From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arne Fitzenreiter To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 1f367e0aab3ffb1bc8d5528dc1a383142ab3d92b Date: Wed, 01 May 2019 17:05:45 +0100 Message-ID: <20190501160545.C26A184FDAF@people01.i.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4676515399527196621==" List-Id: --===============4676515399527196621== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 1f367e0aab3ffb1bc8d5528dc1a383142ab3d92b (commit) via 62910a28a690338799ba53a423e9541c537fb3b0 (commit) via 50b35e0f8f19d14182fa485430fc26c9c2738350 (commit) from 5a4617a8711d69ba6ce19ca05a4fd21033dc72d1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1f367e0aab3ffb1bc8d5528dc1a383142ab3d92b Merge: 62910a28a 5a4617a87 Author: Arne Fitzenreiter Date: Wed May 1 18:04:36 2019 +0200 Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next commit 62910a28a690338799ba53a423e9541c537fb3b0 Author: Stefan Schantl Date: Wed May 1 17:03:06 2019 +0200 suricata: Remove PID file on stop =20 Force the initscript to remove the PID file when calling "stop" section. =20 If suricata crashes during startup, the PID file still remains and the se= rvice cannot be started anymore until the file has been deleted. =20 Now when calling "stop" or "restart" the PID file will be deleted and the= service can be used again. =20 Fixes #12067. =20 Signed-off-by: Stefan Schantl Signed-off-by: Arne Fitzenreiter commit 50b35e0f8f19d14182fa485430fc26c9c2738350 Author: Stefan Schantl Date: Wed May 1 16:49:25 2019 +0200 update-ids-ruleset: Set correct ownership for the rulestarball. =20 The script usualy will be executed by cron which will start it with root permissions, so the downloaded tarball is owned by this user. =20 This has to be changed to the user which runs the WUI (nobody:nobody) to allow, changing the ruleset to an other one and to display the ruleset ar= ea. =20 Fixes #12066 =20 Signed-off-by: Stefan Schantl Signed-off-by: Arne Fitzenreiter ----------------------------------------------------------------------- Summary of changes: src/initscripts/system/suricata | 3 +++ src/scripts/update-ids-ruleset | 3 +++ 2 files changed, 6 insertions(+) Difference in files: diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata index c9f131fca..38b6a40d8 100644 --- a/src/initscripts/system/suricata +++ b/src/initscripts/system/suricata @@ -171,6 +171,9 @@ case "$1" in # Remove suricata control socket. =20 rm /var/run/suricata/* >/dev/null 2>/dev/null =20 + # Trash remain pid file if still exists. + rm -f $PID_FILE >/dev/null 2>/dev/null + # Don't report returncode of rm if suricata was not started exit 0 ;; diff --git a/src/scripts/update-ids-ruleset b/src/scripts/update-ids-ruleset index 14ea25ec6..f28a8c156 100644 --- a/src/scripts/update-ids-ruleset +++ b/src/scripts/update-ids-ruleset @@ -58,6 +58,9 @@ if(&IDS::downloadruleset()) { exit 0; } =20 +# Set correct ownership for the downloaded tarball. +&IDS::set_ownership("$IDS::rulestarball"); + # Call oinkmaster to alter the ruleset. &IDS::oinkmaster(); =20 hooks/post-receive -- IPFire 2.x development tree --===============4676515399527196621==--