webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
84fda839487d6718a3341dc279e6b9eaec4875d2
bpfire/lfs/icinga
Peter Müller 2b51f53cfd Icinga: Do not ship event handlers for Nagios 
These are owned (hence being writable) by "nobody", posing a potential
security risk. Since the files itself were already exluded from being
shipped, their parent directory should be as well.

This patch should reduce the amount of executable files being owned by
nobody to zero after upgrading to Core Update 157. Due to complexity
reasons, not all applications available in Pakfire could be tested,
though, so your mileage may vary.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2021-05-25 09:43:09 +00:00

117 lines
4.2 KiB
Plaintext
Raw Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 1.11.4
THISAPP = icinga-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = icinga
PAK_VER = 5
DEPS = nagios-plugins
CFLAGS += -fcommon
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = cfe64b91ec84f5431e53959e31ff07b5
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
dist:
@$(PAK)
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
$(UPDATE_AUTOMAKE)
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
--sysconfdir=/etc/icinga \
--datadir=/usr/share/icinga \
--datarootdir=/usr/share/icinga \
--sbindir=/usr/share/icinga/cgi-bin \
--localstatedir=/var/icinga \
--libdir=/usr/lib/icinga \
--libexecdir=/usr/lib/nagios/plugins \
--with-lockfile=/var/run/icinga.pid \
--with-httpd-conf=/etc/httpd/conf/conf.d \
--with-icinga-user=nobody \
--with-icinga-group=nobody \
--enable-event-broker \
--enable-embedded-perl \
--disable-idoutils
cd $(DIR_APP) && make all $(MAKETUNING)
cd $(DIR_APP) && make \
install install-init install-commandmode install-config \
install-webconf install-eventhandlers
rm -vf /etc/httpd/conf/conf.d/icinga.conf
install -v -m 644 $(DIR_SRC)/config/icinga/icinga.conf \
/etc/httpd/conf/vhosts.d/icinga.conf
ln -svf /etc/rc.d/init.d/icinga /etc/rc.d/rc3.d/S67icinga
ln -svf /etc/rc.d/init.d/icinga /etc/rc.d/rc0.d/K33icinga
ln -svf /etc/rc.d/init.d/icinga /etc/rc.d/rc6.d/K33icinga
install -v -m 644 $(DIR_SRC)/config/backup/includes/icinga \
/var/ipfire/backup/addons/includes/icinga
@rm -rf $(DIR_APP)
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink