[gentoo-commits] repo/gentoo:master commit in: app-admin/rsyslog/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-admin/rsyslog/
Date:	Sat, 24 Apr 2021 16:26:24
Message-Id:	`1619281240.8b015b19fbd222f02dadbb07429ce36d3a7f2e3c.whissi@gentoo`

1

commit:     8b015b19fbd222f02dadbb07429ce36d3a7f2e3c

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Sat Apr 24 16:16:35 2021 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Sat Apr 24 16:20:40 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b015b19

7

8

app-admin/rsyslog: bump to v8.2104.0

9

10

Package-Manager: Portage-3.0.18, Repoman-3.0.3

11

Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

12

13

 app-admin/rsyslog/Manifest                |   2 +

14

 app-admin/rsyslog/rsyslog-8.2104.0.ebuild | 484 ++++++++++++++++++++++++++++++

15

 2 files changed, 486 insertions(+)

16

17

diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest

18

index a3945098f2a..26b554105c0 100644

19

--- a/app-admin/rsyslog/Manifest

20

+++ b/app-admin/rsyslog/Manifest

21

@@ -2,7 +2,9 @@ DIST rsyslog-8.2008.0.tar.gz 3051049 BLAKE2B abf9b7ec81cf62841c448f22c7aff45bc85

22

 DIST rsyslog-8.2010.0.tar.gz 3097606 BLAKE2B 06bfd54edc2126567ff9a460c272583d388a16a4db6f56603c8b9d2dd54bf4fe3b3b402eb4a9523b68e9d3a7602759fad57b35351d7cadab0b7f02771db5c40c SHA512 e3c8ed6b631053e38abfe8ce183a1544d04a0207dc988d36f5141a7ea8c987915f4c0429ccd094b7e374c277b7ee5b50e65e7205c156af01ffe9bdf8338831c8

23

 DIST rsyslog-8.2012.0.tar.gz 3118101 BLAKE2B 26550c90ff5502c051c30996f7a1eabfdd9e5ce229dbb33f91ac40f9af5c2d2b15f9dd8a3b0a31b00b1b510d91fe5ce177ceab5fa2af416a9de9acc4e4b24f6a SHA512 d279295c8d399be140bd5c30786c6a32b2ddfd0d90ca4cd285aa33622c66ad9e3a5b979c8041f6e736670fef8f2cd5571980eef1b1395d4ab30a112f2dd1270d

24

 DIST rsyslog-8.2102.0.tar.gz 3123684 BLAKE2B f5c4e00d68ec82ed3f7b89dd5e888bebda9c4eb38185dfd8ecd96c1bf77380385aaddac73ab1de8364e1239a3de746f160c18b0f135d006f473f9e40be2c18a1 SHA512 281b0e5d5cb548c39a6e514e5fd5b1bdbe8ca0bdd9234f4fea581ed7679f76d2d75b65d14c3c5e799f86f91600074ff75b467aa1ff27cdbec0f4197261c5aec0

25

+DIST rsyslog-8.2104.0.tar.gz 3175254 BLAKE2B ed772d4e460105b8406305574fdbe4aeca7ba57ba975b78f91d279460fee0faa767fcda3d2d8a4ba6d543bf9e920f9b7cf5ddf9e4d3ccfc9ae3b08c318a6c5b0 SHA512 15ded57f32259bb12b3378d10bc2d4d6eff39623f1195357dafa58e5c1154aedc0d60ff0746599707f380cf3bfc5ca955f15f1213572fa447cc333d479e0eefc

26

 DIST rsyslog-doc-8.2008.0.tar.gz 8378149 BLAKE2B 0f6bc116a03821899d33c7960e517725487b89ea2aabc7f5d0fbd4962d82a06558737bcee67af02105006c670ec736eb5ba0b7811b25a1e627a99555121b2999 SHA512 5b8bed19017c65469eb8ea7725ef162595b30f520605f37447498ab69b5cfe8f939cee7e7915ecbf3c025871408fd7af6d45ba960a83096f83a397df4cefef09

27

 DIST rsyslog-doc-8.2010.0.tar.gz 8428326 BLAKE2B ee8eb2bdbb1f6c7122559b63ddc1ae6ac7fbfb23d661410feb39d7ddce332851e785bb447fb67dd2de8ff62e91fe865fbf7dec8bf62d7fe51181e3c6bbbe64db SHA512 072fb05a0117dc0970a4e5e302abbaf5dc065c2a0962c4160e7efb86fedad89a2caa546cd2bf4af07b7f5e2fa5267cf02889d911f7a6916725e6aea1760ab253

28

 DIST rsyslog-doc-8.2012.0.tar.gz 6417145 BLAKE2B d8377f40b0311e8e7dcca274c251c0de7706490e3048c8d69d479120e06ca1e0b3ec9fce0a04928984d440da3aef196965f8c1b45afe8931c893b4baa72f4e87 SHA512 5647f499230276066abced34c2ca352268ba24fbd00cb7b5e3d0a2494977dd6f781cf8d1e7c7a9210d23c451ff162acda81ee93afa3f8f08fd555123e9daeece

29

 DIST rsyslog-doc-8.2102.0.tar.gz 6419104 BLAKE2B 134c7ccde6f7435b35840fa37f5774223ac1ebd7dc10db961900a7b1600483156518433c7f70d0981e96ea750e1916ab53e346abacf58066bf141e85c719ae00 SHA512 a5dc4fb9bd8892fac693c5692b926c8d7d9fa36667d6b4c6eccba750713af88d4317f6232efc2a16de38c2e58c4a8bc4d04c9ebb2e7ebc3b0878d53eef20dd2e

30

+DIST rsyslog-doc-8.2104.0.tar.gz 6451275 BLAKE2B cb8a38b28caec17babd190e463070b862071a75c4c63a7208e56f039f84ae7a5c6045112697c61635d328e56d9427f692e67a9d6fefc94b59ad28481210f1481 SHA512 6c898fa606190c5cf214822503f060b1692cd907731858736a395511b66d7b0d1cf6dfcc90c4cecbe21b099197ae2187db53d719f44f85f26a1bd34971539d36

31

32

diff --git a/app-admin/rsyslog/rsyslog-8.2104.0.ebuild b/app-admin/rsyslog/rsyslog-8.2104.0.ebuild

33

new file mode 100644

34

index 00000000000..4fd8716916c

35

--- /dev/null

36

+++ b/app-admin/rsyslog/rsyslog-8.2104.0.ebuild

37

@@ -0,0 +1,484 @@

38

+# Copyright 1999-2021 Gentoo Authors

39

+# Distributed under the terms of the GNU General Public License v2

40

+

41

+EAPI="7"

42

+PYTHON_COMPAT=( python3_{7..9} )

43

+

44

+inherit autotools linux-info python-any-r1 systemd

45

+

46

+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"

47

+HOMEPAGE="https://www.rsyslog.com/"

48

+

49

+if [[ ${PV} == "9999" ]]; then

50

+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"

51

+

52

+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"

53

+

54

+	inherit git-r3

55

+else

56

+	KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"

57

+

58

+	SRC_URI="

59

+		https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz

60

+		doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )

61

+	"

62

+fi

63

+

64

+LICENSE="GPL-3 LGPL-3 Apache-2.0"

65

+SLOT="0"

66

+

67

+IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp"

68

+IUSE+=" impcap jemalloc kafka kerberos kubernetes libressl mdblookup"

69

+IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl"

70

+IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl"

71

+IUSE+=" systemd test usertools +uuid xxhash zeromq"

72

+

73

+RESTRICT="!test? ( test )"

74

+

75

+REQUIRED_USE="

76

+	kubernetes? ( normalize )

77

+	ssl? ( || ( gnutls openssl ) )

78

+"

79

+

80

+BDEPEND=">=sys-devel/autoconf-archive-2015.02.24

81

+	virtual/pkgconfig

82

+	elibc_musl? ( sys-libs/queue-standalone )

83

+	test? (

84

+		jemalloc? ( <sys-libs/libfaketime-0.9.7 )

85

+		!jemalloc? ( sys-libs/libfaketime )

86

+		${PYTHON_DEPS}

87

+	)"

88

+

89

+RDEPEND="

90

+	>=dev-libs/libfastjson-0.99.8:=

91

+	>=dev-libs/libestr-0.1.9

92

+	>=sys-libs/zlib-1.2.5

93

+	curl? ( >=net-misc/curl-7.35.0 )

94

+	dbi? ( >=dev-db/libdbi-0.8.3 )

95

+	elasticsearch? ( >=net-misc/curl-7.35.0 )

96

+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )

97

+	imhttp? ( www-servers/civetweb )

98

+	impcap? ( net-libs/libpcap )

99

+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )

100

+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )

101

+	kerberos? ( virtual/krb5 )

102

+	kubernetes? ( >=net-misc/curl-7.35.0 )

103

+	mdblookup? ( dev-libs/libmaxminddb:= )

104

+	mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= )

105

+	mysql? ( dev-db/mysql-connector-c:= )

106

+	normalize? (

107

+		>=dev-libs/liblognorm-2.0.3:=

108

+	)

109

+	clickhouse? ( >=net-misc/curl-7.35.0 )

110

+	omhttpfs? ( >=net-misc/curl-7.35.0 )

111

+	omudpspoof? ( >=net-libs/libnet-1.1.6 )

112

+	postgres? ( >=dev-db/postgresql-8.4.20:= )

113

+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )

114

+	redis? ( >=dev-libs/hiredis-0.11.0:= )

115

+	relp? ( >=dev-libs/librelp-1.2.17:= )

116

+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )

117

+	rfc5424hmac? (

118

+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )

119

+		libressl? ( dev-libs/libressl:= )

120

+	)

121

+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )

122

+	ssl? (

123

+		gnutls? ( >=net-libs/gnutls-2.12.23:0= )

124

+		openssl? (

125

+			!libressl? ( dev-libs/openssl:0= )

126

+			libressl? ( dev-libs/libressl:0= )

127

+		)

128

+	)

129

+	systemd? ( >=sys-apps/systemd-234 )

130

+	uuid? ( sys-apps/util-linux:0= )

131

+	xxhash? ( dev-libs/xxhash:= )

132

+	zeromq? (

133

+		>=net-libs/czmq-4:=[drafts]

134

+	)"

135

+DEPEND="${RDEPEND}

136

+	test? (

137

+		>=dev-libs/liblogging-1.0.1[stdlog]

138

+	)"

139

+

140

+if [[ ${PV} == "9999" ]]; then

141

+	BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"

142

+	BDEPEND+=" >=sys-devel/flex-2.5.39-r1"

143

+	BDEPEND+=" >=sys-devel/bison-2.4.3"

144

+	BDEPEND+=" >=dev-python/docutils-0.12"

145

+fi

146

+

147

+CONFIG_CHECK="~INOTIFY_USER"

148

+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"

149

+

150

+pkg_setup() {

151

+	use test && python-any-r1_pkg_setup

152

+}

153

+

154

+src_unpack() {

155

+	if [[ ${PV} == "9999" ]]; then

156

+		git-r3_fetch

157

+		git-r3_checkout

158

+	else

159

+		unpack ${P}.tar.gz

160

+	fi

161

+

162

+	if use doc; then

163

+		if [[ ${PV} == "9999" ]]; then

164

+			local _EGIT_BRANCH=

165

+			if [[ -n "${EGIT_BRANCH}" ]]; then

166

+				# Cannot use rsyslog commits/branches for documentation repository

167

+				_EGIT_BRANCH=${EGIT_BRANCH}

168

+				unset EGIT_BRANCH

169

+			fi

170

+

171

+			git-r3_fetch "${DOC_REPO_URI}"

