/[smecontribs]/rpms/smeserver-cacti/contribs10/smeserver-cacti-1.1.19-sme10.patch
ViewVC logotype

Contents of /rpms/smeserver-cacti/contribs10/smeserver-cacti-1.1.19-sme10.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.6 - (show annotations) (download)
Wed Jul 27 19:14:34 2022 UTC (21 months, 3 weeks ago) by jpp
Branch: MAIN
Changes since 1.5: +0 -87 lines 
* Mon Jul 25 2022 Jean-Philippe Pialasse <tests@pialasse.com> 1.1.19-2.sme
- update httpd 2.4 to syntax [SME: 12039]
- initial import to SME10 [SME: 11307]
  cacti-1.2.21
  dedicated php-fpm pool 74
  update event
  ldap available
  auto install install_cacti.php --accept-eula --install
- fix sql init [SME: 10972]

* Wed Dec 11 2019 Jean-Philipe Pialasse <tests@pialasse.com> 1.1.19-1.sme
- update to cacti-1.1.19 [SME: 8434]
1 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti
2 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 1969-12-31 19:00:00.000000000 -0500
3 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 2022-07-26 00:03:45.335000000 -0400
4 @@ -0,0 +1,68 @@
5 +{
6 +
7 +if ($PHP_VERSION eq '74'){
8 + if (($cacti{'status'} || 'disabled') eq 'enabled'){
9 + my $max_upload_size = ($cacti{MaxUploadSize} || '4096');
10 + $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
11 + my $memory_limit = ($cacti{MemoryLimit} || '512M');
12 + $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
13 + my $open_basedir= $cacti{PHPBaseDir} || '';
14 + $open_basedir = "/usr/share/cacti:/var/lib/cacti:/var/log/cacti.log:/var/lib/php/cacti:/home/e-smith/files/cacti:/dev/urandom:/proc/meminfo:$open_basedir";
15 + my $id = 'cacti';
16 + my $max_children = $cacti{'PHPmaxChildren'} || 20;
17 + my $min_spare_servers = $cacti{'PHPminServers'} || 4;
18 + my $start_servers = $cacti{'PHPstartServers'} || 6;
19 + my $max_spare_servers = $cacti{'PHPmaxServers'} || 8;
20 + my $max_requests = $cacti{'PHPmaxRequests'} || 1000;
21 + $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
22 + $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 + $min_spare_servers/2 ) : $start_servers;
23 +
24 + $OUT .=<<_EOF;
25 +
26 +[php$PHP_VERSION-$id]
27 +user = www
28 +group = www
29 +listen.owner = root
30 +listen.group = www
31 +listen.mode = 0660
32 +listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
33 +pm = dynamic
34 +pm.max_children = $max_children
35 +pm.start_servers = $start_servers
36 +pm.min_spare_servers = $min_spare_servers
37 +pm.max_spare_servers = $max_spare_servers
38 +pm.max_requests = $max_requests
39 +php_admin_value[session.save_path] = /var/lib/php/$id/session
40 +php_admin_value[session.gc_maxlifetime] = 86400
41 +php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
42 +php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
43 +php_admin_value[error_log] = /var/log/php/$id/error.log
44 +slowlog = /var/log/php/cacti/slow.log
45 +php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
46 +php_admin_flag[display_errors] = off
47 +php_admin_flag[log_errors] = on
48 +php_admin_value[error_log] = syslog
49 +php_admin_value[memory_limit] = $memory_limit
50 +php_admin_value[max_execution_time] = 3600
51 +php_admin_value[post_max_size] = $max_upload_size
52 +php_admin_value[upload_max_filesize] = $max_upload_size
53 +php_admin_value[disable_functions] = system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
54 +php_admin_value[open_basedir] = $open_basedir
55 +php_admin_flag[allow_url_fopen] = on
56 +php_admin_flag[file_upload] = on
57 +php_admin_flag[session.cookie_httponly] = on
58 +php_admin_flag[allow_url_include] = off
59 +php_admin_value[session.save_handler] = files
60 +php_admin_flag[output_buffering] = off
61 +
62 +_EOF
63 +
64 + }
65 + else{
66 + $OUT .= '; Nextcloud is disabled';
67 + }
68 +}
69 +}
70 +
71 +
72 +
73 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/createlinks smeserver-cacti-1.1.19/createlinks
74 --- smeserver-cacti-1.1.19.old/createlinks 2014-06-16 11:53:01.000000000 -0400
75 +++ smeserver-cacti-1.1.19/createlinks 2022-07-27 14:55:50.939000000 -0400
76 @@ -5,6 +5,7 @@
77 for my $event (qw(
78 post-upgrade
79 bootstrap-console-save
80 + console-save
81 ))
82 {
83 templates2events("/etc/cacti/db.php", $event);
84 @@ -22,3 +23,32 @@
85 }
86
87 templates2events("/etc/e-smith/sql/init/80cacti", "post-upgrade");
88 +
89 +my $event="smeserver-cacti-update";
90 +event_templates($event, qw(
91 + /etc/cacti/db.php
92 + /etc/httpd/conf/httpd.conf
93 + /etc/crontab
94 + /etc/opt/remi/php74/php-fpm.d/www.conf
95 + /etc/e-smith/sql/init/80cacti
96 +));
97 +
98 +event_services($event,
99 + 'crond' => 'restart',
100 + 'mysql.init' => 'restart',
101 + 'httpd-e-smith' => 'sigusr1',
102 + 'php74-php-fpm' => 'reload-or-restart'
103 +);
104 +
105 +event_actions($event,
106 +'cacti-conf' => '50',
107 +'cacti-ldap' => '95'
108 +);
109 +
110 +
111 +#backup ?
112 +#use esmith::Build::Backup qw(:all);
113 +#backup_includes("smeserver-cacti", qw(
114 +#
115 +#));
116 +
117 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti
118 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti 1969-12-31 19:00:00.000000000 -0500
119 +++ smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti 2022-07-27 14:46:58.425000000 -0400
120 @@ -0,0 +1,72 @@
121 +{
122 + use MIME::Base64 qw(encode_base64);
123 +
124 + my $service;
125 + my $rec;
126 + my $pw;
127 +
128 + # Store the cacti password in the configuration database (if not already there)
129 + $service = 'cacti';
130 +
131 + $rec = $DB->get($service) || $DB->new_record($service, {type => 'service'});
132 +
133 + $pw = $rec->prop('DbPassword');
134 +
135 +
136 + if (! $pw)
137 + {
138 +
139 + if ( open( RANDOM, "/dev/urandom" ) )
140 + {
141 + my $buf;
142 + # 57 bytes is a full line of Base64 coding, and contains
143 + # 456 bits of randomness - given a perfectly random /dev/random
144 + if ( read( RANDOM, $buf, 57 ) != 57 )
145 + {
146 + warn("Short read from /dev/random: $!");
147 + }
148 + else
149 + {
150 + $pw = encode_base64($buf);
151 + chomp $pw;
152 + }
153 + close RANDOM;
154 + }
155 + else
156 + {
157 + warn "Could not open /dev/urandom: $!";
158 + }
159 +
160 + $rec->set_prop('DbPassword', $pw);
161 + }
162 + $pwa = $rec->prop('AdminPassword');
163 + if (! $pwa)
164 + {
165 +
166 + if ( open( RANDOM, "/dev/urandom" ) )
167 + {
168 + my $buf;
169 + # 57 bytes is a full line of Base64 coding, and contains
170 + # 456 bits of randomness - given a perfectly random /dev/random
171 + if ( read( RANDOM, $buf, 15 ) != 15 )
172 + {
173 + warn("Short read from /dev/random: $!");
174 + }
175 + else
176 + {
177 + $pwa = encode_base64($buf);
178 + chomp $pwa;
179 + }
180 + close RANDOM;
181 + }
182 + else
183 + {
184 + warn "Could not open /dev/urandom: $!";
185 + }
186 +
187 + $rec->set_prop('AdminPassword', $pwa);
188 + }
189 +
190 +
191 +
192 +}
193 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-conf smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-conf
194 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-conf 1969-12-31 19:00:00.000000000 -0500
195 +++ smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-conf 2022-07-27 14:46:58.891000000 -0400
196 @@ -0,0 +1,16 @@
197 +#!/bin/bash
198 +
199 +#easy configuration of what is needed for cacti to work correctly
200 +something=0;
201 +psomething=0;
202 +#check if something already set, if not let's do it
203 +
204 +/sbin/e-smith/config getprop mariadb TmpTableSize 1>/dev/null || ( config setprop mariadb TmpTableSize 32M ; echo "setting mariadb TmpTableSize 32M" ; something=1)
205 +/sbin/e-smith/config getprop mariadb MaxHeapTableSize 1>/dev/null || ( config setprop mariadb MaxHeapTableSize 32M ; echo "setting mariadb MaxHeapTableSize 32M" ; something=1)
206 +/sbin/e-smith/config getprop mariadb JoinBufferSize 1>/dev/null || ( config setprop mariadb JoinBufferSize 62M ; echo "setting mariadb JoinBufferSize 62M" ; something=1)
207 +
208 +#/sbin/e-smith/config getprop php74 MemoryLimit 1>/dev/null || ( config setprop php74 MemoryLimit 800M ; echo "setting php74 memory_limit 800M" ; psomething=1)
209 +# install detect cli for php not php74 even if $php_path is set
210 +
211 +[ $something == 1 ] && /usr/sbin/e-smith/expand-template /etc/my.cnf && /usr/bin/systemctl restart mariadb.service
212 +#[ $psomething == 1 ] && /usr/sbin/e-smith/expand-template /etc/opt/remi/php74/php.ini && /usr/bin/systemctl restart php74-php-fpm.service
213 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-ldap smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-ldap
214 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-ldap 1969-12-31 19:00:00.000000000 -0500
215 +++ smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-ldap 2022-07-27 14:46:58.663000000 -0400
216 @@ -0,0 +1,44 @@
217 +#!/bin/bash
218 +
219 +#use esmith::ConfigDB;
220 +#use esmith::util;
221 +#my $cdb = esmith::ConfigDB->open_ro();
222 +#my $domain = $cdb->get_value('DomainName');
223 +#my $baseDN = esmith::util::ldapBase($cdb->get_value('DomainName'));
224 +#print $baseDN . "\n";
225 +
226 +db=$(config getprop cacti DbDatabase || echo 'cacti_sme');
227 +user=$(config getprop cacti DbUser || echo 'cacti');
228 +pass=$(config getprop cacti DbPassword || echo 'changeme');
229 +adminpass=$(config getprop cacti AdminPassword || echo 'changeme');
230 +domain=$(config get DomainName)
231 +DN=$(perl -Mesmith::util -e "print esmith::util::ldapBase(\"$domain\");")
232 +
233 +
234 +# set ldap auth with optional group
235 +#ldap_group_require 'on' or ''
236 +# then set our admin password
237 +/usr/bin/mysql <<EOF
238 +UPDATE ${db}.settings SET value='memberUid' WHERE name='ldap_group_attrib';
239 +UPDATE ${db}.settings SET value='uid=cactigroup,ou=Groups,$DN' WHERE name='ldap_group_dn';
240 +
241 +UPDATE ${db}.settings SET value='0' WHERE name='ldap_tls_certificate';
242 +UPDATE ${db}.settings SET value='3' WHERE name='ldap_version';
243 +UPDATE ${db}.settings SET value='localhost' WHERE name='ldap_server';
244 +UPDATE ${db}.settings SET value='objectClass=inetOrgPerson' WHERE name='ldap_search_filter';
245 +UPDATE ${db}.settings SET value='ou=Users,$DN' WHERE name='ldap_search_base';
246 +UPDATE ${db}.settings SET value='0' WHERE name='ldap_referrals';
247 +UPDATE ${db}.settings SET value='636' WHERE name='ldap_port_ssl';
248 +UPDATE ${db}.settings SET value='389' WHERE name='ldap_port';
249 +UPDATE ${db}.settings SET value='0' WHERE name='ldap_mode';
250 +UPDATE ${db}.settings SET value='0' WHERE name='ldap_encryption';
251 +UPDATE ${db}.settings SET value='uid=<username>,ou=Users,$DN' WHERE name='ldap_dn';
252 +UPDATE ${db}.settings SET value='3' WHERE name='auth_method';
253 +UPDATE ${db}.settings SET value='cn' WHERE name='cn_full_name';
254 +UPDATE ${db}.settings SET value='mail' WHERE name='cn_email';
255 +
256 +
257 +# set password of admin
258 +UPDATE ${db}.user_auth SET email_address='admin@${domain}', must_change_password='',password=md5('$adminpass'), enabled='on' WHERE username='admin' and id='1';
259 +EOF
260 +
261 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/10DB smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/10DB
262 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/10DB 1969-12-31 19:00:00.000000000 -0500
263 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/10DB 2022-07-27 14:46:55.823000000 -0400
264 @@ -0,0 +1,54 @@
265 +<?php
266 +/*
267 + +-------------------------------------------------------------------------+
268 + | Copyright (C) 2004 Ian Berry |
269 + | |
270 + | This program is free software; you can redistribute it and/or |
271 + | modify it under the terms of the GNU General Public License |
272 + | as published by the Free Software Foundation; either version 2 |
273 + | of the License, or (at your option) any later version. |
274 + | |
275 + | This program is distributed in the hope that it will be useful, |
276 + | but WITHOUT ANY WARRANTY; without even the implied warranty of |
277 + | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
278 + | GNU General Public License for more details. |
279 + +-------------------------------------------------------------------------+
280 + | cacti: a php-based graphing solution |
281 + +-------------------------------------------------------------------------+
282 + | Most of this code has been designed, written and is maintained by |
283 + | Ian Berry. See about.php for specific developer credit. Any questions |
284 + | or comments regarding this code should be directed to: |
285 + | - iberry@raxnet.net |
286 + +-------------------------------------------------------------------------+
287 + | - raXnet - http://www.raxnet.net/ |
288 + +-------------------------------------------------------------------------+
289 +*/
290 +
291 +/* make sure these values refect your actual database/host/user/password */
292 +$database_type = "mysql";
293 +$database_default = "{$cacti{'DbDatabase'}}";
294 +$database_hostname = "localhost";
295 +$database_username = "{$cacti{'DbUser'}}";
296 +$database_password = "{$cacti{'DbPassword'}}";
297 +$database_port = "3306";
298 +
299 +/*
300 + * Server is a remote poller, then these entries point to
301 + * the main cacti server. Otherwise, these variables have no use and
302 + * must remain commented out.
303 + */
304 +
305 +#$rdatabase_type = 'myql';
306 +#$rdatabase_default = 'cacti';
307 +#$rdatabase_hostname = 'localhost';
308 +#$rdatabase_username = 'cactiuser';
309 +#$rdatabase_password = 'cactiuser';
310 +#$rdatabase_port = '3306';
311 +#$rdatabase_retries = 5;
312 +#$rdatabase_ssl = false;
313 +#$rdatabase_ssl_key = '';
314 +#$rdatabase_ssl_cert = '';
315 +#$rdatabase_ssl_ca = '';
316 +
317 +
318 +
319 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id
320 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id 1969-12-31 19:00:00.000000000 -0500
321 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id 2022-07-27 14:46:56.040000000 -0400
322 @@ -0,0 +1,7 @@
323 +/*
324 + * The poller_id of this system. set to `1` for the main cacti web server.
325 + * Otherwise, you this value should be the poller_id for the remote poller.
326 + */
327 +
328 +$poller_id = 1;
329 +
330 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath
331 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath 1969-12-31 19:00:00.000000000 -0500
332 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath 2022-07-27 14:46:56.287000000 -0400
333 @@ -0,0 +1,9 @@
334 +/*
335 + * Set the $url_path to point to the default URL of your cacti install.
