Respect Suricata's install location when loading config.

During startup change the default locations of S-U configuration files
(enable.conf, disable.conf, etc) to be relative to the installed
Suricata's --sysconfdir, but only if they exist.  This keeps the
fallback behaviour to /etc/suricata for now.

Ticket #4374

diff --git a/suricata/update/config.py b/suricata/update/config.py
index 0aafc96f2bba4d2a6b95c0ce3ae25fd816b66c74..a6271cb1647cc9c67c928769f3c7a12200ae4fe3 100644 (file)
--- a/suricata/update/config.py
+++ b/suricata/update/config.py
@@ -226,6 +226,26 @@ def init(args):
             logger.info("Using data-directory %s.", data_directory)
             _config[DATA_DIRECTORY_KEY] = data_directory
 
+        # Fixup the default locations for Suricata-Update configuration files, but only if
+        # they exist, otherwise keep the defaults.
+        if "sysconfdir" in build_info:
+            configs = (
+                ("disable-conf", "disable.conf"),
+                ("enable-conf", "enable.conf"),
+                ("drop-conf", "drop.conf"),
+                ("modify-conf", "modify.conf"),
+            )
+            sysconfdir = build_info["sysconfdir"]
+            for key, filename in configs:
+                config_path = os.path.join(sysconfdir, "suricata", filename)
+                logger.debug("Looking for {}".format(config_path))
+                if os.path.exists(config_path):
+                    logger.debug("Found {}".format(config_path))
+                    val = getattr(args, key.replace("-", "_"), None)
+                    if val is None:
+                        logger.debug("Changing default for {} to {}".format(key, config_path))
+                        _config[key] = config_path
+
     # If suricata-conf not provided on the command line or in the
     # configuration file, look for it.
     if not "suricata-conf" in _config: