proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

13 files changed, 852 insertions, 0 deletions

diff --git a/app-forensics/aide/files/aide-0.13.1-as-needed.patch b/app-forensics/aide/files/aide-0.13.1-as-needed.patch
new file mode 100644
index 000000000000..9e0ec4d73aff
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-as-needed.patch
@@ -0,0 +1,36 @@
+diff -Naur aide-0.13.1.orig/configure.in aide-0.13.1/configure.in
+--- aide-0.13.1.orig/configure.in	2006-12-09 06:49:21.000000000 +0900
++++ aide-0.13.1/configure.in	2009-12-16 19:30:17.000000000 +0900
+@@ -546,12 +546,12 @@
+ if test x$with_zlib = xyes; then
+   AC_CHECK_HEADERS(zlib.h,,
+  	[AC_MSG_ERROR([You don't have zlib properly installed. Install it or try --without-zlib.])])
+-  save_LDFLAGS=$LDFLAGS
+-  LDFLAGS="$LDFLAGS $LD_STATIC_FLAG"
++#  saveLIBS=$LIBS
++  LIBS="$LIBS -lz $LD_STATIC_FLAG"
+   AC_CHECK_LIB(z,gzdopen,,
+  	  [AC_MSG_ERROR([You don't have zlib properly installed. Install it or try --without-zlib.])]
+   )
+-  LDFLAGS=$save_LDFLAGS
++#  LIBS=$saveLIBS
+   AC_DEFINE(WITH_ZLIB,1,[use zlib])
+ fi
+ 
+@@ -565,13 +565,13 @@
+ 	fi
+   AC_CHECK_HEADERS(curl/curl.h,,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])])
+-#  save_LDFLAGS=$LDFLAGS
++#  saveLIBS=$LIBS
+ 	CFLAGS="$CFLAGS $CURL_CFLAGS"
+-  LDFLAGS="$LDFLAGS $CURL_LIBS $LD_STATIC_FLAG"
++  LIBS="$LIBS $CURL_LIBS $LD_STATIC_FLAG"
+   AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]
+ )
+-#  LDFLAGS=$save_LDFLAGS
++#  LIBS=$saveLIBS
+   AC_DEFINE(WITH_CURL,1,[use curl])
+ 	compoptionstring="${compoptionstring}WITH_CURL\\n"],
+ fi
diff --git a/app-forensics/aide/files/aide-0.13.1-configure.patch b/app-forensics/aide/files/aide-0.13.1-configure.patch
new file mode 100644
index 000000000000..75eb5559ebba
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-configure.patch
@@ -0,0 +1,74 @@
+--- configure.in.old	2008-01-26 15:07:28.000000000 +0100
++++ configure.in	2008-01-26 15:14:05.000000000 +0100
+@@ -160,7 +160,9 @@
+ fi
+ 
+ # Check whether static linking has explicitly been disabled
+-AC_ARG_ENABLE(static,[  --disable-static        Disable static linking (lowers the security of aide)], [aide_static_choice=$enableval], [aide_static_choice=yes])
++AC_ARG_ENABLE(static,
++	      AC_HELP_STRING([--disable-static],[Disable static linking (lowers the security of aide)]),
++	      [aide_static_choice=$enableval], [aide_static_choice=yes])
+ 
+ if test "$aide_static_choice" != "yes"; then
+ 	LD_STATIC_FLAG=""
+@@ -190,8 +192,8 @@
+ AC_CHECK_FUNCS(stricmp strnstr strnlen)
+ 
+ AC_ARG_WITH([mmap],
+-	[AC_HELP_STRING([--with-mmap],
+-		[use mmap @<:@default=check@:>@])],
++	AC_HELP_STRING([--with-mmap],
++		[use mmap @<:@default=check@:>@]),
+ 	[],
+ 	[with_mmap=check]
+ )
+@@ -283,8 +285,8 @@
+ AC_CHECK_HEADERS(syslog.h inttypes.h fcntl.h)
+ 
+ AC_ARG_WITH([locale],
+-	[AC_HELP_STRING([--with-locale],
+-		[use locale stuff])],
++	AC_HELP_STRING([--with-locale],
++		[use locale stuff]),
+ 	[],
+ 	[with_locale=no]
+ )
+@@ -369,10 +371,10 @@
+ 	[AC_HELP_STRING([--with-posix-acl],
+ 		[use POSIX ACLs (no checking)])],
+ 	[],
+-	[with_posix_acl_support=no]
++	[with_posix_acl=no]
+ )
+ 
+-AS_IF([test "x$with_posix_acl_support" != xno],
++AS_IF([test "x$with_posix_acl" != xno],
+ 	[AC_DEFINE(WITH_POSIX_ACL,1,[use POSIX ACLs])
+ 	AC_DEFINE(WITH_ACL,1,[use ACL])
+ 	ACLLIB="-lacl"
+@@ -388,10 +390,10 @@
+ 	[AC_HELP_STRING([--with-selinux],
+ 		[use SELinux (no checking)])],
+ 	[],
+-	[with_selinux_support=no]
++	[with_selinux=no]
+ )
+ 
+-AS_IF([test "x$with_selinux_support" != xno],
++AS_IF([test "x$with_selinux" != xno],
+ 	[AC_DEFINE(WITH_SELINUX,1,[use SELinux])
+ 	if test -n "$PKG_CONFIG" && $PKG_CONFIG --exists libselinux; then
+ 		SELINUXLIB=$(${PKG_CONFIG} --libs libselinux --static)
+@@ -410,10 +412,10 @@
+ 	[AC_HELP_STRING([--with-xattr],
+ 		[use xattr (no checking)])],
+ 	[],
+-	[with_xattr_support=no]
++	[with_xattr=no]
+ )
+ 	
+-AS_IF([test "x$with_xattr_support" != xno],
++AS_IF([test "x$with_xattr" != xno],
+ 	[AC_DEFINE(WITH_XATTR,1,[use xattr])
+ 	ATTRLIB=-lattr
+ 	compoptionstring="${compoptionstring}WITH_XATTR\\n"
diff --git a/app-forensics/aide/files/aide-0.13.1-equ-matching.patch b/app-forensics/aide/files/aide-0.13.1-equ-matching.patch
new file mode 100644
index 000000000000..e5d02a5ea7d5
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-equ-matching.patch
@@ -0,0 +1,83 @@
+--- src/gen_list.c.orig	2007-12-19 15:37:13.000000000 -0800
++++ src/gen_list.c	2007-12-19 16:19:43.000000000 -0800
+@@ -732,33 +732,6 @@
+   return retval;
+ }
+ 
+-//this is used to check if $text if equal to a node in $rxrlist
+-//should be used to check equ_rx_lst only
+-int check_list_for_equal(list* rxrlist,char* text,DB_ATTR_TYPE* attr)
+-{
+-  list* r=NULL;
+-  int retval=1;
+-  char *temp;
+-
+-  for(r=rxrlist;r;r=r->next){
+-    temp=((rx_rule*)r->data)->rx;
+-    
+-    //FIXME, if rx not begin with ^, may need to do something else
+-    if(temp[0]=='^') //^ is for reg exp, we can ignore this character
+-      temp++;
+-
+-    //we don't need to worry about buff-overflow, so strcmp is safe
+-    if((retval=strcmp(temp, text))==0){
+-      *attr=((rx_rule*)r->data)->attr;
+-      error(231,"\"%s\" matches string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx);
+-      break;
+-    } else {
+-      error(231,"\"%s\" doesn't match string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx);
+-    }
+-  }
+-  return retval;
+-}
+-
+ /* 
+  * Function check_node_for_match()
+  * calls itself recursively to go to the top and then back down.
+@@ -783,35 +756,24 @@
+     return retval;
+   }
+   
+-  /* We need this to check whether this was the first one *
+-   * to be called and not a recursive call */
+-  if(!((retval&16)==16)){
+-    retval|=16;
++  /* if this call is not recursive we check the equals list and we set top *
++   * and retval so we know following calls are recursive */
++  if(!(retval&16)){
+     top=1;
+-  } else {
+-    top=0;
+-  }
+-  
+-  /* if no deeper match found */
+-  if(!((retval&8)==8)&&!((retval&4)==4)){
++    retval|=16;
++
+     if(!check_list_for_match(node->equ_rx_lst,text,attr)){
+-      /*
+-	Zhi Wen Wong added this line to fix bug that equ not work for 
+-	compare
+-	if we do "=/bin", we should only check /bin
+-	so, /bin/bash or /bin/something should return 0 as neg
+-      */
+-      if(!check_list_for_equal(node->equ_rx_lst,text,attr))
+-	retval|=(2|4);
+-    };
+-  };
++      retval|=2|4;
++    }
++  }
+   /* We'll use retval to pass information on whether to recurse 
+    * the dir or not */
+ 
+ 
+-  if(!((retval&8)==8)&&!((retval&4)==4)){
++  /* If 4 and 8 are not set, we will check for matches */
++  if(!(retval&(4|8))){
+     if(!check_list_for_match(node->sel_rx_lst,text,attr))
+-      retval|=(1|8);
++      retval|=1|8;
+   }
+ 
+   /* Now let's check the ancestors */
diff --git a/app-forensics/aide/files/aide-0.13.1-gentoo.patch b/app-forensics/aide/files/aide-0.13.1-gentoo.patch
new file mode 100644
index 000000000000..9c1c07b5ce5f
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-gentoo.patch
@@ -0,0 +1,36 @@
+diff -Naur aide-0.13.1.orig/Makefile.am aide-0.13.1/Makefile.am
+--- aide-0.13.1.orig/Makefile.am	2006-10-11 03:39:01.000000000 +0900
++++ aide-0.13.1/Makefile.am	2007-09-27 01:35:39.000000000 +0900
+@@ -33,7 +33,7 @@
+ 	src/aide -c doc/aide.conf -V20
+ 
+ update-db: all
+-	src/aide -B "database_out=file://$(top_srcdir)/doc/aide.db" -c doc/aide.conf -i
++	src/aide -B "database_out=file://$(abs_top_srcdir)/doc/aide.db" -c doc/aide.conf -i
+ 
+ dist-hook: configure
+ 	mkdir $(distdir)/include
+diff -Naur aide-0.13.1.orig/doc/aide.conf.in aide-0.13.1/doc/aide.conf.in
+--- aide-0.13.1.orig/doc/aide.conf.in	2006-11-25 04:53:56.000000000 +0900
++++ aide-0.13.1/doc/aide.conf.in	2007-09-27 01:35:39.000000000 +0900
+@@ -19,7 +19,7 @@
+ # corresponding line.
+ #
+ 
+-@@define TOPDIR @top_srcdir@
++@@define TOPDIR @abs_top_srcdir@
+ 
+ @@ifndef TOPDIR 
+ @@define TOPDIR /
+diff -Naur aide-0.13.1.orig/src/Makefile.am aide-0.13.1/src/Makefile.am
+--- aide-0.13.1.orig/src/Makefile.am	2006-10-28 06:10:38.000000000 +0900
++++ aide-0.13.1/src/Makefile.am	2007-09-27 01:35:39.000000000 +0900
+@@ -20,6 +20,8 @@
+ # This is no longer needed
+ # SUBDIRS = crypt
+ 
++DEFS = -DLOCALEDIR=\"$(localedir)\" @DEFS@
++
+ bin_PROGRAMS = aide
+ 
+ aide_SOURCES =	\
diff --git a/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch b/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch
new file mode 100644
index 000000000000..56b39693f4ff
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch
@@ -0,0 +1,49 @@
+diff -urp aide-0.13.1.orig/doc/aide.1 aide-0.13.1/doc/aide.1
+--- aide-0.13.1.orig/doc/aide.1	2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/doc/aide.1	2009-04-14 15:49:18.000000000 -0700
+@@ -67,6 +67,7 @@ conditions:
+ .IP "16 Unimplemented function error"
+ .IP "17 Invalid configureline error"
+ .IP "18 IO error"
++.IP "19 Version mismatch error"
+ .PP
+ .SH NOTES
+ Please note that due to mmap issues, aide cannot be terminated with
+diff -urp aide-0.13.1.orig/doc/aide.1.in aide-0.13.1/doc/aide.1.in
+--- aide-0.13.1.orig/doc/aide.1.in	2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/doc/aide.1.in	2009-04-14 15:49:56.000000000 -0700
+@@ -67,6 +67,7 @@ conditions:
+ .IP "16 Unimplemented function error"
+ .IP "17 Invalid configureline error"
+ .IP "18 IO error"
++.IP "19 Version mismatch error"
+ .PP
+ .SH NOTES
+ Please note that due to mmap issues, aide cannot be terminated with
+diff -urp aide-0.13.1.orig/include/report.h aide-0.13.1/include/report.h
+--- aide-0.13.1.orig/include/report.h	2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/include/report.h	2009-04-14 15:46:28.000000000 -0700
+@@ -31,6 +31,7 @@
+ #define UNIMPLEMENTED_FUNCTION_ERROR 16
+ #define INVALID_CONFIGURELINE_ERROR 17
+ #define IO_ERROR 18
++#define VERSION_MISMATCH_ERROR 19
+ 
+ /* Errorcodes */
+ #define HASH_ALGO_ERROR 30
+diff -urp aide-0.13.1.orig/src/md.c aide-0.13.1/src/md.c
+--- aide-0.13.1.orig/src/md.c	2009-04-14 15:46:20.000000000 -0700
++++ aide-0.13.1/src/md.c	2009-04-14 15:46:28.000000000 -0700
+@@ -201,6 +201,12 @@ int init_md(struct md_container* md) {
+ #endif 
+ #ifdef WITH_GCRYPT
+   error(255,"Gcrypt library initialization\n");
++  	if(!gcry_check_version(GCRYPT_VERSION)) {
++		error(0,"libgcrypt version mismatch\n");
++		exit(VERSION_MISMATCH_ERROR);
++	}
++	gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
++	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+ 	if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){
+ 		error(0,"gcrypt_md_open failed\n");
+ 		exit(IO_ERROR);
diff --git a/app-forensics/aide/files/aide-0.13.1-zlib.patch b/app-forensics/aide/files/aide-0.13.1-zlib.patch
new file mode 100644
index 000000000000..0ca5af25275d
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.13.1-zlib.patch
@@ -0,0 +1,12 @@
+diff -Naur aide-0.13.1.orig//src/be.c aide-0.13.1//src/be.c
