Created attachment 437306 [details, diff] patch for sguil-sensor-0.9.0.ebuild Some time before version 0.9.0 upstream has split the sensor_agent into several distinct agents for different tasks. Because the sensor_agent.tcl executable is still in the source code the ebuild did not break. However, it is only there to print a deprecation notice. Therefore the current ebuild is quite useless. Attached is a patch to sguil-sensor-0.9.0.ebuild to reflect the changes, as well as init scripts for each agent. The init scripts are basically all the same as the sensor_agent script was before. Only the executable names differ. Note: I did not thorowly test the init scripts, as I am using systemd on all my mashines, but as they all do just start a deamon I assume they work. I'm also working on systemd units, which I will post in a separate bug report.
Created attachment 437308 [details] pads_agent.initd
Created attachment 437310 [details] pcap_agent.initd
Created attachment 437312 [details] pcap_agent-sancp.initd
Created attachment 437314 [details] sancp_agent.initd
Created attachment 437316 [details] snort_agent.initd
Created attachment 437574 [details, diff] patch for sguil-sensor-0.9.0.ebuild, v2 updated patch for the ebuild: Additional changes to the previous patch are: * added IUSE flag "sancp" to properly depend on sancp when needed, and only install either the sancp variants of the agents, or the normal ones. (they are mutually exclusive). * removed the pcap_agent-sancp.initd init scripts again in favor of installing the sancp variants with the same name as the usual agent names when the sancp use flag is set. * removed the "sed" dance messing with the agent source files in src_prepare(). Instead, I added the set PIDFILE option to all config files. This appears to me as a cleaner way to set the pid file pathes. * moved all pidfiles from /run/sguil-NAME.pid to run/sguil/NAME.pid. This is not strictly neccessary with the current init scripts, but will be useful when running the daemons as a non-root user (this will be done in the systemd units, see bug #585768) * added notice about agent split in pkg_postinst(), as well as a reference to the INSTALL doc file. * Fixed misleading variable name from HOSTNAME to SERVER_HOST in post_inst() from previous ebuild.
Created attachment 437576 [details] pads_agent.initd v2
Created attachment 437578 [details] pcap_agent.initd v2
Created attachment 437580 [details] sancp_agent.initd v2
Created attachment 437582 [details] snort_agent.initd v2
Created attachment 437584 [details] sguil-sensor-0.9.0-r1.ebuild (patched ebuild) And finally for convinience, the ebuild with the patch applied.
If you're at all still interested, would you mind rebasing this? Ideally would appreciate a git am-able patch (use git format-patch) against gentoo.git so I can just apply it as one file. I'm sorry nobody got to this before now.
