Google Git
Sign in
cos / third_party / overlays / chromiumos-overlay / 3bba89ba652d31b8181addf954bf1a0ef083a251 / . / app-admin / rsyslog / rsyslog-8.2102.0.ebuild
blob: 115bcd9f9b167c69c6760a06d936d06ea1190c42 [file] [log] [blame]
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
PYTHON_COMPAT=( python3_{6..9} )
inherit autotools linux-info python-any-r1 systemd
DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
HOMEPAGE="https://www.rsyslog.com/"
if [[ ${PV} == "9999" ]]; then
EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
inherit git-r3
else
KEYWORDS="*"
SRC_URI="
https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )
"
fi
LICENSE="GPL-3 LGPL-3 Apache-2.0"
SLOT="0"
IUSE="clickhouse curl dbi debug doc elasticsearch +gcrypt gnutls imhttp"
IUSE+=" impcap jemalloc kafka kerberos kubernetes libressl mdblookup"
IUSE+=" mongodb mysql normalize omhttp omhttpfs omudpspoof +openssl"
IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp +ssl"
IUSE+=" systemd test usertools +uuid xxhash zeromq"
RESTRICT="!test? ( test )"
REQUIRED_USE="
kubernetes? ( normalize )
ssl? ( || ( gnutls openssl ) )
"
BDEPEND=">=sys-devel/autoconf-archive-2015.02.24
virtual/pkgconfig
elibc_musl? ( sys-libs/queue-standalone )
test? (
jemalloc? ( <sys-libs/libfaketime-0.9.7 )
!jemalloc? ( sys-libs/libfaketime )
${PYTHON_DEPS}
)"
PATCHES=( "${FILESDIR}/001-add-imstdoutsock-plugin.patch" )
RDEPEND="
>=dev-libs/libfastjson-0.99.8:=
>=dev-libs/libestr-0.1.9
>=sys-libs/zlib-1.2.5
chromeos-base/syslog-cat
curl? ( >=net-misc/curl-7.35.0 )
dbi? ( >=dev-db/libdbi-0.8.3 )
elasticsearch? ( >=net-misc/curl-7.35.0 )
gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
imhttp? ( www-servers/civetweb )
impcap? ( net-libs/libpcap )
jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
kerberos? ( virtual/krb5 )
kubernetes? ( >=net-misc/curl-7.35.0 )
mdblookup? ( dev-libs/libmaxminddb:= )
mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= )
mysql? ( dev-db/mysql-connector-c:= )
normalize? (
>=dev-libs/liblognorm-2.0.3:=
)
clickhouse? ( >=net-misc/curl-7.35.0 )
omhttpfs? ( >=net-misc/curl-7.35.0 )
omudpspoof? ( >=net-libs/libnet-1.1.6 )
postgres? ( >=dev-db/postgresql-8.4.20:= )
rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
redis? ( >=dev-libs/hiredis-0.11.0:= )
relp? ( >=dev-libs/librelp-1.2.17:= )
rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
rfc5424hmac? (
!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
libressl? ( dev-libs/libressl:= )
)
snmp? ( >=net-analyzer/net-snmp-5.7.2 )
ssl? (
gnutls? ( >=net-libs/gnutls-2.12.23:0= )
openssl? (
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )
)
)
systemd? ( >=sys-apps/systemd-234 )
uuid? ( sys-apps/util-linux:0= )
xxhash? ( dev-libs/xxhash:= )
zeromq? (
>=net-libs/czmq-4:=[drafts]
)"
DEPEND="${RDEPEND}
test? (
>=dev-libs/liblogging-1.0.1[stdlog]
)"
if [[ ${PV} == "9999" ]]; then
BDEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
BDEPEND+=" >=sys-devel/flex-2.5.39-r1"
BDEPEND+=" >=sys-devel/bison-2.4.3"
BDEPEND+=" >=dev-python/docutils-0.12"
fi
CONFIG_CHECK="~INOTIFY_USER"
WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
pkg_setup() {
use test && python-any-r1_pkg_setup
}
src_unpack() {
if [[ ${PV} == "9999" ]]; then
git-r3_fetch
git-r3_checkout
else
unpack ${P}.tar.gz
fi
cp -rf "${FILESDIR}/001-add-imstdoutsock-plugin" "./${PN}-${PV}/plugins/imstdoutsock"
if use doc; then
if [[ ${PV} == "9999" ]]; then
local _EGIT_BRANCH=
if [[ -n "${EGIT_BRANCH}" ]]; then
