diff options
Diffstat (limited to 'app-admin/collectd/files')
| -rw-r--r-- | app-admin/collectd/files/collectd-5.6.0-gentoo.patch | 153 | ||||
| -rw-r--r-- | app-admin/collectd/files/collectd-5.6.2-CVE-2017-7401.patch | 56 | ||||
| -rw-r--r-- | app-admin/collectd/files/collectd-5.6.2-issue2303.patch | 44 | ||||
| -rw-r--r-- | app-admin/collectd/files/collectd-5.7.2-issue-2443.patch | 160 | ||||
| -rw-r--r-- | app-admin/collectd/files/collectd.confd-r1 | 45 | ||||
| -rw-r--r-- | app-admin/collectd/files/collectd.initd-r1 | 78 | ||||
| -rw-r--r-- | app-admin/collectd/files/collectd.logrotate | 9 |
7 files changed, 545 insertions, 0 deletions
diff --git a/app-admin/collectd/files/collectd-5.6.0-gentoo.patch b/app-admin/collectd/files/collectd-5.6.0-gentoo.patch new file mode 100644 index 000000000000..dd8c1576354c --- /dev/null +++ b/app-admin/collectd/files/collectd-5.6.0-gentoo.patch @@ -0,0 +1,153 @@ +From 8fe20883e248572690798e4dd1423511aa2f4e5d Mon Sep 17 00:00:00 2001 +From: Thomas Deutschmann <whissi@gentoo.org> +Date: Thu, 22 Sep 2016 00:53:58 +0200 +Subject: [PATCH 1/3] Remove bundled libltdl + +--- + Makefile.am | 6 ------ + configure.ac | 8 ++++---- + 2 files changed, 4 insertions(+), 10 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index 03bdd39..ad04a3c 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,11 +1,5 @@ +-ACLOCAL_AMFLAGS = -I libltdl/m4 +- + SUBDIRS = + +-if BUILD_INCLUDED_LTDL +-SUBDIRS += libltdl +-endif +- + SUBDIRS += proto src bindings . + + AM_CPPFLAGS = $(LTDLINCL) +diff --git a/configure.ac b/configure.ac +index 9a6da11..68e15e0 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3,7 +3,6 @@ AC_PREREQ([2.60]) + AC_INIT([collectd],[m4_esyscmd(./version-gen.sh)]) + AC_CONFIG_SRCDIR(src/target_set.c) + AC_CONFIG_HEADERS(src/config.h) +-AC_CONFIG_AUX_DIR([libltdl/config]) + + dnl older automake's default of ARFLAGS=cru is noisy on newer binutils; + dnl we don't really need the 'u' even in older toolchains. Then there is +@@ -13,7 +12,6 @@ m4_divert_text([DEFAULTS], [: "${ARFLAGS=cr} ${AR_FLAGS=cr}"]) + m4_ifdef([LT_PACKAGE_VERSION], + # libtool >= 2.2 + [ +- LT_CONFIG_LTDL_DIR([libltdl]) + LT_INIT([dlopen]) + LTDL_INIT([convenience]) + AC_DEFINE(LIBTOOL_VERSION, 2, [Define to used libtool version.]) +@@ -25,12 +23,14 @@ m4_ifdef([LT_PACKAGE_VERSION], + AC_SUBST(LTDLINCL) + AC_SUBST(LIBLTDL) + AC_LIBTOOL_DLOPEN +- AC_CONFIG_SUBDIRS(libltdl) + AC_DEFINE(LIBTOOL_VERSION, 1, [Define to used libtool version.]) + ] + ) + +-AM_CONDITIONAL([BUILD_INCLUDED_LTDL], [test "x$LTDLDEPS" != "x"]) ++if test "x$LTDLDEPS" != "x" ++then ++ AC_MSG_ERROR(["system's libltdl is too old! Should never happen. Please file a bug at https://bugs.gentoo.org"]) ++fi + + AM_INIT_AUTOMAKE([subdir-objects tar-pax dist-bzip2 no-dist-gzip foreign]) + m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) +-- +2.10.0 + + +From 0b00f519ce183b8ceaab5cf8e56f574ecd2cb7c4 Mon Sep 17 00:00:00 2001 +From: Thomas Deutschmann <whissi@gentoo.org> +Date: Thu, 22 Sep 