Web Front-End to Monitor System Data via RRDtool
This package is based on the package 'cacti' from project 'openSUSE:Factory:Contrib'.
Cacti is a complete front-end to RRDtool: it stores all necessary
information for creating graphs and populates them with data from a
MySQL database. The front-end is completely PHP driven. Along with
being ableto maintain graphs, data sources, and round robin archives
ina database, Cacti also handles data gathering. There exists an SNMP
support for those accustomed to creating traffic graphs with MRTG as
well.
- Developed at server:monitoring
-
3
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory/cacti && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
cacti-1.2.27.tar.gz | 0046689007 44.5 MB | |
cacti-config.patch | 0000001646 1.61 KB | |
cacti-cron.service | 0000000183 183 Bytes | |
cacti-cron.timer | 0000000148 148 Bytes | |
cacti-httpd.conf | 0000000450 450 Bytes | |
cacti-httpd.conf.default | 0000002102 2.05 KB | |
cacti-rpmlintrc | 0000000519 519 Bytes | |
cacti.changes | 0000166257 162 KB | |
cacti.cron | 0000000078 78 Bytes | |
cacti.logrotate | 0000000169 169 Bytes | |
cacti.spec | 0000008579 8.38 KB |
Latest Revision
Ana Guerrero (anag+factory)
accepted
request 1174071
from
Andreas Stieger (AndreasStieger)
(revision 50)
cacti 1.2.27 * CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240) * CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229) * CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238) * CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239) * CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231) * CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241) * CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236) * CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235) * CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237) * CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)
Comments 2
Hello, could you please extend the cacti.spec file and change the own/group membership of the directories
/srv/www/cacti/
/srv/www/cacti/scripts/
/srv/www/cacti/cache/
to the apache daemon like on the rra directories other wise I always have to run the following after the package update
chown -R wwwrun.www /srv/www/cacti/resource/snmp_queries/
chown -R wwwrun.www /srv/www/cacti/resource/script_server/
chown -R wwwrun.www /srv/www/cacti/resource/script_queries/
chown -R wwwrun.www /srv/www/cacti/scripts/
chown -R wwwrun.www /srv/www/cacti/scripts/boost/
chown -R wwwrun.www /srv/www/cacti/cache/mibcache/
chown -R wwwrun.www /srv/www/cacti/cache/realtime/
chown -R wwwrun.www /srv/www/cacti/cache/spikekill/
best regards Franz
I submitted this request that I think would fix it: https://build.opensuse.org/request/show/1200909
-Joel