Contents of /branches/R11-unstable/core/rsyslog/rsyslog-5.8.13-r4.smage2
Parent Directory
| 
Revision Log
Revision 25064 -
(show annotations)
(download)
Tue Nov 25 02:56:38 2014 UTC (9 years, 5 months ago) by niro
File size: 4663 byte(s)
Tue Nov 25 02:56:38 2014 UTC (9 years, 5 months ago) by niro
File size: 4663 byte(s)
-release branches/R11-unstable
| 1 | # $Id$ |
| 2 | |
| 3 | PNAME="rsyslog" |
| 4 | PVER="5.8.13" |
| 5 | PBUILD="r4" |
| 6 | |
| 7 | PCAT="app-admin" |
| 8 | |
| 9 | DESCRIPTION="An enhanced multi-threaded syslog daemon with a focus on security and reliability." |
| 10 | HOMEPAGE="http://www.rsyslog.com/" |
| 11 | |
| 12 | DEPEND=">= app-admin/logrotate-3.8 |
| 13 | >= app-crypt/gnutls-2.12 |
| 14 | >= sys-libs/zlib-1.2.7" |
| 15 | |
| 16 | PROVIDE="virtual/syslog" |
| 17 | |
| 18 | SRCFILE="${PNAME}-${PVER}.tar.gz" |
| 19 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" |
| 20 | |
| 21 | sminclude mbuild mtools systemd |
| 22 | |
| 23 | LOG_REV="1.2" |
| 24 | |
| 25 | SRC_URI=( |
| 26 | http://www.rsyslog.com/files/download/${PNAME}/${SRCFILE} |
| 27 | mirror://${PNAME}/${SRCFILE} |
| 28 | mirror://${PNAME}/rsyslog.conf |
| 29 | mirror://${PNAME}/rsyslog.logrotate-${LOG_REV} |
| 30 | mirror://${PNAME}/rsyslog.confd |
| 31 | mirror://${PNAME}/${PNAME}-5.8.1-systemd.patch |
| 32 | ) |
| 33 | |
| 34 | UP2DATE="updatecmd ${HOMEPAGE}/download/ | grep 'stable' | grep 'Download file' | sed 's:.*\:\ rsyslog\ \(.*\)\ (.*:\1:;q'" |
| 35 | |
| 36 | src_prepare() |
| 37 | { |
| 38 | munpack ${SRCFILE} || die |
| 39 | cd ${SRCDIR} |
| 40 | |
| 41 | # support /etc/conf.d/rsyslog in systemd units |
| 42 | mpatch ${PNAME}-5.8.1-systemd.patch || die |
| 43 | |
| 44 | # disable stop of systemd-kmsg-syslogd.service, as this service file does not exist anymore |
| 45 | sed -i '/systemd-kmsg-syslogd.service/d' rsyslog.service.in || die |
| 46 | } |
| 47 | |
| 48 | src_compile() |
| 49 | { |
| 50 | cd ${SRCDIR} |
| 51 | |
| 52 | mconfigure \ |
| 53 | --with-systemdsystemunitdir=$(mget-systemd-unit-dir) \ |
| 54 | --enable-largefile \ |
| 55 | --enable-mail \ |
| 56 | --enable-imfile \ |
| 57 | --enable-imtemplate \ |
| 58 | --enable-zlib \ |
| 59 | --enable-gnutls \ |
| 60 | --enable-inet \ |
| 61 | --disable-gui \ |
| 62 | --disable-rfc3195 \ |
| 63 | --disable-mysql \ |
| 64 | --disable-pgsql \ |
| 65 | --disable-oracle \ |
| 66 | --disable-snmp \ |
| 67 | || die |
| 68 | |
| 69 | mmake || die |
| 70 | } |
| 71 | |
| 72 | src_install() |
| 73 | { |
| 74 | cd ${SRCDIR} |
| 75 | |
| 76 | mmake DESTDIR=${BINDIR} install || die |
| 77 | minstalldocs AUTHORS COPYING ChangeLog NEWS PORTS README* || die |
| 78 | |
| 79 | # rsyslog config |
| 80 | minstalletc rsyslog.conf || die |
| 81 | |
| 82 | # logrotate config |
| 83 | minstalllog rsyslog.logrotate-${LOG_REV} rsyslog || die |
| 84 | |
| 85 | # conf.d |
| 86 | minstallconf rsyslog.confd rsyslog || die |
| 87 | |
| 88 | # needed directories |
| 89 | mkeepdir /var/spool/rsyslog || die |
| 90 | mkeepdir /etc/ssl/rsyslog || die |
| 91 | mkeepdir /etc/rsyslog.d || die |
| 92 | } |
| 93 | |
| 94 | postinstall() |
| 95 | { |
| 96 | local CERTDIR |
| 97 | local CN |
| 98 | local TMP=$(mktemp) |
| 99 | |
| 100 | # make sure the certificates directory exists |
| 101 | CERTDIR="${MROOT}/etc/ssl/rsyslog" |
| 102 | [ ! -d ${CERTDIR} ] && install -d ${CERTDIR} |
| 103 | echo "Your certificates will be stored in ${CERTDIR}" |
| 104 | |
| 105 | # create a default CA if needed |
| 106 | if [ ! -f ${CERTDIR}/rsyslog_ca.cert.pem ] |
| 107 | then |
| 108 | echo "No CA key and certificate found in ${CERTDIR}, creating them for you..." |
| 109 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_ca.privkey.pem &>/dev/null |
| 110 | chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem |
| 111 | |
| 112 | cat > ${TMP} << EOF |
| 113 | cn = Portage automated CA |
| 114 | ca |
| 115 | cert_signing_key |
| 116 | expiration_days = 3650 |
| 117 | EOF |
| 118 | |
| 119 | certtool --generate-self-signed \ |
| 120 | --load-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ |
| 121 | --outfile ${CERTDIR}/rsyslog_ca.cert.pem \ |
| 122 | --template ${TMP} &>/dev/null |
| 123 | chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem |
| 124 | |
| 125 | # Create the server certificate |
| 126 | |
| 127 | # use server-hostname as CN! |
| 128 | CN="server-$(hostname)" |
| 129 | echo "Creating private key and certificate for server ${CN}..." |
| 130 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null |
| 131 | chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem |
| 132 | |
| 133 | cat > ${TMP} << EOF |
| 134 | cn = ${CN} |
| 135 | tls_www_server |
| 136 | dns_name = ${CN} |
| 137 | expiration_days = 3650 |
| 138 | EOF |
| 139 | |
| 140 | certtool --generate-certificate \ |
| 141 | --outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \ |
| 142 | --load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \ |
| 143 | --load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \ |
| 144 | --load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ |
| 145 | --template ${TMP} &>/dev/null |
| 146 | chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem |
| 147 | else |
| 148 | echo "Found existing ${CERTDIR}/rsyslog_ca.cert.pem, skipping CA and SERVER creation." |
| 149 | fi |
| 150 | |
| 151 | # Create a client certificate |
| 152 | # use client-hostname as CN! |
| 153 | CN="client-$(hostname)" |
| 154 | echo "Creating private key and certificate for client ${CN}..." |
| 155 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null |
| 156 | chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem |
| 157 | |
| 158 | cat > ${TMP} << EOF |
| 159 | cn = ${CN} |
| 160 | tls_www_client |
| 161 | dns_name = ${CN} |
| 162 | expiration_days = 3650 |
| 163 | EOF |
| 164 | |
| 165 | certtool --generate-certificate \ |
| 166 | --outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \ |
| 167 | --load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \ |
| 168 | --load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \ |
| 169 | --load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ |
| 170 | --template ${TMP} &>/dev/null |
| 171 | chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem |
| 172 | |
| 173 | if [ -f ${TMP} ] |
| 174 | then |
| 175 | rm -f ${TMP} |
| 176 | fi |
| 177 | |
| 178 | echo |
| 179 | echo "Here is the documentation on how to encrypt your log traffic:" |
| 180 | echo " http://www.rsyslog.com/doc/rsyslog_tls.html" |
| 181 | |
| 182 | # enable systemd units |
| 183 | mstartunit rsyslog.service rsyslogd |
| 184 | } |
| 185 | |
| 186 | postremove() |
| 187 | { |
| 188 | # disable systemd units |
| 189 | mstopunit rsyslog.service rsyslogd |
| 190 | } |