[gentoo-commits] repo/gentoo:master commit in: net-analyzer/nrpe/, net-analyzer/nrpe/files/ - gentoo-commits

From:	Michael Orlitzky <mjo@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-analyzer/nrpe/, net-analyzer/nrpe/files/
Date:	Mon, 31 Aug 2015 16:11:04
Message-Id:	`1441037329.e05d77e5b5a85672092c5c156b1371da178b520f.mjo@gentoo`

1

commit:     e05d77e5b5a85672092c5c156b1371da178b520f

2

Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>

3

AuthorDate: Mon Aug 31 16:08:49 2015 +0000

4

Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>

5

CommitDate: Mon Aug 31 16:08:49 2015 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e05d77e5

7

8

net-analyzer/nrpe: revbump to add selinux and no-ssl support.

9

10

Add a conditional dep on sec-policy/selinux-nagios, and pull in an

11

(unreleased) upstream patch to fix the build when USE="-ssl". Also add

12

a slot on the openssl dependency to make repoman happy.

13

14

Bug: 462572

15

Bug: 554536

16

17

Package-Manager: portage-2.2.20.1

18

19

 net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch |  39 +++++++

20

 net-analyzer/nrpe/nrpe-2.15-r3.ebuild          | 137 +++++++++++++++++++++++++

21

 2 files changed, 176 insertions(+)

22

23

diff --git a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch

24

new file mode 100644

25

index 0000000..3b3fc13

26

--- /dev/null

27

+++ b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch

28

@@ -0,0 +1,39 @@

29

+Without this patch, you can't build nrpe without SSL support. It was

30

+originally submitted on the Nagios forums by user Matthew L. Daniel:

31

+

32

+  https://support.nagios.com/forum/viewtopic.php?t=27027

33

+

34

+It was merged into the upstream github repo (NagiosEnterprises/nrpe)

35

+in commit 3736fdeeac11a.

36

+

37

+

38

+diff --git a/src/nrpe.c b/src/nrpe.c

39

+index 4bc849b..1e55ab4 100644

40

+--- a/src/nrpe.c

41

++++ b/src/nrpe.c

42

+@@ -102,7 +102,9 @@ int     use_src=FALSE; /* Define parameter for SRC option */

43

+ int		listen_queue_size=DEFAULT_LISTEN_QUEUE_SIZE;

44

+

45

+

46

++#ifdef HAVE_SSL

47

+ void complete_SSL_shutdown( SSL *);

48

++#endif

49

+

50

+

51

+ int main(int argc, char **argv){

52

+@@ -1815,6 +1817,7 @@ int remove_pid_file(void){

53

+ 	return OK;

54

+         }

55

+

56

++#ifdef HAVE_SSL

57

+ void complete_SSL_shutdown( SSL *ssl) {

58

+

59

+ 	/*  

60

+@@ -1835,6 +1838,7 @@ void complete_SSL_shutdown( SSL *ssl) {

61

+ 		if( SSL_shutdown( ssl)) break;

62

+ 	}

63

+ }

64

++#endif/*HAVE_SSL*/

65

+

66

+ /* bail if daemon is running as root */

67

+ int check_privileges(void){

68

69

diff --git a/net-analyzer/nrpe/nrpe-2.15-r3.ebuild b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild

70

new file mode 100644

71

index 0000000..906120d

72

--- /dev/null

73

+++ b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild

74

@@ -0,0 +1,137 @@

75

+# Copyright 1999-2015 Gentoo Foundation

76

+# Distributed under the terms of the GNU General Public License v2

77

+# $Id$

78

+

79

+EAPI=5

80

+inherit eutils systemd toolchain-funcs multilib user autotools

81

+

82

+DESCRIPTION="Nagios Remote Plugin Executor"

83

+HOMEPAGE="http://www.nagios.org/"

84

+SRC_URI="mirror://sourceforge/nagios/${P}.tar.gz"

85

+

86

+LICENSE="GPL-2+"

87

+SLOT="0"

88

+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"

89

+IUSE="command-args minimal selinux ssl tcpd"

90

+

91

+DEPEND="ssl? ( dev-libs/openssl:0 )

92

+	!minimal? ( tcpd? ( sys-apps/tcp-wrappers ) )"

93

+RDEPEND="${DEPEND}

94

+	!minimal? (

95

+		|| ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins )

96

+	)

97

+	selinux? ( sec-policy/selinux-nagios )"

98

+

99

+pkg_setup() {

100

+	enewgroup nagios

101

+	enewuser nagios -1 /bin/bash /dev/null nagios

102

+

103

+	elog "If you plan to use \"nrpe_check_control\" then you may want to specify"

104

+	elog "different command and services files. You can override the defaults"

105

+	elog "through the \"NAGIOS_COMMAND_FILE\" and \"NAGIOS_SERVICES_FILE\" environment variables."

