Improve OpenBSD support (#720)

* [type/__timezone] Whitelist OpenBSD OpenBSD ships /etc/localtime and /usr/share/zoneinfo by default. * [type/__postgres_{database,role}] Add explorer support for OpenBSD On OpenBSD the "postgres" user is called "_postgresql". The "postgres" database must me specifically specified as it differs from the user name. * [type/__postgres_{database,role}] Add gencode support for OpenBSD On OpenBSD the "postgres" user is called "_postgresql". The "postgres" database must me specifically specified when using psql as it differs from the user name. * [type/__postgres_role] Query DB if role exists instead of screen scaping * [type/__postgres_database] Query DB if database exists instead * [type/__postgres_{database,role}] Add user for NetBSD * [type/__postgres_extension] Add support for OpenBSD and NetBSD * [__ssh_authorized_key] Add OpenBSD support to entry explorer Make sure to adhere to re_format(7) for OpenBSD compatibility. https://man.openbsd.org/re_format.7 * [type/__start_on_boot] Add support for OpenBSD
2018-11-03 19:17:56 +01:00 · 2018-11-03 19:17:56 +01:00 · a34060d703
commit a34060d703
parent 6d70205319
9 changed files with 105 additions and 17 deletions
--- a/cdist/conf/type/__postgres_database/explorer/state
+++ b/cdist/conf/type/__postgres_database/explorer/state
@ -18,10 +18,25 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #

+case "$("${__explorer}/os")"
+in
+    netbsd)
+        postgres_user='pgsql'
+        ;;
+    openbsd)
+        postgres_user='_postgresql'
+        ;;
+    *)
+        postgres_user='postgres'
+        ;;
+esac
+
+
 name="$__object_id"

-if su - postgres -c "echo '\\q' | psql '$name'" 2>/dev/null; then
-   echo "present"
+if test -n "$(su - "$postgres_user" -c "psql postgres -tAc \"SELECT 1 FROM pg_database WHERE datname='$name'\"")"
+then
+    echo 'present'
 else
-   echo "absent"
+    echo 'absent'
 fi
--- a/cdist/conf/type/__postgres_database/gencode-remote
+++ b/cdist/conf/type/__postgres_database/gencode-remote
@ -18,6 +18,20 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #

+case "$(cat "${__global}/explorer/os")"
+in
+   netbsd)
+      postgres_user='pgsql'
+      ;;
+   openbsd)
+      postgres_user='_postgresql'
+      ;;
+   *)
+      postgres_user='postgres'
+      ;;
+esac
+
+
 name="$__object_id"
 state_should="$(cat "$__object/parameter/state")"
 state_is="$(cat "$__object/explorer/state")"
@ -29,10 +43,10 @@ if [ "$state_should" != "$state_is" ]; then
         if [ -f "$__object/parameter/owner" ]; then
            owner="-O '$(cat "$__object/parameter/owner")'"
         fi
-         echo "su - postgres -c \"createdb $owner '$name'\""
+         echo "su - '$postgres_user' -c \"createdb $owner '$name'\""
      ;;
      absent)
-         echo "su - postgres -c \"dropdb '$name'\""
+         echo "su - '$postgres_user' -c \"dropdb '$name'\""
      ;;
   esac
 fi
--- a/cdist/conf/type/__postgres_extension/gencode-remote
+++ b/cdist/conf/type/__postgres_extension/gencode-remote
@ -22,6 +22,20 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #

+case "$(cat "${__global}/explorer/os")"
+in
+   netbsd)
+      postgres_user='pgsql'
+      ;;
+   openbsd)
+      postgres_user='_postgresql'
+      ;;
+   *)
+      postgres_user='postgres'
+      ;;
+esac
+
+
 dbname=$(    echo "$__object_id" | cut -d":" -f1 )
 extension=$( echo "$__object_id" | cut -d":" -f2 )

@ -30,10 +44,10 @@ state_should=$( cat "$__object/parameter/state" )
 case "$state_should" in
    present)
         cmd="CREATE EXTENSION IF NOT EXISTS $extension"
-         echo "su - postgres -c 'psql -c \"$cmd\" \"$dbname\"'"
+         echo "su - '$postgres_user' -c 'psql -c \"$cmd\" \"$dbname\"'"
    ;;
    absent)
-         cmd="DROP   EXTENSION IF     EXISTS $extension"
-         echo "su - postgres -c 'psql -c \"$cmd\" \"$dbname\"'"
+         cmd="DROP EXTENSION IF EXISTS $extension"
+         echo "su - '$postgres_user' -c 'psql -c \"$cmd\" \"$dbname\"'"
    ;;
 esac
--- a/cdist/conf/type/__postgres_role/explorer/state
+++ b/cdist/conf/type/__postgres_role/explorer/state
@ -18,10 +18,25 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #

+case "$("${__explorer}/os")"
+in
+    netbsd)
+        postgres_user='pgsql'
+        ;;
+    openbsd)
+        postgres_user='_postgresql'
+        ;;
+    *)
+        postgres_user='postgres'
+        ;;
+esac
+
+
 name="$__object_id"

-if su - postgres -c "psql -c '\\du' | grep -q '^ *$name *|'"; then
-   echo "present"
+if test -n "$(su - "$postgres_user" -c "psql postgres -tAc \"SELECT 1 FROM pg_roles WHERE rolname='$name'\"")"
+then
+    echo 'present'
 else
-   echo "absent"
+    echo 'absent'
 fi
--- a/cdist/conf/type/__postgres_role/gencode-remote
+++ b/cdist/conf/type/__postgres_role/gencode-remote
@ -18,6 +18,20 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #

+case "$(cat "${__global}/explorer/os")"
+in
+    netbsd)
+        postgres_user='pgsql'
+        ;;
+    openbsd)
+        postgres_user='_postgresql'
+        ;;
+    *)
+        postgres_user='postgres'
+        ;;
+esac
+
+
 name="$__object_id"
 state_is="$(cat "$__object/explorer/state")"
 state_should="$(cat "$__object/parameter/state")"
@ -38,12 +52,12 @@ case "$state_should" in
            booleans="$booleans $upper"
        done

-         [ -n "$password" ] && password="PASSWORD '$password'"
+        [ -n "$password" ] && password="PASSWORD '$password'"

-         cmd="CREATE ROLE $name WITH $password $booleans"
-         echo "su - postgres -c \"psql -c \\\"$cmd\\\"\""
+        cmd="CREATE ROLE $name WITH $password $booleans"
+        echo "su - '$postgres_user' -c \"psql postgres -c '$cmd'\""
    ;;
    absent)
-        echo "su - postgres -c \"dropuser \\\"$name\\\"\""
+        echo "su - '$postgres_user' -c \"dropuser '$name'\""
    ;;
 esac
--- a/cdist/conf/type/__ssh_authorized_key/explorer/entry
+++ b/cdist/conf/type/__ssh_authorized_key/explorer/entry
@ -27,5 +27,8 @@ then
    file="$(cat "$__object/parameter/file")"

    # get any entries that match the type and key
-    grep ".*$type_and_key\\([ \\n]\\|$\\)" "$file" || true
+
+    # NOTE: Do not match from the beginning of the line as there may be options
+    # preceeding the key.
+    grep "${type_and_key}\\([ \\n].*\\)*$" "$file" || true
 fi
--- a/cdist/conf/type/__start_on_boot/explorer/state
+++ b/cdist/conf/type/__start_on_boot/explorer/state
@ -83,6 +83,10 @@ else
            state="absent"
            service -e | grep "/$name$" && state="present"
        ;;
+        openbsd)
+            state='absent'
+            # OpenBSD 5.7 and higher
+            rcctl ls on | grep "^${name}$" && state='present'
        *)
           echo "Unsupported os: $os" >&2
           exit 1
--- a/cdist/conf/type/__start_on_boot/gencode-remote
+++ b/cdist/conf/type/__start_on_boot/gencode-remote
@ -81,6 +81,11 @@ case "$state_should" in
                    :  # handled in manifest
                ;;

+                openbsd)
+                    # OpenBSD 5.7 and phigher
+                    echo "rcctl enable '$name'"
+                ;;
+
                *)
                   echo "Unsupported os: $os" >&2
                   exit 1
--- a/cdist/conf/type/__timezone/manifest
+++ b/cdist/conf/type/__timezone/manifest
@ -34,7 +34,11 @@ case "$os" in
        __package timezone
        export require="__package/timezone"
    ;;
-    freebsd|netbsd|coreos)
+    freebsd|netbsd|openbsd)
+        # whitelist
+        :
+    ;;
+    coreos)
        # whitelist
        :
    ;;