From 1c1ee39869f981b576e7470a12512234fcef7355 Mon Sep 17 00:00:00 2001 From: Diego Elio Pettenò Date: Tue, 19 Apr 2011 07:00:04 +0000 Subject: Version bump, even though 2.6 series requires a bit more work to be properly usable. (Portage version: 2.2.0_alpha30/cvs/Linux x86_64) --- www-apache/mod_security/ChangeLog | 9 ++- www-apache/mod_security/metadata.xml | 5 ++ .../mod_security/mod_security-2.6.0_rc1.ebuild | 94 ++++++++++++++++++++++ 3 files changed, 107 insertions(+), 1 deletion(-) create mode 100644 www-apache/mod_security/mod_security-2.6.0_rc1.ebuild (limited to 'www-apache') diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog index 539e95c75d19..9f34eb34de14 100644 --- a/www-apache/mod_security/ChangeLog +++ b/www-apache/mod_security/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for www-apache/mod_security # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.51 2011/03/28 21:58:58 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.52 2011/04/19 07:00:04 flameeyes Exp $ + +*mod_security-2.6.0_rc1 (19 Apr 2011) + + 19 Apr 2011; Diego E. Pettenò + +mod_security-2.6.0_rc1.ebuild, metadata.xml: + Version bump, even though 2.6 series requires a bit more work to be properly + usable. 28 Mar 2011; Diego E. Pettenò +files/modsecurity.conf, -files/2.5.13-r2/79_modsecurity.conf, diff --git a/www-apache/mod_security/metadata.xml b/www-apache/mod_security/metadata.xml index 11837ee42647..d1365071f721 100644 --- a/www-apache/mod_security/metadata.xml +++ b/www-apache/mod_security/metadata.xml @@ -27,5 +27,10 @@ the default configuration, as the GeoIP query code is part of ModSecurity's source code. + + + Build the ModSecurity Audit Log Collector (mlogc) that depends + on net-misc/curl. + diff --git a/www-apache/mod_security/mod_security-2.6.0_rc1.ebuild b/www-apache/mod_security/mod_security-2.6.0_rc1.ebuild new file mode 100644 index 000000000000..f3cdd538710f --- /dev/null +++ b/www-apache/mod_security/mod_security-2.6.0_rc1.ebuild @@ -0,0 +1,94 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.6.0_rc1.ebuild,v 1.1 2011/04/19 07:00:04 flameeyes Exp $ + +EAPI=3 + +inherit apache-module autotools + +MY_P=modsecurity-apache_${PV/_rc/-rc} + +DESCRIPTION="Web application firewall and Intrusion Detection System for Apache." +HOMEPAGE="http://www.modsecurity.org/" +SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="geoip curl" + +DEPEND=">=dev-libs/libxml2-2.7.8 + dev-libs/libpcre + >=dev-lang/lua-5.1 + curl? ( >=net-misc/curl-7.15.1 ) + www-servers/apache[apache2_modules_unique_id]" +RDEPEND="${DEPEND} + geoip? ( dev-libs/geoip )" +PDEPEND="www-apache/modsecurity-crs" + +S="${WORKDIR}/${PV/_rc/-rc}" + +APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" +APACHE2_MOD_DEFINE="SECURITY" + +# Tests require symbols only defined within the Apache binary. +RESTRICT=test + +need_apache2 + +src_prepare() { + cp "${FILESDIR}"/modsecurity.conf "${T}"/79_modsecurity.conf || die +} + +src_configure() { + econf \ + --enable-shared --disable-static \ + --with-apxs="${APXS}" \ + $(use_enable curl mlogc) \ + || die "econf failed" +} + +src_compile() { + if ! use geoip; then + sed -i -e '/SecGeoLookupDb/s:^:#:' \ + "${T}"/79_modsecurity.conf || die + fi + + emake || die +} + +src_test() { + emake check || die +} + +src_install() { + apache-module_src_install + + # install manually rather than by using the APACHE2_MOD_CONF + # variable since we have to edit it to set things up properly. + insinto "${APACHE_MODULES_CONFDIR}" + doins "${T}"/79_modsecurity.conf + + # install documentation; don't install index.html as it references + # the PDF and split-pages versions of the same documentation. + dodoc CHANGES + dohtml "${S}"/doc/*.{css,gif,jpg} "${S}"/doc/modsecurity2*.html + + keepdir /var/cache/modsecurity || die + fowners apache:apache /var/cache/modsecurity || die + fperms 0770 /var/cache/modsecurity || die +} + +pkg_postinst() { + if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then + ewarn "You still have the configuration file 99_mod_security.conf." + ewarn "Please make sure to remove that and keep only 79_modsecurity.conf." + ewarn "" + fi + elog "The base configuration file has been renamed 79_modsecurity.conf" + elog "so that you can put your own configuration as 90_modsecurity_local.conf or" + elog "equivalent." + elog "" + elog "That would be the correct place for site-global security rules." + elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" +} -- cgit v1.2.3-65-gdbad