Annotation of /branches/magellan-next/core/rsyslog/rsyslog-5.8.6-r2.smage2
Parent Directory | Revision Log
Revision 9256 -
(hide annotations)
(download)
Thu Nov 24 00:38:36 2011 UTC (12 years, 7 months ago) by niro
File size: 4473 byte(s)
Thu Nov 24 00:38:36 2011 UTC (12 years, 7 months ago) by niro
File size: 4473 byte(s)
auto added: ver bump to 5.8.6-r2
1 | niro | 9256 | # $Id$ |
2 | |||
3 | PNAME="rsyslog" | ||
4 | PVER="5.8.6" | ||
5 | PBUILD="r2" | ||
6 | |||
7 | PCATEGORIE="app-admin" | ||
8 | |||
9 | DESCRIPTION="An enhanced multi-threaded syslog daemon with a focus on security and reliability." | ||
10 | HOMEPAGE="http://www.rsyslog.com/" | ||
11 | |||
12 | DEPEND=">= app-admin/logrotate-3.8 | ||
13 | >= app-crypt/gnutls-2.12 | ||
14 | >= sys-libs/zlib-1.2.5" | ||
15 | |||
16 | PROVIDE="virtual/syslog" | ||
17 | |||
18 | SRCFILE="${PNAME}-${PVER}.tar.gz" | ||
19 | SRCDIR="${BUILDDIR}/${PNAME}-${PVER}" | ||
20 | |||
21 | sminclude mbuild mtools | ||
22 | |||
23 | SRC_URI=( | ||
24 | http://www.rsyslog.com/files/download/${PNAME}/${SRCFILE} | ||
25 | mirror://${PNAME}/${SRCFILE} | ||
26 | mirror://${PNAME}/rsyslog.conf | ||
27 | mirror://${PNAME}/rsyslog.logrotate | ||
28 | mirror://${PNAME}/rsyslog.confd | ||
29 | mirror://${PNAME}/${PNAME}-5.8.1-systemd.patch | ||
30 | ) | ||
31 | |||
32 | UP2DATE="updatecmd ${HOMEPAGE}/download/ | grep 'stable' | grep 'Download file' | sed 's:.*\:\ rsyslog\ \(.*\)\ (.*:\1:;q'" | ||
33 | |||
34 | src_prepare() | ||
35 | { | ||
36 | munpack ${SRCFILE} || die | ||
37 | cd ${SRCDIR} | ||
38 | |||
39 | # support /etc/conf.d/rsyslog in systemd units | ||
40 | mpatch ${PNAME}-5.8.1-systemd.patch || die | ||
41 | } | ||
42 | |||
43 | src_compile() | ||
44 | { | ||
45 | cd ${SRCDIR} | ||
46 | |||
47 | mconfigure \ | ||
48 | --with-systemdsystemunitdir=/lib/systemd/system \ | ||
49 | --enable-largefile \ | ||
50 | --enable-mail \ | ||
51 | --enable-imfile \ | ||
52 | --enable-imtemplate \ | ||
53 | --enable-zlib \ | ||
54 | --enable-gnutls \ | ||
55 | --enable-inet \ | ||
56 | --disable-gui \ | ||
57 | --disable-rfc3195 \ | ||
58 | --disable-mysql \ | ||
59 | --disable-pgsql \ | ||
60 | --disable-oracle \ | ||
61 | --disable-snmp \ | ||
62 | || die | ||
63 | |||
64 | mmake || die | ||
65 | } | ||
66 | |||
67 | src_install() | ||
68 | { | ||
69 | cd ${SRCDIR} | ||
70 | |||
71 | mmake DESTDIR=${BINDIR} install || die | ||
72 | minstalldocs AUTHORS COPYING ChangeLog NEWS PORTS README* || die | ||
73 | |||
74 | # rsyslog config | ||
75 | minstalletc rsyslog.conf || die | ||
76 | |||
77 | # logrotate config | ||
78 | minstalletc rsyslog.logrotate rsyslog /etc/logrotate.d || die | ||
79 | |||
80 | # conf.d | ||
81 | minstallconf rsyslog.confd rsyslog || die | ||
82 | |||
83 | # needed directories | ||
84 | mkeepdir /var/spool/rsyslog || die | ||
85 | mkeepdir /etc/ssl/rsyslog || die | ||
86 | mkeepdir /etc/rsyslog.d || die | ||
87 | } | ||
88 | |||
89 | postinstall() | ||
90 | { | ||
91 | local CERTDIR | ||
92 | local CN | ||
93 | local TMP=$(mktemp) | ||
94 | |||
95 | # make sure the certificates directory exists | ||
96 | CERTDIR="${MROOT}/etc/ssl/rsyslog" | ||
97 | [ ! -d ${CERTDIR} ] && install -d ${CERTDIR} | ||
98 | echo "Your certificates will be stored in ${CERTDIR}" | ||
99 | |||
100 | # create a default CA if needed | ||
101 | if [ ! -f ${CERTDIR}/rsyslog_ca.cert.pem ] | ||
102 | then | ||
103 | echo "No CA key and certificate found in ${CERTDIR}, creating them for you..." | ||
104 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_ca.privkey.pem &>/dev/null | ||
105 | chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem | ||
106 | |||
107 | cat > ${TMP} << EOF | ||
108 | cn = Portage automated CA | ||
109 | ca | ||
110 | cert_signing_key | ||
111 | expiration_days = 3650 | ||
112 | EOF | ||
113 | |||
114 | certtool --generate-self-signed \ | ||
115 | --load-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ | ||
116 | --outfile ${CERTDIR}/rsyslog_ca.cert.pem \ | ||
117 | --template ${TMP} &>/dev/null | ||
118 | chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem | ||
119 | |||
120 | # Create the server certificate | ||
121 | |||
122 | # use server-hostname as CN! | ||
123 | CN="server-$(hostname)" | ||
124 | echo "Creating private key and certificate for server ${CN}..." | ||
125 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null | ||
126 | chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem | ||
127 | |||
128 | cat > ${TMP} << EOF | ||
129 | cn = ${CN} | ||
130 | tls_www_server | ||
131 | dns_name = ${CN} | ||
132 | expiration_days = 3650 | ||
133 | EOF | ||
134 | |||
135 | certtool --generate-certificate \ | ||
136 | --outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \ | ||
137 | --load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \ | ||
138 | --load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \ | ||
139 | --load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ | ||
140 | --template ${TMP} &>/dev/null | ||
141 | chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem | ||
142 | else | ||
143 | echo "Found existing ${CERTDIR}/rsyslog_ca.cert.pem, skipping CA and SERVER creation." | ||
144 | fi | ||
145 | |||
146 | # Create a client certificate | ||
147 | # use client-hostname as CN! | ||
148 | CN="client-$(hostname)" | ||
149 | echo "Creating private key and certificate for client ${CN}..." | ||
150 | certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null | ||
151 | chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem | ||
152 | |||
153 | cat > ${TMP} << EOF | ||
154 | cn = ${CN} | ||
155 | tls_www_client | ||
156 | dns_name = ${CN} | ||
157 | expiration_days = 3650 | ||
158 | EOF | ||
159 | |||
160 | certtool --generate-certificate \ | ||
161 | --outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \ | ||
162 | --load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \ | ||
163 | --load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \ | ||
164 | --load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \ | ||
165 | --template ${TMP} &>/dev/null | ||
166 | chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem | ||
167 | |||
168 | if [ -f ${TMP} ] | ||
169 | then | ||
170 | rm -f ${TMP} | ||
171 | fi | ||
172 | |||
173 | echo | ||
174 | echo "Here is the documentation on how to encrypt your log traffic:" | ||
175 | echo " http://www.rsyslog.com/doc/rsyslog_tls.html" | ||
176 | |||
177 | # enable systemd units | ||
178 | mstartunit rsyslog.service rsyslogd | ||
179 | } | ||
180 | |||
181 | postremove() | ||
182 | { | ||
183 | # disable systemd units | ||
184 | mstopunit rsyslog.service rsyslogd | ||
185 | } |