diff options
-rw-r--r-- | debian/changelog | 135 | ||||
-rw-r--r-- | debian/control | 30 | ||||
-rw-r--r-- | debian/copyright | 116 | ||||
-rw-r--r-- | debian/dirs | 1 | ||||
-rw-r--r-- | debian/include-link.txt | 5 | ||||
-rw-r--r-- | debian/manpages | 1 | ||||
-rw-r--r-- | debian/patches/no-suricata-python-package.patch | 13 | ||||
-rw-r--r-- | debian/patches/python3-tests.patch | 11 | ||||
-rw-r--r-- | debian/patches/remove-revision-update.patch | 37 | ||||
-rw-r--r-- | debian/patches/series | 3 | ||||
-rwxr-xr-x | debian/rules | 23 | ||||
-rw-r--r-- | debian/source/format | 1 | ||||
-rw-r--r-- | debian/tests/control | 3 | ||||
-rw-r--r-- | debian/upstream/metadata | 4 | ||||
-rw-r--r-- | debian/watch | 3 |
15 files changed, 386 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..5058c5c --- /dev/null +++ b/debian/changelog @@ -0,0 +1,135 @@ +suricata-update (1.3.2-1) unstable; urgency=medium + + * New upstream release. + * Update copyright dates in d/coyright. + + -- Sascha Steinbiss <satta@debian.org> Thu, 21 Mar 2024 09:25:51 +0100 + +suricata-update (1.3.0-2) unstable; urgency=medium + + * Include link to online documentation in manpage. + Also see https://forum.suricata.io/t/how-to-effectively-block-all-traffic-which-matches-priority-severity-level-1/4033/3 + + -- Sascha Steinbiss <satta@debian.org> Wed, 11 Oct 2023 13:43:25 +0200 + +suricata-update (1.3.0-1) unstable; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Thu, 13 Jul 2023 14:27:18 +0200 + +suricata-update (1.2.7-1) unstable; urgency=medium + + * New upstream release. + * Add upstream metadata file. + * Bump Standards-Version. + * Update copyright date for debian/ directory in d/copyright. + + -- Sascha Steinbiss <satta@debian.org> Sat, 04 Feb 2023 21:23:15 +0100 + +suricata-update (1.2.6-1) unstable; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Thu, 01 Dec 2022 10:28:16 +0100 + +suricata-update (1.2.5-1) unstable; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Mon, 26 Sep 2022 09:36:25 +0200 + +suricata-update (1.2.4-1) unstable; urgency=medium + + * New upstream release. + * Run unittests at build time instead of integration test. + + -- Sascha Steinbiss <satta@debian.org> Thu, 21 Apr 2022 20:00:15 +0200 + +suricata-update (1.2.3-1) unstable; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Sat, 06 Nov 2021 19:07:36 +0100 + +suricata-update (1.2.2-1) unstable; urgency=medium + + * New upstream release. + * Update watchfile. + + -- Sascha Steinbiss <satta@debian.org> Tue, 02 Nov 2021 22:58:21 +0100 + +suricata-update (1.2.1-1) unstable; urgency=medium + + * New upstream release. + * Bump Standards-Version. + * Switch to watchfile version 4. + + -- Sascha Steinbiss <satta@debian.org> Thu, 25 Feb 2021 18:21:57 +0100 + +suricata-update (1.2.0-1) unstable; urgency=medium + + * New upstream release. + * Use debhelper 13. + * Add Rules-Requires-Root. + + -- Sascha Steinbiss <satta@debian.org> Wed, 07 Oct 2020 09:14:50 +0200 + +suricata-update (1.1.2-1) unstable; urgency=medium + + * New upstream release. + * Use debhelper-compat. + * Bump Standards-Version. + + -- Sascha Steinbiss <satta@debian.org> Wed, 29 Apr 2020 20:57:44 +0200 + +suricata-update (1.1.1-1) unstable; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Mon, 16 Dec 2019 16:22:05 +0100 + +suricata-update (1.1.0-1) unstable; urgency=medium + + * New upstream release. + * Bump Standards-Version. + + -- Sascha Steinbiss <satta@debian.org> Thu, 31 Oct 2019 11:48:24 +0100 + +suricata-update (1.0.5-3) unstable; urgency=medium + + * Make this package co-installable with suricata using Python3. + * Bump Standards-Version. + * Use debhelper 12. + + -- Sascha Steinbiss <satta@debian.org> Sat, 07 Sep 2019 18:58:59 +0200 + +suricata-update (1.0.5-2) unstable; urgency=medium + + * Source upload to unstable. + + -- Sascha Steinbiss <satta@debian.org> Mon, 08 Jul 2019 17:42:15 +0200 + +suricata-update (1.0.5-1) experimental; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Thu, 02 May 2019 11:34:15 +0200 + +suricata-update (1.0.4-1) experimental; urgency=medium + + * New upstream release. + + -- Sascha Steinbiss <satta@debian.org> Mon, 11 Mar 2019 08:20:21 +0100 + +suricata-update (1.0.3-2) unstable; urgency=medium + + * add missing d/copyright entries + + -- Sascha Steinbiss <satta@debian.org> Wed, 09 Jan 2019 16:31:54 +0100 + +suricata-update (1.0.3-1) unstable; urgency=low + + * Initial packaging (Closes: #918805) + + -- Sascha Steinbiss <satta@debian.org> Mon, 24 Dec 2018 13:30:53 +0000 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..876624f --- /dev/null +++ b/debian/control @@ -0,0 +1,30 @@ +Source: suricata-update +Maintainer: Sascha Steinbiss <satta@debian.org> +Section: net +Priority: optional +Build-Depends: debhelper-compat (= 13), + dh-python, + python3-all, + python3-setuptools, + python3-yaml, + python3-pytest, + ca-certificates, + help2man +Standards-Version: 4.6.2 +Rules-Requires-Root: no +Vcs-Browser: https://salsa.debian.org/pkg-suricata-team/pkg-suricata-update +Vcs-Git: https://salsa.debian.org/pkg-suricata-team/pkg-suricata-update.git +Homepage: https://github.com/OISF/suricata-update + +Package: suricata-update +Architecture: any +Depends: ${misc:Depends}, + ${python3:Depends}, + ca-certificates, + python3-yaml +Description: tool for updating Suricata rules + suricata-update is a tool to easily and reliably fetch and update rule sets + for the Suricata IDS/IPS system. It queries external upstream rule sources + such as Emerging Threat/Proofpoint's rule sets and others, taking into + account user accounts and preferences, and merges all rules into one file + to be loaded into Suricata. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..63eadad --- /dev/null +++ b/debian/copyright @@ -0,0 +1,116 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: suricata-update +Upstream-Contact: Jason Ish <ish@unx.ca> +Source: https://github.com/OISF/suricata-update + +Files: * +Copyright: (C) 2017-2019 Open Information Security Foundation +License: GPL-2 + +Files: suricata/update/config.py + suricata/update/engine.py + suricata/update/extract.py + suricata/update/loghandler.py + suricata/update/main.py + suricata/update/maps.py + suricata/update/net.py + suricata/update/rule.py + suricata/update/util.py + tests/test_main.py +Copyright: (C) 2011-2017 Jason Ish +License: GPL-2 + +Files: tests/emerging-current_events.rules +Copyright: (c) 2003-2017, Emerging Threats +License: BSD-3-clause + +Files: suricata/update/compat/ordereddict.py +Copyright: (c) 2009 Raymond Hettinger +License: MIT + +Files: suricata/update/compat/argparse/* +Copyright: Steven J. Bethard <steven.bethard@gmail.com> +License: Python + +Files: debian/* +Copyright: (C) 2018-2024 Sascha Steinbiss <satta@debian.org> +License: GPL-2 + +License: GPL-2 + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License, version 2, as published + by the Free Software Foundation. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/> + . + On Debian systems, the complete text of the GNU General + Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". + +License: MIT + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation files + (the "Software"), to deal in the Software without restriction, + including without limitation the rights to use, copy, modify, merge, + publish, distribute, sublicense, and/or sell copies of the Software, + and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + . + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES + OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT + HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR + OTHER DEALINGS IN THE SOFTWARE. + +License: Python + This module is free software, and you may redistribute it and/or modify + it under the same terms as Python itself, so long as this copyright message + and disclaimer are retained in their original form. + . + IN NO EVENT SHALL THE AUTHOR BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, + SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF + THIS CODE, EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH + DAMAGE. + . + THE AUTHOR SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, + AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, + SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. + +License: BSD-3-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + . + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + * Neither the name of the nor the names of its contributors may be used to + endorse or promote products derived from this software without specific + prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. diff --git a/debian/dirs b/debian/dirs new file mode 100644 index 0000000..66393d4 --- /dev/null +++ b/debian/dirs @@ -0,0 +1 @@ +/var/lib/suricata/rules diff --git a/debian/include-link.txt b/debian/include-link.txt new file mode 100644 index 0000000..6a10547 --- /dev/null +++ b/debian/include-link.txt @@ -0,0 +1,5 @@ +[SEE ALSO] + +More information on suricata-update can be found in the online documentation +.UR https://suricata-update.readthedocs.io +.UE . diff --git a/debian/manpages b/debian/manpages new file mode 100644 index 0000000..13cdaf4 --- /dev/null +++ b/debian/manpages @@ -0,0 +1 @@ +debian/man/*.1 diff --git a/debian/patches/no-suricata-python-package.patch b/debian/patches/no-suricata-python-package.patch new file mode 100644 index 0000000..1b487ae --- /dev/null +++ b/debian/patches/no-suricata-python-package.patch @@ -0,0 +1,13 @@ +Description: Do not formally ship suricata package +Author: Sascha Steinbiss <satta@debian.org> +Last-Update: 2019-09-07 +--- a/setup.py ++++ b/setup.py +@@ -35,7 +35,6 @@ + "author": "Jason Ish", + "author_email": "ish@unx.ca", + "packages": [ +- "suricata", + "suricata.update", + "suricata.update.commands", + "suricata.update.configs", diff --git a/debian/patches/python3-tests.patch b/debian/patches/python3-tests.patch new file mode 100644 index 0000000..8d7c8b1 --- /dev/null +++ b/debian/patches/python3-tests.patch @@ -0,0 +1,11 @@ +Description: force Python 3 for script +Author: Sascha Steinbiss <satta@debian.org> +Last-Update: 2019-01-03 +--- a/bin/suricata-update ++++ b/bin/suricata-update +@@ -1,4 +1,4 @@ +-#! /usr/bin/env python ++#! /usr/bin/env python3 + # + # Copyright (C) 2017 Open Information Security Foundation + # diff --git a/debian/patches/remove-revision-update.patch b/debian/patches/remove-revision-update.patch new file mode 100644 index 0000000..9e8f1af --- /dev/null +++ b/debian/patches/remove-revision-update.patch @@ -0,0 +1,37 @@ +Description: remove git revision + The upstream version assumes that it is installed from a Git repository + and tries to insert the Git commit ID into the code. +Author: Sascha Steinbiss <satta@debian.org> +Last-Update: 2019-01-03 +--- a/setup.py ++++ b/setup.py +@@ -15,18 +15,18 @@ + print("Suricata-Update requires Python 2.7 or newer.") + sys.exit(0) + +-def write_git_revision(): +- if not os.path.exists(".git"): +- return +- try: +- revision = subprocess.check_output( +- ["git", "rev-parse", "--short", "HEAD"]) +- with open("./suricata/update/revision.py", "w") as fileobj: +- fileobj.write("revision = '%s'" % (revision.decode().strip())) +- except Exception as err: +- print("Failed to get current git revision: %s" % (err)) ++#def write_git_revision(): ++# if not os.path.exists(".git"): ++# return ++# try: ++# revision = subprocess.check_output( ++# ["git", "rev-parse", "--short", "HEAD"]) ++# with open("./suricata/update/revision.py", "w") as fileobj: ++# fileobj.write("revision = '%s'" % (revision.decode().strip())) ++# except Exception as err: ++# print("Failed to get current git revision: %s" % (err)) + +-write_git_revision() ++#write_git_revision() + + args = { + "name": "suricata-update", diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..8a2bf8e --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,3 @@ +remove-revision-update.patch +python3-tests.patch +no-suricata-python-package.patch diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..1b27e99 --- /dev/null +++ b/debian/rules @@ -0,0 +1,23 @@ +#!/usr/bin/make -f + +export PYBUILD_NAME=suricata-update + +mandir := $(CURDIR)/debian/man +debfolder := $(CURDIR)/debian + +%: + dh $@ --with python3 --buildsystem=pybuild + +override_dh_auto_clean: + rm -rf $(mandir) tests/tmp + dh_auto_clean -- + +override_dh_installman: + mkdir -p $(mandir) + help2man --include=debian/include-link.txt --no-discard-stderr -N -n 'tool to update Suricata sources' bin/suricata-update > $(mandir)/suricata-update.1 + dh_installman -- + +override_dh_auto_test: +ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + PYTHONPATH=. py.test-3 +endif diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..f51b341 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,3 @@ +Test-Command: suricata-update +Depends: @, suricata +Restrictions: needs-root, allow-stderr diff --git a/debian/upstream/metadata b/debian/upstream/metadata new file mode 100644 index 0000000..603bf3e --- /dev/null +++ b/debian/upstream/metadata @@ -0,0 +1,4 @@ +Bug-Database: https://redmine.openinfosecfoundation.org/ +Bug-Submit: https://redmine.openinfosecfoundation.org/projects/suricata-update/issues/new +Repository: https://github.com/OISF/suricata-update.git +Repository-Browse: https://github.com/OISF/suricata-update diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..23e1a38 --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +version=4 +https://github.com/OISF/suricata-update/tags .*/(\d[\d.]+)\.zip + |