[gentoo-commits] repo/gentoo:master commit in: app-admin/rsyslog/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-admin/rsyslog/
Date:	Wed, 20 Oct 2021 23:47:40
Message-Id:	`1634773607.7054c1795a6dbaa53df1339372bba4ff627c14af.whissi@gentoo`

1

commit:     7054c1795a6dbaa53df1339372bba4ff627c14af

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Wed Oct 20 23:21:28 2021 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Wed Oct 20 23:46:47 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7054c179

7

8

app-admin/rsyslog: bump to v8.2110.0

9

10

Package-Manager: Portage-3.0.28, Repoman-3.0.3

11

Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

12

13

 app-admin/rsyslog/Manifest                |   2 +

14

 app-admin/rsyslog/rsyslog-8.2110.0.ebuild | 487 ++++++++++++++++++++++++++++++

15

 2 files changed, 489 insertions(+)

16

17

diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest

18

index e17168bc042..dd06b0ad5bf 100644

19

--- a/app-admin/rsyslog/Manifest

20

+++ b/app-admin/rsyslog/Manifest

21

@@ -2,7 +2,9 @@ DIST rsyslog-8.2102.0.tar.gz 3123684 BLAKE2B f5c4e00d68ec82ed3f7b89dd5e888bebda9

22

 DIST rsyslog-8.2104.0.tar.gz 3175254 BLAKE2B ed772d4e460105b8406305574fdbe4aeca7ba57ba975b78f91d279460fee0faa767fcda3d2d8a4ba6d543bf9e920f9b7cf5ddf9e4d3ccfc9ae3b08c318a6c5b0 SHA512 15ded57f32259bb12b3378d10bc2d4d6eff39623f1195357dafa58e5c1154aedc0d60ff0746599707f380cf3bfc5ca955f15f1213572fa447cc333d479e0eefc

23

 DIST rsyslog-8.2106.0.tar.gz 3180745 BLAKE2B a949c36e0c5251fa3cd7748387990b667564561a5fcf0250bb19ebf62bf88f367814f86d743c64e0b5e5a184e2160ec0c2cd2600ac0ffc655e41d651495e9311 SHA512 309bba7e53f0dc6462f8cac781f567ce879f31bc020b233e80aa4461cc4c6e9279ca1c65c910ce3015fcab9ed663020db84ff4073c03a436b5be66e57a99164f

24

 DIST rsyslog-8.2108.0.tar.gz 3204178 BLAKE2B d120f2b20521a40fbe985a4ba751edd51ed5917fcd0db5d7abb35ecada3ada31f99d34f74cd3278736356e8f09f13b79ca2166e4732676a97655c189d257e3fa SHA512 95096660bc93f7808d22c39549d7429deb340ef8d706f08dc8be35f48d1c7e3d389907fdf18ba04dd54fb59c9780fdb267eef7985184f0e5932bf11f46c5423b

25

+DIST rsyslog-8.2110.0.tar.gz 3217225 BLAKE2B df239609b7a5e08d2a5b1ab5823d45868ac75e1359876e032d4de633165878310f43bfacabab2df4b5657789f77dd2d93814d2fe2aa39e18b267b9bb9234c975 SHA512 b3ec40a272e1fee3034fb24a21ae6c773878b013c04bd01279f6b3bba65a98287c3497a3c4c3e46f8c91311117b3dc491a11a7e193f7ee0347b769c4162b48aa

26

 DIST rsyslog-doc-8.2102.0.tar.gz 6419104 BLAKE2B 134c7ccde6f7435b35840fa37f5774223ac1ebd7dc10db961900a7b1600483156518433c7f70d0981e96ea750e1916ab53e346abacf58066bf141e85c719ae00 SHA512 a5dc4fb9bd8892fac693c5692b926c8d7d9fa36667d6b4c6eccba750713af88d4317f6232efc2a16de38c2e58c4a8bc4d04c9ebb2e7ebc3b0878d53eef20dd2e

27

 DIST rsyslog-doc-8.2104.0.tar.gz 6451275 BLAKE2B cb8a38b28caec17babd190e463070b862071a75c4c63a7208e56f039f84ae7a5c6045112697c61635d328e56d9427f692e67a9d6fefc94b59ad28481210f1481 SHA512 6c898fa606190c5cf214822503f060b1692cd907731858736a395511b66d7b0d1cf6dfcc90c4cecbe21b099197ae2187db53d719f44f85f26a1bd34971539d36

28

 DIST rsyslog-doc-8.2106.0.tar.gz 6500747 BLAKE2B d004af40dfc82577fe262993b10497cbf50142295ccfc046126e0d8cc85dd964cca7798732d2f41ef9d776096b3ec99a8c835bb037a78c9030ea6cd596d1e057 SHA512 04c205ea463f7487baedf60d0469f3752edfb60a0833954a3f208d52ed6495152c785a4a8ea47396ac85b581ced0657f7b51d313c2d4295e26d547b996ff4ca3

29

 DIST rsyslog-doc-8.2108.0.tar.gz 6527584 BLAKE2B b7974d2f723603017f1c725f820e03f355af1805d77143e6ff9eeb02e54a991ba4c143fc45b48b3e1625328e68113df36d71abd0763983a8db655081c5d81abc SHA512 d4ca8c91cbdd7be458083ffec9d933e5d1e175dff93fdf9274f5ca444c9cfe8710349c16de6edfd3e12cf97fc889a9e71059ef1d0b85fda4ed335fb107b98a9f

30

+DIST rsyslog-doc-8.2110.0.tar.gz 6533014 BLAKE2B 16670903ddbbc14ef5ebc726964d1fa879849294401825a4e2c65e0ca06924830c2c882b98ab6eb6c2f639dfcf683b8c7659b49965b4280d441935126364ce9c SHA512 f0081b28d7394af30d4e1873a040208ec358d45c7336c69e99e2d6d4a2aae86a25a65d3c803b6570668e24625e50e01d5af3f9fa90f1c8cc82b45b1b6bd7a7e0

