initial import as per bug #73301

Package-Manager: portage-2.1_pre3-r1

6 files changed, 256 insertions, 0 deletions

diff --git a/app-forensics/pyflag/ChangeLog b/app-forensics/pyflag/ChangeLog
new file mode 100644
index 000000000000..78a3cbf30790
--- /dev/null
+++ b/app-forensics/pyflag/ChangeLog
@@ -0,0 +1,10 @@
+# ChangeLog for app-forensics/pyflag
+# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/ChangeLog,v 1.1 2006/01/22 05:54:14 dragonheart Exp $
+
+*pyflag-0.80 (22 Jan 2006)
+
+  22 Jan 2006; Daniel Black <dragonheart@gentoo.org>
+  +files/pyflag-0.80-nodbtool.patch, +metadata.xml, +pyflag-0.80.ebuild:
+  initial import as per bug #73301
+
diff --git a/app-forensics/pyflag/Manifest b/app-forensics/pyflag/Manifest
new file mode 100644
index 000000000000..bfb5c6b1ba74
--- /dev/null
+++ b/app-forensics/pyflag/Manifest
@@ -0,0 +1,15 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+MD5 4501a8236273c0138db3cf4d4b9114df ChangeLog 408
+MD5 a3edd9f59a1c4290729470fc03f75d8c files/digest-pyflag-0.80 63
+MD5 a5c5ecb770c6d3295f58b2c80d768f29 files/pyflag-0.80-nodbtool.patch 4484
+MD5 337a7b8bb8752ec54a72b7429432af11 metadata.xml 841
+MD5 5383b90390b722e3b2d0b82e5588067e pyflag-0.80.ebuild 2859
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.2-ecc0.1.6 (GNU/Linux)
+
+iD8DBQFD0yKRmdTrptrqvGERAisgAJ9Fu4kfUgL+zKzX6JWraSDeEApETQCcCm0/
+ebk3QK4hQY0urCbbQajWL/w=
+=g80f
+-----END PGP SIGNATURE-----
diff --git a/app-forensics/pyflag/files/digest-pyflag-0.80 b/app-forensics/pyflag/files/digest-pyflag-0.80
new file mode 100644
index 000000000000..0638e5ed0ee9
--- /dev/null
+++ b/app-forensics/pyflag/files/digest-pyflag-0.80
@@ -0,0 +1 @@
+MD5 9cdb3cd401a410fc89e2e30cf5055cea pyflag-0.80.tar.gz 984995
diff --git a/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch b/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch
new file mode 100644
index 000000000000..29c838b84688
--- /dev/null
+++ b/app-forensics/pyflag/files/pyflag-0.80-nodbtool.patch
@@ -0,0 +1,109 @@
+diff -ru pyflag-0.80-orig/configure.in pyflag-0.80/configure.in
+--- pyflag-0.80-orig/configure.in	2006-01-19 09:43:16.000000000 +1100
++++ pyflag-0.80/configure.in	2006-01-20 20:03:04.000000000 +1100
+@@ -11,7 +11,14 @@
+ AC_CHECK_HEADER(zlib.h,,AC_MSG_ERROR([You Must install zlib-dev to build pyflag]))
+ AC_CHECK_HEADER(pcap.h,,AC_MSG_ERROR([You Must install libpcap-dev to build pyflag]))
+ AC_CHECK_HEADER(magic.h,,AC_MSG_ERROR([You Must install libmagic-dev to build pyflag this may be part of file the package for some distros]))
++
++# if we have dbtool don't need sleuthkit
++AC_CHECK_PROG([HAVE_DBTOOL],dbtool,"yes", "no")
++if test "x$HAVE_DBTOOL" = xno
++then
+ AC_CHECK_FILE(src/filesystems/sleuthkit-2.03.tar.gz,,AC_MSG_ERROR([You Must download sleuthkit-2.03.tar.gz and place in src/filesystems ]))
++fi
++AM_CONDITIONAL(HAVE_DBTOOL, test x$HAVE_DBTOOL = xyes)
+ 
+ # python checks 
+ # (requires autoconf 1.5+ and the macros in acinclude.m4)
+diff -ru pyflag-0.80-orig/src/Makefile.am pyflag-0.80/src/Makefile.am
+--- pyflag-0.80-orig/src/Makefile.am	2006-01-09 12:13:40.000000000 +1100
++++ pyflag-0.80/src/Makefile.am	2006-01-20 20:03:04.000000000 +1100
+@@ -1,4 +1,10 @@
+-SUBDIRS = lib mailtools indextools network regtools virustools filesystems include
++
++SUBDIRS = lib mailtools indextools network regtools virustools include
++
++if HAVE_DBTOOL
++else
++SUBDIRS+=filesystems
++endif
+ 
+ # main pyflag (python) application
+ # not sure how to do this recursively
+diff -ru pyflag-0.80-slightlypatched/configure.in pyflag-0.80/configure.in
+--- pyflag-0.80-slightlypatched/configure.in	2006-01-20 20:42:03.000000000 +1100
++++ pyflag-0.80/configure.in	2006-01-20 20:42:52.000000000 +1100
+@@ -44,7 +44,7 @@
+ fi
+ 
+ # try to find magic files
+-AC_ARG_WITH(magic, AC_HELP_STRING([--with-magic], [specify a colon-separated list of system magic files, default autodetect]),,[magic=$(file -v | tail -1 | awk '{print $4}')])
++AC_ARG_WITH(magic, AC_HELP_STRING([--with-magic], [specify a colon-separated list of system magic files, default autodetect]),,[magic=$(file -v | tail -n 1 | awk '{print $4}')])
+ AC_SUBST(magic)
+             
+ 
+--- pyflag-0.80-old/src/plugins/Configuration.py	2006-01-19 09:43:16.000000000 +1100
++++ pyflag-0.80/src/plugins/Configuration.py	2006-01-22 13:00:26.000000000 +1100
+@@ -3,6 +3,7 @@
+ config=pyflag.conf.ConfObject()
+ import os
+ import DB
++import stat
+ 
+ class Configure(Reports.report):
+     """ Configures pyflag """
+@@ -38,7 +39,8 @@
+                 result.para("We do not seem to have enough privileges to access %s, or the path (%s) does not exist" %(k,config.__class__.__dict__[k]))
+                 return
+ 
+-        fd=open(os.environ['HOME'] + '/.pyflagrc', 'a+', S_IRWXU)
++        fd=open(os.environ['HOME'] + '/.pyflagrc', 'a+') #, os.S_IRWXU)
++	os.chmod(os.environ['HOME'] + '/.pyflagrc',  stat.S_IRWXU)
+ 	## TODO Think append is wrong?
+         result.para("Writing new $HOME/.pyflagrc")
+ 
+--- pyflag-0.80/Makefile.am	2006-01-19 09:00:50.000000000 +1100
++++ pyflag-0.80.new/Makefile.am	2006-01-22 13:04:54.000000000 +1100
+@@ -10,7 +10,7 @@
+ # perform subs in scripts and config files
+ edit = sed \
+ 	-e 's,@datadir\@,$(pkgdatadir),g' \
+-	-e 's,@sysconf\@,$(sysconfdir),g' \
++	-e 's,@sysconfdir\@,$(sysconfdir),g' \
+ 	-e 's,@pkgpyexec\@,$(pkgpyexecdir),g' \
+ 	-e 's,@pythondir\@,$(pythondir),g' \
+ 	-e 's,@prefix\@,$(prefix),g' \
+diff -ru pyflag-0.80-orig/pyflag.in pyflag-0.80/pyflag.in
+--- pyflag-0.80-orig/pyflag.in	2006-01-10 12:04:31.000000000 +1100
++++ pyflag-0.80/pyflag.in	2006-01-22 13:19:31.000000000 +1100
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-. @sysconf@/pyflagrc
++. @sysconfdir@/pyflagrc
+ 
+ ## Try to load personalised configurations
+ if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi
+diff -ru pyflag-0.80-orig/pyflag_launch.in pyflag-0.80/pyflag_launch.in
+--- pyflag-0.80-orig/pyflag_launch.in	2006-01-10 12:04:59.000000000 +1100
++++ pyflag-0.80/pyflag_launch.in	2006-01-22 13:20:30.000000000 +1100
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-. @sysconf@/pyflagrc
++. @sysconfdir@/pyflagrc
+ 
+ ## Try to load personalised configurations
+ if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi
+diff -ru pyflag-0.80-orig/pyflash.in pyflag-0.80/pyflash.in
+--- pyflag-0.80-orig/pyflash.in	2006-01-10 12:04:48.000000000 +1100
++++ pyflag-0.80/pyflash.in	2006-01-22 13:20:11.000000000 +1100
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-. @sysconf@/pyflagrc
++. @sysconfdir@/pyflagrc
+ 
+ ## Try to load personalised configurations
+ if [ -e ~/.pyflagrc ] ; then source ~/.pyflagrc; fi
diff --git a/app-forensics/pyflag/metadata.xml b/app-forensics/pyflag/metadata.xml
new file mode 100644
index 000000000000..4a0348932c92
--- /dev/null
+++ b/app-forensics/pyflag/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>forensics</herd>
+<maintainer>
+  <email>forensics@gentoo.org</email>
+</maintainer>
+<longdescription>
+FLAG (Forensic and Log Analysis GUI) was designed to simplify the process of log
+file analysis and forensic investigations. Often, when investigating a large
+case, a great deal of data needs to be analysed and correlated. PyFlag uses a
+database as a backend to assist in managing the large volumes of data. This
+allows PyFlag to remain responsive and expedite data manipulation operations.