336 + * For exmaple if your cacti install as at `https://serverip/cacti/` this
337 + * would be set to `/cacti/`.
338 + */
339 +
340 +$url_path = '/cacti/';
341 +
342 +
343 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/25session smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/25session
344 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/25session 1969-12-31 19:00:00.000000000 -0500
345 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/25session 2022-07-27 14:46:56.522000000 -0400
346 @@ -0,0 +1,19 @@
347 +/*
348 + * Default session name - session name must contain alpha characters
349 + */
350 +
351 +$cacti_session_name = 'Cacti';
352 +
353 +/*
354 + * Default Cookie domain - The cookie domain to be used for Cacti
355 + */
356 +
357 +//$cacti_cookie_domain = 'cacti.net';
358 +
359 +/*
360 + * Save sessions to a database for load balancing
361 + */
362 +
363 +$cacti_db_session = false;
364 +
365 +
366 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/30log smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/30log
367 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/30log 1969-12-31 19:00:00.000000000 -0500
368 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/30log 2022-07-27 14:46:56.771000000 -0400
369 @@ -0,0 +1,6 @@
370 +/*
371 + * Disable log rotation settings for packagers
372 + */
373 +
374 +$disable_log_rotation = true;
375 +
376 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/40input smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/40input
377 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/40input 1969-12-31 19:00:00.000000000 -0500
378 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/40input 2022-07-27 14:46:57.012000000 -0400
379 @@ -0,0 +1,18 @@
380 +/*
381 + * Optional parameters to define scripts and resource paths. These
382 + * variables become important when using remote poller installs when the
383 + * scripts and resource files are not in the main Cacti web server path.
384 + */
385 +
386 +//$scripts_path = '/var/www/html/cacti/scripts';
387 +//$resource_path = '/var/www/html/cacti/resource/';
388 +
389 +/*
390 + * Optional parameter to define a data input whitelist command string. This
391 + * whitelist file will help protect cacti from unauthorized changes to Cacti
392 + * data input command string.
393 + */
394 +
395 +//$input_whitelist = '/usr/local/etc/cacti/input_whitelist.json';
396 +
397 +
398 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/50php smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/50php
399 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/50php 1969-12-31 19:00:00.000000000 -0500
400 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/50php 2022-07-27 14:46:57.268000000 -0400
401 @@ -0,0 +1,6 @@
402 +/*
403 + * Optional parameter to give explicit path to PHP
404 + */
405 +$php_path = '/usr/bin/php74';
406 +
407 +
408 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/60snmp smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/60snmp
409 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/60snmp 1969-12-31 19:00:00.000000000 -0500
410 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/60snmp 2022-07-27 14:46:57.504000000 -0400
411 @@ -0,0 +1,8 @@
412 +/*
413 + * Optional parameter to disable the PHP SNMP extension. If not set, defaults
414 + * to class_exists('SNMP').
415 + */
416 +
417 +//$php_snmp_support = false;
418 +
419 +
420 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/70csrf smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/70csrf
421 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/70csrf 1969-12-31 19:00:00.000000000 -0500
422 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/70csrf 2022-07-27 14:46:57.727000000 -0400
423 @@ -0,0 +1,8 @@
424 +/*
425 + * Optional parameter to define the path of the csrf_secret.php path. This
426 + * variable is for packagers who wish to specify an alternate location of
427 + * the CRSF secret file.
428 + */
429 +
430 +$path_csrf_secret = '/var/lib/cacti/csrf/csrf-secret.php';
431 +
432 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG
433 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG 1969-12-31 19:00:00.000000000 -0500
434 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG 2022-07-27 14:46:57.957000000 -0400
435 @@ -0,0 +1,30 @@
436 +/*
437 + * The following are optional variables for debugging low level system
438 + * functions that are generally only used by Cacti Developers to help
439 + * identify potential issues in commonly used functions
440 + *
441 + * To use them, uncomment and the equivalent field will be set in the
442 + * $config variable allowing for instant on but still allowing the
443 + * ability to fine turn and turn them off.
