From: Michael Tremer Date: Mon, 1 Sep 2025 15:32:02 +0000 (+0000) Subject: suricata-reporter: Move the configuration from suricata X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=518d05d9929433767c53cffe4600912228e0344f;p=ipfire-2.x.git suricata-reporter: Move the configuration from suricata Signed-off-by: Michael Tremer --- diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata index c961b21f2..db1481387 100644 --- a/config/rootfiles/common/suricata +++ b/config/rootfiles/common/suricata @@ -55,7 +55,6 @@ usr/share/suricata #usr/share/suricata/threshold.config var/cache/suricata var/cache/suricata/sgh -var/ipfire/suricata/reporter.conf var/lib/suricata #var/lib/suricata/cache #var/lib/suricata/cache/sgh diff --git a/config/rootfiles/common/suricata-reporter b/config/rootfiles/common/suricata-reporter index ce47de740..e38c64c9b 100644 --- a/config/rootfiles/common/suricata-reporter +++ b/config/rootfiles/common/suricata-reporter @@ -7,3 +7,4 @@ usr/bin/suricata-report-generator usr/share/locale/de_DE usr/share/locale/de_DE/LC_MESSAGES usr/share/locale/de_DE/LC_MESSAGES/suricata-reporter.mo +var/ipfire/suricata/reporter.conf diff --git a/config/suricata/reporter.conf b/config/suricata/reporter.conf deleted file mode 100644 index 071e4cae0..000000000 --- a/config/suricata/reporter.conf +++ /dev/null @@ -1,34 +0,0 @@ -; -; Example configuration file for the Suricata Reporter -; -; This application receives events from Suricata to generate reports, -; alert emails and store a history of alerts. -; -[DEFAULT] -; The number of worker processes to spawn. -; Default is to launch one worker per CPU core. -;workers = 4 - -; The socket where to receive events from -;socket = /var/run/suricata/reporter.socket - -; The ownership of the socket -;user = suricata -;group = suricata - -; The path to the database -;database = /var/log/suricata/reporter.db - -[syslog] -; Enable sending any alerts to syslog in the human-reable fast.log format -;enabled = true - -[email] -; Enable sending an alert email for each alert -;enabled = true - -; The sender email address -;sender = no-reply@ipfire.org - -; The recipient email addresses. Use comma separation for more reciepients. -;recipients = john.doe@example.com, jane.doe@example.com diff --git a/lfs/suricata b/lfs/suricata index 576c62e22..3e6619da0 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -138,9 +138,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) # Install the reporter install -v -m 755 $(DIR_SRC)/config/suricata/suricata-reporter /usr/bin/suricata-reporter - install -v -m 644 $(DIR_SRC)/config/suricata/reporter.conf \ - /var/ipfire/suricata/reporter.conf - chown -v nobody:nobody /var/ipfire/suricata/reporter.conf # Install the cron script install -v -m 755 $(DIR_SRC)/config/suricata/suricata-report-cron \ diff --git a/lfs/suricata-reporter b/lfs/suricata-reporter index 20316ff94..4d015248d 100644 --- a/lfs/suricata-reporter +++ b/lfs/suricata-reporter @@ -76,5 +76,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --sysconfdir=/etc cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + + # Move the configuration file so that it can be edited by the user + # and will be included in the backup + mv -v /etc/suricata/reporter.conf \ + /var/ipfire/suricata/reporter.conf + ln -svf --relative \ + /var/ipfire/suricata/reporter.conf \ + /etc/suricata/reporter.conf + chown nobody:nobody /var/ipfire/suricata/reporter.conf + @rm -rf $(DIR_APP) @$(POSTBUILD)