+--- aide-0.13.1.orig//src/be.c	2006-12-15 01:09:24.000000000 +0900
++++ aide-0.13.1//src/be.c	2010-05-26 20:08:10.000000000 +0900
+@@ -161,7 +161,7 @@
+ #endif
+ #ifdef WITH_ZLIB
+     if(iszipped && !inout){
+-      fh=gzdopen(fd,"wb9+");
++      fh=gzdopen(fd,"wb9");
+       if(fh==NULL){
+ 	error(0,_("Couldn't open file %s for %s"),u->value,
+ 	      inout?"reading\n":"writing\n");
diff --git a/app-forensics/aide/files/aide-0.14-as-needed.patch b/app-forensics/aide/files/aide-0.14-as-needed.patch
new file mode 100644
index 000000000000..7a90b4e25079
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.14-as-needed.patch
@@ -0,0 +1,20 @@
+--- aide-0.14.orig/configure.in	2010-02-26 17:25:29.000000000 +0900
++++ aide-0.14/configure.in	2010-05-27 00:11:34.000000000 +0900
+@@ -42,7 +42,7 @@
+ AC_ARG_WITH(extra-libs,
+ 	AC_HELP_STRING([--with-extra-libs],
+ 		[Specify additional paths with -L to find libraries]),
+-	[LDFLAGS="$LDFLAGS $withval"]
++	[LIBS="$LIBS $withval"]
+ )
+ AC_ARG_WITH(extra-link-libs,
+ 	AC_HELP_STRING([--with-extra-link-libs],
+@@ -671,7 +671,7 @@
+   AC_CHECK_HEADERS(curl/curl.h,,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])])
+   CFLAGS="$CFLAGS $CURL_CFLAGS"
+-  LDFLAGS="$LDFLAGS $CURL_LIBS"
++  LIBS="$LIBS $CURL_LIBS"
+   AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]
+ )
diff --git a/app-forensics/aide/files/aide-0.14-configure.patch b/app-forensics/aide/files/aide-0.14-configure.patch
new file mode 100644
index 000000000000..54afd8c4f4c6
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.14-configure.patch
@@ -0,0 +1,38 @@
+diff -Naur aide-0.14.orig/configure.in aide-0.14/configure.in
+--- aide-0.14.orig/configure.in	2010-02-26 17:25:29.000000000 +0900
++++ aide-0.14/configure.in	2010-06-09 14:24:43.000000000 +0900
+@@ -407,14 +407,14 @@
+ AC_ARG_WITH([zlib],
+ 	AC_HELP_STRING([--with-zlib],
+ 		[use zlib compression]),
+-	,
++	[with_zlib="$withval"],
+ 	[with_zlib=yes]
+ )
+ 
+ AC_ARG_WITH([curl],
+ 	AC_HELP_STRING([--with-curl],
+ 		[use curl for http,https and ftp backends]),
+-		,
++	[with_curl="$withval"],
+ 	[with_curl=no]
+ )
+ 
+@@ -422,7 +422,7 @@
+ AC_ARG_WITH([sun-acl],
+ 	[AC_HELP_STRING([--with-sun-acl],
+ 		[use ACL on solaris (no checking)])],
+-	[],
++	[with_sun_acl="$withval"],
+ 	[with_sun_acl=no]
+ )
+ 
+@@ -440,7 +440,7 @@
+ AC_ARG_WITH([posix-acl],
+ 	[AC_HELP_STRING([--with-posix-acl],
+ 		[use POSIX ACLs (no checking)])],
+-	[],
++	[with_posix_acl_support="$withval"],
+ 	[with_posix_acl_support=no]
+ )
+ 
diff --git a/app-forensics/aide/files/aide-0.14-gentoo.patch b/app-forensics/aide/files/aide-0.14-gentoo.patch
new file mode 100644
index 000000000000..f2c8156ed161
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.14-gentoo.patch
@@ -0,0 +1,26 @@
+diff -Naur aide-0.14.orig//src/Makefile.am aide-0.14//src/Makefile.am
+--- aide-0.14.orig//src/Makefile.am	2010-02-20 04:23:08.000000000 +0900
++++ aide-0.14//src/Makefile.am	2010-05-26 23:56:47.000000000 +0900
+@@ -26,7 +26,7 @@
+ LEX_OUTPUT_ROOT = lex.yy
+ 
+ LDADD = -lm @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @ELFLIB@
+-AM_CFLAGS = @AIDE_DEFS@ -W -Wall -g
++AM_CFLAGS = -DLOCALEDIR=\"$(localedir)\" @AIDE_DEFS@ -W -Wall -g
+ 
+ CLEANFILES = conf_yacc.h conf_yacc.c conf_lex.c db_lex.c *~
+ 
+diff -Naur aide-0.14.orig//src/db.c aide-0.14//src/db.c
+--- aide-0.14.orig//src/db.c	2010-02-18 05:06:57.000000000 +0900
++++ aide-0.14//src/db.c	2010-05-27 00:16:07.000000000 +0900
+@@ -26,6 +26,10 @@
+ #include "db_file.h"
+ #include "db_disk.h"
+ 
++#ifdef WITH_CURL
++#include "fopen.h"
++#endif
++
+ #ifdef WITH_PSQL
+ #include "db_sql.h"
+ #endif
diff --git a/app-forensics/aide/files/aide-0.15.1-gentoo.patch b/app-forensics/aide/files/aide-0.15.1-gentoo.patch
new file mode 100644
index 000000000000..01c06f72387e
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.15.1-gentoo.patch
@@ -0,0 +1,26 @@
+diff -Naur aide-0.15.1.orig//src/Makefile.am aide-0.15.1//src/Makefile.am
+--- aide-0.15.1.orig//src/Makefile.am	2010-08-02 03:23:44.000000000 +0900
++++ aide-0.15.1//src/Makefile.am	2010-10-28 01:22:49.897871135 +0900
+@@ -26,7 +26,7 @@
+ LEX_OUTPUT_ROOT = lex.yy
+ 
+ LDADD = -lm @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@
+-AM_CFLAGS = @AIDE_DEFS@ -W -Wall -g
++AM_CFLAGS = -DLOCALEDIR=\"$(localedir)\" @AIDE_DEFS@ -W -Wall -g
+ 
+ CLEANFILES = conf_yacc.h conf_yacc.c conf_lex.c db_lex.c *~
+ 
+diff -Naur aide-0.15.1.orig//src/db.c aide-0.15.1//src/db.c
+--- aide-0.15.1.orig//src/db.c	2010-08-09 02:39:31.000000000 +0900
++++ aide-0.15.1//src/db.c	2010-10-28 01:22:12.930091842 +0900
+@@ -27,6 +27,10 @@
+ #include "db_file.h"
+ #include "db_disk.h"
+ 
++#ifdef WITH_CURL
++#include "fopen.h"
++#endif
++
+ #ifdef WITH_PSQL
+ #include "db_sql.h"
+ #endif
diff --git a/app-forensics/aide/files/aide.conf b/app-forensics/aide/files/aide.conf
new file mode 100644
index 000000000000..cef1813db9f8
--- /dev/null
+++ b/app-forensics/aide/files/aide.conf
@@ -0,0 +1,115 @@
+# AIDE conf
+
+database=file:/var/lib/aide/aide.db
+database_out=file:/var/lib/aide/aide.db.new
+
+# Change this to "no" or remove it to not gzip output
+# (only useful on systems with few CPU cycles to spare)
+gzip_dbout=yes
+
+# Here are all the things we can check - these are the default rules 
+#
+#p:      permissions
+#i:      inode
+#n:      number of links
+#u:      user
+#g:      group
+#s:      size
+#b:      block count
+#m:      mtime
+#a:      atime
+#c:      ctime
+#S:      check for growing size
+#md5:    md5 checksum
+#sha1:   sha1 checksum
+#rmd160: rmd160 checksum
+#tiger:  tiger checksum
+#R:      p+i+n+u+g+s+m+c+md5
+#L:      p+i+n+u+g
+#E:      Empty group
+#>:      Growing logfile p+u+g+i+n+S
+#haval:         haval checksum
+#gost:          gost checksum
+#crc32:         crc32 checksum
+
+# Defines formerly set here have been moved to /etc/default/aide.
+
+# Custom rules
+Binlib = p+i+n+u+g+s+b+m+c+md5+sha1
+ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha1
+Logs = p+i+n+u+g+S
+Devices = p+i+n+u+g+s+b+c+md5+sha1
+Databases = p+n+u+g
+StaticDir = p+i+n+u+g
+ManPages = p+i+n+u+g+s+b+m+c+md5+sha1
+
+# Next decide what directories/files you want in the database
+
+# Kernel, system map, etc.
