1 |
commit: c35f490c5944f47bdcc633d70056ee8f433c3a44 |
2 |
Author: Marek Szuba <marecki <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jun 11 14:02:10 2018 +0000 |
4 |
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jun 11 14:04:06 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c35f490c |
7 |
|
8 |
net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags |
9 |
|
10 |
Invoking maintainer timeout on both issues. |
11 |
|
12 |
Closes: https://bugs.gentoo.org/652344 |
13 |
Package-Manager: Portage-2.3.40, Repoman-2.3.9 |
14 |
|
15 |
net-analyzer/suricata/Manifest | 1 + |
16 |
.../files/suricata-4.0.4_configure-lua-flags.patch | 16 ++ |
17 |
net-analyzer/suricata/suricata-4.0.4.ebuild | 168 +++++++++++++++++++++ |
18 |
3 files changed, 185 insertions(+) |
19 |
|
20 |
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest |
21 |
index b3ab446f9d9..cc70d0f7283 100644 |
22 |
--- a/net-analyzer/suricata/Manifest |
23 |
+++ b/net-analyzer/suricata/Manifest |
24 |
@@ -1 +1,2 @@ |
25 |
DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892 |
26 |
+DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e |
27 |
|
28 |
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch |
29 |
new file mode 100644 |
30 |
index 00000000000..bad66359afa |
31 |
--- /dev/null |
32 |
+++ b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch |
33 |
@@ -0,0 +1,16 @@ |
34 |
+--- a/configure.ac |
35 |
++++ b/configure.ac |
36 |
+@@ -1749,11 +1749,11 @@ |
37 |
+ # liblua |
38 |
+ AC_ARG_ENABLE(lua, |
39 |
+ AS_HELP_STRING([--enable-lua],[Enable Lua support]), |
40 |
+- [ enable_lua="yes"], |
41 |
++ [], |
42 |
+ [ enable_lua="no"]) |
43 |
+ AC_ARG_ENABLE(luajit, |
44 |
+ AS_HELP_STRING([--enable-luajit],[Enable Luajit support]), |
45 |
+- [ enable_luajit="yes"], |
46 |
++ [], |
47 |
+ [ enable_luajit="no"]) |
48 |
+ if test "$enable_lua" = "yes"; then |
49 |
+ if test "$enable_luajit" = "yes"; then |
50 |
|
51 |
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild |
52 |
new file mode 100644 |
53 |
index 00000000000..2622dccdb3b |
54 |
--- /dev/null |
55 |
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild |
56 |
@@ -0,0 +1,168 @@ |
57 |
+# Copyright 1999-2018 Gentoo Foundation |
58 |
+# Distributed under the terms of the GNU General Public License v2 |
59 |
+ |
60 |
+EAPI=5 |
61 |
+ |
62 |
+inherit autotools eutils user |
63 |
+ |
64 |
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine" |
65 |
+HOMEPAGE="https://suricata-ids.org/" |
66 |
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz" |
67 |
+ |
68 |
+LICENSE="GPL-2" |
69 |
+SLOT="0" |
70 |
+KEYWORDS="~amd64 ~x86" |
71 |
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test" |
72 |
+ |
73 |
+DEPEND=" |
74 |
+ >=dev-libs/jansson-2.2 |
75 |
+ dev-libs/libpcre |
76 |
+ dev-libs/libyaml |
77 |
+ net-libs/libnet:* |
78 |
+ net-libs/libnfnetlink |
79 |
+ dev-libs/nspr |
80 |
+ dev-libs/nss |
81 |
+ >=net-libs/libhtp-0.5.20 |
82 |
+ net-libs/libpcap |
83 |
+ sys-apps/file |
84 |
+ cuda? ( dev-util/nvidia-cuda-toolkit ) |
85 |
+ geoip? ( dev-libs/geoip ) |
86 |
+ lua? ( dev-lang/lua:* ) |
87 |
+ luajit? ( dev-lang/luajit:* ) |
88 |
+ nflog? ( net-libs/libnetfilter_log ) |
89 |
+ nfqueue? ( net-libs/libnetfilter_queue ) |
90 |
+ redis? ( dev-libs/hiredis ) |
91 |
+ logrotate? ( app-admin/logrotate ) |
92 |
+ sys-libs/libcap-ng |
93 |
+" |
94 |
+# #446814 |
95 |
+# prelude? ( dev-libs/libprelude ) |
96 |
+# pfring? ( sys-process/numactl net-libs/pf_ring) |
97 |
+RDEPEND="${DEPEND}" |
98 |
+ |
99 |
+pkg_setup() { |
100 |
+ enewgroup ${PN} |
101 |
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}" |
102 |
+} |
103 |
+ |
104 |
+src_prepare() { |
105 |
+ epatch "${FILESDIR}"/${P}_configure-lua-flags.patch |
106 |
+ eautoreconf |
107 |
+} |
108 |
+ |
109 |
+src_configure() { |
110 |
+ local myeconfargs=( |
111 |
+ "--localstatedir=/var/" \ |
112 |
+ "--enable-non-bundled-htp" \ |
113 |
+ $(use_enable af-packet) \ |
114 |
+ $(use_enable detection) \ |
115 |
+ $(use_enable nfqueue) \ |
116 |
+ $(use_enable test coccinelle) \ |
117 |
+ $(use_enable test unittests) \ |
118 |
+ $(use_enable control-socket unix-socket) |
119 |
+ ) |
120 |
+ |
121 |
+ if use cuda ; then |
122 |
+ myeconfargs+=( $(use_enable cuda) ) |
123 |
+ fi |
124 |
+ if use geoip ; then |
125 |
+ myeconfargs+=( $(use_enable geoip) ) |
126 |
+ fi |
127 |
+ if use hardened ; then |
128 |
+ myeconfargs+=( $(use_enable hardened gccprotect) ) |
129 |
+ fi |
130 |
+ if use nflog ; then |
131 |
+ myeconfargs+=( $(use_enable nflog) ) |
132 |
+ fi |
133 |
+ if use redis ; then |
134 |
+ myeconfargs+=( $(use_enable redis hiredis) ) |
135 |
+ fi |
136 |
+ # not supported yet (no pfring in portage) |
137 |
+# if use pfring ; then |
138 |
+# myeconfargs+=( $(use_enable pfring) ) |
139 |
+# fi |
140 |
+ # no libprelude in portage |
141 |
+# if use prelude ; theng |
142 |
+# myeconfargs+=( $(use_enable prelude) ) |
143 |
+# fi |
144 |
+ if use lua ; then |
145 |
+ myeconfargs+=( $(use_enable lua) ) |
146 |
+ fi |
147 |
+ if use luajit ; then |
148 |
+ myeconfargs+=( $(use_enable luajit) ) |
149 |
+ fi |
150 |
+ if (use !lua) && (use !luajit) ; then |
151 |
+ myeconfargs+=( |
152 |
+ --disable-lua |
153 |
+ --disable-luajit |
154 |
+ ) |
155 |
+ fi |
156 |
+ |
157 |
+# this should be used when pf_ring use flag support will be added |
158 |
+# LIBS+="-lrt -lnuma" |
159 |
+ |
160 |
+ # avoid upstream configure script trying to add -march=native to CFLAGS |
161 |
+ myeconfargs+=( --enable-gccmarch-native=no ) |
162 |
+ |
163 |
+ if use debug ; then |
164 |
+ myeconfargs+=( $(use_enable debug) ) |
165 |
+ # so we can get a backtrace according to "reporting bugs" on upstream web site |
166 |
+ CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]} |
167 |
+ else |
168 |
+ econf LIBS="${LIBS}" ${myeconfargs[@]} |
169 |
+ fi |
170 |
+} |
171 |
+ |
172 |
+src_install() { |
173 |
+ emake DESTDIR="${D}" install |
174 |
+ |
175 |
+ insinto "/etc/${PN}" |
176 |
+ doins {classification,reference,threshold}.config suricata.yaml |
177 |
+ |
178 |
+ if use rules ; then |
179 |
+ insinto "/etc/${PN}/rules" |
180 |
+ doins rules/*.rules |
181 |
+ fi |
182 |
+ |
183 |
+ dodir "/var/lib/${PN}" |
184 |
+ dodir "/var/log/${PN}" |
185 |
+ |
186 |
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" |
187 |
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" |
188 |
+ |
189 |
+ newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN} |
190 |
+ newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN} |
191 |
+ |
192 |
+ if use logrotate; then |
193 |
+ insopts -m0644 |
194 |
+ insinto /etc/logrotate.d |
195 |
+ newins "${FILESDIR}"/${PN}-logrotate ${PN} |
196 |
+ fi |
197 |
+} |
198 |
+ |
199 |
+pkg_postinst() { |
200 |
+ elog "The ${PN} init script expects to find the path to the configuration" |
201 |
+ elog "file as well as extra options in /etc/conf.d." |
202 |
+ elog "" |
203 |
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it" |
204 |
+ elog "then create a symlink to the init script from a link called" |
205 |
+ elog "${PN}.foo - like so" |
206 |
+ elog " cd /etc/${PN}" |
207 |
+ elog " ${EDITOR##*/} suricata-foo.yaml" |
208 |
+ elog " cd /etc/init.d" |
209 |
+ elog " ln -s ${PN} ${PN}.foo" |
210 |
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo." |
211 |
+ elog "" |
212 |
+ elog "You can create as many ${PN}.foo* services as you wish." |
213 |
+ |
214 |
+ if use logrotate; then |
215 |
+ elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/." |
216 |
+ fi |
217 |
+ |
218 |
+ if use debug; then |
219 |
+ elog "You enabled the debug USE flag. Please read this link to report bugs upstream:" |
220 |
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs" |
221 |
+ elog "You need to also ensure the FEATURES variable in make.conf contains the" |
222 |
+ elog "'nostrip' option to produce useful core dumps or back traces." |
223 |
+ fi |
224 |
+} |