diff options
| author |   Matthew Thode <prometheanfire@gentoo.org> | 2012-09-10 15:25:26 +0000 |
|---|---|---|
| committer | Matthew Thode <prometheanfire@gentoo.org> | 2012-09-10 15:25:26 +0000 |
| commit | 64f7606cc1052921ad03dd343d696e3154ba5b58 (patch) | |
| tree | cf766a96229cdc5a91557f0c7f8146476c7ae39d /net-analyzer/icinga | |
| parent | Bump to 6.4.5, thanks to slepnoga (diff) | |
| download | gentoo-2-64f7606cc1052921ad03dd343d696e3154ba5b58.tar.gz gentoo-2-64f7606cc1052921ad03dd343d696e3154ba5b58.tar.bz2 gentoo-2-64f7606cc1052921ad03dd343d696e3154ba5b58.zip | |
update for bugs 433401 and 434586 (CVE-2012-3441)
(Portage version: 2.1.11.9/cvs/Linux x86_64)
Diffstat (limited to 'net-analyzer/icinga')
| -rw-r--r-- | net-analyzer/icinga/ChangeLog | 9 | ||||
| -rwxr-xr-x | net-analyzer/icinga/files/icinga-init.d-2 | 7 | ||||
| -rw-r--r-- | net-analyzer/icinga/files/ido2db-init.d-2 | 8 | ||||
| -rw-r--r-- | net-analyzer/icinga/icinga-1.7.2.ebuild | 248 |
4 files changed, 265 insertions, 7 deletions
diff --git a/net-analyzer/icinga/ChangeLog b/net-analyzer/icinga/ChangeLog index 606f87fa2d7a..4581cd3fabe8 100644 --- a/net-analyzer/icinga/ChangeLog +++ b/net-analyzer/icinga/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-analyzer/icinga # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/ChangeLog,v 1.22 2012/08/19 08:25:22 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/ChangeLog,v 1.23 2012/09/10 15:25:26 prometheanfire Exp $ + +*icinga-1.7.2 (10 Sep 2012) + + 10 Sep 2012; Matthew Thode <prometheanfire@gentoo.org> + icinga-1.6.1-r2.ebuild, +icinga-1.7.2.ebuild, files/icinga-init.d-2, + files/ido2db-init.d-2: + update to 1.7.2 for bugs 433401 and 434586 19 Aug 2012; Matthew Thode <prometheanfire@gentoo.org> files/ido2db-init.d-2: forgot to change the need mysql/postgresql to use diff --git a/net-analyzer/icinga/files/icinga-init.d-2 b/net-analyzer/icinga/files/icinga-init.d-2 index 85f64ad554dd..eb3a72bbc128 100755 --- a/net-analyzer/icinga/files/icinga-init.d-2 +++ b/net-analyzer/icinga/files/icinga-init.d-2 @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/files/icinga-init.d-2,v 1.7 2012/08/19 04:43:25 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/files/icinga-init.d-2,v 1.8 2012/09/10 15:25:26 prometheanfire Exp $ : ${ICINGACFG:=/etc/icinga/icinga.cfg} @@ -12,8 +12,9 @@ command=/usr/sbin/icinga command_args="-d ${ICINGACFG}" get_config() { - sed -n -e 's:^[ \t]*'$1'=\([^#]\+\).*:\1:p' \ - "${ICINGACFG}" + if [ -e "${ICINGACFG}" ]; then + sed -n -e 's:^[ \t]*'$1'=\([^#]\+\).*:\1:p' "${ICINGACFG}" + fi } pidfile=$(get_config lock_file) diff --git a/net-analyzer/icinga/files/ido2db-init.d-2 b/net-analyzer/icinga/files/ido2db-init.d-2 index 15fe94da1393..29c2bae5cd79 100644 --- a/net-analyzer/icinga/files/ido2db-init.d-2 +++ b/net-analyzer/icinga/files/ido2db-init.d-2 @@ -1,11 +1,12 @@ #!/sbin/runscript # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/files/ido2db-init.d-2,v 1.2 2012/08/19 08:25:22 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/files/ido2db-init.d-2,v 1.3 2012/09/10 15:25:26 prometheanfire Exp $ get_config() { - sed -n -e 's:^[ \t]*'$1'=\([^#]\+\).*:\1:p' \ - "${IDO2DBCFG}" + if [ -e "${IDO2DBCFG}" ]; then + sed -n -e 's:^[ \t]*'$1'=\([^#]\+\).*:\1:p' "${IDO2DBCFG}" + fi } command=/usr/sbin/ido2db @@ -28,6 +29,7 @@ depend() { IDO2DBSOCKET="$(get_config socket_name)" + start_pre() { if [ -S "${IDO2DBSOCKET}" ] ; then ewarn "Strange, the socket file already exist in \"${IDO2DBSOCKET}\"" diff --git a/net-analyzer/icinga/icinga-1.7.2.ebuild b/net-analyzer/icinga/icinga-1.7.2.ebuild new file mode 100644 index 000000000000..ab5ecde2eb92 --- /dev/null +++ b/net-analyzer/icinga/icinga-1.7.2.ebuild @@ -0,0 +1,248 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/icinga/icinga-1.7.2.ebuild,v 1.1 2012/09/10 15:25:26 prometheanfire Exp $ + +EAPI=2 + +inherit depend.apache eutils multilib toolchain-funcs user versionator + +DESCRIPTION="Nagios Fork - Check daemon, CGIs, docs, IDOutils" +HOMEPAGE="http://www.icinga.org/" +#MY_PV=$(delete_version_separator 3) +#SRC_URI="mirror://sourceforge/${PN}/${PN}-${MY_PV}.tar.gz" +#S=${WORKDIR}/${PN}-${MY_PV} +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+apache2 eventhandler +idoutils lighttpd +mysql perl +plugins postgres ssl +vim-syntax +web" +DEPEND="idoutils? ( dev-db/libdbi-drivers[mysql?,postgres?] ) + perl? ( dev-lang/perl ) + virtual/mailx + web? ( + media-libs/gd[jpeg,png] + lighttpd? ( www-servers/lighttpd ) + ) + !net-analyzer/nagios-core" +RDEPEND="${DEPEND} + plugins? ( net-analyzer/nagios-plugins )" +RESTRICT="test" + +want_apache2 + +pkg_setup() { + depend.apache_pkg_setup + enewgroup icinga + enewgroup nagios + enewuser icinga -1 -1 /var/lib/icinga "icinga,nagios" +} + +src_prepare() { + epatch "${FILESDIR}/fix-prestripped-binaries-1.7.0.patch" +} + +src_configure() { + local myconf + + myconf="$(use_enable perl embedded-perl) + $(use_with perl perlcache) + $(use_enable idoutils) + $(use_enable ssl) + --disable-statuswrl + --with-cgiurl=/icinga/cgi-bin + --with-log-dir=/var/log/icinga + --libdir=/usr/$(get_libdir) + --bindir=/usr/sbin + --sbindir=/usr/$(get_libdir)/icinga/cgi-bin + --datarootdir=/usr/share/icinga/htdocs + --localstatedir=/var/lib/icinga + --sysconfdir=/etc/icinga + --with-lockfile=/var/run/icinga/icinga.lock + --with-temp-dir=/tmp/icinga + --with-temp-file=/tmp/icinga/icinga.tmp" + + if use idoutils ; then + myconf+=" --with-ido2db-lockfile=/var/run/icinga/ido2db.lock + --with-icinga-chkfile=/var/lib/icinga/icinga.chk + --with-ido-sockfile=/var/lib/icinga/ido.sock + --with-idomod-tmpfile=/tmp/icinga/idomod.tmp" + fi + + if use eventhandler ; then + myconfig+=" --with-eventhandler-dir=/etc/icinga/eventhandlers" + fi + + if use plugins ; then + myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins" + else + myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins" + fi + + if use !apache2 && use !lighttpd ; then + myconf+=" --with-command-group=icinga" + else + if use apache2 ; then + myconf+=" --with-httpd-conf=/etc/apache2/conf.d" + myconf+=" --with-command-group=apache" + elif use lighttpd ; then + myconf+=" --with-command-group=lighttpd" + fi + fi + + econf ${myconf} +} + +src_compile() { + tc-export CC + + emake icinga || die "make failed" + + if use web ; then + emake DESTDIR="${D}" cgis || die + fi + + if use idoutils ; then + emake DESTDIR="${D}" idoutils || die + fi +} + +src_install() { + dodoc Changelog README UPGRADING || die + + if ! use web ; then + sed -i -e '/cd $(SRC_\(CGI\|HTM\))/d' Makefile || die + fi + + emake DESTDIR="${D}" install{,-config,-commandmode} || die + + if use idoutils ; then + emake DESTDIR="${D}" install-idoutils || die + fi + + if use eventhandler ; then + emake DESTDIR="${D}" install-eventhandlers || die + fi + + newinitd "${FILESDIR}"/icinga-init.d-2 icinga || die + newconfd "${FILESDIR}"/icinga-conf.d icinga || die + if use idoutils ; then + newinitd "${FILESDIR}"/ido2db-init.d-2 ido2db || die + newconfd "${FILESDIR}"/ido2db-conf.d ido2db || die + insinto /usr/share/icinga/contrib/db + doins -r module/idoutils/db/* || die + fi + # Apache Module + if use web ; then + if use apache2 ; then + insinto "${APACHE_MODULES_CONFDIR}" + newins "${FILESDIR}"/icinga-apache.conf 99_icinga.conf || die + elif use lighttpd ; then + insinto /etc/lighttpd + newins "${FILESDIR}"/icinga-lighty.conf lighttpd_icinga.conf || die + else + ewarn "${CATEGORY}/${PF} only supports Apache-2.x or Lighttpd webserver" + ewarn "out-of-the-box. Since you are not using one of them, you" + ewarn "have to configure your webserver accordingly yourself." + fi + fowners -R root:root /usr/$(get_libdir)/icinga || die + cd "${D}" || die + find usr/$(get_libdir)/icinga -type d -exec fperms 755 {} + + find usr/$(get_libdir)/icinga/cgi-bin -type f -exec fperms 755 {} + + fi + + if use eventhandler ; then + dodir /etc/icinga/eventhandlers || die + fowners icinga:icinga /etc/icinga/eventhandlers || die + fi + + dodir /var/run/icinga || die + fowners icinga:icinga /var/run/icinga || die + + keepdir /etc/icinga + keepdir /var/lib/icinga + keepdir /var/lib/icinga/archives + keepdir /var/lib/icinga/rw + keepdir /var/lib/icinga/spool/checkresults + + if use apache2 ; then + webserver=apache + elif use lighttpd ; then + webserver=lighttpd + else + webserver=icinga + fi + + fowners icinga:icinga /var/lib/icinga || die "Failed chown of /var/lib/icinga" + fowners -R icinga:${webserver} /var/lib/icinga/rw || die "Failed chown of /var/lib/icinga/rw" + + fperms 6755 /var/lib/icinga/rw || die "Failed Chmod of ${D}/var/lib/icinga/rw" + fperms 0750 /etc/icinga || die "Failed chmod of ${D}/etc/icinga" +} + +pkg_postinst() { + if use web ; then + elog "This does not include cgis that are perl-dependent" + elog "Currently traceroute.cgi is perl-dependent" + elog "Note that the user your webserver is running as needs" + elog "read-access to /etc/icinga." + elog + if use apache2 || use lighttpd ; then + elog "There are several possible solutions to accomplish this," + elog "choose the one you are most comfortable with:" + elog + if use apache2 ; then + elog " usermod -G icinga apache" + elog "or" + elog " chown icinga:apache /etc/icinga" + elog + elog "Also edit /etc/conf.d/apache2 and add a line like" + elog "APACHE2_OPTS=\"\$APACHE2_OPTS -D ICINGA\"" + elog + elog "Icinga web service needs user authentication. If you" + elog "use the base configuration, you need a password file" + elog "with a password for user \"icingaadmin\"" + elog "You can create this file by executing:" + elog "htpasswd -c /etc/icinga/htpasswd.users icingaadmin" + elif use lighttpd ; then + elog " usermod -G icinga lighttpd " + elog "or" + elog " chown icinga:lighttpd /etc/icinga" + elog "Also edit /etc/lighttpd/lighttpd.conf and add 'include \"lighttpd_icinga.conf\"'" + fi + elog + elog "That will make icinga's web front end visable via" + elog "http://localhost/icinga/" + elog + else + elog "IMPORTANT: Do not forget to add the user your webserver" + elog "is running as to the icinga group!" + fi + else + ewarn "Please note that you have installed Icinga without web interface." + ewarn "Please don't file any bugs about having no web interface when you do this." + ewarn "Thank you!" + fi + elog + elog "If you want icinga to start at boot time" + elog "remember to execute:" + elog " rc-update add icinga default" + elog + elog "If your kernel has /proc protection, icinga" + elog "will not be happy as it relies on accessing the proc" + elog "filesystem. You can fix this by adding icinga into" + elog "the group wheel, but this is not recomended." + elog + if [ -d "${ROOT}"/var/icinga ] ; then + ewarn + ewarn "/var/icinga was moved to /var/lib/icinga" + ewarn "please move the files if this was an upgrade" + if use idoutils ; then + ewarn "and edit /etc/ido2db.cfg to change the location of the files" + ewarn "it accesses" + fi + ewarn + ewarn "The \"mv /var/icinga /var/lib/\" command works well to move the files" + ewarn "remove /var/icinga afterwards to make this warning disappear" + fi +} |