blob: 6632f1f5d4e407ddd0019be085adb62674ff6d7a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit autotools flag-o-matic tmpfiles systemd
DESCRIPTION="Sagan is a multi-threaded, real time system and event log monitoring system"
HOMEPAGE="https://sagan.quadrantsec.com/"
SRC_URI="https://sagan.quadrantsec.com/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="geoip +libdnet +lognorm mysql redis +pcap smtp"
BDEPEND="virtual/pkgconfig"
DEPEND="
acct-group/sagan
acct-user/sagan
app-admin/sagan-rules[lognorm?]
dev-libs/libpcre
dev-libs/libyaml
geoip? ( dev-libs/geoip )
lognorm? (
dev-libs/liblognorm
dev-libs/libfastjson:=
dev-libs/libestr
)
redis? ( dev-libs/hiredis )
pcap? ( net-libs/libpcap )
smtp? ( net-libs/libesmtp )
"
# Package no longer logs directly to a database
# and relies on Unified2 format to accomplish it
RDEPEND="
${DEPEND}
mysql? ( net-analyzer/barnyard2[mysql] )
"
REQUIRED_USE="mysql? ( libdnet )"
DOCS=( AUTHORS ChangeLog FAQ INSTALL README NEWS TODO )
src_prepare() {
default
eautoreconf
}
src_configure() {
append-flags -fcommon
# TODO: poke at strstr logic and enable/disable CPU_FLAGS_X86_*
# accordingly?
# Note that not all of these are used:
# https://github.com/quadrantsec/sagan/blob/main/m4/ax_ext.m4
local myeconfargs=(
$(use_enable smtp esmtp)
$(use_enable lognorm)
$(use_enable redis)
$(use_enable pcap libpcap)
$(use_enable geoip)
)
econf "${myeconfargs[@]}"
}
src_install() {
default
# No need to create this at build/install time
rm -r "${ED}"/var/run/ || die
# Fix paths in config file
sed -i \
-e "s:/usr/local/:${EPREFIX}/:" \
-e "s:/var/run/sagan:${EPREFIX}/run/sagan:" \
"${ED}"/etc/sagan.yaml || die
diropts -g sagan -o sagan -m 775
keepdir /var/log/sagan
touch "${ED}"/var/log/sagan/sagan.log || die
chown sagan.sagan "${ED}"/var/log/sagan/sagan.log || die
newinitd "${FILESDIR}"/sagan.init-r1 sagan
newconfd "${FILESDIR}"/sagan.confd sagan
systemd_dounit "${FILESDIR}"/sagan.service
newtmpfiles "${FILESDIR}"/sagan.tmpfiles sagan.conf
insinto /etc/logrotate.d
newins "${FILESDIR}"/sagan.logrotate sagan
docinto examples
dodoc -r extra/*
}
pkg_postinst() {
tmpfiles_process sagan.conf
if use smtp; then
ewarn "You have enabled smtp use flag. If you plan on using Sagan with"
ewarn "email, create valid writable home directory for user 'sagan'"
ewarn "For security reasons it was created with /dev/null home directory"
fi
einfo "For configuration assistance see"
einfo "http://wiki.quadrantsec.com/bin/view/Main/SaganHOWTO"
}
|