From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-916578-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 449AE1395E4
	for <garchives@archives.gentoo.org>; Sun, 11 Dec 2016 17:11:36 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 7A50121C07C;
	Sun, 11 Dec 2016 17:11:34 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 3F51A21C073
	for <gentoo-commits@lists.gentoo.org>; Sun, 11 Dec 2016 17:11:34 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id BEC66340EAA
	for <gentoo-commits@lists.gentoo.org>; Sun, 11 Dec 2016 17:11:32 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 01A644A8
	for <gentoo-commits@lists.gentoo.org>; Sun, 11 Dec 2016 17:11:31 +0000 (UTC)
From: "Michael Orlitzky" <mjo@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Michael Orlitzky" <mjo@gentoo.org>
Message-ID: <1481474214.d7d36dbfdaf7978b4a09a5ccd0808249900a3f73.mjo@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/nagios-core/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-analyzer/nagios-core/Manifest net-analyzer/nagios-core/nagios-core-4.2.4.ebuild
X-VCS-Directories: net-analyzer/nagios-core/
X-VCS-Committer: mjo
X-VCS-Committer-Name: Michael Orlitzky
X-VCS-Revision: d7d36dbfdaf7978b4a09a5ccd0808249900a3f73
X-VCS-Branch: master
Date: Sun, 11 Dec 2016 17:11:31 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 1760593d-8884-442f-9612-a79024ec9721
X-Archives-Hash: c194c9cadbc13824446e48a43468b293

commit:     d7d36dbfdaf7978b4a09a5ccd0808249900a3f73
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 11 16:36:54 2016 +0000
Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
CommitDate: Sun Dec 11 16:36:54 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d7d36dbf

net-analyzer/nagios-core: new version 4.2.4 to fix CVE-2016-9566.

Gentoo-Bug: 602216

Package-Manager: portage-2.3.0

 net-analyzer/nagios-core/Manifest                 |   1 +
 net-analyzer/nagios-core/nagios-core-4.2.4.ebuild | 248 ++++++++++++++++++++++
 2 files changed, 249 insertions(+)

diff --git a/net-analyzer/nagios-core/Manifest b/net-analyzer/nagios-core/Manifest
index 1a5ebd1..720c78e 100644
--- a/net-analyzer/nagios-core/Manifest
+++ b/net-analyzer/nagios-core/Manifest
@@ -1,4 +1,5 @@
 DIST nagios-3.5.1.tar.gz 1763584 SHA256 ca9dd68234fa090b3c35ecc8767b2c9eb743977eaf32612fa9b8341cc00a0f99 SHA512 48e2ecb91002b08203937b12a438c87c62cd3c5c401a0ed9e861cd6d79074c7017ed373e9379f013d87dea1fd7cb8e3d85112d55c87ac91aed96b256868c112d WHIRLPOOL 2c02584702c64dbb0e353e34b758fab079eee0dc7a401e7b5947a21733758d3596401e5519e2dd7f05c89ee4835c21965d2718157fd9d6d3d20af9c853d688ca
 DIST nagios-4.0.8.tar.gz 1805059 SHA256 8b268d250c97851775abe162f46f64724f95f367d752ae4630280cc5d368ca4b SHA512 d72fdbcc0beb2de72e5aa788b4ccc83aa30c7f4a4460edaa831f012db04647e4836b876bb7dc235e2a1b525827e9a2a0f4d348919f69fbfbfdaa4d13e968e18c WHIRLPOOL bdd9c63e0e495073b7b046952baa50b9e448fa56cda167806546a3b58fdd8fad328c9285ebb6d07da81786676d805671cad7295be389c4b8a4f3971264c97f74
 DIST nagios-4.2.3.tar.gz 11087851 SHA256 83ee7eb00b77b829c98473ebeff810949114d0a89f4330fc25eeaf794bd5265c SHA512 8ebf6befffd9e5ab8fcd8ea29f48e792b5ef68646317484fbbdea47542a0ea30465731d0bc918887cddfe07a02d93b7cc0bad288a2f1c4174652fa005f95ef81 WHIRLPOOL 7090c1a8afaec823d51dd0a59c333142ceae8081a0218df258d09bc139918a7d06803243dc93b20fdea6486aa8bba21455155b9bfca94b459c658ac9fce19959
+DIST nagios-4.2.4.tar.gz 11088206 SHA256 b0055c475683ce50d77b1536ff0cec9abf89139adecf771601fa021ef9a20b70 SHA512 1f060f3139db6f77f7ca218bb4befb631c08b0ccb1b2b85e4c06cfc94328b5d09cef9b547eb54617089334a1e36b881347dfbb98bcc88b9b38e878214f97883a WHIRLPOOL a3d5454c72ab38388e8071dca8a319c717bb22915cfd06243727eb33f7b8a93cc323531be1535d14e283335b9964762a2729f4605f76d9a01ff78bbe924053a7
 DIST nagios-core-gentoo-icons-20141125.tar 40960 SHA256 68b715f636eb291343cab3259862bbed8b6b898520b58df522438524de3d8761 SHA512 bf109879cddd6136b76baba55d0b60b2596e37431dcf5ce0905d34a9fa292ebf7e4bde82d9a084362c486e8fac344c76d88f9298b1b85541ed70ffd608493766 WHIRLPOOL 7ec3a944b2a659b456d3168818ca5b1af3a427436e6af2f3e5d6cba6fc7b1c7bad6f552301f064df31988865b3b32fd117d9e6f61c630d6d817a51cbbbcb331d

diff --git a/net-analyzer/nagios-core/nagios-core-4.2.4.ebuild b/net-analyzer/nagios-core/nagios-core-4.2.4.ebuild
new file mode 100644
index 00000000..2852d62
--- /dev/null
+++ b/net-analyzer/nagios-core/nagios-core-4.2.4.ebuild
@@ -0,0 +1,248 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit toolchain-funcs user
+
+MY_P=${PN/-core}-${PV}
+DESCRIPTION="Nagios core - monitoring daemon, web GUI, and documentation"
+HOMEPAGE="http://www.nagios.org/"
+
+# The name of the directory into which our Gentoo icons will be
+# extracted, and also the basename of the archive containing it.
+GENTOO_ICONS="${PN}-gentoo-icons-20141125"
+SRC_URI="mirror://sourceforge/nagios/${MY_P}.tar.gz
+	web? ( https://dev.gentoo.org/~mjo/distfiles/${GENTOO_ICONS}.tar )"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="apache2 classicui lighttpd perl +web vim-syntax"
+
+# In pkg_postinst(), we change the group of the Nagios configuration
+# directory to that of the web server user. It can't belong to both
+# apache/lighttpd groups at the same time, so we block this combination
+# for our own sanity.
+#
+# This could be made to work, but we would need a better way to allow
+# the web user read-only access to Nagios's configuration directory.
+#
+REQUIRED_USE="apache2? ( !lighttpd )"
+
+# sys-devel/libtool dependency is bug #401237.
+#
+# Note, we require one of the apache2 CGI modules:
+#
+#   * mod_cgi
+#   * mod_cgid
+#   * mod_fcgid
+#
+# We just don't care /which/ one. And of course PHP supports both CGI
+# (USE=cgi) and FastCGI (USE=fpm). We're pretty lenient with the
+# dependencies, and expect the user not to do anything /too/
+# stupid. (For example, installing Apache with only FastCGI support, and
+# PHP with only CGI support.)
+#
+# Another annoyance is that the upstream Makefile uses app-arch/unzip to
+# extract a snapshot of AngularJS, but that's only needed when USE=web.
+#
+MOD_ALIAS=apache2_modules_alias
+DEPEND="sys-devel/libtool
+	virtual/mailx
+	perl? ( dev-lang/perl )
+	web? (
+		app-arch/unzip
+		media-libs/gd[jpeg,png]
+		lighttpd? ( www-servers/lighttpd[php] )
+		apache2? (
+			|| (
+				>=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_cgi]
+				>=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_cgid]
+				>=www-servers/apache-2.4[${MOD_ALIAS},apache2_modules_fcgid] )
+			|| (
+				dev-lang/php:*[apache2]
+				dev-lang/php:*[cgi]
+				dev-lang/php:*[fpm] )
+		)
+	)"
+RDEPEND="${DEPEND}
+	vim-syntax? ( app-vim/nagios-syntax )"
+
+S="${WORKDIR}/${MY_P}"
+
+pkg_setup() {
+	enewgroup nagios
+	enewuser nagios -1 /bin/bash /var/nagios/home nagios
+}
+
+src_configure() {
+	local myconf
+
+	if use perl; then
+		myconf="${myconf} --enable-embedded-perl --with-perlcache"
+	fi
+
+	if use !apache2 && use !lighttpd ; then
+		myconf="${myconf} --with-command-group=nagios"
+	else
+		if use apache2 ; then
+			myconf="${myconf} --with-command-group=apache"
+			myconf="${myconf} --with-httpd-conf=/etc/apache2/conf.d"
+		elif use lighttpd ; then
+			myconf="${myconf} --with-command-group=lighttpd"
+		fi
+	fi
+
+	econf ${myconf} \
+		--prefix=/usr \
+		--bindir=/usr/sbin \
+		--sbindir=/usr/$(get_libdir)/nagios/cgi-bin \
+		--datadir=/usr/share/nagios/htdocs \
+		--localstatedir=/var/nagios \
+		--sysconfdir=/etc/nagios \
+		--libexecdir=/usr/$(get_libdir)/nagios/plugins
+}
+
+src_compile() {
+	emake CC=$(tc-getCC) nagios
+
+	if use web; then
+		# Only compile the CGIs/HTML when USE=web is set.
+		emake CC=$(tc-getCC) DESTDIR="${D}" cgis html
+	fi
+}
+
+src_install() {
+	dodoc Changelog INSTALLING LEGAL README.asciidoc UPGRADING
+
+	emake DESTDIR="${D}" install-base
+	emake DESTDIR="${D}" install-basic
+	emake DESTDIR="${D}" install-config
+	emake DESTDIR="${D}" install-commandmode
+
+	if use web; then
+		emake DESTDIR="${D}" install-cgis
+
+		# install-html installs the new exfoliation theme
+		emake DESTDIR="${D}" install-html
+
+		if use classicui; then
+			# This overwrites the already-installed exfoliation theme
+			emake DESTDIR="${D}" install-classicui
+		fi
+
+		# Install cute Gentoo icons (bug #388323), setting their
+		# owner, group, and mode to match those of the rest of Nagios's
+		# images.
+		insopts --group=nagios --owner=nagios --mode=0664
+		insinto /usr/share/nagios/htdocs/images/logos
+		doins "${WORKDIR}/${GENTOO_ICONS}"/*.*
+		insopts --mode=0644 # Back to the default...
+	fi
+
+	newinitd "${FILESDIR}"/nagios4-r1 nagios
+	newconfd "${FILESDIR}"/conf.d nagios
+
+	if use web ; then
+		if use apache2 ; then
+			# Install the Nagios configuration file for Apache.
+			insinto "/etc/apache2/modules.d"
+			doins "${FILESDIR}"/99_nagios4.conf
+		elif use lighttpd ; then
+			# Install the Nagios configuration file for Lighttpd.
+			insinto /etc/lighttpd
+			newins "${FILESDIR}/lighttpd_nagios4.conf" nagios.conf
+		else
+			ewarn "${CATEGORY}/${PF} only supports apache or lighttpd"
+			ewarn "out of the box. Since you are not using one of them, you"
+			ewarn "will have to configure your webserver yourself."
+		fi
+	fi
+
+	for dir in etc/nagios var/nagios ; do
+		chown -R nagios:nagios "${D}/${dir}" \
+			|| die "failed chown of ${D}/${dir}"
+	done
+
+	chown -R root:root "${D}/usr/$(get_libdir)/nagios" \
+		|| die "failed chown of ${D}/usr/$(get_libdir)/nagios"
+
+	# The following two find...exec statements will die properly as long
+	# as chmod is only called once (that is, as long as the argument
+	# list is small enough).
+	find "${D}/usr/$(get_libdir)/nagios" -type d \
+		-exec chmod 755 '{}' + || die 'failed to make nagios dirs traversable'
+
+	if use web; then
+		find "${D}/usr/$(get_libdir)/nagios/cgi-bin" -type f \
+			-exec chmod 755 '{}' + || die 'failed to make cgi-bins executable'
+	fi
+
+	keepdir /etc/nagios
+	keepdir /var/nagios
+	keepdir /var/nagios/archives
+	keepdir /var/nagios/rw
+	keepdir /var/nagios/spool/checkresults
+
+	if use !apache2 && use !lighttpd; then
+		chown -R nagios:nagios "${D}"/var/nagios/rw \
+			|| die "failed chown of ${D}/var/nagios/rw"
+	else
+		if use apache2 ; then
+			chown -R nagios:apache "${D}"/var/nagios/rw \
+				|| die "failed chown of ${D}/var/nagios/rw"
+		elif use lighttpd ; then
+			chown -R nagios:lighttpd "${D}"/var/nagios/rw \
+				|| die "failed chown of ${D}/var/nagios/rw"
+		fi
+	fi
+
+	chmod ug+s "${D}"/var/nagios/rw || die "failed chmod of ${D}/var/nagios/rw"
+	chmod 0750 "${D}"/etc/nagios || die "failed chmod of ${D}/etc/nagios"
+}
+
+pkg_postinst() {
+
+	if use web; then
+		elog "Note that your web server user requires read-only access to"
+		elog "${ROOT}etc/nagios."
+
+		if use apache2 || use lighttpd ; then
+			elog
+			elog "To that end, we have changed the group of ${ROOT}etc/nagios"
+			elog "to that of your web server user."
+			elog
+			if use apache2; then
+				chown nagios:apache "${ROOT}etc/nagios" \
+					|| die "failed to change group of ${ROOT}etc/nagios"
+
+				elog "To enable the Nagios web front-end, please edit"
+				elog "${ROOT}etc/conf.d/apache2 and add \"-D NAGIOS -D PHP5\""
+				elog "to APACHE2_OPTS. Then Nagios will be available at,"
+				elog
+			elif use lighttpd; then
+				chown nagios:lighttpd "${ROOT}etc/nagios" \
+					|| die "failed to change group of ${ROOT}etc/nagios"
+				elog "To enable the Nagios web front-end, please add"
+				elog "'include \"nagios.conf\"' to the lighttpd configuration"
+				elog "file at ${ROOT}etc/lighttpd/lighttpd.conf. Then Nagios"
+				elog "will be available at,"
+				elog
+			fi
+
+			elog "  http://localhost/nagios/"
+		else
+			elog "Since you're not using either Apache or Lighttpd, you"
+			elog "will have to grant the necessary permissions yourself."
+		fi
+	fi
+
+	elog
+	elog "If your kernel has /proc protection, nagios"
+	elog "will not be happy as it relies on accessing the proc"
+	elog "filesystem. You can fix this by adding nagios into"
+	elog "the group wheel, but this is not recomended."
+	elog
+}