2016 00:54:08 +0200 +Subject: [PATCH 2/3] Remove libhal dependency + +X-Gentoo-Bug: 353839 +X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=353839 +--- + configure.ac | 24 ------------------------ + 1 file changed, 24 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 68e15e0..1700c44 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1663,30 +1663,6 @@ AM_CONDITIONAL(BUILD_WITH_LIBRESOLV, test "x$with_libresolv" = "xyes") + + dnl Check for HAL (hardware abstraction library) + with_libhal="no" +-PKG_CHECK_MODULES([HAL], [hal], +- [ +- SAVE_LIBS="$LIBS" +- LIBS="$HAL_LIBS $LIBS" +- AC_CHECK_LIB([hal], [libhal_device_property_exists], +- [ +- SAVE_CPPFLAGS="$CPPFLAGS" +- CPPFLAGS="$HAL_CFLAGS $CPPFLAGS" +- AC_CHECK_HEADERS([libhal.h], +- [ +- with_libhal="yes" +- BUILD_WITH_LIBHAL_CFLAGS="$HAL_CFLAGS" +- BUILD_WITH_LIBHAL_LIBS="$HAL_LIBS" +- ]) +- CPPFLAGS="$SAVE_CPPFLAGS" +- ], +- [ : ] +- ) +- LIBS="$SAVE_LIBS" +- ], +- [ : ] +-) +-AC_SUBST(BUILD_WITH_LIBHAL_CFLAGS) +-AC_SUBST(BUILD_WITH_LIBHAL_LIBS) + + + SAVE_LIBS="$LIBS" +-- +2.10.0 + + +From 380c61888bed5856319fa32816d8f2f4c88ee7bc Mon Sep 17 00:00:00 2001 +From: Thomas Deutschmann <whissi@gentoo.org> +Date: Thu, 22 Sep 2016 00:54:19 +0200 +Subject: [PATCH 3/3] Link Oracle plug-in against libocci + +Author: Aurelien Minet +X-Gentoo-Bug: 347607 +X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=347607 +--- + configure.ac | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 1700c44..83909a0 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3587,14 +3587,14 @@ AC_ARG_WITH(oracle, [AS_HELP_STRING([--with-oracle@<:@=ORACLE_HOME@:>@], [Path t + ]) + if test "x$ORACLE_HOME" != "x" + then +- with_oracle_cppflags="-I$ORACLE_HOME/rdbms/public" ++ with_oracle_cppflags="-I$ORACLE_HOME/rdbms/public -locci" + + if test -e "$ORACLE_HOME/lib/ldflags" + then + with_oracle_libs=`cat "$ORACLE_HOME/lib/ldflags"` + fi + #with_oracle_libs="-L$ORACLE_HOME/lib $with_oracle_libs -lclntsh" +- with_oracle_libs="-L$ORACLE_HOME/lib -lclntsh" ++ with_oracle_libs="-L$ORACLE_HOME/lib -lclntsh -locci" + fi + if test "x$with_oracle" = "xyes" + then +-- +2.10.0 + diff --git a/app-admin/collectd/files/collectd-5.6.2-CVE-2017-7401.patch b/app-admin/collectd/files/collectd-5.6.2-CVE-2017-7401.patch new file mode 100644 index 000000000000..7c23ac18d8f8 --- /dev/null +++ b/app-admin/collectd/files/collectd-5.6.2-CVE-2017-7401.patch @@ -0,0 +1,56 @@ +From f6be4f9b49b949b379326c3d7002476e6ce4f211 Mon Sep 17 00:00:00 2001 +From: Pavel Rochnyack <pavel2000@ngs.ru> +Date: Mon, 3 Apr 2017 11:57:09 +0600 +Subject: [PATCH] network plugin: Fix endless loop DOS in parse_packet() + +When correct 'Signature part' is received by Collectd, configured without +AuthFile option, condition for endless loop occurs due to missing increase +of pointer to next unprocessed part. + +This is a forward-port of #2233. + +Fixes: CVE-2017-7401 +Closes: #2174 +Signed-off-by: Florian Forster <octo@collectd.org> +--- + src/network.c | 20 ++++++++++++-------- + 