Summary: Nagios remote plugin execution service/plugin
Summary(pl.UTF-8): Demon i wtyczka zdalnego wywoływania wtyczek Nagios
Name: nagios-nrpe
-Version: 2.14
-Release: 1
+Version: 2.15
+Release: 7
License: GPL v2
Group: Networking
Source0: http://downloads.sourceforge.net/nagios/nrpe-%{version}.tar.gz
-# Source0-md5: 105857720e21674083a6d6be99e102c7
+# Source0-md5: 3921ddc598312983f604541784b35a50
Source1: nrpe.init
Source2: nrpe-command.cfg
Source3: %{name}.tmpfiles
+Source4: commands.cfg
Patch0: %{name}-config.patch
Patch1: nrpe_check_control.patch
+Patch2: CVE-2014-2913-nasty-metacharacters.patch
URL: http://www.nagios.org/
BuildRequires: openssl-devel
BuildRequires: openssl-tools
BuildRequires: rpmbuild(macros) >= 1.647
Requires(post,preun): /sbin/chkconfig
Requires: nagios-common
-Requires: rc-scripts
+Requires: rc-scripts >= 0.4.1.26
Provides: nagios-core
Obsoletes: netsaint-nrpe
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define nsport 5666
%description
-NRPE is an addon for Nagios that allows you to execute "local" plugins
-(like check_disk, check_procs, etc.) on remote hosts. The check_nrpe
-plugin is called from Nagios and makes plugin execution requests to
-the NRPE daemon running on the remote host (either as a standalone
-daemon or as a service under inetd). Supports passing command
-arguments to server, as well as native SSL/TLS encryption (anonymous
-DH mode).
+NPRE (Nagios Remote Plugin Executor) is a system daemon that will
+execute various Nagios plugins locally on behalf of a remote
+(monitoring) host that uses the check_nrpe plugin.
%description -l pl.UTF-8
NRPE to dodatek do Nagiosa pozwalający na wywoływanie "lokalnych"
Obsoletes: nagios-nrpe-plugin < 2.12-6
%description -n nagios-plugin-check_nrpe
-check_nrpe plugin for Nagios. This plugin allows running plugins on
-remote machines using nrpe service.
+The check_nrpe plugin is called from Nagios and makes plugin execution
+requests to the NRPE daemon running on the remote host. Supports
+passing command arguments to server, as well as native SSL/TLS
+encryption (anonymous DH mode).
%description -n nagios-plugin-check_nrpe -l pl.UTF-8
Wtyczka check_nrpe dla Nagiosa. Pozwala na zdalne uruchamianie wtyczek
%undos contrib/nrpe_check_control.c
%patch0 -p1
%patch1 -p1
+%patch2 -p1
%build
%configure \
--with-nrpe-user=nagios \
--with-nrpe-group=nagios \
--enable-ssl \
+ --with-ssl-lib=%{_libdir} \
--enable-command-args
%{__make} all
$RPM_BUILD_ROOT%{systemdtmpfilesdir}
cp -p sample-config/nrpe.cfg $RPM_BUILD_ROOT%{_sysconfdir}/nrpe.cfg
+cp -p %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/nrpe.d
sed -e 's,@plugindir@,%{_plugindir},' %{SOURCE2} > $RPM_BUILD_ROOT%{_sysconfdir}/plugins/check_nrpe.cfg
install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/nrpe
install -p src/nrpe $RPM_BUILD_ROOT%{_sbindir}
/sbin/chkconfig --del nrpe
fi
+%triggerpostun -- %{name} < 2.15-5
+# skip *this* trigger on downgrade
+[ $1 -le 1 ] && exit 0
+
+# ensure there's include_dir directive
+if ! grep -q '^include_dir=%{_sysconfdir}/nrpe.d' %{_sysconfdir}/nrpe.cfg; then
+ echo 'include_dir=%{_sysconfdir}/nrpe.d' >> %{_sysconfdir}/nrpe.cfg
+fi
+
+# check if need to migrate
+grep -q '^command\[' %{_sysconfdir}/nrpe.cfg || exit 0
+
+# move command definitions to separate file
+mv -f %{_sysconfdir}/nrpe.d/commands.cfg{,.rpmnew}
+grep '^command\[' %{_sysconfdir}/nrpe.cfg > %{_sysconfdir}/nrpe.d/commands.cfg
+cp -f %{_sysconfdir}/nrpe.cfg{,.rpmsave}
+sed -i -e '/^command\[/d' %{_sysconfdir}/nrpe.cfg
+
+%service nrpe restart
+
%triggerpostun -- %{name} < 2.6-1.1
%{__sed} -i -e 's,/var/run/nrpe.pid,/var/run/nrpe/nrpe.pid,' %{_sysconfdir}/nrpe.cfg
%doc Changelog LEGAL README* SECURITY
%attr(640,root,nagios) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nrpe.cfg
%attr(750,root,nagios) %dir %{_sysconfdir}/nrpe.d
+%attr(640,root,nagios) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nrpe.d/commands.cfg
%attr(755,root,root) %{_sbindir}/nrpe
%attr(754,root,root) /etc/rc.d/init.d/nrpe
%dir %attr(775,root,nagios) /var/run/nrpe