net-analyzer/sguil-server: Version 1.0.0

Package-Manager: Portage-2.3.68, Repoman-2.3.16
Signed-off-by: Jeroen Roovers <[email protected]>

net-analyzer/sguil-server/Manifest

@@ -1,2 +1,3 @@
 DIST sguil-0.9.0.tar.gz 464204 BLAKE2B 147b743fd8f70969ee560a3f6995775c40cfbaf543d8292f16aa6f02289edde54207a3cddb4969229e0a123dad2fb589eaef3bddb016e6ff408a3d9be4c7820d SHA512 3f300901d0f0260fbc950b4c7604e3dc3eeb2d088ff45171db84e2d58e281242bf3582eac51162968f1f3766961aec4d0a7af54e85773102ee643a52e879cfa6
+DIST sguil-1.0.0.tar.gz 892934 BLAKE2B 69459eed682d91a1b57ba08c141dd655dbbfaa0d9d2956e6a26065f1b6820307b0e0e4dcbcad89537eba7499aea38f81739c351246e3dd6c46cab46bdf0d054f SHA512 fc3007383f90c99a0ace3eeebac75864f9aa549676e784c7bf1d81222282e3a5a3d5290b121097ae3c027dee3dd35bbe8ac9dfede04dbd561edfd3948a0465ab
 DIST sguil-server-0.8.0.tar.gz 102236 BLAKE2B 15dfe03f79bba92486e12fa85a368e01005c8587abd7119ef5264c14efaf8f8861346c1744590316a2a40160d11b3042abe8456f911fee677d83846561a8ee70 SHA512 84161365579e3b4227314d9f61afad6ad220261525d7fc8016210a13ee607815eb33178bab026f8a217c43a42f2e623c41d579c5898f58207a18e31685426710

net-analyzer/sguil-server/sguil-server-1.0.0.ebuild

@@ -0,0 +1,101 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+inherit ssl-cert user
+
+MY_PV="${PV/_p/p}"
+DESCRIPTION="Daemon for Sguil Network Security Monitoring"
+HOMEPAGE="https://github.com/bammv/sguil"
+SRC_URI="${HOMEPAGE}/archive/v${PV}.tar.gz -> ${P/-server}.tar.gz"
+
+LICENSE="GPL-2 QPL"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="ssl"
+
+DEPEND="
+	>=dev-lang/tcl-8.3:0=[-threads]
+	>=dev-tcltk/tclx-8.3
+	dev-tcltk/tcllib
+	dev-tcltk/mysqltcl
+	ssl? ( >=dev-tcltk/tls-1.4.1 )
+"
+RDEPEND="
+	${DEPEND}
+	net-analyzer/p0f
+	net-analyzer/tcpflow
+	net-misc/openssh
+"
+
+S="${WORKDIR}/sguil-${MY_PV}"
+
+pkg_setup() {
+	enewgroup sguil
+	enewuser sguil -1 -1 /var/lib/sguil sguil
+}
+
+src_prepare(){
+	default
+	sed -i \
+		-e 's:DEBUG 2:DEBUG 1:' -e 's:DAEMON 0:DAEMON 1:' \
+		-e 's:SGUILD_LIB_PATH ./lib:SGUILD_LIB_PATH /usr/'$(get_libdir)'/sguild:g' \
+		-e 's:/sguild_data/rules:/var/lib/sguil/rules:g' \
+		-e 's:/sguild_data/archive:/var/lib/sguil/archive:g' \
+		server/sguild.conf || die
+}
+
+src_install(){
+	dodoc server/sql_scripts/*
+	dodoc doc/CHANGES doc/OPENSSL.README doc/USAGE doc/INSTALL \
+	doc/TODO doc/sguildb.dia
+
+	insopts -m640
+	insinto /etc/sguil
+	doins server/{sguild.email,sguild.users,sguild.conf,sguild.queries,sguild.access,autocat.conf}
+
+	insinto /usr/$(get_libdir)/sguild
+	doins server/lib/*
+	dobin server/sguild
+	newinitd "${FILESDIR}/sguild.initd" sguild
+	newconfd "${FILESDIR}/sguild.confd" sguild
+
+	if use ssl; then
+		sed -i -e "s/#OPENSSL/OPENSSL/" "${D}/etc/conf.d/sguild"
+	fi
+
+	diropts -g sguil -o sguil
+	keepdir \
+		/var/lib/sguil \
+		/var/lib/sguil/archive \
+		/var/lib/sguil/rules
+
+}
+
+pkg_postinst(){
+	if use ssl && ! [ -f "${ROOT}"/etc/sguil/sguild.key ]; then
+		install_cert /etc/sguil/sguild
+	fi
+
+	chown -R sguil:sguil "${ROOT}"/etc/sguil/sguild.*
+	chown -R sguil:sguil "${ROOT}"/usr/lib/sguild
+
+	if [ -d "${ROOT}"/etc/snort/rules ] ; then
+		ln -s /etc/snort/rules "${ROOT}"/var/lib/sguil/rules/${HOSTNAME}
+	fi
+
+	elog
+	elog "Please customize the sguild configuration files in /etc/sguild before"
+	elog "trying to run the daemon. Additionally you will need to setup the"
+	elog "mysql database. See /usr/share/doc/${PF}/INSTALL.gz for information."
+	elog "Please note that it is STRONGLY recommended to mount a separate"
+	elog "filesystem at /var/lib/sguil for both space and performance reasons"
+	elog "as a large amount of data will be kept in the directory structure"
+	elog "underneath that top directory."
+	elog
+	elog "You should create the sguild db as per the install instructions in"
+	elog "/usr/share/doc/${PF}/ and use the appropriate"
+	elog "database setup script located in the same directory."
+
+	elog
+}