444 + */
445 +
446 +/*
447 + * Debug the read_config_option program flow
448 + */
449 +# define('DEBUG_READ_CONFIG_OPTION', true);
450 +
451 +/*
452 + * Automatically suppress the DEBUG_READ_CONFIG_OPTION
453 + */
454 +# define('DEBUG_READ_CONFIG_OPTION_DB_OPEN', true);
455 +
456 +/*
457 + * Always write the SQL command to the cacti log file
458 + */
459 +# define('DEBUG_SQL_CMD', true);
460 +
461 +/*
462 + * Debug the flow of calls to the db_xxx functions that
463 + * are defined in lib/database.php
464 + */
465 +# define('DEBUG_SQL_FLOW', true);
466 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/95end smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/95end
467 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/95end 1969-12-31 19:00:00.000000000 -0500
468 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/95end 2022-07-27 14:46:58.190000000 -0400
469 @@ -0,0 +1 @@
470 +?>
471 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti
472 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti 2019-12-11 14:46:28.000000000 -0500
473 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti 2022-07-27 14:46:55.114000000 -0400
474 @@ -1,22 +1,34 @@
475 {
476 - my $db = $cacti{DbName} || 'cacti_sme';
477 + my $db = $cacti{DbDatabase} || 'cacti_sme';
478 my $user = $cacti{DbUser} || 'cacti';
479 my $pass = $cacti{DbPassword} || 'changeme';
480 $OUT .= <<END
481 -#! /bin/sh
482 +#!/bin/bash
483 if [ -d /var/lib/mysql/$db ]; then
484 + /usr/bin/mysql <<EOF
485 + use $db;
486 + use mysql;
487 + ALTER DATABASE $db COLLATE = 'utf8mb4_unicode_ci';
488 + GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
489 + IDENTIFIED BY '$pass';
490 + GRANT SELECT ON mysql.time_zone_name TO '$user'\@'localhost';
491 + flush privileges;
492 +EOF
493 +
494 +
495 exit
496 fi
497 /usr/bin/mysql <<EOF
498 - CREATE DATABASE $db DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
499 + CREATE DATABASE $db DEFAULT CHARACTER SET utf8mb4 COLLATE utf8_unicode_ci;
500 use $db;
501 use mysql;
502 GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
503 IDENTIFIED BY '$pass';
504 - GRANT SELECT ON `mysql`.`time_zone_name` TO '$user'@'localhost';
505 + GRANT SELECT ON mysql.time_zone_name TO '$user'\@'localhost';
506 flush privileges;
507 EOF
508 /usr/bin/mysql_tzinfo_to_sql /usr/share/zoneinfo/ 2>/dev/null |/usr/bin/mysql mysql
509 - /usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
510 + /usr/bin/mysql $db < \$(rpm -ql cacti|grep cacti.sql)
511 + #/usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
512 END
513 -}
514 \ Pas de fin de ligne à la fin du fichier
515 +}
516 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti
517 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti 2014-06-16 11:53:00.000000000 -0400
518 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti 2022-07-26 00:30:15.300000000 -0400
519 @@ -5,32 +5,19 @@
520 SSLRequireSSL
521 Options -Indexes
522 AllowOverride None
523 - order deny,allow
524 - deny from all
525 -
526 -{
527 - my $cactiaxs = $cacti{'access'} || "private";
528 - if ($cactiaxs eq "private")
529 - {
530 - $OUT .= " allow from $localAccess $externalSSLAccess";
531 - } else {
532 - $OUT .= " allow from all";
533 - }
534 -}
535 - Satisfy all
536 - AddType application/x-httpd-php .php .php3
537 - php_flag magic_quotes_gpc on
538 - php_flag track_vars on
539 + Require { (($cacti{'access'} ||"private") eq "public") ? "all granted" : "ip $localAccess $externalSSLAccess"; }
540 + AddType application/x-httpd-php .php
541 + <FilesMatch \.php$ >
542 + SetHandler "proxy:unix:/var/run/php-fpm/php74-cacti.sock|fcgi://localhost"
543 + </FilesMatch>
544 </Directory>
545
546
547
548 <Directory /usr/share/cacti/log>
549 - Order deny,allow
550 - Deny from all
551 + Require all denied
552 </Directory>
553 <Directory /usr/share/cacti/rra>
554 - Order deny,allow
555 - Deny from all
556 + Require all denied
557 </Directory>
558
559 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti
560 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 1969-12-31 19:00:00.000000000 -0500
561 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti 2022-07-27 14:46:55.335000000 -0400
562 @@ -0,0 +1,68 @@
563 +{
564 +
565 +if ($PHP_VERSION eq '74'){
566 + if (($cacti{'status'} || 'disabled') eq 'enabled'){
567 + my $max_upload_size = ($cacti{MaxUploadSize} || '4096');
568 + $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
569 + my $memory_limit = ($cacti{MemoryLimit} || '5555500M');
570 + $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
571 + my $open_basedir= $cacti{PHPBaseDir} || '';
572 + $open_basedir = "/tmp/:/share/:/var/log/cacti:/etc/cacti/db.php:/usr/share/cacti:/var/lib/cacti:/var/log/cacti.log:/var/lib/php/cacti:/home/e-smith/files/cacti:/dev/urandom:/proc/meminfo:$open_basedir";
573 + my $id = 'cacti';
574 + my $max_children = $cacti{'PHPmaxChildren'} || 20;
575 + my $min_spare_servers = $cacti{'PHPminServers'} || 4;
576 + my $start_servers = $cacti{'PHPstartServers'} || 6;
577 + my $max_spare_servers = $cacti{'PHPmaxServers'} || 8;
578 + my $max_requests = $cacti{'PHPmaxRequests'} || 1000;
579 + $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
580 + $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 + $min_spare_servers/2 ) : $start_servers;
581 +
582 + $OUT .=<<_EOF;
583 +
584 +[php$PHP_VERSION-$id]
585 +user = www
586 +group = www
587 +listen.owner = root
588 +listen.group = www
589 +listen.mode = 0660
590 +listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
591 +pm = dynamic
592 +pm.max_children = $max_children
593 +pm.start_servers = $start_servers
594 +pm.min_spare_servers = $min_spare_servers
595 +pm.max_spare_servers = $max_spare_servers
596 +pm.max_requests = $max_requests
597 +php_admin_value[session.save_path] = /var/lib/php/$id/session
598 +php_admin_value[session.gc_maxlifetime] = 86400
599 +;php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
600 +php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
601 +php_admin_value[error_log] = /var/log/php/$id/error.log
602 +slowlog = /var/log/php/cacti/slow.log
603 +php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
604 +php_admin_flag[display_errors] = off
605 +php_admin_flag[log_errors] = on
606 +php_admin_value[error_log] = syslog
607 +php_admin_value[memory_limit] = $memory_limit
608 +php_admin_value[max_execution_time] = 3600
609 +php_admin_value[post_max_size] = $max_upload_size
610 +php_admin_value[upload_max_filesize] = $max_upload_size
611 +;php_admin_value[disable_functions] = system, show_source, symlink, dl, passthru, phpinfo, escapeshellarg, escapeshellcmd
612 +;php_admin_value[open_basedir] = $open_basedir
613 +php_admin_flag[allow_url_fopen] = on
614 +php_admin_flag[file_upload] = on
615 +;php_admin_flag[session.cookie_httponly] = on
616 +;php_admin_flag[allow_url_include] = off
617 +;php_admin_value[session.save_handler] = files
618 +;php_admin_flag[output_buffering] = off
619 +
620 +_EOF
621 +
622 + }
623 + else{
624 + $OUT .= '; Cacti is disabled';
625 + }
626 +}
627 +}
628 +
629 +
630 +
631 diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php
632 --- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php 2014-06-16 11:53:01.000000000 -0400
633 +++ smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php 2022-07-26 00:44:20.988000000 -0400
634 @@ -1,3 +1,3 @@
635 -UID="cacti"
636 +UID="root"
637 GID="www"
638 PERMS=0640
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed