Bug 126694

Any chance we could get this into portage sometime soon?

Thanks,
-Erinn

Comment 2 Daniel Black (RETIRED) 2006-04-23 04:34:04 UTC

Erinn - want to draft a modified ebuild?

http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml?part=2&chap=1
Unofficial Developer Manual: http://dev.gentoo.org/~plasmaroo/devmanual/ 

Created attachment 86679 [details]
aide-0.11.ebuild, whithout support nsl, postgresql

It just the aide-0.10.ebuild with minor changes. Works fine for me.

nls removed, it lead to undefined LOCALEDIR and compilation error.

postgresql (I use postgresql 8.1.3) lead to:
table.o compare_db.o be.o util.o snprintf.o aide.o -lgcrypt -lmhash  -lcrypt -lz
db_sql.o: In function `_db_check_result':
db_sql.c:(.text+0x1f): undefined reference to `PQresultStatus'
db_sql.c:(.text+0x2c): undefined reference to `PQresultStatus'
db_sql.c:(.text+0x3c): undefined reference to `PQerrorMessage'
db_sql.o: In function `db_writespec_sql':
....
Consequeces of PostgreSQL API changes?

Comment 4 Gilles Dartiguelongue (RETIRED) 2006-06-15 05:37:04 UTC

I'll test which version it wants to compile against even if I don't use this functionnality.

Comment 5 Gilles Dartiguelongue (RETIRED) 2006-07-17 08:22:27 UTC

the ebuild provided here works fine.
Was not able to find which postgresql version aide requires to build.
Tried with 8.0.8 and 8.1.4

Comment 6 Gilles Dartiguelongue (RETIRED) 2006-07-17 08:35:12 UTC

Just found this thread which might be of some interest : http://www.mail-archive.com/aide@cs.tut.fi/msg00926.html

Created attachment 94362 [details]
aide-0.11-r1.ebuild with nls support and gentoo scripts

Created attachment 94363 [details, diff]
patch to fix NLS configuration

Locale (nls) support is fixed with a simple autoconf correction.  The author's input files are wrong.

I have no idea if my ebuild successfully compiles with postgres USE as I am unwilling to install it on my system.  The ebuild makes use of cron scripts and default configurations from =aide-0.10_p20040917-r1 .

Comment 10 Jakub Moc (RETIRED) 2006-10-18 11:25:21 UTC

*** Bug 151855 has been marked as a duplicate of this bug. ***

0.11 id=86679 worked for me when renamed to aide-0.12.

The other (id=94362) I fixed it to compile on 0.12 but it didn't even install the aide binary (it only touched a few dirs).

id=86679 renamed to aide-0.12 sounds a good start (even if it lacks a few euse flags) but it's better than current status.

Thanks.

if I can give one tip, I would set /etc/aide and/or the aide.conf to 700

nitpick: aide.conf to 600 of course

Up to 0.13.1 now.

Comment 15 Wolfram Schlich (RETIRED) 2007-02-20 16:25:05 UTC

any news on this?

Comment 16 Daniel Black (RETIRED) 2007-02-21 12:12:15 UTC

Created attachment 110822 [details]
aide-0.13.1.ebuild

updated but not finished.

1. autoconf stuff needs to be enforcing. Failing on at least selinux/selinux.h when --without-selinux is selected.
2. not sure if it needs NLS patch
3. more checking of options

all assistance welcome and sorry for the delay.

Comment 17 MATSUU Takuto (RETIRED) 2007-02-22 17:07:58 UTC

Created attachment 110995 [details]
aide-0.13.1.ebuild

Comment 18 MATSUU Takuto (RETIRED) 2007-02-22 17:08:24 UTC

Created attachment 110996 [details, diff]
files/aide-0.13.1-gentoo.patch

Comment 19 MATSUU Takuto (RETIRED) 2007-02-22 17:11:00 UTC

I think "${FILESDIR}"/aide.conf should be rewritten.

Comment 20 MATSUU Takuto (RETIRED) 2007-02-22 17:28:52 UTC

Created attachment 111000 [details]
aide-0.13.1.ebuild

It'd be nice to see the more recent ebuild added in portage so it can be tested more easily.

Comment 22 Daniel Black (RETIRED) 2007-02-25 21:40:05 UTC

Thanks Matsuu,

Suggestions on the aide.conf  rewrite?

Got the following error with USE=curl (curl --version = curl 7.16.1 (i686-pc-linux-gnu) libcurl/7.16.1 GnuTLS/1.6.1 zlib/1.2.3 libidn/0.6.5)

i686-pc-linux-gnu-gcc -ggdb3    -ggdb3   -Wl,--as-needed -L/usr/lib -lcurl -L/usr/lib -Wl,-rpath -Wl,/usr/lib -march=athlon-xp -O2 -pipe -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lresolv -ldl -lidn -ldl -L/usr/lib -lgnutls -L/usr/lib -ltasn1 -lgcrypt -lgpg-error -lz   -Wl,--as-needed -L/usr/lib -lcurl -L/usr/lib -Wl,-rpath -Wl,/usr/lib -march=athlon-xp -O2 -pipe -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lresolv -ldl -lidn -ldl -L/usr/lib -lgnutls -L/usr/lib -ltasn1 -lgcrypt -lgpg-error -lz  -o aide conf_yacc.o conf_lex2.o getopt.o getopt1.o gnu_regex.o error.o md.o db.o commandconf.o db_file.o db_disk.o db_lex2.o db_sql.o gen_list.o list.o do_md.o base64.o symboltable.o compare_db.o be.o util.o snprintf.o fopen.o aide.o -lm  -lgcrypt -lgpg-error     -lpq -lcrypt -lz
fopen.o: In function `fill_buffer':
/var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:133: undefined reference to `curl_multi_fdset'
/var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:150: undefined reference to `curl_multi_perform'
fopen.o: In function `url_fopen':
/var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:215: undefined reference to `curl_easy_init'
/var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:217: undefined reference to `curl_easy_setopt'
/var/tmp/portage/app-forensics/aide-0.13.1/work/aide-0.13.1/src/fopen.c:218: undefined reference to `curl_easy_setopt'

Comment 23 MATSUU Takuto (RETIRED) 2007-04-09 14:19:34 UTC

I tried unsuccessfully to rewrite aide.conf references from debian. it seems to be chaos. ;)
I had no error with curl-7.16.1 on my amd64.

Comment 24 MATSUU Takuto (RETIRED) 2007-04-09 14:21:52 UTC

Created attachment 115823 [details]
aide-0.13.1.ebuild

fixed bug #163687, #153952

Comment 25 MATSUU Takuto (RETIRED) 2007-05-18 08:01:47 UTC

*** Bug 174985 has been marked as a duplicate of this bug. ***

Is there any progress with the version bump to 0.13.1?

And I read the aide-0.13.1.ebuild but I haven't found any of the configure options for the signing features which are mentioned in the chapter "Database and config signing" of the AIDE Manual (http://www.cs.tut.fi/~rammer/aide/manual.html).

Are these features compiled by default or are these options just missing in the ebuild?

I think especially the options --enable-forced_dbmd and --enable-forced_configmd are quite important.

Comment 27 Christian Faulhammer (RETIRED) 2007-09-08 22:26:06 UTC

I don't use this package, but we need an working, functional ebuild for a security bug...so could someone familiar with it invest some time and provide a fixed ebuild?

Comment 28 Robert Buchholz (RETIRED) 2007-09-24 22:03:26 UTC

Matsuu, did you have time to look at the remaining issues?
As pointed out by Christian, this is blocking a security bug.

Comment 29 MATSUU Takuto (RETIRED) 2007-09-25 17:24:21 UTC

what issues should be fixed? I think latest ebuild is enough to commit.
I think aide.conf issue and comment #26 are able to put off.
I coudn't reproduce curl compile issue on my amd64 and x86 env. it WORKSFORME.

Comment 30 Robert Buchholz (RETIRED) 2007-09-26 10:57:53 UTC

(In reply to comment #29)
> what issues should be fixed? I think latest ebuild is enough to commit.
> I think aide.conf issue and comment #26 are able to put off.
> I coudn't reproduce curl compile issue on my amd64 and x86 env. it WORKSFORME.

Would you commit it? I guess you're not in the forensics herd, but since they didn't catch up on this and you verified it works.

Comment 31 MATSUU Takuto (RETIRED) 2007-09-26 17:16:04 UTC

in cvs.