From 8588e32c1c4dd67e878bee70d1777b8fdb9c2662 Mon Sep 17 00:00:00 2001 From: Michael Orlitzky Date: Sun, 2 Dec 2018 11:00:24 -0500 Subject: net-analyzer/nagios-core: remove nagios-core-4.3.3 to fix CVE-2017-14312. Bug: https://bugs.gentoo.org/629380 Signed-off-by: Michael Orlitzky Package-Manager: Portage-2.3.51, Repoman-2.3.11 --- net-analyzer/nagios-core/Manifest | 1 - net-analyzer/nagios-core/nagios-core-4.3.3.ebuild | 246 ---------------------- 2 files changed, 247 deletions(-) delete mode 100644 net-analyzer/nagios-core/nagios-core-4.3.3.ebuild diff --git a/net-analyzer/nagios-core/Manifest b/net-analyzer/nagios-core/Manifest index 073ae5bd3c84..1aee223909c1 100644 --- a/net-analyzer/nagios-core/Manifest +++ b/net-analyzer/nagios-core/Manifest @@ -1,4 +1,3 @@ -DIST nagios-4.3.3.tar.gz 11101531 BLAKE2B 537d49ecf28b457fbc1e24eaaa9c5d9e8c4db59ed69c91a573c0cacb6cfb6fd2d52c31e87c0cef34b81a69247bb5b9513983d95e7eae3ea7f861742da485d2d4 SHA512 588292a95342cb2d95d7b58f70442b82b99a23dd9fdc1390e9ae0743626a047e5127d77b1d7e6a1d8edd6f34a425e581bcd42459b673a0ddea14125bde4b7d9e DIST nagios-4.3.4.tar.gz 11101966 BLAKE2B 6cb8182f40a4f83875c94df040bb1c62ce078d4130e10fa8595ea0b14cf715fc2a237ffb34199da9c1528e4789f3ce8deae3d993b5b795ad712d48b1e5fdb820 SHA512 f4e92aa98151739442a225a245871d93b5560d89510bdacb1a615959b9687f7a92675f10fcba71078b104ca8f237b0155a9261d67ec66f80aec7f033b4b3e316 DIST nagios-4.4.2.tar.gz 11301454 BLAKE2B 1b5ffa775bbf147e96d07edd36a387db271802d58cc1a1d1eb867645955aec0044e757785578a60c12549bd4e66e4c95ef06dd0f3f8be3599187d0ef0bcc8a4b SHA512 a6ddb2d8ca1c523d02659a2af0b9c67a3802893c946279bb15be53645dc64c997cd5562b77eab9dae03e756ec6622a9a641f7bd68269aba4ddd56ee21f50959e DIST nagios-core-gentoo-icons-20141125.tar 40960 BLAKE2B 31c1953e1160c7c7b89606b72b1a80407e4c1b7a7938b40bd1c577cd0c309dd88ca6b775d692a9b846dbf67736537fa9c91e56aa15fdd447769608ca525bff09 SHA512 bf109879cddd6136b76baba55d0b60b2596e37431dcf5ce0905d34a9fa292ebf7e4bde82d9a084362c486e8fac344c76d88f9298b1b85541ed70ffd608493766 diff --git a/net-analyzer/nagios-core/nagios-core-4.3.3.ebuild b/net-analyzer/nagios-core/nagios-core-4.3.3.ebuild deleted file mode 100644 index 11e40c1b8e02..000000000000 --- a/net-analyzer/nagios-core/nagios-core-4.3.3.ebuild +++ /dev/null @@ -1,246 +0,0 @@ -# Copyright 1999-2018 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit toolchain-funcs user - -MY_P=${PN/-core}-${PV} -DESCRIPTION="Nagios core - monitoring daemon, web GUI, and documentation" -HOMEPAGE="https://www.nagios.org/" - -# The name of the directory into which our Gentoo icons will be -# extracted, and also the basename of the archive containing it. -GENTOO_ICONS="${PN}-gentoo-icons-20141125" -SRC_URI="mirror://sourceforge/nagios/${MY_P}.tar.gz - web? ( https://dev.gentoo.org/~mjo/distfiles/${GENTOO_ICONS}.tar )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 ~arm ~arm64 ppc ppc64 sparc x86" -IUSE="apache2 classicui lighttpd perl +web vim-syntax" - -# In pkg_postinst(), we change the group of the Nagios configuration -# directory to that of the web server user. It can't belong to both -# apache/lighttpd groups at the same time, so we block this combination -# for our own sanity. -# -# This could be made to work, but we would need a better way to allow -# the web user read-only access to Nagios's configuration directory. -# -REQUIRED_USE="apache2? ( !lighttpd )" - -# sys-devel/libtool dependency is bug #401237. -# -# Note, we require one of the apache2 CGI modules: -# -# * mod_cgi -# * mod_cgid -# * mod_fcgid -# -# We just don't care /which/ one. And of course PHP supports both CGI -# (USE=cgi) and FastCGI (USE=fpm). We're pretty lenient with the -# dependencies, and expect the user not to do anything /too/ -# stupid. (For example, installing Apache with only FastCGI support, and -# PHP with only CGI support.) -# -# Another annoyance is that the upstream Makefile uses app-arch/unzip to -# extract a snapshot of AngularJS, but that's only needed when USE=web. -# -MOD_ALIAS=apache2_modules_alias -DEPEND="sys-devel/libtool - virtual/mailx - perl? ( dev-lang/perl:= ) - web? ( - app-arch/unzip - media-libs/gd[jpeg,png] - lighttpd? ( www-servers/lighttpd[php] ) - apache2? ( - || ( - >=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_cgi] - >=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_cgid] - >=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_fcgid] ) - || ( - dev-lang/php:*[apache2] - dev-lang/php:*[cgi] - dev-lang/php:*[fpm] ) - ) - )" -RDEPEND="${DEPEND} - vim-syntax? ( app-vim/nagios-syntax )" - -S="${WORKDIR}/${MY_P}" - -pkg_setup() { - enewgroup nagios - enewuser nagios -1 /bin/bash /var/nagios/home nagios -} - -src_configure() { - local myconf - - if use perl; then - myconf="${myconf} --enable-embedded-perl --with-perlcache" - fi - - if use !apache2 && use !lighttpd ; then - myconf="${myconf} --with-command-group=nagios" - else - if use apache2 ; then - myconf="${myconf} --with-command-group=apache" - myconf="${myconf} --with-httpd-conf=/etc/apache2/conf.d" - elif use lighttpd ; then - myconf="${myconf} --with-command-group=lighttpd" - fi - fi - - econf ${myconf} \ - --prefix=/usr \ - --bindir=/usr/sbin \ - --sbindir=/usr/$(get_libdir)/nagios/cgi-bin \ - --datadir=/usr/share/nagios/htdocs \ - --localstatedir=/var/nagios \ - --sysconfdir=/etc/nagios \ - --libexecdir=/usr/$(get_libdir)/nagios/plugins -} - -src_compile() { - emake CC=$(tc-getCC) nagios - - if use web; then - # Only compile the CGIs/HTML when USE=web is set. - emake CC=$(tc-getCC) DESTDIR="${D}" cgis html - fi -} - -src_install() { - dodoc Changelog CONTRIBUTING.md README.asciidoc THANKS UPGRADING - - emake DESTDIR="${D}" install-base - emake DESTDIR="${D}" install-basic - emake DESTDIR="${D}" install-config - emake DESTDIR="${D}" install-commandmode - - if use web; then - emake DESTDIR="${D}" install-cgis - - # install-html installs the new exfoliation theme - emake DESTDIR="${D}" install-html - - if use classicui; then - # This overwrites the already-installed exfoliation theme - emake DESTDIR="${D}" install-classicui - fi - - # Install cute Gentoo icons (bug #388323), setting their - # owner, group, and mode to match those of the rest of Nagios's - # images. - insopts --group=nagios --owner=nagios --mode=0664 - insinto /usr/share/nagios/htdocs/images/logos - doins "${WORKDIR}/${GENTOO_ICONS}"/*.* - insopts --mode=0644 # Back to the default... - fi - - newinitd openrc-init nagios - - if use web ; then - if use apache2 ; then - # Install the Nagios configuration file for Apache. - insinto "/etc/apache2/modules.d" - doins "${FILESDIR}"/99_nagios4.conf - elif use lighttpd ; then - # Install the Nagios configuration file for Lighttpd. - insinto /etc/lighttpd - newins "${FILESDIR}/lighttpd_nagios4.conf" nagios.conf - else - ewarn "${CATEGORY}/${PF} only supports apache or lighttpd" - ewarn "out of the box. Since you are not using one of them, you" - ewarn "will have to configure your webserver yourself." - fi - fi - - for dir in etc/nagios var/nagios ; do - chown -R nagios:nagios "${D}/${dir}" \ - || die "failed chown of ${D}/${dir}" - done - - chown -R root:root "${D}/usr/$(get_libdir)/nagios" \ - || die "failed chown of ${D}/usr/$(get_libdir)/nagios" - - # The following two find...exec statements will die properly as long - # as chmod is only called once (that is, as long as the argument - # list is small enough). - find "${D}/usr/$(get_libdir)/nagios" -type d \ - -exec chmod 755 '{}' + || die 'failed to make nagios dirs traversable' - - if use web; then - find "${D}/usr/$(get_libdir)/nagios/cgi-bin" -type f \ - -exec chmod 755 '{}' + || die 'failed to make cgi-bins executable' - fi - - keepdir /etc/nagios - keepdir /var/nagios - keepdir /var/nagios/archives - keepdir /var/nagios/rw - keepdir /var/nagios/spool/checkresults - - if use !apache2 && use !lighttpd; then - chown -R nagios:nagios "${D}"/var/nagios/rw \ - || die "failed chown of ${D}/var/nagios/rw" - else - if use apache2 ; then - chown -R nagios:apache "${D}"/var/nagios/rw \ - || die "failed chown of ${D}/var/nagios/rw" - elif use lighttpd ; then - chown -R nagios:lighttpd "${D}"/var/nagios/rw \ - || die "failed chown of ${D}/var/nagios/rw" - fi - fi - - chmod ug+s "${D}"/var/nagios/rw || die "failed chmod of ${D}/var/nagios/rw" - chmod 0750 "${D}"/etc/nagios || die "failed chmod of ${D}/etc/nagios" -} - -pkg_postinst() { - - if use web; then - elog "Note that your web server user requires read-only access to" - elog "${ROOT}etc/nagios." - - if use apache2 || use lighttpd ; then - elog - elog "To that end, we have changed the group of ${ROOT}etc/nagios" - elog "to that of your web server user." - elog - if use apache2; then - chown nagios:apache "${ROOT}etc/nagios" \ - || die "failed to change group of ${ROOT}etc/nagios" - - elog "To enable the Nagios web front-end, please edit" - elog "${ROOT}etc/conf.d/apache2 and add \"-D NAGIOS -D PHP\"" - elog "to APACHE2_OPTS. Then Nagios will be available at," - elog - elif use lighttpd; then - chown nagios:lighttpd "${ROOT}etc/nagios" \ - || die "failed to change group of ${ROOT}etc/nagios" - elog "To enable the Nagios web front-end, please add" - elog "'include \"nagios.conf\"' to the lighttpd configuration" - elog "file at ${ROOT}etc/lighttpd/lighttpd.conf. Then Nagios" - elog "will be available at," - elog - fi - - elog " http://localhost/nagios/" - else - elog "Since you're not using either Apache or Lighttpd, you" - elog "will have to grant the necessary permissions yourself." - fi - fi - - elog - elog "If your kernel has /proc protection, nagios" - elog "will not be happy as it relies on accessing the proc" - elog "filesystem. You can fix this by adding nagios into" - elog "the group wheel, but this is not recomended." - elog -} -- cgit v1.2.3-65-gdbad