prelude-lml (1.0.0-1) debian-dir only changes

Summary

 debian/README.Debian            |   14 ++
 debian/changelog                |  192 ++++++++++++++++++++++++++++++++++++++++
 debian/compat                   |    1 
 debian/control                  |   34 +++++++
 debian/copyright                |   58 ++++++++++++
 debian/dirs                     |    1 
 debian/docs                     |    4 
 debian/patches/debian_log_paths |   43 ++++++++
 debian/patches/disable_cron     |   12 ++
 debian/patches/series           |    1 
 debian/postrm                   |   44 +++++++++
 debian/prelude-lml.init         |   62 ++++++++++++
 debian/rules                    |   68 ++++++++++++++
 debian/watch                    |   10 ++
 14 files changed, 544 insertions(+)

    
download this patch

Patch contents

--- prelude-lml-1.0.0.orig/debian/dirs
+++ prelude-lml-1.0.0/debian/dirs
@@ -0,0 +1 @@
+usr/bin
--- prelude-lml-1.0.0.orig/debian/rules
+++ prelude-lml-1.0.0/debian/rules
@@ -0,0 +1,68 @@
+#!/usr/bin/make -f
+#export DH_VERBOSE=1
+
+include /usr/share/quilt/quilt.make
+
+configure: configure-stamp
+configure-stamp: patch
+	dh_testdir
+
+#	./autogen.sh
+	./configure --prefix=/usr --mandir=\$${prefix}/share/man --sysconfdir=/etc --enable-gtk-doc=no --localstatedir=/var
+	touch configure-stamp
+
+build: build-stamp
+
+build-stamp: configure-stamp 
+	dh_testdir
+	$(MAKE)
+	touch build-stamp
+
+clean: clean-patched unpatch
+
+clean-patched:
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp configure-stamp install-stamp
+	[ ! -f Makefile ] || $(MAKE) distclean
+
+	dh_clean
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k
+	dh_installdirs
+	$(MAKE) install DESTDIR=$(CURDIR)/debian/prelude-lml
+
+	#for rule_file in $(CURDIR)/debian/debian-lml-rules/*.rules; do \
+	#	install -m 644 $$rule_file $(CURDIR)/debian/prelude-lml/etc/prelude-lml/ruleset/ ; \
+	#done
+
+	touch install-stamp
+
+
+binary-indep: build install
+
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installdocs
+	dh_installinit
+#	dh_installman
+#	dh_undocumented prelude-lml.1
+	dh_installchangelogs ChangeLog
+	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+#	dh_makeshlibs
+	dh_installdeb
+#	dh_perl
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
--- prelude-lml-1.0.0.orig/debian/watch
+++ prelude-lml-1.0.0/debian/watch
@@ -0,0 +1,10 @@
+# debian watch file
+# You can run the "uscan" command
+# to check for upstream updates and more.
+# See uscan(1) for format
+
+# Compulsory line, this is a version 3 file
+version=3
+
+http://www.prelude-ids.com/en/development/download/index.html \
+	/download/releases/prelude-lml/prelude-lml-([\d\.]*)\.tar\.gz
--- prelude-lml-1.0.0.orig/debian/docs
+++ prelude-lml-1.0.0/debian/docs
@@ -0,0 +1,4 @@
+README
+AUTHORS
+HACKING.README
+NEWS
--- prelude-lml-1.0.0.orig/debian/compat
+++ prelude-lml-1.0.0/debian/compat
@@ -0,0 +1 @@
+5
--- prelude-lml-1.0.0.orig/debian/prelude-lml.init
+++ prelude-lml-1.0.0/debian/prelude-lml.init
@@ -0,0 +1,62 @@
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides:          prelude-lml
+# Required-Start:    $syslog $remote_fs
+# Required-Stop:     $syslog $remote_fs
+# Should-Start:      $local_fs
+# Should-Stop:       $local_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start prelude-lml sensor
+### END INIT INFO
+
+
+
+test $DEBIAN_SCRIPT_DEBUG && set -v -x
+
+NAME=prelude-lml
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/bin/prelude-lml
+PIDFILE=/var/run/$NAME.pid
+DAEMONARGS="-d -q -P /var/run/$NAME.pid"
+
+trap "" 1
+export LANG=C
+export PATH
+
+test -f $DAEMON || exit 0
+
+case "$1" in
+  start)
+    echo -n "Starting Prelude LML: $NAME"
+    start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON --oknodo \
+    	--quiet -- $DAEMONARGS > /dev/null
+	;;
+
+  stop)
+    echo -n "Stopping Prelude LML: $NAME"
+    start-stop-daemon --stop --pidfile $PIDFILE --exec $DAEMON --quiet \
+    	--oknodo > /dev/null
+	;;
+
+  restart|force-restart|reload|force-reload)
+    echo -n "Restarting Prelude LML: $NAME"
+    start-stop-daemon --stop --pidfile $PIDFILE --exec $DAEMON --quiet \
+    	--oknodo > /dev/null
+    start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON --oknodo \
+    	--quiet -- $DAEMONARGS > /dev/null
+        ;;
+
+  *)
+    echo "Usage: $0 {start|stop|restart}"
+    exit 1
+       	;;
+esac
+
+if [ $? -eq 0 ]; then
+	echo .
+	exit 0
+else
+	echo failed
+	exit 1
+fi
--- prelude-lml-1.0.0.orig/debian/postrm
+++ prelude-lml-1.0.0/debian/postrm
@@ -0,0 +1,44 @@
+#! /bin/sh
+# postrm script for prelude-lml
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <postrm> `remove'
+#        * <postrm> `purge'
+#        * <old-postrm> `upgrade' <new-version>
+#        * <new-postrm> `failed-upgrade' <old-version>
+#        * <new-postrm> `abort-install'
+#        * <new-postrm> `abort-install' <old-version>
+#        * <new-postrm> `abort-upgrade' <old-version>
+#        * <disappearer's-postrm> `disappear' <r>overwrit>r> <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+case "$1" in
+
+     purge)
+       rm -f /etc/prelude-lml/ruleset/*.rules
+       rm -f /var/lib/prelude-lml/*
+     
+     ;;
+     
+     remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+
+     ;;
+
+     *)
+        echo "postrm called with unknown argument \`$1'" >&2
+        exit 1
+     ;;
+
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- prelude-lml-1.0.0.orig/debian/copyright
+++ prelude-lml-1.0.0/debian/copyright
@@ -0,0 +1,58 @@
+This package was debianized by Thomas Seyrat <tomasera@debian.org> on
+Sat,  6 Apr 2002 10:51:28 +0200.
+
+The current Debian Maintainer is Mickael Profeta <profeta@debian.org>
+
+It was downloaded from <URL:http://www.prelude-ids.org/>
+
+Upstream Author: Yoann Vandoorselaere <yoann@mandrakesoft.com>
+
+Copyright (C) 2001,2002 Yoann Vandoorselaere
+
+The README file specifies :
+
+This library is released under the GPL with the additional exemption 
+that compiling, linking, and/or using OpenSSL is allowed.
+
+Please see http://www.openssl.org/support/faq.html#LEGAL2 for more 
+informations.
+
+   This package is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991.
+
+   This package is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this package; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 
+   02110-1301, USA. 
+
+On Debian GNU/Linux systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL'.
+
+The files in libmissing/ are distributed under the GNU Lesser General
+Public License
+
+  This library is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This library is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+On Debian systems, the complete text of the GNU Lesser General Public
+License, can be found in /usr/share/common-licenses/LGPL.
+
+The Debian packaging is (C) 2006, Mickael Profeta <profeta@debian.org>
+is licensed under the GPL, see above.
--- prelude-lml-1.0.0.orig/debian/changelog
+++ prelude-lml-1.0.0/debian/changelog
@@ -0,0 +1,192 @@
+prelude-lml (1.0.0-1) unstable; urgency=low
+
+  * Imported Upstream version 1.0.0
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 18 Mar 2010 09:45:21 +0100
+
+prelude-lml (1.0.0~rc2-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 09 Feb 2010 13:30:03 +0100
+
+prelude-lml (1.0.0~rc1-1) unstable; urgency=low
+
+  * New upstream release
+  * Bump standards version to 3.8.4
+  * Update description
+  * Recommend rsyslog | system-log-daemon
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 03 Feb 2010 11:45:37 +0100
+
+prelude-lml (0.9.15-1) unstable; urgency=low
+
+  * New Upstream Version
+  * Bump standards version to 3.8.2
+  * Set debconf compat level to 5
+
+ -- Pierre Chifflier <pollux@debian.org>  Fri, 17 Jul 2009 11:23:11 +0200
+
+prelude-lml (0.9.14-2) unstable; urgency=low
+
+  * Upload to unstable
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 26 Feb 2009 22:59:35 +0100
+
+prelude-lml (0.9.14-1) experimental; urgency=low
+
+  * New upstream release
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 19 Oct 2008 22:44:21 +0200
+
+prelude-lml (0.9.13-1) experimental; urgency=low
+
+  * New upstream release
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 25 Aug 2008 16:15:29 +0200
+
+prelude-lml (0.9.12.2-2) unstable; urgency=low
+
+  * Update watch file
+  * Bump standards version (no changes)
+
+ -- Pierre Chifflier <pollux@debian.org>  Tue, 01 Jul 2008 11:51:33 +0200
+
+prelude-lml (0.9.12.2-1) unstable; urgency=low
+
+  * New upstream release (fix installation directory of rules)
+
+ -- Pierre Chifflier <pollux@debian.org>  Thu, 24 Apr 2008 21:20:56 +0200
+
+prelude-lml (0.9.12.1-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 23 Apr 2008 19:17:28 +0200
+
+prelude-lml (0.9.11-1) unstable; urgency=low
+
+  * New upstream release
+  * drop disable_cron, merged upstream
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 17 Dec 2007 19:09:21 +0100
+
+prelude-lml (0.9.10.1-3) unstable; urgency=low
+
+  * Remove remaining rules and var files on purge (Closes: #355737, #455030)
+  * Bump standard version (no changes)
+
+ -- Pierre Chifflier <pollux@debian.org>  Sun, 16 Dec 2007 16:52:31 +0100
+
+prelude-lml (0.9.10.1-2) unstable; urgency=low
+
+  * Add quilt patches:
+    + debian_log_paths: set correct path for debian logs (auth.log, apache)
+    + disable_cron: disable cron alerts by default (see README.Debian)
+
+ -- Pierre Chifflier <pollux@debian.org>  Mon, 15 Oct 2007 17:46:01 +0200
+
+prelude-lml (0.9.10.1-1) unstable; urgency=low
+
+  * New upstream release
+  * Update my email address
+
+ -- Pierre Chifflier <pollux@debian.org>  Wed, 08 Aug 2007 22:05:39 +0200
+
+prelude-lml (0.9.10-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Pierre Chifflier <chifflier@inl.fr>  Sun, 20 May 2007 16:07:12 +0200
+
+prelude-lml (0.9.9-1) unstable; urgency=low
+
+  * New upstream release
+  * Update my email address
+  * Add watch file
+  * Add compat file
+
+ -- Pierre Chifflier <chifflier@inl.fr>  Wed, 02 May 2007 14:13:54 +0200
+
+prelude-lml (0.9.8.1-1) unstable; urgency=low
+
+  * New upstream release
+  * Add myself to Uploaders
+
+ -- Pierre Chifflier <chifflier@cpe.fr>  Mon, 29 Jan 2007 22:52:19 +0100
+
+prelude-lml (0.9.7-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Mickael Profeta <profeta@debian.org>  Fri, 27 Oct 2006 10:38:47 +0200
+
+prelude-lml (0.9.4-1) unstable; urgency=low
+
+  * New upstream release
+  * Modify copyright to include LGPL for libmissing directory
+
+ -- Mickael Profeta <profeta@debian.org>  Wed, 26 Apr 2006 13:49:31 +0200
+
+prelude-lml (0.9.2-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Mickael Profeta <profeta@debian.org>  Sat,  4 Feb 2006 17:15:22 +0100
+
+prelude-lml (0.9.0-2) unstable; urgency=low
+
+  * update dependencies (closes: #343512)
+
+ -- Mickael Profeta <profeta@debian.org>  Thu, 15 Dec 2005 22:57:56 +0100
+
+prelude-lml (0.9.0-1) unstable; urgency=low
+
+  * New upstream release
+  * new config.guess/config.sub (closes: #333649)
+
+ -- Mickael Profeta <profeta@debian.org>  Wed,  5 Oct 2005 13:26:41 +0000
+
+prelude-lml (0.8.6-4) unstable; urgency=low
+
+  * added libssl-dev in build-depend
+
+ -- Mickael Profeta <profeta@debian.org>  Wed, 12 Nov 2003 16:15:54 +0100
+
+prelude-lml (0.8.6-3) unstable; urgency=low
+
+  * change == operator to -eq in init file 
+
+ -- Mickael Profeta <profeta@debian.org>  Wed, 12 Nov 2003 11:46:15 +0100
+
+prelude-lml (0.8.6-2) unstable; urgency=low
+
+  * Change the maintainer in control file 
+
+ -- Mickael Profeta <profeta@debian.org>  Tue,  4 Nov 2003 15:06:40 +0100
+
+prelude-lml (0.8.6-1) unstable; urgency=low
+
+  * New upstream release
+  * Add in copyright exception to GPL in order to link with OpenSSL
+
+ -- Mickael Profeta <profeta@debian.org>  Tue,  4 Nov 2003 10:19:57 +0100
+
+prelude-lml (0.8.3-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- Mickael Profeta <mike@alezan.org>  Sun, 12 Oct 2003 22:08:03 +0200
+
+prelude-lml (0.8.2-1) unstable; urgency=low
+
+  * New upstream release
+
+ -- PROFETA Mickael <profeta@debian.org>  Sun,  5 Jan 2003 21:17:38 +0100
+
+prelude-lml (0.8.1-1) unstable; urgency=low
+
+  * Initial Release.
+
+ -- Thomas Seyrat <tomasera@debian.org>  Sat,  6 Apr 2002 19:37:00 +0200
+
--- prelude-lml-1.0.0.orig/debian/control
+++ prelude-lml-1.0.0/debian/control
@@ -0,0 +1,34 @@
+Source: prelude-lml
+Section: admin
+Priority: extra
+Maintainer: Mickael Profeta <profeta@debian.org>
+Uploaders: Pierre Chifflier <pollux@debian.org>
+Build-Depends: debhelper (>> 5.0.0),
+    libev-dev,
+    libprelude-dev (>> 0.9.7),
+    libpcre3-dev,
+    libgnutls-dev (>= 1.2.9),
+    libicu-dev,
+    quilt
+Standards-Version: 3.8.4
+
+Package: prelude-lml
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Recommends: rsyslog | system-log-daemon
+Description: Security Information Management System [ Log Agent ]
+ Prelude is a Universal "Security Information Management" (SIM) system.
+ Its goals are performance and modularity. It is divided in two main
+ parts :
+  - the Prelude sensors, responsible for generating alerts, such as
+    snort sensor, featuring a signature engine, plugins for
+    protocol analysis, and intrusion detection plugins, and the Prelude
+    log monitoring lackey.
+  - the Prelude report server, collecting data from Prelude sensors,
+    and generating user-readable reports.
+ .
+ Prelude-LML is a signature based log analyzer monitoring logfile and
+ received syslog messages for suspicious activity. It handle events
+ generated by a large set of components, including but not limited to:
+ Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios,
+ NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc.
