[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/ - gentoo-commits

From:	Marek Szuba <marecki@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
Date:	Wed, 24 Aug 2022 15:36:34
Message-Id:	`1661355378.cfb2e41c5dff7fa16debdb27c58fcdfb66f3c5b8.marecki@gentoo`

1

commit:     cfb2e41c5dff7fa16debdb27c58fcdfb66f3c5b8

2

Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>

3

AuthorDate: Wed Aug 24 15:34:28 2022 +0000

4

Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>

5

CommitDate: Wed Aug 24 15:36:18 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cfb2e41c

7

8

net-analyzer/suricata: remove bashisms from the init script

9

10

Closes: https://bugs.gentoo.org/840945

11

Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

12

13

 net-analyzer/suricata/files/suricata.confd         |  62 +++++++++

14

 net-analyzer/suricata/files/suricata.initd         | 147 +++++++++++++++++++++

15

 ...icata-6.0.6.ebuild => suricata-6.0.6-r1.ebuild} |   4 +-

16

 3 files changed, 211 insertions(+), 2 deletions(-)

17

18

diff --git a/net-analyzer/suricata/files/suricata.confd b/net-analyzer/suricata/files/suricata.confd

19

new file mode 100644

20

index 000000000000..7f22113dbf0d

21

--- /dev/null

22

+++ b/net-analyzer/suricata/files/suricata.confd

23

@@ -0,0 +1,62 @@

24

+# Config file for /etc/init.d/suricata*

25

+

26

+# Where config files are stored. Default:

27

+

28

+# SURICATA_DIR="/etc/suricata"

29

+

30

+# Pass options to each suricata service.

31

+#

32

+# You can launch more than one service at the same time with different options.

33

+# This can be useful in a multi-queue gateway, for example.

34

+# You can expand on the Suricata inline example found at:

35

+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html

36

+# Instead of configuring iptables to send traffic to just one queue, you can configure it to "load balance"

37

+# on several queues. You can then have a Suricata instance processing traffic for each queue.

38

+# This should help improve performance on the gateway/firewall.

39

+#

40

+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You can now do the following:

41

+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0

42

+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1

43

+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml

44

+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml

45

+#

46

+# Edit both suricata-q{0,1}.yaml files and set values accordingly.

47

+# You can override these yaml config file names with SURICATA_CONF* below (optional).

48

+# This allows you to use the same yaml config file for multiple instances as long as you override

49

+# sensible options such as the log file paths.

50

+# SURICATA_CONF_q0="suricata-queues.yaml"

51

+# SURICATA_CONF_q1="suricata-queues.yaml"

52

+# SURICATA_CONF="suricata.yaml"

53

+

54

+# You can define the options here:

55

+# NB: avoid using -l, -c, --user, --group and setting logging.outputs.1.file.filename as the init script will try to set them for you.

56

+

57

+# SURICATA_OPTS_q0="-q 0"

58

+# SURICATA_OPTS_q1="-q 1"

59

+

60

+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata

61

+# then you can set:

62

+

63

+SURICATA_OPTS="--af-packet"

64

+

65

+# Log paths listed here will be created by the init script and will override the log path

66

+# set in the yaml file, if present.

67

+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"

68

+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"

69

+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"

70

+

71

+# Run as user/group.

72

+# Do not define if you want to run as root or as the user defined in the yaml config file (run-as).

73

+# The ebuild should have created the dedicated user/group suricata:suricata for you to specify here below.

74

+# SURICATA_USER_q0="suricata"

75

+# SURICATA_GROUP_q0="suricata"

76

+# SURICATA_USER_q1="suricata"

77

+# SURICATA_GROUP_q1="suricata"

78

+# SURICATA_USER="suricata"

79

+# SURICATA_GROUP="suricata"

80

+

81

+# Suricata processes can take a long time to shut down.

82

+# If necessary, adjust timeout in seconds to be used when calling stop from the init script.

83

+# Examples:

84

+# SURICATA_MAX_WAIT_ON_STOP="300"

85

+# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"

86

87

diff --git a/net-analyzer/suricata/files/suricata.initd b/net-analyzer/suricata/files/suricata.initd

88

new file mode 100644

89

index 000000000000..154636ef828e

90

--- /dev/null

91

+++ b/net-analyzer/suricata/files/suricata.initd

92

@@ -0,0 +1,147 @@

93

+#!/sbin/openrc-run

94

+# Copyright 1999-2019 Gentoo Authors

95

+# Distributed under the terms of the GNU General Public License v2

96

+

97

+SURICATA_BIN=/usr/bin/suricata

98

+SURICATA_DIR=${SURICATA_DIR:-/etc/suricata}

99

+SURICATA=${SVCNAME#*.}

100

+SURICATAID=$(shell_var "${SURICATA}")

101

+if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then

102

+    eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}

103

+    [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"

104

+    SURICATAPID="/run/suricata/suricata.${SURICATA}.pid"

105

+    eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}

106

+    eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}

107

+    eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}

108

+    eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}

109

+else

110

+    SURICATACONF=${SURICATA_CONF}

111

+    [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"

112

+    SURICATAPID="/run/suricata/suricata.pid"

113

+    SURICATAOPTS=${SURICATA_OPTS}

114

+    SURICATALOGPATH=${SURICATA_LOG_FILE}

115

+    SURICATAUSER=${SURICATA_USER}

116

+    SURICATAGROUP=${SURICATA_GROUP}

117

+fi

118

+SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}

119

+SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}

120

+[ -e ${SURICATACONF} ] && SURICATAOPTS="-c ${SURICATACONF} ${SURICATAOPTS}"

121

+[ -z "${SURICATA_MAX_WAIT_ON_STOP}" ] || SURICATA_RETRY="--retry ${SURICATA_MAX_WAIT_ON_STOP}"

122

+

123

+description="Suricata IDS/IPS"

124

+extra_commands="checkconfig dump"

125

+description_checkconfig="Check config for ${SVCNAME}"

126

+description_dump="List all config values that can be used with --set"

127

+extra_started_commands="reload relog"

128

+description_reload="Live rule and config reload"

129

+description_relog="Close and re-open all log files"

130

+

131

+depend() {

132

+	need net

133

+	after mysql

134

+	after postgresql

135

+}

136

+

137

+checkconfig() {

138

+	if [ ! -d "/run/suricata" ] ; then

139

+		checkpath -d /run/suricata

140

+	fi

141

+	if [ ${#SURICATALOGPATH} -gt 0 ]; then

142

+		SURICATALOGFILE=$( basename ${SURICATALOGPATH} )

143

+		SURICATALOGFILE=${SURICATALOGFILE:-suricata.log}

144

+		SURICATALOGPATH=$( dirname ${SURICATALOGPATH} )

145

+		if [ ! -d "${SURICATALOGPATH}" ] ; then

146

+			checkpath -d "${SURICATALOGPATH}"

147

+		fi

148

+		if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ] && [ -e "${SURICATALOGPATH}" ]; then

149

+			chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}" || return 1

150

+			chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}"/* >/dev/null 2>&1 3>&1

151

+		fi

152

+		SURICATAOPTS="${SURICATAOPTS} --set logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"

153

+		SURICATALOGPATH="-l ${SURICATALOGPATH}"

154

+	fi

155

+	if [ ! -e ${SURICATACONF} ] ; then

156

+		einfo "The configuration file ${SURICATACONF} was not found."

157

+		einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."

158

+		einfo "Take a look at the suricata arguments --set and --dump-config."

159

+	fi

160

+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then

161

+		einfo "${SVCNAME} will run as user ${SURICATAUSER}:${SURICATAGROUP}."

162

+		SURICATAOPTS="${SURICATAOPTS} --user=${SURICATAUSER} --group=${SURICATAGROUP}"

163

+	fi

164

+}

165

+

166

+initpidinfo() {

167

+	[ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"

168

+	if [ ${#SUR_PID} -gt 0 ]; then

169

+	    SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"

170

+	    SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"

171

+	fi

172

+}

173

+

174

+checkpidinfo() {

175

+	initpidinfo

176

+        if [ ! -e ${SURICATAPID} ]; then

177

+        	eerror "${SVCNAME} isn't running"

178

+                return 1

179

+	elif [ ${#SUR_PID} -eq 0 ] || [ $((SUR_PID_CHECK)) -ne 1 ]; then

180

+		eerror "Could not determine PID of ${SVCNAME}! Did the service crash?"

181

+		return 1

182

+	elif [ ${#SUR_USER} -eq 0 ]; then

183

+		eerror "Unable to determine user running ${SVCNAME}!"

184

+		return 1

185

+	elif [ "x${SUR_USER}" != "xroot" ]; then

186

+		ewarn "${SVCNAME} may need to be running as root or as a priviledged user for the extra commands reload and relog to work."

187

+        fi

188

+}

189

+

190

+start() {

191

+	checkconfig || return 1

192

+	ebegin "Starting ${SVCNAME}"

193

+	start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \

194

+		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH} >/dev/null 2>&1

195

+	local SUR_EXIT=$?

