[Pkg-nagios-changes] [pkg-nagios] r917 - in nagios-nsca/trunk/debian: . patches po

Sean Finney seanius at costa.debian.org
Mon May 29 10:34:51 UTC 2006


Author: seanius
Date: 2006-05-29 10:34:50 +0000 (Mon, 29 May 2006)
New Revision: 917

Added:
   nagios-nsca/trunk/debian/po/fr.po
Removed:
   nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch
Modified:
   nagios-nsca/trunk/debian/changelog
   nagios-nsca/trunk/debian/config
   nagios-nsca/trunk/debian/nsca.init
   nagios-nsca/trunk/debian/patches/00list
   nagios-nsca/trunk/debian/postinst
Log:
  * New upstream release

  [sean finney]
  * new french debconf translations from Sylvain Archenault (closes: #362712).
  * upstream has incorporated our chroot support patch, so
    05_nsca_chroot.dpatch is no longer necessary.
  * includes fix for segfault in encryption library cleanup (closes: #357275).
  * initscript modifications to relfect that nsca now supports a pid_file
    directive and reloading of configuration via HUP natively.
  * maintscript cleanup for config<->debconf starting/stopping nsca stuff.


Modified: nagios-nsca/trunk/debian/changelog
===================================================================
--- nagios-nsca/trunk/debian/changelog	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/changelog	2006-05-29 10:34:50 UTC (rev 917)
@@ -1,9 +1,20 @@
-nsca (2.5-3) UNRELEASED; urgency=low
+nsca (2.6-1) unstable; urgency=low
 
-  * NOT RELEASED YET
+  * New upstream release
+
+  [sean finney]
+  * new french debconf translations from Sylvain Archenault (closes: #362712).
+  * upstream has incorporated our chroot support patch, so
+    05_nsca_chroot.dpatch is no longer necessary.
+  * includes fix for segfault in encryption library cleanup (closes: #357275).
+  * initscript modifications to relfect that nsca now supports a pid_file
+    directive and reloading of configuration via HUP natively.
+  * maintscript cleanup for config<->debconf starting/stopping nsca stuff.
+
+  [marc haber]
   * allow buildclientpackage to be set from the build environment
 
- -- Marc Haber <mh+debian-packages at zugschlus.de>  Mon, 10 Apr 2006 10:52:38 +0200
+ -- sean finney <seanius at debian.org>  Mon, 29 May 2006 11:28:38 +0200
 
 nsca (2.5-2) unstable; urgency=low
 

Modified: nagios-nsca/trunk/debian/config
===================================================================
--- nagios-nsca/trunk/debian/config	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/config	2006-05-29 10:34:50 UTC (rev 917)
@@ -6,28 +6,33 @@
 
 # if nsca's init script is already configured, we must reflect 
 # that as the source of configuration, not debconf itself.
-set +e
-invoke-rc.d --query nsca start
-invoke_said=$?
-set -e
+# this function figures that out.
+run_nsca(){
+	set +e
+	invoke-rc.d --query nsca start 2>/dev/null
+	invoke_said=$?
+	set -e
+	
+	case $invoke_said in
+	# 101 == disabled
+	101)
+		echo "false"
+	;;
+	# 104 == enabled
+	104)
+		echo "true"
+	;;
+	# anything else is "undefined", so we then use our defaults
+	*)
+		if which nagios >/dev/null 2>&2 || which nagios2 >/dev/null; then
+			echo "true"
+		else
+			echo "false"
+		fi
+	;;
+	esac
+}
 
-case $invoke_said in
-# 101 == disabled, 104 == enabled.  do nothing for either
-101|104)
-;;
-*)
-	if which nagios >/dev/null 2>&2 || which nagios2 >/dev/null; then
-		default_run_nsca_daemon="true"
-	else
-		default_run_nsca_daemon="false"
-	fi
-;;
-esac
-
-db_fget nsca/run-nsca-daemon seen
-seen="$RET"
-if [ "$seen" = "false" ]; then
-	db_set nsca/run-nsca-daemon "$default_run_nsca_daemon"
-fi
+db_set nsca/run-nsca-daemon `run_nsca`
 db_input medium nsca/run-nsca-daemon || true
 db_go || true

Modified: nagios-nsca/trunk/debian/nsca.init
===================================================================
--- nagios-nsca/trunk/debian/nsca.init	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/nsca.init	2006-05-29 10:34:50 UTC (rev 917)
@@ -7,18 +7,43 @@
 NAME=nsca
 DESC="Nagios Service Check Acceptor"
 CONF=/etc/nsca.cfg
-OPTS="-f --daemon -c $CONF"
+OPTS="--daemon -c $CONF"
 PIDFILE="/var/run/nsca.pid"
 
 ###
 
-SSDOPTS="--pidfile $PIDFILE --make-pidfile"
-SSD="/sbin/start-stop-daemon $SSDOPTS"
-
+# obviously if the daemon doesn't exist we should stop now
 if [ ! -x $DAEMON ]; then
 	exit 0
 fi
 
+# grab an arbitrary config setting from nsca.cfg
+get_config(){
+	grep "^[[:space:]]*$1=" $CONF 2>/dev/null | tail | cut -d= -f2-
+}
+
+# if the pid_file is specified in the configuration file, nsca will
+# take care of the pid handling for us.  if it isn't we should continue
+# as we have before
+PIDFILE=`get_config pid_file`
+# if pidfile isn't set
+if [ -z "$PIDFILE" ];  then 
+	# then this is the default PIDFILE
+	PIDFILE="/var/run/nsca.pid"
+	# run nsca in the foreground, and have s-s-d fork it for us
+	OPTS="-f $OPTS"
+	# and then this is how we call SSD
+	SSD_STARTOPTS="--background --pidfile $PIDFILE --make-pidfile"
+	SSD_STOPOPTS="--pidfile $PIDFILE"
+else
+	# but if pid_file is set, we don't have to do anything
+	SSD_STARTOPTS="--pidfile $PIDFILE"
+	SSD_STOPOPTS="--pidfile $PIDFILE"
+fi
+
+SSD_START="/sbin/start-stop-daemon -S $SSD_STARTOPTS --exec $DAEMON"
+SSD_STOP="/sbin/start-stop-daemon -K $SSD_STOPOPTS --exec $DAEMON"
+
 die(){
 	echo $@
 	exit 1
@@ -27,15 +52,24 @@
 case "$1" in
 start)
 	echo -n "Starting $DESC: "
-	$SSD -S -b --exec $DAEMON -- $OPTS || die "ERROR: could not start $NAME."
+	if [ ! -d "/var/run/nagios" ]; then
+		mkdir -p /var/run/nagios || die "ERROR: couldn't create /var/run/nagios"
+	fi
+	$SSD_START -- $OPTS || die "ERROR: could not start $NAME."
 	echo "$NAME."
 ;;
 stop)
 	echo -n "Stopping $DESC: "
-	$SSD -K --exec $DAEMON -- $OPTS || die "ERROR: could not stop $NAME."
+	$SSD_STOP -- $OPTS || die "ERROR: could not stop $NAME."
+	rm -f $PIDFILE
 	echo "$NAME."
 ;;
-restart|reload|force-reload)
+reload|force-reload)
+	echo -n "Reloading $DESC: "
+	$SSD_STOP --signal HUP -- $OPTS || die "ERROR: could not reload $NAME."
+	echo "$NAME."
+;;
+restart)
 	$0 stop
 	$0 start
 ;;

Modified: nagios-nsca/trunk/debian/patches/00list
===================================================================
--- nagios-nsca/trunk/debian/patches/00list	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/patches/00list	2006-05-29 10:34:50 UTC (rev 917)
@@ -2,4 +2,3 @@
 02_nsca_foreground.dpatch
 03_errors_to_stderr.dpatch
 04_nsca.cfg_nagios_vs_nagios.dpatch
-05_nsca_chroot.dpatch

Deleted: nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch
===================================================================
--- nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/patches/05_nsca_chroot.dpatch	2006-05-29 10:34:50 UTC (rev 917)
@@ -1,254 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 05_nsca_chroot.dpatch by  <seanius at debian.org>
-##
-## DP: provide support for chrooting when in daemon mode.
-
- at DPATCH@
-diff -urNad --exclude=CVS --exclude=.svn ./sample-config/nsca.cfg.in /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/sample-config/nsca.cfg.in
---- ./sample-config/nsca.cfg.in	2006-03-12 11:40:20.000000000 +0100
-+++ /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/sample-config/nsca.cfg.in	2006-03-12 11:40:20.000000000 +0100
-@@ -42,6 +42,16 @@
- 
- nsca_group=@nsca_grp@
- 
-+# NSCA CHROOT
-+# If specified, determines a directory into which the nsca daemon
-+# will perform a chroot(2) operation before dropping its privileges.
-+# for the security conscious this can add a layer of protection in
-+# the event that the nagios daemon is compromised.  
-+# 
-+# NOTE: if you specify this option, the command file will be opened
-+#       relative to this directory.
-+
-+#nsca_chroot=/var/run/nagios/rw
- 
- 
- # DEBUGGING OPTION
-diff -urNad --exclude=CVS --exclude=.svn ./src/nsca.c /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/src/nsca.c
---- ./src/nsca.c	2006-03-12 11:40:20.000000000 +0100
-+++ /home/sean/tmp/dpep-work.v8Tmq4/nsca-2.5/src/nsca.c	2006-03-12 11:41:50.000000000 +0100
-@@ -40,8 +40,11 @@
- static int open_command_file(void);
- static void close_command_file(void);
- static void install_child_handler(void);
--static int drop_privileges(char *,char *);
-+static int get_user_info(const char *, uid_t *);
-+static int get_group_info(const char *, gid_t *);
-+static int drop_privileges(const char *,uid_t,gid_t);
- static int write_check_result(char *,char *,int,char *,time_t);
-+static void do_chroot(void);
- static void do_exit(int);
- 
- static enum { OPTIONS_ERROR, SINGLE_PROCESS_DAEMON, MULTI_PROCESS_DAEMON, INETD } mode=SINGLE_PROCESS_DAEMON;
-@@ -54,6 +57,8 @@
- char *nsca_user=NULL;
- char *nsca_group=NULL;
- 
-+char *nsca_chroot=NULL;
-+
- int show_help=FALSE;
- int show_license=FALSE;
- int show_version=FALSE;
-@@ -88,6 +93,8 @@
- int main(int argc, char **argv){
-         char buffer[MAX_INPUT_BUFFER];
-         int result;
-+        uid_t uid=-1;
-+        gid_t gid=-1;
- 
- 
- 	/* process command-line arguments */
-@@ -143,7 +150,7 @@
- 
- 
-         /* open a connection to the syslog facility */
--        openlog("nsca",LOG_PID,LOG_DAEMON); 
-+        openlog("nsca",LOG_PID|LOG_NDELAY,LOG_DAEMON); 
- 
- 	/* make sure the config file uses an absolute path */
- 	if(config_file[0]!='/'){
-@@ -180,6 +187,9 @@
-         switch(mode){
- 
-         case INETD:
-+				/* chroot if configured */
-+				do_chroot();
-+
-                 /* if we're running under inetd, handle one connection and get out */
-                 handle_connection(0,NULL);
-                 break;
-@@ -209,8 +219,15 @@
- 			open("/dev/null",O_WRONLY);
- 			open("/dev/null",O_WRONLY);
- 
-+			/* get group information before chrooting */
-+			get_user_info(nsca_user, &uid);
-+			get_group_info(nsca_group, &gid);
-+
-+			/* chroot if configured */
-+			do_chroot();
-+
- 			/* drop privileges */
--			drop_privileges(nsca_user,nsca_group);
-+			drop_privileges(nsca_user,uid,gid);
- 
-                         /* wait for connections */
-                         wait_for_connections();
-@@ -411,6 +428,9 @@
-                 else if(!strcmp(varname,"nsca_group"))
- 			nsca_group=strdup(varvalue);
- 
-+                else if(!strcmp(varname,"nsca_chroot"))
-+			nsca_chroot=strdup(varvalue);
-+
- 		else{
-                         syslog(LOG_ERR,"Unknown option specified in config file '%s' - Line %d\n",filename,line);
- 
-@@ -1144,62 +1164,71 @@
- 	return OK;
-         }
- 
-+/* get user information */
-+static int get_user_info(const char *user, uid_t *uid){
-+	const struct passwd *pw=NULL;
-+	
-+	if(user!=NULL){
-+		/* see if this is a user name */
-+		if(strspn(user,"0123456789")<strlen(user)){
-+			pw=(struct passwd *)getpwnam(user);
-+			if(pw!=NULL)
-+				*uid=(uid_t)(pw->pw_uid);
-+			else
-+				syslog(LOG_ERR,"Warning: Could not get passwd entry for '%s'",user);
-+			endpwent();
-+		}
- 
-+		/* else we were passed the UID */
-+		else
-+			*uid=(uid_t)atoi(user);
- 
--/* drops privileges */
--static int drop_privileges(char *user, char *group){
--	uid_t uid=-1;
--	gid_t gid=-1;
--	struct group *grp;
--	struct passwd *pw;
-+	} else
-+		*uid=geteuid();
- 
--	/* set effective group ID */
-+	return OK;
-+}
-+
-+
-+/* get group information */
-+static int get_group_info(const char *group, gid_t *gid){
-+	const struct group *grp=NULL;
-+	
-+	/* get group ID */
- 	if(group!=NULL){
--		
- 		/* see if this is a group name */
- 		if(strspn(group,"0123456789")<strlen(group)){
- 			grp=(struct group *)getgrnam(group);
- 			if(grp!=NULL)
--				gid=(gid_t)(grp->gr_gid);
-+				*gid=(gid_t)(grp->gr_gid);
- 			else
- 				syslog(LOG_ERR,"Warning: Could not get group entry for '%s'",group);
- 			endgrent();
--		        }
-+		}
- 
- 		/* else we were passed the GID */
- 		else
--			gid=(gid_t)atoi(group);
-+			*gid=(gid_t)atoi(group);
-+	} else
-+		*gid=getegid();
- 
--		/* set effective group ID if other than current EGID */
--		if(gid!=getegid()){
-+	return OK;
-+}
- 
--			if(setgid(gid)==-1)
--				syslog(LOG_ERR,"Warning: Could not set effective GID=%d",(int)gid);
--		        }
--	        }
- 
-+/* drops privileges */
-+static int drop_privileges(const char *user, uid_t uid, gid_t gid){
-+	struct group *grp;
-+	struct passwd *pw;
- 
--	/* set effective user ID */
--	if(user!=NULL){
--		
--		/* see if this is a user name */
--		if(strspn(user,"0123456789")<strlen(user)){
--			pw=(struct passwd *)getpwnam(user);
--			if(pw!=NULL)
--				uid=(uid_t)(pw->pw_uid);
--			else
--				syslog(LOG_ERR,"Warning: Could not get passwd entry for '%s'",user);
--			endpwent();
--		        }
-+	/* set effective group ID if other than current EGID */
-+	if(gid!=getegid()){
-+		if(setgid(gid)==-1)
-+			syslog(LOG_ERR,"Warning: Could not set effective GID=%d",(int)gid);
-+	}
- 
--		/* else we were passed the UID */
--		else
--			uid=(uid_t)atoi(user);
--			
- #ifdef HAVE_INITGROUPS
--
- 		if(uid!=geteuid()){
--
- 			/* initialize supplementary groups */
- 			if(initgroups(user,gid)==-1){
- 				if(errno==EPERM)
-@@ -1207,14 +1236,34 @@
- 				else{
- 					syslog(LOG_ERR,"Warning: Possibly root user failed dropping privileges with initgroups()");
- 					return ERROR;
--			                }
--	                        }
--		        }
-+				}
-+			}
-+		}
- #endif
- 
- 		if(setuid(uid)==-1)
- 			syslog(LOG_ERR,"Warning: Could not set effective UID=%d",(int)uid);
--	        }
- 
--	return OK;
--        }
-+		return OK;
-+}
-+
-+/* perform the chroot() operation if configured to do so */
-+void do_chroot(void){
-+	int retval=0;
-+	const char *err=NULL;
-+
-+	if(nsca_chroot != NULL){
-+		retval=chdir(nsca_chroot);
-+		if(retval!=0){
-+			err=strerror(errno);
-+			syslog(LOG_ERR, "can not chdir into chroot directory: %s", err);
-+			do_exit(STATE_UNKNOWN);
-+		}
-+		retval=chroot(".");
-+		if(retval!=0){
-+			err=strerror(errno);
-+			syslog(LOG_ERR, "can not chroot: %s", err);
-+			do_exit(STATE_UNKNOWN);
-+		}
-+	}
-+}

Added: nagios-nsca/trunk/debian/po/fr.po
===================================================================
--- nagios-nsca/trunk/debian/po/fr.po	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/po/fr.po	2006-05-29 10:34:50 UTC (rev 917)
@@ -0,0 +1,58 @@
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+# Developers do not need to manually edit POT or PO files.
+# 
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: nsca 2.5-2\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2006-03-11 18:47+0100\n"
+"PO-Revision-Date: 2006-04-10 12:40+0200\n"
+"Last-Translator: Sylvain Archenault <sylvain.archenault at laposte.net>\n"
+"Language-Team: French <debian-l10n-french at lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-15\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: boolean
+#. Description
+#: ../nsca.templates:3
+msgid "Should the nsca daemon be enabled by default?"
+msgstr "Faut-il que le démon nsca soit activé par défaut ?"
+
+#. Type: boolean
+#. Description
+#: ../nsca.templates:3
+msgid ""
+"The nsca daemon is the process that handles results service checks sent via "
+"send_nsca on remote hosts.  Typically the nsca daemon is only needed on "
+"hosts that run the nagios daemon."
+msgstr ""
+"Le démon nsca est le processus qui traite les résultats des requêtes de "
+"contrôle de service envoyées via « send_nsca » vers des hôtes distants. Le "
+"démon nsca est nécessaire essentiellement sur les machines qui hébergent un "
+"démon nagios."
+
+#. Type: boolean
+#. Description
+#: ../nsca.templates:3
+msgid ""
+"If the system on which you are installing nsca also runs the nagios daemon, "
+"you should most likely choose this option.  If you are installing nsca on a "
+"remote \"satellite\" system for the purpose of sending service checks to a "
+"central nagios host, you should not choose this option.  If you wish to run "
+"nsca as a service through inetd/xinetd, you should also not choose this "
+"option."
+msgstr ""
+"Si le système sur lequel vous installez nsca exécute également le démon "
+"nagios, vous devriez choisir cette option. Ne la choisissez pas si vous "
+"installez nsca sur un « satellite » distant dans le but de tester les "
+"services d'un hôte nagios. Si vous souhaitez exécuter nsca via inetd ou "
+"xinetd, ne choisissez pas cette option."

Modified: nagios-nsca/trunk/debian/postinst
===================================================================
--- nagios-nsca/trunk/debian/postinst	2006-05-28 21:26:32 UTC (rev 916)
+++ nagios-nsca/trunk/debian/postinst	2006-05-29 10:34:50 UTC (rev 917)
@@ -7,7 +7,7 @@
 case "$1" in
 configure)
 	db_get nsca/run-nsca-daemon
-	runnsca="$RET"
+	new_runnsca="$RET"
 	;;
 abort-upgrade|abort-remove|abort-deconfigure)
 	exit 0
@@ -18,28 +18,65 @@
 	;;
 esac
 
+# if nsca's init script is already configured, we must reflect 
+# that as the source of configuration, not debconf itself.
+# this function figures that out.  note this is slightly
+# different from the run_nsca in config, as state 105 is
+# treated differently at this point (since we know the files
+# are unpacked at this point)
+run_nsca(){
+	set +e
+	invoke-rc.d --query nsca start 2>/dev/null
+	invoke_said=$?
+	set -e
+	
+	case $invoke_said in
+	# 101 == disabled
+	101)
+		echo "false"
+	;;
+	# 104 == enabled
+	104)
+		echo "true"
+	;;
+	# 105 == we don't know
+	105)
+		echo "unknown"
+	;;
+	# anything else is "undefined", so we then use our defaults
+	*)
+		if which nagios >/dev/null 2>&2 || which nagios2 >/dev/null; then
+			echo "true"
+		else
+			echo "false"
+		fi
+	;;
+	esac
+}
+
 # do this manually to allow the debconf setting to control it:
 # (don't worry, the debconf setting respects the local modifications)
 if [ -x "/etc/init.d/nsca" ]; then
-	# if runnsca is set to either true/false, that means the user
-	# has just provided an answer (we unset it after every run).  in
-	# any case that means we have to remove runlevel links first
-	if [ -n "$runnsca" ]; then
+	old_runnsca=`run_nsca`
+	# if anything has changed...
+	if [ "$new_runnsca" != "$old_runnsca" ]; then
 		update-rc.d -f nsca remove >/dev/null 2>&1
+		if [ "$new_runnsca" = "false" ]; then
+			update-rc.d nsca stop 16 2 3 4 5 .
+		else 
+			update-rc.d nsca defaults >/dev/null
+		fi
 	fi
 
-	if [ "$runnsca" = "false" ]; then
-		update-rc.d nsca stop 16 2 3 4 5 .
-	else 
-		update-rc.d nsca defaults >/dev/null
-		if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
-			invoke-rc.d nsca start || exit 0
-		else
-			/etc/init.d/nsca start || exit 0
-		fi
+	if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+		invoke-rc.d nsca start || exit 0
+	else
+		/etc/init.d/nsca start || exit 0
 	fi
 fi
 
+# always reset this question, to make sure we're not depending on it
 db_reset nsca/run-nsca-daemon
+db_stop
 
 #DEBHELPER#




More information about the Pkg-nagios-changes mailing list