rpms / cacti

Clone
Source Code
GIT

Files

el4 el5 el6 epel7 epel8 epel8-playground f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f7 f8 f9 fc6 main rawhide
  1.   f21
  2.   cacti.spec
Blob Blame History Raw 
Name: cacti
Version: 0.8.8b
Release: 7%{?dist}
Summary: An rrd based graphing tool

# Use systemd unit files on Fedora 21+ and RHEL 7.
%if 0%{?fedora} >= 21 || 0%{?rhel} >= 7
  %global _with_systemd 1
%endif

Group: Applications/System
# There's a lot of stuff in there. It's all compatible.
License: GPLv2+ and LGPLv2 and (MPLv1.1 or GPLv2 or LGPLv2) and (LGPLv2 or BSD)
URL: http://www.cacti.net/
# Source0: http://www.cacti.net/downloads/%%{name}-%%{version}.tar.gz
# To generate the notreeview tarball:
#  wget http://www.cacti.net/downloads/cacti-0.8.8b.tar.gz
#  tar xzf cacti-0.8.8b.tar.gz
#  rm -rf cacti-0.8.8b/include/treeview/*
#  rm -rf cacti-0.8.8b.tar.gz
#  tar czf cacti-0.8.8b-notreeview.tar.gz cacti-0.8.8b
Source0: %{name}-%{version}-notreeview.tar.gz
Source1: cacti-httpd.conf
Source2: cacti.logrotate
Source3: cacti.README.fedora
Source4: d.gif
Source5: d.png
Source6: throbber.gif
Source7: %{name}.cron
# Add replacement files for treeview
Patch0: cacti-0.8.8a-legal.patch
# Thanks to Paul Gevers and Jan Zalesak (Debian)
Patch1: cacti-0.8.8a-replace_treeview_by_jquery.jstree.patch

# Upstream patch for XSS and SQL injection
# https://bugzilla.redhat.com/1000860
Patch2: cacti-0.8.8b-sanitize-variables.patch

# Upstream patch to fix graph comments
# https://bugzilla.redhat.com/1004550
Patch3: cacti-0.8.8b-rra-comments.patch

# Upstream patch for SQL injection and shell escaping
# https://bugzilla.redhat.com/1084258
Patch4: cacti-0.8.8b-sql-injection-shell-escaping.patch

# Upstream patch for HTML injection
# https://bugzilla.redhat.com/1082122
Patch5: cacti-0.8.8b-html-injection.patch

# Upstream patch for remote command execution
# https://bugzilla.redhat.com/1082122
Patch6: cacti-0.8.8b-remote-command-execution.patch

# Upstream patches for XSS
# https://bugzilla.redhat.com/1113035
Patch7: cacti-0.8.8b-validate-graph-templates-inputs.patch
Patch8: cacti-0.8.8b-validate-drp-action.patch

BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

Requires: php, php-mysql, mysql, httpd, rrdtool, net-snmp, php-snmp
Requires: net-snmp-utils
Requires: crontabs
Requires(pre): %{_sbindir}/useradd
%if 0%{?_with_systemd}
Requires(preun):  systemd
Requires(postun): systemd
Requires(post):   systemd
%else
Requires(postun): /sbin/service 
%endif
BuildArch: noarch

# This macro was added in Fedora 20. Use the old version if it's undefined
# on older Fedoras and RHELs.
# https://fedoraproject.org/wiki/Changes/UnversionedDocdirs
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}

%description
Cacti is a complete frontend to RRDTool. It stores all of the
necessary information to create graphs and populate them with
data in a MySQL database. The frontend is completely PHP
driven. Along with being able to maintain graphs, data
sources, and round robin archives in a database, Cacti also
handles the data gathering. There is SNMP support for those
used to creating traffic graphs with MRTG.

%prep
%setup -q
%patch0 -p1
# patch1: Remove treeview
%patch1 -p1
# patch2: XSS and SQL injection, https://bugzilla.redhat.com/1000860
%patch2 -p2
# patch3: Fix graph comments, https://bugzilla.redhat.com/1004550
%patch3 -p2
# patch4: SQL injection and shell escaping, https://bugzilla.redhat.com/1084258
%patch4 -p2
# patch5: HTML injection, https://bugzilla.redhat.com/1082122
%patch5 -p2
# patch6: Remote command execution, https://bugzilla.redhat.com/1082122
%patch6 -p2
# patch7 and 8: XSS, https://bugzilla.redhat.com/1113035
%patch7 -p2
%patch8 -p2
cp %{SOURCE4} %{SOURCE5} %{SOURCE6} include/js/jquery/themes/default/
rm -rf include/treeview

%build
# cacti's build is a noop

%install
rm -rf %{buildroot}
%{__mkdir} -p %{buildroot}/%{_sysconfdir}/%{name}
%{__install} -d -m 0755 %{buildroot}/%{_pkgdocdir}
%{__install} -d -m 0755 %{buildroot}/%{_datadir}/%{name}/
%{__install} -m 0644 *.php %{buildroot}/%{_datadir}/%{name}/
%{__install} -d -m 0775 log/ %{buildroot}/%{_localstatedir}/log/%{name}/
%{__install} -m 0664 log/* %{buildroot}/%{_localstatedir}/log/%{name}/
%{__install} -d -m 0755 rra/ %{buildroot}/%{_localstatedir}/lib/%{name}/rra/
%{__install} -d -m 0755 scripts/ %{buildroot}/%{_localstatedir}/lib//%{name}/scripts/
%{__install} -m 0755 scripts/* %{buildroot}/%{_localstatedir}/lib/%{name}/scripts/
%{__install} -d -m 0755 cli/ %{buildroot}/%{_localstatedir}/lib//%{name}/cli/
%{__install} -m 0755 cli/* %{buildroot}/%{_localstatedir}/lib/%{name}/cli/
%{__install} -p -D -m 0644 %{SOURCE7} %{buildroot}/%{_sysconfdir}/cron.d/%{name}
%{__install} -D -m 0644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/httpd/conf.d/cacti.conf
%{__install} -D -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/logrotate.d/cacti

# The su parameter will trip up older logrotate versions.
# Conditionally remove it here.
%if 0%{?rhel} && 0%{?rhel} <= 6
  sed -i %{buildroot}/%{_sysconfdir}/logrotate.d/cacti -e '/^[ \t]*su /d'
%endif

%{__cp} -a images/ include/ install/ lib/ plugins/ resource/ %{buildroot}%{_datadir}/%{name}
%{__cp} %{SOURCE3} ./docs/README.fedora
%{__cp} -a docs/ %{buildroot}/%{_pkgdocdir}
%{__mv} %{buildroot}/%{_datadir}/%{name}/include/config.php %{buildroot}/%{_sysconfdir}/%{name}/db.php
%{__chmod} +x %{buildroot}/%{_datadir}/%{name}/cmd.php %{buildroot}/%{_datadir}/%{name}/poller.php
ln -s %{_sysconfdir}/%{name}/db.php %{buildroot}/%{_datadir}/%{name}/include/config.php
ln -s %{_localstatedir}/lib/%{name}/rra %{buildroot}/%{_datadir}/%{name}/
ln -s %{_localstatedir}/lib/%{name}/scripts %{buildroot}/%{_datadir}/%{name}/
ln -s %{_localstatedir}/lib/%{name}/cli %{buildroot}/%{_datadir}/%{name}/
ln -s %{_localstatedir}/log/%{name}/ %{buildroot}/%{_datadir}/%{name}/log
ln -s %{_datadir}/%{name}/lib %{buildroot}/%{_localstatedir}/lib/%{name}/
ln -s %{_datadir}/%{name}/include %{buildroot}/%{_localstatedir}/lib/%{name}/

%clean
rm -rf %{buildroot}

%pre
%{_sbindir}/useradd -d %{_datadir}/%{name} -r -s /sbin/nologin cacti 2> /dev/null || :

%post
%if 0%{?_with_systemd}
  %systemd_post httpd.service
%else
  if [ $1 == 1 ]; then
    /sbin/service httpd condrestart > /dev/null 2>&1 || :
  fi
%endif

%postun
%if 0%{?_with_systemd}
  %systemd_postun_with_restart httpd.service
%else
  /sbin/service httpd condrestart > /dev/null 2>&1 || :
%endif

%files
%defattr(-,root,root,-)
%dir %{_sysconfdir}/%{name}
%dir %{_datadir}/%{name}
%dir %{_localstatedir}/lib/%{name}
%dir %{_localstatedir}/lib/%{name}/cli
%dir %{_localstatedir}/lib/%{name}/scripts
%doc docs/ README LICENSE cacti.sql
%config(noreplace) %{_sysconfdir}/cron.d/cacti
%config(noreplace) %{_sysconfdir}/httpd/conf.d/cacti.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%attr(0640,cacti,apache) %config(noreplace) %{_sysconfdir}/%{name}/db.php
%{_datadir}/%{name}/*.php
%{_datadir}/%{name}/images/
%{_datadir}/%{name}/include/
%{_datadir}/%{name}/install/
%{_datadir}/%{name}/lib/
%{_datadir}/%{name}/log
%{_datadir}/%{name}/plugins/
%{_datadir}/%{name}/resource/
%{_datadir}/%{name}/rra
%{_datadir}/%{name}/scripts
%{_datadir}/%{name}/cli
%{_localstatedir}/lib/%{name}/scripts/*[^p]
%attr(-,cacti,apache) %{_localstatedir}/log/%{name}/
%attr(-,cacti,root) %{_localstatedir}/lib/%{name}/rra/
%attr(0644,root,root) %{_localstatedir}/lib/%{name}/scripts/*php
%attr(0644,root,root) %{_localstatedir}/lib/%{name}/cli/*php
%attr(0644,root,root) %{_localstatedir}/lib/%{name}/include
%attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib

%changelog
* Fri Jun 27 2014 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8b-7
- Patches for CVE-2014-4002 Cross-site scripting vulnerability
  (RHBZ #1113035)

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.8b-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Mon Apr 07 2014 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8b-5
- Patch for CVE-2014-2708 SQL injection issues in graph_xport.php
  (RHBZ #1084258)
- Patch for CVE-2014-2709 shell escaping issues in lib/rrd.php
  (RHBZ #1084258)
- Patch for CVE-2014-2326 stored XSS attack (RHBZ #1082122)
- Patch for CVE-2014-2328 use of exec-like function calls without safety
  checks allow arbitrary command execution (RHBZ #1082122)

* Fri Feb 07 2014 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8b-4
- Move cron to a separate file and require crontabs (RHBZ #947047). Thanks
  Jóhann B. Guðmundsson.
- Update for systemd (RHBZ #947047). Thanks Jóhann B. Guðmundsson.
- Fix rpmlint warning about spaces-to-tabs

* Wed Sep 04 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8b-3
- Fix comments in thumbnails (BZ #1004550)

* Mon Aug 26 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8b-2
- Patch for CVE-2013-5588 and CVE-2013-5589 (BZ #1000860)

* Wed Aug 07 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8b-1
- New upstream release (BZ #993042)

* Mon Jul 29 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8a-9
- Use %%{_pkgdocdir}, per
  https://fedoraproject.org/wiki/Changes/UnversionedDocdirs

* Sun Jul 14 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8a-8
- Improve security description in cacti's httpd conf (RHBZ #895823)
- Use improved treeview replacement patch (RHBZ #888207)
- rpmlint fixes
- trim RPM changelog

* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.8a-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Tue Jan 08 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8a-6
- Add note to README.fedora about the default MySQL password
- Remove reference to "docs/INSTALL" in README.fedora (RHBZ #893122)
- Add dependency on net-snmp-utils (RHBZ #893150)

* Fri Jan 04 2013 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8a-5
- Install our README file as README.fedora

* Fri Jan  4 2013 Tom Callaway <spot@fedoraproject.org> - 0.8.8a-4
- remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk)

* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.8a-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Thu Jun 28 2012 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8a-2
- Add plugins directory (BZ #834355)
- Drop Fedora 15 (EOL) from logrotate syntax adjustment

* Mon Apr 30 2012 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8a-1
- New upstream release (BZ #817506)
- Drop upstreamed $url_path patch

* Wed Apr 11 2012 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8-3
- Patch $url_path to default to "/cacti/" (upstream bug 2217)

* Fri Apr 06 2012 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8-2
- Adjust httpd ACL conditionals to test the presence of mod_authz_core
  (as discussed on fedora-devel)

* Wed Apr 04 2012 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.8-1
- New upstream release (BZ #809753).

* Mon Mar 26 2012 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.7i-4
- Adjust ACLs to support httpd 2.4.

* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7i-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Tue Dec 13 2011 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.7i-2
- Only set "su" logrotate parameter for F16 and above.
- Tweak mod_security rules.

* Mon Dec 12 2011 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.7i-1
- New upstream release (BZ #766573).

* Fri Nov 11 2011 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.7h-2
- block HTTP access to log and rra directories (#609856)
- overrides for mod_security
- set logrotate to su to cacti apache when rotating (#753079)

* Thu Oct 27 2011 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.7h-1
- New upstream release.
- Remove upstream'd mysql patch.

* Mon Aug 08 2011 Jon Ciesla <limb@jcomserv.net> - 0.8.7g-3
- Patch for MySQL 5.5, BZ 728513.

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7g-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Mon Jul 12 2010 Mike McGrath <mmcgrath@redhat.com> 0.8.7g-1
- Upstream released new version

* Mon May 24 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7f-1
- Upstream released new version
- Contains security updates #595289

* Fri Apr 23 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-4
- Pulling in patches from upstream
- SQL injection fix
- BZ #541279

* Tue Dec  1 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-3
- Pulling in some official patches
- #541279
- #541962

* Sun Aug 16 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-1
- Upstream released new version

* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7d-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Tue Mar 31 2009 Michael Schwendt <mschwendt@fedoraproject.org> - 0.8.7d-3
- Fix unowned cli directory (#473631)

* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7d-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Sat Feb 21 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7d-1
- Upstream released new version

* Mon Jul 28 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-4
- Added cli directory

* Fri Jul 18 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.7b-3
- fix my own mistake in the license tag

* Tue Jul 15 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.7b-2
- fix license tag

* Thu Feb 14 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-1
- Upstream released new version

* Fri Nov 23 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-2
- db.php is now 640 instead of 660 - #396331

* Tue Nov 20 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-1
- Upstream released new version
- Fixes for bug #391691 - CVE-2007-6035
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.