| 1 |
# Copyright 1999-2009 Gentoo Foundation |
| 2 |
# Distributed under the terms of the GNU General Public License v2 |
| 3 |
# $Header: /var/cvsroot/gentoo-x86/net-misc/strongswan/strongswan-4.3.2.ebuild,v 1.2 2009/06/28 17:12:16 patrick Exp $ |
| 4 |
|
| 5 |
EAPI=2 |
| 6 |
inherit eutils linux-info autotools |
| 7 |
|
| 8 |
UGID="ipsec" |
| 9 |
|
| 10 |
DESCRIPTION="Open Source implementation of IPsec for the Linux operating system." |
| 11 |
HOMEPAGE="http://www.strongswan.org/" |
| 12 |
SRC_URI="http://download.strongswan.org/${P}.tar.bz2" |
| 13 |
|
| 14 |
LICENSE="GPL-2 RSA-MD2 RSA-MD5 RSA-PKCS11 DES" |
| 15 |
SLOT="0" |
| 16 |
KEYWORDS="~ppc ~sparc ~x86 ~amd64" |
| 17 |
IUSE="caps cisco curl debug ldap nat smartcard static xml" |
| 18 |
|
| 19 |
COMMON_DEPEND="!net-misc/openswan |
| 20 |
dev-libs/gmp |
| 21 |
dev-libs/libgcrypt |
| 22 |
caps? ( sys-libs/libcap ) |
| 23 |
curl? ( net-misc/curl ) |
| 24 |
ldap? ( net-nds/openldap ) |
| 25 |
smartcard? ( dev-libs/opensc ) |
| 26 |
xml? ( dev-libs/libxml2 )" |
| 27 |
DEPEND="${COMMON_DEPEND} |
| 28 |
virtual/linux-sources |
| 29 |
sys-kernel/linux-headers" |
| 30 |
RDEPEND="${COMMON_DEPEND} |
| 31 |
virtual/logger |
| 32 |
sys-apps/iproute2" |
| 33 |
|
| 34 |
src_prepare() { |
| 35 |
epatch "${FILESDIR}"/${PN}-4.2.7-install.patch |
| 36 |
eautoreconf |
| 37 |
} |
| 38 |
|
| 39 |
pkg_setup() { |
| 40 |
linux-info_pkg_setup |
| 41 |
|
| 42 |
einfo "Linux kernel is version ${KV_FULL}" |
| 43 |
|
| 44 |
if kernel_is 2 6; then |
| 45 |
einfo "This ebuild will set ${P} to use 2.6 native IPsec (KAME)." |
| 46 |
else |
| 47 |
eerror "Sorry, no support for your kernel version ${KV_FULL}." |
| 48 |
die "Install an IPsec enabled 2.6 kernel." |
| 49 |
fi |
| 50 |
|
| 51 |
# change to an unprivileged user by default |
| 52 |
enewgroup ${UGID} |
| 53 |
enewuser ${UGID} -1 -1 -1 ${UGID} |
| 54 |
} |
| 55 |
|
| 56 |
src_configure() { |
| 57 |
local myconf="" |
| 58 |
|
| 59 |
# change to an unprivileged user by default |
| 60 |
myconf="${myconf} --with-user=${UGID} --with-group=${UGID}" |
| 61 |
# strongswan enables both by default; switch to the user's wish |
| 62 |
if use static; then |
| 63 |
myconf="${myconf} --enable-static --disable-shared" |
| 64 |
else |
| 65 |
myconf="${myconf} --disable-static --enable-shared" |
| 66 |
fi |
| 67 |
|
| 68 |
# TODO: Review new configure options such as networkmanager |
| 69 |
econf \ |
| 70 |
$(use_with caps capabilities libcap) \ |
| 71 |
$(use_enable curl) \ |
| 72 |
$(use_enable ldap) \ |
| 73 |
$(use_enable xml smp) \ |
| 74 |
$(use_enable smartcard) \ |
| 75 |
$(use_enable cisco cisco-quirks) \ |
| 76 |
$(use_enable debug leak-detective) \ |
| 77 |
$(use_enable nat nat-transport) \ |
| 78 |
${myconf} \ |
| 79 |
|| die "econf failed" |
| 80 |
} |
| 81 |
|
| 82 |
src_install() { |
| 83 |
einstall || die "einstall failed." |
| 84 |
|
| 85 |
doinitd "${FILESDIR}"/ipsec |
| 86 |
|
| 87 |
fowners ipsec:ipsec /etc/ipsec.conf |
| 88 |
} |
| 89 |
|
| 90 |
pkg_postinst() { |
| 91 |
echo |
| 92 |
einfo "For your own security we install strongSwan without superuser" |
| 93 |
einfo "privileges. If you use iptables, you might want to change that" |
| 94 |
einfo "setting. See http://wiki.strongswan.org/wiki/nonRoot for more" |
| 95 |
einfo "information." |
| 96 |
# TODO: Should we recommend this sudoers line to users? |
| 97 |
# %ipsec ALL = NOPASSWD: /sbin/iptables |
| 98 |
echo |
| 99 |
einfo "The up-to-date configuration manual is available online at" |
| 100 |
einfo "http://www.strongswan.org/docs/readme42.htm" |
| 101 |
echo |
| 102 |
} |
Parent Directory
| 
Revision Log