summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Orlitzky <mjo@gentoo.org>2015-08-31 12:08:49 -0400
committerMichael Orlitzky <mjo@gentoo.org>2015-08-31 12:08:49 -0400
commite05d77e5b5a85672092c5c156b1371da178b520f (patch)
treefb75300057a820bea09a65f7ffd5c1571242b417 /net-analyzer
parentnet-analyzer/nrpe: remove old ebuilds and patches. (diff)
downloadgentoo-e05d77e5b5a85672092c5c156b1371da178b520f.tar.gz
gentoo-e05d77e5b5a85672092c5c156b1371da178b520f.tar.bz2
gentoo-e05d77e5b5a85672092c5c156b1371da178b520f.zip
net-analyzer/nrpe: revbump to add selinux and no-ssl support.
Add a conditional dep on sec-policy/selinux-nagios, and pull in an (unreleased) upstream patch to fix the build when USE="-ssl". Also add a slot on the openssl dependency to make repoman happy. Bug: 462572 Bug: 554536 Package-Manager: portage-2.2.20.1
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch39
-rw-r--r--net-analyzer/nrpe/nrpe-2.15-r3.ebuild137
2 files changed, 176 insertions, 0 deletions
diff --git a/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch
new file mode 100644
index 000000000000..3b3fc135455f
--- /dev/null
+++ b/net-analyzer/nrpe/files/nrpe-2.15-no-ssl.patch
@@ -0,0 +1,39 @@
+Without this patch, you can't build nrpe without SSL support. It was
+originally submitted on the Nagios forums by user Matthew L. Daniel:
+
+ https://support.nagios.com/forum/viewtopic.php?t=27027
+
+It was merged into the upstream github repo (NagiosEnterprises/nrpe)
+in commit 3736fdeeac11a.
+
+
+diff --git a/src/nrpe.c b/src/nrpe.c
+index 4bc849b..1e55ab4 100644
+--- a/src/nrpe.c
++++ b/src/nrpe.c
+@@ -102,7 +102,9 @@ int use_src=FALSE; /* Define parameter for SRC option */
+ int listen_queue_size=DEFAULT_LISTEN_QUEUE_SIZE;
+
+
++#ifdef HAVE_SSL
+ void complete_SSL_shutdown( SSL *);
++#endif
+
+
+ int main(int argc, char **argv){
+@@ -1815,6 +1817,7 @@ int remove_pid_file(void){
+ return OK;
+ }
+
++#ifdef HAVE_SSL
+ void complete_SSL_shutdown( SSL *ssl) {
+
+ /*
+@@ -1835,6 +1838,7 @@ void complete_SSL_shutdown( SSL *ssl) {
+ if( SSL_shutdown( ssl)) break;
+ }
+ }
++#endif/*HAVE_SSL*/
+
+ /* bail if daemon is running as root */
+ int check_privileges(void){
diff --git a/net-analyzer/nrpe/nrpe-2.15-r3.ebuild b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild
new file mode 100644
index 000000000000..906120d2359c
--- /dev/null
+++ b/net-analyzer/nrpe/nrpe-2.15-r3.ebuild
@@ -0,0 +1,137 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit eutils systemd toolchain-funcs multilib user autotools
+
+DESCRIPTION="Nagios Remote Plugin Executor"
+HOMEPAGE="http://www.nagios.org/"
+SRC_URI="mirror://sourceforge/nagios/${P}.tar.gz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="command-args minimal selinux ssl tcpd"
+
+DEPEND="ssl? ( dev-libs/openssl:0 )
+ !minimal? ( tcpd? ( sys-apps/tcp-wrappers ) )"
+RDEPEND="${DEPEND}
+ !minimal? (
+ || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins )
+ )
+ selinux? ( sec-policy/selinux-nagios )"
+
+pkg_setup() {
+ enewgroup nagios
+ enewuser nagios -1 /bin/bash /dev/null nagios
+
+ elog "If you plan to use \"nrpe_check_control\" then you may want to specify"
+ elog "different command and services files. You can override the defaults"
+ elog "through the \"NAGIOS_COMMAND_FILE\" and \"NAGIOS_SERVICES_FILE\" environment variables."
+ elog "NAGIOS_COMMAND_FILE=${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}"
+ elog "NAGIOS_SERVICES_FILE=${NAGIOS_SERVICES_FILE:-/etc/services.cfg}"
+}
+
+src_prepare() {
+ # Add support for large output,
+ # http://opsview-blog.opsera.com/dotorg/2008/08/enhancing-nrpe.html
+ epatch "${FILESDIR}"/${PN}-2.14-multiline.patch
+
+ # fix configure, among others #326367, #397603
+ epatch "${FILESDIR}"/${PN}-2.15-tcpd-et-al.patch
+
+ # otherwise autoconf will overwrite the custom include/config.h.in
+ epatch "${FILESDIR}"/${PN}-2.15-autoconf-header.patch
+
+ # improve handling of metachars for security
+ epatch "${FILESDIR}"/${PN}-2.15-metachar-security-fix.patch
+
+ # Fix build with USE="-ssl".
+ epatch "${FILESDIR}"/${PN}-2.15-no-ssl.patch
+
+ sed -i -e '/define \(COMMAND\|SERVICES\)_FILE/d' \
+ contrib/nrpe_check_control.c || die
+
+ # change the default location of the pid file
+ sed -i -e '/pid_file/s:/var/run:/run:' sample-config/nrpe.cfg.in || die
+
+ # fix TFU handling of autoheader
+ sed -i -e '/#undef/d' include/config.h.in || die
+
+ eautoreconf
+}
+
+src_configure() {
+ local myconf
+ if use minimal; then
+ myconf="--disable-tcp-wrapper --disable-command-args"
+ else
+ myconf="$(use_enable tcpd tcp-wrapper) $(use_enable command-args)"
+ fi
+
+ econf \
+ --libexecdir=/usr/$(get_libdir)/nagios/plugins \
+ --localstatedir=/var/nagios \
+ --sysconfdir=/etc/nagios \
+ --with-nrpe-user=nagios \
+ --with-nrpe-group=nagios \
+ $(use_enable ssl) \
+ ${myconf}
+}
+
+src_compile() {
+ emake -C src check_nrpe $(use minimal || echo nrpe)
+
+ # Add nifty nrpe check tool
+ $(tc-getCC) ${CPPFLAGS} ${CFLAGS} \
+ -DCOMMAND_FILE=\"${NAGIOS_COMMAND_FILE:-/var/rw/nagios.cmd}\" \
+ -DSERVICES_FILE=\"${NAGIOS_SERVICES_FILE:-/etc/services.cfg}\" \
+ ${LDFLAGS} -o nrpe_check_control contrib/nrpe_check_control.c || die
+}
+
+src_install() {
+ dodoc LEGAL Changelog README SECURITY \
+ contrib/README.nrpe_check_control \
+ $(use ssl && echo README.SSL)
+
+ exeinto /usr/$(get_libdir)/nagios/plugins
+ doexe src/check_nrpe nrpe_check_control
+
+ use minimal && return 0
+
+ ## NON-MINIMAL INSTALL FOLLOWS ##
+
+ insinto /etc/nagios
+ newins sample-config/nrpe.cfg nrpe.cfg
+ fowners root:nagios /etc/nagios/nrpe.cfg
+ fperms 0640 /etc/nagios/nrpe.cfg
+
+ exeinto /usr/libexec
+ doexe src/nrpe
+
+ newinitd "${FILESDIR}"/nrpe.init nrpe
+ systemd_dounit "${FILESDIR}/${PN}.service"
+
+ insinto /etc/xinetd.d/
+ newins "${FILESDIR}/nrpe.xinetd.2" nrpe
+
+ if use tcpd; then
+ sed -i -e '/^reload()/, /^}/ d' -e '/extra_started_commands/s:reload::' \
+ "${D}"/etc/init.d/nrpe
+ fi
+}
+
+pkg_postinst() {
+ elog "If you are using the nrpe daemon, remember to edit"
+ elog "the config file /etc/nagios/nrpe.cfg"
+
+ if use command-args ; then
+ ewarn ""
+ ewarn "You have enabled command-args for NRPE. This enables"
+ ewarn "the ability for clients to supply arguments to commands"
+ ewarn "which should be run. "
+ ewarn "THIS IS CONSIDERED A SECURITY RISK!"
+ ewarn "Please read /usr/share/doc/${PF}/SECURITY.bz2 for more info"
+ fi
+}