diff options
author | V3n3RiX <venerix@koprulu.sector> | 2023-10-21 13:27:11 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2023-10-21 13:27:11 +0100 |
commit | 6d418bd062b0a5ebe5b5139c71d7a94a7aa22077 (patch) | |
tree | 9bd62931b8624f29451667bfea1fa9663af7ffe4 /app-admin | |
parent | 29593225a7ace4b92617cf93e6e22ae43be4bb06 (diff) |
app-admin/opensnitch : version bump
Diffstat (limited to 'app-admin')
-rw-r--r-- | app-admin/opensnitch-ebpf-module/Manifest | 1 | ||||
-rw-r--r-- | app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild | 74 | ||||
-rw-r--r-- | app-admin/opensnitch/Manifest | 36 | ||||
-rw-r--r-- | app-admin/opensnitch/files/opensnitch-1.6.2-systemd.patch (renamed from app-admin/opensnitch/files/systemd.patch) | 12 | ||||
-rw-r--r-- | app-admin/opensnitch/opensnitch-1.5.2-r1.ebuild | 121 | ||||
-rw-r--r-- | app-admin/opensnitch/opensnitch-1.6.2.ebuild | 171 |
6 files changed, 270 insertions, 145 deletions
diff --git a/app-admin/opensnitch-ebpf-module/Manifest b/app-admin/opensnitch-ebpf-module/Manifest new file mode 100644 index 00000000..2bd412f2 --- /dev/null +++ b/app-admin/opensnitch-ebpf-module/Manifest @@ -0,0 +1 @@ +DIST opensnitch-1.6.2.tar.gz 1341337 BLAKE2B c71c89f758d9fdc0a7968c28c8b79791ddf0446392e243acf4db95302d1d109a68372b29bd5b068c41d0bd5ae426a68807d7045a448128fc8badc8ecb906952b SHA512 79e32520e9e370718f0096af8766867154e0e556c164f193816ba965e4d267146941e9849842f42cd2c9bcd00838df460c17570e5c34cf3c2a812491638b71ba diff --git a/app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild b/app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild new file mode 100644 index 00000000..0a11cc3e --- /dev/null +++ b/app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit linux-info + +DESCRIPTION="eBPF process monitor module for opensnitch" +HOMEPAGE="https://github.com/evilsocket/opensnitch" +# NOTE: app-admin/opensnitch and this ebuild share the same source +SRC_URI=" + https://github.com/evilsocket/opensnitch/archive/refs/tags/v${PV}.tar.gz -> opensnitch-${PV}.tar.gz +" +S="${WORKDIR}/opensnitch-${PV}" +EBPF_DIR=ebpf_prog + +KEYWORDS="~amd64" +LICENSE="GPL-3" +SLOT="0" +IUSE="dist-kernel" + +MINKV=5.5 # only compatible with kernels >= 5.5 + +RDEPEND=" + dist-kernel? ( virtual/dist-kernel:= ) + ~app-admin/opensnitch-$PV +" + +DEPEND=" + virtual/linux-sources + >=sys-kernel/linux-headers-${MINKV} +" + +BDEPEND=" + sys-devel/bc + sys-devel/clang + sys-devel/llvm +" + +RESTRICT="strip test" +QA_PREBUILT="*" + +pkg_setup() { + # see https://github.com/evilsocket/opensnitch/discussions/978 + local CONFIG_CHECK=" + CGROUP_BPF + BPF_EVENTS + FTRACE_SYSCALLS + KPROBES_ON_FTRACE + KPROBE_EVENTS + UPROBE_EVENTS + " + + linux-info_pkg_setup + kernel_is -ge ${MINKV//./ } || die "Kernel version at least ${MINKV} required" +} + +src_compile() { + MODULES_MAKEARGS+=( + ARCH="x86" + EXTRA_FLAGS="-fno-stack-protector -fcf-protection" + KERNEL_DIR="${KV_DIR}" + KERNEL_HEADERS=/usr # gentoo installs linux-headers to /usr + ) + emake "${MODULES_MAKEARGS[@]}" -C "$EBPF_DIR" || die + llvm-strip -g "$EBPF_DIR"/opensnitch*.o +} + +src_install(){ + insinto /usr/lib/opensnitchd/ebpf/ + doins "$EBPF_DIR"/opensnitch.o + doins "$EBPF_DIR"/opensnitch-dns.o + doins "$EBPF_DIR"/opensnitch-procs.o +} diff --git a/app-admin/opensnitch/Manifest b/app-admin/opensnitch/Manifest index 6be7b9b6..681c5da5 100644 --- a/app-admin/opensnitch/Manifest +++ b/app-admin/opensnitch/Manifest @@ -1,22 +1,20 @@ -DIST github.com-evilsocket-ftrace-v1.2.0.tar.gz 16895 BLAKE2B e17f90820eb6c2a5691477a1616753407f27ba509262ea57fffcf269f3e5e9ab8e87d86830796ef9cffeed78d36b4868a23746054cf26d82e0146a2462e8249d SHA512 e7787485a97ca0c1dc31dde2973d795439015d412a0588c813f601dc7eaf80912016675a2674748c4c3f49b50ec11a59274eeccf0fe4052e7249159d29a58909 -DIST github.com-fsnotify-fsnotify-v1.5.1.tar.gz 32691 BLAKE2B 9140e0a6e675b0beb2561805dbe251ad05151ce15b5fb6e1cec3974c71575f636788bac78ed0eb66775e03a165079f84154ea99b26636ea09518254df993f84a SHA512 8139cc581044f45905a3658955075d19dc02631d6b997ef0e264c46704303e01f7ac09f7fb48dd11b89cbf7d61f371c03f291e3b03db7b305c61bb15d1b4c503 -DIST github.com-golang-net-27dd8689420f.tar.gz 1230097 BLAKE2B f332557ddc39f607336374ae57dce7b60bdb441d97c2c8ff557cffcfccf5423fbd1db7d9387c22a3e919d737e831e77bb6fe6c86c56e0680098b3ed04cdd9478 SHA512 7ee1c0bca7d87b44697a96f02474d850517d4044b50260fe08cfa2eb6435a0e51aae51d93370ff31f21437355b4af1f27563f6b990083517108e2c7e7dff36cd -DIST github.com-golang-protobuf-v1.5.2.tar.gz 171702 BLAKE2B 4b1b0936aed1919f3ec967648d15a0c533b57d9d19d3c80c8d4149345bf6bda096d6b5cfd5c49ef5e76eb7358e694fc159d16faedb096faf81e82e425377892d SHA512 5707936f2ea9493d2f3897a3ec04139afcc00b3dbfaa2142b56a492d356bc17e26237c74788b047592a0fa89c0078b7970dbf481f7c33a7a63c5f50557779590 -DIST github.com-golang-sync-036812b2e83c.tar.gz 18757 BLAKE2B bcacc4b7967712290c678018d206c24b71bf3057c862454bccdd497c792a7d9000ecbac329a19ad364387e18a5f1f368d5e177a78670eb631808c2d336c83af6 SHA512 5e9a75eabc254b496b39bfb33181999a2060188db17c6bcc31b3d0a31d32122eb078cac8a3359675f03078a456839541e43d169103b183484372bb74857160dd -DIST github.com-golang-sys-4e6760a101f9.tar.gz 1260696 BLAKE2B 68144701163d4721523ac02125058cc5bc09e20571d37475b8a15c36cfc1dd54ff40d7ed0ceabb30ed4969c857b3fab8fd4141b17d8ce17a1052c5fe6f81897c SHA512 24df91664f83c548901f412820f8b3165617c1540e17759ac6f1361082debc4dcc320ad3cb2c595c2fe528c424849643ed87a212127dba7503a405983a91fcbe -DIST github.com-golang-text-v0.3.7.tar.gz 8354718 BLAKE2B 77eb1d08ff420e0d1fff4e92641bd463a0a6e84625bc26f83a9edc467144448b513116f8b72954a30533eafe3454fb739dcdede169229a01df81c8b152c2ba57 SHA512 52899d4326ba4c9bb9a051ba52810d12e531a57bb85d48fa03dd9a9cbbf69a191eb35fbf8dfec8ec8ded706f5a67cd9cf39bc4f491676004e335a37878adb6f2 -DIST github.com-google-gopacket-v1.1.19.tar.gz 950745 BLAKE2B fae65da5b9611aace62d4b2565a197b9512223c05f4cfd95178b7cb307fe6bb522a31b9d4d9fbd8cfe86056ef1f90dbefccb183963a1040a6b56ea5a07eb019e SHA512 c9ca009770f84d29c30b5a6ae210f4b09051f4bbcb81c1118d3f8ab577b16fb617c89fb461ad4117ec7fe3b8bdc7efe778a2f56526276f984573d8293ae0ef62 -DIST github.com-google-nftables-950e408d48c671ccd9f4997a4b6eb95db21365d6.tar.gz 52437 BLAKE2B 6ea9115fc39c8833715c78792dc79dc682b83bcd85def563729f171988e66d491e2463247035a2102e45d0bce06a2376a3b77fe395e5a3e67241bb59cfdccc21 SHA512 7ad830a1761c42995643c0a66b635332fe9bb1c4eb3c47ec3e69cd39e4f63f1bc88187e9c262edc8d30ab39af281a5fa8de05f250c5f4c9b87c1278ccedf8cb3 -DIST