# Cannot use rsyslog commits/branches for documentation repository
_EGIT_BRANCH=${EGIT_BRANCH}
unset EGIT_BRANCH
fi
git-r3_fetch "${DOC_REPO_URI}"
git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
if [[ -n "${_EGIT_BRANCH}" ]]; then
# Restore previous EGIT_BRANCH information
EGIT_BRANCH=${_EGIT_BRANCH}
fi
else
cd "${S}" || die "Cannot change dir into '${S}'"
mkdir docs || die "Failed to create docs directory"
cd docs || die "Failed to change dir into '${S}/docs'"
unpack ${PN}-doc-${PV}.tar.gz
fi
fi
}
src_prepare() {
default
# https://github.com/rsyslog/rsyslog/issues/3626
sed -i \
-e '\|^#!/bin/bash$|a exit 77' \
tests/mmkubernetes-cache-expir*.sh \
|| die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh"
eautoreconf
}
src_configure() {
# Maintainer notes:
# * Guardtime support is missing because libgt isn't yet available
# in portage.
# * Hadoop's HDFS file system output module is currently not
# supported in Gentoo because nobody is able to test it
# (JAVA dependency).
# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
# upstream PR 129 and 136) so we need to export HIREDIS_*
# variables because rsyslog's build system depends on pkg-config.
if use redis; then
export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
fi
local myeconfargs=(
--disable-debug-symbols
--disable-generate-man-pages
--without-valgrind-testbench
--disable-liblogging-stdlog
$(use_enable test testbench)
$(use_enable test libfaketime)
$(use_enable test extended-tests)
# Input Plugins without dependencies
--enable-imbatchreport
--enable-imdiag
--enable-imfile
--enable-improg
--enable-impstats
--enable-imptcp
# Message Modificiation Plugins without dependencies
--enable-mmanon
--enable-mmaudit
--enable-mmcount
--enable-mmfields
--enable-mmjsonparse
--enable-mmpstrucdata
--enable-mmrm1stspace
--enable-mmsequence
--enable-mmtaghostname
--enable-mmutf8fix
# Output Modification Plugins without dependencies
--enable-mail
--enable-omprog
--enable-omruleset
--enable-omstdout
--enable-omuxsock
# Misc
--enable-fmhash
$(use_enable xxhash fmhash-xxhash)
--enable-pmaixforwardedfrom
--enable-pmciscoios
--enable-pmcisconames
--enable-pmdb2diag
--enable-pmlastmsg
$(use_enable normalize pmnormalize)
--enable-pmnull
--enable-pmpanngfw
--enable-pmsnare
# DB
$(use_enable dbi libdbi)
$(use_enable mongodb ommongodb)
$(use_enable mysql)
$(use_enable postgres pgsql)
$(use_enable redis omhiredis)
# Debug
$(use_enable debug)
$(use_enable debug diagtools)
$(use_enable debug valgrind)
# Misc
$(use_enable clickhouse)
$(use_enable curl fmhttp)
$(use_enable elasticsearch)
$(use_enable gcrypt libgcrypt)
$(use_enable imhttp)
$(use_enable impcap)
$(use_enable jemalloc)
$(use_enable kafka imkafka)
$(use_enable kafka omkafka)
$(use_enable kerberos gssapi-krb5)
$(use_enable kubernetes mmkubernetes)
$(use_enable normalize mmnormalize)
$(use_enable mdblookup mmdblookup)
$(use_enable omhttp)
$(use_enable omhttpfs)
$(use_enable omudpspoof)
$(use_enable rabbitmq omrabbitmq)
$(use_enable relp)
$(use_enable rfc3195)
$(use_enable rfc5424hmac mmrfc5424addhmac)
$(use_enable snmp)
$(use_enable snmp mmsnmptrapd)
$(use_enable gnutls)
$(use_enable openssl)
$(use_enable systemd imjournal)
$(use_enable systemd omjournal)
$(use_enable usertools)
$(use_enable uuid)
$(use_enable zeromq imczmq)
$(use_enable zeromq omczmq)
--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
)
econf "${myeconfargs[@]}"
}
src_compile() {
default
if use doc && [[ "${PV}" == "9999" ]]; then
einfo "Building documentation ..."
local doc_dir="${S}/docs"
cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
sphinx-build -b html source build || die "Building documentation failed!"
fi
}
src_test() {
local _has_increased_ulimit=
# Sometimes tests aren't executable (i.e. when added via patch)
einfo "Adjusting permissions of test scripts ..."
find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
die "Failed to adjust test scripts permission"
if ulimit -n 3072; then
_has_increased_ulimit="true"
fi
if ! emake --jobs 1 check; then
eerror "Test suite failed! :("
if [[ -z "${_has_increased_ulimit}" ]]; then
eerror "Probably because open file limit couldn't be set to 3072."
fi
if has userpriv ${FEATURES}; then
eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
"before you submit a bug report."
fi
fi
}
src_install() {
local DOCS=(
AUTHORS
ChangeLog
"${FILESDIR}"/README.gentoo
)
use doc && local HTML_DOCS=( "${S}/docs/build/." )
default
newconfd "${FILESDIR}/${PN}.confd-r1" ${PN}
newinitd "${FILESDIR}/${PN}.initd-r1" ${PN}
use systemd && systemd_newunit "${FILESDIR}/${PN}.service" ${PN}.service
keepdir /etc/ssl/${PN}
keepdir /etc/${PN}.d
insinto /etc
newins "${FILESDIR}/${PN}.conf" ${PN}.conf
insinto /etc/rsyslog.d/
newins "${FILESDIR}/50-default-r1.conf" 50-default.conf
insinto /etc/logrotate.d/
newins "${FILESDIR}/${PN}-r1.logrotate" ${PN}
if use mysql; then
insinto /usr/share/${PN}/scripts/mysql
doins plugins/ommysql/createDB.sql
fi
if use postgres; then
insinto /usr/share/${PN}/scripts/pgsql
doins plugins/ompgsql/createDB.sql
fi
find "${ED}" -name '*.la' -delete || die
}
pkg_config() {
if ! use ssl; then
einfo "There is nothing to configure for rsyslog unless you"
einfo "used USE=ssl to build it."
return 0
fi
if ! hash certtool &>/dev/null; then
die "certtool not found! Is net-libs/gnutls[tools] is installed?"
fi
# Make sure the certificates directory exists
local CERTDIR="${EROOT}/etc/ssl/${PN}"
if [[ ! -d "${CERTDIR}" ]]; then
mkdir "${CERTDIR}" || die
fi
einfo "Your certificates will be stored in ${CERTDIR}"
# Create a default CA if needed
if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
certtool --generate-privkey \
--outfile "${CERTDIR}/${PN}_ca.privkey.pem" || die
chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
cat > "${T}/${PF}.$$" <<- _EOF
cn = Portage automated CA
ca
cert_signing_key
expiration_days = 3650
_EOF
certtool --generate-self-signed \
--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
--template "${T}/${PF}.$$" || die
chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
# Create the server certificate
echo
einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
read -r CN
einfo "Creating private key and certificate for server ${CN}..."
certtool --generate-privkey \
--outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die
chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
cat > "${T}/${PF}.$$" <<- _EOF
cn = ${CN}
tls_www_server
dns_name = ${CN}
expiration_days = 3650
_EOF
certtool --generate-certificate \
--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
--template "${T}/${PF}.$$" &>/dev/null
chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
else
einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
fi
# Create a client certificate
echo
einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
read -r CN
einfo "Creating private key and certificate for client ${CN}..."
certtool --generate-privkey \
--outfile "${CERTDIR}/${PN}_${CN}.key.pem" || die
chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
cat > "${T}/${PF}.$$" <<- _EOF
cn = ${CN}
tls_www_client
dns_name = ${CN}
expiration_days = 3650
_EOF
certtool --generate-certificate \
--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
--template "${T}/${PF}.$$" || die
chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
rm -f "${T}/${PF}.$$"
echo
einfo "Here is the documentation on how to encrypt your log traffic:"
einfo " https://www.rsyslog.com/doc/rsyslog_tls.html"
}