Hello Michael,
thanks for working on suricata and cleaning / adjusting things.
This commit is very problematic, because it may breaks current installations.
Currently after downloading a ruleset tarball of a certain provider, oinkmaster is going to extract the tarball content(rules files and *.config files) into the rules directory ("/var/lib/suricata") by deleting the old rules files and overwriting the *.config files - so they perfectly fits together.
When moving the config files to a new location, we have to take care about that by moving these files after oinkmaster has launched to the new location and we also have to take care about file permissions on the new location.
So I would recommend to hold off this patch until we have a nice solution for this.
Best regards,
-Stefan
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
config/rootfiles/common/suricata | 3 --- config/suricata/suricata.yaml | 7 +++---- lfs/suricata | 5 +---- 3 files changed, 4 insertions(+), 11 deletions(-)
diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata index 7c512b033..091245023 100644 --- a/config/rootfiles/common/suricata +++ b/config/rootfiles/common/suricata @@ -40,9 +40,6 @@ usr/share/suricata/ #usr/share/suricata/rules/stream-events.rules #usr/share/suricata/rules/tls-events.rules var/lib/suricata -var/lib/suricata/classification.config -var/lib/suricata/reference.config -var/lib/suricata/threshold.config var/log/suricata #var/log/suricata/certs #var/log/suricata/files diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml index 0ad36e705..ba56c6a75 100644 --- a/config/suricata/suricata.yaml +++ b/config/suricata/suricata.yaml @@ -69,10 +69,9 @@ rule-files: # Include enabled ruleset files from external file - !include: /var/ipfire/suricata/suricata-used-rulefiles.yaml -classification-file: /var/lib/suricata/classification.config -reference-config-file: /var/lib/suricata/reference.config -threshold-file: /var/lib/suricata/threshold.config
+classification-file: /usr/share/suricata/classification.config +reference-config-file: /usr/share/suricata/reference.config +threshold-file: /usr/share/suricata/threshold.config ## ## Logging options. diff --git a/lfs/suricata b/lfs/suricata index 0a1dcf2b8..38289962f 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -100,10 +100,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) # Move config files for references, threshold and classification # to the rules directory. - mv /etc/suricata/*.config /var/lib/suricata
- # Set correct permissions for the files. - chmod 644 /var/lib/suricata/*.config + rm -rfv /etc/suricata/*.config # Set correct ownership for /var/lib/suricata and the # contained files