diff options
30 files changed, 109 insertions, 72 deletions
@@ -13,7 +13,7 @@ Computer Science Division of Argonne National Laboratory. Bcfg2 is fairly portable. It has been successfully run on: * AIX, FreeBSD, OpenBSD Mac OS X, OpenSolaris, Solaris -* Many GNU/Linux distributions, including ArchLinux, Blag, CentOS, +* Many GNU/Linux distributions, including Arch Linux, Blag, CentOS, Debian, Fedora, Gentoo, gNewSense, Mandriva, openSUSE, Red Hat/RHEL, SuSE/SLES, Trisquel, and Ubuntu. diff --git a/doc/appendix/guides/ubuntu.txt b/doc/appendix/guides/ubuntu.txt index 24bebf023..fde795594 100644 --- a/doc/appendix/guides/ubuntu.txt +++ b/doc/appendix/guides/ubuntu.txt @@ -326,7 +326,7 @@ done for us.:: root@saucy:/var/lib/bcfg2# bcfg2 -vqdn Configured logging: DEBUG to console; DEBUG to syslog - {'help': False, 'extra': False, 'ppath': '/var/cache/bcfg2', 'ca': '/etc/ssl/bcfg2.crt', 'rpm_version_fail_action': 'upgrade', 'yum_version_fail_action': 'upgrade', 'retry_delay': '1', 'posix_uid_whitelist': [], 'rpm_erase_flags': ['allmatches'], 'verbose': True, 'certificate': '/etc/ssl/bcfg2.crt', 'paranoid': False, 'rpm_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'cache': None, 'yum24_autodep': True, 'yum_pkg_verify': True, 'probe_timeout': None, 'yum_installed_action': 'install', 'rpm_verify_fail_action': 'reinstall', 'dryrun': True, 'retries': '3', 'apt_install_path': '/usr', 'quick': True, 'password': 'secret', 'yum24_installed_action': 'install', 'kevlar': False, 'max_copies': 1, 'syslog': True, 'decision_list': False, 'configfile': '/etc/bcfg2.conf', 'remove': None, 'server': 'https://saucy:6789', 'encoding': 'UTF-8', 'timeout': 90, 'debug': True, 'yum24_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'yum24_erase_flags': ['allmatches'], 'yum24_pkg_checks': True, 'interactive': False, 'apt_etc_path': '/etc', 'rpm_installed_action': 'install', 'yum24_verify_fail_action': 'reinstall', 'omit_lock_check': False, 'yum24_pkg_verify': True, 'serverCN': None, 'file': None, 'apt_var_path': '/var', 'posix_gid_whitelist': [], 'posix_gid_blacklist': [], 'indep': False, 'decision': 'none', 'servicemode': 'default', 'version': False, 'rpm_pkg_checks': True, 'profile': None, 'yum_pkg_checks': True, 'args': [], 'bundle': [], 'posix_uid_blacklist': [], 'user': 'root', 'key': '/etc/ssl/bcfg2.key', 'command_timeout': None, 'probe_exit': True, 'lockfile': '/var/lock/bcfg2.run', 'yum_verify_fail_action': 'reinstall', 'yum24_version_fail_action': 'upgrade', 'yum_verify_flags': [], 'logging': None, 'rpm_pkg_verify': True, 'bundle_quick': False, 'rpm_verify_flags': [], 'yum24_verify_flags': [], 'skipindep': False, 'skipbundle': [], 'portage_binpkgonly': False, 'drivers': ['APK', 'APT', 'Action', 'Blast', 'Chkconfig', 'DebInit', 'Encap', 'FreeBSDInit', 'FreeBSDPackage', 'IPS', 'MacPorts', 'OpenCSW', 'POSIX', 'POSIXUsers', 'Pacman', 'Portage', 'RPM', 'RPMng', 'RcUpdate', 'SELinux', 'SMF', 'SYSV', 'Systemd', 'Upstart', 'VCS', 'YUM', 'YUM24', 'YUMng', 'launchd']} + {'help': False, 'extra': False, 'ppath': '/var/cache/bcfg2', 'ca': '/etc/ssl/bcfg2.crt', 'rpm_version_fail_action': 'upgrade', 'yum_version_fail_action': 'upgrade', 'retry_delay': '1', 'posix_uid_whitelist': [], 'rpm_erase_flags': ['allmatches'], 'verbose': True, 'certificate': '/etc/ssl/bcfg2.crt', 'paranoid': False, 'rpm_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'cache': None, 'yum24_autodep': True, 'yum_pkg_verify': True, 'probe_timeout': None, 'yum_installed_action': 'install', 'rpm_verify_fail_action': 'reinstall', 'dryrun': True, 'retries': '3', 'apt_install_path': '/usr', 'quick': True, 'password': 'secret', 'yum24_installed_action': 'install', 'kevlar': False, 'max_copies': 1, 'syslog': True, 'decision_list': False, 'configfile': '/etc/bcfg2.conf', 'remove': None, 'server': 'https://saucy:6789', 'encoding': 'UTF-8', 'timeout': 90, 'debug': True, 'yum24_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'yum24_erase_flags': ['allmatches'], 'yum24_pkg_checks': True, 'interactive': False, 'apt_etc_path': '/etc', 'rpm_installed_action': 'install', 'yum24_verify_fail_action': 'reinstall', 'omit_lock_check': False, 'yum24_pkg_verify': True, 'serverCN': None, 'file': None, 'apt_var_path': '/var', 'posix_gid_whitelist': [], 'posix_gid_blacklist': [], 'indep': False, 'decision': 'none', 'service_mode': 'default', 'version': False, 'rpm_pkg_checks': True, 'profile': None, 'yum_pkg_checks': True, 'args': [], 'bundle': [], 'posix_uid_blacklist': [], 'user': 'root', 'key': '/etc/ssl/bcfg2.key', 'command_timeout': None, 'probe_exit': True, 'lockfile': '/var/lock/bcfg2.run', 'yum_verify_fail_action': 'reinstall', 'yum24_version_fail_action': 'upgrade', 'yum_verify_flags': [], 'logging': None, 'rpm_pkg_verify': True, 'bundle_quick': False, 'rpm_verify_flags': [], 'yum24_verify_flags': [], 'skipindep': False, 'skipbundle': [], 'portage_binpkgonly': False, 'drivers': ['APK', 'APT', 'Action', 'Blast', 'Chkconfig', 'DebInit', 'Encap', 'FreeBSDInit', 'FreeBSDPackage', 'IPS', 'MacPorts', 'OpenCSW', 'POSIX', 'POSIXUsers', 'Pacman', 'Portage', 'RPM', 'RPMng', 'RcUpdate', 'SELinux', 'SMF', 'SYSV', 'Systemd', 'Upstart', 'VCS', 'YUM', 'YUM24', 'YUMng', 'launchd']} Starting Bcfg2 client run at 1374191628.88 Running probe groups Running: /tmp/tmpEtgdwo diff --git a/doc/installation/distributions.txt b/doc/installation/distributions.txt index 5dad4d860..6abf438f0 100644 --- a/doc/installation/distributions.txt +++ b/doc/installation/distributions.txt @@ -22,16 +22,14 @@ Just use `apk` to perform the installation :: .. _Alpine Linux: http://www.alpinelinux.org/ .. _testing: http://git.alpinelinux.org/cgit/aports/tree/testing/bcfg2 -ArchLinux -========= +Arch Linux +========== Packages for `Arch Linux`_ are available in the Arch User Repository (AUR_). -Just use `pacman` to perform the installation :: - - pacman -S bcfg2 bcfg2-server +The bcfg2 package includes bcfg2-server. .. _Arch Linux: http://www.archlinux.org/ -.. _AUR: http://aur.archlinux.org/packages.php?ID=20979 +.. _AUR: http://aur.archlinux.org/packages/bcfg2 Debian ====== diff --git a/doc/introduction/os-support.txt b/doc/introduction/os-support.txt index 881fdc6dd..42591b627 100644 --- a/doc/introduction/os-support.txt +++ b/doc/introduction/os-support.txt @@ -17,13 +17,13 @@ Bcfg2 is fairly portable. It has been successfully run on: .. _OpenSolaris: http://opensolaris.org/ .. _Solaris: http://www.sun.com/software/solaris/ -* Many `GNU/Linux`_ distributions, including `Archlinux`_, `Blag`_, `CentOS`_, +* Many `GNU/Linux`_ distributions, including `Arch Linux`_, `Blag`_, `CentOS`_, `Debian`_, `Fedora`_, `Gentoo`_, `gNewSense`_, `Mandriva`_, `OpenSUSE`_, `Red Hat/RHEL`_, `Scientific Linux`_, `SuSE/SLES`_, `Trisquel`_, and `Ubuntu`_. .. _GNU/Linux: http://www.gnu.org/gnu/Linux-and-gnu.html -.. _Archlinux: http://www.archlinux.org +.. _Arch Linux: http://www.archlinux.org .. _Blag: http://www.blagblagblag.org/ .. _CentOS: http://www.centos.org/ .. _Debian: http://www.debian.org/ diff --git a/doc/server/encryption.txt b/doc/server/encryption.txt index db5e2ae29..c186bc31d 100644 --- a/doc/server/encryption.txt +++ b/doc/server/encryption.txt @@ -225,16 +225,17 @@ be able to decrypt everything.) In this case, you want to enable lax decryption in the ``[encryption]`` section of ``bcfg2.conf``:: [encryption] - decrypt = lax + lax_decryption = true This causes a failed decrypt to produce a warning only, not an error. This can be overridden by individual XML files by setting -``decrypt="strict"`` on the top-level tag (or, vice-versa; if strict -is the default an XML file can specify ``decrypt="lax"``. +``lax_decryption="false"`` on the top-level tag (or, vice-versa; if +strict is the default an XML file can specify +``lax_decryption="true"``. Note that you could, for instance, set lax decryption by default, and -then set strict decryption on individual files. +then disable it on individual files. Encryption API ============== diff --git a/doc/server/plugins/connectors/grouplogic.txt b/doc/server/plugins/connectors/grouplogic.txt index abf425202..dc59e4e0e 100644 --- a/doc/server/plugins/connectors/grouplogic.txt +++ b/doc/server/plugins/connectors/grouplogic.txt @@ -92,9 +92,9 @@ generate the tedious config: .. code-block:: xml <GroupLogic xmlns:py="http://genshi.edgewall.org/"> - <py:for each="component in metadata.query.all_groups_in_category("webapp-component")> + <py:for each="component in metadata.query.all_groups_in_category('webapp-component')"> <Group name="${component}"> - <py:for each="env in metadata.query.all_groups_in_category("environment")> + <py:for each="env in metadata.query.all_groups_in_category('environment')"> <Group name="${env}"> <Group name="${component}-${env}"/> </Group> diff --git a/doc/server/plugins/generators/cfg.txt b/doc/server/plugins/generators/cfg.txt index 7e7a7c72e..026c33ba2 100644 --- a/doc/server/plugins/generators/cfg.txt +++ b/doc/server/plugins/generators/cfg.txt @@ -488,7 +488,7 @@ complex: .. code-block:: xml - <PrivateKey category="environment"/> + <PrivateKey category="environment"> <Params bits="1024" type="dsa"/> <Group name="secure"> <Passphrase encrypted="secure">U2FsdGVkX19xACol83uyPELP94s4CmngD12oU6PLLuE=</Passphrase> diff --git a/doc/server/plugins/grouping/ldap.txt b/doc/server/plugins/grouping/ldap.txt index 96e224761..af18680d2 100644 --- a/doc/server/plugins/grouping/ldap.txt +++ b/doc/server/plugins/grouping/ldap.txt @@ -196,7 +196,7 @@ LdapQuery .. method:: LdapQuery.get_result(self, metadata, \**kwargs) - This executes the query. First it will call ``prepare_query() for you, then it will try + This executes the query. First it will call ``prepare_query()`` for you, then it will try to execute the query with the specified connection and last it will call ``process_result()`` and return that return value. diff --git a/osx/Introduction.txt b/osx/Introduction.txt index 79b935f23..7e43b72e8 100644 --- a/osx/Introduction.txt +++ b/osx/Introduction.txt @@ -11,6 +11,6 @@ Finally, due to the rapid pace of updates on modern networks, client systems are Bcfg2 is fairly portable. It has been successfully run on: AIX, FreeBSD, OpenBSD, Mac OS X, OpenSolaris, Solaris - Many GNU/Linux distributions, including ArchLinux Blag, CentOS, Debian, Fedora, Gentoo, gNewSense, Mandriva, openSUSE, Red Hat/RHEL, SuSE/SLES, Trisquel, and Ubuntu. + Many GNU/Linux distributions, including Arch Linux, Blag, CentOS, Debian, Fedora, Gentoo, gNewSense, Mandriva, openSUSE, Red Hat/RHEL, SuSE/SLES, Trisquel, and Ubuntu. Bcfg2 should run on any POSIX compatible operating system, however direct support for an operating system's package and service formats are limited by the currently available client tools (new client tools are pretty easy to add). There is also an incomplete but more exact list of platforms on which Bcfg2 works. diff --git a/src/lib/Bcfg2/Client/Proxy.py b/src/lib/Bcfg2/Client/Proxy.py index 679b4c52b..f1caa383a 100644 --- a/src/lib/Bcfg2/Client/Proxy.py +++ b/src/lib/Bcfg2/Client/Proxy.py @@ -316,6 +316,7 @@ class ComponentProxy(xmlrpclib.ServerProxy): help='The time in seconds to wait between retries'), Bcfg2.Options.Option( '--ssl-cns', cf=('communication', 'serverCommonNames'), + dest="ssl_cns", type=Bcfg2.Options.Types.colon_list, help='List