106

+	elog "NAGIOS_COMMAND_FILE=${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}"

107

+	elog "NAGIOS_SERVICES_FILE=${NAGIOS_SERVICES_FILE:-/etc/services.cfg}"

108

+}

109

+

110

+src_prepare() {

111

+	# Add support for large output,

112

+	# http://opsview-blog.opsera.com/dotorg/2008/08/enhancing-nrpe.html

113

+	epatch "${FILESDIR}"/${PN}-2.14-multiline.patch

114

+

115

+	# fix configure, among others #326367, #397603

116

+	epatch "${FILESDIR}"/${PN}-2.15-tcpd-et-al.patch

117

+

118

+	# otherwise autoconf will overwrite the custom include/config.h.in

119

+	epatch "${FILESDIR}"/${PN}-2.15-autoconf-header.patch

120

+

121

+	# improve handling of metachars for security

122

+	epatch "${FILESDIR}"/${PN}-2.15-metachar-security-fix.patch

123

+

124

+	# Fix build with USE="-ssl".

125

+	epatch "${FILESDIR}"/${PN}-2.15-no-ssl.patch

126

+

127

+	sed -i -e '/define \(COMMAND\|SERVICES\)_FILE/d' \

128

+		contrib/nrpe_check_control.c || die

129

+

130

+	# change the default location of the pid file

131

+	sed -i -e '/pid_file/s:/var/run:/run:' sample-config/nrpe.cfg.in || die

132

+

133

+	# fix TFU handling of autoheader

134

+	sed -i -e '/#undef/d' include/config.h.in || die

135

+

136

+	eautoreconf

137

+}

138

+

139

+src_configure() {

140

+	local myconf

141

+	if use minimal; then

142

+		myconf="--disable-tcp-wrapper --disable-command-args"

143

+	else

144

+		myconf="$(use_enable tcpd tcp-wrapper) $(use_enable command-args)"

145

+	fi

146

+

147

+	econf \

148

+		--libexecdir=/usr/$(get_libdir)/nagios/plugins \

149

+		--localstatedir=/var/nagios \

150

+		--sysconfdir=/etc/nagios \

151

+		--with-nrpe-user=nagios \

152

+		--with-nrpe-group=nagios \

153

+		$(use_enable ssl) \

154

+		${myconf}

155

+}

156

+

157

+src_compile() {

158

+	emake -C src check_nrpe $(use minimal || echo nrpe)

159

+

160

+	# Add nifty nrpe check tool

161

+	$(tc-getCC) ${CPPFLAGS} ${CFLAGS} \

162

+		-DCOMMAND_FILE=\"${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}\" \

163

+		-DSERVICES_FILE=\"${NAGIOS_SERVICES_FILE:-/etc/services.cfg}\" \

164

+		${LDFLAGS} -o nrpe_check_control contrib/nrpe_check_control.c || die

165

+}

166

+

167

+src_install() {

168

+	dodoc LEGAL Changelog README SECURITY \

169

+		contrib/README.nrpe_check_control \

170

+		$(use ssl && echo README.SSL)

171

+

172

+	exeinto /usr/$(get_libdir)/nagios/plugins

173

+	doexe src/check_nrpe nrpe_check_control

174

+

175

+	use minimal && return 0

176

+

177

+	## NON-MINIMAL INSTALL FOLLOWS ##

178

+

179

+	insinto /etc/nagios

180

+	newins sample-config/nrpe.cfg nrpe.cfg

181

+	fowners root:nagios /etc/nagios/nrpe.cfg

182

+	fperms 0640 /etc/nagios/nrpe.cfg

183

+

184

+	exeinto /usr/libexec

185

+	doexe src/nrpe

186

+

187

+	newinitd "${FILESDIR}"/nrpe.init nrpe

188

+	systemd_dounit "${FILESDIR}/${PN}.service"

189

+

190

+	insinto /etc/xinetd.d/

191

+	newins "${FILESDIR}/nrpe.xinetd.2" nrpe

192

+

193

+	if use tcpd; then

194

+		sed -i -e '/^reload()/, /^}/ d' -e '/extra_started_commands/s:reload::' \

195

+			"${D}"/etc/init.d/nrpe

196

+	fi

197

+}

198

+

199

+pkg_postinst() {

200

+	elog "If you are using the nrpe daemon, remember to edit"

201

+	elog "the config file /etc/nagios/nrpe.cfg"

202

+

203

+	if use command-args ; then

204

+		ewarn ""

205

+		ewarn "You have enabled command-args for NRPE. This enables"

206

+		ewarn "the ability for clients to supply arguments to commands"

207

+		ewarn "which should be run. "

208

+		ewarn "THIS IS CONSIDERED A SECURITY RISK!"

209

+		ewarn "Please read /usr/share/doc/${PF}/SECURITY.bz2 for more info"

210

+	fi

211

+}

1	commit: e05d77e5b5a85672092c5c156b1371da178b520f
2	Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org>
3	AuthorDate: Mon Aug 31 16:08:49 2015 +0000
4	Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org>
5	CommitDate: Mon Aug 31 16:08:49 2015 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e05d77e5
7
8	net-analyzer/nrpe: revbump to add selinux and no-ssl support.
9
10	Add a conditional dep on sec-policy/selinux-nagios, and pull in an
11	(unreleased) upstream patch to fix the build when USE="-ssl". Also add
12	a slot on the openssl dependency to make repoman happy.
13
14	Bug: 462572
15	Bug: 554536
16
17	Package-Manager: portage-2.2.20.1
18
19	net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch \| 39 +++++++
20	net-analyzer/nrpe/nrpe-2.15-r3.ebuild \| 137 +++++++++++++++++++++++++
21	2 files changed, 176 insertions(+)
22
23	diff --git a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch
24	new file mode 100644
25	index 0000000..3b3fc13
26	--- /dev/null
27	+++ b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch
28	@@ -0,0 +1,39 @@
29	+Without this patch, you can't build nrpe without SSL support. It was
30	+originally submitted on the Nagios forums by user Matthew L. Daniel:
31	+
32	+ https://support.nagios.com/forum/viewtopic.php?t=27027
33	+
34	+It was merged into the upstream github repo (NagiosEnterprises/nrpe)
35	+in commit 3736fdeeac11a.
36	+
37	+
38	+diff --git a/src/nrpe.c b/src/nrpe.c
39	+index 4bc849b..1e55ab4 100644
40	+--- a/src/nrpe.c
41	++++ b/src/nrpe.c
42	+@@ -102,7 +102,9 @@ int use_src=FALSE; /* Define parameter for SRC option */
43	+ int listen_queue_size=DEFAULT_LISTEN_QUEUE_SIZE;
44	+
45	+
46	++#ifdef HAVE_SSL
47	+ void complete_SSL_shutdown( SSL *);
48	++#endif
49	+
50	+
51	+ int main(int argc, char **argv){
52	+@@ -1815,6 +1817,7 @@ int remove_pid_file(void){
53	+ return OK;
54	+ }
55	+
56	++#ifdef HAVE_SSL
57	+ void complete_SSL_shutdown( SSL *ssl) {
58	+
59	+ /*
60	+@@ -1835,6 +1838,7 @@ void complete_SSL_shutdown( SSL *ssl) {
61	+ if( SSL_shutdown( ssl)) break;
62	+ }
63	+ }
64	++#endif/HAVE_SSL/
65	+
66	+ /* bail if daemon is running as root */
67	+ int check_privileges(void){
68
69	diff --git a/net-analyzer/nrpe/nrpe-2.15-r3.ebuild b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild
70	new file mode 100644
71	index 0000000..906120d
72	--- /dev/null
73	+++ b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild
74	@@ -0,0 +1,137 @@
75	+# Copyright 1999-2015 Gentoo Foundation
76	+# Distributed under the terms of the GNU General Public License v2
77	+# $Id$
78	+
79	+EAPI=5
80	+inherit eutils systemd toolchain-funcs multilib user autotools
81	+
82	+DESCRIPTION="Nagios Remote Plugin Executor"
83	+HOMEPAGE="http://www.nagios.org/"
84	+SRC_URI="mirror://sourceforge/nagios/${P}.tar.gz"
85	+
86	+LICENSE="GPL-2+"
87	+SLOT="0"
88	+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
89	+IUSE="command-args minimal selinux ssl tcpd"
90	+
91	+DEPEND="ssl? ( dev-libs/openssl:0 )
92	+ !minimal? ( tcpd? ( sys-apps/tcp-wrappers ) )"
93	+RDEPEND="${DEPEND}
94	+ !minimal? (
95	+ \|\| ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins )
96	+ )
97	+ selinux? ( sec-policy/selinux-nagios )"
98	+
99	+pkg_setup() {
100	+ enewgroup nagios
101	+ enewuser nagios -1 /bin/bash /dev/null nagios
102	+
103	+ elog "If you plan to use \"nrpe_check_control\" then you may want to specify"
104	+ elog "different command and services files. You can override the defaults"
105	+ elog "through the \"NAGIOS_COMMAND_FILE\" and \"NAGIOS_SERVICES_FILE\" environment variables."
106	+ elog "NAGIOS_COMMAND_FILE=${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}"
107	+ elog "NAGIOS_SERVICES_FILE=${NAGIOS_SERVICES_FILE:-/etc/services.cfg}"
108	+}
109	+
110	+src_prepare() {
111	+ # Add support for large output,
112	+ # http://opsview-blog.opsera.com/dotorg/2008/08/enhancing-nrpe.html
113	+ epatch "${FILESDIR}"/${PN}-2.14-multiline.patch
114	+
115	+ # fix configure, among others #326367, #397603
116	+ epatch "${FILESDIR}"/${PN}-2.15-tcpd-et-al.patch
117	+
118	+ # otherwise autoconf will overwrite the custom include/config.h.in
119	+ epatch "${FILESDIR}"/${PN}-2.15-autoconf-header.patch
120	+
121	+ # improve handling of metachars for security
122	+ epatch "${FILESDIR}"/${PN}-2.15-metachar-security-fix.patch
123	+
124	+ # Fix build with USE="-ssl".
125	+ epatch "${FILESDIR}"/${PN}-2.15-no-ssl.patch
126	+
127	+ sed -i -e '/define \(COMMAND\\|SERVICES\)_FILE/d' \
128	+ contrib/nrpe_check_control.c \|\| die
129	+
130	+ # change the default location of the pid file
131	+ sed -i -e '/pid_file/s:/var/run:/run:' sample-config/nrpe.cfg.in \|\| die
132	+
133	+ # fix TFU handling of autoheader
134	+ sed -i -e '/#undef/d' include/config.h.in \|\| die
135	+
136	+ eautoreconf
137	+}
138	+
139	+src_configure() {
140	+ local myconf
141	+ if use minimal; then
142	+ myconf="--disable-tcp-wrapper --disable-command-args"
143	+ else
144	+ myconf="$(use_enable tcpd tcp-wrapper) $(use_enable command-args)"
145	+ fi
146	+
147	+ econf \
148	+ --libexecdir=/usr/$(get_libdir)/nagios/plugins \
149	+ --localstatedir=/var/nagios \
150	+ --sysconfdir=/etc/nagios \
151	+ --with-nrpe-user=nagios \
152	+ --with-nrpe-group=nagios \
153	+ $(use_enable ssl) \
154	+ ${myconf}
155	+}
156	+
157	+src_compile() {
158	+ emake -C src check_nrpe $(use minimal \|\| echo nrpe)
159	+
160	+ # Add nifty nrpe check tool
161	+ $(tc-getCC) ${CPPFLAGS} ${CFLAGS} \
162	+ -DCOMMAND_FILE=\"${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}\" \
163	+ -DSERVICES_FILE=\"${NAGIOS_SERVICES_FILE:-/etc/services.cfg}\" \
164	+ ${LDFLAGS} -o nrpe_check_control contrib/nrpe_check_control.c \|\| die
165	+}
166	+
167	+src_install() {
168	+ dodoc LEGAL Changelog README SECURITY \
169	+ contrib/README.nrpe_check_control \
170	+ $(use ssl && echo README.SSL)
171	+
172	+ exeinto /usr/$(get_libdir)/nagios/plugins
173	+ doexe src/check_nrpe nrpe_check_control
174	+
175	+ use minimal && return 0
176	+
177	+ ## NON-MINIMAL INSTALL FOLLOWS ##
178	+
179	+ insinto /etc/nagios
180	+ newins sample-config/nrpe.cfg nrpe.cfg
181	+ fowners root:nagios /etc/nagios/nrpe.cfg
182	+ fperms 0640 /etc/nagios/nrpe.cfg
183	+
184	+ exeinto /usr/libexec
185	+ doexe src/nrpe
186	+
187	+ newinitd "${FILESDIR}"/nrpe.init nrpe
188	+ systemd_dounit "${FILESDIR}/${PN}.service"
189	+
190	+ insinto /etc/xinetd.d/
191	+ newins "${FILESDIR}/nrpe.xinetd.2" nrpe
192	+
193	+ if use tcpd; then
194	+ sed -i -e '/^reload()/, /^}/ d' -e '/extra_started_commands/s:reload::' \
195	+ "${D}"/etc/init.d/nrpe
196	+ fi
197	+}
198	+
199	+pkg_postinst() {
200	+ elog "If you are using the nrpe daemon, remember to edit"
201	+ elog "the config file /etc/nagios/nrpe.cfg"
202	+
203	+ if use command-args ; then
204	+ ewarn ""
205	+ ewarn "You have enabled command-args for NRPE. This enables"
206	+ ewarn "the ability for clients to supply arguments to commands"
207	+ ewarn "which should be run. "
208	+ ewarn "THIS IS CONSIDERED A SECURITY RISK!"
209	+ ewarn "Please read /usr/share/doc/${PF}/SECURITY.bz2 for more info"
210	+ fi
211	+}

Gentoo Archives: gentoo-commits