Package: psad Version: 2.4.3-1.2 Severity: normal Tags: bullseye sid Dear Maintainer,
Please consider adding a native systemd service masking the already shipped init script (fixes lintian tag[1] in subject). I've attached my own attempt at writing a service file, based off looking at what the init script does. Note that it is completely untested (as I don't use psad myself). You should be able to just drop the psad.service in the debian/ directory and then I would recommend bumping debhelper compat to >= 10 which will give you automatic handling of the service file (and also note that debhelper 9 is now deprecated). Additional improvements eg. using security hardening[2] could also be added. Regards, Andreas Henriksson [1]: https://lintian.debian.org/tags/missing-systemd-service-for-init.d-script.html [2]: https://lintian.debian.org/tags/systemd-service-file-missing-hardening-features.html
[Unit] Description=Port Scan Attack Detector (psad) After=network.target ConditionPathExists=/etc/psad/psad.conf Wants=netfilter-persistent.service [Service] Type=forking PIDFile=/run/psad/psad.pid #Environment=DAEMON_ARGS= EnvironmentFile=-/etc/default/psad RuntimeDirectory=psad ExecStart=/usr/sbin/psad $DAEMON_ARGS # TODO: security hardening [Install] WantedBy=multi-user.target
