head	1.2;
access;
symbols
	pkgsrc-2020Q4:1.1.0.6
	pkgsrc-2020Q4-base:1.1
	pkgsrc-2020Q3:1.1.0.4
	pkgsrc-2020Q3-base:1.1
	pkgsrc-2020Q2:1.1.0.2
	pkgsrc-2020Q2-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2021.01.27.08.17.31;	author schmonz;	state dead;
branches;
next	1.1;
commitid	f7pcm93O8Bs79lFC;

1.1
date	2020.03.30.11.31.25;	author roy;	state Exp;
branches;
next	;
commitid	ue3Pb4d3cP6XWp2C;


desc
@@


1.2
log
@Update to 1.4. From the changelog:

- Added a caching storage mechanism to improve parsing raw data and data
  rendering.
- Added a mechanism to avoid counting duplicate data when restoring persisted
  data from disk.
- Added additional option to the HTML report to set a maximum number of items
  per page to 3.
- Added a list of podcast-related user agents under '%sysconfdir%'.
- Added 'Android 10' to the list of Android codenames.
- Added a 'widescreen' layout to the HTML report (e.g., 4K TV/KPI Dashboard).
- Added 'Beaker', 'Brave', and 'Firefox Focus' to the list of browsers
- Added command line option --user-name=username to avoid running GoAccess as
  root when outputting a real-time report.
- Added 'DuckDuckGo' and 'MSNBot' browsers to the browsers.list.
- Added 'facebookexternalhit' to the default crawler list.
- Added German translation (DE).
- Added Kubernetes Nginx Ingress Log Format to the default config file.
- Added 'macOS Catalina' to the list of OSX codenames.
- Added minor CSS updates to HTML report.
- Added missing header '<sys/socket.h>' to fix FreeBSD build
- Added new 'Edg' token to the list of browsers.
- Added '--no-ip-validation' command line to disable client IP validation
- Added '--persist' and '--restore' options to persist to disk and restore a
  dump from disk.
- Added Portuguese translation (pt-BR)
- Added Swedish translation (SV)
- Added the ability to parse server cache status and a new panel to display
  those metrics.
- Changed accumulated time to work by default on '--persist' and '--restore'.
- Changed back how the hits and visitors percentage is calculated to be more
  intuitive.
- Changed Geo Location panel display default to show only if database file is
  provided ('LIBMAXMINDDB').
- Changed initial processing time from secs to HH:MM:SS in HTML output.
- Changed '--max-items' for the static HTML report to allow no limit on
  output entries.
- Changed required 'gettext' version to 0.19
- Changed to ignore 'SIGPIPE' with 'SIG_IGN'
- Changed version to 10.15 for 'macOS Catalina'.
- Ensure proper escaping on default AWSELB log format.
- Ensure valid requests counter is not affected on duplicate entries when
  restoring data.
- Fixed issue preventing Ctrl-C (SIGINT) for the curses interface to stop the
  program.
- Fixed issue where HTML report wouldn't update the tables when changing per
  page option.
- Fixed issue where it wouldn't find either the user's or global config file.
- Fixed issue where changing the number of items per page in the HTML report
  would not automatically refresh the tables.
- Fixed issue where last updated label was not updated in real-time.
- Fixed issue where overall date range wasn't showing the right start/end parse
  dates.
- Fixed issue where tailing a file could potentially re-parse part of the log.
- Fixed memory leak when fetching country/continent while using 'LIBMAXMINDDB'.
- Fixed several '-Wcast-qual' warnings.
- Fixed unwanted added characters to the HTML output.
- Fixed websocket issue returning a 400 due to request header size.
- Increased 'MAX_LINE_CONF' so a JSON string can be properly parsed from the
  config file.
- Removed deprecated option '--geoip-city-data' from config file.
- Removed unnecessary dependency from snapcraft.yaml.
- Removed some old browsers from the default curated list.
- Replaced TokyoCabinet storage for a non-dependency in-memory persistent
  storage.

pkgsrc changes:

- Remove 'tokyocabinet' option, no longer needed
- Switch 'geoip' option to libmaxminddb
@
text
@$NetBSD: patch-username,v 1.1 2020/03/30 11:31:25 roy Exp $

Accepted upstream here:
https://github.com/allinurl/goaccess/pull/1718

--- src/settings.h.orig	2020-03-24 14:02:12.012898702 +0000
+++ src/settings.h	2020-03-24 14:02:53.094348769 +0000
@@@@ -147,6 +147,7 @@@@
   int color_scheme;                 /* color scheme */
   int crawlers_only ;               /* crawlers only */
   int daemonize;                    /* run program as a Unix daemon */
+  const char *username;                   /* user to run program as */
   int double_decode;                /* need to double decode */
   int enable_html_resolver;         /* html/json/csv resolver */
   int geo_db;                       /* legacy geoip db */
--- src/options.c.orig	2020-03-24 14:01:49.531659575 +0000
+++ src/options.c	2020-03-24 14:02:51.274006910 +0000
@@@@ -133,6 +133,7 @@@@
   {"real-time-html"       , no_argument       , 0 ,  0  } ,
   {"sort-panel"           , required_argument , 0 ,  0  } ,
   {"static-file"          , required_argument , 0 ,  0  } ,
+  {"user-name"            , required_argument , 0 ,  0  } ,
 #ifdef HAVE_LIBSSL
   {"ssl-cert"             , required_argument , 0 ,  0  } ,
   {"ssl-key"              , required_argument , 0 ,  0  } ,
@@@@ -457,6 +458,9 @@@@
   if (!strcmp ("daemonize", name))
     conf.daemonize = 1;
 
+  if (!strcmp ("user-name", name))
+    conf.username = oarg;
+
   /* WebSocket origin */
   if (!strcmp ("origin", name))
     conf.origin = oarg;
--- src/goaccess.c.orig	2018-11-23 02:15:07.000000000 +0000
+++ src/goaccess.c	2020-03-27 11:28:44.797783056 +0000
@@@@ -44,6 +44,7 @@@@
 
 #include <fcntl.h>
 #include <pthread.h>
+#include <pwd.h>
 #include <signal.h>
 #include <stdint.h>
 #include <stdio.h>
@@@@ -205,6 +206,27 @@@@
   free (gwsreader);
 }
 
+/* Drop permissions to the user specified. */
+static void
+drop_permissions(void)
+{
+  struct passwd *pw;
+
+  errno = 0;
+  if ((pw = getpwnam(conf.username)) == NULL) {
+    if (errno == 0)
+      FATAL ("No such user %s", conf.username);
+    FATAL ("Unable to retreive user %s: %s", conf.username, strerror (errno));
+  }
+
+  if (setgroups (1, &pw->pw_gid) == -1)
+    FATAL ("setgroups: %s", strerror (errno));
+  if (setgid (pw->pw_gid) == -1)
+    FATAL ("setgid: %s", strerror (errno));
+  if (setuid (pw->pw_uid) == -1)
+    FATAL ("setuid: %s", strerror (errno));
+}
+
 /* Open the pidfile whose name is specified in the given path and write
  * the daemonized given pid. */
 static void
@@@@ -1369,7 +1391,11 @@@@
 static void
 initializer (void)
 {
-  /* initialize modules and set first */
+  /* drop permissions right away */
+  if (conf.username)
+    drop_permissions ();
+
+  /* then initialize modules and set */
   gscroll.current = init_modules ();
   /* setup to use the current locale */
   set_locale ();
@


1.1
log
@goaccess: Add patch for user-name options and rc.d script

Patch accepted upstream.
This allows goaccess to run on demand html reports as the unpriviledged
user from rc.d
@
text
@d1 1
a1 1
$NetBSD$
@