diff options
| author |   Bryan Stine <battousai@gentoo.org> | 2010-06-03 21:55:40 +0000 |
|---|---|---|
| committer | Bryan Stine <battousai@gentoo.org> | 2010-06-03 21:55:40 +0000 |
| commit | e427177639aa28ed5058803736e52d41aa827594 (patch) | |
| tree | a6d94f406b1dffc1ad6498bfb5d2efdf10432b29 /net-firewall | |
| parent | Automated update of use.local.desc (diff) | |
| download | gentoo-2-e427177639aa28ed5058803736e52d41aa827594.tar.gz gentoo-2-e427177639aa28ed5058803736e52d41aa827594.tar.bz2 gentoo-2-e427177639aa28ed5058803736e52d41aa827594.zip | |
Bump to 2.1.5-r2 with fix for bug #298262, drop older 2.1.5 versions.
(Portage version: 2.1.8.3/cvs/Linux x86_64)
Diffstat (limited to 'net-firewall')
| -rw-r--r-- | net-firewall/psad/ChangeLog | 9 | ||||
| -rw-r--r-- | net-firewall/psad/psad-2.1.4.ebuild | 6 | ||||
| -rw-r--r-- | net-firewall/psad/psad-2.1.5-r2.ebuild (renamed from net-firewall/psad/psad-2.1.5-r1.ebuild) | 19 | ||||
| -rw-r--r-- | net-firewall/psad/psad-2.1.5.ebuild | 146 |
4 files changed, 22 insertions, 158 deletions
diff --git a/net-firewall/psad/ChangeLog b/net-firewall/psad/ChangeLog index 220b3c76ed36..d5deebef2aad 100644 --- a/net-firewall/psad/ChangeLog +++ b/net-firewall/psad/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-firewall/psad # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.47 2010/03/18 19:08:19 battousai Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.48 2010/06/03 21:55:40 battousai Exp $ + +*psad-2.1.5-r2 (03 Jun 2010) + + 03 Jun 2010; Bryan Stine <battousai@gentoo.org> psad-2.1.4.ebuild, + -psad-2.1.5.ebuild, -psad-2.1.5-r1.ebuild, +psad-2.1.5-r2.ebuild: + Bump to 2.1.5-r2, moving config file changes to pkg_preinst to fix bug + #298262. Drop older 2.1.5 versions. This will be targetted for stable. *psad-2.1.5-r1 (18 Mar 2010) diff --git a/net-firewall/psad/psad-2.1.4.ebuild b/net-firewall/psad/psad-2.1.4.ebuild index 65552d2f3a8d..61ea2be89995 100644 --- a/net-firewall/psad/psad-2.1.4.ebuild +++ b/net-firewall/psad/psad-2.1.4.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2008 Gentoo Foundation +# Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.4.ebuild,v 1.1 2008/09/12 05:03:41 battousai Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.4.ebuild,v 1.2 2010/06/03 21:55:40 battousai Exp $ inherit eutils perl-app @@ -64,7 +64,7 @@ src_install() { insinto /usr dosbin kmsgsd psad psadwatchd newsbin fwcheck_psad.pl fwcheck_psad - dobin pscan + dobin psad-pscan cd "${S}" diff --git a/net-firewall/psad/psad-2.1.5-r1.ebuild b/net-firewall/psad/psad-2.1.5-r2.ebuild index 1385b5e67562..049b3ecc0d7d 100644 --- a/net-firewall/psad/psad-2.1.5-r1.ebuild +++ b/net-firewall/psad/psad-2.1.5-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.5-r1.ebuild,v 1.1 2010/03/18 19:08:19 battousai Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.5-r2.ebuild,v 1.1 2010/06/03 21:55:40 battousai Exp $ inherit eutils perl-app @@ -68,8 +68,6 @@ src_install() { cd "${S}" - fix_psad_conf - insinto /etc/psad doins *.conf doins psad_* @@ -87,6 +85,11 @@ src_install() { dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README SCAN_LOG } +pkg_preinst() { + # Set sane defaults in config file. + fix_psad_conf +} + pkg_postinst() { if [ ! -p "${ROOT}"/var/lib/psad/psadfifo ] then @@ -131,16 +134,16 @@ pkg_postinst() { } fix_psad_conf() { - cp psad.conf psad.conf.orig + PSADCONF="${D}/etc/psad/psad.conf" # Ditch the _CHANGEME_ for hostname, substituting in our real hostname [ -e /etc/hostname ] && myhostname="$(< /etc/hostname)" [ "${myhostname}" == "" ] && myhostname="$HOSTNAME" mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)" - sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed" + sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" "${PSADCONF}" || die "fix_psad_conf failed" # Fix up paths - sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed" - sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed" - sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed" + sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" "${PSADCONF}" || die "fix_psad_conf failed" + sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" "${PSADCONF}" || die "fix_psad_conf failed" + sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" "${PSADCONF}" || die "fix_psad_conf failed" } diff --git a/net-firewall/psad/psad-2.1.5.ebuild b/net-firewall/psad/psad-2.1.5.ebuild deleted file mode 100644 index 86ce5d179ae6..000000000000 --- a/net-firewall/psad/psad-2.1.5.ebuild +++ /dev/null @@ -1,146 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.5.ebuild,v 1.2 2010/03/10 19:37:06 battousai Exp $ - -inherit eutils perl-app - -IUSE="" - -DESCRIPTION="Port Scanning Attack Detection daemon" -SRC_URI="http://www.cipherdyne.org/psad/download/${P}.tar.bz2" -HOMEPAGE="http://www.cipherdyne.org/psad" - -SLOT="0" -LICENSE="GPL-2" -KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86" - -DEPEND="${DEPEND} - dev-lang/perl" - -RDEPEND="virtual/logger - dev-perl/Unix-Syslog - dev-perl/Date-Calc - virtual/mailx - net-firewall/iptables - net-misc/whois" - -src_compile() { - cd "${S}"/deps/Net-IPv4Addr - SRC_PREP="no" perl-module_src_compile - emake test - - cd "${S}"/deps/IPTables-Parse - SRC_PREP="no" perl-module_src_compile - emake test - - cd "${S}"/deps/IPTables-ChainMgr - SRC_PREP="no" perl-module_src_compile - emake test - - cd "${S}" - # We'll use the C binaries - emake || die "Make failed: daemons" -} - -src_install() { - local myhostname= - local mydomain= - - doman *.8 - - keepdir /var/lib/psad /var/log/psad /var/run/psad /var/lock/subsys/${PN} - dodir /etc/psad - - cd "${S}"/deps/Net-IPv4Addr - perl-module_src_install - - cd "${S}"/deps/IPTables-ChainMgr - perl-module_src_install - - cd "${S}"/deps/IPTables-Parse - perl-module_src_install - - cd "${S}" - insinto /usr - dosbin kmsgsd psad psadwatchd - newsbin fwcheck_psad.pl fwcheck_psad - newbin pscan psad-pscan - - cd "${S}" - - fix_psad_conf - - insinto /etc/psad - doins *.conf - doins psad_* - doins auto_dl icmp_types ip_options posf signatures pf.os - - cd "${S}"/init-scripts - newinitd psad-init.gentoo psad - - cd "${S}"/deps/snort_rules - dodir /etc/psad/snort_rules - insinto /etc/psad/snort_rules - doins *.rules - - cd "${S}" - dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README SCAN_LOG -} - -pkg_postinst() { - if [ ! -p "${ROOT}"/var/lib/psad/psadfifo ] - then - ebegin "Creating syslog FIFO for PSAD" - mknod -m 600 "${ROOT}"/var/lib/psad/psadfifo p - eend $? - fi - - echo - elog "Please be sure to edit /etc/psad/psad.conf to reflect your system's" - elog "configuration or it may not work correctly or start up. Specifically, check" - elog "the validity of the HOSTNAME setting and replace the EMAIL_ADDRESSES and" - elog "HOME_NET settings at the least." - elog - if has_version ">=app-admin/syslog-ng-0.0.0" - then - ewarn "You appear to have installed syslog-ng. If you are using syslog-ng as your" - ewarn "default system logger, please change the SYSLOG_DAEMON entry in" - ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):" - ewarn " SYSLOG_DAEMON syslog-ng;" - ewarn - fi - if has_version ">=app-admin/sysklogd-0.0.0" - then - elog "You have sysklogd installed. If this is your default system logger, no" - elog "special configuration is needed. If it is not, please set SYSLOG_DAEMON" - elog "in /etc/psad/psad.conf accordingly." - elog - fi - if has_version ">=app-admin/metalog-0.0" - then - ewarn "You appear to have installed metalog. If you are using metalog as your" - ewarn "default system logger, please change the SYSLOG_DAEMON entry in" - ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):" - ewarn " SYSLOG_DAEMON metalog" - fi - - ewarn "NOTE: You need firewall rules to log dropped packets. Otherwise PSAD will" - ewarn "not be aware of any port scan attacks. Please see FW_EXAMPLE_RULES in the" - ewarn "psad documentation directory (ie /usr/share/doc/${P}) for the criteria and" - ewarn "sample rules." -} - -fix_psad_conf() { - cp psad.conf psad.conf.orig - - # Ditch the _CHANGEME_ for hostname, substituting in our real hostname - [ -e /etc/hostname ] && myhostname="$(< /etc/hostname)" - [ "${myhostname}" == "" ] && myhostname="$HOSTNAME" - mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)" - sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed" - - # Fix up paths - sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed" - sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed" - sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed" -} |