Compare commits
No commits in common. "master" and "bugfix/multiple-log-lines" have entirely different histories.
master
...
bugfix/mul
246 changed files with 1038 additions and 6578 deletions
2
.gitattributes
vendored
2
.gitattributes
vendored
|
@ -4,5 +4,5 @@
|
|||
docs/speeches export-ignore
|
||||
docs/video export-ignore
|
||||
docs/src/man7 export-ignore
|
||||
bin/cdist-build-helper export-ignore
|
||||
bin/build-helper export-ignore
|
||||
README-maintainers export-ignore
|
||||
|
|
|
@ -1,23 +1,20 @@
|
|||
---
|
||||
image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest
|
||||
|
||||
stages:
|
||||
- test
|
||||
|
||||
before_script:
|
||||
- ./bin/cdist-build-helper version
|
||||
|
||||
shellcheck:
|
||||
stage: test
|
||||
script:
|
||||
- ./bin/cdist-build-helper shellcheck
|
||||
|
||||
pycodestyle:
|
||||
stage: test
|
||||
script:
|
||||
- ./bin/cdist-build-helper pycodestyle
|
||||
image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest
|
||||
|
||||
unit_tests:
|
||||
stage: test
|
||||
script:
|
||||
- ./bin/cdist-build-helper test
|
||||
- ./bin/build-helper version
|
||||
- ./bin/build-helper test
|
||||
|
||||
pycodestyle:
|
||||
stage: test
|
||||
script:
|
||||
- ./bin/build-helper pycodestyle
|
||||
|
||||
shellcheck:
|
||||
stage: test
|
||||
script:
|
||||
- ./bin/build-helper shellcheck
|
||||
|
|
4
Makefile
4
Makefile
|
@ -81,7 +81,7 @@ version:
|
|||
}
|
||||
|
||||
# Manpages #3: generic part
|
||||
man: version configskel $(MANTYPES) $(DOCSREF) $(DOCSTYPESREF)
|
||||
man: version $(MANTYPES) $(DOCSREF)
|
||||
$(SPHINXM)
|
||||
|
||||
html: version configskel $(MANTYPES) $(DOCSREF) $(DOCSTYPESREF)
|
||||
|
@ -104,7 +104,7 @@ DOTMANTYPES=$(subst /man.rst,.rst,$(DOTMANTYPEPREFIX))
|
|||
$(DOTMAN7DSTDIR)/cdist-type%.rst: $(DOTTYPEDIR)/%/man.rst
|
||||
ln -sf "$^" $@
|
||||
|
||||
dotman: version configskel $(DOTMANTYPES) $(DOCSREF) $(DOCSTYPESREF)
|
||||
dotman: version $(DOTMANTYPES)
|
||||
$(SPHINXM)
|
||||
|
||||
################################################################################
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Maintainers should use ./bin/cdist-build-helper script.
|
||||
Maintainers should use ./bin/build-helper script.
|
||||
|
||||
Makefile is intended for end users. It can be used for non-maintaining
|
||||
targets that can be run from pure source (without git repository).
|
||||
|
|
|
@ -45,7 +45,7 @@ usage() {
|
|||
shellcheck-manifests
|
||||
shellcheck-local-gencodes
|
||||
shellcheck-remote-gencodes
|
||||
shellcheck-bin
|
||||
shellcheck-scripts
|
||||
shellcheck-gencodes
|
||||
shellcheck-types
|
||||
shellcheck
|
||||
|
@ -371,6 +371,7 @@ eof
|
|||
Manual steps post release:
|
||||
- cdist-web
|
||||
- send generated mailinglist.tmp mail
|
||||
- twitter
|
||||
eof
|
||||
;;
|
||||
|
||||
|
@ -405,7 +406,7 @@ eof
|
|||
;;
|
||||
|
||||
pycodestyle|pep8)
|
||||
pycodestyle "${basedir}" "${basedir}/bin/cdist"
|
||||
pycodestyle "${basedir}" "${basedir}/scripts/cdist"
|
||||
;;
|
||||
|
||||
check-pycodestyle)
|
||||
|
@ -460,34 +461,27 @@ eof
|
|||
test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
|
||||
;;
|
||||
|
||||
# NOTE: shellcheck-scripts is kept for compatibility
|
||||
shellcheck-bin|shellcheck-scripts)
|
||||
shellcheck-scripts)
|
||||
# shellcheck disable=SC2086
|
||||
${SHELLCHECKCMD} bin/cdist-dump bin/cdist-new-type > "${SHELLCHECKTMP}"
|
||||
${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type > "${SHELLCHECKTMP}"
|
||||
test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; }
|
||||
;;
|
||||
|
||||
shellcheck-gencodes)
|
||||
errors=false
|
||||
"$0" shellcheck-local-gencodes || errors=true
|
||||
"$0" shellcheck-remote-gencodes || errors=true
|
||||
! $errors || exit 1
|
||||
"$0" shellcheck-local-gencodes || exit 1
|
||||
"$0" shellcheck-remote-gencodes || exit 1
|
||||
;;
|
||||
|
||||
shellcheck-types)
|
||||
errors=false
|
||||
"$0" shellcheck-type-explorers || errors=true
|
||||
"$0" shellcheck-manifests || errors=true
|
||||
"$0" shellcheck-gencodes || errors=true
|
||||
! $errors || exit 1
|
||||
"$0" shellcheck-type-explorers || exit 1
|
||||
"$0" shellcheck-manifests || exit 1
|
||||
"$0" shellcheck-gencodes || exit 1
|
||||
;;
|
||||
|
||||
shellcheck)
|
||||
errors=false
|
||||
"$0" shellcheck-global-explorers || errors=true
|
||||
"$0" shellcheck-types || errors=true
|
||||
"$0" shellcheck-bin || errors=true
|
||||
! $errors || exit 1
|
||||
"$0" shellcheck-global-explorers || exit 1
|
||||
"$0" shellcheck-types || exit 1
|
||||
"$0" shellcheck-scripts || exit 1
|
||||
;;
|
||||
|
||||
shellcheck-type-files)
|
||||
|
@ -497,14 +491,12 @@ eof
|
|||
;;
|
||||
|
||||
shellcheck-with-files)
|
||||
errors=false
|
||||
"$0" shellcheck || errors=true
|
||||
"$0" shellcheck-type-files || errors=true
|
||||
! $errors || exit 1
|
||||
"$0" shellcheck || exit 1
|
||||
"$0" shellcheck-type-files || exit 1
|
||||
;;
|
||||
|
||||
shellcheck-build-helper)
|
||||
${SHELLCHECKCMD} ./bin/cdist-build-helper
|
||||
${SHELLCHECKCMD} ./bin/build-helper
|
||||
;;
|
||||
|
||||
check-shellcheck)
|
88
bin/cdist
88
bin/cdist
|
@ -1,8 +1,7 @@
|
|||
#!/usr/bin/env python3
|
||||
#!/bin/sh
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# 2010-2016 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2016 Darko Poljak (darko.poljak at gmail.com)
|
||||
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -21,81 +20,14 @@
|
|||
#
|
||||
#
|
||||
|
||||
import logging
|
||||
import os
|
||||
import sys
|
||||
# Wrapper for real script to allow execution from checkout
|
||||
dir=${0%/*}
|
||||
|
||||
# See if this file's parent is cdist module
|
||||
# and if so add it to module search path.
|
||||
cdist_dir = os.path.realpath(
|
||||
os.path.join(
|
||||
os.path.dirname(os.path.realpath(__file__)),
|
||||
os.pardir))
|
||||
cdist_init_dir = os.path.join(cdist_dir, 'cdist', '__init__.py')
|
||||
if os.path.exists(cdist_init_dir):
|
||||
sys.path.insert(0, cdist_dir)
|
||||
# Ensure version is present - the bundled/shipped version contains a static version,
|
||||
# the git version contains a dynamic version
|
||||
"$dir/build-helper" version
|
||||
|
||||
import cdist # noqa 402
|
||||
import cdist.argparse # noqa 402
|
||||
import cdist.banner # noqa 402
|
||||
import cdist.config # noqa 402
|
||||
import cdist.install # noqa 402
|
||||
import cdist.shell # noqa 402
|
||||
import cdist.inventory # noqa 402
|
||||
libdir=$(cd "${dir}/../" && pwd -P)
|
||||
export PYTHONPATH="${libdir}"
|
||||
|
||||
|
||||
def commandline():
|
||||
"""Parse command line"""
|
||||
|
||||
# preos subcommand hack
|
||||
if len(sys.argv) > 1 and sys.argv[1] == 'preos':
|
||||
return cdist.preos.PreOS.commandline(sys.argv[1:])
|
||||
parser, cfg = cdist.argparse.parse_and_configure(sys.argv[1:])
|
||||
args = cfg.get_args()
|
||||
|
||||
# Work around python 3.3 bug:
|
||||
# http://bugs.python.org/issue16308
|
||||
# http://bugs.python.org/issue9253
|
||||
|
||||
# FIXME: catching AttributeError also hides
|
||||
# real problems.. try a different way
|
||||
|
||||
# FIXME: we always print main help, not
|
||||
# the help of the actual parser being used!
|
||||
try:
|
||||
getattr(args, "func")
|
||||
except AttributeError:
|
||||
parser['main'].print_help()
|
||||
sys.exit(0)
|
||||
|
||||
args.func(args)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
if sys.version < cdist.MIN_SUPPORTED_PYTHON_VERSION:
|
||||
print('Python >= {} is required on the source host.'.format(
|
||||
cdist.MIN_SUPPORTED_PYTHON_VERSIO), file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
exit_code = 0
|
||||
|
||||
try:
|
||||
import re
|
||||
import os
|
||||
|
||||
if re.match("__", os.path.basename(sys.argv[0])):
|
||||
import cdist.emulator
|
||||
emulator = cdist.emulator.Emulator(sys.argv)
|
||||
emulator.run()
|
||||
else:
|
||||
commandline()
|
||||
|
||||
except KeyboardInterrupt:
|
||||
exit_code = 2
|
||||
|
||||
except cdist.Error as e:
|
||||
log = logging.getLogger("cdist")
|
||||
log.error(e)
|
||||
exit_code = 1
|
||||
|
||||
sys.exit(exit_code)
|
||||
"$dir/../scripts/cdist" "$@"
|
||||
|
|
|
@ -22,27 +22,11 @@
|
|||
|
||||
import os
|
||||
import hashlib
|
||||
import subprocess
|
||||
|
||||
import cdist.log
|
||||
import cdist.version
|
||||
|
||||
|
||||
VERSION = 'unknown version'
|
||||
|
||||
try:
|
||||
import cdist.version
|
||||
VERSION = cdist.version.VERSION
|
||||
except ModuleNotFoundError:
|
||||
cdist_dir = os.path.abspath(
|
||||
os.path.join(os.path.dirname(__file__), os.pardir))
|
||||
if os.path.isdir(os.path.join(cdist_dir, '.git')):
|
||||
try:
|
||||
VERSION = subprocess.check_output(
|
||||
['git', 'describe', '--always'],
|
||||
cwd=cdist_dir,
|
||||
universal_newlines=True)
|
||||
except Exception:
|
||||
pass
|
||||
VERSION = cdist.version.VERSION
|
||||
|
||||
BANNER = """
|
||||
.. . .x+=:. s
|
||||
|
@ -64,9 +48,6 @@ REMOTE_EXEC = "ssh -o User=root"
|
|||
REMOTE_CMDS_CLEANUP_PATTERN = "ssh -o User=root -O exit -S {}"
|
||||
|
||||
|
||||
MIN_SUPPORTED_PYTHON_VERSION = '3.5'
|
||||
|
||||
|
||||
class Error(Exception):
|
||||
"""Base exception class for this project"""
|
||||
pass
|
||||
|
|
|
@ -5,14 +5,12 @@ import logging
|
|||
import collections
|
||||
import functools
|
||||
import cdist.configuration
|
||||
import cdist.log
|
||||
import cdist.preos
|
||||
import cdist.info
|
||||
import cdist.scan.commandline
|
||||
|
||||
|
||||
# set of beta sub-commands
|
||||
BETA_COMMANDS = set(('install', 'inventory', 'scan', ))
|
||||
BETA_COMMANDS = set(('install', 'inventory', ))
|
||||
# set of beta arguments for sub-commands
|
||||
BETA_ARGS = {
|
||||
'config': set(('tag', 'all_tagged_hosts', 'use_archiving', )),
|
||||
|
@ -127,14 +125,6 @@ def get_parsers():
|
|||
'value.'),
|
||||
action='count', default=None)
|
||||
|
||||
parser['colored_output'] = argparse.ArgumentParser(add_help=False)
|
||||
parser['colored_output'].add_argument(
|
||||
'--colors', metavar='WHEN',
|
||||
help="Colorize cdist's output based on log level; "
|
||||
"WHEN is 'always', 'never', or 'auto'.",
|
||||
action='store', dest='colored_output', required=False,
|
||||
choices=cdist.configuration.ColoredOutputOption.CHOICES)
|
||||
|
||||
parser['beta'] = argparse.ArgumentParser(add_help=False)
|
||||
parser['beta'].add_argument(
|
||||
'-b', '--beta',
|
||||
|
@ -207,13 +197,6 @@ def get_parsers():
|
|||
'supported. Without argument CPU count is used by default. '),
|
||||
action='store', dest='jobs',
|
||||
const=multiprocessing.cpu_count())
|
||||
parser['config_main'].add_argument(
|
||||
'--log-server',
|
||||
action='store_true',
|
||||
help=('Start a log server for sub processes to use. '
|
||||
'This is mainly useful when running cdist nested '
|
||||
'from a code-local script. Log server is alwasy '
|
||||
'implicitly started for \'install\' command.'))
|
||||
parser['config_main'].add_argument(
|
||||
'-n', '--dry-run',
|
||||
help='Do not execute code.', action='store_true')
|
||||
|
@ -274,7 +257,8 @@ def get_parsers():
|
|||
'-f', '--file',
|
||||
help=('Read specified file for a list of additional hosts to '
|
||||
'operate on or if \'-\' is given, read stdin (one host per '
|
||||
'line).'),
|
||||
'line). If no host or host file is specified then, by '
|
||||
'default, read hosts from stdin.'),
|
||||
dest='hostfile', required=False)
|
||||
parser['config_args'].add_argument(
|
||||
'-p', '--parallel', nargs='?', metavar='HOST_MAX',
|
||||
|
@ -299,7 +283,6 @@ def get_parsers():
|
|||
'host', nargs='*', help='Host(s) to operate on.')
|
||||
parser['config'] = parser['sub'].add_parser(
|
||||
'config', parents=[parser['loglevel'], parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['config_main'],
|
||||
parser['inventory_common'],
|
||||
|
@ -318,7 +301,6 @@ def get_parsers():
|
|||
|
||||
parser['add-host'] = parser['invsub'].add_parser(
|
||||
'add-host', parents=[parser['loglevel'], parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['inventory_common']])
|
||||
parser['add-host'].add_argument(
|
||||
|
@ -326,12 +308,13 @@ def get_parsers():
|
|||
parser['add-host'].add_argument(
|
||||
'-f', '--file',
|
||||
help=('Read additional hosts to add from specified file '
|
||||
'or from stdin if \'-\' (each host on separate line). '),
|
||||
'or from stdin if \'-\' (each host on separate line). '
|
||||
'If no host or host file is specified then, by default, '
|
||||
'read from stdin.'),
|
||||
dest='hostfile', required=False)
|
||||
|
||||
parser['add-tag'] = parser['invsub'].add_parser(
|
||||
'add-tag', parents=[parser['loglevel'], parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['inventory_common']])
|
||||
parser['add-tag'].add_argument(
|
||||
|
@ -340,12 +323,20 @@ def get_parsers():
|
|||
parser['add-tag'].add_argument(
|
||||
'-f', '--file',
|
||||
help=('Read additional hosts to add tags from specified file '
|
||||
'or from stdin if \'-\' (each host on separate line). '),
|
||||
'or from stdin if \'-\' (each host on separate line). '
|
||||
'If no host or host file is specified then, by default, '
|
||||
'read from stdin. If no tags/tagfile nor hosts/hostfile'
|
||||
' are specified then tags are read from stdin and are'
|
||||
' added to all hosts.'),
|
||||
dest='hostfile', required=False)
|
||||
parser['add-tag'].add_argument(
|
||||
'-T', '--tag-file',
|
||||
help=('Read additional tags to add from specified file '
|
||||
'or from stdin if \'-\' (each tag on separate line). '),
|
||||
'or from stdin if \'-\' (each tag on separate line). '
|
||||
'If no tag or tag file is specified then, by default, '
|
||||
'read from stdin. If no tags/tagfile nor hosts/hostfile'
|
||||
' are specified then tags are read from stdin and are'
|
||||
' added to all hosts.'),
|
||||
dest='tagfile', required=False)
|
||||
parser['add-tag'].add_argument(
|
||||
'-t', '--taglist',
|
||||
|
@ -355,7 +346,6 @@ def get_parsers():
|
|||
|
||||
parser['del-host'] = parser['invsub'].add_parser(
|
||||
'del-host', parents=[parser['loglevel'], parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['inventory_common']])
|
||||
parser['del-host'].add_argument(
|
||||
|
@ -366,12 +356,13 @@ def get_parsers():
|
|||
parser['del-host'].add_argument(
|
||||
'-f', '--file',
|
||||
help=('Read additional hosts to delete from specified file '
|
||||
'or from stdin if \'-\' (each host on separate line). '),
|
||||
'or from stdin if \'-\' (each host on separate line). '
|
||||
'If no host or host file is specified then, by default, '
|
||||
'read from stdin.'),
|
||||
dest='hostfile', required=False)
|
||||
|
||||
parser['del-tag'] = parser['invsub'].add_parser(
|
||||
'del-tag', parents=[parser['loglevel'], parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['inventory_common']])
|
||||
parser['del-tag'].add_argument(
|
||||
|
@ -384,13 +375,20 @@ def get_parsers():
|
|||
parser['del-tag'].add_argument(
|
||||
'-f', '--file',
|
||||
help=('Read additional hosts to delete tags for from specified '
|
||||
'file or from stdin if \'-\' (each host on separate '
|
||||
'line). '),
|
||||
'file or from stdin if \'-\' (each host on separate line). '
|
||||
'If no host or host file is specified then, by default, '
|
||||
'read from stdin. If no tags/tagfile nor hosts/hostfile'
|
||||
' are specified then tags are read from stdin and are'
|
||||
' deleted from all hosts.'),
|
||||
dest='hostfile', required=False)
|
||||
parser['del-tag'].add_argument(
|
||||
'-T', '--tag-file',
|
||||
help=('Read additional tags from specified file '
|
||||
'or from stdin if \'-\' (each tag on separate line). '),
|
||||
'or from stdin if \'-\' (each tag on separate line). '
|
||||
'If no tag or tag file is specified then, by default, '
|
||||
'read from stdin. If no tags/tagfile nor'
|
||||
' hosts/hostfile are specified then tags are read from'
|
||||
' stdin and are added to all hosts.'),
|
||||
dest='tagfile', required=False)
|
||||
parser['del-tag'].add_argument(
|
||||
'-t', '--taglist',
|
||||
|
@ -400,7 +398,6 @@ def get_parsers():
|
|||
|
||||
parser['list'] = parser['invsub'].add_parser(
|
||||
'list', parents=[parser['loglevel'], parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['inventory_common']])
|
||||
parser['list'].add_argument(
|
||||
|
@ -433,7 +430,7 @@ def get_parsers():
|
|||
|
||||
# Shell
|
||||
parser['shell'] = parser['sub'].add_parser(
|
||||
'shell', parents=[parser['loglevel'], parser['colored_output']])
|
||||
'shell', parents=[parser['loglevel']])
|
||||
parser['shell'].add_argument(
|
||||
'-s', '--shell',
|
||||
help=('Select shell to use, defaults to current shell. Used shell'
|
||||
|
@ -471,35 +468,6 @@ def get_parsers():
|
|||
'pattern', nargs='?', help='Glob pattern.')
|
||||
parser['info'].set_defaults(func=cdist.info.Info.commandline)
|
||||
|
||||
# Scan = config + further
|
||||
parser['scan'] = parser['sub'].add_parser('scan', add_help=False,
|
||||
parents=[parser['config']])
|
||||
|
||||
parser['scan'] = parser['sub'].add_parser(
|
||||
'scan', parents=[parser['loglevel'],
|
||||
parser['beta'],
|
||||
parser['colored_output'],
|
||||
parser['common'],
|
||||
parser['config_main']])
|
||||
|
||||
parser['scan'].add_argument(
|
||||
'-m', '--mode', help='Which modes should run',
|
||||
action='append', default=[],
|
||||
choices=['scan', 'trigger'])
|
||||
parser['scan'].add_argument(
|
||||
'--config',
|
||||
action='store_true',
|
||||
help='Try to configure detected hosts')
|
||||
parser['scan'].add_argument(
|
||||
'-I', '--interfaces',
|
||||
action='append', default=[],
|
||||
help='On which interfaces to scan/trigger')
|
||||
parser['scan'].add_argument(
|
||||
'-d', '--delay',
|
||||
action='store', default=3600,
|
||||
help='How long to wait before reconfiguring after last try')
|
||||
parser['scan'].set_defaults(func=cdist.scan.commandline.commandline)
|
||||
|
||||
for p in parser:
|
||||
parser[p].epilog = EPILOG
|
||||
|
||||
|
@ -510,12 +478,7 @@ def handle_loglevel(args):
|
|||
if hasattr(args, 'quiet') and args.quiet:
|
||||
args.verbose = _verbosity_level_off
|
||||
|
||||
logging.getLogger().setLevel(_verbosity_level[args.verbose])
|
||||
|
||||
|
||||
def handle_log_colors(args):
|
||||
if cdist.configuration.ColoredOutputOption.translate(args.colored_output):
|
||||
cdist.log.CdistFormatter.USE_COLORS = True
|
||||
logging.root.setLevel(_verbosity_level[args.verbose])
|
||||
|
||||
|
||||
def parse_and_configure(argv, singleton=True):
|
||||
|
@ -529,7 +492,6 @@ def parse_and_configure(argv, singleton=True):
|
|||
raise cdist.Error(str(e))
|
||||
# Loglevels are handled globally in here
|
||||
handle_loglevel(args)
|
||||
handle_log_colors(args)
|
||||
|
||||
log = logging.getLogger("cdist")
|
||||
|
||||
|
|
|
@ -33,7 +33,6 @@ case "$os" in
|
|||
;;
|
||||
|
||||
"freebsd"|"netbsd")
|
||||
PATH=$(getconf PATH)
|
||||
sysctl -n hw.ncpu
|
||||
;;
|
||||
|
||||
|
|
|
@ -30,8 +30,9 @@ case $uname_s in
|
|||
sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+'
|
||||
;;
|
||||
NetBSD)
|
||||
PATH=$(getconf PATH)
|
||||
sysctl -n hw.disknames | awk -v RS=' ' '/^[lsw]d[0-9]+/'
|
||||
PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
|
||||
sysctl -n hw.disknames \
|
||||
| awk 'BEGIN { RS = " " } /^[lsw]d[0-9]+/'
|
||||
;;
|
||||
Linux)
|
||||
# list of major device numbers toexclude:
|
||||
|
|
|
@ -30,7 +30,6 @@ case "$os" in
|
|||
;;
|
||||
|
||||
*"bsd")
|
||||
PATH=$(getconf PATH)
|
||||
echo "$(sysctl -n hw.physmem) / 1048576" | bc
|
||||
;;
|
||||
|
||||
|
|
|
@ -143,13 +143,6 @@ case "$uname_s" in
|
|||
esac
|
||||
|
||||
if [ -f /etc/os-release ]; then
|
||||
# after sles15, suse don't provide an /etc/SuSE-release anymore, but there is almost no difference between sles and opensuse leap, so call it suse
|
||||
# shellcheck disable=SC1091
|
||||
if (. /etc/os-release && echo "${ID_LIKE}" | grep -q '\(^\|\ \)suse\($\|\ \)')
|
||||
then
|
||||
echo suse
|
||||
exit 0
|
||||
fi
|
||||
# already lowercase, according to:
|
||||
# https://www.freedesktop.org/software/systemd/man/os-release.html
|
||||
awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release
|
||||
|
|
|
@ -31,32 +31,7 @@ case "$("$__explorer/os")" in
|
|||
cat /etc/arch-release
|
||||
;;
|
||||
debian)
|
||||
debian_version=$(cat /etc/debian_version)
|
||||
case $debian_version
|
||||
in
|
||||
testing/unstable)
|
||||
# previous to Debian 4.0 testing/unstable was used
|
||||
# cf. https://metadata.ftp-master.debian.org/changelogs/main/b/base-files/base-files_11_changelog
|
||||
echo 3.99
|
||||
;;
|
||||
*/sid)
|
||||
# sid versions don't have a number, so we decode by codename:
|
||||
case $(expr "$debian_version" : '\([a-z]\{1,\}\)/')
|
||||
in
|
||||
bullseye) echo 10.99 ;;
|
||||
buster) echo 9.99 ;;
|
||||
stretch) echo 8.99 ;;
|
||||
jessie) echo 7.99 ;;
|
||||
wheezy) echo 6.99 ;;
|
||||
squeeze) echo 5.99 ;;
|
||||
lenny) echo 4.99 ;;
|
||||
*) exit 1
|
||||
esac
|
||||
;;
|
||||
*)
|
||||
echo "$debian_version"
|
||||
;;
|
||||
esac
|
||||
cat /etc/debian_version
|
||||
;;
|
||||
devuan)
|
||||
cat /etc/devuan_version
|
||||
|
@ -70,11 +45,6 @@ case "$("$__explorer/os")" in
|
|||
macosx)
|
||||
sw_vers -productVersion
|
||||
;;
|
||||
freebsd)
|
||||
# Apparently uname -r is not a reliable way to get the patch level.
|
||||
# See: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=251743
|
||||
freebsd-version
|
||||
;;
|
||||
*bsd|solaris)
|
||||
uname -r
|
||||
;;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
# __locale/explorer/state
|
||||
#
|
||||
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||
# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,19 +17,23 @@
|
|||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Check if the locale is already installed on the system.
|
||||
# Outputs 'present' or 'absent' depending if the locale exists.
|
||||
#
|
||||
|
||||
# TODO check if filesystem has ACL turned on etc
|
||||
|
||||
# Get user-defined locale
|
||||
# locale name is echoed differently than the user propably set it (for UTF-8)
|
||||
locale="$(echo "$__object_id" | sed 's/UTF-8/utf8/')"
|
||||
if [ -f "$__object/parameter/acl" ]
|
||||
then
|
||||
grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \
|
||||
| while read -r acl
|
||||
do
|
||||
param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )"
|
||||
check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )"
|
||||
|
||||
# Check if the given locale exists on the system
|
||||
if localedef --list-archive | grep -qFx "$locale"; then
|
||||
echo present
|
||||
else
|
||||
echo absent
|
||||
[ "$param" = 'user' ] && db=passwd || db="$param"
|
||||
|
||||
if ! getent "$db" "$check" > /dev/null
|
||||
then
|
||||
echo "missing $param '$check'" >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
fi
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
getent passwd | awk -F: '{print "user:"$1}'
|
||||
getent group | awk -F: '{print "group:"$1}'
|
|
@ -22,8 +22,8 @@ file_is="$( cat "$__object/explorer/file_is" )"
|
|||
|
||||
if [ "$file_is" = 'missing' ] \
|
||||
&& [ -z "$__cdist_dry_run" ] \
|
||||
&& [ ! -f "$__object/parameter/file" ] \
|
||||
&& [ ! -f "$__object/parameter/directory" ]
|
||||
&& \( [ ! -f "$__object/parameter/file" ] \
|
||||
|| [ ! -f "$__object/parameter/directory" ] \)
|
||||
then
|
||||
exit 0
|
||||
fi
|
||||
|
@ -47,26 +47,28 @@ then
|
|||
elif [ -f "$__object/parameter/entry" ]
|
||||
then
|
||||
acl_should="$( cat "$__object/parameter/entry" )"
|
||||
elif [ -f "$__object/parameter/acl" ]
|
||||
then
|
||||
acl_should="$( cat "$__object/parameter/acl" )"
|
||||
elif
|
||||
[ -f "$__object/parameter/user" ] \
|
||||
|| [ -f "$__object/parameter/group" ] \
|
||||
|| [ -f "$__object/parameter/mask" ] \
|
||||
|| [ -f "$__object/parameter/other" ]
|
||||
then
|
||||
acl_should="$( for param in user group mask other
|
||||
do
|
||||
[ ! -f "$__object/parameter/$param" ] && continue
|
||||
|
||||
echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=:
|
||||
|
||||
echo "$param$sep$( cat "$__object/parameter/$param" )"
|
||||
done )"
|
||||
else
|
||||
echo 'no parameters set' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# instead of setfacl's non-helpful message "Option -m: Invalid argument near character X"
|
||||
# let's check if target has necessary users and groups, since mistyped or missing
|
||||
# users/groups in target is most common reason.
|
||||
echo "$acl_should" \
|
||||
| grep -Po '(user|group):[^:]+' \
|
||||
| sort -u \
|
||||
| while read -r l
|
||||
do
|
||||
if ! grep "$l" -Fxq "$__object/explorer/getent"
|
||||
then
|
||||
echo "no $l' in target" | sed "s/:/ '/" >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
if [ -f "$__object/parameter/default" ]
|
||||
then
|
||||
acl_should="$( echo "$acl_should" \
|
||||
|
|
|
@ -12,14 +12,11 @@ Fully supported and tested on Linux (ext4 filesystem), partial support for FreeB
|
|||
|
||||
See ``setfacl`` and ``acl`` manpages for more details.
|
||||
|
||||
One of ``--entry`` or ``--source`` must be used.
|
||||
|
||||
|
||||
OPTIONAL MULTIPLE PARAMETERS
|
||||
REQUIRED MULTIPLE PARAMETERS
|
||||
----------------------------
|
||||
entry
|
||||
Set ACL entry following ``getfacl`` output syntax.
|
||||
Must be used if ``--source`` is not used.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
|
@ -28,7 +25,6 @@ source
|
|||
Read ACL entries from stdin or file.
|
||||
Ordering of entries is not important.
|
||||
When reading from file, comments and empty lines are ignored.
|
||||
Must be used if ``--entry`` is not used.
|
||||
|
||||
file
|
||||
Create/change file with ``__file`` using ``user:group:mode`` pattern.
|
||||
|
@ -52,6 +48,12 @@ remove
|
|||
``mask`` and ``other`` entries can't be removed, but only changed.
|
||||
|
||||
|
||||
DEPRECATED PARAMETERS
|
||||
---------------------
|
||||
Parameters ``acl``, ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
|
||||
will be removed in future versions. Please use ``entry`` parameter instead.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
|
|
1
cdist/conf/type/__acl/parameter/deprecated/acl
Normal file
1
cdist/conf/type/__acl/parameter/deprecated/acl
Normal file
|
@ -0,0 +1 @@
|
|||
see manual for details
|
1
cdist/conf/type/__acl/parameter/deprecated/group
Normal file
1
cdist/conf/type/__acl/parameter/deprecated/group
Normal file
|
@ -0,0 +1 @@
|
|||
see manual for details
|
1
cdist/conf/type/__acl/parameter/deprecated/mask
Normal file
1
cdist/conf/type/__acl/parameter/deprecated/mask
Normal file
|
@ -0,0 +1 @@
|
|||
see manual for details
|
1
cdist/conf/type/__acl/parameter/deprecated/other
Normal file
1
cdist/conf/type/__acl/parameter/deprecated/other
Normal file
|
@ -0,0 +1 @@
|
|||
see manual for details
|
1
cdist/conf/type/__acl/parameter/deprecated/user
Normal file
1
cdist/conf/type/__acl/parameter/deprecated/user
Normal file
|
@ -0,0 +1 @@
|
|||
see manual for details
|
|
@ -1,3 +1,5 @@
|
|||
mask
|
||||
other
|
||||
source
|
||||
file
|
||||
directory
|
||||
|
|
|
@ -1 +1,4 @@
|
|||
entry
|
||||
acl
|
||||
user
|
||||
group
|
||||
|
|
|
@ -1,104 +0,0 @@
|
|||
cdist-type__debian_backports(7)
|
||||
===============================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__apt_backports - Install backports
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This singleton type installs backports for the current OS release.
|
||||
It aborts if backports are not supported for the specified OS or
|
||||
no version codename could be fetched (like Debian unstable).
|
||||
|
||||
The package index will be automatically updated if required.
|
||||
|
||||
It supports backports from following OSes:
|
||||
|
||||
- Debian
|
||||
- Devuan
|
||||
- Ubuntu
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
Represents the state of the backports repository. ``present`` or
|
||||
``absent``, defaults to ``present``.
|
||||
|
||||
Will be directly passed to :strong:`cdist-type__apt_source`\ (7).
|
||||
|
||||
mirror
|
||||
The mirror to fetch the backports from. Will defaults to the generic
|
||||
mirror of the current OS.
|
||||
|
||||
Will be directly passed to :strong:`cdist-type__apt_source`\ (7).
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
None.
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
None.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# setup the backports
|
||||
__apt_backports
|
||||
__apt_backports --state absent
|
||||
__apt_backports --state present --mirror "http://ftp.de.debian.org/debian/"
|
||||
|
||||
# install a backports package
|
||||
# currently for the buster release backports
|
||||
require="__apt_backports" __package_apt wireguard \
|
||||
--target-release buster-backports
|
||||
|
||||
|
||||
ABORTS
|
||||
------
|
||||
Aborts if the detected os is not Debian.
|
||||
|
||||
Aborts if no distribuition codename could be detected. This is common for the
|
||||
unstable distribution, but there is no backports repository for it already.
|
||||
|
||||
|
||||
CAVEATS
|
||||
-------
|
||||
For Ubuntu, it setup all componenents for the backports repository: ``main``,
|
||||
``restricted``, ``universe`` and ``multiverse``. The user may not want to
|
||||
install proprietary packages, which will only be installed if the user
|
||||
explicitly uses the backports target-release. The user may change this behavior
|
||||
to install backports packages without the need of explicitly select it.
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
`Official Debian Backports site <https://backports.debian.org/>`_
|
||||
|
||||
:strong:`cdist-type__apt_source`\ (7)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Matthias Stecher <matthiasstecher at gmx.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2020 Matthias Stecher. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1,81 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
# __apt_backports/manifest
|
||||
#
|
||||
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Enables/disables backports repository. Utilises __apt_source for it.
|
||||
#
|
||||
|
||||
|
||||
# Get the distribution codename by /etc/os-release.
|
||||
# is already executed in a subshell by string substitution
|
||||
# lsb_release may not be given in all installations
|
||||
codename_os_release() {
|
||||
# shellcheck disable=SC1090
|
||||
. "$__global/explorer/os_release"
|
||||
printf "%s" "$VERSION_CODENAME"
|
||||
}
|
||||
|
||||
# detect backport distribution
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
case "$os" in
|
||||
debian)
|
||||
dist="$( codename_os_release )"
|
||||
components="main"
|
||||
mirror="http://deb.debian.org/debian/"
|
||||
;;
|
||||
devuan)
|
||||
dist="$( codename_os_release )"
|
||||
components="main"
|
||||
mirror="http://deb.devuan.org/merged"
|
||||
;;
|
||||
ubuntu)
|
||||
dist="$( codename_os_release )"
|
||||
components="main restricted universe multiverse"
|
||||
mirror="http://archive.ubuntu.com/ubuntu"
|
||||
;;
|
||||
|
||||
*)
|
||||
printf "Backports for %s are not supported!\n" "$os" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# error if no codename given (e.g. on Debian unstable)
|
||||
if [ -z "$dist" ]; then
|
||||
printf "No backports for unkown version of distribution %s!\n" "$os" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
# parameters
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
# mirror already set for the os, only override user-values
|
||||
if [ -f "$__object/parameter/mirror" ]; then
|
||||
mirror="$(cat "$__object/parameter/mirror")"
|
||||
fi
|
||||
|
||||
|
||||
# install the given backports repository
|
||||
__apt_source "${dist}-backports" \
|
||||
--state "$state" \
|
||||
--distribution "${dist}-backports" \
|
||||
--component "$components" \
|
||||
--uri "$mirror"
|
|
@ -1 +0,0 @@
|
|||
present
|
|
@ -1,2 +0,0 @@
|
|||
state
|
||||
mirror
|
|
@ -32,12 +32,11 @@ EXAMPLES
|
|||
AUTHORS
|
||||
-------
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2014 Steven Armstrong, 2020 Dennis Camera.
|
||||
You can redistribute it and/or modify it under the terms of the GNU General
|
||||
Public License as published by the Free Software Foundation, either version 3 of
|
||||
the License, or (at your option) any later version.
|
||||
Copyright \(C) 2014 Steven Armstrong. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -20,28 +19,26 @@
|
|||
#
|
||||
|
||||
|
||||
os=$(cat "${__global:?}/explorer/os")
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case ${os}
|
||||
in
|
||||
(ubuntu|debian|devuan)
|
||||
__file /etc/apt/apt.conf.d/00InstallRecommends --state present \
|
||||
--owner root --group root --mode 0644 --source - <<-'EOF'
|
||||
APT::Install-Recommends "false";
|
||||
APT::Install-Suggests "false";
|
||||
APT::AutoRemove::RecommendsImportant "false";
|
||||
APT::AutoRemove::SuggestsImportant "false";
|
||||
EOF
|
||||
|
||||
# TODO: Remove the following object after some time
|
||||
require=__file/etc/apt/apt.conf.d/00InstallRecommends \
|
||||
__file /etc/apt/apt.conf.d/99-no-recommends --state absent
|
||||
;;
|
||||
(*)
|
||||
cat >&2 <<EOF
|
||||
case "$os" in
|
||||
ubuntu|debian|devuan)
|
||||
# No stinking recommends thank you very much.
|
||||
# If I want something installed I will do so myself.
|
||||
__file /etc/apt/apt.conf.d/99-no-recommends \
|
||||
--owner root --group root --mode 644 \
|
||||
--source - << DONE
|
||||
APT::Install-Recommends "0";
|
||||
APT::Install-Suggests "0";
|
||||
APT::AutoRemove::RecommendsImportant "0";
|
||||
APT::AutoRemove::SuggestsImportant "0";
|
||||
DONE
|
||||
;;
|
||||
*)
|
||||
cat >&2 << DONE
|
||||
The developer of this type (${__type##*/}) did not think your operating system
|
||||
($os) would have any use for it. If you think otherwise please submit a patch.
|
||||
EOF
|
||||
exit 1
|
||||
;;
|
||||
DONE
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -46,29 +46,28 @@ fi
|
|||
|
||||
remove_block() {
|
||||
cat << DONE
|
||||
tmpfile=\$(mktemp ${quoted_file}.cdist.XXXXXXXXXX)
|
||||
tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
||||
# preserve ownership and permissions of existing file
|
||||
if [ -f $quoted_file ]; then
|
||||
cp -p $quoted_file "\$tmpfile"
|
||||
if [ -f "$file" ]; then
|
||||
cp -p "$file" "\$tmpfile"
|
||||
fi
|
||||
awk -v prefix=$(quote "$prefix") -v suffix=$(quote "$suffix") '
|
||||
awk -v prefix=^$(quote "$prefix")\$ -v suffix=^$(quote "$suffix")\$ '
|
||||
{
|
||||
if (\$0 == prefix) {
|
||||
if (match(\$0,prefix)) {
|
||||
triggered=1
|
||||
}
|
||||
if (triggered) {
|
||||
if (\$0 == suffix) {
|
||||
if (match(\$0,suffix)) {
|
||||
triggered=0
|
||||
}
|
||||
} else {
|
||||
print
|
||||
}
|
||||
}' $quoted_file > "\$tmpfile"
|
||||
mv -f "\$tmpfile" $quoted_file
|
||||
}' "$file" > "\$tmpfile"
|
||||
mv -f "\$tmpfile" "$file"
|
||||
DONE
|
||||
}
|
||||
|
||||
quoted_file="$(quote "$file")"
|
||||
case "$state_should" in
|
||||
present)
|
||||
if [ "$state_is" = "changed" ]; then
|
||||
|
@ -78,7 +77,7 @@ case "$state_should" in
|
|||
echo add >> "$__messages_out"
|
||||
fi
|
||||
cat << DONE
|
||||
cat >> $quoted_file << '${__type##*/}_DONE'
|
||||
cat >> "$file" << ${__type##*/}_DONE
|
||||
$(cat "$block")
|
||||
${__type##*/}_DONE
|
||||
DONE
|
||||
|
|
|
@ -18,12 +18,7 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -f "$__object/parameter/path" ]
|
||||
then
|
||||
path="$( cat "$__object/parameter/path" )"
|
||||
else
|
||||
path="/$__object_id"
|
||||
fi
|
||||
path="/$__object_id"
|
||||
|
||||
[ ! -d "$path" ] && exit 0
|
||||
|
||||
|
|
|
@ -20,12 +20,7 @@
|
|||
|
||||
[ ! -s "$__object/explorer/list" ] && exit 0
|
||||
|
||||
if [ -f "$__object/parameter/path" ]
|
||||
then
|
||||
path="$( cat "$__object/parameter/path" )"
|
||||
else
|
||||
path="/$__object_id"
|
||||
fi
|
||||
path="/$__object_id"
|
||||
|
||||
pattern="$( cat "$__object/parameter/pattern" )"
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ DESCRIPTION
|
|||
-----------
|
||||
Remove files and directories which match the pattern.
|
||||
|
||||
Provided path must be a directory.
|
||||
Provided path (as __object_id) must be a directory.
|
||||
|
||||
Patterns are passed to ``find``'s ``-regex`` - see ``find(1)`` for more details.
|
||||
|
||||
|
@ -29,9 +29,6 @@ pattern
|
|||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
path
|
||||
Path which will be cleaned. Defaults to ``$__object_id``.
|
||||
|
||||
exclude
|
||||
Pattern of files which are excluded from removal.
|
||||
|
||||
|
@ -49,11 +46,6 @@ EXAMPLES
|
|||
--exclude '.+\(charset\.conf\|security\.conf\)' \
|
||||
--onchange 'service apache2 restart'
|
||||
|
||||
__clean_path apache2-conf-enabled \
|
||||
--path /etc/apache2/conf-enabled \
|
||||
--pattern '.+' \
|
||||
--exclude '.+\(charset\.conf\|security\.conf\)' \
|
||||
--onchange 'service apache2 restart'
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
|
|
|
@ -1,3 +1,2 @@
|
|||
exclude
|
||||
onchange
|
||||
path
|
||||
|
|
|
@ -30,10 +30,10 @@ fallback() {
|
|||
gid=$(echo "$ls_line" | awk '{ print $4 }')
|
||||
|
||||
owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
|
||||
group=$(awk -F: -v gid="$gid" '$3 == gid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
|
||||
group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
|
||||
|
||||
mode_text=$(echo "$ls_line" | awk '{ print $1 }')
|
||||
mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[lst]/)*2^(9+i/3)}printf("%04o",k)}')
|
||||
mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
|
||||
|
||||
printf 'type: %s\nowner: %d %s\ngroup: %d %s\nmode: %s %s\n' \
|
||||
"$("$__type_explorer/type")" \
|
||||
|
@ -45,27 +45,56 @@ fallback() {
|
|||
# nothing to work with, nothing we could do
|
||||
[ -e "$destination" ] || exit 0
|
||||
|
||||
command -v stat >/dev/null 2>&1 || {
|
||||
if ! command -v stat >/dev/null
|
||||
then
|
||||
fallback
|
||||
exit
|
||||
}
|
||||
fi
|
||||
|
||||
case $("$__explorer/os")
|
||||
in
|
||||
freebsd|netbsd|openbsd|macosx)
|
||||
stat -f 'type: %HT
|
||||
case $("$__explorer/os") in
|
||||
"freebsd"|"netbsd"|"openbsd"|"macosx")
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Mp%03Lp %Sp
|
||||
' "$destination" | awk '/^type/ { print tolower($0); next } { print }'
|
||||
mode: %Lp %Sp
|
||||
" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
|
||||
;;
|
||||
solaris)
|
||||
ls1="$( ls -ld "$destination" )"
|
||||
ls2="$( ls -ldn "$destination" )"
|
||||
|
||||
if [ -f "$__object/parameter/mode" ]
|
||||
then mode_should="$( cat "$__object/parameter/mode" )"
|
||||
fi
|
||||
|
||||
# yes, it is ugly hack, but if you know better way...
|
||||
if [ -z "$( find "$destination" -perm "$mode_should" )" ]
|
||||
then octets=888
|
||||
else octets="$( echo "$mode_should" | sed 's/^0//' )"
|
||||
fi
|
||||
|
||||
case "$( echo "$ls1" | cut -c1-1 )" in
|
||||
-) echo 'type: regular file' ;;
|
||||
d) echo 'type: directory' ;;
|
||||
esac
|
||||
|
||||
echo "owner: $( echo "$ls2" \
|
||||
| awk '{print $3}' ) $( echo "$ls1" \
|
||||
| awk '{print $3}' )"
|
||||
|
||||
echo "group: $( echo "$ls2" \
|
||||
| awk '{print $4}' ) $( echo "$ls1" \
|
||||
| awk '{print $4}' )"
|
||||
|
||||
echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
|
||||
;;
|
||||
*)
|
||||
# NOTE: Do not use --printf here as it is not supported by BusyBox stat.
|
||||
# NOTE: BusyBox's stat might not support the "-c" option, in which case
|
||||
# we fall through to the shell fallback.
|
||||
stat -c 'type: %F
|
||||
stat -c "type: %F
|
||||
owner: %u %U
|
||||
group: %g %G
|
||||
mode: %04a %A' "$destination" 2>/dev/null || fallback
|
||||
;;
|
||||
mode: %a %A" "$destination" 2>/dev/null || fallback
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -97,11 +97,9 @@ case "$state_should" in
|
|||
value_should="$(cat "$__object/parameter/$attribute")"
|
||||
value_is="$(get_current_value "$attribute" "$value_should")"
|
||||
|
||||
# format mode in four digits => same as stat returns
|
||||
# change 0xxx format to xxx format => same as stat returns
|
||||
if [ "$attribute" = mode ]; then
|
||||
# Convert to four-digit octal number (printf interprets
|
||||
# strings with leading 0s as octal!)
|
||||
value_should=$(printf '%04o' "0${value_should}")
|
||||
value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
|
||||
fi
|
||||
|
||||
if [ "$set_attributes" = 1 ] || [ "$value_should" != "$value_is" ]; then
|
||||
|
|
|
@ -25,9 +25,6 @@ user
|
|||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
|
||||
dirmode
|
||||
forwarded to :strong:`__directory` type as mode
|
||||
|
||||
mode
|
||||
forwarded to :strong:`__file` type
|
||||
|
||||
|
|
|
@ -19,7 +19,6 @@ set -eu
|
|||
user="$(cat "${__object}/parameter/user")"
|
||||
home="$(cat "${__object}/explorer/home")"
|
||||
primary_group="$(cat "${__object}/explorer/primary_group")"
|
||||
dirmode="$(cat "${__object}/parameter/dirmode")"
|
||||
|
||||
# Create parent directory. Type __directory has flag 'parents', but it
|
||||
# will leave us with root-owned directory in user home, which is not
|
||||
|
@ -37,7 +36,6 @@ export CDIST_ORDER_DEPENDENCY
|
|||
for dir ; do
|
||||
__directory "${home}/${dir}" \
|
||||
--group "${primary_group}" \
|
||||
--mode "${dirmode}" \
|
||||
--owner "${user}"
|
||||
done
|
||||
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
0700
|
|
@ -1,4 +1,3 @@
|
|||
state
|
||||
mode
|
||||
source
|
||||
dirmode
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
if [ -f "$__object/parameter/cmd-get" ]
|
||||
then
|
||||
cmd="$( cat "$__object/parameter/cmd-get" )"
|
||||
|
||||
elif command -v curl > /dev/null
|
||||
then
|
||||
cmd="curl -L -o - '%s'"
|
||||
|
||||
elif command -v fetch > /dev/null
|
||||
then
|
||||
cmd="fetch -o - '%s'"
|
||||
|
||||
else
|
||||
cmd="wget -O - '%s'"
|
||||
fi
|
||||
|
||||
echo "$cmd"
|
|
@ -1,72 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
dst="/$__object_id"
|
||||
|
||||
if [ ! -f "$dst" ]
|
||||
then
|
||||
echo 'absent'
|
||||
exit 0
|
||||
fi
|
||||
|
||||
sum_should="$( cat "$__object/parameter/sum" )"
|
||||
|
||||
if [ -f "$__object/parameter/cmd-sum" ]
|
||||
then
|
||||
# shellcheck disable=SC2059
|
||||
sum_is="$( eval "$( printf \
|
||||
"$( cat "$__object/parameter/cmd-sum" )" \
|
||||
"$dst" )" )"
|
||||
else
|
||||
os="$( "$__explorer/os" )"
|
||||
|
||||
if echo "$sum_should" | grep -Eq '^[0-9]+\s[0-9]+$'
|
||||
then
|
||||
sum_is="$( cksum "$dst" | awk '{print $1" "$2}' )"
|
||||
|
||||
elif echo "$sum_should" | grep -Eiq '^md5:[a-f0-9]{32}$'
|
||||
then
|
||||
case "$os" in
|
||||
freebsd)
|
||||
sum_is="md5:$( md5 -q "$dst" )"
|
||||
;;
|
||||
*)
|
||||
sum_is="md5:$( md5sum "$dst" | awk '{print $1}' )"
|
||||
;;
|
||||
esac
|
||||
|
||||
elif echo "$sum_should" | grep -Eiq '^sha1:[a-f0-9]{40}$'
|
||||
then
|
||||
case "$os" in
|
||||
freebsd)
|
||||
sum_is="sha1:$( sha1 -q "$dst" )"
|
||||
;;
|
||||
*)
|
||||
sum_is="sha1:$( sha1sum "$dst" | awk '{print $1}' )"
|
||||
;;
|
||||
esac
|
||||
|
||||
elif echo "$sum_should" | grep -Eiq '^sha256:[a-f0-9]{64}$'
|
||||
then
|
||||
case "$os" in
|
||||
freebsd)
|
||||
sum_is="sha256:$( sha256 -q "$dst" )"
|
||||
;;
|
||||
*)
|
||||
sum_is="sha256:$( sha256sum "$dst" | awk '{print $1}' )"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -z "$sum_is" ]
|
||||
then
|
||||
echo 'no checksum from target' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$sum_is" = "$sum_should" ]
|
||||
then
|
||||
echo 'present'
|
||||
else
|
||||
echo 'mismatch'
|
||||
fi
|
|
@ -1,58 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
download="$( cat "$__object/parameter/download" )"
|
||||
|
||||
state_is="$( cat "$__object/explorer/state" )"
|
||||
|
||||
if [ "$download" != 'local' ] || [ "$state_is" = 'present' ]
|
||||
then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
url="$( cat "$__object/parameter/url" )"
|
||||
|
||||
tmp="$( mktemp )"
|
||||
|
||||
dst="/$__object_id"
|
||||
|
||||
if [ -f "$__object/parameter/cmd-get" ]
|
||||
then
|
||||
cmd="$( cat "$__object/parameter/cmd-get" )"
|
||||
|
||||
elif command -v wget > /dev/null
|
||||
then
|
||||
cmd="wget -O - '%s'"
|
||||
|
||||
elif command -v curl > /dev/null
|
||||
then
|
||||
cmd="curl -L -o - '%s'"
|
||||
|
||||
elif command -v fetch > /dev/null
|
||||
then
|
||||
cmd="fetch -o - '%s'"
|
||||
|
||||
else
|
||||
echo 'no usable locally installed utility for downloading' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
printf "$cmd > %s\n" \
|
||||
"$url" \
|
||||
"$tmp"
|
||||
|
||||
if echo "$__target_host" | grep -Eq '^[0-9a-fA-F:]+$'
|
||||
then
|
||||
target_host="[$__target_host]"
|
||||
else
|
||||
target_host="$__target_host"
|
||||
fi
|
||||
|
||||
printf '%s %s %s:%s\n' \
|
||||
"$__remote_copy" \
|
||||
"$tmp" \
|
||||
"$target_host" \
|
||||
"$dst"
|
||||
|
||||
echo "rm -f '$tmp'"
|
||||
|
||||
echo 'downloaded' > "$__messages_out"
|
|
@ -1,25 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
download="$( cat "$__object/parameter/download" )"
|
||||
|
||||
state_is="$( cat "$__object/explorer/state" )"
|
||||
|
||||
if [ "$download" = 'remote' ] && [ "$state_is" != 'present' ]
|
||||
then
|
||||
cmd="$( cat "$__object/explorer/remote_cmd" )"
|
||||
|
||||
url="$( cat "$__object/parameter/url" )"
|
||||
|
||||
dst="/$__object_id"
|
||||
|
||||
printf "$cmd > %s\n" \
|
||||
"$url" \
|
||||
"$dst"
|
||||
|
||||
echo 'downloaded' > "$__messages_out"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/onchange" ] && [ "$state_is" != "present" ]
|
||||
then
|
||||
cat "$__object/parameter/onchange"
|
||||
fi
|
|
@ -1,87 +0,0 @@
|
|||
cdist-type__download(7)
|
||||
=======================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__download - Download a file
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Destination (``$__object_id``) in target host must be persistent storage
|
||||
in order to calculate checksum and decide if file must be (re-)downloaded.
|
||||
|
||||
By default type will try to use ``wget``, ``curl`` or ``fetch``.
|
||||
If download happens in target (see ``--download``) then type will
|
||||
fallback to (and install) ``wget``.
|
||||
|
||||
If download happens in local machine, then environment variables like
|
||||
``{http,https,ftp}_proxy`` etc can be used on cdist execution
|
||||
(``http_proxy=foo cdist config ...``).
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
url
|
||||
File's URL.
|
||||
|
||||
sum
|
||||
Checksum of file going to be downloaded.
|
||||
By default output of ``cksum`` without filename is expected.
|
||||
Other hash formats supported with prefixes: ``md5:``, ``sha1:`` and ``sha256:``.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
download
|
||||
If ``local`` (default), then download file to local storage and copy
|
||||
it to target host. If ``remote``, then download happens in target.
|
||||
|
||||
cmd-get
|
||||
Command used for downloading.
|
||||
Command must output to ``stdout``.
|
||||
Parameter will be used for ``printf`` and must include only one
|
||||
format specification ``%s`` which will become URL.
|
||||
For example: ``wget -O - '%s'``.
|
||||
|
||||
cmd-sum
|
||||
Command used for checksum calculation.
|
||||
Command output and ``--sum`` parameter must match.
|
||||
Parameter will be used for ``printf`` and must include only one
|
||||
format specification ``%s`` which will become destination.
|
||||
For example: ``md5sum '%s' | awk '{print $1}'``.
|
||||
|
||||
onchange
|
||||
Execute this command after download.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__directory /opt/cpma
|
||||
|
||||
require='__directory/opt/cpma' \
|
||||
__download /opt/cpma/cnq3.zip \
|
||||
--url https://cdn.playmorepromode.com/files/cnq3/cnq3-1.51.zip \
|
||||
--sum md5:46da3021ca9eace277115ec9106c5b46
|
||||
|
||||
require='__download/opt/cpma/cnq3.zip' \
|
||||
__unpack /opt/cpma/cnq3.zip \
|
||||
--backup-destination \
|
||||
--preserve-archive \
|
||||
--destination /opt/cpma/server
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Ander Punnar <ander-at-kvlt-dot-ee>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2020 Ander Punnar. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1,6 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
if grep -Eq '^wget' "$__object/explorer/remote_cmd"
|
||||
then
|
||||
__package wget
|
||||
fi
|
|
@ -1 +0,0 @@
|
|||
local
|
|
@ -1,4 +0,0 @@
|
|||
cmd-get
|
||||
cmd-sum
|
||||
download
|
||||
onchange
|
|
@ -1,2 +0,0 @@
|
|||
url
|
||||
sum
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
# __dpkg_architecture/explorer/architecture
|
||||
#
|
||||
# 2020 Matthias Stecher <matthiasstecher at gmx.de>
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# Get the main architecture of this machine
|
||||
|
||||
|
||||
# print or die in the gencode-remote
|
||||
dpkg --print-architecture || true
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
# __dpkg_architecture/explorer/foreign-architectures
|
||||
#
|
||||
# 2020 Matthias Stecher <matthiasstecher at gmx.de>
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# Print all additional architectures
|
||||
|
||||
|
||||
# print or die in the gencode-remote
|
||||
dpkg --print-foreign-architectures || true
|
|
@ -1,82 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
# __dpkg_architecture/gencode-remote
|
||||
#
|
||||
# 2020 Matthias Stecher <matthiasstecher at gmx.de>
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
|
||||
# Get parameter and explorer
|
||||
state_should="$(cat "$__object/parameter/state")"
|
||||
arch_wanted="$__object_id"
|
||||
main_arch="$(cat "$__object/explorer/architecture")"
|
||||
|
||||
# Exit here if dpkg do not work (empty explorer)
|
||||
if [ -z "$main_arch" ]; then
|
||||
echo "dpkg is not available or unable to detect a architecture!" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
# Check if requested architecture is the main one
|
||||
if [ "$arch_wanted" = "$main_arch" ]; then
|
||||
# higher than present; we can not remove it
|
||||
state_is="present"
|
||||
caution="yes"
|
||||
|
||||
# Check if the architecture not already used
|
||||
elif grep -qFx "$arch_wanted" "$__object/explorer/foreign-architectures"; then
|
||||
state_is="present"
|
||||
|
||||
# arch does not exist
|
||||
else
|
||||
state_is="absent"
|
||||
fi
|
||||
|
||||
|
||||
# Check what to do
|
||||
if [ "$state_is" != "$state_should" ]; then
|
||||
case "$state_should" in
|
||||
present)
|
||||
# print add code
|
||||
printf "dpkg --add-architecture '%s'\n" "$arch_wanted"
|
||||
# updating the index to make the new architecture available
|
||||
echo "apt update"
|
||||
|
||||
echo added >> "$__messages_out"
|
||||
;;
|
||||
|
||||
absent)
|
||||
if [ "$caution" ]; then
|
||||
printf "can not remove the main arch '%s' of the system!\n" "$main_arch" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# removing all existing packages for the architecture
|
||||
printf "apt purge '.*:%s'\n" "$arch_wanted"
|
||||
# print remove code
|
||||
printf "dpkg --remove-architecture '%s'\n" "$arch_wanted"
|
||||
|
||||
echo removed >> "$__messages_out"
|
||||
;;
|
||||
|
||||
*)
|
||||
printf "state '%s' is unknown!\n" "$state_should" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
|
@ -1,103 +0,0 @@
|
|||
cdist-type__dpkg_architecture(7)
|
||||
================================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__dpkg_architecture - Handles foreign architectures on debian-like
|
||||
systems managed by `dpkg`
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This type handles foreign architectures on systems managed by
|
||||
:strong:`dpkg`\ (1). The object id is the name of the architecture accepted by
|
||||
`dpkg`, which should be added or removed.
|
||||
|
||||
If the architecture is not setup on the system, it adds a new architecture as a
|
||||
new foreign architecture in `dpkg`. Then, it updates the apt package index to
|
||||
make packages from the new architecture available.
|
||||
|
||||
If the architecture should be removed, it will remove it if it is not the base
|
||||
architecture on where the system was installed on. Before it, it will purge
|
||||
every package based on the "to be removed" architecture via `apt` to be able to
|
||||
remove the selected architecture.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
``present`` or ``absent``. Defaults to ``present``.
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
added
|
||||
Added the specified architecture
|
||||
|
||||
removed
|
||||
Removed the specified architecture
|
||||
|
||||
|
||||
ABORTS
|
||||
------
|
||||
Aborts in the following cases:
|
||||
|
||||
If :strong:`dpkg`\ (1) is not available. It will abort with a proper error
|
||||
message.
|
||||
|
||||
If the architecture is the same as the base architecture the system is build
|
||||
upon it (returned by ``dpkg --print-architecture``) and it should be removed.
|
||||
|
||||
It will fail if it can not execute :strong:`apt`\ (8). It is assumed that it is
|
||||
already installed.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# add i386 (32 bit) architecture
|
||||
__dpkg_architecture i386
|
||||
|
||||
# remove it again :)
|
||||
__dpkg_architecture i386 --state absent
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
`Multiarch on Debian systems <https://wiki.debian.org/Multiarch>`_
|
||||
|
||||
`How to setup multiarch on Debian <https://wiki.debian.org/Multiarch/HOWTO>`_
|
||||
|
||||
:strong:`dpkg`\ (1)
|
||||
:strong:`cdist-type__package_dpkg`\ (7)
|
||||
:strong:`cdist-type__package_apt`\ (7)
|
||||
|
||||
Useful commands:
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# base architecture installed on this system
|
||||
dpkg --print-architecture
|
||||
|
||||
# extra architectures added
|
||||
dpkg --print-foreign-architectures
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Matthias Stecher <matthiasstecher at gmx.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2020 Matthias Stecher. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
ublished by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1 +0,0 @@
|
|||
present
|
|
@ -1 +0,0 @@
|
|||
state
|
|
@ -31,10 +31,10 @@ fallback() {
|
|||
gid=$(echo "$ls_line" | awk '{ print $4 }')
|
||||
|
||||
owner=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/passwd)
|
||||
group=$(awk -F: -v gid="$gid" '$3 == gid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
|
||||
group=$(awk -F: -v uid="$uid" '$3 == uid { print $1; f=1 } END { if (!f) print "UNKNOWN" }' /etc/group)
|
||||
|
||||
mode_text=$(echo "$ls_line" | awk '{ print $1 }')
|
||||
mode=$(echo "$mode_text" | awk '{for(i=8;i>=0;--i){c=substr($1,10-i,1);k+=((c~/[rwxst]/)*2^i);if(!(i%3))k+=(tolower(c)~/[lst]/)*2^(9+i/3)}printf("%04o",k)}')
|
||||
mode=$(echo "$mode_text" | awk '{ k=0; for (i=0; i<=8; i++) k += ((substr($1, i+2, 1) ~ /[rwx]/) * 2^(8-i)); printf("%0o", k) }')
|
||||
|
||||
size=$(echo "$ls_line" | awk '{ print $5 }')
|
||||
links=$(echo "$ls_line" | awk '{ print $2 }')
|
||||
|
@ -53,32 +53,64 @@ fallback() {
|
|||
[ -e "$destination" ] || exit 0
|
||||
|
||||
|
||||
command -v stat >/dev/null 2>&1 || {
|
||||
if ! command -v stat >/dev/null
|
||||
then
|
||||
fallback
|
||||
exit
|
||||
}
|
||||
fi
|
||||
|
||||
|
||||
case $("$__explorer/os")
|
||||
in
|
||||
freebsd|netbsd|openbsd|macosx)
|
||||
stat -f 'type: %HT
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Mp%03Lp %Sp
|
||||
mode: %Lp %Sp
|
||||
size: %Dz
|
||||
links: %Dl
|
||||
' "$destination" | awk '/^type/ { print tolower($0); next } { print }'
|
||||
" "$destination" | awk '/^type/ { print tolower($0); next } { print }'
|
||||
;;
|
||||
solaris)
|
||||
ls1="$( ls -ld "$destination" )"
|
||||
ls2="$( ls -ldn "$destination" )"
|
||||
|
||||
if [ -f "$__object/parameter/mode" ]
|
||||
then mode_should="$( cat "$__object/parameter/mode" )"
|
||||
fi
|
||||
|
||||
# yes, it is ugly hack, but if you know better way...
|
||||
if [ -z "$( find "$destination" -perm "$mode_should" )" ]
|
||||
then octets=888
|
||||
else octets="$( echo "$mode_should" | sed 's/^0//' )"
|
||||
fi
|
||||
|
||||
case "$( echo "$ls1" | cut -c1-1 )" in
|
||||
-) echo 'type: regular file' ;;
|
||||
d) echo 'type: directory' ;;
|
||||
esac
|
||||
|
||||
echo "owner: $( echo "$ls2" \
|
||||
| awk '{print $3}' ) $( echo "$ls1" \
|
||||
| awk '{print $3}' )"
|
||||
|
||||
echo "group: $( echo "$ls2" \
|
||||
| awk '{print $4}' ) $( echo "$ls1" \
|
||||
| awk '{print $4}' )"
|
||||
|
||||
echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
|
||||
echo "size: $( echo "$ls1" | awk '{print $5}' )"
|
||||
echo "links: $( echo "$ls1" | awk '{print $2}' )"
|
||||
;;
|
||||
*)
|
||||
# NOTE: Do not use --printf here as it is not supported by BusyBox stat.
|
||||
# NOTE: BusyBox's stat might not support the "-c" option, in which case
|
||||
# we fall through to the shell fallback.
|
||||
stat -c 'type: %F
|
||||
stat -c "type: %F
|
||||
owner: %u %U
|
||||
group: %g %G
|
||||
mode: %04a %A
|
||||
mode: %a %A
|
||||
size: %s
|
||||
links: %h' "$destination" 2>/dev/null || fallback
|
||||
;;
|
||||
links: %h" "$destination" 2>/dev/null || fallback
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -68,11 +68,9 @@ case "$state_should" in
|
|||
if [ -f "$__object/parameter/$attribute" ]; then
|
||||
value_should="$(cat "$__object/parameter/$attribute")"
|
||||
|
||||
# format mode in four digits => same as stat returns
|
||||
# change 0xxx format to xxx format => same as stat returns
|
||||
if [ "$attribute" = mode ]; then
|
||||
# Convert to four-digit octal number (printf interprets
|
||||
# strings with leading 0s as octal!)
|
||||
value_should=$(printf '%04o' "0${value_should}")
|
||||
value_should="$(echo "$value_should" | sed 's/^0\(...\)/\1/')"
|
||||
fi
|
||||
|
||||
value_is="$(get_current_value "$attribute" "$value_should")"
|
||||
|
@ -87,6 +85,11 @@ case "$state_should" in
|
|||
fi
|
||||
;;
|
||||
|
||||
pre-exists)
|
||||
# pre-exists should never reach gencode-remote…
|
||||
exit 1
|
||||
;;
|
||||
|
||||
absent)
|
||||
if [ "$type" = "file" ]; then
|
||||
echo "rm -f '$destination'"
|
||||
|
@ -95,10 +98,6 @@ case "$state_should" in
|
|||
fi
|
||||
;;
|
||||
|
||||
pre-exists)
|
||||
:
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Unknown state: $state_should" >&2
|
||||
exit 1
|
||||
|
|
|
@ -18,16 +18,16 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
os=$("${__explorer:?}/os")
|
||||
os=$("$__explorer/os")
|
||||
|
||||
if [ -f "${__object:?}/parameter/device" ]; then
|
||||
if [ -f "$__object/parameter/device" ]; then
|
||||
blkdev="$(cat "$__object/parameter/device")"
|
||||
else
|
||||
blkdev="${__object_id:?}"
|
||||
blkdev="$__object_id"
|
||||
fi
|
||||
|
||||
case "$os" in
|
||||
alpine|centos|fedora|redhat|suse|gentoo)
|
||||
centos|fedora|redhat|suse|gentoo)
|
||||
if [ ! -x "$(command -v lsblk)" ]; then
|
||||
echo "lsblk is required for __filesystem type" >&2
|
||||
exit 1
|
||||
|
|
|
@ -20,27 +20,26 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
os=$(cat "${__global:?}/explorer/os")
|
||||
name_running=$(cat "${__global:?}/explorer/hostname")
|
||||
has_hostnamectl=$(cat "${__object:?}/explorer/has_hostnamectl")
|
||||
os=$(cat "$__global/explorer/os")
|
||||
name_running=$(cat "$__global/explorer/hostname")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
|
||||
if test -s "${__object:?}/parameter/name"
|
||||
if test -s "$__object/parameter/name"
|
||||
then
|
||||
name_should=$(cat "${__object:?}/parameter/name")
|
||||
name_should=$(cat "$__object/parameter/name")
|
||||
else
|
||||
case ${os}
|
||||
case $os
|
||||
in
|
||||
# RedHat-derivatives and BSDs
|
||||
(centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
|
||||
centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd)
|
||||
# Hostname is FQDN
|
||||
name_should=${__target_host:?}
|
||||
;;
|
||||
(*)
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
*)
|
||||
# Hostname is only first component of FQDN
|
||||
name_should=${__target_host:?}
|
||||
name_should=${name_should%%.*}
|
||||
;;
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
|
@ -48,46 +47,43 @@ fi
|
|||
################################################################################
|
||||
# Check if the (running) hostname is already correct
|
||||
#
|
||||
test "${name_running}" != "${name_should}" || exit 0
|
||||
test "$name_running" != "$name_should" || exit 0
|
||||
|
||||
|
||||
################################################################################
|
||||
# Setup hostname
|
||||
#
|
||||
echo 'changed' >>"${__messages_out:?}"
|
||||
echo 'changed' >>"$__messages_out"
|
||||
|
||||
# Use the good old way to set the hostname.
|
||||
case ${os}
|
||||
case $os
|
||||
in
|
||||
(alpine|debian|devuan|ubuntu)
|
||||
alpine|debian|devuan|ubuntu)
|
||||
echo 'hostname -F /etc/hostname'
|
||||
;;
|
||||
(archlinux)
|
||||
;;
|
||||
archlinux)
|
||||
echo 'command -v hostnamectl >/dev/null 2>&1' \
|
||||
"&& hostnamectl set-hostname '${name_should}'" \
|
||||
"|| hostname '${name_should}'"
|
||||
;;
|
||||
(centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
|
||||
echo "hostname '${name_should}'"
|
||||
;;
|
||||
(openwrt)
|
||||
echo "echo '${name_should}' >/proc/sys/kernel/hostname"
|
||||
;;
|
||||
(macosx)
|
||||
echo "scutil --set HostName '${name_should}'"
|
||||
;;
|
||||
(solaris)
|
||||
echo "uname -S '${name_should}'"
|
||||
;;
|
||||
(slackware|suse)
|
||||
"&& hostnamectl set-hostname '$name_should'" \
|
||||
"|| hostname '$name_should'"
|
||||
;;
|
||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void)
|
||||
echo "hostname '$name_should'"
|
||||
;;
|
||||
macosx)
|
||||
echo "scutil --set HostName '$name_should'"
|
||||
;;
|
||||
solaris)
|
||||
echo "uname -S '$name_should'"
|
||||
;;
|
||||
slackware|suse|opensuse-leap)
|
||||
# We do not read from /etc/HOSTNAME, because the running
|
||||
# hostname is the first component only while the file contains
|
||||
# the FQDN.
|
||||
echo "hostname '${name_should}'"
|
||||
;;
|
||||
(*)
|
||||
echo "hostname '$name_should'"
|
||||
;;
|
||||
*)
|
||||
# Fall back to set the hostname using hostnamectl, if available.
|
||||
if test -n "${has_hostnamectl}"
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
# Don't use hostnamectl as the primary means to set the hostname for
|
||||
# systemd systems, because it cannot be trusted to work reliably and
|
||||
|
@ -98,8 +94,7 @@ in
|
|||
echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \
|
||||
" || hostname -F /etc/hostname"
|
||||
else
|
||||
printf "echo 'Unsupported OS: %s' >&2\n" "${os}"
|
||||
printf 'exit 1\n'
|
||||
printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os"
|
||||
fi
|
||||
;;
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -20,49 +20,69 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
not_supported() {
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
set_hostname_systemd() {
|
||||
echo "$1" | __file /etc/hostname --source -
|
||||
}
|
||||
|
||||
os=$(cat "${__global:?}/explorer/os")
|
||||
os=$(cat "$__global/explorer/os")
|
||||
os_version=$(cat "$__global/explorer/os_version")
|
||||
os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*' || true)
|
||||
|
||||
max_len=$(cat "${__object:?}/explorer/max_len")
|
||||
has_hostnamectl=$(cat "${__object:?}/explorer/has_hostnamectl")
|
||||
max_len=$(cat "$__object/explorer/max_len")
|
||||
has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
||||
|
||||
if test -s "${__object:?}/parameter/name"
|
||||
if test -s "$__object/parameter/name"
|
||||
then
|
||||
name_should=$(cat "${__object:?}/parameter/name")
|
||||
name_should=$(cat "$__object/parameter/name")
|
||||
else
|
||||
case ${os}
|
||||
case $os
|
||||
in
|
||||
# RedHat-derivatives and BSDs
|
||||
(centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware|suse)
|
||||
centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware)
|
||||
# Hostname is FQDN
|
||||
name_should=${__target_host:?}
|
||||
;;
|
||||
name_should="${__target_host}"
|
||||
;;
|
||||
suse|opensuse-leap)
|
||||
# Classic SuSE stores the FQDN in /etc/HOSTNAME, while
|
||||
# systemd does not. The running hostname is the first
|
||||
# component in both cases.
|
||||
# In versions before 15.x, the FQDN is stored in /etc/hostname.
|
||||
if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \
|
||||
&& test "$os_major" -ne 42
|
||||
then
|
||||
name_should="${__target_host%%.*}"
|
||||
else
|
||||
name_should="${__target_host}"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
# Hostname is only first component of FQDN on all other systems.
|
||||
name_should=${__target_host:?}
|
||||
name_should=${name_should%%.*}
|
||||
;;
|
||||
name_should="${__target_host%%.*}"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
if test -n "${max_len}" && test "$(printf '%s' "${name_should}" | wc -c)" -gt "${max_len}"
|
||||
if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len"
|
||||
then
|
||||
printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case ${os}
|
||||
case $os
|
||||
in
|
||||
(alpine|debian|devuan|ubuntu|void)
|
||||
echo "${name_should}" | __file /etc/hostname --source -
|
||||
;;
|
||||
(archlinux)
|
||||
if test -n "${has_hostnamectl}"
|
||||
alpine|debian|devuan|ubuntu|void)
|
||||
echo "$name_should" | __file /etc/hostname --source -
|
||||
;;
|
||||
archlinux)
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
set_hostname_systemd "${name_should}"
|
||||
set_hostname_systemd "$name_should"
|
||||
else
|
||||
echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2
|
||||
exit 1
|
||||
|
@ -77,8 +97,8 @@ in
|
|||
# --value "\"$name_should\""
|
||||
fi
|
||||
;;
|
||||
(centos|fedora|redhat|scientific)
|
||||
if test -z "${has_hostnamectl}"
|
||||
centos|fedora|redhat|scientific)
|
||||
if test -z "$has_hostnamectl"
|
||||
then
|
||||
# Only write to /etc/sysconfig/network on non-systemd versions.
|
||||
# On systemd-based versions this entry is ignored.
|
||||
|
@ -86,83 +106,59 @@ in
|
|||
--file /etc/sysconfig/network \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key HOSTNAME \
|
||||
--value "\"${name_should}\""
|
||||
--value "\"$name_should\""
|
||||
else
|
||||
set_hostname_systemd "${name_should}"
|
||||
set_hostname_systemd "$name_should"
|
||||
fi
|
||||
;;
|
||||
(gentoo)
|
||||
;;
|
||||
gentoo)
|
||||
# Only write to /etc/conf.d/hostname on OpenRC-based installations.
|
||||
# On systemd use hostnamectl(1) in gencode-remote.
|
||||
if test -z "${has_hostnamectl}"
|
||||
if test -z "$has_hostnamectl"
|
||||
then
|
||||
__key_value '/etc/conf.d/hostname:hostname' \
|
||||
--file /etc/conf.d/hostname \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"${name_should}\""
|
||||
--value "\"$name_should\""
|
||||
else
|
||||
set_hostname_systemd "$name_should"
|
||||
fi
|
||||
;;
|
||||
(freebsd)
|
||||
;;
|
||||
freebsd)
|
||||
__key_value '/etc/rc.conf:hostname' \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"${name_should}\""
|
||||
;;
|
||||
(macosx)
|
||||
--value "\"$name_should\""
|
||||
;;
|
||||
macosx)
|
||||
# handled in gencode-remote
|
||||
;;
|
||||
(netbsd)
|
||||
:
|
||||
;;
|
||||
netbsd)
|
||||
__key_value '/etc/rc.conf:hostname' \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key 'hostname' \
|
||||
--value "\"${name_should}\""
|
||||
--value "\"$name_should\""
|
||||
|
||||
# To avoid confusion, ensure that the hostname is only stored once.
|
||||
__file /etc/myname --state absent
|
||||
;;
|
||||
(openbsd)
|
||||
echo "${name_should}" | __file /etc/myname --source -
|
||||
;;
|
||||
(openwrt)
|
||||
__uci system.@system[0].hostname --value "${name_should}"
|
||||
# --transaction hostname
|
||||
;;
|
||||
(slackware)
|
||||
;;
|
||||
openbsd)
|
||||
echo "$name_should" | __file /etc/myname --source -
|
||||
;;
|
||||
slackware)
|
||||
# We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only
|
||||
# read the first component from this file and set it as the running
|
||||
# hostname on boot.
|
||||
echo "${name_should}" | __file /etc/HOSTNAME --source -
|
||||
;;
|
||||
(solaris)
|
||||
echo "${name_should}" | __file /etc/nodename --source -
|
||||
;;
|
||||
(suse)
|
||||
if test -s "${__global:?}/explorer/os_release"
|
||||
then
|
||||
# shellcheck source=/dev/null
|
||||
os_version=$(. "${__global:?}/explorer/os_release" && echo "${VERSION}")
|
||||
else
|
||||
os_version=$(sed -n 's/^VERSION\ *=\ *//p' "${__global:?}/explorer/os_version")
|
||||
fi
|
||||
os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)')
|
||||
|
||||
# Classic SuSE stores the FQDN in /etc/HOSTNAME, while
|
||||
# systemd does not. The running hostname is the first
|
||||
# component in both cases.
|
||||
# In versions before 15.x, the FQDN is stored in /etc/hostname.
|
||||
if test -n "${has_hostnamectl}" \
|
||||
&& test "${os_major}" -ge 15 \
|
||||
&& test "${os_major}" -ne 42
|
||||
then
|
||||
# strip away everything but the first part from $name_should
|
||||
name_should=${name_should%%.*}
|
||||
fi
|
||||
|
||||
echo "$name_should" | __file /etc/HOSTNAME --source -
|
||||
;;
|
||||
solaris)
|
||||
echo "$name_should" | __file /etc/nodename --source -
|
||||
;;
|
||||
suse|opensuse-leap)
|
||||
# Modern SuSE provides /etc/HOSTNAME as a symlink for
|
||||
# backwards-compatibility. Unfortunately it cannot be used
|
||||
# here as __file does not follow the symlink.
|
||||
|
@ -171,25 +167,23 @@ in
|
|||
# not work correctly on openSUSE 12.x which provides
|
||||
# hostnamectl but not /etc/hostname.
|
||||
|
||||
if test -n "${has_hostnamectl}" -a "${os_major}" -gt 12
|
||||
if test -n "$has_hostnamectl" -a "$os_major" -gt 12
|
||||
then
|
||||
hostname_file=/etc/hostname
|
||||
hostname_file='/etc/hostname'
|
||||
else
|
||||
hostname_file=/etc/HOSTNAME
|
||||
hostname_file='/etc/HOSTNAME'
|
||||
fi
|
||||
|
||||
echo "${name_should}" | __file "${hostname_file}" --source -
|
||||
;;
|
||||
(*)
|
||||
echo "$name_should" | __file "$hostname_file" --source -
|
||||
;;
|
||||
*)
|
||||
# On other operating systems we fall back to systemd's
|
||||
# hostnamectl if available…
|
||||
if test -n "${has_hostnamectl}"
|
||||
if test -n "$has_hostnamectl"
|
||||
then
|
||||
set_hostname_systemd "${name_should}"
|
||||
set_hostname_systemd "$name_should"
|
||||
else
|
||||
echo "Your operating system (${os}) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
not_supported
|
||||
fi
|
||||
;;
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -25,10 +25,6 @@ ip
|
|||
state is ``present``, this parameter is mandatory, if state is
|
||||
``absent``, this parameter is silently ignored.
|
||||
|
||||
alias
|
||||
An alias for the hostname.
|
||||
This parameter can be specified multiple times (once per alias).
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
|
@ -40,8 +36,6 @@ EXAMPLES
|
|||
# previously configured via __hosts.
|
||||
__hosts happy --state absent
|
||||
|
||||
__hosts srv1.example.com --ip 192.168.0.42 --alias srv1
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
|
||||
|
@ -49,14 +43,13 @@ SEE ALSO
|
|||
|
||||
AUTHORS
|
||||
-------
|
||||
| Dmitry Bogatov <KAction@gnu.org>
|
||||
| Dennis Camera <dennis.camera--@--ssrq-sds-fds.ch>
|
||||
|
||||
Dmitry Bogatov <KAction@gnu.org>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
|
||||
Copyright \(C) 2015-2016 Dmitry Bogatov, 2019 Dennis Camera.
|
||||
You can redistribute it and/or modify it under the terms of the GNU General
|
||||
Public License as published by the Free Software Foundation, either version 3 of
|
||||
the License, or (at your option) any later version.
|
||||
Copyright (C) 2015,2016 Dmitry Bogatov. Free use of this software is granted
|
||||
under the terms of the GNU General Public License version 3 or later
|
||||
(GPLv3+).
|
||||
|
|
|
@ -1,42 +1,29 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# Copyright (C) 2015 Bogatov Dmitry <KAction@gnu.org>
|
||||
# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
set -ue
|
||||
|
||||
set -e
|
||||
hostname="$__object_id"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
marker="# __hosts/$hostname"
|
||||
|
||||
hostname=$__object_id
|
||||
state=$(cat "${__object}/parameter/state")
|
||||
marker="# __hosts/${hostname}"
|
||||
set -- "__hosts/$hostname" --file /etc/hosts --state "$state"
|
||||
|
||||
if test "${state}" != 'absent'
|
||||
then
|
||||
ip=$(cat "${__object}/parameter/ip")
|
||||
if test -s "${__object}/parameter/alias"
|
||||
then
|
||||
aliases=$(while read -r a; do printf '\t%s' "$a"; done <"$__object/parameter/alias")
|
||||
fi
|
||||
|
||||
set -- --line "$(printf '%s\t%s%s %s' \
|
||||
"${ip}" "${hostname}" "${aliases}" "${marker}")"
|
||||
if [ "$state" = absent ] ; then
|
||||
__line "$@" --regex "$marker"
|
||||
else
|
||||
set -- --regex "$(echo "${marker}" | sed -e 's/\./\\./')$"
|
||||
ip="$(cat "$__object/parameter/ip")"
|
||||
__line "$@" --line "$ip $hostname $marker"
|
||||
fi
|
||||
|
||||
__line "/etc/hosts:${hostname}" --file /etc/hosts --state "${state}" "$@"
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
alias
|
|
@ -1,28 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# Prints the clock mode read from the /etc/adjtime file, if present.
|
||||
#
|
||||
|
||||
# not all operating systems use an adjfile
|
||||
test -f /etc/adjtime || exit 0
|
||||
|
||||
# 3rd line is clock mode
|
||||
# adjtime(5) https://man7.org/linux/man-pages/man5/adjtime.5.html
|
||||
sed -n 3p /etc/adjtime
|
|
@ -1,27 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# Prints the LocalRTC property using timedatectl on systemd-based systems.
|
||||
#
|
||||
|
||||
command -v timedatectl >/dev/null 2>&1 || exit 0
|
||||
|
||||
# NOTE: Older versions of timedatectl do not support `timedatectl show'
|
||||
timedatectl --no-pager status \
|
||||
| awk -F': ' '$1 ~ "RTC in local TZ$" { sub(/[ \t]*$/, "", $2); print $2 }'
|
|
@ -1,62 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
mode=$(cat "${__object:?}/parameter/mode")
|
||||
|
||||
timedatectl_localrtc=$(cat "${__object:?}/explorer/timedatectl_localrtc")
|
||||
adjtime_mode=$(cat "${__object:?}/explorer/adjtime_mode")
|
||||
|
||||
|
||||
case ${mode}
|
||||
in
|
||||
(localtime)
|
||||
adjtime_str=LOCAL
|
||||
local_rtc_str=yes
|
||||
;;
|
||||
(UTC|utc)
|
||||
adjtime_str=UTC
|
||||
local_rtc_str=no
|
||||
;;
|
||||
(*)
|
||||
printf 'Invalid value for --mode: %s\n' "${mode}" >&2
|
||||
printf 'Acceptable values are: localtime, utc.\n' >&2
|
||||
exit 1
|
||||
esac
|
||||
|
||||
|
||||
if test -n "${timedatectl_localrtc}"
|
||||
then
|
||||
# systemd
|
||||
timedatectl_should=${local_rtc_str}
|
||||
if test "${timedatectl_localrtc}" != "${timedatectl_should}"
|
||||
then
|
||||
printf 'timedatectl set-local-rtc %s\n' "${timedatectl_should}"
|
||||
fi
|
||||
elif test -n "${adjtime_mode}"
|
||||
then
|
||||
# others (update /etc/adjtime if present)
|
||||
if test "${adjtime_mode}" != "${adjtime_str}"
|
||||
then
|
||||
# Update /etc/adjtime (3rd line is clock mode)
|
||||
# adjtime(5) https://man7.org/linux/man-pages/man5/adjtime.5.html
|
||||
# FIXME: Should maybe add third line if adjfile only contains two lines
|
||||
printf "sed -i '3c\\\\\\n%s\\n' /etc/adjtime\\n" "${adjtime_str}"
|
||||
fi
|
||||
fi
|
|
@ -1,63 +0,0 @@
|
|||
cdist-type__hwclock(7)
|
||||
======================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__hwclock - Manage the hardware real time clock.
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This type can be used to control how the hardware clock is used by the operating
|
||||
system.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
mode
|
||||
What mode the hardware clock is in.
|
||||
|
||||
Acceptable values:
|
||||
|
||||
localtime
|
||||
The hardware clock is set to local time (common for systems also running
|
||||
Windows.)
|
||||
UTC
|
||||
The hardware clock is set to UTC (common on UNIX systems.)
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
None.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
None.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# Make the operating system treat the time read from the hwclock as UTC.
|
||||
__hwclock --mode UTC
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`hwclock`\ (8)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Dennis Camera <dennis.camera@ssrq-sds-fds.ch>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2020 Dennis Camera. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1,222 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# TODO: Consider supporting BADYEAR
|
||||
|
||||
os=$(cat "${__global:?}/explorer/os")
|
||||
mode=$(cat "${__object:?}/parameter/mode")
|
||||
|
||||
has_systemd_timedatectl=$(test -s "${__object:?}/explorer/timedatectl_localrtc" && echo true || echo false)
|
||||
|
||||
|
||||
case ${mode}
|
||||
in
|
||||
(localtime)
|
||||
local_clock=true
|
||||
;;
|
||||
(UTC|utc)
|
||||
local_clock=false
|
||||
;;
|
||||
(*)
|
||||
printf 'Invalid value for --mode: %s\n' "${mode}" >&2
|
||||
printf 'Acceptable values are: UTC, localtime.\n' >&2
|
||||
exit 1
|
||||
esac
|
||||
|
||||
|
||||
case ${os}
|
||||
in
|
||||
(alpine|gentoo)
|
||||
if ! $has_systemd_timedatectl
|
||||
then
|
||||
# NOTE: Gentoo also supports systemd, in which case /etc/conf.d is
|
||||
# not used. So we check for systemd presence here and only
|
||||
# update /etc/conf.d if systemd is not installed.
|
||||
# https://wiki.gentoo.org/wiki/System_time#Hardware_clock
|
||||
|
||||
export CDIST_ORDER_DEPENDENCY=true
|
||||
__file /etc/conf.d/hwclock --state present \
|
||||
--owner root --group root --mode 0644
|
||||
__key_value /etc/conf.d/hwclock:clock \
|
||||
--file /etc/conf.d/hwclock \
|
||||
--key clock \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--value "\"$($local_clock && echo local || echo UTC)\""
|
||||
unset CDIST_ORDER_DEPENDENCY
|
||||
fi
|
||||
;;
|
||||
(centos|fedora|redhat|scientific)
|
||||
os_version=$(cat "${__global:?}/explorer/os_version")
|
||||
os_major=$(expr "${os_version}" : '.* release \([0-9]*\)')
|
||||
case ${os}
|
||||
in
|
||||
(centos|scientific)
|
||||
update_sysconfig=$(test "${os_major}" -lt 6 && echo true || echo false)
|
||||
;;
|
||||
(fedora)
|
||||
update_sysconfig=$(test "${os_major}" -lt 10 && echo true || echo false)
|
||||
;;
|
||||
(redhat|*)
|
||||
case ${os_version}
|
||||
in
|
||||
('Red Hat Enterprise Linux'*)
|
||||
update_sysconfig=$(test "${os_major}" -lt 6 && echo true || echo false)
|
||||
;;
|
||||
('Red Hat Linux'*)
|
||||
update_sysconfig=true
|
||||
;;
|
||||
(*)
|
||||
printf 'Could not determine Red Hat distribution.\n' >&2
|
||||
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
|
||||
if ${update_sysconfig:?}
|
||||
then
|
||||
export CDIST_ORDER_DEPENDENCY=true
|
||||
__file /etc/sysconfig/clock --state present \
|
||||
--owner root --group root --mode 0644
|
||||
__key_value /etc/sysconfig/clock:UTC \
|
||||
--file /etc/sysconfig/clock \
|
||||
--key UTC \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--value "$($local_clock && echo false || echo true)"
|
||||
unset CDIST_ORDER_DEPENDENCY
|
||||
fi
|
||||
;;
|
||||
(debian|devuan|ubuntu)
|
||||
os_major=$(sed 's/[^0-9].*$//' "${__global:?}/explorer/os_version")
|
||||
|
||||
case ${os}
|
||||
in
|
||||
(debian)
|
||||
if test "${os_major}" -ge 7
|
||||
then
|
||||
update_rcS=false
|
||||
elif test "${os_major}" -ge 3
|
||||
then
|
||||
update_rcS=true
|
||||
else
|
||||
# Debian 2.2 should be supportable using rcS.
|
||||
# Debian 2.1 uses the ancient GMT key.
|
||||
# Debian 1.3 does not have rcS.
|
||||
printf "Your operating system (Debian %s) is currently not supported by this type (%s)\n" \
|
||||
"$(cat "${__global:?}/explorer/os_version")" "${__type##*/}" >&2
|
||||
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
(devuan)
|
||||
update_rcS=false
|
||||
;;
|
||||
(ubuntu)
|
||||
update_rcS=$(test "${os_major}" -lt 16 && echo true || echo false)
|
||||
;;
|
||||
esac
|
||||
|
||||
if ${update_rcS}
|
||||
then
|
||||
export CDIST_ORDER_DEPENDENCY=true
|
||||
__file /etc/default/rcS --state present \
|
||||
--owner root --group root --mode 0644
|
||||
__key_value /etc/default/rcS:UTC \
|
||||
--file /etc/default/rcS \
|
||||
--key UTC \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--value "$($local_clock && echo no || echo yes)"
|
||||
unset CDIST_ORDER_DEPENDENCY
|
||||
fi
|
||||
;;
|
||||
(freebsd)
|
||||
# cf. adjkerntz(8)
|
||||
__file /etc/wall_cmos_clock \
|
||||
--state "$($local_clock && echo present || echo absent)" \
|
||||
--owner root --group wheel --mode 0444
|
||||
;;
|
||||
(netbsd)
|
||||
# https://wiki.netbsd.org/guide/boot/#index9h2
|
||||
__key_value /etc/rc.conf:rtclocaltime \
|
||||
--file /etc/rc.conf \
|
||||
--key rtclocaltime \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--value "$($local_clock && echo YES || echo NO)"
|
||||
;;
|
||||
(slackware)
|
||||
__file /etc/hardwareclock --owner root --group root --mode 0644 \
|
||||
--source - <<-EOF
|
||||
# /etc/hardwareclock
|
||||
#
|
||||
# Tells how the hardware clock time is stored.
|
||||
# This file is managed by cdist.
|
||||
|
||||
$($local_clock && echo localtime || echo UTC)
|
||||
EOF
|
||||
;;
|
||||
(suse)
|
||||
if test -s "${__global:?}/explorer/os_release"
|
||||
then
|
||||
# shellcheck source=/dev/null
|
||||
os_version=$(. "${__global:?}/explorer/os_release" && echo "${VERSION}")
|
||||
else
|
||||
os_version=$(sed -n 's/^VERSION\ *=\ *//p' "${__global:?}/explorer/os_version")
|
||||
fi
|
||||
os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)')
|
||||
|
||||
# TODO: Consider using `yast2 timezone set hwclock' instead
|
||||
if expr "${os_major}" \< 12
|
||||
then
|
||||
# Starting with SuSE 12 (first systemd-based version)
|
||||
# /etc/sysconfig/clock does not contain the HWCLOCK line
|
||||
# anymore.
|
||||
# With SuSE 13, it has been reduced to TIMEZONE configuration.
|
||||
__key_value /etc/sysconfig/clock:HWCLOCK \
|
||||
--file /etc/sysconfig/clock \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key HWCLOCK \
|
||||
--value "$($local_clock && echo '"--localtime"' || echo '"-u"')"
|
||||
fi
|
||||
;;
|
||||
(void)
|
||||
export CDIST_ORDER_DEPENDENCY=true
|
||||
__file /etc/rc.conf \
|
||||
--owner root --group root --mode 0644 \
|
||||
--state present
|
||||
__key_value /etc/rc.conf:HARDWARECLOCK \
|
||||
--file /etc/rc.conf \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--key HARDWARECLOCK \
|
||||
--value "\"$($local_clock && echo localtime || echo UTC)\""
|
||||
unset CDIST_ORDER_DEPENDENCY
|
||||
;;
|
||||
(*)
|
||||
if ! $has_systemd_timedatectl
|
||||
then
|
||||
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "$os" "${__type##*/}" >&2
|
||||
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
# NOTE: timedatectl set-local-rtc for systemd is in gencode-remote
|
||||
# NOTE: /etc/adjtime is also updated in gencode-remote
|
|
@ -1 +0,0 @@
|
|||
mode
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
name="$__object_id"
|
||||
if ipset -t list | grep -qFx "Name: $name"; then
|
||||
ipset list "$name" | sed '0,/^Members:/d'
|
||||
else
|
||||
echo "x_missing_x"
|
||||
fi
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
name="$__object_id"
|
||||
if ipset -t list | grep -qFx "Name: $name"; then
|
||||
ipset -t list "$name" | grep "^Type: " | awk '{print $2}'
|
||||
else
|
||||
echo "x_missing_x"
|
||||
fi
|
|
@ -1,48 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
### BEGIN INIT INFO
|
||||
# Provides: ipset
|
||||
# Required-Start: $local_fs $remote_fs
|
||||
# Required-Stop: $local_fs $remote_fs
|
||||
# X-Start-Before: iptables
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: Create ipset lists before iptables rules require them
|
||||
# Description: Applies lists found in /etc/ipset.d/*.saved
|
||||
# and saves/restores previous status
|
||||
### END INIT INFO
|
||||
|
||||
case $1 in
|
||||
start)
|
||||
# Restore previous state:
|
||||
/usr/local/bin/ipsets-restore
|
||||
;;
|
||||
stop)
|
||||
# Save current state before exiting:
|
||||
/usr/local/bin/ipsets-save
|
||||
;;
|
||||
restart)
|
||||
"$0" stop && "$0" start
|
||||
;;
|
||||
reset)
|
||||
ipset flush
|
||||
;;
|
||||
esac
|
|
@ -1,28 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
mkdir -p /etc/ipset.d/
|
||||
if [ -n "$1" ]; then
|
||||
ipset -! restore < "/etc/ipset.d/$1"
|
||||
else
|
||||
find /etc/ipset.d/ -iname "*.saved" | while read s; do
|
||||
ipset -! restore <$s
|
||||
done
|
||||
fi
|
|
@ -1,28 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
mkdir -p /etc/ipset.d/
|
||||
if [ -n "$1" ]; then
|
||||
ipset save "$1" > "/etc/ipset.d/${1}.saved"
|
||||
else
|
||||
ipset -t list | grep "^Name:" | awk '{print $2}' | while read s; do
|
||||
ipset save $s > /etc/ipset.d/$s.saved
|
||||
done
|
||||
fi
|
|
@ -1,79 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
e="$__object/explorer"
|
||||
p="$__object/parameter"
|
||||
name="$__object_id"
|
||||
type_is="$(cat "$e/type")"
|
||||
type_should="$(cat "$p/type")"
|
||||
state_is="$(cat "$e/state")"
|
||||
state_should="$(cat "$p/state")"
|
||||
needToSave=0
|
||||
|
||||
case $state_should in
|
||||
present)
|
||||
if [ "$state_is" = "absent" ]; then
|
||||
echo ipset create "$name" "$type_should"
|
||||
needToSave=1
|
||||
elif [ "$state_is" = "present" ] && [ "$type_is" != "$type_should" ]; then
|
||||
echo ipset destroy "$name"
|
||||
echo "rm \"/etc/ipset.d/${name}.saved\" || true"
|
||||
echo ipset create "$name" "$type_should"
|
||||
needToSave=1
|
||||
fi
|
||||
;;
|
||||
absent)
|
||||
if [ "$state_is" = "present" ]; then
|
||||
echo ipset destroy "$name"
|
||||
echo "rm \"/etc/ipset.d/${name}.saved\" || true"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Unknown state: $state_should" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$state_should" = "present" ]; then
|
||||
if [ -f "$p/add" ]; then
|
||||
while read -r value; do
|
||||
if ! grep -qFx "$value" "$e/content"; then
|
||||
echo "ipset -! add $name $value"
|
||||
needToSave=1
|
||||
fi
|
||||
done < "$p/add"
|
||||
fi
|
||||
|
||||
if [ -f "$p/del" ]; then
|
||||
while read -r value; do
|
||||
if grep -qFx "$value" "$e/content"; then
|
||||
echo "ipset -! del $name $value"
|
||||
needToSave=1
|
||||
fi
|
||||
done < "$p/del"
|
||||
fi
|
||||
elif [ "$state_should" = "absent" ] && \( [ -f "$p/add" ] || [ -f "$p/del" ] \); then
|
||||
echo "Error: ipset state absent is incompatible with --add or --del" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ $needToSave -ne 0 ]; then
|
||||
echo /usr/local/bin/ipsets-save "$name"
|
||||
fi
|
|
@ -1,69 +0,0 @@
|
|||
cdist-type__ipset(7)
|
||||
====================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__ipset - Manage ipset sets
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Making use of ipset sets in iptable rules can make your rules more expressive, maintainable and efficient.
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
type
|
||||
One of the supported ipset set types, for a full list see:
|
||||
|
||||
``ipset help``
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
add
|
||||
The entry that must exist in the given set.
|
||||
|
||||
Can be used multiple times.
|
||||
del
|
||||
The entry that must not exist in the given set.
|
||||
|
||||
Can be used multiple times.
|
||||
state
|
||||
Can be:
|
||||
|
||||
- ``present``: ensure that the given set exists.
|
||||
- ``absent``: ensure the given set doesn't exist.
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
None.
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# Make sure a set with the given name/type exists:
|
||||
__ipset testset1 --type hash:ip
|
||||
|
||||
# Ensure allowed_ssh_clients contains private range:
|
||||
__ipset allowed_ssh_hosts --type hash:net \
|
||||
--add 192.168.0.0/24 --add 10.0.0.0/8
|
||||
|
||||
# Make sure host is not on the blocked list:
|
||||
__ipset blocked_hosts --type hash:ip \
|
||||
--del 1.2.3.4
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist-type__iptables_rule`\ (7), :strong:`iptables`\ (8)
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Mesar Hameed <mesar.hameed--@--gmail.com>
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2021 Mesar Hameed. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -1,45 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2021 Mesar Hameed (mesar.hameed at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
case "$os" in
|
||||
debian)
|
||||
:
|
||||
;;
|
||||
ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
echo "OS $os currently not supported" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
export CDIST_ORDER_DEPENDENCY=on
|
||||
|
||||
# install packages
|
||||
__package ipset
|
||||
|
||||
__file /etc/init.d/ipset-persistent --mode 0755 --source "${__type}/files/ipset-persistent"
|
||||
__file /usr/local/bin/ipsets-restore --mode 0755 --source "${__type}/files/ipsets-restore"
|
||||
__file /usr/local/bin/ipsets-save --mode 0755 --source "${__type}/files/ipsets-save"
|
||||
__systemd_unit ipset-persistent --enablement-state enabled --restart
|
||||
|
||||
unset CDIST_ORDER_DEPENDENCY
|
|
@ -1 +0,0 @@
|
|||
present
|
|
@ -1 +0,0 @@
|
|||
state
|
|
@ -1,2 +0,0 @@
|
|||
add
|
||||
del
|
|
@ -1 +0,0 @@
|
|||
type
|
|
@ -1,4 +1,7 @@
|
|||
#!/bin/sh
|
||||
# Nico Schottelius
|
||||
# Zürisee, Mon Sep 2 18:38:27 CEST 2013
|
||||
#
|
||||
### BEGIN INIT INFO
|
||||
# Provides: iptables
|
||||
# Required-Start: $local_fs $remote_fs
|
||||
|
@ -11,72 +14,34 @@
|
|||
# and saves/restores previous status
|
||||
### END INIT INFO
|
||||
|
||||
# Originally written by:
|
||||
# Nico Schottelius
|
||||
# Zürisee, Mon Sep 2 18:38:27 CEST 2013
|
||||
#
|
||||
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||
#
|
||||
# This file is distributed with cdist and licenced under the
|
||||
# GNU GPLv3+ WITHOUT ANY WARRANTY.
|
||||
|
||||
|
||||
# Read files and execute the content with the given commands
|
||||
#
|
||||
# Arguments:
|
||||
# 1: Directory
|
||||
# 2..n: Commands which should be used to execute the file content
|
||||
gothrough() {
|
||||
cd "$1" || return
|
||||
shift
|
||||
|
||||
# iterate through all rules and continue if it's not a file
|
||||
for rule in *; do
|
||||
[ -f "$rule" ] || continue
|
||||
echo "Appling iptables rule $rule ..."
|
||||
|
||||
# execute it with all commands specificed
|
||||
ruleparam="$(cat "$rule")"
|
||||
for cmd in "$@"; do
|
||||
# Command and Rule should be split.
|
||||
# shellcheck disable=SC2046
|
||||
command $cmd $ruleparam
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
# Shortcut for iptables command to do IPv4 and v6
|
||||
# only applies to the "reset" target
|
||||
iptables() {
|
||||
command iptables "$@"
|
||||
command ip6tables "$@"
|
||||
}
|
||||
|
||||
basedir=/etc/iptables.d
|
||||
status4="${basedir}/.pre-start"
|
||||
status6="${basedir}/.pre-start6"
|
||||
status="${basedir}/.pre-start"
|
||||
|
||||
case $1 in
|
||||
start)
|
||||
# Save status
|
||||
iptables-save > "$status4"
|
||||
ip6tables-save > "$status6"
|
||||
iptables-save > "$status"
|
||||
|
||||
# Apply our ruleset
|
||||
gothrough "$basedir" iptables
|
||||
#gothrough "$basedir/v4" iptables # conflicts with $basedir
|
||||
gothrough "$basedir/v6" ip6tables
|
||||
gothrough "$basedir/all" iptables ip6tables
|
||||
cd "$basedir" || exit
|
||||
count="$(find . ! -name . -prune | wc -l)"
|
||||
|
||||
# Only do something if there are rules
|
||||
if [ "$count" -ge 1 ]; then
|
||||
for rule in *; do
|
||||
echo "Applying iptables rule $rule ..."
|
||||
# Rule should be split.
|
||||
# shellcheck disable=SC2046
|
||||
iptables $(cat "$rule")
|
||||
done
|
||||
fi
|
||||
;;
|
||||
|
||||
stop)
|
||||
# Restore from status before, if there is something to restore
|
||||
if [ -f "$status4" ]; then
|
||||
iptables-restore < "$status4"
|
||||
fi
|
||||
if [ -f "$status6" ]; then
|
||||
ip6tables-restore < "$status6"
|
||||
if [ -f "$status" ]; then
|
||||
iptables-restore < "$status"
|
||||
fi
|
||||
;;
|
||||
restart)
|
||||
|
|
|
@ -10,24 +10,7 @@ DESCRIPTION
|
|||
-----------
|
||||
This cdist type deploys an init script that triggers
|
||||
the configured rules and also re-applies them on
|
||||
configuration. Rules are written from __iptables_rule
|
||||
into the folder ``/etc/iptables.d/``.
|
||||
|
||||
It reads all rules from the base folder as rules for IPv4.
|
||||
Rules in the subfolder ``v6/`` are IPv6 rules. Rules in
|
||||
the subfolder ``all/`` are applied to both rule tables. All
|
||||
files contain the arguments for a single ``iptables`` and/or
|
||||
``ip6tables`` command.
|
||||
|
||||
Rules are applied in the following order:
|
||||
1. All IPv4 rules
|
||||
2. All IPv6 rules
|
||||
2. All rules that should be applied to both tables
|
||||
|
||||
The order of the rules that will be applied are definite
|
||||
from the result the shell glob returns, which should be
|
||||
alphabetical. If rules must be applied in a special order,
|
||||
prefix them with a number like ``02-some-rule``.
|
||||
configuration.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
|
@ -41,7 +24,7 @@ None
|
|||
EXAMPLES
|
||||
--------
|
||||
|
||||
None (__iptables_apply is used by __iptables_rule automatically)
|
||||
None (__iptables_apply is used by __iptables_rule)
|
||||
|
||||
|
||||
SEE ALSO
|
||||
|
@ -52,13 +35,11 @@ SEE ALSO
|
|||
AUTHORS
|
||||
-------
|
||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||
Matthias Stecher <matthiasstecher--@--gmx.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2013 Nico Schottelius.
|
||||
Copyright \(C) 2020 Matthias Stecher.
|
||||
You can redistribute it and/or modify it under the terms of the GNU
|
||||
General Public License as published by the Free Software Foundation,
|
||||
either version 3 of the License, or (at your option) any later version.
|
||||
Copyright \(C) 2013 Nico Schottelius. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
|
|
@ -11,10 +11,6 @@ DESCRIPTION
|
|||
This cdist type allows you to manage iptable rules
|
||||
in a distribution independent manner.
|
||||
|
||||
See :strong:`cdist-type__iptables_apply`\ (7) for the
|
||||
execution order of these rules. It will be executed
|
||||
automaticly to apply all rules non-volaite.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
|
@ -29,24 +25,6 @@ state
|
|||
'present' or 'absent', defaults to 'present'
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
All rules without any of these parameters will be treated like ``--v4`` because
|
||||
of backward compatibility.
|
||||
|
||||
v4
|
||||
Explicitly set it as rule for IPv4. If IPv6 is set, too, it will be
|
||||
threaten like ``--all``. Will be the default if nothing else is set.
|
||||
|
||||
v6
|
||||
Explicitly set it as rule for IPv6. If IPv4 is set, too, it will be
|
||||
threaten like ``--all``.
|
||||
|
||||
all
|
||||
Set the rule for both IPv4 and IPv6. It will be saved separately from the
|
||||
other rules.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
|
@ -70,16 +48,6 @@ EXAMPLES
|
|||
--state absent
|
||||
|
||||
|
||||
# IPv4-only rule for ICMPv4
|
||||
__iptables_rule icmp-v4 --v4 --rule "-A INPUT -p icmp -j ACCEPT"
|
||||
# IPv6-only rule for ICMPv6
|
||||
__iptables_rule icmp-v6 --v6 --rule "-A INPUT -p icmpv6 -j ACCEPT"
|
||||
|
||||
# doing something for the dual stack
|
||||
__iptables_rule fwd-eth0-eth1 --v4 --v6 --rule "-A INPUT -i eth0 -o eth1 -j ACCEPT"
|
||||
__iptables_rule fwd-eth1-eth0 --all --rule "-A -o eth1 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT"
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist-type__iptables_apply`\ (7), :strong:`iptables`\ (8)
|
||||
|
@ -88,13 +56,11 @@ SEE ALSO
|
|||
AUTHORS
|
||||
-------
|
||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||
Matthias Stecher <matthiasstecher--@--gmx.de>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2013 Nico Schottelius.
|
||||
Copyright \(C) 2020 Matthias Stecher.
|
||||
You can redistribute it and/or modify it under the terms of the GNU
|
||||
General Public License as published by the Free Software Foundation,
|
||||
either version 3 of the License, or (at your option) any later version.
|
||||
Copyright \(C) 2013 Nico Schottelius. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2020 Matthias Stecher (matthiasstecher at gmx.de)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -25,36 +24,12 @@ base_dir=/etc/iptables.d
|
|||
name="$__object_id"
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
if [ -f "$__object/parameter/v4" ]; then
|
||||
only_v4="yes"
|
||||
# $specific_dir is $base_dir
|
||||
fi
|
||||
if [ -f "$__object/parameter/v6" ]; then
|
||||
only_v6="yes"
|
||||
specific_dir="$base_dir/v6"
|
||||
fi
|
||||
# If rules should be set for both protocols
|
||||
if { [ "$only_v4" = "yes" ] && [ "$only_v6" = "yes" ]; } ||
|
||||
[ -f "$__object/parameter/all" ]; then
|
||||
|
||||
# all to a specific directory
|
||||
specific_dir="$base_dir/all"
|
||||
fi
|
||||
|
||||
# set rule directory based on if it's the base or subdirectory
|
||||
rule_dir="${specific_dir:-$base_dir}"
|
||||
|
||||
################################################################################
|
||||
# Basic setup
|
||||
#
|
||||
|
||||
__directory "$base_dir" --state present
|
||||
|
||||
# sub-directory if required
|
||||
if [ "$specific_dir" ]; then
|
||||
require="__directory/$base_dir" __directory "$specific_dir" --state present
|
||||
fi
|
||||
|
||||
# Have apply do the real job
|
||||
require="$__object_name" __iptables_apply
|
||||
|
||||
|
@ -62,15 +37,6 @@ require="$__object_name" __iptables_apply
|
|||
# The rule
|
||||
#
|
||||
|
||||
for dir in "$base_dir" "$base_dir/v6" "$base_dir/all"; do
|
||||
# defaults to absent except the directory that should contain the file
|
||||
if [ "$rule_dir" = "$dir" ]; then
|
||||
curr_state="$state"
|
||||
else
|
||||
curr_state="absent"
|
||||
fi
|
||||
|
||||
require="__directory/$rule_dir" __file "$dir/$name" \
|
||||
--source "$__object/parameter/rule" \
|
||||
--state "$curr_state"
|
||||
done
|
||||
require="__directory/$base_dir" __file "$base_dir/${name}" \
|
||||
--source "$__object/parameter/rule" \
|
||||
--state "$state"
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
all
|
||||
v4
|
||||
v6
|
|
@ -40,9 +40,7 @@ else
|
|||
fi
|
||||
export key state delimiter value exact_delimiter
|
||||
|
||||
awk_bin=$(PATH=$(getconf PATH 2>/dev/null) && command -v awk || echo awk)
|
||||
|
||||
"${awk_bin}" -f - "$file" <<"AWK_EOF"
|
||||
awk -f - "$file" <<"AWK_EOF"
|
||||
BEGIN {
|
||||
state=ENVIRON["state"]
|
||||
key=ENVIRON["key"]
|
||||
|
|
|
@ -24,10 +24,7 @@ if [ -f "$file" ]; then
|
|||
else
|
||||
touch "$file"
|
||||
fi
|
||||
|
||||
awk_bin=$(PATH=$(getconf PATH 2>/dev/null) && command -v awk || echo awk)
|
||||
|
||||
"${awk_bin}" -f - "$file" >"$tmpfile" <<"AWK_EOF"
|
||||
awk -f - "$file" >"$tmpfile" <<"AWK_EOF"
|
||||
BEGIN {
|
||||
# import variables in a secure way ..
|
||||
state=ENVIRON["state"]
|
||||
|
|
|
@ -25,7 +25,7 @@ state_should="$(cat "$__object/parameter/state")"
|
|||
state_is="$(cat "$__object/explorer/state")"
|
||||
fire_onchange=''
|
||||
|
||||
if [ "$state_is" = "$state_should" ]; then
|
||||
if [ "$state_is" = "$state_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
|
|
@ -53,10 +53,8 @@ function _find(_text, _pattern) {
|
|||
BEGIN {
|
||||
getline anchor < (ENVIRON["__object"] "/parameter/" position)
|
||||
getline pattern < (ENVIRON["__object"] "/parameter/" needle)
|
||||
getline line < (ENVIRON["__object"] "/parameter/line")
|
||||
|
||||
found_line = 0
|
||||
correct_line = 0
|
||||
correct_pos = (position != "after" && position != "before")
|
||||
}
|
||||
{
|
||||
|
@ -65,18 +63,15 @@ BEGIN {
|
|||
getline
|
||||
if (_find($0, pattern)) {
|
||||
found_line++
|
||||
if (index($0, line) == 1) { correct_line++ }
|
||||
correct_pos = 1
|
||||
exit 0
|
||||
}
|
||||
} else if (_find($0, pattern)) {
|
||||
found_line++
|
||||
if (index($0, line) == 1) { correct_line++ }
|
||||
}
|
||||
} else if (position == "before") {
|
||||
if (_find($0, pattern)) {
|
||||
found_line++
|
||||
if (index($0, line) == 1) { correct_line++ }
|
||||
getline
|
||||
if (match($0, anchor)) {
|
||||
correct_pos = 1
|
||||
|
@ -86,18 +81,13 @@ BEGIN {
|
|||
} else {
|
||||
if (_find($0, pattern)) {
|
||||
found_line++
|
||||
if (index($0, line) == 1) { correct_line++ }
|
||||
exit 0
|
||||
}
|
||||
}
|
||||
}
|
||||
END {
|
||||
if (found_line && correct_pos) {
|
||||
if (correct_line) {
|
||||
print "present"
|
||||
} else {
|
||||
print "matching"
|
||||
}
|
||||
print "present"
|
||||
} else if (found_line) {
|
||||
print "wrongposition"
|
||||
} else {
|
||||
|
|
|
@ -38,11 +38,7 @@ if [ -z "$state_is" ]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$state_should" = "$state_is" ] || \
|
||||
{ [ "$state_should" = "present" ] && [ "$state_is" = "matching" ] ;} || \
|
||||
{ [ "$state_should" = "replace" ] && [ "$state_is" = "present" ] ;} ; then
|
||||
# If state matches already, or 'present' is used and regex matches
|
||||
# or 'replace' is used and the exact line is present, then there is
|
||||
if [ "$state_should" = "$state_is" ]; then
|
||||
# nothing to do
|
||||
exit 0
|
||||
fi
|
||||
|
@ -65,8 +61,8 @@ fi
|
|||
add=0
|
||||
remove=0
|
||||
case "$state_should" in
|
||||
present|replace)
|
||||
if [ "$state_is" = "wrongposition" ] || [ "$state_is" = "matching" ]; then
|
||||
present)
|
||||
if [ "$state_is" = "wrongposition" ]; then
|
||||
echo updated >> "$__messages_out"
|
||||
remove=1
|
||||
else
|
||||
|
|
|
@ -31,7 +31,7 @@ file
|
|||
line
|
||||
Specifies the line which should be absent or present.
|
||||
|
||||
Must be present, if state is 'present' or 'replace'.
|
||||
Must be present, if state is 'present'.
|
||||
Ignored if regex is given and state is 'absent'.
|
||||
|
||||
regex
|
||||
|
@ -41,13 +41,10 @@ regex
|
|||
If state is 'absent', ensure all lines matching the regular expression
|
||||
are absent.
|
||||
|
||||
If state is 'replace', ensure all lines matching the regular expression
|
||||
are exactly 'line'.
|
||||
|
||||
The regular expression is interpreted by awk's match function.
|
||||
|
||||
state
|
||||
'present', 'absent' or 'replace', defaults to 'present'.
|
||||
'present' or 'absent', defaults to 'present'
|
||||
|
||||
onchange
|
||||
The code to run if line is added, removed or updated.
|
||||
|
@ -102,12 +99,6 @@ EXAMPLES
|
|||
--line '-session required pam_exec.so debug log=/tmp/classify.log /usr/local/libexec/classify' \
|
||||
--after '^session[[:space:]]+include[[:space:]]+password-auth-ac$'
|
||||
|
||||
# Uncomment as needed and set a value in a configuration file.
|
||||
__line /etc/example.conf \
|
||||
--line 'SomeSetting SomeValue' \
|
||||
--regex '^(#[[:space:]]*)?SomeSetting[[:space:]]' \
|
||||
--state replace
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
This type is deprecated. Please use __localedef instead.
|
|
@ -23,15 +23,6 @@
|
|||
|
||||
locale="$__object_id"
|
||||
|
||||
state_is=$(cat "$__object/explorer/state")
|
||||
state_should=$(cat "$__object/parameter/state")
|
||||
|
||||
# short circuit if there is nothing to do
|
||||
if [ "$state_is" = "$state_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
||||
# Hardcoded, create a pull request with
|
||||
# branching on $os in case it is at another location
|
||||
alias=/usr/share/locale/locale.alias
|
||||
|
@ -44,6 +35,8 @@ charmap=$(echo "$locale" | cut -d . -f 2)
|
|||
# W-T-F!
|
||||
locale_remove=$(echo "$locale" | sed 's/UTF-8/utf8/')
|
||||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
# Nothing to be done on alpine
|
||||
|
@ -53,7 +46,7 @@ case "$os" in
|
|||
;;
|
||||
esac
|
||||
|
||||
case "$state_should" in
|
||||
case "$state" in
|
||||
present)
|
||||
echo localedef -A "$alias" -f "$charmap" -i "$input" "$locale"
|
||||
;;
|
||||
|
@ -61,7 +54,7 @@ case "$state_should" in
|
|||
echo localedef --delete-from-archive "$locale_remove"
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported state: $state_should" >&2
|
||||
echo "Unsupported state: $state" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
# 2012-2016 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2016 Carlos Ortigoza (carlos.ortigoza at ungleich.ch)
|
||||
# 2016 Nico Schottelius (nico.schottelius at ungleich.ch)
|
||||
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -24,171 +23,17 @@
|
|||
# Configure system-wide locale by modifying i18n file.
|
||||
#
|
||||
|
||||
version_ge() {
|
||||
awk -F '[^0-9.]' -v target="${1:?}" '
|
||||
function max(x, y) { return x > y ? x : y }
|
||||
BEGIN {
|
||||
getline
|
||||
nx = split($1, x, ".")
|
||||
ny = split(target, y, ".")
|
||||
for (i = 1; i <= max(nx, ny); ++i) {
|
||||
diff = int(x[i]) - int(y[i])
|
||||
if (diff == 0) continue
|
||||
exit (diff < 0)
|
||||
}
|
||||
}'
|
||||
}
|
||||
|
||||
|
||||
key=$__object_id
|
||||
onchange_cmd= # none, by default
|
||||
quote_value=false
|
||||
|
||||
catval() {
|
||||
# shellcheck disable=SC2059
|
||||
printf "$($quote_value && echo '"%s"' || echo '%s')" "$(cat "$1")"
|
||||
}
|
||||
|
||||
state_should=$(cat "${__object}/parameter/state")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case $os
|
||||
in
|
||||
debian)
|
||||
if version_ge 4 <"${__global}/explorer/os_version"
|
||||
then
|
||||
# Debian 4 (etch) and later
|
||||
locale_conf="/etc/default/locale"
|
||||
else
|
||||
locale_conf="/etc/environment"
|
||||
fi
|
||||
;;
|
||||
devuan)
|
||||
case "$os" in
|
||||
debian|ubuntu)
|
||||
locale_conf="/etc/default/locale"
|
||||
;;
|
||||
ubuntu)
|
||||
if version_ge 6.10 <"${__global}/explorer/os_version"
|
||||
then
|
||||
# Ubuntu 6.10 (edgy) and later
|
||||
locale_conf="/etc/default/locale"
|
||||
else
|
||||
locale_conf="/etc/environment"
|
||||
fi
|
||||
;;
|
||||
archlinux)
|
||||
locale_conf="/etc/locale.conf"
|
||||
;;
|
||||
centos|redhat|scientific)
|
||||
# shellcheck source=/dev/null
|
||||
version_id=$(. "${__global}/explorer/os_release" && echo "${VERSION_ID:-0}")
|
||||
if echo "${version_id}" | version_ge 7
|
||||
then
|
||||
locale_conf="/etc/locale.conf"
|
||||
else
|
||||
locale_conf="/etc/sysconfig/i18n"
|
||||
fi
|
||||
;;
|
||||
fedora)
|
||||
# shellcheck source=/dev/null
|
||||
version_id=$(. "${__global}/explorer/os_release" && echo "${VERSION_ID:-0}")
|
||||
if echo "${version_id}" | version_ge 18
|
||||
then
|
||||
locale_conf="/etc/locale.conf"
|
||||
quote_value=false
|
||||
else
|
||||
locale_conf="/etc/sysconfig/i18n"
|
||||
fi
|
||||
;;
|
||||
gentoo)
|
||||
case $(cat "${__global}/explorer/init")
|
||||
in
|
||||
(*openrc*)
|
||||
locale_conf="/etc/env.d/02locale"
|
||||
onchange_cmd="env-update --no-ldconfig"
|
||||
quote_value=true
|
||||
;;
|
||||
(systemd)
|
||||
locale_conf="/etc/locale.conf"
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
freebsd|netbsd)
|
||||
# NetBSD doesn't have a separate configuration file to set locales.
|
||||
# In FreeBSD locales could be configured via /etc/login.conf but parsing
|
||||
# that would be annoying, so the shell login file will have to do.
|
||||
# "Non-POSIX" shells like csh will not be updated here.
|
||||
|
||||
locale_conf="/etc/profile"
|
||||
quote_value=true
|
||||
value="$(catval "${__object}/parameter/value"); export ${key}"
|
||||
;;
|
||||
solaris)
|
||||
locale_conf="/etc/default/init"
|
||||
locale_conf_group="sys"
|
||||
|
||||
if version_ge 5.11 <"${__global}/explorer/os_version"
|
||||
then
|
||||
# mode on Oracle Solaris 11 is actually 0444,
|
||||
# but the write bit makes sense, IMO
|
||||
locale_conf_mode=0644
|
||||
|
||||
# Oracle Solaris 11.2 and later uses SMF to store environment info.
|
||||
# This is a hack, but I didn't feel like modifying the whole type
|
||||
# just for some Oracle nonsense.
|
||||
# 11.3 apparently added nlsadm(1m), but it is missing from 11.2.
|
||||
# Illumos continues to use /etc/default/init
|
||||
# NOTE: Remember not to use "cool" POSIX features like -q or -e with
|
||||
# Solaris grep.
|
||||
release_regex='Oracle Solaris 11.[2-9][0-9]*'
|
||||
case $state_should
|
||||
in
|
||||
(present)
|
||||
svccfg_cmd="svccfg -s svc:/system/environment:init setprop environment/${key} = astring: '$(cat "${__object}/parameter/value")'"
|
||||
;;
|
||||
(absent)
|
||||
svccfg_cmd="svccfg -s svc:/system/environment:init delprop environment/${key}"
|
||||
;;
|
||||
esac
|
||||
refresh_cmd='svcadm refresh svc:/system/environment'
|
||||
onchange_cmd="grep '${release_regex}' /etc/release >&- || exit 0; ${svccfg_cmd:-:} && ${refresh_cmd}"
|
||||
else
|
||||
locale_conf_mode=0555
|
||||
fi
|
||||
;;
|
||||
slackware)
|
||||
# NOTE: lang.csh (csh config) is ignored here.
|
||||
locale_conf="/etc/profile.d/lang.sh"
|
||||
locale_conf_mode=0755
|
||||
key="export ${__object_id}"
|
||||
;;
|
||||
suse)
|
||||
if test -s "${__global}/explorer/os_release"
|
||||
then
|
||||
# shellcheck source=/dev/null
|
||||
os_version=$(. "${__global}/explorer/os_release" && echo "${VERSION}")
|
||||
else
|
||||
os_version=$(sed -n 's/^VERSION\ *=\ *//p' "${__global}/explorer/os_version")
|
||||
fi
|
||||
os_major=$(expr "${os_version}" : '\([0-9]\{1,\}\)')
|
||||
|
||||
# https://documentation.suse.com/sles/15-SP2/html/SLES-all/cha-suse.html#sec-suse-l10n
|
||||
if expr "${os_major}" '>=' 15 \& "${os_major}" != 42
|
||||
then
|
||||
# It seems that starting with SuSE 15 the systemd /etc/locale.conf
|
||||
# is the preferred way to set locales, although
|
||||
# /etc/sysconfig/language is still available.
|
||||
# Older documentation doesn't mention /etc/locale.conf, even though
|
||||
# is it created when localectl is used.
|
||||
locale_conf="/etc/locale.conf"
|
||||
else
|
||||
locale_conf="/etc/sysconfig/language"
|
||||
quote_value=true
|
||||
key="RC_${__object_id}"
|
||||
fi
|
||||
;;
|
||||
voidlinux)
|
||||
locale_conf="/etc/locale.conf"
|
||||
redhat|centos)
|
||||
locale_conf="/etc/sysconfig/i18n"
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
|
@ -197,16 +42,14 @@ in
|
|||
;;
|
||||
esac
|
||||
|
||||
__file "${locale_conf}" --state exists \
|
||||
--owner "${locale_conf_owner:-0}" \
|
||||
--group "${locale_conf_group:-0}" \
|
||||
--mode "${locale_conf_mode:-0644}"
|
||||
__file "$locale_conf" \
|
||||
--owner root --group root --mode 644 \
|
||||
--state exists
|
||||
|
||||
require="__file/${locale_conf}" \
|
||||
__key_value "${locale_conf}:${key#export }" \
|
||||
--file "${locale_conf}" \
|
||||
--key "${key}" \
|
||||
--delimiter '=' --exact_delimiter \
|
||||
--state "${state_should}" \
|
||||
--value "${value:-$(catval "${__object}/parameter/value")}" \
|
||||
--onchange "${onchange_cmd}"
|
||||
require="__file/$locale_conf" \
|
||||
__key_value "$locale_conf:$__object_id" \
|
||||
--file "$locale_conf" \
|
||||
--key "$__object_id" \
|
||||
--delimiter = \
|
||||
--state "$(cat "$__object/parameter/state")" \
|
||||
--value "$(cat "$__object/parameter/value")"
|
||||
|
|
|
@ -1,100 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# This explorer determines if the locale is defined on the target system.
|
||||
# Will print nothing on error.
|
||||
#
|
||||
# Possible output:
|
||||
# present:
|
||||
# the main locale (and possibly aliases) is present
|
||||
# absent:
|
||||
# neither the main locale nor any aliases are present
|
||||
# alias-present:
|
||||
# the main locale is absent, but at least one of its aliases is present
|
||||
#
|
||||
|
||||
# Hardcoded, create a pull request in case it is at another location for
|
||||
# some other distro. (cf. gencode-remote)
|
||||
aliasfile='/usr/share/locale/locale.alias'
|
||||
|
||||
command -v locale >/dev/null 2>&1 || exit 0
|
||||
|
||||
locales=$(locale -a)
|
||||
|
||||
parse_locale() {
|
||||
# This function will split locales into their parts. Locale strings are
|
||||
# usually of the form: [language[_territory][.codeset][@modifier]]
|
||||
# For simplicity, language and territory are not separated by this function.
|
||||
# Old Linux systems were also using "english" or "german" as locale strings.
|
||||
# Usage: parse_locale locale_str lang_var codeset_var modifier_var
|
||||
eval "${2:?}"="$(expr "$1" : '\([^.@]*\)')"
|
||||
eval "${3:?}"="$(expr "$1" : '[^.]*\.\([^@]*\)')"
|
||||
eval "${4:?}"="$(expr "$1" : '.*@\(.*\)$')"
|
||||
}
|
||||
|
||||
format_locale() {
|
||||
# Usage: format_locale language codeset modifier
|
||||
printf '%s' "$1"
|
||||
test -z "$2" || printf '.%s' "$2"
|
||||
test -z "$3" || printf '@%s' "$3"
|
||||
printf '\n'
|
||||
}
|
||||
|
||||
gnu_normalize_codeset() {
|
||||
# reimplementation of glibc/locale/programs/localedef.c normalize_codeset()
|
||||
echo "$*" | tr '[:upper:]' '[:lower:]' | tr -cd '[:alnum:]'
|
||||
}
|
||||
|
||||
locale_available() (
|
||||
echo "${locales}" | grep -qxF "$1" || {
|
||||
# glibc uses "normalized" locale names in archives.
|
||||
# If a locale is stored in an archive, the normalized name will be
|
||||
# printed by locale, so that needs to be checked, too.
|
||||
localename=$(
|
||||
parse_locale "$1" _lang _codeset _modifier \
|
||||
&& format_locale "${_lang:?}" "$(gnu_normalize_codeset "${_codeset?}")" \
|
||||
"${_modifier?}")
|
||||
echo "${locales}" | grep -qxF "${localename}"
|
||||
}
|
||||
)
|
||||
|
||||
if locale_available "${__object_id:?}"
|
||||
then
|
||||
echo present
|
||||
else
|
||||
# NOTE: locale.alias can be symlinked.
|
||||
if test -e "${aliasfile}"
|
||||
then
|
||||
# Check if one of the aliases of the locale is defined
|
||||
baselocale=$(
|
||||
parse_locale "${__object_id:?}" _lang _codeset _modifiers \
|
||||
&& format_locale "${_lang}" "${_codeset}")
|
||||
while read -r _alias _localename
|
||||
do
|
||||
if test "${_localename}" = "${baselocale}" \
|
||||
&& echo "${locales}" | grep -qxF "${_alias}"
|
||||
then
|
||||
echo alias-present
|
||||
exit 0
|
||||
fi
|
||||
done <"${aliasfile}"
|
||||
fi
|
||||
|
||||
echo absent
|
||||
fi
|
|
@ -1,5 +0,0 @@
|
|||
# -*- mode: sh; indent-tabs-mode: t -*-
|
||||
|
||||
gnu_normalize_codeset() {
|
||||
echo "$*" | tr -cd '[:alnum:]' | tr '[:upper:]' '[:lower:]'
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue