diff options
Diffstat (limited to 'security/zeek')
| -rw-r--r-- | security/zeek/Makefile | 32 | ||||
| -rw-r--r-- | security/zeek/distinfo | 6 | ||||
| -rw-r--r-- | security/zeek/files/pkg-message.in | 26 | ||||
| -rw-r--r-- | security/zeek/pkg-plist | 45 |
4 files changed, 61 insertions, 48 deletions
diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 15dd7d7a4249..7760be2c5d1b 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,5 +1,5 @@ PORTNAME= zeek -DISTVERSION= 8.0.1 +DISTVERSION= 8.0.4 CATEGORIES= security MASTER_SITES= https://download.zeek.org/ @@ -17,7 +17,7 @@ LIB_DEPENDS= libcares.so:dns/c-ares \ RUN_DEPENDS= c-ares>=1.25.0:dns/c-ares USES= bison cmake compiler:c++17-lang cpe gettext-runtime perl5 \ - python shebangfix ssl + python:3.9+ shebangfix ssl USE_LDCONFIG= yes @@ -82,8 +82,10 @@ CMAKE_ARGS= -DCARES_ROOT_DIR:PATH=${PREFIX} \ -DINSTALL_ZKG:BOOL=OFF \ -DPY_MOD_INSTALL_DIR:PATH=${PREFIX}/lib/zeekctl \ -DZEEK_ETC_INSTALL_DIR:PATH=${PREFIX}/etc \ + -DZEEK_LOG_DIR:PATH=/var/log/zeek \ -DZEEK_ROOT_DIR:PATH=${PREFIX} \ - -DZEEK_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/zeek + -DZEEK_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/zeek \ + -DZEEK_SPOOL_DIR:PATH=/var/spool/zeek ZEEKUSER?= zeek ZEEKGROUP?= zeek @@ -158,28 +160,26 @@ STRIP= USE_RC_SUBR= zeek .endif +post-install: + ${MV} ${STAGEDIR}${DATADIR}/site/local.zeek \ + ${STAGEDIR}${DATADIR}/site/local.zeek.sample + @${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/zeek-cut + @${RM} ${STAGEDIR}${PREFIX}/share/zeek/tests + ${LN} -s ../btest/data ${STAGEDIR}${PREFIX}/share/zeek/tests + post-install-ZEEKCTL-on: - ${MKDIR} ${STAGEDIR}${PREFIX}/logs - ${MKDIR} ${STAGEDIR}${PREFIX}/spool/tmp - ${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/auto - ${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/site + ${MKDIR} ${STAGEDIR}/var/spool/zeek/installed-scripts-do-not-touch/auto + ${MKDIR} ${STAGEDIR}/var/spool/zeek/installed-scripts-do-not-touch/site .for F in zeekctl.cfg networks.cfg node.cfg ${MV} ${STAGEDIR}${PREFIX}/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.sample .endfor + # Do this here because later zeek won't be running as root ${RM} ${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh - ${LN} -s ../../../spool/zeekctl-config.sh \ + ${LN} -s ../../../../../var/spool/zeek/zeekctl-config.sh \ ${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh ${RM} ${STAGEDIR}${PREFIX}/lib/broctl ${LN} -s zeek/python/zeekctl ${STAGEDIR}${PREFIX}/lib/broctl -post-install: - ${MV} ${STAGEDIR}${DATADIR}/site/local.zeek \ - ${STAGEDIR}${DATADIR}/site/local.zeek.sample - @${RM} -rf ${STAGEDIR}${PREFIX}/var - @${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/zeek-cut - @${RM} ${STAGEDIR}${PREFIX}/share/zeek/tests - ${LN} -s ../btest/data ${STAGEDIR}${PREFIX}/share/zeek/tests - post-install-SPICY-on: @${RM} -rf ${STAGEDIR}${PREFIX}/include/hilti/rt/3rdparty/SafeInt/Archive @${RM} -rf ${STAGEDIR}${PREFIX}/include/hilti/rt/3rdparty/SafeInt/Test diff --git a/security/zeek/distinfo b/security/zeek/distinfo index cf681afb7421..e1b43d9b2abf 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1756236375 -SHA256 (zeek-8.0.1.tar.gz) = ee916387e762345a6ffa84514cc3b66761f110d845a08b88e4a8da48db97ce8a -SIZE (zeek-8.0.1.tar.gz) = 99592537 +TIMESTAMP = 1762386088 +SHA256 (zeek-8.0.4.tar.gz) = b11aa1391e240c6ab49838de949bb8ea44635ee8fb8350db4e100c31e83b6a24 +SIZE (zeek-8.0.4.tar.gz) = 99613526 diff --git a/security/zeek/files/pkg-message.in b/security/zeek/files/pkg-message.in index 5b311b6cda33..ba18b01c0a45 100644 --- a/security/zeek/files/pkg-message.in +++ b/security/zeek/files/pkg-message.in @@ -35,10 +35,30 @@ EOM During deinstall of this package, the cfg files for zeekctl are not deleted if you have edited them. Instead the software will create a .sample file and the edited files will remain in place when you -upgrade. If you want to delete them, you have to remove the -%%PREFIX%%/etc directory manually. +upgrade. If you want to delete them, you have to remove +%%PREFIX%%/etc/zeekctl.cfg manually. -You may also need to manually remove %%PREFIX%%/spool/state.db +You may also need to manually remove /var/spool/state.db +EOM +} +{ type: upgrade + message: <<EOM +The default LogDir and SpoolDir have moved from %%PREFIX%% to /var. + +To migrate an existing installation to the new layout: + + - service zeek stop + + - pkg upgrade -y zeek + + - edit %%PREFIX%%/etc/zeekctl.cfg and make these changes: + + LogDir = /var/log/zeek + SpoolDir = /var/spool/zeek + + - move/create the log directory + + - service zeek deploy EOM } ] diff --git a/security/zeek/pkg-plist b/security/zeek/pkg-plist index c913e47f378d..2888ca696ecb 100644 --- a/security/zeek/pkg-plist +++ b/security/zeek/pkg-plist @@ -1,7 +1,10 @@ -@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/logs -%%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool -%%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool/tmp -%%ZEEKCTL%%@postexec chown -R %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool/installed-scripts-do-not-touch +@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/log/zeek +@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek +@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/tmp +%%ZEEKCTL%%@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/installed-scripts-do-not-touch +%%ZEEKCTL%%@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/installed-scripts-do-not-touch/auto +%%ZEEKCTL%%@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/installed-scripts-do-not-touch/site +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/state.db bin/bifcl bin/binpac %%ZEEKCTL%%bin/capstats @@ -2284,32 +2287,22 @@ share/zeek/tests %%ZEEKCTL%%share/zeekctl/scripts/set-zeek-path %%ZEEKCTL%%share/zeekctl/scripts/stats-to-csv %%ZEEKCTL%%share/zeekctl/scripts/zeekctl-config.sh -%%ZEEKCTL%%spool/zeekctl-config.sh -%%ZEEKCTL%%@preunexec rm -f %D/logs/current -%%ZEEKCTL%%@preunexec rm -f %D/spool/zeekctl.dat -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/auto/zeekctl-config.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/auto/local-networks.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/auto/standalone-layout.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-logger.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-manager.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-proxy.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-worker.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local.zeek -%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local.zeek.sample -%%ZEEKCTL%%@preunexec rm -f %D/spool/state.db -%%ZEEKCTL%%@dir spool/tmp -%%ZEEKCTL%%@dir spool/installed-scripts-do-not-touch/site -%%ZEEKCTL%%@dir spool/installed-scripts-do-not-touch/auto -%%ZEEKCTL%%@dir spool/installed-scripts-do-not-touch -%%ZEEKCTL%%@dir spool/extract_files -%%ZEEKCTL%%@dir spool/brokerstore -%%ZEEKCTL%%@dir spool +%%ZEEKCTL%%@preunexec rm -f /var/log/zeek/current +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/zeekctl.dat +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/auto/zeekctl-config.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/auto/local-networks.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/auto/standalone-layout.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-logger.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-manager.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-proxy.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-worker.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local.zeek +%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local.zeek.sample @dir share/man/man8 @dir share/man/man1 @dir share/man -%%ZEEKCTL%%@dir logs %%SPICY%%@dir lib/zeek/spicy @dir lib/zeek/plugins @dir include/zeek/analyzer/protocol/quic @dir include/zeek/analyzer/protocol/ldap -%%ZEEKCTL%%@postexec su -fm %%ZEEKUSER%% -c '%D/bin/zeekctl install; rm -f %D/spool/debug.log' +%%ZEEKCTL%%@postexec su -fm %%ZEEKUSER%% -c '%D/bin/zeekctl install; rm -f /var/spool/zeek/debug.log' |