commit: e7deb2ae837b631e218ffef3295771d1621c45b5
Author: Thomas Andrejak <thomas.andrejak <AT> gmail <DOT> com>
AuthorDate: Sun Jul 17 13:12:22 2016 +0000
Commit: Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
CommitDate: Fri Aug 5 01:10:12 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7deb2ae
app-admin/prelude-manager: New package
Prelude-Manager is a high availability server that accepts secured
connections from distributed sensors and saves received events to a
media specified by the user (database, log file, mail etc.).
app-admin/prelude-manager/Manifest | 1 +
.../files/prelude-manager-3.0.0-conf.patch | 11 ++++
.../files/prelude-manager-3.0.0-configure.patch | 57 ++++++++++++++++++++
.../files/prelude-manager-3.0.0-run.patch | 13 +++++
.../prelude-manager/files/prelude-manager.initd | 26 +++++++++
.../prelude-manager/files/prelude-manager.run | 4 ++
.../prelude-manager/files/prelude-manager.service | 14 +++++
app-admin/prelude-manager/metadata.xml | 28 ++++++++++
.../prelude-manager/prelude-manager-3.0.0.ebuild | 63 ++++++++++++++++++++++
9 files changed, 217 insertions(+)
diff --git a/app-admin/prelude-manager/Manifest
b/app-admin/prelude-manager/Manifest
new file mode 100644
index 0000000..fc1d19b
--- /dev/null
+++ b/app-admin/prelude-manager/Manifest
@@ -0,0 +1 @@
+DIST prelude-manager-3.0.0.tar.gz 1286459 SHA256
379de4c79ccdba4093e9c5a2b9e5c6cee8e8d8694e1358c3d248250c4957dc0b SHA512
4c16a353495179265375686ce9592c8cd044b4255060b78286466bd25f9b38634233c95af058e1c0b81e1b574ec9ada5b2db92d6d1f5594dfcddce572fd0fd67
WHIRLPOOL
35814a88e62e4bfdbd3e8c88f733cd304f8fb355d820ae9887da0c9e6b02936b7aed8d73a05cc458fbf01f7a9e48174d446b1174e1edd44637fadcdc282f3f92
diff --git a/app-admin/prelude-manager/files/prelude-manager-3.0.0-conf.patch
b/app-admin/prelude-manager/files/prelude-manager-3.0.0-conf.patch
new file mode 100644
index 0000000..246ce7d
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager-3.0.0-conf.patch
@@ -0,0 +1,11 @@
+--- a/prelude-manager.conf.in
++++ b/prelude-manager.conf.in
+@@ -361,7 +361,7 @@
+ # (same source, target and classification combination) every 2 minutes
+ # to reporting plugins (eg. to the database).
+ [thresholding]
+-path = alert.classification.text, alert.source.node.address.address,
alert.target.node.address.address
++path = alert.classification.text, alert.source(0).node.address(0).address,
alert.target(0).node.address(0).address
+ limit = 120
+ count = 100
+ hook = reporting
diff --git
a/app-admin/prelude-manager/files/prelude-manager-3.0.0-configure.patch
b/app-admin/prelude-manager/files/prelude-manager-3.0.0-configure.patch
new file mode 100644
index 0000000..bc1949f
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager-3.0.0-configure.patch
@@ -0,0 +1,57 @@
+When : when you try to use enable with libmaxmind, libpreludedb, xml, libwrap,
they are not working
+Why : Needed if you want to use useflags
+--- a/configure.in
++++ b/configure.in
+@@ -110,7 +110,10 @@
+ dnl **************************************************
+ LIBMAXMINDDB_MIN_VERSION=1.0.0
+
+-PKG_CHECK_MODULES([LIBMAXMINDDB], [libmaxminddb >=
$LIBMAXMINDDB_MIN_VERSION], enable_libmaxminddb=yes, enable_libmaxminddb=no)
++AC_ARG_ENABLE(libmaxminddb, AC_HELP_STRING(--enable-libmaxminddb, Define
whether libmaxminddb is available), , enable_libmaxminddb="yes")
++if test x$enable_libmaxminddb = xyes; then
++ PKG_CHECK_MODULES([LIBMAXMINDDB], [libmaxminddb >=
$LIBMAXMINDDB_MIN_VERSION], enable_libmaxminddb=yes, enable_libmaxminddb=no)
