Update to 1.35
- All files should be owned root:wheel except logs and rrd which need to be writable by the app
- Add missing php posix extension
- Do not install config.php by default. This breaks the install process which won't run if this file exists
- Clean up automatic PLIST creation: don't install .orig or .bak files, don't add @dir as they aren't needed
- Patch LibreNMS to make /validate/ page not produce warnings about files not being writable (for git updates)
- Remove the Updates validation check altogether as we won't be using git to update
- Patch the User validation check to only check the logs and rrd dir and ensure the correct user owns them
- Change the default user in the generated config to "www"
- Patch the File Lock code to put the lock file in /tmp and not in the WWWDIR which should not be writable
- Update message in installer to use WWWDIR as suggested path for config.php
- Use shebangfix instead of patch where applicable
- Fix APACHEMOD port option and declaration of the USES=php
I may have forgotten something but this is the bulk of it.
Previously the LibreNMS port/package was not very easy to install or use and the result was an insecure
mess. Upsteam projects too often expect users to "git checkout" and run
everything in a directory writable by the www user which makes it a
juicy target for exploits.