Bug#684735: unblock: ganglia (security)
> Please could we have a full source debdiff for a proposed upload as part
> of this bug log? It makes it far clearer what was requested to be acked
> and what was (or wasn't) acked.
debdiff attached
diff -Nru ganglia-3.3.5/bootstrap ganglia-3.3.8/bootstrap
--- ganglia-3.3.5/bootstrap 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/bootstrap 1970-01-01 00:00:00.000000000 +0000
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-# This can be changed whenever it is decided to use a new
-# autotools
-#
-# Official release tarballs should only be prepared using the
-# autotools version agreed on the Ganglia mailing list
-#
-SUPPORTED="Debian 6.0 (squeeze) amd64"
-
-echo "Bootstrapping libmetrics"
-echo "WARNING:"
-echo "WARNING: you should only do this on $SUPPORTED"
-echo "WARNING: as any other versions of autotools may produce"
-echo "WARNING: errors or silently do something unexpected"
-echo "WARNING:"
-cd libmetrics && ./bootstrap || exit 1
-cd ..
-
-echo "Create distribution timestamp"
-touch Makefile.am
-echo "Running aclocal" &&
-aclocal &&
-echo "Running autoheader" &&
-autoheader &&
-echo "Creating build" &&
-mkdir -p build &&
-echo "Running automake" &&
-automake --add-missing --copy --foreign 2>/dev/null
-echo "Running libtoolize" &&
-libtoolize --automake --copy && automake --add-missing --copy --foreign &&
-echo "Running autoconf" &&
-autoconf -f || exit 1
-
-echo &&
-echo "To begin installation, run \"./configure\" now"
diff -Nru ganglia-3.3.5/configure ganglia-3.3.8/configure
--- ganglia-3.3.5/configure 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/configure 2012-08-13 12:55:09.000000000 +0000
@@ -1,5 +1,5 @@
#! /bin/sh
-# From configure.in 3.3.4-6-g9db9bee.
+# From configure.in 3.3.7-3-g3276b60.
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.67.
#
@@ -2415,7 +2415,7 @@
# to 0 (zero)
GANGLIA_MAJOR_VERSION=3
GANGLIA_MINOR_VERSION=3
-GANGLIA_MICRO_VERSION=5
+GANGLIA_MICRO_VERSION=8
# REL is used for various packaging systems:
# RHEL:
diff -Nru ganglia-3.3.5/configure.in ganglia-3.3.8/configure.in
--- ganglia-3.3.5/configure.in 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/configure.in 2012-08-13 12:55:09.000000000 +0000
@@ -41,7 +41,7 @@
# to 0 (zero)
GANGLIA_MAJOR_VERSION=3
GANGLIA_MINOR_VERSION=3
-GANGLIA_MICRO_VERSION=5
+GANGLIA_MICRO_VERSION=8
# REL is used for various packaging systems:
# RHEL:
diff -Nru ganglia-3.3.5/debian/changelog ganglia-3.3.8/debian/changelog
--- ganglia-3.3.5/debian/changelog 2012-04-08 16:48:08.000000000 +0000
+++ ganglia-3.3.8/debian/changelog 2012-08-13 13:37:19.000000000 +0000
@@ -1,3 +1,19 @@
+ganglia (3.3.8-1) unstable; urgency=low
+
+ * Check URL arguments thoroughly (Closes: #683584)
+ * Fix un-initialized return code variable
+ * Fix memory leak
+ * Fix issue where Ganglia fails to start with NetworkManager
+ * Extra logging of buffer sizes for troubleshooting a common problem
+
+ -- Daniel Pocock <daniel@pocock.com.au> Mon, 13 Aug 2012 15:17:28 +0200
+
+ganglia (3.3.5-3) unstable; urgency=low
+
+ * PO translation didn't get into the package properly.
+
+ -- Stuart Teasdale <sdt@debian.org> Mon, 09 Apr 2012 11:37:12 +0100
+
ganglia (3.3.5-2) unstable; urgency=low
* Add dutch translation. Closes: #658494.
diff -Nru ganglia-3.3.5/debian/control ganglia-3.3.8/debian/control
--- ganglia-3.3.5/debian/control 2012-04-02 21:14:08.000000000 +0000
+++ ganglia-3.3.8/debian/control 2012-08-13 13:37:19.000000000 +0000
@@ -2,9 +2,13 @@
Section: net
Priority: optional
Maintainer: Stuart Teasdale <sdt@debian.org>
+Uploaders: Daniel Pocock <daniel@pocock.com.au>
Homepage: http://www.ganglia.info/
Build-Depends: debhelper (>> 5.0.0), librrd2-dev, autoconf, autotools-dev, automake, libapr1-dev, libexpat1-dev, python-dev, libconfuse-dev, po-debconf, libxml2-dev, libdbi0-dev, libpcre3-dev, gperf, libtool, rsync
+DM-Upload-Allowed: yes
Standards-Version: 3.8.4
+Vcs-Git: git://git.debian.org/collab-maint/ganglia.git
+Vcs-Browser: http://git.debian.org/?p=collab-maint/ganglia.git;a=summary
Package: ganglia-monitor
Architecture: any
diff -Nru ganglia-3.3.5/debian/patches/debian-changes-3.3.8-1 ganglia-3.3.8/debian/patches/debian-changes-3.3.8-1
--- ganglia-3.3.5/debian/patches/debian-changes-3.3.8-1 1970-01-01 00:00:00.000000000 +0000
+++ ganglia-3.3.8/debian/patches/debian-changes-3.3.8-1 2012-08-13 14:09:23.000000000 +0000
@@ -0,0 +1,46 @@
+Description: Upstream changes introduced in version 3.3.8-1
+ This patch has been created by dpkg-source during the package build.
+ Here's the last changelog entry, hopefully it gives details on why
+ those changes were made:
+ .
+ ganglia (3.3.8-1) unstable; urgency=low
+ .
+ * Check URL arguments thoroughly (Closes: #683584)
+ * Fix un-initialized return code variable
+ * Fix memory leak
+ * Fix issue where Ganglia fails to start with NetworkManager
+ * Extra logging of buffer sizes for troubleshooting a common problem
+ .
+ The person named in the Author field signed this changelog entry.
