diff options
author | Daniel Black <dragonheart@gentoo.org> | 2006-01-22 05:54:14 +0000 |
---|---|---|
committer | Daniel Black <dragonheart@gentoo.org> | 2006-01-22 05:54:14 +0000 |
commit | d96bfc053ce462335485291459f51e307d815e76 (patch) | |
tree | 41221fca55d13b342307b2898dbb4187b6583f62 /app-forensics/pyflag | |
parent | Version bump. (diff) | |
download | gentoo-2-d96bfc053ce462335485291459f51e307d815e76.tar.gz gentoo-2-d96bfc053ce462335485291459f51e307d815e76.tar.bz2 gentoo-2-d96bfc053ce462335485291459f51e307d815e76.zip |
initial import as per bug #73301
(Portage version: 2.1_pre3-r1)
Diffstat (limited to 'app-forensics/pyflag')
-rw-r--r-- | app-forensics/pyflag/ChangeLog | 10 | ||||
-rw-r--r-- | app-forensics/pyflag/Manifest | 4 | ||||
-rw-r--r-- | app-forensics/pyflag/files/digest-pyflag-0.80 | 1 | ||||
-rw-r--r-- | app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch | 109 | ||||
-rw-r--r-- | app-forensics/pyflag/metadata.xml | 19 | ||||
-rw-r--r-- | app-forensics/pyflag/pyflag-0.80.ebuild | 102 |
6 files changed, 245 insertions, 0 deletions
diff --git a/app-forensics/pyflag/ChangeLog b/app-forensics/pyflag/ChangeLog new file mode 100644 index 000000000000..78a3cbf30790 --- /dev/null +++ b/app-forensics/pyflag/ChangeLog @@ -0,0 +1,10 @@ +# ChangeLog for app-forensics/pyflag +# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/ChangeLog,v 1.1 2006/01/22 05:54:14 dragonheart Exp $ + +*pyflag-0.80 (22 Jan 2006) + + 22 Jan 2006; Daniel Black <dragonheart@gentoo.org> + +files/pyflag-0.80-nodbtool.patch, +metadata.xml, +pyflag-0.80.ebuild: + initial import as per bug #73301 + diff --git a/app-forensics/pyflag/Manifest b/app-forensics/pyflag/Manifest new file mode 100644 index 000000000000..d707d798aa3d --- /dev/null +++ b/app-forensics/pyflag/Manifest @@ -0,0 +1,4 @@ +MD5 a3edd9f59a1c4290729470fc03f75d8c files/digest-pyflag-0.80 63 +MD5 a5c5ecb770c6d3295f58b2c80d768f29 files/pyflag-0.80-nodbtool.patch 4484 +MD5 337a7b8bb8752ec54a72b7429432af11 metadata.xml 841 +MD5 0c4be288f230fef96cddb3d65180f128 pyflag-0.80.ebuild 2753 diff --git a/app-forensics/pyflag/files/digest-pyflag-0.80 b/app-forensics/pyflag/files/digest-pyflag-0.80 new file mode 100644 index 000000000000..0638e5ed0ee9 --- /dev/null +++ b/app-forensics/pyflag/files/digest-pyflag-0.80 @@ -0,0 +1 @@ +MD5 9cdb3cd401a410fc89e2e30cf5055cea pyflag-0.80.tar.gz 984995 diff --git a/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch b/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch new file mode 100644 index 000000000000..29c838b84688 --- /dev/null +++ b/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch @@ -0,0 +1,109 @@ +diff -ru pyflag-0.80-orig/configure.in pyflag-0.80/configure.in +--- pyflag-0.80-orig/configure.in 2006-01-19 09:43:16.000000000 +1100 ++++ pyflag-0.80/configure.in 2006-01-20 20:03:04.000000000 +1100 +@@ -11,7 +11,14 @@ + AC_CHECK_HEADER(zlib.h,,AC_MSG_ERROR([You Must install zlib-dev to build pyflag])) + AC_CHECK_HEADER(pcap.h,,AC_MSG_ERROR([You Must install libpcap-dev to build pyflag])) + AC_CHECK_HEADER(magic.h,,AC_MSG_ERROR([You Must install libmagic-dev to build pyflag this may be part of file the package for some distros])) ++ ++# if we have dbtool don't need sleuthkit ++AC_CHECK_PROG([HAVE_DBTOOL],dbtool,"yes", "no") ++if test "x$HAVE_DBTOOL" = xno ++then + AC_CHECK_FILE(src/filesystems/sleuthkit-2.03.tar.gz,,AC_MSG_ERROR([You Must download sleuthkit-2.03.tar.gz and place in src/filesystems ])) ++fi ++AM_CONDITIONAL(HAVE_DBTOOL, test x$HAVE_DBTOOL = xyes) + + # python checks + # (requires autoconf 1.5+ and the macros in acinclude.m4) +diff -ru pyflag-0.80-orig/src/Makefile.am pyflag-0.80/src/Makefile.am +--- pyflag-0.80-orig/src/Makefile.am 