[gentoo-commits] gentoo-x86 commit in app-admin/rsyslog: ChangeLog rsyslog-8.4.2.ebuild - gentoo-commits

From:	"Lars Wendler (polynomial-c)" <polynomial-c@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in app-admin/rsyslog: ChangeLog rsyslog-8.4.2.ebuild
Date:	Thu, 02 Oct 2014 15:03:27
Message-Id:	`20141002150324.15C486C5A@oystercatcher.gentoo.org`

1

polynomial-c    14/10/02 15:03:24

2

3

  Modified:             ChangeLog

4

  Added:                rsyslog-8.4.2.ebuild

5

  Log:

6

  Security bump (bug 524290). Remote syslog PRI vulnerability (CVE-2014-3683)

7

8

  (Portage version: 2.2.14_rc1/cvs/Linux x86_64, signed Manifest commit with key 0x981CA6FC)

9

10

Revision  Changes    Path

11

1.122                app-admin/rsyslog/ChangeLog

12

13

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/ChangeLog?rev=1.122&view=markup

14

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/ChangeLog?rev=1.122&content-type=text/plain

15

diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/ChangeLog?r1=1.121&r2=1.122

16

17

Index: ChangeLog

18

===================================================================

19

RCS file: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v

20

retrieving revision 1.121

21

retrieving revision 1.122

22

diff -u -r1.121 -r1.122

23

--- ChangeLog	1 Oct 2014 10:58:52 -0000	1.121

24

+++ ChangeLog	2 Oct 2014 15:03:24 -0000	1.122

25

@@ -1,6 +1,12 @@

26

 # ChangeLog for app-admin/rsyslog

27

 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2

28

-# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v 1.121 2014/10/01 10:58:52 jer Exp $

29

+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v 1.122 2014/10/02 15:03:24 polynomial-c Exp $

30

+

31

+*rsyslog-8.4.2 (02 Oct 2014)

32

+

33

+  02 Oct 2014; Lars Wendler <polynomial-c@g.o> +rsyslog-8.4.2.ebuild,

34

+  +files/8-stable/10-respect_CFLAGS.patch:

35

+  Security bump (bug 524290). Remote syslog PRI vulnerability (CVE-2014-3683).

36

37

   01 Oct 2014; Jeroen Roovers <jer@g.o> rsyslog-8.4.1.ebuild:

38

   Stable for HPPA (bug #524058).

1.1                  app-admin/rsyslog/rsyslog-8.4.2.ebuild

43

44

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/rsyslog-8.4.2.ebuild?rev=1.1&view=markup

45

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/rsyslog-8.4.2.ebuild?rev=1.1&content-type=text/plain

46

47

Index: rsyslog-8.4.2.ebuild

48

===================================================================

49

# Copyright 1999-2014 Gentoo Foundation

50

# Distributed under the terms of the GNU General Public License v2

51

# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/rsyslog-8.4.2.ebuild,v 1.1 2014/10/02 15:03:24 polynomial-c Exp $

52

53

EAPI=5

54

AUTOTOOLS_AUTORECONF=1

55

56

inherit autotools-utils eutils systemd

57

58

DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"

59

HOMEPAGE="http://www.rsyslog.com/"

60

SRC_URI="

61

	http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz

62

	doc? ( http://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )

63

"

64

65

LICENSE="GPL-3 LGPL-3 Apache-2.0"

66

KEYWORDS="~amd64 ~arm ~hppa ~x86"

67

SLOT="0"

68

IUSE="dbi debug doc elasticsearch +gcrypt jemalloc kerberos mongodb mysql normalize omudpspoof oracle postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd usertools zeromq"

69

70

RDEPEND="

71

	>=dev-libs/json-c-0.11:=

72

	>=dev-libs/libestr-0.1.9

73

	>=dev-libs/liblogging-1.0.1:=[stdlog]

74

	>=sys-libs/zlib-1.2.5

75

	dbi? ( >=dev-db/libdbi-0.8.3 )

76

	elasticsearch? ( >=net-misc/curl-7.35.0 )

77

	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )

78

	jemalloc? ( >=dev-libs/jemalloc-3.3.1 )

79

	kerberos? ( virtual/krb5 )

80

	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )

81

	mysql? ( virtual/mysql )

82

	normalize? (

83

		>=dev-libs/libee-0.4.0

84

		>=dev-libs/liblognorm-1.0.0:=

85

)

86

	omudpspoof? ( >=net-libs/libnet-1.1.6 )

87

	oracle? ( >=dev-db/oracle-instantclient-basic-10.2 )

88

	postgres? ( >=dev-db/postgresql-base-8.4.20 )

89

	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0 )

90

	redis? ( >=dev-libs/hiredis-0.11.0 )

91

	relp? ( >=dev-libs/librelp-1.2.5 )

92

	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )

93

	rfc5424hmac? ( >=dev-libs/openssl-0.9.8y )

94

	snmp? ( >=net-analyzer/net-snmp-5.7.2 )

95

	ssl? ( >=net-libs/gnutls-2.12.23 )

96

	systemd? ( >=sys-apps/systemd-208 )

97

	zeromq? ( >=net-libs/czmq-1.2.0 )"

98

DEPEND="${RDEPEND}

99

	virtual/pkgconfig"

100

101

BRANCH="8-stable"

102

103

# Test suite requires a special setup or will always fail

104

RESTRICT="test"

105

106

# Maitainer note : open a bug to upstream

107

# showing that building in a separate dir fails

108

AUTOTOOLS_IN_SOURCE_BUILD=1

109

110

AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules"

111

112

DOCS=(

113

	AUTHORS

114

	ChangeLog

115

	"${FILESDIR}"/${BRANCH}/README.gentoo

116

)

117

118

PATCHES=( "${FILESDIR}"/${BRANCH}/10-respect_CFLAGS.patch )

119

120

src_unpack() {

121

	unpack ${P}.tar.gz

122

123

	if use doc; then

124

		local doc_tarball="${PN}-doc-${PV}.tar.gz"

125

126

		cd "${S}" || die "Cannot change dir into '$S'"

127

		mkdir docs || die "Failed to create docs directory"

128

		cd docs || die "Failed to change dir into '${S}/docs'"

129

		unpack ${doc_tarball}

130

fi

131

}

132

133

src_configure() {

134

	# Maintainer notes:

135

	# * Guardtime support is missing because libgt isn't yet available

136

	#   in portage.

137

	# * Hadoop's HDFS file system output module is currently not

138

	#   supported in Gentoo because nobody is able to test it

139

	#   (JAVA dependency).

140

	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,

141

	#   upstream PR 129 and 136) so we need to export HIREDIS_*

142

	#   variables because rsyslog's build system depends on pkg-config.

143

144

	if use redis; then

145

		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"

146

		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"

147

fi

148

149

	local myeconfargs=(

150

		--disable-generate-man-pages

151

		# Input Plugins without depedencies

152

		--enable-imfile

153

		--enable-impstats

154

		--enable-imptcp

155

		--enable-imttcp

156

		# Message Modificiation Plugins without depedencies

157

		--enable-mmanon

158

		--enable-mmaudit

159

		--enable-mmfields

160

		--enable-mmjsonparse

161

		--enable-mmpstrucdata

162

		--enable-mmsequence

163

		--enable-mmutf8fix

164

		# Output Modification Plugins without dependencies

165

		--enable-mail

166

		--enable-omprog

167

		--enable-omruleset

168

		--enable-omstdout

169

		--enable-omuxsock

170

		# Misc

171

		--enable-pmaixforwardedfrom

172

		--enable-pmciscoios

173

		--enable-pmcisconames

174

		--enable-pmlastmsg

175

		--enable-pmrfc3164sd

176

		--enable-pmsnare

177

		# DB

178

		$(use_enable dbi libdbi)

179

		$(use_enable mongodb ommongodb)

180

		$(use_enable mysql)

181

		$(use_enable oracle)

182

		$(use_enable postgres pgsql)

183

		$(use_enable redis omhiredis)

184

		# Debug

185

		$(use_enable debug)

186

		$(use_enable debug diagtools)

187

		$(use_enable debug imdiag)

188

		$(use_enable debug memcheck)

189

		$(use_enable debug rtinst)

190

		$(use_enable debug valgrind)

191

		# Misc

192

		$(use_enable elasticsearch)

193

		$(use_enable gcrypt libgcrypt)

194

		$(use_enable jemalloc)

195

		$(use_enable kerberos gssapi-krb5)

196

		$(use_enable normalize mmnormalize)

197

		$(use_enable omudpspoof)

198

		$(use_enable rabbitmq omrabbitmq)

199

		$(use_enable relp)

200

		$(use_enable rfc3195)

201

		$(use_enable rfc5424hmac mmrfc5424addhmac)

202

		$(use_enable snmp)

203

		$(use_enable snmp mmsnmptrapd)

204

		$(use_enable ssl gnutls)

205

		$(use_enable systemd imjournal)

206

		$(use_enable systemd omjournal)

207

		$(use_enable usertools)

208

		$(use_enable zeromq imzmq3)

209

		$(use_enable zeromq omzmq3)

210

		"$(systemd_with_unitdir)"

211

)

212

213

	autotools-utils_src_configure

214

}

215

216

src_install() {

217

	use doc && HTML_DOCS=( "${S}/docs/build/" )

218

	autotools-utils_src_install

219

220

	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd" ${PN}

221

	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd" ${PN}

222

223

	keepdir /var/empty/dev

224

	keepdir /var/spool/${PN}

225

	keepdir /etc/ssl/${PN}

226

	keepdir /etc/${PN}.d

227

228

	insinto /etc

229

	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf

230

231

	insinto /etc/rsyslog.d/

232

	doins "${FILESDIR}/${BRANCH}/50-default.conf"

233

234

	insinto /etc/logrotate.d/

235

	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}

236

237

	if use mysql; then

238

		insinto /usr/share/doc/${PF}/scripts/mysql

239

		doins plugins/ommysql/{createDB.sql,contrib/delete_mysql}

240

fi

241

242

	if use postgres; then

243

		insinto /usr/share/doc/${PF}/scripts/pgsql

244

		doins plugins/ompgsql/createDB.sql

245

fi

246

}

247

248

pkg_postinst() {

249

	local advertise_readme=0

250

251

	if [[ -z "${REPLACING_VERSIONS}" ]]; then

252

		# This is a new installation

253

254

		advertise_readme=1

255

256

		if use mysql || use postgres; then

257

			echo

258

			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"

259

			elog "  /usr/share/doc/${PF}/scripts"

260

fi

261

262

		if use ssl; then

263

			echo

264

			elog "To create a default CA and certificates for your server and clients, run:"

265

			elog "  emerge --config =${PF}"

266

			elog "on your logging server. You can run it several times,"

267

			elog "once for each logging client. The client certificates will be signed"

268

			elog "using the CA certificate generated during the first run."

269

fi

270

fi

271

272

	if [[ -z "${REPLACING_VERSIONS}" ]] || [[ ${REPLACING_VERSIONS} < 8.0 ]]; then

273

		# Show this message until rsyslog-8.x

274

		echo

275

		elog "Since ${PN}-7.6.3 we no longer use the catch-all log target"

276

		elog "\"/var/log/syslog\" due to its redundancy to the other log targets."

277

278

		advertise_readme=1

279

fi

280

281

	if [[ ${advertise_readme} -gt 0 ]]; then

282

		# We need to show the README file location

283

284

		echo ""

285

		elog "Please read"

286

		elog ""

287

		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"

288

		elog ""

289

		elog "for more details."

290

fi

291

}

292

293

pkg_config() {

294

	if ! use ssl ; then

295

		einfo "There is nothing to configure for rsyslog unless you"

296

		einfo "used USE=ssl to build it."

297

		return 0

298

fi

299

300

	# Make sure the certificates directory exists

301

	CERTDIR="${EROOT}/etc/ssl/${PN}"

302

	if [ ! -d "${CERTDIR}" ]; then

303

		mkdir "${CERTDIR}" || die

304

fi

305

	einfo "Your certificates will be stored in ${CERTDIR}"

306

307

	# Create a default CA if needed

308

	if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then

309

		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."

310

		certtool --generate-privkey \

311

			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null

312

		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"

313

314

		cat > "${T}/${PF}.$$" <<- _EOF

315

		cn = Portage automated CA

316

ca

317

		cert_signing_key

318

		expiration_days = 3650

319

		_EOF

320

321

		certtool --generate-self-signed \

322

			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

323

			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \

324

			--template "${T}/${PF}.$$" &>/dev/null

325

		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"

326

327

		# Create the server certificate

328

		echo

329

		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "

330

		read -r CN

331

332

		einfo "Creating private key and certificate for server ${CN}..."

333

		certtool --generate-privkey \

334

			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null

335

		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"

336

337

		cat > "${T}/${PF}.$$" <<- _EOF

338

		cn = ${CN}

339

		tls_www_server

340

		dns_name = ${CN}

341

		expiration_days = 3650

342

		_EOF

343

344

		certtool --generate-certificate \

345

			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \

346

			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \

347

			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \

348

			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

349

			--template "${T}/${PF}.$$" &>/dev/null

350

		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"

351

352

	else

353

		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."

354

fi

355

356

	# Create a client certificate

357

	echo

358

	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "

359

	read -r CN

360

361

	einfo "Creating private key and certificate for client ${CN}..."

362

	certtool --generate-privkey \

363

		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null

364

	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"

365

366

	cat > "${T}/${PF}.$$" <<- _EOF

367

	cn = ${CN}

368

	tls_www_client

369

	dns_name = ${CN}

370

	expiration_days = 3650

371

	_EOF

372

373

	certtool --generate-certificate \

374

		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \

375

		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \

376

		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \

377

		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \

378

		--template "${T}/${PF}.$$" &>/dev/null

379

	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"

380

381

	rm -f "${T}/${PF}.$$"

382

383

	echo

384

	einfo "Here is the documentation on how to encrypt your log traffic:"

385

	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"

386

}

1	polynomial-c 14/10/02 15:03:24
2
3	Modified: ChangeLog
4	Added: rsyslog-8.4.2.ebuild
5	Log:
6	Security bump (bug 524290). Remote syslog PRI vulnerability (CVE-2014-3683)
7
8	(Portage version: 2.2.14_rc1/cvs/Linux x86_64, signed Manifest commit with key 0x981CA6FC)
9
10	Revision Changes Path
11	1.122 app-admin/rsyslog/ChangeLog
12
13	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/ChangeLog?rev=1.122&view=markup
14	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/ChangeLog?rev=1.122&content-type=text/plain
15	diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/ChangeLog?r1=1.121&r2=1.122
16
17	Index: ChangeLog
18	===================================================================
19	RCS file: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v
20	retrieving revision 1.121
21	retrieving revision 1.122
22	diff -u -r1.121 -r1.122
23	--- ChangeLog 1 Oct 2014 10:58:52 -0000 1.121
24	+++ ChangeLog 2 Oct 2014 15:03:24 -0000 1.122
25	@@ -1,6 +1,12 @@
26	# ChangeLog for app-admin/rsyslog
27	# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
28	-# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v 1.121 2014/10/01 10:58:52 jer Exp $
29	+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/ChangeLog,v 1.122 2014/10/02 15:03:24 polynomial-c Exp $
30	+
31	+*rsyslog-8.4.2 (02 Oct 2014)
32	+
33	+ 02 Oct 2014; Lars Wendler <polynomial-c@g.o> +rsyslog-8.4.2.ebuild,
34	+ +files/8-stable/10-respect_CFLAGS.patch:
35	+ Security bump (bug 524290). Remote syslog PRI vulnerability (CVE-2014-3683).
36
37	01 Oct 2014; Jeroen Roovers <jer@g.o> rsyslog-8.4.1.ebuild:
38	Stable for HPPA (bug #524058).
39
40
41
42	1.1 app-admin/rsyslog/rsyslog-8.4.2.ebuild
43
44	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/rsyslog-8.4.2.ebuild?rev=1.1&view=markup
45	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/rsyslog/rsyslog-8.4.2.ebuild?rev=1.1&content-type=text/plain
46
47	Index: rsyslog-8.4.2.ebuild
48	===================================================================
49	# Copyright 1999-2014 Gentoo Foundation
50	# Distributed under the terms of the GNU General Public License v2
51	# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/rsyslog-8.4.2.ebuild,v 1.1 2014/10/02 15:03:24 polynomial-c Exp $
52
53	EAPI=5
54	AUTOTOOLS_AUTORECONF=1
55
56	inherit autotools-utils eutils systemd
57
58	DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
59	HOMEPAGE="http://www.rsyslog.com/"
60	SRC_URI="
61	http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
62	doc? ( http://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )
63	"
64
65	LICENSE="GPL-3 LGPL-3 Apache-2.0"
66	KEYWORDS="~amd64 ~arm ~hppa ~x86"
67	SLOT="0"
68	IUSE="dbi debug doc elasticsearch +gcrypt jemalloc kerberos mongodb mysql normalize omudpspoof oracle postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd usertools zeromq"
69
70	RDEPEND="
71	>=dev-libs/json-c-0.11:=
72	>=dev-libs/libestr-0.1.9
73	>=dev-libs/liblogging-1.0.1:=[stdlog]
74	>=sys-libs/zlib-1.2.5
75	dbi? ( >=dev-db/libdbi-0.8.3 )
76	elasticsearch? ( >=net-misc/curl-7.35.0 )
77	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
78	jemalloc? ( >=dev-libs/jemalloc-3.3.1 )
79	kerberos? ( virtual/krb5 )
80	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
81	mysql? ( virtual/mysql )
82	normalize? (
83	>=dev-libs/libee-0.4.0
84	>=dev-libs/liblognorm-1.0.0:=
85	)
86	omudpspoof? ( >=net-libs/libnet-1.1.6 )
87	oracle? ( >=dev-db/oracle-instantclient-basic-10.2 )
88	postgres? ( >=dev-db/postgresql-base-8.4.20 )
89	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0 )
90	redis? ( >=dev-libs/hiredis-0.11.0 )
91	relp? ( >=dev-libs/librelp-1.2.5 )
92	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
93	rfc5424hmac? ( >=dev-libs/openssl-0.9.8y )
94	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
95	ssl? ( >=net-libs/gnutls-2.12.23 )
96	systemd? ( >=sys-apps/systemd-208 )
97	zeromq? ( >=net-libs/czmq-1.2.0 )"
98	DEPEND="${RDEPEND}
99	virtual/pkgconfig"
100
101	BRANCH="8-stable"
102
103	# Test suite requires a special setup or will always fail
104	RESTRICT="test"
105
106	# Maitainer note : open a bug to upstream
107	# showing that building in a separate dir fails
108	AUTOTOOLS_IN_SOURCE_BUILD=1
109
110	AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules"
111
112	DOCS=(
113	AUTHORS
114	ChangeLog
115	"${FILESDIR}"/${BRANCH}/README.gentoo
116	)
117
118	PATCHES=( "${FILESDIR}"/${BRANCH}/10-respect_CFLAGS.patch )
119
120	src_unpack() {
121	unpack ${P}.tar.gz
122
123	if use doc; then
124	local doc_tarball="${PN}-doc-${PV}.tar.gz"
125
126	cd "${S}" \|\| die "Cannot change dir into '$S'"
127	mkdir docs \|\| die "Failed to create docs directory"
128	cd docs \|\| die "Failed to change dir into '${S}/docs'"
129	unpack ${doc_tarball}
130	fi
131	}
132
133	src_configure() {
134	# Maintainer notes:
135	# * Guardtime support is missing because libgt isn't yet available
136	# in portage.
137	# * Hadoop's HDFS file system output module is currently not
138	# supported in Gentoo because nobody is able to test it
139	# (JAVA dependency).
140	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
141	# upstream PR 129 and 136) so we need to export HIREDIS_*
142	# variables because rsyslog's build system depends on pkg-config.
143
144	if use redis; then
145	export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
146	export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
147	fi
148
149	local myeconfargs=(
150	--disable-generate-man-pages
151	# Input Plugins without depedencies
152	--enable-imfile
153	--enable-impstats
154	--enable-imptcp
155	--enable-imttcp
156	# Message Modificiation Plugins without depedencies
157	--enable-mmanon
158	--enable-mmaudit
159	--enable-mmfields
160	--enable-mmjsonparse
161	--enable-mmpstrucdata
162	--enable-mmsequence
163	--enable-mmutf8fix
164	# Output Modification Plugins without dependencies
165	--enable-mail
166	--enable-omprog
167	--enable-omruleset
168	--enable-omstdout
169	--enable-omuxsock
170	# Misc
171	--enable-pmaixforwardedfrom
172	--enable-pmciscoios
173	--enable-pmcisconames
174	--enable-pmlastmsg
175	--enable-pmrfc3164sd
176	--enable-pmsnare
177	# DB
178	$(use_enable dbi libdbi)
179	$(use_enable mongodb ommongodb)
180	$(use_enable mysql)
181	$(use_enable oracle)
182	$(use_enable postgres pgsql)
183	$(use_enable redis omhiredis)
184	# Debug
185	$(use_enable debug)
186	$(use_enable debug diagtools)
187	$(use_enable debug imdiag)
188	$(use_enable debug memcheck)
189	$(use_enable debug rtinst)
190	$(use_enable debug valgrind)
191	# Misc
192	$(use_enable elasticsearch)
193	$(use_enable gcrypt libgcrypt)
194	$(use_enable jemalloc)
195	$(use_enable kerberos gssapi-krb5)
196	$(use_enable normalize mmnormalize)
197	$(use_enable omudpspoof)
198	$(use_enable rabbitmq omrabbitmq)
199	$(use_enable relp)
200	$(use_enable rfc3195)
201	$(use_enable rfc5424hmac mmrfc5424addhmac)
202	$(use_enable snmp)
203	$(use_enable snmp mmsnmptrapd)
204	$(use_enable ssl gnutls)
205	$(use_enable systemd imjournal)
206	$(use_enable systemd omjournal)
207	$(use_enable usertools)
208	$(use_enable zeromq imzmq3)
209	$(use_enable zeromq omzmq3)
210	"$(systemd_with_unitdir)"
211	)
212
213	autotools-utils_src_configure
214	}
215
216	src_install() {
217	use doc && HTML_DOCS=( "${S}/docs/build/" )
218	autotools-utils_src_install
219
220	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd" ${PN}
221	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd" ${PN}
222
223	keepdir /var/empty/dev
224	keepdir /var/spool/${PN}
225	keepdir /etc/ssl/${PN}
226	keepdir /etc/${PN}.d
227
228	insinto /etc
229	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
230
231	insinto /etc/rsyslog.d/
232	doins "${FILESDIR}/${BRANCH}/50-default.conf"
233
234	insinto /etc/logrotate.d/
235	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
236
237	if use mysql; then
238	insinto /usr/share/doc/${PF}/scripts/mysql
239	doins plugins/ommysql/{createDB.sql,contrib/delete_mysql}
240	fi
241
242	if use postgres; then
243	insinto /usr/share/doc/${PF}/scripts/pgsql
244	doins plugins/ompgsql/createDB.sql
245	fi
246	}
247
248	pkg_postinst() {
249	local advertise_readme=0
250
251	if [[ -z "${REPLACING_VERSIONS}" ]]; then
252	# This is a new installation
253
254	advertise_readme=1
255
256	if use mysql \|\| use postgres; then
257	echo
258	elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
259	elog " /usr/share/doc/${PF}/scripts"
260	fi
261
262	if use ssl; then
263	echo
264	elog "To create a default CA and certificates for your server and clients, run:"
265	elog " emerge --config =${PF}"
266	elog "on your logging server. You can run it several times,"
267	elog "once for each logging client. The client certificates will be signed"
268	elog "using the CA certificate generated during the first run."
269	fi
270	fi
271
272	if [[ -z "${REPLACING_VERSIONS}" ]] \|\| [[ ${REPLACING_VERSIONS} < 8.0 ]]; then
273	# Show this message until rsyslog-8.x
274	echo
275	elog "Since ${PN}-7.6.3 we no longer use the catch-all log target"
276	elog "\"/var/log/syslog\" due to its redundancy to the other log targets."
277
278	advertise_readme=1
279	fi
280
281	if [[ ${advertise_readme} -gt 0 ]]; then
282	# We need to show the README file location
283
284	echo ""
285	elog "Please read"
286	elog ""
287	elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
288	elog ""
289	elog "for more details."
290	fi
291	}
292
293	pkg_config() {
294	if ! use ssl ; then
295	einfo "There is nothing to configure for rsyslog unless you"
296	einfo "used USE=ssl to build it."
297	return 0
298	fi
299
300	# Make sure the certificates directory exists
301	CERTDIR="${EROOT}/etc/ssl/${PN}"
302	if [ ! -d "${CERTDIR}" ]; then
303	mkdir "${CERTDIR}" \|\| die
304	fi
305	einfo "Your certificates will be stored in ${CERTDIR}"
306
307	# Create a default CA if needed
308	if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then
309	einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
310	certtool --generate-privkey \
311	--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
312	chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
313
314	cat > "${T}/${PF}.$$" <<- _EOF
315	cn = Portage automated CA
316	ca
317	cert_signing_key
318	expiration_days = 3650
319	_EOF
320
321	certtool --generate-self-signed \
322	--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
323	--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
324	--template "${T}/${PF}.$$" &>/dev/null
325	chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
326
327	# Create the server certificate
328	echo
329	einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
330	read -r CN
331
332	einfo "Creating private key and certificate for server ${CN}..."
333	certtool --generate-privkey \
334	--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
335	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
336
337	cat > "${T}/${PF}.$$" <<- _EOF
338	cn = ${CN}
339	tls_www_server
340	dns_name = ${CN}
341	expiration_days = 3650
342	_EOF
343
344	certtool --generate-certificate \
345	--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
346	--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
347	--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
348	--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
349	--template "${T}/${PF}.$$" &>/dev/null
350	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
351
352	else
353	einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
354	fi
355
356	# Create a client certificate
357	echo
358	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
359	read -r CN
360
361	einfo "Creating private key and certificate for client ${CN}..."
362	certtool --generate-privkey \
363	--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
364	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
365
366	cat > "${T}/${PF}.$$" <<- _EOF
367	cn = ${CN}
368	tls_www_client
369	dns_name = ${CN}
370	expiration_days = 3650
371	_EOF
372
373	certtool --generate-certificate \
374	--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
375	--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
376	--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
377	--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
378	--template "${T}/${PF}.$$" &>/dev/null
379	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
380
381	rm -f "${T}/${PF}.$$"
382
383	echo
384	einfo "Here is the documentation on how to encrypt your log traffic:"
385	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
386	}

Gentoo Archives: gentoo-commits