From 2ccfeca86f0ad37b3ebb81256867ab7dea3ef6a82d6b8c823eb117bd2fa2633f Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 26 Oct 2012 07:23:57 +0000 Subject: [PATCH 1/3] Accepting request 139369 from home:coolo:branches:openSUSE:Factory - remove prototypes for flex, they conflict with the real ones OBS-URL: https://build.opensuse.org/request/show/139369 OBS-URL: https://build.opensuse.org/package/show/security/argus?expand=0&rev=9 --- argus-3.0.0-flex.diff | 13 +++++++++++++ argus.changes | 5 +++++ argus.spec | 22 ++++++++++++---------- 3 files changed, 30 insertions(+), 10 deletions(-) create mode 100644 argus-3.0.0-flex.diff diff --git a/argus-3.0.0-flex.diff b/argus-3.0.0-flex.diff new file mode 100644 index 0000000..52ab70e --- /dev/null +++ b/argus-3.0.0-flex.diff @@ -0,0 +1,13 @@ +Index: argus-3.0.0/common/scanner.l +=================================================================== +--- argus-3.0.0.orig/common/scanner.l ++++ argus-3.0.0/common/scanner.l +@@ -85,7 +85,7 @@ int argus_lex(void); + int argus_get_lineno (void); + FILE *argus_get_in (void); + FILE *argus_get_out (void); +-int argus_get_leng (void); ++/* int argus_get_leng (void); */ + char *argus_get_text(void); + void argus_set_lineno (int); + void argus_set_in (FILE *); diff --git a/argus.changes b/argus.changes index 51a0742..9cab76a 100644 --- a/argus.changes +++ b/argus.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Oct 26 05:34:04 UTC 2012 - coolo@suse.com + +- remove prototypes for flex, they conflict with the real ones + ------------------------------------------------------------------- Sun Nov 27 10:05:22 UTC 2011 - coolo@suse.com diff --git a/argus.spec b/argus.spec index 5c0eca8..e8bc447 100644 --- a/argus.spec +++ b/argus.spec @@ -1,7 +1,7 @@ # # spec file for package argus # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,29 +16,31 @@ # - Name: argus -BuildRequires: bison flex libpcap-devel tcpd-devel tcsh -License: BSD3c ; LGPLv2.1+ ; MIT -Group: Productivity/Networking/Diagnostic +BuildRequires: bison +BuildRequires: flex +BuildRequires: libpcap-devel +BuildRequires: tcpd-devel +BuildRequires: tcsh Summary: Network Monitoring Tool +License: BSD-3-Clause and LGPL-2.1+ and MIT +Group: Productivity/Networking/Diagnostic Version: 3.0.0 -Release: 3 +Release: 0 Url: http://www.qosient.com/argus/ Source: %{name}-%{version}.tar.bz2 Source1: rc.argus Source2: sysconfig.argus Source3: README.SuSE Source4: argus_linux.8.gz -#Patch: %{name}-%{version}-fixes-1.patch +Patch0: %{name}-%{version}-flex.diff Patch1: %{name}-%{version}-libpcap.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %package server -License: BSD3c ; LGPLv2.1+ ; NON-OSI-COMPLIANT(Restricted Shareware) ; MIT PreReq: %insserv_prereq %fillup_prereq -Group: Productivity/Networking/Diagnostic Summary: Daemon for Network Monitoring Tool +Group: Productivity/Networking/Diagnostic Requires: argus Provides: argus:/usr/sbin/argus @@ -52,7 +54,7 @@ Daemon for Argus network monitoring tool. %prep %setup -n argus-%{version} -# %patch -p1 +%patch0 -p1 %patch1 cp %{S:3} . cp %{S:4} man/man8/ From deaee6a6e27b01b90870d0af18cae84c52108438bb60d7baf96de403a4ee42da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= Date: Wed, 31 Oct 2012 16:19:42 +0000 Subject: [PATCH 2/3] Accepting request 139868 from home:posophe:branches:security Please see .changes; coolo upstream patch is no longer needed OBS-URL: https://build.opensuse.org/request/show/139868 OBS-URL: https://build.opensuse.org/package/show/security/argus?expand=0&rev=10 --- argus-3.0.0-flex.diff | 13 -- argus-3.0.0.tar.bz2 | 3 - ...ibpcap.diff => argus-3.0.6.1-libpcap.patch | 8 +- argus-3.0.6.1.tar.bz2 | 3 + argus.changes | 13 ++ argus.service | 11 ++ argus.spec | 62 ++++---- rc.argus | 132 ------------------ sysconfig.argus | 18 --- 9 files changed, 59 insertions(+), 204 deletions(-) delete mode 100644 argus-3.0.0-flex.diff delete mode 100644 argus-3.0.0.tar.bz2 rename argus-3.0.0-libpcap.diff => argus-3.0.6.1-libpcap.patch (53%) create mode 100644 argus-3.0.6.1.tar.bz2 