Mail archive
alpine-devel

[alpine-devel] [PATCH 1/5] Initial APKBUILD for PSAD into Testing

From: IT Offshore <developer_at_it-offshore.co.uk>
Date: Sun, 10 Nov 2013 09:58:56 +0000

Corrected patch for PSAD - the APKBUILD now provides the answers required by install.pl
so the package will build unattended. I looked at building the package the Redhat way
but the perl install script also preserves configuration settings on upgrades.

Post-install script now only adds PSAD to the default runlevel & shows it's status as stopped.
---
 testing/psad/APKBUILD          | 106 +++++++++++++++++++++++++++++++++++++++++
 testing/psad/psad.confd        |   8 ++++
 testing/psad/psad.initd        |  55 +++++++++++++++++++++
 testing/psad/psad.post-install |   6 +++
 4 files changed, 175 insertions(+)
 create mode 100644 testing/psad/APKBUILD
 create mode 100644 testing/psad/psad.confd
 create mode 100644 testing/psad/psad.initd
 create mode 100644 testing/psad/psad.post-install
diff --git a/testing/psad/APKBUILD b/testing/psad/APKBUILD
new file mode 100644
index 0000000..0e0477b
--- /dev/null
+++ b/testing/psad/APKBUILD
_at_@ -0,0 +1,106 @@
+# Contributor: IT Offshore <developer_at_it-offshore.co.uk>
+# Maintainer:
+pkgname=psad
+pkgver=2.2.1
+pkgrel=0
+pkgdesc="3 lightweight system daemons that analyze iptables log messages to detect port scans and other suspicious traffic"
+url="http://cipherdyne.org/psad/"
+arch="all"
+license="GPL"
+depends="perl iptables ip6tables ssmtp psmisc perl-bit-vector perl-date-calc perl-iptables-chainmgr perl-iptables-parse perl-net-ipv4addr perl-unix-syslog net-tools"
+install="$pkgname.post-install"
+subpackages="$pkgname-doc"
+source="http://cipherdyne.org/psad/download/$pkgname-nodeps-$pkgver.tar.gz
+	psad.initd
+	psad.confd
+	"
+
+_builddir="$srcdir"/$pkgname-$pkgver
+
+build() {
+	cd "$_builddir"
+
+	#Set the config dirs
+  sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \
+      -e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \
+      -e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \
+          ./install.pl -i
+       #/usr/sbin/psadwatchd set with last cmd
+  sed -e "s|/var/log/psad|$pkgdir&|" \
+      -e "s|/var/run/psad|$pkgdir&|" \
+      -e "s|/var/lib/psad|$pkgdir&|" \
+      -e "s|/usr/lib/psad|$pkgdir&|" \
+      -e "s|/etc/psad|$pkgdir&|" \
+      -e "s|/usr/bin/whois_psad|$pkgdir/usr/bin/whois|" \
+      -e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \
+      -e "s|/usr/sbin/kmsgsd|$pkgdir&|" \
+      -e "s|/usr/sbin/psad|$pkgdir&|" \
+        ./psad.conf -i
+
+	#Disable install of generic init script & setting numeric run level
+	START=$(sed -n '/if ($init_dir and &is_root()) {/=' ./install.pl)
+	END=$(expr $START + 7)
+        #Busybox sed does not support +7d
+	sed -e ''$START','$END'd' ./install.pl -i
+
+	#populate install.answers so build does not wait for them
+	echo -e "Would you like to merge the config from the existing psad installation:\t n;" > ./install.answers
+        echo -e "Preserve any user modfications in etc psad signatures:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad icmp_types:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad icmp6_types:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad posf:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad auto_dl:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad snort_rule_dl:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad pf os:\t y;" >> ./install.answers
+        echo -e "Preserve any user modfications in etc psad ip_options:\t y;" >> ./install.answers
+        echo -e "Would you like alerts sent to a different address:\t y;" >> ./install.answers
+        echo -e "Email addresses:\t root_at_localhost;" >> ./install.answers
+        echo -e "Would you like psad to only parse specific strings in iptables messages:\t n;" >> ./install.answers
+        echo -e "First is it ok to leave the HOME_NET setting as any:\t y;" >> ./install.answers
+        echo -e "Would you like to enable DShield alerts:\t n;" >> ./install.answers
+        echo -e "Would you like to install the latest signatures from http www cipherdyne org psad signatures:\t n;" >> ./install.answers
+        echo -e "Enable psad at boot time:\t n;" >> ./install.answers
+}
+
+package() {
+	cd "$_builddir"
+
+	mkdir -p $pkgdir/etc/psad \
+                 $pkgdir/usr/bin \
+                 $pkgdir/usr/sbin \
+                 $pkgdir/usr/share/man/man8 \
+                 $pkgdir/var/lib/psad \
+                 $pkgdir/var/log/psad \
+                 $pkgdir/var/run/psad
+	# add dummy whois so build completes
+	ln -s /bin/busybox $pkgdir/usr/bin/whois
+	# dummy runlevel 1 / skip perl module installation
+	./install.pl --runlevel 1 --Use-answers --Skip-mod-install
+
+        #Set correct permissions
+	chmod -R o+r $pkgdir/etc/psad
+	chmod -R o+r $pkgdir/usr/sbin/*
+	chmod 0700 $pkgdir/var/lib/psad
+	#remove whois symbolic link
+	rm -rf $pkgdir/usr/bin/whois
+
+	# Fix the config
+	sed -e "s|$pkgdir||" $pkgdir/etc/psad/psad.conf -i
+	sed -e "s|$pkgdir||" $pkgdir/var/log/psad/install.log -i
+
+	#install init script & config defaults
+	install -m755 -D "$srcdir"/$pkgname.initd \
+		"$pkgdir"/etc/init.d/$pkgname || return 1
+	install -m644 -D "$srcdir"/$pkgname.confd \
+		"$pkgdir"/etc/conf.d/$pkgname || return 1
+}
+
+md5sums="d4b46544d167235a71ba5c56745927ed  psad-2.2.1.tar.bz2
+6e5ef9b0ddebf1a229da58b0f1918f89  psad.initd
+bc07efebb41cc23c4be129bbbacc874b  psad.confd"
+sha256sums="17befa8879f326d8f416c4827ec4241c6a8882656776d677f1b7ed05728e9728  psad-2.2.1.tar.bz2
+b38a3643f0b0c9ed338f1c3f1beea6114ba5b0a8cfb60097598066aa4e415c32  psad.initd
+74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9  psad.confd"
+sha512sums="08a4173126f3b9ea592224cd0079b41156e15366643f2347e6dbfe01a89bca112d3d94b0ec593da6c8fc9782befa74aad4a66b4117a40523d28a25bc1f1508c4  psad-2.2.1.tar.bz2
+01fbb402032f8cff9d2c6be3a032c5ea446d4708ca4f56addebba84bbd1b70e69e4c94b31a3af2680bbf8633f854f1ed8ef78ac746450ff1848fdbc4c90bf44a  psad.initd
+a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54  psad.confd"
diff --git a/testing/psad/psad.confd b/testing/psad/psad.confd
new file mode 100644
index 0000000..27ce228
--- /dev/null
+++ b/testing/psad/psad.confd
_at_@ -0,0 +1,8 @@
+# Default settings for psad.
+
+# Add any options you would like to pass to the daemon when started
+# For example if you would like to add an override file for your setup, this
+# can be achived this way:
+#
+#     command_args="--Override-config /root/psad.override.conf"
+command_args=""
diff --git a/testing/psad/psad.initd b/testing/psad/psad.initd
new file mode 100644
index 0000000..3e12cf4
--- /dev/null
+++ b/testing/psad/psad.initd
_at_@ -0,0 +1,55 @@
+#!/sbin/runscript
+
+# This file is part of PSAD (Port Scan Attack Detector)
+# Adapted for Alpine Linux by IT Offshore <developer_at_it-offshore.co.uk>
+
+command="/usr/sbin/psad"
+pidfile="/var/run/psad/psad.pid"
+config_file="/etc/psad/psad.conf"
+
+depend() {
+	need net
+	need logger
+	after iptables
+}
+
+# allow override config_file location from conf.d
+: ${config_file:="/etc/psad/psad.conf"}
+
+check_config() {
+	[ -f "$config_file" ] || error "$config_file is missing"
+}
+
+start_pre() {
+	check_config || return 1
+	# make sure dir for pidfile exists. /var/run is tmpfs...
+	checkpath --directory ${pidfile%/*}
+}
+
+start() {
+    ebegin "Starting PSAD (Port Scan Attack Detector)"
+    start-stop-daemon --start $command --pidfile $pidfile
+    eend $?
+}
+
+stop()
+{
+	local pidfile
+	local piddir=/var/run/psad
+	local process_list="psadwatchd kmsgsd psad"
+
+	# Stop all 3 daemons with psad stopped last as it launches the other 2
+	for process in $process_list; do
+
+		pidfile="$piddir/$process.pid"
+		einfo "Stopping the $process process"
+		start-stop-daemon --stop $process --progress --pidfile $pidfile
+		eend $?
+
+	done
+}
+
+exit
+
+
+
diff --git a/testing/psad/psad.post-install b/testing/psad/psad.post-install
new file mode 100644
index 0000000..510d99b
--- /dev/null
+++ b/testing/psad/psad.post-install
_at_@ -0,0 +1,6 @@
+#!/bin/sh
+# add psad service to Default Runlevel
+rc-update add psad default
+echo "PSAD:";rc-service psad status
+exit 0
+
-- 
1.8.4.2
---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Sun Nov 10 2013 - 09:58:56 UTC