summaryrefslogtreecommitdiff
blob: bf8eccb1e009cdf047b1f350d75e6011ae8ab067 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/pyflag-0.82.ebuild,v 1.3 2007/01/24 03:20:44 genone Exp $

inherit eutils autotools

DESCRIPTION="Tool for analysing log files, tcpdump files and hard disk images"
HOMEPAGE="http://pyflag.sf.net"
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~x86"

IUSE=""
COMMON_DEPEND="
		net-libs/libpcap
		sys-apps/file
		dev-python/mysql-python
		sys-libs/zlib
		app-antivirus/clamav
		>=app-forensics/sleuthkit-2.03
		dev-python/pexpect
		dev-python/imaging
		media-libs/ploticus"

RDEPEND="${COMMON_DEPEND}
		virtual/mysql"

DEPEND=">=dev-lang/swig-1.3
		${COMMON_DEPEND}"

#
# TODO: init scripts
#

src_unpack() {
	unpack "${A}"
	epatch "${FILESDIR}/${P}-nodbtool.patch"
	cd "${S}"
	AT_M4DIR="config" eautoreconf
}

src_install() {
	emake DESTDIR="${D}" install || die

	#maybe later
	#newinitd "${FILESDIR}/${P}-init"  pyflag
	#newconfd "${FILESDIR}/${P}-conf"  pyflag
}

pkg_postinst() {
	elog "Optionally enter database details in /etc/pyflagrc"
	elog
	elog "To start PyFlag just run \"pyflag\" as a normal user"
	elog "then open your web browser on http://localhost:8000"
	elog
	elog "To create a database user \"emerge --config =${PF}\""
}

pkg_config() {
	ewarn "This creates the approprate adminstrative user for pyflag"
	ewarn "Run pyflag with the entered credentials to create the"
	ewarn "tables and database."
	einfo
	einfo "Enter user to create:"
	read USER
	einfo "Enter user's password:"
	read PASSWORD

	# note - poor privledge separation is used in pyflag
	# recommend not sharing with other security consious databases.
	# it may be possible to imporve this a bit using manual permission setting.
	einfo "Enter mysql root database password:"
	echo GRANT ALL PRIVILEGES ON "*.*" TO $USER@localhost \
		IDENTIFIED BY \"$PASSWORD\"\; FLUSH PRIVILEGES\;  \
		| /usr/bin/mysql -u root -p

	einfo "Do you want this data to be used for all users (y/n)?"
	ewarn "Warning - all credentials will be in a world readable file"
	ewarn "This overwrites settings in ${ROOT}/etc/pyflagrc"
	read  GLOBAL
	if [ "${GLOBAL}" == "y" ] || [ "${GLOBAL}" == "Y" ]; then
		einfo "updating global settings"
		sed -i -e "s:PYFLAG_DBUSER=.*:PYFLAG_DBUSER=$USER:" \
				-e "s:PYFLAG_DBPASSWD=.*:PYFLAG_DBPASSWD=$PASSWORD:" \
				"${ROOT}/etc/pyflagrc"
	fi
}