aide: Add another ids

Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Armin Kuster <akuster808@gmail.com> 2021-05-11 22:16:19 +0000
committer: Armin Kuster <akuster808@gmail.com> 2021-05-16 13:23:55 -0700
commit: 2f49b2dad030564717c7b6ecee1e1e2470478018 (patch)
tree: 7f722aaf1a5d9be38609e9fd970f9a988a283b48 /recipes-ids
parent: 44a345dbb16074980948d6db00c45db896781b0c (diff)
download: meta-security-2f49b2dad030564717c7b6ecee1e1e2470478018.tar.gz
2 files changed, 135 insertions, 0 deletions
diff --git a/recipes-ids/aide/aide/aide.conf b/recipes-ids/aide/aide/aide.conf
new file mode 100644
index 0000000..2c99e07
--- /dev/null
+++ b/recipes-ids/aide/aide/aide.conf
@@ -0,0 +1,94 @@
+# Example configuration file for AIDE.
+@@define DBDIR /usr/lib/aide
+@@define LOGDIR /usr/lib/aide/logs
+# The location of the database to be read.
+database_in=file:@@{DBDIR}/aide.db.gz
+# The location of the database to be written.
+#database_out=sql:host:port:database:login_name:passwd:table
+#database_out=file:aide.db.new
+database_out=file:@@{DBDIR}/aide.db.gz
+# Whether to gzip the output to database
+gzip_dbout=yes
+# Default.
+log_level=warning
+report_url=file:@@{LOGDIR}/aide.log
+report_url=stdout
+#report_url=stderr
+#NOT IMPLEMENTED report_url=mailto:root@foo.com
+#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
+# These are the default rules.
+#
+#p:      permissions
+#i:      inode:
+#n:      number of links
+#u:      user
+#g:      group
+#s:      size
+#b:      block count
+#m:      mtime
+#a:      atime
+#c:      ctime
+#S:      check for growing size
+#acl:           Access Control Lists
+#selinux        SELinux security context
+#xattrs:        Extended file attributes
+#md5:    md5 checksum
+#sha1:   sha1 checksum
+#sha256:        sha256 checksum
+#sha512:        sha512 checksum
+#rmd160: rmd160 checksum
+#tiger:  tiger checksum
+#haval:  haval checksum (MHASH only)
+#gost:   gost checksum (MHASH only)
+#crc32:  crc32 checksum (MHASH only)
+#whirlpool:     whirlpool checksum (MHASH only)
+FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256
+#R:             p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
+#L:             p+i+n+u+g+acl+selinux+xattrs
+#E:             Empty group
+#>:             Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
+# You can create custom rules like this.
+# With MHASH...
+# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
+ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
+# Everything but access time (Ie. all changes)
+EVERYTHING = R+ALLXTRAHASHES
+# Sane, with multiple hashes
+# NORMAL = R+rmd160+sha256+whirlpool
+NORMAL = FIPSR+sha512
+# For directories, don't bother doing hashes
+DIR = p+i+n+u+g+acl+selinux+xattrs
+# Access control only
+PERMS = p+i+u+g+acl+selinux
+# Logfile are special, in that they often change
+LOG = >
+# Just do sha256 and sha512 hashes
+LSPP = FIPSR+sha512
+# Some files get updated automatically, so the inode/ctime/mtime change
+# but we want to know when the data inside them changes
+DATAONLY =  p+n+u+g+s+acl+selinux+xattrs+sha256
+# Next decide what directories/files you want in the database.
+# Check only permissions, inode, user and group for /etc, but
+# cover some important files closely.
