reinit the tree, so we can have metadata

author: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
commit: 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree: ba5f07bf3f9d22d82e54a462313f5d244036c768 /app-admin/rsyslog
21 files changed, 3959 insertions, 0 deletions
diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest
new file mode 100644
index 000000000000..b850fbb3e21d
--- /dev/null
+++ b/app-admin/rsyslog/Manifest
@@ -0,0 +1,36 @@
+AUX 8-stable/50-default-r1.conf 1952 SHA256 2ff8a047f14e7fc259c2d09195ced208f27503ca21efba8663df8c2aa05fda1c SHA512 1bc4d8059d83de57ff44d34265b0c3881bab7889f51c044728ba462c9105c89425187f95b6b01d6d6d103abde22a9dff063e5d6b90027ed87e9f851f9b1ad5b3 WHIRLPOOL bb6f12f9874e43702f69d1abb5c656dcbe12c8d81e936eb3d121078ebbdbfa259a45aace60e35a90b0445c9b03682faea4e1a808d3e8c55e01ed62577abeca7c
+AUX 8-stable/50-default.conf 1701 SHA256 61c1dd1450f574a21a8d8375faaf3e42f9856df91011150ff13c0cfddc86ed41 SHA512 33e4e63239b9112fec1a37115ac80ab8dbd6e7189d9d29b1bc743c433e0124ea0d1a4cf6f7ada9e5b92e9b0025b6617a1a16f4c491e743bbf4327a5f376a1ea9 WHIRLPOOL d33b83bb690e78b5e5f7cfc090d21da03615c891a287b1f3a92a51514dcad1f5dfe8d2ceed867b3007768d47f48d207fac43a1ff33a85b24c21a5531cdf9d311
+AUX 8-stable/README.gentoo 1126 SHA256 29b4c68f521f2f1f138f44c4635da1a270fed9cbd4a780569754080987aa777c SHA512 46fdf3350e2005d3ef588d50dfc6d474a1b5d3010329b656879a43cbbd7be0cd91944b88d3838f45f69c830fc28c42e7fac2cd52e0a4b24bb6780562d59ae384 WHIRLPOOL a1a3ec8b887110a01e8c1c1320f25493dd8ff343e4b08780c30c9bc3bb842afa0ef79db08195db876697c1a69807f49a8b3793609d25f78559fa534507fc195e
+AUX 8-stable/rsyslog-8.24.0-fix-tcpflood-without-librelp-r1.patch 4660 SHA256 f50685f76004298a8a77ee6eb88868ff0f8fb8eb7ca5ce0f6809c4db9c42474d SHA512 231030532a126dade0fa2c98d9bd8ef610d3059210cabfc6b0a51adfb610b61eb57b7926a2a51f01f196d196a9134b4c1db7105aeedc4d35eb70abac97301378 WHIRLPOOL 88a9ebe6e3dbeca7b55e16192e6be6d862241a17402c2abf0bcdad4f16fed5fa11f7c140ac0de1655a52d43ad18eaa493b3e2426e1b3c80d1be119dffdc9cd15
+AUX 8-stable/rsyslog-8.26.0-fix-zmq3-format-security.patch 1982 SHA256 abf1b264e7de3a86c2f6cec86d59496bd865fcce5e691b71c7b2c977bdf7358d SHA512 b426c3eaa2adc2de14e129125ccd630e2fa2132c6ca774f3e18ee784f0622573a95339d901a1b9c2877e8b77d00f8be9f9d17f92769136c356aaab58358d2159 WHIRLPOOL e327d0d8f5e3aab078233324359f42fd21aba2cb65927097acdbbf9dbac296a84fcfad71de228a9b2868f229d7f2260742f4180b677ef2a961a47d81db65a2bb
+AUX 8-stable/rsyslog-8.27.0-fix-hostname-detection-when-getaddrinfo-fails.patch 990 SHA256 f6f8381300e54e5bcc3ef8e125da336996bc2bb36920b20f6062cab49c6f14cb SHA512 95d72879973c9d20c4c0c66e3e065590475d0aae96680a627b05735c8a66b69bf9b9a93888fa6a802e094bf37ac90099c7e6732699d439d44d6c39d461201351 WHIRLPOOL 7273abb4bb9a8387fe031658878c75ffe7bc6edae5ef24a72ab20d643c860238db77bdb6a4b6b04950db131cc0fd9ce168a58477e24349b85d315c84491a24da
+AUX 8-stable/rsyslog-8.27.0-fix-librdkafka-detection.patch 1556 SHA256 638f22781452c361ae4021d66bf8faf78767752a62bf16588e310d3fc855753c SHA512 374de4fb9a4e3c3b9e28ff2e5eca48b7744afc9a5ba222508661fdfa30037967b6a2497d0e82266010de27c1a540ebb300c15bf6049a1af9dcf019353c04acdc WHIRLPOOL bad8fc8d88ea42defef922b67cbf0e66706dfd71d01249dbc82e49bfba787056e1e641e58dd2ba22250073aacba8afb8445d5d8610f095a961f47286ea4a7562
+AUX 8-stable/rsyslog-8.27.0-fix-mmnormalize-tests.patch 509 SHA256 e7816064d62366166b96850cdf34d9cde8f4a77495a7f9a6aad331bcf987996a SHA512 70bfe4f95b23e4e88e5b7535a1b86742a02438f2eadc6fd2e82c66ebdc9d59d983c1ded7d4902dd5d7ef9413847398c1318df82bace3b7e5b1ca8bd23ca9e8e4 WHIRLPOOL b6dd892f7525b05aff42982b3e697767c5053b36fd9080fe8fbddb6584145bfab5e96b5260145c65f438a2025cbfce0bfcf2e88a8b6272c24661371b26d37b90
+AUX 8-stable/rsyslog.conf 1562 SHA256 fc70a94213b5eb519febf9aa7d758ee9526433bcc5683bcb7451d16e65a2f5b0 SHA512 1720174fab020e2de590f3d6bbb03784aca1928fe05f7e75e02fb4597cb8b2ee755e6deb8e8f989060511044ae483f791f496f24e0eecaf27eb9e0b5e20a2c7a WHIRLPOOL 97cf3fdee62a9339b412ebe93b71b2d6804df60aad9cb7e71779fcaddb01d489e38bbb353557864ea38aba384e664e6da636812c3c078ed9e22e261ed7b78cba
+AUX 8-stable/rsyslog.confd-r1 1145 SHA256 0be3575df8010523de6b37e98c417192e8ec481292ca9fb47c8d2211795e03a6 SHA512 a7f8621bdd490596b09f9a7583dd0c992006c55335b2e6e687bef4141bb18cd4bb43e23f590a138e9c8d5a3cbac0cc46c3b01c7d3ff9f9dd3c53418b13b0dd4a WHIRLPOOL 05079ab1a55aca9b68c81c8b7da66ff029f72c7168bd15faebf7d7172dddc69f6ffb2864e1fcd8c1f2dbb51416bea89fab3667a34ed7295b3abafc6a93883d3e
+AUX 8-stable/rsyslog.initd-r1 1758 SHA256 93044cc5fc344cd90d17cbb5cebee3c60ebf674e53c8b9efc6e758d53912d343 SHA512 0ddd385e77759370344032f52f945b1e90d4961140db63e2562e4be78dfc2bae16ac9439d40fe078110593999b5c5efd7680b402fc0771b1261ff28b1725e265 WHIRLPOOL 14918404976219e379f80d67fe47a0f6e9d51938061c9f5d205bbcd7cedbda96825f75fd64f2fcc446d96292710a5ea375e117f621c33c9df7352e27286c91ae
+AUX 8-stable/rsyslog.logrotate 682 SHA256 89cc8f13c1f7a3ae446b40da7b31cdf471e2c9e2d3d5b8f48e524f7a82fbff89 SHA512 6c58abd2f02157177a61695f53eccbf201c514821b0c551a4812621e8d3dd2da9b5cd651d93860cb51ebdbdc7056d0ef0dde99c2a57ac3c43aa968a141805912 WHIRLPOOL 9d29c2c9351252887c3dad78962df942bb1cd7387eb44e3c98764319f82d90c42d255a5642c55bb37811fb903e1c5314ca536bc9d32ccfd0535f0579f4e25ff0
+DIST rsyslog-8.19.0.tar.gz 2279714 SHA256 3379b30f2e6ef05a0f1c7327c73923fa5877a80b984506cdf48ed068c94a575e SHA512 77c40c9d76591ed3561ec76242be2c647848533df5599320ea988cbc200614c47930e0b63f190d31a0c1cec2443d57ca374f07e0909f11eba8a4bd4b8eee0e44 WHIRLPOOL 3f7d7134a0c6a475453828440a87d0fa68e7afc583ef12556f3b60f3e07621011b4f48e8c4dfbe46cef2bf2decee3827c42bd4ba481611e7cb76a695dcec5c7b
