diff options
author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2020-03-29 17:11:19 +0300 |
---|---|---|
committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2020-04-10 14:56:46 +0300 |
commit | 37c0c3bdf6ef561c0461a842d4ca66b52328f100 (patch) | |
tree | 7a3fa54e3dd519491fe5572aad9db6f51fa59edf | |
parent | 7cf28d09bf57112fadf72735de8ccd867dbfcf75 (diff) | |
download | aports-37c0c3bdf6ef561c0461a842d4ca66b52328f100.tar.bz2 aports-37c0c3bdf6ef561c0461a842d4ca66b52328f100.tar.xz |
main/strongswan: subpackage for logfile config
-rw-r--r-- | main/strongswan/APKBUILD | 20 | ||||
-rw-r--r-- | main/strongswan/charon-logfile.conf | 10 | ||||
-rw-r--r-- | main/strongswan/charon.logrotate | 6 |
3 files changed, 33 insertions, 3 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD index b68d2599d2..646a190aa2 100644 --- a/main/strongswan/APKBUILD +++ b/main/strongswan/APKBUILD @@ -3,7 +3,7 @@ pkgname=strongswan pkgver=5.8.1 _pkgver=${pkgver//_rc/rc} -pkgrel=1 +pkgrel=2 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="https://www.strongswan.org/" arch="all" @@ -14,7 +14,7 @@ depends="iproute2" makedepends="linux-headers python3 sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev" install="$pkgname.pre-install" -subpackages="$pkgname-doc $pkgname-dbg $pkgname-openrc" +subpackages="$pkgname-doc $pkgname-dbg $pkgname-logfile $pkgname-openrc" source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch 1001-charon-add-optional-source-and-remote-overrides-for-.patch @@ -23,6 +23,8 @@ source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 strongswan.initd charon.initd + charon.logrotate + charon-logfile.conf " # secfixes: @@ -129,10 +131,22 @@ package() { chown ipsec:ipsec "$pkgdir"/etc/ipsec.d/crls "$pkgdir"/etc/swanctl/x509crl } +logfile() { + pkgdesc="Dedicated log file configuration for charon" + depends=$pkgname + + install -m 644 -D charon.logrotate "$subpkgdir/etc/logrotate.d/charon" + install -m 644 -D charon-logfile.conf \ + "$subpkgdir/etc/strongswan.d/charon-logfile.conf" + install -m 2750 -o ipsec -g wheel -d "$subpkgdir/var/log/ipsec" +} + sha512sums="630d24643b3d61e931bb25cdd083ad3c55f92fe41f3fcd3198012eee486fb3b1a16dc3f80936162afb7da9e471d45d92b7d183a00153a558babb2a79e5f6813f strongswan-5.8.1.tar.bz2 c829b59d33f5dcffd86fbc81d824b51397ed48dc94da6271ec2d7d70e5975cff0c13d235147f92e1981b391857d5573507972593fed0ce831968da10d119da0f 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch cdc8b9d56fbd7c079dfa37e8de822cfa925d3b6741ff7d04afbc8b856d717ed090750e85b19af2296e28ee030c2d91597d2492f4b9b3540a5647b120bf609556 1001-charon-add-optional-source-and-remote-overrides-for-.patch f92609a1f6810786baeae1688688cbdd2a3116200cdba8d23e13da08992f5280bcbe04712cc89402f1e39aff6f4ebc8da05a2529b1e61e25a5229deb74c4dc3f 1002-vici-send-certificates-for-ike-sa-events.patch da39b5654c6f39d175c5491dabd5ed5c1b552857af7cbe7eeb8d0ecb34dad265bb8cd7725930eb75ceb99d51813f8e59631e687b09c1ff5c6437388f5f4d9647 1003-vici-add-support-for-individual-sa-state-changes.patch 8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd -4ac8dc83f08998fe672d5446dc6071f95a6a437b9df7c19d5f1a41707fb44451ec37aa237d0b86b0a9edf36a9ce7c29ba8959a38b04536c994dd4300daf737e5 charon.initd" +4ac8dc83f08998fe672d5446dc6071f95a6a437b9df7c19d5f1a41707fb44451ec37aa237d0b86b0a9edf36a9ce7c29ba8959a38b04536c994dd4300daf737e5 charon.initd +0417de0c0aa779602b216f29b1ad58cc842f0b0fbb8f5238d39199125dac30eaae89d869b337f8f504f8427f074ee7a363f55e3b3875516fe1ed5f0ed7f34c6f charon.logrotate +5896a9c5ecbef1a6c36b7bd31c83e18603f49105aedd4af80c42b0036c75950eac6e92abccfca09c9cb5bb3f3c4010f0daba068208e7dff05e7b1849d5a6e363 charon-logfile.conf" diff --git a/main/strongswan/charon-logfile.conf b/main/strongswan/charon-logfile.conf new file mode 100644 index 0000000000..f71317f32f --- /dev/null +++ b/main/strongswan/charon-logfile.conf @@ -0,0 +1,10 @@ +charon { + filelog { + /var/log/ipsec/charon { + default = 1 + flush_line = yes + ike_name = yes + time_format = %b %e %T + } + } +} diff --git a/main/strongswan/charon.logrotate b/main/strongswan/charon.logrotate new file mode 100644 index 0000000000..4d42f64d8d --- /dev/null +++ b/main/strongswan/charon.logrotate @@ -0,0 +1,6 @@ +/var/log/ipsec/charon { + missingok + postrotate + killall -HUP charon + endscript +} |