create mode 100644 argus.service delete mode 100644 rc.argus delete mode 100644 sysconfig.argus diff --git a/argus-3.0.0-flex.diff b/argus-3.0.0-flex.diff deleted file mode 100644 index 52ab70e..0000000 --- a/argus-3.0.0-flex.diff +++ /dev/null @@ -1,13 +0,0 @@ -Index: argus-3.0.0/common/scanner.l -=================================================================== ---- argus-3.0.0.orig/common/scanner.l -+++ argus-3.0.0/common/scanner.l -@@ -85,7 +85,7 @@ int argus_lex(void); - int argus_get_lineno (void); - FILE *argus_get_in (void); - FILE *argus_get_out (void); --int argus_get_leng (void); -+/* int argus_get_leng (void); */ - char *argus_get_text(void); - void argus_set_lineno (int); - void argus_set_in (FILE *); diff --git a/argus-3.0.0.tar.bz2 b/argus-3.0.0.tar.bz2 deleted file mode 100644 index 3eef74d..0000000 --- a/argus-3.0.0.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bcce24ca20611d64b9c17278b57e6df3b5919ff58d276cc78a1e76367869ced6 -size 325033 diff --git a/argus-3.0.0-libpcap.diff b/argus-3.0.6.1-libpcap.patch similarity index 53% rename from argus-3.0.0-libpcap.diff rename to argus-3.0.6.1-libpcap.patch index 7165117..dcbe36b 100644 --- a/argus-3.0.0-libpcap.diff +++ b/argus-3.0.6.1-libpcap.patch @@ -1,6 +1,6 @@ ---- argus/ArgusSource.c -+++ argus/ArgusSource.c -@@ -45,7 +45,7 @@ +--- a/argus/ArgusSource.c 2012-06-20 15:11:43.000000000 +0200 ++++ b/argus/ArgusSource.c 2012-10-24 11:14:47.425282905 +0200 +@@ -48,7 +48,7 @@ #if defined(__APPLE_CC__) || defined(__APPLE__) #define PCAP_DONT_INCLUDE_PCAP_BPF_H #include @@ -8,4 +8,4 @@ +#include #endif - #include + diff --git a/argus-3.0.6.1.tar.bz2 b/argus-3.0.6.1.tar.bz2 new file mode 100644 index 0000000..30b8cb0 --- /dev/null +++ b/argus-3.0.6.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:df330ae91d4d74147587d6c4a6322a50fe4d30853830a72849867a50f22c60af +size 742739 diff --git a/argus.changes b/argus.changes index 9cab76a..4330dc4 100644 --- a/argus.changes +++ b/argus.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Sun Oct 28 15:54:54 UTC 2012 - p.drouand@gmail.com + +- Remove argus-3.0.0-flex.diff from Coolo : argus_get_leng string + is no longer used since 3.0.6 release + +------------------------------------------------------------------- +Sun Oct 28 14:00:36 UTC 2012 - p.drouand@gmail.com + +- - Update to 3.0.6.1 version : + * no complete changelog available +- Remove sysvinit support and improve systemd support + ------------------------------------------------------------------- Fri Oct 26 05:34:04 UTC 2012 - coolo@suse.com diff --git a/argus.service b/argus.service new file mode 100644 index 0000000..2c15453 --- /dev/null +++ b/argus.service @@ -0,0 +1,11 @@ +[Unit] +Description=Argus generates network transaction audit records +After=syslog.target network.target + +[Service] +PIDFile=/var/run/argus.pid +ExecStart=/usr/sbin/argus -d + +[Install] +WantedBy=multi-user.target + diff --git a/argus.spec b/argus.spec index e8bc447..46b8b8e 100644 --- a/argus.spec +++ b/argus.spec @@ -1,7 +1,7 @@ # # spec file for package argus # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,32 +16,29 @@ # + Name: argus -BuildRequires: bison -BuildRequires: flex -BuildRequires: libpcap-devel -BuildRequires: tcpd-devel -BuildRequires: tcsh -Summary: Network Monitoring Tool -License: BSD-3-Clause and LGPL-2.1+ and MIT +BuildRequires: bison flex libpcap-devel tcpd-devel tcsh +License: BSD-3-Clause ; LGPL-2.1+ ; MIT Group: Productivity/Networking/Diagnostic -Version: 3.0.0 -Release: 0 +Summary: Network Monitoring Tool +Version: 3.0.6.1 +Release: 3 Url: http://www.qosient.com/argus/ Source: %{name}-%{version}.tar.bz2 -Source1: rc.argus -Source2: sysconfig.argus Source3: README.SuSE Source4: argus_linux.8.gz -Patch0: %{name}-%{version}-flex.diff -Patch1: %{name}-%{version}-libpcap.diff +Source5: argus.service +Patch1: %{name}-%{version}-libpcap.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: systemd %package server -PreReq: %insserv_prereq %fillup_prereq -Summary: Daemon for Network Monitoring Tool +License: BSD-3-Clause ; LGPL-2.1+ ; NON-OSI-COMPLIANT(Restricted Shareware) ; MIT Group: Productivity/Networking/Diagnostic +Summary: Daemon for Network Monitoring Tool Requires: argus +%{?systemd_requires} Provides: argus:/usr/sbin/argus %description @@ -54,8 +51,7 @@ Daemon for Argus network monitoring tool. %prep %setup -n argus-%{version} -%patch0 -p1 -%patch1 +%patch1 -p1 cp %{S:3} . cp %{S:4} man/man8/ @@ -66,9 +62,10 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" make %{?_smp_mflags} %install -install -d -m 755 $RPM_BUILD_ROOT{/etc/init.d,/sbin,/usr/{sbin,bin,share/man},%{_docdir}} +install -d -m 755 $RPM_BUILD_ROOT{/etc,/usr/{sbin,bin,share/man},%{_docdir}} install -m 700 bin/argus $RPM_BUILD_ROOT/usr/sbin/argus install -m 700 bin/arg* $RPM_BUILD_ROOT/usr/bin/ +install -D -m 0755 %{SOURCE5} %{buildroot}/%{_unitdir}/argus.service # alread in sbin rm -f $RPM_BUILD_ROOT/usr/bin/argus rm -f $RPM_BUILD_ROOT/usr/bin/argus_linux @@ -76,38 +73,35 @@ rm -f $RPM_BUILD_ROOT/usr/bin/argus_linux cp -a man* $RPM_BUILD_ROOT%{_mandir} chmod a-x $RPM_BUILD_ROOT%{_mandir}/*/* ) rm -f $RPM_BUILD_ROOT%{_mandir}/man1/tcpdump.1* +rm -rf `find -type f -name ._*` install -m 600 support/Config/argus.conf $RPM_BUILD_ROOT/etc/argus.conf install -m 755 support/Archive/argusarchive $RPM_BUILD_ROOT/usr/bin/ -install -d -m 755 $RPM_BUILD_ROOT/etc/init.d -install -m 755 %{S:1} $RPM_BUILD_ROOT/etc/init.d/argus -ln -sf ../etc/init.d/argus $RPM_BUILD_ROOT/sbin/rcargus -mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates -install -m 644 %{S:2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.argus find support -type f -exec chmod 0644 {} \; chmod a+x support/{Archive/argusarchive,Startup/argus,System/magic} + +%pre server +%service_add_pre argus.service + %post server -%{fillup_and_insserv argus} +%service_add_post argus.service %preun server -%stop_on_removal argus +%service_del_preun argus.service %postun server -%restart_on_update argus -%{insserv_cleanup} +%service_del_postun argus.service %files %defattr(-,root,root) -/usr/bin/argus* +%{_bindir}/argus* %files server %defattr(-,root,root) -%doc doc COPYING MANIFEST README.* support +%attr(0644,root,root) %doc doc COPYING MANIFEST README.* support %attr(0644,root,root) %doc %{_mandir}/man*/* -%config /etc/init.d/argus %config /etc/argus.conf -/usr/sbin/* -/sbin/rcargus -/var/adm/fillup-templates/sysconfig.argus +%config %{_unitdir}/argus.service +%{_sbindir}/* %changelog diff --git a/rc.argus b/rc.argus deleted file mode 100644 index fa58f74..0000000 --- a/rc.argus +++ /dev/null @@ -1,132 +0,0 @@ -#! /bin/sh -# Copyright (c) 1998-2001 SuSE GmbH Nuernberg, Germany. All rights reserved. -# Copyright (c) 2002 SuSE Linux AG, Nuernberg, Germany. -# -# Author: Carsten Hoeger -# -# /etc/init.d/argus -# -### BEGIN INIT INFO -# Provides: argus -# Required-Start: $remote_fs -# Required-Stop: $remote_fs -# Default-Start: 2 3 5 -# Default-Stop: 0 1 6 -# Description: Start argus -### END INIT INFO - -test -r /etc/sysconfig/argus || exit 6 -. /etc/sysconfig/argus - -ARGUS_BIN=/usr/sbin/argus -test -x $ARGUS_BIN || exit 5 - -# Shell functions sourced from /etc/rc.status: -# rc_check check and set local and overall rc status -# rc_status check and set local and overall rc status -# rc_status -v ditto but be verbose in local rc status -# rc_status -v -r ditto and clear the local rc status -# rc_failed set local and overall rc status to failed -# rc_failed set local and overall rc status to -# rc_reset clear local rc status (overall remains) -# rc_exit exit appropriate to overall rc status -. /etc/rc.status - -# First reset status of this service -rc_reset - -# Return values acc. to LSB for all commands but status: -# 0 - success -# 1 - generic or unspecified error -# 2 - invalid or excess argument(s) -# 3 - unimplemented feature (e.g. "reload") -# 4 - insufficient privilege -# 5 - program is not installed -# 6 - program is not configured -# 7 - program is not running -# -# Note that starting an already running service, stopping -# or restarting a not-running service as well as the restart -# with force-reload (in case signalling is not supported) are -# considered a success. - -case "$1" in - start) - echo -n "Starting argus " - ## Start daemon with startproc(8). If this fails - ## the echo return value is set appropriate. - - /sbin/startproc $ARGUS_BIN -w $ARGUS_LOGFILE \ - -i $ARGUS_INTERFACE || return=$rc_failed - - # Remember status and be verbose - rc_status -v - ;; - stop) - echo -n "Shutting down argus " - /sbin/killproc -TERM $ARGUS_BIN - - # Remember status and be verbose - rc_status -v - ;; - try-restart) - ## Stop the service and if this succeeds (i.e. the - ## service was running before), start it again. - ## Note: try-restart is not (yet) part of LSB (as of 0.7.5) - $0 status >/dev/null && $0 restart - - # Remember status and be quiet - rc_status - ;; - restart) - ## If first returns OK call the second, if first or - ## second command fails, set echo return value. - $0 stop && $0 start || return=$rc_failed - ;; - force-reload) - ## Signal the daemon to reload its config. Most daemons - ## do this on signal 1 (SIGHUP). - ## If it does not support it, restart. - - echo -n "Reload argus" - # if it supports it: - #killproc -HUP $ARGUS_BIN - #touch /var/run/FOO.pid - #rc_status -v - - # Otherwise: - $0 stop && $0 start - rc_status - ;; - reload) - echo -n "Reload argus" - - # If it supports signalling: - #killproc -HUP $ARGUS_BIN - #touch /var/run/FOO.pid - #rc_status -v - - # Otherwise if it does not support reload: - rc_failed 3 - rc_status -v - ;; - status) - echo -n "Checking for service argus: " - ## Check status with checkproc(8), if process is running - ## checkproc will return with exit status 0. - - # Status has a slightly different for the status command: - # 0 - service running - # 1 - service dead, but /var/run/ pid file exists - # 2 - service dead, but /var/lock/ lock file exists - # 3 - service not running - - # NOTE: checkproc returns LSB compliant status values. - checkproc $ARGUS_BIN - rc_status -v - ;; - *) - echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" - exit 1 -esac -rc_exit diff --git a/sysconfig.argus b/sysconfig.argus deleted file mode 100644 index 73a2f45..0000000 --- a/sysconfig.argus +++ /dev/null @@ -1,18 +0,0 @@ -## Path: Network/Monitors/Argus -## Description: Argus settings -## Type: string(eth0) -## Default: eth0 -## ServiceRestart: argus -# -# What interface should argus listen? -# -ARGUS_INTERFACE="eth0" - -## Type: string(/var/log/argus.log) -## Default: /var/log/argus.log -## ServiceRestart: argus -# -# Where to write the argus logfile? (Remember to check this file -# periodical, because it may become very large!!!) -# -ARGUS_LOGFILE="/var/log/argus.log" From 32b7eb15df36755eed5246b6d5113864af32938b96364aa4636a65c6e27ad467 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Mon, 5 Nov 2012 15:42:29 +0000 Subject: [PATCH 3/3] Accepting request 140114 from home:posophe:branches:security Change changes for being acceptable on factory OBS-URL: https://build.opensuse.org/request/show/140114 OBS-URL: https://build.opensuse.org/package/show/security/argus?expand=0&rev=11 --- argus.changes | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/argus.changes b/argus.changes index 4330dc4..14674b8 100644 --- a/argus.changes +++ b/argus.changes @@ -8,7 +8,13 @@ Sun Oct 28 15:54:54 UTC 2012 - p.drouand@gmail.com Sun Oct 28 14:00:36 UTC 2012 - p.drouand@gmail.com - - Update to 3.0.6.1 version : - * no complete changelog available + Bugs fixed : + * Correct memory leak and deadlock issues for argus and radium; + * Argus and radium get some protection from port scanners; + * The client release also fixes a number of bugs with geolocation data, + especially country code aggregation and printing. We also fixed + meta-data label merging, multicast identification, and some minor + issues with variable namespace collisions. - Remove sysvinit support and improve systemd support -------------------------------------------------------------------