diff --git a/srcpkgs/suricata/patches/fix-missing-syscalls.patch b/srcpkgs/suricata/patches/fix-missing-syscalls.patch new file mode 100644 index 00000000000..e1c28982e61 --- /dev/null +++ b/srcpkgs/suricata/patches/fix-missing-syscalls.patch @@ -0,0 +1,21 @@ +--- a/src/util-landlock.c ++++ b/src/util-landlock.c +@@ -40,6 +40,18 @@ + + #include + ++#ifndef __NR_landlock_create_ruleset ++#define __NR_landlock_create_ruleset 444 ++#endif ++ ++#ifndef __NR_landlock_add_rule ++#define __NR_landlock_add_rule 445 ++#endif ++ ++#ifndef __NR_landlock_restrict_self ++#define __NR_landlock_restrict_self 446 ++#endif ++ + #ifndef landlock_create_ruleset + static inline int landlock_create_ruleset( + const struct landlock_ruleset_attr *const attr, const size_t size, const __u32 flags) diff --git a/srcpkgs/suricata/template b/srcpkgs/suricata/template index 3e4f58bae13..8ef16674451 100644 --- a/srcpkgs/suricata/template +++ b/srcpkgs/suricata/template @@ -1,31 +1,28 @@ # Template file for 'suricata' pkgname=suricata -version=4.1.8 -revision=2 +version=7.0.3 +revision=1 build_style=gnu-configure -build_helper="$(vopt_if rust rust)" -configure_args="--disable-gccmarch-native $(vopt_enable rust) - $(vopt_enable lua) $(vopt_enable hiredis) --disable-suricata-update - --disable-static --enable-non-bundled-htp" -hostmakedepends="pkg-config $(vopt_if rust cargo)" -makedepends="libnet-devel libpcap-devel pcre-devel libyaml-devel libcap-ng-devel +build_helper=rust +configure_args="--disable-gccmarch-native $(vopt_enable lua) $(vopt_enable hiredis) + --disable-suricata-update --disable-static --enable-non-bundled-htp" +hostmakedepends="pkg-config cargo" +makedepends="libnet-devel libpcap-devel pcre2-devel libyaml-devel libcap-ng-devel liblz4-devel liblzma-devel file-devel jansson-devel nss-devel libhtp-devel - $(vopt_if rust rust-std) $(vopt_if lua lua53-devel) - $(vopt_if hiredis hiredis-devel)" + libunwind-devel rust-std $(vopt_if lua lua53-devel) $(vopt_if hiredis hiredis-devel)" short_desc="Suricata is a network IDS, IPS and NSM engine" maintainer="Orphaned " license="GPL-2.0-only" homepage="https://suricata-ids.org/" distfiles="https://www.openinfosecfoundation.org/download/${pkgname}-${version}.tar.gz" -checksum=c8a83a05f57cedc0ef81d833ddcfdbbfdcdb6f459a91b1b15dc2d5671f1aecbb +checksum=ea0742d7a98783f1af4a57661af6068bc2d850ac3eca04b3204d28ce165e35ff -build_options="lua rust hiredis" +build_options="lua hiredis" build_options_default="hiredis" desc_option_hiredis="Enable hiredis support" -desc_option_rust="Enable rust protocol parsers" if [ -z "$CROSS_BUILD" ]; then - build_options_default+=" rust lua" + build_options_default+=" lua" fi system_accounts="suricata" @@ -33,13 +30,18 @@ conf_files="/etc/${pkgname}/*.* /etc/${pkgname}/rules/*" CFLAGS="-fcommon" -post_configure() { - if [ "$build_option_rust" ]; then - vsed -i rust/Makefile \ - -e 's/#RUST_TARGET[[:space:]]*=.*/RUST_TARGET = /' +pre_configure() { + if [ ! -z "$CROSS_BUILD" ]; then + mkdir -p rust/target/${XBPS_CROSS_RUST_TARGET} + ln -fs ${XBPS_CROSS_RUST_TARGET} rust/target/${XBPS_CROSS_RUST_TARGET/-unknown} + ln -fs ${XBPS_CROSS_RUST_TARGET} rust/target/${XBPS_CROSS_TRIPLET/-unknown} fi } +post_configure() { + vsed -i rust/Makefile -e 's/.*RUST_TARGET[[:space:]]*=.*/RUST_TARGET =/' +} + post_build() { sed -i 's|#run-as:|run-as:|g' $pkgname.yaml sed -i "s|# user: suri| user: $pkgname|g" $pkgname.yaml @@ -49,10 +51,10 @@ post_build() { post_install() { vsv $pkgname - vinstall $pkgname.yaml 644 etc/$pkgname - vinstall classification.config 644 etc/$pkgname - vinstall reference.config 644 etc/$pkgname - vinstall threshold.config 644 etc/$pkgname - vmkdir etc/$pkgname/rules - vcopy rules/*.rules etc/$pkgname/rules + vinstall suricata.yaml 644 etc/suricata + vinstall etc/classification.config 644 etc/suricata + vinstall etc/reference.config 644 etc/suricata + vinstall threshold.config 644 etc/suricata + vmkdir etc/suricata/rules + vcopy rules/*.rules etc/suricata/rules }