added all ebuilds from my old svn repository

51 files changed, 2683 insertions, 0 deletions

diff --git a/app-admin/chpwdfile/Manifest b/app-admin/chpwdfile/Manifest
new file mode 100644
index 0000000..1e3833f
--- /dev/null
+++ b/app-admin/chpwdfile/Manifest
@@ -0,0 +1,8 @@
+DIST chpwdfile-0.24.tar.gz 22421 RMD160 50fae75143046660e634fa128aedb619bb15a44a SHA1 080fae3cf4b837602d0b0080a85772806899d993 SHA256 0143b1100d58615930ae81ce99aa202a069f6ee8c619b30292ff33a2b0417161
+EBUILD chpwdfile-0.24.ebuild 572 RMD160 bae66e55c47490fb82af978cc6674c6e778e3704 SHA1 8bf628731792432c96cb5812ba3aab7fd2d606f3 SHA256 283ac170742674a785fbcef2d72336dbd0fe687d6f44d8cbbb7974cc164ba082
+MD5 9a1b337b22be5561baac1769cb4fbba0 chpwdfile-0.24.ebuild 572
+RMD160 bae66e55c47490fb82af978cc6674c6e778e3704 chpwdfile-0.24.ebuild 572
+SHA256 283ac170742674a785fbcef2d72336dbd0fe687d6f44d8cbbb7974cc164ba082 chpwdfile-0.24.ebuild 572
+MD5 feff036b8166260eb382b46c5f4ee431 files/digest-chpwdfile-0.24 241
+RMD160 772c8784d8d5e6dd93124fd46dd72ba3915f8d79 files/digest-chpwdfile-0.24 241
+SHA256 f76f5c079819eead5c444eac3ba98c7f8e000b9cebda531839a6f59955fccb62 files/digest-chpwdfile-0.24 241
diff --git a/app-admin/chpwdfile/chpwdfile-0.24.ebuild b/app-admin/chpwdfile/chpwdfile-0.24.ebuild
new file mode 100644
index 0000000..17399ef
--- /dev/null
+++ b/app-admin/chpwdfile/chpwdfile-0.24.ebuild
@@ -0,0 +1,26 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header$
+
+DESCRIPTION="console based password management application"
+HOMEPAGE="http://cpbotha.net/pam_pwdfile"
+SRC_URI="http://cpbotha.net/files/mirror/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86"
+DEPEND="virtual/libc"
+
+src_compile() {
+	emake || die "emake failed"
+}
+
+src_install() {
+	dobin chpwdfile
+	doman chpwdfile.1
+	for i in pw{add,mod,del}; do
+		dosym chpwdfile /usr/bin/${i}
+		echo '.so chpwdfile.1' > ${i}.1
+		doman ${i}.1
+	done
+	dodoc README
+}
diff --git a/app-admin/chpwdfile/files/digest-chpwdfile-0.24 b/app-admin/chpwdfile/files/digest-chpwdfile-0.24
new file mode 100644
index 0000000..df1f07b
--- /dev/null
+++ b/app-admin/chpwdfile/files/digest-chpwdfile-0.24
@@ -0,0 +1,3 @@
+MD5 8bdba005f58a09c7dc1b12692691179a chpwdfile-0.24.tar.gz 22421
+RMD160 50fae75143046660e634fa128aedb619bb15a44a chpwdfile-0.24.tar.gz 22421
+SHA256 0143b1100d58615930ae81ce99aa202a069f6ee8c619b30292ff33a2b0417161 chpwdfile-0.24.tar.gz 22421
diff --git a/app-admin/grsecurity-scripts/Manifest b/app-admin/grsecurity-scripts/Manifest
new file mode 100644
index 0000000..72acf98
--- /dev/null
+++ b/app-admin/grsecurity-scripts/Manifest
@@ -0,0 +1,27 @@
+AUX grsecurity-rbac 1054 RMD160 b6b8940f9be86e27de553bae75a9f9f5e23e9c1f SHA1 f0523e90feb5b83d1073a35064648fe504b0c56f SHA256 b228f275df04a29150553a45fc82227fbca81ea591f4cbee29919c2f6719ca63
+MD5 0ab42902dd7947cffe16019b15cc97bd files/grsecurity-rbac 1054
+RMD160 b6b8940f9be86e27de553bae75a9f9f5e23e9c1f files/grsecurity-rbac 1054
+SHA256 b228f275df04a29150553a45fc82227fbca81ea591f4cbee29919c2f6719ca63 files/grsecurity-rbac 1054
+AUX grsecurity-rbac-learning 1778 RMD160 056c05ceaa9944262c314650f7c1c165cddf5098 SHA1 bd77bc0108e4115770afc9478198930d50b508ac SHA256 1bb65e66a0ac6ae93a733942f4c71bdaaebec9b1c67b732b5c6a82e6edafd728
+MD5 f489481e64c1f8e0dcac1e16a0cd6ebb files/grsecurity-rbac-learning 1778
+RMD160 056c05ceaa9944262c314650f7c1c165cddf5098 files/grsecurity-rbac-learning 1778
+SHA256 1bb65e66a0ac6ae93a733942f4c71bdaaebec9b1c67b732b5c6a82e6edafd728 files/grsecurity-rbac-learning 1778
+AUX grsecurity-sysctl 616 RMD160 eb0371dd68cb7ef93e1afd1f84ea628ee03905d1 SHA1 13771a5c6449133b00daea94e4c3b84f79ac230c SHA256 3e6bd364049ad86bbf746386dfe76c56eeb3ab2cab23d0730f100b7a02a8a2c9
+MD5 41abd43ebeb501f646d4491efaaecb8e files/grsecurity-sysctl 616
+RMD160 eb0371dd68cb7ef93e1afd1f84ea628ee03905d1 files/grsecurity-sysctl 616
+SHA256 3e6bd364049ad86bbf746386dfe76c56eeb3ab2cab23d0730f100b7a02a8a2c9 files/grsecurity-sysctl 616
+AUX sample-kernel-config-pax-grsec.txt 3053 RMD160 c26634bea952ac856f5fe7b1380df76ad7e81f60 SHA1 e9e8d2e02b6aa6943f46c9aa0fb4587b0eff6d69 SHA256 315e30c13c74b058ffddb4ea913a67ec70fa170d1f3065076f0142ffbafce704
+MD5 88143d863f72eeec56cb3d94f3a1514c files/sample-kernel-config-pax-grsec.txt 3053
+RMD160 c26634bea952ac856f5fe7b1380df76ad7e81f60 files/sample-kernel-config-pax-grsec.txt 3053
+SHA256 315e30c13c74b058ffddb4ea913a67ec70fa170d1f3065076f0142ffbafce704 files/sample-kernel-config-pax-grsec.txt 3053
+AUX sysctl.conf 1853 RMD160 9b69c98d075a9f9ac81e4654a1af5bf5306875df SHA1 29f4a225cefb60dbefd556889e9e4a7079c757e5 SHA256 fc548b3958efad7817e7a1fd429160abf16d93f14ee0827f15a9d109b3bb01ae
+MD5 f272b07b59dfad416083726c3b8d75b2 files/sysctl.conf 1853
+RMD160 9b69c98d075a9f9ac81e4654a1af5bf5306875df files/sysctl.conf 1853
+SHA256 fc548b3958efad7817e7a1fd429160abf16d93f14ee0827f15a9d109b3bb01ae files/sysctl.conf 1853
+EBUILD grsecurity-scripts-1.ebuild 2460 RMD160 5e62d153d67ba6b6522e6e7ce5e5b7b4409e5b58 SHA1 3626824c945e827171f4179aa021a6eaed68a072 SHA256 c13c199a45140120480a371ef5a0e018219ff7322d2f0a0c3ccf60f762915391
+MD5 b251047797af50ba0d14c4193d360330 grsecurity-scripts-1.ebuild 2460
+RMD160 5e62d153d67ba6b6522e6e7ce5e5b7b4409e5b58 grsecurity-scripts-1.ebuild 2460
+SHA256 c13c199a45140120480a371ef5a0e018219ff7322d2f0a0c3ccf60f762915391 grsecurity-scripts-1.ebuild 2460
+MD5 d41d8cd98f00b204e9800998ecf8427e files/digest-grsecurity-scripts-1 0
+RMD160 9c1185a5c5e9fc54612808977ee8f548b2258d31 files/digest-grsecurity-scripts-1 0
+SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 files/digest-grsecurity-scripts-1 0
diff --git a/app-admin/grsecurity-scripts/files/digest-grsecurity-scripts-1 b/app-admin/grsecurity-scripts/files/digest-grsecurity-scripts-1
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app-admin/grsecurity-scripts/files/digest-grsecurity-scripts-1
diff --git a/app-admin/grsecurity-scripts/files/grsecurity-rbac b/app-admin/grsecurity-scripts/files/grsecurity-rbac
new file mode 100755
index 0000000..568d321
--- /dev/null
+++ b/app-admin/grsecurity-scripts/files/grsecurity-rbac
@@ -0,0 +1,47 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+#
+# Created by Wolfram Schlich <wschlich@gentoo.org>
+# Feedback is greatly appreciated!
+#
+
+depend() {
+	after grsecurity-sysctl
+	before net.*
+}
+
+checkconfig() {
+	if [[ ! -f /etc/grsec/pw ]]; then
+		eerror
+		eerror "The grsecurity RBAC system password file is missing!"
+		eerror "  -> /etc/grsec/pw"
+		eerror
+		eerror "Create passwords for the RBAC system itself and the 'admin'"
+		eerror "role by running the following commands:"
+		eerror
+		eerror "To create the grsecurity RBAC system main password:"
+		eerror "  gradm -P"
+		eerror
+		eerror "To create the grsecurity RBAC system role 'admin' password:"
+		eerror "  gradm -P admin"
+		eerror
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Enabling grsecurity RBAC system"
+	/sbin/gradm -E
+	eend $?
+}
+
+stop() {
+	einfo
+	einfo "You have to manually disable the grsecurity RBAC system"
+	einfo "by running the following command:"
+	einfo "  gradm -D"
+	einfo
+}
diff --git a/app-admin/grsecurity-scripts/files/grsecurity-rbac-learning b/app-admin/grsecurity-scripts/files/grsecurity-rbac-learning
new file mode 100755
index 0000000..51acb0c
--- /dev/null
+++ b/app-admin/grsecurity-scripts/files/grsecurity-rbac-learning
@@ -0,0 +1,72 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+#
+# Created by Wolfram Schlich <wschlich@gentoo.org>
+# Feedback is greatly appreciated!
+#
+
+depend() {
+	after modules
+	before checkfs
+}
+
+checkconfig() {
+	if [[ ! -f /etc/grsec/pw ]]; then
+		eerror
+		eerror "The grsecurity RBAC system password file is missing!"
+		eerror "  -> /etc/grsec/pw"
+		eerror
+		eerror "Create passwords for the RBAC system itself and the 'admin'"
+		eerror "role by running the following commands:"
+		eerror
+		eerror "To create the grsecurity RBAC system main password:"
+		eerror "  gradm -P"
+		eerror
+		eerror "To create the grsecurity RBAC system role 'admin' password:"
+		eerror "  gradm -P admin"
+		eerror
+		return 1
+	fi
+	if [[ ! -f /etc/grsec/learn_config ]]; then
+		eerror
+		eerror "The grsecurity RBAC system learning mode config file is missing!"
+		eerror "  -> /etc/grsec/learn_config"
+		eerror
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Enabling grsecurity RBAC system learning mode"
+	/sbin/gradm -F -L /etc/grsec/learning.log
+	eend $?
+	ewarn
+	ewarn "You can only disable the grsecurity RBAC system from"
+	ewarn "the terminal it was initially being started on!"
+	ewarn
+}
+
+process() {
+	if [[ ! -f /etc/grsec/learning.log ]]; then
+		eerror
+		eerror "The grsecurity RBAC system learning log is missing!"
+		eerror "  - >/etc/grsec/learning.log"
+		eerror
+		return 1
+	fi
+
+	ebegin "Processing grsecurity RBAC system learning log"
+	/sbin/gradm -F -L /etc/grsec/learning.log -O /etc/grsec/learning.policy
+	eend $?
+}
+
+stop() {
+	einfo
+	einfo "To finish the learning mode you have to manually disable the"
+	einfo "grsecurity RBAC system by running the following command:"
+	einfo "  gradm -D"
+	einfo
+}
diff --git a/app-admin/grsecurity-scripts/files/grsecurity-sysctl b/app-admin/grsecurity-scripts/files/grsecurity-sysctl
new file mode 100755
index 0000000..56241e8
--- /dev/null
+++ b/app-admin/grsecurity-scripts/files/grsecurity-sysctl
@@ -0,0 +1,34 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+#
+# Created by Wolfram Schlich <wschlich@gentoo.org>
+# Feedback is greatly appreciated!
+#
+
+depend() {
+	after modules
+	before net.*
+}
+
+checkconfig() {
+	if [[ ! -f /etc/grsec/sysctl.conf ]]; then
+		eerror
+		eerror "The grsecurity sysctl.conf file is missing!"
+		eerror "  -> /etc/grsec/sysctl.conf"
+		eerror 
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Configuring grsecurity kernel parameters"
+	sysctl -q -p /etc/grsec/sysctl.conf
+	eend $?
+}
+
+stop() {
+	: NOP
+}
diff --git a/app-admin/grsecurity-scripts/files/sample-kernel-config-pax-grsec.txt b/app-admin/grsecurity-scripts/files/sample-kernel-config-pax-grsec.txt
new file mode 100644
index 0000000..23b7a39
--- /dev/null
+++ b/app-admin/grsecurity-scripts/files/sample-kernel-config-pax-grsec.txt
@@ -0,0 +1,149 @@
+#
+# Security options
+#
+
+#
+# PaX
+#
+CONFIG_PAX=y
+
+#
+# PaX Control
+#
+# CONFIG_PAX_SOFTMODE is not set
+CONFIG_PAX_EI_PAX=y
+CONFIG_PAX_PT_PAX_FLAGS=y
+# CONFIG_PAX_NO_ACL_FLAGS is not set
+CONFIG_PAX_HAVE_ACL_FLAGS=y
+# CONFIG_PAX_HOOK_ACL_FLAGS is not set
+
+#
+# Non-executable pages
+#
+CONFIG_PAX_NOEXEC=y
+CONFIG_PAX_PAGEEXEC=y
+CONFIG_PAX_SEGMEXEC=y
+# CONFIG_PAX_DEFAULT_PAGEEXEC is not set
+CONFIG_PAX_DEFAULT_SEGMEXEC=y
+CONFIG_PAX_EMUTRAMP=y
+CONFIG_PAX_MPROTECT=y
+CONFIG_PAX_NOELFRELOCS=y
+CONFIG_PAX_KERNEXEC=y
+
+#
+# Address Space Layout Randomization
+#
+CONFIG_PAX_ASLR=y
+CONFIG_PAX_RANDKSTACK=y
+CONFIG_PAX_RANDUSTACK=y
+CONFIG_PAX_RANDMMAP=y
+
+#
+# Miscellaneous hardening features
+#
+CONFIG_PAX_MEMORY_SANITIZE=y
+CONFIG_PAX_MEMORY_UDEREF=y
+
+#
+# Grsecurity
+#
+CONFIG_GRKERNSEC=y
+# CONFIG_GRKERNSEC_LOW is not set
+# CONFIG_GRKERNSEC_MEDIUM is not set
+# CONFIG_GRKERNSEC_HIGH is not set
+CONFIG_GRKERNSEC_CUSTOM=y
+
+#
+# Address Space Protection
+#
+CONFIG_GRKERNSEC_KMEM=y
+CONFIG_GRKERNSEC_IO=y
+CONFIG_GRKERNSEC_PROC_MEMMAP=y
+CONFIG_GRKERNSEC_BRUTE=y
+CONFIG_GRKERNSEC_MODSTOP=y
+CONFIG_GRKERNSEC_HIDESYM=y
+
+#
+# Role Based Access Control Options
+#
+CONFIG_GRKERNSEC_ACL_HIDEKERN=y
+CONFIG_GRKERNSEC_ACL_MAXTRIES=3
+CONFIG_GRKERNSEC_ACL_TIMEOUT=30
+
+#
+# Filesystem Protections
+#
+CONFIG_GRKERNSEC_PROC=y
+# CONFIG_GRKERNSEC_PROC_USER is not set
+CONFIG_GRKERNSEC_PROC_USERGROUP=y
+CONFIG_GRKERNSEC_PROC_GID=1001
+CONFIG_GRKERNSEC_PROC_ADD=y
+CONFIG_GRKERNSEC_LINK=y
+CONFIG_GRKERNSEC_FIFO=y
+CONFIG_GRKERNSEC_CHROOT=y
+CONFIG_GRKERNSEC_CHROOT_MOUNT=y
+CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
+CONFIG_GRKERNSEC_CHROOT_PIVOT=y
+CONFIG_GRKERNSEC_CHROOT_CHDIR=y
+CONFIG_GRKERNSEC_CHROOT_CHMOD=y
+CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
+CONFIG_GRKERNSEC_CHROOT_MKNOD=y
+CONFIG_GRKERNSEC_CHROOT_SHMAT=y
+CONFIG_GRKERNSEC_CHROOT_UNIX=y
+CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
+CONFIG_GRKERNSEC_CHROOT_NICE=y
+CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_CAPS=y
+
+#
+# Kernel Auditing
+#
+# CONFIG_GRKERNSEC_AUDIT_GROUP is not set
+# CONFIG_GRKERNSEC_EXECLOG is not set
+CONFIG_GRKERNSEC_RESLOG=y
+CONFIG_GRKERNSEC_CHROOT_EXECLOG=y
+# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set
+CONFIG_GRKERNSEC_AUDIT_MOUNT=y
+CONFIG_GRKERNSEC_AUDIT_IPC=y
+CONFIG_GRKERNSEC_SIGNAL=y
+CONFIG_GRKERNSEC_FORKFAIL=y
+CONFIG_GRKERNSEC_TIME=y
+CONFIG_GRKERNSEC_PROC_IPADDR=y
+# CONFIG_GRKERNSEC_AUDIT_TEXTREL is not set
+
+#
+# Executable Protections
+#
+CONFIG_GRKERNSEC_EXECVE=y
+CONFIG_GRKERNSEC_SHM=y
+CONFIG_GRKERNSEC_DMESG=y
+CONFIG_GRKERNSEC_TPE=y
+# CONFIG_GRKERNSEC_TPE_ALL is not set
+CONFIG_GRKERNSEC_TPE_INVERT=y
+CONFIG_GRKERNSEC_TPE_GID=1005
+
+#
+# Network Protections
+#
+CONFIG_GRKERNSEC_RANDNET=y
+CONFIG_GRKERNSEC_SOCKET=y
+CONFIG_GRKERNSEC_SOCKET_ALL=y
+CONFIG_GRKERNSEC_SOCKET_ALL_GID=1004
+CONFIG_GRKERNSEC_SOCKET_CLIENT=y
+CONFIG_GRKERNSEC_SOCKET_CLIENT_GID=1003
+CONFIG_GRKERNSEC_SOCKET_SERVER=y
+CONFIG_GRKERNSEC_SOCKET_SERVER_GID=1002
+
+#
+# Sysctl support
+#
+CONFIG_GRKERNSEC_SYSCTL=y
+CONFIG_GRKERNSEC_SYSCTL_ON=y
+
+#
+# Logging Options
+#
+CONFIG_GRKERNSEC_FLOODTIME=10
+CONFIG_GRKERNSEC_FLOODBURST=4
+# CONFIG_KEYS is not set
+# CONFIG_SECURITY is not set
diff --git a/app-admin/grsecurity-scripts/files/sysctl.conf b/app-admin/grsecurity-scripts/files/sysctl.conf
new file mode 100644
index 0000000..f32a9e6
--- /dev/null
+++ b/app-admin/grsecurity-scripts/files/sysctl.conf
@@ -0,0 +1,88 @@
+#
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+#
+# Created by Wolfram Schlich <wschlich@gentoo.org>
+# Feedback is greatly appreciated!
