suricata: Rule files are now located in /var/lib/suricata

Place the rulefiles from now in "/var/lib/suricata".

Fixes #11834

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

config/cfgroot/ids-functions.pl

@@ -35,7 +35,7 @@ our $rulestarball = "/var/tmp/idsrules.tar.gz";
 our $storederrorfile = "/tmp/ids_storederror";
 
 # Location where the rulefiles are stored.
-our $rulespath = "/etc/suricata/rules";
+our $rulespath = "/var/lib/suricata";
 
 # File which contains a list of all supported ruleset sources.
 # (Sourcefire, Emergingthreads, etc..)

config/rootfiles/common/suricata

@@ -1,8 +1,4 @@
 etc/suricata
-#etc/suricata/rules
-etc/suricata/rules/classification.config
-etc/suricata/rules/reference.config
-etc/suricata/rules/threshold.config
 etc/suricata/suricata.yaml
 usr/bin/suricata
 #usr/bin/suricatasc
@@ -43,6 +39,10 @@ usr/bin/suricata
 #usr/share/doc/suricata/Ubuntu_Installation_from_GIT.txt
 #usr/share/doc/suricata/Windows.txt
 #usr/share/man/man1/suricata.1
+#var/lib/suricata
+var/lib/suricata/classification.config
+var/lib/suricata/reference.config
+var/lib/suricata/threshold.config
 var/log/suricata
 #var/log/suricata/certs
 #var/log/suricata/files

config/suricata/suricata.yaml

@@ -40,14 +40,14 @@ vars:
 ##
 ## Ruleset specific options.
 ##
-default-rule-path: /etc/suricata/rules
+default-rule-path: /var/lib/suricata
 rule-files:
     # Include enabled ruleset files from external file.
     include: /var/ipfire/suricata/suricata-used-rulefiles.yaml
 
-classification-file: /etc/suricata/rules/classification.config
-reference-config-file: /etc/suricata/rules/reference.config
-# threshold-file: /etc/suricata/threshold.config
+classification-file: /var/lib/suricata/classification.config
+reference-config-file: /var/lib/suricata/reference.config
+# threshold-file: /var/lib/suricata/threshold.config
 
 
 ##

lfs/suricata

@@ -88,8 +88,16 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 
 	# Install IPFire related config file.
 	install -m 0644 $(DIR_SRC)/config/suricata/suricata.yaml /etc/suricata
-	-mkdir -p /etc/suricata/rules
-	mv /etc/suricata/*.config /etc/suricata/rules/
+
+	# Create emtpy rules directory.
+	-mkdir -p /var/lib/suricata
+
+	# Move config files for references, threshold and classification
+	# to the rules directory.
+	mv /etc/suricata/*.config /var/lib/suricata
+
+	# Create logging directory.
 	-mkdir -p /var/log/suricata
+
 	@rm -rf $(DIR_APP)
 	@$(POSTBUILD)

src/misc-progs/suricatactrl.c

@@ -32,7 +32,7 @@ int main(int argc, char *argv[]) {
 	} else if (strcmp(argv[1], "reload") == 0) {
 		safe_system("/etc/rc.d/init.d/suricata reload");
 	} else if (strcmp(argv[1], "fix-rules-dir") == 0) {
-		safe_system("chown -R nobody:nobody /etc/suricata/rules/");
+		safe_system("chown -R nobody:nobody /var/lib/suricata");
 	} else {
 		fprintf(stderr, "\nBad argument given.\n\nsuricatactrl (start|stop|restart|reload)\n\n");
 		exit(1);