tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-09-25 18:48:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

CMake: remove logrotate version detection

Browse Source 
This was used to detect the presence of version 3.8.0 which introduced the "su"
config option[^1]. It was releases in 2011, so I'd say it's time that we can
just assume that it's supported.

Additionally, this has a bit of a security impact as it defaults to not using
the "su" option, which means that logrotate will do more than necessary as
root. This happened with our packages as these were built without logrotate
being installed, which caused the version detection to fail. Just assuming the
new version here instead of adding it as a non-obvious build dependency should
be the more robust fix.

[^1]: https://github.com/logrotate/logrotate/blob/r3-8-0/CHANGES#L6-L8
This commit is contained in:
Julian Brost 2025-08-19 16:02:18 +02:00
parent a218ba8d92
commit c42dc1e55a
2 changed files with 6 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
CMakeLists.txt
View File

@ -153,25 +153,6 @@ if(WIN32)
endif() endif()
endif() endif()
if(NOT DEFINED LOGROTATE_HAS_SU)
set(LOGROTATE_HAS_SU OFF)
find_program(LOGROTATE_BINARY logrotate)
execute_process(COMMAND ${LOGROTATE_BINARY} ERROR_VARIABLE LOGROTATE_OUTPUT)
if(LOGROTATE_OUTPUT)
string(REGEX REPLACE "^logrotate ([0-9.]*).*" "\\1" LOGROTATE_VERSION
${LOGROTATE_OUTPUT})
message(STATUS "Found logrotate (found version \"${LOGROTATE_VERSION}\")")
if("${LOGROTATE_VERSION}" VERSION_GREATER "3.7.9")
set(LOGROTATE_HAS_SU ON)
endif()
endif()
endif()
if(LOGROTATE_HAS_SU)
set(LOGROTATE_USE_SU "\n\tsu ${ICINGA2_USER} ${ICINGA2_GROUP}")
else()
set(LOGROTATE_CREATE "\n\tcreate 644 ${ICINGA2_USER} ${ICINGA2_GROUP}")
endif()
find_package(Boost ${BOOST_MIN_VERSION} COMPONENTS coroutine context date_time filesystem iostreams thread program_options regex REQUIRED) find_package(Boost ${BOOST_MIN_VERSION} COMPONENTS coroutine context date_time filesystem iostreams thread program_options regex REQUIRED)
# Boost.Coroutine2 (the successor of Boost.Coroutine) # Boost.Coroutine2 (the successor of Boost.Coroutine)

10
etc/logrotate.d/icinga2.cmake
View File

@ -1,10 +1,11 @@
@ICINGA2_LOGDIR@/icinga2.log @ICINGA2_LOGDIR@/debug.log { @ICINGA2_LOGDIR@/icinga2.log @ICINGA2_LOGDIR@/debug.log {
daily daily
rotate 7@LOGROTATE_USE_SU@ rotate 7
su @ICINGA2_USER@ @ICINGA2_GROUP@
compress compress
delaycompress delaycompress
missingok missingok
notifempty@LOGROTATE_CREATE@ notifempty
postrotate postrotate
/bin/kill -USR1 $(cat @ICINGA2_INITRUNDIR@/icinga2.pid 2> /dev/null) 2> /dev/null || true /bin/kill -USR1 $(cat @ICINGA2_INITRUNDIR@/icinga2.pid 2> /dev/null) 2> /dev/null || true
endscript endscript
@ -12,10 +13,11 @@
@ICINGA2_LOGDIR@/error.log { @ICINGA2_LOGDIR@/error.log {
daily daily
rotate 90@LOGROTATE_USE_SU@ rotate 90
su @ICINGA2_USER@ @ICINGA2_GROUP@
compress compress
delaycompress delaycompress
missingok missingok
notifempty@LOGROTATE_CREATE@ notifempty
# TODO: figure out how to get Icinga to re-open this log file # TODO: figure out how to get Icinga to re-open this log file
} }