diff options
author | Michael Orlitzky <mjo@gentoo.org> | 2017-11-06 19:37:59 -0500 |
---|---|---|
committer | Michael Orlitzky <mjo@gentoo.org> | 2017-11-07 07:34:23 -0500 |
commit | a76473925572d2be605f50db49f33d2a19efbafd (patch) | |
tree | d45a62b2ce98fc1c3649c734b4506b6b537f441c /net-analyzer/ndoutils | |
parent | net-libs/nodejs: Stable on amd64 (diff) | |
download | gentoo-a76473925572d2be605f50db49f33d2a19efbafd.tar.gz gentoo-a76473925572d2be605f50db49f33d2a19efbafd.tar.bz2 gentoo-a76473925572d2be605f50db49f33d2a19efbafd.zip |
net-analyzer/ndoutils: new version 2.1.3.
This is somewhat of a work in progress. The new version 2.1.3 is
intended mainly to fix the compatibility with modern versions of
nagios-core. However, there are still several fixes in the pipeline
that we're having to carry patches for in the meantime:
* format-security warnings (upstream pull request 42)
* default PID file location (upstream pull request 44)
* asprintf compile warnings (upstream issue 43)
* openrc service file improvements (not yet submitted)
The last patch has not been submitted because I'm waiting on a
response for upstream issue 45 that affects the init scripts.
Regardless, we might as well push out v2.1.3 now, since it has
to work better than v2.0.0.
Closes: https://bugs.gentoo.org/599452
Package-Manager: Portage-2.3.8, Repoman-2.3.3
Diffstat (limited to 'net-analyzer/ndoutils')
-rw-r--r-- | net-analyzer/ndoutils/Manifest | 2 | ||||
-rw-r--r-- | net-analyzer/ndoutils/files/format-security.patch | 115 | ||||
-rw-r--r-- | net-analyzer/ndoutils/files/ndo2db.init-nagios3 | 24 | ||||
-rw-r--r-- | net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch | 6 | ||||
-rw-r--r-- | net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch | 10 | ||||
-rw-r--r-- | net-analyzer/ndoutils/files/openrc-init.patch | 100 | ||||
-rw-r--r-- | net-analyzer/ndoutils/files/sample-config-piddir.patch | 32 | ||||
-rw-r--r-- | net-analyzer/ndoutils/ndoutils-2.0.0.ebuild | 67 | ||||
-rw-r--r-- | net-analyzer/ndoutils/ndoutils-2.1.3.ebuild | 89 |
9 files changed, 343 insertions, 102 deletions
diff --git a/net-analyzer/ndoutils/Manifest b/net-analyzer/ndoutils/Manifest index 9f9ca5c4aaa9..89f7e750e6a6 100644 --- a/net-analyzer/ndoutils/Manifest +++ b/net-analyzer/ndoutils/Manifest @@ -1 +1 @@ -DIST ndoutils-2.0.0.tar.gz 2207263 SHA256 b95047c812fb61465e66a9e1a6d4a42bf00620f334f08a6faf5afe20bdd43ba1 SHA512 c899c9f9d0a14995ae7e3fc9f8566891acef9186cc53f05e4f509e9dd01a19a17d32c746a4a1c125342ebffad65946c7a3ea11da68ce0ff240bd37e85334545c WHIRLPOOL d3e41eb5e2a3ea9a5ca0d24fc8319beaa914d2bcb16c187ab6c5f5a3f133c27756ecdc2b6302a75c015294a1b2c3cc48d3c87a540ae1b9b07a21eb427b45d181 +DIST ndoutils-2.1.3.tar.gz 2182999 SHA256 2517ee737359f16d7f24b13ef2a9a41775bf7e8396a3ecaa7c45758d3ca9ce0a SHA512 727f2051876ff32cafaf9993a69b721ae4ea81031fade12262dbb4c5399c601f3c1af362d9d550e1d6d56fac8fe044d515dc10fc43e7d4d3e981bc9a89db88de WHIRLPOOL 9fb7cf6438da9baad6036b91bac62b8df1a494f0be00d3926e6603fe3783bd8722107ee63280c25f377d942f4a720d9aed04991ff24e2817b045161d142d34a7 diff --git a/net-analyzer/ndoutils/files/format-security.patch b/net-analyzer/ndoutils/files/format-security.patch new file mode 100644 index 000000000000..75be7dc32103 --- /dev/null +++ b/net-analyzer/ndoutils/files/format-security.patch @@ -0,0 +1,115 @@ +From 07891e8fcf692552c57e64429fd52da9e682f6d2 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Sat, 22 Jul 2017 16:38:03 -0400 +Subject: [PATCH 1/1] src/queue.c: fix format-security warnings with explicit + "%s" format string. + +The syslog() function takes as its second argument a format string (a +la printf), but if the third parameter is a string, then the format +string can be omitted. This has led to security vulnerabilities in the +past, and compilers can now warn about it. In particular, GCC has the +-Wformat-security option, which can be made an error with +-Werror=format-security. + +A few such two-argument calls were present in src/queue.c, where +constant strings were being logged to syslog. This commit adds the +second format string parameter (simply "%s" in this case) to avoid the +compiler warnings. + +More information about format-security can be found in Fedora's FAQ: + + https://fedoraproject.org/wiki/Format-Security-FAQ +--- + src/queue.c | 22 +++++++++++----------- + 1 file changed, 11 insertions(+), 11 deletions(-) + +diff --git a/src/queue.c b/src/queue.c +index 8cb7445..50bb519 100644 +--- a/src/queue.c ++++ b/src/queue.c +@@ -50,7 +50,7 @@ void del_queue() { + struct msqid_ds buf; + + if (msgctl(queue_id,IPC_RMID,&buf) < 0) { +- syslog(LOG_ERR,"Error: queue remove error.\n"); ++ syslog(LOG_ERR, "%s", "Error: queue remove error.\n"); + } + } + +@@ -58,7 +58,7 @@ int get_queue_id(int id) { + key_t key = ftok(NDO_QUEUE_PATH, NDO_QUEUE_ID+id); + + if ((queue_id = msgget(key, IPC_CREAT | 0600)) < 0) { +- syslog(LOG_ERR,"Error: queue init error.\n"); ++ syslog(LOG_ERR, "%s", "Error: queue init error.\n"); + } + } + +@@ -99,7 +99,7 @@ void log_retry( void) { + if(msgctl(queue_id, IPC_STAT, &queue_stats)) { + sprintf(curstats, "Unable to determine current message queue usage: error reading IPC_STAT: %d", errno); + sprintf(logmsg, logfmt, curstats); +- syslog(LOG_ERR, logmsg); ++ syslog(LOG_ERR, "%s", logmsg); + } + else { + #if defined( __linux__) +@@ -108,24 +108,24 @@ void log_retry( void) { + if( msgmni < 0) { + sprintf(curstats, "Unable to determine current message queue usage: error reading IPC_INFO: %d", errno); + sprintf(logmsg, logfmt, curstats); +- syslog(LOG_ERR, logmsg); ++ syslog(LOG_ERR, "%s", logmsg); + } + else { + sprintf(curstats, statsfmt, queue_stats.msg_qnum, + (unsigned long)msgmni, queue_stats.__msg_cbytes, + queue_stats.msg_qbytes); + sprintf(logmsg, logfmt, curstats); +- syslog(LOG_ERR, logmsg); ++ syslog(LOG_ERR, "%s", logmsg); + } + #else + sprintf(logmsg, logfmt, ""); +- syslog(LOG_ERR, logmsg); ++ syslog(LOG_ERR, "%s", logmsg); + #endif + } + last_retry_log_time = now; + } + else { +- syslog(LOG_ERR,"Warning: queue send error, retrying...\n"); ++ syslog(LOG_ERR, "%s", "Warning: queue send error, retrying...\n"); + } + } + +@@ -155,14 +155,14 @@ void push_into_queue (char* buf) { + #endif + } + if (retrynum < MAX_RETRIES) { +- syslog(LOG_ERR,"Message sent to queue.\n"); ++ syslog(LOG_ERR, "%s", "Message sent to queue.\n"); + } + else { +- syslog(LOG_ERR,"Error: max retries exceeded sending message to queue. Kernel queue parameters may need to be tuned. See README.\n"); ++ syslog(LOG_ERR, "%s", "Error: max retries exceeded sending message to queue. Kernel queue parameters may need to be tuned. See README.\n"); + } + } + else { +- syslog(LOG_ERR,"Error: queue send error.\n"); ++ syslog(LOG_ERR, "%s", "Error: queue send error.\n"); + } + } + +@@ -175,7 +175,7 @@ char* pop_from_queue() { + zero_string(msg.text, NDO_MAX_MSG_SIZE); + + if (msgrcv(queue_id, &msg, queue_buff_size, NDO_MSG_TYPE, MSG_NOERROR) < 0) { +- syslog(LOG_ERR,"Error: queue recv error.\n"); ++ syslog(LOG_ERR, "%s", "Error: queue recv error.\n"); + } + + int size = strlen(msg.text); +-- +2.13.0 + diff --git a/net-analyzer/ndoutils/files/ndo2db.init-nagios3 b/net-analyzer/ndoutils/files/ndo2db.init-nagios3 deleted file mode 100644 index 3e1e262f6e0c..000000000000 --- a/net-analyzer/ndoutils/files/ndo2db.init-nagios3 +++ /dev/null @@ -1,24 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -depends() { - before nagios - need mysql -} - -start() { - ebegin "Starting ndo2db" - if [ -S /var/nagios/ndo.sock ] ; then - rm -f /var/nagios/ndo.sock - fi - start-stop-daemon --start --quiet --exec /usr/bin/ndo2db \ - -- -c /etc/nagios/ndo2db.cfg - eend $? -} - -stop() { - ebegin "Stopping ndo2db" - start-stop-daemon --stop --quiet --exec /usr/bin/ndo2db - eend $? -} diff --git a/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch b/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch index 146132c21de3..21cf837ba36d 100644 --- a/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch +++ b/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch @@ -1,3 +1,9 @@ +This is a fix for the QA warnings that result from using asprintf() +without defining it. That happens because asprintf() is a GNU +extension, but somehow gets used before _GNU_SOURCE is defined. + +Upstream-Bug: https://github.com/NagiosEnterprises/ndoutils/issues/43 + --- a/include/config.h.in +++ b/include/config.h.in @@ -9,6 +9,7 @@ diff --git a/net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch b/net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch deleted file mode 100644 index 61694baee9e3..000000000000 --- a/net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/src/queue.c -+++ b/src/queue.c -@@ -8,6 +8,7 @@ - #include "../include/queue.h" - #include <errno.h> - #include <time.h> -+#include <unistd.h> /* sleep() */ - - #define RETRY_LOG_INTERVAL 600 /* Seconds */ - #define MAX_RETRIES 20 /* Max number of times to retry sending message */ diff --git a/net-analyzer/ndoutils/files/openrc-init.patch b/net-analyzer/ndoutils/files/openrc-init.patch new file mode 100644 index 000000000000..07fcc63b7f3d --- /dev/null +++ b/net-analyzer/ndoutils/files/openrc-init.patch @@ -0,0 +1,100 @@ +From 61c6e9295bae755713b403626f702b5ac90f2448 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Sat, 22 Jul 2017 17:25:29 -0400 +Subject: [PATCH 1/1] startup: simplify the OpenRC init scripts and conf file. + +This commit largely rewrites the OpenRC init script with the goal of +simplifying it. The end result should be functionally the same, but is +much shorter. The changes are as follows: + + 1. Replace the deprecated /sbin/runscript shebang with /sbin/openrc-run. + + 2. Replace the existing dependencies with "need mysql nagios". The + ndo2db daemon needs Nagios to create the TCP or Unix socket over + which it will communicate, and obviously it needs mysql to be + up and running in order to save any data. The dependencies + of mysql and nagios themselves will bring up whatever else is + required; nothing else needs to be listed as a dependency of + ndo2db. + + 3. Use the "command", "command_args", and "pidfile" OpenRC + variables. OpenRC is smart enough to start and stop a well-behaved + daemon on its own without a custom start/stop function. By + specifying those three variables, we are able to eliminate much of + the custom start/stop code in the init script. + +Finally, the default value of NDO2DB_CFG in the associated conf file has +been updated to use @sysconfdir@ instead of @pkgsysconfdir@, which wasn't +having any effect. +--- + startup/openrc-conf.in | 6 ++---- + startup/openrc-init.in | 42 +++++++++--------------------------------- + 2 files changed, 11 insertions(+), 37 deletions(-) + +diff --git a/startup/openrc-conf.in b/startup/openrc-conf.in +index d7b5474..69b15b5 100644 +--- a/startup/openrc-conf.in ++++ b/startup/openrc-conf.in +@@ -1,4 +1,2 @@ +-# /etc/conf.d/ndo2db : config file for /etc/init.d/ndo2db +- +-# Configuration file - default is @sysconfdir@/ndo2db.cfg +-NDO2DB_CFG="@pkgsysconfdir@/ndo2db.cfg" ++# The configuration file to use for ndo2db. ++NDO2DB_CFG="@sysconfdir@/ndo2db.cfg" +diff --git a/startup/openrc-init.in b/startup/openrc-init.in +index 119e074..7b3fb40 100644 +--- a/startup/openrc-init.in ++++ b/startup/openrc-init.in +@@ -1,39 +1,15 @@ +-#!/sbin/runscript ++#!/sbin/openrc-run + # +-# Copyright (c) 2016 Nagios(R) Core(TM) Development Team ++# Copyright (c) 2017 Nagios(R) Core(TM) Development Team + # +-# Start/stop the Nagios Data Out Daemon. +-# +-# Goes in /etc/init.d - Config is in /etc/conf.d/ndo2db + +-NDO2DB_BIN="@sbindir@/ndo2db" +-NDO2DB_PID="@piddir@/ndo2db.pid" ++command="@sbindir@/ndo2db" ++command_args="-c ${NDO2DB_CFG}" ++description="Nagios Data Out daemon" ++pidfile="@piddir@/ndo2db.pid" + + depend() { +- use logger dns net localmount netmount nfsmount +-} +- +-checkconfig() { +- # Make sure the config file exists +- if [ ! -f $NDO2DB_CFG ]; then +- eerror "You need to setup $NDO2DB_CFG. +- return 1 +- fi +- return 0 +-} +- +-start() { +- checkconfig || return 1 +- ebegin "Starting ndo2db" +- # Make sure we have a sane current directory +- cd / +- start-stop-daemon --start --exec $NDO2DB_BIN --pidfile $PID_FILE \ +- -- -c $NDO2DB_CFG -f +- eend $? +-} +- +-stop() { +- ebegin "Stopping ndo2db" +- start-stop-daemon --stop --exec $NDO2DB_BIN --pidfile $PID_FILE +- eend $? ++ # The Nagios core daemon creates the socket that ndo2db tries to ++ # connect to upon starting. ++ need mysql nagios + } +-- +2.13.0 + diff --git a/net-analyzer/ndoutils/files/sample-config-piddir.patch b/net-analyzer/ndoutils/files/sample-config-piddir.patch new file mode 100644 index 000000000000..902038204988 --- /dev/null +++ b/net-analyzer/ndoutils/files/sample-config-piddir.patch @@ -0,0 +1,32 @@ +From 560db1e2bc79bb3321c5f431e149418ec3c28a98 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Sun, 23 Jul 2017 07:13:46 -0400 +Subject: [PATCH 1/1] config/ndo2db.cfg-sample.in: use @piddir@ for the pid + file. + +The "lock_file" setting in ndo2db.cfg specifies where the daemon's pid +file should be stored. In the past, it was stored in @localstatedir@, +but @piddir@ is more appropriate. As evidence, all of the init scripts +in the "startup" directory reference @piddir@ and not @localstatedir@ +for the location of the pid file. This commit updates the sample +config to agree with the init scripts. +--- + config/ndo2db.cfg-sample.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config/ndo2db.cfg-sample.in b/config/ndo2db.cfg-sample.in +index 75266dc..5b46fc9 100644 +--- a/config/ndo2db.cfg-sample.in ++++ b/config/ndo2db.cfg-sample.in +@@ -10,7 +10,7 @@ + # This is the lockfile that NDO2DB will use to store its PID number + # in when it is running in daemon mode. + +-lock_file=@localstatedir@/ndo2db.pid ++lock_file=@piddir@/ndo2db.pid + + + +-- +2.13.0 + diff --git a/net-analyzer/ndoutils/ndoutils-2.0.0.ebuild b/net-analyzer/ndoutils/ndoutils-2.0.0.ebuild deleted file mode 100644 index b813b079881b..000000000000 --- a/net-analyzer/ndoutils/ndoutils-2.0.0.ebuild +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -inherit eutils user - -MY_P=${P/_beta/b} - -DESCRIPTION="Nagios addon to store Nagios data in a MySQL database" -HOMEPAGE="http://www.nagios.org" -SRC_URI="mirror://sourceforge/nagios/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86 ~ppc" - -DEPEND=" - dev-perl/DBD-mysql - dev-perl/DBI - virtual/mysql -" -RDEPEND=" - ${DEPEND} - >=net-analyzer/nagios-core-3.0 -" - -S="${WORKDIR}/${MY_P}" - -pkg_setup() { - enewgroup nagios - enewuser nagios -1 /bin/bash /var/nagios/home nagios -} - -src_prepare() { - epatch \ - "${FILESDIR}"/${P}-asprintf.patch \ - "${FILESDIR}"/${P}-sleep.patch -} - -src_configure() { - econf \ - --sysconfdir=/etc/nagios \ - --enable-mysql -} - -DOCS=( - 'docs/NDOUTILS DB Model.pdf' - 'docs/NDOUtils Documentation.pdf' - Changelog - README - REQUIREMENTS - TODO - UPGRADING -) - -src_install() { - default - emake DESTDIR="${D}" install-config - - newinitd "${FILESDIR}"/ndo2db.init-nagios3 ndo2db -} - -pkg_postinst() { - elog "To include NDO in your Nagios setup you'll need to activate the NDO broker module" - elog "in /etc/nagios/nagios.cfg:" - elog "\tbroker_module=/usr/bin/ndomod-3x.o config_file=/etc/nagios/ndomod.cfg" -} diff --git a/net-analyzer/ndoutils/ndoutils-2.1.3.ebuild b/net-analyzer/ndoutils/ndoutils-2.1.3.ebuild new file mode 100644 index 000000000000..1872b7849d8d --- /dev/null +++ b/net-analyzer/ndoutils/ndoutils-2.1.3.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit systemd + +DESCRIPTION="Nagios addon to store Nagios data in a MySQL database" +HOMEPAGE="http://www.nagios.org/" +SRC_URI="https://github.com/NagiosEnterprises/${PN}/archive/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" + +# We require the "nagios" user from net-analyzer/nagios-core at build +# time. +DEPEND="dev-perl/DBD-mysql + dev-perl/DBI + >=net-analyzer/nagios-core-4 + virtual/mysql" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${PN}-${P}" + +DOCS=( + Changelog + README + THANKS + TODO + UPGRADING + "docs/NDOUTILS DB Model.pdf" + "docs/NDOUtils Documentation.pdf" +) + +PATCHES=( + "${FILESDIR}/format-security.patch" + "${FILESDIR}/ndoutils-2.0.0-asprintf.patch" + "${FILESDIR}/sample-config-piddir.patch" + "${FILESDIR}/openrc-init.patch" +) + +src_configure() { + # The localstatedir is where our socket will be created by the + # nagios daemon, so we put it in /var/nagios where the "nagios" user + # will be able to write. + # + # And normally, we would use /run for the pid file, but the daemon + # drops permissions before creating it, the the piddir also needs + # to be writable by the nagios user. + econf --enable-mysql \ + --localstatedir=/var/nagios \ + --sysconfdir=/etc/nagios \ + --with-piddir=/var/nagios +} + +src_compile() { + # Avoid "emake all" so that we don't build the stuff for nagios-2.x + # and nagios-3.x, some of which throws QA warnings. We don't use it + # anyway. + pushd src + emake file2sock log2ndo ndo2db-4x ndomod-4x.o sockdebug + popd +} + +src_install() { + default + insinto /etc/nagios + newins config/ndo2db.cfg-sample ndo2db.cfg + newins config/ndomod.cfg-sample ndomod.cfg + newinitd "startup/openrc-init" ndo2db + newconfd "startup/openrc-conf" ndo2db + systemd_newunit "startup/default-service" "${PN}.service" + + # The documentation isn't installed by the build system + dodoc -r docs/html + + # Use symlinks because the installdb/upgradedb scripts use relative + # paths to the SQL queries. + insinto "/usr/share/${PN}" + doins -r db + dosym "/usr/share/${PN}/db/installdb" /usr/bin/ndoutils-installdb + dosym "/usr/share/${PN}/db/upgradedb" /usr/bin/ndoutils-upgradedb +} + +pkg_postinst() { + elog "To include NDO in your Nagios setup, you'll need to activate" + elog "the NDO broker module in /etc/nagios/nagios.cfg:" + elog " broker_module=/usr/bin/ndomod.o config_file=/etc/nagios/ndomod.cfg" +} |