1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
|
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI=5
inherit depend.apache eutils multilib pax-utils toolchain-funcs user versionator
DESCRIPTION="Nagios Fork - Check daemon, CGIs, docs, IDOutils"
HOMEPAGE="http://www.icinga.org/"
#MY_PV=$(delete_version_separator 3)
#SRC_URI="mirror://sourceforge/${PN}/${PN}-${MY_PV}.tar.gz"
#S=${WORKDIR}/${PN}-${MY_PV}
#SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
SRC_URI="https://github.com/${PN}/${PN}-core/releases/download/v${PV}/${P}.tar.gz
https://dev.gentoo.org/~prometheanfire/dist/patches/CVEs/CVE-2015-8010_1.13.3.patch"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="amd64 ~hppa x86"
IUSE="+apache2 contrib eventhandler +idoutils lighttpd +mysql perl +plugins postgres ssl +vim-syntax +web"
DEPEND="idoutils? ( dev-db/libdbi-drivers[mysql?,postgres?] )
perl? ( dev-lang/perl )
virtual/mailx
web? (
media-libs/gd[jpeg,png]
lighttpd? ( www-servers/lighttpd )
)
!net-analyzer/nagios-core"
RDEPEND="${DEPEND}
plugins? ( || (
net-analyzer/monitoring-plugins
net-analyzer/nagios-plugins
) )"
RESTRICT="test"
want_apache2
pkg_setup() {
depend.apache_pkg_setup
enewgroup icinga
enewgroup nagios
enewuser icinga -1 -1 /var/lib/icinga "icinga,nagios"
}
src_prepare() {
epatch "${FILESDIR}/fix-prestripped-binaries-1.7.0.patch"
epatch "${DISTDIR}/CVE-2015-8010_1.13.3.patch"
}
src_configure() {
local myconf
myconf="$(use_enable perl embedded-perl)
$(use_with perl perlcache)
$(use_enable idoutils)
$(use_enable ssl)
--with-cgiurl=/icinga/cgi-bin
--with-log-dir=/var/log/icinga
--libdir=/usr/$(get_libdir)
--bindir=/usr/sbin
--sbindir=/usr/$(get_libdir)/icinga/cgi-bin
--datarootdir=/usr/share/icinga/htdocs
--localstatedir=/var/lib/icinga
--sysconfdir=/etc/icinga
--with-lockfile=/var/run/icinga/icinga.lock
--with-temp-dir=/tmp/icinga
--with-temp-file=/tmp/icinga/icinga.tmp"
if use idoutils ; then
myconf+=" --with-ido2db-lockfile=/var/run/icinga/ido2db.lock
--with-icinga-chkfile=/var/lib/icinga/icinga.chk
--with-ido-sockfile=/var/lib/icinga/ido.sock
--with-idomod-tmpfile=/tmp/icinga/idomod.tmp"
fi
if use eventhandler ; then
myconfig+=" --with-eventhandler-dir=/etc/icinga/eventhandlers"
fi
if use plugins ; then
myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins"
else
myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins"
fi
if use !apache2 && use !lighttpd ; then
myconf+=" --with-command-group=icinga"
else
if use apache2 ; then
myconf+=" --with-httpd-conf=/etc/apache2/conf.d"
myconf+=" --with-command-group=apache"
elif use lighttpd ; then
myconf+=" --with-command-group=lighttpd"
fi
fi
econf ${myconf}
}
src_compile() {
tc-export CC
emake icinga || die "make failed"
if use web ; then
emake DESTDIR="${D}" cgis || die
fi
if use contrib ; then
emake DESTDIR="${D}" -C contrib || die
fi
if use idoutils ; then
emake DESTDIR="${D}" idoutils || die
fi
}
src_install() {
dodoc Changelog README UPGRADING || die
if ! use web ; then
sed -i -e '/cd $(SRC_\(CGI\|HTM\))/d' Makefile || die
fi
emake DESTDIR="${D}" install{,-config,-commandmode} || die
if use idoutils ; then
emake DESTDIR="${D}" install-idoutils || die
fi
if use contrib ; then
emake DESTDIR="${D}" -C contrib install || die
fi
if use eventhandler ; then
emake DESTDIR="${D}" install-eventhandlers || die
fi
newinitd "${FILESDIR}"/icinga-init.d icinga || die
newconfd "${FILESDIR}"/icinga-conf.d icinga || die
if use idoutils ; then
newinitd "${FILESDIR}"/ido2db-init.d ido2db || die
newconfd "${FILESDIR}"/ido2db-conf.d ido2db || die
insinto /usr/share/icinga/contrib/db
doins -r module/idoutils/db/* || die
fi
# Apache Module
if use web ; then
if use apache2 ; then
insinto "${APACHE_MODULES_CONFDIR}"
newins "${FILESDIR}"/icinga-apache.conf 99_icinga.conf || die
elif use lighttpd ; then
insinto /etc/lighttpd
newins "${FILESDIR}"/icinga-lighty.conf lighttpd_icinga.conf || die
else
ewarn "${CATEGORY}/${PF} only supports Apache-2.x or Lighttpd webserver"
ewarn "out-of-the-box. Since you are not using one of them, you"
ewarn "have to configure your webserver accordingly yourself."