+DIST rsyslog-8.24.0.tar.gz 2374240 SHA256 37f32ce33e32a88e1bea0511e8e557d90b7378b81520e3236a9af5ba6ea993d7 SHA512 b25b8ae72133376f732f54863c97aea3c8dfbf37c62c6a61840932996913c9d4e63155a24ffc577db48a18514f3e35b6fb109b1864380ba93ddf3fa6d84d728d WHIRLPOOL c5895d50143c21d446d760f5179b47fdae4ec34867711c942cd671b88789588e7244fb8511745efdb701954f7bc390403d30736a1e54af13dca4876f989928df
+DIST rsyslog-8.25.0.tar.gz 2386720 SHA256 c756f16a083e5d4081fb9bfb236303a839cdca0a2c00017bd770b2e2e9677427 SHA512 0e97db84cc8fe9fd6e3ffb5a78b32fd213e22833c6ed605329c579132d127b7d65b3f66c64e6bddeb1967aa9ed90645a7c24b9d5e643f95bdaf48ed9fc82cb5f WHIRLPOOL 2c4925fda01e49f95ed3d2f43898cdf8f6d679ace5c2a1d1d330dfc422936ae7751cfefa480359b26d2cb782a8217865336f5e04e65e81ffce565b3388c2ff01
+DIST rsyslog-8.26.0.tar.gz 2393148 SHA256 637d43c4384f8b96dda873a0b8384045f72cb43139808dadd9e0a94dccf25916 SHA512 96cb3af0e05b3e2941f7d2b3558e36836818037ef424f13a8ae2ac8a1e2aa0c7a4eedf3366c8360c7d8eb4515aecc7f3665690646009c650b66689067069af19 WHIRLPOOL dc267dfdbbcfe5b5354d200a2e337dada22a0aa943e71998e1462bc23d38bb8e3f2b16162108831f12cfa3eec0d462d40a5e6a598f26b2edcef7c71ad56a1c3f
+DIST rsyslog-8.27.0.tar.gz 2435123 SHA256 02aefbba59324a6d8b70036a67686bed5f0c7be4ced62c039af6ee694cb5b1fd SHA512 dad957c21d9f7ed3a97a1ed87658fe9381dad00365bd2f5af2396dde3dc4a9f96db17c4df9eb9bd02562cc538f99bf8e2ca00229680d6b7892179161265db753 WHIRLPOOL 1ece4fa5bd453e1bcd4da9501fa93be7f3ea0eb87f7e60bb788d7c90c740566cc07351eb2d7730ac081b2564bde9a79dff7ac1b5012326cc8b0331539b2b5b01
+DIST rsyslog-8.28.0.tar.gz 2471122 SHA256 4ca5405908d612d45da700e36856430510875518eb8028d296d1ee4d2c44678e SHA512 e27ba0ff22e945393536abc5bc6e234d8849db291a5056429b59b47abe15fb060fc5c26efedcfe347b386d438b3f8a029ae4577a1d803666701431677f628cb1 WHIRLPOOL b3c07391b9730498aff9ca30a407bd18d5faea07ec37d389dc59daef595318aa11e66fa153a452f48a55df4a2c15789569b845a831266d702b4801b39856a208
+DIST rsyslog-8.29.0.tar.gz 2447907 SHA256 220ba30b5afb0f3ddb328613fea7aa3966b01e4d0c52d6de9ab27b0858f19738 SHA512 6e0a69f2ac36fcfd0714b2b7053bd263ca8875d2aba7ad6452223eb8677edfa1cf4978989661614dd65dd1822f0123599d565679c8faa3960f136c8d9472e952 WHIRLPOOL e82a07b18481b49a2b41ba2fc40b3d0715ebdfec7508592b09f154c10ce36cf079714683e1deb94f13ebbe20fbe242cd695d547e6dbb23ec6939ccdb67540173
+DIST rsyslog-docs-8.19.0.tar.gz 4271094 SHA256 f76958d2fbcbb3a2db531ec3878d6d9a8c4a622e457b9c97b7c7dcca0ddd6512 SHA512 120f229a641119649fc897948fb0934039a95d0ef63e68b10ab635620d84988d794fd5dc33617353028e786513a86b3a1cd0c4fef9c755dab5bedd8e0246532e WHIRLPOOL fc0642eef4e686fc653db6a654f96fd9037e083a02e06d64b7b2a2e0292d745ca6e24821df3b9825e0eba2c4808b2755dfaeb90b62a49662ab22a171ffe2e63b
+DIST rsyslog-docs-8.24.0.tar.gz 4344877 SHA256 f5e3c27c5b65abdd600b8ad8d99d1f2fe9f0ffca02d6af3c12db5fc10dd889b2 SHA512 b55cde1485a7baec6d4c4928107c22a078cf412a2994c0dfcbb12c47b49c3b263af8a64011b1329567cf86e04927b9e383581dc868eaea81d554adada6b3786b WHIRLPOOL e8b2d10b0de3c33189f859f08db58e319730e709e5a5008909f2166a061952290b0bf96163cdf6e0b3829896916f712ba5d8a2a98f02d796e9174d8919190f8d
+DIST rsyslog-docs-8.25.0.tar.gz 4359583 SHA256 3fa96f85ca31b09b16dcc4b184f9beeb5fb06ba463b0ced7046ec2a471b7d3ad SHA512 e0068ec00bbda2d1cf7f14105ad83e82bea9291ed5d5fda3ffcff2db32747b65e7b6d65743a3221aeca03be9c6efcee1db7f03c2da115a3aed60848556befa71 WHIRLPOOL 8c2ae0afe5fb1f81b33ecb83df420a7bbc8c147eac5854a57ba1c5341bb42d9dd4a3976a472445d19a45eb09258bc3be1b9065d79fd679095cbf24cbfddb1756
+DIST rsyslog-docs-8.26.0.tar.gz 4381345 SHA256 4d3b46e6c06fecbd4100fad118c22569e6b0d23b0f5cfb1fbcf501bfc9d115bb SHA512 5c05c13b3ae6be431343b7a5b3b2cb8676804d6d58d98826e6b44d685bb30fdaf3ced27d66a29908b40f1839bac45d1834d060ddf05d01477474ab3f45f973c8 WHIRLPOOL a01c661bea94a38af755803d385250d8f394064c2f1450c5a8b2b0e9e6879565219c84ded70c40300d2bbf524a30bf152bc5502f65917d757b0552920f6a7cd8
+DIST rsyslog-docs-8.27.0.tar.gz 4411093 SHA256 f799eba43ff73c14865cbc3f7105d54afec021430827e6d6da7b51f45cfbedb0 SHA512 08d935ecad070d65e7169a56c6a4d35d49e895b4f7cfe4d747939d8a92bdadd0fc3be7cc47d23d233a33b964f2a4d809a34b37419d2e42c3f8c183120412ab2c WHIRLPOOL 1a7eeadc0667580ab14ae5857fc61f7eb5553bad00d7b59ed3e70aa3a2f75550872a110c6149b4bd69778c990ec3c57e625cc08a716792731d456d875e8a9e8b
+DIST rsyslog-docs-8.28.0.tar.gz 4424901 SHA256 f6c41f7c3fca369dd28a72133b03693ad5c37252375ecadc6184ff1a954764db SHA512 c085e09149cfc27ce0cd22edf9ad3f81b111f491fbea79afbc3172882065bd8324e366e3b5d09c885c1a3aa63fe8fbbe154d66488319d4ffc0867f938e1ab07d WHIRLPOOL f6636ba7196c689e42651ac9c847b05f3eafdbe87186fad478c47d55f2856e5b200d2871612ca046c6d9c06ad2d80838ad226510ba59a3f2cfe234626ca8c75f
+DIST rsyslog-docs-8.29.0.tar.gz 4473644 SHA256 ca3f6a11a165221b4e5e189d9b86ea146245d7ad892758ef9c543db73a914663 SHA512 791633b93693c1eacde965e07ced863b96d1bfa488fc5c4770424825ab702cae7babd5286e552da5e17d1d7779f228c61a1527b9726dffea31bbb3b4e80525dc WHIRLPOOL 74f4fccfa14e44a574590110bf3d0591555b6bb0685fd65a575b002e503d61996a593d51dbedbc9ff390d9bef1942d1b3fa55e7eb334a6bf5cabb3c2c9a2e5a1
+EBUILD rsyslog-8.19.0.ebuild 12240 SHA256 485642442ce4c0d13b1cbe56928b26d41977a579653d26bd20b9eae322a3ed64 SHA512 7363c435c65394abda4a4f576e8433d8038a6e420534f3bb0419477ab3b4e3ab179f53bae016b372522884ac12eab467d3ece7db15303b3cc33d954f963fda8b WHIRLPOOL eaea1b9de85218998c0b6f57a32bbeaa43fc66879302955f259aed4c2491d5f61c3c57c9d81f2d7503c4e43967d7b15cab45ac88319f0b1ae6390c6f6820498a
+EBUILD rsyslog-8.24.0-r2.ebuild 12396 SHA256 b49cde5ede26eeb385c416dd1975a4f881592e25b49d6f8d6d164d4038ce43ca SHA512 2acbc370ca468dcfc021b66a31b2617dc5093b518c5c486487e306548445c1bb472dd48458a3171a99f1bc82276bed39ccaff5be31603191d261d11c2cd521c9 WHIRLPOOL 1912d228665088ae3f779cd65f21ec3da77a5b07289889e9db31939add614dacd7a0f7fc5fcf28e3a03751a26fb5639cf5f64bac4c5aa7c54816437d5636ca32
+EBUILD rsyslog-8.25.0-r2.ebuild 12487 SHA256 8a65005fae63a8f3932ca2a573b2ac1e3ec57f08c99c71a7f1113c9162b4305f SHA512 1a73a37139e8af1017f7cc53bbd35238130cfa30a7e3236f304a4d079931d0304fbde4f026254a951253c4060bcb6e774b6643f42ad14ef431b697833450f521 WHIRLPOOL 5deb0ca763aafd824fadd75e880e8ec3d9d3ede11390de6ca3ac223a33f11c18fdf3393120ad377eebc860302745f76be3f9ef6d217e7a5af620168e7cab2e21
+EBUILD rsyslog-8.26.0-r1.ebuild 12480 SHA256 2022a610153a4bdadeb8507a9f2b14601add87ac09598aa8d916ecadca83d695 SHA512 8036baf097b54006d6350a52ab08a222a0896a955c48d5b984f5f284b5603ebcf732a58493cebfa1c8469b7a1f9cbf8bf42d90e44454488c206873243af3630e WHIRLPOOL 6917355060ba7743146abfc4231b64f77386f89a9261addc56cfd15cf9368bd7baa1e3b8597b647039e2ef315ed441a3ab69687b1303be3aceadb7bb8a51a46e
+EBUILD rsyslog-8.27.0-r1.ebuild 12736 SHA256 f3b51b5dc46dfffa8327975ab605e68e96436bcb87eda197a975502fd0eaf4e0 SHA512 497c4df7601980431f093bdbe9e95513374ba171565acc7fe8bb4dda40142ffea1443a4d10d79ae938c423e03879286a1a550abde5be919bb5d6032486425b13 WHIRLPOOL e0cdbd8c6b5dc9bfcb1d31067221596ee541850031cf6caee4b889a7880557585b8dcbf414917026d5cb1dbd8f901dc25d12ac6cb1bebb321d8f575a074e7ed7
+EBUILD rsyslog-8.28.0.ebuild 12505 SHA256 03d12b0598abadc10bbf23d23547e3cb9477f0adadb42c8756963adc8a2aa9a1 SHA512 d43cd51fa3448d9d58c86cc52e88ba76e595b98aaa095491900acc1d2a2a50b30b3320bcbdb26cba13ea1341db5d4667e7ba67efc6d19294fcd12c4e22e33297 WHIRLPOOL e859cbae3d6a81f72d4f1352313372edf8d2764aff72a1d62d250bc8cc9a3539bfaee025cd8944963fe8245f14d0b970c33280ef673bb14df8caa3363cdbbfcd
+EBUILD rsyslog-8.29.0.ebuild 12527 SHA256 b4f9ecf2fefe06fb87712349a4a23fe062c341552a99ce8ce0b03bb4b807aeae SHA512 8f7593cca44eaa50929e03978dd9f066cc73aa9f725ce36585d274da925e0cc9a6a8791ab199c38b496e857335b8359c8cf19cc9ea3fae2ced4267ae69b05ef8 WHIRLPOOL 3673a3205fb529194b6eb2e298583ffd88b7197afcf0f68217b81cf430f05e891e25a5a3a8b01ff470519b570f4997fbff0ea9bdc2350954d5e09a20f45b0a4b
+MISC ChangeLog 15244 SHA256 a26cf4c30cc55942a8a38d4eaebff12bd75bc5f84f5e9ee1fc25f0d58cfa2c9c SHA512 b487696f043a00785747a8c6c5e9bd70155178234dccfdb67f884f7d80bc0edc9653d0e2e731c19922c930eeebeab2857dc86fb2dfdf1c7f45b08728f8a33e7f WHIRLPOOL 371d33b0bb00b8a7f4bd0593847605fe57b9fee280b82123558e1422383a95c11deb275673d7e1647f229b4089b87cea34400d7d57388aab712df6c057ae593b
+MISC ChangeLog-2015 26836 SHA256 00f62ec24e67a62edb77fa4d17812f6d736ac8ef3a20dce29bb2b78e575ece01 SHA512 bb52b5ffdfcbe0d1fc51a05dcacc042ff876b9669a875eafdd8e4c240c28a2902ef5200c4f8d31815ca45440f602fe85933d059b55b4f940e4b624c8340a6243 WHIRLPOOL 3f9e1c0cede4a17dbe03f1873fecbf0549a863800a80938723dd86214854f0e47c8d092c1ae381ee82644869ef72dd8915f1ceac5dc4676986128dca0e583bbc
+MISC metadata.xml 3335 SHA256 e4b519c8c8cf1d559aeb5151eca28d5057174d3bfcef2d74985c0ae20ea5adc7 SHA512 bfa3a8fbb502f6fdc110e8aa6b7394449329c29a63fc71c615317c97deb4e48f6e9f952bf492cc96be15fffb514f281a0d19de697bfddab4d4c7acf3c535c6a1 WHIRLPOOL 5ef1bccf69bbc7c5fd7dc88e8850e54fac881c24abfd07b05ca69e7213914d639a6254ae583a6436dfb4d784fe27b4fbfee6f1b9aeebccc7afb276ffb0cf4f93
diff --git a/app-admin/rsyslog/files/8-stable/50-default-r1.conf b/app-admin/rsyslog/files/8-stable/50-default-r1.conf
new file mode 100644
index 000000000000..920c214ff6ca
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/50-default-r1.conf
@@ -0,0 +1,107 @@
+#######################
+### DEFAULT ACTIONS ###
+#######################
+
+auth,authpriv.* action(
+	name="action_auth"
+	type="omfile"
+	File="/var/log/auth.log"
+	FileCreateMode="0600"
+	FileOwner="root"
+	FileGroup="adm"
+	Sync="off"
+)
+
+cron.* action(
+	name="action_cron"
+	type="omfile"
+	File="/var/log/cron.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+daemon.* action(
+	name="action_daemon"
+	type="omfile"
+	File="/var/log/daemon.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+kern.* action(
+	name="action_kern"
+	type="omfile"
+	File="/var/log/kern.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+lpr.* action(
+	name="action_lpr"
+	type="omfile"
+	File="/var/log/lpr.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+mail.* action(
+	name="action_mail"
+	type="omfile"
+	File="/var/log/mail.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+news.* action(
+	name="action_news"
+	type="omfile"
+	File="/var/log/news.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+user.* action(
+	name="action_user"
+	type="omfile"
+	File="/var/log/user.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+*.=debug;auth,authpriv,news,mail.none action(
+	name="action_debug"
+	type="omfile"
+	File="/var/log/debug.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+*.info;auth,authpriv,cron,daemon,lpr,mail,news.none action(
+	name="action_messages"
+	type="omfile"
+	File="/var/log/messages"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+# Uncomment the following directive to re-enable the
+# deprecated "/var/log/syslog" log file (don't forget to re-enable log
+# rotation in "/etc/logrotate.d/rsyslog" if you do that!)
