mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
4642efcb9cffe4a06b5a464d5dab6108ac33bf28
meta-openembedded/meta-webserver/recipes-webadmin/netdata/netdata_1.34.1.bb
T
Gyorgy Sarvari 4642efcb9c netdata: patch CVE-2023-22497 
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-22497

This patch was selected based on its description, and based on the
associated PR. The description matches the issue described in the
NVD advisory, and the PR credits the same reported that is also
credited with the CVE ID (in the release notes of the application).

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2026-03-07 21:05:37 +01:00

87 lines
3.1 KiB
BlitzBasic
Raw Blame History

SUMMARY = "Real-time performance monitoring"
DESCRIPTION = "Netdata is high-fidelity infrastructure monitoring and troubleshooting. \
Open-source, free, preconfigured, opinionated, and always real-time."
HOMEPAGE = "https://github.com/netdata/netdata/"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://LICENSE;md5=fc9b848046ef54b5eaee6071947abd24"
DEPENDS += "libuv util-linux zlib"
SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BPN}-v${PV}.tar.gz \
file://CVE-2023-22497.patch \
"
SRC_URI[sha256sum] = "8ea0786df0e952209c14efeb02e25339a0769aa3edc029e12816b8ead24a82d7"
# default netdata.conf for netdata configuration
SRC_URI += "file://netdata.conf"
# file for providing systemd service support
SRC_URI += "file://netdata.service"
UPSTREAM_CHECK_URI = "https://github.com/netdata/netdata/releases"
S = "${WORKDIR}/${BPN}-v${PV}"
# Stop sending anonymous statistics to Google Analytics
NETDATA_ANONYMOUS ??= "enabled"
inherit pkgconfig autotools-brokensep useradd systemd
LIBS:toolchain-clang:x86 = "-latomic"
LIBS:riscv64 = "-latomic"
LIBS:riscv32 = "-latomic"
LIBS:mips = "-latomic"
export LIBS
#systemd
SYSTEMD_PACKAGES = "${PN}"
SYSTEMD_SERVICE:${PN} = "netdata.service"
SYSTEMD_AUTO_ENABLE:${PN} = "enable"
#User specific
USERADD_PACKAGES = "${PN}"
USERADD_PARAM:${PN} = "--system --no-create-home --home-dir ${localstatedir}/run/netdata --user-group netdata"
PACKAGECONFIG ??= "https"
PACKAGECONFIG[cloud] = "--enable-cloud, --disable-cloud, json-c"
PACKAGECONFIG[compression] = "--enable-compression, --disable-compression, lz4"
PACKAGECONFIG[https] = "--enable-https, --disable-https, openssl"
# ebpf doesn't compile (or detect) the cross compilation well
EXTRA_OECONF += "--disable-ebpf"
do_install:append() {
#set S UID for plugins
chmod 4755 ${D}${libexecdir}/netdata/plugins.d/apps.plugin
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
# Install systemd unit files
install -d ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/netdata.service ${D}${systemd_unitdir}/system
sed -i -e 's,@@datadir,${datadir_native},g' ${D}${systemd_unitdir}/system/netdata.service
fi
# Install default netdata.conf
install -d ${D}${sysconfdir}/netdata
install -m 0644 ${WORKDIR}/netdata.conf ${D}${sysconfdir}/netdata/
sed -i -e 's,@@sysconfdir,${sysconfdir},g' ${D}${sysconfdir}/netdata/netdata.conf
sed -i -e 's,@@libdir,${libexecdir},g' ${D}${sysconfdir}/netdata/netdata.conf
sed -i -e 's,@@datadir,${datadir},g' ${D}${sysconfdir}/netdata/netdata.conf
if [ "${NETDATA_ANONYMOUS}" = "enabled" ]; then
touch ${D}${sysconfdir}/netdata/.opt-out-from-anonymous-statistics
fi
install --group netdata --owner netdata --directory ${D}${localstatedir}/cache/netdata
install --group netdata --owner netdata --directory ${D}${localstatedir}/lib/netdata
chown -R netdata:netdata ${D}${datadir}/netdata/web
}
FILES:${PN} += "${localstatedir}/cache/netdata/ ${localstatedir}/lib/netdata/"
RDEPENDS:${PN} = "bash zlib"
# versions <1.45.0 are not vulnerable yet
CVE_CHECK_IGNORE = "CVE-2024-32019"
Reference in New Issue View Git Blame Copy Permalink