forked from steev/python-overlay
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
app-forensics/openscap: resurrected and modernized from hardened project
Goes with: * https://gitweb.gentoo.org/proj/hardened-docs.git/tree/xml/SCAP * https://gitweb.gentoo.org/repo/gentoo.git/tree/app-forensics/openscap?id=b31f832fb473f5cff5bc7443da4eb5c55adefddd Signed-off-by: Stephen L Arnold <sarnold@vctlabs.com>
- Loading branch information
Showing
7 changed files
with
249 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DIST openscap-1.3.7.tar.gz 14032390 BLAKE2B b57fa7daa52841936daf414426eb01e55f9a3a777c6038ae5b79cb10363b0798cabdad49c34b6dddf1d44fa926d88f75ea38073efedee39a35e45454da71717a SHA512 64dcceadbbb5b6045d2ebaca89287c80c26e05d7247fc0dd31cd9bff98398c7a26d6ed0e9191dcd2fd01f0711181f15d34fe9784bd043ccd0854baa17397cd88 |
71 changes: 71 additions & 0 deletions
71
app-forensics/openscap/files/openscap-fix-QA-warnings-with-newer-toolchain.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
From 5830090eb9c58bd7dacbb5a82934a73fc65b1983 Mon Sep 17 00:00:00 2001 | ||
From: Stephen L Arnold <sarnold@vctlabs.com> | ||
Date: Wed, 12 Jul 2023 17:30:19 -0700 | ||
Subject: [PATCH] fix QA warnings with newer toolchain, add missing rpm header | ||
MIME-Version: 1.0 | ||
Content-Type: text/plain; charset=UTF-8 | ||
Content-Transfer-Encoding: 8bit | ||
|
||
* mainly implicit declaration of function ‘rpmFreeCrypto’ | ||
|
||
Signed-off-by: Stephen L Arnold <sarnold@vctlabs.com> | ||
--- | ||
src/OVAL/probes/unix/linux/rpminfo_probe.c | 3 +++ | ||
src/OVAL/probes/unix/linux/rpmverify_probe.c | 1 + | ||
src/OVAL/probes/unix/linux/rpmverifyfile_probe.c | 1 + | ||
src/OVAL/probes/unix/linux/rpmverifypackage_probe.c | 1 + | ||
4 files changed, 6 insertions(+) | ||
|
||
diff --git a/src/OVAL/probes/unix/linux/rpminfo_probe.c b/src/OVAL/probes/unix/linux/rpminfo_probe.c | ||
index 46ad1d971..1eaf5dfe7 100644 | ||
--- a/src/OVAL/probes/unix/linux/rpminfo_probe.c | ||
+++ b/src/OVAL/probes/unix/linux/rpminfo_probe.c | ||
@@ -62,6 +62,9 @@ | ||
/* RPM headers */ | ||
#include "rpm-helper.h" | ||
|
||
+/* Individual RPM headers */ | ||
+#include <rpm/rpmpgp.h> | ||
+ | ||
/* SEAP */ | ||
#include "_seap.h" | ||
#include <probe-api.h> | ||
diff --git a/src/OVAL/probes/unix/linux/rpmverify_probe.c b/src/OVAL/probes/unix/linux/rpmverify_probe.c | ||
index 14ee57d89..4dca3022d 100644 | ||
--- a/src/OVAL/probes/unix/linux/rpmverify_probe.c | ||
+++ b/src/OVAL/probes/unix/linux/rpmverify_probe.c | ||
@@ -46,6 +46,7 @@ | ||
/* Individual RPM headers */ | ||
#include <rpm/rpmfi.h> | ||
#include <rpm/rpmcli.h> | ||
+#include <rpm/rpmpgp.h> | ||
|
||
/* SEAP */ | ||
#include <probe-api.h> | ||
diff --git a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c | ||
index a61f44e39..6273ac9e7 100644 | ||
--- a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c | ||
+++ b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c | ||
@@ -49,6 +49,7 @@ | ||
/* Individual RPM headers */ | ||
#include <rpm/rpmfi.h> | ||
#include <rpm/rpmcli.h> | ||
+#include <rpm/rpmpgp.h> | ||
|
||
/* SEAP */ | ||
#include <probe-api.h> | ||
diff --git a/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c b/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c | ||
index b56fd43d1..df95a17e5 100644 | ||
--- a/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c | ||
+++ b/src/OVAL/probes/unix/linux/rpmverifypackage_probe.c | ||
@@ -49,6 +49,7 @@ | ||
/* Individual RPM headers */ | ||
#include <rpm/rpmfi.h> | ||
#include <rpm/rpmcli.h> | ||
+#include <rpm/rpmpgp.h> | ||
#include <popt.h> | ||
|
||
/* SEAP */ | ||
-- | ||
2.41.0 | ||
|
37 changes: 37 additions & 0 deletions
37
app-forensics/openscap/files/openscap-fix-default-perl-install-path.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
From 8cc098b67bc61ed7c5fe5486b461b28bf4fa21d6 Mon Sep 17 00:00:00 2001 | ||
From: Stephen L Arnold <sarnold@vctlabs.com> | ||
Date: Tue, 11 Jul 2023 17:49:10 -0700 | ||
Subject: [PATCH 1/2] make default perl install path respect | ||
CMAKE_INSTALL_PREFIX | ||
|
||
Signed-off-by: Stephen L Arnold <sarnold@vctlabs.com> | ||
--- | ||
swig/perl/CMakeLists.txt | 6 ++++-- | ||
1 file changed, 4 insertions(+), 2 deletions(-) | ||
|
||
diff --git a/swig/perl/CMakeLists.txt b/swig/perl/CMakeLists.txt | ||
index 057b365bf..5ce41e9fa 100644 | ||
--- a/swig/perl/CMakeLists.txt | ||
+++ b/swig/perl/CMakeLists.txt | ||
@@ -1,6 +1,8 @@ | ||
include(UseSWIG) | ||
include(FindPerlLibs) | ||
|
||
+string(SUBSTRING "${PERL_VERSION_STRING}" 0 4 PERL_VERSION_MINOR) | ||
+ | ||
set(CMAKE_SWIG_FLAGS "-module" "openscap_pm") | ||
if (${CMAKE_VERSION} VERSION_LESS "3.8.0") | ||
swig_add_module(openscap_pm perl5 ../openscap.i) | ||
@@ -20,7 +22,7 @@ if (APPLE OR (${CMAKE_SYSTEM_NAME} STREQUAL "FreeBSD")) | ||
DESTINATION ${CMAKE_INSTALL_DATADIR}/perl5/vendor_perl) | ||
else() | ||
install(TARGETS ${SWIG_MODULE_openscap_pm_REAL_NAME} | ||
- DESTINATION ${PERL_VENDORLIB}) | ||
+ DESTINATION ${CMAKE_INSTALL_LIBDIR}/perl5/${PERL_VERSION_MINOR}) | ||
install(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/openscap_pm.pm | ||
- DESTINATION ${PERL_VENDORARCH}) | ||
+ DESTINATION ${CMAKE_INSTALL_LIBDIR}/perl5/vendor_perl/${PERL_VERSION_MINOR}) | ||
endif() | ||
-- | ||
2.41.0 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
From: =?utf-8?b?IkjDpXZhcmQgRi4gQWFzZW4i?= <havard.f.aasen@pfft.no> | ||
Date: Sat, 30 Jul 2022 07:57:36 +0200 | ||
Subject: run a minor testsuite | ||
|
||
Forwarded: not-needed | ||
--- | ||
tests/CMakeLists.txt | 16 ++++++++-------- | ||
1 file changed, 8 insertions(+), 8 deletions(-) | ||
|
||
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt | ||
index ae8c4f2..fa78bd5 100644 | ||
--- a/tests/CMakeLists.txt | ||
+++ b/tests/CMakeLists.txt | ||
@@ -22,20 +22,20 @@ endfunction() | ||
|
||
configure_file("test_common.sh.in" "test_common.sh" @ONLY) | ||
|
||
-add_subdirectory("API") | ||
+#add_subdirectory("API") | ||
add_subdirectory("bindings") | ||
-add_subdirectory("bz2") | ||
+#add_subdirectory("bz2") | ||
add_subdirectory("codestyle") | ||
-add_subdirectory("curl") | ||
+#add_subdirectory("curl") | ||
add_subdirectory("CPE") | ||
-add_subdirectory("DS") | ||
+#add_subdirectory("DS") | ||
add_subdirectory("mitre") | ||
-add_subdirectory("nist") | ||
+#add_subdirectory("nist") | ||
add_subdirectory("oscap_string") | ||
add_subdirectory("oval_details") | ||
-add_subdirectory("probes") | ||
