IT Offshore: 4 /testing - Initial APKBUILD for PSAD (Port Scan Attack Detector) /testing - Initial APKBUILD for perl-netaddr-ip /testing - Initial APKBUILD for FWSNORT (Firewall SNORT) /testing - Initial APKBUILD for inetutils-syslogd 16 files changed, 562 insertions(+), 0 deletions(-)
Copy & paste the following snippet into your terminal to import this patchset into git:
curl -s https://lists.alpinelinux.org/~alpine/devel/patches/564/mbox | git am -3Learn more about email & git
This is now a single patch for PSAD. BUILD adapted from Arch Linux https://aur.archlinux.org/packages/psad/ psad.initd = revised init script (using OpenRC builtins) psad.post-install = creates & adds psad service to default run level
Natanael Copa <ncopa@alpinelinux.org>When i tried to build this i got this: [+] Would you like alerts sent to a different address ([y]/n)? and it waited for input. this will lock the build servers for sure. I didnt have time to review the rest. -nc --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
--- testing/psad/APKBUILD | 87 ++++++++++++++++++++++++++++++++++++++++++ testing/psad/psad.confd | 8 ++++ testing/psad/psad.initd | 55 ++++++++++++++++++++++++++ testing/psad/psad.post-install | 7 ++++ 4 files changed, 157 insertions(+) create mode 100644 testing/psad/APKBUILD create mode 100644 testing/psad/psad.confd create mode 100644 testing/psad/psad.initd create mode 100644 testing/psad/psad.post-install diff --git a/testing/psad/APKBUILD b/testing/psad/APKBUILD new file mode 100644 index 0000000..58983f6 --- /dev/null +++ b/testing/psad/APKBUILD @@ -0,0 +1,87 @@ +# Contributor: IT Offshore <developer@it-offshore.co.uk> +# Maintainer: +pkgname=psad +pkgver=2.2.1 +pkgrel=0 +pkgdesc="3 lightweight system daemons that analyze iptables log messages to detect port scans and other suspicious traffic" +url="http://cipherdyne.org/psad/" +arch="all" +license="GPL" +depends="perl iptables ip6tables ssmtp psmisc perl-bit-vector perl-date-calc perl-iptables-chainmgr perl-iptables-parse perl-net-ipv4addr perl-unix-syslog net-tools" +install="$pkgname.post-install" +subpackages="$pkgname-doc" +source="http://cipherdyne.org/psad/download/$pkgname-nodeps-$pkgver.tar.gz + psad.initd + psad.confd + " + +_builddir="$srcdir"/$pkgname-$pkgver + +build() { + cd "$_builddir" + + #Set the config dirs + sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \ + -e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \ + -e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \ + ./install.pl -i + #/usr/sbin/psadwatchd set with last cmd + sed -e "s|/var/log/psad|$pkgdir&|" \ + -e "s|/var/run/psad|$pkgdir&|" \ + -e "s|/var/lib/psad|$pkgdir&|" \ + -e "s|/usr/lib/psad|$pkgdir&|" \ + -e "s|/etc/psad|$pkgdir&|" \ + -e "s|/usr/bin/whois_psad|$pkgdir/usr/bin/whois|" \ + -e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \ + -e "s|/usr/sbin/kmsgsd|$pkgdir&|" \ + -e "s|/usr/sbin/psad|$pkgdir&|" \ + ./psad.conf -i + + #Disable install of generic init script & setting numeric run level + START=$(sed -n '/if ($init_dir and &is_root()) {/=' ./install.pl) + END=$(expr $START + 7) + #Busybox sed does not support +7d + sed -e ''$START','$END'd' ./install.pl -i +} + +package() { + cd "$_builddir" + + #hope that things work + mkdir -p $pkgdir/etc/psad \ + $pkgdir/usr/bin \ + $pkgdir/usr/sbin \ + $pkgdir/usr/share/man/man8 \ + $pkgdir/var/lib/psad \ + $pkgdir/var/log/psad \ + $pkgdir/var/run/psad + ln -s /bin/busybox $pkgdir/usr/bin/whois + ./install.pl --runlevel 1 + + #Set correct permissions + chmod -R o+r $pkgdir/etc/psad + chmod -R o+r $pkgdir/usr/sbin/* + chmod 0700 $pkgdir/var/lib/psad + #remove whois symbolic link + rm -rf $pkgdir/usr/bin/whois + + # Fix the config + sed -e "s|$pkgdir||" $pkgdir/etc/psad/psad.conf -i + sed -e "s|$pkgdir||" $pkgdir/var/log/psad/install.log -i + + #install init script & config defaults + install -m755 -D "$srcdir"/$pkgname.initd \ + "$pkgdir"/etc/init.d/$pkgname || return 1 + install -m644 -D "$srcdir"/$pkgname.confd \ + "$pkgdir"/etc/conf.d/$pkgname || return 1 +} + +md5sums="ee600d9b6b4b915b026370c9a3726b5f psad-nodeps-2.2.1.tar.gz +6e5ef9b0ddebf1a229da58b0f1918f89 psad.initd +bc07efebb41cc23c4be129bbbacc874b psad.confd" +sha256sums="0422cdd1a37d4c8fcc1a4ce6e7c4a6974e58fdde82242f45b83eb6beb85708b5 psad-nodeps-2.2.1.tar.gz +b38a3643f0b0c9ed338f1c3f1beea6114ba5b0a8cfb60097598066aa4e415c32 psad.initd +74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9 psad.confd" +sha512sums="9e3f475376c3c7b753e71676f5c9d639e9fffd93caf864faa130f8030e37f9a6c57ba59c9519d2bd8dde945f7ff7a014ca2a710bd4b7be9721ca7f13f879b970 psad-nodeps-2.2.1.tar.gz +01fbb402032f8cff9d2c6be3a032c5ea446d4708ca4f56addebba84bbd1b70e69e4c94b31a3af2680bbf8633f854f1ed8ef78ac746450ff1848fdbc4c90bf44a psad.initd +a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54 psad.confd" diff --git a/testing/psad/psad.confd b/testing/psad/psad.confd new file mode 100644 index 0000000..27ce228 --- /dev/null +++ b/testing/psad/psad.confd @@ -0,0 +1,8 @@ +# Default settings for psad. + +# Add any options you would like to pass to the daemon when started +# For example if you would like to add an override file for your setup, this +# can be achived this way: +# +# command_args="--Override-config /root/psad.override.conf" +command_args="" diff --git a/testing/psad/psad.initd b/testing/psad/psad.initd new file mode 100644 index 0000000..3e12cf4 --- /dev/null +++ b/testing/psad/psad.initd @@ -0,0 +1,55 @@ +#!/sbin/runscript + +# This file is part of PSAD (Port Scan Attack Detector) +# Adapted for Alpine Linux by IT Offshore <developer@it-offshore.co.uk> + +command="/usr/sbin/psad" +pidfile="/var/run/psad/psad.pid" +config_file="/etc/psad/psad.conf" + +depend() { + need net + need logger + after iptables +} + +# allow override config_file location from conf.d +: ${config_file:="/etc/psad/psad.conf"} + +check_config() { + [ -f "$config_file" ] || error "$config_file is missing" +} + +start_pre() { + check_config || return 1 + # make sure dir for pidfile exists. /var/run is tmpfs... + checkpath --directory ${pidfile%/*} +} + +start() { + ebegin "Starting PSAD (Port Scan Attack Detector)" + start-stop-daemon --start $command --pidfile $pidfile + eend $? +} + +stop() +{ + local pidfile + local piddir=/var/run/psad + local process_list="psadwatchd kmsgsd psad" + + # Stop all 3 daemons with psad stopped last as it launches the other 2 + for process in $process_list; do + + pidfile="$piddir/$process.pid" + einfo "Stopping the $process process" + start-stop-daemon --stop $process --progress --pidfile $pidfile + eend $? + + done +} + +exit + + + diff --git a/testing/psad/psad.post-install b/testing/psad/psad.post-install new file mode 100644 index 0000000..ab9647e --- /dev/null +++ b/testing/psad/psad.post-install @@ -0,0 +1,7 @@ +#!/bin/sh + +# add & start psad service +rc-update add psad default +rc-service psad start +exit 0 + -- 1.8.4.2 --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
perl-netaddr-ip into testing - dependency for FWSNORT: http://www.cipherdyne.org/fwsnort/ --- testing/perl-netaddr-ip/APKBUILD | 41 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 testing/perl-netaddr-ip/APKBUILD
Natanael Copa <ncopa@alpinelinux.org>we already have perl-netaddr-ip in main so this is not needed. -nc --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
diff --git a/testing/perl-netaddr-ip/APKBUILD b/testing/perl-netaddr-ip/APKBUILD new file mode 100644 index 0000000..b884a66 --- /dev/null +++ b/testing/perl-netaddr-ip/APKBUILD @@ -0,0 +1,41 @@ +# Automatically generated by apkbuild-cpan, template 1 +# Contributor: IT Offshore <developer@it-offshore.co.uk> +# Maintainer: IT Offshore <developer@it-offshore.co.uk> +pkgname=perl-netaddr-ip +_pkgreal=NetAddr-IP +pkgver=4.071 +pkgrel=0 +pkgdesc="Manages IPv4 and IPv6 addresses and subnets" +url="http://search.cpan.org/dist/NetAddr-IP/" +arch="all" +license="GPL PerlArtistic" +cpandepends="" +cpanmakedepends=" " +depends="$cpandepends" +makedepends="perl-dev $cpanmakedepends" +subpackages="$pkgname-doc" +source="http://search.cpan.org/CPAN/authors/id/M/MI/MIKER/$_pkgreal-$pkgver.tar.gz" + +_builddir="$srcdir/$_pkgreal-$pkgver" + +prepare() { + cd "$_builddir" + export CFLAGS=`perl -MConfig -E 'say $Config{ccflags}'` + PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor +} + +build() { + cd "$_builddir" + export CFLAGS=`perl -MConfig -E 'say $Config{ccflags}'` + make && make test +} + +package() { + cd "$_builddir" + make DESTDIR="$pkgdir" install || return 1 + find "$pkgdir" \( -name perllocal.pod -o -name .packlist \) -delete +} + +md5sums="f0da45422022fdf1ccfa90b8068d782b NetAddr-IP-4.071.tar.gz" +sha256sums="6375e8c76e72d9bd362a9d4ca0794396c9b919fa4e6e00b65e50dee719430d55 NetAddr-IP-4.071.tar.gz" +sha512sums="5a0927712a798e470b6f98c9acef27cf035b31bd2c4d7329edb1a3cf246a526c67855f388ade3905a0ee821d1fce7d3c0d91ebdfc99c2ca6c013a03cdf6ec36b NetAddr-IP-4.071.tar.gz" -- 1.8.4.2 --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
Initial package into testing for 'FWSNORT': http://www.cipherdyne.org/fwsnort/ fwsnort.post-install - adds daily cron to update rules / signatures
Natanael Copa <ncopa@alpinelinux.org>It should not be created with post-install (seem more comments below)
fwsnort.up - added to /etc/network/if-pre-up.d/ to splice rules into iptables fwsnort.update - daily snort rule / psad signature update script (run by cron) --- testing/fwsnort/APKBUILD | 74 ++++++++++++++++++++++++++++++++++++ testing/fwsnort/fwsnort.post-install | 13 +++++++ testing/fwsnort/fwsnort.up | 5 +++ testing/fwsnort/fwsnort.update | 18 +++++++++ 4 files changed, 110 insertions(+) create mode 100644 testing/fwsnort/APKBUILD create mode 100644 testing/fwsnort/fwsnort.post-install create mode 100644 testing/fwsnort/fwsnort.up create mode 100644 testing/fwsnort/fwsnort.update diff --git a/testing/fwsnort/APKBUILD b/testing/fwsnort/APKBUILD new file mode 100644 index 0000000..853626b --- /dev/null +++ b/testing/fwsnort/APKBUILD @@ -0,0 +1,74 @@ +# Contributor: IT Offshore <developer@it-offshore.co.uk> +# Maintainer: +pkgname=fwsnort +pkgver=1.6.3 +pkgrel=0 +pkgdesc="Application layer IDS/IPS by translating snort rules into iptables" +url="http://www.cipherdyne.org/fwsnort/" +arch="noarch" +license="GPL" +depends="perl perl-netaddr-ip perl-iptables-parse iptables ip6tables net-tools" +depends_dev="wget" +makedepends="$depends_dev" +install="$pkgname.post-install" +source="http://www.cipherdyne.org/$pkgname/download/$pkgname-nodeps-$pkgver.tar.gz + fwsnort.up + fwsnort.update + " + +_builddir="$srcdir"/$pkgname-$pkgver + +build() { + cd "$_builddir" + + #Disable Root requirement to build + START=$(sed -n '/$< == 0 && $> == 0 or die "You need to be root (or equivalent UID 0",/=' ./install.pl) + END=$(expr $START + 1) + #Busybox sed does not support +1d + sed -e ''$START','$END'd' ./install.pl -i + + #prevent chmod 0500 halting the build + sed -e "s|0500|0755|" ./install.pl -i + + #change MAN path so package builds + sed -e "s|/usr/share/man/man8|$pkgdir&|" ./install.pl -i + + # --install-test-dir sets the INSTALL_ROOT to $src/../test/fwsnort-test + # avoids installation attempted into /etc /usr /var + # -S disables dependency installs (we also build with the nodep sources) + ./install.pl -S --install-test-dir +} + +package() { + cd "$_builddir" + + #create destinations before fakeroot runs + mkdir -p $pkgdir/etc \ + $pkgdir/usr \ + $pkgdir/usr + + cp -rf $srcdir/fwsnort-$pkgver/test/fwsnort-install/* $pkgdir + + # delete references to $pkgdir made by the installer + cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf + + #fix permissions + chmod 0500 $pkgdir/etc/fwsnort $pkgdir/etc/fwsnort/snort_rules + chmod 0500 $pkgdir/usr/sbin/fwsnort + chmod 0600 $pkgdir/etc/fwsnort/fwsnort.conf + + # install rule / signature update script + install -Dm755 "$srcdir"/fwsnort.update "$pkgdir"/usr/bin/update-fwsnort + # install iptables rule splicing script + install -Dm755 "$srcdir"/fwsnort.up "$pkgdir"/etc/network/if-pre-up.d/fwsnort +} + +md5sums="7a61a03c4b523b4fb2b1cc73bcb3bac7 fwsnort-nodeps-1.6.3.tar.gz +442039bc04d553c7c5f9d3fc4269cc71 fwsnort.up +4866ff4610b5f2aa56fa15a827b22179 fwsnort.update" +sha256sums="d2110508f61c31d5ca5ddbb2452d0b10ae533e094499bc287f3382371c8bd5f2 fwsnort-nodeps-1.6.3.tar.gz +8caf113ff779a02fe97288d545f029111151fac9f342be9b40aa9f80e49dd359 fwsnort.up +b9753c29cace84014876f0d3b18c1c4c76ac1cbe1c83dd295b341b9e2897f61d fwsnort.update" +sha512sums="abf03d9c42b24abdb5798f7e9becffd203eb4579eb3682fc975ff51714010c3ee4541da1675efee9a03e09323089219c57c58574ef6c5b587c38761c167eac48 fwsnort-nodeps-1.6.3.tar.gz +3c97b5f4bb922086acd62305baae4ba1d91e6e627d063f131f98e08da3f57b607b35558eae2cf292b3997d25f09147039f95123161f8f29c5b97b71c80811e9f fwsnort.up +0944c226600b380c504d36038948ef0c421a3d412a06d85cbb0b8397b4226ae966c5d94fe2f661c72865fed2afae1d698279c6a4e95fc8637281ddb6cb01b14d fwsnort.update" diff --git a/testing/fwsnort/fwsnort.post-install b/testing/fwsnort/fwsnort.post-install new file mode 100644 index 0000000..9b3fa0cb --- /dev/null +++ b/testing/fwsnort/fwsnort.post-install @@ -0,0 +1,13 @@ +#!/bin/sh +# fwsnort post install script +############################# + +/usr/bin/update-fwsnort
Natanael Copa <ncopa@alpinelinux.org>will this need network to work? Remember that on tmpfs installs, the network is not initialized when packages are installed to tmpfs.
+ +#setup cron to update signatures daily +echo "0 15 * * * /usr/bin/update-fwsnort 2>&1 >> /var/log/fwsnort_update.log" >> /etc/crontabs/root
Natanael Copa <ncopa@alpinelinux.org>Why no ship an /etc/periodic/daily/fwsnort file? if you ship it within the apk it will be removed when package is uninstalled. Otherwise it will stay.
+ +echo "Daily root cron job created to update PSAD signatures & SNORT rules" +echo "/etc/network/pre-if-up.d/fwsnort created to add SNORT rules to iptables automatically" + +exit 0 diff --git a/testing/fwsnort/fwsnort.up b/testing/fwsnort/fwsnort.up new file mode 100644 index 0000000..b750f59 --- /dev/null +++ b/testing/fwsnort/fwsnort.up @@ -0,0 +1,5 @@ +#!/bin/sh + +#splice fwsnort rules into iptables whenever the network comes up +/var/lib/fwsnort/fwsnort.sh + diff --git a/testing/fwsnort/fwsnort.update b/testing/fwsnort/fwsnort.update new file mode 100644 index 0000000..e94e1eb --- /dev/null +++ b/testing/fwsnort/fwsnort.update @@ -0,0 +1,18 @@ +#!/bin/sh +# update fwsnort & psad signatures + +# clear update log (rewritten daily by cron) +if [ -f /var/log/fwsnort_update.log ]; then + rm -rf /var/log/fwsnort_update.log +fi + +/usr/sbin/fwsnort --update-rules +/usr/sbin/fwsnort +/var/lib/fwsnort/fwsnort.sh + +if ps aux | grep psad; then + psad --sig-update + echo "running 'psad -H'" + psad -H +fi +
Natanael Copa <ncopa@alpinelinux.org>--- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
-- 1.8.4.2 --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
Single patch for inetutils-syslogd into testing to provide a small syslog
with logging to multiple files. Will also allow OpenVPN to log inside a chroot:
inetutils-syslogd.post-install = removes busybox syslog boot dependency & service
& adds / starts inetutils-syslogd
Natanael Copa <ncopa@alpinelinux.org>install/deinstall scripts should never start/stop any services.
inetutils-syslogd.post-deinstall = gives option to reinstate busybox syslog service
Natanael Copa <ncopa@alpinelinux.org>install/deinstall script should be interactive.
syslog.conf = settings to split log files inetutils-syslogd.logrotate = settings for logrotate inetutils-syslogd.confd = default settings disable forwarding (we are not a remote syslog) --- testing/inetutils-syslogd/APKBUILD | 90 ++++++++++++++++++++++ testing/inetutils-syslogd/inetutils-syslogd.confd | 9 +++ testing/inetutils-syslogd/inetutils-syslogd.initd | 50 ++++++++++++ .../inetutils-syslogd/inetutils-syslogd.logrotate | 38 +++++++++ .../inetutils-syslogd.post-deinstall | 18 +++++ .../inetutils-syslogd.post-install | 11 +++ testing/inetutils-syslogd/syslog.conf | 38 +++++++++ 7 files changed, 254 insertions(+) create mode 100644 testing/inetutils-syslogd/APKBUILD create mode 100644 testing/inetutils-syslogd/inetutils-syslogd.confd create mode 100644 testing/inetutils-syslogd/inetutils-syslogd.initd create mode 100644 testing/inetutils-syslogd/inetutils-syslogd.logrotate create mode 100644 testing/inetutils-syslogd/inetutils-syslogd.post-deinstall create mode 100644 testing/inetutils-syslogd/inetutils-syslogd.post-install create mode 100644 testing/inetutils-syslogd/syslog.conf
Natanael Copa <ncopa@alpinelinux.org>-nc --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
diff --git a/testing/inetutils-syslogd/APKBUILD b/testing/inetutils-syslogd/APKBUILD new file mode 100644 index 0000000..88d5f16 --- /dev/null +++ b/testing/inetutils-syslogd/APKBUILD @@ -0,0 +1,90 @@ +# Contributor: IT Offshore <developer@it-offshore.co.uk> +# Maintainer: +pkgname=inetutils-syslogd +_pkgname=inetutils +pkgver=1.9.1 +pkgrel=0 +pkgdesc="A small syslogd for logging to multiple files" +url="http://www.gnu.org/software/inetutils/" +arch="all" +license="GPL3" +depends="readline ncurses" +depends_dev="" +makedepends="$depends_dev" +install="$pkgname.post-install $pkgname.post-deinstall" +subpackages="$pkgname-doc" +source="http://ftp.gnu.org/gnu/inetutils/${_pkgname}-${pkgver}.tar.gz + inetutils-syslogd.initd + inetutils-syslogd.confd + syslog.conf + inetutils-syslogd.logrotate + " + +_builddir="$srcdir"/$_pkgname-$pkgver + +build() { + cd "$_builddir" + + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --libexec=/usr/sbin \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --infodir=/usr/share/info \ + --localstatedir=/var \ + --without-wrap --without-pam \ + --disable-ftp --disable-ftpd \ + --disable-telnet --disable-telnetd \ + --disable-talk --disable-talkd \ + --disable-rlogin --disable-rlogind \ + --disable-rsh --disable-rshd \ + --disable-rexec --disable-rexecd \ + --disable-rcp --disable-hostname \ + --disable-tftp --disable-tftpd \ + --disable-ping --disable-ping6 \ + --disable-logger --enable-syslogd \ + --disable-inetd --disable-whois \ + --disable-uucpd --disable-ifconfig --disable-traceroute \ + || return 1 + make || return 1 +} + +check() { + cd "$srcdir/${_pkgname}-${pkgver}" + make check +} + +package() { + cd "$_builddir" + make DESTDIR="${pkgdir}" install + #binary installed to /usr/sbin not bin + rm -rf $pkgdir/usr/bin + + #install init script & config defaults + install -m755 -D "$srcdir"/$pkgname.initd \ + "$pkgdir"/etc/init.d/$pkgname || return 1 + install -m644 -D "$srcdir"/$pkgname.confd \ + "$pkgdir"/etc/conf.d/$pkgname || return 1 + install -m644 -D "$srcdir"/syslog.conf \ + "$pkgdir"/etc/syslog.conf || return 1 + install -m644 -D "$srcdir"/inetutils-syslogd.logrotate \ + "$pkgdir"/etc/logrotate.d/inetutils-syslogd || return 1 +} + +md5sums="944f7196a2b3dba2d400e9088576000c inetutils-1.9.1.tar.gz +6f0deb2a07439638161d03fd887d4fad inetutils-syslogd.initd +edf3f502d9f2bf49c5da8cb37a927d06 inetutils-syslogd.confd +506560780445d5a7b30e2e3c96efa19d syslog.conf +9980ae54a3791c7f9d1d3baa04698e2a inetutils-syslogd.logrotate" +sha256sums="02a9ebde8a198cb85f87545b9d88fb103a183958139864a85fe9e027ad79ff2b inetutils-1.9.1.tar.gz +1cf71f3656dceba3ddf0543a43a98e644a0b42999ba80b9f72318ee578c9ff53 inetutils-syslogd.initd +86105f0a0105f50275f7381b5d7fe603b8d854a0e6753c2f06f6d0c234562948 inetutils-syslogd.confd +a991140072f0ff1a0d3b3e593eb5935fcca0c00f93436022b9055c7450decdf9 syslog.conf +2b3e73b1a808cabd54dd3c3b78573cdf759422fa3c7b64f15838ce0830edaa31 inetutils-syslogd.logrotate" +sha512sums="69267bfa3cae34f6145caad668dc2e9385701fb52a144640e9893fa7f0b7694eacd1fe579de3fb7190e8485b26c00337ded136488694c399b0fc290f7eec303c inetutils-1.9.1.tar.gz +e70d0e244fcc30e94f846b82b4ec7318b5582f512bd715fb5bd9178d7be5ede0e5b53e29431a2db5177ce2f31fc306900b3a1297a658e84b2671f3ad5153b81c inetutils-syslogd.initd +82968692b4fe79706aacaeb1021b343288dc4f1d86925481796dac1f743a8269976ce86bf446cd0c16d246b918e5822e312660b201407eb7031a17cb398c9513 inetutils-syslogd.confd +5abb2a0309c9e180d7cacf97917044a8d3573fdf4d5902d757788fb687800900b47a02c6ec4a113475931176b52a1c2ba0771452bfb301a11b5aa0230377872d syslog.conf +30741cf17a86a0bf39404882711d827e200a2d22cdba873e49f1a871f8d113cfe5bb1ddf3206c44be888be15aa09104656f9bd26406abb42c9b6fed0624d0bfb inetutils-syslogd.logrotate" diff --git a/testing/inetutils-syslogd/inetutils-syslogd.confd b/testing/inetutils-syslogd/inetutils-syslogd.confd new file mode 100644 index 0000000..dfcc1cb --- /dev/null +++ b/testing/inetutils-syslogd/inetutils-syslogd.confd @@ -0,0 +1,9 @@ +# +# inetutils syslogd defaults +# + +# Internet connections are enabled if forwarding (which is the default). +# Example option to add a socket for chroot jailed openvpn server +#SYSLOGD_OPTS="--no-forward -a /etc/openvpn/jail/dev/log" + +SYSLOGD_OPTS="--no-forward" diff --git a/testing/inetutils-syslogd/inetutils-syslogd.initd b/testing/inetutils-syslogd/inetutils-syslogd.initd new file mode 100644 index 0000000..6baad86 --- /dev/null +++ b/testing/inetutils-syslogd/inetutils-syslogd.initd @@ -0,0 +1,50 @@ +#!/sbin/runscript + +# This file is part of inetutils-syslogd +# Created for Alpine Linux by IT Offshore <developer@it-offshore.co.uk> + +name=syslogd +daemon=/usr/sbin/$name +config_file="/etc/syslog.conf" + +depend() { + need clock hostname localmount + provide logger +} + +check_config() { + [ -f "$config_file" ] || error "$config_file is missing" +} + +start_pre() { + check_config || return 1 +} + +start() { + ebegin "Starting ${name}" + start-stop-daemon --start --quiet \ + --pidfile /var/run/${name}.pid \ + --exec ${daemon} -- ${SYSLOGD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping ${name}" + start-stop-daemon --stop --quiet \ + --pidfile /var/run/$name.pid \ + --exec ${daemon} + eend $? +} + +reload() { + if [ ! -f "${PIDFILE}" ]; then + eerror "rsyslogd not running" + return 1 + fi + + ebegin "Re-opening intetutils-syslogd log files" + start-stop-daemon --stop --signal HUP \ + --pidfile /var/run/$name.pid + eend $? +} + diff --git a/testing/inetutils-syslogd/inetutils-syslogd.logrotate b/testing/inetutils-syslogd/inetutils-syslogd.logrotate new file mode 100644 index 0000000..9edb145 --- /dev/null +++ b/testing/inetutils-syslogd/inetutils-syslogd.logrotate @@ -0,0 +1,38 @@ +/var/log/syslog +{ + rotate 7 + daily + missingok + notifempty + delaycompress + compress + postrotate + /etc/init.d/inetutils-syslogd reload &>/dev/null || true + endscript +} + +/var/log/mail.info +/var/log/mail.warn +/var/log/mail.err +/var/log/mail.log +/var/log/daemon.log +/var/log/kern.log +/var/log/auth.log +/var/log/user.log +/var/log/lpr.log +/var/log/cron.log +/var/log/debug +/var/log/messages +{ + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + /etc/init.d/inetutils-syslogd reload &>/dev/null || true + endscript +} + diff --git a/testing/inetutils-syslogd/inetutils-syslogd.post-deinstall b/testing/inetutils-syslogd/inetutils-syslogd.post-deinstall new file mode 100644 index 0000000..1694252 --- /dev/null +++ b/testing/inetutils-syslogd/inetutils-syslogd.post-deinstall @@ -0,0 +1,18 @@ +#!/bin/sh + +print_info() { + echo -n -e '\e[1;36m' + echo -n $1 + echo -e '\e[0m' +} + +print_info "Would you like to re-enable BusyBox Syslog & start cron ? (enter or y to re-enable): "; read enable_syslog + +if [ -z "$enable_syslog" ] || [ "$enable_syslog" = "y" ] || [ "$enable_syslog" = "Y" ]; then + rc-update add syslog boot + rc-service syslog start + #removing any syslog also stops cron as it depends on logger + rc-service cron start +fi + + diff --git a/testing/inetutils-syslogd/inetutils-syslogd.post-install b/testing/inetutils-syslogd/inetutils-syslogd.post-install new file mode 100644 index 0000000..d92a3c1 --- /dev/null +++ b/testing/inetutils-syslogd/inetutils-syslogd.post-install @@ -0,0 +1,11 @@ +#!/bin/sh + +# stop & remove busybox syslog service +rc-update syslog stop +rc-update del syslog boot +# add & start inetutils-syslogd +rc-update add inetutils-syslogd boot +rc-service inetutils-syslogd start +# stopping any syslog also stops cron which depends on logger +rc-service cron start +exit 0 diff --git a/testing/inetutils-syslogd/syslog.conf b/testing/inetutils-syslogd/syslog.conf new file mode 100644 index 0000000..27141bf --- /dev/null +++ b/testing/inetutils-syslogd/syslog.conf @@ -0,0 +1,38 @@ +# +# First some standard log files. Log by facility. +# +auth,authpriv.* /var/log/auth.log +*.*;auth,authpriv.none -/var/log/syslog +cron.* /var/log/cron.log +daemon.* -/var/log/daemon.log +kern.* -/var/log/kern.log +lpr.* -/var/log/lpr.log +mail.* -/var/log/mail.log +user.* -/var/log/user.log + +# +# Logging for the mail system. Split it up so that +# it is easy to write scripts to parse these files. +# +mail.info -/var/log/mail.info +mail.warn -/var/log/mail.warn +mail.err /var/log/mail.err + +# +# Logging for INN news system. +# +news.crit /var/log/news/news.crit +news.err /var/log/news/news.err +news.notice -/var/log/news/news.notice + +# +# Some "catch-all" log files. +# +*.=debug;\ + auth,authpriv.none;\ + news.none;mail.none -/var/log/debug +*.=info;*.=notice;*.=warn;\ + auth,authpriv.none;\ + cron,daemon.none;\ + mail,news.none -/var/log/messages + -- 1.8.4.2 --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---