Contents of /branches/magellan-next/core/rsyslog/rsyslog-5.8.4-r1.smage2
Parent Directory
| 
Revision Log
Revision 8939 -
(show annotations)
(download)
Wed Aug 24 17:45:50 2011 UTC (12 years, 8 months ago) by niro
File size: 4615 byte(s)
Wed Aug 24 17:45:50 2011 UTC (12 years, 8 months ago) by niro
File size: 4615 byte(s)
auto added: ver bump to 5.8.4-r1
| 1 | # $Id$ |
| 2 | |
| 3 | PNAME="rsyslog" |
| 4 | PVER="5.8.4" |
| 5 | PBUILD="r1" |
| 6 | |
| 7 | PCATEGORIE="app-admin" |
| 8 | |
| 9 | DESCRIPTION="An enhanced multi-threaded syslog daemon with a focus on security and reliability." |
| 10 | HOMEPAGE="http://www.rsyslog.com/" |
| 11 | |
| 12 | DEPEND=">= app-admin/logrotate-3.8 |
| 13 | >= app-crypt/gnutls-2.12 |
| 14 | >= sys-libs/zlib-1.2.5" |
| 15 | |
| 16 | PROVIDE="virtual/syslog" |
| 17 | |
| 18 | SRCFILE="${PNAME}-${PVER}.tar.gz" |
| 19 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" |
| 20 | |
| 21 | sminclude mbuild mtools |
| 22 | |
| 23 | SRC_URI=( |
| 24 | http://www.rsyslog.com/files/download/${PNAME}/${SRCFILE} |
| 25 | mirror://${PNAME}/${SRCFILE} |
| 26 | mirror://${PNAME}/rsyslog.conf |
| 27 | mirror://${PNAME}/rsyslog.logrotate |
| 28 | mirror://${PNAME}/rsyslog.rc |
| 29 | mirror://${PNAME}/rsyslog.confd |
| 30 | mirror://${PNAME}/${PNAME}-5.8.1-systemd.patch |
| 31 | ) |
| 32 | |
| 33 | UP2DATE="updatecmd ${HOMEPAGE}/download/ | grep 'stable' | grep 'Download file' | sed 's:.*\:\ rsyslog\ \(.*\)\ (.*:\1:;q'" |
| 34 | |
| 35 | src_prepare() |
| 36 | { |
| 37 | munpack ${SRCFILE} || die |
| 38 | cd ${SRCDIR} |
| 39 | |
| 40 | # support /etc/conf.d/rsyslog in systemd units |
| 41 | mpatch ${PNAME}-5.8.1-systemd.patch || die |
| 42 | } |
| 43 | |
| 44 | src_compile() |
| 45 | { |
| 46 | cd ${SRCDIR} |
| 47 | |
| 48 | mconfigure \ |
| 49 | --with-systemdsystemunitdir=/lib/systemd/system \ |
| 50 | --enable-largefile \ |
| 51 | --enable-mail \ |
| 52 | --enable-imfile \ |
| 53 | --enable-imtemplate \ |
| 54 | --enable-zlib \ |
| 55 | --enable-gnutls \ |
| 56 | --enable-inet \ |
| 57 | --disable-gui \ |
| 58 | --disable-rfc3195 \ |
| 59 | --disable-mysql \ |
| 60 | --disable-pgsql \ |
| 61 | --disable-oracle \ |
| 62 | --disable-snmp \ |
| 63 | || die |
| 64 | |
| 65 | mmake || die |
| 66 | } |
| 67 | |
| 68 | src_install() |
| 69 | { |
| 70 | cd ${SRCDIR} |
| 71 | |
| 72 | mmake DESTDIR=${BINDIR} install || die |
| 73 | minstalldocs AUTHORS COPYING ChangeLog NEWS PORTS README* || die |
| 74 | |
| 75 | # rsyslog config |
| 76 | minstalletc rsyslog.conf || die |
| 77 | |
| 78 | # logrotate config |
| 79 | minstalletc rsyslog.logrotate rsyslog /etc/logrotate.d || die |
| 80 | |
| 81 | # sysV initscript |
| 82 | minstallrc rsyslog.rc rsyslog || die |
| 83 | minstallconf rsyslog.confd rsyslog || die |
| 84 | |
| 85 | # needed directories |
| 86 | mkeepdir /var/spool/rsyslog || die |
| 87 | mkeepdir /etc/ssl/rsyslog || die |
| 88 | mkeepdir /etc/rsyslog.d || die |
| 89 | } |
| 90 | |
| 91 | postinstall() |
| 92 | { |
| 93 | local CERTDIR |
| 94 | local CN |
| 95 | local TMP=$(mktemp) |
| 96 | |
| 97 | # make sure the certificates directory exists |
| 98 | CERTDIR="${MROOT}/etc/ssl/rsyslog" |
| 99 | [ ! -d ${CERTDIR} ] && install -d ${CERTDIR} |
| 100 | echo "Your certificates will be stored in ${CERTDIR}" |
| 101 | |
| 102 | # create a default CA if needed |
| 103 | if [ ! -f ${CERTDIR}/rsyslog_ca.cert.pem ] |
| 104 | then |
| 105 | echo "No CA key and certificate found in ${CERTDIR}, creating them for you..." |
| 106 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_ca.privkey.pem &>/dev/null |
| 107 | chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem |
| 108 | |
| 109 | cat > ${TMP} << EOF |
| 110 | cn = Portage automated CA |
| 111 | ca |
| 112 | cert_signing_key |
| 113 | expiration_days = 3650 |
| 114 | EOF |
| 115 | |
| 116 | certtool --generate-self-signed \ |
| 117 | --load-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ |
| 118 | --outfile ${CERTDIR}/rsyslog_ca.cert.pem \ |
| 119 | --template ${TMP} &>/dev/null |
| 120 | chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem |
| 121 | |
| 122 | # Create the server certificate |
| 123 | |
| 124 | # use server-hostname as CN! |
| 125 | CN="server-$(hostname)" |
| 126 | echo "Creating private key and certificate for server ${CN}..." |
| 127 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null |
| 128 | chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem |
| 129 | |
| 130 | cat > ${TMP} << EOF |
| 131 | cn = ${CN} |
| 132 | tls_www_server |
| 133 | dns_name = ${CN} |
| 134 | expiration_days = 3650 |
| 135 | EOF |
| 136 | |
| 137 | certtool --generate-certificate \ |
| 138 | --outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \ |
| 139 | --load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \ |
| 140 | --load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \ |
| 141 | --load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ |
| 142 | --template ${TMP} &>/dev/null |
| 143 | chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem |
| 144 | else |
| 145 | echo "Found existing ${CERTDIR}/rsyslog_ca.cert.pem, skipping CA and SERVER creation." |
| 146 | fi |
| 147 | |
| 148 | # Create a client certificate |
| 149 | # use client-hostname as CN! |
| 150 | CN="client-$(hostname)" |
| 151 | echo "Creating private key and certificate for client ${CN}..." |
| 152 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null |
| 153 | chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem |
| 154 | |
| 155 | cat > ${TMP} << EOF |
| 156 | cn = ${CN} |
| 157 | tls_www_client |
| 158 | dns_name = ${CN} |
| 159 | expiration_days = 3650 |
| 160 | EOF |
| 161 | |
| 162 | certtool --generate-certificate \ |
| 163 | --outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \ |
| 164 | --load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \ |
| 165 | --load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \ |
| 166 | --load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ |
| 167 | --template ${TMP} &>/dev/null |
| 168 | chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem |
| 169 | |
| 170 | if [ -f ${TMP} ] |
| 171 | then |
| 172 | rm -f ${TMP} |
| 173 | fi |
| 174 | |
| 175 | echo |
| 176 | echo "Here is the documentation on how to encrypt your log traffic:" |
| 177 | echo " http://www.rsyslog.com/doc/rsyslog_tls.html" |
| 178 | |
| 179 | mstartservice rsyslog rsyslogd |
| 180 | |
| 181 | # enable systemd units |
| 182 | mstartunit rsyslog.service rsyslogd |
| 183 | } |
| 184 | |
| 185 | postremove() |
| 186 | { |
| 187 | mstopservice rsyslog rsyslogd |
| 188 | |
| 189 | # disable systemd units |
| 190 | mstopunit rsyslog.service rsyslogd |
| 191 | } |