diff options
-rw-r--r-- | system/tiger/README | 12 | ||||
-rw-r--r-- | system/tiger/doinst.sh | 20 | ||||
-rw-r--r-- | system/tiger/slack-desc | 10 | ||||
-rw-r--r-- | system/tiger/tiger.SlackBuild | 108 | ||||
-rw-r--r-- | system/tiger/tiger.info | 8 |
5 files changed, 158 insertions, 0 deletions
diff --git a/system/tiger/README b/system/tiger/README new file mode 100644 index 0000000000..8bfdbcd22a --- /dev/null +++ b/system/tiger/README @@ -0,0 +1,12 @@ +TIGER, or the 'tiger' scripts, is a set of Bourne shell scripts, +C programs and data files which are used to perform a security audit +of UNIX systems. It is designed to hopefully be easy to use, easy to +understand and easy to enhance. + +'tiger' incorporates checks primarily oriented towards Linux integrity +including: md5sums checks installed files, (and it can call AIDE or +Intergrit aswell), analysis of local listening processes, and then some. + +Tiger uses 'chkrootkit' for rootkit scanning if found on the system; +slackbuilds.org provides a build script for that too. + diff --git a/system/tiger/doinst.sh b/system/tiger/doinst.sh new file mode 100644 index 0000000000..71e967245c --- /dev/null +++ b/system/tiger/doinst.sh @@ -0,0 +1,20 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Try not to mess over any costum settings +config etc/tiger/cronrc.new +config etc/tiger/tigerrc.new +config usr/share/tiger/initdefs.new +config usr/share/tiger/check.tbl.new +config usr/share/tiger/syslist.new +config usr/share/tiger/config.new diff --git a/system/tiger/slack-desc b/system/tiger/slack-desc new file mode 100644 index 0000000000..64c16c7f7a --- /dev/null +++ b/system/tiger/slack-desc @@ -0,0 +1,10 @@ +tiger: Report system security vulnerabilities +tiger: +tiger: TIGER, or the 'tiger' scripts, is a set of Bourne shell scripts, +tiger: C programs and data files which are used to perform a security +tiger: audit of UNIX systems. TIGER has one primary goal: report ways +tiger: 'root' can be compromised. +tiger: +tiger: Originally developed by the A&M campus of the Texas University. +tiger: Currently it is maintained by: Javier Fernandez-Sanguino +tiger: diff --git a/system/tiger/tiger.SlackBuild b/system/tiger/tiger.SlackBuild new file mode 100644 index 0000000000..600b289843 --- /dev/null +++ b/system/tiger/tiger.SlackBuild @@ -0,0 +1,108 @@ +#!/bin/sh + +# Slackware build script for tiger +# Written by Menno E. Duursma <druiloor@zonnet.nl + +# Exit on most errors +set -e + +PRGNAM=tiger +VERSION=3.2.1 +ARCH=${ARCH:-i486} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM +tar -xzvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +# To compile it i686 or whatever you would have to patch the Makefile +# to be found in the c/ subdirectory; however i see no need to do that +./configure \ + --with-tigerhome=/usr/share/tiger \ + --with-tigerconfig=/etc/tiger \ + --with-tigerwork=/var/tiger \ + --with-tigerlog=/var/log/tiger \ + --with-tigerbin=/usr/bin + +make +make install DESTDIR=$PKG + +# Copy bin-files to system standard dir +cp -a $PKG/usr/share/tiger/bin/* $PKG/usr/bin + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mkdir -p $PKG/usr/man +cp -a $PKG/usr/share/tiger/man/* $PKG/usr/man + +( cd $PKG/usr/man + find . -type f \( -name '*.man' -a -name *.in \)-exec gzip -9 {} \; + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a [A-Z][A-Z]* tigerrc-* site-* other/*.txt $PKG/usr/doc/$PRGNAM-$VERSION + +# Copy script-plugin documentation +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION/txt +cp -a $PKG/usr/share/tiger/doc/* $PKG/usr/doc/$PRGNAM-$VERSION/txt +# And in HTML format +cp -a $PKG/usr/share/tiger/html $PKG/usr/doc/$PRGNAM-$VERSION + +# Also, include the SlackBuild script in the documentation directory +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +# Remove leftover junk +( cd $PKG + find . -type d -name CVS | xargs rm -rf +) +( cd $PKG/man + find . -type f -name '*in.gz' | xargs rm -f +) +( cd $PKG/usr/share/tiger + rm -rf bin ; rm -rf man ; rm -rf doc ; rm -rf html +) +( cd $PKG/usr/share/tiger/systems + find . -type d -maxdepth 1 \( ! -name default -a ! -name Linux \) \ + | xargs rm -rf +) +( cd $PKG/usr/share/tiger/systems/Linux + rm -rf 0 + rm -rf 1 +) + +# Move configration files to .new and have doinst.sh decide +mv $PKG/etc/tiger/cronrc $PKG/etc/tiger/cronrc.new +mv $PKG/etc/tiger/tigerrc $PKG/etc/tiger/tigerrc.new +mv $PKG/usr/share/tiger/initdefs $PKG/usr/share/tiger/initdefs.new +mv $PKG/usr/share/tiger/check.tbl $PKG/usr/share/tiger/check.tbl.new +mv $PKG/usr/share/tiger/syslist $PKG/usr/share/tiger/syslist.new +mv $PKG/usr/share/tiger/config $PKG/usr/share/tiger/config.new + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz + +# Clean up the temp stuff +if [ "$1" = "--cleanup" ]; then + rm -rf $PKG + rm -rf $TMP/$PRGNAM-$VERSION +fi + diff --git a/system/tiger/tiger.info b/system/tiger/tiger.info new file mode 100644 index 0000000000..c410f3782d --- /dev/null +++ b/system/tiger/tiger.info @@ -0,0 +1,8 @@ +PRGNAM="tiger" +VERSION="3.2.1" +HOMEPAGE="http://www.nongnu.org/tiger" +DOWNLOAD="http://download.savannah.nongnu.org/releases/tiger/tiger-3.2.1.tar.gz" +MD5SUM="7c4d6dc7c56b3b6f8fa349eca7f8e41d" +MAINTAINER="Menno E. Duursma" +EMAIL="druiloor@zonnet.nl" +APPROVED="BP{k}" |