diff --git a/.gitignore b/.gitignore index 4b80b425..ed8b453a 100644 --- a/.gitignore +++ b/.gitignore @@ -34,7 +34,7 @@ cdist/inventory/ # Python: cache, distutils, distribution in general __pycache__/ *.pyc -MANIFEST +/MANIFEST dist/ cdist/version.py cdist.egg-info/ diff --git a/Makefile b/Makefile index b739ab1f..fa3327d1 100644 --- a/Makefile +++ b/Makefile @@ -31,9 +31,9 @@ help: @echo "docs-clean clean documentation" @echo "clean clean" -DOCS_SRC_DIR=docs/src -SPEECHDIR=docs/speeches -TYPEDIR=cdist/conf/type +DOCS_SRC_DIR=./docs/src +SPEECHDIR=./docs/speeches +TYPEDIR=./cdist/conf/type SPHINXM=make -C $(DOCS_SRC_DIR) man SPHINXH=make -C $(DOCS_SRC_DIR) html diff --git a/bin/build-helper b/bin/build-helper index 1698a678..9a776491 100755 --- a/bin/build-helper +++ b/bin/build-helper @@ -451,7 +451,7 @@ eof ;; shellcheck-scripts) - ${SHELLCHECKCMD} scripts/cdist-dump || exit 0 + ${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type || exit 0 ;; shellcheck-gencodes) diff --git a/cdist/argparse.py b/cdist/argparse.py index 421d1b54..ca69cdae 100644 --- a/cdist/argparse.py +++ b/cdist/argparse.py @@ -5,6 +5,7 @@ import logging import collections import functools import cdist.configuration +import cdist.preos # set of beta sub-commands @@ -20,6 +21,7 @@ parser = None _verbosity_level_off = -2 _verbosity_level = { + None: logging.WARNING, _verbosity_level_off: logging.OFF, -1: logging.ERROR, 0: logging.WARNING, @@ -422,6 +424,9 @@ def get_parsers(): parser['inventory'].set_defaults( func=cdist.inventory.Inventory.commandline) + # PreOs + parser['preos'] = parser['sub'].add_parser('preos', add_help=False) + # Shell parser['shell'] = parser['sub'].add_parser( 'shell', parents=[parser['loglevel']]) diff --git a/cdist/conf/explorer/hostname b/cdist/conf/explorer/hostname index 7715c6b0..dca004d1 100755 --- a/cdist/conf/explorer/hostname +++ b/cdist/conf/explorer/hostname @@ -1,7 +1,6 @@ #!/bin/sh # -# 2010-2014 Nico Schottelius (nico-cdist at schottelius.org) -# 2012 Steven Armstrong (steven-cdist at armstrong.cc) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -19,7 +18,12 @@ # along with cdist. If not, see . # # +# Retrieve the running hostname +# -if command -v uname >/dev/null; then - uname -n +if command -v hostname >/dev/null +then + hostname +else + uname -n fi diff --git a/cdist/conf/explorer/interfaces b/cdist/conf/explorer/interfaces index 55287971..aeb55ed0 100755 --- a/cdist/conf/explorer/interfaces +++ b/cdist/conf/explorer/interfaces @@ -18,13 +18,11 @@ # along with cdist. If not, see . # -if command -v ip > /dev/null +if command -v ip >/dev/null then - ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p' - -elif command -v ifconfig > /dev/null + ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p' +elif command -v ifconfig >/dev/null then - ifconfig -a \ - | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' \ - | sort -u -fi + ifconfig -a | sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' +fi \ + | sort -u diff --git a/cdist/conf/explorer/os b/cdist/conf/explorer/os index d522300c..563fa4cf 100755 --- a/cdist/conf/explorer/os +++ b/cdist/conf/explorer/os @@ -145,7 +145,7 @@ esac if [ -f /etc/os-release ]; then # already lowercase, according to: # https://www.freedesktop.org/software/systemd/man/os-release.html - awk -F= '/^ID=/ {print $2;}' /etc/os-release + awk -F= '/^ID=/ { if ($2 ~ /^'"'"'(.*)'"'"'$/ || $2 ~ /^"(.*)"$/) { print substr($2, 2, length($2) - 2) } else { print $2 } }' /etc/os-release exit 0 fi diff --git a/cdist/conf/type/__acl/explorer/missing_users_groups b/cdist/conf/type/__acl/explorer/checks similarity index 58% rename from cdist/conf/type/__acl/explorer/missing_users_groups rename to cdist/conf/type/__acl/explorer/checks index b4af614c..70bb0412 100755 --- a/cdist/conf/type/__acl/explorer/missing_users_groups +++ b/cdist/conf/type/__acl/explorer/checks @@ -18,30 +18,22 @@ # along with cdist. If not, see . # -[ ! -e "/$__object_id" ] && exit 0 +# TODO check if filesystem has ACL turned on etc -for parameter in user group -do - if [ ! -f "$__object/parameter/$parameter" ] - then - continue - fi - - while read -r acl +if [ -f "$__object/parameter/acl" ] +then + grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \ + | while read -r acl do - check="$( echo "$acl" | awk -F: '{print $1}' )" + param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )" + check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )" - if [ "$parameter" = 'user' ] - then - getent_db=passwd - else - getent_db="$parameter" - fi + [ "$param" = 'user' ] && db=passwd || db="$param" - if ! getent "$getent_db" "$check" > /dev/null + if ! getent "$db" "$check" > /dev/null then - echo "missing $parameter '$check'" + echo "missing $param '$check'" >&2 + exit 1 fi - done \ - < "$__object/parameter/$parameter" -done + done +fi diff --git a/cdist/conf/type/__acl/gencode-remote b/cdist/conf/type/__acl/gencode-remote index a0f25a15..6dab4d09 100755 --- a/cdist/conf/type/__acl/gencode-remote +++ b/cdist/conf/type/__acl/gencode-remote @@ -20,59 +20,65 @@ file_is="$( cat "$__object/explorer/file_is" )" -[ "$file_is" = 'missing' ] && exit 0 - -missing_users_groups="$( cat "$__object/explorer/missing_users_groups" )" - -if [ -n "$missing_users_groups" ] -then - echo "$missing_users_groups" >&2 - exit 1 -fi +[ "$file_is" = 'missing' ] && [ -z "$__cdist_dry_run" ] && exit 0 os="$( cat "$__global/explorer/os" )" -acl_is="$( cat "$__object/explorer/acl_is" )" - acl_path="/$__object_id" -if [ -f "$__object/parameter/default" ] && [ "$file_is" = 'directory' ] +acl_is="$( cat "$__object/explorer/acl_is" )" + +if [ -f "$__object/parameter/acl" ] then - set_default=1 + acl_should="$( cat "$__object/parameter/acl" )" +elif + [ -f "$__object/parameter/user" ] \ + || [ -f "$__object/parameter/group" ] \ + || [ -f "$__object/parameter/mask" ] \ + || [ -f "$__object/parameter/other" ] +then + acl_should="$( for param in user group mask other + do + [ ! -f "$__object/parameter/$param" ] && continue + + echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=: + + echo "$param$sep$( cat "$__object/parameter/$param" )" + done )" else - set_default=0 + echo 'no parameters set' >&2 + exit 1 fi -acl_should="$( for parameter in user group mask other -do - if [ ! -f "$__object/parameter/$parameter" ] - then - continue - fi +if [ -f "$__object/parameter/default" ] +then + acl_should="$( echo "$acl_should" \ + | sed 's/^default://' \ + | sort -u \ + | sed 's/\(.*\)/default:\1\n\1/' )" +fi - while read -r acl - do - if echo "$acl" | awk -F: '{ print $NF }' | grep -Fq 'X' - then - [ "$file_is" = 'directory' ] && rep=x || rep=- +if [ "$file_is" = 'regular' ] \ + && echo "$acl_should" | grep -Eq '^default:' +then + # only directories can have default ACLs, + # but instead of error, + # let's just remove default entries + acl_should="$( echo "$acl_should" | grep -Ev '^default:' )" +fi - acl="$( echo "$acl" | sed "s/\(.*\)X/\1$rep/" )" - fi +if echo "$acl_should" | awk -F: '{ print $NF }' | grep -Fq 'X' +then + [ "$file_is" = 'directory' ] && rep=x || rep=- - echo "$parameter" | grep -Eq '(mask|other)' && sep=:: || sep=: - - echo "$parameter$sep$acl" - - [ "$set_default" = '1' ] && echo "default:$parameter$sep$acl" - done \ - < "$__object/parameter/$parameter" -done )" + acl_should="$( echo "$acl_should" | sed "s/\\(.*\\)X/\\1$rep/" )" +fi setfacl_exec='setfacl' if [ -f "$__object/parameter/recursive" ] then - if echo "$os" | grep -Eq 'macosx|freebsd' + if echo "$os" | grep -Fq 'freebsd' then echo "$os setfacl do not support recursive operations" >&2 else @@ -82,44 +88,36 @@ fi if [ -f "$__object/parameter/remove" ] then - if echo "$os" | grep -Fq 'solaris' - then - # Solaris setfacl behaves differently. - # We will not support Solaris for now, because no way to test it. - # But adding support should be easy (use -s instead of -m on modify). - echo "$os setfacl do not support -x flag for ACL remove" >&2 - else - echo "$acl_is" | while read -r acl - do - # Skip wanted ACL entries which already exist - # and skip mask and other entries, because we - # can't actually remove them, but only change. - if echo "$acl_should" | grep -Eq "^$acl" \ - || echo "$acl" | grep -Eq '^(default:)?(mask|other)' - then continue - fi + echo "$acl_is" | while read -r acl + do + # skip wanted ACL entries which already exist + # and skip mask and other entries, because we + # can't actually remove them, but only change. + if echo "$acl_should" | grep -Eq "^$acl" \ + || echo "$acl" | grep -Eq '^(default:)?(mask|other)' + then continue + fi - if echo "$os" | grep -Eq 'macosx|freebsd' - then - remove="$acl" - else - remove="$( echo "$acl" | sed 's/:...$//' )" - fi + if echo "$os" | grep -Fq 'freebsd' + then + remove="$acl" + else + remove="$( echo "$acl" | sed 's/:...$//' )" + fi - echo "$setfacl_exec -x \"$remove\" \"$acl_path\"" - echo "removed '$remove'" >> "$__messages_out" - done - fi + echo "$setfacl_exec -x \"$remove\" \"$acl_path\"" + echo "removed '$remove'" >> "$__messages_out" + done fi for acl in $acl_should do if ! echo "$acl_is" | grep -Eq "^$acl" then - if echo "$os" | grep -Eq 'macosx|freebsd' \ + if echo "$os" | grep -Fq 'freebsd' \ && echo "$acl" | grep -Eq '^default:' then - echo "setting default ACL in $os is currently not supported. sorry :(" >&2 + echo "setting default ACL in $os is currently not supported" >&2 else echo "$setfacl_exec -m \"$acl\" \"$acl_path\"" echo "added '$acl'" >> "$__messages_out" diff --git a/cdist/conf/type/__acl/man.rst b/cdist/conf/type/__acl/man.rst index 092eb555..85e946ce 100644 --- a/cdist/conf/type/__acl/man.rst +++ b/cdist/conf/type/__acl/man.rst @@ -8,46 +8,36 @@ cdist-type__acl - Set ACL entries DESCRIPTION ----------- -ACL must be defined as 3-symbol combination, using ``r``, ``w``, ``x`` and ``-``. - -Fully supported on Linux (tested on Debian and CentOS). - -Partial support for FreeBSD, OSX and Solaris. - -OpenBSD and NetBSD support is not possible. +Fully supported and tested on Linux (ext4 filesystem), partial support for FreeBSD. See ``setfacl`` and ``acl`` manpages for more details. -OPTIONAL MULTIPLE PARAMETERS +REQUIRED MULTIPLE PARAMETERS ---------------------------- -user - Add user ACL entry. - -group - Add group ACL entry. - - -OPTIONAL PARAMETERS -------------------- -mask - Add mask ACL entry. - -other - Add other ACL entry. +acl + Set ACL entry following ``getfacl`` output syntax. BOOLEAN PARAMETERS ------------------ +default + Set all ACL entries as default too. + Only directories can have default ACLs. + Setting default ACL in FreeBSD is currently not supported. + recursive Make ``setfacl`` recursive (Linux only), but not ``getfacl`` in explorer. -default - Add default ACL entries (FreeBSD not supported). - remove - Remove undefined ACL entries (Solaris not supported). - ACL entries for ``mask`` and ``other`` can't be removed. + Remove undefined ACL entries. + ``mask`` and ``other`` entries can't be removed, but only changed. + + +DEPRECATED PARAMETERS +--------------------- +Parameters ``user``, ``group``, ``mask`` and ``other`` are deprecated and they +will be removed in future versions. Please use ``acl`` parameter instead. EXAMPLES @@ -56,15 +46,30 @@ EXAMPLES .. code-block:: sh __acl /srv/project \ + --default \ --recursive \ + --remove \ + --acl user:alice:rwx \ + --acl user:bob:r-x \ + --acl group:project-group:rwx \ + --acl group:some-other-group:r-x \ + --acl mask::r-x \ + --acl other::r-x + + # give Alice read-only access to subdir, + # but don't allow her to see parent content. + + __acl /srv/project2 \ + --remove \ + --acl default:group:secret-project:rwx \ + --acl group:secret-project:rwx \ + --acl user:alice:--x + + __acl /srv/project2/subdir \ --default \ --remove \ - --user alice:rwx \ - --user bob:r-x \ - --group project-group:rwx \ - --group some-other-group:r-x \ - --mask r-x \ - --other r-x + --acl group:secret-project:rwx \ + --acl user:alice:r-x AUTHORS diff --git a/cdist/conf/type/__acl/parameter/deprecated/group b/cdist/conf/type/__acl/parameter/deprecated/group new file mode 100644 index 00000000..94e14159 --- /dev/null +++ b/cdist/conf/type/__acl/parameter/deprecated/group @@ -0,0 +1 @@ +see manual for details diff --git a/cdist/conf/type/__acl/parameter/deprecated/mask b/cdist/conf/type/__acl/parameter/deprecated/mask new file mode 100644 index 00000000..94e14159 --- /dev/null +++ b/cdist/conf/type/__acl/parameter/deprecated/mask @@ -0,0 +1 @@ +see manual for details diff --git a/cdist/conf/type/__acl/parameter/deprecated/other b/cdist/conf/type/__acl/parameter/deprecated/other new file mode 100644 index 00000000..94e14159 --- /dev/null +++ b/cdist/conf/type/__acl/parameter/deprecated/other @@ -0,0 +1 @@ +see manual for details diff --git a/cdist/conf/type/__acl/parameter/deprecated/user b/cdist/conf/type/__acl/parameter/deprecated/user new file mode 100644 index 00000000..94e14159 --- /dev/null +++ b/cdist/conf/type/__acl/parameter/deprecated/user @@ -0,0 +1 @@ +see manual for details diff --git a/cdist/conf/type/__acl/parameter/optional_multiple b/cdist/conf/type/__acl/parameter/optional_multiple index 22f5a52c..95c25d55 100644 --- a/cdist/conf/type/__acl/parameter/optional_multiple +++ b/cdist/conf/type/__acl/parameter/optional_multiple @@ -1,2 +1,3 @@ +acl user group diff --git a/cdist/conf/type/__apt_key/explorer/state b/cdist/conf/type/__apt_key/explorer/state index f7940741..38f1bd3c 100755 --- a/cdist/conf/type/__apt_key/explorer/state +++ b/cdist/conf/type/__apt_key/explorer/state @@ -27,6 +27,18 @@ else keyid="$__object_id" fi -apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \ - && echo present \ - || echo absent +keydir="$(cat "$__object/parameter/keydir")" +keyfile="$keydir/$__object_id.gpg" + +if [ -d "$keydir" ] +then + if [ -f "$keyfile" ] + then echo present + else echo absent + fi +else + # fallback to deprecated apt-key + apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \ + && echo present \ + || echo absent +fi diff --git a/cdist/conf/type/__apt_key/gencode-remote b/cdist/conf/type/__apt_key/gencode-remote index 9c4fa00c..0c96ff67 100755 --- a/cdist/conf/type/__apt_key/gencode-remote +++ b/cdist/conf/type/__apt_key/gencode-remote @@ -31,12 +31,82 @@ if [ "$state_should" = "$state_is" ]; then exit 0 fi +keydir="$(cat "$__object/parameter/keydir")" +keyfile="$keydir/$__object_id.gpg" + case "$state_should" in present) keyserver="$(cat "$__object/parameter/keyserver")" - echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\"" + + if [ -f "$__object/parameter/uri" ]; then + uri="$(cat "$__object/parameter/uri")" + + if [ -d "$keydir" ]; then + cat << EOF + +curl -s -L \\ + -o "$keyfile" \\ + "$uri" + +key="\$( cat "$keyfile" )" + +if echo "\$key" | grep -Fq 'BEGIN PGP PUBLIC KEY BLOCK' +then + echo "\$key" | gpg --dearmor > "$keyfile" +fi + +EOF + else + # fallback to deprecated apt-key + echo "curl -s -L '$uri' | apt-key add -" + fi + elif [ -d "$keydir" ]; then + # we need to kill gpg after 30 seconds, because gpg + # can get stuck if keyserver is not responding. + # exporting env var and not exit 1, + # because we need to clean up and kill dirmngr. + cat << EOF + +gpgtmphome="\$( mktemp -d )" + +if timeout 30s \\ + gpg --homedir "\$gpgtmphome" \\ + --keyserver "$keyserver" \\ + --recv-keys "$keyid" +then + gpg --homedir "\$gpgtmphome" \\ + --export "$keyid" \\ + > "$keyfile" +else + export GPG_GOT_STUCK=1 +fi + +GNUPGHOME="\$gpgtmphome" gpgconf --kill dirmngr + +rm -rf "\$gpgtmphome" + +if [ -n "\$GPG_GOT_STUCK" ] +then + echo "GPG GOT STUCK - no response from keyserver after 30 seconds" >&2 + exit 1 +fi + +EOF + else + # fallback to deprecated apt-key + echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\"" + fi + + echo "added '$keyid'" >> "$__messages_out" ;; absent) - echo "apt-key del \"$keyid\"" + if [ -f "$keyfile" ]; then + echo "rm '$keyfile'" + else + # fallback to deprecated apt-key + echo "apt-key del \"$keyid\"" + fi + + echo "removed '$keyid'" >> "$__messages_out" ;; esac diff --git a/cdist/conf/type/__apt_key/man.rst b/cdist/conf/type/__apt_key/man.rst index 9009877e..234bc715 100644 --- a/cdist/conf/type/__apt_key/man.rst +++ b/cdist/conf/type/__apt_key/man.rst @@ -28,6 +28,12 @@ keyserver the keyserver from which to fetch the key. If omitted the default set in ./parameter/default/keyserver is used. +keydir + key save location, defaults to ``/etc/apt/trusted.pgp.d`` + +uri + the URI from which to download the key + EXAMPLES -------- @@ -47,15 +53,20 @@ EXAMPLES # same thing with other keyserver __apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com + # download key from the internet + __apt_key rabbitmq \ + --uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc + AUTHORS ------- Steven Armstrong +Ander Punnar COPYING ------- -Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the +Copyright \(C) 2011-2019 Steven Armstrong and Ander Punnar. You can +redistribute it and/or modify it under the terms of the GNU General Public +License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. diff --git a/cdist/conf/type/__apt_key/manifest b/cdist/conf/type/__apt_key/manifest new file mode 100755 index 00000000..010357cd --- /dev/null +++ b/cdist/conf/type/__apt_key/manifest @@ -0,0 +1,8 @@ +#!/bin/sh -e + +__package gnupg + +if [ -f "$__object/parameter/uri" ] +then __package curl +else __package dirmngr +fi diff --git a/cdist/conf/type/__apt_key/parameter/default/keydir b/cdist/conf/type/__apt_key/parameter/default/keydir new file mode 100644 index 00000000..190eb2de --- /dev/null +++ b/cdist/conf/type/__apt_key/parameter/default/keydir @@ -0,0 +1 @@ +/etc/apt/trusted.gpg.d diff --git a/cdist/conf/type/__apt_key/parameter/optional b/cdist/conf/type/__apt_key/parameter/optional index 18cf2586..de647375 100644 --- a/cdist/conf/type/__apt_key/parameter/optional +++ b/cdist/conf/type/__apt_key/parameter/optional @@ -1,3 +1,5 @@ state keyid keyserver +keydir +uri diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/cksum b/cdist/conf/type/__consul/files/versions/1.5.0/cksum new file mode 100644 index 00000000..efca9caa --- /dev/null +++ b/cdist/conf/type/__consul/files/versions/1.5.0/cksum @@ -0,0 +1 @@ +886614099 103959898 consul diff --git a/cdist/conf/type/__consul/files/versions/1.5.0/source b/cdist/conf/type/__consul/files/versions/1.5.0/source new file mode 100644 index 00000000..cafa9248 --- /dev/null +++ b/cdist/conf/type/__consul/files/versions/1.5.0/source @@ -0,0 +1 @@ +https://releases.hashicorp.com/consul/1.5.0/consul_1.5.0_linux_amd64.zip diff --git a/cdist/conf/type/__consul/gencode-remote b/cdist/conf/type/__consul/gencode-remote index 1d2244ea..2a21054f 100755 --- a/cdist/conf/type/__consul/gencode-remote +++ b/cdist/conf/type/__consul/gencode-remote @@ -42,7 +42,7 @@ source_file_name="${source##*/}" cksum_should=$(cut -d' ' -f1,2 "$version_dir/cksum") cat << eof - tmpdir=\$(mktemp -d --tmpdir="/tmp" "${__type##*/}.XXXXXXXXXX") + tmpdir=\$(mktemp -d -p /tmp "${__type##*/}.XXXXXXXXXX") curl -s -L "$source" > "\$tmpdir/$source_file_name" unzip -p "\$tmpdir/$source_file_name" > "${destination}.tmp" rm -rf "\$tmpdir" diff --git a/cdist/conf/type/__consul/manifest b/cdist/conf/type/__consul/manifest index 0dd50f53..156eb667 100755 --- a/cdist/conf/type/__consul/manifest +++ b/cdist/conf/type/__consul/manifest @@ -24,7 +24,7 @@ os=$(cat "$__global/explorer/os") case "$os" in - scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo) + alpine|scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo) # any linux should work : ;; @@ -47,6 +47,7 @@ fi if [ -f "$__object/parameter/direct" ]; then __package unzip + __package curl else __staged_file /usr/local/bin/consul \ --source "$(cat "$version_dir/source")" \ diff --git a/cdist/conf/type/__consul_agent/files/consul.sys-openrc b/cdist/conf/type/__consul_agent/files/consul.sys-openrc new file mode 100644 index 00000000..1dbe9375 --- /dev/null +++ b/cdist/conf/type/__consul_agent/files/consul.sys-openrc @@ -0,0 +1,38 @@ +#!/sbin/openrc-run +# 2019 Nico Schottelius (nico-cdist at schottelius.org) + +description="consul agent" + +pidfile="${CONSUL_PIDFILE:-"/var/run/$RC_SVCNAME/pidfile"}" +command="${CONSUL_BINARY:-"/usr/local/bin/consul"}" + + +checkconfig() { + if [ ! -d /var/run/consul ] ; then + mkdir -p /var/run/consul || return 1 + chown consul:consul /var/run/$NAME || return 1 + chmod 2770 /var/run/$NAME || return 1 + fi +} + +start() { + need net + + start-stop-daemon --start --quiet --oknodo \ + --pidfile "$pidfile" --background \ + --exec $command -- agent -pid-file="$pidfile" -config-dir /etc/consul/conf.d +} +start_pre() { + checkconfig +} + +stop() { + if [ "${RC_CMD}" = "restart" ] ; then + checkconfig || return 1 + fi + + ebegin "Stopping $RC_SVCNAME" + start-stop-daemon --stop --exec "$command" \ + --pidfile "$pidfile" --quiet + eend $? +} diff --git a/cdist/conf/type/__consul_agent/manifest b/cdist/conf/type/__consul_agent/manifest index c48bfe85..a88d26ed 100755 --- a/cdist/conf/type/__consul_agent/manifest +++ b/cdist/conf/type/__consul_agent/manifest @@ -1,7 +1,7 @@ #!/bin/sh -e # # 2015 Steven Armstrong (steven-cdist at armstrong.cc) -# 2015 Nico Schottelius (nico-cdist at schottelius.org) +# 2015-2019 Nico Schottelius (nico-cdist at schottelius.org) # # This file is part of cdist. # @@ -23,7 +23,7 @@ os=$(cat "$__global/explorer/os") case "$os" in - scientific|centos|debian|devuan|redhat|ubuntu) + alpine|scientific|centos|debian|devuan|redhat|ubuntu) # whitelist safeguard : ;; @@ -181,22 +181,25 @@ init_upstart() # Install init script to start on boot case "$os" in - centos|redhat) - os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")" - major_version="${os_version%%.*}" - case "$major_version" in - [456]) - init_sysvinit redhat - ;; - 7) - init_systemd - ;; - *) - echo "Unsupported CentOS/Redhat version: $os_version" >&2 - exit 1 - ;; - esac - ;; + alpine|devuan) + init_sysvinit debian + ;; + centos|redhat) + os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")" + major_version="${os_version%%.*}" + case "$major_version" in + [456]) + init_sysvinit redhat + ;; + 7) + init_systemd + ;; + *) + echo "Unsupported CentOS/Redhat version: $os_version" >&2 + exit 1 + ;; + esac + ;; debian) os_version=$(cat "$__global/explorer/os_version") @@ -214,13 +217,9 @@ case "$os" in exit 1 ;; esac - ;; - - devuan) - init_sysvinit debian - ;; + ;; ubuntu) init_upstart - ;; + ;; esac diff --git a/cdist/conf/type/__docker/manifest b/cdist/conf/type/__docker/manifest index 04a9ff27..6a57d85a 100755 --- a/cdist/conf/type/__docker/manifest +++ b/cdist/conf/type/__docker/manifest @@ -64,6 +64,43 @@ case "$os" in require="__apt_source/docker" __package docker-ce --state "${state}" fi ;; + devuan) + os_version="$(cat "$__global/explorer/os_version")" + + case "$os_version" in + ascii) + distribution="stretch" + ;; + jessie) + distribution="jessie" + ;; + *) + echo "Your devuan release ($os_version) is currently not supported by this type (${__type##*/}).">&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; + esac + + if [ "${state}" = "present" ]; then + __package apt-transport-https + __package ca-certificates + __package gnupg2 + fi + __apt_key_uri docker --name "Docker Release (CE deb) " \ + --uri "https://download.docker.com/linux/${os}/gpg" --state "${state}" + + require="__apt_key_uri/docker" __apt_source docker \ + --uri "https://download.docker.com/linux/${os}" \ + --distribution "${distribution}" \ + --state "${state}" \ + --component "stable" + if [ "$version" != "latest" ]; then + require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}" + else + require="__apt_source/docker" __package docker-ce --state "${state}" + fi + + ;; *) echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 echo "Please contribute an implementation for it if you can." >&2 diff --git a/cdist/conf/type/__docker_swarm/explorer/swarm-state b/cdist/conf/type/__docker_swarm/explorer/swarm-state index 9c1bc32d..2c9fd598 100755 --- a/cdist/conf/type/__docker_swarm/explorer/swarm-state +++ b/cdist/conf/type/__docker_swarm/explorer/swarm-state @@ -18,4 +18,4 @@ # along with cdist. If not, see . # -docker info 2>/dev/null | grep "^Swarm: " | cut -d " " -f 2- +docker info 2>/dev/null | grep '^ *Swarm: ' | awk '{print $2}' diff --git a/cdist/conf/type/__git/gencode-remote b/cdist/conf/type/__git/gencode-remote index 5a9e23fc..ab22655f 100755 --- a/cdist/conf/type/__git/gencode-remote +++ b/cdist/conf/type/__git/gencode-remote @@ -19,32 +19,34 @@ # # -state_is="$(cat "$__object/explorer/state")" -owner_is="$(cat "$__object/explorer/owner")" -group_is="$(cat "$__object/explorer/group")" +state_is=$(cat "$__object/explorer/state") +owner_is=$(cat "$__object/explorer/owner") +group_is=$(cat "$__object/explorer/group") -state_should="$(cat "$__object/parameter/state")" +state_should=$(cat "$__object/parameter/state") -branch="$(cat "$__object/parameter/branch")" +branch=$(cat "$__object/parameter/branch") -source="$(cat "$__object/parameter/source")" +source=$(cat "$__object/parameter/source") destination="/$__object_id" -owner="$(cat "$__object/parameter/owner")" -group="$(cat "$__object/parameter/group")" -mode="$(cat "$__object/parameter/mode")" +owner=$(cat "$__object/parameter/owner") +group=$(cat "$__object/parameter/group") +mode=$(cat "$__object/parameter/mode") -[ "$state_should" = "$state_is" ] && \ -[ "$owner" = "$owner_is" ] && \ -[ "$group" = "$group_is" ] && \ -[ -n "$mode" ] && exit 0 +[ -f "$__object/parameter/recursive" ] && recursive='--recurse-submodules' || recursive='' +[ -f "$__object/parameter/shallow" ] && shallow='--depth 1 --shallow-submodules' || shallow='' + +[ "$state_should" = "$state_is" ] \ + && [ "$owner" = "$owner_is" ] \ + && [ "$group" = "$group_is" ] \ + && [ -n "$mode" ] && exit 0 case $state_should in present) - if [ "$state_should" != "$state_is" ]; then - echo git clone --quiet --branch "$branch" "$source" "$destination" + echo git clone --quiet "$recursive" "$shallow" --branch "$branch" "$source" "$destination" fi if { [ -n "$owner" ] && [ "$owner_is" != "$owner" ]; } || \ { [ -n "$group" ] && [ "$group_is" != "$group" ]; }; then @@ -54,8 +56,9 @@ case $state_should in echo chmod -R "$mode" "$destination" fi ;; - # Handled in manifest + absent) + # Handled in manifest ;; *) diff --git a/cdist/conf/type/__git/man.rst b/cdist/conf/type/__git/man.rst index 130925c8..d3e15f25 100644 --- a/cdist/conf/type/__git/man.rst +++ b/cdist/conf/type/__git/man.rst @@ -35,6 +35,12 @@ mode owner User to chown to. +recursive + Passes the --recurse-submodules flag to git when cloning the repository. + +shallow + Sets --depth=1 and --shallow-submodules for cloning repositories with big history. + EXAMPLES -------- diff --git a/cdist/conf/type/__git/parameter/boolean b/cdist/conf/type/__git/parameter/boolean new file mode 100644 index 00000000..d600d4ca --- /dev/null +++ b/cdist/conf/type/__git/parameter/boolean @@ -0,0 +1,2 @@ +recursive +shallow diff --git a/cdist/conf/type/__grafana_dashboard/manifest b/cdist/conf/type/__grafana_dashboard/manifest index 9cd1465d..d145c4c3 100755 --- a/cdist/conf/type/__grafana_dashboard/manifest +++ b/cdist/conf/type/__grafana_dashboard/manifest @@ -8,10 +8,16 @@ case $os in debian|devuan) case $os_version in 8*|jessie) - apt_source_distribution=jessie + # Differntation not needed anymore + apt_source_distribution=stable ;; 9*|ascii/ceres|ascii) - apt_source_distribution=stretch + # Differntation not needed anymore + apt_source_distribution=stable + ;; + 10*) + # Differntation not needed anymore + apt_source_distribution=stable ;; *) echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2 @@ -21,16 +27,15 @@ case $os in __apt_key_uri grafana \ --name 'Grafana Release Signing Key' \ - --uri https://packagecloud.io/gpg.key + --uri https://packages.grafana.com/gpg.key require="$require __apt_key_uri/grafana" __apt_source grafana \ - --uri https://packagecloud.io/grafana/stable/debian/ \ + --uri https://packages.grafana.com/oss/deb \ --distribution $apt_source_distribution \ --component main - __package apt-transport-https - - require="$require __apt_source/grafana __package/apt-transport-https" __package grafana + require="$require __apt_source/grafana" __apt_update_index + require="$require __package/apt-transport-https __apt_update_index" __package grafana require="$require __package/grafana" __start_on_boot grafana-server require="$require __start_on_boot/grafana-server" __process grafana-server --start "service grafana-server start" ;; diff --git a/cdist/conf/type/__group/explorer/group b/cdist/conf/type/__group/explorer/group index 07f73a91..dc673f61 100755 --- a/cdist/conf/type/__group/explorer/group +++ b/cdist/conf/type/__group/explorer/group @@ -1,6 +1,7 @@ #!/bin/sh # # 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -21,7 +22,21 @@ # Get an existing groups group entry. # +not_supported() { + echo "Your operating system ($("$__explorer/os")) is currently not supported." >&2 + echo "Cannot extract group information." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 +} + name=$__object_id -getent group "$name" || true - +if command -v getent >/dev/null +then + getent group "$name" || true +elif [ -f /etc/group ] +then + grep "^${name}:" /etc/group || true +else + not_supported +fi diff --git a/cdist/conf/type/__group/explorer/gshadow b/cdist/conf/type/__group/explorer/gshadow index ef40b7bc..05841d69 100755 --- a/cdist/conf/type/__group/explorer/gshadow +++ b/cdist/conf/type/__group/explorer/gshadow @@ -1,6 +1,7 @@ #!/bin/sh # # 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -22,13 +23,28 @@ # name=$__object_id -os="$("$__explorer/os")" +os=$("$__explorer/os") -case "$os" in - "freebsd"|"netbsd") - echo "$os does not have getent gshadow" - exit 0 - ;; +not_supported() { + echo "Your operating system ($os) is currently not supported." >&2 + echo "Cannot extract group information." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 +} + +case $os in + "freebsd"|"netbsd") + echo "$os does not have getent gshadow" >&2 + exit 0 + ;; esac -getent gshadow "$name" || true +if command -v getent >/dev/null +then + getent gshadow "$name" || true +elif [ -f /etc/gshadow ] +then + grep "^${name}:" /etc/gshadow || true +else + not_supported +fi diff --git a/cdist/conf/type/__hostname/explorer/has_hostnamectl b/cdist/conf/type/__hostname/explorer/has_hostnamectl index 9040023d..2f531f30 100755 --- a/cdist/conf/type/__hostname/explorer/has_hostnamectl +++ b/cdist/conf/type/__hostname/explorer/has_hostnamectl @@ -21,4 +21,4 @@ # Check whether system has hostnamectl # -command -v hostnamectl || true +command -v hostnamectl 2>/dev/null || true diff --git a/cdist/conf/type/__hostname/explorer/max_len b/cdist/conf/type/__hostname/explorer/max_len new file mode 100644 index 00000000..fb863949 --- /dev/null +++ b/cdist/conf/type/__hostname/explorer/max_len @@ -0,0 +1,10 @@ +#!/bin/sh -e + +command -v getconf >/dev/null || exit 0 + +val=$(getconf HOST_NAME_MAX 2>/dev/null) || exit 0 + +if test -n "${val}" -a "${val}" != 'undefined' +then + echo "${val}" +fi diff --git a/cdist/conf/type/__hostname/gencode-remote b/cdist/conf/type/__hostname/gencode-remote index 8b5797dd..ae224611 100755 --- a/cdist/conf/type/__hostname/gencode-remote +++ b/cdist/conf/type/__hostname/gencode-remote @@ -2,6 +2,7 @@ # # 2014-2017 Steven Armstrong (steven-cdist at armstrong.cc) # 2014 Nico Schottelius (nico-cdist at schottelius.org) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -19,60 +20,81 @@ # along with cdist. If not, see . # -if [ -f "$__object/parameter/name" ]; then - name_should="$(cat "$__object/parameter/name")" -else - name_should="${__target_host%%.*}" -fi - os=$(cat "$__global/explorer/os") name_running=$(cat "$__global/explorer/hostname") -name_config=$(cat "$__object/explorer/hostname_file") -name_sysconfig=$(cat "$__object/explorer/hostname_sysconfig") has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl") + +if test -s "$__object/parameter/name" +then + name_should=$(cat "$__object/parameter/name") +else + case $os + in + # RedHat-derivatives and BSDs + centos|fedora|redhat|scientific|freebsd|macosx|netbsd|openbsd) + # Hostname is FQDN + name_should="${__target_host}" + ;; + *) + # Hostname is only first component of FQDN + name_should="${__target_host%%.*}" + ;; + esac +fi + + ################################################################################ -# If everything is ok -> exit +# Check if the (running) hostname is already correct # -case "$os" in - archlinux|debian|suse|ubuntu|devuan|coreos|alpine) - if [ "$name_config" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then - exit 0 - fi - ;; - scientific|centos|freebsd|openbsd) - if [ "$name_sysconfig" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then - exit 0 - fi - ;; - *) - echo "Unsupported os: $os" >&2 - exit 1 - ;; -esac +test "$name_running" != "$name_should" || exit 0 + ################################################################################ # Setup hostname # -echo changed >> "$__messages_out" +echo 'changed' >>"$__messages_out" -# Use the good old way to set the hostname even on machines running systemd. -case "$os" in - archlinux|debian|ubuntu|devuan|centos|coreos|alpine) - printf "printf '%%s\\\\n' '$name_should' > /etc/hostname\\n" - echo "hostname -F /etc/hostname" +# Use the good old way to set the hostname. +case $os +in + alpine|debian|devuan|ubuntu) + echo 'hostname -F /etc/hostname' ;; - freebsd|openbsd) + archlinux) + echo 'command -v hostnamectl >/dev/null 2>&1' \ + "&& hostnamectl set-hostname '$name_should'" \ + "|| hostname '$name_should'" + ;; + centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|gentoo|void) echo "hostname '$name_should'" ;; - suse) + macosx) + echo "scutil --set HostName '$name_should'" + ;; + solaris) + echo "uname -S '$name_should'" + ;; + slackware|suse|opensuse-leap) + # We do not read from /etc/HOSTNAME, because the running + # hostname is the first component only while the file contains + # the FQDN. echo "hostname '$name_should'" - printf "printf '%%s\\\\n' '$name_should' > /etc/HOSTNAME\\n" + ;; + *) + # Fall back to set the hostname using hostnamectl, if available. + if test -n "$has_hostnamectl" + then + # Don't use hostnamectl as the primary means to set the hostname for + # systemd systems, because it cannot be trusted to work reliably and + # exit with non-zero when it fails (e.g. hostname too long, + # D-Bus failure, etc.). + + echo "hostnamectl set-hostname \"\$(cat /etc/hostname)\"" + echo "test \"\$(hostname)\" = \"\$(cat /etc/hostname)\"" \ + " || hostname -F /etc/hostname" + else + printf "echo 'Unsupported OS: %s' >&2\nexit 1\n" "$os" + fi ;; esac - -if [ "$has_hostnamectl" ]; then - # Allow hostnamectl set-hostname to fail silently. - # Who the fuck invented a tool that needs dbus to set the hostname anyway ... - echo "hostnamectl set-hostname '$name_should' || true" -fi diff --git a/cdist/conf/type/__hostname/man.rst b/cdist/conf/type/__hostname/man.rst index d23a3b8a..72aefbab 100644 --- a/cdist/conf/type/__hostname/man.rst +++ b/cdist/conf/type/__hostname/man.rst @@ -8,7 +8,10 @@ cdist-type__hostname - Set the hostname DESCRIPTION ----------- -Set's the hostname on various operating systems. +Sets the hostname on various operating systems. + +**Tip:** For advice on choosing a hostname, see +`RFC 1178 `_. REQUIRED PARAMETERS @@ -18,7 +21,7 @@ None. OPTIONAL PARAMETERS ------------------- name - The hostname to set. Defaults to the first segment of __target_host + The hostname to set. Defaults to the first segment of __target_host (${__target_host%%.*}) diff --git a/cdist/conf/type/__hostname/manifest b/cdist/conf/type/__hostname/manifest index 8f1adf12..75a90027 100755 --- a/cdist/conf/type/__hostname/manifest +++ b/cdist/conf/type/__hostname/manifest @@ -2,6 +2,7 @@ # # 2012 Steven Armstrong (steven-cdist at armstrong.cc) # 2014 Nico Schottelius (nico-cdist at schottelius.org) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -19,50 +20,170 @@ # along with cdist. If not, see . # +not_supported() { + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 +} + +set_hostname_systemd() { + echo "$1" | __file /etc/hostname --source - +} + os=$(cat "$__global/explorer/os") -if [ -f "$__object/parameter/name" ]; then - name_should="$(cat "$__object/parameter/name")" +os_version=$(cat "$__global/explorer/os_version") +os_major=$(echo "$os_version" | grep -o '^[0-9][0-9]*') + +max_len=$(cat "$__object/explorer/max_len") +has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl") + +if test -s "$__object/parameter/name" +then + name_should=$(cat "$__object/parameter/name") else - case "$os" in - openbsd) - name_should="${__target_host}" - ;; - *) - name_should="${__target_host%%.*}" - ;; + case $os + in + # RedHat-derivatives and BSDs + centos|fedora|redhat|scientific|freebsd|netbsd|openbsd|slackware) + # Hostname is FQDN + name_should="${__target_host}" + ;; + suse|opensuse-leap) + # Classic SuSE stores the FQDN in /etc/HOSTNAME, while + # systemd does not. The running hostname is the first + # component in both cases. + # In versions before 15.x, the FQDN is stored in /etc/hostname. + if test -n "$has_hostnamectl" && test "$os_major" -ge 15 \ + && test "$os_major" -ne 42 + then + name_should="${__target_host%%.*}" + else + name_should="${__target_host}" + fi + ;; + *) + # Hostname is only first component of FQDN on all other systems. + name_should="${__target_host%%.*}" + ;; esac fi +if test -n "$max_len" && test "$(printf '%s' "$name_should" | wc -c)" -gt "$max_len" +then + printf "Host name too long. Up to %u characters allowed.\n" "${max_len}" >&2 + exit 1 +fi -not_supported() { - echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 - echo "Please contribute an implementation for it if you can." >&2 - exit 1 -} +case $os +in + alpine|debian|devuan|ubuntu|void) + echo "$name_should" | __file /etc/hostname --source - + ;; + archlinux) + if test -n "$has_hostnamectl" + then + set_hostname_systemd "$name_should" + else + echo 'Ancient ArchLinux variants without hostnamectl are not supported.' >&2 + exit 1 + # Only for ancient ArchLinux, write to /etc/rc.conf on pre-systemd + # versions. There are some versions which use /etc/hostname but not + # systemd. It is unclear which ones these are. -case "$os" in - archlinux|debian|suse|ubuntu|devuan|coreos|alpine) + # __key_value '/etc/rc.conf:HOSTNAME' \ + # --file /etc/rc.conf \ + # --delimiter '=' --exact_delimiter \ + # --key 'HOSTNAME' \ + # --value "\"$name_should\"" + fi + ;; + centos|fedora|redhat|scientific) + if test -z "$has_hostnamectl" + then + # Only write to /etc/sysconfig/network on non-systemd versions. + # On systemd-based versions this entry is ignored. + __key_value '/etc/sysconfig/network:HOSTNAME' \ + --file /etc/sysconfig/network \ + --delimiter '=' --exact_delimiter \ + --key HOSTNAME \ + --value "\"$name_should\"" + else + set_hostname_systemd "$name_should" + fi + ;; + gentoo) + # Only write to /etc/conf.d/hostname on OpenRC-based installations. + # On systemd use hostnamectl(1) in gencode-remote. + if test -z "$has_hostnamectl" + then + __key_value '/etc/conf.d/hostname:hostname' \ + --file /etc/conf.d/hostname \ + --delimiter '=' --exact_delimiter \ + --key 'hostname' \ + --value "\"$name_should\"" + else + set_hostname_systemd "$name_should" + fi + ;; + freebsd) + __key_value '/etc/rc.conf:hostname' \ + --file /etc/rc.conf \ + --delimiter '=' --exact_delimiter \ + --key 'hostname' \ + --value "\"$name_should\"" + ;; + macosx) # handled in gencode-remote : ;; - scientific|centos) - __key_value sysconfig-hostname \ - --file /etc/sysconfig/network \ - --delimiter '=' \ - --key HOSTNAME \ - --value "$name_should" --exact_delimiter - ;; - freebsd) - __key_value rcconf-hostname \ + netbsd) + __key_value '/etc/rc.conf:hostname' \ --file /etc/rc.conf \ - --delimiter '=' \ + --delimiter '=' --exact_delimiter \ --key 'hostname' \ - --value "$name_should" + --value "\"$name_should\"" + + # To avoid confusion, ensure that the hostname is only stored once. + __file /etc/myname --state absent ;; openbsd) echo "$name_should" | __file /etc/myname --source - ;; + slackware) + # We write the FQDN into /etc/HOSTNAME. But /etc/rc.d/rc.M will only + # read the first component from this file and set it as the running + # hostname on boot. + echo "$name_should" | __file /etc/HOSTNAME --source - + ;; + solaris) + echo "$name_should" | __file /etc/nodename --source - + ;; + suse|opensuse-leap) + # Modern SuSE provides /etc/HOSTNAME as a symlink for + # backwards-compatibility. Unfortunately it cannot be used + # here as __file does not follow the symlink. + # Therefore, we use the presence of the hostnamectl binary as + # an indication of which file to use. This unfortunately does + # not work correctly on openSUSE 12.x which provides + # hostnamectl but not /etc/hostname. + + if test -n "$has_hostnamectl" -a "$os_major" -gt 12 + then + hostname_file='/etc/hostname' + else + hostname_file='/etc/HOSTNAME' + fi + + echo "$name_should" | __file "$hostname_file" --source - + ;; *) - not_supported + # On other operating systems we fall back to systemd's + # hostnamectl if available… + if test -n "$has_hostnamectl" + then + set_hostname_systemd "$name_should" + else + not_supported + fi ;; esac diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index d6892c9b..68ecf9d4 100755 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -7,6 +7,12 @@ if [ -z "${certbot_fullpath}" ]; then os_version="$(cat "${__global}/explorer/os_version")" case "$os" in + archlinux) + __package certbot + ;; + alpine) + __package certbot + ;; debian) case "$os_version" in 8*) @@ -33,6 +39,10 @@ if [ -z "${certbot_fullpath}" ]; then require="__apt_source/stretch-backports" __package_apt certbot \ --target-release stretch-backports ;; + 10*) + __package_apt certbot + ;; + *) echo "Unsupported OS version: $os_version" >&2 exit 1 @@ -62,11 +72,12 @@ if [ -z "${certbot_fullpath}" ]; then --distribution ascii-backports \ --component main - require="__apt_source/ascii-backports" __package_apt python-certbot \ - --target-release ascii-backports require="__apt_source/ascii-backports" __package_apt certbot \ --target-release ascii-backports ;; + beowulf*) + __package_apt certbot + ;; *) echo "Unsupported OS version: $os_version" >&2 exit 1 diff --git a/cdist/conf/type/__package_update_index/explorer/currage b/cdist/conf/type/__package_update_index/explorer/currage index 3539b8e1..cfb778d5 100644 --- a/cdist/conf/type/__package_update_index/explorer/currage +++ b/cdist/conf/type/__package_update_index/explorer/currage @@ -34,6 +34,9 @@ case "$type" in echo 0 fi ;; + alpine) + echo 0 + ;; *) echo "Your specified type ($type) is currently not supported." >&2 echo "Please contribute an implementation for it if you can." >&2 ;; diff --git a/cdist/conf/type/__package_update_index/explorer/type b/cdist/conf/type/__package_update_index/explorer/type index 35254c5f..c98e1e67 100644 --- a/cdist/conf/type/__package_update_index/explorer/type +++ b/cdist/conf/type/__package_update_index/explorer/type @@ -26,6 +26,7 @@ else amazon|scientific|centos|fedora|redhat) echo "yum" ;; debian|ubuntu|devuan) echo "apt" ;; archlinux) echo "pacman" ;; + alpine) echo "apk" ;; *) echo "Don't know how to manage packages on: $os" >&2 exit 1 diff --git a/cdist/conf/type/__package_update_index/gencode-remote b/cdist/conf/type/__package_update_index/gencode-remote index 738d38eb..9b2ecba2 100755 --- a/cdist/conf/type/__package_update_index/gencode-remote +++ b/cdist/conf/type/__package_update_index/gencode-remote @@ -47,6 +47,10 @@ case "$type" in echo "pacman --noprogressbar --sync --refresh" echo "pacman package database synced (age was: $currage)" >> "$__messages_out" ;; + alpine) + echo "apk update" + echo "apk package database updated." + ;; *) echo "Don't know how to manage packages for type: $type" >&2 exit 1 diff --git a/cdist/conf/type/__hostname/explorer/hostname_file b/cdist/conf/type/__podman_compose/gencode-remote old mode 100755 new mode 100644 similarity index 72% rename from cdist/conf/type/__hostname/explorer/hostname_file rename to cdist/conf/type/__podman_compose/gencode-remote index 6a00aa9f..0f5cf9db --- a/cdist/conf/type/__hostname/explorer/hostname_file +++ b/cdist/conf/type/__podman_compose/gencode-remote @@ -1,6 +1,6 @@ -#!/bin/sh +#!/bin/sh -e # -# 2014 Nico Schottelius (nico-cdist at schottelius.org) +# 2019 Daniel Tschada # # This file is part of cdist. # @@ -17,14 +17,8 @@ # You should have received a copy of the GNU General Public License # along with cdist. If not, see . # -# -# Retrieve the contents of /etc/hostname -# -# Almost any distribution -if [ -f /etc/hostname ]; then - cat /etc/hostname -# SuSE -elif [ -f /etc/HOSTNAME ]; then - cat /etc/HOSTNAME -fi +install="$(cat "$__object/parameter/install")" +state="$(cat "$__object/parameter/state")" +user="$(cat "$__object/parameter/user")" +version="$(cat "$__object/parameter/version")" \ No newline at end of file diff --git a/cdist/conf/type/__podman_compose/man.rst b/cdist/conf/type/__podman_compose/man.rst new file mode 100644 index 00000000..fa98f443 --- /dev/null +++ b/cdist/conf/type/__podman_compose/man.rst @@ -0,0 +1,61 @@ +cdist-type__podman_compose(7) +============================= + +NAME +---- +cdist-type__podman_compose - install podman-compose + + +DESCRIPTION +----------- +Installs podman-compose package. +State 'absent' will not remove podman binary itself, +only podman-compose binary will be removed + + +REQUIRED PARAMETERS +------------------- +install + defaults to 'pip' + + +OPTIONAL PARAMETERS +------------------- +state + 'present' or 'absent', defaults to 'present' +user + the user who owns the file, defaults to 'root' + + +BOOLEAN PARAMETERS +------------------ +None. + + +EXAMPLES +-------- + +.. code-block:: sh + + # Install podman-compose + __podman_compose + + # Install latest version via pip + __podman_compose --state present --install pip + + # Install latest version via pip and change user + __podman_compose --state present --install pip --user root + + # Remove podman-compose + __podman_compose --state absent + + +AUTHORS +------- +Daniel Tschada + + +COPYING +------- +Copyright \(C) 2019 Daniel Tschada. Free use of this software is +granted under the terms of the GNU General Public License version 3 or later (GPLv3+). diff --git a/cdist/conf/type/__podman_compose/manifest b/cdist/conf/type/__podman_compose/manifest new file mode 100755 index 00000000..2b06068d --- /dev/null +++ b/cdist/conf/type/__podman_compose/manifest @@ -0,0 +1,50 @@ +#!/bin/sh -e +# +# 2019 Daniel Tschada +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# + +# shellcheck disable=SC2154 +# shellcheck disable=SC2034 +install="$(cat "$__object/parameter/install")" +state="$(cat "$__object/parameter/state")" +user="$(cat "$__object/parameter/user")" +version="$(cat "$__object/parameter/version")" + +# install it with pip +if [ "${install}" = "pip" ]; then + + if [ "${state}" = "present" ]; then + __package_pip podman-compose --state present --pip /usr/local/bin/podman-compose --runas "${user}" + elif [ "${state}" = "absent" ]; then + __package_pip podman-compose --state absent + else + if [ "${state}" != "present" ] -a [ "${state}" != "absent" ]; then + echo "Unknown state: ${state}" >&2 + exit 1 + else + echo "Unknown user: ${user}" >&2 + exit 1 + fi + fi + +else + + echo "Unknown user: ${install}" >&2 + exit 1 + +fi \ No newline at end of file diff --git a/cdist/conf/type/__podman_compose/parameter/default/install b/cdist/conf/type/__podman_compose/parameter/default/install new file mode 100644 index 00000000..a1b589e3 --- /dev/null +++ b/cdist/conf/type/__podman_compose/parameter/default/install @@ -0,0 +1 @@ +pip diff --git a/cdist/conf/type/__podman_compose/parameter/default/state b/cdist/conf/type/__podman_compose/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__podman_compose/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__podman_compose/parameter/default/user b/cdist/conf/type/__podman_compose/parameter/default/user new file mode 100644 index 00000000..d8649da3 --- /dev/null +++ b/cdist/conf/type/__podman_compose/parameter/default/user @@ -0,0 +1 @@ +root diff --git a/cdist/conf/type/__podman_compose/parameter/optional b/cdist/conf/type/__podman_compose/parameter/optional new file mode 100644 index 00000000..92913e56 --- /dev/null +++ b/cdist/conf/type/__podman_compose/parameter/optional @@ -0,0 +1,4 @@ +install +state +user +version diff --git a/cdist/conf/type/__podman_compose/parameter/required b/cdist/conf/type/__podman_compose/parameter/required new file mode 100644 index 00000000..7c32f559 --- /dev/null +++ b/cdist/conf/type/__podman_compose/parameter/required @@ -0,0 +1 @@ +install diff --git a/cdist/conf/type/__podman_compose/singleton b/cdist/conf/type/__podman_compose/singleton new file mode 100644 index 00000000..e69de29b diff --git a/cdist/conf/type/__prometheus_alertmanager/manifest b/cdist/conf/type/__prometheus_alertmanager/manifest index 8ee818c3..cf410c44 100755 --- a/cdist/conf/type/__prometheus_alertmanager/manifest +++ b/cdist/conf/type/__prometheus_alertmanager/manifest @@ -30,6 +30,7 @@ if [ -f "$__object/parameter/install-from-backports" ]; then *) echo "--install-from-backports is only supported on Devuan -- ignoring." >&2 echo "Send a pull request if you require it." >&2 + exit 1 ;; esac else @@ -60,5 +61,5 @@ require="$require __directory/$storage_path $require_pkg" \ __config_file $CONF \ --source "$config" \ --group prometheus --mode 640 \ - --onchange "service prometheus-alertmanager reload" # TODO when a config-check tool is available, check config here + --onchange "service prometheus-alertmanager restart" # TODO when a config-check tool is available, check config here diff --git a/cdist/conf/type/__prometheus_exporter/manifest b/cdist/conf/type/__prometheus_exporter/manifest index b9e14531..f3930ac6 100644 --- a/cdist/conf/type/__prometheus_exporter/manifest +++ b/cdist/conf/type/__prometheus_exporter/manifest @@ -5,9 +5,11 @@ export GOBIN=/opt/gocode/bin # where to find go binaries exporter="$(cat "$__object/parameter/exporter")" [ -z "$exporter" ] && exporter="$__object_id" -__user prometheus --system +__user prometheus +require="__user/prometheus" __group prometheus +require="__group/prometheus" __user_groups prometheus --group prometheus -require="" +require="__user_groups/prometheus" case $exporter in node) TEXTFILES=/service/node-exporter/textfiles # path for the textfiles collector diff --git a/cdist/conf/type/__prometheus_server/manifest b/cdist/conf/type/__prometheus_server/manifest index 8685130f..9756169e 100755 --- a/cdist/conf/type/__prometheus_server/manifest +++ b/cdist/conf/type/__prometheus_server/manifest @@ -33,11 +33,13 @@ if [ -f "$__object/parameter/install-from-backports" ]; then *) echo "--install-from-backports is only supported on Devuan -- ignoring." >&2 echo "Send a pull request if you require it." >&2 + exit 1 ;; esac else __package prometheus - require_pkg="__package/prometheus" + __package prometheus-blackbox-exporter + require_pkg="__package/prometheus __package/prometheus-blackbox-exporter" fi ##### PREPARE PATHS AND SUCH ################################################ @@ -58,7 +60,7 @@ require="$require __directory/$storage_path $require_pkg" \ __config_file $CONF \ --source "$config" \ --group prometheus --mode 640 \ - --onchange "promtool check config $CONF && service prometheus reload" + --onchange "promtool check config $CONF && service prometheus restart" for file in $rule_files; do dest=$CONF_DIR/$(basename "$file") @@ -66,6 +68,6 @@ for file in $rule_files; do __config_file "$dest" \ --source "$file" \ --owner prometheus \ - --onchange "promtool check rules '$dest' && service prometheus reload" + --onchange "promtool check rules '$dest' && service prometheus restart" done diff --git a/cdist/conf/type/__sensible_editor/explorer/editor_path b/cdist/conf/type/__sensible_editor/explorer/editor_path new file mode 100644 index 00000000..dcf63c9b --- /dev/null +++ b/cdist/conf/type/__sensible_editor/explorer/editor_path @@ -0,0 +1,131 @@ +#!/bin/sh -e +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Check if the given editor is present on the target system and determine its +# absolute path. +# + +die() { + echo "$@" >&2 + exit 1 +} + +editor_missing() { die "Editor '$1' is missing on the target system."; } +editor_no_alternative() { + die "Editor '$1' is not in the alternatives list of the target system." \ + "$(test -n "${editors}" && printf '\nPlease choose one of:\n\n%s\n' "${editors}")" +} + +# No need to check for the path if the file is supposed to be removed. +test "$(cat "${__object}/parameter/state")" != 'absent' || exit 0 + + +case $("${__explorer}/os") +in + debian|devuan|ubuntu) + has_alternatives=true + + # NOTE: Old versions do not support `--list`, in this case ignore the errors. + # This will require an absolute path to be provided, though. + editors=$(update-alternatives --list editor 2>/dev/null) + ;; + *) + # NOTE: RedHat has an alternatives system but it doesn't usually track + # editors and it is a pain to extract the list. + has_alternatives=false + ;; +esac + +# Read --editor parameter and check its value since it is "optional" +editor=$(cat "${__object}/parameter/editor" 2>/dev/null) || true +test -n "${editor}" || die 'Please provide an --editor to configure.' + +case $editor +in + /*) + is_abspath=true + ;; + */*) + die 'Relative editor paths are not supported' + ;; + *) + is_abspath=false + ;; +esac + + +if $has_alternatives && test -n "${editors}" +then + IFS=' +' + if ! $is_abspath + then + # First, try to resolve the absolute path using $editors. + while true + do + for e in $editors + do + if test "$(basename "${e}")" = "${editor}" + then + editor="${e}" + break 2 # break out of both loops + fi + done + + # Iterating through alternatives did not yield a result + editor_no_alternative "${editor}" + break + done + fi + + # Check if editor is present + test -f "${editor}" || editor_missing "${editor}" + + for e in $editors + do + if test "${editor}" = "${e}" + then + # Editor is part of the alternatives list -> use it! + echo "${editor}" + exit 0 + fi + done + + editor_no_alternative "${editor}" +else + # NOTE: This branch is mostly for RedHat-based systems which do + # not track editor alternatives. To make this type useful + # on RedHat at all we allow an absoloute path to be provided + # in any case. + + if $is_abspath + then + test -x "${editor}" || editor_missing "${editor}" + + echo "${editor}" + exit 0 + else + die "The target doesn't list any editor alternatives. " \ + "Please specify an absolute path or populate the alternatives list." + fi +fi + +# The script should never reach this statement! +exit 1 diff --git a/cdist/conf/type/__sensible_editor/explorer/group b/cdist/conf/type/__sensible_editor/explorer/group new file mode 100644 index 00000000..5d288189 --- /dev/null +++ b/cdist/conf/type/__sensible_editor/explorer/group @@ -0,0 +1,26 @@ +#!/bin/sh -e +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Determines the primary group of the user. +# + +user=$__object_id + +id -gn "${user}" 2>/dev/null diff --git a/cdist/conf/type/__sensible_editor/explorer/user_home b/cdist/conf/type/__sensible_editor/explorer/user_home new file mode 100644 index 00000000..b88243f7 --- /dev/null +++ b/cdist/conf/type/__sensible_editor/explorer/user_home @@ -0,0 +1,33 @@ +#!/bin/sh -e +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# +# Determines the home folder of the target user. +# + +user=$__object_id +home=$(getent passwd "${user}" | cut -d':' -f6) + +if ! test -d "${home}" +then + echo "Cannot find home directory of user ${user}" >&2 + exit 1 +fi + +echo "${home}" diff --git a/cdist/conf/type/__sensible_editor/man.rst b/cdist/conf/type/__sensible_editor/man.rst new file mode 100644 index 00000000..9b805e06 --- /dev/null +++ b/cdist/conf/type/__sensible_editor/man.rst @@ -0,0 +1,78 @@ +cdist-type__sensible_editor(7) +============================== + +NAME +---- +cdist-type__sensible_editor - Select the sensible-editor + + +DESCRIPTION +----------- +This cdist type allows you to select the :strong:`sensible-editor` for +a given user. + + +REQUIRED PARAMETERS +------------------- +editor + Name or path of the editor to be selected. + On systems other than Debian derivatives an absolute path is required. + + It is permissible to omit this parameter if --state is absent. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', or 'exists'. Defaults to 'present', where: + + present + the sensible-editor is exactly what is specified in --editor. + absent + no sensible-editor configuration is present. + exists + the sensible-editor will be set to what is specified in --editor, + unless there already is a configuration on the target system. + + +EXAMPLES +-------- + +.. code-block:: sh + + __sensible_editor root --editor /bin/ed # ed(1) is the standard + __sensible_editor noob --editor nano + + +LIMITATIONS +----------- + +This type depends upon the :strong:`sensible-editor`\ (1) script which +is part of the sensible-utils package. + +Therefore, the following operating systems are supported: + * Debian 8 (jessie) or later + * Devuan + * Ubuntu 8.10 (intrepid) or later + * RHEL/CentOS 7 or later (EPEL repo required) + * Fedora 21 or later + +Note: on old versions of Ubuntu the sensible-* utils are part of the +debianutils package. + +SEE ALSO +-------- +:strong:`select-editor`\ (1), :strong:`sensible-editor`\ (1). + + +AUTHOR +------- +Dennis Camera + + +COPYING +------- +Copyright \(C) 2019 Dennis Camera. +You can redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either version 3 of +the License, or (at your option) any later version. diff --git a/cdist/conf/type/__sensible_editor/manifest b/cdist/conf/type/__sensible_editor/manifest new file mode 100644 index 00000000..1cdb0c2c --- /dev/null +++ b/cdist/conf/type/__sensible_editor/manifest @@ -0,0 +1,94 @@ +#!/bin/sh -e +# -*- mode: sh; indent-tabs-mode: t -*- +# +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# + +version_ge() { + awk -F '[^0-9.]' -v target="${1:?}" ' + function max(x, y) { return x > y ? x : y; } + BEGIN { + getline; + nx = split($1, x, "."); + ny = split(target, y, "."); + for (i = 1; i <= max(nx, ny); ++i) { + diff = int(x[i]) - int(y[i]); + if (diff < 0) exit 1; + else if (diff > 0) exit 0; + else continue; + } + }' +} + +not_supported() { + echo "OS ${os} does not support __sensible_editor." >&2 + echo 'If it does, please provide a patch.' >&2 + exit 1 +} + +os=$(cat "${__global}/explorer/os") +os_version=$(cat "${__global}/explorer/os_version") + +state=$(cat "${__object}/parameter/state") +user=$__object_id + +if test "${state}" != 'present' && test "${state}" != 'exists' && test "${state}" != 'absent' +then + echo 'Only "present", "exists", and "absent" are allowed for --state' >&2 + exit 1 +fi + +package_name='sensible-utils' + +case $os +in + debian) + pkg_type='apt' + ;; + devuan) + pkg_type='apt' + ;; + ubuntu) + (echo "${os_version}" | version_ge 10.04) || package_name='debianutils' + pkg_type='apt' + ;; + centos|fedora|redhat|scientific) + pkg_type='yum' + ;; + *) + not_supported + ;; +esac + +if test "${state}" != 'absent' +then + __package "${package_name}" --state present \ + --type "${pkg_type}" + export require="__package/${package_name}" +fi + +editor_path=$(cat "${__object}/explorer/editor_path") +user_home=$(cat "${__object}/explorer/user_home") +group=$(cat "${__object}/explorer/group") + +__file "${user_home}/.selected_editor" --state "${state}" \ + --owner "${user}" --group "${group}" --mode 0644 \ + --source - </dev/null || echo "$__object_id")" - home=$(getent passwd "$owner" | cut -d':' -f 6) - echo "$home/.ssh/authorized_keys" + if [ -s "$__object/parameter/owner" ] + then + owner=$(cat "$__object/parameter/owner") + else + owner="$__object_id" + fi + + if command -v getent >/dev/null + then + owner_line=$(getent passwd "$owner") + elif [ -f /etc/passwd ] + then + case $owner + in + [0-9][0-9]*) + owner_line=$(awk -F: "\$3 == \"${owner}\" { print }" /etc/passwd) + ;; + *) + owner_line=$(awk -F: "\$1 == \"${owner}\" { print }" /etc/passwd) + ;; + esac + fi + + if [ "$owner_line" ] + then + home=$(echo "$owner_line" | cut -d':' -f6) + fi + + if [ ! -d "$home" ] + then + # Don't know how to determine user's home directory, fall back to ~ + home="~$owner" + command -v realpath >/dev/null && home=$(realpath "$home") + fi + + [ -d "$home" ] && echo "$home/.ssh/authorized_keys" fi diff --git a/cdist/conf/type/__ssh_authorized_keys/explorer/group b/cdist/conf/type/__ssh_authorized_keys/explorer/group index 72a4e314..d259050f 100755 --- a/cdist/conf/type/__ssh_authorized_keys/explorer/group +++ b/cdist/conf/type/__ssh_authorized_keys/explorer/group @@ -1,6 +1,7 @@ #!/bin/sh # # 2014 Steven Armstrong (steven-cdist at armstrong.cc) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -18,6 +19,28 @@ # along with cdist. If not, see . # -owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")" -gid="$(getent passwd "$owner" | cut -d':' -f 4)" -getent group "$gid" || true +if [ -s "$__object/parameter/owner" ] +then + owner=$(cat "$__object/parameter/owner") +else + owner="$__object_id" +fi + +if command -v getent >/dev/null +then + gid=$(getent passwd "$owner" | cut -d':' -f4) + getent group "$gid" || true +else + # Fallback to local file scanning + case $owner + in + [0-9][0-9]*) + gid=$(awk -F: "\$3 == \"${owner}\" { print \$4 }" /etc/passwd) + ;; + *) + gid=$(awk -F: "\$1 == \"${owner}\" { print \$4 }" /etc/passwd) + ;; + esac + + awk -F: "\$3 == \"$gid\" { print }" /etc/group +fi diff --git a/cdist/conf/type/__ssh_authorized_keys/manifest b/cdist/conf/type/__ssh_authorized_keys/manifest index b507c7ff..b9f0582e 100755 --- a/cdist/conf/type/__ssh_authorized_keys/manifest +++ b/cdist/conf/type/__ssh_authorized_keys/manifest @@ -23,6 +23,12 @@ owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")" state="$(cat "$__object/parameter/state" 2>/dev/null)" file="$(cat "$__object/explorer/file")" +if [ ! -f "$__object/parameter/nofile" ] && [ -z "$file" ] +then + echo "Cannot determine path of authorized_keys file" >&2 + exit 1 +fi + if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then group="$(cut -d':' -f 1 "$__object/explorer/group")" if [ -z "$group" ]; then diff --git a/cdist/conf/type/__ssh_dot_ssh/explorer/group b/cdist/conf/type/__ssh_dot_ssh/explorer/group index cdea6fe7..faf44cb8 100755 --- a/cdist/conf/type/__ssh_dot_ssh/explorer/group +++ b/cdist/conf/type/__ssh_dot_ssh/explorer/group @@ -1,6 +1,7 @@ #!/bin/sh # # 2014 Steven Armstrong (steven-cdist at armstrong.cc) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -18,5 +19,11 @@ # along with cdist. If not, see . # -gid="$("$__type_explorer/passwd" | cut -d':' -f 4)" -getent group "$gid" || true +gid=$("$__type_explorer/passwd" | cut -d':' -f4) + +if command -v getent >/dev/null +then + getent group "$gid" || true +else + awk -F: "\$3 == \"$gid\" { print }" /etc/group +fi diff --git a/cdist/conf/type/__ssh_dot_ssh/explorer/passwd b/cdist/conf/type/__ssh_dot_ssh/explorer/passwd index 3fbad06f..42686b20 100755 --- a/cdist/conf/type/__ssh_dot_ssh/explorer/passwd +++ b/cdist/conf/type/__ssh_dot_ssh/explorer/passwd @@ -2,6 +2,7 @@ # # 2012 Steven Armstrong (steven-cdist at armstrong.cc) # 2014 Nico Schottelius (nico-cdist at schottelius.org) +# 2019 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) # # This file is part of cdist. # @@ -21,4 +22,16 @@ owner="$__object_id" -getent passwd "$owner" || true +if command -v getent >/dev/null +then + getent passwd "$owner" || true +else + case $owner in + [0-9][0-9]*) + awk -F: "\$3 == \"$owner\" { print }" /etc/passwd + ;; + *) + grep "^$owner:" /etc/passwd || true + ;; + esac +fi diff --git a/cdist/conf/type/__sysctl/manifest b/cdist/conf/type/__sysctl/manifest index b4e2e902..71dea7f7 100755 --- a/cdist/conf/type/__sysctl/manifest +++ b/cdist/conf/type/__sysctl/manifest @@ -2,6 +2,7 @@ # # 2014 Steven Armstrong (steven-cdist at armstrong.cc) # 2018 Takashi Yoshi (takashi at yoshi.email) +# 2019 Nico Schottelius (nico-cdist at schottelius.org) # # This file is part of cdist. # @@ -24,7 +25,7 @@ os=$(cat "$__global/explorer/os") case "$os" in # Linux - redhat|centos|ubuntu|debian|devuan|archlinux|coreos) + alpine|redhat|centos|ubuntu|debian|devuan|archlinux|coreos) : ;; # BSD diff --git a/cdist/conf/type/__user/explorer/group b/cdist/conf/type/__user/explorer/group index 2aae2973..0fd1471a 100755 --- a/cdist/conf/type/__user/explorer/group +++ b/cdist/conf/type/__user/explorer/group @@ -23,11 +23,9 @@ if [ -f "$__object/parameter/gid" ]; then gid=$(cat "$__object/parameter/gid") - getent=$(command -v getent) - if [ X != X"${getent}" ]; then - "${getent}" group "$gid" || true + if command -v getent >/dev/null; then + getent group "$gid" || true elif [ -f /etc/group ]; then grep -E "^(${gid}|([^:]+:){2}${gid}):" /etc/group || true fi fi - diff --git a/cdist/conf/type/__user/explorer/passwd b/cdist/conf/type/__user/explorer/passwd index 677e3ff0..b8391a6f 100755 --- a/cdist/conf/type/__user/explorer/passwd +++ b/cdist/conf/type/__user/explorer/passwd @@ -23,9 +23,8 @@ name=$__object_id -getent=$(command -v getent) -if [ X != X"${getent}" ]; then - "${getent}" passwd "$name" || true +if command -v getent >/dev/null; then + getent passwd "$name" || true elif [ -f /etc/passwd ]; then grep "^${name}:" /etc/passwd || true fi diff --git a/cdist/conf/type/__user/explorer/shadow b/cdist/conf/type/__user/explorer/shadow index c49992d5..73ce0e29 100755 --- a/cdist/conf/type/__user/explorer/shadow +++ b/cdist/conf/type/__user/explorer/shadow @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/sh -e # # 2011 Steven Armstrong (steven-cdist at armstrong.cc) # @@ -22,18 +22,19 @@ # name=$__object_id -os="$("$__explorer/os")" -# Default to using shadow passwords -database="shadow" -case "$os" in - "freebsd"|"netbsd"|"openbsd") database="passwd";; +case $("$__explorer/os") in + 'freebsd'|'netbsd'|'openbsd') + database='passwd' + ;; + # Default to using shadow passwords + *) + database='shadow' + ;; esac - -getent=$(command -v getent) -if [ X != X"${getent}" ]; then - "${getent}" "$database" "$name" || true +if command -v getent >/dev/null; then + getent "$database" "$name" || true elif [ -f /etc/shadow ]; then grep "^${name}:" /etc/shadow || true fi diff --git a/cdist/conf/type/__hostname/explorer/hostname_sysconfig b/cdist/conf/type/__xymon_apache/explorer/active-conf similarity index 75% rename from cdist/conf/type/__hostname/explorer/hostname_sysconfig rename to cdist/conf/type/__xymon_apache/explorer/active-conf index d0d7b4e7..bd281e21 100755 --- a/cdist/conf/type/__hostname/explorer/hostname_sysconfig +++ b/cdist/conf/type/__xymon_apache/explorer/active-conf @@ -1,6 +1,6 @@ -#!/bin/sh +#!/bin/sh -e # -# 2014 Nico Schottelius (nico-cdist at schottelius.org) +# 2018-2019 Thomas Eckert (tom at it-eckert.de) # # This file is part of cdist. # @@ -16,11 +16,7 @@ # # You should have received a copy of the GNU General Public License # along with cdist. If not, see . -# -# -# Retrieve the contents of /etc/hostname -# -if [ -f /etc/sysconfig/network ]; then - awk -F= '/^HOSTNAME=/ { print $2 }' /etc/sysconfig/network +if [ -d /etc/apache2/mods-enabled ]; then + ls -1 /etc/apache2/conf-enabled/ fi diff --git a/cdist/conf/type/__xymon_apache/explorer/active-modules b/cdist/conf/type/__xymon_apache/explorer/active-modules new file mode 100755 index 00000000..4c745ced --- /dev/null +++ b/cdist/conf/type/__xymon_apache/explorer/active-modules @@ -0,0 +1,5 @@ +#!/bin/sh -e + +if [ -d /etc/apache2/mods-enabled ]; then + /usr/sbin/apachectl -t -D DUMP_MODULES | awk '/.*_module/ { gsub(/_module.*$/, ""); gsub(/^ /, ""); print }' +fi diff --git a/cdist/conf/type/__xymon_apache/gencode-remote b/cdist/conf/type/__xymon_apache/gencode-remote new file mode 100755 index 00000000..e7d8e344 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/gencode-remote @@ -0,0 +1,56 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +if [ "$state" = "present" ]; then + if ! grep -q ^rewrite "$__object/explorer/active-modules"; then + echo "a2enmod rewrite >/dev/null" + echo "mod:rewrite enabled" >> "$__messages_out" + fi + if ! grep -q "^cgi$" "$__object/explorer/active-modules"; then + echo "a2enmod cgi >/dev/null" + echo "mod:cgi enabled" >> "$__messages_out" + fi + + if ! grep -q ^xymon.conf "$__object/explorer/active-conf"; then + echo "a2enconf xymon >/dev/null" + echo "conf:xymon enabled" >> "$__messages_out" + fi +fi + +if grep -q "^mod:.* enabled" "$__messages_out"; then + echo "systemctl restart apache2.service" + echo "apache restarted" >> "$__messages_out" +elif grep -q "^conf:xymon enabled" "$__messages_out"; then + echo "systemctl reload apache2.service" + echo "apache reloaded" >> "$__messages_out" +fi diff --git a/cdist/conf/type/__xymon_apache/man.rst b/cdist/conf/type/__xymon_apache/man.rst new file mode 100644 index 00000000..8358c821 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/man.rst @@ -0,0 +1,79 @@ +cdist-type__xymon_apache(7) +=========================== + +NAME +---- +cdist-type__xymon_apache - Configure apache2-webserver for Xymon + + +DESCRIPTION +----------- +This cdist type installs and configures apache2 to be used "exclusively" (in +the sense that no other use is taken care of) with Xymon (the systems and +network monitor). + +It depends on `__xymon_server`. + + +REQUIRED PARAMETERS +------------------- +None. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', defaults to 'present'. + +ipacl + IP(-ranges) that have access to the Xymon webpages and CGIs. Apache2-style + syntax suitable for `Require ip ...`. Example: `192.168.1.0/24 10.0.0.0/8` + + +MESSAGES +-------- +mod:rewrite enabled + apache module enabled +conf:xymon enabled + apache config for xymon enabled +apache restarted + apache2.service was reloaded +apache reloaded + apache2.service was restarted + + +EXPLORERS +--------- +active-conf + lists apache2 `conf-enabled` +active-modules + lists active apache2-modules + + +EXAMPLES +-------- + +.. code-block:: sh + + # minmal, only localhost-access: + __xymon_apache + # allow more IPs to access the Xymon-webinterface: + __xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" --state "present" + + +SEE ALSO +-------- +:strong:`cdist__xymon_server`\ (7) + + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_apache/manifest b/cdist/conf/type/__xymon_apache/manifest new file mode 100755 index 00000000..bfd0af79 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/manifest @@ -0,0 +1,42 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +__package apache2 --state "$state" + +## edit xymon.conf IP-ranges +if [ -f "$__object/parameter/ipacl" ]; then + require="__package/xymon" __line /etc/apache2/conf-available/xymon.conf \ + --line " Require ip $(cat "$__object/parameter/ipacl")" \ + --after "^[[:space:]]*Require local" \ + --state "present" +fi diff --git a/cdist/conf/type/__xymon_apache/parameter/default/state b/cdist/conf/type/__xymon_apache/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__xymon_apache/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__xymon_apache/parameter/optional b/cdist/conf/type/__xymon_apache/parameter/optional new file mode 100644 index 00000000..d374ec41 --- /dev/null +++ b/cdist/conf/type/__xymon_apache/parameter/optional @@ -0,0 +1,2 @@ +state +ipacl diff --git a/cdist/conf/type/__xymon_apache/singleton b/cdist/conf/type/__xymon_apache/singleton new file mode 100644 index 00000000..e69de29b diff --git a/cdist/conf/type/__xymon_client/gencode-remote b/cdist/conf/type/__xymon_client/gencode-remote new file mode 100755 index 00000000..49eed317 --- /dev/null +++ b/cdist/conf/type/__xymon_client/gencode-remote @@ -0,0 +1,28 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +servers=$(cat "$__object/parameter/servers") + +if grep -q ^__key_value/CLIENTHOSTNAME "$__messages_in" || grep -q ^__key_value/XYMONSERVERS "$__messages_in" ; then + echo "systemctl restart xymon-client" + echo "restarted" >> "$__messages_out" + cat <<-EOT + echo "xymon-client xymon-client/XYMONSERVERS string $servers" | debconf-set-selections + EOT +fi diff --git a/cdist/conf/type/__xymon_client/man.rst b/cdist/conf/type/__xymon_client/man.rst new file mode 100644 index 00000000..05d085dc --- /dev/null +++ b/cdist/conf/type/__xymon_client/man.rst @@ -0,0 +1,66 @@ +cdist-type__xymon_client(7) +=========================== + +NAME +---- +cdist-type__xymon_client - Install the Xymon client + + +DESCRIPTION +----------- +This cdist type installs the Xymon client and configures it to report with +FQDN. + + +REQUIRED PARAMETERS +------------------- +None. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', defaults to 'present'. + +servers + One or more IP addresses (space separated) of the Xymon server(s) to report + to. While DNS-names are ok it is discouraged, defaults to 127.0.0.1. + + +BOOLEAN PARAMETERS +------------------ +msgcache + Enable xymon `msgcache`. Note: XYMONSERVER has to be `127.0.0.1` for using + `msgcache` (see `msgcache (8)` of the xymon documentation for details). + +EXAMPLES +-------- + +.. code-block:: sh + + # minimal, report to 127.0.0.1 + __xymon_client + + # specify server: + __xymon_client --servers "192.168.1.1" + + # activate `msgcache` for passive client: + __xymon_client --msgcache + + +SEE ALSO +-------- +:strong:`cdist__xymon_server`\ (7), :strong:`xymon`\ (7), :strong:`msgcache`\ (8) + + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_client/manifest b/cdist/conf/type/__xymon_client/manifest new file mode 100755 index 00000000..88293a12 --- /dev/null +++ b/cdist/conf/type/__xymon_client/manifest @@ -0,0 +1,54 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") +servers=$(cat "$__object/parameter/servers") + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +__package xymon-client --state "$state" + +if [ -f "$__object/parameter/msgcache" ]; then + require="__package/xymon-client" __line /etc/xymon/clientlaunch.cfg \ + --regex DISABLED --state absent +fi + +require="__package/xymon-client" __key_value CLIENTHOSTNAME \ + --file /etc/default/xymon-client \ + --value "'$__target_hostname'" \ + --delimiter '=' \ + --state "$state" +require="__package/xymon-client" __key_value XYMONSERVERS \ + --file /etc/default/xymon-client \ + --value "'$servers'" \ + --delimiter '=' \ + --state "$state" + +## CLI-usage often requires a shell: +require="__package/xymon-client" __user xymon --shell "/bin/bash" --state "$state" diff --git a/cdist/conf/type/__xymon_client/parameter/boolean b/cdist/conf/type/__xymon_client/parameter/boolean new file mode 100644 index 00000000..0dd7839d --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/boolean @@ -0,0 +1 @@ +msgcache diff --git a/cdist/conf/type/__xymon_client/parameter/default/servers b/cdist/conf/type/__xymon_client/parameter/default/servers new file mode 100644 index 00000000..7b9ad531 --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/default/servers @@ -0,0 +1 @@ +127.0.0.1 diff --git a/cdist/conf/type/__xymon_client/parameter/default/state b/cdist/conf/type/__xymon_client/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__xymon_client/parameter/optional b/cdist/conf/type/__xymon_client/parameter/optional new file mode 100644 index 00000000..7c34489a --- /dev/null +++ b/cdist/conf/type/__xymon_client/parameter/optional @@ -0,0 +1,2 @@ +state +servers diff --git a/cdist/conf/type/__xymon_client/singleton b/cdist/conf/type/__xymon_client/singleton new file mode 100644 index 00000000..e69de29b diff --git a/cdist/conf/type/__xymon_config/files/.keep b/cdist/conf/type/__xymon_config/files/.keep new file mode 100644 index 00000000..e69de29b diff --git a/cdist/conf/type/__xymon_config/gencode-remote b/cdist/conf/type/__xymon_config/gencode-remote new file mode 100644 index 00000000..b25a0fda --- /dev/null +++ b/cdist/conf/type/__xymon_config/gencode-remote @@ -0,0 +1,23 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +## to speed up config-reload we send a HUP to the server process: +cat <<-EOT + pkill -HUP xymond || { echo "HUPing xymond failed" >&2; exit 1; } +EOT diff --git a/cdist/conf/type/__xymon_config/man.rst b/cdist/conf/type/__xymon_config/man.rst new file mode 100644 index 00000000..8adfbe1f --- /dev/null +++ b/cdist/conf/type/__xymon_config/man.rst @@ -0,0 +1,78 @@ +cdist-type__xymon_config(7) +=========================== + +NAME +---- +cdist-type__xymon_config - Deploy a Xymon configuration-directory + + +DESCRIPTION +----------- +This cdist type deploys a full Xymon configuration directory from the files-dir +to the host. This type requires an installed Xymon server, e.g. deployed by +`__xymon_server`. + +WARNING: This type _replaces_ the `/etc/xymon/`-directory! The previous +contents is replaced/deleted! + + +REQUIRED PARAMETERS +------------------- +confdir + The directory in `./files/` that contains the `/etc/xymon/`-content to be + deployed. + + +OPTIONAL PARAMETERS +------------------- +owner + passed as-is as `--owner` to `__rsync` + +group + passed as-is as `--group` to `__rsync` + + +OPTIONAL MULTIPLE PARAMETERS +---------------------------- +rsync-opts + identical to __rsync type, only `--`-options are supported + + +REQUIRED FILES +-------------- +The directory specified by `confdir` has to contain a valid xymon-configuration +(`/etc/xymon/`) _plus_ the `ext/`-directory that normally resides in +`/usr/lib/xymon/server/`. + + +EXAMPLES +-------- + +.. code-block:: sh + + __xymon_config --confdir=xymon.example.com + # this will replace /etc/xymon/ on the target host with + # the contents from __xymon_config/files/xymon.example.com/ + + ## the same but set ownership to `xymon:xymon` and exclude + ## the `netrc`-file: + __xymon_config --confdir=xymon.example.com \ + --owner xymon --group xymon \ + --rsync-opts "exclude=netrc" + + +SEE ALSO +-------- +:strong:`cdist__xymon_server`\ (7), :strong:`cdist__rsync`\ (7), :strong:`xymon`\ (7) + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_config/manifest b/cdist/conf/type/__xymon_config/manifest new file mode 100644 index 00000000..4a5fb6c9 --- /dev/null +++ b/cdist/conf/type/__xymon_config/manifest @@ -0,0 +1,43 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +confdir=$(cat "$__object/parameter/confdir") +set -- +if [ -f "$__object/parameter/owner" ]; then + owner=$(cat "$__object/parameter/owner") + set -- "$@" "--owner $owner" +fi +if [ -f "$__object/parameter/group" ]; then + group=$(cat "$__object/parameter/group") + set -- "$@" "--group $group" +fi + +## pass `--rsync-opts` as-is to `__rsync`: +if [ -f "$__object/parameter/rsync-opts" ]; then + while read -r opts; do + # shellcheck disable=SC2089 + set -- "$@" "--rsync-opts '$opts'" + done < "$__object/parameter/rsync-opts" +fi + +# shellcheck disable=SC2068,SC2090 +__rsync /etc/xymon/ \ + --source "$__type/files/$confdir/" \ + --rsync-opts "delete" \ + $@ diff --git a/cdist/conf/type/__xymon_config/parameter/optional b/cdist/conf/type/__xymon_config/parameter/optional new file mode 100644 index 00000000..866b4bde --- /dev/null +++ b/cdist/conf/type/__xymon_config/parameter/optional @@ -0,0 +1,2 @@ +owner +group diff --git a/cdist/conf/type/__xymon_config/parameter/optional_multiple b/cdist/conf/type/__xymon_config/parameter/optional_multiple new file mode 100644 index 00000000..fdb7cd88 --- /dev/null +++ b/cdist/conf/type/__xymon_config/parameter/optional_multiple @@ -0,0 +1 @@ +rsync-opts diff --git a/cdist/conf/type/__xymon_config/parameter/required b/cdist/conf/type/__xymon_config/parameter/required new file mode 100644 index 00000000..43222f13 --- /dev/null +++ b/cdist/conf/type/__xymon_config/parameter/required @@ -0,0 +1 @@ +confdir diff --git a/cdist/conf/type/__xymon_config/singleton b/cdist/conf/type/__xymon_config/singleton new file mode 100644 index 00000000..e69de29b diff --git a/cdist/conf/type/__xymon_server/gencode-remote b/cdist/conf/type/__xymon_server/gencode-remote new file mode 100755 index 00000000..0770e319 --- /dev/null +++ b/cdist/conf/type/__xymon_server/gencode-remote @@ -0,0 +1,26 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +## "move" user-modified dirs to /etc/xymon to be managed by __xymon_config: +cat <<-EOT + if [ ! -L /usr/lib/xymon/server/ext ]; then + mv /usr/lib/xymon/server/ext /etc/xymon + ln -s /etc/xymon/ext /usr/lib/xymon/server/ + fi +EOT diff --git a/cdist/conf/type/__xymon_server/man.rst b/cdist/conf/type/__xymon_server/man.rst new file mode 100644 index 00000000..a9a180e1 --- /dev/null +++ b/cdist/conf/type/__xymon_server/man.rst @@ -0,0 +1,87 @@ +cdist-type__xymon_server(7) +=========================== + +NAME +---- +cdist-type__xymon_server - Install a Xymon server + + +DESCRIPTION +----------- +This cdist type installs a Xymon (https://www.xymon.com/) server and (optional) +required helper packages. + +This includes the Xymon client as a dependency, so NO NEED to install +`__xymon_client` separately. + +To access the webinterface a webserver is required. The cdist-type +`__xymon_apache` can be used to install and configure the apache webserver for +the use with Xymon. + +Further and day-to-day configuration of Xymon can either be done manually in +`/etc/xymon/` or the directory can be deployed and managed by `__xymon_config`. + + +REQUIRED PARAMETERS +------------------- +None. + + +OPTIONAL PARAMETERS +------------------- +state + 'present', 'absent', defaults to 'present'. If '--install_helpers' is + specified for 'absent' the helper packages will be un-installed. + + +BOOLEAN PARAMETERS +------------------ +install_helpers + Install helper packages used by Xymon (fping, heirloom-mailx, traceroute, + ntpdate). + + +EXAMPLES +-------- + +.. code-block:: sh + + # minmal + __xymon_server + + # the same + __xymon_server --state present + + # also install helper packages: + __xymon_server --install_helpers + + # examples to give a more complete picture: __xymon_server installed on + # `xymon.example.com` w/ IP 192.168.1.1: + # + # install webserver and grant 2 private subnets access to the webinterface: + __xymon_apache --ipacl "192.168.0.0/16 10.0.0.0/8" + # deploy server-configuration with __xymon_config: + __xymon_config --confdir=xymon.example.com + + # install xymon-client on other machines (not needed on the server): + __xymon_client --servers "192.168.1.1" + + + +SEE ALSO +-------- +:strong:`cdist__xymon_apache`\ (7), :strong:`cdist__xymon_config`\ (7), +:strong:`cdist__xymon_client`\ (7), :strong:`xymon`\ (7) + + +AUTHORS +------- +Thomas Eckert + + +COPYING +------- +Copyright \(C) 2018-2019 Thomas Eckert. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. diff --git a/cdist/conf/type/__xymon_server/manifest b/cdist/conf/type/__xymon_server/manifest new file mode 100755 index 00000000..7cee0d23 --- /dev/null +++ b/cdist/conf/type/__xymon_server/manifest @@ -0,0 +1,50 @@ +#!/bin/sh -e +# +# 2018-2019 Thomas Eckert (tom at it-eckert.de) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . + +state=$(cat "$__object/parameter/state") +if [ -f "$__object/parameter/install_helpers" ]; then + install_helpers=1 +else + install_helpers=0 +fi + +os=$(cat "$__global/explorer/os") +case "$os" in + debian|ubuntu) + : + ;; + *) + echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2 + echo "Please contribute an implementation for it if you can." >&2 + exit 1 + ;; +esac + +__package xymon --state "$state" + +## install helper-packages/tools used by the xymon server if requested: +if [ "$install_helpers" = "1" ]; then + __package fping --state "$state" + __package heirloom-mailx --state "$state" + __package traceroute --state "$state" + __package ntpdate --state "$state" +fi + +## CLI-usage often requires a shell: +require="__package/xymon" __user xymon --shell "/bin/bash" --state "$state" diff --git a/cdist/conf/type/__xymon_server/parameter/boolean b/cdist/conf/type/__xymon_server/parameter/boolean new file mode 100644 index 00000000..56ebcb2c --- /dev/null +++ b/cdist/conf/type/__xymon_server/parameter/boolean @@ -0,0 +1 @@ +install_helpers diff --git a/cdist/conf/type/__xymon_server/parameter/default/state b/cdist/conf/type/__xymon_server/parameter/default/state new file mode 100644 index 00000000..e7f6134f --- /dev/null +++ b/cdist/conf/type/__xymon_server/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/cdist/conf/type/__xymon_server/parameter/optional b/cdist/conf/type/__xymon_server/parameter/optional new file mode 100644 index 00000000..ff72b5c7 --- /dev/null +++ b/cdist/conf/type/__xymon_server/parameter/optional @@ -0,0 +1 @@ +state diff --git a/cdist/conf/type/__xymon_server/singleton b/cdist/conf/type/__xymon_server/singleton new file mode 100644 index 00000000..e69de29b diff --git a/cdist/config.py b/cdist/config.py index 30117382..26d07fc4 100644 --- a/cdist/config.py +++ b/cdist/config.py @@ -758,8 +758,29 @@ class Config(object): ("The requirements of the following objects could not be " "resolved:\n%s") % ("\n".join(info_string))) + def _handle_deprecation(self, cdist_object): + cdist_type = cdist_object.cdist_type + deprecated = cdist_type.deprecated + if deprecated is not None: + if deprecated: + self.log.warning("Type %s is deprecated: %s", cdist_type.name, + deprecated) + else: + self.log.warning("Type %s is deprecated.", cdist_type.name) + for param in cdist_object.parameters: + if param in cdist_type.deprecated_parameters: + msg = cdist_type.deprecated_parameters[param] + if msg: + format = "%s parameter of type %s is deprecated: %s" + args = [param, cdist_type.name, msg] + else: + format = "%s parameter of type %s is deprecated." + args = [param, cdist_type.name] + self.log.warning(format, *args) + def object_prepare(self, cdist_object, transfer_type_explorers=True): """Prepare object: Run type explorer + manifest""" + self._handle_deprecation(cdist_object) self.log.verbose("Preparing object {}".format(cdist_object.name)) self.log.verbose( "Running manifest and explorers for " + cdist_object.name) diff --git a/cdist/core/cdist_type.py b/cdist/core/cdist_type.py index 99e40e70..4500f50d 100644 --- a/cdist/core/cdist_type.py +++ b/cdist/core/cdist_type.py @@ -69,6 +69,7 @@ class CdistType(object): self.__optional_multiple_parameters = None self.__boolean_parameters = None self.__parameter_defaults = None + self.__deprecated_parameters = None def __hash__(self): return hash(self.name) @@ -133,6 +134,17 @@ class CdistType(object): cannot run in parallel.""" return os.path.isfile(os.path.join(self.absolute_path, "nonparallel")) + @property + def deprecated(self): + """Get type deprecation message. If message is None then type + is not deprecated.""" + deprecated_path = os.path.join(self.absolute_path, "deprecated") + try: + with open(deprecated_path, 'r') as f: + return f.read() + except FileNotFoundError: + return None + @property def explorers(self): """Return a list of available explorers""" @@ -264,3 +276,23 @@ class CdistType(object): finally: self.__parameter_defaults = defaults return self.__parameter_defaults + + @property + def deprecated_parameters(self): + if not self.__deprecated_parameters: + deprecated = {} + try: + deprecated_dir = os.path.join(self.absolute_path, + "parameter", + "deprecated") + for name in cdist.core.listdir(deprecated_dir): + try: + with open(os.path.join(deprecated_dir, name)) as fd: + deprecated[name] = fd.read().strip() + except EnvironmentError: + pass # Swallow errors raised by open() or read() + except EnvironmentError: + pass # Swallow error raised by os.listdir() + finally: + self.__deprecated_parameters = deprecated + return self.__deprecated_parameters diff --git a/cdist/preos.py b/cdist/preos.py new file mode 100644 index 00000000..46b45554 --- /dev/null +++ b/cdist/preos.py @@ -0,0 +1,101 @@ +import os +import os.path +import sys +import inspect +import argparse +import cdist +import logging + + +_PREOS_CALL = "commandline" +_PREOS_NAME = "_preos_name" +_PREOS_MARKER = "_cdist_preos" +_PLUGINS_DIR = "preos" +_PLUGINS_PATH = [os.path.join(os.path.dirname(__file__), _PLUGINS_DIR), ] +cdist_home = cdist.home_dir() +if cdist_home: + cdist_home_preos = os.path.join(cdist_home, "preos") + if os.path.isdir(cdist_home_preos): + _PLUGINS_PATH.append(cdist_home_preos) +sys.path.extend(_PLUGINS_PATH) + + +log = logging.getLogger("PreOS") + + +def preos_plugin(obj): + """It is preos if _PREOS_MARKER is True and has _PREOS_CALL.""" + if hasattr(obj, _PREOS_MARKER): + is_preos = getattr(obj, _PREOS_MARKER) + else: + is_preos = False + + if is_preos and hasattr(obj, _PREOS_CALL): + yield obj + + +def scan_preos_dir_plugins(dir): + for fname in os.listdir(dir): + if os.path.isfile(os.path.join(dir, fname)): + fname = os.path.splitext(fname)[0] + module_name = fname + try: + module = __import__(module_name) + yield from preos_plugin(module) + clsmembers = inspect.getmembers(module, inspect.isclass) + for cm in clsmembers: + c = cm[1] + yield from preos_plugin(c) + except ImportError as e: + log.warning("Cannot import '{}': {}".format(module_name, e)) + + +def find_preos_plugins(): + for dir in _PLUGINS_PATH: + yield from scan_preos_dir_plugins(dir) + + +def find_preoses(): + preoses = {} + for preos in find_preos_plugins(): + if hasattr(preos, _PREOS_NAME): + preos_name = getattr(preos, _PREOS_NAME) + else: + preos_name = preos.__name__.lower() + preoses[preos_name] = preos + return preoses + + +def check_root(): + if os.geteuid() != 0: + raise cdist.Error("Must be run with root privileges") + + +class PreOS(object): + preoses = None + + @classmethod + def commandline(cls, argv): + + if not cls.preoses: + cls.preoses = find_preoses() + + parser = argparse.ArgumentParser( + description="Create PreOS", prog="cdist preos") + parser.add_argument('preos', help='PreOS to create, one of: {}'.format( + set(cls.preoses))) + args = parser.parse_args(argv[1:2]) + + preos_name = args.preos + if preos_name in cls.preoses: + preos = cls.preoses[preos_name] + func = getattr(preos, _PREOS_CALL) + if inspect.ismodule(preos): + func_args = [preos, argv[2:], ] + else: + func_args = [argv[2:], ] + log.info("Running preos : {}".format(preos_name)) + func(*func_args) + else: + log.error("Unknown preos: {}, available preoses: {}".format( + preos_name, set(cls.preoses.keys()))) diff --git a/cdist/preos/debootstrap/__init__.py b/cdist/preos/debootstrap/__init__.py new file mode 100644 index 00000000..6d340b4a --- /dev/null +++ b/cdist/preos/debootstrap/__init__.py @@ -0,0 +1 @@ +from debootstrap.debootstrap import Debian, Ubuntu, Devuan diff --git a/cdist/preos/debootstrap/debootstrap.py b/cdist/preos/debootstrap/debootstrap.py new file mode 100644 index 00000000..f53dd4a7 --- /dev/null +++ b/cdist/preos/debootstrap/debootstrap.py @@ -0,0 +1,239 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- +# +# 2016 Darko Poljak (darko.poljak at ungleich.ch) +# +# This file is part of cdist. +# +# cdist is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cdist is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cdist. If not, see . +# +# + +import cdist +import cdist.config +import cdist.core +import cdist.preos +import argparse +import cdist.argparse +import logging +import os +import subprocess + + +class Debian(object): + _preos_name = 'debian' + _cdist_preos = True + + _files_dir = os.path.join(os.path.dirname(__file__), "files") + + @classmethod + def default_args(cls): + default_remote_exec = os.path.join(cls._files_dir, "remote-exec.sh") + default_remote_copy = os.path.join(cls._files_dir, "remote-copy.sh") + default_init_manifest = os.path.join( + cls._files_dir, "init-manifest-{}".format(cls._preos_name)) + + defargs = argparse.Namespace() + defargs.arch = 'amd64' + defargs.bootstrap = False + defargs.configure = False + defargs.cdist_params = '-v' + defargs.rm_bootstrap_dir = False + defargs.suite = 'stable' + defargs.remote_exec = default_remote_exec + defargs.remote_copy = default_remote_copy + defargs.manifest = default_init_manifest + + return defargs + + @classmethod + def get_parser(cls): + defargs = cls.default_args() + cdist_parser = cdist.argparse.get_parsers() + parser = argparse.ArgumentParser( + prog='cdist preos {}'.format(cls._preos_name), + parents=[cdist_parser['loglevel'], cdist_parser['beta']]) + parser.add_argument('target_dir', nargs=1, + help=("target directory where PreOS will be " + "bootstrapped")) + parser.add_argument( + '-a', '--arch', + help="target debootstrap architecture, by default '{}'".format( + defargs.arch), dest='arch', default=defargs.arch) + parser.add_argument( + '-B', '--bootstrap', + help='do bootstrap step', + dest='bootstrap', action='store_true', default=defargs.bootstrap) + parser.add_argument( + '-C', '--configure', + help='do configure step', + dest='configure', action='store_true', default=defargs.configure) + parser.add_argument( + '-c', '--cdist-params', + help=("parameters that will be passed to cdist config, by default" + " '{}' is used".format(defargs.cdist_params)), + dest='cdist_params', default=defargs.cdist_params) + parser.add_argument( + '-D', '--drive-boot', + help='create bootable PreOS on specified drive', + dest='drive') + parser.add_argument( + '-e', '--remote-exec', + help=("remote exec that cdist config will use, by default " + "internal script is used"), + dest='remote_exec', default=defargs.remote_exec) + parser.add_argument( + '-i', '--init-manifest', + help=("init manifest that cdist config will use, by default " + "internal init manifest is used"), + dest='manifest', default=defargs.manifest) + parser.add_argument( + '-k', '--keyfile', action="append", + help=("ssh key files that will be added to cdist config; " + "'__ssh_authorized_keys root ...' type is appended to " + "initial manifest"), + dest='keyfile') + parser.add_argument( + '-m', '--mirror', + help='use specified mirror for debootstrap', + dest='mirror') + parser.add_argument( + '-P', '--root-password', + help='Set specified password for root, generated by default', + dest='root_password') + parser.add_argument('-p', '--pxe-boot-dir', help='PXE boot directory', + dest='pxe_boot_dir') + parser.add_argument( + '-r', '--rm-bootstrap-dir', + help='remove target directory after finishing', + dest='rm_bootstrap_dir', action='store_true', + default=defargs.rm_bootstrap_dir) + parser.add_argument( + '-S', '--script', + help='use specified script for debootstrap', + dest='script') + parser.add_argument('-s', '--suite', + help="suite used for debootstrap, " + "by default '{}'".format(defargs.suite), + dest='suite', default=defargs.suite) + parser.add_argument( + '-y', '--remote-copy', + help=("remote copy that cdist config will use, by default " + "internal script is used"), + dest='remote_copy', default=defargs.remote_copy) + parser.epilog = cdist.argparse.EPILOG + + return parser + + @classmethod + def update_env(cls, env): + pass + + @classmethod + def commandline(cls, argv): + log = logging.getLogger(cls.__name__) + + parser = cls.get_parser() + args = parser.parse_args(argv) + if args.script and not args.mirror: + raise cdist.Error("script option cannot be used without " + "mirror option") + + args.command = cls._preos_name + cdist.argparse.check_beta(vars(args)) + + cdist.preos.check_root() + + args.target_dir = os.path.realpath(args.target_dir[0]) + args.os = cls._preos_name + args.remote_exec = os.path.realpath(args.remote_exec) + args.remote_copy = os.path.realpath(args.remote_copy) + args.manifest = os.path.realpath(args.manifest) + if args.keyfile: + new_keyfile = [os.path.realpath(x) for x in args.keyfile] + args.keyfile = new_keyfile + if args.pxe_boot_dir: + args.pxe_boot_dir = os.path.realpath(args.pxe_boot_dir) + + cdist.argparse.handle_loglevel(args) + log.debug("preos: {}, args: {}".format(cls._preos_name, args)) + try: + env = vars(args) + new_env = {} + for key in env: + if key == 'verbose' and env[key]: + if env[key] >= 3: + new_env['debug'] = "yes" + elif env[key] == 2: + new_env['verbose'] = "yes" + elif not env[key]: + new_env[key] = '' + elif isinstance(env[key], bool) and env[key]: + new_env[key] = "yes" + elif isinstance(env[key], list): + val = env[key] + new_env[key + "_cnt"] = str(len(val)) + for i, v in enumerate(val): + new_env[key + "_" + str(i)] = v + else: + new_env[key] = str(env[key]) + env = new_env + env.update(os.environ) + cls.update_env(env) + log.debug("preos: {} env: {}".format(cls._preos_name, env)) + cmd = os.path.join(cls._files_dir, "code") + info_msg = ["Running preos: {}, suite: {}, arch: {}".format( + cls._preos_name, args.suite, args.arch), ] + if args.mirror: + info_msg.append("mirror: {}".format(args.mirror)) + if args.script: + info_msg.append("script: {}".format(args.script)) + if args.bootstrap: + info_msg.append("bootstrapping") + if args.configure: + info_msg.append("configuring") + if args.pxe_boot_dir: + info_msg.append("creating PXE") + if args.drive: + info_msg.append("creating bootable drive") + log.info(info_msg) + log.debug("cmd={}".format(cmd)) + subprocess.check_call(cmd, env=env, shell=True) + except subprocess.CalledProcessError as e: + log.error("preos {} failed: {}".format(cls._preos_name, e)) + + +class Ubuntu(Debian): + _preos_name = "ubuntu" + + @classmethod + def default_args(cls): + defargs = super().default_args() + defargs.suite = 'xenial' + return defargs + + +class Devuan(Debian): + _preos_name = "devuan" + + @classmethod + def default_args(cls): + defargs = super().default_args() + defargs.suite = 'jessie' + return defargs + + @classmethod + def update_env(cls, env): + env['DEBOOTSTRAP_DIR'] = os.path.join(cls._files_dir, + 'devuan-debootstrap') diff --git a/cdist/preos/debootstrap/files/code b/cdist/preos/debootstrap/files/code new file mode 100755 index 00000000..9e37003b --- /dev/null +++ b/cdist/preos/debootstrap/files/code @@ -0,0 +1,274 @@ +#!/bin/sh +## +## 2016 Darko Poljak (darko.poljak at ungleich.ch) +## +## This file is part of cdist. +## +## cdist is free software: you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation, either version 3 of the License, or +## (at your option) any later version. +## +## cdist is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with cdist. If not, see . + +set -e + +if [ "${debug}" ] +then + set -x + cdist_params="${cdist_params} -d" +fi + +bootstrap_dir="${target_dir}" + +case "${os}" in + ubuntu|debian|devuan) + # nothing, those are valid values + ;; + *) + echo "ERROR: invalid os value: ${os}" >&2 + exit 1 + ;; +esac + +check_bootstrap_dir() { + if [ ! -e "$1" ] + then + echo "ERROR: bootstrap directory $1 does not exist" >&2 + exit 1 + fi +} + +# bootstrap +if [ "${bootstrap}" ] +then + if [ "${DEBOOTSTRAP_DIR}" ] + then + debootstrap_cmd="${DEBOOTSTRAP_DIR}/debootstrap" + else + command -v debootstrap 2>&1 > /dev/null || { + echo "ERROR: debootstrap not found" >&2 + exit 1 + } + debootstrap_cmd="debootstrap" + fi + + # If PreOS on drive then do not check for directory emptiness. + # Partition can at least contain 'lost+found' directory. + if [ ! "${drive}" ] + then + if [ -e "${bootstrap_dir}" ] + then + dir_content=$(ls -A "${bootstrap_dir}" | wc -l) + else + dir_content=0 + fi + if [ "${dir_content}" -ne 0 ] + then + echo "ERROR: "${bootstrap_dir}" not empty " >&2 + exit 1 + fi + fi + + if [ "${verbose}" -o "${debug}" ] + then + echo "bootstrapping..." + fi + mkdir -p "${bootstrap_dir}" + "${debootstrap_cmd}" --include=openssh-server --arch=${arch} ${suite} ${bootstrap_dir} \ + ${mirror} ${script} + if [ "${verbose}" -o "${debug}" ] + then + echo "bootstrap finished" + fi +fi + +chroot_mount() { + mount -t proc none "${bootstrap_dir}/proc" || true + mount -t sysfs none "${bootstrap_dir}/sys" || true + mount -o bind /dev "${bootstrap_dir}/dev" || true + mount -t devpts none "${bootstrap_dir}/dev/pts" || true +} + +chroot_umount() { + umount "${bootstrap_dir}/dev/pts" || true + umount "${bootstrap_dir}/dev" || true + umount "${bootstrap_dir}/sys" || true + umount "${bootstrap_dir}/proc" || true +} + +TRAPFUNC="umount \"${bootstrap_dir}/dev/pts\" || true; \ +umount \"${bootstrap_dir}/dev\" || true; \ +umount \"${bootstrap_dir}/sys\" || true; \ +umount \"${bootstrap_dir}/proc\" || true;" + +# config +if [ "${configure}" ] +then + if [ ! -f "${manifest}" ] + then + echo "ERROR: ${manifest} does not exist" >&2 + exit 1 + fi + if [ ! -f "${remote_exec}" ] + then + echo "ERROR: ${remote_exec} does not exist" >&2 + exit 1 + fi + if [ ! -f "${remote_copy}" ] + then + echo "ERROR: ${remote_copy} does not exist" >&2 + exit 1 + fi + + if [ "${keyfile_cnt}" -a "${keyfile_cnt}" -gt 0 ] + then + i="$((keyfile_cnt - 1))" + keyfiles="" + while [ "${i}" -ge 0 ] + do + kf_var="keyfile_${i}" + eval kf='$'"${kf_var}" + if [ ! -f "${kf}" ] + then + echo "ERROR: ${kf} does not exist" >&2 + exit 1 + fi + key=$(cat "${kf}") + keyfiles="${keyfiles} --key '${key}'" + i=$((i - 1)) + done + ssh_auth_keys_line="__ssh_authorized_keys root ${keyfiles}\n" + else + ssh_auth_keys_line="" + fi + + check_bootstrap_dir "${bootstrap_dir}" + + if [ "${verbose}" -o "${debug}" ] + then + echo "configuring..." + fi + + trap "${TRAPFUNC}" 0 1 2 3 15 + + chroot_mount + + chroot "${bootstrap_dir}" /usr/bin/apt-get update + + if [ "${drive}" ] + then + grub_manifest_line="__package grub-pc --state present\n" + grub_kern_params_line="__line linux_kernel_params \ +--file /etc/default/grub \ +--line 'GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash net.ifnames=0\"'\n" + else + grub_manifest_line="" + grub_kern_params_line="" + fi + grub_lines="${grub_manifest_line}${grub_kern_params_line}" + + printf "${ssh_auth_keys_line}${grub_lines}" \ + | cat "${manifest}" - |\ + cdist config \ + ${cdist_params} -i - \ + --remote-exec "${remote_exec}" \ + --remote-copy "${remote_copy}" \ + "${bootstrap_dir}" + + # __hostname with systmed uses hostnamectl which needs dbus running + # set hostname explicitly here instead + printf "preos\n" > "${bootstrap_dir}/etc/hostname" + + chroot "${bootstrap_dir}" /usr/bin/apt-get autoclean + chroot "${bootstrap_dir}" /usr/bin/apt-get clean + chroot "${bootstrap_dir}" /usr/bin/apt-get autoremove + + chroot_umount + + trap - 0 1 2 3 15 + + if [ "${verbose}" -o "${debug}" ] + then + echo "configuring finished" + fi +fi + +if [ "${pxe_boot_dir}" ] +then + check_bootstrap_dir "${bootstrap_dir}" + + if [ "${verbose}" -o "${debug}" ] + then + echo "creating pxe..." + fi + + mkdir -p "${pxe_boot_dir}" + cp "${bootstrap_dir}"/boot/vmlinuz-* "${pxe_boot_dir}/kernel" + cd "${bootstrap_dir}" + find . -print0 | cpio --null -o --format=newc | gzip -9 > "${pxe_boot_dir}/initramfs" + + mkdir -p "${pxe_boot_dir}/pxelinux.cfg" + cat < "${pxe_boot_dir}/pxelinux.cfg/default" + DEFAULT preos + LABEL preos + KERNEL kernel + APPEND utf8 load_ramdisk=1 root=/dev/ram nofb initrd=initramfs console=ttyS1,115200 net.ifnames=0 +EOPXEF + + cp "${bootstrap_dir}/usr/lib/PXELINUX/pxelinux.0" "${pxe_boot_dir}/pxelinux.0" + cp "${bootstrap_dir}/usr/lib/syslinux/modules/bios/ldlinux.c32" \ + "${pxe_boot_dir}/ldlinux.c32" + # network boot need all files world readable + chmod -R 644 "${pxe_boot_dir}"/* + + if [ "${verbose}" -o "${debug}" ] + then + echo "pxe creation finished" + fi +fi + +if [ "${drive}" ] +then + trap "${TRAPFUNC}" 0 1 2 3 15 + chroot_mount + chroot "${bootstrap_dir}" grub-install ${drive} + chroot "${bootstrap_dir}" /bin/sh -c "GRUB_DISABLE_OS_PROBER=true update-grub" + # set root password + if [ ! "${root_password}" ] + then + if ! which strings >/dev/null 2>&1 + then + printf "strings is missing\n" >&2 + exit 1 + fi + root_password="$(head -n 1000 /dev/urandom | strings | \ + grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n')" + printf "Generated root password (without quotes):'${root_password}'\n" + fi + chroot "${bootstrap_dir}" /bin/sh -c "echo \"root:${root_password}\" | \ + chpasswd" + # /etc/securetty must not be world writeable. + chmod 644 "${bootstrap_dir}"/etc/securetty + chroot_umount + trap - 0 1 2 3 15 +fi + +if [ "${rm_bootstrap_dir}" ] +then + if [ "${verbose}" -o "${debug}" ] + then + echo "removing bootstrap dir..." + fi + rm -r -f "${bootstrap_dir}" + if [ "${verbose}" -o "${debug}" ] + then + echo "removing bootstrap dir finished" + fi +fi diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/Makefile b/cdist/preos/debootstrap/files/devuan-debootstrap/Makefile new file mode 100644 index 00000000..85168031 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/Makefile @@ -0,0 +1,18 @@ +# avoid dpkg-dev dependency; fish out the version with sed +VERSION := $(shell sed 's/.*(\(.*\)).*/\1/; q' debian/changelog) + +all: + +clean: + +DSDIR=$(DESTDIR)/usr/share/debootstrap +install: + mkdir -p $(DSDIR)/scripts + mkdir -p $(DESTDIR)/usr/sbin + + cp -a scripts/* $(DSDIR)/scripts/ + install -o root -g root -m 0644 functions $(DSDIR)/ + + sed 's/@VERSION@/$(VERSION)/g' debootstrap >$(DESTDIR)/usr/sbin/debootstrap + chown root:root $(DESTDIR)/usr/sbin/debootstrap + chmod 0755 $(DESTDIR)/usr/sbin/debootstrap diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/README b/cdist/preos/debootstrap/files/devuan-debootstrap/README new file mode 100644 index 00000000..4d8c3049 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/README @@ -0,0 +1,65 @@ +README for debootstrap +====================== + +See the manpage for (some) documentation. + +Running debootstrap from source +------------------------------- + +You can run debootstrap from its source tree without installing it. This +can be useful if you want a quick way to make a Debian chroot on another +system, or if you are testing modifications to debootstrap. + +First, get the source. + +* Either by using git + git clone https://anonscm.debian.org/git/d-i/debootstrap.git + +* Or by visiting + and downloading the tar.gz file + +Then in the debootstrap source directory: + + export DEBOOTSTRAP_DIR=`pwd` + sudo ./debootstrap stable my-stable-dir + +If you are running a multi-stage boot strap (for example for a QEMU +rootfs) you don't even need root: + + export DEBOOTSTRAP_DIR=`pwd` + fakeroot ./debootstrap --foreign --arch=armhf testing my-testing-dir http://deb.debian.org/debian + +Of course you will need to execute the second stage as root to finish the bootstrap: + + (on foreign hardware) + /debootstrap/debootstrap --second-stage + + +Future +------ + + * Cross-strap support - so you can bootstrap a filesystem to the + point where it will successfully boot, and finish installing itself + without having to be running the target architecture or OS yourself. + + debootstrap --arch powerpc sarge ./sarge-ppc-chroot ... + + on an i386 system, boot a powerpc box with sarge-ppc-chroot as its + root files system, and have it "work". The cross-hurd package does + something similar, and should be replaced by this feature. + + * There should be some (better) way of telling debootstrap what "base" + packages you want to install -- this varies between making a chroot, + doing an install, and doing a buildd. Also, some installs want + different base packages (to setup networking, or kernels, eg) + + +NMUing +------ + +If there's a problem with debootstrap that you need fixed, feel free to do +an NMU to fix it. Usual rules: try not to break anything, and mail the +patch to the BTS. Don't worry about asking first though. + +However, note that debootstrap is now team maintained. Anyone in d-i can do +a release without the bother of a NMU. diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/TODO b/cdist/preos/debootstrap/files/devuan-debootstrap/TODO new file mode 100644 index 00000000..e5fde0e4 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/TODO @@ -0,0 +1,11 @@ + +Features: + ++ second stage via chroot debootstrap/debootstrap + ++ debootstrap/deb file to record deb destinations/information + + -- configuration file + -- versus command line + -- support for sources (vs mirrors) + -- faux-pinning for packages + + ++ makedev in second stage diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/.gitignore b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/.gitignore new file mode 100644 index 00000000..39638d97 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/.gitignore @@ -0,0 +1,6 @@ +debootstrap +debootstrap-udeb +files +*.debhelper.log +*.substvars + diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/README.DevuanSource b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/README.DevuanSource new file mode 100644 index 00000000..6446a088 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/README.DevuanSource @@ -0,0 +1,15 @@ +To sync up with debians source for inspiration you should run the following: + + `git remote add alioth-git git://anonscm.debian.org/d-i/debootstrap.git` + `git fetch alioth-git` + +After that you can either cherry-pick or merge releases from debian. To +merge a release, it's do: + `git tag` to list the release tags +and + `git merge ` +followed by all the fixups and then commit with an appropriate message like + "Merging Release from debian" + +Copyright 2016 Daniel Reurich + diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/changelog b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/changelog new file mode 100644 index 00000000..8688197d --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/changelog @@ -0,0 +1,2655 @@ +debootstrap (1.0.87+devuan1.1) unstable; urgency=medium + + * add git to builddeps + + -- Daniel Reurich Fri, 13 Jan 2017 23:12:50 +1300 + +debootstrap (1.0.87+devuan1.0) unstable; urgency=high + + [ Julien Cristau ] + * Default to split /usr again, as merged-/usr breaks dpkg-shlibdeps + (closes: #844221). + + [ Riku Voipio ] + * remove scratchbox2 support (closes: #796189) + + -- Christian Perrier Wed, 16 Nov 2016 06:47:27 +0100 + +debootstrap (1.0.86+devuan1.0) unstable; urgency=high + + [ Daniel Reurich ] + * Restore Devuan Jessie version + * switch to 3.0 (git) source format + * set git-depth + * Add directions for inspiration from debians source + * removed file so we can build using git source format + * merge 1.0.86 for jessie + + -- Daniel Reurich Fri, 13 Jan 2017 15:58:19 +1300 + +debootstrap (1.0.86) unstable; urgency=high + + * Rework split_inline_sig by using shell built-ins instead of trying to + mix sed and tr together, which might work on regular systems but not + from inside the Debian Installer (Closes: #842591). Thanks to Ansgar + Burchardt for the proof of concept! + + -- Cyril Brulebois Sun, 30 Oct 2016 23:35:45 +0100 + +debootstrap (1.0.85-1+devuan1) unstable; urgency=medium + + * sync with debian upstream package + * add right keyrings with the new schema on devuan-keyring package + + -- Franco (nextime) Lanza Sat, 29 Oct 2016 23:21:57 +0200 + + +debootstrap (1.0.85) unstable; urgency=medium + + [ Julien Cristau ] + * Add support for downloading and validating InRelease files, by splitting + up detached signature from signed data. + * Switch default mirror to deb.debian.org. + + [ Colin Watson ] + * Add (Ubuntu) zesty as a symlink to gutsy. + + [ Ansgar Burchardt ] + * Add jessie-kfreebsd to merged-/usr blacklist. + * No longer Build-Depend on makedev. The code using it was already + removed in debootstrap 1.0.82. + * Do not use `tar -k` for older releases which might have file + conflicts between the packages to be installed. (Closes: #838388) + * Error out when seeing short options. (Closes: #548880) + * Add oldoldstable -> sid script symlink. (Closes: #792734) + * Add buster -> sid and bullseye -> sid script symlinks. + * Only unpack and configure the base system when there are actually + packages to install. (Closes: #825034) + * debootstrap.8: Use stretch instead of wheezy in examples. + + [ Marco d'Itri ] + * Enable merged-/usr by default. (Closes: #839046) + + -- Julien Cristau Fri, 21 Oct 2016 20:22:49 +0200 + +debootstrap (1.0.84) unstable; urgency=medium + + [ Ansgar Burchardt ] + * Add support for xz-compressed Packages indices. (Closes: #837649) + + -- Christian Perrier Thu, 06 Oct 2016 06:59:38 +0200 + +debootstrap (1.0.83) unstable; urgency=medium + + [ Ansgar Burchardt ] + * functions: Validate that the requested suite is listed in the + Release file's Suite or Codename field. (Closes: #837075) + * Add support for merged-/usr, enabled by a new --merged-usr option. + (Closes: #810301) + * Feign install of dpkg in second stage. This avoids problems when + using dpkg-deb together with busybox' tar. (Closes: #837185) + * README: Use https://. + + [ Steve McIntyre ] + * Update Standards-Version to 3.9.8 (no changes needed) + + -- Steve McIntyre <93sam@debian.org> Tue, 13 Sep 2016 13:16:41 +0100 + +debootstrap (1.0.82) unstable; urgency=medium + + [ Alex Bennée ] + * Excise all devices.tar.gz code. Closes: #830869 + + -- Christian Perrier Thu, 08 Sep 2016 07:09:56 +0200 + +debootstrap (1.0.81) unstable; urgency=medium + + [ Luca Falavigna ] + * Add (Ubuntu) yakkety as a symlink to gutsy. + + -- Christian Perrier Tue, 03 May 2016 06:51:57 +0200 + +debootstrap (1.0.80-1+devuan1) unstable; urgency=medium + + * sync with debian upstream package. + + -- Franco (nextime) Lanza Sun, 24 Apr 2016 06:16:29 +0200 + +debootstrap (1.0.80) unstable; urgency=medium + + [ Jon Boden ] + * scripts/gutsy: Support kfreebsd & hurd arches on Ubuntu targets + (closes: #818748) + + -- Christian Perrier Tue, 22 Mar 2016 19:27:45 +0100 + +debootstrap (1.0.79) unstable; urgency=medium + + [ Samuel Thibault ] + * hurd: move setting up dev and servers firmlink to setup_proc stage. Also + firmlink proc there. Thanks Gabriele Giacone for all the investigation! + (Closes: #768102) + + -- Christian Perrier Fri, 19 Feb 2016 07:23:59 +0100 + +debootstrap (1.0.78+nmu1) unstable; urgency=medium + + * Non-maintainer upload. + * Split setup_devices in setup_devices (which now only deals with static + device nodes) and setup_dynamic_devices, and move the calls to + setup_devices from the beginning of the second stage to the end of the + first stage. + setup_dynamic_devices mounts the appropriate filesystems which provide + dynamic device nodes for the architectures which need one in + debootstrap (kfreebsd and hurd). + This fixes a bug in --second-stage introduced in 1.0.34 and exposed + by the devices-related changes of 1.0.76: the second stage debootstrap + runs "dpkg --print-architecture >/dev/null" at the very beginning of + the program when /dev is still empty, so it creates an empty regular + file in place of /dev/null and this will cause mknod to fail later. + (Closes: #813232) + + -- Marco d'Itri Wed, 17 Feb 2016 01:23:23 +0100 + +debootstrap (1.0.78) unstable; urgency=high + + * Use HTTPS for Vcs-* URLs, and link to cgit rather than gitweb. + * Don't call mknod with the --mode option, it's not supported in + busybox. Use -m instead - fixes the broken fix for #812811. + Closes: #813124. Urgency high to get this fix propagated quickly - + it's breaking d-i installs right now. Adding myself to uploaders and + uploading. + + -- Steve McIntyre <93sam@debian.org> Fri, 29 Jan 2016 16:36:00 +0000 + +debootstrap (1.0.77) unstable; urgency=medium + + [ Marco d'Itri ] + * Fix permissions on device nodes (Closes: #812811). + + -- Cyril Brulebois Wed, 27 Jan 2016 20:22:05 +0100 + +debootstrap (1.0.76) unstable; urgency=medium + + [ Marco d'Itri ] + * Stop creating useless device nodes (Closes: #571136). + + -- Cyril Brulebois Sun, 24 Jan 2016 08:55:18 +0100 + +debootstrap (1.0.75-1+devuan1) unstable; urgency=medium + + * sync with debian upstream package + + -- Franco (nextime) Lanza Wed, 02 Dec 2015 04:05:36 +0100 + +debootstrap (1.0.75) unstable; urgency=medium + + * Stop cleaning KEEP_DEBOOTSTRAP_DIR twice, as spotted by Chris Lamb + (Closes: #804415). + * Add Tanglu support (Closes: #771687), thanks to Matthias Klumpp. At + the moment, the following extra suites are recognized: + - aequorea + - bartholomea + - chromodoris + - dasyatis + + -- Cyril Brulebois Wed, 11 Nov 2015 18:49:28 +0100 + +debootstrap (1.0.74) unstable; urgency=medium + + [ Colin Watson ] + * Add (Ubuntu) xenial as a symlink to gutsy. + + -- Christian Perrier Tue, 03 Nov 2015 07:09:23 +0100 + +debootstrap (1.0.73) unstable; urgency=medium + + * Generate a deburis file with (package, version, uri) tuples, similar + to the existing debpaths. + + -- Cyril Brulebois Thu, 22 Oct 2015 12:43:35 +0200 + +debootstrap (1.0.72-1+devuan1) unstable; urgency=medium + + * Rebase on debian 1.0.70 debootstrap version + * Added Daniel Reurich in Uploaders + * Integrating Daniel Reurich patches for d-i + * Updated manpage with Daniel Reurich changes + + -- Franco (nextime) Lanza Thu, 21 May 2015 05:45:36 +0200 + +debootstrap (1.0.72) unstable; urgency=medium + + [ Iain Lane ] + * Add (Ubuntu) wily as a symlink to gutsy (closes: #787117). + + [ Colin Watson ] + * Fix resolve_deps and setup_available to work in the --foreign case + (closes: #757819, LP: #1450980). + + -- Colin Watson Tue, 28 Jul 2015 14:32:19 +0100 + +debootstrap (1.0.71-1+devuan1) unstable; urgency=medium + + * make devuan-baseconf and devuan-keyring requireds packages + * make sure we have sysvinit-core and not systemd in the chroot + + -- Franco (nextime) Lanza Fri, 01 May 2015 02:13:04 +0200 + +debootstrap (1.0.71) unstable; urgency=medium + + * Adjust sed call to render it more portable (missing ';'), making it + work with FreeBSD sed. Thanks to Nikolai Lifanov for the report and + the patch (Closes: #791802). + + -- Cyril Brulebois Fri, 10 Jul 2015 01:29:52 +0200 + +debootstrap (1.0.70-1+devuan1) unstable; urgency=medium + + * Debianization of debootstrap. + * added ceres script and link jessie and ascii to it + + -- Franco (nextime) Lanza Sat, 11 Apr 2015 08:03:36 +0200 + +debootstrap (1.0.70) unstable; urgency=medium + + * Use tr instead of (missing in d-i) xargs (Closes: #785693). Thanks, + Julian Schauder! + + -- Cyril Brulebois Tue, 19 May 2015 11:38:27 +0200 + +debootstrap (1.0.69-1+devuan1) unstable; urgency=medium + + * Fix package description. + + -- Franco (nextime) Lanza Sat, 07 Mar 2015 21:31:07 +0100 + +debootstrap (1.0.69) unstable; urgency=medium + + [ Cyril Brulebois ] + * Make sure to deduplicate package list in download_release to avoid + issues while counting downloaded packages. The failure path could lead + to printing some strange integer (Closes: #709751, #768445, #785276, + #774752). + This was reported to mostly happen whenever --no-resolve-deps is used. + * Add support for --force-check-gpg so that one can programmatically + make sure keyring checks are used and that no fallback to an https + mirror happens (Closes: #661501, #733179, #775454). + * Switch default mirror from ftp.us.debian.org to the new, official + http redirector service: httpredir.debian.org + * Make it possible to override the MAKEDEV variable (Closes: #734743). + Thanks, Wookey! + + [ Christian Perrier ] + * Update Standards to 3.9.6 (checked) + + -- Christian Perrier Mon, 18 May 2015 14:07:43 +0200 + +debootstrap (1.0.68-2+devuan1) unstable; urgency=medium + + * Added missing symlink. + + -- Franco (nextime) Lanza Sat, 07 Mar 2015 21:18:26 +0100 + +debootstrap (1.0.68-1+devuan1) unstable; urgency=medium + + * Added script for ascii. + + -- Franco (nextime) Lanza Sat, 07 Mar 2015 11:47:02 +0100 +debootstrap (1.0.68) unstable; urgency=medium + + [ Steven Chamberlain ] + * Support the jessie-kfreebsd suite, by using the same script as + jessie (a symlink to sid) (Closes: #784927). + + -- Christian Perrier Mon, 11 May 2015 07:46:19 +0200 + +debootstrap (1.0.67-1+devuan2) unstable; urgency=medium + + * Switch to quilt format + + -- Franco (nextime) Lanza Tue, 03 Mar 2015 07:44:11 +0100 + +debootstrap (1.0.67+devuan1) unstable; urgency=medium + + * Applied init freedom patch (debian bug 668001) + * moved to devuan + + -- Franco (nextime) Lanza Tue, 03 Mar 2015 07:09:36 +0100 + +debootstrap (1.0.67) unstable; urgency=medium + + [ Cyril Brulebois ] + * Apply patch by Jérémy Bobbio to support reproducible builds: specify + a modification time on the tar side, and add the -n option to gzip + (Closes: #774069). Thanks, Jérémy! + * Update setup_apt_sources to look at USE_COMPONENTS if COMPONENTS is + empty, fixing the empty sources.list bug with foreign architectures + (Closes: #732255, #773867). + + -- Christian Perrier Wed, 14 Jan 2015 07:03:17 +0100 + +debootstrap (1.0.66) unstable; urgency=low + + [ Cyril Brulebois ] + * Specify gzip compression in debian/source/options to allow for better + portability on other platforms (Closes: #770214). Thanks, Joey Hess! + * Specify gzip compression for debootstrap, and xz for debootstrap-udeb, + to mitigate the need for xz on non-Debian platforms (see: #770217). + + -- Christian Perrier Mon, 24 Nov 2014 09:15:50 +0100 + +debootstrap (1.0.65) unstable; urgency=medium + + [ Julien Cristau ] + * Add support for stretch. + + -- Christian Perrier Mon, 10 Nov 2014 09:24:56 +0100 + +debootstrap (1.0.64) unstable; urgency=medium + + * Add (Ubuntu) vivid as a symlink to gutsy. + + -- Colin Watson Mon, 20 Oct 2014 16:48:49 +0100 + +debootstrap (1.0.63) unstable; urgency=medium + + [ Joey Hess ] + * Move set -e out of shebang line. Closes: #762713 + + -- Christian Perrier Thu, 25 Sep 2014 06:44:16 +0200 + +debootstrap (1.0.62) unstable; urgency=medium + + [ Cyril Brulebois ] + * Fix reporting of package version in retrieval and validation steps + to cope with epochs. + + -- Christian Perrier Mon, 15 Sep 2014 11:40:54 +0200 + +debootstrap (1.0.61) unstable; urgency=medium + + * Fix "possibly the package $pkg is at fault" warnings to account for + changed error output in dpkg 1.17.2. + + -- Colin Watson Sun, 31 Aug 2014 22:07:49 +0100 + +debootstrap (1.0.60) unstable; urgency=medium + + [ Adam Conrad ] + * Add (Ubuntu) utopic as a symlink to gutsy. + + [ Guillem Jover ] + * Sync deb support with latest dpkg-deb (closes: #739136): + - Add uncompressed data.tar deb member support. + - Add uncompressed and xz control.tar deb member support. + + -- Colin Watson Tue, 06 May 2014 09:37:34 +0100 + +debootstrap (1.0.59) unstable; urgency=medium + + * Install ca-certificates as well as apt-transport-https for HTTPS + installations. This makes it possible to copy certificates that were + built into the installer to /usr/local/share/ca-certificates/ and thus + have them continue to be trusted after installation. + + -- Colin Watson Thu, 13 Feb 2014 13:42:54 +0000 + +debootstrap (1.0.58) unstable; urgency=medium + + * Policy version 3.9.5: no changes required. + * Install apt-transport-https if installing from an HTTPS mirror + (LP: #1135163). It may still be necessary to copy certificates into + place, but there's at least a reasonable chance that somebody installing + from HTTPS may want to keep using it, and we have to install + apt-transport-https at this point otherwise they won't be able to do + that end-to-end. + + -- Colin Watson Tue, 11 Feb 2014 17:46:41 +0000 + +debootstrap (1.0.57) unstable; urgency=medium + + * pkgdetails_perl: Only interpret percentages following whitespace, to + cope with GNU wget outputting the local file name (which may contain "%" + due to URL-encoding) after it finishes the download (LP: #1172101). + + -- Colin Watson Fri, 07 Feb 2014 16:12:23 +0000 + +debootstrap (1.0.56) unstable; urgency=low + + [ Tollef Fog Heen ] + * Install base-passwd and base-files in two calls rather than one to + avoid problems with home-built media with different ordering in + Packages. Thanks to Jo Shields for pointing this out and providing + the workaround. Closes: #601670. LP: #1001131. + + [ Joey Hess ] + * When deboostrapping Debian, and the debian-archive-keyring is not + available, switch the default mirror to a https url. This way at + least the CA level of security is available even for users who + have no way to check gpg keys in the WoT. The https mirror is + currently https://mirrors.kernel.org/debian. + * Avoid writing https urls into sources.list, as apt does not support https. + + -- Christian Perrier Mon, 30 Dec 2013 08:00:41 +0100 + +debootstrap (1.0.55) unstable; urgency=low + + [ Matthias Klose ] + * Add (Ubuntu) trusty as a symlink to gutsy. + + -- Christian Perrier Tue, 22 Oct 2013 13:43:23 +0200 + +debootstrap (1.0.53) unstable; urgency=low + + [ Dmitrijs Ledkovs ] + * Set debian source format to '3.0 (native)'. + * Bump debhelper compat level to 9. + * Set Vcs-* to canonical format. + + [ Christian Perrier ] + * Update Standards to 3.9.4 (checked) + + -- Christian Perrier Sun, 14 Jul 2013 13:06:33 +0200 + +debootstrap (1.0.52) unstable; urgency=low + + * scripts/gutsy: Make the fake initctl pass through "initctl version" + calls, used by such things as invoke-rc.d to figure out whether it's + running under Upstart (LP: #1182540). + * scripts/sid, scripts/gutsy: Add a policy-rc.d, matching that in + debian-installer-utils. This is the primary way to disable daemon + startup. + + -- Colin Watson Wed, 22 May 2013 16:55:59 +0100 + +debootstrap (1.0.51) unstable; urgency=low + + [ Scott Kitterman ] + * Add (Ubuntu) saucy as a symlink to gutsy (closes: #706989). + + [ Colin Watson ] + * Clarify location of pkgdetails.c in error message (closes: #708771). + * Resolve mount point symlinks relative to the target chroot before + unmounting them (closes: #702861, #703037, #704744). + + -- Colin Watson Sat, 18 May 2013 23:18:08 +0100 + +debootstrap (1.0.50) unstable; urgency=low + + [ Hector Oron ] + * Report package version information on package retrieve and validation. + Closes: #697675 + + -- Christian Perrier Fri, 17 May 2013 13:34:34 +0200 + +debootstrap (1.0.49) unstable; urgency=medium + + * Add support for jessie. Closes: #706788 + + -- Joey Hess Sat, 04 May 2013 23:37:52 -0400 + +debootstrap (1.0.48) unstable; urgency=low + + * Team upload + + [ Julien Cristau ] + * Disable InRelease support. gpgv won't give us back the signed data, and + full gpg is not available inside d-i (closes: #703889). + * Move extract_release_components to after signature verification. + Suggested by Ansgar Burchardt. + + -- Didier Raboud Thu, 04 Apr 2013 16:17:57 +0200 + +debootstrap (1.0.47) unstable; urgency=low + + * Team upload + * Properly decrypt the InRelease file when downloading from an archive + where InRelease is used. This longstanding bug was masked by former + APT behaviour and was revealed only with recent APT versions + Closes: #703146 + Thanks to Michael Vogt for the analysis and patch + * Add a dependency on gpg because of the above change. + + -- Christian Perrier Wed, 20 Mar 2013 21:34:29 +0100 + +debootstrap (1.0.46) unstable; urgency=low + + * Team upload. + * Use `which` to find out sh only if /bin/sh does not exist. + + -- Samuel Thibault Thu, 27 Dec 2012 15:47:16 +0100 + +debootstrap (1.0.45) unstable; urgency=low + + [ Joey Hess ] + * Better support use on Android by not hardcoding /bin/sh + in a test file that's created, and instead putting in the + actual path to sh. Closes: #694310 Thanks, Shawn Landden + + -- Christian Perrier Sat, 22 Dec 2012 12:56:32 +0100 + +debootstrap (1.0.44) unstable; urgency=low + + * Remove double quotes to fix for loop on GNU/kFreeBSD, thanks to + Oleg Ginzburg (Closes: #693718). + + -- Cyril Brulebois Tue, 20 Nov 2012 23:55:53 +0100 + +debootstrap (1.0.43) unstable; urgency=low + + [ Joey Hess ] + * Fix "arc" typo. Closes: #686680 + + [ Colin Watson ] + * Add (Ubuntu) raring as a symlink to gutsy. + + [ Christian Perrier ] + * Add myself to Uploaders and drop Anthony Towns who is no + longer active in debootstrap maintenance for a few years. Thanks + for your work, Anthony. + * Bump Standards to 3.9.3 (checked) + * Replace XC-Package-Type by Package-Type in debian/control + + -- Christian Perrier Sat, 27 Oct 2012 12:46:46 +0200 + +debootstrap (1.0.42) unstable; urgency=low + + * Downgrade the absence of an InRelease file from a warning to an info + message. For now, debootstrap can cope fine without, and it's possible + there are Debian mirrors that don't have InRelease; Ubuntu doesn't quite + have InRelease support yet either (LP: #1017398). + + -- Colin Watson Tue, 03 Jul 2012 15:34:57 +0100 + +debootstrap (1.0.41) unstable; urgency=low + + [ Mehdi Dogguy ] + * Add support for InRelease files (Closes: #638682) + + -- Joey Hess Thu, 21 Jun 2012 13:16:22 -0400 + +debootstrap (1.0.40) unstable; urgency=low + + [ Joey Hess ] + * When installation or configuration of a package fails, output a message + that points the user to the log file. Attempt to grep out the first + package that dpkg failed on and show its name too. Closes: #472704 + + [ Colin Watson ] + * Add (Ubuntu) quantal as a symlink to gutsy. + + -- Colin Watson Thu, 26 Apr 2012 17:44:44 +0100 + +debootstrap (1.0.39) unstable; urgency=low + + * Retry corrupted downloads rather than carrying on almost regardless. + Patch mostly due to Michael Gilbert, rearranged somewhat by me (closes: + #618920). + * Stop at the end of the retrieval phase if any packages failed to + download. + + -- Colin Watson Tue, 13 Mar 2012 17:21:13 +0000 + +debootstrap (1.0.38) unstable; urgency=low + + [ Joey Hess ] + * Improve error message when a decompressor is not available, + to indicate which package has been built with bzip today. + Closes: #644719 + + [ Otavio Salvador ] + * Fix --print-debs support when using --foreign param. Closes: + #551837. + + [ Colin Watson ] + * pkgdetails_perl: Use the last of a sequence of stanzas for the same + package name, rather than the first (closes: #649319). + + -- Colin Watson Mon, 21 Nov 2011 13:20:53 +0000 + +debootstrap (1.0.37) unstable; urgency=low + + * Add (Ubuntu) precise as a symlink to gutsy. + + -- Colin Watson Wed, 05 Oct 2011 21:58:37 +0100 + +debootstrap (1.0.36) unstable; urgency=low + + * Guess host OS based on uname for non-Debian systems. Closes: #637363 + * Clarify "target" in usage message. + * Fix support for running debootstrap on a FreeBSD host to create a kFreeBSD + chroot or jail. Thanks, Arno Toell. + * Search PATH for programs, rather than checking hardcoded locations. + * Support using md5 and shaN programs, as found on FreeBSD, in addition + to md5sum and shaNsum. + * When FreeBSD (not kfreebsd) is the host, don't chroot to mount special + filesystems. + * When debootstrapping on FreeBSD, warn if necessary modules are not + loaded. Thanks, Arno Toell. + * Workaround for umount bug #634107, which broke pbuilder and "debootstrap ." + Closes: #631087 + + -- Joey Hess Sun, 21 Aug 2011 18:39:26 -0400 + +debootstrap (1.0.35) unstable; urgency=low + + [ Robert Millan ] + * Don't build devices.tar.gz if building on GNU/kFreeBSD (closes: + #637297). + * Don't use --arch when we specifically care about the host architecture + (closes: #637298). + + -- Colin Watson Wed, 10 Aug 2011 13:04:41 +0100 + +debootstrap (1.0.34) unstable; urgency=low + + * Add more information regarding the version and architecture in case + a download fails. Closes: #633625. + * add /usr/sbin and /sbin to PATH for fakechroot variant. Closes: + #588773 + * Move setup_devices to second stage of bootstrap. Closes: #498731, + #531316 + + -- Otavio Salvador Thu, 28 Jul 2011 19:13:10 +0200 + +debootstrap (1.0.33) unstable; urgency=low + + [ Joey Hess ] + * Mention minbase variant in --help. Closes: #632418 + * Use md5sums for sarge, which did not consistently have sha1sums + everywhere. Closes: #633158 + + [ Colin Watson ] + * Improve text of error message when decompression command is not + available. + + -- Otavio Salvador Sun, 24 Jul 2011 10:33:56 +0200 + +debootstrap (1.0.32) unstable; urgency=low + + * Use md5sums for woody and potato, which only had those checksums + in the Packages files. Closes: #627365 + + -- Joey Hess Mon, 30 May 2011 13:57:46 -0400 + +debootstrap (1.0.31) unstable; urgency=low + + [ Mark Hymers ] + * Don't use the Build-Essential: yes field in Debian, use the + build-essential package. Closes: #619700. + + [ Colin Watson ] + * If ubuntu-keyring is installed, check Release signatures against it when + bootstrapping Ubuntu gutsy and later. + * Recommend ubuntu-keyring rather than debian-archive-keyring on + Ubuntu-derived systems. + + -- Colin Watson Fri, 20 May 2011 09:45:48 +0100 + +debootstrap (1.0.30) unstable; urgency=low + + [ Joey Hess ] + * Recommend debian-archive-keyring, and if it is installed, + default to checking gpg signatures of the Release file against it + when bootstrapping sid, squeeze, wheezy, etch, and lenny. + Closes: #560038 + * Add --no-check-gpg option that can be used to disable release file + verification. Closes: #624229 + * Needs base-installer 1.117. + * Add a warning message if the keyring file is not available, and + --no-check-gpg is not specified. + * Clear all global variables used for options, so that unclean + environment doesn't break debootstrap. Closes: #621657 + * Removed the --boot-floppies switch and mode. Assuming this has + not been used in 10 years. + + [ Colin Watson ] + * Resolve dependencies from all requested components (LP: #740167). + + -- Joey Hess Tue, 26 Apr 2011 17:10:00 -0400 + +debootstrap (1.0.29) unstable; urgency=low + + [ Joey Hess ] + * Support bootstrapping oldstable. (Lenny could already be bootstrapped + using that suite name.) + + [ Colin Watson ] + * Add (Ubuntu) oneiric as a symlink to gutsy. + + -- Colin Watson Tue, 22 Mar 2011 10:58:49 +0000 + +debootstrap (1.0.28) unstable; urgency=low + + [ Miguel Figueiredo ] + * Fix for ar usage, thanks to Guillem Jover. Closes: #598729 + + [ Joey Hess ] + * Remove 5 second sleeps when debootstrap finds additional required + dependencies. d-i just got that much faster. + * Use SHA checksums. Defaulting to SHA256, and configurable by + SHA_SIZE environment variable. Closes: #614315 + * If a sha256sum program is not available, fall back to sha1sum. + This is to support debootstrap use on embedded systems, which are more + likely to have the latter. + * Avoid new(?) warning from dpkg about missing Maintainer field when + feigning install of a package. + + -- Joey Hess Mon, 21 Feb 2011 20:48:46 -0400 + +debootstrap (1.0.27) unstable; urgency=low + + [ Miguel Figueiredo ] + * Fix bug and typo on --private-key + Patch by Jonathan Klee. + + [ Jeremie Koenig ] + * Hurd support: + - Use the newer setup-translators script and firmlink + $TARGET/{dev,servers} in setup_devices_hurd; + - Don't attempt to build devices.tar.gz, which is not needed. + + -- Otavio Salvador Mon, 07 Feb 2011 19:40:24 -0200 + +debootstrap (1.0.26) unstable; urgency=low + + [ Christian Perrier ] + * Consistently use tab indenting in scripts/gutsy and scripts/sid + Patch by Karl Goetz. Closes: #601821 + * Fix a typo in the debootstrap script + Patch by Karl Goetz. Closes: #601822 + + [ Joey Hess ] + * sid: Remove old workaround for etch era coreutils/textutils md5sum + diversion problem. (#329394) + + -- Otavio Salvador Fri, 12 Nov 2010 10:07:41 -0200 + +debootstrap (1.0.25) unstable; urgency=low + + * Remove debug statement that slipped in. + * Add test to guard against devices.tar.gz being empty. + * /dev/MAKEDEV cannot be relied on (udev likes to make it a symlink to + true). Always use /sbin/MAKEDEV. Closes: #598080 + + -- Joey Hess Sun, 26 Sep 2010 13:18:31 -0400 + +debootstrap (1.0.24) unstable; urgency=low + + [ Miguel Figueiredo ] + * Apply patches from by Jonathan Klee and Guillaume Chauvel + to add support to https (closes: #521196). + + [ Colin Watson ] + * Add (Ubuntu) natty as a symlink to gutsy. + + [ Joey Hess ] + * Add support for wheezy. Closes: #597461 + + -- Joey Hess Sun, 19 Sep 2010 21:40:00 -0400 + +debootstrap (1.0.23) unstable; urgency=low + + * Add (Ubuntu) maverick as a symlink to gutsy. + * Add ${misc:Depends}. + + -- Colin Watson Wed, 19 May 2010 13:35:34 +0100 + +debootstrap (1.0.22) unstable; urgency=low + + * Redo release since it ended up with testing directory in tar.gz. + + -- Otavio Salvador Mon, 22 Feb 2010 16:52:49 -0300 + +debootstrap (1.0.21) unstable; urgency=low + + [ Otavio Salvador ] + * Apply patch from Clint Adams to add support for + gz/bz2/xz data.tar (closes: #458663). + + [ Guillem Jover ] + * Refactor deb extractors into two new functions. + * Use dpkg-deb if available instead of ar (closes: #557296). + * Add an --extractor option to override the automatic extractor selection. + + [ Otavio Salvador ] + * Document new --extractor option in manpage. + * Apply patch from Vagrant Cascadian not + fail if resolv.conf is a broken symlink (closes: #390647). + + [ Frans Pop ] + * Use tab indentation in scripts/debian/sid to reduce its size (relevant + for Debian Installer). + * Add apt to base packages for the buildd variant as it is no longer marked + Build-Essential. + + [ Otavio Salvador ] + * Apply patch from Andres Salomon to honor + --components when using mirror_style 'main' (closes: #561283). + * Apply patch from Andres Salomon to fix + iteration through components in download_main (closes: #561298). + + [ Joey Hess ] + * Allow the suite to be stable, testing, or unstable when debootstrapping + Debian. Closes: #288109 + * Make scripts directory in source tree look like installed directory, + and add a section to README explaining an easy way to run + debootstrap w/o installing it. Closes: #345762 + * Convert rules file to use dh with overrides. + * Remove binary-basedebs target from debian/rules. + This target has been broken in multiple ways since 2007. While I + accidentially partially fixed it with the above changes, this is evidence + it's dead code that can be safely removed. + + -- Otavio Salvador Sun, 21 Feb 2010 23:11:06 -0300 + +debootstrap (1.0.20) unstable; urgency=low + + * For recent Ubuntu versions, move $TARGET/sbin/initctl aside in the same + way we do start-stop-daemon, so that attempts to control Upstart jobs + won't inadvertently affect jobs in the host system. + * Rename EXAMPLE section in debootstrap(8) to EXAMPLES (closes: #548458). + + -- Colin Watson Sun, 04 Oct 2009 21:23:07 +0100 + +debootstrap (1.0.19) unstable; urgency=low + + * Ignore failures from dpkg --predep-package. It exits 1 if there are no + suitable packages available, which isn't an error for us, but in_target + complains anyway, so just use in_target_nofail; the termination + condition is handled immediately afterwards anyway. + + -- Colin Watson Thu, 24 Sep 2009 19:57:05 +0100 + +debootstrap (1.0.18) unstable; urgency=low + + * Only use dpkg from the chroot, as there is no guarantee dpkg is + available outside of the chroot (d-i installation for example). + + -- Aurelien Jarno Wed, 23 Sep 2009 11:37:01 +0200 + +debootstrap (1.0.17) unstable; urgency=low + + * Remove boneheaded use of sudo left over from testing (closes: #547949). + + -- Colin Watson Tue, 22 Sep 2009 20:10:19 +0100 + +debootstrap (1.0.16) unstable; urgency=low + + [ Colin Watson ] + * Cope with pre-dependencies of included packages that aren't in Priority: + required (closes: #487908). + * Upgrade to debhelper v7. (Override rules get pretty hairy for this + package, so I haven't switched to dh(1).) + * Use ports.ubuntu.com as default mirror on sparc for Ubuntu hardy and + beyond (LP: #431145). + * Add (Ubuntu) lucid as a symlink to gutsy. + + [ Frans Pop ] + * Makefile: remove unused ARCH variable. + + -- Colin Watson Mon, 21 Sep 2009 16:28:40 +0100 + +debootstrap (1.0.15) unstable; urgency=low + + * On Linux, clear out /etc/mtab on exit if it's not a symlink. Should fix + problems Wouter Verhelst and Martin Michlmayr are seeing with + initramfs-tools MODULES=dep, although it probably isn't a perfect + solution. + + -- Colin Watson Thu, 23 Jul 2009 16:45:00 +0100 + +debootstrap (1.0.14) unstable; urgency=low + + * Apply patch from Felix Zielcke to use "dpkg + --print-architecture" to avoid deprecation warning. Closes: #531680. + * Reference squeeze instead of sarge in manpage. Based on a patch from + Geoff Simmons . Closes: #534575. + * Apply patch from Riku Voipio to add support for + scratchbox variant. Closes: #536820. + + -- Otavio Salvador Wed, 22 Jul 2009 12:34:54 -0300 + +debootstrap (1.0.13) unstable; urgency=low + + [ Otavio Salvador ] + * Apply patch from Luca Favatella to improve + coding style. + + [ Colin Watson ] + * Add (Ubuntu) karmic as a symlink to gutsy. + + -- Colin Watson Fri, 24 Apr 2009 20:08:24 +0100 + +debootstrap (1.0.12) unstable; urgency=low + + [ Otavio Salvador ] + * Improve code to choose between libc packages. Thanks to Luca Favatella + for first version of the patch. + + [ Colin Watson ] + * Remove partial support for emitting translated progress messages with + gettext. Don't panic; d-i still has all the support necessary for this. + debootstrap's own support for doing this outside d-i with gettext's + shell bindings has been completely broken ever since it was added in + 2003, though, and nobody has complained. Fixing it would require a big + pile of infrastructure and some non-trivial patches, plus arranging to + copy all the translations over from base-installer, and it just doesn't + seem worth it, so lose the cruft (LP: #188690). + * Export PATH, just to make sure. It isn't necessarily exported by shells + running from init=/bin/sh or similar, and the upstream bash maintainer + is unwilling to export it by default; it's easy enough to do so here + (LP: #320188). + + -- Colin Watson Tue, 17 Mar 2009 16:38:46 +0000 + +debootstrap (1.0.11) unstable; urgency=low + + * Add (Ubuntu) jaunty as a symlink to gutsy. + * Clarify that --second-stage is needed to complete the bootstrapping + process after --foreign. + * Fix --make-tarball= option (closes: #484869). + * Fix old Debian scripts and all Ubuntu scripts to cope with Anthony's + change in 1.0.8 to make --second-stage not bother recalculating required + and base. + * Rename 'repeat' to 'repeatn', since 'repeat' is a reserved word in zsh; + although strictly speaking this seems like an incompatibility in zsh + when linked to /bin/sh (closes: #340058). + * Fix --unpack-tarball= option (thanks, Torsten Landschoff; closes: + #500759). + * Fix handling of relative DEBOOTSTRAP_DIR (thanks, Mikhail Gusarov; + closes: #503460). + * Cope with ancient versions of chroot(8) that don't call chdir() (thanks, + Patrik Arvhult; closes: #350635). + * Recommend gnupg for --keyring option (thanks, Robert Millan; closes: + #467571). + * Note that you can't --include packages with non-required Pre-Depends + (see #487908). + * Mention /sys in EXAMPLE section of manual page, and use "defaults" + rather than "none" as the mount options for /proc (thanks, Raúl Sánchez + Siles; closes: #410787). + * Add /dev/console to devices.tar.gz (after all, MAKEDEV's 'consoleonly' + was added for boot-floppies in the first place; see + https://lists.ubuntu.com/archives/ubuntu-devel/2009-January/027230.html). + * Add support for squeeze (closes: #513488). + + -- Colin Watson Wed, 18 Feb 2009 23:46:12 +0000 + +debootstrap (1.0.10) unstable; urgency=low + + [ Joey Hess ] + * Avoid "broken pipe" errors in bootstrap.log from the the smallyes function. + The errors themselves are inherent to how the function is used, so just + suppress them. Closes: #480560. + + [ Frans Pop ] + * Do not cache Release and Release.gpg files. Closes: #488424. + * Abort if a Packages file failed to verify. + * Update standards version to 3.8.0; no other changes needed. + + -- Frans Pop Wed, 02 Jul 2008 17:44:25 +0200 + +debootstrap (1.0.9) unstable; urgency=low + + [ Frans Pop ] + * Error out on unrecognized options to avoid invalid options to be + recognized as arguments. + + [ Colin Watson ] + * Use 'chown 0:0' in all scripts rather than deprecated 'chown 0.0' + (thanks, Evan Klitzke). + * Add (Ubuntu) intrepid as a symlink to gutsy. + + -- Colin Watson Tue, 29 Apr 2008 19:36:19 +0100 + +debootstrap (1.0.8) unstable; urgency=low + + [ Frans Pop ] + * Change Priority for the udeb to extra in line with overrides file. + + [ Colin Watson ] + * Partially revert r50134; there are people who depend on being able to + use the "upstream" Makefile on non-Debian systems. Create necessary + directories in the Makefile rather than relying on dh_installdirs to do + it (LP: #172645). + * Use ftp.us.debian.org rather than ftp.debian.org + (http://lists.debian.org/debian-devel-announce/2007/12/msg00002.html). + + [ Anthony Towns ] + * Add minbase variant for the sid script that only install apt (and + its dependencies) instead of all of base. (Closes: Bug#351912, + Bug#452654) + * Make --second-stage not bother recalculating required and base as + it's not needed. + * Make --arch and other arguments accept both "--arch i386" and + "--arch=i386" forms of specifying a parameter to avoid the + inconsistency. + + [ Stephen R. Marenka ] + * Allow installation of etch-m68k. (Closes: Bug#458965) + + [ Colin Watson ] + * Add minbase variant for Ubuntu gutsy/hardy; see Anthony's change above. + * Minor manual page formatting improvements. + + -- Colin Watson Tue, 15 Jan 2008 11:19:34 +0000 + +debootstrap (1.0.7) unstable; urgency=low + + * No longer include full devices tarball in udeb. + * Also try 'udpkg --print-architecture' when determining the target + architecture. + * Utility pkgdetails moved from debootstrap-udeb to bootstrap-base so that + the udeb can become 'Architecture: all'. + * Change /usr/lib/debootstrap to /usr/share/debootstrap. Closes: #430615. + * Use tab indentation in debootstrap and functions saving 3kB (relevant for + Debian Installer). + * Fix various inconsistencies in build scripts. + * Fix dpkg-genchanges warning 'missing Priority for source files'. + * Update Standards-Version to 3.7.2. No changes needed. + * Changes in udeb require base-installer 1.85. + + -- Frans Pop Wed, 14 Nov 2007 12:15:45 +0100 + +debootstrap (1.0.6) unstable; urgency=low + + * Ensure that the target directory exists in check_sane_mount. + * Don't ignore 'make clean' errors. (The Makefile is always present.) + + -- Colin Watson Sun, 21 Oct 2007 10:50:59 +0100 + +debootstrap (1.0.5) unstable; urgency=low + + [ Colin Watson ] + * Don't rely on GNU sed's s///I extension (closes: #350583). + + [ Joey Hess ] + * Skip the noexec/nodev test when running --print-debs or other operations + that do not involve building systems. + + -- Joey Hess Sat, 20 Oct 2007 23:10:34 -0400 + +debootstrap (1.0.4) unstable; urgency=low + + [ Neil Williams ] + * Add --second-stage-target option that allows embedded to test for + installations in a chroot on the device (closes: #445157). + + [ Colin Watson ] + * Add (Ubuntu) hardy as a symlink to gutsy. + * Unmount /lib/init/rw on exit (closes: #391604). + * Cope if uncompressed Packages is missing from Release (closes: #402380). + * Don't rely on XSI test(1) extensions. + * Add support for ssh:/// URLs (thanks, Steffen Joeris; closes: #434893). + * Fix Ubuntu hoary and breezy scripts to unmount /dev etc. on exit + (closes: #327708). + * Emit an error if we cannot create working devices or executables on the + target (based on work by Bastian Kleineidam; closes: #233798). + + -- Colin Watson Fri, 19 Oct 2007 14:57:37 +0100 + +debootstrap (1.0.3) unstable; urgency=low + + * Ignore errors when unmounting filesystems, to avoid stopping at the + first one with problems. + + -- Colin Watson Tue, 21 Aug 2007 12:32:37 +0100 + +debootstrap (1.0.2) unstable; urgency=low + + [ Joey Hess ] + * Document --components in man page. + * Update man page, as packages listed in --include should now be auto + dep-resolved by default. + + [ Colin Watson ] + * Extensive quoting fixes, allowing installation to a target containing + spaces (closes: #387673). + * scripts/debian/sid: Handle libc0.3 on hurd-i386 (thanks, Michael Banck; + closes: #314304). + * functions: Stub out /proc setup and add device setup for the Hurd + (thanks, Michael Banck; closes: #314311). + * Add --version option (closes: #294484). + + [ Otavio Salvador ] + * Fix bunzip2 path. Thanks Martín Ferrari by + the patch (closes: #436218). + + -- Otavio Salvador Tue, 07 Aug 2007 20:12:55 -0300 + +debootstrap (1.0.1) unstable; urgency=low + + * scripts/ubuntu/gutsy: Determine buildd variant dynamically using + Build-Essential: yes. + * scripts/ubuntu/gutsy.fakechroot: Remove devmapper postinst hack, no + longer needed. + * scripts/ubuntu/*.fakechroot: Merge into the corresponding main scripts + as variants. + + -- Colin Watson Fri, 20 Jul 2007 11:55:22 +0100 + +debootstrap (1.0.0) unstable; urgency=low + + [ Anthony Towns ] + * Make debootstrap team maintained under the d-i banner. + * Add Joey, Frans and Junichi as uploaders, remove JHM (not in the + d-i group). + * Make pkgdetails.c not need C99 extensions. (Closes: Bug#398977) + * Fix am_doing_phase implementation in debootstrap script. Thanks to + Tero Janka for spotting the problem and the fix. (Closes: Bug#409881) + + [ Joey Hess ] + * Drop support for sarge from the udeb. + * Update README.Debian: + - One todo item is done. (I think cross-strap is too, but unsure.) + - Reword NMU policy to note that it's team-maintained now. + * ACK my prior NMU. Closes: #418600 + * If /dev/MAKEDEV DNE, as on certain s390 machines, use /sbin/MAKEDEV. + Closes: #420908 + Note that /dev/MAKEDEV is still the correct location, and is still tried + first so that building works on all FHS systems, as noted in #190239. + + [ Colin Watson ] + * Add support for Ubuntu dapper (Closes: #342838), edgy, feisty, and + gutsy. Exclude everything but gutsy from the udeb. + * Fix "deboostrap" typo in debootstrap(8) (thanks, Adam Conrad). + * Fix "htp" typo in temporary /etc/apt/sources.list. + * Drop support for woody from the udeb too. + * When removing $TARGET/debootstrap, debootstrap.log is still open as + stdout/stderr and needs to remain so, but after unlinking it some NFS + servers implement this by a temporary file in the same directory, which + makes it impossible to rmdir that directory. Moving it instead works + around the problem (thanks, Steven McCoy; + https://launchpad.net/bugs/65003). + * Fix formatting error in debootstrap(8) (.R is not a macro). + * Reorganise scripts into scripts/debian/ and scripts/ubuntu/ directories + in the source tree to declutter the top level. + * Add default_mirror function; reorganise the debootstrap script a little + so that it works. Set the default mirror for Ubuntu suites to + http://archive.ubuntu.com/ubuntu, and the default mirror for Debian + etch/lenny/sid architectures other than amd64 and i386 to + http://ftp.us.debian.org/debian (per ajt; see bug #363049). + * Add devices created by fd to devices-std.tar.gz, so that + /dev/std{in,out,err} is available conveniently in chroots with /proc and + /dev/pts mounted (thanks, Matthias Klose). + * Document --keyring and --make-tarball. (Closes: #368988) + * Update Ubuntu mirrors: warty/hoary/breezy => old-releases.ubuntu.com, + unsupported architectures => ports.ubuntu.com. + * Add myself to Uploaders. + * Bump to 1.0.0. Nobody uses debootstrap in production, do they? + + [ Joey Hess ] + * Remove the extended package description (aka bloat) from the udeb. + + -- Colin Watson Sat, 23 Jun 2007 02:19:27 +0100 + +debootstrap (0.3.3.3) unstable; urgency=low + + * NMU + * Add support for lenny. + + -- Joey Hess Tue, 10 Apr 2007 15:24:15 -0400 + +debootstrap (0.3.3.2) unstable; urgency=low + + * NMU with maintainer approval + * Remove --force-auto-select option for 'sid' script as it is no longer + supported by dpkg. Closes: #409527. + + -- Frans Pop Fri, 16 Feb 2007 20:43:36 +0100 + +debootstrap (0.3.3.1) unstable; urgency=low + + * NMU with maintainer approval + * functions/get_debs: build list of available packages from all specified + sources; this allows debootstrap to also use e.g. custom versions of base + packages from a source of local packages included on an installation CD. + Closes: #398762. + + -- Frans Pop Thu, 16 Nov 2006 05:30:43 +0100 + +debootstrap (0.3.3) unstable; urgency=low + + * Include kFreeBSD and fakechroot support from 0.3.2.1 and 0.3.2.2 NMUs, + thanks to Otavio Salvador and Piotr Roszatycki. (Closes: Bug#319100, + Bug#328446, Bug#204652, Bug#315044, Bug#Bug#319799) + + * Require target to be specified in all cases; document usage of target + for --print-debs. (Closes: Bug#335922, Bug#337230) + + * Use ln -sf when symlinking awk for woody and sarge. (Closes: Bug#299048) + + -- Anthony Towns Sun, 6 Nov 2005 04:12:39 +1000 + +debootstrap (0.3.2.2) unstable; urgency=low + + * NMU + * Added relicensed fakechroot variant. Closes: #204652. + + -- Piotr Roszatycki Sat, 29 Oct 2005 11:29:00 +0200 + +debootstrap (0.3.2.1) unstable; urgency=low + + * NMU with maintainer approval + * Applied patch from Robert Millan to add support to + Debian GNU/kFreeBSD. Closes: #319799 + + -- Otavio Salvador Fri, 28 Oct 2005 16:14:57 -0200 + +debootstrap (0.3.2) unstable; urgency=low + + * Revert fakechroot NMUs (0.3.1.1, 0.3.1.3, 0.3.1.7) due to incompatible + license requirements (GPL) (Reopens: Bug#204652) + + * Changes from 0.3.1.2 NMU, thanks to Joey Hess: (Closes: Bug#314810) + + Fix incorrect use of "$@" in local. Closes: #314157, #314547 + + Fix fd redirection in download progress code. See #314373 + + Remove md5sums file from udeb. Closes: #314378 + + Fix debian-installer mode warning code. Closes: #314340 + + * Changes from 0.3.1.4 NMU, thanks to Joey Hess: + + Wrap eval statement in exit_function in parens, working around + bug #315444 in busybox sh. Closes: #314373 + + * Changes from 0.3.1.5 NMU, thanks to Anibal Monsalve Salazar: + + Fixed "--variant=buildd option does not work" for pbuilder, + closes: #314858. Patch by Matt Kraai . + + * Changes from 0.3.1.6 NMU, thanks to Joey Hess: + + Patch from Colin to redirect status messages to stderr when running + --print-debs. Closes: #315875 + + Restore logging to stderr in debian-installer mode. Closes: #314160 + + * Changes from 0.3.1.8 NMU, thanks to Petter Reinholdtsen: + + [functions] Mount /sys if it exist and is supported by the kernel. + Patch from Cajus Pollmeier, Colin Watson and Ubuntu. (Closes: #289105) + + [debootstrap] Document --resolve-deps in usage info. (Closes: #328161) + + [etch] Replace libsigc++-1.2-5c102 with libsigc++-1.2-5c2. (Closes: #334506) + + [etch] Remove pppoe from base, and only install + ipchains on m68k. Patch from Sven Luther. (Closes: #239390) + + [sarge] Remove duplicate entries for m68k and amd64. Patch from + Frans Pop. (Workaround for bug #319777) + + [etch] Add support for ppc64. The patch for 'sid' did no longer + apply. Patch from Andreas Jochens. (Closes: #313353) + + [sarge,etch,sid] Set DEBCONF_NONINTERACTIVE_SEEN=true during build, to + avoid questions during upgrade. (Closes: #238301) + + Add script for breezy. Patch from Colin Watson. (Closes: #315940) + + * Changes from 0.3.1.9 NMU, thanks to Joey Hess: + + Replace the etch script with a copy of the sid script, which pulls in + gnupg, so the installed etch system has a usable apt. Closes: #334521 + + * Create /dev/ptmx in minimal devices tarball. (Closes: Bug#317072) + + * Don't create empty available files, since old dpkg and new kernels can't + deal with them. (Closes: Bug#308169, Bug#329468) + + * Bump Standards-Version. Bump debhelper compatability level to 4. + * Cleanup debian/rules, thanks to Joey Hess. (Closes: Bug#314863) + + * Emit error message if no pkgdetails is available. (Closes: Bug#326831) + + * Turn on --resolve-deps by default. Add --no-resolve-deps as an option. + Combined with the previous changes to make the etch script dynamically + determine base, this should resolve all the "can't install " + bugs. (Closes: Bug#280210, Bug#308361, Bug#318281, Bug#323362, + Bug#318254, Bug#313292, Bug#334683, Bug#248578, Bug#289635) + + * md5sum doesn't exist when coreutils is unpacked but not configured; + cp it across so it's available for --second-stage. (Closes: Bug#329394) + + * Catch failures in "dpkg --status-fd" (Closes: Bug#317447, Bug#323661) + + * Make "without" work right for duplicates (Closes: Bug#316884, + Bug#319777) + + * Simplify and correct file descriptor handling and debootstrap.log + behaviour. + + * Delete $TARGET with --print-debs and --make-tarball. (Closes: Bug#328369) + + * Add a --make-tarball option. (Closes: Bug#152845) + + * Create a default sources.list for apt. (Closes: Bug#283234, Bug#315225) + + * Update manpage to talk about woody instead of sarge. (Closes: Bug#315862) + + * Use partial/ directory when downloading. (Closes: Bug#109176) + + -- Anthony Towns Sun, 23 Oct 2005 14:49:08 +1000 + +debootstrap (0.3.1) unstable; urgency=low + + * sid script updated: + - Determine base dynamically (Priority: required for required packages, + Priority: important for base packages, Build-Essential: yes for buildd + variant base). (Closes: Bug#88984, Bug#193134) + - Use fine grained dpkg progress display, thanks again to Colin Watson. + (Closes: Bug#229314, Bug#231109, Bug#244563) + + * dpkg output (etc) goes to /var/log/bootstrap.log in the target, rather + than stdout. This is probably difficult for frontends to capture + at present. + + * Parsing of Packages file sped up. (Yay!) + + * debootstrap.deb now arch: all (Closes: Bug#122465, Bug#131552) + - perl implementation of pkgdetails used by preference + - devices.tar.gz reduced to minimal set of devices; frontends should + setup udev or supply their own devices or similar in future + - /usr/lib/debootstrap/arch not shipped + - none of the above applies to udebs yet; though the devices.tar.gz + change will eventually + + * Support for verifying based on Release.gpg files (--keyring). Thanks + to Colin Watson. (Closes: Bug#313383) + + -- Anthony Towns Tue, 14 Jun 2005 00:22:55 +1000 + +debootstrap (0.3.0) unstable; urgency=low + + * The Gernot Heiser release, dedicated to everyone who drinks enough to + lose their better judgement, and those of us who didn't have any in + the first place. + + * Major update. New features: + + Use $TARGET/debootstrap directory for state info + (--keep-debootstrap-dir) + + Support for cross-strapping (--foreign / --second-stage) + (Closes: Bug#202529) + + Support for resolving dependencies (--resolve-deps) + + Support for Debian etch, and Ubuntu warty and hoary (Closes: Bug#312417) + + Support for handling variants within the main suite script + + Support for other versions of base packages in /v/c/apt/archives + + Initial support for fine-grained dpkg progress display, thanks to + Colin Watson (currently only for warty and hoary) + + Initial support for determining base system dynamically. + + No longer display "debootstrap.invalid" when working with + Release/Packages files. (Closes: Bug#241795, Bug#256255) + + Ignores failures for on_exit cleanup commands. (Closes: Bug#253387, + Bug#253468, Bug#308774) + + Early reporting of unavailable packages. + + More efficient parsing of Packages files. + + Generalised additions and exclusions. (Closes: Bug#191793) + + Handles symlinked configuration files in /etc a little better. + (Closes: Bug#161987, Bug#252907, Bug#272257) + + * Dropped support for slink. + + * Use ln -fs for mawk/awk link. (Closes: Bug#248398, Bug#258524) + + * Dropped mail-transport-agent, and hence mailx and at from sid/etch base. + (Closes: Bug#168473) + * Dropped ipchains for i386 (Closes: Bug#266119) + * Other minor changes to meet dependencies, also. (Closes: Bug#312701) + + * Minor manpage fixes. (Closes: Bug#285777) + * Add check for specifying no components (CloseS: Bug#283810) + + * Include 0.2.45 NMUs, thanks to Steve Langasek. + (Closes: Bug#295571, Bug#283752, Bug#278158) + + -- Anthony Towns Sun, 12 Jun 2005 23:49:58 +1000 + +debootstrap (0.2.45-0.2) unstable; urgency=low + + * Non-maintainer upload. + * [sarge, sid] Replace libparted1.6-0 with libparted1.6-12 for ia64, + to keep up with the ABI changes for that package. (Closes: #295571) + * [sarge, sid] include pciutils on hppa as well, per request of the + hppa folks. (Closes: #283752) + + -- Steve Langasek Fri, 25 Feb 2005 22:23:30 -0800 + +debootstrap (0.2.45-0.1) unstable; urgency=low + + * Non-maintainer upload. + * [sarge, sid] Drop libgnutls10 and libgcrypt7, since they are no + longer needed by exim4. (Closes: #278158). + + -- Steve Langasek Thu, 20 Jan 2005 21:20:22 -0800 + +debootstrap (0.2.45) unstable; urgency=high + + * Acknowledge NMUs. (Closes: #270135) + * [woody.buildd] Corrected ia64 special cases. Patch by Brett Johnson + . (Closes: #271894) + + -- J.H.M. Dassen (Ray) Sat, 18 Sep 2004 13:49:23 +0200 + +debootstrap (0.2.44.2) unstable; urgency=low + + * NMU again, this time using the makedev in unstable instead of the + experimental so devices.tar.gz isn't empty on ia64... oops... /o\ + + -- Bdale Garbee Tue, 14 Sep 2004 20:03:56 -0600 + +debootstrap (0.2.44.1) unstable; urgency=low + + * NMU to resolve d-i inability to install sid on ia64 + * add pciutils to the base package list for ia64, to avoid having to regress + efibootmgr in unstable, closes: #270315, #268490 + + -- Bdale Garbee Mon, 13 Sep 2004 15:11:11 -0500 + +debootstrap (0.2.44) unstable; urgency=high + + * [sarge] Removed "gcc-3.0-base" and "libstdc++3" for HPPA as they have been + removed from sarge as well on that arch. (Closes: #268917) + + -- J.H.M. Dassen (Ray) Mon, 30 Aug 2004 08:53:30 +0200 + +debootstrap (0.2.43) unstable; urgency=high + + * [sarge] Added back libgnutls10 in order not to break d-i testing. + (Closes: #268578, #268663). + + -- J.H.M. Dassen (Ray) Sun, 29 Aug 2004 09:08:48 +0200 + +debootstrap (0.2.42) unstable; urgency=high + + * Acknowledge NMUs. (Closes: #262137, #262165, #262178, #262375) + * [sarge] Switch to libgnutls11 so exim4 can switch. (Closes: #268325) + * [sid] Removed "gcc-3.0-base" and "libstdc++3" for HPPA as they have been + removed from sid. (Closes: #268049) + * [Makefile] Make the regular video devices on all archs. (Closes: #265081) + * [Makefile,debootstrap] Switched away from deprecated chown syntax; + switched away from XSIisms '-a' and '-o'. (Closes: #256098) + * [debootstrap.8] Use '\-' rather than '-' in options. (Closes: #263955) + Confirmed that the "exlude" typo has already been fixed. (Closes: #254108) + Applied patch by Javier Fernández-Sanguino Peña + for "file" URL documentation and a more complete example. (Closes: #226662) + + -- J.H.M. Dassen (Ray) Fri, 27 Aug 2004 15:40:02 +0200 + +debootstrap (0.2.41-0.2) unstable; urgency=low + + * Non-maintainer upload + * [sarge, sid] Add missing libgcrypt11 to base, needed by libgnutls11 + in sid and needed in sarge for opencdk8 to be rebuilt against it + (closes: #262375, #262178). + + -- Steve Langasek Fri, 30 Jul 2004 20:26:57 -0700 + +debootstrap (0.2.41-0.1) unstable; urgency=low + + * Non-maintainer upload with consent of JHM. + * Pull libfribidi0 back out of base, it's opportunistically installed + by d-i now for the locales that need it (closes: #262137). + * Re-add bootloaders on ia64, sparc, mips, hppa, and m68k to base, + because debian-installer isn't ready for this change (closes: #262165). + + -- Steve Langasek Thu, 29 Jul 2004 14:14:33 -0700 + +debootstrap (0.2.41) unstable; urgency=high + + * High urgency upload as per tbm's request. + * [sarge, sid] No longer install setserial, as it causes problems on some + systems (e.g. #212646) and there is a consensus it is no longer needed in + a base environment. + * [sarge, sid] Removed aboot, aboot-base, elilo, efibootmgr, silo, dvhtool, + delo, palo, vmelilo. As per the consensus reached in the thread starting + with http://lists.debian.org/debian-boot/2004/04/msg00634.html, the + installation of boot loaders is now debian-installer's responsibility. + (Closes: #247906) + * [sarge, sid] Added libfribidi0 to base to make debconf localisation into + right to left languages possible. (Closes: #253229) + * [sarge.buildd] Drop libdb4.0 for libdb4.2 as needed by perl. + * [sid] Added libgnutls11 as libgnutls10 is being phased out. + * [Makefile] Include /dev/ida on ia64. (Closes: #258055) + + -- J.H.M. Dassen (Ray) Thu, 29 Jul 2004 20:37:37 +0200 + +debootstrap (0.2.40) unstable; urgency=medium + + * [woody.buildd] Ensure the on_exit umounting of /dev/pts doesn't mess up + an otherwise OK exit status. (Closes: #260699) + * Acknowledge NMUs. (Closes: #258350, #260253) + + -- J.H.M. Dassen (Ray) Thu, 22 Jul 2004 21:53:20 +0200 + +debootstrap (0.2.39.2) unstable; urgency=low + + * Non-maintainer upload. + * [sarge, sid] Drop quik from powerpc, as debian-installer handles this + now (closes: #260253). + + -- Colin Watson Thu, 22 Jul 2004 16:56:19 +0100 + +debootstrap (0.2.39.1) unstable; urgency=low + + * NMU + * add passwd to sid.buildd,sarge.buildd as bash depends on them + + -- Junichi Uekawa Fri, 9 Jul 2004 09:07:28 +0900 + +debootstrap (0.2.39) unstable; urgency=medium + + * [sarge,sid] Dropped libdb2. Thanks Matt Zimmerman. (Closes: #250813) + * [sarge,sid] Dropped libident. Thanks LaMont Jones. (Closes: #251320) + * [sarge,sid] Dropped slang1. Thanks LaMont Jones. (Closes: #251328) + * [woody.buildd] Install libperl5.6. Thanks Rene Engelhard. (Closes: #251702) + * [sarge.buildd] Install libc6.1 rather than libc6 on alpha. Thanks Rene + Engelhard. (Closes: #251703) + + Goswin von Brederlow + * Copy script for sarge to sid + * Add handling for amd64 to sarge/sid scripts + * Dropped gcc-3.2-base. (Closes: #250836) + + -- J.H.M. Dassen (Ray) Sat, 5 Jun 2004 10:02:50 +0200 + +debootstrap (0.2.38.1) unstable; urgency=low + + * NMU. + * [sarge] Add libdb4.2 since apt-utils (0.5.25) depends on this. + + -- Otavio Salvador Thu, 20 May 2004 22:18:41 -0300 + +debootstrap (0.2.38) unstable; urgency=medium + + * [woody.buildd] Readd libgdbmg1 (for perl-modules). + + -- J.H.M. Dassen (Ray) Fri, 7 May 2004 10:55:13 +0200 + +debootstrap (0.2.37) unstable; urgency=medium + + * [debian/control] Bumped makedev build dependency so as not to get pty + permissions problems. (Closes: #246709) + * [sid, sid.buildd] Add/switch to libdb4.2 for the new perl packages. + * Acknowledge NMU 0.2.36.1. (Closes: #246368) + + -- J.H.M. Dassen (Ray) Tue, 4 May 2004 07:58:02 +0200 + +debootstrap (0.2.36.1) unstable; urgency=low + + * Non-maintainer upload with maintainer permission. + * [sarge, sid] Drop yaboot from powerpc, as debian-installer handles this + now (closes: #246368). + + -- Colin Watson Fri, 30 Apr 2004 00:05:02 +0100 + +debootstrap (0.2.36) unstable; urgency=high + + Joey Hess : + * [sid, sarge] Add a subst_package function, and use it to replace libc6 + with libc6.1 on alpha and ia64, to avoid reordering libc in the required + list and work around bug #238963. (Closes: #245680) + + -- J.H.M. Dassen (Ray) Sun, 25 Apr 2004 18:37:42 +0200 + +debootstrap (0.2.35) unstable; urgency=high + + * [sarge, sid] Dropped syslinux. (Closes: #205379) + * [woody, woody.buildd] Removed libgdbmg1. (Closes: #244447) + * [debootstrap, functions] Sync at the end of debootstrap. (Closes: #225742) + + -- J.H.M. Dassen (Ray) Thu, 22 Apr 2004 16:51:49 +0200 + +debootstrap (0.2.34) unstable; urgency=high + + * [sid] Dropped libpci1 and libpci2 as the pciutils dependency change has + been reverted. (Closes: #244344) + + -- J.H.M. Dassen (Ray) Thu, 22 Apr 2004 08:14:28 +0200 + +debootstrap (0.2.33) unstable; urgency=high + + * [sid] Added libpci1 and libpci2 for all archs where pciutils is installed, + as pciutils now depends on them. (Closes: #244344) + + -- J.H.M. Dassen (Ray) Sun, 18 Apr 2004 09:41:23 +0200 + +debootstrap (0.2.32) unstable; urgency=high + + * [sarge, sid] No longer try to filter out console-tools on s390. While + console-tools is basically useless on s390, base-config depends on it. + (Closes: #241727) + + -- J.H.M. Dassen (Ray) Fri, 9 Apr 2004 16:26:23 +0200 + +debootstrap (0.2.31) unstable; urgency=medium + + * [sarge] Exim has changed GnuTLS dependencies. Added libgnutls10, + libgcrypt7, libgpg-error0, libopencdk8, libtasn1-2; dropped libgnutls7, + libgcrypt1, libtasn1-0. + * [sarge] Removed libgnutls7, libgcrypt1, libtasn1-0. + + -- J.H.M. Dassen (Ray) Tue, 23 Mar 2004 22:47:28 +0100 + +debootstrap (0.2.30) unstable; urgency=medium + + * [sarge, sid] aboot needs aboot-base. (Closes: #236368, #239302) + + -- J.H.M. Dassen (Ray) Mon, 22 Mar 2004 21:10:31 +0100 + +debootstrap (0.2.29) unstable; urgency=low + + * NMU with permission of maintainer. + * Added {woody,sarge,sid}.buildd scripts to create build chroots. + Closes: #236418. + * Added --variant=buildd option for convenient access to these scripts. + + -- Daniel Schepler Wed, 10 Mar 2004 02:29:27 -0800 + +debootstrap (0.2.28) unstable; urgency=medium + + * [sid] Exim has changed GnuTLS dependencies. Added libgnutls10, libgcrypt7, + libgpg-error0, libopencdk8, libtasn1-2; dropped libgnutls7, libgcrypt1, + libtasn1-0. + * [sarge,sid] Dropped lilo, mbr, modconf, libdevmapper1.00 as + debian-installer handles the bootloader installation and modules + configuration. (Closes: #232667, #232672, #232673) + + -- J.H.M. Dassen (Ray) Tue, 24 Feb 2004 09:57:35 +0100 + +debootstrap (0.2.27) unstable; urgency=medium + + * [sarge] Lilo now needs libdevmapper1.00; Removed libopencdk8, libgcrypt7, + libgpg-error0. + + -- J.H.M. Dassen (Ray) Sat, 14 Feb 2004 01:19:48 +0100 + +debootstrap (0.2.26) unstable; urgency=medium + + * [sarge] Removed gcc-3.2-base. (Closes: #230697) + * [sid] Lilo now needs libdevmapper1.00 . + + -- J.H.M. Dassen (Ray) Tue, 3 Feb 2004 08:27:54 +0100 + +debootstrap (0.2.25) unstable; urgency=high + + * [functions] Unmount proc/bus/usb, not proc/usb. (Closes: #229122) + + -- J.H.M. Dassen (Ray) Fri, 30 Jan 2004 18:01:29 +0100 + +debootstrap (0.2.24) unstable; urgency=high + + * [functions, sarge, sid] Try to unmount proc/usb, dev/shm, dev/pts on exit; + don't fail when there's nothing to unmount. + (Closes: #229122, #229901, #229907) + * [woody] Don't fail when there's no dev/pts to unmount. + * [sarge, sid] Don't install pcmcia-cs as debian-installer takes care of + that where needed. (Closes: #221907) + * [sid] Removed libopencdk8, libgcrypt7, libgpg-error0. + * [sarge] libopencdk8 (needed for exim4-daemon-light via libgnutls7) + Depends: libgcrypt7, libgpg-error0. (Closes: #229989) + + -- J.H.M. Dassen (Ray) Wed, 28 Jan 2004 18:48:02 +0100 + +debootstrap (0.2.23) unstable; urgency=high + + * [sarge] Dropped libopencdk4 in favour of libopencdk8 as gnutls has switched. + + -- J.H.M. Dassen (Ray) Thu, 1 Jan 2004 01:30:02 +0100 + +debootstrap (0.2.22) unstable; urgency=high + + * [sid] libopencdk8 Depends: libgcrypt7, libgpg-error0. + + -- J.H.M. Dassen (Ray) Wed, 31 Dec 2003 12:35:03 +0100 + +debootstrap (0.2.21) unstable; urgency=high + + * [sarge] Added coreutils' new predependencies libacl1 and libattr1; removed + libsasl2 as it is no longer needed. + + -- J.H.M. Dassen (Ray) Sun, 28 Dec 2003 22:54:08 +0100 + +debootstrap (0.2.20) unstable; urgency=high + + * [sarge] base-config now Depends: aptitude; aptitude Depends: + libsigc++-1.2-5c102. + + -- J.H.M. Dassen (Ray) Sun, 28 Dec 2003 15:11:31 +0100 + +debootstrap (0.2.19) unstable; urgency=high + + * [sid] base-config now Depends: aptitude; aptitude Depends: + libsigc++-1.2-5c102. + + -- J.H.M. Dassen (Ray) Wed, 24 Dec 2003 09:03:44 +0100 + +debootstrap (0.2.18) unstable; urgency=low + + * Thanks to Steinar Gunderson and Matt Kraii for the NMU fixing some + d-i related problems. (Closes: Bug#220150) + * Acknowledge that the problems really are fixed now. (Closes: + Bug#213669, Bug#209273, Bug#210912) + + * Fix downloading of Packages files to retry if bz2 or gz isn't available + on the mirror. (Closes: Bug#194592) + + -- Anthony Towns Sat, 15 Nov 2003 00:13:13 +1000 + +debootstrap (0.2.17.1) unstable; urgency=high + + * NMU + * [sarge,sid] Display only the package name when retrieving packages. + (Closes: #213669, #209273) + * [sarge,sid] Added progress information for downloading package + details. (Closes: #210912) + + -- Steinar H. Gunderson Mon, 10 Nov 2003 15:11:09 +0100 + +debootstrap (0.2.17) unstable; urgency=high + + * [sarge] Fixed typo: libreadlin4 -> libreadline4. (Closes: #219655) + + -- J.H.M. Dassen (Ray) Sat, 8 Nov 2003 23:23:37 +0100 + +debootstrap (0.2.16) unstable; urgency=high + + * [sarge,sid] libreadline4 is required for amiga-fdisk on powerpc. + (Closes: #218533) + * [sarge,sid] Put libreadline4 in required rather than base for ia64. + + -- J.H.M. Dassen (Ray) Wed, 5 Nov 2003 08:09:41 +0100 + +debootstrap (0.2.15) unstable; urgency=high + + * ia64 fixes by Richard Hirst : (Closes: #218533) + * [sarge, sid] Add libreadline4 to base for ia64 as parted needs it. + * [sarge, sid] Remove gcc-2.96-base from required for ia64. + + -- J.H.M. Dassen (Ray) Sat, 1 Nov 2003 12:58:34 +0100 + +debootstrap (0.2.14) unstable; urgency=high + + * [sarge] Made exim4 the default MTA. (Closes: #217657) + * [sarge] Removed libstdc++2.10-glibc2.2, libldap2 . + * [sid] Dropped libopencdk4 in favour of libopencdk8 as gnutls has switched. + + -- J.H.M. Dassen (Ray) Tue, 28 Oct 2003 09:56:27 +0100 + +debootstrap (0.2.13) unstable; urgency=high + + * [sarge] Added libtextwrap1 for tasksel. + + -- J.H.M. Dassen (Ray) Wed, 22 Oct 2003 08:10:37 +0200 + +debootstrap (0.2.12) unstable; urgency=high + + * [sarge, sid] Add libreadline4 to required for m68k as amiga-fdisk needs + it. (Closes: #216617) + + -- J.H.M. Dassen (Ray) Mon, 20 Oct 2003 10:05:09 +0200 + +debootstrap (0.2.11) unstable; urgency=high + + * [sid] Added libc6-sparc64 lib64gcc1 lib64ncurses5 to base for sparc. + (Closes: #215590) + * [sarge, sid] Dropped libreadline as bash no longer depends on it. + * [sid] Dropped libstdc++2.10-glibc2.2 and its associated special cases as + it is no longer needed. + + -- J.H.M. Dassen (Ray) Wed, 15 Oct 2003 19:42:58 +0200 + +debootstrap (0.2.10) unstable; urgency=high + + * [sid] Fixed /usr/sbin/sendmail symlink to point to exim4. (Closes: #213734) + + -- J.H.M. Dassen (Ray) Sat, 4 Oct 2003 15:47:31 +0200 + +debootstrap (0.2.9) unstable; urgency=high + + * [sarge] Added libgdbm3 for man-db. + + -- J.H.M. Dassen (Ray) Thu, 2 Oct 2003 23:57:09 +0200 + +debootstrap (0.2.8) unstable; urgency=high + + * [sid] Added libtextwrap1 for tasksel; removed libsasl2 as it is no longer + needed. + + -- J.H.M. Dassen (Ray) Thu, 2 Oct 2003 07:57:16 +0200 + +debootstrap (0.2.7) unstable; urgency=high (fixes RC d-i bug) + + * [sarge] Reinstated special-case for libperl5.8; it is still needed for + non-i386 until sarge has perl >= 5.8.0-20. (Closes: #213280) + * [debian/control] Updated Standards-Version; fixed removal of slink and + potato scripts from udeb. + * [debian/control] Updated priorities; debootstrap-udeb is required (for + debian-installer). + * [debian/rules] Fixed dpkg-distaddfile accordingly. + + -- J.H.M. Dassen (Ray) Tue, 30 Sep 2003 14:31:57 +0200 + +debootstrap (0.2.6) unstable; urgency=low + + * [sarge] Added e2fslibs, libcomerr2, libss2, libuuid1 for e2fsprogs. + + -- J.H.M. Dassen (Ray) Fri, 26 Sep 2003 13:50:58 +0200 + +debootstrap (0.2.5) unstable; urgency=low + + * [sid] Added libgdbm3 for man-db. + * [sarge, sid] Dropped special-case for libperl5.8 (Closes: #210425). + * [sid] Make exim4 the default MTA as it is configured through debconf. + (Closes: #208047) + * [sid] Removed libldap2 which is no longer needed. + + -- J.H.M. Dassen (Ray) Sun, 21 Sep 2003 13:30:49 +0200 + +debootstrap (0.2.4) unstable; urgency=low + + * [sid] Added coreutils' new predependencies libacl1 and libattr1. + * [debian/README.Debian] Corrected example invocation. (Closes: #206142) + * [debian/README.Debian] Fixed a typo. + + -- J.H.M. Dassen (Ray) Wed, 20 Aug 2003 10:28:49 +0200 + +debootstrap (0.2.3) unstable; urgency=low + + * [sarge] Add new dependencies of debconf: debconf-i18n + liblocale-gettext-perl libtext-wrapi18n-perl libtext-charwidth-perl. + * Acknowledge NMU. (Closes: #203370) + + -- J.H.M. Dassen (Ray) Sat, 16 Aug 2003 20:15:40 +0200 + +debootstrap (0.2.2-0.1) unstable; urgency=low + + * NMU. + * Fix typo in woody script. (Closes: #203370) + + -- Petter Reinholdtsen Tue, 29 Jul 2003 20:29:01 +0200 + +debootstrap (0.2.2) unstable; urgency=low + + * [debian/changelog] Included entries for NMUs 0.1.17.31 through .34 whose + changes were incorporated by aj already. + * [Makefile] Invoke MAKEDEV through its FHS location (noted by Matt + Zimmerman). (Closes: #190239) + * Acknowledge older NMUs whose changes have been incoporated. + (Closes: #135675, #161695, #191849) + + -- J.H.M. Dassen (Ray) Tue, 29 Jul 2003 18:31:49 +0200 + +debootstrap (0.2.1) unstable; urgency=low + + * The Day of the Daffodils release. + + * Accept NMUs up to 0.1.17.30. Thanks guys! (Closes: Bug#148377, + Bug#150161, Bug#150492, Bug#153962, Bug#154463, Bug#155906, + Bug#160879, Bug#161469, Bug#161469, Bug#161722, Bug#163860, + Bug#172118, Bug#176221, Bug#179504, Bug#179725, Bug#185397, + Bug#187893, Bug#188053, Bug#189472, Bug#189551, Bug#190108, + Bug#191288, Bug#193794, Bug#193806, Bug#195012, Bug#195742, + Bug#199333, Bug#201066) + * JHM added to Uploaders. + + * Change the info/error/warning/progress calls to include a unique word + for each string, a printf format string, and any arguments to the + printf string. + * Add support for debian-installer interaction + + * Add some support for l10n. Gettext is used if it's available; no + translations are included as of yet. This support doesn't + affect debian-installer, which has its own stuff for i18n, nor + boot-floppies. (Closes: Bug#125647) + + * Some initial support for cross-bootstrapping in the sid script. + + * Use dpkg --print-installation-architecture instead of + --print-architecture. (Closes: Bug#138526, Bug#159720) + + * Add new dependencies of debconf: debconf-i18n liblocale-gettext-perl + libtext-wrapi18n-perl libtext-charwidth-perl. (Closes: Bug#201066) + * Add new dependencies of libldap2: libgnutls7 libgcrypt1 liblzo1 + libopencdk4 libtasn1-0 zlib1g. (Closes: Bug#201663) + * Remove libgdbmg1. (Closes: Bug#202304) + * Add new dependecies of e2fsprogs: e2fslibs libcomerr2 libss2 libuuid1. + (Closes: Bug#203033) + * Add wget to base. (Closes: Bug#145635) + * Switch from netkit-ping to iputils-ping. + + * Changed the manpage a little. (Closes: Bug#126864) + * Updated README.Debian. + + -- Anthony Towns Tue, 29 Jul 2003 18:15:24 +1000 + +debootstrap (0.1.17.34) unstable; urgency=medium + + * [sid] Added e2fsprogs' new predependencies (e2fslibs, libcomerr2, libss2, + libuuid1). + * [sarge] Removed libgdbmg1 as it is no longer needed. + + -- J.H.M. Dassen (Ray) Sun, 27 Jul 2003 09:20:49 +0200 + +debootstrap (0.1.17.33) unstable; urgency=medium + + * [sid] Removed libgdbmg1 as it is no longer needed. + * [sarge] libldap2 now Depends: libgnutls7, libsasl2; added those and their + dependencies (libgcrypt1 liblzo1 libopencdk4 libtasn1-0 zlib1g). Dropped + libsasl7 in favour of libsasl2. + + -- J.H.M. Dassen (Ray) Mon, 21 Jul 2003 19:00:28 +0200 + +debootstrap (0.1.17.32) unstable; urgency=medium + + * [sid] libldap2 now Depends: libgnutls7; added that and its dependencies + (libgcrypt1 liblzo1 libopencdk4 libtasn1-0 zlib1g); dropped libssl0.9.7 . + + -- J.H.M. Dassen (Ray) Thu, 17 Jul 2003 07:05:09 +0200 + +debootstrap (0.1.17.31) unstable; urgency=medium + + * [sid] Follow debconf changes. debconf now Depends: debconf-i18n | + debconf-english; debconf-i18n having Priority: important and + debconf-english having Priority: extra, so we satisfy the dependency + through debconf-i18n. debconf-i18n in turn pulls in three additional + packages: liblocale-gettext-perl, libtext-wrapi18n-perl, + libtext-charwidth-perl . + + -- J.H.M. Dassen (Ray) Sun, 13 Jul 2003 08:52:55 +0200 + +debootstrap (0.1.17.30) unstable; urgency=medium + + * [sarge] + * Added sysv-rc for /usr/sbin/update-rc.d . + * Added initscripts to satisfy sysvinit's predependency. + * libparted1.6-0 has replaced libparted1.4 on ia64. (Closes: #197957) + + -- J.H.M. Dassen (Ray) Mon, 30 Jun 2003 07:05:22 +0200 + +debootstrap (0.1.17.29) unstable; urgency=medium + + * [sid] libconsole has replaced console-tools-libs. (Closes: #195722) + * [sarge] libperl5.6 has been replaced by libperl5.8 . (Closes: #195588) + + -- J.H.M. Dassen (Ray) Mon, 2 Jun 2003 00:40:54 +0200 + +debootstrap (0.1.17.28) unstable; urgency=medium + + * [sarge] libnewt0.51 has replaced libnewt0; it requires slang1a-utf8. + + -- J.H.M. Dassen (Ray) Wed, 28 May 2003 07:42:14 +0200 + +debootstrap (0.1.17.27) unstable; urgency=medium + + * urgency medium to not hold up .26 with that longer as necessary + * [sarge] added libtext-iconv-perl (this is the second part + from .22) (closes: #184539) + + -- Rene Engelhard Mon, 19 May 2003 00:08:48 +0200 + +debootstrap (0.1.17.26) unstable; urgency=medium + + * [sarge] libpcap0.7 has replaced libpcap0. + + -- J.H.M. Dassen (Ray) Sun, 18 May 2003 23:23:46 +0200 + +debootstrap (0.1.17.25) unstable; urgency=medium + + * [sarge] Added libblkid1 (for e2fsprogs). + + -- J.H.M. Dassen (Ray) Sun, 4 May 2003 12:44:00 +0200 + +debootstrap (0.1.17.24) unstable; urgency=medium + + * [sid] Updates for new whiptail: + * Replaced libnewt0 by libnewt0.51. + * Added slang1a-utf8. + + -- J.H.M. Dassen (Ray) Tue, 29 Apr 2003 19:04:51 +0200 + +debootstrap (0.1.17.23) unstable; urgency=medium + + * [sid] + * Added sysv-rc for /usr/sbin/update-rc.d . + * Added initscripts to satisfy sysvinit's predependency. + * For exim, dropped libsasl7 in favour of libsasl2. + * Added libssl0.9.7 for libsasl2. + + -- J.H.M. Dassen (Ray) Tue, 22 Apr 2003 06:56:25 +0200 + +debootstrap (0.1.17.22) unstable; urgency=low + + * [sid] added libtext-iconv-perl which is needed to display + localized po-debconf templates actually localized. + This needs a second step later for sarge but that only is possible + after libtext-iconv-perl 1.2-2 went into sarge. + + -- Rene Engelhard Fri, 18 Apr 2003 16:25:17 +0200 + +debootstrap (0.1.17.21) unstable; urgency=medium + + * [sarge, sid] Added gcc-3.3-base (as it is needed for current libstdc++5). + + -- J.H.M. Dassen (Ray) Fri, 18 Apr 2003 08:11:55 +0200 + +debootstrap (0.1.17.20) unstable; urgency=medium + + * [woody, sarge, sid] Add devfsd on s390 as that architecture uses devfs by + default. (Closes: #180252) + * [sarge] Removed the dummy fileutils package. + + -- J.H.M. Dassen (Ray) Mon, 7 Apr 2003 19:59:42 +0200 + +debootstrap (0.1.17.19) unstable; urgency=medium + + * [sid] Added libblkid1 (for e2fsprogs). + + -- J.H.M. Dassen (Ray) Sun, 6 Apr 2003 21:43:29 +0200 + +debootstrap (0.1.17.18) unstable; urgency=medium + + * [sarge] Added libgcc1, libstdc++5, gcc-3.2-base; dropped aptitude, + libsigc++0 . + * Debootstrap has depended on binutils since 0.1.17.3. (Closes: #184304) + + -- J.H.M. Dassen (Ray) Wed, 19 Mar 2003 06:55:56 +0100 + +debootstrap (0.1.17.17) unstable; urgency=medium + + * NMU + * Really drop aptitude from the sid script, not just libsigc++0. + + -- J.H.M. Dassen (Ray) Tue, 4 Feb 2003 06:49:36 +0100 + +debootstrap (0.1.17.16) unstable; urgency=medium + + * NMU + * Drop aptitude from the sid script (base-config 1.51 dropped its dependency + on it) and libsigc++0 (which was only needed for aptitude). This makes + "pbuilder create --distribution sid" work again. (Closes: #177221, #177998). + + -- J.H.M. Dassen (Ray) Sun, 2 Feb 2003 20:41:35 +0100 + +debootstrap (0.1.17.15) unstable; urgency=low + + * NMU + * For gcc-transition, libgcc1 and libstdc++5 and gcc-3.2-base + required by groff-base, and potentially other packages compiled with + gcc-3.2. + + -- Junichi Uekawa Mon, 13 Jan 2003 15:39:55 +0900 + +debootstrap (0.1.17.14) unstable; urgency=low + + * NMU + * Remove debootstrap-udeb's dependency on retriever. + + -- Tollef Fog Heen Sat, 7 Dec 2002 14:53:52 +0100 + +debootstrap (0.1.17.13) unstable; urgency=low + + * NMU + * sarge: Removed shellutils, textutils and added coreutils instead. + Verified that the result works for "pbuilder create --distribution sarge" + (Closes: #163789) + Fileutils is still in there for now, due to sarge's debconf versioned + dependency on it. + + -- J.H.M. Dassen (Ray) Tue, 8 Oct 2002 23:17:47 +0200 + +debootstrap (0.1.17.12) unstable; urgency=low + + * NMU + * Fix shell variable quoting problem, to change $10 -> ${10} + (closes: #161468) + + -- Junichi Uekawa Sat, 21 Sep 2002 13:39:47 +0900 + +debootstrap (0.1.17.11) unstable; urgency=low + + * NMU + * sarge: added libdb1-compat. + + -- J.H.M. Dassen (Ray) Sat, 21 Sep 2002 00:37:36 +0200 + +debootstrap (0.1.17.10) unstable; urgency=low + + * NMU + * sid: Removed shellutils, fileutils, and added coreutils for required + target (closes: #161332) + * sid: change libperl5.6 to libperl5.8 (closes: #158606) + + -- Junichi Uekawa Wed, 18 Sep 2002 21:41:36 +0900 + +debootstrap (0.1.17.9) unstable; urgency=low + + * NMU + * Added "libdb1-compat" to sid and verified that the resulting package is + usable for "pbuilder create --distribution sid". + + -- J.H.M. Dassen (Ray) Sat, 14 Sep 2002 15:09:10 +0200 + +debootstrap (0.1.17.8) unstable; urgency=low + + * NMU + * The "it didn't change the way the installer worked" release. + * Makefile: create $(DESTDIR)/usr/share/man/man8 before attempting to + install a file to it (Closes: #139543) + * functions: fix race condition in smallyes() implementation; thanks to Matt + Zimmerman for the analysis. "Sometimes, dpkg finishes executing before + smallyes runs, and it loops forever while echo fails repeatedly due to the + broken pipe." To fix this race, we simply swap the loop condition and + body, so that if the echo fails, smallyes() exits cleanly. I further + changed "true" to ":" to save the expense of an extra process for shells + where "true" is not a built-in. + (Closes: #139529) + + -- Branden Robinson Thu, 29 Aug 2002 12:50:08 -0500 + +debootstrap (0.1.17.7) unstable; urgency=low + + * NMU + * Forked "sid" target from "sarge" target, changed "libcap0" to the now + current "libpcap0.7" and verified that the result works with pbuilder. + (Closes: #156574) + + -- J.H.M. Dassen (Ray) Wed, 21 Aug 2002 11:01:52 +0200 + +debootstrap (0.1.17.6) unstable; urgency=low + + * NMU + * add dselect to required (I found out that it is actually required + for pbuilder create to work) (closes: #154527) + * change DEBIAN_FRONTEND=Noninteractive to "noninteractive" (closes: #154794) + * add sh* patch from Yaegashi (closes: #155142) + + -- Junichi Uekawa Thu, 8 Aug 2002 19:23:04 +0900 + +debootstrap (0.1.17.5) unstable; urgency=low + + * NMU + * mistake in the last upload, sorry aj. + sid points to sarge, not woody. (closes: #149971) + + -- Junichi Uekawa Sat, 27 Jul 2002 17:22:05 +0900 + +debootstrap (0.1.17.4) unstable; urgency=low + + * NMU + * add "sarge" target (closes: #153957) + + -- Junichi Uekawa Tue, 23 Jul 2002 18:03:01 +0900 + +debootstrap (0.1.17.3) unstable; urgency=low + + * NMU + * Depend on binutils (closes: #138489) + * Sleep is optional (closes: #150468) + * POSIXify a bit more (closes: #150487) + * Add support for --components (closes: #116801) + + -- Tollef Fog Heen Thu, 20 Jun 2002 00:13:06 +0200 + +debootstrap (0.1.17.2) unstable; urgency=low + + * NMU + * Make sid script not a symlink from woody script + * add aptitude and libsigc++0 to base for sid. (closes: #149971) + + -- Junichi Uekawa Sat, 15 Jun 2002 12:46:11 +0900 + +debootstrap (0.1.17.1) unstable; urgency=low + + * NMU + * Add udeb support (closes: #143874) + + -- Tollef Fog Heen Tue, 28 May 2002 14:15:41 +0200 + +debootstrap (0.1.17) unstable; urgency=high + + * Includes changes from NMUs. Thanks to Stefan Gybas and Eduard Bloch. + (Closes: Bug#130764, Bug#135676, Bug#134306, Bug#133882, Bug#131768, + Bug#117980, Bug#133298, Bug#130668, Bug#111175, Bug#131147, Bug#95143, + Bug#130482) + + * Don't use PIPESTATUS to work out if wget succeeded, since that's a + bashism and we're seriously not allowed bashisms. Duh. This should + help with all those "Malformed release" problems. Thanks to Phil + Blundell and Chris Tillman for spotting this. (Closes: Bug#136729) + + * Apply patch from Matt Zimmerman to get rid of some irritating warnings + that can show up sometimes due to sed getting it's output stream closed + on it. (Closes: Bug#131478) + + * Don't use "export foo=bar" on a single line since it's a bashism. + (Closes: Bug#138187) + + * Made the "smallyes" usage independent of --boot-floppies. Too much + code duplication otherwise. + + * Install ipchains on arches that have 2.2.x kernels by default, and + iptables on arches that have 2.4.x kernels by default. Some arches + have both. (Closes: Bug#134478) + + * Don't rm malformed Release files, rename them to something obvious + instead so people can have a hope at seeing what's going on. (Closes: + Bug#131756) + + * Error out on missing entries in Release files. (Closes: Bug#136886) + + * Fix basedeb creation to not bother building devices tarball. (Closes: + Bug#137243) + + * Workaround for ldconfig no longer needed, so removed. (Closes: Bug#135819) + * Workaround for /dev/initctl was never needed and stupid, so removed. + + * Make sure devices.tar.gz is gzip -9'ed. (Closes: Bug#136687) + + * Use any "main" components found in Release file, eg "main", + "non-US/main", "local/main". (Closes: Bug#116801) + + * Add parted to base for ia64. (Closes: Bug#138246) + + * Moved the "successful!" message and sleep hack for boot-floppies from + the woody script to the debootstrap script itself. + + -- Anthony Towns Thu, 14 Mar 2002 18:28:24 +1000 + +debootstrap (0.1.16.4) unstable; urgency=low + + * NMU, needed for boot-floppies 3.0.20 + * Added cciss and ataraid device files, closes: #135675 + * Applied the patch from Matt Zimmermann to fix --include, closes: #134306 + * Mail suppression fixed in previous release, closes: #133882 + + -- Eduard Bloch Sun, 3 Mar 2002 12:21:19 +0100 + +debootstrap (0.1.16.3) unstable; urgency=low + + * non-maintainer-upload + * require newer makedev, fixes build problems on m86k and arm + * unsets $TMP, $TEMP and $TMPDIR in the beginning, closes: #131768, #117980 + * added gcc-2.96-base to ia64's required packages list, closes: #133298 + + -- Eduard Bloch Tue, 12 Feb 2002 19:30:47 +0100 + +debootstrap (0.1.16.2) unstable; urgency=low + + * non-maintainer-upload + * added modification suggested by Branden Robinson and Matt Kraai terminate + cat (now tail) better, closes: #130668 + * provides options to install additional packages, or exclude some from the + list. May be needed in boot-floppies soon. Closes: #111175, #131147 + * --verbose option, closes: #95143 + * added additional devices to the device list, especially input and usb + needed for modern device drivers (Joysticks, USB, Scanners) + * added pppoeconf to the packages list, better choice for DSL users + * forced remove of dev/initctl, prevents breaking on re-installation + + -- Eduard Bloch Mon, 28 Jan 2002 19:14:41 +0100 + +debootstrap (0.1.16.1) unstable; urgency=high + + * non-maintainer upload for boot-floppies 3.0.19 + * Fixed list of base and required packages for s390 + * setup_devices(): don't fail if devices.tar.gz is not present and we + are using devfs + * disable handling of /dev/initctl for boot-floppies, closes: #130482 + + -- Stefan Gybas Thu, 24 Jan 2002 15:17:42 +0100 + +debootstrap (0.1.16) unstable; urgency=low + + * Include NMUs 0.1.15.1 - .9, thanks to Adam di Carlo, Ethan Benson and + Bdale Garbee. (Closes: Bug#113265, Bug#119314, Bug#119251) + * Many bugs were fixed in the NMUs. Closes them properly. (Closes: + Bug#89673, Bug#97174, Bug#99229, Bug#105980, Bug#106062, Bug#106102, + Bug#106106, Bug#106134, Bug#106711, Bug#106877, Bug#107262, + Bug#107404, Bug#107447, Bug#109670, Bug#110312, Bug#111001, + Bug#111065, Bug#112778, Bug#112795, Bug#112842, Bug#113444, + Bug#114056, Bug#114653, Bug#115467, Bug#115481, Bug#115557, + Bug#115581, Bug#115699, Bug#116061, Bug#116424, Bug#119769, + Bug#119947, Bug#121724, Bug#123958, Bug#125954, Bug#126018, + Bug#126630, Bug#126799) + + * Informative error for people who type `--boot-floppies' when running + by hand. (Closes: Bug#107548) + * Create dev/initctl in target, and setup a cat process to dump anything + sent to it to /dev/null so that if init is run in the chroot, + it doesn't try doing anything too clever to talk to the real + init. (Closes: Bug#120597) + * Create awk symlink since base-files insists on having it available. + (Closes: Bug#127934) + + * Use DEBOOTSTRAP_DIR to work out where /usr/lib/debootstrap is. + * So, in theory, to create basedeb tarballs, you should be able to unpack + the source and say: + . + fakeroot debian/rules binary-basedebs SUITE=woody VERSION=3.0 \ + MIRROR="http://ftp.debian.org/debian" ARCHES="i386 powerpc" + (Closes: Bug#127546) + + -- Anthony Towns Sun, 20 Jan 2002 21:04:37 +1000 + +debootstrap (0.1.15.9) unstable; urgency=high + + * non-maintainer upload + * debian/rules: new 'basedebs' target that makes basedebs.tgz and 1.44 + split images for base per arch + * functions: better return value handling during wget (wgetprogress) + * repeat() had a useless eval, removed, which simplifies some silly + quoting + * incorrect error message in in_target_msg(), closes: #119769 + * debian/changelog: remove obsolete "local variables" + * additional progress message when validating the release file after + download + * when the downloaded release file is invalid, make sure to delete it + closes: #119947 + * debian/rules: minor fixes and cosmetics + * upgrade wget from Recommends to Depends, closes: #126799 + * depend on binutils, for 'ar', closes: #123958 + + -- Adam Di Carlo Fri, 4 Jan 2002 20:01:58 -0500 + +debootstrap (0.1.15.8) unstable; urgency=high + + * non-maintainer upload + * Fix progress bar hooks to enable proper progress on basedebs.tgz + installation as well as actual base installation and extraction. + * trap signals so cleanup is still performed. + * When in --boot-floppies mode echo a Success info message to stdout, so + it will show up on /dev/tty4, this is so users watching tty4 stop + being confused when things just stop at completion. + * Replace $TARGET/sbin/start-stop-daemon with a shell script instead of + /bin/true, this shell script announces that its a fake noop version so + users will know whats wrong if debootstrap aborts before completion. + + -- Ethan Benson Sat, 3 Nov 2001 23:14:08 -0900 + +debootstrap (0.1.15.7) unstable; urgency=high + + * non-maintainer upload + * when reporting errors in 'in_target', don't chop down to the first + 50 characters + * woody: when in boot-floppies mode, provide more user-friendly warning + messages, using new 'in_target_msg' function + * woody: more info messages for the core/required/base package + installation part + * instead of 'ln -s' we should be using 'ln -sf'; this would prevent + running debootstrap twice in the same target dir; closes: #111065 + * before mounting proc, umount it just in case; normally this shouldn't + be needed if on_exit is working all the time, but I find without this, + sometimes problems are caused + * woody/i386 needs psmisc for pcmcia-cs (critical bug!) + * --download-only mode can be run as non-root; closes: #116424 + * tested some problems which I couldn't reproduce + closes: #115699 + + -- Adam Di Carlo Wed, 24 Oct 2001 16:05:39 -0400 + +debootstrap (0.1.15.6) unstable; urgency=medium + + * non-maintainer upload + * smaller and wiser version of smallyes(), thanks to Herbert Xu + * woody base includes pcmcia-cs for i386 and powerpc (closes: #114653) + * wget progress bar support (closes: #116061) + + -- Adam Di Carlo Thu, 18 Oct 2001 15:14:02 -0400 + +debootstrap (0.1.15.5) unstable; urgency=high + + * From Ethan Benson: + * pipe yes output into dpkg runs inside install_debs() this way on_exit + works in --boot-floppies mode. (Closes: #112842, #115481) + * Add libpcap0 to base, ppp depends on it now. (Closes: #114056) + + * From Adam Di Carlo: + * Potato installation on non-i386 was broken, need libc6 + (closes: #112778); however, there are other ways the Potato base + install doesn't represent quite what Potato boot-floppies would + consider base + * apply patch from Tommi Virtanen which improves the 'smallyes' + function; apparently this fixes a console-tools postinst loop, + although I haven't seen that (closes: #115581) + * get rid of some line continuators in potato and woody scripts, they + were obscuring some problems + + -- Adam Di Carlo Mon, 15 Oct 2001 01:56:16 -0400 + +debootstrap (0.1.15.4) unstable; urgency=high + + * more fixed for the benefits of boot-floppies + * add telnetd on s390; yes, it's gross, but it's needed for + installation, to connect from the line mode console + closes: #112795 + + -- Adam Di Carlo Sun, 23 Sep 2001 16:11:03 -0400 + +debootstrap (0.1.15.3) unstable; urgency=high + + * Fix deficient command line option parsing, optional arguments no + longer have to be declared in a specific order, for example before you + could not put --arch before --download-only, now you can. + * Add --help option and useful help output. + * Stop using dirname, basename, and yes, they are being removed from + busybox. + * Fix many many quoting bugs. + * Fix debootstrap man page (Closes: #107404, #109670) + * Add ftp support (Closes: #110312) + * Don't waste time downloading useless non-free/contrib (Closes: #89673) + * Path cleanup (Closes: #97174) + * Add pppconfig to woody base (Closes: #111001) + * Remove syslinux from base (Closes: #107447) + * Eliminate useless warning about creating exim.conf (Closes: #99229) + * Don't use "here documents" (they create tmp files in /tmp which could + be very well be full on boot-floppies). + * Don't use echo -n it is not portable. + * Set umask to 022. + * All patches from Ethan Benson, I am just the builder! + These have been tested with boot-floppies and work properly. + + -- Adam Di Carlo Sat, 22 Sep 2001 12:30:02 -0400 + +debootstrap (0.1.15.2) unstable; urgency=low + + * quoting required in one place for the new ash (Closes: Bug#106062) + * s390 support (Closes: Bug#107262) + * remove some packages from Woody's base that aren't needed: + - update (not needed with modern kernels, Closes: Bug#106877) + - syslinux (Closes: Bug#107477) + - ldso (should be pulled in by libc6, Closes: Bug#106102) + * kinks in mipsel base worked themselves out (Closes: Bug#106711) + + -- Adam Di Carlo Wed, 8 Aug 2001 12:04:40 -0400 + +debootstrap (0.1.15.1) unstable; urgency=low + + * add efibootmgr on ia64, as per bug 105980. + + -- Bdale Garbee Fri, 3 Aug 2001 14:13:23 -0600 + +debootstrap (0.1.15) unstable; urgency=low + + * Do progress indications (by bytes) for Packages downloads and .deb + downloads. (Closes: Bug#101886) + * Don't use seq. Silly busybox. + * Add pppoe to base. (Closes: Bug#102378) + * No point keeping around the "sid.is-broken" file. + + -- Anthony Towns Wed, 27 Jun 2001 21:29:29 +1000 + +debootstrap (0.1.14) unstable; urgency=low + + * Make in_target_nofail kill stderr. No more "/dev/pts: not mounted" error. + Yay. :) + + * Refactor woody, potato and slink scripts; do away with + woody.debs. Change the way the scripts work. (Now they define + functions which debootstrap calls. Much nicer) + * Support --download-only option. + * Support resuming downloads of Release and Packages files, even gzipped + ones. + * Support null: (Packages files assumed to be named for a debootstrap.invalid + host) + * Always use the deboostrap.invalid name, and use that in + /etc/apt/sources.list. Remove /etc/apt/sources.list after the base + system is build. + * All this should be enough to support basedeb.tgz installs on + debootstrap's behalf. Some more stuff would be useful, but isn't + immediately necessary. (Closes: Bug#102217) + + * Add ia64 support and fix libc6 == libc6.1 problem. (Closes: Bug#101829) + + * Be a little more careful with permissions on devs tarball. Hopefully. + (Closes: Bug#102308) + + * Don't worry if md5sum from stdin adds a " -" after the md5sum. Should + make debootstrap more usable on non-Debian Linuxes. + + -- Anthony Towns Mon, 25 Jun 2001 18:38:35 +1000 + +debootstrap (0.1.13) unstable; urgency=low + + * Add symlink for sid.debs. + * Fix the special casing for hppa. (Closes: Bug#101604) + * Remove groff from base. (Closes: Bug#101173) + * Retry partially successful downloads a couple of times. + (Closes: Bug#101476) + * Minor wording changes wrt downloading Release file (Closes: Bug#101705) + + -- Anthony Towns Thu, 21 Jun 2001 12:08:10 +1000 + +debootstrap (0.1.12) unstable; urgency=high + + * Split determination of base into a separate script to enable further + innovation! Come on, tell me that doesn't excite you! + + * Add groff-base to base. (Closes: Bug#100112, Bug#100123) + * Remove libstdc++2.10 and some other hopefully unnecessary debs + (Closes: Bug#99708) + + * Remove lilo.conf special casing. Change some warnings to info messages. + + -- Anthony Towns Sun, 10 Jun 2001 01:22:12 +1000 + +debootstrap (0.1.11) unstable; urgency=low + + * Add dhcp-client to base. (Closes: Bug#100083) + + -- Anthony Towns Sat, 9 Jun 2001 00:11:26 +1000 + +debootstrap (0.1.10) unstable; urgency=low + + * Don't abort build on devfs systems: the makedev we build-dep on should + be recent enough. (Closes: Bug#97713) + * Check for malformed release files. Thanks to Martin Michlmayr for the + patch. (Closes: Bug#97707) + * Use --force-confold when installing base. That is: if you want the + conffile from the package to be there at the end, don't create a + file in the first place. I'm not convinced this is right. + (Closes: Bug#99025) + + -- Anthony Towns Mon, 28 May 2001 14:43:07 +1000 + +debootstrap (0.1.9) unstable; urgency=low + + * Abort build on devfs systems (MAKEDEV fails for no good reason) + (Closes: Bug#97713) + + * Add support for mips and mipsel (Closes: Bug#97711) + * Add some support for hppa (install palo in base) + + * Don't install ldso (Closes: Bug#97708) + * Don't install libopenldap1 or libopenldap-runtime (replaced by libldap2) + (Closes: Bug#98050) + * Do install libdb3 and libcap1. + * Install klogd too. (But only as part of base. Move sysklogd to base too) + + * Setup a dummy lilo.conf on i386 only. (Closes: Bug#97710, Bug#98052) + + * Trim a trailing / for target and url. + + -- Anthony Towns Sun, 20 May 2001 13:33:34 +1000 + +debootstrap (0.1.8) unstable; urgency=low + + * Add adduser and base-config into base. base-config unfortunately depends + on perl instead of perl-base. (Closes: Bug#96439) + * Force LANG=C. Need to work out how i18n should be handled. + * Kludge potato install so it's noninteractive. Thanks to Colin Watson + for the patch. (Closes: Bug#94441) + * Get rid of dh_testversion. + * Make a sid script (just a symlink to the woody script). + + -- Anthony Towns Wed, 9 May 2001 20:33:00 +1000 + +debootstrap (0.1.7) unstable; urgency=low + + * Don't worry if umounting /dev/pts fails. + * Add debootstrap(8) manpage, thanks to Matt Kraai. (Closes: Bug#86238) + * Add a blank line to the end of the faked /var/lib/dpkg/status. Spotted + by Richard Hirst. + * Added console-tools and console-data into the base system. + * Move /etc/exim.conf to /etc/exim/exim.conf so that sendmail doesn't + give errors, even if debconf tries to use it before exim is + configured. Gack. + * Add fdutils back into base. + + -- Anthony Towns Mon, 30 Apr 2001 15:49:27 +1000 + +debootstrap (0.1.6) unstable; urgency=low + + * Only create stuff in /etc if it hasn't already been created. + + -- Anthony Towns Mon, 23 Apr 2001 18:02:55 +1000 + +debootstrap (0.1.5) unstable; urgency=low + + * Use "head -n X" instead of "head -X" to work with busybox. + (Closes: Bug#94575) + * Use s///I instead of s///i for case insensitivity, again for busybox. + (Closes: Bug#94579) + * Fixed typo that would have stopped debootstrap from falling back to an + uncompressed Packages file. + * Added libsasl7 and libldap2 to woody base, since woody exim now depends + on them. + + -- Anthony Towns Sun, 22 Apr 2001 01:47:00 +1000 + +debootstrap (0.1.4) unstable; urgency=low + + * If we've got a Release file, check that the Packages files we download + have the right md5sums. + * Build-Depend on new makedev, and don't hax0r powerpc devices as much. + (Closes: Bug#93836) + * Hopefully support arm chroots. (Closes: Bug#92592) Declare it to be + Arch: any, and see what dies. There's a chance that nothing will. Not + a *big* chance, but a chance. + * Fiddled with the base system some more. Added apt-utils so + preconfiguration will work. + * Added permission to NMU to the README.Debian. + * Mention file:/ URLs in README.Debian. (Closes: Bug#87099) + * Add a --boot-floppies option that changes the way the I/O happens, in + a way that's hopefully useful for boot-floppies. See README.Debian for + details. + * Also added a bit more output. + + -- Anthony Towns Mon, 26 Mar 2001 22:30:12 +1000 + +debootstrap (0.1.3) unstable; urgency=high + + * Switch from debconf-tiny to debconf, since that's what's now in + woody. (Using debconf-tiny probably makes the package unusable, hence + the urgency) Fixup perl, lilo and console-apt to cope with changes in + the base system in woody. Added ae, left nano and nvi. + * Add support for m68k, sparc and powerpc, based on Christian Steigies + patches and Adam Di Carlo's NMU (Closes: Bug#89883, Bug#91221) + + -- Anthony Towns Sun, 25 Mar 2001 14:29:02 +1000 + +debootstrap (0.1.2) unstable; urgency=low + + * Add support for slink. + * Fix support for woody (no lilo, console-*, different perl) + * Re-download Packages files every time (Closes: Bug#88438) + (Should this be changed to re-download things where the md5 doesn't match?) + + -- Anthony Towns Sun, 4 Mar 2001 19:42:29 +1000 + +debootstrap (0.1.1) unstable; urgency=low + + * Initial Release. (Closes: Bug#82245) + + * Called it debootstrap instead of debchroot, because it's more about + bootstrapping a Debian environment, whether that will end up being + in a chroot, or as a standalone system. Blame Adam di Carlo. :) + + -- Anthony Towns Tue, 30 Jan 2001 10:54:45 +1000 diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/compat b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/compat new file mode 100644 index 00000000..ec635144 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/compat @@ -0,0 +1 @@ +9 diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/control b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/control new file mode 100644 index 00000000..6925a63c --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/control @@ -0,0 +1,26 @@ +Source: debootstrap +Section: admin +Priority: extra +Maintainer: Franco (nextime) Lanza +Uploaders: Franco (nextime) Lanza , Daniel Reurich +Build-Depends: debhelper (>= 9), makedev (>= 2.3.1-69) [linux-any], git +Standards-Version: 3.9.8 +Vcs-Browser: https://git.devuan.org/devuan-packages/debootstrap +Vcs-Git: https://git.devuan.org/devuan-packages/debootstrap.git + +Package: debootstrap +Architecture: all +Depends: ${misc:Depends}, wget +Recommends: gnupg, ${keyring}, devuan-keyring +Description: Bootstrap a basic Devuan system + debootstrap is used to create a Devuan base system from scratch, + without requiring the availability of dpkg or apt. It does this by + downloading .deb files from a mirror site, and carefully unpacking them + into a directory which can eventually be chrooted into. + +Package: debootstrap-udeb +Section: debian-installer +Package-Type: udeb +Architecture: all +Depends: ${misc:Depends}, mounted-partitions +Description: Bootstrap the Devuan system diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/copyright b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/copyright new file mode 100644 index 00000000..b34963b1 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/copyright @@ -0,0 +1,30 @@ +This package was debianized by Anthony Towns on +Tue, 30 Jan 2001 10:54:45 +1000. + +It was written from scratch for Debian by Anthony Towns +based loosely on the code for constructing base tarballs as part of the +boot-floppies package. + +Copyright: + +Copyright (c) 2001-2005 Anthony Towns + + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, + TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/debootstrap.docs b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/debootstrap.docs new file mode 100644 index 00000000..e845566c --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/debootstrap.docs @@ -0,0 +1 @@ +README diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/debootstrap.manpages b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/debootstrap.manpages new file mode 100644 index 00000000..d6a5e4ac --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/debootstrap.manpages @@ -0,0 +1 @@ +debootstrap.8 diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/gbp.conf b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/gbp.conf new file mode 100644 index 00000000..ac8e799c --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/gbp.conf @@ -0,0 +1,9 @@ +[DEFAULT] +compression = xz +pristine-tar = false +upstream-tag = devuan/1.0.85 + +[git-buildpackage] +upstream-tree = tag +tarball-dir = ../tarballs/ +export-dir = ../build-area/ diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/rules b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/rules new file mode 100755 index 00000000..23bc4a61 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/rules @@ -0,0 +1,47 @@ +#! /usr/bin/make -f + +ifeq (0,$(shell dpkg-vendor --derives-from Ubuntu; echo $$?)) + KEYRING := ubuntu-keyring +else ifeq (0,$(shell dpkg-vendor --derives-from Devuan; echo $$?)) + KEYRING := devuan-keyring +else ifeq (0,$(shell dpkg-vendor --derives-from Tanglu; echo $$?)) + KEYRING := tanglu-archive-keyring +else + KEYRING := debian-archive-keyring +endif + +%: + dh $@ + +# need to be root to make devices, so build is done in install target +override_dh_auto_build: + +override_dh_auto_install: + dh_auto_build + + $(MAKE) install DESTDIR=$(CURDIR)/debian/debootstrap + $(MAKE) install DESTDIR=$(CURDIR)/debian/debootstrap-udeb + + # remove scripts not needed by d-i + -rm -f debian/debootstrap-udeb/usr/share/debootstrap/scripts/potato \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/woody \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/sarge \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/warty \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/hoary \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/breezy \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/dapper \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/edgy \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/feisty \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/*.buildd \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/*.fakechroot \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/stable \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/testing \ + debian/debootstrap-udeb/usr/share/debootstrap/scripts/unstable + +override_dh_gencontrol: + dh_gencontrol -- -Vkeyring=$(KEYRING) + +# Specify gzip to mitigate #770217: +override_dh_builddeb: + dh_builddeb -pdebootstrap -- -Zgzip + dh_builddeb -pdebootstrap-udeb -- -Zxz diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debian/source/format b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/source/format new file mode 100644 index 00000000..af745b31 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debian/source/format @@ -0,0 +1 @@ +3.0 (git) diff --git a/cdist/preos/debootstrap/files/devuan-debootstrap/debootstrap b/cdist/preos/debootstrap/files/devuan-debootstrap/debootstrap new file mode 100755 index 00000000..71c70540 --- /dev/null +++ b/cdist/preos/debootstrap/files/devuan-debootstrap/debootstrap @@ -0,0 +1,703 @@ +#!/bin/sh +set -e + +VERSION='@VERSION@' + +unset TMP TEMP TMPDIR || true + +# might not be exported if we're running from init=/bin/sh or similar +export PATH + +########################################################################### + +if [ -z "$DEBOOTSTRAP_DIR" ]; then + if [ -x /debootstrap/debootstrap ]; then + DEBOOTSTRAP_DIR=/debootstrap + else + DEBOOTSTRAP_DIR=/usr/share/debootstrap + fi +fi + +. $DEBOOTSTRAP_DIR/functions +exec 4>&1 + +LANG=C +USE_COMPONENTS=main +KEYRING="" +DISABLE_KEYRING="" +FORCE_KEYRING="" +VARIANT="" +MERGED_USR="no" +ARCH="" +HOST_ARCH="" +HOST_OS="" +KEEP_DEBOOTSTRAP_DIR="" +USE_DEBIANINSTALLER_INTERACTION="" +SECOND_STAGE_ONLY="" +PRINT_DEBS="" +CHROOTDIR="" +MAKE_TARBALL="" +EXTRACTOR_OVERRIDE="" +UNPACK_TARBALL="" +ADDITIONAL="" +EXCLUDE="" +VERBOSE="" +CERTIFICATE="" +CHECKCERTIF="" +PRIVATEKEY="" + + +DEF_MIRROR="http://packages.devuan.org/merged" +DEF_HTTPS_MIRROR="https://packages.devuan.org/merged" + +export LANG USE_COMPONENTS EXCLUDE +umask 022 + +########################################################################### + +## phases: +## finddebs dldebs printdebs first_stage second_stage + +RESOLVE_DEPS=true + +WHAT_TO_DO="finddebs dldebs first_stage second_stage" +am_doing_phase () { + # usage: if am_doing_phase finddebs; then ...; fi + local x; + for x in "$@"; do + if echo " $WHAT_TO_DO " | grep -q " $x "; then return 0; fi + done + return 1 +} + +########################################################################### + +usage_err() +{ + info USAGE1 "usage: [OPTION]... [ [