1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/app-forensics/openscap/openscap-1.0.1.ebuild,v 1.2 2013/12/26 16:52:27 swift Exp $
EAPI=5
PYTHON_DEPEND="2"
PYTHON_COMPAT=( python{2_5,2_6,2_7} )
inherit bash-completion-r1 eutils multilib python-r1
DESCRIPTION="Framework which enables integration with the Security Content Automation Protocol (SCAP)"
HOMEPAGE="http://www.open-scap.org/"
SRC_URI="https://fedorahosted.org/releases/o/p/${PN}/${P}.tar.gz"
LICENSE="LGPL-2.1"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="acl bash-completion caps debug doc gconf ldap nss pcre perl python rpm selinux sce sql test xattr"
#RESTRICT="test"
RDEPEND="!nss? ( dev-libs/libgcrypt )
nss? ( dev-libs/nss )
acl? ( virtual/acl )
caps? ( sys-libs/libcap )
gconf? ( gnome-base/gconf )
ldap? ( net-nds/openldap )
pcre? ( dev-libs/libpcre )
rpm? ( >=app-arch/rpm-4.9 )
sql? ( dev-db/opendbx )
xattr? ( sys-apps/attr )
dev-libs/libpcre
dev-libs/libxml2
dev-libs/libxslt
net-misc/curl"
DEPEND="${RDEPEND}
doc? ( app-doc/doxygen )
perl? ( dev-lang/swig )
python? ( dev-lang/swig )
test? (
app-arch/unzip
dev-perl/XML-XPath
net-misc/ipcalc
sys-apps/grep )"
src_prepare() {
# uncoment for debugging test
# sed -i 's,set -e,&;set -x,' tests/API/XCCDF/unittests/test_remediate_simple.sh || die
sed -i 's,^ bash, LC_ALL=C bash,' tests/probes/process/test_probes_process.sh || die
sed -i 's/uname -p/uname -m/' tests/probes/uname/test_probes_uname.xml.sh || die
#probe runlevel for non-centos/redhat/fedora is not implemented
sed -i 's,.*runlevel_test.*,echo "runlevel test bypassed",' tests/mitre/test_mitre.sh || die
sed -i 's,probecheck "runlevel,probecheck "runlevellllll,' tests/probes/runlevel/test_probes_runlevel.sh || die
#According to comment of theses tests, we must modify it. For the moment disable it
sed -i 's,.*linux-def_inetlisteningservers_test,#&,' tests/mitre/test_mitre.sh || die
sed -i 's,.*ind-def_environmentvariable_test,#&,' tests/mitre/test_mitre.sh || die
# theses tests are hardcoded for checking hald process...,
# but no good solution for the moment, disabling them with a fake echo
# because encased in a if then
# sed -i 's,ha.d,/sbin/udevd --daemon,g' tests/mitre/unix-def_process_test.xml || die
# sed -i 's,ha.d,/sbin/udevd --daemon,g' tests/mitre/unix-def_process58_test.xml || die
sed -i 's,.*process_test.*,echo "process test bypassed",' tests/mitre/test_mitre.sh || die
sed -i 's,.*process58_test.*,echo "process58 test bypassed",' tests/mitre/test_mitre.sh || die
#This test fail
sed -i 's,.*generate report: xccdf,#&,' tests/API/XCCDF/unittests/all.sh || die
if ! use rpm ; then
sed -i 's,probe_rpminfo_req_deps_ok=yes,probe_rpminfo_req_deps_ok=no,' configure || die
sed -i 's,probe_rpminfo_opt_deps_ok=yes,probe_rpminfo_opt_deps_ok=no,' configure || die
sed -i 's,probe_rpmverify_req_deps_ok=yes,probe_rpmverify_req_deps_ok=no,' configure || die
sed -i 's,probe_rpmverify_opt_deps_ok=yes,probe_rpmverify_opt_deps_ok=no,' configure || die
sed -i 's,^probe_rpm.*_deps_missing=,&disabled_by_USE_flag,' configure || die
sed -i 's,.*rpm.*,#&,' tests/mitre/test_mitre.sh || die
fi
if ! use selinux ; then
einfo "Disabling SELinux probes"
sed -i 's,.*selinux.*, echo "SELinux test bypassed",' tests/mitre/test_mitre.sh || die
#process58 need selinux
sed -i 's,.*process58,#&,' tests/mitre/test_mitre.sh || die
fi
if ! use ldap; then
einfo "Disabling LDAP probes"
sed -i 's,ldap.h,ldapp.h,g' configure || die
fi
epatch_user
}
src_configure() {
python_setup
local myconf
if use debug ; then
myconf+=" --enable-debug"
fi
if use python ; then
myconf+=" --enable-python"
else
myconf+=" --enable-python=no"
fi
if use perl ; then
myconf+=" --enable-perl"
fi
if use nss ; then
myconf+=" --with-crypto=nss3"
else
myconf+=" --with-crypto=gcrypt"
fi
if use sce ; then
myconf+=" --enable-sce"
else
myconf+=" --enable-sce=no"
fi
econf ${myconf}
}
src_compile() {
emake
if use doc ; then
cd docs && doxygen Doxyfile || die
fi
}
src_install() {
emake install DESTDIR="${D}" || die
find "${D}" -name '*.la' -delete || die
if use doc ; then
dohtml -r docs/html/* || die
dodoc docs/examples/* || die
fi
if use bash-completion ; then
dobashcomp "${D}"/etc/bash_completion.d/oscap
fi
rm -rf "${D}"/etc/bash_completion.d || die
}
|