2006-01-09 12:13:40.000000000 +1100 ++++ pyflag-0.80/src/Makefile.am 2006-01-20 20:03:04.000000000 +1100 +@@ -1,4 +1,10 @@ +-SUBDIRS = lib mailtools indextools network regtools virustools filesystems include ++ ++SUBDIRS = lib mailtools indextools network regtools virustools include ++ ++if HAVE_DBTOOL ++else ++SUBDIRS+=filesystems ++endif + + # main pyflag (python) application + # not sure how to do this recursively +diff -ru pyflag-0.80-slightlypatched/configure.in pyflag-0.80/configure.in +--- pyflag-0.80-slightlypatched/configure.in 2006-01-20 20:42:03.000000000 +1100 ++++ pyflag-0.80/configure.in 2006-01-20 20:42:52.000000000 +1100 +@@ -44,7 +44,7 @@ + fi + + # try to find magic files +-AC_ARG_WITH(magic, AC_HELP_STRING([--with-magic], [specify a colon-separated list of system magic files, default autodetect]),,[magic=$(file -v | tail -1 | awk '{print $4}')]) ++AC_ARG_WITH(magic, AC_HELP_STRING([--with-magic], [specify a colon-separated list of system magic files, default autodetect]),,[magic=$(file -v | tail -n 1 | awk '{print $4}')]) + AC_SUBST(magic) + + +--- pyflag-0.80-old/src/plugins/Configuration.py 2006-01-19 09:43:16.000000000 +1100 ++++ pyflag-0.80/src/plugins/Configuration.py 2006-01-22 13:00:26.000000000 +1100 +@@ -3,6 +3,7 @@ + config=pyflag.conf.ConfObject() + import os + import DB ++import stat + + class Configure(Reports.report): + """ Configures pyflag """ +@@ -38,7 +39,8 @@ + result.para("We do not seem to have enough privileges to access %s, or the path (%s) does not exist" %(k,config.__class__.__dict__[k])) + return + +- fd=open(os.environ['HOME'] + '/.pyflagrc', 'a+', S_IRWXU) ++ fd=open(os.environ['HOME'] + '/.pyflagrc', 'a+') #, os.S_IRWXU) ++ os.chmod(os.environ['HOME'] + '/.pyflagrc', stat.S_IRWXU) + ## TODO Think append is wrong? + result.para("Writing new $HOME/.pyflagrc") + +--- pyflag-0.80/Makefile.am 2006-01-19 09:00:50.000000000 +1100 ++++ pyflag-0.80.new/Makefile.am 2006-01-22 13:04:54.000000000 +1100 +@@ -10,7 +10,7 @@ + # perform subs in scripts and config files + edit = sed \ + -e 's,@datadir\@,$(pkgdatadir),g' \ +- -e 's,@sysconf\@,$(sysconfdir),g' \ ++ -e 's,@sysconfdir\@,$(sysconfdir),g' \ + -e 's,@pkgpyexec\@,$(pkgpyexecdir),g' \ + -e 's,@pythondir\@,$(pythondir),g' \ + -e 's,@prefix\@,$(prefix),g' \ +diff -ru pyflag-0.80-orig/pyflag.in pyflag-0.80/pyflag.in +--- pyflag-0.80-orig/pyflag.in 2006-01-10 12:04:31.000000000 +1100 ++++ pyflag-0.80/pyflag.in 2006-01-22 13:19:31.000000000 +1100 +@@ -1,6 +1,6 @@ + #!/bin/bash + +-. @sysconf@/pyflagrc ++. @sysconfdir@/pyflagrc + + ## Try to load personalised configurations + if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi +diff -ru pyflag-0.80-orig/pyflag_launch.in pyflag-0.80/pyflag_launch.in +--- pyflag-0.80-orig/pyflag_launch.in 2006-01-10 12:04:59.000000000 +1100 ++++ pyflag-0.80/pyflag_launch.in 2006-01-22 13:20:30.000000000 +1100 +@@ -1,6 +1,6 @@ + #!/bin/bash + +-. @sysconf@/pyflagrc ++. @sysconfdir@/pyflagrc + + ## Try to load personalised configurations + if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi +diff -ru pyflag-0.80-orig/pyflash.in pyflag-0.80/pyflash.in +--- pyflag-0.80-orig/pyflash.in 2006-01-10 12:04:48.000000000 +1100 ++++ pyflag-0.80/pyflash.in 2006-01-22 13:20:11.000000000 +1100 +@@ -1,6 +1,6 @@ + #!