summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Orlitzky <mjo@gentoo.org>2017-11-06 19:37:59 -0500
committerMichael Orlitzky <mjo@gentoo.org>2017-11-07 07:34:23 -0500
commita76473925572d2be605f50db49f33d2a19efbafd (patch)
treed45a62b2ce98fc1c3649c734b4506b6b537f441c /net-analyzer/ndoutils
parentnet-libs/nodejs: Stable on amd64 (diff)
downloadgentoo-a76473925572d2be605f50db49f33d2a19efbafd.tar.gz
gentoo-a76473925572d2be605f50db49f33d2a19efbafd.tar.bz2
gentoo-a76473925572d2be605f50db49f33d2a19efbafd.zip
net-analyzer/ndoutils: new version 2.1.3.
This is somewhat of a work in progress. The new version 2.1.3 is intended mainly to fix the compatibility with modern versions of nagios-core. However, there are still several fixes in the pipeline that we're having to carry patches for in the meantime: * format-security warnings (upstream pull request 42) * default PID file location (upstream pull request 44) * asprintf compile warnings (upstream issue 43) * openrc service file improvements (not yet submitted) The last patch has not been submitted because I'm waiting on a response for upstream issue 45 that affects the init scripts. Regardless, we might as well push out v2.1.3 now, since it has to work better than v2.0.0. Closes: https://bugs.gentoo.org/599452 Package-Manager: Portage-2.3.8, Repoman-2.3.3
Diffstat (limited to 'net-analyzer/ndoutils')
-rw-r--r--net-analyzer/ndoutils/Manifest2
-rw-r--r--net-analyzer/ndoutils/files/format-security.patch115
-rw-r--r--net-analyzer/ndoutils/files/ndo2db.init-nagios324
-rw-r--r--net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch6
-rw-r--r--net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch10
-rw-r--r--net-analyzer/ndoutils/files/openrc-init.patch100
-rw-r--r--net-analyzer/ndoutils/files/sample-config-piddir.patch32
-rw-r--r--net-analyzer/ndoutils/ndoutils-2.0.0.ebuild67
-rw-r--r--net-analyzer/ndoutils/ndoutils-2.1.3.ebuild89
9 files changed, 343 insertions, 102 deletions
diff --git a/net-analyzer/ndoutils/Manifest b/net-analyzer/ndoutils/Manifest
index 9f9ca5c4aaa9..89f7e750e6a6 100644
--- a/net-analyzer/ndoutils/Manifest
+++ b/net-analyzer/ndoutils/Manifest
@@ -1 +1 @@
-DIST ndoutils-2.0.0.tar.gz 2207263 SHA256 b95047c812fb61465e66a9e1a6d4a42bf00620f334f08a6faf5afe20bdd43ba1 SHA512 c899c9f9d0a14995ae7e3fc9f8566891acef9186cc53f05e4f509e9dd01a19a17d32c746a4a1c125342ebffad65946c7a3ea11da68ce0ff240bd37e85334545c WHIRLPOOL d3e41eb5e2a3ea9a5ca0d24fc8319beaa914d2bcb16c187ab6c5f5a3f133c27756ecdc2b6302a75c015294a1b2c3cc48d3c87a540ae1b9b07a21eb427b45d181
+DIST ndoutils-2.1.3.tar.gz 2182999 SHA256 2517ee737359f16d7f24b13ef2a9a41775bf7e8396a3ecaa7c45758d3ca9ce0a SHA512 727f2051876ff32cafaf9993a69b721ae4ea81031fade12262dbb4c5399c601f3c1af362d9d550e1d6d56fac8fe044d515dc10fc43e7d4d3e981bc9a89db88de WHIRLPOOL 9fb7cf6438da9baad6036b91bac62b8df1a494f0be00d3926e6603fe3783bd8722107ee63280c25f377d942f4a720d9aed04991ff24e2817b045161d142d34a7
diff --git a/net-analyzer/ndoutils/files/format-security.patch b/net-analyzer/ndoutils/files/format-security.patch
new file mode 100644
index 000000000000..75be7dc32103
--- /dev/null
+++ b/net-analyzer/ndoutils/files/format-security.patch
@@ -0,0 +1,115 @@
+From 07891e8fcf692552c57e64429fd52da9e682f6d2 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Sat, 22 Jul 2017 16:38:03 -0400
+Subject: [PATCH 1/1] src/queue.c: fix format-security warnings with explicit
+ "%s" format string.
+
+The syslog() function takes as its second argument a format string (a
+la printf), but if the third parameter is a string, then the format
+string can be omitted. This has led to security vulnerabilities in the
+past, and compilers can now warn about it. In particular, GCC has the
+-Wformat-security option, which can be made an error with
+-Werror=format-security.
+
+A few such two-argument calls were present in src/queue.c, where
+constant strings were being logged to syslog. This commit adds the
+second format string parameter (simply "%s" in this case) to avoid the
+compiler warnings.
+
+More information about format-security can be found in Fedora's FAQ:
+
+ https://fedoraproject.org/wiki/Format-Security-FAQ
+---
+ src/queue.c | 22 +++++++++++-----------
+ 1 file changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/src/queue.c b/src/queue.c
+index 8cb7445..50bb519 100644
+--- a/src/queue.c
++++ b/src/queue.c
+@@ -50,7 +50,7 @@ void del_queue() {
+ struct msqid_ds buf;
+
+ if (msgctl(queue_id,IPC_RMID,&buf) < 0) {
+- syslog(LOG_ERR,"Error: queue remove error.\n");
++ syslog(LOG_ERR, "%s", "Error: queue remove error.\n");
+ }
+ }
+
+@@ -58,7 +58,7 @@ int get_queue_id(int id) {
+ key_t key = ftok(NDO_QUEUE_PATH, NDO_QUEUE_ID+id);
+
+ if ((queue_id = msgget(key, IPC_CREAT | 0600)) < 0) {
+- syslog(LOG_ERR,"Error: queue init error.\n");
++ syslog(LOG_ERR, "%s", "Error: queue init error.\n");
+ }
+ }
+
+@@ -99,7 +99,7 @@ void log_retry( void) {
+ if(msgctl(queue_id, IPC_STAT, &queue_stats)) {
+ sprintf(curstats, "Unable to determine current message queue usage: error reading IPC_STAT: %d", errno);
+ sprintf(logmsg, logfmt, curstats);
+- syslog(LOG_ERR, logmsg);
++ syslog(LOG_ERR, "%s", logmsg);
+ }
+ else {
+ #if defined( __linux__)
+@@ -108,24 +108,24 @@ void log_retry( void) {
+ if( msgmni < 0) {
+ sprintf(curstats, "Unable to determine current message queue usage: error reading IPC_INFO: %d", errno);
+ sprintf(logmsg, logfmt, curstats);
+- syslog(LOG_ERR, logmsg);
++ syslog(LOG_ERR, "%s", logmsg);
+ }
+ else {
+ sprintf(curstats, statsfmt, queue_stats.msg_qnum,
+ (unsigned long)msgmni, queue_stats.__msg_cbytes,
+ queue_stats.msg_qbytes);
+ sprintf(logmsg, logfmt, curstats);
+- syslog(LOG_ERR, logmsg);
++ syslog(LOG_ERR, "%s", logmsg);
+ }
+ #else
+ sprintf(logmsg, logfmt, "");
+- syslog(LOG_ERR, logmsg);
++ syslog(LOG_ERR, "%s", logmsg);
+ #endif
+ }
+ last_retry_log_time = now;
+ }
+ else {
+- syslog(LOG_ERR,"Warning: queue send error, retrying...\n");
++ syslog(LOG_ERR, "%s", "Warning: queue send error, retrying...\n");
+ }
+ }
+
+@@ -155,14 +155,14 @@ void push_into_queue (char* buf) {
+ #endif
+ }
+ if (retrynum < MAX_RETRIES) {
+- syslog(LOG_ERR,"Message sent to queue.\n");
++ syslog(LOG_ERR, "%s", "Message sent to queue.\n");
+ }
+ else {
+- syslog(LOG_ERR,"Error: max retries exceeded sending message to queue. Kernel queue parameters may need to be tuned. See README.\n");
++ syslog(LOG_ERR, "%s", "Error: max retries exceeded sending message to queue. Kernel queue parameters may need to be tuned. See README.\n");
+ }
+ }
+ else {
+- syslog(LOG_ERR,"Error: queue send error.\n");
++ syslog(LOG_ERR, "%s", "Error: queue send error.\n");
+ }
+ }
+
+@@ -175,7 +175,7 @@ char* pop_from_queue() {
+ zero_string(msg.text, NDO_MAX_MSG_SIZE);
+
+ if (msgrcv(queue_id, &msg, queue_buff_size, NDO_MSG_TYPE, MSG_NOERROR) < 0) {
+- syslog(LOG_ERR,"Error: queue recv error.\n");
++ syslog(LOG_ERR, "%s", "Error: queue recv error.\n");
+ }
+
+ int size = strlen(msg.text);
+--
+2.13.0
+
diff --git a/net-analyzer/ndoutils/files/ndo2db.init-nagios3 b/net-analyzer/ndoutils/files/ndo2db.init-nagios3
deleted file mode 100644
index 3e1e262f6e0c..000000000000
--- a/net-analyzer/ndoutils/files/ndo2db.init-nagios3
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-depends() {
- before nagios
- need mysql
-}
-
-start() {
- ebegin "Starting ndo2db"
- if [ -S /var/nagios/ndo.sock ] ; then
- rm -f /var/nagios/ndo.sock
- fi
- start-stop-daemon --start --quiet --exec /usr/bin/ndo2db \
- -- -c /etc/nagios/ndo2db.cfg
- eend $?
-}
-
-stop() {
- ebegin "Stopping ndo2db"
- start-stop-daemon --stop --quiet --exec /usr/bin/ndo2db
- eend $?
-}
diff --git a/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch b/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch
index 146132c21de3..21cf837ba36d 100644
--- a/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch
+++ b/net-analyzer/ndoutils/files/ndoutils-2.0.0-asprintf.patch
@@ -1,3 +1,9 @@
+This is a fix for the QA warnings that result from using asprintf()
+without defining it. That happens because asprintf() is a GNU
+extension, but somehow gets used before _GNU_SOURCE is defined.
+
+Upstream-Bug: https://github.com/NagiosEnterprises/ndoutils/issues/43
+
--- a/include/config.h.in
+++ b/include/config.h.in
@@ -9,6 +9,7 @@
diff --git a/net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch b/net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch
deleted file mode 100644
index 61694baee9e3..000000000000
--- a/net-analyzer/ndoutils/files/ndoutils-2.0.0-sleep.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/src/queue.c
-+++ b/src/queue.c
-@@ -8,6 +8,7 @@
- #include "../include/queue.h"
- #include <errno.h>
- #include <time.h>
-+#include <unistd.h> /* sleep() */
-
- #define RETRY_LOG_INTERVAL 600 /* Seconds */
- #define MAX_RETRIES 20 /* Max number of times to retry sending message */
diff --git a/net-analyzer/ndoutils/files/openrc-init.patch b/net-analyzer/ndoutils/files/openrc-init.patch
new file mode 100644
index 000000000000..07fcc63b7f3d
--- /dev/null
+++ b/net-analyzer/ndoutils/files/openrc-init.patch
@@ -0,0 +1,100 @@
+From 61c6e9295bae755713b403626f702b5ac90f2448 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Sat, 22 Jul 2017 17:25:29 -0400
+Subject: [PATCH 1/1] startup: simplify the OpenRC init scripts and conf file.
+
+This commit largely rewrites the OpenRC init script with the goal of
+simplifying it. The end result should be functionally the same, but is
+much shorter. The changes are as follows:
+
+ 1. Replace the deprecated /sbin/runscript shebang with /sbin/openrc-run.
+
+ 2. Replace the existing dependencies with "need mysql nagios". The
+ ndo2db daemon needs Nagios to create the TCP or Unix socket over
+ which it will communicate, and obviously it needs mysql to be
+ up and running in order to save any data. The dependencies
+ of mysql and nagios themselves will bring up whatever else is
+ required; nothing else needs to be listed as a dependency of
+ ndo2db.
+
+ 3. Use the "command", "command_args", and "pidfile" OpenRC
+ variables. OpenRC is smart enough to start and stop a well-behaved
+ daemon on its own without a custom start/stop function. By
+ specifying those three variables, we are able to eliminate much of
+ the custom start/stop code in the init script.
+
+Finally, the default value of NDO2DB_CFG in the associated conf file has
+been updated to use @sysconfdir@ instead of @pkgsysconfdir@, which wasn't
+having any effect.
+---
+ startup/openrc-conf.in | 6 ++----
+ startup/openrc-init.in | 42 +++++++++---------------------------------
+ 2 files changed, 11 insertions(+), 37 deletions(-)
+
+diff --git a/startup/openrc-conf.in b/startup/openrc-conf.in
+index d7b5474..69b15b5 100644
+--- a/startup/openrc-conf.in
++++ b/startup/openrc-conf.in
+@@ -1,4 +1,2 @@
+-# /etc/conf.d/ndo2db : config file for /etc/init.d/ndo2db
+-
+-# Configuration file - default is @sysconfdir@/ndo2db.cfg
+-NDO2DB_CFG="@pkgsysconfdir@/ndo2db.cfg"
++# The configuration file to use for ndo2db.
++NDO2DB_CFG="@sysconfdir@/ndo2db.cfg"
+diff --git a/startup/openrc-init.in b/startup/openrc-init.in
+index 119e074..7b3fb40 100644
+--- a/startup/openrc-init.in
++++ b/startup/openrc-init.in
+@@ -1,39 +1,15 @@
+-#!/sbin/runscript
++#!/sbin/openrc-run
+ #
+-# Copyright (c) 2016 Nagios(R) Core(TM) Development Team
++# Copyright (c) 2017 Nagios(R) Core(TM) Development Team
+ #
+-# Start/stop the Nagios Data Out Daemon.
+-#
+-# Goes in /etc/init.d - Config is in /etc/conf.d/ndo2db
+
+-NDO2DB_BIN="@sbindir@/ndo2db"
+-NDO2DB_PID="@piddir@/ndo2db.pid"
++command="@sbindir@/ndo2db"
++command_args="-c ${NDO2DB_CFG}"
++description="Nagios Data Out daemon"
++pidfile="@piddir@/ndo2db.pid"
+
+ depend() {
+- use logger dns net localmount netmount nfsmount
+-}
+-
+-checkconfig() {
+- # Make sure the config file exists
+- if [ ! -f $NDO2DB_CFG ]; then
+- eerror "You need to setup $NDO2DB_CFG.
+- return 1
+- fi
+- return 0
+-}
+-
+-start() {
+- checkconfig || return 1
+- ebegin "Starting ndo2db"
+- # Make sure we have a sane current directory
+- cd /
+- start-stop-daemon --start --exec $NDO2DB_BIN --pidfile $PID_FILE \
+- -- -c $NDO2DB_CFG -f
+- eend $?
+-}
+-
+-stop() {
+- ebegin "Stopping ndo2db"
+- start-stop-daemon --stop --exec $NDO2DB_BIN --pidfile $PID_FILE
+- eend $?
++ # The Nagios core daemon creates the socket that ndo2db tries to
++ # connect to upon starting.
++ need mysql nagios
+ }
+--
+2.13.0
+
diff --git a/net-analyzer/ndoutils/files/sample-config-piddir.patch b/net-analyzer/ndoutils/files/sample-config-piddir.patch
new file mode 100644
index 000000000000..902038204988
--- /dev/null
+++ b/net-analyzer/ndoutils/files/sample-config-piddir.patch
@@ -0,0 +1,32 @@
+From 560db1e2bc79bb3321c5f431e149418ec3c28a98 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Sun, 23 Jul 2017 07:13:46 -0400
+Subject: [PATCH 1/1] config/ndo2db.cfg-sample.in: use @piddir@ for the pid
+ file.
+
+The "lock_file" setting in ndo2db.cfg specifies where the daemon's pid
+file should be stored. In the past, it was stored in @localstatedir@,
+but @piddir@ is more appropriate. As evidence, all of the init scripts
+in the "startup" directory reference @piddir@ and not @localstatedir@
+for the location of the pid file. This commit updates the sample
+config to agree with the init scripts.
+---
+ config/ndo2db.cfg-sample.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/ndo2db.cfg-sample.in b/config/ndo2db.cfg-sample.in
+index 75266dc..5b46fc9 100644
+--- a/config/ndo2db.cfg-sample.in
++++ b/config/ndo2db.cfg-sample.in
+@@ -10,7 +10,7 @@
+ # This is the lockfile that NDO2DB will use to store its PID number
+ # in when it is running in daemon mode.
+
+-lock_file=@localstatedir@/ndo2db.pid
++lock_file=@piddir@/ndo2db.pid
+
+
+
+--
+2.13.0
+
diff --git a/net-analyzer/ndoutils/ndoutils-2.0.0.ebuild b/net-analyzer/ndoutils/ndoutils-2.0.0.ebuild
deleted file mode 100644
index b813b079881b..000000000000
--- a/net-analyzer/ndoutils/ndoutils-2.0.0.ebuild
+++ /dev/null
@@ -1,67 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-inherit eutils user
-
-MY_P=${P/_beta/b}
-
-DESCRIPTION="Nagios addon to store Nagios data in a MySQL database"
-HOMEPAGE="http://www.nagios.org"
-SRC_URI="mirror://sourceforge/nagios/${MY_P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86 ~ppc"
-
-DEPEND="
- dev-perl/DBD-mysql
- dev-perl/DBI
- virtual/mysql
-"
-RDEPEND="
- ${DEPEND}
- >=net-analyzer/nagios-core-3.0
-"
-
-S="${WORKDIR}/${MY_P}"
-
-pkg_setup() {
- enewgroup nagios
- enewuser nagios -1 /bin/bash /var/nagios/home nagios
-}
-
-src_prepare() {
- epatch \
- "${FILESDIR}"/${P}-asprintf.patch \
- "${FILESDIR}"/${P}-sleep.patch
-}
-
-src_configure() {
- econf \
- --sysconfdir=/etc/nagios \
- --enable-mysql
-}
-
-DOCS=(
- 'docs/NDOUTILS DB Model.pdf'
- 'docs/NDOUtils Documentation.pdf'
- Changelog
- README
- REQUIREMENTS
- TODO
- UPGRADING
-)
-
-src_install() {
- default
- emake DESTDIR="${D}" install-config
-
- newinitd "${FILESDIR}"/ndo2db.init-nagios3 ndo2db
-}
-
-pkg_postinst() {
- elog "To include NDO in your Nagios setup you'll need to activate the NDO broker module"
- elog "in /etc/nagios/nagios.cfg:"
- elog "\tbroker_module=/usr/bin/ndomod-3x.o config_file=/etc/nagios/ndomod.cfg"
-}
diff --git a/net-analyzer/ndoutils/ndoutils-2.1.3.ebuild b/net-analyzer/ndoutils/ndoutils-2.1.3.ebuild
new file mode 100644
index 000000000000..1872b7849d8d
--- /dev/null
+++ b/net-analyzer/ndoutils/ndoutils-2.1.3.ebuild
@@ -0,0 +1,89 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+inherit systemd
+
+DESCRIPTION="Nagios addon to store Nagios data in a MySQL database"
+HOMEPAGE="http://www.nagios.org/"
+SRC_URI="https://github.com/NagiosEnterprises/${PN}/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+# We require the "nagios" user from net-analyzer/nagios-core at build
+# time.
+DEPEND="dev-perl/DBD-mysql
+ dev-perl/DBI
+ >=net-analyzer/nagios-core-4
+ virtual/mysql"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}/${PN}-${P}"
+
+DOCS=(
+ Changelog
+ README
+ THANKS
+ TODO
+ UPGRADING
+ "docs/NDOUTILS DB Model.pdf"
+ "docs/NDOUtils Documentation.pdf"
+)
+
+PATCHES=(
+ "${FILESDIR}/format-security.patch"
+ "${FILESDIR}/ndoutils-2.0.0-asprintf.patch"
+ "${FILESDIR}/sample-config-piddir.patch"
+ "${FILESDIR}/openrc-init.patch"
+)
+
+src_configure() {
+ # The localstatedir is where our socket will be created by the
+ # nagios daemon, so we put it in /var/nagios where the "nagios" user
+ # will be able to write.
+ #
+ # And normally, we would use /run for the pid file, but the daemon
+ # drops permissions before creating it, the the piddir also needs
+ # to be writable by the nagios user.
+ econf --enable-mysql \
+ --localstatedir=/var/nagios \
+ --sysconfdir=/etc/nagios \
+ --with-piddir=/var/nagios
+}
+
+src_compile() {
+ # Avoid "emake all" so that we don't build the stuff for nagios-2.x
+ # and nagios-3.x, some of which throws QA warnings. We don't use it
+ # anyway.
+ pushd src
+ emake file2sock log2ndo ndo2db-4x ndomod-4x.o sockdebug
+ popd
+}
+
+src_install() {
+ default
+ insinto /etc/nagios
+ newins config/ndo2db.cfg-sample ndo2db.cfg
+ newins config/ndomod.cfg-sample ndomod.cfg
+ newinitd "startup/openrc-init" ndo2db
+ newconfd "startup/openrc-conf" ndo2db
+ systemd_newunit "startup/default-service" "${PN}.service"
+
+ # The documentation isn't installed by the build system
+ dodoc -r docs/html
+
+ # Use symlinks because the installdb/upgradedb scripts use relative
+ # paths to the SQL queries.
+ insinto "/usr/share/${PN}"
+ doins -r db
+ dosym "/usr/share/${PN}/db/installdb" /usr/bin/ndoutils-installdb
+ dosym "/usr/share/${PN}/db/upgradedb" /usr/bin/ndoutils-upgradedb
+}
+
+pkg_postinst() {
+ elog "To include NDO in your Nagios setup, you'll need to activate"
+ elog "the NDO broker module in /etc/nagios/nagios.cfg:"
+ elog " broker_module=/usr/bin/ndomod.o config_file=/etc/nagios/ndomod.cfg"
+}