From f58d662b32fb9c1c226b5340ccd06c6dd3e2a3f9 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Fri, 1 May 2020 15:28:01 +0200 Subject: [PATCH 01/22] [__pyvenv] Switch to python3 -m venv for ubuntu --- cdist/conf/type/__pyvenv/gencode-remote | 3 ++- cdist/conf/type/__pyvenv/man.rst | 5 ++--- docs/changelog | 4 ++++ 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/cdist/conf/type/__pyvenv/gencode-remote b/cdist/conf/type/__pyvenv/gencode-remote index 9c7b7fab..c5b64eff 100755 --- a/cdist/conf/type/__pyvenv/gencode-remote +++ b/cdist/conf/type/__pyvenv/gencode-remote @@ -1,6 +1,7 @@ #!/bin/sh -e # # 2016 Darko Poljak (darko.poljak at gmail.com) +# 2020 Nico Schotetlius (nico.schottelius at ungleich.ch) # # This file is part of cdist. # @@ -45,7 +46,7 @@ then pyvenv=$(cat "$pyvenvparam") else case "$os" in - alpine) # no pyvenv on alpine - I assume others will follow + alpine|ubuntu) # no pyvenv on alpine - I assume others will follow pyvenv="python3 -m venv" ;; *) diff --git a/cdist/conf/type/__pyvenv/man.rst b/cdist/conf/type/__pyvenv/man.rst index d7de92fa..8085ff12 100644 --- a/cdist/conf/type/__pyvenv/man.rst +++ b/cdist/conf/type/__pyvenv/man.rst @@ -9,7 +9,7 @@ cdist-type__pyvenv - Create or remove python virtual environment DESCRIPTION ----------- This cdist type allows you to create or remove python virtual -environment using pyvenv. +environment using pyvenv on python3 -m venv. It assumes pyvenv is already installed. Concrete package depends on concrete OS and/or OS version/distribution. Ensure this for e.g. in your init manifest as in the following example: @@ -57,7 +57,7 @@ EXAMPLES __pyvenv /home/services/djangoenv - # Use specific pyvenv + # Use specific pyvenv __pyvenv /home/foo/fooenv --pyvenv /usr/local/bin/pyvenv-3.4 # Create python virtualenv for user foo. @@ -76,4 +76,3 @@ COPYING ------- Copyright \(C) 2016 Darko Poljak. Free use of this software is granted under the terms of the GNU General Public License v3 or later (GPLv3+). - diff --git a/docs/changelog b/docs/changelog index e6a7927e..4ee47d37 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,6 +1,10 @@ Changelog --------- +next: + * Type __pyvenv: Switch to python3 -m venv for Ubuntu (Nico Schottelius) + + 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) * Type __postgres_database: Add encoding, lc-collate, lc-ctype, template parameters (Timothée Floure) From d4059fd29ecb93e094c411bb8ca09a234904b763 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Fri, 1 May 2020 15:31:23 +0200 Subject: [PATCH 02/22] [__letsencrypt_cert] whitelist Ubuntu --- cdist/conf/type/__letsencrypt_cert/manifest | 3 +++ docs/changelog | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index 68ecf9d4..b4464366 100755 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -91,6 +91,9 @@ if [ -z "${certbot_fullpath}" ]; then certbot_fullpath=/usr/local/bin/certbot ;; + ubuntu) + __package certbot + ;; *) echo "Unsupported os: $os" >&2 exit 1 diff --git a/docs/changelog b/docs/changelog index 4ee47d37..e61933ab 100644 --- a/docs/changelog +++ b/docs/changelog @@ -3,7 +3,7 @@ Changelog next: * Type __pyvenv: Switch to python3 -m venv for Ubuntu (Nico Schottelius) - + * Type __letsencrypt_cert: Whitelist Ubuntu (Nico Schottelius) 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) From 6f4649efc69593fb4178fb6c2c5c95bbd93054d1 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Fri, 8 May 2020 16:08:21 +0200 Subject: [PATCH 03/22] Reference the new cdist chat on matrix --- docs/src/cdist-support.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/cdist-support.rst b/docs/src/cdist-support.rst index 19afde2f..f9f61f01 100644 --- a/docs/src/cdist-support.rst +++ b/docs/src/cdist-support.rst @@ -3,7 +3,7 @@ Support Chat ~~~~ -Chat with us: `ungleich chat `_. +Chat with us on `#cdist:ungleich.ch `_. Mailing list ~~~~~~~~~~~~ From 42f2dceeb12fee55616202bf085e6823d18ee714 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 9 May 2020 18:40:44 +0200 Subject: [PATCH 04/22] [__link] fix typo in the manual --- cdist/conf/type/__link/man.