diff --git a/.gitattributes b/.gitattributes
index 45c10d7b..aeaab8b9 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -4,5 +4,3 @@
docs/speeches export-ignore
docs/video export-ignore
docs/src/man7 export-ignore
-bin/build-helper export-ignore
-README-maintainers export-ignore
diff --git a/.gitignore b/.gitignore
index 85a8ccc7..460bbf28 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,7 +12,6 @@ Session.vim
# Temporary
.netrwhist
*~
-*.tmp
# Auto-generated tag files
tags
# Persistent undo
@@ -24,8 +23,6 @@ docs/src/man1/*.1
docs/src/man7/*.7
docs/src/man7/cdist-type__*.rst
docs/src/cdist-reference.rst
-docs/src/cdist-types.rst
-docs/src/cdist.cfg.skeleton
# Ignore cdist cache for version control
/cache/
@@ -36,7 +33,7 @@ cdist/inventory/
# Python: cache, distutils, distribution in general
__pycache__/
*.pyc
-/MANIFEST
+MANIFEST
dist/
cdist/version.py
cdist.egg-info/
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index e215652c..00000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-stages:
- - test
-
-image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest
-
-unit_tests:
- stage: test
- script:
- - ./bin/build-helper version
- - ./bin/build-helper test
-
-pycodestyle:
- stage: test
- script:
- - ./bin/build-helper pycodestyle
-
-shellcheck:
- stage: test
- script:
- - ./bin/build-helper shellcheck
diff --git a/LICENSE b/LICENSE
deleted file mode 100644
index 14682ad6..00000000
--- a/LICENSE
+++ /dev/null
@@ -1,674 +0,0 @@
- GNU GENERAL PUBLIC LICENSE
- Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc.
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
- The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works. By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users. We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors. You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
- To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights. Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received. You must make sure that they, too, receive
-or can get the source code. And you must show them these terms so they
-know their rights.
-
- Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
- For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software. For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
- Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so. This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software. The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable. Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products. If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
- Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary. To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- TERMS AND CONDITIONS
-
- 0. Definitions.
-
- "This License" refers to version 3 of the GNU General Public License.
-
- "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
- "The Program" refers to any copyrightable work licensed under this
-License. Each licensee is addressed as "you". "Licensees" and
-"recipients" may be individuals or organizations.
-
- To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy. The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
- A "covered work" means either the unmodified Program or a work based
-on the Program.
-
- To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy. Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
- To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies. Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
- An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License. If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
- 1. Source Code.
-
- The "source code" for a work means the preferred form of the work
-for making modifications to it. "Object code" means any non-source
-form of a work.
-
- A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
- The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form. A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
- The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities. However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work. For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
- The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
- The Corresponding Source for a work in source code form is that
-same work.
-
- 2. Basic Permissions.
-
- All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met. This License explicitly affirms your unlimited
-permission to run the unmodified Program. The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work. This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
- You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force. You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright. Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
- Conveying under any other circumstances is permitted solely under
-the conditions stated below. Sublicensing is not allowed; section 10
-makes it unnecessary.
-
- 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
- No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
- When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
- 4. Conveying Verbatim Copies.
-
- You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
- You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
- 5. Conveying Modified Source Versions.
-
- You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
- a) The work must carry prominent notices stating that you modified
- it, and giving a relevant date.
-
- b) The work must carry prominent notices stating that it is
- released under this License and any conditions added under section
- 7. This requirement modifies the requirement in section 4 to
- "keep intact all notices".
-
- c) You must license the entire work, as a whole, under this
- License to anyone who comes into possession of a copy. This
- License will therefore apply, along with any applicable section 7
- additional terms, to the whole of the work, and all its parts,
- regardless of how they are packaged. This License gives no
- permission to license the work in any other way, but it does not
- invalidate such permission if you have separately received it.
-
- d) If the work has interactive user interfaces, each must display
- Appropriate Legal Notices; however, if the Program has interactive
- interfaces that do not display Appropriate Legal Notices, your
- work need not make them do so.
-
- A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit. Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
- 6. Conveying Non-Source Forms.
-
- You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
- a) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by the
- Corresponding Source fixed on a durable physical medium
- customarily used for software interchange.
-
- b) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by a
- written offer, valid for at least three years and valid for as
- long as you offer spare parts or customer support for that product
- model, to give anyone who possesses the object code either (1) a
- copy of the Corresponding Source for all the software in the
- product that is covered by this License, on a durable physical
- medium customarily used for software interchange, for a price no
- more than your reasonable cost of physically performing this
- conveying of source, or (2) access to copy the
- Corresponding Source from a network server at no charge.
-
- c) Convey individual copies of the object code with a copy of the
- written offer to provide the Corresponding Source. This
- alternative is allowed only occasionally and noncommercially, and
- only if you received the object code with such an offer, in accord
- with subsection 6b.
-
- d) Convey the object code by offering access from a designated
- place (gratis or for a charge), and offer equivalent access to the
- Corresponding Source in the same way through the same place at no
- further charge. You need not require recipients to copy the
- Corresponding Source along with the object code. If the place to
- copy the object code is a network server, the Corresponding Source
- may be on a different server (operated by you or a third party)
- that supports equivalent copying facilities, provided you maintain
- clear directions next to the object code saying where to find the
- Corresponding Source. Regardless of what server hosts the
- Corresponding Source, you remain obligated to ensure that it is
- available for as long as needed to satisfy these requirements.
-
- e) Convey the object code using peer-to-peer transmission, provided
- you inform other peers where the object code and Corresponding
- Source of the work are being offered to the general public at no
- charge under subsection 6d.
-
- A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
- A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling. In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage. For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product. A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
- "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source. The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
- If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information. But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
- The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed. Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
- Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
- 7. Additional Terms.
-
- "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law. If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
- When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it. (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.) You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
- Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
- a) Disclaiming warranty or limiting liability differently from the
- terms of sections 15 and 16 of this License; or
-
- b) Requiring preservation of specified reasonable legal notices or
- author attributions in that material or in the Appropriate Legal
- Notices displayed by works containing it; or
-
- c) Prohibiting misrepresentation of the origin of that material, or
- requiring that modified versions of such material be marked in
- reasonable ways as different from the original version; or
-
- d) Limiting the use for publicity purposes of names of licensors or
- authors of the material; or
-
- e) Declining to grant rights under trademark law for use of some
- trade names, trademarks, or service marks; or
-
- f) Requiring indemnification of licensors and authors of that
- material by anyone who conveys the material (or modified versions of
- it) with contractual assumptions of liability to the recipient, for
- any liability that these contractual assumptions directly impose on
- those licensors and authors.
-
- All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10. If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term. If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
- If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
- Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
- 8. Termination.
-
- You may not propagate or modify a covered work except as expressly
-provided under this License. Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
- However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
- Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
- Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License. If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
- 9. Acceptance Not Required for Having Copies.
-
- You are not required to accept this License in order to receive or
-run a copy of the Program. Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance. However,
-nothing other than this License grants you permission to propagate or
-modify any covered work. These actions infringe copyright if you do
-not accept this License. Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
- 10. Automatic Licensing of Downstream Recipients.
-
- Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License. You are not responsible
-for enforcing compliance by third parties with this License.
-
- An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations. If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
- You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License. For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
- 11. Patents.
-
- A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based. The
-work thus licensed is called the contributor's "contributor version".
-
- A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version. For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
- Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
- In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement). To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
- If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients. "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
- If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
- A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License. You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
- Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
- 12. No Surrender of Others' Freedom.
-
- If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all. For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
- 13. Use with the GNU Affero General Public License.
-
- Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work. The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
- 14. Revised Versions of this License.
-
- The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
- Each version is given a distinguishing version number. If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation. If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
- If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
- Later license versions may give you additional or different
-permissions. However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
- 15. Disclaimer of Warranty.
-
- THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
- 16. Limitation of Liability.
-
- IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
- 17. Interpretation of Sections 15 and 16.
-
- If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
- cdist
- Copyright (C) 2019 ungleich-public
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see .
-
-Also add information on how to contact you by electronic and paper mail.
-
- If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
- cdist Copyright (C) 2019 ungleich-public
- This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
- You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-.
-
- The GNU General Public License does not permit incorporating your program
-into proprietary programs. If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library. If this is what you want to do, use the GNU Lesser General
-Public License instead of this License. But first, please read
-.
diff --git a/Makefile b/Makefile
index f89ac1e7..5f03997a 100644
--- a/Makefile
+++ b/Makefile
@@ -18,30 +18,36 @@
#
#
-.PHONY: help
-help:
- @echo "Please use \`make ' where is one of"
- @echo "man build only man user documentation"
- @echo "html build only html user documentation"
- @echo "docs build both man and html user documentation"
- @echo "dotman build man pages for types in your ~/.cdist directory"
- @echo "speeches build speeches pdf files"
- @echo "install install in the system site-packages directory"
- @echo "install-user install in the user site-packages directory"
- @echo "docs-clean clean documentation"
- @echo "clean clean"
+helper=./bin/build-helper
-DOCS_SRC_DIR=./docs/src
-SPEECHDIR=./docs/speeches
-TYPEDIR=./cdist/conf/type
+DOCS_SRC_DIR=docs/src
+SPEECHDIR=docs/speeches
+TYPEDIR=cdist/conf/type
+
+WEBSRCDIR=docs/web
+
+WEBDIR=$$HOME/vcs/www.nico.schottelius.org
+WEBBLOG=$(WEBDIR)/blog
+WEBBASE=$(WEBDIR)/software/cdist
+WEBPAGE=$(WEBBASE).mdwn
+
+CHANGELOG_VERSION=$(shell $(helper) changelog-version)
+CHANGELOG_FILE=docs/changelog
+
+PYTHON_VERSION=cdist/version.py
SPHINXM=make -C $(DOCS_SRC_DIR) man
SPHINXH=make -C $(DOCS_SRC_DIR) html
SPHINXC=make -C $(DOCS_SRC_DIR) clean
+SHELLCHECKCMD=shellcheck -s sh -f gcc -x
+# Skip SC2154 for variables starting with __ since such variables are cdist
+# environment variables.
+SHELLCHECK_SKIP=grep -v ': __.*is referenced but not assigned.*\[SC2154\]'
################################################################################
# Manpages
#
+MAN1DSTDIR=$(DOCS_SRC_DIR)/man1
MAN7DSTDIR=$(DOCS_SRC_DIR)/man7
# Manpages #1: Types
@@ -63,28 +69,11 @@ DOCSREFSH=$(DOCS_SRC_DIR)/cdist-reference.rst.sh
$(DOCSREF): $(DOCSREFSH)
$(DOCSREFSH)
-# Html types list with references
-DOCSTYPESREF=$(MAN7DSTDIR)/cdist-types.rst
-DOCSTYPESREFSH=$(DOCS_SRC_DIR)/cdist-types.rst.sh
-
-$(DOCSTYPESREF): $(DOCSTYPESREFSH)
- $(DOCSTYPESREFSH)
-
-DOCSCFGSKEL=./configuration/cdist.cfg.skeleton
-
-configskel: $(DOCSCFGSKEL)
- cp -f "$(DOCSCFGSKEL)" "$(DOCS_SRC_DIR)/"
-
-version:
- @[ -f "cdist/version.py" ] || { \
- printf "Missing 'cdist/version.py', please generate it first.\n" && exit 1; \
- }
-
# Manpages #3: generic part
-man: version $(MANTYPES) $(DOCSREF)
+man: $(MANTYPES) $(DOCSREF) $(PYTHON_VERSION)
$(SPHINXM)
-html: version configskel $(MANTYPES) $(DOCSREF) $(DOCSTYPESREF)
+html: $(MANTYPES) $(DOCSREF) $(PYTHON_VERSION)
$(SPHINXH)
docs: man html
@@ -92,6 +81,24 @@ docs: man html
docs-clean:
$(SPHINXC)
+# Manpages #5: release part
+MANWEBDIR=$(WEBBASE)/man/$(CHANGELOG_VERSION)
+HTMLBUILDDIR=docs/dist/html
+
+docs-dist: html
+ rm -rf "${MANWEBDIR}"
+ mkdir -p "${MANWEBDIR}"
+ # mkdir -p "${MANWEBDIR}/man1" "${MANWEBDIR}/man7"
+ # cp ${MAN1DSTDIR}/*.html ${MAN1DSTDIR}/*.css ${MANWEBDIR}/man1
+ # cp ${MAN7DSTDIR}/*.html ${MAN7DSTDIR}/*.css ${MANWEBDIR}/man7
+ cp -R ${HTMLBUILDDIR}/* ${MANWEBDIR}
+ cd ${MANWEBDIR} && git add . && git commit -m "cdist manpages update: $(CHANGELOG_VERSION)" || true
+
+man-latest-link: web-pub
+ # Fix ikiwiki, which does not like symlinks for pseudo security
+ ssh staticweb.ungleich.ch \
+ "cd /home/services/www/nico/nico.schottelius.org/www/software/cdist/man/ && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
+
# Manpages: .cdist Types
DOT_CDIST_PATH=${HOME}/.cdist
DOTMAN7DSTDIR=$(MAN7DSTDIR)
@@ -104,7 +111,8 @@ DOTMANTYPES=$(subst /man.rst,.rst,$(DOTMANTYPEPREFIX))
$(DOTMAN7DSTDIR)/cdist-type%.rst: $(DOTTYPEDIR)/%/man.rst
ln -sf "$^" $@
-dotman: version $(DOTMANTYPES)
+# Manpages #3: generic part
+dotman: $(DOTMANTYPES)
$(SPHINXM)
################################################################################
@@ -112,6 +120,7 @@ dotman: version $(DOTMANTYPES)
#
SPEECHESOURCES=$(SPEECHDIR)/*.tex
SPEECHES=$(SPEECHESOURCES:.tex=.pdf)
+SPEECHESWEBDIR=$(WEBBASE)/speeches
# Create speeches and ensure Toc is up-to-date
$(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
@@ -121,28 +130,160 @@ $(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
speeches: $(SPEECHES)
+speeches-dist: speeches
+ rm -rf "${SPEECHESWEBDIR}"
+ mkdir -p "${SPEECHESWEBDIR}"
+ cp ${SPEECHES} "${SPEECHESWEBDIR}"
+ cd ${SPEECHESWEBDIR} && git add . && git commit -m "cdist speeches updated" || true
+
################################################################################
-# Misc
+# Website
#
-clean: docs-clean
+
+BLOGFILE=$(WEBBLOG)/cdist-$(CHANGELOG_VERSION)-released.mdwn
+
+$(BLOGFILE): $(CHANGELOG_FILE)
+ $(helper) blog $(CHANGELOG_VERSION) $(BLOGFILE)
+
+web-blog: $(BLOGFILE)
+
+web-doc:
+ # Go to top level, because of cdist.mdwn
+ rsync -av "$(WEBSRCDIR)/" "${WEBBASE}/.."
+ cd "${WEBBASE}/.." && git add cdist* && git commit -m "cdist doc update" cdist* || true
+
+web-dist: web-blog web-doc
+
+web-pub: web-dist docs-dist speeches-dist
+ cd "${WEBDIR}" && make pub
+
+web-release-all: man-latest-link
+web-release-all-no-latest: web-pub
+
+################################################################################
+# Release: Mailinglist
+#
+ML_FILE=.lock-ml
+
+# Only send mail once - lock until new changelog things happened
+$(ML_FILE): $(CHANGELOG_FILE)
+ $(helper) ml-release $(CHANGELOG_VERSION)
+ touch $@
+
+ml-release: $(ML_FILE)
+
+
+################################################################################
+# pypi
+#
+PYPI_FILE=.pypi-release
+$(PYPI_FILE): man $(PYTHON_VERSION)
+ python3 setup.py sdist upload
+ touch $@
+
+pypi-release: $(PYPI_FILE)
+################################################################################
+# archlinux
+#
+ARCHLINUX_FILE=.lock-archlinux
+ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
+
+$(ARCHLINUXTAR): PKGBUILD
+ umask 022; mkaurball
+
+PKGBUILD: PKGBUILD.in $(PYTHON_VERSION)
+ ./PKGBUILD.in $(CHANGELOG_VERSION)
+
+$(ARCHLINUX_FILE): $(ARCHLINUXTAR) $(PYTHON_VERSION)
+ burp -c system $(ARCHLINUXTAR)
+ touch $@
+
+archlinux-release: $(ARCHLINUX_FILE)
+
+################################################################################
+# Release
+#
+
+$(PYTHON_VERSION) version: .git/refs/heads/master
+ $(helper) version
+
+# Code that is better handled in a shell script
+check-%:
+ $(helper) $@
+
+release:
+ $(helper) $@
+
+################################################################################
+# Cleanup
+#
+
+clean:
rm -f $(DOCS_SRC_DIR)/cdist-reference.rst
- rm -f $(DOCS_SRC_DIR)/cdist-types.rst
- rm -f $(DOCS_SRC_DIR)/cdist.cfg.skeleton
find "$(DOCS_SRC_DIR)" -mindepth 2 -type l \
| xargs rm -f
+ make -C $(DOCS_SRC_DIR) clean
+
find * -name __pycache__ | xargs rm -rf
- # distutils
- rm -rf ./build
+ # Archlinux
+ rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
+ rm -rf pkg/ src/
+
+ rm -f MANIFEST PKGBUILD
+ rm -rf dist/
+
+ # Signed release
+ rm -f cdist-*.tar.gz
+ rm -f cdist-*.tar.gz.asc
+
+distclean: clean
+ rm -f cdist/version.py
################################################################################
-# install
+# Misc
#
-install:
- python3 setup.py install
+# The pub is Nico's "push to all git remotes" way ("make pub")
+pub:
+ git push --mirror
-install-user:
- python3 setup.py install --user
+test:
+ $(helper) $@
+
+test-remote:
+ $(helper) $@
+
+pycodestyle pep8:
+ $(helper) $@
+
+shellcheck-global-explorers:
+ @find cdist/conf/explorer -type f -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
+
+shellcheck-type-explorers:
+ @find cdist/conf/type -type f -path "*/explorer/*" -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
+
+shellcheck-manifests:
+ @find cdist/conf/type -type f -name manifest -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
+
+shellcheck-local-gencodes:
+ @find cdist/conf/type -type f -name gencode-local -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
+
+shellcheck-remote-gencodes:
+ @find cdist/conf/type -type f -name gencode-remote -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
+
+shellcheck-scripts:
+ @$(SHELLCHECKCMD) scripts/cdist-dump || exit 0
+
+shellcheck-gencodes: shellcheck-local-gencodes shellcheck-remote-gencodes
+
+shellcheck-types: shellcheck-type-explorers shellcheck-manifests shellcheck-gencodes
+
+shellcheck: shellcheck-global-explorers shellcheck-types shellcheck-scripts
+
+shellcheck-type-files:
+ @find cdist/conf/type -type f -path "*/files/*" -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
+
+shellcheck-with-files: shellcheck shellcheck-type-files
diff --git a/PKGBUILD.in b/PKGBUILD.in
index c0188e68..c967249d 100755
--- a/PKGBUILD.in
+++ b/PKGBUILD.in
@@ -9,7 +9,7 @@ pkgver=$version
pkgrel=1
pkgdesc='A Usable Configuration Management System"'
arch=('any')
-url='https://www.cdi.st/'
+url='http://www.nico.schottelius.org/software/cdist/'
license=('GPL3')
depends=('python>=3.2.0')
source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz")
diff --git a/README b/README
index caf2dac8..a67e25e3 100644
--- a/README
+++ b/README
@@ -3,5 +3,4 @@ cdist
cdist is a usable configuration management system.
-For the web documentation have a look at https://www.cdi.st/
-or at docs/src for reStructuredText manual.
+For the web documentation have a look at docs/web/.
diff --git a/README-maintainers b/README-maintainers
deleted file mode 100644
index af57f475..00000000
--- a/README-maintainers
+++ /dev/null
@@ -1,4 +0,0 @@
-Maintainers should use ./bin/build-helper script.
-
-Makefile is intended for end users. It can be used for non-maintaining
-targets that can be run from pure source (without git repository).
diff --git a/bin/build-helper b/bin/build-helper
index ed41e438..963f02f9 100755
--- a/bin/build-helper
+++ b/bin/build-helper
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
-# 2016-2019 Darko Poljak (darko.poljak at gmail.com)
#
# This file is part of cdist.
#
@@ -19,67 +18,17 @@
# along with cdist. If not, see .
#
#
-# This file contains the heavy lifting found usually in the Makefile.
+# This file contains the heavy lifting found usually in the Makefile
#
-usage() {
- printf "usage: %s TARGET [TARGET-ARGS...]
- Available targets:
- changelog-changes
- changelog-version
- check-date
- check-unittest
- ml-release
- archlinux-release
- pypi-release
- release-git-tag
- sign-git-release
- release
- test
- test-remote
- pycodestyle
- pep8
- check-pycodestyle
- shellcheck-global-explorers
- shellcheck-type-explorers
- shellcheck-manifests
- shellcheck-local-gencodes
- shellcheck-remote-gencodes
- shellcheck-scripts
- shellcheck-gencodes
- shellcheck-types
- shellcheck
- shellcheck-type-files
- shellcheck-with-files
- shellcheck-build-helper
- check-shellcheck
- version-branch
- version
- target-version
- clean
- distclean\n" "$1"
-}
+basedir=${0%/*}/../
+# Change to checkout directory
+cd "$basedir"
-basename="${0##*/}"
-
-if [ $# -lt 1 ]
-then
- usage "${basename}"
- exit 1
-fi
+version=$(git describe)
option=$1; shift
-SHELLCHECKCMD="shellcheck -s sh -f gcc -x"
-# Skip SC2154 for variables starting with __ since such variables are cdist
-# environment variables.
-SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]'
-SHELLCHECKTMP=".shellcheck.tmp"
-
-# Change to checkout directory
-basedir="${0%/*}/../"
-cd "$basedir"
-
case "$option" in
changelog-changes)
if [ "$#" -eq 1 ]; then
@@ -117,8 +66,8 @@ case "$option" in
date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
if [ "$date_today" != "$date_changelog" ]; then
- printf "Date in changelog is not today\n"
- printf "Changelog date: %s\n" "${date_changelog}"
+ echo "Date in changelog is not today"
+ echo "Changelog: $date_changelog"
exit 1
fi
;;
@@ -127,17 +76,54 @@ case "$option" in
"$0" test
;;
+ blog)
+ version=$1; shift
+ blogfile=$1; shift
+ dir=${blogfile%/*}
+ file=${blogfile##*/}
+
+
+ cat << eof > "$blogfile"
+[[!meta title="Cdist $version released"]]
+
+Here's a short overview about the changes found in version ${version}:
+
+eof
+
+ $0 changelog-changes "$version" >> "$blogfile"
+
+ cat << eof >> "$blogfile"
+For more information visit the [[cdist homepage|software/cdist]].
+
+[[!tag cdist config unix]]
+eof
+ cd "$dir"
+ git add "$file"
+ # Allow git commit to fail if there are no changes
+ git commit -m "cdist blog update: $version" "$blogfile" || true
+ ;;
+
ml-release)
if [ $# -ne 1 ]; then
- printf "%s ml-release version\n" "$0" >&2
+ echo "$0 ml-release version" >&2
exit 1
fi
version=$1; shift
+ to_a=cdist
+ to_d=l.schottelius.org
+ to=${to_a}@${to_d}
+
+ from_a=nico-cdist
+ from_d=schottelius.org
+ from=${from_a}@${from_d}
+
(
cat << eof
-Subject: cdist $version has been released
+From: Nico -telmich- Schottelius <$from>
+To: cdist mailing list <$to>
+Subject: cdist $version released
Hello .*,
@@ -148,41 +134,25 @@ eof
"$0" changelog-changes "$version"
cat << eof
+Cheers,
+
+Nico
+
+--
+Automatisation at its best level. With cdist.
eof
- ) > mailinglist.tmp
+ ) | /usr/sbin/sendmail -f "$from" "$to"
;;
- archlinux-release)
- if [ $# -ne 1 ]; then
- printf "%s archlinux-release version\n" "$0" >&2
- exit 1
- fi
- version=$1; shift
-
- ARCHLINUXTAR="cdist-${version}-1.src.tar.gz"
- ./PKGBUILD.in "${version}"
- umask 022
- mkaurball
- burp -c system "${ARCHLINUXTAR}"
- ;;
-
- pypi-release)
- # Ensure that pypi release has the right version
- "$0" version
-
- make docs-clean
- make docs
- python3 setup.py sdist upload
- ;;
release-git-tag)
target_version=$($0 changelog-version)
- if git rev-parse --verify "refs/tags/${target_version}" 2>/dev/null; then
- printf "Tag for %s exists, aborting\n" "${target_version}"
+ if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
+ echo "Tag for $target_version exists, aborting"
exit 1
fi
- printf "Enter tag description for %s: " "${target_version}"
- read -r tagmessage
+ printf "Enter tag description for ${target_version}: "
+ read tagmessage
# setup for signed tags:
# gpg --fulL-gen-key
@@ -200,8 +170,7 @@ eof
# gpg --verify
# gpg --no-default-keyring --keyring --verify
# Ensure gpg-agent is running.
- GPG_TTY=$(tty)
- export GPG_TTY
+ export GPG_TTY=$(tty)
gpg-agent
git tag -s "$target_version" -m "$tagmessage"
@@ -211,14 +180,14 @@ eof
sign-git-release)
if [ $# -lt 2 ]
then
- printf "usage: %s sign-git-release TAG TOKEN [ARCHIVE]\n" "$0"
+ printf "usage: $0 sign-git-release TAG TOKEN [ARCHIVE]\n"
printf " if ARCHIVE is not specified then it is created\n"
exit 1
fi
tag="$1"
if ! git rev-parse -q --verify "${tag}" >/dev/null 2>&1
then
- printf "Tag \"%s\" not found.\n" "${tag}"
+ printf "Tag \"${tag}\" not found.\n"
exit 1
fi
token="$2"
@@ -240,35 +209,34 @@ eof
fi
gpg --armor --detach-sign "${archivename}" || exit 1
- project="ungleich-public%2Fcdist"
- sed_cmd='s/^.*"markdown":"\([^"]*\)".*$/\1/'
+ # make github release
+ curl -H "Authorization: token ${token}" \
+ --request POST \
+ --data "{ \"tag_name\":\"${tag}\", \
+ \"target_commitish\":\"master\", \
+ \"name\": \"${tag}\", \
+ \"body\":\"${tag}\", \
+ \"draft\":false, \
+ \"prerelease\": false}" \
+ "https://api.github.com/repos/ungleich/cdist/releases" || exit 1
- # upload archive
- response_archive=$(curl -f -X POST \
- --http1.1 \
- -H "PRIVATE-TOKEN: ${token}" \
- -F "file=@${archivename}" \
- "https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
- | sed "${sed_cmd}") || exit 1
+ # get release ID
+ repoid=$(curl "https://api.github.com/repos/ungleich/cdist/releases/tags/${tag}" \
+ | python3 -c 'import json; import sys; print(json.loads(sys.stdin.read())["id"])') \
+ || exit 1
- # upload archive signature
- response_archive_sig=$(curl -f -X POST \
- --http1.1 \
- -H "PRIVATE-TOKEN: ${token}" \
- -F "file=@${archivename}.asc" \
- "https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
- | sed "${sed_cmd}") || exit 1
-
- # make release
- changelog=$("$0" changelog-changes "$1" | sed 's/^[[:space:]]*//')
- release_notes=$(
- printf "%s\n\n%s\n\n**Changelog**\n\n%s\n" \
- "${response_archive}" "${response_archive_sig}" "${changelog}"
- )
- curl -f -X POST \
- -H "PRIVATE-TOKEN: ${token}" \
- -F "description=${release_notes}" \
- "https://code.ungleich.ch/api/v4/projects/${project}/repository/tags/${tag}/release" \
+ # upload archive and then signature
+ curl -H "Authorization: token ${token}" \
+ -H "Accept: application/vnd.github.manifold-preview" \
+ -H "Content-Type: application/x-gtar" \
+ --data-binary @${archivename} \
+ "https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}" \
+ || exit 1
+ curl -H "Authorization: token ${token}" \
+ -H "Accept: application/vnd.github.manifold-preview" \
+ -H "Content-Type: application/pgp-signature" \
+ --data-binary @${archivename}.asc \
+ "https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}.asc" \
|| exit 1
# remove generated files (archive and asc)
@@ -284,30 +252,30 @@ eof
target_version=$($0 changelog-version)
target_branch=$($0 version-branch)
- printf "Beginning release process for %s\n" "${target_version}"
+ echo "Beginning release process for $target_version"
# First check everything is sane
"$0" check-date
"$0" check-unittest
"$0" check-pycodestyle
- "$0" check-shellcheck
+ "$0" shellcheck
# Generate version file to be included in packaging
"$0" target-version
# Ensure the git status is clean, else abort
if ! git diff-index --name-only --exit-code HEAD ; then
- printf "Unclean tree, see files above, aborting.\n"
+ echo "Unclean tree, see files above, aborting"
exit 1
fi
# Ensure we are on the master branch
masterbranch=yes
if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
- printf "Releases are happening from the master branch, aborting.\n"
+ echo "Releases are happening from the master branch, aborting"
- printf "Enter the magic word to release anyway:"
- read -r magicword
+ echo "Enter the magic word to release anyway"
+ read magicword
if [ "$magicword" = "iknowwhatido" ]; then
masterbranch=no
@@ -318,7 +286,7 @@ eof
if [ "$masterbranch" = yes ]; then
# Ensure version branch exists
- if ! git rev-parse --verify "refs/heads/${target_branch}" 2>/dev/null; then
+ if ! git rev-parse --verify refs/heads/$target_branch 2>/dev/null; then
git branch "$target_branch"
fi
@@ -336,12 +304,20 @@ eof
make docs-clean
make docs
+ # Generate speeches (indirect check if they build)
+ make speeches
+
#############################################################
# Everything green, let's do the release
# Tag the current commit
"$0" release-git-tag
+ # sign git tag
+ printf "Enter github authentication token: "
+ read token
+ "$0" sign-git-release "${target_version}" "${token}"
+
# Also merge back the version branch
if [ "$masterbranch" = yes ]; then
git checkout master
@@ -349,41 +325,41 @@ eof
fi
# Publish git changes
- # if you want to have mirror locally then uncomment this and comment below
- # git push --mirror
- git push
- # push also new branch and set up tracking
- git push -u origin "${target_branch}"
- # fi
+ make pub
+
+ # publish man, speeches, website
+ if [ "$masterbranch" = yes ]; then
+ make web-release-all
+ else
+ make web-release-all-no-latest
+ fi
+
+ # Ensure that pypi release has the right version
+ "$0" version
# Create and publish package for pypi
- "$0" pypi-release
+ make pypi-release
- # sign git tag
- printf "Enter upstream repository authentication token: "
- read -r token
- "$0" sign-git-release "${target_version}" "${token}"
+ # Archlinux release is based on pypi
+ make archlinux-release
# Announce change on ML
- "$0" ml-release "${target_version}"
+ make ml-release
cat << eof
Manual steps post release:
- - cdist-web
- - send generated mailinglist.tmp mail
+
+ - linkedin
+ - hackernews
+ - reddit
- twitter
+
eof
+
;;
test)
- if [ ! -f "cdist/version.py" ]
- then
- printf "cdist/version.py is missing, generate it first.\n"
- exit 1
- fi
-
- PYTHONPATH="$(pwd -P)"
- export PYTHONPATH
+ export PYTHONPATH="$(pwd -P)"
if [ $# -lt 1 ]; then
python3 -m cdist.test
@@ -393,20 +369,12 @@ eof
;;
test-remote)
- if [ ! -f "cdist/version.py" ]
- then
- printf "cdist/version.py is missing, generate it first.\n"
- exit 1
- fi
-
- PYTHONPATH="$(pwd -P)"
- export PYTHONPATH
-
+ export PYTHONPATH="$(pwd -P)"
python3 -m cdist.test.exec.remote
;;
pycodestyle|pep8)
- pycodestyle "${basedir}" "${basedir}/scripts/cdist"
+ pycodestyle "${basedir}" "${basedir}/scripts/cdist" | less
;;
check-pycodestyle)
@@ -414,9 +382,9 @@ eof
printf "\\nPlease review pycodestyle report.\\n"
while true
do
- printf "Continue (yes/no)?\n"
+ echo "Continue (yes/no)?"
any=
- read -r any
+ read any
case "$any" in
yes)
break
@@ -425,88 +393,20 @@ eof
exit 1
;;
*)
- printf "Please answer with 'yes' or 'no' explicitly.\n"
+ echo "Please answer with 'yes' or 'no' explicitly."
;;
esac
done
;;
- shellcheck-global-explorers)
- # shellcheck disable=SC2086
- find cdist/conf/explorer -type f -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-type-explorers)
- # shellcheck disable=SC2086
- find cdist/conf/type -type f -path "*/explorer/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-manifests)
- # shellcheck disable=SC2086
- find cdist/conf/type -type f -name manifest -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-local-gencodes)
- # shellcheck disable=SC2086
- find cdist/conf/type -type f -name gencode-local -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-remote-gencodes)
- # shellcheck disable=SC2086
- find cdist/conf/type -type f -name gencode-remote -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-scripts)
- # shellcheck disable=SC2086
- ${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-gencodes)
- "$0" shellcheck-local-gencodes || exit 1
- "$0" shellcheck-remote-gencodes || exit 1
- ;;
-
- shellcheck-types)
- "$0" shellcheck-type-explorers || exit 1
- "$0" shellcheck-manifests || exit 1
- "$0" shellcheck-gencodes || exit 1
- ;;
-
shellcheck)
- "$0" shellcheck-global-explorers || exit 1
- "$0" shellcheck-types || exit 1
- "$0" shellcheck-scripts || exit 1
- ;;
-
- shellcheck-type-files)
- # shellcheck disable=SC2086
- find cdist/conf/type -type f -path "*/files/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}"
- test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
- ;;
-
- shellcheck-with-files)
- "$0" shellcheck || exit 1
- "$0" shellcheck-type-files || exit 1
- ;;
-
- shellcheck-build-helper)
- ${SHELLCHECKCMD} ./bin/build-helper
- ;;
-
- check-shellcheck)
- "$0" shellcheck
+ make helper=${helper} WEBDIR=${WEBDIR} shellcheck
printf "\\nPlease review shellcheck report.\\n"
while true
do
- printf "Continue (yes/no)?\n"
+ echo "Continue (yes/no)?"
any=
- read -r any
+ read any
case "$any" in
yes)
break
@@ -515,7 +415,7 @@ eof
exit 1
;;
*)
- printf "Please answer with 'yes' or 'no' explicitly.\n"
+ echo "Please answer with 'yes' or 'no' explicitly."
;;
esac
done
@@ -526,40 +426,16 @@ eof
;;
version)
- printf "VERSION = \"%s\"\n" "$(git describe)" > cdist/version.py
+ echo "VERSION = \"$(git describe)\"" > cdist/version.py
;;
target-version)
target_version=$($0 changelog-version)
- printf "VERSION = \"%s\"\n" "${target_version}" > cdist/version.py
+ echo "VERSION = \"${target_version}\"" > cdist/version.py
;;
- clean)
- make clean
-
- # Archlinux
- rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
- rm -rf pkg/ src/
-
- rm -f MANIFEST PKGBUILD
- rm -rf dist/
-
- # Signed release
- rm -f cdist-*.tar.gz
- rm -f cdist-*.tar.gz.asc
-
- # Temp files
- rm -f ./*.tmp
- rm -f ./.*.tmp
- ;;
-
- distclean)
- "$0" clean
- rm -f cdist/version.py
- ;;
*)
- printf "Unknown target: '%s'.\n" "${option}" >&2
- usage "${basename}"
+ echo "Unknown helper target $@ - aborting"
exit 1
;;
diff --git a/bin/build-helper.freebsd b/bin/build-helper.freebsd
new file mode 100755
index 00000000..ea16ef42
--- /dev/null
+++ b/bin/build-helper.freebsd
@@ -0,0 +1,482 @@
+#!/bin/sh
+#
+# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
+# 2016 Darko Poljak (darko.poljak at gmail.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# This file contains the heavy lifting found usually in the Makefile
+#
+
+# vars for make
+helper=$0
+
+basedir=${0%/*}/../
+# run_as is used to check how the script is called (by $0 value)
+# currently supported sufixes for $0 are:
+# .freebsd - run as freebsd
+basename=${0##*/}
+run_as=${basename#*.}
+case "$run_as" in
+ freebsd)
+ to_a=cdist-configuration-management
+ to_d=googlegroups.com
+ from_a=darko.poljak
+ from_d=gmail.com
+ ml_name="Darko Poljak"
+ ml_sig_name="Darko"
+
+ # vars for make
+ WEBDIR=../vcs/www.nico.schottelius.org
+ ;;
+ *)
+ to_a=cdist
+ to_d=l.schottelius.org
+ from_a=nico-cdist
+ from_d=schottelius.org
+ ml_name="Nico -telmich- Schottelius"
+ ml_sig_name="Nico"
+
+ # vars for make
+ WEBDIR=$$HOME/vcs/www.nico.schottelius.org
+ ;;
+esac
+
+# Change to checkout directory
+cd "$basedir"
+
+version=$(git describe)
+
+option=$1; shift
+
+case "$option" in
+ print-make-vars)
+ printf "helper: ${helper}\n"
+ printf "WEBDIR: ${WEBDIR}\n"
+ ;;
+ print-runas)
+ printf "run_as: $run_as\n"
+ ;;
+ changelog-changes)
+ if [ "$#" -eq 1 ]; then
+ start=$1
+ else
+ start="[[:digit:]]"
+ fi
+
+ end="[[:digit:]]"
+
+ awk -F: "BEGIN { start=0 }
+ {
+ if(start == 0) {
+ if (\$0 ~ /^$start/) {
+ start = 1
+ }
+ } else {
+ if (\$0 ~ /^$end/) {
+ exit
+ } else {
+ print \$0
+ }
+ }
+ }" "$basedir/docs/changelog"
+ ;;
+
+ changelog-version)
+ # get version from changelog
+ grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/:.*//'
+ ;;
+
+ check-date)
+ # verify date in changelog is today
+ date_today="$(date +%Y-%m-%d)"
+ date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
+
+ if [ "$date_today" != "$date_changelog" ]; then
+ echo "Date in changelog is not today"
+ echo "Changelog: $date_changelog"
+ exit 1
+ fi
+ ;;
+
+ check-unittest)
+ "$0" test
+ ;;
+
+ blog)
+ version=$1; shift
+ blogfile=$1; shift
+ dir=${blogfile%/*}
+ file=${blogfile##*/}
+
+
+ cat << eof > "$blogfile"
+[[!meta title="Cdist $version released"]]
+
+Here's a short overview about the changes found in version ${version}:
+
+eof
+
+ $0 changelog-changes "$version" >> "$blogfile"
+
+ cat << eof >> "$blogfile"
+For more information visit the [[cdist homepage|software/cdist]].
+
+[[!tag cdist config unix]]
+eof
+ cd "$dir"
+ git add "$file"
+ # Allow git commit to fail if there are no changes
+ git commit -m "cdist blog update: $version" "$blogfile" || true
+ ;;
+
+ ml-release)
+ if [ $# -ne 1 ]; then
+ echo "$0 ml-release version" >&2
+ exit 1
+ fi
+
+ version=$1; shift
+
+ to=${to_a}@${to_d}
+ from=${from_a}@${from_d}
+
+ (
+ cat << eof
+From: ${ml_name} <$from>
+To: cdist mailing list <$to>
+Subject: cdist $version released
+
+Hello .*,
+
+cdist $version has been released with the following changes:
+
+eof
+
+ "$0" changelog-changes "$version"
+ cat << eof
+
+Cheers,
+
+${ml_sig_name}
+
+--
+Automatisation at its best level. With cdist.
+eof
+ ) | /usr/sbin/sendmail -f "$from" "$to"
+ ;;
+
+ release-git-tag)
+ target_version=$($0 changelog-version)
+ if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
+ echo "Tag for $target_version exists, aborting"
+ exit 1
+ fi
+ printf "Enter tag description for ${target_version}: "
+ read tagmessage
+
+ # setup for signed tags:
+ # gpg --fulL-gen-key
+ # gpg --list-secret-keys --keyid-format LONG
+ # git config --local user.signingkey
+ # for exporting pub key:
+ # gpg --armor --export > pubkey.asc
+ # gpg --output pubkey.gpg --export
+ # show tag with signature
+ # git show
+ # verify tag signature
+ # git tag -v
+ #
+ # gpg verify signature
+ # gpg --verify
+ # gpg --no-default-keyring --keyring --verify
+ # Ensure gpg-agent is running.
+ export GPG_TTY=$(tty)
+ gpg-agent
+
+ git tag -s "$target_version" -m "$tagmessage"
+ git push --tags
+ ;;
+
+ sign-git-release)
+ if [ $# -lt 2 ]
+ then
+ printf "usage: $0 sign-git-release TAG TOKEN [ARCHIVE]\n"
+ printf " if ARCHIVE is not specified then it is created\n"
+ exit 1
+ fi
+ tag="$1"
+ if ! git rev-parse -q --verify "${tag}" >/dev/null 2>&1
+ then
+ printf "Tag \"${tag}\" not found.\n"
+ exit 1
+ fi
+ token="$2"
+ if [ $# -gt 2 ]
+ then
+ archivename="$3"
+ else
+ archivename="cdist-${tag}.tar"
+ git archive --prefix="cdist-${tag}/" -o "${archivename}" "${tag}" \
+ || exit 1
+ # make sure target version is generated
+ "$0" target-version
+ tar -x -f "${archivename}" || exit 1
+ cp cdist/version.py "cdist-${tag}/cdist/version.py" || exit 1
+ tar -c -f "${archivename}" "cdist-${tag}/" || exit 1
+ rm -r -f "cdist-${tag}/"
+ gzip "${archivename}" || exit 1
+ archivename="${archivename}.gz"
+ fi
+ gpg --armor --detach-sign "${archivename}" || exit 1
+
+ # make github release
+ curl -H "Authorization: token ${token}" \
+ --request POST \
+ --data "{ \"tag_name\":\"${tag}\", \
+ \"target_commitish\":\"master\", \
+ \"name\": \"${tag}\", \
+ \"body\":\"${tag}\", \
+ \"draft\":false, \
+ \"prerelease\": false}" \
+ "https://api.github.com/repos/ungleich/cdist/releases" || exit 1
+
+ # get release ID
+ repoid=$(curl "https://api.github.com/repos/ungleich/cdist/releases/tags/${tag}" \
+ | python3 -c 'import json; import sys; print(json.loads(sys.stdin.read())["id"])') \
+ || exit 1
+
+ # upload archive and then signature
+ curl -H "Authorization: token ${token}" \
+ -H "Accept: application/vnd.github.manifold-preview" \
+ -H "Content-Type: application/x-gtar" \
+ --data-binary @${archivename} \
+ "https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}" \
+ || exit 1
+ curl -H "Authorization: token ${token}" \
+ -H "Accept: application/vnd.github.manifold-preview" \
+ -H "Content-Type: application/pgp-signature" \
+ --data-binary @${archivename}.asc \
+ "https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}.asc" \
+ || exit 1
+
+ # remove generated files (archive and asc)
+ if [ $# -eq 2 ]
+ then
+ rm -f "${archivename}"
+ fi
+ rm -f "${archivename}.asc"
+ ;;
+
+ release)
+ set -e
+ target_version=$($0 changelog-version)
+ target_branch=$($0 version-branch)
+
+ echo "Beginning release process for $target_version"
+
+ # First check everything is sane
+ "$0" check-date
+ "$0" check-unittest
+ "$0" check-pycodestyle
+ "$0" shellcheck
+
+ # Generate version file to be included in packaging
+ "$0" target-version
+
+ # Ensure the git status is clean, else abort
+ if ! git diff-index --name-only --exit-code HEAD ; then
+ echo "Unclean tree, see files above, aborting"
+ exit 1
+ fi
+
+ # Ensure we are on the master branch
+ masterbranch=yes
+ if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
+ echo "Releases are happening from the master branch, aborting"
+
+ echo "Enter the magic word to release anyway"
+ read magicword
+
+ if [ "$magicword" = "iknowwhatido" ]; then
+ masterbranch=no
+ else
+ exit 1
+ fi
+ fi
+
+ if [ "$masterbranch" = yes ]; then
+ # Ensure version branch exists
+ if ! git rev-parse --verify refs/heads/$target_branch 2>/dev/null; then
+ git branch "$target_branch"
+ fi
+
+ # Merge master branch into version branch
+ git checkout "$target_branch"
+ git merge master
+ fi
+
+ # Verify that after the merge everything works
+ "$0" check-date
+ "$0" check-unittest
+
+ # Generate documentation (man and html)
+ # First, clean old generated docs
+ make helper=${helper} WEBDIR=${WEBDIR} docs-clean
+ make helper=${helper} WEBDIR=${WEBDIR} docs
+
+ # Generate speeches (indirect check if they build)
+ make helper=${helper} WEBDIR=${WEBDIR} speeches
+
+ #############################################################
+ # Everything green, let's do the release
+
+ # Tag the current commit
+ "$0" release-git-tag
+
+ # sign git tag
+ printf "Enter github authentication token: "
+ read token
+ "$0" sign-git-release "${target_version}" "${token}"
+
+ # Also merge back the version branch
+ if [ "$masterbranch" = yes ]; then
+ git checkout master
+ git merge "$target_branch"
+ fi
+
+ # Publish git changes
+ case "$run_as" in
+ freebsd)
+ # if we are not Nico :) then just push, no mirror
+ git push
+ # push also new branch and set up tracking
+ git push -u origin "${target_branch}"
+ ;;
+ *)
+ make helper=${helper} WEBDIR=${WEBDIR} pub
+ ;;
+ esac
+
+ # Ensure that pypi release has the right version
+ "$0" version
+
+ # Create and publish package for pypi
+ make helper=${helper} WEBDIR=${WEBDIR} pypi-release
+
+ # publish man, speeches, website
+ if [ "$masterbranch" = yes ]; then
+ make helper=${helper} WEBDIR=${WEBDIR} web-release-all
+ else
+ make helper=${helper} WEBDIR=${WEBDIR} web-release-all-no-latest
+ fi
+
+ case "$run_as" in
+ freebsd)
+ ;;
+ *)
+ # Archlinux release is based on pypi
+ make archlinux-release
+ ;;
+ esac
+
+ # Announce change on ML
+ make helper=${helper} WEBDIR=${WEBDIR} ml-release
+ ;;
+
+ test)
+ export PYTHONPATH="$(pwd -P)"
+
+ if [ $# -lt 1 ]; then
+ python3 -m cdist.test
+ else
+ python3 -m unittest "$@"
+ fi
+ ;;
+
+ test-remote)
+ export PYTHONPATH="$(pwd -P)"
+ python3 -m cdist.test.exec.remote
+ ;;
+
+ pycodestyle|pep8)
+ pycodestyle "${basedir}" "${basedir}/scripts/cdist" | less
+ ;;
+
+ check-pycodestyle)
+ "$0" pycodestyle
+ printf "\\nPlease review pycodestyle report.\\n"
+ while true
+ do
+ echo "Continue (yes/no)?"
+ any=
+ read any
+ case "$any" in
+ yes)
+ break
+ ;;
+ no)
+ exit 1
+ ;;
+ *)
+ echo "Please answer with 'yes' or 'no' explicitly."
+ ;;
+ esac
+ done
+ ;;
+
+ shellcheck)
+ make helper=${helper} WEBDIR=${WEBDIR} shellcheck
+ printf "\\nPlease review shellcheck report.\\n"
+ while true
+ do
+ echo "Continue (yes/no)?"
+ any=
+ read any
+ case "$any" in
+ yes)
+ break
+ ;;
+ no)
+ exit 1
+ ;;
+ *)
+ echo "Please answer with 'yes' or 'no' explicitly."
+ ;;
+ esac
+ done
+ ;;
+
+ version-branch)
+ "$0" changelog-version | cut -d. -f '1,2'
+ ;;
+
+ version)
+ echo "VERSION = \"$(git describe)\"" > cdist/version.py
+ ;;
+
+ target-version)
+ target_version=$($0 changelog-version)
+ echo "VERSION = \"${target_version}\"" > cdist/version.py
+ ;;
+
+ *)
+ echo "Unknown helper target $@ - aborting"
+ exit 1
+ ;;
+
+esac
diff --git a/cdist/argparse.py b/cdist/argparse.py
index 611c484a..72fc0d0f 100644
--- a/cdist/argparse.py
+++ b/cdist/argparse.py
@@ -5,24 +5,21 @@ import logging
import collections
import functools
import cdist.configuration
-import cdist.preos
-import cdist.info
# set of beta sub-commands
BETA_COMMANDS = set(('install', 'inventory', ))
# set of beta arguments for sub-commands
BETA_ARGS = {
- 'config': set(('tag', 'all_tagged_hosts', 'use_archiving', )),
+ 'config': set(('jobs', 'tag', 'all_tagged_hosts', 'use_archiving', )),
}
-EPILOG = "Get cdist at https://code.ungleich.ch/ungleich-public/cdist"
+EPILOG = "Get cdist at http://www.nico.schottelius.org/software/cdist/"
# Parser others can reuse
parser = None
_verbosity_level_off = -2
_verbosity_level = {
- None: logging.WARNING,
_verbosity_level_off: logging.OFF,
-1: logging.ERROR,
0: logging.WARNING,
@@ -104,7 +101,7 @@ def get_parsers():
name="log level"),
help=('Set the specified verbosity level. '
'The levels, in order from the lowest to the highest, are: '
- 'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3), '
+ 'ERROR (-1), WARNING (0), INFO (1), VERBOSE (2), DEBUG (3) '
'TRACE (4 or higher). If used along with -v then -v '
'increases last set value and -l overwrites last set '
'value.'),
@@ -194,7 +191,8 @@ def get_parsers():
name="positive int"),
help=('Operate in parallel in specified maximum number of jobs. '
'Global explorers, object prepare and object run are '
- 'supported. Without argument CPU count is used by default. '),
+ 'supported. Without argument CPU count is used by default. '
+ 'Currently in beta.'),
action='store', dest='jobs',
const=multiprocessing.cpu_count())
parser['config_main'].add_argument(
@@ -425,9 +423,6 @@ def get_parsers():
parser['inventory'].set_defaults(
func=cdist.inventory.Inventory.commandline)
- # PreOS
- parser['preos'] = parser['sub'].add_parser('preos', add_help=False)
-
# Shell
parser['shell'] = parser['sub'].add_parser(
'shell', parents=[parser['loglevel']])
@@ -437,37 +432,6 @@ def get_parsers():
' should be POSIX compatible shell.'))
parser['shell'].set_defaults(func=cdist.shell.Shell.commandline)
- # Info
- parser['info'] = parser['sub'].add_parser('info')
- parser['info'].add_argument(
- '-a', '--all', help='Display all info. This is the default.',
- action='store_true', default=False)
- parser['info'].add_argument(
- '-c', '--conf-dir',
- help='Add configuration directory (can be repeated).',
- action='append')
- parser['info'].add_argument(
- '-e', '--global-explorers',
- help='Display info for global explorers.', action='store_true',
- default=False)
- parser['info'].add_argument(
- '-F', '--fixed-string',
- help='Interpret pattern as a fixed string.', action='store_true',
- default=False)
- parser['info'].add_argument(
- '-f', '--full', help='Display full details.',
- action='store_true', default=False)
- parser['info'].add_argument(
- '-g', '--config-file',
- help='Use specified custom configuration file.',
- dest="config_file", required=False)
- parser['info'].add_argument(
- '-t', '--types', help='Display info for types.',
- action='store_true', default=False)
- parser['info'].add_argument(
- 'pattern', nargs='?', help='Glob pattern.')
- parser['info'].set_defaults(func=cdist.info.Info.commandline)
-
for p in parser:
parser[p].epilog = EPILOG
diff --git a/cdist/conf/explorer/disks b/cdist/conf/explorer/disks
index 24540601..87a6b5c6 100755
--- a/cdist/conf/explorer/disks
+++ b/cdist/conf/explorer/disks
@@ -1,67 +1,27 @@
-#!/bin/sh -e
-#
-# based on previous work by other people, modified by:
-# 2020 Dennis Camera
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-# Finds disks of the system (excl. ram disks, floppy, cdrom)
+#!/bin/sh
uname_s="$(uname -s)"
-case $uname_s in
+case "${uname_s}" in
FreeBSD)
sysctl -n kern.disks
;;
- OpenBSD)
- sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+'
- ;;
- NetBSD)
- PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
- sysctl -n hw.disknames \
- | awk 'BEGIN { RS = " " } /^[lsw]d[0-9]+/'
+ OpenBSD|NetBSD)
+ sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+' | xargs
;;
Linux)
- # list of major device numbers toexclude:
- # ram disks, floppies, cdroms
- # https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
- ign_majors='1 2 11'
-
- if command -v lsblk >/dev/null 2>&1
+ if command -v lsblk > /dev/null
then
- lsblk -e "$(echo "$ign_majors" | tr ' ' ',')" -dno name
- elif test -d /sys/block/
- then
- # shellcheck disable=SC2012
- ls -1 /sys/block/ \
- | awk -v ign_majors="$(echo "$ign_majors" | tr ' ' '|')" '
- {
- devfile = "/sys/block/" $0 "/dev"
- getline devno < devfile
- close(devfile)
- if (devno !~ "^(" ign_majors "):") print
- }'
+ # exclude ram disks, floppies and cdroms
+ # https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
+ lsblk -e 1,2,11 -dno name | xargs
else
- echo "Don't know how to list disks on Linux without lsblk and sysfs." >&2
- echo 'If you can, please submit a patch.'>&2
+ printf "Don't know how to list disks for %s operating system without lsblk, if you can please submit a patch\n" "${uname_s}" >&2
fi
;;
*)
- printf "Don't know how to list disks for %s operating system.\n" "${uname_s}" >&2
- printf 'If you can please submit a patch\n' >&2
+ printf "Don't know how to list disks for %s operating system, if you can please submit a patch\n" "${uname_s}" >&2
;;
-esac \
-| xargs
+esac
+
+exit 0
diff --git a/cdist/conf/explorer/hostname b/cdist/conf/explorer/hostname
index dca004d1..7715c6b0 100755
--- a/cdist/conf/explorer/hostname
+++ b/cdist/conf/explorer/hostname
@@ -1,6 +1,7 @@
#!/bin/sh
#
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
+# 2010-2014 Nico Schottelius (nico-cdist at schottelius.org)
+# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
@@ -18,12 +19,7 @@
# along with cdist. If not, see .
#
#
-# Retrieve the running hostname
-#
-if command -v hostname >/dev/null
-then
- hostname
-else
- uname -n
+if command -v uname >/dev/null; then
+ uname -n
fi
diff --git a/cdist/conf/explorer/init b/cdist/conf/explorer/init
index f27c77ef..43a66a50 100755
--- a/cdist/conf/explorer/init
+++ b/cdist/conf/explorer/init
@@ -1,8 +1,7 @@
-#!/bin/sh -e
+#!/bin/sh
#
# 2016 Daniel Heule (hda at sfs.biz)
# Copyright 2017, Philippe Gregoire
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -20,423 +19,21 @@
# along with cdist. If not, see .
#
#
-# Returns the name of the init system (PID 1)
-
-# Expected values:
-# Linux:
-# Adélie Linux:
-# sysvinit+openrc
-# Alpine Linux:
-# busybox-init+openrc
-# ArchLinux:
-# systemd, sysvinit
-# CRUX:
-# sysvinit
-# Debian:
-# systemd, upstart, sysvinit, openrc, ???
