You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
197 lines
6.0 KiB
197 lines
6.0 KiB
# Copyright 1999-2010 Gentoo Foundation
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.7.9.ebuild,v 1.7 2010/10/01 14:54:33 ranger Exp $
|
|
|
|
EAPI="2"
|
|
|
|
inherit eutils pam toolchain-funcs autotools
|
|
|
|
#lame archive versioning scheme..
|
|
S_PMV="${PV%%.*}"
|
|
S_PV="${PV%.*}"
|
|
S_PL="${PV##*.}"
|
|
S_PL="${S_PL/_rc/-RC}"
|
|
S_PP="${PN}-${S_PV}.STABLE${S_PL}"
|
|
|
|
DESCRIPTION="A full-featured web proxy cache"
|
|
HOMEPAGE="http://www.squid-cache.org/"
|
|
SRC_URI="http://www.squid-cache.org/Versions/v${S_PMV}/${S_PV}/${S_PP}.tar.gz"
|
|
|
|
LICENSE="GPL-2"
|
|
SLOT="0"
|
|
KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd"
|
|
IUSE="caps pam ldap samba sasl kerberos nis ssl snmp selinux logrotate \
|
|
mysql postgres sqlite \
|
|
zero-penalty-hit \
|
|
pf-transparent ipf-transparent kqueue \
|
|
elibc_uclibc kernel_linux +epoll tproxy"
|
|
|
|
DEPEND="caps? ( >=sys-libs/libcap-2.16 )
|
|
pam? ( virtual/pam )
|
|
ldap? ( net-nds/openldap )
|
|
kerberos? ( virtual/krb5 )
|
|
ssl? ( dev-libs/openssl )
|
|
sasl? ( dev-libs/cyrus-sasl )
|
|
selinux? ( sec-policy/selinux-squid )
|
|
!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
|
|
>=sys-libs/db-4
|
|
dev-lang/perl"
|
|
RDEPEND="${DEPEND}
|
|
samba? ( net-fs/samba )
|
|
mysql? ( dev-perl/DBD-mysql )
|
|
postgres? ( dev-perl/DBD-Pg )
|
|
sqlite? ( dev-perl/DBD-SQLite )"
|
|
|
|
S="${WORKDIR}/${S_PP}"
|
|
|
|
pkg_setup() {
|
|
if use tproxy && ! use caps; then
|
|
eerror "libcap is required by Transparent Proxy support for Netfilter TPROXY!"
|
|
eerror "Please enable caps USE flag and try again."
|
|
|
|
die "invalid combination of USE flags"
|
|
fi
|
|
|
|
if use zero-penalty-hit; then
|
|
ewarn "This version supports natively IP TOS/Priority mangling,"
|
|
ewarn "but it does not support zph_preserve_miss_tos."
|
|
ewarn "If you need that, please use >=${CATEGORY}/${PN}-3 ."
|
|
fi
|
|
enewgroup squid 31
|
|
enewuser squid 31 -1 /var/cache/squid squid
|
|
}
|
|
|
|
src_prepare() {
|
|
epatch "${FILESDIR}"/${P}-gentoo.patch
|
|
has_version app-crypt/mit-krb5 || epatch "${FILESDIR}"/${PN}-2-heimdal.patch
|
|
eautoreconf
|
|
}
|
|
|
|
src_configure() {
|
|
local basic_modules="getpwnam,NCSA,MSNT"
|
|
use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}"
|
|
use ldap && basic_modules="LDAP,${basic_modules}"
|
|
use pam && basic_modules="PAM,${basic_modules}"
|
|
use sasl && basic_modules="SASL,${basic_modules}"
|
|
use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}"
|
|
if use mysql || use postgres || use sqlite ; then
|
|
basic_modules="DB,${basic_modules}"
|
|
fi
|
|
|
|
local ext_helpers="ip_user,session,unix_group"
|
|
use samba && ext_helpers="wbinfo_group,${ext_helpers}"
|
|
use ldap && ext_helpers="ldap_group,${ext_helpers}"
|
|
|
|
local ntlm_helpers="fakeauth"
|
|
use samba && ntlm_helpers="SMB,${ntlm_helpers}"
|
|
|
|
local negotiate_helpers=
|
|
use kerberos && local negotiate_helpers="squid_kerb_auth"
|
|
|
|
local myconf=""
|
|
|
|
# Support for uclibc #61175
|
|
if use elibc_uclibc; then
|
|
myconf="${myconf} --enable-storeio=ufs,diskd,aufs,null"
|
|
myconf="${myconf} --disable-async-io"
|
|
else
|
|
myconf="${myconf} --enable-storeio=ufs,diskd,coss,aufs,null"
|
|
myconf="${myconf} --enable-async-io"
|
|
fi
|
|
|
|
if use kernel_linux; then
|
|
myconf="${myconf} --enable-linux-netfilter
|
|
$(use_enable tproxy linux-tproxy)
|
|
$(use_enable epoll)"
|
|
elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
|
|
myconf="${myconf} $(use_enable kqueue)"
|
|
if use pf-transparent; then
|
|
myconf="${myconf} --enable-pf-transparent"
|
|
elif use ipf-transparent; then
|
|
myconf="${myconf} --enable-ipf-transparent"
|
|
fi
|
|
fi
|
|
|
|
export CC=$(tc-getCC)
|
|
|
|
econf \
|
|
--sysconfdir=/etc/squid \
|
|
--libexecdir=/usr/libexec/squid \
|
|
--localstatedir=/var \
|
|
--datadir=/usr/share/squid \
|
|
--enable-auth="basic,digest,ntlm,negotiate" \
|
|
--enable-removal-policies="lru,heap" \
|
|
--enable-digest-auth-helpers="password" \
|
|
--enable-basic-auth-helpers="${basic_modules}" \
|
|
--enable-external-acl-helpers="${ext_helpers}" \
|
|
--enable-ntlm-auth-helpers="${ntlm_helpers}" \
|
|
--enable-negotiate-auth-helpers="${negotiate_helpers}" \
|
|
--enable-ident-lookups \
|
|
--enable-useragent-log \
|
|
--enable-cache-digests \
|
|
--enable-delay-pools \
|
|
--enable-referer-log \
|
|
--enable-arp-acl \
|
|
--with-pthreads \
|
|
--with-large-files \
|
|
--enable-htcp \
|
|
--enable-carp \
|
|
--enable-follow-x-forwarded-for \
|
|
--with-maxfd=8192 \
|
|
$(use_with libcap) \
|
|
$(use_enable snmp) \
|
|
$(use_enable ssl) \
|
|
${myconf} || die "econf failed"
|
|
}
|
|
|
|
src_install() {
|
|
make DESTDIR="${D}" install || die "make install failed"
|
|
|
|
# need suid root for looking into /etc/shadow
|
|
fowners root:squid /usr/libexec/squid/ncsa_auth
|
|
fowners root:squid /usr/libexec/squid/pam_auth
|
|
fperms 4750 /usr/libexec/squid/ncsa_auth
|
|
fperms 4750 /usr/libexec/squid/pam_auth
|
|
|
|
# some cleanups
|
|
rm -f "${D}"/usr/bin/Run*
|
|
|
|
dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \
|
|
helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
|
|
newdoc helpers/basic_auth/SMB/README README.auth_smb
|
|
dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
|
|
newdoc helpers/basic_auth/LDAP/README README.auth_ldap
|
|
doman helpers/basic_auth/LDAP/*.8
|
|
dodoc helpers/basic_auth/SASL/squid_sasl_auth*
|
|
|
|
newpamd "${FILESDIR}/squid.pam" squid
|
|
newconfd "${FILESDIR}/squid.confd" squid
|
|
if use logrotate; then
|
|
newinitd "${FILESDIR}/squid.initd-logrotate" squid
|
|
insinto /etc/logrotate.d
|
|
newins "${FILESDIR}/squid.logrotate" squid
|
|
else
|
|
newinitd "${FILESDIR}/squid.initd" squid
|
|
exeinto /etc/cron.weekly
|
|
newexe "${FILESDIR}/squid.cron" squid.cron
|
|
fi
|
|
|
|
rm -rf "${D}"/var
|
|
diropts -m0755 -o squid -g squid
|
|
keepdir /var/cache/squid /var/log/squid
|
|
}
|
|
|
|
pkg_postinst() {
|
|
echo
|
|
ewarn "Squid authentication helpers have been installed suid root."
|
|
ewarn "This allows shadow based authentication (see bug #52977 for more)."
|
|
echo
|
|
ewarn "Be careful what type of cache_dir you select!"
|
|
ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow"
|
|
ewarn "when there isn't sufficient traffic to keep squid reasonably busy."
|
|
ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'."
|
|
echo
|
|
ewarn "Squid can be configured to run in transparent mode like this:"
|
|
ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}"
|
|
}
|