Adopted package and rewritten PKGBUILD: switched to sha256 checksum,

added dependencies, new executables and install file,
backing up user configurations, created prepare(), improved cleanup

3 files changed, 155 insertions, 56 deletions

diff --git a/.SRCINFO b/.SRCINFO
index c76c34829a50..112697b7a066 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,13 +1,24 @@
 pkgbase = maldet
-	pkgdesc = linux malware scanner designed around threats faced in shared host environments
+	pkgdesc = Linux malware scanner designed around threats faced in shared host environments
 	pkgver = 1.6.4
-	pkgrel = 7
+	pkgrel = 8
 	url = https://www.rfxn.com/projects/linux-malware-detect/
+	install = maldet.install
 	arch = any
 	license = GPL2
+	depends = inetutils
+	depends = inotify-tools
 	depends = perl
+	provides = linux-malware-detect
+	backup = etc/maldet/hookscan.conf
+	backup = etc/maldet/ignore_file_ext
+	backup = etc/maldet/ignore_inotify
+	backup = etc/maldet/ignore_paths
+	backup = etc/maldet/ignore_sigs
+	backup = etc/maldet/internals.conf
 	backup = etc/maldet/maldet.conf
+	backup = etc/maldet/monitor_paths
 	source = https://github.com/rfxn/linux-malware-detect/archive/1.6.4.tar.gz
-	md5sums = 75560119b94f558da88d5f8cc8710354
+	sha256sums = 3ad66eebd443d32dd6c811dcf2d264b78678c75ed1d40c15434180d4453e60d2
 
 pkgname = maldet
diff --git a/PKGBUILD b/PKGBUILD
index 63aad4de70e6..2d99273c8b5c 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,64 +1,143 @@
-# Maintainer: Bjoern Franke <bjo+aur@schafweide.org>
+# Maintainer: AlphaJack <alphajack at tuta dot io>
+# Contributor Bjoern Franke <bjo+aur@schafweide.org>
 # Contributor: G. Schlisio <x-git@dukun.de>
 # Contributor: Matt Harrison <matt@hallme.com>
 # Contributor: Sergey Mamonov <mrqwer88@gmail.com>
-pkgname=maldet
+
+pkgname="maldet"
 pkgver=1.6.4
-pkgrel=7
-pkgdesc="linux malware scanner designed around threats faced in shared host environments"
+pkgrel=8
+pkgdesc="Linux malware scanner designed around threats faced in shared host environments"
 url="https://www.rfxn.com/projects/linux-malware-detect/"
-license=('GPL2')
-arch=('any')
-depends=('perl')
-depends_x86_64=('lib32-glibc')
-source=("https://github.com/rfxn/linux-malware-detect/archive/${pkgver}.tar.gz")
-backup=("etc/maldet/maldet.conf")
-md5sums=('75560119b94f558da88d5f8cc8710354')
+license=("GPL2")
+arch=("any")
+provides=("linux-malware-detect")
+depends=("inetutils" "inotify-tools" "perl")
+depends_x86_64=("lib32-glibc")
+source=("https://github.com/rfxn/linux-malware-detect/archive/$pkgver.tar.gz")
+backup=("etc/maldet/hookscan.conf"
+        "etc/maldet/ignore_file_ext"
+        "etc/maldet/ignore_inotify"
+        "etc/maldet/ignore_paths"
+        "etc/maldet/ignore_sigs"
+        "etc/maldet/internals.conf"
+        "etc/maldet/maldet.conf"
+        "etc/maldet/monitor_paths"
+        )
+sha256sums=('3ad66eebd443d32dd6c811dcf2d264b78678c75ed1d40c15434180d4453e60d2')
+install="maldet.install"
 
-## TODO upstream setup tries to overwrite clamav's rfxn.* and lmd.user.* files
-#  seems to run with root-privs, so check for overwrites anywhere (best in a VM)
-#  file system privileges - depends on root/user
+prepare(){
+ ## TODO upstream setup tries to overwrite clamav's rfxn.* and lmd.user.* files
+ #  seems to run with root-privs, so check for overwrites anywhere (best in a VM)
+ #  file system privileges - depends on root/user
+ cd "linux-malware-detect-$pkgver"
+ # use arch linux file hierarchy
+ sed -i "files/maldet" \
+     -e "s|^inspath='/usr/local/maldetect'|inspath='/usr/share/maldet'|" \
+     -e 's|^intcnf="\$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|'
+ sed -i "files/hookscan.sh" \
+     -e "s|^inspath='/usr/local/maldetect'|inspath=\"/usr/share/maldet\"|" \
+     -e 's|^intcnf="$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' \
+     -e 's|hookcnf="$inspath/conf.maldet.hookscan"|hookcnf="/etc/maldet/hookscan.conf"|' \
+     -e 's|$inspath/maldet|/usr/bin/maldet|' \
+     -e 's|tmpdir=/var/tmp|tmpdir=/var/lib/maldet/tmp|'
+cat > "files/conf.maldet.hookscan" <<CONTENT
+#quarantine_hits=1
+#quarantine_clean=0
+#scan_tmpdir_paths=''
+#hscan=1
+CONTENT
+ sed -i "files/conf.maldet" \
+     -e "s|/usr/local/maldetect/tmp|/var/lib/maldet/tmp|" \
+     -e "s|/usr/local/maldetect/monitor_paths|/etc/maldet/monitor_paths|"
 
-package(){
-    cd "$srcdir/linux-malware-detect-$pkgver"
-    dest="$pkgdir/usr/share/maldet"
-    mkdir -p "$dest"
-    cp -r files/* "$dest"
-    mkdir -p "$pkgdir/usr/bin/"
-    mv "$dest"/maldet "$pkgdir/usr/bin"
-    sed -i "s|^inspath='/usr/local/maldetect'|inspath='/usr/share/maldet'|" "$pkgdir/usr/bin/maldet"
-    sed -i 's|^intcnf="\$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' "$pkgdir/usr/bin/maldet"
+ sed -i "files/ignore_inotify" \
+     -e 's|\^/usr/local/maldetect\*|\^/var/lib/maldetect\*\n\^/usr/share/maldetect\*|'
+
+ sed -i "files/ignore_paths" \
+     -e "s|/usr/local/maldetect|/var/lib/maldet\n/usr/share/maldet|" \
+     -e "s|/usr/local/sbin/maldet|/usr/bin/maldet|"
+ 
+ sed -i "files/internals/functions" \
+     -e 's|$inspath/maldet|/usr/bin/maldet|'
+
+ sed -i "files/internals/hexfifo.pl" \
+     -e "s|/usr/local/maldetect/internals|/usr/share/maldetect/internals|"
+
+ sed -i "files/internals/importconf" \
+     -e "s|/usr/local/maldetect/conf.maldet|/etc/maldet/maldet.conf|" \
+     -e "s|/usr/local/maldetect/tmp|/var/lib/maldet/tmp|" \
+     -e "s|/usr/local/maldetect/monitor_paths|/etc/maldet/monitor_paths|"
 
-    mkdir -p "$pkgdir/usr/lib/systemd/system/"
-    sed "s|/usr/local/maldetect/maldet|/usr/bin/maldet|" "$dest/service/maldet.service" \
-      | sed "s|--monitor /usr/local/maldetect/monitor_paths|--monitor /etc/maldet/monitor_paths|" \
-      | sed "s|^PIDFile=.*|PIDFile=/var/lib/maldet/tmp/inotifywait.pid|" \
-      | sed "s|^EnvironmentFile=.*|EnvironmentFile=/etc/maldet/maldet.conf|" \
-      > "$pkgdir/usr/lib/systemd/system/maldet.service"
-    rm -r "$dest/service"
+ sed -i "files/internals/internals.conf" \
+     -e 's|^logdir="\$inspath/logs"|logdir="/var/log/maldet"|' \
+     -e 's|^inspath=/usr/local/maldetect|inspath="/usr/share/maldet"|' \
+     -e 's|^intcnf="$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' \
+     -e 's|^confpath="\$inspath"|confpath="/etc/maldet"|' \
+     -e 's|^cnffile="conf.maldet"|cnffile="maldet.conf"|' \
+     -e 's|^varlibpath="\$inspath"|varlibpath="/var/lib/maldet"|' \
+     -e 's|^tmpdir="\$inspath/tmp"|tmpdir="$varlibpath/tmp"|' \
+     -e 's|^inotify_log="\$inspath/logs/inotify_log"|inotify_log="$logdir/inotify_log"|'
 
-    mkdir -p "$pkgdir/var/lib/maldet"
-    mkdir -p "$pkgdir/var/lib/maldet/"{internals,quarantine,sess,sigs,clean,tmp,pub}
-    mkdir -p "$pkgdir/var/log/maldet"
-    mkdir -p "$pkgdir/etc/maldet"
-    mv "$dest/conf.maldet" "$pkgdir/etc/maldet/maldet.conf"
-    sed 's|^logdir="\$inspath/logs"|logdir="/var/log/maldet"|' "$dest/internals/internals.conf" \
-      | sed 's|^inspath=/usr/local/maldetect|inspath="/usr/share/maldet"|' \
-      | sed 's|^intcnf="$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' \
-      | sed 's|^confpath="\$inspath"|confpath="/etc/maldet"|' \
-      | sed 's|^cnffile="conf.maldet"|cnffile="maldet.conf"|' \
-      | sed 's|^varlibpath="\$inspath"|varlibpath="/var/lib/maldet"|' \
-      | sed 's|^tmpdir="\$inspath/tmp"|tmpdir="$varlibpath/tmp"|' \
-      | sed 's|^inotify_log="\$inspath/logs/inotify_log"|inotify_log="$logdir/inotify_log"|' \
-      > "$pkgdir/etc/maldet/internals.conf"
-    mv "$dest"/ignore_{inotify,paths,file_ext,sigs} "$pkgdir/etc/maldet/" 
-    mv "$dest/monitor_paths" "$pkgdir/etc/maldet/" 
+ sed -i "files/internals/scan.etpl" \
+     -e "s|/usr/local/sbin/maldet|/usr/bin/maldet|"
 
-    mkdir -p "$pkgdir/usr/share/man/man1/"
-    gzip -9 "$dest/maldet.1"
-    mv "$dest/maldet.1.gz" "$pkgdir/usr/share/man/man1/" 
-    mkdir -p "$pkgdir/usr/share/doc/maldet/"
-    cp CHANGELOG COPYING.GPL README "$pkgdir/usr/share/doc/maldet/"
-    rm -r "$dest/cron"
-    rm "$dest/uninstall.sh"
+ sed -i "files/internals/tlog" \
+     -e "s|/usr/local/maldetect/tmp|/var/lib/maldet/tmp|"
+
+ sed -i "files/service/maldet.service" \
+     -e "s|/usr/local/maldetect/maldet|/usr/bin/maldet|"  \
+     -e "s|--monitor /usr/local/maldetect/monitor_paths|--monitor /etc/maldet/monitor_paths|" \
+     -e "s|^PIDFile=.*|PIDFile=/var/lib/maldet/tmp/inotifywait.pid|" \
+     -e "s|^EnvironmentFile=.*|EnvironmentFile=/etc/maldet/maldet.conf|"
+}
+
+package(){
+ cd "linux-malware-detect-$pkgver"
+ # main executables
+ install -d "$pkgdir/usr/bin/"
+ install -D -m 755 "files/maldet" "$pkgdir/usr/bin/maldet"
+ install -D -m 755 "files/hookscan.sh" "$pkgdir/usr/bin/hookscan"
+ ln -s "/usr/bin/hookscan" "$pkgdir/usr/bin/modsec"
+ # program files
+ install -d "$pkgdir/usr/share/maldet"
+ cp -ar "files/"* "$pkgdir/usr/share/maldet"
+ # systemd files
+ install -D -m 644 "files/service/maldet.service" "$pkgdir/usr/lib/systemd/system/maldet.service"
+ # program data
+ install -d "$pkgdir/var/lib/maldet/"{internals,quarantine,sess,sigs,clean,tmp,pub}
+ install -d "$pkgdir/var/log/maldet"
+ # configurations
+ # must be readable by those who can execute maldet
+ install -d "$pkgdir/etc/maldet"
+ install -m 644 "files/conf.maldet" "$pkgdir/etc/maldet/maldet.conf"
+ install -m 644 "files/conf.maldet.hookscan" "$pkgdir/etc/maldet/hookscan.conf"
+ install -m 644 "files/internals/internals.conf" "$pkgdir/etc/maldet/internals.conf"
+ install -m 644 "files/monitor_paths" "$pkgdir/etc/maldet/monitor_paths"
+ cp -ra "files/"ignore_* "$pkgdir/etc/maldet/"  
+ # man pages
+ install -d "$pkgdir/usr/share/man/man1/"
+ gzip -f9 "files/maldet.1"
+ install -D -m 644 "files/maldet.1.gz" "$pkgdir/usr/share/man/man1/maldet.1.gz"
+ # documentation
+ install -d "$pkgdir/usr/share/doc/maldet/"
+ install -D -m 644 "CHANGELOG" "$pkgdir/usr/share/doc/maldet/CHANGELOG"
+ install -D -m 644 "COPYING.GPL" "$pkgdir/usr/share/license/maldet/COPYING"
+ install -D -m 644 "README" "$pkgdir/usr/share/doc/maldet/README"
+ # cleanup
+ rm -r "$pkgdir/usr/share/maldet/cron"
+ rm "$pkgdir/usr/share/maldet/conf.maldet"
+ rm "$pkgdir/usr/share/maldet/conf.maldet.cron"
+ rm "$pkgdir/usr/share/maldet/conf.maldet.hookscan"
+ rm "$pkgdir/usr/share/maldet/hookscan.sh"
+ rm "$pkgdir/usr/share/maldet/"ignore_*
+ rm "$pkgdir/usr/share/maldet/internals/internals.conf"
+ rm "$pkgdir/usr/share/maldet/maldet"
+ rm "$pkgdir/usr/share/maldet/maldet.1"
+ rm "$pkgdir/usr/share/maldet/maldet.1.gz"
+ rm "$pkgdir/usr/share/maldet/modsec.sh"
+ rm "$pkgdir/usr/share/maldet/monitor_paths"
+ rm -r "$pkgdir/usr/share/maldet/service"
+ rm "$pkgdir/usr/share/maldet/uninstall.sh"
 }
diff --git a/maldet.install b/maldet.install
new file mode 100644
index 000000000000..95bbc8d6c21c
--- /dev/null
+++ b/maldet.install
@@ -0,0 +1,9 @@
+post_install(){
+cat <<INFO
+
+Before running maldet, you will need to update signature files as root by running
+
+    maldet -u
+
+INFO
+}