--- sguil-sensor-0.9.0-r1.ebuild 2016-06-15 00:26:13.294663271 +0200 +++ sguil-sensor-0.9.0-r1.ebuild.systemd 2016-06-15 00:45:27.884601912 +0200 @@ -4,7 +4,7 @@ EAPI=5 -inherit user +inherit eutils user systemd MY_PV="${PV/_p/p}" DESCRIPTION="Sensor part of sguil Network Security Monitoring" @@ -33,6 +33,8 @@ } src_prepare() { + epatch "${FILESDIR}/0.9.0_log_packets.patch" + local -a CONFIG_FILES=( sensor/pads_agent.conf sensor/pcap_agent.conf @@ -70,6 +72,14 @@ newinitd "${FILESDIR}/snort_agent.initd" snort_agent newconfd "${FILESDIR}/log_packets.confd" log_packets + systemd_dounit "${FILESDIR}/pads_agent.service" + systemd_dounit "${FILESDIR}/pcap_agent.service" + systemd_dounit "${FILESDIR}/snort_agent.service" + systemd_dounit "${FILESDIR}/log_packets.service" + systemd_dounit "${FILESDIR}/log_packets_rotate.timer" + systemd_dounit "${FILESDIR}/log_packets_rotate.service" + systemd_newtmpfilesd "${FILESDIR}/systemd-tmpfiles.conf" "sguil-sensor.conf" + insinto /etc/sguil doins sensor/pads_agent.conf doins sensor/snort_agent.conf @@ -79,14 +89,17 @@ dobin sensor/sancp_agent.tcl newbin sensor/pcap_agent-sancp.tcl pcap_agent.tcl + newbin sensor/log_packets-sancp.sh log_packets.sh newinitd "${FILESDIR}/sancp_agent.initd" sancp_agent + systemd_dounit "${FILESDIR}/sancp_agent.service" insinto /etc/sguil doins sensor/sancp_agent.conf doins sensor/sancp-indexed.conf newins sensor/pcap_agent-sancp.conf pcap_agent.conf else + dobin sensor/log_packets.sh dobin sensor/pcap_agent.tcl insinto /etc/sguil @@ -115,12 +128,22 @@ elog elog "If you use openrc as your init, you should crontab the" elog "/etc/init.d/log_packets script to restart each hour." + elog "If you are using systemd, The log_packets.service unit" + elog "will automatically start a timer unit to do that job," + elog "so you don't need to manually setup a cron job." elog elog "As of version 0.9.0 the former sguil_agent has been split up" elog "into multiple agents. If you are upgrading, you must review" elog "the agent config files in /etc/sguil and enable some or all" elog "of the following init scripts / systemd units:" elog + elog "openrc:\t\t\tsystemd:" + elog "/etc/init.d/pads_agent\tpads_agent.service" + elog "/etc/init.d/pcap_agent\tpcap_agent.service" + use sancp && elog "/etc/init.d/sancp_agent\tsancp_agent.service" + elog "/etc/init.d/snort_agent\tsnort_agent.service" + elog "/etc/init.d/log_packets\tlog_packets.service" + elog elog "You should read /usr/share/doc/sguil-sensor-${PVR}/INSTALL.bz2" elog "to learn about the interaction between the different agents" elog "and how to set up a working sguil stack."