196

+	if [ $((SUR_EXIT)) -ne 0 ]; then

197

+	    einfo "Could not start ${SURICATA_BIN} with:"

198

+	    einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH}"

199

+	    einfo "Exit code ${SUR_EXIT}"

200

+	fi

201

+	eend ${SUR_EXIT}

202

+}

203

+

204

+stop() {

205

+	ebegin "Stopping ${SVCNAME}"

206

+	start-stop-daemon --stop ${SURICATA_RETRY} --quiet --pidfile ${SURICATAPID} >/dev/null 2>&1

207

+	eend $?

208

+}

209

+

210

+reload() {

211

+	checkpidinfo || return 1

212

+	checkconfig || return 1

213

+	ebegin "Sending USR2 signal to ${SVCNAME} to perform a live rule and config reload."

214

+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then

215

+		start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal USR2 --pidfile ${SURICATAPID}

216

+	else

217

+		start-stop-daemon --signal USR2 --pidfile ${SURICATAPID}

218

+	fi

219

+	eend $?

220

+}

221

+

222

+relog() {

223

+	checkpidinfo || return 1

224

+	checkconfig || return 1

225

+	ebegin "Sending HUP signal to ${SVCNAME} to close and re-open all log files."

226

+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then

227

+		start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal HUP --pidfile ${SURICATAPID}

228

+	else

229

+		start-stop-daemon --signal HUP --pidfile ${SURICATAPID}

230

+	fi

231

+	eend $?

232

+}

233

+

234

+dump() {

235

+	checkconfig || return 1

236

+	ebegin "Dumping ${SVCNAME} config values and quitting."

237

+	${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID} ${SURICATAOPTS} ${SURICATALOGPATH}

238

+	eend $?

239

+}

240

241

diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild

242

similarity index 98%

243

rename from net-analyzer/suricata/suricata-6.0.6.ebuild

244

rename to net-analyzer/suricata/suricata-6.0.6-r1.ebuild

245

index 054eb7c52431..aa3162a55d94 100644

246

--- a/net-analyzer/suricata/suricata-6.0.6.ebuild

247

+++ b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild

248

@@ -145,8 +145,8 @@ src_install() {

249

 	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"

250

 	fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"

251

252

-	newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}

253

-	newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}

254

+	newinitd "${FILESDIR}/${PN}.initd" ${PN}

255

+	newconfd "${FILESDIR}/${PN}.confd" ${PN}

256

 	systemd_dounit "${FILESDIR}"/${PN}.service

257

 	newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf

1	commit: cfb2e41c5dff7fa16debdb27c58fcdfb66f3c5b8
2	Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
3	AuthorDate: Wed Aug 24 15:34:28 2022 +0000
4	Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
5	CommitDate: Wed Aug 24 15:36:18 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cfb2e41c
7
8	net-analyzer/suricata: remove bashisms from the init script
9
10	Closes: https://bugs.gentoo.org/840945
11	Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
12
13	net-analyzer/suricata/files/suricata.confd \| 62 +++++++++
14	net-analyzer/suricata/files/suricata.initd \| 147 +++++++++++++++++++++
15	...icata-6.0.6.ebuild => suricata-6.0.6-r1.ebuild} \| 4 +-
16	3 files changed, 211 insertions(+), 2 deletions(-)
17
18	diff --git a/net-analyzer/suricata/files/suricata.confd b/net-analyzer/suricata/files/suricata.confd
19	new file mode 100644
20	index 000000000000..7f22113dbf0d
21	--- /dev/null
22	+++ b/net-analyzer/suricata/files/suricata.confd
23	@@ -0,0 +1,62 @@
24	+# Config file for /etc/init.d/suricata*
25	+
26	+# Where config files are stored. Default:
27	+
28	+# SURICATA_DIR="/etc/suricata"
29	+
30	+# Pass options to each suricata service.
31	+#
32	+# You can launch more than one service at the same time with different options.
33	+# This can be useful in a multi-queue gateway, for example.
34	+# You can expand on the Suricata inline example found at:
35	+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
36	+# Instead of configuring iptables to send traffic to just one queue, you can configure it to "load balance"
37	+# on several queues. You can then have a Suricata instance processing traffic for each queue.
38	+# This should help improve performance on the gateway/firewall.
39	+#
40	+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You can now do the following:
41	+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
42	+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
43	+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
44	+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
45	+#
46	+# Edit both suricata-q{0,1}.yaml files and set values accordingly.
47	+# You can override these yaml config file names with SURICATA_CONF* below (optional).
48	+# This allows you to use the same yaml config file for multiple instances as long as you override
49	+# sensible options such as the log file paths.
50	+# SURICATA_CONF_q0="suricata-queues.yaml"
51	+# SURICATA_CONF_q1="suricata-queues.yaml"
52	+# SURICATA_CONF="suricata.yaml"
53	+
54	+# You can define the options here:
55	+# NB: avoid using -l, -c, --user, --group and setting logging.outputs.1.file.filename as the init script will try to set them for you.
56	+
57	+# SURICATA_OPTS_q0="-q 0"
58	+# SURICATA_OPTS_q1="-q 1"
59	+
60	+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata
61	+# then you can set:
62	+
63	+SURICATA_OPTS="--af-packet"
64	+
65	+# Log paths listed here will be created by the init script and will override the log path
66	+# set in the yaml file, if present.
67	+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
68	+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
69	+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
70	+
71	+# Run as user/group.
72	+# Do not define if you want to run as root or as the user defined in the yaml config file (run-as).
73	+# The ebuild should have created the dedicated user/group suricata:suricata for you to specify here below.
74	+# SURICATA_USER_q0="suricata"
75	+# SURICATA_GROUP_q0="suricata"
76	+# SURICATA_USER_q1="suricata"
77	+# SURICATA_GROUP_q1="suricata"
78	+# SURICATA_USER="suricata"
79	+# SURICATA_GROUP="suricata"
80	+
81	+# Suricata processes can take a long time to shut down.
82	+# If necessary, adjust timeout in seconds to be used when calling stop from the init script.
83	+# Examples:
84	+# SURICATA_MAX_WAIT_ON_STOP="300"
85	+# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"
86
87	diff --git a/net-analyzer/suricata/files/suricata.initd b/net-analyzer/suricata/files/suricata.initd
88	new file mode 100644
89	index 000000000000..154636ef828e
90	--- /dev/null
91	+++ b/net-analyzer/suricata/files/suricata.initd
92	@@ -0,0 +1,147 @@
93	+#!/sbin/openrc-run
94	+# Copyright 1999-2019 Gentoo Authors
95	+# Distributed under the terms of the GNU General Public License v2
96	+
97	+SURICATA_BIN=/usr/bin/suricata
98	+SURICATA_DIR=${SURICATA_DIR:-/etc/suricata}
99	+SURICATA=${SVCNAME#*.}
100	+SURICATAID=$(shell_var "${SURICATA}")
101	+if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
102	+ eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}
103	+ [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" \|\| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
104	+ SURICATAPID="/run/suricata/suricata.${SURICATA}.pid"
105	+ eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
106	+ eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
107	+ eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
108	+ eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}
109	+else
110	+ SURICATACONF=${SURICATA_CONF}
111	+ [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml" \|\| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
112	+ SURICATAPID="/run/suricata/suricata.pid"
113	+ SURICATAOPTS=${SURICATA_OPTS}
114	+ SURICATALOGPATH=${SURICATA_LOG_FILE}
115	+ SURICATAUSER=${SURICATA_USER}