/bin/bash + +-. @sysconf@/pyflagrc ++. @sysconfdir@/pyflagrc + + ## Try to load personalised configurations + if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi diff --git a/app-forensics/pyflag/metadata.xml b/app-forensics/pyflag/metadata.xml new file mode 100644 index 000000000000..4a0348932c92 --- /dev/null +++ b/app-forensics/pyflag/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>forensics</herd> +<maintainer> + <email>forensics@gentoo.org</email> +</maintainer> +<longdescription> +FLAG (Forensic and Log Analysis GUI) was designed to simplify the process of log +file analysis and forensic investigations. Often, when investigating a large +case, a great deal of data needs to be analysed and correlated. PyFlag uses a +database as a backend to assist in managing the large volumes of data. This +allows PyFlag to remain responsive and expedite data manipulation operations. + +Since PyFLAG is web based, it is able to be deployed on a central server and +shared with a number of users at the same time. Data is loaded into cases which +keeps information separated. +</longdescription> +</pkgmetadata> diff --git a/app-forensics/pyflag/pyflag-0.80.ebuild b/app-forensics/pyflag/pyflag-0.80.ebuild new file mode 100644 index 000000000000..83ae1132c888 --- /dev/null +++ b/app-forensics/pyflag/pyflag-0.80.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/pyflag-0.80.ebuild,v 1.1 2006/01/22 05:54:14 dragonheart Exp $ + +inherit eutils autotools + +DESCRIPTION="Tool for analysing log files, tcpdump files and hard disk images" +HOMEPAGE="http://pyflag.sf.net" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86" + +IUSE="" +COMMON_DEPEND=" + virtual/libpcap + sys-apps/file + dev-python/mysql-python + sys-libs/zlib + app-antivirus/clamav + >=app-forensics/sleuthkit-2.03 + dev-python/pexpect + dev-python/imaging + media-libs/ploticus" + +RDEPEND="${COMMON_DEPEND} + dev-db/mysql" + +DEPEND=">=dev-lang/swig-1.3 + ${COMMON_DEPEND}" + +# +# TODO: init scripts +# +# dev-python/pexpect +# dev-python/imaging +# media-libs/ploticus +# app-forensics/sleuthkit to RDEPEND as it realy only checks they are +# installed +# + +src_unpack() { + unpack "${A}" + cd "${S}" + epatch "${FILESDIR}/${P}-nodbtool.patch" + sed -i -e 's/flag_version =.*/flag_version ="$Version: 0.80 Date: Thu Jan 19 00:50:12 EST 2006$"/' \ + src/pyflag/FlagFramework.py + _elibtoolize --copy --force + eaclocal -I config + eautomake + eautoconf + +} + +src_install() { + make DESTDIR="${D}" install || die + # don't include pyflag use include files - its just silly + rm -rf "${D}/usr/include" + + #maybe later + #newinitd "${FILESDIR}/${P}-init" pyflag + #newconfd "${FILESDIR}/${P}-conf" pyflag +} + +pkg_postinst() { + einfo "Optionally enter database details in /etc/pyflagrc" + einfo + einfo "To start PyFlag just run \"pyflag\" as a normal user" + einfo "then open your web browser on http://localhost:8000" + einfo + einfo "To create a database user \"emerge --config =${PF}\"" +} + +pkg_config() { + ewarn "This creates the approprate adminstrative user for pyflag" + ewarn "Run pyflag with the entered credentials to create the" + ewarn "tables and database." + einfo + einfo "Enter user to create:" + read USER + einfo "Enter user's password:" + read PASSWORD + + # note - poor privledge separation is used in pyflag + # recommend not sharing with other security consious databases. + # it may be possible to imporve this a bit using manual permission setting. + einfo "Enter mysql root database password:" + echo GRANT ALL PRIVILEGES ON "*.*" TO $USER@localhost \ + IDENTIFIED BY \"$PASSWORD\"\; FLUSH PRIVILEGES\; \ + | /usr/bin/mysql -u root -p + + einfo "Do you want this data to be used for all users (y/n)?" + ewarn "Warning - all credentials will be in a world readable file" + ewarn "This overwrites settings in ${ROOT}/etc/pyflagrc" + read GLOBAL + if [ "${GLOBAL}" == "y" ] || [ "${GLOBAL}" == "Y" ]; then + einfo "updating global settings" + sed -i -e "s:PYFLAG_DBUSER=.*:PYFLAG_DBUSER=$USER:" \ + -e "s:PYFLAG_DBPASSWD=.*:PYFLAG_DBPASSWD=$PASSWORD:" \ + "${ROOT}/etc/pyflagrc" + fi +} |