+Author: Daniel Pocock <daniel@pocock.com.au>
+Bug-Debian: http://bugs.debian.org/683584
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- ganglia-3.3.8.orig/gmond/modules/python/README
++++ ganglia-3.3.8/gmond/modules/python/README
+@@ -101,11 +101,11 @@ follows:
+ module {
+ name = "python_module"
+ path = "modpython.so"
+- params = "/usr/local/lib64/ganglia/python_modules"
++ params = "/usr/lib/ganglia/python_modules"
+ }
+ }
+
+- include ('/usr/local/etc/conf.d/*.pyconf')
++ include ('/etc/ganglia/conf.d/*.pyconf')
+
+ The most significant part of this configuration is the 'params'
+ directive. The path that has been assigned to this directive will
diff -Nru ganglia-3.3.5/debian/patches/series ganglia-3.3.8/debian/patches/series
--- ganglia-3.3.5/debian/patches/series 1970-01-01 00:00:00.000000000 +0000
+++ ganglia-3.3.8/debian/patches/series 2012-08-13 14:09:23.000000000 +0000
@@ -0,0 +1 @@
+debian-changes-3.3.8-1
diff -Nru ganglia-3.3.5/debian/rules ganglia-3.3.8/debian/rules
--- ganglia-3.3.5/debian/rules 2012-04-02 08:23:32.000000000 +0000
+++ ganglia-3.3.8/debian/rules 2012-08-13 13:40:15.000000000 +0000
@@ -26,8 +26,8 @@
# Just in case, make sure changelog exists
touch ChangeLog
# Add here commands to configure the package.
- ./bootstrap
- chmod +x configure libmetrics/configure
+ #./bootstrap
+ #chmod +x configure libmetrics/configure
./configure CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \
--prefix=/usr --mandir=\$${prefix}/share/man \
--libdir=\$${prefix}/lib \
diff -Nru ganglia-3.3.5/ganglia.html ganglia-3.3.8/ganglia.html
--- ganglia-3.3.5/ganglia.html 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/ganglia.html 2012-08-13 12:55:09.000000000 +0000
@@ -62,7 +62,7 @@
</p>
<hr />
<h1><a name="version">Version</a></h1>
-<p><strong>ganglia</strong> 3.3.5</p>
+<p><strong>ganglia</strong> 3.3.8</p>
<p>The latest version of this software and document will always be found at
<a href="http://ganglia.sourceforge.net/.";>http://ganglia.sourceforge.net/.</a></p>
<p>
@@ -298,8 +298,8 @@
<p>If you installed ganglia using RPMs then these files will be installed when you install
the RPM. The RPM is installed simply by running</p>
<pre>
- % rpm -Uvh ganglia-gmond-3.3.5.i386.rpm
- % rpm -Uvh ganglia-gmetad-3.3.5.i386.rpm</pre>
+ % rpm -Uvh ganglia-gmond-3.3.8.i386.rpm
+ % rpm -Uvh ganglia-gmetad-3.3.8.i386.rpm</pre>
<p>Once you have the necessary binaries installed, you can test your installation by running</p>
<pre>
% ./gmond</pre>
@@ -360,7 +360,7 @@
</ol>
<p>Installation of the web frontend is simplified on Linux by using rpm.</p>
<pre>
- % rpm -Uvh ganglia-web-3.3.5-1.noarch.rpm
+ % rpm -Uvh ganglia-web-3.3.8-1.noarch.rpm
Preparing... ########################################### [100%]
1:ganglia-web ########################################### [100%]</pre>
<p>
@@ -449,7 +449,7 @@
<p>If you want help with the gmetric sytax, simply use the "help" commandline option</p>
<pre>
% gmetric --help
- gmetric 3.3.5</pre>
+ gmetric 3.3.8</pre>
<pre>
Purpose:
The Ganglia Metric Client (gmetric) announces a metric
@@ -499,7 +499,7 @@
<p>To get help with the commandline options, simply pass <code>gstat</code> the <code>--help</code> option</p>
<pre>
% gstat --help
- gstat 3.3.5</pre>
+ gstat 3.3.8</pre>
<pre>
Purpose:
The Ganglia Status Client (gstat) connects with a
diff -Nru ganglia-3.3.5/ganglia.spec ganglia-3.3.8/ganglia.spec
--- ganglia-3.3.5/ganglia.spec 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/ganglia.spec 2012-08-13 12:55:09.000000000 +0000
@@ -8,13 +8,13 @@
# (ex: i386, i686, x86_64) when calling rpmbuild as shown by the following
# command line aimed at 80386 or higher CPUs :
#
-# % rpmbuild -ta --target noarch,i386 ganglia-3.3.5.tar.gz
+# % rpmbuild -ta --target noarch,i386 ganglia-3.3.8.tar.gz
#
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Summary: Ganglia Distributed Monitoring System
Name: ganglia
-Version: 3.3.5
+Version: 3.3.8
URL: http://ganglia.info/
# The Release macro value is set in configure.in, please update it there.
Release: 1
@@ -52,7 +52,7 @@
Provides: ganglia-webfrontend = %{version}
# We should put rrdtool as a Requires too but rrdtool rpm support is very weak
# so most people install from source
-#Requires: ganglia-gmetad >= 3.3.5
+#Requires: ganglia-gmetad >= 3.3.8
Requires: php >= 5, php-gd, php-xml
%if 0%{?suse_version}
%define web_prefixdir /srv/www/htdocs/ganglia
diff -Nru ganglia-3.3.5/gmetad-python/Gmetad/gmetad_config.py ganglia-3.3.8/gmetad-python/Gmetad/gmetad_config.py
--- ganglia-3.3.5/gmetad-python/Gmetad/gmetad_config.py 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/gmetad-python/Gmetad/gmetad_config.py 2012-08-13 12:55:09.000000000 +0000
@@ -63,7 +63,7 @@
XML_PORT = 'xml_port'
INTERACTIVE_PORT = 'interactive_port'
SERVER_THREADS = 'server_threads'
- VERSION = '3.3.5'
+ VERSION = '3.3.8'
PLUGINS_DIR = 'plugins_dir'
_cfgDefaults = {
diff -Nru ganglia-3.3.5/gmetad-python/setup.py ganglia-3.3.8/gmetad-python/setup.py
--- ganglia-3.3.5/gmetad-python/setup.py 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/gmetad-python/setup.py 2012-08-13 12:55:09.000000000 +0000
@@ -2,7 +2,7 @@
from glob import glob
setup(name='gmetad-python',
- version='3.3.5',
+ version='3.3.8',
description='Ganglia Meta daemon in Python',
maintainer='Ganglia Development Team',
maintainer_email='ganglia-developers@lists.sourceforge.net',
diff -Nru ganglia-3.3.5/gmond/conf.pod ganglia-3.3.8/gmond/conf.pod
--- ganglia-3.3.5/gmond/conf.pod 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/gmond/conf.pod 2012-08-13 12:55:09.000000000 +0000
@@ -225,8 +225,8 @@
this attribute will be ignored.
The B<udp_recv_channel> section has following attributes:
-B<mcast_join>, B<bind>, B<port>, B<mcast_if>, B<family>. The
-B<udp_recv_channel> can also have an B<acl> definition (see
+B<mcast_join>, B<bind>, B<port>, B<mcast_if>, B<family> and B<retry_bind>.
+The B<udp_recv_channel> can also have an B<acl> definition (see
ACCESS CONTROL LISTS below).
For example, the 2.5.x gmond ran with a single udp receive channel...
@@ -285,6 +285,20 @@
Note: To use some other port for sFlow, set it here and then specify the port
in an B<sflow> section (see below).
+B<gmond> will fail to run if it can't bind to all defined
+B<udp_recv_channel>s. Sometimes, on machines configured by DHCP,
+for example, the B<gmond> daemon starts before a network address is
+assigned to the interface. Consequently, the bind fails and the
+B<gmond> daemon does not run. To assist in this situation, the
+boolean parameter B<retry_bind> can be set to the value B<true>
+and then the daemon will not abort on failure, it will enter a
+loop and repeat the bind attempt every 60 seconds:
+
+ udp_recv_channel {
+ port = 6343
+ retry_bind = true
+ }
+
=head2 tcp_accept_channel
You can specify as many B<tcp_accept_channel> sections as you like
diff -Nru ganglia-3.3.5/gmond/gmond.c ganglia-3.3.8/gmond/gmond.c
--- ganglia-3.3.5/gmond/gmond.c 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/gmond/gmond.c 2012-08-13 12:55:09.000000000 +0000
@@ -56,6 +56,10 @@
/* Specifies a single value metric callback */
#define CB_NOINDEX -1
+/* If a bind fails, and retry_bind is true, this is the interval to sleep
+ before retry. Specified in seconds */
+#define RETRY_BIND_DELAY 60
+
/* When this gmond was started */
apr_time_t started;
/* My name */
@@ -549,7 +553,33 @@
}
static void
-setup_listen_channels_pollset( int reset )
+reset_mcast_channels( void )
+{
+ int i;
+ int num_udp_recv_channels = cfg_size( config_file, "udp_recv_channel");
+
+ for(i = 0; i< num_udp_recv_channels; i++)
+ {
+ cfg_t *udp_recv_channel;
+ char *mcast_join, *mcast_if;
+ int port;
+ apr_socket_t *socket = NULL;
+
+ udp_recv_channel = cfg_getnsec( config_file, "udp_recv_channel", i);
+ mcast_join = cfg_getstr( udp_recv_channel, "mcast_join" );
+ mcast_if = cfg_getstr( udp_recv_channel, "mcast_if" );
+ port = cfg_getint( udp_recv_channel, "port");
+
+ if ( mcast_join )
+ {
+ socket = udp_recv_sockets[i];
+ join_mcast(global_context, socket, mcast_join, port, mcast_if);
+ }
+ }
+}
+
+static void
+setup_listen_channels_pollset( void )
{
apr_status_t status;
int i;
@@ -559,10 +589,6 @@
Ganglia_channel *channel;
int pollset_opts = 0;
- /* reset only if there are no udp_recv_channels */
- if (reset && num_udp_recv_channels == 0)
- return;
-
/* check if gmond was really meant to be deaf */
if (total_listen_channels == 0)
{
@@ -571,40 +597,36 @@
}
/* Create my incoming pollset */
- if (!reset)
- {
#ifdef LINUX
- struct utsname _name;
- if(uname(&_name) >= 0) {
- if(strcmp(_name.release, "2.6") >= 0)
- pollset_opts = APR_POLLSET_THREADSAFE;
- }
+ struct utsname _name;
+ if(uname(&_name) >= 0) {
+ if(strcmp(_name.release, "2.6") >= 0)
+ pollset_opts = APR_POLLSET_THREADSAFE;
+ }
#endif
- if((status = apr_pollset_create(&listen_channels, total_listen_channels, global_context, pollset_opts)) != APR_SUCCESS)
- {
- char apr_err[512];
- apr_strerror(status, apr_err, 511);
- err_msg("apr_pollset_create failed: %s", apr_err);
- exit(1);
- }
- }
-
- if(!reset)
+ if((status = apr_pollset_create(&listen_channels, total_listen_channels, global_context, pollset_opts)) != APR_SUCCESS)
{
- if((udp_recv_sockets = (apr_socket_t **)apr_pcalloc(global_context, sizeof(apr_socket_t *) * (num_udp_recv_channels + 1))) == NULL)
- err_quit("unable to allocate UDP listening sockets");
+ char apr_err[512];
+ apr_strerror(status, apr_err, 511);
+ err_msg("apr_pollset_create failed: %s", apr_err);
+ exit(1);
}
+ if((udp_recv_sockets = (apr_socket_t **)apr_pcalloc(global_context, sizeof(apr_socket_t *) * (num_udp_recv_channels + 1))) == NULL)
+ err_quit("unable to allocate UDP listening sockets");
+
/* Process all the udp_recv_channels */
for(i = 0; i< num_udp_recv_channels; i++)
{
cfg_t *udp_recv_channel;
char *mcast_join, *mcast_if, *bindaddr, *family;
- int port;
- static apr_socket_t *socket = NULL;
+ int port, retry_bind;
+ apr_socket_t *socket = NULL;
apr_pollfd_t socket_pollfd;
apr_pool_t *pool = NULL;
int32_t sock_family = APR_INET;
+ apr_int32_t rx_buf_sz;
+ socklen_t _optlen;
udp_recv_channel = cfg_getnsec( config_file, "udp_recv_channel", i);
mcast_join = cfg_getstr( udp_recv_channel, "mcast_join" );
@@ -612,12 +634,14 @@
port = cfg_getint( udp_recv_channel, "port");
bindaddr = cfg_getstr( udp_recv_channel, "bind");
family = cfg_getstr( udp_recv_channel, "family");
+ retry_bind = cfg_getbool( udp_recv_channel, "retry_bind");
debug_msg("udp_recv_channel mcast_join=%s mcast_if=%s port=%d bind=%s",
mcast_join? mcast_join:"NULL",
mcast_if? mcast_if:"NULL", port,
bindaddr? bindaddr: "NULL");
+
/* Create a sub-pool for this channel */
apr_pool_create(&pool, global_context);
@@ -626,35 +650,61 @@
if( mcast_join )
{
/* Listen on the specified multicast channel */
- if (reset) { /* network reset? rejoin existing socket */
- join_mcast(pool, socket, mcast_join, port, mcast_if);
- return;
- } else
- socket = create_mcast_server(pool, sock_family, mcast_join, port, bindaddr, mcast_if );
+ socket = create_mcast_server(pool, sock_family, mcast_join, port, bindaddr, mcast_if );
- if(!socket)
+ while(!socket)
{
- err_msg("Error creating multicast server mcast_join=%s port=%d mcast_if=%s family='%s'. Exiting.\n",
+ if(retry_bind == cfg_false)
+ {
+ err_msg("Error creating multicast server mcast_join=%s port=%d mcast_if=%s family='%s'. Try setting retry_bind. Exiting.\n",
+ mcast_join? mcast_join: "NULL", port, mcast_if? mcast_if:"NULL",family);
+ exit(1);
+ }
+ err_msg("Error creating multicast server mcast_join=%s port=%d mcast_if=%s family='%s'. Will try again...\n",
mcast_join? mcast_join: "NULL", port, mcast_if? mcast_if:"NULL",family);
- exit(1);
+ apr_sleep(APR_USEC_PER_SEC * RETRY_BIND_DELAY);
+ socket = create_mcast_server(pool, sock_family, mcast_join, port, bindaddr, mcast_if );
}
}
else
{
- /* Unicast listener needs no reset */
- if (reset)
- return;
-
/* Create a UDP server */
socket = create_udp_server( pool, sock_family, port, bindaddr );
- if(!socket)
+ while(!socket)
{
- err_msg("Error creating UDP server on port %d bind=%s. Exiting.\n",
+ if(retry_bind == cfg_false)
+ {
+ err_msg("Error creating UDP server on port %d bind=%s. Try setting retry_bind. Exiting.\n",
+ port, bindaddr? bindaddr: "unspecified");
+ exit(1);
+ }
+ err_msg("Error creating UDP server on port %d bind=%s. Will try again...\n",
port, bindaddr? bindaddr: "unspecified");
- exit(1);
+ apr_sleep(APR_USEC_PER_SEC * RETRY_BIND_DELAY);
+ socket = create_udp_server( pool, sock_family, port, bindaddr );
}
}
+ /* Find out about the RX socket buffer
+ This is logged to help people troubleshoot
+ Some users have observed messages about errors when sending
+ or receiving metric packets, and a small buffer size
+ could be an issue */
+ if(apr_socket_opt_get(socket, APR_SO_RCVBUF, &rx_buf_sz) == APR_SUCCESS)
+ {
+ debug_msg("socket created, APR_SO_RCVBUF = %d\n", rx_buf_sz);
+ }
+ else
+ err_msg("apr_socket_opt_get APR_SO_RCVBUF failed\n");
+ _optlen = sizeof(rx_buf_sz);
+ if(getsockopt(get_apr_os_socket(socket), SOL_SOCKET, SO_RCVBUF,
+ &rx_buf_sz, &_optlen) == 0)
+ {
+ debug_msg("socket created, SO_RCVBUF = %d\n", rx_buf_sz);
+ }
+ else
+ err_msg("getsockopt SO_RCVBUF failed\n");
+
/* Build the socket poll file descriptor structure */
socket_pollfd.desc_type = APR_POLL_SOCKET;
socket_pollfd.reqevents = APR_POLLIN;
@@ -2954,7 +3004,7 @@
if(!deaf)
{
- setup_listen_channels_pollset(0);
+ setup_listen_channels_pollset();
}
/* even if mute, a send channel may be needed to send a request for metadata */
@@ -3001,7 +3051,13 @@
{
/* if we went deaf, re-subscribe to the multicast channel */
if ((now - udp_last_heard) > 60 * APR_USEC_PER_SEC)
- setup_listen_channels_pollset(1);
+ {
+ /* FIXME: maybe this should be done for the affected
+ channel only? */
+ reset_mcast_channels();
+ /* reset the timer */
+ udp_last_heard = now;
+ }
/* cleanup the data if the cleanup threshold has been met */
if( (now - last_cleanup) > apr_time_make(cleanup_threshold,0))
diff -Nru ganglia-3.3.5/gmond/gmond.conf.5 ganglia-3.3.8/gmond/gmond.conf.5
--- ganglia-3.3.5/gmond/gmond.conf.5 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/gmond/gmond.conf.5 2012-08-13 12:55:09.000000000 +0000
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "gmond.conf 5"
-.TH gmond.conf 5 "2012-03-26" "ganglia/3.3.5" "Ganglia Monitoring System"
+.TH gmond.conf 5 "2012-08-13" "ganglia/3.3.8" "Ganglia Monitoring System"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -360,8 +360,8 @@
this attribute will be ignored.
.PP
The \fBudp_recv_channel\fR section has following attributes:
-\&\fBmcast_join\fR, \fBbind\fR, \fBport\fR, \fBmcast_if\fR, \fBfamily\fR. The
-\&\fBudp_recv_channel\fR can also have an \fBacl\fR definition (see
+\&\fBmcast_join\fR, \fBbind\fR, \fBport\fR, \fBmcast_if\fR, \fBfamily\fR and \fBretry_bind\fR.
+The \fBudp_recv_channel\fR can also have an \fBacl\fR definition (see
\&\s-1ACCESS\s0 \s-1CONTROL\s0 \s-1LISTS\s0 below).
.PP
For example, the 2.5.x gmond ran with a single udp receive channel...
@@ -425,6 +425,22 @@
Note: sFlow is unicast protocol, so don't include \fBmcast_join\fR join.
Note: To use some other port for sFlow, set it here and then specify the port
in an \fBsflow\fR section (see below).
+.PP
+\&\fBgmond\fR will fail to run if it can't bind to all defined
+\&\fBudp_recv_channel\fRs. Sometimes, on machines configured by \s-1DHCP\s0,
+for example, the \fBgmond\fR daemon starts before a network address is
+assigned to the interface. Consequently, the bind fails and the
+\&\fBgmond\fR daemon does not run. To assist in this situation, the
+boolean parameter \fBretry_bind\fR can be set to the value \fBtrue\fR
+and then the daemon will not abort on failure, it will enter a
+loop and repeat the bind attempt every 60 seconds:
+.PP
+.Vb 4
+\& udp_recv_channel {
+\& port = 6343
+\& retry_bind = true
+\& }
+.Ve
.SS "tcp_accept_channel"
.IX Subsection "tcp_accept_channel"
You can specify as many \fBtcp_accept_channel\fR sections as you like
diff -Nru ganglia-3.3.5/gmond/gmond.conf.html ganglia-3.3.8/gmond/gmond.conf.html
--- ganglia-3.3.5/gmond/gmond.conf.html 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/gmond/gmond.conf.html 2012-08-13 12:55:09.000000000 +0000
@@ -2,7 +2,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
-<title>Ganglia Monitoring Daemon v3.3.5 Configuration</title>
+<title>Ganglia Monitoring Daemon v3.3.8 Configuration</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost"; />
</head>
@@ -10,7 +10,7 @@
<body style="background-color: white">
<table border="0" width="100%" cellspacing="0" cellpadding="3">
<tr><td class="block" style="background-color: #cccccc" valign="middle">
-<big><strong><span class="block"> Ganglia Monitoring Daemon v3.3.5 Configuration</span></strong></big>
+<big><strong><span class="block"> Ganglia Monitoring Daemon v3.3.8 Configuration</span></strong></big>
</td></tr>
</table>
@@ -244,8 +244,8 @@
limits of memory and file descriptors. If <strong>gmond</strong> is configured <strong>deaf</strong>
this attribute will be ignored.</p>
<p>The <strong>udp_recv_channel</strong> section has following attributes:
-<strong>mcast_join</strong>, <strong>bind</strong>, <strong>port</strong>, <strong>mcast_if</strong>, <strong>family</strong>. The
-<strong>udp_recv_channel</strong> can also have an <strong>acl</strong> definition (see
+<strong>mcast_join</strong>, <strong>bind</strong>, <strong>port</strong>, <strong>mcast_if</strong>, <strong>family</strong> and <strong>retry_bind</strong>.
+The <strong>udp_recv_channel</strong> can also have an <strong>acl</strong> definition (see
ACCESS CONTROL LISTS below).</p>
<p>For example, the 2.5.x gmond ran with a single udp receive channel...</p>
<pre>
@@ -294,6 +294,19 @@
<p>Note: sFlow is unicast protocol, so don't include <strong>mcast_join</strong> join.
Note: To use some other port for sFlow, set it here and then specify the port
in an <strong>sflow</strong> section (see below).</p>
+<p><strong>gmond</strong> will fail to run if it can't bind to all defined
+<strong>udp_recv_channel</strong>s. Sometimes, on machines configured by DHCP,
+for example, the <strong>gmond</strong> daemon starts before a network address is
+assigned to the interface. Consequently, the bind fails and the
+<strong>gmond</strong> daemon does not run. To assist in this situation, the
+boolean parameter <strong>retry_bind</strong> can be set to the value <strong>true</strong>
+and then the daemon will not abort on failure, it will enter a
+loop and repeat the bind attempt every 60 seconds:</p>
+<pre>
+ udp_recv_channel {
+ port = 6343
+ retry_bind = true
+ }</pre>
<p>
</p>
<h2><a name="tcp_accept_channel">tcp_accept_channel</a></h2>
@@ -602,7 +615,7 @@
<p>Copyright (c) 2005 The University of California, Berkeley</p>
<table border="0" width="100%" cellspacing="0" cellpadding="3">
<tr><td class="block" style="background-color: #cccccc" valign="middle">
-<big><strong><span class="block"> Ganglia Monitoring Daemon v3.3.5 Configuration</span></strong></big>
+<big><strong><span class="block"> Ganglia Monitoring Daemon v3.3.8 Configuration</span></strong></big>
</td></tr>
</table>
diff -Nru ganglia-3.3.5/lib/apr_net.c ganglia-3.3.8/lib/apr_net.c
--- ganglia-3.3.5/lib/apr_net.c 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/lib/apr_net.c 2012-08-13 12:55:09.000000000 +0000
@@ -261,6 +261,12 @@
/*XXX This should really be replaced by the APR mcast functions */
+int
+get_apr_os_socket(apr_socket_t *socket)
+{
+ return socket->socketdes;
+}
+
/*
* Configure from which interface multicast traffic should be sent.
*/
@@ -287,7 +293,7 @@
if(ifname)
{
strncpy(ifreq->ifr_name, ifname, IFNAMSIZ);
- if(ioctl(sock->socketdes, SIOCGIFADDR, ifreq) == -1)
+ if(ioctl(get_apr_os_socket(sock), SIOCGIFADDR, ifreq) == -1)
return APR_EGENERAL;
}
else
@@ -296,7 +302,7 @@
((struct sockaddr_in *)&ifreq->ifr_addr)->sin_addr.s_addr = htonl(INADDR_ANY);
}
- rval = setsockopt(sock->socketdes, IPPROTO_IP, IP_MULTICAST_IF,
+ rval = setsockopt(get_apr_os_socket(sock), IPPROTO_IP, IP_MULTICAST_IF,
&((struct sockaddr_in *)&ifreq->ifr_addr)->sin_addr,
sizeof( struct in_addr));
@@ -317,7 +323,7 @@
if_index = if_nametoindex( ifname);
}
- rval = setsockopt(sock->socketdes, IPPROTO_IPV6, IPV6_MULTICAST_IF,
+ rval = setsockopt(get_apr_os_socket(sock), IPPROTO_IPV6, IPV6_MULTICAST_IF,
&if_index, sizeof(if_index));
break;
@@ -334,14 +340,21 @@
apr_status_t
join_mcast( apr_pool_t *context, apr_socket_t *sock, char *mcast_channel, apr_port_t port, char *ifname )
{
+ apr_pool_t *pool = NULL;
apr_status_t status;
int rval;
apr_sockaddr_t *sa;
apr_os_sock_t s;
- status = apr_sockaddr_info_get(&sa, mcast_channel , APR_UNSPEC, port, 0, context);
+ if((status = apr_pool_create(&pool, context)) != APR_SUCCESS)
+ {
+ return status;
+ }
+
+ status = apr_sockaddr_info_get(&sa, mcast_channel , APR_UNSPEC, port, 0, pool);
if(status != APR_SUCCESS)
{
+ apr_pool_destroy(pool);
return status;
}
@@ -365,6 +378,7 @@
strncpy(ifreq->ifr_name, ifname, IFNAMSIZ);
if(ioctl(s, SIOCGIFADDR, ifreq) == -1)
{
+ apr_pool_destroy(pool);
return APR_EGENERAL;
}
}
@@ -382,6 +396,7 @@
mreq, sizeof mreq);
if(rval<0)
{
+ apr_pool_destroy(pool);
return APR_EGENERAL;
}
break;
@@ -403,17 +418,22 @@
}
if (ioctl(s, SIOCGIFADDR, ifreq) == -1)
+ {
+ apr_pool_destroy(pool);
return -1;
+ }
rval = setsockopt(s, IPPROTO_IPV6, IPV6_JOIN_GROUP, mreq, sizeof mreq);
break;
}
#endif
default:
+ apr_pool_destroy(pool);
/* Set errno to EPROTONOSUPPORT */
return -1;
}
+ apr_pool_destroy(pool);
return APR_SUCCESS;
}
diff -Nru ganglia-3.3.5/lib/apr_net.h ganglia-3.3.8/lib/apr_net.h
--- ganglia-3.3.5/lib/apr_net.h 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/lib/apr_net.h 2012-08-13 12:55:09.000000000 +0000
@@ -13,6 +13,9 @@
APR_DECLARE(apr_status_t)
apr_sockaddr_ip_buffer_get(char *addr, int len, apr_sockaddr_t *sockaddr);
+int
+get_apr_os_socket(apr_socket_t *socket);
+
apr_status_t
join_mcast( apr_pool_t *context, apr_socket_t *sock, char *mcast_channel, apr_port_t port, char *ifname );
diff -Nru ganglia-3.3.5/lib/default_conf.h.in ganglia-3.3.8/lib/default_conf.h.in
--- ganglia-3.3.5/lib/default_conf.h.in 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/lib/default_conf.h.in 2012-08-13 12:55:09.000000000 +0000
@@ -63,6 +63,7 @@
mcast_join = 239.2.11.71\n\
port = 8649\n\
bind = 239.2.11.71\n\
+ retry_bind = false\n\
}\n\
\n\
/* You can specify as many tcp_accept_channels as you like to share\n\
diff -Nru ganglia-3.3.5/lib/libgmond.c ganglia-3.3.8/lib/libgmond.c
--- ganglia-3.3.5/lib/libgmond.c 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/lib/libgmond.c 2012-08-13 12:55:09.000000000 +0000
@@ -103,6 +103,7 @@
CFG_STR("mcast_if", NULL, CFGF_NONE),
CFG_SEC("acl", acl_opts, CFGF_NONE),
CFG_STR("family", "inet4", CFGF_NONE),
+ CFG_BOOL("retry_bind", cfg_false, CFGF_NONE),
CFG_END()
};
diff -Nru ganglia-3.3.5/libmetrics/get_ifi_info.c ganglia-3.3.8/libmetrics/get_ifi_info.c
--- ganglia-3.3.5/libmetrics/get_ifi_info.c 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/libmetrics/get_ifi_info.c 2012-08-13 12:55:09.000000000 +0000
@@ -56,6 +56,10 @@
struct ifreq *ifr, ifrcopy;
struct sockaddr_in *sinptr;
struct ifreq mtu;
+#ifdef SOLARIS
+ int _c_virt = 0;
+#endif /* SOLARIS */
+ int _all_virt = 0;
sockfd = Socket(AF_INET, SOCK_DGRAM, 0);
if (sockfd == -1) {
@@ -85,6 +89,44 @@
lastname[0] = 0;
/* end get_ifi_info1 */
+#ifdef SOLARIS
+ /* On a Solaris zone/container (non-global zone), all
+ the interfaces are virtual interfaces. This code attempts
+ to detect such cases and handle them differently.
+ Without this, Ganglia refuses to start in a Solaris 10 zone.
+ http://bugzilla.ganglia.info/cgi-bin/bugzilla/show_bug.cgi?id=100
+
+ This code ONLY attempts to change the way NICs are evaluated
+ if and only if:
+ a) it is Solaris
+ b) ALL interfaces appear to be virtual (with a colon in the names)
+ */
+ for (ptr = buf; ptr < buf + ifc.ifc_len; ) {
+ ifr = (struct ifreq *) ptr;
+#ifdef HAVE_SOCKADDR_SA_LEN
+ len = max(sizeof(struct sockaddr), ifr->ifr_addr.sa_len);
+#else
+ switch (ifr->ifr_addr.sa_family) {
+#ifdef IPV6
+ case AF_INET6:
+ len = sizeof(struct sockaddr_in6);
+ break;
+#endif /* IPV6 */
+ case AF_INET:
+ default:
+ len = sizeof(struct sockaddr);
+ break;
+ }
+#endif /* HAVE_SOCKADDR_SA_LEN */
+ ptr += sizeof(ifr->ifr_name) + len; /* for next one in buffer */
+ if ( (cptr = strchr(ifr->ifr_name, ':')) != NULL)
+ _c_virt ++;
+ }
+ if(_c_virt == ifc.ifc_len)
+ _all_virt = 1;
+#endif /* SOLARIS */
+
+
/* include get_ifi_info2 */
for (ptr = buf; ptr < buf + ifc.ifc_len; ) {
ifr = (struct ifreq *) ptr;
@@ -110,7 +152,8 @@
continue; /* ignore if not desired address family */
myflags = 0;
- if ( (cptr = strchr(ifr->ifr_name, ':')) != NULL)
+ if ( (cptr = strchr(ifr->ifr_name, ':')) != NULL &&
+ (_all_virt == 0))
*cptr = 0; /* replace colon will null */
if (strncmp(lastname, ifr->ifr_name, IFNAMSIZ) == 0) {
if (doaliases == 0)
diff -Nru ganglia-3.3.5/libmetrics/solaris/metrics.c ganglia-3.3.8/libmetrics/solaris/metrics.c
--- ganglia-3.3.5/libmetrics/solaris/metrics.c 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/libmetrics/solaris/metrics.c 2012-08-13 12:55:09.000000000 +0000
