From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- app-admin/tripwire/Manifest | 10 ++ app-admin/tripwire/files/tripwire | 10 ++ app-admin/tripwire/files/tripwire.txt | 272 +++++++++++++++++++++++++++++ app-admin/tripwire/files/twcfg.txt | 15 ++ app-admin/tripwire/metadata.xml | 35 ++++ app-admin/tripwire/tripwire-2.4.3.5.ebuild | 79 +++++++++ app-admin/tripwire/tripwire-2.4.3.6.ebuild | 79 +++++++++ 7 files changed, 500 insertions(+) create mode 100644 app-admin/tripwire/Manifest create mode 100644 app-admin/tripwire/files/tripwire create mode 100644 app-admin/tripwire/files/tripwire.txt create mode 100644 app-admin/tripwire/files/twcfg.txt create mode 100644 app-admin/tripwire/metadata.xml create mode 100644 app-admin/tripwire/tripwire-2.4.3.5.ebuild create mode 100644 app-admin/tripwire/tripwire-2.4.3.6.ebuild (limited to 'app-admin/tripwire') diff --git a/app-admin/tripwire/Manifest b/app-admin/tripwire/Manifest new file mode 100644 index 000000000000..1d6542396bcf --- /dev/null +++ b/app-admin/tripwire/Manifest @@ -0,0 +1,10 @@ +AUX tripwire 466 SHA256 222c078588d03394c4502a884d6049f210b25d7f826e9bb29a69d68a01b40eac SHA512 1df37364a84ab26ca0a3f2637e9f4938333c394979c2ccadb69401b7e6a93d03911ce737b25bb6e76c1963e4b7eaffd35b3551aa141b51bc9b3a8a00d9c828cf WHIRLPOOL afb61e9885b1c7d0214f03e35af6f02a5dca77a68f74441d6c84091ef7a7f9ee0d5a6b70e1a0ac2cf5f75f4739185ab3c2eaf7f47b2795f1c7a7bdaf347de36d +AUX tripwire.txt 11492 SHA256 532a53633dca25ff96b13518e13c81744c191f4ec7ec28d46d8d865f74d77ee6 SHA512 ec53b2f71fb33f227628e1160a72fecf4a1aca7ee58b750945e7c0d0ce756a37666a02fe9e8ec235055fe6d28e1d20e77a449ae229f5d5d2349eaffe07827d47 WHIRLPOOL b00973d96255889bd8084c6f8d3a1718acb3bfdf41897b2de7839972fdf41f1146a6ed49ea9b999d060f75b13ed84b68123f1523fe5de8779d2c8a465c6e8960 +AUX twcfg.txt 604 SHA256 31d7d51cf90ee95627e27732524a3ba2b90f074ceda23d0035c52d2b02d90846 SHA512 c8a568638d5a18bb9508ee6f70aea815b8bfdb9efbf7823cdad59890a617bbe941454f6f4622e38e4ac4622e1d611c9fc085d73aec5a23b5c13ae7f1d783b388 WHIRLPOOL a290ac4d1e421890b99c9b4b78088a5ae5abd52d85c0e96e2398f89a97d8f0a2b958b3a7d0f1c8a2a7df0bc8e7cf8d71fbeb3d4557619f554a787d3718b4aa6e +DIST tripwire-2.4.3.5.tar.gz 965014 SHA256 4bb0b400d8f5d7f8762ffb87a683f113f8c77186689cc63b8cedbbc628c9c33b SHA512 7aef0e7d38f4b6966a806a4e556636c7b2477f4ea5451e89f1749c1535a489c2f490ea13898edff5d7786acf572f77d04430115b8ddd4c6a03c38382feb45269 WHIRLPOOL f5f06d2f509e8047ede81226d3179f253e32aae4193817ab1000dd843f4b9810f6aacc6cd9c0bdc8a0c6835fdb11f79c85838a3b799d8c6565861d43dd433a99 +DIST tripwire-2.4.3.6.tar.gz 1001145 SHA256 f55fe6805f2c159bd67fa3761ba52df95b2a7d0bdd06196847564bac00dd5606 SHA512 4757827b908fd56a014de81609be9cfdf3631d34cbc02214ac800bf6d9c413d85d812bc3211f9dc32ceee97e1f13decd955037a0cbbaf2f8e3020699492bd9bf WHIRLPOOL 0dad2b00a6e868179c1538ec48859a03857fa5bc62dcb9eb3240e11e10cd7ebf4de1fe85802c08abbf1ff1efca0768dcd63ff8088914f53f32cbf7fda20ec706 +EBUILD tripwire-2.4.3.5.ebuild 2407 SHA256 e92dcd221898e4735b4b352ad222ad3b5c78c5475276cb8d15b28b5142641b17 SHA512 a16a7873ce32ee7c86afb14488c439257f5697b84dd20fc9321ab5bb99603b0a614202ef37916e2ce3df3d6b777af06c3e680caec160f9d50add847f06aa9d59 WHIRLPOOL 8da61324fc67f11ef545638b75667f56b33715df2130c02822f28b91783e69778aae12775dfabe04115eea5779b760d6607138887ba9d7841680bc988eb157b9 +EBUILD tripwire-2.4.3.6.ebuild 2410 SHA256 33850be1591ec7add9f1b5abdd316b12b22256cf618b25c9c0b809d7ed33acef SHA512 8afaee953af4e49e2af180a5a941889812f18299fbe05b6ff19966ea639400efc506ebdfe77ce16297b03cd166590d5d2ecb98dd95344430057f81f5f4beb0c6 WHIRLPOOL ab34aaa09b0ae374e79013011f2fdaa0f14fe5b78d1723918cd1f3a7e576aed0b0d1d8df93f866566e049be57493bcf05967abb7f0dacb4047f0dd53592ee98b +MISC ChangeLog 4534 SHA256 70b8e927eb118da4b9f8fc0a3b45d39c53d75f2c2fcff4088f4292464784a449 SHA512 42e38df0a2cc9a95dbfe37299321655bfa637f4c9a9361508cbcfb3e9e57c313d426bbb8af69d0f96cfc1f299e741f6694593c748e95e9635c17e2dd3d0a4af5 WHIRLPOOL 1b86ebc590ff89d1a79b0097b6db8d7d99c0248dc09a2f2103a6f8aa976144f117a83912ba8db5f3a9b831e801e2358181cae976cc2f0b51c67b91fec2d89d2b +MISC ChangeLog-2015 10548 SHA256 7160399cc44557c92981c50f67f726c44103810f2cdd92173d2f636193723324 SHA512 0e6332b6021f6ffe3f0bcdaccc13b2f5af85b8d135e263e42b6b2c3a4caa3e5dbd8efae01e9c04ab3daa977d1ac7e977542c96718443a5a94d2e04e60be9b110 WHIRLPOOL f4b70c099751eab07d4bb85b9effb68b443c870c5eecad70e6ec42441049d26e567abdc4659122a6cc8263efb0dceddd58f798bdd01906dce1f6bf9bb74c33ba +MISC metadata.xml 1616 SHA256 0b739488758f343224051751110c9a5ea9189df298e31c471a8a7929d5d28de1 SHA512 ae04a581b34beb18adb7aea67d9ec17dc5cd897d3e974515c5c59e2e5e8391f86238bcaa59967aa7413c99ce56ae670a7badf8008ed8b6926f7f0a4eab0b83a2 WHIRLPOOL f6e75fbe709dcb4b6d11293edac615288f750b66a654eee24d34981da4ffa0c677fc50ec39262e702c4122ef2998765a827b6e8d639e8266cb358d31b69f9efd diff --git a/app-admin/tripwire/files/tripwire b/app-admin/tripwire/files/tripwire new file mode 100644 index 000000000000..8f0f23f3e2d5 --- /dev/null +++ b/app-admin/tripwire/files/tripwire @@ -0,0 +1,10 @@ +#!/bin/sh +HOST_NAME=`uname -n` +if [ ! -e /var/lib/tripwire/${HOST_NAME}.twd ] ; then + echo "**** Error: Tripwire database for ${HOST_NAME} not found. ****" + echo "**** Check tripwire.txt file for instructions or install ****" + echo "**** app-admin/mktwpol package (if you used the \"tools\" ****" + echo "**** USE flag, this has been done for you already. ****" +else + test -f /etc/tripwire/tw.cfg && /usr/sbin/tripwire --check --quiet +fi diff --git a/app-admin/tripwire/files/tripwire.txt b/app-admin/tripwire/files/tripwire.txt new file mode 100644 index 000000000000..4f47f8bd8196 --- /dev/null +++ b/app-admin/tripwire/files/tripwire.txt @@ -0,0 +1,272 @@ +tripwire.txt v. 11 Sept 2013 + +Introduction to Tripwire, with Gentoo-specific installation information + +Tripwire software can monitor the integrity of critical system files and +directories by identifying specified changes made to selected system +files and directories. Configure Tripwire software to monitor your +system in the way that is best for you. + +Tripwire software works by comparing files and directories against a +defined baseline, stored in a tripwire-created database. Tripwire +generates the baseline by taking a "snapshot" of specified files and +directories. Tripwire software then compares the current system against +the baseline and reports modifications, additions, or deletions. Use +Tripwire software for system security, intrusion detection, damage +assessment, and recovery forensics. + + +To set-up Tripwire Configuration + +The Tripwire tarball installs the basic program files needed to run the +software. However, this installation does not prepare the configuration +files that Tripwire needs to perform correctly. After you install the +tripwire executable files and example configuration, you must: + +1. Review and perhaps edit the plain-text tripwire configuration file + (/etc/tripwire/twcfg.txt) with a text editor, if desired. + +2. Either run a configuration script (twsetup.sh from Gentoo's mktwpol + package, or tripwire-setup-keyfiles from Red Hat, or deprecated + twinstall.sh, also from Red Hat), or run the program `twadmin` with + the correct command line switches to make key files and encrypt/sign + the tripwire configuration file. + + Make site key file + ------------------ + `twadmin --generate-keys -S /etc/tripwire/site.key` + + Make local key file + ------------------- + `twadmin --generate-keys -L /etc/tripwire/$HOSTNAME-local.key` + + Make mandatory signed tripwire configuration file (tw.cfg) + ---------------------------------------------------------- + `twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt` + +Note: Once encrypted/signed, the configuration file, tw.cfg, must not be +renamed or moved. The plain-text tripwire configuration file (twcfg.txt) +should be deleted. It can be recreated with `twadmin --print-cfgfile` + +3. Make a plain-text policy file. The use of the name twpol.txt is + common, but the name of this file is not defined or used by Tripwire, + other than preparation of the encrypted/signed policy file. + + To make the plain-text policy file, either run a policy file