116	+ SURICATAGROUP=${SURICATA_GROUP}
117	+fi
118	+SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}
119	+SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}
120	+[ -e ${SURICATACONF} ] && SURICATAOPTS="-c ${SURICATACONF} ${SURICATAOPTS}"
121	+[ -z "${SURICATA_MAX_WAIT_ON_STOP}" ] \|\| SURICATA_RETRY="--retry ${SURICATA_MAX_WAIT_ON_STOP}"
122	+
123	+description="Suricata IDS/IPS"
124	+extra_commands="checkconfig dump"
125	+description_checkconfig="Check config for ${SVCNAME}"
126	+description_dump="List all config values that can be used with --set"
127	+extra_started_commands="reload relog"
128	+description_reload="Live rule and config reload"
129	+description_relog="Close and re-open all log files"
130	+
131	+depend() {
132	+ need net
133	+ after mysql
134	+ after postgresql
135	+}
136	+
137	+checkconfig() {
138	+ if [ ! -d "/run/suricata" ] ; then
139	+ checkpath -d /run/suricata
140	+ fi
141	+ if [ ${#SURICATALOGPATH} -gt 0 ]; then
142	+ SURICATALOGFILE=$( basename ${SURICATALOGPATH} )
143	+ SURICATALOGFILE=${SURICATALOGFILE:-suricata.log}
144	+ SURICATALOGPATH=$( dirname ${SURICATALOGPATH} )
145	+ if [ ! -d "${SURICATALOGPATH}" ] ; then
146	+ checkpath -d "${SURICATALOGPATH}"
147	+ fi
148	+ if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ] && [ -e "${SURICATALOGPATH}" ]; then
149	+ chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}" \|\| return 1
150	+ chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}"/* >/dev/null 2>&1 3>&1
151	+ fi
152	+ SURICATAOPTS="${SURICATAOPTS} --set logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
153	+ SURICATALOGPATH="-l ${SURICATALOGPATH}"
154	+ fi
155	+ if [ ! -e ${SURICATACONF} ] ; then
156	+ einfo "The configuration file ${SURICATACONF} was not found."
157	+ einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."
158	+ einfo "Take a look at the suricata arguments --set and --dump-config."
159	+ fi
160	+ if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
161	+ einfo "${SVCNAME} will run as user ${SURICATAUSER}:${SURICATAGROUP}."
162	+ SURICATAOPTS="${SURICATAOPTS} --user=${SURICATAUSER} --group=${SURICATAGROUP}"
163	+ fi
164	+}
165	+
166	+initpidinfo() {
167	+ [ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
168	+ if [ ${#SUR_PID} -gt 0 ]; then
169	+ SUR_PID_CHECK="$(ps -eo pid \| grep -c ${SUR_PID})"
170	+ SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"
171	+ fi
172	+}
173	+
174	+checkpidinfo() {
175	+ initpidinfo
176	+ if [ ! -e ${SURICATAPID} ]; then
177	+ eerror "${SVCNAME} isn't running"
178	+ return 1
179	+ elif [ ${#SUR_PID} -eq 0 ] \|\| [ $((SUR_PID_CHECK)) -ne 1 ]; then
180	+ eerror "Could not determine PID of ${SVCNAME}! Did the service crash?"
181	+ return 1
182	+ elif [ ${#SUR_USER} -eq 0 ]; then
183	+ eerror "Unable to determine user running ${SVCNAME}!"
184	+ return 1
185	+ elif [ "x${SUR_USER}" != "xroot" ]; then
186	+ ewarn "${SVCNAME} may need to be running as root or as a priviledged user for the extra commands reload and relog to work."
187	+ fi
188	+}
189	+
190	+start() {
191	+ checkconfig \|\| return 1
192	+ ebegin "Starting ${SVCNAME}"
193	+ start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
194	+ -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH} >/dev/null 2>&1
195	+ local SUR_EXIT=$?
196	+ if [ $((SUR_EXIT)) -ne 0 ]; then
197	+ einfo "Could not start ${SURICATA_BIN} with:"
198	+ einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH}"
199	+ einfo "Exit code ${SUR_EXIT}"
200	+ fi
201	+ eend ${SUR_EXIT}
202	+}
203	+
204	+stop() {
205	+ ebegin "Stopping ${SVCNAME}"
206	+ start-stop-daemon --stop ${SURICATA_RETRY} --quiet --pidfile ${SURICATAPID} >/dev/null 2>&1
207	+ eend $?
208	+}
209	+
210	+reload() {
211	+ checkpidinfo \|\| return 1
212	+ checkconfig \|\| return 1
213	+ ebegin "Sending USR2 signal to ${SVCNAME} to perform a live rule and config reload."
214	+ if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
215	+ start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal USR2 --pidfile ${SURICATAPID}
216	+ else
217	+ start-stop-daemon --signal USR2 --pidfile ${SURICATAPID}
218	+ fi
219	+ eend $?
220	+}
221	+
222	+relog() {
223	+ checkpidinfo \|\| return 1
224	+ checkconfig \|\| return 1
225	+ ebegin "Sending HUP signal to ${SVCNAME} to close and re-open all log files."
226	+ if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
227	+ start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal HUP --pidfile ${SURICATAPID}
228	+ else
229	+ start-stop-daemon --signal HUP --pidfile ${SURICATAPID}
230	+ fi
231	+ eend $?
232	+}
233	+
234	+dump() {
235	+ checkconfig \|\| return 1
236	+ ebegin "Dumping ${SVCNAME} config values and quitting."
237	+ ${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID} ${SURICATAOPTS} ${SURICATALOGPATH}
238	+ eend $?
239	+}
240
241	diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
242	similarity index 98%
243	rename from net-analyzer/suricata/suricata-6.0.6.ebuild
244	rename to net-analyzer/suricata/suricata-6.0.6-r1.ebuild
245	index 054eb7c52431..aa3162a55d94 100644
246	--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
247	+++ b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
248	@@ -145,8 +145,8 @@ src_install() {
249	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
250	fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
251
252	- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
253	- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
254	+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
255	+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
256	systemd_dounit "${FILESDIR}"/${PN}.service
257	newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf

Gentoo Archives: gentoo-commits