event-broker: Install systemd and config files

This also adds minor cleanup to GNUmakefile. Signed-off-by: Daiki Ueno <[email protected]>
latchset · Jun 13, 2023 · a8fe220 · a8fe220
1 parent 8cf456c
commit a8fe220
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 6 deletions.
diff --git a/GNUmakefile b/GNUmakefile
@@ -3,7 +3,6 @@
 
 RELEASE ?= 0
 TARGETDIR ?= target
-CONFFILE ?= agent/agent.conf
 
 ifeq ($(RELEASE),1)
         PROFILE ?= release
@@ -17,8 +16,13 @@ systemdsystemunitdir := $(shell pkg-config systemd --variable=systemdsystemunitd
 
 programs = \
 	${TARGETDIR}/${PROFILE}/crypto-auditing-agent \
+	${TARGETDIR}/${PROFILE}/crypto-auditing-event-broker \
 	${TARGETDIR}/${PROFILE}/crypto-auditing-log-parser
 
+conffiles = \
+	dist/conf/agent.conf \
+	dist/conf/event-broker.conf
+
 .PHONY: all
 all: $(programs)
 
@@ -30,15 +34,24 @@ $(programs): agent/src/bpf/vmlinux.h
 
 .PHONY: install
 install: all
-	mkdir -p /etc/crypto-auditing/
-	cp ${CONFFILE} /etc/crypto-auditing/agent.conf
+	for f in $(conffiles); do \
+		install -D -m 644 -S .orig -t /etc/crypto-auditing "$$f"; \
+	done
 	for f in $(programs); do \
 		install -D -t ${DESTDIR}/usr/bin "$$f"; \
 	done
 	install -D -m 644 -t ${DESTDIR}$(systemdsystemunitdir) dist/systemd/system/crypto-auditing-agent.service
+	install -D -m 644 -t ${DESTDIR}$(systemdsystemunitdir) dist/systemd/system/crypto-auditing-event-broker.service
+	install -d ${DESTDIR}/var/lib/crypto-auditing
+	install -d ${DESTDIR}/var/log/crypto-auditing
 
 # This only runs tests without TPM access. See tests/run.sh for
 # running full testsuite with swtpm.
 .PHONY: check
 check: all
 	cargo test --target-dir="${TARGETDIR}"
+
+.PHONY: clean
+clean:
+	cargo clean
+	rm -f agent/src/bpf/vmlinux.h
diff --git a/agent/agent.conf → dist/conf/agent.conf b/agent/agent.conf → dist/conf/agent.conf
@@ -1,5 +1,5 @@
 # library = ["/usr/lib64/libgnutls.so.30", "/usr/lib64/libssl.so.3"]
-# log_file = /var/log/crypto-auditing/agent.log
-# user = crypto-auditing-agent:crypto-auditing-agent
+# log_file = "/var/log/crypto-auditing/audit.cborseq"
+# user = "crypto-auditing:crypto-auditing"
 # coalesce_window = 100
 # max_events = 1000000
diff --git a/dist/conf/event-broker.conf b/dist/conf/event-broker.conf
@@ -0,0 +1,2 @@
+# log_file = "/var/log/crypto-auditing/audit.cborseq"
+# socket_path = "/var/lib/crypto-auditing/audit.sock"
diff --git a/dist/systemd/system/crypto-auditing-agent.service b/dist/systemd/system/crypto-auditing-agent.service
@@ -3,7 +3,6 @@ Description=Event collector agent for crypto-auditing project
 StartLimitInterval=10s
 StartLimitBurst=5
 After=local-fs.target systemd-tmpfiles-setup.service
-Before=sysinit.target shutdown.target
 
 [Service]
 ExecStart=/usr/bin/crypto-auditing-agent

diff --git a/dist/systemd/system/crypto-auditing-event-broker.service b/dist/systemd/system/crypto-auditing-event-broker.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Event broker service for crypto-auditing project
+StartLimitInterval=10s
+StartLimitBurst=5
+After=crypto-auditing-agent.service
+
+[Service]
+ExecStart=/usr/bin/crypto-auditing-event-broker
+ExecStopPost=rm -f /var/lib/crypto-auditing/audit.sock
+KillSignal=SIGINT
+TimeoutSec=60s
+Restart=on-failure
+RestartSec=120s
+# User=crypto-auditing
+# Group=crypto-auditing
+
+[Install]
+WantedBy=default.target
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# log_file = "/var/log/crypto-auditing/audit.cborseq"
		# socket_path = "/var/lib/crypto-auditing/audit.sock"