Imported Debian patch 2.15-1

2014-07-15 18:30:36 +02:00
parent 1efb03f433
commit 3864e8204a
30 changed files with 895 additions and 0 deletions
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -0,0 +1,6 @@
+02_nrpe.cfg_local-include.dpatch
+03_support_nrpe.d.dpatch
+05_pid_privileges.dpatch
+06_pid_directory.dpatch
+07_warn_ssloption.dpatch
+09_noremove_pid.dpatch
--- a/debian/patches/02_nrpe.cfg_local-include.dpatch
+++ b/debian/patches/02_nrpe.cfg_local-include.dpatch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02_nrpe.cfg_local-include.dpatch by  <seanius@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Support nrpe_local.cfg 
+
+@DPATCH@
+diff -urNad nagios-nrpe-2.4~/sample-config/nrpe.cfg.in nagios-nrpe-2.4/sample-config/nrpe.cfg.in
+--- nagios-nrpe-2.4~/sample-config/nrpe.cfg.in	2006-02-03 23:02:32.000000000 +0100
+++ nagios-nrpe-2.4/sample-config/nrpe.cfg.in	2006-03-31 07:07:16.000000000 +0200
+@@ -178,3 +178,8 @@
+ #command[check_load]=@libexecdir@/check_load -w $ARG1$ -c $ARG2$
+ #command[check_disk]=@libexecdir@/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
+ #command[check_procs]=@libexecdir@/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
+
+#
+# local configuration:
+#	if you'd prefer, you can instead place directives here
+include=/etc/nagios/nrpe_local.cfg
--- a/debian/patches/03_support_nrpe.d.dpatch
+++ b/debian/patches/03_support_nrpe.d.dpatch
@@ -0,0 +1,21 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 03_support_nrpe.d.dpatch by Alexander Wirt <formorer@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Support an nrpe.d directory
+
+@DPATCH@
+diff -urNad nagios-nrpe-2.8.1~/sample-config/nrpe.cfg.in nagios-nrpe-2.8.1/sample-config/nrpe.cfg.in
+--- nagios-nrpe-2.8.1~/sample-config/nrpe.cfg.in	2008-04-15 23:53:48.000000000 +0200
+++ nagios-nrpe-2.8.1/sample-config/nrpe.cfg.in	2008-04-15 23:54:48.000000000 +0200
+@@ -211,3 +211,9 @@
+ # local configuration:
+ #	if you'd prefer, you can instead place directives here
+ include=/etc/nagios/nrpe_local.cfg
+
+# 
+# you can place your config snipplets into nrpe.d/
+# only snipplets ending in .cfg will get included
+include_dir=/etc/nagios/nrpe.d/
+
+
--- a/debian/patches/04_weird_output.dpatch
+++ b/debian/patches/04_weird_output.dpatch
@@ -0,0 +1,20 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04_weird_output.dpatch by  <luk@luknote>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Clean buffer before use
+
+@DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' pkg-nrpe~/src/nrpe.c pkg-nrpe/src/nrpe.c
+--- pkg-nrpe~/src/nrpe.c	2012-04-30 09:36:53.000000000 +0200
+++ pkg-nrpe/src/nrpe.c	2012-04-30 09:52:47.890535825 +0200
+@@ -1107,6 +1107,9 @@
+ 	/* disable connection alarm - a new alarm will be setup during my_system */
+ 	alarm(0);
+ 
+	// null buffer before using it!
