beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

replace wizard patch for .deb & .rpm packages with an envvar check (#1630)

Browse source
This commit is contained in:
mmetc 2022-08-16 14:59:59 +02:00 committed by GitHub
parent 6b18674960
commit 1aac5d78d9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 29 additions and 195 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
debian/patches/fix-wizard.patch vendored
View file

@ -1,91 +0,0 @@
generate acquis.yaml directly in place
Index: crowdsec/wizard.sh
===================================================================
--- crowdsec.orig/wizard.sh
+++ crowdsec/wizard.sh
@@ -41,7 +41,6 @@
fi
ACQUIS_PATH="${CROWDSEC_CONFIG_PATH}"
-TMP_ACQUIS_FILE="tmp-acquis.yaml"
ACQUIS_TARGET="${ACQUIS_PATH}/acquis.yaml"
PID_DIR="${CROWDSEC_RUN_DIR}"
@@ -265,30 +264,30 @@
shift
local files=("${@}")
- echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
+ echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
- echo "filenames:" >> ${TMP_ACQUIS_FILE}
+ echo "filenames:" >> ${ACQUIS_TARGET}
for fd in ${files[@]}; do
- echo " - ${fd}" >> ${TMP_ACQUIS_FILE}
+ echo " - ${fd}" >> ${ACQUIS_TARGET}
done
- echo "labels:" >> ${TMP_ACQUIS_FILE}
- echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
- echo "---" >> ${TMP_ACQUIS_FILE}
- log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
+ echo "labels:" >> ${ACQUIS_TARGET}
+ echo " "${log_input_tags[${service}]} >> ${ACQUIS_TARGET}
+ echo "---" >> ${ACQUIS_TARGET}
+ log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
}
genyamljournal() {
local service="${1}"
shift
- echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
+ echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
- echo "journalctl_filter:" >> ${TMP_ACQUIS_FILE}
- echo " - _SYSTEMD_UNIT="${service}".service" >> ${TMP_ACQUIS_FILE}
- echo "labels:" >> ${TMP_ACQUIS_FILE}
- echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
- echo "---" >> ${TMP_ACQUIS_FILE}
- log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
+ echo "journalctl_filter:" >> ${ACQUIS_TARGET}
+ echo " - _SYSTEMD_UNIT="${service}".service" >> ${ACQUIS_TARGET}
+ echo "labels:" >> ${ACQUIS_TARGET}
+ echo " "${log_input_tags[${service}]} >> ${ACQUIS_TARGET}
+ echo "---" >> ${ACQUIS_TARGET}
+ log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
}
genacquisition() {
@@ -569,7 +568,6 @@
${CSCLI_BIN_INSTALLED} hub update
install_collection
genacquisition
- mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
return
fi
@@ -628,7 +626,6 @@
# Generate acquisition file and move it to the right folder
genacquisition
- mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
log_info "acquisition file path: ${ACQUIS_TARGET}"
# Install collections according to detected services
log_dbg "Installing needed collections ..."
@@ -656,7 +653,6 @@
if [[ "$1" == "detect" ]];
then
- rm -f "${TMP_ACQUIS_FILE}"
detect_services
if [[ ${DETECTED_SERVICES} == "" ]] ; then
log_err "No detected or selected services, stopping."
@@ -664,8 +660,7 @@
fi;
log_info "Found ${#DETECTED_SERVICES[@]} supported services running:"
genacquisition
- cat "${TMP_ACQUIS_FILE}"
- rm "${TMP_ACQUIS_FILE}"
+ cat "${ACQUIS_TARGET}"
return
fi

1
debian/patches/series vendored
View file

@ -1,2 +1 @@
config_plugins
fix-wizard.patch

2
debian/postinst vendored
View file

@ -24,7 +24,7 @@ if [ "$1" = configure ]; then
echo Creating /etc/crowdsec/acquis.yaml
set +e
SILENT=true detect_services
SILENT=true genacquisition
SILENT=true TMP_ACQUIS_FILE_SKIP=skip genacquisition
set -e
COLLECTIONS=true
fi