github.com-googleapis-go-genproto-325a89244dc8.tar.gz 12862283 BLAKE2B 6ac945d3b3ee959bab4b8bf59c11976cc7a0fa11e8f5ef6fbbf2ed04c05cf3f2b3e572893c148bb57bbce4e134e3fd8f8e11403987b3293e55317348fb92468e SHA512 b9d91610c4b39447ac56d40a4e7ad57f1c29f6a228aea6931daa1dd680a171a13bfa1a4ebb66f2c423b0d5aedcd232a3d51d6f0c6c8790f977d249129a0879f8 +DIST github.com-fsnotify-fsnotify-v1.4.7.tar.gz 31139 BLAKE2B f2d0aaabfad525fb640beba78991a858ad23203a557a69fc15d2f017b2a693c64c244de435682b1cd9d59e89a97e4ba60c7f95fa99a6145a9dea73b0f334936e SHA512 840943043c49c837641f04b976f2ba610fc03bd31030ca6442744d51fa9241da1905730ea11466e249a5bd37437f1e2a433a012a64ce872a1562c941bd5bfcbf +DIST github.com-golang-net-491a49abca63.tar.gz 1227713 BLAKE2B 68bb26d20dde540f881a7f0697343c35ab8abb2220ee59ac38f8bcf2ab63ff2b5d6e30ca2b8891e02afd463a978becd9f86f604bd35f54d04b26a87921472162 SHA512 343b69c5369fefc0e4deccb70affbced179d1687aeafb6d8173595bf281c4dcd1045e48a958ce4c779ff66a0b50257dce339e2cfa826f67a635a55cd5426edc4 +DIST github.com-golang-protobuf-v1.5.0.tar.gz 171512 BLAKE2B 49fa31ff98d923b0b1db8eb29008b3cbe634e2ab0b106deac1f0ffb69e7762a10e2cabf77e45e4f68a6dfc20f22631480c532b7b137e75ba607d64aa9c79e023 SHA512 1b2316f08bec4651dc196d487b1aebfdf875baa33a5256aad8ea21ee726cdf0835822a58920c5b1af501acbf0e5039e20d621a8247320727f4b1832eb2189110 +DIST github.com-golang-sync-v0.1.0.tar.gz 19356 BLAKE2B ad4f71ddcc1421accc6caf39b58234e9bd0137c32fd5bd834c02d27a51c7933ce97447c8e91860f8b1e478d5370d92d9e801b62ae5cd425baa52df3435e8baf7 SHA512 765dc0365332218b2c3e1a04d63c86a1ab12508a5e9b115dfb73b1d436c592d67d0540f39958546a868772614f255ac92601d5c0263b36884e5a0f9bc9054d40 +DIST github.com-golang-sys-v0.2.0.tar.gz 1410639 BLAKE2B db1c7c6a8a3ddf22459fe3301ae0e641cde5b357d7c537cd14ebd554d6b68c3f823e844d2b0869d20d25b5f030da5b67e03767fcd3f6e63f20f653d5797d612f SHA512 8d13f6fdc6c7f589a7a60caccfd3fa4d784ee3c2fe33ece21b51a8c72b3b27d4ae5df88afacaa231955599471cc780b406e0e0c85359e0e5314ee66990d5ce3e +DIST github.com-golang-text-v0.7.0.tar.gz 8361947 BLAKE2B 210702fc9b6cef7a66abc167705cd753aef285eeb679fcd221493d6a64053f33c9042f8156973419a760ca46b9f8abb55740a11ffb38b1fa7cad18dc9e99e9a8 SHA512 f22006d42a0e18ed7f2dcb6566f8ded8cacbd8cea7a475eff7ce581af07266eabc0b7577b3a34c8ea5cb2299d8bcfe78e41b631e4df1a6cff0f4b953b85294f9 +DIST github.com-google-gopacket-v1.1.14.tar.gz 748336 BLAKE2B f1fe54954b229fafe9cf18e6337f4222cdeb6d71cba0c5c3d0b04eae63952a039cc283eff580db3e79db49b827d64ee54e8d5e64a24546037400faf92c97f086 SHA512 fda58ad503e2547b0e09e511a2ffe5b2e6fa7ba1df3cbf26ae6e08075420586f0f1f553914ee969fcfbdd0a344e240a0d11ae85266c926f138d3efe6afa250b2 +DIST github.com-google-nftables-v0.1.0.tar.gz 76163 BLAKE2B fefdc09c55ffb817f74d2143815d56cbd306e04280fd1cdb9e7f936bf1cbe431fbebc6b36dd08428a48f7fe3e08d9db3356c47404f657509da7895cf65132d2a SHA512 8706ab05a3dd83f7188bc3f03b6e107bfd2ae89b6b1335e60184a1b7cf7a537c96cfffeaf89b4948b8f0c7071af63425c16cf1f352b086ee058aa65f282b4308 +DIST github.com-google-uuid-v1.3.0.tar.gz 16210 BLAKE2B 623277ba46440e058a989281b80b8aa6125b692c5cfbd3abe492adaef1e0c78fed5c6116e6944be6d83dc9f650bcdbb76a711ceeada273e626d3a1faaa76ca08 SHA512 5e79d3ca99dc5b94ec97481d9f440a64060f180482adcbbf5debd4e71e585db28dc8561f27d2d16db71a389126539a1950e5aca5ffcd9d702eccbdc0a5094a83 +DIST github.com-googleapis-go-genproto-0dfe4f8abfcc.tar.gz 6431647 BLAKE2B f23604cd72adfd820dec0aaf16ca3895049554767643a402f7dd65f564b747cfb65723aefd9a5e47a6cceba6cf2eaa24f66b5abe1b568e3456cd1fb29c91bd3a SHA512 5f0496378a2e32e13b1325f8d3a8a0ce6de3e716e1faea3387423f40be9042287541d1479b8bbbd9f0322ca4ce27903ba9ec6077de57fd9683d616889232556d DIST github.com-grpc-grpc-go-v1.32.0.tar.gz 1053458 BLAKE2B 34fdd17ef7edecc84df8fbcfaee653192fd370e98929e33ba7bff7ef0e6fa04e3befb3153ab23d4bd98eeecb3c714e77aac2c56d448eb99b1d2e03bfc1a39798 SHA512 004f6ba02a53c67051cfe595ab5ce2692a6ef878d55a48165bd601cdbd5fa3a8e4944ba1ca7f5dc4aafac76f85c23714f8f2cfce8d14ea705ef4897c70cfce29 DIST github.com-iovisor-gobpf-v0.2.0.tar.gz 115750 BLAKE2B 72d08e28d3453b0f2fd5acc3b16586fb4802b9faaad46e219f2465a48cadcb2ecc63c306f0e2a6d64e7c3308d2c55dc083bde6642678c8ce2acfefb63def7275 SHA512 00f28329b89a2fd7e76339b49e30b1bef31eab62854a77c77ccf29ac891f3c12b52f6feb3203d78b8ae2c5fe2f5529db5280686f752cd5b4577e5312dcc67ead -DIST github.com-josharian-native-v1.0.0.tar.gz 1803 BLAKE2B 312ccaa66a0300f8008c43694afc487713424002aac44f181df67ebc850cf31a755cc3b7bd541ad7283d8f8cc05b09c751fac962f2166321dbd2a39c2a336739 SHA512 ec1c4a1abf5cf39221de87d50443b7e7f48ca5b9dbfa0662a43cf7e54c0912ebad4209ee909423104ac2b236b9f781ed08673cef6194d23239aa3f6ca3030bba -DIST github.com-mdlayher-netlink-v1.6.0.tar.gz 58884 BLAKE2B 42461a6d1abf984cb1d38ba92e49d600fbab94bc3a961423bbc09da6f6a992a43daebd9112a27539869effae9165d685de87ebdce87f4242acefa8f348b03e31 SHA512 d74221db8de9d59a43622838bd58eb1af87ec36413a3147e9d724edf536cdc901cc27cf4bd7b0adf4d44eb0dfb2ae4fc4ab966437cbceac941b2834f95cded95 -DIST github.com-mdlayher-socket-v0.2.2.tar.gz 16879 BLAKE2B e764cd906400c24bf3b19befe654d7144e147116788fbceeb8d262de2f0c352c1da3ea6c797063c8aa93841be4f9cdb5f7f64c93db93aebf1061f5554a174ca2 SHA512 68312b06d20347960fee198857c23cb984d7a6a1bae48ca23c86e58e519cb3d4fe0a8b9b218b829a8dc40d7167af5f9a040d8e6c9f96cdd7f9d15c8499387d73 +DIST github.com-josharian-native-v1.1.0.tar.gz 2061 BLAKE2B 8660695fa46e037e3a105973f3361c9b9d9fb157376508ec41786f17a09eee0280184aadb4ada7283d449fdc53663e0df74d42b109a82587c80308ca6dc238ca SHA512 7ba7457276c89a11637c2718bf2c0040e9da20149e0a0de89c8fe882cfca468b89f9816203a4979d7169b64f637358463d248b33db11af91cc931aeeb945b5a0 +DIST github.com-mdlayher-netlink-v1.7.1.tar.gz 50495 BLAKE2B 09898c82a8026f646439ded340095ee3147cc48c2e55d66f528b3fe88622d9ea9b4c19364a5f28539e2234b0583fc29cd1c9a08bfea944400974b79d689ba8c8 SHA512 75b21719f5fc8f276e6f396d50974739297682b781342f37f3dc2926c38f5b7988ccbc8bcef1a13fb3e3c90d0357118418754811bb43395b98764d6a6aeea142 +DIST github.com-mdlayher-socket-41a913f399.tar.gz 20712 BLAKE2B 7a5eacf3f607450c280320db80e4e3ac83cd0468d81f90e7091fc2b0b1a93ebb388af4753d28f2c7b79183b3fc910283a07f9e42a700154ebf653b9eb2d91b5c SHA512 ab3dd9f3fec2510043bc4c6094e01f6a527ea98815ba723c9545bf6e3c1fbf5aa8036ee6835d4c87f09fce76e8709a888ffdbaf95f927ae78358bb469290676d DIST github.com-protocolbuffers-protobuf-go-v1.27.1.tar.gz 1278521 BLAKE2B 1591dbfc5aae2360d69ca3e5e9247c4287114699f732d85011fb1c6b5daa3532d2218ce4ddf0390ffb23a3fd097ffa1b6bc418ba968dab98112a4522cc5fe93b SHA512 a0236bc88b963df0acc2a2c7c247334614b2d555f341e103fd06759665802069a320ced4ab51be658283cc816ec9f2d53ed98728895c5b8ce18954a17663264b -DIST github.com-vishvananda-netlink-v1.1.0.tar.gz 147026 BLAKE2B 146936d2a959f1a9509e94a50dfd36a1bee9599d158d41a29ac65d305520f85def91df78b6c7b5475915e7aef11b150de6aefd7e2fd8856550624281555ef8b0 SHA512 55f184870a9ce85314d278722f49e0c2f51939841f37aee8f50bb150afa545fd18a9a43556d428fb8e960eb063a14c50c920de20f2a375bd780432cb26155918 -DIST github.com-vishvananda-netns-50045581ed74.tar.gz 8714 BLAKE2B f52368ec96295eb22491fc361ea5571e49a7e7a2eac1638863e680070968612d5abbbef9c7f7bcb6c18aca13972289bc352b93913c299f4f6f6d64a2ab1e917e SHA512 8a7943b0c6ebb606a8af534c78a87a47be6204f490b569296e375c841d321f470f1c006b95d09e843ac50763c0496fd0a60f73a4a8eb5c55bc68f1f36fd1296a -DIST opensnitch-1.5.2.tar.gz 995296 BLAKE2B aab54c00de55c42aebbae23fd0cb7befdc87c633153c9ae4a4b6535587e2ccd3436343cdd121e76118d3c17ec23778fb80e5d973dcd8b296b2f1986cc2dc1e6f SHA512 77ad266dd3531f576e2b10aff5bcfa724c4e7b90d8b9deb01d7bdf24c728f32c9a7d16eaa91954177a3717fbebc8b1524cf975ae899c2d703ccaba4ac4b86c19 -DIST opensnitch_amd64.o 10728 BLAKE2B 398f97a9136c8909955dc0ee2f258d2940b915fbd9142e97540813c977bb67cceb2cfc80df248512bc974960d0936c18c55496c1fd17e3176681560a52518047 SHA512 167b1913c0da8597079bee71063a084724b8326b3587ca91b7b72116ae8e998dae8871976fcb7b98135868ffe274d5d332dbacd53a0e47fb5510122b875674af -DIST opensnitch_arm64.o 10384 BLAKE2B 6439a1d29af9e44794aeb5a6a07ed0556f3cfd5afb6e1bdf8002b058acaae0909b362697bf32f60553ce42853e573d24f272712e215c08af2b677d513cbfff37 SHA512 298ee7aea9b70c206b5d12ada016b21a05fb0ee65001e24bf3bf949dcb9308fde83fff8e281df761354ebdcfc3ff9672ec0000a19e1f285b61228cb4eeba0700 -DIST opensnitch_i386.o 10368 BLAKE2B 15b4abd5da8c2ab29f91b2fdefe6ee095dde09d1dcb3180339ba8ab567e29400e77598f1f969c7a4e9b23140564807c237d52b5601d84e2733b658fa9ccd1aaa SHA512 a8e493f4f62e706d0499fa92777ebd8339c925b1622a75595971ee53a3d73b653749a053c3c43bb4a0dc7b6baaed45442d458626c3731bcbc97af069e2b7b160 +DIST github.com-varlink-go-v0.4.0.tar.gz 28064 BLAKE2B ba9fa9b230878abde99b59841a67a04a26b5119a0e473273f83663f0a110206b36c39e8185da47689b6a2e61bf0c5232dd7954b152a8bc42882702dddfc92409 SHA512 a659f364e1d89a09c337902b46c25146495e83bf46cb877a125ed758c7b1c71206e5bc3067843f1f19929df8cdba3ba327f92d53ce24970dfa7017f7ff4207a6 +DIST github.com-vishvananda-netlink-e1a867c6b452.tar.gz 176331 BLAKE2B fa2eca75c1e66a035cfcbf6040382bc492960b5338762af93119646691303aff7a15481166a1040f0a0ad49a6048fd280ee3de4ee311065f10e5e4498e95044c SHA512 2db2037017f5db53dd820f234373516d319d20621c43445fb6aff4208bfb38912bbc64700ae6d9feff3048a3e959273fff00f02458a7973c49b177deecf0bf6f +DIST github.com-vishvananda-netns-7a452d2d15.tar.gz 9748 BLAKE2B 2476dd583f84ee622f4ad00b495e5602348aeb8c7aef86ea6d88ef88d9483d836b1be49cf4e607fdbc50599c8b4dab13782f734900bc94a97f9db1bdc9ccd8a0 SHA512 b81c24996fbd6c1787d4cf629e7d8a04257d50ed9956a6fd8848c22c155bfc322370a3bed0b8d7681c52a72b9a9d7e86161620e090a7685a61b24fa0597f1e64 +DIST opensnitch-1.6.2.tar.gz 1341337 BLAKE2B c71c89f758d9fdc0a7968c28c8b79791ddf0446392e243acf4db95302d1d109a68372b29bd5b068c41d0bd5ae426a68807d7045a448128fc8badc8ecb906952b SHA512 79e32520e9e370718f0096af8766867154e0e556c164f193816ba965e4d267146941e9849842f42cd2c9bcd00838df460c17570e5c34cf3c2a812491638b71ba diff --git a/app-admin/opensnitch/files/systemd.patch b/app-admin/opensnitch/files/opensnitch-1.6.2-systemd.patch index aa7a1324..0006a4ab 100644 --- a/app-admin/opensnitch/files/systemd.patch +++ b/app-admin/opensnitch/files/opensnitch-1.6.2-systemd.patch @@ -1,13 +1,15 @@ diff --git a/daemon/opensnitchd.service b/daemon/opensnitchd.service -index 014e79e..8a81d0e 100644 +index 3f05fad..bf29739 100644 --- a/daemon/opensnitchd.service +++ b/daemon/opensnitchd.service -@@ -8,7 +8,7 @@ After=network.target +@@ -4,9 +4,7 @@ Documentation=https://github.com/evilsocket/opensnitch/wiki + + [Service] Type=simple - PermissionsStartOnly=true - ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules +-PermissionsStartOnly=true +-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules -ExecStart=/usr/local/bin/opensnitchd -rules-path /etc/opensnitchd/rules +ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules -ui-socket unix:///tmp/osui.sock -cpu-profile /tmp/cpu.profile -mem-profile /tmp/mem.profile Restart=always RestartSec=30 - + TimeoutStopSec=10 diff --git a/app-admin/opensnitch/opensnitch-1.5.2-r1.ebuild b/app-admin/opensnitch/opensnitch-1.5.2-r1.ebuild deleted file mode 100644 index 48f7c9ad..00000000 --- a/app-admin/opensnitch/opensnitch-1.5.2-r1.ebuild +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{10..11} ) -inherit distutils-r1 linux-info systemd - -EGO_PN="github.com/evilsocket/opensnitch" -EGO_VENDOR=( - "github.com/evilsocket/ftrace v1.2.0" - "github.com/fsnotify/fsnotify v1.5.1" - "github.com/golang/protobuf v1.5.2" - "github.com/google/gopacket v1.1.19" - "github.com/google/nftables 950e408d48c671ccd9f4997a4b6eb95db21365d6" - "github.com/iovisor/gobpf v0.2.0" - "github.com/vishvananda/netlink v1.1.0" - "github.com/vishvananda/netns 50045581ed74" - "golang.org/x/net 27dd8689420f github.com/golang/net" - "golang.org/x/sync 036812b2e83c github.com/golang/sync" - "golang.org/x/sys 4e6760a101f9 github.com/golang/sys" - "golang.org/x/text v0.3.7 github.com/golang/text" - "google.golang.org/grpc v1.32.0 github.com/grpc/grpc-go" - - "google.golang.org/protobuf v1.27.1 github.com/protocolbuffers/protobuf-go" - "google.golang.org/genproto 325a89244dc8 github.com/googleapis/go-genproto" - "github.com/mdlayher/netlink v1.6.0" - "github.com/josharian/native v1.0.0" - "github.com/mdlayher/socket v0.2.2" -) - -inherit golang-vcs-snapshot - -DESCRIPTION="Desktop application firewall" -HOMEPAGE="https://github.com/evilsocket/opensnitch" - -SRC_URI="https://github.com/evilsocket/opensnitch/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz - ${EGO_VENDOR_URI} - amd64? ( https://dev.pentoo.ch/~blshkv/distfiles/opensnitch_amd64.o ) - x86? ( https://dev.pentoo.ch/~blshkv/distfiles/opensnitch_i386.o ) - arm64? ( https://dev.pentoo.ch/~blshkv/distfiles/opensnitch_arm64.o ) - " - -LICENSE="Apache-2.0" -SLOT="0" -IUSE="systemd" -KEYWORDS="~amd64" - -DEPEND=">=dev-lang/go-1.13 - net-libs/libnetfilter_queue - dev-go/go-protobuf - dev-go/protoc-gen-go-grpc - " -RDEPEND=" - dev-python/grpcio-tools[${PYTHON_USEDEP}] - dev-python/python-slugify[${PYTHON_USEDEP}] - dev-python/pyinotify[${PYTHON_USEDEP}] - dev-python/PyQt5[sql,${PYTHON_USEDEP}] -" - -RESTRICT="test" -#https://github.com/evilsocket/opensnitch/issues/712 -QA_PREBUILT="etc/opensnitchd/opensnitch.o" - -#KPROBES* required by ebpf -CONFIG_CHECK="NETFILTER_XT_MATCH_CONNTRACK CGROUP_BPF BPF BPF_SYSCALL BPF_EVENTS KPROBES KPROBE_EVENTS" - -pkg_pretend() { - linux-info_pkg_setup -} - -src_prepare() { - rm -r src/${EGO_PN}/ui/tests - emake -C src/${EGO_PN} protocol - cd src/${EGO_PN}/ui - pyrcc5 -o opensnitch/resources_rc.py opensnitch/res/resources.qrc - sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2* - use systemd && cd "${WORKDIR}/${P}/src/${EGO_PN}" && eapply "${FILESDIR}/systemd.patch" - eapply_user -} - -src_compile() { - GOPATH="${S}:$(get_golibdir_gopath)" \ - GOCACHE="${T}/go-cache" \ - go build -v -work -x -ldflags="-s -w" "${EGO_PN}/daemon" || die - - pushd src/${EGO_PN}/ui >/dev/null || die - distutils-r1_src_compile - popd >/dev/null || die -} - -src_install(){ - newbin daemon opensnitchd - - pushd src/${EGO_PN}/ui >/dev/null || die - distutils-r1_src_install - popd >/dev/null || die - - pushd src/${EGO_PN}/daemon >/dev/null || die - insinto /etc/opensnitchd/rules - insinto /etc/opensnitchd/ - doins default-config.json - doins system-fw.json - - if use amd64; then - newins "${DISTDIR}"/opensnitch_amd64.o opensnitch.o - elif use arm64; then - newins "${DISTDIR}"/opensnitch_arm64.o opensnitch.o - elif use x86; then - newins "${DISTDIR}"/opensnitch_i386.o opensnitch.o - fi - popd >/dev/null || die - - if use systemd; then - pushd src/${EGO_PN}/daemon >/dev/null || die - systemd_dounit opensnitchd.service - popd >/dev/null || die - else - newinitd "${FILESDIR}"/opensnitch.initd ${PN} - fi -} diff --git a/app-admin/opensnitch/opensnitch-1.6.2.ebuild b/app-admin/opensnitch/opensnitch-1.6.2.ebuild new file mode 100644 index 00000000..f1036d9a --- /dev/null +++ b/app-admin/opensnitch/opensnitch-1.6.2.ebuild @@ -0,0 +1,171 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{10..12} ) +inherit distutils-r1 linux-info systemd xdg-utils + +DESCRIPTION="Desktop application firewall" +HOMEPAGE="https://github.com/evilsocket/opensnitch" + +EGO_PN="github.com/evilsocket/opensnitch" +# modified from opensnitch/daemon/go.mod +# NOTE: build fails with github.com/josharian/native after commit 5c7d0dd6ab +EGO_VENDOR=( + "github.com/fsnotify/fsnotify v1.4.7" + "github.com/golang/protobuf v1.5.0" + "github.com/google/gopacket v1.1.14" + "github.com/google/nftables v0.1.0" + "github.com/google/uuid v1.3.0" + "github.com/iovisor/gobpf v0.2.0" + "github.com/varlink/go v0.4.0" + "github.com/vishvananda/netlink e1a867c6b452" + "golang.org/x/net 491a49abca63 github.com/golang/net" + "golang.org/x/sys v0.2.0 github.com/golang/sys" + "google.golang.org/grpc v1.32.0 github.com/grpc/grpc-go" + "google.golang.org/protobuf v1.27.1 github.com/protocolbuffers/protobuf-go" + + "golang.org/x/sync v0.1.0 github.com/golang/sync" + "golang.org/x/text v0.7.0 github.com/golang/text" + "google.golang.org/genproto 0dfe4f8abfcc github.com/googleapis/go-genproto" + "github.com/mdlayher/netlink v1.7.1" + "github.com/mdlayher/socket 41a913f399" + "github.com/josharian/native v1.1.0" + "github.com/vishvananda/netns 7a452d2d15" +) + +inherit golang-vcs-snapshot + +SRC_URI=" + https://github.com/evilsocket/opensnitch/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz + ${EGO_VENDOR_URI} +" + +LICENSE="GPL-3" +SLOT="0" +IUSE="+audit bpf +iptables +nftables systemd" +REQUIRED_USE="|| ( iptables nftables )" +KEYWORDS="~amd64 ~x86" + +DEPEND=">=dev-lang/go-1.19 + net-libs/libnetfilter_queue + dev-go/go-protobuf + dev-go/protoc-gen-go-grpc +" +RDEPEND=" + dev-python/grpcio-tools[${PYTHON_USEDEP}] + dev-python/notify2[${PYTHON_USEDEP}] + dev-python/python-slugify[${PYTHON_USEDEP}] + dev-python/pyinotify[${PYTHON_USEDEP}] + dev-python/PyQt5[network,sql,${PYTHON_USEDEP}] + bpf? ( ~app-admin/opensnitch-ebpf-module-$PV ) +" + +RESTRICT+=" test" + +pkg_setup() { + # see https://github.com/evilsocket/opensnitch/discussions/978 + local CONFIG_CHECK=" + INET_TCP_DIAG + INET_UDP_DIAG + INET_RAW_DIAG + INET_DIAG_DESTROY + NETFILTER_NETLINK_ACCT + NETFILTER_NETLINK_QUEUE + NF_CONNTRACK + NF_CT_NETLINK + PROC_FS + " + + # config needed for the audit monitoring method + use audit && CONFIG_CHECK+=" + AUDIT + " + + # config needed for using iptables as firewall + use iptables && CONFIG_CHECK+=" + NETFILTER_XT_MATCH_CONNTRACK + NETFILTER_XT_TARGET_NFQUEUE + " + + # config needed for using nftables as firewall + use nftables && CONFIG_CHECK+=" + NFT_CT + NFT_QUEUE + " + + linux-info_pkg_setup +} + +src_prepare() { + rm -rf src/${EGO_PN}/ui/tests || die + + if use systemd; then + pushd ${WORKDIR}/${P}/src/${EGO_PN} > /dev/null || die + eapply "${FILESDIR}/${P}-systemd.patch" + popd > /dev/null || die + fi + + pushd src/${EGO_PN} > /dev/null || die + eapply_user + popd > /dev/null || die +} + +src_compile() { + emake -C src/${EGO_PN} protocol + + pushd src/${EGO_PN}/ui > /dev/null || die + pyrcc5 -o opensnitch/{resources_rc.py,/res/resources.qrc} + # workaround for namespace conflict + # see https://github.com/evilsocket/opensnitch/issues/496 + # and https://github.com/evilsocket/opensnitch/pull/442 + sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2* || die + popd > /dev/null || die + + # see https://github.com/evilsocket/opensnitch/issues/851 + # opensnitch does not build without -fcf-protection when using go >= 1.19, + # error message: + # cgo: cannot load DWARF output from $WORK/..//_cgo_.o: zlib: invalid header + GOPATH="${S}:$(get_golibdir_gopath)" \ + GOCACHE="${T}/go-cache" \ + CGO_CPPFLAGS="${CPPFLAGS} -fcf-protection" \ + CGO_CFLAGS="${CFLAGS} -fcf-protection" \ + CGO_CXXFLAGS="${CXXFLAGS} -fcf-protection" \ + go build -v \ + -buildmode=pie \ + -ldflags "-compressdwarf=false -linkmode external" \ + -o opensnitchd \ + "${EGO_PN}/daemon" || die + + pushd src/${EGO_PN}/ui > /dev/null || die + distutils-r1_src_compile + popd > /dev/null || die +} + +src_install(){ + dobin opensnitchd + + pushd src/${EGO_PN}/ui > /dev/null || die + distutils-r1_src_install + popd > /dev/null || die + + pushd src/${EGO_PN}/daemon > /dev/null || die + insinto /etc/opensnitchd/rules + insinto /etc/opensnitchd/ + doins default-config.json + doins system-fw.json + popd > /dev/null || die + + if use systemd; then + pushd src/${EGO_PN}/daemon > /dev/null || die + systemd_dounit opensnitchd.service + popd > /dev/null || die + else + newinitd "${FILESDIR}"/opensnitch.initd ${PN} + fi +} + +pkg_postinst() { + xdg_icon_cache_update +} |