summaryrefslogtreecommitdiff
path: root/app-admin/tripwire
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2018-07-14 20:56:41 +0100
committerV3n3RiX <venerix@redcorelinux.org>2018-07-14 20:56:41 +0100
commitd87262dd706fec50cd150aab3e93883b6337466d (patch)
tree246b44c33ad7a57550430b0a60fa0df86a3c9e68 /app-admin/tripwire
parent71bc00c87bba1ce31de0dac6c3b7fd1aee6917fc (diff)
gentoo resync : 14.07.2018
Diffstat (limited to 'app-admin/tripwire')
-rw-r--r--app-admin/tripwire/Manifest6
-rw-r--r--app-admin/tripwire/files/tripwire10
-rw-r--r--app-admin/tripwire/files/tripwire.txt272
-rw-r--r--app-admin/tripwire/files/twcfg.txt15
-rw-r--r--app-admin/tripwire/metadata.xml35
-rw-r--r--app-admin/tripwire/tripwire-2.4.3.7.ebuild79
6 files changed, 0 insertions, 417 deletions
diff --git a/app-admin/tripwire/Manifest b/app-admin/tripwire/Manifest
deleted file mode 100644
index 6f8826913fb4..000000000000
--- a/app-admin/tripwire/Manifest
+++ /dev/null
@@ -1,6 +0,0 @@
-AUX tripwire 466 BLAKE2B 1fca6945b6b8ce959b7c617eef9454690662676020ce7451396f8cd365d093fa687896c3f22ac2e3df3d370cb42aa55967198de573172b79d023711b59951404 SHA512 1df37364a84ab26ca0a3f2637e9f4938333c394979c2ccadb69401b7e6a93d03911ce737b25bb6e76c1963e4b7eaffd35b3551aa141b51bc9b3a8a00d9c828cf
-AUX tripwire.txt 11492 BLAKE2B f157c47e1461095a51e9868127d25df6769c3ea6441fe34925c29ef3e93541e66516ba59b1c04120979a4edc1f31bf166ac72998f2adba571d64ffa7c7008fd3 SHA512 ec53b2f71fb33f227628e1160a72fecf4a1aca7ee58b750945e7c0d0ce756a37666a02fe9e8ec235055fe6d28e1d20e77a449ae229f5d5d2349eaffe07827d47
-AUX twcfg.txt 604 BLAKE2B 78c0e1457e5ea37031c8f9cf5a340ee600775973ea2475daadb07f3cb59f117667506438628ced1b4b1fa738855748df7d4b2e6695d65de9ed832f335943797a SHA512 c8a568638d5a18bb9508ee6f70aea815b8bfdb9efbf7823cdad59890a617bbe941454f6f4622e38e4ac4622e1d611c9fc085d73aec5a23b5c13ae7f1d783b388
-DIST tripwire-2.4.3.7.tar.gz 1002257 BLAKE2B fb0c847087e8b27d2a111b4a4122b3c4d5b187efe6f80995c6d06c7592a22fec2c537bbebba9c21a7761a8047535de4a96a6b94246da586faad4e9fc92137196 SHA512 541138f4a4c3a4227f31de6607503d305f0d893bdd5d24928d619d3a25bb8fe7061a45c041992ace957b976b834b5f4212b5c727eee1cbc76ddb2e2c52aeafbd
-EBUILD tripwire-2.4.3.7.ebuild 2411 BLAKE2B 9646cb96ee17a4e2a31d7c4ac065a72b363aa89c809a41ac94bc2d414b4679053378c6697a758e515691eaebb094ee2bdc65c38240f0a18c903f3c4e061e3b0d SHA512 09e8911547b7a629e5bc546005b9a17aae84057d93dd956a6fe687819f1fe5e09720d48caa72844a8736e2cfa23bb6b4387a19e31e1b8e587e6da792836a5838
-MISC metadata.xml 1616 BLAKE2B bd19945c4dfb57c6e1102e5d2460f5784fbc4eb54c53a04052a08f45c4131edf8117e834d1b964a350512618e875aab3323f986ea71a893fee19ec08b54a0da2 SHA512 ae04a581b34beb18adb7aea67d9ec17dc5cd897d3e974515c5c59e2e5e8391f86238bcaa59967aa7413c99ce56ae670a7badf8008ed8b6926f7f0a4eab0b83a2
diff --git a/app-admin/tripwire/files/tripwire b/app-admin/tripwire/files/tripwire
deleted file mode 100644
index 8f0f23f3e2d5..000000000000
--- a/app-admin/tripwire/files/tripwire
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-HOST_NAME=`uname -n`
-if [ ! -e /var/lib/tripwire/${HOST_NAME}.twd ] ; then
- echo "**** Error: Tripwire database for ${HOST_NAME} not found. ****"
- echo "**** Check tripwire.txt file for instructions or install ****"
- echo "**** app-admin/mktwpol package (if you used the \"tools\" ****"
- echo "**** USE flag, this has been done for you already. ****"
-else
- test -f /etc/tripwire/tw.cfg && /usr/sbin/tripwire --check --quiet
-fi
diff --git a/app-admin/tripwire/files/tripwire.txt b/app-admin/tripwire/files/tripwire.txt
deleted file mode 100644
index 4f47f8bd8196..000000000000
--- a/app-admin/tripwire/files/tripwire.txt
+++ /dev/null
@@ -1,272 +0,0 @@
-tripwire.txt v. 11 Sept 2013
-
-Introduction to Tripwire, with Gentoo-specific installation information
-
-Tripwire software can monitor the integrity of critical system files and
-directories by identifying specified changes made to selected system
-files and directories. Configure Tripwire software to monitor your
-system in the way that is best for you.
-
-Tripwire software works by comparing files and directories against a
-defined baseline, stored in a tripwire-created database. Tripwire
-generates the baseline by taking a "snapshot" of specified files and
-directories. Tripwire software then compares the current system against
-the baseline and reports modifications, additions, or deletions. Use
-Tripwire software for system security, intrusion detection, damage
-assessment, and recovery forensics.
-
-
-To set-up Tripwire Configuration
-
-The Tripwire tarball installs the basic program files needed to run the
-software. However, this installation does not prepare the configuration
-files that Tripwire needs to perform correctly. After you install the
-tripwire executable files and example configuration, you must:
-
-1. Review and perhaps edit the plain-text tripwire configuration file
- (/etc/tripwire/twcfg.txt) with a text editor, if desired.
-
-2. Either run a configuration script (twsetup.sh from Gentoo's mktwpol
- package, or tripwire-setup-keyfiles from Red Hat, or deprecated
- twinstall.sh, also from Red Hat), or run the program `twadmin` with
- the correct command line switches to make key files and encrypt/sign
- the tripwire configuration file.
-
- Make site key file
- ------------------
- `twadmin --generate-keys -S /etc/tripwire/site.key`
-
- Make local key file
- -------------------
- `twadmin --generate-keys -L /etc/tripwire/$HOSTNAME-local.key`
-
- Make mandatory signed tripwire configuration file (tw.cfg)
- ----------------------------------------------------------
- `twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt`
-
-Note: Once encrypted/signed, the configuration file, tw.cfg, must not be
-renamed or moved. The plain-text tripwire configuration file (twcfg.txt)
-should be deleted. It can be recreated with `twadmin --print-cfgfile`
-
-3. Make a plain-text policy file. The use of the name twpol.txt is
- common, but the name of this file is not defined or used by Tripwire,
- other than preparation of the encrypted/signed policy file.
-
- To make the plain-text policy file, either run a policy file generator
- (for example, mktwpol.sh from Gentoo's mktwpol package), or edit the
- plain-text policy file (twpol-GENERIC.txt, or twpol.txt, or similar)
- with a text editor. The plain-text policy file should not refer to
- any non-existent file or directory.
-
- If you edit twpol-GENERIC.txt to act as your plain-text policy file,
- provide your system's HOSTNAME at line 61. If you don't provide
- the correct HOSTNAME, a tripwire inspection of the target computer's
- filesystem will fail to check the tripwire database file for changes.
-
- TWDB=/var/lib/tripwire/YOUR_HOSTNAME.twd;
-
-4. Convert the plain-text policy file into the encrypted/signed form
- that tripwire will refer to as it examines the files on the target
- computer's filesystem. The default filename for the encrypted/signed
- policy file is defined in the tripwire configuration file (tw.cfg)
- and is usually tw.pol. The encryption/signing of plain-text twpol.txt
- is done with yet another `twadmin` command line.
-
- Make mandatory encrypted/signed system inspection policy file
- --------------------------------------------------------------
- `twadmin -m P -c /etc/tripwire/tw.cfg /etc/tripwire/twpol.txt`
-
-Note: If you modify the plain-text policy file after running the
-configuration script, you must re-sign the plain-text policy file before
-initializing the database file. Tripwire baseline database creation and
-inspections refer to the encrypted/signed policy file, not to the
-plain-text policy file.
-
-Note: The plain-text tripwire policy file (twpol.txt) should be deleted.
-It can be recreated with `twadmin --print-polfile`
-
-5. Initialize the Tripwire database file.
-
- Record current file attributes in the tripwire database
- -------------------------------------------------------
- `tripwire --init -c /etc/tripwire/tw.cfg`
-
-Note: Tripwire might issue some "Warning: File system error" errors,
-and appear to hang. But as long as it follows with "### Continuing...",
-it is still working.
-
-6. Run the first integrity check.
-
- `tripwire --check -c /etc/tripwire/tw.cfg`
-
-Note: The use of "-c /etc/tripwire/tw.cfg" is not required if Tripwire
-uses the default tripwire configuration directory and file names. If
-you defer to tripwire default filenames, then updating a text policy
-file into a tripwire database, and running an integrity check, can be
-done with these commands:
-
- `twadmin --create-polfile /etc/tripwire/twpol.txt`
- `tripwire --init`
- `tripwire --check`
-
-Modifying the Policy File
-
-How Tripwire software checks your system is specified in the Tripwire
-plain-text policy file (twpol.txt). A default policy file is included in
-the Tripwire software installation. This policy file should be tailored
-to fit your particular system. Tailoring the policy file is necessary
-to take advantage of Tripwire software's ability to monitor changes on
-your system.
-
-The plain-text policy file is usually located at /etc/tripwire/twpol.txt.
-An example policy file (located at /etc/tripwire/twpol-GENERIC.txt, or
-at /usr/share/doc/tripwire-VER#-REL#/policyguide.txt) is included to
-help you learn the policy language. Read the sample policy files and
-the comments in the sample policy file to learn the policy language.
-
-After you modify the plain-text policy file, don't forget!
-
- encrypt/sign using `twadmin --create-polfile /etc/tripwire/twpol.txt`
-
-
-Selecting Passphrases
-
-Tripwire files are encrypted/signed using site or local keys. These keys
-are protected by passphrases. When selecting passphrases, the following
-recommendations apply:
-
-Use at least eight alphanumeric and symbolic characters for each
-passphrase. The maximum length of a passphrase is 1023 characters.
-Quotes should not be used as passphrase characters.
-
-Assign a unique passphrase for the site key. The site key passphrase
-protects the site key, which is used to sign Tripwire software
-configuration and policy files. Assign a unique passphrase for the local
-key. The local key signs the Tripwire baseline database file. The local
-key may sign the Tripwire report files also.
-
-Store the passphrases in a secure location. There is no way to remove
-encryption from a signed file if you forget your passphrase and lost the
-key files. If you forget the passphrases, the files are unusable. In
-that case you must create new key files and the baseline database.
-
-
-Initializing the Database
-
-In Database Initialization mode, Tripwire software builds a database of
-filesystem objects based on the rules in the policy file. This database
-serves as the baseline for integrity checks. The syntax for Database
-Initialization mode is:
-
- `tripwire --init -c /etc/tripwire/tw.cfg`
-
-
-Running an Integrity Check
-
-The Integrity Check mode compares the current file system objects with
-their properties recorded in the Tripwire database. Violations are
-printed to stdout. The report file is saved and can later be accessed by
-twprint. An email option enables you to send email. The syntax for
-Integrity Check mode is:
-
- `tripwire --check -c /etc/tripwire/tw.cfg`
-
-
-Printing Reports - twprint Print Report Mode
-
-The twprint --print-report mode prints the contents of a Tripwire
-report. If you do not specify a report with the --twrfile or -r
-command-line argument, the default report file specified by the
-configuration file REPORTFILE variable is used.
-
-Example: On a machine named LIGHTHOUSE, the command could be:
-
- `twprint -m r --twrfile LIGHTHOUSE-19990622-021212.twr`
-
-
-Updating the Database after an Integrity Check
-
-Database Update mode enables you to update the Tripwire database after
-an integrity check if you determine that the violations discovered are
-valid. This update process saves time by enabling you to update the
-database without having to re-initialize it. It also enables selective
-updating, which cannot be done through re-initialization. The syntax for
-Database Update mode is:
-
- `tripwire --update`
-
-
-Updating the Policy File
-
-Change the way that Tripwire software scans the system by changing the
-rules in the policy file. You can then update the database without a
-complete re-initialization. This saves a significant amount of time and
-preserves security by keeping the policy file synchronized with the
-database it uses. The syntax for Policy Update mode is:
-
- `tripwire --update-policy`
-
-
-Testing email functions
-
-Test mode tests the software's email notification system, using the
-settings currently specified in the configuration file. The syntax for
-Email Test Reporting mode is:
-
- `tripwire --test`
-
-
-Tripwire Components
-
-The policy file begins as a text file containing comments, rules,
-directives, and variables. These dictate the way Tripwire software
-checks your system. Each rule in the policy file specifies a system
-object to be monitored. Rules also describe which changes to the object
-to report, and which to ignore.
-
-System objects are the files and directories you wish to monitor. Each
-object is identified by an object name. A property refers to a single
-characteristic of an object that Tripwire software can monitor.
-Directives control conditional processing of sets of rules in a policy
-file. During installation, the text policy file is encrypted/signed and
-renamed, and becomes the active policy file.
-
-The database file is an important component of Tripwire software. When
-first installed, Tripwire software uses the policy file rules to create
-the database file. The database file is a baseline "snapshot" of the
-system in a known secure state. Tripwire software compares this baseline
-against the current system to determine what changes have occurred. This
-is an integrity check.
-
-When you perform an integrity check, Tripwire software produces report
-files. Report files summarize any changes that violated the policy file
-rules during the integrity check. You can view the report file in a
-variety of formats, at varying levels of detail.
-
-The Tripwire configuration file stores system-specific information, such
-as the location of Tripwire data files. Tripwire software generates some
-of the configuration file information during installation. The system
-administrator can change parameters in the configuration file at any
-time. The configuration file variables POLFILE, DBFILE, REPORTFILE,
-SITEKEYFILE, and LOCALKEYFILE specify where the policy file, database
-file, report files, and site and local key files reside. These variables
-must be defined or the configuration file is invalid. If any of these
-variables are undefined, an error occurs on execution of Tripwire
-software and the program exits.
-
-
-Tripwire Help
-
-All Tripwire commands support the help arguments.
-
-Example: To get help with Create Configuration File mode, type:
-
- `twadmin --help --create-cfgfile`
-
- -? Display usage and version information
- --help Display all command modes
- --help all Display help for all command modes
- --help [mode] Display help for current command mode
- --version Display version information
-
-We recommend you read the Tripwire Release Notes and README file.
diff --git a/app-admin/tripwire/files/twcfg.txt b/app-admin/tripwire/files/twcfg.txt
deleted file mode 100644
index 9cf39bcc01e4..000000000000
--- a/app-admin/tripwire/files/twcfg.txt
+++ /dev/null
@@ -1,15 +0,0 @@
-ROOT =/usr/sbin
-POLFILE =/etc/tripwire/tw.pol
-DBFILE =/var/lib/tripwire/$(HOSTNAME).twd
-REPORTFILE =/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr
-SITEKEYFILE =/etc/tripwire/site.key
-LOCALKEYFILE =/etc/tripwire/$(HOSTNAME)-local.key
-EDITOR =/bin/nano
-LATEPROMPTING =false
-LOOSEDIRECTORYCHECKING =false
-MAILNOVIOLATIONS =true
-EMAILREPORTLEVEL =3
-REPORTLEVEL =3
-MAILMETHOD =SENDMAIL
-SYSLOGREPORTING =false
-MAILPROGRAM =/usr/lib/sendmail -oi -t
diff --git a/app-admin/tripwire/metadata.xml b/app-admin/tripwire/metadata.xml
deleted file mode 100644
index 9cf612218444..000000000000
--- a/app-admin/tripwire/metadata.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
- <maintainer type="person">
- <email>nimiux@gentoo.org</email>
- <name>Chema Alonso</name>
- </maintainer>
- <longdescription lang="en">
- Tripwire is a tool that aids system administrators and users in
- monitoring a designated set of files for any changes. Used with system
- files on a regular (e.g., daily) basis, Tripwire can notify system
- administrators of corrupted or tampered files, so damage control
- measures can be taken in a timely manner.
- </longdescription>
- <longdescription lang="es">
- Tripwire es una herramienta que ayuda a los administradores y
- usuarios en la monitorizaciĆ³n de los cambios en un conjunto de
- ficheros. Se utiliza particularmente en los ficheros de sistema
- de un modo regular (por ejemplo diariamente). Tripwire puede
- notificar a los administradores de sistema sobre ficheros que
- se han corrompido o han sido modificados maliciosamente, por lo
- que se pueden adoptar medidas de control de forma periĆ³dica.
- </longdescription>
- <use>
- <flag name="tools">Installs app-admin/mktwpol, providing scripts
- for the installation/setup of tripwire, including generating the
- tripwire policy file and maintenance of the tripwire database</flag>
- <flag name="ssl">Adds support for Secure Socket Layer connections</flag>
- <flag name="static">Builds the package statically</flag>
- </use>
- <upstream>
- <remote-id type="sourceforge">tripwire</remote-id>
- <remote-id type="github">Tripwire/tripwire-open-source</remote-id>
- </upstream>
-</pkgmetadata>
diff --git a/app-admin/tripwire/tripwire-2.4.3.7.ebuild b/app-admin/tripwire/tripwire-2.4.3.7.ebuild
deleted file mode 100644
index 4339d2ac489c..000000000000
--- a/app-admin/tripwire/tripwire-2.4.3.7.ebuild
+++ /dev/null
@@ -1,79 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit autotools eutils flag-o-matic
-
-DESCRIPTION="Open Source File Integrity Checker and IDS"
-HOMEPAGE="http://www.tripwire.org/"
-SRC_URI="https://github.com/Tripwire/tripwire-open-source/archive/${PV}.tar.gz -> ${PF}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 ppc x86 ~x86-fbsd"
-IUSE="libressl selinux ssl static +tools"
-
-DEPEND="sys-devel/automake
- sys-devel/autoconf
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:0= )
- )"
-RDEPEND="virtual/cron
- virtual/mta
- selinux? ( sec-policy/selinux-tripwire )
- ssl? ( dev-libs/openssl )"
-PDEPEND="tools? ( app-admin/mktwpol )"
-
-S="${WORKDIR}/tripwire-open-source-${PV}"
-
-src_prepare() {
- eautoreconf
- eapply_user
-}
-
-src_configure() {
- # tripwire can be sensitive to compiler optimisation.
- # see #32613, #45823, and others.
- # -taviso@gentoo.org
- strip-flags
- append-cppflags -DCONFIG_DIR='"\"/etc/tripwire\""' -fno-strict-aliasing
- econf $(use_enable ssl openssl) $(use_enable static)
-}
-
-src_install() {
- dosbin "${S}"/bin/{siggen,tripwire,twadmin,twprint}
- doman "${S}"/man/man{4/*.4,5/*.5,8/*.8}
- dodir /etc/tripwire /var/lib/tripwire{,/report}
- keepdir /var/lib/tripwire{,/report}
-
- exeinto /etc/cron.daily
- doexe "${FILESDIR}"/tripwire
-
- dodoc ChangeLog policy/policyguide.txt TRADEMARK \
- "${FILESDIR}"/tripwire.txt
-
- insinto /etc/tripwire
- doins "${FILESDIR}"/twcfg.txt policy/twpol-GENERIC.txt
-
- fperms 750 /etc/cron.daily/tripwire
-}
-
-pkg_postinst() {
- if [[ -z ${REPLACING_VERSIONS} ]] ; then
- elog "Tripwire needs to be configured before its first run. You can"
- elog "do this by manually editing the twpol-GENERIC.txt file shipped with"
- elog "the package to suit your needs. A quickstart guide is provided"
- elog "in tripwire.txt file to help you with this."
- elog "To configure tripwire automatically, you can use the twsetup.sh"
- elog "script provided by the app-admin/mktwpol package. This package is"
- elog "installed for you by the \"tools\" USE flag (which is enabled by"
- elog "default."
-else
- elog "Maintenance of tripwire policy files as packages are added"
- elog "and deleted from your system can be automated by the mktwpol.sh"
- elog "script provided by the app-admin/mktwpol package. This package"
- elog "is installed for you if you append \"tools\" to your USE flags"
- fi
-}