From 64c247026a4fe02db1d31e2bd45839f577c7c1bb Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Mon, 30 Sep 2019 14:20:26 +0200 Subject: [PATCH 01/57] [__locale_system] Support Devuan --- cdist/conf/type/__locale_system/manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 80f7401b..4a1fdeed 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -26,7 +26,7 @@ os=$(cat "$__global/explorer/os") case "$os" in - debian|ubuntu) + debian|devuan|ubuntu) locale_conf="/etc/default/locale" ;; archlinux) From 201050a9e5144d0f7da2a8019e5822fedaa1d1b1 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Sun, 14 Jun 2020 11:07:18 +0300 Subject: [PATCH 02/57] new type: __download --- cdist/conf/type/__download/explorer/state | 20 ++++++ cdist/conf/type/__download/gencode-local | 35 ++++++++++ cdist/conf/type/__download/man.rst | 66 +++++++++++++++++++ .../type/__download/parameter/default/cmd-get | 1 + .../type/__download/parameter/default/cmd-sum | 1 + cdist/conf/type/__download/parameter/optional | 2 + cdist/conf/type/__download/parameter/required | 2 + 7 files changed, 127 insertions(+) create mode 100755 cdist/conf/type/__download/explorer/state create mode 100755 cdist/conf/type/__download/gencode-local create mode 100644 cdist/conf/type/__download/man.rst create mode 100644 cdist/conf/type/__download/parameter/default/cmd-get create mode 100644 cdist/conf/type/__download/parameter/default/cmd-sum create mode 100644 cdist/conf/type/__download/parameter/optional create mode 100644 cdist/conf/type/__download/parameter/required diff --git a/cdist/conf/type/__download/explorer/state b/cdist/conf/type/__download/explorer/state new file mode 100755 index 00000000..6a50f5a5 --- /dev/null +++ b/cdist/conf/type/__download/explorer/state @@ -0,0 +1,20 @@ +#!/bin/sh -e + +dst="/$__object_id" + +# shellcheck disable=SC2059 +cmd="$( printf "$( cat "$__object/parameter/cmd-sum" )" "$dst" )" + +sum="$( cat "$__object/parameter/sum" )" + +if [ -f "$dst" ] +then + if [ "$( eval "$cmd" )" = "$sum" ] + then + echo 'present' + else + echo 'mismatch' + fi +else + echo 'absent' +fi diff --git a/cdist/conf/type/__download/gencode-local b/cdist/conf/type/__download/gencode-local new file mode 100755 index 00000000..49e9c699 --- /dev/null +++ b/cdist/conf/type/__download/gencode-local @@ -0,0 +1,35 @@ +#!/bin/sh -e + +state_is="$( cat "$__object/explorer/state" )" + +if [ "$state_is" = 'present' ] +then + exit 0 +fi + +url="$( cat "$__object/parameter/url" )" + +cmd="$( cat "$__object/parameter/cmd-get" )" + +tmp="$( mktemp )" + +dst="/$__object_id" + +printf "$cmd > %s\n" \ + "$url" \ + "$tmp" + +if echo "$__target_host" | grep -Eq '^[0-9a-fA-F:]+$' +then + target_host="[$__target_host]" +else + target_host="$__target_host" +fi + +printf '%s %s %s:%s\n' \ + "$__remote_copy" \ + "$tmp" \ + "$target_host" \ + "$dst" + +echo "rm -f '$tmp'" diff --git a/cdist/conf/type/__download/man.rst b/cdist/conf/type/__download/man.rst new file mode 100644 index 00000000..c973448f --- /dev/null +++ b/cdist/conf/type/__download/man.rst @@ -0,0 +1,66 @@ +cdist-type__download(7) +======================= + +NAME +---- +cdist-type__download - Download file to local storage and copy it to target host + + +DESCRIPTION +----------- +You must use persistent storage in target host for destination file +(``$__object_id``) because it will be used for checksum calculation +in order to decide if file must be downloaded. + + +REQUIRED PARAMETERS +------------------- +url + URL from which to download the file. + +sum + Checksum of downloaded file. + + +OPTIONAL PARAMETERS +------------------- +cmd-get + Command used for downloading. + Default is ``wget -O- '%s'``. + Command must output to ``stdout``. + +cmd-sum + Command used for checksum calculation. + Default is ``md5sum '%s' | awk '{print $1}'``. + Command output and ``--sum`` parameter must match. + + +EXAMPLES +-------- + +.. code-block:: sh + + __directory /opt/cpma + + require='__directory/opt/cpma' \ + __download /opt/cpma/cnq3.zip \ + --url https://cdn.playmorepromode.com/files/cnq3/cnq3-1.51.zip \ + --sum 46da3021ca9eace277115ec9106c5b46 + + require='__download/opt/cpma/cnq3.zip' \ + __unpack /opt/cpma/cnq3.zip \ + --move-existing-destination \ + --destination /opt/cpma/server + + +AUTHORS +------- +Ander Punnar + + +COPYING +------- +Copyright \(C) 2020 Ander Punnar. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__download/parameter/default/cmd-get b/cdist/conf/type/__download/parameter/default/cmd-get new file mode 100644 index 00000000..2daa38a1 --- /dev/null +++ b/cdist/conf/type/__download/parameter/default/cmd-get @@ -0,0 +1 @@ +wget -O- '%s' diff --git a/cdist/conf/type/__download/parameter/default/cmd-sum b/cdist/conf/type/__download/parameter/default/cmd-sum new file mode 100644 index 00000000..3e8a9295 --- /dev/null +++ b/cdist/conf/type/__download/parameter/default/cmd-sum @@ -0,0 +1 @@ +md5sum '%s' | awk '{print $1}' diff --git a/cdist/conf/type/__download/parameter/optional b/cdist/conf/type/__download/parameter/optional new file mode 100644 index 00000000..22783e02 --- /dev/null +++ b/cdist/conf/type/__download/parameter/optional @@ -0,0 +1,2 @@ +cmd-get +cmd-sum diff --git a/cdist/conf/type/__download/parameter/required b/cdist/conf/type/__download/parameter/required new file mode 100644 index 00000000..6ea4c38f --- /dev/null +++ b/cdist/conf/type/__download/parameter/required @@ -0,0 +1,2 @@ +url +sum From a6543a72ade5a3b64cab1b0164d5df0b4388e88f Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Wed, 17 Jun 2020 13:40:31 +0200 Subject: [PATCH 03/57] ++changelog --- docs/changelog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/changelog b/docs/changelog index c8388b93..a0de09fa 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,6 +1,9 @@ Changelog --------- +next: + * New type: __download (Ander Punnar) + 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) * Core: Support colored log output (Evil Ham) From 97e48be39e80ffe50946606b912ca28d3612cc61 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 20 Jun 2020 21:11:28 +0200 Subject: [PATCH 04/57] [type/__package_opkg] Fix explorer running in parallel --- .../type/__package_opkg/explorer/pkg_status | 57 ++++++++++++++----- 1 file changed, 44 insertions(+), 13 deletions(-) diff --git a/cdist/conf/type/__package_opkg/explorer/pkg_status b/cdist/conf/type/__package_opkg/explorer/pkg_status index 5da4f742..1ba88e81 100755 --- a/cdist/conf/type/__package_opkg/explorer/pkg_status +++ b/cdist/conf/type/__package_opkg/explorer/pkg_status @@ -1,7 +1,8 @@ -#!/bin/sh +#!/bin/sh -e # # 2011 Nico Schottelius (nico-cdist at schottelius.org) # 2012 Giel van Schijndel (giel plus cdist at mortis dot eu) +# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -19,21 +20,51 @@ # along with cdist. If not, see . # # -# Retrieve the status of a package - parsed opkg output +# Retrieve the status of a package - parses opkg output # -if [ -f "$__object/parameter/name" ]; then - name="$(cat "$__object/parameter/name")" +LOCKFILE="${__type_explorer}/cdist_opkg.lock" +_lock() ( + set -o noclobber + until echo $$>"${LOCKFILE}" + do + while test -f "${LOCKFILE}"; do sleep 1; done + done + +) 2>/dev/null +_unlock() { + if test -s "${LOCKFILE}" && test "$(cat "${LOCKFILE}")" = $$ + then + rm "${LOCKFILE}" + fi +} + + +if test -f "${__object}/parameter/name" +then + pkg_name=$(cat "${__object}/parameter/name") else - name="$__object_id" + pkg_name=$__object_id fi -# Except dpkg failing, if package is not known / installed -if opkg status "$name" 2>/dev/null | grep -q "^Status: install user installed$"; then - echo "present" - exit 0 -elif [ "$(opkg info "$name" 2> /dev/null | wc -l)" -eq 0 ]; then - echo "absent notpresent" - exit 0 + +# NOTE: We need to lock parallel execution of this explorer because opkg will +# try to acquire the OPKG lock (usually /var/lock/opkg.lock) using lockf(2) for +# every operation. It will not wait for the lock but terminate with an error. +# This leads to incorrect 'absent notpresent' statuses when parallel execution +# is enabled. +trap _unlock EXIT +_lock + + +# Except opkg failing, if package is not known / installed +if opkg status "${pkg_name}" 2>/dev/null \ + | grep -q -e '^Status: [^ ][^ ]* [^ ][^ ]* installed$' +then + echo 'present' +elif opkg info "${pkg_name}" 2>/dev/null | grep -q . +then + echo 'absent notpresent' +else + echo 'absent' fi -echo "absent" From e79b26a61f790108b90c3625d554f6df4086d616 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 21 Jun 2020 13:15:38 +0200 Subject: [PATCH 05/57] [type/__package_opkg] Also lock execution of code-remote --- .../type/__package_opkg/explorer/pkg_status | 11 ++- cdist/conf/type/__package_opkg/gencode-remote | 94 +++++++++++++------ 2 files changed, 73 insertions(+), 32 deletions(-) diff --git a/cdist/conf/type/__package_opkg/explorer/pkg_status b/cdist/conf/type/__package_opkg/explorer/pkg_status index 1ba88e81..f5a6f098 100755 --- a/cdist/conf/type/__package_opkg/explorer/pkg_status +++ b/cdist/conf/type/__package_opkg/explorer/pkg_status @@ -23,7 +23,9 @@ # Retrieve the status of a package - parses opkg output # -LOCKFILE="${__type_explorer}/cdist_opkg.lock" +__type_path=${__object%%${__object_id}*} + +LOCKFILE="${__type_path}/cdist_opkg.lock" _lock() ( set -o noclobber until echo $$>"${LOCKFILE}" @@ -48,9 +50,10 @@ else fi -# NOTE: We need to lock parallel execution of this explorer because opkg will -# try to acquire the OPKG lock (usually /var/lock/opkg.lock) using lockf(2) for -# every operation. It will not wait for the lock but terminate with an error. +# NOTE: We need to lock parallel execution of type explorers and code-remote +# because opkg will try to acquire the OPKG lock (usually /var/lock/opkg.lock) +# using lockf(2) for every operation. +# It will not wait for the lock but terminate with an error. # This leads to incorrect 'absent notpresent' statuses when parallel execution # is enabled. trap _unlock EXIT diff --git a/cdist/conf/type/__package_opkg/gencode-remote b/cdist/conf/type/__package_opkg/gencode-remote index 269d5f49..ad90dc24 100755 --- a/cdist/conf/type/__package_opkg/gencode-remote +++ b/cdist/conf/type/__package_opkg/gencode-remote @@ -2,6 +2,7 @@ # # 2011,2013 Nico Schottelius (nico-cdist at schottelius.org) # 2012 Giel van Schijndel (giel plus cdist at mortis dot eu) +# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -19,41 +20,78 @@ # along with cdist. If not, see . # # -# Manage packages on OpenWRT and co. +# Manage packages on OpenWrt, optware, and co. # -if [ -f "$__object/parameter/name" ]; then - name="$(cat "$__object/parameter/name")" +if test -f "${__object}/parameter/name" +then + name=$(cat "${__object}/parameter/name") else - name="$__object_id" + name=$__object_id fi -state_should="$(cat "$__object/parameter/state")" +state_should=$(cat "${__object}/parameter/state") +state_is=$(cat "${__object}/explorer/pkg_status") -state_is="$(cat "$__object/explorer/pkg_status")" -case "$state_is" in - absent*) - present="$(echo "$state_is" | cut -d ' ' -f 2)" - state_is="absent" - ;; +case $state_is +in + (absent*) + presence=$(echo "${state_is}" | cut -d ' ' -f 2) + state_is='absent' + ;; esac -[ "$state_is" = "$state_should" ] && exit 0 +if test "${state_is}" = "${state_should}" +then + exit 0 +fi -case "$state_should" in - present) - if [ "$present" = "notpresent" ]; then - echo "opkg --verbosity=0 update" - fi - echo "opkg --verbosity=0 install '$name'" - echo "installed" >> "$__messages_out" - ;; - absent) - echo "opkg --verbosity=0 remove '$name'" - echo "removed" >> "$__messages_out" - ;; - *) - echo "Unknown state: ${state_should}" >&2 - exit 1 - ;; +cat <<'EOF' +__type_path=${__object%%${__object_id}*} + +LOCKFILE="${__type_path}/cdist_opkg.lock" +_lock() ( + set -o noclobber + until echo $$>"${LOCKFILE}" + do + while test -f "${LOCKFILE}"; do sleep 1; done + done + +) 2>/dev/null +_unlock() { + if test -s "${LOCKFILE}" && test "$(cat "${LOCKFILE}")" = $$ + then + rm "${LOCKFILE}" + fi +} +EOF + +# NOTE: We need to lock parallel execution of code-remote to ensure that it is +# not executed concurrently with a type explorer. +# opkg will try to acquire the OPKG lock (usually /var/lock/opkg.lock) using +# lockf(2) for every operation. +# It will not wait for the lock but terminate with an error leading to an +# incorrect outcome. +echo 'trap _unlock EXIT' +echo '_lock' + +case $state_should +in + (present) + if test "${presence}" = 'notpresent' + then + echo 'opkg --verbosity=0 update' + fi + + printf "opkg --verbosity=0 install '%s'\n" "${name}" + echo 'installed' >>"${__messages_out}" + ;; + (absent) + printf "opkg --verbosity=0 remove '%s'" "${name}" + echo 'removed' >>"${__messages_out}" + ;; + (*) + printf 'Unknown state: %s\n' "${state_should}" >&2 + exit 1 + ;; esac From a6a3fb40bfcbaa5d6506a1ac5ebe2e40376dcb6f Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 20 Jun 2020 22:22:29 +0200 Subject: [PATCH 06/57] Remove unnecessary Python shebangs --- cdist/config.py | 1 - cdist/info.py | 1 - cdist/install.py | 1 - cdist/integration.py | 1 - cdist/inventory.py | 1 - cdist/log.py | 1 - cdist/preos/debootstrap/debootstrap.py | 1 - 7 files changed, 7 deletions(-) diff --git a/cdist/config.py b/cdist/config.py index b2d72f05..b71536a8 100644 --- a/cdist/config.py +++ b/cdist/config.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2010-2015 Nico Schottelius (nico-cdist at schottelius.org) diff --git a/cdist/info.py b/cdist/info.py index b896a3d1..9e29f5d9 100644 --- a/cdist/info.py +++ b/cdist/info.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2019-2020 Darko Poljak (darko.poljak at gmail.com) diff --git a/cdist/install.py b/cdist/install.py index b88ad016..a9c8119a 100644 --- a/cdist/install.py +++ b/cdist/install.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2013 Steven Armstrong (steven-cdist at armstrong.cc) diff --git a/cdist/integration.py b/cdist/integration.py index ee742cc5..03e4167d 100644 --- a/cdist/integration.py +++ b/cdist/integration.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2017 Darko Poljak (darko.poljak at gmail.com) diff --git a/cdist/inventory.py b/cdist/inventory.py index 138a2034..fb5ab960 100644 --- a/cdist/inventory.py +++ b/cdist/inventory.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2016 Darko Poljak (darko.poljak at gmail.com) diff --git a/cdist/log.py b/cdist/log.py index 19efebdb..c77ba8ec 100644 --- a/cdist/log.py +++ b/cdist/log.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2010-2013 Nico Schottelius (nico-cdist at schottelius.org) diff --git a/cdist/preos/debootstrap/debootstrap.py b/cdist/preos/debootstrap/debootstrap.py index f53dd4a7..d3e590f2 100644 --- a/cdist/preos/debootstrap/debootstrap.py +++ b/cdist/preos/debootstrap/debootstrap.py @@ -1,4 +1,3 @@ -#!/usr/bin/env python3 # -*- coding: utf-8 -*- # # 2016 Darko Poljak (darko.poljak at ungleich.ch) From ce07021580219d130c3968c547d03f451f2dea12 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 20 Jun 2020 21:16:23 +0200 Subject: [PATCH 07/57] Do not subclass object --- cdist/config.py | 2 +- cdist/core/cdist_object.py | 2 +- cdist/core/cdist_type.py | 2 +- cdist/core/code.py | 2 +- cdist/core/explorer.py | 2 +- cdist/core/manifest.py | 2 +- cdist/emulator.py | 2 +- cdist/exec/local.py | 2 +- cdist/exec/remote.py | 2 +- cdist/hostsource.py | 2 +- cdist/info.py | 3 +-- cdist/inventory.py | 2 +- cdist/message.py | 2 +- cdist/preos.py | 2 +- cdist/preos/debootstrap/debootstrap.py | 2 +- cdist/shell.py | 4 +--- cdist/test/config/__init__.py | 2 +- cdist/util/fsproperty.py | 4 ++-- 18 files changed, 19 insertions(+), 22 deletions(-) diff --git a/cdist/config.py b/cdist/config.py index b2d72f05..982d8b75 100644 --- a/cdist/config.py +++ b/cdist/config.py @@ -70,7 +70,7 @@ def _graph_dfs_cycle(graph, node, path): return False -class Config(object): +class Config: """Cdist main class to hold arbitrary data""" # list of paths (files and/or directories) that will be removed on finish diff --git a/cdist/core/cdist_object.py b/cdist/core/cdist_object.py index 114a47e0..51d61e04 100644 --- a/cdist/core/cdist_object.py +++ b/cdist/core/cdist_object.py @@ -47,7 +47,7 @@ class MissingObjectIdError(cdist.Error): return '%s' % (self.message) -class CdistObject(object): +class CdistObject: """Represents a cdist object. All interaction with objects in cdist should be done through this class. diff --git a/cdist/core/cdist_type.py b/cdist/core/cdist_type.py index 4500f50d..c0329c8a 100644 --- a/cdist/core/cdist_type.py +++ b/cdist/core/cdist_type.py @@ -38,7 +38,7 @@ class InvalidTypeError(cdist.Error): self.type_path, self.type_absolute_path, self.source_path) -class CdistType(object): +class CdistType: """Represents a cdist type. All interaction with types in cdist should be done through this class. diff --git a/cdist/core/code.py b/cdist/core/code.py index 1550880a..226bc63d 100644 --- a/cdist/core/code.py +++ b/cdist/core/code.py @@ -92,7 +92,7 @@ code-remote ''' -class Code(object): +class Code: """Generates and executes cdist code scripts. """ diff --git a/cdist/core/explorer.py b/cdist/core/explorer.py index 353d7681..a3baa959 100644 --- a/cdist/core/explorer.py +++ b/cdist/core/explorer.py @@ -63,7 +63,7 @@ type explorer is: ''' -class Explorer(object): +class Explorer: """Executes cdist explorers. """ diff --git a/cdist/core/manifest.py b/cdist/core/manifest.py index 8b833ff2..2a0b2189 100644 --- a/cdist/core/manifest.py +++ b/cdist/core/manifest.py @@ -92,7 +92,7 @@ class NoInitialManifestError(cdist.Error): return repr(self.message) -class Manifest(object): +class Manifest: """Executes cdist manifests. """ diff --git a/cdist/emulator.py b/cdist/emulator.py index 4eaf2c93..24d239fa 100644 --- a/cdist/emulator.py +++ b/cdist/emulator.py @@ -56,7 +56,7 @@ class DefaultList(list): return cls(initial.split('\n')) -class Emulator(object): +class Emulator: def __init__(self, argv, stdin=sys.stdin.buffer, env=os.environ): self.argv = argv self.stdin = stdin diff --git a/cdist/exec/local.py b/cdist/exec/local.py index ad6c6e36..e0aab190 100644 --- a/cdist/exec/local.py +++ b/cdist/exec/local.py @@ -39,7 +39,7 @@ import cdist.exec.util as util CONF_SUBDIRS_LINKED = ["explorer", "files", "manifest", "type", ] -class Local(object): +class Local: """Execute commands locally. All interaction with the local side should be done through this class. diff --git a/cdist/exec/remote.py b/cdist/exec/remote.py index f72bf3bf..e5af2f34 100644 --- a/cdist/exec/remote.py +++ b/cdist/exec/remote.py @@ -49,7 +49,7 @@ class DecodeError(cdist.Error): return "Cannot decode output of " + " ".join(self.command) -class Remote(object): +class Remote: """Execute commands remotely. All interaction with the remote side should be done through this class. diff --git a/cdist/hostsource.py b/cdist/hostsource.py index a7b8f0b4..5f927b36 100644 --- a/cdist/hostsource.py +++ b/cdist/hostsource.py @@ -41,7 +41,7 @@ def hostfile_process_line(line, strip_func=str.strip): return None -class HostSource(object): +class HostSource: """ Host source object. Source can be a sequence or filename (stdin if \'-\'). diff --git a/cdist/info.py b/cdist/info.py index b896a3d1..a1fad237 100644 --- a/cdist/info.py +++ b/cdist/info.py @@ -29,8 +29,7 @@ import glob import fnmatch -class Info(object): - +class Info: def __init__(self, conf_dirs, args): self.conf_dirs = conf_dirs self.all = args.all diff --git a/cdist/inventory.py b/cdist/inventory.py index 138a2034..c06efff0 100644 --- a/cdist/inventory.py +++ b/cdist/inventory.py @@ -80,7 +80,7 @@ def rstrip_nl(s): return str.rstrip(s, "\n") -class Inventory(object): +class Inventory: """Inventory main class""" def __init__(self, db_basedir=dist_inventory_db, configuration=None): diff --git a/cdist/message.py b/cdist/message.py index 450fc3c3..ffa8c2bb 100644 --- a/cdist/message.py +++ b/cdist/message.py @@ -27,7 +27,7 @@ import tempfile log = logging.getLogger(__name__) -class Message(object): +class Message: """Support messaging between types """ diff --git a/cdist/preos.py b/cdist/preos.py index bf2a8e60..f8a5dd67 100644 --- a/cdist/preos.py +++ b/cdist/preos.py @@ -78,7 +78,7 @@ def get_available_preoses_string(cls): return "Available PreOS-es:\n{}".format("\n".join(preoses)) -class PreOS(object): +class PreOS: preoses = None @classmethod diff --git a/cdist/preos/debootstrap/debootstrap.py b/cdist/preos/debootstrap/debootstrap.py index f53dd4a7..ac01e08b 100644 --- a/cdist/preos/debootstrap/debootstrap.py +++ b/cdist/preos/debootstrap/debootstrap.py @@ -31,7 +31,7 @@ import os import subprocess -class Debian(object): +class Debian: _preos_name = 'debian' _cdist_preos = True diff --git a/cdist/shell.py b/cdist/shell.py index 60b6a9f0..04a68937 100644 --- a/cdist/shell.py +++ b/cdist/shell.py @@ -32,10 +32,8 @@ import cdist.config log = logging.getLogger(__name__) -class Shell(object): - +class Shell: def __init__(self, shell=None): - self.shell = shell self.target_host = ( diff --git a/cdist/test/config/__init__.py b/cdist/test/config/__init__.py index 499593e3..0ed614b1 100644 --- a/cdist/test/config/__init__.py +++ b/cdist/test/config/__init__.py @@ -44,7 +44,7 @@ expected_object_names = sorted([ '__third/moon']) -class CdistObjectErrorContext(object): +class CdistObjectErrorContext: def __init__(self, original_error): self.original_error = original_error diff --git a/cdist/util/fsproperty.py b/cdist/util/fsproperty.py index 5a27c9d7..1d76fd76 100644 --- a/cdist/util/fsproperty.py +++ b/cdist/util/fsproperty.py @@ -177,7 +177,7 @@ class DirectoryDict(collections.MutableMapping): raise cdist.Error(str(e)) -class FileBasedProperty(object): +class FileBasedProperty: attribute_class = None def __init__(self, path): @@ -189,7 +189,7 @@ class FileBasedProperty(object): Usage with a sublcass: - class Foo(object): + class Foo: # note that the actual DirectoryDict is stored as __parameters # on the instance parameters = DirectoryDictProperty( From 6aae58dea77002dea0b57d20cbb01b5e2a1066b5 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 21 Jun 2020 17:35:28 +0200 Subject: [PATCH 08/57] [type/__package_opkg] Mark lock variables readonly --- cdist/conf/type/__package_opkg/explorer/pkg_status | 4 ++-- cdist/conf/type/__package_opkg/gencode-remote | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cdist/conf/type/__package_opkg/explorer/pkg_status b/cdist/conf/type/__package_opkg/explorer/pkg_status index f5a6f098..9d993055 100755 --- a/cdist/conf/type/__package_opkg/explorer/pkg_status +++ b/cdist/conf/type/__package_opkg/explorer/pkg_status @@ -23,9 +23,9 @@ # Retrieve the status of a package - parses opkg output # -__type_path=${__object%%${__object_id}*} +readonly __type_path=${__object%%${__object_id}*} +readonly LOCKFILE="${__type_path}/cdist_opkg.lock" -LOCKFILE="${__type_path}/cdist_opkg.lock" _lock() ( set -o noclobber until echo $$>"${LOCKFILE}" diff --git a/cdist/conf/type/__package_opkg/gencode-remote b/cdist/conf/type/__package_opkg/gencode-remote index ad90dc24..c7f21751 100755 --- a/cdist/conf/type/__package_opkg/gencode-remote +++ b/cdist/conf/type/__package_opkg/gencode-remote @@ -47,9 +47,9 @@ then fi cat <<'EOF' -__type_path=${__object%%${__object_id}*} +readonly __type_path=${__object%%${__object_id}*} +readonly LOCKFILE="${__type_path}/cdist_opkg.lock" -LOCKFILE="${__type_path}/cdist_opkg.lock" _lock() ( set -o noclobber until echo $$>"${LOCKFILE}" From 26dfdf37c21ce3c469ae0d6a717d390f422f9fbf Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Sun, 21 Jun 2020 01:13:30 +0300 Subject: [PATCH 09/57] [__download] support multiple checksum formats and download utilities, add --onchange and other minor changes --- cdist/conf/type/__download/explorer/state | 78 +++++++++++++++---- cdist/conf/type/__download/gencode-local | 25 +++++- cdist/conf/type/__download/gencode-remote | 7 ++ cdist/conf/type/__download/man.rst | 25 ++++-- .../type/__download/parameter/default/cmd-get | 1 - .../type/__download/parameter/default/cmd-sum | 1 - cdist/conf/type/__download/parameter/optional | 1 + 7 files changed, 116 insertions(+), 22 deletions(-) create mode 100755 cdist/conf/type/__download/gencode-remote delete mode 100644 cdist/conf/type/__download/parameter/default/cmd-get delete mode 100644 cdist/conf/type/__download/parameter/default/cmd-sum diff --git a/cdist/conf/type/__download/explorer/state b/cdist/conf/type/__download/explorer/state index 6a50f5a5..00362545 100755 --- a/cdist/conf/type/__download/explorer/state +++ b/cdist/conf/type/__download/explorer/state @@ -2,19 +2,71 @@ dst="/$__object_id" -# shellcheck disable=SC2059 -cmd="$( printf "$( cat "$__object/parameter/cmd-sum" )" "$dst" )" - -sum="$( cat "$__object/parameter/sum" )" - -if [ -f "$dst" ] +if [ ! -f "$dst" ] then - if [ "$( eval "$cmd" )" = "$sum" ] - then - echo 'present' - else - echo 'mismatch' - fi -else echo 'absent' + exit 0 +fi + +sum_should="$( cat "$__object/parameter/sum" )" + +if [ -f "$__object/parameter/cmd-sum" ] +then + # shellcheck disable=SC2059 + sum_is="$( eval "$( printf \ + "$( cat "$__object/parameter/cmd-sum" )" \ + "$dst" )" )" +else + os="$( "$__explorer/os" )" + + if echo "$sum_should" | grep -Eq '^[0-9]+\s[0-9]+$' + then + sum_is="$( cksum "$dst" | awk '{print $1" "$2}' )" + + elif echo "$sum_should" | grep -Eiq '^md5:[a-f0-9]{32}$' + then + case "$os" in + freebsd) + sum_is="md5:$( md5 -q "$dst" )" + ;; + *) + sum_is="md5:$( md5sum "$dst" | awk '{print $1}' )" + ;; + esac + + elif echo "$sum_should" | grep -Eiq '^sha1:[a-f0-9]{40}$' + then + case "$os" in + freebsd) + sum_is="sha1:$( sha1 -q "$dst" )" + ;; + *) + sum_is="sha1:$( sha1sum "$dst" | awk '{print $1}' )" + ;; + esac + + elif echo "$sum_should" | grep -Eiq '^sha256:[a-f0-9]{64}$' + then + case "$os" in + freebsd) + sum_is="sha256:$( sha256 -q "$dst" )" + ;; + *) + sum_is="sha256:$( sha256sum "$dst" | awk '{print $1}' )" + ;; + esac + fi +fi + +if [ -z "$sum_is" ] +then + echo 'no checksum from target' >&2 + exit 1 +fi + +if [ "$sum_is" = "$sum_should" ] +then + echo 'present' +else + echo 'mismatch' fi diff --git a/cdist/conf/type/__download/gencode-local b/cdist/conf/type/__download/gencode-local index 49e9c699..85ef3a60 100755 --- a/cdist/conf/type/__download/gencode-local +++ b/cdist/conf/type/__download/gencode-local @@ -9,12 +9,31 @@ fi url="$( cat "$__object/parameter/url" )" -cmd="$( cat "$__object/parameter/cmd-get" )" - tmp="$( mktemp )" dst="/$__object_id" +if [ -f "$__object/parameter/cmd-get" ] +then + cmd="$( cat "$__object/parameter/cmd-get" )" + +elif command -v wget > /dev/null +then + cmd="wget -O - '%s'" + +elif command -v curl > /dev/null +then + cmd="curl -o - '%s'" + +elif command -v fetch > /dev/null +then + cmd="fetch -o - '%s'" + +else + echo 'no usable locally installed utility for downloading' >&2 + exit 1 +fi + printf "$cmd > %s\n" \ "$url" \ "$tmp" @@ -33,3 +52,5 @@ printf '%s %s %s:%s\n' \ "$dst" echo "rm -f '$tmp'" + +echo 'downloaded' > "$__messages_out" diff --git a/cdist/conf/type/__download/gencode-remote b/cdist/conf/type/__download/gencode-remote new file mode 100755 index 00000000..b08d0050 --- /dev/null +++ b/cdist/conf/type/__download/gencode-remote @@ -0,0 +1,7 @@ +#!/bin/sh -e + +if [ -f "$__object/parameter/onchange" ] \ + && grep -Fq "$__object_id:downloaded" "$__messages_in" +then + cat "$__object/parameter/onchange" +fi diff --git a/cdist/conf/type/__download/man.rst b/cdist/conf/type/__download/man.rst index c973448f..63a41bc4 100644 --- a/cdist/conf/type/__download/man.rst +++ b/cdist/conf/type/__download/man.rst @@ -10,7 +10,13 @@ DESCRIPTION ----------- You must use persistent storage in target host for destination file (``$__object_id``) because it will be used for checksum calculation -in order to decide if file must be downloaded. +in order to decide if file must be (re-)downloaded. + +By default type will try to use following locally installed utilities +for downloading (in order): ``wget``, ``curl`` or ``fetch``. + +Environment variables like ``{http,https,ftp}_proxy`` etc can be used on +cdist execution (``http_proxy=foo cdist config ...