| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For both Encrypting and Decrypting of Properties
files, we should by default only attempt to execute
on elements that have an "encrypted" attribute defined.
The code will already attempt to encrypt every element
if nothing in the current document matches this xpath,
which catches the case of a user trying to fully
encrypt a completely new properties file.
Conflicts:
src/lib/Bcfg2/Server/Encryption.py
|
|
|
|
|
| |
this greatly decreases startup time with lots of data encrypted with
missing passphrases
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the RPM scriptlets, there's first a check for fedora 18 or greater,
then if that's not true, a check for fedora 16 or greater. Due to
some bug in how nested %if statements work in RPM scriptlets, the
second test is evaluating true even on non-Fedora systems, which is
leading to systemd commands being put in RHEL6 RPM scriptlets.
This change removes the second check. If there needed to be a check
for versions of Fedora 16 and 17, they will no longer work, but since
neither of those are supported versions of Fedora, I suspect we don't
need to include logic for them.
|
|\
| |
| | |
Enable bcfg2-yum-helper to depsolve for arches incompatible with server
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default, the yum dependency resolver uses the host's architecture
to filter compatible packages. This prevents dependency resolution
when the bcfg2 client's architecture is incompatible with the
server's.
This workaround checks the <Arch/> element for each of the client's yum
sources, and if they are all identical, passes that architecture to
bcfg2-yum-helper to override the default.
The rpmUtils.arch module may only be configured for a single
architecture. If multiple architectures are configured in yum
sources, we don't know which one to pick, so use the default behavior
instead.
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Formerly, yum did an 'update' to install the correct version of a
package, even if the desired package was older than the installed
package. This is wrong; it needs to do a downgrade. This changes it
to downgrade when the desired package is older, and upgrade if it is
newer.
There is still the possibility of upgrading a package that should be
downgraded if the desired package is only partially specified, but
this should be very rare.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
EL7 deps needed for unit tests (pylibacl, python-pep8, pylint) now
built for EPEL7.
https://bugzilla.redhat.com/show_bug.cgi?id=1058427
|
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 690a18b5bb61516e5c11f6da3d788332373c196b.
While systemd is meant to replace chkconfig, it appears that RHEL7 has
both and does not provide systemd alternatives for certain SYSV init
scripts by default.
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Close the db connection at the end of each DjangoORM import, not when
the reporting collector shuts down. The collector may not have even
opened a connection, in the case of a storage backend other than
DjangoORM.
Fixes #157
|
|/
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
|
|
|
|
|
|
| |
Massive typo.
This reverts commit c51850b13f54d6f46e6c671e5ee1d3f0cacef727.
|
| |
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
| |
properly
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This fixes two related bugs: One causes Metadata to use an out-of-date
cached list of clients when a client is deleted or added with
bcfg2-admin; the other causes child worker processes to use an
out-of-date cached list of clients when a client is added with a Bcfg2
run when the multiprocessing core is in use.
|
|
|
|
| |
Note to self: do not push code before 9 am
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Stat the link itself, not its target
* Get SELinux context from the link, not the target
* Don't get ACLs at all; symlinks don't have their own ACLs
The first issue listed wasn't actually a bug, because none of the
information queried from the target by the stat call was actually used
in verification, but it's been fixed for completeness.
|
| |
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|\
| |
| | |
Support ACLs without a specific user/group
|
| | |
|
| | |
|
| | |
|
| | |
|