snort: update to 2.9.6.0

[jul_bsd@…]

• update
• solve Ticket #32034: just replace libsf_engine.dylib by libsf_engine.so
• #41176
• run snort as user snort, still need to review if want to enable chroot as default
• create some empty directories needed by configuration and adjust config

[mf2k (Frank Schima)]

Trac requires complete email addresses.

[jul_bsd@…]

3 more changes

• use latest gcc49
• use destroot.keepdirs, no more turf
• change config dit to $prefix/share/examples/snort and add a post-activate to put in etc if no pre-existing file

[SickTeddyBear]

Cc Me!

[jul_bsd@…]

• install notes: rules update, needed config review, reminder for plist check and how to check is working
• My problem: snort is launching well, parsing rules, counting packet but I got nothing in log, files are touched but are empty! already check permissions, conf output

[mf2k (Frank Schima)]

Setting the compiler to gcc 4.9 is not really acceptable. Instead, you should blacklist compilers that do not work. See also UsingTheRightCompiler.

[jul_bsd@…]

The blacklist seems mostly about clang coming from #41176. clang < 500 is not working. Except if the test infrastructure have the different compilers available, I can't test more than my desktop setup...

[mf2k (Frank Schima)]

Note this output:

$ port lint --nitpick 
--->  Verifying Portfile for snort
Warning: Line 32 calling adduser directly; consider setting add_users instead
Warning: Line 72 has trailing whitespace before newline
Warning: Line 119 has trailing whitespace before newline
--->  0 errors and 3 warnings found.

See also #38440 and man 7 portfile about using add_users instead of adduser.

[jul_bsd@…]

Ok. fixed. I supposed add_users has the same syntax as adduser.

Is there any documentation which references all those kind of useful commands for Portfile writer/tester? like otool or plutil -lint plistfile.

[mf2k (Frank Schima)]

This does not build for me on 10.9.2 and Xcode 5.1.1. Error is:

-I../../src/preprocessors/portscan -I../../src/preprocessors/HttpInspect/include -I../../src/preprocessors/Stream5 -I../../src/target-based -I../../src/control -I../../src/file-process -I../../src/file-process/libs -I../../src/side-channel -I../../src/side-channel/plugins  -I/opt/local/include -I/opt/local/include -I/opt/local/include -DZLIB -DGRE -DMPLS -DPPM_MGR -DNDEBUG -DENABLE_REACT -DENABLE_RESPOND -DENABLE_RESPONSE3 -DSF_WCHAR -DTARGET_BASED -DPERF_PROFILING -DSNORT_RELOAD -DNO_NON_ETHER_DECODER -DNORMALIZER -DACTIVE_RESPONSE  -pipe -Os -arch x86_64 -DSF_VISIBILITY -fvisibility=hidden -Wall -c spo_unified2.c
:info:build In file included from spo_alert_syslog.c:71:
:info:build ../../src/strlcatu.h:24:8: error: expected parameter declarator
:info:build size_t strlcat(char *, const char *, size_t);
:info:build        ^
:info:build /usr/include/secure/_string.h:111:44: note: expanded from macro 'strlcat'
:info:build   __builtin___strlcat_chk (dest, src, len, __darwin_obsz (dest))

[jul_bsd@…]

strange, I have the same setup (latest 10.9.2, same xcode) and it works... but from your main.log, it seems you are using clang-mp-3.4 which might be the problem. I'm blacklisting macports-clang and will see if it's better

I join my latest patch after port lint & some other minor fix

[jul_bsd@…]

• port lint --nitpick
• livecheck
• /tab/spacex4/

[mf2k (Frank Schima)]

This still does not build for me.

[jul_bsd@…]

Your compiler is still clang ... can you try with the following line?

compiler.blacklist      *clang*

[neverpanic (Clemens Lang)]

Please don't blacklist clang for this problem, because it is very simple to fix with the following patch:

src/strlcatu.h

@@ -21 +21 @@
 #ifndef __STRLCAT_H__
 #define __STRLCAT_H__
 
+#ifndef strlcat
+/*
+ * On OS X (and probably some other systems aswell), strlcat might be
+ * implemented as a macro. If this macro is defined while we're including this
+ * header, strlcat is already declared and trying to re-declare it with the
+ * following line *will* fail, because the macro will expand to something
+ * that's not a valid function name.
+ */
 size_t strlcat(char *, const char *, size_t);
+#endif /* !defined(strlcat) */
 
 #endif /* __STRLCAT_H__ */

src/strlcpyu.h

@@ -21 +21 @@
 #ifndef __STRLCPY_H__
 #define __STRLCPY_H__
 
+#ifndef strlcpy
+/*
+ * On OS X (and probably some other systems aswell), strlcpy might be
+ * implemented as a macro. If this macro is defined while we're including this
+ * header, strlcpy is already declared and trying to re-declare it with the
+ * following line *will* fail, because the macro will expand to something
+ * that's not a valid function name.
+ */
 size_t strlcpy(char *, const char *, size_t);
+#endif /* !defined(strlcpy) */
 
 #endif /* __STRLCPY_H__ */

[neverpanic (Clemens Lang)]

Please also submit this patch upstream.

[jul_bsd@…]

@cal Thanks!

@mfk2 Please try with latest Portfile and the two joined patch. It compiles fines on my box.

[jul_bsd@…]

bump to 2.9.6.1

• build/install/run

[jul_bsd@…]

• mode line
• mysql variants

[mf2k (Frank Schima)]

I see the following error:

--->  Staging snort into destroot
Error: Failed to destroot snort: xinstall: Unknown user snort

[jmroot (Joshua Root)]

This:

post-configure {
	    addgroup snort
	    add_users snort gid=[existsgroup snort] home=${prefix}/var/snort shell=/sbin/nologin realname=Snort\ user
}

needs to change to this:

add_users snort group=snort home=${prefix}/var/snort shell=/sbin/nologin realname=Snort\ user

because the whole point of the add_users variable is to allow base to automatically to call the adduser and addgroup procs for you at the right times. Setting the variable inside a phase can mean it’s not set until after base checks it, or not set at all in cases where you run configure and destroot in separate commands.

[jul_bsd@…]

Thanks for the feedback mf2k@ jmr@. I'm in offline Mac mode, so can't update/test anything currently. Will review that ASAP and post diff if nobody do it before.

about add_users, candidate update of documentation ? https://www.macports.org/guide/#reference.tcl-extensions

[neverpanic (Clemens Lang)]

Replying to jul_bsd@…:

about add_users, candidate update of documentation ? https://www.macports.org/guide/#reference.tcl-extensions

Yes. Please open a separate ticket (component = guide) about that. Feel free to Cc me, even though I won't be able to look into it for another two weeks. If you'd like to provide a patch, you can find the guide's source at browser:trunk/doc-new/guide/xml.

[jmroot (Joshua Root)]

Replying to cal@…:

Replying to jul_bsd@…:

about add_users, candidate update of documentation ? https://www.macports.org/guide/#reference.tcl-extensions

Yes. Please open a separate ticket (component = guide) about that.

There’s already a ticket, see comment:7.

[Schamschula (Marius Schamschula)]

Cc Me!

[jul_bsd@…]

• bump to 2.6.9.2
• update master sites and livecheck as website changed
• use add_users in correct form (vs post-configure/adduser): I suppose the mix was not existing on my setup before I reinstalled but as user was existing due to previous install, it was not complaining

One note, add_users seems to support only one user. With another port (ossec), I have to use adduser has else, add_users only had the last one (or there is a specific

[Schamschula (Marius Schamschula)]

Now that is port is owned by nomaintainer these patches can be committed!

[jul_bsd@…]

I hope so, but still need a committer for this port and a lot more

[mf2k (Frank Schima)]

Thanks for your patience. Do we really need the mysql4 and mysql5 variants? Certainly the mysql51 variant handles the same version of mysql as mysql5.

[jul_bsd@…]

• update to 2.9.7.0
• removed mysql4 mysql5 variants
• destroot ok

[ryandesign (Ryan Carsten Schmidt)]

The notes you've added say:

By default ${prefix}/share/${name}/snort.sh is configured 
to listen only on en0 interface. 

But earlier in the portfile you've added:

set if en1 

Probably the ${if} variable should be used in the notes?

Also, there should not be hard linebreaks in the middles of sentences in the notes. Let MacPorts insert breaks where appropriate based on the terminal width, by putting a backslash at the end of a line that should not have a hard linebreak.

[jul_bsd@…]

done

[pixilla (Bradley Giesbrecht)]

See r130021

[jul_bsd@…]

Thanks a lot Pixilla!