+++ /dev/null
-# This should get removed whenever 2.16 is released, assuming it has the fix
-# included. http://seclists.org/oss-sec/2014/q2/129. There's not upstream
-# concensus that quoting arguments in a mode which is widely agreed upon to be
-# risky so track upstream discussions here, too.
-
-diff --git b/src/nrpe.c a/src/nrpe.c
-index 381f0ac..ad1e05d 100644
---- b/src/nrpe.c
-+++ a/src/nrpe.c
-@@ -53,7 +53,7 @@ int use_ssl=FALSE;
-
- #define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */
- #define MAXFD 64
--#define NASTY_METACHARS "|`&><'\"\\[]{};"
-+#define NASTY_METACHARS "|`&><'\"\\[]{};\n"
- #define howmany(x,y) (((x)+((y)-1))/(y))
- #define MAX_LISTEN_SOCKS 16
-
# The following examples use hardcoded command arguments...
-#command[check_users]=/usr/lib/nagios/check_users -w 5 -c 10
-#command[check_load]=/usr/lib/nagios/check_load -w 15,10,5 -c 30,25,20
-#command[check_hda1]=/usr/lib/nagios/check_disk -w 20% -c 10% -p /dev/hda1
-#command[check_zombie_procs]=/usr/lib/nagios/check_procs -w 5 -c 10 -s Z
-#command[check_total_procs]=/usr/lib/nagios/check_procs -w 150 -c 200
+command[check_users]=@pluginsdir@/check_users -w 5 -c 10
+command[check_load]=@pluginsdir@/check_load -w 15,10,5 -c 30,25,20
+command[check_hda1]=@pluginsdir@/check_disk -w 20% -c 10% -p /dev/hda1
+command[check_zombie_procs]=@pluginsdir@/check_procs -w 5 -c 10 -s Z
+command[check_total_procs]=@pluginsdir@/check_procs -w 150 -c 200
# The following examples allow user-supplied arguments and can
# config file is set to '1'. This poses a potential security risk, so
# make sure you read the SECURITY file before doing this.
-#command[check_users]=/usr/lib/nagios/check_users -w $ARG1$ -c $ARG2$
-#command[check_load]=/usr/lib/nagios/check_load -w $ARG1$ -c $ARG2$
-#command[check_disk]=/usr/lib/nagios/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
-#command[check_procs]=/usr/lib/nagios/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
+#command[check_users]=@pluginsdir@/check_users -w $ARG1$ -c $ARG2$
+#command[check_load]=@pluginsdir@/check_load -w $ARG1$ -c $ARG2$
+#command[check_disk]=@pluginsdir@/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
+#command[check_procs]=@pluginsdir@/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
---- nrpe-2.12/sample-config/nrpe.cfg.in 2012-01-04 17:57:22.907296034 +0200
-+++ nrpe-2.15/sample-config/nrpe.cfg.in 2015-05-25 15:40:07.747598382 +0300
+--- nrpe-3.0.orig/sample-config/nrpe.cfg.in 2016-07-12 23:24:40.000000000 +0300
++++ nrpe-3.0/sample-config/nrpe.cfg.in 2016-09-07 15:46:35.913180521 +0300
@@ -23,7 +23,7 @@
# number. The file is only written if the NRPE daemon is started by the root
# user and is running in standalone mode.
--pid_file=/var/run/nrpe.pid
+-pid_file=@piddir@/nrpe.pid
+pid_file=/var/run/nrpe/nrpe.pid
-@@ -169,8 +169,7 @@
+@@ -257,47 +257,8 @@
# This directive allows you to include definitions from config files (with a
# .cfg extension) in one or more directories (with recursion).
+include_dir=/etc/nagios/nrpe.d
-
-@@ -195,41 +194,2 @@
--
-
-# COMMAND DEFINITIONS
-# Command definitions that this daemon will run. Definitions
-
-# The following examples use hardcoded command arguments...
-
--command[check_users]=@libexecdir@/check_users -w 5 -c 10
--command[check_load]=@libexecdir@/check_load -w 15,10,5 -c 30,25,20
--command[check_hda1]=@libexecdir@/check_disk -w 20% -c 10% -p /dev/hda1
--command[check_zombie_procs]=@libexecdir@/check_procs -w 5 -c 10 -s Z
--command[check_total_procs]=@libexecdir@/check_procs -w 150 -c 200
+-command[check_users]=@pluginsdir@/check_users -w 5 -c 10
+-command[check_load]=@pluginsdir@/check_load -w 15,10,5 -c 30,25,20
+-command[check_hda1]=@pluginsdir@/check_disk -w 20% -c 10% -p /dev/hda1
+-command[check_zombie_procs]=@pluginsdir@/check_procs -w 5 -c 10 -s Z
+-command[check_total_procs]=@pluginsdir@/check_procs -w 150 -c 200
-
-
-# The following examples allow user-supplied arguments and can
--# only be used if the NRPE daemon was compiled with support for
+-# only be used if the NRPE daemon was compiled with support for
-# command arguments *AND* the dont_blame_nrpe directive in this
-# config file is set to '1'. This poses a potential security risk, so
-# make sure you read the SECURITY file before doing this.
-
--#command[check_users]=@libexecdir@/check_users -w $ARG1$ -c $ARG2$
--#command[check_load]=@libexecdir@/check_load -w $ARG1$ -c $ARG2$
--#command[check_disk]=@libexecdir@/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
--#command[check_procs]=@libexecdir@/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
+-#command[check_users]=@pluginsdir@/check_users -w $ARG1$ -c $ARG2$
+-#command[check_load]=@pluginsdir@/check_load -w $ARG1$ -c $ARG2$
+-#command[check_disk]=@pluginsdir@/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
+-#command[check_procs]=@pluginsdir@/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
+# NOTE:
+# In PLD Linux, command definitions are in file /etc/nagios/nrpe.d/commands.cfg
Summary: Nagios remote plugin execution service/plugin
Summary(pl.UTF-8): Demon i wtyczka zdalnego wywoływania wtyczek Nagios
Name: nagios-nrpe
-Version: 2.15
-Release: 7
+Version: 3.0
+Release: 1
License: GPL v2
Group: Networking
Source0: http://downloads.sourceforge.net/nagios/nrpe-%{version}.tar.gz
-# Source0-md5: 3921ddc598312983f604541784b35a50
+# Source0-md5: e2e8e0bcd9a3924b0ea94e76500f147b
Source1: nrpe.init
Source2: nrpe-command.cfg
Source3: %{name}.tmpfiles
Source4: commands.cfg
Patch0: %{name}-config.patch
Patch1: nrpe_check_control.patch
-Patch2: CVE-2014-2913-nasty-metacharacters.patch
URL: http://www.nagios.org/
BuildRequires: openssl-devel
BuildRequires: openssl-tools
%undos contrib/nrpe_check_control.c
%patch0 -p1
%patch1 -p1
-%patch2 -p1
%build
%configure \
%files
%defattr(644,root,root,755)
-%doc Changelog LEGAL README* SECURITY
+%doc Changelog LEGAL README* SECURITY.md
%attr(640,root,nagios) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nrpe.cfg
%attr(750,root,nagios) %dir %{_sysconfdir}/nrpe.d
%attr(640,root,nagios) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nrpe.d/commands.cfg