gentoo resync : 14.07.2018

3 files changed, 55 insertions, 0 deletions

diff --git a/app-forensics/mac-robber/Manifest b/app-forensics/mac-robber/Manifest
new file mode 100644
index 000000000000..62c6e2319a4d
--- /dev/null
+++ b/app-forensics/mac-robber/Manifest
@@ -0,0 +1,3 @@
+DIST mac-robber-1.02.tar.gz 11708 BLAKE2B d6d35be3c52b5bc93eb779ca3693c4213c57dcb4ecfb24912e92f47b3f896d948c8ccadef39f49af3c455cdff3a92adbca7e3d1e35ef0ebc885034bfa3c0743b SHA512 5330f766eb08aa766ca3f430684e0a40ecf29b7230a582c30a36bbaaa481d52c2a8519fa04e82762f09259ada9e77466c1430aebdff22615a511d519916d54a7
+EBUILD mac-robber-1.02.ebuild 612 BLAKE2B 2e24716d4da4657367314593b8293916b63db195e968bc772e3249b6235b5b1d3deac0db616b88a6f72cd29855ed803262839f3469142088378f5a268089aaf7 SHA512 e9a37e85ec1036237297036b789e4fe35f6c6b047b04a42704ccc2f87a6b00713d15bcfb4626027f007b69eda74976759600356d81588da62755d04416b09c08
+MISC metadata.xml 1423 BLAKE2B d0058ce512ae8c56122195868b0e3c921135a3335962263bf8f144d630a525f7efaaf24d4cdd9f23166ccb0bf0ecacd41d89ec32ee8a35ccb909561e789713de SHA512 3af947bce0415529c1e0af7d8362db0a7ab53d685294c6dba69868acdf920b8199a19dbd0a9272c12bd97e6aaac1da78a5a537064793859858727286e8270dfb
diff --git a/app-forensics/mac-robber/mac-robber-1.02.ebuild b/app-forensics/mac-robber/mac-robber-1.02.ebuild
new file mode 100644
index 000000000000..b8497f78d985
--- /dev/null
+++ b/app-forensics/mac-robber/mac-robber-1.02.ebuild
@@ -0,0 +1,29 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit toolchain-funcs
+
+DESCRIPTION="mac-robber is a digital forensics and incident response tool that collects data"
+HOMEPAGE="http://www.sleuthkit.org/mac-robber/index.php"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc x86"
+IUSE=""
+
+src_prepare() {
+	default
+	sed -i -e 's:$(GCC_CFLAGS):\0 $(LDFLAGS):' Makefile || die
+}
+
+src_compile() {
+	emake CC="$(tc-getCC)" GCC_OPT="${CFLAGS}"
+}
+
+src_install() {
+	dobin mac-robber
+	dodoc CHANGES README
+}
diff --git a/app-forensics/mac-robber/metadata.xml b/app-forensics/mac-robber/metadata.xml
new file mode 100644
index 000000000000..2ce6a4b5d677
--- /dev/null
+++ b/app-forensics/mac-robber/metadata.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<!-- maintainer-needed -->
+	<longdescription>
+mac-robber is a digital forensics and incident response tool that collects data from allocated files in a mounted file system. 
+The data can be used by the mactime tool in The Sleuth Kit to make a timeline of file activity. The mac-robber tool is based on 
+the grave-robber tool from TCT and is written in C instead of Perl. 
+
+mac-robber requires that the file system be mounted by the operating system, unlike the tools in The Sleuth Kit that process the 
+file system themselves. Therefore, mac-robber will not collect data from deleted files or files that have been hidden by 
+rootkits. mac-robber will also modify the Access times on directories that are mounted with write permissions. 
+
+
+"What is mac-robber good for then", you ask? mac-robber is useful when dealing with a file system that is not supported by The 
+Sleuth Kit or other forensic tools. mac-robber is very basic C and should compile on any UNIX system. Therefore, you can run 
+mac-robber on an obscure, suspect UNIX file system that has been mounted read-only on a trusted system. I have also used 
+mac-robber during investigations of common UNIX systems such as AIX.
+</longdescription>
+	<upstream>
+		<remote-id type="sourceforge">mac-robber</remote-id>
+	</upstream>
+</pkgmetadata>