[portage-stable] add rsyslog 5.8.11

Still masked for now, so not used.

BUG=chromium-os:30525
TEST=None

Change-Id: I2c49626a175118a23d38cbaa113e9431fae93a1f
Signed-off-by: Elly Jones <ellyjones@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/32178

sdk_container/src/third_party/portage-stable/app-admin/rsyslog/Manifest

@@ -1 +1,2 @@
 DIST rsyslog-3.22.1.tar.gz 1358598 RMD160 979dc146d40a5373ec7d210c424e925b5e091c15 SHA1 d5c8828db3edef35e48a1eec418e800fafc6d6a3 SHA256 5d3bb28dc87b3abb7053ccae8316f032ddd0486681683b116a25f66fc0942abb
+DIST rsyslog-5.8.11.tar.gz 2393222 RMD160 be13514e02f121ae7b78e0177063ce8cd8a9d859 SHA1 eabba672b9cace696207028da703cf073956d505 SHA256 f75b39cf22506f7a28d986d0a446a09a0806f253dba661f125a241a1b47d6285

sdk_container/src/third_party/portage-stable/app-admin/rsyslog/files/5-stable/rsyslog-gentoo.conf

@@ -0,0 +1,90 @@
+# rsyslog v5: load input modules
+# If you do not load inputs, nothing happens!
+# You may need to set the module load path if modules are not found.
+
+$ModLoad immark.so # provides --MARK-- message capability
+$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command)
+$ModLoad imklog.so # kernel logging (formerly provided by rklogd)
+
+# Include configuration files from directory
+$IncludeConfig /etc/rsyslog.d/*
+
+# Check config syntax on startup and abort if unclean (default off)
+#$AbortOnUncleanConfig on
+
+# Reduce repeating messages (default off)
+#$RepeatedMsgReduction on
+
+# Log all kernel messages to the console.
+# Logging much else clutters up the screen.
+#kern.*                                                 /dev/console
+
+# Log anything (except mail) of level info or higher.
+# Don't log private authentication messages!
+*.info;mail.none;authpriv.none;cron.none                -/var/log/messages
+
+# The authpriv file has restricted access.
+authpriv.*                                              /var/log/secure
+
+# Log all the mail messages in one place.
+mail.*                                                  -/var/log/maillog
+
+# Log cron stuff
+cron.*                                                  -/var/log/cron
+
+# Everybody gets emergency messages
+*.emerg                                                 *
+
+# Save news errors of level crit and higher in a special file.
+uucp,news.crit                                          -/var/log/spooler
+
+# Save boot messages also to boot.log
+local7.*                                                /var/log/boot.log
+
+# More configuration examples:
+#
+# Remote Logging (we use TCP for reliable delivery)
+# An on-disk queue is created for this action. If the remote host is
+# down, messages are spooled to disk and sent when it is up again.
+#$WorkDirectory /var/spool/rsyslog # where to place spool files
+#$ActionQueueFileName uniqName # unique name prefix for spool files
+#$ActionQueueMaxDiskSpace 1g   # 1gb space limit (use as much as possible)
+#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
+#$ActionQueueType LinkedList   # run asynchronously
+#$ActionResumeRetryCount -1    # infinety retries if host is down
+#$ActionResumeInterval 30      # retry interval
+# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
+#*.* @@remote-host
+
+# Remote Logging with TCP + SSL/TLS
+#$DefaultNetstreamDriver gtls
+#$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem
+#$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_CLIENT.cert.pem
+#$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_CLIENT.key.pem
+#$ActionSendStreamDriverAuthMode x509/name # enable peer authentication
+#$ActionSendStreamDriverPermittedPeer foo # authorize to send encrypted data to server foo
+#$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
+
+# ######### Receiving Messages from Remote Hosts ##########
+# TCP Syslog Server:
+#$ModLoad imtcp  # provides TCP syslog reception
+#$TCPServerRun 10514 # start a TCP syslog server at port 10514
+
+# TCP + SSL/TLS Syslog Server:
+#$ModLoad imtcp  # provides TCP syslog reception
+#$DefaultNetstreamDriver gtls # use gnuTLS for data encryption
+#$DefaultNetstreamDriverCAFile /etc/ssl/rsyslog/rsyslog_ca.cert.pem
+#$DefaultNetstreamDriverCertFile /etc/ssl/rsyslog/rsyslog_SERVER.cert.pem
+#$DefaultNetstreamDriverKeyFile /etc/ssl/rsyslog/rsyslog_SERVER.key.pem
+#$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
+#$InputTCPServerStreamDriverAuthMode x509/name # enable peer authentication
+#$InputTCPServerStreamDriverPermittedPeer bar # authorize client named bar (one line per client)
+#$TCPServerRun 10514 # start a TCP syslog server at port 10514
+
+# UDP Syslog Server:
+#$ModLoad imudp.so  # provides UDP syslog reception
+#$UDPServerRun 514 # start a UDP syslog server at standard port 514
+
+# RELP Syslog Server:
+#$ModLoad imrelp  # provides RELP syslog reception
+#$InputRELPServerRun 10515 # start a RELP syslog server at port 10515

sdk_container/src/third_party/portage-stable/app-admin/rsyslog/files/5-stable/rsyslog.confd

@@ -0,0 +1,17 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/files/5-stable/rsyslog.confd,v 1.1 2010/10/21 07:38:29 dev-zero Exp $
+
+# Configuration file
+CONFIGFILE="/etc/rsyslog.conf"
+
+# PID file
+PIDFILE="/var/run/rsyslogd.pid"
+
+# Options to rsyslogd
+# See rsyslogd(8) for more details
+# Notes:
+# * Do not specify another PIDFILE but use the variable above to change the location
+# * Do not specify another CONFIGFILE but use the variable above to change the location
+# * "-c5" tells rsyslog to _not_ run in sysklogd compatibility mode
+RSYSLOG_OPTS="-c5"

sdk_container/src/third_party/portage-stable/app-admin/rsyslog/files/5-stable/rsyslog.initd

@@ -0,0 +1,43 @@
+#!/sbin/runscript
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/files/5-stable/rsyslog.initd,v 1.4 2012/08/24 14:40:14 ultrabug Exp $
+
+extra_started_commands="reload"
+
+depend() {
+	provide logger
+}
+
+start() {
+	ebegin "Starting rsyslogd"
+	start-stop-daemon \
+		--start --quiet --exec /usr/sbin/rsyslogd --pidfile "${PIDFILE}" \
+		-- ${RSYSLOG_OPTS} -i "${PIDFILE}" -f "${CONFIGFILE}"
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping rsyslogd"
+	start-stop-daemon \
+		--stop --quiet \
+		--pidfile "${PIDFILE}"
+	eend $?
+}
+
+reload() {
+	if [ ! -f "${PIDFILE}" ]; then
+		eerror "rsyslogd not running"
+		return 1
+	fi
+
+	# Baselayout-1 users still use --stop and --oknodo
+	local USEROPT="--name rsyslogd"
+	if [ ! -f /etc/init.d/sysfs ]; then
+		USEROPT="--stop --oknodo"
+	fi
+
+	ebegin "Re-opening rsyslogd log files"
+	start-stop-daemon --signal HUP --pidfile "${PIDFILE}" ${USEROPT}
+	eend $?
+}

sdk_container/src/third_party/portage-stable/app-admin/rsyslog/files/5-stable/rsyslog.logrotate

@@ -0,0 +1,9 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/files/5-stable/rsyslog.logrotate,v 1.1 2010/10/21 07:38:29 dev-zero Exp $
+/var/log/messages /var/log/secure /var/log/maillog /var/log/cron /var/log/spooler /var/log/boot.log {
+    sharedscripts
+    postrotate
+        /etc/init.d/rsyslog reload &>/dev/null || true
+    endscript
+}

sdk_container/src/third_party/portage-stable/app-admin/rsyslog/rsyslog-5.8.11.ebuild

@@ -0,0 +1,254 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/rsyslog/rsyslog-5.8.11.ebuild,v 1.8 2012/08/19 19:07:06 armin76 Exp $
+
+EAPI=4
+AUTOTOOLS_AUTORECONF=yes
+
+inherit autotools-utils eutils systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+SRC_URI="http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
+	zeromq?	( https://github.com/aggregateknowledge/rsyslog-zeromq/tarball/44b551abc29dd5b541884bd51b45b413855a93d8 -> ${PN}-zeromq.tar.gz )"
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+KEYWORDS="~amd64 ~arm ~hppa ~x86"
+SLOT="0"
+IUSE="dbi debug doc extras kerberos mysql oracle postgres relp snmp ssl static-libs zeromq zlib"
+
+RDEPEND="dbi? ( dev-db/libdbi )
+	extras? ( net-libs/libnet )
+	kerberos? ( virtual/krb5 )
+	mysql? ( virtual/mysql )
+	postgres? ( dev-db/postgresql-base )
+	oracle? ( dev-db/oracle-instantclient-basic )
+	relp? ( >=dev-libs/librelp-0.1.3 )
+	snmp? ( net-analyzer/net-snmp )
+	ssl? ( net-libs/gnutls dev-libs/libgcrypt )
+	zeromq? ( net-libs/zeromq )
+	zlib? ( sys-libs/zlib )"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig"
+
+BRANCH="5-stable"
+
+# need access to certain device nodes
+RESTRICT="test"
+
+# Maitainer note : open a bug to upstream
+# showing that building in a separate dir fails
+AUTOTOOLS_IN_SOURCE_BUILD=1
+
+DOCS=(AUTHORS ChangeLog doc/rsyslog-example.conf)
+
+src_prepare() {
+	# Maintainer notes:
+	# ZeroMQ support, for now it is done by hand until upstream process bug.
+	# Bugzilla : http://bugzilla.adiscon.com/show_bug.cgi?id=277
+	if use zeromq; then
+		local ZEROPATH=${WORKDIR}/aggregateknowledge-rsyslog-zeromq-44b551a
+		epatch ${ZEROPATH}/rsyslog-zeromq.patch
+		cp -r ${ZEROPATH}/{i,o}mzeromq "${S}/plugins"
+	fi
+
+	# Don't force '-g' CFLAG
+	sed -i 's/CFLAGS="\(.*\) -g"/CFLAGS="\1"/g' configure.ac || die
+	autotools-utils_src_prepare
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * rfc3195 needs a library and development of that library
+	#   is suspended, so we disable it
+	# * About the java GUI:
+	#   The maintainer says there is no real installation support
+	#   for the java GUI, so we disable it for now.
+	local myeconfargs=(
+		--disable-gui
+		--disable-rfc3195
+		--enable-largefile
+		--enable-unlimited-select
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imtemplate
+		--enable-imptcp
+		--enable-mail
+		--enable-omprog
+		--enable-omstdout
+		--enable-omtemplate
+		--enable-omdbalerting
+		--enable-omuxsock
+		--enable-pmlastmsg
+		--enable-pmrfc3164sd
+		--enable-pmcisconames
+		--enable-pmaixforwardedfrom
+		--enable-pmsnare
+		$(use_enable extras omudpspoof)
+		$(use_enable zlib)
+		$(use_enable mysql)
+		$(use_enable dbi libdbi)
+		$(use_enable postgres pgsql)
+		$(use_enable oracle oracle)
+		$(use_enable ssl gnutls)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable relp)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable debug)
+		$(use_enable debug rtinst)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug valgrind)
+	)
+
+	use zeromq && myeconfargs=(
+		${myeconfargs[@]-}
+		$(use_enable zeromq imzeromq)
+		$(use_enable zeromq omzeromq)
+	)
+
+	systemd_to_myeconfargs
+	autotools-utils_src_configure
+}
+
+src_install() {
+	use doc && HTML_DOCS=(doc/)
+	autotools-utils_src_install
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}-gentoo.conf" ${PN}.conf
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd" ${PN}
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	use static-libs || find "${D}" -name '*.la' -delete || die
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/{createDB.sql,contrib/delete_mysql}
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+}
+
+pkg_postinst() {
+	if use mysql || use postgres; then
+		echo
+		elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+		elog "  /usr/share/doc/${PF}/scripts"
+	fi
+
+	if use ssl; then
+		echo
+		elog "To create a default CA and certificates for your server and clients, run:"
+		elog "  emerge --config =${PF}"
+		elog "on your logging server. You can run it several times,"
+		elog "once for each logging client. The client certificates will be signed"
+		elog "using the CA certificate generated during the first run."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	CERTDIR="${ROOT}/etc/ssl/${PN}"
+	if [ ! -d "${CERTDIR}" ]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}