Updated aide to 0.18.6, added install file, organized configuration in sections

6 files changed, 262 insertions, 141 deletions

diff --git a/.SRCINFO b/.SRCINFO
index da32649f7a0e..307bac96ebba 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,9 +1,12 @@
 pkgbase = aide
-	pkgdesc = A file integrity checker and intrusion detection program.
-	pkgver = 0.18.2
-	pkgrel = 3
+	pkgdesc = A file integrity checker and intrusion detection program
+	pkgver = 0.18.6
+	pkgrel = 1
 	url = https://aide.github.io/
+	install = aide.install
 	arch = x86_64
+	arch = armv7h
+	arch = aarch64
 	license = GPL
 	depends = acl
 	depends = e2fsprogs
@@ -11,12 +14,16 @@ pkgbase = aide
 	depends = mhash
 	depends = pcre
 	backup = etc/aide.conf
-	source = https://github.com/aide/aide/releases/download/v0.18.2/aide-0.18.2.tar.gz
-	source = https://github.com/aide/aide/releases/download/v0.18.2/aide-0.18.2.tar.gz.asc
+	source = https://github.com/aide/aide/releases/download/v0.18.6/aide-0.18.6.tar.gz
+	source = https://github.com/aide/aide/releases/download/v0.18.6/aide-0.18.6.tar.gz.asc
 	source = aide.conf
+	source = aidecheck.service
+	source = aidecheck.timer
 	validpgpkeys = 2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931
-	sha256sums = 758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4
-	sha256sums = SKIP
-	sha256sums = dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a
+	b2sums = 63bb647100820ee1846f8a0585ea8d94e1b7cea1ae593e2d079aea967cf6e2dceb1c92aa9250b1950dac4629326ebf85ac6e7cf2524fa1cf1757b568dad38ed4
+	b2sums = SKIP
+	b2sums = 2e16baf306dcbe5d5207685391bb3e77b80a8caafaeafee3094228ee19671092afc042762523663a1d5155341a5d190c5e6c355d639e1a840efddf56047c05bc
+	b2sums = fcae2514bffcfe8c2110c8b82d857f39de8c95e0d7d2788bb4945243c127c9566871606b9e4bca39034b624c7bd579f46ed88cb0b86830d6ff16ff1fbb04b081
+	b2sums = af16bbf1d69226d445820ba1e7beaba8142a19eb3120f5b58db048083d94ec22f857a28dfe403bd885aafe31b748a10ce9de759480947d4b34b29e2b1a678071
 
 pkgname = aide
diff --git a/PKGBUILD b/PKGBUILD
index ec24beae3c23..0b1bf7056ba3 100755
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,46 +1,55 @@
-# Maintainer: John Doe <kitterhuff@gmail.com>
-# Previous Maintainer: Lukas Jirkovsky <l.jirkovsky@gmail.com>
+# Maintainer: AlphaJack <alphajack at tuta dot io>
+# Contributor: John Doe <kitterhuff@gmail.com>
+# Contributor: Lukas Jirkovsky <l.jirkovsky@gmail.com>
 # Contributor: Thomas S Hatch <thatch45@gmail.com>
 # Contributor: Daniel J Griffiths <ghost1227@archlinux.us>
 # Contributor: Tom Newsom <Jeepster@gmx.co.uk>
 
-pkgname=aide
-pkgver=0.18.2
-pkgrel=3
-pkgdesc='A file integrity checker and intrusion detection program.'
-arch=('x86_64')
+pkgname="aide"
+pkgver=0.18.6
+pkgrel=1
+pkgdesc="A file integrity checker and intrusion detection program"
+arch=("x86_64" "armv7h" "aarch64")
 url="https://aide.github.io/"
-license=('GPL')
-depends=('acl' 'e2fsprogs' 'libelf' 'mhash' 'pcre')
-backup=('etc/aide.conf')
-source=("https://github.com/aide/aide/releases/download/v${pkgver}/aide-${pkgver}.tar.gz"{,.asc} \
-        "aide.conf")
-sha256sums=('758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4' # aide-${pkgver}.tar.gz sha256sum
-             'SKIP'
-             'dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a' # aide.conf chksum
-             )
+license=("GPL")
+depends=("acl"
+         "e2fsprogs"
+         "libelf"
+         "mhash"
+         "pcre")
+source=("https://github.com/aide/aide/releases/download/v$pkgver/aide-$pkgver.tar.gz"{,.asc} \
+        "aide.conf"
+        "aidecheck.service"
+        "aidecheck.timer")
+b2sums=('63bb647100820ee1846f8a0585ea8d94e1b7cea1ae593e2d079aea967cf6e2dceb1c92aa9250b1950dac4629326ebf85ac6e7cf2524fa1cf1757b568dad38ed4'
+        'SKIP'
+        '2e16baf306dcbe5d5207685391bb3e77b80a8caafaeafee3094228ee19671092afc042762523663a1d5155341a5d190c5e6c355d639e1a840efddf56047c05bc'
+        'fcae2514bffcfe8c2110c8b82d857f39de8c95e0d7d2788bb4945243c127c9566871606b9e4bca39034b624c7bd579f46ed88cb0b86830d6ff16ff1fbb04b081'
+        'af16bbf1d69226d445820ba1e7beaba8142a19eb3120f5b58db048083d94ec22f857a28dfe403bd885aafe31b748a10ce9de759480947d4b34b29e2b1a678071')
+validpgpkeys=("2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931") # Hannes von Haugwitz <hannes@vonhaugwitz.com>
+backup=("etc/aide.conf")
+install="aide.install"
 
-validpgpkeys=('2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931') # Hannes von Haugwitz <hannes@vonhaugwitz.com>
-
-build() {
-	cd $srcdir/$pkgname-$pkgver
-	./configure \
-        --prefix=/usr \
-        --sysconfdir=/etc \
-	--with-posix-acl \
-        --with-prelink \
-        --with-xattr \
-        --with-zlib \
-        --with-e2fsattrs \
-        --disable-static
-	make
+build(){
+ cd "$pkgname-$pkgver"
+ ./configure \
+  --prefix="/usr" \
+  --sysconfdir="/etc" \
+  --with-posix-acl \
+  --with-xattr \
+  --with-zlib \
+  --with-e2fsattrs \
+  --disable-static
+ make
 }
 
-package() {
-	cd $srcdir/$pkgname-$pkgver
-	make DESTDIR=$pkgdir install
-	install -D -m644 $srcdir/aide.conf $pkgdir/etc/aide.conf
-	install -D -m644 $srcdir/aidecheck.service $pkgdir/usr/lib/systemd/system/aidecheck.service
-	install -D -m644 $srcdir/aidecheck.timer $pkgdir/usr/lib/systemd/system/aidecheck.timer
+package(){
+ cd "$pkgname-$pkgver"
+ make DESTDIR="$pkgdir" install
+ install -d -m 700 "$pkgdir/var/lib/aide"
+ install -d -m 700 "$pkgdir/var/log/aide"
+ install -D -m 600 "$srcdir/aide.conf" "$pkgdir/etc/aide.conf"
+ install -D -m 644 "$srcdir/aidecheck.service" -t"$pkgdir/usr/lib/systemd/system"
+ install -D -m 644 "$srcdir/aidecheck.timer"   -t "$pkgdir/usr/lib/systemd/system"
 }
 
diff --git a/README b/README
deleted file mode 100644
index 74494bdcbee0..000000000000
--- a/README
+++ /dev/null
@@ -1,12 +0,0 @@
-Hello!
-I'm the current maintainer of the package, 
-on my machine, aide with mhash capabilities enabled is not compiling 
-due to the mhash pkg-config file (mhash.pc) missing.  
-
-I've contacted with the current mhash maintainer for a fix, 
-if you wish to have mhash compatbility to an unknown extent 
-I've made a provisional mhash.pc file you can drop in "/usr/lib/pkgconfig/".
-You'll have to uncomment the relevant line in the PKGBUILD.
-I'm hoping this can be resolved ASAP, until then here's my "fix"
-Regards,
-John
diff --git a/aide.conf b/aide.conf
index d15780ba27d7..519fc671c175 100755
--- a/aide.conf
+++ b/aide.conf
@@ -1,5 +1,35 @@
 # Example configuration file for AIDE.
 # More information about configuration options available in the aide.conf manpage.
+# Inspired from https://src.fedoraproject.org/rpms/aide/raw/rawhide/f/aide.conf
+
+# ┌───────────────────────────────────────────────────────────────┐
+# │ CONTENTS OF aide.conf                                         │
+# ├───────────────────────────────────────────────────────────────┘
+# │
+# ├──┐VARIABLES
+# │  ├── DATABASE
+# │  └── REPORT
+# ├──┐RULES
+# │  ├── LIST OF ATTRIBUTES
+# │  ├── LIST OF CHECKSUMS
+# │  └── AVAILABLE RULES
+# ├──┐PATHS
+# │  ├──┐EXCLUDED
+# │  │  ├── ETC
+# │  │  ├── USR
+# │  │  └── VAR
+# │  └──┐INCLUDED
+# │     ├── ETC
+# │     ├── USR
+# │     ├── VAR
+# │     └── OTHERS
+# │
+# └───────────────────────────────────────────────────────────────
+
+# ################################################################ VARIABLES
+
+# ################################ DATABASE
+
 @@define DBDIR /var/lib/aide
 @@define LOGDIR /var/log/aide
 
@@ -14,6 +44,8 @@ database_out=file:@@{DBDIR}/aide.db.new.gz
 # Whether to gzip the output to database
 gzip_dbout=yes
 
+# ################################ REPORT
+
 # Default.
 log_level=warning
 report_level=changed_attributes
@@ -21,38 +53,45 @@ report_level=changed_attributes
 report_url=file:@@{LOGDIR}/aide.log
 report_url=stdout
 #report_url=stderr
-# 
-# Here are all the attributes we can check
-#p:       permissions
-#i:       inode
-#n:       number of links
-#l:       link name
-#u:       user
-#g:       group
-#s:       size
-###b:        block count
-#m:       mtime
-#a:       atime
-#c:       ctime
-#S:       check for growing size
-#I:       ignore changed filename
-#ANF:     allow new files
-#ARF:     allow removed files
-#
-
-# Here are all the digests we can use
+#NOT IMPLEMENTED report_url=mailto:root@foo.com
+#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
+
+# ################################################################ RULES
+
+# ################################ LIST OF ATTRIBUTES
+
+# These are the default parameters we can check against.
+#p:             permissions
+#i:             inode:
+#n:             number of links
+#u:             user
+#g:             group
+#s:             size
+#b:             block count
+#m:             mtime
+#a:             atime
+#c:             ctime
+#S:             check for growing size
+#acl:           Access Control Lists
+#selinux        SELinux security context (must be enabled at compilation time)
+#xattrs:        Extended file attributes
+
+# ################################ LIST OF CHECKSUMS
+
 #md5:           md5 checksum
 #sha1:          sha1 checksum
 #sha256:        sha256 checksum
 #sha512:        sha512 checksum
 #rmd160:        rmd160 checksum
 #tiger:         tiger checksum
-#haval:         haval checksum
-#crc32:         crc32 checksum
-#gost:          gost checksum
-#whirlpool:     whirlpool checksum
+#haval:         haval checksum (MHASH only)
+#gost:          gost checksum (MHASH only)
+#crc32:         crc32 checksum (MHASH only)
+#whirlpool:     whirlpool checksum (MHASH only)
+
+# ################################ AVAILABLE RULES
 
-# These are the default rules 
+# These are the default rules
 #R:             p+i+l+n+u+g+s+m+c+md5
 #L:             p+i+l+n+u+g
 #E:             Empty group
@@ -66,7 +105,8 @@ EVERYTHING = R+ALLXTRAHASHES
 
 # Sane, with multiple hashes
 # NORMAL = R+rmd160+sha256+whirlpool
-NORMAL = R+rmd160+sha256
+# NORMAL = R+sha256+sha512
+NORMAL = p+i+l+n+u+g+s+m+c+sha256
 
 # For directories, don't bother doing hashes
 DIR = p+i+n+u+g+acl+xattrs
@@ -77,71 +117,128 @@ PERMS = p+i+u+g+acl
 # Logfile are special, in that they often change
 LOG = >
 
-# Just do md5 and sha256 hashes
-LSPP = R+sha256
+# Just do sha256 and sha512 hashes
+FIPSR = p+i+n+u+g+s+m+c+acl+xattrs+sha256
+LSPP = FIPSR+sha512
 
 # Some files get updated automatically, so the inode/ctime/mtime change
 # but we want to know when the data inside them changes
-DATAONLY =  p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger
+DATAONLY = p+n+u+g+s+acl+xattrs+sha256
 
+# ################################################################ PATHS
 
 # Next decide what directories/files you want in the database.
 
-/boot   NORMAL
-/bin    NORMAL
-/sbin   NORMAL
-/lib    NORMAL
-/lib64  NORMAL
-/opt    NORMAL
-/usr    NORMAL
-/root   NORMAL
+# ################################ EXCLUDED
+
+# ################ ETC
+
+# Ignore backup files
+!/etc/.*~
+
+# Ignore mtab
+!/etc/mtab
+
+# ################ USR
+
 # These are too volatile
 !/usr/src
 !/usr/tmp
 
-# Check only permissions, inode, user and group for /etc, but
-# cover some important files closely.
-/etc    PERMS
-!/etc/mtab
-# Ignore backup files
-!/etc/.*~
-/etc/exports  NORMAL
-/etc/fstab    NORMAL
-/etc/passwd   NORMAL
-/etc/group    NORMAL
-/etc/gshadow  NORMAL
-/etc/shadow   NORMAL
-/etc/security/opasswd   NORMAL
-
-/etc/hosts.allow   NORMAL
-/etc/hosts.deny    NORMAL
-
-/etc/sudoers NORMAL
-/etc/skel NORMAL
-
-/etc/logrotate.d NORMAL
-
-/etc/resolv.conf DATAONLY
-
-/etc/nscd.conf NORMAL
-/etc/securetty NORMAL
-
-# Shell/X starting files
-/etc/profile NORMAL
-/etc/bashrc NORMAL
-/etc/bash_completion.d/ NORMAL
-/etc/login.defs NORMAL
-/etc/zprofile NORMAL
-/etc/zshrc NORMAL
-/etc/zlogin NORMAL
-/etc/zlogout NORMAL
-/etc/profile.d/ NORMAL
-/etc/X11/ NORMAL
+# ################ VAR
 
 # Ignore logs
 !/var/lib/pacman/.*
 !/var/cache/.*
 !/var/log/.*  
+!/var/log/aide.log
 !/var/run/.*  
 !/var/spool/.*
 
+# ################################ INCLUDED
+
+# ################ ETC
+
+# Check only permissions, inode, user and group for /etc, but cover some important files closely.
+/etc                               PERMS
+/etc/aliases                       FIPSR
+/etc/at.allow                      FIPSR
+/etc/at.deny                       FIPSR
+/etc/audit/                        FIPSR
+/etc/bash_completion.d/            NORMAL
+/etc/bashrc                        NORMAL
+/etc/cron.allow                    FIPSR
+/etc/cron.daily/                   FIPSR
+/etc/cron.deny                     FIPSR
+/etc/cron.d/                       FIPSR
+/etc/cron.hourly/                  FIPSR
+/etc/cron.monthly/                 FIPSR
+/etc/crontab                       FIPSR
+/etc/cron.weekly/                  FIPSR
+/etc/cups                          FIPSR
+/etc/exports                       NORMAL
+/etc/fstab                         NORMAL
+/etc/group                         NORMAL
+/etc/grub/                         FIPSR
+/etc/gshadow                       NORMAL
+/etc/hosts.allow                   NORMAL
+/etc/hosts.deny                    NORMAL
+/etc/hosts                         FIPSR
+/etc/inittab                       FIPSR
+/etc/issue                         FIPSR
+/etc/issue.net                     FIPSR
+/etc/ld.so.conf                    FIPSR
+/etc/libaudit.conf                 FIPSR
+/etc/localtime                     FIPSR
+/etc/login.defs                    FIPSR
+/etc/login.defs                    NORMAL
+/etc/logrotate.d                   NORMAL
+/etc/modprobe.conf                 FIPSR
+/etc/nscd.conf                     NORMAL
+/etc/pam.d                         FIPSR
+/etc/passwd                        NORMAL
+/etc/postfix                       FIPSR
+/etc/profile.d/                    NORMAL
+/etc/profile                       NORMAL
+/etc/rc.d                          FIPSR
+/etc/resolv.conf                   DATAONLY
+/etc/securetty                     FIPSR
+/etc/securetty                     NORMAL
+/etc/security                      FIPSR
+/etc/security/opasswd              NORMAL
+/etc/shadow                        NORMAL
+/etc/skel                          NORMAL
+/etc/ssh/ssh_config                FIPSR
+/etc/ssh/sshd_config               FIPSR
+/etc/stunnel                       FIPSR
+/etc/sudoers                       NORMAL
+/etc/sysconfig                     FIPSR
+/etc/sysctl.conf                   FIPSR
+/etc/vsftpd.ftpusers               FIPSR
+/etc/vsftpd                        FIPSR
+/etc/X11/                          NORMAL
+/etc/zlogin                        NORMAL
+/etc/zlogout                       NORMAL
+/etc/zprofile                      NORMAL
+/etc/zshrc                         NORMAL
+
+# ################ USR
+
+/usr                               NORMAL
+/usr/sbin/stunnel                  FIPSR
+
+# ################ VAR
+
+/var/log/faillog                   FIPSR
+/var/log/lastlog                   FIPSR
+/var/spool/at                      FIPSR
+/var/spool/cron/root               FIPSR
+
+# ################ OTHERS
+
+/boot                              NORMAL
+/bin                               NORMAL
+/lib                               NORMAL
+/lib64                             NORMAL
+/opt                               NORMAL
+/root                              NORMAL
diff --git a/aide.install b/aide.install
new file mode 100644
index 000000000000..b921f926bdf2
--- /dev/null
+++ b/aide.install
@@ -0,0 +1,30 @@
+post_install(){
+ cat <<INFO
+
+To complete the installation of aide, edit the configuration
+file /etc/aide.conf, and check the syntax with
+
+    sudo aide -D
+
+Then create the database with
+
+    sudo aide --init
+    
+Note that this process will take long (12 min for 600k files),
+will not not output anything, and /var/lib/aide/aide.db.new.gz
+will appear empty until the process completes.
+
+To update this database, run
+
+    sudo aide --update
+
+To enable a daily check against the database, run
+
+    sudo systemctl enable --now aidecheck.timer
+    
+You can check the results from /var/log/aide.log or by running
+
+    sudo journalctl -abu aidecheck
+
+INFO
+}
diff --git a/mhash.pc b/mhash.pc
deleted file mode 100644
index 326b99cd0103..000000000000
--- a/mhash.pc
+++ /dev/null
@@ -1,10 +0,0 @@
-Name: mhash
-Description: A substitution to a probably non-existant mhash.pc
-Version: 0.9.9.9-5
-Cflags: -I${includedir}
-prefix=/usr
-Libs: -l mhash
-exec_prefix=${prefix}
-libdir=${exec_prefix}/lib
-includedir=${prefix}/include
-