1 | # -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4 |
---|
2 | # $Id$ |
---|
3 | |
---|
4 | PortSystem 1.0 |
---|
5 | |
---|
6 | PortGroup python 1.0 |
---|
7 | PortGroup github 1.0 |
---|
8 | |
---|
9 | ## No official release on github on 20141129 |
---|
10 | github.setup google grr 0.2-9 |
---|
11 | categories security python |
---|
12 | platforms darwin |
---|
13 | supported_archs noarch |
---|
14 | maintainers yahoo.fr:jul_bsd openmaintainer |
---|
15 | license APL-2 |
---|
16 | description GRR Rapid Response Server: Incident Response Framework |
---|
17 | long_description ${description} |
---|
18 | #homepage https://code.google.com/p/grr/ |
---|
19 | # also https://github.com/grr-hackers/grr |
---|
20 | |
---|
21 | depends_run port:sleuthkit \ |
---|
22 | port:py${python.version}-tsk \ |
---|
23 | port:py${python.version}-construct \ |
---|
24 | port:py${python.version}-protobuf \ |
---|
25 | port:libewf \ |
---|
26 | port:libqcow \ |
---|
27 | port:libvshadow \ |
---|
28 | port:libvhdi |
---|
29 | |
---|
30 | ## Note: requires >=2.7 & < 3 |
---|
31 | python.versions 27 |
---|
32 | python.default_version 27 |
---|
33 | |
---|
34 | ## FIXME! need patch m2crypto? |
---|
35 | depends_build-append port:py${python.version}-protobuf \ |
---|
36 | port:sleuthkit port:py${python.version}-tsk port:py${python.version}-m2crypto \ |
---|
37 | port:py${python.version}-psutil |
---|
38 | |
---|
39 | if {${subport} eq ${name}} { |
---|
40 | #master_sites |
---|
41 | fetch.type git |
---|
42 | git.url https://code.google.com/p/grr/ |
---|
43 | git.branch Release_${version} |
---|
44 | |
---|
45 | depends_build-append port:py${python.version}-pymongo \ |
---|
46 | port:py${python.version}-django \ |
---|
47 | port:py${python.version}-ipaddr \ |
---|
48 | port:py${python.version}-selenium |
---|
49 | depends_run-append port:py${python.version}-matplotlib |
---|
50 | patchfiles patch-grr-lib-distro_entry.py.diff |
---|
51 | |
---|
52 | post-patch { |
---|
53 | ## it seems setup.py wants a grr dir |
---|
54 | reinplace "s|package_dir={'grr': '../grr'},|package_dir={'grr': '../grr-${version}'},|" ${worksrcpath}/setup.py |
---|
55 | |
---|
56 | foreach f {grr-single-server grr-enroller grr-http-server grr-ui grr-worker} { |
---|
57 | copy ${filespath}/org.macports.${f}.plist ${worksrcpath}/ |
---|
58 | reinplace "s|@@PREFIX@@|${prefix}|g" ${worksrcpath}/org.macports.${f}.plist |
---|
59 | } |
---|
60 | reinplace "s|@@PREFIX@@|${prefix}|g" ${worksrcpath}/lib/distro_entry.py |
---|
61 | |
---|
62 | ## FIXME! those lines are not working ... or sometimes ??? |
---|
63 | reinplace "s|Config.writeback: /etc/grr/server.local.yaml|Config.writeback: ${prefix}/etc/grr/server.local.yaml|" ${worksrcpath}/config/grr-server.yaml |
---|
64 | reinplace "s|Config.writeback: /etc/grr/client.local.yaml|Config.writeback: ${prefix}/etc/grr/client.local.yaml|" ${worksrcpath}/config/grr-server.yaml |
---|
65 | reinplace "s|Logging.path: /var/log/grr|Logging.path: ${prefix}/var/log/grr|" ${worksrcpath}/config/grr-server.yaml |
---|
66 | reinplace "s|driver_file: binaries|driver_file: ${prefix}/share/${name}/binaries|" ${worksrcpath}/config/grr-server.yaml |
---|
67 | reinplace "s|%(ClientBuilder.source)/grr/executables|${prefix}/share/grr/executables|" ${worksrcpath}/config/grr-server.yaml |
---|
68 | } |
---|
69 | |
---|
70 | post-destroot { |
---|
71 | ## FIXME! include also https://github.com/google/grr-doc ? |
---|
72 | xinstall -d ${destroot}${prefix}/share/doc/${name} |
---|
73 | copy ${worksrcpath}/README ${destroot}${prefix}/share/doc/${name}/ |
---|
74 | foreach f [glob -directory ${worksrcpath}/docs *] { |
---|
75 | copy ${f} ${destroot}${prefix}/share/doc/${name}/ |
---|
76 | } |
---|
77 | ## same than above |
---|
78 | delete -R ${destroot}${frameworks_dir}/Python.framework/Versions/2.7/lib/python2.7/site-packages/grr/docs |
---|
79 | xinstall -d ${destroot}${prefix}/share/examples/${name} |
---|
80 | copy ${worksrcpath}/config/grr-server.yaml ${destroot}${prefix}/share/examples/${name}/grr-server.yaml.sample |
---|
81 | xinstall -d ${destroot}${prefix}/share/${name} |
---|
82 | copy ${worksrcpath}/test_data ${destroot}${prefix}/share/${name}/ |
---|
83 | copy ${worksrcpath}/binaries ${destroot}${prefix}/share/${name}/ |
---|
84 | copy ${worksrcpath}/executables ${destroot}${prefix}/share/${name}/ |
---|
85 | copy ${worksrcpath}/scripts ${destroot}${prefix}/share/${name}/ |
---|
86 | xinstall -d ${destroot}${prefix}/etc/grr |
---|
87 | xinstall -d ${destroot}${prefix}/var/log/grr |
---|
88 | |
---|
89 | if {[getuid] == 0} { |
---|
90 | |
---|
91 | xinstall -d ${destroot}${prefix}/etc/LaunchDaemons/org.macports.grr |
---|
92 | xinstall -d ${destroot}/Library/LaunchDaemons |
---|
93 | foreach f { grr-single-server grr-enroller grr-http-server grr-ui grr-worker} { |
---|
94 | xinstall -m 644 ${worksrcpath}/org.macports.${f}.plist \ |
---|
95 | ${destroot}${prefix}/etc/LaunchDaemons/org.macports.grr/org.macports.${f}.plist |
---|
96 | ln -sf "${prefix}/etc/LaunchDaemons/org.macports.grr/org.macports.${f}.plist" \ |
---|
97 | "${destroot}/Library/LaunchDaemons/org.macports.${f}.plist" |
---|
98 | } |
---|
99 | } |
---|
100 | } |
---|
101 | |
---|
102 | destroot.keepdirs ${destroot}${prefix}/etc/${name} \ |
---|
103 | ${destroot}${prefix}/var/log/${name} |
---|
104 | |
---|
105 | post-activate { |
---|
106 | if ![file exists ${prefix}/etc/grr/grr-server.yaml] { |
---|
107 | copy ${prefix}/share/examples/${name}/grr-server.yaml.sample ${prefix}/etc/grr/grr-server.yaml |
---|
108 | } |
---|
109 | #system "${prefix}/bin/grr_config_updater-2.7 --share_dir /opt/local/share/grr" |
---|
110 | } |
---|
111 | |
---|
112 | ## need to create multiple startup item or one script for all? |
---|
113 | ## grr-http-server, grr-enroller, grr-worker, grr-ui |
---|
114 | |
---|
115 | #startupitem |
---|
116 | ## Mar 14 20:14:25 Nadesico com.apple.launchd[1] (org.macports.grr-single-server[71249]): Exited with code: 2 |
---|
117 | |
---|
118 | notes " |
---|
119 | To finish configuration, read |
---|
120 | http://grr.googlecode.com/git/docs/admin.html |
---|
121 | https://code.google.com/p/grr/wiki/ProjectFAQ |
---|
122 | https://code.google.com/p/grr/wiki/MemoryDrivers |
---|
123 | |
---|
124 | 1) Setup Database: MongoDB (default) or Mysql |
---|
125 | $ sudo port load mongodb |
---|
126 | 2) Edit ${prefix}/etc/grr-server.yaml |
---|
127 | 3) Run (as root or w sudo) |
---|
128 | # grr_config_updater-${python.branch} initialize |
---|
129 | If needed, generate keys (normally included in initialize) |
---|
130 | # grr_config_updater-${python.branch} generate_keys |
---|
131 | Add user |
---|
132 | # grr_config_updater-${python.branch} add_user joe |
---|
133 | To use memory acquisition, you have to sign drivers |
---|
134 | # grr_config_updater-${python.branch} load_memory_drivers |
---|
135 | 4) start |
---|
136 | a) either grr-single-server (or restart) (basic server/install) |
---|
137 | # launchctl load -w /Library/LaunchDaemons/org.macports.grr-single-server.plist (NOK/FIXME!) |
---|
138 | b) either in this order (advanced/multiple systems split) (FIXME! launchd has no order... -> one mother script?) |
---|
139 | # launchctl load -w /Library/LaunchDaemons/org.macports.grr-http-server.plist |
---|
140 | # launchctl load -w /Library/LaunchDaemons/org.macports.grr-enroller.plist |
---|
141 | # launchctl load -w /Library/LaunchDaemons/org.macports.grr-worker.plist |
---|
142 | # launchctl load -w /Library/LaunchDaemons/org.macports.grr-ui.plist |
---|
143 | |
---|
144 | 5) Check http://localhost:8000 (w previously created user) or |
---|
145 | # grr_console-${python.branch} |
---|
146 | Test client(?) |
---|
147 | # ${prefix}/bin/python${python.branch} ${python.pkgd}/grr/client/client.py --config=/tmp/grr.ini -p Client.location=http://localhost:8080/control -p Client.poll_max=5 --verbose |
---|
148 | |
---|
149 | BUGS |
---|
150 | * grr-single-server miss a foreground mode to be handled by launchd: no -> --verbose or --debug |
---|
151 | * currently webserver very slow |
---|
152 | " |
---|
153 | } |
---|
154 | |
---|
155 | ## Grr client: Nothing to be done here. "package" is generated/signed/default configuration from server |
---|
156 | |
---|
157 | subport ${name}-devel { |
---|
158 | |
---|
159 | version 20141128 |
---|
160 | distname e24dc98fb146fc34c4c81714d8963f4246b9cd5d |
---|
161 | |
---|
162 | ## psutil1 or 2 |
---|
163 | depends_lib-append port:rekall \ |
---|
164 | port:py${python.version}-psutil \ |
---|
165 | |
---|
166 | post-patch { |
---|
167 | reinplace "s|package_dir={'grr': '../grr'},|package_dir={'grr': '../grr-${version}'},|" ${worksrcpath}/setup.py |
---|
168 | } |
---|
169 | |
---|
170 | } |
---|
171 | |
---|
172 | ## grr can use those two backends |
---|
173 | default_variants +mongodb |
---|
174 | variant mongodb description { use mongodb backend } { |
---|
175 | depends_run-append port:mongodb |
---|
176 | } |
---|
177 | |
---|
178 | variant mysql description { use mysql } { |
---|
179 | depends_run-append port:mysql5 |
---|
180 | } |
---|
181 | |
---|
182 | variant apache description { use external web server } { |
---|
183 | depends_run-append port:apache2 port:mod_wsgi |
---|
184 | } |
---|
185 | |
---|
186 | ## only git or binaries for now |
---|
187 | livecheck.type none |
---|