| 1 |
commit: 2ddfa65c2244d92429897a51b1d8a8e3dc8a92dc |
| 2 |
Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sun Sep 30 12:26:56 2018 +0000 |
| 4 |
Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Sep 30 12:27:53 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ddfa65c |
| 7 |
|
| 8 |
net-analyzer/nrpe: new revision to eliminate PID files with systemd. |
| 9 |
|
| 10 |
The NRPE systemd service is "simple," which means that it runs in the |
| 11 |
foreground. As a result, no PID file is needed to later kill it. |
| 12 |
Nevertheless, the systemd service file that ships with NRPE tries to |
| 13 |
create one. And in order to do that, it messes with some permissions |
| 14 |
(Gentoo bug 648992) that shouldn't be messed with. This commit adds a |
| 15 |
patch to remove the PID file from the service. |
| 16 |
|
| 17 |
A related problem that this revision fixes is the automagic detection |
| 18 |
of the operating system, distribution, and init system by the NRPE |
| 19 |
autotools. The new revision hard-codes all of these to "unknown," |
| 20 |
which should result in behavior that is consistent across machines. In |
| 21 |
particular, it should cause the problematic tmpfiles.d entry |
| 22 |
(associated with the PID file) to not be installed. |
| 23 |
|
| 24 |
Bug: https://bugs.gentoo.org/648992 |
| 25 |
Package-Manager: Portage-2.3.49, Repoman-2.3.10 |
| 26 |
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org> |
| 27 |
|
| 28 |
.../files/nrpe-3.2.1-eliminate-systemd-pid.patch | 38 +++++++++ |
| 29 |
net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild | 89 ++++++++++++++++++++++ |
| 30 |
2 files changed, 127 insertions(+) |
| 31 |
|
| 32 |
diff --git a/net-analyzer/nrpe/files/nrpe-3.2.1-eliminate-systemd-pid.patch b/net-analyzer/nrpe/files/nrpe-3.2.1-eliminate-systemd-pid.patch |
| 33 |
new file mode 100644 |
| 34 |
index 00000000000..6ee520dfa69 |
| 35 |
--- /dev/null |
| 36 |
+++ b/net-analyzer/nrpe/files/nrpe-3.2.1-eliminate-systemd-pid.patch |
| 37 |
@@ -0,0 +1,38 @@ |
| 38 |
+From c4ad513294e8db25ebaf25127948cce37c13e1b2 Mon Sep 17 00:00:00 2001 |
| 39 |
+From: Michael Orlitzky <michael@××××××××.com> |
| 40 |
+Date: Sat, 29 Sep 2018 20:23:53 -0400 |
| 41 |
+Subject: [PATCH 1/1] startup/default-service.in: remove PIDFile and |
| 42 |
+ ExecStopPost lines. |
| 43 |
+ |
| 44 |
+The nrpe systemd service is a "simple" service, which means that it |
| 45 |
+runs in the foreground and doesn't need any PID file tracking to begin |
| 46 |
+with. The tmpfiles.d entry associated with the PID file is causing |
| 47 |
+problems in Gentoo bug 648992, and so as a prerequisite for deleting |
| 48 |
+it, this commit eliminates the PID file. |
| 49 |
+ |
| 50 |
+Bug: https://bugs.gentoo.org/648992 |
| 51 |
+Bug: https://github.com/NagiosEnterprises/nrpe/issues/188 |
| 52 |
+--- |
| 53 |
+ startup/default-service.in | 2 -- |
| 54 |
+ 1 file changed, 2 deletions(-) |
| 55 |
+ |
| 56 |
+diff --git a/startup/default-service.in b/startup/default-service.in |
| 57 |
+index b6c6063..110a0cd 100644 |
| 58 |
+--- a/startup/default-service.in |
| 59 |
++++ b/startup/default-service.in |
| 60 |
+@@ -11,12 +11,10 @@ WantedBy=multi-user.target |
| 61 |
+ [Service] |
| 62 |
+ Type=simple |
| 63 |
+ Restart=on-abort |
| 64 |
+-PIDFile=@piddir@/nrpe.pid |
| 65 |
+ RuntimeDirectory=nrpe |
| 66 |
+ RuntimeDirectoryMode=0755 |
| 67 |
+ ExecStart=@sbindir@/nrpe -c @pkgsysconfdir@/nrpe.cfg -f |
| 68 |
+ ExecReload=/bin/kill -HUP $MAINPID |
| 69 |
+-ExecStopPost=/bin/rm -f @piddir@/nrpe.pid |
| 70 |
+ TimeoutStopSec=60 |
| 71 |
+ User=@nrpe_user@ |
| 72 |
+ Group=@nrpe_group@ |
| 73 |
+-- |
| 74 |
+2.16.4 |
| 75 |
+ |
| 76 |
|
| 77 |
diff --git a/net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild b/net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild |
| 78 |
new file mode 100644 |
| 79 |
index 00000000000..af8c100f0f3 |
| 80 |
--- /dev/null |
| 81 |
+++ b/net-analyzer/nrpe/nrpe-3.2.1-r1.ebuild |
| 82 |
@@ -0,0 +1,89 @@ |
| 83 |
+# Copyright 1999-2018 Gentoo Foundation |
| 84 |
+# Distributed under the terms of the GNU General Public License v2 |
| 85 |
+ |
| 86 |
+EAPI=6 |
| 87 |
+inherit systemd user |
| 88 |
+ |
| 89 |
+DESCRIPTION="Nagios Remote Plugin Executor" |
| 90 |
+HOMEPAGE="https://github.com/NagiosEnterprises/nrpe" |
| 91 |
+SRC_URI="${HOMEPAGE}/releases/download/${P}/${P}.tar.gz" |
| 92 |
+ |
| 93 |
+LICENSE="GPL-2+" |
| 94 |
+SLOT="0" |
| 95 |
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" |
| 96 |
+IUSE="command-args libressl selinux ssl" |
| 97 |
+ |
| 98 |
+DEPEND="sys-apps/tcp-wrappers |
| 99 |
+ ssl? ( |
| 100 |
+ !libressl? ( dev-libs/openssl:0= ) |
| 101 |
+ libressl? ( dev-libs/libressl:0= ) |
| 102 |
+ )" |
| 103 |
+RDEPEND="${DEPEND} |
| 104 |
+ || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins ) |
| 105 |
+ selinux? ( sec-policy/selinux-nagios )" |
| 106 |
+ |
| 107 |
+PATCHES=( "${FILESDIR}/nrpe-3.2.1-eliminate-systemd-pid.patch" ) |
| 108 |
+ |
| 109 |
+pkg_setup() { |
| 110 |
+ enewgroup nagios |
| 111 |
+ enewuser nagios -1 /bin/bash /var/nagios/home nagios |
| 112 |
+} |
| 113 |
+ |
| 114 |
+src_configure() { |
| 115 |
+ # The configure script tries to detect what OS, distribution, and |
| 116 |
+ # init system you're running and changes the build/install process |
| 117 |
+ # depending on what it comes up with. We specify fixed values |
| 118 |
+ # because we don't want it guessing, for example, whether or not |
| 119 |
+ # to install the tmpfiles.d entry based on whether or not systemd |
| 120 |
+ # is currently running (OpenRC uses them too). |
| 121 |
+ econf \ |
| 122 |
+ --libexecdir=/usr/$(get_libdir)/nagios/plugins \ |
| 123 |
+ --localstatedir=/var/nagios \ |
| 124 |
+ --sysconfdir=/etc/nagios \ |
| 125 |
+ --with-nrpe-user=nagios \ |
| 126 |
+ --with-nrpe-group=nagios \ |
| 127 |
+ --with-piddir=/run \ |
| 128 |
+ --with-opsys=unknown \ |
| 129 |
+ --with-dist-type=unknown \ |
| 130 |
+ --with-init-type=unknown \ |
| 131 |
+ --with-inetd-type=unknown \ |
| 132 |
+ $(use_enable command-args) \ |
| 133 |
+ $(use_enable ssl) |
| 134 |
+} |
| 135 |
+ |
| 136 |
+src_compile() { |
| 137 |
+ emake all |
| 138 |
+} |
| 139 |
+ |
| 140 |
+src_install() { |
| 141 |
+ default |
| 142 |
+ |
| 143 |
+ dodoc CHANGELOG.md SECURITY.md |
| 144 |
+ insinto /etc/nagios |
| 145 |
+ newins sample-config/nrpe.cfg nrpe.cfg |
| 146 |
+ fowners root:nagios /etc/nagios/nrpe.cfg |
| 147 |
+ fperms 0640 /etc/nagios/nrpe.cfg |
| 148 |
+ |
| 149 |
+ newinitd "startup/openrc-init" nrpe |
| 150 |
+ newconfd "startup/openrc-conf" nrpe |
| 151 |
+ systemd_newunit "startup/default-service" "${PN}.service" |
| 152 |
+ |
| 153 |
+ insinto /etc/xinetd.d/ |
| 154 |
+ newins "${FILESDIR}/nrpe.xinetd.2" nrpe |
| 155 |
+ |
| 156 |
+ rm "${D}/usr/bin/nrpe-uninstall" || die 'failed to remove uninstall tool' |
| 157 |
+} |
| 158 |
+ |
| 159 |
+pkg_postinst(){ |
| 160 |
+ elog 'Some users have reported incompatibilities between nrpe-2.x and' |
| 161 |
+ elog 'nrpe-3.x. We recommend that you use the same major version for' |
| 162 |
+ elog 'both your server and clients.' |
| 163 |
+ |
| 164 |
+ if use command-args ; then |
| 165 |
+ ewarn '' |
| 166 |
+ ewarn 'You have enabled command-args for NRPE. That lets clients' |
| 167 |
+ ewarn 'supply arguments to the commands that are run, and IS A' |
| 168 |
+ ewarn 'SECURITY RISK!' |
| 169 |
+ ewarn'' |
| 170 |
+ fi |
| 171 |
+} |
Archives