From 4e535b6b8bc1ceef209b63f24bcbc3067f29c6c5 Mon Sep 17 00:00:00 2001 From: Antoine Catton Date: Sun, 23 Feb 2014 20:22:06 -0700 Subject: [PATCH 1/7] Docfix: ssh service listen on port 22 --- cdist/conf/type/__iptables_rule/man.text | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__iptables_rule/man.text b/cdist/conf/type/__iptables_rule/man.text index eb230093..2f5b9785 100644 --- a/cdist/conf/type/__iptables_rule/man.text +++ b/cdist/conf/type/__iptables_rule/man.text @@ -41,7 +41,7 @@ __iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISH # Some service rules __iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT" -__iptables_rule ssh --rule "-A INPUT -p tcp --dport 80 -j ACCEPT" +__iptables_rule ssh --rule "-A INPUT -p tcp --dport 22 -j ACCEPT" __iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT" # Ensure some rules are not present anymore From 1c0d74f7db1163b5f673d58ad0481f58c28ec74e Mon Sep 17 00:00:00 2001 From: og Date: Sun, 2 Mar 2014 17:18:25 -0700 Subject: [PATCH 2/7] openbsd stat works the same way that freebsd's does --- cdist/conf/type/__file/explorer/stat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat index 298221b7..52570379 100755 --- a/cdist/conf/type/__file/explorer/stat +++ b/cdist/conf/type/__file/explorer/stat @@ -25,7 +25,7 @@ destination="/$__object_id" os=$("$__explorer/os") case "$os" in - "freebsd") + "freebsd"|"openbsd") # FIXME: should be something like this based on man page, but can not test stat -f "type: %ST owner: %Du %Su From 5cbdf981c0003ba1b958ef7ba937404cc7cf71ed Mon Sep 17 00:00:00 2001 From: og Date: Sun, 2 Mar 2014 17:32:14 -0700 Subject: [PATCH 3/7] adding pkg_path parameter to be explicitly set, this is important for using -current, as os_version always parses to a release version (e.g. 5.5) but the path that mirrors have is /snapshots/ --- cdist/conf/type/__package_pkg_openbsd/gencode-remote | 8 ++++++-- cdist/conf/type/__package_pkg_openbsd/parameter/optional | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__package_pkg_openbsd/gencode-remote b/cdist/conf/type/__package_pkg_openbsd/gencode-remote index 1df87997..9d760655 100755 --- a/cdist/conf/type/__package_pkg_openbsd/gencode-remote +++ b/cdist/conf/type/__package_pkg_openbsd/gencode-remote @@ -50,8 +50,11 @@ fi pkg_version="$(cat "$__object/explorer/pkg_version")" -# TODO: Shouldn't be hardcoded -echo export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/$os_version/packages/$machine/ +if [ -f "$__object/parameter/pkg_path" ]; then + pkg_path="$(cat "$__object/parameter/pkg_path")" +else + pkg_path="ftp://ftp.openbsd.org/pub/OpenBSD/$os_version/packages/$machine/" +fi if [ "$pkg_version" ]; then state_is="present" @@ -65,6 +68,7 @@ case "$state_should" in present) # use this because pkg_add doesn't properly handle errors cat << eof +export PKG_PATH="$pkg_path" status=\$(pkg_add "$pkgopts" "$name--$flavor") # no error diff --git a/cdist/conf/type/__package_pkg_openbsd/parameter/optional b/cdist/conf/type/__package_pkg_openbsd/parameter/optional index 77fd22b3..43278d16 100644 --- a/cdist/conf/type/__package_pkg_openbsd/parameter/optional +++ b/cdist/conf/type/__package_pkg_openbsd/parameter/optional @@ -1,3 +1,4 @@ name flavor state +pkg_path From 6a455be63a874b7b63bdde34499f86222e749166 Mon Sep 17 00:00:00 2001 From: og Date: Sun, 2 Mar 2014 17:34:36 -0700 Subject: [PATCH 4/7] openbsd and freebsd both use the 'passwd' database --- cdist/conf/type/__user/explorer/shadow | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cdist/conf/type/__user/explorer/shadow b/cdist/conf/type/__user/explorer/shadow index a949ec51..59abaa8a 100755 --- a/cdist/conf/type/__user/explorer/shadow +++ b/cdist/conf/type/__user/explorer/shadow @@ -26,9 +26,10 @@ os="$($__explorer/os)" # Default to using shadow passwords database="shadow" -if [ "$os" = "freebsd" ]; then - database="passwd" -fi +case "$os" in + "freebsd"|"openbsd") database="passwd";; +esac + getent "$database" "$name" || true From ef1f9bf6331add3878fc3c4836e7cf49cb59c95a Mon Sep 17 00:00:00 2001 From: og Date: Sun, 2 Mar 2014 17:44:22 -0700 Subject: [PATCH 5/7] updated documentation to reflect new parameter --- cdist/conf/type/__package_pkg_openbsd/man.text | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cdist/conf/type/__package_pkg_openbsd/man.text b/cdist/conf/type/__package_pkg_openbsd/man.text index f523a892..c7de2652 100644 --- a/cdist/conf/type/__package_pkg_openbsd/man.text +++ b/cdist/conf/type/__package_pkg_openbsd/man.text @@ -29,6 +29,8 @@ flavor:: state:: Either "present" or "absent", defaults to "present" +pkg_path:: + Manually specify a PKG_PATH to add packages from. EXAMPLES -------- @@ -45,6 +47,10 @@ __package_pkg_openbsd python --state present --name python2 # Remove obsolete package __package_pkg_openbsd puppet --state absent + +# Add a package using a particular mirror +__package_pkg_openbsd bash \ + --pkg_path http://openbsd.mirrorcatalogs.com/snapshots/packages/amd64 -------------------------------------------------------------------------------- From 19f6126a0f6895a2b28ee58037d24d5b64f6809c Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Mon, 3 Mar 2014 07:42:27 +0100 Subject: [PATCH 6/7] ++changes Signed-off-by: Nico Schottelius --- docs/changelog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/changelog b/docs/changelog index 66a83b31..e7ac935d 100644 --- a/docs/changelog +++ b/docs/changelog @@ -8,6 +8,10 @@ Changelog next: * Type __git: Pass onwer/group/mode values to __directory * Type __ssh_authorized_keys: Allow managing existing keys (Steven Armstrong) + * Type __iptable_rule: Fix example documentation (Antoine Catton) + * Type __file: Enhance OpenBSD Support (og) + * Type __package_pkg_openbsd: Allow to change PKG_PATH (og) + * Type __user: Enhance OpenBSD Support (og) 3.0.9: 2014-02-14 From 0a98abbffadbc8a0c2bdbe087fdbef025cfd4f0a Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Tue, 11 Mar 2014 15:39:08 +0100 Subject: [PATCH 7/7] add messaging support for __key_value Signed-off-by: Nico Schottelius --- cdist/conf/type/__key_value/gencode-remote | 5 ++++- cdist/conf/type/__key_value/man.text | 9 +++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__key_value/gencode-remote b/cdist/conf/type/__key_value/gencode-remote index b79d9688..e1041a02 100755 --- a/cdist/conf/type/__key_value/gencode-remote +++ b/cdist/conf/type/__key_value/gencode-remote @@ -1,7 +1,7 @@ #!/bin/sh # # 2011 Steven Armstrong (steven-cdist at armstrong.cc) -# 2012 Nico Schottelius (nico-cdist at schottelius.org) +# 2012-2014 Nico Schottelius (nico-cdist at schottelius.org) # # This file is part of cdist. # @@ -42,12 +42,14 @@ cp -p "$file" "\$tmpfile" sed '/^$key\($delimiter\+\)/d' "$file" > "\$tmpfile" mv -f "\$tmpfile" "$file" DONE + echo "remove" >> "$__messages_out" ;; present) case "$state_is" in absent) # add new key and value printf 'echo "%s%s%s" >> "%s"' "$key" "$delimiter" "$value_escaped" "$file" + echo "add" >> "$__messages_out" ;; wrongvalue) # change exisiting value @@ -58,6 +60,7 @@ cp -p "$file" "\$tmpfile" sed "s|^$key\($delimiter\+\).*|$key\\1$value_escaped|" "$file" > "\$tmpfile" mv -f "\$tmpfile" "$file" DONE + echo "changevalue" >> "$__messages_out" ;; *) echo "Unknown explorer state: $state_is" >&2 diff --git a/cdist/conf/type/__key_value/man.text b/cdist/conf/type/__key_value/man.text index 1423fc7d..7def7139 100644 --- a/cdist/conf/type/__key_value/man.text +++ b/cdist/conf/type/__key_value/man.text @@ -32,6 +32,15 @@ key:: value:: The value for the key. Optional if state=absent, required otherwise. +MESSAGES +-------- +create:: + Added key and value +change:: + Changed value of existing key +remove:: + Removed existing key and value + EXAMPLES --------