@@ -491,6 +491,9 @@
debug_msg( "getting kstat: km ='%s', ki ='%d',ks='%s'", km_name, ki, ks_name);
ks = kstat_lookup(kc, km_name, ki, ks_name);
+ if(ks == NULL)
+ continue; /* could be a CPU in state P_FAILED, see bug 321
+ http://bugzilla.ganglia.info/cgi-bin/bugzilla/show_bug.cgi?id=321 */
if (kstat_read(kc, ks,&cpuKstats) == -1) {
perror("kstat_read");
diff -Nru ganglia-3.3.5/Makefile.am ganglia-3.3.8/Makefile.am
--- ganglia-3.3.5/Makefile.am 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/Makefile.am 2012-08-13 12:55:09.000000000 +0000
@@ -21,7 +21,6 @@
DIST_SUBDIRS = $(GANGLIA_SUBDIRS_DIST)
EXTRA_DIST = BUGS README.WIN README.AIX README.GIT ganglia.spec.aix ganglia.spec ganglia.pod ganglia.html ganglia-config.in \
- bootstrap \
web \
WiX Makefile.WiX \
scripts
diff -Nru ganglia-3.3.5/Makefile.in ganglia-3.3.8/Makefile.in
--- ganglia-3.3.5/Makefile.in 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/Makefile.in 2012-08-13 12:55:09.000000000 +0000
@@ -268,7 +268,6 @@
GANGLIA_SUBDIRS_DIST = lib libmetrics tests gmetad gmond gstat gmetric include mans
DIST_SUBDIRS = $(GANGLIA_SUBDIRS_DIST)
EXTRA_DIST = BUGS README.WIN README.AIX README.GIT ganglia.spec.aix ganglia.spec ganglia.pod ganglia.html ganglia-config.in \
- bootstrap \
web \
WiX Makefile.WiX \
scripts
diff -Nru ganglia-3.3.5/README ganglia-3.3.8/README
--- ganglia-3.3.5/README 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/README 2012-08-13 12:55:09.000000000 +0000
@@ -2,7 +2,7 @@
ganglia - distributed monitoring system
Version
- ganglia 3.3.5
+ ganglia 3.3.8
The latest version of this software and document will always be found at
http://ganglia.sourceforge.net/.
@@ -268,8 +268,8 @@
If you installed ganglia using RPMs then these files will be installed
when you install the RPM. The RPM is installed simply by running
- % rpm -Uvh ganglia-gmond-3.3.5.i386.rpm
- % rpm -Uvh ganglia-gmetad-3.3.5.i386.rpm
+ % rpm -Uvh ganglia-gmond-3.3.8.i386.rpm
+ % rpm -Uvh ganglia-gmetad-3.3.8.i386.rpm
Once you have the necessary binaries installed, you can test your
installation by running
@@ -338,7 +338,7 @@
Installation of the web frontend is simplified on Linux by using rpm.
- % rpm -Uvh ganglia-web-3.3.5-1.noarch.rpm
+ % rpm -Uvh ganglia-web-3.3.8-1.noarch.rpm
Preparing... ########################################### [100%]
1:ganglia-web ########################################### [100%]
@@ -450,7 +450,7 @@
commandline option
% gmetric --help
- gmetric 3.3.5
+ gmetric 3.3.8
Purpose:
The Ganglia Metric Client (gmetric) announces a metric
@@ -513,7 +513,7 @@
"--help" option
% gstat --help
- gstat 3.3.5
+ gstat 3.3.8
Purpose:
The Ganglia Status Client (gstat) connects with a
diff -Nru ganglia-3.3.5/scripts/fixconfig ganglia-3.3.8/scripts/fixconfig
--- ganglia-3.3.5/scripts/fixconfig 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/scripts/fixconfig 2012-08-13 12:55:09.000000000 +0000
@@ -30,7 +30,7 @@
CFLAGS="`echo '-g -O2 -fno-strict-aliasing -Wall -D_REENTRANT' | $AWK '{ gsub(/,/, "\\\\,"); print }'`"
LDFLAGS="`echo ' -L/usr/lib' | $AWK '{ gsub(/,/, "\\\\,"); print }'`"
LIBS="-ldl -lnsl -lnsl -lpcre -lexpat -lconfuse -lapr-1 -lpthread "
-VERSION="3.3.5"
+VERSION="3.3.8"
host_cpu="x86_64"
# Additional paths specific to Ganglia.
@@ -39,9 +39,9 @@
# Additional variables that are substituted into configuration files.
GANGLIA_MAJOR_VERSION="3"
-GANGLIA_MICRO_VERSION="5"
+GANGLIA_MICRO_VERSION="8"
GANGLIA_MINOR_VERSION="3"
-GANGLIA_VERSION="3.3.5"
+GANGLIA_VERSION="3.3.8"
REL="1"
# We can probably just assume sed is on the path, but since we have it, we may
diff -Nru ganglia-3.3.5/web/api/events.php ganglia-3.3.8/web/api/events.php
--- ganglia-3.3.5/web/api/events.php 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/web/api/events.php 2012-08-13 12:55:09.000000000 +0000
@@ -21,6 +21,10 @@
api_return_error( "Events API is DISABLED. Please set \$conf['overlay_events'] = true to enable." );
}
+if ( $conf['auth_system'] == 'readonly' ) {
+ api_return_error( "Events are readonly. Please set \$conf['auth_system'] to something other than readonly." );
+}
+
# If events_auth_token is specified in conf.php use that.
if ( isset($conf['events_auth_token']) ) {
if ( ! ( isset($_REQUEST['token']) && $conf['events_auth_token'] == $_REQUEST['token'] ) ) {
@@ -48,13 +52,13 @@
else
$start_time = strtotime($_REQUEST['start_time']);
- $grid = isset($_REQUEST['grid']) ? $_REQUEST['grid'] : "*";
- $cluster = isset($_REQUEST['cluster']) ? $_REQUEST['cluster'] : "*";
- $description = isset($_REQUEST['description']) ? $_REQUEST['description'] : "";
+ $grid = isset($_REQUEST['grid']) ? sanitize($_REQUEST['grid']) : "*";
+ $cluster = isset($_REQUEST['cluster']) ? sanitize($_REQUEST['cluster']) : "*";
+ $description = isset($_REQUEST['description']) ? sanitize($_REQUEST['description']) : "";
// Generate a unique event ID. This is so we can reference it later
$event_id = uniqid();
- $event = array( "event_id" => $event_id, "start_time" => $start_time, "summary" => $_REQUEST['summary'],
+ $event = array( "event_id" => $event_id, "start_time" => $start_time, "summary" => sanitize($_REQUEST['summary']),
"grid" => $grid, "cluster" => $cluster, "host_regex" => $_REQUEST['host_regex'],
);
diff -Nru ganglia-3.3.5/web/conf_default.php ganglia-3.3.8/web/conf_default.php
--- ganglia-3.3.5/web/conf_default.php 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/web/conf_default.php 2012-08-13 12:55:09.000000000 +0000
@@ -57,7 +57,7 @@
$conf['rrdcached_socket'] = "";
# Location for modular-graph files.
-$conf['graphdir']='./graph.d';
+$conf['graphdir']= $conf['gweb_root'] . '/graph.d';
# Display statistical values on RRD graphs; i.e.: average, min, max
$conf['graphreport_stats'] = true;
diff -Nru ganglia-3.3.5/web/conf_default.php.in ganglia-3.3.8/web/conf_default.php.in
--- ganglia-3.3.5/web/conf_default.php.in 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/web/conf_default.php.in 2012-08-13 12:55:09.000000000 +0000
@@ -57,7 +57,7 @@
$conf['rrdcached_socket'] = "";
# Location for modular-graph files.
-$conf['graphdir']='./graph.d';
+$conf['graphdir']= $conf['gweb_root'] . '/graph.d';
# Display statistical values on RRD graphs; i.e.: average, min, max
$conf['graphreport_stats'] = true;
diff -Nru ganglia-3.3.5/web/graph.php ganglia-3.3.8/web/graph.php
--- ganglia-3.3.5/web/graph.php 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/web/graph.php 2012-08-13 12:55:09.000000000 +0000
@@ -180,19 +180,20 @@
# If graph arg is not specified default to metric
$graph = isset($_GET["g"]) ? sanitize ( $_GET["g"] ) : "metric";
-$graph_arguments = NULL;
-$pos = strpos($graph, ",");
-if ($pos !== FALSE) {
- $graph_report = substr($graph, 0, $pos);
- $graph_arguments = substr($graph, $pos + 1);
- $graph = $graph_report;
-}
+#$graph_arguments = NULL;
+#$pos = strpos($graph, ",");
+#if ($pos !== FALSE) {
+# $graph_report = substr($graph, 0, $pos);
+# $graph_arguments = substr($graph, $pos + 1);
+# $graph = $graph_report;
+#}
$grid = isset($_GET["G"]) ? sanitize( $_GET["G"]) : NULL;
$self = isset($_GET["me"]) ? sanitize( $_GET["me"]) : NULL;
$vlabel = isset($_GET["vl"]) ? sanitize($_GET["vl"]) : NULL;
$value = isset($_GET["v"]) ? sanitize ($_GET["v"]) : NULL;
$metric_name = isset($_GET["m"]) ? sanitize ( $_GET["m"] ) : NULL;
+# Max, min, critical and warning values
$max = isset($_GET["x"]) && is_numeric($_GET["x"]) ? $_GET["x"] : NULL;
$min = isset($_GET["n"]) && is_numeric($_GET["n"]) ? $_GET["n"] : NULL;
$sourcetime = isset($_GET["st"]) ? clean_number(sanitize($_GET["st"])) : NULL;
@@ -229,12 +230,12 @@
# Add custom sizes there.
$size = in_array($size, $conf['graph_sizes_keys']) ? $size : 'default';
-if (isset($_GET['height']))
+if (isset($_GET['height']) && is_numeric($_GET['height']))
$height = $_GET['height'];
else
$height = $conf['graph_sizes'][$size]['height'];
-if (isset($_GET['width']))
+if (isset($_GET['width']) && is_numeric($_GET['width']))
$width = $_GET['width'];
else
$width = $conf['graph_sizes'][$size]['width'];
@@ -300,9 +301,9 @@
die();
}
-if ($cs)
+if ($cs and (is_numeric($cs) or strtotime($cs)))
$start = $cs;
-if ($ce)
+if ($ce and (is_numeric($ce) or strtotime($ce)))
$end = $ce;
# Set some standard defaults that don't need to change much
@@ -467,14 +468,17 @@
$metrictitle = sanitize($_GET['title']);
$php_report_file = $conf['graphdir'] . "/" . $graph . ".php";
$json_report_file = $conf['graphdir'] . "/" . $graph . ".json";
- if( is_file( $php_report_file ) ) {
+
+ # Check for path traversal issues by making sure real path is actually in graphdir
+
+ if( is_file( $php_report_file ) and dirname(realpath($php_report_file)) == $conf['graphdir'] ) {
include_once $php_report_file;
$graph_function = "graph_${graph}";
- if (isset($graph_arguments))
- eval('$graph_function($rrdtool_graph,' . $graph_arguments . ');');
- else
- $graph_function( $rrdtool_graph ); // Pass by reference call, $rrdtool_graph modified inplace
- } else if ( is_file( $json_report_file ) ) {
+ #if (isset($graph_arguments))
+ # eval('$graph_function($rrdtool_graph,' . $graph_arguments . ');');
+ #else
+ $graph_function( $rrdtool_graph ); // Pass by reference call, $rrdtool_graph modified inplace
+ } else if ( is_file( $json_report_file ) and dirname(realpath($json_report_file)) == $conf['graphdir'] ) {
$graph_config = json_decode( file_get_contents( $json_report_file ), TRUE );
# We need to add hostname and clustername if it's not specified
@@ -1080,7 +1084,6 @@
}
-
if ($debug) {
error_log("Final rrdtool command: $command");
}
diff -Nru ganglia-3.3.5/web/version.php ganglia-3.3.8/web/version.php
--- ganglia-3.3.5/web/version.php 2012-03-27 21:16:32.000000000 +0000
+++ ganglia-3.3.8/web/version.php 2012-08-13 12:55:09.000000000 +0000
@@ -1,6 +1,6 @@
<?php
# This file is autogenerated
-$GLOBALS["ganglia_version"] = "3.3.5";
+$GLOBALS["ganglia_version"] = "3.3.8";
?>
Reply to: