blob: 9dec2fb54c2b8b6b74b963623a87c8e5ff4de37c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
# Maintainer:
# Contributor: Mark Wagie <mark dot wagie at tutanota dot com>
# Contributor: lsf
# Contributor: Adam Hose <adis@blad.is>
pkgname=opensnitch-git
pkgver=1.4.0.rc.2.r27.8580281
pkgrel=3
pkgdesc="A GNU/Linux port of the Little Snitch application firewall"
arch=('i686' 'x86_64' 'armv6h' 'armv7h' 'aarch64')
url="https://github.com/evilsocket/opensnitch"
license=('GPL3')
makedepends=('git' 'go' 'python-setuptools'
'python-grpcio-tools' 'qt5-tools')
depends=('libnetfilter_queue' 'libpcap' 'python-grpcio' 'python-protobuf'
'python-pyinotify' 'python-slugify' 'python-pyqt5')
optdepends=('logrotate: for logfile rotation support'
'opensnitch-ebpf-module-git: eBPF process monitor method (non-hardened kernel only)')
provides=("${pkgname%-git}")
conflicts=("${pkgname%-git}")
backup=("etc/${pkgname%-git}d/default-config.json")
install="${pkgname%-git}.install"
source=('git+https://github.com/evilsocket/opensnitch.git')
sha256sums=('SKIP')
pkgver() {
cd "$srcdir/${pkgname%-git}"
git describe --long | sed 's/^v//;s/\([^-]*-\)g/r\1/;s/-/./g'
}
prepare() {
export GOPATH="$srcdir/gopath"
go clean -modcache
cd "$srcdir/${pkgname%-git}"
sed -i 's|local/bin|bin|g' "daemon/${pkgname%-git}d.service"
}
build() {
cd "$srcdir/${pkgname%-git}"
pushd proto
export GOPATH="$srcdir/gopath"
export CGO_CPPFLAGS="${CPPFLAGS}"
export CGO_CFLAGS="${CFLAGS}"
export CGO_CXXFLAGS="${CXXFLAGS}"
export CGO_LDFLAGS="${LDFLAGS}"
export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=mod"
export PATH=${PATH}:${GOPATH}/bin
go get github.com/golang/protobuf/protoc-gen-go
make
popd
pushd daemon
make
popd
pushd ui
pyrcc5 -o opensnitch/resources_rc.py opensnitch/res/resources.qrc
sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2*
python setup.py build
popd
go clean -modcache
# do not use ebpf proc method by default as the module is provided as an optdepend
# NOTE: does not seem to be required, the default-config.json should use proc unless
# changed in the settings / in the file
# cp "daemon/${pkgname%-git}d.service" "daemon/${pkgname%-git}d-ebpf.service"
# sed -i 's/\(ExecStart=.*\)/\1 -process-monitor-method ebpf/' "daemon/${pkgname%-git}d-ebpf.service"
# sed -i 's/\(ExecStart=.*\)/\1 -process-monitor-method proc/' "daemon/${pkgname%-git}d.service"
}
package() {
cd "$srcdir/${pkgname%-git}"
pushd ui
export PYTHONHASHSEED=0
python setup.py install --root="$pkgdir/" --optimize=1 --skip-build
popd
install -d "$pkgdir/etc/${pkgname%-git}d/rules"
install -Dm755 "daemon/${pkgname%-git}d" -t "$pkgdir/usr/bin"
install -Dm644 "daemon/${pkgname%-git}d.service" -t \
"$pkgdir/usr/lib/systemd/system"
# install -Dm644 "daemon/${pkgname%-git}d-ebpf.service" -t \
# "$pkgdir/usr/lib/systemd/system"
install -Dm644 daemon/default-config.json -t "$pkgdir/etc/${pkgname%-git}d"
install -Dm644 daemon/system-fw.json -t "$pkgdir/etc/${pkgname%-git}d"
install -Dm644 "debian/${pkgname%-git}.logrotate" \
"$pkgdir/etc/logrotate.d/${pkgname%-git}"
}
|