Line 0
Link Here
|
|
|
1 |
# Copyright 1999-2014 Gentoo Foundation |
2 |
# Distributed under the terms of the GNU General Public License v2 |
3 |
# $Header: $ |
4 |
|
5 |
EAPI=5 |
6 |
AUTOTOOLS_AUTORECONF=1 |
7 |
|
8 |
inherit autotools-utils eutils systemd |
9 |
|
10 |
DESCRIPTION="An enhanced multi-threaded syslogd with database support and more" |
11 |
HOMEPAGE="http://www.rsyslog.com/" |
12 |
SRC_URI="http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz" |
13 |
|
14 |
LICENSE="GPL-3 LGPL-3 Apache-2.0" |
15 |
KEYWORDS="~amd64 ~arm ~hppa ~x86" |
16 |
SLOT="0" |
17 |
IUSE="dbi debug doc elasticsearch +gcrypt kerberos mongodb mysql normalize omudpspoof oracle postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd usertools zeromq" |
18 |
|
19 |
RDEPEND=" |
20 |
>=dev-libs/json-c-0.11:= |
21 |
>=dev-libs/libestr-0.1.9 |
22 |
>=dev-libs/liblogging-1.0.1:=[stdlog] |
23 |
>=sys-libs/zlib-1.2.5 |
24 |
dbi? ( >=dev-db/libdbi-0.8.3 ) |
25 |
elasticsearch? ( >=net-misc/curl-7.35.0 ) |
26 |
gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= ) |
27 |
kerberos? ( virtual/krb5 ) |
28 |
mongodb? ( >=dev-libs/libmongo-client-0.1.4 ) |
29 |
mysql? ( virtual/mysql ) |
30 |
normalize? ( |
31 |
>=dev-libs/libee-0.4.0 |
32 |
>=dev-libs/liblognorm-0.3.1:= |
33 |
!>=dev-libs/liblognorm-1.0.0 |
34 |
) |
35 |
omudpspoof? ( >=net-libs/libnet-1.1.6 ) |
36 |
oracle? ( >=dev-db/oracle-instantclient-basic-10.2 ) |
37 |
postgres? ( >=dev-db/postgresql-base-8.4.20 ) |
38 |
rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0 ) |
39 |
redis? ( >=dev-libs/hiredis-0.11.0 ) |
40 |
relp? ( >=dev-libs/librelp-1.2.5 ) |
41 |
rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] ) |
42 |
rfc5424hmac? ( >=dev-libs/openssl-0.9.8y ) |
43 |
snmp? ( >=net-analyzer/net-snmp-5.7.2 ) |
44 |
ssl? ( >=net-libs/gnutls-2.12.23 ) |
45 |
systemd? ( >=sys-apps/systemd-208 ) |
46 |
zeromq? ( >=net-libs/czmq-1.2.0 )" |
47 |
DEPEND="${RDEPEND} |
48 |
virtual/pkgconfig" |
49 |
|
50 |
BRANCH="7-stable" |
51 |
|
52 |
# Test suite requires a special setup or will always fail |
53 |
RESTRICT="test" |
54 |
|
55 |
# Maitainer note : open a bug to upstream |
56 |
# showing that building in a separate dir fails |
57 |
AUTOTOOLS_IN_SOURCE_BUILD=1 |
58 |
|
59 |
AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules" |
60 |
|
61 |
DOCS=( |
62 |
AUTHORS |
63 |
ChangeLog |
64 |
doc/rsyslog-example.conf |
65 |
"${FILESDIR}"/${BRANCH}/README.gentoo |
66 |
) |
67 |
|
68 |
PATCHES=( |
69 |
"${FILESDIR}"/${BRANCH}/${PN}-7.x-mmjsonparse.patch |
70 |
"${FILESDIR}"/${BRANCH}/fix-omruleset-default-value.patch |
71 |
"${FILESDIR}"/${BRANCH}/bugfix_52.patch |
72 |
"${FILESDIR}"/${BRANCH}/bugfix_73.patch |
73 |
) |
74 |
|
75 |
src_configure() { |
76 |
# Maintainer notes: |
77 |
# * Guardtime support is missing because libgt isn't yet available |
78 |
# in portage. |
79 |
# * Hadoop's HDFS file system output module is currently not |
80 |
# supported in Gentoo because nobody is able to test it |
81 |
# (JAVA dependency). |
82 |
# * dev-libs/hiredis doesn't provide pkg-config (see #504614, |
83 |
# upstream PR 129 and 136) so we need to export HIREDIS_* |
84 |
