Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Matt Thode <prometheanfire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/icinga/
Date: Sun, 03 Dec 2017 03:29:28
Message-Id: 1512271746.3d8ca20a1484cffc1de9da7bbb0131122f32b95c.prometheanfire@gentoo
1 commit: 3d8ca20a1484cffc1de9da7bbb0131122f32b95c
2 Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
3 AuthorDate: Sun Dec 3 03:28:07 2017 +0000
4 Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
5 CommitDate: Sun Dec 3 03:29:06 2017 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3d8ca20a
7
8 net-analyzer/icinga: fixing bug 638186 CVE-2017-16882
9
10 Package-Manager: Portage-2.3.14, Repoman-2.3.6
11
12 net-analyzer/icinga/Manifest | 2 +-
13 net-analyzer/icinga/icinga-1.14.0-r1.ebuild | 274 ++++++++++++++++++++++++++++
14 2 files changed, 275 insertions(+), 1 deletion(-)
15
16 diff --git a/net-analyzer/icinga/Manifest b/net-analyzer/icinga/Manifest
17 index 825510b0967..fa302613897 100644
18 --- a/net-analyzer/icinga/Manifest
19 +++ b/net-analyzer/icinga/Manifest
20 @@ -1,3 +1,3 @@
21 DIST CVE-2015-8010_1.13.3.patch 177807 BLAKE2B c3832442d2953f28793236cd29c537041fc68e976e593da4793cd55c240de784c5bb3996ff38464097b3af27bb276d21c7538c90d2470d5067a831b1800f2874 SHA512 bc82e588db33fbb955002cf51ae7b0e40109d4ec3fa6199b046ffbf23b649d74fbdd04c8fb4a5af4cd44301e26f30aa295a9574281c14bc45eec2b9149a6339a
22 -DIST icinga-1.13.4.tar.gz 18741576 SHA256 5690f6b3f3340d341a265fe61598ff3f64cb7d135a0059e791b51c77bcd4833b SHA512 245f94facfcbb125ed6be26a2544292b7ce6d59a6d38374b7ef1b24b2ca3deaaff56720542c3747d36ab4998b88b367ca40bbd061491e0770e21505bd7c0a1d6 WHIRLPOOL 92c444ae98139c570b420cef83182401ee7756328a4edd89b52187c1844526aea0e374839395df082fff4504e2ace14366488a2d1d0864998890add32cd08c40
23 +DIST icinga-1.13.4.tar.gz 18741576 BLAKE2B fccc88c8749d405e29961e5a1510bec7f920fc43910be757668392098f4ff19ed9f659de911f97e150eea8bd8cfd7a60b440704bdcd9aba450ba1ea29222d1cf SHA512 245f94facfcbb125ed6be26a2544292b7ce6d59a6d38374b7ef1b24b2ca3deaaff56720542c3747d36ab4998b88b367ca40bbd061491e0770e21505bd7c0a1d6
24 DIST icinga-1.14.0.tar.gz 20779347 BLAKE2B 65899e99fdc57563aa1dee6f19572c032c5ab6e2aa7093482bd6d6068b4d066d3630ce9bf1396efcb65592d4f25292149178dac81a2a0b775745f70b7409bcc0 SHA512 f02c60c2bd1d3dff4a5a42f9d3c3362ada421f2cd83362b3cdd05f59b0aafe4f61255b621afed1fbf959415545a94ce6b3124bf2ffac22f0f2bdb8a67e75ad7a
25
26 diff --git a/net-analyzer/icinga/icinga-1.14.0-r1.ebuild b/net-analyzer/icinga/icinga-1.14.0-r1.ebuild
27 new file mode 100644
28 index 00000000000..bf0de98f741
29 --- /dev/null
30 +++ b/net-analyzer/icinga/icinga-1.14.0-r1.ebuild
31 @@ -0,0 +1,274 @@
32 +# Copyright 1999-2017 Gentoo Foundation
33 +# Distributed under the terms of the GNU General Public License v2
34 +
35 +EAPI=6
36 +
37 +inherit depend.apache eutils multilib pax-utils toolchain-funcs user versionator
38 +
39 +DESCRIPTION="Nagios Fork - Check daemon, CGIs, docs, IDOutils"
40 +HOMEPAGE="http://www.icinga.org/"
41 +#MY_PV=$(delete_version_separator 3)
42 +#SRC_URI="mirror://sourceforge/${PN}/${PN}-${MY_PV}.tar.gz"
43 +#S=${WORKDIR}/${PN}-${MY_PV}
44 +#SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
45 +SRC_URI="https://github.com/${PN}/${PN}-core/archive/v${PV}/${P}.tar.gz"
46 +S="${WORKDIR}/${PN}-core-${PV}"
47 +
48 +LICENSE="GPL-2"
49 +SLOT="0"
50 +KEYWORDS="~amd64 ~arm ~hppa ~ppc ~ppc64 ~x86"
51 +IUSE="+apache2 contrib eventhandler +idoutils lighttpd +mysql perl +plugins postgres ssl +vim-syntax +web"
52 +DEPEND="idoutils? ( dev-db/libdbi-drivers[mysql?,postgres?] )
53 + perl? ( dev-lang/perl:= )
54 + virtual/mailx
55 + web? (
56 + media-libs/gd[jpeg,png]
57 + lighttpd? ( www-servers/lighttpd )
58 + )
59 + !net-analyzer/nagios-core"
60 +RDEPEND="${DEPEND}
61 + plugins? ( || (
62 + net-analyzer/monitoring-plugins
63 + net-analyzer/nagios-plugins
64 + ) )"
65 +RESTRICT="test"
66 +
67 +want_apache2
68 +
69 +pkg_setup() {
70 + depend.apache_pkg_setup
71 + enewgroup icinga
72 + enewgroup nagios
73 + enewuser icinga -1 -1 /var/lib/icinga "icinga,nagios"
74 +}
75 +
76 +src_prepare() {
77 + epatch "${FILESDIR}/fix-prestripped-binaries-1.7.0.patch"
78 + eapply_user
79 +}
80 +
81 +src_configure() {
82 + local myconf
83 +
84 + myconf="$(use_enable perl embedded-perl)
85 + $(use_with perl perlcache)
86 + $(use_enable idoutils)
87 + $(use_enable ssl)
88 + --with-cgiurl=/icinga/cgi-bin
89 + --with-log-dir=/var/log/icinga
90 + --libdir=/usr/$(get_libdir)
91 + --bindir=/usr/sbin
92 + --sbindir=/usr/$(get_libdir)/icinga/cgi-bin
93 + --datarootdir=/usr/share/icinga/htdocs
94 + --localstatedir=/var/lib/icinga
95 + --sysconfdir=/etc/icinga
96 + --with-lockfile=/var/run/icinga/icinga.lock
97 + --with-temp-dir=/tmp/icinga
98 + --with-temp-file=/tmp/icinga/icinga.tmp"
99 +
100 + if use idoutils ; then
101 + myconf+=" --with-ido2db-lockfile=/var/run/icinga/ido2db.lock
102 + --with-icinga-chkfile=/var/lib/icinga/icinga.chk
103 + --with-ido-sockfile=/var/lib/icinga/ido.sock
104 + --with-idomod-tmpfile=/tmp/icinga/idomod.tmp"
105 + fi
106 +
107 + if use eventhandler ; then
108 + myconfig+=" --with-eventhandler-dir=/etc/icinga/eventhandlers"
109 + fi
110 +
111 + if use plugins ; then
112 + myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins"
113 + else
114 + myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins"
115 + fi
116 +
117 + if use !apache2 && use !lighttpd ; then
118 + myconf+=" --with-command-group=icinga"
119 + else
120 + if use apache2 ; then
121 + myconf+=" --with-httpd-conf=/etc/apache2/conf.d"
122 + myconf+=" --with-command-group=apache"
123 + elif use lighttpd ; then
124 + myconf+=" --with-command-group=lighttpd"
125 + fi
126 + fi
127 +
128 + econf ${myconf}
129 +}
130 +
131 +src_compile() {
132 + tc-export CC
133 +
134 + emake icinga
135 +
136 + if use web ; then
137 + emake DESTDIR="${D}" cgis
138 + fi
139 +
140 + if use contrib ; then
141 + emake DESTDIR="${D}" -C contrib
142 + fi
143 +
144 + if use idoutils ; then
145 + emake DESTDIR="${D}" idoutils
146 + fi
147 +}
148 +
149 +src_install() {
150 + dodoc Changelog README UPGRADING
151 +
152 + if ! use web ; then
153 + sed -i -e '/cd $(SRC_\(CGI\|HTM\))/d' Makefile
154 + fi
155 +
156 + emake DESTDIR="${D}" install{,-config,-commandmode}
157 +
158 + if use idoutils ; then
159 + emake DESTDIR="${D}" install-idoutils
160 + fi
161 +
162 + if use contrib ; then
163 + emake DESTDIR="${D}" -C contrib install
164 + fi
165 +
166 + if use eventhandler ; then
167 + emake DESTDIR="${D}" install-eventhandlers
168 + fi
169 +
170 + newinitd "${FILESDIR}"/icinga-init.d icinga
171 + newconfd "${FILESDIR}"/icinga-conf.d icinga
172 + if use idoutils ; then
173 + newinitd "${FILESDIR}"/ido2db-init.d ido2db
174 + newconfd "${FILESDIR}"/ido2db-conf.d ido2db
175 + insinto /usr/share/icinga/contrib/db
176 + doins -r module/idoutils/db/*
177 + fi
178 + # Apache Module
179 + if use web ; then
180 + if use apache2 ; then
181 + insinto "${APACHE_MODULES_CONFDIR}"
182 + newins "${FILESDIR}"/icinga-apache.conf 99_icinga.conf
183 + elif use lighttpd ; then
184 + insinto /etc/lighttpd
185 + newins "${FILESDIR}"/icinga-lighty.conf lighttpd_icinga.conf
186 + else
187 + ewarn "${CATEGORY}/${PF} only supports Apache-2.x or Lighttpd webserver"
188 + ewarn "out-of-the-box. Since you are not using one of them, you"
189 + ewarn "have to configure your webserver accordingly yourself."
190 + fi
191 + fowners -R root:root /usr/$(get_libdir)/icinga
192 + cd "${D}"
193 + find usr/$(get_libdir)/icinga -type d -exec fperms 755 {} +
194 + find usr/$(get_libdir)/icinga/cgi-bin -type f -exec fperms 755 {} +
195 + fi
196 +
197 + if use eventhandler ; then
198 + dodir /etc/icinga/eventhandlers
199 + fowners icinga:icinga /etc/icinga/eventhandlers
200 + fi
201 +
202 + keepdir /etc/icinga
203 + keepdir /var/lib/icinga
204 + keepdir /var/lib/icinga/archives
205 + keepdir /var/lib/icinga/rw
206 + keepdir /var/lib/icinga/spool/checkresults
207 +
208 + if use apache2 ; then
209 + webserver=apache
210 + elif use lighttpd ; then
211 + webserver=lighttpd
212 + else
213 + webserver=icinga
214 + fi
215 +
216 + fowners icinga:icinga /var/lib/icinga
217 + fowners -R icinga:${webserver} /var/lib/icinga/rw
218 +
219 + fperms 6755 /var/lib/icinga/rw
220 +
221 + # ensure ownership
222 + fowners -R root:root /etc/icinga
223 + fperms 0750 /etc/icinga
224 + fowners -R root:root /usr/sbin
225 + fowners -R root:root /usr/$(get_libdir)
226 + fowners -R root:root /usr/share/icinga/htdocs
227 +
228 + # paxmarks
229 + if use idoutils ; then
230 + pax-mark m usr/sbin/ido2db
231 + fi
232 +}
233 +
234 +pkg_postinst() {
235 + if use web ; then
236 + elog "This does not include cgis that are perl-dependent"
237 + elog "Currently traceroute.cgi is perl-dependent"
238 + elog "Note that the user your webserver is running as needs"
239 + elog "read-access to /etc/icinga."
240 + elog
241 + if use apache2 || use lighttpd ; then
242 + elog "There are several possible solutions to accomplish this,"
243 + elog "choose the one you are most comfortable with:"
244 + elog
245 + if use apache2 ; then
246 + elog " usermod -G icinga apache"
247 + elog "or"
248 + elog " chown icinga:apache /etc/icinga"
249 + elog
250 + elog "Also edit /etc/conf.d/apache2 and add a line like"
251 + elog "APACHE2_OPTS=\"\$APACHE2_OPTS -D ICINGA\""
252 + elog
253 + elog "Icinga web service needs user authentication. If you"
254 + elog "use the base configuration, you need a password file"
255 + elog "with a password for user \"icingaadmin\""
256 + elog "You can create this file by executing:"
257 + elog "htpasswd -c /etc/icinga/htpasswd.users icingaadmin"
258 + elog
259 + elog "you may want to also add apache to the icinga group"
260 + elog "to allow it access to the AuthUserFile"
261 + elog
262 + elif use lighttpd ; then
263 + elog " usermod -G icinga lighttpd "
264 + elog "or"
265 + elog " chown icinga:lighttpd /etc/icinga"
266 + elog "Also edit /etc/lighttpd/lighttpd.conf and add 'include \"lighttpd_icinga.conf\"'"
267 + fi
268 + elog
269 + elog "That will make icinga's web front end visable via"
270 + elog "http://localhost/icinga/"
271 + elog
272 + else
273 + elog "IMPORTANT: Do not forget to add the user your webserver"
274 + elog "is running as to the icinga group!"
275 + fi
276 + else
277 + ewarn "Please note that you have installed Icinga without web interface."
278 + ewarn "Please don't file any bugs about having no web interface when you do this."
279 + ewarn "Thank you!"
280 + fi
281 + elog
282 + elog "If you want icinga to start at boot time"
283 + elog "remember to execute:"
284 + elog " rc-update add icinga default"
285 + elog
286 + elog "If your kernel has /proc protection, icinga"
287 + elog "will not be happy as it relies on accessing the proc"
288 + elog "filesystem. You can fix this by adding icinga into"
289 + elog "the group wheel, but this is not recomended."
290 + elog
291 + if [ -d "${ROOT}"/var/icinga ] ; then
292 + ewarn
293 + ewarn "/var/icinga was moved to /var/lib/icinga"
294 + ewarn "please move the files if this was an upgrade"
295 + if use idoutils ; then
296 + ewarn "and edit /etc/ido2db.cfg to change the location of the files"
297 + ewarn "it accesses"
298 + ewarn "update your db with the scripts under the directory"
299 + ewarn "/usr/share/icinga/contrib/db/"
300 + fi
301 + ewarn
302 + ewarn "The \"mv /var/icinga /var/lib/\" command works well to move the files"
303 + ewarn "remove /var/icinga afterwards to make this warning disappear"
304 + fi
305 +}
Report Message
Find on MARC Find on Google Groups