From 90fd1b523ad58a461de418bdbd97956e29897188 Mon Sep 17 00:00:00 2001 From: Wenzong Fan Date: Thu, 24 Aug 2017 17:21:52 +0800 Subject: meta-ids: initial commit for IDS support (#11) * Add new layer for IDS support * Add package mtree to provide basic IDS functions Signed-off-by: Wenzong Fan --- meta-ids/COPYING.MIT | 17 ++++++++ meta-ids/README.md | 9 ++++ meta-ids/conf/layer.conf | 14 +++++++ .../recipes-base/packagegroups/packagegroup-ids.bb | 12 ++++++ .../mtree/mtree/configure.ac-automake-error.patch | 35 ++++++++++++++++ .../recipes-ids/mtree/mtree/mtree-getlogin.patch | 49 ++++++++++++++++++++++ meta-ids/recipes-ids/mtree/mtree_git.bb | 21 ++++++++++ 7 files changed, 157 insertions(+) create mode 100644 meta-ids/COPYING.MIT create mode 100644 meta-ids/README.md create mode 100644 meta-ids/conf/layer.conf create mode 100644 meta-ids/recipes-base/packagegroups/packagegroup-ids.bb create mode 100644 meta-ids/recipes-ids/mtree/mtree/configure.ac-automake-error.patch create mode 100644 meta-ids/recipes-ids/mtree/mtree/mtree-getlogin.patch create mode 100644 meta-ids/recipes-ids/mtree/mtree_git.bb diff --git a/meta-ids/COPYING.MIT b/meta-ids/COPYING.MIT new file mode 100644 index 0000000..89de354 --- /dev/null +++ b/meta-ids/COPYING.MIT @@ -0,0 +1,17 @@ +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/meta-ids/README.md b/meta-ids/README.md new file mode 100644 index 0000000..e5901aa --- /dev/null +++ b/meta-ids/README.md @@ -0,0 +1,9 @@ +### Intrusion Detection System (IDS) +This layer provides functions for Intrusion Detection System (IDS) achievement. + +#### MTREE +The mtree utility compares the file hierarchy rooted in the current directory +against a specification read from the standard input. Messages are written +to the standard output for any files whose characteristics do not match the +specifications, or which are missing from either the file hierarchy or the +specification. diff --git a/meta-ids/conf/layer.conf b/meta-ids/conf/layer.conf new file mode 100644 index 0000000..1f2e0a6 --- /dev/null +++ b/meta-ids/conf/layer.conf @@ -0,0 +1,14 @@ +# We have a conf and classes directory, add to BBPATH +BBPATH .= ":${LAYERDIR}" + +# We have recipes-* directories, add to BBFILES +BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \ + ${LAYERDIR}/recipes-*/*/*.bbappend" + +BBFILE_COLLECTIONS += "ids" +BBFILE_PATTERN_ids = "^${LAYERDIR}/" +BBFILE_PRIORITY_ids = "10" + +BBLAYERS_LAYERINDEX_NAME_ids = "meta-ids" + +LAYERDEPENDS_ids = "core" diff --git a/meta-ids/recipes-base/packagegroups/packagegroup-ids.bb b/meta-ids/recipes-base/packagegroups/packagegroup-ids.bb new file mode 100644 index 0000000..8f79c7a --- /dev/null +++ b/meta-ids/recipes-base/packagegroups/packagegroup-ids.bb @@ -0,0 +1,12 @@ +DESCRIPTION = "Packagegroup for Intrusion Detection System (IDS) utilities." +LICENSE = "MIT" +LIC_FILES_CHKSUM = "\ + file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \ +" + +inherit packagegroup + +RDEPENDS_${PN} += "\ + mtree \ +" diff --git a/meta-ids/recipes-ids/mtree/mtree/configure.ac-automake-error.patch b/meta-ids/recipes-ids/mtree/mtree/configure.ac-automake-error.patch new file mode 100644 index 0000000..41d9025 --- /dev/null +++ b/meta-ids/recipes-ids/mtree/mtree/configure.ac-automake-error.patch @@ -0,0 +1,35 @@ +From 72916bebc694b821fd35f8721937fdd691049e3e Mon Sep 17 00:00:00 2001 +From: Robert Yang +Date: Tue, 5 Aug 2014 21:48:17 -0700 +Subject: [PATCH] configure.ac: fixed automake error + +Fixed: +configure.ac:29: installing 'scripts/compile' +Makefile.am: error: required file './NEWS' not found +Makefile.am: error: required file './AUTHORS' not found +Makefile.am: error: required file './ChangeLog' not found +autoreconf: automake failed with exit status: 1 + +Upstream-Status: Pending + +Signed-off-by: Robert Yang +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index bf228df..dc10bff 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -6,7 +6,7 @@ + + AC_INIT([mtree Utility for creating and verifying file hierarchies], [1.0.2], [http://www.freebsd.org/], [mtree]) + AC_CONFIG_AUX_DIR(scripts) +-AM_INIT_AUTOMAKE ++AM_INIT_AUTOMAKE([foreign]) + dnl AM_MAINTAINER_MODE + AC_PREREQ(2.59) + AC_REVISION($Id: configure.ac 15 2013-05-30 15:29:35Z archie.cobbs $) +-- +1.7.9.5 + diff --git a/meta-ids/recipes-ids/mtree/mtree/mtree-getlogin.patch b/meta-ids/recipes-ids/mtree/mtree/mtree-getlogin.patch new file mode 100644 index 0000000..35b0f8d --- /dev/null +++ b/meta-ids/recipes-ids/mtree/mtree/mtree-getlogin.patch @@ -0,0 +1,49 @@ +Upstream-Status: Pending + +Handle NULL return from getlogin. + +Signed-off-by: Kai Kang +--- +diff --git a/create.c b/create.c +index e2d24d3..583af9b 100644 +--- a/create.c ++++ b/create.c +@@ -77,6 +77,29 @@ static void output(int, int *, const char *, ...) __attribute__ ((__format__ + static int statd(FTS *, FTSENT *, uid_t *, gid_t *, mode_t *, u_long *); + static void statf(int, FTSENT *); + ++char *my_getlogin() ++{ ++ const char *s = getlogin(); ++ if (s && *s) ++ return s; ++ ++ struct passwd *p = getpwuid(geteuid()); ++ char *ss; ++ if (p && p->pw_name) { ++ if (asprintf(&ss,"(no controlling terminal) %s",p->pw_name) < 0) { ++ perror("asprintf"); ++ return NULL; ++ } ++ } else { ++ if (asprintf(&ss,"(no controlling terminal) #%d",geteuid()) < 0) { ++ perror("asprintf"); ++ return NULL; ++ } ++ } ++ ++ return ss; ++} ++ + void + cwalk(void) + { +@@ -92,7 +115,7 @@ cwalk(void) + (void)gethostname(host, sizeof(host)); + (void)printf( + "#\t user: %s\n#\tmachine: %s\n", +- getlogin(), host); ++ my_getlogin(), host); + (void)printf( + "#\t tree: %s\n#\t date: %s", + fullpath, ctime(&cl)); diff --git a/meta-ids/recipes-ids/mtree/mtree_git.bb b/meta-ids/recipes-ids/mtree/mtree_git.bb new file mode 100644 index 0000000..27fae3c --- /dev/null +++ b/meta-ids/recipes-ids/mtree/mtree_git.bb @@ -0,0 +1,21 @@ +SUMMARY = "BSD directory hierarchy mapping tool" +DESCRIPTION = "mtree compares a file hierarchy against a specification, creates a specification for a file hierarchy, or modifies a specification." + +SECTION = "utils" + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=bb19ea4eac951288efda4010c5c669a8" + +PV = "1.0.3+git${SRCPV}" + +SRC_URI = "git://github.com/archiecobbs/mtree-port.git \ + file://mtree-getlogin.patch \ + file://configure.ac-automake-error.patch \ + " +SRCREV = "4f3e901aea980fc9a78ac8692fa12a22328b1d4a" + +S = "${WORKDIR}/git" + +DEPENDS = "openssl" + +inherit autotools -- cgit v1.2.3-54-g00ecf