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__link/man.rst b/cdist/conf/type/__link/man.rst index fe0ce425..2e81aea9 100644 --- a/cdist/conf/type/__link/man.rst +++ b/cdist/conf/type/__link/man.rst @@ -18,7 +18,7 @@ source Specifies the link source. type - Specifies the link type: Either hard or symoblic. + Specifies the link type: Either hard or symbolic. OPTIONAL PARAMETERS From dcfabf9268865794602d3e59af2f312a1b0392f0 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 16 May 2020 14:00:02 +0200 Subject: [PATCH 05/22] [__cron] add hint for default values of time-related parameters This should resolve some misunderstanding when leave a time-related parameter with it's default value. --- cdist/conf/type/__cron/man.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cdist/conf/type/__cron/man.rst b/cdist/conf/type/__cron/man.rst index d0694738..e39bfb5c 100644 --- a/cdist/conf/type/__cron/man.rst +++ b/cdist/conf/type/__cron/man.rst @@ -21,6 +21,11 @@ command OPTIONAL PARAMETERS ------------------- +**NOTE**: All time-related parameters (``--minute``, ``--hour``, ``--day_of_month`` +``--month`` and ``--day_of_week``) defaults to ``*``, which means to execute it +**always**. If you set ``--hour 0`` to execute the cronjob only at midnight, it +will execute **every** minute in the first hour of the morning all days. + state Either present or absent. Defaults to present. minute From 086e683c997729817300c600307592c6fc02ffd8 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 16 May 2020 16:33:38 +0200 Subject: [PATCH 06/22] [__file] add "default values" in manual for group, mode and owner Because at least the --mode default value may not be expected, the manual lists the "default values". As they are not explicitly set in the `__file` type, it is a bit more difficult, but should resolve to following: - the mode comes from the umask set in the cdist code to protect file creation and uses the strongest umask possible. - the owner and group comes from the ssh user, which should always be the root user. (I think this can be swaped, too, but who will?) At the owner and group parameter, it could be replaced with something like "the ssh user and group", which would be more correct, but less understandable. --- cdist/conf/type/__file/man.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cdist/conf/type/__file/man.rst b/cdist/conf/type/__file/man.rst index 7a0603bb..2f3b9e69 100644 --- a/cdist/conf/type/__file/man.rst +++ b/cdist/conf/type/__file/man.rst @@ -50,13 +50,13 @@ state create or modify it group - Group to chgrp to. + Group to chgrp to. Defaults to ``root``. mode - Unix permissions, suitable for chmod. + Unix permissions, suitable for chmod. Defaults to a very secure ``0600``. owner - User to chown to. + User to chown to. Defaults to ``root``. source If supplied, copy this file from the host running cdist to the target. From 7ca2bfc14a8ed0cb73b3a01c85a562060264d02b Mon Sep 17 00:00:00 2001 From: Evilham Date: Mon, 18 May 2020 16:00:23 +0200 Subject: [PATCH 07/22] [explorer/machine_type] Add support for FreeBSD. More research is needed for {Net,Open}BSD support. Indentation is left as-is for the linux code as I intend to simplify it in a future MR, this way the diff is minimal. --- cdist/conf/explorer/machine_type | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/cdist/conf/explorer/machine_type b/cdist/conf/explorer/machine_type index bb21f69c..fe0ae7d5 100755 --- a/cdist/conf/explorer/machine_type +++ b/cdist/conf/explorer/machine_type @@ -2,6 +2,7 @@ # # 2014 Daniel Heule (hda at sfs.biz) # 2014 Thomas Oettli (otho at sfs.biz) +# 2020 Evilham (contact at evilham.com) # # This file is part of cdist. # @@ -18,9 +19,27 @@ # You should have received a copy of the GNU General Public License # along with cdist. If not, see . # -# -# FIXME: other system types (not linux ...) +os=$("$__explorer/os") + +case "$os" in + "freebsd") + # FreeBSD does not have /proc/cpuinfo even when procfs is used. + # Instead there is a sysctl kern.vm_guest. + # Which is 'none' if physical, else the virtualisation. + vm_guest="$(sysctl -n kern.vm_guest 2>/dev/null || true)" + if [ -n "${vm_guest}" ]; then + if [ "${vm_guest}" = "none" ]; then + echo "physical" + exit + fi + echo "virtual_by_${vm_guest}" + exit + fi + ;; + + *) + # Defaulting to linux for compatibility with previous cdist behaviour if [ -d "/proc/vz" ] && [ ! -d "/proc/bc" ]; then echo openvz @@ -72,9 +91,13 @@ if [ -r /proc/cpuinfo ]; then fi fi echo "virtual_by_unknown" + exit else echo "physical" + exit fi -else - echo "unknown" fi + ;; +esac + +echo "unknown" From cf44c4a01bcfba95e11ba8d6aa64156c5470adc1 Mon Sep 17 00:00:00 2001 From: Evilham Date: Mon, 18 May 2020 16:35:50 +0200 Subject: [PATCH 08/22] [explorer/machine_type] Simplify Linux + basic OpenBSD support. By abstracting away vendor-dependent pattern matching for the linux code, we can re-use that and be reasonably sure about OpenBSD machines being virtualised when we can identify the undelrying virtualisation technology. It remains to be solved how to tell if an OpenBSD machine is physical; in that case previous cdist behaviour ("unknown") remains. For NetBSD something similar to OpenBSD could be done, with different sysctls: hw.machine and hw.model wary of adding those without testing though, so for NetBSD previous cdist behaviour ("unknown") remains. https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7.i386+NetBSD-9.0 --- cdist/conf/explorer/machine_type | 116 ++++++++++++++++--------------- 1 file changed, 61 insertions(+), 55 deletions(-) diff --git a/cdist/conf/explorer/machine_type b/cdist/conf/explorer/machine_type index fe0ae7d5..6800234d 100755 --- a/cdist/conf/explorer/machine_type +++ b/cdist/conf/explorer/machine_type @@ -22,6 +22,18 @@ os=$("$__explorer/os") +vendor_string_to_machine_type() { + for vendor in vmware bochs kvm qemu virtualbox bhyve; do + if echo "${1}" | grep -q -i "${vendor}"; then + if [ "${vendor}" = "bochs" -o "${vendor}" = "qemu" ]; then + vendor="kvm" + fi + echo "virtual_by_${vendor}" + exit + fi + done +} + case "$os" in "freebsd") # FreeBSD does not have /proc/cpuinfo even when procfs is used. @@ -38,65 +50,59 @@ case "$os" in fi ;; + "openbsd") + # OpenBSD can also use the sysctl's: hw.vendor or hw.product. + # Note we can be reasonably sure about a machine being virtualised + # as long as we can identify the virtualisation technology. + # But not so much about it being physical... + # Patches are welcome / reach out if you have better ideas. + for sysctl in hw.vendor hw.product; do + # This exits if we can make a reasonable judgement + vendor_string_to_machine_type "$(sysctl -n "${sysctl}")" + done + ;; + *) # Defaulting to linux for compatibility with previous cdist behaviour -if [ -d "/proc/vz" ] && [ ! -d "/proc/bc" ]; then - echo openvz - exit -fi - -if [ -e "/proc/1/environ" ] && - tr '\000' '\n' < "/proc/1/environ" | grep -Eiq '^container='; then - echo lxc - exit -fi - -if [ -r /proc/cpuinfo ]; then - # this should only exist on virtual guest machines, - # tested on vmware, xen, kvm - if grep -q "hypervisor" /proc/cpuinfo; then - # this file is aviable in xen guest systems - if [ -r /sys/hypervisor/type ]; then - if grep -q -i "xen" /sys/hypervisor/type; then - echo virtual_by_xen - exit - fi - else - if [ -r /sys/class/dmi/id/product_name ]; then - if grep -q -i 'vmware' /sys/class/dmi/id/product_name; then - echo "virtual_by_vmware" - exit - elif grep -q -i 'bochs' /sys/class/dmi/id/product_name; then - echo "virtual_by_kvm" - exit - elif grep -q -i 'virtualbox' /sys/class/dmi/id/product_name; then - echo "virtual_by_virtualbox" - exit - fi - fi - - if [ -r /sys/class/dmi/id/sys_vendor ]; then - if grep -q -i 'qemu' /sys/class/dmi/id/sys_vendor; then - echo "virtual_by_kvm" - exit - fi - fi - - if [ -r /sys/class/dmi/id/chassis_vendor ]; then - if grep -q -i 'qemu' /sys/class/dmi/id/chassis_vendor; then - echo "virtual_by_kvm" - exit - fi - fi + if [ -d "/proc/vz" ] && [ ! -d "/proc/bc" ]; then + echo openvz + exit + fi + + if [ -e "/proc/1/environ" ] && + tr '\000' '\n' < "/proc/1/environ" | grep -Eiq '^container='; then + echo lxc + exit + fi + + if [ -r /proc/cpuinfo ]; then + # this should only exist on virtual guest machines, + # tested on vmware, xen, kvm, bhyve + if grep -q "hypervisor" /proc/cpuinfo; then + # this file is aviable in xen guest systems + if [ -r /sys/hypervisor/type ]; then + if grep -q -i "xen" /sys/hypervisor/type; then + echo virtual_by_xen + exit + fi + else + for vendor_file in /sys/class/dmi/id/product_name \ + /sys/class/dmi/id/sys_vendor \ + /sys/class/dmi/id/chasis_vendor; do + if [ -r ${vendor_file} ]; then + # This exits if we can make a reasonable judgement + vendor_string_to_machine_type "$(cat "${vendor_file}")" + fi + done + fi + echo "virtual_by_unknown" + exit + else + echo "physical" + exit + fi fi - echo "virtual_by_unknown" - exit - else - echo "physical" - exit - fi -fi ;; esac From 8b790b0a54aecf93298c97948c48be80b67ca7b5 Mon Sep 17 00:00:00 2001 From: Evilham Date: Mon, 18 May 2020 16:47:20 +0200 Subject: [PATCH 09/22] [explorer/machine_type] Make shellcheck happy! --- cdist/conf/explorer/machine_type | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/explorer/machine_type b/cdist/conf/explorer/machine_type index 6800234d..1c84f4d7 100755 --- a/cdist/conf/explorer/machine_type +++ b/cdist/conf/explorer/machine_type @@ -25,7 +25,7 @@ os=$("$__explorer/os") vendor_string_to_machine_type() { for vendor in vmware bochs kvm qemu virtualbox bhyve; do if echo "${1}" | grep -q -i "${vendor}"; then - if [ "${vendor}" = "bochs" -o "${vendor}" = "qemu" ]; then + if [ "${vendor}" = "bochs" ] || [ "${vendor}" = "qemu" ]; then vendor="kvm" fi echo "virtual_by_${vendor}" From 6d502f737aac8a836949d2b4b8a55c8ba20161fa Mon Sep 17 00:00:00 2001 From: Evilham Date: Mon, 18 May 2020 18:37:16 +0200 Subject: [PATCH 10/22] [__ssh_authorizedkey{,s}] Improve documentation. --- cdist/conf/type/__ssh_authorized_key/man.rst | 16 +++++----- cdist/conf/type/__ssh_authorized_keys/man.rst | 29 ++++++++++--------- 2 files changed, 25 insertions(+), 20 deletions(-) diff --git a/cdist/conf/type/__ssh_authorized_key/man.rst b/cdist/conf/type/__ssh_authorized_key/man.rst index 087a3dae..5bae02aa 100644 --- a/cdist/conf/type/__ssh_authorized_key/man.rst +++ b/cdist/conf/type/__ssh_authorized_key/man.rst @@ -15,25 +15,27 @@ This type was created to be used by the __ssh_authorized_keys type. REQUIRED PARAMETERS ------------------- file - the authorized_keys file to which the given key should be added + The authorized_keys file where the given key should be managed. key - a string containing the ssh keytype, base 64 encoded key and optional - trailing comment which shall be added to the given authorized_keys file. + The ssh key which shall be managed in this authorized_keys file. + Must be a string containing the ssh keytype, base 64 encoded key and + optional trailing comment which shall be added to the given + authorized_keys file. OPTIONAL PARAMETERS ------------------- comment - explicit comment instead of the one which may be trailing the given key + Use this comment instead of the one which may be trailing in the key. option - an option to set for this authorized_key entry. + An option to set for this authorized_key entry. Can be specified multiple times. See sshd(8) for available options. state - if the given keys should be 'present' or 'absent', defaults to 'present'. + If the managed key should be 'present' or 'absent', defaults to 'present'. MESSAGES @@ -64,7 +66,7 @@ EXAMPLES SEE ALSO -------- -:strong:`cdist__ssh_authorized_keys`\ (7), :strong:`sshd`\ (8) +:strong:`cdist-type__ssh_authorized_keys`\ (7), :strong:`sshd`\ (8) AUTHORS diff --git a/cdist/conf/type/__ssh_authorized_keys/man.rst b/cdist/conf/type/__ssh_authorized_keys/man.rst index ba310ff9..93357b1d 100644 --- a/cdist/conf/type/__ssh_authorized_keys/man.rst +++ b/cdist/conf/type/__ssh_authorized_keys/man.rst @@ -20,42 +20,45 @@ then left to the user to ensure that the file exists and that ownership and permissions work with ssh. -REQUIRED PARAMETERS -------------------- +REQUIRED MULTIPLE PARAMETERS +---------------------------- key - the ssh key which shall be added to this authorized_keys file. - Must be a string and can be specified multiple times. + An ssh key which shall be managed in this authorized_keys file. + Must be a string containing the ssh keytype, base 64 encoded key and + optional trailing comment which shall be added to the given + authorized_keys file. + Can be specified multiple times. OPTIONAL PARAMETERS ------------------- comment - explicit comment instead of the one which may be trailing the given key + Use this comment instead of the one which may be trailing in each key. file - an alternative destination file, defaults to ~$owner/.ssh/authorized_keys + An alternative destination file, defaults to ~$owner/.ssh/authorized_keys. option - an option to set for all created authorized_key entries. + An option to set for all authorized_key entries in the key parameter. Can be specified multiple times. See sshd(8) for available options. owner - the user owning the authorized_keys file, defaults to object_id. + The user owning the authorized_keys file, defaults to object_id. state - if the given keys should be 'present' or 'absent', defaults to 'present'. + If the given keys should be 'present' or 'absent', defaults to 'present'. BOOLEAN PARAMETERS ------------------ noparent - don't create or change ownership and permissions of the directory containing - the authorized_keys file + Don't create or change ownership and permissions of the directory containing + the authorized_keys file. nofile - don't manage existence, ownership and permissions of the the authorized_keys - file + Don't manage existence, ownership and permissions of the the authorized_keys + file. EXAMPLES From f9afac4dd617c5ee7934cdb03477e6a30ae70af7 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 18 May 2020 19:51:08 +0200 Subject: [PATCH 11/22] ++changelog --- docs/changelog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/changelog b/docs/changelog index e61933ab..013e0083 100644 --- a/docs/changelog +++ b/docs/changelog @@ -4,6 +4,9 @@ Changelog next: * Type __pyvenv: Switch to python3 -m venv for Ubuntu (Nico Schottelius) * Type __letsencrypt_cert: Whitelist Ubuntu (Nico Schottelius) + * Types __cron, __file, __link: Improve manpages (Matthias Stecher) + * Explorer machine_type: Add support for FreeBSD and OpenBSD, and simplify Linux code (Evil Ham) + * Type __ssh_authorized_key, __ssh_authorized_keys: Improve manpages (Evil Ham) 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) From ad58ea79c2cd3edd11a828d26a28975aa332bdd0 Mon Sep 17 00:00:00 2001 From: Evilham Date: Mon, 18 May 2020 20:01:01 +0200 Subject: [PATCH 12/22] [__ssh_authorized_keys] Fix bug where --option was not multiple This went against both documentation and intent. --- cdist/conf/type/__ssh_authorized_keys/parameter/optional | 1 - .../conf/type/__ssh_authorized_keys/parameter/optional_multiple | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 cdist/conf/type/__ssh_authorized_keys/parameter/optional_multiple diff --git a/cdist/conf/type/__ssh_authorized_keys/parameter/optional b/cdist/conf/type/__ssh_authorized_keys/parameter/optional index 21f9bc29..fa64fc43 100644 --- a/cdist/conf/type/__ssh_authorized_keys/parameter/optional +++ b/cdist/conf/type/__ssh_authorized_keys/parameter/optional @@ -1,5 +1,4 @@ comment file -option owner state diff --git a/cdist/conf/type/__ssh_authorized_keys/parameter/optional_multiple b/cdist/conf/type/__ssh_authorized_keys/parameter/optional_multiple new file