This runs icinga-web2 out of the webserver root, so far we have not
found a non-awkward way to have it in /icingaweb2 like the other
examples.
Michael Wilson (mw at 1wilson.org) answered my cry for help, thanks!
OK sthen
which doesn't usually have passwd databases available due to chroot.
Without this, getpwuid(geteuid()) lookup was failing and the "return
current username" function tried to access boolean false as if it was
an array.
Handle the case where the script is run as the expected package uid nicely
(return the proper name), for others return numeric uid which isn't ideal
but there's not a lot more that can be done.
- switch back to libressl, cert problem was fixed in x509_verify.c 1.26
- after real-world experience, get rid of the automatic update path from 1.x to 2.x
for renewal being automatically renewed ignoring the CRL (CVE-2020-29663)
(only affects setups with external certificate signing, which is uncommon,
with revoked certificates that expire in less than 30 days).
- switch from libressl to openssl/1.1, the new cert validator doesn't work
with icinga's pki
- add no_mysql/no_pgsql pseudo-flavours to knock out ido from build, making
it easier to do test builds on endpoints
(which is not) throughout the ports Makefiles.
* Replace find|xargs with find -exec {} +
* Replace -exec {} \; with -exec {} + if applicable.
* Use the -delete operator to remove files and empty directories.
* Combine and tweak some find(1) invocations while here.
ok kn@ rsadowski@ espie@
LDFLAGS accordingly for these archs. While here, sthen@ asked to remove
the related BROKEN-hppa line; if it's still broken, it's likely for
another reason.
OK sthen@ (maintainer)
to check that signals are coming from the expected process, however siginfo's
si_pid (and si_uid) aren't filled in on OpenBSD.
many thanks to jmatthew@ for tracking down the problem and this old tech@
mail about it: https://marc.info/?l=openbsd-tech&m=120218016412546&w=2
