summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Black <dragonheart@gentoo.org>2006-01-22 05:54:14 +0000
committerDaniel Black <dragonheart@gentoo.org>2006-01-22 05:54:14 +0000
commitd96bfc053ce462335485291459f51e307d815e76 (patch)
tree41221fca55d13b342307b2898dbb4187b6583f62 /app-forensics/pyflag
parentVersion bump. (diff)
downloadgentoo-2-d96bfc053ce462335485291459f51e307d815e76.tar.gz
gentoo-2-d96bfc053ce462335485291459f51e307d815e76.tar.bz2
gentoo-2-d96bfc053ce462335485291459f51e307d815e76.zip
initial import as per bug #73301
(Portage version: 2.1_pre3-r1)
Diffstat (limited to 'app-forensics/pyflag')
-rw-r--r--app-forensics/pyflag/ChangeLog10
-rw-r--r--app-forensics/pyflag/Manifest4
-rw-r--r--app-forensics/pyflag/files/digest-pyflag-0.801
-rw-r--r--app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch109
-rw-r--r--app-forensics/pyflag/metadata.xml19
-rw-r--r--app-forensics/pyflag/pyflag-0.80.ebuild102
6 files changed, 245 insertions, 0 deletions
diff --git a/app-forensics/pyflag/ChangeLog b/app-forensics/pyflag/ChangeLog
new file mode 100644
index 000000000000..78a3cbf30790
--- /dev/null
+++ b/app-forensics/pyflag/ChangeLog
@@ -0,0 +1,10 @@
+# ChangeLog for app-forensics/pyflag
+# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/ChangeLog,v 1.1 2006/01/22 05:54:14 dragonheart Exp $
+
+*pyflag-0.80 (22 Jan 2006)
+
+ 22 Jan 2006; Daniel Black <dragonheart@gentoo.org>
+ +files/pyflag-0.80-nodbtool.patch, +metadata.xml, +pyflag-0.80.ebuild:
+ initial import as per bug #73301
+
diff --git a/app-forensics/pyflag/Manifest b/app-forensics/pyflag/Manifest
new file mode 100644
index 000000000000..d707d798aa3d
--- /dev/null
+++ b/app-forensics/pyflag/Manifest
@@ -0,0 +1,4 @@
+MD5 a3edd9f59a1c4290729470fc03f75d8c files/digest-pyflag-0.80 63
+MD5 a5c5ecb770c6d3295f58b2c80d768f29 files/pyflag-0.80-nodbtool.patch 4484
+MD5 337a7b8bb8752ec54a72b7429432af11 metadata.xml 841
+MD5 0c4be288f230fef96cddb3d65180f128 pyflag-0.80.ebuild 2753
diff --git a/app-forensics/pyflag/files/digest-pyflag-0.80 b/app-forensics/pyflag/files/digest-pyflag-0.80
new file mode 100644
index 000000000000..0638e5ed0ee9
--- /dev/null
+++ b/app-forensics/pyflag/files/digest-pyflag-0.80
@@ -0,0 +1 @@
+MD5 9cdb3cd401a410fc89e2e30cf5055cea pyflag-0.80.tar.gz 984995
diff --git a/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch b/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch
new file mode 100644
index 000000000000..29c838b84688
--- /dev/null
+++ b/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch
@@ -0,0 +1,109 @@
+diff -ru pyflag-0.80-orig/configure.in pyflag-0.80/configure.in
+--- pyflag-0.80-orig/configure.in 2006-01-19 09:43:16.000000000 +1100
++++ pyflag-0.80/configure.in 2006-01-20 20:03:04.000000000 +1100
+@@ -11,7 +11,14 @@
+ AC_CHECK_HEADER(zlib.h,,AC_MSG_ERROR([You Must install zlib-dev to build pyflag]))
+ AC_CHECK_HEADER(pcap.h,,AC_MSG_ERROR([You Must install libpcap-dev to build pyflag]))
+ AC_CHECK_HEADER(magic.h,,AC_MSG_ERROR([You Must install libmagic-dev to build pyflag this may be part of file the package for some distros]))
++
++# if we have dbtool don't need sleuthkit
++AC_CHECK_PROG([HAVE_DBTOOL],dbtool,"yes", "no")
++if test "x$HAVE_DBTOOL" = xno
++then
+ AC_CHECK_FILE(src/filesystems/sleuthkit-2.03.tar.gz,,AC_MSG_ERROR([You Must download sleuthkit-2.03.tar.gz and place in src/filesystems ]))
++fi
++AM_CONDITIONAL(HAVE_DBTOOL, test x$HAVE_DBTOOL = xyes)
+
+ # python checks
+ # (requires autoconf 1.5+ and the macros in acinclude.m4)
+diff -ru pyflag-0.80-orig/src/Makefile.am pyflag-0.80/src/Makefile.am
+--- pyflag-0.80-orig/src/Makefile.am 2006-01-09 12:13:40.000000000 +1100
++++ pyflag-0.80/src/Makefile.am 2006-01-20 20:03:04.000000000 +1100
+@@ -1,4 +1,10 @@
+-SUBDIRS = lib mailtools indextools network regtools virustools filesystems include
++
++SUBDIRS = lib mailtools indextools network regtools virustools include
++
++if HAVE_DBTOOL
++else
++SUBDIRS+=filesystems
++endif
+
+ # main pyflag (python) application
+ # not sure how to do this recursively
+diff -ru pyflag-0.80-slightlypatched/configure.in pyflag-0.80/configure.in
+--- pyflag-0.80-slightlypatched/configure.in 2006-01-20 20:42:03.000000000 +1100
++++ pyflag-0.80/configure.in 2006-01-20 20:42:52.000000000 +1100
+@@ -44,7 +44,7 @@
+ fi
+
+ # try to find magic files
+-AC_ARG_WITH(magic, AC_HELP_STRING([--with-magic], [specify a colon-separated list of system magic files, default autodetect]),,[magic=$(file -v | tail -1 | awk '{print $4}')])
++AC_ARG_WITH(magic, AC_HELP_STRING([--with-magic], [specify a colon-separated list of system magic files, default autodetect]),,[magic=$(file -v | tail -n 1 | awk '{print $4}')])
+ AC_SUBST(magic)
+
+
+--- pyflag-0.80-old/src/plugins/Configuration.py 2006-01-19 09:43:16.000000000 +1100
++++ pyflag-0.80/src/plugins/Configuration.py 2006-01-22 13:00:26.000000000 +1100
+@@ -3,6 +3,7 @@
+ config=pyflag.conf.ConfObject()
+ import os
+ import DB
++import stat
+
+ class Configure(Reports.report):
+ """ Configures pyflag """
+@@ -38,7 +39,8 @@
+ result.para("We do not seem to have enough privileges to access %s, or the path (%s) does not exist" %(k,config.__class__.__dict__[k]))
+ return
+
+- fd=open(os.environ['HOME'] + '/.pyflagrc', 'a+', S_IRWXU)
++ fd=open(os.environ['HOME'] + '/.pyflagrc', 'a+') #, os.S_IRWXU)
++ os.chmod(os.environ['HOME'] + '/.pyflagrc', stat.S_IRWXU)
+ ## TODO Think append is wrong?
+ result.para("Writing new $HOME/.pyflagrc")
+
+--- pyflag-0.80/Makefile.am 2006-01-19 09:00:50.000000000 +1100
++++ pyflag-0.80.new/Makefile.am 2006-01-22 13:04:54.000000000 +1100
+@@ -10,7 +10,7 @@
+ # perform subs in scripts and config files
+ edit = sed \
+ -e 's,@datadir\@,$(pkgdatadir),g' \
+- -e 's,@sysconf\@,$(sysconfdir),g' \
++ -e 's,@sysconfdir\@,$(sysconfdir),g' \
+ -e 's,@pkgpyexec\@,$(pkgpyexecdir),g' \
+ -e 's,@pythondir\@,$(pythondir),g' \
+ -e 's,@prefix\@,$(prefix),g' \
+diff -ru pyflag-0.80-orig/pyflag.in pyflag-0.80/pyflag.in
+--- pyflag-0.80-orig/pyflag.in 2006-01-10 12:04:31.000000000 +1100
++++ pyflag-0.80/pyflag.in 2006-01-22 13:19:31.000000000 +1100
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+
+-. @sysconf@/pyflagrc
++. @sysconfdir@/pyflagrc
+
+ ## Try to load personalised configurations
+ if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi
+diff -ru pyflag-0.80-orig/pyflag_launch.in pyflag-0.80/pyflag_launch.in
+--- pyflag-0.80-orig/pyflag_launch.in 2006-01-10 12:04:59.000000000 +1100
++++ pyflag-0.80/pyflag_launch.in 2006-01-22 13:20:30.000000000 +1100
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+
+-. @sysconf@/pyflagrc
++. @sysconfdir@/pyflagrc
+
+ ## Try to load personalised configurations
+ if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi
+diff -ru pyflag-0.80-orig/pyflash.in pyflag-0.80/pyflash.in
+--- pyflag-0.80-orig/pyflash.in 2006-01-10 12:04:48.000000000 +1100
++++ pyflag-0.80/pyflash.in 2006-01-22 13:20:11.000000000 +1100
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+
+-. @sysconf@/pyflagrc
++. @sysconfdir@/pyflagrc
+
+ ## Try to load personalised configurations
+ if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi
diff --git a/app-forensics/pyflag/metadata.xml b/app-forensics/pyflag/metadata.xml
new file mode 100644
index 000000000000..4a0348932c92
--- /dev/null
+++ b/app-forensics/pyflag/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>forensics</herd>
+<maintainer>
+ <email>forensics@gentoo.org</email>
+</maintainer>
+<longdescription>
+FLAG (Forensic and Log Analysis GUI) was designed to simplify the process of log
+file analysis and forensic investigations. Often, when investigating a large
+case, a great deal of data needs to be analysed and correlated. PyFlag uses a
+database as a backend to assist in managing the large volumes of data. This
+allows PyFlag to remain responsive and expedite data manipulation operations.
+
+Since PyFLAG is web based, it is able to be deployed on a central server and
+shared with a number of users at the same time. Data is loaded into cases which
+keeps information separated.
+</longdescription>
+</pkgmetadata>
diff --git a/app-forensics/pyflag/pyflag-0.80.ebuild b/app-forensics/pyflag/pyflag-0.80.ebuild
new file mode 100644
index 000000000000..83ae1132c888
--- /dev/null
+++ b/app-forensics/pyflag/pyflag-0.80.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/pyflag-0.80.ebuild,v 1.1 2006/01/22 05:54:14 dragonheart Exp $
+
+inherit eutils autotools
+
+DESCRIPTION="Tool for analysing log files, tcpdump files and hard disk images"
+HOMEPAGE="http://pyflag.sf.net"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86"
+
+IUSE=""
+COMMON_DEPEND="
+ virtual/libpcap
+ sys-apps/file
+ dev-python/mysql-python
+ sys-libs/zlib
+ app-antivirus/clamav
+ >=app-forensics/sleuthkit-2.03
+ dev-python/pexpect
+ dev-python/imaging
+ media-libs/ploticus"
+
+RDEPEND="${COMMON_DEPEND}
+ dev-db/mysql"
+
+DEPEND=">=dev-lang/swig-1.3
+ ${COMMON_DEPEND}"
+
+#
+# TODO: init scripts
+#
+# dev-python/pexpect
+# dev-python/imaging
+# media-libs/ploticus
+# app-forensics/sleuthkit to RDEPEND as it realy only checks they are
+# installed
+#
+
+src_unpack() {
+ unpack "${A}"
+ cd "${S}"
+ epatch "${FILESDIR}/${P}-nodbtool.patch"
+ sed -i -e 's/flag_version =.*/flag_version ="$Version: 0.80 Date: Thu Jan 19 00:50:12 EST 2006$"/' \
+ src/pyflag/FlagFramework.py
+ _elibtoolize --copy --force
+ eaclocal -I config
+ eautomake
+ eautoconf
+
+}
+
+src_install() {
+ make DESTDIR="${D}" install || die
+ # don't include pyflag use include files - its just silly
+ rm -rf "${D}/usr/include"
+
+ #maybe later
+ #newinitd "${FILESDIR}/${P}-init" pyflag
+ #newconfd "${FILESDIR}/${P}-conf" pyflag
+}
+
+pkg_postinst() {
+ einfo "Optionally enter database details in /etc/pyflagrc"
+ einfo
+ einfo "To start PyFlag just run \"pyflag\" as a normal user"
+ einfo "then open your web browser on http://localhost:8000"
+ einfo
+ einfo "To create a database user \"emerge --config =${PF}\""
+}
+
+pkg_config() {
+ ewarn "This creates the approprate adminstrative user for pyflag"
+ ewarn "Run pyflag with the entered credentials to create the"
+ ewarn "tables and database."
+ einfo
+ einfo "Enter user to create:"
+ read USER
+ einfo "Enter user's password:"
+ read PASSWORD
+
+ # note - poor privledge separation is used in pyflag
+ # recommend not sharing with other security consious databases.
+ # it may be possible to imporve this a bit using manual permission setting.
+ einfo "Enter mysql root database password:"
+ echo GRANT ALL PRIVILEGES ON "*.*" TO $USER@localhost \
+ IDENTIFIED BY \"$PASSWORD\"\; FLUSH PRIVILEGES\; \
+ | /usr/bin/mysql -u root -p
+
+ einfo "Do you want this data to be used for all users (y/n)?"
+ ewarn "Warning - all credentials will be in a world readable file"
+ ewarn "This overwrites settings in ${ROOT}/etc/pyflagrc"
+ read GLOBAL
+ if [ "${GLOBAL}" == "y" ] || [ "${GLOBAL}" == "Y" ]; then
+ einfo "updating global settings"
+ sed -i -e "s:PYFLAG_DBUSER=.*:PYFLAG_DBUSER=$USER:" \
+ -e "s:PYFLAG_DBPASSWD=.*:PYFLAG_DBPASSWD=$PASSWORD:" \
+ "${ROOT}/etc/pyflagrc"
+ fi
+}