diff options
Diffstat (limited to 'www-apache/mod_security')
-rw-r--r-- | www-apache/mod_security/Manifest | 1 | ||||
-rw-r--r-- | www-apache/mod_security/mod_security-2.9.3.ebuild | 115 |
2 files changed, 116 insertions, 0 deletions
diff --git a/www-apache/mod_security/Manifest b/www-apache/mod_security/Manifest index d53183b75678..77a67a321737 100644 --- a/www-apache/mod_security/Manifest +++ b/www-apache/mod_security/Manifest @@ -1 +1,2 @@ DIST modsecurity-2.9.1.tar.gz 4261212 BLAKE2B c47c7934d8da870e629c5733cc8c37452e4d90351269a14b99483188e8e3161891bd63bfd70e0723648c8daf51f1c33d900bd90ab0157332f826eab772f09f62 SHA512 374733cbfc26e53d95b78c8f268a4e465d838163e9893fc24e33a9d272b114f1b287147bab6d0289575074cbbd94f48983e23fa59832cbcb32950046cea59269 +DIST modsecurity-2.9.3.tar.gz 4307670 BLAKE2B 337ea15cc8805af7ab43aed8aecf4c72ccc586d0d7e9d9b91f036a61baa70d1ac8b4ad8045a2bb7a13515912a15fba7d3cdb9670ae6730de43b1e44ee90ded6d SHA512 4e1ea5dd8edadf8f630e4fe92a200d3a8e78963fce3128b5975a1e1ecd0e8bf9ceecd9905c95f8c508932ccd837f1d8ae8bb2ba423307718c3c6a4ae9b783ddd diff --git a/www-apache/mod_security/mod_security-2.9.3.ebuild b/www-apache/mod_security/mod_security-2.9.3.ebuild new file mode 100644 index 000000000000..41cfb5afbc1e --- /dev/null +++ b/www-apache/mod_security/mod_security-2.9.3.ebuild @@ -0,0 +1,115 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit apache-module + +MY_PN=modsecurity +MY_P=${MY_PN}-${PV} + +DESCRIPTION="Application firewall and intrusion detection for Apache" +HOMEPAGE="http://www.modsecurity.org/" +SRC_URI="http://www.modsecurity.org/tarball/${PV}/${MY_P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc fuzzyhash geoip jit json lua mlogc" + +COMMON_DEPEND="dev-libs/apr + dev-libs/apr-util[openssl] + dev-libs/libxml2 + dev-libs/libpcre[jit?] + fuzzyhash? ( app-crypt/ssdeep ) + json? ( dev-libs/yajl ) + lua? ( dev-lang/lua:0 ) + mlogc? ( net-misc/curl ) + www-servers/apache[apache2_modules_unique_id]" +DEPEND="${COMMON_DEPEND} + doc? ( app-doc/doxygen )" +RDEPEND="${COMMON_DEPEND} + geoip? ( dev-libs/geoip ) + mlogc? ( dev-lang/perl )" +PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1" + +S="${WORKDIR}/${MY_P}" + +APACHE2_MOD_FILE="apache2/.libs/${PN}2.so" +APACHE2_MOD_CONF="79_${PN}" +APACHE2_MOD_DEFINE="SECURITY" + +# Tests require symbols only defined within the Apache binary. +RESTRICT=test + +need_apache2 + +pkg_setup() { + _init_apache2 + _init_apache2_late +} + +src_configure() { + local myconf=( + --disable-static + --enable-request-early + --with-apxs="${APXS}" + --with-pic + $(use_with fuzzyhash ssdeep) + $(use_with json yajl) + $(use_enable mlogc) + $(use_with lua) + $(use_enable lua lua-cache) + $(use_enable jit pcre-jit) ) + + econf ${myconf[@]} +} + +src_compile() { + default + + # Building the docs is broken at the moment, see e.g. + # https://github.com/SpiderLabs/ModSecurity/issues/1322 + if use doc; then + doxygen doc/doxygen-apache.conf || die 'failed to build documentation' + fi +} + +src_install() { + apache-module_src_install + + dodoc CHANGES README.md modsecurity.conf-recommended + + if use doc; then + dodoc -r doc/apache/html + fi + + if use mlogc; then + insinto /etc/ + newins mlogc/mlogc-default.conf mlogc.conf + dobin mlogc/mlogc + dobin mlogc/mlogc-batch-load.pl + newdoc mlogc/INSTALL INSTALL-mlogc + fi + + # Use /var/lib instead of /var/cache. This stuff is "persistent," + # and isn't a cached copy of something that we can recreate. + # Bug 605496. + keepdir /var/lib/modsecurity + fowners apache:apache /var/lib/modsecurity + fperms 0750 /var/lib/modsecurity + for dir in data tmp upload; do + keepdir "/var/lib/modsecurity/${dir}" + fowners apache:apache "/var/lib/modsecurity/${dir}" + fperms 0750 "/var/lib/modsecurity/${dir}" + done +} + +pkg_postinst() { + elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}" + elog "so that you can put your own configuration in (for example)" + elog "90_modsecurity_local.conf." + elog "" + elog "That would be the correct place for site-global security rules." + elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs" +} |