Hello Stefan, Thank you for your feedback. > On 22 Nov 2021, at 04:21, Stefan Schantl wrote: > > Hello Michael, > > thanks for working on suricata and cleaning / adjusting things. > > This commit is very problematic, because it may breaks current > installations. > > Currently after downloading a ruleset tarball of a certain provider, > oinkmaster is going to extract the tarball content(rules files and > *.config files) into the rules directory ("/var/lib/suricata") by > deleting the old rules files and overwriting the *.config files - so > they perfectly fits together. > > When moving the config files to a new location, we have to take care > about that by moving these files after oinkmaster has launched to the > new location and we also have to take care about file permissions on > the new location. > > So I would recommend to hold off this patch until we have a nice > solution for this. Okay. I marked this patch as rejected on PW. -Michael > > Best regards, > > -Stefan >> Signed-off-by: Michael Tremer >> --- >> config/rootfiles/common/suricata | 3 --- >> config/suricata/suricata.yaml | 7 +++---- >> lfs/suricata | 5 +---- >> 3 files changed, 4 insertions(+), 11 deletions(-) >> >> diff --git a/config/rootfiles/common/suricata >> b/config/rootfiles/common/suricata >> index 7c512b033..091245023 100644 >> --- a/config/rootfiles/common/suricata >> +++ b/config/rootfiles/common/suricata >> @@ -40,9 +40,6 @@ usr/share/suricata/ >> #usr/share/suricata/rules/stream-events.rules >> #usr/share/suricata/rules/tls-events.rules >> var/lib/suricata >> -var/lib/suricata/classification.config >> -var/lib/suricata/reference.config >> -var/lib/suricata/threshold.config >> var/log/suricata >> #var/log/suricata/certs >> #var/log/suricata/files >> diff --git a/config/suricata/suricata.yaml >> b/config/suricata/suricata.yaml >> index 0ad36e705..ba56c6a75 100644 >> --- a/config/suricata/suricata.yaml >> +++ b/config/suricata/suricata.yaml >> @@ -69,10 +69,9 @@ rule-files: >> # Include enabled ruleset files from external file >> - !include: /var/ipfire/suricata/suricata-used-rulefiles.yaml >> >> -classification-file: /var/lib/suricata/classification.config >> -reference-config-file: /var/lib/suricata/reference.config >> -threshold-file: /var/lib/suricata/threshold.config >> - >> +classification-file: /usr/share/suricata/classification.config >> +reference-config-file: /usr/share/suricata/reference.config >> +threshold-file: /usr/share/suricata/threshold.config >> >> ## >> ## Logging options. >> diff --git a/lfs/suricata b/lfs/suricata >> index 0a1dcf2b8..38289962f 100644 >> --- a/lfs/suricata >> +++ b/lfs/suricata >> @@ -100,10 +100,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> >> # Move config files for references, threshold and >> classification >> # to the rules directory. >> - mv /etc/suricata/*.config /var/lib/suricata >> - >> - # Set correct permissions for the files. >> - chmod 644 /var/lib/suricata/*.config >> + rm -rfv /etc/suricata/*.config >> >> # Set correct ownership for /var/lib/suricata and the >> # contained files > >