This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via bff53f09ffb26cee1e410a2ee812efe4b83538d3 (commit) via 670e7d6e363d1a51de623428620b5d50b0e814d8 (commit) via 5ef6f1dcaeea9b49c70d2bd4b2e80b17c64fffcf (commit) via 1c0e8ff9fcf7934fc5943a3b43aaef8c58d325d3 (commit) via cbc1c00ed909dea9bcd0e2b762505b80e33b211b (commit) via 90ea6fac35ac12a6fea9163ac71da166370856fe (commit) via 20e8c4739caf8f8e6b6f331d239025184b007926 (commit) via 272076e3c8f8d835816fb796cfb27501c7299e85 (commit) via 314315bee30ed6361ad628a25095e50ebbafd35c (commit) via 5fafff021f06f286e1605db48bde8bf762209cc8 (commit) via 9b2298d92f8d058ce5be6c84668e65c466cf8211 (commit) via f5a2b26bd180fc1b5e57345864bb866d82b2e6fc (commit) via 68cf137999dd22b56f094cbd725482bfe657db9d (commit) via 1087370d524d7ce690164c79cf941116994752db (commit) via ee2072fd20be1a3590e347bc59b1353aa7d69ba9 (commit) from bed265cc5ab80f97c4981f2ba5d4c1cb10c55f57 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit bff53f09ffb26cee1e410a2ee812efe4b83538d3 Author: Robin Roevens robin.roevens@disroot.org Date: Wed Feb 28 19:58:36 2024 +0100
zabbix_agentd: Add OpenVPN certificates items
- Adds Zabbix Agent userparameters `ipfire.ovpn.clientcert` and `ipfire.ovpn.cacert` for the agent to get details about openvpn client, server and ca certificates. - Moves all `ipfire.ovpn.*` userparameters to a separate config file `userparameter_ovpn.conf` to enable users to selectively disable openvpn items when not needed - Includes `ipfire_certificate_detail.sh` script in sudoers for Zabbix Agent as it needs root permission to read openvpn certificate details. - Adapts lfs install script to install new script and configfile - Adds new script and configfile to rootfiles Reviewed-by: Adolf Belka adolf.belka@ipfire.org
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 670e7d6e363d1a51de623428620b5d50b0e814d8 Author: Robin Roevens robin.roevens@disroot.org Date: Wed Feb 28 19:58:35 2024 +0100
zabbix_agentd: Add helper script to get and verify certificate details
Add script to parse openssl output on certificates and return it as JSON for consumption by the Zabbix agent. Reviewed-by: Adolf Belka adolf.belka@ipfire.org
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5ef6f1dcaeea9b49c70d2bd4b2e80b17c64fffcf Author: Robin Roevens robin.roevens@disroot.org Date: Wed Feb 28 19:58:34 2024 +0100
zabbix_agentd: Update to 6.0.27 (LTS)
- Update from version 6.0.22 to 6.0.27 - Update of rootfile not required
Bugs fixed: - ZBX-23715: Fixed persistent directory path not following symlinks upon creation - ZBX-22933: Improved vfs.file.regmatch and vfs.file.regexp items to use buffered file read
Full changelogs since 6.0.22: - https://www.zabbix.com/rn/rn6.0.23 - https://www.zabbix.com/rn/rn6.0.24 - https://www.zabbix.com/rn/rn6.0.25 - https://www.zabbix.com/rn/rn6.0.26 - https://www.zabbix.com/rn/rn6.0.27 Reviewed-by: Adolf Belka adolf.belka@ipfire.org
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1c0e8ff9fcf7934fc5943a3b43aaef8c58d325d3 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Feb 29 10:24:50 2024 +0000
core185: Ship shadow
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cbc1c00ed909dea9bcd0e2b762505b80e33b211b Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:37 2024 +0100
shadow: Update to version 4.14.5
- Update from version 4.14.3 to 4.14.5 - Update of rootfile not required - Changelog 4.14.5 Build system: Fix regression introduced in 4.14.4, due to a typo. chgpasswd had been deleted from a Makefile variable, but it should have been chpasswd. 4.14.4 Build system: Link correctly with libdl. Install pam configs for chpasswd(8) and newusers(8) when using ./configure --with-libpam --disable-account-tools-setuid. libshadow: Fix build error (parameter name omitted). Fix off-by-one bug. Remove warning.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 90ea6fac35ac12a6fea9163ac71da166370856fe Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:36 2024 +0100
samba: Update to version 4.19.5
