[gentoo-commits] repo/gentoo:master commit in: net-analyzer/nagios-core/, net-analyzer/nagios-core/files/
commit: 1d689dbb5a8783f717d85f10344bf24991e557e1
Author: Michael Orlitzky gentoo org>
AuthorDate: Sun Nov 3 00:26:57 2019 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Tue Nov 5 17:43:19 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1d689dbb
net-analyzer/nagios-core: synchronize econf and web server paths.
The nagios ./configure script takes two custom "cgibindir" and
"webdir" paths that tell it where to put its CGI files and public
document root. The web server configuration files that we ship also
need to know these paths, which normally wouldn't be a problem, except
that they involve a call to $(get_libdir).
There doesn't seem to be an elegant place to upstream these conf files
(which are Gentoo-specific), so we adopt the next-best solution: use
@CGIBINDIR@ and @WEBDIR@ as placeholders, and then replace them with
sed in src_configure().
For consistency with the PMS definition of econf, these paths (and all
others) now have EPREFIX prepended.
Closes: https://bugs.gentoo.org/699002
Package-Manager: Portage-2.3.76, Repoman-2.3.16
Signed-off-by: Michael Orlitzky gentoo.org>
net-analyzer/nagios-core/files/99_nagios4-r1.conf | 16 ++
.../nagios-core/files/lighttpd_nagios4-r1.conf | 15 ++
.../nagios-core/nagios-core-4.4.5-r4.ebuild| 245 +
3 files changed, 276 insertions(+)
diff --git a/net-analyzer/nagios-core/files/99_nagios4-r1.conf
b/net-analyzer/nagios-core/files/99_nagios4-r1.conf
new file mode 100644
index 000..54531ed6275
--- /dev/null
+++ b/net-analyzer/nagios-core/files/99_nagios4-r1.conf
@@ -0,0 +1,16 @@
+
+
+ ScriptAlias /nagios/cgi-bin/ @CGIBINDIR@
+
+AllowOverride AuthConfig
+Options ExecCGI
+Require all granted
+
+
+ Alias /nagios @WEBDIR@
+
+AllowOverride AuthConfig
+Require all granted
+
+
+
diff --git a/net-analyzer/nagios-core/files/lighttpd_nagios4-r1.conf
b/net-analyzer/nagios-core/files/lighttpd_nagios4-r1.conf
new file mode 100644
index 000..2653922ddc9
--- /dev/null
+++ b/net-analyzer/nagios-core/files/lighttpd_nagios4-r1.conf
@@ -0,0 +1,15 @@
+server.modules += ("mod_cgi")
+server.modules += ("mod_alias")
+
+$HTTP["url"] =~ "^/nagios/cgi-bin/" {
+ dir-listing.activate = "disable"
+ cgi.assign = (
+".pl" => "/usr/bin/perl",
+".cgi" => ""
+ )
+}
+
+alias.url += (
+ "/nagios/cgi-bin" => "@CGIBINDIR@",
+ "/nagios" => "@WEBDIR@"
+)
diff --git a/net-analyzer/nagios-core/nagios-core-4.4.5-r4.ebuild
b/net-analyzer/nagios-core/nagios-core-4.4.5-r4.ebuild
new file mode 100644
index 000..4a5ffee95d4
--- /dev/null
+++ b/net-analyzer/nagios-core/nagios-core-4.4.5-r4.ebuild
@@ -0,0 +1,245 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit toolchain-funcs user
+
+MY_P=${PN/-core}-${PV}
+DESCRIPTION="Nagios core - monitoring daemon, web GUI, and documentation"
+HOMEPAGE="https://www.nagios.org/";
+
+# The name of the directory into which our Gentoo icons will be
+# extracted, and also the basename of the archive containing it.
+GENTOO_ICONS="${PN}-gentoo-icons-20141125"
+SRC_URI="mirror://sourceforge/nagios/${MY_P}.tar.gz
+ web? ( https://dev.gentoo.org/~mjo/distfiles/${GENTOO_ICONS}.tar )"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="apache2 classicui lighttpd perl +web vim-syntax"
+
+# In pkg_postinst(), we change the group of the Nagios configuration
+# directory to that of the web server user. It can't belong to both
+# apache/lighttpd groups at the same time, so we block this combination
+# for our own sanity.
+#
+# This could be made to work, but we would need a better way to allow
+# the web user read-only access to Nagios's configuration directory.
+#
+REQUIRED_USE="apache2? ( !lighttpd )"
+
+#
+# Note, we require one of the apache2 CGI modules:
+#
+# * mod_cgi
+# * mod_cgid
+# * mod_fcgid
+#
+# We just don't care /which/ one. And of course PHP supports both CGI
+# (USE=cgi) and FastCGI (USE=fpm). We're pretty lenient with the
+# dependencies, and expect the user not to do anything /too/
+# stupid. (For example, installing Apache with only FastCGI support, and
+# PHP with only CGI support.)
+#
+# Another annoyance is that the upstream Makefile uses app-arch/unzip to
+# extract a snapshot of AngularJS, but that's only needed when USE=web.
+#
+MOD_ALIAS=apache2_modules_alias
+DEPEND="dev-libs/libltdl:0
+ virtual/mailx
+ perl? ( dev-lang/perl:= )
+ web? (
+ app-arch/unzip
+ media-libs/gd[jpeg,png]
+ lighttpd? ( www-servers/lighttpd[php] )
+ apache2? (
+ || (
+
>=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_cgi]
+
>=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_cgid]
+
>=www-ser
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/nagios-core/, net-analyzer/nagios-core/files/
commit: 56e365a929aedd2af9efe846365dfbf721b4c6c5
Author: Tomas Mozes gmail com>
AuthorDate: Mon Sep 3 05:33:55 2018 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Mon Sep 3 14:19:03 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56e365a9
net-analyzer/nagios-core: bump to 4.4.2
Package-Manager: Portage-2.3.48, Repoman-2.3.10
Signed-off-by: Michael Orlitzky gentoo.org>
net-analyzer/nagios-core/Manifest | 1 +
.../nagios-core/files/nagios-4.4.3-pre.patch | 42
net-analyzer/nagios-core/nagios-core-4.4.2.ebuild | 218 +
3 files changed, 261 insertions(+)
diff --git a/net-analyzer/nagios-core/Manifest
b/net-analyzer/nagios-core/Manifest
index 11a8055082a..bb184319683 100644
--- a/net-analyzer/nagios-core/Manifest
+++ b/net-analyzer/nagios-core/Manifest
@@ -2,4 +2,5 @@ DIST nagios-4.3.3.tar.gz 11101531 BLAKE2B
537d49ecf28b457fbc1e24eaaa9c5d9e8c4db5
DIST nagios-4.3.4.tar.gz 11101966 BLAKE2B
6cb8182f40a4f83875c94df040bb1c62ce078d4130e10fa8595ea0b14cf715fc2a237ffb34199da9c1528e4789f3ce8deae3d993b5b795ad712d48b1e5fdb820
SHA512
f4e92aa98151739442a225a245871d93b5560d89510bdacb1a615959b9687f7a92675f10fcba71078b104ca8f237b0155a9261d67ec66f80aec7f033b4b3e316
DIST nagios-4.4.0.tar.gz 11295727 BLAKE2B
f89e7934b13814ec8c0ae7a19f14eed8842c7b0044fb2812f1399f27a82e5a639b63cc53f04b58ae99aa87bf595b2e25642ad3eb134a041e39f744919bd46d2f
SHA512
8c136463133cf26c756ccd39b158ed417297e30f8a0b12d063a4dba6a43f126b27bb5f7ea962c8cde9fb9c1fd8d3439d7cfeaab833045315a9800c993fa0676f
DIST nagios-4.4.1.tar.gz 11296403 BLAKE2B
fdbaec5f913d18d5591f44cd1e0622b9741d7415b591f24f1521f2897b8a1bdbff00e9378ef6b3a6a99ab8d639960abd3d734fd66b665ea88ea1de169b552ace
SHA512
d84f22a8fd21a573b4162f232c3a6bb2ba0b7d3a470e5fd80183a1862d2ae666956cfc2dd4c7fe6319ee7ccedb9f8a6920ba39a6b499ed9ff5b8be60a9779fa9
+DIST nagios-4.4.2.tar.gz 11301454 BLAKE2B
1b5ffa775bbf147e96d07edd36a387db271802d58cc1a1d1eb867645955aec0044e757785578a60c12549bd4e66e4c95ef06dd0f3f8be3599187d0ef0bcc8a4b
SHA512
a6ddb2d8ca1c523d02659a2af0b9c67a3802893c946279bb15be53645dc64c997cd5562b77eab9dae03e756ec6622a9a641f7bd68269aba4ddd56ee21f50959e
DIST nagios-core-gentoo-icons-20141125.tar 40960 BLAKE2B
31c1953e1160c7c7b89606b72b1a80407e4c1b7a7938b40bd1c577cd0c309dd88ca6b775d692a9b846dbf67736537fa9c91e56aa15fdd447769608ca525bff09
SHA512
bf109879cddd6136b76baba55d0b60b2596e37431dcf5ce0905d34a9fa292ebf7e4bde82d9a084362c486e8fac344c76d88f9298b1b85541ed70ffd608493766
diff --git a/net-analyzer/nagios-core/files/nagios-4.4.3-pre.patch
b/net-analyzer/nagios-core/files/nagios-4.4.3-pre.patch
new file mode 100644
index 000..3c5eb030547
--- /dev/null
+++ b/net-analyzer/nagios-core/files/nagios-4.4.3-pre.patch
@@ -0,0 +1,42 @@
+diff --git a/Changelog b/Changelog
+index c695bd54..4c348894 100644
+--- a/Changelog
b/Changelog
+@@ -2,6 +2,11 @@
+ Nagios Core 4 Change Log
+
+
++4.4.3 - 2018-XX-XX
++--
++FIXES
++* Fixed services sending recovery emails when they recover if host in down
state (#572) (Scott Wilkerson)
++
+ 4.4.2 - 2018-08-16
+ --
+ FIXES
+diff --git a/base/notifications.c b/base/notifications.c
+index d4574c41..58ad140f 100644
+--- a/base/notifications.c
b/base/notifications.c
+@@ -591,10 +591,6 @@ int check_service_notification_viability(service *svc,
int type, int options) {
+ return ERROR;
+ }
+
+- /* RECOVERY NOTIFICATIONS ARE GOOD TO GO AT THIS POINT */
+- if(svc->current_state == STATE_OK)
+- return OK;
+-
+ /* don't notify contacts about this service problem again if the
notification interval is set to 0 */
+ if(svc->no_more_notifications == TRUE) {
+ log_debug_info(DEBUGL_NOTIFICATIONS, 1, "We shouldn't re-notify
contacts about this service problem.\n");
+@@ -1501,10 +1497,6 @@ int check_host_notification_viability(host *hst, int
type, int options) {
+ return ERROR;
+ }
+
+- /* RECOVERY NOTIFICATIONS ARE GOOD TO GO AT THIS POINT */
+- if(hst->current_state == HOST_UP)
+- return OK;
+-
+ /* check if we shouldn't renotify contacts about the host problem */
+ if(hst->no_more_notifications == TRUE) {
+ log_debug_info(DEBUGL_NOTIFICATIONS, 1, "We shouldn't re-notify
contacts about this host problem.\n");
diff --git a/net-analyzer/nagios-core/nagios-core-4.4.2.ebuild
b/net-analyzer/nagios-core/nagios-core-4.4.2.ebuild
new file mode 100644
index 000..cb47956dba4
--- /dev/null
+++ b/net-analyzer/nagios-core/nagios-core-4.4.2.ebuild
@@ -0,0 +1,218 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit toolchain-funcs user
+
+MY_P=${PN/-core}-${PV}
+DESCRIPTION="Nagios core - monitoring daemon, web GUI, and documentation"
+HOMEPAGE="https://w
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/nagios-core/, net-analyzer/nagios-core/files/
commit: 85bf8d68cd0ec5fe93d7064c760dad5faebb5670
Author: Thomas Deutschmann gentoo org>
AuthorDate: Thu Mar 2 19:31:12 2017 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Thu Mar 2 19:35:35 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=85bf8d68
net-analyzer/nagios-core: Rev bump to fix upstream issue #337
Ebuild changes:
===
- Cherry picked commit e03e4fd470 to stop nagios-core from flooding
syslog every 15 seconds due to debug leftovers [Upstream Issue #337].
Upstream Issue #337: https://github.com/NagiosEnterprises/nagioscore/issues/337
Acked-by: Michael Orlitzky gentoo.org>
Package-Manager: Portage-2.3.3, Repoman-2.3.1
.../nagios-core-4.3.1-fix-upstream-issue-337.patch | 21 +
...ore-4.3.1.ebuild => nagios-core-4.3.1-r1.ebuild} | 2 ++
2 files changed, 23 insertions(+)
diff --git
a/net-analyzer/nagios-core/files/nagios-core-4.3.1-fix-upstream-issue-337.patch
b/net-analyzer/nagios-core/files/nagios-core-4.3.1-fix-upstream-issue-337.patch
new file mode 100644
index 000..d5344a6442c
--- /dev/null
+++
b/net-analyzer/nagios-core/files/nagios-core-4.3.1-fix-upstream-issue-337.patch
@@ -0,0 +1,21 @@
+From e03e4fd470fbc8d4304d860d7b3b523c5d78373d Mon Sep 17 00:00:00 2001
+From: "John C. Frickson"
+Date: Thu, 2 Mar 2017 10:24:24 -0600
+Subject: [PATCH] every 15sec /var/log/messages is flooded with "nagios:
+ set_environment_var"
+
+Fix for https://github.com/NagiosEnterprises/nagioscore/issues/337
+diff --git a/base/utils.c b/base/utils.c
+index 733fdef..19e20c7 100644
+--- a/base/utils.c
b/base/utils.c
+@@ -872,9 +872,6 @@ int set_environment_var(char *name, char *value, int set) {
+
+ /* set the environment variable */
+ if(set == TRUE) {
+- log_debug_info(DEBUGL_EVENTS, 0, "set_environment_var
'%s'='%s'\n", name, value);
+- syslog(LOG_DAEMON|LOG_INFO, "set_environment_var '%s'='%s'\n",
name, value);
+-
+ #ifdef HAVE_SETENV
+ setenv(name, (value == NULL) ? "" : value, 1);
+ #else
diff --git a/net-analyzer/nagios-core/nagios-core-4.3.1.ebuild
b/net-analyzer/nagios-core/nagios-core-4.3.1-r1.ebuild
similarity index 99%
rename from net-analyzer/nagios-core/nagios-core-4.3.1.ebuild
rename to net-analyzer/nagios-core/nagios-core-4.3.1-r1.ebuild
index fa4f4225999..c86bbcf9dfc 100644
--- a/net-analyzer/nagios-core/nagios-core-4.3.1.ebuild
+++ b/net-analyzer/nagios-core/nagios-core-4.3.1-r1.ebuild
@@ -71,6 +71,8 @@ RDEPEND="${DEPEND}
S="${WORKDIR}/${MY_P}"
+PATCHES=( "${FILESDIR}"/${PN}-4.3.1-fix-upstream-issue-337.patch )
+
pkg_setup() {
enewgroup nagios
enewuser nagios -1 /bin/bash /var/nagios/home nagios
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/nagios-core/, net-analyzer/nagios-core/files/
commit: 6371a02d00ea5b9bd43d92ab63ee8f81fa9b68e3
Author: Michael Orlitzky gentoo org>
AuthorDate: Sun Dec 4 15:46:25 2016 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Sun Dec 4 16:10:13 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6371a02d
net-analyzer/nagios-core: new revision and init script to fix CVE-2016-8641.
The new version 4.2.3 was added to fix CVE-2016-8641 in commit
c9f880e. However, the root privilege exploit results from the use of
"chown" in the init script. We don't use upstream's init script, so a
proper fix requires an update to our init script as well.
The following changes were made to the init script:
* We no longer attempt to delete the external command file before
starting or stopping the daemon. It's not clear why this was done,
and that file should not exist unless the user intentionally
creates it.
* We do not create or change ownership of /var/nagios/nagios.log or
/var/nagios/status.sav when starting the daemon. The log file path
is defined in the config file, so the hard-coded path in the init
script might not have referred to the true location of the log file.
And when the nagios daemon creates these files on its own, they
should already have the correct permissions and ownership. By
removing the "chown", we have actually fixed the root privilege
exploit in CVE-2016-8641.
* The two files /var/nagios/status.log and /var/nagios/nagios.tmp are
not deleted after the daemon has shut down. I can come up with no
compelling argument to do so.
Gentoo-Bug: 600864
Package-Manager: portage-2.3.0
net-analyzer/nagios-core/files/nagios4-r1 | 46 ++
...re-4.2.3.ebuild => nagios-core-4.2.3-r1.ebuild} | 2 +-
2 files changed, 47 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/nagios-core/files/nagios4-r1
b/net-analyzer/nagios-core/files/nagios4-r1
new file mode 100644
index ..dd2495c
--- /dev/null
+++ b/net-analyzer/nagios-core/files/nagios4-r1
@@ -0,0 +1,46 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_commands="checkconfig"
+extra_started_commands="reload"
+
+nagios_config="/etc/nagios/nagios.cfg"
+
+command="/usr/sbin/nagios"
+command_args="-d ${nagios_config}"
+pidfile="/var/nagios/nagios.lock"
+start_stop_daemon_args="-e HOME=/var/nagios/home"
+
+depend(){
+ need net
+ use dns logger firewall
+ after mysql postgresql
+}
+
+reload(){
+ checkconfig || return 1
+ ebegin "Reloading configuration"
+ start-stop-daemon --signal HUP --pidfile ${pidfile}
+ eend $?
+}
+
+checkconfig(){
+ ebegin "Verifying config files"
+
+ # Silent Check
+ ${command} -v ${nagios_config} > /dev/null 2>&1 && return 0
+
+ # Now we know there's a problem. Run the check again and
+ # this time, display the errors.
+ ${command} -v ${nagios_config}
+ eend $? "Configuration Error. Please fix your config file."
+}
+
+start_pre() {
+ # Without this, the "start" action will appear to succeed even
+ # when the config file contains errors and the daemon failed to
+ # start.
+ checkconfig || return 1
+}
diff --git a/net-analyzer/nagios-core/nagios-core-4.2.3.ebuild
b/net-analyzer/nagios-core/nagios-core-4.2.3-r1.ebuild
similarity index 99%
rename from net-analyzer/nagios-core/nagios-core-4.2.3.ebuild
rename to net-analyzer/nagios-core/nagios-core-4.2.3-r1.ebuild
index f3d1d3e..2852d62 100644
--- a/net-analyzer/nagios-core/nagios-core-4.2.3.ebuild
+++ b/net-analyzer/nagios-core/nagios-core-4.2.3-r1.ebuild
@@ -142,7 +142,7 @@ src_install() {
insopts --mode=0644 # Back to the default...
fi
- newinitd "${FILESDIR}"/nagios4 nagios
+ newinitd "${FILESDIR}"/nagios4-r1 nagios
newconfd "${FILESDIR}"/conf.d nagios
if use web ; then
