[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/ - gentoo-commits

From:	Slawek Lis <slis@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
Date:	Tue, 27 Dec 2016 07:33:35
Message-Id:	`1482823990.a43050c1456321619ef97dfdeb5a158593fef58d.slis@gentoo`

1

commit:     a43050c1456321619ef97dfdeb5a158593fef58d

2

Author:     Slawomir Lis <slis <AT> gentoo <DOT> org>

3

AuthorDate: Tue Dec 27 07:33:10 2016 +0000

4

Commit:     Slawek Lis <slis <AT> gentoo <DOT> org>

5

CommitDate: Tue Dec 27 07:33:10 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a43050c1

7

8

net-analyzer/suricata: updated init script and config file

9

10

Updated way the script starts suricata, it allows to define config values

11

inline now.

12

13

Details in bug 602590.

14

15

Package-Manager: Portage-2.3.3, Repoman-2.3.1

16

17

 net-analyzer/suricata/files/suricata-3.2-conf |  4 ++--

18

 net-analyzer/suricata/files/suricata-3.2-init | 26 ++++++++++++--------------

19

 net-analyzer/suricata/suricata-3.2.ebuild     |  2 --

20

 3 files changed, 14 insertions(+), 18 deletions(-)

21

22

diff --git a/net-analyzer/suricata/files/suricata-3.2-conf b/net-analyzer/suricata/files/suricata-3.2-conf

23

index bc6e281..61715ba 100644

24

--- a/net-analyzer/suricata/files/suricata-3.2-conf

25

+++ b/net-analyzer/suricata/files/suricata-3.2-conf

26

@@ -23,8 +23,8 @@

27

#

28

 # You can then define the following options here:

29

30

-# SURICATA_OPTS_q0="-i eth0"

31

-# SURICATA_OPTS_q1="-i eth1"

32

+# SURICATA_OPTS_q0="-q 0"

33

+# SURICATA_OPTS_q1="-q 1"

34

35

 # If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata

36

 # then you can set:

37

38

diff --git a/net-analyzer/suricata/files/suricata-3.2-init b/net-analyzer/suricata/files/suricata-3.2-init

39

index 3a9c356..d612815 100644

40

--- a/net-analyzer/suricata/files/suricata-3.2-init

41

+++ b/net-analyzer/suricata/files/suricata-3.2-init

42

@@ -16,6 +16,7 @@ else

43

     SURICATAPID="/var/run/suricata/suricata.pid"

44

     SURICATAOPTS=${SURICATA_OPTS}

45

fi

46

+[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"

47

48

 extra_commands="checkconfig"

49

 extra_started_commands="reload relog"

50

@@ -28,8 +29,9 @@ depend() {

51

52

 checkconfig() {

53

 	if [ ! -e ${SURICATACONF} ] ; then

54

-		eerror "You need to create ${SURICATACONF} to run ${SVCNAME}."

55

-		return 1

56

+		einfo "The configuration file ${SURICATACONF} was not found."

57

+		einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."

58

+		einfo "Take a look at the suricata arguments --set and --dump-config."

59

fi

60

 	if [ ! -d "/var/run/suricata" ] ; then

61

 		checkpath -d /var/run/suricata

62

@@ -37,7 +39,7 @@ checkconfig() {

63

}

64

65

 initpidinfo() {

66

-	[ -f ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"

67

+	[ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"

68

 	if [ ${#SUR_PID} -gt 0 ]; then

69

 	    SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"

70

 	    SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"

71

@@ -46,7 +48,7 @@ initpidinfo() {

72

73

 checkpidinfo() {

74

 	initpidinfo

75

-        if [ ! -f ${SURICATAPID} ]; then

76

+        if [ ! -e ${SURICATAPID} ]; then

77

         	eerror "${SVCNAME} isn't running"

78

                 return 1

79

 	elif [ ${#SUR_PID} -eq 0 ] || [ $((SUR_PID_CHECK)) -ne 1 ]; then

80

@@ -65,12 +67,11 @@ start() {

81

 	checkconfig || return 1

82

 	ebegin "Starting ${SVCNAME}"

83

 	start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \

84

-		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} \

85

-		 -c ${SURICATACONF} >/dev/null 2>&1

86

+		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} >/dev/null 2>&1

87

 	local SUR_EXIT=$?

88

 	if [ $((SUR_EXIT)) -ne 0 ]; then

89

 	    einfo "Could not start ${SURICATA_BIN} with:"

90

-	    einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} -c ${SURICATACONF}"

91

+	    einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS}"

92

 	    einfo "Exit code ${SUR_EXIT}"

93

fi

94

 	eend ${SUR_EXIT}

95

@@ -80,14 +81,13 @@ stop() {

96

 	ebegin "Stopping ${SVCNAME}"

97

 	initpidinfo

98

 	start-stop-daemon --stop --quiet --pidfile ${SURICATAPID} >/dev/null 2>&1

99

-	einfon "Waiting for ${SVCNAME} to shut down. This can take a while..."

100

-	echo

101

+	einfo "Waiting for ${SVCNAME} to shut down. This can take a while..."

102

 	# max wait: 5 minutes as it can take quite a while on some systems with heavy traffic

103

 	local cnt=300

104

-	while [ -f ${SURICATAPID} ] && [ $cnt -gt 0 ]; do

105

+	while [ -e ${SURICATAPID} ] && [ $cnt -gt 0 ]; do

106

 	    cnt=$(expr $cnt - 1)

107

 	    sleep 1

108

-	    echo -ne "$cnt seconds left before we give up checking the PID file...\r"

109

+	    einfo -ne "$cnt seconds left before we give up checking the PID file...\r"

110

 	done

111

 	# under certain conditions suricata can be pretty slow and the PID can persist long after the pidfile has been removed

112

 	# max wait for process to terminate: 1 minute

113

@@ -95,19 +95,17 @@ stop() {

114

 	    cnt=60

115

 	    SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"

116

 	    if [ $((SUR_PID_CHECK)) -ne 0 ]; then

117

-		echo

118

 		einfo "The PID file ${SURICATAPID} is gone but the ${SVCNAME} PID ${SUR_PID} is still running."

119

 		einfo "Waiting for process to shut down on its own. This can take a while..."

120

fi

121

 	    while [ $((SUR_PID_CHECK)) -ne 0 ]; do

122

 		cnt=$(expr $cnt - 1)

123

 		if [ $cnt -lt 1 ] ; then

124

-		    echo

125

 		    eend 1 "Failed. You might need to kill PID ${SUR_PID} or find out why it can't be stopped."

126

 		    break

127

fi

128

 		sleep 1

129

-		echo -ne "$cnt seconds left before we give up checking PID ${SUR_PID}...\r"

130

+		einfo -ne "$cnt seconds left before we give up checking PID ${SUR_PID}...\r"

131

 		SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"

132

 	    done

133

fi

134

135

diff --git a/net-analyzer/suricata/suricata-3.2.ebuild b/net-analyzer/suricata/suricata-3.2.ebuild

136

index 078186b..ba4903c 100644

137

--- a/net-analyzer/suricata/suricata-3.2.ebuild

138

+++ b/net-analyzer/suricata/suricata-3.2.ebuild

139

@@ -118,8 +118,6 @@ src_install() {

140

141

 	dodir "/var/lib/${PN}"

142

 	dodir "/var/log/${PN}"

143

-	dodir "/var/log/${PN}" \

144

-		"/var/lib/${PN}"

145

146

 	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"

147

 	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"

