app-forensics/aide: verbump to 0.16

Notable ebuild changes:
- fix deps;
- fix broken static USE;
- add e2fs USE to check file attributes on ext2/ext3/ext4;
- drop broken and completely useless nls USE;
- modernize ebuild, EAPI=6;
- drop useless dodoc, dohtml, fowners, fperms calls;
- stop repeating to users about example configuration;
- cleanup patches and send them upstream.

Package-Manager: Portage-2.3.6, Repoman-2.3.2

6 files changed, 214 insertions, 1 deletions

diff --git a/app-forensics/aide/Manifest b/app-forensics/aide/Manifest
index 6c9b019e22c4..ed8aa2cff1c2 100644
--- a/app-forensics/aide/Manifest
+++ b/app-forensics/aide/Manifest
@@ -1,2 +1,3 @@
 DIST aide-0.14.2.tar.gz 418098 SHA256 bf4cd417b0f4778b4f9a618d23e0b0b7db10349ba6a0129394dc82fbc2fa8b9b SHA512 4ef96078fde057a54dda467fb55711e30d947969873715a02052362c57112f5bfd3155460ef353f70ce69fea3a3c491b7925bebbdb7034dbf618c63c360347df WHIRLPOOL fa91e4493bcac4cf11a8fedfd5e3c490752936f9ea04871d812b831f33089b694892e32ed19cef273926d3a8c091fb15a7b98a5e5303f08609f164773475d142
 DIST aide-0.15.1.tar.gz 424970 SHA256 303e5c186257df8c86e418193199f4ea2183fc37d3d4a9098a614f61346059ef SHA512 6afe327474858c697ba017b02bd40717c33874e69b801c171c2496ff9042b557e840bef4a151bda0e4d835ddb0d972b88790237a72f250525dc1fc6b8fa673e7 WHIRLPOOL 4c21221cfbaeff3aa00a3f22c4e31c1fffd3f00d112828540ab6ab94dd019086244de71e5d19d1120078acc7b81b9efa5a36d55937292f523bcb4e064830ba6a
+DIST aide-0.16.tar.gz 391009 SHA256 a81c53a131c4fd130b169b3a26ac35386a2f6e1e014f12807524cc273ed97345 SHA512 29ad97756e3e2fb21dc332ed03b494a1c73e621266f8622ec80bdba23092a38ee975b97f3cff2330e4c16e64e2f672259eea9291ca706a4009e7399b4e14e6a7 WHIRLPOOL d9ecba06d8367ed2ef622ee6b3ccf6a0ed37bad52548063c5c153bd31b856ed8a3379e6057cc1d4aebd29473ded71e9190c8c17dbeaa65eec3365be1d43d5f46
diff --git a/app-forensics/aide/aide-0.16.ebuild b/app-forensics/aide/aide-0.16.ebuild
new file mode 100644
index 000000000000..be5144222bd9
--- /dev/null
+++ b/app-forensics/aide/aide-0.16.ebuild
@@ -0,0 +1,141 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools readme.gentoo-r1
+
+DESCRIPTION="AIDE (Advanced Intrusion Detection Environment) is a file integrity checker"
+HOMEPAGE="http://aide.sourceforge.net/"
+SRC_URI="mirror://sourceforge/aide/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="acl audit curl e2fs mhash postgres prelink selinux static xattr zlib"
+
+COMMON_DEPEND="
+	!mhash? (
+		dev-libs/libgcrypt:0=
+		dev-libs/libgpg-error
+	)
+	mhash? ( app-crypt/mhash )
+	dev-libs/libpcre
+	acl? ( virtual/acl )
+	audit? ( sys-process/audit )
+	curl? ( net-misc/curl )
+	e2fs? ( sys-fs/e2fsprogs )
+	postgres? ( dev-db/postgresql:= )
+	prelink? ( dev-libs/elfutils )
+	selinux? ( sys-libs/libselinux )
+	xattr? ( sys-apps/attr )
+	zlib? ( sys-libs/zlib )
+"
+RDEPEND="
+	!static? ( ${COMMON_DEPEND} )
+	prelink? ( sys-devel/prelink )
+	selinux? ( sec-policy/selinux-aide )
+"
+DEPEND="${COMMON_DEPEND}
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	static? (
+		!mhash? (
+			dev-libs/libgcrypt:0[static-libs]
+			dev-libs/libgpg-error[static-libs]
+		)
+		mhash? ( app-crypt/mhash[static-libs] )
+		dev-libs/libpcre[static-libs]
+		acl? ( virtual/acl[static-libs] )
+		e2fs? ( sys-fs/e2fsprogs[static-libs] )
+		prelink? ( dev-libs/elfutils[static-libs] )
+		selinux? ( sys-libs/libselinux[static-libs] )
+		xattr? ( sys-apps/attr[static-libs] )
+		zlib? ( sys-libs/zlib[static-libs] )
+	)
+"
+
+REQUIRED_USE="
+	postgres? ( !mhash )
+	static? ( !audit !curl !postgres )
+"
+
+HTML_DOCS=( doc/manual.html )
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="
+Example configuration file was installed at '${EPREFIX}/etc/aide/aide.conf'.
+Please edit it to meet your needs. Refer to aide.conf(5) manual page
+for more information.
+
+A helper script, aideinit, was installed and can be used to make AIDE
+management easier. Please run 'aideinit --help' for more information.
+"
+
+PATCHES=(
+	"${FILESDIR}/${P}-add-missing-include.patch"
+	"${FILESDIR}/${P}-fix-LIBS-LDFLAGS-mixing.patch"
+	"${FILESDIR}/${P}-fix-acl-configure-option.patch"
+)
+
+src_prepare() {
+	default_src_prepare
+	sed -i -e 's| -Werror||g' configure.ac || die
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--sysconfdir="${EPREFIX}/etc/${PN}"
+		--with-confighmactype="sha512"		# Override default weak MD5 hash.
+		--with-dbhmackey="sha512"			# Override default weak MD5 hash.
+		# Disable broken l10n support: https://sourceforge.net/p/aide/bugs/98/
+		# This doesn't affect anything because there are no localizations yet.
+		--without-locale
+		$(use_enable static)
+		$(use_with zlib)
+		$(use_with curl)
+		$(use_with acl posix-acl)
+		$(use_with selinux)
+		$(use_with prelink prelink "${EPREFIX}/usr/sbin/prelink")
+		$(use_with xattr)
+		$(use_with e2fs e2fsattrs)
+		$(use_with mhash mhash)
+		$(use_with !mhash gcrypt)
+		$(use_with postgres psql)
+		$(use_with audit)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default_src_install
+	readme.gentoo_create_doc
+
+	insinto /etc/${PN}
+	doins "${FILESDIR}"/aide.conf
+
+	dosbin "${FILESDIR}"/aideinit
+	dodoc "${FILESDIR}"/aide.cron
+
+	keepdir /var/{lib,log}/${PN}
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+
+	if use postgres; then
+		elog
+		elog "Due to a bad assumption by aide, you must issue the following"
+		elog "command after the database initialization (aide --init ...):"
+		elog
+		elog 'psql -c "update pg_index set indisunique=false from pg_class \\ '
+		elog "  where pg_class.relname='TABLE_pkey' and \ "
+		elog '  pg_class.oid=pg_index.indexrelid" -h HOSTNAME -p PORT DBASE USER'
+		elog
+		elog "where TABLE, HOSTNAME, PORT, DBASE, and USER are the same as"
+		elog "in your aide.conf."
+		elog
+	fi
+}
diff --git a/app-forensics/aide/files/aide-0.16-add-missing-include.patch b/app-forensics/aide/files/aide-0.16-add-missing-include.patch
new file mode 100644
index 000000000000..75f0403c968e
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16-add-missing-include.patch
@@ -0,0 +1,24 @@
+commit 1cbb888d55388d6bb88141c946bd6993b3e9872f
+Author: Ilya Tumaykin <itumaykin@gmail.com>
+Date:   Tue May 23 17:24:29 2017 +0300
+
+db: add missing include
+
+url_fclose() function used in this file is defined in fopen.h.
+See https://sourceforge.net/p/aide/bugs/99/
+
+diff --git a/src/db.c b/src/db.c
+index dd133d4..858240d 100644
+--- a/src/db.c
++++ b/src/db.c
+@@ -28,6 +28,10 @@
+ #include "db_disk.h"
+ #include "md.h"
+
++#ifdef WITH_CURL
++#include "fopen.h"
++#endif
++
+ #ifdef WITH_PSQL
+ #include "db_sql.h"
+ #endif
diff --git a/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch b/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch
new file mode 100644
index 000000000000..453abe5f1eae
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16-fix-LIBS-LDFLAGS-mixing.patch
@@ -0,0 +1,23 @@
+commit 6da37687ba7cf259ac19cae2e1c16115b6848143
+Author: Ilya Tumaykin <itumaykin@gmail.com>
+Date:   Thu May 25 13:34:55 2017 +0300
+
+build: fix incorrect LIBS/LDFLAGS mixing
+
+Otherwise build with LDFLAGS='-Wl,--as-needed' and curl support fails.
+See https://bugs.gentoo.org/show_bug.cgi?id=271326
+and https://sourceforge.net/p/aide/bugs/96/
+
+diff --git a/configure.ac b/configure.ac
+index 3598ebe..0c5cb0c 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -713,7 +713,7 @@ if test x$with_curl = xyes; then
+   AC_CHECK_HEADERS(curl/curl.h,,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])])
+   CFLAGS="$CFLAGS $CURL_CFLAGS"
+-  LDFLAGS="$LDFLAGS $CURL_LIBS"
++  LIBS="$LIBS $CURL_LIBS"
+   AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes,
+  	[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]
+ )
diff --git a/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch b/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
new file mode 100644
index 000000000000..a989e379039c
--- /dev/null
+++ b/app-forensics/aide/files/aide-0.16-fix-acl-configure-option.patch
@@ -0,0 +1,23 @@
+commit 3d9746bccbb50809e4c3de90ab5145a17af39aeb
+Author: Ilya Tumaykin <itumaykin@gmail.com>
+Date:   Thu May 25 14:38:02 2017 +0300
+
+build: respect user choice for posix-acl configure option
+
+Otherwise acl support is enabled automagically, which is bad.
+See https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Automagic_dependencies
+and https://sourceforge.net/p/aide/bugs/97/
+
+diff --git a/configure.ac b/configure.ac
+index 3598ebe..c45bbee 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -450,7 +450,7 @@ AC_MSG_CHECKING(for posix-acl-support)
+ AC_ARG_WITH([posix-acl],
+ 	[AC_HELP_STRING([--with-posix-acl],
+ 		[use POSIX ACLs (no checking)])],
+-	[],
++	[with_posix_acl_support="$withval"],
+ 	[with_posix_acl_support=no]
+ )
+
diff --git a/app-forensics/aide/metadata.xml b/app-forensics/aide/metadata.xml
index cfb8d84da807..b39aaf5590ba 100644
--- a/app-forensics/aide/metadata.xml
+++ b/app-forensics/aide/metadata.xml
@@ -6,7 +6,8 @@
 		<name>Gentoo Forensics Project</name>
 	</maintainer>
 	<use>
-		<flag name="prelink">Enable support for <pkg>sys-devel/prelink</pkg></flag>
+		<flag name="e2fs">Enable support for checking file attributes on ext2/ext3/ext4 filesystems</flag>
+		<flag name="prelink">Bypass prelinking when calculating checksums</flag>
 	</use>
 	<upstream>
 		<remote-id type="sourceforge">aide</remote-id>