# variables because rsyslog's build system depends on pkg-config. |
85 |
|
86 |
if use redis; then |
87 |
export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis" |
88 |
export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include" |
89 |
fi |
90 |
|
91 |
local myeconfargs=( |
92 |
# Input Plugins without depedencies |
93 |
--enable-imfile |
94 |
--enable-impstats |
95 |
--enable-imptcp |
96 |
--enable-imttcp |
97 |
# Message Modificiation Plugins without depedencies |
98 |
--enable-mmanon |
99 |
--enable-mmaudit |
100 |
--enable-mmcount |
101 |
--enable-mmfields |
102 |
--enable-mmjsonparse |
103 |
--enable-mmpstrucdata |
104 |
--enable-mmsequence |
105 |
--enable-mmutf8fix |
106 |
# Output Modification Plugins without dependencies |
107 |
--enable-mail |
108 |
--enable-omprog |
109 |
--enable-omruleset |
110 |
--enable-omstdout |
111 |
--enable-omuxsock |
112 |
# Misc |
113 |
--enable-pmaixforwardedfrom |
114 |
--enable-pmcisconames |
115 |
--enable-pmlastmsg |
116 |
--enable-pmrfc3164sd |
117 |
--enable-pmsnare |
118 |
--enable-sm_cust_bindcdr |
119 |
# DB |
120 |
$(use_enable dbi libdbi) |
121 |
$(use_enable mongodb ommongodb) |
122 |
$(use_enable mysql) |
123 |
$(use_enable oracle) |
124 |
$(use_enable postgres pgsql) |
125 |
$(use_enable redis omhiredis) |
126 |
# Debug |
127 |
$(use_enable debug) |
128 |
$(use_enable debug diagtools) |
129 |
$(use_enable debug imdiag) |
130 |
$(use_enable debug memcheck) |
131 |
$(use_enable debug rtinst) |
132 |
$(use_enable debug valgrind) |
133 |
# Misc |
134 |
$(use_enable elasticsearch) |
135 |
$(use_enable gcrypt libgcrypt) |
136 |
$(use_enable kerberos gssapi-krb5) |
137 |
$(use_enable normalize mmnormalize) |
138 |
$(use_enable omudpspoof) |
139 |
$(use_enable rabbitmq omrabbitmq) |
140 |
$(use_enable relp) |
141 |
$(use_enable rfc3195) |
142 |
$(use_enable rfc5424hmac mmrfc5424addhmac) |
143 |
$(use_enable snmp) |
144 |
$(use_enable snmp mmsnmptrapd) |
145 |
$(use_enable ssl gnutls) |
146 |
$(use_enable systemd imjournal) |
147 |
$(use_enable systemd omjournal) |
148 |
$(use_enable usertools) |
149 |
$(use_enable zeromq imzmq3) |
150 |
$(use_enable zeromq omzmq3) |
151 |
"$(systemd_with_unitdir)" |
152 |
) |
153 |
|
154 |
autotools-utils_src_configure |
155 |
} |
156 |
|
157 |
src_install() { |
158 |
use doc && HTML_DOCS=( "${S}"/doc/ ) |
159 |
autotools-utils_src_install |
160 |
|
161 |
insinto /etc |
162 |
newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf |
163 |
newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN} |
164 |
newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN} |
165 |
keepdir /var/empty/dev |
166 |
keepdir /var/spool/${PN} |
167 |
keepdir /etc/ssl/${PN} |
168 |
keepdir /etc/${PN}.d |
169 |
|
170 |
if use mysql; then |
171 |
insinto /usr/share/doc/${PF}/scripts/mysql |
172 |
doins plugins/ommysql/{createDB.sql,contrib/delete_mysql} |
173 |
fi |
174 |
|
175 |
if use postgres; then |
176 |
insinto /usr/share/doc/${PF}/scripts/pgsql |
177 |
doins plugins/ompgsql/createDB.sql |
178 |
fi |
179 |
|
180 |
insinto /etc/logrotate.d/ |
181 |
newins "${FILESDIR}/${BRANCH}/${PN}.logrotate-r1" ${PN} |
182 |
} |
183 |
|
184 |
pkg_postinst() { |
185 |
local advertise_readme=0 |
186 |
|
187 |
if [[ -z "${REPLACING_VERSIONS}" ]]; then |
188 |
# This is a new installation |
189 |
|
190 |
advertise_readme=1 |
191 |
|
192 |
if use mysql || use postgres; then |
193 |
echo |
194 |
elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:" |
195 |
elog " /usr/share/doc/${PF}/scripts" |
196 |
fi |
197 |
|
198 |
if use ssl; then |
199 |
echo |
200 |
elog "To create a default CA and certificates for your server and clients, run:" |
201 |
elog " emerge --config =${PF}" |
202 |
elog "on your logging server. You can run it several times," |
203 |
elog "once for each logging client. The client certificates will be signed" |
204 |
elog "using the CA certificate generated during the first run." |
205 |
fi |
206 |
fi |
207 |
|
208 |
if [[ -z "${REPLACING_VERSIONS}" ]] || [[ ${REPLACING_VERSIONS} < 8.0 ]]; then |
209 |
# Show this message until rsyslog-8.x |
210 |
echo |
211 |
elog "Since ${PN}-7.6.3 we no longer use the catch-all log target" |
212 |
elog "\"/var/log/syslog\" due to its redundancy to the other log targets." |
213 |
|
214 |
advertise_readme=1 |
215 |
fi |
216 |
|
217 |
unset RSYSLOG_OLD_CONF_FILES |
218 |
declare -a RSYSLOG_OLD_CONF_FILES |
219 |
|
220 |
local i=0 RSYSLOG_OLD_CONF_FILE= |
221 |
while IFS= read -r -u 3 -d $'\0' RSYSLOG_OLD_CONF_FILE; do |
222 |
RSYSLOG_OLD_CONF_FILES[i++]="$RSYSLOG_OLD_CONF_FILE" |
223 |
done 3< <(find "${EPREFIX}/etc/rsyslog.d" -maxdepth 1 -type f \( -iname "*.conf" ! -iname "*.pre.conf" ! -iname "*.post.conf" \) -print0 2>/dev/null) |
224 |
|
225 |
if [[ ${#RSYSLOG_OLD_CONF_FILES[@]} -gt 0 ]]; then |
226 |
echo "" |
227 |
ewarn "Beginning with ${PN}-7.6.3 we changed the way we are including" |
228 |
ewarn "additional configuration files." |
229 |
ewarn "" |
230 |
ewarn "You have to adapt the new naming schema for the following files:" |
231 |
ewarn "" |
232 |
|
233 |
RSYSLOG_OLD_CONF_FILE= |
234 |
for RSYSLOG_OLD_CONF_FILE in "${RSYSLOG_OLD_CONF_FILES[@]}"; do |
235 |
ewarn " - ${RSYSLOG_OLD_CONF_FILE}" |
236 |
done |
237 |
|
238 |
ewarn "" |
239 |
ewarn "To keep the old behavior, just change the suffix from \".conf\" to \".pre.conf\"." |
240 |
ewarn "If you don't do that, these configuration files won't be included anymore." |
241 |
|
242 |
advertise_readme=1 |
243 |
fi |
244 |
unset i RSYSLOG_OLD_CONF_FILE RSYSLOG_OLD_CONF_FILES |
245 |
|
246 |
if [[ ${advertise_readme} -gt 0 ]]; then |
247 |
# We need to show the README file location |
248 |
|
249 |
echo "" |
250 |
elog "Please read" |
251 |
elog "" |
252 |
elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*" |
253 |
elog "" |
254 |
elog "for more details." |
255 |
fi |
256 |
} |
257 |
|
258 |
pkg_config() { |
259 |
if ! use ssl ; then |
260 |
einfo "There is nothing to configure for rsyslog unless you" |
261 |
einfo "used USE=ssl to build it." |
262 |
return 0 |
263 |
fi |
264 |
|
265 |
# Make sure the certificates directory exists |
266 |
CERTDIR="${EROOT}/etc/ssl/${PN}" |
267 |
if [ ! -d "${CERTDIR}" ]; then |
268 |
mkdir "${CERTDIR}" || die |
269 |
fi |
270 |