+#*.*;auth,authpriv.none action(
+#	name="action_syslog"
+#	type="omfile"
+#	File="/var/log/syslog"
+#	FileOwner="root"
+#	FileGroup="adm"
+#)
+
+*.emerg action(
+	name="action_emerge"
+	type="omusrmsg"
+	Users="*"
+	action.execOnlyOnceEveryInterval="10"
+)
+
+# Create an additional socket for the default chroot location
+# (used by net-misc/openssh[hpn], see https://bugs.gentoo.org/490744)
+input(type="imuxsock" Socket="/var/empty/dev/log")
diff --git a/app-admin/rsyslog/files/8-stable/50-default.conf b/app-admin/rsyslog/files/8-stable/50-default.conf
new file mode 100644
index 000000000000..9ae8578215bb
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/50-default.conf
@@ -0,0 +1,95 @@
+#######################
+### DEFAULT ACTIONS ###
+#######################
+
+auth,authpriv.* action(
+	type="omfile"
+	File="/var/log/auth.log"
+	FileCreateMode="0600"
+	FileOwner="root"
+	FileGroup="adm"
+	Sync="off"
+)
+
+cron.* action(
+	type="omfile"
+	File="/var/log/cron.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+daemon.* action(
+	type="omfile"
+	File="/var/log/daemon.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+kern.* action(
+	type="omfile"
+	File="/var/log/kern.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+lpr.* action(
+	type="omfile"
+	File="/var/log/lpr.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+mail.* action(
+	type="omfile"
+	File="/var/log/mail.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+news.* action(
+	type="omfile"
+	File="/var/log/news.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+user.* action(
+	type="omfile"
+	File="/var/log/user.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+*.=debug;auth,authpriv,news,mail.none action(
+	type="omfile"
+	File="/var/log/debug.log"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+*.info;auth,authpriv,cron,daemon,lpr,mail,news.none action(
+	type="omfile"
+	File="/var/log/messages"
+	FileOwner="root"
+	FileGroup="adm"
+)
+
+# Uncomment the following directive to re-enable the
+# deprecated "/var/log/syslog" log file (don't forget to re-enable log
+# rotation in "/etc/logrotate.d/rsyslog" if you do that!)
+#*.*;auth,authpriv.none action(
+#	type="omfile"
+#	File="/var/log/syslog"
+#	FileOwner="root"
+#	FileGroup="adm"
+#)
+
+*.emerg action(
+	type="omusrmsg"
+	Users="*"
+	action.execOnlyOnceEveryInterval="10"
+)
+
+# Create an additional socket for the default chroot location
+# (used by net-misc/openssh[hpn], see https://bugs.gentoo.org/490744)
+input(type="imuxsock" Socket="/var/empty/dev/log")
diff --git a/app-admin/rsyslog/files/8-stable/README.gentoo b/app-admin/rsyslog/files/8-stable/README.gentoo
new file mode 100644
index 000000000000..9f0666c86b0a
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/README.gentoo
@@ -0,0 +1,36 @@
+Introduction
+============
+
+Since rsyslog version 7.6 we are shipping a new default Gentoo
+configuration. See bug #501982 to learn more about what we were trying to
+achieve by rewriting the entire configuration.
+
+
+Important changes
+=================
+
+1. "/var/log/syslog" log file is now deprecated
+
+   Beginning with rsyslog-7.6, the "/var/log/syslog" log file will no
+   longer being written per default. We are considering this file as
+   deprecated/obsolet for the typical user/system.
+   The content from this log file is still availble through other
+   (dedicated) log files, see
+   
+     - /var/log/cron.log
+     - /var/log/daemon.log
+     - /var/log/mail.log
+     - /var/log/messages
+   
+   If you really need the old "/var/log/syslog" log file, all you have to
+   do is uncommenting the corresponding configuration directive in
+   "/etc/rsyslog.d/50-default.conf".
+   
+   If you do so, don't forget to re-enable log rotation in
+   "/etc/logrotate.d/rsyslog", too.
+
+
+2. An additional input socket in "/var/empty/dev/log" (default chroot
+   location) will be created per default
+
+   See bug #490744 for further details.
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog-8.24.0-fix-tcpflood-without-librelp-r1.patch b/app-admin/rsyslog/files/8-stable/rsyslog-8.24.0-fix-tcpflood-without-librelp-r1.patch
new file mode 100644
index 000000000000..a03a6562722a
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog-8.24.0-fix-tcpflood-without-librelp-r1.patch
@@ -0,0 +1,160 @@
+Patch to allow building of tcpflood without librelp
+
+Cherry pick of
+https://github.com/rsyslog/rsyslog/commit/73e3b7ab2f8a3974d31844b492ad02d61ed5727f
+https://github.com/rsyslog/rsyslog/pull/1493
+
+
+Gentoo-Bug: https://bugs.gentoo.org/613264
+Gentoo-Bug: https://bugs.gentoo.org/614424
+
+diff -u b/tests/tcpflood.c b/tests/tcpflood.c
+--- b/tests/tcpflood.c
++++ b/tests/tcpflood.c
+@@ -96,7 +96,9 @@
+ #include <string.h>
+ #include <netinet/in.h>
+ #include <pthread.h>
++#ifdef ENABLE_RELP
+ #include <librelp.h>
++#endif
+ #include <sys/resource.h>
+ #include <sys/time.h>
+ #include <errno.h>
+@@ -149,7 +151,9 @@
+ static int numConnections = 1; /* number of connections to create */
+ static int softLimitConnections  = 0; /* soft connection limit, see -c option description */
+ static int *sockArray;  /* array of sockets to use */
++#ifdef ENABLE_RELP
+ static relpClt_t **relpCltArray;  /* array of sockets to use */
++#endif
+ static int msgNum = 0;	/* initial message number to start with */
+ static int bShowProgress = 1; /* show progress messages */
+ static int bSilent = 0; /* completely silent operation */
+@@ -216,6 +220,7 @@
+ static int sendTLS(int i, char *buf, int lenBuf);
+ static void closeTLSSess(int __attribute__((unused)) i);
+ 
++#ifdef ENABLE_RELP
+ /* RELP subsystem */
+ #pragma GCC diagnostic push
+ #pragma GCC diagnostic ignored "-Wformat-security"
+@@ -235,6 +240,7 @@
+ 	CHKRELP(relpEngineSetEnableCmd(pRelpEngine, (unsigned char*)"syslog",
+ 		eRelpCmdState_Required));
+ }
++#endif /* #ifdef ENABLE_RELP */
+ 
+ /* prepare send subsystem for UDP send */
+ static int
+@@ -273,6 +279,7 @@
+ 		port = targetPort;
+ 	}
+ 	if(transport == TP_RELP_PLAIN) {
++		#ifdef ENABLE_RELP
+ 		relpRetVal relp_r;
+ 		relpClt_t *relpClt;
+ 		char relpPort[16];
+@@ -286,6 +293,7 @@
+ 			return(1);
+ 		}
+ 		*fd = 1; /* mimic "all ok" state */
++		#endif
+ 	} else { /* TCP, with or without TLS */
+ 		if((sock=socket(AF_INET, SOCK_STREAM, 0))==-1) {
+ 			perror("\nsocket()");
+@@ -336,8 +344,10 @@
+ 	sessArray = calloc(numConnections, sizeof(gnutls_session_t));
+ #	endif
+ 	sockArray = calloc(numConnections, sizeof(int));
++	#ifdef ENABLE_RELP
+ 	if(transport == TP_RELP_PLAIN)
+ 		relpCltArray = calloc(numConnections, sizeof(relpClt_t*));
++	#endif
+ 	for(i = 0 ; i < numConnections ; ++i) {
+ 		if(i % 10 == 0) {
+ 			if(bShowProgress)
+@@ -356,8 +366,10 @@
+ 					 * at least something.
+ 					 */
+ 					if(transport == TP_RELP_PLAIN) {
++						#ifdef ENABLE_RELP
+ 						CHKRELP(relpEngineCltDestruct(pRelpEngine,
+ 							relpCltArray+i));
++						#endif
+ 					} else { /* TCP and TLS modes */
+ 						if(transport == TP_TLS)
+ 							closeTLSSess(i);
+@@ -403,14 +415,13 @@
+ 
+ 	if(bShowProgress)
+ 		if(write(1, "      close connections", sizeof("      close connections")-1)){}
+-	//if(transport == TP_RELP_PLAIN)
+-		//sleep(10);	/* we need to let librelp settle a bit */
+ 	for(i = 0 ; i < numConnections ; ++i) {
+ 		if(i % 10 == 0 && bShowProgress) {
+ 			lenMsg = sprintf(msgBuf, "\r%5.5d", i);
+ 			if(write(1, msgBuf, lenMsg)){}
+ 		}
+ 		if(transport == TP_RELP_PLAIN) {
++			#ifdef ENABLE_RELP
+ 			relpRetVal relpr;
+ 			if(sockArray[i] != -1) {
+ 				relpr = relpEngineCltDestruct(pRelpEngine, relpCltArray+i);
+@@ -419,6 +430,7 @@
+ 				}
+ 				sockArray[i] = -1;
+ 			}
++			#endif
+ 		} else { /* TCP and TLS modes */
+ 			if(sockArray[i] != -1) {
+ 				/* we try to not overrun the receiver by trying to flush buffers
+@@ -610,6 +622,7 @@
+ 				offsSendBuf = lenBuf;
+ 			}
+ 		} else if(transport == TP_RELP_PLAIN) {
++			#ifdef ENABLE_RELP
+ 			relpRetVal relp_ret;
+ 			if(sockArray[socknum] == -1) {
+ 				/* connection was dropped, need to re-establish */
+@@ -627,6 +640,7 @@
+ 				printf("\nrelpCltSendSyslog() failed with relp error code %d\n",
+ 					   relp_ret);
+ 			}
++			#endif
+ 		}
+ 		if(lenSend != lenBuf) {
+ 			printf("\r%5.5d\n", i);
+@@ -1106,7 +1120,9 @@
+ 						transport = TP_RELP_PLAIN;
+ #					else
+ 						fprintf(stderr, "compiled without RELP support: "
+-							"\"-Trelp-plain\" not supported!\n");
++							"\"-Trelp-plain\" not supported!\n"
++							"(add --enable-relp to ./configure options "
++							"if desired)\n");
+ 						exit(1);
+ #					endif
+ 				} else {
+@@ -1168,7 +1184,9 @@
+ 	if(transport == TP_TLS) {
+ 		initTLS();
+ 	} else if(transport == TP_RELP_PLAIN) {
++		#ifdef ENABLE_RELP
+ 		initRELP_PLAIN();
++		#endif
+ 	}
+ 
+ 	if(openConnections() != 0) {
+@@ -1183,9 +1201,11 @@
+ 
+ 	closeConnections(); /* this is important so that we do not finish too early! */
+ 
++	#ifdef ENABLE_RELP
+ 	if(transport == TP_RELP_PLAIN) {
+ 		CHKRELP(relpEngineDestruct(&pRelpEngine));
+ 	}
++	#endif
+ 
+ 	if(nConnDrops > 0 && !bSilent)
+ 		printf("-D option initiated %ld connection closures\n", nConnDrops);
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog-8.26.0-fix-zmq3-format-security.patch b/app-admin/rsyslog/files/8-stable/rsyslog-8.26.0-fix-zmq3-format-security.patch
new file mode 100644
index 000000000000..b285798bfe45
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog-8.26.0-fix-zmq3-format-security.patch
@@ -0,0 +1,39 @@
+--- a/contrib/imzmq3/imzmq3.c
++++ b/contrib/imzmq3/imzmq3.c
+@@ -403,7 +403,7 @@ static rsRetVal createSocket(instanceConf_t* info, void** sock) {
+ 
+     /* Do the bind/connect... */
+     if (info->action==ACTION_CONNECT) {
+-        rv = zsocket_connect(*sock, info->description);
++        rv = zsocket_connect(*sock, "%s", info->description);
+         if (rv == -1) {
+             errmsg.LogError(0,
+                             RS_RET_INVALID_PARAMS,
+@@ -413,7 +413,7 @@ static rsRetVal createSocket(instanceConf_t* info, void** sock) {
+         }
+         DBGPRINTF("imzmq3: connect for %s successful\n",info->description);
+     } else {
+-        rv = zsocket_bind(*sock, info->description);
++        rv = zsocket_bind(*sock, "%s", info->description);
+         if (rv == -1) {
+             errmsg.LogError(0,
+                             RS_RET_INVALID_PARAMS,
+--- a/contrib/omzmq3/omzmq3.c
++++ b/contrib/omzmq3/omzmq3.c
+@@ -242,14 +242,14 @@ static rsRetVal initZMQ(instanceData* pData) {
+     if (pData->action == ACTION_BIND) {
+         /* bind asserts, so no need to test return val here
+            which isn't the greatest api -- oh well */
+-        if(-1 == zsocket_bind(pData->socket, (char*)pData->description)) {
++        if(-1 == zsocket_bind(pData->socket, "%s", (char*)pData->description)) {
+             errmsg.LogError(0, RS_RET_NO_ERRCODE, "omzmq3: bind failed for %s: %s",
+                             pData->description, zmq_strerror(errno));
+             ABORT_FINALIZE(RS_RET_NO_ERRCODE);
+         }
+         DBGPRINTF("omzmq3: bind to %s successful\n",pData->description);
+     } else {
+-        if(-1 == zsocket_connect(pData->socket, (char*)pData->description)) {
++        if(-1 == zsocket_connect(pData->socket, "%s", (char*)pData->description)) {
+             errmsg.LogError(0, RS_RET_NO_ERRCODE, "omzmq3: connect failed for %s: %s", 
+                             pData->description, zmq_strerror(errno));
+             ABORT_FINALIZE(RS_RET_NO_ERRCODE);
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-hostname-detection-when-getaddrinfo-fails.patch b/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-hostname-detection-when-getaddrinfo-fails.patch
new file mode 100644
index 000000000000..a9470ccf4b60
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-hostname-detection-when-getaddrinfo-fails.patch
@@ -0,0 +1,27 @@
+From 1a7d3a088969b47798bc1da712ca2772f91a7c02 Mon Sep 17 00:00:00 2001
+From: Jiri Vymazal <jvymazal@redhat.com>
+Date: Wed, 31 May 2017 16:26:56 +0200
+Subject: [PATCH] Ignoring NONAME error from getaddrinfo so we have hostname
+ set even without working network
+
+---
+ runtime/net.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/runtime/net.c b/runtime/net.c
+index 2d8de9429..edffc677a 100644
+--- a/runtime/net.c
++++ b/runtime/net.c
+@@ -1188,7 +1188,11 @@ getLocalHostname(uchar **ppName)
+ 		memset(&flags, 0, sizeof(flags));
+ 		flags.ai_flags = AI_CANONNAME;
+ 		int error = getaddrinfo((char*)hnbuf, NULL, &flags, &res);
+-		if (error != 0) {
++		if (error != 0 &&
++		    error != EAI_NONAME && error != EAI_AGAIN && error != EAI_FAIL) {
++			/* If we get one of errors above, network is probably
++			 * not working yet, so we fall back to local hostname below
++			 */
+ 			dbgprintf("getaddrinfo: %s\n", gai_strerror(error));
+ 			ABORT_FINALIZE(RS_RET_IO_ERROR);
+ 		}
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-librdkafka-detection.patch b/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-librdkafka-detection.patch
new file mode 100644
index 000000000000..366c0afaca84
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-librdkafka-detection.patch
@@ -0,0 +1,43 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1695,12 +1695,14 @@ AM_CONDITIONAL(ENABLE_KAFKA_TESTS, test x$enable_kafka_tests = xyes)
+ 
+ # omkafka works with older library
+ if test "x$enable_omkafka" = "xyes"; then
+-	PKG_CHECK_MODULES([LIBRDKAFKA], [librdkafka],, [
+-		AC_CHECK_LIB([rdkafka], [rd_kafka_produce], [
+-			AC_MSG_WARN([librdkafka is missing but library present, using -lrdkafka])
+-			LIBRDKAFKA_LIBS=-lrdkafka
+-		], [
+-			AC_MSG_ERROR([could not find rdkafka library])
++	PKG_CHECK_MODULES([LIBRDKAFKA], [rdkafka],, [
++		PKG_CHECK_MODULES([LIBRDKAFKA], [librdkafka],, [
++			AC_CHECK_LIB([rdkafka], [rd_kafka_produce], [
++				AC_MSG_WARN([librdkafka is missing but library present, using -lrdkafka])
++				LIBRDKAFKA_LIBS=-lrdkafka
++			], [
++				AC_MSG_ERROR([could not find rdkafka library])
++			])
+ 		])
+ 	])
+ 	AC_CHECK_HEADERS([librdkafka/rdkafka.h])
+@@ -1708,12 +1710,13 @@ fi
+ 
+ # imkafka needs newer library
+ if test "x$enable_imkafka" = "xyes"; then
+-	PKG_CHECK_MODULES(LIBRDKAFKA, rdkafka >= 0.9.1)
+-	AC_CHECK_LIB([rdkafka], [rd_kafka_produce], [
+-		AC_MSG_WARN([librdkafka is missing but library present, using -lrdkafka])
+-		LIBRDKAFKA_LIBS=-lrdkafka
+-	], [
+-		AC_MSG_ERROR([could not find rdkafka library])
++	PKG_CHECK_MODULES([LIBRDKAFKA], [rdkafka >= 0.9.1],, [
++		AC_CHECK_LIB([rdkafka], [rd_kafka_produce], [
++			AC_MSG_WARN([librdkafka is missing but library present, using -lrdkafka])
++			LIBRDKAFKA_LIBS=-lrdkafka
++		], [
++			AC_MSG_ERROR([could not find rdkafka library])
++		])
+ 	])
+ 	AC_CHECK_HEADERS([librdkafka/rdkafka.h])
+ fi
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-mmnormalize-tests.patch b/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-mmnormalize-tests.patch
new file mode 100644
index 000000000000..6ef7e6426287
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog-8.27.0-fix-mmnormalize-tests.patch
@@ -0,0 +1,23 @@
+https://github.com/rsyslog/rsyslog/pull/1791
+---
+ tests/Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -498,7 +498,6 @@ TESTS += msgvar-concurrency-array.sh \
+ 	mmnormalize_processing_test2.sh \
+ 	mmnormalize_processing_test3.sh \
+ 	mmnormalize_processing_test4.sh
+-endif
+ 
+ if ENABLE_IMPTCP
+ TESTS +=  \
+@@ -512,6 +511,7 @@ if LOGNORM_REGEX_SUPPORTED
+ TESTS += \
+ 	mmnormalize_regex.sh
+ endif
++endif
+ 
+ if ENABLE_MMJSONPARSE
+ TESTS += \
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog.conf b/app-admin/rsyslog/files/8-stable/rsyslog.conf
new file mode 100644
index 000000000000..da484598a652
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog.conf
@@ -0,0 +1,61 @@
+# /etc/rsyslog.conf
+# 
+# This configuration is based on RainerScript, the new recommended syntax
+# for RSYSLOG. See http://www.rsyslog.com/doc/rainerscript.html for further
+# details.
+# 
+# But if you don't want to learn something new at moment, don't worry: The
+# legacy syntax is still supported.
+# 
+# You may want to use the new RSYSLOG configuration builder to create your
+# own more advanced configuration: http://www.rsyslog.com/rsyslog-configuration-builder/
+
+# Check config syntax on startup and abort if unclean (default: off)
+#$AbortOnUncleanConfig on
+
+
+###############
+### MODULES ###
+###############
+
+# Read syslog messages from default Unix socket /dev/log (e.g. via logger command)
+module(load="imuxsock")
+
+# Read messages from the kernel log and submits them to the syslog engine
+module(load="imklog")
+
+# Inject "--MARK--" messages every $Interval (seconds)
+#module(load="immark" Interval="600")
+
+# Read syslog messages from UDP
+#module(load="imudp")
+#input(type="imudp" port="514")
+
+# Read syslog messages from TCP
+#module(load="imtcp")
+#input(type="imtcp" port="514")
+
+
+#########################
+### GLOBAL DIRECTIVES ###
+#########################
+
+# Where to place spool and state files
+$WorkDirectory /var/spool/rsyslog
+
+# Reduce repeating messages (default: off)
+#$RepeatedMsgReduction on
+
+# Set defaults for every output file
+$Umask 0022
+
+module(
+	load="builtin:omfile"
+	Template="RSYSLOG_TraditionalFileFormat"
+	FileCreateMode="0644"
+	DirCreateMode="0755"
+)
+
+
+# Include all conf files in /etc/rsyslog.d/
+$IncludeConfig /etc/rsyslog.d/*.conf
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog.confd-r1 b/app-admin/rsyslog/files/8-stable/rsyslog.confd-r1
new file mode 100644
index 000000000000..da48c01cd407
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog.confd-r1
@@ -0,0 +1,30 @@
+# /etc/conf.d/rsyslog
+
+# Configuration file
+#RSYSLOG_CONFIGFILE="/etc/rsyslog.conf"
+
+# PID file
+# If you should ever change this, remember to update
+# "/etc/logrotate.d/rsyslog", too.
+#RSYSLOG_PIDFILE="/run/rsyslogd.pid"
+
+# You can use this configuration option to pass additional options to the
+# start-stop-daemon, see start-stop-daemon(8) for more details.
+# Per default we wait 1000ms after we have started the service to ensure
+# that the daemon is really up and running.
+#RSYSLOG_SSDARGS="--wait 1000"
+
+# The termination timeout (start-stop-daemon parameter "retry") ensures
+# that the service will be terminated within a given time (60 + 5 seconds
+# per default) when you are stopping the service.
+# You need to increase the value when you are working with a large queue.
+# See http://www.rsyslog.com/doc/queues.html for further information.
+#RSYSLOG_TERMTIMEOUT="TERM/60/KILL/5"
+
+
+# Options to rsyslogd
+# See rsyslogd(8) for more details
+# Notes:
+# * Do not specify another PIDFILE but use the variable above to change the location
+# * Do not specify another CONFIGFILE but use the variable above to change the location
+#RSYSLOG_OPTS=""
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog.initd-r1 b/app-admin/rsyslog/files/8-stable/rsyslog.initd-r1
new file mode 100644
index 000000000000..7d7aa4bc9313
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog.initd-r1
@@ -0,0 +1,72 @@
+#!/sbin/openrc-run
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+RSYSLOG_CONFIGFILE=${RSYSLOG_CONFIGFILE:-"/etc/rsyslog.conf"}
+RSYSLOG_PIDFILE=${RSYSLOG_PIDFILE:-"/run/rsyslogd.pid"}
+RSYSLOG_SSDARGS=${RSYSLOG_SSDARGS:-"--wait 1000"}
+RSYSLOG_TERMTIMEOUT=${RSYSLOG_TERMTIMEOUT:-"TERM/60/KILL/5"}
+RSYSLOG_OPTS=${RSYSLOG_OPTS:-""}
+
+command="/usr/sbin/rsyslogd"
+command_args="${RSYSLOG_OPTS} -f \"${RSYSLOG_CONFIGFILE}\" -i \"${RSYSLOG_PIDFILE}\""
+start_stop_daemon_args="${RSYSLOG_SSDARGS}"
+pidfile="${RSYSLOG_PIDFILE}"
+retry="${RSYSLOG_TERMTIMEOUT}"
+
+required_files="${RSYSLOG_CONFIGFILE}"
+
+description="RSYSLOG is the rocket-fast system for log processing (syslog replacement)."
+
+extra_commands="configtest"
+extra_started_commands="rotate"
+
+description_configtest="Run rsyslogd's internal config check."
+
+description_rotate="Sends rsyslogd a signal to re-open its log files."
+
+depend() {
+	need clock hostname localmount
+	provide logger
+}
+
+start_pre() {
+	if [ "${RC_CMD}" != "restart" ]; then
+		configtest || return 1
+	fi
+}
+
+stop_pre() {
+	if [ "${RC_CMD}" = "restart" ]; then
+		configtest || return 1
+	fi
+}
+
+stop_post() {
+	if [ -f "${RSYSLOG_PIDFILE}" ]; then
+		vebegin "Removing stale PID file"
+		rm --force "${RSYSLOG_PIDFILE}"
+		veend $?
+	fi
+}
+
+configtest() {
+	local _command_args="-N 999 -f \"${RSYSLOG_CONFIGFILE}\""
+	local _retval=0
+
+	ebegin "Checking rsyslogd's configuration"
+	eval ${command} ${_command_args} >/dev/null 2>&1
+	_retval=$?
+
+	if [ ${_retval} -ne 0 ]; then
+		eval ${command} ${_command_args}
+	fi
+
+	eend ${_retval} "failed, please correct errors above"
+}
+
+rotate() {
+	ebegin "Re-opening rsyslogd logs"
+	start-stop-daemon --signal SIGHUP --pidfile "${RSYSLOG_PIDFILE}"
+	eend $?
+}
diff --git a/app-admin/rsyslog/files/8-stable/rsyslog.logrotate b/app-admin/rsyslog/files/8-stable/rsyslog.logrotate
new file mode 100644
index 000000000000..1eae30e0d741
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/rsyslog.logrotate
@@ -0,0 +1,37 @@
+# Uncomment the following directive if you have re-enabled
+# "/var/log/syslog" in "/etc/rsyslog.d/50-default.conf"
+#/var/log/syslog
+#{
+#	rotate 7
+#	daily
+#	missingok
+#	notifempty
+#	delaycompress
+#	compress
+#	postrotate
+#		test -r /run/rsyslogd.pid && kill -HUP $(cat /run/rsyslogd.pid) &>/dev/null
+#	endscript
+#}
+
+/var/log/auth.log
+/var/log/cron.log
+/var/log/daemon.log
+/var/log/kern.log
+/var/log/lpr.log
+/var/log/mail.log
+/var/log/news.log
+/var/log/user.log
+/var/log/debug.log
+/var/log/messages
+{
+	rotate 4
+	weekly
+	missingok
+	notifempty
+	compress
+	delaycompress
+	sharedscripts
+	postrotate
+		test -r /run/rsyslogd.pid && kill -HUP $(cat /run/rsyslogd.pid) &>/dev/null
+	endscript
+}
diff --git a/app-admin/rsyslog/metadata.xml b/app-admin/rsyslog/metadata.xml
new file mode 100644
index 000000000000..855ee265e268
--- /dev/null
+++ b/app-admin/rsyslog/metadata.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>whissi@gentoo.org</email>
+		<name>Thomas Deutschmann</name>
+		<description>Primary Maintainer</description>
+	</maintainer>
+	<use>
+		<flag name="dbi">Build the general database output module (requires <pkg>dev-db/libdbi</pkg>)</flag>
+		<flag name="elasticsearch">Build the Elasticsearch output module (requires <pkg>net-misc/curl</pkg>)</flag>
+		<flag name="gcrypt">Add support for encrypted log files using <pkg>dev-libs/libgcrypt</pkg></flag>
+		<flag name="grok">Build the grok modify module (requires <pkg>dev-libs/grok</pkg>)</flag>
+		<flag name="jemalloc">Use <pkg>dev-libs/jemalloc</pkg> for allocations.</flag>
+		<flag name="kafka">Build the Apache Kafka input/output module (requires <pkg>dev-libs/librdkafka</pkg>)</flag>
+		<flag name="kerberos">Build the GSSAPI input and output module (requires <pkg>virtual/krb5</pkg>)</flag>
+		<flag name="libressl">Use <pkg>dev-libs/libressl</pkg> for building the rfc5424hmac modify module (requires rfc5424hmac USE flag)</flag>
+		<flag name="mdblookup">Build the MaxMind DB lookup message modify plugin using <pkg>dev-libs/libmaxminddb</pkg></flag>
+		<flag name="mongodb">Build the MongoDB output module (requires <pkg>dev-libs/libmongo-client</pkg>)</flag>
+		<flag name="mysql">Build the MySQL database output module (requires <pkg>virtual/mysql</pkg>)</flag>
+		<flag name="normalize">Build the normalize modify module (requires <pkg>dev-libs/libee</pkg> and <pkg>dev-libs/liblognorm</pkg>)</flag>
+		<flag name="omhttpfs">Build the httpfs output module (requires <pkg>net-misc/curl</pkg>)</flag>
+		<flag name="omudpspoof">Build the udpspoof output module (requires <pkg>net-libs/libnet</pkg>)</flag>
+		<flag name="postgres">Build the PostgreSQL database output module (requires <pkg>dev-db/postgresql</pkg>)</flag>
+		<flag name="rabbitmq">Build the RabbitMQ output module (requires <pkg>net-libs/rabbitmq-c</pkg>)</flag>
+		<flag name="redis">Build the Redis output module using (requires <pkg>dev-libs/hiredis</pkg>)</flag>
+		<flag name="relp">Build the Reliable Event Logging Protocol (RELP) output module (requires <pkg>dev-libs/librelp</pkg>)</flag>
+		<flag name="rfc3195">Build the rfc3195 input module (requires <pkg>dev-libs/liblogging</pkg>)</flag>
+		<flag name="rfc5424hmac">Build the rfc5424hmac modify module (requires <pkg>dev-libs/openssl</pkg> or <pkg>dev-libs/libressl</pkg>)</flag>
+		<flag name="snmp">Build the snmp modify and output module (requires <pkg>net-analyzer/net-snmp</pkg>)</flag>
+		<flag name="ssl">Add support for encrypted client/server communication (requires <pkg>net-libs/gnutls</pkg>)</flag>
+		<flag name="systemd">Build the journal input and output module (requires <pkg>sys-apps/systemd</pkg>)</flag>
+		<flag name="uuid">Include UUIDs in messages (requires <pkg>sys-apps/util-linux</pkg>)</flag>
+		<flag name="usertools">Installs the user tools (rsgtutil, rscryutil...) corresponding to the set USE flags</flag>
+		<flag name="zeromq">Build the ZeroMQ input and output modules (requires <pkg>net-libs/czmq</pkg>)</flag>
+	</use>
+	<upstream>
+		<bugs-to>https://github.com/rsyslog/rsyslog/issues</bugs-to>
+		<remote-id type="cpe">cpe:/a:rsyslog:rsyslog</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/app-admin/rsyslog/rsyslog-8.19.0.ebuild b/app-admin/rsyslog/rsyslog-8.19.0.ebuild
new file mode 100644
index 000000000000..931d37209cb5
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.19.0.ebuild
@@ -0,0 +1,444 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="amd64 arm ~arm64 hppa x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.2:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.1:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.5:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
diff --git a/app-admin/rsyslog/rsyslog-8.24.0-r2.ebuild b/app-admin/rsyslog/rsyslog-8.24.0-r2.ebuild
new file mode 100644
index 000000000000..988544873b7a
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.24.0-r2.ebuild
@@ -0,0 +1,448 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="amd64 arm ~arm64 hppa x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+
+	PATCHES=( "${FILESDIR}"/8-stable/${PN}-8.24.0-fix-tcpflood-without-librelp-r1.patch )
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.3:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.1:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.12:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-archive-2015.02.24
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmrm1stspace
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
diff --git a/app-admin/rsyslog/rsyslog-8.25.0-r2.ebuild b/app-admin/rsyslog/rsyslog-8.25.0-r2.ebuild
new file mode 100644
index 000000000000..d6c48ae2a638
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.25.0-r2.ebuild
@@ -0,0 +1,450 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+
+	PATCHES=( "${FILESDIR}"/8-stable/${PN}-8.24.0-fix-tcpflood-without-librelp-r1.patch )
