Created attachment 187581 [details] patch against head * Update Suricata to 4.0.1 as tested and released on OPNsense Release notes: https://suricata-ids.org/2017/10/18/suricata-4-0-1-available/ Also incorporates the following changes from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223052 Submitted by: Reshad Patuck <reshadpatuck1@gmail.com> * Allow to override the user * Allow to override the pidfile * Fix a stale pid file so that suricata properly starts
Created attachment 187582 [details] patch against head removed non-suricata diff content
Always prefer separating fixes from version updates, so that the former may be merged to quarterly branches (where those are affected). Franco, if you could separate the patches into two attachments that would be great. Alternatively attach each patch to its respective issue/bug, and swap the dependency here from Blocks to Depends On, so that the fix is committed/merged first
Please also confirm QA (packaging w/ poudriere in particular)
I'll work on this
As previously pointed out, is it possible to split this patch in two, one with the rc file fix, and one with the update, this way the rc file fix can be merged to the qarterly branch.
It's a bit daunting lately... can't seem to do anything right, even in maintainer approval state stuff times out and users are left with bugs and outdated software. :) The reason for the joint patch was avoiding a revision bump / patch ordering issue. It's really difficult to find a committer, let alone finding committers for both issues and then coordinating the committing on their different work schedules. So what do we want to commit first?
Hi! Don't worry, you do plenty of things right, it's just a few nit-picks. There is no problem bumping portversion multiple times, especially not in quick succession. And it is possible to link PRs together so that they will (hopefully) be handled together, or in the right order. In this case, I would like to patch the rc script first, because that feels like something that should be merged to our quarterly branch, since it fixes some functionality in the startup of suricata. I would then apply the version update. Since it is a version update only, and not a security update, that should not be merged to the quarterly branch, This is as Kubilay Kocak already explained. Does this sound OK with you? Regards!
Created attachment 188146 [details] update to 4.0.1 Hi Niclas, Alright, here is the patch. I think the ticket dependences are reversed now. This update passes Q/A and has been known to work in the field as a core component of OPNsense. Thank you, Franco
A commit references this bug: Author: zeising Date: Tue Nov 21 18:55:28 UTC 2017 New revision: 454649 URL: https://svnweb.freebsd.org/changeset/ports/454649 Log: Fix suricata failing to start if there is a stale pid file laying around. This can happen if suricata is ungracefully shut down. PR: 223052, 223322 Submitted by: Reshad Patuck, Franco Fichtner Approved by: Franco Fichtner (maintainer) MFH: 2017Q4 Changes: head/security/suricata/Makefile head/security/suricata/files/suricata.in
A commit references this bug: Author: zeising Date: Tue Nov 21 19:12:35 UTC 2017 New revision: 454651 URL: https://svnweb.freebsd.org/changeset/ports/454651 Log: Update to 4.0.1 This is a bugfix release. See https://suricata-ids.org/2017/10/18/suricata-4-0-1-available/ for complete changelog. PR: 223322 Submitted by: Franco Fichtner Approved by: Franco Fichtner (maintainer) Changes: head/security/suricata/Makefile head/security/suricata/distinfo
Committed! Thanks for your submission and apologies for taking so long to get it done.
No worries and many thanks for working on this! :)
A commit references this bug: Author: zeising Date: Mon Nov 27 20:36:11 UTC 2017 New revision: 454991 URL: https://svnweb.freebsd.org/changeset/ports/454991 Log: MFH: r454649 Fix suricata failing to start if there is a stale pid file laying around. This can happen if suricata is ungracefully shut down. PR: 223052, 223322 Submitted by: Reshad Patuck, Franco Fichtner Approved by: Franco Fichtner (maintainer) Approved by: ports-secteam (swills) Changes: _U branches/2017Q4/ branches/2017Q4/security/suricata/Makefile branches/2017Q4/security/suricata/files/suricata.in