From c36991085529d03027553e3f21ffb2ce32063a17 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 10 Sep 2024 23:23:38 +0200
Subject: [PATCH] suricata: Force Suricata to write a PID file again

The PID file does not get written when Suricata is not being started in
daemon mode and therefore we need to pass it as a command line
parameter.

The initscript should not deal with the PID file when starting but needs
it to terminate the process and to check the process status.

The web UI can use the PID file again.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/suricata/suricata-watcher | 5 ++++-
 html/cgi-bin/ids.cgi             | 2 +-
 src/initscripts/system/suricata  | 5 +++--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/config/suricata/suricata-watcher b/config/suricata/suricata-watcher
index af4defe04..d937ef8cc 100644
--- a/config/suricata/suricata-watcher
+++ b/config/suricata/suricata-watcher
@@ -24,9 +24,12 @@ PIDFILE="/var/run/suricata.pid"
 main() {
 	local ret
 
+	# Suricata becomes unhappy if the PID file exists
+	unlink "${PIDFILE}" &>/dev/null
+
 	while :; do
 		# Launch suricata
-		/usr/bin/suricata "$@" &>/dev/null
+		/usr/bin/suricata --pidfile "${PIDFILE}" "$@" &>/dev/null
 
 		# Wait until suricata is done
 		ret=$?
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 34e6bf233..db05df98a 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -1011,7 +1011,7 @@ sub show_mainpage() {
 
 	&Header::ServiceStatus({
 		$Lang::tr{'intrusion prevention system'} => {
-			"process" => "Suricata-Main",
+			"pidfile" => "/var/run/suricata.pid",
 		},
 	});
 
diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata
index f3aa18f23..2890fa64b 100644
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -159,7 +159,7 @@ case "$1" in
 
         stop)
 		boot_mesg "Stopping Intrusion Detection System..."
-		killproc /usr/bin/suricata
+		killproc -p /var/run/suricata.pid /usr/bin/suricata
 
 		# Flush firewall chain.
 		flush_fw_chain
@@ -169,13 +169,14 @@ case "$1" in
         ;;
 
         status)
-                statusproc /usr/bin/suricata
+                PIDFILE="/var/run/suricata.pid" statusproc /usr/bin/suricata
                 ;;
 
         restart)
                 $0 stop
                 $0 start
                 ;;
+
 	reload)
 		# Send SIGUSR2 to the suricata process to perform a reload
 		# of the ruleset.
-- 
2.39.5