ChangeLog

# ChangeLog for net-analyzer/base
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/net-analyzer/base/ChangeLog,v 1.15 2008/08/04 19:16:49 jer Exp $

04 Aug 2008; Jeroen Roovers metadata.xml:
Describe local USE flags for GLEP 56.

*base-1.4.0 (06 Jul 2008)

06 Jul 2008; Robert Buchholz -base-1.3.6.ebuild,
-base-1.3.8.ebuild, +base-1.4.0.ebuild:
Version bump, Fixes: XSS Security bug #202750 and undefined function
base_header() #201643

*base-1.3.8 (22 Oct 2007)

22 Oct 2007; Markus Ullmann +base-1.3.8.ebuild:
Import from php overlay

09 Oct 2007; Jakub Moc +base-1.3.8.ebuild:
Version bump, require PHP5 as PHP4 is going to be masked. Fix adodb path
(see Bug 194166) and jpgraph dependency accordingly. Make pkg_setup check
all PHP use flags at once, remove reference to non-existant USE=apache,
remove implicit system dependencies. Remove bogus media-libs/gd dependency.
Fix truncated elog instructions.

06 Sep 2007; Markus Ullmann -base-1.2.7-r2.ebuild:
Cleanup

*base-1.3.6 (23 May 2007)

23 May 2007; Markus Ullmann +base-1.3.6.ebuild:
Version bump wrt bug #178477

01 May 2007; Marius Mauch base-1.2.7-r2.ebuild:
Replacing einfo with elog

01 Feb 2007; Markus Ullmann base-1.2.7-r2.ebuild:
typo fun

*base-1.2.7-r2 (01 Feb 2007)

01 Feb 2007; Markus Ullmann -base-1.2.7-r1.ebuild,
+base-1.2.7-r2.ebuild:
Add signatures useflag

*base-1.2.7-r1 (01 Feb 2007)

01 Feb 2007; Markus Ullmann -base-1.2.4.ebuild,
-base-1.2.7.ebuild, +base-1.2.7-r1.ebuild:
Fixing dependencies wrt bug #159781

*base-1.2.7 (02 Dec 2006)

02 Dec 2006; Marcelo Goes -base-1.2.2.ebuild,
-base-1.2.2-r1.ebuild, +base-1.2.7.ebuild:
1.2.7 version bump for bug 142528. Thanks to Toralf Forster at gmx dot de>. Removing old ebuilds.

23 Nov 2006; Francesco Riosa base-1.2.2.ebuild,
base-1.2.2-r1.ebuild, base-1.2.4.ebuild:
dev-db/mysql => virtual/mysql

21 Jun 2006; base-1.2.4.ebuild:
Added ~ppc wrt bug #134568

*base-1.2.4 (27 Mar 2006)

27 Mar 2006; Markus Ullmann +base-1.2.4.ebuild:
Version bump wrt bug #126877

*base-1.2.2-r1 (08 Feb 2006)

08 Feb 2006; Marcelo Goes +base-1.2.2-r1.ebuild:
Add fixes from bug 122063, most notably php5 support. Thanks to Travis Post
and Jakub Moc .

*base-1.2.2 (28 Jan 2006)

28 Jan 2006; Marcelo Goes +metadata.xml,
+base-1.2.2.ebuild:
Initial commit for bug 119623. Thanks to Travis Post dot com>. Added netmon as a herd.

Manifest

DIST base-1.4.0.tar.gz 921006 RMD160 61635079cbd90ca58761bbc5becb783b90aba76f SHA1 461edc4d7ce86df30da7754c444de907f025d9dd SHA256 6438d020eec493ae4b1c264bc16694cf86a69ba58479ec531ba92f3a76bb3d05
DIST snortrules-pr-2.4.tar.gz 789097 RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 SHA1 b8b59754ccb59b1dcf324d2faa399326117a60e9 SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504
EBUILD base-1.4.0.ebuild 7154 RMD160 38dd2cbac3836114e5716c46612f7537acfd9fec SHA1 2257f8f00fa3bd60cb5581e92aad282ba3b7b96f SHA256 713ca15079d32b4ed514b5c2429685c1034c06ae97f883d204abb0bbc530bf35
MISC ChangeLog 2908 RMD160 75dfcf165bc60fb69ca165fe0ea1ca67bb3a2af0 SHA1 0e2d3c627720e164295df398c7260b9729535f7d SHA256 adbde22a61895e42239a1ada4295bd2fc96009d4890a520d5483aa80e1944b82
MISC metadata.xml 267 RMD160 c913a59512630e220806726ec79210152b7f8121 SHA1 51cec405577f36038414fc3824a31361c9b4aa4e SHA256 2b41d49c3358e9cd93369ec863bae1056a515f613d9555617e501930b05b07ba

base-1.4.0.ebuild

# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-analyzer/base/base-1.4.0.ebuild,v 1.1 2008/07/06 22:09:49 rbu Exp $

inherit webapp versionator eutils depend.apache depend.php

CONF_DIR="/etc/${PN}"
CONF_OLD="base_conf.php.dist"
CONF_NEW="base_conf.php"
MIDDLEMAN="base_path.php"
DBTYPES="mssql mysql oracle postgres"

DESCRIPTION="A web-based front-end to the Snort IDS."
HOMEPAGE="http://base.secureideas.net"
SRC_URI="mirror://sourceforge/secureideas/${P}.tar.gz
signatures? ( http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-2.4.tar.gz )"

LICENSE="GPL-2"
KEYWORDS="~amd64 ~ppc ~x86"
# SLOT is intentionally omitted because this package uses webapp-config
IUSE="gd signatures ${DBTYPES}"

# BASE *should* work with any php-driven web server, so only require Apache
# when the user has an apache use-flag set.
want_apache

DEPEND=">=sys-libs/zlib-1.2.1-r3"
RDEPEND="${DEPEND}
dev-php/adodb
gd? ( >=dev-php5/jpgraph-2.0_beta
>=dev-php/PEAR-PEAR-1.3.6-r1
>=dev-php/PEAR-Image_Color-1.0.2
>=dev-php/PEAR-Log-1.9.3
>=dev-php/PEAR-Numbers_Roman-0.2.0
>=dev-php/PEAR-Numbers_Words-0.14.0
>=dev-php/PEAR-Image_Canvas-0.2.4
>=dev-php/PEAR-Image_Graph-0.7.1 )"
# A local database isn't necessary, so only require one when the user
# has use-flags set for one of the supported DBs.
# Snort can also be installed on a remote system, so don't require it.

# Require PHP.
need_php5

pkg_setup() {
webapp_pkg_setup

# Set the group ownership for /etc/base/base_conf.php so it can be read by
# the user's web server.
if use apache2 ; then
HTTPD_GROUP="apache"
else
# Set a safe default group.
HTTPD_GROUP="root"
fi

# Check and setup selected DB type
dbtypecnt=0
for db in ${DBTYPES}; do
if use ${db}; then
if [ ${dbtypecnt} -eq 0 ]; then
BASE_DBTYPE=${db}
let dbtypecnt++
elif [ ${dbtypecnt} -ge 1 ]; then
ewarn "You set multiple database types in your USE flags."
ewarn "You will have to setup DBtype configuration manually."
fi
fi
done

if [ ${dbtypecnt} -eq 0 ]; then
ewarn "No database type selected in your USE flags."
ewarn "You will have to setup DBtype manually."
fi

# Make sure php was built with the necessary USE flags.
local flags=session
for f in mssql mysql postgres ; do
use ${f} && flags="${flags} ${f}"
done

if use oracle && ! built_with_use virtual/php oci8-instant-client ; then
ewarn "PHP with oci8-instant-client support not found!"
ewarn "It is your responsibility to ensure that PHP will work"
ewarn "with commercial Oracle implementation."
fi

if ! PHPCHECKNODIE="yes" require_php_with_use ${flags} || \
( use gd && ! PHPCHECKNODIE="yes" require_php_with_any_use gd gd-external ) ; then
eerror "Re-emerge ${PHP_PKG} with ${flags} USE flags enabled"
use gd && eerror "as well as with either gd or gd-external USE flag enabled."
die "Re-emerge ${PHP_PKG} with the above USE flags."
fi
}

src_unpack() {
unpack ${A}
cd "${S}"

# Help the user configure /etc/base/base_conf.php so BASE works out of the
# box in most environments. The user will still be warned to edit the
# file manually at the pkg_postinst() stage.
sed -i -e 's:$BASE_urlpath.*:$BASE_urlpath = "/base";:g' \
${CONF_OLD}

sed -i -e 's:$DBlib_path.*:$DBlib_path = "/usr/share/php5/adodb";:g' \
${CONF_OLD}

if [[ "${BASE_DBTYPE}" == "postgres" ]]; then
sed -i -e 's:$DBtype.*:$DBtype = "postgres";:g' \
${CONF_OLD}
fi
if [[ "${BASE_DBTYPE}" == "mssql" ]]; then
sed -i -e 's:$DBtype.*:$DBtype = "mssql";:g' \
${CONF_OLD}
fi
if [[ "${BASE_DBTYPE}" == "oracle" ]]; then
sed -i -e 's:$DBtype.*:$DBtype = "oci8";:g' \
${CONF_OLD}
fi

# Install the configuration files in the usual /etc/${PN} location so that
# etc-update functions properly (it also improves security somewhat, since
# the config file contains plain-text passwords and should not be located
# inside the web-root). This requires changing the BASE source a tad to
# recognize the new location for base_conf.php.
for PHP in *.php */*.php; do
sed -i -e "s:${CONF_NEW}:${MIDDLEMAN}:g" \
${CONF_OLD} "${PHP}"
done

# Create the file ${MIDDLEMAN} to determine the web-root and to change
# the location of "include" to /etc/base/base_conf.php.
echo " ${MIDDLEMAN}
echo ' $BASE_path = dirname(__FILE__);' >> ${MIDDLEMAN}
echo " include(\"${CONF_DIR}/${CONF_NEW}\");" >> ${MIDDLEMAN}
echo "?>" >> ${MIDDLEMAN}

# Delete the $BASE_path variable from the config file because we
# now handle it with ${MIDDLEMAN} created above.
sed -i -e 's:$BASE_path =.*::g' ${CONF_OLD}

# Modify the HTML headers so search engines don't index BASE.
sed -i -e \
's::\n :g' \
index.php
sed -i -e \
's::\n :g' \
base_main.php
}

src_install() {
webapp_src_preinst

# Install the docs once in the standard /usr/share/doc/${PF}/DOCDESTREE
# location instead of installing them in every virtual host directory.
cd docs
dodoc *
if use signatures ; then
cd "${WORKDIR}"
insinto ${MY_HTDOCSDIR}/signatures
doins doc/signatures/*
fi
cd "${S}"
rm -rf docs

# Install the config files in the normal location (/etc/${PN}).
insinto ${CONF_DIR} || die "Unable to insinto ${CONF_DIR}"
doins ${CONF_OLD} || die "Unable to doins ${CONF_OLD}"
newins ${CONF_OLD} ${CONF_NEW} || die "Unable to create ${CONF_NEW}"

# Install BASE for webapp-config
insinto ${MY_HTDOCSDIR} || die "Unable to insinto ${MY_HTDOCSDIR}"
doins -r *

webapp_src_install
}

pkg_postinst() {
webapp_pkg_postinst

# Set the proper permissions on /etc/base/base_conf.php
chmod 640 ${CONF_DIR}/${CONF_NEW} || FPERMS="FALSE"
chown root:${HTTPD_GROUP} ${CONF_DIR}/${CONF_NEW} || FOWNERS="FALSE"

# Notify the user of any problems at the very end.
if [ "${HTTPD_GROUP}" == "root" ]; then
ewarn ""
ewarn "It looks like you are not using Apache"
ewarn "as your web server. For BASE to work properly, you will"
ewarn "need to change the ownership of ${CONF_DIR}/${CONF_NEW} to"
ewarn "root:[www user] To use Apache, add \"apache2\" to"
ewarn "your USE flags and re-emerge BASE."
fi
if [ "${FPERMS}" == "FALSE" ]; then
ewarn ""
ewarn "Unable to change the permissions on ${CONF_DIR}/${CONF_NEW}".
ewarn "Please change them manually by issuing:"
ewarn "chmod 640 ${CONF_DIR}/${CONF_NEW}"
fi
if [ "${FOWNERS}" == "FALSE" ]; then
ewarn ""
ewarn "Unable to change the group ownership of the file:"
ewarn "${CONF_DIR}/${CONF_NEW}"
ewarn "Please change this manually by issuing:"
ewarn "chown root:${HTTPD_GROUP} ${CONF_DIR}/${CONF_NEW}"
fi

elog ""
elog "You should edit \"${CONF_DIR}/${CONF_NEW}\" before using BASE."
elog ""
elog "To setup your initial database, direct your web browser to the"
elog "location you installed BASE/base_db_setup.php"
elog "You can find instructions in /usr/share/doc/${PF}/README"
elog "There is a guide at http://gentoo-wiki.com/HOWTO_Apache2_with_BASE"
elog ""
}

metadata.xml




netmon

Install community signatures from
net-analyzer/snort