++fi
+ if test x$enable_libmaxminddb = xyes; then
+ AC_CHECK_HEADER(maxminddb.h, enable_libmaxminddb=yes,
enable_libmaxminddb=no)
+ fi
+@@ -126,11 +129,14 @@
+ dnl * Check for libpreludedb *
+ dnl **************************************************
+
+-AM_PATH_LIBPRELUDEDB(3.0.0, enable_libpreludedb=yes, enable_libpreludedb=no,
no)
+-AM_CONDITIONAL(HAVE_LIBPRELUDEDB, test x$enable_libpreludedb = xyes)
++AC_ARG_ENABLE(libpreludedb, AC_HELP_STRING(--enable-libpreludedb, Define
whether libpreludedb is available), , enable_libpreludedb="yes")
++if test x$enable_libpreludedb = xyes; then
++ AM_PATH_LIBPRELUDEDB(3.0.0, enable_libpreludedb=yes,
enable_libpreludedb=no, no)
++fi
+ if test x$enable_libpreludedb = xyes; then
+ AC_DEFINE_UNQUOTED(HAVE_LIBPRELUDEDB, , Define whether libpreludedb
is available)
+ fi
++AM_CONDITIONAL(HAVE_LIBPRELUDEDB, test x$enable_libpreludedb = xyes)
+
+
+
+@@ -138,7 +144,10 @@
+ dnl * Check for the Libxml2 *
+ dnl ********************************************************
+
+-AM_PATH_XML2(, enable_xmlmod=yes, enable_xmlmod=no)
++AC_ARG_ENABLE(xmlmod, AC_HELP_STRING(--enable-xmlmod, Enable XML), ,
enable_xmlmod="yes")
++if test x$enable_xmlmod = xyes; then
++ AM_PATH_XML2(, enable_xmlmod=yes, enable_xmlmod=no)
++fi
+ AM_CONDITIONAL(HAVE_XML2, test x$enable_xmlmod = xyes)
+
+
+@@ -147,9 +156,10 @@
+ dnl * TCP WRAPPER CHECK *
+ dnl **************************************************
+
++AC_ARG_WITH(libwrap, AC_HELP_STRING(--with-libwrap, Compile in libwrap
(tcp_wrappers) support.), , with_libwrap="yes")
+ AC_ARG_WITH(libwrap-prefix, AC_HELP_STRING(--with-libwrap-prefix@<:@=PFX@:>@,
+ Compile in libwrap (tcp_wrappers) support
@<:@default=auto@:>@.),
+- libwrap_required=true, with_libwrap="yes")
++ libwrap_required=true, )
+
+ if test x$with_libwrap != xno; then
+ LIBWRAP_INCLUDE="tcpd.h"
diff --git a/app-admin/prelude-manager/files/prelude-manager-3.0.0-run.patch
b/app-admin/prelude-manager/files/prelude-manager-3.0.0-run.patch
new file mode 100644
index 0000000..ef6d553
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager-3.0.0-run.patch
@@ -0,0 +1,13 @@
+When : everytime
+Why : since systemd, run dir has changed
+--- a/configure.in
++++ b/configure.in
+@@ -304,7 +304,7 @@
+
+ manager_failover_dir=$LOCALSTATEDIR/spool/prelude-manager/failover
+ manager_scheduler_dir=$LOCALSTATEDIR/spool/prelude-manager/scheduler
+-manager_run_dir=$LOCALSTATEDIR/run/prelude-manager
++manager_run_dir=/run/prelude-manager
+
+ AC_DEFINE_UNQUOTED(REPORT_PLUGIN_DIR, "$report_plugin_dir", Prelude-Manager
report plugin directory)
+ AC_DEFINE_UNQUOTED(DECODE_PLUGIN_DIR, "$decode_plugin_dir", Prelude-Manager
decode plugin directory)
diff --git a/app-admin/prelude-manager/files/prelude-manager.initd
b/app-admin/prelude-manager/files/prelude-manager.initd
new file mode 100755
index 0000000..4db7200
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager.initd
@@ -0,0 +1,26 @@
+#!/sbin/runscript
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+BIN_MANAGER=/usr/bin/prelude-manager
+PID_MANAGER=/run/prelude-manager/prelude-manager.pid
+
+depend() {
+ need net
+}
+
+start() {
+ ebegin "Starting prelude-manager"
+ checkpath -d -m 0755 -o root:root /run/prelude-manager
+ start-stop-daemon --start --exec $BIN_MANAGER \
+ --pidfile $PID_MANAGER -- -d -P $PID_MANAGER
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping prelude-manager"
+ start-stop-daemon --stop --exec $BIN_MANAGER \
+ --pidfile $PID_MANAGER
+ eend $?
+}
diff --git a/app-admin/prelude-manager/files/prelude-manager.run
b/app-admin/prelude-manager/files/prelude-manager.run
new file mode 100644
index 0000000..7398084
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager.run
@@ -0,0 +1,4 @@
+# Configuration to create /run/prelude-manager directory
+# Used as part of systemd's tmpfiles
+
+d /run/prelude-manager 0755 root root
diff --git a/app-admin/prelude-manager/files/prelude-manager.service
b/app-admin/prelude-manager/files/prelude-manager.service
new file mode 100644
index 0000000..15eee91
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Prelude-Manager service
+DefaultDependencies=no
+After=remote_fs.target
+Before=prelude-lml.service prelude-correlator.service
+
+[Service]
+ExecStart=/usr/bin/prelude-manager -d -P
/run/prelude-manager/prelude-manager.pid
+Type=forking
+PIDFile=/run/prelude-manager/prelude-manager.pid
+Restart=always
+
+[Install]
+WantedBy=prelude-lml.service prelude-correlator.service multi-user.target
diff --git a/app-admin/prelude-manager/metadata.xml
b/app-admin/prelude-manager/metadata.xml
new file mode 100644
index 0000000..5990a2a
--- /dev/null
+++ b/app-admin/prelude-manager/metadata.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+ <maintainer type="person">
+ <email>thomas.andre...@gmail.com</email>
+ <name>Thomas Andrejak</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>proxy-ma...@gentoo.org</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+ <longdescription lang="en">
+ Prelude-Manager is a high availability server that
+ accepts secured connections from distributed sensors
+ and saves received events to a media specified by the user
+ (database, log file, mail etc.). The server schedules and
+ establishes the priorities of treatment according to the
+ critical character and the source of the alerts.
+ </longdescription>
+ <use>
+ <flag name="tcpwrapper">Enables Prelude Manager using
+ tcp wrapper. It requires <pkg>sys-apps/tcp-wrappers</pkg>
+ .</flag>
+ <flag name="dbx">Enables Prelude Manager storing Prelude
+ alerts into database through <pkg>dev-libs/libpreludedb</pkg>
+ .</flag>
+ </use>
+</pkgmetadata>
diff --git a/app-admin/prelude-manager/prelude-manager-3.0.0.ebuild
b/app-admin/prelude-manager/prelude-manager-3.0.0.ebuild
new file mode 100644
index 0000000..74a4fc8
--- /dev/null
+++ b/app-admin/prelude-manager/prelude-manager-3.0.0.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools eutils systemd
+
+DESCRIPTION="Bus communication for all Prelude modules"
+HOMEPAGE="https://www.prelude-siem.org";
+SRC_URI="https://www.prelude-siem.org/pkg/src/3.0.0/${P}.tar.gz";
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="tcpwrapper xml geoip dbx"
+
+RDEPEND="net-libs/gnutls
+ dev-libs/libprelude
+ dbx? ( dev-libs/libpreludedb )
+ tcpwrapper? ( sys-apps/tcp-wrappers )
+ xml? ( dev-libs/libxml2 )
+ geoip? ( dev-libs/libmaxminddb )"
+
+DEPEND="${RDEPEND}
+ virtual/pkgconfig"
+
+PATCHES=(
+ "${FILESDIR}/${P}-conf.patch"
+ "${FILESDIR}/${P}-configure.patch"
+ "${FILESDIR}/${P}-run.patch"
+)
+
+src_prepare() {
+ default_src_prepare
+
+ mv "${S}/configure.in" "${S}/configure.ac" || die "mv failed"
+
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ --localstatedir=/var \
+ $(use_enable dbx libpreludedb) \
+ $(use_with tcpwrapper libwrap) \
+ $(use_enable xml xmlmod) \
+ $(use_enable geoip libmaxminddb)
+}
+
+src_install() {
+ default_src_install
+
+ rm -rv "${D}/run" || die "rm failed"
+ keepdir /var/spool/prelude-manager{,/failover,/scheduler}
+
+ prune_libtool_files --modules
+
+ systemd_dounit "${FILESDIR}/${PN}.service"
+ systemd_newtmpfilesd "${FILESDIR}/${PN}.run" "${PN}.conf"
+
+ newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+}
