[arch-commits] Commit in aide/repos (3 files)
Felix Yan
felixonmars at archlinux.org
Sat Nov 10 10:55:59 UTC 2018
Date: Saturday, November 10, 2018 @ 10:55:58
Author: felixonmars
Revision: 405662
archrelease: copy trunk to community-staging-x86_64
Added:
aide/repos/community-staging-x86_64/
aide/repos/community-staging-x86_64/PKGBUILD
(from rev 405661, aide/trunk/PKGBUILD)
aide/repos/community-staging-x86_64/aide.conf
(from rev 405661, aide/trunk/aide.conf)
-----------+
PKGBUILD | 50 ++++++++++++++++++++
aide.conf | 146 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 196 insertions(+)
Copied: aide/repos/community-staging-x86_64/PKGBUILD (from rev 405661, aide/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2018-11-10 10:55:58 UTC (rev 405662)
@@ -0,0 +1,50 @@
+# Maintainer: Lukas Jirkovsky <l.jirkovsky at gmail.com>
+# Contributor: Thomas S Hatch <thatch45 at gmail.copm>
+# Contributor: Daniel J Griffiths <ghost1227 at archlinux.us>
+# Contributor: Tom Newsom <Jeepster at gmx.co.uk>
+
+pkgname=aide
+pkgver=0.16
+pkgrel=2
+pkgdesc='A file integrity checker and intrusion detection program.'
+arch=('x86_64')
+url="http://aide.sourceforge.net/"
+license=('GPL')
+depends=('acl' 'e2fsprogs' 'elfutils' 'mhash' 'pcre')
+backup=('etc/aide.conf')
+source=(http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.gz{,.asc} \
+ aide.conf)
+md5sums=('25c616f67c667acd4088747ae7f6a9a3'
+ 'SKIP'
+ 'd3ac69ad7c12c1686f8accf2717139f6')
+validpgpkeys=('2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931') # Hannes von Haugwitz <hannes at vonhaugwitz.com>
+
+prepare() {
+ cd $srcdir/$pkgname-$pkgver
+ sed -i 's#attr/xattr.h#sys/xattr.h#' include/aide.h
+ sed -i 's#attr/xattr.h#sys/xattr.h#' include/db_config.h
+ sed -i 's#ENOATTR#ENODATA#' src/do_md.c
+}
+
+build() {
+ cd $srcdir/$pkgname-$pkgver
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --with-mhash \
+ --with-posix-acl \
+ --with-prelink \
+ --with-xattr \
+ --with-zlib \
+ --with-e2fsattrs \
+ --disable-static
+ make
+}
+
+package() {
+ cd $srcdir/$pkgname-$pkgver
+ make DESTDIR=$pkgdir install
+
+ install -D -m644 $srcdir/aide.conf $pkgdir/etc/aide.conf
+ mkdir -p $pkgdir/var/{log,lib}/aide/
+}
Copied: aide/repos/community-staging-x86_64/aide.conf (from rev 405661, aide/trunk/aide.conf)
===================================================================
--- community-staging-x86_64/aide.conf (rev 0)
+++ community-staging-x86_64/aide.conf 2018-11-10 10:55:58 UTC (rev 405662)
@@ -0,0 +1,146 @@
+# Example configuration file for AIDE.
+#
+@@define DBDIR /var/lib/aide
+@@define LOGDIR /var/log/aide
+
+# The location of the database to be read.
+database=file:@@{DBDIR}/aide.db.gz
+
+# The location of the database to be written.
+#database_out=sql:host:port:database:login_name:passwd:table
+#database_out=file:aide.db.new
+database_out=file:@@{DBDIR}/aide.db.new.gz
+
+# Whether to gzip the output to database
+gzip_dbout=yes
+
+# Default.
+verbose=5
+
+report_url=file:@@{LOGDIR}/aide.log
+report_url=stdout
+#report_url=stderr
+#
+# Here are all the attributes we can check
+#p: permissions
+#i: inode
+#n: number of links
+#l: link name
+#u: user
+#g: group
+#s: size
+###b: block count
+#m: mtime
+#a: atime
+#c: ctime
+#S: check for growing size
+#I: ignore changed filename
+#ANF: allow new files
+#ARF: allow removed files
+#
+
+# Here are all the digests we can use
+#md5: md5 checksum
+#sha1: sha1 checksum
+#sha256: sha256 checksum
+#sha512: sha512 checksum
+#rmd160: rmd160 checksum
+#tiger: tiger checksum
+#haval: haval checksum
+#crc32: crc32 checksum
+#gost: gost checksum
+#whirlpool: whirlpool checksum
+
+# These are the default rules
+#R: p+i+l+n+u+g+s+m+c+md5
+#L: p+i+l+n+u+g
+#E: Empty group
+#>: Growing logfile p+l+u+g+i+n+S
+
+# You can create custom rules - my home made rule definition goes like this
+ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
+ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
+# Everything but access time (Ie. all changes)
+EVERYTHING = R+ALLXTRAHASHES
+
+# Sane, with multiple hashes
+# NORMAL = R+rmd160+sha256+whirlpool
+NORMAL = R+rmd160+sha256
+
+# For directories, don't bother doing hashes
+DIR = p+i+n+u+g+acl+xattrs
+
+# Access control only
+PERMS = p+i+u+g+acl
+
+# Logfile are special, in that they often change
+LOG = >
+
+# Just do md5 and sha256 hashes
+LSPP = R+sha256
+
+# Some files get updated automatically, so the inode/ctime/mtime change
+# but we want to know when the data inside them changes
+DATAONLY = p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger
+
+
+# Next decide what directories/files you want in the database.
+
+/boot NORMAL
+/bin NORMAL
+/sbin NORMAL
+/lib NORMAL
+/lib64 NORMAL
+/opt NORMAL
+/usr NORMAL
+/root NORMAL
+# These are too volatile
+!/usr/src
+!/usr/tmp
+
+# Check only permissions, inode, user and group for /etc, but
+# cover some important files closely.
+/etc PERMS
+!/etc/mtab
+# Ignore backup files
+!/etc/.*~
+/etc/exports NORMAL
+/etc/fstab NORMAL
+/etc/passwd NORMAL
+/etc/group NORMAL
+/etc/gshadow NORMAL
+/etc/shadow NORMAL
+/etc/security/opasswd NORMAL
+
+/etc/hosts.allow NORMAL
+/etc/hosts.deny NORMAL
+
+/etc/sudoers NORMAL
+/etc/skel NORMAL
+
+/etc/logrotate.d NORMAL
+
+/etc/resolv.conf DATAONLY
+
+/etc/nscd.conf NORMAL
+/etc/securetty NORMAL
+
+# Shell/X starting files
+/etc/profile NORMAL
+/etc/bashrc NORMAL
+/etc/bash_completion.d/ NORMAL
+/etc/login.defs NORMAL
+/etc/zprofile NORMAL
+/etc/zshrc NORMAL
+/etc/zlogin NORMAL
+/etc/zlogout NORMAL
+/etc/profile.d/ NORMAL
+/etc/X11/ NORMAL
+
+# Ignore logs
+!/var/lib/pacman/.*
+!/var/cache/.*
+!/var/log/.*
+!/var/run/.*
+!/var/spool/.*
+
More information about the arch-commits
mailing list