diff options
| -rw-r--r-- | security/zeek/Makefile | 22 | ||||
| -rw-r--r-- | security/zeek/files/pkg-message.in | 39 | ||||
| -rw-r--r-- | security/zeek/files/zeek.in | 88 | ||||
| -rw-r--r-- | security/zeek/pkg-plist | 15 |
4 files changed, 108 insertions, 56 deletions
diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 3dc8923fdba2..1574e60b9af2 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -3,6 +3,7 @@ PORTNAME= zeek PORTVERSION= 3.0.11 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= https://old.zeek.org/downloads/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} @@ -45,7 +46,7 @@ CMAKE_ARGS+= -GNinja \ ZEEKUSER?= zeek ZEEKGROUP?= zeek -PLIST_SUB+= ARCH=${ARCH:S/aarch64/arm64/} \ +PLIST_SUB+= ARCH=${UNAME_M} \ ZEEKUSER=${ZEEKUSER} \ ZEEKGROUP=${ZEEKGROUP} \ LCASE_OPSYS=${OPSYS:tl} @@ -98,13 +99,18 @@ ZEEKCTL_RUN_DEPENDS= ${LOCALBASE}/bin/bash:shells/bash \ USE_RC_SUBR= zeek .endif +post-patch: + # Silence the "use ZeekControl.plugin instead of BroControl.plugin" nag + @${REINPLACE_CMD} -e 's/^print/#&/' \ + ${WRKSRC}/aux/zeekctl/BroControl/__init__.py + post-install-ZEEKCTL-on: ${MKDIR} ${STAGEDIR}${PREFIX}/logs ${MKDIR} ${STAGEDIR}${PREFIX}/spool/tmp ${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/auto ${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/site .for F in zeekctl.cfg networks.cfg node.cfg - ${MV} ${STAGEDIR}${PREFIX}/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.example + ${MV} ${STAGEDIR}${PREFIX}/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.sample .endfor ${RM} ${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh ${LN} -s ../../../spool/zeekctl-config.sh \ @@ -112,14 +118,20 @@ post-install-ZEEKCTL-on: post-install: ${RM} -r ${STAGEDIR}${PREFIX}/share/zeek/cmake + ${MV} ${STAGEDIR}${DATADIR}/site/local.zeek \ + ${STAGEDIR}${DATADIR}/site/local.zeek.sample pre-install-ZEEKCTL-on: ${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d post-build-NETMAP-on: ${LN} -s ../.build ${WRKSRC}/build - (cd ${WRKSRC_bro_netmap} && ./configure --bro-dist=${WRKSRC} \ + cd ${WRKSRC_bro_netmap} && ./configure --bro-dist=${WRKSRC} \ --install-root=${STAGEDIR}${PREFIX}/lib/zeek/plugins && \ - make && make install) + make && make install + +.include <bsd.port.pre.mk> + +UNAME_M!= ${UNAME} -m -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff --git a/security/zeek/files/pkg-message.in b/security/zeek/files/pkg-message.in index df8a5c1509a0..f7c2e7c301a3 100644 --- a/security/zeek/files/pkg-message.in +++ b/security/zeek/files/pkg-message.in @@ -1,12 +1,39 @@ [ { type: install message: <<EOM -During deinstall of this package, the cfg files for broctl -are not deleted if you have edited them. Instead -the software will create a .sample file instead and the -edited files will remain in place when you upgrade. If you -want to delete them, you have to delete them and the directory, -%%PREFIX%%/etc manually. +During deinstall of this package, the cfg files for broctl are not +deleted if you have edited them. Instead the software will create +a .sample file instead and the edited files will remain in place +when you upgrade. If you want to delete them, you have to remove +the %%PREFIX%%/etc directory manually. + +The rc.d script now honors the zeek_user rc.d variable. To run as +a user other than root (the default) you need to make a few changes. +For example to run as the user zeek, add this to /etc/rc.conf: + + zeek_enable="YES" + zeek_user="zeek" + +Add this to /etc/devfs.conf: + + own bpf root:bpf + perm bpf 0660 + +And add zeek to the bpf group: + + bpf:*:81:zeek + +and restart the devfs service: + + service devfs restart + +or reboot. + +If the interface defined in node.cfg is configured for NIC checksum +offloading (the default when this feature is supported by the +hardware) you will want to set ignore_checksums in site/local.zeek: + + redef ignore_checksums = T; EOM } ] diff --git a/security/zeek/files/zeek.in b/security/zeek/files/zeek.in index 8b48b08d802e..327677ed98fa 100644 --- a/security/zeek/files/zeek.in +++ b/security/zeek/files/zeek.in @@ -17,65 +17,83 @@ node=$2 start_cmd="zeek_start" stop_cmd="zeek_stop" restart_cmd="zeek_restart" +check_cmd="zeek_check" deploy_cmd="zeek_deploy" install_cmd="zeek_install" cleanup_cmd="zeek_cleanup" restart_cmd="zeek_restart" status_cmd="zeek_status" -extra_commands="deploy install cleanup status restart" +extra_commands="check cleanup deploy install restart status" : ${zeekctl_program:=%%PREFIX%%/bin/zeekctl} +: ${zeek_user:=root} zeek_enable=${zeek_enable-"NO"} -zeek_start() { - if [ ! "${node}" ]; - then - $zeekctl_program start - else - $zeekctl_program start $node - fi +run() +{ + if [ "${zeek_user}" = "root" ]; then + $* + else + su -m ${zeek_user} -c "$*" + fi } -zeek_stop() { - if [ ! "${node}" ]; - then - $zeekctl_program stop - else - $zeekctl_program stop $node - fi +zeek_start() +{ + if [ ! "${node}" ]; then + run ${zeekctl_program} start + else + run ${zeekctl_program} start ${node} + fi +} + +zeek_stop() +{ + if [ ! "${node}" ]; then + run ${zeekctl_program} stop + else + run ${zeekctl_program} stop ${node} + fi } zeek_restart() { - if [ ! "${node}" ]; - then - $zeekctl_program restart - else - $zeekctl_program restart $node - fi + if [ ! "${node}" ]; then + run ${zeekctl_program} restart + else + run ${zeekctl_program} restart ${node} + fi +} + +zeek_check() +{ + run ${zeekctl_program} check } -zeek_deploy() { - $zeekctl_program deploy +zeek_deploy() +{ + run ${zeekctl_program} deploy } -zeek_install() { - $zeekctl_program install +zeek_install() +{ + run ${zeekctl_program} install } -zeek_cleanup() { - if [ ! "${node}" ]; - then - $zeekctl_program cleanup - else - $zeekctl_program cleanup ${node} - fi +zeek_cleanup() +{ + if [ ! "${node}" ]; then + run ${zeekctl_program} cleanup + else + run ${zeekctl_program} cleanup ${node} + fi } -zeek_status() { - $zeekctl_program status +zeek_status() +{ + run ${zeekctl_program} status } -load_rc_config $name +load_rc_config ${name} run_rc_command "$1" diff --git a/security/zeek/pkg-plist b/security/zeek/pkg-plist index 87a099b3a283..2a8a5949eada 100644 --- a/security/zeek/pkg-plist +++ b/security/zeek/pkg-plist @@ -1,4 +1,5 @@ @postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/logs +%%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/share/zeekctl/scripts %%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool %%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool/tmp %%ZEEKCTL%%@postexec chown -R %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool/installed-scripts-do-not-touch @@ -16,15 +17,9 @@ bin/zeek-config bin/zeek-cut bin/zeek-wrapper %%ZEEKCTL%%bin/zeekctl -%%ZEEKCTL%%@preunexec if cmp -s %D/etc/networks.cfg.example %D/etc/networks.cfg ; then rm -f %D/etc/networks.cfg; fi -%%ZEEKCTL%%etc/networks.cfg.example -%%ZEEKCTL%%@postexec if [ ! -f %D/etc/networks.cfg ] ; then cp -p %D/etc/networks.cfg.example %D/etc/networks.cfg; fi -%%ZEEKCTL%%@preunexec if cmp -s %D/etc/node.cfg.example %D/etc/node.cfg ; then rm -f %D/etc/node.cfg; fi -%%ZEEKCTL%%etc/node.cfg.example -%%ZEEKCTL%%@postexec if [ ! -f %D/etc/node.cfg ] ; then cp -p %D/etc/node.cfg.example %D/etc/node.cfg; fi -%%ZEEKCTL%%@preunexec if cmp -s %D/etc/zeekctl.cfg.example %D/etc/zeekctl.cfg ; then rm -f %D/etc/zeekctl.cfg; fi -%%ZEEKCTL%%etc/zeekctl.cfg.example -%%ZEEKCTL%%@postexec if [ ! -f %D/etc/zeekctl.cfg ] ; then cp -p %D/etc/zeekctl.cfg.example %D/etc/zeekctl.cfg; fi +@sample etc/networks.cfg.sample +@sample etc/node.cfg.sample +@sample etc/zeekctl.cfg.sample include/binpac/binpac.h include/binpac/binpac_analyzer.h include/binpac/binpac_buffer.h @@ -1722,7 +1717,7 @@ man/man8/zeek.8.gz %%DATADIR%%/policy/tuning/defaults/warnings.zeek %%DATADIR%%/policy/tuning/json-logs.zeek %%DATADIR%%/policy/tuning/track-all-assets.zeek -%%DATADIR%%/site/local.zeek +@sample %%DATADIR%%/site/local.zeek.sample %%ZEEKCTL%%%%DATADIR%%/zeekctl/__load__.zeek %%ZEEKCTL%%%%DATADIR%%/zeekctl/auto.zeek %%ZEEKCTL%%%%DATADIR%%/zeekctl/check.zeek |