172

+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs

173

+

174

+			if [[ -n "${_EGIT_BRANCH}" ]]; then

175

+				# Restore previous EGIT_BRANCH information

176

+				EGIT_BRANCH=${_EGIT_BRANCH}

177

+			fi

178

+		else

179

+			cd "${S}" || die "Cannot change dir into '${S}'"

180

+			mkdir docs || die "Failed to create docs directory"

181

+			cd docs || die "Failed to change dir into '${S}/docs'"

182

+			unpack ${PN}-doc-${PV}.tar.gz

183

+		fi

184

+	fi

185

+}

186

+

187

+src_prepare() {

188

+	default

189

+

190

+	# https://github.com/rsyslog/rsyslog/issues/3626

191

+	sed -i \

192

+		-e '\|^#!/bin/bash$|a exit 77' \

193

+		tests/mmkubernetes-cache-expir*.sh \

194

+		|| die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh"

195

+

196

+	eautoreconf

197

+}

198

+

199

+src_configure() {

200

+	# Maintainer notes:

201

+	# * Guardtime support is missing because libgt isn't yet available

202

+	#   in portage.

203

+	# * Hadoop's HDFS file system output module is currently not

204

+	#   supported in Gentoo because nobody is able to test it

205

+	#   (JAVA dependency).

206

+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,

207

+	#   upstream PR 129 and 136) so we need to export HIREDIS_*

208

+	#   variables because rsyslog's build system depends on pkg-config.

209

+

210

+	if use redis; then

211

+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"

212

+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"

213

+	fi

214

+

215

+	local myeconfargs=(

216

+		--disable-debug-symbols

217

+		--disable-generate-man-pages

218

+		--without-valgrind-testbench

219

+		--disable-liblogging-stdlog

220

+		$(use_enable test testbench)

221

+		$(use_enable test libfaketime)

222

+		$(use_enable test extended-tests)

223

+		# Input Plugins without dependencies

224

+		--enable-imbatchreport

225

+		--enable-imdiag

226

+		--enable-imfile

227

+		--enable-improg

228

+		--enable-impstats

229

+		--enable-imptcp

230

+		# Message Modificiation Plugins without dependencies

231

+		--enable-mmanon

232

+		--enable-mmaudit

233

+		--enable-mmcount

234

+		--enable-mmfields

235

+		--enable-mmjsonparse

236

+		--enable-mmpstrucdata

237

+		--enable-mmrm1stspace

238

+		--enable-mmsequence

239

+		--enable-mmtaghostname

240

+		--enable-mmutf8fix

241

+		# Output Modification Plugins without dependencies

242

+		--enable-mail

243

+		--enable-omprog

244

+		--enable-omruleset

245

+		--enable-omstdout

246

+		--enable-omuxsock

247

+		# Misc

248

+		--enable-fmhash

249

+		$(use_enable xxhash fmhash-xxhash)

250

+		--enable-pmaixforwardedfrom

251

+		--enable-pmciscoios

252

+		--enable-pmcisconames

253

+		--enable-pmdb2diag

254

+		--enable-pmlastmsg

255

+		$(use_enable normalize pmnormalize)

256

+		--enable-pmnull

257

+		--enable-pmpanngfw

258

+		--enable-pmsnare

259

+		# DB

260

+		$(use_enable dbi libdbi)

261

+		$(use_enable mongodb ommongodb)

262

+		$(use_enable mysql)

263

+		$(use_enable postgres pgsql)

264

+		$(use_enable redis imhiredis)

265

+		$(use_enable redis omhiredis)

266

+		# Debug

267

+		$(use_enable debug)

268

+		$(use_enable debug diagtools)

269

+		$(use_enable debug valgrind)

270

+		# Misc

271

+		$(use_enable clickhouse)

272

+		$(use_enable curl fmhttp)

273

+		$(use_enable elasticsearch)

274

+		$(use_enable gcrypt libgcrypt)

275

+		$(use_enable imhttp)

276

+		$(use_enable impcap)

277

+		$(use_enable jemalloc)

278

+		$(use_enable kafka imkafka)

279

+		$(use_enable kafka omkafka)

280

+		$(use_enable kerberos gssapi-krb5)

281

+		$(use_enable kubernetes mmkubernetes)

282

+		$(use_enable normalize mmnormalize)

283

+		$(use_enable mdblookup mmdblookup)

284

+		$(use_enable omhttp)

285

+		$(use_enable omhttpfs)

286

+		$(use_enable omudpspoof)

287

+		$(use_enable rabbitmq omrabbitmq)

288

+		$(use_enable relp)

289

+		$(use_enable rfc3195)

290

+		$(use_enable rfc5424hmac mmrfc5424addhmac)

291

+		$(use_enable snmp)

292

+		$(use_enable snmp mmsnmptrapd)

293

+		$(use_enable gnutls)

294

+		$(use_enable openssl)

295

+		$(use_enable systemd imjournal)

296

+		$(use_enable systemd omjournal)

297

+		$(use_enable usertools)

298

+		$(use_enable uuid)

299

+		$(use_enable zeromq imczmq)

300

+		$(use_enable zeromq omczmq)

301

+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"

302

+	)

303

+

304

+	econf "${myeconfargs[@]}"

305

+}

306

+

307

+src_compile() {

308

+	default

309

+

310

+	if use doc && [[ "${PV}" == "9999" ]]; then

311

+		einfo "Building documentation ..."

312

+		local doc_dir="${S}/docs"

313

+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"

314

+		sphinx-build -b html source build || die "Building documentation failed!"

315

+	fi

316

+}

317

+

318

+src_test() {

319

+	local _has_increased_ulimit=

320

+

321

+	# Sometimes tests aren't executable (i.e. when added via patch)

322

+	einfo "Adjusting permissions of test scripts ..."

323

+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \

324

+		die "Failed to adjust test scripts permission"

325

+

326

+	if ulimit -n 3072; then

327

+		_has_increased_ulimit="true"

328

+	fi

329

+

330

+	if ! emake --jobs 1 check; then

331

+		eerror "Test suite failed! :("

332

+

333

+		if [[ -z "${_has_increased_ulimit}" ]]; then

334

+			eerror "Probably because open file limit couldn't be set to 3072."

