<snip> I just uploaded aide 0.11 to sourceforge: http://sourceforge.net/project/showfiles.php?group_id=86976&package_id=90460&release_id=394548 Thanks to everyone who contributed to this release, including the many testers. This is probably the most overdue release in the history of open source software. It has been more than 2 years since the previous release. The most notable changes since version 0.10 are: * Fixed many, many bugs * Updated automake/autoconf scripts * Use snprintf by Mark Martinec if not in C library * Support for more (legacy) Unix systems and cygwin * Open files with O_NOATIME on supported Linux systems * Added I/ANF/ARF directives </snip>
Any chance we could get this into portage sometime soon? Thanks, -Erinn
Erinn - want to draft a modified ebuild? http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml?part=2&chap=1 Unofficial Developer Manual: http://dev.gentoo.org/~plasmaroo/devmanual/
Created attachment 86679 [details] aide-0.11.ebuild, whithout support nsl, postgresql It just the aide-0.10.ebuild with minor changes. Works fine for me. nls removed, it lead to undefined LOCALEDIR and compilation error. postgresql (I use postgresql 8.1.3) lead to: table.o compare_db.o be.o util.o snprintf.o aide.o -lgcrypt -lmhash -lcrypt -lz db_sql.o: In function `_db_check_result': db_sql.c:(.text+0x1f): undefined reference to `PQresultStatus' db_sql.c:(.text+0x2c): undefined reference to `PQresultStatus' db_sql.c:(.text+0x3c): undefined reference to `PQerrorMessage' db_sql.o: In function `db_writespec_sql': .... Consequeces of PostgreSQL API changes?
I'll test which version it wants to compile against even if I don't use this functionnality.
the ebuild provided here works fine. Was not able to find which postgresql version aide requires to build. Tried with 8.0.8 and 8.1.4
Just found this thread which might be of some interest : http://www.mail-archive.com/aide@cs.tut.fi/msg00926.html
Created attachment 94362 [details] aide-0.11-r1.ebuild with nls support and gentoo scripts
Created attachment 94363 [details, diff] patch to fix NLS configuration
Locale (nls) support is fixed with a simple autoconf correction. The author's input files are wrong. I have no idea if my ebuild successfully compiles with postgres USE as I am unwilling to install it on my system. The ebuild makes use of cron scripts and default configurations from =aide-0.10_p20040917-r1 .
*** Bug 151855 has been marked as a duplicate of this bug. ***
0.11 id=86679 worked for me when renamed to aide-0.12. The other (id=94362) I fixed it to compile on 0.12 but it didn't even install the aide binary (it only touched a few dirs). id=86679 renamed to aide-0.12 sounds a good start (even if it lacks a few euse flags) but it's better than current status. Thanks.
if I can give one tip, I would set /etc/aide and/or the aide.conf to 700
nitpick: aide.conf to 600 of course
Up to 0.13.1 now.
any news on this?
Created attachment 110822 [details] aide-0.13.1.ebuild updated but not finished. 1. autoconf stuff needs to be enforcing. Failing on at least selinux/selinux.h when --without-selinux is selected. 2. not sure if it needs NLS patch 3. more checking of options all assistance welcome and sorry for the delay.
Created attachment 110995 [details] aide-0.13.1.ebuild
Created attachment 110996 [details, diff] files/aide-0.13.1-gentoo.patch
I think "${FILESDIR}"/aide.conf should be rewritten.
Created attachment 111000 [details] aide-0.13.1.ebuild
It'd be nice to see the more recent ebuild added in portage so it can be tested more easily.
Thanks Matsuu, Suggestions on the aide.conf rewrite? Got the following error with USE=curl (curl --version = curl 7.16.1 (i686-pc-linux-gnu) libcurl/7.16.1 GnuTLS/1.6.1 zlib/1.2.3 libidn/0.6.5) i686-pc-linux-gnu-gcc -ggdb3 -ggdb3 -Wl,--as-needed -L/usr/lib -lcurl -L/usr/lib -Wl,-rpath -Wl,/usr/lib -march=athlon-xp -O2 -pipe -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lresolv -ldl -lidn -ldl -L/usr/lib -lgnutls -L/usr/lib -ltasn1 -lgcrypt -lgpg-error -lz -Wl,--as-needed -L/usr/lib -lcurl -L/usr/lib -Wl,-rpath -Wl,/usr/lib -march=athlon-xp -O2 -pipe -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lresolv -ldl -lidn -ldl -L/usr/lib -lgnutls -L/usr/lib -ltasn1 -lgcrypt -lgpg-error -lz -o aide conf_yacc.o conf_lex2.o getopt.o getopt1.o gnu_regex.o error.o md.o db.o commandconf.o db_file.o db_disk.o db_lex2.o db_sql.o gen_list.o list.o do_md.o base64.o symboltable.o compare_db.o be.o util.o snprintf.o fopen.o aide.o -lm -lgcrypt -lgpg-error -lpq -lcrypt -lz fopen.o: In function `fill_buffer': /var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:133: undefined reference to `curl_multi_fdset' /var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:150: undefined reference to `curl_multi_perform' fopen.o: In function `url_fopen': /var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:215: undefined reference to `curl_easy_init' /var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:217: undefined reference to `curl_easy_setopt' /var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:218: undefined reference to `curl_easy_setopt'
I tried unsuccessfully to rewrite aide.conf references from debian. it seems to be chaos. ;) I had no error with curl-7.16.1 on my amd64.
Created attachment 115823 [details] aide-0.13.1.ebuild fixed bug #163687, #153952
*** Bug 174985 has been marked as a duplicate of this bug. ***
Is there any progress with the version bump to 0.13.1? And I read the aide-0.13.1.ebuild but I haven't found any of the configure options for the signing features which are mentioned in the chapter "Database and config signing" of the AIDE Manual (http://www.cs.tut.fi/~rammer/aide/manual.html). Are these features compiled by default or are these options just missing in the ebuild? I think especially the options --enable-forced_dbmd and --enable-forced_configmd are quite important.
I don't use this package, but we need an working, functional ebuild for a security bug...so could someone familiar with it invest some time and provide a fixed ebuild?
Matsuu, did you have time to look at the remaining issues? As pointed out by Christian, this is blocking a security bug.
what issues should be fixed? I think latest ebuild is enough to commit. I think aide.conf issue and comment #26 are able to put off. I coudn't reproduce curl compile issue on my amd64 and x86 env. it WORKSFORME.
(In reply to comment #29) > what issues should be fixed? I think latest ebuild is enough to commit. > I think aide.conf issue and comment #26 are able to put off. > I coudn't reproduce curl compile issue on my amd64 and x86 env. it WORKSFORME. Would you commit it? I guess you're not in the forensics herd, but since they didn't catch up on this and you verified it works.
in cvs.