91
rpm/SOURCES/fix-wizard.patch
View file

@ -1,91 +0,0 @@
generate acquis.yaml directly in place
Index: crowdsec/wizard.sh
===================================================================
--- wizard.sh-orig
+++ wizard.sh
@@ -41,7 +41,6 @@
fi
ACQUIS_PATH="${CROWDSEC_CONFIG_PATH}"
-TMP_ACQUIS_FILE="tmp-acquis.yaml"
ACQUIS_TARGET="${ACQUIS_PATH}/acquis.yaml"
SYSTEMD_PATH_FILE="/etc/systemd/system/crowdsec.service"
@@ -265,30 +264,30 @@
shift
local files=("${@}")
- echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
+ echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
- echo "filenames:" >> ${TMP_ACQUIS_FILE}
+ echo "filenames:" >> ${ACQUIS_TARGET}
for fd in ${files[@]}; do
- echo " - ${fd}" >> ${TMP_ACQUIS_FILE}
+ echo " - ${fd}" >> ${ACQUIS_TARGET}
done
- echo "labels:" >> ${TMP_ACQUIS_FILE}
- echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
- echo "---" >> ${TMP_ACQUIS_FILE}
- log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
+ echo "labels:" >> ${ACQUIS_TARGET}
+ echo " "${log_input_tags[${service}]} >> ${ACQUIS_TARGET}
+ echo "---" >> ${ACQUIS_TARGET}
+ log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
}
genyamljournal() {
local service="${1}"
shift
- echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
+ echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
- echo "journalctl_filter:" >> ${TMP_ACQUIS_FILE}
- echo " - _SYSTEMD_UNIT="${service}".service" >> ${TMP_ACQUIS_FILE}
- echo "labels:" >> ${TMP_ACQUIS_FILE}
- echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
- echo "---" >> ${TMP_ACQUIS_FILE}
- log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
+ echo "journalctl_filter:" >> ${ACQUIS_TARGET}
+ echo " - _SYSTEMD_UNIT="${service}".service" >> ${ACQUIS_TARGET}
+ echo "labels:" >> ${ACQUIS_TARGET}
+ echo " "${log_input_tags[${service}]} >> ${ACQUIS_TARGET}
+ echo "---" >> ${ACQUIS_TARGET}
+ log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
}
genacquisition() {
@@ -569,7 +568,6 @@
${CSCLI_BIN_INSTALLED} hub update
install_collection
genacquisition
- mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
return
fi
@@ -628,7 +626,6 @@
# Generate acquisition file and move it to the right folder
genacquisition
- mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
log_info "acquisition file path: ${ACQUIS_TARGET}"
# Install collections according to detected services
log_dbg "Installing needed collections ..."
@@ -656,7 +653,6 @@
if [[ "$1" == "detect" ]];
then
- rm -f "${TMP_ACQUIS_FILE}"
detect_services
if [[ ${DETECTED_SERVICES} == "" ]] ; then
log_err "No detected or selected services, stopping."
@@ -664,8 +660,7 @@
fi;
log_info "Found ${#DETECTED_SERVICES[@]} supported services running:"
genacquisition
- cat "${TMP_ACQUIS_FILE}"
- rm "${TMP_ACQUIS_FILE}"
+ cat "${ACQUIS_TARGET}"
return
fi

6
rpm/SPECS/crowdsec.spec
View file

@ -9,8 +9,7 @@ URL: https://crowdsec.net
Source0: https://github.com/crowdsecurity/%{name}/archive/v%(echo $VERSION).tar.gz
Source1: 80-%{name}.preset
Patch0: crowdsec.unit.patch
Patch1: fix-wizard.patch
Patch2: user.patch
Patch1: user.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: git
@ -37,7 +36,6 @@ BuildRequires: systemd
%patch0
%patch1
%patch2
%build
BUILD_VERSION=%{local_version} make build
@ -158,7 +156,7 @@ if [ $1 == 1 ]; then
if [ ! -f "/etc/crowsec/acquis.yaml" ] ; then
set +e
SILENT=true detect_services
SILENT=true genacquisition
SILENT=true TMP_ACQUIS_FILE_SKIP=skip genacquisition
set +e
fi
if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] && [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then

33
wizard.sh
View file

@ -3,6 +3,10 @@
set -o pipefail
#set -x
skip_tmp_acquis() {
[[ "${TMP_ACQUIS_FILE_SKIP}" == "skip" ]]
}
RED='\033[0;31m'
BLUE='\033[0;34m'
@ -43,7 +47,6 @@ else
fi
ACQUIS_PATH="${CROWDSEC_CONFIG_PATH}"
TMP_ACQUIS_FILE="tmp-acquis.yaml"
ACQUIS_TARGET="${ACQUIS_PATH}/acquis.yaml"
SYSTEMD_PATH_FILE="/etc/systemd/system/crowdsec.service"
@ -286,7 +289,7 @@ genyamllog() {
echo "labels:" >> ${TMP_ACQUIS_FILE}
echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
echo "---" >> ${TMP_ACQUIS_FILE}
log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
log_dbg "${ACQUIS_FILE_MSG}"
}
genyamljournal() {
@ -300,10 +303,18 @@ genyamljournal() {
echo "labels:" >> ${TMP_ACQUIS_FILE}
echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
echo "---" >> ${TMP_ACQUIS_FILE}
log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
log_dbg "${ACQUIS_FILE_MSG}"
}
genacquisition() {
if skip_tmp_acquis; then
TMP_ACQUIS_FILE="${ACQUIS_TARGET}"
ACQUIS_FILE_MSG="acquisition file generated to: ${TMP_ACQUIS_FILE}"
else
TMP_ACQUIS_FILE="tmp-acquis.yaml"
ACQUIS_FILE_MSG="tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
fi
log_dbg "Found following services : "${DETECTED_SERVICES[@]}
for PSVG in ${DETECTED_SERVICES[@]} ; do
find_logs_for ${PSVG}
@ -607,7 +618,9 @@ main() {
${CSCLI_BIN_INSTALLED} hub update
install_collection
genacquisition
mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
if ! skip_tmp_acquis; then
mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
fi
return
fi
@ -666,7 +679,9 @@ main() {
# Generate acquisition file and move it to the right folder
genacquisition
mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
if ! skip_tmp_acquis; then
mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
fi
log_info "acquisition file path: ${ACQUIS_TARGET}"
# Install collections according to detected services
log_dbg "Installing needed collections ..."
@ -694,7 +709,9 @@ main() {
if [[ "$1" == "detect" ]];
then
rm -f "${TMP_ACQUIS_FILE}"
if ! skip_tmp_acquis; then
rm -f "${TMP_ACQUIS_FILE}"
fi
detect_services
if [[ ${DETECTED_SERVICES} == "" ]] ; then
log_err "No detected or selected services, stopping."
@ -703,7 +720,9 @@ main() {
log_info "Found ${#DETECTED_SERVICES[@]} supported services running:"
genacquisition
cat "${TMP_ACQUIS_FILE}"
rm "${TMP_ACQUIS_FILE}"
if ! skip_tmp_acquis; then
rm "${TMP_ACQUIS_FILE}"
fi
return
fi