Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Patrick Lauer (patrick)" <patrick@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-analyzer/snort: snort-2.9.6.2.ebuild ChangeLog
Date: Mon, 25 Aug 2014 02:49:20
Message-Id: 20140825024916.8AA023D76@oystercatcher.gentoo.org
1 patrick 14/08/25 02:49:16
2
3 Modified: ChangeLog
4 Added: snort-2.9.6.2.ebuild
5 Log:
6 Bump
7
8 (Portage version: 2.2.12/cvs/Linux x86_64, unsigned Manifest commit)
9
10 Revision Changes Path
11 1.206 net-analyzer/snort/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.206&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.206&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.205&r2=1.206
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v
20 retrieving revision 1.205
21 retrieving revision 1.206
22 diff -u -r1.205 -r1.206
23 --- ChangeLog 9 Jul 2014 08:12:43 -0000 1.205
24 +++ ChangeLog 25 Aug 2014 02:49:16 -0000 1.206
25 @@ -1,6 +1,11 @@
26 # ChangeLog for net-analyzer/snort
27 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.205 2014/07/09 08:12:43 patrick Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.206 2014/08/25 02:49:16 patrick Exp $
30 +
31 +*snort-2.9.6.2 (25 Aug 2014)
32 +
33 + 25 Aug 2014; Patrick Lauer <patrick@g.o> +snort-2.9.6.2.ebuild:
34 + Bump
35
36 *snort-2.9.6.1 (09 Jul 2014)
37
38
39
40
41 1.1 net-analyzer/snort/snort-2.9.6.2.ebuild
42
43 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/snort-2.9.6.2.ebuild?rev=1.1&view=markup
44 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/snort-2.9.6.2.ebuild?rev=1.1&content-type=text/plain
45
46 Index: snort-2.9.6.2.ebuild
47 ===================================================================
48 # Copyright 1999-2014 Gentoo Foundation
49 # Distributed under the terms of the GNU General Public License v2
50 # $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.9.6.2.ebuild,v 1.1 2014/08/25 02:49:16 patrick Exp $
51
52 EAPI="5"
53 inherit autotools multilib user
54
55 DESCRIPTION="The de facto standard for intrusion detection/prevention"
56 HOMEPAGE="http://www.snort.org/"
57 SRC_URI="https://www.snort.org/downloads/${PN}/${P}.tar.gz"
58 LICENSE="GPL-2"
59 SLOT="0"
60 KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86"
61 IUSE="static +zlib +gre +mpls +targetbased +ppm +perfprofiling
62 +non-ether-decoders control-socket file-inspect high-availability
63 shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen
64 +threads debug +active-response +normalizer reload-error-restart
65 +react +flexresp3 large-pcap-64bit selinux"
66
67 DEPEND=">=net-libs/libpcap-1.3.0
68 >=net-libs/daq-2.0.2
69 >=dev-libs/libpcre-8.33
70 dev-libs/libdnet
71 zlib? ( sys-libs/zlib )"
72
73 RDEPEND="${DEPEND}
74 selinux? ( sec-policy/selinux-snort )"
75
76 REQUIRED_USE="!kernel_linux? ( !shared-rep )"
77
78 pkg_setup() {
79
80 # pre_inst() is a better place to put this
81 # but we need it here for the 'fowners' statements in src_install()
82 enewgroup snort
83 enewuser snort -1 -1 /dev/null snort
84
85 }
86
87 src_prepare() {
88
89 # Multilib fix for the sf_engine
90 ebegin "Applying multilib fix"
91 sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \
92 "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \
93 || die "sed for sf_engine failed"
94
95 # Multilib fix for the curent set of dynamic-preprocessors
96 for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do
97 sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \
98 "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \
99 || die "sed for $i failed."
100 done
101 eend
102
103 AT_M4DIR=m4 eautoreconf
104 }
105
106 src_configure() {
107
108 econf \
109 $(use_enable !static shared) \
110 $(use_enable static) \
111 $(use_enable static so-with-static-lib) \
112 $(use_enable zlib) \
113 $(use_enable gre) \
114 $(use_enable mpls) \
115 $(use_enable targetbased) \
116 $(use_enable control-socket) \
117 $(use_enable file-inspect) \
118 $(use_enable high-availability ha) \
119 $(use_enable non-ether-decoders) \
120 $(use_enable shared-rep) \
121 $(use_enable side-channel) \
122 $(use_enable sourcefire) \
123 $(use_enable ppm) \
124 $(use_enable perfprofiling) \
125 $(use_enable linux-smp-stats) \
126 $(use_enable inline-init-failopen) \
127 $(use_enable threads pthread) \
128 $(use_enable debug) \
129 $(use_enable debug debug-msgs) \
130 $(use_enable debug corefiles) \
131 $(use_enable !debug dlclose) \
132 $(use_enable active-response) \
133 $(use_enable normalizer) \
134 $(use_enable reload-error-restart) \
135 $(use_enable react) \
136 $(use_enable flexresp3) \
137 $(use_enable large-pcap-64bit large-pcap) \
138 --enable-reload \
139 --disable-build-dynamic-examples \
140 --disable-profile \
141 --disable-ppm-test \
142 --disable-intel-soft-cpm \
143 --disable-static-daq \
144 --disable-rzb-saac
145 }
146
147 src_install() {
148
149 emake DESTDIR="${D}" install
150
151 dodir /var/log/snort \
152 /var/run/snort \
153 /etc/snort/rules \
154 /etc/snort/so_rules \
155 /usr/$(get_libdir)/snort_dynamicrules
156
157 # config.log and build.log are needed by Sourcefire
158 # to trouble shoot build problems and bug reports so we are
159 # perserving them incase the user needs upstream support.
160 dodoc RELEASE.NOTES ChangeLog \
161 doc/* \
162 tools/u2boat/README.u2boat
163
164 insinto /etc/snort
165 doins etc/attribute_table.dtd \
166 etc/classification.config \
167 etc/gen-msg.map \
168 etc/reference.config \
169 etc/threshold.conf \
170 etc/unicode.map
171
172 # We use snort.conf.distrib because the config file is complicated
173 # and the one shipped with snort can change drastically between versions.
174 # Users should migrate setting by hand and not with etc-update.
175 newins etc/snort.conf snort.conf.distrib
176
177 # config.log and build.log are needed by Sourcefire
178 # to troubleshoot build problems and bug reports so we are
179 # preserving them incase the user needs upstream support.
180 if [ -f "${WORKDIR}/${PF}/config.log" ]; then
181 dodoc "${WORKDIR}/${PF}/config.log"
182 fi
183 if [ -f "${T}/build.log" ]; then
184 dodoc "${T}/build.log"
185 fi
186
187 insinto /etc/snort/preproc_rules
188 doins preproc_rules/decoder.rules \
189 preproc_rules/preprocessor.rules \
190 preproc_rules/sensitive-data.rules
191
192 fowners -R snort:snort \
193 /var/log/snort \
194 /var/run/snort \
195 /etc/snort
196
197 newinitd "${FILESDIR}/snort.rc12" snort
198 newconfd "${FILESDIR}/snort.confd.2" snort
199
200 # Sourcefire uses Makefiles to install docs causing Bug #297190.
201 # This removes the unwanted doc directory and rogue Makefiles.
202 rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories"
203 rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files"
204
205 # Remove unneeded .la files (Bug #382863)
206 rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die
207 rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la"
208
209 # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
210 sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \
211 "${D}etc/snort/snort.conf.distrib" || die
212
213 # Set the correct rule location in the config
214 sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \
215 "${D}etc/snort/snort.conf.distrib" || die
216
217 # Set the correct preprocessor/decoder rule location in the config
218 sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \
219 "${D}etc/snort/snort.conf.distrib" || die
220
221 # Enable the preprocessor/decoder rules
222 sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \
223 "${D}etc/snort/snort.conf.distrib" || die
224
225 sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \
226 "${D}etc/snort/snort.conf.distrib" || die
227
228 # Just some clean up of trailing /'s in the config
229 sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \
230 "${D}etc/snort/snort.conf.distrib" || die
231
232 # Make it clear in the config where these are...
233 sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \
234 "${D}etc/snort/snort.conf.distrib" || die
235
236 sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \
237 "${D}etc/snort/snort.conf.distrib" || die
238
239 # Disable all rule files by default.
240 sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \
241 "${D}etc/snort/snort.conf.distrib" || die
242
243 # Disable normalizer preprocessor config if normalizer USE flag not set.
244 if ! use normalizer; then
245 sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \
246 "${D}etc/snort/snort.conf.distrib" || die
247 fi
248
249 # Set the configured DAQ to afpacket
250 sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \
251 "${D}etc/snort/snort.conf.distrib" || die
252
253 # Set the location of the DAQ modules
254 sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \
255 "${D}etc/snort/snort.conf.distrib" || die
256
257 # Set the DAQ mode to passive
258 sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \
259 "${D}etc/snort/snort.conf.distrib" || die
260
261 # Set snort to run as snort:snort
262 sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \
263 "${D}etc/snort/snort.conf.distrib" || die
264 sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \
265 "${D}etc/snort/snort.conf.distrib" || die
266
267 # Set the default log dir
268 sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \
269 "${D}etc/snort/snort.conf.distrib" || die
270
271 # Set the correct so_rule location in the config
272 sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \
273 "${D}etc/snort/snort.conf.distrib" || die
274 }
275
276 pkg_postinst() {
277
278 einfo "There have been a number of improvements and new features"
279 einfo "added to ${P}. Please review the RELEASE.NOTES and"
280 einfo "ChangLog located in /usr/share/doc/${PF}."
281 einfo
282 elog "The Sourcefire Vulnerability Research Team (VRT) recommends that"
283 elog "users migrate their snort.conf customizations to the latest config"
284 elog "file released by the VRT. You can find the latest version of the"
285 elog "Snort config file in /etc/snort/snort.conf.distrib."
286 elog
287 elog "!! It is important that you migrate to this new snort.conf file !!"
288 elog
289 elog "This version of the ebuild includes an updated init.d file and"
290 elog "conf.d file that rely on options found in the latest Snort"
291 elog "config file provided by the VRT."
292
293 if use debug; then
294 elog "You have the 'debug' USE flag enabled. If this has been done to"
295 elog "troubleshoot an issue by producing a core dump or a back trace,"
296 elog "then you need to also ensure the FEATURES variable in make.conf"
297 elog "contains the 'nostrip' option."
298 fi
299 }
Report Message
Find on MARC Find on Google Groups