On 2019/01/22 14:07, Martijn van Duren wrote:
> On 1/22/19 11:36 AM, Stuart Henderson wrote:
> > On 2019/01/22 08:42, Martijn van Duren wrote:
> >> I'm currently trying to get vsphere module to run, which requires the
> >> daemon to be started via icingacli. Unfortunately this doesn't work,
> >> because the module was enabled inside the chroot, which makes the
> >> destination path invalid for icingacli, which runs outside a chroot.
> >>
> >> The following diff adds some extra logic to turn the absolute chroot
> >> paths into relative paths.
> >>
> >> This also allows us to enable and disable modules via icingacli
> >> without breaking it inside the webroot.
> >>
> >> OK?
> >
> > Did you follow the instructions in the icinga-web2 pkg-readme about
> > creating the symlink? I haven't checked recently but this used to work.
>
> I must admit, I overlooked that part, but that still only works half.
> 1) It only works for modules enabled with icingacli, but modules enabled
> via the web interface still point to /icinga-web2/
> icinga1# pwd
> /var/www/etc/icingaweb2/enabledModules
> icinga1# ls -l
> total 0
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 37 Jan 22 07:30 graphite ->
> ../../../icinga-web2/modules/graphite
> lrwxr-xr-x 1 root _icingaweb2 38 Jan 22 09:16 incubator ->
> ../../../icinga-web2/modules/incubator
> lrwxr-xr-x 1 root _icingaweb2 32 Jan 22 09:14 ipl ->
> ../../../icinga-web2/modules/ipl
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 39 Jan 22 07:30 monitoring ->
> ../../../icinga-web2/modules/monitoring
> lrwxr-xr-x 1 root _icingaweb2 40 Jan 22 08:47 reactbundle ->
> ../../../icinga-web2/modules/reactbundle
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 38 Jan 22 07:27 vspheredb ->
> ../../../icinga-web2/modules/vspheredb
> icinga1# # Click enable button in web interface
> icinga1# ls -l
> total 0
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 29 Jan 22 13:57 director ->
> /icinga-web2/modules/director
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 37 Jan 22 07:30 graphite ->
> ../../../icinga-web2/modules/graphite
> lrwxr-xr-x 1 root _icingaweb2 38 Jan 22 09:16 incubator ->
> ../../../icinga-web2/modules/incubator
> lrwxr-xr-x 1 root _icingaweb2 32 Jan 22 09:14 ipl ->
> ../../../icinga-web2/modules/ipl
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 39 Jan 22 07:30 monitoring ->
> ../../../icinga-web2/modules/monitoring
> lrwxr-xr-x 1 root _icingaweb2 40 Jan 22 08:47 reactbundle ->
> ../../../icinga-web2/modules/reactbundle
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 38 Jan 22 07:27 vspheredb ->
> ../../../icinga-web2/modules/vspheredb
> icinga1# icingacli module disable director
> Found invalid module in enabledModule directory
> "/var/www/etc/icingaweb2/enabledModules":
> "/var/www/etc/icingaweb2/enabledModules/director" points to non existing path
> "false"
> icinga1# icingacli module enable director
> icinga1# ls -l
> total 0
> lrwxr-xr-x 1 root _icingaweb2 37 Jan 22 13:57 director ->
> /var/www/icinga-web2/modules/director
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 37 Jan 22 07:30 graphite ->
> ../../../icinga-web2/modules/graphite
> lrwxr-xr-x 1 root _icingaweb2 38 Jan 22 09:16 incubator ->
> ../../../icinga-web2/modules/incubator
> lrwxr-xr-x 1 root _icingaweb2 32 Jan 22 09:14 ipl ->
> ../../../icinga-web2/modules/ipl
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 39 Jan 22 07:30 monitoring ->
> ../../../icinga-web2/modules/monitoring
> lrwxr-xr-x 1 root _icingaweb2 40 Jan 22 08:47 reactbundle ->
> ../../../icinga-web2/modules/reactbundle
> lrwxr-xr-x 1 _icingaweb2 _icingaweb2 38 Jan 22 07:27 vspheredb ->
> ../../../icinga-web2/modules/vspheredb
> 2) I reckon this is basic functionality that people could reasonably
> expect to work without any hacks.
> >
> > (and please make sure I am at least CC'd on mails about ports which
> > I am listed as MAINTAINER for, ports@ is busy enough that I sometimes
> > miss things there..)
> >
> Will do.