1 file changed, 12 insertions(+), 8 deletions(-) + +diff --git a/src/network.c b/src/network.c +index be4c3ba..2ff09af 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -1003,14 +1003,6 @@ static int parse_part_sign_sha256(sockent_t *se, /* {{{ */ + buffer_len = *ret_buffer_len; + buffer_offset = 0; + +- if (se->data.server.userdb == NULL) { +- c_complain( +- LOG_NOTICE, &complain_no_users, +- "network plugin: Received signed network packet but can't verify it " +- "because no user DB has been configured. Will accept it."); +- return (0); +- } +- + /* Check if the buffer has enough data for this structure. */ + if (buffer_len <= PART_SIGNATURE_SHA256_SIZE) + return (-ENOMEM); +@@ -1027,6 +1019,18 @@ static int parse_part_sign_sha256(sockent_t *se, /* {{{ */ + return (-1); + } + ++ if (se->data.server.userdb == NULL) { ++ c_complain( ++ LOG_NOTICE, &complain_no_users, ++ "network plugin: Received signed network packet but can't verify it " ++ "because no user DB has been configured. Will accept it."); ++ ++ *ret_buffer = buffer + pss_head_length; ++ *ret_buffer_len -= pss_head_length; ++ ++ return (0); ++ } ++ + /* Copy the hash. */ + BUFFER_READ(pss.hash, sizeof(pss.hash)); + diff --git a/app-admin/collectd/files/collectd-5.6.2-issue2303.patch b/app-admin/collectd/files/collectd-5.6.2-issue2303.patch new file mode 100644 index 000000000000..0fffcd6b9224 --- /dev/null +++ b/app-admin/collectd/files/collectd-5.6.2-issue2303.patch @@ -0,0 +1,44 @@ +From fd01cdd0546ccbbda7f4cf5db2d0ae28e1e770cd Mon Sep 17 00:00:00 2001 +From: Ruben Kerkhof <ruben@rubenkerkhof.com> +Date: Tue, 30 May 2017 17:25:17 +0200 +Subject: [PATCH] Bind plugin: plug a few leaks + +Fixes: #2303 +--- + src/bind.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/bind.c b/src/bind.c +index 4860f1b604..853b9c26a3 100644 +--- a/src/bind.c ++++ b/src/bind.c +@@ -526,8 +526,10 @@ static int bind_parse_generic_name_value(const char *xpath_expression, /* {{{ */ + status = bind_xml_read_gauge(doc, counter, &value.gauge); + else + status = bind_xml_read_derive(doc, counter, &value.derive); +- if (status != 0) ++ if (status != 0) { ++ xmlFree(name); + continue; ++ } + + status = (*list_callback)(name, value, current_time, user_data); + if (status == 0) +@@ -659,12 +661,16 @@ static int bind_parse_generic_name_attr_value_list( + status = bind_xml_read_gauge(doc, child, &value.gauge); + else + status = bind_xml_read_derive(doc, child, &value.derive); +- if (status != 0) ++ if (status != 0) { ++ xmlFree(attr_name); + continue; ++ } + + status = (*list_callback)(attr_name, value, current_time, user_data); + if (status == 0) + num_entries++; ++ ++ xmlFree(attr_name); + } + } + diff --git a/app-admin/collectd/files/collectd-5.7.2-issue-2443.patch b/app-admin/collectd/files/collectd-5.7.2-issue-2443.patch new file mode 100644 index 000000000000..19410c139b0a --- /dev/null +++ b/app-admin/collectd/files/collectd-5.7.2-issue-2443.patch @@ -0,0 +1,160 @@ +turbostat: import msr-index header from linux to allow building against + >=linux-4.12 + +Backport of https://github.com/collectd/collectd/pull/2446 + +--- a/configure.ac ++++ b/configure.ac +@@ -805,28 +805,6 @@ AC_CACHE_CHECK([whether clock_boottime and clock_monotonic are supported], + + + # For the turbostat plugin +-have_asm_msrindex_h="no" +-AC_CHECK_HEADERS(asm/msr-index.h, [have_asm_msrindex_h="yes"]) +- +-if test "x$have_asm_msrindex_h" = "xyes" +-then +- AC_CACHE_CHECK([whether asm/msr-index.h has MSR_PKG_C10_RESIDENCY], +- [c_cv_have_usable_asm_msrindex_h], +- AC_COMPILE_IFELSE([AC_LANG_PROGRAM( +-[[[ +-#include<asm/msr-index.h> +-]]], +-[[[ +-int y = MSR_PKG_C10_RESIDENCY; +-return(y); +-]]] +- )], +- [c_cv_have_usable_asm_msrindex_h="yes"], +- [c_cv_have_usable_asm_msrindex_h="no"], +- ) +- ) +-fi +- + have_cpuid_h="no" + AC_CHECK_HEADERS(cpuid.h, [have_cpuid_h="yes"]) + +@@ -6108,7 +6086,7 @@ then + then + plugin_ipvs="yes" + fi +- if test "x$c_cv_have_usable_asm_msrindex_h" = "xyes" && test "x$have_cpuid_h" = "xyes" ++ if test "x$have_cpuid_h" = "xyes" + then + plugin_turbostat="yes" + fi +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -1212,7 +1212,9 @@ endif + + if BUILD_PLUGIN_TURBOSTAT + pkglib_LTLIBRARIES += turbostat.la +-turbostat_la_SOURCES = turbostat.c ++turbostat_la_SOURCES = \ ++ turbostat.c \ ++ msr-index.h + turbostat_la_LDFLAGS = $(PLUGIN_LDFLAGS) + endif + +--- /dev/null ++++ b/src/msr-index.h +@@ -0,0 +1,88 @@ ++/* ++ * Partial header file imported from the linux kernel ++ * (arch/x86/include/asm/msr-index.h) ++ * as it is not provided by the kernel sources anymore ++ * ++ * Only the minimal blocks of macro have been included ++ * ---- ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms and conditions of the GNU General Public License, ++ * version 2, as published by the Free Software Foundation. ++ * ++ * This program is distributed in the hope it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for ++ * more details. ++ * ++ * You should have received a copy of the GNU General Public License along with ++ * this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. ++ * ---- ++ */ ++ ++#ifndef _ASM_X86_MSR_INDEX_H ++#define _ASM_X86_MSR_INDEX_H ++ ++/* ++ * CPU model specific register (MSR) numbers. ++ * ++ * Do not add new entries to this file unless the definitions are shared ++ * between multiple compilation units. ++ */ ++ ++/* Intel MSRs. Some also available on other CPUs */ ++ ++/* C-state Residency Counters */ ++#define MSR_PKG_C3_RESIDENCY 0x000003f8 ++#define MSR_PKG_C6_RESIDENCY 0x000003f9 ++#define MSR_ATOM_PKG_C6_RESIDENCY 0x000003fa ++#define MSR_PKG_C7_RESIDENCY 0x000003fa ++#define MSR_CORE_C3_RESIDENCY 0x000003fc ++#define MSR_CORE_C6_RESIDENCY 0x000003fd ++#define MSR_CORE_C7_RESIDENCY 0x000003fe ++#define MSR_KNL_CORE_C6_RESIDENCY 0x000003ff ++#define MSR_PKG_C2_RESIDENCY 0x0000060d ++#define MSR_PKG_C8_RESIDENCY 0x00000630 ++#define MSR_PKG_C9_RESIDENCY 0x00000631 ++#define MSR_PKG_C10_RESIDENCY 0x00000632 ++ ++/* Run Time Average Power Limiting (RAPL) Interface */ ++ ++#define MSR_RAPL_POWER_UNIT 0x00000606 ++ ++#define MSR_PKG_POWER_LIMIT 0x00000610 ++#define MSR_PKG_ENERGY_STATUS 0x00000611 ++#define MSR_PKG_PERF_STATUS 0x00000613 ++#define MSR_PKG_POWER_INFO 0x00000614 ++ ++#define MSR_DRAM_POWER_LIMIT 0x00000618 ++#define MSR_DRAM_ENERGY_STATUS 0x00000619 ++#define MSR_DRAM_PERF_STATUS 0x0000061b ++#define MSR_DRAM_POWER_INFO 0x0000061c ++ ++#define MSR_PP0_POWER_LIMIT 0x00000638 ++#define MSR_PP0_ENERGY_STATUS 0x00000639 ++#define MSR_PP0_POLICY 0x0000063a ++#define MSR_PP0_PERF_STATUS 0x0000063b ++ ++#define MSR_PP1_POWER_LIMIT 0x00000640 ++#define MSR_PP1_ENERGY_STATUS 0x00000641 ++#define MSR_PP1_POLICY 0x00000642 ++ ++ ++ ++/* Intel defined MSRs. */ ++#define MSR_IA32_TSC 0x00000010 ++#define MSR_SMI_COUNT 0x00000034 ++ ++#define MSR_IA32_MPERF 0x000000e7 ++#define MSR_IA32_APERF 0x000000e8 ++ ++#define MSR_IA32_THERM_STATUS 0x0000019c ++ ++#define MSR_IA32_TEMPERATURE_TARGET 0x000001a2 ++ ++#define MSR_IA32_PACKAGE_THERM_STATUS 0x000001b1 ++ ++ ++#endif /* _ASM_X86_MSR_INDEX_H */ +--- a/src/turbostat.c ++++ b/src/turbostat.c +@@ -41,7 +41,7 @@ + #include "plugin.h" + #include "utils_time.h" + +-#include <asm/msr-index.h> ++#include "msr-index.h" + #include <cpuid.h> + #ifdef HAVE_SYS_CAPABILITY_H + #include <sys/capability.h> diff --git a/app-admin/collectd/files/collectd.confd-r1 b/app-admin/collectd/files/collectd.confd-r1 new file mode 100644 index 000000000000..1ad78f839d8a --- /dev/null +++ b/app-admin/collectd/files/collectd.confd-r1 @@ -0,0 +1,45 @@ +# Distributed under the terms of the GNU General Public License v2 + +# Nice value used to launch collectd, to change priority of the process. As +# you usually we want to run it in background, a default of 5 is used. +# +#COLLECTD_NICELEVEL=5 + +# Location of configuration file. Modify if you don't like the standard +# one. +# +#COLLECTD_CONFIGFILE="/etc/collectd.conf" + +# File used to store the PID file. Usually you won't need to touch it. +# +#COLLECTD_PIDFILE="/run/collectd/collectd.pid" + +# User to run collectd as (default is collectd, change to root or give +# collectd user appropriate privileges if you use one of the plugins that +# require it, as e.g. ping or iptables plugins) +# +#COLLECTD_USER="collectd" + +# The group is only important if you are using collectd's UNIX socket +# in the default location (/run/collectd) because we will chown the +# default location to COLLECTD_USER:COLLECTD_GROUP. The default value +# is "collectd". +#COLLECTD_GROUP="collectd" + +# You can use this configuration option to pass additional options to the +# start-stop-daemon, see start-stop-daemon(8) for more details. +# Per default we wait 1000ms after we have started the service to ensure +# that the daemon is really up and running. +#COLLECTD_SSDARGS="--wait 1000" + +# The termination timeout (start-stop-daemon parameter "retry") ensures +# that the service will be terminated within a given time (25 + 5 seconds +# per default) when