of server commonNames')] diff --git a/src/lib/Bcfg2/Client/Tools/APT.py b/src/lib/Bcfg2/Client/Tools/APT.py index abc76ef1c..9b3dded99 100644 --- a/src/lib/Bcfg2/Client/Tools/APT.py +++ b/src/lib/Bcfg2/Client/Tools/APT.py @@ -236,7 +236,7 @@ class APT(Bcfg2.Client.Tools.Tool): self.logger.error("Cannot find correct versions of packages:") self.logger.error(bad_pkgs) if not ipkgs: - return + return dict() if not self.cmd.run(self.pkgcmd % (" ".join(ipkgs))): self.logger.error("APT command failed") self.pkg_cache = apt.cache.Cache() diff --git a/src/lib/Bcfg2/Client/Tools/Chkconfig.py b/src/lib/Bcfg2/Client/Tools/Chkconfig.py index fab142a7c..b535de191 100644 --- a/src/lib/Bcfg2/Client/Tools/Chkconfig.py +++ b/src/lib/Bcfg2/Client/Tools/Chkconfig.py @@ -95,10 +95,10 @@ class Chkconfig(Bcfg2.Client.Tools.SvcTool): bootcmd = '/sbin/chkconfig %s %s' % (entry.get('name'), bootstatus) bootcmdrv = self.cmd.run(bootcmd).success - if Bcfg2.Options.setup.servicemode == 'disabled': + if Bcfg2.Options.setup.service_mode == 'disabled': # 'disabled' means we don't attempt to modify running svcs return bootcmdrv - buildmode = Bcfg2.Options.setup.servicemode == 'build' + buildmode = Bcfg2.Options.setup.service_mode == 'build' if ((entry.get('status') == 'on' and not buildmode) and entry.get('current_status') == 'off'): svccmdrv = self.start_service(entry) diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/__init__.py b/src/lib/Bcfg2/Client/Tools/POSIX/__init__.py index c27c7559d..41bff751d 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/__init__.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/__init__.py @@ -14,7 +14,7 @@ from Bcfg2.Client.Tools.POSIX.base import POSIXTool class POSIX(Bcfg2.Client.Tools.Tool): """POSIX File support code.""" - options = Bcfg2.Client.Tools.Tool.options + [ + options = Bcfg2.Client.Tools.Tool.options + POSIXTool.options + [ Bcfg2.Options.PathOption( cf=('paranoid', 'path'), default='/var/cache/bcfg2', dest='paranoid_path', diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/base.py b/src/lib/Bcfg2/Client/Tools/POSIX/base.py index 488920989..89675af02 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/base.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/base.py @@ -303,7 +303,7 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): # no context listed return True secontext = selinux.lgetfilecon(path)[1].split(":")[2] - if secontext in Bcfg2.Options.setup.posix_secontext_ignore: + if secontext in Bcfg2.Options.setup.secontext_ignore: return True try: if context == '__default__': @@ -562,8 +562,8 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): except OSError: errors.append("%s has no default SELinux context" % entry.get("name")) - else: - wanted_secontext = entry.get("secontext") + elif entry.get("secontext"): + wanted_secontext = entry.get("secontext").split(":")[2] if (wanted_secontext and attrib['current_secontext'] != wanted_secontext): errors.append("SELinux context for path %s is incorrect. " diff --git a/src/lib/Bcfg2/Client/Tools/Pacman.py b/src/lib/Bcfg2/Client/Tools/Pacman.py index b82b905e7..ee4ef35af 100644 --- a/src/lib/Bcfg2/Client/Tools/Pacman.py +++ b/src/lib/Bcfg2/Client/Tools/Pacman.py @@ -5,7 +5,7 @@ import Bcfg2.Client.Tools class Pacman(Bcfg2.Client.Tools.PkgTool): - '''Archlinux package support''' + '''Arch Linux package support''' name = 'Pacman' __execs__ = ["/usr/bin/pacman"] __handles__ = [('Package', 'pacman')] diff --git a/src/lib/Bcfg2/Client/Tools/Pkgng.py b/src/lib/Bcfg2/Client/Tools/Pkgng.py index eef86a131..025bc59be 100644 --- a/src/lib/Bcfg2/Client/Tools/Pkgng.py +++ b/src/lib/Bcfg2/Client/Tools/Pkgng.py @@ -205,7 +205,7 @@ class Pkgng(Bcfg2.Client.Tools.Tool): self.logger.error("Cannot find correct versions of packages:") self.logger.error(bad_pkgs) if not ipkgs: - return + return dict() if not self.cmd.run(self.pkgcmd % (" ".join(ipkgs))): self.logger.error("pkg command failed") self._load_pkg_cache() diff --git a/src/lib/Bcfg2/Client/Tools/RPM.py b/src/lib/Bcfg2/Client/Tools/RPM.py index 464b7e389..6b379918a 100644 --- a/src/lib/Bcfg2/Client/Tools/RPM.py +++ b/src/lib/Bcfg2/Client/Tools/RPM.py @@ -1185,7 +1185,7 @@ class RPM(Bcfg2.Client.Tools.PkgTool): self.logger.debug('%s: pkg_verify = %s' % (self.name, Bcfg2.Options.setup.rpm_pkg_verify)) self.logger.debug('%s: install_missing = %s' % - (self.name, Bcfg2.Options.setup.install_missing)) + (self.name, Bcfg2.Options.setup.rpm_install_missing)) self.logger.debug('%s: fix_version = %s' % (self.name, Bcfg2.Options.setup.rpm_fix_version)) self.logger.debug('%s: reinstall_broken = %s' % diff --git a/src/lib/Bcfg2/Client/Tools/Systemd.py b/src/lib/Bcfg2/Client/Tools/Systemd.py index 5f9208afc..8919e777b 100644 --- a/src/lib/Bcfg2/Client/Tools/Systemd.py +++ b/src/lib/Bcfg2/Client/Tools/Systemd.py @@ -74,12 +74,12 @@ class Systemd(Bcfg2.Client.Tools.SvcTool): # Return failure immediately and do not start/stop the service. return False - # Start or stop the service, depending on the current servicemode + # Start or stop the service, depending on the current service_mode cmd = None - if Bcfg2.Options.setup.servicemode == 'disabled': + if Bcfg2.Options.setup.service_mode == 'disabled': # 'disabled' means we don't attempt to modify running svcs pass - elif Bcfg2.Options.setup.servicemode == 'build': + elif Bcfg2.Options.setup.service_mode == 'build': # 'build' means we attempt to stop all services started if entry.get('current_status') == 'on': cmd = self.get_svc_command(entry, 'stop') diff --git a/src/lib/Bcfg2/Client/__init__.py b/src/lib/Bcfg2/Client/__init__.py index c40d66f58..0ba775318 100644 --- a/src/lib/Bcfg2/Client/__init__.py +++ b/src/lib/Bcfg2/Client/__init__.py @@ -67,7 +67,7 @@ def prompt(msg): ans = safe_input(msg) return ans in ['y', 'Y'] except UnicodeEncodeError: - ans = input(msg.encode('utf-8')) + ans = safe_input(msg.encode('utf-8')) return ans in ['y', 'Y'] except (EOFError, KeyboardInterrupt): # handle ^C diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py index 9e98f8636..ad78800fb 100644 --- a/src/lib/Bcfg2/Server/Core.py +++ b/src/lib/Bcfg2/Server/Core.py @@ -1443,9 +1443,9 @@ class NetworkCore(Core): "\n.. automethod:: _daemonize\n" def __str__(self): - if hasattr(Bcfg2.Options.setup, "location"): + if hasattr(Bcfg2.Options.setup, "server"): return "%s(%s)" % (self.__class__.__name__, - Bcfg2.Options.setup.location) + Bcfg2.Options.setup.server) else: return Core.__str__(self) diff --git a/src/lib/Bcfg2/Server/Lint/TemplateHelper.py b/src/lib/Bcfg2/Server/Lint/TemplateHelper.py index ce6fdca74..98faa269d 100644 --- a/src/lib/Bcfg2/Server/Lint/TemplateHelper.py +++ b/src/lib/Bcfg2/Server/Lint/TemplateHelper.py @@ -26,7 +26,7 @@ class TemplateHelper(ServerPlugin): ServerPlugin.__init__(self, *args, **kwargs) # we instantiate a dummy helper to discover which keywords and # defaults are reserved - dummy = HelperModule("foo.py") + dummy = HelperModule("foo.py", None) self.reserved_keywords = dir(dummy) self.reserved_defaults = dummy.reserved_defaults diff --git a/src/lib/Bcfg2/Server/MultiprocessingCore.py b/src/lib/Bcfg2/Server/MultiprocessingCore.py index 724b34d8d..4bf3e4a27 100644 --- a/src/lib/Bcfg2/Server/MultiprocessingCore.py +++ b/src/lib/Bcfg2/Server/MultiprocessingCore.py @@ -334,9 +334,9 @@ class MultiprocessingCore(BuiltinCore): self.children = None def __str__(self): - if hasattr(Bcfg2.Options.setup, "location"): + if hasattr(Bcfg2.Options.setup, "server"): return "%s(%s; %s children)" % (self.__class__.__name__, - Bcfg2.Options.setup.location, + Bcfg2.Options.setup.server, len(self._all_children)) else: return "%s(%s children)" % (self.__class__.__name__, diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py b/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py index 355e53588..dae03144a 100644 --- a/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py +++ b/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py @@ -878,6 +878,7 @@ class Cfg(Bcfg2.Server.Plugin.GroupSpool, options = Bcfg2.Server.Plugin.GroupSpool.options + [ Bcfg2.Options.BooleanOption( '--cfg-validation', cf=('cfg', 'validation'), default=True, + dest="cfg_validation", help='Run validation on Cfg files'), Bcfg2.Options.Option( cf=('cfg', 'category'), dest="cfg_category", diff --git a/src/lib/Bcfg2/Server/Plugins/Ldap.py b/src/lib/Bcfg2/Server/Plugins/Ldap.py index 66f317c20..895c6380f 100644 --- a/src/lib/Bcfg2/Server/Plugins/Ldap.py +++ b/src/lib/Bcfg2/Server/Plugins/Ldap.py @@ -65,10 +65,12 @@ class Ldap(Bcfg2.Server.Plugin.Plugin, options = [ Bcfg2.Options.Option( cf=('ldap', 'retries'), type=int, default=3, + dest='ldap_retries', help='The number of times to retry reaching the ' 'LDAP server if a connection is broken'), Bcfg2.Options.Option( cf=('ldap', 'retry_delay'), type=float, default=5.0, + dest='ldap_retry_delay', help='The time in seconds betreen retries')] def __init__(self, core): diff --git a/src/lib/Bcfg2/Server/Plugins/Packages/Yum.py b/src/lib/Bcfg2/Server/Plugins/Packages/Yum.py index 14d6db8a0..846fb89cd 100644 --- a/src/lib/Bcfg2/Server/Plugins/Packages/Yum.py +++ b/src/lib/Bcfg2/Server/Plugins/Packages/Yum.py @@ -456,16 +456,13 @@ class YumCollection(Collection): reponame = basereponame added = False + rid = 1 while not added: try: config.add_section(reponame) added = True except ConfigParser.DuplicateSectionError: - match = re.search(r'-(\d+)', reponame) - if match: - rid = int(match.group(1)) + 1 - else: - rid = 1 + rid += 1 reponame = "%s-%d" % (basereponame, rid) config.set(reponame, "name", reponame) diff --git a/src/lib/Bcfg2/Server/Plugins/Packages/YumHelper.py b/src/lib/Bcfg2/Server/Plugins/Packages/YumHelper.py index b2e43bde7..89cc23090 100644 --- a/src/lib/Bcfg2/Server/Plugins/Packages/YumHelper.py +++ b/src/lib/Bcfg2/Server/Plugins/Packages/YumHelper.py @@ -274,29 +274,31 @@ class HelperSubcommand(Bcfg2.Options.Subcommand): # whether or not this command accepts input on stdin accept_input = True - def __init__(self): - Bcfg2.Options.Subcommand.__init__(self) - self.verbosity = 0 + # logging level + verbosity = 0 + + def run(self, setup): if Bcfg2.Options.setup.debug: self.verbosity = 5 elif Bcfg2.Options.setup.verbose: self.verbosity = 1 - def run(self, setup): - try: - data = json.loads(sys.stdin.read()) - except ValueError: - self.logger.error("Error decoding JSON input: %s" % - sys.exc_info()[1]) - print(json.dumps(self.fallback)) - return 2 + data = None + if self.accept_input: + try: + data = json.loads(sys.stdin.read()) + except ValueError: + self.logger.error("Error decoding JSON input: %s" % + sys.exc_info()[1]) + print(json.dumps(self.fallback)) + return 2 try: print(json.dumps(self._run(setup, data))) except: # pylint: disable=W0702 self.logger.error("Unexpected error running %s: %s" % - self.__class__.__name__.lower(), - sys.exc_info()[1], exc_info=1) + (self.__class__.__name__.lower(), + sys.exc_info()[1]), exc_info=1) print(json.dumps(self.fallback)) return 2 return 0 @@ -310,10 +312,13 @@ class DepSolverSubcommand(HelperSubcommand): # pylint: disable=W0223 """ Base class for helper commands that use the depsolver (i.e., only resolve dependencies, don't modify the cache) """ - def __init__(self): - HelperSubcommand.__init__(self) + # DepSolver instance used in _run function + depsolver = None + + def run(self, setup): self.depsolver = DepSolver(Bcfg2.Options.setup.yum_config, self.verbosity) + HelperSubcommand.run(self, setup) class CacheManagerSubcommand(HelperSubcommand): # pylint: disable=W0223 @@ -322,10 +327,13 @@ class CacheManagerSubcommand(HelperSubcommand): # pylint: disable=W0223 fallback = False accept_input = False - def __init__(self): - HelperSubcommand.__init__(self) + # CacheManager instance used in _run function + cachemgr = None + + def run(self, setup): self.cachemgr = CacheManager(Bcfg2.Options.setup.yum_config, self.verbosity) + HelperSubcommand.run(self, setup) class Clean(CacheManagerSubcommand): @@ -376,10 +384,7 @@ class CLI(Bcfg2.Options.CommandRegistry): """ The bcfg2-yum-helper CLI """ options = [ Bcfg2.Options.PathOption( - "-c", "--yum-config", help="Yum config file"), - Bcfg2.Options.PositionalArgument( - "command", help="Yum helper command", - choices=['clean', 'complete', 'get_groups'])] + "-c", "--yum-config", help="Yum config file")] def __init__(self): Bcfg2.Options.CommandRegistry.__init__(self) diff --git a/src/lib/Bcfg2/Server/Plugins/SSHbase.py b/src/lib/Bcfg2/Server/Plugins/SSHbase.py index 7f20e72eb..08acc4d8d 100644 --- a/src/lib/Bcfg2/Server/Plugins/SSHbase.py +++ b/src/lib/Bcfg2/Server/Plugins/SSHbase.py @@ -121,6 +121,10 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, private key for (hostname) ssh_host_(ec)(dr)sa_key.pub.H_(hostname) -> the v2 ssh host public key for (hostname) + ssh_host_ed25519_key.H_(hostname) -> the v2 ssh host + private key for (hostname) + ssh_host_ed25519_key.pub.H_(hostname) -> the v2 ssh host + public key for (hostname) ssh_known_hosts -> the current known hosts file. this is regenerated each time a new key is generated. @@ -128,10 +132,12 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, __author__ = 'bcfg-dev@mcs.anl.gov' keypatterns = ["ssh_host_dsa_key", "ssh_host_ecdsa_key", + "ssh_host_ed25519_key", "ssh_host_rsa_key", "ssh_host_key", "ssh_host_dsa_key.pub", "ssh_host_ecdsa_key.pub", + "ssh_host_ed25519_key.pub", "ssh_host_rsa_key.pub", "ssh_host_key.pub"] @@ -421,7 +427,8 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, def GenerateHostKeyPair(self, client, filename): """Generate new host key pair for client.""" - match = re.search(r'(ssh_host_(?:((?:ecd|d|r)sa)_)?key)', filename) + match = re.search(r'(ssh_host_(?:((?:ecd|d|r)sa|ed25519)_)?key)', + filename) if match: hostkey = "%s.H_%s" % (match.group(1), client) if match.group(2): diff --git a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py index ea4ca3f5f..bbe04a1a3 100644 --- a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py +++ b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py @@ -481,11 +481,16 @@ class TestPOSIXTool(TestTool): @skipUnless(HAS_SELINUX, "SELinux not found, skipping") @patchIf(HAS_SELINUX, "selinux.restorecon") + @patchIf(HAS_SELINUX, "selinux.lgetfilecon") @patchIf(HAS_SELINUX, "selinux.lsetfilecon") - def test_set_secontext(self, mock_lsetfilecon, mock_restorecon): + def test_set_secontext(self, mock_lsetfilecon, mock_lgetfilecon, + mock_restorecon): + Bcfg2.Options.setup.secontext_ignore = ['dosfs_t'] ptool = self.get_obj() entry = lxml.etree.Element("Path", name="/etc/foo", type="file") + mock_lgetfilecon.return_value = (0, "system_u:object_r:foo_t") + # disable selinux for the initial test Bcfg2.Client.Tools.POSIX.base.HAS_SELINUX = False self.assertTrue(ptool._set_secontext(entry)) @@ -495,29 +500,46 @@ class TestPOSIXTool(TestTool): self.assertTrue(ptool._set_secontext(entry)) self.assertFalse(mock_restorecon.called) self.assertFalse(mock_lsetfilecon.called) + self.assertFalse(mock_lgetfilecon.called) mock_restorecon.reset_mock() mock_lsetfilecon.reset_mock() + mock_lgetfilecon.reset_mock() entry.set("secontext", "__default__") self.assertTrue(ptool._set_secontext(entry)) mock_restorecon.assert_called_with(entry.get("name")) + mock_lgetfilecon.assert_called_once_with(entry.get("name")) self.assertFalse(mock_lsetfilecon.called) mock_restorecon.reset_mock() mock_lsetfilecon.reset_mock() + mock_lgetfilecon.reset_mock() mock_lsetfilecon.return_value = 0 entry.set("secontext", "foo_t") self.assertTrue(ptool._set_secontext(entry)) self.assertFalse(mock_restorecon.called) + mock_lgetfilecon.assert_called_once_with(entry.get("name")) mock_lsetfilecon.assert_called_with(entry.get("name"), "foo_t") mock_restorecon.reset_mock() mock_lsetfilecon.reset_mock() + mock_lgetfilecon.reset_mock() mock_lsetfilecon.return_value = 1 self.assertFalse(ptool._set_secontext(entry)) self.assertFalse(mock_restorecon.called) + mock_lgetfilecon.assert_called_once_with(entry.get("name")) mock_lsetfilecon.assert_called_with(entry.get("name"), "foo_t") + # ignored filesystem + mock_restorecon.reset_mock() + mock_lsetfilecon.reset_mock() + mock_lgetfilecon.reset_mock() + mock_lgetfilecon.return_value = (0, "system_u:object_r:dosfs_t") + self.assertTrue(ptool._set_secontext(entry)) + self.assertFalse(mock_restorecon.called) + self.assertFalse(mock_lsetfilecon.called) + mock_lgetfilecon.assert_called_once_with(entry.get("name")) + @patch("grp.getgrnam") def test_norm_gid(self, mock_getgrnam): ptool = self.get_obj() @@ -686,7 +708,7 @@ class TestPOSIXTool(TestTool): ptool._gather_data = Mock() entry = lxml.etree.Element("Path", name="/test", type="file", group="group", owner="user", mode="664", - secontext='etc_t') + secontext='unconfined_u:object_r:etc_t:s0') # _verify_metadata() mutates the entry, so we keep a backup so we # can start fresh every time orig_entry = copy.deepcopy(entry) diff --git a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py index cc1ea6fd7..08c20981d 100644 --- a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py +++ b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py @@ -103,26 +103,26 @@ class TestPOSIXUsers(TestTool): # test failure of inherited method entry = lxml.etree.Element("POSIXUser", name="test") self.assertFalse(users.canInstall(entry)) - mock_canInstall.assertCalledWith(users, entry) + mock_canInstall.assert_called_with(users, entry) # test with no uid specified reset() mock_canInstall.return_value = True self.assertTrue(users.canInstall(entry)) - mock_canInstall.assertCalledWith(users, entry) + mock_canInstall.assert_called_with(users, entry) # test with uid specified, not in managed range reset() entry.set("uid", "1000") self.assertFalse(users.canInstall(entry)) - mock_canInstall.assertCalledWith(users, entry) + mock_canInstall.assert_called_with(users, entry) users._in_managed_range.assert_called_with(entry.tag, "1000") # test with uid specified, in managed range reset() users._in_managed_range.return_value = True self.assertTrue(users.canInstall(entry)) - mock_canInstall.assertCalledWith(users, entry) + mock_canInstall.assert_called_with(users, entry) users._in_managed_range.assert_called_with(entry.tag, "1000") @patch("Bcfg2.Client.Tools.Tool.Inventory") diff --git a/testsuite/common.py b/testsuite/common.py index 9f51cc14f..396f1887b 100644 --- a/testsuite/common.py +++ b/testsuite/common.py @@ -15,7 +15,10 @@ import codecs import lxml.etree import Bcfg2.Options import Bcfg2.Utils -from mock import patch, MagicMock, _patch, DEFAULT +try: + from mock.mock import patch, MagicMock, _patch, DEFAULT +except ImportError: + from mock import patch, MagicMock, _patch, DEFAULT try: from unittest2 import skip, skipIf, skipUnless, TestCase except ImportError: |