Using Git with FreeBSD Sguil Scripts

Before today I never committed anything using Git. Previously I used CVS, but never got around to trying something more modern like SVN. However, I know several developers at work use Git, so I figured I would try committing my FreeBSD Sguil scripts (lame as they are) to Git at Sourceforge. This would allow me to keep track of changes and get the code out of my own repository for sharing and safekeeping.

I started by cleaning up the directory where I kept the scripts.

After following the instructions to enable Git, I took these actions.

richard@macmini:~/taosecurity_freebsd_sguil$ git init
Initialized empty Git repository in /home/richard/taosecurity_freebsd_sguil/.git/

richard@macmini:~/taosecurity_freebsd_sguil$ git config user.name "Richard Bejtlich"

richard@macmini:~/taosecurity_freebsd_sguil$ git config user.email \
"taosecurity@users.sourceforge.net"

richard@macmini:~/taosecurity_freebsd_sguil$ git remote add origin \
ssh://taosecurity@taosecurity.git.sourceforge.net/gitroot/taosecurity/taosecurity

richard@macmini:~/taosecurity_freebsd_sguil$ git config branch.master.remote origin

richard@macmini:~/taosecurity_freebsd_sguil$ git config branch.master.merge refs/head/master

richard@macmini:~/taosecurity_freebsd_sguil$ git push origin master

taosecurity@taosecurity.git.sourceforge.net's password: 
error: src refspec master does not match any.
fatal: The remote end hung up unexpectedly
error: failed to push some refs to 'ssh://taosecurity@taosecurity.git.sourceforge.net/gitroot \
/taosecurity/taosecurity'

That was unfortunate. I didn't see that error in the Sourceforge guide, but after checking here I found that trying to add all the files might be the right step.

richard@macmini:~/taosecurity_freebsd_sguil$ git add *

richard@macmini:~/taosecurity_freebsd_sguil$ git commit -am "Message"

Created initial commit bd18669: Message
 28 files changed, 1400 insertions(+), 0 deletions(-)
 create mode 100755 README
 create mode 100644 SguildLoaderd.tcl.patch
 create mode 100644 SguildMysqlMerge.tcl.patch
 create mode 100755 barnyard2
 create mode 100644 barnyard2.conf
 create mode 100644 barnyard2.conf.patch
 create mode 100644 log_packets.sh.crontab
 create mode 100644 log_packets.sh.patch
 create mode 100644 pcap_agent.conf.patch
 create mode 100755 prep_platform.sh
 create mode 100644 rc-adds.txt
 create mode 100755 rc-conf.sh
 create mode 100755 sancp
 create mode 100644 sancp.conf.patch
 create mode 100644 sancp_agent.conf.patch
 create mode 100644 sensor_agent.conf.patch
 create mode 100755 sguil_database_install_pt1.sh
 create mode 100755 sguil_database_install_pt2.sh
 create mode 100755 sguil_sensor_install.sh
 create mode 100755 sguil_sensor_install_patch.sh
 create mode 100644 sguil_sensor_users.txt
 create mode 100755 sguil_server_install.sh
 create mode 100644 sguild.conf.patch
 create mode 100755 sguild_adduser.sh
 create mode 100755 snort
 create mode 100644 snort.conf.patch
 create mode 100644 snort_agent.conf.patch
 create mode 100755 snort_src_install.sh

richard@macmini:~/taosecurity_freebsd_sguil$ git push origin master
taosecurity@taosecurity.git.sourceforge.net's password: 

Counting objects: 30, done.
Compressing objects: 100% (29/29), done.
Writing objects: 100% (30/30), 17.31 KiB, done.
Total 30 (delta 4), reused 0 (delta 0)
To ssh://taosecurity@taosecurity.git.sourceforge.net/gitroot/taosecurity/taosecurity
 * [new branch]      master -> master

That did it. I found that if I didn't make a change but tried to note one, nothing happened (as expected).

richard@macmini:~/taosecurity_freebsd_sguil$ git commit -am "Commit scripts using Git"
# On branch master
nothing to commit (working directory clean)

richard@macmini:~/taosecurity_freebsd_sguil$ git push origin 
mastertaosecurity@taosecurity.git.sourceforge.net's password: 
Everything up-to-date

Next I made some fixes and committed those.

richard@macmini:~/taosecurity_freebsd_sguil$ vi README 
richard@macmini:~/taosecurity_freebsd_sguil$ git commit -am "Modify README to reflect changing ExtNet."
Created commit 2ef21f3: Modify README to reflect changing ExtNet.
 1 files changed, 3 insertions(+), 1 deletions(-)

richard@macmini:~/taosecurity_freebsd_sguil$ git push origin mastertaosecurity@taosecurity.git.sourceforge.net's password: 
Counting objects: 5, done.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 413 bytes, done.
Total 3 (delta 2), reused 0 (delta 0)
To ssh://taosecurity@taosecurity.git.sourceforge.net/gitroot/taosecurity/taosecurity
   bd18669..2ef21f3  master -> master

Checking out files is pretty easy, assuming Git is installed.

richard@neely:~$ mkdir gittest

richard@neely:~$ cd gittest

richard@neely:~/gittest$ git clone git://taosecurity.git.sourceforge.net/gitroot/taosecurity/taosecurity 

Initialized empty Git repository in /home/richard/gittest/taosecurity/.git/
remote: Counting objects: 30, done.
remote: Compressing objects: 100% (29/29), done.
remote: Total 30 (delta 4), reused 0 (delta 0)
Receiving objects: 100% (30/30), 17.25 KiB, done.
Resolving deltas: 100% (4/4), done.

richard@neely:~/gittest$ cd taosecurity

richard@neely:~/gittest/taosecurity$ ls

barnyard2                sguild_adduser.sh
barnyard2.conf           sguil_database_install_pt1.sh
barnyard2.conf.patch     sguil_database_install_pt2.sh
log_packets.sh.crontab   sguild.conf.patch
log_packets.sh.patch     SguildLoaderd.tcl.patch
pcap_agent.conf.patch    SguildMysqlMerge.tcl.patch
prep_platform.sh         sguil_sensor_install_patch.sh
rc-adds.txt              sguil_sensor_install.sh
rc-conf.sh               sguil_sensor_users.txt
README                   sguil_server_install.sh
sancp                    snort
sancp_agent.conf.patch   snort_agent.conf.patch
sancp.conf.patch         snort.conf.patch
sensor_agent.conf.patch  snort_src_install.sh

So, now my scripts are available for me to add changes and for anyone who might be interested to retrieve them.
Tweet