you are stopping the service. +#COLLECTD_TERMTIMEOUT="TERM/25/KILL/5" + +# Options to collectd +# See collectd(8) for more details +# Notes: +# * Do not specify another PIDFILE but use the variable above to change the location +# * Do not specify another CONFIGFILE but use the variable above to change the location +#COLLECTD_OPTS="" diff --git a/app-admin/collectd/files/collectd.initd-r1 b/app-admin/collectd/files/collectd.initd-r1 new file mode 100644 index 000000000000..e65f85a7bcbf --- /dev/null +++ b/app-admin/collectd/files/collectd.initd-r1 @@ -0,0 +1,78 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +COLLECTD_CONFIGFILE=${COLLECTD_CONFIGFILE:-"/etc/collectd.conf"} +COLLECTD_PIDFILE=${COLLECTD_PIDFILE:-"/run/collectd/collectd.pid"} +COLLECTD_NICELEVEL=${COLLECTD_NICELEVEL:-5} +COLLECTD_USER=${COLLECTD_USER:-"collectd"} +COLLECTD_GROUP=${COLLECTD_GROUP:-"collectd"} +COLLECTD_SSDARGS=${COLLECTD_SSDARGS:-"--wait 1000"} +COLLECTD_TERMTIMEOUT=${COLLECTD_TERMTIMEOUT:-"TERM/25/KILL/5"} +COLLECTD_OPTS=${COLLECTD_OPTS:-""} + +command="/usr/sbin/collectd" +command_args="${COLLECTD_OPTS} -C \"${COLLECTD_CONFIGFILE}\" -P \"${COLLECTD_PIDFILE}\"" +start_stop_daemon_args="${COLLECTD_SSDARGS} --nice ${COLLECTD_NICELEVEL} --user ${COLLECTD_USER}:${COLLECTD_GROUP}" +pidfile="${COLLECTD_PIDFILE}" +retry="${COLLECTD_TERMTIMEOUT}" + +extra_commands="configtest" +description_configtest="Run collectd's internal config check." + +required_files="\"${COLLECTD_CONFIGFILE}\"" + +depend() { + use dns +} + +_checkconfig() { + if [ $(sed '/^$\|^#/d' "${COLLECTD_CONFIGFILE}" | grep 'LoadPlugin[[:space:]]\+oracle' | wc -l) -ge 1 ] ; then + if [ -e /etc/env.d/50oracle-instantclient-basic ] ; then + . /etc/env.d/50oracle-instantclient-basic + export ORACLE_HOME + export TNS_ADMIN + else + ewarn "Unable to set Oracle environment, Oracle plugin wont work" + fi + fi + + local test_command="${command} -t -C \"${COLLECTD_CONFIGFILE}\"" + + eval ${test_command} 1>/dev/null 2>&1 + ret=$? + if [ $ret -ne 0 ]; then + eerror "${SVCNAME} has detected an error in your configuration:" + eval ${test_command} + fi + + return $ret +} + +configtest() { + ebegin "Checking ${SVCNAME} configuration" + _checkconfig + eend $? +} + +start_pre() { + if [ "${RC_CMD}" != "restart" ]; then + configtest || return 1 + fi + + checkpath --directory --mode 0770 --owner ${COLLECTD_USER}:${COLLECTD_GROUP} "$(dirname "${COLLECTD_PIDFILE}")" +} + +stop_pre() { + if [ "${RC_CMD}" = "restart" ]; then + configtest || return 1 + fi +} + +stop_post() { + if [ -f "${COLLECTD_PIDFILE}" ]; then + vebegin "Removing stale PID file" + rm --force "${COLLECTD_PIDFILE}" + veend $? + fi +} diff --git a/app-admin/collectd/files/collectd.logrotate b/app-admin/collectd/files/collectd.logrotate new file mode 100644 index 000000000000..5d344f6208f1 --- /dev/null +++ b/app-admin/collectd/files/collectd.logrotate @@ -0,0 +1,9 @@ +# +# /etc/logrotate.d/collectd +# +/var/log/collectd.log { + daily + rotate 5 + notifempty + missingok +} |