summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* fixed pylint/pep-8 testsChris St. Pierre2014-04-2518-51/+48
|
* Default to only (En|De)crypt vars that need itChris Brinker2014-04-251-2/+1
| | | | | | | | | | | | | | For both Encrypting and Decrypting of Properties files, we should by default only attempt to execute on elements that have an "encrypted" attribute defined. The code will already attempt to encrypt every element if nothing in the current document matches this xpath, which catches the case of a user trying to fully encrypt a completely new properties file. Conflicts: src/lib/Bcfg2/Server/Encryption.py
* do not bruteforce Properties decrypts with unknown passphraseChris St. Pierre2014-04-251-12/+5
| | | | | this greatly decreases startup time with lots of data encrypted with missing passphrases
* reduce logging from failed decryption with decrypt=laxChris St. Pierre2014-04-253-30/+25
|
* misc/bcfg2.spec: Bumped release and added a changelog entryJonathan Billings2014-04-231-1/+4
|
* misc/bcfg2.spec: Remove second, unnecessary %endifJonathan Billings2014-04-231-5/+5
|
* misc/bcfg2.spec Remove duplicate checks for systemd in RPM scriptletsJonathan Billings2014-04-231-19/+0
| | | | | | | | | | | | | In the RPM scriptlets, there's first a check for fedora 18 or greater, then if that's not true, a check for fedora 16 or greater. Due to some bug in how nested %if statements work in RPM scriptlets, the second test is evaluating true even on non-Fedora systems, which is leading to systemd commands being put in RHEL6 RPM scriptlets. This change removes the second check. If there needed to be a check for versions of Fedora 16 and 17, they will no longer work, but since neither of those are supported versions of Fedora, I suspect we don't need to include logic for them.
* Merge pull request #164 from zultron/maintChris St. Pierre2014-04-212-4/+34
|\ | | | | Enable bcfg2-yum-helper to depsolve for arches incompatible with server
| * Enable bcfg2-yum-helper to depsolve for arches incompatible with serverJohn Morris2014-04-212-4/+34
|/ | | | | | | | | | | | | | | | By default, the yum dependency resolver uses the host's architecture to filter compatible packages. This prevents dependency resolution when the bcfg2 client's architecture is incompatible with the server's. This workaround checks the <Arch/> element for each of the client's yum sources, and if they are all identical, passes that architecture to bcfg2-yum-helper to override the default. The rpmUtils.arch module may only be configured for a single architecture. If multiple architectures are configured in yum sources, we don't know which one to pick, so use the default behavior instead.
* Reporting: Log to debug to prevent spam in logsSol Jerome2014-04-161-2/+2
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* Correctly upgrade or downgrade yum packagesChris St. Pierre2014-04-081-15/+36
| | | | | | | | | | | | Formerly, yum did an 'update' to install the correct version of a package, even if the desired package was older than the installed package. This is wrong; it needs to do a downgrade. This changes it to downgrade when the desired package is older, and upgrade if it is newer. There is still the possibility of upgrading a package that should be downgraded if the desired package is only partially specified, but this should be very rare.
* Merge branch 'maint' of https://github.com/zultron/bcfg2 into maintSol Jerome2014-04-061-9/+9
|\
| * misc/bcfg2.spec: reconcile w/Fedora: re-enable unit tests in EL7John Morris2014-04-061-9/+9
| | | | | | | | | | | | | | EL7 deps needed for unit tests (pylibacl, python-pep8, pylint) now built for EPEL7. https://bugzilla.redhat.com/show_bug.cgi?id=1058427
* | Revert "Systemd: systemd is a replacement for chkconfig"Sol Jerome2014-04-061-2/+0
| | | | | | | | | | | | | | | | This reverts commit 690a18b5bb61516e5c11f6da3d788332373c196b. While systemd is meant to replace chkconfig, it appears that RHEL7 has both and does not provide systemd alternatives for certain SYSV init scripts by default.
