proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

8 files changed, 486 insertions, 0 deletions

diff --git a/dev-libs/opencryptoki/Manifest b/dev-libs/opencryptoki/Manifest
new file mode 100644
index 000000000000..9f7f457a7f92
--- /dev/null
+++ b/dev-libs/opencryptoki/Manifest
@@ -0,0 +1,5 @@
+DIST opencryptoki-2.3.3-backports-3.tar.bz2 5972 SHA256 fb913dbb5c2b0d87067d9738892b2a4c4a7c192d6335cc0bae2a7083e913aa74 SHA512 bff2b1cd907d814a61296a99eaa5cdcb983355def8022ec09620048415e66b5feea425cba2d19b9f023073165969e981358dc6e406b1bc62f1e00f49e91ef943 WHIRLPOOL c77b1aa0268043d31b3d9d9d53d6416d9d8af5fbb29b07f498aaed61807c1848961b046192ca7eab227f055ba829c13bfa2696d016795b4df71e467c2a0185cc
+DIST opencryptoki-2.3.3.tar.bz2 694854 SHA256 7ccae6350a7043c2abade1eb1517edb987f13e98584dd28733172e8d36600aa2 SHA512 2c7ea2f689daba92ec178198dc1a3ffbc4812f4547a574b86cc8b69ada4e3aefb2613d4d291829d81b97d91d5d3fbe1735bd9b3f99db415ddcb4ca03863ddc4a WHIRLPOOL 3a955b464ea44c1dc50ce9869bbc48ced2a3962ef533491aa53956cccbca1fcf9411ffcccd1839384e7f3ba87368dba4c8c415f283139169391224a1f4cf5092
+DIST opencryptoki-2.4.2.tar.gz 1083876 SHA256 0bfbcf956fec078af12c34cd447c6274a5e7e886335c3b8b81106d20ccefa0d9 SHA512 2f760968cec7f15f7de38f0c74e0444d75d1a247d1efd9fc17a17ac5f2bcc4fd283def49d46baeea0c5adb6e19236993b4e8937f0e32162bcc7dbac8066144b9 WHIRLPOOL d7df0db3450d33c3e28be0031b48f22d89387f12f35ca868f593f82a87abb9eea89f28be43fb4ce3b17dee6e1d226fc08586320fbce4e0bf7d57db871d3cd76c
+DIST opencryptoki-2.4.3.tar.gz 1111897 SHA256 3ddc0a0e96957e64e61a960c8a7bfcff0030564ebf4f6848abe0740491fd52bc SHA512 e33d8df344161909c1fc0626880d89e47ac902c5f780cc04af07691fff20c50bdea5bfa0368df39fff84b365342f704638e90b329a3ae12ab5fb5f668c50a164 WHIRLPOOL ab5836f30749e7bb56b1ba882c15098096d7c36e1f9dd65a83a93d9b497231258a54c5a60cf4847fce8267c086a3aea380c33380fcb9d7a20c770f5f922846d7
+DIST opencryptoki-v3.3.tgz 937619 SHA256 e1deac5edd571621dc1624e9b7af8d1632d6db6f18815f5ed8824fc78f354609 SHA512 53efbc6009da178473abf17d092249781b1eb465f68c83653bd5e88703b9ad74ce9e0128486dffec65beaf8b8974ea6852d206ec5bf035c7296a40c8f84791ab WHIRLPOOL d939eb97bb7f2b54d510326ac4dba4dc49f9f725fa8900687fd8ebe199ce1c2a797a6e514378995f24ef5b9e904b29434edf962537dc545c2fc2206d180b1d43
diff --git a/dev-libs/opencryptoki/files/opencryptoki-2.4.2-destdir.patch b/dev-libs/opencryptoki/files/opencryptoki-2.4.2-destdir.patch
new file mode 100644
index 000000000000..e1375c7130bc
--- /dev/null
+++ b/dev-libs/opencryptoki/files/opencryptoki-2.4.2-destdir.patch
@@ -0,0 +1,26 @@
+From fcc24176398ab2f40c33ebc686c2f803782af8d6 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Sat, 15 Dec 2012 22:13:56 +0200
+Subject: [PATCH] Always use DESTDIR when installing
+
+---
+ usr/Makefile.am |    6 +++---
+ 1 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/usr/Makefile.am b/usr/Makefile.am
+index bced120..20352d5 100644
+--- a/usr/Makefile.am
++++ b/usr/Makefile.am
+@@ -5,6 +5,6 @@ endif
+ SUBDIRS = lib $(DAEMONDIRS)
+ 
+ install-data-hook:
+-	$(MKDIR_P) $(lockdir)
+-	$(CHGRP) pkcs11 $(lockdir)
+-	$(CHMOD) 0770 $(lockdir)
++	$(MKDIR_P) $(DESTDIR)$(lockdir)
++	$(CHGRP) pkcs11 $(DESTDIR)$(lockdir)
++	$(CHMOD) 0770 $(DESTDIR)$(lockdir)
+-- 
+1.7.8.6
+
diff --git a/dev-libs/opencryptoki/files/pkcsslotd.init.2 b/dev-libs/opencryptoki/files/pkcsslotd.init.2
new file mode 100644
index 000000000000..dfeb6228b078
--- /dev/null
+++ b/dev-libs/opencryptoki/files/pkcsslotd.init.2
@@ -0,0 +1,27 @@
+#!/sbin/runscript
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+	need localmount
+
+	# Optional services (see ebuild)
+	use tcsd
+}
+
+start() {
+	# detect available tokens and set up
+	# /var/lib/opencryptoki/pk_config_data
+	ebegin "Preparing pkcs configuration"
+	/usr/sbin/pkcs11_startup
+
+	ebegin "Starting pkcsslotd"
+	start-stop-daemon --start --exec /usr/sbin/pkcsslotd --pidfile /var/run/pkcsslotd.pid
+	eend $? "Check your logs to see why startup failed"
+}
+
+stop() {
+	ebegin "Stopping pkcsslotd"
+	start-stop-daemon --stop --exec /usr/sbin/pkcsslotd --pidfile /var/run/pkcsslotd.pid
+	eend $?