- Update from version 4.19.3 to 4.19.5 - Update of rootfile not required - Changelog 4.19.5 * BUG 13688: Windows 2016 fails to restore previous version of a file from a shadow_copy2 snapshot. * BUG 15549: Symlinks on AIX are broken in 4.19 (and a few version before that). * BUG 12421: Fake directory create times has no effect. * BUG 15550: ctime mixed up with mtime by smbd. * BUG 15548: samba-gpupdate --rsop fails if machine is not in a site. * BUG 15557: gpupdate: The root cert import when NDES is not available is broken. * BUG 15552: samba-gpupdate should print a useful message if cepces-submit can't be found. * BUG 15558: samba-gpupdate logging doesn't work. * BUG 15555: smbpasswd reset permissions only if not 0600. 4.19.4 * BUG 13577: net changesecretpw cannot set the machine account password if secrets.tdb is empty. * BUG 15540: For generating doc, take, if defined, env XML_CATALOG_FILES. * BUG 15541: Trivial C typo in nsswitch/winbind_nss_netbsd.c. * BUG 15542: vfs_linux_xfs is incorrectly named. * BUG 15377: systemd stumbled over copyright-message at smbd startup. * BUG 15505: Following intermediate abolute share-local symlinks is broken. * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to a non-public address disconnects first. * BUG 15544: shadow_copy2 broken when current fileset's directories are removed. * BUG 15377: systemd stumbled over copyright-message at smbd startup. * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to a non-public address disconnects first. * BUG 15534: smbd does not detect ctdb public ipv6 addresses for multichannel exclusion. * BUG 15469: 'force user = localunixuser' doesn't work if 'allow trusted domains = no' is set. * BUG 15525: smbget debug logging doesn't work. * BUG 15532: smget: username in the smburl and interactive password entry doesn't work. * BUG 15538: smbget auth function doesn't set values for password prompt correctly. * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to a non-public address disconnects first. * BUG 15440: Unable to copy and write files from clients to Ceph cluster via SMB Linux gateway with Ceph VFS module. * BUG 15547: Multichannel refresh network information.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 20e8c4739caf8f8e6b6f331d239025184b007926 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Feb 29 10:24:10 2024 +0000
core185: Ship libpng
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 272076e3c8f8d835816fb796cfb27501c7299e85 Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:35 2024 +0100
libpng: Update to version 1.6.42
- Update from version 1.4.61 to 1.4.62 - Update of rootfile not required - Changelog 1.6.42 Fixed the implementation of the macro function png_check_sig(). This was an API regression, introduced in libpng-1.6.41. (Reported by Matthieu Darbois)
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 314315bee30ed6361ad628a25095e50ebbafd35c Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Feb 29 10:23:17 2024 +0000
core185: Ship libgpg-error
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5fafff021f06f286e1605db48bde8bf762209cc8 Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:34 2024 +0100
libgpg-error: Update to version 1.48
- Update from version 1.47 to 1.48 - Update of rootfile - Changelog 1.48 * New configure option --with-libtool-modification. [T6619] * New option parser flag to detect commands given without a double dash. There is also the new meta command "command-mode" to set this flag via a config file. [T6978] * Added an es_fopen mode flag "sequential" with support on Windows. [rE7a42ff0ec9] * Added an es_fopen mode flag "wipe" to cleanup internal buffers at close time. [T6954] * New function gpgrt_wipememory. [T6964] * Improvements to setenv on Windows. [rE89e53ad90f] * Fixed call to estream-printf string filters. [T6737] * Many improvements to the yat2m tool. * Updates to the build system. * Interface changes relative to the 1.47 release: ARGPARSE_FLAG_COMMAND NEW. gpgrt_wipememory NEW.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 9b2298d92f8d058ce5be6c84668e65c466cf8211 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Feb 29 10:22:40 2024 +0000
core185: Ship libffi
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit f5a2b26bd180fc1b5e57345864bb866d82b2e6fc Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:33 2024 +0100
libffi: Update to version 3.4.6
- Update from version 3.4.4 to 3.4.6 - Update of rootfile - Changelog 3.4.6 Fix long double regression on mips64 and alpha. 3.4.5 Add support for wasm32. Add support for aarch64 branch target identification (bti). Add support for ARCv3: ARC32 & ARC64. Add support for HPPA64, and many HPPA fixes. Add support for Haikuos on PowerPC. Fixes for AIX, loongson, MIPS, power, sparc64, and x86 Darwin.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 68cf137999dd22b56f094cbd725482bfe657db9d Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:32 2024 +0100
gptfdisk: Update to version 1.0.10
- Update from version 1.0.9 to 1.0.10 - Update of rootfile not required - Changelog 1.0.10 - Fixed problem that caused sgdisk to crash with errors about being unable to read the disk's partition table when compiled with the latest popt (commit 740, which is pre-release as I type; presumably version 1.19 and later once released). - Updated guid.cc to deal with minor change in libuuid. - Fixed potential NULL derefernce bug in sgdisk. Thanks to Damian Kurek for this fix. - The partition number of "0" can now be used to reference newly-created partitions when the --largest-new=0 option to sgdisk is used. Thanks to David JoaquĆn Shourabi Porcel for this improvement. - Make explicit casts in gptcurses.cc to eliminate compiler warnings about mis-matched types in printw() statements. - Minor code cleanup based on valgrind analysis. - In previous versions, GPT fdisk accepted only integer values for partition start points, end points, and sizes, and it interpreted decimal values incorrectly. That is, if you typed "+9.5G" as the partition end point, you'd end up with something just 9 sectors in size. This version now truncates decimal numbers to their integral values, so you'd get a 9 GiB partition instead. - Changes to optimize disk handling, particularly on Windows, courtesy of Frediano Ziglio. - Added numerous new partition type codes from Discoverable Partitions Specification (https://uapi-group.org/specifications/specs/discoverable_partitions_specific...). - Added new sgdisk -k/--move-backup-table and gdisk k (on the experts' menu) option to relocate the backup partition table. This is the counterpart of the sgdisk -j/--move-main-table and gdisk j (on the experts' menu) option to move the main partition table. This code comes from Niklas Gollenstede.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1087370d524d7ce690164c79cf941116994752db Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:31 2024 +0100
git: Update to version 2.44.0
- Update from version 2.43.0 to 2.44.0 - Update of rootfile - Changelog is too large to include here. See the files 2.43.1.txt, 2.43.2.txt, 2.43.3.txt & 2.44.0.txt in the source tarball in directory Documentation/RelNotes
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ee2072fd20be1a3590e347bc59b1353aa7d69ba9 Author: Adolf Belka adolf.belka@ipfire.org Date: Wed Feb 28 20:31:30 2024 +0100
en.pl: Correct typo of marsians instead of martians
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/libffi | 3 +- config/rootfiles/common/libgpg-error | 3 +- .../{oldcore/155 => core/185}/filelists/libffi | 0 .../106 => core/185}/filelists/libgpg-error | 0 .../{oldcore/109 => core/185}/filelists/libpng | 0 .../{oldcore/104 => core/185}/filelists/shadow | 0 config/rootfiles/packages/git | 2 + config/rootfiles/packages/zabbix_agentd | 3 + config/zabbix_agentd/ipfire_certificate_detail.sh | 91 ++++++++++++++++++++++ config/zabbix_agentd/sudoers | 1 + config/zabbix_agentd/userparameter_ipfire.conf | 8 +- ...rameter_ipfire.conf => userparameter_ovpn.conf} | 19 ++--- doc/language_issues.en | 2 +- doc/language_issues.it | 2 +- doc/language_issues.nl | 2 +- doc/language_issues.pl | 2 +- doc/language_issues.ru | 2 +- doc/language_issues.tr | 2 +- langs/en/cgi-bin/en.pl | 2 +- lfs/git | 8 +- lfs/gptfdisk | 8 +- lfs/libffi | 6 +- lfs/libgpg-error | 6 +- lfs/libpng | 4 +- lfs/samba | 8 +- lfs/shadow | 4 +- lfs/zabbix_agentd | 13 +++- 27 files changed, 148 insertions(+), 53 deletions(-) copy config/rootfiles/{oldcore/155 => core/185}/filelists/libffi (100%) copy config/rootfiles/{oldcore/106 => core/185}/filelists/libgpg-error (100%) copy config/rootfiles/{oldcore/109 => core/185}/filelists/libpng (100%) copy config/rootfiles/{oldcore/104 => core/185}/filelists/shadow (100%) create mode 100755 config/zabbix_agentd/ipfire_certificate_detail.sh copy config/zabbix_agentd/{userparameter_ipfire.conf => userparameter_ovpn.conf} (55%)
Difference in files: diff --git a/config/rootfiles/common/libffi b/config/rootfiles/common/libffi index 02c161e54b..8028039050 100644 --- a/config/rootfiles/common/libffi +++ b/config/rootfiles/common/libffi @@ -4,10 +4,11 @@ #usr/lib/libffi.la #usr/lib/libffi.so usr/lib/libffi.so.8 -usr/lib/libffi.so.8.1.2 +usr/lib/libffi.so.8.1.4 #usr/lib/pkgconfig/libffi.pc #usr/share/info/libffi.info #usr/share/man/man3/ffi.3 #usr/share/man/man3/ffi_call.3 #usr/share/man/man3/ffi_prep_cif.3 #usr/share/man/man3/ffi_prep_cif_var.3 + diff --git a/config/rootfiles/common/libgpg-error b/config/rootfiles/common/libgpg-error index 08079ed9c5..7da745f1d2 100644 --- a/config/rootfiles/common/libgpg-error +++ b/config/rootfiles/common/libgpg-error @@ -6,7 +6,7 @@ usr/bin/gpg-error #usr/lib/libgpg-error.la #usr/lib/libgpg-error.so usr/lib/libgpg-error.so.0 -usr/lib/libgpg-error.so.0.34.0 +usr/lib/libgpg-error.so.0.35.0 #usr/lib/pkgconfig/gpg-error.pc #usr/share/aclocal/gpg-error.m4 #usr/share/aclocal/gpgrt.m4 @@ -42,3 +42,4 @@ usr/lib/libgpg-error.so.0.34.0 #usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo #usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo #usr/share/man/man1/gpgrt-config.1 + diff --git a/config/rootfiles/core/185/filelists/libffi b/config/rootfiles/core/185/filelists/libffi new file mode 120000 index 0000000000..c391acd0cb --- /dev/null +++ b/config/rootfiles/core/185/filelists/libffi @@ -0,0 +1 @@ +../../../common/libffi \ No newline at end of file diff --git a/config/rootfiles/core/185/filelists/libgpg-error b/config/rootfiles/core/185/filelists/libgpg-error new file mode 120000 index 0000000000..cad431339f --- /dev/null +++ b/config/rootfiles/core/185/filelists/libgpg-error @@ -0,0 +1 @@ +../../../common/libgpg-error \ No newline at end of file diff --git a/config/rootfiles/core/185/filelists/libpng b/config/rootfiles/core/185/filelists/libpng new file mode 120000 index 0000000000..8ef96e2c13 --- /dev/null +++ b/config/rootfiles/core/185/filelists/libpng @@ -0,0 +1 @@ +../../../common/libpng \ No newline at end of file diff --git a/config/rootfiles/core/185/filelists/shadow b/config/rootfiles/core/185/filelists/shadow new file mode 120000 index 0000000000..c0824b7b99 --- /dev/null +++ b/config/rootfiles/core/185/filelists/shadow @@ -0,0 +1 @@ +../../../common/shadow \ No newline at end of file diff --git a/config/rootfiles/packages/git b/config/rootfiles/packages/git index 306767e4b8..d0e7b707e2 100644 --- a/config/rootfiles/packages/git +++ b/config/rootfiles/packages/git @@ -133,6 +133,7 @@ usr/libexec/git-core/git-remote-http usr/libexec/git-core/git-remote-https usr/libexec/git-core/git-repack usr/libexec/git-core/git-replace +usr/libexec/git-core/git-replay usr/libexec/git-core/git-request-pull usr/libexec/git-core/git-rerere usr/libexec/git-core/git-reset @@ -355,3 +356,4 @@ usr/share/perl5/Git/SVN #usr/share/perl5/Git/SVN/Prompt.pm #usr/share/perl5/Git/SVN/Ra.pm #usr/share/perl5/Git/SVN/Utils.pm + diff --git a/config/rootfiles/packages/zabbix_agentd b/config/rootfiles/packages/zabbix_agentd index 729a47ac62..8e10cb4c8a 100644 --- a/config/rootfiles/packages/zabbix_agentd +++ b/config/rootfiles/packages/zabbix_agentd @@ -20,3 +20,6 @@ var/ipfire/zabbix_agentd/zabbix_agentd_ipfire_mandatory.conf var/ipfire/zabbix_agentd/userparameters var/ipfire/zabbix_agentd/userparameters/userparameter_pakfire.conf var/ipfire/zabbix_agentd/userparameters/userparameter_ipfire.conf +var/ipfire/zabbix_agentd/userparameters/userparameter_ovpn.conf +var/ipfire/zabbix_agentd/scripts +var/ipfire/zabbix_agentd/scripts/ipfire_certificate_detail.sh diff --git a/config/zabbix_agentd/ipfire_certificate_detail.sh b/config/zabbix_agentd/ipfire_certificate_detail.sh new file mode 100755 index 0000000000..9ca0ef5de9 --- /dev/null +++ b/config/zabbix_agentd/ipfire_certificate_detail.sh @@ -0,0 +1,91 @@ +#!/bin/bash +############################################################################### +# ipfire_certificate_detail.sh - Get certificate details and validation results +# in JSON format for use by Zabbix agent +# +# Author: robin.roevens (at) disroot.org +# Version: 1.0 +# +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. +# +############################################################################### + +# Required binaries +OPENSSL=/usr/bin/openssl +DATE=/bin/date + +# Parameter checking +[[ $1 ]] || { echo "{"error":"No CA certificate file given."}"; exit 1; } +[[ -f $1 ]] || { echo "{"error":"CA certificate not found: $1."}"; exit 1; } +[[ -r $1 ]] || { echo "{"error":"No read permission on CA certificate: $1."}"; exit 1; } +[[ $2 ]] || { echo "{"error":"No certificate file given."}"; exit 1; } +[[ -f $2 ]] || { echo "{"error":"Certificate not found: $2."}"; exit 1; } +[[ -r $2 ]] || { echo "{"error":"No read permission on certificate $2."}"; exit 1; } +[[ -x $OPENSSL ]] || { echo "{"error":"$OPENSSL binary not found or no permission."}"; exit 1; } +[[ -x $DATE ]] || { echo "{"error":"$DATE binary not found or no permission."}"; exit 1; } + +cafile=$1 +cert=$2 + +# Parse certificate details +cert_details=$(${OPENSSL} x509 -in "${cert}" -noout -text -certopt no_header,no_sigdump) +version=$(echo "${cert_details}" | grep "Version:" | sed 's/^ +Version: ([0-9]+) (.+)$/\1/g') +serial_number=$(echo "${cert_details}" | grep -A1 "Serial Number:" | tr -d '\n' | sed 's/^ +Serial Number:(( (.*) ([0-9]+x[0-9]+).*)|( +(.*)$))/\3\5/g') +signature_algorithm=$(echo "${cert_details}" | grep "Signature Algorithm:" | sed 's/^ +Signature Algorithm: //g') +issuer=$(echo "${cert_details}" | grep "Issuer:" | sed 's/^ +Issuer: //g' | sed 's/"/\"/g') +not_before_value=$(echo "${cert_details}" | grep "Not Before:" | sed 's/^ +Not Before: //g') +not_before_timestamp=$(${DATE} -d "${not_before_value}" +%s) +not_after_value=$(echo "${cert_details}" | grep "Not After :" | sed 's/^ +Not After : //g') +not_after_timestamp=$(${DATE} -d "${not_after_value}" +%s) +subject=$(echo "${cert_details}" | grep "Subject:" | sed 's/^ +Subject: //g' | sed 's/"/\"/g') +public_key_algorithm=$(echo "${cert_details}" | grep "Public Key Algorithm:" | sed 's/^ +Public Key Algorithm: //g') + +# Verify certificate +cert_verify=$(${OPENSSL} verify -CAfile "${cafile}" "${cert}" 2>&1) +if [[ $? != 0 ]]; then + result_value="invalid" + result_message="failed to verify certificate: x509: $(echo "${cert_verify}" | grep -E "error [0-9]+" | sed 's/^.+: (.+)/\1/g')" +else + result_value="valid" + result_message="certificate verified successfully" +fi + +# Generate fingerprints +sha1_fingerprint=$(${OPENSSL} x509 -in "${cert}" -noout -fingerprint -sha1 | cut -d= -f2) +sha256_fingerprint=$(${OPENSSL} x509 -in "${cert}" -noout -fingerprint -sha256 | cut -d= -f2) + +# Print certificate details in JSON +echo -n "{"x509":{" +echo -n ""version":"${version}"," +echo -n ""serial_number":"${serial_number}"," +echo -n ""signature_algorithm":"${signature_algorithm}"," +echo -n ""issuer":"${issuer}"," +echo -n ""not_before":{" +echo -n ""value":"${not_before_value}"," +echo -n ""timestamp":"${not_before_timestamp}"}," +echo -n ""not_after":{" +echo -n ""value":"${not_after_value}"," +echo -n ""timestamp":"${not_after_timestamp}"}," +echo -n ""subject":"${subject}"," +echo -n ""public_key_algorithm":"${public_key_algorithm}"}," +echo -n ""result":{" +echo -n ""value":"${result_value}"," +echo -n ""message":"${result_message}"}," +echo -n ""sha1_fingerprint":"${sha1_fingerprint}"," +echo -n ""sha256_fingerprint":"${sha256_fingerprint}"" +echo -n "}" + +exit 0 \ No newline at end of file diff --git a/config/zabbix_agentd/sudoers b/config/zabbix_agentd/sudoers index d93ec5d556..138c75635a 100644 --- a/config/zabbix_agentd/sudoers +++ b/config/zabbix_agentd/sudoers @@ -9,3 +9,4 @@ # Defaults:zabbix !requiretty zabbix ALL=(ALL) NOPASSWD: /opt/pakfire/pakfire status, /usr/sbin/fping, /usr/local/bin/getipstat, /bin/cat /var/run/ovpnserver.log +zabbix ALL=(ALL) NOPASSWD: /var/ipfire/zabbix_agentd/scripts/ipfire_certificate_detail.sh diff --git a/config/zabbix_agentd/userparameter_ipfire.conf b/config/zabbix_agentd/userparameter_ipfire.conf index ba0c6c2ca3..d2d0c83078 100644 --- a/config/zabbix_agentd/userparameter_ipfire.conf +++ b/config/zabbix_agentd/userparameter_ipfire.conf @@ -9,10 +9,4 @@ UserParameter=ipfire.net.fw.hits.raw,sudo /usr/local/bin/getipstat -xf | grep "/ # Number of currently Active DHCP leases UserParameter=ipfire.dhcpd.clients,grep -s -E 'lease|bind' /var/state/dhcp/dhcpd.leases | sed ':a;/{$/{N;s/\n//;ba}' | grep "state active" | wc -l # Number of Captive Portal clients -UserParameter=ipfire.captive.clients,awk -F ',' 'length($2) == 17 {sum += 1} END {if (length(sum) == 0) print 0; else print sum}' /var/ipfire/captive/clients -# Discovery of configured ovpn clients -UserParameter=ipfire.ovpn.clients.discovery,cat /var/ipfire/ovpn/ovpnconfig 2>/dev/null | awk -F',' 'BEGIN { ORS = ""; print "[" } { printf "%s{"{#NAME}":"%s","{#COMMONNAME}":"%s","{#STATE}":"%s","{#REMARK}":"%s","{#TYPE}":"%s"}", separator, $3, $4, $2, $27, $5; separator = ","; } END { print "]" }' -# Get OpenVPN status report -UserParameter=ipfire.ovpn.statusreport.get,sudo cat /var/run/ovpnserver.log 2>/dev/null | awk -F"," 'function unixtime(t) { gsub(/[-:]/," ",t); return mktime(t) } BEGIN { ORS = ""; print "{" } /^Updated,.+/ { printf ""timestamp":%s,"clients":[",unixtime($2) } /^.+,[0-9]+.[0-9]+.[0-9]+.[0-9]+:[0-9]+,[0-9]+,[0-9]+,.+/ { if ($1 != "Common Name") { printf "%s{"common_name":"%s","real_address":"%s","bytes_in":"%s","bytes_out":"%s","connected_since":"%s"}", separator, $1, $2, $3, $4, unixtime($5); separator = ","; } } /^ROUTING TABLE/ { print "],"routing_table":["; separator = "" } /^[0-9]+.[0-9]+.[0-9]+.[0-9]+,.+,[0-9]+.[0-9]+.[0-9]+.[0-9]+:[0-9]+,.+/ { if ($1 != "Virtual Address") { printf "%s{"common_name":"%s","virtual_address":"%s","real_address":"%s","last_ref":"%s"}", separator, $2, $1, $3, unixtime($4); separator = "," } } END { print "]}" }' -# Allow item key to be called with (unused) parameters. This allows the #SINGLETON method of discovering this item only when openvpn service is active -Alias=ipfire.ovpn.statusreport.get[]:ipfire.ovpn.statusreport.get \ No newline at end of file +UserParameter=ipfire.captive.clients,awk -F ',' 'length($2) == 17 {sum += 1} END {if (length(sum) == 0) print 0; else print sum}' /var/ipfire/captive/clients \ No newline at end of file diff --git a/config/zabbix_agentd/userparameter_ovpn.conf b/config/zabbix_agentd/userparameter_ovpn.conf new file mode 100644 index 0000000000..a7a6d8535f --- /dev/null +++ b/config/zabbix_agentd/userparameter_ovpn.conf @@ -0,0 +1,13 @@ +# Parameters for monitoring IPFire OpenVPN specific metrics +# +# Discovery of configured ovpn clients +UserParameter=ipfire.ovpn.clients.discovery,cat /var/ipfire/ovpn/ovpnconfig 2>/dev/null | awk -F',' 'BEGIN { ORS = ""; print "[" } { printf "%s{"{#NAME}":"%s","{#COMMONNAME}":"%s","{#STATE}":"%s","{#REMARK}":"%s","{#TYPE}":"%s"}", separator, $3, $4, $2, $27, $5; separator = ","; } END { print "]" }' +# Get OpenVPN status report +UserParameter=ipfire.ovpn.statusreport.get,sudo cat /var/run/ovpnserver.log 2>/dev/null | awk -F"," 'function unixtime(t) { gsub(/[-:]/," ",t); return mktime(t) } BEGIN { ORS = ""; print "{" } /^Updated,.+/ { printf ""timestamp":%s,"clients":[",unixtime($2) } /^.+,[0-9]+.[0-9]+.[0-9]+.[0-9]+:[0-9]+,[0-9]+,[0-9]+,.+/ { if ($1 != "Common Name") { printf "%s{"common_name":"%s","real_address":"%s","bytes_in":"%s","bytes_out":"%s","connected_since":"%s"}", separator, $1, $2, $3, $4, unixtime($5); separator = ","; } } /^ROUTING TABLE/ { print "],"routing_table":["; separator = "" } /^[0-9]+.[0-9]+.[0-9]+.[0-9]+,.+,[0-9]+.[0-9]+.[0-9]+.[0-9]+:[0-9]+,.+/ { if ($1 != "Virtual Address") { printf "%s{"common_name":"%s","virtual_address":"%s","real_address":"%s","last_ref":"%s"}", separator, $2, $1, $3, unixtime($4); separator = "," } } END { print "]}" }' +# Get OpenVPN client certificate details +UserParameter=ipfire.ovpn.clientcert[*],sudo /var/ipfire/zabbix_agentd/scripts/ipfire_certificate_detail.sh /var/ipfire/ovpn/ca/cacert.pem /var/ipfire/ovpn/certs/$1cert.pem +UserParameter=ipfire.ovpn.cacert,sudo /var/ipfire/zabbix_agentd/scripts/ipfire_certificate_detail.sh /var/ipfire/ovpn/ca/cacert.pem /var/ipfire/ovpn/ca/cacert.pem + +# Allow item key to be called with (unused) parameters. This allows the #SINGLETON method of discovering this item only when openvpn service is active +Alias=ipfire.ovpn.statusreport.get[]:ipfire.ovpn.statusreport.get +Alias=ipfire.ovpn.cacert[]:ipfire.ovpn.cacert \ No newline at end of file diff --git a/doc/language_issues.en b/doc/language_issues.en index 86d5890f23..40f85a748f 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -687,7 +687,7 @@ WARNING: untranslated string: drop outgoing = Log dropped outgoing packets WARNING: untranslated string: drop portscan = Log dropped portscan packets WARNING: untranslated string: drop proxy = Drop all packets not addressed to proxy WARNING: untranslated string: drop samba = Drop all Microsoft ports 135,137,138,139,445,1025 -WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and marsians +WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and martians WARNING: untranslated string: drop wirelessforward = Log dropped wireless forward packets WARNING: untranslated string: drop wirelessinput = Log dropped wireless input packets WARNING: untranslated string: dst port = Dst Port diff --git a/doc/language_issues.it b/doc/language_issues.it index 24efece2b4..1aca878ff5 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -973,7 +973,7 @@ WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: downfall gather data sampling = Downfall/Gather Data Sampling WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: drop hostile = Drop packets from and to hostile networks (listed at <a href="https://www.spamhaus.org/drop/" target="_blank">Spamhaus DROP</a>, etc.) -WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and marsians +WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and martians WARNING: untranslated string: duration = Duration WARNING: untranslated string: eight hours = 8 Hours WARNING: untranslated string: email config = Configuration diff --git a/doc/language_issues.nl b/doc/language_issues.nl index b6a65fad29..fde14ead1a 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -978,7 +978,7 @@ WARNING: untranslated string: download apple profile = Download Apple Configurat WARNING: untranslated string: download tls-auth key = Download tls-auth key WARNING: untranslated string: drop hostile = Drop packets from and to hostile networks (listed at <a href="https://www.spamhaus.org/drop/" target="_blank">Spamhaus DROP</a>, etc.) WARNING: untranslated string: drop outgoing = Log dropped outgoing packets -WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and marsians +WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and martians WARNING: untranslated string: duration = Duration WARNING: untranslated string: eight hours = 8 Hours WARNING: untranslated string: email config = Configuration diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 1a4f62870f..454e3fcf3a 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -965,7 +965,7 @@ WARNING: untranslated string: drop action2 = Default behaviour of (input) firewa WARNING: untranslated string: drop forward = Log dropped forward packets WARNING: untranslated string: drop hostile = Drop packets from and to hostile networks (listed at <a href="https://www.spamhaus.org/drop/" target="_blank">Spamhaus DROP</a>, etc.) WARNING: untranslated string: drop outgoing = Log dropped outgoing packets -WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and marsians +WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and martians WARNING: untranslated string: duration = Duration WARNING: untranslated string: eight hours = 8 Hours WARNING: untranslated string: email config = Configuration diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 8da6fe4b6d..0cb2765489 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -962,7 +962,7 @@ WARNING: untranslated string: drop action2 = Default behaviour of (input) firewa WARNING: untranslated string: drop forward = Log dropped forward packets WARNING: untranslated string: drop hostile = Drop packets from and to hostile networks (listed at <a href="https://www.spamhaus.org/drop/" target="_blank">Spamhaus DROP</a>, etc.) WARNING: untranslated string: drop outgoing = Log dropped outgoing packets -WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and marsians +WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and martians WARNING: untranslated string: duration = Duration WARNING: untranslated string: eight hours = 8 Hours WARNING: untranslated string: email config = Configuration diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 96fe71f7b5..aeda8127a4 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -953,7 +953,7 @@ WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: downfall gather data sampling = Downfall/Gather Data Sampling WARNING: untranslated string: download apple profile = Download Apple Configuration Profile WARNING: untranslated string: drop hostile = Drop packets from and to hostile networks (listed at <a href="https://www.spamhaus.org/drop/" target="_blank">Spamhaus DROP</a>, etc.) -WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and marsians +WARNING: untranslated string: drop spoofed martians = Log dropped spoofed packets and martians WARNING: untranslated string: duration = Duration WARNING: untranslated string: email recipient invalid = Invalid email recipient WARNING: untranslated string: email tls explicit = explicit (STARTTLS) diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 3246102ba5..667fb5d7ee 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -959,7 +959,7 @@ 'drop portscan' => 'Log dropped portscan packets', 'drop proxy' => 'Drop all packets not addressed to proxy', 'drop samba' => 'Drop all Microsoft ports 135,137,138,139,445,1025', -'drop spoofed martians' => 'Log dropped spoofed packets and marsians', +'drop spoofed martians' => 'Log dropped spoofed packets and martians', 'drop wirelessforward' => 'Log dropped wireless forward packets', 'drop wirelessinput' => 'Log dropped wireless input packets', 'dst port' => 'Dst Port', diff --git a/lfs/git b/lfs/git index 6489215255..d10ca469c2 100644 --- a/lfs/git +++ b/lfs/git @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.43.0 +VER = 2.44.0 SUMMARY = Fast, scalable, distributed revision control system
THISAPP = git-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = git -PAK_VER = 31 +PAK_VER = 32
DEPS = perl-Authen-SASL perl-MIME-Base64 perl-Net-SMTP-SSL
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 5da19211df56e306eb95cef65b2a987134d2f0853dc1db30e1cc99d0357b3f5ab7f1e434e73948d7b6ad6b7bfc44f75349479f46050ee63a6516c72b774b4eba +$(DL_FILE)_BLAKE2 = 6dc145e20e737763fb738ccb4a65ba2f8d6f35bb4e30520a0c79f4fcc0eaaaf4e99a9be00eaa9e14dec231ed122d54be7dfa9212a3e5a75707730256391896d4
install : $(TARGET)
diff --git a/lfs/gptfdisk b/lfs/gptfdisk index eb1c60357f..9e6f4310a8 100644 --- a/lfs/gptfdisk +++ b/lfs/gptfdisk @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,7 +25,7 @@
include Config
-VER = 1.0.9 +VER = 1.0.10
THISAPP = gptfdisk-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = gptfdisk -PAK_VER = 2 +PAK_VER = 3
DEPS =
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 1939ffd75972a4d7f92af2bfab90c7b0223825b5478b6b808dd35af943c687d38ba81663cd7ba5e0f9400656db4dac019c13a9f75d90b7bd716568c676c24dd2 +$(DL_FILE)_BLAKE2 = 9047bf68a2c5c254bda9b2815488963dc19a9415c90fbf4a127268a37fe8a545b7d45a333e356bd9da22e37ef649d9f60896ffedfdc35b60c7642a48e4ed2e5a
install : $(TARGET)
diff --git a/lfs/libffi b/lfs/libffi index bfd02b57fd..ffe7803aa1 100644 --- a/lfs/libffi +++ b/lfs/libffi @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 3.4.4 +VER = 3.4.6
THISAPP = libffi-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 189fe1ffe9507f204581b0ab09995dc7e7b761bb4eac7e338e9f5ff81431aebcef6c182c1839c9f9acb2706697a260c67e6d1351cf7e2aed7c4eb5d694f6f8fd +$(DL_FILE)_BLAKE2 = af8402a09bdbd59b4e9400d2d71bd5ce98f6f1d981d35d1ab40d77a831b13b32c5bd34ca54ff75999e39f0d8a9c066381fae7a8d6c5216d955e064f929f08b88
install : $(TARGET)
diff --git a/lfs/libgpg-error b/lfs/libgpg-error index f60f1ae820..c402d0bf81 100644 --- a/lfs/libgpg-error +++ b/lfs/libgpg-error @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.47 +VER = 1.48
THISAPP = libgpg-error-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = bc04efa0686b1b7d7cdce045fc080c090c1abec60349b673c2e1ce27900483aea090eb6ebcb3fb49a4eed36f18156a12413d5446f739475632f4ed2a2481ff27 +$(DL_FILE)_BLAKE2 = 4ced63058586558f4d001bcc468f4bd419b8ec29fbd7dbcaa1a21f959d847c9e12c10c548a0038fd4eac0bdfc9907b61e9f6be71c95fc61c964c649e2415dfd7
install : $(TARGET)
diff --git a/lfs/libpng b/lfs/libpng index 3a0704e591..b22b64b65a 100644 --- a/lfs/libpng +++ b/lfs/libpng @@ -24,7 +24,7 @@
include Config
-VER = 1.6.41 +VER = 1.6.42
THISAPP = libpng-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 43d8d1c563d9df46b663f706dca9563e31e6e47a2809a77a5d059de8cfa348721054df724d08ac24ef4717ffc101989941127df2d026c9537532375d9b432b68 +$(DL_FILE)_BLAKE2 = 8a8895b673ff90416a00c9ff775d7bdc38ab1ab0d83fd6e70cfffea2ed78bd42896950a64bf48ad9a00ea50d8c5d5702975b0bae7bb3300d4de4c82b334e513e
install : $(TARGET)
diff --git a/lfs/samba b/lfs/samba index 7ebac8ded2..76088abfad 100644 --- a/lfs/samba +++ b/lfs/samba @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 4.19.3 +VER = 4.19.5 SUMMARY = A SMB/CIFS File, Print, and Authentication Server
THISAPP = samba-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 98 +PAK_VER = 99
DEPS = avahi cups perl-Parse-Yapp perl-JSON
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = f83af3b50d795bdc4a250fe96040721150acc3b8effddd473e3cfa3ef6eeec99928b1307a18a472be45049e1d0b74650b9f6dd4bf5c434277c94ab88cb493b3b +$(DL_FILE)_BLAKE2 = 0f0081380ad459cca914e5e4cf505a4783ce97f0fb8c0471a6e558c747c16b0b327e545358265f365599c3807540985bcddb68aa67d14136cee4dbcb5158090c
install : $(TARGET)
diff --git a/lfs/shadow b/lfs/shadow index a3495474aa..f88c6c2836 100644 --- a/lfs/shadow +++ b/lfs/shadow @@ -24,7 +24,7 @@
include Config
-VER = 4.14.3 +VER = 4.14.5
THISAPP = shadow-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 6707cae41a0f8478cadd94ea5eaba95cdc6b1b23896b8dd903c62c931839a82b0538f04f8c12433f148da5b23c12a033963380be81f6fc97fa0e3f9399e51b21 +$(DL_FILE)_BLAKE2 = 885d2b23ed670cf26452eb208d561478b7410ffbb04a054feb65efb7da6f1d51eb992da61b72409f8991ee35efd7e7cf7a9bc770edec5f855ace32f82aaa7b55
install : $(TARGET)
diff --git a/lfs/zabbix_agentd b/lfs/zabbix_agentd index 0033d9a2c2..5f274c3098 100644 --- a/lfs/zabbix_agentd +++ b/lfs/zabbix_agentd @@ -26,7 +26,7 @@ include Config
SUMMARY = Zabbix Agent
-VER = 6.0.22 +VER = 6.0.27
THISAPP = zabbix-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = zabbix_agentd -PAK_VER = 11 +PAK_VER = 12
DEPS = fping
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = bba7911a24b00827c58d84938b5786d07f1eb44cbcad94cddf68b484ac9a2f514beb60225d006b8cefc5bbf92e51da27f26d9f6681e10f6322ed0841394e8d9d +$(DL_FILE)_BLAKE2 = 793bb887bd8f0d3c2f3d15a4ed9bb5b1fcfb13fcf80ea077672744a1bd8524e213eaf53291e0f9eecb9eb055fee6f1e29e91f890b54698906beac21ca54db4e9
install : $(TARGET)
@@ -110,6 +110,13 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) /var/ipfire/zabbix_agentd/userparameters/userparameter_pakfire.conf install -v -m 644 $(DIR_SRC)/config/zabbix_agentd/userparameter_ipfire.conf \ /var/ipfire/zabbix_agentd/userparameters/userparameter_ipfire.conf + install -v -m 644 $(DIR_SRC)/config/zabbix_agentd/userparameter_ovpn.conf \ + /var/ipfire/zabbix_agentd/userparameters/userparameter_ovpn.conf + + # Install IPFire-specific Zabbix Agent scripts + -mkdir -pv /var/ipfire/zabbix_agentd/scripts + install -v -m 755 $(DIR_SRC)/config/zabbix_agentd/ipfire_certificate_detail.sh \ + /var/ipfire/zabbix_agentd/scripts/ipfire_certificate_detail.sh
# Create directory for additional agent modules -mkdir -pv /usr/lib/zabbix
hooks/post-receive -- IPFire 2.x development tree