[NEW PORT] sysutils/sleuthkit: The @stake Sleuth Kit for

The @stake Sleuth Kit (TASK) is the only open source forensic
	toolkit for a complete analysis of Microsoft and UNIX file
	systems.  TASK enables investigators to identify and recover
	evidence from images acquired during incident response or
	from live systems.

	WWW: http://www.atstake.com/research/tools/task/

PR:		ports/55545
Submitted by:	Pieter Danhieux <pieter@securax.be>

sysutils/Makefile

@@ -261,6 +261,7 @@
     SUBDIR += sjog
     SUBDIR += skill
     SUBDIR += slay
+    SUBDIR += sleuthkit
     SUBDIR += slmon
     SUBDIR += sloth
     SUBDIR += socket

sysutils/sleuthkit/Makefile

@@ -0,0 +1,35 @@
+# New ports collection makefile for:    sleuthkit
+# Date created:         2003-08-12
+# Whom:                 Pieter Danhieux <opr@bsdaemon.be>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	sleuthkit
+PORTVERSION=	1.64
+CATEGORIES=	sysutils security
+MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
+MASTER_SITE_SUBDIR=	${PORTNAME}
+
+MAINTAINER=	opr@bsdaemon.be
+COMMENT=	The @stake Sleuth Kit for forensic analysis
+
+USE_PERL5=	yes
+DOCS=		README docs/* tct.docs/*
+MAN1=		dcalc.1 dcat.1 dls.1 dstat.1 ffind.1 \
+		fls.1 fsstat.1 hfind.1 icat.1 ifind.1 \
+		ils.1 istat.1 mactime.1 mmls.1 sorter.1
+
+do-install:
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${PREFIX}/share/doc/sleuthkit
+	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${PREFIX}/share/doc/sleuthkit
+.endif
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/mactime ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/sorter ${PREFIX}/bin
+	cd ${WRKSRC}/bin && ${INSTALL_PROGRAM} dcalc dcat dls dstat ffind \
+		fls fsstat hfind icat ifind ils \
+		istat sha1 mmls file md5 ${PREFIX}/bin
+	cd ${WRKSRC}/man/man1 && ${INSTALL_MAN} ${MAN1} ${PREFIX}/man/man1
+
+.include <bsd.port.mk>

sysutils/sleuthkit/distinfo

@@ -0,0 +1 @@
+MD5 (sleuthkit-1.64.tar.gz) = 12e01373f06ec3dcf73283fca64b30d4

sysutils/sleuthkit/files/patch-src::sorter::install

@@ -0,0 +1,11 @@
+--- src/sorter/install.orig	Mon Sep  8 04:18:36 2003
++++ src/sorter/install	Mon Sep  8 04:19:01 2003
+@@ -6,7 +6,7 @@
+ 
+ 
+ # Directories to search in
+-dirs='/usr/local/bin/ /usr/bin/ /usr/ccs/bin/ /bin/ /usr/ucb/bin/ /sbin/ /usr/sbin/ /usr/local/sbin/ /usr/pkg/bin/'
++dirs="${LOCALBASE}/bin/ /usr/bin/ /usr/ccs/bin/ /bin/ /usr/ucb/bin/ /sbin/ /usr/sbin/ ${LOCALBASE}/sbin/ /usr/pkg/bin/"
+ 
+ # Find Perl
+ found=0;

sysutils/sleuthkit/files/patch-src::timeline::config-perl

@@ -0,0 +1,11 @@
+--- src/timeline/config-perl.orig	Mon Sep  8 04:19:18 2003
++++ src/timeline/config-perl	Mon Sep  8 04:19:36 2003
+@@ -6,7 +6,7 @@
+ 
+ 
+ # Directories to search in
+-dirs='/usr/local/bin/ /usr/bin/ /usr/ccs/bin/ /bin/ /usr/ucb/bin/ /sbin/ /usr/sbin/ /usr/local/sbin/ /usr/pkg/bin/'
++dirs="${LOCALBASE}/bin/ /usr/bin/ /usr/ccs/bin/ /bin/ /usr/ucb/bin/ /sbin/ /usr/sbin/ ${LOCALBASE}/sbin/ /usr/pkg/bin/"
+ 
+ # Find Perl
+ found=0;

sysutils/sleuthkit/pkg-descr

@@ -0,0 +1,6 @@
+The @stake Sleuth Kit (TASK) is the only open source forensic toolkit
+for a complete analysis of Microsoft and UNIX file systems.  TASK
+enables investigators to identify and recover evidence from images
+acquired during incident response or from live systems.
+
+WWW: http://www.atstake.com/research/tools/task/

sysutils/sleuthkit/pkg-plist

@@ -0,0 +1,31 @@
+bin/md5
+bin/file
+bin/mactime
+bin/dcalc
+bin/dcat
+bin/dls
+bin/dstat
+bin/ffind
+bin/icat
+bin/fls
+bin/fsstat
+bin/ifind
+bin/ils
+bin/istat
+bin/sha1
+bin/mmls
+bin/sorter
+bin/hfind
+%%PORTDOCS%%share/doc/sleuthkit/README
+%%PORTDOCS%%share/doc/sleuthkit/CHANGES.FROM.TCT
+%%PORTDOCS%%share/doc/sleuthkit/README.FIRST
+%%PORTDOCS%%share/doc/sleuthkit/additional-resources
+%%PORTDOCS%%share/doc/sleuthkit/bibliography
+%%PORTDOCS%%share/doc/sleuthkit/help-recovering-file
+%%PORTDOCS%%share/doc/sleuthkit/help-when-broken-into
+%%PORTDOCS%%share/doc/sleuthkit/other.txt
+%%PORTDOCS%%share/doc/sleuthkit/ref_fs.txt
+%%PORTDOCS%%share/doc/sleuthkit/ref_timeline.txt
+%%PORTDOCS%%share/doc/sleuthkit/skins_fat.txt
+%%PORTDOCS%%share/doc/sleuthkit/skins_ntfs.txt
+%%PORTDOCS%%@dirrm share/doc/sleuthkit