Summary: | net-analyzer/sguil-sensor-0.9.0 does not install split agents | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Patrick Michaelis <michaelis> |
Component: | Current packages | Assignee: | Gentoo Netmon project <netmon> |
Status: | UNCONFIRMED --- | ||
Severity: | normal | CC: | sam |
Priority: | Normal | Keywords: | PATCH |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 585768 | ||
Attachments: |
patch for sguil-sensor-0.9.0.ebuild
pads_agent.initd pcap_agent.initd pcap_agent-sancp.initd sancp_agent.initd snort_agent.initd patch for sguil-sensor-0.9.0.ebuild, v2 pads_agent.initd v2 pcap_agent.initd v2 sancp_agent.initd v2 snort_agent.initd v2 sguil-sensor-0.9.0-r1.ebuild (patched ebuild) |
Created attachment 437308 [details]
pads_agent.initd
Created attachment 437310 [details]
pcap_agent.initd
Created attachment 437312 [details]
pcap_agent-sancp.initd
Created attachment 437314 [details]
sancp_agent.initd
Created attachment 437316 [details]
snort_agent.initd
Created attachment 437574 [details, diff] patch for sguil-sensor-0.9.0.ebuild, v2 updated patch for the ebuild: Additional changes to the previous patch are: * added IUSE flag "sancp" to properly depend on sancp when needed, and only install either the sancp variants of the agents, or the normal ones. (they are mutually exclusive). * removed the pcap_agent-sancp.initd init scripts again in favor of installing the sancp variants with the same name as the usual agent names when the sancp use flag is set. * removed the "sed" dance messing with the agent source files in src_prepare(). Instead, I added the set PIDFILE option to all config files. This appears to me as a cleaner way to set the pid file pathes. * moved all pidfiles from /run/sguil-NAME.pid to run/sguil/NAME.pid. This is not strictly neccessary with the current init scripts, but will be useful when running the daemons as a non-root user (this will be done in the systemd units, see bug #585768) * added notice about agent split in pkg_postinst(), as well as a reference to the INSTALL doc file. * Fixed misleading variable name from HOSTNAME to SERVER_HOST in post_inst() from previous ebuild. Created attachment 437576 [details]
pads_agent.initd v2
Created attachment 437578 [details]
pcap_agent.initd v2
Created attachment 437580 [details]
sancp_agent.initd v2
Created attachment 437582 [details]
snort_agent.initd v2
Created attachment 437584 [details]
sguil-sensor-0.9.0-r1.ebuild (patched ebuild)
And finally for convinience, the ebuild with the patch applied.
If you're at all still interested, would you mind rebasing this? Ideally would appreciate a git am-able patch (use git format-patch) against gentoo.git so I can just apply it as one file. I'm sorry nobody got to this before now. |
Created attachment 437306 [details, diff] patch for sguil-sensor-0.9.0.ebuild Some time before version 0.9.0 upstream has split the sensor_agent into several distinct agents for different tasks. Because the sensor_agent.tcl executable is still in the source code the ebuild did not break. However, it is only there to print a deprecation notice. Therefore the current ebuild is quite useless. Attached is a patch to sguil-sensor-0.9.0.ebuild to reflect the changes, as well as init scripts for each agent. The init scripts are basically all the same as the sensor_agent script was before. Only the executable names differ. Note: I did not thorowly test the init scripts, as I am using systemd on all my mashines, but as they all do just start a deamon I assume they work. I'm also working on systemd units, which I will post in a separate bug report.