``). REQUIRED PARAMETERS @@ -19,20 +25,29 @@ url URL from which to download the file. sum - Checksum of downloaded file. + Checksum of file going to be downloaded. + By default output of ``cksum`` without filename is expected. + Other hash formats supported with prefixes: ``md5:``, ``sha1:`` and ``sha256:``. + +onchange + Execute this command after download. OPTIONAL PARAMETERS ------------------- cmd-get Command used for downloading. - Default is ``wget -O- '%s'``. Command must output to ``stdout``. + Parameter will be used for ``printf`` and must include only one + variable ``%s`` which will become URL. + For example: ``wget -O - '%s'``. cmd-sum Command used for checksum calculation. - Default is ``md5sum '%s' | awk '{print $1}'``. Command output and ``--sum`` parameter must match. + Parameter will be used for ``printf`` and must include only one + variable ``%s`` which will become destination. + For example: ``md5sum '%s' | awk '{print $1}'``. EXAMPLES @@ -45,7 +60,7 @@ EXAMPLES require='__directory/opt/cpma' \ __download /opt/cpma/cnq3.zip \ --url https://cdn.playmorepromode.com/files/cnq3/cnq3-1.51.zip \ - --sum 46da3021ca9eace277115ec9106c5b46 + --sum md5:46da3021ca9eace277115ec9106c5b46 require='__download/opt/cpma/cnq3.zip' \ __unpack /opt/cpma/cnq3.zip \ diff --git a/cdist/conf/type/__download/parameter/default/cmd-get b/cdist/conf/type/__download/parameter/default/cmd-get deleted file mode 100644 index 2daa38a1..00000000 --- a/cdist/conf/type/__download/parameter/default/cmd-get +++ /dev/null @@ -1 +0,0 @@ -wget -O- '%s' diff --git a/cdist/conf/type/__download/parameter/default/cmd-sum b/cdist/conf/type/__download/parameter/default/cmd-sum deleted file mode 100644 index 3e8a9295..00000000 --- a/cdist/conf/type/__download/parameter/default/cmd-sum +++ /dev/null @@ -1 +0,0 @@ -md5sum '%s' | awk '{print $1}' diff --git a/cdist/conf/type/__download/parameter/optional b/cdist/conf/type/__download/parameter/optional index 22783e02..38c0ce4d 100644 --- a/cdist/conf/type/__download/parameter/optional +++ b/cdist/conf/type/__download/parameter/optional @@ -1,2 +1,3 @@ cmd-get cmd-sum +onchange From 3649555f3522ea80f1999ca2cb7f8ddd112cbb33 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Mon, 22 Jun 2020 09:31:59 +0200 Subject: [PATCH 10/57] [type/__package_opkg] Do not lock execution of code-remote (revert) Instead, rely on `nonparallel`. In any case cdist should never run explorer and code concurrently even if the dependency graph would allow to do so as it would result in many more synchronization issues than this one. --- cdist/conf/type/__package_opkg/gencode-remote | 32 ++----------------- 1 file changed, 2 insertions(+), 30 deletions(-) diff --git a/cdist/conf/type/__package_opkg/gencode-remote b/cdist/conf/type/__package_opkg/gencode-remote index c7f21751..28caff71 100755 --- a/cdist/conf/type/__package_opkg/gencode-remote +++ b/cdist/conf/type/__package_opkg/gencode-remote @@ -25,9 +25,9 @@ if test -f "${__object}/parameter/name" then - name=$(cat "${__object}/parameter/name") + name=$(cat "${__object}/parameter/name") else - name=$__object_id + name=$__object_id fi state_should=$(cat "${__object}/parameter/state") @@ -46,34 +46,6 @@ then exit 0 fi -cat <<'EOF' -readonly __type_path=${__object%%${__object_id}*} -readonly LOCKFILE="${__type_path}/cdist_opkg.lock" - -_lock() ( - set -o noclobber - until echo $$>"${LOCKFILE}" - do - while test -f "${LOCKFILE}"; do sleep 1; done - done - -) 2>/dev/null -_unlock() { - if test -s "${LOCKFILE}" && test "$(cat "${LOCKFILE}")" = $$ - then - rm "${LOCKFILE}" - fi -} -EOF - -# NOTE: We need to lock parallel execution of code-remote to ensure that it is -# not executed concurrently with a type explorer. -# opkg will try to acquire the OPKG lock (usually /var/lock/opkg.lock) using -# lockf(2) for every operation. -# It will not wait for the lock but terminate with an error leading to an -# incorrect outcome. -echo 'trap _unlock EXIT' -echo '_lock' case $state_should in From 49dde11def71cec121e5f698d0fb6ed3a539f97a Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Wed, 24 Jun 2020 07:04:06 +0200 Subject: [PATCH 11/57] Remove deprecated __pf_apply --- cdist/conf/type/__pf_apply/deprecated | 1 - cdist/conf/type/__pf_apply/explorer/rcvar | 36 --------------- cdist/conf/type/__pf_apply/gencode-remote | 51 --------------------- cdist/conf/type/__pf_apply/man.rst | 55 ----------------------- cdist/conf/type/__pf_apply/singleton | 0 5 files changed, 143 deletions(-) delete mode 100644 cdist/conf/type/__pf_apply/deprecated delete mode 100755 cdist/conf/type/__pf_apply/explorer/rcvar delete mode 100755 cdist/conf/type/__pf_apply/gencode-remote delete mode 100644 cdist/conf/type/__pf_apply/man.rst delete mode 100644 cdist/conf/type/__pf_apply/singleton diff --git a/cdist/conf/type/__pf_apply/deprecated b/cdist/conf/type/__pf_apply/deprecated deleted file mode 100644 index 36cfed90..00000000 --- a/cdist/conf/type/__pf_apply/deprecated +++ /dev/null @@ -1 +0,0 @@ -Consider moving to __pf_apply_anchor. Get in touch if you need __pf_apply. diff --git a/cdist/conf/type/__pf_apply/explorer/rcvar b/cdist/conf/type/__pf_apply/explorer/rcvar deleted file mode 100755 index 7c8d535f..00000000 --- a/cdist/conf/type/__pf_apply/explorer/rcvar +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# -# 2012 Jake Guffey (jake.guffey at eprotex.com) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# -# -# Get the location of the pf ruleset on the target host. -# - -# Debug -#exec >&2 -#set -x - -# Check /etc/rc.conf for pf's configuration file name. Default to /etc/pf.conf - -RC="/etc/rc.conf" -PFCONF="$(grep '^pf_rules=' ${RC} | cut -d= -f2 | sed 's/"//g')" -echo "${PFCONF:-"/etc/pf.conf"}" - -# Debug -#set +x - diff --git a/cdist/conf/type/__pf_apply/gencode-remote b/cdist/conf/type/__pf_apply/gencode-remote deleted file mode 100755 index c8f7a25a..00000000 --- a/cdist/conf/type/__pf_apply/gencode-remote +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/sh -e -# -# 2012 Jake Guffey (jake.guffey at eprotex.com) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# -# -# Apply pf(4) ruleset on *BSD -# - -# Debug -#exec >&2 -#set -x - -rcvar=$(cat "$__object/explorer/rcvar") - -cat <&2 - fi -fi -EOF - -# Debug -#set +x - diff --git a/cdist/conf/type/__pf_apply/man.rst b/cdist/conf/type/__pf_apply/man.rst deleted file mode 100644 index eee345e7..00000000 --- a/cdist/conf/type/__pf_apply/man.rst +++ /dev/null @@ -1,55 +0,0 @@ -cdist-type__pf_apply(7) -======================= - -NAME ----- -cdist-type__pf_apply - Apply pf(4) ruleset on \*BSD - - -DESCRIPTION ------------ -This type is used on \*BSD systems to manage the pf firewall's active ruleset. - - -REQUIRED PARAMETERS -------------------- -NONE - - -OPTIONAL PARAMETERS -------------------- -NONE - - -EXAMPLES --------- - -.. code-block:: sh - - # Modify the ruleset on $__target_host: - __pf_ruleset --state present --source /my/pf/ruleset.conf - require="__pf_ruleset" \ - __pf_apply - - # Remove the ruleset on $__target_host (implies disabling pf(4): - __pf_ruleset --state absent - require="__pf_ruleset" \ - __pf_apply - - -SEE ALSO --------- -:strong:`pf`\ (4), :strong:`cdist-type__pf_ruleset`\ (7) - - -AUTHORS -------- -Jake Guffey - - -COPYING -------- -Copyright \(C) 2012 Jake Guffey. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. diff --git a/cdist/conf/type/__pf_apply/singleton b/cdist/conf/type/__pf_apply/singleton deleted file mode 100644 index e69de29b..00000000 From a9778965be7154c0f42cf0170142ee2ec571d7ec Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Wed, 24 Jun 2020 08:47:22 +0200 Subject: [PATCH 12/57] [type/__package_opkg] Use mkdir(1) to lock instead of noclobber noclobber is potentially unsafe, because it relies on the underlying shell to implement noclobber in a safe way that avoids race conditions between multiple processes. mkdir is safer because it is mandated by POSIX to "fail" if the target already exists. --- .../type/__package_opkg/explorer/pkg_status | 25 ++++++++++++------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/cdist/conf/type/__package_opkg/explorer/pkg_status b/cdist/conf/type/__package_opkg/explorer/pkg_status index 9d993055..09c550e5 100755 --- a/cdist/conf/type/__package_opkg/explorer/pkg_status +++ b/cdist/conf/type/__package_opkg/explorer/pkg_status @@ -24,21 +24,28 @@ # readonly __type_path=${__object%%${__object_id}*} -readonly LOCKFILE="${__type_path}/cdist_opkg.lock" +test -d "${__type_path}" || { echo 'Cannot determine __type_path' >&2; exit 1; } +readonly LOCKDIR="${__type_path:?}/.cdist_opkg.lock.dir" -_lock() ( - set -o noclobber - until echo $$>"${LOCKFILE}" +_lock() { + until mkdir "${LOCKDIR:?}" 2>/dev/null do - while test -f "${LOCKFILE}"; do sleep 1; done + while test -d "${LOCKDIR}" + do + # DEBUG: printf 'Locked by PID: %u\n' "$(cat "${LOCKDIR}/pid")" + sleep 1 + done done - -) 2>/dev/null + echo $$ >"${LOCKDIR:?}/pid" +} _unlock() { - if test -s "${LOCKFILE}" && test "$(cat "${LOCKFILE}")" = $$ + test -d "${LOCKDIR}" || return 0 + if test -s "${LOCKDIR}/pid" then - rm "${LOCKFILE}" + test "$(cat "${LOCKDIR}/pid")" = $$ || return 1 + rm "${LOCKDIR:?}/pid" fi + rmdir "${LOCKDIR:?}" } From 5364d3bc9037969c415140523c5cac2f8891b967 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Wed, 24 Jun 2020 20:49:48 +0200 Subject: [PATCH 13/57] [type/__package_opkg] Implement flock locking if available --- .../type/__package_opkg/explorer/pkg_status | 55 ++++++++++++------- 1 file changed, 36 insertions(+), 19 deletions(-) diff --git a/cdist/conf/type/__package_opkg/explorer/pkg_status b/cdist/conf/type/__package_opkg/explorer/pkg_status index 09c550e5..de7b896b 100755 --- a/cdist/conf/type/__package_opkg/explorer/pkg_status +++ b/cdist/conf/type/__package_opkg/explorer/pkg_status @@ -25,28 +25,45 @@ readonly __type_path=${__object%%${__object_id}*} test -d "${__type_path}" || { echo 'Cannot determine __type_path' >&2; exit 1; } -readonly LOCKDIR="${__type_path:?}/.cdist_opkg.lock.dir" +readonly LOCKFILE="${__type_path:?}/.cdist_opkg.lock" -_lock() { - until mkdir "${LOCKDIR:?}" 2>/dev/null - do - while test -d "${LOCKDIR}" +if command -v flock >/dev/null 2>&1 +then + # use flock (if available) on FD 9 + _lock() { + exec 9<>"${LOCKFILE:?}" + flock -x 9 + echo $$>&9 + } + _unlock() { + :>"${LOCKFILE:?}" + flock -u 9 + exec 9<&- + } +else + # fallback to mkdir if flock is missing + _lock() { + until mkdir "${LOCKFILE:?}.dir" 2>/dev/null do - # DEBUG: printf 'Locked by PID: %u\n' "$(cat "${LOCKDIR}/pid")" - sleep 1 + while test -d "${LOCKFILE}.dir" + do + # DEBUG: + # printf 'Locked by PID: %u\n' "$(cat "${LOCKFILE}.dir/pid")" + sleep 1 + done done - done - echo $$ >"${LOCKDIR:?}/pid" -} -_unlock() { - test -d "${LOCKDIR}" || return 0 - if test -s "${LOCKDIR}/pid" - then - test "$(cat "${LOCKDIR}/pid")" = $$ || return 1 - rm "${LOCKDIR:?}/pid" - fi - rmdir "${LOCKDIR:?}" -} + echo $$ >"${LOCKFILE:?}.dir/pid" + } + _unlock() { + test -d "${LOCKFILE}.dir" || return 0 + if test -s "${LOCKFILE}.dir/pid" + then + test "$(cat "${LOCKFILE}.dir/pid")" = $$ || return 1 + rm "${LOCKFILE:?}.dir/pid" + fi + rmdir "${LOCKFILE:?}.dir" + } +fi if test -f "${__object}/parameter/name" From 7074f9c395d3ab6f763682f860744ac8d12a8c26 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Thu, 25 Jun 2020 06:32:10 +0200 Subject: [PATCH 14/57] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index a0de09fa..f1713d3b 100644 --- a/docs/changelog +++ b/docs/changelog @@ -3,6 +3,8 @@ Changelog next: * New type: __download (Ander Punnar) + * Type __locale_system: Add devuan support (Dennis Camera) + * Type __package_opkg: Add locking (Dennis Camera) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From 077989e8fd749339da9a6ca8458b2c73ac71672c Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sat, 27 Jun 2020 15:55:04 +0200 Subject: [PATCH 15/57] Remove annoying warnings Those warnings don't have any specail meaning and usage. Resolve #825. --- cdist/util/ipaddr.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/cdist/util/ipaddr.py b/cdist/util/ipaddr.py index 9b730225..95ca74ee 100644 --- a/cdist/util/ipaddr.py +++ b/cdist/util/ipaddr.py @@ -45,8 +45,6 @@ def resolve_target_host_name(host, family=0): log.debug("derived host_name for host \"{}\": {}".format( host, host_name)) except (socket.gaierror, socket.herror) as e: - log.warning("Could not derive host_name for {}" - ", $host_name will be empty. Error is: {}".format(host, e)) # in case of error provide empty value host_name = '' return host_name @@ -59,8 +57,6 @@ def resolve_target_fqdn(host): log.debug("derived host_fqdn for host \"{}\": {}".format( host, host_fqdn)) except socket.herror as e: - log.warning("Could not derive host_fqdn for {}" - ", $host_fqdn will be empty. Error is: {}".format(host, e)) # in case of error provide empty value host_fqdn = '' return host_fqdn From 85614aabd6f3abef5af6d362203db956c9d72aa9 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Sun, 28 Jun 2020 16:38:15 +0300 Subject: [PATCH 16/57] [__download] add --download (local|remote), update manual --- .../conf/type/__download/explorer/remote_cmd | 19 +++++++++++++++ cdist/conf/type/__download/gencode-local | 4 +++- cdist/conf/type/__download/gencode-remote | 22 +++++++++++++++-- cdist/conf/type/__download/man.rst | 24 ++++++++++++------- cdist/conf/type/__download/manifest | 6 +++++ .../__download/parameter/default/download | 1 + cdist/conf/type/__download/parameter/optional | 1 + 7 files changed, 65 insertions(+), 12 deletions(-) create mode 100755 cdist/conf/type/__download/explorer/remote_cmd create mode 100755 cdist/conf/type/__download/manifest create mode 100644 cdist/conf/type/__download/parameter/default/download diff --git a/cdist/conf/type/__download/explorer/remote_cmd b/cdist/conf/type/__download/explorer/remote_cmd new file mode 100755 index 00000000..fbd4d84c --- /dev/null +++ b/cdist/conf/type/__download/explorer/remote_cmd @@ -0,0 +1,19 @@ +#!/bin/sh -e + +if [ -f "$__object/parameter/cmd-get" ] +then + cmd="$( cat "$__object/parameter/cmd-get" )" + +elif command -v curl > /dev/null +then + cmd="curl -o - '%s'" + +elif command -v fetch > /dev/null +then + cmd="fetch -o - '%s'" + +else + cmd="wget -O - '%s'" +fi + +echo "$cmd" diff --git a/cdist/conf/type/__download/gencode-local b/cdist/conf/type/__download/gencode-local index 85ef3a60..339827c2 100755 --- a/cdist/conf/type/__download/gencode-local +++ b/cdist/conf/type/__download/gencode-local @@ -1,8 +1,10 @@ #!/bin/sh -e +download="$( cat "$__object/parameter/download" )" + state_is="$( cat "$__object/explorer/state" )" -if [ "$state_is" = 'present' ] +if [ "$download" != 'local' ] || [ "$state_is" = 'present' ] then exit 0 fi diff --git a/cdist/conf/type/__download/gencode-remote b/cdist/conf/type/__download/gencode-remote index b08d0050..89ba72af 100755 --- a/cdist/conf/type/__download/gencode-remote +++ b/cdist/conf/type/__download/gencode-remote @@ -1,7 +1,25 @@ #!/bin/sh -e -if [ -f "$__object/parameter/onchange" ] \ - && grep -Fq "$__object_id:downloaded" "$__messages_in" +download="$( cat "$__object/parameter/download" )" + +state_is="$( cat "$__object/explorer/state" )" + +if [ "$download" = 'remote' ] && [ "$state_is" != 'present' ] +then + cmd="$( cat "$__object/explorer/remote_cmd" )" + + url="$( cat "$__object/parameter/url" )" + + dst="/$__object_id" + + printf "$cmd > %s\n" \ + "$url" \ + "$dst" + + echo 'downloaded' > "$__messages_out" +fi + +if [ -f "$__object/parameter/onchange" ] && [ "$state" != "present" ] then cat "$__object/parameter/onchange" fi diff --git a/cdist/conf/type/__download/man.rst b/cdist/conf/type/__download/man.rst index 63a41bc4..c161f4e4 100644 --- a/cdist/conf/type/__download/man.rst +++ b/cdist/conf/type/__download/man.rst @@ -3,26 +3,28 @@ cdist-type__download(7) NAME ---- -cdist-type__download - Download file to local storage and copy it to target host +cdist-type__download - Download a file DESCRIPTION ----------- -You must use persistent storage in target host for destination file -(``$__object_id``) because it will be used for checksum calculation -in order to decide if file must be (re-)downloaded. +Persistent storage for destination file in target host must be used +(``$__object_id``) because it will be used for checksum calculation in +order to decide if file must be (re-)downloaded. -By default type will try to use following locally installed utilities -for downloading (in order): ``wget``, ``curl`` or ``fetch``. +By default type will try to use ``wget``, ``curl`` or ``fetch`` for +downloading. If ``--download remote`` type will fallback to (and +install) ``wget``. -Environment variables like ``{http,https,ftp}_proxy`` etc can be used on -cdist execution (``http_proxy=foo cdist config ...``). +If ``--download local`` (default), then environment variables like +``{http,https,ftp}_proxy`` etc can be used on cdist execution +(``http_proxy=foo cdist config ...``). REQUIRED PARAMETERS ------------------- url - URL from which to download the file. + File's URL. sum Checksum of file going to be downloaded. @@ -35,6 +37,10 @@ onchange OPTIONAL PARAMETERS ------------------- +download + If ``local`` (default), then download file to local storage and copy + it to target host. If ``remote``, then download happens in target. + cmd-get Command used for downloading. Command must output to ``stdout``. diff --git a/cdist/conf/type/__download/manifest b/cdist/conf/type/__download/manifest new file mode 100755 index 00000000..7ec8d86d --- /dev/null +++ b/cdist/conf/type/__download/manifest @@ -0,0 +1,6 @@ +#!/bin/sh -e + +if grep -Eq '^wget' "$__object/explorer/remote_cmd" +then + __package wget +fi diff --git a/cdist/conf/type/__download/parameter/default/download b/cdist/conf/type/__download/parameter/default/download new file mode 100644 index 00000000..40830374 --- /dev/null +++ b/cdist/conf/type/__download/parameter/default/download @@ -0,0 +1 @@ +local diff --git a/cdist/conf/type/__download/parameter/optional b/cdist/conf/type/__download/parameter/optional index 38c0ce4d..838e2fbf 100644 --- a/cdist/conf/type/__download/parameter/optional +++ b/cdist/conf/type/__download/parameter/optional @@ -1,3 +1,4 @@ cmd-get cmd-sum +download onchange From b6bf90e3f1a775ec1bd27a99015107d24a397787 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Sun, 28 Jun 2020 16:43:45 +0300 Subject: [PATCH 17/57] [__download] update manual --- cdist/conf/type/__download/man.rst | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/cdist/conf/type/__download/man.rst b/cdist/conf/type/__download/man.rst index c161f4e4..eafa9dfc 100644 --- a/cdist/conf/type/__download/man.rst +++ b/cdist/conf/type/__download/man.rst @@ -8,15 +8,14 @@ cdist-type__download - Download a file DESCRIPTION ----------- -Persistent storage for destination file in target host must be used -(``$__object_id``) because it will be used for checksum calculation in -order to decide if file must be (re-)downloaded. +Destination (``$__object_id``) in target host must be persistent storage +in order to calculate checksum and decide if file must be (re-)downloaded. -By default type will try to use ``wget``, ``curl`` or ``fetch`` for -downloading. If ``--download remote`` type will fallback to (and -install) ``wget``. +By default type will try to use ``wget``, ``curl`` or ``fetch``. +If download happens in target (see ``--download``) then type will +fallback to (and install) ``wget``. -If ``--download local`` (default), then environment variables like +If download happens in local machine, then environment variables like ``{http,https,ftp}_proxy`` etc can be used on cdist execution (``http_proxy=foo cdist config ...``). From a263fdfe584bbba467086a3b2da3dfdd58ccc7fe Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Wed, 2 Oct 2019 17:52:20 +0200 Subject: [PATCH 18/57] [__hosts] Add --alias parameter The --alias parameter allows to specify a hostname and multiple aliases on a single /etc/hosts line. --- cdist/conf/type/__hosts/man.rst | 17 +++++++--- cdist/conf/type/__hosts/manifest | 34 ++++++++++++------- .../type/__hosts/parameter/optional_multiple | 1 + 3 files changed, 35 insertions(+), 17 deletions(-) create mode 100644 cdist/conf/type/__hosts/parameter/optional_multiple diff --git a/cdist/conf/type/__hosts/man.rst b/cdist/conf/type/__hosts/man.rst index bece7967..1ac706cb 100644 --- a/cdist/conf/type/__hosts/man.rst +++ b/cdist/conf/type/__hosts/man.rst @@ -25,6 +25,10 @@ ip state is ``present``, this parameter is mandatory, if state is ``absent``, this parameter is silently ignored. +alias + An alias for the hostname. + This parameter can be specified multiple times (once per alias). + EXAMPLES -------- @@ -36,6 +40,8 @@ EXAMPLES # previously configured via __hosts. __hosts happy --state absent + __hosts srv1.example.com --ip 192.168.0.42 --alias srv1 + SEE ALSO -------- @@ -43,13 +49,14 @@ SEE ALSO AUTHORS ------- - -Dmitry Bogatov +| Dmitry Bogatov +| Dennis Camera COPYING ------- -Copyright (C) 2015,2016 Dmitry Bogatov. Free use of this software is granted -under the terms of the GNU General Public License version 3 or later -(GPLv3+). +Copyright \(C) 2015-2016 Dmitry Bogatov, 2019 Dennis Camera. +You can redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either version 3 of +the License, or (at your option) any later version. diff --git a/cdist/conf/type/__hosts/manifest b/cdist/conf/type/__hosts/manifest index c536b83b..0d9e61f8 100755 --- a/cdist/conf/type/__hosts/manifest +++ b/cdist/conf/type/__hosts/manifest @@ -1,29 +1,39 @@ #!/bin/sh -e -# Copyright (C) 2015 Bogatov Dmitry # -# This program is free software: you can redistribute it and/or modify +# Copyright (C) 2015 Bogatov Dmitry +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # -# This program is distributed in the hope that it will be useful, +# cdist is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . -set -ue +# -hostname="$__object_id" -state="$(cat "$__object/parameter/state")" +set -e -u + +hostname=$__object_id +state=$(cat "$__object/parameter/state") marker="# __hosts/$hostname" -set -- "__hosts/$hostname" --file /etc/hosts --state "$state" - -if [ "$state" = absent ] ; then - __line "$@" --regex "$marker" +if [ "$state" = 'absent' ] +then + set -- --regex "$marker" else - ip="$(cat "$__object/parameter/ip")" - __line "$@" --line "$ip $hostname $marker" + ip=$(cat "$__object/parameter/ip") + aliases=$(while read -r a; do printf '\t%s' "$a"; done <"$__object/parameter/alias") + + set -- --line "$(printf '%s\t%s%s %s' \ + "$ip" "$hostname" "$aliases" "$marker")" fi + +__line "__hosts/$hostname" --file /etc/hosts --state "$state" "$@" diff --git a/cdist/conf/type/__hosts/parameter/optional_multiple b/cdist/conf/type/__hosts/parameter/optional_multiple new file mode 100644 index 00000000..d077ed80 --- /dev/null +++ b/cdist/conf/type/__hosts/parameter/optional_multiple @@ -0,0 +1 @@ +alias From 999e7b013449c51b848bb9365205810fc1a80fbd Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Tue, 28 Jan 2020 09:15:56 +0100 Subject: [PATCH 19/57] [type/__user] Fix shadow explorer for OpenBSD --- cdist/conf/type/__user/explorer/shadow | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/cdist/conf/type/__user/explorer/shadow b/cdist/conf/type/__user/explorer/shadow index 73ce0e29..d516ed10 100755 --- a/cdist/conf/type/__user/explorer/shadow +++ b/cdist/conf/type/__user/explorer/shadow @@ -23,18 +23,24 @@ name=$__object_id -case $("$__explorer/os") in - 'freebsd'|'netbsd'|'openbsd') +case $("${__explorer}/os") in + freebsd|netbsd) database='passwd' ;; - # Default to using shadow passwords + openbsd) + database='master.passwd' + ;; *) + # Default to using shadow passwords database='shadow' ;; esac -if command -v getent >/dev/null; then - getent "$database" "$name" || true -elif [ -f /etc/shadow ]; then - grep "^${name}:" /etc/shadow || true +if command -v getent >/dev/null 2>&1 +then + getent "${database}" "${name}" 2>/dev/null && exit || true # fallback to file +fi +if test -n "${database}" -a -f "/etc/${database}" +then + grep -e "^${name}:" "/etc/${database}" && exit || true # ignore failure fi From 6467ccbdccd380c11e37e747216bfc3aabc1b776 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Tue, 30 Jun 2020 14:31:11 +0200 Subject: [PATCH 20/57] [type/__user] Make shellcheck happy --- cdist/conf/type/__user/explorer/shadow | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__user/explorer/shadow b/cdist/conf/type/__user/explorer/shadow index d516ed10..32496ee7 100755 --- a/cdist/conf/type/__user/explorer/shadow +++ b/cdist/conf/type/__user/explorer/shadow @@ -38,9 +38,10 @@ esac if command -v getent >/dev/null 2>&1 then + # shellcheck disable=SC2015 getent "${database}" "${name}" 2>/dev/null && exit || true # fallback to file fi if test -n "${database}" -a -f "/etc/${database}" then - grep -e "^${name}:" "/etc/${database}" && exit || true # ignore failure + grep -e "^${name}:" "/etc/${database}" || true # ignore failure fi From 3860f1feeaa2844191eeea84444963818bb42c4b Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Fri, 26 Jun 2020 14:33:16 +0200 Subject: [PATCH 21/57] [type/{__file/__directory}] Support setuid,setguid,sticky bits --- cdist/conf/type/__directory/explorer/stat | 17 +++++++++-------- cdist/conf/type/__directory/gencode-remote | 4 ++-- cdist/conf/type/__file/explorer/stat | 14 +++++++------- cdist/conf/type/__file/gencode-remote | 4 ++-- 4 files changed, 20 insertions(+), 19 deletions(-) diff --git a/cdist/conf/type/__directory/explorer/stat b/cdist/conf/type/__directory/explorer/stat index 105d894f..a7dc8431 100755 --- a/cdist/conf/type/__directory/explorer/stat +++ b/cdist/conf/type/__directory/explorer/stat @@ -33,7 +33,7 @@ fallback() { group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) mode_text=$(echo "$ls_line" | awk '{ print $1 }') - mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }') + mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[st]/)*2^(9+i/3)}printf("%04o",k)}') printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\n' \ "$("$__type_explorer/type")" \ @@ -51,13 +51,14 @@ then exit fi -case $("$__explorer/os") in - "freebsd"|"netbsd"|"openbsd"|"macosx") - stat -f "type: %HT +case $("$__explorer/os") +in + freebsd|netbsd|openbsd|macosx) + stat -f 'type: %HT owner: %Du %Su group: %Dg %Sg -mode: %Lp %Sp -" "$destination" | awk '/^type/ { print tolower($0); next } { print }' +mode: %Mp%03Lp %Sp +' "$destination" | awk '/^type/ { print tolower($0); next } { print }' ;; solaris) ls1="$( ls -ld "$destination" )" @@ -92,9 +93,9 @@ mode: %Lp %Sp # NOTE: Do not use --printf here as it is not supported by BusyBox stat. # NOTE: BusyBox's stat might not support the "-c" option, in which case # we fall through to the shell fallback. - stat -c "type: %F + stat -c 'type: %F owner: %u %U group: %g %G -mode: %a %A" "$destination" 2>/dev/null || fallback +mode: %04a %A' "$destination" 2>/dev/null || fallback ;; esac diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote index a1a32ea2..2c2c56fd 100755 --- a/cdist/conf/type/__directory/gencode-remote +++ b/cdist/conf/type/__directory/gencode-remote @@ -97,9 +97,9 @@ case "$state_should" in value_should="$(cat "$__object/parameter/$attribute")" value_is="$(get_current_value "$attribute" "$value_should")" - # change 0xxx format to xxx format => same as stat returns + # format mode in four digits => same as stat returns if [ "$attribute" = mode ]; then - value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')" + value_should=$(printf '%04u' "${value_should}") fi if [ "$set_attributes" = 1 ] || [ "$value_should" != "$value_is" ]; then diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat index 91c8cc84..231768f6 100755 --- a/cdist/conf/type/__file/explorer/stat +++ b/cdist/conf/type/__file/explorer/stat @@ -34,7 +34,7 @@ fallback() { group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) mode_text=$(echo "$ls_line" | awk '{ print $1 }') - mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }') + mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[st]/)*2^(9+i/3)}printf("%04o",k)}') size=$(echo "$ls_line" | awk '{ print $5 }') links=$(echo "$ls_line" | awk '{ print $2 }') @@ -63,13 +63,13 @@ fi case $("$__explorer/os") in freebsd|netbsd|openbsd|macosx) - stat -f "type: %HT + stat -f 'type: %HT owner: %Du %Su group: %Dg %Sg -mode: %Lp %Sp +mode: %Mp%03Lp %Sp size: %Dz links: %Dl -" "$destination" | awk '/^type/ { print tolower($0); next } { print }' +' "$destination" | awk '/^type/ { print tolower($0); next } { print }' ;; solaris) ls1="$( ls -ld "$destination" )" @@ -106,11 +106,11 @@ links: %Dl # NOTE: Do not use --printf here as it is not supported by BusyBox stat. # NOTE: BusyBox's stat might not support the "-c" option, in which case # we fall through to the shell fallback. - stat -c "type: %F + stat -c 'type: %F owner: %u %U group: %g %G -mode: %a %A +mode: %04a %A size: %s -links: %h" "$destination" 2>/dev/null || fallback +links: %h' "$destination" 2>/dev/null || fallback ;; esac diff --git a/cdist/conf/type/__file/gencode-remote b/cdist/conf/type/__file/gencode-remote index 815593bd..a69154df 100755 --- a/cdist/conf/type/__file/gencode-remote +++ b/cdist/conf/type/__file/gencode-remote @@ -68,9 +68,9 @@ case "$state_should" in if [ -f "$__object/parameter/$attribute" ]; then value_should="$(cat "$__object/parameter/$attribute")" - # change 0xxx format to xxx format => same as stat returns + # format mode in four digits => same as stat returns if [ "$attribute" = mode ]; then - value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')" + value_should=$(printf '%04u' "${value_should}") fi value_is="$(get_current_value "$attribute" "$value_should")" From 88400551f9490a4f8dc9b918e962e5ab3bba1286 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Tue, 30 Jun 2020 23:59:45 +0200 Subject: [PATCH 22/57] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index f1713d3b..b823421b 100644 --- a/docs/changelog +++ b/docs/changelog @@ -5,6 +5,8 @@ next: * New type: __download (Ander Punnar) * Type __locale_system: Add devuan support (Dennis Camera) * Type __package_opkg: Add locking (Dennis Camera) + * Type __hosts: Add --alias parameter (Dennis Camera) + * Type __user: Fix shadow explorer for OpenBSD (Dennis Camera) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From fe193ecab8addf9b1c5b6d3c06c11ae9f9803378 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Wed, 1 Jul 2020 14:05:45 +0200 Subject: [PATCH 23/57] Make code consistent * Remove supreflous checking and warning message. * Fix cache recording. --- cdist/emulator.py | 65 +++++++++++++++-------------------------------- 1 file changed, 21 insertions(+), 44 deletions(-) diff --git a/cdist/emulator.py b/cdist/emulator.py index adbcbd9d..9fe84056 100644 --- a/cdist/emulator.py +++ b/cdist/emulator.py @@ -91,10 +91,6 @@ class Emulator: self.type_name = os.path.basename(argv[0]) self.cdist_type = core.CdistType(self.type_base_path, self.type_name) - # If set then object alreay exists and this var holds existing - # requirements. - self._existing_reqs = None - self.