/[smecontribs]/rpms/smeserver-cacti/contribs10/smeserver-cacti-1.1.19-sme10.patch
ViewVC logotype

Annotation of /rpms/smeserver-cacti/contribs10/smeserver-cacti-1.1.19-sme10.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.4 - (hide annotations) (download)
Wed Jul 27 19:00:37 2022 UTC (2 years, 4 months ago) by jpp
Branch: MAIN
Changes since 1.3: +566 -0 lines
* Mon Jul 25 2022 Jean-Philippe Pialasse <tests@pialasse.com> 1.1.19-2.sme
- update httpd 2.4 to syntax [SME: 12039]
- initial import to SME10 [SME: 11307]
  cacti-1.2.21
  dedicated php-fpm pool 74
  update event
  ldap available
  auto install install_cacti.php --accept-eula --install
- fix sql init [SME: 10972]

* Wed Dec 11 2019 Jean-Philipe Pialasse <tests@pialasse.com> 1.1.19-1.sme
- update to cacti-1.1.19 [SME: 8434]

1 jpp 1.1 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/createlinks smeserver-cacti-1.1.19/createlinks
2     --- smeserver-cacti-1.1.19.old/createlinks 2014-06-16 11:53:01.000000000 -0400
3 jpp 1.2 +++ smeserver-cacti-1.1.19/createlinks 2022-07-26 00:15:21.267000000 -0400
4 jpp 1.1 @@ -5,6 +5,7 @@
5     for my $event (qw(
6     post-upgrade
7     bootstrap-console-save
8     + console-save
9     ))
10     {
11     templates2events("/etc/cacti/db.php", $event);
12     @@ -22,3 +23,26 @@
13     }
14    
15     templates2events("/etc/e-smith/sql/init/80cacti", "post-upgrade");
16     +
17     +my $event="smeserver-cacti-update";
18     +event_templates($event, qw(
19     + /etc/cacti/db.php
20     + /etc/httpd/conf/httpd.conf
21     + /etc/crontab
22     + /etc/opt/remi/php74/php-fpm.d/www.conf
23     + /etc/e-smith/sql/init/80cacti
24     +));
25     +
26 jpp 1.2 +event_services($event,
27     + 'crond' => 'restart',
28     + 'mysql.init' => 'restart',
29     + 'httpd-e-smith' => 'sigusr1',
30     + 'php74-php-fpm' => 'reload-or-restart'
31     +);
32 jpp 1.1 +
33     +#backup ?
34     +#use esmith::Build::Backup qw(:all);
35     +#backup_includes("smeserver-cacti", qw(
36     +#
37     +#));
38     +
39 jpp 1.3 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti
40     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti 1969-12-31 19:00:00.000000000 -0500
41     +++ smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti 2022-07-26 00:51:52.311000000 -0400
42     @@ -0,0 +1,45 @@
43     +{
44     + use MIME::Base64 qw(encode_base64);
45     +
46     + my $service;
47     + my $rec;
48     + my $pw;
49     +
50     + # Store the cacti password in the configuration database (if not already there)
51     + $service = 'cacti';
52     +
53     + $rec = $DB->get($service) || $DB->new_record($service, {type => 'service'});
54     +
55     + $pw = $rec->prop('DbPassword');
56     +
57     +
58     + if (! $pw)
59     + {
60     +
61     + if ( open( RANDOM, "/dev/urandom" ) )
62     + {
63     + my $buf;
64     + # 57 bytes is a full line of Base64 coding, and contains
65     + # 456 bits of randomness - given a perfectly random /dev/random
66     + if ( read( RANDOM, $buf, 57 ) != 57 )
67     + {
68     + warn("Short read from /dev/random: $!");
69     + }
70     + else
71     + {
72     + $pw = encode_base64($buf);
73     + chomp $pw;
74     + }
75     + close RANDOM;
76     + }
77     + else
78     + {
79     + warn "Could not open /dev/urandom: $!";
80     + }
81     +
82     + $rec->set_prop('DbPassword', $pw);
83     + }
84     +
85     +
86     +
87     +}
88 jpp 1.2 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti
89     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti 2019-12-11 14:46:28.000000000 -0500
90 jpp 1.3 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti 2022-07-26 00:48:18.028000000 -0400
91     @@ -1,9 +1,9 @@
92     {
93     - my $db = $cacti{DbName} || 'cacti_sme';
94     + my $db = $cacti{DbDatabase} || 'cacti_sme';
95 jpp 1.2 my $user = $cacti{DbUser} || 'cacti';
96     my $pass = $cacti{DbPassword} || 'changeme';
97     $OUT .= <<END
98     -#! /bin/sh
99     +#!/bin/bash
100     if [ -d /var/lib/mysql/$db ]; then
101     exit
102     fi
103 jpp 1.3 @@ -13,10 +13,10 @@
104     use mysql;
105     GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
106     IDENTIFIED BY '$pass';
107     - GRANT SELECT ON `mysql`.`time_zone_name` TO '$user'@'localhost';
108     + GRANT SELECT ON mysql.time_zone_name TO '$user'@'localhost';
109     flush privileges;
110     EOF
111 jpp 1.2 /usr/bin/mysql_tzinfo_to_sql /usr/share/zoneinfo/ 2>/dev/null |/usr/bin/mysql mysql
112     /usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
113     END
114     -}
115     \ Pas de fin de ligne à la fin du fichier
116     +}
117 jpp 1.1 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti
118     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti 2014-06-16 11:53:00.000000000 -0400
119 jpp 1.2 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti 2022-07-26 00:30:15.300000000 -0400
120 jpp 1.1 @@ -5,32 +5,19 @@
121     SSLRequireSSL
122     Options -Indexes
123     AllowOverride None
124     - order deny,allow
125     - deny from all
126     -
127     -{
128     - my $cactiaxs = $cacti{'access'} || "private";
129     - if ($cactiaxs eq "private")
130     - {
131     - $OUT .= " allow from $localAccess $externalSSLAccess";
132     - } else {
133     - $OUT .= " allow from all";
134     - }
135     -}
136     - Satisfy all
137     - AddType application/x-httpd-php .php .php3
138     - php_flag magic_quotes_gpc on
139     - php_flag track_vars on
140     + Require { (($cacti{'access'} ||"private") eq "public") ? "all granted" : "ip $localAccess $externalSSLAccess"; }
141     + AddType application/x-httpd-php .php
142 jpp 1.2 + <FilesMatch \.php$ >
143 jpp 1.1 + SetHandler "proxy:unix:/var/run/php-fpm/php74-cacti.sock|fcgi://localhost"
144     + </FilesMatch>
145     </Directory>
146    
147    
148    
149     <Directory /usr/share/cacti/log>
150     - Order deny,allow
151     - Deny from all
152     + Require all denied
153     </Directory>
154     <Directory /usr/share/cacti/rra>
155     - Order deny,allow
156     - Deny from all
157     + Require all denied
158     </Directory>
159    
160     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti
161     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 1969-12-31 19:00:00.000000000 -0500
162     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 2022-07-26 00:03:45.335000000 -0400
163     @@ -0,0 +1,68 @@
164     +{
165     +
166     +if ($PHP_VERSION eq '74'){
167     + if (($cacti{'status'} || 'disabled') eq 'enabled'){
168     + my $max_upload_size = ($cacti{MaxUploadSize} || '4096');
169     + $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
170     + my $memory_limit = ($cacti{MemoryLimit} || '512M');
171     + $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
172     + my $open_basedir= $cacti{PHPBaseDir} || '';
173     + $open_basedir = "/usr/share/cacti:/var/lib/cacti:/var/log/cacti.log:/var/lib/php/cacti:/home/e-smith/files/cacti:/dev/urandom:/proc/meminfo:$open_basedir";
174     + my $id = 'cacti';
175     + my $max_children = $cacti{'PHPmaxChildren'} || 20;
176     + my $min_spare_servers = $cacti{'PHPminServers'} || 4;
177     + my $start_servers = $cacti{'PHPstartServers'} || 6;
178     + my $max_spare_servers = $cacti{'PHPmaxServers'} || 8;
179     + my $max_requests = $cacti{'PHPmaxRequests'} || 1000;
180     + $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
181     + $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 + $min_spare_servers/2 ) : $start_servers;
182     +
183     + $OUT .=<<_EOF;
184     +
185     +[php$PHP_VERSION-$id]
186     +user = www
187     +group = www
188     +listen.owner = root
189     +listen.group = www
190     +listen.mode = 0660
191     +listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
192     +pm = dynamic
193     +pm.max_children = $max_children
194     +pm.start_servers = $start_servers
195     +pm.min_spare_servers = $min_spare_servers
196     +pm.max_spare_servers = $max_spare_servers
197     +pm.max_requests = $max_requests
198     +php_admin_value[session.save_path] = /var/lib/php/$id/session
199     +php_admin_value[session.gc_maxlifetime] = 86400
200     +php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
201     +php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
202     +php_admin_value[error_log] = /var/log/php/$id/error.log
203     +slowlog = /var/log/php/cacti/slow.log
204     +php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
205     +php_admin_flag[display_errors] = off
206     +php_admin_flag[log_errors] = on
207     +php_admin_value[error_log] = syslog
208     +php_admin_value[memory_limit] = $memory_limit
209     +php_admin_value[max_execution_time] = 3600
210     +php_admin_value[post_max_size] = $max_upload_size
211     +php_admin_value[upload_max_filesize] = $max_upload_size
212     +php_admin_value[disable_functions] = system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
213     +php_admin_value[open_basedir] = $open_basedir
214     +php_admin_flag[allow_url_fopen] = on
215     +php_admin_flag[file_upload] = on
216     +php_admin_flag[session.cookie_httponly] = on
217     +php_admin_flag[allow_url_include] = off
218     +php_admin_value[session.save_handler] = files
219     +php_admin_flag[output_buffering] = off
220     +
221     +_EOF
222     +
223     + }
224     + else{
225     + $OUT .= '; Nextcloud is disabled';
226     + }
227     +}
228     +}
229     +
230     +
231     +
232 jpp 1.3 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php
233     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php 2014-06-16 11:53:01.000000000 -0400
234     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php 2022-07-26 00:44:20.988000000 -0400
235     @@ -1,3 +1,3 @@
236     -UID="cacti"
237     +UID="root"
238     GID="www"
239     PERMS=0640
240 jpp 1.4 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/createlinks smeserver-cacti-1.1.19/createlinks
241     --- smeserver-cacti-1.1.19.old/createlinks 2014-06-16 11:53:01.000000000 -0400
242     +++ smeserver-cacti-1.1.19/createlinks 2022-07-27 14:55:50.939000000 -0400
243     @@ -5,6 +5,7 @@
244     for my $event (qw(
245     post-upgrade
246     bootstrap-console-save
247     + console-save
248     ))
249     {
250     templates2events("/etc/cacti/db.php", $event);
251     @@ -22,3 +23,32 @@
252     }
253    
254     templates2events("/etc/e-smith/sql/init/80cacti", "post-upgrade");
255     +
256     +my $event="smeserver-cacti-update";
257     +event_templates($event, qw(
258     + /etc/cacti/db.php
259     + /etc/httpd/conf/httpd.conf
260     + /etc/crontab
261     + /etc/opt/remi/php74/php-fpm.d/www.conf
262     + /etc/e-smith/sql/init/80cacti
263     +));
264     +
265     +event_services($event,
266     + 'crond' => 'restart',
267     + 'mysql.init' => 'restart',
268     + 'httpd-e-smith' => 'sigusr1',
269     + 'php74-php-fpm' => 'reload-or-restart'
270     +);
271     +
272     +event_actions($event,
273     +'cacti-conf' => '50',
274     +'cacti-ldap' => '95'
275     +);
276     +
277     +
278     +#backup ?
279     +#use esmith::Build::Backup qw(:all);
280     +#backup_includes("smeserver-cacti", qw(
281     +#
282     +#));
283     +
284     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti
285     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti 1969-12-31 19:00:00.000000000 -0500
286     +++ smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti 2022-07-27 14:46:58.425000000 -0400
287     @@ -0,0 +1,72 @@
288     +{
289     + use MIME::Base64 qw(encode_base64);
290     +
291     + my $service;
292     + my $rec;
293     + my $pw;
294     +
295     + # Store the cacti password in the configuration database (if not already there)
296     + $service = 'cacti';
297     +
298     + $rec = $DB->get($service) || $DB->new_record($service, {type => 'service'});
299     +
300     + $pw = $rec->prop('DbPassword');
301     +
302     +
303     + if (! $pw)
304     + {
305     +
306     + if ( open( RANDOM, "/dev/urandom" ) )
307     + {
308     + my $buf;
309     + # 57 bytes is a full line of Base64 coding, and contains
310     + # 456 bits of randomness - given a perfectly random /dev/random
311     + if ( read( RANDOM, $buf, 57 ) != 57 )
312     + {
313     + warn("Short read from /dev/random: $!");
314     + }
315     + else
316     + {
317     + $pw = encode_base64($buf);
318     + chomp $pw;
319     + }
320     + close RANDOM;
321     + }
322     + else
323     + {
324     + warn "Could not open /dev/urandom: $!";
325     + }
326     +
327     + $rec->set_prop('DbPassword', $pw);
328     + }
329     + $pwa = $rec->prop('AdminPassword');
330     + if (! $pwa)
331     + {
332     +
333     + if ( open( RANDOM, "/dev/urandom" ) )
334     + {
335     + my $buf;
336     + # 57 bytes is a full line of Base64 coding, and contains
337     + # 456 bits of randomness - given a perfectly random /dev/random
338     + if ( read( RANDOM, $buf, 15 ) != 15 )
339     + {
340     + warn("Short read from /dev/random: $!");
341     + }
342     + else
343     + {
344     + $pwa = encode_base64($buf);
345     + chomp $pwa;
346     + }
347     + close RANDOM;
348     + }
349     + else
350     + {
351     + warn "Could not open /dev/urandom: $!";
352     + }
353     +
354     + $rec->set_prop('AdminPassword', $pwa);
355     + }
356     +
357     +
358     +
359     +}
360     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-conf smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-conf
361     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-conf 1969-12-31 19:00:00.000000000 -0500
362     +++ smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-conf 2022-07-27 14:46:58.891000000 -0400
363     @@ -0,0 +1,16 @@
364     +#!/bin/bash
365     +
366     +#easy configuration of what is needed for cacti to work correctly
367     +something=0;
368     +psomething=0;
369     +#check if something already set, if not let's do it
370     +
371     +/sbin/e-smith/config getprop mariadb TmpTableSize 1>/dev/null || ( config setprop mariadb TmpTableSize 32M ; echo "setting mariadb TmpTableSize 32M" ; something=1)
372     +/sbin/e-smith/config getprop mariadb MaxHeapTableSize 1>/dev/null || ( config setprop mariadb MaxHeapTableSize 32M ; echo "setting mariadb MaxHeapTableSize 32M" ; something=1)
373     +/sbin/e-smith/config getprop mariadb JoinBufferSize 1>/dev/null || ( config setprop mariadb JoinBufferSize 62M ; echo "setting mariadb JoinBufferSize 62M" ; something=1)
374     +
375     +#/sbin/e-smith/config getprop php74 MemoryLimit 1>/dev/null || ( config setprop php74 MemoryLimit 800M ; echo "setting php74 memory_limit 800M" ; psomething=1)
376     +# install detect cli for php not php74 even if $php_path is set
377     +
378     +[ $something == 1 ] && /usr/sbin/e-smith/expand-template /etc/my.cnf && /usr/bin/systemctl restart mariadb.service
379     +#[ $psomething == 1 ] && /usr/sbin/e-smith/expand-template /etc/opt/remi/php74/php.ini && /usr/bin/systemctl restart php74-php-fpm.service
380     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-ldap smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-ldap
381     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-ldap 1969-12-31 19:00:00.000000000 -0500
382     +++ smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-ldap 2022-07-27 14:46:58.663000000 -0400
383     @@ -0,0 +1,44 @@
384     +#!/bin/bash
385     +
386     +#use esmith::ConfigDB;
387     +#use esmith::util;
388     +#my $cdb = esmith::ConfigDB->open_ro();
389     +#my $domain = $cdb->get_value('DomainName');
390     +#my $baseDN = esmith::util::ldapBase($cdb->get_value('DomainName'));
391     +#print $baseDN . "\n";
392     +
393     +db=$(config getprop cacti DbDatabase || echo 'cacti_sme');
394     +user=$(config getprop cacti DbUser || echo 'cacti');
395     +pass=$(config getprop cacti DbPassword || echo 'changeme');
396     +adminpass=$(config getprop cacti AdminPassword || echo 'changeme');
397     +domain=$(config get DomainName)
398     +DN=$(perl -Mesmith::util -e "print esmith::util::ldapBase(\"$domain\");")
399     +
400     +
401     +# set ldap auth with optional group
402     +#ldap_group_require 'on' or ''
403     +# then set our admin password
404     +/usr/bin/mysql <<EOF
405     +UPDATE ${db}.settings SET value='memberUid' WHERE name='ldap_group_attrib';
406     +UPDATE ${db}.settings SET value='uid=cactigroup,ou=Groups,$DN' WHERE name='ldap_group_dn';
407     +
408     +UPDATE ${db}.settings SET value='0' WHERE name='ldap_tls_certificate';
409     +UPDATE ${db}.settings SET value='3' WHERE name='ldap_version';
410     +UPDATE ${db}.settings SET value='localhost' WHERE name='ldap_server';
411     +UPDATE ${db}.settings SET value='objectClass=inetOrgPerson' WHERE name='ldap_search_filter';
412     +UPDATE ${db}.settings SET value='ou=Users,$DN' WHERE name='ldap_search_base';
413     +UPDATE ${db}.settings SET value='0' WHERE name='ldap_referrals';
414     +UPDATE ${db}.settings SET value='636' WHERE name='ldap_port_ssl';
415     +UPDATE ${db}.settings SET value='389' WHERE name='ldap_port';
416     +UPDATE ${db}.settings SET value='0' WHERE name='ldap_mode';
417     +UPDATE ${db}.settings SET value='0' WHERE name='ldap_encryption';
418     +UPDATE ${db}.settings SET value='uid=<username>,ou=Users,$DN' WHERE name='ldap_dn';
419     +UPDATE ${db}.settings SET value='3' WHERE name='auth_method';
420     +UPDATE ${db}.settings SET value='cn' WHERE name='cn_full_name';
421     +UPDATE ${db}.settings SET value='mail' WHERE name='cn_email';
422     +
423     +
424     +# set password of admin
425     +UPDATE ${db}.user_auth SET email_address='admin@${domain}', must_change_password='',password=md5('$adminpass'), enabled='on' WHERE username='admin' and id='1';
426     +EOF
427     +
428     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/10DB smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/10DB
429     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/10DB 1969-12-31 19:00:00.000000000 -0500
430     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/10DB 2022-07-27 14:46:55.823000000 -0400
431     @@ -0,0 +1,54 @@
432     +<?php
433     +/*
434     + +-------------------------------------------------------------------------+
435     + | Copyright (C) 2004 Ian Berry |
436     + | |
437     + | This program is free software; you can redistribute it and/or |
438     + | modify it under the terms of the GNU General Public License |
439     + | as published by the Free Software Foundation; either version 2 |
440     + | of the License, or (at your option) any later version. |
441     + | |
442     + | This program is distributed in the hope that it will be useful, |
443     + | but WITHOUT ANY WARRANTY; without even the implied warranty of |
444     + | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
445     + | GNU General Public License for more details. |
446     + +-------------------------------------------------------------------------+
447     + | cacti: a php-based graphing solution |
448     + +-------------------------------------------------------------------------+
449     + | Most of this code has been designed, written and is maintained by |
450     + | Ian Berry. See about.php for specific developer credit. Any questions |
451     + | or comments regarding this code should be directed to: |
452     + | - iberry@raxnet.net |
453     + +-------------------------------------------------------------------------+
454     + | - raXnet - http://www.raxnet.net/ |
455     + +-------------------------------------------------------------------------+
456     +*/
457     +
458     +/* make sure these values refect your actual database/host/user/password */
459     +$database_type = "mysql";
460     +$database_default = "{$cacti{'DbDatabase'}}";
461     +$database_hostname = "localhost";
462     +$database_username = "{$cacti{'DbUser'}}";
463     +$database_password = "{$cacti{'DbPassword'}}";
464     +$database_port = "3306";
465     +
466     +/*
467     + * Server is a remote poller, then these entries point to
468     + * the main cacti server. Otherwise, these variables have no use and
469     + * must remain commented out.
470     + */
471     +
472     +#$rdatabase_type = 'myql';
473     +#$rdatabase_default = 'cacti';
474     +#$rdatabase_hostname = 'localhost';
475     +#$rdatabase_username = 'cactiuser';
476     +#$rdatabase_password = 'cactiuser';
477     +#$rdatabase_port = '3306';
478     +#$rdatabase_retries = 5;
479     +#$rdatabase_ssl = false;
480     +#$rdatabase_ssl_key = '';
481     +#$rdatabase_ssl_cert = '';
482     +#$rdatabase_ssl_ca = '';
483     +
484     +
485     +
486     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id
487     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id 1969-12-31 19:00:00.000000000 -0500
488     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id 2022-07-27 14:46:56.040000000 -0400
489     @@ -0,0 +1,7 @@
490     +/*
491     + * The poller_id of this system. set to `1` for the main cacti web server.
492     + * Otherwise, you this value should be the poller_id for the remote poller.
493     + */
494     +
495     +$poller_id = 1;
496     +
497     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath
498     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath 1969-12-31 19:00:00.000000000 -0500
499     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath 2022-07-27 14:46:56.287000000 -0400
500     @@ -0,0 +1,9 @@
501     +/*
502     + * Set the $url_path to point to the default URL of your cacti install.
503     + * For exmaple if your cacti install as at `https://serverip/cacti/` this
504     + * would be set to `/cacti/`.
505     + */
506     +
507     +$url_path = '/cacti/';
508     +
509     +
510     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/25session smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/25session
511     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/25session 1969-12-31 19:00:00.000000000 -0500
512     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/25session 2022-07-27 14:46:56.522000000 -0400
513     @@ -0,0 +1,19 @@
514     +/*
515     + * Default session name - session name must contain alpha characters
516     + */
517     +
518     +$cacti_session_name = 'Cacti';
519     +
520     +/*
521     + * Default Cookie domain - The cookie domain to be used for Cacti
522     + */
523     +
524     +//$cacti_cookie_domain = 'cacti.net';
525     +
526     +/*
527     + * Save sessions to a database for load balancing
528     + */
529     +
530     +$cacti_db_session = false;
531     +
532     +
533     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/30log smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/30log
534     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/30log 1969-12-31 19:00:00.000000000 -0500
535     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/30log 2022-07-27 14:46:56.771000000 -0400
536     @@ -0,0 +1,6 @@
537     +/*
538     + * Disable log rotation settings for packagers
539     + */
540     +
541     +$disable_log_rotation = true;
542     +
543     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/40input smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/40input
544     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/40input 1969-12-31 19:00:00.000000000 -0500
545     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/40input 2022-07-27 14:46:57.012000000 -0400
546     @@ -0,0 +1,18 @@
547     +/*
548     + * Optional parameters to define scripts and resource paths. These
549     + * variables become important when using remote poller installs when the
550     + * scripts and resource files are not in the main Cacti web server path.
551     + */
552     +
553     +//$scripts_path = '/var/www/html/cacti/scripts';
554     +//$resource_path = '/var/www/html/cacti/resource/';
555     +
556     +/*
557     + * Optional parameter to define a data input whitelist command string. This
558     + * whitelist file will help protect cacti from unauthorized changes to Cacti
559     + * data input command string.
560     + */
561     +
562     +//$input_whitelist = '/usr/local/etc/cacti/input_whitelist.json';
563     +
564     +
565     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/50php smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/50php
566     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/50php 1969-12-31 19:00:00.000000000 -0500
567     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/50php 2022-07-27 14:46:57.268000000 -0400
568     @@ -0,0 +1,6 @@
569     +/*
570     + * Optional parameter to give explicit path to PHP
571     + */
572     +$php_path = '/usr/bin/php74';
573     +
574     +
575     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/60snmp smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/60snmp
576     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/60snmp 1969-12-31 19:00:00.000000000 -0500
577     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/60snmp 2022-07-27 14:46:57.504000000 -0400
578     @@ -0,0 +1,8 @@
579     +/*
580     + * Optional parameter to disable the PHP SNMP extension. If not set, defaults
581     + * to class_exists('SNMP').
582     + */
583     +
584     +//$php_snmp_support = false;
585     +
586     +
587     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/70csrf smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/70csrf
588     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/70csrf 1969-12-31 19:00:00.000000000 -0500
589     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/70csrf 2022-07-27 14:46:57.727000000 -0400
590     @@ -0,0 +1,8 @@
591     +/*
592     + * Optional parameter to define the path of the csrf_secret.php path. This
593     + * variable is for packagers who wish to specify an alternate location of
594     + * the CRSF secret file.
595     + */
596     +
597     +$path_csrf_secret = '/var/lib/cacti/csrf/csrf-secret.php';
598     +
599     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG
600     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG 1969-12-31 19:00:00.000000000 -0500
601     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG 2022-07-27 14:46:57.957000000 -0400
602     @@ -0,0 +1,30 @@
603     +/*
604     + * The following are optional variables for debugging low level system
605     + * functions that are generally only used by Cacti Developers to help
606     + * identify potential issues in commonly used functions
607     + *
608     + * To use them, uncomment and the equivalent field will be set in the
609     + * $config variable allowing for instant on but still allowing the
610     + * ability to fine turn and turn them off.
611     + */
612     +
613     +/*
614     + * Debug the read_config_option program flow
615     + */
616     +# define('DEBUG_READ_CONFIG_OPTION', true);
617     +
618     +/*
619     + * Automatically suppress the DEBUG_READ_CONFIG_OPTION
620     + */
621     +# define('DEBUG_READ_CONFIG_OPTION_DB_OPEN', true);
622     +
623     +/*
624     + * Always write the SQL command to the cacti log file
625     + */
626     +# define('DEBUG_SQL_CMD', true);
627     +
628     +/*
629     + * Debug the flow of calls to the db_xxx functions that
630     + * are defined in lib/database.php
631     + */
632     +# define('DEBUG_SQL_FLOW', true);
633     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/95end smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/95end
634     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/95end 1969-12-31 19:00:00.000000000 -0500
635     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/95end 2022-07-27 14:46:58.190000000 -0400
636     @@ -0,0 +1 @@
637     +?>
638     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti
639     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti 2019-12-11 14:46:28.000000000 -0500
640     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti 2022-07-27 14:46:55.114000000 -0400
641     @@ -1,22 +1,34 @@
642     {
643     - my $db = $cacti{DbName} || 'cacti_sme';
644     + my $db = $cacti{DbDatabase} || 'cacti_sme';
645     my $user = $cacti{DbUser} || 'cacti';
646     my $pass = $cacti{DbPassword} || 'changeme';
647     $OUT .= <<END
648     -#! /bin/sh
649     +#!/bin/bash
650     if [ -d /var/lib/mysql/$db ]; then
651     + /usr/bin/mysql <<EOF
652     + use $db;
653     + use mysql;
654     + ALTER DATABASE $db COLLATE = 'utf8mb4_unicode_ci';
655     + GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
656     + IDENTIFIED BY '$pass';
657     + GRANT SELECT ON mysql.time_zone_name TO '$user'\@'localhost';
658     + flush privileges;
659     +EOF
660     +
661     +
662     exit
663     fi
664     /usr/bin/mysql <<EOF
665     - CREATE DATABASE $db DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
666     + CREATE DATABASE $db DEFAULT CHARACTER SET utf8mb4 COLLATE utf8_unicode_ci;
667     use $db;
668     use mysql;
669     GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
670     IDENTIFIED BY '$pass';
671     - GRANT SELECT ON `mysql`.`time_zone_name` TO '$user'@'localhost';
672     + GRANT SELECT ON mysql.time_zone_name TO '$user'\@'localhost';
673     flush privileges;
674     EOF
675     /usr/bin/mysql_tzinfo_to_sql /usr/share/zoneinfo/ 2>/dev/null |/usr/bin/mysql mysql
676     - /usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
677     + /usr/bin/mysql $db < \$(rpm -ql cacti|grep cacti.sql)
678     + #/usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
679     END
680     -}
681     \ Pas de fin de ligne à la fin du fichier
682     +}
683     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti
684     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti 2014-06-16 11:53:00.000000000 -0400
685     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti 2022-07-26 00:30:15.300000000 -0400
686     @@ -5,32 +5,19 @@
687     SSLRequireSSL
688     Options -Indexes
689     AllowOverride None
690     - order deny,allow
691     - deny from all
692     -
693     -{
694     - my $cactiaxs = $cacti{'access'} || "private";
695     - if ($cactiaxs eq "private")
696     - {
697     - $OUT .= " allow from $localAccess $externalSSLAccess";
698     - } else {
699     - $OUT .= " allow from all";
700     - }
701     -}
702     - Satisfy all
703     - AddType application/x-httpd-php .php .php3
704     - php_flag magic_quotes_gpc on
