Merge branch 'maint' into master

Signed-off-by: Sol Jerome <sol.jerome@gmail.com> Conflicts: doc/appendix/guides/import-existing-ssh-keys.txt misc/bcfg2.spec src/lib/Bcfg2/Client/Tools/VCS.py src/lib/Bcfg2/Client/Tools/YUM.py src/lib/Bcfg2/Encryption.py src/lib/Bcfg2/Reporting/Collector.py src/lib/Bcfg2/Reporting/Storage/DjangoORM.py src/lib/Bcfg2/Server/Core.py src/lib/Bcfg2/Server/FileMonitor/__init__.py src/lib/Bcfg2/Server/Lint/RequiredAttrs.py src/lib/Bcfg2/Server/Plugin/helpers.py src/lib/Bcfg2/Server/Plugins/Metadata.py src/lib/Bcfg2/Server/Plugins/Packages/Yum.py src/lib/Bcfg2/Server/Plugins/Packages/__init__.py src/lib/Bcfg2/settings.py src/sbin/bcfg2-crypt src/sbin/bcfg2-reports src/sbin/bcfg2-yum-helper testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/TestAugeas.py
author: Sol Jerome <sol.jerome@gmail.com> 2014-04-16 10:16:29 -0500
committer: Sol Jerome <sol.jerome@gmail.com> 2014-04-16 10:16:29 -0500
commit: d510e918e41b7b2b7b0b9351a40eab2794b49c83 (patch)
tree: 250715ab112c10612ee131925ad07b68591c09f3 /src/lib/Bcfg2/Server/Lint
parent: 9ebdcdb2f7718ae9203b20dafea4bca9f310ed75 (diff)
parent: 24a261f842a4bc1d4dc125fad0f43343d5d4c9d8 (diff)
download: bcfg2-d510e918e41b7b2b7b0b9351a40eab2794b49c83.tar.gz
bcfg2-d510e918e41b7b2b7b0b9351a40eab2794b49c83.tar.bz2
bcfg2-d510e918e41b7b2b7b0b9351a40eab2794b49c83.zip
3 files changed, 64 insertions, 3 deletions
diff --git a/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py b/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py
index 109ace61f..22c97a0fe 100644
--- a/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py
+++ b/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py
@@ -123,12 +123,30 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin):
 
     @classmethod
     def Errors(cls):
-        return {"unknown-entry-type": "error",
+        return {"missing-elements": "error",
+                "unknown-entry-type": "error",
                 "unknown-entry-tag": "error",
                 "required-attrs-missing": "error",
                 "required-attr-format": "error",
                 "extra-attrs": "warning"}
 
+    def check_default_acl(self, path):
+        """ Check that a default ACL contains either no entries or minimum
+        required entries """
+        defaults = 0
+        if path.xpath("ACL[@type='default' and @scope='user' and @user='']"):
+            defaults += 1
+        if path.xpath("ACL[@type='default' and @scope='group' and @group='']"):
+            defaults += 1
+        if path.xpath("ACL[@type='default' and @scope='other']"):
+            defaults += 1
+        if defaults > 0 and defaults < 3:
+            self.LintError(
+                "missing-elements",
+                "A Path must have either no default ACLs or at"
+                " least default:user::, default:group:: and"
+                " default:other::")
+
     def check_packages(self):
         """ Check Packages sources for Source entries with missing
         attributes. """
@@ -172,7 +190,7 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin):
                                               rules.name))
 
     def check_bundles(self):
-        """ Check bundles for BoundPath entries with missing
+        """ Check bundles for BoundPath and BoundPackage entries with missing
         attrs. """
         if 'Bundler' not in self.core.plugins:
             return
@@ -192,6 +210,15 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin):
                             "required-attrs-missing",
                             "Path tags require either a 'name' or 'glob' "
                             "attribute: \n%s" % self.RenderXML(path))
+                # ensure that abstract Package tags have either name
+                # or group specified
+                for package in xdata.xpath("//Package"):
+                    if ('name' not in package.attrib and
+                        'group' not in package.attrib):
+                        self.LintError(
+                            "required-attrs-missing",
+                            "Package tags require either a 'name' or 'group' "
+                            "attribute: \n%s" % self.RenderXML(package))
 
     def check_entry(self, entry, filename):
         """ Generic entry check.
@@ -231,6 +258,9 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin):
                     required_attrs['major'] = is_device_mode
                     required_attrs['minor'] = is_device_mode
 