+#
+
+##
+## GRsecurity sysctl options
+##
+
+#
+# Misc Restrictions
+#
+
+#kernel.grsecurity.execve_limiting = 1
+#kernel.grsecurity.fifo_restrictions = 1
+#kernel.grsecurity.linking_restrictions = 1
+#kernel.grsecurity.dmesg = 1
+
+#
+# Misc Protections
+#
+
+#kernel.grsecurity.destroy_unused_shm = 1
+
+#
+# Socket Restrictions
+#
+
+#kernel.grsecurity.socket_server_gid = 1002
+#kernel.grsecurity.socket_server = 1
+#kernel.grsecurity.socket_client_gid = 1003
+#kernel.grsecurity.socket_client = 1
+#kernel.grsecurity.socket_all_gid = 1004
+#kernel.grsecurity.socket_all = 1
+
+#
+# Trusted Path Execution
+#
+
+#kernel.grsecurity.tpe_gid = 1005
+#kernel.grsecurity.tpe = 1
+
+#
+# Chroot Restrictions
+#
+
+#kernel.grsecurity.chroot_findtask = 1
+#kernel.grsecurity.chroot_deny_sysctl = 1
+#kernel.grsecurity.chroot_caps = 1
+#kernel.grsecurity.chroot_execlog = 1
+#kernel.grsecurity.chroot_restrict_nice = 1
+#kernel.grsecurity.chroot_deny_mknod = 1
+#kernel.grsecurity.chroot_deny_chmod = 1
+#kernel.grsecurity.chroot_enforce_chdir = 1
+#kernel.grsecurity.chroot_deny_pivot = 1
+#kernel.grsecurity.chroot_deny_chroot = 1
+#kernel.grsecurity.chroot_deny_fchdir = 1
+#kernel.grsecurity.chroot_deny_mount = 1
+#kernel.grsecurity.chroot_deny_unix = 1
+#kernel.grsecurity.chroot_deny_shmat = 1
+
+#
+# Auditing & Logging
+#
+
+kernel.grsecurity.audit_ipc = 1
+kernel.grsecurity.audit_mount = 1
+
+kernel.grsecurity.forkfail_logging = 1
+kernel.grsecurity.resource_logging = 1
+kernel.grsecurity.signal_logging = 1
+kernel.grsecurity.timechange_logging = 1
+
+#
+# Disable the loading of modules
+#
+
+#kernel.grsecurity.disable_modules = 1
+
+#
+# Finally lock the sysctl settings
+#
+
+#kernel.grsecurity.grsec_lock = 1
diff --git a/app-admin/grsecurity-scripts/grsecurity-scripts-1.ebuild b/app-admin/grsecurity-scripts/grsecurity-scripts-1.ebuild
new file mode 100644
index 0000000..ba4c951
--- /dev/null
+++ b/app-admin/grsecurity-scripts/grsecurity-scripts-1.ebuild
@@ -0,0 +1,84 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+#
+# Created by Wolfram Schlich <wschlich@gentoo.org>
+# Feedback is greatly appreciated!
+#
+
+IUSE=""
+DESCRIPTION="grsecurity scripts"
+HOMEPAGE="http://dev.gentoo.org/~wschlich/"
+SRC_URI=""
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+DEPEND="sys-apps/gradm"
+
+src_unpack() {
+	: NOP
+}
+
+src_compile() {
+	: NOP
+}
+
+src_install() {
+	local scripts="grsecurity-sysctl grsecurity-rbac grsecurity-rbac-learning"
+	for s in ${scripts}; do
+		doinitd ${FILESDIR}/${s}
+	done
+
+	insinto /etc/grsec
+	doins ${FILESDIR}/sysctl.conf
+
+	dodoc ${FILESDIR}/sample-kernel-config-pax-grsec.txt
+}
+
+pkg_postinst() {
+	einfo
+	einfo "See the included sample kernel config file for kernel"
+	einfo "configuration options regarding PaX and grsecurity that"
+	einfo "fit the bundled grsecurity sysctl.conf settings:"
+	einfo "  -> sample-kernel-config-pax-grsec.txt"
+	einfo
+	einfo "To set the grsecurity kernel parameters automagically on"
+	einfo "boot, you should now adjust /etc/grsec/sysctl.conf and add"
+	einfo "the 'grsecurity-sysctl' init script to the boot runlevel:"
+	einfo "  rc-update add grsecurity-sysctl boot"
+	einfo
+
+	einfo
+	einfo "If you want to use the grsecurity RBAC system learning mode,"
+	einfo "you should add the init script 'grsecurity-rbac-learning' to the"
+	einfo "boot runlevel to catch as many events as possible:"
+	einfo "  rc-update add grsecurity-rbac-learning boot"
+	einfo
+
+	ewarn
+	ewarn "If you enable the 'grsecurity-rbac-learning' init script to be"
+	ewarn "started on boot, you can only finish the grsecurity RBAC"
+	ewarn "system learning mode using 'gradm -D' from the terminal it"
+	ewarn "was initially being started on (/dev/console, in this case)!"
+	ewarn
+
+	einfo
+	einfo "To enable the grsecurity RBAC system automagically on"
+	einfo "boot, you should now adjust /etc/grsec/policy and add"
+	einfo "the 'grsecurity-rbac' init script to the boot runlevel:"
+	einfo "  rc-update add grsecurity-rbac boot"
+	einfo
+
+	ewarn
+	ewarn "For both the grsecurity RBAC system learning and production"
+	ewarn "mode, you must create passwords for the RBAC system itself"
+	ewarn "and the RBAC system 'admin' role by running the following"
+	ewarn "commands:"
+	ewarn
+	ewarn "To create the grsecurity RBAC system main password:"
+	ewarn "  gradm -P"
+	ewarn
+	ewarn "To create the grsecurity RBAC system role 'admin' password:"
+	ewarn "  gradm -P admin"
+	ewarn
+}
diff --git a/app-admin/grub-scripts/ChangeLog b/app-admin/grub-scripts/ChangeLog
new file mode 100644
index 0000000..a19f6bf
--- /dev/null
+++ b/app-admin/grub-scripts/ChangeLog
@@ -0,0 +1,8 @@
+# ChangeLog for app-admin/grub-scripts
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+  19 Aug 2008; Wolfram Schlich <wschlich@gentoo.org> +files/grub.conf,
+  +files/grub-md5-crypt.sh, +files/grub-set-default, +grub-scripts-1.ebuild:
+  initial import
+
diff --git a/app-admin/grub-scripts/Manifest b/app-admin/grub-scripts/Manifest
new file mode 100644
index 0000000..45b7355
--- /dev/null
+++ b/app-admin/grub-scripts/Manifest
@@ -0,0 +1,5 @@
+AUX grub-md5-crypt.sh 149 RMD160 6822575379e966464228309a483d9a243ef3dbb6 SHA1 796812efa09fb42e997b0e6b5a4ed005e3e8463e SHA256 2a1314e5c41a31cf15d60b40f43c7bbf049e12c5ac530c5c421aba8b9464d54c
+AUX grub-set-default 3255 RMD160 ec97628bb1d2d6a7667965d3b8029615cb119bd4 SHA1 4e00f3a19d0bb5c907bb21da2cfc3f59122cd9e2 SHA256 a8395834f4cff198ac0567c441d67c450596ad04387c7f4562f590be3921c083
+AUX grub.conf 1273 RMD160 ec082a778a5c9887fd478ef3c8f149b9bbdb2b6a SHA1 0408deef4324aaaa17ce00597577df37fc8a1b26 SHA256 6d4f87114c8eac828e75bcfefda94761adbb00d7565054f3dfce71e1687aae67
+EBUILD grub-scripts-1.ebuild 880 RMD160 eef78f34e14d75e596911096868e739b2c499942 SHA1 2f7c1ca0de1a74f3222747040863ff27cffece09 SHA256 4f57b36aecb4bc1f22b8d3f02bfdc7339703fb9ea7b848af774981bf69827253
+MISC ChangeLog 289 RMD160 ac3fbba1f5598c8d36cbd5777b4f8390dfa37820 SHA1 72abb1235b7fc6786f5ae3a86e0e508dff15345b SHA256 ae439c6fe9e6099fa58f3824007b6dcbbc7e85c0439a1deac9fc22588c1efdb3
diff --git a/app-admin/grub-scripts/files/grub-md5-crypt.sh b/app-admin/grub-scripts/files/grub-md5-crypt.sh
new file mode 100755
index 0000000..a9c1edb
--- /dev/null
+++ b/app-admin/grub-scripts/files/grub-md5-crypt.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+/sbin/grub --batch --device-map=/dev/null <<-EOF | grep '^Encrypted: ' | sed 's/^Encrypted: //'
+    md5crypt
+    $(cat)
+    quit
+    EOF
diff --git a/app-admin/grub-scripts/files/grub-set-default b/app-admin/grub-scripts/files/grub-set-default
new file mode 100755
index 0000000..19162b2
--- /dev/null
+++ b/app-admin/grub-scripts/files/grub-set-default
@@ -0,0 +1,140 @@
+#!/sbin/runscript
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+#
+# This script looks for a grub-entry=N kernel option
+# (needs to be specified in /boot/grub/grub.conf by hand
+# and for each kernel entry with the correct number)
+# and calls grub-set-default with its value as argument.
+# Used to update /boot/grub/default with the current
+# running kernel entry for a convenient use of the grub
+# fallback mechanism.
+#
+# Suggestion:
+# Copy this script to /etc/init.d/grub-set-default,
+# add it to the boot runlevel and use the following
+# kernel options in grub.conf:
+#
+#   grub-entry=N panic=5 panic_on_oops=1
+#
+# WARNING:
+# This script expects /boot to either reside on a separate volume
+# and be mounted (readonly is ok), or to be part of the rootfs.
+# It is however recommended to put /boot on a separate volume
+# and mount it automatically but readonly, so System.map can
+# be read but no files (kernel images etc.) can be damaged, removed
+# or tampered with in any other way by accident.
+#
+# Direct feedback to Wolfram Schlich <wschlich@gentoo.org>.
+#
+
+depend() {
+	need localmount
+}
+
+start() {
+
+	# check for /proc stuff
+	if [[ ! -e /proc/cmdline || ! -e /proc/mounts ]]; then
+		eerror "/proc does not appear to be mounted, cannot set grub default entry"
+		eend 1
+		return 1
+	fi
+
+	# grub.conf entry number to be set as default
+	declare -i grub_entry=-1
+
+	# is /boot on a separate volume and mounted read-only?
+	declare -i boot_ro=0
+
+	# split kernel command line into positional arguments
+	IFS=' '
+	set -- $(</proc/cmdline)
+	unset IFS
+
+	# loop through kernel command line
+	while [[ ${#@} -gt 0 && ${grub_entry} -eq -1 ]]; do
+		case "${1}" in
+			grub-entry=*)
+				grub_entry=${1##*=}
+				;;
+			*)
+				;;
+		esac
+		shift
+	done
+
+	# be done if no grub-entry= option was passed to the kernel
+	if [ ${grub_entry} -eq -1 ]; then
+		einfo "Skipping setting grub default entry"
+		return 0
+	fi
+
+	# split /proc/mounts into array by newline
+	IFS=$'\n'
+	mounts=(
+		$(</proc/mounts)
+	)
+	unset IFS
+
+	# loop through array of mounts
+	for mount in "${mounts[@]}"; do
+
+		# split mount line into fields
+		IFS=' '
+		set -- ${mount}
+		unset IFS
+		mount_point="${2}" # field #2
+		mount_opts="${4}" # field #4
+		#einfo "Mount point: ${mount_point}"
+		#einfo "Mount opts: ${mount_opts}"
+		case "${mount_point}" in
+			/boot)
+				#einfo "Mount point /boot is on a separate volume"
+				IFS=','
+				set -- ${mount_opts}
+				unset IFS
+				while [[ ${#@} -gt 0 ]]; do
+					case "${1}" in
+						ro)
+							boot_ro=1
+							;;
+						*)
+							;;
+					esac
+					shift
+				done
+				;;
+			*)
+				;;
+		esac
+	done
+
+	# remount /boot rw if needed
+	if [ ${boot_ro} -eq 1 ]; then
+		#einfo "Mount point /boot needs remounting -> rw"
+		if ! /bin/mount -o remount,rw /boot; then
+			eerror "Failed to remount /boot rw"
+			eend 1
+			return 1
+		fi
+	fi
+
+	# call grub-set-default
+	ebegin "Setting grub default entry to current entry ${grub_entry}"
+	/sbin/grub-set-default ${grub_entry}
+	eend ${?}
+
+	# remount /boot ro if needed
+	if [ ${boot_ro} -eq 1 ]; then
+		#einfo "Mount point /boot needs remounting -> ro"
+		if ! /bin/mount -o remount,ro /boot; then
+			eerror "Failed to remount /boot ro"
+			eend 1
+			return 1
+		fi
+	fi
+
+}
diff --git a/app-admin/grub-scripts/files/grub.conf b/app-admin/grub-scripts/files/grub.conf
new file mode 100644
index 0000000..864e12a
--- /dev/null
+++ b/app-admin/grub-scripts/files/grub.conf
@@ -0,0 +1,46 @@
+##
+## $Header$
+## Wolfram Schlich <wschlich@gentoo.org>
+## Licensed under the GNU GPL v2 or later
+##
+
+# >
+# > generic settings
+# >
+
+password --md5 %pw_grub_md5%
+lock
+timeout 10
+
+# >> serial console (disable grub splashimage and kernel framebuffer!)
+serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
+terminal --timeout=10 console serial
+
+# >> splash image (disable when using serial console!)
+# splashimage = (hd0,0)/boot/grub/splash.xpm.gz
+
+# >> load last booted kernel by default
+default saved
+fallback 0
+
+# >
+# > kernels
+# >
+
+# >> Fallback entry
+title = Gentoo Linux [Fallback] (local,serial) {rc:default}
+	root (hd0,0)
+	kernel (hd0,0)/bzImage-%kv% root=%dev_root% grub-entry=0 panic=60 panic_on_oops=1 console=ttyS0,115200n8 console=tty0 softlevel=default
+	savedefault
+
+# >> Kernel #1
+title = Gentoo Linux [%kv%] (local,serial) {rc:default}
+	root (hd0,0)
+	kernel (hd0,0)/bzImage-%kv% root=%dev_root% grub-entry=1 panic=60 panic_on_oops=1 console=ttyS0,115200n8 console=tty0 softlevel=default
+	savedefault fallback
+
+# >> Kernel #2
+title = Gentoo Linux [%kv%] (serial,local) {rc:default}
+	root (hd0,0)
+	kernel (hd0,0)/bzImage-%kv% root=%dev_root% grub-entry=2 panic=60 panic_on_oops=1 console=tty0 console=ttyS0,115200n8 softlevel=default
+	savedefault fallback
diff --git a/app-admin/grub-scripts/grub-scripts-1.ebuild b/app-admin/grub-scripts/grub-scripts-1.ebuild
new file mode 100644
index 0000000..79cfec7
--- /dev/null
+++ b/app-admin/grub-scripts/grub-scripts-1.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+#
+# Created by Wolfram Schlich <wschlich@gentoo.org>
+# Feedback is greatly appreciated!
+#
+
+IUSE=""
+DESCRIPTION="grub scripts"
+HOMEPAGE="http://dev.gentoo.org/~wschlich/"
+SRC_URI=""
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+RDEPEND="sys-boot/grub"
+
+src_unpack() {
+	: NOP
+}
+
+src_compile() {
+	: NOP
+}
+
+src_install() {
+	doinitd "${FILESDIR}"/grub-set-default
+	dosbin "${FILESDIR}"/grub-md5-crypt.sh
+	dodoc "${FILESDIR}"/grub.conf
+}
+
+pkg_postinst() {
+	einfo
+	einfo "To set the grub default entry automagically on boot, you"
+	einfo "should now adjust /boot/grub/grub.conf (see the bundled"
+	einfo "grub.conf example for details) and add the 'grub-set-default'"
+	einfo "init script to the boot runlevel:"
+	einfo "  rc-update add grub-set-default boot"
+	einfo
+}
diff --git a/app-admin/lvm-snapshot-backup-wrapper/ChangeLog b/app-admin/lvm-snapshot-backup-wrapper/ChangeLog
new file mode 100644
index 0000000..4776d90
--- /dev/null
+++ b/app-admin/lvm-snapshot-backup-wrapper/ChangeLog
@@ -0,0 +1,23 @@
+# ChangeLog for app-admin/lvm-snapshot-backup-wrapper
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+  18 Mar 2011; Wolfram Schlich <wschlich@gentoo.org>
+  -lvm-snapshot-backup-wrapper-2-r1.ebuild,
+  +lvm-snapshot-backup-wrapper-2-r2.ebuild:
+  add EAPI=1 due to bashinator slot dependency
+
+  28 May 2009; Wolfram Schlich <wschlich@gentoo.org>
+  -lvm-snapshot-backup-wrapper-2.ebuild,
+  +lvm-snapshot-backup-wrapper-2-r1.ebuild:
+  fix dependency for USE=rsnapshot
+
+  27 May 2009; Wolfram Schlich <wschlich@gentoo.org>
+  -lvm-snapshot-backup-wrapper-1.ebuild,
+  +lvm-snapshot-backup-wrapper-2.ebuild:
+  version bump
+
+  27 May 2009; Wolfram Schlich <wschlich@gentoo.org> +metadata.xml,
+  +lvm-snapshot-backup-wrapper-1.ebuild:
+  initial import
+
diff --git a/app-admin/lvm-snapshot-backup-wrapper/Manifest b/app-admin/lvm-snapshot-backup-wrapper/Manifest
new file mode 100644
index 0000000..d443fb6
--- /dev/null
+++ b/app-admin/lvm-snapshot-backup-wrapper/Manifest
@@ -0,0 +1,4 @@
+DIST lvm-snapshot-backup-wrapper-2.tar.bz2 4226 RMD160 2800a13bb91da2f65fc4486d75916b71eaecedff SHA1 2dd1c162d24cd2b3a8314c9914ec27efea69d69d SHA256 2f414b60a1d5bd9995b2c8200d93395f0ff499cd8959ad592556a5747f918559
+EBUILD lvm-snapshot-backup-wrapper-2-r2.ebuild 810 RMD160 ecace16c11e8ba0c5871f4f4fa184aa6dca1a6ed SHA1 9e568bba7a4fd6c50c9152f430627c542397b33a SHA256 6a4c77d86f895d84e1e298c750d35b1a209210119fb9f0a16e75c1a61fe42d3b
+MISC ChangeLog 779 RMD160 d75eca57fc446a4b2b4426bfc313dcbcc9606250 SHA1 3b1cc69b01aecc1cfbc2cdcd8058f036cb1292e0 SHA256 baae726c961e4ea36387c89b3fab6a5149d6cd78077039f0236f370bc151704c
+MISC metadata.xml 509 RMD160 b34e949fd814a2ec48c70be6320662ac845a2e04 SHA1 e2dbc02fb28866bbacdba38c77e2c74fc1ac5cda SHA256 ef31efb8aa25da1970c13b7f492eee31a9d05f815b81dbbf35799844769446e3
diff --git a/app-admin/lvm-snapshot-backup-wrapper/lvm-snapshot-backup-wrapper-2-r2.ebuild b/app-admin/lvm-snapshot-backup-wrapper/lvm-snapshot-backup-wrapper-2-r2.ebuild
new file mode 100644
index 0000000..a37a1c3
--- /dev/null
+++ b/app-admin/lvm-snapshot-backup-wrapper/lvm-snapshot-backup-wrapper-2-r2.ebuild
@@ -0,0 +1,35 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=1
+
+DESCRIPTION="LVM Snapshot Backup Wrapper"
+HOMEPAGE="http://www.bashinator.org/projects/lvm-snapshot-backup-wrapper"
+
+SRC_URI="http://www.bashinator.org/projects/lvm-snapshot-backup-wrapper/releases/${P}.tar.bz2"
+LICENSE="GPL-3"
+SLOT="0"
+
+KEYWORDS="amd64 x86"
+IUSE="rdiff-backup +rsnapshot sudo"
+
+DEPEND=""
+RDEPEND="app-shells/bashinator:0
+	>=app-admin/lvm-snaptool-1
+	sudo? ( app-admin/sudo )
+	rdiff-backup? ( app-backup/rdiff-backup )
+	rsnapshot? ( net-misc/rsync )"
+
+src_compile() { :; }
+
+src_install() {
+	insinto /etc/${PN}
+	doins ${PN}.cfg.sh
+	doins bashinator.cfg.sh
+	dosbin ${PN}.sh
+	insinto /usr/lib
+	doins ${PN}.lib.sh
+	docinto example
+	PORTAGE_COMPRESS= dodoc example/*
+}
diff --git a/app-admin/lvm-snapshot-backup-wrapper/metadata.xml b/app-admin/lvm-snapshot-backup-wrapper/metadata.xml
new file mode 100644
index 0000000..e9af826
--- /dev/null
+++ b/app-admin/lvm-snapshot-backup-wrapper/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<herd>no-herd</herd>
+	<maintainer>
+		<email>wschlich@gentoo.org</email>
+		<name>Wolfram Schlich</name>
+		<description>Primary maintainer</description>
+	</maintainer>
+	<use>
+		<flag name='rdiff-backup'>Depend on rdiff-backup</flag>
+		<flag name='rsnapshot'>Depend on rsnapshot</flag>
+		<flag name='sudo'>Depend on sudo for execution by unprivileged users</flag>
+	</use>
+</pkgmetadata>
diff --git a/app-admin/lvm-snaptool/ChangeLog b/app-admin/lvm-snaptool/ChangeLog
new file mode 100644
index 0000000..d4c55ad
--- /dev/null
+++ b/app-admin/lvm-snaptool/ChangeLog
@@ -0,0 +1,25 @@
+# ChangeLog for app-admin/lvm-snaptool
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+  18 Mar 2011; Wolfram Schlich <wschlich@gentoo.org>
+  -lvm-snaptool-1.2.ebuild, -lvm-snaptool-1.4.ebuild,
+  +lvm-snaptool-1.4-r1.ebuild:
+  add EAPI=1 due to bashinator slot dependency, removed old version.
+
+  22 Mar 2010; Wolfram Schlich <wschlich@gentoo.org>
+  +lvm-snaptool-1.4.ebuild:
+  version bump
+
+  07 Oct 2009; Wolfram Schlich <wschlich@gentoo.org> -lvm-snaptool-1.ebuild,
+  -lvm-snaptool-1.1.ebuild, +lvm-snaptool-1.2.ebuild:
+  version bump, this time REALLY fixes a bug with bash-4. removed old versions.
+
+  07 Oct 2009; Wolfram Schlich <wschlich@gentoo.org>
+  +lvm-snaptool-1.1.ebuild:
+  version bump, fixes a bug with bash-4
+
+  27 May 2009; Wolfram Schlich <wschlich@gentoo.org> +metadata.xml,
+  +lvm-snaptool-1.ebuild:
+  initial import
+
diff --git a/app-admin/lvm-snaptool/Manifest b/app-admin/lvm-snaptool/Manifest
new file mode 100644
index 0000000..382ad74
--- /dev/null
+++ b/app-admin/lvm-snaptool/Manifest
@@ -0,0 +1,4 @@
+DIST lvm-snaptool-1.4.tar.bz2 8990 RMD160 74af377637b90c0ba1a41444990c3a0156bda663 SHA1 514cf2090503bb0f8a9cea6b737763b631c1bb62 SHA256 8a40edbeaf21aab336eea0d5b159d58f2f7020cb5561e1648b9da7a54224c5b3
+EBUILD lvm-snaptool-1.4-r1.ebuild 610 RMD160 63b8c6951ec5024c2601db5323f369a4ad7b8c6f SHA1 258a3df38801a530337d1c430c5aa2d815a88130 SHA256 02a5ca29ef8f34206df4f3c2595033bba0abb1e31a2fdf8e026d976ae1c917a0
+MISC ChangeLog 874 RMD160 c6d14384979aeff437abba5893fbed2b522b4225 SHA1 3be5a1c1b5af8203c4b42dfc9c84a498f98dbec7 SHA256 13b2386e379f726b1eb298a75354a442a9060325060c03068d5b21c65a170620
+MISC metadata.xml 300 RMD160 3b9c1cd628f9d7ac94b68543ec737d5c2381a47e SHA1 33c5efd31a8aa789118535b921e211ffb5023ac3 SHA256 bc07a9aecce5770d1ace9af0a6c6af8ff6c7b16eb5e7947a1b178d1970855e43
diff --git a/app-admin/lvm-snaptool/lvm-snaptool-1.4-r1.ebuild b/app-admin/lvm-snaptool/lvm-snaptool-1.4-r1.ebuild
new file mode 100644
index 0000000..fa16cfc
--- /dev/null
+++ b/app-admin/lvm-snaptool/lvm-snaptool-1.4-r1.ebuild
@@ -0,0 +1,32 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=1
+
+DESCRIPTION="LVM Snapshot Toolkit"
+HOMEPAGE="http://www.bashinator.org/projects/lvm-snaptool"
+
+SRC_URI="http://www.bashinator.org/projects/lvm-snaptool/releases/${P}.tar.bz2"
+LICENSE="GPL-3"
+SLOT="0"
+
+KEYWORDS="amd64 x86"
+IUSE=""
+
+DEPEND=""
+RDEPEND="app-shells/bashinator:0
+	sys-fs/lvm2
+	sys-fs/e2fsprogs
+	sys-devel/bc"
+
+src_compile() { :; }
+
+src_install() {
+	insinto /etc/${PN}
+	doins ${PN}.cfg.sh
+	doins bashinator.cfg.sh
+	dosbin ${PN}.sh
+	insinto /usr/lib
+	doins ${PN}.lib.sh
+}
diff --git a/app-admin/lvm-snaptool/metadata.xml b/app-admin/lvm-snaptool/metadata.xml
new file mode 100644
index 0000000..a7162e9
--- /dev/null
+++ b/app-admin/lvm-snaptool/metadata.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>no-herd</herd>
+<maintainer>
+	<email>wschlich@gentoo.org</email>
+	<name>Wolfram Schlich</name>
+	<description>Primary maintainer</description>
+</maintainer>
+</pkgmetadata>
diff --git a/app-admin/mon/Manifest b/app-admin/mon/Manifest
new file mode 100644
index 0000000..28a0f38
--- /dev/null
+++ b/app-admin/mon/Manifest
@@ -0,0 +1,24 @@
+AUX mon-1.2.0-sendmail.patch 1450 RMD160 26e24a127b07855973b848f7ced95cd540ebc16e SHA1 37062b6764c688d7c09c122e276dbb63847b95d6 SHA256 7f72873f2669138ab1ee8fa6a1129936e8f5c65bee5da23b9ae03c0b9adfdab5
+MD5 70400bd77cafb35cae2c10c4bcb5ba3a files/mon-1.2.0-sendmail.patch 1450
+RMD160 26e24a127b07855973b848f7ced95cd540ebc16e files/mon-1.2.0-sendmail.patch 1450
+SHA256 7f72873f2669138ab1ee8fa6a1129936e8f5c65bee5da23b9ae03c0b9adfdab5 files/mon-1.2.0-sendmail.patch 1450
+AUX mon-1.2.0-syslog.patch 483 RMD160 a44e89b478a6a197095cbddcf138b7121f45d17f SHA1 17378c67c02bed9d413ff61f481aa5d606a59c4c SHA256 6cbd6683d55bbfd1da0f0b395a36bc4e177a9446899e6fdce26da4c2658b5b9e
+MD5 bb5741768a3c76b028fe778e16359791 files/mon-1.2.0-syslog.patch 483
+RMD160 a44e89b478a6a197095cbddcf138b7121f45d17f files/mon-1.2.0-syslog.patch 483
+SHA256 6cbd6683d55bbfd1da0f0b395a36bc4e177a9446899e6fdce26da4c2658b5b9e files/mon-1.2.0-syslog.patch 483
+AUX mon.cf 751 RMD160 1a039992f4e7812be4a029b9eddf07c6301e8d2b SHA1 757751288e49b15c492c646875377a523ce9dfbd SHA256 209da270077b8837bc10f10c1b13a8a2d835fe1c633b7676c6862ee10b9c3f17
+MD5 0a1e2a0813ad7879c29b8233ccddddbf files/mon.cf 751
+RMD160 1a039992f4e7812be4a029b9eddf07c6301e8d2b files/mon.cf 751
+SHA256 209da270077b8837bc10f10c1b13a8a2d835fe1c633b7676c6862ee10b9c3f17 files/mon.cf 751
+AUX mon.init 731 RMD160 a3515e8d9c61b3868eb64387a72f59b9589cd738 SHA1 f5ebfd680f4de41ac8d5243b6c63c8f1778617b4 SHA256 52d096ee3ebbf26e422cad715abaec14f3e3208e8df5616f0b2a1adf8f2a15ca
+MD5 4fce90c7d9dc2d7873e2c39ef91fba27 files/mon.init 731
+RMD160 a3515e8d9c61b3868eb64387a72f59b9589cd738 files/mon.init 731
+SHA256 52d096ee3ebbf26e422cad715abaec14f3e3208e8df5616f0b2a1adf8f2a15ca files/mon.init 731
+DIST mon-1.2.0.tar.bz2 245480 RMD160 51a40f2eda425c23f2afe92ffbf0ebe0cc5c58fe SHA1 e3a0c8e687c65cc944c8ce17cb1a3a7a8c4cc018 SHA256 a97550bf5051eb8dc4f77c0f30fa501f138f51e49f0957ce6967e7916213bf91
+EBUILD mon-1.2.0.ebuild 1496 RMD160 9830bb6f1e2943e2a7dd5bfaaf31aff36115613d SHA1 ed9982e23f347080b96689030f4e8476543ec4b6 SHA256 b6449a85b3e047deac575deee647f62f5bc938d0745f79774b478aca7395d8ee
+MD5 d846cb9880d584c22ff7fceea71f7ef3 mon-1.2.0.ebuild 1496
+RMD160 9830bb6f1e2943e2a7dd5bfaaf31aff36115613d mon-1.2.0.ebuild 1496
+SHA256 b6449a85b3e047deac575deee647f62f5bc938d0745f79774b478aca7395d8ee mon-1.2.0.ebuild 1496
+MD5 3b199947de74d27ea4a2021870a2553b files/digest-mon-1.2.0 232
+RMD160 5e88daf12d596add085f791840d717e5f1c0ce17 files/digest-mon-1.2.0 232
+SHA256 29749b7ab0c96e67b24797785c597ab6d11399938d7c5d752a3db4fb9bdfb5b5 files/digest-mon-1.2.0 232
diff --git a/app-admin/mon/files/digest-mon-1.2.0 b/app-admin/mon/files/digest-mon-1.2.0
new file mode 100644
index 0000000..5a961fa
--- /dev/null
+++ b/app-admin/mon/files/digest-mon-1.2.0
@@ -0,0 +1,3 @@
+MD5 ed52e4d4c6bbe8bca72f2a7843c0bcea mon-1.2.0.tar.bz2 245480
+RMD160 51a40f2eda425c23f2afe92ffbf0ebe0cc5c58fe mon-1.2.0.tar.bz2 245480
+SHA256 a97550bf5051eb8dc4f77c0f30fa501f138f51e49f0957ce6967e7916213bf91 mon-1.2.0.tar.bz2 245480
diff --git a/app-admin/mon/files/mon-1.2.0-sendmail.patch b/app-admin/mon/files/mon-1.2.0-sendmail.patch
new file mode 100644
index 0000000..e174295
--- /dev/null
+++ b/app-admin/mon/files/mon-1.2.0-sendmail.patch
@@ -0,0 +1,36 @@
+diff -urN mon-1.2.0.orig/alert.d/mail.alert mon-1.2.0/alert.d/mail.alert
+--- mon-1.2.0.orig/alert.d/mail.alert	2005-04-17 09:42:26.000000000 +0200
++++ mon-1.2.0/alert.d/mail.alert	2007-09-03 18:19:50.000000000 +0200
+@@ -46,7 +46,7 @@
+ $t = localtime($opt_t);
+ ($wday,$mon,$day,$tm) = split (/\s+/, $t);
+ 
+-open (MAIL, "| /usr/lib/sendmail -oi -t $mailfrom") ||
++open (MAIL, "| /usr/sbin/sendmail -oi -t $mailfrom") ||
+     die "could not open pipe to mail: $!\n";
+ print MAIL <<EOF;
+ To: $mailaddrs
+diff -urN mon-1.2.0.orig/alert.d/netpage.alert mon-1.2.0/alert.d/netpage.alert
+--- mon-1.2.0.orig/alert.d/netpage.alert	2005-04-17 09:42:26.000000000 +0200
++++ mon-1.2.0/alert.d/netpage.alert	2007-09-03 18:19:50.000000000 +0200
+@@ -41,7 +41,7 @@
+ 
+ $ALERT = $opt_u ? "UPALERT" : "ALERT";
+ 
+-open (MAIL, "| /usr/lib/sendmail -oi -t") ||
++open (MAIL, "| /usr/sbin/sendmail -oi -t") ||
+     die "could not open pipe to mail: $!\n";
+ 
+ print MAIL <<EOF;
+diff -urN mon-1.2.0.orig/clients/skymon/skymon mon-1.2.0/clients/skymon/skymon
+--- mon-1.2.0.orig/clients/skymon/skymon	2005-04-17 09:42:26.000000000 +0200
++++ mon-1.2.0/clients/skymon/skymon	2007-09-03 18:20:15.000000000 +0200
+@@ -233,7 +233,7 @@
+ #    &load_address() || die "could not load address\n";
+ #    print "$BUF";
+ 
+-    open (MAIL, "| /usr/lib/sendmail -oi -t") ||
++    open (MAIL, "| /usr/sbin/sendmail -oi -t") ||
+ 	die "could not open pipe to mail: $!\n";
+ print MAIL <<EOF;
+ To: $ADDR
diff --git a/app-admin/mon/files/mon-1.2.0-syslog.patch b/app-admin/mon/files/mon-1.2.0-syslog.patch
new file mode 100644
index 0000000..ad0c668
--- /dev/null
+++ b/app-admin/mon/files/mon-1.2.0-syslog.patch
@@ -0,0 +1,18 @@
+--- mon-1.2.0.orig/mon	2007-10-08 19:04:50.000000000 +0200
++++ mon-1.2.0/mon	2007-10-09 16:04:16.000000000 +0200
+@@ -5410,11 +5410,10 @@
+ 
+ no warnings; # Redefining syslog
+ sub syslog {
+-   eval {
+-       local $SIG{"__DIE__"}= sub { }; 
+-       my @log = map { s/\%//mg; } @_;
+-       Sys::Syslog::syslog(@log);
+-   }
++       local $SIG{"__DIE__"} = sub { }; 
++       my ($level, $msg) = @_;
++       $msg =~ s/\%//mg;
++       Sys::Syslog::syslog($level, $msg);
+ }
+ use warnings;
+ 
diff --git a/app-admin/mon/files/mon.cf b/app-admin/mon/files/mon.cf
new file mode 100644
index 0000000..dee693e
--- /dev/null
+++ b/app-admin/mon/files/mon.cf
@@ -0,0 +1,34 @@
+#
+# Very simple mon.cf file
+#
+
+alertdir   = /usr/lib/mon/alert.d
+mondir     = /usr/lib/mon/mon.d
+logdir     = /var/log/mon.d
+statedir   = /var/lib/mon.d
+maxprocs   = 20
+histlength = 100
+randstart  = 60s
+
+#
+# define groups of hosts to monitor
+#
+
+hostgroup servers localhost
+
+watch servers
+    service ping
+        interval 5m
+        monitor fping.monitor
+        period wd {Mon-Fri} hr {7am-24pm}
+            alert mail.alert root@localhost
+            alertevery 1h
+        period wd {Sat-Sun}
+            alert mail.alert root@localhost
+    service telnet
+        interval 10m
+        monitor telnet.monitor
+        period wd {Mon-Fri} hr {7am-24pm}
+            alertevery 1h
+            alertafter 2 30m
+            alert mail.alert root@localhost
diff --git a/app-admin/mon/files/mon.init b/app-admin/mon/files/mon.init
new file mode 100644
index 0000000..bb7122e
--- /dev/null
+++ b/app-admin/mon/files/mon.init
@@ -0,0 +1,32 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/mon/files/mon.rc6,v 1.7 2007/07/09 22:47:42 uberlord Exp $
+
+depend() {
+	need clock
+	after logger
+}
+
+checkconfig() {
+	if [ ! -e /etc/mon/mon.cf ] ; then
+		eerror "You need an /etc/mon/mon.cf file to run mon"
+		eerror "There is a sample at /etc/mon/mon.cf.sample"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting mon"
+	start-stop-daemon --start --exec /usr/sbin/mon \
+	    --pidfile /var/run/mon.pid \
+	    -- -P /var/run/mon.pid -f
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping mon"
+	start-stop-daemon --stop --pidfile /var/run/mon.pid
+	eend $?
+}
diff --git a/app-admin/mon/mon-1.2.0.ebuild b/app-admin/mon/mon-1.2.0.ebuild
new file mode 100644
index 0000000..d5579e6
--- /dev/null
+++ b/app-admin/mon/mon-1.2.0.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+inherit toolchain-funcs eutils multilib
+
+DESCRIPTION="highly configurable service monitoring daemon"
+HOMEPAGE="http://www.kernel.org/software/mon/"
+SRC_URI="mirror://kernel/software/admin/mon/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc x86"
+IUSE="ldap mysql pam"
+
+DEPEND=">=dev-perl/Mon-0.11
+	>=virtual/perl-Time-HiRes-1.20
+	dev-perl/Convert-BER
+	dev-perl/Filesys-DiskSpace
+	dev-perl/Net-Telnet
+	ldap? ( dev-perl/perl-ldap )
+	dev-perl/Expect
+	dev-perl/Net-DNS
+	mysql? ( dev-perl/DBD-mysql )
+	pam? ( dev-perl/Authen-PAM )
+	>=dev-perl/Period-1.20-r2"
+
+src_unpack() {
+	unpack "${A}"
+	cd "${S}"
+	epatch "${FILESDIR}/${P}-sendmail.patch"
+	epatch "${FILESDIR}/${P}-syslog.patch"
+}
+
+src_compile() {
+	cd "${S}"/mon.d
+	make CC="$(tc-getCC) ${CFLAGS}" || die
+}
+
+src_install() {
+	dosbin mon clients/mon*
+
+	insinto /usr/$(get_libdir)/mon/utils
+	doins utils/*
+
+	exeinto /usr/$(get_libdir)/mon/alert.d
+	doexe alert.d/*
+
+	exeinto /usr/$(get_libdir)/mon/mon.d
+	doexe mon.d/*.monitor
+
+	insopts -g uucp -m 02555
+	doins mon.d/*.wrap
+
+	dodir /var/log/mon.d
+	dodir /var/lib/mon.d
+
+	doman doc/*.{1,8}
+	dodoc CHANGES doc/CHANGES* CREDITS \
+		KNOWN-PROBLEMS README TODO VERSION \
+		doc/README* doc/*.txt
+	docinto etc; dodoc etc/*
+	newdoc "${FILESDIR}"/mon.cf mon.cf.sample
+
+	newinitd "${FILESDIR}"/mon.init mon
+	insinto /etc/mon
+	newins "${FILESDIR}"/mon.cf mon.cf.sample
+}
diff --git a/app-admin/pwman/ChangeLog b/app-admin/pwman/ChangeLog
new file mode 100644
index 0000000..a5f1ad1
--- /dev/null
+++ b/app-admin/pwman/ChangeLog
@@ -0,0 +1,10 @@
+# ChangeLog for app-admin/pwman
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+  06 Mar 2009; Wolfram Schlich <wschlich@gentoo.org> -pwman-0.3.4.ebuild:
+  removed old version
+
+  06 Mar 2009; Wolfram Schlich <wschlich@gentoo.org> pwman-0.3.9.ebuild:
+  added amd64
+
diff --git a/app-admin/pwman/Manifest b/app-admin/pwman/Manifest
new file mode 100644
index 0000000..7cee0d9
--- /dev/null
+++ b/app-admin/pwman/Manifest
@@ -0,0 +1,3 @@
+DIST pwman-0.3.9.tar.gz 103819 RMD160 2bbbf8c53219cc61bb5aa3334b10735c16e92952 SHA1 e0803f68330d8c94e54c230475bf62f0b012694f SHA256 2df0885988fb786feb4fe905ac724fc50b93d85f63432b04561f20e734528442
+EBUILD pwman-0.3.9.ebuild 522 RMD160 ac568c9dd5f3b5e1803a098390f48f914f18d201 SHA1 10c179e6a30f6795cf20e329e2c443a2e486ed6a SHA256 63cb62294a6d50a0dee0e404818bb0290f4b7cfa21a3514b734c9c98d809aa34
+MISC ChangeLog 301 RMD160 517e1b5d887a24907733fbe628196d2785bb3f98 SHA1 0c13f0594f4bf6a19d2d059bad56132449f105d3 SHA256 fb7d7dd04492cacac2b19164a4e0343dc0b95c516fbbe019852c8b6e170de353
diff --git a/app-admin/pwman/pwman-0.3.9.ebuild b/app-admin/pwman/pwman-0.3.9.ebuild
new file mode 100644
index 0000000..70c8cde
--- /dev/null
+++ b/app-admin/pwman/pwman-0.3.9.ebuild
@@ -0,0 +1,22 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header$
+
+DESCRIPTION="console password manager"
+HOMEPAGE="http://pwman.sourceforge.net"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE=""
+KEYWORDS="x86 amd64"
+DEPEND="sys-libs/ncurses dev-libs/libxml2"
+RDEPEND="${DEPEND}"
+
+src_compile() {
+	econf || die "configure failed"
+	emake || die "make failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+}
diff --git a/app-admin/pwman3/Manifest b/app-admin/pwman3/Manifest
new file mode 100644
index 0000000..9da991d
--- /dev/null
+++ b/app-admin/pwman3/Manifest
@@ -0,0 +1,8 @@
+DIST Pwman3-0.0.5.tar.gz 28757 RMD160 4455700e7926dfd8b2fa7a004cfdda1994d770ec SHA1 1520c7aef9aa48582154c30b575edd53fdb0da49 SHA256 22bcd58ba9131ea40502724542266de7fdb54e381a921097db985591591b2b45
+EBUILD pwman3-0.0.5.ebuild 535 RMD160 9f671017f6595fb59a1dfa368f4a2a875c3b4aac SHA1 9c377310fc030db65968a1ed4505222279de9f58 SHA256 21d2bdecb29a5297731cee65b7b7de0418212072138eb1f5cb16ac5fd1c4337c
+MD5 f1540101e878debb1a0fe137779a18d8 pwman3-0.0.5.ebuild 535
+RMD160 9f671017f6595fb59a1dfa368f4a2a875c3b4aac pwman3-0.0.5.ebuild 535
+SHA256 21d2bdecb29a5297731cee65b7b7de0418212072138eb1f5cb16ac5fd1c4337c pwman3-0.0.5.ebuild 535
+MD5 e6901e48ca536d2cc7b935618e62d281 files/digest-pwman3-0.0.5 235
+RMD160 47c46978264e0a467d1883a50544c6229539a219 files/digest-pwman3-0.0.5 235
+SHA256 91141e4374214c82d9529168de895f8be1875d85dd4932222852553ce0059e5b files/digest-pwman3-0.0.5 235
diff --git a/app-admin/pwman3/files/digest-pwman3-0.0.5 b/app-admin/pwman3/files/digest-pwman3-0.0.5
new file mode 100644
index 0000000..34f8fa9
--- /dev/null
+++ b/app-admin/pwman3/files/digest-pwman3-0.0.5
@@ -0,0 +1,3 @@
+MD5 4e92074487a252574ee7b2ef2fc7456c Pwman3-0.0.5.tar.gz 28757
+RMD160 4455700e7926dfd8b2fa7a004cfdda1994d770ec Pwman3-0.0.5.tar.gz 28757
+SHA256 22bcd58ba9131ea40502724542266de7fdb54e381a921097db985591591b2b45 Pwman3-0.0.5.tar.gz 28757
diff --git a/app-admin/pwman3/pwman3-0.0.5.ebuild b/app-admin/pwman3/pwman3-0.0.5.ebuild
new file mode 100644
index 0000000..091021b
--- /dev/null
+++ b/app-admin/pwman3/pwman3-0.0.5.ebuild
@@ -0,0 +1,25 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header$
+
+inherit distutils
+
+DESCRIPTION="console based password management application"
+HOMEPAGE="http://pwman.bleurgh.com/"
+MY_P="Pwman3-${PV}"
+S="${WORKDIR}/${MY_P}"
+SRC_URI="http://pwman.bleurgh.com/~ivan/pwman3/source/${MY_P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86"
+DEPEND=">=dev-python/pysqlite-2.0.0
+	dev-python/pycrypto
+	dev-python/celementtree"
+
+src_compile() {
+	:
+}
+
+src_install() {
+	distutils_src_install
+}
diff --git a/app-admin/pwsafe/Manifest b/app-admin/pwsafe/Manifest
new file mode 100644
index 0000000..bcbffe2
--- /dev/null
+++ b/app-admin/pwsafe/Manifest
@@ -0,0 +1,8 @@
+DIST pwsafe-0.2.0.tar.gz 127433 RMD160 5509379f0bb4acea855183e1249395cdc23954d2 SHA1 026643a391796a527a48ffccf93d542113ca79d4 SHA256 61e91dc5114fe014a49afabd574eda5ff49b36c81a6d492c03fcb10ba6af47b7
+EBUILD pwsafe-0.2.0.ebuild 538 RMD160 3a3d508602bde94559b122e91af38e42ef187a9d SHA1 d2406930c7d6e7865927efa2f01bc9eac55ea63a SHA256 e9cf88b82a4163f1664b5948e7ca2841accf31e2cccb75b6774066a19afd92bf
+MD5 5ab1172e3816555d603d56ccbc73cdbb pwsafe-0.2.0.ebuild 538
+RMD160 3a3d508602bde94559b122e91af38e42ef187a9d pwsafe-0.2.0.ebuild 538
+SHA256 e9cf88b82a4163f1664b5948e7ca2841accf31e2cccb75b6774066a19afd92bf pwsafe-0.2.0.ebuild 538
+MD5 3cbdffef07c96feb1025a192c890d847 files/digest-pwsafe-0.2.0 238
+RMD160 2130c6f703ea9053e460ca0a7c24c26795f93521 files/digest-pwsafe-0.2.0 238
+SHA256 8cffce90e9c9c5b50b323a9b900001411a03f1771d0d1742bacd151c2fbc52a7 files/digest-pwsafe-0.2.0 238
diff --git a/app-admin/pwsafe/files/digest-pwsafe-0.2.0 b/app-admin/pwsafe/files/digest-pwsafe-0.2.0
new file mode 100644
index 0000000..4c2ff0e
--- /dev/null
+++ b/app-admin/pwsafe/files/digest-pwsafe-0.2.0
@@ -0,0 +1,3 @@
+MD5 4bb36538a2772ecbf1a542bc7d4746c0 pwsafe-0.2.0.tar.gz 127433
+RMD160 5509379f0bb4acea855183e1249395cdc23954d2 pwsafe-0.2.0.tar.gz 127433
+SHA256 61e91dc5114fe014a49afabd574eda5ff49b36c81a6d492c03fcb10ba6af47b7 pwsafe-0.2.0.tar.gz 127433
diff --git a/app-admin/pwsafe/pwsafe-0.2.0.ebuild b/app-admin/pwsafe/pwsafe-0.2.0.ebuild
new file mode 100644
index 0000000..16423cb
--- /dev/null
+++ b/app-admin/pwsafe/pwsafe-0.2.0.ebuild
@@ -0,0 +1,23 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+DESCRIPTION="pwsafe"
+HOMEPAGE="http://nsd.dyndns.org/pwsafe/"
+SRC_URI="http://nsd.dyndns.org/pwsafe/releases/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86"
+DEPEND="dev-libs/openssl
+	sys-libs/readline
+	sys-libs/ncurses"
+
+src_compile() {
+	econf || die "configure failed"
+	emake || die "make failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+	dodoc README NEWS ChangeLog TODO
+}
diff --git a/app-admin/syslog-ng/ChangeLog b/app-admin/syslog-ng/ChangeLog
new file mode 100644
index 0000000..7e5c6e7
--- /dev/null
+++ b/app-admin/syslog-ng/ChangeLog
@@ -0,0 +1,40 @@
+# ChangeLog for app-admin/syslog-ng
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: $
+
+  05 Nov 2009; Wolfram Schlich <wschlich@gentoo.org>
+  -files/syslog-ng-2.1.1-libdbi.patch, +files/syslog-ng.conf-3.0,
+  files/syslog-ng.init, -syslog-ng-2.0.9_p20080626.ebuild,
+  -syslog-ng-2.1.1.ebuild, -syslog-ng-2.1.3.ebuild,
+  +syslog-ng-3.0.4-r100.ebuild:
+  version bump with special config for 3.0; removed old stuff
+
+  18 Mar 2009; Wolfram Schlich <wschlich@gentoo.org>
+  +syslog-ng-2.1.4.ebuild:
+  version bump
+
+  29 Nov 2008; Wolfram Schlich <wschlich@gentoo.org>
+  files/syslog-ng.logrotate, +syslog-ng-2.1.3.ebuild:
+  version bump, changed logrotate script to restart mailgraph
+
+  07 Oct 2008; Wolfram Schlich <wschlich@gentoo.org>
+  +files/syslog-ng-2.1.1-libdbi.patch, +syslog-ng-2.1.1.ebuild:
+  version bump
+
+  26 Jun 2008; Wolfram Schlich <wschlich@gentoo.org> files/syslog-ng.conf,
+  -syslog-ng-2.0.8_p20080205.ebuild, -syslog-ng-2.0.9_p20080328.ebuild,
+  +syslog-ng-2.0.9_p20080626.ebuild:
+  version bump, removed old versions
+
+  31 Mar 2008; Wolfram Schlich <wschlich@gentoo.org> files/syslog-ng.conf:
+  added dedicated logfile for nagios
+
+  28 Mar 2008; Wolfram Schlich <wschlich@gentoo.org>
+  -syslog-ng-2.0.5_p20070727.ebuild, -syslog-ng-2.0.6_p20071204.ebuild,
+  -syslog-ng-2.0.7_p20080124.ebuild:
+  removed old versions
+
+  28 Mar 2008; Wolfram Schlich <wschlich@gentoo.org>
+  +syslog-ng-2.0.9_p20080328.ebuild:
+  version bump
+
diff --git a/app-admin/syslog-ng/Manifest b/app-admin/syslog-ng/Manifest
new file mode 100644
index 0000000..73b2620
--- /dev/null
+++ b/app-admin/syslog-ng/Manifest
@@ -0,0 +1,11 @@
+AUX syslog-ng.conf 22103 RMD160 e3a40952182d382e121ff55e36d5e84398ba3293 SHA1 bab8f1043bcb5211031b40a649251c25328135cd SHA256 72cb47ed0f3e881ed24e73a421293ada3838e41a7ea79334b72cd099ed4d8089
+AUX syslog-ng.conf-3.0 22487 RMD160 eddb69f6396b240c25ee57532e479100fd53ed71 SHA1 71d1fbf722e8bd2ea519b6f6a95a4b82190dad66 SHA256 a01c069a838e8b7866e6345079d297f40f6aa35e1bf10fe74aa7262a174ac1e5
+AUX syslog-ng.confd 150 RMD160 b5ab31e1c285fdd2f41324abc2c6b39bce59038d SHA1 c5df6ef1eca2a169fb3073816d4a06b7c85c0b0c SHA256 8319ca8e39a5dab5ddc82eede088e1f58ff25deef330804648000359cb736a3f
+AUX syslog-ng.init 1768 RMD160 3da373260b51150d8fa6103abbd215123459f33d SHA1 7c4aa322d5c68f93db667ecd36410ef8aceb46dd SHA256 bbdd8e1913e04c284d0823b95a19ea0ff0e8090013ac4197faa806dc0ccb4a8d
+AUX syslog-ng.logrotate 1263 RMD160 258262e4a5a1b2b464c290769d265404e201ac64 SHA1 ea05ac9f2679fd99e03e55a60e809fc0abe8b897 SHA256 6b8831fbfcf0bcc39acf200e319a6e245b09151cfbc1a65d577cdc6272a76108
+AUX syslog-ng.remote.current.cron 471 RMD160 443451ea8d3ae75642b2803634ec53ac0c3f22e0 SHA1 176546b01806d30ebeac8842b343fead2b1630ca SHA256 f8266bfbbd75f1d2516ead3828a7eb7d826164f36cb241d65c56dd64cad0e212
+DIST syslog-ng_2.1.4.tar.gz 423703 RMD160 2a87cb05de9a25f5b09cd488cf9d2104ba29aa33 SHA1 8080ff36f4da3a987cba505ff312650943f4c6c4 SHA256 e2189c7dbf617f2fc883ab0a8a86100dbe7cb4853c6b39732d77e73f335b0502
+DIST syslog-ng_3.0.4.tar.gz 548607 RMD160 97a467e304ff1669cdfc9061838b180b28e58c9e SHA1 a0b37b14b88d92577a384883c6287593e7b203f1 SHA256 00fe3aeb25acf18e37973228475ae0dd3d9791620f500d2c918d582c35a25068
+EBUILD syslog-ng-2.1.4.ebuild 3888 RMD160 9056e213f6d036f28c257f753faa22e891b535b3 SHA1 57fdcf32b5e4bf026068bf4dbcff2cc7a256b748 SHA256 3a401b24a565956e141866b4d11387060c92ccf0b14a50c737b438c24592b8d4
+EBUILD syslog-ng-3.0.4-r100.ebuild 4277 RMD160 9c4585abc6d1ff931843bf53b018132f17b7f720 SHA1 40ef67ec44d4b90429814300591d7eed60950b16 SHA256 0d7753dda8ed4559c5f086eb7d241d4b1e27f5cc2e5fc1f5eee8aa5070500350
+MISC ChangeLog 1471 RMD160 5d6634acf520e50894a5cbdbf45cce188e448e2c SHA1 daf57a00100261173aa3db005148604c001e0a55 SHA256 daf4ba17ce8bd5d90a4db2026fd215ce58b14ed1044d2bb1984b0daf906dd43f
diff --git a/app-admin/syslog-ng/files/syslog-ng.conf b/app-admin/syslog-ng/files/syslog-ng.conf
new file mode 100644
index 0000000..d99f3e7
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.conf
@@ -0,0 +1,505 @@
+# $Header: /home/wschlich/work/gentoo/autosetup/gentoo-autosetup-current/gentoo-autosetup.d/syslog-ng/RCS/syslog-ng.conf,v 1.2 2007/05/31 10:31:37 wschlich Exp wschlich $
+# vim:nowrap:
+# syslog-ng config created by
+# - Wolfram Schlich <wschlich@gentoo.org>
+# - Klaus Schleicher <ks@pegasus-edv.de>
+# Distributed under the terms of the GNU General Public License v2
+#
+# see http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/index.html
+
+##
+## global options
+##
+## see http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/ch09s06.html
+##
+
+options {
+	
+	## general settings
+	time_reopen(10); # Reopen a dead connection after this many seconds
+	time_reap(120); # Close an idle destination file after this many seconds
+	time_sleep(5); # Wait these many milliseconds between poll iterations
+	ts_format(rfc3164); # Timestamp format: rfc3164|rfc3339|bsd|iso
+	log_fifo_size(1000); # Output queue size
+	log_msg_size(8192); # Max size of a single message
+	log_fetch_limit(1000); # The maximum number of messages fetched from a source during a single poll loop.
+	flush_lines(10); # Buffer this many lines of output (0 to send to disk immediately)
+	flush_timeout(1000); # Wait at most this many milliseconds before forcibly flushing the output buffer
+	mark_freq(300); # MARK line logging interval
+	stats_freq(0); # Stats logging interval (0 = disabled)
+	
+	## remote logging
+	normalize_hostnames(yes); # Do normalize hostnames (transform to lower case)
+	chain_hostnames(on); # Chain hostnames?
+	keep_hostname(yes); # Keep the hostname the client sent?
+	keep_timestamp(no); # Do not use the timestamp the client sent -- it might be wrong
+	use_dns(yes); # Use DNS? Good for log servers.
+	use_fqdn(no); # Use FQDNs? Good for log servers.
+	dns_cache(yes); # Cache DNS results?
+	dns_cache_size(1024); # Number of DNS lookup results to cache
+	dns_cache_expire(3600); # Expire cached successful DNS lookup results after this many seconds
+	dns_cache_expire_failed(60); # Expire cached failed DNS lookup results after this many seconds
+	
+	## log file handling
+	create_dirs(yes); # Create directories for log files if they don't exist
+	dir_owner("root"); # Owner of newly created directories
+	dir_group("adm"); # Group of newly created directories
+	dir_perm(0750); # Permissions of newly created directories
+	owner("root"); # Owner of newly created log files
+	group("adm"); # Group of newly created log files
+	perm(0640); # Permissions of newly created log files
+
+	## misc
+	# Some program send log messages through a private implementation.
+	# and sometimes that implementation is bad. If this happen syslog-ng
+	# may recognise the program name as hostname. Whit this option
+	# we tell the syslog-ng that if a hostname match this regexp than that
+	# is not a real hostname.
+	bad_hostname("^gconfd$");
+
+};
+
+##
+## filters
+##
+## see http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/ch03s06.html
+##
+
+## standard syslog facilities
+filter f_kern     { facility(kern);     };
+filter f_auth     { facility(auth);     }; # -- note: 'security' is a deprecated alias
+filter f_authpriv { facility(authpriv); };
+filter f_syslog   { facility(syslog);   };
+filter f_daemon   { facility(daemon);   };
+filter f_cron     { facility(cron);     };
+filter f_ftp      { facility(ftp);      };
+filter f_lpr      { facility(lpr);      };
+filter f_mail     { facility(mail);     };
+filter f_news     { facility(news);     };
+filter f_uucp     { facility(uucp);     };
+filter f_user     { facility(user);     };
+filter f_local0   { facility(local0);   };
+filter f_local1   { facility(local1);   };
+filter f_local2   { facility(local2);   };
+filter f_local3   { facility(local3);   };
+filter f_local4   { facility(local4);   };
+filter f_local5   { facility(local5);   };
+filter f_local6   { facility(local6);   };
+filter f_local7   { facility(local7);   };
+
+## standard syslog priorities: "exactly"
+filter f_emerg    { priority(emerg);          }; # 0 -- note: 'panic' is a deprecated alias
+filter f_alert    { priority(alert);          }; # 1
+filter f_crit     { priority(crit);           }; # 2
+filter f_err      { priority(err);            }; # 3 -- note: 'error' is a deprecated alias
+filter f_warning  { priority(warning);        }; # 4 -- note: 'warn' is a deprecated alias
+filter f_notice   { priority(notice);         }; # 5
+filter f_info     { priority(info);           }; # 6
+filter f_debug    { priority(debug);          }; # 7
+
+## standard syslog priorities: "at least"
+filter f_alert+   { priority(alert..emerg);   }; # 1-0
+filter f_crit+    { priority(crit..emerg);    }; # 2-0
+filter f_err+     { priority(err..emerg);     }; # 3-0
+filter f_warning+ { priority(warning..emerg); }; # 4-0
+filter f_notice+  { priority(notice..emerg);  }; # 5-0
+filter f_info+    { priority(info..emerg);    }; # 6-0
+filter f_debug+   { priority(debug..emerg);   }; # 7-0
+
+##
+## templates for the log messages
+##
+## see http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/ch03s07.html
+##
+## WARNING: syslog logfile analysis tools might stumble over non-standard
+## formats! tools like mailgraph and tenshi just come to mind.
+##
+## for tenshi, it's easy to circumvent problems by either using the standard
+## format for the tenshi fifo or by using the "logprefix" feature in tenshi.conf
+## to match the custom format, e.g. when using facility and priority as alerting
+## criteria.
+##
+## mailgraph probably needs to be patched for being able to deal with a
+## non-standard log message format.
+##
+
+# macro quick-reference:
+# - DATE: "Jun 13 15:58:00" (default syslog date)
+# - FULLDATE: "2006 Jun 13 15:56:57"
+# - ISODATE: "2006-06-13T15:56:51+02:00"
+# - PRI: see http://www.faqs.org/rfcs/rfc3164.html, 4.1.1
+# - TZOFFSET: "+02:00"
+
+## default message format (standard syslog message format)
+template t_default  { template("${DATE} ${HOST} ${MSG}\n"); template_escape(no); };
+
+## log and admin console messagee formats
+template t_logtty   { template("${DATE}; ${FACILITY}.${PRIORITY}; ${MSG}\n"); template_escape(no); };
+template t_admintty { template("${DATE}; ${FACILITY}.${PRIORITY}; ${MSG}\n"); template_escape(no); };
+
+## custom local message format (used by default throughout this configuration, also see t_remote_r)
+template t_local    { template("${YEAR}-${MONTH}-${DAY} ${HOUR}:${MIN}:${SEC} ${TZOFFSET}; ${HOST}; ${FACILITY}.${PRIORITY}; ${MSG}\n"); template_escape(no); };
+
+## tenshi message format (tenshi.conf needs to be adjusted for this format!)
+template t_tenshi   { template("${HOST}; ${FACILITY}.${PRIORITY}; ${MSG}\n"); template_escape(no); };
+
+## mailgraph message format
+template t_mgraph   { template("${DATE} ${HOST} ${MSG}\n"); template_escape(no); };
+
+## remote reception message format (replaces time information of received messages with local system time)
+template t_remote_r { template("${R_YEAR}-${R_MONTH}-${R_DAY} ${R_HOUR}:${R_MIN}:${R_SEC} ${R_TZOFFSET}; ${HOST}/${SOURCEIP}; ${FACILITY}.${PRIORITY}; ${MSG}\n"); template_escape(no); };
+
+## remote delivery message format (standard syslog protocol format)
+template t_remote_d { template("<${PRI}>${DATE} ${HOST} ${MSG}\n"); template_escape(no); };
+
+##
+## local sources
+##
+## see http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/ch03s03.html
+##
+
+## local syslog messages + syslog-ng internal messages
+source s_local {
+	unix-stream("/dev/log" max-connections(1000));
+	internal();
+};
+
+## kernel messages
+source s_kernel {
+	file("/proc/kmsg" flags(kernel) log_prefix("kernel: "));
+};
+
+##
+## local destinations and log paths
+##
+## see http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/ch03s04.html
+## and http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/ch03s05.html
+##
+
+#
+# discard messages
+#
+
+## example for discarding certain messages using an empty destination and the final flag
+#destination d_null { };
+#filter f_null { match("I am a message that wants to be discarded"); };
+#log { source(s_local); filter(f_null); destination(d_null); flags(final); };
+
+#
+# system specials
+#
+
+## kernel messages
+destination d_kernel { file("/var/log/syslog-ng/kernel.log" template(t_local)); };
+log { source(s_kernel); destination(d_kernel); };
+
+## log console
+destination d_logtty { file("/dev/tty10" template(t_logtty)); };
+log { source(s_local); source(s_kernel); destination(d_logtty); };
+
+## admin console
+destination d_admintty { usertty("root"); };
+log { source(s_local); filter(f_emerg); destination(d_admintty); };
+
+## tenshi (log monitoring): log all messages to a fifo -- note: the fifo needs to be created with mkfifo first!
+#destination d_tenshi { fifo("/var/log/tenshi.fifo" owner("root") group("tenshi") perm(0640) template(t_tenshi)); };
+#log { source(s_local); source(s_kernel); destination(d_tenshi); };
+
+## mailgraph: log all messages for facility 'mail' to a fifo -- note: the fifo needs to be created with mkfifo first!
+#destination d_mgraph { fifo("/var/log/mgraph.fifo" owner("root") group("mgraph") perm(0640) template(t_mgraph)); };
+#log { source(s_local); filter(f_mail); destination(d_mgraph); };
+
+#
+# application specific
+#
+
+## firewall (iptables, using custom iptables log prefixes)
+destination d_firewall { file("/var/log/syslog-ng/firewall.log" template(t_local)); };
+filter f_firewall { match("^kernel: ipt_FW ") or match("^kernel: ip4t_FW ") or match("^kernel: ip6t_FW "); };
+log { source(s_kernel); filter(f_firewall); destination(d_firewall); };
+
+## sudo
+destination d_sudo { file("/var/log/syslog-ng/sudo.log" template(t_local)); };
+filter f_sudo { program("^sudo$"); };
+log { source(s_local); filter(f_sudo); destination(d_sudo); };
+
+## sshd
+destination d_sshd { file("/var/log/syslog-ng/sshd.log" template(t_local)); };
+filter f_sshd { program("^sshd$") or program("^sftp-server$"); };
+log { source(s_local); filter(f_sshd); destination(d_sshd); };
+
+## cron
+destination d_cron { file("/var/log/syslog-ng/cron.log" template(t_local)); };
+filter f_cron { facility(cron); };
+log { source(s_local); filter(f_cron); destination(d_cron); };
+
+## xinetd
+destination d_xinetd { file("/var/log/syslog-ng/xinetd.log" template(t_local)); };
+filter f_xinetd { program("^xinetd$"); };
+log { source(s_local); filter(f_xinetd); destination(d_xinetd); };
+
+## postfix
+destination d_postfix { file("/var/log/syslog-ng/postfix.log" template(t_local)); };
+filter f_postfix { program("^postfix/") or program("^postgrey"); };
+log { source(s_local); filter(f_postfix); destination(d_postfix); };
+
+## fetchmail
+destination d_fetchmail { file("/var/log/syslog-ng/fetchmail.log" template(t_local)); };
+filter f_fetchmail { program("^fetchmail$"); };
+log { source(s_local); filter(f_fetchmail); destination(d_fetchmail); };
+
+## dovecot
+destination d_dovecot { file("/var/log/syslog-ng/dovecot.log" template(t_local)); };
+filter f_dovecot { program("^dovecot$"); };
+log { source(s_local); filter(f_dovecot); destination(d_dovecot); };
+
+## courier smtp/imap/pop3
+destination d_courier { file("/var/log/syslog-ng/courier.log" template(t_local)); };
+filter f_courier { program("^courier") or program("^pop3d$") or program("^pop3d-ssl$") or program("^imapd$") or program("^imapd-ssl$"); };
+log { source(s_local); filter(f_courier); destination(d_courier); };
+
+## uw-imap
+#destination d_uwimap { file("/var/log/syslog-ng/uw-imap.log" template(t_local)); };
+#filter f_uwimap { program("^ipop3d$") or program("^imapd$"); };
+#log { source(s_local); filter(f_uwimap); destination(d_uwimap); };
+
+## antivir
+destination d_antivir { file("/var/log/syslog-ng/antivir.log" template(t_local)); };
+filter f_antivir { program("^antivir$"); };
+log { source(s_local); filter(f_antivir); destination(d_antivir); };
+
+## antivir mailgate
+destination d_avmailgate { file("/var/log/syslog-ng/avmailgate.log" template(t_local)); };
+filter f_avmailgate { program("^avmailgate.bin$") or program("^avgated$") or program("^avgatefwd$"); };
+log { source(s_local); filter(f_avmailgate); destination(d_avmailgate); };
+
+## clamav
+destination d_clamav { file("/var/log/syslog-ng/clamav.log" template(t_local)); };
+filter f_clamav { program("^clamd$") or program("^freshclam$"); };
+log { source(s_local); filter(f_clamav); destination(d_clamav); };
+
+## amavis
+## mark debug messages as final so they don't get into any other file
+destination d_amavis { file("/var/log/syslog-ng/amavis.log" template(t_local)); };
+filter f_amavis { program("^amavis$"); };
+log { source(s_local); filter(f_amavis); filter(f_debug); destination(d_amavis); flags(final); };
+log { source(s_local); filter(f_amavis); destination(d_amavis); };
+
+## spamassassin
+destination d_spamassassin { file("/var/log/syslog-ng/spamassassin.log" template(t_local)); };
+filter f_spamassassin { program("^spamd$") or program("^spamc"); };
+log { source(s_local); filter(f_spamassassin); destination(d_spamassassin); };
+
+## ntpd
+destination d_ntpd { file("/var/log/syslog-ng/ntpd.log" template(t_local)); };
+filter f_ntpd { program("^ntpd$"); };
+log { source(s_local); filter(f_ntpd); destination(d_ntpd); };
+
+## OpenVPN
+destination d_openvpn { file("/var/log/syslog-ng/openvpn.log" template(t_local)); };
+filter f_openvpn { program("^openvpn"); };
+log { source(s_local); filter(f_openvpn); destination(d_openvpn); };
+
+## pppd
+destination d_pppd { file("/var/log/syslog-ng/pppd.log" template(t_local)); };
+filter f_pppd { program("^pppd$"); };
+log { source(s_local); filter(f_pppd); destination(d_pppd); };
+
+## pmacctd
+destination d_pmacctd { file("/var/log/syslog-ng/pmacctd.log" template(t_local)); };
+filter f_pmacctd { program("^pmacctd$"); };
+log { source(s_local); filter(f_pmacctd); destination(d_pmacctd); };
+
+## nagios
+destination d_nagios { file("/var/log/syslog-ng/nagios.log" template(t_local)); };
+filter f_nagios { program("^nagios$"); };
+log { source(s_local); filter(f_nagios); destination(d_nagios); };
+
+## named
+destination d_named { file("/var/log/syslog-ng/named.log" template(t_local)); };
+filter f_named { program("^named$"); };
+log { source(s_local); filter(f_named); destination(d_named); };
+
+## OpenLDAP SLAPD
+## mark debug messages as final so they don't get into any other file
+destination d_slapd { file("/var/log/syslog-ng/slapd.log" template(t_local)); };
+filter f_slapd { program("^slapd$"); };
+log { source(s_local); filter(f_slapd); filter(f_debug); destination(d_slapd); flags(final); };
+log { source(s_local); filter(f_slapd); destination(d_slapd); };
+
+## samba
+destination d_samba { file("/var/log/syslog-ng/samba.log" template(t_local)); };
+filter f_samba { program("^[ns]mbd$"); };
+log { source(s_local); filter(f_samba); destination(d_samba); };
+
+## jabberd
+destination d_jabberd { file("/var/log/syslog-ng/jabberd.log" template(t_local)); };
+filter f_jabberd { program("^jabberd/"); };
+log { source(s_local); filter(f_jabberd); destination(d_jabberd); };
+
+## php-cli
+destination d_php { file("/var/log/syslog-ng/php.log" template(t_local)); };
+filter f_php { program("^php$"); };
+log { source(s_local); filter(f_php); destination(d_php); };
+
+## hardened php
+destination d_hphp { file("/var/log/syslog-ng/hphp.log" template(t_local)); };
+filter f_hphp { program("^hphp$"); };
+log { source(s_local); filter(f_hphp); destination(d_hphp); };
+
+## hddtemp
+destination d_hddtemp { file("/var/log/syslog-ng/hddtemp.log" template(t_local)); };
+filter f_hddtemp { program("^hddtemp$"); };
+log { source(s_local); filter(f_hddtemp); destination(d_hddtemp); };
+
+## smartd (smartmontools)
+destination d_smartd { file("/var/log/syslog-ng/smartd.log" template(t_local)); };
+filter f_smartd { program("^smartd$"); };
+log { source(s_local); filter(f_smartd); destination(d_smartd); };
+
+## arpwatch
+destination d_arpwatch { file("/var/log/syslog-ng/arpwatch.log" template(t_local)); };
+filter f_arpwatch { program("^arpwatch$"); };
+log { source(s_local); filter(f_arpwatch); destination(d_arpwatch); };
+
+## DRBD
+destination d_drbd { file("/var/log/syslog-ng/drbd.log" template(t_local)); };
+filter f_drbd { match("^kernel: drbd([[:digit:]]+)?:"); };
+log { source(s_kernel); filter(f_drbd); destination(d_drbd); };
+
+## Linux-HA: attrd
+destination d_ha_attrd { file("/var/log/syslog-ng/ha/attrd.log" template(t_local)); };
+filter f_ha_attrd { program("^attrd$"); };
+log { source(s_local); filter(f_ha_attrd); destination(d_ha_attrd); };
+
+## Linux-HA: ccm
+destination d_ha_ccm { file("/var/log/syslog-ng/ha/ccm.log" template(t_local)); };
+filter f_ha_ccm { program("^ccm$"); };
+log { source(s_local); filter(f_ha_ccm); destination(d_ha_ccm); };
+
+## Linux-HA: cib
+destination d_ha_cib { file("/var/log/syslog-ng/ha/cib.log" template(t_local)); };
+filter f_ha_cib { program("^cib$"); };
+log { source(s_local); filter(f_ha_cib); destination(d_ha_cib); };
+
+## Linux-HA: cibmon
+destination d_ha_cibmon { file("/var/log/syslog-ng/ha/cibmon.log" template(t_local)); };
+filter f_ha_cibmon { program("^cibmon$"); };
+log { source(s_local); filter(f_ha_cibmon); destination(d_ha_cibmon); };
+
+## Linux-HA: crmd
+destination d_ha_crmd { file("/var/log/syslog-ng/ha/crmd.log" template(t_local)); };
+filter f_ha_crmd { program("^crmd$"); };
+log { source(s_local); filter(f_ha_crmd); destination(d_ha_crmd); };
+
+## Linux-HA: heartbeat
+destination d_ha_heartbeat { file("/var/log/syslog-ng/ha/heartbeat.log" template(t_local)); };
+filter f_ha_heartbeat { program("^heartbeat$"); };
+log { source(s_local); filter(f_ha_heartbeat); destination(d_ha_heartbeat); };
+
+## Linux-HA: ipfail
+destination d_ha_ipfail { file("/var/log/syslog-ng/ha/ipfail.log" template(t_local)); };
+filter f_ha_ipfail { program("^ipfail$"); };
+log { source(s_local); filter(f_ha_ipfail); destination(d_ha_ipfail); };
+
+## Linux-HA: logd
+destination d_ha_logd { file("/var/log/syslog-ng/ha/logd.log" template(t_local)); };
+filter f_ha_logd { program("^logd$"); };
+log { source(s_local); filter(f_ha_logd); destination(d_ha_logd); };
+
+## Linux-HA: lrmd
+destination d_ha_lrmd { file("/var/log/syslog-ng/ha/lrmd.log" template(t_local)); };
+filter f_ha_lrmd { program("^lrmd$"); };
+log { source(s_local); filter(f_ha_lrmd); destination(d_ha_lrmd); };
+
+## Linux-HA: pengine
+destination d_ha_pengine { file("/var/log/syslog-ng/ha/pengine.log" template(t_local)); };
+filter f_ha_pengine { program("^pengine$"); };
+log { source(s_local); filter(f_ha_pengine); destination(d_ha_pengine); };
+
+## Linux-HA: pingd
+destination d_ha_pingd { file("/var/log/syslog-ng/ha/pingd.log" template(t_local)); };
+filter f_ha_pingd { program("^pingd$"); };
+log { source(s_local); filter(f_ha_pingd); destination(d_ha_pingd); };
+
+## Linux-HA: stonithd
+destination d_ha_stonithd { file("/var/log/syslog-ng/ha/stonithd.log" template(t_local)); };
+filter f_ha_stonithd { program("^stonithd$"); };
+log { source(s_local); filter(f_ha_stonithd); destination(d_ha_stonithd); };
+
+## Linux-HA: tengine
+destination d_ha_tengine { file("/var/log/syslog-ng/ha/tengine.log" template(t_local)); };
+filter f_ha_tengine { program("^tengine$"); };
+log { source(s_local); filter(f_ha_tengine); destination(d_ha_tengine); };
+
+## Linux-HA: special discarding of debug and XML messages for any default destinations
+#destination d_ha_discard { };
+#filter f_ha_debug { facility(local0) and priority(debug); };
+#log { source(s_local); filter(f_ha_debug); destination(d_ha_discard); flags(final); };
+#filter f_ha_xml { facility(local0) and (match("log_data_element:") or match("log_cib_diff:") or match("retrieveCib:") or match("cibmon_diff:")); };
+#log { source(s_local); filter(f_ha_xml); destination(d_ha_discard); flags(final); };
+
+## gentoo hardened stuff
+destination d_avc { file("/var/log/syslog-ng/avc.log" template(t_local)); };
+destination d_audit { file("/var/log/syslog-ng/audit.log" template(t_local)); };
+destination d_pax { file("/var/log/syslog-ng/pax.log" template(t_local)); };
+destination d_grsec { file("/var/log/syslog-ng/grsec.log" template(t_local)); };
+filter f_avc { match(".*avc:"); };
+filter f_audit { match("^audit") and not match(".*avc:"); };
+filter f_pax { match("^PAX:"); };
+filter f_grsec { match("^grsec:"); };
+log { source(s_kernel); filter(f_pax); destination(d_pax); };
+log { source(s_kernel); filter(f_grsec); destination(d_grsec); };
+log { source(s_kernel); filter(f_audit); destination(d_audit); };
+log { source(s_kernel); filter(f_avc); destination(d_avc); };
+
+#
+# default: all messages (local syslog + kernel)
+#
+# should be at the end so that application specific messages with
+# "final" flag are not logged
+#
+
+destination d_messages { file("/var/log/messages" template(t_local)); };
+log { source(s_local); source(s_kernel); destination(d_messages); };
+
+##
+## remote delivery
+##
+
+## remote destination: syslog server directly via UDP (standard syslog)
+#destination d_remote { udp("syslog.example.com" port(514) template(t_remote_d)); };
+#log { source(s_local); source(s_kernel); destination(d_remote); };
+
+## remote destination: syslog server via TCP and stunnel (for secured logging)
+#destination d_remote { tcp("localhost" port(514) template(t_remote_d)); };
+#log { source(s_local); source(s_kernel); destination(d_remote); };
+
+##
+## remote reception
+##
+
+## remote source
+#source s_remote {
+#	udp(localip("0.0.0.0") localport(514));
+#	udp(localip("127.0.0.1") localport(514));
+#	udp(localip("192.168.0.1") localport(514));
+#	tcp(localip("0.0.0.0") localport(514) max-connections(5));
+#	tcp(localip("127.0.0.1") localport(514) max-connections(50));
+#	tcp(localip("192.168.0.1") localport(514) max-connections(50));
+#};
+
+## tenshi (log monitoring)
+#log { source(s_remote); destination(d_tenshi); };
+
+## all hosts, all messages
+#destination d_remote_hosts { file("/var/log/syslog-ng.remote/${R_YEAR}/${R_MONTH}/${R_DAY}/${HOST}/messages" template(t_remote_r)); };
+#log { source(s_remote); destination(d_remote_hosts); };
+
+## all hosts, kernel messages
+#destination d_remote_hosts_kernel { file("/var/log/syslog-ng.remote/${R_YEAR}/${R_MONTH}/${R_DAY}/${HOST}/kernel.log" template(t_remote_r)); };
+#log { source(s_remote); filter(f_kern); destination(d_remote_hosts_kernel); };
+
+## all hosts, user messages
+#destination d_remote_hosts_user { file("/var/log/syslog-ng.remote/${R_YEAR}/${R_MONTH}/${R_DAY}/${HOST}/user.log" template(t_remote_r)); };
+#log { source(s_remote); filter(f_user); destination(d_remote_hosts_user); };
diff --git a/app-admin/syslog-ng/files/syslog-ng.conf-3.0 b/app-admin/syslog-ng/files/syslog-ng.conf-3.0
new file mode 100644
index 0000000..106e59c
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.conf-3.0
@@ -0,0 +1,513 @@
+@version: 3.0
+#
+# $Header: $
+# vim:nowrap:
+# syslog-ng config created by
+# - Wolfram Schlich <wschlich@gentoo.org>
+# - Klaus Schleicher <ks@pegasus-edv.de>
+# Distributed under the terms of the GNU General Public License v2
+#
+# see http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/index.html
+#
+
+##
+## global options
+##
+## see http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch08s09.html
+##
+
+options {
+	
+	## general settings
+	time_reopen(10); # Reopen a dead connection after this many seconds
+	time_reap(120); # Close an idle destination file after this many seconds
+	time_sleep(5); # Wait these many milliseconds between poll iterations
+	ts_format(rfc3164); # Timestamp format: rfc3164|rfc3339|bsd|iso
+	log_fifo_size(1000); # Output queue size
+	log_msg_size(8192); # Max size of a single message
+	log_fetch_limit(1000); # The maximum number of messages fetched from a source during a single poll loop.
+	flush_lines(10); # Buffer this many lines of output (0 to send to disk immediately)
+	flush_timeout(1000); # Wait at most this many milliseconds before forcibly flushing the output buffer
+	mark_freq(300); # MARK line logging interval
+	stats_freq(0); # Stats logging interval (0 = disabled)
+	
+	## remote logging
+	normalize_hostnames(yes); # Do normalize hostnames (transform to lower case)
+	chain_hostnames(on); # Chain hostnames?
+	keep_hostname(yes); # Keep the hostname the client sent?
+	keep_timestamp(no); # Do not use the timestamp the client sent -- it might be wrong
+	use_dns(yes); # Use DNS? Good for log servers.
+	use_fqdn(no); # Use FQDNs? Good for log servers.
+	dns_cache(yes); # Cache DNS results?
+	dns_cache_size(1024); # Number of DNS lookup results to cache
+	dns_cache_expire(3600); # Expire cached successful DNS lookup results after this many seconds
+	dns_cache_expire_failed(60); # Expire cached failed DNS lookup results after this many seconds
+	
+	## log file handling
+	create_dirs(yes); # Create directories for log files if they don't exist
+	dir_owner("root"); # Owner of newly created directories
+	dir_group("adm"); # Group of newly created directories
+	dir_perm(0750); # Permissions of newly created directories
+	owner("root"); # Owner of newly created log files
+	group("adm"); # Group of newly created log files
+	perm(0640); # Permissions of newly created log files
+
+	## misc
+	# Some program send log messages through a private implementation.
+	# and sometimes that implementation is bad. If this happen syslog-ng
+	# may recognise the program name as hostname. Whit this option
+	# we tell the syslog-ng that if a hostname match this regexp than that
+	# is not a real hostname.
+	bad_hostname("^gconfd$");
+
+};
+
+##
+## filters
+##
+## see http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch03s06.html
+##
+
+## standard syslog facilities
+filter f_kern     { facility(kern);     };
+filter f_auth     { facility(auth);     }; # -- note: 'security' is a deprecated alias
+filter f_authpriv { facility(authpriv); };
+filter f_syslog   { facility(syslog);   };
+filter f_daemon   { facility(daemon);   };
+filter f_cron     { facility(cron);     };
+filter f_ftp      { facility(ftp);      };
+filter f_lpr      { facility(lpr);      };
+filter f_mail     { facility(mail);     };
+filter f_news     { facility(news);     };
+filter f_uucp     { facility(uucp);     };
+filter f_user     { facility(user);     };
+filter f_local0   { facility(local0);   };
+filter f_local1   { facility(local1);   };
+filter f_local2   { facility(local2);   };
+filter f_local3   { facility(local3);   };
+filter f_local4   { facility(local4);   };
+filter f_local5   { facility(local5);   };
+filter f_local6   { facility(local6);   };
+filter f_local7   { facility(local7);   };
+
+## standard syslog priorities: "exactly"
+filter f_emerg    { priority(emerg);          }; # 0 -- note: 'panic' is a deprecated alias
+filter f_alert    { priority(alert);          }; # 1
+filter f_crit     { priority(crit);           }; # 2
+filter f_err      { priority(err);            }; # 3 -- note: 'error' is a deprecated alias
+filter f_warning  { priority(warning);        }; # 4 -- note: 'warn' is a deprecated alias
+filter f_notice   { priority(notice);         }; # 5
+filter f_info     { priority(info);           }; # 6
+filter f_debug    { priority(debug);          }; # 7
+
+## standard syslog priorities: "at least"
+filter f_alert+   { priority(alert..emerg);   }; # 1-0
+filter f_crit+    { priority(crit..emerg);    }; # 2-0
+filter f_err+     { priority(err..emerg);     }; # 3-0
+filter f_warning+ { priority(warning..emerg); }; # 4-0
+filter f_notice+  { priority(notice..emerg);  }; # 5-0
+filter f_info+    { priority(info..emerg);    }; # 6-0
+filter f_debug+   { priority(debug..emerg);   }; # 7-0
+
+##
+## templates for the log messages
+##
+## see http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch03s07.html
+##
+## WARNING: syslog logfile analysis tools might stumble over non-standard
+## formats! tools like mailgraph and tenshi just come to mind.
+##
+## for tenshi, it's easy to circumvent problems by either using the standard
+## format for the tenshi fifo or by using the "logprefix" feature in tenshi.conf
+## to match the custom format, e.g. when using facility and priority as alerting
+## criteria.
+##
+## mailgraph probably needs to be patched for being able to deal with a
+## non-standard log message format.
+##
+
+# macro quick-reference:
+# - DATE: "Jun 13 15:58:00" (default syslog date)
+# - FULLDATE: "2006 Jun 13 15:56:57"
+# - ISODATE: "2006-06-13T15:56:51+02:00"
+# - PRI: see http://www.faqs.org/rfcs/rfc3164.html, 4.1.1
+# - TZOFFSET: "+02:00"
+
+## default message format (standard syslog message format)
+#template t_default  { template("${DATE} ${HOST} ${MSGHDR}${MSG}\n"); template_escape(no); };
+## default message format (standard syslog-ng-3.0 message format)
+template t_default  { template("${ISODATE} ${HOST} ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+## log and admin console messagee formats
+template t_logtty   { template("${DATE}; ${FACILITY}.${PRIORITY}; ${MSGHDR}${MSG}\n"); template_escape(no); };
+template t_admintty { template("${DATE}; ${FACILITY}.${PRIORITY}; ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+## custom local message format (used by default throughout this configuration, also see t_remote_r)
+template t_local    { template("${YEAR}-${MONTH}-${DAY} ${HOUR}:${MIN}:${SEC} ${TZOFFSET}; ${HOST}; ${FACILITY}.${PRIORITY}; ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+## tenshi message format (tenshi.conf needs to be adjusted for this format!)
+template t_tenshi   { template("${HOST}; ${FACILITY}.${PRIORITY}; ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+## mailgraph message format
+template t_mgraph   { template("${DATE} ${HOST} ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+## remote reception message format (replaces time information of received messages with local system time)
+template t_remote_r { template("${R_YEAR}-${R_MONTH}-${R_DAY} ${R_HOUR}:${R_MIN}:${R_SEC} ${R_TZOFFSET}; ${HOST}/${SOURCEIP}; ${FACILITY}.${PRIORITY}; ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+## remote delivery message format (standard syslog protocol format)
+template t_remote_d { template("<${PRI}>${DATE} ${HOST} ${MSGHDR}${MSG}\n"); template_escape(no); };
+
+##
+## local sources
+##
+## see http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch03s03.html
+## and http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch08s01.html
+##
+
+## local syslog messages + syslog-ng internal messages
+source s_local {
+	unix-stream("/dev/log" max-connections(1000));
+	internal();
+};
+
+## kernel messages
+source s_kernel {
+	file("/proc/kmsg" flags(kernel) program_override("kernel"));
+};
+
+##
+## local destinations and log paths
+##
+## see http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch03s04.html
+## and http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch03s05.html
+## and http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch08s02.html
+## and http://www.balabit.com/dl/html/syslog-ng-v3.0-guide-admin-en.html/ch08s03.html
+##
+
+#
+# discard messages
+#
+
+## example for discarding certain messages using an empty destination and the final flag
+#destination d_null { };
+#filter f_null { message("I am a message that wants to be discarded"); };
+#log { source(s_local); filter(f_null); destination(d_null); flags(final); };
+
+#
+# system specials
+#
+
+## kernel messages
+destination d_kernel { file("/var/log/syslog-ng/kernel.log" template(t_local)); };
+log { source(s_kernel); destination(d_kernel); };
+
+## log console
+destination d_logtty { file("/dev/tty10" template(t_logtty)); };
+log { source(s_local); source(s_kernel); destination(d_logtty); };
+
+## admin console
+destination d_admintty { usertty("root"); };
+log { source(s_local); filter(f_emerg); destination(d_admintty); };
+
+## tenshi (log monitoring): log all messages to a fifo -- note: the fifo needs to be created with mkfifo first!
+#destination d_tenshi { fifo("/var/log/tenshi.fifo" owner("root") group("tenshi") perm(0640) template(t_tenshi)); };
+#log { source(s_local); source(s_kernel); destination(d_tenshi); };
+
+## mailgraph: log all messages for facility 'mail' to a fifo -- note: the fifo needs to be created with mkfifo first!
+#destination d_mgraph { fifo("/var/log/mgraph.fifo" owner("root") group("mgraph") perm(0640) template(t_mgraph)); };
+#log { source(s_local); filter(f_mail); destination(d_mgraph); };
+
+#
+# application specific
+#
+
+## firewall (iptables, using custom iptables log prefixes)
+destination d_firewall { file("/var/log/syslog-ng/firewall.log" template(t_local)); };
+filter f_firewall { message("^ipt_FW ") or message("^ip4t_FW ") or message("^ip6t_FW "); };
+log { source(s_kernel); filter(f_firewall); destination(d_firewall); };
+
+## sudo
+destination d_sudo { file("/var/log/syslog-ng/sudo.log" template(t_local)); };
+filter f_sudo { program("^sudo$"); };
+log { source(s_local); filter(f_sudo); destination(d_sudo); };
+
+## sshd
+destination d_sshd { file("/var/log/syslog-ng/sshd.log" template(t_local)); };
+filter f_sshd { program("^sshd$") or program("^sftp-server$"); };
+log { source(s_local); filter(f_sshd); destination(d_sshd); };
+
+## cron
+destination d_cron { file("/var/log/syslog-ng/cron.log" template(t_local)); };
+filter f_cron { facility(cron); };
+log { source(s_local); filter(f_cron); destination(d_cron); };
+
+## xinetd
+destination d_xinetd { file("/var/log/syslog-ng/xinetd.log" template(t_local)); };
+filter f_xinetd { program("^xinetd$"); };
+log { source(s_local); filter(f_xinetd); destination(d_xinetd); };
+
+## postfix
+destination d_postfix { file("/var/log/syslog-ng/postfix.log" template(t_local)); };
+filter f_postfix { program("^postfix/") or program("^postgrey"); };
+log { source(s_local); filter(f_postfix); destination(d_postfix); };
+
+## fetchmail
+destination d_fetchmail { file("/var/log/syslog-ng/fetchmail.log" template(t_local)); };
+filter f_fetchmail { program("^fetchmail$"); };
+log { source(s_local); filter(f_fetchmail); destination(d_fetchmail); };
+
+## dovecot
+destination d_dovecot { file("/var/log/syslog-ng/dovecot.log" template(t_local)); };
+filter f_dovecot { program("^dovecot$"); };
+log { source(s_local); filter(f_dovecot); destination(d_dovecot); };
+
+## courier smtp/imap/pop3
+destination d_courier { file("/var/log/syslog-ng/courier.log" template(t_local)); };
+filter f_courier { program("^courier") or program("^pop3d$") or program("^pop3d-ssl$") or program("^imapd$") or program("^imapd-ssl$"); };
+log { source(s_local); filter(f_courier); destination(d_courier); };
+
+## uw-imap
+#destination d_uwimap { file("/var/log/syslog-ng/uw-imap.log" template(t_local)); };
+#filter f_uwimap { program("^ipop3d$") or program("^imapd$"); };
+#log { source(s_local); filter(f_uwimap); destination(d_uwimap); };
+
+## antivir
+destination d_antivir { file("/var/log/syslog-ng/antivir.log" template(t_local)); };
+filter f_antivir { program("^antivir$"); };
+log { source(s_local); filter(f_antivir); destination(d_antivir); };
+
+## antivir mailgate
+destination d_avmailgate { file("/var/log/syslog-ng/avmailgate.log" template(t_local)); };
+filter f_avmailgate { program("^avmailgate.bin$") or program("^avgated$") or program("^avgatefwd$"); };
+log { source(s_local); filter(f_avmailgate); destination(d_avmailgate); };
+
+## clamav
+destination d_clamav { file("/var/log/syslog-ng/clamav.log" template(t_local)); };
+filter f_clamav { program("^clamd$") or program("^freshclam$"); };
+log { source(s_local); filter(f_clamav); destination(d_clamav); };
+
+## amavis
+## mark debug messages as final so they don't get into any other file
+destination d_amavis { file("/var/log/syslog-ng/amavis.log" template(t_local)); };
+filter f_amavis { program("^amavis$"); };
+log { source(s_local); filter(f_amavis); filter(f_debug); destination(d_amavis); flags(final); };
+log { source(s_local); filter(f_amavis); destination(d_amavis); };
+
+## spamassassin
+destination d_spamassassin { file("/var/log/syslog-ng/spamassassin.log" template(t_local)); };
+filter f_spamassassin { program("^spamd$") or program("^spamc"); };
+log { source(s_local); filter(f_spamassassin); destination(d_spamassassin); };
+
+## ntpd
+destination d_ntpd { file("/var/log/syslog-ng/ntpd.log" template(t_local)); };
+filter f_ntpd { program("^ntpd$"); };
+log { source(s_local); filter(f_ntpd); destination(d_ntpd); };
+
+## OpenVPN
+destination d_openvpn { file("/var/log/syslog-ng/openvpn.log" template(t_local)); };
+filter f_openvpn { program("^openvpn"); };
+log { source(s_local); filter(f_openvpn); destination(d_openvpn); };
+
+## pppd
+destination d_pppd { file("/var/log/syslog-ng/pppd.log" template(t_local)); };
+filter f_pppd { program("^pppd$"); };
+log { source(s_local); filter(f_pppd); destination(d_pppd); };
+
+## pmacctd
+destination d_pmacctd { file("/var/log/syslog-ng/pmacctd.log" template(t_local)); };
+filter f_pmacctd { program("^pmacctd$"); };
+log { source(s_local); filter(f_pmacctd); destination(d_pmacctd); };
+
+## nagios
+destination d_nagios { file("/var/log/syslog-ng/nagios.log" template(t_local)); };
+filter f_nagios { program("^nagios$"); };
+log { source(s_local); filter(f_nagios); destination(d_nagios); };
+
+## named
+destination d_named { file("/var/log/syslog-ng/named.log" template(t_local)); };
+filter f_named { program("^named$"); };
+log { source(s_local); filter(f_named); destination(d_named); };
+
+## OpenLDAP SLAPD
+## mark debug messages as final so they don't get into any other file
+destination d_slapd { file("/var/log/syslog-ng/slapd.log" template(t_local)); };
+filter f_slapd { program("^slapd$"); };
+log { source(s_local); filter(f_slapd); filter(f_debug); destination(d_slapd); flags(final); };
+log { source(s_local); filter(f_slapd); destination(d_slapd); };
+
+## samba
+destination d_samba { file("/var/log/syslog-ng/samba.log" template(t_local)); };
+filter f_samba { program("^[ns]mbd$"); };
+log { source(s_local); filter(f_samba); destination(d_samba); };
+
+## jabberd
+destination d_jabberd { file("/var/log/syslog-ng/jabberd.log" template(t_local)); };
+filter f_jabberd { program("^jabberd/"); };
+log { source(s_local); filter(f_jabberd); destination(d_jabberd); };
+
+## php-cli
+destination d_php { file("/var/log/syslog-ng/php.log" template(t_local)); };
+filter f_php { program("^php$"); };
+log { source(s_local); filter(f_php); destination(d_php); };
+
+## hardened php
+destination d_hphp { file("/var/log/syslog-ng/hphp.log" template(t_local)); };
+filter f_hphp { program("^hphp$"); };
+log { source(s_local); filter(f_hphp); destination(d_hphp); };
+
+## hddtemp
+destination d_hddtemp { file("/var/log/syslog-ng/hddtemp.log" template(t_local)); };
+filter f_hddtemp { program("^hddtemp$"); };
+log { source(s_local); filter(f_hddtemp); destination(d_hddtemp); };
+
+## smartd (smartmontools)
+destination d_smartd { file("/var/log/syslog-ng/smartd.log" template(t_local)); };
+filter f_smartd { program("^smartd$"); };
+log { source(s_local); filter(f_smartd); destination(d_smartd); };
+
+## arpwatch
+destination d_arpwatch { file("/var/log/syslog-ng/arpwatch.log" template(t_local)); };
+filter f_arpwatch { program("^arpwatch$"); };
+log { source(s_local); filter(f_arpwatch); destination(d_arpwatch); };
+
+## DRBD
+destination d_drbd { file("/var/log/syslog-ng/drbd.log" template(t_local)); };
+filter f_drbd { message("^drbd([[:digit:]]+)?:"); };
+log { source(s_kernel); filter(f_drbd); destination(d_drbd); };
+
+## Linux-HA: attrd
+destination d_ha_attrd { file("/var/log/syslog-ng/ha/attrd.log" template(t_local)); };
+filter f_ha_attrd { program("^attrd$"); };
+log { source(s_local); filter(f_ha_attrd); destination(d_ha_attrd); };
+
+## Linux-HA: ccm
+destination d_ha_ccm { file("/var/log/syslog-ng/ha/ccm.log" template(t_local)); };
+filter f_ha_ccm { program("^ccm$"); };
+log { source(s_local); filter(f_ha_ccm); destination(d_ha_ccm); };
+
+## Linux-HA: cib
+destination d_ha_cib { file("/var/log/syslog-ng/ha/cib.log" template(t_local)); };
+filter f_ha_cib { program("^cib$"); };
+log { source(s_local); filter(f_ha_cib); destination(d_ha_cib); };
+
+## Linux-HA: cibmon
+destination d_ha_cibmon { file("/var/log/syslog-ng/ha/cibmon.log" template(t_local)); };
+filter f_ha_cibmon { program("^cibmon$"); };
+log { source(s_local); filter(f_ha_cibmon); destination(d_ha_cibmon); };
+
+## Linux-HA: crmd
+destination d_ha_crmd { file("/var/log/syslog-ng/ha/crmd.log" template(t_local)); };
+filter f_ha_crmd { program("^crmd$"); };
+log { source(s_local); filter(f_ha_crmd); destination(d_ha_crmd); };
+
+## Linux-HA: heartbeat
+destination d_ha_heartbeat { file("/var/log/syslog-ng/ha/heartbeat.log" template(t_local)); };
+filter f_ha_heartbeat { program("^heartbeat$"); };
+log { source(s_local); filter(f_ha_heartbeat); destination(d_ha_heartbeat); };
+
+## Linux-HA: ipfail
+destination d_ha_ipfail { file("/var/log/syslog-ng/ha/ipfail.log" template(t_local)); };
+filter f_ha_ipfail { program("^ipfail$"); };
+log { source(s_local); filter(f_ha_ipfail); destination(d_ha_ipfail); };
+
+## Linux-HA: logd
+destination d_ha_logd { file("/var/log/syslog-ng/ha/logd.log" template(t_local)); };
+filter f_ha_logd { program("^logd$"); };
+log { source(s_local); filter(f_ha_logd); destination(d_ha_logd); };
+
+## Linux-HA: lrmd
+destination d_ha_lrmd { file("/var/log/syslog-ng/ha/lrmd.log" template(t_local)); };
+filter f_ha_lrmd { program("^lrmd$"); };
+log { source(s_local); filter(f_ha_lrmd); destination(d_ha_lrmd); };
+
+## Linux-HA: pengine
+destination d_ha_pengine { file("/var/log/syslog-ng/ha/pengine.log" template(t_local)); };
+filter f_ha_pengine { program("^pengine$"); };
+log { source(s_local); filter(f_ha_pengine); destination(d_ha_pengine); };
+
+## Linux-HA: pingd
+destination d_ha_pingd { file("/var/log/syslog-ng/ha/pingd.log" template(t_local)); };
+filter f_ha_pingd { program("^pingd$"); };
+log { source(s_local); filter(f_ha_pingd); destination(d_ha_pingd); };
+
+## Linux-HA: stonithd
+destination d_ha_stonithd { file("/var/log/syslog-ng/ha/stonithd.log" template(t_local)); };
+filter f_ha_stonithd { program("^stonithd$"); };
+log { source(s_local); filter(f_ha_stonithd); destination(d_ha_stonithd); };
+
+## Linux-HA: tengine
+destination d_ha_tengine { file("/var/log/syslog-ng/ha/tengine.log" template(t_local)); };
+filter f_ha_tengine { program("^tengine$"); };
+log { source(s_local); filter(f_ha_tengine); destination(d_ha_tengine); };
+
+## Linux-HA: special discarding of debug and XML messages for any default destinations
+#destination d_ha_discard { };
+#filter f_ha_debug { facility(local0) and priority(debug); };
+#log { source(s_local); filter(f_ha_debug); destination(d_ha_discard); flags(final); };
+#filter f_ha_xml { facility(local0) and (program("^log_data_element") or program("^log_cib_diff") or program("^retrieveCib") or program("^cibmon_diff")); };
+#log { source(s_local); filter(f_ha_xml); destination(d_ha_discard); flags(final); };
+
+## gentoo hardened stuff
+destination d_avc { file("/var/log/syslog-ng/avc.log" template(t_local)); };
+destination d_audit { file("/var/log/syslog-ng/audit.log" template(t_local)); };
+destination d_pax { file("/var/log/syslog-ng/pax.log" template(t_local)); };
+destination d_grsec { file("/var/log/syslog-ng/grsec.log" template(t_local)); };
+filter f_avc { message("avc:"); };
+filter f_audit { message("^audit") and not message("avc:"); };
+filter f_pax { message("^PAX:"); };
+filter f_grsec { message("^grsec:"); };
+log { source(s_kernel); filter(f_avc); destination(d_avc); };
+log { source(s_kernel); filter(f_audit); destination(d_audit); };
+log { source(s_kernel); filter(f_pax); destination(d_pax); };
+log { source(s_kernel); filter(f_grsec); destination(d_grsec); };
+
+#
+# default: all messages (local syslog + kernel)
+#
+# should be at the end so that application specific messages with
+# "final" flag are not logged
+#
+
+destination d_messages { file("/var/log/messages" template(t_local)); };
+log { source(s_local); source(s_kernel); destination(d_messages); };
+
+##
+## remote delivery
+##
+
+## remote destination: syslog server directly via UDP (standard syslog)
+#destination d_remote { udp("syslog.example.com" port(514) template(t_remote_d)); };
+#log { source(s_local); source(s_kernel); destination(d_remote); };
+
+## remote destination: syslog server via TCP and stunnel (for secured logging)
+#destination d_remote { tcp("localhost" port(514) template(t_remote_d)); };
+#log { source(s_local); source(s_kernel); destination(d_remote); };
+
+##
+## remote reception
+##
+
+## remote source
+#source s_remote {
+#	udp(localip("0.0.0.0") localport(514));
+#	udp(localip("127.0.0.1") localport(514));
+#	udp(localip("192.168.0.1") localport(514));
+#	tcp(localip("0.0.0.0") localport(514) max-connections(5));
+#	tcp(localip("127.0.0.1") localport(514) max-connections(50));
+#	tcp(localip("192.168.0.1") localport(514) max-connections(50));
+#};
+
+## tenshi (log monitoring)
+#log { source(s_remote); destination(d_tenshi); };
+
+## all hosts, all messages
+#destination d_remote_hosts { file("/var/log/syslog-ng.remote/${R_YEAR}/${R_MONTH}/${R_DAY}/${HOST}/messages" template(t_remote_r)); };
+#log { source(s_remote); destination(d_remote_hosts); };
+
+## all hosts, kernel messages
+#destination d_remote_hosts_kernel { file("/var/log/syslog-ng.remote/${R_YEAR}/${R_MONTH}/${R_DAY}/${HOST}/kernel.log" template(t_remote_r)); };
+#log { source(s_remote); filter(f_kern); destination(d_remote_hosts_kernel); };
+
+## all hosts, user messages
+#destination d_remote_hosts_user { file("/var/log/syslog-ng.remote/${R_YEAR}/${R_MONTH}/${R_DAY}/${HOST}/user.log" template(t_remote_r)); };
+#log { source(s_remote); filter(f_user); destination(d_remote_hosts_user); };
diff --git a/app-admin/syslog-ng/files/syslog-ng.confd b/app-admin/syslog-ng/files/syslog-ng.confd
new file mode 100644
index 0000000..170862f
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.confd
@@ -0,0 +1,6 @@
+# Config file for /etc/init.d/syslog-ng
+
+# Put any additional options for syslog-ng here.
+# See syslog-ng(8) for more information.
+
+SYSLOG_NG_OPTS=""
diff --git a/app-admin/syslog-ng/files/syslog-ng.init b/app-admin/syslog-ng/files/syslog-ng.init
new file mode 100644
index 0000000..6696182
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.init
@@ -0,0 +1,62 @@
+#!/sbin/runscript
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header$
+
+opts="checkconfig reload"
+
+depend() {
+	# Make networking dependency conditional on configuration
+	case $(sed 's/#.*//' /etc/syslog-ng/syslog-ng.conf) in
+		*source*tcp*|*source*udp*|*destination*tcp*|*destination*udp*)
+			need net
+			use stunnel
+			after dns ;;
+	esac
+
+	need clock hostname localmount
+	provide logger
+
+	# kludge for baselayout-1 compatibility
+	[ -z "${svclib}" ] && config /etc/syslog-ng/syslog-ng.conf
+}
+
+checkconfig() {
+	if [ ! -e /etc/syslog-ng/syslog-ng.conf ] ; then
+		eerror "You need to create /etc/syslog-ng/syslog-ng.conf first."
+		eerror "An example can be found in /etc/syslog-ng/syslog-ng.conf.sample"
+		return 1
+	fi
+	syslog-ng -s
+
+	# the start and reload functions have their own eends so 
+	# avoid calling this twice when there are no problems
+	[ $? -eq 0 ] || eend $? "Configuration error. Please fix your configfile (/etc/syslog-ng/syslog-ng.conf)"
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting syslog-ng"
+	[ -n "${SYSLOG_NG_OPTS}" ] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}"
+	start-stop-daemon --start --quiet --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS}
+	eend $? "Failed to start syslog-ng"
+}
+
+stop() {
+	ebegin "Stopping syslog-ng"
+	start-stop-daemon --stop --quiet --pidfile /var/run/syslog-ng.pid
+	eend $? "Failed to stop syslog-ng"
+	sleep 1 # needed for syslog-ng to stop in case we're restarting
+}
+
+reload() {
+	if [ ! -f /var/run/syslog-ng.pid ]; then
+		eerror "syslog-ng isn't running"
+		return 1
+	fi
+	checkconfig || return 1
+	ebegin "Reloading configuration and re-opening log files"
+	start-stop-daemon --stop --oknodo --signal HUP \
+	    --pidfile /var/run/syslog-ng.pid
+	eend $?
+}
diff --git a/app-admin/syslog-ng/files/syslog-ng.logrotate b/app-admin/syslog-ng/files/syslog-ng.logrotate
new file mode 100644
index 0000000..1116846
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.logrotate
@@ -0,0 +1,42 @@
+# $Header: $
+# logrotate config for syslog-ng local logs created by
+# - Wolfram Schlich <wschlich@gentoo.org>
+# - Klaus Schleicher <ks@pegasus-edv.de>
+# Distributed under the terms of the GNU General Public License v2
+
+/var/log/messages /var/log/syslog-ng/*.log {
+	## save rotated logfiles to another directory
+	olddir /var/log/syslog-ng.archive
+	## rotate daily
+	daily
+	## keep 30 old copies
+	rotate 30
+	## use .YYYYMMDD instead of .0,.1,.2 etc.
+	dateext
+	## also rotate empty logfiles to strictly retain chronology
+	ifempty
+	## re-create source logfile with original permissions
+	## do NOT use copy or copytruncate!
+	create
+	## compress on next logrotate run (e.g. next day) to give
+	## programs the chance to close the old logfile
+	delaycompress
+	## compress logfiles
+	compress
+	compresscmd /bin/gzip
+	compressoptions -9
+	uncompresscmd /bin/gunzip
+	## don't throw an error when a file doesn't exist
+	missingok
+	## reload syslog-ng after rotating all logfiles
+	sharedscripts
+	postrotate
+		/etc/init.d/syslog-ng reload >/dev/null
+		## restart mailgraph because mgraph.fifo
+		## was closed and reopened upon syslog-ng
+		## reload, causing mailgraph to shutdown
+		if [ -e /etc/init.d/mailgraph ]; then
+			/etc/init.d/mailgraph restart >/dev/null
+		fi
+	endscript
+}
diff --git a/app-admin/syslog-ng/files/syslog-ng.remote.current.cron b/app-admin/syslog-ng/files/syslog-ng.remote.current.cron
new file mode 100755
index 0000000..f6047c6
--- /dev/null
+++ b/app-admin/syslog-ng/files/syslog-ng.remote.current.cron
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Wolfram Schlich <wschlich@gentoo.org>
+# Script to maintain the /var/log/syslog-ng.remote/current symlink
+# To be placed in /etc/cron.daily
+syslog_ng_remote_dir=/var/log/syslog-ng.remote
+current="$(date +%Y/%m/%d)"
+current_src="${syslog_ng_remote_dir}/${current}"
+current_dst="${syslog_ng_remote_dir}/current"
+test -d "${current_src}" || exit 1
+test -L "${current_dst}" && { rm -f "${current_dst}" || exit 2; }
+ln -sf "${current}" "${current_dst}" || exit 3
diff --git a/app-admin/syslog-ng/syslog-ng-2.1.4.ebuild b/app-admin/syslog-ng/syslog-ng-2.1.4.ebuild
new file mode 100644
index 0000000..f6c4508
--- /dev/null
+++ b/app-admin/syslog-ng/syslog-ng-2.1.4.ebuild
@@ -0,0 +1,113 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+inherit autotools fixheadtails
+
+DESCRIPTION="syslog replacement with advanced filtering features"
+HOMEPAGE="http://www.balabit.com/products/syslog_ng/"
+SRC_URI="http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/${PV}/source/${PN}_${PV}.tar.gz"
+RESTRICT="nomirror"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="doc ipv6 logrotate spoof-source sql static tcpd"
+
+RDEPEND=">=dev-libs/eventlog-0.2.6
+	spoof-source? ( net-libs/libnet )
+	tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+	sql? ( >=dev-db/libdbi-0.8.3 )
+	>=dev-libs/glib-2.2"
+DEPEND="${RDEPEND}
+	sys-devel/flex"
+PROVIDE="virtual/logger"
+
+src_unpack() {
+	unpack ${A}
+	cd ${S}
+	ht_fix_file configure
+	if use doc; then
+		cd "${S}/doc/reference"
+		unpack ./syslog-ng.html.tar.gz || die "failed to unpack docs"
+	fi
+}
+
+src_compile() {
+	econf \
+		--sysconfdir=/etc/syslog-ng \
+		--disable-dependency-tracking \
+		$(use_enable ipv6) \
+		$(use_enable spoof-source) \
+		$(use_enable sql) \
+		$(use_enable !static dynamic-linking) \
+		$(use_enable static static-linking) \
+		$(use_enable tcpd tcp-wrapper) \
+		|| die
+	emake || die "emake failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+
+	dodoc AUTHORS ChangeLog NEWS README \
+		doc/examples/syslog-ng.conf.sample \
+		doc/reference/{syslog-ng.xml,syslog-ng.xsl,syslog-ng.txt} \
+		contrib/{syslog2ng,syslog-ng.vim,relogger.pl}
+	use doc && dohtml doc/sgml/syslog-ng.html/*
+
+	newinitd ${FILESDIR}/syslog-ng.init syslog-ng
+
+	insinto /etc/syslog-ng
+	newins ${FILESDIR}/syslog-ng.conf syslog-ng.conf
+
+	if use logrotate; then
+		insinto /etc/logrotate.d
+		newins ${FILESDIR}/syslog-ng.logrotate syslog-ng
+		diropts -m 0750 -o root -g adm
+		dodir /var/log/syslog-ng.archive
+	fi
+
+	dodoc ${FILESDIR}/syslog-ng.remote.current.cron
+}
+
+pkg_postinst() {
+	einfo
+	einfo "The bundled syslog-ng.conf is prepared for being used"
+	einfo "for standalone, logclient and logserver installations"
+	einfo "(they can all be combined for one installation if desired)."
+	einfo
+	einfo "For standalone or logserver installations, local messages"
+	einfo "should be logged to /var/log/messages (all messages)"
+	einfo "and /var/log/syslog-ng/ (for application or facility based"
+	einfo "logging) and be archived to /var/log/syslog-ng.archive/"
+	einfo "using the bundled logrotate config snippet."
+	einfo
+	einfo "If you are using this installation for a logserver,"
+	einfo "remote messages should be logged to a directory like"
+	einfo "/var/log/syslog-ng.remote/YEAR/MONTH/DAY/HOSTNAME/"
+	einfo "and NOT be rotated with logrotate (syslog-ng.conf has"
+	einfo "an example on logging to such a destination)."
+	einfo "You can use the included syslog-ng.remote.current.cron"
+	einfo "to maintain a current symlink from 'current' to the"
+	einfo "current YEAR/MONTH/DAY directory for convenience (makes"
+	einfo "it easier to 'tail -f' or 'less +F' the current logfiles)."
+	einfo "To do so, simply copy the cron script to /etc/cron.daily/."
+	einfo "You might also want to have a look at stunnel for securely"
+	einfo "tunneling remote log messages via SSL over TCP."
+	einfo "I might add some stunnel sample configs to this package"
+	einfo "in the future ;-)"
+	einfo
+	einfo "You might want to use app-admin/tenshi for monitoring"
+	einfo "the logs. The bundled syslog-ng.conf is prepared for"
+	einfo "logging messages to a dedicated fifo for tenshi, which"
+	einfo "is believed to be the best solution available."
+	einfo
+	ewarn
+	ewarn "ATTENTION: since version 2.0.1, the values of the"
+	ewarn "           syslog-ng.conf options dir_owner(),"
+	ewarn "           dir_group(), owner() and group()"
+	ewarn "           MUST be quoted when they are a"
+	ewarn "           string instead of a UID/GID!"
+	ewarn
+}
diff --git a/app-admin/syslog-ng/syslog-ng-3.0.4-r100.ebuild b/app-admin/syslog-ng/syslog-ng-3.0.4-r100.ebuild
new file mode 100644
index 0000000..ca1f50b
--- /dev/null
+++ b/app-admin/syslog-ng/syslog-ng-3.0.4-r100.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/syslog-ng-3.0.4.ebuild,v 1.5 2009/10/30 11:04:45 maekke Exp $
+
+EAPI=2
+inherit fixheadtails eutils
+
+MY_PV=${PV/_/}
+DESCRIPTION="syslog replacement with advanced filtering features"
+HOMEPAGE="http://www.balabit.com/products/syslog_ng/"
+SRC_URI="http://www.balabit.com/downloads/files/syslog-ng/sources/${PV}/source/syslog-ng_${PV}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~mips ppc ~ppc64 ~s390 ~sh ~sparc x86 ~x86-fbsd"
+IUSE="caps ipv6 pcre selinux spoof-source sql ssl static tcpd"
+RESTRICT="test"
+
+LIBS_DEPEND="
+	spoof-source? ( net-libs/libnet )
+	ssl? ( dev-libs/openssl )
+	tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+	>=dev-libs/eventlog-0.2
+	>=dev-libs/glib-2.10.1:2
+	caps? ( sys-libs/libcap )
+	sql? ( >=dev-db/libdbi-0.8.3 )"
+RDEPEND="
+	!static? (
+		pcre? ( dev-libs/libpcre )
+		${LIBS_DEPEND}
+	)"
+DEPEND="${RDEPEND}
+	${LIBS_DEPEND}
+	dev-util/pkgconfig
+	sys-devel/flex"
+PROVIDE="virtual/logger"
+
+src_prepare() {
+	ht_fix_file configure
+}
+
+src_configure() {
+	local myconf
+
+	if use static ; then
+		myconf="${myconf} --enable-static-linking"
+		if use pcre ; then
+			ewarn "USE=pcre is incompatible with static linking"
+			myconf="${myconf} --disable-pcre"
+		fi
+	else
+			myconf="${myconf} --enable-dynamic-linking"
+	fi
+	econf \
+		--disable-dependency-tracking \
+		--sysconfdir=/etc/syslog-ng \
+		--with-pidfile-dir=/var/run \
+		$(use_enable caps linux-caps) \
+		$(use_enable ipv6) \
+		$(use_enable pcre) \
+		$(use_enable spoof-source) \
+		$(use_enable sql) \
+		$(use_enable ssl) \
+		$(use_enable tcpd tcp-wrapper) \
+		${myconf}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+
+	dodoc AUTHORS ChangeLog NEWS README \
+		doc/examples/{syslog-ng.conf.sample,syslog-ng.conf.solaris} \
+		contrib/syslog-ng.conf* \
+		contrib/syslog2ng # "${FILESDIR}/syslog-ng.conf."*
+	dohtml doc/reference/syslog-ng.html/*
+
+	newinitd ${FILESDIR}/syslog-ng.init syslog-ng
+
+	insinto /etc/syslog-ng
+	newins ${FILESDIR}/syslog-ng.conf-3.0 syslog-ng.conf
+
+	insinto /etc/logrotate.d
+	newins ${FILESDIR}/syslog-ng.logrotate syslog-ng
+	diropts -m 0750 -o root -g adm
+	dodir /var/log/syslog-ng.archive
+
+	dodoc ${FILESDIR}/syslog-ng.remote.current.cron
+}
+
+pkg_postinst() {
+	einfo
+	einfo "The bundled syslog-ng.conf is prepared for being used"
+	einfo "for standalone, logclient and logserver installations"
+	einfo "(they can all be combined for one installation if desired)."
+	einfo
+	einfo "For standalone or logserver installations, local messages"
+	einfo "should be logged to /var/log/messages (all messages)"
+	einfo "and /var/log/syslog-ng/ (for application or facility based"
+	einfo "logging) and be archived to /var/log/syslog-ng.archive/"
+	einfo "using the bundled logrotate config snippet."
+	einfo
+	einfo "If you are using this installation for a logserver,"
+	einfo "remote messages should be logged to a directory like"
+	einfo "/var/log/syslog-ng.remote/YEAR/MONTH/DAY/HOSTNAME/"
+	einfo "and NOT be rotated with logrotate (syslog-ng.conf has"
+	einfo "an example on logging to such a destination)."
+	einfo "You can use the included syslog-ng.remote.current.cron"
+	einfo "to maintain a current symlink from 'current' to the"
+	einfo "current YEAR/MONTH/DAY directory for convenience (makes"
+	einfo "it easier to 'tail -f' or 'less +F' the current logfiles)."
+	einfo "To do so, simply copy the cron script to /etc/cron.daily/."
+	einfo "You might also want to have a look at stunnel for securely"
+	einfo "tunneling remote log messages via SSL over TCP."
+	einfo "I might add some stunnel sample configs to this package"
+	einfo "in the future ;-)"
+	einfo
+	einfo "You might want to use app-admin/tenshi for monitoring"
+	einfo "the logs. The bundled syslog-ng.conf is prepared for"
+	einfo "logging messages to a dedicated fifo for tenshi, which"
+	einfo "is believed to be the best solution available."
+	einfo
+	ewarn
+	ewarn "ATTENTION: since version 2.0.1, the values of the"
+	ewarn "           syslog-ng.conf options dir_owner(),"
+	ewarn "           dir_group(), owner() and group()"
+	ewarn "           MUST be quoted when they are a"
+	ewarn "           string instead of a UID/GID!"
+	ewarn
+}