Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package icingaweb2 for openSUSE:Factory checked in at 2023-10-02 20:04:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/icingaweb2 (Old) and /work/SRC/openSUSE:Factory/.icingaweb2.new.28202 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "icingaweb2" Mon Oct 2 20:04:21 2023 rev:36 rq:1113015 version:2.12.0 Changes: -------- --- /work/SRC/openSUSE:Factory/icingaweb2/icingaweb2.changes 2023-07-04 15:24:02.150802709 +0200 +++ /work/SRC/openSUSE:Factory/.icingaweb2.new.28202/icingaweb2.changes 2023-10-02 20:05:12.336083904 +0200 @@ -1,0 +2,17 @@ +Fri Sep 22 11:11:44 UTC 2023 - ecsos <ecsos@opensuse.org> + +- Update to 2.12.0 + - Support for PHP 8.2 #4918 + - Support for Content-Security-Policy #4528 + - Allow to initiate a refresh with __REFRESH__ #5108 + - Don't refresh twice upon __CLOSE__ #5106 + - Add event column-moved #5049 + - Add copy-to-clipboard behavior #5041 + - Access Oracle Database via tnsnames.ora / LDAP Naming Services #5062 + - Reduce risk of crashing the x509 collector daemon #5115 + - CSV export does not escape double quotes #4910 + * Full changelog see: + https://github.com/Icinga/icingaweb2/milestone/79?closed=1 +- Massive changes in spec needed. + +------------------------------------------------------------------- Old: ---- icingaweb2-2.11.4.tar.gz New: ---- icingaweb2-2.12.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ icingaweb2.spec ++++++ --- /var/tmp/diff_new_pack.GP1IAb/_old 2023-10-02 20:05:13.608129650 +0200 +++ /var/tmp/diff_new_pack.GP1IAb/_new 2023-10-02 20:05:13.608129650 +0200 @@ -2,7 +2,6 @@ # spec file for package icingaweb2 # # Copyright (c) 2023 SUSE LLC -# Copyright (c) 2013-2017 Icinga Development Team | GPLv2+ # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,496 +16,186 @@ # -%define revision 1 - +%define php_major_version 8 Name: icingaweb2 -Version: 2.11.4 -Release: %{revision}%{?dist} -Summary: Icinga Web 2 -License: BSD-3-Clause AND GPL-2.0-or-later AND MIT +Version: 2.12.0 +Release: 0 +Summary: Icinga Web +License: GPL-2.0-or-later Group: System/Monitoring URL: https://icinga.com Source0: https://github.com/Icinga/icingaweb2/archive/v%{version}/%{name}-%{version}.tar.gz -Source1: %{name}-additions.tar.gz +Source1: icingaweb2-additions.tar.gz Source10: %{name}-php-fpm.conf Source90: README.SUSE Source99: %{name}-rpmlintrc -BuildArch: noarch -BuildRoot: %{_tmppath}/%{name}-%{version}-build - -%if 0%{?fedora} || 0%{?rhel} || 0%{?amzn} -%if 0%{?rhel} == 7 -%define php_scl rh-php73 -%endif - -%if 0%{?el5}%{?el6}%{?amzn} -%define use_selinux 0 -%else -%define use_selinux 1 -%endif - -%if 0%{?php_scl:1} -%define php_scl_prefix %{php_scl}- -%define php_runtime %{php_scl_prefix}php-fpm -%define php_bin /opt/rh/%{php_scl}/root/usr/bin/php -%define php_fpm 1 -%else -%define php_runtime %{php} -%endif - -%define php %{?php_scl_prefix}php -%define php_cli %{php}-cli -%define php_common %{php}-common -%define wwwconfigdir %{_sysconfdir}/httpd/conf.d -%define wwwuser apache - -# extra requirements on RHEL -Requires: %{php}-ldap -Requires: %{php}-mysqlnd -Requires: %{php}-pgsql -%endif - -# minimum required PHP version -%define php_version 7.3.0 - -# unsupported PHP version -%define php_unsupported_version 8.2 - -%if 0%{?suse_version} -%define wwwconfigdir %{_sysconfdir}/apache2/conf.d -%define wwwuser wwwrun -%define php php -##%%define php_major_version %%(php -r "echo PHP_MAJOR_VERSION;") -%define php_major_version 8 -%define php_runtime mod_php_any -%define php_common %{php} -%define php_cli %{php} -# extra requirements on openSUSE -BuildRequires: fdupes -BuildRequires: gettext-tools -BuildRequires: php -BuildRequires: config(krb5) -Requires: %{php}-ldap -Requires: %{php}-mysql -Requires: %{php}-pgsql -# conflict with older PHP on SLES and openSUSE -Conflicts: php < %{php_version} -Conflicts: php5 < %{php_version} -Conflicts: php53 -%endif - -%{?amzn:Requires(pre): shadow-utils} -%{?fedora:Requires(pre): shadow-utils} -%{?rhel:Requires(pre): shadow-utils} -%{?suse_version:Requires(pre): pwdutils} - -Requires: %{php_common} >= %{php_version} -%if 0%{?suse_version} -BuildRequires: php%{php_major_version}-fpm -Requires: (mod_php_any >= %{php_version} or php-fpm) -%else -Requires: %{php_runtime} >= %{php_version} -Conflicts: %{php_runtime} >= %{php_unsupported_version} -%endif - -%if 0%{?suse_version} +BuildRequires: apache2 +BuildRequires: nagios-rpm-macros Requires: apache2 -%endif - -Requires: %{name}-common = %{version}-%{release} -Requires: %{name}-vendor-HTMLPurifier = %{version}-%{release} -Requires: %{name}-vendor-JShrink = %{version}-%{release} -Requires: %{name}-vendor-Parsedown = %{version}-%{release} -Requires: %{name}-vendor-dompdf = %{version}-%{release} -Requires: %{name}-vendor-lessphp = %{version}-%{release} Requires: icinga-l10n >= 1.1.0 -Requires: icinga-php-library >= 0.9.0 -Requires: icinga-php-thirdparty >= 0.11.0 -Requires: icingacli = %{version}-%{release} -Requires: php-Icinga = %{version}-%{release} - -%define basedir %{_datadir}/%{name} -%define bindir %{_bindir} -%define storagedir %{_sharedstatedir}/%{name} -%define configdir %{_sysconfdir}/%{name} -%define logdir %{_localstatedir}/log/%{name} -%define phpdir %{_datadir}/php -%define icingawebgroup icingaweb2 -%define docsdir %{_datadir}/doc/%{name} +Requires: icingacli = %{version} +Requires: icingaweb2-common = %{version} +Requires: php-icinga = %{version} +Requires: (mod_php_any or php-fpm) +Recommends: icingaweb2-module-pdfexport +BuildArch: noarch %description -Icinga Web 2 is the monitoring web interface for icinga2. - -It comes with a completely new design and many user-friendly enhancements to -find the relevant information even faster. +Lightweight and extensible web interface to tackle your monitoring challenge. %package common -Summary: Common files for Icinga Web 2 and the Icinga CLI -License: BSD-3-Clause AND GPL-2.0-or-later AND MIT -Group: System/Monitoring -%{?amzn:Requires(pre): shadow-utils} -%{?fedora:Requires(pre): shadow-utils} -%{?rhel:Requires(pre): shadow-utils} -%{?suse_version:Requires(pre): pwdutils} -%if 0%{?suse_version} > 1320 +Summary: Common files for Icinga Web and the Icinga CLI PreReq: permissions -Requires(pre): system-user-wwwrun -%endif +Requires(pre): shadow %description common -Common files for Icinga Web 2 and the Icinga CLI. - -%package php-fpm -Summary: PHP FPM configuration for %{name} -Group: Productivity/Networking/Web/Utilities -%requires_eq %{php_major_version}-fpm >= %{php_version} -#Requires: %%{name}-apparmor -Requires: %{name} = %{version} - -%description php-fpm -This package contains the PHP FPM configuration file to run %{name} with php-fpm. - -%package -n php-Icinga -Summary: Icinga Web 2 PHP library -License: BSD-3-Clause AND GPL-2.0-or-later AND MIT -Group: Development/Libraries/Other -Requires: %{php_common} >= %{php_version} -Requires: %{php}-gd %{php}-intl %{php}-mbstring -%if 0%{?sle_version} >= 150200 -Requires: %{php}-dom %{php}-curl %{php}-fileinfo -%endif -%{?rhel:Requires: %{php}-pdo %{php}-xml} -%if 0%{?rhel} >= 8 || 0%{?fedora} >= 30 -Requires: %{php}-json -%endif rhel >= 8 || fedora >= 30 -Requires: %{name}-vendor-zf1 = %{version}-%{release} -%{?amzn:Requires: %{php}-pecl-imagick} -%{?fedora:Requires: php-pecl-imagick} -%{?suse_version:Requires: %{php}-gettext %{php}-json %{php}-openssl %{php}-posix %{php}-ctype %{php}-pdo %{php}-xml %{php}-imagick %{php}-curl %{php}-fileinfo %{php}-dom} - -%description -n php-Icinga -Icinga Web 2 PHP library. +Manages common files for Icinga Web and the Icinga CLI. %package -n icingacli Summary: Icinga CLI -License: BSD-3-Clause AND GPL-2.0-or-later AND MIT -Group: System/Monitoring -Requires: %{name}-common = %{version}-%{release} -Requires: %{php_cli} >= %{php_version} Requires: bash-completion Requires: icinga-l10n >= 1.1.0 -Requires: icinga-php-library >= 0.9.0 -Requires: icinga-php-thirdparty >= 0.11.0 -Requires: php-Icinga = %{version}-%{release} -%if 0%{?suse_version} -# conflict with older PHP on SLES and openSUSE -Conflicts: php < %{php_version} -Conflicts: php5 < %{php_version} -Conflicts: php53 -Obsoletes: %{name}-icingacli < %{version} -Provides: %{name}-icingacli = %{version} -%endif +Requires: icingaweb2-common = %{version} +Requires: php-cli +Requires: php-icinga = %{version} %description -n icingacli -Icinga CLI. - - -%if 0%{?use_selinux} -%define selinux_variants mls targeted - -%package selinux -Summary: SELinux policy for Icinga Web 2 -License: BSD-3-Clause AND GPL-2.0-or-later AND MIT -Group: System/Base -BuildRequires: checkpolicy -BuildRequires: hardlink -BuildRequires: selinux-policy-devel -Requires: %{name} = %{version}-%{release} -Requires(post): policycoreutils -Requires(postun):policycoreutils - -%description selinux -SELinux policy for Icinga Web 2. -%endif - -%package vendor-dompdf -Summary: Icinga Web 2 vendor library dompdf -License: LGPL-2.1-only -Group: Development/Libraries/Other -Requires: %{name}-common = %{version}-%{release} -Requires: %{php_common} >= %{php_version} +Icinga command line interface. -%description vendor-dompdf -Icinga Web 2 vendor library dompdf. - -%package vendor-HTMLPurifier -Summary: Icinga Web 2 vendor library HTMLPurifier -License: LGPL-2.1-only -Group: Development/Libraries/Other -Requires: %{name}-common = %{version}-%{release} -Requires: %{php_common} >= %{php_version} -# Need because of wrong version in very old icingaweb2 packages -Obsoletes: %{name}-vendor-HTMLPurifier < %{version} -Obsoletes: %{name}-vendor-HTMLPurifier > %{version} - -%description vendor-HTMLPurifier -Icinga Web 2 vendor library HTMLPurifier. - -%package vendor-JShrink -Summary: Icinga Web 2 vendor library JShrink -License: BSD-3-Clause -Group: Development/Libraries/Other -Requires: %{name}-common = %{version}-%{release} -Requires: %{php_common} >= %{php_version} - -%description vendor-JShrink -Icinga Web 2 vendor library JShrink. - -%package vendor-lessphp -Summary: Icinga Web 2 vendor library lessphp -License: MIT -Group: Development/Libraries/Other -Requires: %{name}-common = %{version}-%{release} -Requires: %{php_common} >= %{php_version} - -%description vendor-lessphp -Icinga Web 2 vendor library lessphp. - -%package vendor-Parsedown -Summary: Icinga Web 2 vendor library Parsedown -License: MIT -Group: Development/Libraries/Other -Requires: %{name}-common = %{version}-%{release} -Requires: %{php_common} >= %{php_version} +%package php-fpm +Summary: PHP FPM configuration for %{name} +Group: Productivity/Networking/Web/Utilities +BuildRequires: php%{php_major_version}-fpm +Requires: %{name} = %{version} +%requires_eq %{php_major_version}-fpm >= %{php_version} -%description vendor-Parsedown -Icinga Web 2 vendor library Parsedown. +%description php-fpm +This package contains the PHP FPM configuration file to run %{name} with php-fpm. -%package vendor-zf1 -Summary: Icinga Web 2's fork of Zend Framework 1 -License: BSD-3-Clause +%package -n php-icinga +Summary: Icinga Web PHP library Group: Development/Libraries/Other -Requires: %{php_common} >= %{php_version} -Obsoletes: %{name}-vendor-Zend < 1.12.20 -Provides: %{name}-vendor-Zend = %{version} -Requires: %{name}-common = %{version}-%{release} +Requires: icinga-php-library >= 0.13.0 +Requires: icinga-php-thirdparty >= 0.12.0 +Requires: php-curl +Requires: php-dom +Requires: php-fileinfo +Requires: php-gd +Requires: php-gettext +Requires: php-intl +Requires: php-json +Requires: php-ldap +Requires: php-mbstring +Requires: php-openssl +Requires: php-pdo +Requires: php-pdo_mysql +Requires: php-pdo_pgsql +Requires: php-posix +Requires: php-xml +Obsoletes: php-Icinga < %{version} +Provides: php-Icinga = %{version} +Obsoletes: icingaweb2-vendor-HTMLPurifier < %{version} +Provides: icingaweb2-vendor-HTMLPurifier = %{version} +Obsoletes: icingaweb2-vendor-JShrink < %{version} +Provides: icingaweb2-vendor-JShrink = %{version} +Obsoletes: icingaweb2-vendor-Parsedown < %{version} +Provides: icingaweb2-vendor-Parsedown = %{version} +Obsoletes: icingaweb2-vendor-dompdf < %{version} +Provides: icingaweb2-vendor-dompdf = %{version} +Obsoletes: icingaweb2-vendor-lessphp < %{version} +Provides: icingaweb2-vendor-lessphp = %{version} +Obsoletes: icingaweb2-vendor-zf1 < %{version} +Provides: icingaweb2-vendor-zf1 = %{version} -%description vendor-zf1 -Icinga Web 2's fork of Zend Framework 1. +%description -n php-icinga +Icinga Web PHP and vendor libraries. %prep -%setup -q -n %{name}-%{version} -a 1 - -%if 0%{?use_selinux} -mkdir selinux -cp -p packages/selinux/icingaweb2.{fc,if,te} selinux -%endif -%if 0%{?suse_version} -# rpmlint -find . -type f "(" -name "*.css" -o -name "*.html" -o -name "*.json" -o -name "*.svg" -o -name "*.txt" -o -name "README" ")" -exec chmod -x "{}" "+" -sed -i '1d' library/vendor/JShrink/SOURCE -%endif +%autosetup -a1 %build -%if 0%{?use_selinux} -cd selinux -for selinuxvariant in %{selinux_variants} -do - make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile - mv icingaweb2.pp icingaweb2.pp.${selinuxvariant} - make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean -done -cd - -%endif %install -rm -rf %{buildroot} -mkdir -p %{buildroot}/{%{basedir}/{modules,library/vendor,public},%{bindir},%{configdir}/{enabledModules,modules},%{storagedir},%{logdir},%{phpdir},%{wwwconfigdir},%{_datadir}/bash-completion/completions,%{docsdir}} -cp -prv application doc %{buildroot}/%{basedir} -cp -pv etc/bash_completion.d/icingacli %{buildroot}/%{_datadir}/bash-completion/completions/icingacli -cp -prv modules/{monitoring,setup,doc,translation,migrate} %{buildroot}/%{basedir}/modules -cp -prv library/Icinga %{buildroot}/%{phpdir} -cp -prv library/vendor/{dompdf,HTMLPurifier*,JShrink,lessphp,Parsedown,Zend} %{buildroot}/%{basedir}/library/vendor -cp -prv public/{css,font,img,js,error_norewrite.html,error_unavailable.html} %{buildroot}/%{basedir}/public -%if 0%{?php_fpm:1} -cp -pv packages/files/apache/icingaweb2.fpm.conf %{buildroot}/%{wwwconfigdir}/icingaweb2.conf -%else -cp -pv packages/files/apache/icingaweb2.conf %{buildroot}/%{wwwconfigdir}/icingaweb2.conf -%endif -cp -pv packages/files/bin/icingacli %{buildroot}/%{bindir} -%if 0%{?php_bin:1} -sed -i '1 s~#!.*~#!%{php_bin}~' %{buildroot}/%{bindir}/icingacli -%endif -sed -i 's|\/usr\/bin\/env php|\/usr\/bin\/php|g' %{buildroot}/%{basedir}/library/vendor/lessphp/bin/lessc -cp -pv packages/files/public/index.php %{buildroot}/%{basedir}/public -cp -prv schema %{buildroot}/%{docsdir} -cp -prv packages/files/config/modules/{setup,translation} %{buildroot}/%{configdir}/modules -%if 0%{?use_selinux} -cd selinux -for selinuxvariant in %{selinux_variants} -do - install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant} - install -p -m 644 icingaweb2.pp.