summaryrefslogtreecommitdiff
blob: 365b97b97badff4f312d7cc982991fe0943f4280 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=8

inherit perl-functions

PATCHVER=0.2
MY_PN=${PN/b/B}
MY_P=${MY_PN}-${PV}
DESCRIPTION="Bastille-Linux is a security hardening tool"
HOMEPAGE="http://bastille-linux.sourceforge.net/"
SRC_URI="mirror://sourceforge/${PN}-linux/${MY_P}.tar.bz2
	mirror://gentoo/${P}-gentoo-${PATCHVER}.patch.bz2"
S="${WORKDIR}"/${MY_PN}

LICENSE="GPL-2+"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
IUSE="X"

RDEPEND="
	app-admin/logrotate
	dev-lang/perl
	dev-perl/Curses
	net-firewall/iptables
	net-firewall/psad
	virtual/logger
	X? ( dev-perl/Tk )
"

PATCHES=(
	"${WORKDIR}"/${P}-gentoo-${PATCHVER}.patch
	# make sure the Perl modules go into vendor dir
	"${FILESDIR}/${P}-perl.patch"
	# prevent file collision, bug 536292
	"${FILESDIR}/${P}-renamewidgets.patch"
	# openrc runscript rename
	"${FILESDIR}/${P}-openrc.patch"
)

src_prepare() {
	perl_set_version

	default

	cd "${S}" || die
	chmod a+x Install.sh bastille-ipchains bastille-netfilter || die
}

src_install() {
	perl_set_version
	export VENDOR_LIB

	cd "${S}" || die
	DESTDIR="${D}" ./Install.sh || die

	# Example configs
	cd "${S}" || die
	insinto /usr/share/Bastille
	doins *.config

	newinitd ${PN}-firewall.gentoo-init ${PN}-firewall

	# See bug #455542
	keepdir /var/lock/subsys
	keepdir /var/lock/bastille
	keepdir /var/lock/subsys/bastille

	# Documentation
	cd "${S}" || die
	dodoc *.txt BUGS Change* README*
	cd "${S}"/docs || die
	doman *.1m
}

pkg_postinst() {
	elog "Please be aware that when using the Server Lax, Server Moderate, or"
	elog "Server Paranoia configurations, you may need to use InteractiveBastille"
	elog "to set any advanced network information, such as masquerading and"
	elog "internal interfaces, if you plan to use them."
}