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mdblookup mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.3:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mdblookup? ( dev-libs/libmaxminddb:= )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.1:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.12:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-archive-2015.02.24
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmrm1stspace
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable mdblookup mmdblookup)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
diff --git a/app-admin/rsyslog/rsyslog-8.26.0-r1.ebuild b/app-admin/rsyslog/rsyslog-8.26.0-r1.ebuild
new file mode 100644
index 000000000000..fe40592d194f
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.26.0-r1.ebuild
@@ -0,0 +1,452 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="amd64 ~arm ~arm64 hppa x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+
+	PATCHES=(
+		"${FILESDIR}"/8-stable/${PN}-8.26.0-fix-zmq3-format-security.patch
+	)
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mdblookup mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.3:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mdblookup? ( dev-libs/libmaxminddb:= )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.3:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.12:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-archive-2015.02.24
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmrm1stspace
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable mdblookup mmdblookup)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
diff --git a/app-admin/rsyslog/rsyslog-8.27.0-r1.ebuild b/app-admin/rsyslog/rsyslog-8.27.0-r1.ebuild
new file mode 100644
index 000000000000..129f495b9e7c
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.27.0-r1.ebuild
@@ -0,0 +1,456 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="amd64 ~arm ~arm64 ~hppa x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+
+	PATCHES=(
+		"${FILESDIR}"/8-stable/${PN}-8.26.0-fix-zmq3-format-security.patch
+		"${FILESDIR}"/8-stable/${PN}-8.27.0-fix-librdkafka-detection.patch
+		"${FILESDIR}"/8-stable/${PN}-8.27.0-fix-hostname-detection-when-getaddrinfo-fails.patch
+		"${FILESDIR}"/8-stable/${PN}-8.27.0-fix-mmnormalize-tests.patch
+	)
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mdblookup mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.3:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mdblookup? ( dev-libs/libmaxminddb:= )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.3:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.12:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-archive-2015.02.24
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmrm1stspace
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka imkafka)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable mdblookup mmdblookup)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
diff --git a/app-admin/rsyslog/rsyslog-8.28.0.ebuild b/app-admin/rsyslog/rsyslog-8.28.0.ebuild
new file mode 100644
index 000000000000..dc74da9df9b0
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.28.0.ebuild
@@ -0,0 +1,451 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="amd64 ~arm ~arm64 ~hppa x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+
+	PATCHES=( "${FILESDIR}"/8-stable/${PN}-8.27.0-fix-mmnormalize-tests.patch )
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mdblookup mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.3:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mdblookup? ( dev-libs/libmaxminddb:= )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.3:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.14:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-archive-2015.02.24
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmrm1stspace
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka imkafka)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable mdblookup mmdblookup)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
diff --git a/app-admin/rsyslog/rsyslog-8.29.0.ebuild b/app-admin/rsyslog/rsyslog-8.29.0.ebuild
new file mode 100644
index 000000000000..d8b4b91b0336
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.29.0.ebuild
@@ -0,0 +1,451 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools eutils linux-info systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+	DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+	inherit git-r3
+else
+	MY_PV=${PV%_rc*}
+	MY_FILENAME="${PN}-${PV}.tar.gz"
+	MY_FILENAME_DOCS="${PN}-docs-${PV}.tar.gz"
+	S="${WORKDIR}/${PN}-${MY_PV}"
+
+	# Upstream URL schema:
+	# RC:      http://www.rsyslog.com/files/download/rsyslog/rc/rsyslog-8.18.0.tar.gz
+	#          http://www.rsyslog.com/files/download/rsyslog/rc2/rsyslog-8.18.0.tar.gz
+	# Release: http://www.rsyslog.com/files/download/rsyslog/rsyslog-8.18.0.tar.gz
+
+	MY_URL_PREFIX=
+	if [[ ${PV} = *_rc* ]]; then
+		_tmp_last_index=$(($(get_last_version_component_index ${PV})+1))
+		_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${PV})
+		if [[ ${_tmp_suffix} = *rc* ]]; then
+			MY_URL_PREFIX="${_tmp_suffix}/"
+		fi
+
+		# Cleaning up temporary variables
+		unset _tmp_last_index
+		unset _tmp_suffix
+	else
+		KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"
+	fi
+
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-${MY_PV}.tar.gz -> ${MY_FILENAME}
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${MY_URL_PREFIX}${PN}-doc-${MY_PV}.tar.gz -> ${MY_FILENAME_DOCS} )
+	"
+
+	PATCHES=( "${FILESDIR}"/8-stable/${PN}-8.27.0-fix-mmnormalize-tests.patch )
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt grok jemalloc kafka kerberos libressl mdblookup mongodb mysql normalize omhttpfs"
+IUSE+=" omudpspoof postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid zeromq"
+
+RDEPEND="
+	>=dev-libs/libfastjson-0.99.3:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	grok? ( >=dev-libs/grok-0.9.2 )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+	kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+	kerberos? ( virtual/krb5 )
+	mdblookup? ( dev-libs/libmaxminddb:= )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-2.0.3:=
+	)
+	omhttpfs? ( >=net-misc/curl-7.35.0 )
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+	redis? ( >=dev-libs/hiredis-0.11.0:= )
+	relp? ( >=dev-libs/librelp-1.2.14:= )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	uuid? ( sys-apps/util-linux:0= )
+	zeromq? (
+		>=net-libs/zeromq-4.1.1:=
+		>=net-libs/czmq-3.0.0
+	)"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-archive-2015.02.24
+	virtual/pkgconfig
+	test? ( sys-libs/libfaketime )"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [[ -n "${EGIT_BRANCH}" ]]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [[ -n "${_EGIT_BRANCH}" ]]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			cd "${S}" || die "Cannot change dir into '${S}'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${MY_FILENAME_DOCS}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmcount
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmrm1stspace
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kafka imkafka)
+		$(use_enable kafka omkafka)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable mdblookup mmdblookup)
+		$(use_enable grok mmgrok)
+		$(use_enable omhttpfs)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable uuid)
+		$(use_enable zeromq imczmq)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omczmq)
+		$(use_enable zeromq omzmq3)
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# Sometimes tests aren't executable (i.e. when added via patch)
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [[ -z "${_has_increased_ulimit}" ]]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv ${FEATURES}; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	local DOCS=(
+		AUTHORS
+		ChangeLog
+		"${FILESDIR}"/${BRANCH}/README.gentoo
+	)
+
+	use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	newins "${FILESDIR}/${BRANCH}/50-default-r1.conf" 50-default.conf
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	prune_libtool_files --modules
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	local CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [[ ! -d "${CERTDIR}" ]]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}
author	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
commit	4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree	ba5f07bf3f9d22d82e54a462313f5d244036c768 /app-admin/rsyslog