einfo "Your certificates will be stored in ${CERTDIR}" |
271 |
|
272 |
# Create a default CA if needed |
273 |
if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then |
274 |
einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..." |
275 |
certtool --generate-privkey \ |
276 |
--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null |
277 |
chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" |
278 |
|
279 |
cat > "${T}/${PF}.$$" <<- _EOF |
280 |
cn = Portage automated CA |
281 |
ca |
282 |
cert_signing_key |
283 |
expiration_days = 3650 |
284 |
_EOF |
285 |
|
286 |
certtool --generate-self-signed \ |
287 |
--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ |
288 |
--outfile "${CERTDIR}/${PN}_ca.cert.pem" \ |
289 |
--template "${T}/${PF}.$$" &>/dev/null |
290 |
chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" |
291 |
|
292 |
# Create the server certificate |
293 |
echo |
294 |
einfon "Please type the Common Name of the SERVER you wish to create a certificate for: " |
295 |
read -r CN |
296 |
|
297 |
einfo "Creating private key and certificate for server ${CN}..." |
298 |
certtool --generate-privkey \ |
299 |
--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null |
300 |
chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" |
301 |
|
302 |
cat > "${T}/${PF}.$$" <<- _EOF |
303 |
cn = ${CN} |
304 |
tls_www_server |
305 |
dns_name = ${CN} |
306 |
expiration_days = 3650 |
307 |
_EOF |
308 |
|
309 |
certtool --generate-certificate \ |
310 |
--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ |
311 |
--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ |
312 |
--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ |
313 |
--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ |
314 |
--template "${T}/${PF}.$$" &>/dev/null |
315 |
chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" |
316 |
|
317 |
else |
318 |
einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation." |
319 |
fi |
320 |
|
321 |
# Create a client certificate |
322 |
echo |
323 |
einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: " |
324 |
read -r CN |
325 |
|
326 |
einfo "Creating private key and certificate for client ${CN}..." |
327 |
certtool --generate-privkey \ |
328 |
--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null |
329 |
chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" |
330 |
|
331 |
cat > "${T}/${PF}.$$" <<- _EOF |
332 |
cn = ${CN} |
333 |
tls_www_client |
334 |
dns_name = ${CN} |
335 |
expiration_days = 3650 |
336 |
_EOF |
337 |
|
338 |
certtool --generate-certificate \ |
339 |
--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ |
340 |
--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ |
341 |
--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ |
342 |
--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ |
343 |
--template "${T}/${PF}.$$" &>/dev/null |
344 |
chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" |
345 |
|
346 |
rm -f "${T}/${PF}.$$" |
347 |
|
348 |
echo |
349 |
einfo "Here is the documentation on how to encrypt your log traffic:" |
350 |
einfo " http://www.rsyslog.com/doc/rsyslog_tls.html" |
351 |
} |