+/bin NORMAL
+/sbin NORMAL
+/lib NORMAL
diff --git a/recipes-ids/aide/aide_0.17.3.bb b/recipes-ids/aide/aide_0.17.3.bb
new file mode 100644
index 0000000..522cd85
--- /dev/null
+++ b/recipes-ids/aide/aide_0.17.3.bb
@@ -0,0 +1,41 @@
+SUMMARY = "Advanced Intrusion Detection Environment"
+HOMEPAGE = "https://aide.github.io"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+LICENSE = "GPL-2.0"
+DEPENDS = "bison-native libpcre"
+SRC_URI = "https://github.com/aide/aide/releases/download/v${PV}/${BPN}-${PV}.tar.gz \
+           file://aide.conf"
+SRC_URI[sha256sum] = "a2eb1883cafaad056fbe43ee1e8ae09fd36caa30a0bc8edfea5d47bd67c464f8"
+inherit autotools pkgconfig
+PACKAGECONFIG ??=" mhash zlib e2fsattrs \
+                 ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit', '', d)} \
+                 ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'xattr', '', d)} \
+                 "
+PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux, libselinux"
+PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib, zlib "
+PACKAGECONFIG[xattr] = "--with-xattr, --without-xattr, attr, attr"
+PACKAGECONFIG[curl] = "--with-curl, --without-curl, curl, libcurl"
+PACKAGECONFIG[audit] = "--with-audit, --without-audit,"
+PACKAGECONFIG[gcrypt] = "--with-gcrypt, --without-gcrypt, libgcrypt, libgcrypt"
+PACKAGECONFIG[mhash] = "--with-mhash, --without-mhash, libmhash, libmhash"
+PACKAGECONFIG[e2fsattrs] = "--with-e2fsattrs, --without-e2fsattrs, e2fsprogs, e2fsprogs"
+do_install_append () {
+    install -d ${D}${libdir}/${PN}/logs   
+    install -d ${D}${sysconfdir}   
+    install ${WORKDIR}/aide.conf ${D}${sysconfdir}/
+}
+CONF_FILE = "${sysconfdir}/aide.conf"
+FILES_${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf"
+pkg_postinst_ontarget_${PN} () {
+    /usr/bin/aide -i
+}
+RDPENDS_${PN} = "bison, libpcre"
author	Armin Kuster <akuster808@gmail.com>	2021-05-11 22:16:19 +0000
committer	Armin Kuster <akuster808@gmail.com>	2021-05-16 13:23:55 -0700
commit	2f49b2dad030564717c7b6ecee1e1e2470478018 (patch)
tree	7f722aaf1a5d9be38609e9fd970f9a988a283b48 /recipes-ids
parent	44a345dbb16074980948d6db00c45db896781b0c (diff)
download	meta-security-2f49b2dad030564717c7b6ecee1e1e2470478018.tar.gz

diff --git a/recipes-ids/aide/aide/aide.conf b/recipes-ids/aide/aide/aide.conf new file mode 100644 index 0000000..2c99e07 --- /dev/null +++ b/recipes-ids/aide/aide/aide.conf
@@ -0,0 +1,94 @@
	1	# Example configuration file for AIDE.
	2
	3	@@define DBDIR /usr/lib/aide
	4	@@define LOGDIR /usr/lib/aide/logs
	5
	6	# The location of the database to be read.
	7	database_in=file:@@{DBDIR}/aide.db.gz
	8
	9	# The location of the database to be written.
	10	#database_out=sql:host:port:database:login_name:passwd:table
	11	#database_out=file:aide.db.new
	12	database_out=file:@@{DBDIR}/aide.db.gz
	13
	14	# Whether to gzip the output to database
	15	gzip_dbout=yes
	16
	17	# Default.
	18	log_level=warning
	19
	20	report_url=file:@@{LOGDIR}/aide.log
	21	report_url=stdout
	22	#report_url=stderr
	23	#NOT IMPLEMENTED report_url=mailto:root@foo.com
	24	#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
	25
	26	# These are the default rules.
	27	#
	28	#p: permissions
	29	#i: inode:
	30	#n: number of links
	31	#u: user
	32	#g: group
	33	#s: size
	34	#b: block count
	35	#m: mtime
	36	#a: atime
	37	#c: ctime
	38	#S: check for growing size
	39	#acl: Access Control Lists
	40	#selinux SELinux security context
	41	#xattrs: Extended file attributes
	42	#md5: md5 checksum
	43	#sha1: sha1 checksum
	44	#sha256: sha256 checksum
	45	#sha512: sha512 checksum
	46	#rmd160: rmd160 checksum
	47	#tiger: tiger checksum
	48
	49	#haval: haval checksum (MHASH only)
	50	#gost: gost checksum (MHASH only)
	51	#crc32: crc32 checksum (MHASH only)
	52	#whirlpool: whirlpool checksum (MHASH only)
	53
	54	FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256
	55
	56	#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
	57	#L: p+i+n+u+g+acl+selinux+xattrs
	58	#E: Empty group
	59	#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
	60
	61	# You can create custom rules like this.
	62	# With MHASH...
	63	# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
	64	ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
	65	# Everything but access time (Ie. all changes)
	66	EVERYTHING = R+ALLXTRAHASHES
	67
	68	# Sane, with multiple hashes
	69	# NORMAL = R+rmd160+sha256+whirlpool
	70	NORMAL = FIPSR+sha512
	71
	72	# For directories, don't bother doing hashes
	73	DIR = p+i+n+u+g+acl+selinux+xattrs
	74
	75	# Access control only
	76	PERMS = p+i+u+g+acl+selinux
	77
	78	# Logfile are special, in that they often change
	79	LOG = >
	80
	81	# Just do sha256 and sha512 hashes
	82	LSPP = FIPSR+sha512
	83
	84	# Some files get updated automatically, so the inode/ctime/mtime change
	85	# but we want to know when the data inside them changes
	86	DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha256
	87
	88	# Next decide what directories/files you want in the database.
	89
	90	# Check only permissions, inode, user and group for /etc, but
	91	# cover some important files closely.
	92	/bin NORMAL
	93	/sbin NORMAL
	94	/lib NORMAL


diff --git a/recipes-ids/aide/aide_0.17.3.bb b/recipes-ids/aide/aide_0.17.3.bb new file mode 100644 index 0000000..522cd85 --- /dev/null +++ b/recipes-ids/aide/aide_0.17.3.bb
@@ -0,0 +1,41 @@
	1	SUMMARY = "Advanced Intrusion Detection Environment"
	2	HOMEPAGE = "https://aide.github.io"
	3	LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
	4	LICENSE = "GPL-2.0"
	5
	6	DEPENDS = "bison-native libpcre"
	7
	8	SRC_URI = "https://github.com/aide/aide/releases/download/v${PV}/${BPN}-${PV}.tar.gz \
	9	file://aide.conf"
	10
	11	SRC_URI[sha256sum] = "a2eb1883cafaad056fbe43ee1e8ae09fd36caa30a0bc8edfea5d47bd67c464f8"
	12
	13	inherit autotools pkgconfig
	14
	15	PACKAGECONFIG ??=" mhash zlib e2fsattrs \
	16	${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit', '', d)} \
	17	${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'xattr', '', d)} \
	18	"
	19	PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux, libselinux"
	20	PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib, zlib "
	21	PACKAGECONFIG[xattr] = "--with-xattr, --without-xattr, attr, attr"
	22	PACKAGECONFIG[curl] = "--with-curl, --without-curl, curl, libcurl"
	23	PACKAGECONFIG[audit] = "--with-audit, --without-audit,"
	24	PACKAGECONFIG[gcrypt] = "--with-gcrypt, --without-gcrypt, libgcrypt, libgcrypt"
	25	PACKAGECONFIG[mhash] = "--with-mhash, --without-mhash, libmhash, libmhash"
	26	PACKAGECONFIG[e2fsattrs] = "--with-e2fsattrs, --without-e2fsattrs, e2fsprogs, e2fsprogs"
	27
	28	do_install_append () {
	29	install -d ${D}${libdir}/${PN}/logs
	30	install -d ${D}${sysconfdir}
	31	install ${WORKDIR}/aide.conf ${D}${sysconfdir}/
	32	}
	33
	34	CONF_FILE = "${sysconfdir}/aide.conf"
	35
	36	FILES_${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf"
	37
	38	pkg_postinst_ontarget_${PN} () {
	39	/usr/bin/aide -i
	40	}
	41	RDPENDS_${PN} = "bison, libpcre"