From f1af93971b7490792d8541bc790e0d8c6d787059 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 6 Sep 2019 10:28:05 +0100 Subject: gentoo resync : 06.08.2019 --- net-analyzer/nrpe/Manifest | 11 +- net-analyzer/nrpe/files/nrpe-2.14-multiline.patch | 204 --------------------- .../nrpe/files/nrpe-2.15-autoconf-header.patch | 24 --- .../files/nrpe-2.15-metachar-security-fix.patch | 26 --- net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch | 39 ---- net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch | 50 ----- net-analyzer/nrpe/metadata.xml | 3 - net-analyzer/nrpe/nrpe-2.15-r3.ebuild | 140 -------------- net-analyzer/nrpe/nrpe-3.2.1-r2.ebuild | 89 +++++++++ net-analyzer/nrpe/nrpe-3.2.1.ebuild | 77 -------- 10 files changed, 91 insertions(+), 572 deletions(-) delete mode 100644 net-analyzer/nrpe/files/nrpe-2.14-multiline.patch delete mode 100644 net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch delete mode 100644 net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch delete mode 100644 net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch delete mode 100644 net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch delete mode 100644 net-analyzer/nrpe/nrpe-2.15-r3.ebuild create mode 100644 net-analyzer/nrpe/nrpe-3.2.1-r2.ebuild delete mode 100644 net-analyzer/nrpe/nrpe-3.2.1.ebuild (limited to 'net-analyzer/nrpe') diff --git a/net-analyzer/nrpe/Manifest b/net-analyzer/nrpe/Manifest index 6d2b9c920f46..05f6d66c164c 100644 --- a/net-analyzer/nrpe/Manifest +++ b/net-analyzer/nrpe/Manifest @@ -1,15 +1,8 @@ -AUX nrpe-2.14-multiline.patch 6806 BLAKE2B 601bfaf6a7deddcd59c7ab9666ea9ada85698326d8f1eb0971196167edc79cad8acc818b6faa5e53cdad608692e9d3438200a08f2641bdac9937692cf83b8702 SHA512 09c0cc6a4610d674b0ed0da8cdc96f3653f98b54fc98802c33a1cc0b09755d3d0d6afd7fe6b25e1713e6b27af2ba1fa5063988691bc3b5364fa0bfd137d54546 -AUX nrpe-2.15-autoconf-header.patch 898 BLAKE2B 4cec3a40431057025c8aa711ea0535885c1b115f19f127a5d65145c2efb1215524bab357812d8648c32d953307e16ffbf5b787a306a7cd5941d957a33bda7eb4 SHA512 aa7aa0cb57c1b9826a980f9e093f8c8219e0b02dd1e8ba27e74a0a39e746d723e280a93d18d4e069743d14937e0c7159336bb6f406671450fc6a0bb90f902fb2 -AUX nrpe-2.15-metachar-security-fix.patch 1165 BLAKE2B f7e4c7c7ac83627baeb87b05264cea254cc852a4bcf1e67fb7994c3e15605ebafa6b25819692d179e23c2f8fca729c52f49ec47f979ba63574a26d9cb03ba2ae SHA512 cba997f4433dd38c95a3e2166f091b53ac6f618f25944dc69bb9ae5864a74a1136667c557881a498ce6aa16e91b367c416a5935e20e348f94f140fdc09692b29 -AUX nrpe-2.15-no-ssl.patch 967 BLAKE2B e198d1c140ba6cdcc50739e79ffd955c9f5ca692e529a09cfcc31db991d229df85a7137c0a72747e881aff82aa16d3b08cd5f12e0dbda2ad2c2a2793ceef05bd SHA512 17163aa22fd9e03ca00679756413c9ac2051b2d66c894b3ec6dc6bad468d2835c95481eab915b40ccc37e7063e1a2b382af7ed47a5c2ea6d1aa94286a95c44ce -AUX nrpe-2.15-tcpd-et-al.patch 2651 BLAKE2B 2ada9c800d41a9854102f5a469c9ec829212845e07c3d17aaed095f90e807acfe945b3eaac6cf5d51fedd25d3baa88cefb75e72476a84c105a706560b0512abf SHA512 d4c2b38f05b9ac19702ff81d0f07cabed9f98a309e0e4d287bd9784b0aa6ee50ff8b6aee0f4d5541cb10120d463b470d23a6d4a4a2627166d6cf1b07fb5d61de AUX nrpe-3.2.1-eliminate-systemd-pid.patch 1264 BLAKE2B e0fb75dcc231881fd02fba73de02b983098d7762852d5dea497e717e0c978d773c871d35ba8671a4d292896aa276703ea9d2450e053add1ff3f2d6d9f1c53bf1 SHA512 9e8d58dee6c60b48e209a69eaab10abcc5eccfc28edf073240afba3d3e70a36ead4a568fe6589dd8578d11f0149c968c5977742e9905fa0a407b120c6d168570 AUX nrpe.init 1152 BLAKE2B eea4c8554ef02b7eb9e602a4b0750565520dd830435586043f61534a58563eaed379f1296df5eaf68aab88440f4199354118ffbcc5b4340eda633bb3eb49092c SHA512 19f470407d63b2949535acd6e5849afbea44f82a5773f9110f8b025c380c0626a0a733ead417b1ce293741168acea5a885c2e9f94fb1c0b3e38a06e0eae4ddca AUX nrpe.service 242 BLAKE2B 715f0e8b91d6c40405d6d1f3689bbbf750e61e78e1d727debbe998ae81922b36f1d5f7c011f6881979e485a81c08d3f1f405b962023fecea643c8f7a9e04c3df SHA512 ffd67467cc4f5ccdf73e0860d1355a8cc3e528d0c67f2054b0ad76c02a43f9c5a8964a3f6df6f91eaa8e15c3c9596259aa964ad69aa2da60678d68fa892b2346 AUX nrpe.xinetd.2 245 BLAKE2B 3e9db31c7d5b28dab18d2f5855d0465f25fc9cf4a70deac9a5d0c87c7cc546a33b432dbca172a49addadc0bd6583d870ec0fe350bf60e015e325d8bb923aca47 SHA512 d687cb2a5babfd28a97d3a5f1ac665758341ecc37fdd0193dbf0df4cba68c88aa24776a33a706989843fa5356b2e3e995662a823ceb2b86ba8f846f8c47e18fb -DIST nrpe-2.15.tar.gz 419695 BLAKE2B 999ecc633cbd2dc516ff0654db3ac0cc58a88d93ae4ace1040888fe73d8fb471306d95312ac364c79b3a47300ac57c0c429a24697c37bfa639f1da55cb6bc756 SHA512 03ce9774b5112d03235dc9da075770d89d1bcc5ffa5faf221ff7ea8ec5c92ded1e1ae9222581a87cf53736d190ac047e1acce7edc2f31f26c432d786cdef0e73 DIST nrpe-3.2.1.tar.gz 518015 BLAKE2B c9be2bf24e3d9977a7ff5c2f0e08bfe841729289af836bb7ac6ccb2c173a519958b12cc3e90ece612ac6c2527ad472ef1464be648a66b11ff8ad483d5ad78cc1 SHA512 ec6ff42a00bd97ed80010a82e26dc35fd419f2feda65820cda0108068173c1ae44eee698833a50fd2079429a6f5eb1321c4f06b09c6708bc5fbe48f176389856 -EBUILD nrpe-2.15-r3.ebuild 4013 BLAKE2B 6609597c36f1df0228f627a66f1a2edaf2c30c93d3f143c69ab92c2c914f1e83bbb3bfd2bdd286fdc42411b3d86ca9716609f278838849ed940aa35dc7cad9c0 SHA512 d2442384f0bea253479f06186b78f013514f6fbaddc1aea531eec6b7f0436061aab3852d4035bd61fcaa6beefa2f2724200d8845d62851ced816895aa9258179 EBUILD nrpe-3.2.1-r1.ebuild 2486 BLAKE2B a71330ceb27dba3654f6e4923ef4e395e6f831bd2fafe23220e39cdf31aa9d3a898bec0b4ceca4a4a7fee73c76efb69207b4ddb7b264a6af4c0aae84fa2cbc19 SHA512 71e4bf9e5a6ad3f1ff1315d09b84d56b2b5772d7f0627f09c60fa6f63c81ebf1bc89e2980085efb0a9d9a54b8d98846010b5f26c66bfb863f2421cef2c6b0e79 -EBUILD nrpe-3.2.1.ebuild 1938 BLAKE2B bd00244a5585503b24b108f167345560d0b7855a8cdd1497fc4e853b86b42e4f9fb67aa1fc767ca67f5e3b1e13424828f295b0a74316c95a17ebb26dbea7aa0f SHA512 f0fa9659e5c06ad4239ede15ac5303675812db6cd06febade51c68aaa05e289ad1f206e53f78c327e918955be4e69e07b621671110044b3f1fc1d161ee36ee64 -MISC metadata.xml 882 BLAKE2B 76bf034c9869b503725f301f0f478c0449787057f1ba4bc22842ddee2d4460b68be1654cdc18e04504469880b71113e7a4b5a0a37fc9138eeb1b39fc2c8833f1 SHA512 2bbdd6bb5d0802985b242b8c058c749eca1adfb102820e2c587699622299936df90ee1ff43445df8686e1dd1648d0131bee40639ddfad3e26e9877c0c61dc40e +EBUILD nrpe-3.2.1-r2.ebuild 2476 BLAKE2B db4b5cccb4d03a0a5521b436e1c8d2a668b6a78aa4fe5edab7660711b86c8472ea934bfdc32dd1c81c4d0437aebcc70782d155537472a6d471bac243b94c3cc8 SHA512 d6c95485ba47471893ee641d5594bc688c9991890ee6c12bf03c579b189c2babc7ef17d473ad05610622ef40e0c2c4f34963cd87bba99afb269230829eb91c2a +MISC metadata.xml 770 BLAKE2B 93991f7ee4c1b6c26b67e873fae0cdb66170cd93ba6b79d6e798cb2605126888a996f633eccd038ece2a822d1b92498c2036746bb3a1add2e336c6026c2db86d SHA512 48693abab21581eff977b8deaa5fabc5d388960c9cd090b590a1f6d3c8d37b63fe33ec86d6f95d7435404314b84053f8c2ca84b0f33c6c7241ea7260f82a3a27 diff --git a/net-analyzer/nrpe/files/nrpe-2.14-multiline.patch b/net-analyzer/nrpe/files/nrpe-2.14-multiline.patch deleted file mode 100644 index 3af2ef95baba..000000000000 --- a/net-analyzer/nrpe/files/nrpe-2.14-multiline.patch +++ /dev/null @@ -1,204 +0,0 @@ -Add support for large output - -http://opsview-blog.opsera.com/dotorg/2008/08/enhancing-nrpe.htmlIndex: nrpe-2.14/include/common.h -=================================================================== -Index: nrpe-2.14/include/common.h -=================================================================== ---- nrpe-2.14.orig/include/common.h -+++ nrpe-2.14/include/common.h -@@ -41,7 +41,7 @@ - #define DEFAULT_SOCKET_TIMEOUT 10 /* timeout after 10 seconds */ - #define DEFAULT_CONNECTION_TIMEOUT 300 /* timeout if daemon is waiting for connection more than this time */ - --#define MAX_INPUT_BUFFER 2048 /* max size of most buffers we use */ -+#define MAX_INPUT_BUFFER 16384 /* max size of most buffers we use */ - #define MAX_FILENAME_LENGTH 256 - - #define MAX_HOST_ADDRESS_LENGTH 256 /* max size of a host address */ -@@ -55,12 +55,14 @@ - - #define QUERY_PACKET 1 /* id code for a packet containing a query */ - #define RESPONSE_PACKET 2 /* id code for a packet containing a response */ -+#define RESPONSE_PACKET_WITH_MORE 3 /* id code for a packet containing a response, with more data to follow */ - - #define NRPE_PACKET_VERSION_3 3 /* packet version identifier */ - #define NRPE_PACKET_VERSION_2 2 - #define NRPE_PACKET_VERSION_1 1 /* older packet version identifiers (no longer supported) */ - - #define MAX_PACKETBUFFER_LENGTH 1024 /* max amount of data we'll send in one query/response */ -+ /* WARNING - do not change this as older clients/servers will not work */ - - typedef struct packet_struct{ - int16_t packet_version; -Index: nrpe-2.14/src/check_nrpe.c -=================================================================== ---- nrpe-2.14.orig/src/check_nrpe.c -+++ nrpe-2.14/src/check_nrpe.c -@@ -221,6 +221,11 @@ int main(int argc, char **argv){ - return STATE_UNKNOWN; - } - -+ /* Altinity patch: Allow multiple packets to be received */ -+ /* Indentation not corrected to allow simpler patching */ -+ /* START MULTI_PACKET LOOP */ -+ do { -+ - /* wait for the response packet */ - bytes_to_recv=sizeof(receive_packet); - if(use_ssl==FALSE) -@@ -233,31 +238,24 @@ int main(int argc, char **argv){ - /* reset timeout */ - alarm(0); - -- /* close the connection */ --#ifdef HAVE_SSL -- if(use_ssl==TRUE){ -- SSL_shutdown(ssl); -- SSL_free(ssl); -- SSL_CTX_free(ctx); -- } --#endif -- graceful_close(sd,1000); -- - /* recv() error */ - if(rc<0){ - printf("CHECK_NRPE: Error receiving data from daemon.\n"); -+ graceful_close(sd,1000); - return STATE_UNKNOWN; - } - - /* server disconnected */ - else if(rc==0){ - printf("CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.\n"); -+ graceful_close(sd,1000); - return STATE_UNKNOWN; - } - - /* receive underflow */ - else if(bytes_to_recv0) -+ send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET_WITH_MORE); -+ else -+ send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET); -+ - /* calculate the crc 32 value of the packet */ - send_packet.crc32_value=(u_int32_t)0L; - calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet)); -@@ -1303,6 +1319,9 @@ void handle_connection(int sock){ - SSL_write(ssl,&send_packet,bytes_to_send); - #endif - -+ } while (strlen(pbuffer) > 0); -+ /* END MULTI_PACKET LOOP */ -+ - #ifdef HAVE_SSL - if(ssl){ - complete_SSL_shutdown( ssl); diff --git a/net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch b/net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch deleted file mode 100644 index 81078c449713..000000000000 --- a/net-analyzer/nrpe/files/nrpe-2.15-autoconf-header.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -Nuar --exclude '*.orig' nrpe-2.15.orig/configure.in nrpe-2.15/configure.in ---- nrpe-2.15.orig/configure.in 2013-09-06 08:27:13.000000000 -0700 -+++ nrpe-2.15/configure.in 2014-04-19 09:32:52.251766643 -0700 -@@ -6,7 +6,8 @@ - - AC_INIT([nrpe],[2.15],[nagios-users@lists.sourceforge.net],[nrpe],[http://www.nagios.org]) - AC_CONFIG_SRCDIR([src/nrpe.c]) --AC_CONFIG_HEADERS([include/config.h]) -+AC_CONFIG_HEADERS([include/autoconf.h]) - AC_CONFIG_FILES([Makefile -+ include/config.h - subst - src/Makefile -diff -Nuar --exclude '*.orig' nrpe-2.15.orig/include/config.h.in nrpe-2.15/include/config.h.in ---- nrpe-2.15.orig/include/config.h.in 2013-09-06 08:27:13.000000000 -0700 -+++ nrpe-2.15/include/config.h.in 2014-04-19 09:33:07.620035056 -0700 -@@ -26,6 +26,7 @@ - - #include - #include -+#include "autoconf.h" - - - #define DEFAULT_SERVER_PORT @nrpe_port@ /* default port to use */ diff --git a/net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch b/net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch deleted file mode 100644 index c42f8bfdec00..000000000000 --- a/net-analyzer/nrpe/files/nrpe-2.15-metachar-security-fix.patch +++ /dev/null @@ -1,26 +0,0 @@ -Disallow all control characters in argument handling. - -This closes a security hole that allowed passing commands via the argument -handling, if a newline was used to seperate the argument from the rest of the -command. - -X-URL: http://www.exploit-db.com/exploits/32925/ -Signed-off-by: Robin H. Johnson - --- -I didn't find any patches from upstream NRPE, so I wrote this quick one. -If somebody else has a valid use for control characters in NRPE arguments, then -this could be relaxed slightly. - -diff -Nuar --exclude '*.orig' nrpe-2.15.orig/src/nrpe.c nrpe-2.15/src/nrpe.c ---- nrpe-2.15.orig/src/nrpe.c 2014-04-19 09:37:16.022373910 -0700 -+++ nrpe-2.15/src/nrpe.c 2014-04-19 09:46:53.237458939 -0700 -@@ -53,7 +53,7 @@ - - #define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */ - #define MAXFD 64 --#define NASTY_METACHARS "|`&><'\"\\[]{};" -+#define NASTY_METACHARS "|`&><'\"\\[]{};\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x7f" - #define howmany(x,y) (((x)+((y)-1))/(y)) - #define MAX_LISTEN_SOCKS 16 - diff --git a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch deleted file mode 100644 index 3b3fc135455f..000000000000 --- a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch +++ /dev/null @@ -1,39 +0,0 @@ -Without this patch, you can't build nrpe without SSL support. It was -originally submitted on the Nagios forums by user Matthew L. Daniel: - - https://support.nagios.com/forum/viewtopic.php?t=27027 - -It was merged into the upstream github repo (NagiosEnterprises/nrpe) -in commit 3736fdeeac11a. - - -diff --git a/src/nrpe.c b/src/nrpe.c -index 4bc849b..1e55ab4 100644 ---- a/src/nrpe.c -+++ b/src/nrpe.c -@@ -102,7 +102,9 @@ int use_src=FALSE; /* Define parameter for SRC option */ - int listen_queue_size=DEFAULT_LISTEN_QUEUE_SIZE; - - -+#ifdef HAVE_SSL - void complete_SSL_shutdown( SSL *); -+#endif - - - int main(int argc, char **argv){ -@@ -1815,6 +1817,7 @@ int remove_pid_file(void){ - return OK; - } - -+#ifdef HAVE_SSL - void complete_SSL_shutdown( SSL *ssl) { - - /* -@@ -1835,6 +1838,7 @@ void complete_SSL_shutdown( SSL *ssl) { - if( SSL_shutdown( ssl)) break; - } - } -+#endif/*HAVE_SSL*/ - - /* bail if daemon is running as root */ - int check_privileges(void){ diff --git a/net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch b/net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch deleted file mode 100644 index b8a0811b831c..000000000000 --- a/net-analyzer/nrpe/files/nrpe-2.15-tcpd-et-al.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff -Nuar --exclude '*.orig' nrpe-2.15.orig/configure.in nrpe-2.15/configure.in ---- nrpe-2.15.orig/configure.in 2013-09-06 08:27:13.000000000 -0700 -+++ nrpe-2.15/configure.in 2014-04-19 09:20:50.406150828 -0700 -@@ -45,7 +45,7 @@ - AC_HEADER_STDC - AC_HEADER_TIME - AC_HEADER_SYS_WAIT --AC_CHECK_HEADERS(ctype.h dirent.h errno.h fcntl.h getopt.h grp.h inttypes.h netdb.h pwd.h signal.h stdint.h strings.h string.h syslog.h tcpd.h unistd.h arpa/inet.h netinet/in.h socket.h sys/types.h sys/time.h sys/resource.h sys/wait.h sys/socket.h sys/stat.h) -+AC_CHECK_HEADERS(ctype.h dirent.h errno.h fcntl.h getopt.h grp.h inttypes.h netdb.h pwd.h signal.h stdint.h strings.h string.h syslog.h unistd.h arpa/inet.h netinet/in.h socket.h sys/types.h sys/time.h sys/resource.h sys/wait.h sys/socket.h sys/stat.h) - - dnl Checks for typedefs, structures, and compiler characteristics. - AC_C_CONST -@@ -164,11 +164,20 @@ - AC_CHECK_LIB(nsl,main,SOCKETLIBS="$SOCKETLIBS -lnsl") - AC_CHECK_LIB(socket,socket,SOCKETLIBS="$SOCKETLIBS -lsocket") - AC_SUBST(SOCKETLIBS) --AC_CHECK_LIB(wrap,main,[ -- LIBWRAPLIBS="$LIBWRAPLIBS -lwrap" -+ -+AC_ARG_ENABLE([tcp-wrapper], -+ AS_HELP_STRING([--disable-tcp-wrapper], [Disable building with TCP wrappers. *** DISABLING IS A SECURITY RISK! *** Read the SECURITY file before using this option! @<:@default=enable@:>@])) -+ -+LIBWRAPLIBS="" -+AS_IF([test "x$enable_tcp_wrapper" != "xno"], [ -+ AC_CHECK_LIB([wrap],[hosts_access],[ -+ LIBWRAPLIBS="$LIBWRAPLIBS -lwrap" - AC_DEFINE(HAVE_LIBWRAP,[1],[Have the TCP wrappers library]) -- ]) -+ AC_DEFINE(HAVE_TCPD_H,[1],[Have the TCP wrappers library]) -+ ]) -+]) - AC_SUBST(LIBWRAPLIBS) -+ - AC_CHECK_FUNCS(strdup strstr strtoul initgroups closesocket) - - dnl socklen_t check - from curl -@@ -440,8 +449,11 @@ - AC_SUBST(TARGET_PLATFORM) - - AC_ARG_ENABLE([command-args], -- AS_HELP_STRING([--enable-command-args],[allows clients to specify command arguments. *** THIS IS A SECURITY RISK! *** Read the SECURITY file before using this option!]), -- AC_DEFINE_UNQUOTED(ENABLE_COMMAND_ARGUMENTS,[1],[Enable command-line arguments])) -+ AS_HELP_STRING([--enable-command-args],[allows clients to specify command arguments. *** THIS IS A SECURITY RISK! *** Read the SECURITY file before using this option!])) -+ -+AS_IF([test "x$enable_command_args" = "xyes"], [ -+ AC_DEFINE(ENABLE_COMMAND_ARGUMENTS,[1],[Enable command-line arguments]) -+]) - - AC_ARG_ENABLE([bash-command-substitution], - AS_HELP_STRING([--enable-bash-command-substitution],[allows clients to pass bash command substitutions of the form $(command). *** THIS IS A HIGH SECURITY RISK! *** Read the SECURITY file before using this option!]), diff --git a/net-analyzer/nrpe/metadata.xml b/net-analyzer/nrpe/metadata.xml index e47fd6fd83c9..6d48b12e1abf 100644 --- a/net-analyzer/nrpe/metadata.xml +++ b/net-analyzer/nrpe/metadata.xml @@ -15,9 +15,6 @@ Nagios/Icinga master. Make sure you understand the implications of this flag as it can be a security risk. - - Only build the check plugins for Nagios/Icinga, and not the daemon. - nagios diff --git a/net-analyzer/nrpe/nrpe-2.15-r3.ebuild b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild deleted file mode 100644 index afdbdc893c41..000000000000 --- a/net-analyzer/nrpe/nrpe-2.15-r3.ebuild +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -inherit eutils systemd toolchain-funcs multilib user autotools - -DESCRIPTION="Nagios Remote Plugin Executor" -HOMEPAGE="http://www.nagios.org/" -SRC_URI="mirror://sourceforge/nagios/${P}.tar.gz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86" -IUSE="command-args libressl minimal selinux ssl tcpd" - -DEPEND=" - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:0= ) - ) - !minimal? ( tcpd? ( sys-apps/tcp-wrappers ) )" -RDEPEND="${DEPEND} - !minimal? ( - || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins ) - ) - selinux? ( sec-policy/selinux-nagios )" - -pkg_setup() { - enewgroup nagios - enewuser nagios -1 /bin/bash /dev/null nagios - - elog "If you plan to use \"nrpe_check_control\" then you may want to specify" - elog "different command and services files. You can override the defaults" - elog "through the \"NAGIOS_COMMAND_FILE\" and \"NAGIOS_SERVICES_FILE\" environment variables." - elog "NAGIOS_COMMAND_FILE=${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}" - elog "NAGIOS_SERVICES_FILE=${NAGIOS_SERVICES_FILE:-/etc/services.cfg}" -} - -src_prepare() { - # Add support for large output, - # http://opsview-blog.opsera.com/dotorg/2008/08/enhancing-nrpe.html - epatch "${FILESDIR}"/${PN}-2.14-multiline.patch - - # fix configure, among others #326367, #397603 - epatch "${FILESDIR}"/${PN}-2.15-tcpd-et-al.patch - - # otherwise autoconf will overwrite the custom include/config.h.in - epatch "${FILESDIR}"/${PN}-2.15-autoconf-header.patch - - # improve handling of metachars for security - epatch "${FILESDIR}"/${PN}-2.15-metachar-security-fix.patch - - # Fix build with USE="-ssl". - epatch "${FILESDIR}"/${PN}-2.15-no-ssl.patch - - sed -i -e '/define \(COMMAND\|SERVICES\)_FILE/d' \ - contrib/nrpe_check_control.c || die - - # change the default location of the pid file - sed -i -e '/pid_file/s:/var/run:/run:' sample-config/nrpe.cfg.in || die - - # fix TFU handling of autoheader - sed -i -e '/#undef/d' include/config.h.in || die - - eautoreconf -} - -src_configure() { - local myconf - if use minimal; then - myconf="--disable-tcp-wrapper --disable-command-args" - else - myconf="$(use_enable tcpd tcp-wrapper) $(use_enable command-args)" - fi - - econf \ - --libexecdir=/usr/$(get_libdir)/nagios/plugins \ - --localstatedir=/var/nagios \ - --sysconfdir=/etc/nagios \ - --with-nrpe-user=nagios \ - --with-nrpe-group=nagios \ - $(use_enable ssl) \ - ${myconf} -} - -src_compile() { - emake -C src check_nrpe $(use minimal || echo nrpe) - - # Add nifty nrpe check tool - $(tc-getCC) ${CPPFLAGS} ${CFLAGS} \ - -DCOMMAND_FILE=\"${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}\" \ - -DSERVICES_FILE=\"${NAGIOS_SERVICES_FILE:-/etc/services.cfg}\" \ - ${LDFLAGS} -o nrpe_check_control contrib/nrpe_check_control.c || die -} - -src_install() { - dodoc LEGAL Changelog README SECURITY \ - contrib/README.nrpe_check_control \ - $(use ssl && echo README.SSL) - - exeinto /usr/$(get_libdir)/nagios/plugins - doexe src/check_nrpe nrpe_check_control - - use minimal && return 0 - - ## NON-MINIMAL INSTALL FOLLOWS ## - - insinto /etc/nagios - newins sample-config/nrpe.cfg nrpe.cfg - fowners root:nagios /etc/nagios/nrpe.cfg - fperms 0640 /etc/nagios/nrpe.cfg - - exeinto /usr/libexec - doexe src/nrpe - - newinitd "${FILESDIR}"/nrpe.init nrpe - systemd_dounit "${FILESDIR}/${PN}.service" - - insinto /etc/xinetd.d/ - newins "${FILESDIR}/nrpe.xinetd.2" nrpe - - if use tcpd; then - sed -i -e '/^reload()/, /^}/ d' -e '/extra_started_commands/s:reload::' \ - "${D}"/etc/init.d/nrpe - fi -} - -pkg_postinst() { - elog "If you are using the nrpe daemon, remember to edit" - elog "the config file /etc/nagios/nrpe.cfg" - - if use command-args ; then - ewarn "" - ewarn "You have enabled command-args for NRPE. This enables" - ewarn "the ability for clients to supply arguments to commands" - ewarn "which should be run. " - ewarn "THIS IS CONSIDERED A SECURITY RISK!" - ewarn "Please read /usr/share/doc/${PF}/SECURITY.bz2 for more info" - fi -} diff --git a/net-analyzer/nrpe/nrpe-3.2.1-r2.ebuild b/net-analyzer/nrpe/nrpe-3.2.1-r2.ebuild new file mode 100644 index 000000000000..430050c49b14 --- /dev/null +++ b/net-analyzer/nrpe/nrpe-3.2.1-r2.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit systemd user + +DESCRIPTION="Nagios Remote Plugin Executor" +HOMEPAGE="https://github.com/NagiosEnterprises/nrpe" +SRC_URI="${HOMEPAGE}/releases/download/${P}/${P}.tar.gz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" +IUSE="command-args libressl selinux ssl" + +DEPEND="sys-apps/tcp-wrappers + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + )" +RDEPEND="${DEPEND} + || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins ) + selinux? ( sec-policy/selinux-nagios )" + +PATCHES=( "${FILESDIR}/nrpe-3.2.1-eliminate-systemd-pid.patch" ) + +pkg_setup() { + enewgroup nagios + enewuser nagios -1 -1 -1 nagios +} + +src_configure() { + # The configure script tries to detect what OS, distribution, and + # init system you're running and changes the build/install process + # depending on what it comes up with. We specify fixed values + # because we don't want it guessing, for example, whether or not + # to install the tmpfiles.d entry based on whether or not systemd + # is currently running (OpenRC uses them too). + econf \ + --libexecdir=/usr/$(get_libdir)/nagios/plugins \ + --localstatedir=/var/lib/nagios \ + --sysconfdir=/etc/nagios \ + --with-nrpe-user=nagios \ + --with-nrpe-group=nagios \ + --with-piddir=/run \ + --with-opsys=unknown \ + --with-dist-type=unknown \ + --with-init-type=unknown \ + --with-inetd-type=unknown \ + $(use_enable command-args) \ + $(use_enable ssl) +} + +src_compile() { + emake all +} + +src_install() { + default + + dodoc CHANGELOG.md SECURITY.md + insinto /etc/nagios + newins sample-config/nrpe.cfg nrpe.cfg + fowners root:nagios /etc/nagios/nrpe.cfg + fperms 0640 /etc/nagios/nrpe.cfg + + newinitd "startup/openrc-init" nrpe + newconfd "startup/openrc-conf" nrpe + systemd_newunit "startup/default-service" "${PN}.service" + + insinto /etc/xinetd.d/ + newins "${FILESDIR}/nrpe.xinetd.2" nrpe + + rm "${D}/usr/bin/nrpe-uninstall" || die 'failed to remove uninstall tool' +} + +pkg_postinst(){ + elog 'Some users have reported incompatibilities between nrpe-2.x and' + elog 'nrpe-3.x. We recommend that you use the same major version for' + elog 'both your server and clients.' + + if use command-args ; then + ewarn '' + ewarn 'You have enabled command-args for NRPE. That lets clients' + ewarn 'supply arguments to the commands that are run, and IS A' + ewarn 'SECURITY RISK!' + ewarn'' + fi +} diff --git a/net-analyzer/nrpe/nrpe-3.2.1.ebuild b/net-analyzer/nrpe/nrpe-3.2.1.ebuild deleted file mode 100644 index 3a4f9d8d2513..000000000000 --- a/net-analyzer/nrpe/nrpe-3.2.1.ebuild +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit systemd user - -DESCRIPTION="Nagios Remote Plugin Executor" -HOMEPAGE="https://github.com/NagiosEnterprises/nrpe" -SRC_URI="${HOMEPAGE}/releases/download/${P}/${P}.tar.gz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" -IUSE="command-args libressl selinux ssl" - -DEPEND="sys-apps/tcp-wrappers - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:0= ) - )" -RDEPEND="${DEPEND} - || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins ) - selinux? ( sec-policy/selinux-nagios )" - -pkg_setup() { - enewgroup nagios - enewuser nagios -1 /bin/bash /var/nagios/home nagios -} - -src_configure() { - econf \ - --libexecdir=/usr/$(get_libdir)/nagios/plugins \ - --localstatedir=/var/nagios \ - --sysconfdir=/etc/nagios \ - --with-nrpe-user=nagios \ - --with-nrpe-group=nagios \ - --with-piddir=/run \ - $(use_enable command-args) \ - $(use_enable ssl) -} - -src_compile() { - emake all -} - -src_install() { - default - - dodoc CHANGELOG.md SECURITY.md - insinto /etc/nagios - newins sample-config/nrpe.cfg nrpe.cfg - fowners root:nagios /etc/nagios/nrpe.cfg - fperms 0640 /etc/nagios/nrpe.cfg - - newinitd "startup/openrc-init" nrpe - newconfd "startup/openrc-conf" nrpe - systemd_newunit "startup/default-service" "${PN}.service" - - insinto /etc/xinetd.d/ - newins "${FILESDIR}/nrpe.xinetd.2" nrpe - - rm "${D}/usr/bin/nrpe-uninstall" || die 'failed to remove uninstall tool' -} - -pkg_postinst(){ - elog 'Some users have reported incompatibilities between nrpe-2.x and' - elog 'nrpe-3.x. We recommend that you use the same major version for' - elog 'both your server and clients.' - - if use command-args ; then - ewarn '' - ewarn 'You have enabled command-args for NRPE. That lets clients' - ewarn 'supply arguments to the commands that are run, and IS A' - ewarn 'SECURITY RISK!' - ewarn'' - fi -} -- cgit v1.2.3