www-apache/mod_security/mod_security-2.9.1-r1.ebuild

   1 # Copyright 1999-2018 Gentoo Authors
   2 # Distributed under the terms of the GNU General Public License v2
   3
   4 EAPI=5
   5
   6 inherit apache-module
   7
   8 MY_PN=modsecurity
   9 MY_P=${MY_PN}-${PV}
  10
  11 DESCRIPTION="Application firewall and intrusion detection for Apache"
  12 HOMEPAGE="http://www.modsecurity.org/"
  13 SRC_URI="http://www.modsecurity.org/tarball/${PV}/${MY_P}.tar.gz"
  14
  15 LICENSE="Apache-2.0"
  16 SLOT="0"
  17 KEYWORDS="amd64 x86"
  18 IUSE="doc fuzzyhash geoip jit json lua mlogc"
  19
  20 COMMON_DEPEND="dev-libs/apr
  21         dev-libs/apr-util[openssl]
  22         dev-libs/libxml2
  23         dev-libs/libpcre[jit?]
  24         fuzzyhash? ( app-crypt/ssdeep )
  25         json? ( dev-libs/yajl )
  26         lua? ( dev-lang/lua:0 )
  27         mlogc? ( net-misc/curl )
  28         www-servers/apache[apache2_modules_unique_id]"
  29 DEPEND="${COMMON_DEPEND}
  30         doc? ( app-doc/doxygen )"
  31 RDEPEND="${COMMON_DEPEND}
  32         geoip? ( dev-libs/geoip )
  33         mlogc? ( dev-lang/perl )"
  34 PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1"
  35
  36 S="${WORKDIR}/${MY_P}"
  37
  38 APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
  39 APACHE2_MOD_CONF="79_${PN}"
  40 APACHE2_MOD_DEFINE="SECURITY"
  41
  42 # Tests require symbols only defined within the Apache binary.
  43 RESTRICT=test
  44
  45 need_apache2
  46
  47 src_configure() {
  48         econf --enable-shared \
  49                   --disable-static \
  50                   --with-apxs="${APXS}" \
  51                   --enable-request-early \
  52                   --with-pic \
  53                   $(use_with fuzzyhash ssdeep) \
  54                   $(use_with json yajl) \
  55                   $(use_enable mlogc) \
  56                   $(use_with lua) \
  57                   $(use_enable lua lua-cache) \
  58                   $(use_enable jit pcre-jit)
  59 }
  60
  61 src_compile() {
  62         default
  63
  64         # Building the docs is broken at the moment, see e.g.
  65         # https://github.com/SpiderLabs/ModSecurity/issues/1322
  66         if use doc; then
  67                 doxygen doc/doxygen-apache.conf || die 'failed to build documentation'
  68         fi
  69 }
  70
  71 src_install() {
  72         apache-module_src_install
  73
  74         dodoc CHANGES README.TXT modsecurity.conf-recommended
  75
  76         if use doc; then
  77                 dodoc -r doc/apache/html
  78         fi
  79
  80         if use mlogc; then
  81                 insinto /etc/
  82                 newins mlogc/mlogc-default.conf mlogc.conf
  83                 dobin mlogc/mlogc
  84                 dobin mlogc/mlogc-batch-load.pl
  85                 newdoc mlogc/INSTALL INSTALL-mlogc
  86         fi
  87
  88         # Use /var/lib instead of /var/cache. This stuff is "persistent,"
  89         # and isn't a cached copy of something that we can recreate.
  90         # Bug 605496.
  91         keepdir /var/lib/modsecurity
  92         fowners apache:apache /var/lib/modsecurity
  93         fperms 0750 /var/lib/modsecurity
  94         for dir in data tmp upload; do
  95                 keepdir "/var/lib/modsecurity/${dir}"
  96                 fowners apache:apache "/var/lib/modsecurity/${dir}"
  97                 fperms 0750 "/var/lib/modsecurity/${dir}"
  98         done
  99 }
 100
 101 pkg_postinst() {
 102         elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}"
 103         elog "so that you can put your own configuration in (for example)"
 104         elog "90_modsecurity_local.conf."
 105         elog ""
 106         elog "That would be the correct place for site-global security rules."
 107         elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs"
 108 }