From: Jason Ish <ish@unx.ca>
Date: Fri, 2 Feb 2018 20:55:48 +0000 (-0600)
Subject: use --sysconfdir for default dist rules
X-Git-Tag: 1.0.0rc1~23
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4c461bb12d79e4745931b495192a2823bf42629d;p=thirdparty%2Fsuricata-update.git

use --sysconfdir for default dist rules
---

diff --git a/suricata/update/config.py b/suricata/update/config.py
index 610ed56..fc58527 100644
--- a/suricata/update/config.py
+++ b/suricata/update/config.py
@@ -43,6 +43,7 @@ MODIFY_CONF_KEY = "modify-conf"
 DROP_CONF_KEY = "drop-conf"
 LOCAL_CONF_KEY = "local"
 OUTPUT_KEY = "output"
+DIST_RULE_DIRECTORY_KEY = "dist-rule-directory"
 
 DEFAULT_UPDATE_YAML_PATH = "/etc/suricata/update.yaml"
 
@@ -52,6 +53,10 @@ DEFAULT_SURICATA_YAML_PATH = [
     "/etc/suricata/suricata-debian.yaml"
 ]
 
+DEFAULT_DIST_RULE_PATH = [
+    "/etc/suricata/rules",
+]
+
 DEFAULT_CONFIG = {
     "disable-conf": "/etc/suricata/disable.conf",
     "enable-conf": "/etc/suricata/enable.conf",
@@ -179,6 +184,10 @@ def init(args):
                 0, os.path.join(
                     build_info["sysconfdir"], "suricata/suricata.yaml"))
 
+        if "sysconfdir" in build_info:
+            DEFAULT_DIST_RULE_PATH.insert(
+                0, os.path.join(build_info["sysconfdir"], "suricata/rules"))
+
         # Set the data-directory prefix to that of the --localstatedir
         # found in the build-info.
         if not DATA_DIRECTORY_KEY in _config and "localstatedir" in build_info:
@@ -195,3 +204,10 @@ def init(args):
                 logger.info("Using Suricata configuration %s" % (conf))
                 _config["suricata-conf"] = conf
                 break
+
+    if not DIST_RULE_DIRECTORY_KEY in _config:
+        for path in DEFAULT_DIST_RULE_PATH:
+            if os.path.exists(path):
+                logger.info("Using %s for Suricata provided rules.", path)
+                _config[DIST_RULE_DIRECTORY_KEY] = path
+                break
diff --git a/suricata/update/main.py b/suricata/update/main.py
index b6e4b54..edaf82b 100644
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -510,7 +510,10 @@ def load_dist_rules(files):
         "tls-events.rules",
     ]
 
-    dist_rule_path = "/etc/suricata/rules"
+    dist_rule_path = config.get(config.DIST_RULE_DIRECTORY_KEY)
+    if not dist_rule_path:
+        logger.warning("No distribution rule directory found.")
+        return
 
     if not os.path.exists(dist_rule_path):
         logger.warning("Distribution rule directory not found: %s",