proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

9 files changed, 231 insertions, 0 deletions

diff --git a/net-firewall/nufw/Manifest b/net-firewall/nufw/Manifest
new file mode 100644
index 000000000000..e07d5abfce5e
--- /dev/null
+++ b/net-firewall/nufw/Manifest
@@ -0,0 +1 @@
+DIST nufw-2.2.22.tar.bz2 597491 SHA256 92603813b4138bfd52b5873c68d7c6e43f78885a414067e57bd2c1e8eba66b8c SHA512 cc9f43b9ebf6aabbab4c83799ca1735fc456c085959cfb24d17571302c71518660424195b2cc62ed615f811bd6b3c45e1b99db99138d1caa6a744370775acaee WHIRLPOOL 5e493d2aa2c661dd9766670bb805f98849c82f1962d39ff3692481f7049740cc73455e6aa45b7ca20632b2e254be8bb953f9aebdeb7a46c525578fc7a9d007ba
diff --git a/net-firewall/nufw/files/nuauth-conf.d b/net-firewall/nufw/files/nuauth-conf.d
new file mode 100644
index 000000000000..1ac750cf49fd
--- /dev/null
+++ b/net-firewall/nufw/files/nuauth-conf.d
@@ -0,0 +1,2 @@
+# configuration file for /etc/init.d/nuauth
+NUAUTH_OPTIONS=""
diff --git a/net-firewall/nufw/files/nuauth-init.d b/net-firewall/nufw/files/nuauth-init.d
new file mode 100644
index 000000000000..21bad8ff132f
--- /dev/null
+++ b/net-firewall/nufw/files/nuauth-init.d
@@ -0,0 +1,27 @@
+#!/sbin/runscript
+
+depend() {
+	before net
+}
+
+checkconfig() {
+	if [ ! -e /etc/nufw/nuauth.conf ]; then
+		eerror "You need a /etc/nufw/nuauth.conf file to run nuauth"
+		eerror "There is sample file in /usr/share/doc/nufw-version/"
+		return 1
+	fi
+}
+
+start() {
+	checkpath -d /run/nuauth
+	checkconfig || return 1
+	ebegin "Starting nuauth"
+		start-stop-daemon --start --quiet --exec /usr/sbin/nuauth -- -D ${NUAUTH_OPTIONS}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping nuauth"
+		start-stop-daemon --stop --quiet --pidfile /run/nuauth/nuauth.pid
+	eend $?
+}
diff --git a/net-firewall/nufw/files/nufw-2.2.21-fix-gnutls.patch b/net-firewall/nufw/files/nufw-2.2.21-fix-gnutls.patch
new file mode 100644
index 000000000000..b5e8048cd051
--- /dev/null
+++ b/net-firewall/nufw/files/nufw-2.2.21-fix-gnutls.patch
@@ -0,0 +1,23 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -87,6 +87,7 @@
+ #AM_CHECK_PATH([libgcrypt], [gcry_md_open],AC_DEFINE([HAVE_LIBRARY_GCRYPT],[1],[Gcrypt lib flag]), check_gcrypt=no,[-L/usr/local/lib])
+ #AM_CHECK_PATH(libgnutls], [gnutls_init],AC_DEFINE([HAVE_LIBRARY_GNUTLS],[1],[Gnutls lib flag]), check_gnutls=no)
+ 
++PKG_PROG_PKG_CONFIG
+ 
+ NEED_LIBGCRYPT_VERSION=1.2.0
+ AM_PATH_LIBGCRYPT("$NEED_LIBGCRYPT_VERSION")
+@@ -99,11 +100,7 @@
+ fi
+ 
+ NEED_LIBGNUTLS_VERSION=1.0.16
+-AM_PATH_LIBGNUTLS("$NEED_LIBGNUTLS_VERSION")
+-if test "x$LIBGNUTLS_LIBS" = "x"; then
+-  AC_MSG_ERROR([libgnutls is needed.
+-                See www.gnu.org/software/gnutls/ .])
+-fi
++PKG_CHECK_MODULES(GNUTLS, gnutls >= $NEED_LIBGNUTLS_VERSION,,exit)
+ 
+ #Configure database support, depending on user input
+ AC_ARG_WITH(prelude-log,
diff --git a/net-firewall/nufw/files/nufw-2.2.22-var-run.patch b/net-firewall/nufw/files/nufw-2.2.22-var-run.patch
new file mode 100644
index 000000000000..f6bcc95e0006
--- /dev/null
+++ b/net-firewall/nufw/files/nufw-2.2.22-var-run.patch
@@ -0,0 +1,45 @@
+--- a/src/nuauth/auth_srv.h
++++ b/src/nuauth/auth_srv.h
+@@ -162,7 +162,7 @@
+ #ifdef S_SPLINT_S
+ #  define NUAUTH_PID_FILE  "/usr/local/var/run/nuauth/nuauth.pid"
+ #else
+-#  define NUAUTH_PID_FILE  LOCAL_STATE_DIR "/run/nuauth/nuauth.pid"
++#  define NUAUTH_PID_FILE  "/run/nuauth/nuauth.pid"
+ #endif
+ 
+ /* define the number of threads that will do user check */
+--- a/src/nuauth/command.c
++++ b/src/nuauth/command.c
+@@ -26,7 +26,7 @@
+ #include <sys/un.h>		/* unix socket */
+ #include <sys/stat.h>		/* fchmod() */
+ 
+-#define SOCKET_FILENAME LOCAL_STATE_DIR "/run/nuauth/nuauth-command.socket"
++#define SOCKET_FILENAME "/run/nuauth/nuauth-command.socket"
+ 
+ const char* COMMAND_HELP =
+ "version: display nuauth version\n"
+--- a/src/nufw/main.c
++++ b/src/nufw/main.c
+@@ -54,7 +54,7 @@
+ 
+ /*! Name of pid file prefixed by LOCAL_STATE_DIR (variable defined
+  * during compilation/installation) */
+-#define NUFW_PID_FILE  LOCAL_STATE_DIR "/run/nufw.pid"
++#define NUFW_PID_FILE   "/run/nufw.pid"
+ 
+ /**
+  * Stop threads and then wait until threads exit.
+--- a/src/nuauth/Makefile.am
++++ b/src/nuauth/Makefile.am
+@@ -26,9 +26,6 @@
+ 
+ nuauth_LDADD = $(GLIB_LIBS) -lm  -lgnutls -lsasl2 -lnufw -L$(top_builddir)/src/include/
+ 
+-install-exec-local:
+-	install -d "$(DESTDIR)$(localstatedir)/run/nuauth/"
+-
+ nuauth$(EXEEXT): $(nuauth_OBJECTS) $(nuauth_DEPENDENCIES)
+ 	@rm -f nuauth$(EXEEXT)
+ 	$(LINK) $(nuauth_LDFLAGS) $(nuauth_OBJECTS) $(nuauth_LDADD)
diff --git a/net-firewall/nufw/files/nufw-conf.d b/net-firewall/nufw/files/nufw-conf.d
new file mode 100644
index 000000000000..b2ea527744ec
--- /dev/null
+++ b/net-firewall/nufw/files/nufw-conf.d
@@ -0,0 +1,2 @@
+# configuration file for /etc/init.d/nufw
+NUFW_OPTIONS="-k /etc/nufw/nufw.key -c /etc/nufw/nufw.pem -d 127.0.0.1 -p 4129"
diff --git a/net-firewall/nufw/files/nufw-init.d b/net-firewall/nufw/files/nufw-init.d
new file mode 100644
index 000000000000..6cfcfd793248
--- /dev/null
+++ b/net-firewall/nufw/files/nufw-init.d
@@ -0,0 +1,17 @@
+#!/sbin/runscript
+
+depend() {
+	before net
+}
+
+start() {
+	ebegin "Starting nufw"
+	start-stop-daemon --start --quiet --exec /usr/sbin/nufw -- -D ${NUFW_OPTIONS}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping nufw"
+	start-stop-daemon --stop --quiet --pidfile /run/nufw.pid
+	eend $?
+}
diff --git a/net-firewall/nufw/metadata.xml b/net-firewall/nufw/metadata.xml
new file mode 100644
index 000000000000..983d41997af1
--- /dev/null
+++ b/net-firewall/nufw/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>netmon</herd>
+<use>
+<flag name='nfconntrack'>Use netfilter_conntrack</flag>
+<flag name='nfqueue'>Use NFQUEUE instead of QUEUE</flag>
+<flag name='pam_nuauth'>Add support for pam nufw from PAM</flag>
+<flag name='plaintext'>Add support for authentication with plaintext files</flag>
+</use>
+</pkgmetadata>
diff --git a/net-firewall/nufw/nufw-2.2.22-r1.ebuild b/net-firewall/nufw/nufw-2.2.22-r1.ebuild
new file mode 100644
index 000000000000..6da51fab622e
--- /dev/null
+++ b/net-firewall/nufw/nufw-2.2.22-r1.ebuild
@@ -0,0 +1,103 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+SSL_CERT_MANDATORY=1
+inherit autotools eutils multilib pam ssl-cert
+
+DESCRIPTION="An enterprise grade authenticating firewall based on netfilter"
+HOMEPAGE="http://www.nufw.org/"
+SRC_URI="http://www.nufw.org/attachments/download/39/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 x86"
+IUSE="debug ldap mysql pam pam_nuauth plaintext postgres prelude unicode nfqueue nfconntrack static syslog test"
+
+REQUIRED_USE="pam_nuauth? ( plaintext )"
+DEPEND="
+	dev-libs/cyrus-sasl
+	dev-libs/glib:2
+	dev-libs/libgcrypt:0
+	dev-python/ipy
+	net-firewall/iptables
+	net-libs/gnutls
+	ldap? ( >=net-nds/openldap-2 )
+	mysql? ( virtual/mysql )
+	nfconntrack? ( net-libs/libnetfilter_conntrack )
+	nfqueue? ( net-libs/libnfnetlink net-libs/libnetfilter_queue )
+	pam? ( sys-libs/pam )
+	pam_nuauth? ( sys-libs/pam )
+	postgres? ( dev-db/postgresql[server] )
+	prelude? ( dev-libs/libprelude )
+"
+RDEPEND=${DEPEND}
+
+RESTRICT="test"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-var-run.patch
+	sed -i \
+		-e 's:^#\(nuauth_tls_key="/etc/nufw/\)nuauth-key.pem:\1nuauth.key:' \
+		-e 's:^#\(nuauth_tls_cert="/etc/nufw/\)nuauth-cert.pem:\1nuauth.pem:' \
+		conf/nuauth.conf || die
+	sed -i \
+		-e "/^modulesdir/s|=.*|= /$(get_libdir)/security|g" \
+		src/clients/pam_nufw/Makefile.am || die
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		$(use_enable debug) \
+		$(use_enable pam_nuauth pam-nufw) \
+		$(use_enable static) \
+		$(use_with ldap) \
+		$(use_with mysql mysql-auth) \
+		$(use_with mysql mysql-log) \
+		$(use_with nfconntrack) \
+		$(use_with nfqueue) \
+		$(use_with pam system-auth) \
+		$(use_with plaintext plaintext-auth) \
+		$(use_with postgres pgsql-log) \
+		$(use_with prelude prelude-log) \
+		$(use_with syslog syslog-log) \
+		$(use_with unicode utf8) \
+		--enable-shared \
+		--includedir="/usr/include/nufw" \
+		--localstatedir="/var" \
+		--sysconfdir="/etc/nufw" \
+		--with-mark-group \
+		--with-user-mark
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/nufw-init.d nufw
+	newconfd "${FILESDIR}"/nufw-conf.d nufw
+
+	newinitd "${FILESDIR}"/nuauth-init.d nuauth
+	newconfd "${FILESDIR}"/nuauth-conf.d nuauth
+
+	insinto /etc/nufw
+	doins conf/nuauth.conf
+
+	dodoc AUTHORS ChangeLog NEWS README TODO
+	docinto scripts
+	dodoc scripts/{clean_conntrack.pl,nuaclgen,nutop,README,ulog_rotate_daily.sh,ulog_rotate_weekly.sh}
+	docinto conf
+	dodoc conf/*.{nufw,schema,conf,dump,xml}
+
+	if use pam; then
+		pamd_mimic system-auth nufw auth account password session
+	fi
+
+	prune_libtool_files
+}
+
+pkg_postinst() {
+	install_cert /etc/nufw/{nufw,nuauth}
+}