1 |
commit: 2ddfa65c2244d92429897a51b1d8a8e3dc8a92dc |
2 |
Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Sep 30 12:26:56 2018 +0000 |
4 |
Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Sep 30 12:27:53 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ddfa65c |
7 |
|
8 |
net-analyzer/nrpe: new revision to eliminate PID files with systemd. |
9 |
|
10 |
The NRPE systemd service is "simple," which means that it runs in the |
11 |
foreground. As a result, no PID file is needed to later kill it. |
12 |
Nevertheless, the systemd service file that ships with NRPE tries to |
13 |
create one. And in order to do that, it messes with some permissions |
14 |
(Gentoo bug 648992) that shouldn't be messed with. This commit adds a |
15 |
patch to remove the PID file from the service. |
16 |
|
17 |
A related problem that this revision fixes is the automagic detection |
18 |
of the operating system, distribution, and init system by the NRPE |
19 |
autotools. The new revision hard-codes all of these to "unknown," |
20 |
which should result in behavior that is consistent across machines. In |
21 |
particular, it should cause the problematic tmpfiles.d entry |
22 |
(associated with the PID file) to not be installed. |
23 |
|
24 |
Bug: https://bugs.gentoo.org/648992 |
25 |
Package-Manager: Portage-2.3.49, Repoman-2.3.10 |
26 |
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org> |
27 |
|
28 |
.../files/nrpe-3.2.1-eliminate-systemd-pid.patch | 38 +++++++++ |
29 |
net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild | 89 ++++++++++++++++++++++ |
30 |
2 files changed, 127 insertions(+) |
31 |
|
32 |
diff --git a/net-analyzer/nrpe/files/nrpe-3.2.1-eliminate-systemd-pid.patch b/net-analyzer/nrpe/files/nrpe-3.2.1-eliminate-systemd-pid.patch |
33 |
new file mode 100644 |
34 |
index 00000000000..6ee520dfa69 |
35 |
--- /dev/null |
36 |
+++ b/net-analyzer/nrpe/files/nrpe-3.2.1-eliminate-systemd-pid.patch |
37 |
@@ -0,0 +1,38 @@ |
38 |
+From c4ad513294e8db25ebaf25127948cce37c13e1b2 Mon Sep 17 00:00:00 2001 |
39 |
+From: Michael Orlitzky <michael@××××××××.com> |
40 |
+Date: Sat, 29 Sep 2018 20:23:53 -0400 |
41 |
+Subject: [PATCH 1/1] startup/default-service.in: remove PIDFile and |
42 |
+ ExecStopPost lines. |
43 |
+ |
44 |
+The nrpe systemd service is a "simple" service, which means that it |
45 |
+runs in the foreground and doesn't need any PID file tracking to begin |
46 |
+with. The tmpfiles.d entry associated with the PID file is causing |
47 |
+problems in Gentoo bug 648992, and so as a prerequisite for deleting |
48 |
+it, this commit eliminates the PID file. |
49 |
+ |
50 |
+Bug: https://bugs.gentoo.org/648992 |
51 |
+Bug: https://github.com/NagiosEnterprises/nrpe/issues/188 |
52 |
+--- |
53 |
+ startup/default-service.in | 2 -- |
54 |
+ 1 file changed, 2 deletions(-) |
55 |
+ |
56 |
+diff --git a/startup/default-service.in b/startup/default-service.in |
57 |
+index b6c6063..110a0cd 100644 |
58 |
+--- a/startup/default-service.in |
59 |
++++ b/startup/default-service.in |
60 |
+@@ -11,12 +11,10 @@ WantedBy=multi-user.target |
61 |
+ [Service] |
62 |
+ Type=simple |
63 |
+ Restart=on-abort |
64 |
+-PIDFile=@piddir@/nrpe.pid |
65 |
+ RuntimeDirectory=nrpe |
66 |
+ RuntimeDirectoryMode=0755 |
67 |
+ ExecStart=@sbindir@/nrpe -c @pkgsysconfdir@/nrpe.cfg -f |
68 |
+ ExecReload=/bin/kill -HUP $MAINPID |
69 |
+-ExecStopPost=/bin/rm -f @piddir@/nrpe.pid |
70 |
+ TimeoutStopSec=60 |
71 |
+ User=@nrpe_user@ |
72 |
+ Group=@nrpe_group@ |
73 |
+-- |
74 |
+2.16.4 |
75 |
+ |
76 |
|
77 |
diff --git a/net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild b/net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild |
78 |
new file mode 100644 |
79 |
index 00000000000..af8c100f0f3 |
80 |
--- /dev/null |
81 |
+++ b/net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild |
82 |
@@ -0,0 +1,89 @@ |
83 |
+# Copyright 1999-2018 Gentoo Foundation |
84 |
+# Distributed under the terms of the GNU General Public License v2 |
85 |
+ |
86 |
+EAPI=6 |
87 |
+inherit systemd user |
88 |
+ |
89 |
+DESCRIPTION="Nagios Remote Plugin Executor" |
90 |
+HOMEPAGE="https://github.com/NagiosEnterprises/nrpe" |
91 |
+SRC_URI="${HOMEPAGE}/releases/download/${P}/${P}.tar.gz" |
92 |
+ |
93 |
+LICENSE="GPL-2+" |
94 |
+SLOT="0" |
95 |
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" |
96 |
+IUSE="command-args libressl selinux ssl" |
97 |
+ |
98 |
+DEPEND="sys-apps/tcp-wrappers |
99 |
+ ssl? ( |
100 |
+ !libressl? ( dev-libs/openssl:0= ) |
101 |
+ libressl? ( dev-libs/libressl:0= ) |
102 |
+ )" |
103 |
+RDEPEND="${DEPEND} |
104 |
+ || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins ) |
105 |
+ selinux? ( sec-policy/selinux-nagios )" |
106 |
+ |
107 |
+PATCHES=( "${FILESDIR}/nrpe-3.2.1-eliminate-systemd-pid.patch" ) |
108 |
+ |
109 |
+pkg_setup() { |
110 |
+ enewgroup nagios |
111 |
+ enewuser nagios -1 /bin/bash /var/nagios/home nagios |
112 |
+} |
113 |
+ |
114 |
+src_configure() { |
115 |
+ # The configure script tries to detect what OS, distribution, and |
116 |
+ # init system you're running and changes the build/install process |
117 |
+ # depending on what it comes up with. We specify fixed values |
118 |
+ # because we don't want it guessing, for example, whether or not |
119 |
+ # to install the tmpfiles.d entry based on whether or not systemd |
120 |
+ # is currently running (OpenRC uses them too). |
121 |
+ econf \ |
122 |
+ --libexecdir=/usr/$(get_libdir)/nagios/plugins \ |
123 |
+ --localstatedir=/var/nagios \ |
124 |
+ --sysconfdir=/etc/nagios \ |
125 |
+ --with-nrpe-user=nagios \ |
126 |
+ --with-nrpe-group=nagios \ |
127 |
+ --with-piddir=/run \ |
128 |
+ --with-opsys=unknown \ |
129 |
+ --with-dist-type=unknown \ |
130 |
+ --with-init-type=unknown \ |
131 |
+ --with-inetd-type=unknown \ |
132 |
+ $(use_enable command-args) \ |
133 |
+ $(use_enable ssl) |
134 |
+} |
135 |
+ |
136 |
+src_compile() { |
137 |
+ emake all |
138 |
+} |
139 |
+ |
140 |
+src_install() { |
141 |
+ default |
142 |
+ |
143 |
+ dodoc CHANGELOG.md SECURITY.md |
144 |
+ insinto /etc/nagios |
145 |
+ newins sample-config/nrpe.cfg nrpe.cfg |
146 |
+ fowners root:nagios /etc/nagios/nrpe.cfg |
147 |
+ fperms 0640 /etc/nagios/nrpe.cfg |
148 |
+ |
149 |
+ newinitd "startup/openrc-init" nrpe |
150 |
+ newconfd "startup/openrc-conf" nrpe |
151 |
+ systemd_newunit "startup/default-service" "${PN}.service" |
152 |
+ |
153 |
+ insinto /etc/xinetd.d/ |
154 |
+ newins "${FILESDIR}/nrpe.xinetd.2" nrpe |
155 |
+ |
156 |
+ rm "${D}/usr/bin/nrpe-uninstall" || die 'failed to remove uninstall tool' |
157 |
+} |
158 |
+ |
159 |
+pkg_postinst(){ |
160 |
+ elog 'Some users have reported incompatibilities between nrpe-2.x and' |
161 |
+ elog 'nrpe-3.x. We recommend that you use the same major version for' |
162 |
+ elog 'both your server and clients.' |
163 |
+ |
164 |
+ if use command-args ; then |
165 |
+ ewarn '' |
166 |
+ ewarn 'You have enabled command-args for NRPE. That lets clients' |
167 |
+ ewarn 'supply arguments to the commands that are run, and IS A' |
168 |
+ ewarn 'SECURITY RISK!' |
169 |
+ ewarn'' |
170 |
+ fi |
171 |
+} |