X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from apollo.thewebhostserver.com (apollomail.thewebhostserver.com [46.23.65.248]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 65FCBDC083C for ; Sun, 10 Nov 2013 09:57:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=it-offshore.co.uk; s=default; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=TP7th9c9KwrrRYwp5VDJ9C+NJ/YeZKNs9002fQxQ8bc=; b=c7dJoDwyKOVYTpv67tXeuysU9sZEc51WAiiVjmrJx7axYp8h5jlkLX4jDdYl26JbM4RQXxcOsz/gyFz3IHImorfwSbcDnhIAkrhkz0HZuStpw8X5f4vbTcLefCbwrINg; Received: from [81.4.121.188] (port=53105 helo=alpine.my.domain) by apollo.thewebhostserver.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80.1) (envelope-from ) id 1VfRlz-003geQ-Kr; Sun, 10 Nov 2013 09:57:39 +0000 From: IT Offshore To: alpine-devel@lists.alpinelinux.org Cc: IT Offshore Subject: [alpine-devel] [PATCH 1/5] Initial APKBUILD for PSAD into Testing Date: Sun, 10 Nov 2013 09:58:56 +0000 Message-Id: <1384077540-7914-2-git-send-email-developer@it-offshore.co.uk> X-Mailer: git-send-email 1.8.4.2 In-Reply-To: <1384077540-7914-1-git-send-email-developer@it-offshore.co.uk> References: <1384077540-7914-1-git-send-email-developer@it-offshore.co.uk> X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - apollo.thewebhostserver.com X-AntiAbuse: Original Domain - lists.alpinelinux.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - it-offshore.co.uk X-Get-Message-Sender-Via: apollo.thewebhostserver.com: authenticated_id: developer@it-offshore.co.uk X-Source: X-Source-Args: X-Source-Dir: X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: Corrected patch for PSAD - the APKBUILD now provides the answers required by install.pl so the package will build unattended. I looked at building the package the Redhat way but the perl install script also preserves configuration settings on upgrades. Post-install script now only adds PSAD to the default runlevel & shows it's status as stopped. --- testing/psad/APKBUILD | 106 +++++++++++++++++++++++++++++++++++++++++ testing/psad/psad.confd | 8 ++++ testing/psad/psad.initd | 55 +++++++++++++++++++++ testing/psad/psad.post-install | 6 +++ 4 files changed, 175 insertions(+) create mode 100644 testing/psad/APKBUILD create mode 100644 testing/psad/psad.confd create mode 100644 testing/psad/psad.initd create mode 100644 testing/psad/psad.post-install diff --git a/testing/psad/APKBUILD b/testing/psad/APKBUILD new file mode 100644 index 0000000..0e0477b --- /dev/null +++ b/testing/psad/APKBUILD @@ -0,0 +1,106 @@ +# Contributor: IT Offshore +# Maintainer: +pkgname=psad +pkgver=2.2.1 +pkgrel=0 +pkgdesc="3 lightweight system daemons that analyze iptables log messages to detect port scans and other suspicious traffic" +url="http://cipherdyne.org/psad/" +arch="all" +license="GPL" +depends="perl iptables ip6tables ssmtp psmisc perl-bit-vector perl-date-calc perl-iptables-chainmgr perl-iptables-parse perl-net-ipv4addr perl-unix-syslog net-tools" +install="$pkgname.post-install" +subpackages="$pkgname-doc" +source="http://cipherdyne.org/psad/download/$pkgname-nodeps-$pkgver.tar.gz + psad.initd + psad.confd + " + +_builddir="$srcdir"/$pkgname-$pkgver + +build() { + cd "$_builddir" + + #Set the config dirs + sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \ + -e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \ + -e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \ + ./install.pl -i + #/usr/sbin/psadwatchd set with last cmd + sed -e "s|/var/log/psad|$pkgdir&|" \ + -e "s|/var/run/psad|$pkgdir&|" \ + -e "s|/var/lib/psad|$pkgdir&|" \ + -e "s|/usr/lib/psad|$pkgdir&|" \ + -e "s|/etc/psad|$pkgdir&|" \ + -e "s|/usr/bin/whois_psad|$pkgdir/usr/bin/whois|" \ + -e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \ + -e "s|/usr/sbin/kmsgsd|$pkgdir&|" \ + -e "s|/usr/sbin/psad|$pkgdir&|" \ + ./psad.conf -i + + #Disable install of generic init script & setting numeric run level + START=$(sed -n '/if ($init_dir and &is_root()) {/=' ./install.pl) + END=$(expr $START + 7) + #Busybox sed does not support +7d + sed -e ''$START','$END'd' ./install.pl -i + + #populate install.answers so build does not wait for them + echo -e "Would you like to merge the config from the existing psad installation:\t n;" > ./install.answers + echo -e "Preserve any user modfications in etc psad signatures:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad icmp_types:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad icmp6_types:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad posf:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad auto_dl:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad snort_rule_dl:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad pf os:\t y;" >> ./install.answers + echo -e "Preserve any user modfications in etc psad ip_options:\t y;" >> ./install.answers + echo -e "Would you like alerts sent to a different address:\t y;" >> ./install.answers + echo -e "Email addresses:\t root@localhost;" >> ./install.answers + echo -e "Would you like psad to only parse specific strings in iptables messages:\t n;" >> ./install.answers + echo -e "First is it ok to leave the HOME_NET setting as any:\t y;" >> ./install.answers + echo -e "Would you like to enable DShield alerts:\t n;" >> ./install.answers + echo -e "Would you like to install the latest signatures from http www cipherdyne org psad signatures:\t n;" >> ./install.answers + echo -e "Enable psad at boot time:\t n;" >> ./install.answers +} + +package() { + cd "$_builddir" + + mkdir -p $pkgdir/etc/psad \ + $pkgdir/usr/bin \ + $pkgdir/usr/sbin \ + $pkgdir/usr/share/man/man8 \ + $pkgdir/var/lib/psad \ + $pkgdir/var/log/psad \ + $pkgdir/var/run/psad + # add dummy whois so build completes + ln -s /bin/busybox $pkgdir/usr/bin/whois + # dummy runlevel 1 / skip perl module installation + ./install.pl --runlevel 1 --Use-answers --Skip-mod-install + + #Set correct permissions + chmod -R o+r $pkgdir/etc/psad + chmod -R o+r $pkgdir/usr/sbin/* + chmod 0700 $pkgdir/var/lib/psad + #remove whois symbolic link + rm -rf $pkgdir/usr/bin/whois + + # Fix the config + sed -e "s|$pkgdir||" $pkgdir/etc/psad/psad.conf -i + sed -e "s|$pkgdir||" $pkgdir/var/log/psad/install.log -i + + #install init script & config defaults + install -m755 -D "$srcdir"/$pkgname.initd \ + "$pkgdir"/etc/init.d/$pkgname || return 1 + install -m644 -D "$srcdir"/$pkgname.confd \ + "$pkgdir"/etc/conf.d/$pkgname || return 1 +} + +md5sums="d4b46544d167235a71ba5c56745927ed psad-2.2.1.tar.bz2 +6e5ef9b0ddebf1a229da58b0f1918f89 psad.initd +bc07efebb41cc23c4be129bbbacc874b psad.confd" +sha256sums="17befa8879f326d8f416c4827ec4241c6a8882656776d677f1b7ed05728e9728 psad-2.2.1.tar.bz2 +b38a3643f0b0c9ed338f1c3f1beea6114ba5b0a8cfb60097598066aa4e415c32 psad.initd +74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9 psad.confd" +sha512sums="08a4173126f3b9ea592224cd0079b41156e15366643f2347e6dbfe01a89bca112d3d94b0ec593da6c8fc9782befa74aad4a66b4117a40523d28a25bc1f1508c4 psad-2.2.1.tar.bz2 +01fbb402032f8cff9d2c6be3a032c5ea446d4708ca4f56addebba84bbd1b70e69e4c94b31a3af2680bbf8633f854f1ed8ef78ac746450ff1848fdbc4c90bf44a psad.initd +a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54 psad.confd" diff --git a/testing/psad/psad.confd b/testing/psad/psad.confd new file mode 100644 index 0000000..27ce228 --- /dev/null +++ b/testing/psad/psad.confd @@ -0,0 +1,8 @@ +# Default settings for psad. + +# Add any options you would like to pass to the daemon when started +# For example if you would like to add an override file for your setup, this +# can be achived this way: +# +# command_args="--Override-config /root/psad.override.conf" +command_args="" diff --git a/testing/psad/psad.initd b/testing/psad/psad.initd new file mode 100644 index 0000000..3e12cf4 --- /dev/null +++ b/testing/psad/psad.initd @@ -0,0 +1,55 @@ +#!/sbin/runscript + +# This file is part of PSAD (Port Scan Attack Detector) +# Adapted for Alpine Linux by IT Offshore + +command="/usr/sbin/psad" +pidfile="/var/run/psad/psad.pid" +config_file="/etc/psad/psad.conf" + +depend() { + need net + need logger + after iptables +} + +# allow override config_file location from conf.d +: ${config_file:="/etc/psad/psad.conf"} + +check_config() { + [ -f "$config_file" ] || error "$config_file is missing" +} + +start_pre() { + check_config || return 1 + # make sure dir for pidfile exists. /var/run is tmpfs... + checkpath --directory ${pidfile%/*} +} + +start() { + ebegin "Starting PSAD (Port Scan Attack Detector)" + start-stop-daemon --start $command --pidfile $pidfile + eend $? +} + +stop() +{ + local pidfile + local piddir=/var/run/psad + local process_list="psadwatchd kmsgsd psad" + + # Stop all 3 daemons with psad stopped last as it launches the other 2 + for process in $process_list; do + + pidfile="$piddir/$process.pid" + einfo "Stopping the $process process" + start-stop-daemon --stop $process --progress --pidfile $pidfile + eend $? + + done +} + +exit + + + diff --git a/testing/psad/psad.post-install b/testing/psad/psad.post-install new file mode 100644 index 0000000..510d99b --- /dev/null +++ b/testing/psad/psad.post-install @@ -0,0 +1,6 @@ +#!/bin/sh +# add psad service to Default Runlevel +rc-update add psad default +echo "PSAD:";rc-service psad status +exit 0 + -- 1.8.4.2 --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---