From: Jason Ish Date: Wed, 30 Mar 2022 21:00:54 +0000 (-0600) Subject: Respect Suricata's install location when loading config. X-Git-Tag: 1.3.0rc1~29 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6b46bc1e7611a5fc4c550744017667fff391afbc;p=thirdparty%2Fsuricata-update.git Respect Suricata's install location when loading config. During startup change the default locations of S-U configuration files (enable.conf, disable.conf, etc) to be relative to the installed Suricata's --sysconfdir, but only if they exist. This keeps the fallback behaviour to /etc/suricata for now. Ticket #4374 --- diff --git a/suricata/update/config.py b/suricata/update/config.py index 0aafc96..a6271cb 100644 --- a/suricata/update/config.py +++ b/suricata/update/config.py @@ -226,6 +226,26 @@ def init(args): logger.info("Using data-directory %s.", data_directory) _config[DATA_DIRECTORY_KEY] = data_directory + # Fixup the default locations for Suricata-Update configuration files, but only if + # they exist, otherwise keep the defaults. + if "sysconfdir" in build_info: + configs = ( + ("disable-conf", "disable.conf"), + ("enable-conf", "enable.conf"), + ("drop-conf", "drop.conf"), + ("modify-conf", "modify.conf"), + ) + sysconfdir = build_info["sysconfdir"] + for key, filename in configs: + config_path = os.path.join(sysconfdir, "suricata", filename) + logger.debug("Looking for {}".format(config_path)) + if os.path.exists(config_path): + logger.debug("Found {}".format(config_path)) + val = getattr(args, key.replace("-", "_"), None) + if val is None: + logger.debug("Changing default for {} to {}".format(key, config_path)) + _config[key] = config_path + # If suricata-conf not provided on the command line or in the # configuration file, look for it. if not "suricata-conf" in _config: