From 7ae4e1d32a98b596d483a19ed94a21b560eb595d Mon Sep 17 00:00:00 2001 From: V3n3RiX <venerix@koprulu.sector> Date: Mon, 24 Oct 2022 21:52:37 +0100 Subject: gentoo auto-resync : 24:10:2022 - 21:52:37 --- app-admin/Manifest.gz | Bin 32914 -> 32910 bytes app-admin/rsyslog/Manifest | 3 +- .../files/rsyslog-8.2210.0-5004-hostname.patch | 40 ++ app-admin/rsyslog/rsyslog-8.2210.0-r1.ebuild | 496 +++++++++++++++++++++ app-admin/rsyslog/rsyslog-8.2210.0.ebuild | 494 -------------------- 5 files changed, 538 insertions(+), 495 deletions(-) create mode 100644 app-admin/rsyslog/files/rsyslog-8.2210.0-5004-hostname.patch create mode 100644 app-admin/rsyslog/rsyslog-8.2210.0-r1.ebuild delete mode 100644 app-admin/rsyslog/rsyslog-8.2210.0.ebuild (limited to 'app-admin') diff --git a/app-admin/Manifest.gz b/app-admin/Manifest.gz index f2ac38680ef8..296f50f7897f 100644 Binary files a/app-admin/Manifest.gz and b/app-admin/Manifest.gz differ diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest index 595bedb6ca09..e286f4f6812a 100644 --- a/app-admin/rsyslog/Manifest +++ b/app-admin/rsyslog/Manifest @@ -1,5 +1,6 @@ AUX 50-default-r1.conf 1952 BLAKE2B dca027ea6073384a2ec5867722028f70599c51fd8c46672ce647e84a7de4b3a0dc5bfaf43f7317eddb902c4987266ae67f88b43375a51e82a3ffefbb61c4d099 SHA512 1bc4d8059d83de57ff44d34265b0c3881bab7889f51c044728ba462c9105c89425187f95b6b01d6d6d103abde22a9dff063e5d6b90027ed87e9f851f9b1ad5b3 AUX README.gentoo 1126 BLAKE2B b7e3881605c2bacda7f415b3f3195e1ef405a8e9fc7fd627fd35b0ab90966cbb29c9a85fcf2df6092062c5af353d44a02d3451e3caa072f4fa44d681702e9807 SHA512 46fdf3350e2005d3ef588d50dfc6d474a1b5d3010329b656879a43cbbd7be0cd91944b88d3838f45f69c830fc28c42e7fac2cd52e0a4b24bb6780562d59ae384 +AUX rsyslog-8.2210.0-5004-hostname.patch 1137 BLAKE2B dcc87e205a0ac1cbb40d4b7b4e489468e439974fe50273b3a49282bacca7849073845c2ca3949c8a979972352b79230c7a994ed9968ccf2a3353df2f425706a6 SHA512 51ece6d4860eff8795b1e8b9418e0f3b39358b8a094b88161a747dc75103a2c81d7c149d82e2eeda617fd3e582ec203b73786f7d054b1083d10f5e2bf7b3f93c AUX rsyslog-r1.logrotate 994 BLAKE2B 36dee881c2cb79ce69678c7cb12c71fb70d970e5e10728a8d2b8acf2c08f613cea9c2a74d78ed7b75333147a6b1a553fe281956990e044a9db651c7486690dee SHA512 5ca68b4eec5bebaed48edb69c85f8338273db847ab1cc6999ce7cfe06644dc3854c3040e0ebd8a4900c213b267b2a081e7901ceb4e58f9dfdc7dc036aff02b6c AUX rsyslog.conf 1562 BLAKE2B 3abbc4c13c8c1d3817ac9a7c7f048aa1a8d7f279bf638dc91d15a785ad42c1b34a61de0be33b4ffa218a655849aeceff3e8686384e1d77472417235ce453b546 SHA512 1720174fab020e2de590f3d6bbb03784aca1928fe05f7e75e02fb4597cb8b2ee755e6deb8e8f989060511044ae483f791f496f24e0eecaf27eb9e0b5e20a2c7a AUX rsyslog.confd-r1 1145 BLAKE2B 06e63c7500238dd31abddd105269714387b990a3530ad11443a8502ad68221c3f8e8b0db02ba3ad2b7010483364d36a5b526a461d3465972b74d2cd36ff08747 SHA512 a7f8621bdd490596b09f9a7583dd0c992006c55335b2e6e687bef4141bb18cd4bb43e23f590a138e9c8d5a3cbac0cc46c3b01c7d3ff9f9dd3c53418b13b0dd4a @@ -19,5 +20,5 @@ EBUILD rsyslog-8.2102.0-r1.ebuild 12864 BLAKE2B cdbbbe6c4b582c5d899318ebffc5a3eb EBUILD rsyslog-8.2112.0-r1.ebuild 12918 BLAKE2B a6b90c61486be47ed3b22a9bb5c7cc8b7837f56db21d88353403c50ef427fa4cf364a964db74d0a07fd15f4420cd87441a4d51edec4ff19dfbce7ef7d4c787f1 SHA512 a9b6313794a45610b62a0ff700c89db057c9c825445a124ab7b10826e379333fa236fa9376f4c4c798519f163ced12c9d753a63f48c1840e1d705d218bbb329f EBUILD rsyslog-8.2206.0-r1.ebuild 12965 BLAKE2B f57c348fd034c19ab6f68da85f881c14a1cdbbd06c89f7f0cedcf72e558dafa591acd8b9e6a1739bc0482697148f51fbaf5c10dadb8b75e9d50ca1cf794ca378 SHA512 47784827bfec562177f1673d8104d0820aef01153e5623aa5e4e96d1533ff30143b442b7613cea48799d4ec0da34fde913f47a204ff3c35116d36b2adb434af3 EBUILD rsyslog-8.2208.0-r1.ebuild 13071 BLAKE2B aed0478ec7dd4b10ee8b5b9aad97eace6dcf00c5eb4e3c5a9fd5c6c6218c711ac7a43a6634fdc3f56fe42b645cb4554d7315053c0956e1990f68eccf97d03779 SHA512 d1f8052e38ef991de236af15d070587e643e359bffc16bc332831b55acbab55f358d3a5ac63dbbb89e654c717562f771025a22482b4d3163713d820cef74a605 -EBUILD rsyslog-8.2210.0.ebuild 13071 BLAKE2B aed0478ec7dd4b10ee8b5b9aad97eace6dcf00c5eb4e3c5a9fd5c6c6218c711ac7a43a6634fdc3f56fe42b645cb4554d7315053c0956e1990f68eccf97d03779 SHA512 d1f8052e38ef991de236af15d070587e643e359bffc16bc332831b55acbab55f358d3a5ac63dbbb89e654c717562f771025a22482b4d3163713d820cef74a605 +EBUILD rsyslog-8.2210.0-r1.ebuild 13123 BLAKE2B 7a1df2f8bfbe1c2c5be66c1a444ea83f024f3e39353506eed28eb7c31c6feed750bf435e326cdcf8fd693ff199a376c78ddf1a2b7f2770080669ec383906c52f SHA512 f3c3ba6a8420706e66cca3f8285f48ba49923b728f74211bf12d8c15a5fa7441829adf48615bc1416c5d71d3130fe0867445e8da85a7332b26c2136cb77815c9 MISC metadata.xml 4688 BLAKE2B 61d9ef924def00bed85b9b164e95ae8f512e51a0f0090b61a5737ee93b21db69db642867ddb6076fda757ae10748b9172de42754839d01859529aec70760d04f SHA512 01bedda2baeefccffc765550ab2f8aa29235e7a3a3fc8b765beb205518785da9fb5905037ad9e8e6ba9385d2f009d260260e3c207bbf1eea5a5ce4834a004365 diff --git a/app-admin/rsyslog/files/rsyslog-8.2210.0-5004-hostname.patch b/app-admin/rsyslog/files/rsyslog-8.2210.0-5004-hostname.patch new file mode 100644 index 000000000000..4f6c6cf944b6 --- /dev/null +++ b/app-admin/rsyslog/files/rsyslog-8.2210.0-5004-hostname.patch @@ -0,0 +1,40 @@ +From e2beca531157a4c0a27bcdda689bc53373e305b3 Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards <rgerhards@adiscon.com> +Date: Thu, 20 Oct 2022 18:08:11 +0200 +Subject: [PATCH] core bugfix: local hostname invalid if no global() config + object given + +The local hostname is invalidly set to "[localhost]" on rsyslog startup +if no global() config object is present in rsyslog.conf. Sending a HUP +corrects the hostname. + +This is a regression from ba00a9f25293f + +closes https://github.com/rsyslog/rsyslog/issues/4975, +closes https://github.com/rsyslog/rsyslog/issues/4825 +--- + runtime/glbl.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/runtime/glbl.c b/runtime/glbl.c +index 3a9350b903..ed9a307804 100644 +--- a/runtime/glbl.c ++++ b/runtime/glbl.c +@@ -1396,6 +1396,7 @@ glblDoneLoadCnf(void) + stddbg = -1; + } + ++finalize_it: + /* we have now read the config. We need to query the local host name now + * as it was set by the config. + * +@@ -1404,8 +1405,7 @@ glblDoneLoadCnf(void) + * are taken from that queue, the hostname will be adapted. + */ + queryLocalHostname(); +- +-finalize_it: RETiRet; ++ RETiRet; + } + + diff --git a/app-admin/rsyslog/rsyslog-8.2210.0-r1.ebuild b/app-admin/rsyslog/rsyslog-8.2210.0-r1.ebuild new file mode 100644 index 000000000000..124a6ec61a3d --- /dev/null +++ b/app-admin/rsyslog/rsyslog-8.2210.0-r1.ebuild @@ -0,0 +1,496 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{8..10} ) + +inherit autotools linux-info python-any-r1 systemd + +DESCRIPTION="An enhanced multi-threaded syslogd with database support and more" +HOMEPAGE="https://www.rsyslog.com/" + +if [[ ${PV} == "9999" ]]; then + EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git" + + DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git" + + inherit git-r3 +else + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc64 ~riscv ~sparc ~x86" + + SRC_URI=" + https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz + doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz ) + " +fi + +LICENSE="GPL-3 LGPL-3 Apache-2.0" +SLOT="0" + +IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp" +IUSE+=" impcap jemalloc kafka kerberos kubernetes mdblookup" +IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl" +IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl" +IUSE+=" systemd test usertools +uuid xxhash zeromq" + +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + kubernetes? ( normalize ) + ssl? ( || ( gnutls openssl ) ) +" + +BDEPEND=">=sys-devel/autoconf-archive-2015.02.24 + sys-apps/lsb-release + virtual/pkgconfig + test? ( + jemalloc? ( <sys-libs/libfaketime-0.9.7 ) + !jemalloc? ( sys-libs/libfaketime ) + ${PYTHON_DEPS} + )" + +RDEPEND=" + >=dev-libs/libfastjson-0.99.8:= + >=dev-libs/libestr-0.1.9 + >=sys-libs/zlib-1.2.5 + curl? ( >=net-misc/curl-7.35.0 ) + dbi? ( >=dev-db/libdbi-0.8.3 ) + elasticsearch? ( >=net-misc/curl-7.35.0 ) + gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= ) + imhttp? ( + dev-libs/apr-util + www-servers/civetweb + virtual/libcrypt:= + ) + impcap? ( net-libs/libpcap ) + jemalloc? ( >=dev-libs/jemalloc-3.3.1:= ) + kafka? ( >=dev-libs/librdkafka-0.9.0.99:= ) + kerberos? ( virtual/krb5 ) + kubernetes? ( >=net-misc/curl-7.35.0 ) + mdblookup? ( dev-libs/libmaxminddb:= ) + mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= ) + mysql? ( dev-db/mysql-connector-c:= ) + normalize? ( + >=dev-libs/liblognorm-2.0.3:= + ) + clickhouse? ( >=net-misc/curl-7.35.0 ) + omhttpfs? ( >=net-misc/curl-7.35.0 ) + omudpspoof? ( >=net-libs/libnet-1.1.6 ) + postgres? ( >=dev-db/postgresql-8.4.20:= ) + rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= ) + redis? ( + >=dev-libs/hiredis-0.11.0:= + dev-libs/libevent[threads] + ) + relp? ( >=dev-libs/librelp-1.2.17:= ) + rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] ) + rfc5424hmac? ( + >=dev-libs/openssl-0.9.8y:0= + ) + snmp? ( >=net-analyzer/net-snmp-5.7.2 ) + ssl? ( + gnutls? ( >=net-libs/gnutls-2.12.23:0= ) + openssl? ( + dev-libs/openssl:0= + ) + ) + systemd? ( >=sys-apps/systemd-234 ) + uuid? ( sys-apps/util-linux:0= ) + xxhash? ( dev-libs/xxhash:= ) + zeromq? ( + >=net-libs/czmq-4:=[drafts] + )" + +DEPEND=" + ${RDEPEND} + elibc_musl? ( sys-libs/queue-standalone ) +" + +if [[ ${PV} == "9999" ]]; then + BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )" + BDEPEND+=" >=sys-devel/flex-2.5.39-r1" + BDEPEND+=" >=sys-devel/bison-2.4.3" + BDEPEND+=" >=dev-python/docutils-0.12" +fi + +PATCHES=( "${FILESDIR}"/${P}-5004-hostname.patch ) + +CONFIG_CHECK="~INOTIFY_USER" +WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!" + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_unpack() { + if [[ ${PV} == "9999" ]]; then + git-r3_fetch + git-r3_checkout + else + unpack ${P}.tar.gz + fi + + if use doc; then + if [[ ${PV} == "9999" ]]; then + local _EGIT_BRANCH= + if [[ -n "${EGIT_BRANCH}" ]]; then + # Cannot use rsyslog commits/branches for documentation repository + _EGIT_BRANCH=${EGIT_BRANCH} + unset EGIT_BRANCH + fi + + git-r3_fetch "${DOC_REPO_URI}" + git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs + + if [[ -n "${_EGIT_BRANCH}" ]]; then + # Restore previous EGIT_BRANCH information + EGIT_BRANCH=${_EGIT_BRANCH} + fi + else + cd "${S}" || die "Cannot change dir into '${S}'" + mkdir docs || die "Failed to create docs directory" + cd docs || die "Failed to change dir into '${S}/docs'" + unpack ${PN}-doc-${PV}.tar.gz + fi + fi +} + +src_prepare() { + default + + # https://github.com/rsyslog/rsyslog/issues/3626 + sed -i \ + -e '\|^#!/bin/bash$|a exit 77' \ + tests/mmkubernetes-cache-expir*.sh \ + || die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh" + + eautoreconf +} + +src_configure() { + # Maintainer notes: + # * Guardtime support is missing because libgt isn't yet available + # in portage. + # * Hadoop's HDFS file system output module is currently not + # supported in Gentoo because nobody is able to test it + # (JAVA dependency). + # * dev-libs/hiredis doesn't provide pkg-config (see #504614, + # upstream PR 129 and 136) so we need to export HIREDIS_* + # variables because rsyslog's build system depends on pkg-config. + + if use redis; then + export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis" + export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include" + fi + + local myeconfargs=( + --disable-debug-symbols + --disable-generate-man-pages + --without-valgrind-testbench + --disable-liblogging-stdlog + --disable-imfile-tests # Some imfile tests fail (noticed in version 8.2208.0) + $(use_enable test testbench) + $(use_enable test libfaketime) + $(use_enable test extended-tests) + # Input Plugins without dependencies + --enable-imbatchreport + --enable-imdiag + --enable-imdocker + --enable-imfile + --enable-improg + --enable-impstats + --enable-imptcp + # Message Modificiation Plugins without dependencies + --enable-mmanon + --enable-mmaudit + --enable-mmcount + --enable-mmfields + --enable-mmjsonparse + --enable-mmpstrucdata + --enable-mmrm1stspace + --enable-mmsequence + --enable-mmtaghostname + --enable-mmutf8fix + # Output Modification Plugins without dependencies + --enable-mail + --enable-omprog + --enable-omruleset + --enable-omstdout + --enable-omuxsock + # Misc + --enable-fmhash + --enable-fmunflatten + $(use_enable xxhash fmhash-xxhash) + --enable-pmaixforwardedfrom + --enable-pmciscoios + --enable-pmcisconames + --enable-pmdb2diag + --enable-pmlastmsg + $(use_enable normalize pmnormalize) + --enable-pmnull + --enable-pmpanngfw + --enable-pmsnare + # DB + $(use_enable dbi libdbi) + $(use_enable mongodb ommongodb) + $(use_enable mysql) + $(use_enable postgres pgsql) + $(use_enable redis imhiredis) + $(use_enable redis omhiredis) + # Debug + $(use_enable debug) + $(use_enable debug diagtools) + $(use_enable debug valgrind) + # Misc + $(use_enable clickhouse) + $(use_enable curl fmhttp) + $(use_enable elasticsearch) + $(use_enable gcrypt libgcrypt) + $(use_enable imhttp) + $(use_enable impcap) + $(use_enable jemalloc) + $(use_enable kafka imkafka) + $(use_enable kafka omkafka) + $(use_enable kerberos gssapi-krb5) + $(use_enable kubernetes mmkubernetes) + $(use_enable normalize mmnormalize) + $(use_enable mdblookup mmdblookup) + $(use_enable omhttp) + $(use_enable omhttpfs) + $(use_enable omudpspoof) + $(use_enable rabbitmq omrabbitmq) + $(use_enable relp) + $(use_enable rfc3195) + $(use_enable rfc5424hmac mmrfc5424addhmac) + $(use_enable snmp) + $(use_enable snmp mmsnmptrapd) + $(use_enable gnutls) + $(use_enable openssl) + $(use_enable systemd imjournal) + $(use_enable systemd omjournal) + $(use_enable usertools) + $(use_enable uuid) + $(use_enable zeromq imczmq) + $(use_enable zeromq omczmq) + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" + ) + + econf "${myeconfargs[@]}" +} + +src_compile() { + default + + if use doc && [[ "${PV}" == "9999" ]]; then + einfo "Building documentation ..." + local doc_dir="${S}/docs" + cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!" + sphinx-build -b html source build || die "Building documentation failed!" + fi +} + +src_test() { + local _has_increased_ulimit= + + # Sometimes tests aren't executable (i.e. when added via patch) + einfo "Adjusting permissions of test scripts ..." + find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \ + die "Failed to adjust test scripts permission" + + if ulimit -n 3072; then + _has_increased_ulimit="true" + fi + + if ! emake --jobs 1 check; then + eerror "Test suite failed! :(" + + if [[ -z "${_has_increased_ulimit}" ]]; then + eerror "Probably because open file limit couldn't be set to 3072." + fi + + if has userpriv ${FEATURES}; then + eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \ + "before you submit a bug report." + fi + + fi +} + +src_install() { + local DOCS=( + AUTHORS + ChangeLog + "${FILESDIR}"/README.gentoo + ) + + use doc && local HTML_DOCS=( "${S}/docs/build/." ) + + default + + newconfd "${FILESDIR}/${PN}.confd-r1" ${PN} + newinitd "${FILESDIR}/${PN}.initd-r1" ${PN} + + systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service + + keepdir /var/empty/dev + keepdir /var/spool/${PN} + keepdir /etc/ssl/${PN} + keepdir /etc/${PN}.d + + insinto /etc + newins "${FILESDIR}/${PN}.conf" ${PN}.conf + + insinto /etc/rsyslog.d/ + newins "${FILESDIR}/50-default-r1.conf" 50-default.conf + + insinto /etc/logrotate.d/ + newins "${FILESDIR}/${PN}-r1.logrotate" ${PN} + + if use mysql; then + insinto /usr/share/${PN}/scripts/mysql + doins plugins/ommysql/createDB.sql + fi + + if use postgres; then + insinto /usr/share/${PN}/scripts/pgsql + doins plugins/ompgsql/createDB.sql + fi + + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + local advertise_readme=0 + + if [[ -z "${REPLACING_VERSIONS}" ]]; then + # This is a new installation + + advertise_readme=1 + + if use mysql || use postgres; then + echo + elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:" + elog " /usr/share/doc/${PF}/scripts" + fi + + if use ssl; then + echo + elog "To create a default CA and certificates for your server and clients, run:" + elog " emerge --config =${PF}" + elog "on your logging server. You can run it several times," + elog "once for each logging client. The client certificates will be signed" + elog "using the CA certificate generated during the first run." + fi + fi + + if [[ ${advertise_readme} -gt 0 ]]; then + # We need to show the README file location + + echo "" + elog "Please read" + elog "" + elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*" + elog "" + elog "for more details." + fi +} + +pkg_config() { + if ! use ssl; then + einfo "There is nothing to configure for rsyslog unless you" + einfo "used USE=ssl to build it." + return 0 + fi + + if ! hash certtool &>/dev/null; then + die "certtool not found! Is net-libs/gnutls[tools] is installed?" + fi + + # Make sure the certificates directory exists + local CERTDIR="${EROOT}/etc/ssl/${PN}" + if [[ ! -d "${CERTDIR}" ]]; then + mkdir "${CERTDIR}" || die + fi + einfo "Your certificates will be stored in ${CERTDIR}" + + # Create a default CA if needed + if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then + einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..." + certtool --generate-privkey \ + --outfile "${CERTDIR}/${PN}_ca.privkey.pem" || die + chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" + + cat > "${T}/${PF}.$$" <<- _EOF + cn = Portage automated CA + ca + cert_signing_key + expiration_days = 3650 + _EOF + + certtool --generate-self-signed \ + --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ + --outfile "${CERTDIR}/${PN}_ca.cert.pem" \ + --template "${T}/${PF}.$$" || die + chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" + + # Create the server certificate + echo + einfon "Please type the Common Name of the SERVER you wish to create a certificate for: " + read -r CN + + einfo "Creating private key and certificate for server ${CN}..." + certtool --generate-privkey \ + --outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die + chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" + + cat > "${T}/${PF}.$$" <<- _EOF + cn = ${CN} + tls_www_server + dns_name = ${CN} + expiration_days = 3650 + _EOF + + certtool --generate-certificate \ + --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ + --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ + --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ + --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ + --template "${T}/${PF}.$$" &>/dev/null + chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" + + else + einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation." + fi + + # Create a client certificate + echo + einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: " + read -r CN + + einfo "Creating private key and certificate for client ${CN}..." + certtool --generate-privkey \ + --outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die + chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" + + cat > "${T}/${PF}.$$" <<- _EOF + cn = ${CN} + tls_www_client + dns_name = ${CN} + expiration_days = 3650 + _EOF + + certtool --generate-certificate \ + --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ + --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ + --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ + --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ + --template "${T}/${PF}.$$" || die + chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" + + rm -f "${T}/${PF}.$$" + + echo + einfo "Here is the documentation on how to encrypt your log traffic:" + einfo " https://www.rsyslog.com/doc/rsyslog_tls.html" +} diff --git a/app-admin/rsyslog/rsyslog-8.2210.0.ebuild b/app-admin/rsyslog/rsyslog-8.2210.0.ebuild deleted file mode 100644 index 87f42ed5e63c..000000000000 --- a/app-admin/rsyslog/rsyslog-8.2210.0.ebuild +++ /dev/null @@ -1,494 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PYTHON_COMPAT=( python3_{8..10} ) - -inherit autotools linux-info python-any-r1 systemd - -DESCRIPTION="An enhanced multi-threaded syslogd with database support and more" -HOMEPAGE="https://www.rsyslog.com/" - -if [[ ${PV} == "9999" ]]; then - EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git" - - DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git" - - inherit git-r3 -else - KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc64 ~riscv ~sparc ~x86" - - SRC_URI=" - https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz - doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz ) - " -fi - -LICENSE="GPL-3 LGPL-3 Apache-2.0" -SLOT="0" - -IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp" -IUSE+=" impcap jemalloc kafka kerberos kubernetes mdblookup" -IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl" -IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl" -IUSE+=" systemd test usertools +uuid xxhash zeromq" - -RESTRICT="!test? ( test )" - -REQUIRED_USE=" - kubernetes? ( normalize ) - ssl? ( || ( gnutls openssl ) ) -" - -BDEPEND=">=sys-devel/autoconf-archive-2015.02.24 - sys-apps/lsb-release - virtual/pkgconfig - test? ( - jemalloc? ( <sys-libs/libfaketime-0.9.7 ) - !jemalloc? ( sys-libs/libfaketime ) - ${PYTHON_DEPS} - )" - -RDEPEND=" - >=dev-libs/libfastjson-0.99.8:= - >=dev-libs/libestr-0.1.9 - >=sys-libs/zlib-1.2.5 - curl? ( >=net-misc/curl-7.35.0 ) - dbi? ( >=dev-db/libdbi-0.8.3 ) - elasticsearch? ( >=net-misc/curl-7.35.0 ) - gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= ) - imhttp? ( - dev-libs/apr-util - www-servers/civetweb - virtual/libcrypt:= - ) - impcap? ( net-libs/libpcap ) - jemalloc? ( >=dev-libs/jemalloc-3.3.1:= ) - kafka? ( >=dev-libs/librdkafka-0.9.0.99:= ) - kerberos? ( virtual/krb5 ) - kubernetes? ( >=net-misc/curl-7.35.0 ) - mdblookup? ( dev-libs/libmaxminddb:= ) - mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= ) - mysql? ( dev-db/mysql-connector-c:= ) - normalize? ( - >=dev-libs/liblognorm-2.0.3:= - ) - clickhouse? ( >=net-misc/curl-7.35.0 ) - omhttpfs? ( >=net-misc/curl-7.35.0 ) - omudpspoof? ( >=net-libs/libnet-1.1.6 ) - postgres? ( >=dev-db/postgresql-8.4.20:= ) - rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= ) - redis? ( - >=dev-libs/hiredis-0.11.0:= - dev-libs/libevent[threads] - ) - relp? ( >=dev-libs/librelp-1.2.17:= ) - rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] ) - rfc5424hmac? ( - >=dev-libs/openssl-0.9.8y:0= - ) - snmp? ( >=net-analyzer/net-snmp-5.7.2 ) - ssl? ( - gnutls? ( >=net-libs/gnutls-2.12.23:0= ) - openssl? ( - dev-libs/openssl:0= - ) - ) - systemd? ( >=sys-apps/systemd-234 ) - uuid? ( sys-apps/util-linux:0= ) - xxhash? ( dev-libs/xxhash:= ) - zeromq? ( - >=net-libs/czmq-4:=[drafts] - )" - -DEPEND=" - ${RDEPEND} - elibc_musl? ( sys-libs/queue-standalone ) -" - -if [[ ${PV} == "9999" ]]; then - BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )" - BDEPEND+=" >=sys-devel/flex-2.5.39-r1" - BDEPEND+=" >=sys-devel/bison-2.4.3" - BDEPEND+=" >=dev-python/docutils-0.12" -fi - -CONFIG_CHECK="~INOTIFY_USER" -WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!" - -pkg_setup() { - use test && python-any-r1_pkg_setup -} - -src_unpack() { - if [[ ${PV} == "9999" ]]; then - git-r3_fetch - git-r3_checkout - else - unpack ${P}.tar.gz - fi - - if use doc; then - if [[ ${PV} == "9999" ]]; then - local _EGIT_BRANCH= - if [[ -n "${EGIT_BRANCH}" ]]; then - # Cannot use rsyslog commits/branches for documentation repository - _EGIT_BRANCH=${EGIT_BRANCH} - unset EGIT_BRANCH - fi - - git-r3_fetch "${DOC_REPO_URI}" - git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs - - if [[ -n "${_EGIT_BRANCH}" ]]; then - # Restore previous EGIT_BRANCH information - EGIT_BRANCH=${_EGIT_BRANCH} - fi - else - cd "${S}" || die "Cannot change dir into '${S}'" - mkdir docs || die "Failed to create docs directory" - cd docs || die "Failed to change dir into '${S}/docs'" - unpack ${PN}-doc-${PV}.tar.gz - fi - fi -} - -src_prepare() { - default - - # https://github.com/rsyslog/rsyslog/issues/3626 - sed -i \ - -e '\|^#!/bin/bash$|a exit 77' \ - tests/mmkubernetes-cache-expir*.sh \ - || die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh" - - eautoreconf -} - -src_configure() { - # Maintainer notes: - # * Guardtime support is missing because libgt isn't yet available - # in portage. - # * Hadoop's HDFS file system output module is currently not - # supported in Gentoo because nobody is able to test it - # (JAVA dependency). - # * dev-libs/hiredis doesn't provide pkg-config (see #504614, - # upstream PR 129 and 136) so we need to export HIREDIS_* - # variables because rsyslog's build system depends on pkg-config. - - if use redis; then - export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis" - export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include" - fi - - local myeconfargs=( - --disable-debug-symbols - --disable-generate-man-pages - --without-valgrind-testbench - --disable-liblogging-stdlog - --disable-imfile-tests # Some imfile tests fail (noticed in version 8.2208.0) - $(use_enable test testbench) - $(use_enable test libfaketime) - $(use_enable test extended-tests) - # Input Plugins without dependencies - --enable-imbatchreport - --enable-imdiag - --enable-imdocker - --enable-imfile - --enable-improg - --enable-impstats - --enable-imptcp - # Message Modificiation Plugins without dependencies - --enable-mmanon - --enable-mmaudit - --enable-mmcount - --enable-mmfields - --enable-mmjsonparse - --enable-mmpstrucdata - --enable-mmrm1stspace - --enable-mmsequence - --enable-mmtaghostname - --enable-mmutf8fix - # Output Modification Plugins without dependencies - --enable-mail - --enable-omprog - --enable-omruleset - --enable-omstdout - --enable-omuxsock - # Misc - --enable-fmhash - --enable-fmunflatten - $(use_enable xxhash fmhash-xxhash) - --enable-pmaixforwardedfrom - --enable-pmciscoios - --enable-pmcisconames - --enable-pmdb2diag - --enable-pmlastmsg - $(use_enable normalize pmnormalize) - --enable-pmnull - --enable-pmpanngfw - --enable-pmsnare - # DB - $(use_enable dbi libdbi) - $(use_enable mongodb ommongodb) - $(use_enable mysql) - $(use_enable postgres pgsql) - $(use_enable redis imhiredis) - $(use_enable redis omhiredis) - # Debug - $(use_enable debug) - $(use_enable debug diagtools) - $(use_enable debug valgrind) - # Misc - $(use_enable clickhouse) - $(use_enable curl fmhttp) - $(use_enable elasticsearch) - $(use_enable gcrypt libgcrypt) - $(use_enable imhttp) - $(use_enable impcap) - $(use_enable jemalloc) - $(use_enable kafka imkafka) - $(use_enable kafka omkafka) - $(use_enable kerberos gssapi-krb5) - $(use_enable kubernetes mmkubernetes) - $(use_enable normalize mmnormalize) - $(use_enable mdblookup mmdblookup) - $(use_enable omhttp) - $(use_enable omhttpfs) - $(use_enable omudpspoof) - $(use_enable rabbitmq omrabbitmq) - $(use_enable relp) - $(use_enable rfc3195) - $(use_enable rfc5424hmac mmrfc5424addhmac) - $(use_enable snmp) - $(use_enable snmp mmsnmptrapd) - $(use_enable gnutls) - $(use_enable openssl) - $(use_enable systemd imjournal) - $(use_enable systemd omjournal) - $(use_enable usertools) - $(use_enable uuid) - $(use_enable zeromq imczmq) - $(use_enable zeromq omczmq) - --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" - ) - - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use doc && [[ "${PV}" == "9999" ]]; then - einfo "Building documentation ..." - local doc_dir="${S}/docs" - cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!" - sphinx-build -b html source build || die "Building documentation failed!" - fi -} - -src_test() { - local _has_increased_ulimit= - - # Sometimes tests aren't executable (i.e. when added via patch) - einfo "Adjusting permissions of test scripts ..." - find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \ - die "Failed to adjust test scripts permission" - - if ulimit -n 3072; then - _has_increased_ulimit="true" - fi - - if ! emake --jobs 1 check; then - eerror "Test suite failed! :(" - - if [[ -z "${_has_increased_ulimit}" ]]; then - eerror "Probably because open file limit couldn't be set to 3072." - fi - - if has userpriv ${FEATURES}; then - eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \ - "before you submit a bug report." - fi - - fi -} - -src_install() { - local DOCS=( - AUTHORS - ChangeLog - "${FILESDIR}"/README.gentoo - ) - - use doc && local HTML_DOCS=( "${S}/docs/build/." ) - - default - - newconfd "${FILESDIR}/${PN}.confd-r1" ${PN} - newinitd "${FILESDIR}/${PN}.initd-r1" ${PN} - - systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service - - keepdir /var/empty/dev - keepdir /var/spool/${PN} - keepdir /etc/ssl/${PN} - keepdir /etc/${PN}.d - - insinto /etc - newins "${FILESDIR}/${PN}.conf" ${PN}.conf - - insinto /etc/rsyslog.d/ - newins "${FILESDIR}/50-default-r1.conf" 50-default.conf - - insinto /etc/logrotate.d/ - newins "${FILESDIR}/${PN}-r1.logrotate" ${PN} - - if use mysql; then - insinto /usr/share/${PN}/scripts/mysql - doins plugins/ommysql/createDB.sql - fi - - if use postgres; then - insinto /usr/share/${PN}/scripts/pgsql - doins plugins/ompgsql/createDB.sql - fi - - find "${ED}" -name '*.la' -delete || die -} - -pkg_postinst() { - local advertise_readme=0 - - if [[ -z "${REPLACING_VERSIONS}" ]]; then - # This is a new installation - - advertise_readme=1 - - if use mysql || use postgres; then - echo - elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:" - elog " /usr/share/doc/${PF}/scripts" - fi - - if use ssl; then - echo - elog "To create a default CA and certificates for your server and clients, run:" - elog " emerge --config =${PF}" - elog "on your logging server. You can run it several times," - elog "once for each logging client. The client certificates will be signed" - elog "using the CA certificate generated during the first run." - fi - fi - - if [[ ${advertise_readme} -gt 0 ]]; then - # We need to show the README file location - - echo "" - elog "Please read" - elog "" - elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*" - elog "" - elog "for more details." - fi -} - -pkg_config() { - if ! use ssl; then - einfo "There is nothing to configure for rsyslog unless you" - einfo "used USE=ssl to build it." - return 0 - fi - - if ! hash certtool &>/dev/null; then - die "certtool not found! Is net-libs/gnutls[tools] is installed?" - fi - - # Make sure the certificates directory exists - local CERTDIR="${EROOT}/etc/ssl/${PN}" - if [[ ! -d "${CERTDIR}" ]]; then - mkdir "${CERTDIR}" || die - fi - einfo "Your certificates will be stored in ${CERTDIR}" - - # Create a default CA if needed - if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then - einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..." - certtool --generate-privkey \ - --outfile "${CERTDIR}/${PN}_ca.privkey.pem" || die - chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" - - cat > "${T}/${PF}.$$" <<- _EOF - cn = Portage automated CA - ca - cert_signing_key - expiration_days = 3650 - _EOF - - certtool --generate-self-signed \ - --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ - --outfile "${CERTDIR}/${PN}_ca.cert.pem" \ - --template "${T}/${PF}.$$" || die - chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem" - - # Create the server certificate - echo - einfon "Please type the Common Name of the SERVER you wish to create a certificate for: " - read -r CN - - einfo "Creating private key and certificate for server ${CN}..." - certtool --generate-privkey \ - --outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die - chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" - - cat > "${T}/${PF}.$$" <<- _EOF - cn = ${CN} - tls_www_server - dns_name = ${CN} - expiration_days = 3650 - _EOF - - certtool --generate-certificate \ - --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ - --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ - --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ - --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ - --template "${T}/${PF}.$$" &>/dev/null - chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" - - else - einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation." - fi - - # Create a client certificate - echo - einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: " - read -r CN - - einfo "Creating private key and certificate for client ${CN}..." - certtool --generate-privkey \ - --outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die - chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem" - - cat > "${T}/${PF}.$$" <<- _EOF - cn = ${CN} - tls_www_client - dns_name = ${CN} - expiration_days = 3650 - _EOF - - certtool --generate-certificate \ - --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \ - --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \ - --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \ - --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \ - --template "${T}/${PF}.$$" || die - chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem" - - rm -f "${T}/${PF}.$$" - - echo - einfo "Here is the documentation on how to encrypt your log traffic:" - einfo " https://www.rsyslog.com/doc/rsyslog_tls.html" -} -- cgit v1.2.3