${selinuxvariant} %{buildroot}%{_datadir}/selinux/${selinuxvariant}/icingaweb2.pp -done -cd - -# TODO: Fix build problems on Icinga, see https://github.com/Icinga/puppet-icinga_build/issues/11 -#/usr/sbin/hardlink -cv %%{buildroot}%%{_datadir}/selinux -%endif -%if 0%{?suse_version} +install -d %{buildroot}%{_datadir}/%{name} +cp -pr application doc library modules public schema %{buildroot}%{_datadir}/%{name} +install -dm 0770 %{buildroot}%{_sysconfdir}/%{name} +install -dm 2770 %{buildroot}%{_sysconfdir}/%{name}/enabledModules +install -dm 0770 %{buildroot}%{_sysconfdir}/%{name}/modules +install -Dpm 0644 etc/bash_completion.d/icingacli %{buildroot}%{_datadir}/bash-completion/completions/icingacli +cp -p additions/index.php %{buildroot}%{_datadir}/%{name}/public +install -d %{buildroot}%{_datadir}/php +mv %{buildroot}%{_datadir}/%{name}/library/Icinga %{buildroot}%{_datadir}/php +install -dm 770 %{buildroot}%{_localstatedir}/cache/%{name} %{buildroot}%{_localstatedir}/lib/%{name} +install -dm 775 %{buildroot}%{_localstatedir}/log/%{name} +install -Dpm 0644 additions/icingaweb2.conf %{buildroot}%{_sysconfdir}/apache2/conf.d/icingaweb2.conf +install -Dpm 0755 additions/icingacli %{buildroot}%{_bindir}/icingacli # fpm mkdir -p %{buildroot}%{_sysconfdir}/php%{php_major_version}/fpm/php-fpm.d cp -avL %{SOURCE10} %{buildroot}%{_sysconfdir}/php%{php_major_version}/fpm/php-fpm.d/%{name}.conf -# fdupes -%fdupes %{buildroot}/%{basedir}/library -%endif %pre -getent group icingacmd >/dev/null || groupadd -r icingacmd -%if 0%{?suse_version} && 0%{?suse_version} < 01200 -usermod -A icingacmd,%{icingawebgroup} %{wwwuser} -%else -usermod -a -G icingacmd,%{icingawebgroup} %{wwwuser} -%endif -exit 0 - -%post -# enable required apache modules -if [ -x %{_sbindir}/a2enmod ]; then - echo "Info: adding rewrite to APACHE_MODULES..." - %{_sbindir}/a2enmod rewrite >/dev/null || : -fi - -%post -n php-Icinga -# enable required apache modules -if [ -x %{_sbindir}/a2enmod ]; then - a2enmod -q version || a2enmod version - # get installed php_version (5 or 7) - # ap_mpm=$(awk '/Server MPM/ {print $3}' <<<$(start_apache2 -V)) - # php_version=$(awk -F[." "] '/cli/ {print $2}' <<< $(php -v)) - php_version=$(php -v | sed -n 's/^PHP\ \([[:digit:]]\+\)\..*$/\1/p') - if [[ -n ${php_version} ]] && start_apache2 -V | grep -q prefork; then - echo "Info: adding php${php_version} to APACHE_MODULES..." - a2enmod -q "php${php_version}" || a2enmod "php${php_version}" - fi -fi +getent group %icinga_command_group >/dev/null || groupadd -r %icinga_command_group +usermod -a -G %icinga_command_group,%icinga_webgroup %icinga_command_user + +%pre common +getent group %icinga_webgroup >/dev/null || groupadd -r %icinga_webgroup %verifyscript common -%verify_permissions -e %{configdir}/enabledModules +# TODO: Maybe the others are needed after all? +#%%verify_permissions -e %%{_sysconfdir}/%%{name} +%verify_permissions -e %{_sysconfdir}/%{name}/enabledModules +%verify_permissions -e %{_sysconfdir}/%{name}/modules +#%%verify_permissions -e %%{_localstatedir}/cache/%%{name} +#%%verify_permissions -e %%{_localstatedir}/lib/%%{name} +#%%verify_permissions -e %%{_localstatedir}/log/%%{name} %post common -%set_permissions %{configdir}/enabledModules +# TODO: Maybe the others are needed after all? +#%%set_permissions %%{_sysconfdir}/%%{name} +%set_permissions %{_sysconfdir}/%{name}/enabledModules +%set_permissions %{_sysconfdir}/%{name}/modules +#%%set_permissions %%{_localstatedir}/cache/%%{name} +#%%set_permissions %%{_localstatedir}/lib/%%{name} +#%%set_permissions %%{_localstatedir}/log/%%{name} %files -%defattr(-,root,root) -%{basedir}/application/controllers -%{basedir}/application/fonts -%{basedir}/application/forms -%{basedir}/application/layouts -%{basedir}/application/views -%{basedir}/application/VERSION -%{basedir}/doc -%{basedir}/modules -%{basedir}/public -%if 0%{?suse_version} -# for lint on OBS -%dir %{dirname:%{wwwconfigdir}} -%dir %{wwwconfigdir} -%endif -%config(noreplace) %{wwwconfigdir}/icingaweb2.conf -%attr(0775,root,%{icingawebgroup}) %dir %{logdir} -%attr(0770,root,%{icingawebgroup}) %config(noreplace) %dir %{configdir}/modules/setup -%attr(0660,root,%{icingawebgroup}) %config(noreplace) %{configdir}/modules/setup/config.ini -%attr(0770,root,%{icingawebgroup}) %config(noreplace) %dir %{configdir}/modules/translation -%attr(0660,root,%{icingawebgroup}) %config(noreplace) %{configdir}/modules/translation/config.ini -%{docsdir} -%docdir %{docsdir} - -%pre common -getent group %{icingawebgroup} >/dev/null || groupadd -r %{icingawebgroup} -exit 0 +%doc CHANGELOG.md +%doc README.md +%docdir %{_datadir}/%{name}/doc +%license LICENSE +%dir %{_datadir}/%{name} +%dir %{_datadir}/%{name}/application +%{_datadir}/%{name}/application/controllers +%{_datadir}/%{name}/application/fonts +%{_datadir}/%{name}/application/forms +%{_datadir}/%{name}/application/layouts +%{_datadir}/%{name}/application/views +%{_datadir}/%{name}/application/VERSION +%{_datadir}/%{name}/doc +%{_datadir}/%{name}/modules +%{_datadir}/%{name}/public +%{_datadir}/%{name}/schema +%config(noreplace) %{_sysconfdir}/apache2/conf.d/icingaweb2.conf %files common -%defattr(-,root,root) -%dir %{basedir} -%dir %{basedir}/application -%dir %{basedir}/library -%dir %{basedir}/library/vendor -%dir %{basedir}/modules -%attr(0770,root,%{icingawebgroup}) %dir %{storagedir} -%attr(0770,root,%{icingawebgroup}) %config(noreplace) %dir %{configdir} -%attr(0770,root,%{icingawebgroup}) %config(noreplace) %dir %{configdir}/modules -%verify(not mode caps) %attr(2770,root,%{icingawebgroup}) %{configdir}/enabledModules -%attr(2770,root,%{icingawebgroup}) %dir %{configdir}/enabledModules - -%files php-fpm -%config(noreplace) %{_sysconfdir}/php%{php_major_version}/fpm/php-fpm.d/%{name}.conf - -%files -n php-Icinga -%defattr(-,root,root) -%if 0%{?suse_version} -# for lint on OBS -%dir %{phpdir} -%endif -%{phpdir}/Icinga +%attr(0770, root, %icinga_webgroup) %dir %{_localstatedir}/cache/%{name} +%attr(0775, root, %icinga_webgroup) %dir %{_localstatedir}/log/%{name} +%attr(0770, root, %icinga_webgroup) %dir %{_localstatedir}/lib/%{name} +%attr(0770, root, %icinga_webgroup) %config(noreplace) %dir %{_sysconfdir}/%{name} +%attr(0770, root, %icinga_webgroup) %config(noreplace) %dir %{_sysconfdir}/%{name}/modules +%verify(not mode caps) %attr(2770,root,%icinga_webgroup) %{_sysconfdir}/%{name}/enabledModules +%attr(2770, root, %icinga_webgroup) %dir %{_sysconfdir}/%{name}/enabledModules %files -n icingacli -%defattr(-,root,root) -%{basedir}/application/clicommands +%license LICENSE +%{_datadir}/%{name}/application/clicommands %{_datadir}/bash-completion/completions/icingacli -%attr(0755,root,root) %{bindir}/icingacli +%{_bindir}/icingacli + +%files php-fpm +%config(noreplace) %{_sysconfdir}/php%{php_major_version}/fpm/php-fpm.d/%{name}.conf -%if 0%{?use_selinux} -%post selinux -for selinuxvariant in %{selinux_variants} -do - %{_sbindir}/semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/icingaweb2.pp &> /dev/null || : -done -%{_sbindir}/restorecon -R %{basedir} &> /dev/null || : -%{_sbindir}/restorecon -R %{configdir} &> /dev/null || : -%{_sbindir}/restorecon -R %{logdir} &> /dev/null || : -%{_sbindir}/restorecon -R %{storagedir} &> /dev/null || : - -%postun selinux -if [ $1 -eq 0 ] ; then - for selinuxvariant in %{selinux_variants} - do - %{_sbindir}/semodule -s ${selinuxvariant} -r icingaweb2 &> /dev/null || : - done - [ -d %{basedir} ] && %{_sbindir}/restorecon -R %{basedir} &> /dev/null || : - [ -d %{configdir} ] && %{_sbindir}/restorecon -R %{configdir} &> /dev/null || : - [ -d %{logdir} ] && %{_sbindir}/restorecon -R %{logdir} &> /dev/null || : - [ -d %{storagedir} ] && %{_sbindir}/restorecon -R %{storagedir} &> /dev/null || : -fi - -%files selinux -%defattr(-,root,root,0755) -%doc selinux/* -%{_datadir}/selinux/*/icingaweb2.pp -%endif - -%files vendor-dompdf -%defattr(-,root,root) -%{basedir}/library/vendor/dompdf - -%files vendor-HTMLPurifier -%defattr(-,root,root) -%{basedir}/library/vendor/HTMLPurifier -%{basedir}/library/vendor/HTMLPurifier.autoload.php -%{basedir}/library/vendor/HTMLPurifier.php - -%files vendor-JShrink -%defattr(-,root,root) -%{basedir}/library/vendor/JShrink - -%files vendor-lessphp -%defattr(-,root,root) -%{basedir}/library/vendor/lessphp - -%files vendor-Parsedown -%defattr(-,root,root) -%{basedir}/library/vendor/Parsedown - -%files vendor-zf1 -%defattr(-,root,root) -%{basedir}/library/vendor/Zend +%files -n php-icinga +%license LICENSE +%{_datadir}/php/Icinga ++++++ icingaweb2-2.11.4.tar.gz -> icingaweb2-2.12.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/icingaweb2/icingaweb2-2.11.4.tar.gz /work/SRC/openSUSE:Factory/.icingaweb2.new.28202/icingaweb2-2.12.0.tar.gz differ: char 13, line 1 ++++++ icingaweb2-additions.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/SELinux/icingaweb2.fc new/additions/SELinux/icingaweb2.fc --- old/additions/SELinux/icingaweb2.fc 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/SELinux/icingaweb2.fc 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,7 @@ +/etc/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_config_t,s0) + +/usr/share/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_content_t,s0) + +/var/log/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_rw_content_t,s0) +/var/cache/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_rw_content_t,s0) +/var/lib/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_rw_content_t,s0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/SELinux/icingaweb2.if new/additions/SELinux/icingaweb2.if --- old/additions/SELinux/icingaweb2.if 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/SELinux/icingaweb2.if 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,45 @@ +######################################## +## <summary> +## Allow the specified domain to read +## icingaweb2 configuration files. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +## <rolecap/> +# +interface(`icingaweb2_read_config',` + gen_require(` + type icingaweb2_config_t; + ') + + files_search_etc($1) + list_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t) + read_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) + read_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) +') + +######################################## +## <summary> +## Allow the specified domain to read +## and write icingaweb2 configuration files. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +## <rolecap/> +# +interface(`icingaweb2_manage_config',` + gen_require(` + type icingaweb2_config_t; + ') + + files_search_etc($1) + manage_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t) + manage_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) + manage_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) +') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/SELinux/icingaweb2.te new/additions/SELinux/icingaweb2.te --- old/additions/SELinux/icingaweb2.te 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/SELinux/icingaweb2.te 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,29 @@ +policy_module(icingaweb2, 0.0.1) + +######################################## +# +# Declarations +# + +require { + type httpd_t; +} + +## <desc> +## <p> +## Allow Apache to manage icingaweb2 configuration +## </p> +## </desc> +gen_tunable(httpd_can_manage_icingaweb2_config, true) + +type icingaweb2_config_t; +files_config_file(icingaweb2_config_t) + +optional_policy(` + apache_content_template(icingaweb2) + icingaweb2_read_config(httpd_t) + tunable_policy(`httpd_can_manage_icingaweb2_config',` + icingaweb2_manage_config(httpd_t) + ') +') + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/icingacli new/additions/icingacli --- old/additions/icingacli 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/icingacli 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,7 @@ +#!/usr/bin/php +<?php +/*! Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */ + +require_once '/usr/share/php/Icinga/Application/Cli.php'; + +Icinga\Application\Cli::start('/usr/share/icingaweb2')->dispatch(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/icingacli.el7 new/additions/icingacli.el7 --- old/additions/icingacli.el7 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/icingacli.el7 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,7 @@ +#!/opt/rh/rh-php73/root/usr/bin/php +<?php +/*! Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */ + +require_once '/usr/share/php/Icinga/Application/Cli.php'; + +Icinga\Application\Cli::start('/usr/share/icingaweb2')->dispatch(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/icingaweb2.conf new/additions/icingaweb2.conf --- old/additions/icingaweb2.conf 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/icingaweb2.conf 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,26 @@ +Alias /icingaweb2 "/usr/share/icingaweb2/public" + +<Directory "/usr/share/icingaweb2/public"> + Options SymLinksIfOwnerMatch + AllowOverride None + Require all granted + + SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2" + + <IfModule mod_rewrite.c> + RewriteEngine on + RewriteBase /icingaweb2/ + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ index.php [NC,L] + </IfModule> + + <IfModule !mod_rewrite.c> + DirectoryIndex error_norewrite.html + ErrorDocument 404 /icingaweb2/error_norewrite.html + </IfModule> + + DirectoryIndex index.php +</Directory> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/icingaweb2.el7.conf new/additions/icingaweb2.el7.conf --- old/additions/icingaweb2.el7.conf 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/icingaweb2.el7.conf 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,35 @@ +Alias /icingaweb2 "/usr/share/icingaweb2/public" + +<Directory "/usr/share/icingaweb2/public"> + Options SymLinksIfOwnerMatch + AllowOverride None + Require all granted + + DirectoryIndex index.php + + SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2" + + EnableSendfile Off + + <IfModule mod_rewrite.c> + RewriteEngine on + RewriteBase /icingaweb2/ + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ index.php [NC,L] + </IfModule> + + <IfModule !mod_rewrite.c> + DirectoryIndex error_norewrite.html + ErrorDocument 404 /icingaweb2/error_norewrite.html + </IfModule> + + # Forward PHP requests to FPM + SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 + <FilesMatch "\.php$"> + SetHandler "proxy:fcgi://127.0.0.1:9000" + ErrorDocument 503 /icingaweb2/error_unavailable.html + </FilesMatch> +</Directory> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/additions/index.php new/additions/index.php --- old/additions/index.php 1970-01-01 01:00:00.000000000 +0100 +++ new/additions/index.php 2023-09-22 07:44:39.000000000 +0200 @@ -0,0 +1,4 @@ +<?php +/*! Icinga Web 2 | (c) 2014 Icinga Development Team | GPLv2+ */ + +require_once '/usr/share/php/Icinga/Application/webrouter.php'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/bash_completion.d/icingacli new/etc/bash_completion.d/icingacli --- old/etc/bash_completion.d/icingacli 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/bash_completion.d/icingacli 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ -_icingacli_completion() -{ - local cur opts - opts="${COMP_WORDS[*]}" - cur="${COMP_WORDS[COMP_CWORD]}" - COMPREPLY=($($opts --autocomplete --autoindex $COMP_CWORD < /dev/null)) - return 0 -} - -complete -F _icingacli_completion icingacli diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/mysql-upgrades/2.0.0beta3-2.0.0rc1.sql new/etc/schema/mysql-upgrades/2.0.0beta3-2.0.0rc1.sql --- old/etc/schema/mysql-upgrades/2.0.0beta3-2.0.0rc1.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/mysql-upgrades/2.0.0beta3-2.0.0rc1.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,26 +0,0 @@ -# Icinga Web 2 | (c) 2014 Icinga Development Team | GPLv2+ - -DROP TABLE `icingaweb_group_membership`; -DROP TABLE `icingaweb_group`; - -CREATE TABLE `icingaweb_group`( - `id` int(10) unsigned NOT NULL AUTO_INCREMENT, - `name` varchar(64) COLLATE utf8_unicode_ci NOT NULL, - `parent` int(10) unsigned NULL DEFAULT NULL, - `ctime` timestamp NULL DEFAULT NULL, - `mtime` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (`id`), - UNIQUE KEY `idx_name` (`name`), - CONSTRAINT `fk_icingaweb_group_parent_id` FOREIGN KEY (`parent`) - REFERENCES `icingaweb_group` (`id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; - -CREATE TABLE `icingaweb_group_membership`( - `group_id` int(10) unsigned NOT NULL, - `username` varchar(64) COLLATE utf8_unicode_ci NOT NULL, - `ctime` timestamp NULL DEFAULT NULL, - `mtime` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (`group_id`,`username`), - CONSTRAINT `fk_icingaweb_group_membership_icingaweb_group` FOREIGN KEY (`group_id`) - REFERENCES `icingaweb_group` (`id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/mysql-upgrades/2.11.0.sql new/etc/schema/mysql-upgrades/2.11.0.sql --- old/etc/schema/mysql-upgrades/2.11.0.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/mysql-upgrades/2.11.0.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,33 +0,0 @@ -ALTER TABLE `icingaweb_group` ROW_FORMAT=DYNAMIC; -ALTER TABLE `icingaweb_group_membership` ROW_FORMAT=DYNAMIC; -ALTER TABLE `icingaweb_user` ROW_FORMAT=DYNAMIC; -ALTER TABLE `icingaweb_user_preference` ROW_FORMAT=DYNAMIC; -ALTER TABLE `icingaweb_rememberme` ROW_FORMAT=DYNAMIC; - -ALTER TABLE `icingaweb_group` CONVERT TO CHARACTER SET utf8mb4; -ALTER TABLE `icingaweb_group_membership` CONVERT TO CHARACTER SET utf8mb4; -ALTER TABLE `icingaweb_user` CONVERT TO CHARACTER SET utf8mb4; -ALTER TABLE `icingaweb_user_preference` CONVERT TO CHARACTER SET utf8mb4; - -ALTER TABLE `icingaweb_group` - MODIFY COLUMN `name` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL; -ALTER TABLE `icingaweb_group_membership` - MODIFY COLUMN `username` varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL; -ALTER TABLE `icingaweb_user` - MODIFY COLUMN `name` varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL; - -ALTER TABLE `icingaweb_user_preference` - MODIFY COLUMN `username` varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL, - MODIFY COLUMN `section` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL, - MODIFY COLUMN `name` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL; - -CREATE TABLE icingaweb_schema ( - id int unsigned NOT NULL AUTO_INCREMENT, - version smallint unsigned NOT NULL, - timestamp int unsigned NOT NULL, - - PRIMARY KEY (id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin ROW_FORMAT=DYNAMIC; - -INSERT INTO icingaweb_schema (version, timestamp) - VALUES (6, UNIX_TIMESTAMP()); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/mysql-upgrades/2.5.0.sql new/etc/schema/mysql-upgrades/2.5.0.sql --- old/etc/schema/mysql-upgrades/2.5.0.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/mysql-upgrades/2.5.0.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,5 +0,0 @@ -# Icinga Web 2 | (c) 2017 Icinga Development Team | GPLv2+ - -ALTER TABLE `icingaweb_group_membership` MODIFY COLUMN `username` varchar(254) COLLATE utf8_unicode_ci NOT NULL; -ALTER TABLE `icingaweb_user` MODIFY COLUMN `name` varchar(254) COLLATE utf8_unicode_ci NOT NULL; -ALTER TABLE `icingaweb_user_preference` MODIFY COLUMN `username` varchar(254) COLLATE utf8_unicode_ci NOT NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/mysql-upgrades/2.9.0.sql new/etc/schema/mysql-upgrades/2.9.0.sql --- old/etc/schema/mysql-upgrades/2.9.0.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/mysql-upgrades/2.9.0.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,11 +0,0 @@ -CREATE TABLE `icingaweb_rememberme`( - id int(10) unsigned NOT NULL AUTO_INCREMENT, - username varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL, - passphrase varchar(256) NOT NULL, - random_iv varchar(24) NOT NULL, - http_user_agent text NOT NULL, - expires_at timestamp NULL DEFAULT NULL, - ctime timestamp NULL DEFAULT NULL, - mtime timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/mysql-upgrades/2.9.1.sql new/etc/schema/mysql-upgrades/2.9.1.sql --- old/etc/schema/mysql-upgrades/2.9.1.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/mysql-upgrades/2.9.1.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -ALTER TABLE `icingaweb_rememberme` - MODIFY random_iv varchar(32) NOT NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/mysql.schema.sql new/etc/schema/mysql.schema.sql --- old/etc/schema/mysql.schema.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/mysql.schema.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,65 +0,0 @@ -# Icinga Web 2 | (c) 2014 Icinga GmbH | GPLv2+ - -CREATE TABLE `icingaweb_group`( - `id` int(10) unsigned NOT NULL AUTO_INCREMENT, - `name` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL, - `parent` int(10) unsigned NULL DEFAULT NULL, - `ctime` timestamp NULL DEFAULT NULL, - `mtime` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (`id`), - UNIQUE KEY `idx_name` (`name`), - CONSTRAINT `fk_icingaweb_group_parent_id` FOREIGN KEY (`parent`) - REFERENCES `icingaweb_group` (`id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; - -CREATE TABLE `icingaweb_group_membership`( - `group_id` int(10) unsigned NOT NULL, - `username` varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL, - `ctime` timestamp NULL DEFAULT NULL, - `mtime` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (`group_id`,`username`), - CONSTRAINT `fk_icingaweb_group_membership_icingaweb_group` FOREIGN KEY (`group_id`) - REFERENCES `icingaweb_group` (`id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; - -CREATE TABLE `icingaweb_user`( - `name` varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL, - `active` tinyint(1) NOT NULL, - `password_hash` varbinary(255) NOT NULL, - `ctime` timestamp NULL DEFAULT NULL, - `mtime` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (`name`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; - -CREATE TABLE `icingaweb_user_preference`( - `username` varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL, - `section` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL, - `name` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL, - `value` varchar(255) NOT NULL, - `ctime` timestamp NULL DEFAULT NULL, - `mtime` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (`username`,`section`,`name`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; - -CREATE TABLE `icingaweb_rememberme`( - id int(10) unsigned NOT NULL AUTO_INCREMENT, - username varchar(254) COLLATE utf8mb4_unicode_ci NOT NULL, - passphrase varchar(256) NOT NULL, - random_iv varchar(32) NOT NULL, - http_user_agent text NOT NULL, - expires_at timestamp NULL DEFAULT NULL, - ctime timestamp NULL DEFAULT NULL, - mtime timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, - PRIMARY KEY (id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin ROW_FORMAT=DYNAMIC; - -CREATE TABLE icingaweb_schema ( - id int unsigned NOT NULL AUTO_INCREMENT, - version smallint unsigned NOT NULL, - timestamp int unsigned NOT NULL, - - PRIMARY KEY (id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin ROW_FORMAT=DYNAMIC; - -INSERT INTO icingaweb_schema (version, timestamp) - VALUES (6, UNIX_TIMESTAMP()); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/pgsql-upgrades/2.0.0beta3-2.0.0rc1.sql new/etc/schema/pgsql-upgrades/2.0.0beta3-2.0.0rc1.sql --- old/etc/schema/pgsql-upgrades/2.0.0beta3-2.0.0rc1.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/pgsql-upgrades/2.0.0beta3-2.0.0rc1.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,60 +0,0 @@ -/* Icinga Web 2 | (c) 2014 Icinga Development Team | GPLv2+ */ - -DROP TABLE "icingaweb_group_membership"; -DROP TABLE "icingaweb_group"; - -CREATE OR REPLACE FUNCTION unix_timestamp(timestamp with time zone) RETURNS bigint AS ' - SELECT EXTRACT(EPOCH FROM $1)::bigint AS result -' LANGUAGE sql; - -CREATE TABLE "icingaweb_group" ( - "id" serial, - "name" character varying(64) NOT NULL, - "parent" int NULL DEFAULT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_group" - ADD CONSTRAINT pk_icingaweb_group - PRIMARY KEY ( - "id" -); - -CREATE UNIQUE INDEX idx_icingaweb_group - ON "icingaweb_group" - USING btree ( - lower((name)::text) -); - -ALTER TABLE ONLY "icingaweb_group" - ADD CONSTRAINT fk_icingaweb_group_parent_id - FOREIGN KEY ( - "parent" - ) - REFERENCES "icingaweb_group" ( - "id" -); - -CREATE TABLE "icingaweb_group_membership" ( - "group_id" int NOT NULL, - "username" character varying(64) NOT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_group_membership" - ADD CONSTRAINT pk_icingaweb_group_membership - FOREIGN KEY ( - "group_id" - ) - REFERENCES "icingaweb_group" ( - "id" -); - -CREATE UNIQUE INDEX idx_icingaweb_group_membership - ON "icingaweb_group_membership" - USING btree ( - group_id, - lower((username)::text) -); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/pgsql-upgrades/2.11.0.sql new/etc/schema/pgsql-upgrades/2.11.0.sql --- old/etc/schema/pgsql-upgrades/2.11.0.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/pgsql-upgrades/2.11.0.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ -CREATE TABLE "icingaweb_schema" ( - "id" serial, - "version" smallint NOT NULL, - "timestamp" int NOT NULL, - - CONSTRAINT pk_icingaweb_schema PRIMARY KEY ("id") -); - -INSERT INTO icingaweb_schema ("version", "timestamp") - VALUES (6, extract(epoch from now())); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/pgsql-upgrades/2.5.0.sql new/etc/schema/pgsql-upgrades/2.5.0.sql --- old/etc/schema/pgsql-upgrades/2.5.0.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/pgsql-upgrades/2.5.0.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,5 +0,0 @@ -/* Icinga Web 2 | (c) 2017 Icinga Development Team | GPLv2+ */ - -ALTER TABLE "icingaweb_group_membership" ALTER COLUMN "username" TYPE character varying(254); -ALTER TABLE "icingaweb_user" ALTER COLUMN "name" TYPE character varying(254); -ALTER TABLE "icingaweb_user_preference" ALTER COLUMN "username" TYPE character varying(254); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/pgsql-upgrades/2.9.0.sql new/etc/schema/pgsql-upgrades/2.9.0.sql --- old/etc/schema/pgsql-upgrades/2.9.0.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/pgsql-upgrades/2.9.0.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ -CREATE TABLE "icingaweb_rememberme" ( - "id" serial, - "username" character varying(254) NOT NULL, - "passphrase" character varying(256) NOT NULL, - "random_iv" character varying(24) NOT NULL, - "http_user_agent" text NOT NULL, - "expires_at" timestamp NULL DEFAULT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_rememberme" - ADD CONSTRAINT pk_icingaweb_rememberme - PRIMARY KEY ( - "id" -); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/pgsql-upgrades/2.9.1.sql new/etc/schema/pgsql-upgrades/2.9.1.sql --- old/etc/schema/pgsql-upgrades/2.9.1.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/pgsql-upgrades/2.9.1.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -ALTER TABLE ONLY "icingaweb_rememberme" - ALTER COLUMN random_iv type character varying(32); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/schema/pgsql.schema.sql new/etc/schema/pgsql.schema.sql --- old/etc/schema/pgsql.schema.sql 2022-12-14 13:28:22.000000000 +0100 +++ new/etc/schema/pgsql.schema.sql 1970-01-01 01:00:00.000000000 +0100 @@ -1,130 +0,0 @@ -/* Icinga Web 2 | (c) 2014 Icinga GmbH | GPLv2+ */ - -CREATE OR REPLACE FUNCTION unix_timestamp(timestamp with time zone) RETURNS bigint AS ' - SELECT EXTRACT(EPOCH FROM $1)::bigint AS result -' LANGUAGE sql; - -CREATE TABLE "icingaweb_group" ( - "id" serial, - "name" character varying(64) NOT NULL, - "parent" int NULL DEFAULT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_group" - ADD CONSTRAINT pk_icingaweb_group - PRIMARY KEY ( - "id" -); - -CREATE UNIQUE INDEX idx_icingaweb_group - ON "icingaweb_group" - USING btree ( - lower((name)::text) -); - -ALTER TABLE ONLY "icingaweb_group" - ADD CONSTRAINT fk_icingaweb_group_parent_id - FOREIGN KEY ( - "parent" - ) - REFERENCES "icingaweb_group" ( - "id" -); - -CREATE TABLE "icingaweb_group_membership" ( - "group_id" int NOT NULL, - "username" character varying(254) NOT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_group_membership" - ADD CONSTRAINT pk_icingaweb_group_membership - FOREIGN KEY ( - "group_id" - ) - REFERENCES "icingaweb_group" ( - "id" -); - -CREATE UNIQUE INDEX idx_icingaweb_group_membership - ON "icingaweb_group_membership" - USING btree ( - group_id, - lower((username)::text) -); - -CREATE TABLE "icingaweb_user" ( - "name" character varying(254) NOT NULL, - "active" smallint NOT NULL, - "password_hash" bytea NOT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_user" - ADD CONSTRAINT pk_icingaweb_user - PRIMARY KEY ( - "name" -); - -CREATE UNIQUE INDEX idx_icingaweb_user - ON "icingaweb_user" - USING btree ( - lower((name)::text) -); - -CREATE TABLE "icingaweb_user_preference" ( - "username" character varying(254) NOT NULL, - "name" character varying(64) NOT NULL, - "section" character varying(64) NOT NULL, - "value" character varying(255) NOT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_user_preference" - ADD