diff options
author | AlphaJack | 2022-02-02 11:40:19 +0100 |
---|---|---|
committer | AlphaJack | 2022-02-02 11:42:22 +0100 |
commit | f05e3db8c7b99cc30cefad44951378792beaa8d7 (patch) | |
tree | 91f1b80d0b0b7fa97b65d6559b15fd1d3c33e14c | |
parent | d54f36622b45d365f74ee2de82db4d212af66dfb (diff) | |
download | aur-f05e3db8c7b99cc30cefad44951378792beaa8d7.tar.gz |
Adopted package and rewritten PKGBUILD: switched to sha256 checksum,
added dependencies, new executables and install file,
backing up user configurations, created prepare(), improved cleanup
-rw-r--r-- | .SRCINFO | 17 | ||||
-rw-r--r-- | PKGBUILD | 185 | ||||
-rw-r--r-- | maldet.install | 9 |
3 files changed, 155 insertions, 56 deletions
@@ -1,13 +1,24 @@ pkgbase = maldet - pkgdesc = linux malware scanner designed around threats faced in shared host environments + pkgdesc = Linux malware scanner designed around threats faced in shared host environments pkgver = 1.6.4 - pkgrel = 7 + pkgrel = 8 url = https://www.rfxn.com/projects/linux-malware-detect/ + install = maldet.install arch = any license = GPL2 + depends = inetutils + depends = inotify-tools depends = perl + provides = linux-malware-detect + backup = etc/maldet/hookscan.conf + backup = etc/maldet/ignore_file_ext + backup = etc/maldet/ignore_inotify + backup = etc/maldet/ignore_paths + backup = etc/maldet/ignore_sigs + backup = etc/maldet/internals.conf backup = etc/maldet/maldet.conf + backup = etc/maldet/monitor_paths source = https://github.com/rfxn/linux-malware-detect/archive/1.6.4.tar.gz - md5sums = 75560119b94f558da88d5f8cc8710354 + sha256sums = 3ad66eebd443d32dd6c811dcf2d264b78678c75ed1d40c15434180d4453e60d2 pkgname = maldet @@ -1,64 +1,143 @@ -# Maintainer: Bjoern Franke <bjo+aur@schafweide.org> +# Maintainer: AlphaJack <alphajack at tuta dot io> +# Contributor Bjoern Franke <bjo+aur@schafweide.org> # Contributor: G. Schlisio <x-git@dukun.de> # Contributor: Matt Harrison <matt@hallme.com> # Contributor: Sergey Mamonov <mrqwer88@gmail.com> -pkgname=maldet + +pkgname="maldet" pkgver=1.6.4 -pkgrel=7 -pkgdesc="linux malware scanner designed around threats faced in shared host environments" +pkgrel=8 +pkgdesc="Linux malware scanner designed around threats faced in shared host environments" url="https://www.rfxn.com/projects/linux-malware-detect/" -license=('GPL2') -arch=('any') -depends=('perl') -depends_x86_64=('lib32-glibc') -source=("https://github.com/rfxn/linux-malware-detect/archive/${pkgver}.tar.gz") -backup=("etc/maldet/maldet.conf") -md5sums=('75560119b94f558da88d5f8cc8710354') +license=("GPL2") +arch=("any") +provides=("linux-malware-detect") +depends=("inetutils" "inotify-tools" "perl") +depends_x86_64=("lib32-glibc") +source=("https://github.com/rfxn/linux-malware-detect/archive/$pkgver.tar.gz") +backup=("etc/maldet/hookscan.conf" + "etc/maldet/ignore_file_ext" + "etc/maldet/ignore_inotify" + "etc/maldet/ignore_paths" + "etc/maldet/ignore_sigs" + "etc/maldet/internals.conf" + "etc/maldet/maldet.conf" + "etc/maldet/monitor_paths" + ) +sha256sums=('3ad66eebd443d32dd6c811dcf2d264b78678c75ed1d40c15434180d4453e60d2') +install="maldet.install" -## TODO upstream setup tries to overwrite clamav's rfxn.* and lmd.user.* files -# seems to run with root-privs, so check for overwrites anywhere (best in a VM) -# file system privileges - depends on root/user +prepare(){ + ## TODO upstream setup tries to overwrite clamav's rfxn.* and lmd.user.* files + # seems to run with root-privs, so check for overwrites anywhere (best in a VM) + # file system privileges - depends on root/user + cd "linux-malware-detect-$pkgver" + # use arch linux file hierarchy + sed -i "files/maldet" \ + -e "s|^inspath='/usr/local/maldetect'|inspath='/usr/share/maldet'|" \ + -e 's|^intcnf="\$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' + sed -i "files/hookscan.sh" \ + -e "s|^inspath='/usr/local/maldetect'|inspath=\"/usr/share/maldet\"|" \ + -e 's|^intcnf="$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' \ + -e 's|hookcnf="$inspath/conf.maldet.hookscan"|hookcnf="/etc/maldet/hookscan.conf"|' \ + -e 's|$inspath/maldet|/usr/bin/maldet|' \ + -e 's|tmpdir=/var/tmp|tmpdir=/var/lib/maldet/tmp|' +cat > "files/conf.maldet.hookscan" <<CONTENT +#quarantine_hits=1 +#quarantine_clean=0 +#scan_tmpdir_paths='' +#hscan=1 +CONTENT + sed -i "files/conf.maldet" \ + -e "s|/usr/local/maldetect/tmp|/var/lib/maldet/tmp|" \ + -e "s|/usr/local/maldetect/monitor_paths|/etc/maldet/monitor_paths|" -package(){ - cd "$srcdir/linux-malware-detect-$pkgver" - dest="$pkgdir/usr/share/maldet" - mkdir -p "$dest" - cp -r files/* "$dest" - mkdir -p "$pkgdir/usr/bin/" - mv "$dest"/maldet "$pkgdir/usr/bin" - sed -i "s|^inspath='/usr/local/maldetect'|inspath='/usr/share/maldet'|" "$pkgdir/usr/bin/maldet" - sed -i 's|^intcnf="\$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' "$pkgdir/usr/bin/maldet" + sed -i "files/ignore_inotify" \ + -e 's|\^/usr/local/maldetect\*|\^/var/lib/maldetect\*\n\^/usr/share/maldetect\*|' + + sed -i "files/ignore_paths" \ + -e "s|/usr/local/maldetect|/var/lib/maldet\n/usr/share/maldet|" \ + -e "s|/usr/local/sbin/maldet|/usr/bin/maldet|" + + sed -i "files/internals/functions" \ + -e 's|$inspath/maldet|/usr/bin/maldet|' + + sed -i "files/internals/hexfifo.pl" \ + -e "s|/usr/local/maldetect/internals|/usr/share/maldetect/internals|" + + sed -i "files/internals/importconf" \ + -e "s|/usr/local/maldetect/conf.maldet|/etc/maldet/maldet.conf|" \ + -e "s|/usr/local/maldetect/tmp|/var/lib/maldet/tmp|" \ + -e "s|/usr/local/maldetect/monitor_paths|/etc/maldet/monitor_paths|" - mkdir -p "$pkgdir/usr/lib/systemd/system/" - sed "s|/usr/local/maldetect/maldet|/usr/bin/maldet|" "$dest/service/maldet.service" \ - | sed "s|--monitor /usr/local/maldetect/monitor_paths|--monitor /etc/maldet/monitor_paths|" \ - | sed "s|^PIDFile=.*|PIDFile=/var/lib/maldet/tmp/inotifywait.pid|" \ - | sed "s|^EnvironmentFile=.*|EnvironmentFile=/etc/maldet/maldet.conf|" \ - > "$pkgdir/usr/lib/systemd/system/maldet.service" - rm -r "$dest/service" + sed -i "files/internals/internals.conf" \ + -e 's|^logdir="\$inspath/logs"|logdir="/var/log/maldet"|' \ + -e 's|^inspath=/usr/local/maldetect|inspath="/usr/share/maldet"|' \ + -e 's|^intcnf="$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' \ + -e 's|^confpath="\$inspath"|confpath="/etc/maldet"|' \ + -e 's|^cnffile="conf.maldet"|cnffile="maldet.conf"|' \ + -e 's|^varlibpath="\$inspath"|varlibpath="/var/lib/maldet"|' \ + -e 's|^tmpdir="\$inspath/tmp"|tmpdir="$varlibpath/tmp"|' \ + -e 's|^inotify_log="\$inspath/logs/inotify_log"|inotify_log="$logdir/inotify_log"|' - mkdir -p "$pkgdir/var/lib/maldet" - mkdir -p "$pkgdir/var/lib/maldet/"{internals,quarantine,sess,sigs,clean,tmp,pub} - mkdir -p "$pkgdir/var/log/maldet" - mkdir -p "$pkgdir/etc/maldet" - mv "$dest/conf.maldet" "$pkgdir/etc/maldet/maldet.conf" - sed 's|^logdir="\$inspath/logs"|logdir="/var/log/maldet"|' "$dest/internals/internals.conf" \ - | sed 's|^inspath=/usr/local/maldetect|inspath="/usr/share/maldet"|' \ - | sed 's|^intcnf="$inspath/internals/internals.conf"|intcnf="/etc/maldet/internals.conf"|' \ - | sed 's|^confpath="\$inspath"|confpath="/etc/maldet"|' \ - | sed 's|^cnffile="conf.maldet"|cnffile="maldet.conf"|' \ - | sed 's|^varlibpath="\$inspath"|varlibpath="/var/lib/maldet"|' \ - | sed 's|^tmpdir="\$inspath/tmp"|tmpdir="$varlibpath/tmp"|' \ - | sed 's|^inotify_log="\$inspath/logs/inotify_log"|inotify_log="$logdir/inotify_log"|' \ - > "$pkgdir/etc/maldet/internals.conf" - mv "$dest"/ignore_{inotify,paths,file_ext,sigs} "$pkgdir/etc/maldet/" - mv "$dest/monitor_paths" "$pkgdir/etc/maldet/" + sed -i "files/internals/scan.etpl" \ + -e "s|/usr/local/sbin/maldet|/usr/bin/maldet|" - mkdir -p "$pkgdir/usr/share/man/man1/" - gzip -9 "$dest/maldet.1" - mv "$dest/maldet.1.gz" "$pkgdir/usr/share/man/man1/" - mkdir -p "$pkgdir/usr/share/doc/maldet/" - cp CHANGELOG COPYING.GPL README "$pkgdir/usr/share/doc/maldet/" - rm -r "$dest/cron" - rm "$dest/uninstall.sh" + sed -i "files/internals/tlog" \ + -e "s|/usr/local/maldetect/tmp|/var/lib/maldet/tmp|" + + sed -i "files/service/maldet.service" \ + -e "s|/usr/local/maldetect/maldet|/usr/bin/maldet|" \ + -e "s|--monitor /usr/local/maldetect/monitor_paths|--monitor /etc/maldet/monitor_paths|" \ + -e "s|^PIDFile=.*|PIDFile=/var/lib/maldet/tmp/inotifywait.pid|" \ + -e "s|^EnvironmentFile=.*|EnvironmentFile=/etc/maldet/maldet.conf|" +} + +package(){ + cd "linux-malware-detect-$pkgver" + # main executables + install -d "$pkgdir/usr/bin/" + install -D -m 755 "files/maldet" "$pkgdir/usr/bin/maldet" + install -D -m 755 "files/hookscan.sh" "$pkgdir/usr/bin/hookscan" + ln -s "/usr/bin/hookscan" "$pkgdir/usr/bin/modsec" + # program files + install -d "$pkgdir/usr/share/maldet" + cp -ar "files/"* "$pkgdir/usr/share/maldet" + # systemd files + install -D -m 644 "files/service/maldet.service" "$pkgdir/usr/lib/systemd/system/maldet.service" + # program data + install -d "$pkgdir/var/lib/maldet/"{internals,quarantine,sess,sigs,clean,tmp,pub} + install -d "$pkgdir/var/log/maldet" + # configurations + # must be readable by those who can execute maldet + install -d "$pkgdir/etc/maldet" + install -m 644 "files/conf.maldet" "$pkgdir/etc/maldet/maldet.conf" + install -m 644 "files/conf.maldet.hookscan" "$pkgdir/etc/maldet/hookscan.conf" + install -m 644 "files/internals/internals.conf" "$pkgdir/etc/maldet/internals.conf" + install -m 644 "files/monitor_paths" "$pkgdir/etc/maldet/monitor_paths" + cp -ra "files/"ignore_* "$pkgdir/etc/maldet/" + # man pages + install -d "$pkgdir/usr/share/man/man1/" + gzip -f9 "files/maldet.1" + install -D -m 644 "files/maldet.1.gz" "$pkgdir/usr/share/man/man1/maldet.1.gz" + # documentation + install -d "$pkgdir/usr/share/doc/maldet/" + install -D -m 644 "CHANGELOG" "$pkgdir/usr/share/doc/maldet/CHANGELOG" + install -D -m 644 "COPYING.GPL" "$pkgdir/usr/share/license/maldet/COPYING" + install -D -m 644 "README" "$pkgdir/usr/share/doc/maldet/README" + # cleanup + rm -r "$pkgdir/usr/share/maldet/cron" + rm "$pkgdir/usr/share/maldet/conf.maldet" + rm "$pkgdir/usr/share/maldet/conf.maldet.cron" + rm "$pkgdir/usr/share/maldet/conf.maldet.hookscan" + rm "$pkgdir/usr/share/maldet/hookscan.sh" + rm "$pkgdir/usr/share/maldet/"ignore_* + rm "$pkgdir/usr/share/maldet/internals/internals.conf" + rm "$pkgdir/usr/share/maldet/maldet" + rm "$pkgdir/usr/share/maldet/maldet.1" + rm "$pkgdir/usr/share/maldet/maldet.1.gz" + rm "$pkgdir/usr/share/maldet/modsec.sh" + rm "$pkgdir/usr/share/maldet/monitor_paths" + rm -r "$pkgdir/usr/share/maldet/service" + rm "$pkgdir/usr/share/maldet/uninstall.sh" } diff --git a/maldet.install b/maldet.install new file mode 100644 index 000000000000..95bbc8d6c21c --- /dev/null +++ b/maldet.install @@ -0,0 +1,9 @@ +post_install(){ +cat <<INFO + +Before running maldet, you will need to update signature files as root by running + + maldet -u + +INFO +} |