summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'app-forensics/aide')
-rw-r--r--app-forensics/aide/aide-0.17.4-r3.ebuild104
-rw-r--r--app-forensics/aide/files/aide-0.17.4-configure.patch131
2 files changed, 235 insertions, 0 deletions
diff --git a/app-forensics/aide/aide-0.17.4-r3.ebuild b/app-forensics/aide/aide-0.17.4-r3.ebuild
new file mode 100644
index 000000000000..98e483d06975
--- /dev/null
+++ b/app-forensics/aide/aide-0.17.4-r3.ebuild
@@ -0,0 +1,104 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools readme.gentoo-r1
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a file integrity checker"
+HOMEPAGE="https://aide.github.io/ https://github.com/aide/aide"
+SRC_URI="https://github.com/aide/aide/releases/download/v${PV}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+IUSE="acl audit curl e2fs mhash selinux xattr zlib"
+
+DEPEND="dev-libs/libpcre
+ acl? ( virtual/acl )
+ audit? ( sys-process/audit )
+ curl? ( net-misc/curl )
+ e2fs? ( sys-fs/e2fsprogs )
+ !mhash? (
+ dev-libs/libgcrypt:0=
+ dev-libs/libgpg-error
+ )
+ mhash? ( app-crypt/mhash )
+ selinux? ( sys-libs/libselinux )
+ xattr? ( sys-apps/attr )
+ zlib? ( sys-libs/zlib )"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-aide )"
+BDEPEND="sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig"
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="
+Example configuration file was installed at '${EPREFIX}/etc/aide/aide.conf'.
+Please edit it to meet your needs. Refer to aide.conf(5) manual page
+for more information.
+
+A helper script, aideinit, was installed and can be used to make AIDE
+management easier. Please run 'aideinit --help' for more information."
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-0.16-fix-acl-configure-option.patch
+ "${FILESDIR}"/${PN}-0.17.4-configure.patch
+)
+
+src_prepare() {
+ default
+
+ sed -i -e 's| -Werror||g' configure.ac || die
+
+ # Only needed for snapshots.
+ if [[ ${PV} == *_p* ]] ; then
+ echo "m4_define([AIDE_VERSION], [${PV}])" > version.m4 || die
+ fi
+
+ # Can be dropped once Bashism patch is gone
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ --sysconfdir="${EPREFIX}"/etc/${PN}
+
+ # Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/
+ # This doesn't affect anything because there are no localizations yet.
+ --without-locale
+
+ --without-prelink
+ $(use_with zlib)
+ $(use_with curl)
+ $(use_with acl posix-acl)
+ $(use_with selinux)
+ $(use_with xattr)
+ $(use_with e2fs e2fsattrs)
+ $(use_with mhash mhash)
+ $(use_with !mhash gcrypt)
+ $(use_with audit)
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+
+ readme.gentoo_create_doc
+
+ insinto /etc/${PN}
+ insopts -m0600
+ newins "${FILESDIR}"/aide.conf-r2 aide.conf
+
+ dosbin "${FILESDIR}"/aideinit
+ dodoc -r contrib/ "${FILESDIR}"/aide.cron-r2
+
+ keepdir /var/{lib,log}/${PN}
+}
+
+pkg_postinst() {
+ readme.gentoo_print_elog
+}
diff --git a/app-forensics/aide/files/aide-0.17.4-configure.patch b/app-forensics/aide/files/aide-0.17.4-configure.patch
new file mode 100644
index 000000000000..adf9925d9458
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.17.4-configure.patch
@@ -0,0 +1,131 @@
+https://github.com/aide/aide/pull/145
+https://bugs.gentoo.org/881707
+
+From 0a7f36406f3f21e4fcdc0c410ff626c352f2d080 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Fri, 18 Nov 2022 00:04:10 +0000
+Subject: [PATCH 1/2] Fix bashisms in build system
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+configure scripts need to be runnable with a POSIX-compliant /bin/sh.
+
+On many (but not all!) systems, /bin/sh is provided by Bash, so errors
+like this aren't spotted. Notably Debian defaults to /bin/sh provided
+by dash which doesn't tolerate such bashisms as '=='.
+
+This retains compatibility with bash.
