[Pkg-nagios-changes] [pkg-nagios] r917 - in
nagios-nsca/trunk/debian: . patches po
Sean Finney
seanius at costa.debian.org
Mon May 29 10:34:51 UTC 2006
Author: seanius
Date: 2006-05-29 10:34:50 +0000 (Mon, 29 May 2006)
New Revision: 917
Added:
nagios-nsca/trunk/debian/po/fr.po
Removed:
nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch
Modified:
nagios-nsca/trunk/debian/changelog
nagios-nsca/trunk/debian/config
nagios-nsca/trunk/debian/nsca.init
nagios-nsca/trunk/debian/patches/00list
nagios-nsca/trunk/debian/postinst
Log:
* New upstream release
[sean finney]
* new french debconf translations from Sylvain Archenault (closes: #362712).
* upstream has incorporated our chroot support patch, so
05_nsca_chroot.dpatch is no longer necessary.
* includes fix for segfault in encryption library cleanup (closes: #357275).
* initscript modifications to relfect that nsca now supports a pid_file
directive and reloading of configuration via HUP natively.
* maintscript cleanup for config<->debconf starting/stopping nsca stuff.
Modified: nagios-nsca/trunk/debian/changelog
===================================================================
--- nagios-nsca/trunk/debian/changelog 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/changelog 2006-05-29 10:34:50 UTC (rev 917)
@@ -1,9 +1,20 @@
-nsca (2.5-3) UNRELEASED; urgency=low
+nsca (2.6-1) unstable; urgency=low
- * NOT RELEASED YET
+ * New upstream release
+
+ [sean finney]
+ * new french debconf translations from Sylvain Archenault (closes: #362712).
+ * upstream has incorporated our chroot support patch, so
+ 05_nsca_chroot.dpatch is no longer necessary.
+ * includes fix for segfault in encryption library cleanup (closes: #357275).
+ * initscript modifications to relfect that nsca now supports a pid_file
+ directive and reloading of configuration via HUP natively.
+ * maintscript cleanup for config<->debconf starting/stopping nsca stuff.
+
+ [marc haber]
* allow buildclientpackage to be set from the build environment
- -- Marc Haber <mh+debian-packages at zugschlus.de> Mon, 10 Apr 2006 10:52:38 +0200
+ -- sean finney <seanius at debian.org> Mon, 29 May 2006 11:28:38 +0200
nsca (2.5-2) unstable; urgency=low
Modified: nagios-nsca/trunk/debian/config
===================================================================
--- nagios-nsca/trunk/debian/config 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/config 2006-05-29 10:34:50 UTC (rev 917)
@@ -6,28 +6,33 @@
# if nsca's init script is already configured, we must reflect
# that as the source of configuration, not debconf itself.
-set +e
-invoke-rc.d --query nsca start
-invoke_said=$?
-set -e
+# this function figures that out.
+run_nsca(){
+ set +e
+ invoke-rc.d --query nsca start 2>/dev/null
+ invoke_said=$?
+ set -e
+
+ case $invoke_said in
+ # 101 == disabled
+ 101)
+ echo "false"
+ ;;
+ # 104 == enabled
+ 104)
+ echo "true"
+ ;;
+ # anything else is "undefined", so we then use our defaults
+ *)
+ if which nagios >/dev/null 2>&2 || which nagios2 >/dev/null; then
+ echo "true"
+ else
+ echo "false"
+ fi
+ ;;
+ esac
+}
-case $invoke_said in
-# 101 == disabled, 104 == enabled. do nothing for either
-101|104)
-;;
-*)
- if which nagios >/dev/null 2>&2 || which nagios2 >/dev/null; then
- default_run_nsca_daemon="true"
- else
- default_run_nsca_daemon="false"
- fi
-;;
-esac
-
-db_fget nsca/run-nsca-daemon seen
-seen="$RET"
-if [ "$seen" = "false" ]; then
- db_set nsca/run-nsca-daemon "$default_run_nsca_daemon"
-fi
+db_set nsca/run-nsca-daemon `run_nsca`
db_input medium nsca/run-nsca-daemon || true
db_go || true
Modified: nagios-nsca/trunk/debian/nsca.init
===================================================================
--- nagios-nsca/trunk/debian/nsca.init 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/nsca.init 2006-05-29 10:34:50 UTC (rev 917)
@@ -7,18 +7,43 @@
NAME=nsca
DESC="Nagios Service Check Acceptor"
CONF=/etc/nsca.cfg
-OPTS="-f --daemon -c $CONF"
+OPTS="--daemon -c $CONF"
PIDFILE="/var/run/nsca.pid"
###
-SSDOPTS="--pidfile $PIDFILE --make-pidfile"
-SSD="/sbin/start-stop-daemon $SSDOPTS"
-
+# obviously if the daemon doesn't exist we should stop now
if [ ! -x $DAEMON ]; then
exit 0
fi
+# grab an arbitrary config setting from nsca.cfg
+get_config(){
+ grep "^[[:space:]]*$1=" $CONF 2>/dev/null | tail | cut -d= -f2-
+}
+
+# if the pid_file is specified in the configuration file, nsca will
+# take care of the pid handling for us. if it isn't we should continue
+# as we have before
+PIDFILE=`get_config pid_file`
+# if pidfile isn't set
+if [ -z "$PIDFILE" ]; then
+ # then this is the default PIDFILE
+ PIDFILE="/var/run/nsca.pid"
+ # run nsca in the foreground, and have s-s-d fork it for us
+ OPTS="-f $OPTS"
+ # and then this is how we call SSD
+ SSD_STARTOPTS="--background --pidfile $PIDFILE --make-pidfile"
+ SSD_STOPOPTS="--pidfile $PIDFILE"
+else
+ # but if pid_file is set, we don't have to do anything
+ SSD_STARTOPTS="--pidfile $PIDFILE"
+ SSD_STOPOPTS="--pidfile $PIDFILE"
+fi
+
+SSD_START="/sbin/start-stop-daemon -S $SSD_STARTOPTS --exec $DAEMON"
+SSD_STOP="/sbin/start-stop-daemon -K $SSD_STOPOPTS --exec $DAEMON"
+
die(){
echo $@
exit 1
@@ -27,15 +52,24 @@
case "$1" in
start)
echo -n "Starting $DESC: "
- $SSD -S -b --exec $DAEMON -- $OPTS || die "ERROR: could not start $NAME."
+ if [ ! -d "/var/run/nagios" ]; then
+ mkdir -p /var/run/nagios || die "ERROR: couldn't create /var/run/nagios"
+ fi
+ $SSD_START -- $OPTS || die "ERROR: could not start $NAME."
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
- $SSD -K --exec $DAEMON -- $OPTS || die "ERROR: could not stop $NAME."
+ $SSD_STOP -- $OPTS || die "ERROR: could not stop $NAME."
+ rm -f $PIDFILE
echo "$NAME."
;;
-restart|reload|force-reload)
+reload|force-reload)
+ echo -n "Reloading $DESC: "
+ $SSD_STOP --signal HUP -- $OPTS || die "ERROR: could not reload $NAME."
+ echo "$NAME."
+;;
+restart)
$0 stop
$0 start
;;
Modified: nagios-nsca/trunk/debian/patches/00list
===================================================================
--- nagios-nsca/trunk/debian/patches/00list 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/patches/00list 2006-05-29 10:34:50 UTC (rev 917)
@@ -2,4 +2,3 @@
02_nsca_foreground.dpatch
03_errors_to_stderr.dpatch
04_nsca.cfg_nagios_vs_nagios.dpatch
-05_nsca_chroot.dpatch
Deleted: nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch
===================================================================
--- nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch 2006-05-29 10:34:50 UTC (rev 917)
@@ -1,254 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 05_nsca_chroot.dpatch by <seanius at debian.org>
-##
-## DP: provide support for chrooting when in daemon mode.
-
- at DPATCH@
-diff -urNad --exclude=CVS --exclude=.svn ./sample-config/nsca.cfg.in /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/sample-config/nsca.cfg.in
---- ./sample-config/nsca.cfg.in 2006-03-12 11:40:20.000000000 +0100
-+++ /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/sample-config/nsca.cfg.in 2006-03-12 11:40:20.000000000 +0100
-@@ -42,6 +42,16 @@
-
- nsca_group=@nsca_grp@
-
-+# NSCA CHROOT
-+# If specified, determines a directory into which the nsca daemon
-+# will perform a chroot(2) operation before dropping its privileges.
