diff options
Diffstat (limited to 'security/zeek/files')
| -rw-r--r-- | security/zeek/files/pkg-message.in | 39 | ||||
| -rw-r--r-- | security/zeek/files/zeek.in | 88 |
2 files changed, 86 insertions, 41 deletions
diff --git a/security/zeek/files/pkg-message.in b/security/zeek/files/pkg-message.in index df8a5c1509a0..f7c2e7c301a3 100644 --- a/security/zeek/files/pkg-message.in +++ b/security/zeek/files/pkg-message.in @@ -1,12 +1,39 @@ [ { type: install message: <<EOM -During deinstall of this package, the cfg files for broctl -are not deleted if you have edited them. Instead -the software will create a .sample file instead and the -edited files will remain in place when you upgrade. If you -want to delete them, you have to delete them and the directory, -%%PREFIX%%/etc manually. +During deinstall of this package, the cfg files for broctl are not +deleted if you have edited them. Instead the software will create +a .sample file instead and the edited files will remain in place +when you upgrade. If you want to delete them, you have to remove +the %%PREFIX%%/etc directory manually. + +The rc.d script now honors the zeek_user rc.d variable. To run as +a user other than root (the default) you need to make a few changes. +For example to run as the user zeek, add this to /etc/rc.conf: + + zeek_enable="YES" + zeek_user="zeek" + +Add this to /etc/devfs.conf: + + own bpf root:bpf + perm bpf 0660 + +And add zeek to the bpf group: + + bpf:*:81:zeek + +and restart the devfs service: + + service devfs restart + +or reboot. + +If the interface defined in node.cfg is configured for NIC checksum +offloading (the default when this feature is supported by the +hardware) you will want to set ignore_checksums in site/local.zeek: + + redef ignore_checksums = T; EOM } ] diff --git a/security/zeek/files/zeek.in b/security/zeek/files/zeek.in index 8b48b08d802e..327677ed98fa 100644 --- a/security/zeek/files/zeek.in +++ b/security/zeek/files/zeek.in @@ -17,65 +17,83 @@ node=$2 start_cmd="zeek_start" stop_cmd="zeek_stop" restart_cmd="zeek_restart" +check_cmd="zeek_check" deploy_cmd="zeek_deploy" install_cmd="zeek_install" cleanup_cmd="zeek_cleanup" restart_cmd="zeek_restart" status_cmd="zeek_status" -extra_commands="deploy install cleanup status restart" +extra_commands="check cleanup deploy install restart status" : ${zeekctl_program:=%%PREFIX%%/bin/zeekctl} +: ${zeek_user:=root} zeek_enable=${zeek_enable-"NO"} -zeek_start() { - if [ ! "${node}" ]; - then - $zeekctl_program start - else - $zeekctl_program start $node - fi +run() +{ + if [ "${zeek_user}" = "root" ]; then + $* + else + su -m ${zeek_user} -c "$*" + fi } -zeek_stop() { - if [ ! "${node}" ]; - then - $zeekctl_program stop - else - $zeekctl_program stop $node - fi +zeek_start() +{ + if [ ! "${node}" ]; then + run ${zeekctl_program} start + else + run ${zeekctl_program} start ${node} + fi +} + +zeek_stop() +{ + if [ ! "${node}" ]; then + run ${zeekctl_program} stop + else + run ${zeekctl_program} stop ${node} + fi } zeek_restart() { - if [ ! "${node}" ]; - then - $zeekctl_program restart - else - $zeekctl_program restart $node - fi + if [ ! "${node}" ]; then + run ${zeekctl_program} restart + else + run ${zeekctl_program} restart ${node} + fi +} + +zeek_check() +{ + run ${zeekctl_program} check } -zeek_deploy() { - $zeekctl_program deploy +zeek_deploy() +{ + run ${zeekctl_program} deploy } -zeek_install() { - $zeekctl_program install +zeek_install() +{ + run ${zeekctl_program} install } -zeek_cleanup() { - if [ ! "${node}" ]; - then - $zeekctl_program cleanup - else - $zeekctl_program cleanup ${node} - fi +zeek_cleanup() +{ + if [ ! "${node}" ]; then + run ${zeekctl_program} cleanup + else + run ${zeekctl_program} cleanup ${node} + fi } -zeek_status() { - $zeekctl_program status +zeek_status() +{ + run ${zeekctl_program} status } -load_rc_config $name +load_rc_config ${name} run_rc_command "$1" |