Initial import as per bug #79524

(Portage version: 2.0.51-r15)

5 files changed, 70 insertions, 0 deletions

diff --git a/app-forensics/airt/ChangeLog b/app-forensics/airt/ChangeLog
new file mode 100644
index 000000000000..4103095260a2
--- /dev/null
+++ b/app-forensics/airt/ChangeLog
@@ -0,0 +1,9 @@
+# ChangeLog for app-forensics/airt
+# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/airt/ChangeLog,v 1.1 2005/01/26 01:55:37 dragonheart Exp $
+
+  26 Jan 2005; Daniel Black <dragonheart@gentoo.org> +airt-0.4.ebuild,
+  +metadata.xml:
+  Initial import as per bug #79524. Thanks to Michael Zanetta
+  <mzanetta@telsys.ch>.
+
diff --git a/app-forensics/airt/Manifest b/app-forensics/airt/Manifest
new file mode 100644
index 000000000000..8b4e16ad0388
--- /dev/null
+++ b/app-forensics/airt/Manifest
@@ -0,0 +1,4 @@
+MD5 4b59820e60cb4d0b47a3e6f4b0a4c3c5 airt-0.4.ebuild 974
+MD5 dd09b3d3602805b1bbcac35ef93e82c6 metadata.xml 707
+MD5 df64dfce8ed3b3f0ff26962cc24c69bd ChangeLog 294
+MD5 827cc186dcaac15ec33e2fdf18c78399 files/digest-airt-0.4 60
diff --git a/app-forensics/airt/airt-0.4.ebuild b/app-forensics/airt/airt-0.4.ebuild
new file mode 100644
index 000000000000..dba7b792e583
--- /dev/null
+++ b/app-forensics/airt/airt-0.4.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/airt/airt-0.4.ebuild,v 1.1 2005/01/26 01:55:37 dragonheart Exp $
+
+inherit linux-mod toolchain-funcs
+
+DESCRIPTION="AIRT(Advanced incident response tool) is a set of incident response assistant tools on linux platform."
+HOMEPAGE="http://159.226.5.93/projects/airt.htm"
+SRC_URI="http://159.226.5.93/projects/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86 -*"
+IUSE=""
+S=${WORKDIR}/${PN}
+DEPEND="virtual/libc"
+
+MODULE_NAMES="sock_hunter(:) process_hunter(:) mod_hunter(:) modumper(:${S}/mod_dumper)"
+BUILD_PARAMS="KDIR=${KERNEL_DIR}"
+BUILD_TARGETS="default"
+
+src_unpack() {
+	unpack ${A}
+	sed -i -e "s|^CC.*|CC = $(tc-getCC) ${CFLAGS}|" -e "s/modumper:/default:/" \
+		${S}/mod_dumper/Makefile
+}
+
+src_compile() {
+	linux-mod_src_compile
+	emake -C mod_dumper dismod || die
+}
+
+
+src_install() {
+	linux-mod_src_install
+	dosbin mod_dumper/dismod
+	dosbin mod_dumper/dismod.pl
+	dodoc CHANGELOG CHANGELOG.txt README.txt TODO
+}
+
diff --git a/app-forensics/airt/files/digest-airt-0.4 b/app-forensics/airt/files/digest-airt-0.4
new file mode 100644
index 000000000000..7c116ca2c946
--- /dev/null
+++ b/app-forensics/airt/files/digest-airt-0.4
@@ -0,0 +1 @@
+MD5 a3f836391d4f9d57b9621bd7916cdd08 airt-0.4.tar.bz2 73609
diff --git a/app-forensics/airt/metadata.xml b/app-forensics/airt/metadata.xml
new file mode 100644
index 000000000000..8a52bb2b2fa7
--- /dev/null
+++ b/app-forensics/airt/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>forensics</herd>
+<maintainer>
+  <email>forensics@gentoo.org</email>
+    <name>Forensics Herd</name>
+</maintainer>
+<longdescription>
+AIRT(Advanced incident response tool) is a set of incident response assistant tools on linux platform. It's useful when you want 
+to know what evil kernel backdoor is still resident on your broken system and what the hell it is.
+
+It is not as same as kstat which can be fooled simply by modifying the sys_write syscall. AIRT searches the kernel backdoors from 
+underlying system memory by a customed algorithm.
+</longdescription>
+</pkgmetadata>