Add app-admin/usbguard

usbguard is a USB firewall, which can prevent BadUSB attacks.
2019-07-07 22:25:39 +02:00 · 2019-07-07 22:25:39 +02:00 · c456222e30
parent 78f31b3ed0
commit c456222e30
4 changed files with 153 additions and 0 deletions
--- a/app-admin/usbguard/Manifest
+++ b/app-admin/usbguard/Manifest
@ -0,0 +1,4 @@
+AUX usbguard 624 BLAKE2B c170549e2d63aa07a7a67902c3c90274b097b1e0a662815d1a43e2009d015d2201fff17ead91c86867759239c5bb31b2adc2cb7bd298a17c6572afaf9dbb2c6a SHA512 e3ac0da596a390b7a417632069e5c16e94f02ada15fa324d282541ccdfd76b44600e2a20b7fd57961fc99aeecf915f846df704361898df4d14b1b54d0f44a961
+DIST usbguard-0.7.5.tar.gz 1184622 BLAKE2B 0004c1b5cddc8f8085c2606fcc43803f81b3ad6d7ca849138437c1aad922fe2deb25e959307881ddeffa9d630fc9380a50dd0a6d4290a8cedeab6d24deab6a38 SHA512 b14f1cfaec676b5bc2f3aa2bda8be96ea8a6b3f02fc78f0fa7a58dd079c57886aae2c33a9e99cb9ccd53e5d6fa27712b978a2d19cd58b75dda34516d8caed0c4
+EBUILD usbguard-0.7.5.ebuild 1271 BLAKE2B 3a9326b3d29bd762331710d8725c693a067b82ae17b42429d6e94901c5bcc20da26c114869d4a47b69ebad70522a965dfcbfc686d041c3677be3bb8249ab6043 SHA512 1c4824a1de2cd76d3d76ccf715e369a72e24f5d95a1577c1f6a10fbced1df6652d3bce117008d3a626abfe518d5bdefce3b42a5921feca0f87afdc49fef21076
+EBUILD usbguard-9999.ebuild 1273 BLAKE2B 2f5aef6e4ab404b5142d135302f9de0945c09362df8d21c8a242e58d1c2ea1f20463850d3eb7bc80a2cdd52a847492b756b7048a44696ca4df5dfd55cbab6752 SHA512 39c4cb8799403bc2f5d4f1cabb2ad3b8d8befdb50d4da6df42f4dd659c78454eda91318216524ed522cbf43b19d15eacd3f3c248fe85c724659d83dfb387473e
--- a/app-admin/usbguard/files/usbguard
+++ b/app-admin/usbguard/files/usbguard
@ -0,0 +1,27 @@
+#!/sbin/openrc-run
+
+command="/usr/sbin/usbguard-daemon"
+command_args="-s -f -c /etc/usbguard/usbguard-daemon.conf ${usbguard_args}"
+pidfile="/var/run/usbguard.pid"
+name="USBGuard Daemon"
+
+description="Software framework for implementing USB device authorization policaies"
+
+depend() {
+    need udev
+}
+
+start() {
+    ebegin "Starting $name"
+    start-stop-daemon --start --exec $command \
+                      --pidfile $pidfile \
+                      -- $command_args
+    eend $?
+}
+
+stop() {
+    ebegin "Stopping $name"
+    start-stop-daemon --stop --exec $command \
+                      --pidfile $pidfile
+    eend $?
+}
--- a/app-admin/usbguard/usbguard-0.7.5.ebuild
+++ b/app-admin/usbguard/usbguard-0.7.5.ebuild
@ -0,0 +1,61 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+if [[ $PV == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/USBGuard/usbguard.git"
+else
+	SRC_URI="https://github.com/USBGuard/${PN}/releases/download/${P}/${P}.tar.gz"
+fi
+
+DESCRIPTION="Software framework for implementing USB device authorization policaies"
+HOMEPAGE="https://usbguard.github.io"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 x86"
+IUSE="seccomp caps sodium systemd ldap dbus polkit"
+
+BDEPEND="
+	ldap? ( net-nds/openldap )"
+
+RDEPEND="
+	sys-cluster/libqb
+	dev-libs/protobuf
+	sodium? ( dev-libs/libsodium )
+	!sodium? ( dev-libs/libgcrypt )
+	seccomp? ( sys-libs/libseccomp )
+	caps? ( sys-libs/libcap-ng )
+	polkit? ( sys-auth/polkit )
+	systemd? ( sys-apps/systemd )"
+
+DEPEND="${RDEPEND}
+		app-text/asciidoc"
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--with-crypto-library=$(usex sodium "sodium" "gcrypt") \
+		$(use_enable systemd) \
+		$(use_with dbus) \
+		$(use_with polkit) \
+		$(use_with ldap) \
+		--disable-dependency-tracking \
+		--with-bundled-catch \
+		--with-bundled-pegtl
+}
+
+src_install() {
+	default
+
+	keepdir /var/lib/log/usbguard
+
+	! use systemd && doinitd "${FILESDIR}/usbguard"
+}
--- a/app-admin/usbguard/usbguard-9999.ebuild
+++ b/app-admin/usbguard/usbguard-9999.ebuild
@ -0,0 +1,61 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+if [[ $PV == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/USBGuard/usbguard.git"
+else
+	SRC_URI="https://github.com/USBGuard/${PN}/releases/download/${P}/${P}.tar.gz"
+fi
+
+DESCRIPTION="Software framework for implementing USB device authorization policaies"
+HOMEPAGE="https://usbguard.github.io"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="seccomp caps sodium systemd ldap dbus polkit"
+
+BDEPEND="
+	ldap? ( net-nds/openldap )"
+
+RDEPEND="
+	sys-cluster/libqb
+	dev-libs/protobuf
+	sodium? ( dev-libs/libsodium )
+	!sodium? ( dev-libs/libgcrypt )
+	seccomp? ( sys-libs/libseccomp )
+	caps? ( sys-libs/libcap-ng )
+	polkit? ( sys-auth/polkit )
+	systemd? ( sys-apps/systemd )"
+
+DEPEND="${RDEPEND}
+		app-text/asciidoc"
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--with-crypto-library=$(usex sodium "sodium" "gcrypt") \
+		$(use_enable systemd) \
+		$(use_with dbus) \
+		$(use_with polkit) \
+		$(use_with ldap) \
+		--disable-dependency-tracking \
+		--with-bundled-catch \
+		--with-bundled-pegtl
+}
+
+src_install() {
+	default
+
+	keepdir /var/lib/log/usbguard
+
+	! use systemd && doinitd "${FILESDIR}/usbguard"
+}