-+# for the security conscious this can add a layer of protection in
-+# the event that the nagios daemon is compromised.
-+#
-+# NOTE: if you specify this option, the command file will be opened
-+# relative to this directory.
-+
-+#nsca_chroot=/var/run/nagios/rw
-
-
- # DEBUGGING OPTION
-diff -urNad --exclude=CVS --exclude=.svn ./src/nsca.c /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/src/nsca.c
---- ./src/nsca.c 2006-03-12 11:40:20.000000000 +0100
-+++ /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/src/nsca.c 2006-03-12 11:41:50.000000000 +0100
-@@ -40,8 +40,11 @@
- static int open_command_file(void);
- static void close_command_file(void);
- static void install_child_handler(void);
--static int drop_privileges(char *,char *);
-+static int get_user_info(const char *, uid_t *);
-+static int get_group_info(const char *, gid_t *);
-+static int drop_privileges(const char *,uid_t,gid_t);
- static int write_check_result(char *,char *,int,char *,time_t);
-+static void do_chroot(void);
- static void do_exit(int);
-
- static enum { OPTIONS_ERROR, SINGLE_PROCESS_DAEMON, MULTI_PROCESS_DAEMON, INETD } mode=SINGLE_PROCESS_DAEMON;
-@@ -54,6 +57,8 @@
- char *nsca_user=NULL;
- char *nsca_group=NULL;
-
-+char *nsca_chroot=NULL;
-+
- int show_help=FALSE;
- int show_license=FALSE;
- int show_version=FALSE;
-@@ -88,6 +93,8 @@
- int main(int argc, char **argv){
- char buffer[MAX_INPUT_BUFFER];
- int result;
-+ uid_t uid=-1;
-+ gid_t gid=-1;
-
-
- /* process command-line arguments */
-@@ -143,7 +150,7 @@
-
-
- /* open a connection to the syslog facility */
-- openlog("nsca",LOG_PID,LOG_DAEMON);
-+ openlog("nsca",LOG_PID|LOG_NDELAY,LOG_DAEMON);
-
- /* make sure the config file uses an absolute path */
- if(config_file[0]!='/'){
-@@ -180,6 +187,9 @@
- switch(mode){
-
- case INETD:
-+ /* chroot if configured */
-+ do_chroot();
-+
- /* if we're running under inetd, handle one connection and get out */
- handle_connection(0,NULL);
- break;
-@@ -209,8 +219,15 @@
- open("/dev/null",O_WRONLY);
- open("/dev/null",O_WRONLY);
-
-+ /* get group information before chrooting */
-+ get_user_info(nsca_user, &uid);
-+ get_group_info(nsca_group, &gid);
-+
-+ /* chroot if configured */
-+ do_chroot();
-+
- /* drop privileges */
-- drop_privileges(nsca_user,nsca_group);
-+ drop_privileges(nsca_user,uid,gid);
-
- /* wait for connections */
- wait_for_connections();
-@@ -411,6 +428,9 @@
- else if(!strcmp(varname,"nsca_group"))
- nsca_group=strdup(varvalue);
-
-+ else if(!strcmp(varname,"nsca_chroot"))
-+ nsca_chroot=strdup(varvalue);
-+
- else{
- syslog(LOG_ERR,"Unknown option specified in config file '%s' - Line %d\n",filename,line);
-
-@@ -1144,62 +1164,71 @@
- return OK;
- }
-
-+/* get user information */
-+static int get_user_info(const char *user, uid_t *uid){
-+ const struct passwd *pw=NULL;
-+
-+ if(user!=NULL){
-+ /* see if this is a user name */
-+ if(strspn(user,"0123456789")<strlen(user)){
-+ pw=(struct passwd *)getpwnam(user);
-+ if(pw!=NULL)
-+ *uid=(uid_t)(pw->pw_uid);
-+ else
-+ syslog(LOG_ERR,"Warning: Could not get passwd entry for '%s'",user);
-+ endpwent();
-+ }
-
-+ /* else we were passed the UID */
-+ else
-+ *uid=(uid_t)atoi(user);
-
--/* drops privileges */
--static int drop_privileges(char *user, char *group){
-- uid_t uid=-1;
-- gid_t gid=-1;
-- struct group *grp;
-- struct passwd *pw;
-+ } else
-+ *uid=geteuid();
-
-- /* set effective group ID */
