diff options
Diffstat (limited to 'app-forensics/mac-robber')
| -rw-r--r-- | app-forensics/mac-robber/files/mac-robber-1.02-posix.patch | 19 | ||||
| -rw-r--r-- | app-forensics/mac-robber/mac-robber-1.02-r1.ebuild (renamed from app-forensics/mac-robber/mac-robber-1.02.ebuild) | 20 | ||||
| -rw-r--r-- | app-forensics/mac-robber/metadata.xml | 22 |
3 files changed, 43 insertions, 18 deletions
diff --git a/app-forensics/mac-robber/files/mac-robber-1.02-posix.patch b/app-forensics/mac-robber/files/mac-robber-1.02-posix.patch new file mode 100644 index 000000000000..a45d4718e51b --- /dev/null +++ b/app-forensics/mac-robber/files/mac-robber-1.02-posix.patch @@ -0,0 +1,19 @@ +--- a/mac-robber.c ++++ b/mac-robber.c +@@ -45,6 +45,7 @@ + #include <sys/types.h> + #include <sys/stat.h> + #include <dirent.h> ++#include <limits.h> + #include <stdio.h> + #include <stdlib.h> + #include <string.h> +@@ -238,7 +239,7 @@ + /* Make a buffer for the full path + * the 2 is for 1 NULL and 1 '/' for recursive directories + */ +- path_len = dir_len + MAXNAMLEN + 2; ++ path_len = dir_len + NAME_MAX + 2; + if (!(curpath = (char *) malloc(path_len))) { + printf("error allocating space for curpath\n"); + exit(1); diff --git a/app-forensics/mac-robber/mac-robber-1.02.ebuild b/app-forensics/mac-robber/mac-robber-1.02-r1.ebuild index b8497f78d985..364bc3224431 100644 --- a/app-forensics/mac-robber/mac-robber-1.02.ebuild +++ b/app-forensics/mac-robber/mac-robber-1.02-r1.ebuild @@ -1,29 +1,35 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=6 +EAPI=8 inherit toolchain-funcs DESCRIPTION="mac-robber is a digital forensics and incident response tool that collects data" HOMEPAGE="http://www.sleuthkit.org/mac-robber/index.php" -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" +SRC_URI="https://downloads.sourceforge.net/${PN}/${P}.tar.gz" LICENSE="GPL-2" SLOT="0" KEYWORDS="~amd64 ~ppc x86" -IUSE="" + +PATCHES=( "${FILESDIR}"/${P}-posix.patch ) src_prepare() { default - sed -i -e 's:$(GCC_CFLAGS):\0 $(LDFLAGS):' Makefile || die + # just rely on implicit rules + rm Makefile || die +} + +src_configure() { + tc-export CC } src_compile() { - emake CC="$(tc-getCC)" GCC_OPT="${CFLAGS}" + emake mac-robber } src_install() { dobin mac-robber - dodoc CHANGES README + einstalldocs } diff --git a/app-forensics/mac-robber/metadata.xml b/app-forensics/mac-robber/metadata.xml index 4cf2ee79205f..0c56b2d46030 100644 --- a/app-forensics/mac-robber/metadata.xml +++ b/app-forensics/mac-robber/metadata.xml @@ -3,20 +3,20 @@ <pkgmetadata> <!-- maintainer-needed --> <longdescription> -mac-robber is a digital forensics and incident response tool that collects data from allocated files in a mounted file system. -The data can be used by the mactime tool in The Sleuth Kit to make a timeline of file activity. The mac-robber tool is based on -the grave-robber tool from TCT and is written in C instead of Perl. + mac-robber is a digital forensics and incident response tool that collects data from allocated files in a mounted file system. + The data can be used by the mactime tool in The Sleuth Kit to make a timeline of file activity. The mac-robber tool is based on + the grave-robber tool from TCT and is written in C instead of Perl. -mac-robber requires that the file system be mounted by the operating system, unlike the tools in The Sleuth Kit that process the -file system themselves. Therefore, mac-robber will not collect data from deleted files or files that have been hidden by -rootkits. mac-robber will also modify the Access times on directories that are mounted with write permissions. + mac-robber requires that the file system be mounted by the operating system, unlike the tools in The Sleuth Kit that process the + file system themselves. Therefore, mac-robber will not collect data from deleted files or files that have been hidden by + rootkits. mac-robber will also modify the Access times on directories that are mounted with write permissions. -"What is mac-robber good for then", you ask? mac-robber is useful when dealing with a file system that is not supported by The -Sleuth Kit or other forensic tools. mac-robber is very basic C and should compile on any UNIX system. Therefore, you can run -mac-robber on an obscure, suspect UNIX file system that has been mounted read-only on a trusted system. I have also used -mac-robber during investigations of common UNIX systems such as AIX. -</longdescription> + "What is mac-robber good for then", you ask? mac-robber is useful when dealing with a file system that is not supported by The + Sleuth Kit or other forensic tools. mac-robber is very basic C and should compile on any UNIX system. Therefore, you can run + mac-robber on an obscure, suspect UNIX file system that has been mounted read-only on a trusted system. I have also used + mac-robber during investigations of common UNIX systems such as AIX. + </longdescription> <upstream> <remote-id type="sourceforge">mac-robber</remote-id> </upstream> |