summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiego Elio Pettenò <flameeyes@gentoo.org>2011-03-28 21:58:59 +0000
committerDiego Elio Pettenò <flameeyes@gentoo.org>2011-03-28 21:58:59 +0000
commit77a63ed2872ceefcfccc9fafbc61b525a0e8ad36 (patch)
tree08b81871a5e8b5bcd576c683aeceb1faf4071e54 /www-apache
parentVersion bump. (diff)
downloadgentoo-2-77a63ed2872ceefcfccc9fafbc61b525a0e8ad36.tar.gz
gentoo-2-77a63ed2872ceefcfccc9fafbc61b525a0e8ad36.tar.bz2
gentoo-2-77a63ed2872ceefcfccc9fafbc61b525a0e8ad36.zip
Cleanup ebuild, port to EAPI=3; add geoip USE flag to bring in dev-libs/geoip and set it up.
(Portage version: 2.2.0_alpha29/cvs/Linux x86_64)
Diffstat (limited to 'www-apache')
-rw-r--r--www-apache/mod_security/ChangeLog9
-rw-r--r--www-apache/mod_security/files/2.5.13/79_mod_security.conf16
-rw-r--r--www-apache/mod_security/files/modsecurity.conf (renamed from www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf)3
-rw-r--r--www-apache/mod_security/metadata.xml7
-rw-r--r--www-apache/mod_security/mod_security-2.5.13-r1.ebuild99
-rw-r--r--www-apache/mod_security/mod_security-2.5.13-r2.ebuild39
6 files changed, 42 insertions, 131 deletions
diff --git a/www-apache/mod_security/ChangeLog b/www-apache/mod_security/ChangeLog
index b8f2ccc51277..539e95c75d19 100644
--- a/www-apache/mod_security/ChangeLog
+++ b/www-apache/mod_security/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for www-apache/mod_security
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.50 2011/03/23 23:05:00 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/ChangeLog,v 1.51 2011/03/28 21:58:58 flameeyes Exp $
+
+ 28 Mar 2011; Diego E. Pettenò <flameeyes@gentoo.org>
+ +files/modsecurity.conf, -files/2.5.13-r2/79_modsecurity.conf,
+ -files/2.5.13/79_mod_security.conf, -mod_security-2.5.13-r1.ebuild,
+ mod_security-2.5.13-r2.ebuild, metadata.xml:
+ Cleanup ebuild, port to EAPI=3; add geoip USE flag to bring in dev-libs/geoip
+ and set it up.
*mod_security-2.5.13-r2 (23 Mar 2011)
diff --git a/www-apache/mod_security/files/2.5.13/79_mod_security.conf b/www-apache/mod_security/files/2.5.13/79_mod_security.conf
deleted file mode 100644
index ba1fb64729a4..000000000000
--- a/www-apache/mod_security/files/2.5.13/79_mod_security.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-<IfDefine SECURITY>
-LoadModule security2_module modules/mod_security2.so
-
-SecDataDir /var/cache/mod_security
-
-# use Core Rule Set by default, but no optional or experimental rules
-Include /etc/apache2/modules.d/mod_security/*.conf
-
-# Optionally use the other rules as well
-# Include /etc/apache2/modules.d/mod_security/optional_rules/*.conf
-# Include /etc/apache2/modules.d/mod_security/experimental_rules/*.conf
-
-</IfDefine>
-
-# -*- apache -*-
-# vim: ts=4 filetype=apache
diff --git a/www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf b/www-apache/mod_security/files/modsecurity.conf
index 77a42bab1920..254ecf4094b8 100644
--- a/www-apache/mod_security/files/2.5.13-r2/79_modsecurity.conf
+++ b/www-apache/mod_security/files/modsecurity.conf
@@ -1,6 +1,9 @@
<IfDefine SECURITY>
LoadModule security2_module modules/mod_security2.so
+# Enable looking up geolocation data from MaxMind's GeoIP database
+SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
+
SecDataDir /var/cache/modsecurity
</IfDefine>
diff --git a/www-apache/mod_security/metadata.xml b/www-apache/mod_security/metadata.xml
index 5088fa888ba7..11837ee42647 100644
--- a/www-apache/mod_security/metadata.xml
+++ b/www-apache/mod_security/metadata.xml
@@ -20,5 +20,12 @@
applications, including Rails-based web applications and
Bugzilla.
</flag>
+
+ <flag name='geoip'>
+ Configure ModSecurity to query the GeoIP database from MaxMind,
+ provided by <pkg>dev-libs/geoip</pkg>. This flag only controls
+ the default configuration, as the GeoIP query code is part of
+ ModSecurity's source code.
+ </flag>
</use>
</pkgmetadata>
diff --git a/www-apache/mod_security/mod_security-2.5.13-r1.ebuild b/www-apache/mod_security/mod_security-2.5.13-r1.ebuild
deleted file mode 100644
index 67ead0a842fc..000000000000
--- a/www-apache/mod_security/mod_security-2.5.13-r1.ebuild
+++ /dev/null
@@ -1,99 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r1.ebuild,v 1.2 2011/02/26 14:44:27 xarthisius Exp $
-
-EAPI=2
-
-inherit apache-module autotools
-
-MY_P=${P/mod_security-/modsecurity-apache_}
-MY_P=${MY_P/_rc/-rc}
-
-DESCRIPTION="Web application firewall and Intrusion Detection System for Apache."
-HOMEPAGE="http://www.modsecurity.org/"
-SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~ppc ~sparc ~x86"
-IUSE="lua"
-
-DEPEND="dev-libs/libxml2
- lua? ( >=dev-lang/lua-5.1 )
- www-servers/apache[apache2_modules_unique_id]"
-RDEPEND="${DEPEND}"
-PDEPEND="www-apache/modsecurity-crs"
-
-S="${WORKDIR}/${MY_P}"
-
-APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
-APACHE2_MOD_CONF="2.5.13/79_mod_security"
-APACHE2_MOD_DEFINE="SECURITY"
-
-need_apache2
-
-src_prepare() {
- epatch "${FILESDIR}"/${PN}-2.5.10-as-needed.patch
-
- cd apache2
- eautoreconf
-}
-
-src_configure() {
- cd apache2
-
- econf --with-apxs="${APXS}" \
- --without-curl \
- $(use_with lua) \
- || die "econf failed"
-}
-
-src_compile() {
- cd apache2
-
- APXS_FLAGS=
- for flag in ${CFLAGS}; do
- APXS_FLAGS="${APXS_FLAGS} -Wc,${flag}"
- done
-
- # Yes we need to prefix it _twice_
- for flag in ${LDFLAGS}; do
- APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}"
- done
-
- emake \
- APXS_CFLAGS="${CFLAGS}" \
- APXS_LDFLAGS="${LDFLAGS}" \
- APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \
- || die "emake failed"
-}
-
-src_test() {
- cd apache2
- emake test || die
-}
-
-src_install() {
- apache-module_src_install
-
- # install documentation
- dodoc CHANGES || die
- dohtml -r doc/* || die
-
- keepdir /var/cache/mod_security || die
- fowners apache:apache /var/cache/mod_security || die
- fperms 0770 /var/cache/mod_security || die
-}
-
-pkg_postinst() {
- if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then
- ewarn "You still have the configuration file 99_mod_security.conf."
- ewarn "Please make sure to remove that and keep only 79_mod_security.conf."
- ewarn ""
- fi
- elog "The base configuration file has been renamed 79_mod_security.conf"
- elog "so that you can put your own configuration as 80_mod_security_local.conf or"
- elog "equivalent."
- elog ""
- elog "That would be the correct place for site-global security rules."
-}
diff --git a/www-apache/mod_security/mod_security-2.5.13-r2.ebuild b/www-apache/mod_security/mod_security-2.5.13-r2.ebuild
index 065f4e41bc67..8608e48053ec 100644
--- a/www-apache/mod_security/mod_security-2.5.13-r2.ebuild
+++ b/www-apache/mod_security/mod_security-2.5.13-r2.ebuild
@@ -1,13 +1,12 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r2.ebuild,v 1.1 2011/03/23 23:05:00 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apache/mod_security/mod_security-2.5.13-r2.ebuild,v 1.2 2011/03/28 21:58:58 flameeyes Exp $
-EAPI=2
+EAPI=3
inherit apache-module autotools
-MY_P=${P/mod_security-/modsecurity-apache_}
-MY_P=${MY_P/_rc/-rc}
+MY_P=modsecurity-apache_${PV/_rc/-rc}
DESCRIPTION="Web application firewall and Intrusion Detection System for Apache."
HOMEPAGE="http://www.modsecurity.org/"
@@ -16,23 +15,25 @@ SRC_URI="http://www.modsecurity.org/download/${MY_P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~ppc ~sparc ~x86"
-IUSE="lua"
+IUSE="lua geoip"
DEPEND="dev-libs/libxml2
lua? ( >=dev-lang/lua-5.1 )
www-servers/apache[apache2_modules_unique_id]"
-RDEPEND="${DEPEND}"
+RDEPEND="${DEPEND}
+ geoip? ( dev-libs/geoip )"
PDEPEND="www-apache/modsecurity-crs"
S="${WORKDIR}/${MY_P}"
APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
-APACHE2_MOD_CONF="2.5.13-r2/79_modsecurity"
APACHE2_MOD_DEFINE="SECURITY"
need_apache2
src_prepare() {
+ cp "${FILESDIR}"/modsecurity.conf "${T}"/79_modsecurity.conf || die
+
epatch "${FILESDIR}"/${PN}-2.5.10-as-needed.patch
cd apache2
@@ -49,7 +50,10 @@ src_configure() {
}
src_compile() {
- cd apache2
+ if ! use geoip; then
+ sed -i -e '/SecGeoLookupDb/s:^:#:' \
+ "${T}"/79_modsecurity.conf || die
+ fi
APXS_FLAGS=
for flag in ${CFLAGS}; do
@@ -61,7 +65,7 @@ src_compile() {
APXS_FLAGS="${APXS_FLAGS} -Wl,${flag}"
done
- emake \
+ emake -C apache2 \
APXS_CFLAGS="${CFLAGS}" \
APXS_LDFLAGS="${LDFLAGS}" \
APXS_EXTRA_CFLAGS="${APXS_FLAGS}" \
@@ -69,16 +73,21 @@ src_compile() {
}
src_test() {
- cd apache2
- emake test || die
+ emake -C apache2 test || die
}
src_install() {
apache-module_src_install
- # install documentation
- dodoc CHANGES || die
- dohtml -r doc/* || die
+ # install manually rather than by using the APACHE2_MOD_CONF
+ # variable since we have to edit it to set things up properly.
+ insinto "${APACHE_MODULES_CONFDIR}"
+ doins "${T}"/79_modsecurity.conf
+
+ # install documentation; don't install index.html as it references
+ # the PDF and split-pages versions of the same documentation.
+ dodoc CHANGES
+ dohtml "${S}"/doc/*.{css,gif,jpg} "${S}"/doc/modsecurity2*.html
keepdir /var/cache/modsecurity || die
fowners apache:apache /var/cache/modsecurity || die
@@ -88,7 +97,7 @@ src_install() {
pkg_postinst() {
if [[ -f "${ROOT}"/etc/apache/modules.d/99_mod_security.conf ]]; then
ewarn "You still have the configuration file 99_mod_security.conf."
- ewarn "Please make sure to remove that and keep only 79_mod_security.conf."
+ ewarn "Please make sure to remove that and keep only 79_modsecurity.conf."
ewarn ""
fi
elog "The base configuration file has been renamed 79_modsecurity.conf"