mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

pkgs, deb: improvements

Browse source 
- Don't share sources (reduces deb size).
 - Install eBPF modules under /usr/lib/opensnitchd/ebpf/
   /etc/is only mean for configuration files, and /usr/lib for object
   files and libraries.
   https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch03s07.html#purpose6
   https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s06.html#purpose22
 - Added NEWS file, to inform users about breaking changes and other
   relevant changes.
This commit is contained in:
Gustavo Iñiguez Goia 2022-10-19 13:13:45 +02:00
parent 037f00827e
commit 44500f9c09
Failed to generate hash of commit
3 changed files with 26 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
utils/packaging/daemon/deb/debian/NEWS Normal file
View file

@ -0,0 +1,20 @@
opensnitch (1.6.0-rc.3-1) unstable; urgency=medium
From now on the eBPF modules will be installed under
/usr/lib/opensnitchd/ebpf/.
The daemon will look for the eBPF modules in these directories and order:
- /usr/local/lib/opensnitchd/ebpf/
- /usr/lib/opensnitchd/ebpf/
Modules under /etc/opensnitchd/ will still ne loaded if found, but it's
deprecated and will be removed in the future.
There's a new module to intercept processes execution. It may cause some
rules not to match: for example if you allowed /bin/telnet, now it may be
reported as /usr/bin/inteutils-telnet
These cases are mostly expected. We'll keep improving it, sorry for
the inconveniences.
-- gustavo-iniguez-goya <gustavo.iniguez.goya@gmail.com> Wed, 19 Oct 2022 00:15:19 +0200

5
utils/packaging/daemon/deb/debian/opensnitch.install
View file

@ -1,4 +1,5 @@
daemon/default-config.json etc/opensnitchd/
daemon/system-fw.json etc/opensnitchd/
ebpf_prog/opensnitch.o etc/opensnitchd/
ebpf_prog/opensnitch-dns.o etc/opensnitchd/
ebpf_prog/opensnitch.o usr/lib/opensnitchd/ebpf/
ebpf_prog/opensnitch-dns.o usr/lib/opensnitchd/ebpf/
ebpf_prog/opensnitch-procs.o usr/lib/opensnitchd/ebpf/

3
utils/packaging/daemon/deb/debian/rules
View file

@ -12,5 +12,8 @@ execute_before_dh_auto_install:
mkdir -p $(DESTDIR)/usr/bin
mv _build/bin/daemon $(DESTDIR)/usr/bin/opensnitchd
override_dh_auto_install:
dh_auto_install -- --no-source
%:
dh $@ --builddirectory=_build --buildsystem=golang --with=golang