705     - php_flag track_vars on
706     + Require { (($cacti{'access'} ||"private") eq "public") ? "all granted" : "ip $localAccess $externalSSLAccess"; }
707     + AddType application/x-httpd-php .php
708     + <FilesMatch \.php$ >
709     + SetHandler "proxy:unix:/var/run/php-fpm/php74-cacti.sock|fcgi://localhost"
710     + </FilesMatch>
711     </Directory>
712    
713    
714    
715     <Directory /usr/share/cacti/log>
716     - Order deny,allow
717     - Deny from all
718     + Require all denied
719     </Directory>
720     <Directory /usr/share/cacti/rra>
721     - Order deny,allow
722     - Deny from all
723     + Require all denied
724     </Directory>
725    
726     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti
727     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 1969-12-31 19:00:00.000000000 -0500
728     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 2022-07-27 14:46:55.335000000 -0400
729     @@ -0,0 +1,68 @@
730     +{
731     +
732     +if ($PHP_VERSION eq '74'){
733     + if (($cacti{'status'} || 'disabled') eq 'enabled'){
734     + my $max_upload_size = ($cacti{MaxUploadSize} || '4096');
735     + $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
736     + my $memory_limit = ($cacti{MemoryLimit} || '5555500M');
737     + $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
738     + my $open_basedir= $cacti{PHPBaseDir} || '';
739     + $open_basedir = "/tmp/:/share/:/var/log/cacti:/etc/cacti/db.php:/usr/share/cacti:/var/lib/cacti:/var/log/cacti.log:/var/lib/php/cacti:/home/e-smith/files/cacti:/dev/urandom:/proc/meminfo:$open_basedir";
740     + my $id = 'cacti';
741     + my $max_children = $cacti{'PHPmaxChildren'} || 20;
742     + my $min_spare_servers = $cacti{'PHPminServers'} || 4;
743     + my $start_servers = $cacti{'PHPstartServers'} || 6;
744     + my $max_spare_servers = $cacti{'PHPmaxServers'} || 8;
745     + my $max_requests = $cacti{'PHPmaxRequests'} || 1000;
746     + $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
747     + $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 + $min_spare_servers/2 ) : $start_servers;
748     +
749     + $OUT .=<<_EOF;
750     +
751     +[php$PHP_VERSION-$id]
752     +user = www
753     +group = www
754     +listen.owner = root
755     +listen.group = www
756     +listen.mode = 0660
757     +listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
758     +pm = dynamic
759     +pm.max_children = $max_children
760     +pm.start_servers = $start_servers
761     +pm.min_spare_servers = $min_spare_servers
762     +pm.max_spare_servers = $max_spare_servers
763     +pm.max_requests = $max_requests
764     +php_admin_value[session.save_path] = /var/lib/php/$id/session
765     +php_admin_value[session.gc_maxlifetime] = 86400
766     +;php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
767     +php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
768     +php_admin_value[error_log] = /var/log/php/$id/error.log
769     +slowlog = /var/log/php/cacti/slow.log
770     +php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
771     +php_admin_flag[display_errors] = off
772     +php_admin_flag[log_errors] = on
773     +php_admin_value[error_log] = syslog
774     +php_admin_value[memory_limit] = $memory_limit
775     +php_admin_value[max_execution_time] = 3600
776     +php_admin_value[post_max_size] = $max_upload_size
777     +php_admin_value[upload_max_filesize] = $max_upload_size
778     +;php_admin_value[disable_functions] = system, show_source, symlink, dl, passthru, phpinfo, escapeshellarg, escapeshellcmd
779     +;php_admin_value[open_basedir] = $open_basedir
780     +php_admin_flag[allow_url_fopen] = on
781     +php_admin_flag[file_upload] = on
782     +;php_admin_flag[session.cookie_httponly] = on
783     +;php_admin_flag[allow_url_include] = off
784     +;php_admin_value[session.save_handler] = files
785     +;php_admin_flag[output_buffering] = off
786     +
787     +_EOF
788     +
789     + }
790     + else{
791     + $OUT .= '; Cacti is disabled';
792     + }
793     +}
794     +}
795     +
796     +
797     +
798     diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php
799     --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php 2014-06-16 11:53:01.000000000 -0400
800     +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php 2022-07-26 00:44:20.988000000 -0400
801     @@ -1,3 +1,3 @@
802     -UID="cacti"
803     +UID="root"
804     GID="www"
805     PERMS=0640

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed