* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 2f4d1ecb9aa6f585abd85db557193f0dce682b55
@ 2020-01-03 21:18 Arne Fitzenreiter
0 siblings, 0 replies; only message in thread
From: Arne Fitzenreiter @ 2020-01-03 21:18 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 10728 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 2f4d1ecb9aa6f585abd85db557193f0dce682b55 (commit)
via 3a3f4c37f2c40b7ecf02af88d6d4bab9eabf4ef3 (commit)
via cde7cab264e617a9d9fd2fb9948d82af24e2529c (commit)
via 592d3708fe66ef512da765a4f716bf1dd3c77032 (commit)
from c846ed161682adfd7a9939d7778ce28b6f677d71 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2f4d1ecb9aa6f585abd85db557193f0dce682b55
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Fri Jan 3 17:12:32 2020 +0000
lang: Fix typo in "Writen Bytes" and fix grammar
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
commit 3a3f4c37f2c40b7ecf02af88d6d4bab9eabf4ef3
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Fri Jan 3 21:17:05 2020 +0000
core140: add convert-snort to updater
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
commit cde7cab264e617a9d9fd2fb9948d82af24e2529c
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Fri Jan 3 11:16:53 2020 +0100
convert-snort: Check and convert snort user and group.
Fixes #12102.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
commit 592d3708fe66ef512da765a4f716bf1dd3c77032
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Fri Jan 3 21:13:30 2020 +0000
Revert "bind: Update to 9.11.14"
build fails on armv5tel: https://nightly.ipfire.org/next/2020-01-02%2016:17:54%20+0000-c846ed16/armv5tel/
This reverts commit 7d9b0ab69750c19d51833537652c6b11fc1bc2ab.
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/bind | 4 +--
config/rootfiles/core/140/filelists/files | 1 +
config/suricata/convert-snort | 59 ++++++++++++++++++++++++-------
doc/language_issues.en | 4 +--
langs/en/cgi-bin/en.pl | 4 +--
lfs/bind | 4 +--
6 files changed, 56 insertions(+), 20 deletions(-)
Difference in files:
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index e5435bd02..df6bbf4b6 100644
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -272,11 +272,11 @@ usr/lib/libbind9.so.161.0.4
#usr/lib/libdns.la
#usr/lib/libdns.so
usr/lib/libdns.so.1107
-usr/lib/libdns.so.1107.1.1
+usr/lib/libdns.so.1107.1.0
#usr/lib/libisc.la
#usr/lib/libisc.so
usr/lib/libisc.so.1104
-usr/lib/libisc.so.1104.0.1
+usr/lib/libisc.so.1104.0.0
#usr/lib/libisccc.la
#usr/lib/libisccc.so
usr/lib/libisccc.so.161
diff --git a/config/rootfiles/core/140/filelists/files b/config/rootfiles/core/140/filelists/files
index 181ef8cf4..0a38212e7 100644
--- a/config/rootfiles/core/140/filelists/files
+++ b/config/rootfiles/core/140/filelists/files
@@ -7,3 +7,4 @@ etc/rc.d/init.d/unbound
etc/rc.d/init.d/suricata
opt/pakfire/lib/functions.pl
srv/web/ipfire/cgi-bin/ids.cgi
+usr/sbin/convert-snort
diff --git a/config/suricata/convert-snort b/config/suricata/convert-snort
index 64b6e8b6a..ee52548e9 100644
--- a/config/suricata/convert-snort
+++ b/config/suricata/convert-snort
@@ -34,7 +34,42 @@ my $snort_config_file = "/etc/snort/snort.conf";
my $snort_rules_tarball = "/var/tmp/snortrules.tar.gz";
#
-## Step 1: Setup directory and file layout, if not present and set correct
+## Step 1: Convert snort user and group to suricata if exist.
+#
+
+# Check if the snort user exists.
+if (getpwnam("snort")) {
+ # Change username.
+ my @command = (
+ '/usr/sbin/usermod',
+ '-l', 'suricata', 'snort'
+ );
+
+ system(@command) == 0 or die "Could not change username: @command failed: $?\n";
+
+ # Adjust home directory.
+ @command = (
+ '/usr/sbin/usermod',
+ '-d', "/var/log/suricata",
+ 'suricata'
+ );
+
+ system(@command) == 0 or die "Failed to adjust home directory: @command failed: $?\n";
+}
+
+# Check if the snort group exists.
+if (getgrnam("snort")) {
+ # Change groupname
+ my @command = (
+ '/usr/sbin/groupmod',
+ '-n', 'suricata', 'snort'
+ );
+
+ system(@command) == 0 or die "Could not rename groupname: @command failed: $?\n";
+}
+
+#
+## Step 2: Setup directory and file layout, if not present and set correct
## ownership. The converter runs as a privileged user, but the files
## needs to be full access-able by the WUI user and group (nobody:nobody).
#
@@ -71,7 +106,7 @@ if (-z "$snort_settings_file") {
}
#
-## Step 2: Import snort settings and convert to the required format for the new IDS
+## Step 3: Import snort settings and convert to the required format for the new IDS
## (suricata).
#
@@ -135,7 +170,7 @@ if($snortsettings{"OINKCODE"}) {
}
#
-## Step 3: Import guardian settings and whitelist if the addon is installed.
+## Step 4: Import guardian settings and whitelist if the addon is installed.
#
# Pakfire meta file for owncloud.
@@ -183,7 +218,7 @@ if (-f $guardian_meta) {
}
#
-## Step 4: Save IDS and rules settings.
+## Step 5: Save IDS and rules settings.
#
# Write IDS settings.
@@ -193,7 +228,7 @@ if (-f $guardian_meta) {
&General::writehash("$IDS::rules_settings_file", \%rulessettings);
#
-## Step 5: Generate and write the file to modify the ruleset.
+## Step 6: Generate and write the file to modify the ruleset.
#
# Call subfunction and pass the desired IDS action.
@@ -203,7 +238,7 @@ if (-f $guardian_meta) {
&IDS::set_ownership("$IDS::modify_sids_file");
#
-## Step 6: Move rulestarball to its new location.
+## Step 7: Move rulestarball to its new location.
#
# Check if a rulestarball has been downloaded yet.
@@ -230,7 +265,7 @@ if (-f $snort_rules_tarball) {
}
#
-## Step 7: Call oinkmaster to extract and setup the rules structures.
+## Step 8: Call oinkmaster to extract and setup the rules structures.
#
# Check if a rulestarball is present.
@@ -243,7 +278,7 @@ if (-f $IDS::rulestarball) {
}
#
-## Step 8: Generate file for the HOME Net.
+## Step 9: Generate file for the HOME Net.
#
# Call subfunction to generate the file.
@@ -253,7 +288,7 @@ if (-f $IDS::rulestarball) {
&IDS::set_ownership("$IDS::homenet_file");
#
-## Step 9: Generate file for the DNS servers.
+## Step 10: Generate file for the DNS servers.
#
# Call subfunction to generate the file.
@@ -263,7 +298,7 @@ if (-f $IDS::rulestarball) {
&IDS::set_ownership("$IDS::dns_servers_file");
#
-## Step 10: Setup automatic ruleset updates.
+## Step 11: Setup automatic ruleset updates.
#
# Check if a ruleset is configured.
@@ -273,7 +308,7 @@ if($rulessettings{"RULES"}) {
}
#
-## Step 11: Grab used ruleset files from snort config file and convert
+## Step 12: Grab used ruleset files from snort config file and convert
## them into the new format.
#
@@ -319,7 +354,7 @@ close(SNORTCONF);
&IDS::write_used_rulefiles_file(@enabled_rule_files);
#
-## Step 12: Start the IDS if enabled.
+## Step 13: Start the IDS if enabled.
#
# Check if the IDS should be started.
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 475261493..885e85d75 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -1522,7 +1522,7 @@ WARNING: untranslated string: quick playlist = Quick Playlist
WARNING: untranslated string: ram = RAM
WARNING: untranslated string: random number generator daemon = Random Number Generator Daemon
WARNING: untranslated string: rdns = rDNS
-WARNING: untranslated string: read bytes = Read Bytes
+WARNING: untranslated string: read bytes = Bytes Read
WARNING: untranslated string: read list = list with readonly hosts
WARNING: untranslated string: real address = Real Address
WARNING: untranslated string: reboot = Reboot
@@ -2204,7 +2204,7 @@ WARNING: untranslated string: wlanap wlan settings = WLan Settings
WARNING: untranslated string: wlanap wlan status = WLan Status
WARNING: untranslated string: wol wakeup = WakeUp
WARNING: untranslated string: workgroup = Workgroup
-WARNING: untranslated string: written bytes = Writen Bytes
+WARNING: untranslated string: written bytes = Bytes Written
WARNING: untranslated string: year = Year
WARNING: untranslated string: yes = Yes
WARNING: untranslated string: you can only define one roadwarrior connection when using pre-shared key authentication = You can only define one Roadwarrior connection when using pre-shared key authentication.<br />Either you already have a Roadwarrior connection with pre-shared key authentication, or you're trying to add one now.
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index b40ef9390..0d30595b3 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -2070,7 +2070,7 @@
'ram' => 'RAM',
'random number generator daemon' => 'Random Number Generator Daemon',
'rdns' => 'rDNS',
-'read bytes' => 'Read Bytes',
+'read bytes' => 'Bytes Read',
'read list' => 'list with readonly hosts',
'real address' => 'Real Address',
'reboot' => 'Reboot',
@@ -2940,7 +2940,7 @@
'wlanap wlan status' => 'WLan Status',
'wol wakeup' => 'WakeUp',
'workgroup' => 'Workgroup',
-'written bytes' => 'Writen Bytes',
+'written bytes' => 'Bytes Written',
'xtaccess all error' => 'You cannot set an external access to ALL, that is done in the port forwarding record.',
'xtaccess bad transfert' => 'If you specify a port destination range, the source range must be identical !',
'year' => 'Year',
diff --git a/lfs/bind b/lfs/bind
index 249328843..6bb23a143 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,7 +25,7 @@
include Config
-VER = 9.11.14
+VER = 9.11.13
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 5aa75bcb6cdad102f151cae4a53f117f
+$(DL_FILE)_MD5 = 17de0d024ab1eac377f1c2854dc25057
install : $(TARGET)
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-01-03 21:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-03 21:18 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 2f4d1ecb9aa6f585abd85db557193f0dce682b55 Arne Fitzenreiter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox