More changes for Solaris and some misc. fixes

Makefile.in

@@ -97,18 +97,19 @@ install-inetd:
 	@if test $(INETD_TYPE) = inetd; then \
 		$(EGREP) -q "^\W*nrpe\s+" $(INETD_DIR)/$(INETD_FILE) || \
 		   cat startup/$(SRC_INETD) >> $(INETD_DIR)/$(INETD_FILE); \
-	elifif test $(INETD_TYPE) = systemd; then \
+	elif test $(INETD_TYPE) = systemd; then \
 		SRC_INETD_FILE=`echo "$(SRC_INETD)" | sed -e 's/socket/socket-svc/'`; \
 		echo $(INSTALL) -m 644 startup/$$SRC_INETD_FILE $(INETD_DIR)/$(INIT_FILE); \
 		$(INSTALL) -m 644 startup/$$SRC_INETD_FILE $(INETD_DIR)/$(INIT_FILE); \
-	elif test $(INETD_TYPE) = smf10 -o $(INETD_TYPE) = smf11; then \
-		echo svccfg import startup/$(SRC_INETD); \
-		svccfg import startup/$(SRC_INETD); \
-		echo svcadm enable nrpe; \
-		svcadm enable nrpe; \
 	else\
 		echo $(INSTALL) -m 644 startup/$(SRC_INETD) $(INETD_DIR)/$(INETD_FILE); \
 		$(INSTALL) -m 644 startup/$(SRC_INETD) $(INETD_DIR)/$(INETD_FILE); \
+		if test $(INETD_TYPE) = smf10 -o $(INETD_TYPE) = smf11; then \
+			echo svccfg import $(INETD_DIR)/$(INETD_FILE); \
+			svccfg import $(INETD_DIR)/$(INETD_FILE); \
+			echo svcadm enable nrpe; \
+			svcadm enable nrpe; \
+		fi;\
 	fi
 	@$(EGREP) -q "^nrpe[\t ]+5666/tcp" /etc/services || \
 		echo "***** MAKE SURE 'nrpe 5666/tcp' IS IN YOUR /etc/services FILE"
@@ -127,8 +128,10 @@ install-init:
 		echo $(INSTALL) -m 644 startup/$(SRC_INIT) $(INIT_DIR)/$(INIT_FILE); \
 		$(INSTALL) -m 644 startup/$(SRC_INIT) $(INIT_DIR)/$(INIT_FILE); \
 	elif test $(INETD_TYPE) = smf10 -o $(INETD_TYPE) = smf11; then \
-		echo svccfg import startup/$(SRC_INIT); \
-		svccfg import startup/$(SRC_INIT); \
+		echo $(INSTALL) -m 644 startup/$(SRC_INIT) $(INIT_DIR)/$(INIT_FILE); \
+		$(INSTALL) -m 644 startup/$(SRC_INIT) $(INIT_DIR)/$(INIT_FILE); \
+		echo svccfg import $(INIT_DIR)/$(INIT_FILE); \
+		svccfg import $(INIT_DIR)/$(INIT_FILE); \
 		echo svcadm enable nrpe; \
 		svcadm enable nrpe; \
 	else\
@@ -140,17 +143,17 @@ install-config:
 	$(INSTALL) -m 775 $(NAGIOS_INSTALL_OPTS) -d $(CFGDIR)
 	$(INSTALL) -m 644 $(NRPE_INSTALL_OPTS) sample-config/nrpe.cfg $(CFGDIR)
 
-install-group:
+install-groups:
 	@if test $(DIST) = aix; then\
 		echo mkgroup $(NAGIOS_GROUP);\
-		mkgroup $(NAGIOS_GROUP);\
+		mkgroup $(NAGIOS_GROUP) || true;\
 		echo mkgroup $(NRPE_GROUP);\
-		mkgroup $(NRPE_GROUP);\
+		mkgroup $(NRPE_GROUP) || true;\
 	elif test $(DIST) = hpux -o $(DIST) = solaris; then\
 		echo groupadd $(NAGIOS_GROUP);\
-		groupadd $(NAGIOS_GROUP);\
+		groupadd $(NAGIOS_GROUP) || true;\
 		echo groupadd $(NRPE_GROUP);\
-		groupadd $(NRPE_GROUP);\
+		groupadd $(NRPE_GROUP) || true;\
 	elif test $(OPSYS) = osx; then\
 		newid=`dscl . -list /Groups gid | tr -s ' ' | cut -d' ' -f2 | sort -n | tail -1`;\
 		newid=`expr 1 + $newid`;\
@@ -162,27 +165,27 @@ install-group:
 		dscl . -create /Groups/$(NRPE_GROUP) gid $$newid;\
 	elif test $(DIST) = "freebsd"; then\
 		echo pw add group $(NAGIOS_GROUP);\
-		pw add group $(NAGIOS_GROUP);\
+		pw add group $(NAGIOS_GROUP) || true;\
 		echo pw add group $(NRPE_GROUP);\
-		pw add group $(NRPE_GROUP);\
+		pw add group $(NRPE_GROUP) || true;\
 	else\
 		echo groupadd -r $(NAGIOS_GROUP);\
-		groupadd -r $(NAGIOS_GROUP);\
+		groupadd -r $(NAGIOS_GROUP) || true;\
 		echo groupadd -r $(NRPE_GROUP);\
-		groupadd -r $(NRPE_GROUP);\
+		groupadd -r $(NRPE_GROUP) || true;\
 	fi
 
-install-user:
+install-users:
 	@if test $(DIST) = aix; then\
 		echo useradd -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
-		useradd -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
+		useradd -g $(NAGIOS_GROUP) $(NAGIOS_USER) || true;\
 		echo useradd -g $(NRPE_GROUP) $(NRPE_USER);\
-		useradd -g $(NRPE_GROUP) $(NRPE_USER);\
+		useradd -g $(NRPE_GROUP) $(NRPE_USER) || true;\
 	elif test $(DIST) = hpux -o $(DIST) = solaris; then\
-		echo useradd -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
-		useradd -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
-		echo useradd -g $(NRPE_GROUP) $(NRPE_USER);\
-		useradd -g $(NRPE_GROUP) $(NRPE_USER);\
+		echo useradd -m -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
+		useradd -m -g $(NAGIOS_GROUP) $(NAGIOS_USER) || true;\
+		echo useradd -m -g $(NRPE_GROUP) $(NRPE_USER);\
+		useradd -m -g $(NRPE_GROUP) $(NRPE_USER) || true;\
 	elif test $(OPSYS) = osx; then\
 		newid=`dscl . -list /Users UniqueID | tr -s ' ' | cut -d' ' -f2 | sort -n | tail -1`;\
 		newid=`expr 1 + $newid`;\
@@ -201,19 +204,19 @@ install-user:
 		dscl . -append /Groups/$(NRPE_GROUP) GroupMembership $(NRPE_USER);\
 	elif test $(DIST) = "freebsd"; then\
 		echo pw add user -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
-		pw add user -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
+		pw add user -g $(NAGIOS_GROUP) $(NAGIOS_USER) || true;\
 		echo pw add user -g $(NRPE_GROUP) $(NRPE_USER);\
-		pw add user -g $(NRPE_GROUP) $(NRPE_USER);\
+		pw add user -g $(NRPE_GROUP) $(NRPE_USER) || true;\
 	else\
 		echo useradd -r -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
-		useradd -r -g $(NAGIOS_GROUP) $(NAGIOS_USER);\
+		useradd -r -g $(NAGIOS_GROUP) $(NAGIOS_USER) || true;\
 		echo useradd -r -g $(NRPE_GROUP) $(NRPE_USER);\
-		useradd -r -g $(NRPE_GROUP) $(NRPE_USER);\
+		useradd -r -g $(NRPE_GROUP) $(NRPE_USER) || true;\
 	fi
 
-install-group-user:
-	$(MAKE) install-group
-	$(MAKE) install-user
+install-groups-users:
+	$(MAKE) install-groups
+	$(MAKE) install-users
 
 
 solaris-package:
@@ -235,8 +238,11 @@ distclean: clean
 	rm -rf autom4te.cache
 	rm -f config.log config.status config.cache sample-config/nrpe.cfg $(SRC_INCLUDE)/config.h
 	rm -f startup/bsd-init startup/debian-init startup/default-init startup/default-inetd
-	rm -f startup/default-service startup/default-xinetd startup/mac-org.nagios.PKG_NAME.plist
-	rm -f startup/openrc-conf startup/openrc-init startup/solaris-PKG_NAME.xml
+	rm -f startup/default-service startup/default-socket startup/default-socket-svc
+	rm -f startup/default-xinetd startup/mac-org.nagios.PKG_NAME.plist startup/newbsd-init
+	rm -f startup/openrc-conf startup/openrc-init startup/rh-upstart-init
+	rm -f startup/solaris-init.xml startup/solaris-inetd.xml startup/tmpfile.conf
+	rm -f startup/upstart-init
 	rm -f Makefile
 
 devclean: distclean

README.SSL.md

@@ -41,7 +41,7 @@ key generated.
 
 The NRPE configuration file has added new SSL/TLS options. The
 defaults currently will allow old check_nrpe clients to continue to
-connect to the nrpe daemon, but can report on "old style" 
+connect to the nrpe daemon, but can report on "old style"
 connections, or enforce more secure communication as your migration
 progresses. The new options are in the "SSL/TLS OPTIONS" section of
 nrpe.cfg, about two-thirds of the way down.
@@ -241,7 +241,7 @@ Now, sign the CSRs. As root, do the following:
            -out server_certs/db_server.pem
         chown root.nagios server_certs/db_server.pem
         chmod 440 server_certs/db_server.pem
-        openssl ca -days 365 -notext -md sha256
+        openssl ca -days 365 -notext -md sha256 \
            -keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
            -in server_certs/bobs_workstation.csr \
            -out server_certs/bobs_workstation.pem
@@ -264,10 +264,10 @@ running the check_nrpe program.
            -out nag_serv.csr -nodes
 
         cd /usr/local/nagios/etc/ssl
-        openssl ca -extension usr_cert -days 365 -notext -md sha256 \
+        openssl ca -extensions usr_cert -days 365 -notext -md sha256 \
            -keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
            -in client_certs/nag_serv.csr \
-           -out client_certs/nag_serv.pem \
+           -out client_certs/nag_serv.pem
         chown root.nagios client_certs/nag_serv.pem
         chmod 440 client_certs/nag_serv.pem
 

build-aux/ax_nagios_get_paths

@@ -698,9 +698,9 @@ AS_CASE([$inetd_type],
 
 	[smf*],
 		if test $init_type = smf10; then
-			inetddir=${inetddir="/var/svc/manifest/network"}
+			inetddir=${inetddir="/var/svc/manifest/network/nagios"}
 		else
-			inetddir=${inetddir="/lib/svc/manifest/network"}
+			inetddir=${inetddir="/lib/svc/manifest/network/nagios"}
 		fi
 		inetdname=${inetdname="$PKG_NAME.xml"},
 

configure

@@ -3763,9 +3763,9 @@ case $inetd_type in #(
 		netdname=${inetdname="$PKG_NAME.socket"} ;; #(
   smf*) :
     if test $init_type = smf10; then
-			inetddir=${inetddir="/var/svc/manifest/network"}
+			inetddir=${inetddir="/var/svc/manifest/network/nagios"}
 		else
-			inetddir=${inetddir="/lib/svc/manifest/network"}
+			inetddir=${inetddir="/lib/svc/manifest/network/nagios"}
 		fi
 		inetdname=${inetdname="$PKG_NAME.xml"} ;; #(
   #	[upstart],

src/check_nrpe.c

@@ -671,9 +671,13 @@ int connect_to_remote()
 			syslog(LOG_NOTICE, "Remote %s - SSL Version: %s", rem_host, SSL_get_version(ssl));
 
 		if (sslprm.log_opts & SSL_LogCipher) {
+# if defined(__sun) || defined(_AIX) || defined(__hpux)
+			SSL_CIPHER *c = SSL_get_current_cipher(ssl);
+# else
 			const SSL_CIPHER *c = SSL_get_current_cipher(ssl);
+# endif
 			syslog(LOG_NOTICE, "Remote %s - %s, Cipher is %s", rem_host,
-				   (char*)SSL_CIPHER_get_version(c), (char*)SSL_CIPHER_get_name(c));
+				   SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
 		}
 
 		if ((sslprm.log_opts & SSL_LogIfClientCert) || (sslprm.log_opts & SSL_LogCertDetails)) {

src/nrpe.c

@@ -1728,7 +1728,11 @@ void init_handle_conn(void)
 int handle_conn_ssl(int sock, void *ssl_ptr)
 {
 #ifdef HAVE_SSL
+#if defined(__sun) || defined(_AIX) || defined(__hpux)
+	SSL_CIPHER *c;
+#else
 	const SSL_CIPHER *c;
+#endif
 	char      buffer[MAX_INPUT_BUFFER];
 	SSL      *ssl = (SSL*)ssl_ptr;
 	X509     *peer;
@@ -1772,7 +1776,7 @@ int handle_conn_ssl(int sock, void *ssl_ptr)
 	if (sslprm.log_opts & SSL_LogCipher) {
 		c = SSL_get_current_cipher(ssl);
 		syslog(LOG_NOTICE, "Remote %s - %s, Cipher is %s", remote_host,
-			   (char*)SSL_CIPHER_get_version(c), (char*)SSL_CIPHER_get_name(c));
+			   SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
 	}
 
 	if ((sslprm.log_opts & SSL_LogIfClientCert)

startup/solaris-inetd.xml.in

@@ -12,8 +12,6 @@
 		type='service'
 		version='1'>
 
-		<create-default-instance enabled='true' />
-
 		<restarter>
 			<service_fmri value='svc:/network/inetd:default' />
 		</restarter>
@@ -30,11 +28,11 @@
 			type='method'
 			name='inetd_start'
 			exec='@sbindir@/nrpe -c @pkgsysconfdir@/nrpe.cfg -i'
-			timeout_seconds='0'
+			timeout_seconds='0'>
 			<method_context>
 				<method_credential user='@nrpe_user@' group='@nrpe_group@'/>
 			</method_context>
-		/>
+		</exec_method>
 
 		<exec_method
 			type='method'
@@ -69,6 +67,8 @@
 				value='solaris.smf.manage.nrpe'/>
 		</property_group>
 
+		<instance name='default' enabled='true' />
+
 		<stability value='Unstable' />
 
 		<template>

startup/solaris-init.xml.in

@@ -32,40 +32,45 @@
 			<service_fmri value='svc:/system/filesystem/autofs' />
 		</dependency>
 
-		<dependency name='net-loopback'
+		<dependency
+			name='net-loopback'
 			grouping='require_all'
 			restart_on='none'
 			type='service'>
 			<service_fmri value='svc:/network/loopback' />
 		</dependency>
 
-		<dependency name='net-physical'
+		<dependency
+			name='net-physical'
 			grouping='require_all'
 			restart_on='none'
 			type='service'>
 			<service_fmri value='svc:/network/physical' />
 		</dependency>
 
-		<dependency name='cryptosvc'
+		<dependency
+			name='cryptosvc'
 			grouping='require_all'
 			restart_on='none'
 			type='service'>
 			<service_fmri value='svc:/system/cryptosvc' />
 		</dependency>
 
-		<dependency name='utmp'
+		<dependency
+			name='utmp'
 			grouping='require_all'
 			restart_on='none'
 			type='service'>
 			<service_fmri value='svc:/system/utmp' />
 		</dependency>
 
-		<dependency name='config_data'
+		<dependency
+			name='config_data'
 			grouping='require_all'
 			restart_on='restart'
 			type='path'>
 			<service_fmri
-			    value='file://localhost/pkg@sysconfdir@/nrpe.cfg' />
+			    value='file://localhost@sysconfdir@/nrpe.cfg' />
 		</dependency>
 
 		<dependency
@@ -80,20 +85,18 @@
 			name='nrpe_multi-user-server'
 			grouping='optional_all'
 			restart_on='none'>
-				<service_fmri
-				    value='svc:/milestone/multi-user-server' />
+			<service_fmri value='svc:/milestone/multi-user-server'/>
 		</dependent>
 
-		<method_context>
-			<method_credential user='@nrpe_user@' group='@nrpe_group@'/>
-		</method_context>
-
 		<exec_method
 			type='method'
 			name='start'
 			exec='@sbindir@/nrpe -c @pkgsysconfdir@/nrpe.cfg -f'
-			timeout_seconds='60'
-		/>
+			timeout_seconds='60'>
+			<method_context>
+				<method_credential user='@nrpe_user@' group='@nrpe_group@'/>
+			</method_context>
+		</exec_method>
 
 		<exec_method
 			type='method'
@@ -108,25 +111,17 @@
 			timeout_seconds='60'/>
 
 		<property_group name='startd' type='framework'>
-			<propval name='ignore_error'
-				type='astring'
-				value='core,signal' />
+			<propval name='ignore_error' type='astring' value='core,signal'/>
 		</property_group>
 
 		<property_group name='general' type='framework'>
-			<propval name='enabled'
-				type='boolean'
-				value='true'/>
-			<propval name='action_authorization'
-				type='astring'
+			<propval name='enabled' type='boolean' value='true'/>
+			<propval name='action_authorization' type='astring'
 				value='solaris.smf.manage.nrpe'/>
-			<propval name='value_authorization'
-				type='astring'
+			<propval name='value_authorization' type='astring'
 				value='solaris.smf.manage.nrpe'/>
 		</property_group>
 
-		<instance name='default' enabled='true' />
-
 		<stability value='Unstable' />
 
 		<template>

uninstall.in

@@ -308,7 +308,7 @@ rm_user() {
 	elif test ${DIST} = "freebsd"; then
 		pw del user ${USERID}
 	else
-		userdel ${USERID}
+		userdel -r ${USERID}
 	fi
 }