Issue 909: securityonion-rule-update: ensure barnyard/IDS are running…

… before restarting

debian/changelog

@@ -1,3 +1,9 @@
+securityonion-rule-update (20151201-1ubuntu1securityonion3) trusty; urgency=medium
+
+  * Issue 909: securityonion-rule-update: ensure barnyard/IDS are running before restarting 
+
+ -- Doug Burks <doug.burks@gmail.com>  Tue, 10 May 2016 15:55:39 -0400
+
 securityonion-rule-update (20151201-1ubuntu1securityonion2) trusty; urgency=medium
 
   * securityonion-rule-update: avoid su error #892

debian/patches/-Issue-909:-securityonion-rule-update:-ensure-barnyardIDS-are-running-before-restarting

@@ -0,0 +1,48 @@
+Description: <short summary of the patch>
+ TODO: Put a short summary on the line above and replace this paragraph
+ with a longer explanation of this change. Complete the meta-information
+ with other relevant fields (see below for details). To make it easier, the
+ information below has been extracted from the changelog. Adjust it or drop
+ it.
+ .
+ securityonion-rule-update (20151201-1ubuntu1securityonion3) trusty; urgency=medium
+ .
+   * Issue 909: securityonion-rule-update: ensure barnyard/IDS are running before restarting
+Author: Doug Burks <doug.burks@gmail.com>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- securityonion-rule-update-20151201.orig/usr/bin/rule-update
++++ securityonion-rule-update-20151201/usr/bin/rule-update
+@@ -291,12 +291,16 @@ fi
+
+ # If Barnyard is enabled, restart it
+ if grep -i 'BARNYARD2_ENABLED="yes"' /etc/nsm/*/sensor.conf >/dev/null 2>&1; then
+-	echo "Restarting Barnyard2."
+-	/usr/sbin/nsm_sensor_ps-restart --only-barnyard2
++	if pgrep barnyard2 >/dev/null 2>&1; then
++		echo "Restarting Barnyard2."
++		/usr/sbin/nsm_sensor_ps-restart --only-barnyard2
++	fi
+ fi
+
+ # If the IDS Engine is enabled, restart it
+ if grep -i 'IDS_ENGINE_ENABLED="yes"' /etc/nsm/*/sensor.conf >/dev/null 2>&1; then
+-	echo "Restarting IDS Engine."
+-	/usr/sbin/nsm_sensor_ps-restart --only-snort-alert
++	if pgrep $ENGINE >/dev/null 2>&1; then
++		echo "Restarting IDS Engine."
++		/usr/sbin/nsm_sensor_ps-restart --only-snort-alert
++	fi
+ fi

debian/patches/series

@@ -1 +1,2 @@
 securityonion-rule-update:-avoid-su-error-#892
+-Issue-909:-securityonion-rule-update:-ensure-barnyardIDS-are-running-before-restarting

usr/bin/rule-update

@@ -291,12 +291,16 @@ fi
 
 # If Barnyard is enabled, restart it
 if grep -i 'BARNYARD2_ENABLED="yes"' /etc/nsm/*/sensor.conf >/dev/null 2>&1; then
-	echo "Restarting Barnyard2."
-	/usr/sbin/nsm_sensor_ps-restart --only-barnyard2
+	if pgrep barnyard2 >/dev/null 2>&1; then
+		echo "Restarting Barnyard2."
+		/usr/sbin/nsm_sensor_ps-restart --only-barnyard2
+	fi
 fi
 
 # If the IDS Engine is enabled, restart it
 if grep -i 'IDS_ENGINE_ENABLED="yes"' /etc/nsm/*/sensor.conf >/dev/null 2>&1; then
-	echo "Restarting IDS Engine."
-	/usr/sbin/nsm_sensor_ps-restart --only-snort-alert
+	if pgrep $ENGINE >/dev/null 2>&1; then
+		echo "Restarting IDS Engine."
+		/usr/sbin/nsm_sensor_ps-restart --only-snort-alert
+	fi
 fi