mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-05-09 17:40:32 +00:00
Code Issues Projects Releases Wiki Activity

suricata: add systemd unit

Browse Source 
Based on the debian systemd unit.

Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Koen Kooi
2018-08-01 10:09:22 +02:00
committed by Armin Kuster
parent a0a3160923
commit e58ad185be
2 changed files with 35 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
recipes-security/suricata/files/suricata.service
+20
View File
@@ -0,0 +1,20 @@
[Unit]
Description=Suricata IDS/IDP daemon
After=network.target
Requires=network.target
Documentation=man:suricata(8) man:suricatasc(8)
Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki
[Service]
Type=simple
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
RestrictAddressFamilies=
ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml eth0
ExecReload=/bin/kill -HUP $MAINPID
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=yes
[Install]
WantedBy=multi-user.target
recipes-security/suricata/suricata_4.0.0.bb
+15 -2
View File
@@ -7,9 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd
SRC_URI += " \ SRC_URI += " \
file://volatiles.03_suricata \ file://volatiles.03_suricata \
file://suricata.yaml \ file://suricata.yaml \
file://suricata.service \
" "
inherit autotools-brokensep pkgconfig python-dir inherit autotools-brokensep pkgconfig python-dir systemd
CFLAGS += "-D_DEFAULT_SOURCE" CFLAGS += "-D_DEFAULT_SOURCE"
@@ -45,6 +46,16 @@ do_install_append () {
install -m 644 reference.config ${D}${sysconfdir}/suricata install -m 644 reference.config ${D}${sysconfdir}/suricata
install -m 644 ${WORKDIR}/suricata.yaml ${D}${sysconfdir}/suricata install -m 644 ${WORKDIR}/suricata.yaml ${D}${sysconfdir}/suricata
install -m 0644 ${WORKDIR}/volatiles.03_suricata ${D}${sysconfdir}/default/volatiles/volatiles.03_suricata install -m 0644 ${WORKDIR}/volatiles.03_suricata ${D}${sysconfdir}/default/volatiles/volatiles.03_suricata
install -d ${D}${systemd_unitdir}/system
sed -e s:/etc:${sysconfdir}:g \
-e s:/var/run:/run:g \
-e s:/var:${localstatedir}:g \
-e s:/usr/bin:${bindir}:g \
-e s:/bin/kill:${base_bindir}/kill:g \
-e s:/usr/lib:${libdir}:g \
${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
} }
pkg_postinst_ontarget_${PN} () { pkg_postinst_ontarget_${PN} () {
@@ -53,8 +64,10 @@ if [ -e /etc/init.d/populate-volatile.sh ] ; then
fi fi
} }
SYSTEMD_PACKAGES = "${PN}"
PACKAGES =+ "${PN}-python" PACKAGES =+ "${PN}-python"
FILES_${PN} += "${logdir}/suricata" FILES_${PN} += "${logdir}/suricata ${systemd_unitdir}"
FILES_${PN}-python = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}" FILES_${PN}-python = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml" CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"