diff options
author | AlphaJack | 2023-12-28 11:30:13 +0100 |
---|---|---|
committer | AlphaJack | 2023-12-28 12:35:58 +0100 |
commit | b86c090111a2906f1be3eea255eb25805e1261a6 (patch) | |
tree | 29c47bed5b20ec8d153c8be0eadda6a8f23cf80b | |
parent | d2a405bac1790382be88043f1d7085bc8627fa9f (diff) | |
download | aur-b86c090111a2906f1be3eea255eb25805e1261a6.tar.gz |
Updated aide to 0.18.6, added install file, organized configuration in sections
-rw-r--r-- | .SRCINFO | 23 | ||||
-rwxr-xr-x | PKGBUILD | 81 | ||||
-rw-r--r-- | README | 12 | ||||
-rwxr-xr-x | aide.conf | 247 | ||||
-rw-r--r-- | aide.install | 30 | ||||
-rw-r--r-- | mhash.pc | 10 |
6 files changed, 262 insertions, 141 deletions
@@ -1,9 +1,12 @@ pkgbase = aide - pkgdesc = A file integrity checker and intrusion detection program. - pkgver = 0.18.2 - pkgrel = 3 + pkgdesc = A file integrity checker and intrusion detection program + pkgver = 0.18.6 + pkgrel = 1 url = https://aide.github.io/ + install = aide.install arch = x86_64 + arch = armv7h + arch = aarch64 license = GPL depends = acl depends = e2fsprogs @@ -11,12 +14,16 @@ pkgbase = aide depends = mhash depends = pcre backup = etc/aide.conf - source = https://github.com/aide/aide/releases/download/v0.18.2/aide-0.18.2.tar.gz - source = https://github.com/aide/aide/releases/download/v0.18.2/aide-0.18.2.tar.gz.asc + source = https://github.com/aide/aide/releases/download/v0.18.6/aide-0.18.6.tar.gz + source = https://github.com/aide/aide/releases/download/v0.18.6/aide-0.18.6.tar.gz.asc source = aide.conf + source = aidecheck.service + source = aidecheck.timer validpgpkeys = 2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931 - sha256sums = 758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4 - sha256sums = SKIP - sha256sums = dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a + b2sums = 63bb647100820ee1846f8a0585ea8d94e1b7cea1ae593e2d079aea967cf6e2dceb1c92aa9250b1950dac4629326ebf85ac6e7cf2524fa1cf1757b568dad38ed4 + b2sums = SKIP + b2sums = 2e16baf306dcbe5d5207685391bb3e77b80a8caafaeafee3094228ee19671092afc042762523663a1d5155341a5d190c5e6c355d639e1a840efddf56047c05bc + b2sums = fcae2514bffcfe8c2110c8b82d857f39de8c95e0d7d2788bb4945243c127c9566871606b9e4bca39034b624c7bd579f46ed88cb0b86830d6ff16ff1fbb04b081 + b2sums = af16bbf1d69226d445820ba1e7beaba8142a19eb3120f5b58db048083d94ec22f857a28dfe403bd885aafe31b748a10ce9de759480947d4b34b29e2b1a678071 pkgname = aide @@ -1,46 +1,55 @@ -# Maintainer: John Doe <kitterhuff@gmail.com> -# Previous Maintainer: Lukas Jirkovsky <l.jirkovsky@gmail.com> +# Maintainer: AlphaJack <alphajack at tuta dot io> +# Contributor: John Doe <kitterhuff@gmail.com> +# Contributor: Lukas Jirkovsky <l.jirkovsky@gmail.com> # Contributor: Thomas S Hatch <thatch45@gmail.com> # Contributor: Daniel J Griffiths <ghost1227@archlinux.us> # Contributor: Tom Newsom <Jeepster@gmx.co.uk> -pkgname=aide -pkgver=0.18.2 -pkgrel=3 -pkgdesc='A file integrity checker and intrusion detection program.' -arch=('x86_64') +pkgname="aide" +pkgver=0.18.6 +pkgrel=1 +pkgdesc="A file integrity checker and intrusion detection program" +arch=("x86_64" "armv7h" "aarch64") url="https://aide.github.io/" -license=('GPL') -depends=('acl' 'e2fsprogs' 'libelf' 'mhash' 'pcre') -backup=('etc/aide.conf') -source=("https://github.com/aide/aide/releases/download/v${pkgver}/aide-${pkgver}.tar.gz"{,.asc} \ - "aide.conf") -sha256sums=('758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4' # aide-${pkgver}.tar.gz sha256sum - 'SKIP' - 'dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a' # aide.conf chksum - ) +license=("GPL") +depends=("acl" + "e2fsprogs" + "libelf" + "mhash" + "pcre") +source=("https://github.com/aide/aide/releases/download/v$pkgver/aide-$pkgver.tar.gz"{,.asc} \ + "aide.conf" + "aidecheck.service" + "aidecheck.timer") +b2sums=('63bb647100820ee1846f8a0585ea8d94e1b7cea1ae593e2d079aea967cf6e2dceb1c92aa9250b1950dac4629326ebf85ac6e7cf2524fa1cf1757b568dad38ed4' + 'SKIP' + '2e16baf306dcbe5d5207685391bb3e77b80a8caafaeafee3094228ee19671092afc042762523663a1d5155341a5d190c5e6c355d639e1a840efddf56047c05bc' + 'fcae2514bffcfe8c2110c8b82d857f39de8c95e0d7d2788bb4945243c127c9566871606b9e4bca39034b624c7bd579f46ed88cb0b86830d6ff16ff1fbb04b081' + 'af16bbf1d69226d445820ba1e7beaba8142a19eb3120f5b58db048083d94ec22f857a28dfe403bd885aafe31b748a10ce9de759480947d4b34b29e2b1a678071') +validpgpkeys=("2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931") # Hannes von Haugwitz <hannes@vonhaugwitz.com> +backup=("etc/aide.conf") +install="aide.install" -validpgpkeys=('2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931') # Hannes von Haugwitz <hannes@vonhaugwitz.com> - -build() { - cd $srcdir/$pkgname-$pkgver - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc \ - --with-posix-acl \ - --with-prelink \ - --with-xattr \ - --with-zlib \ - --with-e2fsattrs \ - --disable-static - make +build(){ + cd "$pkgname-$pkgver" + ./configure \ + --prefix="/usr" \ + --sysconfdir="/etc" \ + --with-posix-acl \ + --with-xattr \ + --with-zlib \ + --with-e2fsattrs \ + --disable-static + make } -package() { - cd $srcdir/$pkgname-$pkgver - make DESTDIR=$pkgdir install - install -D -m644 $srcdir/aide.conf $pkgdir/etc/aide.conf - install -D -m644 $srcdir/aidecheck.service $pkgdir/usr/lib/systemd/system/aidecheck.service - install -D -m644 $srcdir/aidecheck.timer $pkgdir/usr/lib/systemd/system/aidecheck.timer +package(){ + cd "$pkgname-$pkgver" + make DESTDIR="$pkgdir" install + install -d -m 700 "$pkgdir/var/lib/aide" + install -d -m 700 "$pkgdir/var/log/aide" + install -D -m 600 "$srcdir/aide.conf" "$pkgdir/etc/aide.conf" + install -D -m 644 "$srcdir/aidecheck.service" -t"$pkgdir/usr/lib/systemd/system" + install -D -m 644 "$srcdir/aidecheck.timer" -t "$pkgdir/usr/lib/systemd/system" } diff --git a/README b/README deleted file mode 100644 index 74494bdcbee0..000000000000 --- a/README +++ /dev/null @@ -1,12 +0,0 @@ -Hello! -I'm the current maintainer of the package, -on my machine, aide with mhash capabilities enabled is not compiling -due to the mhash pkg-config file (mhash.pc) missing. - -I've contacted with the current mhash maintainer for a fix, -if you wish to have mhash compatbility to an unknown extent -I've made a provisional mhash.pc file you can drop in "/usr/lib/pkgconfig/". -You'll have to uncomment the relevant line in the PKGBUILD. -I'm hoping this can be resolved ASAP, until then here's my "fix" -Regards, -John diff --git a/aide.conf b/aide.conf index d15780ba27d7..519fc671c175 100755 --- a/aide.conf +++ b/aide.conf @@ -1,5 +1,35 @@ # Example configuration file for AIDE. # More information about configuration options available in the aide.conf manpage. +# Inspired from https://src.fedoraproject.org/rpms/aide/raw/rawhide/f/aide.conf + +# ┌───────────────────────────────────────────────────────────────┐ +# │ CONTENTS OF aide.conf │ +# ├───────────────────────────────────────────────────────────────┘ +# │ +# ├──┐VARIABLES +# │ ├── DATABASE +# │ └── REPORT +# ├──┐RULES +# │ ├── LIST OF ATTRIBUTES +# │ ├── LIST OF CHECKSUMS +# │ └── AVAILABLE RULES +# ├──┐PATHS +# │ ├──┐EXCLUDED +# │ │ ├── ETC +# │ │ ├── USR +# │ │ └── VAR +# │ └──┐INCLUDED +# │ ├── ETC +# │ ├── USR +# │ ├── VAR +# │ └── OTHERS +# │ +# └─────────────────────────────────────────────────────────────── + +# ################################################################ VARIABLES + +# ################################ DATABASE + @@define DBDIR /var/lib/aide @@define LOGDIR /var/log/aide @@ -14,6 +44,8 @@ database_out=file:@@{DBDIR}/aide.db.new.gz # Whether to gzip the output to database gzip_dbout=yes +# ################################ REPORT + # Default. log_level=warning report_level=changed_attributes @@ -21,38 +53,45 @@ report_level=changed_attributes report_url=file:@@{LOGDIR}/aide.log report_url=stdout #report_url=stderr -# -# Here are all the attributes we can check -#p: permissions -#i: inode -#n: number of links -#l: link name -#u: user -#g: group -#s: size -###b: block count -#m: mtime -#a: atime -#c: ctime -#S: check for growing size -#I: ignore changed filename -#ANF: allow new files -#ARF: allow removed files -# - -# Here are all the digests we can use +#NOT IMPLEMENTED report_url=mailto:root@foo.com +#NOT IMPLEMENTED report_url=syslog:LOG_AUTH + +# ################################################################ RULES + +# ################################ LIST OF ATTRIBUTES + +# These are the default parameters we can check against. +#p: permissions +#i: inode: +#n: number of links +#u: user +#g: group +#s: size +#b: block count +#m: mtime +#a: atime +#c: ctime +#S: check for growing size +#acl: Access Control Lists +#selinux SELinux security context (must be enabled at compilation time) +#xattrs: Extended file attributes + +# ################################ LIST OF CHECKSUMS + #md5: md5 checksum #sha1: sha1 checksum #sha256: sha256 checksum #sha512: sha512 checksum #rmd160: rmd160 checksum #tiger: tiger checksum -#haval: haval checksum -#crc32: crc32 checksum -#gost: gost checksum -#whirlpool: whirlpool checksum +#haval: haval checksum (MHASH only) +#gost: gost checksum (MHASH only) +#crc32: crc32 checksum (MHASH only) +#whirlpool: whirlpool checksum (MHASH only) + +# ################################ AVAILABLE RULES -# These are the default rules +# These are the default rules #R: p+i+l+n+u+g+s+m+c+md5 #L: p+i+l+n+u+g #E: Empty group @@ -66,7 +105,8 @@ EVERYTHING = R+ALLXTRAHASHES # Sane, with multiple hashes # NORMAL = R+rmd160+sha256+whirlpool -NORMAL = R+rmd160+sha256 +# NORMAL = R+sha256+sha512 +NORMAL = p+i+l+n+u+g+s+m+c+sha256 # For directories, don't bother doing hashes DIR = p+i+n+u+g+acl+xattrs @@ -77,71 +117,128 @@ PERMS = p+i+u+g+acl # Logfile are special, in that they often change LOG = > -# Just do md5 and sha256 hashes -LSPP = R+sha256 +# Just do sha256 and sha512 hashes +FIPSR = p+i+n+u+g+s+m+c+acl+xattrs+sha256 +LSPP = FIPSR+sha512 # Some files get updated automatically, so the inode/ctime/mtime change # but we want to know when the data inside them changes -DATAONLY = p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger +DATAONLY = p+n+u+g+s+acl+xattrs+sha256 +# ################################################################ PATHS # Next decide what directories/files you want in the database. -/boot NORMAL -/bin NORMAL -/sbin NORMAL -/lib NORMAL -/lib64 NORMAL -/opt NORMAL -/usr NORMAL -/root NORMAL +# ################################ EXCLUDED + +# ################ ETC + +# Ignore backup files +!/etc/.*~ + +# Ignore mtab +!/etc/mtab + +# ################ USR + # These are too volatile !/usr/src !/usr/tmp -# Check only permissions, inode, user and group for /etc, but -# cover some important files closely. -/etc PERMS -!/etc/mtab -# Ignore backup files -!/etc/.*~ -/etc/exports NORMAL -/etc/fstab NORMAL -/etc/passwd NORMAL -/etc/group NORMAL -/etc/gshadow NORMAL -/etc/shadow NORMAL -/etc/security/opasswd NORMAL - -/etc/hosts.allow NORMAL -/etc/hosts.deny NORMAL - -/etc/sudoers NORMAL -/etc/skel NORMAL - -/etc/logrotate.d NORMAL - -/etc/resolv.conf DATAONLY - -/etc/nscd.conf NORMAL -/etc/securetty NORMAL - -# Shell/X starting files -/etc/profile NORMAL -/etc/bashrc NORMAL -/etc/bash_completion.d/ NORMAL -/etc/login.defs NORMAL -/etc/zprofile NORMAL -/etc/zshrc NORMAL -/etc/zlogin NORMAL -/etc/zlogout NORMAL -/etc/profile.d/ NORMAL -/etc/X11/ NORMAL +# ################ VAR # Ignore logs !/var/lib/pacman/.* !/var/cache/.* !/var/log/.* +!/var/log/aide.log !/var/run/.* !/var/spool/.* +# ################################ INCLUDED + +# ################ ETC + +# Check only permissions, inode, user and group for /etc, but cover some important files closely. +/etc PERMS +/etc/aliases FIPSR +/etc/at.allow FIPSR +/etc/at.deny FIPSR +/etc/audit/ FIPSR +/etc/bash_completion.d/ NORMAL +/etc/bashrc NORMAL +/etc/cron.allow FIPSR +/etc/cron.daily/ FIPSR +/etc/cron.deny FIPSR +/etc/cron.d/ FIPSR +/etc/cron.hourly/ FIPSR +/etc/cron.monthly/ FIPSR +/etc/crontab FIPSR +/etc/cron.weekly/ FIPSR +/etc/cups FIPSR +/etc/exports NORMAL +/etc/fstab NORMAL +/etc/group NORMAL +/etc/grub/ FIPSR +/etc/gshadow NORMAL +/etc/hosts.allow NORMAL +/etc/hosts.deny NORMAL +/etc/hosts FIPSR +/etc/inittab FIPSR +/etc/issue FIPSR +/etc/issue.net FIPSR +/etc/ld.so.conf FIPSR +/etc/libaudit.conf FIPSR +/etc/localtime FIPSR +/etc/login.defs FIPSR +/etc/login.defs NORMAL +/etc/logrotate.d NORMAL +/etc/modprobe.conf FIPSR +/etc/nscd.conf NORMAL +/etc/pam.d FIPSR +/etc/passwd NORMAL +/etc/postfix FIPSR +/etc/profile.d/ NORMAL +/etc/profile NORMAL +/etc/rc.d FIPSR +/etc/resolv.conf DATAONLY +/etc/securetty FIPSR +/etc/securetty NORMAL +/etc/security FIPSR +/etc/security/opasswd NORMAL +/etc/shadow NORMAL +/etc/skel NORMAL +/etc/ssh/ssh_config FIPSR +/etc/ssh/sshd_config FIPSR +/etc/stunnel FIPSR +/etc/sudoers NORMAL +/etc/sysconfig FIPSR +/etc/sysctl.conf FIPSR +/etc/vsftpd.ftpusers FIPSR +/etc/vsftpd FIPSR +/etc/X11/ NORMAL +/etc/zlogin NORMAL +/etc/zlogout NORMAL +/etc/zprofile NORMAL +/etc/zshrc NORMAL + +# ################ USR + +/usr NORMAL +/usr/sbin/stunnel FIPSR + +# ################ VAR + +/var/log/faillog FIPSR +/var/log/lastlog FIPSR +/var/spool/at FIPSR +/var/spool/cron/root FIPSR + +# ################ OTHERS + +/boot NORMAL +/bin NORMAL +/lib NORMAL +/lib64 NORMAL +/opt NORMAL +/root NORMAL diff --git a/aide.install b/aide.install new file mode 100644 index 000000000000..b921f926bdf2 --- /dev/null +++ b/aide.install @@ -0,0 +1,30 @@ +post_install(){ + cat <<INFO + +To complete the installation of aide, edit the configuration +file /etc/aide.conf, and check the syntax with + + sudo aide -D + +Then create the database with + + sudo aide --init + +Note that this process will take long (12 min for 600k files), +will not not output anything, and /var/lib/aide/aide.db.new.gz +will appear empty until the process completes. + +To update this database, run + + sudo aide --update + +To enable a daily check against the database, run + + sudo systemctl enable --now aidecheck.timer + +You can check the results from /var/log/aide.log or by running + + sudo journalctl -abu aidecheck + +INFO +} diff --git a/mhash.pc b/mhash.pc deleted file mode 100644 index 326b99cd0103..000000000000 --- a/mhash.pc +++ /dev/null @@ -1,10 +0,0 @@ -Name: mhash -Description: A substitution to a probably non-existant mhash.pc -Version: 0.9.9.9-5 -Cflags: -I${includedir} -prefix=/usr -Libs: -l mhash -exec_prefix=${prefix} -libdir=${exec_prefix}/lib -includedir=${prefix}/include - |