From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH 6/6] Icinga: Do not ship event handlers for Nagios Date: Fri, 21 May 2021 15:42:36 +0200 Message-ID: In-Reply-To: <423afb1f-304d-eecf-8db3-3ea5d9353fb8@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3971103659535182258==" List-Id: --===============3971103659535182258== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable These are owned (hence being writable) by "nobody", posing a potential security risk. Since the files itself were already exluded from being shipped, their parent directory should be as well. This patch should reduce the amount of executable files being owned by nobody to zero after upgrading to Core Update 157. Due to complexity reasons, not all applications available in Pakfire could be tested, though, so your mileage may vary. Signed-off-by: Peter M=C3=BCller --- config/rootfiles/packages/icinga | 2 +- lfs/icinga | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/rootfiles/packages/icinga b/config/rootfiles/packages/ici= nga index f81ba9db2..000be6346 100644 --- a/config/rootfiles/packages/icinga +++ b/config/rootfiles/packages/icinga @@ -25,7 +25,7 @@ usr/bin/icinga usr/bin/icingastats #usr/lib/icinga usr/lib/icinga/p1.pl -usr/lib/nagios/plugins/eventhandlers +#usr/lib/nagios/plugins/eventhandlers #usr/lib/nagios/plugins/eventhandlers/disable_active_service_checks #usr/lib/nagios/plugins/eventhandlers/disable_notifications #usr/lib/nagios/plugins/eventhandlers/distributed-monitoring diff --git a/lfs/icinga b/lfs/icinga index 6534722ac..456f66388 100644 --- a/lfs/icinga +++ b/lfs/icinga @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D icinga -PAK_VER =3D 4 +PAK_VER =3D 5 =20 DEPS =3D nagios-plugins =20 --=20 2.26.2 --===============3971103659535182258==--