-+ return OK;
-+}
-+
-+
-+/* get group information */
-+static int get_group_info(const char *group, gid_t *gid){
-+ const struct group *grp=NULL;
-+
-+ /* get group ID */
- if(group!=NULL){
--
- /* see if this is a group name */
- if(strspn(group,"0123456789")<strlen(group)){
- grp=(struct group *)getgrnam(group);
- if(grp!=NULL)
-- gid=(gid_t)(grp->gr_gid);
-+ *gid=(gid_t)(grp->gr_gid);
- else
- syslog(LOG_ERR,"Warning: Could not get group entry for '%s'",group);
- endgrent();
-- }
-+ }
-
- /* else we were passed the GID */
- else
-- gid=(gid_t)atoi(group);
-+ *gid=(gid_t)atoi(group);
-+ } else
-+ *gid=getegid();
-
-- /* set effective group ID if other than current EGID */
-- if(gid!=getegid()){
-+ return OK;
-+}
-
-- if(setgid(gid)==-1)
-- syslog(LOG_ERR,"Warning: Could not set effective GID=%d",(int)gid);
-- }
-- }
-
-+/* drops privileges */
-+static int drop_privileges(const char *user, uid_t uid, gid_t gid){
-+ struct group *grp;
-+ struct passwd *pw;
-
-- /* set effective user ID */
-- if(user!=NULL){
--
-- /* see if this is a user name */
-- if(strspn(user,"0123456789")<strlen(user)){
-- pw=(struct passwd *)getpwnam(user);
-- if(pw!=NULL)
-- uid=(uid_t)(pw->pw_uid);
-- else
-- syslog(LOG_ERR,"Warning: Could not get passwd entry for '%s'",user);
-- endpwent();
-- }
-+ /* set effective group ID if other than current EGID */
-+ if(gid!=getegid()){
-+ if(setgid(gid)==-1)
-+ syslog(LOG_ERR,"Warning: Could not set effective GID=%d",(int)gid);
-+ }
-
-- /* else we were passed the UID */
-- else
-- uid=(uid_t)atoi(user);
--
- #ifdef HAVE_INITGROUPS
--
- if(uid!=geteuid()){
--
- /* initialize supplementary groups */
- if(initgroups(user,gid)==-1){
- if(errno==EPERM)
-@@ -1207,14 +1236,34 @@
- else{
- syslog(LOG_ERR,"Warning: Possibly root user failed dropping privileges with initgroups()");
- return ERROR;
-- }
-- }
-- }
-+ }
-+ }
-+ }
- #endif
-
- if(setuid(uid)==-1)
- syslog(LOG_ERR,"Warning: Could not set effective UID=%d",(int)uid);
-- }
-
-- return OK;
-- }
-+ return OK;
-+}
-+
-+/* perform the chroot() operation if configured to do so */
-+void do_chroot(void){
-+ int retval=0;
-+ const char *err=NULL;
-+
-+ if(nsca_chroot != NULL){
-+ retval=chdir(nsca_chroot);
-+ if(retval!=0){
-+ err=strerror(errno);
-+ syslog(LOG_ERR, "can not chdir into chroot directory: %s", err);
-+ do_exit(STATE_UNKNOWN);
-+ }
-+ retval=chroot(".");
-+ if(retval!=0){
-+ err=strerror(errno);
-+ syslog(LOG_ERR, "can not chroot: %s", err);
-+ do_exit(STATE_UNKNOWN);
-+ }
-+ }
-+}
Added: nagios-nsca/trunk/debian/po/fr.po
===================================================================
--- nagios-nsca/trunk/debian/po/fr.po 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/po/fr.po 2006-05-29 10:34:50 UTC (rev 917)
@@ -0,0 +1,58 @@
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+# Developers do not need to manually edit POT or PO files.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: nsca 2.5-2\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2006-03-11 18:47+0100\n"
+"PO-Revision-Date: 2006-04-10 12:40+0200\n"
+"Last-Translator: Sylvain Archenault <sylvain.archenault at laposte.net>\n"
+"Language-Team: French <debian-l10n-french at lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-15\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: boolean
+#. Description
+#: ../nsca.templates:3
+msgid "Should the nsca daemon be enabled by default?"