31

32

diff --git a/app-admin/rsyslog/rsyslog-8.2110.0.ebuild b/app-admin/rsyslog/rsyslog-8.2110.0.ebuild

33

new file mode 100644

34

index 00000000000..3646a0ea17e

35

--- /dev/null

36

+++ b/app-admin/rsyslog/rsyslog-8.2110.0.ebuild

37

@@ -0,0 +1,487 @@

38

+# Copyright 1999-2021 Gentoo Authors

39

+# Distributed under the terms of the GNU General Public License v2

40

+

41

+EAPI="8"

42

+PYTHON_COMPAT=( python3_{7..10} )

43

+

44

+inherit autotools linux-info python-any-r1 systemd

45

+

46

+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"

47

+HOMEPAGE="https://www.rsyslog.com/"

48

+

49

+if [[ ${PV} == "9999" ]]; then

50

+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"

51

+

52

+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"

53

+

54

+	inherit git-r3

55

+else

56

+	KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"

57

+

58

+	SRC_URI="

59

+		https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz

60

+		doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )

61

+	"

62

+fi

63

+

64

+LICENSE="GPL-3 LGPL-3 Apache-2.0"

65

+SLOT="0"

66

+

67

+IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp"

68

+IUSE+=" impcap jemalloc kafka kerberos kubernetes mdblookup"

69

+IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl"

70

+IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl"

71

+IUSE+=" systemd test usertools +uuid xxhash zeromq"

72

+

73

+RESTRICT="!test? ( test )"

74

+

75

+REQUIRED_USE="

76

+	kubernetes? ( normalize )

77

+	ssl? ( || ( gnutls openssl ) )

78

+"

79

+

80

+BDEPEND=">=sys-devel/autoconf-archive-2015.02.24

81

+	virtual/pkgconfig

82

+	elibc_musl? ( sys-libs/queue-standalone )

83

+	test? (

84

+		jemalloc? ( <sys-libs/libfaketime-0.9.7 )

85

+		!jemalloc? ( sys-libs/libfaketime )

86

+		${PYTHON_DEPS}

87

+	)"

88

+

89

+RDEPEND="

90

+	>=dev-libs/libfastjson-0.99.8:=

91

+	>=dev-libs/libestr-0.1.9

92

+	>=sys-libs/zlib-1.2.5

93

+	curl? ( >=net-misc/curl-7.35.0 )

94

+	dbi? ( >=dev-db/libdbi-0.8.3 )

95

+	elasticsearch? ( >=net-misc/curl-7.35.0 )

96

+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )

97

+	imhttp? (

98

+		dev-libs/apr-util

99

+		www-servers/civetweb

100

+		virtual/libcrypt:=

101

+	)

102

+	impcap? ( net-libs/libpcap )

103

+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )

104

+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )

105

+	kerberos? ( virtual/krb5 )

106

+	kubernetes? ( >=net-misc/curl-7.35.0 )

107

+	mdblookup? ( dev-libs/libmaxminddb:= )

108

+	mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= )

109

+	mysql? ( dev-db/mysql-connector-c:= )

110

+	normalize? (

111

+		>=dev-libs/liblognorm-2.0.3:=

112

+	)

113

+	clickhouse? ( >=net-misc/curl-7.35.0 )

114

+	omhttpfs? ( >=net-misc/curl-7.35.0 )

115

+	omudpspoof? ( >=net-libs/libnet-1.1.6 )

116

+	postgres? ( >=dev-db/postgresql-8.4.20:= )

117

+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )

118

+	redis? ( >=dev-libs/hiredis-0.11.0:= )

119

+	relp? ( >=dev-libs/librelp-1.2.17:= )

120

+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )

121

+	rfc5424hmac? (

122

+		>=dev-libs/openssl-0.9.8y:0=

123

+	)

124

+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )

125

+	ssl? (

126

+		gnutls? ( >=net-libs/gnutls-2.12.23:0= )

127

+		openssl? (

128

+			dev-libs/openssl:0=

129

+		)

130

+	)

131

+	systemd? ( >=sys-apps/systemd-234 )

132

+	uuid? ( sys-apps/util-linux:0= )

133

+	xxhash? ( dev-libs/xxhash:= )

134

+	zeromq? (

135

+		>=net-libs/czmq-4:=[drafts]

136

+	)"

137

+DEPEND="${RDEPEND}

138

+	test? (

139

+		>=dev-libs/liblogging-1.0.1[stdlog]

140

+	)"

141

+

142

+if [[ ${PV} == "9999" ]]; then

143

+	BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"

144

+	BDEPEND+=" >=sys-devel/flex-2.5.39-r1"

145

+	BDEPEND+=" >=sys-devel/bison-2.4.3"

146

+	BDEPEND+=" >=dev-python/docutils-0.12"

147

+fi

148

+

149

+CONFIG_CHECK="~INOTIFY_USER"

150

+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"

151

+

152

+pkg_setup() {

153

+	use test && python-any-r1_pkg_setup

154

+}

155

+

156

+src_unpack() {

157

+	if [[ ${PV} == "9999" ]]; then

158

+		git-r3_fetch

159

+		git-r3_checkout

160

+	else

161

+		unpack ${P}.tar.gz

162

+	fi

163

+

164

+	if use doc; then

165

+		if [[ ${PV} == "9999" ]]; then

166

+			local _EGIT_BRANCH=

167

+			if [[ -n "${EGIT_BRANCH}" ]]; then

168

+				# Cannot use rsyslog commits/branches for documentation repository

169

+				_EGIT_BRANCH=${EGIT_BRANCH}

170

+				unset EGIT_BRANCH

171

+			fi

172

+

173

+			git-r3_fetch "${DOC_REPO_URI}"

174

+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs

175

+

176

+			if [[ -n "${_EGIT_BRANCH}" ]]; then

177

+				# Restore previous EGIT_BRANCH information

178

+				EGIT_BRANCH=${_EGIT_BRANCH}

179

+			fi

180

+		else

181

+			cd "${S}" || die "Cannot change dir into '${S}'"

182

+			mkdir docs || die "Failed to create docs directory"

183

+			cd docs || die "Failed to change dir into '${S}/docs'"

184

+			unpack ${PN}-doc-${PV}.tar.gz

185

+		fi

186

+	fi

187

+}

188

+

189

+src_prepare() {

190

+	default

191

+

192

+	# https://github.com/rsyslog/rsyslog/issues/3626

193

+	sed -i \

194

+		-e '\|^#!/bin/bash$|a exit 77' \

195

+		tests/mmkubernetes-cache-expir*.sh \

196

+		|| die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh"

197

+

198

+	eautoreconf

199

+}

200

+

201

+src_configure() {

202

+	# Maintainer notes:

203

+	# * Guardtime support is missing because libgt isn't yet available

204

+	#   in portage.

205

+	# * Hadoop's HDFS file system output module is currently not

206

+	#   supported in Gentoo because nobody is able to test it

207

+	#   (JAVA dependency).

208

+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,

209

+	#   upstream PR 129 and 136) so we need to export HIREDIS_*

210

+	#   variables because rsyslog's build system depends on pkg-config.

211

+

212

+	if use redis; then

213

+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"

214

+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"

215

+	fi

216

+

217

+	local myeconfargs=(

218

+		--disable-debug-symbols

219

+		--disable-generate-man-pages

220

+		--without-valgrind-testbench

221

+		--disable-liblogging-stdlog

222

+		$(use_enable test testbench)

223

+		$(use_enable test libfaketime)

224

+		$(use_enable test extended-tests)

225

+		# Input Plugins without dependencies

226

+		--enable-imbatchreport

227

+		--enable-imdiag

228

+		--enable-imfile

229

+		--enable-improg

230

+		--enable-impstats

231

+		--enable-imptcp

232

+		# Message Modificiation Plugins without dependencies

233

+		--enable-mmanon

234

+		--enable-mmaudit

235

+		--enable-mmcount

236

+		--enable-mmfields

237

+		--enable-mmjsonparse

238

+		--enable-mmpstrucdata

239

+		--enable-mmrm1stspace

240

+		--enable-mmsequence

241

+		--enable-mmtaghostname

242

+		--enable-mmutf8fix

243

+		# Output Modification Plugins without dependencies

244

+		--enable-mail

245

+		--enable-omprog

246

+		--enable-omruleset

247

+		--enable-omstdout

248

+		--enable-omuxsock

249

+		# Misc

250

+		--enable-fmhash

251

+		--enable-fmunflatten

252

+		$(use_enable xxhash fmhash-xxhash)

253

+		--enable-pmaixforwardedfrom

254

+		--enable-pmciscoios

255

+		--enable-pmcisconames

256

+		--enable-pmdb2diag

257

+		--enable-pmlastmsg

258

+		$(use_enable normalize pmnormalize)

259

+		--enable-pmnull

260

+		--enable-pmpanngfw

261

+		--enable-pmsnare

262

+		# DB

263

+		$(use_enable dbi libdbi)

264

+		$(use_enable mongodb ommongodb)

265

+		$(use_enable mysql)

266

+		$(use_enable postgres pgsql)

267

+		$(use_enable redis imhiredis)

268

+		$(use_enable redis omhiredis)

269

+		# Debug

270

+		$(use_enable debug)

271

+		$(use_enable debug diagtools)

272

+		$(use_enable debug valgrind)

273

+		# Misc

274

+		$(use_enable clickhouse)

275

+		$(use_enable curl fmhttp)

276

+		$(use_enable elasticsearch)

277

+		$(use_enable gcrypt libgcrypt)

278

+		$(use_enable imhttp)

279

+		$(use_enable impcap)

280

+		$(use_enable jemalloc)

281

+		$(use_enable kafka imkafka)

282

+		$(use_enable kafka omkafka)

283

+		$(use_enable kerberos gssapi-krb5)

284

+		$(use_enable kubernetes mmkubernetes)

285

+		$(use_enable normalize mmnormalize)

286

+		$(use_enable mdblookup mmdblookup)

287

+		$(use_enable omhttp)

288

+		$(use_enable omhttpfs)

289

+		$(use_enable omudpspoof)

290

+		$(use_enable rabbitmq omrabbitmq)

291

+		$(use_enable relp)

292

+		$(use_enable rfc3195)

293

+		$(use_enable rfc5424hmac mmrfc5424addhmac)

294

+		$(use_enable snmp)

295

+		$(use_enable snmp mmsnmptrapd)

296

+		$(use_enable gnutls)

297

+		$(use_enable openssl)

298

+		$(use_enable systemd imjournal)

299

+		$(use_enable systemd omjournal)

300

+		$(use_enable usertools)

301

+		$(use_enable uuid)

302

+		$(use_enable zeromq imczmq)

303

+		$(use_enable zeromq omczmq)

304

+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"

305

+	)

306

+

307

+	econf "${myeconfargs[@]}"

308

+}

309

+

310

+src_compile() {

311

+	default

312

+

313

+	if use doc && [[ "${PV}" == "9999" ]]; then

314

+		einfo "Building documentation ..."

315

+		local doc_dir="${S}/docs"

316

+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"

317

+		sphinx-build -b html source build || die "Building documentation failed!"

318

+	fi

319

+}

320

+

321

+src_test() {

322

+	local _has_increased_ulimit=

323

+

324

+	# Sometimes tests aren't executable (i.e. when added via patch)

325

+	einfo "Adjusting permissions of test scripts ..."

326

+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \

327

+		die "Failed to adjust test scripts permission"

328

+

329

+	if ulimit -n 3072; then

330

+		_has_increased_ulimit="true"

331

+	fi

332

+

333

+	if ! emake --jobs 1 check; then

334

+		eerror "Test suite failed! :("

335

+

336

+		if [[ -z "${_has_increased_ulimit}" ]]; then

337

+			eerror "Probably because open file limit couldn't be set to 3072."

338

+		fi

339

+

340

+		if has userpriv ${FEATURES}; then

341

+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \

342

+				"before you submit a bug report."

343

+		fi

344

+

345

+	fi

346

+}

347

+

348

+src_install() {

349

+	local DOCS=(

350

+		AUTHORS

351

+		ChangeLog

352

+		"${FILESDIR}"/README.gentoo

353

+	)

354

+

355

+	use doc && local HTML_DOCS=( "${S}/docs/build/." )

356

+

357

+	default

358

+

359

+	newconfd "${FILESDIR}/${PN}.confd-r1" ${PN}

360

+	newinitd "${FILESDIR}/${PN}.initd-r1" ${PN}

361

+

362

+	systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service

363

+

364

+	keepdir /var/empty/dev

365

+	keepdir /var/spool/${PN}

366

+	keepdir /etc/ssl/${PN}

367

+	keepdir /etc/${PN}.d

368

+

369

+	insinto /etc

370

+	newins "${FILESDIR}/${PN}.conf" ${PN}.conf

371

+

372

+	insinto /etc/rsyslog.d/

373

+	newins "${FILESDIR}/50-default-r1.conf" 50-default.conf

374

+

375

+	insinto /etc/logrotate.d/

376

+	newins "${FILESDIR}/${PN}-r1.logrotate" ${PN}

377

+

378

+	if use mysql; then

379

+		insinto /usr/share/${PN}/scripts/mysql

380

+		doins plugins/ommysql/createDB.sql

381

+	fi

382

+

383

+	if use postgres; then

384

+		insinto /usr/share/${PN}/scripts/pgsql

385

+		doins plugins/ompgsql/createDB.sql

386

+	fi

387

+

388

+	find "${ED}" -name '*.la' -delete || die

389

+}

390

+

391

+pkg_postinst() {

392

+	local advertise_readme=0

393

+

394

+	if [[ -z "${REPLACING_VERSIONS}" ]]; then

395

+		# This is a new installation

396

+

397

+		advertise_readme=1

398

+

399

+		if use mysql || use postgres; then

400

+			echo

401

+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"

402

+			elog "  /usr/share/doc/${PF}/scripts"

403

+		fi

404

+

405

+		if use ssl; then

406

+			echo

407

+			elog "To create a default CA and certificates for your server and clients, run:"

408

+			elog "  emerge --config =${PF}"

409

+			elog "on your logging server. You can run it several times,"

410

+			elog "once for each logging client. The client certificates will be signed"

411

+			elog "using the CA certificate generated during the first run."

412

+		fi

413

+	fi

414

+

415

+	if [[ ${advertise_readme} -gt 0 ]]; then

416

+		# We need to show the README file location

417

+

418

+		echo ""

419

+		elog "Please read"

420

+		elog ""

421

+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"

422

+		elog ""

423

+		elog "for more details."

424

+	fi

425

+}

426

+

427

+pkg_config() {

428

+	if ! use ssl; then

429

+		einfo "There is nothing to configure for rsyslog unless you"

430

+		einfo "used USE=ssl to build it."

431

+		return 0

432

+	fi

433

+

434

+	if ! hash certtool &>/dev/null; then

435

+		die "certtool not found! Is net-libs/gnutls[tools] is installed?"

436

+	fi

437

+

438

+	# Make sure the certificates directory exists

439

+	local CERTDIR="${EROOT}/etc/ssl/${PN}"

440

+	if [[ ! -d "${CERTDIR}" ]]; then

441

+		mkdir "${CERTDIR}" || die

442

+	fi

443

+	einfo "Your certificates will be stored in ${CERTDIR}"

444

+

445

+	# Create a default CA if needed

446

+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then

447

+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."

448

+		certtool --generate-privkey \

449

+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" || die

450

+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"

451

+

452

+		cat > "${T}/${PF}.$$" <<- _EOF

453

+		cn = Portage automated CA

454

+		ca

455

+		cert_signing_key

456

+		expiration_days = 3650

457

+		_EOF

458

+

459

+		certtool --generate-self-signed \

460

+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

461

+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \

462

+			--template "${T}/${PF}.$$" || die

463

+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"

464

+

465

+		# Create the server certificate

466

+		echo

467

+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "

468

+		read -r CN

469

+

470

+		einfo "Creating private key and certificate for server ${CN}..."

471

+		certtool --generate-privkey \

472

+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die

473

+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"

474

+

475

+		cat > "${T}/${PF}.$$" <<- _EOF

476

+		cn = ${CN}

477

+		tls_www_server

478

+		dns_name = ${CN}

479

+		expiration_days = 3650

480

+		_EOF

481

+

482

+		certtool --generate-certificate \

483

+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \

484

+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \

485

+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \

486

+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

487

+			--template "${T}/${PF}.$$" &>/dev/null

488

+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"

489

+

490

+	else

491

+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."

492

+	fi

493

+

494

+	# Create a client certificate

495

+	echo

496

+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "

497

+	read -r CN

498

+

499

+	einfo "Creating private key and certificate for client ${CN}..."

500

+	certtool --generate-privkey \

501

+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die

502

+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"

503

+

504

+	cat > "${T}/${PF}.$$" <<- _EOF

505

+	cn = ${CN}

506

+	tls_www_client

507

+	dns_name = ${CN}

508

+	expiration_days = 3650

509

+	_EOF

510

+

511

+	certtool --generate-certificate \

512

+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \

513

+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \

514

+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \

515

+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

516

+		--template "${T}/${PF}.$$" || die

517

+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"

518

+

519

+	rm -f "${T}/${PF}.$$"

520

+

521

+	echo

522

+	einfo "Here is the documentation on how to encrypt your log traffic:"

523

+	einfo " https://www.rsyslog.com/doc/rsyslog_tls.html"

524

+}

1	commit: 7054c1795a6dbaa53df1339372bba4ff627c14af
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Wed Oct 20 23:21:28 2021 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Wed Oct 20 23:46:47 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7054c179
7
8	app-admin/rsyslog: bump to v8.2110.0
9
10	Package-Manager: Portage-3.0.28, Repoman-3.0.3
11	Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
12
13	app-admin/rsyslog/Manifest \| 2 +
14	app-admin/rsyslog/rsyslog-8.2110.0.ebuild \| 487 ++++++++++++++++++++++++++++++
15	2 files changed, 489 insertions(+)
16
17	diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest
18	index e17168bc042..dd06b0ad5bf 100644
19	--- a/app-admin/rsyslog/Manifest
20	+++ b/app-admin/rsyslog/Manifest
21	@@ -2,7 +2,9 @@ DIST rsyslog-8.2102.0.tar.gz 3123684 BLAKE2B f5c4e00d68ec82ed3f7b89dd5e888bebda9
22	DIST rsyslog-8.2104.0.tar.gz 3175254 BLAKE2B ed772d4e460105b8406305574fdbe4aeca7ba57ba975b78f91d279460fee0faa767fcda3d2d8a4ba6d543bf9e920f9b7cf5ddf9e4d3ccfc9ae3b08c318a6c5b0 SHA512 15ded57f32259bb12b3378d10bc2d4d6eff39623f1195357dafa58e5c1154aedc0d60ff0746599707f380cf3bfc5ca955f15f1213572fa447cc333d479e0eefc
23	DIST rsyslog-8.2106.0.tar.gz 3180745 BLAKE2B a949c36e0c5251fa3cd7748387990b667564561a5fcf0250bb19ebf62bf88f367814f86d743c64e0b5e5a184e2160ec0c2cd2600ac0ffc655e41d651495e9311 SHA512 309bba7e53f0dc6462f8cac781f567ce879f31bc020b233e80aa4461cc4c6e9279ca1c65c910ce3015fcab9ed663020db84ff4073c03a436b5be66e57a99164f
24	DIST rsyslog-8.2108.0.tar.gz 3204178 BLAKE2B d120f2b20521a40fbe985a4ba751edd51ed5917fcd0db5d7abb35ecada3ada31f99d34f74cd3278736356e8f09f13b79ca2166e4732676a97655c189d257e3fa SHA512 95096660bc93f7808d22c39549d7429deb340ef8d706f08dc8be35f48d1c7e3d389907fdf18ba04dd54fb59c9780fdb267eef7985184f0e5932bf11f46c5423b
25	+DIST rsyslog-8.2110.0.tar.gz 3217225 BLAKE2B df239609b7a5e08d2a5b1ab5823d45868ac75e1359876e032d4de633165878310f43bfacabab2df4b5657789f77dd2d93814d2fe2aa39e18b267b9bb9234c975 SHA512 b3ec40a272e1fee3034fb24a21ae6c773878b013c04bd01279f6b3bba65a98287c3497a3c4c3e46f8c91311117b3dc491a11a7e193f7ee0347b769c4162b48aa
26	DIST rsyslog-doc-8.2102.0.tar.gz 6419104 BLAKE2B 134c7ccde6f7435b35840fa37f5774223ac1ebd7dc10db961900a7b1600483156518433c7f70d0981e96ea750e1916ab53e346abacf58066bf141e85c719ae00 SHA512 a5dc4fb9bd8892fac693c5692b926c8d7d9fa36667d6b4c6eccba750713af88d4317f6232efc2a16de38c2e58c4a8bc4d04c9ebb2e7ebc3b0878d53eef20dd2e
27	DIST rsyslog-doc-8.2104.0.tar.gz 6451275 BLAKE2B cb8a38b28caec17babd190e463070b862071a75c4c63a7208e56f039f84ae7a5c6045112697c61635d328e56d9427f692e67a9d6fefc94b59ad28481210f1481 SHA512 6c898fa606190c5cf214822503f060b1692cd907731858736a395511b66d7b0d1cf6dfcc90c4cecbe21b099197ae2187db53d719f44f85f26a1bd34971539d36
28	DIST rsyslog-doc-8.2106.0.tar.gz 6500747 BLAKE2B d004af40dfc82577fe262993b10497cbf50142295ccfc046126e0d8cc85dd964cca7798732d2f41ef9d776096b3ec99a8c835bb037a78c9030ea6cd596d1e057 SHA512 04c205ea463f7487baedf60d0469f3752edfb60a0833954a3f208d52ed6495152c785a4a8ea47396ac85b581ced0657f7b51d313c2d4295e26d547b996ff4ca3
29	DIST rsyslog-doc-8.2108.0.tar.gz 6527584 BLAKE2B b7974d2f723603017f1c725f820e03f355af1805d77143e6ff9eeb02e54a991ba4c143fc45b48b3e1625328e68113df36d71abd0763983a8db655081c5d81abc SHA512 d4ca8c91cbdd7be458083ffec9d933e5d1e175dff93fdf9274f5ca444c9cfe8710349c16de6edfd3e12cf97fc889a9e71059ef1d0b85fda4ed335fb107b98a9f
30	+DIST rsyslog-doc-8.2110.0.tar.gz 6533014 BLAKE2B 16670903ddbbc14ef5ebc726964d1fa879849294401825a4e2c65e0ca06924830c2c882b98ab6eb6c2f639dfcf683b8c7659b49965b4280d441935126364ce9c SHA512 f0081b28d7394af30d4e1873a040208ec358d45c7336c69e99e2d6d4a2aae86a25a65d3c803b6570668e24625e50e01d5af3f9fa90f1c8cc82b45b1b6bd7a7e0
31
32	diff --git a/app-admin/rsyslog/rsyslog-8.2110.0.ebuild b/app-admin/rsyslog/rsyslog-8.2110.0.ebuild
33	new file mode 100644
34	index 00000000000..3646a0ea17e
35	--- /dev/null
36	+++ b/app-admin/rsyslog/rsyslog-8.2110.0.ebuild
37	@@ -0,0 +1,487 @@
38	+# Copyright 1999-2021 Gentoo Authors
39	+# Distributed under the terms of the GNU General Public License v2
40	+
41	+EAPI="8"
42	+PYTHON_COMPAT=( python3_{7..10} )
43	+
44	+inherit autotools linux-info python-any-r1 systemd
45	+
46	+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
47	+HOMEPAGE="https://www.rsyslog.com/"
48	+
49	+if [[ ${PV} == "9999" ]]; then
50	+ EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
51	+
52	+ DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
53	+
54	+ inherit git-r3
55	+else
56	+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"
57	+
58	+ SRC_URI="
59	+ https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
60	+ doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )
61	+ "
62	+fi
63	+
64	+LICENSE="GPL-3 LGPL-3 Apache-2.0"
65	+SLOT="0"
66	+
67	+IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp"
68	+IUSE+=" impcap jemalloc kafka kerberos kubernetes mdblookup"
69	+IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl"
70	+IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl"
71	+IUSE+=" systemd test usertools +uuid xxhash zeromq"
72	+
73	+RESTRICT="!test? ( test )"
74	+
75	+REQUIRED_USE="
76	+ kubernetes? ( normalize )
77	+ ssl? ( \|\| ( gnutls openssl ) )
78	+"
79	+
80	+BDEPEND=">=sys-devel/autoconf-archive-2015.02.24
81	+ virtual/pkgconfig
82	+ elibc_musl? ( sys-libs/queue-standalone )
83	+ test? (
84	+ jemalloc? ( <sys-libs/libfaketime-0.9.7 )
85	+ !jemalloc? ( sys-libs/libfaketime )
86	+ ${PYTHON_DEPS}
87	+ )"
88	+
89	+RDEPEND="
90	+ >=dev-libs/libfastjson-0.99.8:=
91	+ >=dev-libs/libestr-0.1.9
92	+ >=sys-libs/zlib-1.2.5
93	+ curl? ( >=net-misc/curl-7.35.0 )
94	+ dbi? ( >=dev-db/libdbi-0.8.3 )
95	+ elasticsearch? ( >=net-misc/curl-7.35.0 )
96	+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
97	+ imhttp? (
98	+ dev-libs/apr-util
99	+ www-servers/civetweb
100	+ virtual/libcrypt:=
101	+ )
102	+ impcap? ( net-libs/libpcap )
103	+ jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
104	+ kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
105	+ kerberos? ( virtual/krb5 )
106	+ kubernetes? ( >=net-misc/curl-7.35.0 )
107	+ mdblookup? ( dev-libs/libmaxminddb:= )
108	+ mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= )
109	+ mysql? ( dev-db/mysql-connector-c:= )
110	+ normalize? (
111	+ >=dev-libs/liblognorm-2.0.3:=
112	+ )
113	+ clickhouse? ( >=net-misc/curl-7.35.0 )
114	+ omhttpfs? ( >=net-misc/curl-7.35.0 )
115	+ omudpspoof? ( >=net-libs/libnet-1.1.6 )
116	+ postgres? ( >=dev-db/postgresql-8.4.20:= )
117	+ rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
118	+ redis? ( >=dev-libs/hiredis-0.11.0:= )
119	+ relp? ( >=dev-libs/librelp-1.2.17:= )
120	+ rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
121	+ rfc5424hmac? (
122	+ >=dev-libs/openssl-0.9.8y:0=
123	+ )
124	+ snmp? ( >=net-analyzer/net-snmp-5.7.2 )
125	+ ssl? (
126	+ gnutls? ( >=net-libs/gnutls-2.12.23:0= )
127	+ openssl? (
128	+ dev-libs/openssl:0=
129	+ )
130	+ )
131	+ systemd? ( >=sys-apps/systemd-234 )
132	+ uuid? ( sys-apps/util-linux:0= )
133	+ xxhash? ( dev-libs/xxhash:= )
134	+ zeromq? (
135	+ >=net-libs/czmq-4:=[drafts]
136	+ )"
137	+DEPEND="${RDEPEND}
138	+ test? (
139	+ >=dev-libs/liblogging-1.0.1[stdlog]
140	+ )"
141	+
142	+if [[ ${PV} == "9999" ]]; then
143	+ BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
144	+ BDEPEND+=" >=sys-devel/flex-2.5.39-r1"
145	+ BDEPEND+=" >=sys-devel/bison-2.4.3"
146	+ BDEPEND+=" >=dev-python/docutils-0.12"
147	+fi
148	+
149	+CONFIG_CHECK="~INOTIFY_USER"
150	+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
151	+
152	+pkg_setup() {
153	+ use test && python-any-r1_pkg_setup
154	+}
155	+
156	+src_unpack() {
157	+ if [[ ${PV} == "9999" ]]; then
158	+ git-r3_fetch
159	+ git-r3_checkout
160	+ else
161	+ unpack ${P}.tar.gz
162	+ fi
163	+
164	+ if use doc; then
165	+ if [[ ${PV} == "9999" ]]; then
166	+ local _EGIT_BRANCH=
167	+ if [[ -n "${EGIT_BRANCH}" ]]; then
168	+ # Cannot use rsyslog commits/branches for documentation repository
169	+ _EGIT_BRANCH=${EGIT_BRANCH}
170	+ unset EGIT_BRANCH
171	+ fi
172	+
173	+ git-r3_fetch "${DOC_REPO_URI}"
174	+ git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
175	+
176	+ if [[ -n "${_EGIT_BRANCH}" ]]; then
177	+ # Restore previous EGIT_BRANCH information
178	+ EGIT_BRANCH=${_EGIT_BRANCH}
179	+ fi
180	+ else
181	+ cd "${S}" \|\| die "Cannot change dir into '${S}'"
182	+ mkdir docs \|\| die "Failed to create docs directory"
183	+ cd docs \|\| die "Failed to change dir into '${S}/docs'"
184	+ unpack ${PN}-doc-${PV}.tar.gz
185	+ fi
186	+ fi
187	+}
188	+
189	+src_prepare() {
190	+ default
191	+
192	+ # https://github.com/rsyslog/rsyslog/issues/3626
193	+ sed -i \
194	+ -e '\\|^#!/bin/bash$\|a exit 77' \
195	+ tests/mmkubernetes-cache-expir*.sh \
196	+ \|\| die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh"
197	+
198	+ eautoreconf
199	+}
200	+
201	+src_configure() {
202	+ # Maintainer notes:
203	+ # * Guardtime support is missing because libgt isn't yet available
204	+ # in portage.
205	+ # * Hadoop's HDFS file system output module is currently not
206	+ # supported in Gentoo because nobody is able to test it
207	+ # (JAVA dependency).
208	+ # * dev-libs/hiredis doesn't provide pkg-config (see #504614,
209	+ # upstream PR 129 and 136) so we need to export HIREDIS_*
210	+ # variables because rsyslog's build system depends on pkg-config.
211	+
212	+ if use redis; then
213	+ export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
214	+ export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
215	+ fi
216	+
217	+ local myeconfargs=(
218	+ --disable-debug-symbols
219	+ --disable-generate-man-pages
220	+ --without-valgrind-testbench
221	+ --disable-liblogging-stdlog
222	+ $(use_enable test testbench)
223	+ $(use_enable test libfaketime)
224	+ $(use_enable test extended-tests)
225	+ # Input Plugins without dependencies
226	+ --enable-imbatchreport
227	+ --enable-imdiag
228	+ --enable-imfile
229	+ --enable-improg
230	+ --enable-impstats
231	+ --enable-imptcp
232	+ # Message Modificiation Plugins without dependencies
233	+ --enable-mmanon
234	+ --enable-mmaudit
235	+ --enable-mmcount
236	+ --enable-mmfields
237	+ --enable-mmjsonparse
238	+ --enable-mmpstrucdata
239	+ --enable-mmrm1stspace
240	+ --enable-mmsequence
241	+ --enable-mmtaghostname
242	+ --enable-mmutf8fix
243	+ # Output Modification Plugins without dependencies
244	+ --enable-mail
245	+ --enable-omprog
246	+ --enable-omruleset
247	+ --enable-omstdout
248	+ --enable-omuxsock
249	+ # Misc
250	+ --enable-fmhash
251	+ --enable-fmunflatten
252	+ $(use_enable xxhash fmhash-xxhash)
253	+ --enable-pmaixforwardedfrom
254	+ --enable-pmciscoios
255	+ --enable-pmcisconames
256	+ --enable-pmdb2diag
257	+ --enable-pmlastmsg
258	+ $(use_enable normalize pmnormalize)
259	+ --enable-pmnull
260	+ --enable-pmpanngfw
261	+ --enable-pmsnare
262	+ # DB
263	+ $(use_enable dbi libdbi)
264	+ $(use_enable mongodb ommongodb)
265	+ $(use_enable mysql)
266	+ $(use_enable postgres pgsql)
267	+ $(use_enable redis imhiredis)
268	+ $(use_enable redis omhiredis)
269	+ # Debug
270	+ $(use_enable debug)
271	+ $(use_enable debug diagtools)
272	+ $(use_enable debug valgrind)
273	+ # Misc
274	+ $(use_enable clickhouse)
275	+ $(use_enable curl fmhttp)
276	+ $(use_enable elasticsearch)
277	+ $(use_enable gcrypt libgcrypt)
278	+ $(use_enable imhttp)
279	+ $(use_enable impcap)
280	+ $(use_enable jemalloc)
281	+ $(use_enable kafka imkafka)
282	+ $(use_enable kafka omkafka)
283	+ $(use_enable kerberos gssapi-krb5)
284	+ $(use_enable kubernetes mmkubernetes)
285	+ $(use_enable normalize mmnormalize)
286	+ $(use_enable mdblookup mmdblookup)
287	+ $(use_enable omhttp)
288	+ $(use_enable omhttpfs)
289	+ $(use_enable omudpspoof)
290	+ $(use_enable rabbitmq omrabbitmq)
291	+ $(use_enable relp)
292	+ $(use_enable rfc3195)
293	+ $(use_enable rfc5424hmac mmrfc5424addhmac)
294	+ $(use_enable snmp)
295	+ $(use_enable snmp mmsnmptrapd)
296	+ $(use_enable gnutls)
297	+ $(use_enable openssl)
298	+ $(use_enable systemd imjournal)
299	+ $(use_enable systemd omjournal)
300	+ $(use_enable usertools)
301	+ $(use_enable uuid)
302	+ $(use_enable zeromq imczmq)
303	+ $(use_enable zeromq omczmq)
304	+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
305	+ )
306	+
307	+ econf "${myeconfargs[@]}"
308	+}
309	+
310	+src_compile() {
311	+ default
312	+
313	+ if use doc && [[ "${PV}" == "9999" ]]; then
314	+ einfo "Building documentation ..."
315	+ local doc_dir="${S}/docs"
316	+ cd "${doc_dir}" \|\| die "Cannot chdir into \"${doc_dir}\"!"
317	+ sphinx-build -b html source build \|\| die "Building documentation failed!"
318	+ fi
319	+}
320	+
321	+src_test() {
322	+ local _has_increased_ulimit=
323	+
324	+ # Sometimes tests aren't executable (i.e. when added via patch)
325	+ einfo "Adjusting permissions of test scripts ..."
326	+ find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; \|\| \
327	+ die "Failed to adjust test scripts permission"
328	+
329	+ if ulimit -n 3072; then
330	+ _has_increased_ulimit="true"
331	+ fi
332	+
333	+ if ! emake --jobs 1 check; then
334	+ eerror "Test suite failed! :("
335	+
336	+ if [[ -z "${_has_increased_ulimit}" ]]; then
337	+ eerror "Probably because open file limit couldn't be set to 3072."
338	+ fi
339	+
340	+ if has userpriv ${FEATURES}; then
341	+ eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
342	+ "before you submit a bug report."
343	+ fi
344	+
345	+ fi
346	+}
347	+
348	+src_install() {
349	+ local DOCS=(
350	+ AUTHORS
351	+ ChangeLog
352	+ "${FILESDIR}"/README.gentoo
353	+ )
354	+
355	+ use doc && local HTML_DOCS=( "${S}/docs/build/." )
356	+
357	+ default
358	+
359	+ newconfd "${FILESDIR}/${PN}.confd-r1" ${PN}
360	+ newinitd "${FILESDIR}/${PN}.initd-r1" ${PN}
361	+
362	+ systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service
363	+
364	+ keepdir /var/empty/dev
365	+ keepdir /var/spool/${PN}
366	+ keepdir /etc/ssl/${PN}
367	+ keepdir /etc/${PN}.d
368	+
369	+ insinto /etc
370	+ newins "${FILESDIR}/${PN}.conf" ${PN}.conf
