summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenjamin Smee <strerror@gentoo.org>2005-09-30 15:19:38 +0000
committerBenjamin Smee <strerror@gentoo.org>2005-09-30 15:19:38 +0000
commit5148051a190cebe7cafb395ec6b24af809ee2fa6 (patch)
treef831c6c355f73bc6fd1412dedf9f16b7d6e866f6 /app-forensics
parent* bump (diff)
downloadhistorical-5148051a190cebe7cafb395ec6b24af809ee2fa6.tar.gz
historical-5148051a190cebe7cafb395ec6b24af809ee2fa6.tar.bz2
historical-5148051a190cebe7cafb395ec6b24af809ee2fa6.zip
Added helper script and changed default config
Package-Manager: portage-2.0.51.22-r2
Diffstat (limited to 'app-forensics')
-rw-r--r--app-forensics/aide/ChangeLog8
-rw-r--r--app-forensics/aide/Manifest15
-rw-r--r--app-forensics/aide/aide-0.10_p20040917-r1.ebuild115
-rw-r--r--app-forensics/aide/files/aide.conf115
-rwxr-xr-xapp-forensics/aide/files/aide.cron175
-rwxr-xr-xapp-forensics/aide/files/aideinit145
-rw-r--r--app-forensics/aide/files/digest-aide-0.10_p20040917-r11
7 files changed, 568 insertions, 6 deletions
diff --git a/app-forensics/aide/ChangeLog b/app-forensics/aide/ChangeLog
index b7c4ad4cd9fe..1027a863c828 100644
--- a/app-forensics/aide/ChangeLog
+++ b/app-forensics/aide/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for app-forensics/aide
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/ChangeLog,v 1.13 2005/04/21 18:46:53 blubb Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/ChangeLog,v 1.14 2005/09/30 15:19:38 strerror Exp $
+
+*aide-0.10_p20040917-r1 (30 Sep 2005)
+
+ 30 Sep 2005; Benjamin Smee <strerror@gentoo.org> +files/aide.conf,
+ +files/aide.cron, +files/aideinit, +aide-0.10_p20040917-r1.ebuild:
+ Added helper script and changed default config
21 Apr 2005; Simon Stelling <blubb@gentoo.org> aide-0.10_p20040917.ebuild:
stable on amd64
diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest
index 3b8b8338dba5..fa86ae6be098 100644
--- a/app-forensics/aide/Manifest
+++ b/app-forensics/aide/Manifest
@@ -1,11 +1,16 @@
-MD5 349dd99c3d866d14dae100dac9c04ff6 ChangeLog 4515
+MD5 4a0822e3949514e3f02289044fcb65f8 aide-0.9.ebuild 1390
MD5 91b1915d9d4ebc8ceb302db89bd31b77 aide-0.10.ebuild 1418
+MD5 7281a76e068801286ae965927b25c83b aide-0.10_p20040917-r1.ebuild 3081
MD5 f963571827dc97f1cbb03143bfcdbbca aide-0.10_p20040917.ebuild 2595
-MD5 4a0822e3949514e3f02289044fcb65f8 aide-0.9.ebuild 1390
+MD5 2e9a0c3e2235efa3a5e6f3cd43f3fc9e ChangeLog 4745
MD5 20ee07270b7eadc3659cd96a982e460f metadata.xml 230
MD5 4f38a077259ca3be62ae6a55c82d5302 files/aide-0.10-gentoo.diff 2760
-MD5 71915b04e537c8182a7cb3c7f560e04e files/aide-0.10_p20040917-fix-psql.diff 4726
-MD5 f07734c5b540f7a251d3d8139ef0f75f files/aide-0.9-gentoo.diff 2319
-MD5 8c599ad3440b5d4a3244875ff0655225 files/digest-aide-0.10 61
+MD5 9fd564a250e289afba0bf43ef639eae3 files/aideinit 2948
MD5 ff4b62bd8854921c76dd8a59552f3382 files/digest-aide-0.10_p20040917 71
MD5 b26d49d6bcafd39178a0da345cb2985d files/digest-aide-0.9 60
