Date: Thu, 16 Feb 2017 14:51:05 +0000 (UTC) From: Guido Falsi <madpilot@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r434215 - in head/net/ntopng: . files Message-ID: <201702161451.v1GEp5Yd068420@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: madpilot Date: Thu Feb 16 14:51:05 2017 New Revision: 434215 URL: https://svnweb.freebsd.org/changeset/ports/434215 Log: - Correct GeoIP update script - Install GeoIP update script only when GEOIP option is enabled - Add deinstall script to cleanup GeoIP dat file downloaded with the provided script - Fix startup script REQUIREs - Move -e argument to end of command line as suggested by upstream to avoid conflicts with other user provided options - Remove reference to unspecified security vulnerabilities in pkg-message, leaving a generic suggestion to protect public services - While here reword pkg-message and add suggestion on how to provide a configuration file to ntopng Thanks to Simone Mainardi <mainardi at ntop.org> (upstream developer) for his suggesting most of the above changes and his help. Added: head/net/ntopng/files/pkg-deinstall.in (contents, props changed) Modified: head/net/ntopng/Makefile head/net/ntopng/files/ntopng-geoipupdate.sh.in head/net/ntopng/files/ntopng.in head/net/ntopng/pkg-message head/net/ntopng/pkg-plist Modified: head/net/ntopng/Makefile ============================================================================== --- head/net/ntopng/Makefile Thu Feb 16 14:34:06 2017 (r434214) +++ head/net/ntopng/Makefile Thu Feb 16 14:51:05 2017 (r434215) @@ -3,6 +3,7 @@ PORTNAME= ntopng PORTVERSION= 2.4.2017.01.20 +PORTREVISION= 1 CATEGORIES= net MAINTAINER= madpilot@FreeBSD.org @@ -21,7 +22,7 @@ LIB_DEPENDS= librrd.so:databases/rrdtool GNU_CONFIGURE= yes USE_LDCONFIG= yes USES= autoreconf cpe gmake libtool localbase mysql pathfix pkgconfig sqlite -SUB_FILES= ntopng-geoipupdate.sh +SUB_FILES= ntopng-geoipupdate.sh pkg-deinstall USERS= ntopng GROUPS= ntopng @@ -34,6 +35,9 @@ CPE_VENDOR= ntop OPTIONS_DEFINE= GEOIP NLS OPTIONS_DEFAULT= GEOIP + +OPTIONS_SUB= yes + GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP NLS_USES= gettext @@ -45,6 +49,8 @@ post-patch: post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/ntopng + +post-install-GEOIP-on: ${INSTALL_SCRIPT} ${WRKDIR}/ntopng-geoipupdate.sh ${STAGEDIR}${PREFIX}/bin .include <bsd.port.mk> Modified: head/net/ntopng/files/ntopng-geoipupdate.sh.in ============================================================================== --- head/net/ntopng/files/ntopng-geoipupdate.sh.in Thu Feb 16 14:34:06 2017 (r434214) +++ head/net/ntopng/files/ntopng-geoipupdate.sh.in Thu Feb 16 14:51:05 2017 (r434215) @@ -1,7 +1,7 @@ #!/bin/sh set -eu -mkdir -p %%DATADIR%%/httpdocs/geoip +mkdir -p "%%DATADIR%%/httpdocs/geoip" # arguments: # $1 URL @@ -9,11 +9,11 @@ mkdir -p %%DATADIR%%/httpdocs/geoip _fetch() { url="$1" out="$2" - TEMPFILE="$(mktemp "%%DATADIR%%"/httpdocs/geoip/GeoIP.dat-XXXXXX)" + TEMPFILE="$(mktemp "%%DATADIR%%/httpdocs/geoip/GeoIP.dat-XXXXXX")" trap 'rc=$? ; set +e ; rm -f "'"$TEMPFILE"'" ; exit $rc' 0 if fetch -o - "$url" | gunzip >> "$TEMPFILE" ; then chmod 444 "$TEMPFILE" - if ! mv -f "$TEMPFILE" "%%DATADIR%%"/"$2" ; then + if ! mv -f "$TEMPFILE" "%%DATADIR%%/$2" ; then echo "Unable to replace %%DATADIR%%/$2" return 2 fi Modified: head/net/ntopng/files/ntopng.in ============================================================================== --- head/net/ntopng/files/ntopng.in Thu Feb 16 14:34:06 2017 (r434214) +++ head/net/ntopng/files/ntopng.in Thu Feb 16 14:51:05 2017 (r434215) @@ -3,7 +3,7 @@ # $FreeBSD$ # # PROVIDE: ntopng -# REQUIRE: DAEMON +# REQUIRE: LOGIN netif # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf to enable ntopng: @@ -34,7 +34,7 @@ user_path=%%PREFIX%%/etc/ntopng-users.co start_precmd=ntopng_precmd command=%%PREFIX%%/bin/ntopng -command_args="-e -U ntopng -G ${ntopng_pidfile} -1 ${httpdocs_path} -2 ${scripts_path} -3 ${callbacks_path}" +command_args="-U ntopng -G ${ntopng_pidfile} -1 ${httpdocs_path} -2 ${scripts_path} -3 ${callbacks_path} -e" ntopng_precmd() { Added: head/net/ntopng/files/pkg-deinstall.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/ntopng/files/pkg-deinstall.in Thu Feb 16 14:51:05 2017 (r434215) @@ -0,0 +1,11 @@ +#!/bin/sh +# +# $FreeBSD$ + +[ "$2" != "DEINSTALL" ] && exit 0 + +[ -f "%%DATADIR%%/GeoLiteCity.dat" ] && /bin/rm "%%DATADIR%%/GeoLiteCity.dat" +[ -f "%%DATADIR%%/GeoLiteCityv6.dat" ] && /bin/rm "%%DATADIR%%/GeoLiteCityv6.dat" +[ -f "%%DATADIR%%/GeoIPASNum.dat.gz" ] && /bin/rm "%%DATADIR%%/GeoIPASNum.dat.gz" +[ -f "%%DATADIR%%/GeoIPASNumv6.dat.gz" ] && /bin/rm "%%DATADIR%%/GeoIPASNumv6.dat.gz" +[ -d "%%DATADIR%%/httpdocs/geoip" ] && /usr/bin/find "%%DATADIR%%/httpdocs/geoip" -type d -empty -delete Modified: head/net/ntopng/pkg-message ============================================================================== --- head/net/ntopng/pkg-message Thu Feb 16 14:34:06 2017 (r434214) +++ head/net/ntopng/pkg-message Thu Feb 16 14:51:05 2017 (r434215) @@ -1,14 +1,18 @@ ---------------------------------------------------------------------------- WARNING: -In the past, ntop has been the subject of repeated security vulner- -abilities, particularly relating to its web interface. It is strongly -suggested that you protect your ntop web interface via packet filters -or TCP wrappers. +ntopng runs a web interface service by default, it is suggested to protect +such network accessible services with packet filters or TCP wrappers. -Please install redis server from databases/redis or use -r to specify -a remote one. +ntopng requires to connect to a redis server to work. Please install redis +server from databases/redis or use -r option via ntopng_flags to specify a +remote one. -Please use ntopng-geoipupdate.sh to update GeoIP database to the -latest. +If you enabled GeoIP support(the default), please use ntopng-geoipupdate.sh +to update GeoIP database to the latest available data. + +To pass a configuration file to ntopng, which overrides any command +line arguments, add something like the following to rc.conf: + +ntopng_flags="/path/to/file.conf" ---------------------------------------------------------------------------- Modified: head/net/ntopng/pkg-plist ============================================================================== --- head/net/ntopng/pkg-plist Thu Feb 16 14:34:06 2017 (r434214) +++ head/net/ntopng/pkg-plist Thu Feb 16 14:51:05 2017 (r434215) @@ -1,5 +1,5 @@ bin/ntopng -bin/ntopng-geoipupdate.sh +%%GEOIP%%bin/ntopng-geoipupdate.sh man/man8/ntopng.8.gz %%DATADIR%%/httpdocs/bootstrap/css/bootstrap-theme.css %%DATADIR%%/httpdocs/bootstrap/css/bootstrap-theme.css.map
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201702161451.v1GEp5Yd068420>