mode 100644 index 00000000..01925a15 --- /dev/null +++ b/cdist/conf/type/__ssh_authorized_keys/parameter/optional_multiple @@ -0,0 +1 @@ +option From f354d80308b1f048416b2d52a397035a93a8ee03 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 18 May 2020 21:03:29 +0200 Subject: [PATCH 13/22] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 013e0083..782d9bd7 100644 --- a/docs/changelog +++ b/docs/changelog @@ -7,6 +7,7 @@ next: * Types __cron, __file, __link: Improve manpages (Matthias Stecher) * Explorer machine_type: Add support for FreeBSD and OpenBSD, and simplify Linux code (Evil Ham) * Type __ssh_authorized_key, __ssh_authorized_keys: Improve manpages (Evil Ham) + * Type __ssh_authorized_keys: Fix bug where --option was not multiple (Evil Ham) 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) From bf25a18a048ae3e3d1fd4a450d77fe516c18c861 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Fri, 22 May 2020 02:31:38 +0300 Subject: [PATCH 14/22] [__group] fix --gid on freebsd --- cdist/conf/type/__group/gencode-remote | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__group/gencode-remote b/cdist/conf/type/__group/gencode-remote index 6091c548..ff63e218 100755 --- a/cdist/conf/type/__group/gencode-remote +++ b/cdist/conf/type/__group/gencode-remote @@ -88,7 +88,7 @@ if [ "$state" = "present" ]; then fi done if [ "$os" = "freebsd" ]; then - echo pw groupadd "$@" "$name" + echo pw groupadd "$name" "$@" else echo groupadd "$@" "$name" fi From 3bcbd952698cd5a4b8333551660ba308e4f30d7b Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Fri, 22 May 2020 02:36:49 +0300 Subject: [PATCH 15/22] [__motd] debian|ubuntu|devuan use /etc/motd --- cdist/conf/type/__motd/gencode-remote | 7 ------- cdist/conf/type/__motd/manifest | 4 ---- 2 files changed, 11 deletions(-) diff --git a/cdist/conf/type/__motd/gencode-remote b/cdist/conf/type/__motd/gencode-remote index 738ea834..cb7bfc84 100755 --- a/cdist/conf/type/__motd/gencode-remote +++ b/cdist/conf/type/__motd/gencode-remote @@ -22,13 +22,6 @@ os=$(cat "$__global/explorer/os") case "$os" in - debian|ubuntu|devuan) - - # Debian and Ubuntu need to be updated, - # as seen in /etc/init.d/bootlogs - echo "uname -snrvm > /var/run/motd" - echo "cat /etc/motd.tail >> /var/run/motd" - ;; freebsd) # FreeBSD only updates /etc/motd on boot, # as seen in /etc/rc.d/motd diff --git a/cdist/conf/type/__motd/manifest b/cdist/conf/type/__motd/manifest index ded734d7..b8f74ebf 100755 --- a/cdist/conf/type/__motd/manifest +++ b/cdist/conf/type/__motd/manifest @@ -33,10 +33,6 @@ os=$(cat "$__global/explorer/os") case "$os" in - debian|ubuntu|devuan) - # Debian-based systems use /etc/motd.tail as a template - destination=/etc/motd.tail - ;; freebsd) # FreeBSD uses motd.template to prepend system information on boot # (this actually only applies starting with version 13, From 226ed02c1c2556ed30e4f8aaf1946099bd590725 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 22 May 2020 10:09:05 +0200 Subject: [PATCH 16/22] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index 782d9bd7..f0aa3aa7 100644 --- a/docs/changelog +++ b/docs/changelog @@ -8,6 +8,8 @@ next: * Explorer machine_type: Add support for FreeBSD and OpenBSD, and simplify Linux code (Evil Ham) * Type __ssh_authorized_key, __ssh_authorized_keys: Improve manpages (Evil Ham) * Type __ssh_authorized_keys: Fix bug where --option was not multiple (Evil Ham) + * Type __motd: Debian/Ubuntu/Devuan use /etc/motd (Ander Punnar) + * Type __group: Fix --gid on FreeBSD (Ander Punnar) 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) From 66f4421089660fc0a083abe3d2c93470eacd55ce Mon Sep 17 00:00:00 2001 From: Jaak Ristioja Date: Fri, 22 May 2020 17:14:29 +0300 Subject: [PATCH 17/22] [docs] Fixed two typos in cdist.cfg.skeleton Signed-off-by: Jaak Ristioja --- configuration/cdist.cfg.skeleton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/cdist.cfg.skeleton b/configuration/cdist.cfg.skeleton index bfac9f5c..91c5ab02 100644 --- a/configuration/cdist.cfg.skeleton +++ b/configuration/cdist.cfg.skeleton @@ -26,7 +26,7 @@ # # init_manifest # Specify default initial manifest. -# init_mainfest = +# init_manifest = # # inventory_dir # Specify inventory directory. From 716d3554f3dd9a7cf83cb0fd4f706b6458cb13d8 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Sat, 23 May 2020 00:48:35 +0300 Subject: [PATCH 18/22] [__user] fix user delete on freebsd --- cdist/conf/type/__user/gencode-remote | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/cdist/conf/type/__user/gencode-remote b/cdist/conf/type/__user/gencode-remote index ee18c18f..41c3a57b 100755 --- a/cdist/conf/type/__user/gencode-remote +++ b/cdist/conf/type/__user/gencode-remote @@ -135,11 +135,19 @@ elif [ "$state" = "absent" ]; then if grep -q "^${name}:" "$__object/explorer/passwd"; then #user exists, but state != present, so delete it if [ -f "$__object/parameter/remove-home" ]; then - printf "userdel -r '%s' >/dev/null 2>&1\\n" "${name}" - echo "userdel -r" >> "$__messages_out" + if [ "$os" = "freebsd" ]; then + printf "pw userdel '%s' -r >/dev/null 2>&1\\n" "${name}" + else + printf "userdel -r '%s' >/dev/null 2>&1\\n" "${name}" + fi + echo "userdel -r" >> "$__messages_out" else - printf "userdel '%s' >/dev/null 2>&1\\n" "${name}" - echo "userdel" >> "$__messages_out" + if [ "$os" = "freebsd" ]; then + printf "pw userdel '%s' >/dev/null 2>&1\\n" "${name}" + else + printf "userdel '%s' >/dev/null 2>&1\\n" "${name}" + fi + echo "userdel" >> "$__messages_out" fi fi else From 6ba73c4be6a57007c035f748c3273dd7a7041992 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sat, 23 May 2020 19:03:13 +0200 Subject: [PATCH 19/22] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index f0aa3aa7..6746bec6 100644 --- a/docs/changelog +++ b/docs/changelog @@ -10,6 +10,8 @@ next: * Type __ssh_authorized_keys: Fix bug where --option was not multiple (Evil Ham) * Type __motd: Debian/Ubuntu/Devuan use /etc/motd (Ander Punnar) * Type __group: Fix --gid on FreeBSD (Ander Punnar) + * Configuration: Fix typos in cdist.cfg.skeleton (Jaak Ristioja) + * Type __user: Fix user deletion on FreeBSD (Ander Punnar) 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) From f4e1bbc87e9127ed4ac1789c700e1cbee02ff61c Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sun, 24 May 2020 01:10:56 +0200 Subject: [PATCH 20/22] Fix multiple log lines Fixes #813. --- cdist/log.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cdist/log.py b/cdist/log.py index 5d431130..2d0bef0b 100644 --- a/cdist/log.py +++ b/cdist/log.py @@ -64,6 +64,7 @@ class DefaultLog(logging.Logger): def __init__(self, name): super().__init__(name) + self.propagate = False formatter = logging.Formatter(self.FORMAT) From ba64971a567722c29cfe5a93c7ccc7e03bbf7940 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sun, 24 May 2020 17:05:01 +0200 Subject: [PATCH 21/22] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 6746bec6..5a2f905a 100644 --- a/docs/changelog +++ b/docs/changelog @@ -12,6 +12,7 @@ next: * Type __group: Fix --gid on FreeBSD (Ander Punnar) * Configuration: Fix typos in cdist.cfg.skeleton (Jaak Ristioja) * Type __user: Fix user deletion on FreeBSD (Ander Punnar) + * Core: Fix double log lines (Darko Poljak) 6.5.5: 2020-05-01 * Core: Fix XDG_CONFIG_HOME config file location (Joachim Desroches) From abac79d4a50857c81e12660aaa13424d371f2137 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 25 May 2020 11:16:48 +0200 Subject: [PATCH 22/22] Release 6.5.6 --- docs/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog b/docs/changelog index 5a2f905a..ad008cb2 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,7 +1,7 @@ Changelog --------- -next: +6.5.6: 2020-05-25 * Type __pyvenv: Switch to python3 -m venv for Ubuntu (Nico Schottelius) * Type __letsencrypt_cert: Whitelist Ubuntu (Nico Schottelius) * Types __cron, __file, __link: Improve manpages (Matthias Stecher)