generator + (for example, mktwpol.sh from Gentoo's mktwpol package), or edit the + plain-text policy file (twpol-GENERIC.txt, or twpol.txt, or similar) + with a text editor. The plain-text policy file should not refer to + any non-existent file or directory. + + If you edit twpol-GENERIC.txt to act as your plain-text policy file, + provide your system's HOSTNAME at line 61. If you don't provide + the correct HOSTNAME, a tripwire inspection of the target computer's + filesystem will fail to check the tripwire database file for changes. + + TWDB=/var/lib/tripwire/YOUR_HOSTNAME.twd; + +4. Convert the plain-text policy file into the encrypted/signed form + that tripwire will refer to as it examines the files on the target + computer's filesystem. The default filename for the encrypted/signed + policy file is defined in the tripwire configuration file (tw.cfg) + and is usually tw.pol. The encryption/signing of plain-text twpol.txt + is done with yet another `twadmin` command line. + + Make mandatory encrypted/signed system inspection policy file + -------------------------------------------------------------- + `twadmin -m P -c /etc/tripwire/tw.cfg /etc/tripwire/twpol.txt` + +Note: If you modify the plain-text policy file after running the +configuration script, you must re-sign the plain-text policy file before +initializing the database file. Tripwire baseline database creation and +inspections refer to the encrypted/signed policy file, not to the +plain-text policy file. + +Note: The plain-text tripwire policy file (twpol.txt) should be deleted. +It can be recreated with `twadmin --print-polfile` + +5. Initialize the Tripwire database file. + + Record current file attributes in the tripwire database + ------------------------------------------------------- + `tripwire --init -c /etc/tripwire/tw.cfg` + +Note: Tripwire might issue some "Warning: File system error" errors, +and appear to hang. But as long as it follows with "### Continuing...", +it is still working. + +6. Run the first integrity check. + + `tripwire --check -c /etc/tripwire/tw.cfg` + +Note: The use of "-c /etc/tripwire/tw.cfg" is not required if Tripwire +uses the default tripwire configuration directory and file names. If +you defer to tripwire default filenames, then updating a text policy +file into a tripwire database, and running an integrity check, can be +done with these commands: + + `twadmin --create-polfile /etc/tripwire/twpol.txt` + `tripwire --init` + `tripwire --check` + +Modifying the Policy File + +How Tripwire software checks your system is specified in the Tripwire +plain-text policy file (twpol.txt). A default policy file is included in +the Tripwire software installation. This policy file should be tailored +to fit your particular system. Tailoring the policy file is necessary +to take advantage of Tripwire software's ability to monitor changes on +your system. + +The plain-text policy file is usually located at /etc/tripwire/twpol.txt. +An example policy file (located at /etc/tripwire/twpol-GENERIC.txt, or +at /usr/share/doc/tripwire-VER#-REL#/policyguide.txt) is included to +help you learn the policy language. Read the sample policy files and +the comments in the sample policy file to learn the policy language. + +After you modify the plain-text policy file, don't forget! + + encrypt/sign using `twadmin --create-polfile /etc/tripwire/twpol.txt` + + +Selecting Passphrases + +Tripwire files are encrypted/signed using site or local keys. These keys +are protected by passphrases. When selecting passphrases, the following +recommendations apply: + +Use at least eight alphanumeric and symbolic characters for each +passphrase. The maximum length of a passphrase is 1023 characters. +Quotes should not be used as passphrase characters. + +Assign a unique passphrase for the site key. The site key passphrase +protects the site key, which is used to sign Tripwire software +configuration and policy files. Assign a unique passphrase for the local +key. The local key signs the Tripwire baseline database file. The local +key may sign the Tripwire report files also. + +Store the passphrases in a secure location. There is no way to remove +encryption from a signed file if you forget your passphrase and lost the +key files. If you forget the passphrases, the files are unusable. In +that case you must create new key files and the baseline database. + + +Initializing the Database + +In Database Initialization mode, Tripwire software builds a database of +filesystem objects based on the rules in the policy file. This database +serves as the baseline for integrity checks. The syntax for Database +Initialization mode is: + + `tripwire --init -c /etc/tripwire/tw.cfg` + + +Running an Integrity Check + +The Integrity Check mode compares the current file system objects with +their properties recorded in the Tripwire database. Violations are +printed to stdout. The report file is saved and can later be accessed by +twprint. An email option enables you to send email. The syntax for +Integrity Check mode is: + + `tripwire --check -c /etc/tripwire/tw.cfg` + + +Printing Reports - twprint Print Report Mode + +The twprint --print-report mode prints the contents of a Tripwire +report. If you do not specify a report with the --twrfile or -r +command-line argument, the default report file specified by the +configuration file REPORTFILE variable is used. + +Example: On a machine named LIGHTHOUSE, the command could be: + + `twprint -m r --twrfile LIGHTHOUSE-19990622-021212.twr` + + +Updating the Database after an Integrity Check + +Database Update mode enables you to update the Tripwire database after +an integrity check if you determine that the violations discovered are +valid. This update process saves time by enabling you to update the +database without having to re-initialize it. It also enables selective +updating, which cannot be done through re-initialization. The syntax for +Database Update mode is: + + `tripwire --update` + + +Updating the Policy File + +Change the way that Tripwire software scans the system by changing the +rules in the policy file. You can then update the database without a +complete re-initialization. This saves a significant amount of time and +preserves security by keeping the policy file synchronized with the +database it uses. The syntax for Policy Update mode is: + + `tripwire --update-policy` + + +Testing email functions + +Test mode tests the software's email notification system, using the +settings currently specified in the configuration file. The syntax for +Email Test Reporting mode is: + + `tripwire --test` + + +Tripwire Components + +The policy file begins as a text file containing comments, rules, +directives, and variables. These dictate the way Tripwire software +checks your system. Each rule in the policy file specifies a system +object to be monitored. Rules also describe which changes to the object +to report, and which to ignore. + +System objects are the files and directories you wish to monitor. Each +object is identified by an object name. A property refers to a single +characteristic of an object that Tripwire software can monitor. +Directives control conditional processing of sets of rules in a policy +file. During installation, the text policy file is encrypted/signed and +renamed, and becomes the active policy file. + +The database file is an important component of Tripwire software. When +first installed, Tripwire software uses the policy file rules to create +the database file. The database file is a baseline "snapshot" of the +system in a known secure state. Tripwire software compares this baseline +against the current system to determine what changes have occurred. This +is an integrity check. + +When you perform an integrity check, Tripwire software produces report +files. Report files summarize any changes that violated the policy file +rules during the integrity check. You can view the report file in a +variety of formats, at varying levels of detail. + +The Tripwire configuration file stores system-specific information, such +as the location of Tripwire data files. Tripwire software generates some +of the configuration file information during installation. The system +administrator can change parameters in the configuration file at any +time. The configuration file variables POLFILE, DBFILE, REPORTFILE, +SITEKEYFILE, and LOCALKEYFILE specify where the policy file, database +file, report files, and site and local key files reside. These variables +must be defined or the configuration file is invalid. If any of these +variables are undefined, an error occurs on execution of Tripwire +software and the program exits. + + +Tripwire Help + +All Tripwire commands support the help arguments. + +Example: To get help with Create Configuration File mode, type: + + `twadmin --help --create-cfgfile` + + -? Display usage and version information + --help Display all command modes + --help all Display help for all command modes + --help [mode] Display help for current command mode + --version Display version information + +We recommend you read the Tripwire Release Notes and README file. diff --git a/app-admin/tripwire/files/twcfg.txt b/app-admin/tripwire/files/twcfg.txt new file mode 100644 index 000000000000..9cf39bcc01e4 --- /dev/null +++ b/app-admin/tripwire/files/twcfg.txt @@ -0,0 +1,15 @@ +ROOT =/usr/sbin +POLFILE =/etc/tripwire/tw.pol +DBFILE =/var/lib/tripwire/$(HOSTNAME).twd +REPORTFILE =/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr +SITEKEYFILE =/etc/tripwire/site.key +LOCALKEYFILE =/etc/tripwire/$(HOSTNAME)-local.key +EDITOR =/bin/nano +LATEPROMPTING =false +LOOSEDIRECTORYCHECKING =false +MAILNOVIOLATIONS =true +EMAILREPORTLEVEL =3 +REPORTLEVEL =3 +MAILMETHOD =SENDMAIL +SYSLOGREPORTING =false +MAILPROGRAM =/usr/lib/sendmail -oi -t diff --git a/app-admin/tripwire/metadata.xml b/app-admin/tripwire/metadata.xml new file mode 100644 index 000000000000..9cf612218444 --- /dev/null +++ b/app-admin/tripwire/metadata.xml @@ -0,0 +1,35 @@ + + + + + nimiux@gentoo.org + Chema Alonso + + + Tripwire is a tool that aids system administrators and users in + monitoring a designated set of files for any changes. Used with system + files on a regular (e.g., daily) basis, Tripwire can notify system + administrators of corrupted or tampered files, so damage control + measures can be taken in a timely manner. + + + Tripwire es una herramienta que ayuda a los administradores y + usuarios en la monitorizaciĆ³n de los cambios en un conjunto de + ficheros. Se utiliza particularmente en los ficheros de sistema + de un modo regular (por ejemplo diariamente). Tripwire puede + notificar a los administradores de sistema sobre ficheros que + se han corrompido o han sido modificados maliciosamente, por lo + que se pueden adoptar medidas de control de forma periĆ³dica. + + + Installs app-admin/mktwpol, providing scripts + for the installation/setup of tripwire, including generating the + tripwire policy file and maintenance of the tripwire database + Adds support for Secure Socket Layer connections + Builds the package statically + + + tripwire + Tripwire/tripwire-open-source + + diff --git a/app-admin/tripwire/tripwire-2.4.3.5.ebuild b/app-admin/tripwire/tripwire-2.4.3.5.ebuild new file mode 100644 index 000000000000..58e3201aa752 --- /dev/null +++ b/app-admin/tripwire/tripwire-2.4.3.5.ebuild @@ -0,0 +1,79 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools eutils flag-o-matic + +DESCRIPTION="Open Source File Integrity Checker and IDS" +HOMEPAGE="http://www.tripwire.org/" +SRC_URI="https://github.com/Tripwire/tripwire-open-source/archive/${PV}.tar.gz -> ${PF}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc x86 ~x86-fbsd" +IUSE="libressl selinux ssl static +tools" + +DEPEND="sys-devel/automake + sys-devel/autoconf + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + )" +RDEPEND="virtual/cron + virtual/mta + selinux? ( sec-policy/selinux-tripwire ) + ssl? ( dev-libs/openssl )" +PDEPEND="tools? ( app-admin/mktwpol )" + +S="${WORKDIR}/tripwire-open-source-${PV}" + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # tripwire can be sensitive to compiler optimisation. + # see #32613, #45823, and others. + # -taviso@gentoo.org + strip-flags + append-cppflags -DCONFIG_DIR='"\"/etc/tripwire\""' -fno-strict-aliasing + econf $(use_enable ssl openssl) $(use_enable static) +} + +src_install() { + dosbin "${S}"/bin/{siggen,tripwire,twadmin,twprint} + doman "${S}"/man/man{4/*.4,5/*.5,8/*.8} + dodir /etc/tripwire /var/lib/tripwire{,/report} + keepdir /var/lib/tripwire{,/report} + + exeinto /etc/cron.daily + doexe "${FILESDIR}"/tripwire + + dodoc ChangeLog policy/policyguide.txt TRADEMARK \ + "${FILESDIR}"/tripwire.txt + + insinto /etc/tripwire + doins "${FILESDIR}"/twcfg.txt policy/twpol-GENERIC.txt + + fperms 750 /etc/cron.daily/tripwire +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]] ; then + elog "Tripwire needs to be configured before its first run. You can" + elog "do this by manually editing the twpol-GENERIC.txt file shipped with" + elog "the package to suit your needs. A quickstart guide is provided" + elog "in tripwire.txt file to help you with this." + elog "To configure tripwire automatically, you can use the twsetup.sh" + elog "script provided by the app-admin/mktwpol package. This package is" + elog "installed for you by the \"tools\" USE flag (which is enabled by" + elog "default." +else + elog "Maintenance of tripwire policy files as packages are added" + elog "and deleted from your system can be automated by the mktwpol.sh" + elog "script provided by the app-admin/mktwpol package. This package" + elog "is installed for you if you append \"tools\" to your USE flags" + fi +} diff --git a/app-admin/tripwire/tripwire-2.4.3.6.ebuild b/app-admin/tripwire/tripwire-2.4.3.6.ebuild new file mode 100644 index 000000000000..ec2cc9bc418b --- /dev/null +++ b/app-admin/tripwire/tripwire-2.4.3.6.ebuild @@ -0,0 +1,79 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools eutils flag-o-matic + +DESCRIPTION="Open Source File Integrity Checker and IDS" +HOMEPAGE="http://www.tripwire.org/" +SRC_URI="https://github.com/Tripwire/tripwire-open-source/archive/${PV}.tar.gz -> ${PF}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86 ~x86-fbsd" +IUSE="libressl selinux ssl static +tools" + +DEPEND="sys-devel/automake + sys-devel/autoconf + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + )" +RDEPEND="virtual/cron + virtual/mta + selinux? ( sec-policy/selinux-tripwire ) + ssl? ( dev-libs/openssl )" +PDEPEND="tools? ( app-admin/mktwpol )" + +S="${WORKDIR}/tripwire-open-source-${PV}" + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # tripwire can be sensitive to compiler optimisation. + # see #32613, #45823, and others. + # -taviso@gentoo.org + strip-flags + append-cppflags -DCONFIG_DIR='"\"/etc/tripwire\""' -fno-strict-aliasing + econf $(use_enable ssl openssl) $(use_enable static) +} + +src_install() { + dosbin "${S}"/bin/{siggen,tripwire,twadmin,twprint} + doman "${S}"/man/man{4/*.4,5/*.5,8/*.8} + dodir /etc/tripwire /var/lib/tripwire{,/report} + keepdir /var/lib/tripwire{,/report} + + exeinto /etc/cron.daily + doexe "${FILESDIR}"/tripwire + + dodoc ChangeLog policy/policyguide.txt TRADEMARK \ + "${FILESDIR}"/tripwire.txt + + insinto /etc/tripwire + doins "${FILESDIR}"/twcfg.txt policy/twpol-GENERIC.txt + + fperms 750 /etc/cron.daily/tripwire +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]] ; then + elog "Tripwire needs to be configured before its first run. You can" + elog "do this by manually editing the twpol-GENERIC.txt file shipped with" + elog "the package to suit your needs. A quickstart guide is provided" + elog "in tripwire.txt file to help you with this." + elog "To configure tripwire automatically, you can use the twsetup.sh" + elog "script provided by the app-admin/mktwpol package. This package is" + elog "installed for you by the \"tools\" USE flag (which is enabled by" + elog "default." +else + elog "Maintenance of tripwire policy files as packages are added" + elog "and deleted from your system can be automated by the mktwpol.sh" + elog "script provided by the app-admin/mktwpol package. This package" + elog "is installed for you if you append \"tools\" to your USE flags" + fi +} -- cgit v1.2.3