1 |
commit: 8b015b19fbd222f02dadbb07429ce36d3a7f2e3c |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Apr 24 16:16:35 2021 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Apr 24 16:20:40 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b015b19 |
7 |
|
8 |
app-admin/rsyslog: bump to v8.2104.0 |
9 |
|
10 |
Package-Manager: Portage-3.0.18, Repoman-3.0.3 |
11 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
12 |
|
13 |
app-admin/rsyslog/Manifest | 2 + |
14 |
app-admin/rsyslog/rsyslog-8.2104.0.ebuild | 484 ++++++++++++++++++++++++++++++ |
15 |
2 files changed, 486 insertions(+) |
16 |
|
17 |
diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest |
18 |
index a3945098f2a..26b554105c0 100644 |
19 |
--- a/app-admin/rsyslog/Manifest |
20 |
+++ b/app-admin/rsyslog/Manifest |
21 |
@@ -2,7 +2,9 @@ DIST rsyslog-8.2008.0.tar.gz 3051049 BLAKE2B abf9b7ec81cf62841c448f22c7aff45bc85 |
22 |
DIST rsyslog-8.2010.0.tar.gz 3097606 BLAKE2B 06bfd54edc2126567ff9a460c272583d388a16a4db6f56603c8b9d2dd54bf4fe3b3b402eb4a9523b68e9d3a7602759fad57b35351d7cadab0b7f02771db5c40c SHA512 e3c8ed6b631053e38abfe8ce183a1544d04a0207dc988d36f5141a7ea8c987915f4c0429ccd094b7e374c277b7ee5b50e65e7205c156af01ffe9bdf8338831c8 |
23 |
DIST rsyslog-8.2012.0.tar.gz 3118101 BLAKE2B 26550c90ff5502c051c30996f7a1eabfdd9e5ce229dbb33f91ac40f9af5c2d2b15f9dd8a3b0a31b00b1b510d91fe5ce177ceab5fa2af416a9de9acc4e4b24f6a SHA512 d279295c8d399be140bd5c30786c6a32b2ddfd0d90ca4cd285aa33622c66ad9e3a5b979c8041f6e736670fef8f2cd5571980eef1b1395d4ab30a112f2dd1270d |
24 |
DIST rsyslog-8.2102.0.tar.gz 3123684 BLAKE2B f5c4e00d68ec82ed3f7b89dd5e888bebda9c4eb38185dfd8ecd96c1bf77380385aaddac73ab1de8364e1239a3de746f160c18b0f135d006f473f9e40be2c18a1 SHA512 281b0e5d5cb548c39a6e514e5fd5b1bdbe8ca0bdd9234f4fea581ed7679f76d2d75b65d14c3c5e799f86f91600074ff75b467aa1ff27cdbec0f4197261c5aec0 |
25 |
+DIST rsyslog-8.2104.0.tar.gz 3175254 BLAKE2B ed772d4e460105b8406305574fdbe4aeca7ba57ba975b78f91d279460fee0faa767fcda3d2d8a4ba6d543bf9e920f9b7cf5ddf9e4d3ccfc9ae3b08c318a6c5b0 SHA512 15ded57f32259bb12b3378d10bc2d4d6eff39623f1195357dafa58e5c1154aedc0d60ff0746599707f380cf3bfc5ca955f15f1213572fa447cc333d479e0eefc |
26 |
DIST rsyslog-doc-8.2008.0.tar.gz 8378149 BLAKE2B 0f6bc116a03821899d33c7960e517725487b89ea2aabc7f5d0fbd4962d82a06558737bcee67af02105006c670ec736eb5ba0b7811b25a1e627a99555121b2999 SHA512 5b8bed19017c65469eb8ea7725ef162595b30f520605f37447498ab69b5cfe8f939cee7e7915ecbf3c025871408fd7af6d45ba960a83096f83a397df4cefef09 |
27 |
DIST rsyslog-doc-8.2010.0.tar.gz 8428326 BLAKE2B ee8eb2bdbb1f6c7122559b63ddc1ae6ac7fbfb23d661410feb39d7ddce332851e785bb447fb67dd2de8ff62e91fe865fbf7dec8bf62d7fe51181e3c6bbbe64db SHA512 072fb05a0117dc0970a4e5e302abbaf5dc065c2a0962c4160e7efb86fedad89a2caa546cd2bf4af07b7f5e2fa5267cf02889d911f7a6916725e6aea1760ab253 |
28 |
DIST rsyslog-doc-8.2012.0.tar.gz 6417145 BLAKE2B d8377f40b0311e8e7dcca274c251c0de7706490e3048c8d69d479120e06ca1e0b3ec9fce0a04928984d440da3aef196965f8c1b45afe8931c893b4baa72f4e87 SHA512 5647f499230276066abced34c2ca352268ba24fbd00cb7b5e3d0a2494977dd6f781cf8d1e7c7a9210d23c451ff162acda81ee93afa3f8f08fd555123e9daeece |
29 |
DIST rsyslog-doc-8.2102.0.tar.gz 6419104 BLAKE2B 134c7ccde6f7435b35840fa37f5774223ac1ebd7dc10db961900a7b1600483156518433c7f70d0981e96ea750e1916ab53e346abacf58066bf141e85c719ae00 SHA512 a5dc4fb9bd8892fac693c5692b926c8d7d9fa36667d6b4c6eccba750713af88d4317f6232efc2a16de38c2e58c4a8bc4d04c9ebb2e7ebc3b0878d53eef20dd2e |
30 |
+DIST rsyslog-doc-8.2104.0.tar.gz 6451275 BLAKE2B cb8a38b28caec17babd190e463070b862071a75c4c63a7208e56f039f84ae7a5c6045112697c61635d328e56d9427f692e67a9d6fefc94b59ad28481210f1481 SHA512 6c898fa606190c5cf214822503f060b1692cd907731858736a395511b66d7b0d1cf6dfcc90c4cecbe21b099197ae2187db53d719f44f85f26a1bd34971539d36 |
31 |
|
32 |
diff --git a/app-admin/rsyslog/rsyslog-8.2104.0.ebuild b/app-admin/rsyslog/rsyslog-8.2104.0.ebuild |
33 |
new file mode 100644 |
34 |
index 00000000000..4fd8716916c |
35 |
--- /dev/null |
36 |
+++ b/app-admin/rsyslog/rsyslog-8.2104.0.ebuild |
37 |
@@ -0,0 +1,484 @@ |
38 |
+# Copyright 1999-2021 Gentoo Authors |
39 |
+# Distributed under the terms of the GNU General Public License v2 |
40 |
+ |
41 |
+EAPI="7" |
42 |
+PYTHON_COMPAT=( python3_{7..9} ) |
43 |
+ |
44 |
+inherit autotools linux-info python-any-r1 systemd |
45 |
+ |
46 |
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more" |
47 |
+HOMEPAGE="https://www.rsyslog.com/" |
48 |
+ |
49 |
+if [[ ${PV} == "9999" ]]; then |
50 |
+ EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git" |
51 |
+ |
52 |
+ DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git" |
53 |
+ |
54 |
+ inherit git-r3 |
55 |
+else |
56 |
+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86" |
57 |
+ |
58 |
+ SRC_URI=" |
59 |
+ https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz |
60 |
+ doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz ) |
61 |
+ " |
62 |
+fi |
63 |
+ |
64 |
+LICENSE="GPL-3 LGPL-3 Apache-2.0" |
65 |
+SLOT="0" |
66 |
+ |
67 |
+IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp" |
68 |
+IUSE+=" impcap jemalloc kafka kerberos kubernetes libressl mdblookup" |
69 |
+IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl" |
70 |
+IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl" |
71 |
+IUSE+=" systemd test usertools +uuid xxhash zeromq" |
72 |
+ |
73 |
+RESTRICT="!test? ( test )" |
74 |
+ |
75 |
+REQUIRED_USE=" |
76 |
+ kubernetes? ( normalize ) |
77 |
+ ssl? ( || ( gnutls openssl ) ) |
78 |
+" |
79 |
+ |
80 |
+BDEPEND=">=sys-devel/autoconf-archive-2015.02.24 |
81 |
+ virtual/pkgconfig |
82 |
+ elibc_musl? ( sys-libs/queue-standalone ) |
83 |
+ test? ( |
84 |
+ jemalloc? ( <sys-libs/libfaketime-0.9.7 ) |
85 |
+ !jemalloc? ( sys-libs/libfaketime ) |
86 |
+ ${PYTHON_DEPS} |
87 |
+ )" |
88 |
+ |
89 |
+RDEPEND=" |
90 |
+ >=dev-libs/libfastjson-0.99.8:= |
91 |
+ >=dev-libs/libestr-0.1.9 |
92 |
+ >=sys-libs/zlib-1.2.5 |
93 |
+ curl? ( >=net-misc/curl-7.35.0 ) |
94 |
+ dbi? ( >=dev-db/libdbi-0.8.3 ) |
95 |
+ elasticsearch? ( >=net-misc/curl-7.35.0 ) |
96 |
+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= ) |
97 |
+ imhttp? ( www-servers/civetweb ) |
98 |
+ impcap? ( net-libs/libpcap ) |
99 |
+ jemalloc? ( >=dev-libs/jemalloc-3.3.1:= ) |
100 |
+ kafka? ( >=dev-libs/librdkafka-0.9.0.99:= ) |
101 |
+ kerberos? ( virtual/krb5 ) |
102 |
+ kubernetes? ( >=net-misc/curl-7.35.0 ) |
103 |
+ mdblookup? ( dev-libs/libmaxminddb:= ) |
104 |
+ mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= ) |
105 |
+ mysql? ( dev-db/mysql-connector-c:= ) |
106 |
+ normalize? ( |
107 |
+ >=dev-libs/liblognorm-2.0.3:= |
108 |
+ ) |
109 |
+ clickhouse? ( >=net-misc/curl-7.35.0 ) |
110 |
+ omhttpfs? ( >=net-misc/curl-7.35.0 ) |
111 |
+ omudpspoof? ( >=net-libs/libnet-1.1.6 ) |
112 |
+ postgres? ( >=dev-db/postgresql-8.4.20:= ) |
113 |
+ rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= ) |
114 |
+ redis? ( >=dev-libs/hiredis-0.11.0:= ) |
115 |
+ relp? ( >=dev-libs/librelp-1.2.17:= ) |
116 |
+ rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] ) |
117 |
+ rfc5424hmac? ( |
118 |
+ !libressl? ( >=dev-libs/openssl-0.9.8y:0= ) |
119 |
+ libressl? ( dev-libs/libressl:= ) |
120 |
+ ) |
121 |
+ snmp? ( >=net-analyzer/net-snmp-5.7.2 ) |
122 |
+ ssl? ( |
123 |
+ gnutls? ( >=net-libs/gnutls-2.12.23:0= ) |
124 |
+ openssl? ( |
125 |
+ !libressl? ( dev-libs/openssl:0= ) |
126 |
+ libressl? ( dev-libs/libressl:0= ) |
127 |
+ ) |
128 |
+ ) |
129 |
+ systemd? ( >=sys-apps/systemd-234 ) |
130 |
+ uuid? ( sys-apps/util-linux:0= ) |
131 |
+ xxhash? ( dev-libs/xxhash:= ) |
132 |
+ zeromq? ( |
133 |
+ >=net-libs/czmq-4:=[drafts] |
134 |
+ )" |
135 |
+DEPEND="${RDEPEND} |
136 |
+ test? ( |
137 |
+ >=dev-libs/liblogging-1.0.1[stdlog] |
138 |
+ )" |
139 |
+ |
140 |
+if [[ ${PV} == "9999" ]]; then |
141 |
+ BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )" |
142 |
+ BDEPEND+=" >=sys-devel/flex-2.5.39-r1" |
143 |
+ BDEPEND+=" >=sys-devel/bison-2.4.3" |
144 |
+ BDEPEND+=" >=dev-python/docutils-0.12" |
145 |
+fi |
146 |
+ |
147 |
+CONFIG_CHECK="~INOTIFY_USER" |
148 |
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!" |
149 |
+ |
150 |
+pkg_setup() { |
151 |
+ use test && python-any-r1_pkg_setup |
152 |
+} |
153 |
+ |
154 |
+src_unpack() { |
155 |
+ if [[ ${PV} == "9999" ]]; then |
156 |
+ git-r3_fetch |
157 |
+ git-r3_checkout |
158 |
+ else |
159 |
+ unpack ${P}.tar.gz |
160 |
+ fi |
161 |
+ |
162 |
+ if use doc; then |
163 |
+ if [[ ${PV} == "9999" ]]; then |
164 |
+ local _EGIT_BRANCH= |
165 |
+ if [[ -n "${EGIT_BRANCH}" ]]; then |
166 |
+ # Cannot use rsyslog commits/branches for documentation repository |
167 |
+ _EGIT_BRANCH=${EGIT_BRANCH} |
168 |
+ unset EGIT_BRANCH |
169 |
+ fi |
170 |
+ |
171 |
+ git-r3_fetch "${DOC_REPO_URI}" |
172 |
+ git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs |
173 |
+ |
174 |
+ if [[ -n "${_EGIT_BRANCH}" ]]; then |
175 |
+ # Restore previous EGIT_BRANCH information |
176 |
+ EGIT_BRANCH=${_EGIT_BRANCH} |
177 |
+ fi |
178 |
+ else |
179 |
+ cd "${S}" || die "Cannot change dir into '${S}'" |
180 |
+ mkdir docs || die "Failed to create docs directory" |
181 |
+ cd docs || die "Failed to change dir into '${S}/docs'" |
182 |
+ unpack ${PN}-doc-${PV}.tar.gz |
183 |
+ fi |
184 |
+ fi |
185 |
+} |
186 |
+ |
187 |
+src_prepare() { |
188 |
+ default |
189 |
+ |
190 |
+ # https://github.com/rsyslog/rsyslog/issues/3626 |
191 |
+ sed -i \ |
192 |
+ -e '\|^#!/bin/bash$|a exit 77' \ |
193 |
+ tests/mmkubernetes-cache-expir*.sh \ |
194 |
+ || die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh" |
195 |
+ |
196 |
+ eautoreconf |
197 |
+} |
198 |
+ |
199 |
+src_configure() { |
200 |
+ # Maintainer notes: |
201 |
+ # * Guardtime support is missing because libgt isn't yet available |
202 |
+ # in portage. |
203 |
+ # * Hadoop's HDFS file system output module is currently not |
204 |
+ # supported in Gentoo because nobody is able to test it |
205 |
+ # (JAVA dependency). |
206 |
+ # * dev-libs/hiredis doesn't provide pkg-config (see #504614, |
207 |
+ # upstream PR 129 and 136) so we need to export HIREDIS_* |
208 |
+ # variables because rsyslog's build system depends on pkg-config. |
209 |
+ |
210 |
+ if use redis; then |
211 |
+ export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis" |
212 |
+ export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include" |
213 |
+ fi |
214 |
+ |
215 |
+ local myeconfargs=( |
216 |
+ --disable-debug-symbols |
217 |
+ --disable-generate-man-pages |
218 |
+ --without-valgrind-testbench |
219 |
+ --disable-liblogging-stdlog |
220 |
+ $(use_enable test testbench) |
221 |
+ $(use_enable test libfaketime) |
222 |
+ $(use_enable test extended-tests) |
223 |
+ # Input Plugins without dependencies |
224 |
+ --enable-imbatchreport |
225 |
+ --enable-imdiag |
226 |
+ --enable-imfile |
227 |
+ --enable-improg |
228 |
+ --enable-impstats |
229 |
+ --enable-imptcp |
230 |
+ # Message Modificiation Plugins without dependencies |
231 |
+ --enable-mmanon |
232 |
+ --enable-mmaudit |
233 |
+ --enable-mmcount |
234 |
+ --enable-mmfields |
235 |
+ --enable-mmjsonparse |
236 |
+ --enable-mmpstrucdata |
237 |
+ --enable-mmrm1stspace |
238 |
+ --enable-mmsequence |
239 |
+ --enable-mmtaghostname |
240 |
+ --enable-mmutf8fix |
241 |
+ # Output Modification Plugins without dependencies |
242 |
+ --enable-mail |
243 |
+ --enable-omprog |
244 |
+ --enable-omruleset |
245 |
+ --enable-omstdout |
246 |
+ --enable-omuxsock |
247 |
+ # Misc |
248 |
+ --enable-fmhash |
249 |
+ $(use_enable xxhash fmhash-xxhash) |
250 |
+ --enable-pmaixforwardedfrom |
251 |
+ --enable-pmciscoios |
252 |
+ --enable-pmcisconames |
253 |
+ --enable-pmdb2diag |
254 |
+ --enable-pmlastmsg |
255 |
+ $(use_enable normalize pmnormalize) |
256 |
+ --enable-pmnull |
257 |
+ --enable-pmpanngfw |
258 |
+ --enable-pmsnare |
259 |
+ # DB |
260 |
+ $(use_enable dbi libdbi) |
261 |
+ $(use_enable mongodb ommongodb) |
262 |
+ $(use_enable mysql) |
263 |
+ $(use_enable postgres pgsql) |
264 |
+ $(use_enable redis imhiredis) |
265 |
+ $(use_enable redis omhiredis) |
266 |
+ # Debug |
267 |
+ $(use_enable debug) |
268 |
+ $(use_enable debug diagtools) |
269 |
+ $(use_enable debug valgrind) |
270 |
+ # Misc |
271 |
+ $(use_enable clickhouse) |
272 |
+ $(use_enable curl fmhttp) |
273 |
+ $(use_enable elasticsearch) |
274 |
+ $(use_enable gcrypt libgcrypt) |
275 |
+ $(use_enable imhttp) |
276 |
+ $(use_enable impcap) |
277 |
+ $(use_enable jemalloc) |
278 |
+ $(use_enable kafka imkafka) |
279 |
+ $(use_enable kafka omkafka) |
280 |
+ $(use_enable kerberos gssapi-krb5) |
281 |
+ $(use_enable kubernetes mmkubernetes) |
282 |
+ $(use_enable normalize mmnormalize) |
283 |
+ $(use_enable mdblookup mmdblookup) |
284 |
+ $(use_enable omhttp) |
285 |
+ $(use_enable omhttpfs) |
286 |
+ $(use_enable omudpspoof) |
287 |
+ $(use_enable rabbitmq omrabbitmq) |
288 |
+ $(use_enable relp) |
289 |
+ $(use_enable rfc3195) |
290 |
+ $(use_enable rfc5424hmac mmrfc5424addhmac) |
291 |
+ $(use_enable snmp) |
292 |
+ $(use_enable snmp mmsnmptrapd) |
293 |
+ $(use_enable gnutls) |
294 |
+ $(use_enable openssl) |
295 |
+ $(use_enable systemd imjournal) |
296 |
+ $(use_enable systemd omjournal) |
297 |
+ $(use_enable usertools) |
298 |
+ $(use_enable uuid) |
299 |
+ $(use_enable zeromq imczmq) |
300 |
+ $(use_enable zeromq omczmq) |
301 |
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" |
302 |
+ ) |
303 |
+ |
304 |
+ econf "${myeconfargs[@]}" |
305 |
+} |
306 |
+ |
307 |
+src_compile() { |
308 |
+ default |
309 |
+ |
310 |
+ if use doc && [[ "${PV}" == "9999" ]]; then |
311 |
+ einfo "Building documentation ..." |
312 |
+ local doc_dir="${S}/docs" |
313 |
+ cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!" |
314 |
+ sphinx-build -b html source build || die "Building documentation failed!" |
315 |
+ fi |
316 |
+} |
317 |
+ |
318 |
+src_test() { |
319 |
+ local _has_increased_ulimit= |
320 |
+ |
321 |
+ # Sometimes tests aren't executable (i.e. when added via patch) |
322 |
+ einfo "Adjusting permissions of test scripts ..." |
323 |
+ find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \ |
324 |
+ die "Failed to adjust test scripts permission" |
325 |
+ |
326 |
+ if ulimit -n 3072; then |
327 |
+ _has_increased_ulimit="true" |
328 |
+ fi |
329 |
+ |
330 |
+ if ! emake --jobs 1 check; then |
331 |
+ eerror "Test suite failed! :(" |
332 |
+ |
333 |
+ if [[ -z "${_has_increased_ulimit}" ]]; then |
334 |
+ eerror "Probably because open file limit couldn't be set to 3072." |
335 |
+ fi |
336 |
+ |
337 |
+ if has userpriv ${FEATURES}; then |
338 |
+ eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \ |
339 |
+ "before you submit a bug report." |
340 |
+ fi |
341 |
+ |
342 |
+ fi |
343 |
+} |
344 |
+ |
345 |
+src_install() { |
346 |
+ local DOCS=( |
347 |
+ AUTHORS |
348 |
+ ChangeLog |
349 |
+ "${FILESDIR}"/README.gentoo |
350 |
+ ) |
351 |
+ |
352 |
+ use doc && local HTML_DOCS=( "${S}/docs/build/." ) |
353 |
+ |
354 |
+ default |
355 |
+ |
356 |
+ newconfd "${FILESDIR}/${PN}.confd-r1" ${PN} |
357 |
+ newinitd "${FILESDIR}/${PN}.initd-r1" ${PN} |
358 |
+ |
359 |
+ systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service |
360 |
+ |
361 |
+ keepdir /var/empty/dev |
362 |
+ keepdir /var/spool/${PN} |
363 |
+ keepdir /etc/ssl/${PN} |
364 |
+ keepdir /etc/${PN}.d |
365 |
+ |
366 |
+ insinto /etc |
367 |
+ newins "${FILESDIR}/${PN}.conf" ${PN}.conf |
368 |
+ |
369 |
+ insinto /etc/rsyslog.d/ |
370 |
+ newins "${FILESDIR}/50-default-r1.conf" 50-default.conf |
371 |
+ |
372 |
+ insinto /etc/logrotate.d/ |
373 |
+ newins "${FILESDIR}/${PN}-r1.logrotate" ${PN} |
374 |
+ |
375 |
+ if use mysql; then |
376 |
+ insinto /usr/share/${PN}/scripts/mysql |
377 |
+ doins plugins/ommysql/createDB.sql |
378 |
+ fi |
379 |
+ |
380 |
+ if use postgres; then |
381 |
+ insinto /usr/share/${PN}/scripts/pgsql |
382 |
+ doins plugins/ompgsql/createDB.sql |
383 |
+ fi |
384 |
+ |
385 |
+ find "${ED}" -name '*.la' -delete || die |
386 |
+} |
387 |
+ |
388 |
+pkg_postinst() { |
389 |
+ local advertise_readme=0 |
390 |
+ |
391 |
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then |
392 |
+ # This is a new installation |
393 |
+ |
394 |
+ advertise_readme=1 |
395 |
+ |
396 |
+ if use mysql || use postgres; then |
397 |
+ echo |
398 |
+ elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:" |
399 |
+ elog " /usr/share/doc/${PF}/scripts" |
400 |
+ fi |
401 |
+ |
402 |
+ if use ssl; then |
403 |
+ echo |
404 |
+ elog "To create a default CA and certificates for your server and clients, run:" |
405 |
+ elog " emerge --config =${PF}" |
406 |
+ elog "on your logging server. You can run it several times," |
407 |
+ elog "once for each logging client. The client certificates will be signed" |
408 |
+ elog "using the CA certificate generated during the first run." |
409 |
+ fi |
410 |
+ fi |
411 |
+ |
412 |
+ if [[ ${advertise_readme} -gt 0 ]]; then |
413 |
+ # We need to show the README file location |
414 |
+ |
415 |
+ echo "" |
416 |
+ elog "Please read" |
417 |
+ elog "" |
418 |
+ elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*" |
419 |
+ elog "" |
420 |
+ elog "for more details." |
421 |
+ fi |
422 |
+} |
423 |
+ |
424 |
+pkg_config() { |
425 |
+ if ! use ssl; then |
426 |
+ einfo "There is nothing to configure for rsyslog unless you" |
427 |
+ einfo "used USE=ssl to build it." |
428 |
+ return 0 |
429 |
+ fi |
430 |
+ |
431 |
+ if ! hash certtool &>/dev/null; then |
432 |
+ die "certtool not found! Is net-libs/gnutls[tools] is installed?" |
433 |
+ fi |
434 |
+ |
435 |
+ # Make sure the certificates directory exists |
436 |
+ local CERTDIR="${EROOT}/etc/ssl/${PN}" |
437 |
+ if [[ ! -d "${CERTDIR}" ]]; then |
438 |
+ mkdir "${CERTDIR}" || die |
439 |
+ fi |
440 |
+ einfo "Your certificates will be stored in ${CERTDIR}" |
441 |
+ |
442 |
+ # Create a default CA if needed |
443 |
+ if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then |
444 |
+ einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..." |
445 |
+ certtool --generate-privkey \ |
446 |
+ --outfile "${CERTDIR}/${PN}_ca.privkey.pem" || die |
447 |
+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" |
448 |
+ |
449 |
+ cat > "${T}/${PF}.$$" <<- _EOF |
450 |
+ cn = Portage automated CA |
451 |
+ ca |
452 |
+ cert_signing_key |
453 |
+ expiration_days = 3650 |
454 |
+ _EOF |
455 |
+ |
456 |
+ certtool --generate-self-signed \ |
457 |
+ --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ |
458 |
+ --outfile "${CERTDIR}/${PN}_ca.cert.pem" \ |
459 |
+ --template "${T}/${PF}.$$" || die |
460 |
+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" |
461 |
+ |
462 |
+ # Create the server certificate |
463 |
+ echo |
464 |
+ einfon "Please type the Common Name of the SERVER you wish to create a certificate for: " |
465 |
+ read -r CN |
466 |
+ |
467 |
+ einfo "Creating private key and certificate for server ${CN}..." |
468 |
+ certtool --generate-privkey \ |
469 |
+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die |
470 |
+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" |
471 |
+ |
472 |
+ cat > "${T}/${PF}.$$" <<- _EOF |
473 |
+ cn = ${CN} |
474 |
+ tls_www_server |
475 |
+ dns_name = ${CN} |
476 |
+ expiration_days = 3650 |
477 |
+ _EOF |
478 |
+ |
479 |
+ certtool --generate-certificate \ |
480 |
+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ |
481 |
+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ |
482 |
+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ |
483 |
+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ |
484 |
+ --template "${T}/${PF}.$$" &>/dev/null |
485 |
+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" |
486 |
+ |
487 |
+ else |
488 |
+ einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation." |
489 |
+ fi |
490 |
+ |
491 |
+ # Create a client certificate |
492 |
+ echo |
493 |
+ einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: " |
494 |
+ read -r CN |
495 |
+ |
496 |
+ einfo "Creating private key and certificate for client ${CN}..." |
497 |
+ certtool --generate-privkey \ |
498 |
+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die |
499 |
+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" |
500 |
+ |
501 |
+ cat > "${T}/${PF}.$$" <<- _EOF |
502 |
+ cn = ${CN} |
503 |
+ tls_www_client |
504 |
+ dns_name = ${CN} |
505 |
+ expiration_days = 3650 |
506 |
+ _EOF |
507 |
+ |
508 |
+ certtool --generate-certificate \ |
509 |
+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ |
510 |
+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ |
511 |
+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ |
512 |
+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ |
513 |
+ --template "${T}/${PF}.$$" || die |
514 |
+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" |
515 |
+ |
516 |
+ rm -f "${T}/${PF}.$$" |
517 |
+ |
518 |
+ echo |
519 |
+ einfo "Here is the documentation on how to encrypt your log traffic:" |
520 |
+ einfo " https://www.rsyslog.com/doc/rsyslog_tls.html" |
521 |
+} |