Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 222329 Details for
Bug 308101
Updated ebuild for net-misc/strongswan
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
updated strongswan-4.3.6 ebuild
strongswan-4.3.6.ebuild (text/plain), 4.62 KB, created by
Matthias Dahl
on 2010-03-06 19:21:20 UTC
(
hide
)
Description:
updated strongswan-4.3.6 ebuild
Filename:
MIME Type:
Creator:
Matthias Dahl
Created:
2010-03-06 19:21:20 UTC
Size:
4.62 KB
patch
obsolete
># Copyright 1999-2010 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 ># $Header: /var/cvsroot/gentoo-x86/net-misc/strongswan/strongswan-4.3.6.ebuild,v 1.2 2010/02/27 22:43:10 ulm Exp $ > >EAPI=2 >inherit eutils linux-info > >UGID="ipsec" > >DESCRIPTION="Open Source IPsec based VPN solution with a strong focus on security. Fully supports IKEv1/IKEv2, MOBIKE and the Linux 2.6 IPsec stack." >HOMEPAGE="http://www.strongswan.org/" >SRC_URI="http://download.strongswan.org/${P}.tar.bz2" > >LICENSE="GPL-2 RSA-MD5 RSA-PKCS11 DES" >SLOT="0" >KEYWORDS="~ppc ~sparc ~x86 ~amd64" >IUSE="caps cisco curl debug gcrypt ldap +ikev1 +ikev2 mysql nat +openssl smartcard static sqlite xml" > >COMMON_DEPEND="!net-misc/openswan > dev-libs/gmp > gcrypt? ( dev-libs/libgcrypt ) > caps? ( sys-libs/libcap ) > curl? ( net-misc/curl ) > ldap? ( net-nds/openldap ) > smartcard? ( dev-libs/opensc ) > xml? ( dev-libs/libxml2 ) > openssl? ( >=dev-libs/openssl-0.9.8 ) > mysql? ( virtual/mysql ) > sqlite? ( >=dev-db/sqlite-3.3.1 )" >DEPEND="${COMMON_DEPEND} > virtual/linux-sources > sys-kernel/linux-headers" >RDEPEND="${COMMON_DEPEND} > virtual/logger > sys-apps/iproute2" > >pkg_setup() { > linux-info_pkg_setup > > elog "Linux kernel is version ${KV_FULL}" > > if kernel_is 2 6; then > elog "Using native Linux 2.6 IPsec stack." > else > eerror "This ebuild currently only supports strongSwan" > eerror "with the native Linux 2.6 IPsec stack." > echo > die "Please install a recent 2.6 kernel." > fi > > if use caps; then > # change to an unprivileged user if libcaps support is requested > enewgroup ${UGID} > enewuser ${UGID} -1 -1 -1 ${UGID} > fi >} > >src_configure() { > local myconf="" > > if use caps; then > # change to an unprivileged user if libcaps support is requested > myconf="${myconf} --with-user=${UGID} --with-group=${UGID}" > fi > > # strongswan enables both by default; switch to the user's wish > if use static ; then > myconf="${myconf} --enable-static --disable-shared" > else > myconf="${myconf} --disable-static --enable-shared" > fi > > # If a user has already enabled db support, those plugins will > # most likely be desired as well. Besides they don't impose new > # dependencies and come at no cost (except for space). > if use mysql || use sqlite ; then > myconf="${myconf} --enable-attr-sql --enable-sql" > fi > > # TODO: Review new configure options such as networkmanager > econf \ > $(use_with caps capabilities libcap) \ > $(use_enable curl) \ > $(use_enable ldap) \ > $(use_enable xml smp) \ > $(use_enable smartcard) \ > $(use_enable cisco cisco-quirks) \ > $(use_enable debug leak-detective) \ > $(use_enable nat nat-transport) \ > $(use_enable openssl) \ > $(use_enable gcrypt) \ > $(use_enable mysql) \ > $(use_enable sqlite) \ > $(use_enable ikev1 pluto) \ > $(use_enable ikev2 charon) \ > ${myconf} \ > || die "econf failed" >} > >src_install() { > einstall || die "einstall failed." > > doinitd "${FILESDIR}"/ipsec > > if use caps; then > fowners ipsec:ipsec /etc/ipsec.conf > fi >} > >pkg_postinst() { > if use caps; then > echo > elog "strongSwan has been installed without superuser privileges as" > elog "requested (USE=caps). There are certain restrictions and" > elog "issues regarding non-root operation, so please have a look at:" > elog " http://wiki.strongswan.org/wiki/nonRoot" > echo > elog "Please be aware that with dropped privileges most leftupdown and" > elog "rightupdown scripts will no longer run if they require root privileges." > elog "You might want to use sudo to allow the user \"ipsec\" to run" > elog "the ipsec helper script (/usr/sbin/ipsec) as root." > elog "Example for /etc/sudoers:" > elog " Defaults:ipsec always_set_home,!env_reset" > elog " ipsec ALL=(ALL) NOPASSWD: /usr/sbin/ipsec" > elog "Example for a connection block in /etc/ipsec.conf:" > elog " leftupdown=\"sudo ipsec _updown\"" > echo ># elog "And please do not forget to add CAP_NET_ADMIN capabilities to" ># elog "your charon and pluto binaries each time you emerge this ebuild." ># echo ># elog "setcap -v cap_net_admin=ep /usr/libexec/ipsec/pluto" ># elog "setcap -v cap_net_admin=ep /usr/libexec/ipsec/charon" ># echo ># elog "For more information reagrding POSIX capabilities support please" ># elog "have a look at http://www.friedhoff.org/posixfilecaps.html" ># echo > fi > if ! use openssl ; then > elog "strongSwan has been compiled without OpenSSL support." > elog "Please note that (among other things), support for" > elog "ECDSA authentification and several ECP Diffie-Hellman groups" > elog "is missing." > elog "If you require any of the above functionality, please recompile" > elog "with the \"openssl\" USE flag enabled." > echo > fi > elog "The up-to-date manual is available online at:" > elog " http://wiki.strongswan.org/" > echo >}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=222329">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 308101
:
222329
|
222877
|
222881
