Commit 78aed177 authored by Stuart Cardall's avatar Stuart Cardall Committed by Natanael Copa

Initial APKBUILD for PSAD into Testing

Corrected patch for PSAD - the APKBUILD now provides the answers
required by so the package will build unattended. I looked
at building the package the Redhat way but the perl install script also
preserves configuration settings on upgrades.
parent 00ee7c58
# Contributor: IT Offshore <>
# Maintainer:
pkgdesc="3 lightweight system daemons that analyze iptables log messages to detect port scans and other suspicious traffic"
depends="perl iptables ip6tables ssmtp psmisc perl-bit-vector perl-date-calc perl-iptables-chainmgr perl-iptables-parse perl-net-ipv4addr perl-unix-syslog net-tools"
build() {
cd "$_builddir"
#Set the config dirs
sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \
-e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \
-e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \
./ -i
#/usr/sbin/psadwatchd set with last cmd
sed -e "s|/var/log/psad|$pkgdir&|" \
-e "s|/var/run/psad|$pkgdir&|" \
-e "s|/var/lib/psad|$pkgdir&|" \
-e "s|/usr/lib/psad|$pkgdir&|" \
-e "s|/etc/psad|$pkgdir&|" \
-e "s|/usr/bin/whois_psad|$pkgdir/usr/bin/whois|" \
-e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \
-e "s|/usr/sbin/kmsgsd|$pkgdir&|" \
-e "s|/usr/sbin/psad|$pkgdir&|" \
./psad.conf -i
#Disable install of generic init script & setting numeric run level
START=$(sed -n '/if ($init_dir and &is_root()) {/=' ./
END=$(expr $START + 7)
#Busybox sed does not support +7d
sed -e ''$START','$END'd' ./ -i
#populate install.answers so build does not wait for them
echo -e "Would you like to merge the config from the existing psad installation:\t n;" > ./install.answers
echo -e "Preserve any user modfications in etc psad signatures:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad icmp_types:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad icmp6_types:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad posf:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad auto_dl:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad snort_rule_dl:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad pf os:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad ip_options:\t y;" >> ./install.answers
echo -e "Would you like alerts sent to a different address:\t y;" >> ./install.answers
echo -e "Email addresses:\t root@localhost;" >> ./install.answers
echo -e "Would you like psad to only parse specific strings in iptables messages:\t n;" >> ./install.answers
echo -e "First is it ok to leave the HOME_NET setting as any:\t y;" >> ./install.answers
echo -e "Would you like to enable DShield alerts:\t n;" >> ./install.answers
echo -e "Would you like to install the latest signatures from http www cipherdyne org psad signatures:\t n;" >> ./install.answers
echo -e "Enable psad at boot time:\t n;" >> ./install.answers
package() {
cd "$_builddir"
mkdir -p $pkgdir/etc/psad \
$pkgdir/usr/bin \
$pkgdir/usr/sbin \
$pkgdir/usr/share/man/man8 \
$pkgdir/var/lib/psad \
$pkgdir/var/log/psad \
# add dummy whois so build completes
ln -s /bin/busybox $pkgdir/usr/bin/whois
# dummy runlevel 1 / skip perl module installation
./ --runlevel 1 --Use-answers --Skip-mod-install
#Set correct permissions
chmod -R o+r $pkgdir/etc/psad
chmod -R o+r $pkgdir/usr/sbin/*
chmod 0700 $pkgdir/var/lib/psad
#remove whois symbolic link
rm -rf $pkgdir/usr/bin/whois
# Fix the config
sed -e "s|$pkgdir||" $pkgdir/etc/psad/psad.conf -i
sed -e "s|$pkgdir||" $pkgdir/var/log/psad/install.log -i
#install init script & config defaults
install -m755 -D "$srcdir"/$pkgname.initd \
"$pkgdir"/etc/init.d/$pkgname || return 1
install -m644 -D "$srcdir"/$pkgname.confd \
"$pkgdir"/etc/conf.d/$pkgname || return 1
md5sums="ee600d9b6b4b915b026370c9a3726b5f psad-nodeps-2.2.1.tar.gz
a1add105866af03e44c64129f2cf38ab psad.initd
bc07efebb41cc23c4be129bbbacc874b psad.confd"
sha256sums="0422cdd1a37d4c8fcc1a4ce6e7c4a6974e58fdde82242f45b83eb6beb85708b5 psad-nodeps-2.2.1.tar.gz
e196bc469e711b322351c60f3ac646997b123b402a3a3c6a0135273510e9b762 psad.initd
74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9 psad.confd"
sha512sums="9e3f475376c3c7b753e71676f5c9d639e9fffd93caf864faa130f8030e37f9a6c57ba59c9519d2bd8dde945f7ff7a014ca2a710bd4b7be9721ca7f13f879b970 psad-nodeps-2.2.1.tar.gz
10ebd44adfe124242883d4904926f164b89f9037fb28dadd938198904c1a35b08dbcae9284d21db8ea50baa7621d3d365926c95b56ffc263adb1c8194ad767de psad.initd
a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54 psad.confd"
# Default settings for psad.
# Add any options you would like to pass to the daemon when started
# For example if you would like to add an override file for your setup, this
# can be achived this way:
# command_args="--Override-config /root/psad.override.conf"
# This file is part of PSAD (Port Scan Attack Detector)
# Adapted for Alpine Linux by IT Offshore <>
depend() {
need net
need logger
after iptables
# allow override config_file location from conf.d
: ${config_file:="/etc/psad/psad.conf"}
check_config() {
[ -f "$config_file" ] || error "$config_file is missing"
start_pre() {
check_config || return 1
# make sure dir for pidfile exists. /var/run is tmpfs...
checkpath --directory ${pidfile%/*}
stop() {
local piddir=${pidfile%/*}
ebegin "Stopping psadwatchd"
start-stop-daemon --stop --quiet --pidfile $piddir/
eend $? "Failed to stop psadwatchd"
if [ -f $piddir/ ] ; then
ebegin "Stopping kmsgsd"
start-stop-daemon --stop --quiet --pidfile $piddir/
eend $? "Failed to stop kmsgsd"
ebegin "Stopping ${SVCNAME}"
start-stop-daemon --stop --quiet --pidfile $piddir/
eend $? "Failed to stop ${SVCNAME}"
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment