app-id: org.sleuthkit.Autopsy runtime: org.gnome.Platform runtime-version: '47' sdk: org.gnome.Sdk sdk-extensions: - org.freedesktop.Sdk.Extension.openjdk17//24.08 command: autopsy finish-args: # Filesystem access - Autopsy needs broad access for forensic analysis - --filesystem=host - --filesystem=/dev:ro - --filesystem=/sys/kernel/mm/hugepages:ro # Device access for forensic imaging - --device=all # Network access for multi-user cases and updates - --share=network # GUI access - --share=ipc - --socket=x11 - --socket=wayland - --socket=fallback-x11 # Audio/video support - --socket=pulseaudio - --device=dri # Desktop integration - --filesystem=xdg-desktop:rw - --filesystem=xdg-documents:rw - --filesystem=xdg-download:rw # For opening external applications - --talk-name=org.freedesktop.FileManager1 - --talk-name=org.freedesktop.portal.Desktop - --talk-name=org.freedesktop.portal.OpenURI # System access needed for forensics - --filesystem=/proc:ro - --filesystem=/sys:ro # For mounting evidence images - --filesystem=/mnt:rw - --filesystem=/media:rw modules: # OpenJDK 17 Runtime - name: openjdk buildsystem: simple build-commands: - /usr/lib/sdk/openjdk17/install.sh # The Sleuth Kit - Core forensics library - name: sleuthkit sources: - type: git url: https://github.com/sleuthkit/sleuthkit.git tag: sleuthkit-4.14.0 buildsystem: autotools config-opts: - --enable-java - --prefix=/app build-options: env: JAVA_HOME: /usr/lib/sdk/openjdk17/jvm/openjdk-17 post-install: - mkdir -p /app/share/java - cp bindings/java/dist/*.jar /app/share/java/ # Required native libraries - name: libewf sources: - type: git url: https://github.com/libyal/libewf.git tag: "20201230" buildsystem: autotools config-opts: - --enable-python3 - --prefix=/app - name: libvhdi sources: - type: git url: https://github.com/libyal/libvhdi.git tag: 20210425 buildsystem: autotools config-opts: - --prefix=/app - name: libvmdk sources: - type: git url: https://github.com/libyal/libvmdk.git tag: 20210807 buildsystem: autotools config-opts: - --prefix=/app # PhotoRec and TestDisk for data recovery - name: testdisk sources: - type: archive url: https://www.cgsecurity.org/testdisk-7.1.tar.bz2 sha256: 1413c47569e48c1f4a2e5c5b3b5b4bb98e02062499c5dd5bad06be4b98ea99c7 buildsystem: autotools config-opts: - --prefix=/app # Autopsy application - name: autopsy sources: - type: git url: https://github.com/sleuthkit/autopsy.git tag: autopsy-4.22.1 buildsystem: simple build-options: env: JAVA_HOME: /usr/lib/sdk/openjdk17/jvm/openjdk-17 TSK_HOME: /app TSK_JAVA_LIB_PATH: /app/share/java ANT_HOME: /usr/share/ant build-commands: # Build Autopsy using existing Ant build system - ant -Dnbplatform.active.dir=/tmp/netbeans-plat/15 -Dnbplatform.default.harness.dir=/tmp/netbeans-plat/15/harness build-zip # Extract and install - mkdir -p /tmp/autopsy-extract - unzip dist/autopsy-*.zip -d /tmp/autopsy-extract - AUTOPSY_DIR=$(find /tmp/autopsy-extract -maxdepth 1 -name "autopsy-*" -type d) - cp -r "$AUTOPSY_DIR"/* /app/ # Run the unix setup script - chmod +x /app/unix_setup.sh - /app/unix_setup.sh -j /usr/lib/sdk/openjdk17/jvm/openjdk-17 -n autopsy # Create wrapper script - | cat > /app/bin/autopsy << 'EOF' #!/bin/bash export JAVA_HOME=/app/jre export TSK_HOME=/app export SOLR_JAVA_HOME=/app/jre export PATH=/app/bin:/app/jre/bin:$PATH # Create temp directory if needed mkdir -p ~/.autopsy/tmp # Start Autopsy exec /app/autopsy/bin/autopsy "$@" EOF - chmod +x /app/bin/autopsy # Install desktop file and icon - mkdir -p /app/share/applications - mkdir -p /app/share/icons/hicolor/48x48/apps - cp /app/icon.ico /app/share/icons/hicolor/48x48/apps/org.sleuthkit.Autopsy.png # Create desktop file - | cat > /app/share/applications/org.sleuthkit.Autopsy.desktop << 'EOF' [Desktop Entry] Name=Autopsy Comment=Digital forensics platform Exec=autopsy Icon=org.sleuthkit.Autopsy Type=Application Categories=Development;Forensics; StartupNotify=true MimeType=application/x-autopsy-case; EOF post-install: # Set up permissions for forensics tools - chmod +x /app/autopsy/markmckinnon/* - chmod +x /app/autopsy/solr/bin/*