* | doc: Add information about ecdsa keysSol Jerome2014-03-242-3/+10
| | | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | doc: Remove references to ConfigFilesSol Jerome2014-03-244-7/+7
| | | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | Core: better error messages when altsrc bind failsChris St. Pierre2014-03-141-3/+4
| |
* | bcfg2-report-collector: better error messages when failing to daemonizeChris St. Pierre2014-03-041-0/+13
| |
* | cleared pylint error on PluginDatabaseModel metadata optionsChris St. Pierre2014-03-031-1/+2
| |
* | Core: close all database connections at the end of XML-RPC requestsChris St. Pierre2014-03-031-6/+26
| |
* | Reporting: properly close db connectionChris St. Pierre2014-02-282-4/+6
| | | | | | | | | | | | | | | | | | Close the db connection at the end of each DjangoORM import, not when the reporting collector shuts down. The collector may not have even opened a connection, in the case of a storage backend other than DjangoORM. Fixes #157
* | doc: Fix RPM building documentationSol Jerome2014-02-251-0/+1
|/ | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* doc: Fix GPG key linksSol Jerome2014-02-251-4/+5
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* doc: Fix code blocks for EPEL instructionsSol Jerome2014-02-251-2/+5
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* doc: Add release notesSol Jerome2014-02-252-0/+59
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* POSIX: fixed test to only apply ACLs to non-symlinksv1.3.4Chris St. Pierre2014-02-251-1/+1
|
* Revert "POSIX: fixed test to only apply ACLs to non-symlinks"Chris St. Pierre2014-02-251-2/+2
| | | | | | Massive typo. This reverts commit c51850b13f54d6f46e6c671e5ee1d3f0cacef727.
* POSIX: fixed test to only apply ACLs to non-symlinksChris St. Pierre2014-02-251-2/+2
|
* Version bump to 1.3.4Sol Jerome2014-02-2517-18/+25
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* bcfg2.spec: Fix changelog date orderSol Jerome2014-02-251-6/+6
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* redhat: fixed killproc behavior when multiprocessing core doesn't shut down ↵Chris St. Pierre2014-02-251-1/+7
| | | | properly
* helpers: better error message when failing to read FileBackedChris St. Pierre2014-02-251-1/+2
|
* bcfg2-lint: Verify abstract Package tagsChris St. Pierre2014-02-231-0/+10
|
* Metadata: reread client list from databaseChris St. Pierre2014-02-233-5/+41
| | | | | | | | This fixes two related bugs: One causes Metadata to use an out-of-date cached list of clients when a client is deleted or added with bcfg2-admin; the other causes child worker processes to use an out-of-date cached list of clients when a client is added with a Bcfg2 run when the multiprocessing core is in use.
* Fixed typoChris St. Pierre2014-02-211-1/+1
| | | | Note to self: do not push code before 9 am
* Yum: fix pylint testsChris St. Pierre2014-02-211-2/+2
|
* Yum: only fork to find bcfg2-yum-helper once, for realChris St. Pierre2014-02-211-2/+2
|
* POSIX: Fix verification of symlinksChris St. Pierre2014-02-212-23/+33
| | | | | | | | | | * Stat the link itself, not its target * Get SELinux context from the link, not the target * Don't get ACLs at all; symlinks don't have their own ACLs The first issue listed wasn't actually a bug, because none of the information queried from the target by the stat call was actually used in verification, but it's been fixed for completeness.
* testsuite: Fixed several pylint 1.0 issuesChris St. Pierre2014-02-215-8/+21
|
* doc: Update prerequisitesSol Jerome2014-02-201-1/+5
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* export.py: No longer need escaped %Sol Jerome2014-02-201-2/+2
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* init: wait even longer for bcfg2-server to stopChris St. Pierre2014-02-201-1/+1
|
* core: only shut down core onceChris St. Pierre2014-02-191-0/+10
|
* FAM: Only shut down inotify notifier onceChris St. Pierre2014-02-191-1/+1
|
* export.py: Fix Source0 for changes in c5ad7f0eSol Jerome2014-02-181-2/+2
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* Merge pull request #156 from irconan/default-aclsChris St. Pierre2014-02-184-46/+97
|\ | | | | Support ACLs without a specific user/group
| * support python 2.4 for default ACL checking in LintRichard Connon2014-02-181-6/+7
| |
| * Documentation changes for default ACLsRichard Connon2014-02-141-0/+4
| |
| * Working lint check for invalid default ACLsRichard Connon2014-02-141-29/+18
| |
| * Correct XML source for bundles in default ACL LintRichard Connon2014-02-141-1/+1
| |