From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 5/7] suricata: Load *.config files from default location
Date: Mon, 22 Nov 2021 09:52:06 +0000 [thread overview]
Message-ID: <EA1476AD-8990-4319-9989-9B4719959418@ipfire.org> (raw)
In-Reply-To: <ccaca7b5467a620127ceaf8293f630e172ba5e5e.camel@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 3360 bytes --]
Hello Stefan,
Thank you for your feedback.
> On 22 Nov 2021, at 04:21, Stefan Schantl <stefan.schantl(a)ipfire.org> wrote:
>
> Hello Michael,
>
> thanks for working on suricata and cleaning / adjusting things.
>
> This commit is very problematic, because it may breaks current
> installations.
>
> Currently after downloading a ruleset tarball of a certain provider,
> oinkmaster is going to extract the tarball content(rules files and
> *.config files) into the rules directory ("/var/lib/suricata") by
> deleting the old rules files and overwriting the *.config files - so
> they perfectly fits together.
>
> When moving the config files to a new location, we have to take care
> about that by moving these files after oinkmaster has launched to the
> new location and we also have to take care about file permissions on
> the new location.
>
> So I would recommend to hold off this patch until we have a nice
> solution for this.
Okay. I marked this patch as rejected on PW.
-Michael
>
> Best regards,
>
> -Stefan
>> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
>> ---
>> config/rootfiles/common/suricata | 3 ---
>> config/suricata/suricata.yaml | 7 +++----
>> lfs/suricata | 5 +----
>> 3 files changed, 4 insertions(+), 11 deletions(-)
>>
>> diff --git a/config/rootfiles/common/suricata
>> b/config/rootfiles/common/suricata
>> index 7c512b033..091245023 100644
>> --- a/config/rootfiles/common/suricata
>> +++ b/config/rootfiles/common/suricata
>> @@ -40,9 +40,6 @@ usr/share/suricata/
>> #usr/share/suricata/rules/stream-events.rules
>> #usr/share/suricata/rules/tls-events.rules
>> var/lib/suricata
>> -var/lib/suricata/classification.config
>> -var/lib/suricata/reference.config
>> -var/lib/suricata/threshold.config
>> var/log/suricata
>> #var/log/suricata/certs
>> #var/log/suricata/files
>> diff --git a/config/suricata/suricata.yaml
>> b/config/suricata/suricata.yaml
>> index 0ad36e705..ba56c6a75 100644
>> --- a/config/suricata/suricata.yaml
>> +++ b/config/suricata/suricata.yaml
>> @@ -69,10 +69,9 @@ rule-files:
>> # Include enabled ruleset files from external file
>> - !include: /var/ipfire/suricata/suricata-used-rulefiles.yaml
>>
>> -classification-file: /var/lib/suricata/classification.config
>> -reference-config-file: /var/lib/suricata/reference.config
>> -threshold-file: /var/lib/suricata/threshold.config
>> -
>> +classification-file: /usr/share/suricata/classification.config
>> +reference-config-file: /usr/share/suricata/reference.config
>> +threshold-file: /usr/share/suricata/threshold.config
>>
>> ##
>> ## Logging options.
>> diff --git a/lfs/suricata b/lfs/suricata
>> index 0a1dcf2b8..38289962f 100644
>> --- a/lfs/suricata
>> +++ b/lfs/suricata
>> @@ -100,10 +100,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>>
>> # Move config files for references, threshold and
>> classification
>> # to the rules directory.
>> - mv /etc/suricata/*.config /var/lib/suricata
>> -
>> - # Set correct permissions for the files.
>> - chmod 644 /var/lib/suricata/*.config
>> + rm -rfv /etc/suricata/*.config
>>
>> # Set correct ownership for /var/lib/suricata and the
>> # contained files
>
>
next prev parent reply other threads:[~2021-11-22 9:52 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-19 17:44 [PATCH 1/7] suricata: Include all default rules Michael Tremer
2021-11-19 17:44 ` [PATCH 2/7] rust: Drop Cargo home directory after build Michael Tremer
2021-11-19 17:44 ` [PATCH 3/7] suricata: Drop extra rootfiles Michael Tremer
2021-11-19 17:44 ` [PATCH 4/7] suricata: This package is supported on all architectures Michael Tremer
2021-11-24 14:54 ` Arne Fitzenreiter
2021-11-24 16:53 ` Michael Tremer
2021-11-19 17:44 ` [PATCH 5/7] suricata: Load *.config files from default location Michael Tremer
2021-11-22 4:21 ` Stefan Schantl
2021-11-22 9:52 ` Michael Tremer [this message]
2021-11-19 17:44 ` [PATCH 6/7] IPS: Do not try to show rules when stat on rules tarball fails Michael Tremer
2021-11-19 17:44 ` [PATCH 7/7] suricata: Handle retransmitted SYN with TSval Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=EA1476AD-8990-4319-9989-9B4719959418@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox