From 095c5335c69a732bc54879a6a42e7162c59311bc Mon Sep 17 00:00:00 2001 From: Steven Armstrong Date: Thu, 16 Jan 2014 11:05:29 +0100 Subject: [PATCH 1/7] use default parameters Signed-off-by: Steven Armstrong --- cdist/conf/type/__ssh_authorized_keys/manifest | 2 +- cdist/conf/type/__ssh_authorized_keys/parameter/default/state | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 cdist/conf/type/__ssh_authorized_keys/parameter/default/state diff --git a/cdist/conf/type/__ssh_authorized_keys/manifest b/cdist/conf/type/__ssh_authorized_keys/manifest index 47cdf746..8b299d0a 100755 --- a/cdist/conf/type/__ssh_authorized_keys/manifest +++ b/cdist/conf/type/__ssh_authorized_keys/manifest @@ -19,7 +19,7 @@ # owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")" -state="$(cat "$__object/parameter/state" 2>/dev/null || echo "present")" +state="$(cat "$__object/parameter/state" 2>/dev/null)" if [ -f "$__object/parameter/file" ]; then file="$(cat "$__object/parameter/file")" else diff --git a/cdist/conf/type/__ssh_authorized_keys/parameter/default/state b/cdist/conf/type/__ssh_authorized_keys/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__ssh_authorized_keys/parameter/default/state @@ -0,0 +1 @@ +present From 3b072a7abb08bdd4896ad425a0ce98700b73ebb6 Mon Sep 17 00:00:00 2001 From: Steven Armstrong Date: Thu, 16 Jan 2014 11:09:51 +0100 Subject: [PATCH 2/7] use __block type to manage keys Signed-off-by: Steven Armstrong --- .../type/__ssh_authorized_keys/explorer/entry | 45 ---------- .../type/__ssh_authorized_keys/gencode-remote | 84 ------------------- .../conf/type/__ssh_authorized_keys/manifest | 23 +++-- 3 files changed, 10 insertions(+), 142 deletions(-) delete mode 100755 cdist/conf/type/__ssh_authorized_keys/explorer/entry delete mode 100755 cdist/conf/type/__ssh_authorized_keys/gencode-remote diff --git a/cdist/conf/type/__ssh_authorized_keys/explorer/entry b/cdist/conf/type/__ssh_authorized_keys/explorer/entry deleted file mode 100755 index 9992d32d..00000000 --- a/cdist/conf/type/__ssh_authorized_keys/explorer/entry +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh -# -# 2012 Steven Armstrong (steven-cdist at armstrong.cc) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")" -if [ -f "$__object/parameter/file" ]; then - file="$(cat "$__object/parameter/file")" -else - home="$("$__type_explorer/passwd" | cut -d':' -f 6)" - file="$home/.ssh/authorized_keys" -fi - -# no authorized_keys file, nothing we could do -[ -f "$file" ] || exit 0 - -# NOTE: keep variables in sync in manifest/explorer/gencode-* -prefix="#cdist:$__object_name" -suffix="#/cdist:$__object_name" -awk -v prefix="$prefix" -v suffix="$suffix" '{ - if (index($0,prefix)) { - triggered=1 - } - if (triggered) { - if (index($0,suffix)) { - triggered=0 - } - print - } -}' "$file" diff --git a/cdist/conf/type/__ssh_authorized_keys/gencode-remote b/cdist/conf/type/__ssh_authorized_keys/gencode-remote deleted file mode 100755 index 7fcb59c6..00000000 --- a/cdist/conf/type/__ssh_authorized_keys/gencode-remote +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/sh -# -# 2012-2013 Steven Armstrong (steven-cdist at armstrong.cc) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")" -if [ -f "$__object/parameter/file" ]; then - file="$(cat "$__object/parameter/file")" -else - home="$(cut -d':' -f 6 "$__object/explorer/passwd")" - file="$home/.ssh/authorized_keys" -fi - -entry="$__object/files/entry" -if [ ! -s "$__object/explorer/entry" ]; then - state_is='absent' -else - state_is=$(diff -q "$entry" "$__object/explorer/entry" >/dev/null \ - && echo present \ - || echo changed - ) -fi - -state_should="$(cat "$__object/parameter/state" 2>/dev/null || echo present)" -if [ "$state_should" = "$state_is" ]; then - # Nothing to do, move along - exit 0 -fi - -remove_entry() { - # NOTE: keep variables in sync in manifest/explorer/gencode-* - prefix="#cdist:$__object_name" - suffix="#/cdist:$__object_name" - cat << DONE -tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX) -# preserve ownership and permissions by copying existing file over tmpfile -cp -p "$file" "\$tmpfile" -awk -v prefix="$prefix" -v suffix="$suffix" ' -{ - if (index(\$0,prefix)) { - triggered=1 - } - if (triggered) { - if (index(\$0,suffix)) { - triggered=0 - } - } else { - print - } -}' "$file" > "\$tmpfile" -mv -f "\$tmpfile" "$file" -DONE -} - -case "$state_should" in - present) - if [ "$state_is" = "changed" ]; then - remove_entry - fi - cat << DONE -cat >> "$file" << ${__type##*/}_DONE -$(cat "$entry") -${__type##*/}_DONE -DONE - ;; - absent) - remove_entry - ;; -esac diff --git a/cdist/conf/type/__ssh_authorized_keys/manifest b/cdist/conf/type/__ssh_authorized_keys/manifest index 8b299d0a..8631d042 100755 --- a/cdist/conf/type/__ssh_authorized_keys/manifest +++ b/cdist/conf/type/__ssh_authorized_keys/manifest @@ -56,19 +56,16 @@ if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; fi fi -# NOTE: keep variables in sync in manifest/explorer/gencode-* -prefix="#cdist:$__object_name" -suffix="#/cdist:$__object_name" - -mkdir "$__object/files" - # Generate entry for inclusion in authorized_keys file -entry="$__object/files/entry" -echo "$prefix" > "$entry" +( if [ -f "$__object/parameter/comment" ]; then - echo "# $(cat "$__object/parameter/comment")" >> "$entry" + echo "# $(cat "$__object/parameter/comment")" fi -cat "$__object/parameter/key" >> "$entry" -# ensure we have a newline after keys -echo >> "$entry" -echo "$suffix" >> "$entry" +cat "$__object/parameter/key" +) | \ +__block "$__object_name" \ + --file "$file" \ + --prefix "#cdist:$__object_name" \ + --suffix "#/cdist:$__object_name" \ + --state "$state" \ + --text - From 0b7d9babf6f4f13e65f03819887e99d7809309b0 Mon Sep 17 00:00:00 2001 From: Steven Armstrong Date: Thu, 16 Jan 2014 11:11:00 +0100 Subject: [PATCH 3/7] whitespace-- Signed-off-by: Steven Armstrong --- cdist/conf/type/__ssh_authorized_keys/manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cdist/conf/type/__ssh_authorized_keys/manifest b/cdist/conf/type/__ssh_authorized_keys/manifest index 8631d042..5a9cfbb3 100755 --- a/cdist/conf/type/__ssh_authorized_keys/manifest +++ b/cdist/conf/type/__ssh_authorized_keys/manifest @@ -39,7 +39,7 @@ if [ ! -f "$__object/parameter/noparent" -o ! -f "$__object/parameter/nofile" ]; fi if [ ! -f "$__object/parameter/noparent" ]; then - # Ensure that the directory in which the authorized_keys shall be exists and + # Ensure that the directory in which the authorized_keys shall be exists and # has the right permissions. ssh_directory="${file%/*}" __directory "$ssh_directory" --state present --parents \ From 36a330eb3c185efeedc35b4221ccae483340c027 Mon Sep 17 00:00:00 2001 From: Steven Armstrong Date: Thu, 16 Jan 2014 12:00:24 +0100 Subject: [PATCH 4/7] redirect stderr to /dev/null Signed-off-by: Steven Armstrong --- cdist/conf/type/__mount/manifest | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__mount/manifest b/cdist/conf/type/__mount/manifest index ff891bb8..8a1fa234 100755 --- a/cdist/conf/type/__mount/manifest +++ b/cdist/conf/type/__mount/manifest @@ -26,9 +26,9 @@ if [ ! -f "$__object/parameter/nofstab" ]; then ( printf "%s" "$(cat "$__object/parameter/device")" printf " %s" "$path" -type="$(cat "$__object/parameter/type" || echo "auto")" +type="$(cat "$__object/parameter/type" 2>/dev/null || echo "auto")" printf " %s" "$type" -options="$(cat "$__object/parameter/options" || echo "defaults")" +options="$(cat "$__object/parameter/options" 2>/dev/null || echo "defaults")" printf " %s" "$options" printf " %s" "$(cat "$__object/parameter/dump")" printf " %s\n" "$(cat "$__object/parameter/pass")" From 4e94713f07c557aeaf482ee71e7aab85d72fe05c Mon Sep 17 00:00:00 2001 From: Daniel Heule Date: Fri, 17 Jan 2014 10:27:21 +0100 Subject: [PATCH 5/7] documented all messages which I have found via grep --- cdist/conf/type/__group/man.text | 12 ++++++++++++ cdist/conf/type/__user/man.text | 9 +++++++++ 2 files changed, 21 insertions(+) diff --git a/cdist/conf/type/__group/man.text b/cdist/conf/type/__group/man.text index c57ae337..def0232f 100644 --- a/cdist/conf/type/__group/man.text +++ b/cdist/conf/type/__group/man.text @@ -26,6 +26,18 @@ password:: see above +MESSAGES +-------- +mod:: + group is modified +add:: + New group added +change :: + Changed group property from current_value to new_value +set :: + set property to new value, property was not set bevore + + EXAMPLES -------- diff --git a/cdist/conf/type/__user/man.text b/cdist/conf/type/__user/man.text index 47e63d3d..be70ec12 100644 --- a/cdist/conf/type/__user/man.text +++ b/cdist/conf/type/__user/man.text @@ -44,6 +44,15 @@ create-home:: remove-home:: see userdel(8), apply only on user delete + +MESSAGES +-------- +mod:: + User is modified +add:: + New user added + + EXAMPLES -------- From f23999c8d378f81bcb5e97604a220ce6d1b19cd1 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Fri, 17 Jan 2014 10:41:23 +0100 Subject: [PATCH 6/7] ++changes(3.0.2) Signed-off-by: Nico Schottelius --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index 08f7ff5f..a12de32a 100644 --- a/docs/changelog +++ b/docs/changelog @@ -5,6 +5,7 @@ Changelog * Exception: No braces means author == Nico Schottelius 3.0.2: + * Documentation: Document all messages sent by types (Daniel Heule) * New Type: __block (Steven Armstrong) * New Type: __mount (Steven Armstrong) * Type __cron: Replace existing entry when changing it (Daniel Heule) From c4140a7c7bc0885f5d8581ba8b1097087494376f Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sat, 18 Jan 2014 15:57:39 +0100 Subject: [PATCH 7/7] ++changes(3.0.2) Signed-off-by: Nico Schottelius --- docs/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/changelog b/docs/changelog index a12de32a..d9b1db51 100644 --- a/docs/changelog +++ b/docs/changelog @@ -9,6 +9,7 @@ Changelog * New Type: __block (Steven Armstrong) * New Type: __mount (Steven Armstrong) * Type __cron: Replace existing entry when changing it (Daniel Heule) + * Type __ssh_authorized_keys: Use new type __block (Steven Armstrong) 3.0.1: 2014-01-14