fi
fowners -R root:root /usr/$(get_libdir)/icinga || die
cd "${D}" || die
find usr/$(get_libdir)/icinga -type d -exec fperms 755 {} +
find usr/$(get_libdir)/icinga/cgi-bin -type f -exec fperms 755 {} +
fi
if use eventhandler ; then
dodir /etc/icinga/eventhandlers || die
fowners icinga:icinga /etc/icinga/eventhandlers || die
fi
keepdir /etc/icinga
keepdir /var/lib/icinga
keepdir /var/lib/icinga/archives
keepdir /var/lib/icinga/rw
keepdir /var/lib/icinga/spool/checkresults
if use apache2 ; then
webserver=apache
elif use lighttpd ; then
webserver=lighttpd
else
webserver=icinga
fi
fowners icinga:icinga /var/lib/icinga || die "Failed chown of /var/lib/icinga"
fowners -R icinga:${webserver} /var/lib/icinga/rw || die "Failed chown of /var/lib/icinga/rw"
fperms 6755 /var/lib/icinga/rw || die "Failed Chmod of ${D}/var/lib/icinga/rw"
fperms 0750 /etc/icinga || die "Failed chmod of ${D}/etc/icinga"
# paxmarks
if use idoutils ; then
pax-mark m usr/sbin/ido2db
fi
}
pkg_postinst() {
if use web ; then
elog "This does not include cgis that are perl-dependent"
elog "Currently traceroute.cgi is perl-dependent"
elog "Note that the user your webserver is running as needs"
elog "read-access to /etc/icinga."
elog
if use apache2 || use lighttpd ; then
elog "There are several possible solutions to accomplish this,"
elog "choose the one you are most comfortable with:"
elog
if use apache2 ; then
elog " usermod -G icinga apache"
elog "or"
elog " chown icinga:apache /etc/icinga"
elog
elog "Also edit /etc/conf.d/apache2 and add a line like"
elog "APACHE2_OPTS=\"\$APACHE2_OPTS -D ICINGA\""
elog
elog "Icinga web service needs user authentication. If you"
elog "use the base configuration, you need a password file"
elog "with a password for user \"icingaadmin\""
elog "You can create this file by executing:"
elog "htpasswd -c /etc/icinga/htpasswd.users icingaadmin"
elog
elog "you may want to also add apache to the icinga group"
elog "to allow it access to the AuthUserFile"
elog
elif use lighttpd ; then
elog " usermod -G icinga lighttpd "
elog "or"
elog " chown icinga:lighttpd /etc/icinga"
elog "Also edit /etc/lighttpd/lighttpd.conf and add 'include \"lighttpd_icinga.conf\"'"
fi
elog
elog "That will make icinga's web front end visable via"
elog "http://localhost/icinga/"
elog
else
elog "IMPORTANT: Do not forget to add the user your webserver"
elog "is running as to the icinga group!"
fi
else
ewarn "Please note that you have installed Icinga without web interface."
ewarn "Please don't file any bugs about having no web interface when you do this."
ewarn "Thank you!"
fi
elog
elog "If you want icinga to start at boot time"
elog "remember to execute:"
elog " rc-update add icinga default"
elog
elog "If your kernel has /proc protection, icinga"
elog "will not be happy as it relies on accessing the proc"
elog "filesystem. You can fix this by adding icinga into"
elog "the group wheel, but this is not recomended."
elog
if [ -d "${ROOT}"/var/icinga ] ; then
ewarn
ewarn "/var/icinga was moved to /var/lib/icinga"
ewarn "please move the files if this was an upgrade"
if use idoutils ; then
ewarn "and edit /etc/ido2db.cfg to change the location of the files"
ewarn "it accesses"
ewarn "update your db with the scripts under the directory"
ewarn "/usr/share/icinga/contrib/db/"
fi
ewarn
ewarn "The \"mv /var/icinga /var/lib/\" command works well to move the files"
ewarn "remove /var/icinga afterwards to make this warning disappear"
fi
}
|