mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
autopsy-flatpak/snap/snapcraft.yaml
Greg DiCristofaro 00bda77f27 updates for capturing libgtk
2023-08-04 12:31:10 -04:00

323 lines
14 KiB
YAML
Raw Blame History

# OVERVIEW:
# Snap packages are an application and everything needed for that application bundled into a package: https://snapcraft.io/docs/snapcraft
# Snapd can be installed on the following systems: https://snapcraft.io/docs/installing-snapd
# Snap packages can be released to the store: https://snapcraft.io/docs/releasing-to-the-snap-store
# Classic confinement apps and Strict confinement apps using super-priveleged interfaces (https://snapcraft.io/docs/super-privileged-interfaces) will require special approval.
#
# DEVELOPMENT / DEBUG:
# snappy debug can be used to identify apparmor/confinement violations: https://snapcraft.io/docs/debug-snaps#heading--snappy-debug
# building snaps with lxd/multipass requires hardware assisted virtualization: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-2A98801C-68E8-47AF-99ED-00C63E4857F6.html, https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-F920A3C7-3B42-4E78-8EA7-961E49AF479D.html
# build provider information can be found here: https://snapcraft.io/docs/build-providers, https://snapcraft.io/docs/build-options
# A command like the following will run snapcraft in the background to build a snap package and write output to log `nohup snapcraft --use-lxd --debug > ./output.log 2>&1 < /dev/null &``. This must be run from the directory above `snap`
# Information on debugging snaps can be found here (in particular `snap try` can mount a filesystem as a snap ): https://snapcraft.io/docs/debug-snaps, https://snapcraft.io/docs/snap-try
#
# INSTALLATION:
# Some options for installation can be found here: https://snapcraft.io/docs/install-modes
# Snap uses assertions to digitally sign snaps (https://snapcraft.io/docs/assertions). Otherwise, snaps need to be installed with the `--dangerous` flag
# it would be best to install autopsy with `sudo snap install --dangerous autopsy` and then connect all super-priveleged interfaces or `sudo snap install --dangerous --devmode autopsy``
# yaml reference here: https://snapcraft.io/docs/snapcraft-yaml-reference
# sample yaml files here: https://github.com/videolan/vlc/blob/master/extras/package/snap/snapcraft.yaml, https://github.com/canonical/firefox-snap/blob/stable/snapcraft.yaml
name: autopsy
# more on base snaps here: https://snapcraft.io/docs/base-snaps
# core is based on corresponding ubuntu version. ubuntu version information can be found here: https://wiki.ubuntu.com/Releases
base: core22
version: 4.20.0
summary: A graphical interface to The Sleuth Kit and other digital forensics tools. # 79 char long summary
description: Autopsy is a graphical interface to The Sleuth Kit and other open source digital forensics tools.
source-code: https://github.com/sleuthkit/autopsy/
website: https://www.autopsy.com/
license: Apache-2.0
grade: stable # must be 'stable' to release into candidate/stable channels
# Options include 'strict' and 'classic'. 'Strict' is greatly preferred to 'classic'. More information here: https://snapcraft.io/docs/snap-confinement
# classic confinement does not chroot so elf records need to be patched to point to relative paths: https://snapcraft.io/blog/the-new-classic-confinement-in-snaps-even-the-classics-need-a-change, https://snapcraft.io/docs/linters-classic#heading--issues-auto, https://docs.oracle.com/cd/E19683-01/816-1386/chapter3-33/index.html, https://nehckl0.medium.com/creating-relocatable-linux-executables-by-setting-rpath-with-origin-45de573a2e98
confinement: strict
architectures: [amd64]
# information on lzo here: https://snapcraft.io/blog/why-lzo-was-chosen-as-the-new-compression-method
compression: lzo
icon: snap/gui/autopsy.png
plugs:
system-files-autopsy:
interface: system-files
read: [/dev]
system-files-hugepages:
interface: system-files