335

+		fi

336

+

337

+		if has userpriv ${FEATURES}; then

338

+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \

339

+				"before you submit a bug report."

340

+		fi

341

+

342

+	fi

343

+}

344

+

345

+src_install() {

346

+	local DOCS=(

347

+		AUTHORS

348

+		ChangeLog

349

+		"${FILESDIR}"/README.gentoo

350

+	)

351

+

352

+	use doc && local HTML_DOCS=( "${S}/docs/build/." )

353

+

354

+	default

355

+

356

+	newconfd "${FILESDIR}/${PN}.confd-r1" ${PN}

357

+	newinitd "${FILESDIR}/${PN}.initd-r1" ${PN}

358

+

359

+	systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service

360

+

361

+	keepdir /var/empty/dev

362

+	keepdir /var/spool/${PN}

363

+	keepdir /etc/ssl/${PN}

364

+	keepdir /etc/${PN}.d

365

+

366

+	insinto /etc

367

+	newins "${FILESDIR}/${PN}.conf" ${PN}.conf

368

+

369

+	insinto /etc/rsyslog.d/

370

+	newins "${FILESDIR}/50-default-r1.conf" 50-default.conf

371

+

372

+	insinto /etc/logrotate.d/

373

+	newins "${FILESDIR}/${PN}-r1.logrotate" ${PN}

374

+

375

+	if use mysql; then

376

+		insinto /usr/share/${PN}/scripts/mysql

377

+		doins plugins/ommysql/createDB.sql

378

+	fi

379

+

380

+	if use postgres; then

381

+		insinto /usr/share/${PN}/scripts/pgsql

382

+		doins plugins/ompgsql/createDB.sql

383

+	fi

384

+

385

+	find "${ED}" -name '*.la' -delete || die

386

+}

387

+

388

+pkg_postinst() {

389

+	local advertise_readme=0

390

+

391

+	if [[ -z "${REPLACING_VERSIONS}" ]]; then

392

+		# This is a new installation

393

+

394

+		advertise_readme=1

395

+

396

+		if use mysql || use postgres; then

397

+			echo

398

+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"

399

+			elog "  /usr/share/doc/${PF}/scripts"

400

+		fi

401

+

402

+		if use ssl; then

403

+			echo

404

+			elog "To create a default CA and certificates for your server and clients, run:"

405

+			elog "  emerge --config =${PF}"

406

+			elog "on your logging server. You can run it several times,"

407

+			elog "once for each logging client. The client certificates will be signed"

408

+			elog "using the CA certificate generated during the first run."

409

+		fi

410

+	fi

411

+

412

+	if [[ ${advertise_readme} -gt 0 ]]; then

413

+		# We need to show the README file location

414

+

415

+		echo ""

416

+		elog "Please read"

417

+		elog ""

418

+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"

419

+		elog ""

420

+		elog "for more details."

421

+	fi

422

+}

423

+

424

+pkg_config() {

425

+	if ! use ssl; then

426

+		einfo "There is nothing to configure for rsyslog unless you"

427

+		einfo "used USE=ssl to build it."

428

+		return 0

429

+	fi

430

+

431

+	if ! hash certtool &>/dev/null; then

432

+		die "certtool not found! Is net-libs/gnutls[tools] is installed?"

433

+	fi

434

+

435

+	# Make sure the certificates directory exists

436

+	local CERTDIR="${EROOT}/etc/ssl/${PN}"

437

+	if [[ ! -d "${CERTDIR}" ]]; then

438

+		mkdir "${CERTDIR}" || die

439

+	fi

440

+	einfo "Your certificates will be stored in ${CERTDIR}"

441

+

442

+	# Create a default CA if needed

443

+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then

444

+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."

445

+		certtool --generate-privkey \

446

+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" || die

447

+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"

448

+

449

+		cat > "${T}/${PF}.$$" <<- _EOF

450

+		cn = Portage automated CA

451

+		ca

452

+		cert_signing_key

453

+		expiration_days = 3650

454

+		_EOF

455

+

456

+		certtool --generate-self-signed \

457

+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

458

+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \

459

+			--template "${T}/${PF}.$$" || die

460

+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"

461

+

462

+		# Create the server certificate

463

+		echo

464

+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "

465

+		read -r CN

466

+

467

+		einfo "Creating private key and certificate for server ${CN}..."

468

+		certtool --generate-privkey \

469

+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die

470

+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"

471

+

472

+		cat > "${T}/${PF}.$$" <<- _EOF

473

+		cn = ${CN}

474

+		tls_www_server

475

+		dns_name = ${CN}

476

+		expiration_days = 3650

477

+		_EOF

478

+

479

+		certtool --generate-certificate \

480

+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \

481

+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \

482

+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \

483

+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

484

+			--template "${T}/${PF}.$$" &>/dev/null

485

+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"

486

+

487

+	else

488

+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."

489

+	fi

490

+

491

+	# Create a client certificate

492

+	echo

493

+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "

494

+	read -r CN

495

+

496

+	einfo "Creating private key and certificate for client ${CN}..."

497

+	certtool --generate-privkey \

498

+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die

499

+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"

500

+

501

+	cat > "${T}/${PF}.$$" <<- _EOF

502

+	cn = ${CN}

503

+	tls_www_client

504

+	dns_name = ${CN}

505

+	expiration_days = 3650

506

+	_EOF

507

+

508

+	certtool --generate-certificate \

509

+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \

510

+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \

511

+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \

512

+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

513

+		--template "${T}/${PF}.$$" || die

514

+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"

515

+

516

+	rm -f "${T}/${PF}.$$"

517

+

518

+	echo

519

+	einfo "Here is the documentation on how to encrypt your log traffic:"

520

+	einfo " https://www.rsyslog.com/doc/rsyslog_tls.html"

521

+}

1	commit: 8b015b19fbd222f02dadbb07429ce36d3a7f2e3c
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Sat Apr 24 16:16:35 2021 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Sat Apr 24 16:20:40 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b015b19
7
8	app-admin/rsyslog: bump to v8.2104.0
9
10	Package-Manager: Portage-3.0.18, Repoman-3.0.3
11	Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
12
13	app-admin/rsyslog/Manifest \| 2 +
14	app-admin/rsyslog/rsyslog-8.2104.0.ebuild \| 484 ++++++++++++++++++++++++++++++
15	2 files changed, 486 insertions(+)
16
17	diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest
18	index a3945098f2a..26b554105c0 100644
19	--- a/app-admin/rsyslog/Manifest
20	+++ b/app-admin/rsyslog/Manifest
21	@@ -2,7 +2,9 @@ DIST rsyslog-8.2008.0.tar.gz 3051049 BLAKE2B abf9b7ec81cf62841c448f22c7aff45bc85
22	DIST rsyslog-8.2010.0.tar.gz 3097606 BLAKE2B 06bfd54edc2126567ff9a460c272583d388a16a4db6f56603c8b9d2dd54bf4fe3b3b402eb4a9523b68e9d3a7602759fad57b35351d7cadab0b7f02771db5c40c SHA512 e3c8ed6b631053e38abfe8ce183a1544d04a0207dc988d36f5141a7ea8c987915f4c0429ccd094b7e374c277b7ee5b50e65e7205c156af01ffe9bdf8338831c8
23	DIST rsyslog-8.2012.0.tar.gz 3118101 BLAKE2B 26550c90ff5502c051c30996f7a1eabfdd9e5ce229dbb33f91ac40f9af5c2d2b15f9dd8a3b0a31b00b1b510d91fe5ce177ceab5fa2af416a9de9acc4e4b24f6a SHA512 d279295c8d399be140bd5c30786c6a32b2ddfd0d90ca4cd285aa33622c66ad9e3a5b979c8041f6e736670fef8f2cd5571980eef1b1395d4ab30a112f2dd1270d
24	DIST rsyslog-8.2102.0.tar.gz 3123684 BLAKE2B f5c4e00d68ec82ed3f7b89dd5e888bebda9c4eb38185dfd8ecd96c1bf77380385aaddac73ab1de8364e1239a3de746f160c18b0f135d006f473f9e40be2c18a1 SHA512 281b0e5d5cb548c39a6e514e5fd5b1bdbe8ca0bdd9234f4fea581ed7679f76d2d75b65d14c3c5e799f86f91600074ff75b467aa1ff27cdbec0f4197261c5aec0
25	+DIST rsyslog-8.2104.0.tar.gz 3175254 BLAKE2B ed772d4e460105b8406305574fdbe4aeca7ba57ba975b78f91d279460fee0faa767fcda3d2d8a4ba6d543bf9e920f9b7cf5ddf9e4d3ccfc9ae3b08c318a6c5b0 SHA512 15ded57f32259bb12b3378d10bc2d4d6eff39623f1195357dafa58e5c1154aedc0d60ff0746599707f380cf3bfc5ca955f15f1213572fa447cc333d479e0eefc
26	DIST rsyslog-doc-8.2008.0.tar.gz 8378149 BLAKE2B 0f6bc116a03821899d33c7960e517725487b89ea2aabc7f5d0fbd4962d82a06558737bcee67af02105006c670ec736eb5ba0b7811b25a1e627a99555121b2999 SHA512 5b8bed19017c65469eb8ea7725ef162595b30f520605f37447498ab69b5cfe8f939cee7e7915ecbf3c025871408fd7af6d45ba960a83096f83a397df4cefef09
27	DIST rsyslog-doc-8.2010.0.tar.gz 8428326 BLAKE2B ee8eb2bdbb1f6c7122559b63ddc1ae6ac7fbfb23d661410feb39d7ddce332851e785bb447fb67dd2de8ff62e91fe865fbf7dec8bf62d7fe51181e3c6bbbe64db SHA512 072fb05a0117dc0970a4e5e302abbaf5dc065c2a0962c4160e7efb86fedad89a2caa546cd2bf4af07b7f5e2fa5267cf02889d911f7a6916725e6aea1760ab253
28	DIST rsyslog-doc-8.2012.0.tar.gz 6417145 BLAKE2B d8377f40b0311e8e7dcca274c251c0de7706490e3048c8d69d479120e06ca1e0b3ec9fce0a04928984d440da3aef196965f8c1b45afe8931c893b4baa72f4e87 SHA512 5647f499230276066abced34c2ca352268ba24fbd00cb7b5e3d0a2494977dd6f781cf8d1e7c7a9210d23c451ff162acda81ee93afa3f8f08fd555123e9daeece
29	DIST rsyslog-doc-8.2102.0.tar.gz 6419104 BLAKE2B 134c7ccde6f7435b35840fa37f5774223ac1ebd7dc10db961900a7b1600483156518433c7f70d0981e96ea750e1916ab53e346abacf58066bf141e85c719ae00 SHA512 a5dc4fb9bd8892fac693c5692b926c8d7d9fa36667d6b4c6eccba750713af88d4317f6232efc2a16de38c2e58c4a8bc4d04c9ebb2e7ebc3b0878d53eef20dd2e
30	+DIST rsyslog-doc-8.2104.0.tar.gz 6451275 BLAKE2B cb8a38b28caec17babd190e463070b862071a75c4c63a7208e56f039f84ae7a5c6045112697c61635d328e56d9427f692e67a9d6fefc94b59ad28481210f1481 SHA512 6c898fa606190c5cf214822503f060b1692cd907731858736a395511b66d7b0d1cf6dfcc90c4cecbe21b099197ae2187db53d719f44f85f26a1bd34971539d36
31
32	diff --git a/app-admin/rsyslog/rsyslog-8.2104.0.ebuild b/app-admin/rsyslog/rsyslog-8.2104.0.ebuild
33	new file mode 100644
34	index 00000000000..4fd8716916c
35	--- /dev/null
36	+++ b/app-admin/rsyslog/rsyslog-8.2104.0.ebuild
37	@@ -0,0 +1,484 @@
38	+# Copyright 1999-2021 Gentoo Authors
39	+# Distributed under the terms of the GNU General Public License v2
40	+
41	+EAPI="7"
42	+PYTHON_COMPAT=( python3_{7..9} )
43	+
44	+inherit autotools linux-info python-any-r1 systemd
45	+
46	+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
47	+HOMEPAGE="https://www.rsyslog.com/"
48	+
49	+if [[ ${PV} == "9999" ]]; then
50	+ EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
51	+
52	+ DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
53	+
54	+ inherit git-r3
55	+else
56	+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"
57	+
58	+ SRC_URI="
59	+ https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
60	+ doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )
61	+ "
62	+fi
63	+
64	+LICENSE="GPL-3 LGPL-3 Apache-2.0"
65	+SLOT="0"
66	+
67	+IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp"
68	+IUSE+=" impcap jemalloc kafka kerberos kubernetes libressl mdblookup"
69	+IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl"
70	+IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl"
71	+IUSE+=" systemd test usertools +uuid xxhash zeromq"
72	+
73	+RESTRICT="!test? ( test )"
74	+
75	+REQUIRED_USE="
76	+ kubernetes? ( normalize )
77	+ ssl? ( \|\| ( gnutls openssl ) )
78	+"
79	+
80	+BDEPEND=">=sys-devel/autoconf-archive-2015.02.24
81	+ virtual/pkgconfig
82	+ elibc_musl? ( sys-libs/queue-standalone )
83	+ test? (
84	+ jemalloc? ( <sys-libs/libfaketime-0.9.7 )
85	+ !jemalloc? ( sys-libs/libfaketime )
86	+ ${PYTHON_DEPS}
87	+ )"
88	+
89	+RDEPEND="
90	+ >=dev-libs/libfastjson-0.99.8:=
91	+ >=dev-libs/libestr-0.1.9
92	+ >=sys-libs/zlib-1.2.5
93	+ curl? ( >=net-misc/curl-7.35.0 )
94	+ dbi? ( >=dev-db/libdbi-0.8.3 )
95	+ elasticsearch? ( >=net-misc/curl-7.35.0 )
96	+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
97	+ imhttp? ( www-servers/civetweb )
98	+ impcap? ( net-libs/libpcap )
99	+ jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
100	+ kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
101	+ kerberos? ( virtual/krb5 )
102	+ kubernetes? ( >=net-misc/curl-7.35.0 )
103	+ mdblookup? ( dev-libs/libmaxminddb:= )
104	+ mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= )
105	+ mysql? ( dev-db/mysql-connector-c:= )
106	+ normalize? (
107	+ >=dev-libs/liblognorm-2.0.3:=
108	+ )
109	+ clickhouse? ( >=net-misc/curl-7.35.0 )
110	+ omhttpfs? ( >=net-misc/curl-7.35.0 )
111	+ omudpspoof? ( >=net-libs/libnet-1.1.6 )
112	+ postgres? ( >=dev-db/postgresql-8.4.20:= )
113	+ rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
114	+ redis? ( >=dev-libs/hiredis-0.11.0:= )
115	+ relp? ( >=dev-libs/librelp-1.2.17:= )
116	+ rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
117	+ rfc5424hmac? (
118	+ !libressl? ( >=dev-libs/openssl-0.9.8y:0= )
119	+ libressl? ( dev-libs/libressl:= )
120	+ )
121	+ snmp? ( >=net-analyzer/net-snmp-5.7.2 )
122	+ ssl? (
123	+ gnutls? ( >=net-libs/gnutls-2.12.23:0= )
124	+ openssl? (
125	+ !libressl? ( dev-libs/openssl:0= )
126	+ libressl? ( dev-libs/libressl:0= )
127	+ )
128	+ )
129	+ systemd? ( >=sys-apps/systemd-234 )
130	+ uuid? ( sys-apps/util-linux:0= )
131	+ xxhash? ( dev-libs/xxhash:= )
132	+ zeromq? (
133	+ >=net-libs/czmq-4:=[drafts]
134	+ )"
135	+DEPEND="${RDEPEND}
136	+ test? (
137	+ >=dev-libs/liblogging-1.0.1[stdlog]
138	+ )"
139	+
140	+if [[ ${PV} == "9999" ]]; then
141	+ BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
142	+ BDEPEND+=" >=sys-devel/flex-2.5.39-r1"
143	+ BDEPEND+=" >=sys-devel/bison-2.4.3"
144	+ BDEPEND+=" >=dev-python/docutils-0.12"
145	+fi
146	+
147	+CONFIG_CHECK="~INOTIFY_USER"
148	+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
149	+
150	+pkg_setup() {
151	+ use test && python-any-r1_pkg_setup
152	+}
153	+
154	+src_unpack() {
155	+ if [[ ${PV} == "9999" ]]; then
156	+ git-r3_fetch
157	+ git-r3_checkout
158	+ else
159	+ unpack ${P}.tar.gz
160	+ fi
161	+
162	+ if use doc; then
163	+ if [[ ${PV} == "9999" ]]; then
164	+ local _EGIT_BRANCH=
165	+ if [[ -n "${EGIT_BRANCH}" ]]; then
166	+ # Cannot use rsyslog commits/branches for documentation repository
167	+ _EGIT_BRANCH=${EGIT_BRANCH}
168	+ unset EGIT_BRANCH
169	+ fi
170	+
171	+ git-r3_fetch "${DOC_REPO_URI}"
172	+ git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
173	+
174	+ if [[ -n "${_EGIT_BRANCH}" ]]; then
175	+ # Restore previous EGIT_BRANCH information
176	+ EGIT_BRANCH=${_EGIT_BRANCH}
177	+ fi
178	+ else
179	+ cd "${S}" \|\| die "Cannot change dir into '${S}'"
180	+ mkdir docs \|\| die "Failed to create docs directory"
181	+ cd docs \|\| die "Failed to change dir into '${S}/docs'"
182	+ unpack ${PN}-doc-${PV}.tar.gz
183	+ fi
184	+ fi
185	+}
186	+
187	+src_prepare() {
188	+ default
189	+
190	+ # https://github.com/rsyslog/rsyslog/issues/3626
191	+ sed -i \
192	+ -e '\\|^#!/bin/bash$\|a exit 77' \
193	+ tests/mmkubernetes-cache-expir*.sh \
194	+ \|\| die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh"
195	+
196	+ eautoreconf
197	+}
198	+
199	+src_configure() {
200	+ # Maintainer notes:
201	+ # * Guardtime support is missing because libgt isn't yet available
202	+ # in portage.
203	+ # * Hadoop's HDFS file system output module is currently not
204	+ # supported in Gentoo because nobody is able to test it
205	+ # (JAVA dependency).
206	+ # * dev-libs/hiredis doesn't provide pkg-config (see #504614,
207	+ # upstream PR 129 and 136) so we need to export HIREDIS_*
208	+ # variables because rsyslog's build system depends on pkg-config.
209	+
210	+ if use redis; then
211	+ export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
212	+ export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
213	+ fi
214	+
215	+ local myeconfargs=(
216	+ --disable-debug-symbols
217	+ --disable-generate-man-pages
218	+ --without-valgrind-testbench
219	+ --disable-liblogging-stdlog
220	+ $(use_enable test testbench)
221	+ $(use_enable test libfaketime)
222	+ $(use_enable test extended-tests)
223	+ # Input Plugins without dependencies
224	+ --enable-imbatchreport
225	+ --enable-imdiag
226	+ --enable-imfile
227	+ --enable-improg
228	+ --enable-impstats
229	+ --enable-imptcp
230	+ # Message Modificiation Plugins without dependencies
231	+ --enable-mmanon
232	+ --enable-mmaudit
233	+ --enable-mmcount
234	+ --enable-mmfields
235	+ --enable-mmjsonparse
236	+ --enable-mmpstrucdata
237	+ --enable-mmrm1stspace
238	+ --enable-mmsequence
239	+ --enable-mmtaghostname
240	+ --enable-mmutf8fix
241	+ # Output Modification Plugins without dependencies
242	+ --enable-mail
243	+ --enable-omprog
244	+ --enable-omruleset
245	+ --enable-omstdout
246	+ --enable-omuxsock
247	+ # Misc
248	+ --enable-fmhash
249	+ $(use_enable xxhash fmhash-xxhash)
250	+ --enable-pmaixforwardedfrom
251	+ --enable-pmciscoios
252	+ --enable-pmcisconames
253	+ --enable-pmdb2diag
254	+ --enable-pmlastmsg
255	+ $(use_enable normalize pmnormalize)
256	+ --enable-pmnull
257	+ --enable-pmpanngfw
258	+ --enable-pmsnare
259	+ # DB
260	+ $(use_enable dbi libdbi)
261	+ $(use_enable mongodb ommongodb)
262	+ $(use_enable mysql)
263	+ $(use_enable postgres pgsql)
264	+ $(use_enable redis imhiredis)
265	+ $(use_enable redis omhiredis)
266	+ # Debug
267	+ $(use_enable debug)
268	+ $(use_enable debug diagtools)
269	+ $(use_enable debug valgrind)
270	+ # Misc
271	+ $(use_enable clickhouse)
272	+ $(use_enable curl fmhttp)
273	+ $(use_enable elasticsearch)
274	+ $(use_enable gcrypt libgcrypt)
275	+ $(use_enable imhttp)
276	+ $(use_enable impcap)
277	+ $(use_enable jemalloc)
278	+ $(use_enable kafka imkafka)
279	+ $(use_enable kafka omkafka)
280	+ $(use_enable kerberos gssapi-krb5)
281	+ $(use_enable kubernetes mmkubernetes)
282	+ $(use_enable normalize mmnormalize)
283	+ $(use_enable mdblookup mmdblookup)
284	+ $(use_enable omhttp)
285	+ $(use_enable omhttpfs)
286	+ $(use_enable omudpspoof)
287	+ $(use_enable rabbitmq omrabbitmq)
288	+ $(use_enable relp)
289	+ $(use_enable rfc3195)
290	+ $(use_enable rfc5424hmac mmrfc5424addhmac)
291	+ $(use_enable snmp)
292	+ $(use_enable snmp mmsnmptrapd)
293	+ $(use_enable gnutls)
294	+ $(use_enable openssl)
295	+ $(use_enable systemd imjournal)
296	+ $(use_enable systemd omjournal)
297	+ $(use_enable usertools)
298	+ $(use_enable uuid)
299	+ $(use_enable zeromq imczmq)
300	+ $(use_enable zeromq omczmq)
301	+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
302	+ )
303	+
304	+ econf "${myeconfargs[@]}"
305	+}
306	+
307	+src_compile() {
308	+ default
309	+
310	+ if use doc && [[ "${PV}" == "9999" ]]; then
311	+ einfo "Building documentation ..."
312	+ local doc_dir="${S}/docs"
313	+ cd "${doc_dir}" \|\| die "Cannot chdir into \"${doc_dir}\"!"
314	+ sphinx-build -b html source build \|\| die "Building documentation failed!"
315	+ fi
316	+}
317	+
318	+src_test() {
319	+ local _has_increased_ulimit=
320	+
321	+ # Sometimes tests aren't executable (i.e. when added via patch)
322	+ einfo "Adjusting permissions of test scripts ..."
323	+ find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; \|\| \
324	+ die "Failed to adjust test scripts permission"
325	+
326	+ if ulimit -n 3072; then
327	+ _has_increased_ulimit="true"
328	+ fi
329	+
330	+ if ! emake --jobs 1 check; then
331	+ eerror "Test suite failed! :("
332	+
333	+ if [[ -z "${_has_increased_ulimit}" ]]; then
334	+ eerror "Probably because open file limit couldn't be set to 3072."
335	+ fi
336	+
337	+ if has userpriv ${FEATURES}; then
338	+ eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
339	+ "before you submit a bug report."
340	+ fi
341	+
342	+ fi
343	+}
344	+
345	+src_install() {
346	+ local DOCS=(
347	+ AUTHORS
348	+ ChangeLog
349	+ "${FILESDIR}"/README.gentoo
350	+ )
351	+
352	+ use doc && local HTML_DOCS=( "${S}/docs/build/." )
353	+
354	+ default
355	+
356	+ newconfd "${FILESDIR}/${PN}.confd-r1" ${PN}
357	+ newinitd "${FILESDIR}/${PN}.initd-r1" ${PN}
358	+
359	+ systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service
360	+
361	+ keepdir /var/empty/dev
362	+ keepdir /var/spool/${PN}
363	+ keepdir /etc/ssl/${PN}
364	+ keepdir /etc/${PN}.d
365	+
366	+ insinto /etc
367	+ newins "${FILESDIR}/${PN}.conf" ${PN}.conf
368	+
369	+ insinto /etc/rsyslog.d/
370	+ newins "${FILESDIR}/50-default-r1.conf" 50-default.conf
371	+
372	+ insinto /etc/logrotate.d/
373	+ newins "${FILESDIR}/${PN}-r1.logrotate" ${PN}
374	+
375	+ if use mysql; then
376	+ insinto /usr/share/${PN}/scripts/mysql
377	+ doins plugins/ommysql/createDB.sql
378	+ fi
379	+
380	+ if use postgres; then
381	+ insinto /usr/share/${PN}/scripts/pgsql
382	+ doins plugins/ompgsql/createDB.sql
383	+ fi
384	+
385	+ find "${ED}" -name '*.la' -delete \|\| die
386	+}
387	+
388	+pkg_postinst() {
389	+ local advertise_readme=0
390	+
391	+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
392	+ # This is a new installation
393	+
394	+ advertise_readme=1
395	+
396	+ if use mysql \|\| use postgres; then
397	+ echo
398	+ elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
399	+ elog " /usr/share/doc/${PF}/scripts"
400	+ fi
401	+
402	+ if use ssl; then
403	+ echo
404	+ elog "To create a default CA and certificates for your server and clients, run:"
405	+ elog " emerge --config =${PF}"
406	+ elog "on your logging server. You can run it several times,"
407	+ elog "once for each logging client. The client certificates will be signed"
408	+ elog "using the CA certificate generated during the first run."
409	+ fi
410	+ fi
411	+
412	+ if [[ ${advertise_readme} -gt 0 ]]; then
413	+ # We need to show the README file location
414	+
415	+ echo ""
416	+ elog "Please read"
417	+ elog ""
418	+ elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
419	+ elog ""
420	+ elog "for more details."
421	+ fi
422	+}
423	+
424	+pkg_config() {
425	+ if ! use ssl; then
426	+ einfo "There is nothing to configure for rsyslog unless you"
427	+ einfo "used USE=ssl to build it."
428	+ return 0
429	+ fi
430	+
431	+ if ! hash certtool &>/dev/null; then
432	+ die "certtool not found! Is net-libs/gnutls[tools] is installed?"
433	+ fi
434	+
435	+ # Make sure the certificates directory exists
436	+ local CERTDIR="${EROOT}/etc/ssl/${PN}"
437	+ if [[ ! -d "${CERTDIR}" ]]; then
438	+ mkdir "${CERTDIR}" \|\| die
439	+ fi
440	+ einfo "Your certificates will be stored in ${CERTDIR}"
441	+
442	+ # Create a default CA if needed
443	+ if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
444	+ einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
445	+ certtool --generate-privkey \
446	+ --outfile "${CERTDIR}/${PN}_ca.privkey.pem" \|\| die
447	+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
448	+
449	+ cat > "${T}/${PF}.$$" <<- _EOF
450	+ cn = Portage automated CA
451	+ ca
452	+ cert_signing_key
453	+ expiration_days = 3650
454	+ _EOF
455	+
456	+ certtool --generate-self-signed \
457	+ --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
458	+ --outfile "${CERTDIR}/${PN}_ca.cert.pem" \
459	+ --template "${T}/${PF}.$$" \|\| die
460	+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
461	+
462	+ # Create the server certificate
463	+ echo
464	+ einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
465	+ read -r CN
466	+
467	+ einfo "Creating private key and certificate for server ${CN}..."
468	+ certtool --generate-privkey \
469	+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" \|\| die
470	+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
471	+
472	+ cat > "${T}/${PF}.$$" <<- _EOF
473	+ cn = ${CN}
474	+ tls_www_server
475	+ dns_name = ${CN}
476	+ expiration_days = 3650
477	+ _EOF
478	+
479	+ certtool --generate-certificate \
480	+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
481	+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
482	+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
483	+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
484	+ --template "${T}/${PF}.$$" &>/dev/null
485	+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
486	+
487	+ else
488	+ einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
489	+ fi
490	+
491	+ # Create a client certificate
492	+ echo
493	+ einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
494	+ read -r CN
495	+
496	+ einfo "Creating private key and certificate for client ${CN}..."
497	+ certtool --generate-privkey \
498	+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" \|\| die
499	+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
500	+
501	+ cat > "${T}/${PF}.$$" <<- _EOF
502	+ cn = ${CN}
503	+ tls_www_client
504	+ dns_name = ${CN}
505	+ expiration_days = 3650
506	+ _EOF
507	+
508	+ certtool --generate-certificate \
509	+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
510	+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
511	+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
512	+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
513	+ --template "${T}/${PF}.$$" \|\| die
514	+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
515	+
516	+ rm -f "${T}/${PF}.$$"
517	+
518	+ echo
519	+ einfo "Here is the documentation on how to encrypt your log traffic:"
520	+ einfo " https://www.rsyslog.com/doc/rsyslog_tls.html"
521	+}

Gentoo Archives: gentoo-commits