patch in ebuild and fix sensor_agent.initd

Package-Manager: portage-2.0.51.22-r3
author: Benjamin Smee <strerror@gentoo.org> 2005-10-10 23:23:05 +0000
committer: Benjamin Smee <strerror@gentoo.org> 2005-10-10 23:23:05 +0000
commit: 93ad57839afa52df54dedd8b16e9b5b6bbc69fac (patch)
tree: 606869dc5aa9084dbc19eaddbedeeb673cb14cf1 /net-analyzer
parent: firefox use flag for totem is no more (diff)
download: historical-93ad57839afa52df54dedd8b16e9b5b6bbc69fac.tar.gz
historical-93ad57839afa52df54dedd8b16e9b5b6bbc69fac.tar.bz2
historical-93ad57839afa52df54dedd8b16e9b5b6bbc69fac.zip
5 files changed, 106 insertions, 5 deletions
diff --git a/net-analyzer/sguil-sensor/ChangeLog b/net-analyzer/sguil-sensor/ChangeLog
index b7791564cf33..a6c8ea0d779a 100644
--- a/net-analyzer/sguil-sensor/ChangeLog
+++ b/net-analyzer/sguil-sensor/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-analyzer/sguil-sensor
 # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/ChangeLog,v 1.5 2005/10/10 19:27:23 strerror Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/ChangeLog,v 1.6 2005/10/10 23:23:05 strerror Exp $
+
+*sguil-sensor-0.5.3-r2 (10 Oct 2005)
+
+  10 Oct 2005; Benjamin Smee <strerror@gentoo.org> files/sensor_agent.initd,
+  +sguil-sensor-0.5.3-r2.ebuild:
+  patch in ebuild and fix sensor_agent.initd
 
   10 Oct 2005; Benjamin Smee <strerror@gentoo.org> files/sensor_agent.initd:
   fix to sensor_agent.initd for pid creation
diff --git a/net-analyzer/sguil-sensor/Manifest b/net-analyzer/sguil-sensor/Manifest
index ba16c38fd730..a46cb0c70779 100644
--- a/net-analyzer/sguil-sensor/Manifest
+++ b/net-analyzer/sguil-sensor/Manifest
@@ -1,9 +1,11 @@
 MD5 b3896e4b977e661e1431e2c844bcb84e sguil-sensor-0.5.3.ebuild 2454
-MD5 6e9c36ec5fce14b8dd6f4aad61ba764c ChangeLog 983
+MD5 39cd74215dc2f078e211c1864a9291df sguil-sensor-0.5.3-r2.ebuild 2699
+MD5 6d91fcf38c7e41c4ee6772745eb5f34e ChangeLog 1177
 MD5 5355b4f79a0130d075711f0a54840239 metadata.xml 223
 MD5 ab9cf2a1bf4f414026a8d9caa9b349b8 sguil-sensor-0.5.3-r1.ebuild 2590
 MD5 7dea1d8d6ed9dadaa3768e6ba138fe76 files/digest-sguil-sensor-0.5.3 69
 MD5 b00be8c2354effc6b8d51da0ca0a02da files/log_packets.confd 553
 MD5 0982853c1c4d9ed283f9faac1a1f89a5 files/log_packets.initd 2255
-MD5 63d12eaac804d3f8bfebd102a54028c3 files/sensor_agent.initd 797
+MD5 87465a7b8792682b4dae8e2e46eed0bb files/sensor_agent.initd 757
 MD5 7dea1d8d6ed9dadaa3768e6ba138fe76 files/digest-sguil-sensor-0.5.3-r1 69
+MD5 7dea1d8d6ed9dadaa3768e6ba138fe76 files/digest-sguil-sensor-0.5.3-r2 69
diff --git a/net-analyzer/sguil-sensor/files/digest-sguil-sensor-0.5.3-r2 b/net-analyzer/sguil-sensor/files/digest-sguil-sensor-0.5.3-r2
new file mode 100644
index 000000000000..e75aa2ff25cd
--- /dev/null
+++ b/net-analyzer/sguil-sensor/files/digest-sguil-sensor-0.5.3-r2
@@ -0,0 +1 @@
+MD5 681fa7e99aa674c0e2be4788ef503d69 sguil-sensor-0.5.3.tar.gz 89816
diff --git a/net-analyzer/sguil-sensor/files/sensor_agent.initd b/net-analyzer/sguil-sensor/files/sensor_agent.initd
index 8201f991091a..04f5d2b5a0e7 100644
--- a/net-analyzer/sguil-sensor/files/sensor_agent.initd
+++ b/net-analyzer/sguil-sensor/files/sensor_agent.initd
@@ -17,8 +17,8 @@ checkconfig() {
 start() {
         checkconfig || return 1
         ebegin "Starting Sensor Agent"
-        start-stop-daemon --start -c sguil -m --pidfile /var/run/sguil/sensor.pid \
-			--quiet --exec /usr/bin/sensor_agent.tcl -- -D -c "/etc/sguil/sensor_agent.conf">/dev/null 2>&1
+        start-stop-daemon --start -c sguil --quiet --exec /usr/bin/sensor_agent.tcl \
+		-- -D -c "/etc/sguil/sensor_agent.conf">/dev/null 2>&1
         eend $?
 }
 
diff --git a/net-analyzer/sguil-sensor/sguil-sensor-0.5.3-r2.ebuild b/net-analyzer/sguil-sensor/sguil-sensor-0.5.3-r2.ebuild
new file mode 100644
index 000000000000..a5c99cd74bcc
--- /dev/null
+++ b/net-analyzer/sguil-sensor/sguil-sensor-0.5.3-r2.ebuild
@@ -0,0 +1,92 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/sguil-sensor-0.5.3-r2.ebuild,v 1.1 2005/10/10 23:23:05 strerror Exp $
+
+inherit eutils
+
+DESCRIPTION="Sensor part of sguil Network Security Monitoring"
+HOMEPAGE="http://sguil.sourceforge.net"
+SRC_URI="mirror://sourceforge/sguil/sguil-sensor-${PV}.tar.gz"
+
+LICENSE="QPL"
+SLOT="0"
+KEYWORDS="~x86"
+IUSE=""
+
+DEPEND=">=dev-lang/tcl-8.3"
+RDEPEND="${DEPEND}
+	>=dev-tcltk/tclx-8.3
+	>=net-analyzer/snort-2.4.1-r1
+	>=net-analyzer/barnyard-0.2.0-r1
+	net-analyzer/sancp
+	dev-ml/pcre-ocaml"
+
+S=${WORKDIR}/sguil-${PV}
+
+pkg_setup() {
+	if built_with_use tcl threads ; then
+		eerror
+		eerror "Sguil does not run when tcl was built with threading enabled."
+		eerror "Please rebuild tcl without threads and reemerge this ebuild."
+		eerror
+		die
+	fi
+
+	if ! built_with_use snort sguil ; then
+		eerror
+		eerror "You need to emerge snort with 'sguil' USE flag to get"
+		eerror "the full sguil functionality"
+		eerror
+		die
+	fi
+	enewgroup sguil
+	enewuser sguil -1 -1 /var/lib/sguil sguil
+}
+
+src_unpack() {
+	unpack ${A}
+	cd ${S}/sensor
+	sed -i -e 's:192.168.8.1:127.0.0.1:' -e "s:gateway:${HOSTNAME}:" \
+		-e 's:/snort_data:/var/lib/sguil:' -e 's:DAEMON 0:DAEMON 1:' \
+		-e 's:DEBUG 1:DEBUG 0:g' sensor_agent.conf || die "sed failed"
+	sed -i -e 's:/var/run/sensor_agent.pid:/var/run/sguil/sensor.pid:' \
+		sensor_agent.tcl || die "sed failed"
+}
+
+src_install() {
+
+	dodoc doc/*
+
+	dobin sensor/sensor_agent.tcl
+
+	newinitd "${FILESDIR}/log_packets.initd" log_packets
+	newinitd "${FILESDIR}/sensor_agent.initd" sensor_agent
+	newconfd "${FILESDIR}/log_packets.confd" log_packets
+	insinto /etc/sguil
+	doins sensor/sensor_agent.conf
+
+	# Create the directory structure
+	diropts -g sguil -o sguil
+	keepdir /var/lib/sguil /var/run/sguil /var/run/sguil/archive \
+		"/var/lib/sguil/${HOSTNAME}" \
+		"/var/lib/sguil/${HOSTNAME}/portscans" \
+		"/var/lib/sguil/${HOSTNAME}/ssn_logs" \
+		"/var/lib/sguil/${HOSTNAME}/dailylogs" \
+		"/var/lib/sguil/${HOSTNAME}/sancp"
+
+}
+
+pkg_postinst() {
+	einfo
+	einfo "You should check /etc/sguil/sensor_agent.conf and"
+	einfo "/etc/init.d/logpackets and ensure that they are accurate"
+	einfo "for your environment. They should work providing that you"
+	einfo "are running the sensor on the same machine as the server."
+	einfo "This ebuild assumes that you are running a single sensor"
+	einfo "environment, if this is not the case then you must make sure"
+	einfo "to modify /etc/sguil/sensor_agent.conf and change the HOSTNAME variable."
+	einfo "You should crontab the /etc/init.d/log_packets script to restart"
+	einfo "each hour."
+	einfo
+}
+
author	Benjamin Smee <strerror@gentoo.org>	2005-10-10 23:23:05 +0000
committer	Benjamin Smee <strerror@gentoo.org>	2005-10-10 23:23:05 +0000
commit	93ad57839afa52df54dedd8b16e9b5b6bbc69fac (patch)
tree	606869dc5aa9084dbc19eaddbedeeb673cb14cf1 /net-analyzer
parent	firefox use flag for totem is no more (diff)
download	historical-93ad57839afa52df54dedd8b16e9b5b6bbc69fac.tar.gz historical-93ad57839afa52df54dedd8b16e9b5b6bbc69fac.tar.bz2 historical-93ad57839afa52df54dedd8b16e9b5b6bbc69fac.zip