> >
> >
> >> martijn@
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/net/icinga/web2/Makefile,v
> retrieving revision 1.28
> diff -u -p -r1.28 Makefile
> --- Makefile 22 Nov 2018 22:20:12 -0000 1.28
> +++ Makefile 22 Jan 2019 06:42:59 -0000
> @@ -6,6 +6,7 @@ GH_ACCOUNT = Icinga
> GH_PROJECT = icingaweb2
> GH_TAGNAME = v2.6.2
> PKGNAME = icinga-web2-${GH_TAGNAME:S/v//}
> +REVISION = 0
>
> MODULES= lang/php
>
> Index: patches/patch-library_Icinga_Application_Modules_Manager_php
> ===================================================================
> RCS file: patches/patch-library_Icinga_Application_Modules_Manager_php
> diff -N patches/patch-library_Icinga_Application_Modules_Manager_php
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-library_Icinga_Application_Modules_Manager_php 22 Jan
> 2019 07:36:00 -0000
> @@ -0,0 +1,36 @@
> +$OpenBSD$
> +
> +Make icingacli <module> <command> available outside of chroot
> +Index: library/Icinga/Application/Modules/Manager.php
> +--- library/Icinga/Application/Modules/Manager.php.orig
> ++++ library/Icinga/Application/Modules/Manager.php
> +@@ -285,7 +285,28 @@ class Manager
> + return $this;
> + }
> +
> +- if (! @symlink($target, $link)) {
> ++ $relTarget = explode("/", $target);
> ++ $relLink = explode("/", $link);
> ++ while (end($relTarget) === "") {
> ++ array_pop($relTarget);
> ++ }
> ++ while (end($relLink) === "") {
> ++ array_pop($relLink);
> ++ }
> ++ while (reset($relTarget) === reset($relLink)) {
> ++ array_shift($relTarget);
> ++ array_shift($relLink);
> ++ }
> ++ array_pop($relLink);
> ++ if (empty($relLink)) {
> ++ array_unshift($relTarget, ".");
> ++ } else {
> ++ while (array_shift($relLink)) {
> ++ array_unshift($relTarget, "..");
> ++ }
> ++ }
> ++ $relTarget = implode("/", $relTarget);
> ++ if (! @symlink($relTarget, $link)) {
> + $error = error_get_last();
> + if (strstr($error["message"], "File exists") === false) {
> + throw new SystemPermissionException(
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/net/icinga/web2/Makefile,v
> retrieving revision 1.28
> diff -u -p -r1.28 Makefile
> --- Makefile 22 Nov 2018 22:20:12 -0000 1.28
> +++ Makefile 22 Jan 2019 13:06:26 -0000
> @@ -6,6 +6,7 @@ GH_ACCOUNT = Icinga
> GH_PROJECT = icingaweb2
> GH_TAGNAME = v2.6.2
> PKGNAME = icinga-web2-${GH_TAGNAME:S/v//}
> +REVISION = 0
>
> MODULES= lang/php
>
> Index: pkg/README
> ===================================================================
> RCS file: /cvs/ports/net/icinga/web2/pkg/README,v
> retrieving revision 1.5
> diff -u -p -r1.5 README
> --- pkg/README 29 Oct 2018 06:16:21 -0000 1.5
> +++ pkg/README 22 Jan 2019 13:06:26 -0000
> @@ -14,20 +14,7 @@ about using "icinga2 feature enable" to
> details, database schema, etc.
>
> The majority of Icinga Web 2 configuration is web-based and simple,
> -but a few things will need to be setup FIRST, in particular to cope
> -with the use of a chroot jail for OpenBSD webservers and PHP.
> -
> -- To cope with the chroot jail normally used with OpenBSD's PHP/web
> -servers, create a symlink:
> -
> - # mkdir -p /var/www/var
> - # ln -s .. /var/www/var/www
> - # ls -l /var/www/var/www
> - lrwxr-xr-x 1 root daemon 2 Feb 2 01:01 /var/www/var/www -> ..
> -
> -(Icinga-web2 has CLI scripts which are run outside the chroot jail,
> -and PHP webpages which are run inside the jail; this allows paths like
> -"/var/www/icinga-web2" to work in both cases).
> +but a few things will need to be setup FIRST.
>
> - If using PostgreSQL, install php-pgsql and php-pdo_pgsql.
>
>
Grudging OK. :)
Can you ask upstream about possibly including it please? I am not
too happy about carrying this as a local patch long term.