1	commit: a43050c1456321619ef97dfdeb5a158593fef58d
2	Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
3	AuthorDate: Tue Dec 27 07:33:10 2016 +0000
4	Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
5	CommitDate: Tue Dec 27 07:33:10 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a43050c1
7
8	net-analyzer/suricata: updated init script and config file
9
10	Updated way the script starts suricata, it allows to define config values
11	inline now.
12
13	Details in bug 602590.
14
15	Package-Manager: Portage-2.3.3, Repoman-2.3.1
16
17	net-analyzer/suricata/files/suricata-3.2-conf \| 4 ++--
18	net-analyzer/suricata/files/suricata-3.2-init \| 26 ++++++++++++--------------
19	net-analyzer/suricata/suricata-3.2.ebuild \| 2 --
20	3 files changed, 14 insertions(+), 18 deletions(-)
21
22	diff --git a/net-analyzer/suricata/files/suricata-3.2-conf b/net-analyzer/suricata/files/suricata-3.2-conf
23	index bc6e281..61715ba 100644
24	--- a/net-analyzer/suricata/files/suricata-3.2-conf
25	+++ b/net-analyzer/suricata/files/suricata-3.2-conf
26	@@ -23,8 +23,8 @@
27	#
28	# You can then define the following options here:
29
30	-# SURICATA_OPTS_q0="-i eth0"
31	-# SURICATA_OPTS_q1="-i eth1"
32	+# SURICATA_OPTS_q0="-q 0"
33	+# SURICATA_OPTS_q1="-q 1"
34
35	# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata
36	# then you can set:
37
38	diff --git a/net-analyzer/suricata/files/suricata-3.2-init b/net-analyzer/suricata/files/suricata-3.2-init
39	index 3a9c356..d612815 100644
40	--- a/net-analyzer/suricata/files/suricata-3.2-init
41	+++ b/net-analyzer/suricata/files/suricata-3.2-init
42	@@ -16,6 +16,7 @@ else
43	SURICATAPID="/var/run/suricata/suricata.pid"
44	SURICATAOPTS=${SURICATA_OPTS}
45	fi
46	+[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
47
48	extra_commands="checkconfig"
49	extra_started_commands="reload relog"
50	@@ -28,8 +29,9 @@ depend() {
51
52	checkconfig() {
53	if [ ! -e ${SURICATACONF} ] ; then
54	- eerror "You need to create ${SURICATACONF} to run ${SVCNAME}."
55	- return 1
56	+ einfo "The configuration file ${SURICATACONF} was not found."
57	+ einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."
58	+ einfo "Take a look at the suricata arguments --set and --dump-config."
59	fi
60	if [ ! -d "/var/run/suricata" ] ; then
61	checkpath -d /var/run/suricata
62	@@ -37,7 +39,7 @@ checkconfig() {
63	}
64
65	initpidinfo() {
66	- [ -f ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
67	+ [ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
68	if [ ${#SUR_PID} -gt 0 ]; then
69	SUR_PID_CHECK="$(ps -eo pid \| grep -c ${SUR_PID})"
70	SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"
71	@@ -46,7 +48,7 @@ initpidinfo() {
72
73	checkpidinfo() {
74	initpidinfo
75	- if [ ! -f ${SURICATAPID} ]; then
76	+ if [ ! -e ${SURICATAPID} ]; then
77	eerror "${SVCNAME} isn't running"
78	return 1
79	elif [ ${#SUR_PID} -eq 0 ] \|\| [ $((SUR_PID_CHECK)) -ne 1 ]; then
80	@@ -65,12 +67,11 @@ start() {
81	checkconfig \|\| return 1
82	ebegin "Starting ${SVCNAME}"
83	start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
84	- -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} \
85	- -c ${SURICATACONF} >/dev/null 2>&1
86	+ -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} >/dev/null 2>&1
87	local SUR_EXIT=$?
88	if [ $((SUR_EXIT)) -ne 0 ]; then
89	einfo "Could not start ${SURICATA_BIN} with:"
90	- einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} -c ${SURICATACONF}"
91	+ einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS}"
92	einfo "Exit code ${SUR_EXIT}"
93	fi
94	eend ${SUR_EXIT}
95	@@ -80,14 +81,13 @@ stop() {
96	ebegin "Stopping ${SVCNAME}"
97	initpidinfo
98	start-stop-daemon --stop --quiet --pidfile ${SURICATAPID} >/dev/null 2>&1
99	- einfon "Waiting for ${SVCNAME} to shut down. This can take a while..."
100	- echo
101	+ einfo "Waiting for ${SVCNAME} to shut down. This can take a while..."
102	# max wait: 5 minutes as it can take quite a while on some systems with heavy traffic
103	local cnt=300
104	- while [ -f ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
105	+ while [ -e ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
106	cnt=$(expr $cnt - 1)
107	sleep 1
108	- echo -ne "$cnt seconds left before we give up checking the PID file...\r"
109	+ einfo -ne "$cnt seconds left before we give up checking the PID file...\r"
110	done
111	# under certain conditions suricata can be pretty slow and the PID can persist long after the pidfile has been removed
112	# max wait for process to terminate: 1 minute
113	@@ -95,19 +95,17 @@ stop() {
114	cnt=60
115	SUR_PID_CHECK="$(ps -eo pid \| grep -c ${SUR_PID})"
116	if [ $((SUR_PID_CHECK)) -ne 0 ]; then
117	- echo
118	einfo "The PID file ${SURICATAPID} is gone but the ${SVCNAME} PID ${SUR_PID} is still running."
119	einfo "Waiting for process to shut down on its own. This can take a while..."
120	fi
121	while [ $((SUR_PID_CHECK)) -ne 0 ]; do
122	cnt=$(expr $cnt - 1)
123	if [ $cnt -lt 1 ] ; then
124	- echo
125	eend 1 "Failed. You might need to kill PID ${SUR_PID} or find out why it can't be stopped."
126	break
127	fi
128	sleep 1
129	- echo -ne "$cnt seconds left before we give up checking PID ${SUR_PID}...\r"
130	+ einfo -ne "$cnt seconds left before we give up checking PID ${SUR_PID}...\r"
131	SUR_PID_CHECK="$(ps -eo pid \| grep -c ${SUR_PID})"
132	done
133	fi
134
135	diff --git a/net-analyzer/suricata/suricata-3.2.ebuild b/net-analyzer/suricata/suricata-3.2.ebuild
136	index 078186b..ba4903c 100644
137	--- a/net-analyzer/suricata/suricata-3.2.ebuild
138	+++ b/net-analyzer/suricata/suricata-3.2.ebuild
139	@@ -118,8 +118,6 @@ src_install() {
140
141	dodir "/var/lib/${PN}"
142	dodir "/var/log/${PN}"
143	- dodir "/var/log/${PN}" \
144	- "/var/lib/${PN}"
145
146	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
147	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"

Gentoo Archives: gentoo-commits