[arch-commits] Commit in nrpe/trunk (PKGBUILD nrpe.cfg nrpe.install nrpe.xinetd)
Jonathan Steel
jsteel at archlinux.org
Thu Oct 23 21:03:25 UTC 2014
Date: Thursday, October 23, 2014 @ 23:03:23
Author: jsteel
Revision: 121332
upgpkg: nrpe 2.15-3
Modified:
nrpe/trunk/PKGBUILD
nrpe/trunk/nrpe.install
Deleted:
nrpe/trunk/nrpe.cfg
nrpe/trunk/nrpe.xinetd
--------------+
PKGBUILD | 71 ++++++++---------
nrpe.cfg | 235 ---------------------------------------------------------
nrpe.install | 19 +---
nrpe.xinetd | 16 ---
4 files changed, 41 insertions(+), 300 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-10-23 20:37:09 UTC (rev 121331)
+++ PKGBUILD 2014-10-23 21:03:23 UTC (rev 121332)
@@ -4,7 +4,7 @@
pkgname=nrpe
pkgver=2.15
-pkgrel=2
+pkgrel=3
pkgdesc="Nagios Remote Plugin Executor"
arch=('i686' 'x86_64')
license=('GPL')
@@ -11,17 +11,11 @@
depends=('openssl')
optdepends=("monitoring-plugins: common tools for monitoring using $pkgname")
replaces=('nagios-nrpe')
-options=(!libtool)
-install="$pkgname.install"
+install=$pkgname.install
backup=('etc/nrpe/nrpe.cfg' 'etc/xinetd.d/nrpe')
url="http://exchange.nagios.org/directory/Addons/Monitoring-Agents/NRPE--2D-Nagios-Remote-Plugin-Executor/details"
source=(http://downloads.sourceforge.net/nagios/$pkgname-$pkgver.tar.gz
- nrpe.service
- nrpe.socket
- nrpe at .service
- nrpe.tmpfiles
- nrpe.xinetd
- nrpe.cfg
+ $pkgname.service $pkgname.socket $pkgname at .service $pkgname.tmpfiles
syslog.patch)
md5sums=('3921ddc598312983f604541784b35a50'
'265512fbfc65f89eab1ca23d11ec749d'
@@ -28,46 +22,47 @@
'f239bb4e7b885449d1f4067b209d89fd'
'143278e9495821bd887cf84ce0f97af6'
'd4b89b7ff8ffb187d44fedf294e7f5de'
- 'fcd93e2825c7f15355402c9d3569330d'
- '8c867371c83ce5848ed841e88be4998a'
'e68e6460f5a2999635254dac64056679')
-build() {
- cd "$srcdir"/$pkgname-$pkgver
+prepare() {
+ cd "$srcdir"/$pkgname-$pkgver
+ # fix directory permissions
+ sed -i 's/775/755/' Makefile.in src/Makefile.in
+
+ # fix run directory
+ sed -i 's/nrpe.pid/nrpe\/nrpe.pid/' sample-config/nrpe.cfg.in
+
+ # set the nrpe user and group
+ sed -i 's/@nrpe_user@/31/' sample-config/nrpe.cfg.in
+ sed -i 's/@nrpe_group@/31/' sample-config/nrpe.cfg.in
+
# fix logging binary data to journal/syslog when ipv4 disconnects with debug=1
- patch -Np1 < "$srcdir"/syslog.patch
+ patch -Np1 -i "$srcdir"/syslog.patch
+}
- ./configure \
+build() {
+ cd "$srcdir"/$pkgname-$pkgver
+
+ ./configure \
--prefix=/usr \
--sysconfdir=/etc/nrpe \
- --with-nrpe-user=nrpe \
- --with-nrpe-group=nrpe \
- --enable-command-args
+ --libexecdir=/usr/lib/monitoring-plugins \
+ --enable-command-args \
+ --with-nrpe-user=0 --with-nrpe-group=0 \
+ --with-nagios-user=0 --with-nagios-group=0
- make
+ make
}
package() {
- cd "$srcdir"/$pkgname-$pkgver
+ cd "$srcdir"/$pkgname-$pkgver
- # install and fix sample config file
- install -D -m644 "$srcdir"/nrpe.cfg "$pkgdir"/etc/nrpe/nrpe.cfg
+ make DESTDIR="$pkgdir"/ install
+ make DESTDIR="$pkgdir"/ install-daemon-config
- # fix paths to monitoring-plugins
- sed -e 's|/usr/libexec/|/usr/share/nagios/libexec/|g' \
- -i "$pkgdir"/etc/nrpe/nrpe.cfg
+ install -Dm644 sample-config/nrpe.xinetd "$pkgdir"/etc/xinetd.d/nrpe
- install -dm755 "$pkgdir"/etc/nrpe/conf.d/
-cat > "$pkgdir"/etc/nrpe/conf.d/process_checks.cfg <<EOT
-command[check_zombie_procs]=/usr/share/nagios/libexec/check_procs -w 5 -c 10 -s Z
-command[check_total_procs]=/usr/share/nagios/libexec/check_procs -w 150 -c 200
-EOT
-
- # install main application
- install -D -m755 src/nrpe "$pkgdir"/usr/bin/nrpe
-
- # install systemd "unit" files
install -D -m644 "$srcdir"/nrpe.service \
"$pkgdir"/usr/lib/systemd/system/nrpe.service
install -D -m644 "$srcdir"/nrpe.socket \
@@ -77,6 +72,8 @@
install -D -m644 "$srcdir"/nrpe.tmpfiles \
"$pkgdir"/usr/lib/tmpfiles.d/nrpe.conf
- # install xinetd template
- install -Dm644 "$srcdir"/nrpe.xinetd "$pkgdir"/etc/xinetd.d/nrpe
+ install -Dm644 README "$pkgdir"/usr/share/doc/$pkgname/README
+ install -Dm644 README.SSL "$pkgdir"/usr/share/doc/$pkgname/README.SSL
+ install -Dm644 SECURITY "$pkgdir"/usr/share/doc/$pkgname/SECURITY
+ install -Dm644 LEGAL "$pkgdir"/usr/share/licenses/$pkgname/LEGAL
}
Deleted: nrpe.cfg
===================================================================
--- nrpe.cfg 2014-10-23 20:37:09 UTC (rev 121331)
+++ nrpe.cfg 2014-10-23 21:03:23 UTC (rev 121332)
@@ -1,235 +0,0 @@
-#############################################################################
-# Sample NRPE Config File
-# Written by: Ethan Galstad (nagios at nagios.org)
-#
-# Last Modified: 11-23-2007
-#
-# NOTES:
-# This is a sample configuration file for the NRPE daemon. It needs to be
-# located on the remote host that is running the NRPE daemon, not the host
-# from which the check_nrpe client is being executed.
-#############################################################################
-
-
-# LOG FACILITY
-# The syslog facility that should be used for logging purposes.
-
-log_facility=daemon
-
-
-
-# PID FILE
-# The name of the file in which the NRPE daemon should write it's process ID
-# number. The file is only written if the NRPE daemon is started by the root
-# user and is running in standalone mode.
-
-pid_file=/run/nrpe/nrpe.pid
-
-
-
-# PORT NUMBER
-# Port number we should wait for connections on.
-# NOTE: This must be a non-priviledged port (i.e. > 1024).
-# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
-
-server_port=5666
-
-
-
-# SERVER ADDRESS
-# Address that nrpe should bind to in case there are more than one interface
-# and you do not want nrpe to bind on all interfaces.
-# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
-
-#server_address=127.0.0.1
-
-
-
-# NRPE USER
-# This determines the effective user that the NRPE daemon should run as.
-# You can either supply a username or a UID.
-#
-# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
-
-nrpe_user=nrpe
-
-
-
-# NRPE GROUP
-# This determines the effective group that the NRPE daemon should run as.
-# You can either supply a group name or a GID.
-#
-# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
-
-nrpe_group=nrpe
-
-
-
-# ALLOWED HOST ADDRESSES
-# This is an optional comma-delimited list of IP address or hostnames
-# that are allowed to talk to the NRPE daemon. Network addresses with a bit mask
-# (i.e. 192.168.1.0/24) are also supported. Hostname wildcards are not currently
-# supported.
-#
-# Note: The daemon only does rudimentary checking of the client's IP
-# address. I would highly recommend adding entries in your /etc/hosts.allow
-# file to allow only the specified host to connect to the port
-# you are running this daemon on.
-#
-# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
-
-allowed_hosts=127.0.0.1
-
-
-
-# COMMAND ARGUMENT PROCESSING
-# This option determines whether or not the NRPE daemon will allow clients
-# to specify arguments to commands that are executed. This option only works
-# if the daemon was configured with the --enable-command-args configure script
-# option.
-#
-# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
-# Read the SECURITY file for information on some of the security implications
-# of enabling this variable.
-#
-# Values: 0=do not allow arguments, 1=allow command arguments
-
-dont_blame_nrpe=0
-
-
-
-# BASH COMMAND SUBTITUTION
-# This option determines whether or not the NRPE daemon will allow clients
-# to specify arguments that contain bash command substitutions of the form
-# $(...). This option only works if the daemon was configured with both
-# the --enable-command-args and --enable-bash-command-substitution configure
-# script options.
-#
-# *** ENABLING THIS OPTION IS A HIGH SECURITY RISK! ***
-# Read the SECURITY file for information on some of the security implications
-# of enabling this variable.
-#
-# Values: 0=do not allow bash command substitutions,
-# 1=allow bash command substitutions
-
-allow_bash_command_substitution=0
-
-
-
-# COMMAND PREFIX
-# This option allows you to prefix all commands with a user-defined string.
-# A space is automatically added between the specified prefix string and the
-# command line from the command definition.
-#
-# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
-# Usage scenario:
-# Execute restricted commmands using sudo. For this to work, you need to add
-# the nagios user to your /etc/sudoers. An example entry for alllowing
-# execution of the plugins from might be:
-#
-# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
-#
-# This lets the nagios user run all commands in that directory (and only them)
-# without asking for a password. If you do this, make sure you don't give
-# random users write access to that directory or its contents!
-
-# command_prefix=/usr/bin/sudo
-
-
-
-# DEBUGGING OPTION
-# This option determines whether or not debugging messages are logged to the
-# syslog facility.
-# Values: 0=debugging off, 1=debugging on
-
-debug=0
-
-
-
-# COMMAND TIMEOUT
-# This specifies the maximum number of seconds that the NRPE daemon will
-# allow plugins to finish executing before killing them off.
-
-command_timeout=60
-
-
-
-# CONNECTION TIMEOUT
-# This specifies the maximum number of seconds that the NRPE daemon will
-# wait for a connection to be established before exiting. This is sometimes
-# seen where a network problem stops the SSL being established even though
-# all network sessions are connected. This causes the nrpe daemons to
-# accumulate, eating system resources. Do not set this too low.
-
-connection_timeout=300
-
-
-
-# WEEK RANDOM SEED OPTION
-# This directive allows you to use SSL even if your system does not have
-# a /dev/random or /dev/urandom (on purpose or because the necessary patches
-# were not applied). The random number generator will be seeded from a file
-# which is either a file pointed to by the environment valiable $RANDFILE
-# or $HOME/.rnd. If neither exists, the pseudo random number generator will
-# be initialized and a warning will be issued.
-# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
-
-#allow_weak_random_seed=1
-
-
-
-# INCLUDE CONFIG FILE
-# This directive allows you to include definitions from an external config file.
-
-#include=<somefile.cfg>
-
-
-
-# INCLUDE CONFIG DIRECTORY
-# This directive allows you to include definitions from config files (with a
-# .cfg extension) in one or more directories (with recursion).
-
-include_dir=/etc/nrpe/conf.d/
-#include_dir=<someotherdirectory>
-
-
-
-# COMMAND DEFINITIONS
-# Command definitions that this daemon will run. Definitions
-# are in the following format:
-#
-# command[<command_name>]=<command_line>
-#
-# When the daemon receives a request to return the results of <command_name>
-# it will execute the command specified by the <command_line> argument.
-#
-# Unlike Nagios, the command line cannot contain macros - it must be
-# typed exactly as it should be executed.
-#
-# Note: Any plugins that are used in the command lines must reside
-# on the machine that this daemon is running on! The examples below
-# assume that you have plugins installed in a /usr/local/nagios/libexec
-# directory. Also note that you will have to modify the definitions below
-# to match the argument format the plugins expect. Remember, these are
-# examples only!
-
-
-# The following examples use hardcoded command arguments...
-
-#command[check_users]=/usr/libexec/check_users -w 5 -c 10
-#command[check_load]=/usr/libexec/check_load -w 15,10,5 -c 30,25,20
-#command[check_hda1]=/usr/libexec/check_disk -w 20% -c 10% -p /dev/hda1
-#command[check_zombie_procs]=/usr/libexec/check_procs -w 5 -c 10 -s Z
-#command[check_total_procs]=/usr/libexec/check_procs -w 150 -c 200
-
-
-# The following examples allow user-supplied arguments and can
-# only be used if the NRPE daemon was compiled with support for
-# command arguments *AND* the dont_blame_nrpe directive in this
-# config file is set to '1'. This poses a potential security risk, so
-# make sure you read the SECURITY file before doing this.
-
-#command[check_users]=/usr/libexec/check_users -w $ARG1$ -c $ARG2$
-#command[check_load]=/usr/libexec/check_load -w $ARG1$ -c $ARG2$
-#command[check_disk]=/usr/libexec/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
-#command[check_procs]=/usr/libexec/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
Modified: nrpe.install
===================================================================
--- nrpe.install 2014-10-23 20:37:09 UTC (rev 121331)
+++ nrpe.install 2014-10-23 21:03:23 UTC (rev 121332)
@@ -3,11 +3,11 @@
groupadd -g 31 nrpe
fi
if [ -z "$(getent passwd nrpe)" ]; then
- useradd -u 31 -g nrpe -c "Nagios NRPE" -d /dev/null -s /bin/false nrpe
+ useradd -u 31 -g nrpe -c "Nagios NRPE" -d /dev/null -s /usr/bin/nologin nrpe
fi
grep -Pq '^nrpe\s+' /etc/services || \
- echo "nrpe 5666/tcp # nagios nrpe service" >> /etc/services
+ echo "nrpe 5666/tcp" >> /etc/services
systemd-tmpfiles --create /usr/lib/tmpfiles.d/nrpe.conf
}
@@ -16,18 +16,13 @@
post_install $1
}
-pre_remove() {
- userdel nrpe &> /dev/null
- groupdel nrpe &> /dev/null
+post_remove() {
+ userdel nrpe
+ groupdel nrpe
}
post_remove() {
- # remove the line we added to /etc/services
- sed -e '/nrpe 5666\/tcp/d' \
+ # remove the line added to /etc/services
+ sed -e '/nrpe 5666\/tcp/d' \
-i /etc/services || true
}
-
-op=$1
-shift
-
-$op $*
Deleted: nrpe.xinetd
===================================================================
--- nrpe.xinetd 2014-10-23 20:37:09 UTC (rev 121331)
+++ nrpe.xinetd 2014-10-23 21:03:23 UTC (rev 121332)
@@ -1,16 +0,0 @@
-# default: on
-# description: NRPE (Nagios Remote Plugin Executor)
-service nrpe
-{
- flags = REUSE
- socket_type = stream
- port = 5666
- wait = no
- user = nrpe
- group = nrpe
- server = /usr/bin/nrpe
- server_args = -c /etc/nrpe/nrpe.cfg --inetd
- log_on_failure += USERID
- disable = no
- only_from = 127.0.0.1
-}
More information about the arch-commits
mailing list