app-admin/prelude-manager: New package

Prelude-Manager is a high availability server that accepts secured
connections from distributed sensors and saves received events to a
media specified by the user (database, log file, mail etc.).

9 files changed, 217 insertions, 0 deletions

diff --git a/app-admin/prelude-manager/Manifest b/app-admin/prelude-manager/Manifest
new file mode 100644
index 000000000000..fc1d19bd5058
--- /dev/null
+++ b/app-admin/prelude-manager/Manifest
@@ -0,0 +1 @@
+DIST prelude-manager-3.0.0.tar.gz 1286459 SHA256 379de4c79ccdba4093e9c5a2b9e5c6cee8e8d8694e1358c3d248250c4957dc0b SHA512 4c16a353495179265375686ce9592c8cd044b4255060b78286466bd25f9b38634233c95af058e1c0b81e1b574ec9ada5b2db92d6d1f5594dfcddce572fd0fd67 WHIRLPOOL 35814a88e62e4bfdbd3e8c88f733cd304f8fb355d820ae9887da0c9e6b02936b7aed8d73a05cc458fbf01f7a9e48174d446b1174e1edd44637fadcdc282f3f92
diff --git a/app-admin/prelude-manager/files/prelude-manager-3.0.0-conf.patch b/app-admin/prelude-manager/files/prelude-manager-3.0.0-conf.patch
new file mode 100644
index 000000000000..246ce7d921e5
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager-3.0.0-conf.patch
@@ -0,0 +1,11 @@
+--- a/prelude-manager.conf.in
++++ b/prelude-manager.conf.in
+@@ -361,7 +361,7 @@
+ # (same source, target and classification combination) every 2 minutes
+ # to reporting plugins (eg. to the database).
+ [thresholding]
+-path = alert.classification.text, alert.source.node.address.address, alert.target.node.address.address
++path = alert.classification.text, alert.source(0).node.address(0).address, alert.target(0).node.address(0).address
+ limit = 120
+ count = 100
+ hook = reporting
diff --git a/app-admin/prelude-manager/files/prelude-manager-3.0.0-configure.patch b/app-admin/prelude-manager/files/prelude-manager-3.0.0-configure.patch
new file mode 100644
index 000000000000..bc1949f01510
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager-3.0.0-configure.patch
@@ -0,0 +1,57 @@
+When : when you try to use enable with libmaxmind, libpreludedb, xml, libwrap, they are not working
+Why : Needed if you want to use useflags
+--- a/configure.in
++++ b/configure.in
+@@ -110,7 +110,10 @@
+ dnl **************************************************
+ LIBMAXMINDDB_MIN_VERSION=1.0.0
+ 
+-PKG_CHECK_MODULES([LIBMAXMINDDB], [libmaxminddb >= $LIBMAXMINDDB_MIN_VERSION], enable_libmaxminddb=yes, enable_libmaxminddb=no)
++AC_ARG_ENABLE(libmaxminddb, AC_HELP_STRING(--enable-libmaxminddb, Define whether libmaxminddb is available), , enable_libmaxminddb="yes")
++if test x$enable_libmaxminddb = xyes; then
++	PKG_CHECK_MODULES([LIBMAXMINDDB], [libmaxminddb >= $LIBMAXMINDDB_MIN_VERSION], enable_libmaxminddb=yes, enable_libmaxminddb=no)
++fi
+ if test x$enable_libmaxminddb = xyes; then
+ 	AC_CHECK_HEADER(maxminddb.h, enable_libmaxminddb=yes, enable_libmaxminddb=no)
+ fi
+@@ -126,11 +129,14 @@
+ dnl * Check for libpreludedb                         *
+ dnl **************************************************
+ 
+-AM_PATH_LIBPRELUDEDB(3.0.0, enable_libpreludedb=yes, enable_libpreludedb=no, no)
+-AM_CONDITIONAL(HAVE_LIBPRELUDEDB, test x$enable_libpreludedb = xyes)
++AC_ARG_ENABLE(libpreludedb, AC_HELP_STRING(--enable-libpreludedb, Define whether libpreludedb is available), , enable_libpreludedb="yes")
++if test x$enable_libpreludedb = xyes; then
++	AM_PATH_LIBPRELUDEDB(3.0.0, enable_libpreludedb=yes, enable_libpreludedb=no, no)
++fi
+ if test x$enable_libpreludedb = xyes; then
+         AC_DEFINE_UNQUOTED(HAVE_LIBPRELUDEDB, , Define whether libpreludedb is available)
+ fi
++AM_CONDITIONAL(HAVE_LIBPRELUDEDB, test x$enable_libpreludedb = xyes)
+ 
+ 
+ 
+@@ -138,7 +144,10 @@
+ dnl * Check for the Libxml2                                *
+ dnl ********************************************************
+ 
+-AM_PATH_XML2(, enable_xmlmod=yes, enable_xmlmod=no)
++AC_ARG_ENABLE(xmlmod, AC_HELP_STRING(--enable-xmlmod, Enable XML), , enable_xmlmod="yes")
++if test x$enable_xmlmod = xyes; then
++	AM_PATH_XML2(, enable_xmlmod=yes, enable_xmlmod=no)
++fi
+ AM_CONDITIONAL(HAVE_XML2, test x$enable_xmlmod = xyes)
+ 
+ 
+@@ -147,9 +156,10 @@
+ dnl * TCP WRAPPER CHECK                              *
+ dnl **************************************************
+ 
++AC_ARG_WITH(libwrap, AC_HELP_STRING(--with-libwrap, Compile in libwrap (tcp_wrappers) support.), , with_libwrap="yes")
+ AC_ARG_WITH(libwrap-prefix, AC_HELP_STRING(--with-libwrap-prefix@<:@=PFX@:>@,
+                                     Compile in libwrap (tcp_wrappers) support @<:@default=auto@:>@.),
+-            libwrap_required=true, with_libwrap="yes")
++            libwrap_required=true, )
+ 
+ if test x$with_libwrap != xno; then
+    LIBWRAP_INCLUDE="tcpd.h"
diff --git a/app-admin/prelude-manager/files/prelude-manager-3.0.0-run.patch b/app-admin/prelude-manager/files/prelude-manager-3.0.0-run.patch
new file mode 100644
index 000000000000..ef6d553a3d27
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager-3.0.0-run.patch
@@ -0,0 +1,13 @@
+When : everytime
+Why : since systemd, run dir has changed
+--- a/configure.in
++++ b/configure.in
+@@ -304,7 +304,7 @@
+ 
+ manager_failover_dir=$LOCALSTATEDIR/spool/prelude-manager/failover
+ manager_scheduler_dir=$LOCALSTATEDIR/spool/prelude-manager/scheduler
+-manager_run_dir=$LOCALSTATEDIR/run/prelude-manager
++manager_run_dir=/run/prelude-manager
+ 
+ AC_DEFINE_UNQUOTED(REPORT_PLUGIN_DIR, "$report_plugin_dir", Prelude-Manager report plugin directory)
+ AC_DEFINE_UNQUOTED(DECODE_PLUGIN_DIR, "$decode_plugin_dir", Prelude-Manager decode plugin directory)
diff --git a/app-admin/prelude-manager/files/prelude-manager.initd b/app-admin/prelude-manager/files/prelude-manager.initd
new file mode 100755
index 000000000000..4db7200ad4f3
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager.initd
@@ -0,0 +1,26 @@
+#!/sbin/runscript
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+BIN_MANAGER=/usr/bin/prelude-manager
+PID_MANAGER=/run/prelude-manager/prelude-manager.pid
+
+depend() {
+  need net
+}
+
+start() {
+  ebegin "Starting prelude-manager"
+  checkpath -d -m 0755 -o root:root /run/prelude-manager
+  start-stop-daemon --start --exec $BIN_MANAGER \
+    --pidfile $PID_MANAGER -- -d -P $PID_MANAGER
+  eend $?
+}
+
+stop() {
+  ebegin "Stopping prelude-manager"
+  start-stop-daemon --stop --exec $BIN_MANAGER \
+    --pidfile $PID_MANAGER
+  eend $?
+}
diff --git a/app-admin/prelude-manager/files/prelude-manager.run b/app-admin/prelude-manager/files/prelude-manager.run
new file mode 100644
index 000000000000..739808485129
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager.run
@@ -0,0 +1,4 @@
+# Configuration to create /run/prelude-manager directory
+# Used as part of systemd's tmpfiles
+
+d /run/prelude-manager 0755 root root
diff --git a/app-admin/prelude-manager/files/prelude-manager.service b/app-admin/prelude-manager/files/prelude-manager.service
new file mode 100644
index 000000000000..15eee91b8aa7
--- /dev/null
+++ b/app-admin/prelude-manager/files/prelude-manager.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Prelude-Manager service
+DefaultDependencies=no
+After=remote_fs.target
+Before=prelude-lml.service prelude-correlator.service
+
+[Service]
+ExecStart=/usr/bin/prelude-manager -d -P /run/prelude-manager/prelude-manager.pid
+Type=forking
+PIDFile=/run/prelude-manager/prelude-manager.pid
+Restart=always
+
+[Install]
+WantedBy=prelude-lml.service prelude-correlator.service multi-user.target
diff --git a/app-admin/prelude-manager/metadata.xml b/app-admin/prelude-manager/metadata.xml
new file mode 100644
index 000000000000..5990a2a5fbd3
--- /dev/null
+++ b/app-admin/prelude-manager/metadata.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>thomas.andrejak@gmail.com</email>
+		<name>Thomas Andrejak</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<longdescription lang="en">
+		Prelude-Manager is a high availability server that
+		accepts secured connections from distributed sensors
+		and saves received events to a media specified by the user
+		(database, log file, mail etc.). The server schedules and
+		establishes the priorities of treatment according to the
+		critical character and the source of the alerts.
+	</longdescription>
+	<use>
+		<flag name="tcpwrapper">Enables Prelude Manager using
+		tcp wrapper. It requires <pkg>sys-apps/tcp-wrappers</pkg>
+		.</flag>
+		<flag name="dbx">Enables Prelude Manager storing Prelude
+		alerts into database through <pkg>dev-libs/libpreludedb</pkg>
+		.</flag>
+	</use>
+</pkgmetadata>
diff --git a/app-admin/prelude-manager/prelude-manager-3.0.0.ebuild b/app-admin/prelude-manager/prelude-manager-3.0.0.ebuild
new file mode 100644
index 000000000000..74a4fc831555
--- /dev/null
+++ b/app-admin/prelude-manager/prelude-manager-3.0.0.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools eutils systemd
+
+DESCRIPTION="Bus communication for all Prelude modules"
+HOMEPAGE="https://www.prelude-siem.org"
+SRC_URI="https://www.prelude-siem.org/pkg/src/3.0.0/${P}.tar.gz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="tcpwrapper xml geoip dbx"
+
+RDEPEND="net-libs/gnutls
+	dev-libs/libprelude
+	dbx? ( dev-libs/libpreludedb )
+	tcpwrapper? ( sys-apps/tcp-wrappers )
+	xml? ( dev-libs/libxml2 )
+	geoip? ( dev-libs/libmaxminddb )"
+
+DEPEND="${RDEPEND}
+	virtual/pkgconfig"
+
+PATCHES=(
+	"${FILESDIR}/${P}-conf.patch"
+	"${FILESDIR}/${P}-configure.patch"
+	"${FILESDIR}/${P}-run.patch"
+)
+
+src_prepare() {
+	default_src_prepare
+
+	mv "${S}/configure.in" "${S}/configure.ac" || die "mv failed"
+
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--localstatedir=/var \
+		$(use_enable dbx libpreludedb) \
+		$(use_with tcpwrapper libwrap) \
+		$(use_enable xml xmlmod) \
+		$(use_enable geoip libmaxminddb)
+}
+
+src_install() {
+	default_src_install
+
+	rm -rv "${D}/run" || die "rm failed"
+	keepdir /var/spool/prelude-manager{,/failover,/scheduler}
+
+	prune_libtool_files --modules
+
+	systemd_dounit "${FILESDIR}/${PN}.service"
+	systemd_newtmpfilesd "${FILESDIR}/${PN}.run" "${PN}.conf"
+
+	newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+}