CONSTRAINT pk_icingaweb_user_preference - PRIMARY KEY ( - "username", - "section", - "name" -); - -CREATE UNIQUE INDEX idx_icingaweb_user_preference - ON "icingaweb_user_preference" - USING btree ( - lower((username)::text), - lower((section)::text), - lower((name)::text) -); - -CREATE TABLE "icingaweb_rememberme" ( - "id" serial, - "username" character varying(254) NOT NULL, - "passphrase" character varying(256) NOT NULL, - "random_iv" character varying(32) NOT NULL, - "http_user_agent" text NOT NULL, - "expires_at" timestamp NULL DEFAULT NULL, - "ctime" timestamp NULL DEFAULT NULL, - "mtime" timestamp NULL DEFAULT NULL -); - -ALTER TABLE ONLY "icingaweb_rememberme" - ADD CONSTRAINT pk_icingaweb_rememberme - PRIMARY KEY ( - "id" -); - -CREATE TABLE "icingaweb_schema" ( - "id" serial, - "version" smallint NOT NULL, - "timestamp" int NOT NULL, - - CONSTRAINT pk_icingaweb_schema PRIMARY KEY ("id") -); - -INSERT INTO icingaweb_schema (version, timestamp) - VALUES (6, extract(epoch from now())); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/RPM.md new/packages/RPM.md --- old/packages/RPM.md 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/RPM.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,110 +0,0 @@ -# Icinga Web 2 README for RPM Packages - -This file will describe how to install Icinga Web 2 from an RPM -package (RHEL/CentOS/Fedora, SLES/OpenSUSE). - -## Requirements - -* EPEL/OBS Repository for Zend Framework -* Apache 2.2+ -* PHP 5.3+, Zend Framework, PHP PDO MySQL/PostgreSQL, PHP LDAP (optional) -* MySQL or PostgreSQL for internal DB -* Icinga 1.x or 2.x providing an IDO database (default: `icinga`) -* Icinga 1.x or 2.x providing an external command pipe (default: `icinga2.cmd`) - -### SELinux - -Disabled SELinux for sending commands via external command pipe -provided by Icinga (2) Core. - - setenforce 0 - -## Webserver Configuration - -Can be generated using the following local icingacli command: - - /usr/share/icingaweb2/bin/icingacli setup config webserver apache - -Pipe the output into `/etc/httpd/conf.d/icingaweb2.conf` or similar, -if not already existing. - -## Setup Wizard - -Navigate to `/icingaweb/setup` and follow the on-screen instructions. - - -## Support - -Please use one of the listed support channels at https://support.icinga.com - - -## Manual Setup - -### Internal DB Setup - -Decide whether to use MySQL or PostgreSQL. - -#### MySQL - - mysql -u root -p - CREATE USER `icingaweb`@`localhost` IDENTIFIED BY 'icingaweb'; - CREATE DATABASE `icingaweb`; - GRANT ALL PRIVILEGES ON `icingaweb`.* TO `icingaweb`@`localhost`; - FLUSH PRIVILEGES; - quit - - mysql -u root -p icingaweb < /usr/share/doc/icingaweb2*/schema/mysql.schema..sql - -#### PostgreSQL - - sudo su postgres - psql - postgres=# CREATE USER icingaweb WITH PASSWORD 'icingaweb'; - postgres=# CREATE DATABASE icingaweb; - postgres=# \q - -Add the `icingaweb` user for trusted authentication to your `pg_hba.conf` file -in `/var/lib/pgsql/data/pg_hba.conf` and restart the PostgreSQL server. - - local icingaweb icingaweb trust - host icingaweb icingaweb 127.0.0.1/32 trust - host icingaweb icingaweb ::1/128 trust - -Now install the `icingaweb` schema - - bash$ psql -U icingaweb -a -f /usr/share/doc/icingaweb2*/schema/pgsql.schema.sql - - -### Configuration - -#### Module Configuration - -The monitoring module is enabled by default. - -#### Backend configuration - -`/etc/icingaweb2/resources.ini` contains the database backend information. -By default the Icinga 2 DB IDO is used by the monitoring module in -`/etc/icingaweb2/modules/monitoring/backends.ini` - -The external command pipe is required for sending commands -and configured for Icinga 2 in -`/etc/icingaweb2/modules/monitoring/commandtransports.ini` - -#### Authentication configuration - -The `/etc/icingaweb2/authentication.ini` file uses the internal database as -default. This requires the database being installed properly before -allowing users to login via web console. - -#### Default User - -When not using the default setup wizard, you can generate a secure password hash with openssl -and insert that manually like so: - - openssl passwd -1 "yoursecurepassword" - - mysql -uicingaweb -p icingaweb - - mysql> INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('icingaadmin', 1, '$yoursecurepassword_hash'); - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/apache/icingaweb2.conf new/packages/files/apache/icingaweb2.conf --- old/packages/files/apache/icingaweb2.conf 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/apache/icingaweb2.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,60 +0,0 @@ -Alias /icingaweb2 "/usr/share/icingaweb2/public" - -# Remove comments if you want to use PHP FPM and your Apache version is older than 2.4 -#<IfVersion < 2.4> -# # Forward PHP requests to FPM -# SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 -# <LocationMatch "^{urlPath}/(.*\.php)$"> -# ProxyPassMatch "fcgi://127.0.0.1:9000/{documentRoot}/$1" -# </LocationMatch> -#</IfVersion> - -<Directory "/usr/share/icingaweb2/public"> - Options SymLinksIfOwnerMatch - AllowOverride None - - DirectoryIndex index.php - - <IfModule mod_authz_core.c> - # Apache 2.4 - <RequireAll> - Require all granted - </RequireAll> - </IfModule> - - <IfModule !mod_authz_core.c> - # Apache 2.2 - Order allow,deny - Allow from all - </IfModule> - - SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2" - - EnableSendfile Off - - <IfModule mod_rewrite.c> - RewriteEngine on - RewriteBase /icingaweb2/ - RewriteCond %{REQUEST_FILENAME} -s [OR] - RewriteCond %{REQUEST_FILENAME} -l [OR] - RewriteCond %{REQUEST_FILENAME} -d - RewriteRule ^.*$ - [NC,L] - RewriteRule ^.*$ index.php [NC,L] - </IfModule> - - <IfModule !mod_rewrite.c> - DirectoryIndex error_norewrite.html - ErrorDocument 404 /icingaweb2/error_norewrite.html - </IfModule> - -# Remove comments if you want to use PHP FPM and your Apache version -# is greater than or equal to 2.4 -# <IfVersion >= 2.4> -# # Forward PHP requests to FPM -# SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 -# <FilesMatch "\.php$"> -# SetHandler "proxy:fcgi://127.0.0.1:9000" -# ErrorDocument 503 {urlPath}/error_unavailable.html -# </FilesMatch> -# </IfVersion> -</Directory> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/apache/icingaweb2.fpm.conf new/packages/files/apache/icingaweb2.fpm.conf --- old/packages/files/apache/icingaweb2.fpm.conf 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/apache/icingaweb2.fpm.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,57 +0,0 @@ -Alias /icingaweb2 "/usr/share/icingaweb2/public" - -<IfVersion < 2.4> - # Forward PHP requests to FPM - SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - <LocationMatch "^/icingaweb2/(.*\.php)$"> - ProxyPassMatch "fcgi://127.0.0.1:9000/usr/share/icingaweb2/public/$1" - </LocationMatch> -</IfVersion> - -<Directory "/usr/share/icingaweb2/public"> - Options SymLinksIfOwnerMatch - AllowOverride None - - DirectoryIndex index.php - - <IfModule mod_authz_core.c> - # Apache 2.4 - <RequireAll> - Require all granted - </RequireAll> - </IfModule> - - <IfModule !mod_authz_core.c> - # Apache 2.2 - Order allow,deny - Allow from all - </IfModule> - - SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2" - - EnableSendfile Off - - <IfModule mod_rewrite.c> - RewriteEngine on - RewriteBase /icingaweb2/ - RewriteCond %{REQUEST_FILENAME} -s [OR] - RewriteCond %{REQUEST_FILENAME} -l [OR] - RewriteCond %{REQUEST_FILENAME} -d - RewriteRule ^.*$ - [NC,L] - RewriteRule ^.*$ index.php [NC,L] - </IfModule> - - <IfModule !mod_rewrite.c> - DirectoryIndex error_norewrite.html - ErrorDocument 404 /icingaweb2/error_norewrite.html - </IfModule> - - <IfVersion >= 2.4> - # Forward PHP requests to FPM - SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - <FilesMatch "\.php$"> - SetHandler "proxy:fcgi://127.0.0.1:9000" - ErrorDocument 503 /icingaweb2/error_unavailable.html - </FilesMatch> - </IfVersion> -</Directory> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/bin/icingacli new/packages/files/bin/icingacli --- old/packages/files/bin/icingacli 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/bin/icingacli 1970-01-01 01:00:00.000000000 +0100 @@ -1,7 +0,0 @@ -#!/usr/bin/php -<?php -/*! Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */ - -require_once '/usr/share/php/Icinga/Application/Cli.php'; - -Icinga\Application\Cli::start('/usr/share/icingaweb2')->dispatch(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/config/modules/doc/config.ini new/packages/files/config/modules/doc/config.ini --- old/packages/files/config/modules/doc/config.ini 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/config/modules/doc/config.ini 1970-01-01 01:00:00.000000000 +0100 @@ -1,3 +0,0 @@ -[documentation] -icingaweb2 = /usr/share/doc/icingaweb2/markdown -modules = /usr/share/doc/icingaweb2/modules/{module}/markdown diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/config/modules/setup/config.ini new/packages/files/config/modules/setup/config.ini --- old/packages/files/config/modules/setup/config.ini 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/config/modules/setup/config.ini 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -[schema] -path = /usr/share/doc/icingaweb2/schema diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/config/modules/translation/config.ini new/packages/files/config/modules/translation/config.ini --- old/packages/files/config/modules/translation/config.ini 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/config/modules/translation/config.ini 1970-01-01 01:00:00.000000000 +0100 @@ -1,4 +0,0 @@ -[translation] -msgmerge = /usr/bin/msgmerge -xgettext = /usr/bin/xgettext -msgfmt = /usr/bin/msgfmt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/files/public/index.php new/packages/files/public/index.php --- old/packages/files/public/index.php 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/files/public/index.php 1970-01-01 01:00:00.000000000 +0100 @@ -1,4 +0,0 @@ -<?php -/*! Icinga Web 2 | (c) 2014 Icinga Development Team | GPLv2+ */ - -require_once '/usr/share/php/Icinga/Application/webrouter.php'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/selinux/icingaweb2.fc new/packages/selinux/icingaweb2.fc --- old/packages/selinux/icingaweb2.fc 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/selinux/icingaweb2.fc 1970-01-01 01:00:00.000000000 +0100 @@ -1,7 +0,0 @@ -/etc/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_config_t,s0) - -/usr/share/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_content_t,s0) - -/var/log/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_rw_content_t,s0) -/var/cache/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_rw_content_t,s0) -/var/lib/icingaweb2(/.*)? gen_context(system_u:object_r:icingaweb2_rw_content_t,s0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/selinux/icingaweb2.if new/packages/selinux/icingaweb2.if --- old/packages/selinux/icingaweb2.if 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/selinux/icingaweb2.if 1970-01-01 01:00:00.000000000 +0100 @@ -1,45 +0,0 @@ -######################################## -## <summary> -## Allow the specified domain to read -## icingaweb2 configuration files. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <rolecap/> -# -interface(`icingaweb2_read_config',` - gen_require(` - type icingaweb2_config_t; - ') - - files_search_etc($1) - list_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - read_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - read_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) -') - -######################################## -## <summary> -## Allow the specified domain to read -## and write icingaweb2 configuration files. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <rolecap/> -# -interface(`icingaweb2_manage_config',` - gen_require(` - type icingaweb2_config_t; - ') - - files_search_etc($1) - manage_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - manage_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - manage_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) -') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/selinux/icingaweb2.sh new/packages/selinux/icingaweb2.sh --- old/packages/selinux/icingaweb2.sh 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/selinux/icingaweb2.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,52 +0,0 @@ -#!/bin/sh -e - -DIRNAME=`dirname $0` -cd $DIRNAME -USAGE="$0 [ --update ]" -if [ `id -u` != 0 ]; then -echo 'You must be root to run this script' -exit 1 -fi - -if [ $# -eq 1 ]; then - if [ "$1" = "--update" ] ; then - time=`ls -l --time-style="+%x %X" icingaweb2.te | awk '{ printf "%s %s", $6, $7 }'` - rules=`ausearch --start $time -m avc --raw -se icinga2` - if [ x"$rules" != "x" ] ; then - echo "Found avc's to update policy with" - echo -e "$rules" | audit2allow -R - echo "Do you want these changes added to policy [y/n]?" - read ANS - if [ "$ANS" = "y" -o "$ANS" = "Y" ] ; then - echo "Updating policy" - echo -e "$rules" | audit2allow -R >> icingaweb2.te - # Fall though and rebuild policy - else - exit 0 - fi - else - echo "No new avcs found" - exit 0 - fi - else - echo -e $USAGE - exit 1 - fi -elif [ $# -ge 2 ] ; then - echo -e $USAGE - exit 1 -fi - -echo "Building and Loading Policy" -set -x -make -f /usr/share/selinux/devel/Makefile icingaweb2.pp || exit -/usr/sbin/semodule -i icingaweb2.pp - -# Generate a man page off the installed module -#sepolicy manpage -p . -d icingaweb2_t -# Fixing the file context on /etc/icingaweb2 -/sbin/restorecon -F -R -v /etc/icingaweb2 -# Fixing the file context on /var/log/icingaweb2 -/sbin/restorecon -F -R -v /var/log/icingaweb2 -# Fixing the file context on /usr/share/icingaweb2 -/sbin/restorecon -F -R -v /usr/share/icingaweb2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/packages/selinux/icingaweb2.te new/packages/selinux/icingaweb2.te --- old/packages/selinux/icingaweb2.te 2022-12-14 13:28:22.000000000 +0100 +++ new/packages/selinux/icingaweb2.te 1970-01-01 01:00:00.000000000 +0100 @@ -1,29 +0,0 @@ -policy_module(icingaweb2, 0.0.1) - -######################################## -# -# Declarations -# - -require { - type httpd_t; -} - -## <desc> -## <p> -## Allow Apache to manage icingaweb2 configuration -## </p> -## </desc> -gen_tunable(httpd_can_manage_icingaweb2_config, true) - -type icingaweb2_config_t; -files_config_file(icingaweb2_config_t) - -optional_policy(` - apache_content_template(icingaweb2) - icingaweb2_read_config(httpd_t) - tunable_policy(`httpd_can_manage_icingaweb2_config',` - icingaweb2_manage_config(httpd_t) - ') -') -