Re: [update] netshot 0.14.0

[Remi Locherer]

ping

On Sun, Sep 01, 2019 at 06:20:41PM +0200, Remi Locherer wrote:
> Hi,
> 
> this is a long overdue update for netshot from version 0.11.0 to 0.14.0.
> 
> It now contains improved and additional drivers, general improvements and
> updated libraries (vulnerabilities!).
> Release history: https://github.com/netfishers-onl/Netshot/tree/master/dist
> 
> The install instructions for Debian and CentoOS have been moved to the
> wiki and are not part of the port anymore. Instead I added a pkg-readme
> with detailed instructions.
> 
> I changed the port to depend exclusively on Java 1.8. Netshot depends on
> nashorn which was deprecated after Java 1.8. It might work with later Java
> versions but I did not test it yet.
> 
> OK?
> 
> Remi
> 
> 
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/sysutils/netshot/Makefile,v
> retrieving revision 1.6
> diff -u -p -r1.6 Makefile
> --- Makefile  12 Jul 2019 21:15:36 -0000      1.6
> +++ Makefile  27 Aug 2019 21:10:34 -0000
> @@ -2,8 +2,7 @@
>  
>  COMMENT =            config backup and policy check for network devices
>  
> -V =                  0.11.0
> -REVISION =           1
> +V =                  0.14.0
>  DISTNAME =           netshot_${V}
>  PKGNAME =            ${DISTNAME:S/_/-/}
>  WRKDIST =            ${WRKDIR}
> @@ -22,7 +21,7 @@ MASTER_SITES =              https://github.com/netfi
>  EXTRACT_SUFX =               .zip
>  
>  MODULES =            java
> -MODJAVA_VER =                1.8+
> +MODJAVA_VER =                1.8
>  
>  RUN_DEPENDS =                java/javaPathHelper
>  
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/sysutils/netshot/distinfo,v
> retrieving revision 1.2
> diff -u -p -r1.2 distinfo
> --- distinfo  8 Feb 2019 21:33:40 -0000       1.2
> +++ distinfo  13 Aug 2019 08:13:55 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (netshot_0.11.0.zip) = 00N9CByc4inEaWctvmG6IRBZKf95vJrhTJ0Gu5NDfhY=
> -SIZE (netshot_0.11.0.zip) = 45555732
> +SHA256 (netshot_0.14.0.zip) = 7HX9oTy/mWagcSvTPsgekNX7WTelHS7eu1lNUbNdOO8=
> +SIZE (netshot_0.14.0.zip) = 45721309
> Index: patches/patch-netshot_conf
> ===================================================================
> RCS file: /cvs/ports/sysutils/netshot/patches/patch-netshot_conf,v
> retrieving revision 1.2
> diff -u -p -r1.2 patch-netshot_conf
> --- patches/patch-netshot_conf        8 Feb 2019 21:33:40 -0000       1.2
> +++ patches/patch-netshot_conf        25 Aug 2019 21:27:25 -0000
> @@ -20,16 +20,23 @@ Index: netshot.conf
>   
>   # REST
>  -netshot.http.ssl.keystore.file = /usr/local/netshot/netshot.jks
> -+netshot.http.ssl.keystore.file = ${PREFIX}/netshot/netshot.jks
> ++netshot.http.ssl.keystore.file = ${SYSCONFDIR}/netshot.jks
>   netshot.http.ssl.keystore.pass = password
>   #netshot.http.baseurl = https://localhost
>   netshot.http.baseurl = https://0.0.0.0
> -@@ -35,7 +35,7 @@ netshot.snmptrap.community = Netsh01
> - # General settings
> - netshot.snapshots.auto.interval = 15
> +@@ -38,12 +38,12 @@ netshot.snapshots.auto.interval = 15
> + # Allow a trap received from any IP of a device to trigger an automatic 
> snapshot
>   netshot.snapshots.auto.anyip = true
> + # After a snapshot, dump the last configuration to a file in this directory
> +-#netshot.snapshots.dump = /usr/local/netshot/dumps
> ++#netshot.snapshots.dump = ${VARBASE}/netshot/dumps
> + # Where to store the binary snapshot files
> +-netshot.snapshots.binary.path = /var/local/netshot
> ++netshot.snapshots.binary.path = ${VARBASE}/netshot
> + 
> + # Where to look for additional drivers
>  -netshot.drivers.path = /usr/local/netshot/drivers
>  +netshot.drivers.path = ${PREFIX}/netshot/drivers
>   
> + 
>   # Authentication
> - netshot.aaa.maxidletime = 1800
> Index: pkg/PLIST
> ===================================================================
> RCS file: /cvs/ports/sysutils/netshot/pkg/PLIST,v
> retrieving revision 1.1.1.1
> diff -u -p -r1.1.1.1 PLIST
> --- pkg/PLIST 28 Aug 2018 11:25:53 -0000      1.1.1.1
> +++ pkg/PLIST 27 Aug 2019 21:08:42 -0000
> @@ -7,12 +7,11 @@ netshot/
>  netshot/netshot.jar
>  share/doc/netshot/
>  share/doc/netshot/COPYING
> -share/doc/netshot/INSTALL.Debian-Ubuntu-Mint.txt
> -share/doc/netshot/INSTALL.Redhat-CentOS.txt
>  share/doc/netshot/LICENSE.txt
>  share/doc/netshot/README.txt
>  share/doc/netshot/UPDATE.txt
>  share/doc/netshot/VERSION.txt
> +share/doc/pkg-readmes/${PKGSTEM}
>  share/examples/netshot/
>  share/examples/netshot/netshot.conf
>  @mode 0640
> @@ -21,3 +20,5 @@ share/examples/netshot/netshot.conf
>  @mode 0750
>  @owner _netshot
>  @sample ${VARBASE}/log/netshot/
> +@sample ${VARBASE}/netshot/
> +@sample ${VARBASE}/netshot/dumps
> Index: pkg/README
> ===================================================================
> RCS file: pkg/README
> diff -N pkg/README
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ pkg/README        1 Sep 2019 16:15:57 -0000
> @@ -0,0 +1,46 @@
> +$OpenBSD$
> +
> ++-----------------------------------------------------------------------
> +| Running ${PKGSTEM} on OpenBSD
> ++-----------------------------------------------------------------------
> +
> +Netshot requires a database which might be on the same server as Netshot
> +or remote. It supports PostgreSQL and MySQL/MariaDB. Below example uses
> +MariaDB on the same host.
> +
> +- Install the package mariadb-server.
> +  See ${LOCALBASE}/share/doc/pkg-readmes/mariadb-server for the first
> +  steps after the installation.
> +
> +- Create a database and a database user (change the password!):
> +  $ mysql -u root
> +  > CREATE DATABASE netshot01 CHARACTER SET utf8
> +    DEFAULT COLLATE utf8_general_ci;
> +  > GRANT ALL PRIVILEGES ON netshot01.*
> +    TO 'netshot'@'localhost' IDENTIFIED BY 'netshot';
> +  > quit
> +
> +- Check the database connection config in /etc/netshot.conf.
> +  Should netshot not start but log "The server time zone value 'CEST' is
> +  unreconized or represents more than one time zone" the connect string
> +  might be modified to look like this:
> +  netshot.db.url = jdbc:mysql://localhost/netshot01?serverTimezone=UTC
> +
> +- Create a TLS certificate in a Java keystore:
> +  # ${LOCALBASE}/jdk-1.8.0/bin/keytool -genkey -keyalg RSA -alias selfsigned 
> \
> +    -keystore ${SYSCONFDIR}/netshot.jks -storepass password -validity 3600 \
> +    -keysize 4096
> +  # chmod 640 ${SYSCONFDIR}/netshot.jks
> +  # chgrp _netshot ${SYSCONFDIR}/netshot.jks
> +
> +- Enable and start Netshot to create the database tables.
> +  # rcctl enable netshot; rcctl start netshot
> +
> +- Add an initial application user to the database:
> +  $ mysql -u root
> +  > USE netshot01;
> +  > INSERT INTO user (level, local, username, hashed_password)
> +    VALUES (1000, 1, 'netshot', '7htrot2BNjUV/g57h/HJ/C1N0Fqrj+QQ');
> +
> +- Access Netshot with a browser on https://localhost:8443.
> +  (username 'netshot' with password 'netshot')