--- prelude-lml-1.0.0.orig/debian/README.Debian
+++ prelude-lml-1.0.0/debian/README.Debian
@@ -0,0 +1,14 @@
+Prelude-LML specific changes for Debian
+=======================================
+
+Log files location
+------------------
+
+Log files locations have been adapted to Debian (and, more generally, FHS).
+Default logs include:
+ - /var/log/syslog
+ - /var/log/auth.log
+ - /var/log/apache2/acces.log
+
+To change this, edit /etc/prelude-lml/prelude-lml.conf
+
--- prelude-lml-1.0.0.orig/debian/patches/debian_log_paths
+++ prelude-lml-1.0.0/debian/patches/debian_log_paths
@@ -0,0 +1,43 @@
+Index: prelude-lml/prelude-lml.conf.in
+===================================================================
+--- prelude-lml.orig/prelude-lml.conf.in	2009-07-17 11:14:49.000000000 +0200
++++ prelude-lml/prelude-lml.conf.in	2009-07-17 11:20:22.000000000 +0200
+@@ -68,16 +68,17 @@
+ time-format = "%b %d %H:%M:%S"
+ prefix-regex = "^(?P<timestamp>.{15}) (?P<hostname>\S+) (?:(?P<process>\S+?)(?:\[(?P<pid>[0-9]+)\])?: )?"
+ file = /var/log/messages
++file = /var/log/auth.log
+ # udp-server = 0.0.0.0
+ 
+ 
+ #
+ # Sample configuration for metalog:
+ #
+-[format=metalog]
+-prefix-regex = "^(?P<timestamp>.{15}) \[(?P<process>\S+)\] "
+-time-format = "%b %d %H:%M:%S"
+-file = /var/log/everything/current
++#[format=metalog]
++#prefix-regex = "^(?P<timestamp>.{15}) \[(?P<process>\S+)\] "
++#time-format = "%b %d %H:%M:%S"
++#file = /var/log/everything/current
+ # udp-server = 0.0.0.0
+ 
+ 
+@@ -87,14 +88,12 @@
+ [format=apache]
+ time-format = "%d/%b/%Y:%H:%M:%S"
+ prefix-regex = "(?P<hostname>\S+) \S+ \S+ \[(?P<timestamp>.{20}) [+-].{4}\] "
+-file = /var/log/httpd/access_log
+-file = /var/log/apache2/access_log
++file = /var/log/apache2/access.log
+ 
+ [format=apache-error]
+ time-format = "%a %b %d %H:%M:%S %Y"
+ prefix-regex = "^\[(?P<timestamp>.{24})\] \S+ (\[client (?P<hostname>\S+)\] )?"
+-file = /var/log/httpd/error_log
+-file = /var/log/apache2/error_log
++file = /var/log/apache2/error.log
+ 
+ 
+ 
--- prelude-lml-1.0.0.orig/debian/patches/disable_cron
+++ prelude-lml-1.0.0/debian/patches/disable_cron
@@ -0,0 +1,12 @@
+Index: prelude-lml-0.9.10.1/plugins/pcre/ruleset/pcre.rules
+===================================================================
+--- prelude-lml-0.9.10.1.orig/plugins/pcre/ruleset/pcre.rules	2007-10-15 18:13:50.000000000 +0200
++++ prelude-lml-0.9.10.1/plugins/pcre/ruleset/pcre.rules	2007-10-15 18:14:24.000000000 +0200
+@@ -93,6 +93,7 @@
+ # This next regex isn't specific enough for my liking, but there doesn't seem
+ # to be a better solution based on the log samples
+ regex=[a-z\d]+:;			include = openhostapd.rules;
++regex=CRON;				include = cron.rules;
+ regex=[Pp][Aa][Mm]_;			include = pam.rules;
+ regex=pcanywhere;			include = pcanywhere.rules;
+ regex=portsentry;			include = portsentry.rules;
--- prelude-lml-1.0.0.orig/debian/patches/series
+++ prelude-lml-1.0.0/debian/patches/series
@@ -0,0 +1 @@
+debian_log_paths