blob: 67ffeb81169bd14d8245abfb95604eecc92e5a87 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-server/sguil-server-0.5.3.ebuild,v 1.3 2005/10/13 15:22:15 swegener Exp $
inherit eutils ssl-cert
DESCRIPTION="Daemon for Sguil Network Security Monitoring"
HOMEPAGE="http://sguil.sourceforge.net"
SRC_URI="mirror://sourceforge/sguil/sguil-server-${PV}.tar.gz"
LICENSE="QPL"
SLOT="0"
KEYWORDS="~x86"
IUSE="ssl"
DEPEND=">=dev-lang/tcl-8.3
>=dev-tcltk/tclx-8.3
dev-tcltk/tcllib
dev-tcltk/mysqltcl
ssl? ( >=dev-tcltk/tls-1.4.1 )"
RDEPEND="${DEPEND}
net-analyzer/p0f
net-analyzer/tcpflow
net-misc/openssh"
S=${WORKDIR}/sguil-${PV}
pkg_setup() {
if built_with_use dev-lang/tcl threads ; then
eerror
eerror "Sguil does not run when tcl was built with threading enabled."
eerror "Please rebuild tcl without threads and reemerge this ebuild."
eerror
die
fi
enewgroup sguil
enewuser sguil -1 -1 /var/lib/sguil sguil
}
src_unpack(){
unpack ${A}
cd ${S}/server
sed -i -e 's:DEBUG 2:DEBUG 1:' -e 's:DAEMON 0:DAEMON 1:' \
-e 's:SGUILD_LIB_PATH ./lib:SGUILD_LIB_PATH /usr/lib/sguild:g' \
-e 's:/sguild_data/rules:/var/lib/sguil/rules:g' \
-e 's:/sguild_data/archive:/var/lib/sguil/archive:g' \
sguild.conf || die "sed failed"
}
src_install(){
dodoc server/sql_scripts/*
dodoc doc/CHANGES doc/OPENSSL.README doc/USAGE doc/INSTALL \
doc/TODO doc/sguildb.dia
insopts -m640
insinto /etc/sguil
doins server/{sguild.users,sguild.conf,sguild.queries,sguild.access,autocat.conf}
insinto /usr/lib/sguild
doins server/lib/*
dobin server/sguild
newinitd "${FILESDIR}/sguild.initd" sguild
newconfd "${FILESDIR}/sguild.confd" sguild
if use ssl
then
sed -i -e "s/#OPENSSL/OPENSSL/" "${D}/etc/conf.d/sguild"
if ! [ -f ${ROOT}/etc/sguil/sguild.key ]; then
insinto /etc/sguil
docert sguild
fi
fi
diropts -g sguil -o sguil
keepdir /var/run/sguil \
/var/lib/sguil \
/var/lib/sguil/archive \
/var/lib/sguil/rules
}
pkg_postinst(){
if [ -d ${ROOT}/etc/snort/rules ] ; then
ln -s /etc/snort/rules ${ROOT}/var/lib/sguil/rules/${HOSTNAME}
fi
einfo
einfo "Please customize the sguild configuration files in /etc/sguild before"
einfo "trying to run the daemon. Additionally you will need to setup the"
einfo "mysql database. See /usr/share/doc/${PF}/INSTALL.gz for information."
einfo "Please note that it is STRONGLY recommended to mount a separate"
einfo "filesystem at /var/lib/sguil for both space and performance reasons"
einfo "as a large amount of data will be kept in the directory structure"
einfo "underneath that top directory."
einfo
einfo "You should create the sguild db as per the instructions in"
einfo "/usr/share/doc/${PF}/INSTALL.gz and use the appropriate"
einfo "database setup script located in the same directory."
einfo
}
|