Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-firewall/psad/files/psad-1.2.4-metalog.patch
blob: 558ce59a0b013f1cdee9049fc9d676c5ade92adf (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

--- /root/psad  2003-10-26 16:49:31.000000000 +0100
+++ ./psad      2003-10-26 18:53:43.000000000 +0100
@@ -3618,5 +3618,5 @@
 
     die ' ** No system logger config file could be found.'
-        unless (-e '/etc/syslog.conf' or -e '/etc/syslog-ng/syslog-ng.conf');
+        unless (-e '/etc/syslog.conf' or -e '/etc/syslog-ng/syslog-ng.conf' or -e '/etc/metalog/metalog.conf');
 
     ### look for psadfifo in some system logger config file
@@ -3696,4 +3696,49 @@
         }
     }
+# Metalog support added by Dennis Freise <cat@final-frontier.ath.cx>
+    if (-e '/etc/metalog/metalog.conf') {
+       unless (-e '/etc/metalog/metalog.conf.orig') {
+           copy '/etc/metalog/metalog.conf',
+               '/etc/metalog/metalog.conf.orig';
+       }
+       open RS, '< /etc/metalog/metalog.conf' or
+           die " ** Unable to open /etc/metalog/metalog.conf: $!\n";
+       my @lines = <RS>;
+       close RS;
+
+       my $found = 0;
+       for my $line (@lines) {
+           if ($line =~ m/psadpipe.sh/) {
+               $found = 1;
+               last;
+           }
+       }
+       unless ($found) {
+           open METALOG, '> /etc/metalog/metalog.conf' or
+               die " ** Unable to open /etc/metalog/metalog.conf: $!";
+
+           print METALOG "\n";
+           print METALOG "\nPSAD :\n",
+               "  facility = \"kern\"\n";
+           print METALOG '  command  = ',
+               "\"/usr/sbin/psadpipe.sh\"\n";
+           close METALOG;
+           &Psad::psyslog('psad', '.. reconfiguring metalog to write ' .
+               "kern-facility messages to /usr/sbin/psadpipe.sh");
+
+           open PIPESCRIPT, '> /usr/sbin/psadpipe.sh' or
+               die " ** Unable to open /usr/sbin/psadpipe.sh: $!";
+           print PIPESCRIPT "#!/bin/sh\n\n";
+           print PIPESCRIPT "echo \"\$3\" >> $config{'PSAD_FIFO'}\n";
+           close PIPESCRIPT;
+           chmod 0700, '/usr/sbin/psadpipe.sh';
+           &Psad::psyslog('psad', '.. generated /usr/sbin/psadpipe.sh which writes ' .
+               "to $config{'PSAD_FIFO'}");
+
+# Metalog seems to simply die on SIGHUP and SIGALRM, and I found no signal or option to reload it's config... :-(
+           die "All files written. You have to manually restart metalog! When done, start psad again.";
+#          system "$cmds{'killall'} -HUP metalog";
+       }
+    }
 
     ### make sure the permissions on these files is 0600