diff options
Diffstat (limited to 'doc')
30 files changed, 354 insertions, 205 deletions
diff --git a/doc/appendix/guides/authentication.txt b/doc/appendix/guides/authentication.txt index 93a34c9bc..eba01ee3c 100644 --- a/doc/appendix/guides/authentication.txt +++ b/doc/appendix/guides/authentication.txt @@ -145,7 +145,7 @@ Allowed values are: +-------------------+------------------------------------------+ ``cert+password`` is the default. This can be changed by setting the -``authentication`` parameter in the ``[communcation]`` section of +``authentication`` parameter in the ``[communication]`` section of ``bcfg2.conf``. For instance, to set ``bootstrap`` mode as the global default, you would add the following to ``bcfg2.conf``:: diff --git a/doc/appendix/guides/import-existing-ssh-keys.txt b/doc/appendix/guides/import-existing-ssh-keys.txt index 4e2282044..225844448 100644 --- a/doc/appendix/guides/import-existing-ssh-keys.txt +++ b/doc/appendix/guides/import-existing-ssh-keys.txt @@ -40,9 +40,12 @@ files explicity: <!-- requires a version of openssh that can generate ecdsa keys --> <Path name="/etc/ssh/ssh_host_ecdsa_key"/> <Path name="/etc/ssh/ssh_host_ecdsa_key.pub"/> + <!-- requires a version of openssh that can generate ed25519 keys --> + <Path name="/etc/ssh/ssh_host_ed25519_key"/> + <Path name="/etc/ssh/ssh_host_ed25519_key.pub"/> <Path name='/etc/ssh/ssh_host_dsa_key'/> - <Path name='/etc/ssh/ssh_host_rsa_key'/> <Path name='/etc/ssh/ssh_host_dsa_key.pub'/> + <Path name='/etc/ssh/ssh_host_rsa_key'/> <Path name='/etc/ssh/ssh_host_rsa_key.pub'/> <Path name='/etc/ssh/ssh_host_key'/> <Path name='/etc/ssh/ssh_host_key.pub'/> @@ -97,7 +100,7 @@ Now, we pull the ssh host key data for the client out of the uploaded stats and insert it as host-specific copies of these files in ``/var/lib/bcfg2/SSHBase``.:: - for key in ssh_host_ecdsa_key ssh_host_rsa_key ssh_host_dsa_key ssh_host_key; do + for key in ssh_host_ed25519_key ssh_host_ecdsa_key ssh_host_rsa_key ssh_host_dsa_key ssh_host_key; do sudo bcfg2-admin pull <clientname> Path /etc/ssh/$key sudo bcfg2-admin pull <clientname> Path /etc/ssh/$key.pub done diff --git a/doc/appendix/guides/ubuntu.txt b/doc/appendix/guides/ubuntu.txt index 24bebf023..fde795594 100644 --- a/doc/appendix/guides/ubuntu.txt +++ b/doc/appendix/guides/ubuntu.txt @@ -326,7 +326,7 @@ done for us.:: root@saucy:/var/lib/bcfg2# bcfg2 -vqdn Configured logging: DEBUG to console; DEBUG to syslog - {'help': False, 'extra': False, 'ppath': '/var/cache/bcfg2', 'ca': '/etc/ssl/bcfg2.crt', 'rpm_version_fail_action': 'upgrade', 'yum_version_fail_action': 'upgrade', 'retry_delay': '1', 'posix_uid_whitelist': [], 'rpm_erase_flags': ['allmatches'], 'verbose': True, 'certificate': '/etc/ssl/bcfg2.crt', 'paranoid': False, 'rpm_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'cache': None, 'yum24_autodep': True, 'yum_pkg_verify': True, 'probe_timeout': None, 'yum_installed_action': 'install', 'rpm_verify_fail_action': 'reinstall', 'dryrun': True, 'retries': '3', 'apt_install_path': '/usr', 'quick': True, 'password': 'secret', 'yum24_installed_action': 'install', 'kevlar': False, 'max_copies': 1, 'syslog': True, 'decision_list': False, 'configfile': '/etc/bcfg2.conf', 'remove': None, 'server': 'https://saucy:6789', 'encoding': 'UTF-8', 'timeout': 90, 'debug': True, 'yum24_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'yum24_erase_flags': ['allmatches'], 'yum24_pkg_checks': True, 'interactive': False, 'apt_etc_path': '/etc', 'rpm_installed_action': 'install', 'yum24_verify_fail_action': 'reinstall', 'omit_lock_check': False, 'yum24_pkg_verify': True, 'serverCN': None, 'file': None, 'apt_var_path': '/var', 'posix_gid_whitelist': [], 'posix_gid_blacklist': [], 'indep': False, 'decision': 'none', 'servicemode': 'default', 'version': False, 'rpm_pkg_checks': True, 'profile': None, 'yum_pkg_checks': True, 'args': [], 'bundle': [], 'posix_uid_blacklist': [], 'user': 'root', 'key': '/etc/ssl/bcfg2.key', 'command_timeout': None, 'probe_exit': True, 'lockfile': '/var/lock/bcfg2.run', 'yum_verify_fail_action': 'reinstall', 'yum24_version_fail_action': 'upgrade', 'yum_verify_flags': [], 'logging': None, 'rpm_pkg_verify': True, 'bundle_quick': False, 'rpm_verify_flags': [], 'yum24_verify_flags': [], 'skipindep': False, 'skipbundle': [], 'portage_binpkgonly': False, 'drivers': ['APK', 'APT', 'Action', 'Blast', 'Chkconfig', 'DebInit', 'Encap', 'FreeBSDInit', 'FreeBSDPackage', 'IPS', 'MacPorts', 'OpenCSW', 'POSIX', 'POSIXUsers', 'Pacman', 'Portage', 'RPM', 'RPMng', 'RcUpdate', 'SELinux', 'SMF', 'SYSV', 'Systemd', 'Upstart', 'VCS', 'YUM', 'YUM24', 'YUMng', 'launchd']} + {'help': False, 'extra': False, 'ppath': '/var/cache/bcfg2', 'ca': '/etc/ssl/bcfg2.crt', 'rpm_version_fail_action': 'upgrade', 'yum_version_fail_action': 'upgrade', 'retry_delay': '1', 'posix_uid_whitelist': [], 'rpm_erase_flags': ['allmatches'], 'verbose': True, 'certificate': '/etc/ssl/bcfg2.crt', 'paranoid': False, 'rpm_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'cache': None, 'yum24_autodep': True, 'yum_pkg_verify': True, 'probe_timeout': None, 'yum_installed_action': 'install', 'rpm_verify_fail_action': 'reinstall', 'dryrun': True, 'retries': '3', 'apt_install_path': '/usr', 'quick': True, 'password': 'secret', 'yum24_installed_action': 'install', 'kevlar': False, 'max_copies': 1, 'syslog': True, 'decision_list': False, 'configfile': '/etc/bcfg2.conf', 'remove': None, 'server': 'https://saucy:6789', 'encoding': 'UTF-8', 'timeout': 90, 'debug': True, 'yum24_installonly': ['kernel', 'kernel-bigmem', 'kernel-enterprise', 'kernel-smp', 'kernel-modules', 'kernel-debug', 'kernel-unsupported', 'kernel-devel', 'kernel-source', 'kernel-default', 'kernel-largesmp-devel', 'kernel-largesmp', 'kernel-xen', 'gpg-pubkey'], 'yum24_erase_flags': ['allmatches'], 'yum24_pkg_checks': True, 'interactive': False, 'apt_etc_path': '/etc', 'rpm_installed_action': 'install', 'yum24_verify_fail_action': 'reinstall', 'omit_lock_check': False, 'yum24_pkg_verify': True, 'serverCN': None, 'file': None, 'apt_var_path': '/var', 'posix_gid_whitelist': [], 'posix_gid_blacklist': [], 'indep': False, 'decision': 'none', 'service_mode': 'default', 'version': False, 'rpm_pkg_checks': True, 'profile': None, 'yum_pkg_checks': True, 'args': [], 'bundle': [], 'posix_uid_blacklist': [], 'user': 'root', 'key': '/etc/ssl/bcfg2.key', 'command_timeout': None, 'probe_exit': True, 'lockfile': '/var/lock/bcfg2.run', 'yum_verify_fail_action': 'reinstall', 'yum24_version_fail_action': 'upgrade', 'yum_verify_flags': [], 'logging': None, 'rpm_pkg_verify': True, 'bundle_quick': False, 'rpm_verify_flags': [], 'yum24_verify_flags': [], 'skipindep': False, 'skipbundle': [], 'portage_binpkgonly': False, 'drivers': ['APK', 'APT', 'Action', 'Blast', 'Chkconfig', 'DebInit', 'Encap', 'FreeBSDInit', 'FreeBSDPackage', 'IPS', 'MacPorts', 'OpenCSW', 'POSIX', 'POSIXUsers', 'Pacman', 'Portage', 'RPM', 'RPMng', 'RcUpdate', 'SELinux', 'SMF', 'SYSV', 'Systemd', 'Upstart', 'VCS', 'YUM', 'YUM24', 'YUMng', 'launchd']} Starting Bcfg2 client run at 1374191628.88 Running probe groups Running: /tmp/tmpEtgdwo diff --git a/doc/client/tools/vcs.txt b/doc/client/tools/vcs.txt index fb9c33684..f21d097ff 100644 --- a/doc/client/tools/vcs.txt +++ b/doc/client/tools/vcs.txt @@ -8,8 +8,34 @@ VCS Client Tool .. warning: This tool is currently under development. -.. note: Currently, the only supported VCS is git. +.. note: Currently, the only supported VCS is git and svn. The VCS tool allows you to checkout particular revisions from a VCS repository on the client to a specified path. The tool requires the appropriate python libraries for the VCS used to be installed. + +See :ref:`server-plugins-generators-rules-vcs` for possible options. + +Example usage: + +You may want to create a `Rules/paths.xml` with the following: + +.. code-block:: xml + + <Rules priority="1"> + <Path name="/srv/bcfg2" type="vcs" + sourceurl="https://github.com/Bcfg2/bcfg2.git" + vcstype="git" + revision="cf6dfd8ca28e941b1e638ff0fa7e7a0a1ebb6a6f"/> + </Rules> + +Once the rule is created a client can reference the path from a +bundle, this path will then be populated from the repository. To +continue the above example, a file `Bundle/bcfg2.xml` might contain +this: + +.. code-block:: xml + + <Bundle name="bcfg"> + <Path name="/srv/bcfg2"> + <Bundle/> diff --git a/doc/conf.py b/doc/conf.py index 1da6b3b01..5a558f341 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -133,7 +133,7 @@ html_theme_options = { # The name of an image file (within the static path) to use as favicon of the # docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. -html_favicon = 'favicon.ico' +html_favicon = '_static/favicon.ico' # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, @@ -344,10 +344,6 @@ def check_object_path(key, url, path): intersphinx_mapping = {} intersphinx_mapping.update(\ - check_object_path('mock', - 'http://www.voidspace.org.uk/python/mock', - '/usr/share/doc/python-mock-doc/html/objects.inv')) -intersphinx_mapping.update(\ check_object_path('cherrypy', 'http://docs.cherrypy.org/stable', 'intersphinx/cherrypy/objects.inv')) diff --git a/doc/development/caching.txt b/doc/development/caching.txt index 83ec0290f..c8b7aba14 100644 --- a/doc/development/caching.txt +++ b/doc/development/caching.txt @@ -67,6 +67,9 @@ Currently known caches are: | pkg_sets | <Collection.cachekey>`, | | for clients | | | hash of the initial package selection | | | +-------------+---------------------------------------+-------------------------------------------------+------------------------------------------------------+ +| Ldap, | Hostname, ``<query name>`` | :func:`processed result of the query | Cached results from the Ldap queries | +| results, | | <Bcfg2.Server.Plugins.LdapQuery.process_result>`| | ++-------------+---------------------------------------+-------------------------------------------------+------------------------------------------------------+ These are enumerated so that they can be expired as needed by other plugins or other code points. diff --git a/doc/development/compat.txt b/doc/development/compat.txt index 8700c46d3..a6a85cbab 100644 --- a/doc/development/compat.txt +++ b/doc/development/compat.txt @@ -113,7 +113,7 @@ with Python 2.4 (and occasionally 2.5). Be sure to read the notes below, since some of these implementations may be feature-incomplete. +----------------+--------------------------------+--------------------------------------------+ -| Name | Python 2.4 | Python 2.4+ | +| Name | Python 2.4 | Python 2.5+ | +================+================================+============================================+ | formatdate | :func:`email.Utils.formatdate` | :func:`email.utils.formatdate` | +----------------+--------------------------------+--------------------------------------------+ @@ -129,6 +129,8 @@ below, since some of these implementations may be feature-incomplete. +----------------+--------------------------------+--------------------------------------------+ | MutableMapping | :class:`UserDict.DictMixin` | :class:`collections.MutableMapping` (2.6+) | +----------------+--------------------------------+--------------------------------------------+ +| literal_eval | :func:`eval` | :func:`ast.literal_eval` (2.6+) | ++----------------+--------------------------------+--------------------------------------------+ walk_packages ~~~~~~~~~~~~~ @@ -171,6 +173,14 @@ mind. :class:`collections.MutableMapping` is available in Python 2.6+, and will be used if available. +literal_eval +~~~~~~~~~~~~ + +:func:`ast.literal_eval` is a safe version of :func:`eval` that will only +allow delaration of literal strings, ints, list, dicts, etc. This was +introduced in Python 2.6, and as such Python 2.4 uses the plain-old +:func:`eval`. + Other Symbols ------------- diff --git a/doc/development/plugins.txt b/doc/development/plugins.txt index d292c9dd7..0d524973e 100644 --- a/doc/development/plugins.txt +++ b/doc/development/plugins.txt @@ -118,7 +118,9 @@ Invalidating Caches In Bcfg2 1.3.0, some limited :ref:`server-caching` was introduced. If you are writing a :class:`Bcfg2.Server.Plugin.interfaces.Connector` plugin that implements -:func:`Bcfg2.Server.Plugin.interfaces.Connector.get_additional_groups`, +:func:`Bcfg2.Server.Plugin.interfaces.Connector.get_additional_groups` +or +:func:`Bcfg2.Server.Plugin.interfaces.Connector.get_additional_data`, then you need to be able to invalidate the server metadata cache in order to be compatible with the ``cautious`` or ``aggressive`` caching modes. @@ -140,9 +142,9 @@ called with one string argument, it expires cached data for the named client. It's important, therefore, that your Connector plugin can either track -when changes are made to the group membership it reports, and expire -cached data appropriately when in ``cautious`` or ``aggressive`` mode; -or prudently flag an incompatibility with those two modes. +when changes are made to the data or group membership it reports, and +expire cached data appropriately when in ``cautious`` or ``aggressive`` +mode; or prudently flag an incompatibility with those two modes. For examples, see: diff --git a/doc/exts/xmlschema.py b/doc/exts/xmlschema.py index 89104c2a6..63ab6f489 100644 --- a/doc/exts/xmlschema.py +++ b/doc/exts/xmlschema.py @@ -70,10 +70,9 @@ import lxml.etree from docutils import nodes from sphinx import addnodes, roles from docutils.statemachine import ViewList -from docutils.parsers.rst import directives +from docutils.parsers.rst import Directive, directives from sphinx.util.nodes import make_refnode, split_explicit_title, \ nested_parse_with_titles -from sphinx.util.compat import Directive from sphinx.domains import ObjType, Domain try: diff --git a/doc/installation/distributions.txt b/doc/installation/distributions.txt index 5dad4d860..6abf438f0 100644 --- a/doc/installation/distributions.txt +++ b/doc/installation/distributions.txt @@ -22,16 +22,14 @@ Just use `apk` to perform the installation :: .. _Alpine Linux: http://www.alpinelinux.org/ .. _testing: http://git.alpinelinux.org/cgit/aports/tree/testing/bcfg2 -ArchLinux -========= +Arch Linux +========== Packages for `Arch Linux`_ are available in the Arch User Repository (AUR_). -Just use `pacman` to perform the installation :: - - pacman -S bcfg2 bcfg2-server +The bcfg2 package includes bcfg2-server. .. _Arch Linux: http://www.archlinux.org/ -.. _AUR: http://aur.archlinux.org/packages.php?ID=20979 +.. _AUR: http://aur.archlinux.org/packages/bcfg2 Debian ====== diff --git a/doc/installation/prerequisites.txt b/doc/installation/prerequisites.txt index d89d44894..e6de2a9f6 100644 --- a/doc/installation/prerequisites.txt +++ b/doc/installation/prerequisites.txt @@ -56,7 +56,8 @@ Bcfg2 Server +-------------------------------+----------+--------------------------------+ | python-gamin or pyinotify | Any | gamin or inotify, python | +-------------------------------+----------+--------------------------------+ -| python-ssl (note | Any | python, backported ssl module | +| python-ssl (this is included | Any | | +| in Python2.6 and later) | | | +-------------------------------+----------+--------------------------------+ | python-setuptools | Any | | +-------------------------------+----------+--------------------------------+ @@ -72,7 +73,7 @@ reporting, such as Apache + mod_wsgi or nginx. +-------------------------------+----------+--------------------------------+ | Software | Version | Requires | +===============================+==========+================================+ -| django | 1.2.0+ | | +| django | 1.3.0+ | | +-------------------------------+----------+--------------------------------+ | south | 0.7.5+ | | +-------------------------------+----------+--------------------------------+ diff --git a/doc/introduction/os-support.txt b/doc/introduction/os-support.txt index 881fdc6dd..42591b627 100644 --- a/doc/introduction/os-support.txt +++ b/doc/introduction/os-support.txt @@ -17,13 +17,13 @@ Bcfg2 is fairly portable. It has been successfully run on: .. _OpenSolaris: http://opensolaris.org/ .. _Solaris: http://www.sun.com/software/solaris/ -* Many `GNU/Linux`_ distributions, including `Archlinux`_, `Blag`_, `CentOS`_, +* Many `GNU/Linux`_ distributions, including `Arch Linux`_, `Blag`_, `CentOS`_, `Debian`_, `Fedora`_, `Gentoo`_, `gNewSense`_, `Mandriva`_, `OpenSUSE`_, `Red Hat/RHEL`_, `Scientific Linux`_, `SuSE/SLES`_, `Trisquel`_, and `Ubuntu`_. .. _GNU/Linux: http://www.gnu.org/gnu/Linux-and-gnu.html -.. _Archlinux: http://www.archlinux.org +.. _Arch Linux: http://www.archlinux.org .. _Blag: http://www.blagblagblag.org/ .. _CentOS: http://www.centos.org/ .. _Debian: http://www.debian.org/ diff --git a/doc/man/bcfg2.conf.txt b/doc/man/bcfg2.conf.txt index 62c4ac1a8..f6fb32cf5 100644 --- a/doc/man/bcfg2.conf.txt +++ b/doc/man/bcfg2.conf.txt @@ -267,7 +267,7 @@ revision information out of your repository for reporting purposes. Ldap Plugin +++++++++++ -The Ldap plugin makes it possible to fetch data from an LDAP directory, +The Ldap plugin makes it possible to fetch data from a LDAP directory, process it and attach it to your metadata. Metadata Plugin @@ -624,7 +624,7 @@ configuration file. chaincert Specifies the location of your ssl chaining certificate. This is - used when pre-existing certifcate hostfiles are found, so that + used when pre-existing certificate hostfiles are found, so that they can be validated and only regenerated if they no longer meet the specification. If you’re using a self signing CA this would be the CA cert that you generated. @@ -718,6 +718,11 @@ Reporting options Maximum number of children for the reporting collector. Use 0 to disable the limit. (default is 0) + django_settings + Arbitrary options for the Django installation. The value expected + is a literal python dictionary, that is merged with the already set + django settings. + See Also -------- diff --git a/doc/man/bcfg2.txt b/doc/man/bcfg2.txt index 6df4f9b4f..3810b27d4 100644 --- a/doc/man/bcfg2.txt +++ b/doc/man/bcfg2.txt @@ -55,7 +55,7 @@ Options -b bundles Run only the specified colon-delimited set of bundles. -c cachefile Cache a copy of the configuration in cachefile. ---ca-cert=cacert Specifiy the path to the SSL CA certificate. +--ca-cert=cacert Specify the path to the SSL CA certificate. -d Enable debugging output. -e When in verbose mode, display extra entry information. diff --git a/doc/releases/1.3.6.txt b/doc/releases/1.3.6.txt index 757fbf6f5..9ab024674 100644 --- a/doc/releases/1.3.6.txt +++ b/doc/releases/1.3.6.txt @@ -30,5 +30,14 @@ This is primarily a bugfix release. https://docs.djangoproject.com/en/1.7/ref/settings/#std:setting-OPTIONS +* SYSV: change instances of simplename to simplefile + + Previous configurations can be updated using the migration tool. + +* Authentication: Reject passwd auth, if authentication is set to "cert" +* Server/Core: drop privileges even if not running as daemon +* Packages/Yum.py: Fix dependency resolution logic +* Handle filesystem secontexts properly for contextless filesystems + Special thanks to the following contributors for this release: Michael -Fenn, Matt Kemp, Alexander Sulfrian, Jonathan Billings. +Fenn, Matt Kemp, Alexander Sulfrian, Jonathan Billings, Ross Smith. diff --git a/doc/releases/1.4.0pre2.txt b/doc/releases/1.4.0pre2.txt index 8acbda8a7..5694fe8b4 100644 --- a/doc/releases/1.4.0pre2.txt +++ b/doc/releases/1.4.0pre2.txt @@ -8,7 +8,7 @@ The second prerelease for Bcfg2 1.4.0 is now available at: - ftp://ftp.mcs.anl.gov/pub/bcfg + http://bcfg2.org/download/ Bcfg2 1.4.0pre2 is a prerelease, and contains many new features, including some that are backwards-incompatible with Bcfg2 1.3.x and @@ -19,6 +19,7 @@ environments. * NagiosGen: Add bundles to configuration * HomeBrew: Initial add of plugin +* Rules/Defaults: Add possibility to use name of entry in attributes backwards-incompatible user-facing changes ------------------------------------------ @@ -31,6 +32,20 @@ backwards-incompatible user-facing changes This fixes potentially long client runs when comparing files that have diverged significantly. +* The database options in the config (options and reporting_options in database + section) now have to be literal python dictionaries. + + This allows to set arbitrary options with nested settings. + +* The Ldap plugin changed significantly. The configuration interface was + simplified and new configuration options for the number of retries and the + delay in between were added. + + You have to register your ldap queries in the global list, there is no + distinction between LdapQueries and LdapSubQueries anymore, the names of + your queries default to the class names and the Ldap plugin expires + the metadata caches if the config file changes. + * Ignore directories containing a .bcfg2-ignore file in various plugins (Bundler, Defaults, Pkgmgr, Properties, PuppetENC, TemplateHelper, Trigger). diff --git a/doc/releases/index.txt b/doc/releases/index.txt index 271fc23cc..911fe070f 100644 --- a/doc/releases/index.txt +++ b/doc/releases/index.txt @@ -9,6 +9,8 @@ Release Announcements .. toctree:: + 1.4.0pre2 1.4.0pre1 + 1.3.6 1.3.5 1.3.4 diff --git a/doc/server/encryption.txt b/doc/server/encryption.txt index db5e2ae29..c186bc31d 100644 --- a/doc/server/encryption.txt +++ b/doc/server/encryption.txt @@ -225,16 +225,17 @@ be able to decrypt everything.) In this case, you want to enable lax decryption in the ``[encryption]`` section of ``bcfg2.conf``:: [encryption] - decrypt = lax + lax_decryption = true This causes a failed decrypt to produce a warning only, not an error. This can be overridden by individual XML files by setting -``decrypt="strict"`` on the top-level tag (or, vice-versa; if strict -is the default an XML file can specify ``decrypt="lax"``. +``lax_decryption="false"`` on the top-level tag (or, vice-versa; if +strict is the default an XML file can specify +``lax_decryption="true"``. Note that you could, for instance, set lax decryption by default, and -then set strict decryption on individual files. +then disable it on individual files. Encryption API ============== diff --git a/doc/server/plugins/connectors/grouplogic.txt b/doc/server/plugins/connectors/grouplogic.txt index abf425202..dc59e4e0e 100644 --- a/doc/server/plugins/connectors/grouplogic.txt +++ b/doc/server/plugins/connectors/grouplogic.txt @@ -92,9 +92,9 @@ generate the tedious config: .. code-block:: xml <GroupLogic xmlns:py="http://genshi.edgewall.org/"> - <py:for each="component in metadata.query.all_groups_in_category("webapp-component")> + <py:for each="component in metadata.query.all_groups_in_category('webapp-component')"> <Group name="${component}"> - <py:for each="env in metadata.query.all_groups_in_category("environment")> + <py:for each="env in metadata.query.all_groups_in_category('environment')"> <Group name="${env}"> <Group name="${component}-${env}"/> </Group> diff --git a/doc/server/plugins/connectors/templatehelper.txt b/doc/server/plugins/connectors/templatehelper.txt index d113dcab7..e24ba10cb 100644 --- a/doc/server/plugins/connectors/templatehelper.txt +++ b/doc/server/plugins/connectors/templatehelper.txt @@ -54,9 +54,9 @@ See ``examples/TemplateHelper`` for examples of helper modules. Usage ===== -Specific helpers can be referred to in -templates as ``metadata.TemplateHelper[<modulename>]``. That accesses -a HelperModule object will have, as attributes, all symbols listed in +Specific helpers can be referred to in templates as +``metadata.TemplateHelper[<modulename>]``. That returns a HelperModule +object which will have, as attributes, all symbols listed in ``__export__``. For example, consider this helper module:: __export__ = ["hello"] diff --git a/doc/server/plugins/generators/cfg.txt b/doc/server/plugins/generators/cfg.txt index c991f20c9..1b2fec834 100644 --- a/doc/server/plugins/generators/cfg.txt +++ b/doc/server/plugins/generators/cfg.txt @@ -275,9 +275,7 @@ Several variables are pre-defined inside templates: | | <server-plugins-grouping-metadata-clientmetadata>` | +-------------+--------------------------------------------------------+ | name | The value of the ``name`` attribute as specified in | -| | the Path entry in Bcfg2. If an :ref:`altsrc | -| | <server-plugins-structures-altsrc>` attribute is used, | -| | then ``name`` will be the value of that attribute. | +| | the Path entry in Bcfg2. | +-------------+--------------------------------------------------------+ | source_path | The path to the template file on the filesystem | +-------------+--------------------------------------------------------+ @@ -490,7 +488,7 @@ complex: .. code-block:: xml - <PrivateKey category="environment"/> + <PrivateKey category="environment"> <Params bits="1024" type="dsa"/> <Group name="secure"> <Passphrase encrypted="secure">U2FsdGVkX19xACol83uyPELP94s4CmngD12oU6PLLuE=</Passphrase> @@ -657,7 +655,7 @@ paths. `sslkey.xml`_ for details on how to change the key type and size.) #. Similarly, create `sslcert.xml`_ in - ``Cfg/etc/pki/tls/certs/localhost.cfg/``, containing the following: + ``Cfg/etc/pki/tls/certs/localhost.crt/``, containing the following: .. code-block:: xml diff --git a/doc/server/plugins/generators/nagiosgen.txt b/doc/server/plugins/generators/nagiosgen.txt index 1ccdd66c1..47bba8cc2 100644 --- a/doc/server/plugins/generators/nagiosgen.txt +++ b/doc/server/plugins/generators/nagiosgen.txt @@ -29,7 +29,6 @@ Create default host, and group specs in: check_period 24x7 contact_groups admins event_handler_enabled 1 - failure_prediction_enabled 1 flap_detection_enabled 1 initial_state o max_check_attempts 10 @@ -195,7 +194,4 @@ moderation. ``NagiosGen/config.xml`` replaces the files ``Properties/NagiosGen.xml`` and ``NagiosGen/parents.xml`` in older versions of Bcfg2; your old configs can be migrated using the -``nagiosgen-convert.py`` tool. The plugin does contain a -backwards-compatibility layer for those older config files, but -``NagiosGen/config.xml`` must exist (even if empty) for the plugin to -function. +``nagiosgen-convert.py`` tool. diff --git a/doc/server/plugins/generators/packages.txt b/doc/server/plugins/generators/packages.txt index 2fe71f895..5e14d3be5 100644 --- a/doc/server/plugins/generators/packages.txt +++ b/doc/server/plugins/generators/packages.txt @@ -213,7 +213,7 @@ something like this: Packages plugin to add recommended packages by adding the :xml:attribute:`SourceType:recommended` attribute, e.g.: - .. code-block:: xml + .. code-block:: none <Source type="apt" recommended="true" ...> @@ -222,9 +222,9 @@ something like this: setting the :xml:attribute:`SourceType:essential` attribute to *false*: - .. code-block:: xml + .. code-block:: none - <Source type="apt" essential="false" ...> + <Source type="apt" essential="false" ...> Yum sources can be similarly specified: @@ -483,6 +483,59 @@ See :ref:`configuration` for more details on these options. .. _native-yum-libraries: +Package Groups +============== + +Some packaging systems provide package groups. To include a package +group, use the :xml:attribute:`PackageStructure:group` attribute of +the :xml:element:`Package` tag. + +pac +--- + +.. versionadded:: 1.4.0 + +Pacman `groups <https://www.archlinux.org/groups/>`_ are supported: + +.. code-block:: xml + + <Package group="base"/> + +yum +--- + +Yum package groups are supported by both the native Yum libraries and +Bcfg2's internal dependency resolver. You can use either the short +group ID or the long group name: + +.. code-block:: xml + + <Package group="SNMP Support"/> + <Package group="system-management-snmp"/> + +By default, only those packages considered the "default" packages in a +group will be installed. You can change this behavior using the +:xml:attribute:`PackageStructure:type` attribute: + +.. code-block:: xml + + <Package group="development" type="optional"/> + <Package group="Administration Tools" type="mandatory"/> + +Valid values of "type" are: + +* ``mandatory``: Only install mandatory packages in the group. +* ``default``: Install default packages from the group (the default). +* ``optional`` or ``all``: Install all packages in the group, + including mandatory, default, and optional packages. + +See :xml:type:`PackageStructure` for details. + +You can view the packages in a group by category with the ``yum +groupinfo`` command. More information about the different levels can +be found at +http://fedoraproject.org/wiki/How_to_use_and_edit_comps.xml_for_package_groups#Installation + Using Native Yum Libraries ========================== @@ -546,43 +599,6 @@ generally be overridden: * ``reposdir`` is set to ``/dev/null`` to prevent the server's Yum configuration from being read; do not change this. -Package Groups --------------- - -Yum package groups are supported by both the native Yum libraries and -Bcfg2's internal dependency resolver. To include a package group, use -the :xml:attribute:`PackageStructure:group` attribute of the -:xml:element:`Package` tag. You can use either the short group ID or -the long group name: - -.. code-block:: xml - - <Package group="SNMP Support"/> - <Package group="system-management-snmp"/> - -By default, only those packages considered the "default" packages in a -group will be installed. You can change this behavior using the -:xml:attribute:`PackageStructure:type` attribute: - -.. code-block:: xml - - <Package group="development" type="optional"/> - <Package group="Administration Tools" type="mandatory"/> - -Valid values of "type" are: - -* ``mandatory``: Only install mandatory packages in the group. -* ``default``: Install default packages from the group (the default). -* ``optional`` or ``all``: Install all packages in the group, - including mandatory, default, and optional packages. - -See :xml:type:`PackageStructure` for details. - -You can view the packages in a group by category with the ``yum -groupinfo`` command. More information about the different levels can -be found at -http://fedoraproject.org/wiki/How_to_use_and_edit_comps.xml_for_package_groups#Installation - Abstract Package Tags --------------------- diff --git a/doc/server/plugins/generators/rules.txt b/doc/server/plugins/generators/rules.txt index 86478a5ae..7aeec6990 100644 --- a/doc/server/plugins/generators/rules.txt +++ b/doc/server/plugins/generators/rules.txt @@ -248,10 +248,13 @@ Manage symlinks. :onlyattrs: to :requiredattrs: to +.. _server-plugins-generators-rules-vcs: + vcs ^^^ -Check out the specified VCS repository to the given path. +Check out the specified VCS repository to the given path. See +:ref:`client-tools-vcs` for more details. .. xml:type:: PathType :nochildren: @@ -509,3 +512,23 @@ you'd have to explicitly specify ``<Service name="bcfg2.*".../>``. Note that only one Rule can apply to any abstract entry, so you cannot specify multiple regexes to match the same rule. + +Replacing the name of the Entry in Attributes +============================================= + +If you are using regular expressions to match the abstract configuration +entries, you may need the concrete name of the entry in some attributes. +To use this feature, you have to enable it. It is only useful, if used +together with regex matching. :: + + [rules] + regex = yes + replace_name = yes + +You now can write something like that in your xml file: + +.. code-block:: xml + + <POSIXUser name='.*' home='/somewhere/%{name}'/> + +``%{name}`` will be correctly replaced with the username for each POSIXUser. diff --git a/doc/server/plugins/generators/sshbase.txt b/doc/server/plugins/generators/sshbase.txt index 540cc1e06..26c1a8121 100644 --- a/doc/server/plugins/generators/sshbase.txt +++ b/doc/server/plugins/generators/sshbase.txt @@ -14,8 +14,8 @@ record for the current system. It has two functions: -* Generating new ssh keys -- When a client requests a ecdsa, dsa, rsa, - or v1 key, and there is no existing key in the repository, one is +* Generating new ssh keys -- When a client requests a key (v1, rsa, + ecdsa, etc.), and there is no existing key in the repository, one is generated. * Maintaining the ``ssh_known_hosts`` file -- all current known public @@ -73,6 +73,7 @@ SSHbase currently supports the following key formats: * RSA2 (``ssh_host_rsa_key``, ``ssh_host_rsa_key.pub``) * DSA (``ssh_host_dsa_key``, ``ssh_host_dsa_key.pub``) * ECDSA (``ssh_host_ecdsa_key``, ``ssh_host_ecdsa_key.pub``) +* Ed25519 (``ssh_host_ed25519_key``, ``ssh_host_ed25519_key.pub``) Group-specific keys =================== @@ -143,19 +144,19 @@ control the permissions and other metadata for the keys and Default permissions are as follows: -+----------------------------------+-------+-------+------+-----------+----------+----------+ -| File | owner | group | mode | sensitive | paranoid | encoding | -+==================================+=======+=======+======+===========+==========+==========+ -| ssh_known_hosts | root | root | 0644 | false | false | None | -+----------------------------------+-------+-------+------+-----------+----------+----------+ -| ssh_host_key | root | root | 0600 | false | false | base64 | -+----------------------------------+-------+-------+------+-----------+----------+----------+ -| ssh_host_key.pub | root | root | 0644 | false | false | base64 | -+----------------------------------+-------+-------+------+-----------+----------+----------+ -| ssh_host_[rsa|dsa|ecdsa]_key | root | root | 0600 | false | false | None | -+----------------------------------+-------+-------+------+-----------+----------+----------+ -| ssh_host_[rsa|dsa|ecdsa]_key.pub | root | root | 0644 | false | false | None | -+----------------------------------+-------+-------+------+-----------+----------+----------+ ++------------------------------------------+-------+-------+------+-----------+----------+----------+ +| File | owner | group | mode | sensitive | paranoid | encoding | ++==========================================+=======+=======+======+===========+==========+==========+ +| ssh_known_hosts | root | root | 0644 | false | false | None | ++------------------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_key | root | root | 0600 | false | false | base64 | ++------------------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_key.pub | root | root | 0644 | false | false | base64 | ++------------------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_[rsa|dsa|ecdsa|ed25519]_key | root | root | 0600 | false | false | None | ++------------------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_[rsa|dsa|ecdsa|ed25519]_key.pub | root | root | 0644 | false | false | None | ++------------------------------------------+-------+-------+------+-----------+----------+----------+ Note that the ``sensitive`` attribute is false, even for private keys, in order to permit :ref:`pulling with bcfg2-admin diff --git a/doc/server/plugins/grouping/ldap.txt b/doc/server/plugins/grouping/ldap.txt index 90590a272..abbd5e005 100644 --- a/doc/server/plugins/grouping/ldap.txt +++ b/doc/server/plugins/grouping/ldap.txt @@ -7,7 +7,7 @@ Ldap ==== .. warning:: - This plugin is considered experimental and has known issues (see below). + This plugin is considered experimental. Purpose ------- @@ -33,39 +33,38 @@ next section. Configuration ------------- -As processing LDAP search results can get pretty complex, the configuration has +As processing LDAP search results can get pretty complex, the configuration has to be written in Python. Here is a minimal example to get you started:: - from Bcfg2.Server.Plugins.Ldap import LdapConnection, LdapQuery, LdapSubQuery, register_query - - conn_default = LdapConnection() - conn_default.binddn = "uid=example,ou=People,dc=example,dc=com" - conn_default.bindpw = "foobat" - - @register_query + from Bcfg2.Server.Plugins.Ldap import LdapConnection, LdapQuery + + __queries__ = ['ExampleQuery'] + + conn_default = LdapConnection( + binddn="uid=example,ou=People,dc=example,dc=com", + bindpw = "foobat") + class ExampleQuery(LdapQuery): - name = "example" base = "ou=People,dc=example,dc=com" scope = "one" attrs = ["cn", "uid"] connection = conn_default - + def prepare_query(self, metadata): self.filter = "(personalServer=" + metadata.hostname + ")" - + def process_result(self, metadata): if not self.result: admin_uid = None admin_name = "This server has no admin." - return { + return { "admin_uid" : self.result[0][1]["uid"], "admin_name" : self.result[0][1]["cn"] } -The first line provides three classes for dealing with connections and queries -(details below) and a decorator function for registering your queries with the plugin. +The first line provides the two required classes for dealing with connections and queries. In this example our LDAP directory has a number of user objects in it. Each of those may have a personal server they administer. Whenever metadata for this machine is being @@ -73,7 +72,40 @@ generated by the Bcfg2 server, the UID and name of the admin are retrieved from In your bundles and config templates, you can access this data via the metadata object:: - ${metadata.Ldap["example"]["admin_name"]} + ${metadata.Ldap["ExampleQuery"]["admin_name"]} + +Connection retry +++++++++++++++++ + +If the LDAP server is down during a request, the LDAP plugin tries to reconnect after a +short delay. By default, it waits 3 seconds during the retries and tries to reconnect +up to three times. + +If you wish, you could customize these values in your ``bcfg2.conf``:: + + [ldap] + retries = 3 + retry_delay = 3.0 + +Caching ++++++++ + +This module could not know, if a value changed on the LDAP server. So it does not cache +the results of the LDAP queries by default. + +You could enable the cache of the results in your ``bcfg2.conf``: + + [ldap] + cache = on + +If you enable the caching, you have to expire it manually. This module provides a XML-RPC +method for this purpose: :func:`Ldap.expire_cache +<Bcfg2.Server.Plugins.Ldap.expire_cache>`. + +Even without enabling caching, the results of the LDAP queries are cached, but are +discarded before each client run. If you access the Ldap results of different client, you +may get cached results of the last run of this client. If you do not want this behaviour, +you can disable the caching completely by setting it to ``off``. Class reference --------------- @@ -83,24 +115,41 @@ LdapConnection .. class:: LdapConnection - This class represents an LDAP connection. Every query must be associated with exactly - one connection. - -.. attribute:: LdapConnection.binddn - + This class represents an LDAP connection. Every query must be associated + with exactly one connection. + +.. attribute:: LdapConnection.binddn + DN used to authenticate against LDAP (required). - + .. attribute:: LdapConnection.bindpw - + Password for the previously mentioned **binddn** (required). - + .. attribute:: LdapConnection.host - + Hostname of host running the LDAP server (defaults to "localhost"). .. attribute:: LdapConnection.port - - Port where LDAP server is listening (defaults to 389). + + Port where LDAP server is listening (defaults to 389). If you use + port 636 this module will use ldaps to connect to the server. + +.. attribute:: LdapConnection.uri + + LDAP URI of the LDAP server to connect to. This is prefered over + :attr:`LdapConnection.host` and :attr:`LdapConnection.port`. + + .. note:: + + If you are using ldaps you may have to specify additional options + for enabling the certificate validation or setting the path for + the trusted certificates with :attr:`LdapConnection.options`. + +.. attribute:: LdapConnection.options + + Arbitrary options for the LDAP connection. You should specify it + as a dict and use the ``OPT_*`` constants from ``python-ldap``. You may pass any of these attributes as keyword arguments when creating the connection object. @@ -108,143 +157,129 @@ LdapQuery +++++++++ .. class:: LdapQuery - + This class defines a single query that may adapt itself depending on the current metadata. .. attribute:: LdapQuery.attrs - + Can be used to retrieve only a certain subset of attributes. May either be a list of strings (attribute names) or ``None``, meaning all attributes (defaults to ``None``). .. attribute:: LdapQuery.base - - This is the search base. Only LDAP entries below this DN will be included in your + + This is the search base. Only LDAP entries below this DN will be included in your search results (required). - + .. attribute:: LdapQuery.connection - + Set this to an instance of the LdapConnection class (required). .. attribute:: LdapQuery.filter - + LDAP search filter used to narrow down search results (defaults to ``(objectClass=*)``). .. attribute:: LdapQuery.name - + This will be used as the dictionary key that provides access to the query results from - the metadata object (``metadata.Ldap["NAMEGOESHERE"]``) (required). + the metadata object: ``metadata.Ldap["NAMEGOESHERE"]`` (defaults to the class name). .. attribute:: LdapQuery.scope - - Set this to one of "base", "one" or "sub" to specify LDAP search depth (defaults to "sub"). + + Set this to one of "base", "one" or "sub" to specify LDAP search depth (defaults to "sub"). .. method:: LdapQuery.is_applicable(self, metadata) - + You can override this method to indicate whether this query makes sense for a given set of metadata (e.g. you need a query only for a certain bundle or group). - + (defaults to returning True) - -.. method:: LdapQuery.prepare_query(self, metadata) - + +.. method:: LdapQuery.prepare_query(self, metadata, \**kwargs) + Override this method to alter the query prior to execution. This is useful if your filter depends on the current metadata, e.g.:: - + self.filter = "(cn=" + metadata.hostname + ")" - + (defaults to doing nothing) -.. method:: LdapQuery.process_result(self, metadata) - +.. method:: LdapQuery.process_result(self, metadata, \**kwargs) + You will probably override this method in every query to reformat the results from LDAP. The raw result is stored in ``self.result``, you must return the altered data. Note that LDAP search results are presented in this structure:: - + ( ("DN of first entry returned", { "firstAttribute" : 1, "secondAttribute" : 2, - } + } ), ("DN of second entry returned", { "firstAttribute" : 1, "secondAttribute" : 2, - } + } ), ) - + Therefore, to return just the value of the firstAttribute of the second object returned, you'd write:: - + return self.result[1][1][0] - + (defaults to returning ``self.result`` unaltered) -LdapSubQuery -++++++++++++ - -.. class:: LdapSubQuery - - Sometimes you need more than one query to obtain the data you need (e.g. use the first - query to return all websites running on metadata.hostname and another query to find all - customers that should have access to those sites). - - LdapSubQueries are the same as LdapQueries, except for that the methods - - * ``get_result()`` - * ``prepare_query()`` - * ``process_result()`` - - allow any additional keyword arguments that may contain additional data as needed. Note - that ``get_result()`` will call ``prepare_query()`` and ``process_result()`` for you, - so you shouldn't ever need to invoke these yourself, just override them. - -Here is another example that uses LdapSubQuery:: - - class WebSitesQuery(LdapSubQuery): - name = "web_sites" +.. method:: LdapQuery.get_result(self, metadata, \**kwargs) + + This executes the query. First it will call ``prepare_query()`` for you, then it will try + to execute the query with the specified connection and last it will call ``process_result()`` + and return that return value. + +If you use a LdapQuery class by yourself, you could pass additional keyword arguments to +``get_result()``. It will call ``prepare_query()`` and ``process_result()`` for you and +also supply this additional arguments to this methods. + +Here is an example:: + + __queries__ = ['WebPackageQuery'] + + class WebSitesQuery(LdapQuery): filter = "(objectClass=webHostingSite)" attrs = ["dc"] connection = conn_default - + def prepare_query(self, metadata, base_dn): self.base = base_dn - - def process_result(self, metadata): + + def process_result(self, metadata, **kwargs): [...] # build sites dict from returned dc attributes return sites - - @register_query + class WebPackagesQuery(LdapQuery): - name = "web_packages" base = "dc=example,dc=com" attrs = ["customerId"] connection = conn_default - + def prepare_query(self, metadata): self.filter = "(&(objectClass=webHostingPackage)(cn:dn:=" + metadata.hostname + "))" - + def process_result(self, metadata): customers = {} for customer in self.result: dn = customer[0] cid = customer[1]["customerId"][0] - customers[cid]["sites"] = WebSitesQuery().get_result(metadata, base_dn = dn) + customers[cid]["sites"] = WebSitesQuery().get_result(metadata, base_dn=dn) return customers This example assumes that we have a number of webhosting packages that contain various -sites. We need a first query ("web_packages") to get a list of the packages our customers -have and another query for each of those to find out what sites are contained in each -package. The magic happens in the second class where ``WebSitesQuery.get_result()`` is -called with the additional ``base_dn`` parameter that allows our LdapSubQuery to only +sites. We need the ``WebPackagesQuery`` to get a list of the packages our customers +have and another query for each of those to find out what sites are contained in each +package. The magic happens in the second class where ``WebSitesQuery.get_result()`` is +called with the additional ``base_dn`` parameter that allows our LdapQuery to only search below that DN. -.. warning:: - Do NOT apply the ``register_query`` decorator to LdapSubQueries. - -Known Issues ------------- - -* At this point there is no support for SSL/TLS. +You do not need to add all LdapQueries to the ``__queries__`` list. Only add those to +that list, that should be called automatically and whose results should be added to the +client metadata. diff --git a/doc/server/plugins/grouping/metadata.txt b/doc/server/plugins/grouping/metadata.txt index 832b1a13f..f0ff2b29c 100644 --- a/doc/server/plugins/grouping/metadata.txt +++ b/doc/server/plugins/grouping/metadata.txt @@ -175,6 +175,9 @@ groups: <Group name="selinux-enabled" negate="true"/> </Client> +Negated groups can also be used to declare other Group assignments, +but not to declare Bundle assignments. + .. note:: Nested Group conditionals, Client tags, and negated Group tags are diff --git a/doc/server/plugins/structures/bundler/index.txt b/doc/server/plugins/structures/bundler/index.txt index f8962d42c..afdbbecf2 100644 --- a/doc/server/plugins/structures/bundler/index.txt +++ b/doc/server/plugins/structures/bundler/index.txt @@ -269,7 +269,7 @@ or alternately <Path name="/etc/bacula/bconsole.conf"/> <Path name="/etc/bacula/bacula-fd.conf"/> <Path name="/etc/bacula/bacula-sd.conf"/> - <py:if="metadata.hostname == 'foo.bar.com'"> + <py:if test="metadata.hostname == 'foo.bar.com'"> <Path name="/etc/bacula/bacula-dir.conf"/> </py:if> </Bundle> diff --git a/doc/server/plugins/structures/defaults.txt b/doc/server/plugins/structures/defaults.txt index 58b9feddb..9d37b8e64 100644 --- a/doc/server/plugins/structures/defaults.txt +++ b/doc/server/plugins/structures/defaults.txt @@ -29,3 +29,10 @@ on Fedora 15 and the ``chkconfig`` tool on Fedora 14, you could do:: If you were to specify a ``type`` attribute for a Service entry in Rules (or a ``type`` attribute for a BoundService entry in Bundler), that would take precendence over the default. + +Like :ref:`server-plugins-generators-rules`, Defaults can also replace +``%{name}`` in attributes with the real name of the entry. To enable this, +add the following setting to ``bcfg2.conf``:: + + [defaults] + replace_name = yes diff --git a/doc/unsorted/vim_snippet.txt b/doc/unsorted/vim_snippet.txt index 4598b5c1d..537bb00a2 100644 --- a/doc/unsorted/vim_snippet.txt +++ b/doc/unsorted/vim_snippet.txt @@ -13,7 +13,7 @@ that allow quick composition of bundles and base files. #. Install it using the install instructions (unzip snipMate.zip -d ~/.vim or equivalent, e.g. $HOME\vimfiles on Windows) #. Add the following to ``~/.vim/snippets/xml.snippets`` - .. code-block:: cl + .. code-block:: none # Bundle snippet <Bundle |