blob: eb91bfcda80a58fb65601759ba3e6cf35f1315b7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI=5
inherit multilib ssl-cert user
MY_PV="${PV/_p/p}"
DESCRIPTION="Daemon for Sguil Network Security Monitoring"
HOMEPAGE="http://sguil.sourceforge.net"
SRC_URI="mirror://sourceforge/sguil/sguil-server-${MY_PV}.tar.gz"
LICENSE="GPL-2 QPL"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="ssl"
DEPEND="
>=dev-lang/tcl-8.3:0=[-threads]
>=dev-tcltk/tclx-8.3
dev-tcltk/tcllib
dev-tcltk/mysqltcl
ssl? ( >=dev-tcltk/tls-1.4.1 )"
RDEPEND="${DEPEND}
net-analyzer/p0f
net-analyzer/tcpflow
net-misc/openssh"
S="${WORKDIR}/sguil-${MY_PV}"
pkg_setup() {
enewgroup sguil
enewuser sguil -1 -1 /var/lib/sguil sguil
}
src_prepare(){
sed -i \
-e 's:DEBUG 2:DEBUG 1:' -e 's:DAEMON 0:DAEMON 1:' \
-e 's:SGUILD_LIB_PATH ./lib:SGUILD_LIB_PATH /usr/lib/sguild:g' \
-e 's:/sguild_data/rules:/var/lib/sguil/rules:g' \
-e 's:/sguild_data/archive:/var/lib/sguil/archive:g' \
-e 's:/usr/lib/sguild:/usr/'$(get_libdir)'/sguild:g' \
server/sguild.conf || die
}
src_install(){
dodoc server/sql_scripts/*
dodoc doc/CHANGES doc/OPENSSL.README doc/USAGE doc/INSTALL \
doc/TODO doc/sguildb.dia
insopts -m640
insinto /etc/sguil
doins server/{sguild.email,sguild.users,sguild.conf,sguild.queries,sguild.access,autocat.conf}
insinto /usr/$(get_libdir)/sguild
doins server/lib/*
dobin server/sguild
newinitd "${FILESDIR}/sguild.initd" sguild
newconfd "${FILESDIR}/sguild.confd" sguild
if use ssl; then
sed -i -e "s/#OPENSSL/OPENSSL/" "${D}/etc/conf.d/sguild"
fi
diropts -g sguil -o sguil
keepdir \
/var/lib/sguil \
/var/lib/sguil/archive \
/var/lib/sguil/rules
}
pkg_postinst(){
if use ssl && ! [ -f "${ROOT}"/etc/sguil/sguild.key ]; then
install_cert /etc/sguil/sguild
fi
chown -R sguil:sguil "${ROOT}"/etc/sguil/sguild.*
chown -R sguil:sguil "${ROOT}"/usr/lib/sguild
if [ -d "${ROOT}"/etc/snort/rules ] ; then
ln -s /etc/snort/rules "${ROOT}"/var/lib/sguil/rules/${HOSTNAME}
fi
elog
elog "Please customize the sguild configuration files in /etc/sguild before"
elog "trying to run the daemon. Additionally you will need to setup the"
elog "mysql database. See /usr/share/doc/${PF}/INSTALL.gz for information."
elog "Please note that it is STRONGLY recommended to mount a separate"
elog "filesystem at /var/lib/sguil for both space and performance reasons"
elog "as a large amount of data will be kept in the directory structure"
elog "underneath that top directory."
elog
elog "You should create the sguild db as per the install instructions in"
elog "/usr/share/doc/${PF}/ and use the appropriate"
elog "database setup script located in the same directory."
elog
}
|