# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 # $Id$ PortSystem 1.0 name aide version 0.15.1 revision 1 categories security license GPL-2 maintainers nomaintainer description Advanced Intrusion Detection Environment long_description AIDE (Advanced Intrusion Detection Environment) \ is a free replacement for Tripwire. It does the same things as \ the semi-free Tripwire and more. \ It creates a database from the regular expression rules that it \ finds from the config file. Once this database is initialized it \ can be used to verify the integrity of the files. It has several \ message digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that \ are used to check the integrity of the file. More algorithms can \ be added with relative ease. All of the usual file attributes can \ also be checked for inconsistencies. It can read databases from \ older or newer versions. See the manual pages within the distribution \ for further info. There is also a beginning of a manual. homepage http://aide.sourceforge.net/ master_sites sourceforge:project/aide/aide/${version} platforms darwin configure.args --mandir=${prefix}/share/man \ --sysconfdir=${prefix}/etc/aide \ --with-mhash --with-zlib \ --with-locale --disable-static depends_build port:bison port:flex depends_lib port:mhash \ port:gettext patchfiles patch-Makefile.in.diff patch-src-Makefile.in.diff variant universal {} configure.cflags-append "${configure.cflags} [get_canonical_archflags cc]" post-patch { reinplace "s|@@LOCALEDIR@@|${prefix}/share/locale|g" \ ${worksrcpath}/Makefile.in ${worksrcpath}/src/Makefile.in } post-destroot { xinstall -d ${destroot}${prefix}/share/doc/${name} xinstall -d ${destroot}${prefix}/share/examples/${name} xinstall -d ${destroot}${prefix}/etc/${name} xinstall -d ${destroot}${prefix}/libexec/${name} xinstall -d ${destroot}${prefix}/Library/LaunchDaemons xinstall -d ${destroot}${prefix}/var/lib/aide xinstall -d ${destroot}${prefix}/var/log/aide copy ${filespath}/aide.conf ${destroot}${prefix}/share/examples/${name}/ reinplace "s|%%PREFIX%%|${prefix}|g" ${destroot}${prefix}/share/examples/${name}/aide.conf copy ${worksrcpath}/contrib ${destroot}${prefix}/share/examples/${name}/ copy ${worksrcpath}/doc/manual.html ${destroot}${prefix}/share/doc/${name}/ copy ${worksrcpath}/README ${destroot}${prefix}/share/doc/${name}/ xinstall -m 755 ${filespath}/aide-check.cron ${destroot}${prefix}/libexec/${name}/ reinplace "s|%%PREFIX%%|${prefix}|g" ${destroot}${prefix}/libexec/${name}/aide-check.cron copy ${filespath}/org.macports.aide.plist ${destroot}${prefix}/Library/LaunchDaemons/ reinplace "s|%%PREFIX%%|${prefix}|g" ${destroot}${prefix}/Library/LaunchDaemons/org.macports.aide.plist copy ${filespath}/mp-aide.conf ${destroot}${prefix}/share/examples/${name}/ reinplace "s|%%PREFIX%%|${prefix}|g" ${destroot}${prefix}/share/examples/${name}/mp-aide.conf destroot.keepdirs ${destroot}${prefix}/var/lib/aide \ ${destroot}${prefix}/var/log/aide ${destroot}${prefix}/etc/${name} } post-activate { if ![file exists ${prefix}/etc/aide/aide.conf ] { copy ${prefix}/share/examples/${name}/aide.conf ${prefix}/etc/aide/aide.conf } } platform darwin { # darwin doesn't have or need off64_t and friends configure.args-append --disable-lfs } notes " If not existing, a default config has been copied to ${prefix}/etc/aide/aide.conf Review it, especially adjust to your environment. It seems wildcard or @@var are not working there, at least on stable. To initialize database # aide --init A default scheduled task has been set up once a day in ${prefix}/Library/LaunchDaemons/org.macports.aide.plist Check if it fit you and start it like # ln -s ${prefix}/Library/LaunchDaemons/org.macports.aide.plist /Library/LaunchDaemons/ and either one of those commands # launchctl load -w /Library/LaunchDaemons/org.macports.aide.plist # port load aide An example config for rotating logs with system newsyslog is ${prefix}/share/examples/${name}/mp-aide.conf You can install it with # cp ${prefix}/share/examples/${name}/mp-aide.conf /private/etc/newsyslog.d/ You may need to enable permanently postfix so the scheduled task can send email: Edit /System/Library/LaunchDaemons/org.postfix.master.plist Remove the two strings lines with '-e' '60'. Add a 'KeepAlive' Also, default MacOS configuration have /var/root/.forward redirecting email to /dev/null. Either change aide.conf or .forward to get mail report. BUG: cron: only check mode, choice update " if {${subport} eq ${name}} { version 0.15.1 master_sites sourceforge:project/aide/aide/${version} checksums rmd160 80ea88b1c1496bcca57d2d1cdeecdcdfca0fa5cf \ sha256 303e5c186257df8c86e418193199f4ea2183fc37d3d4a9098a614f61346059ef livecheck.type regex livecheck.url ${homepage} livecheck.regex "The current stable version of AIDE is (\\d+\\.\\d+\\.\\d+)" } #subport ${name}-devel { ## http://sourceforge.net/p/aide/code/ci/master/tree/NEWS ## 0.16a2 (2013-05-04) vs last commit 2013-05-20 # version 0.16a2 # master_sites sourceforge:project/aide/devel/${version} # checksums rmd160 92c7d29da4a224b505702a5b624d6dffe54a3aea \ # sha256 b52451816bc85409ea09dc612e32823336f78438afd28248c252912ea8b91b87 # # ## FIXME! build fails on "compare_db.c:114:32: error: initializer element is not a compile-time constant" # # livecheck.type regex # livecheck.url ${homepage} # livecheck.regex "The current development version of AIDE is (\\d+\\.\\w+)" #}