svn commit: r454991 - in branches/2017Q4/security/suricata: . files

Niclas Zeising zeising at FreeBSD.org
Mon Nov 27 20:36:12 UTC 2017 

Author: zeising
Date: Mon Nov 27 20:36:11 2017
New Revision: 454991
URL: https://svnweb.freebsd.org/changeset/ports/454991

Log:
  MFH: r454649
  
  Fix suricata failing to start if there is a stale pid file laying around.
  This can happen if suricata is ungracefully shut down.
  
  PR:		223052, 223322
  Submitted by:	Reshad Patuck, Franco Fichtner
  Approved by:	Franco Fichtner (maintainer)
  
  Approved by:	ports-secteam (swills)

Modified:
  branches/2017Q4/security/suricata/Makefile
  branches/2017Q4/security/suricata/files/suricata.in
Directory Properties:
  branches/2017Q4/   (props changed)

Modified: branches/2017Q4/security/suricata/Makefile
==============================================================================
--- branches/2017Q4/security/suricata/Makefile	Mon Nov 27 20:11:39 2017	(r454990)
+++ branches/2017Q4/security/suricata/Makefile	Mon Nov 27 20:36:11 2017	(r454991)
@@ -3,6 +3,7 @@
 
 PORTNAME=	suricata
 PORTVERSION=	4.0.0
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://www.openinfosecfoundation.org/download/
 

Modified: branches/2017Q4/security/suricata/files/suricata.in
==============================================================================
--- branches/2017Q4/security/suricata/files/suricata.in	Mon Nov 27 20:11:39 2017	(r454990)
+++ branches/2017Q4/security/suricata/files/suricata.in	Mon Nov 27 20:36:11 2017	(r454991)
@@ -19,13 +19,17 @@
 #				Default: 8000
 # suricata_netmap (str):	Set to YES to enable netmap (Inline Mode)
 #				Default: NO
+# suricata_user (str):		Set the user to run suricata as
+#				Default: root
+# suricata_pidfile (str):	Pidfile to store pid of suricata process
+#				Default: /var/run/suricata.pid
 
-
 . /etc/rc.subr
 
 name="suricata"
 rcvar=suricata_enable
 
+start_precmd="suricata_prestart"
 command="%%PREFIX%%/bin/suricata"
 
 load_rc_config $name
@@ -35,6 +39,8 @@ load_rc_config $name
 [ -z "$suricata_flags" ]	&& suricata_flags="-D"
 [ -z "$suricata_divertport" ]	&& suricata_divertport="8000"
 [ -z "$suricata_netmap" ]	&& suricata_netmap="NO"
+[ -z "$suricata_user" ]		&& suricata_user="root"
+[ -z "$suricata_pidfile" ]	&& suricata_pidfile="/var/run/suricata.pid"
 
 if [ -n "$suricata_interface" ]; then
 	for interface in $suricata_interface; do
@@ -47,9 +53,16 @@ else
 	info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
 fi
 
-pidfile="/var/run/suricata.pid"
+pidfile=$suricata_pidfile
 suricata_flags="$suricata_flags --pidfile $pidfile"
 
 [ -n "$suricata_conf" ]	&& suricata_flags="$suricata_flags -c $suricata_conf"
+
+suricata_prestart()
+{
+	if ! run_rc_command status > /dev/null; then
+		rm -f "$pidfile"
+	fi
+}
 
 run_rc_command "$1"

More information about the svn-ports-branches mailing list