pkgsrc/security/Bastille/Makefile

# $NetBSD: Makefile,v 1.15 2019/08/11 13:22:44 wiz Exp $
#

DISTNAME=	Bastille-3.0.9
PKGREVISION=	8
CATEGORIES=	security
MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=bastille-linux/}
EXTRACT_SUFX=	.tar.bz2

MAINTAINER=	pkgsrc-users@NetBSD.org
HOMEPAGE=	http://bastille-linux.sourceforge.net/
COMMENT=	System hardening tool focusing on educating the user

WRKSRC=			${WRKDIR}/Bastille
CONFIGURE_ENV+=		GCONF_SCHEMA_FILE_DIR=${PREFIX:Q}/share/gconf/schemas/
MAKE_ENV+=		GCONF_SCHEMA_FILE_DIR=${PREFIX:Q}/share/gconf/schemas/
USE_PKGLOCALEDIR=	yes
USE_LANGUAGES=		# none
USE_TOOLS+=		bash:run perl:run
NO_BUILD=		yes

CHECK_INTERPRETER_SKIP+=share/Bastille/bastille-tmpdir.csh

BUILD_DEPENDS+=		checkperms>=1.4:../../sysutils/checkperms
DEPENDS+=		p5-Tk-[0-9]*:../../x11/p5-Tk

SUBST_CLASSES+=		b
SUBST_STAGE.b=		pre-configure
SUBST_FILES.b=		Install.sh
SUBST_SED.b=		-e 's,umask 077,umask 022,'
SUBST_SED.b+=		-e 's,\$$RPM_BUILD_ROOT/usr/,${DESTDIR}${PREFIX}/,g'
SUBST_SED.b+=		-e 's,\$$RPM_BUILD_ROOT/var/,${DESTDIR}${VARBASE}/,g'

SUBST_CLASSES+=		b2
SUBST_STAGE.b2=		pre-configure
SUBST_FILES.b2=		bin/bastille Bastille/API.pm
SUBST_VARS.b2=		PKG_SYSCONFDIR
SUBST_VARS.b2+=		PREFIX
SUBST_VARS.b2+=		VARBASE

SUBST_CLASSES+=		b3
SUBST_STAGE.b3=		pre-configure
SUBST_FILES.b3=		${REPLACE_PERL}
SUBST_SED.b3=		-e 's,^use lib.*,use lib "${PREFIX}/lib";,'

REPLACE_PERL+=		AutomatedBastille BastilleBackEnd BastilleChooser
REPLACE_PERL+=		InteractiveBastille RevertBastille *.pm
REPLACE_BASH+=		bin/bastille

BUILD_DEFS+=		VARBASE

OSMAP_FILES=		NetBSD.system.in NetBSD.bastille.in
OSMAP_SUBSTVARS=	PKG_SYSCONFDIR PREFIX VARBASE

post-extract:
	cd ${WRKSRC} && find . -print | checkperms -ffc
	cd ${FILESDIR} && cp ${OSMAP_FILES} ${WRKSRC}/OSMap/.

post-configure:
	set -e; cd ${WRKSRC}/OSMap; for i in ${OSMAP_FILES:.in=}; do sed ${OSMAP_SUBSTVARS:@v@-e 's,\@${v}\@,${${v}},g' @} < "$$i.in" > "$$i"; done

do-install:
	cd ${WRKSRC} && sh ./Install.sh

.include "../../devel/GConf/schemas.mk"
.include "../../mk/bsd.pkg.mk"
Bump PKGREVISIONs for perl 5.30.0 2019-08-11 15:17:48 +02:00			`# $NetBSD: Makefile,v 1.15 2019/08/11 13:22:44 wiz Exp $`
Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00			`#`

			`DISTNAME= Bastille-3.0.9`
Bump PKGREVISIONs for perl 5.30.0 2019-08-11 15:17:48 +02:00			`PKGREVISION= 8`
Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00			`CATEGORIES= security`
			`MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=bastille-linux/}`
			`EXTRACT_SUFX= .tar.bz2`

Resign from maintaining a lot of packages, so everyone is free to update them at will. 2008-03-04 12:02:23 +01:00			`MAINTAINER= pkgsrc-users@NetBSD.org`
Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00			`HOMEPAGE= http://bastille-linux.sourceforge.net/`
			`COMMENT= System hardening tool focusing on educating the user`

			`WRKSRC= ${WRKDIR}/Bastille`
			`CONFIGURE_ENV+= GCONF_SCHEMA_FILE_DIR=${PREFIX:Q}/share/gconf/schemas/`
			`MAKE_ENV+= GCONF_SCHEMA_FILE_DIR=${PREFIX:Q}/share/gconf/schemas/`
			`USE_PKGLOCALEDIR= yes`
			`USE_LANGUAGES= # none`
			`USE_TOOLS+= bash:run perl:run`
			`NO_BUILD= yes`

Skip the interpreter check on a csh script stub. 2012-02-06 08:06:11 +01:00			`CHECK_INTERPRETER_SKIP+=share/Bastille/bastille-tmpdir.csh`

Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00			`BUILD_DEPENDS+= checkperms>=1.4:../../sysutils/checkperms`
			`DEPENDS+= p5-Tk-[0-9]*:../../x11/p5-Tk`

			`SUBST_CLASSES+= b`
			`SUBST_STAGE.b= pre-configure`
			`SUBST_FILES.b= Install.sh`
			`SUBST_SED.b= -e 's,umask 077,umask 022,'`
Add DESTDIR support. 2008-06-12 04:14:13 +02:00			`SUBST_SED.b+= -e 's,\$$RPM_BUILD_ROOT/usr/,${DESTDIR}${PREFIX}/,g'`
			`SUBST_SED.b+= -e 's,\$$RPM_BUILD_ROOT/var/,${DESTDIR}${VARBASE}/,g'`
Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00
			`SUBST_CLASSES+= b2`
			`SUBST_STAGE.b2= pre-configure`
			`SUBST_FILES.b2= bin/bastille Bastille/API.pm`
all: replace SUBST_SED with the simpler SUBST_VARS pkglint -Wall -r --only "substitution command" -F With manual review and indentation fixes since pkglint doesn't get that part correct in every case. 2019-05-23 21:22:54 +02:00			`SUBST_VARS.b2= PKG_SYSCONFDIR`
			`SUBST_VARS.b2+= PREFIX`
			`SUBST_VARS.b2+= VARBASE`
Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00
			`SUBST_CLASSES+= b3`
			`SUBST_STAGE.b3= pre-configure`
			`SUBST_FILES.b3= ${REPLACE_PERL}`
			`SUBST_SED.b3= -e 's,^use lib.*,use lib "${PREFIX}/lib";,'`

			`REPLACE_PERL+= AutomatedBastille BastilleBackEnd BastilleChooser`
			`REPLACE_PERL+= InteractiveBastille RevertBastille *.pm`
			`REPLACE_BASH+= bin/bastille`

			`BUILD_DEFS+= VARBASE`

			`OSMAP_FILES= NetBSD.system.in NetBSD.bastille.in`
			`OSMAP_SUBSTVARS= PKG_SYSCONFDIR PREFIX VARBASE`

			`post-extract:`
			`cd ${WRKSRC} && find . -print \| checkperms -ffc`
			`cd ${FILESDIR} && cp ${OSMAP_FILES} ${WRKSRC}/OSMap/.`

			`post-configure:`
			`set -e; cd ${WRKSRC}/OSMap; for i in ${OSMAP_FILES:.in=}; do sed ${OSMAP_SUBSTVARS:@v@-e 's,\@${v}\@,${${v}},g' @} < "$$i.in" > "$$i"; done`

			`do-install:`
			`cd ${WRKSRC} && sh ./Install.sh`

Fix paths for GConf, libglade, libart, libsigc++, lablgtk moves. Bump PKGREVISION. 2007-09-21 15:03:25 +02:00			`.include "../../devel/GConf/schemas.mk"`
Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems. 2007-06-07 00:37:59 +02:00			`.include "../../mk/bsd.pkg.mk"`