pkgsrc/net/xymon/Makefile - view

Return to Makefile CVS log

Up to [cvs.NetBSD.org] / pkgsrc / net / xymon

File: [cvs.NetBSD.org] / pkgsrc / net / xymon / Makefile (download)

Revision 1.57, Sun Nov 24 20:16:55 2019 UTC (4 years, 4 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.56: +3 -3 lines

Update xymon and xymonclient to version 4.3.29.
Add patches to xymon from the xymon code repository to fix compatibility
issues in 4.3.29.

Upstream changelog:

   Changes for 4.3.29
   ==================

   Several buffer overflow security issues have been resolved, as well as
   a potential XSS attack on certain CGI interfaces. Although the ability
   to exploit is limited, all users are urged to upgrade.
   The assigned CVE numbers are:

     CVE-2019-13451, CVE-2019-13452, CVE-2019-13455, CVE-2019-13473,
     CVE-2019-13474, CVE-2019-13484, CVE-2019-13485, CVE-2019-13486

   In addition, revisions have been made to a number of places throughout
   the code to convert the most common sprintf statements to snprintf for
   safer processing, which should reduce the impact of similar parsing.
   Additional work on this will continue in the future.

   The affected CGIs are:

   	history.c (overflow of histlogfn) = CVE-2019-13451
   	reportlog.c (overflow of histlogfn) = CVE-2019-13452
   	csvinfo.c (overflow of dbfn) = CVE-2019-13273
   	csvinfo.c (reflected XSS) = CVE-2019-13274
   	acknowledge.c (overflow of msgline) = CVE-2019-13455

   	appfeed.c (overflow of errtxt) = CVE-2019-13484
   	history.c (overflow of selfurl) = CVE-2019-13485
   	svcstatus.c (overflow of errtxt) = CVE-2019-13486

   We would like to thank the University of Cambridge Computer Security
   Incident Response Team for their assistance in reporting and helping
   resolve these issues.




   Additional Changes:

   On Linux, a few additional tmpfs volumes are ignored by default
   on new (or unmodified) installs. This includes /run/user/<uid>,
   which is a transient, per-session tmpfs on some systems. To re-
   enable monitoring for this (if you are running services under
   a user with a login session), you may need to edit the analysis.cfg(5)
   file.

   After upgrade, these partitions will no longer be alerted on or
   tracked, and their associated RRD files may also be removed:

    /run/user/<uid> (but NOT /run)
    /dev (but NOT /dev/shm)
    /sys/fs/cgroup
    /lib/init/rw


   The default hard limit for an incoming message has been raised from
   10MB to 64MB

   The secure apache config snippet no longer requires a xymongroups file
   to be present (and module loaded), since it's not used by default. This
   will not affect existing installs.

   A --no-cpu-listing option has been added to xymond_client to suppress the
   'top' output in cpu test status messages.

   The conversation used in SMTP checks has been adjusted to perform a proper
   "EHLO" greeting against servers, using the host string 'xymonnet'. If the
   string needs to be adjusted, however, see protocols.cfg(5)

   "Actual" memory usage (as a percentage) may be >100% on some platforms
   in certain situations. This alone will not be tagged as "invalid" data
   and should be graphed in RRD.

# $NetBSD: Makefile,v 1.57 2019/11/24 20:16:55 spz Exp $
#

DISTNAME=		xymon-4.3.29
#PKGREVISION=		0
CATEGORIES=		net
MASTER_SITES=		${MASTER_SITE_SOURCEFORGE:=xymon/}

MAINTAINER=		spz@NetBSD.org
HOMEPAGE=		https://sourceforge.net/projects/xymon/
COMMENT=		Network services monitor a la Big Brother
LICENSE=		gnu-gpl-v2

MAKE_JOBS_SAFE=		NO

CONFLICTS+=		hobbitmon-[0-9]*
CONFLICTS+=		hobbitclient-[0-9]*

DEPENDS+=		fping>=2:../../net/fping
	# xymonclient ought to be the same version as the server, modulo nbN
DEPENDS+=		xymonclient>=4.3.0b2:../../net/xymonclient

HAS_CONFIGURE=		YES
USE_TOOLS+=		gmake

.include "../../mk/bsd.prefs.mk"

# xymons user/group

XYMONUSER?=		xymon
XYMONGROUP?=		xymon

PKG_GROUPS=		${XYMONGROUP}
PKG_USERS=		${XYMONUSER:Q}:${XYMONGROUP:Q}

PKG_GECOS.${XYMONUSER}=	Xymon monitor
PKG_HOME.${XYMONUSER}=	${XYMONHOME}

PKG_GROUPS_VARS+=	XYMONGROUP
PKG_GROUPS_VARS+=	APACHE_GROUP
PKG_USERS_VARS+=	XYMONUSER

# startup and config

RCD_SCRIPTS+=		xymon
PKG_SYSCONFDIR.xymon=	${PREFIX}/etc/xymon
EXAMPLEDIR=		${PREFIX}/share/examples/xymon

INSTALLATION_DIRS+=	${EXAMPLEDIR}
INSTALLATION_DIRS+=	${PKG_SYSCONFDIR.xymon}

XYMONHOME?=		${PREFIX}/share/xymon/xymonhome
XYMONTOPDIR?=		${PREFIX}/libexec/xymon
XYMONHOSTURL?=		/
CGIDIR?=		${XYMONTOPDIR}/cgi-bin
XYMONCGIURL?=		/cgi-bin
SECCGIDIR?=		${XYMONTOPDIR}/cgi-secure
SECUREXYMONCGIURL?=	/xymon-seccgi

XYMONSERVERNAME?=	"`uname -n`"
XYMONSERVERIP?=		127.0.0.1

XYMONLOGDIR?=		${VARBASE}/log/xymon
XYMONVAR?=		${VARBASE}/xymon

XYBINDIR?=		${XYMONTOPDIR}
XYETCDIR?=		${PKG_SYSCONFDIR.xymon}
XYEXTDIR?=		${XYMONTOPDIR}/ext
XYTMPDIR?=		${VARBASE}/xymon/tmp
XYWEBDIR?=		${PREFIX}/share/xymon/web
XYWWWDIR?=		${VARBASE}/xymon/www

BUILD_DEFS+=		VARBASE
BUILD_DEFS+=		XYMONHOSTURL
BUILD_DEFS+=		XYMONSERVERNAME
BUILD_DEFS+=		XYMONSERVERIP

FILES_SUBST+=		EXAMPLEDIR=${EXAMPLEDIR}
FILES_SUBST+=		XYMONHOME=${XYMONHOME:Q}
FILES_SUBST+=		XYMONLOGDIR=${XYMONLOGDIR}
FILES_SUBST+=		XYMONVAR=${XYMONVAR:Q}
FILES_SUBST+=		XYBINDIR=${XYBINDIR}
FILES_SUBST+=		XYETCDIR=${XYETCDIR}
FILES_SUBST+=		XYEXTDIR=${XYEXTDIR}
FILES_SUBST+=		XYTMPDIR=${XYTMPDIR}
FILES_SUBST+=		XYWEBDIR=${XYWEBDIR}
FILES_SUBST+=		XYWWWDIR=${XYWWWDIR}

MESSAGE_SUBST+=		DESTDIR=${DESTDIR}
MESSAGE_SUBST+=		EXAMPLEDIR=${EXAMPLEDIR}
MESSAGE_SUBST+=		SECCGIDIR=${SECCGIDIR}

CONFIGURE_ARGS+=	"--server"
CONFIGURE_ARGS+=	"--rrdinclude" "${BUILDLINK_PREFIX.rrdtool}/include"
CONFIGURE_ARGS+=	"--rrdlib" "${BUILDLINK_PREFIX.rrdtool}/lib"
CONFIGURE_ARGS+=	"--pngconfig" "${BUILDLINK_PREFIX.png}/bin/libpng-config"
CONFIGURE_ARGS+=	"--pcreinclude" "${BUILDLINK_PREFIX.pcre}/include"
CONFIGURE_ARGS+=	"--pcrelib" "${BUILDLINK_PREFIX.pcre}/lib"
CONFIGURE_ARGS+=	"--fping" "${LOCALBASE}/sbin/fping"

CONFIGURE_ENV+=		USEXYMONPING=n
CONFIGURE_ENV+=		XYMONHOSTNAME=${XYMONSERVERNAME:Q}
CONFIGURE_ENV+=		XYMONHOSTIP=${XYMONSERVERIP:Q}
CONFIGURE_ENV+=		XYMONUSER=${XYMONUSER:Q}
CONFIGURE_ENV+=		XYMONHOME=${XYMONHOME:Q}
CONFIGURE_ENV+=		XYMONTOPDIR=${XYMONTOPDIR}
CONFIGURE_ENV+=		XYMONHOSTURL=${XYMONHOSTURL:Q}
CONFIGURE_ENV+=		CGIDIR=${CGIDIR}
CONFIGURE_ENV+=		XYMONCGIURL=${XYMONCGIURL:Q}
CONFIGURE_ENV+=		SECURECGIDIR=${SECCGIDIR}
CONFIGURE_ENV+=		SECUREXYMONCGIURL=${SECUREXYMONCGIURL:Q}
CONFIGURE_ENV+=		HTTPDGID=${APACHE_GROUP}
CONFIGURE_ENV+=		XYMONLOGDIR=${XYMONLOGDIR}
CONFIGURE_ENV+=		XYMONVAR=${XYMONVAR:Q}
CONFIGURE_ENV+=		INSTALLROOT=${DESTDIR}
CONFIGURE_ENV+=		INSTALLBINDIR=${XYBINDIR}
CONFIGURE_ENV+=		INSTALLETCDIR=${XYETCDIR}
CONFIGURE_ENV+=		INSTALLEXADIR=${EXAMPLEDIR}
CONFIGURE_ENV+=		INSTALLEXTDIR=${XYEXTDIR}
CONFIGURE_ENV+=		INSTALLTMPDIR=${XYTMPDIR}
CONFIGURE_ENV+=		INSTALLWEBDIR=${XYWEBDIR}
CONFIGURE_ENV+=		INSTALLWWWDIR=${EXAMPLEDIR}/www
CONFIGURE_ENV+=		MANROOT=${PREFIX}/${PKGMANDIR}/

