3 年之前 · 9b5cb6abc9
--- a/debian/postinst
+++ b/debian/postinst
@@ -20,7 +20,7 @@ if [ "$1" = configure ]; then
 
				     fi
			
 
				     
			
 
				     . /usr/share/crowdsec/wizard.sh -n
			
 
				-    if ! [[ -f /etc/crowdsec/config.yaml ]]; then
			
 
				+    if ! [[ -f /etc/crowdsec/acquis.yaml ]]; then
			
 
				         echo Creating /etc/crowdsec/acquis.yaml
			
 
				         set +e
			
 
				         SILENT=true detect_services
			
--- a/rpm/SOURCES/user.patch
+++ b/rpm/SOURCES/user.patch
@@ -0,0 +1,11 @@
 
				+--- config/config.yaml-orig	2021-09-08 12:04:29.758785098 +0200
			
 
				++++ config/config.yaml	2021-09-08 12:04:39.866856057 +0200
			
 
				+@@ -32,7 +32,7 @@
			
 
				+     max_age: 7d
			
 
				+ plugin_config:
			
 
				+   user: nobody # plugin process would be ran on behalf of this user
			
 
				+-  group: nogroup # plugin process would be ran on behalf of this group
			
 
				++  group: nobody # plugin process would be ran on behalf of this group
			
 
				+ api:
			
 
				+   client:
			
 
				+     insecure_skip_verify: false
			
--- a/rpm/SPECS/crowdsec.spec
+++ b/rpm/SPECS/crowdsec.spec
@@ -11,6 +11,7 @@ Source1:        80-%{name}.preset
 
				 Patch0:         crowdsec.unit.patch
			
 
				 Patch1:         fix-wizard.patch
			
 
				 Patch2:         config.patch
			
 
				+Patch3:         user.patch
			
 
				 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
			
 
				 
			
 
				 BuildRequires:  git
			
@@ -36,6 +37,7 @@ BuildRequires:  systemd
 
				 %patch0
			
 
				 %patch1
			
 
				 %patch2
			
 
				+%patch3
			
 
				 
			
 
				 %build
			
 
				 BUILD_VERSION=%{local_version} make
			
--- a/scripts/func_tests/config/http.yaml
+++ b/scripts/func_tests/config/http.yaml
@@ -16,8 +16,7 @@ method: POST # eg either of "POST", "GET", "PUT" and other http verbs is valid v
 
				 
			
 
				 # skip_tls_verification:  # either true or false. Default is false
			
 
				 
			
 
				-# group_wait: # duration to wait collecting alerts before sending to this plugin, eg "30s"
			
 
				-
			
 
				+group_wait: 5s # duration to wait collecting alerts before sending to this plugin, eg "30s"
			
 
				 group_threshold: 2 # if alerts exceed this, then the plugin will be sent the message. eg "10"
			
 
				 
			
 
				 # max_retry: # number of tries to attempt to send message to plugins in case of error.
			
--- a/scripts/func_tests/tests_post-install_0base.sh
+++ b/scripts/func_tests/tests_post-install_0base.sh
@@ -5,6 +5,8 @@ source tests_base.sh
 
				 
			
 
				 echo $PATH
			
 
				 
			
 
				+sudo cp /etc/crowdsec/config.yaml ./config.yaml.backup
			
 
				+
			
 
				 ##########################
			
 
				 ## TEST AGENT/LAPI/CAPI ##
			
 
				 echo "CROWDSEC (AGENT+LAPI+CAPI)"
			
@@ -155,4 +157,6 @@ ${CSCLI_BIN} -c ./config/config_no_capi.yaml metrics || fail "failed to get metr
 
				 
			
 
				 sudo mv /tmp/crowdsec.service-orig /etc/systemd/system/crowdsec.service 
			
 
				 
			
 
				+sudo cp ./config.yaml.backup /etc/crowdsec/config.yaml 
			
 
				+
			
 
				 ${SYSTEMCTL} restart crowdsec
			
--- a/scripts/func_tests/tests_post-install_7_plugin.sh
+++ b/scripts/func_tests/tests_post-install_7_plugin.sh
@@ -11,8 +11,8 @@ function backup () {
 
				 }
			
 
				 
			
 
				 function restore_backup () {
			
 
				-    cat ./backup_profiles.yaml > /etc/crowdsec/profiles.yaml  
			
 
				-    cat ./backup_http.yaml > /etc/crowdsec/notifications/http.yaml
			
 
				+    cat ./backup_profiles.yaml | sudo tee /etc/crowdsec/profiles.yaml > /dev/null
			
 
				+    cat ./backup_http.yaml | sudo tee /etc/crowdsec/notifications/http.yaml > /dev/null
			
 
				 }
			
 
				 
			
 
				 function clear_backup() {
			
@@ -21,9 +21,13 @@ function clear_backup() {
 
				 }
			
 
				 
			
 
				 function modify_config() {
			
 
				-    cp ./config/http.yaml /etc/crowdsec/notifications/http.yaml
			
 
				-    cp ./config/profiles.yaml /etc/crowdsec/profiles.yaml
			
 
				-    systemctl restart crowdsec
			
 
				+    PLUGINS_DIR=$(find /usr -type d -wholename "*"crowdsec/plugins)
			
 
				+    sed -i "s#/usr/local/lib/crowdsec/plugins#${PLUGINS_DIR}#g" ./config/config.yaml
			
 
				+    cat ./config/config.yaml | sudo tee /etc/crowdsec/config.yaml > /dev/null
			
 
				+    cat ./config/http.yaml | sudo tee /etc/crowdsec/notifications/http.yaml > /dev/null
			
 
				+    cat ./config/profiles.yaml | sudo tee /etc/crowdsec/profiles.yaml > /dev/null
			
 
				+    ${SYSTEMCTL} restart crowdsec
			
 
				+    sleep 5s
			
 
				 }
			
 
				 
			
 
				 function setup_tests() {
			
@@ -39,18 +43,22 @@ function cleanup_tests() {
 
				     clear_backup
			
 
				     kill -9 $MOCK_SERVER_PID
			
 
				     rm mock_http_server_logs.log
			
 
				-    systemctl restart crowdsec
			
 
				+    ${SYSTEMCTL} restart crowdsec
			
 
				+    sleep 5s
			
 
				 }
			
 
				 
			
 
				 function run_tests() {
			
 
				     log_line_count=$(cat mock_http_server_logs.log | wc -l)
			
 
				+
			
 
				     if [[ $log_line_count -ne "0" ]] ; then
			
 
				         cleanup_tests
			
 
				         fail "expected 0 log lines fom mock http server before adding decisions"
			
 
				     fi
			
 
				-    cscli decisions add --ip 1.2.3.4 --duration 30s
			
 
				-    cscli decisions add --ip 1.2.3.5 --duration 30s
			
 
				+
			
 
				+    ${CSCLI} decisions add --ip 1.2.3.4 --duration 30s
			
 
				+    ${CSCLI} decisions add --ip 1.2.3.5 --duration 30s
			
 
				     sleep 5
			
 
				+    cat mock_http_server_logs.log
			
 
				     log_line_count=$(cat mock_http_server_logs.log | wc -l)
			
 
				     if [[ $log_line_count -ne "1" ]] ; then
			
 
				         cleanup_tests
			
@@ -78,4 +86,5 @@ function run_tests() {
 
				 
			
 
				 setup_tests
			
 
				 run_tests
			
 
				-cleanup_tests
			
 
				+cleanup_tests
			
 
				+