371	+
372	+ insinto /etc/rsyslog.d/
373	+ newins "${FILESDIR}/50-default-r1.conf" 50-default.conf
374	+
375	+ insinto /etc/logrotate.d/
376	+ newins "${FILESDIR}/${PN}-r1.logrotate" ${PN}
377	+
378	+ if use mysql; then
379	+ insinto /usr/share/${PN}/scripts/mysql
380	+ doins plugins/ommysql/createDB.sql
381	+ fi
382	+
383	+ if use postgres; then
384	+ insinto /usr/share/${PN}/scripts/pgsql
385	+ doins plugins/ompgsql/createDB.sql
386	+ fi
387	+
388	+ find "${ED}" -name '*.la' -delete \|\| die
389	+}
390	+
391	+pkg_postinst() {
392	+ local advertise_readme=0
393	+
394	+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
395	+ # This is a new installation
396	+
397	+ advertise_readme=1
398	+
399	+ if use mysql \|\| use postgres; then
400	+ echo
401	+ elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
402	+ elog " /usr/share/doc/${PF}/scripts"
403	+ fi
404	+
405	+ if use ssl; then
406	+ echo
407	+ elog "To create a default CA and certificates for your server and clients, run:"
408	+ elog " emerge --config =${PF}"
409	+ elog "on your logging server. You can run it several times,"
410	+ elog "once for each logging client. The client certificates will be signed"
411	+ elog "using the CA certificate generated during the first run."
412	+ fi
413	+ fi
414	+
415	+ if [[ ${advertise_readme} -gt 0 ]]; then
416	+ # We need to show the README file location
417	+
418	+ echo ""
419	+ elog "Please read"
420	+ elog ""
421	+ elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
422	+ elog ""
423	+ elog "for more details."
424	+ fi
425	+}
426	+
427	+pkg_config() {
428	+ if ! use ssl; then
429	+ einfo "There is nothing to configure for rsyslog unless you"
430	+ einfo "used USE=ssl to build it."
431	+ return 0
432	+ fi
433	+
434	+ if ! hash certtool &>/dev/null; then
435	+ die "certtool not found! Is net-libs/gnutls[tools] is installed?"
436	+ fi
437	+
438	+ # Make sure the certificates directory exists
439	+ local CERTDIR="${EROOT}/etc/ssl/${PN}"
440	+ if [[ ! -d "${CERTDIR}" ]]; then
441	+ mkdir "${CERTDIR}" \|\| die
442	+ fi
443	+ einfo "Your certificates will be stored in ${CERTDIR}"
444	+
445	+ # Create a default CA if needed
446	+ if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
447	+ einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
448	+ certtool --generate-privkey \
449	+ --outfile "${CERTDIR}/${PN}_ca.privkey.pem" \|\| die
450	+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
451	+
452	+ cat > "${T}/${PF}.$$" <<- _EOF
453	+ cn = Portage automated CA
454	+ ca
455	+ cert_signing_key
456	+ expiration_days = 3650
457	+ _EOF
458	+
459	+ certtool --generate-self-signed \
460	+ --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
461	+ --outfile "${CERTDIR}/${PN}_ca.cert.pem" \
462	+ --template "${T}/${PF}.$$" \|\| die
463	+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
464	+
465	+ # Create the server certificate
466	+ echo
467	+ einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
468	+ read -r CN
469	+
470	+ einfo "Creating private key and certificate for server ${CN}..."
471	+ certtool --generate-privkey \
472	+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" \|\| die
473	+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
474	+
475	+ cat > "${T}/${PF}.$$" <<- _EOF
476	+ cn = ${CN}
477	+ tls_www_server
478	+ dns_name = ${CN}
479	+ expiration_days = 3650
480	+ _EOF
481	+
482	+ certtool --generate-certificate \
483	+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
484	+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
485	+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
486	+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
487	+ --template "${T}/${PF}.$$" &>/dev/null
488	+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
489	+
490	+ else
491	+ einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
492	+ fi
493	+
494	+ # Create a client certificate
495	+ echo
496	+ einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
497	+ read -r CN
498	+
499	+ einfo "Creating private key and certificate for client ${CN}..."
500	+ certtool --generate-privkey \
501	+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" \|\| die
502	+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
503	+
504	+ cat > "${T}/${PF}.$$" <<- _EOF
505	+ cn = ${CN}
506	+ tls_www_client
507	+ dns_name = ${CN}
508	+ expiration_days = 3650
509	+ _EOF
510	+
511	+ certtool --generate-certificate \
512	+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
513	+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
514	+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
515	+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
516	+ --template "${T}/${PF}.$$" \|\| die
517	+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
518	+
519	+ rm -f "${T}/${PF}.$$"
520	+
521	+ echo
522	+ einfo "Here is the documentation on how to encrypt your log traffic:"
523	+ einfo " https://www.rsyslog.com/doc/rsyslog_tls.html"
524	+}

Gentoo Archives: gentoo-commits