+
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/configure.ac
++++ b/configure.ac
+@@ -329,7 +329,7 @@ fi
+ AC_CHECK_HEADERS(syslog.h inttypes.h fcntl.h ctype.h)
+
+ PCRELIB="-lpcre"
+-if test "$aide_static_choice" == "yes"; then
++if test "$aide_static_choice" = "yes"; then
+ PCRELIB="$PCRELIB -pthread"
+ fi
+ AC_CHECK_LIB(pcre, pcre_exec, [
+@@ -426,14 +426,14 @@ AS_IF([test "x$with_selinux_support" != xno],
+ AC_DEFINE(WITH_SELINUX,1,[use SELinux])
+ [AC_MSG_RESULT(yes)
+ if test "x$PKG_CONFIG" != xno && $PKG_CONFIG --exists libselinux; then
+- if test "$aide_static_choice" == "yes"; then
++ if test "$aide_static_choice" = "yes"; then
+ SELINUXLIB=$(${PKG_CONFIG} --libs libselinux --static)
+ else
+ SELINUXLIB=$(${PKG_CONFIG} --libs libselinux)
+ fi
+ else
+ SELINUXLIB="-lselinux"
+- if test "$aide_static_choice" == "yes"; then
++ if test "$aide_static_choice" = "yes"; then
+ saveLIBS=$LIBS
+ LIBS="-static $SELINUXLIB"
+ AC_SEARCH_LIBS([lgetfilecon_raw], [], [], [SELINUXLIB="$SELINUXLIB -lpthread"])
+@@ -555,7 +555,7 @@ AC_ARG_ENABLE([default_db],
+ [do not set default values for database_in and database_out config options]),
+ [enable_default_db=$enableval],[enable_default_db=yes])
+
+-if test "$enable_default_db" == "yes"; then
++if test "$enable_default_db" = "yes"; then
+
+ if test "x$sysconfdir" != x'${prefix}/etc'; then
+ evalled_sysconfdir=`eval echo "$sysconfdir"`
+@@ -592,7 +592,7 @@ AC_ARG_WITH([curl],
+ [use curl library for http, https and ftp database backend (default: no)]),
+ [with_curl=$withval], [with_curl=no])
+ AS_IF([test "x$with_curl" = "xyes"], [
+- if test "$aide_static_choice" == "yes"; then
++ if test "$aide_static_choice" = "yes"; then
+ PKG_CHECK_MODULES_STATIC(CURL, [libcurl], , [AC_MSG_RESULT([libcurl not found by pkg-config - Try --without-curl or add directory containing libcurl.pc to PKG_CONFIG_PATH environment variable])])
+ else
+ PKG_CHECK_MODULES(CURL, [libcurl], , [AC_MSG_RESULT([libcurl not found by pkg-config - Try --without-curl or add directory containing libcurl.pc to PKG_CONFIG_PATH environment variable])])
+@@ -671,7 +671,7 @@ AS_IF([test "x$with_audit" != xno],
+ AC_MSG_ERROR(You don't have libaudit properly installed. Install it if you need it.)
+ )
+ AUDITLIB="-laudit"
+- if test "$aide_static_choice" == "yes"; then
++ if test "$aide_static_choice" = "yes"; then
+ saveLIBS=$LIBS
+ LIBS="-static $AUDITLIB"
+ AC_CHECK_LIB([audit], [audit_log_user_message], [], [
+
+From 67ad6efc7596c9b3ffdeb411bae942d757e2d96f Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Fri, 18 Nov 2022 00:04:53 +0000
+Subject: [PATCH 2/2] Fix configure.ac compatibility with Clang 16
+
+Clang 16 makes -Wimplicit-function-declaration and -Wimplicit-int errors by default.
+
+Unfortunately, this can lead to misconfiguration or miscompilation of software as configure
+tests may then return the wrong result.
+
+We also fix -Wstrict-prototypes while here as it's easy to do and it prepares
+us for C23.
+
+For more information, see LWN.net [0] or LLVM's Discourse [1], the Gentoo wiki [2],
+or the (new) c-std-porting mailing list [3].
+
+[0] https://lwn.net/Articles/913505/
+[1] https://discourse.llvm.org/t/configure-script-breakage-with-the-new-werror-implicit-function-declaration/65213
+[2] https://wiki.gentoo.org/wiki/Modern_C_porting
+[3] hosted at lists.linux.dev.
+
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/configure.ac
++++ b/configure.ac
+@@ -295,8 +295,11 @@ AC_CHECK_FUNCS(fcntl ftruncate posix_fadvise asprintf snprintf \
+ AC_CACHE_CHECK([for open/O_NOATIME], db_cv_open_o_noatime, [
+ echo "test for working open/O_NOATIME" > __o_noatime_file
+ AC_TRY_RUN([
+-#include <sys/types.h>
+ #include <fcntl.h>
++#include <stdlib.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <unistd.h>
+ #ifndef O_NOATIME
+ #if defined(__linux__) && (defined(__i386__) || defined(__PPC__))
+ #define O_NOATIME 01000000
+@@ -304,13 +307,14 @@ AC_TRY_RUN([
+ #define O_NOATIME 0
+ #endif
+ #endif
+-main() {
++int main(void) {
+ int c, fd = open("__o_noatime_file", O_RDONLY | O_NOATIME, 0);
+ exit ((!O_NOATIME) || (fd == -1) || (read(fd, &c, 1) != 1));
+ }], [db_cv_open_o_noatime=yes], [db_cv_open_o_noatime=no],
+ AC_TRY_LINK([
+-#include <sys/types.h>
+ #include <fcntl.h>
++#include <sys/types.h
++#include <sys/stat.h>
+ #ifndef O_NOATIME
+ #if defined(__linux__) && (defined(__i386__) || defined(__PPC__))
+ #define O_NOATIME 01000000
+