Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

2016-12-16 Thread Sebastiaan Couwenberg 
On 12/16/2016 04:24 PM, Chris Boot wrote:
> On 16/12/16 12:32, Sebastiaan Couwenberg wrote:
>> On 12/16/2016 01:02 PM, Chris Boot wrote:
>>> This is a rewrite from the ground up of NRPE. This set of programs
>>> allows you to run Nagios check scripts on a remote host.
>>>
>>> Its main selling points are:
>>> - nearly drop-in NRPE replacement
>>> - real, proper TLS/SSL with keys/certificates
>>> - safer command-line argument passing
>>> - support for named command-line arguments
>>>
>>> I plain to maintain both the Debian package and continue upstream
>>> development with a colleague for my employer, Tiger Computing, on
>>> company time.
>>
>> Will you maintain this package under the pkg-nagios umbrella?
> 
> It had not occurred to me to do so, but I don't see any reason not to
> particularly. I've added pkg-nagios-devel to the Cc list; does anyone on
> that list have any strong feelings either way? If not, I propose that we
> might as well do so.

Maintaining nrpe-ng outside of the pkg-nagios team doesn't make sense to
me, pretty much all the Nagios related packages are maintained under its
umbrella. I strongly encourage you to maintain nrpe-ng within the team,
please join via: https://alioth.debian.org/projects/pkg-nagios/

>> And how does the TLS/SSL support compare to the reworked TLS/SSL support
>> in NRPE 3.x?
> 
> I was unaware of NRPE 3.x until you mentioned it. I started work on
> nrpe-ng a couple of years ago for my own use before I filed this ITP. It
> appears as though the TLS/SSL support is similar: both the server and
> the client/plugin check each others' certificates and hostnames for
> validity, and only modern crypto is allowed.
> 
> I guess the main difference between the two programs now is that mine
> permits argument passing still, while this is disabled in nagios-nrpe.
> Mine is also written using Python rather than C, and the protocol is
> effectively just an HTTP request wrapped in SSL so it's potentially
> proxiable, for example.

Having more alternatives to the packages for which Nagios Enterprises is
upstream is probably a good thing, although the popularity of Icinga has
forced them to open up their development to the community, which
resulted in the recent new NRPE and NSCA releases.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1



signature.asc
Description: OpenPGP digital signature

Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

2016-12-16 Thread Sebastiaan Couwenberg 
On 12/16/2016 04:24 PM, Chris Boot wrote:
> On 16/12/16 12:32, Sebastiaan Couwenberg wrote:
>> On 12/16/2016 01:02 PM, Chris Boot wrote:
>>> This is a rewrite from the ground up of NRPE. This set of programs
>>> allows you to run Nagios check scripts on a remote host.
>>>
>>> Its main selling points are:
>>> - nearly drop-in NRPE replacement
>>> - real, proper TLS/SSL with keys/certificates
>>> - safer command-line argument passing
>>> - support for named command-line arguments
>>>
>>> I plain to maintain both the Debian package and continue upstream
>>> development with a colleague for my employer, Tiger Computing, on
>>> company time.
>>
>> Will you maintain this package under the pkg-nagios umbrella?
> 
> It had not occurred to me to do so, but I don't see any reason not to
> particularly. I've added pkg-nagios-devel to the Cc list; does anyone on
> that list have any strong feelings either way? If not, I propose that we
> might as well do so.

Maintaining nrpe-ng outside of the pkg-nagios team doesn't make sense to
me, pretty much all the Nagios related packages are maintained under its
umbrella. I strongly encourage you to maintain nrpe-ng within the team,
please join via: https://alioth.debian.org/projects/pkg-nagios/

>> And how does the TLS/SSL support compare to the reworked TLS/SSL support
>> in NRPE 3.x?
> 
> I was unaware of NRPE 3.x until you mentioned it. I started work on
> nrpe-ng a couple of years ago for my own use before I filed this ITP. It
> appears as though the TLS/SSL support is similar: both the server and
> the client/plugin check each others' certificates and hostnames for
> validity, and only modern crypto is allowed.
> 
> I guess the main difference between the two programs now is that mine
> permits argument passing still, while this is disabled in nagios-nrpe.
> Mine is also written using Python rather than C, and the protocol is
> effectively just an HTTP request wrapped in SSL so it's potentially
> proxiable, for example.

Having more alternatives to the packages for which Nagios Enterprises is
upstream is probably a good thing, although the popularity of Icinga has
forced them to open up their development to the community, which
resulted in the recent new NRPE and NSCA releases.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1



signature.asc
Description: OpenPGP digital signature

Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

2016-12-16 Thread Chris Boot 
On 16/12/16 12:32, Sebastiaan Couwenberg wrote:
> On 12/16/2016 01:02 PM, Chris Boot wrote:
>> This is a rewrite from the ground up of NRPE. This set of programs
>> allows you to run Nagios check scripts on a remote host.
>>
>> Its main selling points are:
>> - nearly drop-in NRPE replacement
>> - real, proper TLS/SSL with keys/certificates
>> - safer command-line argument passing
>> - support for named command-line arguments
>>
>> I plain to maintain both the Debian package and continue upstream
>> development with a colleague for my employer, Tiger Computing, on
>> company time.
> 
> Will you maintain this package under the pkg-nagios umbrella?

Hi Sebastian,

It had not occurred to me to do so, but I don't see any reason not to
particularly. I've added pkg-nagios-devel to the Cc list; does anyone on
that list have any strong feelings either way? If not, I propose that we
might as well do so.

> And how does the TLS/SSL support compare to the reworked TLS/SSL support
> in NRPE 3.x?

I was unaware of NRPE 3.x until you mentioned it. I started work on
nrpe-ng a couple of years ago for my own use before I filed this ITP. It
appears as though the TLS/SSL support is similar: both the server and
the client/plugin check each others' certificates and hostnames for
validity, and only modern crypto is allowed.

I guess the main difference between the two programs now is that mine
permits argument passing still, while this is disabled in nagios-nrpe.
Mine is also written using Python rather than C, and the protocol is
effectively just an HTTP request wrapped in SSL so it's potentially
proxiable, for example.

Regards,
Chris

-- 
Chris Boot
bo...@debian.org
GPG: 8467 53CB 1921 3142 C56D  C918 F5C8 3C05 D9CE 



signature.asc
Description: OpenPGP digital signature

Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

2016-12-16 Thread Sebastiaan Couwenberg 
On 12/16/2016 01:02 PM, Chris Boot wrote:
> This is a rewrite from the ground up of NRPE. This set of programs
> allows you to run Nagios check scripts on a remote host.
> 
> Its main selling points are:
> - nearly drop-in NRPE replacement
> - real, proper TLS/SSL with keys/certificates
> - safer command-line argument passing
> - support for named command-line arguments
> 
> I plain to maintain both the Debian package and continue upstream
> development with a colleague for my employer, Tiger Computing, on
> company time.

Will you maintain this package under the pkg-nagios umbrella?

And how does the TLS/SSL support compare to the reworked TLS/SSL support
in NRPE 3.x?

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

2016-12-16 Thread Sebastiaan Couwenberg 
On 12/16/2016 01:02 PM, Chris Boot wrote:
> This is a rewrite from the ground up of NRPE. This set of programs
> allows you to run Nagios check scripts on a remote host.
> 
> Its main selling points are:
> - nearly drop-in NRPE replacement
> - real, proper TLS/SSL with keys/certificates
> - safer command-line argument passing
> - support for named command-line arguments
> 
> I plain to maintain both the Debian package and continue upstream
> development with a colleague for my employer, Tiger Computing, on
> company time.

Will you maintain this package under the pkg-nagios umbrella?

And how does the TLS/SSL support compare to the reworked TLS/SSL support
in NRPE 3.x?

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

2016-12-16 Thread Chris Boot 
Package: wnpp
Severity: wishlist
Owner: Chris Boot 

* Package name: nrpe-ng
  Version : 0.1.2
  Upstream Author : Chris Boot 
* URL : https://github.com/bootc/nrpe-ng
* License : GPL
  Programming Lang: Python
  Description : The next generation Nagios Remote Plugin Executor

This is a rewrite from the ground up of NRPE. This set of programs
allows you to run Nagios check scripts on a remote host.

Its main selling points are:
- nearly drop-in NRPE replacement
- real, proper TLS/SSL with keys/certificates
- safer command-line argument passing
- support for named command-line arguments

I plain to maintain both the Debian package and continue upstream
development with a colleague for my employer, Tiger Computing, on
company time.