SUBST_CLASSES+=		bashpath
SUBST_FILES.bashpath=	xymond/xymonreports.sh.DIST
SUBST_SED.bashpath=	-e 's,/bin/bash,'${BASH:Q}','
SUBST_STAGE.bashpath=	pre-configure

USE_TOOLS+=	awk:run		cat:run		cp:run
USE_TOOLS+=	cut:run		date:run	egrep:run
USE_TOOLS+=	expr:run	find:run	grep:run
USE_TOOLS+=	head:run	id:run		ls:run
USE_TOOLS+=	mv:run		rm:run		sed:run
USE_TOOLS+=	sort:run	tail:run	touch:run
USE_TOOLS+=	tr:run		wc:run		bash:run


MAKE_DIRS+=		${XYMONTOPDIR}
MAKE_DIRS+=		${XYMONHOME}


OWN_DIRS_PERMS+=	${XYEXTDIR} ${XYMONUSER} ${XYMONGROUP} 0755
OWN_DIRS_PERMS+=	${XYMONLOGDIR} ${XYMONUSER} ${XYMONGROUP} 0755
OWN_DIRS_PERMS+=	${XYTMPDIR} ${XYMONUSER} ${XYMONGROUP} 0755

OWN_DIRS_PERMS+=	${XYMONVAR} ${XYMONUSER} ${XYMONGROUP} 0755
VAR_SUBDIRS=		acks data disabled download hist histlogs hostdata rrd
.for dir in ${VAR_SUBDIRS}
OWN_DIRS_PERMS+=	${XYMONVAR}/${dir} ${XYMONUSER} ${XYMONGROUP} 0755
.endfor

OWN_DIRS_PERMS+=	${XYWWWDIR} ${XYMONUSER} ${XYMONGROUP} 0755
WWW_SUBDIRS=		gifs help html menu notes wml
.for dir in ${WWW_SUBDIRS}
OWN_DIRS_PERMS+=	${XYWWWDIR}/${dir} ${XYMONUSER} ${XYMONGROUP} 0755
.endfor
OWN_DIRS_PERMS+=	${XYWWWDIR}/rep ${XYMONUSER} ${APACHE_GROUP} 0755
OWN_DIRS_PERMS+=	${XYWWWDIR}/snap ${XYMONUSER} ${APACHE_GROUP} 0755

OWN_DIRS_PERMS+=	${SECCGIDIR} ${XYMONUSER} ${XYMONGROUP} 0700

# actual config files

CFILES=			alerts.cfg analysis.cfg cgioptions.cfg client-local.cfg
CFILES+=		columndoc.csv columndoc.csv combo.cfg
CFILES+=		graphs.cfg holidays.cfg hosts.cfg protocols.cfg
CFILES+=		rrddefinitions.cfg snmpmibs.cfg tasks.cfg
CFILES+=		xymon-apache.conf xymonmenu.cfg xymonserver.cfg
.for file in ${CFILES}
CONF_FILES_PERMS+=	${EXAMPLEDIR}/${file} ${PKG_SYSCONFDIR.xymon}/${file} ${XYMONUSER} ${XYMONGROUP} 0644
.endfor

CFILES2=		critical.cfg critical.cfg.bak
.for file in ${CFILES2}
CONF_FILES_PERMS+=	${EXAMPLEDIR}/${file} ${PKG_SYSCONFDIR.xymon}/${file} ${XYMONUSER} ${XYMONGROUP} 0664
.endfor

SECCGIFILES=		ackinfo.cgi acknowledge.cgi criticaleditor.cgi
SECCGIFILES+=		enadis.cgi useradm.cgi
.for file in ${SECCGIFILES}
SPECIAL_PERMS+=		${SECCGIDIR}/../${file} ${XYMONUSER} ${XYMONGROUP} 0400
.endfor

MAKE_ENV+=		MAKE=${MAKE_PROGRAM:Q}
MAKE_ENV+=		PKGDIR=${PREFIX}
MAKE_ENV+=		INSTALLROOT=${DESTDIR}
MAKE_ENV+=		PKGBUILD=y
MAKE_ENV+=		RPATH=${COMPILER_RPATH_FLAG}
MAKE_ENV+=		${TOOLS_ENV}

MENUFILES=		b2t-blue.gif b2t-grey.gif t2b-blue.gif t2b-grey.gif
MENUFILES+=		xymonmenu-blue.css xymonmenu-grey.css

post-patch:
	${CP} ${WRKSRC}/build/Makefile.FreeBSD \
	      ${WRKSRC}/build/Makefile.DragonFly

post-install:
.for file in ${MENUFILES}
	chmod 0644 ${DESTDIR}${EXAMPLEDIR}/www/menu/${file}
.endfor

.include "options.mk"
.include "../../databases/rrdtool/buildlink3.mk"
.include "../../graphics/png/buildlink3.mk"
.include "../../devel/pcre/buildlink3.mk"
.include "../../mk/apache.mk"

.include "../../mk/bsd.pkg.mk"