+}
diff --git a/dev-libs/opencryptoki/metadata.xml b/dev-libs/opencryptoki/metadata.xml
new file mode 100644
index 000000000000..83bdc03df715
--- /dev/null
+++ b/dev-libs/opencryptoki/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<herd>crypto</herd>
+	<use>
+		<flag name="tpm">
+      Enable support for Trusted Platform Module (TPM) using <pkg>app-crypt/trousers</pkg>
+    </flag>
+	</use>
+	<upstream>
+		<remote-id type="sourceforge">opencryptoki</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/dev-libs/opencryptoki/opencryptoki-2.3.3-r5.ebuild b/dev-libs/opencryptoki/opencryptoki-2.3.3-r5.ebuild
new file mode 100644
index 000000000000..04f97e0cce67
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-2.3.3-r5.ebuild
@@ -0,0 +1,110 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+# backports are maintained as tags on Diego's repository on gitorious:
+# http://gitorious.org/~flameeyes/opencryptoki/flameeyess-opencryptoki
+BACKPORTS=3
+
+inherit autotools eutils multilib flag-o-matic user
+
+DESCRIPTION="PKCS#11 provider cryptographic hardware"
+HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${P}.tar.bz2
+	${BACKPORTS:+
+		http://dev.gentoo.org/~flameeyes/${PN}/${P}-backports-${BACKPORTS}.tar.bz2}"
+
+# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA
+# token sources are under CPL-1.0 already.
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+		 dev-libs/openssl"
+DEPEND="${RDEPEND}"
+
+IUSE="+tpm debug"
+
+# tests right now basically don't exist; the only available thing would
+# test against an installed copy and would kill a running pcscd, all
+# things that we're not interested to.
+RESTRICT=test
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	[[ -n ${BACKPORTS} ]] && \
+		EPATCH_MULTI_MSG="Applying backports patches #${BACKPORTS} ..." \
+		EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
+			epatch
+
+	eautoreconf
+}
+
+src_configure() {
+	# package uses ${localstatedir}/lib as the default path, so if we
+	# leave it to econf, it'll create /var/lib/lib.
+
+	# Since upstream by default seem to enable any possible token, even
+	# when they don't seem to be used, we limit ourselves to the
+	# software emulation token (swtok) and if the user enabled the tpm
+	# USE flag, tpmtok.  The rest of the tokens seem to be hardware- or
+	# software-dependent even when they build fine without their
+	# requirements, but until somebody asks for those, I'd rather not
+	# enable them.
+
+	# We don't use --enable-debug because that tinkers with the CFLAGS
+	# and we don't want that. Instead we append -DDEBUG which enables
+	# debug information.
+	use debug && append-flags -DDEBUG
+
+	econf \
+		--localstatedir=/var \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		--disable-debug \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-aeptok \
+		--disable-bcomtok \
+		--disable-ccatok \
+		--disable-crtok \
+		--disable-icctok \
+		--disable-pkcscca_migrate
+}
+
+src_install() {
+	emake install DESTDIR="${D}" || die "emake install failed"
+
+	# Install libopencryptoki in the standard directory for libraries.
+	mv "${D}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${D}"/usr/$(get_libdir) || die
+	rm "${D}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so
+	dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so
+
+	# Remove compatibility symlinks as we _never_ required those and
+	# they seem unused even upstream.
+	find "${D}" -name 'PKCS11_*' -delete
+
+	# doesn't use libltdl; only dlopen()-based interfaces
+	find "${D}" -name '*.la' -delete
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${D}"/etc/ld.so.conf.d "${D}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init
+	use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	dodoc README AUTHORS FAQ TODO doc/openCryptoki-HOWTO.pdf || die
+}
diff --git a/dev-libs/opencryptoki/opencryptoki-2.4.2.ebuild b/dev-libs/opencryptoki/opencryptoki-2.4.2.ebuild
new file mode 100644
index 000000000000..fb736c031f18
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-2.4.2.ebuild
@@ -0,0 +1,100 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+inherit autotools eutils multilib flag-o-matic user
+
+DESCRIPTION="PKCS#11 provider cryptographic hardware"
+HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${P}.tar.gz"
+
+# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA
+# token sources are under CPL-1.0 already.
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+		 dev-libs/openssl"
+DEPEND="${RDEPEND}"
+
+IUSE="+tpm debug"
+
+# tests right now basically don't exist; the only available thing would
+# test against an installed copy and would kill a running pcscd, all
+# things that we're not interested to.
+RESTRICT=test
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/${P}-destdir.patch"
+	eautoreconf
+}
+
+src_configure() {
+	# package uses ${localstatedir}/lib as the default path, so if we
+	# leave it to econf, it'll create /var/lib/lib.
+
+	# Since upstream by default seem to enable any possible token, even
+	# when they don't seem to be used, we limit ourselves to the
+	# software emulation token (swtok) and if the user enabled the tpm
+	# USE flag, tpmtok.  The rest of the tokens seem to be hardware- or
+	# software-dependent even when they build fine without their
+	# requirements, but until somebody asks for those, I'd rather not
+	# enable them.
+
+	# We don't use --enable-debug because that tinkers with the CFLAGS
+	# and we don't want that. Instead we append -DDEBUG which enables
+	# debug information.
+	use debug && append-flags -DDEBUG
+
+	econf \
+		--localstatedir=/var \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		--disable-debug \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-aeptok \
+		--disable-bcomtok \
+		--disable-ccatok \
+		--disable-crtok \
+		--disable-icctok \
+		--disable-pkcscca_migrate
+}
+
+src_install() {
+	emake install DESTDIR="${D}" || die "emake install failed"
+
+	# Install libopencryptoki in the standard directory for libraries.
+	mv "${D}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${D}"/usr/$(get_libdir) || die
+	rm "${D}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so
+	dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so
+
+	# Remove compatibility symlinks as we _never_ required those and
+	# they seem unused even upstream.
+	find "${D}" -name 'PKCS11_*' -delete
+
+	# doesn't use libltdl; only dlopen()-based interfaces
+	find "${D}" -name '*.la' -delete
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${D}"/etc/ld.so.conf.d "${D}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init
+	use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	dodoc README AUTHORS FAQ TODO doc/openCryptoki-HOWTO.pdf || die
+}
diff --git a/dev-libs/opencryptoki/opencryptoki-2.4.3.ebuild b/dev-libs/opencryptoki/opencryptoki-2.4.3.ebuild
new file mode 100644
index 000000000000..60a26ba9b41e
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-2.4.3.ebuild
@@ -0,0 +1,103 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="2"
+
+inherit autotools multilib flag-o-matic user
+
+DESCRIPTION="PKCS#11 provider cryptographic hardware"
+HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${P}.tar.gz"
+
+# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA
+# token sources are under CPL-1.0 already.
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+		 dev-libs/openssl"
+DEPEND="${RDEPEND}"
+
+IUSE="+tpm debug"
+
+# tests right now basically don't exist; the only available thing would
+# test against an installed copy and would kill a running pcscd, all
+# things that we're not interested to.
+RESTRICT=test
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	eautoreconf
+}
+
+src_configure() {
+	# package uses ${localstatedir}/lib as the default path, so if we
+	# leave it to econf, it'll create /var/lib/lib.
+
+	# Since upstream by default seem to enable any possible token, even
+	# when they don't seem to be used, we limit ourselves to the
+	# software emulation token (swtok) and if the user enabled the tpm
+	# USE flag, tpmtok.  The rest of the tokens seem to be hardware- or
+	# software-dependent even when they build fine without their
+	# requirements, but until somebody asks for those, I'd rather not
+	# enable them.
+
+	# We don't use --enable-debug because that tinkers with the CFLAGS
+	# and we don't want that. Instead we append -DDEBUG which enables
+	# debug information.
+	use debug && append-flags -DDEBUG
+
+	econf \
+		--localstatedir=/var \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		--disable-debug \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-aeptok \
+		--disable-bcomtok \
+		--disable-ccatok \
+		--disable-crtok \
+		--disable-icctok \
+		--disable-pkcscca_migrate
+}
+
+src_install() {
+	emake install DESTDIR="${D}" || die "emake install failed"
+
+	# Install libopencryptoki in the standard directory for libraries.
+	mv "${D}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${D}"/usr/$(get_libdir) || die
+	rm "${D}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so
+	dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so
+
+	# Remove compatibility symlinks as we _never_ required those and
+	# they seem unused even upstream.
+	find "${D}" -name 'PKCS11_*' -delete
+
+	# doesn't use libltdl; only dlopen()-based interfaces
+	find "${D}" -name '*.la' -delete
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${D}"/etc/ld.so.conf.d "${D}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init
+	use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	# We create /var dirs at runtime as needed, so don't bother installing
+	# our own.
+	rm -r "${D}"/var/{lib,lock} || die
+
+	dodoc README AUTHORS FAQ TODO doc/openCryptoki-HOWTO.pdf || die
+}
diff --git a/dev-libs/opencryptoki/opencryptoki-3.3.ebuild b/dev-libs/opencryptoki/opencryptoki-3.3.ebuild
new file mode 100644
index 000000000000..48dbad594930
--- /dev/null
+++ b/dev-libs/opencryptoki/opencryptoki-3.3.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit autotools multilib flag-o-matic user
+
+DESCRIPTION="PKCS#11 provider cryptographic hardware"
+HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
+SRC_URI="mirror://sourceforge/opencryptoki/${PV}/${PN}-v${PV}.tgz"
+
+# Upstream is looking into relicensing it into CPL-1.0 entirely; the CCA
+# token sources are under CPL-1.0 already.
+LICENSE="CPL-0.5"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+
+RDEPEND="tpm? ( app-crypt/trousers )
+		 dev-libs/openssl:*"
+DEPEND="${RDEPEND}"
+
+IUSE="+tpm debug"
+
+S="${WORKDIR}/${PN}"
+
+# tests right now basically don't exist; the only available thing would
+# test against an installed copy and would kill a running pcscd, all
+# things that we're not interested to.
+RESTRICT=test
+
+pkg_setup() {
+	enewgroup pkcs11
+}
+
+src_prepare() {
+	mv configure.in configure.ac || die
+	eautoreconf
+}
+
+src_configure() {
+	# package uses ${localstatedir}/lib as the default path, so if we
+	# leave it to econf, it'll create /var/lib/lib.
+
+	# Since upstream by default seem to enable any possible token, even
+	# when they don't seem to be used, we limit ourselves to the
+	# software emulation token (swtok) and if the user enabled the tpm
+	# USE flag, tpmtok.  The rest of the tokens seem to be hardware- or
+	# software-dependent even when they build fine without their
+	# requirements, but until somebody asks for those, I'd rather not
+	# enable them.
+
+	# We don't use --enable-debug because that tinkers with the CFLAGS
+	# and we don't want that. Instead we append -DDEBUG which enables
+	# debug information.
+	use debug && append-flags -DDEBUG
+
+	econf \
+		--localstatedir=/var \
+		--enable-fast-install \
+		--disable-dependency-tracking \
+		--disable-debug \
+		--enable-daemon \
+		--enable-library \
+		--disable-icatok \
+		--enable-swtok \
+		$(use_enable tpm tpmtok) \
+		--disable-ccatok \
+		--disable-pkcscca_migrate
+}
+
+src_install() {
+	emake install DESTDIR="${ED}"
+
+	# Install libopencryptoki in the standard directory for libraries.
+	mv "${D}"/usr/$(get_libdir)/opencryptoki/libopencryptoki.so* "${D}"/usr/$(get_libdir) || die
+	rm "${D}"/usr/$(get_libdir)/pkcs11/libopencryptoki.so
+	dosym ../libopencryptoki.so /usr/$(get_libdir)/pkcs11/libopencryptoki.so
+
+	# Remove compatibility symlinks as we _never_ required those and
+	# they seem unused even upstream.
+	find "${D}" -name 'PKCS11_*' -delete
+
+	# doesn't use libltdl; only dlopen()-based interfaces
+	find "${D}" -name '*.la' -delete
+
+	# We replace their ld.so and init files (mostly designed for RedHat
+	# as far as I can tell) with our own replacements.
+	rm -rf "${D}"/etc/ld.so.conf.d "${D}"/etc/rc.d
+
+	# make sure that we don't modify the init script if the USE flags
+	# are enabled for the needed services.
+	cp "${FILESDIR}"/pkcsslotd.init.2 "${T}"/pkcsslotd.init
+	use tpm || sed -i -e '/use tcsd/d' "${T}"/pkcsslotd.init
+	newinitd "${T}/pkcsslotd.init" pkcsslotd
+
+	# We create /var dirs at runtime as needed, so don't bother installing
+	# our own.
+	rm -r "${D}"/var/{lib,lock} || die
+
+	dodoc README AUTHORS FAQ TODO doc/openCryptoki-HOWTO.pdf
+}