450a012f7a08b6ecd5aaf562b8ab18565c5f927 SHA512 930967c1c7be54d10beb26e4281083a0f7cf500a5f161cf2af6c0a7b377e9bce092942a3a88c6cbb080e3eab500ec8a7bec1ff295f774ef70146240837961a8f AUX aide-0.16-fix-acl-configure-option.patch 770 BLAKE2B 92d26163475e5a5ddd9b374cc4d50bc2c290aebedf1562b6d02b15f8b7c2f99b86d0eb414b58f9799b2cd63f9744fc5ce1a20965b7a7fa8984317f492db2173a SHA512 a2a5675ed0dec291724f08885bb4186c813c7ec99d90688e8db5d5f1e369d606c9dfb820a4735dff062476fd332e0d69dbd017022d6a9f1163956bd756fdc6d5 -AUX aide-0.16.2_p20200614_define_hash_use_gcrypt.patch 1174 BLAKE2B 694c7859a43f814f1b9ab18c0e0fa458bdbc6ebc0fb1d076cf51839cf48c341f13b84ae08c2ef419a62b53ffe12879fa2b230f546e57c89a5816fd4d2bff902b SHA512 ec31e674141feb03fbe4eb94c82f2c7b366bd31c4d845818650303c7e971ff9c814de8112c818da9de78bb32ca087f75ff313f35d18301775915ecc8b9975e52 AUX aide-0.17.4-bashism.patch 2759 BLAKE2B 973ecaf273b2a5f69c3346d486a7df4f035e436b67dbc28b8aa878f19188fcf46d05b95a969da89c7c168e3c1c2d377d5525d98b47a6b434f2b97dfc29d1f7ab SHA512 1d4d8acbd3d7c035ef8c94ef2b477c446d268a418f95797fb0824570295b697cb498747fc091839671913ccaaedac0e5779b9e324712eefc8093c143660d2a00 -AUX aide.conf-r1 3194 BLAKE2B a911d5623adb4122cae21494c5e7542adbfa787bda78f840e1385219adfec19c5a3079b34e16f2c8e9afbe8554b6fc2ae291f7bdd1728b8ac77c7b16135260ae SHA512 24f6af48767e4edd69c4b806c418501583f03574f05bbf87e98659ba36b64acf8e95a772ce690175071127910248a9c6761392ca889cfee235a475341d3a7a77 AUX aide.conf-r2 3277 BLAKE2B 9792a13c590d9c72d94f1a24ef700c4ff77f3c672fd3e67589b694ab7fff1779728f12f1b590323c64ea129a794be71235a825f2e0fcf7d3f4699bb4de75d2c1 SHA512 1fc31c986e785910918dbc33f8912efb442770d0974f996d7dfe6c525b8602ed609cd19a41b5edd759e0099b02de16bde21ca67fe8d5d3085f0c0812a8a460c1 -AUX aide.cron 5997 BLAKE2B 2273eb902b9ba8fc5e999375d0dfa59e2c5c56a919bf3bd06e7b638213332b34c4a1240c717c2189f787dc249847f7115e2a21ac139b5db1df2151ade9f5a154 SHA512 0931c1b9185e0b9a563c3589858b0ba20716344f29d6d1fc7226498f3c744af1d3c3fd72824f101f9b3e08710f443c9fdad312e28c0bcb93665d1dcb076f4b47 AUX aide.cron-r2 5681 BLAKE2B 517f7a0a01bb6eb104d6f758191990c4da518fd15af9f88a5521e4b958d558ddb84d0fa9c7b089a62f8b11cd8b2df52c138f49d6b4f276eab2f70a0262f6d5f0 SHA512 104e7025f193d2e2cf93d18a52d66059c7a539d7d2c6f3f514f2cca4252260e1668cf18c6acfaf5069038a9f97f0052a38ea32fb75c0af7e2b2920a819e96922 AUX aideinit 2949 BLAKE2B 244aaec9a38f19c6a7af706572a896e922215d6321aee4537ef5ce47326f41fd84880331a86ec71dcf7ee4e2ac2a11bf979ce66eff73dd2e8a2072e9eb7e8aab SHA512 a6bce52432251458b977fb363d5801206c273fb9404c55f7bcb82b9d5a65aa19d1660d61d457c9af87f1a8fada95e2f8203489b1876b2b2a259e6374e15cdc57 -DIST aide-0.16.2_p20200614.tar.gz 144202 BLAKE2B a2533eaf0dd6caa82718eaa89878ddc101f64767788eeac3a250ceb584a2c5958ef8a5481b89eeb720e21af07da8f3576fb46d8ee9966fd2361354a35a7eaa6e SHA512 f5f83b8401465471043c60aeb6314f7bcab24c9f962f6ce550445bec8d866a5c8c00eba9e9f157f1223cde58631de139533c7de64fb3c861a5d8e7b5e367e106 DIST aide-0.17.4.tar.gz 331783 BLAKE2B 584a385d0a0e80edf0b89eef202431adfea7fe8ba04c774e49dfb7230e766e19a48572e9d6c80386668572e459db9770b04978df484bd49c7de6433657500e13 SHA512 b6dba54fd204e1899d47b0b4139786cbeaa51c388027e2cfc1bb839297a70ae8ad6f37429594a730fac8007d62b4ba5b61a4aa22edbc55cbe986ccfaf5197f31 -EBUILD aide-0.16.2_p20200614.ebuild 3725 BLAKE2B cd6c5ddb8f94d0a35430f93d998d287b1b94f7a9fc06c7fb25b713cd7ef8b20cfb0119da3f2efad5db4c6064eb7c95816abf5f503468f60fe7c13cf18f279eca SHA512 7c019a53a53409f12da04a186e37be3ed4f0561e89d0ac0b2190065a84371e4dd9cf276ef42789fec907e31785fc4782abef5c0ca5886b32404d7046f44398b0 EBUILD aide-0.17.4-r2.ebuild 2440 BLAKE2B c60cd6577e7887079f0876beb9121b7e8e3e3cb929738e328978113546cfb80b05dd45717475ff5dc92f1800685c12b1e213680aec483a05319a82f30971c672 SHA512 51b2772571329b90affc44cea3583eef127cade567f050188a78271c116d33c3795c89593a8d555e5f8d443664c7a6d8ad70210e7000cacae8c88aa88334a739 -MISC metadata.xml 643 BLAKE2B 7e5eb2247bb681683886521e9f58dae4de58db2719a5a47550134e89b4b9e3e3aaf7e8d63710a5bd81e74f9a8d63bede8f1eabf2def85f60370b69b6b44041ef SHA512 247e747485777b0e1794c623049d8fcdb348fb071d09ecb2d35d975d3785530ca4b8c8d1bae116cc8daa29cd154c871ba71c8d2dd313222707621e269a7d100d +MISC metadata.xml 567 BLAKE2B a3b852325f904e2fbf4a95b67a49ba259583e78f01194bb2dd79851cbd77bd35b5bc786e74c72892adf264471a9a93ae609611252f7e2f1a630dbe1463a80b33 SHA512 c7e14ed38ffa394bd611cb831e509a5f8897c6d394bc78b6ae5074141188ca7bb8aa9efe425930c6db5fade44505fc60f212b0e86bf187622ac8c7443e7a5272 diff --git a/app-forensics/aide/aide-0.16.2_p20200614.ebuild b/app-forensics/aide/aide-0.16.2_p20200614.ebuild deleted file mode 100644 index cd9f0a7ea377..000000000000 --- a/app-forensics/aide/aide-0.16.2_p20200614.ebuild +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools readme.gentoo-r1 - -DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a file integrity checker" -HOMEPAGE="https://aide.github.io/ https://github.com/aide/aide" - -COMMIT="7949feff20501724a43929ee7894b005812ffb4f" # 20200614 -SRC_URI="https://github.com/aide/aide/archive/${COMMIT}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm64 x86" -IUSE="acl audit curl e2fs mhash postgres selinux xattr zlib" - -REQUIRED_USE=" - postgres? ( !mhash ) - " - -COMMON_DEPEND=" - dev-libs/libpcre - acl? ( virtual/acl ) - audit? ( sys-process/audit ) - curl? ( net-misc/curl ) - e2fs? ( sys-fs/e2fsprogs ) - !mhash? ( - dev-libs/libgcrypt:0= - dev-libs/libgpg-error - ) - mhash? ( app-crypt/mhash ) - postgres? ( dev-db/postgresql:= ) - selinux? ( sys-libs/libselinux ) - xattr? ( sys-apps/attr ) - zlib? ( sys-libs/zlib )" - -RDEPEND=" - ${COMMON_DEPEND} - selinux? ( sec-policy/selinux-aide )" - -DEPEND="${COMMON_DEPEND}" - -BDEPEND=" - sys-devel/bison - sys-devel/flex - virtual/pkgconfig -" - -HTML_DOCS=( doc/manual.html ) - -DISABLE_AUTOFORMATTING=1 -DOC_CONTENTS=" -Example configuration file was installed at '${EPREFIX}/etc/aide/aide.conf'. -Please edit it to meet your needs. Refer to aide.conf(5) manual page -for more information. - -A helper script, aideinit, was installed and can be used to make AIDE -management easier. Please run 'aideinit --help' for more information." - -PATCHES=( - "${FILESDIR}/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch" - "${FILESDIR}/aide-0.16-fix-acl-configure-option.patch" - - # Remove not available gcrypt algorithm 7 DB_HAVAL - # See: https://sourceforge.net/p/aide/bugs/105/ - "${FILESDIR}/${P}_define_hash_use_gcrypt.patch" -) - -S="${WORKDIR}/${PN}-${COMMIT}" - -pkg_setup() { - if use postgres; then - ewarn "\nWARNING!" - ewarn "You need to choose one of the postgres versions before building" - ewarn "\nPlease select a target postgres version/slot using:\n" - ewarn " ~# eselect postgresql list" - ewarn " ~# eselect postgresql set <version>\n" - fi -} - -src_prepare() { - default - sed -i -e 's| -Werror||g' configure.ac || die - echo "m4_define([AIDE_VERSION], [${PV}])" > version.m4 || die - eautoreconf -} - -src_configure() { - local myeconfargs=( - --sysconfdir="${EPREFIX}/etc/${PN}" - --with-confighmactype="sha512" # Override default weak MD5 hash. - --with-dbhmackey="sha512" # Override default weak MD5 hash. - # Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/ - # This doesn't affect anything because there are no localizations yet. - --without-locale - --without-prelink - --disable-static - $(use_with zlib) - $(use_with curl) - $(use_with acl posix-acl) - $(use_with selinux) - $(use_with xattr) - $(use_with e2fs e2fsattrs) - $(use_with mhash mhash) - $(use_with !mhash gcrypt) - $(use_with postgres psql) - $(use_with audit) - ) - - econf "${myeconfargs[@]}" -} - -src_install() { - default - readme.gentoo_create_doc - - insinto /etc/${PN} - insopts -m0600 - newins "${FILESDIR}"/aide.conf-r1 aide.conf - - dosbin "${FILESDIR}"/aideinit - dodoc -r contrib/ "${FILESDIR}"/aide.cron - - keepdir /var/{lib,log}/${PN} -} - -pkg_postinst() { - readme.gentoo_print_elog - - if use postgres; then - elog "\nDue to a bad assumption by aide, you must issue the following" - elog "command after the database initialization (aide --init ...):" - elog '\n ~# psql -c "update pg_index set indisunique=false from pg_class \\ ' - elog " where pg_class.relname='TABLE_pkey' and \ " - elog ' pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER' - elog "\nwhere TABLE, HOSTNAME, PORT, DBASE, and USER are the same as" - elog "in your aide.conf.\n" - fi -} diff --git a/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch b/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch deleted file mode 100644 index 453abe5f1eae..000000000000 --- a/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch +++ /dev/null @@ -1,23 +0,0 @@ -commit 6da37687ba7cf259ac19cae2e1c16115b6848143 -Author: Ilya Tumaykin <itumaykin@gmail.com> -Date: Thu May 25 13:34:55 2017 +0300 - -build: fix incorrect LIBS/LDFLAGS mixing - -Otherwise build with LDFLAGS='-Wl,--as-needed' and curl support fails. -See https://bugs.gentoo.org/show_bug.cgi?id=271326 -and https://sourceforge.net/p/aide/bugs/96/ - -diff --git a/configure.ac b/configure.ac -index 3598ebe..0c5cb0c 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -713,7 +713,7 @@ if test x$with_curl = xyes; then - AC_CHECK_HEADERS(curl/curl.h,, - [AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]) - CFLAGS="$CFLAGS $CURL_CFLAGS" -- LDFLAGS="$LDFLAGS $CURL_LIBS" -+ LIBS="$LIBS $CURL_LIBS" - AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes, - [AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])] - ) diff --git a/app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch b/app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch deleted file mode 100644 index e643a0017de8..000000000000 --- a/app-forensics/aide/files/aide-0.16.2_p20200614_define_hash_use_gcrypt.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -Nur aide-0.16/include/md.h aide-0.16.new/include/md.h ---- aide-0.16/include/md.h 2016-07-25 22:56:55.000000000 +0200 -+++ aide-0.16.new/include/md.h 2018-11-21 14:07:01.347479021 +0100 -@@ -48,7 +48,7 @@ - #define HASH_GCRYPT_COUNT GCRY_MD_CRC32 - #ifndef WITH_MHASH - #define HASH_USE_GCRYPT (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|\ -- DB_HAVAL|DB_CRC32|DB_SHA256|DB_SHA512) -+ DB_CRC32B|DB_SHA256|DB_SHA512) - #endif - #endif - -diff -Nur aide-0.16/src/md.c aide-0.16.new/src/md.c ---- aide-0.16/src/md.c 2016-07-25 22:56:55.000000000 +0200 -+++ aide-0.16.new/src/md.c 2018-11-21 14:06:05.602295496 +0100 -@@ -55,10 +55,12 @@ - r=DB_TIGER; - break; - } -+/* until libgcrypt-1.8.4 not implemented yet, see doc/gcrypt.info-1 - case GCRY_MD_HAVAL: { - r=DB_HAVAL; - break; - } -+*/ - case GCRY_MD_SHA256: { - r=DB_SHA256; - break; -@@ -219,7 +221,7 @@ - if(gcry_md_enable(md->mdh,i)==GPG_ERR_NO_ERROR){ - md->calc_attr|=h; - } else { -- error(0,"gcry_md_enable %i failed",i); -+ error(0,"gcry_md_enable %i failed, see /usr/include/gcrypt.h enum gcry_md_algos",i); - md->todo_attr&=~h; - } - } diff --git a/app-forensics/aide/files/aide.conf-r1 b/app-forensics/aide/files/aide.conf-r1 deleted file mode 100644 index 87df5e168c80..000000000000 --- a/app-forensics/aide/files/aide.conf-r1 +++ /dev/null @@ -1,133 +0,0 @@ -# Example configuration file for AIDE -# See more: man 5 aide.conf - -database=file:/var/lib/aide/aide.db -database_out=file:/var/lib/aide/aide.db.new - -# Change this to "no" or remove it to not gzip output -# (only useful on systems with few CPU cycles to spare) -gzip_dbout=yes - -# Default: 5 -#verbose=5 - -report_url=file:/var/log/aide/aide.log -report_url=stdout -#report_url=stderr - -# Here are all the things we can check - these are the default rules -# -# p: permissions -# ftype: file type -# i: inode -# l: link name -# n: number of links -# u: user -# g: group -# s: size -# b: block count -# m: mtime (modification time) -# a: atime (access time) -# c: ctime (change time) -# S: check for growing size -# I: ignore changed filename -# ANF: allow new files -# ARF: allow removed files -# md5: md5 checksum -# sha1: sha1 checksum -# sha256: sha256 checksum -# sha512: sha512 checksum -# rmd160: rmd160 checksum -# tiger: tiger checksum -# crc32: crc32 checksum -# R: p+ftype+i+l+n+u+g+s+m+c+md5+X -# L: p+ftype+i+l+n+u+g+X -# E: Empty group -# X: acl+selinux+xattrs+e2fsattrs (if groups are explicitly enabled) -# >: Growing file p+ftype+l+u+g+i+n+S+X - -# Defines formerly set here have been moved to /etc/default/aide. - -# Custom rules -Binlib = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160 -ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160 -Logs = p+i+n+u+g+S -Devices = p+i+n+u+g+s+b+c+md5+sha256+rmd160 -Databases = p+n+u+g -StaticDir = p+i+n+u+g -ManPages = p+i+n+u+g+s+b+m+c+md5+sha256+rmd160 - -# Next decide what directories/files you want in the database - -# Kernel, system map, etc. -=/boot$ Binlib -# Configs -/etc ConfFiles -!/etc/mtab -# Binaries -/bin Binlib -/sbin Binlib -/usr/bin Binlib -/usr/sbin Binlib -/usr/libexec Binlib -/usr/local/bin Binlib -/usr/local/sbin Binlib -#/usr/games Binlib -# Libraries -/lib(64)? Binlib -/usr/lib(64)? Binlib -/usr/local/lib(64)? Binlib -# Log files -=/var/log$ StaticDir -#!/var/log/ksymoops -/var/log/aide/aide.log(.[0-9])?(.gz)? Databases -/var/log/aide/error.log(.[0-9])?(.gz)? Databases -#/var/log/setuid.changes(.[0-9])?(.gz)? Databases -!/var/log/aide -/var/log Logs -# Devices -!/dev/pts -# If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr, -# you may uncomment this to get rid of them. They're harmless but sometimes -# annoying. -#!/dev/cpu/mtrr -#!/dev/xconsole -/dev Devices -# Other miscellaneous files -/var/run$ StaticDir -!/var/run -# Test only the directory when dealing with /proc -/proc$ StaticDir -!/proc - -# You can look through these examples to get further ideas - -# MD5 sum files - especially useful with debsums -g -#/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1 - -# Check crontabs -#/var/spool/anacron/cron.daily Databases -#/var/spool/anacron/cron.monthly Databases -#/var/spool/anacron/cron.weekly Databases -#/var/spool/cron Databases -#/var/spool/cron/crontabs Databases - -# manpages can be trojaned, especially depending on *roff implementation -#/usr/man ManPages -#/usr/share/man ManPages -#/usr/local/man ManPages - -# docs -#/usr/doc ManPages -#/usr/share/doc ManPages - -# check users' home directories -#/home Binlib - -# check sources for modifications -#/usr/src L -#/usr/local/src L - -# Check headers for same -#/usr/include L -#/usr/local/include L diff --git a/app-forensics/aide/files/aide.cron b/app-forensics/aide/files/aide.cron deleted file mode 100644 index c28b78f8e9db..000000000000 --- a/app-forensics/aide/files/aide.cron +++ /dev/null @@ -1,192 +0,0 @@ -#!/bin/bash -# Modified: Benjamin Smee -# Date: Fri Sep 10 11:35:41 BST 2004 - -# This is the email address reports get mailed to -MAILTO=root@localhost - -# Set this to suppress mailings when there's nothing to report -QUIETREPORTS=1 - -# This parameter defines which aide command to run from the cron script. -# Sensible values are "update" and "check". -# Default is "check", ensuring backwards compatibility. -# Since "update" does not take any longer, it is recommended to use "update", -# so that a new database is created every day. The new database needs to be -# manually copied over the current one, though. -COMMAND=update - -# This parameter defines how many lines to return per e-mail. Output longer -# than this value will be truncated in the e-mail sent out. -LINES=1000 - -# This parameter gives a grep regular expression. If given, all output lines -# that _don't_ match the regexp are listed first in the script's output. This -# allows to easily remove noise from the aide report. -NOISE="(/var/cache/|/var/lib/|/var/tmp)" -PATH="/bin:/usr/bin:/sbin:/usr/sbin" -LOGDIR="/var/log/aide" -LOGFILE="aide.log" -CONFFILE="/etc/aide/aide.conf" -ERRORLOG="aide_error.log" -MAILLOG="aide_mail.log" -ERRORTMP=`tempfile --directory "/tmp" --prefix "$ERRORLOG"` - -[ -f /usr/bin/aide ] || exit 0 - -DATABASE=`grep "^database=file:/" $CONFFILE | head -n 1 | cut --delimiter=: --fields=2` -FQDN=`hostname -f` -DATE=`date +"at %Y-%m-%d %H:%M"` - -# default values - -DATABASE="${DATABASE:-/var/lib/aide/aide.db}" - -AIDEARGS="-V4" - -if [ ! -f $DATABASE ]; then - /usr/sbin/sendmail $MAILTO <<EOF -Subject: Daily AIDE report for $FQDN -From: root@${FQDN} -To: ${MAILTO} -Fatal error: The AIDE database does not exist! -This may mean you haven't created it, or it may mean that someone has removed it. -EOF - exit 0 -fi - -# Removed so no deps on debianutils - strerror -#[ -f "$LOGDIR/$LOGFILE" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$LOGFILE" > /dev/null -#[ -f "$LOGDIR/$ERRORLOG" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$ERRORLOG" > /dev/null - -aide $AIDEARGS --$COMMAND >"$LOGDIR/$LOGFILE" 2>"$ERRORTMP" -RETVAL=$? - -if [ -n "$QUIETREPORTS" ] && [ $QUIETREPORTS -a \! -s $LOGDIR/$LOGFILE -a \! -s $ERRORTMP ]; then - # Bail now because there was no output and QUIETREPORTS is set - exit 0 -fi - -MAILTMP=`tempfile --directory "/tmp" --prefix "$MAILLOG"` - -(cat << EOF -This is an automated report generated by the Advanced Intrusion Detection -Environment on $FQDN ${DATE}. - -EOF - -# include error log in daily report e-mail - -if [ "$RETVAL" != "0" ]; then - cat > "$LOGDIR/$ERRORLOG" << EOF - -***************************************************************************** -* aide returned a non-zero exit value * -***************************************************************************** - -EOF - echo "exit value is: $RETVAL" >> "$LOGDIR/$ERRORLOG" -else - touch "$LOGDIR/$ERRORLOG" -fi -< "$ERRORTMP" cat >> "$LOGDIR/$ERRORLOG" -rm -f "$ERRORTMP" - -if [ -s "$LOGDIR/$ERRORLOG" ]; then - errorlines=`wc -l "$LOGDIR/$ERRORLOG" | awk '{ print $1 }'` - if [ ${errorlines:=0} -gt $LINES ]; then - cat << EOF - -**************************************************************************** -* aide has returned many errors. * -* the error log output has been truncated in this mail * -**************************************************************************** - -EOF - echo "Error output is $errorlines lines, truncated to $LINES." - head -$LINES "$LOGDIR/$ERRORLOG" - echo "The full output can be found in $LOGDIR/$ERRORLOG." - else - echo "Errors produced ($errorlines lines):" - cat "$LOGDIR/$ERRORLOG" - fi -else - echo "AIDE produced no errors." -fi - -# include de-noised log - -if [ -n "$NOISE" ]; then - NOISETMP=`tempfile --directory "/tmp" --prefix "aidenoise"` - NOISETMP2=`tempfile --directory "/tmp" --prefix "aidenoise"` - sed -n '1,/^Detailed information about changes:/p' "$LOGDIR/$LOGFILE" | \ - grep '^\(changed\|removed\|added\):' | \ - grep -v "^added: THERE WERE ALSO [0-9]\+ FILES ADDED UNDER THIS DIRECTORY" > $NOISETMP2 - - if [ -n "$NOISE" ]; then - < $NOISETMP2 grep -v "^\(changed\|removed\|added\):$NOISE" > $NOISETMP - rm -f $NOISETMP2 - echo "De-Noised output removes everything matching $NOISE." - else - mv $NOISETMP2 $NOISETMP - echo "No noise expression was given." - fi - - if [ -s "$NOISETMP" ]; then - loglines=`< $NOISETMP wc -l | awk '{ print $1 }'` - if [ ${loglines:=0} -gt $LINES ]; then - cat << EOF - -**************************************************************************** -* aide has returned long output which has been truncated in this mail * -**************************************************************************** - -EOF - echo "De-Noised output is $loglines lines, truncated to $LINES." - < $NOISETMP head -$LINES - echo "The full output can be found in $LOGDIR/$LOGFILE." - else - echo "De-Noised output of the daily AIDE run ($loglines lines):" - cat $NOISETMP - fi - else - echo "AIDE detected no changes after removing noise." - fi - rm -f $NOISETMP - echo "============================================================================" -fi - -# include non-de-noised log - -if [ -s "$LOGDIR/$LOGFILE" ]; then - loglines=`wc -l "$LOGDIR/$LOGFILE" | awk '{ print $1 }'` - if [ ${loglines:=0} -gt $LINES ]; then - cat << EOF - -**************************************************************************** -* aide has returned long output which has been truncated in this mail * -**************************************************************************** - -EOF - echo "Output is $loglines lines, truncated to $LINES." - head -$LINES "$LOGDIR/$LOGFILE" - echo "The full output can be found in $LOGDIR/$LOGFILE." - else - echo "Output of the daily AIDE run ($loglines lines):" - cat "$LOGDIR/$LOGFILE" - fi -else - echo "AIDE detected no changes." -fi -) > ${MAILTMP} - -( -cat <<EOF -Subject: Daily AIDE report for $FQDN -From: root@${FQDN} -To: ${MAILTO} -EOF -cat ${MAILTMP} -) | /usr/sbin/sendmail $MAILTO - -rm -f "$MAILTMP" diff --git a/app-forensics/aide/metadata.xml b/app-forensics/aide/metadata.xml index acd69e82070a..cdb014ee4e07 100644 --- a/app-forensics/aide/metadata.xml +++ b/app-forensics/aide/metadata.xml @@ -5,7 +5,6 @@ <use> <flag name="e2fs">Enable support for checking file attributes on ext2/ext3/ext4 filesystems</flag> <flag name="curl">Use curl for http,https and ftp backends</flag> - <flag name="postgres">Use postgresql library for storing databases</flag> </use> <upstream> <remote-id type="github">aide/aide</remote-id> |