blob: 033a5ed48c4a0cac9b246e7bf43da763d751fd78 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
# Maintainer: Jeremy MountainJohnson <jay@jskier.com>
# Maintainer: Amish <contact at via dot aur>
# Contributor: Jaroslav Lichtblau <dragonlord@aur.archlinux.org>
pkgname=suricata
pkgver=8.0.3
pkgrel=1
pkgdesc="A high performance Network IDS, IPS and Network Security Monitoring engine"
arch=('x86_64')
url="https://suricata.io/"
license=('GPL2')
makedepends=('rust' 'clang' 'cbindgen' 'llvm' 'pkgconf')
depends=('hyperscan' 'jansson' 'libcap-ng' 'libmagic.so' 'libmaxminddb' 'libnet' 'libpcap' 'libyaml' 'lua' 'pcre' 'python-yaml' 'libunwind' 'libbpf')
optdepends=('geoipupdate: GeoIP2 databases')
conflicts=('suricata-nfqueue')
install=suricata.install
backup=('etc/suricata/suricata.yaml'
'etc/suricata/local.yaml'
'etc/suricata/classification.config'
'etc/suricata/reference.config'
'etc/suricata/threshold.config')
source=(https://www.openinfosecfoundation.org/download/${pkgname}-${pkgver}.tar.gz{,.sig}
suricata-update.{service,timer})
sha256sums=('3d9a7b803b97c11e060f3349b179beaafd6f96b8c8a95085d9fdc08c822817d9'
'SKIP'
'57505c464d30623c9d6611ca4b5d08a580c0116b20a4280f39c3720a3f369a92'
'330c93e72a02f4f80972ab1641ee550b32cfdc2f40c78331294bcc009af06d71')
validpgpkeys=('B36FDAF2607E10E8FFA89E5E2BA9C98CCDF1E93A')
prepare() {
cd "${srcdir}/${pkgname}-${pkgver}"
# Ensure upstream respects Arch flags and allows appending LIBS
sed -i 's/^$CFLAGS\|CPPFLAGS\|LDFLAGS\|LIBS$ = /\1 += /' \
Makefile.am Makefile.in 2>/dev/null || true
autoreconf -fi 2>/dev/null || true
}
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
# Use system Lua 5.4 via pkg-config. Prevent accidental LuaJIT selection.
export LUA_CFLAGS="$(pkg-config --cflags lua)"
export LUA_LIBS="$(pkg-config --libs lua)"
# Help link order: add Lua libs to LIBS so final link line includes them
export LIBS+=" ${LUA_LIBS}"
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
--with-clang=/usr/bin/clang --without-docs \
--enable-ebpf --enable-ebpf-build \
--disable-gccmarch-native \
--enable-lua --disable-luajit \
--enable-geoip \
LUA_CFLAGS="${LUA_CFLAGS}" LUA_LIBS="${LUA_LIBS}"
make
}
check() {
cd "${srcdir}/${pkgname}-${pkgver}"
make -k check || true
}
package() {
cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
install -Dm644 -t "${pkgdir}/etc/${pkgname}" "${pkgname}".yaml threshold.config etc/{classification.config,reference.config}
install -Dm644 "${pkgname}".yaml "${pkgdir}/etc/${pkgname}/${pkgname}.yaml.default"
install -Dm644 /dev/null "${pkgdir}/etc/${pkgname}/local.yaml"
echo "include: local.yaml" >> "${pkgdir}/etc/${pkgname}/${pkgname}.yaml"
sed -i -e 's:/var/run:/run/suricata:g' \
-e 's:^#magic-file\: /.*:magic-file\: /usr/share/file/misc/magic.mgc:' \
-e '/^ - suricata.rules/ a \ \ - local.rules' \
-e 's/^#run-as:/run-as:/' \
-e 's/^# user:.*/ user: suricata/' \
-e 's/^# group:.*/ group: suricata/' \
-e 's/^# threshold-file:/threshold-file:/' \
"${pkgdir}/etc/${pkgname}/${pkgname}.yaml"
install -Dm644 etc/"${pkgname}".logrotate "${pkgdir}/etc/logrotate.d/${pkgname}"
sed -i -e 's:/var/run:/run/suricata:g' \
"${pkgdir}/etc/logrotate.d/${pkgname}"
install -Dm644 -t "${pkgdir}"/usr/lib/systemd/system etc/"${pkgname}".service "${srcdir}"/suricata-update.{service,timer}
sed -i -e 's:/var/run:/run/suricata:g' \
-e 's:^Description=.*:Description=Suricata IDS/IPS daemon:g' \
-e 's:^After=.*:After=network.target:g' \
-e 's:^ExecStartPre=.*:PIDFile=suricata/suricata.pid:g' \
-e 's:^ExecStart=.*:ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml --pidfile /run/suricata/suricata.pid --af-packet :g' \
"${pkgdir}/usr/lib/systemd/system/${pkgname}.service"
echo "u suricata -" | install -Dm644 /dev/stdin "${pkgdir}/usr/lib/sysusers.d/${pkgname}.conf"
install -Dm644 /dev/stdin "${pkgdir}/usr/lib/tmpfiles.d/${pkgname}.conf" << 'EOF'
d /run/suricata 0750 suricata suricata
d /var/log/suricata 0755 suricata suricata
d /var/lib/suricata 0750 suricata suricata
d /var/lib/suricata/rules 0750 suricata suricata
d /var/lib/suricata/update 0750 suricata suricata
f /var/lib/suricata/rules/local.rules 0640 suricata suricata
EOF
}
|