Package Details: opensnitch-ebpf-module 1.5.9-2

Git Clone URL: https://aur.archlinux.org/opensnitch-ebpf-module.git (read-only, click to copy)
Package Base: opensnitch-ebpf-module
Description: eBPF process monitor module for opensnitch
Upstream URL: https://github.com/evilsocket/opensnitch
Licenses: GPL3
Submitter: nns
Maintainer: nns
Last Packager: nns
Votes: 11
Popularity: 1.37
First Submitted: 2023-02-06 09:27 (UTC)
Last Updated: 2023-06-12 13:53 (UTC)

Pinned Comments

nns commented on 2022-11-15 09:17 (UTC) (edited on 2023-06-12 12:24 (UTC) by nns)

This is the latest RELEASE version of OpenSnitch's eBPF module. It is meant to be used with the regular opensnitch package, not the -git version in the AUR.

I intend to keep this up to date with both OpenSnitch releases (as soon as the main package updates).

Latest Comments

1 2 Next › Last »

stasadev commented on 2023-06-13 10:04 (UTC)

Thank you, @nns, I used a pacman hook for Manjaro. In case anyone needs it:

$ cat /etc/pacman.d/hooks/linux61-headers.hook
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = linux61-headers

[Action]
Description = Create a symlink /usr/src/linux...
Exec = /bin/sh -c "ln -sfv $(echo /usr/lib/modules/6.1.*/build | rev | cut -d' ' -f1 | rev) /usr/src/linux"
When = PostTransaction

nns commented on 2023-06-13 08:08 (UTC)

You can always edit the PKGBUILD before building - I imagine Manjaro's AUR helper provides that functionality?

Another alternative is to create the /usr/src/linux symlink manually. Perhaps a pacman hook that updates the symlink every time kernel headers are updated. I'm not sure how kernel headers are provided and packaged in Manjaro, but it's surprising to me that symlink isn't provided already.

stasadev commented on 2023-06-12 19:29 (UTC)

I understand, thank you. I have not thought about the changes when running the kernel update on Arch (Manjaro user here). I will build it manually from now on.

nns commented on 2023-06-12 19:04 (UTC) (edited on 2023-06-12 19:05 (UTC) by nns)

I'm not sure I follow. That symlink is provided by linux-headers, which is a makedep for this package. You can see it on the very bottom of the file list here: https://archlinux.org/packages/core/x86_64/linux-headers/

Hardcoding the path name would break building this package on a system where the running kernel is older than the module package (which can and does often happen when updating packages).

stasadev commented on 2023-06-12 18:43 (UTC)

Please update KDIR to use the actual source instead of the symlink. Just like in opensnitch-ebpf-module-git. Not all of us have such a path.

-KDIR="/usr/src/linux"
+KDIR="/usr/lib/modules/$(uname -r)/build"

nns commented on 2023-06-12 12:24 (UTC)

Thank you for the heads up. I've made the required changes.

Also, with the latest opensnitch versions, separately downloading the kernel sources is no longer required, just that headers are present. Thus, this package now depends on linux-headers.

eclairevoyant commented on 2023-06-10 10:49 (UTC)

binutils, flex must be removed from makedepends as they are part of base-devel.

Also you shouldn't have any packages in the conflicts() here, see https://wiki.archlinux.org/title/PKGBUILD#conflicts

nns commented on 2022-12-22 13:56 (UTC)

OpenSnitch's 1.5.2 version no longer compiles with the latest kernel available in the repos (6.1.1). Until a new stable release of OpenSnitch is published, this package will build with 6.0.14, which is the latest kernel release which still builds.

nns commented on 2022-11-15 09:17 (UTC) (edited on 2023-06-12 12:24 (UTC) by nns)

This is the latest RELEASE version of OpenSnitch's eBPF module. It is meant to be used with the regular opensnitch package, not the -git version in the AUR.

I intend to keep this up to date with both OpenSnitch releases (as soon as the main package updates).