[arch-commits] Commit in osquery/repos/community-x86_64 (3 files)

Anatol Pomozov anatolik at archlinux.org
Wed Jun 3 21:34:59 UTC 2020


    Date: Wednesday, June 3, 2020 @ 21:34:57
  Author: anatolik
Revision: 638588

archrelease: copy trunk to community-x86_64

Added:
  osquery/repos/community-x86_64/PKGBUILD
    (from rev 638586, osquery/trunk/PKGBUILD)
Deleted:
  osquery/repos/community-x86_64/PKGBUILD
  osquery/repos/community-x86_64/yara4.patch

-------------+
 PKGBUILD    |   88 +++++++++++++++++++++++++++-------------------------------
 yara4.patch |   59 --------------------------------------
 2 files changed, 42 insertions(+), 105 deletions(-)

Deleted: PKGBUILD
===================================================================
--- PKGBUILD	2020-06-03 21:34:50 UTC (rev 638587)
+++ PKGBUILD	2020-06-03 21:34:57 UTC (rev 638588)
@@ -1,46 +0,0 @@
-# Maintainer: Anatol Pomozov
-
-pkgname=osquery
-pkgver=4.3.0
-pkgrel=2
-pkgdesc='SQL powered operating system instrumentation, monitoring, and analytics'
-arch=(x86_64)
-url='https://osquery.io'
-license=(Apache GPL2)
-depends=(augeas boost-libs gflags google-glog aws-sdk-cpp librdkafka rocksdb gtest device-mapper rpm-tools dpkg lvm2 libelfin lldpd rapidjson sleuthkit ssdeep thrift yara lmdb iptables)
-makedepends=(cmake ninja python boost linenoise-ng)
-# patched version of smartools that we need to build statically to avoid collision with the upstream version
-_smartmontools_commit=5f7669fba545f32a6d0c07e2be67df16f3eb354b
-source=(osquery-$pkgver.zip::https://github.com/osquery/osquery/archive/$pkgver.zip
-        third-party-smartmontools.zip::https://github.com/osquery/third-party-smartmontools/archive/$_smartmontools_commit.zip
-        devendorize.patch::https://github.com/anatol/osquery/compare/$pkgver...$pkgver-archlinux.patch
-	yara4.patch)
-sha256sums=('69b570a6e5b4d3a92a7f3812fc78137383aa564025d697cef6e8717e404e3b66'
-            '891f11acd804aa0d53dbec599e6a32ad9c1e5392a3eb4022714871f3a1ce95ee'
-            'b916c36f7e0394baf627fb0991431f77d796b29014719b754e05a761576def05'
-            '201b3a9f5594214b3133492618b321f428fd2cfbdec63e88436a50c748710158')
-
-prepare() {
-  cd osquery-$pkgver
-  patch -p1 < ../devendorize.patch
-
-  rm -rf libraries/cmake/source/smartmontools/src
-  ln -sf `pwd`/../third-party-smartmontools-$_smartmontools_commit libraries/cmake/source/smartmontools/src
-
-  patch -p1 < ../yara4.patch
-}
-
-build() {
-  cd osquery-$pkgver
-
-  cmake -DCMAKE_BUILD_TYPE=Release -DOSQUERY_STATIC_BUILD=OFF -DCMAKE_INSTALL_PREFIX=/usr -DOSQUERY_VERSION=$pkgver -S . -B build
-  cmake --build build
-}
-
-package() {
-  cd osquery-$pkgver
-
-  cmake --build build --target install -- DESTDIR="$pkgdir"
-  install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
-  rm -r "$pkgdir/etc/init.d/"
-}

Copied: osquery/repos/community-x86_64/PKGBUILD (from rev 638586, osquery/trunk/PKGBUILD)
===================================================================
--- PKGBUILD	                        (rev 0)
+++ PKGBUILD	2020-06-03 21:34:57 UTC (rev 638588)
@@ -0,0 +1,42 @@
+# Maintainer: Anatol Pomozov
+
+pkgname=osquery
+pkgver=4.3.0
+pkgrel=3
+pkgdesc='SQL powered operating system instrumentation, monitoring, and analytics'
+arch=(x86_64)
+url='https://osquery.io'
+license=(Apache GPL2)
+depends=(augeas boost-libs gflags google-glog aws-sdk-cpp librdkafka rocksdb gtest device-mapper rpm-tools dpkg lvm2 libelfin lldpd rapidjson sleuthkit ssdeep thrift yara lmdb iptables)
+makedepends=(cmake ninja python boost linenoise-ng)
+# patched version of smartools that we need to build statically to avoid collision with the upstream version
+_smartmontools_commit=5f7669fba545f32a6d0c07e2be67df16f3eb354b
+source=(osquery-$pkgver.zip::https://github.com/osquery/osquery/archive/$pkgver.zip
+        third-party-smartmontools.zip::https://github.com/osquery/third-party-smartmontools/archive/$_smartmontools_commit.zip
+        devendorize.patch::https://github.com/anatol/osquery/compare/$pkgver...237764c7367a6056917b66eb0616101cc444699c.patch)
+sha256sums=('69b570a6e5b4d3a92a7f3812fc78137383aa564025d697cef6e8717e404e3b66'
+            '891f11acd804aa0d53dbec599e6a32ad9c1e5392a3eb4022714871f3a1ce95ee'
+            'b2f3dfbdd472f085c895807e7fefe11be3ec301afb4a2e172cdff2ceda3f6b62')
+
+prepare() {
+  cd osquery-$pkgver
+  patch -p1 < ../devendorize.patch
+
+  rm -rf libraries/cmake/source/smartmontools/src
+  ln -sf `pwd`/../third-party-smartmontools-$_smartmontools_commit libraries/cmake/source/smartmontools/src
+}
+
+build() {
+  cd osquery-$pkgver
+
+  cmake -DCMAKE_BUILD_TYPE=Release -DOSQUERY_STATIC_BUILD=OFF -DCMAKE_INSTALL_PREFIX=/usr -DOSQUERY_VERSION=$pkgver -S . -B build
+  cmake --build build
+}
+
+package() {
+  cd osquery-$pkgver
+
+  cmake --build build --target install -- DESTDIR="$pkgdir"
+  install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+  rm -r "$pkgdir/etc/init.d/"
+}

Deleted: yara4.patch
===================================================================
--- yara4.patch	2020-06-03 21:34:50 UTC (rev 638587)
+++ yara4.patch	2020-06-03 21:34:57 UTC (rev 638588)
@@ -1,59 +0,0 @@
-commit 01d01e39a87e339c88cab216b85ee14428c0f2ec
-Author: Anatol Pomozov <anatol.pomozov at gmail.com>
-Date:   Fri May 15 19:04:57 2020 -0700
-
-    Adopt code for the YARA 4 API changes
-    
-    https://github.com/VirusTotal/yara/wiki/Backward-incompatible-changes-in-YARA-4.0-API
-
-diff --git a/osquery/tables/yara/yara_utils.cpp b/osquery/tables/yara/yara_utils.cpp
-index 897c18c2..d08bf437 100644
---- a/osquery/tables/yara/yara_utils.cpp
-+++ b/osquery/tables/yara/yara_utils.cpp
-@@ -31,6 +31,7 @@ bool yaraShouldSkipFile(const std::string& path, mode_t st_mode) {
- void YARACompilerCallback(int error_level,
-                           const char* file_name,
-                           int line_number,
-+                          const YR_RULE* rule,
-                           const char* message,
-                           void* user_data) {
-   if (error_level == YARA_ERROR_LEVEL_ERROR) {
-@@ -209,7 +210,7 @@ Status handleRuleFiles(const std::string& category,
-  * This is the YARA callback. Used to store matching rules in the row which is
-  * passed in as user_data.
-  */
--int YARACallback(int message, void* message_data, void* user_data) {
-+int YARACallback(YR_SCAN_CONTEXT* context, int message, void* message_data, void* user_data) {
-   if (message == CALLBACK_MSG_RULE_MATCHING) {
-     Row* r = (Row*)user_data;
-     YR_RULE* rule = (YR_RULE*)message_data;
-@@ -223,7 +224,7 @@ int YARACallback(int message, void* message_data, void* user_data) {
-     YR_STRING* string = nullptr;
-     yr_rule_strings_foreach(rule, string) {
-       YR_MATCH* match = nullptr;
--      yr_string_matches_foreach(string, match) {
-+      yr_string_matches_foreach(context, string, match) {
-         if ((*r)["strings"].length() > 0) {
-           (*r)["strings"] += "," + std::string(string->identifier);
-         } else {
-diff --git a/osquery/tables/yara/yara_utils.h b/osquery/tables/yara/yara_utils.h
-index dd860041..bf984240 100644
---- a/osquery/tables/yara/yara_utils.h
-+++ b/osquery/tables/yara/yara_utils.h
-@@ -28,6 +28,7 @@ const std::string kYARAHome{OSQUERY_HOME "yara/"};
- void YARACompilerCallback(int error_level,
-                           const char* file_name,
-                           int line_number,
-+                          const YR_RULE* rule,
-                           const char* message,
-                           void* user_data);
- 
-@@ -42,7 +43,7 @@ Status handleRuleFiles(const std::string& category,
-  */
- bool yaraShouldSkipFile(const std::string& path, mode_t st_mode);
- 
--int YARACallback(int message, void* message_data, void* user_data);
-+int YARACallback(YR_SCAN_CONTEXT* context, int message, void* message_data, void* user_data);
- 
- /**
-  * @brief A simple ConfigParserPlugin for a "yara" dictionary key.



More information about the arch-commits mailing list