+msgstr "Faut-il que le démon nsca soit activé par défaut ?"
+
+#. Type: boolean
+#. Description
+#: ../nsca.templates:3
+msgid ""
+"The nsca daemon is the process that handles results service checks sent via "
+"send_nsca on remote hosts. Typically the nsca daemon is only needed on "
+"hosts that run the nagios daemon."
+msgstr ""
+"Le démon nsca est le processus qui traite les résultats des requêtes de "
+"contrôle de service envoyées via « send_nsca » vers des hôtes distants. Le "
+"démon nsca est nécessaire essentiellement sur les machines qui hébergent un "
+"démon nagios."
+
+#. Type: boolean
+#. Description
+#: ../nsca.templates:3
+msgid ""
+"If the system on which you are installing nsca also runs the nagios daemon, "
+"you should most likely choose this option. If you are installing nsca on a "
+"remote \"satellite\" system for the purpose of sending service checks to a "
+"central nagios host, you should not choose this option. If you wish to run "
+"nsca as a service through inetd/xinetd, you should also not choose this "
+"option."
+msgstr ""
+"Si le système sur lequel vous installez nsca exécute également le démon "
+"nagios, vous devriez choisir cette option. Ne la choisissez pas si vous "
+"installez nsca sur un « satellite » distant dans le but de tester les "
+"services d'un hôte nagios. Si vous souhaitez exécuter nsca via inetd ou "
+"xinetd, ne choisissez pas cette option."
Modified: nagios-nsca/trunk/debian/postinst
===================================================================
--- nagios-nsca/trunk/debian/postinst 2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/postinst 2006-05-29 10:34:50 UTC (rev 917)
@@ -7,7 +7,7 @@
case "$1" in
configure)
db_get nsca/run-nsca-daemon
- runnsca="$RET"
+ new_runnsca="$RET"
;;
abort-upgrade|abort-remove|abort-deconfigure)
exit 0
@@ -18,28 +18,65 @@
;;
esac
+# if nsca's init script is already configured, we must reflect
+# that as the source of configuration, not debconf itself.
+# this function figures that out. note this is slightly
+# different from the run_nsca in config, as state 105 is
+# treated differently at this point (since we know the files
+# are unpacked at this point)
+run_nsca(){
+ set +e
+ invoke-rc.d --query nsca start 2>/dev/null
+ invoke_said=$?
+ set -e
+
+ case $invoke_said in
+ # 101 == disabled
+ 101)
+ echo "false"
+ ;;
+ # 104 == enabled
+ 104)
+ echo "true"
+ ;;
+ # 105 == we don't know
+ 105)
+ echo "unknown"
+ ;;
+ # anything else is "undefined", so we then use our defaults
+ *)
+ if which nagios >/dev/null 2>&2 || which nagios2 >/dev/null; then
+ echo "true"
+ else
+ echo "false"
+ fi
+ ;;
+ esac
+}
+
# do this manually to allow the debconf setting to control it:
# (don't worry, the debconf setting respects the local modifications)
if [ -x "/etc/init.d/nsca" ]; then
- # if runnsca is set to either true/false, that means the user
- # has just provided an answer (we unset it after every run). in
- # any case that means we have to remove runlevel links first
- if [ -n "$runnsca" ]; then
+ old_runnsca=`run_nsca`
+ # if anything has changed...
+ if [ "$new_runnsca" != "$old_runnsca" ]; then
update-rc.d -f nsca remove >/dev/null 2>&1
+ if [ "$new_runnsca" = "false" ]; then
+ update-rc.d nsca stop 16 2 3 4 5 .
+ else
+ update-rc.d nsca defaults >/dev/null
+ fi
fi
- if [ "$runnsca" = "false" ]; then
- update-rc.d nsca stop 16 2 3 4 5 .
- else
- update-rc.d nsca defaults >/dev/null
- if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
- invoke-rc.d nsca start || exit 0
- else
- /etc/init.d/nsca start || exit 0
- fi
+ if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+ invoke-rc.d nsca start || exit 0
+ else
+ /etc/init.d/nsca start || exit 0
fi
fi
+# always reset this question, to make sure we're not depending on it
db_reset nsca/run-nsca-daemon
+db_stop
#DEBHELPER#
More information about the Pkg-nagios-changes
mailing list