Merge remote-tracking branch 'origin/topic/christian/release-6.1-ci-updates' into release/6.1

* origin/topic/christian/release-6.1-ci-updates: CI: Remove unused openssl30_config ci: Remove ZEEK_CI_DISABLE_SCRIPT_PROFILING logic CI: Move Debian variations from 11 to 12 CI: Bump Ubuntu 23.04 to 23.10 CI: Drop openSUSE Leap 15.4, about to EOL. CI: FreeBSD 14 is out now, 12 is about to EOL. CI: distro EOL comment tweaks CI: drop Fedora 37, add Fedora 39 CI: Install missing packages on opensuse CI: Use other base64 options on macOS Sonoma too CI: Add macOS Sonoma build, remove macOS Monterey build Fix tests so they work both with GNU and BSD tools Install libmaxminddb in macOS CI CI: Pass -A flag to btest for cluster-testing builds
2025-10-02 14:48:21 +00:00 · 2024-01-18 16:25:51 -07:00 · 2024-01-18 16:25:51 -07:00 · 920247a2cd
commit 920247a2cd
parent 1d78be81ec 8a5576e93e
14 changed files with 179 additions and 135 deletions
--- a/.cirrus.yml
+++ b/.cirrus.yml
@ -16,7 +16,6 @@ static_config: &STATIC_CONFIG --build-type=release --disable-broker-tests --enab
 asan_sanitizer_config: &ASAN_SANITIZER_CONFIG --build-type=debug --disable-broker-tests --sanitizers=address --enable-fuzzers --enable-coverage --disable-spicy --ccache
 ubsan_sanitizer_config: &UBSAN_SANITIZER_CONFIG --build-type=debug --disable-broker-tests --sanitizers=undefined --enable-fuzzers --disable-spicy --ccache
 tsan_sanitizer_config: &TSAN_SANITIZER_CONFIG --build-type=debug --disable-broker-tests --sanitizers=thread --enable-fuzzers --disable-spicy --ccache
 openssl30_config: &OPENSSL30_CONFIG --build-type=release --disable-broker-tests --with-openssl=/opt/openssl --prefix=$CIRRUS_WORKING_DIR/install --ccache
 resources_template: &RESOURCES_TEMPLATE
  cpu: *CPUS
@ -166,19 +165,19 @@ env:
 # Linux EOL timelines: https://linuxlifecycle.com/
 # Fedora (~13 months): https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle
 fedora39_task:
  container:
    # Fedora 39 EOL: Around Nov 2024
    dockerfile: ci/fedora-39/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
 fedora38_task:
  container:
    # Fedora 38 EOL: Around May 2024
    dockerfile: ci/fedora-38/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
 fedora37_task:
  container:
    # Fedora 37 EOL: Around Dec 2024
    dockerfile: ci/fedora-37/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
  << : *SKIP_TASK_ON_PR
 centosstream9_task:
@ -208,11 +207,30 @@ centos7_task:
 debian12_task:
  container:
-    # Debian 12 (bookworm) EOL: (not yet released)
+    # Debian 12 (bookworm) EOL: TBD
    dockerfile: ci/debian-12/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
 arm_debian12_task:
  arm_container:
    # Debian 12 (bookworm) EOL: TBD
    dockerfile: ci/debian-12/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
  env:
    ZEEK_CI_CONFIGURE_FLAGS: *NO_SPICY_CONFIG
 debian12_static_task:
  container:
    # Just use a recent/common distro to run a static compile test.
    # Debian 12 (bookworm) EOL: TBD
    dockerfile: ci/debian-12/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
  << : *SKIP_TASK_ON_PR
  env:
    ZEEK_CI_CONFIGURE_FLAGS: *STATIC_CONFIG
 debian11_task:
  container:
@ -220,26 +238,7 @@ debian11_task:
    dockerfile: ci/debian-11/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
 arm_debian11_task:
  arm_container:
    # Debian 11 EOL: June 2026
    dockerfile: ci/debian-11/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
  env:
    ZEEK_CI_CONFIGURE_FLAGS: *NO_SPICY_CONFIG
 debian11_static_task:
  container:
    # Just use a recent/common distro to run a static compile test.
    # Debian 11 EOL: June 2026
    dockerfile: ci/debian-11/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
  << : *SKIP_TASK_ON_PR
  env:
    ZEEK_CI_CONFIGURE_FLAGS: *STATIC_CONFIG
 debian10_task:
  container:
@ -248,16 +247,6 @@ debian10_task:
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
 opensuse_leap_15_4_task:
  container:
    # Opensuse Leap 15.4 EOL: ~Nov 2023
    dockerfile: ci/opensuse-leap-15.4/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
  << : *SKIP_TASK_ON_PR
  env:
    ZEEK_CI_CONFIGURE_FLAGS: *NO_SPICY_CONFIG
 opensuse_leap_15_5_task:
  container:
    # Opensuse Leap 15.5 EOL: ~Dec 2024
@ -276,8 +265,8 @@ opensuse_tumbleweed_task:
 ubuntu23_task:
  container:
-    # Ubuntu 23.04 EOL: January 2024
+    # Ubuntu 23.10 EOL: July 2024
-    dockerfile: ci/ubuntu-23.04/Dockerfile
+    dockerfile: ci/ubuntu-23.10/Dockerfile
    << : *RESOURCES_TEMPLATE
  << : *CI_TEMPLATE
@ -350,6 +339,13 @@ alpine_task:
 # Apple doesn't publish official long-term support timelines.
 # We aim to support both the current and previous macOS release.
 macos_sonoma_task:
  macos_instance:
    image: ghcr.io/cirruslabs/macos-sonoma-base:latest
  prepare_script: ./ci/macos/prepare.sh
  << : *CI_TEMPLATE
  << : *MACOS_ENVIRONMENT
 macos_ventura_task:
  macos_instance:
    image: ghcr.io/cirruslabs/macos-ventura-base:latest
@ -357,21 +353,11 @@ macos_ventura_task:
  << : *CI_TEMPLATE
  << : *MACOS_ENVIRONMENT
 macos_monterey_task:
  macos_instance:
    image: ghcr.io/cirruslabs/macos-monterey-base:latest
  prepare_script: ./ci/macos/prepare.sh
  << : *CI_TEMPLATE
  << : *MACOS_ENVIRONMENT
  << : *SKIP_TASK_ON_PR
 # FreeBSD EOL timelines: https://www.freebsd.org/security/#sup
 freebsd14_task:
  freebsd_instance:
-    # We don't support FreeBSD 14 yet, this is a purely informative task
+    # FreeBSD 14 EOL: Nov 30 2028
-    image_family: freebsd-14-0-snap
+    image_family: freebsd-14-0
    allow_failures: true
    skip_notification: true
    << : *FREEBSD_RESOURCES_TEMPLATE
  prepare_script: ./ci/freebsd/prepare.sh
@ -401,7 +387,6 @@ asan_sanitizer_task:
  env:
    CXXFLAGS: -DZEEK_DICT_DEBUG
    ZEEK_CI_CONFIGURE_FLAGS: *ASAN_SANITIZER_CONFIG
    ZEEK_CI_DISABLE_SCRIPT_PROFILING: 1
    ASAN_OPTIONS: detect_leaks=1
 ubsan_sanitizer_task:
@ -416,7 +401,6 @@ ubsan_sanitizer_task:
  env:
    CXXFLAGS: -DZEEK_DICT_DEBUG
    ZEEK_CI_CONFIGURE_FLAGS: *UBSAN_SANITIZER_CONFIG
    ZEEK_CI_DISABLE_SCRIPT_PROFILING: 1
    ZEEK_TAILORED_UB_CHECKS: 1
    UBSAN_OPTIONS: print_stacktrace=1
@ -683,7 +667,7 @@ cluster_testing_docker_builder:
  test_script:
    # Invoke btest directly here. This mirrors ci/test.sh, ensures we don't
    # accidentally build a Docker image, and enables console-level output:
-    - cd testing/external/zeek-testing-cluster && ../../../auxil/btest/btest -d -b -j ${ZEEK_CI_BTEST_JOBS}
+    - cd testing/external/zeek-testing-cluster && ../../../auxil/btest/btest -A -d -b -j ${ZEEK_CI_BTEST_JOBS}
  on_failure:
    upload_cluster_testing_artifacts:
      path: "testing/external/zeek-testing-cluster/.tmp/**"
--- a/87
+++ b/87
@ -1,3 +1,90 @@
 6.1.0-31 | 2024-01-18 16:25:51 -0700
  * CI: Remove unused openssl30_config (Tim Wojtulewicz, Corelight)
    (cherry picked from commit 652ba502aab843574402ec53aa0a6561b21253f3)
  * ci: Remove ZEEK_CI_DISABLE_SCRIPT_PROFILING logic (Arne Welzel, Corelight)
    To my knowledge this doesn't make a huge difference anymore and locally
    I'm only using ASAN builds. It's not actually too slow.
    (cherry picked from commit 344369f169b872b8dcb569f089b02e026fe7cfc2)
  * CI: Move Debian variations from 11 to 12 (Christian Kreibich, Corelight)
    This switches the ARM and static builds from 11 to 12. x86 and ARM now build by
    default, and 11 only with fullci. 10 remains as-is, because we like to torture
    ourselves.
    (cherry picked from commit 4f6c25bb91b935666b6748b95c2b6ee55c1491ad)
  * CI: Bump Ubuntu 23.04 to 23.10 (Christian Kreibich, Corelight)
    (cherry picked from commit 866d4b4127ccfd8904f8867b468babd330dd6d52)
  * CI: Drop openSUSE Leap 15.4, about to EOL. (Christian Kreibich, Corelight)
    (cherry picked from commit ddd56b9ad7171a9f8ee3de03bc362223f2fad0fc)
  * CI: FreeBSD 14 is out now, 12 is about to EOL. (Christian Kreibich, Corelight)
    (cherry picked from commit 18b8e6d6bceb4492d842d9bacbd3ad9dfbdd7702)
  * CI: distro EOL comment tweaks (Christian Kreibich, Corelight)
    (cherry picked from commit eb1c4bf019f6a39f1d76de717eee1b34cdc50378)
  * CI: drop Fedora 37, add Fedora 39 (Christian Kreibich, Corelight)
    This makes 39 the ony to run at all times, and 38 one to run only with fullci.
    (cherry picked from commit ee8cc77050e39aea18f2da144dc8108110bb42dc)
  * CI: Install missing packages on opensuse (Tim Wojtulewicz, Corelight)
    (cherry picked from commit a3ad1a24f11770d5b8c39af1671beb5d2b4c65b2)
  * CI: Use other base64 options on macOS Sonoma too (Tim Wojtulewicz, Corelight)
    (cherry picked from commit b1e63ffd268cdb2cd28098a0a8578a3038be8fd4)
  * CI: Add macOS Sonoma build, remove macOS Monterey build (Tim Wojtulewicz, Corelight)
    (cherry picked from commit 35ca1e88c7f1398c37bcbc4e20700a2aff2c4169)
  * Fix tests so they work both with GNU and BSD tools (Benjamin Bannier, Corelight)
    The GNU and BSD versions of `touch` and `truncate` allow slightly
    different arguments, change the tests so they work in both versions.
    (cherry picked from commit caaffd0324ac0557ba4c5ce0290d07a4d013a735)
  * Install libmaxminddb in macOS CI (Benjamin Bannier, Corelight)
    (cherry picked from commit dfba2d6df707840cabf822d70354f9e2e635b863)
  * CI: Pass -A flag to btest for cluster-testing builds (Tim Wojtulewicz, Corelight)
    (cherry picked from commit ac7685c679cdb6d61768ac20449175eaaaacc34c)
  * Run clang-format on the branch to fix some issues from patch merges (Tim Wojtulewicz, Corelight)
  * Enable darwin builds for zeek-security repo (Tim Wojtulewicz, Corelight)
    (cherry picked from commit c4edd8410e7bd863e5ff528dcc321758103f678d)
  * OCSP: Open-code unknown revoke reason strings (Arne Welzel, Corelight)
    OpenSSL 3.2.0 knows about more reasons. Add some backwards compatibility.
    Reference: https://github.com/openssl/openssl/commit/1c8a7f5091e2c5aebc043be86bcbedc6947e1c6f
    (cherry picked from commit 02d00a19849d15f472b32a98a8fee27b20f2cb14)
  * CI: Remove EOL (and broken) FreeBSD 12 build (Tim Wojtulewicz, Corelight)
  * Update broker, zeekctl, and cmake submodules [nomail] (Tim Wojtulewicz, Corelight)
 6.1.0-8 | 2024-01-12 13:04:08 -0700
  * GH-3540: Known: Keep &create_expire on local tables/sets valid (Arne Welzel, Corelight)
--- a/2
+++ b/2
@ -1 +1 @@
-6.1.0-8
+6.1.0-31
--- a/ci/fedora-39/Dockerfile
+++ b/ci/fedora-39/Dockerfile
@ -1,8 +1,8 @@
-FROM fedora:37
+FROM fedora:39
 # A version field to invalidate Cirrus's build cache when needed, as suggested in
 # https://github.com/cirruslabs/cirrus-ci-docs/issues/544#issuecomment-566066822
-ENV DOCKERFILE_VERSION 20230801
+ENV DOCKERFILE_VERSION 20231208
 RUN dnf -y install \
    bison \
--- a/ci/init-external-repos.sh
+++ b/ci/init-external-repos.sh
@ -51,8 +51,8 @@ if [[ -n "${CIRRUS_CI}" ]] && [[ "${CIRRUS_REPO_OWNER}" == "zeek" ]] && [[ ! -d
    banner "Trying to clone zeek-testing-private git repo"
    echo "${ZEEK_TESTING_PRIVATE_SSH_KEY}" >cirrus_key.b64
-    if [ "${CIRRUS_TASK_NAME}" == "macos_ventura" ]; then
+    if [ "${CIRRUS_TASK_NAME}" == "macos_ventura" -o "${CIRRUS_TASK_NAME}" == "macos_sonoma" ]; then
-        # The base64 command provided with macOS Ventura requires an argument
+        # The base64 command provided with macOS Ventura/Sonoma requires an argument
        # to pass the input filename
        base64 -d -i cirrus_key.b64 >cirrus_key
    else
--- a/ci/macos/prepare.sh
+++ b/ci/macos/prepare.sh
@ -7,7 +7,7 @@ set -x
 brew update
 brew upgrade cmake
-brew install openssl@3 swig bison flex ccache
+brew install openssl@3 swig bison flex ccache libmaxminddb
 python3 -m pip install --user websockets
 # Brew doesn't create the /opt/homebrew/opt/openssl symlink if you install
--- a/ci/opensuse-leap-15.4/Dockerfile
+++ b/ci/opensuse-leap-15.4/Dockerfile
@ -1,38 +0,0 @@
 FROM opensuse/leap:15.4
 # A version field to invalidate Cirrus's build cache when needed, as suggested in
 # https://github.com/cirruslabs/cirrus-ci-docs/issues/544#issuecomment-566066822
 ENV DOCKERFILE_VERSION 20230801
 RUN zypper addrepo https://download.opensuse.org/repositories/openSUSE:Leap:15.4:Update/standard/openSUSE:Leap:15.4:Update.repo \
 && zypper refresh \
 && zypper in -y \
    bison \
    ccache \
    cmake \
    curl \
    flex \
    gcc10 \
    gcc10-c++ \
    git \
    gzip \
    libopenssl-devel \
    libpcap-devel \
    make \
    python39 \
    python39-devel \
    python39-pip \
    swig \
    tar \
    which \
    zlib-devel \
  && rm -rf /var/cache/zypp
 RUN update-alternatives --install /usr/bin/pip3 pip3 /usr/bin/pip3.9 100
 RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 100
 RUN update-alternatives --install /usr/bin/python3-config python3-config /usr/bin/python3.9-config 100
 RUN pip3 install websockets junit2html
 RUN update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-10 100
 RUN update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-10 100
--- a/ci/opensuse-leap-15.5/Dockerfile
+++ b/ci/opensuse-leap-15.5/Dockerfile
@ -19,6 +19,7 @@ RUN zypper addrepo https://download.opensuse.org/repositories/openSUSE:Leap:15.5
    libopenssl-devel \
    libpcap-devel \
    make \
    openssh \
    python311 \
    python311-devel \
    python311-pip \
--- a/ci/opensuse-tumbleweed/Dockerfile
+++ b/ci/opensuse-tumbleweed/Dockerfile
@ -10,6 +10,7 @@ RUN zypper modifyrepo --disable repo-openh264 || true
 RUN zypper refresh \
 && zypper in -y \
    awk \
    bison \
    ccache \
    cmake \
@ -24,9 +25,11 @@ RUN zypper refresh \
    libopenssl-devel \
    libpcap-devel \
    make \
    openssh \
    python3 \
    python3-devel \
    python3-pip \
    python3-websockets \
    swig \
    tar \
    util-linux \
@ -34,4 +37,4 @@ RUN zypper refresh \
    zlib-devel \
  && rm -rf /var/cache/zypp
-RUN pip3 install websockets junit2html
+RUN pip3 install --break-system-packages junit2html
--- a/ci/test.sh
+++ b/ci/test.sh
@ -59,13 +59,6 @@ function run_btests {
    pushd testing/btest
    # Commenting out this line in btest.cfg causes the script profiling/coverage
    # to be disabled. We do this for the sanitizer build right now because of a
    # fairly significant performance bug when running tests.
    if [ "${ZEEK_CI_DISABLE_SCRIPT_PROFILING}" = "1" ]; then
        sed -i 's/^ZEEK_PROFILER_FILE/#ZEEK_PROFILER_FILE/g' btest.cfg
    fi
    ${BTEST} -z ${ZEEK_CI_BTEST_RETRIES} -d -A -x btest-results.xml -j ${ZEEK_CI_BTEST_JOBS} || result=1
    make coverage
    prep_artifacts
@ -74,15 +67,6 @@ function run_btests {
 }
 function run_external_btests {
    # Commenting out this line in btest.cfg causes the script profiling/coverage
    # to be disabled. We do this for the sanitizer build right now because of a
    # fairly significant performance bug when running tests.
    if [ "${ZEEK_CI_DISABLE_SCRIPT_PROFILING}" = "1" ]; then
        pushd testing/external
        sed -i 's/^ZEEK_PROFILER_FILE/#ZEEK_PROFILER_FILE/g' subdir-btest.cfg
        popd
    fi
    local zeek_testing_pid=""
    local zeek_testing_pid_private=""
    pushd testing/external/zeek-testing
--- a/ci/ubuntu-23.10/Dockerfile
+++ b/ci/ubuntu-23.10/Dockerfile
@ -1,4 +1,4 @@
-FROM ubuntu:23.04
+FROM ubuntu:23.10
 ENV DEBIAN_FRONTEND="noninteractive" TZ="America/Los_Angeles"
--- a/testing/btest/Baseline/core.mmdb.temporary-error/reporter.log
+++ b/testing/btest/Baseline/core.mmdb.temporary-error/reporter.log
@ -3,15 +3,15 @@ ts	level	message	location
 1299470395.000000	Reporter::INFO	Modification time change detected for MaxMind DB [.<...>/GeoLite2-ASN.mmdb]	<params>, line 1
 1299470395.000000	Reporter::INFO	Closing stale MaxMind DB [.<...>/GeoLite2-ASN.mmdb]	<params>, line 1
 1299470395.000000	Reporter::INFO	Failed to open MaxMind DB: .<...>/GeoLite2-ASN.mmdb [The MaxMind DB file contains invalid metadata]	<params>, line 1
-1299470395.000000	Reporter::ERROR	Failed to open GeoIP ASN database (lookup_autonomous_system(128.3.0.1))	<...>/temporary-error.zeek, line 83
+1299470395.000000	Reporter::ERROR	Failed to open GeoIP ASN database (lookup_autonomous_system(128.3.0.1))	<...>/temporary-error.zeek, line 99
 1299470395.000000	Reporter::INFO	Modification time change detected for MaxMind DB [.<...>/GeoLite2-City.mmdb]	<params>, line 1
 1299470395.000000	Reporter::INFO	Closing stale MaxMind DB [.<...>/GeoLite2-City.mmdb]	<params>, line 1
 1299470395.000000	Reporter::INFO	Failed to open MaxMind DB: .<...>/GeoLite2-City.mmdb [The MaxMind DB file contains invalid metadata]	<params>, line 1
-1299470395.000000	Reporter::ERROR	Failed to open GeoIP location database (lookup_location(128.3.0.1))	<...>/temporary-error.zeek, line 84
+1299470395.000000	Reporter::ERROR	Failed to open GeoIP location database (lookup_location(128.3.0.1))	<...>/temporary-error.zeek, line 100
 1299473995.000000	Reporter::INFO	Closing stale MaxMind DB [.<...>/GeoLite2-ASN.mmdb]	<params>, line 1
-1299473995.000000	Reporter::ERROR	Failed to open GeoIP ASN database (lookup_autonomous_system(128.3.0.1))	<...>/temporary-error.zeek, line 83
+1299473995.000000	Reporter::ERROR	Failed to open GeoIP ASN database (lookup_autonomous_system(128.3.0.1))	<...>/temporary-error.zeek, line 99
 1299473995.000000	Reporter::INFO	Closing stale MaxMind DB [.<...>/GeoLite2-City.mmdb]	<params>, line 1
-1299473995.000000	Reporter::ERROR	Failed to open GeoIP location database (lookup_location(128.3.0.1))	<...>/temporary-error.zeek, line 84
+1299473995.000000	Reporter::ERROR	Failed to open GeoIP location database (lookup_location(128.3.0.1))	<...>/temporary-error.zeek, line 100
 1299477595.000000	Reporter::INFO	Inode change detected for MaxMind DB [.<...>/GeoLite2-ASN.mmdb]	<params>, line 1
 1299477595.000000	Reporter::INFO	Closing stale MaxMind DB [.<...>/GeoLite2-ASN.mmdb]	<params>, line 1
 1299477595.000000	Reporter::INFO	Inode change detected for MaxMind DB [.<...>/GeoLite2-City.mmdb]	<params>, line 1
--- a/testing/btest/core/mmdb/reopen.zeek
+++ b/testing/btest/core/mmdb/reopen.zeek
@ -14,17 +14,24 @@ redef mmdb_dir = "./mmdb";
 global pkt = 0;
 function timestamp(n: count): string
 	{
 	assert n <= 60;
 	return fmt("2020-01-01T00:%s:00", n);
 	}
 event new_packet(c: connection, p: pkt_hdr)
 	{
 	++pkt;
-	# Set MMDB's modification time to current network time.
+
 	# Increment MMDB's modification time.
 	local asn_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-ASN.mmdb");
 	local city_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-City.mmdb");
-	if ( ! piped_exec(fmt("touch -d @%s %s", network_time(), asn_fn), "") )
+	if ( ! piped_exec(fmt("touch -d %s %s", timestamp(pkt), asn_fn), "") )
 		exit(1);
-	if ( ! piped_exec(fmt("touch -d @%s %s", network_time(), city_fn), "") )
+	if ( ! piped_exec(fmt("touch -d %s %s", timestamp(pkt), city_fn), "") )
 		exit(1);
 	print network_time(), pkt, 128.3.0.1, "asn", lookup_autonomous_system(128.3.0.1);
--- a/testing/btest/core/mmdb/temporary-error.zeek
+++ b/testing/btest/core/mmdb/temporary-error.zeek
@ -15,16 +15,32 @@ redef mmdb_dir = "./mmdb";
 global pkt = 0;
 global asn_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-ASN.mmdb");
 global city_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-City.mmdb");
 global asn_fn_backup = safe_shell_quote(mmdb_dir + "-backup/GeoLite2-ASN.mmdb");
 global city_fn_backup = safe_shell_quote(mmdb_dir + "-backup/GeoLite2-City.mmdb");
 function timestamp(n: count): string
 	{
 	assert n <= 60;
 	return fmt("2020-01-01T00:%s:00", n);
 	}
 event zeek_init()
 	{
 	# Set the initial modification time for the MMDBs.
 	for ( db in vector(asn_fn, city_fn, asn_fn_backup, city_fn_backup) )
 		{
 		if ( ! piped_exec(fmt("test -f %s && touch -d %s %s", db, timestamp(pkt), db), "") )
 			exit(1);
 		}
 	}
 event new_packet(c: connection, p: pkt_hdr)
 	{
 	++pkt;
 	local asn_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-ASN.mmdb");
 	local city_fn = safe_shell_quote(mmdb_dir + "/GeoLite2-City.mmdb");
 	local asn_fn_backup = safe_shell_quote(mmdb_dir + "-backup/GeoLite2-ASN.mmdb");
 	local city_fn_backup = safe_shell_quote(mmdb_dir + "-backup/GeoLite2-City.mmdb");
 	if ( pkt == 1 )
 		{
 		print "start";
@ -32,10 +48,10 @@ event new_packet(c: connection, p: pkt_hdr)
 	if ( pkt == 2 )
 		{
 		print "corrupting db";
-		if ( ! piped_exec(fmt("truncate --size=8 %s", asn_fn), "") )
+		if ( ! piped_exec(fmt("truncate -s 8 %s", asn_fn), "") )
 			exit(1);
-		if ( ! piped_exec(fmt("truncate --size=8 %s", city_fn), "") )
+		if ( ! piped_exec(fmt("truncate -s 8 %s", city_fn), "") )
 			exit(1);
 		}
 	else if ( pkt == 4 )
@ -73,11 +89,11 @@ event new_packet(c: connection, p: pkt_hdr)
 			exit(1);
 		}
-	# Set MMDB's modification time to current network time for predictability.
+	# Increment MMDB's modification time.
-	if ( ! piped_exec(fmt("test -f %s && touch -d @%s %s", asn_fn, network_time(), asn_fn), "") )
+	if ( ! piped_exec(fmt("test -f %s && touch -d %s %s", asn_fn, timestamp(pkt), asn_fn), "") )
 		exit(1);
-	if ( ! piped_exec(fmt("test -f %s && touch -d @%s %s", city_fn, network_time(), city_fn), "") )
+	if ( ! piped_exec(fmt("test -f %s && touch -d %s %s", city_fn, timestamp(pkt), city_fn), "") )
 		exit(1);
 	print network_time(), pkt, 128.3.0.1, "asn", lookup_autonomous_system(128.3.0.1);
`@ -1,4 +1,4 @@`
	`FROM ubuntu:23.04`	`FROM ubuntu:23.10`

	`ENV DEBIAN_FRONTEND="noninteractive" TZ="America/Los_Angeles"`	`ENV DEBIAN_FRONTEND="noninteractive" TZ="America/Los_Angeles"`