summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/nrpe/Manifest1
-rw-r--r--net-analyzer/nrpe/files/nrpe-4.0.2-disable-tcpd.patch62
-rw-r--r--net-analyzer/nrpe/nrpe-4.0.3.ebuild101
3 files changed, 164 insertions, 0 deletions
diff --git a/net-analyzer/nrpe/Manifest b/net-analyzer/nrpe/Manifest
index 4fab8d8b80df..b156a0375137 100644
--- a/net-analyzer/nrpe/Manifest
+++ b/net-analyzer/nrpe/Manifest
@@ -1,2 +1,3 @@
DIST nrpe-4.0.0.tar.gz 523846 BLAKE2B 850a420f0550e1dfe6b0ea98a9d9cafec0ec583c115be89b3ba8e88a309c40226c87f6ae880d12c582822e492c5991e3d2444b68f5644750fc74ad75596c96fd SHA512 8773102f28f3e7e96f3637e77489eb12ffe88fe839abfe3f150d2eb3d2efe05f7f812ab4d52a64cbd8d0a5e491aed93d5300b7ce9a8dd072b3a00d885b91276b
DIST nrpe-4.0.2.tar.gz 524146 BLAKE2B dc100579420eeccaaa2a913f56c76b86b6ebdce8d1afdddcc428bfd4a8c12ad19050ab0395e7a109d4e8b43ca7d6a11e13ec4a4250a91483e37725c184382ca2 SHA512 4d7cf6abc974bc79df54afc42644418e3f086a279c8c17d0fd104f19e3c21c0f3dae4fb4268dd134446ff9fe505159b0446372c5cac71cfe03a97479ed41c09b
+DIST nrpe-4.0.3.tar.gz 524160 BLAKE2B d2c99cadf718e7049c911388b105fb4f5248307c733d94a73fd02ac69c49be230dad58be0a182af9c8d7e0d1f34e8dba6b8fc46a7c01eb15d845f2b3a54499ed SHA512 31d932c481c8a53bd0f8865fb3cfeeb1466b9b05fa89382aa056aa9343a09843b51fe5398fd0388e6bba99e9c3d8093f6033799fd83afd43012bfe8fdc5a33e3
diff --git a/net-analyzer/nrpe/files/nrpe-4.0.2-disable-tcpd.patch b/net-analyzer/nrpe/files/nrpe-4.0.2-disable-tcpd.patch
new file mode 100644
index 000000000000..7140c43d7e8c
--- /dev/null
+++ b/net-analyzer/nrpe/files/nrpe-4.0.2-disable-tcpd.patch
@@ -0,0 +1,62 @@
+Stripped ./configure portion for Gentoo, instead relying on eautoreconf.
+
+From 8bce40cff68c0a7d88b465eb345267ad5176461a Mon Sep 17 00:00:00 2001
+From: Jaco Kroon <jaco@iewc.co.za>
+Date: Mon, 8 Feb 2021 17:07:30 +0200
+Subject: [PATCH] Patch to allow passing --enable-tcpd or --disable-tcpd.
+
+If passing --enable-tcpd and libwrap is not available, ./configure will
+fail.
+
+If passing --disable-tcpd, libwrap will be completely ignore.
+
+If not passed, current behaviour still applies.
+
+Signed-off-by: Jaco Kroon <jaco@iewc.co.za>
+---
+ configure.ac | 28 +++++++++++++++++++++++-----
+ 2 files changed, 52 insertions(+), 6 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 3981bb0..e3c1a15 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -237,12 +237,30 @@ AC_CHECK_FUNCS([getopt_long],,AC_CHECK_LIB([iberty],[getopt_long],OTHERLIBS="$OT
+ dnl Checks for library functions.
+ AC_CHECK_LIB(nsl,main,SOCKETLIBS="$SOCKETLIBS -lnsl")
+ AC_CHECK_LIB(socket,socket,SOCKETLIBS="$SOCKETLIBS -lsocket")
+-AC_CHECK_LIB(wrap,main,[
+- LIBWRAPLIBS="$LIBWRAPLIBS -lwrap"
+- AC_DEFINE(HAVE_LIBWRAP,[1],[Have the TCP wrappers library])
+- AC_TRY_LINK([#include <tcpd.h>
+- ],[int a = rfc931_timeout;],AC_DEFINE(HAVE_RFC931_TIMEOUT))
++
++AC_ARG_ENABLE([tcpd],
++ AS_HELP_STRING([--disable-tcpd],[disables support for tcpd even if present]),[
++ if test x$enableval = xyes; then
++ check_for_tcpd=yes
++ else
++ check_for_tcpd=no
++ fi
++ ],check_for_tcpd=optional)
++
++AC_MSG_CHECKING(check_for_tcpd=$check_for_tcpd)
++if test x$check_for_tcpd != xno; then
++ AC_CHECK_LIB(wrap,main,[
++ LIBWRAPLIBS="$LIBWRAPLIBS -lwrap"
++ AC_DEFINE(HAVE_LIBWRAP,[1],[Have the TCP wrappers library])
++ AC_TRY_LINK([#include <tcpd.h>
++ ],[int a = rfc931_timeout;],AC_DEFINE(HAVE_RFC931_TIMEOUT))
++ ],[
++ if test x$check_for_tcpd = xyes; then
++ AC_MSG_ERROR(--enable-tcpd specified but unable to locate libwrap.)
++ fi
+ ])
++fi
++
+ AC_CHECK_FUNCS(strdup strstr strtoul strtok_r initgroups closesocket sigaction scandir)
+
+ dnl socklen_t check - from curl
+--
+2.26.2
+
diff --git a/net-analyzer/nrpe/nrpe-4.0.3.ebuild b/net-analyzer/nrpe/nrpe-4.0.3.ebuild
new file mode 100644
index 000000000000..5cbe3d9a63b6
--- /dev/null
+++ b/net-analyzer/nrpe/nrpe-4.0.3.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools systemd
+
+DESCRIPTION="Nagios Remote Plugin Executor"
+HOMEPAGE="https://github.com/NagiosEnterprises/nrpe"
+SRC_URI="https://github.com/NagiosEnterprises/nrpe/releases/download/${P}/${P}.tar.gz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="command-args selinux ssl tcpd"
+
+DEPEND="acct-group/nagios
+ acct-user/nagios
+ tcpd? (
+ sys-apps/tcp-wrappers
+ )
+ ssl? (
+ dev-libs/openssl:=
+ )"
+RDEPEND="${DEPEND}
+ || ( net-analyzer/nagios-plugins net-analyzer/monitoring-plugins )
+ selinux? ( sec-policy/selinux-nagios )"
+
+PATCHES=(
+ "${FILESDIR}/nrpe-3.2.1-eliminate-systemd-pid.patch"
+ "${FILESDIR}/nrpe-4.0.2-disable-tcpd.patch"
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ # The configure script tries to detect what OS, distribution, and
+ # init system you're running and changes the build/install process
+ # depending on what it comes up with. We specify fixed values
+ # because we don't want it guessing, for example, whether or not
+ # to install the tmpfiles.d entry based on whether or not systemd
+ # is currently running (OpenRC uses them too).
+ #
+ # Note: upstream defaults to using "nagios" as the default NRPE
+ # user and group. I have a feeling that this isn't quite correct
+ # on a system where "nagios" is also the user running the nagios
+ # server daemon. In the future, it would be nice if someone who
+ # actually uses NRPE could test with an unprivileged "nrpe" as
+ # the user and group.
+ econf \
+ --libexecdir=/usr/$(get_libdir)/nagios/plugins \
+ --localstatedir=/var/lib/nagios \
+ --sysconfdir=/etc/nagios \
+ --with-nrpe-user=nagios \
+ --with-nrpe-group=nagios \
+ --with-piddir=/run \
+ --with-opsys=unknown \
+ --with-dist-type=unknown \
+ --with-init-type=unknown \
+ --with-inetd-type=unknown \
+ $(use_enable command-args) \
+ $(use_enable ssl) \
+ $(use_enable tcpd)
+}
+
+src_compile() {
+ emake all
+}
+
+src_install() {
+ default
+
+ dodoc CHANGELOG.md SECURITY.md
+ insinto /etc/nagios
+ newins sample-config/nrpe.cfg nrpe.cfg
+ fowners root:nagios /etc/nagios/nrpe.cfg
+ fperms 0640 /etc/nagios/nrpe.cfg
+
+ newinitd "startup/openrc-init" nrpe
+ newconfd "startup/openrc-conf" nrpe
+ systemd_newunit "startup/default-service" "${PN}.service"
+
+ insinto /etc/xinetd.d/
+ newins "${FILESDIR}/nrpe.xinetd.2" nrpe
+
+ rm "${ED}/usr/bin/nrpe-uninstall" || die 'failed to remove uninstall tool'
+ rm -r "${ED}/run" || die 'failed to remove /run'
+}
+
+pkg_postinst() {
+ if use command-args ; then
+ ewarn ''
+ ewarn 'You have enabled command-args for NRPE. That lets clients'
+ ewarn 'supply arguments to the commands that are run, and IS A'
+ ewarn 'SECURITY RISK!'
+ ewarn ''
+ fi
+}