| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
Conflicts:
doc/server/plugins/structures/bundler/index.txt
src/lib/Bcfg2/Server/Admin/Init.py
src/lib/Bcfg2/Server/Plugins/GroupLogic.py
src/lib/Bcfg2/Server/Plugins/Properties.py
src/lib/Bcfg2/Server/Plugins/Reporting.py
|
| | |
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
| |
| |
| |
| | |
Avoid building client metadata while rereading those files, and expire
the metadata cache afterwards.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes a best effort to watch XIncluded files that do not exist.
Assume that you have XIncluded ``foo.xml``, the following (currently)
fails:
mv foo.xml /tmp
mv /tmp/foo.xml .
Bcfg2 processes the deletion event, and stops watching ``foo.xml``;
consequently, it receives no creation event when you put ``foo.xml``
back.
This does not fix the situation where you add a new file that is
matched by a wildcard XInclude, which turns out to be much more
difficult, and will likely require a significant restructuring of how
wildcard XIncludes are processed. (I.e., we'll need to place a
monitor on the directory or directories where the wildcard XInclude is
looking, and then filter events according to the wildcard.)
|
| | |
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|\ \ |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The new FreeBSDInit tool uses the service and sysrc tools
to manage the FreeBSD rc.d services. There are no hardcoded
paths to /usr/local/etc/rc.d/ anymore and the service tool
handles rc.d scripts in /etc/rc.d/ as well.
Additional to that, the new tool also gathers information
about extra services that are enabled (using service -e)
and can enable new services with sysrc. This is a frontend
for /etc/rc.conf and therefore changes that file.
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
misc/bcfg2.spec
src/lib/Bcfg2/Client/Client.py
src/lib/Bcfg2/Client/Tools/APK.py
src/lib/Bcfg2/Client/Tools/MacPorts.py
src/lib/Bcfg2/Client/Tools/Pacman.py
src/lib/Bcfg2/Client/Tools/YUM.py
src/lib/Bcfg2/Server/Admin/Minestruct.py
src/lib/Bcfg2/Server/Admin/Pull.py
src/lib/Bcfg2/Server/Admin/Viz.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgEncryptedGenerator.py
src/lib/Bcfg2/Server/Plugins/Cfg/CfgPrivateKeyCreator.py
src/lib/Bcfg2/Server/Plugins/Properties.py
src/lib/Bcfg2/settings.py
src/sbin/bcfg2-crypt
src/sbin/bcfg2-info
src/sbin/bcfg2-lint
src/sbin/bcfg2-yum-helper
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/TestCfgEncryptedGenerator.py
testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestProperties.py
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For both Encrypting and Decrypting of Properties
files, we should by default only attempt to execute
on elements that have an "encrypted" attribute defined.
The code will already attempt to encrypt every element
if nothing in the current document matches this xpath,
which catches the case of a user trying to fully
encrypt a completely new properties file.
Conflicts:
src/lib/Bcfg2/Server/Encryption.py
|
| |
| |
| |
| |
| | |
this greatly decreases startup time with lots of data encrypted with
missing passphrases
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
By default, the yum dependency resolver uses the host's architecture
to filter compatible packages. This prevents dependency resolution
when the bcfg2 client's architecture is incompatible with the
server's.
This workaround checks the <Arch/> element for each of the client's yum
sources, and if they are all identical, passes that architecture to
bcfg2-yum-helper to override the default.
The rpmUtils.arch module may only be configured for a single
architecture. If multiple architectures are configured in yum
sources, we don't know which one to pick, so use the default behavior
instead.
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For both Encrypting and Decrypting of Properties
files, we should by default only attempt to execute
on elements that have an "encrypted" attribute defined.
The code will already attempt to encrypt every element
if nothing in the current document matches this xpath,
which catches the case of a user trying to fully
encrypt a completely new properties file.
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
Conflicts:
doc/appendix/guides/import-existing-ssh-keys.txt
misc/bcfg2.spec
src/lib/Bcfg2/Client/Tools/VCS.py
src/lib/Bcfg2/Client/Tools/YUM.py
src/lib/Bcfg2/Encryption.py
src/lib/Bcfg2/Reporting/Collector.py
src/lib/Bcfg2/Reporting/Storage/DjangoORM.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/FileMonitor/__init__.py
src/lib/Bcfg2/Server/Lint/RequiredAttrs.py
src/lib/Bcfg2/Server/Plugin/helpers.py
src/lib/Bcfg2/Server/Plugins/Metadata.py
src/lib/Bcfg2/Server/Plugins/Packages/Yum.py
src/lib/Bcfg2/Server/Plugins/Packages/__init__.py
src/lib/Bcfg2/settings.py
src/sbin/bcfg2-crypt
src/sbin/bcfg2-reports
src/sbin/bcfg2-yum-helper
testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/TestAugeas.py
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Formerly, yum did an 'update' to install the correct version of a
package, even if the desired package was older than the installed
package. This is wrong; it needs to do a downgrade. This changes it
to downgrade when the desired package is older, and upgrade if it is
newer.
There is still the possibility of upgrading a package that should be
downgraded if the desired package is only partially specified, but
this should be very rare.
|
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 690a18b5bb61516e5c11f6da3d788332373c196b.
While systemd is meant to replace chkconfig, it appears that RHEL7 has
both and does not provide systemd alternatives for certain SYSV init
scripts by default.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Close the db connection at the end of each DjangoORM import, not when
the reporting collector shuts down. The collector may not have even
opened a connection, in the case of a storage backend other than
DjangoORM.
Fixes #157
|
| | |
|
| |
| |
| |
| |
| |
| | |
Massive typo.
This reverts commit c51850b13f54d6f46e6c671e5ee1d3f0cacef727.
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Sol Jerome <sol.jerome@gmail.com>
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes two related bugs: One causes Metadata to use an out-of-date
cached list of clients when a client is deleted or added with
bcfg2-admin; the other causes child worker processes to use an
out-of-date cached list of clients when a client is added with a Bcfg2
run when the multiprocessing core is in use.
|
| |
| |
| |
| | |
Note to self: do not push code before 9 am
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Stat the link itself, not its target
* Get SELinux context from the link, not the target
* Don't get ACLs at all; symlinks don't have their own ACLs
The first issue listed wasn't actually a bug, because none of the
information queried from the target by the stat call was actually used
in verification, but it's been fixed for completeness.
|
| | |
|
| | |
|
| | |
|
| |\
| | |
| | | |
Support ACLs without a specific user/group
|