+MD5 ff4b62bd8854921c76dd8a59552f3382 files/digest-aide-0.10_p20040917-r1 71
+MD5 f07734c5b540f7a251d3d8139ef0f75f files/aide-0.9-gentoo.diff 2319
+MD5 8c599ad3440b5d4a3244875ff0655225 files/digest-aide-0.10 61
+MD5 71915b04e537c8182a7cb3c7f560e04e files/aide-0.10_p20040917-fix-psql.diff 4726
+MD5 85ae869c8edee90f3cceb6bf309c6c60 files/aide.conf 2713
+MD5 677202a99eef995fb515577bc4614aa8 files/aide.cron 5775
diff --git a/app-forensics/aide/aide-0.10_p20040917-r1.ebuild b/app-forensics/aide/aide-0.10_p20040917-r1.ebuild
new file mode 100644
index 000000000000..45c115b55b46
--- /dev/null
+++ b/app-forensics/aide/aide-0.10_p20040917-r1.ebuild
@@ -0,0 +1,115 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/aide/aide-0.10_p20040917-r1.ebuild,v 1.1 2005/09/30 15:19:38 strerror Exp $
+
+inherit eutils
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire"
+HOMEPAGE="http://aide.sourceforge.net/"
+SRC_URI="mirror://gentoo/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~x86 ~ppc ~sparc ~alpha ~amd64"
+IUSE="nls postgres zlib crypt"
+
+DEPEND="app-arch/gzip
+ sys-devel/bison
+ sys-devel/flex
+ app-crypt/mhash
+ crypt? ( dev-libs/libgcrypt )
+ postgres? ( dev-db/postgresql )
+ zlib? ( sys-libs/zlib )"
+RDEPEND="nls? ( sys-devel/gettext )"
+
+MY_PF=${PF%%_*}
+S=${WORKDIR}/${PN}
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+
+ use postgres && epatch ${FILESDIR}/${PF}-fix-psql.diff
+ epatch ${FILESDIR}/${MY_PF}-gentoo.diff
+
+ export WANT_AUTOCONF='2.5'
+ export WANT_AUTOMAKE='1.7'
+ sh autogen.sh || die "autogen.sh failed"
+}
+
+src_compile() {
+ # passing --without-psql or --with-psql causes postgres to be enabled ...
+ # it's a broken configure.in file ... so lets just work around it
+ local myconf=""
+ use postgres && myconf="$myconf --with-psql"
+ use crypt && myconf="$myconf --with-gcrypt"
+
+ econf \
+ `use_with zlib` \
+ `use_with nls locale` \
+ --with-mhash \
+ --sysconfdir=/etc/aide \
+ --with-extra-lib=/usr/lib \
+ ${myconf} \
+ || die
+ emake || die
+}
+
+src_test() {
+ # aide abort()'s inside the sandbox for some reason
+ if ! has sandbox ${FEATURES};
+ then
+ src/aide --init -c doc/aide.conf -V20 \
+ || die "failed to initialise database"
+ mv aide.db.new doc/aide.db
+ make check || die "failed self test"
+ fi
+}
+
+src_install() {
+ make DESTDIR="${D}" install || die
+ use nls || rm -rf ${D}/usr/lib/locale
+
+ keepdir /var/lib/aide
+ keepdir /var/log/aide
+
+ insinto /etc/aide
+ doins ${FILESDIR}/aide.conf
+
+ exeinto /usr/sbin
+ newexe ${FILESDIR}/aideinit aideinit
+
+ exeinto /etc/cron.daily
+ newexe ${FILESDIR}/aide.cron aide.cron
+
+ dodoc ChangeLog AUTHORS NEWS README
+ dohtml doc/manual.html
+}
+
+pkg_postinst() {
+ chown root:root /var/lib/aide
+ chmod 0755 /var/lib/aide
+
+ echo
+ einfo "A sample configuration file has been installed as"
+ einfo "/etc/aide/aide.conf. Please edit to meet your needs."
+ einfo "Read the aide.conf(5) manual page for more information."
+ einfo "A cron file has been installed in /etc/cron.daily/aide.cron"
+ einfo "A helper script, aideinit, has been installed and can"
+ einfo "be used to make AIDE management easier. Please run"
+ einfo "aideinit --help for more information"
+ echo
+
+ if use postgres; then
+ einfo "Due to a bad assumption by aide, you must issue the following"
+ einfo "command after the database initialization (aide --init ...):"
+ einfo
+ einfo 'psql -c "update pg_index set indisunique=false from pg_class \\ '
+ einfo " where pg_class.relname='TABLE_pkey' and \ "
+ einfo ' pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER'
+ einfo
+ einfo "where TABLE, HOSTNAME, PORT, DBASE, and USER are the same as"
+ einfo "your aide.conf."
+ echo
+ fi
+}
diff --git a/app-forensics/aide/files/aide.conf b/app-forensics/aide/files/aide.conf
new file mode 100644
index 000000000000..cef1813db9f8
--- /dev/null
+++ b/app-forensics/aide/files/aide.conf
@@ -0,0 +1,115 @@
+# AIDE conf
+
+database=file:/var/lib/aide/aide.db
+database_out=file:/var/lib/aide/aide.db.new
+
+# Change this to "no" or remove it to not gzip output
+# (only useful on systems with few CPU cycles to spare)
+gzip_dbout=yes
+
+# Here are all the things we can check - these are the default rules
+#
+#p: permissions
+#i: inode
+#n: number of links
+#u: user
+#g: group
+#s: size
+#b: block count
+#m: mtime
+#a: atime
+#c: ctime
+#S: check for growing size
+#md5: md5 checksum
+#sha1: sha1 checksum
+#rmd160: rmd160 checksum
+#tiger: tiger checksum
+#R: p+i+n+u+g+s+m+c+md5
+#L: p+i+n+u+g
+#E: Empty group
+#>: Growing logfile p+u+g+i+n+S
+#haval: haval checksum
+#gost: gost checksum
+#crc32: crc32 checksum
+
+# Defines formerly set here have been moved to /etc/default/aide.
+
+# Custom rules
+Binlib = p+i+n+u+g+s+b+m+c+md5+sha1
+ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha1
+Logs = p+i+n+u+g+S
+Devices = p+i+n+u+g+s+b+c+md5+sha1
+Databases = p+n+u+g
+StaticDir = p+i+n+u+g
+ManPages = p+i+n+u+g+s+b+m+c+md5+sha1
+
+# Next decide what directories/files you want in the database
+
+# Kernel, system map, etc.
+=/boot$ Binlib
+# Binaries
+/bin Binlib
+/sbin Binlib
+/usr/bin Binlib
+/usr/sbin Binlib
+/usr/local/bin Binlib
+/usr/local/sbin Binlib
+#/usr/games Binlib
+# Libraries
+/lib Binlib
+/usr/lib Binlib
+/usr/local/lib Binlib
+# Log files
+=/var/log$ StaticDir
+#!/var/log/ksymoops
+/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
+/var/log/aide/error.log(.[0-9])?(.gz)? Databases
+#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
+!/var/log/aide
+/var/log Logs
+# Devices
+!/dev/pts
+# If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr,
+# you may uncomment this to get rid of them. They're harmless but sometimes
+# annoying.
+#!/dev/cpu/mtrr
+#!/dev/xconsole
+/dev Devices
+# Other miscellaneous files
+/var/run$ StaticDir
+!/var/run
+# Test only the directory when dealing with /proc
+/proc$ StaticDir
+!/proc
+
+# You can look through these examples to get further ideas
+
+# MD5 sum files - especially useful with debsums -g
+#/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1
+
+# Check crontabs
+#/var/spool/anacron/cron.daily Databases
+#/var/spool/anacron/cron.monthly Databases
+#/var/spool/anacron/cron.weekly Databases
+#/var/spool/cron Databases
+#/var/spool/cron/crontabs Databases
+
+# manpages can be trojaned, especially depending on *roff implementation
+#/usr/man ManPages
+#/usr/share/man ManPages
+#/usr/local/man ManPages
+
+# docs
+#/usr/doc ManPages
+#/usr/share/doc ManPages
+
+# check users' home directories
+#/home Binlib
+
+# check sources for modifications
+#/usr/src L
+#/usr/local/src L
+
+# Check headers for same
+#/usr/include L
+#/usr/local/include L
diff --git a/app-forensics/aide/files/aide.cron b/app-forensics/aide/files/aide.cron
new file mode 100755
index 000000000000..34a24dd25a17
--- /dev/null
+++ b/app-forensics/aide/files/aide.cron
@@ -0,0 +1,175 @@
+#!/bin/bash
+# Modified: Benjamin Smee
+# Date: Fri Sep 10 11:35:41 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Set this to suppress mailings when there's nothing to report
+QUIETREPORTS=1
+
+# This parameter defines which aide command to run from the cron script.
+# Sensible values are "update" and "check".
+# Default is "check", ensuring backwards compatibility.
+# Since "update" does not take any longer, it is recommended to use "update",
+# so that a new database is created every day. The new database needs to be
+# manually copied over the current one, though.
+COMMAND=update
+
+# This parameter defines how many lines to return per e-mail. Output longer
+# than this value will be truncated in the e-mail sent out.
+LINES=1000
+
+# This parameter gives a grep regular expression. If given, all output lines
+# that _don't_ match the regexp are listed first in the script's output. This
+# allows to easily remove noise from the aide report.
+NOISE="(/var/cache/|/var/lib/|/var/tmp)"
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+LOGDIR="/var/log/aide"
+LOGFILE="aide.log"
+CONFFILE="/etc/aide/aide.conf"
+ERRORLOG="aide_error.log"
+ERRORTMP=`tempfile --directory "/tmp" --prefix "$ERRORLOG"`
+
+[ -f /usr/bin/aide ] || exit 0
+
+DATABASE=`grep "^database=file:/" $CONFFILE | head -n 1 | cut --delimiter=: --fields=2`
+FQDN=`hostname -f`
+DATE=`date +"at %Y-%m-%d %H:%M"`
+
+# default values
+
+DATABASE="${DATABASE:-/var/lib/aide/aide.db}"
+
+AIDEARGS="-V4"
+
+if [ ! -f $DATABASE ]; then
+ (
+ echo "Fatal error: The AIDE database does not exist!"
+ echo "This may mean you haven't created it, or it may mean that someone has removed it."
+ ) | /bin/mail -s "Daily AIDE report for $FQDN" $MAILTO
+ exit 0
+fi
+
+# Removed so no deps on debianutils - strerror
+#[ -f "$LOGDIR/$LOGFILE" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$LOGFILE" > /dev/null
+#[ -f "$LOGDIR/$ERRORLOG" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$ERRORLOG" > /dev/null
+
+aide $AIDEARGS --$COMMAND >"$LOGDIR/$LOGFILE" 2>"$ERRORTMP"
+RETVAL=$?
+
+if [ -n "$QUIETREPORTS" ] && [ $QUIETREPORTS -a \! -s $LOGDIR/$LOGFILE -a \! -s $ERRORTMP ]; then
+ # Bail now because there was no output and QUIETREPORTS is set
+ exit 0
+fi
+
+(cat << EOF;
+This is an automated report generated by the Advanced Intrusion Detection
+Environment on $FQDN ${DATE}.
+
+EOF
+
+# include error log in daily report e-mail
+
+if [ "$RETVAL" != "0" ]; then
+ cat > "$LOGDIR/$ERRORLOG" << EOF;
+
+*****************************************************************************
+* aide returned a non-zero exit value *
+*****************************************************************************
+
+EOF
+ echo "exit value is: $RETVAL" >> "$LOGDIR/$ERRORLOG"
+else
+ touch "$LOGDIR/$ERRORLOG"
+fi
+< "$ERRORTMP" cat >> "$LOGDIR/$ERRORLOG"
+rm -f "$ERRORTMP"
+
+if [ -s "$LOGDIR/$ERRORLOG" ]; then
+ errorlines=`wc -l "$LOGDIR/$ERRORLOG" | awk '{ print $1 }'`
+ if [ ${errorlines:=0} -gt $LINES ]; then
+ cat << EOF;
+
+****************************************************************************
+* aide has returned many errors. *
+* the error log output has been truncated in this mail *
+****************************************************************************
+
+EOF
+ echo "Error output is $errorlines lines, truncated to $LINES."
+ head -$LINES "$LOGDIR/$ERRORLOG"
+ echo "The full output can be found in $LOGDIR/$ERRORLOG."
+ else
+ echo "Errors produced ($errorlines lines):"
+ cat "$LOGDIR/$ERRORLOG"
+ fi
+else
+ echo "AIDE produced no errors."
+fi
+
+# include de-noised log
+
+if [ -n "$NOISE" ]; then
+ NOISETMP=`tempfile --directory "/tmp" --prefix "aidenoise"`
+ NOISETMP2=`tempfile --directory "/tmp" --prefix "aidenoise"`
+ sed -n '1,/^Detailed information about changes:/p' "$LOGDIR/$LOGFILE" | \
+ grep '^\(changed\|removed\|added\):' | \
+ grep -v "^added: THERE WERE ALSO [0-9]\+ FILES ADDED UNDER THIS DIRECTORY" > $NOISETMP2
+
+ if [ -n "$NOISE" ]; then
+ < $NOISETMP2 grep -v "^\(changed\|removed\|added\):$NOISE" > $NOISETMP
+ rm -f $NOISETMP2
+ echo "De-Noised output removes everything matching $NOISE."
+ else
+ mv $NOISETMP2 $NOISETMP
+ echo "No noise expression was given."
+ fi
+
+ if [ -s "$NOISETMP" ]; then
+ loglines=`< $NOISETMP wc -l | awk '{ print $1 }'`
+ if [ ${loglines:=0} -gt $LINES ]; then
+ cat << EOF;
+
+****************************************************************************
+* aide has returned long output which has been truncated in this mail *
+****************************************************************************
+
+EOF
+ echo "De-Noised output is $loglines lines, truncated to $LINES."
+ < $NOISETMP head -$LINES
+ echo "The full output can be found in $LOGDIR/$LOGFILE."
+ else
+ echo "De-Noised output of the daily AIDE run ($loglines lines):"
+ cat $NOISETMP
+ fi
+ else
+ echo "AIDE detected no changes after removing noise."
+ fi
+ rm -f $NOISETMP
+ echo "============================================================================"
+fi
+
+# include non-de-noised log
+
+if [ -s "$LOGDIR/$LOGFILE" ]; then
+ loglines=`wc -l "$LOGDIR/$LOGFILE" | awk '{ print $1 }'`
+ if [ ${loglines:=0} -gt $LINES ]; then
+ cat << EOF;
+
+****************************************************************************
+* aide has returned long output which has been truncated in this mail *
+****************************************************************************
+
+EOF
+ echo "Output is $loglines lines, truncated to $LINES."
+ head -$LINES "$LOGDIR/$LOGFILE"
+ echo "The full output can be found in $LOGDIR/$LOGFILE."
+ else
+ echo "Output of the daily AIDE run ($loglines lines):"
+ cat "$LOGDIR/$LOGFILE"
+ fi
+else
+ echo "AIDE detected no changes."
+fi
+) | /bin/mail -s "Daily AIDE report for $FQDN" $MAILTO
diff --git a/app-forensics/aide/files/aideinit b/app-forensics/aide/files/aideinit
new file mode 100755
index 000000000000..e0e933ce4b09
--- /dev/null
+++ b/app-forensics/aide/files/aideinit
@@ -0,0 +1,145 @@
+#!/bin/sh
+# Copyright 2003 Mike Markley <mike@markley.org>
+# This script is free for any purpose whatseoever so long as the above
+# copyright notice remains in place.
+#
+# Modified for Gentoo: Benjamin Smee
+# Date: Fri Sep 10 11:36:04 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Defaults
+#MAILTO="${MAILTO:-root}"
+
+# Options
+opt_f=0
+opt_y=0
+opt_c=0
+opt_b=0
+config="/etc/aide/aide.conf"
+
+aideinit_usage() {
+ echo "Usage: $0 [options] -- [aide options]"
+ echo " -y|--yes Overwrite output file"
+ echo " -f|--force Force overwrite of database"
+ echo " -c|--config Specify alternate config file"
+ echo " -o|--output Specify alternate output file"
+ echo " -d|--database Specify alternate database file"
+ echo " -b|--background Run in the background"
+}
+
+while [ -n "$1" ]; do
+ case "$1" in
+ -h|--help)
+ aideinit_usage
+ exit 0
+ ;;
+ -f|--force)
+ opt_f=1
+ shift
+ ;;
+ -y|--yes)
+ opt_y=1
+ shift
+ ;;
+ -b|--background)
+ opt_b=1
+ shift
+ ;;
+ -o|--output)
+ shift
+ [ -z "$1" ] && aideinit_usage && exit 1
+ outfile=$1
+ shift
+ ;;
+ -d|--database)
+ shift
+ [ -z "$1" ] && aideinit_usage && exit 1
+ dbfile=$1
+ shift
+ ;;
+ -c|--config)
+ opt_c=1
+ shift
+ [ -z "$1" ] && aideinit_usage && exit 1
+ config=$1
+ shift
+ ;;
+ --)
+ shift
+ break 2
+ ;;
+ *)
+ echo "Unknown option $1 (use -- to delimit aideinit and aide options)"
+ exit
+ ;;
+ esac
+done
+
+if [ ! -f "$config" ]; then
+ echo "$0: $config: file not found"
+ exit 1
+fi
+
+if [ -z "$outfile" ]; then
+ outfile=`egrep "database_out=file:" $config | cut -d: -f2`
+ [ -z "$outfile" ] && outfile="/var/lib/aide/aide.db.new"
+fi
+if [ -z "$dbfile" ]; then
+ dbfile=`egrep "database=file:" $config | cut -d: -f2`
+ [ -z "$dbfile" ] && dbfile="/var/lib/aide/aide.db"
+fi
+
+if [ -f $outfile ]; then
+ if [ $opt_y -eq 0 ]; then
+ echo -n "Overwrite existing $outfile [Yn]? "
+ read yn
+ case "$yn" in
+ [Nn]*)
+ exit 0
+ ;;
+ esac
+ fi
+fi
+
+extraflags=""
+
+if [ $opt_c -eq 1 ]; then
+ extraflags="$extraflags --config $config"
+fi
+
+if [ $opt_b -eq 1 ]; then
+ (aide --init $extraflags $@ >/var/log/aide/aideinit.log 2>/var/log/aide/aideinit.errors
+ if [ -f "$dbfile" -a $opt_f -eq 0 ]; then
+ echo "$dbfile exists and -f was not specified" >> /var/log/aide/aideinit.errors
+ fi
+ lines=`wc -l /var/log/aideinit.errors | awk '{ print $1 }'`
+ if [ "$lines" -gt 0 ]; then
+ (echo "AIDE init errors:"; cat /var/log/aide/aideinit.errors) | /usr/bin/mail -s "AIDE initialization problem" $MAILTO
+ else
+ cp -f $outfile $dbfile
+ fi) &
+ exit 0
+fi
+
+echo "Running aide --init..."
+aide --init $extraflags $@
+
+return=$?
+if [ $return -ne 0 ]; then
+ echo "Something didn't quite go right; see $outfile for details" >&2
+ exit $return
+fi
+
+if [ -f "$dbfile" -a $opt_f -eq 0 ]; then
+ echo -n "Overwrite $dbfile [yN]? "
+ read yn
+ case "$yn" in
+ [yY]*)
+ cp -f $outfile $dbfile
+ ;;
+ esac
+else
+ cp -f $outfile $dbfile
+fi
diff --git a/app-forensics/aide/files/digest-aide-0.10_p20040917-r1 b/app-forensics/aide/files/digest-aide-0.10_p20040917-r1
new file mode 100644
index 000000000000..51418f8e2afb
--- /dev/null
+++ b/app-forensics/aide/files/digest-aide-0.10_p20040917-r1
@@ -0,0 +1 @@
+MD5 bfea36bd2a4254e212dcc19df54667fb aide-0.10_p20040917.tar.gz 201023