+            if tag == 'Path':
+                self.check_default_acl(entry)
+
             if tag == 'ACL' and 'scope' in required_attrs:
                 required_attrs[entry.get('scope')] = is_username
 
diff --git a/src/lib/Bcfg2/Server/Lint/Validate.py b/src/lib/Bcfg2/Server/Lint/Validate.py
index 3ad78ade4..0b3f1e24d 100644
--- a/src/lib/Bcfg2/Server/Lint/Validate.py
+++ b/src/lib/Bcfg2/Server/Lint/Validate.py
@@ -90,6 +90,7 @@ class Validate(Bcfg2.Server.Lint.ServerlessPlugin):
                 "xml-failed-to-parse": "error",
                 "xml-failed-to-read": "error",
                 "xml-failed-to-verify": "error",
+                "xinclude-does-not-exist": "error",
                 "input-output-error": "error"}
 
     def check_properties(self):
@@ -115,6 +116,7 @@ class Validate(Bcfg2.Server.Lint.ServerlessPlugin):
         try:
             xdata = lxml.etree.parse(filename)
             if self.files is None:
+                self._expand_wildcard_xincludes(xdata)
                 xdata.xinclude()
             return xdata
         except (lxml.etree.XIncludeError, SyntaxError):
@@ -132,6 +134,33 @@ class Validate(Bcfg2.Server.Lint.ServerlessPlugin):
                            "Failed to open file %s" % filename)
             return False
 
+    def _expand_wildcard_xincludes(self, xdata):
+        """ a lightweight version of
+        :func:`Bcfg2.Server.Plugin.helpers.XMLFileBacked._follow_xincludes` """
+        xinclude = '%sinclude' % Bcfg2.Server.XI_NAMESPACE
+        for el in xdata.findall('//' + xinclude):
+            name = el.get("href")
+            if name.startswith("/"):
+                fpath = name
+            else:
+                fpath = os.path.join(os.path.dirname(xdata.docinfo.URL), name)
+
+            # expand globs in xinclude, a bcfg2-specific extension
+            extras = glob.glob(fpath)
+            if not extras:
+                msg = "%s: %s does not exist, skipping: %s" % \
+                      (xdata.docinfo.URL, name, self.RenderXML(el))
+                if el.findall('./%sfallback' % Bcfg2.Server.XI_NAMESPACE):
+                    self.logger.debug(msg)
+                else:
+                    self.LintError("xinclude-does-not-exist", msg)
+
+            parent = el.getparent()
+            parent.remove(el)
+            for extra in extras:
+                if extra != xdata.docinfo.URL:
+                    lxml.etree.SubElement(parent, xinclude, href=extra)
+
     def validate(self, filename, schemafile, schema=None):
         """ Validate a file against the given schema.
 
diff --git a/src/lib/Bcfg2/Server/Lint/ValidateJSON.py b/src/lib/Bcfg2/Server/Lint/ValidateJSON.py
index 04151d764..6383a3c99 100644
--- a/src/lib/Bcfg2/Server/Lint/ValidateJSON.py
+++ b/src/lib/Bcfg2/Server/Lint/ValidateJSON.py
@@ -10,7 +10,9 @@ import Bcfg2.Server.Lint
 
 try:
     import json
-except ImportError:
+    # py2.4 json library is structured differently
+    json.loads  # pylint: disable=W0104
+except (ImportError, AttributeError):
     import simplejson as json
author	Sol Jerome <sol.jerome@gmail.com>	2014-04-16 10:16:29 -0500
committer	Sol Jerome <sol.jerome@gmail.com>	2014-04-16 10:16:29 -0500
commit	d510e918e41b7b2b7b0b9351a40eab2794b49c83 (patch)
tree	250715ab112c10612ee131925ad07b68591c09f3 /src/lib/Bcfg2/Server/Lint
parent	9ebdcdb2f7718ae9203b20dafea4bca9f310ed75 (diff)
parent	24a261f842a4bc1d4dc125fad0f43343d5d4c9d8 (diff)
download	bcfg2-d510e918e41b7b2b7b0b9351a40eab2794b49c83.tar.gz bcfg2-d510e918e41b7b2b7b0b9351a40eab2794b49c83.tar.bz2 bcfg2-d510e918e41b7b2b7b0b9351a40eab2794b49c83.zip