-add_subdirectory("report") | ||
-add_subdirectory("sce") | ||
+#add_subdirectory("probes") | ||
+#add_subdirectory("report") | ||
+#add_subdirectory("sce") | ||
add_subdirectory("schemas") | ||
add_subdirectory("sources") | ||
add_subdirectory("utils") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<?xml version='1.0' encoding='UTF-8'?> | ||
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> | ||
<pkgmetadata> | ||
<maintainer type="person"> | ||
<email>nerdboy@gentoo.org</email> | ||
<name>Steve Arnold</name> | ||
</maintainer> | ||
<use> | ||
<flag name="nss">Prefer NSS over libgcrypt as the crypto engine</flag> | ||
<flag name="rpm">Compiles the RPM probes</flag> | ||
<flag name="sce">Enables Script Check Engine (SCE) support</flag> | ||
<flag name="sql">Build the sql independant probes</flag> | ||
</use> | ||
<longdescription lang="en"> | ||
The oscap program is a command line tool that allows users to load, scan, validate, edit, and export SCAP documents. | ||
</longdescription> | ||
<upstream> | ||
<remote-id type="github">OpenSCAP/openscap</remote-id> | ||
</upstream> | ||
</pkgmetadata> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
# Copyright 1999-2023 Gentoo Authors | ||
# Distributed under the terms of the GNU General Public License v2 | ||
|
||
EAPI=8 | ||
|
||
PYTHON_COMPAT=( python3_{9..11} ) | ||
|
||
inherit cmake bash-completion-r1 python-single-r1 | ||
|
||
HOMEPAGE="https://www.open-scap.org/tools/openscap-base" | ||
DESCRIPTION="NIST Certified SCAP 1.2 toolkit" | ||
|
||
if [[ ${PV} != *9999* ]]; then | ||
SRC_URI="https://github.com/OpenSCAP/openscap/releases/download/${PV}/${P}.tar.gz" | ||
KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" | ||
else | ||
inherit git-r3 | ||
EGIT_REPO_URI="https://github.com/OpenSCAP/openscap.git" | ||
fi | ||
|
||
LICENSE="LGPL-2.1" | ||
SLOT="0/1" | ||
IUSE="+acl +caps debug doc ldap nss +pcre perl python rpm selinux sce sql test +xattr" | ||
|
||
RDEPEND="!nss? ( dev-libs/libgcrypt:0 ) | ||
nss? ( dev-libs/nss ) | ||
acl? ( virtual/acl ) | ||
caps? ( sys-libs/libcap ) | ||
ldap? ( net-nds/openldap ) | ||
pcre? ( dev-libs/libpcre ) | ||
rpm? ( >=app-arch/rpm-4.9 ) | ||
sql? ( dev-db/opendbx ) | ||
xattr? ( sys-apps/attr ) | ||
dev-libs/libpcre | ||
dev-libs/libxml2 | ||
dev-libs/libxslt | ||
dev-libs/xmlsec | ||
dev-libs/dbus-glib | ||
dev-libs/glib | ||
dev-libs/popt | ||
net-misc/curl | ||
sys-apps/dbus | ||
${PYTHON_DEPS}" | ||
|
||
DEPEND="${RDEPEND} | ||
doc? ( app-doc/doxygen ) | ||
perl? ( dev-lang/swig ) | ||
python? ( dev-lang/swig ) | ||
test? ( | ||
app-arch/unzip | ||
dev-perl/XML-XPath | ||
net-misc/ipcalc | ||
sys-apps/grep )" | ||
|
||
RESTRICT="!test? ( test )" | ||
|
||
REQUIRED_USE="${PYTHON_REQUIRED_USE}" | ||
PATCHES=( | ||
"${FILESDIR}/${PN}-fix-default-perl-install-path.patch" | ||
"${FILESDIR}/run-a-minor-testsuite.patch" | ||
"${FILESDIR}/${PN}-fix-QA-warnings-with-newer-toolchain.patch" | ||
) | ||
|
||
DOCS=( README.md ) | ||
|
||
src_configure() { | ||
local mycmakeargs=( | ||
-DENABLE_OSCAP_REMEDIATE_SERVICE=OFF | ||
-DENABLE_PERL="$(usex perl)" | ||
-DOPENSCAP_PROBE_UNIX_GCONF=OFF | ||
-DGCONF_LIBRARY= | ||
-DENABLE_DOCS="$(usex doc)" | ||
) | ||
|
||
|
||
cmake_src_configure | ||
} |