| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Since we're exposing more stuff via XML-RPC, this adds a default,
fairly restrictive ACL plugin if no other ClientACLs plugin is loaded.
This makes us secure by default.
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit 35498c8b849c15632d720656d5736c4c85f76b53.
group_in_category() access data that's held on the ClientMetadata
object, and getting that data via the MetadataQuery object would be
more expensive.
|
|
|
|
|
|
|
|
|
|
|
| |
Substantially rewrote the way the Probes plugin caches data.
Formerly, it was structured to assume that probe data was stored in
probed.xml, with the database feature very much a second-class
citizen; this adds a proper abstraction layer between the persistent
storage and the plugin (and its caches).
Also rewrote most Probes unit tests to actually be useful unit tests,
not implementation tests.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The caching facilities in Bcfg2.Server.Cache provided basically no
features. This rewrites that to allow for much more powerful cache
expiration, with a particular focus on interoperation between
different components and plugins to let caches be expired as
necessary. (E.g., the Probes plugin can expire the Metadata cache.)
This does not affect any of the file data cached by Bcfg2, only the
caches that are populated with arbitrary data (Metadata, Packages,
Probes, etc.).
|
|
|
|
|
|
|
| |
Moved ClientMetadata.group_in_category to
MetadataQuery.group_in_category, with a deprecation warning for the
old place. Also changed the null answer (i.e., this client isn't in a
group in that category) to None from ''.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds encryption support to SSL key creation (much like SSH
private keys), and the ability to generate keys and certs that are
specific to groups, instead of just to hosts. It also moves the SSLCA
data (the XML files describing keys and certs as well as the keys and
certs themselves) into the Cfg tree, rather than off in their own
separate place.
tools/upgrade/1.4/migrate_sslca.py can be used to migrate to the new
format.
This also adds XMLCfgCreator, a CfgCreator that makes it easier to
create data based on XML descriptions of it (which is exactly what the
SSH key and SSL CA creators do), including built-in support for host-
and group-specific data, encryption, and so on.
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| | |
Conflicts:
src/lib/Bcfg2/Server/Admin/Viz.py
src/lib/Bcfg2/Server/Plugins/Packages/__init__.py
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
This fixes cases where the collection itself would not be cached
because a host had no sources, or multiple sources of different types;
we still want to cache package group results and package sets (both of
which will be empty).
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
Also abstracted getting the list of objects that may register RMI
calls into a separate function.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/lib/Bcfg2/Client/Frame.py
src/lib/Bcfg2/Options.py
src/lib/Bcfg2/Server/Admin/Init.py
src/lib/Bcfg2/Server/Admin/Xcmd.py
src/lib/Bcfg2/Server/BuiltinCore.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/MultiprocessingCore.py
src/lib/Bcfg2/Server/Plugin/base.py
src/lib/Bcfg2/Server/Plugin/helpers.py
src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py
src/lib/Bcfg2/Server/Plugins/Packages/Yum.py
src/lib/Bcfg2/Server/Plugins/Packages/__init__.py
src/lib/Bcfg2/Server/SSLServer.py
src/lib/Bcfg2/Utils.py
src/lib/Bcfg2/settings.py
src/sbin/bcfg2-crypt
src/sbin/bcfg2-info
src/sbin/bcfg2-lint
src/sbin/bcfg2-test
src/sbin/bcfg2-yum-helper
tools/bcfg2-profile-templates.py
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
doc/appendix/files/mysql.txt
doc/getting_started/index.txt
doc/server/plugins/structures/bundler/kernel.txt
src/lib/Bcfg2/Server/MultiprocessingCore.py
src/lib/Bcfg2/Server/Plugin/interfaces.py
src/lib/Bcfg2/Server/Plugins/Packages/Yum.py
src/lib/Bcfg2/Server/Plugins/Probes.py
src/lib/Bcfg2/Server/Plugins/SSHbase.py
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This gives a single unified interface for expiring caches, no matter
the plugin. This will be particularly useful with the
MultiprocessingCore, as certain calls must be dispatched to child
processes to expire their caches.
|
| | | |
|
| |\ \
| | | |
| | | |
| | | |
| | | | |
fennm/metadata-dont-update-xml-on-gratuitous-profile-update
Metadata: Don't update XML on gratuitous profile update
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Rather than doing some ad-hoc lookups of internal data structures
stpierre suggested that it'd be better to use the normal metadata
build procedures. This implements that and adjusts the tests.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Based on the expectations of the tests, I am reasonably confident
that updating the in memory structures is logically part of changing
the client's profile so I put it in the if block
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Check to see if the profile that is being set by set_profile
exactly matches the existing profile list. If it does, then avoid
writing out a new clients.xml. This simple optimization reduces
the amount of clients.xml rewriting that occurs if you have a
bunch of clients running bcfg2 -p at the same time (for example,
during a cluster rebuild).
|