blob: 5bfb5082a6e1260b617d6fa1a0a9053788b6ed49 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# Maintainer: Luke R. <g4jc@openmailbox.org> GPG: rsa4096/3EAE8697
# Contributor: Brad Arrington
pkgname=samhain
pkgver=4.1.0
pkgrel=1
pkgdesc="file integrity / intrusion detection system"
arch=(i686 x86_64)
url="http://www.la-samhna.de/"
license=('GPL')
makedepends=('gcc' 'openssl' 'procps-ng')
source=("http://www.la-samhna.de/samhain/${pkgname}-current.tar.gz"
'PKGBUILD.sig'
'PKGBUILD')
validpgpkeys=('CB6E213A349B8DF9E96B622AC3F4FFCF3EAE8697' # PKGBUILD Maintainer's key
'EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C') # Rainer Wichmann
sha512sums=('ec43208be7254f9d7296fac22e1de96bb29b6effad452eb1d38bbd36661c47a8f58564c596909140f37540c3158be24e4e24fcb27590addd11e533736a7a9720'
'SKIP'
'SKIP')
pkgver() {
tar -ztvf samhain-current.tar.gz | head -n1 | awk '{print $6}' | sed "s/samhain-//" | sed "s/.tar.gz//" # get latest version number
}
build() {
gpg --verify PKGBUILD.sig PKGBUILD
echo "Note: If the GPG verification fails, import the PKGBUILD maintainer's GPG key. See: https://wiki.parabola.nu/GnuPG#Import_key"
whirlpoolsum=('1a017bd7d47f638d0c2e67a08ceda626c69037d870ba5401c832a859959bd604b35679d7aa6c510255dcd00c64eed52dbf9f39c386f45f320e2a2561f5c17983')
[[ "$(openssl dgst -r -whirlpool samhain-current.tar.gz | awk '{print $1}')" = ${whirlpoolsum} ]] && echo "Whirlpool checksum passed." || { echo "Whirlpool checksum failed!!" ; exit 1; } # This is an added security layer. If SHA512 for some unlikely reason fails, whirlpool will check and abort if it too fails to match.
gpg --verify samhain-${pkgver}.tar.gz.asc samhain-${pkgver}.tar.gz
echo "Note: If the GPG verification fails, import the Samhain GPG key: http://www.la-samhna.de/samhain/s_rkey.html"
tar -zxvf "${srcdir}/${pkgname}-current.tar.gz" -C "${srcdir}"/.
cd "${srcdir}"
tar -zxvf ${pkgname}-${pkgver}.tar.gz
cd "${pkgname}-${pkgver}"
./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --with-trusted=0 --sbindir=/usr/bin
# see samhain documentation, lots of other options available. e.g. use --enable-network=server to run in server mode.
}
package() {
cd "${pkgname}-${pkgver}"
make || return 1
make DESTDIR="$pkgdir/" install
}
|
