summaryrefslogtreecommitdiffstats
path: root/src/lib/Bcfg2
Commit message (Collapse)AuthorAgeFilesLines
* fix keyboard interrupt during intial event handlingAlexander Sulfrian2014-10-262-1/+3
| | | | | | | This removes some wildcard except handler because this drops some KeyboardInterrupt exceptions (for example previously a KeyboardInterrupt during the loading of the cache for Packages resulted in a fallback to file read).
* Server/Core: also shutdown on exceptions during fam blockingAlexander Sulfrian2014-10-251-5/+5
| | | | | | | Previously the server got stuck, if a keyboard interrupt occured during block_for_fam_events. The KeyboardInterrupt exception was only handled in the executable and it does not call shutdown for the Core. So the running fam thread does not get killed and the main thread waits for it.
* Merge branch 'cleanup_pidfile' of https://github.com/mattikus/bcfg2 into maintSol Jerome2014-10-232-23/+41
|\
| * Remove PIDFileError as it does not always exist in the package and is rarely ↵Matt Kemp2014-10-021-5/+0
| | | | | | | | used.
| * Catch possible typeerror resulting from None being returned when reading the ↵Matt Kemp2014-10-022-2/+2
| | | | | | | | pid.
| * Fixes to ensure pidfile can be opened or broken if stale.Matt Kemp2014-10-012-19/+15
| |
| * pylint fixes.Matt Kemp2014-10-011-3/+4
| |
| * Attempt to break the pid lock during startup.Matt Kemp2014-10-012-15/+41
| | | | | | | | | | | | | | | | This commit attempts to break the pidfilelock during startup in cases where the process may have exited without successfully cleaning up the lockfile. It also attempts to grab the lock before opening the context. Also applied to the Collector module, which may have been looking for the wrong exception since it does not rely on a timeout.
* | Merge branch 'reporting-fix-filter' of https://github.com/AlexanderS/bcfg2 ↵Sol Jerome2014-10-232-39/+50
|\ \ | | | | | | | | | into maint
| * | Reporting: better exception handlingAlexander Sulfrian2014-10-201-33/+44
| | | | | | | | | | | | Try to keep the try-except-blocks as small as possible.
| * | Reporting: fix filter urlsAlexander Sulfrian2014-10-121-6/+6
| | | | | | | | | | | | | | | | | | The regex match for the filter urls were to strict. They disallowed some charaters, that are valid in group names and so the django reverse mechanism for building urls failed.
* | | Merge branch 'add-name-for-sources' of https://github.com/AlexanderS/bcfg2 ↵Sol Jerome2014-10-211-2/+11
|\ \ \ | | | | | | | | | | | | into maint
| * | | Packages: add name to additional_data for SourcesAlexander Sulfrian2014-10-181-0/+1
| | | |
| * | | Packages: add name to sourcesAlexander Sulfrian2014-10-181-2/+10
| |/ /
* | | Merge branch 'ssl-protocol-fix' of github.com:solj/bcfg2 into maintSol Jerome2014-10-213-5/+10
|\ \ \
| * | | Proxy.py: Pass through SSL protocol optionSol Jerome2014-10-153-5/+10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we were not passing through the SSL protocol specified in the client's bcfg2.conf which caused it to unconditionally be set to xmlrpc/ssl. While this appears to automagically work with newer versions of openssl, the version in e.g. centos5 will fail if the server is set to use TLSv1. This commit passes through the setting from the client's bcfg2.conf so that older clients can talk to servers which are set to TLSv1 (in order to mitigate the effects of POODLE). Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* / / YUM: Add options to enable and disable Yum pluginsJonathan Billings2014-10-172-0/+22
|/ / | | | | | | | | | | | | | | | | | | | | Adds two options you can define: * disabled_plugins: A comma-separated list of plugins to disable * enabled_plugins: A comma-separated list of plugins to enable This allows you to run bcfg2 with certain plugins enabled or disabled when they're not set that way in the yum configuration. This is useful because the Bcfg2 YUM plugin is initialized before it can read in any files that might overwrite yum plugin configuration.
* | use Bcfg2.Compat to get any()Michael Fenn2014-09-101-1/+1
| |
* | Use older nested try syntax for finally for python 2.4 compatMichael Fenn2014-09-101-4/+5
| |
* | Use the older Thread.getName() interface for python 2.4 compatMichael Fenn2014-09-101-1/+1
| |
* | Version bump to 1.3.5v1.3.5Sol Jerome2014-09-052-2/+2
| | | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | Merge branch 'sysv-http' of https://github.com/nathanolla/bcfg2 into maintSol Jerome2014-08-262-3/+45
|\ \
| * | Log when downloading packages via HTTPNathan Olla2014-08-191-0/+2
| | |
| * | Check for origpkgtool attribute to prevent things that subclass SYSV from ↵Nathan Olla2014-07-161-6/+8
| | | | | | | | | | | | breaking
| * | Remove unused import of copyNathan Olla2014-07-161-1/+0
| | |
| * | Implement _get_package_command and append _sysv_pkg_path attributeNathan Olla2014-07-161-33/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of doing a partially complete Install() method for SYSV, implements a custom _get_package_command that will use the _sysv_pkg_path attribute added by the pkgmogrify call. This will allow the installs to complete. Unfortunately, the single-pass install will still fail if there are any packages with an http:// URL. The pkgadd invocation for 'device' sources doesn't take multiple packages and the 'datastream' invocation doesn't handle packages with an HTTP URL. Finally, there is no reliable standard naming convention for SYSV datastream files, so the simplename attribute is re-used. There is a known issue with this patch - if any packages specified in the PackageList have an http url, the single-pass install will produce an error like: Trying single pass package install for pkgtype sysv pkgadd: ERROR: Failure occurred with http(s) negotiation: <'Peername' doesn't match 'host' or no matching entry> pkgadd: ERROR: unable to download package datastream from <http://install1.d.stor.en.desres.deshaw.com/jumpstart10U10/packages>. Single Pass Failed because the command that results isn't valid syntax for pkgadd. A workaround would be to add code to skip the single-pass install if any packages had the simplename attribute, or by checking the url for the presence of 'http'. I'm not sure if that should be fixed or if this is reasonable in this case.
