From 56bd759df1d0c750a065b8c845e93d5dfa6b549d Mon Sep 17 00:00:00 2001 From: "Robin H. Johnson" Date: Sat, 8 Aug 2015 13:49:04 -0700 Subject: proj/gentoo: Initial commit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson X-Thanks: Alec Warner - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring - wrote much python to improve cvs2svn X-Thanks: Rich Freeman - validation scripts X-Thanks: Patrick Lauer - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed --- app-admin/tripwire/Manifest | 1 + app-admin/tripwire/files/tripwire | 10 + .../tripwire/files/tripwire-2.4.2.2-buildnum.patch | 7 + .../tripwire-2.4.2.2-exception-shadowing.patch | 13 + .../files/tripwire-2.4.2.2-fix-configure.patch | 12 + .../tripwire/files/tripwire-2.4.2.2-gcc-4.7.patch | 25 ++ .../tripwire/files/tripwire-twpol-GENERIC.patch | 25 ++ app-admin/tripwire/files/tripwire.txt | 272 +++++++++++++++++++++ app-admin/tripwire/files/twcfg.txt | 15 ++ app-admin/tripwire/metadata.xml | 34 +++ app-admin/tripwire/tripwire-2.4.2.2-r3.ebuild | 82 +++++++ 11 files changed, 496 insertions(+) create mode 100644 app-admin/tripwire/Manifest create mode 100644 app-admin/tripwire/files/tripwire create mode 100644 app-admin/tripwire/files/tripwire-2.4.2.2-buildnum.patch create mode 100644 app-admin/tripwire/files/tripwire-2.4.2.2-exception-shadowing.patch create mode 100644 app-admin/tripwire/files/tripwire-2.4.2.2-fix-configure.patch create mode 100644 app-admin/tripwire/files/tripwire-2.4.2.2-gcc-4.7.patch create mode 100644 app-admin/tripwire/files/tripwire-twpol-GENERIC.patch create mode 100644 app-admin/tripwire/files/tripwire.txt create mode 100644 app-admin/tripwire/files/twcfg.txt create mode 100644 app-admin/tripwire/metadata.xml create mode 100644 app-admin/tripwire/tripwire-2.4.2.2-r3.ebuild (limited to 'app-admin/tripwire') diff --git a/app-admin/tripwire/Manifest b/app-admin/tripwire/Manifest new file mode 100644 index 000000000000..33124b9a182e --- /dev/null +++ b/app-admin/tripwire/Manifest @@ -0,0 +1 @@ +DIST tripwire-2.4.2.2-src.tar.bz2 716616 SHA256 e09a7bdca9302e704cc62067399e0b584488f825b0e58c82ad6d54cd2e899fad SHA512 be39757aac7b74d4deac6c5048d0964d839a32f8f2a0d1878c4246888c4d59e35a503413595178c7af3a0da80725d0b36c21026dc734e1f760c9affda017bbbb WHIRLPOOL beb99e1ae055947a4b94a45f51492bcc453def5a41188f853ff3285a85ef8e2921274b86b095b77dbcdc8f549358f6216996a75ba391247e17bf7a29c78849c5 diff --git a/app-admin/tripwire/files/tripwire b/app-admin/tripwire/files/tripwire new file mode 100644 index 000000000000..8f0f23f3e2d5 --- /dev/null +++ b/app-admin/tripwire/files/tripwire @@ -0,0 +1,10 @@ +#!/bin/sh +HOST_NAME=`uname -n` +if [ ! -e /var/lib/tripwire/${HOST_NAME}.twd ] ; then + echo "**** Error: Tripwire database for ${HOST_NAME} not found. ****" + echo "**** Check tripwire.txt file for instructions or install ****" + echo "**** app-admin/mktwpol package (if you used the \"tools\" ****" + echo "**** USE flag, this has been done for you already. ****" +else + test -f /etc/tripwire/tw.cfg && /usr/sbin/tripwire --check --quiet +fi diff --git a/app-admin/tripwire/files/tripwire-2.4.2.2-buildnum.patch b/app-admin/tripwire/files/tripwire-2.4.2.2-buildnum.patch new file mode 100644 index 000000000000..becb0205e0de --- /dev/null +++ b/app-admin/tripwire/files/tripwire-2.4.2.2-buildnum.patch @@ -0,0 +1,7 @@ +diff -Nur a/src/buildnum.h b/src/buildnum.h +--- a/src/buildnum.h 2011-11-21 17:06:56.000000000 +0100 ++++ b/src/buildnum.h 2012-03-28 11:33:11.689974085 +0200 +@@ -1,2 +1,2 @@ +-#define BUILD_NUM _T("2") ++#define BUILD_NUM _T("0") + diff --git a/app-admin/tripwire/files/tripwire-2.4.2.2-exception-shadowing.patch b/app-admin/tripwire/files/tripwire-2.4.2.2-exception-shadowing.patch new file mode 100644 index 000000000000..1347590ef462 --- /dev/null +++ b/app-admin/tripwire/files/tripwire-2.4.2.2-exception-shadowing.patch @@ -0,0 +1,13 @@ +--- a/src/core/archive.cpp ++++ b/src/core/archive.cpp +@@ -886,8 +886,8 @@ void cLockedTemporaryFileArchive::OpenReadWrite( const TCHAR* filename, uint32 o + catch( eFSServices& e) + { + TSTRING errStr = TSS_GetString( cCore, core::STR_BAD_TEMPDIRECTORY ); +- eArchiveOpen e(strTempFile, errStr); +- throw e; ++ eArchiveOpen ex(strTempFile, errStr); ++ throw ex; + } + } + /////////////////////////////////////////////////////////////////////////////// diff --git a/app-admin/tripwire/files/tripwire-2.4.2.2-fix-configure.patch b/app-admin/tripwire/files/tripwire-2.4.2.2-fix-configure.patch new file mode 100644 index 000000000000..b72aaef681af --- /dev/null +++ b/app-admin/tripwire/files/tripwire-2.4.2.2-fix-configure.patch @@ -0,0 +1,12 @@ +diff -Nur a/configure.in b/configure.in +--- a/configure.in 2011-11-21 17:06:56.000000000 +0100 ++++ b/configure.in 2013-05-01 13:48:30.599978971 +0200 +@@ -6,7 +6,7 @@ + AC_CONFIG_SRCDIR([src/tw/tw.cpp]) + AC_CANONICAL_TARGET([]) + AM_INIT_AUTOMAKE(tripwire, 2.4.2.2) +-AM_CONFIG_HEADER(config.h) ++AC_CONFIG_HEADERS(config.h) + + dnl ################################# + dnl Cleanup Cruft Leftover From Patch diff --git a/app-admin/tripwire/files/tripwire-2.4.2.2-gcc-4.7.patch b/app-admin/tripwire/files/tripwire-2.4.2.2-gcc-4.7.patch new file mode 100644 index 000000000000..e8d35fb2ae39 --- /dev/null +++ b/app-admin/tripwire/files/tripwire-2.4.2.2-gcc-4.7.patch @@ -0,0 +1,25 @@ +diff -Nur a/src/cryptlib/algebra.h b/src/cryptlib/algebra.h +--- a/src/cryptlib/algebra.h 2011-11-21 16:06:56.000000000 +0000 ++++ b/src/cryptlib/algebra.h 2012-06-19 14:13:13.930019454 +0000 +@@ -273,7 +273,7 @@ + Element g[3]={b, a}; + unsigned int i0=0, i1=1, i2=2; + +- while (!Equal(g[i1], this->Zero())) ++ while (!this->Equal(g[i1], this->Zero())) + { + g[i2] = Mod(g[i0], g[i1]); + unsigned int t = i0; i0 = i1; i1 = i2; i2 = t; +diff -Nur a/src/twadmin/twadmincl.cpp b/src/twadmin/twadmincl.cpp +--- a/src/twadmin/twadmincl.cpp 2011-11-21 16:06:56.000000000 +0000 ++++ b/src/twadmin/twadmincl.cpp 2012-06-19 14:13:40.270019532 +0000 +@@ -33,6 +33,9 @@ + // twadmincl.cpp -- command line parsing for twadmin + // + ++ ++#include ++ + #include "stdtwadmin.h" + + #include "twadmincl.h" diff --git a/app-admin/tripwire/files/tripwire-twpol-GENERIC.patch b/app-admin/tripwire/files/tripwire-twpol-GENERIC.patch new file mode 100644 index 000000000000..12b2419c5e71 --- /dev/null +++ b/app-admin/tripwire/files/tripwire-twpol-GENERIC.patch @@ -0,0 +1,25 @@ +--- a/policy/twpol-GENERIC.txt 2011-11-21 11:06:56.000000000 -0500 ++++ b/policy/twpol-GENERIC.txt 2013-09-11 08:13:34.000000000 -0400 +@@ -55,14 +55,14 @@ + ############################################################################## + + @@section GLOBAL +-TWROOT=; +-TWBIN=; +-TWPOL=; +-TWDB=; +-TWSKEY=; +-TWLKEY=; +-TWREPORT=; +-HOSTNAME=; ++#TWROOT=; ++TWBIN=/usr/sbin; ++TWPOL=/etc/tripwire; ++TWDB=/var/lib/tripwire/YOUR_HOSTNAME.twd; ++TWSKEY=/etc/tripwire; ++TWLKEY=/etc/tripwire; ++TWREPORT=/var/lib/tripwire/report; ++#HOSTNAME=; + + @@section FS + SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change diff --git a/app-admin/tripwire/files/tripwire.txt b/app-admin/tripwire/files/tripwire.txt new file mode 100644 index 000000000000..4f47f8bd8196 --- /dev/null +++ b/app-admin/tripwire/files/tripwire.txt @@ -0,0 +1,272 @@ +tripwire.txt v. 11 Sept 2013 + +Introduction to Tripwire, with Gentoo-specific installation information + +Tripwire software can monitor the integrity of critical system files and +directories by identifying specified changes made to selected system +files and directories. Configure Tripwire software to monitor your +system in the way that is best for you. + +Tripwire software works by comparing files and directories against a +defined baseline, stored in a tripwire-created database. Tripwire +generates the baseline by taking a "snapshot" of specified files and +directories. Tripwire software then compares the current system against +the baseline and reports modifications, additions, or deletions. Use +Tripwire software for system security, intrusion detection, damage +assessment, and recovery forensics. + + +To set-up Tripwire Configuration + +The Tripwire tarball installs the basic program files needed to run the +software. However, this installation does not prepare the configuration +files that Tripwire needs to perform correctly. After you install the +tripwire executable files and example configuration, you must: + +1. Review and perhaps edit the plain-text tripwire configuration file + (/etc/tripwire/twcfg.txt) with a text editor, if desired. + +2. Either run a configuration script (twsetup.sh from Gentoo's mktwpol + package, or tripwire-setup-keyfiles from Red Hat, or deprecated + twinstall.sh, also from Red Hat), or run the program `twadmin` with + the correct command line switches to make key files and encrypt/sign + the tripwire configuration file. + + Make site key file + ------------------ + `twadmin --generate-keys -S /etc/tripwire/site.key` + + Make local key file + ------------------- + `twadmin --generate-keys -L /etc/tripwire/$HOSTNAME-local.key` + + Make mandatory signed tripwire configuration file (tw.cfg) + ---------------------------------------------------------- + `twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt` + +Note: Once encrypted/signed, the configuration file, tw.cfg, must not be +renamed or moved. The plain-text tripwire configuration file (twcfg.txt) +should be deleted. It can be recreated with `twadmin --print-cfgfile` + +3. Make a plain-text policy file. The use of the name twpol.txt is + common, but the name of this file is not defined or used by Tripwire, + other than preparation of the encrypted/signed policy file. + + To make the plain-text policy file, either run a policy file generator + (for example, mktwpol.sh from Gentoo's mktwpol package), or edit the + plain-text policy file (twpol-GENERIC.txt, or twpol.txt, or similar) + with a text editor. The plain-text policy file should not refer to + any non-existent file or directory. + + If you edit twpol-GENERIC.txt to act as your plain-text policy file, + provide your system's HOSTNAME at line 61. If you don't provide + the correct HOSTNAME, a tripwire inspection of the target computer's + filesystem will fail to check the tripwire database file for changes. + + TWDB=/var/lib/tripwire/YOUR_HOSTNAME.twd; + +4. Convert the plain-text policy file into the encrypted/signed form + that tripwire will refer to as it examines the files on the target + computer's filesystem. The default filename for the encrypted/signed + policy file is defined in the tripwire configuration file (tw.cfg) + and is usually tw.pol. The encryption/signing of plain-text twpol.txt + is done with yet another `twadmin` command line. + + Make mandatory encrypted/signed system inspection policy file + -------------------------------------------------------------- + `twadmin -m P -c /etc/tripwire/tw.cfg /etc/tripwire/twpol.txt` + +Note: If you modify the plain-text policy file after running the +configuration script, you must re-sign the plain-text policy file before +initializing the database file. Tripwire baseline database creation and +inspections refer to the encrypted/signed policy file, not to the +plain-text policy file. + +Note: The plain-text tripwire policy file (twpol.txt) should be deleted. +It can be recreated with `twadmin --print-polfile` + +5. Initialize the Tripwire database file. + + Record current file attributes in the tripwire database + ------------------------------------------------------- + `tripwire --init -c /etc/tripwire/tw.cfg` + +Note: Tripwire might issue some "Warning: File system error" errors, +and appear to hang. But as long as it follows with "### Continuing...", +it is still working. + +6. Run the first integrity check. + + `tripwire --check -c /etc/tripwire/tw.cfg` + +Note: The use of "-c /etc/tripwire/tw.cfg" is not required if Tripwire +uses the default tripwire configuration directory and file names. If +you defer to tripwire default filenames, then updating a text policy +file into a tripwire database, and running an integrity check, can be +done with these commands: + + `twadmin --create-polfile /etc/tripwire/twpol.txt` + `tripwire --init` + `tripwire --check` + +Modifying the Policy File + +How Tripwire software checks your system is specified in the Tripwire +plain-text policy file (twpol.txt). A default policy file is included in +the Tripwire software installation. This policy file should be tailored +to fit your particular system. Tailoring the policy file is necessary +to take advantage of Tripwire software's ability to monitor changes on +your system. + +The plain-text policy file is usually located at /etc/tripwire/twpol.txt. +An example policy file (located at /etc/tripwire/twpol-GENERIC.txt, or +at /usr/share/doc/tripwire-VER#-REL#/policyguide.txt) is included to +help you learn the policy language. Read the sample policy files and +the comments in the sample policy file to learn the policy language. + +After you modify the plain-text policy file, don't forget! + + encrypt/sign using `twadmin --create-polfile /etc/tripwire/twpol.txt` + + +Selecting Passphrases + +Tripwire files are encrypted/signed using site or local keys. These keys +are protected by passphrases. When selecting passphrases, the following +recommendations apply: + +Use at least eight alphanumeric and symbolic characters for each +passphrase. The maximum length of a passphrase is 1023 characters. +Quotes should not be used as passphrase characters. + +Assign a unique passphrase for the site key. The site key passphrase +protects the site key, which is used to sign Tripwire software +configuration and policy files. Assign a unique passphrase for the local +key. The local key signs the Tripwire baseline database file. The local +key may sign the Tripwire report files also. + +Store the passphrases in a secure location. There is no way to remove +encryption from a signed file if you forget your passphrase and lost the +key files. If you forget the passphrases, the files are unusable. In +that case you must create new key files and the baseline database. + + +Initializing the Database + +In Database Initialization mode, Tripwire software builds a database of +filesystem objects based on the rules in the policy file. This database +serves as the baseline for integrity checks. The syntax for Database +Initialization mode is: + + `tripwire --init -c /etc/tripwire/tw.cfg` + + +Running an Integrity Check + +The Integrity Check mode compares the current file system objects with +their properties recorded in the Tripwire database. Violations are +printed to stdout. The report file is saved and can later be accessed by +twprint. An email option enables you to send email. The syntax for +Integrity Check mode is: + + `tripwire --check -c /etc/tripwire/tw.cfg` + + +Printing Reports - twprint Print Report Mode + +The twprint --print-report mode prints the contents of a Tripwire +report. If you do not specify a report with the --twrfile or -r +command-line argument, the default report file specified by the +configuration file REPORTFILE variable is used. + +Example: On a machine named LIGHTHOUSE, the command could be: + + `twprint -m r --twrfile LIGHTHOUSE-19990622-021212.twr` + + +Updating the Database after an Integrity Check + +Database Update mode enables you to update the Tripwire database after +an integrity check if you determine that the violations discovered are +valid. This update process saves time by enabling you to update the +database without having to re-initialize it. It also enables selective +updating, which cannot be done through re-initialization. The syntax for +Database Update mode is: + + `tripwire --update` + + +Updating the Policy File + +Change the way that Tripwire software scans the system by changing the +rules in the policy file. You can then update the database without a +complete re-initialization. This saves a significant amount of time and +preserves security by keeping the policy file synchronized with the +database it uses. The syntax for Policy Update mode is: + + `tripwire --update-policy` + + +Testing email functions + +Test mode tests the software's email notification system, using the +settings currently specified in the configuration file. The syntax for +Email Test Reporting mode is: + + `tripwire --test` + + +Tripwire Components + +The policy file begins as a text file containing comments, rules, +directives, and variables. These dictate the way Tripwire software +checks your system. Each rule in the policy file specifies a system +object to be monitored. Rules also describe which changes to the object +to report, and which to ignore. + +System objects are the files and directories you wish to monitor. Each +object is identified by an object name. A property refers to a single +characteristic of an object that Tripwire software can monitor. +Directives control conditional processing of sets of rules in a policy +file. During installation, the text policy file is encrypted/signed and +renamed, and becomes the active policy file. + +The database file is an important component of Tripwire software. When +first installed, Tripwire software uses the policy file rules to create +the database file. The database file is a baseline "snapshot" of the +system in a known secure state. Tripwire software compares this baseline +against the current system to determine what changes have occurred. This +is an integrity check. + +When you perform an integrity check, Tripwire software produces report +files. Report files summarize any changes that violated the policy file +rules during the integrity check. You can view the report file in a +variety of formats, at varying levels of detail. + +The Tripwire configuration file stores system-specific information, such +as the location of Tripwire data files. Tripwire software generates some +of the configuration file information during installation. The system +administrator can change parameters in the configuration file at any +time. The configuration file variables POLFILE, DBFILE, REPORTFILE, +SITEKEYFILE, and LOCALKEYFILE specify where the policy file, database +file, report files, and site and local key files reside. These variables +must be defined or the configuration file is invalid. If any of these +variables are undefined, an error occurs on execution of Tripwire +software and the program exits. + + +Tripwire Help + +All Tripwire commands support the help arguments. + +Example: To get help with Create Configuration File mode, type: + + `twadmin --help --create-cfgfile` + + -? Display usage and version information + --help Display all command modes + --help all Display help for all command modes + --help [mode] Display help for current command mode + --version Display version information + +We recommend you read the Tripwire Release Notes and README file. diff --git a/app-admin/tripwire/files/twcfg.txt b/app-admin/tripwire/files/twcfg.txt new file mode 100644 index 000000000000..9cf39bcc01e4 --- /dev/null +++ b/app-admin/tripwire/files/twcfg.txt @@ -0,0 +1,15 @@ +ROOT =/usr/sbin +POLFILE =/etc/tripwire/tw.pol +DBFILE =/var/lib/tripwire/$(HOSTNAME).twd +REPORTFILE =/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr +SITEKEYFILE =/etc/tripwire/site.key +LOCALKEYFILE =/etc/tripwire/$(HOSTNAME)-local.key +EDITOR =/bin/nano +LATEPROMPTING =false +LOOSEDIRECTORYCHECKING =false +MAILNOVIOLATIONS =true +EMAILREPORTLEVEL =3 +REPORTLEVEL =3 +MAILMETHOD =SENDMAIL +SYSLOGREPORTING =false +MAILPROGRAM =/usr/lib/sendmail -oi -t diff --git a/app-admin/tripwire/metadata.xml b/app-admin/tripwire/metadata.xml new file mode 100644 index 000000000000..6e194bd6a1a8 --- /dev/null +++ b/app-admin/tripwire/metadata.xml @@ -0,0 +1,34 @@ + + + + + nimiux@gentoo.org + Chema Alonso + + + Tripwire is a tool that aids system administrators and users in + monitoring a designated set of files for any changes. Used with system + files on a regular (e.g., daily) basis, Tripwire can notify system + administrators of corrupted or tampered files, so damage control + measures can be taken in a timely manner. + + + Tripwire es una herramienta que ayuda a los administradores y + usuarios en la monitorización de los cambios en un conjunto de + ficheros. Se utiliza particularmente en los ficheros de sistema + de un modo regular (por ejemplo diariamente). Tripwire puede + notificar a los administradores de sistema sobre ficheros que + se han corrompido o han sido modificados maliciosamente, por lo + que se pueden adoptar medidas de control de forma periódica. + + + Installs app-admin/mktwpol, providing scripts + for the installation/setup of tripwire, including generating the + tripwire policy file and maintenance of the tripwire database + Adds support for Secure Socket Layer connections + Builds the package statically + + + tripwire + + diff --git a/app-admin/tripwire/tripwire-2.4.2.2-r3.ebuild b/app-admin/tripwire/tripwire-2.4.2.2-r3.ebuild new file mode 100644 index 000000000000..812de522276f --- /dev/null +++ b/app-admin/tripwire/tripwire-2.4.2.2-r3.ebuild @@ -0,0 +1,82 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils flag-o-matic + +DESCRIPTION="Open Source File Integrity Checker and IDS" +HOMEPAGE="http://www.tripwire.org/" +SRC_URI="mirror://sourceforge/tripwire/tripwire-${PV}-src.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc x86 ~x86-fbsd" +IUSE="ssl static +tools" + +DEPEND="sys-devel/automake + sys-devel/autoconf + ssl? ( dev-libs/openssl )" +RDEPEND="virtual/cron + virtual/mta + ssl? ( dev-libs/openssl )" +PDEPEND="tools? ( app-admin/mktwpol )" + +S="${WORKDIR}"/tripwire-"${PV}"-src + +src_prepare() { + epatch "${FILESDIR}"/"${P}"-fix-configure.patch + epatch "${FILESDIR}"/"${P}"-buildnum.patch + epatch "${FILESDIR}"/"${P}"-gcc-4.7.patch + epatch "${FILESDIR}"/"${PN}"-twpol-GENERIC.patch + epatch "${FILESDIR}"/"${P}"-exception-shadowing.patch + + mv configure.in configure.ac || die + eautoreconf +} + +src_configure() { + # tripwire can be sensitive to compiler optimisation. + # see #32613, #45823, and others. + # -taviso@gentoo.org + strip-flags + append-cppflags -DCONFIG_DIR='"\"/etc/tripwire\""' -fno-strict-aliasing + econf $(use_enable ssl openssl) $(use_enable static) +} + +src_install() { + dosbin "${S}"/bin/{siggen,tripwire,twadmin,twprint} + doman "${S}"/man/man{4/*.4,5/*.5,8/*.8} + dodir /etc/tripwire /var/lib/tripwire{,/report} + keepdir /var/lib/tripwire{,/report} + + exeinto /etc/cron.daily + doexe "${FILESDIR}"/tripwire + + dodoc ChangeLog policy/policyguide.txt TRADEMARK \ + "${FILESDIR}"/tripwire.txt + + insinto /etc/tripwire + doins "${FILESDIR}"/twcfg.txt policy/twpol-GENERIC.txt + + fperms 750 /etc/cron.daily/tripwire +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]] ; then + elog "Tripwire needs to be configured before its first run. You can" + elog "do this by manually editing the twpol-GENERIC.txt file shipped with" + elog "the package to suit your needs. A quickstart guide is provided" + elog "in tripwire.txt file to help you with this." + elog "To configure tripwire automatically, you can use the twsetup.sh" + elog "script provided by the app-admin/mktwpol package. This package is" + elog "installed for you by the \"tools\" USE flag (which is enabled by" + elog "default." +else + elog "Maintenance of tripwire policy files as packages are added" + elog "and deleted from your system can be automated by the mktwpol.sh" + elog "script provided by the app-admin/mktwpol package. This package" + elog "is installed for you if you append \"tools\" to your USE flags" + fi +} -- cgit v1.2.3-65-gdbad