__init_log() def run(self): @@ -230,9 +226,6 @@ class Emulator: self.parameters[key] = value if self.cdist_object.exists and 'CDIST_OVERRIDE' not in self.env: - # Make existing requirements a set so that we can compare it - # later with new requirements. - self._existing_reqs = set(self.cdist_object.requirements) obj_params = self._object_params_in_context() if obj_params != self.parameters: errmsg = ("Object %s already exists with conflicting " @@ -251,23 +244,26 @@ class Emulator: else: self.cdist_object.create() self.cdist_object.parameters = self.parameters - # record the created object in typeorder file - with open(self.typeorder_path, 'a') as typeorderfile: - print(self.cdist_object.name, file=typeorderfile) - # record the created object in parent object typeorder file - __object_name = self.env.get('__object_name', None) - depname = self.cdist_object.name - if __object_name: - parent = self.cdist_object.object_from_name(__object_name) - parent.typeorder.append(self.cdist_object.name) - if self._order_dep_on(): - self.log.trace(('[ORDER_DEP] Adding %s to typeorder dep' - ' for %s'), depname, parent.name) - parent.typeorder_dep.append(depname) - elif self._order_dep_on(): - self.log.trace('[ORDER_DEP] Adding %s to global typeorder dep', - depname) - self._add_typeorder_dep(depname) + # Do the following recording even if object exists, but with + # different requirements. + + # record the created object in typeorder file + with open(self.typeorder_path, 'a') as typeorderfile: + print(self.cdist_object.name, file=typeorderfile) + # record the created object in parent object typeorder file + __object_name = self.env.get('__object_name', None) + depname = self.cdist_object.name + if __object_name: + parent = self.cdist_object.object_from_name(__object_name) + parent.typeorder.append(self.cdist_object.name) + if self._order_dep_on(): + self.log.trace(('[ORDER_DEP] Adding %s to typeorder dep' + ' for %s'), depname, parent.name) + parent.typeorder_dep.append(depname) + elif self._order_dep_on(): + self.log.trace('[ORDER_DEP] Adding %s to global typeorder dep', + depname) + self._add_typeorder_dep(depname) # Record / Append source self.cdist_object.source.append(self.object_source) @@ -322,8 +318,6 @@ class Emulator: # This ensures pattern matching is done against sanitised list self.cdist_object.requirements.append(cdist_object.name) - return cdist_object.name - def _order_dep_on(self): return os.path.exists(self.order_dep_state_path) @@ -392,7 +386,6 @@ class Emulator: # so do not set a requirement pass - reqs = set() if "require" in self.env: requirements = self.env['require'] self.log.debug("reqs = " + requirements) @@ -400,23 +393,7 @@ class Emulator: # Ignore empty fields - probably the only field anyway if len(requirement) == 0: continue - object_name = self.record_requirement(requirement) - reqs.add(object_name) - if self._existing_reqs is not None: - # If object exists then compare existing and new requirements. - if self._existing_reqs != reqs: - warnmsg = ("Object {} already exists with requirements:\n" - "{}: {}\n" - "{}: {}\n" - "Dependency resolver could not handle dependencies " - "as expected.".format( - self.cdist_object.name, - " ".join(self.cdist_object.source), - self._existing_reqs, - self.object_source, - reqs - )) - self.log.warning(warnmsg) + self.record_requirement(requirement) def record_auto_requirements(self): """An object shall automatically depend on all objects that it From 93506d2113e1d05202527639efe883a5b44b220d Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Wed, 8 Jul 2020 00:17:12 +0300 Subject: [PATCH 24/57] [__download] curl follow redirects --- cdist/conf/type/__download/explorer/remote_cmd | 2 +- cdist/conf/type/__download/gencode-local | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__download/explorer/remote_cmd b/cdist/conf/type/__download/explorer/remote_cmd index fbd4d84c..e3e35b45 100755 --- a/cdist/conf/type/__download/explorer/remote_cmd +++ b/cdist/conf/type/__download/explorer/remote_cmd @@ -6,7 +6,7 @@ then elif command -v curl > /dev/null then - cmd="curl -o - '%s'" + cmd="curl -L -o - '%s'" elif command -v fetch > /dev/null then diff --git a/cdist/conf/type/__download/gencode-local b/cdist/conf/type/__download/gencode-local index 339827c2..571d2c3c 100755 --- a/cdist/conf/type/__download/gencode-local +++ b/cdist/conf/type/__download/gencode-local @@ -25,7 +25,7 @@ then elif command -v curl > /dev/null then - cmd="curl -o - '%s'" + cmd="curl -L -o - '%s'" elif command -v fetch > /dev/null then From e9062662868d7677a235889ba39a6091085388f0 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Wed, 8 Jul 2020 00:20:55 +0300 Subject: [PATCH 25/57] [__download] s/variable/format specification/ --- cdist/conf/type/__download/man.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__download/man.rst b/cdist/conf/type/__download/man.rst index eafa9dfc..6ec0b19a 100644 --- a/cdist/conf/type/__download/man.rst +++ b/cdist/conf/type/__download/man.rst @@ -44,14 +44,14 @@ cmd-get Command used for downloading. Command must output to ``stdout``. Parameter will be used for ``printf`` and must include only one - variable ``%s`` which will become URL. + format specification ``%s`` which will become URL. For example: ``wget -O - '%s'``. cmd-sum Command used for checksum calculation. Command output and ``--sum`` parameter must match. Parameter will be used for ``printf`` and must include only one - variable ``%s`` which will become destination. + format specification ``%s`` which will become destination. For example: ``md5sum '%s' | awk '{print $1}'``. From cb9933b4a0d343a059899101810b6ee86fc87dbc Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Wed, 8 Jul 2020 12:43:55 +0200 Subject: [PATCH 26/57] Fix state -> state_is --- cdist/conf/type/__download/gencode-remote | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__download/gencode-remote b/cdist/conf/type/__download/gencode-remote index 89ba72af..029a0801 100755 --- a/cdist/conf/type/__download/gencode-remote +++ b/cdist/conf/type/__download/gencode-remote @@ -19,7 +19,7 @@ then echo 'downloaded' > "$__messages_out" fi -if [ -f "$__object/parameter/onchange" ] && [ "$state" != "present" ] +if [ -f "$__object/parameter/onchange" ] && [ "$state_is" != "present" ] then cat "$__object/parameter/onchange" fi From b8752e9ee390e983c1ce6467761aca8101b6548d Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 10 Jul 2020 21:03:35 +0200 Subject: [PATCH 27/57] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index b823421b..54c42bde 100644 --- a/docs/changelog +++ b/docs/changelog @@ -7,6 +7,7 @@ next: * Type __package_opkg: Add locking (Dennis Camera) * Type __hosts: Add --alias parameter (Dennis Camera) * Type __user: Fix shadow explorer for OpenBSD (Dennis Camera) + * Core: Make emulator-part code consistent; remove faulty warning (Darko Poljak) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From a5ae26116bd611fcab76c0383998fb4b05f1ae1d Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 11 Jul 2020 18:57:47 +0200 Subject: [PATCH 28/57] [type/__hosts] Fix when used without --alias --- cdist/conf/type/__hosts/manifest | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/cdist/conf/type/__hosts/manifest b/cdist/conf/type/__hosts/manifest index 0d9e61f8..8103ebd5 100755 --- a/cdist/conf/type/__hosts/manifest +++ b/cdist/conf/type/__hosts/manifest @@ -19,21 +19,24 @@ # along with this program. If not, see . # -set -e -u +set -e hostname=$__object_id -state=$(cat "$__object/parameter/state") -marker="# __hosts/$hostname" +state=$(cat "${__object}/parameter/state") +marker="# __hosts/${hostname}" -if [ "$state" = 'absent' ] +if test "${state}" != 'absent' then - set -- --regex "$marker" -else - ip=$(cat "$__object/parameter/ip") - aliases=$(while read -r a; do printf '\t%s' "$a"; done <"$__object/parameter/alias") + ip=$(cat "${__object}/parameter/ip") + if test -s "${__object}/parameter/alias" + then + aliases=$(while read -r a; do printf '\t%s' "$a"; done <"$__object/parameter/alias") + fi set -- --line "$(printf '%s\t%s%s %s' \ - "$ip" "$hostname" "$aliases" "$marker")" + "${ip}" "${hostname}" "${aliases}" "${marker}")" +else + set -- --regex "$(echo "${marker}" | sed -e 's/\./\\./')$" fi -__line "__hosts/$hostname" --file /etc/hosts --state "$state" "$@" +__line "/etc/hosts:${hostname}" --file /etc/hosts --state "${state}" "$@" From 19514662b022c79c4e6a56573c32dad45055310c Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 12 Jul 2020 12:24:00 +0200 Subject: [PATCH 29/57] [type/{__file/__directory}] Fix typo --- cdist/conf/type/__directory/explorer/stat | 2 +- cdist/conf/type/__file/explorer/stat | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__directory/explorer/stat b/cdist/conf/type/__directory/explorer/stat index a7dc8431..422c5819 100755 --- a/cdist/conf/type/__directory/explorer/stat +++ b/cdist/conf/type/__directory/explorer/stat @@ -30,7 +30,7 @@ fallback() { gid=$(echo "$ls_line" | awk '{ print $4 }') owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd) - group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) + group=$(awk -F: -v gid="$gid" '$3 == gid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) mode_text=$(echo "$ls_line" | awk '{ print $1 }') mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[st]/)*2^(9+i/3)}printf("%04o",k)}') diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat index 231768f6..3f971488 100755 --- a/cdist/conf/type/__file/explorer/stat +++ b/cdist/conf/type/__file/explorer/stat @@ -31,7 +31,7 @@ fallback() { gid=$(echo "$ls_line" | awk '{ print $4 }') owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd) - group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) + group=$(awk -F: -v gid="$gid" '$3 == gid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) mode_text=$(echo "$ls_line" | awk '{ print $1 }') mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[st]/)*2^(9+i/3)}printf("%04o",k)}') From 9fb7e151b889214576cb891595a68ca8c6196d45 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 12 Jul 2020 12:31:55 +0200 Subject: [PATCH 30/57] [type/{__file/__directory}] Remove special Solaris blocks Solaris 11 has GNU stat (handled by *) Solaris 10 (and older?) does not have stat (handled by failing command -v stat) On Solaris 10 (at least on UFS), setgid cannot be set on directories. Unlike on other systems `chmod 2400` is not `-r----S---`, but `-r----l---`. --- cdist/conf/type/__directory/explorer/stat | 40 +++-------------------- cdist/conf/type/__file/explorer/stat | 40 +++-------------------- 2 files changed, 9 insertions(+), 71 deletions(-) diff --git a/cdist/conf/type/__directory/explorer/stat b/cdist/conf/type/__directory/explorer/stat index 422c5819..f817cb02 100755 --- a/cdist/conf/type/__directory/explorer/stat +++ b/cdist/conf/type/__directory/explorer/stat @@ -33,7 +33,7 @@ fallback() { group=$(awk -F: -v gid="$gid" '$3 == gid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) mode_text=$(echo "$ls_line" | awk '{ print $1 }') - mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[st]/)*2^(9+i/3)}printf("%04o",k)}') + mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[lst]/)*2^(9+i/3)}printf("%04o",k)}') printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\n' \ "$("$__type_explorer/type")" \ @@ -45,11 +45,10 @@ fallback() { # nothing to work with, nothing we could do [ -e "$destination" ] || exit 0 -if ! command -v stat >/dev/null -then +command -v stat >/dev/null 2>&1 || { fallback exit -fi +} case $("$__explorer/os") in @@ -60,42 +59,13 @@ group: %Dg %Sg mode: %Mp%03Lp %Sp ' "$destination" | awk '/^type/ { print tolower($0); next } { print }' ;; - solaris) - ls1="$( ls -ld "$destination" )" - ls2="$( ls -ldn "$destination" )" - - if [ -f "$__object/parameter/mode" ] - then mode_should="$( cat "$__object/parameter/mode" )" - fi - - # yes, it is ugly hack, but if you know better way... - if [ -z "$( find "$destination" -perm "$mode_should" )" ] - then octets=888 - else octets="$( echo "$mode_should" | sed 's/^0//' )" - fi - - case "$( echo "$ls1" | cut -c1-1 )" in - -) echo 'type: regular file' ;; - d) echo 'type: directory' ;; - esac - - echo "owner: $( echo "$ls2" \ - | awk '{print $3}' ) $( echo "$ls1" \ - | awk '{print $3}' )" - - echo "group: $( echo "$ls2" \ - | awk '{print $4}' ) $( echo "$ls1" \ - | awk '{print $4}' )" - - echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )" - ;; *) # NOTE: Do not use --printf here as it is not supported by BusyBox stat. # NOTE: BusyBox's stat might not support the "-c" option, in which case # we fall through to the shell fallback. - stat -c 'type: %F + stat -c 'type: %F owner: %u %U group: %g %G mode: %04a %A' "$destination" 2>/dev/null || fallback - ;; + ;; esac diff --git a/cdist/conf/type/__file/explorer/stat b/cdist/conf/type/__file/explorer/stat index 3f971488..29b3c8a3 100755 --- a/cdist/conf/type/__file/explorer/stat +++ b/cdist/conf/type/__file/explorer/stat @@ -34,7 +34,7 @@ fallback() { group=$(awk -F: -v gid="$gid" '$3 == gid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group) mode_text=$(echo "$ls_line" | awk '{ print $1 }') - mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[st]/)*2^(9+i/3)}printf("%04o",k)}') + mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[lst]/)*2^(9+i/3)}printf("%04o",k)}') size=$(echo "$ls_line" | awk '{ print $5 }') links=$(echo "$ls_line" | awk '{ print $2 }') @@ -53,11 +53,10 @@ fallback() { [ -e "$destination" ] || exit 0 -if ! command -v stat >/dev/null -then +command -v stat >/dev/null 2>&1 || { fallback exit -fi +} case $("$__explorer/os") @@ -71,37 +70,6 @@ size: %Dz links: %Dl ' "$destination" | awk '/^type/ { print tolower($0); next } { print }' ;; - solaris) - ls1="$( ls -ld "$destination" )" - ls2="$( ls -ldn "$destination" )" - - if [ -f "$__object/parameter/mode" ] - then mode_should="$( cat "$__object/parameter/mode" )" - fi - - # yes, it is ugly hack, but if you know better way... - if [ -z "$( find "$destination" -perm "$mode_should" )" ] - then octets=888 - else octets="$( echo "$mode_should" | sed 's/^0//' )" - fi - - case "$( echo "$ls1" | cut -c1-1 )" in - -) echo 'type: regular file' ;; - d) echo 'type: directory' ;; - esac - - echo "owner: $( echo "$ls2" \ - | awk '{print $3}' ) $( echo "$ls1" \ - | awk '{print $3}' )" - - echo "group: $( echo "$ls2" \ - | awk '{print $4}' ) $( echo "$ls1" \ - | awk '{print $4}' )" - - echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )" - echo "size: $( echo "$ls1" | awk '{print $5}' )" - echo "links: $( echo "$ls1" | awk '{print $2}' )" - ;; *) # NOTE: Do not use --printf here as it is not supported by BusyBox stat. # NOTE: BusyBox's stat might not support the "-c" option, in which case @@ -112,5 +80,5 @@ group: %g %G mode: %04a %A size: %s links: %h' "$destination" 2>/dev/null || fallback - ;; + ;; esac From bc970731316a59c21f8aa784fb27f1fa1b13ab89 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 13 Jul 2020 05:44:26 +0000 Subject: [PATCH 31/57] Merge branch 'bugfix/postfix-master-option' into '6.6' Fix broken --option parameter in __postfix_master type See merge request ungleich-public/cdist!905 (cherry picked from commit 2f433a1458f3a1f7f8859e9ae165178a0ec5b7a0) 9496b234 The option parameter is actually multi-valued 4009bbd7 Protect postfix variables in options --- cdist/conf/type/__postfix_master/gencode-remote | 2 +- cdist/conf/type/__postfix_master/parameter/optional | 1 - cdist/conf/type/__postfix_master/parameter/optional_multiple | 1 + 3 files changed, 2 insertions(+), 2 deletions(-) create mode 100644 cdist/conf/type/__postfix_master/parameter/optional_multiple diff --git a/cdist/conf/type/__postfix_master/gencode-remote b/cdist/conf/type/__postfix_master/gencode-remote index 7c109a69..73de1088 100755 --- a/cdist/conf/type/__postfix_master/gencode-remote +++ b/cdist/conf/type/__postfix_master/gencode-remote @@ -67,7 +67,7 @@ case "$state_should" in remove_entry fi cat << DONE -cat >> "$config" << ${__type##*/}_DONE +cat >> "$config" << "${__type##*/}_DONE" $(cat "$entry") ${__type##*/}_DONE DONE diff --git a/cdist/conf/type/__postfix_master/parameter/optional b/cdist/conf/type/__postfix_master/parameter/optional index 792b42c5..410482b8 100644 --- a/cdist/conf/type/__postfix_master/parameter/optional +++ b/cdist/conf/type/__postfix_master/parameter/optional @@ -4,6 +4,5 @@ unpriv chroot wakeup maxproc -option comment state diff --git a/cdist/conf/type/__postfix_master/parameter/optional_multiple b/cdist/conf/type/__postfix_master/parameter/optional_multiple new file mode 100644 index 00000000..01925a15 --- /dev/null +++ b/cdist/conf/type/__postfix_master/parameter/optional_multiple @@ -0,0 +1 @@ +option From 8903540e9106db93e490515c07929a207326be77 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 13 Jul 2020 07:54:12 +0200 Subject: [PATCH 32/57] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index 54c42bde..dac9cbce 100644 --- a/docs/changelog +++ b/docs/changelog @@ -8,6 +8,8 @@ next: * Type __hosts: Add --alias parameter (Dennis Camera) * Type __user: Fix shadow explorer for OpenBSD (Dennis Camera) * Core: Make emulator-part code consistent; remove faulty warning (Darko Poljak) + * Types __file, __directory: Support setuid, setguid, sticky bits (Dennis Camera) + * Type __postfix_master: Fix --option parameter and option expansion (Daniel Fancsali) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From 3965c7f73844873aabb1d839b2298eed70a6b35c Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Tue, 21 Jul 2020 19:42:40 +0200 Subject: [PATCH 33/57] [type/__user] Install user{add,mod,del} packages on OpenWrt --- cdist/conf/type/__user/manifest | 42 +++++++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 10 deletions(-) diff --git a/cdist/conf/type/__user/manifest b/cdist/conf/type/__user/manifest index 8f10b38c..b9fad65b 100644 --- a/cdist/conf/type/__user/manifest +++ b/cdist/conf/type/__user/manifest @@ -1,6 +1,7 @@ #!/bin/sh -e # # 2019 Nico Schottelius (nico-cdist at schottelius.org) +# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -17,16 +18,37 @@ # You should have received a copy of the GNU General Public License # along with cdist. If not, see . # -# # Manage users. +# -os=$(cat "$__global/explorer/os") - -case "$os" in - alpine) - __package shadow - ;; - *) - : - ;; +case $(cat "${__global}/explorer/os") +in + (alpine) + __package shadow + ;; + (openwrt) + case $(cat "${__object}/parameter/state") + in + (present) + if test -s "${__object}/explorer/passwd" + then + # NOTE: The package might not be required if no changes + # are required, but determining if changes are required is + # out of scope here, and 40k should be okay, I hope. + __package shadow-usermod + else + __package shadow-useradd + fi + ;; + (absent) + if test -s "${__object}/explorer/passwd" + then + __package shadow-userdel + fi + ;; + esac + ;; + (*) + : + ;; esac From d8b5c733f6cec871ceb1933807f4877a4ee77ffa Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Wed, 22 Jul 2020 06:36:27 +0200 Subject: [PATCH 34/57] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index dac9cbce..040de9d8 100644 --- a/docs/changelog +++ b/docs/changelog @@ -10,6 +10,7 @@ next: * Core: Make emulator-part code consistent; remove faulty warning (Darko Poljak) * Types __file, __directory: Support setuid, setguid, sticky bits (Dennis Camera) * Type __postfix_master: Fix --option parameter and option expansion (Daniel Fancsali) + * Type __user: Install user packages on OpenWRT (Dennis Camera) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From fdef468f1ab6f2163da22a477df154a2082b57b4 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Wed, 22 Jul 2020 18:28:41 +0200 Subject: [PATCH 35/57] Fix OpenWrt spelling --- docs/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog b/docs/changelog index 040de9d8..4c17ee58 100644 --- a/docs/changelog +++ b/docs/changelog @@ -10,7 +10,7 @@ next: * Core: Make emulator-part code consistent; remove faulty warning (Darko Poljak) * Types __file, __directory: Support setuid, setguid, sticky bits (Dennis Camera) * Type __postfix_master: Fix --option parameter and option expansion (Daniel Fancsali) - * Type __user: Install user packages on OpenWRT (Dennis Camera) + * Type __user: Install user packages on OpenWrt (Dennis Camera) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From 595e43b8d5f06641179c13de8ac04be46c1b2820 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Thu, 23 Jul 2020 09:41:53 +0200 Subject: [PATCH 36/57] [type/{__file,__directory}] Fix incorrect interpretation of strings with leading 0s as octal --- cdist/conf/type/__directory/gencode-remote | 4 +++- cdist/conf/type/__file/gencode-remote | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote index 2c2c56fd..d9c00b56 100755 --- a/cdist/conf/type/__directory/gencode-remote +++ b/cdist/conf/type/__directory/gencode-remote @@ -99,7 +99,9 @@ case "$state_should" in # format mode in four digits => same as stat returns if [ "$attribute" = mode ]; then - value_should=$(printf '%04u' "${value_should}") + # Convert to four-digit octal number (printf interprets + # strings with leading 0s as octal!) + value_should=$(printf '%04o' "0${value_should}") fi if [ "$set_attributes" = 1 ] || [ "$value_should" != "$value_is" ]; then diff --git a/cdist/conf/type/__file/gencode-remote b/cdist/conf/type/__file/gencode-remote index a69154df..35356b13 100755 --- a/cdist/conf/type/__file/gencode-remote +++ b/cdist/conf/type/__file/gencode-remote @@ -70,7 +70,9 @@ case "$state_should" in # format mode in four digits => same as stat returns if [ "$attribute" = mode ]; then - value_should=$(printf '%04u' "${value_should}") + # Convert to four-digit octal number (printf interprets + # strings with leading 0s as octal!) + value_should=$(printf '%04o' "0${value_should}") fi value_is="$(get_current_value "$attribute" "$value_should")" From ae5f0bba0b103aabcfbad0f105c69c0b403697ac Mon Sep 17 00:00:00 2001 From: fnux Date: Fri, 24 Jul 2020 12:26:35 +0200 Subject: [PATCH 37/57] Add Alpine support to __openldap_server --- cdist/conf/type/__openldap_server/man.rst | 4 +-- cdist/conf/type/__openldap_server/manifest | 42 ++++++++++++++++++---- 2 files changed, 38 insertions(+), 8 deletions(-) diff --git a/cdist/conf/type/__openldap_server/man.rst b/cdist/conf/type/__openldap_server/man.rst index fbad21d8..a96c7dad 100644 --- a/cdist/conf/type/__openldap_server/man.rst +++ b/cdist/conf/type/__openldap_server/man.rst @@ -103,8 +103,8 @@ syncrepl-host Set once per host that will replicate the directory. module - LDAP module to load. See `slapd.conf(5)`. - Default value is OS-dependent, see manifest. + LDAP module to load. See `slapd.conf(5)`. Some dependencies might have to + be installed beforehand. Default value is OS-dependent, see manifest. schema Name of LDAP schema to load. Must be the name without extension of a diff --git a/cdist/conf/type/__openldap_server/manifest b/cdist/conf/type/__openldap_server/manifest index 84ba176f..2aeece26 100644 --- a/cdist/conf/type/__openldap_server/manifest +++ b/cdist/conf/type/__openldap_server/manifest @@ -25,6 +25,7 @@ case "${os}" in SLAPD_DATA_DIR="/var/db/openldap-data" SLAPD_RUN_DIR="/var/run/openldap" SLAPD_MODULE_PATH="/usr/local/libexec/openldap" + SLAPD_MODULE_TYPE="la" if [ -z "${slapd_modules}" ]; then # It looks like ppolicy and syncprov must be compiled slapd_modules="back_mdb back_monitor" @@ -43,13 +44,34 @@ case "${os}" in SLAPD_DATA_DIR="/var/lib/ldap" SLAPD_RUN_DIR="/var/run/slapd" SLAPD_MODULE_PATH="/usr/lib/ldap" + SLAPD_MODULE_TYPE="la" if [ -z "${slapd_modules}" ]; then slapd_modules="back_mdb ppolicy syncprov back_monitor" fi + CONF_OWNER="openldap" + CONF_GROUP="openldap" if [ -z "${tls_cipher_suite}" ]; then tls_cipher_suite="NORMAL" fi ;; + alpine) + PKGS="openldap openldap-clients" + ETC="/etc" + SLAPD_DIR="/etc/openldap" + SLAPD_DATA_DIR="/var/lib/openldap" + SLAPD_RUN_DIR="/var/run/openldap" + SLAPD_MODULE_PATH="/usr/lib/openldap" + SLAPD_MODULE_TYPE="so" + if [ -z "${slapd_modules}" ]; then + slapd_modules="back_mdb ppolicy syncprov back_monitor" + PKGS="$PKGS openldap-back-mdb openldap-back-monitor openldap-overlay-all" + fi + CONF_OWNER="ldap" + CONF_GROUP="$SLAPD_USER" + if [ -z "${tls_cipher_suite}" ]; then + tls_cipher_suite="DEFAULT" + fi + ;; *) echo "Don't know the openldap defaults for: $os" >&2 exit 1 @@ -156,6 +178,12 @@ case "${os}" in --line "SLAPD_SERVICES=\"${slapd_urls}\"" \ --state present ;; + alpine) + require="__package/${PKG_MAIN}" __line add_slapd_services \ + --file ${ETC}/conf.d/slapd \ + --line "command_args=\"-h '${slapd_urls}'\"" \ + --state present + ;; *) # Nothing to do here, move on. ;; @@ -170,20 +198,22 @@ if [ -z "${_skip_letsencrypt_cert}" ]; then fi # shellcheck disable=SC2086 - __letsencrypt_cert "${name}" --admin-email "${admin_email}" \ - --renew-hook "cp ${ETC}/letsencrypt/live/${name}/*.pem ${SLAPD_DIR}/sasl2 && chown -R openldap:openldap ${SLAPD_DIR}/sasl2 && service slapd restart" \ - --automatic-renewal ${staging} + __directory ${SLAPD_DIR}/sasl2 + require="__directory/${SLAPD_DIR}/sasl2" __letsencrypt_cert "${name}" \ + --admin-email "${admin_email}" \ + --renew-hook "cp ${ETC}/letsencrypt/live/${name}/*.pem ${SLAPD_DIR}/sasl2 && chown -R ${CONF_OWNER}:${CONF_GROUP} ${SLAPD_DIR}/sasl2 && service slapd restart" \ + --automatic-renewal "${staging}" fi require="__package/${PKG_MAIN}" __directory ${SLAPD_DIR}/slapd.d --state absent if [ -z "${_skip_letsencrypt_cert}" ]; then require="__package/${PKG_MAIN} __letsencrypt_cert/${name}" \ - __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \ + __file "${SLAPD_DIR}/slapd.conf" --owner "${CONF_OWNER}" --group "${CONF_GROUP}" --mode 644 \ --source "${ldapconf}" else require="__package/${PKG_MAIN}" \ - __file ${SLAPD_DIR}/slapd.conf --owner ${CONF_OWNER} --group ${CONF_GROUP} --mode 644 \ + __file "${SLAPD_DIR}/slapd.conf" --owner "${CONF_OWNER}" --group "${CONF_GROUP}" --mode 644 \ --source "${ldapconf}" fi @@ -210,7 +240,7 @@ done # Add specified modules echo "modulepath ${SLAPD_MODULE_PATH}" >> "${ldapconf}" for module in ${slapd_modules}; do - echo "moduleload ${module}.la" >> "${ldapconf}" + echo "moduleload ${module}.${SLAPD_MODULE_TYPE}" >> "${ldapconf}" done # Rest of the config From 8654cbe4661762f25cd75c484f28344ce91ec55b Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 24 Jul 2020 12:29:02 +0200 Subject: [PATCH 38/57] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 4c17ee58..0b9b8308 100644 --- a/docs/changelog +++ b/docs/changelog @@ -11,6 +11,7 @@ next: * Types __file, __directory: Support setuid, setguid, sticky bits (Dennis Camera) * Type __postfix_master: Fix --option parameter and option expansion (Daniel Fancsali) * Type __user: Install user packages on OpenWrt (Dennis Camera) + * Type __openldap_server: Add Alpine support (Timothée Floure) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From 8b53f35ffab4e7b74d3fd019e7602c8a05338173 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Fri, 24 Jul 2020 12:33:16 +0200 Subject: [PATCH 39/57] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 0b9b8308..2457e90b 100644 --- a/docs/changelog +++ b/docs/changelog @@ -12,6 +12,7 @@ next: * Type __postfix_master: Fix --option parameter and option expansion (Daniel Fancsali) * Type __user: Install user packages on OpenWrt (Dennis Camera) * Type __openldap_server: Add Alpine support (Timothée Floure) + * Type __pf_apply: Remove deprecated type (Darko Poljak) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From ee71cad047ba0c86343fe8ee9ea2bc79bf950256 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sat, 25 Jul 2020 19:19:38 +0200 Subject: [PATCH 40/57] [type/__package_apt] Fix type for legacy APT versions --no-install-recommends was introduced with Debian 5. The APT::Install-Recommends option gets ignored by old versions and produces no error. --- cdist/conf/type/__package_apt/gencode-remote | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__package_apt/gencode-remote b/cdist/conf/type/__package_apt/gencode-remote index e02564a2..f3d91566 100755 --- a/cdist/conf/type/__package_apt/gencode-remote +++ b/cdist/conf/type/__package_apt/gencode-remote @@ -64,7 +64,7 @@ esac # Hint if we need to avoid questions at some point: # DEBIAN_PRIORITY=critical can reduce the number of questions -aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes --no-install-recommends -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"" +aptget="DEBIAN_FRONTEND=noninteractive apt-get --quiet --yes -o APT::Install-Recommends=0 -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\"" if [ "$state_is" = "$state_should" ]; then if [ -z "$version" ] || [ "$version" = "$version_is" ]; then From 46d09392f08b0659557048c02e109f189ffd85f3 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 19:36:34 +0200 Subject: [PATCH 41/57] [type/__key_value] Get AWK from POSIX PATH This is required here, because Solaris /usr/bin/awk does not support the sub() function. So xpg4 AWK needs to be used. --- cdist/conf/type/__key_value/explorer/state | 4 +++- cdist/conf/type/__key_value/files/remote_script.sh | 5 ++++- cdist/conf/type/__key_value/gencode-remote | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/cdist/conf/type/__key_value/explorer/state b/cdist/conf/type/__key_value/explorer/state index 7b2de1df..d24600af 100755 --- a/cdist/conf/type/__key_value/explorer/state +++ b/cdist/conf/type/__key_value/explorer/state @@ -40,7 +40,9 @@ else fi export key state delimiter value exact_delimiter -awk -f - "$file" <<"AWK_EOF" +awk_bin=$(PATH=$(getconf PATH 2>/dev/null) && command -v awk || echo awk) + +"${awk_bin}" -f - "$file" <<"AWK_EOF" BEGIN { state=ENVIRON["state"] key=ENVIRON["key"] diff --git a/cdist/conf/type/__key_value/files/remote_script.sh b/cdist/conf/type/__key_value/files/remote_script.sh index f7a1add5..faf080cb 100644 --- a/cdist/conf/type/__key_value/files/remote_script.sh +++ b/cdist/conf/type/__key_value/files/remote_script.sh @@ -24,7 +24,10 @@ if [ -f "$file" ]; then else touch "$file" fi -awk -f - "$file" >"$tmpfile" <<"AWK_EOF" + +awk_bin=$(PATH=$(getconf PATH 2>/dev/null) && command -v awk || echo awk) + +"${awk_bin}" -f - "$file" >"$tmpfile" <<"AWK_EOF" BEGIN { # import variables in a secure way .. state=ENVIRON["state"] diff --git a/cdist/conf/type/__key_value/gencode-remote b/cdist/conf/type/__key_value/gencode-remote index 13cc27c7..1174400e 100755 --- a/cdist/conf/type/__key_value/gencode-remote +++ b/cdist/conf/type/__key_value/gencode-remote @@ -25,7 +25,7 @@ state_should="$(cat "$__object/parameter/state")" state_is="$(cat "$__object/explorer/state")" fire_onchange='' -if [ "$state_is" = "$state_should" ]; then +if [ "$state_is" = "$state_should" ]; then exit 0 fi From a5905044365e0f28e793f01e0be0cac8e6b2b379 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Fri, 24 Jul 2020 10:19:10 +0200 Subject: [PATCH 42/57] [type/__locale_system] RedHat systems on systemd use /etc/locale.conf --- cdist/conf/type/__locale_system/manifest | 26 ++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 4a1fdeed..22531a40 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -3,6 +3,7 @@ # 2012-2016 Steven Armstrong (steven-cdist at armstrong.cc) # 2016 Carlos Ortigoza (carlos.ortigoza at ungleich.ch) # 2016 Nico Schottelius (nico.schottelius at ungleich.ch) +# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -32,8 +33,25 @@ case "$os" in archlinux) locale_conf="/etc/locale.conf" ;; - redhat|centos) - locale_conf="/etc/sysconfig/i18n" + centos|redhat|scientific) + # shellcheck source=/dev/null + version_id=$(. "${__global}/explorer/os_release" && echo "${VERSION_ID:-0}") + if expr "${version_id}" '>=' 7 >/dev/null + then + locale_conf="/etc/locale.conf" + else + locale_conf="/etc/sysconfig/i18n" + fi + ;; + fedora) + # shellcheck source=/dev/null + version_id=$(. "${__global}/explorer/os_release" && echo "${VERSION_ID:-0}") + if expr "${version_id}" '>=' 18 >/dev/null + then + locale_conf="/etc/locale.conf" + else + locale_conf="/etc/sysconfig/i18n" + fi ;; *) echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 @@ -47,9 +65,9 @@ __file "$locale_conf" \ --state exists require="__file/$locale_conf" \ - __key_value "$locale_conf:$__object_id" \ +__key_value "$locale_conf:$__object_id" \ --file "$locale_conf" \ --key "$__object_id" \ - --delimiter = \ + --delimiter '=' --exact_delimiter \ --state "$(cat "$__object/parameter/state")" \ --value "$(cat "$__object/parameter/value")" From 47e28fc441187b5deb869f53396eac1ee0f8cbe7 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 12:07:38 +0200 Subject: [PATCH 43/57] [type/__locale_system] Support old Debian derivatives --- cdist/conf/type/__locale_system/manifest | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 22531a40..b9991fa3 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -27,9 +27,29 @@ os=$(cat "$__global/explorer/os") case "$os" in - debian|devuan|ubuntu) + debian) + os_version=$(cat "${__global}/explorer/os_version") + if expr "${os_version}" '>=' 4 >/dev/null + then + # Debian 4 (etch) and later + locale_conf="/etc/default/locale" + else + locale_conf="/etc/environment" + fi + ;; + devuan) locale_conf="/etc/default/locale" ;; + ubuntu) + os_version=$(cat "${__global}/explorer/os_version") + if expr "${os_version}" '>=' 6.10 >/dev/null + then + # Ubuntu 6.10 (edgy) and later + locale_conf="/etc/default/locale" + else + locale_conf="/etc/environment" + fi + ;; archlinux) locale_conf="/etc/locale.conf" ;; @@ -61,7 +81,7 @@ case "$os" in esac __file "$locale_conf" \ - --owner root --group root --mode 644 \ + --owner root --group root --mode 0644 \ --state exists require="__file/$locale_conf" \ From 0ef54a721d6f540f70959df2b7f1321a5688a594 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 12:17:30 +0200 Subject: [PATCH 44/57] [type/__locale_system] Add support for Gentoo Linux --- cdist/conf/type/__locale_system/manifest | 45 ++++++++++++++++++------ 1 file changed, 34 insertions(+), 11 deletions(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index b9991fa3..0049ed5f 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -24,9 +24,19 @@ # Configure system-wide locale by modifying i18n file. # +onchange_cmd= # none, by default +quote_value=false + +catval() { + # shellcheck disable=SC2059 + printf "$($quote_value && echo '"%s"' || echo '%s')" "$(cat "$1")" +} + + os=$(cat "$__global/explorer/os") -case "$os" in +case $os +in debian) os_version=$(cat "${__global}/explorer/os_version") if expr "${os_version}" '>=' 4 >/dev/null @@ -69,10 +79,24 @@ case "$os" in if expr "${version_id}" '>=' 18 >/dev/null then locale_conf="/etc/locale.conf" + quote_value=false else locale_conf="/etc/sysconfig/i18n" fi ;; + gentoo) + case $(cat "${__global}/explorer/init") + in + (*openrc*) + locale_conf="/etc/env.d/02locale" + onchange_cmd="env-update --no-ldconfig" + quote_value=true + ;; + (systemd) + locale_conf="/etc/locale.conf" + ;; + esac + ;; *) echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 echo "Please contribute an implementation for it if you can." >&2 @@ -80,14 +104,13 @@ case "$os" in ;; esac -__file "$locale_conf" \ - --owner root --group root --mode 0644 \ - --state exists +__file "${locale_conf}" --state exists --owner root --group root --mode 0644 -require="__file/$locale_conf" \ -__key_value "$locale_conf:$__object_id" \ - --file "$locale_conf" \ - --key "$__object_id" \ - --delimiter '=' --exact_delimiter \ - --state "$(cat "$__object/parameter/state")" \ - --value "$(cat "$__object/parameter/value")" +require="__file/${locale_conf}" \ +__key_value "${locale_conf}:${__object_id}" \ + --file "${locale_conf}" \ + --key "${__object_id}" \ + --delimiter '=' --exact_delimiter \ + --state "$(cat "${__object}/parameter/state")" \ + --value "$(catval "${__object}/parameter/value")" \ + --onchange "${onchange_cmd}" From 630d987d5f5a40ae783fd9d4ff0a10653fcab04c Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 12:28:20 +0200 Subject: [PATCH 45/57] [type/__locale_system] Add support for Void Linux --- cdist/conf/type/__locale_system/manifest | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 0049ed5f..ff0a8c23 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -97,6 +97,9 @@ in ;; esac ;; + voidlinux) + locale_conf="/etc/locale.conf" + ;; *) echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 echo "Please contribute an implementation for it if you can." >&2 From 0ae0935afafd6b10516e9689c19000ef729d1b9b Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 14:05:36 +0200 Subject: [PATCH 46/57] [type/__locale_system] Add support for SuSE --- cdist/conf/type/__locale_system/manifest | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index ff0a8c23..26d4f7b5 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -24,6 +24,7 @@ # Configure system-wide locale by modifying i18n file. # +key=$__object_id onchange_cmd= # none, by default quote_value=false @@ -97,6 +98,25 @@ in ;; esac ;; + suse) + os_version=$(cat "${__global}/explorer/os_version") + os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)') + + # https://documentation.suse.com/sles/15-SP2/html/SLES-all/cha-suse.html#sec-suse-l10n + if expr "${os_major}" '>=' 15 \& "${os_major}" != 42 + then + # It seems that starting with SuSE 15 the systemd /etc/locale.conf + # is the preferred way to set locales, although + # /etc/sysconfig/language is still available. + # Older documentation doesn't mention /etc/locale.conf, even though + # is it created when localectl is used. + locale_conf="/etc/locale.conf" + else + locale_conf="/etc/sysconfig/language" + quote_value=true + key="RC_${__object_id}" + fi + ;; voidlinux) locale_conf="/etc/locale.conf" ;; @@ -110,9 +130,9 @@ esac __file "${locale_conf}" --state exists --owner root --group root --mode 0644 require="__file/${locale_conf}" \ -__key_value "${locale_conf}:${__object_id}" \ +__key_value "${locale_conf}:${key}" \ --file "${locale_conf}" \ - --key "${__object_id}" \ + --key "${key}" \ --delimiter '=' --exact_delimiter \ --state "$(cat "${__object}/parameter/state")" \ --value "$(catval "${__object}/parameter/value")" \ From cbf22f3b2c8b9d0fef8f6b7b0bf16508f96675b3 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 15:23:55 +0200 Subject: [PATCH 47/57] [type/__locale_system] Add support for Solaris --- cdist/conf/type/__locale_system/manifest | 41 ++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 26d4f7b5..71491fe5 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -33,6 +33,7 @@ catval() { printf "$($quote_value && echo '"%s"' || echo '%s')" "$(cat "$1")" } +state_should=$(cat "${__object}/parameter/state") os=$(cat "$__global/explorer/os") @@ -98,6 +99,39 @@ in ;; esac ;; + solaris) + locale_conf="/etc/default/init" + locale_conf_group="sys" + + if expr "$(cat "${__global}/explorer/os_version")" '>=' 5.11 >/dev/null + then + # mode on Oracle Solaris 11 is actually 0444, + # but the write bit makes sense, IMO + locale_conf_mode=0644 + + # Oracle Solaris 11.2 and later uses SMF to store environment info. + # This is a hack, but I didn't feel like modifying the whole type + # just for some Oracle nonsense. + # 11.3 apparently added nlsadm(1m), but it is missing from 11.2. + # Illumos continues to use /etc/default/init + # NOTE: Remember not to use "cool" POSIX features like -q or -e with + # Solaris grep. + release_regex='Oracle Solaris 11.[2-9][0-9]*' + case $state_should + in + (present) + svccfg_cmd="svccfg -s svc:/system/environment:init setprop environment/${key} = astring: '$(cat "${__object}/parameter/value")'" + ;; + (absent) + svccfg_cmd="svccfg -s svc:/system/environment:init delprop environment/${key}" + ;; + esac + refresh_cmd='svcadm refresh svc:/system/environment' + onchange_cmd="grep '${release_regex}' /etc/release >&- || exit 0; ${svccfg_cmd:-:} && ${refresh_cmd}" + else + locale_conf_mode=0555 + fi + ;; suse) os_version=$(cat "${__global}/explorer/os_version") os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)') @@ -127,13 +161,16 @@ in ;; esac -__file "${locale_conf}" --state exists --owner root --group root --mode 0644 +__file "${locale_conf}" --state exists \ + --owner "${locale_conf_owner:-0}" \ + --group "${locale_conf_group:-0}" \ + --mode "${locale_conf_mode:-0644}" require="__file/${locale_conf}" \ __key_value "${locale_conf}:${key}" \ --file "${locale_conf}" \ --key "${key}" \ --delimiter '=' --exact_delimiter \ - --state "$(cat "${__object}/parameter/state")" \ + --state "${state_should}" \ --value "$(catval "${__object}/parameter/value")" \ --onchange "${onchange_cmd}" From a923e75d9b0054212031507986d3b935d74d52bf Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 18:29:14 +0200 Subject: [PATCH 48/57] [type/__locale_system] Add support for NetBSD --- cdist/conf/type/__locale_system/manifest | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 71491fe5..92af852f 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -99,6 +99,15 @@ in ;; esac ;; + netbsd) + # NetBSD doesn't have a separate configuration file to set locales. + # So the shell login file will have to do. + # "Non-POSIX" shells like csh will not be updated here. + + locale_conf="/etc/profile" + quote_value=true + value="$(catval "${__object}/parameter/value"); export ${key}" + ;; solaris) locale_conf="/etc/default/init" locale_conf_group="sys" @@ -172,5 +181,5 @@ __key_value "${locale_conf}:${key}" \ --key "${key}" \ --delimiter '=' --exact_delimiter \ --state "${state_should}" \ - --value "$(catval "${__object}/parameter/value")" \ + --value "${value:-$(catval "${__object}/parameter/value")}" \ --onchange "${onchange_cmd}" From 511d8c96aa9201049eaafc459a2de9694fe2a4e4 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 19:23:17 +0200 Subject: [PATCH 49/57] [type/__locale_system] Add support for Slackware --- cdist/conf/type/__locale_system/manifest | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 92af852f..180788e6 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -141,6 +141,12 @@ in locale_conf_mode=0555 fi ;; + slackware) + # NOTE: lang.csh (csh config) is ignored here. + locale_conf="/etc/profile.d/lang.sh" + locale_conf_mode=0755 + key="export ${__object_id}" + ;; suse) os_version=$(cat "${__global}/explorer/os_version") os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)') @@ -176,7 +182,7 @@ __file "${locale_conf}" --state exists \ --mode "${locale_conf_mode:-0644}" require="__file/${locale_conf}" \ -__key_value "${locale_conf}:${key}" \ +__key_value "${locale_conf}:${key#export }" \ --file "${locale_conf}" \ --key "${key}" \ --delimiter '=' --exact_delimiter \ From 70d1228dc0c6a3af105f0864b46d7dea806aedc2 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 19:26:45 +0200 Subject: [PATCH 50/57] [type/__locale_system] Add support for FreeBSD --- cdist/conf/type/__locale_system/manifest | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cdist/conf/type/__locale_system/manifest b/cdist/conf/type/__locale_system/manifest index 180788e6..e4286ef6 100755 --- a/cdist/conf/type/__locale_system/manifest +++ b/cdist/conf/type/__locale_system/manifest @@ -99,9 +99,10 @@ in ;; esac ;; - netbsd) - # NetBSD doesn't have a separate configuration file to set locales. - # So the shell login file will have to do. + freebsd|netbsd) + # NetBSD doesn't have a separate configuration file to set locales. + # In FreeBSD locales could be configured via /etc/login.conf but parsing + # that would be annoying, so the shell login file will have to do. # "Non-POSIX" shells like csh will not be updated here. locale_conf="/etc/profile" From 73f1937636bfa59eea0432e3625c0a27cc8171b5 Mon Sep 17 00:00:00 2001 From: Ander Punnar Date: Mon, 27 Jul 2020 06:20:21 +0200 Subject: [PATCH 51/57] [__unpack] no mkdir by default, because destination can be file, but tar needs mkdir andrar needs slash at the end --- cdist/conf/type/__unpack/explorer/state | 37 +++++++++ cdist/conf/type/__unpack/gencode-remote | 75 ++++++++++++++++++ cdist/conf/type/__unpack/man.rst | 79 +++++++++++++++++++ cdist/conf/type/__unpack/manifest | 41 ++++++++++ cdist/conf/type/__unpack/parameter/boolean | 2 + cdist/conf/type/__unpack/parameter/optional | 2 + cdist/conf/type/__unpack/parameter/required | 1 + cdist/conf/type/__unpack/test/README | 3 + .../type/__unpack/test/make-init-manifest.sh | 22 ++++++ .../type/__unpack/test/make-test-files.sh | 44 +++++++++++ 10 files changed, 306 insertions(+) create mode 100755 cdist/conf/type/__unpack/explorer/state create mode 100755 cdist/conf/type/__unpack/gencode-remote create mode 100644 cdist/conf/type/__unpack/man.rst create mode 100755 cdist/conf/type/__unpack/manifest create mode 100644 cdist/conf/type/__unpack/parameter/boolean create mode 100644 cdist/conf/type/__unpack/parameter/optional create mode 100644 cdist/conf/type/__unpack/parameter/required create mode 100644 cdist/conf/type/__unpack/test/README create mode 100755 cdist/conf/type/__unpack/test/make-init-manifest.sh create mode 100755 cdist/conf/type/__unpack/test/make-test-files.sh diff --git a/cdist/conf/type/__unpack/explorer/state b/cdist/conf/type/__unpack/explorer/state new file mode 100755 index 00000000..38bc0978 --- /dev/null +++ b/cdist/conf/type/__unpack/explorer/state @@ -0,0 +1,37 @@ +#!/bin/sh -e + +src="/$__object_id" + +if [ -f "$__object/parameter/sum-file" ] +then + src_sum_was_file="$( cat "$__object/parameter/sum-file" )" +else + src_sum_was_file="$src.cdist__unpack_sum" +fi + +if [ ! -f "$src" ] +then + if [ -n "$__cdist_dry_run" ] + then + echo 'mismatch' + else + echo 'missing' + fi +else + if [ ! -f "$src_sum_was_file" ] + then + echo 'mismatch' + exit 0 + fi + + src_sum_was="$( cat "$src_sum_was_file" )" + + src_sum_is="$( cksum "$src" | awk '{ print $1$2 }' )" + + if [ "$src_sum_was" = "$src_sum_is" ] + then + echo 'match' + else + echo 'mismatch' + fi +fi diff --git a/cdist/conf/type/__unpack/gencode-remote b/cdist/conf/type/__unpack/gencode-remote new file mode 100755 index 00000000..45c7173a --- /dev/null +++ b/cdist/conf/type/__unpack/gencode-remote @@ -0,0 +1,75 @@ +#!/bin/sh -e + +if grep -Eq '^(missing|match)$' "$__object/explorer/state" +then + exit 0 +fi + +os="$( cat "$__global/explorer/os" )" + +src="/$__object_id" + +dst="$( sed 's/\/$//' "$__object/parameter/destination" )" + +cmd='' + +case "$src" in + *.tar|*.tgz|*.tar.*) + cmd="mkdir -p '$dst' && tar --directory='$dst' --extract --file='$src'" + + if [ -f "$__object/parameter/tar-strip" ] + then + tar_strip="$( cat "$__object/parameter/tar-strip" )" + + cmd="$cmd --strip-components=$tar_strip" + fi + ;; + *.7z) + case "$os" in + centos|fedora|redhat) + cmd='7za' + ;; + *) + cmd='7zr' + ;; + esac + + cmd="$cmd e -aoa -o'$dst' '$src'" + ;; + *.bz2) + cmd="bunzip2 --stdout '$src' > '$dst'" + ;; + *.gz) + cmd="gunzip --stdout '$src' > '$dst'" + ;; + *.lzma|*.xz) + cmd="xz --uncompress --stdout '$src' > '$dst'" + ;; + *.rar) + cmd="unrar x -o+ '$src' '$dst/'" + ;; + *.zip) + cmd="unzip -o '$src' -d '$dst'" + ;; +esac + +if [ -f "$__object/parameter/backup-destination" ] +then + echo "if [ -e '$dst' ]; then mv '$dst' '$dst.cdist__unpack_backup_$( date +%s )'; fi" +fi + +echo "$cmd" + +if [ -f "$__object/parameter/sum-file" ] +then + sum_file="$( cat "$__object/parameter/sum-file" )" +else + sum_file="$src.cdist__unpack_sum" +fi + +echo "cksum '$src' | awk '{ print \$1\$2 }' > '$sum_file'" + +if [ ! -f "$__object/parameter/preserve-archive" ] +then + echo "rm -f '$src'" +fi diff --git a/cdist/conf/type/__unpack/man.rst b/cdist/conf/type/__unpack/man.rst new file mode 100644 index 00000000..8fe96e43 --- /dev/null +++ b/cdist/conf/type/__unpack/man.rst @@ -0,0 +1,79 @@ +cdist-type__unpack(7) +===================== + +NAME +---- +cdist-type__unpack - Unpack archives + + +DESCRIPTION +----------- +Unpack ``.tar``, ``.tgz``, ``.tar.*``, ``.7z``, ``.bz2``, ``.gz``, +``.lzma``, ``.xz``, ``.rar`` and ``.zip`` archives. Archive type is +detected by extension. + +To achieve idempotency, checksum file will be created in target. See +``--sum-file`` parameter for details. + + +REQUIRED PARAMETERS +------------------- +destination + Depending on archive format file or directory to where archive + contents will be written. + + +OPTIONAL PARAMETERS +------------------- +sum-file + Override archive's checksum file in target. By default + ``XXX.cdist__unpack_sum`` will be used, where ``XXX`` is source + archive path. This file must be kept in target's persistent storage. + +tar-strip + Tarball specific. See ``man tar`` for ``--strip-components``. + + +OPTIONAL BOOLEAN PARAMETERS +--------------------------- +backup-destination + By default destination file will be overwritten. In case destination + is directory, files from archive will be added to or overwritten in + directory. This parameter moves existing destination to + ``XXX.cdist__unpack_backup_YYY``, where ``XXX`` is destination and + ``YYY`` current UNIX timestamp. + +preserve-archive + Don't delete archive after unpacking. + + +EXAMPLES +-------- + +.. code-block:: sh + + __directory /opt/cpma + + require='__directory/opt/cpma' \ + __download /opt/cpma/cnq3.zip \ + --url https://cdn.playmorepromode.com/files/cnq3/cnq3-1.51.zip \ + --sum md5:46da3021ca9eace277115ec9106c5b46 + + require='__download/opt/cpma/cnq3.zip' \ + __unpack /opt/cpma/cnq3.zip \ + --backup-destination \ + --preserve-archive \ + --destination /opt/cpma/server + + +AUTHORS +------- +Ander Punnar + + +COPYING +------- +Copyright \(C) 2020 Ander Punnar. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__unpack/manifest b/cdist/conf/type/__unpack/manifest new file mode 100755 index 00000000..6bdf5a10 --- /dev/null +++ b/cdist/conf/type/__unpack/manifest @@ -0,0 +1,41 @@ +#!/bin/sh -e + +os="$( cat "$__global/explorer/os" )" + +src="/$__object_id" + +case "$src" in + *.7z) + __package p7zip + ;; + *.bz2) + case "$os" in + freebsd) + # bzip2 is part of freebsd base system + ;; + *) + __package bzip2 + ;; + esac + ;; + *.lzma|*.xz|*.txz) + case "$os" in + debian|ubuntu|devuan) + __package xz-utils + ;; + alpine|centos) + __package xz + ;; + esac + ;; + *.rar) + case "$os" in + debian|ubuntu|devuan|alpine|freebsd) + __package unrar + ;; + esac + ;; + *.zip) + __package unzip + ;; +esac diff --git a/cdist/conf/type/__unpack/parameter/boolean b/cdist/conf/type/__unpack/parameter/boolean new file mode 100644 index 00000000..99dca934 --- /dev/null +++ b/cdist/conf/type/__unpack/parameter/boolean @@ -0,0 +1,2 @@ +backup-destination +preserve-archive diff --git a/cdist/conf/type/__unpack/parameter/optional b/cdist/conf/type/__unpack/parameter/optional new file mode 100644 index 00000000..d136dd0c --- /dev/null +++ b/cdist/conf/type/__unpack/parameter/optional @@ -0,0 +1,2 @@ +sum-file +tar-strip diff --git a/cdist/conf/type/__unpack/parameter/required b/cdist/conf/type/__unpack/parameter/required new file mode 100644 index 00000000..ac459b09 --- /dev/null +++ b/cdist/conf/type/__unpack/parameter/required @@ -0,0 +1 @@ +destination diff --git a/cdist/conf/type/__unpack/test/README b/cdist/conf/type/__unpack/test/README new file mode 100644 index 00000000..54f3972a --- /dev/null +++ b/cdist/conf/type/__unpack/test/README @@ -0,0 +1,3 @@ +./make-test-files.sh +./make-init-manifest.sh | cdist config -i - localhost +sudo find /tmp/cdist__unpack_test/ -type f -exec cat {} \; | sort diff --git a/cdist/conf/type/__unpack/test/make-init-manifest.sh b/cdist/conf/type/__unpack/test/make-init-manifest.sh new file mode 100755 index 00000000..404bc106 --- /dev/null +++ b/cdist/conf/type/__unpack/test/make-init-manifest.sh @@ -0,0 +1,22 @@ +#!/bin/sh -e + +p="$( pwd )" +d=/tmp/cdist__unpack_test + +echo 'export CDIST_ORDER_DEPENDENCY=1' + +echo "__directory $d" + +find "$p" -name 'test.*' -and -not -name '*.cdist__unpack_sum' \ + | sort \ + | while read -r l +do + n="$( basename "$l" )" + + printf '__unpack %s --destination %s/%s\n' \ + "$l" \ + "$d" \ + "$n" +done + +echo "__clean_path $p --pattern '.+/test\..+'" diff --git a/cdist/conf/type/__unpack/test/make-test-files.sh b/cdist/conf/type/__unpack/test/make-test-files.sh new file mode 100755 index 00000000..d18e9e9f --- /dev/null +++ b/cdist/conf/type/__unpack/test/make-test-files.sh @@ -0,0 +1,44 @@ +#!/bin/sh -ex + +echo test.7z > test +7z a test.7z test > /dev/null + +echo test.bz2 > test +bzip2 test + +echo test.gz > test +gzip test + +echo test.lzma > test +lzma test + +echo test.rar > test +rar a test.rar test > /dev/null + +echo test.tar.bz2 > test +tar cf test.tar test +bzip2 test.tar + +echo test.tar.xz > test +tar cf test.tar test +xz test.tar + +echo test.tgz > test +tar cf test.tar test +gzip test.tar +mv test.tar.gz test.tgz + +echo test.tar.gz > test +tar cf test.tar test +gzip test.tar + +echo test.tar > test +tar cf test.tar test + +echo test.xz > test +xz test + +echo test.zip > test +zip test.zip test > /dev/null + +rm test From 463b6cd6b52da8918d2803721164748c2a632696 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 27 Jul 2020 06:22:25 +0200 Subject: [PATCH 52/57] ++changelog --- docs/changelog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/changelog b/docs/changelog index 2457e90b..8d26e767 100644 --- a/docs/changelog +++ b/docs/changelog @@ -13,6 +13,9 @@ next: * Type __user: Install user packages on OpenWrt (Dennis Camera) * Type __openldap_server: Add Alpine support (Timothée Floure) * Type __pf_apply: Remove deprecated type (Darko Poljak) + * Type __package_apt: Fix for legacy APT versions that do not support --no-install-recommends (Dennis Camera) + * Type __key_value: Get awk from POSIX PATH (Dennis Camera) + * New type: __unpack (Ander Punnar) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From 627d215b637f1893e48a4a04c7e60686b960a698 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 27 Jul 2020 13:09:53 +0200 Subject: [PATCH 53/57] ++changelog --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 8d26e767..e3711be2 100644 --- a/docs/changelog +++ b/docs/changelog @@ -16,6 +16,7 @@ next: * Type __package_apt: Fix for legacy APT versions that do not support --no-install-recommends (Dennis Camera) * Type __key_value: Get awk from POSIX PATH (Dennis Camera) * New type: __unpack (Ander Punnar) + * Type __locale_system: Support more OSes (Dennis Camera) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From 5dfc996febd085e4592fe590c4837bd4802ef4c3 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 22:53:34 +0200 Subject: [PATCH 54/57] Fix global explorers for NetBSD On NetBSD sysctl is at /sbin/sysctl, but the default PATH does not contain /sbin. --- cdist/conf/explorer/cpu_cores | 1 + cdist/conf/explorer/disks | 5 ++--- cdist/conf/explorer/memory | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cdist/conf/explorer/cpu_cores b/cdist/conf/explorer/cpu_cores index c6744142..81e5294e 100755 --- a/cdist/conf/explorer/cpu_cores +++ b/cdist/conf/explorer/cpu_cores @@ -33,6 +33,7 @@ case "$os" in ;; "freebsd"|"netbsd") + PATH=$(getconf PATH) sysctl -n hw.ncpu ;; diff --git a/cdist/conf/explorer/disks b/cdist/conf/explorer/disks index 24540601..56d62d10 100755 --- a/cdist/conf/explorer/disks +++ b/cdist/conf/explorer/disks @@ -30,9 +30,8 @@ case $uname_s in sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+' ;; NetBSD) - PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin" - sysctl -n hw.disknames \ - | awk 'BEGIN { RS = " " } /^[lsw]d[0-9]+/' + PATH=$(getconf PATH) + sysctl -n hw.disknames | awk -v RS=' ' '/^[lsw]d[0-9]+/' ;; Linux) # list of major device numbers toexclude: diff --git a/cdist/conf/explorer/memory b/cdist/conf/explorer/memory index 302b4cda..5ea15ada 100755 --- a/cdist/conf/explorer/memory +++ b/cdist/conf/explorer/memory @@ -30,6 +30,7 @@ case "$os" in ;; *"bsd") + PATH=$(getconf PATH) echo "$(sysctl -n hw.physmem) / 1048576" | bc ;; From 3a87a447d00ef12eb6ace7c240926568aec2a042 Mon Sep 17 00:00:00 2001 From: Dennis Camera Date: Sun, 26 Jul 2020 23:37:48 +0200 Subject: [PATCH 55/57] [type/__sysctl] Fix on NetBSD --- cdist/conf/type/__sysctl/explorer/value | 9 +++++++-- cdist/conf/type/__sysctl/gencode-remote | 2 ++ cdist/conf/type/__sysctl/man.rst | 7 +++++++ 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__sysctl/explorer/value b/cdist/conf/type/__sysctl/explorer/value index fc85b3d8..3e93c151 100755 --- a/cdist/conf/type/__sysctl/explorer/value +++ b/cdist/conf/type/__sysctl/explorer/value @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/sh -e # # 2014 Steven Armstrong (steven-cdist at armstrong.cc) # @@ -18,5 +18,10 @@ # along with cdist. If not, see . # +if test "$(uname -s)" = NetBSD +then + PATH=$(getconf PATH) +fi + # get the current runtime value -sysctl -n "$__object_id" || true +sysctl -n "${__object_id}" || true diff --git a/cdist/conf/type/__sysctl/gencode-remote b/cdist/conf/type/__sysctl/gencode-remote index 711d54e5..f0f6deef 100755 --- a/cdist/conf/type/__sysctl/gencode-remote +++ b/cdist/conf/type/__sysctl/gencode-remote @@ -44,6 +44,8 @@ case "$os" in flag='-w' ;; netbsd) + # shellcheck disable=SC2016 + echo 'PATH=$(getconf PATH)' flag='-w' ;; freebsd|openbsd) diff --git a/cdist/conf/type/__sysctl/man.rst b/cdist/conf/type/__sysctl/man.rst index 6873003e..dbb9a1ac 100644 --- a/cdist/conf/type/__sysctl/man.rst +++ b/cdist/conf/type/__sysctl/man.rst @@ -26,6 +26,13 @@ EXAMPLES __sysctl net.ipv4.ip_forward --value 1 + # On some operating systems, e.g. NetBSD, to prevent an error if the + # MIB style name does not exist (e.g. optional kernel components), + # name and value can be separated by `?=`. The same effect can be achieved + # in cdist by appending a `?` to the key: + + __sysctl ddb.onpanic? --value -1 + AUTHORS ------- From 76bb214b5300707426030649cf03f35808e43256 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 27 Jul 2020 15:31:38 +0200 Subject: [PATCH 56/57] ++changelog --- docs/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/changelog b/docs/changelog index e3711be2..8fef4653 100644 --- a/docs/changelog +++ b/docs/changelog @@ -17,6 +17,8 @@ next: * Type __key_value: Get awk from POSIX PATH (Dennis Camera) * New type: __unpack (Ander Punnar) * Type __locale_system: Support more OSes (Dennis Camera) + * Explorers cpu_cores, disks, memory: Fix for NetBSD (Dennis Camera) + * Type __sysctl: Fix for NetBSD (Dennis Camera) 6.6.0: 2020-06-17 * Type __ssh_authorized_keys: Add option for removing undefined keys (Ander Punnar) From f5b367dfdbf60e75cfb2be038a05b6f226a1c010 Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Tue, 28 Jul 2020 07:14:26 +0200 Subject: [PATCH 57/57] Release 6.7.0 --- docs/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/changelog b/docs/changelog index 8fef4653..269a2049 100644 --- a/docs/changelog +++ b/docs/changelog @@ -1,7 +1,8 @@ Changelog --------- -next: +6.7.0: 2020-07-28 + * Delete deprecated type: __pf_apply (Darko Poljak) * New type: __download (Ander Punnar) * Type __locale_system: Add devuan support (Dennis Camera) * Type __package_opkg: Add locking (Dennis Camera) @@ -12,7 +13,6 @@ next: * Type __postfix_master: Fix --option parameter and option expansion (Daniel Fancsali) * Type __user: Install user packages on OpenWrt (Dennis Camera) * Type __openldap_server: Add Alpine support (Timothée Floure) - * Type __pf_apply: Remove deprecated type (Darko Poljak) * Type __package_apt: Fix for legacy APT versions that do not support --no-install-recommends (Dennis Camera) * Type __key_value: Get awk from POSIX PATH (Dennis Camera) * New type: __unpack (Ander Punnar)