+
+Since PyFLAG is web based, it is able to be deployed on a central server and
+shared with a number of users at the same time. Data is loaded into cases which
+keeps information separated.
+</longdescription>
+</pkgmetadata>
diff --git a/app-forensics/pyflag/pyflag-0.80.ebuild b/app-forensics/pyflag/pyflag-0.80.ebuild
new file mode 100644
index 000000000000..83ae1132c888
--- /dev/null
+++ b/app-forensics/pyflag/pyflag-0.80.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/pyflag/pyflag-0.80.ebuild,v 1.1 2006/01/22 05:54:14 dragonheart Exp $
+
+inherit eutils autotools
+
+DESCRIPTION="Tool for analysing log files, tcpdump files and hard disk images"
+HOMEPAGE="http://pyflag.sf.net"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86"
+
+IUSE=""
+COMMON_DEPEND="
+		virtual/libpcap
+		sys-apps/file
+		dev-python/mysql-python
+		sys-libs/zlib
+		app-antivirus/clamav
+		>=app-forensics/sleuthkit-2.03
+		dev-python/pexpect
+		dev-python/imaging
+		media-libs/ploticus"
+
+RDEPEND="${COMMON_DEPEND}
+		dev-db/mysql"
+
+DEPEND=">=dev-lang/swig-1.3
+		${COMMON_DEPEND}"
+
+#
+# TODO: init scripts
+#
+#		dev-python/pexpect
+#		dev-python/imaging
+#		media-libs/ploticus
+#		app-forensics/sleuthkit to RDEPEND as it realy only checks they are
+#		installed
+#
+
+src_unpack() {
+	unpack "${A}"
+	cd "${S}"
+	epatch "${FILESDIR}/${P}-nodbtool.patch"
+	sed -i -e 's/flag_version =.*/flag_version ="$Version: 0.80 Date: Thu Jan 19 00:50:12 EST 2006$"/' \
+		src/pyflag/FlagFramework.py
+	_elibtoolize --copy --force
+	eaclocal -I config
+	eautomake
+	eautoconf
+
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die
+	# don't include pyflag use include files - its just silly
+	rm -rf "${D}/usr/include"
+
+	#maybe later
+	#newinitd "${FILESDIR}/${P}-init"  pyflag
+	#newconfd "${FILESDIR}/${P}-conf"  pyflag
+}
+
+pkg_postinst() {
+	einfo "Optionally enter database details in /etc/pyflagrc"
+	einfo
+	einfo "To start PyFlag just run \"pyflag\" as a normal user"
+	einfo "then open your web browser on http://localhost:8000"
+	einfo
+	einfo "To create a database user \"emerge --config =${PF}\""
+}
+
+pkg_config() {
+	ewarn "This creates the approprate adminstrative user for pyflag"
+	ewarn "Run pyflag with the entered credentials to create the"
+	ewarn "tables and database."
+	einfo
+	einfo "Enter user to create:"
+	read USER
+	einfo "Enter user's password:"
+	read PASSWORD
+
+	# note - poor privledge separation is used in pyflag
+	# recommend not sharing with other security consious databases.
+	# it may be possible to imporve this a bit using manual permission setting.
+	einfo "Enter mysql root database password:"
+	echo GRANT ALL PRIVILEGES ON "*.*" TO $USER@localhost \
+		IDENTIFIED BY \"$PASSWORD\"\; FLUSH PRIVILEGES\;  \
+		| /usr/bin/mysql -u root -p
+
+	einfo "Do you want this data to be used for all users (y/n)?"
+	ewarn "Warning - all credentials will be in a world readable file"
+	ewarn "This overwrites settings in ${ROOT}/etc/pyflagrc"
+	read  GLOBAL
+	if [ "${GLOBAL}" == "y" ] || [ "${GLOBAL}" == "Y" ]; then
+		einfo "updating global settings"
+		sed -i -e "s:PYFLAG_DBUSER=.*:PYFLAG_DBUSER=$USER:" \
+				-e "s:PYFLAG_DBPASSWD=.*:PYFLAG_DBPASSWD=$PASSWORD:" \
+				"${ROOT}/etc/pyflagrc"
+	fi
+}