Hello community, here is the log from the commit of package cacti.1948 for openSUSE:12.3:Update checked in at 2013-08-23 14:34:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/cacti.1948 (Old) and /work/SRC/openSUSE:12.3:Update/.cacti.1948.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cacti.1948" Changes: -------- New Changes file: --- /dev/null 2013-07-23 23:44:04.804033756 +0200 +++ /work/SRC/openSUSE:12.3:Update/.cacti.1948.new/cacti.changes 2013-08-23 14:34:55.000000000 +0200 @@ -0,0 +1,374 @@ +------------------------------------------------------------------- +Tue Aug 13 09:23:29 UTC 2013 - [email protected] + +- Security fix via version 0.8.8b + - bnc#834464 + - Fixes CVE-2013-1434 CVE-2013-1435 +- Update to version 0.8.8b + - bug: Fixed issue with custom data source information being lost when saved from edit + - bug: Repopulate the poller cache on new installations + - bug: Fix issue with poller not escaping the script query path correctly + - bug: Allow snmpv3 priv proto none + - bug: Fix issue where host activate may flush the entire poller item cache + - security: SQL injection and shell escaping issues + +------------------------------------------------------------------- +Mon Jun 4 08:57:00 UTC 2012 - [email protected] + +- Added official cacti 0.8.8a patch + +------------------------------------------------------------------- +Mon Apr 30 11:09:10 UTC 2012 - [email protected] + +- New version 0.8.8a +- Fixed an rpmlint warning + +------------------------------------------------------------------- +Mon Apr 16 10:27:23 UTC 2012 - [email protected] + +- Corrected the crontab file for openSUSE >= 12.2 +- Some cross distro fixes so plugins will also build for other distros + +------------------------------------------------------------------- +Tue Apr 10 17:03:29 UTC 2012 - [email protected] + +- Install cacti in /srv/www/cacti/ from openSUSE 12.2 onwards +- Passed the spec file through spec-cleaner +- Cacti-PA can be removed as cacti includes the Plugin Architure + +------------------------------------------------------------------- +Tue Apr 10 09:14:52 UTC 2012 - [email protected] + +- Minor changes in the spec file, updated version to 0.8.8 + +------------------------------------------------------------------- +Sun Jan 8 12:58:28 UTC 2012 - [email protected] + +- Reformated the spec file to the openSUSE standard + +------------------------------------------------------------------- +Fri Dec 30 14:40:04 UTC 2011 - [email protected] + +- Added official settings_checkbox patch + +------------------------------------------------------------------- +Tue Dec 13 22:15:03 UTC 2011 - [email protected] + +- Build version 0.8.7i + +------------------------------------------------------------------- +Tue Oct 4 13:19:26 UTC 2011 - [email protected] + +- Upgrade to version 0.8.7h + +------------------------------------------------------------------- +Fri Jun 10 00:00:00 UTC 2011 [email protected] + +- added 'Provides' to make cactid installable + +------------------------------------------------------------------- +Sat Jul 10 00:00:00 UTC 2010 [email protected] + +- update to cacti-0.8.7g + +------------------------------------------------------------------- +Sat May 22 00:00:00 UTC 2010 [email protected] + +- update to cacti-0.8.7f + +------------------------------------------------------------------- +Wed Nov 11 00:00:00 UTC 2009 [email protected] + +- Added the missing cli directory + +------------------------------------------------------------------- +Mon Aug 31 00:00:00 UTC 2009 [email protected] + +- Minor change in the name of the patch file + +------------------------------------------------------------------- +Fri Aug 28 00:00:00 UTC 2009 [email protected] + +- update to cacti-0.8.7e.tar.bz2 + - bug#0001044: Creating a DS, Output field can't be selected for + DT with a DIM when "Use Per-Data Source Value" is on + - bug#0001341: SNMP query: add oid_suffix for weird SNMP queries + - bug#0001345: Overwriting $snmp_index in query_snmp_host() breaks + SNMP Data query if using get method + - bug#0001346: Strip out noisy 'No Such Instance currently exists + at this OID' + - bug#0001404: timeout in "function ping_icmp" (lib/ping.php) + - bug#0001405: Spaces in DS when .rrd file is created, so it fails + - bug#0001407: Place graph thumbnail into div to lower page length + changes on load graphs + - bug#0001410: Thumbnail Columns is not honored for host display + with snmp index group style + - bug#0001411: Graph searching issue + - bug#0001413: strip_quotes fails + - bug#0001426: multiple form opening due to bug in draw_edit_form() + - bug#0001436: CSV Export Start Date and End Date are always + 1970-01-01 01:00:00 + - bug#0001443: format_snmp_string can return a number with a leading space + - bug#0001446: Wrong dates override in CSV export + - bug#0001456: oid_uptime is not parsed correctly + - bug#0001460: Skiping input parameters in data_query_field_list() + may lead to SQL errors + - bug#0001464: Typo in install/index.php + - bug#0001467: Customisable oid index parse regexp for weird MIBs + - bug#0001468: Tree is not expanded correctly + - bug#0001469: Tree is not being expanded if user followed link + outside of cacti + - bug#0001476: Mark stacked columns in rrdtool_function_xport() output + - bug#0001477: Spelling error in a variable in html_tree.php + - bug#0001478: Combo boxes on Graph Management page produce URLs + with leading spaces + - bug: Top Graph Header Breaks When Plugins Used + - bug: SNMP v3 Password issue caused by Firefox's Password AutoFill + - bug: Strip Quotes does not properly handle the value 'U' + - bug: Changes to the graph tree would not show up immediately for + current user +- bzip sources + +------------------------------------------------------------------- +Mon Jun 15 00:00:00 UTC 2009 [email protected] + +- reverted BuildRequires from libdb-4_5-devel to db-devel + +------------------------------------------------------------------- +Fri May 22 00:00:00 UTC 2009 [email protected] + +- Working with prefix + +------------------------------------------------------------------- +Sat Apr 25 00:00:00 UTC 2009 [email protected] + +- Updated BuildRequires to libdb-4_5-devel + +------------------------------------------------------------------- +Sat Feb 14 00:00:00 UTC 2009 [email protected] + +- cleaned out the spec file +- deleted file for the PA platform + +------------------------------------------------------------------- +Fri Feb 13 00:00:00 UTC 2009 [email protected] + +- build version cacti-0.8.7d + +------------------------------------------------------------------- +Thu Feb 12 00:00:00 UTC 2009 [email protected] + +- improving the spec file +- added multi rpm distro build +- Added the plug-in framework + +------------------------------------------------------------------- +Mon Feb 2 00:00:00 UTC 2009 [email protected] + +- building version 0.8.7c + +------------------------------------------------------------------- +Mon Apr 14 00:00:00 UTC 2008 [email protected] + +- add official cacti patches +- cleanup buildrequires + +------------------------------------------------------------------- +Tue Apr 8 00:00:00 UTC 2008 [email protected] + +- cacti does not really work without cron, but cron is not installed + by default in the minimal system + +------------------------------------------------------------------- +Tue Feb 19 00:00:00 UTC 2008 [email protected] + +- updated to 0.8.7b + * security fixes: + - Fix several security vulnerabilities + * bug fixes: + - Unnecessary (and faulty) DEF generation for CF:AVERAGE + - Small visual fix for Cacti in "View Cacti Log File" + - Graph xport modification to increase default rows output + - Poller incorrectly identifies unique hosts + - CLI Scripts bring MySQL down on large installations + - Filtering broken on Data Sources page + - Fix looping poller recache events + - ss_fping.php 100%% "Pkt Loss" does not work properly + - Graphs with no template and/or no host cause filtering errors on Graph Management page ++++ 177 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.cacti.1948.new/cacti.changes New: ---- cacti-0.8.8b-cacti-log-path.patch cacti-0.8.8b-cacti-script.patch cacti-0.8.8b.tar.gz cacti-httpd.conf cacti-httpd.conf.default cacti-httpd.conf.nonsuse cacti-httpd.conf.vhost cacti.changes cacti.cron cacti.cron.new cacti.logrotate cacti.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cacti.spec ++++++ # # spec file for package cacti # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: cacti Version: 0.8.8b Release: 0.0 Summary: Web Front-End to Monitor System Data via RRDtool License: GPL-2.0+ Group: System/Monitoring Url: http://www.cacti.net/ Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz Source1: %{name}.cron Source2: %{name}-httpd.conf Source3: %{name}.logrotate Source4: %{name}-httpd.conf.default Source5: %{name}-httpd.conf.vhost Source6: %{name}-httpd.conf.nonsuse Source7: %{name}.cron.new # PATCH-FIX-OPENSUSE cacti-0.8.8-cacti-log-path.patch Patch0: %{name}-%{version}-cacti-log-path.patch # PATCH-FIX-OPENSUSE cacti-0.8.8-cacti-script.patch Patch1: %{name}-%{version}-cacti-script.patch Provides: cacti-system %if 0%{?suse_version} BuildRequires: apache2-devel Requires: apache2 Requires: apache2-mod_php5 Requires: cron Requires: php5-mysql Requires: php5-snmp Requires: php5-sockets Requires: rrdtool %endif %if 0%{?fedora_version} || 0%{?rhel_version} || 0%{?centos_version} BuildRequires: httpd-devel Requires: httpd Requires: rrdtool %endif %if 0%{?centos_version} Requires: php-mysql Requires: php-snmp %endif %if 0%{?rhel_version} Requires: php-mysql #Requires: php-snmp %endif %if 0%{?fedora_version} Requires: php-mysqlnd Requires: php-snmp %endif %if 0%{?mandriva_version} BuildRequires: apache-devel Requires: apache Requires: apache-mod_php Requires: php-mysql Requires: php-snmp Requires: php-sockets Requires: rrdtool %endif Requires: logrotate Requires: net-snmp Obsoletes: cacti-PA Provides: cacti-PA BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %if 0%{?suse_version} %define apxs /usr/sbin/apxs2 %else %define apxs /usr/sbin/apxs %endif %define apache2_sysconfdir %(%{apxs} -q SYSCONFDIR) %if 0%{?suse_version} <= 1210 %define prefix %{_datadir}/cacti %else %define prefix /srv/www/cacti %endif %description Cacti is a complete front-end to RRDtool: it stores all necessary information for creating graphs and populates them with data from a MySQL database. The front-end is completely PHP driven. Along with being ableto maintain graphs, data sources, and round robin archives ina database, Cacti also handles data gathering. There exists an SNMP support for those accustomed to creating traffic graphs with MRTG as well. %prep %setup -q %patch0 -p1 %patch1 -p1 %build #nothing to build %install #delete the *.orig files find . -type f -name "*\.orig" -exec rm {} \; install -d -m 755 %{buildroot}%{prefix} install -d -m 755 %{buildroot}%{_localstatedir}/lib/%{name} install -d -m 755 %{buildroot}%{_localstatedir}/log/%{name} cp *.php %{buildroot}%{prefix} cp -pr lib %{buildroot}%{prefix} cp -pr include %{buildroot}%{prefix} cp -pr images %{buildroot}%{prefix} cp -pr install %{buildroot}%{prefix} cp -pr resource %{buildroot}%{prefix} cp -pr rra %{buildroot}%{prefix} #cp -pr scripts %{buildroot}%{prefix} #cp -pr cli %{buildroot}%{prefix} install -d -m 755 scripts %{buildroot}%{prefix}/scripts install -m 755 scripts/* %{buildroot}%{prefix}/scripts install -d -m 755 cli %{buildroot}%{prefix}/cli install -m 755 cli/* %{buildroot}%{prefix}/cli install -m 644 *.sql %{buildroot}%{prefix} # cron task install -d -m 755 %{buildroot}%{_sysconfdir}/cron.d %if 0%{?suse_version} > 1210 install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/cron.d/cacti %endif %if 0%{?suse_version} <= 1210 install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/cron.d/cacti %endif %if ! 0%{?suse_version} install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/cron.d/cacti %endif # apache2 config %if 0%{?suse_version} > 1210 mkdir -p %{buildroot}/%{apache2_sysconfdir}/conf.d cp -avL %{SOURCE4} %{buildroot}/%{apache2_sysconfdir}/conf.d/%{name}.conf mkdir -p %{buildroot}/%{apache2_sysconfdir}/vhosts.d/conf.d cp -avL %{SOURCE5} %{buildroot}/%{apache2_sysconfdir}/vhosts.d/conf.d/%{name}.conf %endif %if 0%{?suse_version} <= 1210 install -d -m 755 %{buildroot}%{apache2_sysconfdir}/conf.d install -m 644 %{SOURCE2} %{buildroot}%{apache2_sysconfdir}/conf.d/cacti.conf %endif %if ! 0%{?suse_version} mkdir -p %{buildroot}/%{apache2_sysconfdir}/../conf.d cp -avL %{SOURCE6} %{buildroot}/%{apache2_sysconfdir}/../conf.d/%{name}.conf %endif # logrotate config mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d/ install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} # Set the correct permissions for pl and sh files #find %{buildroot}%{prefix} -type f -name "*.sh" -o -name "*.pl" -exec chmod ugo+x {} \; # compute files list without config file find %{buildroot}%{prefix} -type d | sed -e 's|'%{buildroot}'|%dir |' >> %{name}.list find %{buildroot}%{prefix} -type f ! -name config.php | sed -e 's|'%{buildroot}'||' >> %{name}.list %files -f %{name}.list %defattr(-,root,root) %doc LICENSE docs/* %attr(-,wwwrun,www) %dir %{_localstatedir}/lib/cacti %attr(-,wwwrun,www) %dir %{_localstatedir}/log/cacti %config(noreplace) %{prefix}/include/config.php %config(noreplace) %{_sysconfdir}/cron.d/%{name} %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %if 0%{?suse_version} <= 1210 %dir %{apache2_sysconfdir}/conf.d %config(noreplace) %{apache2_sysconfdir}/conf.d/cacti.conf %endif %if 0%{?suse_version} > 1210 %dir %{apache2_sysconfdir}/conf.d %config (noreplace) %{apache2_sysconfdir}/conf.d/%{name}.conf %dir %{apache2_sysconfdir}/vhosts.d/conf.d %config (noreplace) %{apache2_sysconfdir}/vhosts.d/conf.d/%{name}.conf %endif %if ! 0%{?suse_version} %dir %{apache2_sysconfdir}/../conf.d %config (noreplace) %{apache2_sysconfdir}/../conf.d/%{name}.conf %endif %post %if 0%{?suse_version} chown -R wwwrun.www %{prefix}/rra %endif %changelog ++++++ cacti-0.8.8b-cacti-log-path.patch ++++++ diff -Naur cacti-0.8.7i-PIA-3.1.orig/include/global_settings.php cacti-0.8.7i-PIA-3.1/include/global_settings.php --- cacti-0.8.7i-PIA-3.1.orig/include/global_settings.php 2011-12-12 03:09:54.000000000 +0100 +++ cacti-0.8.7i-PIA-3.1/include/global_settings.php 2011-12-13 23:40:54.000000000 +0100 @@ -96,9 +96,9 @@ ), "path_cactilog" => array( "friendly_name" => "Cacti Log File Path", - "description" => "The path to your Cacti log file (if blank, defaults to <path_cacti>/log/cacti.log)", + "description" => "The path to your Cacti log file (if blank, defaults to /var/log/cacti/cacti.log)", "method" => "filepath", - "default" => $config["base_path"] . "/log/cacti.log", + "default" => "/var/log/cacti/cacti.log", "max_length" => "255" ), "pollerpaths_header" => array( diff -Naur cacti-0.8.7i-PIA-3.1.orig/install/index.php cacti-0.8.7i-PIA-3.1/install/index.php --- cacti-0.8.7i-PIA-3.1.orig/install/index.php 2011-12-12 02:56:07.000000000 +0100 +++ cacti-0.8.7i-PIA-3.1/install/index.php 2011-12-13 23:42:51.000000000 +0100 @@ -266,7 +266,7 @@ if (config_value_exists("path_cactilog")) { $input["path_cactilog"]["default"] = read_config_option("path_cactilog"); } else { - $input["path_cactilog"]["default"] = $config["base_path"] . "/log/cacti.log"; + $input["path_cactilog"]["default"] = "/var/log/cacti/cacti.log"; } /* SNMP Version */ diff -Naur cacti-0.8.7i-PIA-3.1.orig/lib/functions.php cacti-0.8.7i-PIA-3.1/lib/functions.php --- cacti-0.8.7i-PIA-3.1.orig/lib/functions.php 2011-12-12 03:09:55.000000000 +0100 +++ cacti-0.8.7i-PIA-3.1/lib/functions.php 2011-12-13 23:36:05.000000000 +0100 @@ -493,7 +493,7 @@ /* Log to Logfile */ if ((($logdestination == 1) || ($logdestination == 2)) && (read_config_option("log_verbosity") != POLLER_VERBOSITY_NONE)) { if ($logfile == "") { - $logfile = $config["base_path"] . "/log/cacti.log"; + $logfile = "/var/log/cacti/cacti.log"; } /* echo the data to the log (append) */ diff -Naur cacti-0.8.7i-PIA-3.1.orig/utilities.php cacti-0.8.7i-PIA-3.1/utilities.php --- cacti-0.8.7i-PIA-3.1.orig/utilities.php 2011-12-12 03:09:55.000000000 +0100 +++ cacti-0.8.7i-PIA-3.1/utilities.php 2011-12-13 23:38:33.000000000 +0100 @@ -803,7 +803,7 @@ $logfile = read_config_option("path_cactilog"); if ($logfile == "") { - $logfile = "./log/rrd.log"; + $logfile = "/var/log/rrd.log"; } /* helps determine output color */ @@ -1051,7 +1051,7 @@ $logfile = read_config_option("path_cactilog"); if ($logfile == "") { - $logfile = "./log/cacti.log"; + $logfile = "/var/log/cacti/cacti.log"; } html_start_box("<strong>Clear Cacti Log File</strong>", "100%", $colors["header"], "1", "center", ""); ++++++ cacti-0.8.8b-cacti-script.patch ++++++ diff -Naur cacti-0.8.7i-PIA-3.1.orig/script_server.pl cacti-0.8.7i-PIA-3.1/script_server.pl --- cacti-0.8.7i-PIA-3.1.orig/script_server.pl 2010-12-04 22:11:33.000000000 +0100 +++ cacti-0.8.7i-PIA-3.1/script_server.pl 2011-12-14 00:20:25.000000000 +0100 @@ -1,4 +1,4 @@ -chdir("./scripts"); +chdir("/usr/share/cacti/scripts"); $loaded = 0; while ($file = <*.pl>) { next if $file eq $0; ++++++ cacti-httpd.conf ++++++ Alias /cacti/ /usr/share/cacti/ <Directory /usr/share/cacti/> Options None order deny,allow deny from all allow from 127.0.0.1 </Directory> # For SSL-servers #Alias /cacti/ /usr/share/nagat/ #<Directory /usr/share/cacti/> # Options None # SSLRequireSSL # order deny,allow # deny from all # AuthType Basic # AuthUserFile /site/cfg/passwd # AuthGroupFile /site/cfg/group # AuthName "cacti" # require group cacti # Satisfy Any #</Directory> ++++++ cacti-httpd.conf.default ++++++ # Example configuration for a cacti repository # # As default server # put the string CACTI in /etc/sysconfig/apache2 APACHE_SERVER_FLAGS # to enable the URL # http://localhost/cacti # # As vhost # If you want to use cacti in one vhost add # Include /etc/apache2/vhosts.d/conf.d/cacti.conf # to the vhost in the vhost.conf file # put the string CACTIVHOST in /etc/sysconfig/apache2 APACHE_SERVER_FLAGS # to enable the URL # http://vhost/cacti <IfDefine CACTI> Alias /cacti/ /srv/www/cacti/ <Directory /srv/www/cacti/> Options None order deny,allow deny from all allow from localhost </Directory> # For SSL-servers # Alias /cacti/ /srv/www/nagat/ # <Directory /srv/www/cacti/> # Options None # SSLRequireSSL # order deny,allow # deny from all # AuthType Basic # AuthUserFile /site/cfg/passwd # AuthGroupFile /site/cfg/group # AuthName "cacti" # require group cacti # Satisfy Any # </Directory> </IfDefine> ++++++ cacti-httpd.conf.nonsuse ++++++ Alias /cacti/ /srv/www/cacti/ <Directory /srv/www/cacti/> Options None order deny,allow deny from all allow from localhost </Directory> # For SSL-servers #Alias /cacti/ /srv/www/nagat/ #<Directory /srv/www/cacti/> # Options None # SSLRequireSSL # order deny,allow # deny from all # AuthType Basic # AuthUserFile /site/cfg/passwd # AuthGroupFile /site/cfg/group # AuthName "cacti" # require group cacti # Satisfy Any #</Directory> ++++++ cacti-httpd.conf.vhost ++++++ # Example configuration for a cacti repository # # As default server # put the string CACTI in /etc/sysconfig/apache2 APACHE_SERVER_FLAGS # to enable the URL # http://localhost/cacti # # As vhost # If you want to use cacti in one vhost add # Include /etc/apache2/vhosts.d/conf.d/cacti.conf # to the vhost in the vhost.conf file # put the string CACTIVHOST in /etc/sysconfig/apache2 APACHE_SERVER_FLAGS # to enable the URL # http://vhost/cacti <IfDefine CACTIVHOST> Alias /cacti/ /srv/www/cacti/ <Directory /srv/www/cacti/> Options None order deny,allow deny from all allow from localhost </Directory> # For SSL-servers # Alias /cacti/ /srv/www/nagat/ # <Directory /srv/www/cacti/> # Options None # SSLRequireSSL # order deny,allow # deny from all # AuthType Basic # AuthUserFile /site/cfg/passwd # AuthGroupFile /site/cfg/group # AuthName "cacti" # require group cacti # Satisfy Any # </Directory> </IfDefine> ++++++ cacti.cron ++++++ */5 * * * * wwwrun php /usr/share/cacti/poller.php > /dev/null 2>&1 ++++++ cacti.cron.new ++++++ */5 * * * * wwwrun php /srv/www/cacti/poller.php > /dev/null 2>&1 ++++++ cacti.logrotate ++++++ /var/log/cacti/cacti.log { missingok compress } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
