From: Patrick Lauer Date: Wed, 11 Jan 2012 08:17:41 +0000 (+0000) Subject: Bump X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=5e2b6b2fabaf9d8538bf6cfd1aa4b090f3e95e70;p=gentoo.git Bump Package-Manager: portage-2.2.0_alpha83/cvs/Linux x86_64 --- diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog index 7e8539d8e837..9718490729e3 100644 --- a/net-analyzer/snort/ChangeLog +++ b/net-analyzer/snort/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-analyzer/snort -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.187 2011/09/29 06:04:55 pva Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.188 2012/01/11 08:17:41 patrick Exp $ + +*snort-2.9.2 (11 Jan 2012) + + 11 Jan 2012; Patrick Lauer +snort-2.9.2.ebuild: + Bump 29 Sep 2011; Peter Volkov snort-2.9.1.ebuild: Fix inability to remove .la files, bug 384443 thank Juergen Rose for report diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest index 37f5250366e1..57eaa7886cf3 100644 --- a/net-analyzer/snort/Manifest +++ b/net-analyzer/snort/Manifest @@ -14,6 +14,7 @@ DIST snort-2.8.6.tar.gz 4960740 RMD160 5b549eab39a6e0a0f182f6d2ee46fd60995c822e DIST snort-2.9.0.4-r1.tar.gz 5812096 RMD160 e33ff54d72334413cf7970c418370e4f8a953c9e SHA1 a803fae561f829c2dad7e61f0a9b8f75f72356de SHA256 053d1562f4ffc1793188f0d2475c043ddae42b33f8b93be45d7e67dbc7424b8d DIST snort-2.9.0.5.tar.gz 5867934 RMD160 668c586c8cfab905c18af08ca6b61b96dddb398a SHA1 b4565d3a8387f6b5e7aceb3aee80803ceabf80f2 SHA256 f997fddbbd1a5f7ccdd4153610b0916fcbe105ea3316d4ed3487fd0054287e94 DIST snort-2.9.1.tar.gz 6217639 RMD160 81070dd6b18f106368473c396d82261e7db1dc3d SHA1 b1ae80bbfd9145cae89c6249f4b5176fbccbf90d SHA256 1e69de95c8956191b26d19138a2fb7b6f2faf519f601aa3c7d779593c48830c2 +DIST snort-2.9.2.tar.gz 6467539 RMD160 a7fbd23086e87e5371a16ac25a6a6e0e740e94ad SHA1 b903e6e71b0bbf58703d9b1d8d9253807b9656f8 SHA256 04d375b627dd256d6257f2cbe5a770e4552e3f35d5e2100b97f75426b600d8cb EBUILD snort-2.8.5.1.ebuild 10255 RMD160 c20884731d63f87fda08c4cefc27032f32a45fcc SHA1 78fba4dd7e17177071fcfc043c6d268dfd1c0fe1 SHA256 4712367f62d48e94d0ada7c53e1902e2b9215f990b176186f80d9513dee43e81 EBUILD snort-2.8.5.3.ebuild 10255 RMD160 8664ac1012b5cd104fcef298a29c6e7e2f33e4fa SHA1 efc68f670381a50fea54ebac6ed49447732340c6 SHA256 88ed50e2f114af64e037fdf62d7ffbcf8d52a6fd8b632bbd482e3b458b1ba1ed EBUILD snort-2.8.6.1.ebuild 10453 RMD160 7028aad5e61746e33a6f87134f33a074ae8424c8 SHA1 ac13164766e99b9efb8b564b980bd09e08f6738d SHA256 3703979c75830d335cd03a77fd68b85e001f586c6c598b05e84648ee35994809 @@ -21,5 +22,6 @@ EBUILD snort-2.8.6.ebuild 10130 RMD160 c2b00348106ddd42fd1d85e81379172a967f362e EBUILD snort-2.9.0.4-r1.ebuild 9893 RMD160 d2c79206d777528bf798737d53f4d3b8cfcbff3c SHA1 c20ce779028cb97368fcaff15443abeff38c04b3 SHA256 33abee6ef5d662cb3854f268cf3dd596a281b2c10b5d15e87f5ac2cc7204e815 EBUILD snort-2.9.0.5.ebuild 10179 RMD160 1bff0dc4e6489fbefd6452fe27743f9b092efd55 SHA1 c742d26a91a26007d523f6cc2fb45e6948422ff3 SHA256 72c4194ee295d96529f6d6d30a12bc3b60f3a312a3a59cc0983fdc9e24195d37 EBUILD snort-2.9.1.ebuild 9303 RMD160 c3f60e913f05a6bf3f0548832c45de9ac223c74a SHA1 7d2dfdd4df77af8b12a89f0fa76769a025eb5dc3 SHA256 46020d7219b5a6ac5ecae19035d754e3ba1c78b78667e0f11b2d12a14516e1a8 -MISC ChangeLog 32525 RMD160 eeaca6b598549ca03fe2432bf18a2eec8c0776e3 SHA1 49978f1430f21de19b94e113713eb6c54cf684b3 SHA256 2bec71a7b4c95c63f4afe303995960114018d7783efd6a51f88c05e724a0c0ed +EBUILD snort-2.9.2.ebuild 9307 RMD160 d06220088e02f98b2a0d94b465a23c49e31cf47f SHA1 07a4c801a35c6ac99acbd5e6d43452b60cef194e SHA256 23ad3169d7b2dde8c6f142fc77294a7db7b597cd6ee7312cbcd228ecb482d951 +MISC ChangeLog 32636 RMD160 6fa37bc117a488ad419d8e3c06e282d722be3c5e SHA1 4e016ad62ec43e1399c1d8607c613ba599f0a573 SHA256 1395c106cbdd3941681cd8c4522c158d69b69e09f7ac1a27f3791355594b323c MISC metadata.xml 5524 RMD160 d307f40c1dfece37a0bf5bdc9264141bdd86f61a SHA1 0b88ce23a95d7c96ffb15609761d143c64ba1c10 SHA256 621972507e7e2d501d947c4acefc1d5a700173171f95d838a675bcfca135251d diff --git a/net-analyzer/snort/snort-2.9.2.ebuild b/net-analyzer/snort/snort-2.9.2.ebuild new file mode 100644 index 000000000000..7ac097f86b02 --- /dev/null +++ b/net-analyzer/snort/snort-2.9.2.ebuild @@ -0,0 +1,264 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.9.2.ebuild,v 1.1 2012/01/11 08:17:41 patrick Exp $ + +EAPI="2" +inherit eutils autotools multilib + +DESCRIPTION="The de facto standard for intrusion detection/prevention" +HOMEPAGE="http://www.snort.org/" +SRC_URI="http://www.snort.org/downloads/1347 -> ${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased +decoder-preprocessor-rules ++ppm +perfprofiling linux-smp-stats inline-init-failopen +threads debug +active-response ++normalizer reload-error-restart +react +flexresp3 +paf large-pcap-64bit +aruba mysql odbc postgres selinux" + +DEPEND=">=net-libs/libpcap-1.0.0 + >=net-libs/daq-0.5 + >=dev-libs/libpcre-6.0 + dev-libs/libdnet + postgres? ( dev-db/postgresql-base ) + mysql? ( virtual/mysql ) + odbc? ( dev-db/unixODBC ) + zlib? ( sys-libs/zlib )" + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-snort )" + +pkg_setup() { + + if use zlib && ! use dynamicplugin; then + eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag." + eerror "'zlib' requires 'dynamicplugin' be enabled." + die + fi + + # pre_inst() is a better place to put this + # but we need it here for the 'fowners' statements in src_install() + enewgroup snort + enewuser snort -1 -1 /dev/null snort + +} + +src_prepare() { + + #Multilib fix for the sf_engine + einfo "Applying multilib fix." + sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ + "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ + || die "sed for sf_engine failed" + + #Multilib fix for the curent set of dynamic-preprocessors + for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation; do + sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ + "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ + || die "sed for $i failed." + done + + AT_M4DIR=m4 eautoreconf +} + +src_configure() { + + econf \ + $(use_enable !static shared) \ + $(use_enable static) \ + $(use_enable static so-with-static-lib) \ + $(use_enable dynamicplugin) \ + $(use_enable zlib) \ + $(use_enable gre) \ + $(use_enable mpls) \ + $(use_enable targetbased) \ + $(use_enable decoder-preprocessor-rules) \ + $(use_enable ppm) \ + $(use_enable perfprofiling) \ + $(use_enable linux-smp-stats) \ + $(use_enable inline-init-failopen) \ + $(use_enable threads pthread) \ + $(use_enable debug) \ + $(use_enable debug debug-msgs) \ + $(use_enable debug corefiles) \ + $(use_enable !debug dlclose) \ + $(use_enable active-response) \ + $(use_enable normalizer) \ + $(use_enable reload-error-restart) \ + $(use_enable react) \ + $(use_enable flexresp3) \ + $(use_enable paf) \ + $(use_enable large-pcap-64bit large-pcap) \ + $(use_enable aruba) \ + $(use_with mysql) \ + $(use_with odbc) \ + $(use_with postgres postgresql) \ + --enable-ipv6 \ + --enable-reload \ + --disable-prelude \ + --disable-build-dynamic-examples \ + --disable-profile \ + --disable-ppm-test \ + --disable-intel-soft-cpm \ + --disable-static-daq \ + --disable-rzb-saac \ + --without-oracle +} + +src_install() { + + emake DESTDIR="${D}" install || die "emake failed" + + dodir /var/log/snort \ + /var/run/snort \ + /etc/snort/rules \ + /etc/snort/so_rules \ + /usr/$(get_libdir)/snort_dynamicrules \ + || die "Failed to create core directories" + + # config.log and build.log are needed by Sourcefire + # to trouble shoot build problems and bug reports so we are + # perserving them incase the user needs upstream support. + dodoc RELEASE.NOTES ChangeLog \ + doc/* \ + tools/u2boat/README.u2boat \ + schemas/* || die "Failed to install snort docs" + + insinto /etc/snort + doins etc/attribute_table.dtd \ + etc/classification.config \ + etc/gen-msg.map \ + etc/reference.config \ + etc/threshold.conf \ + etc/unicode.map || die "Failed to install docs in etc" + + # We use snort.conf.distrib because the config file is complicated + # and the one shipped with snort can change drastically between versions. + # Users should migrate setting by hand and not with etc-update. + newins etc/snort.conf snort.conf.distrib \ + || die "Failed to add snort.conf.distrib" + + # config.log and build.log are needed by Sourcefire + # to troubleshoot build problems and bug reports so we are + # perserving them incase the user needs upstream support. + # 'die' was intentionally not added here. + if [ -f "${WORKDIR}/${PF}/config.log" ]; then + dodoc "${WORKDIR}/${PF}/config.log" + fi + if [ -f "${T}/build.log" ]; then + dodoc "${T}/build.log" + fi + + insinto /etc/snort/preproc_rules + doins preproc_rules/decoder.rules \ + preproc_rules/preprocessor.rules \ + preproc_rules/sensitive-data.rules || die "Failed to install preproc rule files" + + fowners -R snort:snort \ + /var/log/snort \ + /var/run/snort \ + /etc/snort || die + + newinitd "${FILESDIR}/snort.rc11" snort || die "Failed to install snort init script" + newconfd "${FILESDIR}/snort.confd.2" snort || die "Failed to install snort confd file" + + # Sourcefire uses Makefiles to install docs causing Bug #297190. + # This removes the unwanted doc directory and rogue Makefiles. + rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" + rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" + + #Remove unneeded .la files (Bug #382863) + rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die + rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" + + # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection + sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the correct rule location in the config + sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the correct preprocessor/decoder rule location in the config + sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Enable the preprocessor/decoder rules + sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Just some clean up of trailing /'s in the config + sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Make it clear in the config where these are... + sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Disable all rule files by default. + sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Disable normalizer preprocessor config if normalizer USE flag not set. + if ! use normalizer; then + sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ + "${D}etc/snort/snort.conf.distrib" || die + fi + + # Set the configured DAQ to afpacket + sed -i -e 's|^# config daq: |config daq: afpacket|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the location of the DAQ modules + sed -i -e 's|^# config daq_dir: |config daq_dir: /usr/'$(get_libdir)'/daq|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the DAQ mode to passive + sed -i -e 's|^# config daq_mode: |config daq_mode: passive|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set snort to run as snort:snort + sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ + "${D}etc/snort/snort.conf.distrib" || die + sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the default log dir + sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the correct so_rule location in the config + sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ + "${D}etc/snort/snort.conf.distrib" || die +} + +pkg_postinst() { + + einfo "There have been a number of improvements and new features" + einfo "added to ${P}. Please review the RELEASE.NOTES and" + einfo "ChangLog located in /usr/share/doc/${PF}." + einfo + elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" + elog "users migrate their snort.conf customizations to the latest config" + elog "file released by the VRT. You can find the latest version of the" + elog "Snort config file in /etc/snort/snort.conf.distrib." + elog + elog "!! It is important that you migrate to this new snort.conf file !!" + elog + elog "This version of the ebuild includes an updated init.d file and" + elog "conf.d file that rely on options found in the latest Snort" + elog "config file provided by the VRT." + + if use debug; then + elog "You have the 'debug' USE flag enabled. If this has been done to" + elog "troubleshoot an issue by producing a core dump or a back trace," + elog "then you need to also ensure the FEATURES variable in make.conf" + elog "contains the 'nostrip' option." + fi +}