+	memset(buffer,0,sizeof(buffer));
+
+ 	/* if this is the version check command, just spew it out */
+ 	if(!strcmp(command_name,NRPE_HELLO_COMMAND)){
+ 
--- a/debian/patches/05_pid_privileges.dpatch
+++ b/debian/patches/05_pid_privileges.dpatch
@@ -0,0 +1,27 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 05_pid_privileges.dpatch by  <luk@luknote>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' pkg-nrpe~/src/nrpe.c pkg-nrpe/src/nrpe.c
+--- pkg-nrpe~/src/nrpe.c	2014-05-23 20:42:27.000000000 +0200
+++ pkg-nrpe/src/nrpe.c	2014-07-15 14:09:45.027422047 +0200
+@@ -317,13 +317,13 @@
+ 		/* log info to syslog facility */
+ 		syslog(LOG_NOTICE,"Starting up daemon");
+ 
+		/* drop privileges */
+		drop_privileges(nrpe_user,nrpe_group);
+
+ 		/* write pid file */
+ 		if(write_pid_file()==ERROR)
+ 			return STATE_CRITICAL;
+ 
+-		/* drop privileges */
+-		drop_privileges(nrpe_user,nrpe_group);
+-
+ 		/* make sure we're not root */
+ 		check_privileges();
+ 
--- a/debian/patches/06_pid_directory.dpatch
+++ b/debian/patches/06_pid_directory.dpatch
@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04_pid_directory.dpatch by Alexander Wirt <formorer@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad nagios-nrpe-2.8.1~/sample-config/nrpe.cfg.in nagios-nrpe-2.8.1/sample-config/nrpe.cfg.in
+--- nagios-nrpe-2.8.1~/sample-config/nrpe.cfg.in	2007-03-09 19:08:58.000000000 +0100
+++ nagios-nrpe-2.8.1/sample-config/nrpe.cfg.in	2009-07-06 07:43:09.000000000 +0200
+@@ -16,7 +16,7 @@
+ # number.  The file is only written if the NRPE daemon is started by the root
+ # user and is running in standalone mode.
+ 
+-pid_file=/var/run/nrpe.pid
+pid_file=/var/run/nagios/nrpe.pid
+ 
+ 
+ 
--- a/debian/patches/07_warn_ssloption.dpatch
+++ b/debian/patches/07_warn_ssloption.dpatch
@@ -0,0 +1,30 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 07_warn_ssloption.dpatch by Thijs Kinkhorst <thijs@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Warn against inadequateness of NRPE's own SSL option.
+
+--- a/SECURITY	2013-02-10 15:07:18.000000000 +0100
+++ b/SECURITY	2013-02-10 15:08:50.000000000 +0100
+@@ -67,14 +67,17 @@
+ ----------
+ 
+ If you do enable support for command arguments in the NRPE daemon,
+-make sure that you encrypt communications either by using:
+-
+-   1.  Stunnel (see http://www.stunnel.org for more info)
+-   2.  Native SSL support
+make sure that you encrypt communications either by using, for
+example, Stunnel (see http://www.stunnel.org for more info).
+ 
+ Do NOT assume that just because the daemon is behind a firewall
+ that you are safe!  Always encrypt NRPE traffic!
+ 
+NOTE: the currently shipped native SSL support of NRPE is not an
+adequante protection, because it does not verify clients and
+server, and uses pregenerated key material. NRPE's SSL option is
+advised against. For more information, see Debian bug #547092.
+
+ 
+ USING ARGUMENTS
+ ---------------
--- a/debian/patches/09_noremove_pid.dpatch
+++ b/debian/patches/09_noremove_pid.dpatch
@@ -0,0 +1,34 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 09_noremove_pid.dpatch by  <simon.deziel@gmail.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Do not remove the PID file after a connection error (original patch 
+## DP: from Hiren Patel)
+
+# Author: Hiren Patel
+# From: http://comments.gmane.org/gmane.network.nagios.devel/6774
+# Bug-Debian: #716949
+# Bug-Ubuntu: https://launchpad.net/bugs/1126890
+
+@DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' pkg-nrpe~/src/nrpe.c pkg-nrpe/src/nrpe.c
+--- pkg-nrpe~/src/nrpe.c	2014-07-15 14:20:02.000000000 +0200
+++ pkg-nrpe/src/nrpe.c	2014-07-15 14:20:55.775429979 +0200
+@@ -998,7 +998,7 @@
+ 						/* close socket prioer to exiting */
+ 						close(sock);
+ 			
+-						return;
+                        exit(STATE_CRITICAL);
+ 						}
+ 
+ 					/* handle signals */
+@@ -1022,7 +1022,7 @@
+ 				        /* close socket prior to exiting */
+ 						close(new_sd);
+ 
+-						return;
+                        exit(STATE_CRITICAL);
+ 						}
+ 
+ 					/* is this is a blessed machine? */