| * | Fix indentingNathan Olla2014-07-141-5/+4
| | |
| * | Fix indent.Nathan Olla2014-07-141-1/+1
| | |
| * | Add urlretrieve to Compat and documentNathan Olla2014-07-142-3/+5
| | |
| * | SYSV: Implement downloading and installing SYSV packages from HTTPNathan Olla2014-07-141-2/+46
| | | | | | | | | | | | | | | | | | | | | | | | pkgadd has different syntax for different sources (datastream and file system format) which makes using a single pkgtool variable difficult. Also, SYSV packages in datastream format don't necessarily have uniform names. Therefore, use the existing 'simplename' attribute to specify the datastream file name.
* | | Reporting: Remove duplicate methodSol Jerome2014-08-141-3/+0
| | | | | | | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | | Packages/Apt: Essential could be "no"Alexander Sulfrian2014-07-281-1/+2
| | | | | | | | | | | | | | | | | | The "Essential" field in the package control fields could be "yes" or "no". Only yes sould define the package as essential. The value "no" sould be handled same as not having the field at all.
* | | Merge pull request #183 from AlexanderS/errexit-stderrChris St. Pierre2014-07-261-1/+1
|\ \ \ | | | | | | | | Server/Admin: fatal errors should go to stderr
| * | | Server/Admin: fatal errors should go to stderrAlexander Sulfrian2014-07-271-1/+1
| | | | | | | | | | | | | | | | | | | | If an error occurs, that leads to an termination of the process, this error should be printed to stderr.
* | | | POSIXUsers.py: Allow supplementary group = primarySol Jerome2014-07-181-1/+1
| | | | | | | | | | | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | | | Reporting: Fix prune items import and displaySol Jerome2014-07-152-2/+2
| |/ / |/| | | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | | debsums: read output from stderr instead of stdoutArach2014-07-051-1/+1
| | |
* | | Fix email reporting bugMatt Kemp2014-06-121-1/+1
| | | | | | | | | This fixes a subtle bug by enforcing that it's a tuple of 2-tuples rather than just a single 2-tuple.
* | | Setup reporting transport before starting threadsTim Laszlo2014-06-101-1/+4
| | |
* | | GroupLogic: parse generated template properly to allow xincludeChris St. Pierre2014-05-221-1/+1
| | |
* | | Init: Remove stray whitespaceSol Jerome2014-05-171-1/+1
|/ / | | | | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* | Metadata: Reread clients.xml/groups.xml more carefullyChris St. Pierre2014-05-151-8/+21
| | | | | | | | | | Avoid building client metadata while rereading those files, and expire the metadata cache afterwards.
* | XMLFileBacked: Watch XIncluded files that do not existChris St. Pierre2014-05-151-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes a best effort to watch XIncluded files that do not exist. Assume that you have XIncluded ``foo.xml``, the following (currently) fails: mv foo.xml /tmp mv /tmp/foo.xml . Bcfg2 processes the deletion event, and stops watching ``foo.xml``; consequently, it receives no creation event when you put ``foo.xml`` back. This does not fix the situation where you add a new file that is matched by a wildcard XInclude, which turns out to be much more difficult, and will likely require a significant restructuring of how wildcard XIncludes are processed. (I.e., we'll need to place a monitor on the directory or directories where the wildcard XInclude is looking, and then filter events according to the wildcard.)
* | catch errors base64 decoding encrypted properties dataChris St. Pierre2014-05-121-1/+1
|/
* fixed pylint/pep-8 testsChris St. Pierre2014-04-2514-45/+44
|
* do not bruteforce Properties decrypts with unknown passphraseChris St. Pierre2014-04-251-12/+5
| | | | | this greatly decreases startup time with lots of data encrypted with missing passphrases
* reduce logging from failed decryption with decrypt=laxChris St. Pierre2014-04-253-30/+25
|
* Enable bcfg2-yum-helper to depsolve for arches incompatible with serverJohn Morris2014-04-211-4/+25
| | | | | | | | | | | | | | | | By default, the yum dependency resolver uses the host's architecture to filter compatible packages. This prevents dependency resolution when the bcfg2 client's architecture is incompatible with the server's. This workaround checks the <Arch/> element for each of the client's yum sources, and if they are all identical, passes that architecture to bcfg2-yum-helper to override the default. The rpmUtils.arch module may only be configured for a single architecture. If multiple architectures are configured in yum sources, we don't know which one to pick, so use the default behavior instead.
* Reporting: Log to debug to prevent spam in logsSol Jerome2014-04-161-2/+2
| | | | Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
* Correctly upgrade or downgrade yum packagesChris St. Pierre2014-04-081-15/+36
| | | | | | | | | | | | Formerly, yum did an 'update' to install the correct version of a package, even if the desired package was older than the installed package. This is wrong; it needs to do a downgrade. This changes it to downgrade when the desired package is older, and upgrade if it is newer. There is still the possibility of upgrading a package that should be downgraded if the desired package is only partially specified, but this should be very rare.