read: [/sys/kernel/mm/hugepages]
# TODO may not be necessary but may provide ability for online/offline help
browser-sandbox:
interface: browser-support
allow-sandbox: true
slots:
# TODO may not be necessary
# taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml
dbus-daemon:
interface: dbus
bus: session
name: org.sleuthkit.autopsy
apps:
autopsy:
# more on env vars here: https://snapcraft.io/docs/environment-variables
environment:
jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64
SOLR_JAVA_HOME: $SNAP/usr/lib/jvm/java-17-openjdk-amd64
# provide means for java gstreamer to find gstreamer libs with jna.library.path
# set user home to new home value to avoid issues writing cache files to home
jreflags: $jreflags '-Duser.home=$HOME' '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib'
# to load libtsk.so
LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH
# make sure path is set up to ensure things like photorec are found
PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH
# gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries
# more information here: https://forum.snapcraft.io/t/trouble-with-ros-and-gstreamer/5518/6
GST_PLUGIN_SYSTEM_PATH: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer-1.0
GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner
SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs
SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs
# taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml
DISABLE_WAYLAND: 1
GTK_USE_PORTAL: 1
command: autopsy/bin/autopsywrapper.sh
# More gnome info here: https://snapcraft.io/docs/gnome-extension
extensions: [gnome]
common-id: org.sleuthkit.autopsy
plugs:
# taken from https://snapcraft.io/docs/supported-interfaces
- audio-playback
- block-devices
- browser-sandbox
- desktop
- desktop-launch
- desktop-legacy
- dm-crypt
- fuse-support
- gsettings
- hardware-observe
- home
- hugepages-control
- kernel-crypto-api
- mount-observe
- network
- network-bind
- network-observe
- network-setup-observe
- network-status
- opengl
- optical-drive
- removable-media
- system-files-autopsy
- system-files-hugepages
- system-observe
slots:
- dbus-daemon
parts:
sleuthkit:
# more information on plugins here: https://snapcraft.io/docs/supported-plugins
plugin: autotools
source: https://github.com/sleuthkit/sleuthkit.git
source-branch: develop
#source-tag: sleuthkit-4.12.0
build-environment: [JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64]
# information on packages here: https://snapcraft.io/docs/package-repositories
build-packages:
- build-essential
- autoconf
- libtool
- automake
- zip
- openjdk-17-jdk
- openjdk-17-jre
- ant
- ant-contrib
- ant-optional
- libpq-dev
- testdisk
- libafflib-dev
- libewf-dev
- libvhdi-dev
- libvmdk-dev
stage-packages:
- libpq-dev
- testdisk
- libafflib-dev
- libewf-dev
- libvhdi-dev
- libvmdk-dev
autopsy:
after: [sleuthkit]
# information on packages here: https://snapcraft.io/docs/package-repositories
build-packages:
- zip
- unzip
- openjdk-17-jdk
- openjdk-17-jre
- ant
- doxygen
stage-packages:
# lib heif reqs
- libheif-dev
- libde265-dev
# pg reqs
- libpq-dev
- testdisk
# TODO these may not be necessary
- freeglut3
- libpsm-infinipath1
- libpsm-infinipath1-dev
- libglu1-mesa
# libgstreamer reqs
- libgstreamer1.0-dev
- libgstreamer-plugins-base1.0-dev
- libgstreamer-plugins-bad1.0-dev
- libgstreamer1.0-0
- gstreamer1.0-plugins-base
- gstreamer1.0-plugins-good
- gstreamer1.0-plugins-bad
- gstreamer1.0-plugins-ugly
- gstreamer1.0-libav
- gstreamer1.0-tools
- gstreamer1.0-x
- gstreamer1.0-alsa
- gstreamer1.0-gl
- gstreamer1.0-gtk3
- gstreamer1.0-qt5
- gstreamer1.0-pulseaudio
- openjdk-17-jre
- openjdk-17-jdk
- perl
# needed by solr to determine locally running ports
- lsof
# TODO may be needed by openjfx
# taken from https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml
- libatk1.0-0
- libatk-bridge2.0-0
- libatspi2.0-0
- libcairo2
- libcairo-gobject2
- libdatrie1
- libepoxy0
- libfontconfig1
- libfreetype6
- libgdk-pixbuf2.0-0
- libgl1
- libglvnd0
- libglx0
- libgraphite2-3
- libgtk2.0-0
- libgtk-3-0
- libharfbuzz0b
- libpango-1.0-0
- libpangocairo-1.0-0
- libpangoft2-1.0-0
- libpixman-1-0
- libpng16-16
- libthai0
- libwayland-client0
- libwayland-cursor0
- libwayland-egl1
- libx11-6
- libxau6
- libxcb1
- libxcb-render0
- libxcb-shm0
- libxcomposite1
- libxcursor1
- libxdamage1
- libxdmcp6
- libxext6
- libxfixes3
- libxi6
- libxinerama1
- libxkbcommon0
- libxrandr2
- libxrender1
- libxtst6
# Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module"
- libcanberra-gtk3-module
# Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module"
- packagekit-gtk3-module
plugin: nil
# source: https://github.com/sleuthkit/autopsy.git
source: https://github.com/gdicristofaro/autopsy.git
# source-branch: develop
source-branch: 8425-snap
build-environment:
- JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
- TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java
# information on parts environment variables here: https://snapcraft.io/docs/parts-environment-variables
override-build: |
# ----- BUILD ZIP -----
AUTOPSY_SRC_PATH=$(pwd)
NETBEANS_PLAT_VER=$(grep "netbeans-plat-version=" "$AUTOPSY_SRC_PATH/nbproject/platform.properties" | cut -d'=' -f2)
AUTOPSY_PLATFORM_PATH="$AUTOPSY_SRC_PATH/netbeans-plat/$NETBEANS_PLAT_VER"
AUTOPSY_HARNESS_PATH="$AUTOPSY_PLATFORM_PATH/harness"
export TSK_HOME="$HOME/parts/sleuthkit/build"
ant -Dnbplatform.active.dir="$AUTOPSY_PLATFORM_PATH" -Dnbplatform.default.harness.dir="$AUTOPSY_HARNESS_PATH" build build-zip
# ----- SETUP EXTRACT DIRECTORY -----
AUTOPSY_LOCATION="$SNAPCRAFT_PART_INSTALL/autopsy"
mkdir -p $AUTOPSY_LOCATION
AUTOPSY_ZIP=$(find ./dist -maxdepth 1 -name "autopsy-*.*.*.zip")
AUTOPSY_ZIP_TMP_LOC=./dist/autopsy_tmp_zip_loc
mkdir -p $AUTOPSY_ZIP_TMP_LOC
unzip $AUTOPSY_ZIP -d $AUTOPSY_ZIP_TMP_LOC
AUTOPSY_EXTRACTED_TMP_LOC=$(find $AUTOPSY_ZIP_TMP_LOC -maxdepth 1 -name "autopsy-*.*.*")
cp -r $AUTOPSY_EXTRACTED_TMP_LOC/* $AUTOPSY_LOCATION
# ----- RUN UNIX SETUP SCRIPT -----
UNIX_SETUP_SCRIPT="$AUTOPSY_LOCATION/unix_setup.sh"
chmod +x $UNIX_SETUP_SCRIPT
$UNIX_SETUP_SCRIPT
# snaps run applications with different permissions. This ensures applications can run.
chmod 755 "$AUTOPSY_LOCATION/bin/autopsy"
# wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try
cat <<EOF > $AUTOPSY_LOCATION/bin/autopsywrapper.sh
#!/bin/bash
mkdir -p \$HOME/tmp
echo Starting Autopsy...
\$SNAP/autopsy/bin/autopsy
EOF
chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh
# handles issue finding libgtk-2.0.so
LIB_GTK_LINK=$SNAPCRAFT_PART_INSTALL/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so
if ! [[ -L $LIB_GTK_LINK ]] ; then
LIB_GTK_LINK_PARENT="$(dirname "$LIB_GTK_LINK")"
pushd $LIB_GTK_LINK_PARENT
LIB_GTK_TARGET=../../../gnome-platform/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
ln -s $LIB_GTK_TARGET $LIB_GTK_LINK
popd
fi
# include this line to print all set variables
# set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"
# sed -i '129 i ' "$AUTOPSY_LOCATION/platform/lib/nbexec"
# taken from https://github.com/ubuntu/gnome-recipes/blob/stable/snapcraft.yaml
cleanup:
after: [autopsy]
plugin: nil
build-snaps: [core22, gtk-common-themes, gnome-42-2204]
override-prime: |
set -eux
for snap in "core22" "gtk-common-themes" "gnome-42-2204"; do
cd "/snap/$snap/current" && find . -type f,l -name *.so.* -exec rm -f "$CRAFT_PRIME/{}" \;
done
# remove cross-installed repeated libraries (in /usr/lib in the SDK, but in /usr/lib/TRIPLET
# here, and the opposite)
for snap in "core22" "gnome-42-2204"; do
cd "/snap/$snap/current/usr/lib"
for filename in [ *.so* ]; do
rm -f "$CRAFT_PRIME/usr/lib/$CRAFT_ARCH_TRIPLET/$filename"
done
cd "/snap/$snap/current/usr/lib/$CRAFT_ARCH_TRIPLET"
for filename in [ *.so* ]; do
rm -f "$CRAFT_PRIME/usr/lib/$filename"
done
done
Reference in New Issue View Git Blame Copy Permalink