summary refs log tree commit diff
diff options
context:
space:
mode:
authorJörg Thalheim <Mic92@users.noreply.github.com>2017-03-22 19:21:02 +0100
committerGitHub <noreply@github.com>2017-03-22 19:21:02 +0100
commitb2ba188656f1dcfbd339048da0c4702394a7f904 (patch)
tree4bf77464bed7ac3ed864a30d78969d60258c3ba5
parent017332fb74935a5f22aa1eda82b4b2f706910150 (diff)
parentb4169bb8dde4a4afa829132703455e4def13a633 (diff)
downloadnixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.tar
nixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.tar.gz
nixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.tar.bz2
nixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.tar.lz
nixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.tar.xz
nixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.tar.zst
nixlib-b2ba188656f1dcfbd339048da0c4702394a7f904.zip
Merge pull request #24182 from ndowens/munin
munin: 2.0.30 -> 2.0.33; for CVE-2017-6188
Diffstat
-rw-r--r--nixos/modules/services/monitoring/munin.nix20
-rw-r--r--nixos/tests/munin.nix1
-rw-r--r--pkgs/servers/monitoring/munin/default.nix4
3 files changed, 19 insertions, 6 deletions
diff --git a/nixos/modules/services/monitoring/munin.nix b/nixos/modules/services/monitoring/munin.nix
index 364f18e7543d..b8c26a5c89ba 100644
--- a/nixos/modules/services/monitoring/munin.nix
+++ b/nixos/modules/services/monitoring/munin.nix
@@ -193,14 +193,26 @@ in
 
   }) (mkIf cronCfg.enable {
 
-    services.cron.systemCronJobs = [
-      "*/5 * * * * munin ${pkgs.munin}/bin/munin-cron --config ${muninConf}"
-    ];
+    systemd.timers.munin-cron = {
+      description = "batch Munin master programs";
+      wantedBy = [ "timers.target" ];
+      timerConfig.OnCalendar = "*:0/5";
+    };
+
+    systemd.services.munin-cron = {
+      description = "batch Munin master programs";
+      unitConfig.Documentation = "man:munin-cron(8)";
+
+      serviceConfig = {
+        Type = "oneshot";
+        User = "munin";
+        ExecStart = "${pkgs.munin}/bin/munin-cron --config ${muninConf}";
+      };
+    };
 
     system.activationScripts.munin-cron = stringAfter [ "users" "groups" ] ''
       mkdir -p /var/{run,log,www,lib}/munin
       chown -R munin:munin /var/{run,log,www,lib}/munin
     '';
-
   })];
 }
diff --git a/nixos/tests/munin.nix b/nixos/tests/munin.nix
index 50746d17b451..40fafc625146 100644
--- a/nixos/tests/munin.nix
+++ b/nixos/tests/munin.nix
@@ -29,6 +29,7 @@ import ./make-test.nix ({ pkgs, ...} : {
     startAll;
 
     $one->waitForUnit("munin-node.service");
+    $one->succeed('systemctl start munin-cron');
     $one->waitForFile("/var/lib/munin/one/one-uptime-uptime-g.rrd");
     $one->waitForFile("/var/www/munin/one/index.html");
   '';
diff --git a/pkgs/servers/monitoring/munin/default.nix b/pkgs/servers/monitoring/munin/default.nix
index 5d7d2e787735..7882572b6c88 100644
--- a/pkgs/servers/monitoring/munin/default.nix
+++ b/pkgs/servers/monitoring/munin/default.nix
@@ -3,14 +3,14 @@
 }:
 
 stdenv.mkDerivation rec {
-  version = "2.0.30";
+  version = "2.0.33";
   name = "munin-${version}";
 
   src = fetchFromGitHub {
     owner = "munin-monitoring";
     repo = "munin";
     rev = version;
-    sha256 = "1sxsdfq9a5d8b13jigr06gs7n4m3c95645sfyyl49bkfy0n5cxrg";
+    sha256 = "0rs05b7926mjd58sdry33i91m1h3v3svl0wg2gmhljl8wqidac5w";
   };
 
   buildInputs = [
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-28 04:38:45 +0000