diff --git a/net-analyzer/arpwatch/Manifest b/net-analyzer/arpwatch/Manifest new file mode 100644 index 0000000..e7c7575 --- /dev/null +++ b/net-analyzer/arpwatch/Manifest @@ -0,0 +1,6 @@ +AUX arpwatch.confd 270 RMD160 040c4ade1f157b38fdb66d8e8cc08e3b6484ef18 SHA1 3b590f1851cbd5d684b6e836757367446fddfaf4 SHA256 bf36f7b717291733787bd00ac22d49dafc251cd50fcc27266d56d51364fd62fa +AUX arpwatch.initd 1106 RMD160 a9db01d5b2157742d6f9d48c157718e158017cb4 SHA1 8cafd84754f8e32a7fcec4180e79e3b62d4964ec SHA256 c336b18759d188ef6c77e2177fdfbf4ed5c488f04fc2357c556ff406d2eeea1d +AUX arpwatch_nomail-2.1.15.patch 4407 RMD160 d3e79782edaad49f498c45a2c1f669676bd37706 SHA1 a52d47b3dd31d9754d263dc1ae73e31bc2725ee5 SHA256 1627202cb73c07f724825f9878779e4b367ece1ec56cc7d454bbc6cc0735b54d +DIST arpwatch-2.1a15.tar.gz 202729 RMD160 a27ee53275dcec3cafb85eb3df2451d42ec32b0c SHA1 9dffaec0f132e5bb7aedfc840c5c67068bfbce69 SHA256 c1df9737e208a96a61fa92ddad83f4b4d9be66f8992f3c917e9edf4b05ff5898 +DIST arpwatch-patchset-0.4.tbz2 16350 RMD160 9e9ae77ef38591af72687fa7014b4c56fc4c4d2c SHA1 009eaa110fc93b40aa91c838b57b71a071210692 SHA256 f49deed64301078a00881fa9c27bb3a4116b9096cfe880f5a0bcc9913b439a18 +EBUILD arpwatch-2.1.15-r9999.ebuild 2126 RMD160 30b7be9bf3dddffb319b6d10931d1d51b7979cd4 SHA1 6e8100e3662aaab9a53e38f99c8154544ec63137 SHA256 2b278a8332de4246b48207092c955e343184e262777a002ac1e4002c792f5bbd diff --git a/net-analyzer/arpwatch/arpwatch-2.1.15-r9999.ebuild b/net-analyzer/arpwatch/arpwatch-2.1.15-r9999.ebuild new file mode 100644 index 0000000..d8ac1a1 --- /dev/null +++ b/net-analyzer/arpwatch/arpwatch-2.1.15-r9999.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/arpwatch-2.1.15-r5.ebuild,v 1.7 2010/04/12 12:53:41 aballier Exp $ + +inherit eutils versionator + +PATCH_VER="0.4" + +MY_P="${PN}-$(replace_version_separator 2 'a')" +DESCRIPTION="An ethernet monitor program that keeps track of ethernet/ip address pairings" +HOMEPAGE="http://www-nrg.ee.lbl.gov/" +SRC_URI="ftp://ftp.ee.lbl.gov/${MY_P}.tar.gz + mirror://gentoo/arpwatch-patchset-${PATCH_VER}.tbz2" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ppc ~sparc ~x86 ~x86-fbsd" +IUSE="selinux" + +DEPEND="virtual/libpcap + sys-libs/ncurses" + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-arpwatch )" + +S=${WORKDIR}/${MY_P} + +pkg_preinst() { + enewuser arpwatch +} + +src_unpack() { + unpack ${A} + cd "${S}" + + EPATCH_SOURCE="${WORKDIR}"/arpwatch-patchset/ + EPATCH_SUFFIX="patch" + epatch + cp "${WORKDIR}"/arpwatch-patchset/*.8 . || die "Failed to get man-pages from arpwatch-patchset." +# Pinkbyte & Rainer: adapt nomail patch to current version and all previous patches (puts log files into /var/log/arpwatch folder) + epatch "${FILESDIR}/arpwatch_nomail-${PV}.patch" +# +} + +src_install () { + dosbin arpwatch arpsnmp arp2ethers massagevendor arpfetch bihourly.sh + doman arpwatch.8 arpsnmp.8 arp2ethers.8 massagevendor.8 arpfetch.8 bihourly.8 + + insinto /usr/share/arpwatch + doins ethercodes.dat + + insinto /usr/share/arpwatch/awk + doins duplicates.awk euppertolower.awk p.awk e.awk d.awk + + keepdir /var/lib/arpwatch + dodoc README CHANGES + + newinitd "${FILESDIR}"/arpwatch.initd arpwatch + newconfd "${FILESDIR}"/arpwatch.confd arpwatch +# Pinkbyte: create directory /var/log/arpwatch and set it's owner to arpwatch user + keepdir /var/log/arpwatch + chown arpwatch:0 "${ROOT}var/log/arpwatch" +# +} + +pkg_postinst() { + # Workaround bug #141619 put this in src_install when bug'll be fixed. + chown arpwatch:0 "${ROOT}var/lib/arpwatch" + + elog "For security reasons arpwatch by default runs as an unprivileged user." + ewarn "Note: some scripts require snmpwalk utility from net-analyzer/net-snmp" +} diff --git a/net-analyzer/arpwatch/files/arpwatch.confd b/net-analyzer/arpwatch/files/arpwatch.confd new file mode 100644 index 0000000..98abe04 --- /dev/null +++ b/net-analyzer/arpwatch/files/arpwatch.confd @@ -0,0 +1,11 @@ +# Config file for /etc/init.d/arpwatch +# see arpwatch.8 for more information + +#IFACES="eth0 eth1" +IFACES="eth0" + +# Additional options to pass to arpwatch. +OPTIONS="-N -p" + +# Comment this line if you wish arpwatch to run as root user (not recommended) +ARPUSER="arpwatch" diff --git a/net-analyzer/arpwatch/files/arpwatch.initd b/net-analyzer/arpwatch/files/arpwatch.initd new file mode 100644 index 0000000..23e8525 --- /dev/null +++ b/net-analyzer/arpwatch/files/arpwatch.initd @@ -0,0 +1,37 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/arpwatch/files/arpwatch.initd,v 1.1 2007/06/02 22:37:16 jokey Exp $ + +depend() { + need net +} + +start() { + for IFACE in ${IFACES} + do + ebegin "Starting arpwatch on ${IFACE}" + DATAFILE=/var/lib/arpwatch/${IFACE}.dat + [ ! -f ${DATAFILE} ] && touch ${DATAFILE} + + if [ -z ${ARPUSER} ]; then + start-stop-daemon --start --quiet --pidfile=/var/run/arpwatch.${IFACE}.pid --exec \ + /usr/sbin/arpwatch -- -i ${IFACE} -f ${DATAFILE} -P /var/run/arpwatch.${IFACE}.pid ${OPTIONS} + else + chown ${ARPUSER} ${DATAFILE} + start-stop-daemon --start --quiet --pidfile=/var/run/arpwatch.${IFACE}.pid --exec \ + /usr/sbin/arpwatch -- -i $IFACE -u ${ARPUSER} -f ${DATAFILE} -P /var/run/arpwatch.${IFACE}.pid ${OPTIONS} + fi + eend $? + done +} + +stop() { + for IFACE in ${IFACES} + do + ebegin "Stopping arpwatch on ${IFACE}" + start-stop-daemon --stop --quiet --pidfile=/var/run/arpwatch.${IFACE}.pid --exec \ + /usr/sbin/arpwatch + eend $? + done +} diff --git a/net-analyzer/arpwatch/files/arpwatch_nomail-2.1.15.patch b/net-analyzer/arpwatch/files/arpwatch_nomail-2.1.15.patch new file mode 100644 index 0000000..26f9082 --- /dev/null +++ b/net-analyzer/arpwatch/files/arpwatch_nomail-2.1.15.patch @@ -0,0 +1,181 @@ +--- report.c.orig 2010-08-11 21:27:04.936004908 +0400 ++++ report.c 2010-08-11 21:36:40.581758034 +0400 +@@ -50,9 +50,7 @@ + #include + #include + #include +-#ifdef TIME_WITH_SYS_TIME + #include +-#endif + #include + + #include "gnuc.h" +@@ -70,11 +68,15 @@ + + #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s") + +-static int cdepth; /* number of outstanding children */ ++#if !defined(REPORT_DIR) ++#define REPORT_DIR "/var/log/arpwatch" ++#endif ++#if !defined(REPORT_FMODE) ++#define REPORT_FMODE 644 ++#endif + + static char *fmtdate(time_t); + static char *fmtdelta(time_t); +-RETSIGTYPE reaper(int); + static int32_t gmt2local(void); + + static char * +@@ -203,44 +205,6 @@ + return (dt); + } + +-RETSIGTYPE +-reaper(int signo) +-{ +- register pid_t pid; +- DECLWAITSTATUS status; +- +- for (;;) { +- pid = waitpid((pid_t)0, &status, WNOHANG); +- if ((int)pid < 0) { +- /* ptrace foo */ +- if (errno == EINTR) +- continue; +- /* ECHILD means no one left */ +- if (errno != ECHILD) +- /* It is dangerous to call non reentrant */ +- /* functions from callback (POSIX) */ +- /* Next line effectively disables this as */ +- /* we never get here in debug */ +- if (debug) +- syslog(LOG_ERR, "reaper: %m"); +- break; +- } +- /* Already got everyone who was done */ +- if (pid == 0) +- break; +- --cdepth; +- if (WEXITSTATUS(status)) +- /* It is dangerous to call non-reentrant */ +- /* functions from callback (POSIX) */ +- /* Next line effectively disables this as */ +- /* we never get here in debug */ +- if (debug) +- syslog(LOG_DEBUG, "reaper: pid %d, exit status %d", +- pid, WEXITSTATUS(status)); +- } +- return RETSIGVAL; +-} +- + void + report(register char *title, register u_int32_t a, register u_char *e1, + register u_char *e2, register time_t *t1p, register time_t *t2p, +@@ -248,16 +212,12 @@ + { + extern char *path_sendmail; + register char *cp, *hn; +- register int fd, pid; ++ register int fd; + register FILE *f; +- char tempfile[64], cpu[64], os[64]; ++ char tempfile[512], cpu[64], os[64]; + char *fmt = "%20s: %s\n"; +- char *watcher = mailaddress; +- char *watchee = WATCHEE; +- char *sendmail = path_sendmail; + char *unknown = ""; + char buf[132]; +- static int init = 0; + + /* No report until we're initialized */ + if (initializing) +@@ -271,53 +271,34 @@ + f = stdout; + (void)putc('\n', f); + } else { +- /* Setup child reaper if we haven't already */ +- if (!init) { +- (void)setsignal(SIGCHLD, reaper); +- ++init; +- } +- while (cdepth >= 3) { +- syslog(LOG_ERR, "report: pausing (cdepth %d)", cdepth); +- pause(); +- } +- +- /* Syslog this event too */ +- dosyslog(LOG_NOTICE, title, a, e1, e2, interface); +- + /* return if watcher is an empty string */ + if ( quiet ) + return; + +- /* Update child depth */ +- ++cdepth; +- +- /* Fork off child to send mail */ +- pid = fork(); +- if (pid) { +- /* Parent */ +- if (pid < 0) +- syslog(LOG_ERR, "report: fork() 1: %m"); +- return; +- } ++ time_t tt = time(NULL); ++ struct tm *t = localtime(&tt); + + /* Child */ + closelog(); + (void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX"); ++ (void)snprintf(tempfile, sizeof(tempfile), ++ "%s/arpwatch-%04d%02d%02d_%02d%02d%02d.msgXXXXXX", ++ REPORT_DIR, ++ t->tm_year, t->tm_mon, t->tm_mday, ++ t->tm_hour, t->tm_min, t->tm_sec); + if ((fd = mkstemp(tempfile)) < 0) { + syslog(LOG_ERR, "mkstemp(%s) %m", tempfile); ++ return; +- exit(1); + } ++#if defined(REPORT_FMODE) ++ fchmod(fd, REPORT_FMODE); ++#endif + if ((f = fdopen(fd, "w+")) == NULL) { +- syslog(LOG_ERR, "child fdopen(%s): %m", tempfile); +- exit(1); ++ syslog(LOG_ERR, "fdopen(%s): %m", tempfile); ++ return; + } +- /* Cheap delete-on-close */ +- if (unlink(tempfile) < 0) +- syslog(LOG_ERR, "unlink(%s): %m", tempfile); + } + +- (void)fprintf(f, "From: %s\n", watchee); +- (void)fprintf(f, "To: %s\n", watcher); + if (interface == NULL) interface = ""; /* shouldn't happen */ + hn = gethname(a); + if (!isdigit(*hn)) +@@ -354,17 +354,7 @@ + + if (debug) { + fflush(f); +- return; ++ } else { ++ fclose(f); + } +- +- (void)rewind(f); +- if (dup2(fileno(f), fileno(stdin)) < 0) { +- syslog(LOG_ERR, "dup2: %m"); +- exit(1); +- } +- /* XXX Need to freopen()? */ +- /* Always Deliver interactively (pause when child depth gets large) */ +- execl(sendmail, "sendmail", "-odi", watcher, NULL); +- syslog(LOG_ERR, "execl: %s: %m", sendmail); +- exit(1); + }