| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Proxy: Catch SSL errors and retry
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The SSL library can throw an exception during the XMLRPC method call. There
is no explicit except statement for this type of exception so they get raised
up and abort the client's processing. This patch catches the exception so that
normal retry processing occurs.
Typical traceback:
Traceback (most recent call last):
File "/usr/sbin/bcfg2", line 29, in ?
sys.exit(main())
File "/usr/sbin/bcfg2", line 26, in main
return Client(setup).run()
File "/usr/lib/python2.4/site-packages/Bcfg2/Client/Client.py", line 256, in run
rawconfig = self.get_config(times=times).decode('utf-8')
File "/usr/lib/python2.4/site-packages/Bcfg2/Client/Client.py", line 225, in get_config
self.run_probes(times=times)
File "/usr/lib/python2.4/site-packages/Bcfg2/Client/Client.py", line 151, in run_probes
probes = Bcfg2.Client.XML.XML(str(self.proxy.GetProbes()))
File "/usr/lib/python2.4/site-packages/Bcfg2/Proxy.py", line 81, in __call__
return _orig_Method.__call__(self, *args)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request
verbose=self.__verbose
File "/usr/lib/python2.4/site-packages/Bcfg2/Proxy.py", line 331, in request
return self.parse_response(response)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1255, in parse_response
return self._parse_response(file, None)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1276, in _parse_response
response = file.read(1024)
File "/usr/lib64/python2.4/httplib.py", line 480, in read
s = self.fp.read(amt)
File "/usr/lib64/python2.4/socket.py", line 303, in read
data = self._sock.recv(recv_size)
File "/usr/lib64/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 217, in read
return self._read_bio(size)
File "/usr/lib64/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 202, in _read_bio
return m2.ssl_read(self.ssl, size, self._timeout)
M2Crypto.SSL.SSLError: (104, 'Connection reset by peer')
|
|/
|
|
|
|
|
|
|
| |
In 9eb3db84, Bcfg2.Server.Admin.Mode.__call__() was changed from
pass to raise a NotImplementedError. This causes bcfg2-admin
compare and bcfg2-admin snapshots to fail because they call
Bcfg2.Server.Admin.Mode.__call__() right away. Since that method
didn't do anything anyway, it seems expediant to just avoid the call
altogether.
|
|
|
|
|
|
|
|
| |
This reverts commit f813f86f8ac2bc7b55f4eb6a0d936f1ce4f68ba7. Premature
optimization is the root of all evil, etc.
Conflicts:
src/lib/Bcfg2/Reporting/Collector.py
|
|
|
|
|
|
| |
1. Use a better convention for calling the threading.Thread constructor
2. Add docstring to ReportingStoreThread.run
3. Give the storage thread variable a better name
|
|\
| |
| |
| | |
reporting-thread-each-data-import
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This ensures consistency between the in-memory representation of
clients.xml and the representation on disk. If we don't read our
writes immediately, there's a race condition when creating a new
client: If it asserts its profile or version before the FAM event from
the clients.xml edit is processed, then the clients doesn't appear to
exist yet, and Bcfg2 complains.
|
| | |
|
| | |
|
| | |
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When dealing with a high-latency database connection (eg. across a
WAN), the bcfg2-report-collector process can fall behind in its
import queue. The imports are very much bound by the response
latency of the database server and not processing throughput.
This patch fires off a new thread for each database interaction.
The thread itself simply falls out of scope when the interaction
is finished processing. The interaction object is still read from
the disk serially in order avoid having to create a locking mechanism
for that part of the process.
This change does potentially create greater load on the database
server, but ultimately the load is limited by rate at which the
bcfg2 server can generate work.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
AWSTags allows querying tags from EC2, and setting groups based on the
tag names or values.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
The duplicate group check parsed groups differently from the actual
groups.xml parsing routines; the latter followed the documentation,
while the duplicate group check did now. This fixes the duplicate
group check to parse groups.xml correctly when looking for duplicates.
Fixes #140
|
|
|
|
|
|
|
|
|
| |
created
Previously, only two cases were handled properly: both public and
private keys had been created; or neither had been created. If the
private key had been created (e.g., manually added to the repo), the
public key would not be created from it. This fixes that.
|
|
|
|
|
|
| |
When installing an entry with no ACLs specified, but with ACLs on the
file as it exists on the filesystem, the ACL mask was preserved, even
as the ACLs are deleted.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
|
|
|
|
|
| |
Connector plugins can now create new groups, including the full range
of options on those groups (profile, public, category, etc.).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This monitors XIncluded files even if should_monitor=False, since the
object monitoring the base file will not monitor XIncludes. This
ensures that XIncluded files are properly monitored whenever possible,
particularly for Bundler and Properties.
This is a partial backport of 5b66845 -- as much of a backport as is
possible without a module-level FAM object.
|
|\
| |
| |
| |
| | |
kincl/pre-action-processing-with-independent-entries
Pre action processing with independent entries
|
| | |
|
| |
| |
| |
| | |
determining if a bundle has been modified
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|/
|
|
| |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|
|
|
|
|
| |
This reverts commit 542ededa8297b1889542d97b9bdfb8345dd7550c.
Committed to wrong branch.
|
|
|
|
|
|
| |
This makes HandlesEntry work with the new code that's in place for
StructFile to replace XMLSrc. Fixes
https://github.com/Bcfg2/bcfg2/commit/2169edc1bba82076db776b75db89b79d6f2f4786#commitcomment-3968162
|
| |
|
|
|
|
|
|
|
| |
decode_request_content() just adds support for gzipped content, which
the Bcfg2 client doesn't support. Given that this feature was only
added in Python 2.7, it's unlikely we'll be adding support for gzipped
POST content any time soon.
|
|
|
|
|
|
| |
Fixed long lines.
Improved efficiency by avoiding multiple loops over the same data.
|
|
|
|
|
|
|
|
| |
This updates the do_POST() code to cleave more closely to the code in
SimpleXMLRPCHandler.do_POST (plus SSL magic, of course). In doing so,
it eliminates a select() call whose timeouts were not handled
properly, and which thus left stray idle processes around after
incomplete XML-RPC calls.
|
|
|
|
| |
of just self.clients
|
|
|
|
|
|
|
|
| |
If you don't supply a mode to the selinux.matchpathcon() function, it
fails to properly look up the context in some circumstances related to
context patterns in the SELinux policy. This change looks up the mode
and supplies it to the function.
(cherry picked from commit 20a2c9a8fb6c6ecbed259b5deccb01c01bf3304f)
|
|
|
|
|
|
|
|
|
| |
Following the same logic as 360ba2e7, we should be explicit about
the need to detach the bcfg2-report-collector process.
Side note: this bit me because I was starting the bcfg2 server
processes via SSH, and the way python-daemon checks for being
started by inetd is to see if stdin is a socket. (??)
|
| |
|
|
|
|
|
| |
This makes category negation consistent, and also makes it work like
it did in Bcfg2 1.2
|