+=/boot$ Binlib
+# Binaries
+/bin Binlib
+/sbin Binlib
+/usr/bin Binlib
+/usr/sbin Binlib
+/usr/local/bin Binlib
+/usr/local/sbin Binlib
+#/usr/games Binlib
+# Libraries
+/lib Binlib
+/usr/lib Binlib
+/usr/local/lib Binlib
+# Log files
+=/var/log$ StaticDir
+#!/var/log/ksymoops
+/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
+/var/log/aide/error.log(.[0-9])?(.gz)? Databases
+#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
+!/var/log/aide
+/var/log Logs
+# Devices
+!/dev/pts
+# If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr,
+# you may uncomment this to get rid of them. They're harmless but sometimes
+# annoying.
+#!/dev/cpu/mtrr
+#!/dev/xconsole
+/dev Devices
+# Other miscellaneous files
+/var/run$ StaticDir
+!/var/run
+# Test only the directory when dealing with /proc
+/proc$ StaticDir
+!/proc
+
+# You can look through these examples to get further ideas
+
+# MD5 sum files - especially useful with debsums -g
+#/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1
+
+# Check crontabs
+#/var/spool/anacron/cron.daily Databases
+#/var/spool/anacron/cron.monthly Databases
+#/var/spool/anacron/cron.weekly Databases
+#/var/spool/cron Databases
+#/var/spool/cron/crontabs Databases
+
+# manpages can be trojaned, especially depending on *roff implementation
+#/usr/man ManPages
+#/usr/share/man ManPages
+#/usr/local/man ManPages
+
+# docs
+#/usr/doc ManPages
+#/usr/share/doc ManPages
+
+# check users' home directories
+#/home Binlib
+
+# check sources for modifications
+#/usr/src L
+#/usr/local/src L
+
+# Check headers for same
+#/usr/include L
+#/usr/local/include L
diff --git a/app-forensics/aide/files/aide.cron b/app-forensics/aide/files/aide.cron
new file mode 100755
index 000000000000..c28b78f8e9db
--- /dev/null
+++ b/app-forensics/aide/files/aide.cron
@@ -0,0 +1,192 @@
+#!/bin/bash
+# Modified: Benjamin Smee
+# Date: Fri Sep 10 11:35:41 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Set this to suppress mailings when there's nothing to report
+QUIETREPORTS=1
+
+# This parameter defines which aide command to run from the cron script.
+# Sensible values are "update" and "check".
+# Default is "check", ensuring backwards compatibility.
+# Since "update" does not take any longer, it is recommended to use "update",
+# so that a new database is created every day. The new database needs to be
+# manually copied over the current one, though.
+COMMAND=update
+
+# This parameter defines how many lines to return per e-mail. Output longer
+# than this value will be truncated in the e-mail sent out.
+LINES=1000
+
+# This parameter gives a grep regular expression. If given, all output lines
+# that _don't_ match the regexp are listed first in the script's output. This
+# allows to easily remove noise from the aide report.
+NOISE="(/var/cache/|/var/lib/|/var/tmp)"
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+LOGDIR="/var/log/aide"
+LOGFILE="aide.log"
+CONFFILE="/etc/aide/aide.conf"
+ERRORLOG="aide_error.log"
+MAILLOG="aide_mail.log"
+ERRORTMP=`tempfile --directory "/tmp" --prefix "$ERRORLOG"`
+
+[ -f /usr/bin/aide ] || exit 0
+
+DATABASE=`grep "^database=file:/" $CONFFILE | head -n 1 | cut --delimiter=: --fields=2`
+FQDN=`hostname -f`
+DATE=`date +"at %Y-%m-%d %H:%M"`
+
+# default values
+
+DATABASE="${DATABASE:-/var/lib/aide/aide.db}"
+
+AIDEARGS="-V4"
+
+if [ ! -f $DATABASE ]; then
+	/usr/sbin/sendmail $MAILTO <<EOF
+Subject: Daily AIDE report for $FQDN
+From: root@${FQDN}
+To: ${MAILTO}
+Fatal error: The AIDE database does not exist!
+This may mean you haven't created it, or it may mean that someone has removed it.
+EOF
+	exit 0
+fi
+
+# Removed so no deps on debianutils - strerror
+#[ -f "$LOGDIR/$LOGFILE" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$LOGFILE" > /dev/null
+#[ -f "$LOGDIR/$ERRORLOG" ] && savelog -j -t -g adm -m 640 -u root -c 7 "$LOGDIR/$ERRORLOG" > /dev/null
+
+aide $AIDEARGS --$COMMAND >"$LOGDIR/$LOGFILE" 2>"$ERRORTMP"
+RETVAL=$?
+
+if [ -n "$QUIETREPORTS" ] && [ $QUIETREPORTS -a \! -s $LOGDIR/$LOGFILE -a \! -s $ERRORTMP ]; then
+	# Bail now because there was no output and QUIETREPORTS is set
+	exit 0
+fi
+
+MAILTMP=`tempfile --directory "/tmp" --prefix "$MAILLOG"`
+
+(cat << EOF
+This is an automated report generated by the Advanced Intrusion Detection
+Environment on $FQDN ${DATE}.
+
+EOF
+
+# include error log in daily report e-mail
+
+if [ "$RETVAL" != "0" ]; then
+	cat > "$LOGDIR/$ERRORLOG" << EOF
+	
+*****************************************************************************
+*                    aide returned a non-zero exit value                    *
+*****************************************************************************
+
+EOF
+	echo "exit value is: $RETVAL" >> "$LOGDIR/$ERRORLOG"
+else
+	touch "$LOGDIR/$ERRORLOG"
+fi
+< "$ERRORTMP" cat >> "$LOGDIR/$ERRORLOG"
+rm -f "$ERRORTMP"
+
+if [ -s "$LOGDIR/$ERRORLOG" ]; then
+	errorlines=`wc -l "$LOGDIR/$ERRORLOG" | awk '{ print $1 }'`
+	if [ ${errorlines:=0} -gt $LINES ]; then
+		cat << EOF
+
+****************************************************************************
+*                      aide has returned many errors.                      *
+*           the error log output has been truncated in this mail           *
+****************************************************************************
+
+EOF
+		echo "Error output is $errorlines lines, truncated to $LINES."
+		head -$LINES "$LOGDIR/$ERRORLOG"
+		echo "The full output can be found in $LOGDIR/$ERRORLOG."
+	else
+		echo "Errors produced  ($errorlines lines):"
+		cat "$LOGDIR/$ERRORLOG"
+	fi
+else
+	echo "AIDE produced no errors."
+fi
+
+# include de-noised log
+
+if [ -n "$NOISE" ]; then
+	NOISETMP=`tempfile --directory "/tmp" --prefix "aidenoise"`
+	NOISETMP2=`tempfile --directory "/tmp" --prefix "aidenoise"`
+	sed -n '1,/^Detailed information about changes:/p' "$LOGDIR/$LOGFILE" | \
+	grep '^\(changed\|removed\|added\):' | \
+	grep -v "^added: THERE WERE ALSO [0-9]\+ FILES ADDED UNDER THIS DIRECTORY" > $NOISETMP2
+	
+	if [ -n "$NOISE" ]; then
+		< $NOISETMP2 grep -v "^\(changed\|removed\|added\):$NOISE" > $NOISETMP
+		rm -f $NOISETMP2
+		echo "De-Noised output removes everything matching $NOISE."
+	else
+		mv $NOISETMP2 $NOISETMP
+		echo "No noise expression was given."
+	fi
+	
+	if [ -s "$NOISETMP" ]; then
+		loglines=`< $NOISETMP wc -l | awk '{ print $1 }'`
+		if [ ${loglines:=0} -gt $LINES ]; then
+			cat << EOF
+
+****************************************************************************
+*   aide has returned long output which has been truncated in this mail    *
+****************************************************************************
+
+EOF
+			echo "De-Noised output is $loglines lines, truncated to $LINES."
+			< $NOISETMP head -$LINES
+			echo "The full output can be found in $LOGDIR/$LOGFILE."
+		else
+			echo "De-Noised output of the daily AIDE run ($loglines lines):"
+			cat $NOISETMP
+		fi
+	else
+		echo "AIDE detected no changes after removing noise."
+	fi
+	rm -f $NOISETMP
+	echo "============================================================================"
+fi
+
+# include non-de-noised log
+
+if [ -s "$LOGDIR/$LOGFILE" ]; then
+	loglines=`wc -l "$LOGDIR/$LOGFILE" | awk '{ print $1 }'`
+	if [ ${loglines:=0} -gt $LINES ]; then
+		cat << EOF
+
+****************************************************************************
+*   aide has returned long output which has been truncated in this mail    *
+****************************************************************************
+
+EOF
+		echo "Output is $loglines lines, truncated to $LINES."
+		head -$LINES "$LOGDIR/$LOGFILE"
+		echo "The full output can be found in $LOGDIR/$LOGFILE."
+	else
+		echo "Output of the daily AIDE run ($loglines lines):"
+		cat "$LOGDIR/$LOGFILE"
+	fi
+else
+	echo "AIDE detected no changes."
+fi
+) > ${MAILTMP}
+
+(
+cat <<EOF
+Subject: Daily AIDE report for $FQDN
+From: root@${FQDN}
+To: ${MAILTO}
+EOF
+cat ${MAILTMP}
+) | /usr/sbin/sendmail $MAILTO
+
+rm -f "$MAILTMP"
diff --git a/app-forensics/aide/files/aideinit b/app-forensics/aide/files/aideinit
new file mode 100755
index 000000000000..6a3c60c37837
--- /dev/null
+++ b/app-forensics/aide/files/aideinit
@@ -0,0 +1,145 @@
+#!/bin/sh
+# Copyright 2003 Mike Markley <mike@markley.org>
+# This script is free for any purpose whatseoever so long as the above
+# copyright notice remains in place.
+#
+# Modified for Gentoo: Benjamin Smee
+# Date: Fri Sep 10 11:36:04 BST 2004
+
+# This is the email address reports get mailed to
+MAILTO=root@localhost
+
+# Defaults
+#MAILTO="${MAILTO:-root}"
+
+# Options
+opt_f=0
+opt_y=0
+opt_c=0
+opt_b=0
+config="/etc/aide/aide.conf"
+
+aideinit_usage() {
+	echo "Usage: $0 [options] -- [aide options]"
+	echo "  -y|--yes         Overwrite output file"
+	echo "  -f|--force       Force overwrite of database"
+	echo "  -c|--config      Specify alternate config file"
+	echo "  -o|--output      Specify alternate output file"
+	echo "  -d|--database    Specify alternate database file"
+	echo "  -b|--background  Run in the background"
+}
+
+while [ -n "$1" ]; do
+	case "$1" in
+	    -h|--help)
+		aideinit_usage
+		exit 0
+		;;
+	    -f|--force)
+		opt_f=1
+		shift
+		;;
+	    -y|--yes)
+		opt_y=1
+		shift
+		;;
+	    -b|--background)
+		opt_b=1
+		shift
+		;;
+	    -o|--output)
+		shift
+		[ -z "$1" ] && aideinit_usage && exit 1
+		outfile=$1
+		shift
+		;;
+	    -d|--database)
+		shift
+		[ -z "$1" ] && aideinit_usage && exit 1
+		dbfile=$1
+		shift
+		;;
+	    -c|--config)
+		opt_c=1
+		shift
+		[ -z "$1" ] && aideinit_usage && exit 1
+		config=$1
+		shift
+		;;
+	    --)
+	    	shift
+		break 2
+		;;
+	    *)
+		echo "Unknown option $1 (use -- to delimit aideinit and aide options)"
+		exit
+		;;
+	esac
+done
+
+if [ ! -f "$config" ]; then
+	echo "$0: $config: file not found"
+	exit 1
+fi
+
+if [ -z "$outfile" ]; then
+	outfile=`egrep "database_out=file:" $config | cut -d: -f2`
+	[ -z "$outfile" ] && outfile="/var/lib/aide/aide.db.new"
+fi
+if [ -z "$dbfile" ]; then
+	dbfile=`egrep "database=file:" $config | cut -d: -f2`
+	[ -z "$dbfile" ] && dbfile="/var/lib/aide/aide.db"
+fi
+
+if [ -f $outfile ]; then
+	if [ $opt_y -eq 0 ]; then
+		echo -n "Overwrite existing $outfile [Yn]? "
+		read yn
+		case "$yn" in
+		    [Nn]*)
+			exit 0
+			;;
+		esac
+	fi
+fi
+
+extraflags=""
+
+if [ $opt_c -eq 1 ]; then
+	extraflags="$extraflags --config $config"
+fi
+
+if [ $opt_b -eq 1 ]; then
+	(aide --init $extraflags $@ >/var/log/aide/aideinit.log 2>/var/log/aide/aideinit.errors
+	if [ -f "$dbfile" -a $opt_f -eq 0 ]; then
+		echo "$dbfile exists and -f was not specified" >> /var/log/aide/aideinit.errors
+	fi
+	lines=`wc -l /var/log/aide/aideinit.errors | awk '{ print $1 }'`
+	if [ "$lines" -gt 0 ]; then
+		(echo "AIDE init errors:"; cat /var/log/aide/aideinit.errors) | /bin/mail -s "AIDE initialization problem" $MAILTO
+	else
+		cp -f $outfile $dbfile
+	fi) &
+	exit 0
+fi
+
+echo "Running aide --init..."
+aide --init $extraflags $@
+
+return=$?
+if [ $return -ne 0 ]; then
+	echo "Something didn't quite go right; see $outfile for details" >&2
+	exit $return
+fi
+
+if [ -f "$dbfile" -a $opt_f -eq 0 ]; then
+	echo -n "Overwrite $dbfile [yN]? "
+	read yn
+	case "$yn" in
+	    [yY]*)
+		cp -f $outfile $dbfile
+		;;
+	esac
+else
+	cp -f $outfile $dbfile
+fi