Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

zeek: fix zeekctl and add Zeek module to deploy it #86435

Closed
wants to merge 6 commits into from

Conversation

@GTrunSec
Copy link
Contributor

GTrunSec commented May 1, 2020

Motivation for this change

Regarding achievement by in zeek/zeek#939

● zeek.service                                                                                                                           
   Loaded: loaded (/nix/store/mwa9sf33aj8l2pqy1m2ixf32qa471yk4-zeek.service/zeek.service; linked; vendor preset: enabled)                
   Active: active (running) since Fri 2020-05-01 02:02:08 EDT; 1s ago                                                                    
  Process: 1902 ExecStartPre=/nix/store/kgp3vq8l9yb8mzghbw83kyr3f26yqvsz-bash-4.4-p23/bin/bash /nix/store/0180i23kdirmvqcrqcdky57bqfygpv2
 Main PID: 2021 (sudo)                                                                                                                   
   CGroup: /user.slice/user-1000.slice/user@1000.service/zeek.service
           ├─2021 /usr/bin/sudo /nix/store/k8c2znch34li453kwf9zyqb81brblxvr-zeek-3.0.5/bin/zeekctl deploy
           ├─2047 /nix/store/l9in14pg5smp2gw1mys40zw0r8k8h7la-python-2.7.18/bin/python /nix/store/k8c2znch34li453kwf9zyqb81brblxvr-zeek-3
           ├─3269 sh
           ├─3587 /nix/store/l9in14pg5smp2gw1mys40zw0r8k8h7la-python-2.7.18/bin/python -c import zlib,base64; exec(zlib.decompress(base64
           ├─3644 /bin/sh -c

image

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
GTrunSec added 5 commits May 1, 2020
@GTrunSec
Copy link
Contributor Author

GTrunSec commented May 1, 2020

Do not merge the comment of the Zeek plugin. we should have a discussion to clarify which approach is good to install a plugin. such as set bool for each plugin or zeek.(plugin.name) to install it.

@GTrunSec
Copy link
Contributor Author

GTrunSec commented May 1, 2020

cc @pSub @marsam thank you for reviewing.

@GTrunSec
Copy link
Contributor Author

GTrunSec commented May 1, 2020

test command

  • deploy
sudo zeekctl deploy
checking configurations ...
installing ...
removing old policies in /var/lib/zeek/spool/installed-scripts-do-not-touch/site ...
removing old policies in /var/lib/zeek/spool/installed-scripts-do-not-touch/auto ...
creating policy directories ...
installing site policies ...
generating standalone-layout.zeek ...
generating local-networks.zeek ...
generating zeekctl-config.zeek ...
generating zeekctl-config.sh ...
stopping ...
stopping zeek ...
starting ...
starting zeek ...

sudo zeekctl status                                                                    
Name         Type       Host          Status    Pid    Started
zeek         standalone localhost     running   32534  01 May 01:31:59
@GTrunSec GTrunSec changed the title Zeek: fix zeekctl and add Zeek module to deploy it zeek: fix zeekctl and add Zeek module to deploy it May 1, 2020
@GTrunSec
Copy link
Contributor Author

GTrunSec commented May 1, 2020

Preparing to merge

@GTrunSec GTrunSec mentioned this pull request May 1, 2020
5 of 10 tasks complete
@GTrunSec GTrunSec closed this May 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

1 participant
You can’t perform that action at this time.