diff options
Diffstat (limited to 'app-admin/sagan')
| -rw-r--r-- | app-admin/sagan/Manifest | 8 | ||||
| -rw-r--r-- | app-admin/sagan/files/sagan.service | 14 | ||||
| -rw-r--r-- | app-admin/sagan/metadata.xml | 6 | ||||
| -rw-r--r-- | app-admin/sagan/sagan-1.0.0_rc3-r1.ebuild | 15 | ||||
| -rw-r--r-- | app-admin/sagan/sagan-2.0.1-r2.ebuild (renamed from app-admin/sagan/sagan-1.0.0_rc3.ebuild) | 62 |
5 files changed, 68 insertions, 37 deletions
diff --git a/app-admin/sagan/Manifest b/app-admin/sagan/Manifest index 9fe16b6afdab..57fa8d10fee9 100644 --- a/app-admin/sagan/Manifest +++ b/app-admin/sagan/Manifest @@ -2,7 +2,9 @@ AUX sagan-1.0.0-liblognorm-json-c.patch 2472 BLAKE2B dc04f9949709523c3516d7b9693 AUX sagan.confd 239 BLAKE2B 2ca76c1bd5bdb7b29f007a4d93602f020f76b10d6e4313e138e09b49de0b0c6796bc729f32e88831881bdcd52637bfb3a8e42481d89a09648a2833a000570ace SHA512 7ee746984d3bb3361e3155860d54e307f9b94b9e3f98c09c29b4259cd37d7aefe969b5b942c04048328ec23265a2689b22403c32e3552b8062201aca2ef3ac34 AUX sagan.init 432 BLAKE2B 561344909a8f6610504f91bf72ba6fa89ac03fdacacd3189372f466b690b3421c3f1a8ce4750b747c53613c75f9b61696ec7b3c490597eb0eca36ebece23a26e SHA512 c5ec82e48ac33785a0e63deb6b2079e97a2f9b5f96682ccbf646b4deae5782cbceb5756b17fdff7af8cafd4e561e298d842c4c4f4aa5229ccc58f5f0fc06e6f7 AUX sagan.init-r1 424 BLAKE2B e6fdd676e772d2abfca02215026a95321edecb41fcbeec3aa45afe15abd667e323ec2f21375d41c692b9648017002c0b410d551034dcbd3f060f5bb1e2f95026 SHA512 341754a9b18fa4b4082a852cec2eaa5ea78be33eb9d8cdef5b7ec61a9d67d3b264b2c6a2aef030bd85d3644539447345c88fd23ebe99145e40f990f565706809 +AUX sagan.service 277 BLAKE2B 524e83a05a0a7e8f83585add01f3365f573dbb0d1dc773ab68b42078267cad1d45f3cf872dfdf2048f8639d1c6edfdf94d5b7c31d7f5760f86430e7b84db6ee4 SHA512 ba8efb9e7f42f15789d63bc7ae0a4c77391ae14c1bb44924634f9fb63c8f2b44d920bce564d60e10816f605c3e6ef572438ca637c9853a350d551462a502a723 DIST sagan-1.0.0RC3.tar.gz 285207 BLAKE2B 7322ffc73a8e86f07ef106b04feb9140ba94a51b9e286ef0c0b0d3fa609e8e03cef4c75e1d32502c1b70a4c078d8601d2a1c58058137bb793c8a52cecc4be20b SHA512 29388a339b290bb4de2359c0c54b9e1d43ef207b223a499a1a4faa36de4d9590a777a796dd773948e995d052b71f3ef47ca5bad5c133116c4dbb53b4fe336123 -EBUILD sagan-1.0.0_rc3-r1.ebuild 2240 BLAKE2B f19ab9234e2698a256d1a13a9447ccd29b8eea2fc6b70f869fc79993e4eab499430e8b359dc3c0b010e2f3e04a436d25b99ce529b1471b9949396b3324bc2530 SHA512 50244adcd1cfd9cbf36fa379ffa4c4328460d1a90ff62f05cec022605182d1244922a7c93e60f798e00a2bea1c1e496b522d901a831363c660070fcc147c62a8 -EBUILD sagan-1.0.0_rc3.ebuild 2066 BLAKE2B a7b9d6e3ecc1c8198505b72dd08328075aa545c5265d35f943c448075211cf2324c780b44bc75017fa34f91c6e87a284177fccc2f02b586b780b848b07c62544 SHA512 ef580c4525f352e7f774a5f65473769d752212d405229fce861cd10fd48aac3c2b21bd39f6c4876edd15a18ea975cadc07be0dd778b7c1c7c345ec30e9dbe7f9 -MISC metadata.xml 629 BLAKE2B ab8f452365cfd2ea879f2f83b6dedf059ba5ec7e686eed8b6135dc38775a2cf59ec46fdfe26638a092fbf1fb6d39567b0e302bf737bb45ff79b265c87941e163 SHA512 7e70965cff17dcb2a7c7fbebaab5e53a5c0b5050d02c00b5dc2e1e3ea0650726fda8456957c5d84b680d14aab0163bc0fcde99b40b4136f229ec254414003ca6 +DIST sagan-2.0.1.tar.gz 487936 BLAKE2B 84a137bb0001c6758979d17cf67442262f732f7d49ce397183c0c226d6135e2c3cd8362452ef6b893e75a9cf5e874256d88f740b94df0dfa39587fc771ad4f8d SHA512 0cc288b67f641346bb0dbfcac2682c8c2b09e3e508b94dd5b2d5a81c2a80c7989f1d54725041210511877bd6b2338e8b0fdcae01f7084d39d48abef073d1fe64 +EBUILD sagan-1.0.0_rc3-r1.ebuild 2237 BLAKE2B d911a530d495310f1e98294063d5a181cd391fde4c5385f0f79c206c75caf735d3a1edb7f14c9cee86d8248b601dcadc7c229dce09f010e06e8e15bb55fc892a SHA512 c26f4a6bdb8c8f51b4b98e202f25351e202ad57f350ad7eda2d6982dc109aebfaa06bdd10cd4818fbb1f8ae12b7a1efba5b962cb67de0a130937fbaf2cd4ba6d +EBUILD sagan-2.0.1-r2.ebuild 2422 BLAKE2B 0509f1784c9be4175dcf87f837e13b5c990353cfa408eb540e139a0286f8ac76138a332a1cc6923d6069dfe1e25f3c9964d858fcc47220714368b21eefb0f253 SHA512 1a27436452ef3c9615dce99af235832b2c477afe6a2348f545d73c4a2c703c39532cc0d59bc2959c700724a67e404330aa2e12d40954aa20e3afb5b9e03600c0 +MISC metadata.xml 805 BLAKE2B fe11cb2f2a1d73d2c8da9ef9df8abe1974e4e8ac95a0c91e3eca63828a3db2f8872c43961af2b279a942e299c1b2bc7a1ecd781b3051d92775339b2653c27ee0 SHA512 9a85b9166631c8522f4939876af5a9094f1637659d1ffce0c72707415a9433e0075cc240e2222e101640e21e9fc6f514c37d347915831254edf8e08e7239042d diff --git a/app-admin/sagan/files/sagan.service b/app-admin/sagan/files/sagan.service new file mode 100644 index 000000000000..30a0e12822a0 --- /dev/null +++ b/app-admin/sagan/files/sagan.service @@ -0,0 +1,14 @@ +[Unit] +Description=Sagan daemon +Documentation=https://sagan.readthedocs.io/ +Before=rsyslog.service syslog-ng.service + +[Service] +User=sagan +Group=sagan +ExecStart=/usr/bin/sagan $OPTIONS +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/app-admin/sagan/metadata.xml b/app-admin/sagan/metadata.xml index 0d86eaaa62e9..4a81536f6250 100644 --- a/app-admin/sagan/metadata.xml +++ b/app-admin/sagan/metadata.xml @@ -5,8 +5,12 @@ <use> <flag name="smtp">Build witch SMTP (E-Mail) support</flag> <flag name="lognorm">Add support for log/rules normalizations via <pkg>dev-libs/liblognorm</pkg></flag> + <flag name="redis">Add support for the Redis database via <pkg>dev-libs/hiredis</pkg></flag> <flag name="pcap">Add support for network packet capture via <pkg>net-libs/libpcap</pkg></flag> <flag name="libdnet">Add support for <pkg>dev-libs/libdnet</pkg></flag> - <flag name="snort">Add support to interact with Snort IDE using <pkg>net-analyzer/snortsam</pkg>'</flag> + <flag name="snort">Add support to interact with Snort IDE using <pkg>net-analyzer/snortsam</pkg></flag> </use> + <upstream> + <remote-id type="github">quadrantsec/sagan</remote-id> + </upstream> </pkgmetadata> diff --git a/app-admin/sagan/sagan-1.0.0_rc3-r1.ebuild b/app-admin/sagan/sagan-1.0.0_rc3-r1.ebuild index 5177f7debcaa..959ab0672dc9 100644 --- a/app-admin/sagan/sagan-1.0.0_rc3-r1.ebuild +++ b/app-admin/sagan/sagan-1.0.0_rc3-r1.ebuild @@ -12,24 +12,25 @@ S="${WORKDIR}/sagan-1.0.0RC3/" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~x86" +KEYWORDS="amd64 x86" IUSE="geoip +libdnet +lognorm mysql +pcap smtp snort" BDEPEND="virtual/pkgconfig" -RDEPEND="dev-libs/libpcre +RDEPEND=" app-admin/sagan-rules[lognorm?] - smtp? ( net-libs/libesmtp ) - pcap? ( net-libs/libpcap ) + dev-libs/libpcre + geoip? ( dev-libs/geoip ) lognorm? ( dev-libs/liblognorm dev-libs/json-c:= dev-libs/libee dev-libs/libestr - ) + ) libdnet? ( dev-libs/libdnet ) + pcap? ( net-libs/libpcap ) + smtp? ( net-libs/libesmtp ) snort? ( >=net-analyzer/snortsam-2.50 ) - geoip? ( dev-libs/geoip ) - " +" DEPEND="${RDEPEND}" # Package no longer logs directly to a database diff --git a/app-admin/sagan/sagan-1.0.0_rc3.ebuild b/app-admin/sagan/sagan-2.0.1-r2.ebuild index e03a2f39f7e4..bc1c370afaac 100644 --- a/app-admin/sagan/sagan-1.0.0_rc3.ebuild +++ b/app-admin/sagan/sagan-2.0.1-r2.ebuild @@ -3,46 +3,45 @@ EAPI=7 -inherit autotools flag-o-matic user +inherit autotools flag-o-matic systemd DESCRIPTION="Sagan is a multi-threaded, real time system and event log monitoring system" -HOMEPAGE="http://sagan.quadrantsec.com/" -SRC_URI="http://sagan.quadrantsec.com/download/sagan-1.0.0RC3.tar.gz" -S="${WORKDIR}/sagan-1.0.0RC3/" +HOMEPAGE="https://sagan.quadrantsec.com/" +SRC_URI="https://sagan.quadrantsec.com/download/${P}.tar.gz" LICENSE="GPL-2" SLOT="0" -KEYWORDS="amd64 x86" -IUSE="geoip +libdnet +lognorm mysql +pcap smtp snort" +KEYWORDS="~amd64 ~x86" +IUSE="geoip +libdnet +lognorm mysql redis +pcap smtp" BDEPEND="virtual/pkgconfig" -RDEPEND="dev-libs/libpcre +DEPEND=" + acct-group/sagan + acct-user/sagan app-admin/sagan-rules[lognorm?] - smtp? ( net-libs/libesmtp ) - pcap? ( net-libs/libpcap ) - mysql? ( virtual/mysql ) + dev-libs/libpcre + dev-libs/libyaml + geoip? ( dev-libs/geoip ) lognorm? ( dev-libs/liblognorm - dev-libs/json-c:= - dev-libs/libee + dev-libs/libfastjson:= dev-libs/libestr ) - libdnet? ( dev-libs/libdnet ) - snort? ( >=net-analyzer/snortsam-2.50 ) - geoip? ( dev-libs/geoip ) + redis? ( dev-libs/hiredis ) + pcap? ( net-libs/libpcap ) + smtp? ( net-libs/libesmtp ) " -DEPEND="${RDEPEND}" -DOCS=( AUTHORS ChangeLog FAQ INSTALL README NEWS TODO ) +# Package no longer logs directly to a database +# and relies on Unified2 format to accomplish it +RDEPEND=" + ${DEPEND} + mysql? ( net-analyzer/barnyard2[mysql] ) +" -PATCHES=( - "${FILESDIR}"/${PN}-1.0.0-liblognorm-json-c.patch -) +REQUIRED_USE="mysql? ( libdnet )" -pkg_setup() { - enewgroup sagan - enewuser sagan -1 -1 /dev/null sagan -} +DOCS=( AUTHORS ChangeLog FAQ INSTALL README NEWS TODO ) src_prepare() { default @@ -53,12 +52,15 @@ src_prepare() { src_configure() { append-flags -fcommon + # TODO: poke at strstr logic and enable/disable CPU_FLAGS_X86_* + # accordingly? + # Note that not all of these are used: + # https://github.com/quadrantsec/sagan/blob/main/m4/ax_ext.m4 local myeconfargs=( $(use_enable smtp esmtp) $(use_enable lognorm) - $(use_enable libdnet) + $(use_enable redis) $(use_enable pcap libpcap) - $(use_enable snort snortsam) $(use_enable geoip) ) @@ -68,6 +70,12 @@ src_configure() { src_install() { default + # No need to create this at build/install time + rm -r "${ED}"/var/run/ || die + + # Fix paths in config file + sed -i -e "s:/usr/local/:${EPREFIX}/:" "${ED}"/etc/sagan.yaml || die + diropts -g sagan -o sagan -m 775 dodir /var/log/sagan @@ -80,6 +88,8 @@ src_install() { newinitd "${FILESDIR}"/sagan.init-r1 sagan newconfd "${FILESDIR}"/sagan.confd sagan + systemd_dounit "${FILESDIR}"/sagan.service + docinto examples dodoc -r extra/* } |