-# Devuan:
-# sysvinit, sysvinit+openrc
-# Gentoo:
-# sysvinit+openrc, openrc-init, systemd
-# OpenBMC:
-# systemd
-# OpenWrt:
-# procd, init???
-# RedHat (RHEL, CentOS, Fedora, RedHat Linux, ...):
-# systemd, upstart, upstart-legacy, sysvinit
-# Slackware:
-# sysvinit
-# SuSE:
-# systemd, sysvinit
-# Ubuntu:
-# systemd, upstart, upstart-legacy, sysvinit
-# VoidLinux:
-# runit
+# Returns the process name of pid 1 ( normaly the init system )
+# for example at linux this value is "init" or "systemd" in most cases
#
-# GNU:
-# Debian:
-# sysvinit, hurd-init
-#
-# BSD:
-# {Free,Open,Net}BSD:
-# init
-#
-# Mac OS X:
-# launchd, init+SystemStarter
-#
-# Solaris/Illumos:
-# smf, init???
-# NOTE: init systems can be stacked. This is popular to run OpenRC on top of
-# sysvinit (Gentoo) or busybox-init (Alpine), but can also be used to run runit
-# as a systemd service. This makes init system detection very complicated
-# (which result is expected?) This script tries to untangle some combinations,
-# OpenRC on top of sysv or busybox (X+openrc), but will ignore others (runit as
-# a systemd service)
+uname_s="$(uname -s)"
-# NOTE: When we have no idea, nothing will be printed!
-
-# NOTE:
-# When trying to gather information about the init system make sure to do so
-# without calling the binary! On some systems this triggers a reinitialisation
-# of the system which we don't want (e.g. embedded systems).
-
-
-set -e
-
-KERNEL_NAME=$(uname -s)
-
-KNOWN_INIT_SYSTEMS=$(cat </dev/null 2>&1 || return 1
- launchctl getenv PATH >/dev/null || return 1
- echo launchd
-}
-
-check_openrc() {
- test -f /run/openrc/softlevel || return 1
- echo openrc
-}
-
-check_procd() (
- procd_path=${1:-/sbin/procd}
- test -x "${procd_path}" || return 1
- grep -q 'procd' "${procd_path}" || return 1
- echo procd
-)
-
-check_runit() {
- test -d /run/runit || return 1
- echo runit
-}
-
-check_smf() {
- # XXX: Is this the correct way??
- test -f /etc/svc/volatile/svc_nonpersist.db || return 1
- echo smf
-}
-
-check_systemd() {
- # NOTE: sd_booted(3)
- test -d /run/systemd/system/ || return 1
- # systemctl --version | sed -e '/^systemd/!d;s/^systemd //'
- echo systemd
-}
-
-check_systemstarter() {
- test -d /System/Library/StartupItems/ || return 1
- test -f /System/Library/StartupItems/LoginWindow/StartupParameters.plist || return 1
- echo init+SystemStarter
-}
-
-check_sysvinit() (
- init_path=${1:-/sbin/init}
- test -x "${init_path}" || return 1
- grep -q 'INIT_VERSION=sysvinit-[0-9.]*' "${init_path}" || return 1
-
- # It is quite common to use SysVinit to stack other init systemd
- # (like OpenRC) on top of it. So we check for that, too.
- if stacked=$(check_openrc)
- then
- echo "sysvinit+${stacked}"
- else
- echo sysvinit
- fi
- unset stacked
-)
-
-check_upstart() {
- test -x "$(command -v initctl)" || return 1
- case $(initctl version)
- in
- *'(upstart '*')')
- if test -d /etc/init
- then
- # modern (DBus-based?) upstart >= 0.5
- echo upstart
- elif test -d /etc/event.d
- then
- # ancient upstart
- echo upstart-legacy
- else
- # whatever...
- echo upstart
- fi
- ;;
- *)
- return 1
- ;;
- esac
-}
-
-find_init_procfs() (
- # First, check if the required file in procfs exists...
- test -h /proc/1/exe || return 1
-
- # Find init executable
- init_exe=$(ls -l /proc/1/exe 2>/dev/null) || return 1
- init_exe=${init_exe#* -> }
-
- if ! test -x "$init_exe"
- then
- # On some rare occasions it can happen that the
- # running init's binary has been replaced. In this
- # case Linux adjusts the symlink to "X (deleted)"
-
- # [root@fedora-12 ~]# readlink /proc/1/exe
- # /sbin/init (deleted)
- # [root@fedora-12 ~]# ls -l /proc/1/exe
- # lrwxrwxrwx. 1 root root 0 2020-01-30 23:00 /proc/1/exe -> /sbin/init (deleted)
-
- init_exe=${init_exe% (deleted)}
- test -x "$init_exe" || return 1
- fi
-
- echo "${init_exe}"
-)
-
-guess_by_path() {
- case $1
- in
- /bin/busybox)
- check_busybox_init "$1" && return
- ;;
- /lib/systemd/systemd)
- check_systemd "$1" && return
- ;;
- /hurd/init)
- check_hurd_init "$1" && return
- ;;
- /sbin/launchd)
- check_launchd "$1" && return
- ;;
- /usr/bin/runit|/sbin/runit)
- check_runit "$1" && return
- ;;
- /sbin/openrc-init)
- if check_openrc "$1" >/dev/null
- then
- echo openrc-init
- return
- fi
- ;;
- /sbin/procd)
- check_procd "$1" && return
- ;;
- /sbin/init|*/init)
- # init: it could be anything -> (explicit) no match
- return 1
- ;;
- esac
-
- # No match
- return 1
-}
-
-guess_by_comm_name() {
- case $1
- in
- busybox)
- check_busybox_init && return
- ;;
- openrc-init)
- if check_openrc >/dev/null
- then
- echo openrc-init
- return 0
- fi
- ;;
- init)
- # init could be anything -> no match
- return 1
- ;;
- *)
- # Run check function by comm name if available.
- # Fall back to comm name if either it does not exist or
- # returns non-zero.
- if type "check_$1" >/dev/null
- then
- "check_$1" && return
- else
- echo "$1" ; return 0
- fi
- esac
-
- return 1
-}
-
-check_list() (
- # List must be a multi-line input on stdin (one name per line)
- while read -r init
- do
- "check_${init}" || continue
- return 0
- done
- return 1
-)
-
-
-# BusyBox's versions of ps and pgrep do not support some options
-# depending on which compile-time options have been used.
-
-find_init_pgrep() {
- pgrep -P0 -fl 2>/dev/null | awk -F '[[:blank:]]' '$1 == 1 { print $2 }'
-}
-
-find_init_ps() {
- case $KERNEL_NAME
- in
- Darwin)
- ps -o command -p 1 2>/dev/null | tail -n +2
- ;;
- FreeBSD)
- ps -o args= -p 1 2>/dev/null | cut -d ' ' -f 1
- ;;
- Linux)
- ps -o comm= -p 1 2>/dev/null
- ;;
- NetBSD)
- ps -o comm= -p 1 2>/dev/null
- ;;
- OpenBSD)
- ps -o args -p 1 2>/dev/null | tail -n +2 | cut -d ' ' -f 1
- ;;
- *)
- ps -o args= -p 1 2>/dev/null
- ;;
- esac | trim # trim trailing whitespace (some ps like Darwin add it)
-}
-
-find_init() {
- case $KERNEL_NAME
- in
- Linux|GNU|NetBSD)
- find_init_procfs || find_init_pgrep || find_init_ps
- ;;
- FreeBSD)
- find_init_procfs || find_init_ps
- ;;
- OpenBSD)
- find_init_pgrep || find_init_ps
- ;;
- Darwin|SunOS)
- find_init_ps
- ;;
- *)
- echo "Don't know how to determine init." >&2
- echo 'Please send a patch.' >&2
- exit 1
- esac
-}
-
-# -----
-
-init=$(find_init)
-
-# If we got a path, guess by the path first (fall back to file name if no match)
-# else guess by file name directly.
-# shellcheck disable=SC2015
-{
- test -x "${init}" \
- && guess_by_path "${init}" \
- || guess_by_comm_name "$(basename "${init}")"
-} && exit 0 || true
-
-
-# Guessing based on the file path and name didn’t lead to a definitive result.
-#
-# We go through all of the checks until we find a match. To speed up the
-# process, common cases will be checked first based on the underlying kernel.
-
-{ common_candidates_by_kernel; echo "${KNOWN_INIT_SYSTEMS}"; } \
- | unique | check_list
+case "$uname_s" in
+ Linux)
+ (pgrep -P0 -l | awk '/^1[ \t]/ {print $2;}') || true
+ ;;
+ FreeBSD)
+ ps -o comm= -p 1 || true
+ ;;
+ *)
+ # return a empty string as unknown value
+ echo ""
+ ;;
+esac
diff --git a/cdist/conf/explorer/interfaces b/cdist/conf/explorer/interfaces
index aeb55ed0..55287971 100755
--- a/cdist/conf/explorer/interfaces
+++ b/cdist/conf/explorer/interfaces
@@ -18,11 +18,13 @@
# along with cdist. If not, see .
#
-if command -v ip >/dev/null
+if command -v ip > /dev/null
then
- ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
-elif command -v ifconfig >/dev/null
+ ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
+
+elif command -v ifconfig > /dev/null
then
- ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
-fi \
- | sort -u
+ ifconfig -a \
+ | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' \
+ | sort -u
+fi
diff --git a/cdist/conf/explorer/os b/cdist/conf/explorer/os
index 563fa4cf..d522300c 100755
--- a/cdist/conf/explorer/os
+++ b/cdist/conf/explorer/os
@@ -145,7 +145,7 @@ esac
if [ -f /etc/os-release ]; then
# already lowercase, according to:
# https://www.freedesktop.org/software/systemd/man/os-release.html
- awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release
+ awk -F= '/^ID=/ {print $2;}' /etc/os-release
exit 0
fi
diff --git a/cdist/conf/explorer/os_release b/cdist/conf/explorer/os_release
index 6489446b..cfc01004 100644
--- a/cdist/conf/explorer/os_release
+++ b/cdist/conf/explorer/os_release
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2018 Adam Dej (dejko.a at gmail.com)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,17 +21,6 @@
# See os-release(5) and http://0pointer.de/blog/projects/os-release
-if test -f /etc/os-release
-then
- # Linux and FreeBSD (usually a symlink)
- cat /etc/os-release
-elif test -f /usr/lib/os-release
-then
- # systemd
- cat /usr/lib/os-release
-elif test -f /var/run/os-release
-then
- # FreeBSD (created by os-release service)
- cat /var/run/os-release
-fi
+set +e
+cat /etc/os-release || cat /usr/lib/os-release || true
diff --git a/cdist/conf/explorer/os_version b/cdist/conf/explorer/os_version
index 1d54ea60..4c41695b 100755
--- a/cdist/conf/explorer/os_version
+++ b/cdist/conf/explorer/os_version
@@ -70,7 +70,4 @@ case "$("$__explorer/os")" in
ubuntu)
lsb_release -sr
;;
- alpine)
- cat /etc/alpine-release
- ;;
-esac
\ No newline at end of file
+esac
diff --git a/cdist/conf/type/__acl/explorer/checks b/cdist/conf/type/__acl/explorer/missing_users_groups
similarity index 58%
rename from cdist/conf/type/__acl/explorer/checks
rename to cdist/conf/type/__acl/explorer/missing_users_groups
index 70bb0412..b4af614c 100755
--- a/cdist/conf/type/__acl/explorer/checks
+++ b/cdist/conf/type/__acl/explorer/missing_users_groups
@@ -18,22 +18,30 @@
# along with cdist. If not, see .
#
-# TODO check if filesystem has ACL turned on etc
+[ ! -e "/$__object_id" ] && exit 0
-if [ -f "$__object/parameter/acl" ]
-then
- grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \
- | while read -r acl
+for parameter in user group
+do
+ if [ ! -f "$__object/parameter/$parameter" ]
+ then
+ continue
+ fi
+
+ while read -r acl
do
- param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )"
- check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )"
+ check="$( echo "$acl" | awk -F: '{print $1}' )"
- [ "$param" = 'user' ] && db=passwd || db="$param"
-
- if ! getent "$db" "$check" > /dev/null
+ if [ "$parameter" = 'user' ]
then
- echo "missing $param '$check'" >&2
- exit 1
+ getent_db=passwd
+ else
+ getent_db="$parameter"
fi
- done
-fi
+
+ if ! getent "$getent_db" "$check" > /dev/null
+ then
+ echo "missing $parameter '$check'"
+ fi
+ done \
+ < "$__object/parameter/$parameter"
+done
diff --git a/cdist/conf/type/__acl/gencode-remote b/cdist/conf/type/__acl/gencode-remote
index e5404a9d..a0f25a15 100755
--- a/cdist/conf/type/__acl/gencode-remote
+++ b/cdist/conf/type/__acl/gencode-remote
@@ -20,84 +20,59 @@
file_is="$( cat "$__object/explorer/file_is" )"
-if [ "$file_is" = 'missing' ] \
- && [ -z "$__cdist_dry_run" ] \
- && \( [ ! -f "$__object/parameter/file" ] \
- || [ ! -f "$__object/parameter/directory" ] \)
+[ "$file_is" = 'missing' ] && exit 0
+
+missing_users_groups="$( cat "$__object/explorer/missing_users_groups" )"
+
+if [ -n "$missing_users_groups" ]
then
- exit 0
+ echo "$missing_users_groups" >&2
+ exit 1
fi
os="$( cat "$__global/explorer/os" )"
-acl_path="/$__object_id"
-
acl_is="$( cat "$__object/explorer/acl_is" )"
-if [ -f "$__object/parameter/source" ]
-then
- acl_source="$( cat "$__object/parameter/source" )"
+acl_path="/$__object_id"
- if [ "$acl_source" = '-' ]
- then
- acl_should="$( cat "$__object/stdin" )"
- else
- acl_should="$( grep -Ev '^#|^$' "$acl_source" )"
- fi
-elif [ -f "$__object/parameter/entry" ]
+if [ -f "$__object/parameter/default" ] && [ "$file_is" = 'directory' ]
then
- acl_should="$( cat "$__object/parameter/entry" )"
-elif [ -f "$__object/parameter/acl" ]
-then
- acl_should="$( cat "$__object/parameter/acl" )"
-elif
- [ -f "$__object/parameter/user" ] \
- || [ -f "$__object/parameter/group" ] \
- || [ -f "$__object/parameter/mask" ] \
- || [ -f "$__object/parameter/other" ]
-then
- acl_should="$( for param in user group mask other
- do
- [ ! -f "$__object/parameter/$param" ] && continue
-
- echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=:
-
- echo "$param$sep$( cat "$__object/parameter/$param" )"
- done )"
+ set_default=1
else
- echo 'no parameters set' >&2
- exit 1
+ set_default=0
fi
-if [ -f "$__object/parameter/default" ]
-then
- acl_should="$( echo "$acl_should" \
- | sed 's/^default://' \
- | sort -u \
- | sed 's/\(.*\)/default:\1\n\1/' )"
-fi
+acl_should="$( for parameter in user group mask other
+do
+ if [ ! -f "$__object/parameter/$parameter" ]
+ then
+ continue
+ fi
-if [ "$file_is" = 'regular' ] \
- && echo "$acl_should" | grep -Eq '^default:'
-then
- # only directories can have default ACLs,
- # but instead of error,
- # let's just remove default entries
- acl_should="$( echo "$acl_should" | grep -Ev '^default:' )"
-fi
+ while read -r acl
+ do
+ if echo "$acl" | awk -F: '{ print $NF }' | grep -Fq 'X'
+ then
+ [ "$file_is" = 'directory' ] && rep=x || rep=-
-if echo "$acl_should" | awk -F: '{ print $NF }' | grep -Fq 'X'
-then
- [ "$file_is" = 'directory' ] && rep=x || rep=-
+ acl="$( echo "$acl" | sed "s/\(.*\)X/\1$rep/" )"
+ fi
- acl_should="$( echo "$acl_should" | sed "s/\\(.*\\)X/\\1$rep/" )"
-fi
+ echo "$parameter" | grep -Eq '(mask|other)' && sep=:: || sep=:
+
+ echo "$parameter$sep$acl"
+
+ [ "$set_default" = '1' ] && echo "default:$parameter$sep$acl"
+ done \
+ < "$__object/parameter/$parameter"
+done )"
setfacl_exec='setfacl'
if [ -f "$__object/parameter/recursive" ]
then
- if echo "$os" | grep -Fq 'freebsd'
+ if echo "$os" | grep -Eq 'macosx|freebsd'
then
echo "$os setfacl do not support recursive operations" >&2
else
@@ -107,36 +82,44 @@ fi
if [ -f "$__object/parameter/remove" ]
then
- echo "$acl_is" | while read -r acl
- do
- # skip wanted ACL entries which already exist
- # and skip mask and other entries, because we
- # can't actually remove them, but only change.
- if echo "$acl_should" | grep -Eq "^$acl" \
- || echo "$acl" | grep -Eq '^(default:)?(mask|other)'
- then continue
- fi
+ if echo "$os" | grep -Fq 'solaris'
+ then
+ # Solaris setfacl behaves differently.
+ # We will not support Solaris for now, because no way to test it.
+ # But adding support should be easy (use -s instead of -m on modify).
+ echo "$os setfacl do not support -x flag for ACL remove" >&2
+ else
+ echo "$acl_is" | while read -r acl
+ do
+ # Skip wanted ACL entries which already exist
+ # and skip mask and other entries, because we
+ # can't actually remove them, but only change.
+ if echo "$acl_should" | grep -Eq "^$acl" \
+ || echo "$acl" | grep -Eq '^(default:)?(mask|other)'
+ then continue
+ fi
- if echo "$os" | grep -Fq 'freebsd'
- then
- remove="$acl"
- else
- remove="$( echo "$acl" | sed 's/:...$//' )"
- fi
+ if echo "$os" | grep -Eq 'macosx|freebsd'
+ then
+ remove="$acl"
+ else
+ remove="$( echo "$acl" | sed 's/:...$//' )"
+ fi
- echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
- echo "removed '$remove'" >> "$__messages_out"
- done
+ echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
+ echo "removed '$remove'" >> "$__messages_out"
+ done
+ fi
fi
for acl in $acl_should
do
if ! echo "$acl_is" | grep -Eq "^$acl"
then
- if echo "$os" | grep -Fq 'freebsd' \
+ if echo "$os" | grep -Eq 'macosx|freebsd' \
&& echo "$acl" | grep -Eq '^default:'
then
- echo "setting default ACL in $os is currently not supported" >&2
+ echo "setting default ACL in $os is currently not supported. sorry :(" >&2
else
echo "$setfacl_exec -m \"$acl\" \"$acl_path\""
echo "added '$acl'" >> "$__messages_out"
diff --git a/cdist/conf/type/__acl/man.rst b/cdist/conf/type/__acl/man.rst
index 28412871..092eb555 100644
--- a/cdist/conf/type/__acl/man.rst
+++ b/cdist/conf/type/__acl/man.rst
@@ -8,50 +8,46 @@ cdist-type__acl - Set ACL entries
DESCRIPTION
-----------
-Fully supported and tested on Linux (ext4 filesystem), partial support for FreeBSD.
+ACL must be defined as 3-symbol combination, using ``r``, ``w``, ``x`` and ``-``.
+
+Fully supported on Linux (tested on Debian and CentOS).
+
+Partial support for FreeBSD, OSX and Solaris.
+
+OpenBSD and NetBSD support is not possible.
See ``setfacl`` and ``acl`` manpages for more details.
-REQUIRED MULTIPLE PARAMETERS
+OPTIONAL MULTIPLE PARAMETERS
----------------------------
-entry
- Set ACL entry following ``getfacl`` output syntax.
+user
+ Add user ACL entry.
+
+group
+ Add group ACL entry.
OPTIONAL PARAMETERS
-------------------
-source
- Read ACL entries from stdin or file.
- Ordering of entries is not important.
- When reading from file, comments and empty lines are ignored.
+mask
+ Add mask ACL entry.
-file
- Create/change file with ``__file`` using ``user:group:mode`` pattern.
-
-directory
- Create/change directory with ``__directory`` using ``user:group:mode`` pattern.
+other
+ Add other ACL entry.
BOOLEAN PARAMETERS
------------------
-default
- Set all ACL entries as default too.
- Only directories can have default ACLs.
- Setting default ACL in FreeBSD is currently not supported.
-
recursive
Make ``setfacl`` recursive (Linux only), but not ``getfacl`` in explorer.
+default
+ Add default ACL entries (FreeBSD not supported).
+
remove
- Remove undefined ACL entries.
- ``mask`` and ``other`` entries can't be removed, but only changed.
-
-
-DEPRECATED PARAMETERS
----------------------
-Parameters ``acl``, ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
-will be removed in future versions. Please use ``entry`` parameter instead.
+ Remove undefined ACL entries (Solaris not supported).
+ ACL entries for ``mask`` and ``other`` can't be removed.
EXAMPLES
@@ -60,41 +56,15 @@ EXAMPLES
.. code-block:: sh
__acl /srv/project \
- --default \
--recursive \
- --remove \
- --entry user:alice:rwx \
- --entry user:bob:r-x \
- --entry group:project-group:rwx \
- --entry group:some-other-group:r-x \
- --entry mask::r-x \
- --entry other::r-x
-
- # give Alice read-only access to subdir,
- # but don't allow her to see parent content.
-
- __acl /srv/project2 \
- --remove \
- --entry default:group:secret-project:rwx \
- --entry group:secret-project:rwx \
- --entry user:alice:--x
-
- __acl /srv/project2/subdir \
--default \
--remove \
- --entry group:secret-project:rwx \
- --entry user:alice:r-x
-
- # read acl from stdin
- echo 'user:alice:rwx' \
- | __acl /path/to/directory --source -
-
- # create/change directory too
- __acl /path/to/directory \
- --default \
- --remove \
- --directory root:root:770 \
- --entry user:nobody:rwx
+ --user alice:rwx \
+ --user bob:r-x \
+ --group project-group:rwx \
+ --group some-other-group:r-x \
+ --mask r-x \
+ --other r-x
AUTHORS
diff --git a/cdist/conf/type/__acl/manifest b/cdist/conf/type/__acl/manifest
deleted file mode 100755
index 5fd23110..00000000
--- a/cdist/conf/type/__acl/manifest
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh -e
-
-for p in file directory
-do
- [ ! -f "$__object/parameter/$p" ] && continue
-
- "__$p" "/$__object_id" \
- --owner "$( awk -F: '{print $1}' "$__object/parameter/$p" )" \
- --group "$( awk -F: '{print $2}' "$__object/parameter/$p" )" \
- --mode "$( awk -F: '{print $3}' "$__object/parameter/$p" )"
-done
diff --git a/cdist/conf/type/__acl/parameter/deprecated/acl b/cdist/conf/type/__acl/parameter/deprecated/acl
deleted file mode 100644
index 94e14159..00000000
--- a/cdist/conf/type/__acl/parameter/deprecated/acl
+++ /dev/null
@@ -1 +0,0 @@
-see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/group b/cdist/conf/type/__acl/parameter/deprecated/group
deleted file mode 100644
index 94e14159..00000000
--- a/cdist/conf/type/__acl/parameter/deprecated/group
+++ /dev/null
@@ -1 +0,0 @@
-see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/mask b/cdist/conf/type/__acl/parameter/deprecated/mask
deleted file mode 100644
index 94e14159..00000000
--- a/cdist/conf/type/__acl/parameter/deprecated/mask
+++ /dev/null
@@ -1 +0,0 @@
-see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/other b/cdist/conf/type/__acl/parameter/deprecated/other
deleted file mode 100644
index 94e14159..00000000
--- a/cdist/conf/type/__acl/parameter/deprecated/other
+++ /dev/null
@@ -1 +0,0 @@
-see manual for details
diff --git a/cdist/conf/type/__acl/parameter/deprecated/user b/cdist/conf/type/__acl/parameter/deprecated/user
deleted file mode 100644
index 94e14159..00000000
--- a/cdist/conf/type/__acl/parameter/deprecated/user
+++ /dev/null
@@ -1 +0,0 @@
-see manual for details
diff --git a/cdist/conf/type/__acl/parameter/optional b/cdist/conf/type/__acl/parameter/optional
index cdcbc0b8..4b32086b 100644
--- a/cdist/conf/type/__acl/parameter/optional
+++ b/cdist/conf/type/__acl/parameter/optional
@@ -1,5 +1,2 @@
mask
other
-source
-file
-directory
diff --git a/cdist/conf/type/__acl/parameter/optional_multiple b/cdist/conf/type/__acl/parameter/optional_multiple
index c615d507..22f5a52c 100644
--- a/cdist/conf/type/__acl/parameter/optional_multiple
+++ b/cdist/conf/type/__acl/parameter/optional_multiple
@@ -1,4 +1,2 @@
-entry
-acl
user
group
diff --git a/cdist/conf/type/__apt_key/explorer/state b/cdist/conf/type/__apt_key/explorer/state
index 38f1bd3c..f7940741 100755
--- a/cdist/conf/type/__apt_key/explorer/state
+++ b/cdist/conf/type/__apt_key/explorer/state
@@ -27,18 +27,6 @@ else
keyid="$__object_id"
fi
-keydir="$(cat "$__object/parameter/keydir")"
-keyfile="$keydir/$__object_id.gpg"
-
-if [ -d "$keydir" ]
-then
- if [ -f "$keyfile" ]
- then echo present
- else echo absent
- fi
-else
- # fallback to deprecated apt-key
- apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
- && echo present \
- || echo absent
-fi
+apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
+ && echo present \
+ || echo absent
diff --git a/cdist/conf/type/__apt_key/gencode-remote b/cdist/conf/type/__apt_key/gencode-remote
index 0c96ff67..9c4fa00c 100755
--- a/cdist/conf/type/__apt_key/gencode-remote
+++ b/cdist/conf/type/__apt_key/gencode-remote
@@ -31,82 +31,12 @@ if [ "$state_should" = "$state_is" ]; then
exit 0
fi
-keydir="$(cat "$__object/parameter/keydir")"
-keyfile="$keydir/$__object_id.gpg"
-
case "$state_should" in
present)
keyserver="$(cat "$__object/parameter/keyserver")"
-
- if [ -f "$__object/parameter/uri" ]; then
- uri="$(cat "$__object/parameter/uri")"
-
- if [ -d "$keydir" ]; then
- cat << EOF
-
-curl -s -L \\
- -o "$keyfile" \\
- "$uri"
-
-key="\$( cat "$keyfile" )"
-
-if echo "\$key" | grep -Fq 'BEGIN PGP PUBLIC KEY BLOCK'
-then
- echo "\$key" | gpg --dearmor > "$keyfile"
-fi
-
-EOF
- else
- # fallback to deprecated apt-key
- echo "curl -s -L '$uri' | apt-key add -"
- fi
- elif [ -d "$keydir" ]; then
- # we need to kill gpg after 30 seconds, because gpg
- # can get stuck if keyserver is not responding.
- # exporting env var and not exit 1,
- # because we need to clean up and kill dirmngr.
- cat << EOF
-
-gpgtmphome="\$( mktemp -d )"
-
-if timeout 30s \\
- gpg --homedir "\$gpgtmphome" \\
- --keyserver "$keyserver" \\
- --recv-keys "$keyid"
-then
- gpg --homedir "\$gpgtmphome" \\
- --export "$keyid" \\
- > "$keyfile"
-else
- export GPG_GOT_STUCK=1
-fi
-
-GNUPGHOME="\$gpgtmphome" gpgconf --kill dirmngr
-
-rm -rf "\$gpgtmphome"
-
-if [ -n "\$GPG_GOT_STUCK" ]
-then
- echo "GPG GOT STUCK - no response from keyserver after 30 seconds" >&2
- exit 1
-fi
-
-EOF
- else
- # fallback to deprecated apt-key
- echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
- fi
-
- echo "added '$keyid'" >> "$__messages_out"
+ echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
;;
absent)
- if [ -f "$keyfile" ]; then
- echo "rm '$keyfile'"
- else
- # fallback to deprecated apt-key
- echo "apt-key del \"$keyid\""
- fi
-
- echo "removed '$keyid'" >> "$__messages_out"
+ echo "apt-key del \"$keyid\""
;;
esac
diff --git a/cdist/conf/type/__apt_key/man.rst b/cdist/conf/type/__apt_key/man.rst
index 234bc715..9009877e 100644
--- a/cdist/conf/type/__apt_key/man.rst
+++ b/cdist/conf/type/__apt_key/man.rst
@@ -28,12 +28,6 @@ keyserver
the keyserver from which to fetch the key. If omitted the default set
in ./parameter/default/keyserver is used.
-keydir
- key save location, defaults to ``/etc/apt/trusted.pgp.d``
-
-uri
- the URI from which to download the key
-
EXAMPLES
--------
@@ -53,20 +47,15 @@ EXAMPLES
# same thing with other keyserver
__apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
- # download key from the internet
- __apt_key rabbitmq \
- --uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
-
AUTHORS
-------
Steven Armstrong
-Ander Punnar
COPYING
-------
-Copyright \(C) 2011-2019 Steven Armstrong and Ander Punnar. You can
-redistribute it and/or modify it under the terms of the GNU General Public
-License as published by the Free Software Foundation, either version 3 of the
+Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
diff --git a/cdist/conf/type/__apt_key/manifest b/cdist/conf/type/__apt_key/manifest
deleted file mode 100755
index 010357cd..00000000
--- a/cdist/conf/type/__apt_key/manifest
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh -e
-
-__package gnupg
-
-if [ -f "$__object/parameter/uri" ]
-then __package curl
-else __package dirmngr
-fi
diff --git a/cdist/conf/type/__apt_key/parameter/default/keydir b/cdist/conf/type/__apt_key/parameter/default/keydir
deleted file mode 100644
index 190eb2de..00000000
--- a/cdist/conf/type/__apt_key/parameter/default/keydir
+++ /dev/null
@@ -1 +0,0 @@
-/etc/apt/trusted.gpg.d
diff --git a/cdist/conf/type/__apt_key/parameter/optional b/cdist/conf/type/__apt_key/parameter/optional
index de647375..18cf2586 100644
--- a/cdist/conf/type/__apt_key/parameter/optional
+++ b/cdist/conf/type/__apt_key/parameter/optional
@@ -1,5 +1,3 @@
state
keyid
keyserver
-keydir
-uri
diff --git a/cdist/conf/type/__apt_unattended_upgrades/man.rst b/cdist/conf/type/__apt_unattended_upgrades/man.rst
deleted file mode 100644
index 2231b5f9..00000000
--- a/cdist/conf/type/__apt_unattended_upgrades/man.rst
+++ /dev/null
@@ -1,68 +0,0 @@
-cdist-type__apt_unattended_upgrades(7)
-======================================
-
-NAME
-----
-cdist-type__apt_unattended_upgrades - automatic installation of updates
-
-
-DESCRIPTION
------------
-
-Install and configure unattended-upgrades package.
-
-For more information see https://wiki.debian.org/UnattendedUpgrades.
-
-
-OPTIONAL MULTIPLE PARAMETERS
-----------------------------
-option
- Set options for unattended-upgrades. See examples.
-
- Supported options with default values (as of 2020-01-17) are:
-
- - AutoFixInterruptedDpkg, default is "true"
- - MinimalSteps, default is "true"
- - InstallOnShutdown, default is "false"
- - Mail, default is "" (empty)
- - MailOnlyOnError, default is "false"
- - Remove-Unused-Kernel-Packages, default is "true"
- - Remove-New-Unused-Dependencies, default is "true"
- - Remove-Unused-Dependencies, default is "false"
- - Automatic-Reboot, default is "false"
- - Automatic-Reboot-WithUsers, default is "true"
- - Automatic-Reboot-Time, default is "02:00"
- - SyslogEnable, default is "false"
- - SyslogFacility, default is "daemon"
- - OnlyOnACPower, default is "true"
- - Skip-Updates-On-Metered-Connections, default is "true"
- - Verbose, default is "false"
- - Debug, default is "false"
-
-blacklist
- Python regular expressions, matching packages to exclude from upgrading.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- __apt_unattended_upgrades \
- --option Mail=root \
- --option MailOnlyOnError=true \
- --blacklist multipath-tools \
- --blacklist open-iscsi
-
-
-AUTHORS
--------
-Ander Punnar
-
-
-COPYING
--------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
diff --git a/cdist/conf/type/__apt_unattended_upgrades/manifest b/cdist/conf/type/__apt_unattended_upgrades/manifest
deleted file mode 100755
index 3c00e2f4..00000000
--- a/cdist/conf/type/__apt_unattended_upgrades/manifest
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-__package unattended-upgrades
-
-export require='__package/unattended-upgrades'
-
-# in normal circumstances 20auto-upgrades is managed
-# by debconf and it can only contain these lines
-
-__file /etc/apt/apt.conf.d/20auto-upgrades \
- --owner root \
- --group root \
- --mode 644 \
- --source - << EOF
-APT::Periodic::Update-Package-Lists "1";
-APT::Periodic::Unattended-Upgrade "1";
-EOF
-
-# lets not write into upstream 50unattended-upgrades file,
-# but use our own config file to avoid clashes
-
-conf_file='/etc/apt/apt.conf.d/51unattended-upgrades-cdist'
-
-conf='# this file is managed by cdist'
-
-if [ -f "$__object/parameter/option" ]
-then
- o=''
-
- while read -r l
- do
- o="$( printf '%s\nUnattended-Upgrade::%s "%s";\n' "$o" "${l%%=*}" "${l#*=}" )"
- done \
- < "$__object/parameter/option"
-
- conf="$( printf '%s\n%s\n' "$conf" "$o" )"
-fi
-
-if [ -f "$__object/parameter/blacklist" ]
-then
- b='Unattended-Upgrade::Package-Blacklist {'
-
- while read -r l
- do
- b="$( printf '%s\n"%s";\n' "$b" "$l" )"
- done \
- < "$__object/parameter/blacklist"
-
- conf="$( printf '%s\n%s\n}\n' "$conf" "$b" )"
-fi
-
-if [ "$( echo "$conf" | wc -l )" -gt 1 ]
-then
- echo "$conf" \
- | __file "$conf_file" \
- --owner root \
- --group root \
- --mode 644 \
- --source -
-else
- __file "$conf_file" --state absent
-fi
diff --git a/cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple b/cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple
deleted file mode 100644
index ea4fba2b..00000000
--- a/cdist/conf/type/__apt_unattended_upgrades/parameter/optional_multiple
+++ /dev/null
@@ -1,2 +0,0 @@
-option
-blacklist
diff --git a/cdist/conf/type/__apt_unattended_upgrades/singleton b/cdist/conf/type/__apt_unattended_upgrades/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__block/gencode-remote b/cdist/conf/type/__block/gencode-remote
index 1f5cc033..f269c785 100755
--- a/cdist/conf/type/__block/gencode-remote
+++ b/cdist/conf/type/__block/gencode-remote
@@ -18,11 +18,6 @@
# along with cdist. If not, see .
#
-# quote function from http://www.etalabs.net/sh_tricks.html
-quote() {
- printf '%s\n' "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/"
-}
-
file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
state_should=$(cat "$__object/parameter/state")
prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
@@ -51,7 +46,7 @@ tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
if [ -f "$file" ]; then
cp -p "$file" "\$tmpfile"
fi
-awk -v prefix=^$(quote "$prefix")\$ -v suffix=^$(quote "$suffix")\$ '
+awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '
{
if (match(\$0,prefix)) {
triggered=1
diff --git a/cdist/conf/type/__cdist/man.rst b/cdist/conf/type/__cdist/man.rst
index be082781..9e1c72cb 100644
--- a/cdist/conf/type/__cdist/man.rst
+++ b/cdist/conf/type/__cdist/man.rst
@@ -30,7 +30,7 @@ username
source
Select the source from which to clone cdist from.
- Defaults to "git@code.ungleich.ch:ungleich-public/cdist.git".
+ Defaults to "git://github.com/ungleich/cdist.git".
branch
@@ -47,7 +47,7 @@ EXAMPLES
__cdist /home/cdist/cdist
# Use alternative source
- __cdist --source "git@code.ungleich.ch:ungleich-public/cdist.git" /home/cdist/cdist
+ __cdist --source "git://github.com/ungleich/cdist" /home/cdist/cdist
AUTHORS
diff --git a/cdist/conf/type/__cdist/manifest b/cdist/conf/type/__cdist/manifest
index 0b0f1263..a97cf288 100755
--- a/cdist/conf/type/__cdist/manifest
+++ b/cdist/conf/type/__cdist/manifest
@@ -37,7 +37,6 @@ source="$(cat "$__object/parameter/source")"
# out of it
home=/home/$username
-# shellcheck disable=SC2086
__user "$username" --home "$home" $shell
require="__user/$username" __directory "$home" \
diff --git a/cdist/conf/type/__cdist/parameter/default/source b/cdist/conf/type/__cdist/parameter/default/source
index 1ad3a250..3f8e31ad 100644
--- a/cdist/conf/type/__cdist/parameter/default/source
+++ b/cdist/conf/type/__cdist/parameter/default/source
@@ -1 +1 @@
-git@code.ungleich.ch:ungleich-public/cdist.git
+git://github.com/ungleich/cdist.git
diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/cksum b/cdist/conf/type/__consul/files/versions/1.5.0/cksum
deleted file mode 100644
index efca9caa..00000000
--- a/cdist/conf/type/__consul/files/versions/1.5.0/cksum
+++ /dev/null
@@ -1 +0,0 @@
-886614099 103959898 consul
diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/source b/cdist/conf/type/__consul/files/versions/1.5.0/source
deleted file mode 100644
index cafa9248..00000000
--- a/cdist/conf/type/__consul/files/versions/1.5.0/source
+++ /dev/null
@@ -1 +0,0 @@
-https://releases.hashicorp.com/consul/1.5.0/consul_1.5.0_linux_amd64.zip
diff --git a/cdist/conf/type/__consul/gencode-remote b/cdist/conf/type/__consul/gencode-remote
index 2a21054f..1d2244ea 100755
--- a/cdist/conf/type/__consul/gencode-remote
+++ b/cdist/conf/type/__consul/gencode-remote
@@ -42,7 +42,7 @@ source_file_name="${source##*/}"
cksum_should=$(cut -d' ' -f1,2 "$version_dir/cksum")
cat << eof
- tmpdir=\$(mktemp -d -p /tmp "${__type##*/}.XXXXXXXXXX")
+ tmpdir=\$(mktemp -d --tmpdir="/tmp" "${__type##*/}.XXXXXXXXXX")
curl -s -L "$source" > "\$tmpdir/$source_file_name"
unzip -p "\$tmpdir/$source_file_name" > "${destination}.tmp"
rm -rf "\$tmpdir"
diff --git a/cdist/conf/type/__consul/manifest b/cdist/conf/type/__consul/manifest
index 156eb667..0dd50f53 100755
--- a/cdist/conf/type/__consul/manifest
+++ b/cdist/conf/type/__consul/manifest
@@ -24,7 +24,7 @@
os=$(cat "$__global/explorer/os")
case "$os" in
- alpine|scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
+ scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
# any linux should work
:
;;
@@ -47,7 +47,6 @@ fi
if [ -f "$__object/parameter/direct" ]; then
__package unzip
- __package curl
else
__staged_file /usr/local/bin/consul \
--source "$(cat "$version_dir/source")" \
diff --git a/cdist/conf/type/__consul_agent/files/consul.sys-openrc b/cdist/conf/type/__consul_agent/files/consul.sys-openrc
deleted file mode 100644
index 1dbe9375..00000000
--- a/cdist/conf/type/__consul_agent/files/consul.sys-openrc
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/sbin/openrc-run
-# 2019 Nico Schottelius (nico-cdist at schottelius.org)
-
-description="consul agent"
-
-pidfile="${CONSUL_PIDFILE:-"/var/run/$RC_SVCNAME/pidfile"}"
-command="${CONSUL_BINARY:-"/usr/local/bin/consul"}"
-
-
-checkconfig() {
- if [ ! -d /var/run/consul ] ; then
- mkdir -p /var/run/consul || return 1
- chown consul:consul /var/run/$NAME || return 1
- chmod 2770 /var/run/$NAME || return 1
- fi
-}
-
-start() {
- need net
-
- start-stop-daemon --start --quiet --oknodo \
- --pidfile "$pidfile" --background \
- --exec $command -- agent -pid-file="$pidfile" -config-dir /etc/consul/conf.d
-}
-start_pre() {
- checkconfig
-}
-
-stop() {
- if [ "${RC_CMD}" = "restart" ] ; then
- checkconfig || return 1
- fi
-
- ebegin "Stopping $RC_SVCNAME"
- start-stop-daemon --stop --exec "$command" \
- --pidfile "$pidfile" --quiet
- eend $?
-}
diff --git a/cdist/conf/type/__consul_agent/man.rst b/cdist/conf/type/__consul_agent/man.rst
index 62ee70bb..966abc60 100644
--- a/cdist/conf/type/__consul_agent/man.rst
+++ b/cdist/conf/type/__consul_agent/man.rst
@@ -116,9 +116,6 @@ verify-incoming
verify-outgoing
enforce the use of TLS and verify the peers authenticity on outgoing connections
-use-distribution-package
- uses distribution package instead of upstream binary
-
EXAMPLES
--------
diff --git a/cdist/conf/type/__consul_agent/manifest b/cdist/conf/type/__consul_agent/manifest
index 7b54529c..c48bfe85 100755
--- a/cdist/conf/type/__consul_agent/manifest
+++ b/cdist/conf/type/__consul_agent/manifest
@@ -1,8 +1,7 @@
#!/bin/sh -e
#
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2015-2020 Nico Schottelius (nico-cdist at schottelius.org)
-# 2019 Timothée Floure (timothee.floure at ungleich.ch)
+# 2015 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -20,87 +19,133 @@
# along with cdist. If not, see .
#
+
os=$(cat "$__global/explorer/os")
-###
-# Type parameters.
+case "$os" in
+ scientific|centos|debian|devuan|redhat|ubuntu)
+ # whitelist safeguard
+ :
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
state="$(cat "$__object/parameter/state")"
user="$(cat "$__object/parameter/user")"
group="$(cat "$__object/parameter/group")"
-release=$(cat "$__global/explorer/lsb_release")
-if [ -f "$__object/parameter/use-distribution-package" ]; then
- use_distribution_package=1
-fi
-
-###
-# Those are default that might be overriden by os-specific logic.
-
data_dir="/var/lib/consul"
+conf_dir="/etc/consul/conf.d"
+conf_file="config.json"
-
-
-tls_dir="$conf_dir/tls"
-
-case "$os" in
- alpine)
- conf_dir="/etc/consul"
- conf_file="server.json"
- ;;
- *)
- conf_dir="/etc/consul/conf.d"
- conf_file="config.json"
- ;;
+# FIXME: there has got to be a better way to handle the dependencies in this case
+case "$state" in
+ present)
+ __group "$group" --system --state "$state"
+ require="__group/$group" \
+ __user "$user" --system --gid "$group" \
+ --home "$data_dir" --state "$state"
+ export require="__user/consul"
+ ;;
+ absent)
+ echo "Sorry, state=absent currently not supported :-(" >&2
+ exit 1
+ require="$__object_name" \
+ __user "$user" --system --gid "$group" --state "$state"
+ require="__user/$user" \
+ __group "$group" --system --state "$state"
+ ;;
esac
-###
-# Sane deployment, based on distribution package when available.
+__directory /etc/consul \
+ --owner root --group "$group" --mode 750 --state "$state"
+require="__directory/etc/consul" \
+ __directory "$conf_dir" \
+ --owner root --group "$group" --mode 750 --state "$state"
-distribution_setup () {
- case "$os" in
- debian)
- # consul is only available starting Debian 10 (buster).
- # See https://packages.debian.org/buster/consul
- if [ "$release" -lt 10 ]; then
- echo "Consul is not available for your debian release." >&2
- echo "Please use the 'manual' (i.e. non-package) installation or \
- upgrade the target system." >&2
- exit 1
- fi
+if [ -f "$__object/parameter/ca-file-source" ] || [ -f "$__object/parameter/cert-file-source" ] || [ -f "$__object/parameter/key-file-source" ]; then
+ # create directory for ssl certs
+ require="__directory/etc/consul" \
+ __directory /etc/consul/ssl \
+ --owner root --group "$group" --mode 750 --state "$state"
+fi
- # Override previously defined environment to match debian packaging.
- conf_dir='/etc/consul.d'
- user='consul'
- group='consul'
- ;;
- alpine)
- # consul is only available starting Alpine 3.12 (= edge during the 3.11 cycle).
- # See https://pkgs.alpinelinux.org/packages?name=consul&branch=edge
+__directory "$data_dir" \
+ --owner "$user" --group "$group" --mode 770 --state "$state"
- # Override previously defined environment to match alpine packaging.
- conf_dir='/etc/consul'
- conf_file='server.json'
- data_dir='/var/consul'
- user='consul'
- group='consul'
- ;;
- *)
- echo "Your operating system ($os) is currently not supported with the \
- --use-distribution-package flag (${__type##*/})." >&2
- echo "Please use non-package installation or contribute an \
- implementation for if you can." >&2
- exit 1
- ;;
- esac
- # Install consul package.
- __package consul --state "$state"
+# Generate json config file
+(
+echo "{"
- export config_deployment_requires="__package/consul"
-}
+# parameters we define ourself
+printf ' "data_dir": "%s"\n' "$data_dir"
-###
-# LEGACY manual deployment, kept for compatibility reasons.
+cd "$__object/parameter/"
+for param in *; do
+ case "$param" in
+ state|user|group|json-config) continue ;;
+ ca-file-source|cert-file-source|key-file-source)
+ source="$(cat "$__object/parameter/$param")"
+ destination="/etc/consul/ssl/${source##*/}"
+ require="__directory/etc/consul/ssl" \
+ __file "$destination" \
+ --owner root --group consul --mode 640 \
+ --source "$source" \
+ --state "$state"
+ key="$(echo "${param%-*}" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$destination"
+ ;;
+ disable-remote-exec|disable-update-check|leave-on-terminate|rejoin-after-leave|server|enable-syslog|verify-incoming|verify-outgoing)
+ # handle boolean parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": true\n' "$key"
+ ;;
+ retry-join)
+ # join multiple parameters into json array
+ retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
+ # remove trailing ,
+ printf ' ,"retry_join": [%s]\n' "${retry_join%*,}"
+ ;;
+ retry-join-wan)
+ # join multiple parameters into json array over wan
+ retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
+ # remove trailing ,
+ printf ' ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
+ ;;
+ bootstrap-expect)
+ # integer key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ *)
+ # string key=value parameters
+ key="$(echo "$param" | tr '-' '_')"
+ printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
+ ;;
+ esac
+done
+if [ -f "$__object/parameter/json-config" ]; then
+ json_config="$(cat "$__object/parameter/json-config")"
+ if [ "$json_config" = "-" ]; then
+ json_config="$__object/stdin"
+ fi
+ # remove leading and trailing whitespace and commas from first and last line
+ # indent each line with 3 spaces for consistency
+ json=$(sed -e 's/^[ \t]*/ /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
+ printf ' ,%s\n' "$json"
+fi
+echo "}"
+) | \
+require="__directory${conf_dir}" \
+ __config_file "${conf_dir}/${conf_file}" \
+ --owner root --group "$group" --mode 640 \
+ --state "$state" \
+ --onchange 'service consul status >/dev/null && service consul reload || true' \
+ --source -
init_sysvinit()
{
@@ -134,186 +179,48 @@ init_upstart()
require="__file/etc/init/consul.conf" __start_on_boot consul
}
-manual_setup () {
- case "$os" in
- alpine|scientific|centos|debian|devuan|redhat|ubuntu)
- # whitelist safeguard
- :
- ;;
- *)
- echo "Your operating system ($os) is currently not supported by this \
- type (${__type##*/})." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
- ;;
- esac
+# Install init script to start on boot
+case "$os" in
+ centos|redhat)
+ os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
+ major_version="${os_version%%.*}"
+ case "$major_version" in
+ [456])
+ init_sysvinit redhat
+ ;;
+ 7)
+ init_systemd
+ ;;
+ *)
+ echo "Unsupported CentOS/Redhat version: $os_version" >&2
+ exit 1
+ ;;
+ esac
+ ;;
- # FIXME: there has got to be a better way to handle the dependencies in this case
- case "$state" in
- present)
- __group "$group" --system --state "$state"
- require="__group/$group" __user "$user" \
- --system --gid "$group" --home "$data_dir" --state "$state"
- ;;
- *)
- echo "The $state state is not (yet?) supported by this type." >&2
- exit 1
- ;;
- esac
+ debian)
+ os_version=$(cat "$__global/explorer/os_version")
+ major_version="${os_version%%.*}"
- # Create data directory.
- require="__user/consul" __directory "$data_dir" \
- --owner "$user" --group "$group" --mode 770 --state "$state"
+ case "$major_version" in
+ [567])
+ init_sysvinit debian
+ ;;
+ [89])
+ init_systemd
+ ;;
+ *)
+ echo "Unsupported Debian version $os_version" >&2
+ exit 1
+ ;;
+ esac
+ ;;
- # Create config directory.
- require="__user/consul" __directory "$conf_dir" \
- --parents --owner root --group "$group" --mode 750 --state "$state"
+ devuan)
+ init_sysvinit debian
+ ;;
- # Install init script to start on boot
- case "$os" in
- devuan)
- init_sysvinit debian
- ;;
- centos|redhat)
- os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
- major_version="${os_version%%.*}"
- case "$major_version" in
- [456])
- init_sysvinit redhat
- ;;
- 7)
- init_systemd
- ;;
- *)
- echo "Unsupported CentOS/Redhat version: $os_version" >&2
- exit 1
- ;;
- esac
- ;;
-
- debian)
- os_version=$(cat "$__global/explorer/os_version")
- major_version="${os_version%%.*}"
-
- case "$major_version" in
- [567])
- init_sysvinit debian
- ;;
- [89]|10)
- init_systemd
- ;;
- *)
- echo "Unsupported Debian version $os_version" >&2
- exit 1
- ;;
- esac
- ;;
-
- ubuntu)
- init_upstart
- ;;
- esac
-
- config_deployment_requires="__user/consul __directory/$conf_dir"
-}
-
-###
-# Trigger requested installation method.
-if [ $use_distribution_package ]; then
- distribution_setup
-else
- manual_setup
-fi
-
-###
-# Install TLS certificates.
-
-if [ -f "$__object/parameter/ca-file-source" ] || \
- [ -f "$__object/parameter/cert-file-source" ] || \
- [ -f "$__object/parameter/key-file-source" ]; then
-
- requires="$config_deployment_requires" __directory "$tls_dir" \
- --owner root --group "$group" --mode 750 --state "$state"
-
- # Append to service restart requirements.
- restart_requires="$restart_requires __directory/$conf_dir/tls"
-fi
-
-###
-# Generate and deploy configuration.
-
-json_configuration=$(
- echo "{"
-
- # parameters we define ourself
- printf ' "data_dir": "%s"\n' "$data_dir"
-
- cd "$__object/parameter/"
- for param in *; do
- case "$param" in
- state|user|group|json-config|use-distribution-package) continue ;;
- ca-file-source|cert-file-source|key-file-source)
- source="$(cat "$__object/parameter/$param")"
- destination="$tls_dir/${source##*/}"
- require="__directory/$tls_dir" \
- __file "$destination" \
- --owner root --group consul --mode 640 \
- --source "$source" \
- --state "$state"
- key="$(echo "${param%-*}" | tr '-' '_')"
- printf ' ,"%s": "%s"\n' "$key" "$destination"
- ;;
- disable-remote-exec|disable-update-check|leave-on-terminate\
- |rejoin-after-leave|server|enable-syslog|verify-incoming|verify-outgoing)
- # handle boolean parameters
- key="$(echo "$param" | tr '-' '_')"
- printf ' ,"%s": true\n' "$key"
- ;;
- retry-join)
- # join multiple parameters into json array
- retry_join="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join")"
- # remove trailing ,
- printf ' ,"retry_join": [%s]\n' "${retry_join%*,}"
- ;;
- retry-join-wan)
- # join multiple parameters into json array over wan
- retry_join_wan="$(awk '{printf "\""$1"\","}' "$__object/parameter/retry-join-wan")"
- # remove trailing ,
- printf ' ,"retry_join_wan": [%s]\n' "${retry_join_wan%*,}"
- ;;
- bootstrap-expect)
- # integer key=value parameters
- key="$(echo "$param" | tr '-' '_')"
- printf ' ,"%s": %s\n' "$key" "$(cat "$__object/parameter/$param")"
- ;;
- *)
- # string key=value parameters
- key="$(echo "$param" | tr '-' '_')"
- printf ' ,"%s": "%s"\n' "$key" "$(cat "$__object/parameter/$param")"
- ;;
- esac
- done
- if [ -f "$__object/parameter/json-config" ]; then
- json_config="$(cat "$__object/parameter/json-config")"
- if [ "$json_config" = "-" ]; then
- json_config="$__object/stdin"
- fi
- # remove leading and trailing whitespace and commas from first and last line
- # indent each line with 3 spaces for consistency
- json=$(sed -e 's/^[ \t]*/ /' -e '1s/^[ \t,]*//' -e '$s/[ \t,]*$//' "$json_config")
- printf ' ,%s\n' "$json"
- fi
- echo "}"
-)
-echo "$json_configuration" | require="$config_deployment_requires" \
- __file "$conf_dir/$conf_file" \
- --owner root --group "$group" --mode 640 \
- --state "$state" \
- --source -
-
-# Set configuration deployment as requirement for service restart.
-restart_requires="__file/$conf_dir/$conf_file"
-
-###
-# Restart consul agent after everything else.
-require="$restart_requires" __service consul --action restart
+ ubuntu)
+ init_upstart
+ ;;
+esac
diff --git a/cdist/conf/type/__consul_agent/parameter/boolean b/cdist/conf/type/__consul_agent/parameter/boolean
index c86853c3..91f7f17e 100644
--- a/cdist/conf/type/__consul_agent/parameter/boolean
+++ b/cdist/conf/type/__consul_agent/parameter/boolean
@@ -6,4 +6,3 @@ server
enable-syslog
verify-incoming
verify-outgoing
-use-distribution-package
diff --git a/cdist/conf/type/__consul_check/explorer/conf-dir b/cdist/conf/type/__consul_check/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_check/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_check/manifest b/cdist/conf/type/__consul_check/manifest
index 522aa1a9..c9f7add9 100755
--- a/cdist/conf/type/__consul_check/manifest
+++ b/cdist/conf/type/__consul_check/manifest
@@ -19,7 +19,7 @@
#
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="check_${name}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_service/explorer/conf-dir b/cdist/conf/type/__consul_service/explorer/conf-dir
deleted file mode 100644
index 0fc9ef84..00000000
--- a/cdist/conf/type/__consul_service/explorer/conf-dir
+++ /dev/null
@@ -1,15 +0,0 @@
-# Determine the configuration directory used by consul.
-
-check_dir () {
- if [ -d "$1" ]; then
- printf '%s' "$1"
- exit
- fi
-}
-
-check_dir '/etc/consul/conf.d'
-check_dir '/etc/consul.d'
-check_dir '/etc/consul'
-
-echo 'Could not determine consul configuration dir. Exiting.' >&2
-exit 1
diff --git a/cdist/conf/type/__consul_service/manifest b/cdist/conf/type/__consul_service/manifest
index d16f18e0..60397db7 100755
--- a/cdist/conf/type/__consul_service/manifest
+++ b/cdist/conf/type/__consul_service/manifest
@@ -19,7 +19,7 @@
#
name="$(cat "$__object/parameter/name" 2>/dev/null || echo "$__object_id")"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="service_${name}.json"
state="$(cat "$__object/parameter/state")"
@@ -45,7 +45,7 @@ printf ' "name": "%s"\n' "$name"
cd "$__object/parameter/"
for param in *; do
case "$param" in
- state|name|check-interval|conf-dir) continue ;;
+ state|name|check-interval) continue ;;
check-script)
printf ' ,"check": {\n'
printf ' "script": "%s"\n' "$(cat "$__object/parameter/check-script")"
@@ -86,6 +86,7 @@ echo " }"
# end json file
echo "}"
) | \
+require="__directory${conf_dir}" \
__config_file "${conf_dir}/${conf_file}" \
--owner root --group consul --mode 640 \
--state "$state" \
diff --git a/cdist/conf/type/__consul_watch_checks/explorer/conf-dir b/cdist/conf/type/__consul_watch_checks/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_checks/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_checks/manifest b/cdist/conf/type/__consul_watch_checks/manifest
index 4976b25a..5fdd7a74 100755
--- a/cdist/conf/type/__consul_watch_checks/manifest
+++ b/cdist/conf/type/__consul_watch_checks/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_watch_event/explorer/conf-dir b/cdist/conf/type/__consul_watch_event/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_event/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_event/manifest b/cdist/conf/type/__consul_watch_event/manifest
index b17680c1..61934656 100755
--- a/cdist/conf/type/__consul_watch_event/manifest
+++ b/cdist/conf/type/__consul_watch_event/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_watch_key/explorer/conf-dir b/cdist/conf/type/__consul_watch_key/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_key/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_key/manifest b/cdist/conf/type/__consul_watch_key/manifest
index b17680c1..61934656 100755
--- a/cdist/conf/type/__consul_watch_key/manifest
+++ b/cdist/conf/type/__consul_watch_key/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir b/cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_keyprefix/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_keyprefix/manifest b/cdist/conf/type/__consul_watch_keyprefix/manifest
index b17680c1..61934656 100755
--- a/cdist/conf/type/__consul_watch_keyprefix/manifest
+++ b/cdist/conf/type/__consul_watch_keyprefix/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_watch_nodes/explorer/conf-dir b/cdist/conf/type/__consul_watch_nodes/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_nodes/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_nodes/manifest b/cdist/conf/type/__consul_watch_nodes/manifest
index b17680c1..61934656 100755
--- a/cdist/conf/type/__consul_watch_nodes/manifest
+++ b/cdist/conf/type/__consul_watch_nodes/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_watch_service/explorer/conf-dir b/cdist/conf/type/__consul_watch_service/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_service/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_service/manifest b/cdist/conf/type/__consul_watch_service/manifest
index e8d18328..db38eb18 100755
--- a/cdist/conf/type/__consul_watch_service/manifest
+++ b/cdist/conf/type/__consul_watch_service/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__consul_watch_services/explorer/conf-dir b/cdist/conf/type/__consul_watch_services/explorer/conf-dir
deleted file mode 120000
index daa712c3..00000000
--- a/cdist/conf/type/__consul_watch_services/explorer/conf-dir
+++ /dev/null
@@ -1 +0,0 @@
-../../__consul_service/explorer/conf-dir
\ No newline at end of file
diff --git a/cdist/conf/type/__consul_watch_services/manifest b/cdist/conf/type/__consul_watch_services/manifest
index b17680c1..61934656 100755
--- a/cdist/conf/type/__consul_watch_services/manifest
+++ b/cdist/conf/type/__consul_watch_services/manifest
@@ -20,7 +20,7 @@
cdist_type="${__type##*/}"
watch_type="${cdist_type##*_}"
-conf_dir=$(cat "$__object/explorer/conf-dir")
+conf_dir="/etc/consul/conf.d"
conf_file="watch_${watch_type}_${__object_id}.json"
state="$(cat "$__object/parameter/state")"
diff --git a/cdist/conf/type/__cron/gencode-remote b/cdist/conf/type/__cron/gencode-remote
index 9debbc47..59398058 100755
--- a/cdist/conf/type/__cron/gencode-remote
+++ b/cdist/conf/type/__cron/gencode-remote
@@ -31,28 +31,24 @@ if [ -f "$__object/parameter/raw" ]; then
elif [ -f "$__object/parameter/raw_command" ]; then
entry="$command"
else
- minute="$(cat "$__object/parameter/minute")"
- hour="$(cat "$__object/parameter/hour")"
- day_of_month="$(cat "$__object/parameter/day_of_month")"
- month="$(cat "$__object/parameter/month")"
- day_of_week="$(cat "$__object/parameter/day_of_week")"
+ minute="$(cat "$__object/parameter/minute" 2>/dev/null || echo "*")"
+ hour="$(cat "$__object/parameter/hour" 2>/dev/null || echo "*")"
+ day_of_month="$(cat "$__object/parameter/day_of_month" 2>/dev/null || echo "*")"
+ month="$(cat "$__object/parameter/month" 2>/dev/null || echo "*")"
+ day_of_week="$(cat "$__object/parameter/day_of_week" 2>/dev/null || echo "*")"
entry="$minute $hour $day_of_month $month $day_of_week $command # $name"
fi
mkdir "$__object/files"
echo "$entry" > "$__object/files/entry"
-if [ -s "$__object/explorer/entry" ]; then
- if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
- state_is=present
- else
- state_is=modified
- fi
+if diff -q "$__object/files/entry" "$__object/explorer/entry" >/dev/null; then
+ state_is=present
else
state_is=absent
fi
-state_should="$(cat "$__object/parameter/state")"
+state_should="$(cat "$__object/parameter/state" 2>/dev/null || echo "present")"
[ "$state_is" = "$state_should" ] && exit 0
diff --git a/cdist/conf/type/__cron/manifest b/cdist/conf/type/__cron/manifest
index e7b51863..53973e07 100755
--- a/cdist/conf/type/__cron/manifest
+++ b/cdist/conf/type/__cron/manifest
@@ -22,12 +22,3 @@ if [ -f "$__object/parameter/raw" ] && [ -f "$__object/parameter/raw_command" ];
echo "ERROR: both raw and raw_command specified" >&2
exit 1
fi
-
-case "$(cat "$__object/parameter/state")" in
- present) ;;
- absent) ;;
-
- *)
- echo "ERROR: unkown cron state" >&2
- exit 2
-esac
diff --git a/cdist/conf/type/__cron/nonparallel b/cdist/conf/type/__cron/nonparallel
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__cron/parameter/default/day_of_month b/cdist/conf/type/__cron/parameter/default/day_of_month
deleted file mode 100644
index 72e8ffc0..00000000
--- a/cdist/conf/type/__cron/parameter/default/day_of_month
+++ /dev/null
@@ -1 +0,0 @@
-*
diff --git a/cdist/conf/type/__cron/parameter/default/day_of_week b/cdist/conf/type/__cron/parameter/default/day_of_week
deleted file mode 100644
index 72e8ffc0..00000000
--- a/cdist/conf/type/__cron/parameter/default/day_of_week
+++ /dev/null
@@ -1 +0,0 @@
-*
diff --git a/cdist/conf/type/__cron/parameter/default/hour b/cdist/conf/type/__cron/parameter/default/hour
deleted file mode 100644
index 72e8ffc0..00000000
--- a/cdist/conf/type/__cron/parameter/default/hour
+++ /dev/null
@@ -1 +0,0 @@
-*
diff --git a/cdist/conf/type/__cron/parameter/default/minute b/cdist/conf/type/__cron/parameter/default/minute
deleted file mode 100644
index 72e8ffc0..00000000
--- a/cdist/conf/type/__cron/parameter/default/minute
+++ /dev/null
@@ -1 +0,0 @@
-*
diff --git a/cdist/conf/type/__cron/parameter/default/month b/cdist/conf/type/__cron/parameter/default/month
deleted file mode 100644
index 72e8ffc0..00000000
--- a/cdist/conf/type/__cron/parameter/default/month
+++ /dev/null
@@ -1 +0,0 @@
-*
diff --git a/cdist/conf/type/__cron/parameter/default/state b/cdist/conf/type/__cron/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__cron/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__daemontools_service/man.rst b/cdist/conf/type/__daemontools_service/man.rst
index 9bbbe2f8..ec1d20ff 100644
--- a/cdist/conf/type/__daemontools_service/man.rst
+++ b/cdist/conf/type/__daemontools_service/man.rst
@@ -40,12 +40,6 @@ run-file
log-run
Command to run for log consumption. Default: `multilog t ./main`
-owner
- User to chown to.
-
-group
- User to chgrp to.
-
servicedir
Directory to install into. Default: `/service`
diff --git a/cdist/conf/type/__daemontools_service/manifest b/cdist/conf/type/__daemontools_service/manifest
index 8a81b5f5..78bae285 100755
--- a/cdist/conf/type/__daemontools_service/manifest
+++ b/cdist/conf/type/__daemontools_service/manifest
@@ -9,8 +9,6 @@ servicedir=$(cat "$__object/parameter/servicedir")
run=$(cat "$__object/parameter/run")
runfile=$(cat "$__object/parameter/run-file")
logrun=$(cat "$__object/parameter/log-run")
-owner=$(cat "$__object/parameter/owner")
-group=$(cat "$__object/parameter/group")
svc=$(cat "$__type/explorer/svc")
@@ -27,22 +25,14 @@ badusage() {
[ -z "$run$runfile" ] && badusage
[ -n "$run" ] && [ -n "$runfile" ] && badusage
-flags=""
-if [ -n "$owner" ]; then
- flags="$flags --owner $owner"
-fi
-if [ -n "$group" ]; then
- flags="$flags --group $group"
-fi
-
-__directory "$servicedir/$name/log/main" --parents $flags
+__directory "$servicedir/$name/log/main" --parents
echo "$RUN_PREFIX$run" | require="__directory/$servicedir/$name/log/main" __config_file "$servicedir/$name/run" \
--onchange "svc -t '$servicedir/$name' 2>/dev/null" \
- --mode 755 $flags \
+ --mode 755 \
--source "${runfile:--}"
echo "$RUN_PREFIX$logrun" | require="__directory/$servicedir/$name/log/main" __config_file "$servicedir/$name/log/run" \
--onchange "svc -t '$servicedir/$name/log' 2>/dev/null" \
- --mode 755 $flags \
+ --mode 755 \
--source "-"
diff --git a/cdist/conf/type/__daemontools_service/parameter/default/group b/cdist/conf/type/__daemontools_service/parameter/default/group
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__daemontools_service/parameter/default/owner b/cdist/conf/type/__daemontools_service/parameter/default/owner
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__daemontools_service/parameter/optional b/cdist/conf/type/__daemontools_service/parameter/optional
index 7c66b514..7e54985f 100644
--- a/cdist/conf/type/__daemontools_service/parameter/optional
+++ b/cdist/conf/type/__daemontools_service/parameter/optional
@@ -1,6 +1,4 @@
-group
log-run
-owner
run
run-file
servicedir
diff --git a/cdist/conf/type/__directory/explorer/stat b/cdist/conf/type/__directory/explorer/stat
index 105d894f..03d466ba 100755
--- a/cdist/conf/type/__directory/explorer/stat
+++ b/cdist/conf/type/__directory/explorer/stat
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -21,43 +20,24 @@
destination="/$__object_id"
-fallback() {
- # Patch the output together, manually
-
- ls_line=$(ls -ldn "$destination")
-
- uid=$(echo "$ls_line" | awk '{ print $3 }')
- gid=$(echo "$ls_line" | awk '{ print $4 }')
-
- owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
- group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
-
- mode_text=$(echo "$ls_line" | awk '{ print $1 }')
- mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
-
- printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\n' \
- "$("$__type_explorer/type")" \
- "$uid" "$owner" \
- "$gid" "$group" \
- "$mode" "$mode_text"
-}
-
# nothing to work with, nothing we could do
[ -e "$destination" ] || exit 0
-if ! command -v stat >/dev/null
-then
- fallback
- exit
-fi
-
-case $("$__explorer/os") in
+os=$("$__explorer/os")
+case "$os" in
"freebsd"|"netbsd"|"openbsd"|"macosx")
stat -f "type: %HT
owner: %Du %Su
group: %Dg %Sg
mode: %Lp %Sp
-" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
+" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
+ ;;
+ alpine)
+ stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+" "$destination"
;;
solaris)
ls1="$( ls -ld "$destination" )"
@@ -89,12 +69,10 @@ mode: %Lp %Sp
echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
;;
*)
- # NOTE: Do not use --printf here as it is not supported by BusyBox stat.
- # NOTE: BusyBox's stat might not support the "-c" option, in which case
- # we fall through to the shell fallback.
- stat -c "type: %F
+ stat --printf="type: %F
owner: %u %U
group: %g %G
-mode: %a %A" "$destination" 2>/dev/null || fallback
+mode: %a %A
+" "$destination"
;;
esac
diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote
index a1a32ea2..374db47a 100755
--- a/cdist/conf/type/__directory/gencode-remote
+++ b/cdist/conf/type/__directory/gencode-remote
@@ -3,7 +3,6 @@
# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
# 2014 Daniel Heule (hda at sfs.biz)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,8 +21,8 @@
#
destination="/$__object_id"
-state_should=$(cat "$__object/parameter/state")
-type=$(cat "$__object/explorer/type")
+state_should="$(cat "$__object/parameter/state")"
+type="$(cat "$__object/explorer/type")"
stat_file="$__object/explorer/stat"
# variable to keep track if we have to set directory attributes
@@ -73,7 +72,7 @@ set_mode() {
}
case "$state_should" in
- present|exists)
+ present)
if [ "$type" != "directory" ]; then
set_attributes=1
if [ "$type" != "none" ]; then
@@ -84,10 +83,6 @@ case "$state_should" in
fi
echo "mkdir $mkdiropt '$destination'"
echo "create" >> "$__messages_out"
- elif [ "$state_should" = 'exists' ]; then
- # The type is directory and --state exists. We are done and do not
- # check or set the attributes.
- exit 0
fi
# Note: Mode - needs to happen last as a chown/chgrp can alter mode by
@@ -108,26 +103,6 @@ case "$state_should" in
fi
done
;;
- pre-exists)
- case $type in
- directory)
- # all good
- exit 0
- ;;
- none)
- printf 'Directory "%s" does not exist\n' "$destination" >&2
- exit 1
- ;;
- file|symlink)
- printf 'File "%s" exists and is a %s, but should be a directory\n' "$destination" "$type" >&2
- exit 1
- ;;
- *)
- printf 'File or directory "%s" is in an unknown state\n' "$destination" >&2
- exit 1
- ;;
- esac
- ;;
absent)
if [ "$type" = "directory" ]; then
echo "rm -rf '$destination'"
diff --git a/cdist/conf/type/__directory/man.rst b/cdist/conf/type/__directory/man.rst
index 7755334c..74b00afe 100644
--- a/cdist/conf/type/__directory/man.rst
+++ b/cdist/conf/type/__directory/man.rst
@@ -19,18 +19,7 @@ None.
OPTIONAL PARAMETERS
-------------------
state
- 'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
-
- present
- the directory exists and the given attributes are set.
- absent
- the directory does not exist.
- exists
- the directory exists, but its attributes are not altered if it already
- existed.
- pre-exists
- check that the directory exists and is indeed a directory, but do not
- create or modify it.
+ 'present' or 'absent', defaults to 'present'
group
Group to chgrp to.
@@ -47,7 +36,7 @@ BOOLEAN PARAMETERS
parents
Whether to create parents as well (mkdir -p behaviour).
Warning: all intermediate directory permissions default
- to whatever mkdir -p does.
+ to whatever mkdir -p does.
Usually this means root:root, 0700.
diff --git a/cdist/conf/type/__docker/manifest b/cdist/conf/type/__docker/manifest
index 6a57d85a..04a9ff27 100755
--- a/cdist/conf/type/__docker/manifest
+++ b/cdist/conf/type/__docker/manifest
@@ -64,43 +64,6 @@ case "$os" in
require="__apt_source/docker" __package docker-ce --state "${state}"
fi
;;
- devuan)
- os_version="$(cat "$__global/explorer/os_version")"
-
- case "$os_version" in
- ascii)
- distribution="stretch"
- ;;
- jessie)
- distribution="jessie"
- ;;
- *)
- echo "Your devuan release ($os_version) is currently not supported by this type (${__type##*/}).">&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
- ;;
- esac
-
- if [ "${state}" = "present" ]; then
- __package apt-transport-https
- __package ca-certificates
- __package gnupg2
- fi
- __apt_key_uri docker --name "Docker Release (CE deb) " \
- --uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
-
- require="__apt_key_uri/docker" __apt_source docker \
- --uri "https://download.docker.com/linux/${os}" \
- --distribution "${distribution}" \
- --state "${state}" \
- --component "stable"
- if [ "$version" != "latest" ]; then
- require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
- else
- require="__apt_source/docker" __package docker-ce --state "${state}"
- fi
-
- ;;
*)
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
echo "Please contribute an implementation for it if you can." >&2
diff --git a/cdist/conf/type/__docker_swarm/explorer/swarm-state b/cdist/conf/type/__docker_swarm/explorer/swarm-state
index 2c9fd598..9c1bc32d 100755
--- a/cdist/conf/type/__docker_swarm/explorer/swarm-state
+++ b/cdist/conf/type/__docker_swarm/explorer/swarm-state
@@ -18,4 +18,4 @@
# along with cdist. If not, see .
#
-docker info 2>/dev/null | grep '^ *Swarm: ' | awk '{print $2}'
+docker info 2>/dev/null | grep "^Swarm: " | cut -d " " -f 2-
diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat
index 91c8cc84..13c1c208 100755
--- a/cdist/conf/type/__file/explorer/stat
+++ b/cdist/conf/type/__file/explorer/stat
@@ -2,7 +2,6 @@
#
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,54 +21,29 @@
destination="/$__object_id"
-fallback() {
- # Fallback: Patch the output together, manually.
-
- ls_line=$(ls -ldn "$destination")
-
- uid=$(echo "$ls_line" | awk '{ print $3 }')
- gid=$(echo "$ls_line" | awk '{ print $4 }')
-
- owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
- group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
-
- mode_text=$(echo "$ls_line" | awk '{ print $1 }')
- mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
-
- size=$(echo "$ls_line" | awk '{ print $5 }')
- links=$(echo "$ls_line" | awk '{ print $2 }')
-
- printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\nsize: %d\nlinks: %d\n' \
- "$("$__type_explorer/type")" \
- "$uid" "$owner" \
- "$gid" "$group" \
- "$mode" "$mode_text" \
- "$size" \
- "$links"
-}
-
-
# nothing to work with, nothing we could do
[ -e "$destination" ] || exit 0
-
-if ! command -v stat >/dev/null
-then
- fallback
- exit
-fi
-
-
-case $("$__explorer/os")
-in
- freebsd|netbsd|openbsd|macosx)
+os=$("$__explorer/os")
+case "$os" in
+ "freebsd"|"netbsd"|"openbsd"|"macosx")
stat -f "type: %HT
owner: %Du %Su
group: %Dg %Sg
mode: %Lp %Sp
size: %Dz
links: %Dl
-" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
+" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
+ ;;
+ alpine)
+ # busybox stat
+ stat -c "type: %F
+owner: %u %U
+group: %g %G
+mode: %a %A
+size: %s
+links: %h
+" "$destination"
;;
solaris)
ls1="$( ls -ld "$destination" )"
@@ -103,14 +77,12 @@ links: %Dl
echo "links: $( echo "$ls1" | awk '{print $2}' )"
;;
*)
- # NOTE: Do not use --printf here as it is not supported by BusyBox stat.
- # NOTE: BusyBox's stat might not support the "-c" option, in which case
- # we fall through to the shell fallback.
- stat -c "type: %F
+ stat --printf="type: %F
owner: %u %U
group: %g %G
mode: %a %A
size: %s
-links: %h" "$destination" 2>/dev/null || fallback
- ;;
+links: %h
+" "$destination"
+ ;;
esac
diff --git a/cdist/conf/type/__file/gencode-local b/cdist/conf/type/__file/gencode-local
index 231b6927..fb9f9a92 100755
--- a/cdist/conf/type/__file/gencode-local
+++ b/cdist/conf/type/__file/gencode-local
@@ -31,24 +31,12 @@ if [ "$state_should" = "pre-exists" ]; then
exit 1
fi
- case $type in
- file)
- # nothing to do
- exit 0
- ;;
- none)
- printf 'File "%s" does not exist\n' "$destination" >&2
- exit 1
- ;;
- directory|symlink)
- printf 'File "%s" exists and is a %s, but should be a regular file\n' "$destination" "$type" >&2
- exit 1
- ;;
- *)
- printf 'File or directory "%s" is in an unknown state\n' "$destination" >&2
- exit 1
- ;;
- esac
+ if [ "$type" = "file" ]; then
+ exit 0 # nothing to do
+ else
+ echo "File \"$destination\" does not exist"
+ exit 1
+ fi
fi
upload_file=
diff --git a/cdist/conf/type/__file/gencode-remote b/cdist/conf/type/__file/gencode-remote
index 815593bd..b04c471e 100755
--- a/cdist/conf/type/__file/gencode-remote
+++ b/cdist/conf/type/__file/gencode-remote
@@ -55,40 +55,36 @@ set_owner() {
}
set_mode() {
- echo "chmod '$1' '$destination'"
- echo "chmod '$1'" >> "$__messages_out"
- fire_onchange=1
+ echo "chmod '$1' '$destination'"
+ echo "chmod '$1'" >> "$__messages_out"
+ fire_onchange=1
}
case "$state_should" in
- present|exists)
- # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
- # clearing S_ISUID and S_ISGID bits (see chown(2))
- for attribute in group owner mode; do
- if [ -f "$__object/parameter/$attribute" ]; then
- value_should="$(cat "$__object/parameter/$attribute")"
+ present|exists|pre-exists)
+ # Note: Mode - needs to happen last as a chown/chgrp can alter mode by
+ # clearing S_ISUID and S_ISGID bits (see chown(2))
+ for attribute in group owner mode; do
+ if [ -f "$__object/parameter/$attribute" ]; then
+ value_should="$(cat "$__object/parameter/$attribute")"
- # change 0xxx format to xxx format => same as stat returns
- if [ "$attribute" = mode ]; then
- value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
- fi
-
- value_is="$(get_current_value "$attribute" "$value_should")"
- if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
- "set_$attribute" "$value_should"
- fi
+ # change 0xxx format to xxx format => same as stat returns
+ if [ "$attribute" = mode ]; then
+ value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
+ fi
+
+ value_is="$(get_current_value "$attribute" "$value_should")"
+ if [ -f "$__object/files/set-attributes" ] || [ "$value_should" != "$value_is" ]; then
+ "set_$attribute" "$value_should"
fi
- done
- if [ -f "$__object/files/set-attributes" ]; then
- # set-attributes is created if file is created or uploaded in gencode-local
- fire_onchange=1
fi
- ;;
+ done
+ if [ -f "$__object/files/set-attributes" ]; then
+ # set-attributes is created if file is created or uploaded in gencode-local
+ fire_onchange=1
+ fi
- pre-exists)
- # pre-exists should never reach gencode-remote…
- exit 1
- ;;
+ ;;
absent)
if [ "$type" = "file" ]; then
@@ -105,7 +101,7 @@ case "$state_should" in
esac
if [ -f "$__object/parameter/onchange" ]; then
- if [ -n "$fire_onchange" ]; then
- cat "$__object/parameter/onchange"
- fi
+ if [ -n "$fire_onchange" ]; then
+ cat "$__object/parameter/onchange"
+ fi
fi
diff --git a/cdist/conf/type/__git/gencode-remote b/cdist/conf/type/__git/gencode-remote
index ab22655f..5a9e23fc 100755
--- a/cdist/conf/type/__git/gencode-remote
+++ b/cdist/conf/type/__git/gencode-remote
@@ -19,34 +19,32 @@
#
#
-state_is=$(cat "$__object/explorer/state")
-owner_is=$(cat "$__object/explorer/owner")
-group_is=$(cat "$__object/explorer/group")
+state_is="$(cat "$__object/explorer/state")"
+owner_is="$(cat "$__object/explorer/owner")"
+group_is="$(cat "$__object/explorer/group")"
-state_should=$(cat "$__object/parameter/state")
+state_should="$(cat "$__object/parameter/state")"
-branch=$(cat "$__object/parameter/branch")
+branch="$(cat "$__object/parameter/branch")"
-source=$(cat "$__object/parameter/source")
+source="$(cat "$__object/parameter/source")"
destination="/$__object_id"
-owner=$(cat "$__object/parameter/owner")
-group=$(cat "$__object/parameter/group")
-mode=$(cat "$__object/parameter/mode")
+owner="$(cat "$__object/parameter/owner")"
+group="$(cat "$__object/parameter/group")"
+mode="$(cat "$__object/parameter/mode")"
-[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive=''
-[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow=''
-
-[ "$state_should" = "$state_is" ] \
- && [ "$owner" = "$owner_is" ] \
- && [ "$group" = "$group_is" ] \
- && [ -n "$mode" ] && exit 0
+[ "$state_should" = "$state_is" ] && \
+[ "$owner" = "$owner_is" ] && \
+[ "$group" = "$group_is" ] && \
+[ -n "$mode" ] && exit 0
case $state_should in
present)
+
if [ "$state_should" != "$state_is" ]; then
- echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination"
+ echo git clone --quiet --branch "$branch" "$source" "$destination"
fi
if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \
{ [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then
@@ -56,9 +54,8 @@ case $state_should in
echo chmod -R "$mode" "$destination"
fi
;;
-
+ # Handled in manifest
absent)
- # Handled in manifest
;;
*)
diff --git a/cdist/conf/type/__git/man.rst b/cdist/conf/type/__git/man.rst
index d3e15f25..17e9c623 100644
--- a/cdist/conf/type/__git/man.rst
+++ b/cdist/conf/type/__git/man.rst
@@ -35,12 +35,6 @@ mode
owner
User to chown to.
-recursive
- Passes the --recurse-submodules flag to git when cloning the repository.
-
-shallow
- Sets --depth=1 and --shallow-submodules for cloning repositories with big history.
-
EXAMPLES
--------
@@ -50,7 +44,7 @@ EXAMPLES
__git /home/services/dokuwiki --source git://github.com/splitbrain/dokuwiki.git
# Checkout cdist, stay on branch 2.1
- __git /home/nico/cdist --source git@code.ungleich.ch:ungleich-public/cdist.git --branch 2.1
+ __git /home/nico/cdist --source git://github.com/ungleich/cdist.git --branch 2.1
AUTHORS
diff --git a/cdist/conf/type/__git/parameter/boolean b/cdist/conf/type/__git/parameter/boolean
deleted file mode 100644
index d600d4ca..00000000
--- a/cdist/conf/type/__git/parameter/boolean
+++ /dev/null
@@ -1,2 +0,0 @@
-recursive
-shallow
diff --git a/cdist/conf/type/__grafana_dashboard/manifest b/cdist/conf/type/__grafana_dashboard/manifest
index d145c4c3..9cd1465d 100755
--- a/cdist/conf/type/__grafana_dashboard/manifest
+++ b/cdist/conf/type/__grafana_dashboard/manifest
@@ -8,16 +8,10 @@ case $os in
debian|devuan)
case $os_version in
8*|jessie)
- # Differntation not needed anymore
- apt_source_distribution=stable
+ apt_source_distribution=jessie
;;
9*|ascii/ceres|ascii)
- # Differntation not needed anymore
- apt_source_distribution=stable
- ;;
- 10*)
- # Differntation not needed anymore
- apt_source_distribution=stable
+ apt_source_distribution=stretch
;;
*)
echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2
@@ -27,15 +21,16 @@ case $os in
__apt_key_uri grafana \
--name 'Grafana Release Signing Key' \
- --uri https://packages.grafana.com/gpg.key
+ --uri https://packagecloud.io/gpg.key
require="$require __apt_key_uri/grafana" __apt_source grafana \
- --uri https://packages.grafana.com/oss/deb \
+ --uri https://packagecloud.io/grafana/stable/debian/ \
--distribution $apt_source_distribution \
--component main
+
__package apt-transport-https
- require="$require __apt_source/grafana" __apt_update_index
- require="$require __package/apt-transport-https __apt_update_index" __package grafana
+
+ require="$require __apt_source/grafana __package/apt-transport-https" __package grafana
require="$require __package/grafana" __start_on_boot grafana-server
require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start"
;;
diff --git a/cdist/conf/type/__group/explorer/group b/cdist/conf/type/__group/explorer/group
index dc673f61..07f73a91 100755
--- a/cdist/conf/type/__group/explorer/group
+++ b/cdist/conf/type/__group/explorer/group
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,21 +21,7 @@
# Get an existing groups group entry.
#
-not_supported() {
- echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2
- echo "Cannot extract group information." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
-}
-
name=$__object_id
-if command -v getent >/dev/null
-then
- getent group "$name" || true
-elif [ -f /etc/group ]
-then
- grep "^${name}:" /etc/group || true
-else
- not_supported
-fi
+getent group "$name" || true
+
diff --git a/cdist/conf/type/__group/explorer/gshadow b/cdist/conf/type/__group/explorer/gshadow
index 05841d69..ef40b7bc 100755
--- a/cdist/conf/type/__group/explorer/gshadow
+++ b/cdist/conf/type/__group/explorer/gshadow
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -23,28 +22,13 @@
#
name=$__object_id
-os=$("$__explorer/os")
+os="$("$__explorer/os")"
-not_supported() {
- echo "Your operating system ($os) is currently not supported." >&2
- echo "Cannot extract group information." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
-}
-
-case $os in
- "freebsd"|"netbsd")
- echo "$os does not have getent gshadow" >&2
- exit 0
- ;;
+case "$os" in
+ "freebsd"|"netbsd")
+ echo "$os does not have getent gshadow"
+ exit 0
+ ;;
esac
-if command -v getent >/dev/null
-then
- getent gshadow "$name" || true
-elif [ -f /etc/gshadow ]
-then
- grep "^${name}:" /etc/gshadow || true
-else
- not_supported
-fi
+getent gshadow "$name" || true
diff --git a/cdist/conf/type/__hostname/explorer/has_hostnamectl b/cdist/conf/type/__hostname/explorer/has_hostnamectl
index 2f531f30..9040023d 100755
--- a/cdist/conf/type/__hostname/explorer/has_hostnamectl
+++ b/cdist/conf/type/__hostname/explorer/has_hostnamectl
@@ -21,4 +21,4 @@
# Check whether system has hostnamectl
#
-command -v hostnamectl 2>/dev/null || true
+command -v hostnamectl || true
diff --git a/cdist/conf/type/__xymon_apache/explorer/active-conf b/cdist/conf/type/__hostname/explorer/hostname_file
similarity index 72%
rename from cdist/conf/type/__xymon_apache/explorer/active-conf
rename to cdist/conf/type/__hostname/explorer/hostname_file
index bd281e21..6a00aa9f 100755
--- a/cdist/conf/type/__xymon_apache/explorer/active-conf
+++ b/cdist/conf/type/__hostname/explorer/hostname_file
@@ -1,6 +1,6 @@
-#!/bin/sh -e
+#!/bin/sh
#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -16,7 +16,15 @@
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
+#
+#
+# Retrieve the contents of /etc/hostname
+#
-if [ -d /etc/apache2/mods-enabled ]; then
- ls -1 /etc/apache2/conf-enabled/
+# Almost any distribution
+if [ -f /etc/hostname ]; then
+ cat /etc/hostname
+# SuSE
+elif [ -f /etc/HOSTNAME ]; then
+ cat /etc/HOSTNAME
fi
diff --git a/cdist/conf/type/__user/manifest b/cdist/conf/type/__hostname/explorer/hostname_sysconfig
old mode 100644
new mode 100755
similarity index 75%
rename from cdist/conf/type/__user/manifest
rename to cdist/conf/type/__hostname/explorer/hostname_sysconfig
index 8f10b38c..d0d7b4e7
--- a/cdist/conf/type/__user/manifest
+++ b/cdist/conf/type/__hostname/explorer/hostname_sysconfig
@@ -1,6 +1,6 @@
-#!/bin/sh -e
+#!/bin/sh
#
-# 2019 Nico Schottelius (nico-cdist at schottelius.org)
+# 2014 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -18,15 +18,9 @@
# along with cdist. If not, see .
#
#
-# Manage users.
+# Retrieve the contents of /etc/hostname
+#
-os=$(cat "$__global/explorer/os")
-
-case "$os" in
- alpine)
- __package shadow
- ;;
- *)
- :
- ;;
-esac
+if [ -f /etc/sysconfig/network ]; then
+ awk -F= '/^HOSTNAME=/ { print $2 }' /etc/sysconfig/network
+fi
diff --git a/cdist/conf/type/__hostname/explorer/max_len b/cdist/conf/type/__hostname/explorer/max_len
deleted file mode 100644
index fb863949..00000000
--- a/cdist/conf/type/__hostname/explorer/max_len
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh -e
-
-command -v getconf >/dev/null || exit 0
-
-val=$(getconf HOST_NAME_MAX 2>/dev/null) || exit 0
-
-if test -n "${val}" -a "${val}" != 'undefined'
-then
- echo "${val}"
-fi
diff --git a/cdist/conf/type/__hostname/gencode-remote b/cdist/conf/type/__hostname/gencode-remote
index ae224611..8b5797dd 100755
--- a/cdist/conf/type/__hostname/gencode-remote
+++ b/cdist/conf/type/__hostname/gencode-remote
@@ -2,7 +2,6 @@
#
# 2014-2017 Steven Armstrong (steven-cdist at armstrong.cc)
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -20,81 +19,60 @@
# along with cdist. If not, see .
#
-os=$(cat "$__global/explorer/os")
-name_running=$(cat "$__global/explorer/hostname")
-has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
-
-
-if test -s "$__object/parameter/name"
-then
- name_should=$(cat "$__object/parameter/name")
+if [ -f "$__object/parameter/name" ]; then
+ name_should="$(cat "$__object/parameter/name")"
else
- case $os
- in
- # RedHat-derivatives and BSDs
- centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
- # Hostname is FQDN
- name_should="${__target_host}"
- ;;
- *)
- # Hostname is only first component of FQDN
- name_should="${__target_host%%.*}"
- ;;
- esac
+ name_should="${__target_host%%.*}"
fi
+os=$(cat "$__global/explorer/os")
+name_running=$(cat "$__global/explorer/hostname")
+name_config=$(cat "$__object/explorer/hostname_file")
+name_sysconfig=$(cat "$__object/explorer/hostname_sysconfig")
+has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
################################################################################
-# Check if the (running) hostname is already correct
+# If everything is ok -> exit
#
-test "$name_running" != "$name_should" || exit 0
-
+case "$os" in
+ archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
+ if [ "$name_config" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
+ exit 0
+ fi
+ ;;
+ scientific|centos|freebsd|openbsd)
+ if [ "$name_sysconfig" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
+ exit 0
+ fi
+ ;;
+ *)
+ echo "Unsupported os: $os" >&2
+ exit 1
+ ;;
+esac
################################################################################
# Setup hostname
#
-echo 'changed' >>"$__messages_out"
+echo changed >> "$__messages_out"
-# Use the good old way to set the hostname.
-case $os
-in
- alpine|debian|devuan|ubuntu)
- echo 'hostname -F /etc/hostname'
+# Use the good old way to set the hostname even on machines running systemd.
+case "$os" in
+ archlinux|debian|ubuntu|devuan|centos|coreos|alpine)
+ printf "printf '%%s\\\\n' '$name_should' > /etc/hostname\\n"
+ echo "hostname -F /etc/hostname"
;;
- archlinux)
- echo 'command -v hostnamectl >/dev/null 2>&1' \
- "&& hostnamectl set-hostname '$name_should'" \
- "|| hostname '$name_should'"
- ;;
- centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
+ freebsd|openbsd)
echo "hostname '$name_should'"
;;
- macosx)
- echo "scutil --set HostName '$name_should'"
- ;;
- solaris)
- echo "uname -S '$name_should'"
- ;;
- slackware|suse|opensuse-leap)
- # We do not read from /etc/HOSTNAME, because the running
- # hostname is the first component only while the file contains
- # the FQDN.
+ suse)
echo "hostname '$name_should'"
- ;;
- *)
- # Fall back to set the hostname using hostnamectl, if available.
- if test -n "$has_hostnamectl"
- then
- # Don't use hostnamectl as the primary means to set the hostname for
- # systemd systems, because it cannot be trusted to work reliably and
- # exit with non-zero when it fails (e.g. hostname too long,
- # D-Bus failure, etc.).
-
- echo "hostnamectl set-hostname \"\$(cat /etc/hostname)\""
- echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
- " || hostname -F /etc/hostname"
- else
- printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
- fi
+ printf "printf '%%s\\\\n' '$name_should' > /etc/HOSTNAME\\n"
;;
esac
+
+if [ "$has_hostnamectl" ]; then
+ # Allow hostnamectl set-hostname to fail silently.
+ # Who the fuck invented a tool that needs dbus to set the hostname anyway ...
+ echo "hostnamectl set-hostname '$name_should' || true"
+fi
diff --git a/cdist/conf/type/__hostname/man.rst b/cdist/conf/type/__hostname/man.rst
index 72aefbab..d23a3b8a 100644
--- a/cdist/conf/type/__hostname/man.rst
+++ b/cdist/conf/type/__hostname/man.rst
@@ -8,10 +8,7 @@ cdist-type__hostname - Set the hostname
DESCRIPTION
-----------
-Sets the hostname on various operating systems.
-
-**Tip:** For advice on choosing a hostname, see
-`RFC 1178 `_.
+Set's the hostname on various operating systems.
REQUIRED PARAMETERS
@@ -21,7 +18,7 @@ None.
OPTIONAL PARAMETERS
-------------------
name
- The hostname to set. Defaults to the first segment of __target_host
+ The hostname to set. Defaults to the first segment of __target_host
(${__target_host%%.*})
diff --git a/cdist/conf/type/__hostname/manifest b/cdist/conf/type/__hostname/manifest
index e1e356a0..8f1adf12 100755
--- a/cdist/conf/type/__hostname/manifest
+++ b/cdist/conf/type/__hostname/manifest
@@ -2,7 +2,6 @@
#
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -20,170 +19,50 @@
# along with cdist. If not, see .
#
-not_supported() {
- echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
-}
-
-set_hostname_systemd() {
- echo "$1" | __file /etc/hostname --source -
-}
-
os=$(cat "$__global/explorer/os")
-os_version=$(cat "$__global/explorer/os_version")
-os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*' || true)
-
-max_len=$(cat "$__object/explorer/max_len")
-has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
-
-if test -s "$__object/parameter/name"
-then
- name_should=$(cat "$__object/parameter/name")
+if [ -f "$__object/parameter/name" ]; then
+ name_should="$(cat "$__object/parameter/name")"
else
- case $os
- in
- # RedHat-derivatives and BSDs
- centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
- # Hostname is FQDN
- name_should="${__target_host}"
- ;;
- suse|opensuse-leap)
- # Classic SuSE stores the FQDN in /etc/HOSTNAME, while
- # systemd does not. The running hostname is the first
- # component in both cases.
- # In versions before 15.x, the FQDN is stored in /etc/hostname.
- if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
- && test "$os_major" -ne 42
- then
- name_should="${__target_host%%.*}"
- else
- name_should="${__target_host}"
- fi
- ;;
- *)
- # Hostname is only first component of FQDN on all other systems.
- name_should="${__target_host%%.*}"
- ;;
+ case "$os" in
+ openbsd)
+ name_should="${__target_host}"
+ ;;
+ *)
+ name_should="${__target_host%%.*}"
+ ;;
esac
fi
-if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
-then
- printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
- exit 1
-fi
-case $os
-in
- alpine|debian|devuan|ubuntu|void)
- echo "$name_should" | __file /etc/hostname --source -
- ;;
- archlinux)
- if test -n "$has_hostnamectl"
- then
- set_hostname_systemd "$name_should"
- else
- echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
- exit 1
- # Only for ancient ArchLinux, write to /etc/rc.conf on pre-systemd
- # versions. There are some versions which use /etc/hostname but not
- # systemd. It is unclear which ones these are.
+not_supported() {
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+}
- # __key_value '/etc/rc.conf:HOSTNAME' \
- # --file /etc/rc.conf \
- # --delimiter '=' --exact_delimiter \
- # --key 'HOSTNAME' \
- # --value "\"$name_should\""
- fi
- ;;
- centos|fedora|redhat|scientific)
- if test -z "$has_hostnamectl"
- then
- # Only write to /etc/sysconfig/network on non-systemd versions.
- # On systemd-based versions this entry is ignored.
- __key_value '/etc/sysconfig/network:HOSTNAME' \
- --file /etc/sysconfig/network \
- --delimiter '=' --exact_delimiter \
- --key HOSTNAME \
- --value "\"$name_should\""
- else
- set_hostname_systemd "$name_should"
- fi
- ;;
- gentoo)
- # Only write to /etc/conf.d/hostname on OpenRC-based installations.
- # On systemd use hostnamectl(1) in gencode-remote.
- if test -z "$has_hostnamectl"
- then
- __key_value '/etc/conf.d/hostname:hostname' \
- --file /etc/conf.d/hostname \
- --delimiter '=' --exact_delimiter \
- --key 'hostname' \
- --value "\"$name_should\""
- else
- set_hostname_systemd "$name_should"
- fi
- ;;
- freebsd)
- __key_value '/etc/rc.conf:hostname' \
- --file /etc/rc.conf \
- --delimiter '=' --exact_delimiter \
- --key 'hostname' \
- --value "\"$name_should\""
- ;;
- macosx)
+case "$os" in
+ archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
# handled in gencode-remote
:
;;
- netbsd)
- __key_value '/etc/rc.conf:hostname' \
+ scientific|centos)
+ __key_value sysconfig-hostname \
+ --file /etc/sysconfig/network \
+ --delimiter '=' \
+ --key HOSTNAME \
+ --value "$name_should" --exact_delimiter
+ ;;
+ freebsd)
+ __key_value rcconf-hostname \
--file /etc/rc.conf \
- --delimiter '=' --exact_delimiter \
+ --delimiter '=' \
--key 'hostname' \
- --value "\"$name_should\""
-
- # To avoid confusion, ensure that the hostname is only stored once.
- __file /etc/myname --state absent
+ --value "$name_should"
;;
openbsd)
echo "$name_should" | __file /etc/myname --source -
;;
- slackware)
- # We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
- # read the first component from this file and set it as the running
- # hostname on boot.
- echo "$name_should" | __file /etc/HOSTNAME --source -
- ;;
- solaris)
- echo "$name_should" | __file /etc/nodename --source -
- ;;
- suse|opensuse-leap)
- # Modern SuSE provides /etc/HOSTNAME as a symlink for
- # backwards-compatibility. Unfortunately it cannot be used
- # here as __file does not follow the symlink.
- # Therefore, we use the presence of the hostnamectl binary as
- # an indication of which file to use. This unfortunately does
- # not work correctly on openSUSE 12.x which provides
- # hostnamectl but not /etc/hostname.
-
- if test -n "$has_hostnamectl" -a "$os_major" -gt 12
- then
- hostname_file='/etc/hostname'
- else
- hostname_file='/etc/HOSTNAME'
- fi
-
- echo "$name_should" | __file "$hostname_file" --source -
- ;;
*)
- # On other operating systems we fall back to systemd's
- # hostnamectl if available…
- if test -n "$has_hostnamectl"
- then
- set_hostname_systemd "$name_should"
- else
- not_supported
- fi
+ not_supported
;;
esac
diff --git a/cdist/conf/type/__install_chroot_umount/manifest b/cdist/conf/type/__install_chroot_umount/manifest
deleted file mode 120000
index f17af67a..00000000
--- a/cdist/conf/type/__install_chroot_umount/manifest
+++ /dev/null
@@ -1 +0,0 @@
-../__chroot_umount/manifest
\ No newline at end of file
diff --git a/cdist/conf/type/__install_directory/man.rst b/cdist/conf/type/__install_directory/man.rst
deleted file mode 100644
index c402cbad..00000000
--- a/cdist/conf/type/__install_directory/man.rst
+++ /dev/null
@@ -1,101 +0,0 @@
-cdist-type__install_directory(7)
-================================
-
-NAME
-----
-cdist-type__install_directory - Manage a directory with install command
-
-
-DESCRIPTION
------------
-This cdist type allows you to create or remove directories on the target.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state
- 'present' or 'absent', defaults to 'present'
-
-group
- Group to chgrp to.
-
-mode
- Unix permissions, suitable for chmod.
-
-owner
- User to chown to.
-
-
-BOOLEAN PARAMETERS
-------------------
-parents
- Whether to create parents as well (mkdir -p behaviour).
- Warning: all intermediate directory permissions default
- to whatever mkdir -p does.
-
- Usually this means root:root, 0700.
-
-recursive
- If supplied the chgrp and chown call will run recursively.
- This does *not* influence the behaviour of chmod.
-
-MESSAGES
---------
-chgrp
- Changed group membership
-chown
- Changed owner
-chmod
- Changed mode
-create
- Empty directory was created
-remove
- Directory exists, but state is absent, directory will be removed by generated code.
-remove non directory
- Something other than a directory with the same name exists and was removed prior to create.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- # A silly example
- __install_directory /tmp/foobar
-
- # Remove a directory
- __install_directory /tmp/foobar --state absent
-
- # Ensure /etc exists correctly
- __install_directory /etc --owner root --group root --mode 0755
-
- # Create nfs service directory, including parents
- __install_directory /home/services/nfs --parents
-
- # Change permissions recursively
- __install_directory /home/services --recursive --owner root --group root
-
- # Setup a temp directory
- __install_directory /local --mode 1777
-
- # Take it all
- __install_directory /home/services/kvm --recursive --parents \
- --owner root --group root --mode 0755 --state present
-
-
-AUTHORS
--------
-Nico Schottelius
-
-
-COPYING
--------
-Copyright \(C) 2011 Nico Schottelius. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__install_directory/man.rst b/cdist/conf/type/__install_directory/man.rst
new file mode 120000
index 00000000..1ad7fa84
--- /dev/null
+++ b/cdist/conf/type/__install_directory/man.rst
@@ -0,0 +1 @@
+../__directory/man.rst
\ No newline at end of file
diff --git a/cdist/conf/type/__install_file/man.rst b/cdist/conf/type/__install_file/man.rst
index 977ed77c..c5409167 100644
--- a/cdist/conf/type/__install_file/man.rst
+++ b/cdist/conf/type/__install_file/man.rst
@@ -23,10 +23,6 @@ symlink
directory
replace it with the source file
-One exception is that when state is pre-exists, an error is raised if
-the file would have been created otherwise (e.g. it is not present or
-not a regular file).
-
In any case, make sure that the file attributes are as specified.
@@ -37,7 +33,7 @@ None.
OPTIONAL PARAMETERS
-------------------
state
- 'present', 'absent', 'exists' or 'pre-exists', defaults to 'present' where:
+ 'present', 'absent' or 'exists', defaults to 'present' where:
present
the file is exactly the one from source
@@ -45,9 +41,6 @@ state
the file does not exist
exists
the file from source but only if it doesn't already exist
- pre-exists
- check that the file exists and is a regular file, but do not
- create or modify it
group
Group to chgrp to.
@@ -63,9 +56,6 @@ source
If not supplied, an empty file or directory will be created.
If source is '-' (dash), take what was written to stdin as the file content.
-onchange
- The code to run if file is modified.
-
MESSAGES
--------
chgrp
@@ -103,8 +93,6 @@ EXAMPLES
__install_file /home/frodo/.bashrc --source "/etc/skel/.bashrc" \
--state exists \
--owner frodo --mode 0600
- # Check that the file is present, show an error when it is not
- __install_file /etc/somefile --state pre-exists
# Take file content from stdin
__install_file /tmp/whatever --owner root --group root --mode 644 --source - << DONE
Here goes the content for /tmp/whatever
diff --git a/cdist/conf/type/__iocage_clone/gencode-remote b/cdist/conf/type/__iocage_clone/gencode-remote
deleted file mode 100755
index 30d77099..00000000
--- a/cdist/conf/type/__iocage_clone/gencode-remote
+++ /dev/null
@@ -1,152 +0,0 @@
-#!/bin/sh
-
-state="$(cat $__object/parameter/state)"
-template="$(cat $__object/parameter/template)"
-ip4_addr="$(cat $__object/parameter/bridge)|$(cat $__object/parameter/ip)"
-interfaces="none:none"
-defaultrouter="none"
-vnet="off"
-jail_zfs_dataset="$(cat $__object/parameter/jail_zfs_dataset)"
-devfs_ruleset="$(cat $__object/parameter/devfs_ruleset)"
-allow_socket_af="$(cat $__object/parameter/allow_socket_af)"
-mount_procfs="$(cat $__object/parameter/mount_procfs)"
-mount_linprocfs="$(cat $__object/parameter/mount_linprocfs)"
-
-if [ "X$state" = "Xabsent" ]; then
- cat <&2
- create_new=1
- fi
-fi
-
-if [ \$create_new -eq 0 ]; then
- if [ "off" == "\$(get_property_iocage jail_zfs "$__object_id")" ]; then
- current_jail_zfs_dataset=""
- else
- current_jail_zfs_dataset="\$(get_property_iocage jail_zfs_dataset "$__object_id")"
- fi
-fi
-
-configure=0
-if [ \$create_new -eq 1 ]; then
- configure=1
-elif [ "X$vnet" != "X\$(get_property_iocage vnet "$__object_id")" ]; then
- configure=1
-elif [ "X$ip4_addr" != "X\$(get_property_iocage ip4_addr "$__object_id")" ]; then
- configure=1
-elif [ "X$interfaces" != "X\$(get_property_iocage interfaces "$__object_id")" ]; then
- configure=1
-elif [ "X$defaultrouter" != "X\$(get_property_iocage defaultrouter "$__object_id")" ]; then
- configure=1
-elif [ "X$mount_procfs" != "X\$(get_property_iocage mount_procfs "$__object_id")" ]; then
- configure=1
-elif [ "X$devfs_ruleset" != "X\$(get_property_iocage devfs_ruleset "$__object_id")" ]; then
- configure=1
-elif [ "X$allow_socket_af" != "X\$(get_property_iocage allow_socket_af "$__object_id")" ]; then
- configure=1
-elif [ "X$jail_zfs_dataset" != "X\$current_jail_zfs_dataset" ]; then
- configure=1
-fi
-
-if [ \$create_new -eq 1 ]; then
- echo "Creating jail $__object_id" >&2
-
- iocage stop $__object_id || true
- iocage destroy -f $__object_id || true
- # Without VNETs, we should not need this.
- # TODO(riso): Use nicer path
- # /root/cdist/ioc deconfigure $__object_id
-
- rm -f /iocage/jails/$__object_id
-
- iocage clone $template tag=$__object_id
- iocage set boot=on $__object_id
- UUID=\$(iocage list | grep " $__object_id " | awk "{ print \\\$2; }")
- rm -f /iocage/jails/$__object_id
- ln -s /iocage/jails/\$UUID /iocage/jails/$__object_id
-else
- UUID=\$(iocage list | grep " $__object_id " | awk "{ print \\\$2; }")
- echo "Jail $__object_id already exists, UUID=\$UUID" >&2
-fi
-
-ROOT="/iocage/jails/\$UUID/root"
-FSTAB="/iocage/jails/\$UUID/fstab"
-rm -f \$FSTAB.new
-touch \$FSTAB.new
-cat $__object/parameter/mount 2>/dev/null | \\
-while read mount; do
- src=\$(echo \$mount | awk -F: "{ print \\\$1; }")
- dst_rel=\$(echo \$mount | awk -F: "{ print \\\$2; }")
- dst="/iocage/jails/\$UUID/root/\$dst_rel"
- mkdir -p "\$dst"
- echo "\$src \$dst nullfs rw 0 0" >>\$FSTAB.new
-done
-if [ $mount_linprocfs -eq 1 ]; then
- echo "linproc /iocage/jails/\$UUID/root/compat/linux/proc linprocfs rw 0 0" >>\$FSTAB.new
-fi
-
-fstab_changed=0
-if diff -q \$FSTAB \$FSTAB.new >/dev/null; then
- # pass
-else
- configure=1
- fstab_changed=1
-fi
-
-if [ \$configure -eq 1 ]; then
- echo "Configuring jail $__object_id." >&2
- iocage stop $__object_id || true
-
- iocage set vnet="$vnet" $__object_id
- iocage set interfaces="$interfaces" $__object_id
- iocage set hostname="$__object_id" $__object_id
- iocage set ip4_addr="$ip4_addr" $__object_id
- iocage set defaultrouter="$defaultrouter" $__object_id
- iocage set mount_procfs="$mount_procfs" $__object_id
- iocage set devfs_ruleset="$devfs_ruleset" $__object_id
- iocage set allow_socket_af="$allow_socket_af" $__object_id
- if [ -n "$jail_zfs_dataset" ]; then
- iocage set jail_zfs=on $__object_id
- iocage set jail_zfs_dataset="$jail_zfs_dataset" $__object_id
- else
- iocage set jail_zfs=off $__object_id
- fi
-
- if [ \$fstab_changed -eq 1 ]; then
- umount -afF \$FSTAB || true
- mv \$FSTAB.new \$FSTAB
- fi
-
- iocage start $__object_id || true
-
- # Iocage creates new mac address, but arp can have an old mac cached.
- # TODO(riso): Is this true without VNETs?
- arp -d -a
-else
- echo "Jail $__object_id is already configured." >&2
-fi
-rm -f \$FSTAB.new
-EOF
-fi
diff --git a/cdist/conf/type/__iocage_clone/manifest b/cdist/conf/type/__iocage_clone/manifest
deleted file mode 100644
index 0684fce8..00000000
--- a/cdist/conf/type/__iocage_clone/manifest
+++ /dev/null
@@ -1 +0,0 @@
-__package iocage
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/allow_socket_af b/cdist/conf/type/__iocage_clone/parameter/default/allow_socket_af
deleted file mode 100644
index 573541ac..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/allow_socket_af
+++ /dev/null
@@ -1 +0,0 @@
-0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/bridge b/cdist/conf/type/__iocage_clone/parameter/default/bridge
deleted file mode 100644
index 092f51c8..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/bridge
+++ /dev/null
@@ -1 +0,0 @@
-bridge0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/devfs_ruleset b/cdist/conf/type/__iocage_clone/parameter/default/devfs_ruleset
deleted file mode 100644
index b8626c4c..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/devfs_ruleset
+++ /dev/null
@@ -1 +0,0 @@
-4
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/jail_zfs_dataset b/cdist/conf/type/__iocage_clone/parameter/default/jail_zfs_dataset
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/mount_linprocfs b/cdist/conf/type/__iocage_clone/parameter/default/mount_linprocfs
deleted file mode 100644
index 573541ac..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/mount_linprocfs
+++ /dev/null
@@ -1 +0,0 @@
-0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/mount_procfs b/cdist/conf/type/__iocage_clone/parameter/default/mount_procfs
deleted file mode 100644
index 573541ac..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/mount_procfs
+++ /dev/null
@@ -1 +0,0 @@
-0
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/net b/cdist/conf/type/__iocage_clone/parameter/default/net
deleted file mode 100644
index a45fd52c..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/net
+++ /dev/null
@@ -1 +0,0 @@
-24
diff --git a/cdist/conf/type/__iocage_clone/parameter/default/state b/cdist/conf/type/__iocage_clone/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__iocage_clone/parameter/optional b/cdist/conf/type/__iocage_clone/parameter/optional
deleted file mode 100644
index 8ca73ed9..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/optional
+++ /dev/null
@@ -1,7 +0,0 @@
-state
-bridge
-jail_zfs_dataset
-mount_procfs
-mount_linprocfs
-devfs_ruleset
-allow_socket_af
diff --git a/cdist/conf/type/__iocage_clone/parameter/optional_multiple b/cdist/conf/type/__iocage_clone/parameter/optional_multiple
deleted file mode 100644
index fde64773..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/optional_multiple
+++ /dev/null
@@ -1 +0,0 @@
-mount
diff --git a/cdist/conf/type/__iocage_clone/parameter/required b/cdist/conf/type/__iocage_clone/parameter/required
deleted file mode 100644
index 209d1544..00000000
--- a/cdist/conf/type/__iocage_clone/parameter/required
+++ /dev/null
@@ -1,2 +0,0 @@
-ip
-template
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/gencode-remote b/cdist/conf/type/__letsencrypt_acmetiny/gencode-remote
deleted file mode 100644
index 9243acc9..00000000
--- a/cdist/conf/type/__letsencrypt_acmetiny/gencode-remote
+++ /dev/null
@@ -1,112 +0,0 @@
-#!/bin/sh -e
-
-ACME_TINY_CERT_REQUEST_DIR="/var/acme-tiny/cert-requests"
-ACME_TINY_ACCOUNT_KEY="/var/acme-tiny/account.key"
-ACME_CHALLENGE_DIR="/srv/www/sites/acme/public/.well-known/acme-challenge"
-
-REALM="${__object_id}"
-EXTRA_DOMAINS=""
-if [ -f "${__object}/parameter/extra-domain" ]; then
- EXTRA_DOMAINS="$(cat "${__object}/parameter/extra-domain")"
-fi
-
-#TODO: support linux too
-REALMS_DIR="/usr/local/etc/pki/realms"
-REALM_DIR="${REALMS_DIR}/${REALM}"
-REALM_CERT="${REALM_DIR}/default.crt"
-REALM_KEY="${REALM_DIR}/default.key"
-REALM_CERT_REQUEST="${ACME_TINY_CERT_REQUEST_DIR}/${REALM}.csr"
-REALM_CERT_REQUEST_CNF="${ACME_TINY_CERT_REQUEST_DIR}/${REALM}.cnf"
-
-CSR_ALT_NAMES=""
-REALM_CERT_REQUEST_CNF_LINE=""
-if [ -n "${EXTRA_DOMAINS}" ]; then
- CSR_ALT_NAMES="DNS:${REALM}"
- for domain in ${EXTRA_DOMAINS}; do
- CSR_ALT_NAMES="${CSR_ALT_NAMES},DNS:${domain}"
- done
- # CSR requests are executed always against .new, only after succeeding .new replaces the .cnf
- REALM_CERT_REQUEST_CNF_LINE="-reqexts SAN -config '${REALM_CERT_REQUEST_CNF}.new'"
-fi
-
-cat << EOF
-if [ ! -d '${REALM_DIR}' ]; then
- mkdir -p '${REALM_DIR}'
-fi
-if [ ! -f '${REALM_KEY}' ]; then
- openssl genrsa 4096 > '${REALM_KEY}'
-fi
-
-if [ ! -d '${ACME_TINY_CERT_REQUEST_DIR}' ]; then
- mkdir '${ACME_TINY_CERT_REQUEST_DIR}'
-fi
-
-FORCE_CSR_REGEN=""
-if [ -n '${CSR_ALT_NAMES}' ]; then
- # Generate new config
- cat /etc/ssl/openssl.cnf > '${REALM_CERT_REQUEST_CNF}.new'
- printf '[SAN]\nsubjectAltName=${CSR_ALT_NAMES}' >> '${REALM_CERT_REQUEST_CNF}.new'
- # Compare to previous config if necessary
- if [ -f '${REALM_CERT_REQUEST_CNF}' ]; then
- CNF_DIFF=\$(diff -q '${REALM_CERT_REQUEST_CNF}' '${REALM_CERT_REQUEST_CNF}.new' || true)
- if [ -n "\${CNF_DIFF}" ]; then
- # Options have changed
- FORCE_CSR_REGEN="YES"
- else
- # Since they match, we won't be using this, clean it
- rm '${REALM_CERT_REQUEST_CNF}.new'
- fi
- else
- # We never used SAN here, CSR regen needed.
- FORCE_CSR_REGEN="YES"
- fi
-else
- # We used SAN at some point, not any more
- if [ -f '${REALM_CERT_REQUEST_CNF}' ]; then
- rm '${REALM_CERT_REQUEST_CNF}'
- FORCE_CSR_REGEN="YES"
- fi
-fi
-
-# Create or re-create when params have changed
-if [ ! -f '${REALM_CERT_REQUEST}' -o -n "\${FORCE_CSR_REGEN}" ]; then
- openssl req -new -sha256 -key '${REALM_KEY}' -subj '/CN=${REALM}' -out '${REALM_CERT_REQUEST}' ${REALM_CERT_REQUEST_CNF_LINE}
-fi
-
-# Check if cert exists, and if so whether or not it's older than a month
-if [ -f '${REALM_CERT}' ]; then
- MODIFIED_IN_30d="\$(find '${REALM_CERT}' -mtime -30d)"
- if [ -z "\${MODIFIED_IN_30d}" ]; then
- # Cert is over a month old, it's fine to regenerate
- FORCE_CRT_REGEN="YES"
- fi
-else
- # This cert doesn't exist
- FORCE_CRT_REGEN="YES"
-fi
-
-
-# Only request certificate when needed
-# TODO: support linux too
-if [ -n "\${FORCE_CSR_REGEN}" -o -n "\${FORCE_CRT_REGEN}" ]; then
- doas -u acme-tiny -- acme_tiny \
- --account '${ACME_TINY_ACCOUNT_KEY}' \
- --csr '${REALM_CERT_REQUEST}' \
- --acme-dir '${ACME_CHALLENGE_DIR}' > '${REALM_CERT}.new'
-
- if [ -s '${REALM_CERT}.new' ]; then
- mv '${REALM_CERT}.new' '${REALM_CERT}'
- else
- echo "Failed to generate cert for realm '${REALM}'."
- exit 1
- fi
-fi
-
-cat "${REALM_CERT}" "${REALMS_DIR}/chain.pem" > ${REALM_DIR}/fullchain.pem
-
-if [ -n '${REALM_CERT_REQUEST_CNF_LINE}' -a -f '${REALM_CERT_REQUEST_CNF}.new' ]; then
- # CSR and cert generation succeded with a new config, put new config in-place.
- # This is the last thing we do, so we try again next time if sth fails.
- mv '${REALM_CERT_REQUEST_CNF}.new' '${REALM_CERT_REQUEST_CNF}'
-fi
-EOF
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/manifest b/cdist/conf/type/__letsencrypt_acmetiny/manifest
deleted file mode 100644
index 48438abb..00000000
--- a/cdist/conf/type/__letsencrypt_acmetiny/manifest
+++ /dev/null
@@ -1 +0,0 @@
-#__letsencrypt_acmetiny_base
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/nonparallel b/cdist/conf/type/__letsencrypt_acmetiny/nonparallel
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__letsencrypt_acmetiny/parameter/optional_multiple b/cdist/conf/type/__letsencrypt_acmetiny/parameter/optional_multiple
deleted file mode 100644
index 7bfb11da..00000000
--- a/cdist/conf/type/__letsencrypt_acmetiny/parameter/optional_multiple
+++ /dev/null
@@ -1 +0,0 @@
-extra-domain
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/gencode-remote b/cdist/conf/type/__letsencrypt_acmetiny_base/gencode-remote
deleted file mode 100644
index 1e4174a4..00000000
--- a/cdist/conf/type/__letsencrypt_acmetiny_base/gencode-remote
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh -e
-
-ACME_HOME="/var/acme-tiny"
-ACME_ACCOUNT_KEY="${ACME_HOME}/account.key"
-
-cat << EOF
-if [ ! -f '${ACME_ACCOUNT_KEY}' ]; then
- openssl genrsa 4096 > '${ACME_ACCOUNT_KEY}'
- chown acme-tiny:acme-tiny '${ACME_ACCOUNT_KEY}'
- chmod 640 '${ACME_ACCOUNT_KEY}'
-fi
-EOF
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/manifest b/cdist/conf/type/__letsencrypt_acmetiny_base/manifest
deleted file mode 100644
index cbedcdff..00000000
--- a/cdist/conf/type/__letsencrypt_acmetiny_base/manifest
+++ /dev/null
@@ -1,227 +0,0 @@
-# Arguments
-ACME_DOMAIN="$(cat "${__object}/parameter/acme_domain" || true)"
-
-if [ -z "${ACME_DOMAIN}" ]; then
- ACME_DOMAIN="${__target_host}"
-fi
-
-
-# Install needed stuffz
-
-## TODO: consider not depending on nginx? It is... practical though.
-## TODO: Maybe just move this out to a sepecial type?
-__package "nginx"
-
-NGINX_ETC="/usr/local/etc/nginx"
-
-# Setup the acme-challenge snippet
-require="__package/nginx" __directory "${NGINX_ETC}/snippets" --state present
-require="__directory${NGINX_ETC}/snippets" __file "${NGINX_ETC}/snippets/acme-challenge.conf" \
- --mode 644 \
- --source - << EOF
-# This file is managed remotely, all changes will be lost
-
-# This was heavily inspired by debops.org.
-
-# Automatic Certificate Management Environment (ACME) support.
-# https://tools.ietf.org/html/draft-ietf-acme-acme-01
-# https://en.wikipedia.org/wiki/Automated_Certificate_Management_Environment
-
-
-# Return the ACME challenge present in the server public root.
-# If not found, switch to global web server root.
-location ^~ /.well-known/acme-challenge/ {
- default_type "text/plain";
- try_files \$uri @well-known-acme-challenge;
-}
-
-# Return the ACME challenge present in the global server public root.
-# If not present, redirect request to a specified domain.
-location @well-known-acme-challenge {
- root /srv/www/sites/acme/public;
- default_type "text/plain";
- try_files \$uri @redirect-acme-challenge;
-}
-
-# Redirect the ACME challenge to a different host. If a redirect loop is
-# detected, return 404.
-location @redirect-acme-challenge {
- if (\$arg_redirect) {
- return 404;
- }
- return 307 \$scheme://${ACME_DOMAIN}\$request_uri?redirect=yes;
-}
-
-# Return 404 if ACME challenge well known path is accessed directly.
-location = /.well-known/acme-challenge/ {
- return 404;
-}
-EOF
-
-require="__package/nginx" __directory "${NGINX_ETC}/sites-enabled" --state present
-require="__directory${NGINX_ETC}/sites-enabled" __file "${NGINX_ETC}/nginx.conf" \
- --mode 644 \
- --source - << EOF
-# This file is managed remotely, all changes will be lost
-
-worker_processes 1;
-
-# This default error log path is compiled-in to make sure configuration parsing
-# errors are logged somewhere, especially during unattended boot when stderr
-# isn't normally logged anywhere. This path will be touched on every nginx
-# start regardless of error log location configured here. See
-# https://trac.nginx.org/nginx/ticket/147 for more info.
-#
-#error_log /var/log/nginx/error.log;
-#
-
-#pid logs/nginx.pid;
-
-
-events {
- worker_connections 1024;
-}
-
-
-http {
-
- include mime.types;
- default_type application/octet-stream;
-
- server_tokens off;
-
- ssl_session_cache shared:SSL:10m;
- ssl_session_timeout 5m;
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- types_hash_max_size 2048;
- gzip on;
- gzip_disable "msie6";
- gzip_comp_level 5;
- gzip_min_length 256;
- gzip_proxied any;
- gzip_vary on;
- gzip_types
- application/atom+xml
- application/javascript
- application/json
- application/ld+json
- application/manifest+json
- application/rss+xml
- application/vnd.geo+json
- application/vnd.ms-fontobject
- application/x-font-ttf
- application/x-web-app-manifest+json
- application/xhtml+xml
- application/xml
- font/opentype
- image/bmp
- image/svg+xml
- image/x-icon
- text/cache-manifest
- text/css
- text/plain
- text/vcard
- text/vnd.rim.location.xloc
- text/vtt
- text/x-component
- text/x-cross-domain-policy;
-
- # Logging
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
-
- #add_header X-Clacks-Overhead "GNU Terry Pratchett";
-
- # Virtual Hosts Configs
- include ${NGINX_ETC}/sites-enabled/*.conf;
-}
-EOF
-
-require="__directory${NGINX_ETC}/sites-enabled" __file "${NGINX_ETC}/sites-enabled/welcome.conf" \
- --mode 644 \
- --source - << EOF
-# This file is managed remotely, all changes will be lost
-
-# nginx server configuration for:
-# - https://welcome/
-
-server {
-
- listen [::]:80;
-
- server_name welcome;
-
- root /srv/www/sites/welcome/public;
-
- include snippets/acme-challenge.conf;
-
- location / {
- return 301 https://\$host\$request_uri;
- }
-}
-EOF
-
-## TODO: this is kinda bad, don't restart every time.
-## Otherwise this isn't idempotent.
-require="__package/nginx" __service nginx --action onerestart
-require="__package/nginx" __start_on_boot nginx
-
-
-__package "acme-tiny"
-
-# Create acme-tiny user and secure home dir
-ACME_TINY_HOME="/var/acme-tiny"
-require="__package/acme-tiny" __user acme-tiny --system --home ${ACME_TINY_HOME} --comment "acme-tiny client"
-require="__user/acme-tiny" __directory "${ACME_TINY_HOME}" --state present --mode 0750 --owner acme-tiny --group acme-tiny
-
-# Create ACME challenge dirs to be served by nginx
-ACME_PUBLIC_DIR="/srv/www/sites/acme/public"
-ACME_WELLKNOWN_DIR="${ACME_PUBLIC_DIR}/.well-known"
-ACME_CHALLENGE_DIR="${ACME_WELLKNOWN_DIR}/acme-challenge"
-__directory "${ACME_PUBLIC_DIR}" \
- --parents \
- --state present \
- --owner acme-tiny --group www \
- --mode 2750 # TODO: check whether this does require gid?
-require="__directory${ACME_PUBLIC_DIR}" __directory "${ACME_WELLKNOWN_DIR}" \
- --state present \
- --owner acme-tiny --group www \
- --mode 0750
-require="__directory${ACME_WELLKNOWN_DIR}" __directory "${ACME_CHALLENGE_DIR}" \
- --state present \
- --owner acme-tiny --group www \
- --mode 0750
-
-__package doas
-DOAS_CONF="/usr/local/etc/doas.conf"
-require="__package/doas" __file "${DOAS_CONF}" --mode 0640
-require="__file${DOAS_CONF}" __line "${DOAS_CONF}" \
- --regex 'root as acme-tiny' \
- --line 'permit nopass root as acme-tiny'
-
-# Setup CA
-REALMS_DIR="/usr/local/etc/pki/realms"
-__directory "${REALMS_DIR}" \
- --parents \
- --state present \
- --mode 0755
-
-require="__directory${REALMS_DIR}" __file ${REALMS_DIR}/intermediate.pem \
- --mode 0644 \
- --source - << EOF
-$(curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt)
-EOF
-require="__directory${REALMS_DIR}" __file ${REALMS_DIR}/root.pem \
- --mode 0644 \
- --source - << EOF
-$(curl -s https://letsencrypt.org/certs/trustid-x3-root.pem.txt)
-EOF
-require="__directory${REALMS_DIR}" __file ${REALMS_DIR}/chain.pem \
- --mode 0644 \
- --source - << EOF
-$(curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt)
-$(curl -s https://letsencrypt.org/certs/trustid-x3-root.pem.txt)
-EOF
-
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/parameter/optional b/cdist/conf/type/__letsencrypt_acmetiny_base/parameter/optional
deleted file mode 100644
index fb20814d..00000000
--- a/cdist/conf/type/__letsencrypt_acmetiny_base/parameter/optional
+++ /dev/null
@@ -1 +0,0 @@
-acme_domain
diff --git a/cdist/conf/type/__letsencrypt_acmetiny_base/singleton b/cdist/conf/type/__letsencrypt_acmetiny_base/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__letsencrypt_cert/man.rst b/cdist/conf/type/__letsencrypt_cert/man.rst
index 85eb88ea..c4ffc6bc 100644
--- a/cdist/conf/type/__letsencrypt_cert/man.rst
+++ b/cdist/conf/type/__letsencrypt_cert/man.rst
@@ -59,13 +59,13 @@ MESSAGES
--------
change
- Certificate was changed.
+ Certificte was changed.
create
- Certificate was created.
+ Certificte was created.
remove
- Certificate was removed.
+ Certificte was removed.
EXAMPLES
--------
diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest
index 68ecf9d4..d6892c9b 100755
--- a/cdist/conf/type/__letsencrypt_cert/manifest
+++ b/cdist/conf/type/__letsencrypt_cert/manifest
@@ -7,12 +7,6 @@ if [ -z "${certbot_fullpath}" ]; then
os_version="$(cat "${__global}/explorer/os_version")"
case "$os" in
- archlinux)
- __package certbot
- ;;
- alpine)
- __package certbot
- ;;
debian)
case "$os_version" in
8*)
@@ -39,10 +33,6 @@ if [ -z "${certbot_fullpath}" ]; then
require="__apt_source/stretch-backports" __package_apt certbot \
--target-release stretch-backports
;;
- 10*)
- __package_apt certbot
- ;;
-
*)
echo "Unsupported OS version: $os_version" >&2
exit 1
@@ -72,12 +62,11 @@ if [ -z "${certbot_fullpath}" ]; then
--distribution ascii-backports \
--component main
+ require="__apt_source/ascii-backports" __package_apt python-certbot \
+ --target-release ascii-backports
require="__apt_source/ascii-backports" __package_apt certbot \
--target-release ascii-backports
;;
- beowulf*)
- __package_apt certbot
- ;;
*)
echo "Unsupported OS version: $os_version" >&2
exit 1
diff --git a/cdist/conf/type/__line/explorer/state b/cdist/conf/type/__line/explorer/state
index e8fc3630..2ef252c8 100755
--- a/cdist/conf/type/__line/explorer/state
+++ b/cdist/conf/type/__line/explorer/state
@@ -1,7 +1,6 @@
#!/bin/sh -e
#
# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -19,14 +18,6 @@
# along with cdist. If not, see .
#
-if [ -f "$__object/parameter/file" ]; then
- file=$(cat "$__object/parameter/file")
-else
- file="/$__object_id"
-fi
-
-[ -f "$file" ] || exit 0
-
if [ -f "$__object/parameter/before" ]; then
position="before"
elif [ -f "$__object/parameter/after" ]; then
@@ -42,56 +33,63 @@ else
needle="line"
fi
+if [ -f "$__object/parameter/file" ]; then
+ file="$(cat "$__object/parameter/file")"
+else
+ file="/$__object_id"
+fi
+
+if [ ! -f "$file" ]; then
+ echo "file_missing"
+ exit 0
+fi
+
awk -v position="$position" -v needle="$needle" '
function _find(_text, _pattern) {
if (needle == "regex") {
return match(_text, _pattern)
} else {
- return index(_text, _pattern) == 1
+ return index(_text, _pattern)
}
}
BEGIN {
getline anchor < (ENVIRON["__object"] "/parameter/" position)
getline pattern < (ENVIRON["__object"] "/parameter/" needle)
-
- found_line = 0
- correct_pos = (position != "after" && position != "before")
+ state = "absent"
}
{
if (position == "after") {
if (match($0, anchor)) {
getline
if (_find($0, pattern)) {
- found_line++
- correct_pos = 1
- exit 0
+ state = "present"
}
- } else if (_find($0, pattern)) {
- found_line++
+ else {
+ state = "wrongposition"
+ }
+ exit 0
}
- } else if (position == "before") {
+ }
+ else if (position == "before") {
if (_find($0, pattern)) {
- found_line++
getline
if (match($0, anchor)) {
- correct_pos = 1
- exit 0
+ state = "present"
}
+ else {
+ state = "wrongposition"
+ }
+ exit 0
}
- } else {
+ }
+ else {
if (_find($0, pattern)) {
- found_line++
+ state = "present"
exit 0
}
}
}
END {
- if (found_line && correct_pos) {
- print "present"
- } else if (found_line) {
- print "wrongposition"
- } else {
- print "absent"
- }
+ print state
}
' "$file"
diff --git a/cdist/conf/type/__line/gencode-remote b/cdist/conf/type/__line/gencode-remote
index 88cae68b..03e90c1b 100755
--- a/cdist/conf/type/__line/gencode-remote
+++ b/cdist/conf/type/__line/gencode-remote
@@ -1,7 +1,6 @@
#!/bin/sh -e
#
# 2018 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -24,20 +23,9 @@ if [ -f "$__object/parameter/before" ] && [ -f "$__object/parameter/after" ]; th
exit 1
fi
-if [ -f "$__object/parameter/file" ]; then
- file="$(cat "$__object/parameter/file")"
-else
- file="/$__object_id"
-fi
-
state_should="$(cat "$__object/parameter/state")"
state_is="$(cat "$__object/explorer/state")"
-if [ -z "$state_is" ]; then
- printf 'The file "%s" is missing. Please create it before using %s on it.\n' "$file" "${__type##*/}" >&2
- exit 1
-fi
-
if [ "$state_should" = "$state_is" ]; then
# nothing to do
exit 0
@@ -58,6 +46,12 @@ else
needle="line"
fi
+if [ -f "$__object/parameter/file" ]; then
+ file="$(cat "$__object/parameter/file")"
+else
+ file="/$__object_id"
+fi
+
add=0
remove=0
case "$state_should" in
@@ -110,12 +104,10 @@ BEGIN {
if (anchor && match(\$0, anchor)) {
if (position == "before") {
print line
- add = 0
print
} else if (position == "after") {
print
print line
- add = 0
}
next
}
@@ -123,7 +115,7 @@ BEGIN {
print
}
END {
- if (add) {
+ if (add && position == "end") {
print line
}
}
diff --git a/cdist/conf/type/__motd/gencode-remote b/cdist/conf/type/__motd/gencode-remote
index 738ea834..bc842cc8 100755
--- a/cdist/conf/type/__motd/gencode-remote
+++ b/cdist/conf/type/__motd/gencode-remote
@@ -29,18 +29,7 @@ case "$os" in
echo "uname -snrvm > /var/run/motd"
echo "cat /etc/motd.tail >> /var/run/motd"
;;
- freebsd)
- # FreeBSD only updates /etc/motd on boot,
- # as seen in /etc/rc.d/motd
- echo "uname -sri > /etc/motd"
- echo "cat /etc/motd.template >> /etc/motd"
- # FreeBSD 13 starts treating motd slightly different from previous
- # versions this ensures hosts have the expected config.
- echo "rm /etc/motd.template || true"
- echo "service motd start"
- ;;
*)
- # Other OS tend to treat /etc/motd statically
exit 0
;;
esac
diff --git a/cdist/conf/type/__motd/man.rst b/cdist/conf/type/__motd/man.rst
index a567dc80..17369684 100644
--- a/cdist/conf/type/__motd/man.rst
+++ b/cdist/conf/type/__motd/man.rst
@@ -10,13 +10,6 @@ DESCRIPTION
-----------
This cdist type allows you to easily setup /etc/motd.
-.. note::
- In some OS, motd is a bit special, check `motd(5)`.
- Currently Debian, Devuan, Ubuntu and FreeBSD are taken into account.
- If your OS of choice does something besides /etc/motd, check the source
- and contribute support for it.
- Otherwise it will likely just work.
-
REQUIRED PARAMETERS
-------------------
@@ -27,7 +20,6 @@ OPTIONAL PARAMETERS
-------------------
source
If supplied, copy this file from the host running cdist to the target.
- If source is '-' (dash), take what was written to stdin as the file content.
If not supplied, a default message will be placed onto the target.
@@ -42,15 +34,6 @@ EXAMPLES
# Supply source file from a different type
__motd --source "$__type/files/my-motd"
- # Supply source from stdin
- __motd --source "-" <
COPYING
-------
-Copyright \(C) 2020 Nico Schottelius. You can redistribute it
+Copyright \(C) 2011 Nico Schottelius. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
diff --git a/cdist/conf/type/__motd/manifest b/cdist/conf/type/__motd/manifest
index ded734d7..cd741cf4 100755
--- a/cdist/conf/type/__motd/manifest
+++ b/cdist/conf/type/__motd/manifest
@@ -34,17 +34,9 @@ os=$(cat "$__global/explorer/os")
case "$os" in
debian|ubuntu|devuan)
- # Debian-based systems use /etc/motd.tail as a template
destination=/etc/motd.tail
;;
- freebsd)
- # FreeBSD uses motd.template to prepend system information on boot
- # (this actually only applies starting with version 13,
- # but we fix that for whatever version in gencode-remote)
- destination=/etc/motd.template
- ;;
*)
- # Most UNIX systems, including other Linux and OpenBSD just use /etc/motd
destination=/etc/motd
;;
esac
diff --git a/cdist/conf/type/__mysql_database/explorer/state b/cdist/conf/type/__mysql_database/explorer/state
deleted file mode 100755
index 79858695..00000000
--- a/cdist/conf/type/__mysql_database/explorer/state
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-if [ -f "$__object/parameter/name" ]
-then
- name="$( cat "$__object/parameter/name" )"
-else
- name="$__object_id"
-fi
-
-if [ -n "$( mysql -B -N -e "show databases like '$name'" )" ]
-then
- echo 'present'
-else
- echo 'absent'
-fi
diff --git a/cdist/conf/type/__mysql_database/gencode-remote b/cdist/conf/type/__mysql_database/gencode-remote
index 1bdb2b11..23e51b05 100755
--- a/cdist/conf/type/__mysql_database/gencode-remote
+++ b/cdist/conf/type/__mysql_database/gencode-remote
@@ -1,6 +1,6 @@
#!/bin/sh -e
#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
+# 2012 Benedikt Koeppel (code@benediktkoeppel.ch)
#
# This file is part of cdist.
#
@@ -17,30 +17,38 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
+#
-state_is="$( cat "$__object/explorer/state" )"
-
-state_should="$( cat "$__object/parameter/state" )"
-
-if [ "$state_is" = "$state_should" ]
-then
- exit 0
+# if --database was specified
+if [ -f "$__object/parameter/name" ]; then
+ database="$(cat "$__object/parameter/name")"
+else # otherwise use the object id as database name
+ database="$__object_id"
fi
-if [ -f "$__object/parameter/name" ]
-then
- name="$( cat "$__object/parameter/name" )"
-else
- name="$__object_id"
-fi
+cat <<-EOFF
+mysql -u root <<-EOF
+ CREATE DATABASE IF NOT EXISTS $database
+EOF
+EOFF
-case "$state_should" in
- present)
- echo "mysql -e 'create database \`$name\`'"
- echo "create database $name" >> "$__messages_out"
- ;;
- absent)
- echo "mysql -e 'drop database \`$name\`'"
- echo "drop database $name" >> "$__messages_out"
- ;;
-esac
+# if --user was specified
+if [ -f "$__object/parameter/user" ]; then
+ user="$(cat "$__object/parameter/user")"
+
+ # if --password was specified
+ if [ -f "$__object/parameter/password" ]; then
+ password="$(cat "$__object/parameter/password")"
+ cat <<-EOFF
+ mysql -u root <<-EOF
+ GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost' IDENTIFIED BY '$password';
+EOF
+EOFF
+ else
+ cat <<-EOFF
+ mysql -u root <<-EOF
+ GRANT ALL PRIVILEGES ON $database.* to '$user'@'localhost';
+EOF
+EOFF
+ fi
+fi
diff --git a/cdist/conf/type/__mysql_database/man.rst b/cdist/conf/type/__mysql_database/man.rst
index b3b56b5f..1e245a08 100644
--- a/cdist/conf/type/__mysql_database/man.rst
+++ b/cdist/conf/type/__mysql_database/man.rst
@@ -8,24 +8,24 @@ cdist-type__mysql_database - Manage a MySQL database
DESCRIPTION
-----------
+This cdist type allows you to install a MySQL database.
-Create MySQL database and optionally user with all privileges.
+REQUIRED PARAMETERS
+-------------------
+None.
OPTIONAL PARAMETERS
-------------------
name
- Name of database. Defaults to object id.
+ The name of the database to install
+ defaults to the object id
user
- Create user and give all privileges to database.
+ A user that should have access to the database
password
- Password for user.
-
-state
- Defaults to present.
- If absent and user is also set, both will be removed (with privileges).
+ The password for the user who manages the database
EXAMPLES
@@ -33,23 +33,17 @@ EXAMPLES
.. code-block:: sh
- # just create database
- __mysql_database foo
-
- # create database with respective user with all privileges to database
- __mysql_database bar \
- --user name \
- --password secret
+ __mysql_database "cdist" --name "cdist" --user "myuser" --password "mypwd"
AUTHORS
-------
-Ander Punnar
+Benedikt Koeppel
COPYING
-------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
+Copyright \(C) 2012 Benedikt Koeppel. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
diff --git a/cdist/conf/type/__mysql_database/manifest b/cdist/conf/type/__mysql_database/manifest
deleted file mode 100755
index a3c9ed5d..00000000
--- a/cdist/conf/type/__mysql_database/manifest
+++ /dev/null
@@ -1,52 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-if [ -f "$__object/parameter/user" ]
-then
- user="$( cat "$__object/parameter/user" )"
-fi
-
-if [ -f "$__object/parameter/password" ]
-then
- password="$( cat "$__object/parameter/password" )"
-fi
-
-if [ -n "$user" ] && [ -n "$password" ]
-then
- if [ -f "$__object/parameter/name" ]
- then
- database="$( cat "$__object/parameter/name" )"
- else
- database="$__object_id"
- fi
-
- state_should="$( cat "$__object/parameter/state" )"
-
- __mysql_user "$user" \
- --password "$password" \
- --state "$state_should"
-
- # removing user should remove all user's privileges
- require="__mysql_user/$user" \
- __mysql_privileges "$database/$user" \
- --database "$database" \
- --user "$user" \
- --state "$state_should"
-fi
diff --git a/cdist/conf/type/__mysql_database/parameter/default/state b/cdist/conf/type/__mysql_database/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__mysql_database/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__mysql_database/parameter/optional b/cdist/conf/type/__mysql_database/parameter/optional
index 6c0b1e85..756afee7 100644
--- a/cdist/conf/type/__mysql_database/parameter/optional
+++ b/cdist/conf/type/__mysql_database/parameter/optional
@@ -1,4 +1,3 @@
name
user
password
-state
diff --git a/cdist/conf/type/__mysql_privileges/explorer/state b/cdist/conf/type/__mysql_privileges/explorer/state
deleted file mode 100755
index 4f13a70c..00000000
--- a/cdist/conf/type/__mysql_privileges/explorer/state
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-privileges="$( cat "$__object/parameter/privileges" )"
-
-database="$( cat "$__object/parameter/database" )"
-
-table="$( cat "$__object/parameter/table" )"
-
-user="$( cat "$__object/parameter/user" )"
-
-host="$( cat "$__object/parameter/host" )"
-
-check_privileges="$(
- mysql -B -N -e "show grants for '$user'@'$host'" \
- | grep -Ei "^grant $privileges on .$database.\..?$table.? to " || true )"
-
-if [ -n "$check_privileges" ]
-then
- echo 'present'
-else
- echo 'absent'
-fi
diff --git a/cdist/conf/type/__mysql_privileges/gencode-remote b/cdist/conf/type/__mysql_privileges/gencode-remote
deleted file mode 100755
index 0656699f..00000000
--- a/cdist/conf/type/__mysql_privileges/gencode-remote
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-state_is="$( cat "$__object/explorer/state" )"
-
-state_should="$( cat "$__object/parameter/state" )"
-
-if [ "$state_is" = "$state_should" ]
-then
- exit 0
-fi
-
-privileges="$( cat "$__object/parameter/privileges" )"
-
-database="$( cat "$__object/parameter/database" )"
-
-table="$( cat "$__object/parameter/table" )"
-
-user="$( cat "$__object/parameter/user" )"
-
-host="$( cat "$__object/parameter/host" )"
-
-if [ "$table" != '*' ]
-then
- # shellcheck disable=SC2016
- table="$( printf '`%s`' "$table" )"
-fi
-
-case "$state_should" in
- present)
- echo "mysql -e 'grant $privileges on \`$database\`.$table to \`$user\`@\`$host\`'"
- echo "grant $privileges on $database.$table to $user@$host" >> "$__messages_out"
- ;;
- absent)
- echo "mysql -e 'revoke $privileges on \`$database\`.$table from \`$user\`@\`$host\`'"
- echo "revoke $privileges on $database.$table from $user@$host" >> "$__messages_out"
- ;;
-esac
diff --git a/cdist/conf/type/__mysql_privileges/man.rst b/cdist/conf/type/__mysql_privileges/man.rst
deleted file mode 100644
index b72c9eba..00000000
--- a/cdist/conf/type/__mysql_privileges/man.rst
+++ /dev/null
@@ -1,57 +0,0 @@
-cdist-type__mysql_privileges(7)
-===============================
-
-NAME
-----
-cdist-type__mysql_privileges - Manage MySQL privileges
-
-
-DESCRIPTION
------------
-
-Grant and revoke privileges of MySQL user.
-
-
-REQUIRED PARAMETERS
--------------------
-database
- Name of database.
-
-user
- Name of user.
-
-
-OPTIONAL PARAMETERS
--------------------
-privileges
- Defaults to "all".
-
-table
- Defaults to "*".
-
-host
- Defaults to localhost.
-
-state
- "present" grants and "absent" revokes. Defaults to present.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- __mysql_privileges user-to-db --database db --user user
-
-
-AUTHORS
--------
-Ander Punnar
-
-
-COPYING
--------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/host b/cdist/conf/type/__mysql_privileges/parameter/default/host
deleted file mode 100644
index 2fbb50c4..00000000
--- a/cdist/conf/type/__mysql_privileges/parameter/default/host
+++ /dev/null
@@ -1 +0,0 @@
-localhost
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/privileges b/cdist/conf/type/__mysql_privileges/parameter/default/privileges
deleted file mode 100644
index 5472efad..00000000
--- a/cdist/conf/type/__mysql_privileges/parameter/default/privileges
+++ /dev/null
@@ -1 +0,0 @@
-all privileges
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/state b/cdist/conf/type/__mysql_privileges/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__mysql_privileges/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__mysql_privileges/parameter/default/table b/cdist/conf/type/__mysql_privileges/parameter/default/table
deleted file mode 100644
index 72e8ffc0..00000000
--- a/cdist/conf/type/__mysql_privileges/parameter/default/table
+++ /dev/null
@@ -1 +0,0 @@
-*
diff --git a/cdist/conf/type/__mysql_privileges/parameter/optional b/cdist/conf/type/__mysql_privileges/parameter/optional
deleted file mode 100644
index d4ed5bc5..00000000
--- a/cdist/conf/type/__mysql_privileges/parameter/optional
+++ /dev/null
@@ -1,4 +0,0 @@
-privileges
-table
-host
-state
diff --git a/cdist/conf/type/__mysql_privileges/parameter/required b/cdist/conf/type/__mysql_privileges/parameter/required
deleted file mode 100644
index 152b4a1e..00000000
--- a/cdist/conf/type/__mysql_privileges/parameter/required
+++ /dev/null
@@ -1,2 +0,0 @@
-database
-user
diff --git a/cdist/conf/type/__mysql_user/explorer/state b/cdist/conf/type/__mysql_user/explorer/state
deleted file mode 100755
index 6817ee9d..00000000
--- a/cdist/conf/type/__mysql_user/explorer/state
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-if [ -f "$__object/parameter/name" ]
-then
- name="$( cat "$__object/parameter/name" )"
-else
- name="$__object_id"
-fi
-
-if [ -f "$__object/parameter/password" ]
-then
- password="$( cat "$__object/parameter/password" )"
-else
- password=''
-fi
-
-host="$( cat "$__object/parameter/host" )"
-
-check_user="$( mysql -B -N -e "select user from mysql.user where user = '$name' and host = '$host'" )"
-
-if [ -n "$check_user" ]
-then
- if [ -n "$password" ]
- then
- check_password="$( mysql -B -N -e "select user from mysql.user where user = '$name' and host = '$host' and password = password( '$password' )" )"
- fi
-
- if [ -n "$password" ] && [ -z "$check_password" ]
- then
- echo 'change-password'
- else
- echo 'present'
- fi
-else
- echo 'absent'
-fi
diff --git a/cdist/conf/type/__mysql_user/gencode-remote b/cdist/conf/type/__mysql_user/gencode-remote
deleted file mode 100755
index 5f13bc87..00000000
--- a/cdist/conf/type/__mysql_user/gencode-remote
+++ /dev/null
@@ -1,68 +0,0 @@
-#!/bin/sh -e
-#
-# 2020 Ander Punnar (ander-at-kvlt-dot-ee)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-state_is="$( cat "$__object/explorer/state" )"
-
-state_should="$( cat "$__object/parameter/state" )"
-
-if [ "$state_is" = "$state_should" ]
-then
- exit 0
-fi
-
-if [ -f "$__object/parameter/name" ]
-then
- name="$( cat "$__object/parameter/name" )"
-else
- name="$__object_id"
-fi
-
-host="$( cat "$__object/parameter/host" )"
-
-if [ -f "$__object/parameter/password" ]
-then
- password="$( cat "$__object/parameter/password" )"
-else
- if [ "$state_should" = 'present' ]
- then
- echo '--password needed' >&2
- exit 1
- else
- password=''
- fi
-fi
-
-if [ "$state_is" = 'absent' ] && [ "$state_should" = 'present' ]
-then
- echo "mysql -e 'create user \`$name\`@\`$host\` identified by \"$password\"'"
- echo "create user $name@$host" >> "$__messages_out"
-
-elif [ "$state_is" != 'absent' ] && [ "$state_should" = 'absent' ]
-then
- echo "mysql -e 'drop user \`$name\`@\`$host\`'"
- echo "drop user $name@$host" >> "$__messages_out"
-
-elif [ "$state_is" = 'change-password' ]
-then
- # this only works with MySQL 5.7.6 and later or MariaDB 10.1.20 and later
- echo "mysql -e 'alter user \`$name\`@\`$host\` identified by \"$password\"'"
- echo "mysql -e 'flush privileges'"
- echo "change password $name@$host" >> "$__messages_out"
-fi
diff --git a/cdist/conf/type/__mysql_user/man.rst b/cdist/conf/type/__mysql_user/man.rst
deleted file mode 100644
index c2b222d5..00000000
--- a/cdist/conf/type/__mysql_user/man.rst
+++ /dev/null
@@ -1,48 +0,0 @@
-cdist-type__mysql_user(7)
-=========================
-
-NAME
-----
-cdist-type__mysql_user - Manage a MySQL user
-
-
-DESCRIPTION
------------
-
-Create MySQL user or change password for the user.
-
-
-OPTIONAL PARAMETERS
--------------------
-name
- Name of user. Defaults to object id.
-
-host
- Host of user. Defaults to localhost.
-
-password
- Password of user.
-
-state
- Defaults to present.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- __mysql_user user --password secret
-
-
-AUTHORS
--------
-Ander Punnar
-
-
-COPYING
--------
-Copyright \(C) 2020 Ander Punnar. You can redistribute it and/or modify it
-under the terms of the GNU General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
diff --git a/cdist/conf/type/__mysql_user/parameter/default/host b/cdist/conf/type/__mysql_user/parameter/default/host
deleted file mode 100644
index 2fbb50c4..00000000
--- a/cdist/conf/type/__mysql_user/parameter/default/host
+++ /dev/null
@@ -1 +0,0 @@
-localhost
diff --git a/cdist/conf/type/__mysql_user/parameter/default/state b/cdist/conf/type/__mysql_user/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__mysql_user/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__mysql_user/parameter/optional b/cdist/conf/type/__mysql_user/parameter/optional
deleted file mode 100644
index a286266c..00000000
--- a/cdist/conf/type/__mysql_user/parameter/optional
+++ /dev/null
@@ -1,4 +0,0 @@
-name
-host
-password
-state
diff --git a/cdist/conf/type/__openldap_server/gencode-remote b/cdist/conf/type/__openldap_server/gencode-remote
deleted file mode 100644
index b1e98f8c..00000000
--- a/cdist/conf/type/__openldap_server/gencode-remote
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-manager_dn=$(cat "${__object}/parameter/manager-dn")
-manager_password=$(cat "${__object}/parameter/manager-password")
-description=$(cat "${__object}/parameter/description")
-suffix=$(cat "${__object}/parameter/suffix")
-suffix_dc=$(printf "%s" "${suffix}" | awk -F',' '{print $1}' | awk -F'=' '{print $2}')
-
-SLAPD_IPC=$(tr '\n' ' ' < "${__object}/parameter/slapd-url" | awk '{ print $1}')
-
-cat <&1 > /dev/null; then
- # Already exists, use ldapmodify
- ldapmodify -xZ -D "${manager_dn}" -w "${manager_password}" -H '${SLAPD_IPC}' <
-Evilham
-
-
-COPYING
--------
-Copyright \(C) 2020 ungleich glarus ag. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__openldap_server/manifest b/cdist/conf/type/__openldap_server/manifest
deleted file mode 100644
index 84ba176f..00000000
--- a/cdist/conf/type/__openldap_server/manifest
+++ /dev/null
@@ -1,267 +0,0 @@
-#!/bin/sh
-
-name="${__target_host}"
-manager_dn=$(cat "${__object}/parameter/manager-dn")
-manager_password_hash=$(cat "${__object}/parameter/manager-password-hash")
-serverid=$(cat "${__object}/parameter/serverid")
-suffix=$(cat "${__object}/parameter/suffix")
-slapd_modules=$(cat "${__object}/parameter/module" 2>/dev/null || true)
-schemas=$(cat "${__object}/parameter/schema")
-slapd_urls=$(tr '\n' ' ' < "${__object}/parameter/slapd-url")
-tls_cipher_suite=$(cat "${__object}/parameter/tls-cipher-suite" 2>/dev/null || true)
-extra_config=$(cat "${__object}/parameter/extra-config" || true)
-
-
-os="$(cat "${__global}/explorer/os")"
-
-# Setup OS-dependent vars
-CONF_OWNER="root"
-CONF_GROUP="root"
-case "${os}" in
- freebsd)
- PKGS="openldap-server"
- ETC="/usr/local/etc"
- SLAPD_DIR="/usr/local/etc/openldap"
- SLAPD_DATA_DIR="/var/db/openldap-data"
- SLAPD_RUN_DIR="/var/run/openldap"
- SLAPD_MODULE_PATH="/usr/local/libexec/openldap"
- if [ -z "${slapd_modules}" ]; then
- # It looks like ppolicy and syncprov must be compiled
- slapd_modules="back_mdb back_monitor"
- fi
- CONF_OWNER="ldap"
- CONF_GROUP="ldap"
- if [ -z "${tls_cipher_suite}" ]; then
- # TODO: research default for FreeBSD. 'NORMAL' appears to not work
- tls_cipher_suite="HIGH:MEDIUM:+SSLv2"
- fi
- ;;
- debian|ubuntu|devuan)
- PKGS="slapd ldap-utils"
- ETC="/etc"
- SLAPD_DIR="/etc/ldap"
- SLAPD_DATA_DIR="/var/lib/ldap"
- SLAPD_RUN_DIR="/var/run/slapd"
- SLAPD_MODULE_PATH="/usr/lib/ldap"
- if [ -z "${slapd_modules}" ]; then
- slapd_modules="back_mdb ppolicy syncprov back_monitor"
- fi
- if [ -z "${tls_cipher_suite}" ]; then
- tls_cipher_suite="NORMAL"
- fi
- ;;
- *)
- echo "Don't know the openldap defaults for: $os" >&2
- exit 1
- ;;
-esac
-
-PKG_MAIN=$(echo "${PKGS}" | awk '{print $1;}')
-
-
-# Determine if __letsencrypt_cert is to be used and setup vars accordingly
-if [ -f "${__object}/parameter/tls-cert" ]; then
- tls_cert=$(cat "${__object}/parameter/tls-cert")
-
- if [ ! -f "${__object}/parameter/tls-privkey" ]; then
- echo "When tls-cert is defined, tls-privkey is also required." >&2
- exit 1
- fi
- tls_privkey=$(cat "${__object}/parameter/tls-privkey")
-
- if [ ! -f "${__object}/parameter/tls-ca" ]; then
- echo "When tls-cert is defined, tls-ca is also required." >&2
- exit 1
- fi
- tls_ca=$(cat "${__object}/parameter/tls-ca")
-
- _skip_letsencrypt_cert="YES"
-else
- if [ ! -f "${__object}/parameter/admin-email" ]; then
- echo "When using __letsencrypt_cert, admin-email is also required." >&2
- exit 1
- fi
- admin_email=$(cat "${__object}/parameter/admin-email")
-
- tls_cert="${SLAPD_DIR}/sasl2/cert.pem"
- tls_privkey="${SLAPD_DIR}/sasl2/privkey.pem"
- tls_ca="${SLAPD_DIR}/sasl2/chain.pem"
-fi
-
-mkdir "${__object}/files"
-ldapconf="${__object}/files/ldapconf"
-
-replication=""
-if [ -f "${__object}/parameter/replicate" ]; then
- replication=yes
-
- if [ ! -f "${__object}/parameter/syncrepl-searchbase" ]; then
- echo "Requiring the searchbase for replication" >&2
- exit 1
- fi
- syncrepl_searchbase=$(cat "${__object}/parameter/syncrepl-searchbase")
-
- if [ ! -f "${__object}/parameter/syncrepl-credentials" ]; then
- echo "Requiring credentials for replication" >&2
- exit 1
- fi
-
- syncrepl_credentials=$(cat "${__object}/parameter/syncrepl-credentials")
-
- if [ ! -f "${__object}/parameter/syncrepl-host" ]; then
- echo "Requiring host(s) for replication" >&2
- exit 1
- fi
- syncrepl_hosts=$(cat "${__object}/parameter/syncrepl-host")
-
-fi
-
-# Install required packages
-for pkg in ${PKGS}; do
- __package "${pkg}"
-done
-
-
-require="__package/${PKG_MAIN}" __start_on_boot slapd
-
-# Setup -h flag for the listeners. See man slapd (-h flag).
-case "${os}" in
- freebsd)
- require="__start_on_boot/slapd" __key_value \
- --file "/etc/rc.conf" \
- --key "slapd_flags" \
- --value "\"-h '${slapd_urls}'\"" \
- --delimiter "=" \
- --comment "# LDAP Listener URLs" \
- "${__target_host}__slapd_flags"
- ;;
- debian|ubuntu|devuan)
- require="__package/${PKG_MAIN}" __line rm_slapd_conf \
- --file ${ETC}/default/slapd \
- --regex 'SLAPD_CONF=.*' \
- --state absent
-
- require="__package/${PKG_MAIN}" __line rm_slapd_services \
- --file ${ETC}/default/slapd \
- --regex 'SLAPD_SERVICES=.*' \
- --state absent
-
- require="__line/rm_slapd_conf" __line add_slapd_conf \
- --file ${ETC}/default/slapd \
- --line "SLAPD_CONF=${SLAPD_DIR}/slapd.conf" \
- --state present
-
- require="__line/rm_slapd_services" __line add_slapd_services \
- --file ${ETC}/default/slapd \
- --line "SLAPD_SERVICES=\"${slapd_urls}\"" \
- --state present
- ;;
- *)
- # Nothing to do here, move on.
- ;;
-esac
-
-
-if [ -z "${_skip_letsencrypt_cert}" ]; then
- if [ -f "${__object}/parameter/staging" ]; then
- staging="--staging"
- else
- staging=""
- fi
-
- # shellcheck disable=SC2086
- __letsencrypt_cert "${name}" --admin-email "${admin_email}" \
- --renew-hook "cp ${ETC}/letsencrypt/live/${name}/*.pem ${SLAPD_DIR}/sasl2 && chown -R openldap:openldap ${SLAPD_DIR}/sasl2 && service slapd restart" \
- --automatic-renewal ${staging}
-fi
-
-require="__package/${PKG_MAIN}" __directory ${SLAPD_DIR}/slapd.d --state absent
-
-if [ -z "${_skip_letsencrypt_cert}" ]; then
- require="__package/${PKG_MAIN} __letsencrypt_cert/${name}" \
- __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \
- --source "${ldapconf}"
-else
- require="__package/${PKG_MAIN}" \
- __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \
- --source "${ldapconf}"
-fi
-
-# Start slapd.conf
-cat << EOF > "${ldapconf}"
-pidfile ${SLAPD_RUN_DIR}/slapd.pid
-argsfile ${SLAPD_RUN_DIR}/slapd.args
-
-TLSCipherSuite ${tls_cipher_suite}
-TLSCertificateFile ${tls_cert}
-TLSCertificateKeyFile ${tls_privkey}
-TLSCACertificateFile ${tls_ca}
-
-disallow bind_anon
-require bind
-security tls=1
-EOF
-
-# Add specified schemas
-for schema in ${schemas}; do
- echo "include ${SLAPD_DIR}/schema/${schema}.schema" >> "${ldapconf}"
-done
-
-# Add specified modules
-echo "modulepath ${SLAPD_MODULE_PATH}" >> "${ldapconf}"
-for module in ${slapd_modules}; do
- echo "moduleload ${module}.la" >> "${ldapconf}"
-done
-
-# Rest of the config
-cat << EOF >> "${ldapconf}"
-loglevel 1024
-
-database mdb
-maxsize 1073741824
-
-suffix "${suffix}"
-directory ${SLAPD_DATA_DIR}
-rootdn "${manager_dn}"
-rootpw "${manager_password_hash}"
-
-index objectClass eq,pres
-index ou,cn,mail,surname,givenname eq,pres,sub
-index uidNumber,gidNumber,loginShell eq,pres
-index uid,memberUid eq,pres,sub
-index nisMapName,nisMapEntry eq,pres,sub
-index entryCSN,entryUUID eq
-
-${extra_config}
-
-serverid ${serverid}
-EOF
-
-# Setup replication
-if [ "${replication}" ]; then
- rid=1;
- for syncrepl in ${syncrepl_hosts}; do
- cat <> "${ldapconf}"
-syncrepl rid=${rid}
- provider=ldap://${syncrepl}
- bindmethod=simple
- starttls=yes
- binddn="${manager_dn}"
- credentials=${syncrepl_credentials}
- searchbase="${syncrepl_searchbase}"
- type=refreshAndPersist
- retry="5 + 5 +"
- interval=00:00:00:05
-EOF
- rid=$((rid + 1))
- done
- cat <> "${ldapconf}"
-mirrormode true
-overlay syncprov
-syncprov-checkpoint 100 5
-syncprov-sessionlog 100
-
-database monitor
-limits dn.exact="${manager_dn}" time=unlimited size=unlimited
-EOF
-fi
diff --git a/cdist/conf/type/__openldap_server/parameter/boolean b/cdist/conf/type/__openldap_server/parameter/boolean
deleted file mode 100644
index 45056fe9..00000000
--- a/cdist/conf/type/__openldap_server/parameter/boolean
+++ /dev/null
@@ -1,2 +0,0 @@
-staging
-replicate
diff --git a/cdist/conf/type/__openldap_server/parameter/default/description b/cdist/conf/type/__openldap_server/parameter/default/description
deleted file mode 100644
index 6d8e37e1..00000000
--- a/cdist/conf/type/__openldap_server/parameter/default/description
+++ /dev/null
@@ -1 +0,0 @@
-Managed by cdist, do not edit manually.
diff --git a/cdist/conf/type/__openldap_server/parameter/default/schema b/cdist/conf/type/__openldap_server/parameter/default/schema
deleted file mode 100644
index 825bdb15..00000000
--- a/cdist/conf/type/__openldap_server/parameter/default/schema
+++ /dev/null
@@ -1,12 +0,0 @@
-corba
-core
-cosine
-duaconf
-dyngroup
-inetorgperson
-java
-misc
-nis
-openldap
-ppolicy
-collective
diff --git a/cdist/conf/type/__openldap_server/parameter/optional b/cdist/conf/type/__openldap_server/parameter/optional
deleted file mode 100644
index 71c64659..00000000
--- a/cdist/conf/type/__openldap_server/parameter/optional
+++ /dev/null
@@ -1,9 +0,0 @@
-description
-syncrepl-credentials
-syncrepl-searchbase
-admin-email
-tls-cipher-suite
-tls-cert
-tls-privkey
-tls-ca
-extra-config
diff --git a/cdist/conf/type/__openldap_server/parameter/optional_multiple b/cdist/conf/type/__openldap_server/parameter/optional_multiple
deleted file mode 100644
index 52a83d5c..00000000
--- a/cdist/conf/type/__openldap_server/parameter/optional_multiple
+++ /dev/null
@@ -1,3 +0,0 @@
-syncrepl-host
-module
-schema
diff --git a/cdist/conf/type/__openldap_server/parameter/required b/cdist/conf/type/__openldap_server/parameter/required
deleted file mode 100644
index ff58158d..00000000
--- a/cdist/conf/type/__openldap_server/parameter/required
+++ /dev/null
@@ -1,5 +0,0 @@
-manager-dn
-manager-password
-manager-password-hash
-serverid
-suffix
diff --git a/cdist/conf/type/__openldap_server/parameter/required_multiple b/cdist/conf/type/__openldap_server/parameter/required_multiple
deleted file mode 100644
index 848b8dc2..00000000
--- a/cdist/conf/type/__openldap_server/parameter/required_multiple
+++ /dev/null
@@ -1 +0,0 @@
-slapd-url
\ No newline at end of file
diff --git a/cdist/conf/type/__openldap_server/singleton b/cdist/conf/type/__openldap_server/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__package_apk/explorer/state b/cdist/conf/type/__package_apk/explorer/state
index b477ca7c..29ccf3a5 100755
--- a/cdist/conf/type/__package_apk/explorer/state
+++ b/cdist/conf/type/__package_apk/explorer/state
@@ -27,10 +27,6 @@ else
name="$__object_id"
fi
-# Remove the @.. repo tag for finding out whether it is installed
-# f.i. pass@testing => pass
-name="$(echo "$name" | sed 's/@.*//')"
-
if [ "$(apk list -I "$name")" ]; then
echo present
else
diff --git a/cdist/conf/type/__package_apt/gencode-remote b/cdist/conf/type/__package_apt/gencode-remote
index e02564a2..699eb0c9 100755
--- a/cdist/conf/type/__package_apt/gencode-remote
+++ b/cdist/conf/type/__package_apt/gencode-remote
@@ -74,14 +74,6 @@ fi
case "$state_should" in
present)
- # following is bit ugly, but important hack.
- # due to how cdist config run works, there isn't
- # currently better way to do it :(
- cat << EOF
-if [ ! -f /var/cache/apt/pkgcache.bin ] || [ "\$( stat --format %Y /var/cache/apt/pkgcache.bin )" -lt "\$( date +%s -d '-1 day' )" ]
-then echo apt-get update > /dev/null 2>&1 || true
-fi
-EOF
if [ -n "$version" ]; then
name="${name}=${version}"
fi
diff --git a/cdist/conf/type/__package_apt/man.rst b/cdist/conf/type/__package_apt/man.rst
index a1691eac..a3a70d91 100644
--- a/cdist/conf/type/__package_apt/man.rst
+++ b/cdist/conf/type/__package_apt/man.rst
@@ -11,9 +11,6 @@ DESCRIPTION
apt-get is usually used on Debian and variants (like Ubuntu) to
manage packages.
-This type will also update package index, if it is older
-than one day, to avoid missing package error messages.
-
REQUIRED PARAMETERS
-------------------
diff --git a/cdist/conf/type/__package_update_index/explorer/currage b/cdist/conf/type/__package_update_index/explorer/currage
index 8eadaf53..3539b8e1 100644
--- a/cdist/conf/type/__package_update_index/explorer/currage
+++ b/cdist/conf/type/__package_update_index/explorer/currage
@@ -24,19 +24,16 @@ case "$type" in
if [ -f "/var/cache/apt/pkgcache.bin" ]; then
echo $(($(date +"%s")-$(stat --format '%Y' /var/cache/apt/pkgcache.bin)))
else
- echo -- -1
+ echo 0
fi
;;
pacman)
if [ -d "/var/lib/pacman/sync" ]; then
echo $(($(date +"%s")-$(stat --format '%Y' /var/lib/pacman/sync)))
else
- echo -- -1
+ echo 0
fi
;;
- alpine)
- echo -- -1
- ;;
*) echo "Your specified type ($type) is currently not supported." >&2
echo "Please contribute an implementation for it if you can." >&2
;;
diff --git a/cdist/conf/type/__package_update_index/explorer/type b/cdist/conf/type/__package_update_index/explorer/type
index c98e1e67..35254c5f 100644
--- a/cdist/conf/type/__package_update_index/explorer/type
+++ b/cdist/conf/type/__package_update_index/explorer/type
@@ -26,7 +26,6 @@ else
amazon|scientific|centos|fedora|redhat) echo "yum" ;;
debian|ubuntu|devuan) echo "apt" ;;
archlinux) echo "pacman" ;;
- alpine) echo "apk" ;;
*)
echo "Don't know how to manage packages on: $os" >&2
exit 1
diff --git a/cdist/conf/type/__package_update_index/gencode-remote b/cdist/conf/type/__package_update_index/gencode-remote
index 803468b5..738d38eb 100755
--- a/cdist/conf/type/__package_update_index/gencode-remote
+++ b/cdist/conf/type/__package_update_index/gencode-remote
@@ -31,8 +31,7 @@ if [ -n "$maxage" ]; then
if [ "$type" != "apt" ] && [ "$type" != "pacman" ]; then
echo "ERROR: \"--maxage\" only supported for \"apt\" or \"pacman\" pkg-manager." >&2
exit 1
- # do not exit if no value found (represented as -1)
- elif [ "$currage" -ne -1 ] && [ "$currage" -lt "$maxage" ]; then
+ elif [ "$currage" -lt "$maxage" ]; then
exit 0 # no need to update
fi
fi
@@ -48,10 +47,6 @@ case "$type" in
echo "pacman --noprogressbar --sync --refresh"
echo "pacman package database synced (age was: $currage)" >> "$__messages_out"
;;
- apk)
- echo "apk update"
- echo "apk package database updated." >>"$__messages_out"
- ;;
*)
echo "Don't know how to manage packages for type: $type" >&2
exit 1
diff --git a/cdist/conf/type/__pf_apply/deprecated b/cdist/conf/type/__pf_apply/deprecated
deleted file mode 100644
index 36cfed90..00000000
--- a/cdist/conf/type/__pf_apply/deprecated
+++ /dev/null
@@ -1 +0,0 @@
-Consider moving to __pf_apply_anchor. Get in touch if you need __pf_apply.
diff --git a/cdist/conf/type/__pf_apply_anchor/man.rst b/cdist/conf/type/__pf_apply_anchor/man.rst
deleted file mode 100644
index aef6cdf4..00000000
--- a/cdist/conf/type/__pf_apply_anchor/man.rst
+++ /dev/null
@@ -1,62 +0,0 @@
-cdist-type__pf_apply_anchor(7)
-==============================
-
-NAME
-----
-cdist-type__pf_apply_anchor - Apply a pf(4) anchor on $__target_host
-
-
-DESCRIPTION
------------
-This type is used on \*BSD systems to manage anchors for the pf firewall.
-
-Notice this type does not take care of copying the ruleset, that must be
-done by the user with, e.g. `__file`.
-
-
-OPTIONAL PARAMETERS
--------------------
-anchor_name
- The name of the anchor to apply. If not set, `${__object_id}` is used.
- This type requires `/etc/pf.d/${anchor_name}` to exist on
- `$__target_host`.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- # Copy anchor file to ${__target_host}
- __file "/etc/pf.d/80_dns" --source - <
-Kamila Součková
-Jake Guffey
-
-
-COPYING
--------
-Copyright \(C) 2020 Evilham.
-Copyright \(C) 2016 Kamila Součková.
-Copyright \(C) 2012 Jake Guffey. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__pf_apply_anchor/parameter/optional b/cdist/conf/type/__pf_apply_anchor/parameter/optional
deleted file mode 100644
index b9f61e28..00000000
--- a/cdist/conf/type/__pf_apply_anchor/parameter/optional
+++ /dev/null
@@ -1 +0,0 @@
-anchor_name
diff --git a/cdist/conf/type/__pf_rdr/manifest b/cdist/conf/type/__pf_rdr/manifest
deleted file mode 100644
index 39ab4470..00000000
--- a/cdist/conf/type/__pf_rdr/manifest
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh -e
-#
-# 2016 Kamila Součková (coding at kamila.is)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-# TODO it would be cool to print a warning if a generated anchor is unused in pf.conf
-
-ANCHORS_DIR=/etc/pf.d
-
-proto="$(cat "${__object}/parameter/proto")"
-from="$(cat "${__object}/parameter/from")"
-to="$(cat "${__object}/parameter/to")"
-state="$(cat "${__object}/parameter/state")"
-
-# This breaks utterly with IPv6
-from="$(echo ${from} | sed 's/:/ port /')"
-to="$(echo ${to} | sed 's/:/ port /')"
-
-anchor_name="$(echo ${__object_id} | cut -d/ -f1)"
-rule="rdr pass log proto ${proto} from any to ${from} -> ${to}"
-
-__directory "${ANCHORS_DIR}" --parents
-
-require="__directory/${ANCHORS_DIR}" \
-__line __pf_rdr/${__object_id} --state ${state} --line "${rule}" --file ${ANCHORS_DIR}/${anchor_name}
diff --git a/cdist/conf/type/__pf_rdr/parameter/default/proto b/cdist/conf/type/__pf_rdr/parameter/default/proto
deleted file mode 100644
index 28a29e6f..00000000
--- a/cdist/conf/type/__pf_rdr/parameter/default/proto
+++ /dev/null
@@ -1 +0,0 @@
-tcp
diff --git a/cdist/conf/type/__pf_rdr/parameter/default/state b/cdist/conf/type/__pf_rdr/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__pf_rdr/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__pf_rdr/parameter/optional b/cdist/conf/type/__pf_rdr/parameter/optional
deleted file mode 100644
index 09ec92ca..00000000
--- a/cdist/conf/type/__pf_rdr/parameter/optional
+++ /dev/null
@@ -1,2 +0,0 @@
-proto
-state
diff --git a/cdist/conf/type/__pf_rdr/parameter/required b/cdist/conf/type/__pf_rdr/parameter/required
deleted file mode 100644
index 4a568482..00000000
--- a/cdist/conf/type/__pf_rdr/parameter/required
+++ /dev/null
@@ -1,2 +0,0 @@
-from
-to
diff --git a/cdist/conf/type/__pf_apply_anchor/gencode-remote b/cdist/conf/type/__pf_ruleset/explorer/cksum
similarity index 55%
rename from cdist/conf/type/__pf_apply_anchor/gencode-remote
rename to cdist/conf/type/__pf_ruleset/explorer/cksum
index 36c26521..9be6c901 100755
--- a/cdist/conf/type/__pf_apply_anchor/gencode-remote
+++ b/cdist/conf/type/__pf_ruleset/explorer/cksum
@@ -1,6 +1,6 @@
-#!/bin/sh -e
+#!/bin/sh
#
-# 2016 Kamila Součková (coding at kamila.is)
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
@@ -18,16 +18,24 @@
# along with cdist. If not, see .
#
#
-# Apply pf(4) ruleset on *BSD
+# Get the 256 bit SHA2 checksum of the pf ruleset on the target host.
#
-ANCHORS_DIR="/etc/pf.d"
+# Debug
+#exec >&2
+#set -x
-if [ -f "${__object}/parameter/anchor_name" ]; then
- anchor_name="$(cat "${__object}/parameter/anchor_name")"
-else
- anchor_name="${__object_id}"
+# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf
+# See if file exists and if so, get checksum
+
+RC="/etc/rc.conf"
+TMP="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')"
+PFCONF="${TMP:-"/etc/pf.conf"}"
+
+if [ -f "${PFCONF}" ]; then # The pf config file exists, find its cksum.
+ cksum -o 1 "${PFCONF}" | cut -d= -f2 | awk '{print $1}'
fi
-anchor_file="${ANCHORS_DIR}/${anchor_name}"
-echo "pfctl -a \"${anchor_name}\" -f \"${anchor_file}\""
+# Debug
+#set +x
+
diff --git a/cdist/conf/type/__pf_ruleset/gencode-local b/cdist/conf/type/__pf_ruleset/gencode-local
new file mode 100755
index 00000000..11bfb0b1
--- /dev/null
+++ b/cdist/conf/type/__pf_ruleset/gencode-local
@@ -0,0 +1,81 @@
+#!/bin/sh -e
+#
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see .
+#
+#
+# Manage pf(4) on *BSD
+#
+
+# Debug
+#exec >&2
+#set -x
+
+# Send files to $__target_host via $__remote_copy
+
+uname=$(uname) # Need to know what the cdist host is running so we know how to compute the ruleset's checksum
+state=$(cat "$__object/parameter/state")
+
+if [ "$state" = "absent" ]; then # There is nothing more for a *local* script to do
+ exit 0
+fi
+
+if [ -f "$__object/parameter/source" ]; then
+ source=$(cat "$__object/parameter/source")
+fi
+
+rcvar=$(cat "$__object/explorer/rcvar")
+cksum=$(cat "$__object/explorer/cksum")
+
+
+cat <&2
+ exit 1
+ ;;
+esac
+
+# IPv6 fix
+if $(echo "${__target_host}" | grep -q -E '^[0-9a-fA-F:]+$')
+then
+ my_target_host="[${__target_host}]"
+else
+ my_target_host="${__target_host}"
+fi
+
+if [ -n "${cksum}" ]; then
+ if [ ! "\${currentSum}" = "${cksum}" ]; then
+ $__remote_copy "${source}" "\${my_target_host}:${rcvar}.new"
+ fi
+else # File just doesn't exist yet
+ $__remote_copy "${source}" "\${my_target_host}:${rcvar}.new"
+fi
+EOF
+
+# Debug
+#exec +x
+
diff --git a/cdist/conf/type/__xymon_apache/manifest b/cdist/conf/type/__pf_ruleset/gencode-remote
similarity index 53%
rename from cdist/conf/type/__xymon_apache/manifest
rename to cdist/conf/type/__pf_ruleset/gencode-remote
index bfd0af79..12760fdf 100755
--- a/cdist/conf/type/__xymon_apache/manifest
+++ b/cdist/conf/type/__pf_ruleset/gencode-remote
@@ -1,6 +1,6 @@
#!/bin/sh -e
#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
+# 2012 Jake Guffey (jake.guffey at eprotex.com)
#
# This file is part of cdist.
#
@@ -16,27 +16,34 @@
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
+#
+#
+# Manage pf(4) on *BSD
+#
+
+# Debug
+#exec >&2
+#set -x
+
+# Remove ${rcvar} in the case of --state absent
state=$(cat "$__object/parameter/state")
+rcvar=$(cat "$__object/explorer/rcvar")
-os=$(cat "$__global/explorer/os")
-case "$os" in
- debian|ubuntu)
- :
- ;;
- *)
- echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
- ;;
-esac
-
-__package apache2 --state "$state"
-
-## edit xymon.conf IP-ranges
-if [ -f "$__object/parameter/ipacl" ]; then
- require="__package/xymon" __line /etc/apache2/conf-available/xymon.conf \
- --line " Require ip $(cat "$__object/parameter/ipacl")" \
- --after "^[[:space:]]*Require local" \
- --state "present"
+if [ "$state" = "present" ]; then # There is nothing more for a *remote* script to do
+ exit 0
+elif [ "$state" = "absent" ]; then
+ # --state absent, so ensure that .new doesn't exist and that conf is renamed to .old
+ cat <&2
+ exit 1
fi
+
diff --git a/cdist/conf/type/__pf_ruleset/man.rst b/cdist/conf/type/__pf_ruleset/man.rst
index db8873ac..5719e94e 100644
--- a/cdist/conf/type/__pf_ruleset/man.rst
+++ b/cdist/conf/type/__pf_ruleset/man.rst
@@ -10,9 +10,6 @@ DESCRIPTION
-----------
This type is used on \*BSD systems to manage the pf firewall's ruleset.
-It will also enable and disable the pf firewall as requested in the `state`
-parameter.
-
REQUIRED PARAMETERS
-------------------
@@ -23,8 +20,9 @@ state
OPTIONAL PARAMETERS
-------------------
source
- Required when state is "present".
- Defines the ruleset to load onto the $__target_host for `pf(4)`.
+ If supplied, use to define the ruleset to load onto the $__target_host for pf(4).
+ Note that this type is almost useless without a ruleset defined, but it's technically not
+ needed, e.g. for the case of disabling the firewall temporarily.
EXAMPLES
@@ -32,10 +30,10 @@ EXAMPLES
.. code-block:: sh
- # Remove the current ruleset in place and disable pf
+ # Remove the current ruleset in place
__pf_ruleset --state absent
- # Enable pf with the ruleset defined in $__manifest/files/pf.conf
+ # Enable the firewall with the ruleset defined in $__manifest/files/pf.conf
__pf_ruleset --state present --source $__manifest/files/pf.conf
@@ -46,13 +44,11 @@ SEE ALSO
AUTHORS
-------
-Kamila Součková
Jake Guffey
COPYING
-------
-Copyright \(C) 2016 Kamila Součková.
Copyright \(C) 2012 Jake Guffey. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
diff --git a/cdist/conf/type/__pf_ruleset/manifest b/cdist/conf/type/__pf_ruleset/manifest
deleted file mode 100755
index 27b35328..00000000
--- a/cdist/conf/type/__pf_ruleset/manifest
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh -e
-#
-# 2016 Kamila Součková (coding at kamila.is)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-#
-# Manage pf(4) on *BSD
-#
-
-rcvar="$(cat "${__object}/explorer/rcvar")"
-state="$(cat "${__object}/parameter/state")"
-if [ -f "${__object}/parameter/source" ]; then
- source="$(cat "${__object}/parameter/source")"
-fi
-
-if [ "${state}" = "absent" ]; then
- action="/etc/rc.d/pf stop"
-else
- action="/etc/rc.d/pf reload || /etc/rc.d/pf start"
-fi
-
-__key_value __pf_ruleset/rcvar \
- --state "${state}" \
- --file /etc/rc.conf \
- --delimiter "=" \
- --key "pf_enable" \
- --value "YES"
-
-require="__key_value/__pf_ruleset/rcvar" __config_file "${rcvar}" \
- --source "${source}" \
- --state "${state}" \
- --onchange "${action}"
diff --git a/cdist/conf/type/__postfix/manifest b/cdist/conf/type/__postfix/manifest
index 121bba96..1aea53a1 100755
--- a/cdist/conf/type/__postfix/manifest
+++ b/cdist/conf/type/__postfix/manifest
@@ -1,7 +1,6 @@
#!/bin/sh -e
#
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -19,4 +18,16 @@
# along with cdist. If not, see .
#
-__package postfix --state present
+
+os=$(cat "$__global/explorer/os")
+
+case "$os" in
+ ubuntu|debian|archlinux|suse|scientific|centos|devuan)
+ __package postfix --state present
+ ;;
+ *)
+ echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
+ echo "Please contribute an implementation for it if you can." >&2
+ exit 1
+ ;;
+esac
diff --git a/cdist/conf/type/__postfix_postconf/explorer/value b/cdist/conf/type/__postfix_postconf/explorer/value
index 67dacad8..17126c94 100755
--- a/cdist/conf/type/__postfix_postconf/explorer/value
+++ b/cdist/conf/type/__postfix_postconf/explorer/value
@@ -22,7 +22,7 @@
os=$("$__explorer/os")
case "$os" in
- alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
+ ubuntu|debian|archlinux|suse|scientific|centos|devuan)
:
;;
*)
diff --git a/cdist/conf/type/__postfix_postconf/gencode-remote b/cdist/conf/type/__postfix_postconf/gencode-remote
index 279dddd4..6df0da7f 100755
--- a/cdist/conf/type/__postfix_postconf/gencode-remote
+++ b/cdist/conf/type/__postfix_postconf/gencode-remote
@@ -1,7 +1,6 @@
#!/bin/sh -e
#
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -22,7 +21,7 @@
os=$(cat "$__global/explorer/os")
case "$os" in
- alpine|archlinux|centos|debian|devuan|suse|scientific|ubuntu)
+ ubuntu|debian|archlinux|suse|scientific|centos|devuan)
:
;;
*)
diff --git a/cdist/conf/type/__postgres_database/explorer/state b/cdist/conf/type/__postgres_database/explorer/state
index d68d4120..652d81e7 100755
--- a/cdist/conf/type/__postgres_database/explorer/state
+++ b/cdist/conf/type/__postgres_database/explorer/state
@@ -34,7 +34,7 @@ esac
name="$__object_id"
-if test -n "$(su - "$postgres_user" -c "psql postgres -twAc \"SELECT 1 FROM pg_database WHERE datname='$name'\"")"
+if test -n "$(su - "$postgres_user" -c "psql postgres -tAc \"SELECT 1 FROM pg_database WHERE datname='$name'\"")"
then
echo 'present'
else
diff --git a/cdist/conf/type/__postgres_database/gencode-remote b/cdist/conf/type/__postgres_database/gencode-remote
index 0f11cff4..61cfa50d 100755
--- a/cdist/conf/type/__postgres_database/gencode-remote
+++ b/cdist/conf/type/__postgres_database/gencode-remote
@@ -41,37 +41,12 @@ if [ "$state_should" != "$state_is" ]; then
present)
owner=""
if [ -f "$__object/parameter/owner" ]; then
- owner="-O \"$(cat "$__object/parameter/owner")\""
+ owner="-O '$(cat "$__object/parameter/owner")'"
fi
-
- template=""
- if [ -f "$__object/parameter/template" ]; then
- template="--template \"$(cat "$__object/parameter/template")\""
- fi
-
- encoding=""
- if [ -f "$__object/parameter/encoding" ]; then
- encoding="--encoding \"$(cat "$__object/parameter/encoding")\""
- fi
-
- lc_collate=""
- if [ -f "$__object/parameter/lc-collate" ]; then
- lc_collate="--lc-collate \"$(cat "$__object/parameter/lc-collate")\""
- fi
-
- lc_ctype=""
- if [ -f "$__object/parameter/lc-ctype" ]; then
- lc_ctype="--lc-ctype \"$(cat "$__object/parameter/lc-ctype")\""
- fi
-
- cat << EOF
-su - '$postgres_user' -c "createdb $owner \"$name\" $template $encoding $lc_collate $lc_ctype"
-EOF
+ echo "su - '$postgres_user' -c \"createdb $owner '$name'\""
;;
absent)
- cat << EOF
-su - '$postgres_user' -c "dropdb \"$name\""
-EOF
+ echo "su - '$postgres_user' -c \"dropdb '$name'\""
;;
esac
fi
diff --git a/cdist/conf/type/__postgres_database/man.rst b/cdist/conf/type/__postgres_database/man.rst
index 870b4917..acceec9b 100644
--- a/cdist/conf/type/__postgres_database/man.rst
+++ b/cdist/conf/type/__postgres_database/man.rst
@@ -14,22 +14,10 @@ This cdist type allows you to create or drop postgres databases.
OPTIONAL PARAMETERS
-------------------
state
- Either 'present' or 'absent', defaults to 'present'.
+ either 'present' or 'absent', defaults to 'present'.
owner
- Specifies the database user who will own the new database.
-
-encoding
- Specifies the character encoding scheme to be used in this database.
-
-lc-collate
- Specifies the LC_COLLATE setting to be used in this database.
-
-lc-ctype
- Specifies the LC_CTYPE setting to be used in this database.
-
-template
- Specifies the template database from which to build this database.
+ the role owning this database
EXAMPLES
diff --git a/cdist/conf/type/__postgres_database/parameter/optional b/cdist/conf/type/__postgres_database/parameter/optional
index 877fbf32..d86b6469 100644
--- a/cdist/conf/type/__postgres_database/parameter/optional
+++ b/cdist/conf/type/__postgres_database/parameter/optional
@@ -1,6 +1,2 @@
state
owner
-encoding
-lc-collate
-lc-ctype
-template
diff --git a/cdist/conf/type/__postgres_role/explorer/state b/cdist/conf/type/__postgres_role/explorer/state
index c8e1fa9d..5cc71477 100755
--- a/cdist/conf/type/__postgres_role/explorer/state
+++ b/cdist/conf/type/__postgres_role/explorer/state
@@ -34,7 +34,7 @@ esac
name="$__object_id"
-if test -n "$(su - "$postgres_user" -c "psql postgres -twAc \"SELECT 1 FROM pg_roles WHERE rolname='$name'\"")"
+if test -n "$(su - "$postgres_user" -c "psql postgres -tAc \"SELECT 1 FROM pg_roles WHERE rolname='$name'\"")"
then
echo 'present'
else
diff --git a/cdist/conf/type/__postgres_role/gencode-remote b/cdist/conf/type/__postgres_role/gencode-remote
index 282294c9..30d0689c 100755
--- a/cdist/conf/type/__postgres_role/gencode-remote
+++ b/cdist/conf/type/__postgres_role/gencode-remote
@@ -53,13 +53,11 @@ case "$state_should" in
done
[ -n "$password" ] && password="PASSWORD '$password'"
- cat << EOF
-su - '$postgres_user' -c "psql postgres -wc \"CREATE ROLE \\\\\"$name\\\\\" WITH $password $booleans;\""
-EOF
+
+ cmd="CREATE ROLE $name WITH $password $booleans"
+ echo "su - '$postgres_user' -c \"psql postgres -c \\\"$cmd\\\"\""
;;
absent)
- cat << EOF
-su - '$postgres_user' -c "dropuser \"$name\""
-EOF
+ echo "su - '$postgres_user' -c \"dropuser \\\"$name\\\"\""
;;
esac
diff --git a/cdist/conf/type/__prometheus_alertmanager/manifest b/cdist/conf/type/__prometheus_alertmanager/manifest
index cf410c44..8ee818c3 100755
--- a/cdist/conf/type/__prometheus_alertmanager/manifest
+++ b/cdist/conf/type/__prometheus_alertmanager/manifest
@@ -30,7 +30,6 @@ if [ -f "$__object/parameter/install-from-backports" ]; then
*)
echo "--install-from-backports is only supported on Devuan -- ignoring." >&2
echo "Send a pull request if you require it." >&2
- exit 1
;;
esac
else
@@ -61,5 +60,5 @@ require="$require __directory/$storage_path $require_pkg" \
__config_file $CONF \
--source "$config" \
--group prometheus --mode 640 \
- --onchange "service prometheus-alertmanager restart" # TODO when a config-check tool is available, check config here
+ --onchange "service prometheus-alertmanager reload" # TODO when a config-check tool is available, check config here
diff --git a/cdist/conf/type/__prometheus_exporter/manifest b/cdist/conf/type/__prometheus_exporter/manifest
index f3930ac6..b9e14531 100644
--- a/cdist/conf/type/__prometheus_exporter/manifest
+++ b/cdist/conf/type/__prometheus_exporter/manifest
@@ -5,11 +5,9 @@ export GOBIN=/opt/gocode/bin # where to find go binaries
exporter="$(cat "$__object/parameter/exporter")"
[ -z "$exporter" ] && exporter="$__object_id"
-__user prometheus
-require="__user/prometheus" __group prometheus
-require="__group/prometheus" __user_groups prometheus --group prometheus
+__user prometheus --system
-require="__user_groups/prometheus"
+require=""
case $exporter in
node)
TEXTFILES=/service/node-exporter/textfiles # path for the textfiles collector
diff --git a/cdist/conf/type/__prometheus_server/manifest b/cdist/conf/type/__prometheus_server/manifest
index 9756169e..8685130f 100755
--- a/cdist/conf/type/__prometheus_server/manifest
+++ b/cdist/conf/type/__prometheus_server/manifest
@@ -33,13 +33,11 @@ if [ -f "$__object/parameter/install-from-backports" ]; then
*)
echo "--install-from-backports is only supported on Devuan -- ignoring." >&2
echo "Send a pull request if you require it." >&2
- exit 1
;;
esac
else
__package prometheus
- __package prometheus-blackbox-exporter
- require_pkg="__package/prometheus __package/prometheus-blackbox-exporter"
+ require_pkg="__package/prometheus"
fi
##### PREPARE PATHS AND SUCH ################################################
@@ -60,7 +58,7 @@ require="$require __directory/$storage_path $require_pkg" \
__config_file $CONF \
--source "$config" \
--group prometheus --mode 640 \
- --onchange "promtool check config $CONF && service prometheus restart"
+ --onchange "promtool check config $CONF && service prometheus reload"
for file in $rule_files; do
dest=$CONF_DIR/$(basename "$file")
@@ -68,6 +66,6 @@ for file in $rule_files; do
__config_file "$dest" \
--source "$file" \
--owner prometheus \
- --onchange "promtool check rules '$dest' && service prometheus restart"
+ --onchange "promtool check rules '$dest' && service prometheus reload"
done
diff --git a/cdist/conf/type/__pyvenv/gencode-remote b/cdist/conf/type/__pyvenv/gencode-remote
index 9c7b7fab..04700683 100755
--- a/cdist/conf/type/__pyvenv/gencode-remote
+++ b/cdist/conf/type/__pyvenv/gencode-remote
@@ -37,21 +37,11 @@ mode="$(cat "$__object/parameter/mode")"
destination="/$__object_id"
venvparams="$(cat "$__object/parameter/venvparams")"
pyvenvparam="$__object/parameter/pyvenv"
-
-os=$(cat "$__global/explorer/os")
-
if [ -f "$pyvenvparam" ]
then
pyvenv=$(cat "$pyvenvparam")
else
- case "$os" in
- alpine) # no pyvenv on alpine - I assume others will follow
- pyvenv="python3 -m venv"
- ;;
- *)
- pyvenv="pyvenv"
- ;;
- esac
+ pyvenv="pyvenv"
fi
case $state_should in
diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path
deleted file mode 100644
index dcf63c9b..00000000
--- a/cdist/conf/type/__sensible_editor/explorer/editor_path
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/bin/sh -e
-#
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-#
-# Check if the given editor is present on the target system and determine its
-# absolute path.
-#
-
-die() {
- echo "$@" >&2
- exit 1
-}
-
-editor_missing() { die "Editor '$1' is missing on the target system."; }
-editor_no_alternative() {
- die "Editor '$1' is not in the alternatives list of the target system." \
- "$(test -n "${editors}" && printf '\nPlease choose one of:\n\n%s\n' "${editors}")"
-}
-
-# No need to check for the path if the file is supposed to be removed.
-test "$(cat "${__object}/parameter/state")" != 'absent' || exit 0
-
-
-case $("${__explorer}/os")
-in
- debian|devuan|ubuntu)
- has_alternatives=true
-
- # NOTE: Old versions do not support `--list`, in this case ignore the errors.
- # This will require an absolute path to be provided, though.
- editors=$(update-alternatives --list editor 2>/dev/null)
- ;;
- *)
- # NOTE: RedHat has an alternatives system but it doesn't usually track
- # editors and it is a pain to extract the list.
- has_alternatives=false
- ;;
-esac
-
-# Read --editor parameter and check its value since it is "optional"
-editor=$(cat "${__object}/parameter/editor" 2>/dev/null) || true
-test -n "${editor}" || die 'Please provide an --editor to configure.'
-
-case $editor
-in
- /*)
- is_abspath=true
- ;;
- */*)
- die 'Relative editor paths are not supported'
- ;;
- *)
- is_abspath=false
- ;;
-esac
-
-
-if $has_alternatives && test -n "${editors}"
-then
- IFS='
-'
- if ! $is_abspath
- then
- # First, try to resolve the absolute path using $editors.
- while true
- do
- for e in $editors
- do
- if test "$(basename "${e}")" = "${editor}"
- then
- editor="${e}"
- break 2 # break out of both loops
- fi
- done
-
- # Iterating through alternatives did not yield a result
- editor_no_alternative "${editor}"
- break
- done
- fi
-
- # Check if editor is present
- test -f "${editor}" || editor_missing "${editor}"
-
- for e in $editors
- do
- if test "${editor}" = "${e}"
- then
- # Editor is part of the alternatives list -> use it!
- echo "${editor}"
- exit 0
- fi
- done
-
- editor_no_alternative "${editor}"
-else
- # NOTE: This branch is mostly for RedHat-based systems which do
- # not track editor alternatives. To make this type useful
- # on RedHat at all we allow an absoloute path to be provided
- # in any case.
-
- if $is_abspath
- then
- test -x "${editor}" || editor_missing "${editor}"
-
- echo "${editor}"
- exit 0
- else
- die "The target doesn't list any editor alternatives. " \
- "Please specify an absolute path or populate the alternatives list."
- fi
-fi
-
-# The script should never reach this statement!
-exit 1
diff --git a/cdist/conf/type/__sensible_editor/explorer/group b/cdist/conf/type/__sensible_editor/explorer/group
deleted file mode 100644
index 5d288189..00000000
--- a/cdist/conf/type/__sensible_editor/explorer/group
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh -e
-#
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-#
-# Determines the primary group of the user.
-#
-
-user=$__object_id
-
-id -gn "${user}" 2>/dev/null
diff --git a/cdist/conf/type/__sensible_editor/explorer/user_home b/cdist/conf/type/__sensible_editor/explorer/user_home
deleted file mode 100644
index b88243f7..00000000
--- a/cdist/conf/type/__sensible_editor/explorer/user_home
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh -e
-#
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-#
-# Determines the home folder of the target user.
-#
-
-user=$__object_id
-home=$(getent passwd "${user}" | cut -d':' -f6)
-
-if ! test -d "${home}"
-then
- echo "Cannot find home directory of user ${user}" >&2
- exit 1
-fi
-
-echo "${home}"
diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst
deleted file mode 100644
index 9b805e06..00000000
--- a/cdist/conf/type/__sensible_editor/man.rst
+++ /dev/null
@@ -1,78 +0,0 @@
-cdist-type__sensible_editor(7)
-==============================
-
-NAME
-----
-cdist-type__sensible_editor - Select the sensible-editor
-
-
-DESCRIPTION
------------
-This cdist type allows you to select the :strong:`sensible-editor` for
-a given user.
-
-
-REQUIRED PARAMETERS
--------------------
-editor
- Name or path of the editor to be selected.
- On systems other than Debian derivatives an absolute path is required.
-
- It is permissible to omit this parameter if --state is absent.
-
-
-OPTIONAL PARAMETERS
--------------------
-state
- 'present', 'absent', or 'exists'. Defaults to 'present', where:
-
- present
- the sensible-editor is exactly what is specified in --editor.
- absent
- no sensible-editor configuration is present.
- exists
- the sensible-editor will be set to what is specified in --editor,
- unless there already is a configuration on the target system.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- __sensible_editor root --editor /bin/ed # ed(1) is the standard
- __sensible_editor noob --editor nano
-
-
-LIMITATIONS
------------
-
-This type depends upon the :strong:`sensible-editor`\ (1) script which
-is part of the sensible-utils package.
-
-Therefore, the following operating systems are supported:
- * Debian 8 (jessie) or later
- * Devuan
- * Ubuntu 8.10 (intrepid) or later
- * RHEL/CentOS 7 or later (EPEL repo required)
- * Fedora 21 or later
-
-Note: on old versions of Ubuntu the sensible-* utils are part of the
-debianutils package.
-
-SEE ALSO
---------
-:strong:`select-editor`\ (1), :strong:`sensible-editor`\ (1).
-
-
-AUTHOR
--------
-Dennis Camera
-
-
-COPYING
--------
-Copyright \(C) 2019 Dennis Camera.
-You can redistribute it and/or modify it under the terms of the GNU General
-Public License as published by the Free Software Foundation, either version 3 of
-the License, or (at your option) any later version.
diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest
deleted file mode 100644
index 1cdb0c2c..00000000
--- a/cdist/conf/type/__sensible_editor/manifest
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/sh -e
-# -*- mode: sh; indent-tabs-mode: t -*-
-#
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-version_ge() {
- awk -F '[^0-9.]' -v target="${1:?}" '
- function max(x, y) { return x > y ? x : y; }
- BEGIN {
- getline;
- nx = split($1, x, ".");
- ny = split(target, y, ".");
- for (i = 1; i <= max(nx, ny); ++i) {
- diff = int(x[i]) - int(y[i]);
- if (diff < 0) exit 1;
- else if (diff > 0) exit 0;
- else continue;
- }
- }'
-}
-
-not_supported() {
- echo "OS ${os} does not support __sensible_editor." >&2
- echo 'If it does, please provide a patch.' >&2
- exit 1
-}
-
-os=$(cat "${__global}/explorer/os")
-os_version=$(cat "${__global}/explorer/os_version")
-
-state=$(cat "${__object}/parameter/state")
-user=$__object_id
-
-if test "${state}" != 'present' && test "${state}" != 'exists' && test "${state}" != 'absent'
-then
- echo 'Only "present", "exists", and "absent" are allowed for --state' >&2
- exit 1
-fi
-
-package_name='sensible-utils'
-
-case $os
-in
- debian)
- pkg_type='apt'
- ;;
- devuan)
- pkg_type='apt'
- ;;
- ubuntu)
- (echo "${os_version}" | version_ge 10.04) || package_name='debianutils'
- pkg_type='apt'
- ;;
- centos|fedora|redhat|scientific)
- pkg_type='yum'
- ;;
- *)
- not_supported
- ;;
-esac
-
-if test "${state}" != 'absent'
-then
- __package "${package_name}" --state present \
- --type "${pkg_type}"
- export require="__package/${package_name}"
-fi
-
-editor_path=$(cat "${__object}/explorer/editor_path")
-user_home=$(cat "${__object}/explorer/user_home")
-group=$(cat "${__object}/explorer/group")
-
-__file "${user_home}/.selected_editor" --state "${state}" \
- --owner "${user}" --group "${group}" --mode 0644 \
- --source - <
-
-
-COPYING
--------
-Copyright \(C) 2019 Timothée Floure. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__service/manifest b/cdist/conf/type/__service/manifest
deleted file mode 100644
index cb5af234..00000000
--- a/cdist/conf/type/__service/manifest
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh
-
-manager="$(cat "$__object/explorer/service-manager")"
-
-name=$__object_id
-action="$(cat "$__object/parameter/action")"
-
-case "$manager" in
- systemd)
- __systemd_service "$name" --action "$action"
- ;;
- *)
- # Unknown: handled by `service $NAME $action` in gencode-remote.
- ;;
-esac
diff --git a/cdist/conf/type/__service/parameter/required b/cdist/conf/type/__service/parameter/required
deleted file mode 100644
index a9f84d41..00000000
--- a/cdist/conf/type/__service/parameter/required
+++ /dev/null
@@ -1 +0,0 @@
-action
diff --git a/cdist/conf/type/__ssh_authorized_keys/explorer/file b/cdist/conf/type/__ssh_authorized_keys/explorer/file
index 017bcb38..5a02721a 100755
--- a/cdist/conf/type/__ssh_authorized_keys/explorer/file
+++ b/cdist/conf/type/__ssh_authorized_keys/explorer/file
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -20,42 +19,9 @@
#
if [ -f "$__object/parameter/file" ]; then
- cat "$__object/parameter/file"
+ cat "$__object/parameter/file"
else
- if [ -s "$__object/parameter/owner" ]
- then
- owner=$(cat "$__object/parameter/owner")
- else
- owner="$__object_id"
- fi
-
- if command -v getent >/dev/null
- then
- owner_line=$(getent passwd "$owner")
- elif [ -f /etc/passwd ]
- then
- case $owner
- in
- [0-9][0-9]*)
- owner_line=$(awk -F: "\$3 == \"${owner}\" { print }" /etc/passwd)
- ;;
- *)
- owner_line=$(awk -F: "\$1 == \"${owner}\" { print }" /etc/passwd)
- ;;
- esac
- fi
-
- if [ "$owner_line" ]
- then
- home=$(echo "$owner_line" | cut -d':' -f6)
- fi
-
- if [ ! -d "$home" ]
- then
- # Don't know how to determine user's home directory, fall back to ~
- home="~$owner"
- command -v realpath >/dev/null && home=$(realpath "$home")
- fi
-
- [ -d "$home" ] && echo "$home/.ssh/authorized_keys"
+ owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
+ home=$(getent passwd "$owner" | cut -d':' -f 6)
+ echo "$home/.ssh/authorized_keys"
fi
diff --git a/cdist/conf/type/__ssh_authorized_keys/explorer/group b/cdist/conf/type/__ssh_authorized_keys/explorer/group
index d259050f..72a4e314 100755
--- a/cdist/conf/type/__ssh_authorized_keys/explorer/group
+++ b/cdist/conf/type/__ssh_authorized_keys/explorer/group
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -19,28 +18,6 @@
# along with cdist. If not, see .
#
-if [ -s "$__object/parameter/owner" ]
-then
- owner=$(cat "$__object/parameter/owner")
-else
- owner="$__object_id"
-fi
-
-if command -v getent >/dev/null
-then
- gid=$(getent passwd "$owner" | cut -d':' -f4)
- getent group "$gid" || true
-else
- # Fallback to local file scanning
- case $owner
- in
- [0-9][0-9]*)
- gid=$(awk -F: "\$3 == \"${owner}\" { print \$4 }" /etc/passwd)
- ;;
- *)
- gid=$(awk -F: "\$1 == \"${owner}\" { print \$4 }" /etc/passwd)
- ;;
- esac
-
- awk -F: "\$3 == \"$gid\" { print }" /etc/group
-fi
+owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
+gid="$(getent passwd "$owner" | cut -d':' -f 4)"
+getent group "$gid" || true
diff --git a/cdist/conf/type/__ssh_authorized_keys/manifest b/cdist/conf/type/__ssh_authorized_keys/manifest
index b9f0582e..b507c7ff 100755
--- a/cdist/conf/type/__ssh_authorized_keys/manifest
+++ b/cdist/conf/type/__ssh_authorized_keys/manifest
@@ -23,12 +23,6 @@ owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
state="$(cat "$__object/parameter/state" 2>/dev/null)"
file="$(cat "$__object/explorer/file")"
-if [ ! -f "$__object/parameter/nofile" ] && [ -z "$file" ]
-then
- echo "Cannot determine path of authorized_keys file" >&2
- exit 1
-fi
-
if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then
group="$(cut -d':' -f 1 "$__object/explorer/group")"
if [ -z "$group" ]; then
diff --git a/cdist/conf/type/__ssh_dot_ssh/explorer/group b/cdist/conf/type/__ssh_dot_ssh/explorer/group
index faf44cb8..cdea6fe7 100755
--- a/cdist/conf/type/__ssh_dot_ssh/explorer/group
+++ b/cdist/conf/type/__ssh_dot_ssh/explorer/group
@@ -1,7 +1,6 @@
#!/bin/sh
#
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -19,11 +18,5 @@
# along with cdist. If not, see .
#
-gid=$("$__type_explorer/passwd" | cut -d':' -f4)
-
-if command -v getent >/dev/null
-then
- getent group "$gid" || true
-else
- awk -F: "\$3 == \"$gid\" { print }" /etc/group
-fi
+gid="$("$__type_explorer/passwd" | cut -d':' -f 4)"
+getent group "$gid" || true
diff --git a/cdist/conf/type/__ssh_dot_ssh/explorer/passwd b/cdist/conf/type/__ssh_dot_ssh/explorer/passwd
index 42686b20..3fbad06f 100755
--- a/cdist/conf/type/__ssh_dot_ssh/explorer/passwd
+++ b/cdist/conf/type/__ssh_dot_ssh/explorer/passwd
@@ -2,7 +2,6 @@
#
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
-# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
@@ -22,16 +21,4 @@
owner="$__object_id"
-if command -v getent >/dev/null
-then
- getent passwd "$owner" || true
-else
- case $owner in
- [0-9][0-9]*)
- awk -F: "\$3 == \"$owner\" { print }" /etc/passwd
- ;;
- *)
- grep "^$owner:" /etc/passwd || true
- ;;
- esac
-fi
+getent passwd "$owner" || true
diff --git a/cdist/conf/type/__start_on_boot/man.rst b/cdist/conf/type/__start_on_boot/man.rst
index f8afe94b..b7c73ab1 100644
--- a/cdist/conf/type/__start_on_boot/man.rst
+++ b/cdist/conf/type/__start_on_boot/man.rst
@@ -12,7 +12,7 @@ This cdist type allows you to enable or disable stuff to be started
at boot of your operating system.
Warning: This type has not been tested intensively and is not fully
-supported.
+supported (i.e. \*BSD are not implemented).
REQUIRED PARAMETERS
diff --git a/cdist/conf/type/__sysctl/manifest b/cdist/conf/type/__sysctl/manifest
index 71dea7f7..b4e2e902 100755
--- a/cdist/conf/type/__sysctl/manifest
+++ b/cdist/conf/type/__sysctl/manifest
@@ -2,7 +2,6 @@
#
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
# 2018 Takashi Yoshi (takashi at yoshi.email)
-# 2019 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
@@ -25,7 +24,7 @@ os=$(cat "$__global/explorer/os")
case "$os" in
# Linux
- alpine|redhat|centos|ubuntu|debian|devuan|archlinux|coreos)
+ redhat|centos|ubuntu|debian|devuan|archlinux|coreos)
:
;;
# BSD
diff --git a/cdist/conf/type/__systemd_service/explorer/state b/cdist/conf/type/__systemd_service/explorer/state
deleted file mode 100755
index f5f751d4..00000000
--- a/cdist/conf/type/__systemd_service/explorer/state
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/bin/sh -e
-# explorer/state
-#
-# 2020 Matthias Stecher
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-# Check if the service is running or stopped.
-#
-# The explorer must check before if the service exist, because 'systemctl is-active'
-# will return "inactive" even if there is no service there:
-# systemctl cat foo # does not exist
-# systemctl is-active foo # is "inactive"
-
-
-# get name of the service
-if [ -f "$__object/parameter/name" ]; then
- name="$(cat "$__object/parameter/name")"
-else
- name="$__object_id"
-fi
-
-
-# check if the service exist, else exit without output (also if systemd doesn't exist)
-# do not exit here with an error code, will be done in the gencode-remote script
-systemctl cat "$name" > /dev/null 2>&1 || exit 0
-
-# print if the service is running or not
-systemctl is-active -q "$name" && printf "running" || printf "stopped"
diff --git a/cdist/conf/type/__systemd_service/gencode-remote b/cdist/conf/type/__systemd_service/gencode-remote
deleted file mode 100755
index c867ff22..00000000
--- a/cdist/conf/type/__systemd_service/gencode-remote
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/bin/sh -e
-# gencode-remote
-#
-# 2020 Matthias Stecher
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-
-# Checks the given state of the service and set it to the given
-# state. Optionally, it executes the action if service running.
-
-
-# get name of the service
-name="$__object/parameter/name"
-if [ -f "$name" ]; then
- name="$(cat "$name")"
-else
- name="$__object_id"
-fi
-
-
-# read current status and parameters
-state="$(cat "$__object/explorer/state")"
-should="$(cat "$__object/parameter/state")"
-
-# if systemd/service does not exist
-if [ -z "$state" ]; then
- printf "systemd or service '%s' does not exist!\n" "$name" >&2
- exit 1
-fi
-
-
-# save the action required
-required_action=""
-
-# check the state of the service that should be
-if [ "$state" != "$should" ]; then
- # select what to do to get the $should state
- case "$should" in
- running)
- if [ "$state" = "stopped" ]; then required_action="start"; fi
- ;;
-
- stopped)
- if [ "$state" = "running" ]; then required_action="stop"; fi
- ;;
- esac
-fi
-
-# check if the action can be achieved if given
-if [ -f "$__object/parameter/action" ] \
- && [ -z "$required_action" ] && [ "$state" = "running" ]; then
-
- # there must be an action
- action="$(cat "$__object/parameter/action")"
-
- # select the action to the required element
- case "$action" in
- restart)
- required_action="restart"
- ;;
-
- reload)
- required_action="reload"
- ;;
-
- *)
- printf "action '%s' does not exist!" "$action" >&2
- exit 2
- esac
-
- # Make a special check: only do this action if a dependency did something
- # it is required that the dependencies write there action to $__messages_in
- if [ -f "$__object/parameter/if-required" ]; then
- # exit here if there are no changes from the dependencies affected (nothing to do)
- if ! grep -q -f "$__object/require" "$__messages_in"; then exit 0; fi
- fi
-fi
-
-# print the execution command if a action given
-if [ -n "$required_action" ]; then
- # also print it as message
- echo "$required_action" >> "$__messages_out"
- echo "systemctl $required_action '$name'"
-fi
diff --git a/cdist/conf/type/__systemd_service/man.rst b/cdist/conf/type/__systemd_service/man.rst
deleted file mode 100644
index 7eca398b..00000000
--- a/cdist/conf/type/__systemd_service/man.rst
+++ /dev/null
@@ -1,110 +0,0 @@
-cdist-type__systemd-service(7)
-==============================
-
-NAME
-----
-cdist-type__systemd-service - Controls a systemd service state
-
-DESCRIPTION
------------
-This type controls systemd services to define a state of the service,
-or an action like reloading or restarting. It is useful to reload a
-service after configuration applied or shutdown one service.
-
-The activation or deactivation is out of scope. Look for the
-:strong:`cdist-type__systemd_util`\ (7) type instead.
-
-REQUIRED PARAMETERS
--------------------
-
-None.
-
-OPTIONAL PARAMETERS
--------------------
-
-name
- String which will used as name instead of the object id.
-
-state
- The state which the service should be in:
-
- running
- Service should run (default)
-
- stoppend
- Service should stopped
-
-action
- Executes an action on on the service. It will only execute it if the
- service keeps the state **running**. There are following actions, where:
-
- reload
- Reloads the service
-
- restart
- Restarts the service
-
-BOOLEAN PARAMETERS
-------------------
-
-if-required
- Only execute the action if minimum one required type outputs a message to
- **$__messages_out**. Through this, the action should only executed if a
- dependency did something. The action will not executed if no dependencies
- given.
-
-MESSAGES
---------
-
-start
- Started the service
-
-stop
- Stopped the service
-
-restart
- Restarted the service
-
-reload
- Reloaded the service
-
-ABORTS
-------
-Aborts in following cases:
-
-systemd or the service does not exist
-
-EXAMPLES
---------
-.. code-block:: sh
-
- # service must run
- __systemd_service nginx
-
- # service must stopped
- __systemd_service sshd \
- --state stopped
-
- # restart the service
- __systemd_service apache2 \
- --action restart
-
- # makes sure the service exist with an alternative name
- __systemd_service foo \
- --name sshd
-
- # reload the service for a modified configuration file
- # only reloads the service if the file really changed
- require="__config_file/etc/foo.conf" __systemd_service foo \
- --action reload --if-required
-
-AUTHORS
--------
-Matthias Stecher
-
-COPYRIGHT
----------
-Copyright \(C) 2020 Matthias Stecher. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__systemd_service/parameter/boolean b/cdist/conf/type/__systemd_service/parameter/boolean
deleted file mode 100644
index a4bccb66..00000000
--- a/cdist/conf/type/__systemd_service/parameter/boolean
+++ /dev/null
@@ -1 +0,0 @@
-if-required
diff --git a/cdist/conf/type/__systemd_service/parameter/default/state b/cdist/conf/type/__systemd_service/parameter/default/state
deleted file mode 100644
index a2ae71b3..00000000
--- a/cdist/conf/type/__systemd_service/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-running
diff --git a/cdist/conf/type/__systemd_service/parameter/optional b/cdist/conf/type/__systemd_service/parameter/optional
deleted file mode 100644
index fc78265f..00000000
--- a/cdist/conf/type/__systemd_service/parameter/optional
+++ /dev/null
@@ -1,3 +0,0 @@
-name
-state
-action
diff --git a/cdist/conf/type/__tinydns/gencode-remote b/cdist/conf/type/__tinydns/gencode-remote
deleted file mode 100644
index 824479b6..00000000
--- a/cdist/conf/type/__tinydns/gencode-remote
+++ /dev/null
@@ -1,7 +0,0 @@
-servicename=$__object_id
-user="$(cat "$__object/parameter/user")"
-server_ip="$(cat "$__object/parameter/server-ip")"
-
-cat</dev/null || ./add-host $name $ip
-make
-EOF
diff --git a/cdist/conf/type/__tinydns_host/manifest b/cdist/conf/type/__tinydns_host/manifest
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__tinydns_host/parameter/required b/cdist/conf/type/__tinydns_host/parameter/required
deleted file mode 100644
index 93d111b2..00000000
--- a/cdist/conf/type/__tinydns_host/parameter/required
+++ /dev/null
@@ -1 +0,0 @@
-ip
diff --git a/cdist/conf/type/__tinydns_ns/gencode-remote b/cdist/conf/type/__tinydns_ns/gencode-remote
deleted file mode 100644
index 7305e605..00000000
--- a/cdist/conf/type/__tinydns_ns/gencode-remote
+++ /dev/null
@@ -1,13 +0,0 @@
-set -x
-
-servicename=$(echo $__object_id | cut -d/ -f1)
-name=$(echo $__object_id | cut -d/ -f2-)
-ip="$(cat "$__object/parameter/ip")"
-
-cat</dev/null || ./add-ns $name $ip
-make
-EOF
-
-set +x
diff --git a/cdist/conf/type/__tinydns_ns/parameter/required b/cdist/conf/type/__tinydns_ns/parameter/required
deleted file mode 100644
index 93d111b2..00000000
--- a/cdist/conf/type/__tinydns_ns/parameter/required
+++ /dev/null
@@ -1 +0,0 @@
-ip
diff --git a/cdist/conf/type/__ufw/manifest b/cdist/conf/type/__ufw/manifest
index 370b7ff5..54309ff5 100755
--- a/cdist/conf/type/__ufw/manifest
+++ b/cdist/conf/type/__ufw/manifest
@@ -31,7 +31,7 @@ case "$state" in
__package epel-release
require='__package/epel-release' __package ufw
else
- echo 'CentOS version 7 is required!' >&2
+ echo 'CentOS version 7 is required!'
exit 1
fi
;;
diff --git a/cdist/conf/type/__update_alternatives/explorer/state b/cdist/conf/type/__update_alternatives/explorer/state
deleted file mode 100755
index 04a78aaa..00000000
--- a/cdist/conf/type/__update_alternatives/explorer/state
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh -e
-path="$(cat "$__object/parameter/path")"
-name="$__object_id"
-link="$(readlink "/etc/alternatives/$name")"
-if [ "$path" = "$link" ]
-then echo present
-else echo absent
-fi
diff --git a/cdist/conf/type/__update_alternatives/gencode-remote b/cdist/conf/type/__update_alternatives/gencode-remote
index c0b49814..0e7b0d89 100755
--- a/cdist/conf/type/__update_alternatives/gencode-remote
+++ b/cdist/conf/type/__update_alternatives/gencode-remote
@@ -17,10 +17,9 @@
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see .
#
-
-if [ "$(cat "$__object/explorer/state")" = 'present' ]
-then exit 0
-fi
+#
+# Setup alternative - no standard way to create, always set
+#
path="$(cat "$__object/parameter/path")"
name="$__object_id"
diff --git a/cdist/conf/type/__user/explorer/group b/cdist/conf/type/__user/explorer/group
index 0fd1471a..2aae2973 100755
--- a/cdist/conf/type/__user/explorer/group
+++ b/cdist/conf/type/__user/explorer/group
@@ -23,9 +23,11 @@
if [ -f "$__object/parameter/gid" ]; then
gid=$(cat "$__object/parameter/gid")
- if command -v getent >/dev/null; then
- getent group "$gid" || true
+ getent=$(command -v getent)
+ if [ X != X"${getent}" ]; then
+ "${getent}" group "$gid" || true
elif [ -f /etc/group ]; then
grep -E "^(${gid}|([^:]+:){2}${gid}):" /etc/group || true
fi
fi
+
diff --git a/cdist/conf/type/__user/explorer/passwd b/cdist/conf/type/__user/explorer/passwd
index b8391a6f..677e3ff0 100755
--- a/cdist/conf/type/__user/explorer/passwd
+++ b/cdist/conf/type/__user/explorer/passwd
@@ -23,8 +23,9 @@
name=$__object_id
-if command -v getent >/dev/null; then
- getent passwd "$name" || true
+getent=$(command -v getent)
+if [ X != X"${getent}" ]; then
+ "${getent}" passwd "$name" || true
elif [ -f /etc/passwd ]; then
grep "^${name}:" /etc/passwd || true
fi
diff --git a/cdist/conf/type/__user/explorer/shadow b/cdist/conf/type/__user/explorer/shadow
index 63d38f0d..c49992d5 100755
--- a/cdist/conf/type/__user/explorer/shadow
+++ b/cdist/conf/type/__user/explorer/shadow
@@ -1,4 +1,4 @@
-#!/bin/sh -e
+#!/bin/sh
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
#
@@ -22,19 +22,18 @@
#
name=$__object_id
+os="$("$__explorer/os")"
+# Default to using shadow passwords
+database="shadow"
-case $("$__explorer/os") in
- 'freebsd'|'netbsd'|'openbsd'|'alpine')
- database='passwd'
- ;;
- # Default to using shadow passwords
- *)
- database='shadow'
- ;;
+case "$os" in
+ "freebsd"|"netbsd"|"openbsd") database="passwd";;
esac
+
-if command -v getent >/dev/null; then
- getent "$database" "$name" || true
+getent=$(command -v getent)
+if [ X != X"${getent}" ]; then
+ "${getent}" "$database" "$name" || true
elif [ -f /etc/shadow ]; then
grep "^${name}:" /etc/shadow || true
fi
diff --git a/cdist/conf/type/__xymon_apache/explorer/active-modules b/cdist/conf/type/__xymon_apache/explorer/active-modules
deleted file mode 100755
index 4c745ced..00000000
--- a/cdist/conf/type/__xymon_apache/explorer/active-modules
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh -e
-
-if [ -d /etc/apache2/mods-enabled ]; then
- /usr/sbin/apachectl -t -D DUMP_MODULES | awk '/.*_module/ { gsub(/_module.*$/, ""); gsub(/^ /, ""); print }'
-fi
diff --git a/cdist/conf/type/__xymon_apache/gencode-remote b/cdist/conf/type/__xymon_apache/gencode-remote
deleted file mode 100755
index e7d8e344..00000000
--- a/cdist/conf/type/__xymon_apache/gencode-remote
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-state=$(cat "$__object/parameter/state")
-
-os=$(cat "$__global/explorer/os")
-case "$os" in
- debian|ubuntu)
- :
- ;;
- *)
- echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
- ;;
-esac
-
-if [ "$state" = "present" ]; then
- if ! grep -q ^rewrite "$__object/explorer/active-modules"; then
- echo "a2enmod rewrite >/dev/null"
- echo "mod:rewrite enabled" >> "$__messages_out"
- fi
- if ! grep -q "^cgi$" "$__object/explorer/active-modules"; then
- echo "a2enmod cgi >/dev/null"
- echo "mod:cgi enabled" >> "$__messages_out"
- fi
-
- if ! grep -q ^xymon.conf "$__object/explorer/active-conf"; then
- echo "a2enconf xymon >/dev/null"
- echo "conf:xymon enabled" >> "$__messages_out"
- fi
-fi
-
-if grep -q "^mod:.* enabled" "$__messages_out"; then
- echo "systemctl restart apache2.service"
- echo "apache restarted" >> "$__messages_out"
-elif grep -q "^conf:xymon enabled" "$__messages_out"; then
- echo "systemctl reload apache2.service"
- echo "apache reloaded" >> "$__messages_out"
-fi
diff --git a/cdist/conf/type/__xymon_apache/man.rst b/cdist/conf/type/__xymon_apache/man.rst
deleted file mode 100644
index 8358c821..00000000
--- a/cdist/conf/type/__xymon_apache/man.rst
+++ /dev/null
@@ -1,79 +0,0 @@
-cdist-type__xymon_apache(7)
-===========================
-
-NAME
-----
-cdist-type__xymon_apache - Configure apache2-webserver for Xymon
-
-
-DESCRIPTION
------------
-This cdist type installs and configures apache2 to be used "exclusively" (in
-the sense that no other use is taken care of) with Xymon (the systems and
-network monitor).
-
-It depends on `__xymon_server`.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state
- 'present', 'absent', defaults to 'present'.
-
-ipacl
- IP(-ranges) that have access to the Xymon webpages and CGIs. Apache2-style
- syntax suitable for `Require ip ...`. Example: `192.168.1.0/24 10.0.0.0/8`
-
-
-MESSAGES
---------
-mod:rewrite enabled
- apache module enabled
-conf:xymon enabled
- apache config for xymon enabled
-apache restarted
- apache2.service was reloaded
-apache reloaded
- apache2.service was restarted
-
-
-EXPLORERS
----------
-active-conf
- lists apache2 `conf-enabled`
-active-modules
- lists active apache2-modules
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- # minmal, only localhost-access:
- __xymon_apache
- # allow more IPs to access the Xymon-webinterface:
- __xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" --state "present"
-
-
-SEE ALSO
---------
-:strong:`cdist__xymon_server`\ (7)
-
-
-AUTHORS
--------
-Thomas Eckert
-
-
-COPYING
--------
-Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__xymon_apache/parameter/default/state b/cdist/conf/type/__xymon_apache/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__xymon_apache/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__xymon_apache/parameter/optional b/cdist/conf/type/__xymon_apache/parameter/optional
deleted file mode 100644
index d374ec41..00000000
--- a/cdist/conf/type/__xymon_apache/parameter/optional
+++ /dev/null
@@ -1,2 +0,0 @@
-state
-ipacl
diff --git a/cdist/conf/type/__xymon_apache/singleton b/cdist/conf/type/__xymon_apache/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__xymon_client/gencode-remote b/cdist/conf/type/__xymon_client/gencode-remote
deleted file mode 100755
index 49eed317..00000000
--- a/cdist/conf/type/__xymon_client/gencode-remote
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-servers=$(cat "$__object/parameter/servers")
-
-if grep -q ^__key_value/CLIENTHOSTNAME "$__messages_in" || grep -q ^__key_value/XYMONSERVERS "$__messages_in" ; then
- echo "systemctl restart xymon-client"
- echo "restarted" >> "$__messages_out"
- cat <<-EOT
- echo "xymon-client xymon-client/XYMONSERVERS string $servers" | debconf-set-selections
- EOT
-fi
diff --git a/cdist/conf/type/__xymon_client/man.rst b/cdist/conf/type/__xymon_client/man.rst
deleted file mode 100644
index 05d085dc..00000000
--- a/cdist/conf/type/__xymon_client/man.rst
+++ /dev/null
@@ -1,66 +0,0 @@
-cdist-type__xymon_client(7)
-===========================
-
-NAME
-----
-cdist-type__xymon_client - Install the Xymon client
-
-
-DESCRIPTION
------------
-This cdist type installs the Xymon client and configures it to report with
-FQDN.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state
- 'present', 'absent', defaults to 'present'.
-
-servers
- One or more IP addresses (space separated) of the Xymon server(s) to report
- to. While DNS-names are ok it is discouraged, defaults to 127.0.0.1.
-
-
-BOOLEAN PARAMETERS
-------------------
-msgcache
- Enable xymon `msgcache`. Note: XYMONSERVER has to be `127.0.0.1` for using
- `msgcache` (see `msgcache (8)` of the xymon documentation for details).
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- # minimal, report to 127.0.0.1
- __xymon_client
-
- # specify server:
- __xymon_client --servers "192.168.1.1"
-
- # activate `msgcache` for passive client:
- __xymon_client --msgcache
-
-
-SEE ALSO
---------
-:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7), :strong:`msgcache`\ (8)
-
-
-AUTHORS
--------
-Thomas Eckert
-
-
-COPYING
--------
-Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__xymon_client/manifest b/cdist/conf/type/__xymon_client/manifest
deleted file mode 100755
index 88293a12..00000000
--- a/cdist/conf/type/__xymon_client/manifest
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-state=$(cat "$__object/parameter/state")
-servers=$(cat "$__object/parameter/servers")
-
-os=$(cat "$__global/explorer/os")
-case "$os" in
- debian|ubuntu)
- :
- ;;
- *)
- echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
- ;;
-esac
-
-__package xymon-client --state "$state"
-
-if [ -f "$__object/parameter/msgcache" ]; then
- require="__package/xymon-client" __line /etc/xymon/clientlaunch.cfg \
- --regex DISABLED --state absent
-fi
-
-require="__package/xymon-client" __key_value CLIENTHOSTNAME \
- --file /etc/default/xymon-client \
- --value "'$__target_hostname'" \
- --delimiter '=' \
- --state "$state"
-require="__package/xymon-client" __key_value XYMONSERVERS \
- --file /etc/default/xymon-client \
- --value "'$servers'" \
- --delimiter '=' \
- --state "$state"
-
-## CLI-usage often requires a shell:
-require="__package/xymon-client" __user xymon --shell "/bin/bash" --state "$state"
diff --git a/cdist/conf/type/__xymon_client/parameter/boolean b/cdist/conf/type/__xymon_client/parameter/boolean
deleted file mode 100644
index 0dd7839d..00000000
--- a/cdist/conf/type/__xymon_client/parameter/boolean
+++ /dev/null
@@ -1 +0,0 @@
-msgcache
diff --git a/cdist/conf/type/__xymon_client/parameter/default/servers b/cdist/conf/type/__xymon_client/parameter/default/servers
deleted file mode 100644
index 7b9ad531..00000000
--- a/cdist/conf/type/__xymon_client/parameter/default/servers
+++ /dev/null
@@ -1 +0,0 @@
-127.0.0.1
diff --git a/cdist/conf/type/__xymon_client/parameter/default/state b/cdist/conf/type/__xymon_client/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__xymon_client/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__xymon_client/parameter/optional b/cdist/conf/type/__xymon_client/parameter/optional
deleted file mode 100644
index 7c34489a..00000000
--- a/cdist/conf/type/__xymon_client/parameter/optional
+++ /dev/null
@@ -1,2 +0,0 @@
-state
-servers
diff --git a/cdist/conf/type/__xymon_client/singleton b/cdist/conf/type/__xymon_client/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__xymon_config/files/.keep b/cdist/conf/type/__xymon_config/files/.keep
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__xymon_config/gencode-remote b/cdist/conf/type/__xymon_config/gencode-remote
deleted file mode 100644
index b25a0fda..00000000
--- a/cdist/conf/type/__xymon_config/gencode-remote
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-## to speed up config-reload we send a HUP to the server process:
-cat <<-EOT
- pkill -HUP xymond || { echo "HUPing xymond failed" >&2; exit 1; }
-EOT
diff --git a/cdist/conf/type/__xymon_config/man.rst b/cdist/conf/type/__xymon_config/man.rst
deleted file mode 100644
index 8adfbe1f..00000000
--- a/cdist/conf/type/__xymon_config/man.rst
+++ /dev/null
@@ -1,78 +0,0 @@
-cdist-type__xymon_config(7)
-===========================
-
-NAME
-----
-cdist-type__xymon_config - Deploy a Xymon configuration-directory
-
-
-DESCRIPTION
------------
-This cdist type deploys a full Xymon configuration directory from the files-dir
-to the host. This type requires an installed Xymon server, e.g. deployed by
-`__xymon_server`.
-
-WARNING: This type _replaces_ the `/etc/xymon/`-directory! The previous
-contents is replaced/deleted!
-
-
-REQUIRED PARAMETERS
--------------------
-confdir
- The directory in `./files/` that contains the `/etc/xymon/`-content to be
- deployed.
-
-
-OPTIONAL PARAMETERS
--------------------
-owner
- passed as-is as `--owner` to `__rsync`
-
-group
- passed as-is as `--group` to `__rsync`
-
-
-OPTIONAL MULTIPLE PARAMETERS
-----------------------------
-rsync-opts
- identical to __rsync type, only `--`-options are supported
-
-
-REQUIRED FILES
---------------
-The directory specified by `confdir` has to contain a valid xymon-configuration
-(`/etc/xymon/`) _plus_ the `ext/`-directory that normally resides in
-`/usr/lib/xymon/server/`.
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- __xymon_config --confdir=xymon.example.com
- # this will replace /etc/xymon/ on the target host with
- # the contents from __xymon_config/files/xymon.example.com/
-
- ## the same but set ownership to `xymon:xymon` and exclude
- ## the `netrc`-file:
- __xymon_config --confdir=xymon.example.com \
- --owner xymon --group xymon \
- --rsync-opts "exclude=netrc"
-
-
-SEE ALSO
---------
-:strong:`cdist__xymon_server`\ (7), :strong:`cdist__rsync`\ (7), :strong:`xymon`\ (7)
-
-AUTHORS
--------
-Thomas Eckert
-
-
-COPYING
--------
-Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__xymon_config/manifest b/cdist/conf/type/__xymon_config/manifest
deleted file mode 100644
index 4a5fb6c9..00000000
--- a/cdist/conf/type/__xymon_config/manifest
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-confdir=$(cat "$__object/parameter/confdir")
-set --
-if [ -f "$__object/parameter/owner" ]; then
- owner=$(cat "$__object/parameter/owner")
- set -- "$@" "--owner $owner"
-fi
-if [ -f "$__object/parameter/group" ]; then
- group=$(cat "$__object/parameter/group")
- set -- "$@" "--group $group"
-fi
-
-## pass `--rsync-opts` as-is to `__rsync`:
-if [ -f "$__object/parameter/rsync-opts" ]; then
- while read -r opts; do
- # shellcheck disable=SC2089
- set -- "$@" "--rsync-opts '$opts'"
- done < "$__object/parameter/rsync-opts"
-fi
-
-# shellcheck disable=SC2068,SC2090
-__rsync /etc/xymon/ \
- --source "$__type/files/$confdir/" \
- --rsync-opts "delete" \
- $@
diff --git a/cdist/conf/type/__xymon_config/parameter/optional b/cdist/conf/type/__xymon_config/parameter/optional
deleted file mode 100644
index 866b4bde..00000000
--- a/cdist/conf/type/__xymon_config/parameter/optional
+++ /dev/null
@@ -1,2 +0,0 @@
-owner
-group
diff --git a/cdist/conf/type/__xymon_config/parameter/optional_multiple b/cdist/conf/type/__xymon_config/parameter/optional_multiple
deleted file mode 100644
index fdb7cd88..00000000
--- a/cdist/conf/type/__xymon_config/parameter/optional_multiple
+++ /dev/null
@@ -1 +0,0 @@
-rsync-opts
diff --git a/cdist/conf/type/__xymon_config/parameter/required b/cdist/conf/type/__xymon_config/parameter/required
deleted file mode 100644
index 43222f13..00000000
--- a/cdist/conf/type/__xymon_config/parameter/required
+++ /dev/null
@@ -1 +0,0 @@
-confdir
diff --git a/cdist/conf/type/__xymon_config/singleton b/cdist/conf/type/__xymon_config/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__xymon_server/gencode-remote b/cdist/conf/type/__xymon_server/gencode-remote
deleted file mode 100755
index 0770e319..00000000
--- a/cdist/conf/type/__xymon_server/gencode-remote
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-## "move" user-modified dirs to /etc/xymon to be managed by __xymon_config:
-cat <<-EOT
- if [ ! -L /usr/lib/xymon/server/ext ]; then
- mv /usr/lib/xymon/server/ext /etc/xymon
- ln -s /etc/xymon/ext /usr/lib/xymon/server/
- fi
-EOT
diff --git a/cdist/conf/type/__xymon_server/man.rst b/cdist/conf/type/__xymon_server/man.rst
deleted file mode 100644
index a9a180e1..00000000
--- a/cdist/conf/type/__xymon_server/man.rst
+++ /dev/null
@@ -1,87 +0,0 @@
-cdist-type__xymon_server(7)
-===========================
-
-NAME
-----
-cdist-type__xymon_server - Install a Xymon server
-
-
-DESCRIPTION
------------
-This cdist type installs a Xymon (https://www.xymon.com/) server and (optional)
-required helper packages.
-
-This includes the Xymon client as a dependency, so NO NEED to install
-`__xymon_client` separately.
-
-To access the webinterface a webserver is required. The cdist-type
-`__xymon_apache` can be used to install and configure the apache webserver for
-the use with Xymon.
-
-Further and day-to-day configuration of Xymon can either be done manually in
-`/etc/xymon/` or the directory can be deployed and managed by `__xymon_config`.
-
-
-REQUIRED PARAMETERS
--------------------
-None.
-
-
-OPTIONAL PARAMETERS
--------------------
-state
- 'present', 'absent', defaults to 'present'. If '--install_helpers' is
- specified for 'absent' the helper packages will be un-installed.
-
-
-BOOLEAN PARAMETERS
-------------------
-install_helpers
- Install helper packages used by Xymon (fping, heirloom-mailx, traceroute,
- ntpdate).
-
-
-EXAMPLES
---------
-
-.. code-block:: sh
-
- # minmal
- __xymon_server
-
- # the same
- __xymon_server --state present
-
- # also install helper packages:
- __xymon_server --install_helpers
-
- # examples to give a more complete picture: __xymon_server installed on
- # `xymon.example.com` w/ IP 192.168.1.1:
- #
- # install webserver and grant 2 private subnets access to the webinterface:
- __xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8"
- # deploy server-configuration with __xymon_config:
- __xymon_config --confdir=xymon.example.com
-
- # install xymon-client on other machines (not needed on the server):
- __xymon_client --servers "192.168.1.1"
-
-
-
-SEE ALSO
---------
-:strong:`cdist__xymon_apache`\ (7), :strong:`cdist__xymon_config`\ (7),
-:strong:`cdist__xymon_client`\ (7), :strong:`xymon`\ (7)
-
-
-AUTHORS
--------
-Thomas Eckert
-
-
-COPYING
--------
-Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it
-and/or modify it under the terms of the GNU General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
diff --git a/cdist/conf/type/__xymon_server/manifest b/cdist/conf/type/__xymon_server/manifest
deleted file mode 100755
index 7cee0d23..00000000
--- a/cdist/conf/type/__xymon_server/manifest
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh -e
-#
-# 2018-2019 Thomas Eckert (tom at it-eckert.de)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-
-state=$(cat "$__object/parameter/state")
-if [ -f "$__object/parameter/install_helpers" ]; then
- install_helpers=1
-else
- install_helpers=0
-fi
-
-os=$(cat "$__global/explorer/os")
-case "$os" in
- debian|ubuntu)
- :
- ;;
- *)
- echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
- echo "Please contribute an implementation for it if you can." >&2
- exit 1
- ;;
-esac
-
-__package xymon --state "$state"
-
-## install helper-packages/tools used by the xymon server if requested:
-if [ "$install_helpers" = "1" ]; then
- __package fping --state "$state"
- __package heirloom-mailx --state "$state"
- __package traceroute --state "$state"
- __package ntpdate --state "$state"
-fi
-
-## CLI-usage often requires a shell:
-require="__package/xymon" __user xymon --shell "/bin/bash" --state "$state"
diff --git a/cdist/conf/type/__xymon_server/parameter/boolean b/cdist/conf/type/__xymon_server/parameter/boolean
deleted file mode 100644
index 56ebcb2c..00000000
--- a/cdist/conf/type/__xymon_server/parameter/boolean
+++ /dev/null
@@ -1 +0,0 @@
-install_helpers
diff --git a/cdist/conf/type/__xymon_server/parameter/default/state b/cdist/conf/type/__xymon_server/parameter/default/state
deleted file mode 100644
index e7f6134f..00000000
--- a/cdist/conf/type/__xymon_server/parameter/default/state
+++ /dev/null
@@ -1 +0,0 @@
-present
diff --git a/cdist/conf/type/__xymon_server/parameter/optional b/cdist/conf/type/__xymon_server/parameter/optional
deleted file mode 100644
index ff72b5c7..00000000
--- a/cdist/conf/type/__xymon_server/parameter/optional
+++ /dev/null
@@ -1 +0,0 @@
-state
diff --git a/cdist/conf/type/__xymon_server/singleton b/cdist/conf/type/__xymon_server/singleton
deleted file mode 100644
index e69de29b..00000000
diff --git a/cdist/conf/type/__zypper_service/man.rst b/cdist/conf/type/__zypper_service/man.rst
index e082dc02..ea48aebb 100644
--- a/cdist/conf/type/__zypper_service/man.rst
+++ b/cdist/conf/type/__zypper_service/man.rst
@@ -46,10 +46,10 @@ EXAMPLES
# Ensure that internal SLES11 SP3 RIS is in installed and all other services and repos are discarded
__zypper_service INTERNAL_SLES11_SP3 --service_desc "Internal SLES11 SP3 RIS" --uri "http://path/to/your/ris/dir" --remove-all-other-services --remove-all-repos
- # Ensure that internal SLES11 SP3 RIS is in installed, no changes to other services or repos
+ # Ensure that internal SLES11 SP3 RIS is in installed, no changes to ohter services or repos
__zypper_service INTERNAL_SLES11_SP3 --service_desc "Internal SLES11 SP3 RIS" --uri "http://path/to/your/ris/dir"
- # Drop service by uri, no changes to other services or repos
+ # Drop service by uri, no changes to ohter services or repos
__zypper_service INTERNAL_SLES11_SP3 --state absent --uri "http://path/to/your/ris/dir"
diff --git a/cdist/config.py b/cdist/config.py
index 97cc1da6..fae2ff46 100644
--- a/cdist/config.py
+++ b/cdist/config.py
@@ -43,33 +43,6 @@ from cdist import core, inventory
from cdist.util.remoteutil import inspect_ssh_mux_opts
-def graph_check_cycle(graph):
- # Start from each node in the graph and check for cycle starting from it.
- for node in graph:
- # Cycle path.
- path = [node]
- has_cycle = _graph_dfs_cycle(graph, node, path)
- if has_cycle:
- return has_cycle, path
- return False, None
-
-
-def _graph_dfs_cycle(graph, node, path):
- for neighbour in graph.get(node, ()):
- # If node is already in path then this is cycle.
- if neighbour in path:
- path.append(neighbour)
- return True
- path.append(neighbour)
- rv = _graph_dfs_cycle(graph, neighbour, path)
- if rv:
- return True
- # Remove last item from list - neighbour whose DFS path we have have
- # just checked.
- del path[-1]
- return False
-
-
class Config(object):
"""Cdist main class to hold arbitrary data"""
@@ -104,12 +77,9 @@ class Config(object):
self.remove_remote_files_dirs = remove_remote_files_dirs
self.explorer = core.Explorer(self.local.target_host, self.local,
- self.remote, jobs=self.jobs,
- dry_run=self.dry_run)
- self.manifest = core.Manifest(self.local.target_host, self.local,
- dry_run=self.dry_run)
- self.code = core.Code(self.local.target_host, self.local, self.remote,
- dry_run=self.dry_run)
+ self.remote, jobs=self.jobs)
+ self.manifest = core.Manifest(self.local.target_host, self.local)
+ self.code = core.Code(self.local.target_host, self.local, self.remote)
def _init_files_dirs(self):
"""Prepare files and directories for the run"""
@@ -124,7 +94,6 @@ class Config(object):
"""Remove files and directories for the run"""
if self.remove_remote_files_dirs:
self._remove_remote_files_dirs()
- self.manifest.cleanup()
@staticmethod
def hosts(source):
@@ -285,14 +254,14 @@ class Config(object):
cls.onehost(host, host_tags, host_base_path, hostdir,
args, parallel=False,
configuration=configuration)
- except cdist.Error:
+ except cdist.Error as e:
failed_hosts.append(host)
if args.parallel and len(process_args) == 1:
log.debug("Only 1 host for parallel processing, doing it "
"sequentially")
try:
cls.onehost(*process_args[0])
- except cdist.Error:
+ except cdist.Error as e:
failed_hosts.append(host)
elif args.parallel:
log.trace("Multiprocessing start method is {}".format(
@@ -369,7 +338,7 @@ class Config(object):
def resolve_target_addresses(host, family):
try:
return ipaddr.resolve_target_addresses(host, family)
- except: # noqa
+ except:
e = sys.exc_info()[1]
raise cdist.Error(("Error resolving target addresses for host '{}'"
": {}").format(host, e))
@@ -684,28 +653,6 @@ class Config(object):
self.__dict__.update(state)
self._open_logger()
- def _validate_dependencies(self):
- '''
- Build dependency graph for unfinished objects and
- check for cycles.
- '''
- graph = {}
- for cdist_object in self.object_list():
- obj_name = cdist_object.name
- if obj_name not in graph:
- graph[obj_name] = []
- if cdist_object.state == cdist_object.STATE_DONE:
- continue
-
- for requirement in cdist_object.requirements_unfinished(
- cdist_object.requirements):
- graph[obj_name].append(requirement.name)
-
- for requirement in cdist_object.requirements_unfinished(
- cdist_object.autorequire):
- graph[obj_name].append(requirement.name)
- return graph_check_cycle(graph)
-
def iterate_until_finished(self):
"""
Go through all objects and solve them
@@ -715,12 +662,6 @@ class Config(object):
objects_changed = True
while objects_changed:
- # Check for cycles as early as possible.
- has_cycle, path = self._validate_dependencies()
- if has_cycle:
- raise cdist.UnresolvableRequirementsError(
- "Cycle detected in object dependencies:\n{}!".format(
- " -> ".join(path)))
objects_changed = self.iterate_once()
# Check whether all objects have been finished
@@ -759,38 +700,14 @@ class Config(object):
("The requirements of the following objects could not be "
"resolved:\n%s") % ("\n".join(info_string)))
- def _handle_deprecation(self, cdist_object):
- cdist_type = cdist_object.cdist_type
- deprecated = cdist_type.deprecated
- if deprecated is not None:
- if deprecated:
- self.log.warning("Type %s is deprecated: %s", cdist_type.name,
- deprecated)
- else:
- self.log.warning("Type %s is deprecated.", cdist_type.name)
- for param in cdist_object.parameters:
- if param in cdist_type.deprecated_parameters:
- msg = cdist_type.deprecated_parameters[param]
- if msg:
- format = "%s parameter of type %s is deprecated: %s"
- args = [param, cdist_type.name, msg]
- else:
- format = "%s parameter of type %s is deprecated."
- args = [param, cdist_type.name]
- self.log.warning(format, *args)
-
def object_prepare(self, cdist_object, transfer_type_explorers=True):
"""Prepare object: Run type explorer + manifest"""
- self._handle_deprecation(cdist_object)
self.log.verbose("Preparing object {}".format(cdist_object.name))
self.log.verbose(
"Running manifest and explorers for " + cdist_object.name)
self.explorer.run_type_explorers(cdist_object, transfer_type_explorers)
try:
self.manifest.run_type_manifest(cdist_object)
- self.log.trace("[ORDER_DEP] Removing order dep files for %s",
- cdist_object)
- cdist_object.cleanup()
cdist_object.state = core.CdistObject.STATE_PREPARED
except cdist.Error as e:
raise cdist.CdistObjectError(cdist_object, e)
diff --git a/cdist/configuration.py b/cdist/configuration.py
index 1011a382..f05a5963 100644
--- a/cdist/configuration.py
+++ b/cdist/configuration.py
@@ -274,8 +274,7 @@ class Configuration(metaclass=Singleton):
os.path.isfile(_local_config_file))):
_local_config_file = os.path.join(
os.environ.get('XDG_CONFIG_HOME',
- os.path.expanduser('~/.config/')),
- 'cdist',
+ os.path.expanduser('~/.config/cdist')),
_config_basename)
_dist_config_file = os.path.join(
os.path.abspath(os.path.join(os.path.dirname(cdist.__file__), "conf")),
diff --git a/cdist/core/cdist_object.py b/cdist/core/cdist_object.py
index 114a47e0..237f0ddd 100644
--- a/cdist/core/cdist_object.py
+++ b/cdist/core/cdist_object.py
@@ -243,16 +243,6 @@ class CdistObject(object):
lambda obj: os.path.join(obj.base_path, obj.code_local_path))
code_remote = fsproperty.FileStringProperty(
lambda obj: os.path.join(obj.base_path, obj.code_remote_path))
- typeorder = fsproperty.FileListProperty(
- lambda obj: os.path.join(obj.absolute_path, 'typeorder'))
- typeorder_dep = fsproperty.FileListProperty(
- lambda obj: os.path.join(obj.absolute_path, 'typeorder_dep'))
-
- def cleanup(self):
- try:
- os.remove(os.path.join(self.absolute_path, 'typeorder_dep'))
- except FileNotFoundError:
- pass
@property
def exists(self):
diff --git a/cdist/core/cdist_type.py b/cdist/core/cdist_type.py
index 4500f50d..99e40e70 100644
--- a/cdist/core/cdist_type.py
+++ b/cdist/core/cdist_type.py
@@ -69,7 +69,6 @@ class CdistType(object):
self.__optional_multiple_parameters = None
self.__boolean_parameters = None
self.__parameter_defaults = None
- self.__deprecated_parameters = None
def __hash__(self):
return hash(self.name)
@@ -134,17 +133,6 @@ class CdistType(object):
cannot run in parallel."""
return os.path.isfile(os.path.join(self.absolute_path, "nonparallel"))
- @property
- def deprecated(self):
- """Get type deprecation message. If message is None then type
- is not deprecated."""
- deprecated_path = os.path.join(self.absolute_path, "deprecated")
- try:
- with open(deprecated_path, 'r') as f:
- return f.read()
- except FileNotFoundError:
- return None
-
@property
def explorers(self):
"""Return a list of available explorers"""
@@ -276,23 +264,3 @@ class CdistType(object):
finally:
self.__parameter_defaults = defaults
return self.__parameter_defaults
-
- @property
- def deprecated_parameters(self):
- if not self.__deprecated_parameters:
- deprecated = {}
- try:
- deprecated_dir = os.path.join(self.absolute_path,
- "parameter",
- "deprecated")
- for name in cdist.core.listdir(deprecated_dir):
- try:
- with open(os.path.join(deprecated_dir, name)) as fd:
- deprecated[name] = fd.read().strip()
- except EnvironmentError:
- pass # Swallow errors raised by open() or read()
- except EnvironmentError:
- pass # Swallow error raised by os.listdir()
- finally:
- self.__deprecated_parameters = deprecated
- return self.__deprecated_parameters
diff --git a/cdist/core/code.py b/cdist/core/code.py
index 1550880a..670029ed 100644
--- a/cdist/core/code.py
+++ b/cdist/core/code.py
@@ -97,7 +97,7 @@ class Code(object):
"""
# target_host is tuple (target_host, target_hostname, target_fqdn)
- def __init__(self, target_host, local, remote, dry_run=False):
+ def __init__(self, target_host, local, remote):
self.target_host = target_host
self.local = local
self.remote = remote
@@ -113,9 +113,6 @@ class Code(object):
local.log),
}
- if dry_run:
- self.env['__cdist_dry_run'] = '1'
-
def _run_gencode(self, cdist_object, which):
cdist_type = cdist_object.cdist_type
script = os.path.join(self.local.type_path,
diff --git a/cdist/core/explorer.py b/cdist/core/explorer.py
index 353d7681..acceacac 100644
--- a/cdist/core/explorer.py
+++ b/cdist/core/explorer.py
@@ -67,7 +67,7 @@ class Explorer(object):
"""Executes cdist explorers.
"""
- def __init__(self, target_host, local, remote, jobs=None, dry_run=False):
+ def __init__(self, target_host, local, remote, jobs=None):
self.target_host = target_host
self._open_logger()
@@ -84,10 +84,6 @@ class Explorer(object):
'__cdist_log_level_name': util.log_level_name_env_var_val(
self.log),
}
-
- if dry_run:
- self.env['__cdist_dry_run'] = '1'
-
self._type_explorers_transferred = []
self.jobs = jobs
diff --git a/cdist/core/manifest.py b/cdist/core/manifest.py
index 8aeaf860..938ad8b8 100644
--- a/cdist/core/manifest.py
+++ b/cdist/core/manifest.py
@@ -96,11 +96,7 @@ class Manifest(object):
"""Executes cdist manifests.
"""
-
- ORDER_DEP_STATE_NAME = 'order_dep_state'
- TYPEORDER_DEP_NAME = 'typeorder_dep'
-
- def __init__(self, target_host, local, dry_run=False):
+ def __init__(self, target_host, local):
self.target_host = target_host
self.local = local
@@ -121,9 +117,6 @@ class Manifest(object):
self.log),
}
- if dry_run:
- self.env['__cdist_dry_run'] = '1'
-
def _open_logger(self):
self.log = logging.getLogger(self.target_host[0])
@@ -216,13 +209,3 @@ class Manifest(object):
type_manifest,
env=self.env_type_manifest(cdist_object),
message_prefix=message_prefix)
-
- def cleanup(self):
- def _rm_file(fname):
- try:
- self.log.trace("[ORDER_DEP] Removing %s", fname)
- os.remove(os.path.join(self.local.base_path, fname))
- except FileNotFoundError:
- pass
- _rm_file(Manifest.ORDER_DEP_STATE_NAME)
- _rm_file(Manifest.TYPEORDER_DEP_NAME)
diff --git a/cdist/emulator.py b/cdist/emulator.py
index 4800e2a3..5103f1a4 100644
--- a/cdist/emulator.py
+++ b/cdist/emulator.py
@@ -29,7 +29,6 @@ import sys
import cdist
from cdist import core
from cdist import flock
-from cdist.core.manifest import Manifest
class MissingRequiredEnvironmentVariableError(cdist.Error):
@@ -45,7 +44,7 @@ class MissingRequiredEnvironmentVariableError(cdist.Error):
class DefaultList(list):
"""Helper class to allow default values for optional_multiple parameters.
- @see https://groups.google.com/forum/#!msg/comp.lang.python/sAUvkJEDpRc/RnRymrzJVDYJ # noqa
+ @see https://groups.google.com/forum/#!msg/comp.lang.python/sAUvkJEDpRc/RnRymrzJVDYJ
"""
def __copy__(self):
return []
@@ -83,11 +82,6 @@ class Emulator(object):
self.object_base_path = os.path.join(self.global_path, "object")
self.typeorder_path = os.path.join(self.global_path, "typeorder")
- self.typeorder_dep_path = os.path.join(self.global_path,
- Manifest.TYPEORDER_DEP_NAME)
- self.order_dep_state_path = os.path.join(self.global_path,
- Manifest.ORDER_DEP_STATE_NAME)
-
self.type_name = os.path.basename(argv[0])
self.cdist_type = core.CdistType(self.type_base_path, self.type_name)
@@ -212,14 +206,6 @@ class Emulator(object):
return params
def setup_object(self):
- # CDIST_ORDER_DEPENDENCY state
- order_dep_on = self._order_dep_on()
- order_dep_defined = "CDIST_ORDER_DEPENDENCY" in self.env
- if not order_dep_defined and order_dep_on:
- self._set_order_dep_state_off()
- if order_dep_defined and not order_dep_on:
- self._set_order_dep_state_on()
-
# Create object with given parameters
self.parameters = {}
for key, value in vars(self.args).items():
@@ -251,20 +237,6 @@ class Emulator(object):
# record the created object in typeorder file
with open(self.typeorder_path, 'a') as typeorderfile:
print(self.cdist_object.name, file=typeorderfile)
- # record the created object in parent object typeorder file
- __object_name = self.env.get('__object_name', None)
- depname = self.cdist_object.name
- if __object_name:
- parent = self.cdist_object.object_from_name(__object_name)
- parent.typeorder.append(self.cdist_object.name)
- if self._order_dep_on():
- self.log.trace(('[ORDER_DEP] Adding %s to typeorder dep'
- ' for %s'), depname, parent.name)
- parent.typeorder_dep.append(depname)
- elif self._order_dep_on():
- self.log.trace('[ORDER_DEP] Adding %s to global typeorder dep',
- depname)
- self._add_typeorder_dep(depname)
# Record / Append source
self.cdist_object.source.append(self.object_source)
@@ -321,73 +293,43 @@ class Emulator(object):
return cdist_object.name
- def _order_dep_on(self):
- return os.path.exists(self.order_dep_state_path)
-
- def _set_order_dep_state_on(self):
- self.log.trace('[ORDER_DEP] Setting order dep state on')
- with open(self.order_dep_state_path, 'w'):
- pass
-
- def _set_order_dep_state_off(self):
- self.log.trace('[ORDER_DEP] Setting order dep state off')
- # remove order dep state file
- try:
- os.remove(self.order_dep_state_path)
- except FileNotFoundError:
- pass
- # remove typeorder dep file
- try:
- os.remove(self.typeorder_dep_path)
- except FileNotFoundError:
- pass
-
- def _add_typeorder_dep(self, name):
- with open(self.typeorder_dep_path, 'a') as f:
- print(name, file=f)
-
- def _read_typeorder_dep(self):
- try:
- with open(self.typeorder_dep_path, 'r') as f:
- return f.readlines()
- except FileNotFoundError:
- return []
-
def record_requirements(self):
"""Record requirements."""
- order_dep_on = self._order_dep_on()
-
# Inject the predecessor, but not if its an override
# (this would leed to an circular dependency)
- if (order_dep_on and 'CDIST_OVERRIDE' not in self.env):
- try:
- # __object_name is the name of the object whose type
- # manifest is currently executed
- __object_name = self.env.get('__object_name', None)
- # load object name created befor this one from typeorder
- # dep file
- if __object_name:
- parent = self.cdist_object.object_from_name(
- __object_name)
- typeorder = parent.typeorder_dep
- else:
- typeorder = self._read_typeorder_dep()
- # get the type created before this one
- lastcreatedtype = typeorder[-2].strip()
- if 'require' in self.env:
- if lastcreatedtype not in self.env['require']:
- self.env['require'] += " " + lastcreatedtype
- else:
- self.env['require'] = lastcreatedtype
- self.log.debug(("Injecting require for "
- "CDIST_ORDER_DEPENDENCY: %s for %s"),
- lastcreatedtype,
- self.cdist_object.name)
- except IndexError:
- # if no second last line, we are on the first type,
- # so do not set a requirement
- pass
+ if ("CDIST_ORDER_DEPENDENCY" in self.env and
+ 'CDIST_OVERRIDE' not in self.env):
+ # load object name created befor this one from typeorder file ...
+ with open(self.typeorder_path, 'r') as typecreationfile:
+ typecreationorder = typecreationfile.readlines()
+ # get the type created before this one ...
+ try:
+ lastcreatedtype = typecreationorder[-2].strip()
+ # __object_name is the name of the object whose type
+ # manifest is currently executed
+ __object_name = self.env.get('__object_name', None)
+ if lastcreatedtype == __object_name:
+ self.log.debug(("Not injecting require for "
+ "CDIST_ORDER_DEPENDENCY: %s for %s,"
+ " %s's type manifest is currently"
+ " being executed"),
+ lastcreatedtype,
+ self.cdist_object.name,
+ lastcreatedtype)
+ else:
+ if 'require' in self.env:
+ self.env['require'] += " " + lastcreatedtype
+ else:
+ self.env['require'] = lastcreatedtype
+ self.log.debug(("Injecting require for "
+ "CDIST_ORDER_DEPENDENCY: %s for %s"),
+ lastcreatedtype,
+ self.cdist_object.name)
+ except IndexError:
+ # if no second last line, we are on the first type,
+ # so do not set a requirement
+ pass
reqs = set()
if "require" in self.env:
diff --git a/cdist/exec/local.py b/cdist/exec/local.py
index ad6c6e36..f83c85df 100644
--- a/cdist/exec/local.py
+++ b/cdist/exec/local.py
@@ -69,6 +69,7 @@ class Local(object):
self.exec_path = exec_path
self.custom_initial_manifest = initial_manifest
+ self._add_conf_dirs = add_conf_dirs
self.cache_path_pattern = cache_path_pattern
self.quiet_mode = quiet_mode
if configuration:
@@ -83,7 +84,16 @@ class Local(object):
self._init_cache_dir(None)
self._init_paths()
self._init_object_marker()
- self._init_conf_dirs(add_conf_dirs)
+ self._init_conf_dirs()
+
+ @property
+ def dist_conf_dir(self):
+ return os.path.abspath(os.path.join(os.path.dirname(cdist.__file__),
+ "conf"))
+
+ @property
+ def home_dir(self):
+ return cdist.home_dir()
def _init_log(self):
self.log = logging.getLogger(self.target_host[0])
@@ -130,9 +140,28 @@ class Local(object):
# Does not need to be secure - just randomly different from .cdist
self.object_marker_name = tempfile.mktemp(prefix='.cdist-', dir='')
- def _init_conf_dirs(self, add_conf_dirs):
- self.conf_dirs = util.resolve_conf_dirs(
- self.configuration, add_conf_dirs=add_conf_dirs)
+ def _init_conf_dirs(self):
+ self.conf_dirs = []
+
+ self.conf_dirs.append(self.dist_conf_dir)
+
+ # Is the default place for user created explorer, type and manifest
+ if self.home_dir:
+ self.conf_dirs.append(self.home_dir)
+
+ # Add directories defined in the CDIST_PATH environment variable
+ # if 'CDIST_PATH' in os.environ:
+ # cdist_path_dirs = re.split(r'(?.
-#
-#
-
-import cdist
-import cdist.configuration
-import cdist.core
-import cdist.exec.util as util
-import os
-import glob
-import fnmatch
-
-
-class Info(object):
-
- def __init__(self, conf_dirs, args):
- self.conf_dirs = conf_dirs
- self.all = args.all
- self.display_global_explorers = args.global_explorers
- self.display_types = args.types
- if not self.display_global_explorers and not self.display_types:
- self.all = True
- self.fixed_string = args.fixed_string
- self._setup_glob_pattern(args.pattern)
- self.full = args.full
-
- def _setup_glob_pattern(self, pattern):
- if pattern is None:
- self.glob_pattern = '*'
- elif ('?' in pattern or '*' in pattern or '[' in pattern or
- self.fixed_string):
- self.glob_pattern = pattern
- else:
- self.glob_pattern = '*' + pattern + '*'
-
- @classmethod
- def commandline(cls, args):
- conf_dirs = util.resolve_conf_dirs_from_config_and_args(args)
- c = cls(conf_dirs, args)
- c.run()
-
- def _get_global_explorers(self, conf_path):
- rv = []
- global_explorer_path = os.path.join(conf_path, "explorer",
- self.glob_pattern)
- if self.fixed_string:
- if os.path.exists(global_explorer_path):
- rv.append(global_explorer_path)
- else:
- for explorer in glob.glob(global_explorer_path):
- rv.append(explorer)
- return rv
-
- def _should_display_type(self, dir_entry):
- if not dir_entry.is_dir():
- return False
- if self.glob_pattern is None:
- return True
- if self.fixed_string:
- return dir_entry.name == self.glob_pattern
- else:
- return fnmatch.fnmatch(dir_entry.name, self.glob_pattern)
-
- def _get_types(self, conf_path):
- rv = []
- types_path = os.path.join(conf_path, "type")
- if not os.path.exists(types_path):
- return rv
- with os.scandir(types_path) as it:
- for entry in it:
- if self._should_display_type(entry):
- rv.append(entry.path)
- return rv
-
- def _display_details(self, title, details, default_values=None,
- deprecated=None):
- if not details:
- return
- if isinstance(details, bool):
- print("\t{}: {}".format(title, 'yes' if details else 'no'))
- elif isinstance(details, str):
- print("\t{}: {}".format(title, details))
- elif isinstance(details, list):
- dv = dict(default_values) if default_values else {}
- dp = dict(deprecated) if deprecated else {}
-
- print("\t{}:".format(title))
- for x in sorted(details):
- print("\t\t{}".format(x), end='')
- has_default = x in dv
- is_deprecated = x in dp
- need_comma = False
- if has_default or is_deprecated:
- print(" (", end='')
- if has_default:
- print("default: {}".format(dv[x]), end='')
- need_comma = True
- if is_deprecated:
- print("{}deprecated".format(', ' if need_comma else ''),
- end='')
- if has_default or is_deprecated:
- print(")", end='')
- print()
-
- def _display_type_parameters(self, cdist_type):
- self._display_details("required parameters",
- cdist_type.required_parameters,
- default_values=cdist_type.parameter_defaults,
- deprecated=cdist_type.deprecated_parameters)
- self._display_details("required multiple parameters",
- cdist_type.required_multiple_parameters,
- default_values=cdist_type.parameter_defaults,
- deprecated=cdist_type.deprecated_parameters)
- self._display_details("optional parameters",
- cdist_type.optional_parameters,
- default_values=cdist_type.parameter_defaults,
- deprecated=cdist_type.deprecated_parameters)
- self._display_details("optional multiple parameters",
- cdist_type.optional_multiple_parameters,
- default_values=cdist_type.parameter_defaults,
- deprecated=cdist_type.deprecated_parameters)
- self._display_details("boolean parameters",
- cdist_type.boolean_parameters,
- default_values=cdist_type.parameter_defaults,
- deprecated=cdist_type.deprecated_parameters)
-
- def _display_type_characteristics(self, cdist_type):
- characteristics = []
- if cdist_type.is_install:
- characteristics.append('install')
- else:
- characteristics.append('config')
- if cdist_type.is_singleton:
- characteristics.append('singleton')
- if cdist_type.is_nonparallel:
- characteristics.append('nonparallel')
- else:
- characteristics.append('parallel')
- if cdist_type.deprecated is not None:
- characteristics.append('deprecated')
- print("\t{}".format(', '.join(characteristics)))
-
- def _display_type_details(self, type_path):
- dirname, basename = os.path.split(type_path)
- cdist_type = cdist.core.CdistType(dirname, basename)
-
- self._display_type_characteristics(cdist_type)
- self._display_type_parameters(cdist_type)
-
- def run(self):
- rv = []
- for cp in self.conf_dirs:
- conf_path = os.path.expanduser(cp)
- if self.all or self.display_global_explorers:
- rv.extend((x, 'E', ) for x in self._get_global_explorers(
- conf_path))
- if self.all or self.display_types:
- rv.extend((x, 'T', ) for x in self._get_types(conf_path))
- rv = sorted(rv, key=lambda x: x[0])
- for x, t in rv:
- print(x)
- if self.full and t == 'T':
- self._display_type_details(x)
diff --git a/cdist/inventory.py b/cdist/inventory.py
index 138a2034..7da306fa 100644
--- a/cdist/inventory.py
+++ b/cdist/inventory.py
@@ -315,7 +315,7 @@ class InventoryHost(Inventory):
hostpath = self._host_path(host)
self.log.trace("hostpath: {}".format(hostpath))
if self.action == "add" and not os.path.exists(hostpath):
- self._new_hostpath(hostpath)
+ self._new_hostpath(hostpath)
else:
if not os.path.isfile(hostpath):
raise cdist.Error(("Host path \'{}\' is"
diff --git a/cdist/preos.py b/cdist/preos.py
deleted file mode 100644
index bf2a8e60..00000000
--- a/cdist/preos.py
+++ /dev/null
@@ -1,130 +0,0 @@
-import os
-import os.path
-import sys
-import inspect
-import argparse
-import cdist
-import logging
-import cdist.argparse
-import cdist.configuration
-import cdist.exec.util as util
-
-
-_PREOS_CALL = "commandline"
-_PREOS_NAME = "_preos_name"
-_PREOS_MARKER = "_cdist_preos"
-_PLUGINS_DIR = "preos"
-_PLUGINS_PATH = [os.path.join(os.path.dirname(__file__), _PLUGINS_DIR), ]
-log = logging.getLogger("PreOS")
-
-
-def extend_plugins_path(dirs):
- for dir in dirs:
- preos_dir = os.path.expanduser(os.path.join(dir, "preos"))
- if os.path.isdir(preos_dir):
- _PLUGINS_PATH.append(preos_dir)
-
-
-def preos_plugin(obj):
- """It is preos if _PREOS_MARKER is True and has _PREOS_CALL."""
- if hasattr(obj, _PREOS_MARKER):
- is_preos = getattr(obj, _PREOS_MARKER)
- else:
- is_preos = False
-
- if is_preos and hasattr(obj, _PREOS_CALL):
- yield obj
-
-
-def scan_preos_dir_plugins(dir):
- for fname in os.listdir(dir):
- if os.path.isfile(os.path.join(dir, fname)):
- fname = os.path.splitext(fname)[0]
- module_name = fname
- try:
- module = __import__(module_name)
- yield from preos_plugin(module)
- clsmembers = inspect.getmembers(module, inspect.isclass)
- for cm in clsmembers:
- c = cm[1]
- yield from preos_plugin(c)
- except ImportError as e:
- log.warning("Cannot import '{}': {}".format(module_name, e))
-
-
-def find_preos_plugins():
- for dir in _PLUGINS_PATH:
- yield from scan_preos_dir_plugins(dir)
-
-
-def find_preoses():
- preoses = {}
- for preos in find_preos_plugins():
- if hasattr(preos, _PREOS_NAME):
- preos_name = getattr(preos, _PREOS_NAME)
- else:
- preos_name = preos.__name__.lower()
- preoses[preos_name] = preos
- return preoses
-
-
-def check_root():
- if os.geteuid() != 0:
- raise cdist.Error("Must be run with root privileges")
-
-
-def get_available_preoses_string(cls):
- preoses = [' - {}'.format(x) for x in sorted(set(cls.preoses))]
- return "Available PreOS-es:\n{}".format("\n".join(preoses))
-
-
-class PreOS(object):
- preoses = None
-
- @classmethod
- def commandline(cls, argv):
- cdist_parser = cdist.argparse.get_parsers()
- parser = argparse.ArgumentParser(
- description="Create PreOS", prog="cdist preos",
- parents=[cdist_parser['loglevel'], ])
- parser.add_argument('preos', help='PreOS to create',
- nargs='?', default=None)
- parser.add_argument('-c', '--conf-dir',
- help=('Add configuration directory (one that '
- 'contains "preos" subdirectory)'),
- action='append')
- parser.add_argument('-g', '--config-file',
- help='Use specified custom configuration file.',
- dest="config_file", required=False)
- parser.add_argument('-L', '--list-preoses',
- help='List available PreOS-es',
- action='store_true', default=False)
- parser.add_argument('remainder_args', nargs=argparse.REMAINDER)
- args = parser.parse_args(argv[1:])
- cdist.argparse.handle_loglevel(args)
- log.debug("preos args : {}".format(args))
-
- conf_dirs = util.resolve_conf_dirs_from_config_and_args(args)
-
- extend_plugins_path(conf_dirs)
- sys.path.extend(_PLUGINS_PATH)
- cls.preoses = find_preoses()
-
- if args.list_preoses or not args.preos:
- print(get_available_preoses_string(cls))
- sys.exit(0)
-
- preos_name = args.preos
- if preos_name in cls.preoses:
- preos = cls.preoses[preos_name]
- func = getattr(preos, _PREOS_CALL)
- if inspect.ismodule(preos):
- func_args = [preos, args.remainder_args, ]
- else:
- func_args = [args.remainder_args, ]
- log.info("Running preos : {}".format(preos_name))
- func(*func_args)
- else:
- raise cdist.Error(
- "Invalid PreOS {}. {}".format(
- preos_name, get_available_preoses_string(cls)))
diff --git a/cdist/preos/debootstrap/__init__.py b/cdist/preos/debootstrap/__init__.py
deleted file mode 100644
index 6d340b4a..00000000
--- a/cdist/preos/debootstrap/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-from debootstrap.debootstrap import Debian, Ubuntu, Devuan
diff --git a/cdist/preos/debootstrap/debootstrap.py b/cdist/preos/debootstrap/debootstrap.py
deleted file mode 100644
index f53dd4a7..00000000
--- a/cdist/preos/debootstrap/debootstrap.py
+++ /dev/null
@@ -1,239 +0,0 @@
-#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
-#
-# 2016 Darko Poljak (darko.poljak at ungleich.ch)
-#
-# This file is part of cdist.
-#
-# cdist is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# cdist is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with cdist. If not, see .
-#
-#
-
-import cdist
-import cdist.config
-import cdist.core
-import cdist.preos
-import argparse
-import cdist.argparse
-import logging
-import os
-import subprocess
-
-
-class Debian(object):
- _preos_name = 'debian'
- _cdist_preos = True
-
- _files_dir = os.path.join(os.path.dirname(__file__), "files")
-
- @classmethod
- def default_args(cls):
- default_remote_exec = os.path.join(cls._files_dir, "remote-exec.sh")
- default_remote_copy = os.path.join(cls._files_dir, "remote-copy.sh")
- default_init_manifest = os.path.join(
- cls._files_dir, "init-manifest-{}".format(cls._preos_name))
-
- defargs = argparse.Namespace()
- defargs.arch = 'amd64'
- defargs.bootstrap = False
- defargs.configure = False
- defargs.cdist_params = '-v'
- defargs.rm_bootstrap_dir = False
- defargs.suite = 'stable'
- defargs.remote_exec = default_remote_exec
- defargs.remote_copy = default_remote_copy
- defargs.manifest = default_init_manifest
-
- return defargs
-
- @classmethod
- def get_parser(cls):
- defargs = cls.default_args()
- cdist_parser = cdist.argparse.get_parsers()
- parser = argparse.ArgumentParser(
- prog='cdist preos {}'.format(cls._preos_name),
- parents=[cdist_parser['loglevel'], cdist_parser['beta']])
- parser.add_argument('target_dir', nargs=1,
- help=("target directory where PreOS will be "
- "bootstrapped"))
- parser.add_argument(
- '-a', '--arch',
- help="target debootstrap architecture, by default '{}'".format(
- defargs.arch), dest='arch', default=defargs.arch)
- parser.add_argument(
- '-B', '--bootstrap',
- help='do bootstrap step',
- dest='bootstrap', action='store_true', default=defargs.bootstrap)
- parser.add_argument(
- '-C', '--configure',
- help='do configure step',
- dest='configure', action='store_true', default=defargs.configure)
- parser.add_argument(
- '-c', '--cdist-params',
- help=("parameters that will be passed to cdist config, by default"
- " '{}' is used".format(defargs.cdist_params)),
- dest='cdist_params', default=defargs.cdist_params)
- parser.add_argument(
- '-D', '--drive-boot',
- help='create bootable PreOS on specified drive',
- dest='drive')
- parser.add_argument(
- '-e', '--remote-exec',
- help=("remote exec that cdist config will use, by default "
- "internal script is used"),
- dest='remote_exec', default=defargs.remote_exec)
- parser.add_argument(
- '-i', '--init-manifest',
- help=("init manifest that cdist config will use, by default "
- "internal init manifest is used"),
- dest='manifest', default=defargs.manifest)
- parser.add_argument(
- '-k', '--keyfile', action="append",
- help=("ssh key files that will be added to cdist config; "
- "'__ssh_authorized_keys root ...' type is appended to "
- "initial manifest"),
- dest='keyfile')
- parser.add_argument(
- '-m', '--mirror',
- help='use specified mirror for debootstrap',
- dest='mirror')
- parser.add_argument(
- '-P', '--root-password',
- help='Set specified password for root, generated by default',
- dest='root_password')
- parser.add_argument('-p', '--pxe-boot-dir', help='PXE boot directory',
- dest='pxe_boot_dir')
- parser.add_argument(
- '-r', '--rm-bootstrap-dir',
- help='remove target directory after finishing',
- dest='rm_bootstrap_dir', action='store_true',
- default=defargs.rm_bootstrap_dir)
- parser.add_argument(
- '-S', '--script',
- help='use specified script for debootstrap',
- dest='script')
- parser.add_argument('-s', '--suite',
- help="suite used for debootstrap, "
- "by default '{}'".format(defargs.suite),
- dest='suite', default=defargs.suite)
- parser.add_argument(
- '-y', '--remote-copy',
- help=("remote copy that cdist config will use, by default "
- "internal script is used"),
- dest='remote_copy', default=defargs.remote_copy)
- parser.epilog = cdist.argparse.EPILOG
-
- return parser
-
- @classmethod
- def update_env(cls, env):
- pass
-
- @classmethod
- def commandline(cls, argv):
- log = logging.getLogger(cls.__name__)
-
- parser = cls.get_parser()
- args = parser.parse_args(argv)
- if args.script and not args.mirror:
- raise cdist.Error("script option cannot be used without "
- "mirror option")
-
- args.command = cls._preos_name
- cdist.argparse.check_beta(vars(args))
-
- cdist.preos.check_root()
-
- args.target_dir = os.path.realpath(args.target_dir[0])
- args.os = cls._preos_name
- args.remote_exec = os.path.realpath(args.remote_exec)
- args.remote_copy = os.path.realpath(args.remote_copy)
- args.manifest = os.path.realpath(args.manifest)
- if args.keyfile:
- new_keyfile = [os.path.realpath(x) for x in args.keyfile]
- args.keyfile = new_keyfile
- if args.pxe_boot_dir:
- args.pxe_boot_dir = os.path.realpath(args.pxe_boot_dir)
-
- cdist.argparse.handle_loglevel(args)
- log.debug("preos: {}, args: {}".format(cls._preos_name, args))
- try:
- env = vars(args)
- new_env = {}
- for key in env:
- if key == 'verbose' and env[key]:
- if env[key] >= 3:
- new_env['debug'] = "yes"
- elif env[key] == 2:
- new_env['verbose'] = "yes"
- elif not env[key]:
- new_env[key] = ''
- elif isinstance(env[key], bool) and env[key]:
- new_env[key] = "yes"
- elif isinstance(env[key], list):
- val = env[key]
- new_env[key + "_cnt"] = str(len(val))
- for i, v in enumerate(val):
- new_env[key + "_" + str(i)] = v
- else:
- new_env[key] = str(env[key])
- env = new_env
- env.update(os.environ)
- cls.update_env(env)
- log.debug("preos: {} env: {}".format(cls._preos_name, env))
- cmd = os.path.join(cls._files_dir, "code")
- info_msg = ["Running preos: {}, suite: {}, arch: {}".format(
- cls._preos_name, args.suite, args.arch), ]
- if args.mirror:
- info_msg.append("mirror: {}".format(args.mirror))
- if args.script:
- info_msg.append("script: {}".format(args.script))
- if args.bootstrap:
- info_msg.append("bootstrapping")
- if args.configure:
- info_msg.append("configuring")
- if args.pxe_boot_dir:
- info_msg.append("creating PXE")
- if args.drive:
- info_msg.append("creating bootable drive")
- log.info(info_msg)
- log.debug("cmd={}".format(cmd))
- subprocess.check_call(cmd, env=env, shell=True)
- except subprocess.CalledProcessError as e:
- log.error("preos {} failed: {}".format(cls._preos_name, e))
-
-
-class Ubuntu(Debian):
- _preos_name = "ubuntu"
-
- @classmethod
- def default_args(cls):
- defargs = super().default_args()
- defargs.suite = 'xenial'
- return defargs
-
-
-class Devuan(Debian):
- _preos_name = "devuan"
-
- @classmethod
- def default_args(cls):
- defargs = super().default_args()
- defargs.suite = 'jessie'
- return defargs
-
- @classmethod
- def update_env(cls, env):
- env['DEBOOTSTRAP_DIR'] = os.path.join(cls._files_dir,
- 'devuan-debootstrap')
diff --git a/cdist/preos/debootstrap/files/code b/cdist/preos/debootstrap/files/code
deleted file mode 100755
index 9e37003b..00000000
--- a/cdist/preos/debootstrap/files/code
+++ /dev/null
@@ -1,274 +0,0 @@
-#!/bin/sh
-##
-## 2016 Darko Poljak (darko.poljak at ungleich.ch)
-##
-## This file is part of cdist.
-##
-## cdist is free software: you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation, either version 3 of the License, or
-## (at your option) any later version.
-##
-## cdist is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-## GNU General Public License for more details.
-##
-## You should have received a copy of the GNU General Public License
-## along with cdist. If not, see .
-
-set -e
-
-if [ "${debug}" ]
-then
- set -x
- cdist_params="${cdist_params} -d"
-fi
-
-bootstrap_dir="${target_dir}"
-
-case "${os}" in
- ubuntu|debian|devuan)
- # nothing, those are valid values
- ;;
- *)
- echo "ERROR: invalid os value: ${os}" >&2
- exit 1
- ;;
-esac
-
-check_bootstrap_dir() {
- if [ ! -e "$1" ]
- then
- echo "ERROR: bootstrap directory $1 does not exist" >&2
- exit 1
- fi
-}
-
-# bootstrap
-if [ "${bootstrap}" ]
-then
- if [ "${DEBOOTSTRAP_DIR}" ]
- then
- debootstrap_cmd="${DEBOOTSTRAP_DIR}/debootstrap"
- else
- command -v debootstrap 2>&1 > /dev/null || {
- echo "ERROR: debootstrap not found" >&2
- exit 1
- }
- debootstrap_cmd="debootstrap"
- fi
-
- # If PreOS on drive then do not check for directory emptiness.
- # Partition can at least contain 'lost+found' directory.
- if [ ! "${drive}" ]
- then
- if [ -e "${bootstrap_dir}" ]
- then
- dir_content=$(ls -A "${bootstrap_dir}" | wc -l)
- else
- dir_content=0
- fi
- if [ "${dir_content}" -ne 0 ]
- then
- echo "ERROR: "${bootstrap_dir}" not empty " >&2
- exit 1
- fi
- fi
-
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "bootstrapping..."
- fi
- mkdir -p "${bootstrap_dir}"
- "${debootstrap_cmd}" --include=openssh-server --arch=${arch} ${suite} ${bootstrap_dir} \
- ${mirror} ${script}
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "bootstrap finished"
- fi
-fi
-
-chroot_mount() {
- mount -t proc none "${bootstrap_dir}/proc" || true
- mount -t sysfs none "${bootstrap_dir}/sys" || true
- mount -o bind /dev "${bootstrap_dir}/dev" || true
- mount -t devpts none "${bootstrap_dir}/dev/pts" || true
-}
-
-chroot_umount() {
- umount "${bootstrap_dir}/dev/pts" || true
- umount "${bootstrap_dir}/dev" || true
- umount "${bootstrap_dir}/sys" || true
- umount "${bootstrap_dir}/proc" || true
-}
-
-TRAPFUNC="umount \"${bootstrap_dir}/dev/pts\" || true; \
-umount \"${bootstrap_dir}/dev\" || true; \
-umount \"${bootstrap_dir}/sys\" || true; \
-umount \"${bootstrap_dir}/proc\" || true;"
-
-# config
-if [ "${configure}" ]
-then
- if [ ! -f "${manifest}" ]
- then
- echo "ERROR: ${manifest} does not exist" >&2
- exit 1
- fi
- if [ ! -f "${remote_exec}" ]
- then
- echo "ERROR: ${remote_exec} does not exist" >&2
- exit 1
- fi
- if [ ! -f "${remote_copy}" ]
- then
- echo "ERROR: ${remote_copy} does not exist" >&2
- exit 1
- fi
-
- if [ "${keyfile_cnt}" -a "${keyfile_cnt}" -gt 0 ]
- then
- i="$((keyfile_cnt - 1))"
- keyfiles=""
- while [ "${i}" -ge 0 ]
- do
- kf_var="keyfile_${i}"
- eval kf='$'"${kf_var}"
- if [ ! -f "${kf}" ]
- then
- echo "ERROR: ${kf} does not exist" >&2
- exit 1
- fi
- key=$(cat "${kf}")
- keyfiles="${keyfiles} --key '${key}'"
- i=$((i - 1))
- done
- ssh_auth_keys_line="__ssh_authorized_keys root ${keyfiles}\n"
- else
- ssh_auth_keys_line=""
- fi
-
- check_bootstrap_dir "${bootstrap_dir}"
-
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "configuring..."
- fi
-
- trap "${TRAPFUNC}" 0 1 2 3 15
-
- chroot_mount
-
- chroot "${bootstrap_dir}" /usr/bin/apt-get update
-
- if [ "${drive}" ]
- then
- grub_manifest_line="__package grub-pc --state present\n"
- grub_kern_params_line="__line linux_kernel_params \
---file /etc/default/grub \
---line 'GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash net.ifnames=0\"'\n"
- else
- grub_manifest_line=""
- grub_kern_params_line=""
- fi
- grub_lines="${grub_manifest_line}${grub_kern_params_line}"
-
- printf "${ssh_auth_keys_line}${grub_lines}" \
- | cat "${manifest}" - |\
- cdist config \
- ${cdist_params} -i - \
- --remote-exec "${remote_exec}" \
- --remote-copy "${remote_copy}" \
- "${bootstrap_dir}"
-
- # __hostname with systmed uses hostnamectl which needs dbus running
- # set hostname explicitly here instead
- printf "preos\n" > "${bootstrap_dir}/etc/hostname"
-
- chroot "${bootstrap_dir}" /usr/bin/apt-get autoclean
- chroot "${bootstrap_dir}" /usr/bin/apt-get clean
- chroot "${bootstrap_dir}" /usr/bin/apt-get autoremove
-
- chroot_umount
-
- trap - 0 1 2 3 15
-
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "configuring finished"
- fi
-fi
-
-if [ "${pxe_boot_dir}" ]
-then
- check_bootstrap_dir "${bootstrap_dir}"
-
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "creating pxe..."
- fi
-
- mkdir -p "${pxe_boot_dir}"
- cp "${bootstrap_dir}"/boot/vmlinuz-* "${pxe_boot_dir}/kernel"
- cd "${bootstrap_dir}"
- find . -print0 | cpio --null -o --format=newc | gzip -9 > "${pxe_boot_dir}/initramfs"
-
- mkdir -p "${pxe_boot_dir}/pxelinux.cfg"
- cat < "${pxe_boot_dir}/pxelinux.cfg/default"
- DEFAULT preos
- LABEL preos
- KERNEL kernel
- APPEND utf8 load_ramdisk=1 root=/dev/ram nofb initrd=initramfs console=ttyS1,115200 net.ifnames=0
-EOPXEF
-
- cp "${bootstrap_dir}/usr/lib/PXELINUX/pxelinux.0" "${pxe_boot_dir}/pxelinux.0"
- cp "${bootstrap_dir}/usr/lib/syslinux/modules/bios/ldlinux.c32" \
- "${pxe_boot_dir}/ldlinux.c32"
- # network boot need all files world readable
- chmod -R 644 "${pxe_boot_dir}"/*
-
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "pxe creation finished"
- fi
-fi
-
-if [ "${drive}" ]
-then
- trap "${TRAPFUNC}" 0 1 2 3 15
- chroot_mount
- chroot "${bootstrap_dir}" grub-install ${drive}
- chroot "${bootstrap_dir}" /bin/sh -c "GRUB_DISABLE_OS_PROBER=true update-grub"
- # set root password
- if [ ! "${root_password}" ]
- then
- if ! which strings >/dev/null 2>&1
- then
- printf "strings is missing\n" >&2
- exit 1
- fi
- root_password="$(head -n 1000 /dev/urandom | strings | \
- grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n')"
- printf "Generated root password (without quotes):'${root_password}'\n"
- fi
- chroot "${bootstrap_dir}" /bin/sh -c "echo \"root:${root_password}\" | \
- chpasswd"
- # /etc/securetty must not be world writeable.
- chmod 644 "${bootstrap_dir}"/etc/securetty
- chroot_umount
- trap - 0 1 2 3 15
-fi
-
-if [ "${rm_bootstrap_dir}" ]
-then
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "removing bootstrap dir..."
- fi
- rm -r -f "${bootstrap_dir}"
- if [ "${verbose}" -o "${debug}" ]
- then
- echo "removing bootstrap dir finished"
- fi
-fi
diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/Makefile b/cdist/preos/debootstrap/files/devuan-debootstrap/Makefile
deleted file mode 100644
index 85168031..00000000
--- a/cdist/preos/debootstrap/files/devuan-debootstrap/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# avoid dpkg-dev dependency; fish out the version with sed
-VERSION := $(shell sed 's/.*(\(.*\)).*/\1/; q' debian/changelog)
-
-all:
-
-clean:
-
-DSDIR=$(DESTDIR)/usr/share/debootstrap
-install:
- mkdir -p $(DSDIR)/scripts
- mkdir -p $(DESTDIR)/usr/sbin
-
- cp -a scripts/* $(DSDIR)/scripts/
- install -o root -g root -m 0644 functions $(DSDIR)/
-
- sed 's/@VERSION@/$(VERSION)/g' debootstrap >$(DESTDIR)/usr/sbin/debootstrap
- chown root:root $(DESTDIR)/usr/sbin/debootstrap
- chmod 0755 $(DESTDIR)/usr/sbin/debootstrap
diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/README b/cdist/preos/debootstrap/files/devuan-debootstrap/README
deleted file mode 100644
index 4d8c3049..00000000
--- a/cdist/preos/debootstrap/files/devuan-debootstrap/README
+++ /dev/null
@@ -1,65 +0,0 @@
-README for debootstrap
-======================
-
-See the manpage for (some) documentation.
-
-Running debootstrap from source
--------------------------------
-
-You can run debootstrap from its source tree without installing it. This
-can be useful if you want a quick way to make a Debian chroot on another
-system, or if you are testing modifications to debootstrap.
-
-First, get the source.
-
-* Either by using git
- git clone https://anonscm.debian.org/git/d-i/debootstrap.git
-
-* Or by visiting
- and downloading the tar.gz file
-
-Then in the debootstrap source directory:
-
- export DEBOOTSTRAP_DIR=`pwd`
- sudo ./debootstrap stable my-stable-dir
-
-If you are running a multi-stage boot strap (for example for a QEMU
-rootfs) you don't even need root:
-
- export DEBOOTSTRAP_DIR=`pwd`
- fakeroot ./debootstrap --foreign --arch=armhf testing my-testing-dir http://deb.debian.org/debian
-
-Of course you will need to execute the second stage as root to finish the bootstrap:
-
- (on foreign hardware)
- /debootstrap/debootstrap --second-stage
-
-
-Future
-------
-
- * Cross-strap support - so you can bootstrap a filesystem to the
- point where it will successfully boot, and finish installing itself
- without having to be running the target architecture or OS yourself.
-
- debootstrap --arch powerpc sarge ./sarge-ppc-chroot ...
-
- on an i386 system, boot a powerpc box with sarge-ppc-chroot as its
- root files system, and have it "work". The cross-hurd package does
- something similar, and should be replaced by this feature.
-
- * There should be some (better) way of telling debootstrap what "base"
- packages you want to install -- this varies between making a chroot,
- doing an install, and doing a buildd. Also, some installs want
- different base packages (to setup networking, or kernels, eg)
-
-
-NMUing
-------
-
-If there's a problem with debootstrap that you need fixed, feel free to do
-an NMU to fix it. Usual rules: try not to break anything, and mail the
-patch to the BTS. Don't worry about asking first though.
-
-However, note that debootstrap is now team maintained. Anyone in d-i can do
-a release without the bother of a NMU.
diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/TODO b/cdist/preos/debootstrap/files/devuan-debootstrap/TODO
deleted file mode 100644
index e5fde0e4..00000000
--- a/cdist/preos/debootstrap/files/devuan-debootstrap/TODO
+++ /dev/null
@@ -1,11 +0,0 @@
-
-Features:
- ++ second stage via chroot debootstrap/debootstrap
- ++ debootstrap/deb file to record deb destinations/information
-
- -- configuration file
- -- versus command line
- -- support for sources (vs mirrors)
- -- faux-pinning for packages
-
- ++ makedev in second stage
diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/.gitignore b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/.gitignore
deleted file mode 100644
index 39638d97..00000000
--- a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-debootstrap
-debootstrap-udeb
-files
-*.debhelper.log
-*.substvars
-
diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/README.DevuanSource b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/README.DevuanSource
deleted file mode 100644
index 6446a088..00000000
--- a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/README.DevuanSource
+++ /dev/null
@@ -1,15 +0,0 @@
-To sync up with debians source for inspiration you should run the following:
-
- `git remote add alioth-git git://anonscm.debian.org/d-i/debootstrap.git`
- `git fetch alioth-git`
-
-After that you can either cherry-pick or merge releases from debian. To
-merge a release, it's do:
- `git tag` to list the release tags
-and
- `git merge `
-followed by all the fixups and then commit with an appropriate message like
- "Merging Release from debian"
-
-Copyright 2016 Daniel Reurich
-
diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/changelog b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/changelog
deleted file mode 100644
index 8688197d..00000000
--- a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/changelog
+++ /dev/null
@@ -1,2655 +0,0 @@
-debootstrap (1.0.87+devuan1.1) unstable; urgency=medium
-
- * add git to builddeps
-
- -- Daniel Reurich Fri, 13 Jan 2017 23:12:50 +1300
-
-debootstrap (1.0.87+devuan1.0) unstable; urgency=high
-
- [ Julien Cristau ]
- * Default to split /usr again, as merged-/usr breaks dpkg-shlibdeps
- (closes: #844221).
-
- [ Riku Voipio ]
- * remove scratchbox2 support (closes: #796189)
-
- -- Christian Perrier Wed, 16 Nov 2016 06:47:27 +0100
-
-debootstrap (1.0.86+devuan1.0) unstable; urgency=high
-
- [ Daniel Reurich ]
- * Restore Devuan Jessie version
- * switch to 3.0 (git) source format
- * set git-depth
- * Add directions for inspiration from debians source
- * removed file so we can build using git source format
- * merge 1.0.86 for jessie
-
- -- Daniel Reurich Fri, 13 Jan 2017 15:58:19 +1300
-
-debootstrap (1.0.86) unstable; urgency=high
-
- * Rework split_inline_sig by using shell built-ins instead of trying to
- mix sed and tr together, which might work on regular systems but not
- from inside the Debian Installer (Closes: #842591). Thanks to Ansgar
- Burchardt for the proof of concept!
-
- -- Cyril Brulebois Sun, 30 Oct 2016 23:35:45 +0100
-
-debootstrap (1.0.85-1+devuan1) unstable; urgency=medium
-
- * sync with debian upstream package
- * add right keyrings with the new schema on devuan-keyring package
-
- -- Franco (nextime) Lanza Sat, 29 Oct 2016 23:21:57 +0200
-
-
-debootstrap (1.0.85) unstable; urgency=medium
-
- [ Julien Cristau ]
- * Add support for downloading and validating InRelease files, by splitting
- up detached signature from signed data.
- * Switch default mirror to deb.debian.org.
-
- [ Colin Watson ]
- * Add (Ubuntu) zesty as a symlink to gutsy.
-
- [ Ansgar Burchardt ]
- * Add jessie-kfreebsd to merged-/usr blacklist.
- * No longer Build-Depend on makedev. The code using it was already
- removed in debootstrap 1.0.82.
- * Do not use `tar -k` for older releases which might have file
- conflicts between the packages to be installed. (Closes: #838388)
- * Error out when seeing short options. (Closes: #548880)
- * Add oldoldstable -> sid script symlink. (Closes: #792734)
- * Add buster -> sid and bullseye -> sid script symlinks.
- * Only unpack and configure the base system when there are actually
- packages to install. (Closes: #825034)
- * debootstrap.8: Use stretch instead of wheezy in examples.
-
- [ Marco d'Itri ]
- * Enable merged-/usr by default. (Closes: #839046)
-
- -- Julien Cristau Fri, 21 Oct 2016 20:22:49 +0200
-
-debootstrap (1.0.84) unstable; urgency=medium
-
- [ Ansgar Burchardt ]
- * Add support for xz-compressed Packages indices. (Closes: #837649)
-
- -- Christian Perrier Thu, 06 Oct 2016 06:59:38 +0200
-
-debootstrap (1.0.83) unstable; urgency=medium
-
- [ Ansgar Burchardt ]
- * functions: Validate that the requested suite is listed in the
- Release file's Suite or Codename field. (Closes: #837075)
- * Add support for merged-/usr, enabled by a new --merged-usr option.
- (Closes: #810301)
- * Feign install of dpkg in second stage. This avoids problems when
- using dpkg-deb together with busybox' tar. (Closes: #837185)
- * README: Use https://.
-
- [ Steve McIntyre ]
- * Update Standards-Version to 3.9.8 (no changes needed)
-
- -- Steve McIntyre <93sam@debian.org> Tue, 13 Sep 2016 13:16:41 +0100
-
-debootstrap (1.0.82) unstable; urgency=medium
-
- [ Alex Bennée ]
- * Excise all devices.tar.gz code. Closes: #830869
-
- -- Christian Perrier Thu, 08 Sep 2016 07:09:56 +0200
-
-debootstrap (1.0.81) unstable; urgency=medium
-
- [ Luca Falavigna ]
- * Add (Ubuntu) yakkety as a symlink to gutsy.
-
- -- Christian Perrier Tue, 03 May 2016 06:51:57 +0200
-
-debootstrap (1.0.80-1+devuan1) unstable; urgency=medium
-
- * sync with debian upstream package.
-
- -- Franco (nextime) Lanza Sun, 24 Apr 2016 06:16:29 +0200
-
-debootstrap (1.0.80) unstable; urgency=medium
-
- [ Jon Boden ]
- * scripts/gutsy: Support kfreebsd & hurd arches on Ubuntu targets
- (closes: #818748)
-
- -- Christian Perrier Tue, 22 Mar 2016 19:27:45 +0100
-
-debootstrap (1.0.79) unstable; urgency=medium
-
- [ Samuel Thibault ]
- * hurd: move setting up dev and servers firmlink to setup_proc stage. Also
- firmlink proc there. Thanks Gabriele Giacone for all the investigation!
- (Closes: #768102)
-
- -- Christian Perrier Fri, 19 Feb 2016 07:23:59 +0100
-
-debootstrap (1.0.78+nmu1) unstable; urgency=medium
-
- * Non-maintainer upload.
- * Split setup_devices in setup_devices (which now only deals with static
- device nodes) and setup_dynamic_devices, and move the calls to
- setup_devices from the beginning of the second stage to the end of the
- first stage.
- setup_dynamic_devices mounts the appropriate filesystems which provide
- dynamic device nodes for the architectures which need one in
- debootstrap (kfreebsd and hurd).
- This fixes a bug in --second-stage introduced in 1.0.34 and exposed
- by the devices-related changes of 1.0.76: the second stage debootstrap
- runs "dpkg --print-architecture >/dev/null" at the very beginning of
- the program when /dev is still empty, so it creates an empty regular
- file in place of /dev/null and this will cause mknod to fail later.
- (Closes: #813232)
-
- -- Marco d'Itri Wed, 17 Feb 2016 01:23:23 +0100
-
-debootstrap (1.0.78) unstable; urgency=high
-
- * Use HTTPS for Vcs-* URLs, and link to cgit rather than gitweb.
- * Don't call mknod with the --mode option, it's not supported in
- busybox. Use -m instead - fixes the broken fix for #812811.
- Closes: #813124. Urgency high to get this fix propagated quickly -
- it's breaking d-i installs right now. Adding myself to uploaders and
- uploading.
-
- -- Steve McIntyre <93sam@debian.org> Fri, 29 Jan 2016 16:36:00 +0000
-
-debootstrap (1.0.77) unstable; urgency=medium
-
- [ Marco d'Itri ]
- * Fix permissions on device nodes (Closes: #812811).
-
- -- Cyril Brulebois Wed, 27 Jan 2016 20:22:05 +0100
-
-debootstrap (1.0.76) unstable; urgency=medium
-
- [ Marco d'Itri ]
- * Stop creating useless device nodes (Closes: #571136).
-
- -- Cyril Brulebois Sun, 24 Jan 2016 08:55:18 +0100
-
-debootstrap (1.0.75-1+devuan1) unstable; urgency=medium
-
- * sync with debian upstream package
-
- -- Franco (nextime) Lanza Wed, 02 Dec 2015 04:05:36 +0100
-
-debootstrap (1.0.75) unstable; urgency=medium
-
- * Stop cleaning KEEP_DEBOOTSTRAP_DIR twice, as spotted by Chris Lamb
- (Closes: #804415).
- * Add Tanglu support (Closes: #771687), thanks to Matthias Klumpp. At
- the moment, the following extra suites are recognized:
- - aequorea
- - bartholomea
- - chromodoris
- - dasyatis
-
- -- Cyril Brulebois Wed, 11 Nov 2015 18:49:28 +0100
-
-debootstrap (1.0.74) unstable; urgency=medium
-
- [ Colin Watson ]
- * Add (Ubuntu) xenial as a symlink to gutsy.
-
- -- Christian Perrier Tue, 03 Nov 2015 07:09:23 +0100
-
-debootstrap (1.0.73) unstable; urgency=medium
-
- * Generate a deburis file with (package, version, uri) tuples, similar
- to the existing debpaths.
-
- -- Cyril Brulebois Thu, 22 Oct 2015 12:43:35 +0200
-
-debootstrap (1.0.72-1+devuan1) unstable; urgency=medium
-
- * Rebase on debian 1.0.70 debootstrap version
- * Added Daniel Reurich in Uploaders
- * Integrating Daniel Reurich patches for d-i
- * Updated manpage with Daniel Reurich changes
-
- -- Franco (nextime) Lanza Thu, 21 May 2015 05:45:36 +0200
-
-debootstrap (1.0.72) unstable; urgency=medium
-
- [ Iain Lane ]
- * Add (Ubuntu) wily as a symlink to gutsy (closes: #787117).
-
- [ Colin Watson ]
- * Fix resolve_deps and setup_available to work in the --foreign case
- (closes: #757819, LP: #1450980).
-
- -- Colin Watson Tue, 28 Jul 2015 14:32:19 +0100
-
-debootstrap (1.0.71-1+devuan1) unstable; urgency=medium
-
- * make devuan-baseconf and devuan-keyring requireds packages
- * make sure we have sysvinit-core and not systemd in the chroot
-
- -- Franco (nextime) Lanza Fri, 01 May 2015 02:13:04 +0200
-
-debootstrap (1.0.71) unstable; urgency=medium
-
- * Adjust sed call to render it more portable (missing ';'), making it
- work with FreeBSD sed. Thanks to Nikolai Lifanov for the report and
- the patch (Closes: #791802).
-
- -- Cyril Brulebois Fri, 10 Jul 2015 01:29:52 +0200
-
-debootstrap (1.0.70-1+devuan1) unstable; urgency=medium
-
- * Debianization of debootstrap.
- * added ceres script and link jessie and ascii to it
-
- -- Franco (nextime) Lanza Sat, 11 Apr 2015 08:03:36 +0200
-
-debootstrap (1.0.70) unstable; urgency=medium
-
- * Use tr instead of (missing in d-i) xargs (Closes: #785693). Thanks,
- Julian Schauder!
-
- -- Cyril Brulebois Tue, 19 May 2015 11:38:27 +0200
-
-debootstrap (1.0.69-1+devuan1) unstable; urgency=medium
-
- * Fix package description.
-
- -- Franco (nextime) Lanza Sat, 07 Mar 2015 21:31:07 +0100
-
-debootstrap (1.0.69) unstable; urgency=medium
-
- [ Cyril Brulebois ]
- * Make sure to deduplicate package list in download_release to avoid
- issues while counting downloaded packages. The failure path could lead
- to printing some strange integer (Closes: #709751, #768445, #785276,
- #774752).
- This was reported to mostly happen whenever --no-resolve-deps is used.
- * Add support for --force-check-gpg so that one can programmatically
- make sure keyring checks are used and that no fallback to an https
- mirror happens (Closes: #661501, #733179, #775454).
- * Switch default mirror from ftp.us.debian.org to the new, official
- http redirector service: httpredir.debian.org
- * Make it possible to override the MAKEDEV variable (Closes: #734743).
- Thanks, Wookey!
-
- [ Christian Perrier ]
- * Update Standards to 3.9.6 (checked)
-
- -- Christian Perrier Mon, 18 May 2015 14:07:43 +0200
-
-debootstrap (1.0.68-2+devuan1) unstable; urgency=medium
-
- * Added missing symlink.
-
- -- Franco (nextime) Lanza Sat, 07 Mar 2015 21:18:26 +0100
-
-debootstrap (1.0.68-1+devuan1) unstable; urgency=medium
-
- * Added script for ascii.
-
- -- Franco (nextime) Lanza Sat, 07 Mar 2015 11:47:02 +0100
-debootstrap (1.0.68) unstable; urgency=medium
-
- [ Steven Chamberlain ]
- * Support the jessie-kfreebsd suite, by using the same script as
- jessie (a symlink to sid) (Closes: #784927).
-
- -- Christian Perrier Mon, 11 May 2015 07:46:19 +0200
-
-debootstrap (1.0.67-1+devuan2) unstable; urgency=medium
-
- * Switch to quilt format
-
- -- Franco (nextime) Lanza Tue, 03 Mar 2015 07:44:11 +0100
-
-debootstrap (1.0.67+devuan1) unstable; urgency=medium
-
- * Applied init freedom patch (debian bug 668001)
- * moved to devuan
-
- -- Franco (nextime) Lanza Tue, 03 Mar 2015 07:09:36 +0100
-
-debootstrap (1.0.67) unstable; urgency=medium
-
- [ Cyril Brulebois ]
- * Apply patch by Jérémy Bobbio to support reproducible builds: specify
- a modification time on the tar side, and add the -n option to gzip
- (Closes: #774069). Thanks, Jérémy!
- * Update setup_apt_sources to look at USE_COMPONENTS if COMPONENTS is
- empty, fixing the empty sources.list bug with foreign architectures
- (Closes: #732255, #773867).
-
- -- Christian Perrier Wed, 14 Jan 2015 07:03:17 +0100
-
-debootstrap (1.0.66) unstable; urgency=low
-
- [ Cyril Brulebois ]
- * Specify gzip compression in debian/source/options to allow for better
- portability on other platforms (Closes: #770214). Thanks, Joey Hess!
- * Specify gzip compression for debootstrap, and xz for debootstrap-udeb,
- to mitigate the need for xz on non-Debian platforms (see: #770217).
-
- -- Christian Perrier Mon, 24 Nov 2014 09:15:50 +0100
-
-debootstrap (1.0.65) unstable; urgency=medium
-
- [ Julien Cristau ]
- * Add support for stretch.
-
- -- Christian Perrier Mon, 10 Nov 2014 09:24:56 +0100
-
-debootstrap (1.0.64) unstable; urgency=medium
-
- * Add (Ubuntu) vivid as a symlink to gutsy.
-
- -- Colin Watson Mon, 20 Oct 2014 16:48:49 +0100
-
-debootstrap (1.0.63) unstable; urgency=medium
-
- [ Joey Hess ]
- * Move set -e out of shebang line. Closes: #762713
-
- -- Christian Perrier Thu, 25 Sep 2014 06:44:16 +0200
-
-debootstrap (1.0.62) unstable; urgency=medium
-
- [ Cyril Brulebois ]
- * Fix reporting of package version in retrieval and validation steps
- to cope with epochs.
-
- -- Christian Perrier Mon, 15 Sep 2014 11:40:54 +0200
-
-debootstrap (1.0.61) unstable; urgency=medium
-
- * Fix "possibly the package $pkg is at fault" warnings to account for
- changed error output in dpkg 1.17.2.
-
- -- Colin Watson Sun, 31 Aug 2014 22:07:49 +0100
-
-debootstrap (1.0.60) unstable; urgency=medium
-
- [ Adam Conrad ]
- * Add (Ubuntu) utopic as a symlink to gutsy.
-
- [ Guillem Jover ]
- * Sync deb support with latest dpkg-deb (closes: #739136):
- - Add uncompressed data.tar deb member support.
- - Add uncompressed and xz control.tar deb member support.
-
- -- Colin Watson Tue, 06 May 2014 09:37:34 +0100
-
-debootstrap (1.0.59) unstable; urgency=medium
-
- * Install ca-certificates as well as apt-transport-https for HTTPS
- installations. This makes it possible to copy certificates that were
- built into the installer to /usr/local/share/ca-certificates/ and thus
- have them continue to be trusted after installation.
-
- -- Colin Watson Thu, 13 Feb 2014 13:42:54 +0000
-
-debootstrap (1.0.58) unstable; urgency=medium
-
- * Policy version 3.9.5: no changes required.
- * Install apt-transport-https if installing from an HTTPS mirror
- (LP: #1135163). It may still be necessary to copy certificates into
- place, but there's at least a reasonable chance that somebody installing
- from HTTPS may want to keep using it, and we have to install
- apt-transport-https at this point otherwise they won't be able to do
- that end-to-end.
-
- -- Colin Watson Tue, 11 Feb 2014 17:46:41 +0000
-
-debootstrap (1.0.57) unstable; urgency=medium
-
- * pkgdetails_perl: Only interpret percentages following whitespace, to
- cope with GNU wget outputting the local file name (which may contain "%"
- due to URL-encoding) after it finishes the download (LP: #1172101).
-
- -- Colin Watson Fri, 07 Feb 2014 16:12:23 +0000
-
-debootstrap (1.0.56) unstable; urgency=low
-
- [ Tollef Fog Heen ]
- * Install base-passwd and base-files in two calls rather than one to
- avoid problems with home-built media with different ordering in
- Packages. Thanks to Jo Shields for pointing this out and providing
- the workaround. Closes: #601670. LP: #1001131.
-
- [ Joey Hess ]
- * When deboostrapping Debian, and the debian-archive-keyring is not
- available, switch the default mirror to a https url. This way at
- least the CA level of security is available even for users who
- have no way to check gpg keys in the WoT. The https mirror is
- currently https://mirrors.kernel.org/debian.
- * Avoid writing https urls into sources.list, as apt does not support https.
-
- -- Christian Perrier Mon, 30 Dec 2013 08:00:41 +0100
-
-debootstrap (1.0.55) unstable; urgency=low
-
- [ Matthias Klose ]
- * Add (Ubuntu) trusty as a symlink to gutsy.
-
- -- Christian Perrier Tue, 22 Oct 2013 13:43:23 +0200
-
-debootstrap (1.0.53) unstable; urgency=low
-
- [ Dmitrijs Ledkovs ]
- * Set debian source format to '3.0 (native)'.
- * Bump debhelper compat level to 9.
- * Set Vcs-* to canonical format.
-
- [ Christian Perrier ]
- * Update Standards to 3.9.4 (checked)
-
- -- Christian Perrier Sun, 14 Jul 2013 13:06:33 +0200
-
-debootstrap (1.0.52) unstable; urgency=low
-
- * scripts/gutsy: Make the fake initctl pass through "initctl version"
- calls, used by such things as invoke-rc.d to figure out whether it's
- running under Upstart (LP: #1182540).
- * scripts/sid, scripts/gutsy: Add a policy-rc.d, matching that in
- debian-installer-utils. This is the primary way to disable daemon
- startup.
-
- -- Colin Watson Wed, 22 May 2013 16:55:59 +0100
-
-debootstrap (1.0.51) unstable; urgency=low
-
- [ Scott Kitterman ]
- * Add (Ubuntu) saucy as a symlink to gutsy (closes: #706989).
-
- [ Colin Watson ]
- * Clarify location of pkgdetails.c in error message (closes: #708771).
- * Resolve mount point symlinks relative to the target chroot before
- unmounting them (closes: #702861, #703037, #704744).
-
- -- Colin Watson Sat, 18 May 2013 23:18:08 +0100
-
-debootstrap (1.0.50) unstable; urgency=low
-
- [ Hector Oron ]
- * Report package version information on package retrieve and validation.
- Closes: #697675
-
- -- Christian Perrier Fri, 17 May 2013 13:34:34 +0200
-
-debootstrap (1.0.49) unstable; urgency=medium
-
- * Add support for jessie. Closes: #706788
-
- -- Joey Hess Sat, 04 May 2013 23:37:52 -0400
-
-debootstrap (1.0.48) unstable; urgency=low
-
- * Team upload
-
- [ Julien Cristau ]
- * Disable InRelease support. gpgv won't give us back the signed data, and
- full gpg is not available inside d-i (closes: #703889).
- * Move extract_release_components to after signature verification.
- Suggested by Ansgar Burchardt.
-
- -- Didier Raboud Thu, 04 Apr 2013 16:17:57 +0200
-
-debootstrap (1.0.47) unstable; urgency=low
-
- * Team upload
- * Properly decrypt the InRelease file when downloading from an archive
- where InRelease is used. This longstanding bug was masked by former
- APT behaviour and was revealed only with recent APT versions
- Closes: #703146
- Thanks to Michael Vogt for the analysis and patch
- * Add a dependency on gpg because of the above change.
-
- -- Christian Perrier Wed, 20 Mar 2013 21:34:29 +0100
-
-debootstrap (1.0.46) unstable; urgency=low
-
- * Team upload.
- * Use `which` to find out sh only if /bin/sh does not exist.
-
- -- Samuel Thibault Thu, 27 Dec 2012 15:47:16 +0100
-
-debootstrap (1.0.45) unstable; urgency=low
-
- [ Joey Hess ]
- * Better support use on Android by not hardcoding /bin/sh
- in a test file that's created, and instead putting in the
- actual path to sh. Closes: #694310 Thanks, Shawn Landden
-
- -- Christian Perrier Sat, 22 Dec 2012 12:56:32 +0100
-
-debootstrap (1.0.44) unstable; urgency=low
-
- * Remove double quotes to fix for loop on GNU/kFreeBSD, thanks to
- Oleg Ginzburg (Closes: #693718).
-
- -- Cyril Brulebois Tue, 20 Nov 2012 23:55:53 +0100
-
-debootstrap (1.0.43) unstable; urgency=low
-
- [ Joey Hess ]
- * Fix "arc" typo. Closes: #686680
-
- [ Colin Watson ]
- * Add (Ubuntu) raring as a symlink to gutsy.
-
- [ Christian Perrier ]
- * Add myself to Uploaders and drop Anthony Towns who is no
- longer active in debootstrap maintenance for a few years. Thanks
- for your work, Anthony.
- * Bump Standards to 3.9.3 (checked)
- * Replace XC-Package-Type by Package-Type in debian/control
-
- -- Christian Perrier Sat, 27 Oct 2012 12:46:46 +0200
-
-debootstrap (1.0.42) unstable; urgency=low
-
- * Downgrade the absence of an InRelease file from a warning to an info
- message. For now, debootstrap can cope fine without, and it's possible
- there are Debian mirrors that don't have InRelease; Ubuntu doesn't quite
- have InRelease support yet either (LP: #1017398).
-
- -- Colin Watson Tue, 03 Jul 2012 15:34:57 +0100
-
-debootstrap (1.0.41) unstable; urgency=low
-
- [ Mehdi Dogguy ]
- * Add support for InRelease files (Closes: #638682)
-
- -- Joey Hess Thu, 21 Jun 2012 13:16:22 -0400
-
-debootstrap (1.0.40) unstable; urgency=low
-
- [ Joey Hess ]
- * When installation or configuration of a package fails, output a message
- that points the user to the log file. Attempt to grep out the first
- package that dpkg failed on and show its name too. Closes: #472704
-
- [ Colin Watson ]
- * Add (Ubuntu) quantal as a symlink to gutsy.
-
- -- Colin Watson Thu, 26 Apr 2012 17:44:44 +0100
-
-debootstrap (1.0.39) unstable; urgency=low
-
- * Retry corrupted downloads rather than carrying on almost regardless.
- Patch mostly due to Michael Gilbert, rearranged somewhat by me (closes:
- #618920).
- * Stop at the end of the retrieval phase if any packages failed to
- download.
-
- -- Colin Watson Tue, 13 Mar 2012 17:21:13 +0000
-
-debootstrap (1.0.38) unstable; urgency=low
-
- [ Joey Hess ]
- * Improve error message when a decompressor is not available,
- to indicate which package has been built with bzip today.
- Closes: #644719
-
- [ Otavio Salvador ]
- * Fix --print-debs support when using --foreign param. Closes:
- #551837.
-
- [ Colin Watson ]
- * pkgdetails_perl: Use the last of a sequence of stanzas for the same
- package name, rather than the first (closes: #649319).
-
- -- Colin Watson Mon, 21 Nov 2011 13:20:53 +0000
-
-debootstrap (1.0.37) unstable; urgency=low
-
- * Add (Ubuntu) precise as a symlink to gutsy.
-
- -- Colin Watson Wed, 05 Oct 2011 21:58:37 +0100
-
-debootstrap (1.0.36) unstable; urgency=low
-
- * Guess host OS based on uname for non-Debian systems. Closes: #637363
- * Clarify "target" in usage message.
- * Fix support for running debootstrap on a FreeBSD host to create a kFreeBSD
- chroot or jail. Thanks, Arno Toell.
- * Search PATH for programs, rather than checking hardcoded locations.
- * Support using md5 and shaN programs, as found on FreeBSD, in addition
- to md5sum and shaNsum.
- * When FreeBSD (not kfreebsd) is the host, don't chroot to mount special
- filesystems.
- * When debootstrapping on FreeBSD, warn if necessary modules are not
- loaded. Thanks, Arno Toell.
- * Workaround for umount bug #634107, which broke pbuilder and "debootstrap ."
- Closes: #631087
-
- -- Joey Hess Sun, 21 Aug 2011 18:39:26 -0400
-
-debootstrap (1.0.35) unstable; urgency=low
-
- [ Robert Millan ]
- * Don't build devices.tar.gz if building on GNU/kFreeBSD (closes:
- #637297).
- * Don't use --arch when we specifically care about the host architecture
- (closes: #637298).
-
- -- Colin Watson Wed, 10 Aug 2011 13:04:41 +0100
-
-debootstrap (1.0.34) unstable; urgency=low
-
- * Add more information regarding the version and architecture in case
- a download fails. Closes: #633625.
- * add /usr/sbin and /sbin to PATH for fakechroot variant. Closes:
- #588773
- * Move setup_devices to second stage of bootstrap. Closes: #498731,
- #531316
-
- -- Otavio Salvador Thu, 28 Jul 2011 19:13:10 +0200
-
-debootstrap (1.0.33) unstable; urgency=low
-
- [ Joey Hess ]
- * Mention minbase variant in --help. Closes: #632418
- * Use md5sums for sarge, which did not consistently have sha1sums
- everywhere. Closes: #633158
-
- [ Colin Watson ]
- * Improve text of error message when decompression command is not
- available.
-
- -- Otavio Salvador Sun, 24 Jul 2011 10:33:56 +0200
-
-debootstrap (1.0.32) unstable; urgency=low
-
- * Use md5sums for woody and potato, which only had those checksums
- in the Packages files. Closes: #627365
-
- -- Joey Hess Mon, 30 May 2011 13:57:46 -0400
-
-debootstrap (1.0.31) unstable; urgency=low
-
- [ Mark Hymers ]
- * Don't use the Build-Essential: yes field in Debian, use the
- build-essential package. Closes: #619700.
-
- [ Colin Watson ]
- * If ubuntu-keyring is installed, check Release signatures against it when
- bootstrapping Ubuntu gutsy and later.
- * Recommend ubuntu-keyring rather than debian-archive-keyring on
- Ubuntu-derived systems.
-
- -- Colin Watson Fri, 20 May 2011 09:45:48 +0100
-
-debootstrap (1.0.30) unstable; urgency=low
-
- [ Joey Hess ]
- * Recommend debian-archive-keyring, and if it is installed,
- default to checking gpg signatures of the Release file against it
- when bootstrapping sid, squeeze, wheezy, etch, and lenny.
- Closes: #560038
- * Add --no-check-gpg option that can be used to disable release file
- verification. Closes: #624229
- * Needs base-installer 1.117.
- * Add a warning message if the keyring file is not available, and
- --no-check-gpg is not specified.
- * Clear all global variables used for options, so that unclean
- environment doesn't break debootstrap. Closes: #621657
- * Removed the --boot-floppies switch and mode. Assuming this has
- not been used in 10 years.
-
- [ Colin Watson ]
- * Resolve dependencies from all requested components (LP: #740167).
-
- -- Joey Hess Tue, 26 Apr 2011 17:10:00 -0400
-
-debootstrap (1.0.29) unstable; urgency=low
-
- [ Joey Hess ]
- * Support bootstrapping oldstable. (Lenny could already be bootstrapped
- using that suite name.)
-
- [ Colin Watson ]
- * Add (Ubuntu) oneiric as a symlink to gutsy.
-
- -- Colin Watson Tue, 22 Mar 2011 10:58:49 +0000
-
-debootstrap (1.0.28) unstable; urgency=low
-
- [ Miguel Figueiredo ]
- * Fix for ar usage, thanks to Guillem Jover. Closes: #598729
-
- [ Joey Hess ]
- * Remove 5 second sleeps when debootstrap finds additional required
- dependencies. d-i just got that much faster.
- * Use SHA checksums. Defaulting to SHA256, and configurable by
- SHA_SIZE environment variable. Closes: #614315
- * If a sha256sum program is not available, fall back to sha1sum.
- This is to support debootstrap use on embedded systems, which are more
- likely to have the latter.
- * Avoid new(?) warning from dpkg about missing Maintainer field when
- feigning install of a package.
-
- -- Joey Hess Mon, 21 Feb 2011 20:48:46 -0400
-
-debootstrap (1.0.27) unstable; urgency=low
-
- [ Miguel Figueiredo ]
- * Fix bug and typo on --private-key
- Patch by Jonathan Klee.
-
- [ Jeremie Koenig ]
- * Hurd support:
- - Use the newer setup-translators script and firmlink
- $TARGET/{dev,servers} in setup_devices_hurd;
- - Don't attempt to build devices.tar.gz, which is not needed.
-
- -- Otavio Salvador Mon, 07 Feb 2011 19:40:24 -0200
-
-debootstrap (1.0.26) unstable; urgency=low
-
- [ Christian Perrier ]
- * Consistently use tab indenting in scripts/gutsy and scripts/sid
- Patch by Karl Goetz. Closes: #601821
- * Fix a typo in the debootstrap script
- Patch by Karl Goetz. Closes: #601822
-
- [ Joey Hess ]
- * sid: Remove old workaround for etch era coreutils/textutils md5sum
- diversion problem. (#329394)
-
- -- Otavio Salvador Fri, 12 Nov 2010 10:07:41 -0200
-
-debootstrap (1.0.25) unstable; urgency=low
-
- * Remove debug statement that slipped in.
- * Add test to guard against devices.tar.gz being empty.
- * /dev/MAKEDEV cannot be relied on (udev likes to make it a symlink to
- true). Always use /sbin/MAKEDEV. Closes: #598080
-
- -- Joey Hess Sun, 26 Sep 2010 13:18:31 -0400
-
-debootstrap (1.0.24) unstable; urgency=low
-
- [ Miguel Figueiredo ]
- * Apply patches from by Jonathan Klee and Guillaume Chauvel
- to add support to https (closes: #521196).
-
- [ Colin Watson ]
- * Add (Ubuntu) natty as a symlink to gutsy.
-
- [ Joey Hess ]
- * Add support for wheezy. Closes: #597461
-
- -- Joey Hess Sun, 19 Sep 2010 21:40:00 -0400
-
-debootstrap (1.0.23) unstable; urgency=low
-
- * Add (Ubuntu) maverick as a symlink to gutsy.
- * Add ${misc:Depends}.
-
- -- Colin Watson Wed, 19 May 2010 13:35:34 +0100
-
-debootstrap (1.0.22) unstable; urgency=low
-
- * Redo release since it ended up with testing directory in tar.gz.
-
- -- Otavio Salvador Mon, 22 Feb 2010 16:52:49 -0300
-
-debootstrap (1.0.21) unstable; urgency=low
-
- [ Otavio Salvador ]
- * Apply patch from Clint Adams to add support for
- gz/bz2/xz data.tar (closes: #458663).
-
- [ Guillem Jover ]
- * Refactor deb extractors into two new functions.
- * Use dpkg-deb if available instead of ar (closes: #557296).
- * Add an --extractor option to override the automatic extractor selection.
-
- [ Otavio Salvador ]
- * Document new --extractor option in manpage.
- * Apply patch from Vagrant Cascadian not
- fail if resolv.conf is a broken symlink (closes: #390647).
-
- [ Frans Pop ]
- * Use tab indentation in scripts/debian/sid to reduce its size (relevant
- for Debian Installer).
- * Add apt to base packages for the buildd variant as it is no longer marked
- Build-Essential.
-
- [ Otavio Salvador ]
- * Apply patch from Andres Salomon to honor
- --components when using mirror_style 'main' (closes: #561283).
- * Apply patch from Andres Salomon to fix
- iteration through components in download_main (closes: #561298).
-
- [ Joey Hess ]
- * Allow the suite to be stable, testing, or unstable when debootstrapping
- Debian. Closes: #288109
- * Make scripts directory in source tree look like installed directory,
- and add a section to README explaining an easy way to run
- debootstrap w/o installing it. Closes: #345762
- * Convert rules file to use dh with overrides.
- * Remove binary-basedebs target from debian/rules.
- This target has been broken in multiple ways since 2007. While I
- accidentially partially fixed it with the above changes, this is evidence
- it's dead code that can be safely removed.
-
- -- Otavio Salvador Sun, 21 Feb 2010 23:11:06 -0300
-
-debootstrap (1.0.20) unstable; urgency=low
-
- * For recent Ubuntu versions, move $TARGET/sbin/initctl aside in the same
- way we do start-stop-daemon, so that attempts to control Upstart jobs
- won't inadvertently affect jobs in the host system.
- * Rename EXAMPLE section in debootstrap(8) to EXAMPLES (closes: #548458).
-
- -- Colin Watson Sun, 04 Oct 2009 21:23:07 +0100
-
-debootstrap (1.0.19) unstable; urgency=low
-
- * Ignore failures from dpkg --predep-package. It exits 1 if there are no
- suitable packages available, which isn't an error for us, but in_target
- complains anyway, so just use in_target_nofail; the termination
- condition is handled immediately afterwards anyway.
-
- -- Colin Watson Thu, 24 Sep 2009 19:57:05 +0100
-
-debootstrap (1.0.18) unstable; urgency=low
-
- * Only use dpkg from the chroot, as there is no guarantee dpkg is
- available outside of the chroot (d-i installation for example).
-
- -- Aurelien Jarno Wed, 23 Sep 2009 11:37:01 +0200
-
-debootstrap (1.0.17) unstable; urgency=low
-
- * Remove boneheaded use of sudo left over from testing (closes: #547949).
-
- -- Colin Watson Tue, 22 Sep 2009 20:10:19 +0100
-
-debootstrap (1.0.16) unstable; urgency=low
-
- [ Colin Watson ]
- * Cope with pre-dependencies of included packages that aren't in Priority:
- required (closes: #487908).
- * Upgrade to debhelper v7. (Override rules get pretty hairy for this
- package, so I haven't switched to dh(1).)
- * Use ports.ubuntu.com as default mirror on sparc for Ubuntu hardy and
- beyond (LP: #431145).
- * Add (Ubuntu) lucid as a symlink to gutsy.
-
- [ Frans Pop ]
- * Makefile: remove unused ARCH variable.
-
- -- Colin Watson Mon, 21 Sep 2009 16:28:40 +0100
-
-debootstrap (1.0.15) unstable; urgency=low
-
- * On Linux, clear out /etc/mtab on exit if it's not a symlink. Should fix
- problems Wouter Verhelst and Martin Michlmayr are seeing with
- initramfs-tools MODULES=dep, although it probably isn't a perfect
- solution.
-
- -- Colin Watson Thu, 23 Jul 2009 16:45:00 +0100
-
-debootstrap (1.0.14) unstable; urgency=low
-
- * Apply patch from Felix Zielcke to use "dpkg
- --print-architecture" to avoid deprecation warning. Closes: #531680.
- * Reference squeeze instead of sarge in manpage. Based on a patch from
- Geoff Simmons . Closes: #534575.
- * Apply patch from Riku Voipio to add support for
- scratchbox variant. Closes: #536820.
-
- -- Otavio Salvador Wed, 22 Jul 2009 12:34:54 -0300
-
-debootstrap (1.0.13) unstable; urgency=low
-
- [ Otavio Salvador ]
- * Apply patch from Luca Favatella to improve
- coding style.
-
- [ Colin Watson ]
- * Add (Ubuntu) karmic as a symlink to gutsy.
-
- -- Colin Watson Fri, 24 Apr 2009 20:08:24 +0100
-
-debootstrap (1.0.12) unstable; urgency=low
-
- [ Otavio Salvador ]
- * Improve code to choose between libc packages. Thanks to Luca Favatella
- for first version of the patch.
-
- [ Colin Watson ]
- * Remove partial support for emitting translated progress messages with
- gettext. Don't panic; d-i still has all the support necessary for this.
- debootstrap's own support for doing this outside d-i with gettext's
- shell bindings has been completely broken ever since it was added in
- 2003, though, and nobody has complained. Fixing it would require a big
- pile of infrastructure and some non-trivial patches, plus arranging to
- copy all the translations over from base-installer, and it just doesn't
- seem worth it, so lose the cruft (LP: #188690).
- * Export PATH, just to make sure. It isn't necessarily exported by shells
- running from init=/bin/sh or similar, and the upstream bash maintainer
- is unwilling to export it by default; it's easy enough to do so here
- (LP: #320188).
-
- -- Colin Watson Tue, 17 Mar 2009 16:38:46 +0000
-
-debootstrap (1.0.11) unstable; urgency=low
-
- * Add (Ubuntu) jaunty as a symlink to gutsy.
- * Clarify that --second-stage is needed to complete the bootstrapping
- process after --foreign.
- * Fix --make-tarball= option (closes: #484869).
- * Fix old Debian scripts and all Ubuntu scripts to cope with Anthony's
- change in 1.0.8 to make --second-stage not bother recalculating required
- and base.
- * Rename 'repeat' to 'repeatn', since 'repeat' is a reserved word in zsh;
- although strictly speaking this seems like an incompatibility in zsh
- when linked to /bin/sh (closes: #340058).
- * Fix --unpack-tarball= option (thanks, Torsten Landschoff; closes:
- #500759).
- * Fix handling of relative DEBOOTSTRAP_DIR (thanks, Mikhail Gusarov;
- closes: #503460).
- * Cope with ancient versions of chroot(8) that don't call chdir() (thanks,
- Patrik Arvhult; closes: #350635).
- * Recommend gnupg for --keyring option (thanks, Robert Millan; closes:
- #467571).
- * Note that you can't --include packages with non-required Pre-Depends
- (see #487908).
- * Mention /sys in EXAMPLE section of manual page, and use "defaults"
- rather than "none" as the mount options for /proc (thanks, Raúl Sánchez
- Siles; closes: #410787).
- * Add /dev/console to devices.tar.gz (after all, MAKEDEV's 'consoleonly'
- was added for boot-floppies in the first place; see
- https://lists.ubuntu.com/archives/ubuntu-devel/2009-January/027230.html).
- * Add support for squeeze (closes: #513488).
-
- -- Colin Watson Wed, 18 Feb 2009 23:46:12 +0000
-
-debootstrap (1.0.10) unstable; urgency=low
-
- [ Joey Hess ]
- * Avoid "broken pipe" errors in bootstrap.log from the the smallyes function.
- The errors themselves are inherent to how the function is used, so just
- suppress them. Closes: #480560.
-
- [ Frans Pop ]
- * Do not cache Release and Release.gpg files. Closes: #488424.
- * Abort if a Packages file failed to verify.
- * Update standards version to 3.8.0; no other changes needed.
-
- -- Frans Pop Wed, 02 Jul 2008 17:44:25 +0200
-
-debootstrap (1.0.9) unstable; urgency=low
-
- [ Frans Pop ]
- * Error out on unrecognized options to avoid invalid options to be
- recognized as arguments.
-
- [ Colin Watson ]
- * Use 'chown 0:0' in all scripts rather than deprecated 'chown 0.0'
- (thanks, Evan Klitzke).
- * Add (Ubuntu) intrepid as a symlink to gutsy.
-
- -- Colin Watson Tue, 29 Apr 2008 19:36:19 +0100
-
-debootstrap (1.0.8) unstable; urgency=low
-
- [ Frans Pop ]
- * Change Priority for the udeb to extra in line with overrides file.
-
- [ Colin Watson ]
- * Partially revert r50134; there are people who depend on being able to
- use the "upstream" Makefile on non-Debian systems. Create necessary
- directories in the Makefile rather than relying on dh_installdirs to do
- it (LP: #172645).
- * Use ftp.us.debian.org rather than ftp.debian.org
- (http://lists.debian.org/debian-devel-announce/2007/12/msg00002.html).
-
- [ Anthony Towns ]
- * Add minbase variant for the sid script that only install apt (and
- its dependencies) instead of all of base. (Closes: Bug#351912,
- Bug#452654)
- * Make --second-stage not bother recalculating required and base as
- it's not needed.
- * Make --arch and other arguments accept both "--arch i386" and
- "--arch=i386" forms of specifying a parameter to avoid the
- inconsistency.
-
- [ Stephen R. Marenka ]
- * Allow installation of etch-m68k. (Closes: Bug#458965)
-
- [ Colin Watson ]
- * Add minbase variant for Ubuntu gutsy/hardy; see Anthony's change above.
- * Minor manual page formatting improvements.
-
- -- Colin Watson Tue, 15 Jan 2008 11:19:34 +0000
-
-debootstrap (1.0.7) unstable; urgency=low
-
- * No longer include full devices tarball in udeb.
- * Also try 'udpkg --print-architecture' when determining the target
- architecture.
- * Utility pkgdetails moved from debootstrap-udeb to bootstrap-base so that
- the udeb can become 'Architecture: all'.
- * Change /usr/lib/debootstrap to /usr/share/debootstrap. Closes: #430615.
- * Use tab indentation in debootstrap and functions saving 3kB (relevant for
- Debian Installer).
- * Fix various inconsistencies in build scripts.
- * Fix dpkg-genchanges warning 'missing Priority for source files'.
- * Update Standards-Version to 3.7.2. No changes needed.
- * Changes in udeb require base-installer 1.85.
-
- -- Frans Pop Wed, 14 Nov 2007 12:15:45 +0100
-
-debootstrap (1.0.6) unstable; urgency=low
-
- * Ensure that the target directory exists in check_sane_mount.
- * Don't ignore 'make clean' errors. (The Makefile is always present.)
-
- -- Colin Watson Sun, 21 Oct 2007 10:50:59 +0100
-
-debootstrap (1.0.5) unstable; urgency=low
-
- [ Colin Watson ]
- * Don't rely on GNU sed's s///I extension (closes: #350583).
-
- [ Joey Hess ]
- * Skip the noexec/nodev test when running --print-debs or other operations
- that do not involve building systems.
-
- -- Joey Hess Sat, 20 Oct 2007 23:10:34 -0400
-
-debootstrap (1.0.4) unstable; urgency=low
-
- [ Neil Williams ]
- * Add --second-stage-target option that allows embedded to test for
- installations in a chroot on the device (closes: #445157).
-
- [ Colin Watson ]
- * Add (Ubuntu) hardy as a symlink to gutsy.
- * Unmount /lib/init/rw on exit (closes: #391604).
- * Cope if uncompressed Packages is missing from Release (closes: #402380).
- * Don't rely on XSI test(1) extensions.
- * Add support for ssh:/// URLs (thanks, Steffen Joeris; closes: #434893).
- * Fix Ubuntu hoary and breezy scripts to unmount /dev etc. on exit
- (closes: #327708).
- * Emit an error if we cannot create working devices or executables on the
- target (based on work by Bastian Kleineidam; closes: #233798).
-
- -- Colin Watson Fri, 19 Oct 2007 14:57:37 +0100
-
-debootstrap (1.0.3) unstable; urgency=low
-
- * Ignore errors when unmounting filesystems, to avoid stopping at the
- first one with problems.
-
- -- Colin Watson Tue, 21 Aug 2007 12:32:37 +0100
-
-debootstrap (1.0.2) unstable; urgency=low
-
- [ Joey Hess ]
- * Document --components in man page.
- * Update man page, as packages listed in --include should now be auto
- dep-resolved by default.
-
- [ Colin Watson ]
- * Extensive quoting fixes, allowing installation to a target containing
- spaces (closes: #387673).
- * scripts/debian/sid: Handle libc0.3 on hurd-i386 (thanks, Michael Banck;
- closes: #314304).
- * functions: Stub out /proc setup and add device setup for the Hurd
- (thanks, Michael Banck; closes: #314311).
- * Add --version option (closes: #294484).
-
- [ Otavio Salvador ]
- * Fix bunzip2 path. Thanks Martín Ferrari by
- the patch (closes: #436218).
-
- -- Otavio Salvador Tue, 07 Aug 2007 20:12:55 -0300
-
-debootstrap (1.0.1) unstable; urgency=low
-
- * scripts/ubuntu/gutsy: Determine buildd variant dynamically using
- Build-Essential: yes.
- * scripts/ubuntu/gutsy.fakechroot: Remove devmapper postinst hack, no
- longer needed.
- * scripts/ubuntu/*.fakechroot: Merge into the corresponding main scripts
- as variants.
-
- -- Colin Watson Fri, 20 Jul 2007 11:55:22 +0100
-
-debootstrap (1.0.0) unstable; urgency=low
-
- [ Anthony Towns ]
- * Make debootstrap team maintained under the d-i banner.
- * Add Joey, Frans and Junichi as uploaders, remove JHM (not in the
- d-i group).
- * Make pkgdetails.c not need C99 extensions. (Closes: Bug#398977)
- * Fix am_doing_phase implementation in debootstrap script. Thanks to
- Tero Janka for spotting the problem and the fix. (Closes: Bug#409881)
-
- [ Joey Hess ]
- * Drop support for sarge from the udeb.
- * Update README.Debian:
- - One todo item is done. (I think cross-strap is too, but unsure.)
- - Reword NMU policy to note that it's team-maintained now.
- * ACK my prior NMU. Closes: #418600
- * If /dev/MAKEDEV DNE, as on certain s390 machines, use /sbin/MAKEDEV.
- Closes: #420908
- Note that /dev/MAKEDEV is still the correct location, and is still tried
- first so that building works on all FHS systems, as noted in #190239.
-
- [ Colin Watson ]
- * Add support for Ubuntu dapper (Closes: #342838), edgy, feisty, and
- gutsy. Exclude everything but gutsy from the udeb.
- * Fix "deboostrap" typo in debootstrap(8) (thanks, Adam Conrad).
- * Fix "htp" typo in temporary /etc/apt/sources.list.
- * Drop support for woody from the udeb too.
- * When removing $TARGET/debootstrap, debootstrap.log is still open as
- stdout/stderr and needs to remain so, but after unlinking it some NFS
- servers implement this by a temporary file in the same directory, which
- makes it impossible to rmdir that directory. Moving it instead works
- around the problem (thanks, Steven McCoy;
- https://launchpad.net/bugs/65003).
- * Fix formatting error in debootstrap(8) (.R is not a macro).
- * Reorganise scripts into scripts/debian/ and scripts/ubuntu/ directories
- in the source tree to declutter the top level.
- * Add default_mirror function; reorganise the debootstrap script a little
- so that it works. Set the default mirror for Ubuntu suites to
- http://archive.ubuntu.com/ubuntu, and the default mirror for Debian
- etch/lenny/sid architectures other than amd64 and i386 to
- http://ftp.us.debian.org/debian (per ajt; see bug #363049).
- * Add devices created by fd to devices-std.tar.gz, so that
- /dev/std{in,out,err} is available conveniently in chroots with /proc and
- /dev/pts mounted (thanks, Matthias Klose).
- * Document --keyring and --make-tarball. (Closes: #368988)
- * Update Ubuntu mirrors: warty/hoary/breezy => old-releases.ubuntu.com,
- unsupported architectures => ports.ubuntu.com.
- * Add myself to Uploaders.
- * Bump to 1.0.0. Nobody uses debootstrap in production, do they?
-
- [ Joey Hess ]
- * Remove the extended package description (aka bloat) from the udeb.
-
- -- Colin Watson Sat, 23 Jun 2007 02:19:27 +0100
-
-debootstrap (0.3.3.3) unstable; urgency=low
-
- * NMU
- * Add support for lenny.
-
- -- Joey Hess Tue, 10 Apr 2007 15:24:15 -0400
-
-debootstrap (0.3.3.2) unstable; urgency=low
-
- * NMU with maintainer approval
- * Remove --force-auto-select option for 'sid' script as it is no longer
- supported by dpkg. Closes: #409527.
-
- -- Frans Pop Fri, 16 Feb 2007 20:43:36 +0100
-
-debootstrap (0.3.3.1) unstable; urgency=low
-
- * NMU with maintainer approval
- * functions/get_debs: build list of available packages from all specified
- sources; this allows debootstrap to also use e.g. custom versions of base
- packages from a source of local packages included on an installation CD.
- Closes: #398762.
-
- -- Frans Pop Thu, 16 Nov 2006 05:30:43 +0100
-
-debootstrap (0.3.3) unstable; urgency=low
-
- * Include kFreeBSD and fakechroot support from 0.3.2.1 and 0.3.2.2 NMUs,
- thanks to Otavio Salvador and Piotr Roszatycki. (Closes: Bug#319100,
- Bug#328446, Bug#204652, Bug#315044, Bug#Bug#319799)
-
- * Require target to be specified in all cases; document usage of target
- for --print-debs. (Closes: Bug#335922, Bug#337230)
-
- * Use ln -sf when symlinking awk for woody and sarge. (Closes: Bug#299048)
-
- -- Anthony Towns Sun, 6 Nov 2005 04:12:39 +1000
-
-debootstrap (0.3.2.2) unstable; urgency=low
-
- * NMU
- * Added relicensed fakechroot variant. Closes: #204652.
-
- -- Piotr Roszatycki Sat, 29 Oct 2005 11:29:00 +0200
-
-debootstrap (0.3.2.1) unstable; urgency=low
-
- * NMU with maintainer approval
- * Applied patch from Robert Millan to add support to
- Debian GNU/kFreeBSD. Closes: #319799
-
- -- Otavio Salvador Fri, 28 Oct 2005 16:14:57 -0200
-
-debootstrap (0.3.2) unstable; urgency=low
-
- * Revert fakechroot NMUs (0.3.1.1, 0.3.1.3, 0.3.1.7) due to incompatible
- license requirements (GPL) (Reopens: Bug#204652)
-
- * Changes from 0.3.1.2 NMU, thanks to Joey Hess: (Closes: Bug#314810)
- + Fix incorrect use of "$@" in local. Closes: #314157, #314547
- + Fix fd redirection in download progress code. See #314373
- + Remove md5sums file from udeb. Closes: #314378
- + Fix debian-installer mode warning code. Closes: #314340
-
- * Changes from 0.3.1.4 NMU, thanks to Joey Hess:
- + Wrap eval statement in exit_function in parens, working around
- bug #315444 in busybox sh. Closes: #314373
-
- * Changes from 0.3.1.5 NMU, thanks to Anibal Monsalve Salazar:
- + Fixed "--variant=buildd option does not work" for pbuilder,
- closes: #314858. Patch by Matt Kraai .
-
- * Changes from 0.3.1.6 NMU, thanks to Joey Hess:
- + Patch from Colin to redirect status messages to stderr when running
- --print-debs. Closes: #315875
- + Restore logging to stderr in debian-installer mode. Closes: #314160
-
- * Changes from 0.3.1.8 NMU, thanks to Petter Reinholdtsen:
- + [functions] Mount /sys if it exist and is supported by the kernel.
- Patch from Cajus Pollmeier, Colin Watson and Ubuntu. (Closes: #289105)
- + [debootstrap] Document --resolve-deps in usage info. (Closes: #328161)
- + [etch] Replace libsigc++-1.2-5c102 with libsigc++-1.2-5c2. (Closes: #334506)
- + [etch] Remove pppoe from base, and only install
- ipchains on m68k. Patch from Sven Luther. (Closes: #239390)
- + [sarge] Remove duplicate entries for m68k and amd64. Patch from
- Frans Pop. (Workaround for bug #319777)
- + [etch] Add support for ppc64. The patch for 'sid' did no longer
- apply. Patch from Andreas Jochens. (Closes: #313353)
- + [sarge,etch,sid] Set DEBCONF_NONINTERACTIVE_SEEN=true during build, to
- avoid questions during upgrade. (Closes: #238301)
- + Add script for breezy. Patch from Colin Watson. (Closes: #315940)
-
- * Changes from 0.3.1.9 NMU, thanks to Joey Hess:
- + Replace the etch script with a copy of the sid script, which pulls in
- gnupg, so the installed etch system has a usable apt. Closes: #334521
-
- * Create /dev/ptmx in minimal devices tarball. (Closes: Bug#317072)
-
- * Don't create empty available files, since old dpkg and new kernels can't
- deal with them. (Closes: Bug#308169, Bug#329468)
-
- * Bump Standards-Version. Bump debhelper compatability level to 4.
- * Cleanup debian/rules, thanks to Joey Hess. (Closes: Bug#314863)
-
- * Emit error message if no pkgdetails is available. (Closes: Bug#326831)
-
- * Turn on --resolve-deps by default. Add --no-resolve-deps as an option.
- Combined with the previous changes to make the etch script dynamically
- determine base, this should resolve all the "can't install "
- bugs. (Closes: Bug#280210, Bug#308361, Bug#318281, Bug#323362,
- Bug#318254, Bug#313292, Bug#334683, Bug#248578, Bug#289635)
-
- * md5sum doesn't exist when coreutils is unpacked but not configured;
- cp it across so it's available for --second-stage. (Closes: Bug#329394)
-
- * Catch failures in "dpkg --status-fd" (Closes: Bug#317447, Bug#323661)
-
- * Make "without" work right for duplicates (Closes: Bug#316884,
- Bug#319777)
-
- * Simplify and correct file descriptor handling and debootstrap.log
- behaviour.
-
- * Delete $TARGET with --print-debs and --make-tarball. (Closes: Bug#328369)
-
- * Add a --make-tarball option. (Closes: Bug#152845)
-
- * Create a default sources.list for apt. (Closes: Bug#283234, Bug#315225)
-
- * Update manpage to talk about woody instead of sarge. (Closes: Bug#315862)
-
- * Use partial/ directory when downloading. (Closes: Bug#109176)
-
- -- Anthony Towns Sun, 23 Oct 2005 14:49:08 +1000
-
-debootstrap (0.3.1) unstable; urgency=low
-
- * sid script updated:
- - Determine base dynamically (Priority: required for required packages,
- Priority: important for base packages, Build-Essential: yes for buildd
- variant base). (Closes: Bug#88984, Bug#193134)
- - Use fine grained dpkg progress display, thanks again to Colin Watson.
- (Closes: Bug#229314, Bug#231109, Bug#244563)
-
- * dpkg output (etc) goes to /var/log/bootstrap.log in the target, rather
- than stdout. This is probably difficult for frontends to capture
- at present.
-
- * Parsing of Packages file sped up. (Yay!)
-
- * debootstrap.deb now arch: all (Closes: Bug#122465, Bug#131552)
- - perl implementation of pkgdetails used by preference
- - devices.tar.gz reduced to minimal set of devices; frontends should
- setup udev or supply their own devices or similar in future
- - /usr/lib/debootstrap/arch not shipped
- - none of the above applies to udebs yet; though the devices.tar.gz
- change will eventually
-
- * Support for verifying based on Release.gpg files (--keyring). Thanks
- to Colin Watson. (Closes: Bug#313383)
-
- -- Anthony Towns Tue, 14 Jun 2005 00:22:55 +1000
-
-debootstrap (0.3.0) unstable; urgency=low
-
- * The Gernot Heiser release, dedicated to everyone who drinks enough to
- lose their better judgement, and those of us who didn't have any in
- the first place.
-
- * Major update. New features:
- + Use $TARGET/debootstrap directory for state info
- (--keep-debootstrap-dir)
- + Support for cross-strapping (--foreign / --second-stage)
- (Closes: Bug#202529)
- + Support for resolving dependencies (--resolve-deps)
- + Support for Debian etch, and Ubuntu warty and hoary (Closes: Bug#312417)
- + Support for handling variants within the main suite script
- + Support for other versions of base packages in /v/c/apt/archives
- + Initial support for fine-grained dpkg progress display, thanks to
- Colin Watson (currently only for warty and hoary)
- + Initial support for determining base system dynamically.
- + No longer display "debootstrap.invalid" when working with
- Release/Packages files. (Closes: Bug#241795, Bug#256255)
- + Ignores failures for on_exit cleanup commands. (Closes: Bug#253387,
- Bug#253468, Bug#308774)
- + Early reporting of unavailable packages.
- + More efficient parsing of Packages files.
- + Generalised additions and exclusions. (Closes: Bug#191793)
- + Handles symlinked configuration files in /etc a little better.
- (Closes: Bug#161987, Bug#252907, Bug#272257)
-
- * Dropped support for slink.
-
- * Use ln -fs for mawk/awk link. (Closes: Bug#248398, Bug#258524)
-
- * Dropped mail-transport-agent, and hence mailx and at from sid/etch base.
- (Closes: Bug#168473)
- * Dropped ipchains for i386 (Closes: Bug#266119)
- * Other minor changes to meet dependencies, also. (Closes: Bug#312701)
-
- * Minor manpage fixes. (Closes: Bug#285777)
- * Add check for specifying no components (CloseS: Bug#283810)
-
- * Include 0.2.45 NMUs, thanks to Steve Langasek.
- (Closes: Bug#295571, Bug#283752, Bug#278158)
-
- -- Anthony Towns Sun, 12 Jun 2005 23:49:58 +1000
-
-debootstrap (0.2.45-0.2) unstable; urgency=low
-
- * Non-maintainer upload.
- * [sarge, sid] Replace libparted1.6-0 with libparted1.6-12 for ia64,
- to keep up with the ABI changes for that package. (Closes: #295571)
- * [sarge, sid] include pciutils on hppa as well, per request of the
- hppa folks. (Closes: #283752)
-
- -- Steve Langasek Fri, 25 Feb 2005 22:23:30 -0800
-
-debootstrap (0.2.45-0.1) unstable; urgency=low
-
- * Non-maintainer upload.
- * [sarge, sid] Drop libgnutls10 and libgcrypt7, since they are no
- longer needed by exim4. (Closes: #278158).
-
- -- Steve Langasek Thu, 20 Jan 2005 21:20:22 -0800
-
-debootstrap (0.2.45) unstable; urgency=high
-
- * Acknowledge NMUs. (Closes: #270135)
- * [woody.buildd] Corrected ia64 special cases. Patch by Brett Johnson
- . (Closes: #271894)
-
- -- J.H.M. Dassen (Ray) Sat, 18 Sep 2004 13:49:23 +0200
-
-debootstrap (0.2.44.2) unstable; urgency=low
-
- * NMU again, this time using the makedev in unstable instead of the
- experimental so devices.tar.gz isn't empty on ia64... oops... /o\
-
- -- Bdale Garbee Tue, 14 Sep 2004 20:03:56 -0600
-
-debootstrap (0.2.44.1) unstable; urgency=low
-
- * NMU to resolve d-i inability to install sid on ia64
- * add pciutils to the base package list for ia64, to avoid having to regress
- efibootmgr in unstable, closes: #270315, #268490
-
- -- Bdale Garbee Mon, 13 Sep 2004 15:11:11 -0500
-
-debootstrap (0.2.44) unstable; urgency=high
-
- * [sarge] Removed "gcc-3.0-base" and "libstdc++3" for HPPA as they have been
- removed from sarge as well on that arch. (Closes: #268917)
-
- -- J.H.M. Dassen (Ray) Mon, 30 Aug 2004 08:53:30 +0200
-
-debootstrap (0.2.43) unstable; urgency=high
-
- * [sarge] Added back libgnutls10 in order not to break d-i testing.
- (Closes: #268578, #268663).
-
- -- J.H.M. Dassen (Ray) Sun, 29 Aug 2004 09:08:48 +0200
-
-debootstrap (0.2.42) unstable; urgency=high
-
- * Acknowledge NMUs. (Closes: #262137, #262165, #262178, #262375)
- * [sarge] Switch to libgnutls11 so exim4 can switch. (Closes: #268325)
- * [sid] Removed "gcc-3.0-base" and "libstdc++3" for HPPA as they have been
- removed from sid. (Closes: #268049)
- * [Makefile] Make the regular video devices on all archs. (Closes: #265081)
- * [Makefile,debootstrap] Switched away from deprecated chown syntax;
- switched away from XSIisms '-a' and '-o'. (Closes: #256098)
- * [debootstrap.8] Use '\-' rather than '-' in options. (Closes: #263955)
- Confirmed that the "exlude" typo has already been fixed. (Closes: #254108)
- Applied patch by Javier Fernández-Sanguino Peña
- for "file" URL documentation and a more complete example. (Closes: #226662)
-
- -- J.H.M. Dassen (Ray) Fri, 27 Aug 2004 15:40:02 +0200
-
-debootstrap (0.2.41-0.2) unstable; urgency=low
-
- * Non-maintainer upload
- * [sarge, sid] Add missing libgcrypt11 to base, needed by libgnutls11
- in sid and needed in sarge for opencdk8 to be rebuilt against it
- (closes: #262375, #262178).
-
- -- Steve Langasek Fri, 30 Jul 2004 20:26:57 -0700
-
-debootstrap (0.2.41-0.1) unstable; urgency=low
-
- * Non-maintainer upload with consent of JHM.
- * Pull libfribidi0 back out of base, it's opportunistically installed
- by d-i now for the locales that need it (closes: #262137).
- * Re-add bootloaders on ia64, sparc, mips, hppa, and m68k to base,
- because debian-installer isn't ready for this change (closes: #262165).
-
- -- Steve Langasek Thu, 29 Jul 2004 14:14:33 -0700
-
-debootstrap (0.2.41) unstable; urgency=high
-
- * High urgency upload as per tbm's request.
- * [sarge, sid] No longer install setserial, as it causes problems on some
- systems (e.g. #212646) and there is a consensus it is no longer needed in
- a base environment.
- * [sarge, sid] Removed aboot, aboot-base, elilo, efibootmgr, silo, dvhtool,
- delo, palo, vmelilo. As per the consensus reached in the thread starting
- with http://lists.debian.org/debian-boot/2004/04/msg00634.html, the
- installation of boot loaders is now debian-installer's responsibility.
- (Closes: #247906)
- * [sarge, sid] Added libfribidi0 to base to make debconf localisation into
- right to left languages possible. (Closes: #253229)
- * [sarge.buildd] Drop libdb4.0 for libdb4.2 as needed by perl.
- * [sid] Added libgnutls11 as libgnutls10 is being phased out.
- * [Makefile] Include /dev/ida on ia64. (Closes: #258055)
-
- -- J.H.M. Dassen (Ray) Thu, 29 Jul 2004 20:37:37 +0200
-
-debootstrap (0.2.40) unstable; urgency=medium
-
- * [woody.buildd] Ensure the on_exit umounting of /dev/pts doesn't mess up
- an otherwise OK exit status. (Closes: #260699)
- * Acknowledge NMUs. (Closes: #258350, #260253)
-
- -- J.H.M. Dassen (Ray) Thu, 22 Jul 2004 21:53:20 +0200
-
-debootstrap (0.2.39.2) unstable; urgency=low
-
- * Non-maintainer upload.
- * [sarge, sid] Drop quik from powerpc, as debian-installer handles this
- now (closes: #260253).
-
- -- Colin Watson Thu, 22 Jul 2004 16:56:19 +0100
-
-debootstrap (0.2.39.1) unstable; urgency=low
-
- * NMU
- * add passwd to sid.buildd,sarge.buildd as bash depends on them
-
- -- Junichi Uekawa Fri, 9 Jul 2004 09:07:28 +0900
-
-debootstrap (0.2.39) unstable; urgency=medium
-
- * [sarge,sid] Dropped libdb2. Thanks Matt Zimmerman. (Closes: #250813)
- * [sarge,sid] Dropped libident. Thanks LaMont Jones. (Closes: #251320)
- * [sarge,sid] Dropped slang1. Thanks LaMont Jones. (Closes: #251328)
- * [woody.buildd] Install libperl5.6. Thanks Rene Engelhard. (Closes: #251702)
- * [sarge.buildd] Install libc6.1 rather than libc6 on alpha. Thanks Rene
- Engelhard. (Closes: #251703)
-
- Goswin von Brederlow
- * Copy script for sarge to sid
- * Add handling for amd64 to sarge/sid scripts
- * Dropped gcc-3.2-base. (Closes: #250836)
-
- -- J.H.M. Dassen (Ray) Sat, 5 Jun 2004 10:02:50 +0200
-
-debootstrap (0.2.38.1) unstable; urgency=low
-
- * NMU.
- * [sarge] Add libdb4.2 since apt-utils (0.5.25) depends on this.
-
- -- Otavio Salvador Thu, 20 May 2004 22:18:41 -0300
-
-debootstrap (0.2.38) unstable; urgency=medium
-
- * [woody.buildd] Readd libgdbmg1 (for perl-modules).
-
- -- J.H.M. Dassen (Ray) Fri, 7 May 2004 10:55:13 +0200
-
-debootstrap (0.2.37) unstable; urgency=medium
-
- * [debian/control] Bumped makedev build dependency so as not to get pty
- permissions problems. (Closes: #246709)
- * [sid, sid.buildd] Add/switch to libdb4.2 for the new perl packages.
- * Acknowledge NMU 0.2.36.1. (Closes: #246368)
-
- -- J.H.M. Dassen (Ray) Tue, 4 May 2004 07:58:02 +0200
-
-debootstrap (0.2.36.1) unstable; urgency=low
-
- * Non-maintainer upload with maintainer permission.
- * [sarge, sid] Drop yaboot from powerpc, as debian-installer handles this
- now (closes: #246368).
-
- -- Colin Watson Fri, 30 Apr 2004 00:05:02 +0100
-
-debootstrap (0.2.36) unstable; urgency=high
-
- Joey Hess :
- * [sid, sarge] Add a subst_package function, and use it to replace libc6
- with libc6.1 on alpha and ia64, to avoid reordering libc in the required
- list and work around bug #238963. (Closes: #245680)
-
- -- J.H.M. Dassen (Ray) Sun, 25 Apr 2004 18:37:42 +0200
-
-debootstrap (0.2.35) unstable; urgency=high
-
- * [sarge, sid] Dropped syslinux. (Closes: #205379)
- * [woody, woody.buildd] Removed libgdbmg1. (Closes: #244447)
- * [debootstrap, functions] Sync at the end of debootstrap. (Closes: #225742)
-
- -- J.H.M. Dassen (Ray) Thu, 22 Apr 2004 16:51:49 +0200
-
-debootstrap (0.2.34) unstable; urgency=high
-
- * [sid] Dropped libpci1 and libpci2 as the pciutils dependency change has
- been reverted. (Closes: #244344)
-
- -- J.H.M. Dassen (Ray) Thu, 22 Apr 2004 08:14:28 +0200
-
-debootstrap (0.2.33) unstable; urgency=high
-
- * [sid] Added libpci1 and libpci2 for all archs where pciutils is installed,
- as pciutils now depends on them. (Closes: #244344)
-
- -- J.H.M. Dassen (Ray) Sun, 18 Apr 2004 09:41:23 +0200
-
-debootstrap (0.2.32) unstable; urgency=high
-
- * [sarge, sid] No longer try to filter out console-tools on s390. While
- console-tools is basically useless on s390, base-config depends on it.
- (Closes: #241727)
-
- -- J.H.M. Dassen (Ray) Fri, 9 Apr 2004 16:26:23 +0200
-
-debootstrap (0.2.31) unstable; urgency=medium
-
- * [sarge] Exim has changed GnuTLS dependencies. Added libgnutls10,
- libgcrypt7, libgpg-error0, libopencdk8, libtasn1-2; dropped libgnutls7,
- libgcrypt1, libtasn1-0.
- * [sarge] Removed libgnutls7, libgcrypt1, libtasn1-0.
-
- -- J.H.M. Dassen (Ray) Tue, 23 Mar 2004 22:47:28 +0100
-
-debootstrap (0.2.30) unstable; urgency=medium
-
- * [sarge, sid] aboot needs aboot-base. (Closes: #236368, #239302)
-
- -- J.H.M. Dassen (Ray) Mon, 22 Mar 2004 21:10:31 +0100
-
-debootstrap (0.2.29) unstable; urgency=low
-
- * NMU with permission of maintainer.
- * Added {woody,sarge,sid}.buildd scripts to create build chroots.
- Closes: #236418.
- * Added --variant=buildd option for convenient access to these scripts.
-
- -- Daniel Schepler Wed, 10 Mar 2004 02:29:27 -0800
-
-debootstrap (0.2.28) unstable; urgency=medium
-
- * [sid] Exim has changed GnuTLS dependencies. Added libgnutls10, libgcrypt7,
- libgpg-error0, libopencdk8, libtasn1-2; dropped libgnutls7, libgcrypt1,
- libtasn1-0.
- * [sarge,sid] Dropped lilo, mbr, modconf, libdevmapper1.00 as
- debian-installer handles the bootloader installation and modules
- configuration. (Closes: #232667, #232672, #232673)
-
- -- J.H.M. Dassen (Ray) Tue, 24 Feb 2004 09:57:35 +0100
-
-debootstrap (0.2.27) unstable; urgency=medium
-
- * [sarge] Lilo now needs libdevmapper1.00; Removed libopencdk8, libgcrypt7,
- libgpg-error0.
-
- -- J.H.M. Dassen (Ray) Sat, 14 Feb 2004 01:19:48 +0100
-
-debootstrap (0.2.26) unstable; urgency=medium
-
- * [sarge] Removed gcc-3.2-base. (Closes: #230697)
- * [sid] Lilo now needs libdevmapper1.00 .
-
- -- J.H.M. Dassen (Ray) Tue, 3 Feb 2004 08:27:54 +0100
-
-debootstrap (0.2.25) unstable; urgency=high
-
- * [functions] Unmount proc/bus/usb, not proc/usb. (Closes: #229122)
-
- -- J.H.M. Dassen (Ray) Fri, 30 Jan 2004 18:01:29 +0100
-
-debootstrap (0.2.24) unstable; urgency=high
-
- * [functions, sarge, sid] Try to unmount proc/usb, dev/shm, dev/pts on exit;
- don't fail when there's nothing to unmount.
- (Closes: #229122, #229901, #229907)
- * [woody] Don't fail when there's no dev/pts to unmount.
- * [sarge, sid] Don't install pcmcia-cs as debian-installer takes care of
- that where needed. (Closes: #221907)
- * [sid] Removed libopencdk8, libgcrypt7, libgpg-error0.
- * [sarge] libopencdk8 (needed for exim4-daemon-light via libgnutls7)
- Depends: libgcrypt7, libgpg-error0. (Closes: #229989)
-
- -- J.H.M. Dassen (Ray) Wed, 28 Jan 2004 18:48:02 +0100
-
-debootstrap (0.2.23) unstable; urgency=high
-
- * [sarge] Dropped libopencdk4 in favour of libopencdk8 as gnutls has switched.
-
- -- J.H.M. Dassen (Ray) Thu, 1 Jan 2004 01:30:02 +0100
-
-debootstrap (0.2.22) unstable; urgency=high
-
- * [sid] libopencdk8 Depends: libgcrypt7, libgpg-error0.
-
- -- J.H.M. Dassen (Ray) Wed, 31 Dec 2003 12:35:03 +0100
-
-debootstrap (0.2.21) unstable; urgency=high
-
- * [sarge] Added coreutils' new predependencies libacl1 and libattr1; removed
- libsasl2 as it is no longer needed.
-
- -- J.H.M. Dassen (Ray) Sun, 28 Dec 2003 22:54:08 +0100
-
-debootstrap (0.2.20) unstable; urgency=high
-
- * [sarge] base-config now Depends: aptitude; aptitude Depends:
- libsigc++-1.2-5c102.
-
- -- J.H.M. Dassen (Ray) Sun, 28 Dec 2003 15:11:31 +0100
-
-debootstrap (0.2.19) unstable; urgency=high
-
- * [sid] base-config now Depends: aptitude; aptitude Depends:
- libsigc++-1.2-5c102.
-
- -- J.H.M. Dassen (Ray) Wed, 24 Dec 2003 09:03:44 +0100
-
-debootstrap (0.2.18) unstable; urgency=low
-
- * Thanks to Steinar Gunderson and Matt Kraii for the NMU fixing some
- d-i related problems. (Closes: Bug#220150)
- * Acknowledge that the problems really are fixed now. (Closes:
- Bug#213669, Bug#209273, Bug#210912)
-
- * Fix downloading of Packages files to retry if bz2 or gz isn't available
- on the mirror. (Closes: Bug#194592)
-
- -- Anthony Towns Sat, 15 Nov 2003 00:13:13 +1000
-
-debootstrap (0.2.17.1) unstable; urgency=high
-
- * NMU
- * [sarge,sid] Display only the package name when retrieving packages.
- (Closes: #213669, #209273)
- * [sarge,sid] Added progress information for downloading package
- details. (Closes: #210912)
-
- -- Steinar H. Gunderson Mon, 10 Nov 2003 15:11:09 +0100
-
-debootstrap (0.2.17) unstable; urgency=high
-
- * [sarge] Fixed typo: libreadlin4 -> libreadline4. (Closes: #219655)
-
- -- J.H.M. Dassen (Ray) Sat, 8 Nov 2003 23:23:37 +0100
-
-debootstrap (0.2.16) unstable; urgency=high
-
- * [sarge,sid] libreadline4 is required for amiga-fdisk on powerpc.
- (Closes: #218533)
- * [sarge,sid] Put libreadline4 in required rather than base for ia64.
-
- -- J.H.M. Dassen (Ray) Wed, 5 Nov 2003 08:09:41 +0100
-
-debootstrap (0.2.15) unstable; urgency=high
-
- * ia64 fixes by Richard Hirst : (Closes: #218533)
- * [sarge, sid] Add libreadline4 to base for ia64 as parted needs it.
- * [sarge, sid] Remove gcc-2.96-base from required for ia64.
-
- -- J.H.M. Dassen (Ray) Sat, 1 Nov 2003 12:58:34 +0100
-
-debootstrap (0.2.14) unstable; urgency=high
-
- * [sarge] Made exim4 the default MTA. (Closes: #217657)
- * [sarge] Removed libstdc++2.10-glibc2.2, libldap2 .
- * [sid] Dropped libopencdk4 in favour of libopencdk8 as gnutls has switched.
-
- -- J.H.M. Dassen (Ray) Tue, 28 Oct 2003 09:56:27 +0100
-
-debootstrap (0.2.13) unstable; urgency=high
-
- * [sarge] Added libtextwrap1 for tasksel.
-
- -- J.H.M. Dassen (Ray) Wed, 22 Oct 2003 08:10:37 +0200
-
-debootstrap (0.2.12) unstable; urgency=high
-
- * [sarge, sid] Add libreadline4 to required for m68k as amiga-fdisk needs
- it. (Closes: #216617)
-
- -- J.H.M. Dassen (Ray) Mon, 20 Oct 2003 10:05:09 +0200
-
-debootstrap (0.2.11) unstable; urgency=high
-
- * [sid] Added libc6-sparc64 lib64gcc1 lib64ncurses5 to base for sparc.
- (Closes: #215590)
- * [sarge, sid] Dropped libreadline as bash no longer depends on it.
- * [sid] Dropped libstdc++2.10-glibc2.2 and its associated special cases as
- it is no longer needed.
-
- -- J.H.M. Dassen (Ray) Wed, 15 Oct 2003 19:42:58 +0200
-
-debootstrap (0.2.10) unstable; urgency=high
-
- * [sid] Fixed /usr/sbin/sendmail symlink to point to exim4. (Closes: #213734)
-
- -- J.H.M. Dassen (Ray) Sat, 4 Oct 2003 15:47:31 +0200
-
-debootstrap (0.2.9) unstable; urgency=high
-
- * [sarge] Added libgdbm3 for man-db.
-
- -- J.H.M. Dassen (Ray) Thu, 2 Oct 2003 23:57:09 +0200
-
-debootstrap (0.2.8) unstable; urgency=high
-
- * [sid] Added libtextwrap1 for tasksel; removed libsasl2 as it is no longer
- needed.
-
- -- J.H.M. Dassen (Ray) Thu, 2 Oct 2003 07:57:16 +0200
-
-debootstrap (0.2.7) unstable; urgency=high (fixes RC d-i bug)
-
- * [sarge] Reinstated special-case for libperl5.8; it is still needed for
- non-i386 until sarge has perl >= 5.8.0-20. (Closes: #213280)
- * [debian/control] Updated Standards-Version; fixed removal of slink and
- potato scripts from udeb.
- * [debian/control] Updated priorities; debootstrap-udeb is required (for
- debian-installer).
- * [debian/rules] Fixed dpkg-distaddfile accordingly.
-
- -- J.H.M. Dassen (Ray) Tue, 30 Sep 2003 14:31:57 +0200
-
-debootstrap (0.2.6) unstable; urgency=low
-
- * [sarge] Added e2fslibs, libcomerr2, libss2, libuuid1 for e2fsprogs.
-
- -- J.H.M. Dassen (Ray) Fri, 26 Sep 2003 13:50:58 +0200
-
-debootstrap (0.2.5) unstable; urgency=low
-
- * [sid] Added libgdbm3 for man-db.
- * [sarge, sid] Dropped special-case for libperl5.8 (Closes: #210425).
- * [sid] Make exim4 the default MTA as it is configured through debconf.
- (Closes: #208047)
- * [sid] Removed libldap2 which is no longer needed.
-
- -- J.H.M. Dassen (Ray) Sun, 21 Sep 2003 13:30:49 +0200
-
-debootstrap (0.2.4) unstable; urgency=low
-
- * [sid] Added coreutils' new predependencies libacl1 and libattr1.
- * [debian/README.Debian] Corrected example invocation. (Closes: #206142)
- * [debian/README.Debian] Fixed a typo.
-
- -- J.H.M. Dassen (Ray) Wed, 20 Aug 2003 10:28:49 +0200
-
-debootstrap (0.2.3) unstable; urgency=low
-
- * [sarge] Add new dependencies of debconf: debconf-i18n
- liblocale-gettext-perl libtext-wrapi18n-perl libtext-charwidth-perl.
- * Acknowledge NMU. (Closes: #203370)
-
- -- J.H.M. Dassen (Ray) Sat, 16 Aug 2003 20:15:40 +0200
-
-debootstrap (0.2.2-0.1) unstable; urgency=low
-
- * NMU.
- * Fix typo in woody script. (Closes: #203370)
-
- -- Petter Reinholdtsen Tue, 29 Jul 2003 20:29:01 +0200
-
-debootstrap (0.2.2) unstable; urgency=low
-
- * [debian/changelog] Included entries for NMUs 0.1.17.31 through .34 whose
- changes were incorporated by aj already.
- * [Makefile] Invoke MAKEDEV through its FHS location (noted by Matt
- Zimmerman). (Closes: #190239)
- * Acknowledge older NMUs whose changes have been incoporated.
- (Closes: #135675, #161695, #191849)
-
- -- J.H.M. Dassen (Ray) Tue, 29 Jul 2003 18:31:49 +0200
-
-debootstrap (0.2.1) unstable; urgency=low
-
- * The Day of the Daffodils release.
-
- * Accept NMUs up to 0.1.17.30. Thanks guys! (Closes: Bug#148377,
- Bug#150161, Bug#150492, Bug#153962, Bug#154463, Bug#155906,
- Bug#160879, Bug#161469, Bug#161469, Bug#161722, Bug#163860,
- Bug#172118, Bug#176221, Bug#179504, Bug#179725, Bug#185397,
- Bug#187893, Bug#188053, Bug#189472, Bug#189551, Bug#190108,
- Bug#191288, Bug#193794, Bug#193806, Bug#195012, Bug#195742,
- Bug#199333, Bug#201066)
- * JHM added to Uploaders.
-
- * Change the info/error/warning/progress calls to include a unique word
- for each string, a printf format string, and any arguments to the
- printf string.
- * Add support for debian-installer interaction
-
- * Add some support for l10n. Gettext is used if it's available; no
- translations are included as of yet. This support doesn't
- affect debian-installer, which has its own stuff for i18n, nor
- boot-floppies. (Closes: Bug#125647)
-
- * Some initial support for cross-bootstrapping in the sid script.
-
- * Use dpkg --print-installation-architecture instead of
- --print-architecture. (Closes: Bug#138526, Bug#159720)
-
- * Add new dependencies of debconf: debconf-i18n liblocale-gettext-perl
- libtext-wrapi18n-perl libtext-charwidth-perl. (Closes: Bug#201066)
- * Add new dependencies of libldap2: libgnutls7 libgcrypt1 liblzo1
- libopencdk4 libtasn1-0 zlib1g. (Closes: Bug#201663)
- * Remove libgdbmg1. (Closes: Bug#202304)
- * Add new dependecies of e2fsprogs: e2fslibs libcomerr2 libss2 libuuid1.
- (Closes: Bug#203033)
- * Add wget to base. (Closes: Bug#145635)
- * Switch from netkit-ping to iputils-ping.
-
- * Changed the manpage a little. (Closes: Bug#126864)
- * Updated README.Debian.
-
- -- Anthony Towns Tue, 29 Jul 2003 18:15:24 +1000
-
-debootstrap (0.1.17.34) unstable; urgency=medium
-
- * [sid] Added e2fsprogs' new predependencies (e2fslibs, libcomerr2, libss2,
- libuuid1).
- * [sarge] Removed libgdbmg1 as it is no longer needed.
-
- -- J.H.M. Dassen (Ray) Sun, 27 Jul 2003 09:20:49 +0200
-
-debootstrap (0.1.17.33) unstable; urgency=medium
-
- * [sid] Removed libgdbmg1 as it is no longer needed.
- * [sarge] libldap2 now Depends: libgnutls7, libsasl2; added those and their
- dependencies (libgcrypt1 liblzo1 libopencdk4 libtasn1-0 zlib1g). Dropped
- libsasl7 in favour of libsasl2.
-
- -- J.H.M. Dassen (Ray) Mon, 21 Jul 2003 19:00:28 +0200
-
-debootstrap (0.1.17.32) unstable; urgency=medium
-
- * [sid] libldap2 now Depends: libgnutls7; added that and its dependencies
- (libgcrypt1 liblzo1 libopencdk4 libtasn1-0 zlib1g); dropped libssl0.9.7 .
-
- -- J.H.M. Dassen (Ray) Thu, 17 Jul 2003 07:05:09 +0200
-
-debootstrap (0.1.17.31) unstable; urgency=medium
-
- * [sid] Follow debconf changes. debconf now Depends: debconf-i18n |
- debconf-english; debconf-i18n having Priority: important and
- debconf-english having Priority: extra, so we satisfy the dependency
- through debconf-i18n. debconf-i18n in turn pulls in three additional
- packages: liblocale-gettext-perl, libtext-wrapi18n-perl,
- libtext-charwidth-perl .
-
- -- J.H.M. Dassen (Ray) Sun, 13 Jul 2003 08:52:55 +0200
-
-debootstrap (0.1.17.30) unstable; urgency=medium
-
- * [sarge]
- * Added sysv-rc for /usr/sbin/update-rc.d .
- * Added initscripts to satisfy sysvinit's predependency.
- * libparted1.6-0 has replaced libparted1.4 on ia64. (Closes: #197957)
-
- -- J.H.M. Dassen (Ray) Mon, 30 Jun 2003 07:05:22 +0200
-
-debootstrap (0.1.17.29) unstable; urgency=medium
-
- * [sid] libconsole has replaced console-tools-libs. (Closes: #195722)
- * [sarge] libperl5.6 has been replaced by libperl5.8 . (Closes: #195588)
-
- -- J.H.M. Dassen (Ray)