diff options
author | Armin Kuster <akuster808@gmail.com> | 2021-05-11 22:16:19 +0000 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2021-05-16 13:23:55 -0700 |
commit | 2f49b2dad030564717c7b6ecee1e1e2470478018 (patch) | |
tree | 7f722aaf1a5d9be38609e9fd970f9a988a283b48 /recipes-ids | |
parent | 44a345dbb16074980948d6db00c45db896781b0c (diff) | |
download | meta-security-2f49b2dad030564717c7b6ecee1e1e2470478018.tar.gz |
aide: Add another ids
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'recipes-ids')
-rw-r--r-- | recipes-ids/aide/aide/aide.conf | 94 | ||||
-rw-r--r-- | recipes-ids/aide/aide_0.17.3.bb | 41 |
2 files changed, 135 insertions, 0 deletions
diff --git a/recipes-ids/aide/aide/aide.conf b/recipes-ids/aide/aide/aide.conf new file mode 100644 index 0000000..2c99e07 --- /dev/null +++ b/recipes-ids/aide/aide/aide.conf | |||
@@ -0,0 +1,94 @@ | |||
1 | # Example configuration file for AIDE. | ||
2 | |||
3 | @@define DBDIR /usr/lib/aide | ||
4 | @@define LOGDIR /usr/lib/aide/logs | ||
5 | |||
6 | # The location of the database to be read. | ||
7 | database_in=file:@@{DBDIR}/aide.db.gz | ||
8 | |||
9 | # The location of the database to be written. | ||
10 | #database_out=sql:host:port:database:login_name:passwd:table | ||
11 | #database_out=file:aide.db.new | ||
12 | database_out=file:@@{DBDIR}/aide.db.gz | ||
13 | |||
14 | # Whether to gzip the output to database | ||
15 | gzip_dbout=yes | ||
16 | |||
17 | # Default. | ||
18 | log_level=warning | ||
19 | |||
20 | report_url=file:@@{LOGDIR}/aide.log | ||
21 | report_url=stdout | ||
22 | #report_url=stderr | ||
23 | #NOT IMPLEMENTED report_url=mailto:root@foo.com | ||
24 | #NOT IMPLEMENTED report_url=syslog:LOG_AUTH | ||
25 | |||
26 | # These are the default rules. | ||
27 | # | ||
28 | #p: permissions | ||
29 | #i: inode: | ||
30 | #n: number of links | ||
31 | #u: user | ||
32 | #g: group | ||
33 | #s: size | ||
34 | #b: block count | ||
35 | #m: mtime | ||
36 | #a: atime | ||
37 | #c: ctime | ||
38 | #S: check for growing size | ||
39 | #acl: Access Control Lists | ||
40 | #selinux SELinux security context | ||
41 | #xattrs: Extended file attributes | ||
42 | #md5: md5 checksum | ||
43 | #sha1: sha1 checksum | ||
44 | #sha256: sha256 checksum | ||
45 | #sha512: sha512 checksum | ||
46 | #rmd160: rmd160 checksum | ||
47 | #tiger: tiger checksum | ||
48 | |||
49 | #haval: haval checksum (MHASH only) | ||
50 | #gost: gost checksum (MHASH only) | ||
51 | #crc32: crc32 checksum (MHASH only) | ||
52 | #whirlpool: whirlpool checksum (MHASH only) | ||
53 | |||
54 | FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256 | ||
55 | |||
56 | #R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5 | ||
57 | #L: p+i+n+u+g+acl+selinux+xattrs | ||
58 | #E: Empty group | ||
59 | #>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs | ||
60 | |||
61 | # You can create custom rules like this. | ||
62 | # With MHASH... | ||
63 | # ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32 | ||
64 | ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger | ||
65 | # Everything but access time (Ie. all changes) | ||
66 | EVERYTHING = R+ALLXTRAHASHES | ||
67 | |||
68 | # Sane, with multiple hashes | ||
69 | # NORMAL = R+rmd160+sha256+whirlpool | ||
70 | NORMAL = FIPSR+sha512 | ||
71 | |||
72 | # For directories, don't bother doing hashes | ||
73 | DIR = p+i+n+u+g+acl+selinux+xattrs | ||
74 | |||
75 | # Access control only | ||
76 | PERMS = p+i+u+g+acl+selinux | ||
77 | |||
78 | # Logfile are special, in that they often change | ||
79 | LOG = > | ||
80 | |||
81 | # Just do sha256 and sha512 hashes | ||
82 | LSPP = FIPSR+sha512 | ||
83 | |||
84 | # Some files get updated automatically, so the inode/ctime/mtime change | ||
85 | # but we want to know when the data inside them changes | ||
86 | DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha256 | ||
87 | |||
88 | # Next decide what directories/files you want in the database. | ||
89 | |||
90 | # Check only permissions, inode, user and group for /etc, but | ||
91 | # cover some important files closely. | ||
92 | /bin NORMAL | ||
93 | /sbin NORMAL | ||
94 | /lib NORMAL | ||
diff --git a/recipes-ids/aide/aide_0.17.3.bb b/recipes-ids/aide/aide_0.17.3.bb new file mode 100644 index 0000000..522cd85 --- /dev/null +++ b/recipes-ids/aide/aide_0.17.3.bb | |||
@@ -0,0 +1,41 @@ | |||
1 | SUMMARY = "Advanced Intrusion Detection Environment" | ||
2 | HOMEPAGE = "https://aide.github.io" | ||
3 | LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" | ||
4 | LICENSE = "GPL-2.0" | ||
5 | |||
6 | DEPENDS = "bison-native libpcre" | ||
7 | |||
8 | SRC_URI = "https://github.com/aide/aide/releases/download/v${PV}/${BPN}-${PV}.tar.gz \ | ||
9 | file://aide.conf" | ||
10 | |||
11 | SRC_URI[sha256sum] = "a2eb1883cafaad056fbe43ee1e8ae09fd36caa30a0bc8edfea5d47bd67c464f8" | ||
12 | |||
13 | inherit autotools pkgconfig | ||
14 | |||
15 | PACKAGECONFIG ??=" mhash zlib e2fsattrs \ | ||
16 | ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit', '', d)} \ | ||
17 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'xattr', '', d)} \ | ||
18 | " | ||
19 | PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux, libselinux" | ||
20 | PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib, zlib " | ||
21 | PACKAGECONFIG[xattr] = "--with-xattr, --without-xattr, attr, attr" | ||
22 | PACKAGECONFIG[curl] = "--with-curl, --without-curl, curl, libcurl" | ||
23 | PACKAGECONFIG[audit] = "--with-audit, --without-audit," | ||
24 | PACKAGECONFIG[gcrypt] = "--with-gcrypt, --without-gcrypt, libgcrypt, libgcrypt" | ||
25 | PACKAGECONFIG[mhash] = "--with-mhash, --without-mhash, libmhash, libmhash" | ||
26 | PACKAGECONFIG[e2fsattrs] = "--with-e2fsattrs, --without-e2fsattrs, e2fsprogs, e2fsprogs" | ||
27 | |||
28 | do_install_append () { | ||
29 | install -d ${D}${libdir}/${PN}/logs | ||
30 | install -d ${D}${sysconfdir} | ||
31 | install ${WORKDIR}/aide.conf ${D}${sysconfdir}/ | ||
32 | } | ||
33 | |||
34 | CONF_FILE = "${sysconfdir}/aide.conf" | ||
35 | |||
36 | FILES_${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf" | ||
37 | |||
38 | pkg_postinst_ontarget_${PN} () { | ||
39 | /usr/bin/aide -i | ||
40 | } | ||
41 | RDPENDS_${PN} = "bison, libpcre" | ||