From 9fece077393cec3fe0ac540b30eaa9a67b1a3d49 Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Mon, 12 May 2014 13:50:53 -0400 Subject: catch errors base64 decoding encrypted properties data --- src/lib/Bcfg2/Server/Plugins/Properties.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Server/Plugins/Properties.py b/src/lib/Bcfg2/Server/Plugins/Properties.py index 6f054fd33..bbca01ead 100644 --- a/src/lib/Bcfg2/Server/Plugins/Properties.py +++ b/src/lib/Bcfg2/Server/Plugins/Properties.py @@ -212,7 +212,7 @@ class XMLPropertyFile(Bcfg2.Server.Plugin.StructFile, PropertyFile): except UnicodeDecodeError: self.logger.info("Properties: Decrypted %s to gibberish, " "skipping" % el.tag) - except Bcfg2.Encryption.EVPError: + except (TypeError, Bcfg2.Encryption.EVPError): strict = self.xdata.get( "decrypt", SETUP.cfp.get(Bcfg2.Encryption.CFG_SECTION, "decrypt", -- cgit v1.2.3-1-g7c22 From 94240fb128c3d19a7e013b0960da5dba5b1c0f30 Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Thu, 15 May 2014 09:04:46 -0400 Subject: XMLFileBacked: Watch XIncluded files that do not exist This makes a best effort to watch XIncluded files that do not exist. Assume that you have XIncluded ``foo.xml``, the following (currently) fails: mv foo.xml /tmp mv /tmp/foo.xml . Bcfg2 processes the deletion event, and stops watching ``foo.xml``; consequently, it receives no creation event when you put ``foo.xml`` back. This does not fix the situation where you add a new file that is matched by a wildcard XInclude, which turns out to be much more difficult, and will likely require a significant restructuring of how wildcard XIncludes are processed. (I.e., we'll need to place a monitor on the directory or directories where the wildcard XInclude is looking, and then filter events according to the wildcard.) --- src/lib/Bcfg2/Server/Plugin/helpers.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Server/Plugin/helpers.py b/src/lib/Bcfg2/Server/Plugin/helpers.py index 170af50ac..55dd255cd 100644 --- a/src/lib/Bcfg2/Server/Plugin/helpers.py +++ b/src/lib/Bcfg2/Server/Plugin/helpers.py @@ -581,7 +581,13 @@ class XMLFileBacked(FileBacked): if el.findall('./%sfallback' % Bcfg2.Server.XI_NAMESPACE): self.logger.debug(msg) else: - self.logger.warning(msg) + self.logger.error(msg) + # add a FAM monitor for this path. this isn't perfect + # -- if there's an xinclude of "*.xml", we'll watch + # the literal filename "*.xml". but for non-globbing + # filenames, it works fine. + if fpath not in self.extra_monitors: + self.add_monitor(fpath) parent = el.getparent() parent.remove(el) -- cgit v1.2.3-1-g7c22 From 06dcdcdf6d333f7bf9c2fee642d6d31a0533932d Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Thu, 15 May 2014 09:21:58 -0400 Subject: Metadata: Reread clients.xml/groups.xml more carefully Avoid building client metadata while rereading those files, and expire the metadata cache afterwards. --- src/lib/Bcfg2/Server/Plugins/Metadata.py | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/src/lib/Bcfg2/Server/Plugins/Metadata.py b/src/lib/Bcfg2/Server/Plugins/Metadata.py index d6febcff6..1e5544c6b 100644 --- a/src/lib/Bcfg2/Server/Plugins/Metadata.py +++ b/src/lib/Bcfg2/Server/Plugins/Metadata.py @@ -787,6 +787,11 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, def _handle_clients_xml_event(self, _): # pylint: disable=R0912 """ handle all events for clients.xml and files xincluded from clients.xml """ + # disable metadata builds during parsing. this prevents + # clients from getting bogus metadata during the brief time it + # takes to rebuild the clients.xml data + self.states['clients.xml'] = False + xdata = self.clients_xml.xdata self.clients = [] self.clientgroups = {} @@ -848,8 +853,9 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, self.clientgroups[clname].append(profile) except KeyError: self.clientgroups[clname] = [profile] - self.states['clients.xml'] = True self.update_client_list() + self.expire_cache() + self.states['clients.xml'] = True def _get_condition(self, element): """ Return a predicate that returns True if a client meets @@ -877,7 +883,15 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, def _handle_groups_xml_event(self, _): # pylint: disable=R0912 """ re-read groups.xml on any event on it """ + # disable metadata builds during parsing. this prevents + # clients from getting bogus metadata during the brief time it + # takes to rebuild the groups.xml data + self.states['groups.xml'] = False + self.groups = {} + self.group_membership = dict() + self.negated_groups = dict() + self.ordered_groups = [] # first, we get a list of all of the groups declared in the # file. we do this in two stages because the old way of @@ -902,10 +916,6 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, if grp.get('default', 'false') == 'true': self.default = grp.get('name') - self.group_membership = dict() - self.negated_groups = dict() - self.ordered_groups = [] - # confusing loop condition; the XPath query asks for all # elements under a Group tag under a Groups tag; that is # infinitely recursive, so "all" elements really means _all_ @@ -938,6 +948,7 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, self.group_membership.setdefault(gname, []) self.group_membership[gname].append( self._aggregate_conditions(conditions)) + self.expire_cache() self.states['groups.xml'] = True def expire_cache(self, key=None): @@ -1448,6 +1459,10 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, self.logger.debug("Metadata: Re-reading client list from database") old = set(self.clients) self.clients = self.list_clients() + + # we could do this with set.symmetric_difference(), but we + # want detailed numbers of added/removed clients for + # logging new = set(self.clients) added = new - old removed = old - new @@ -1455,9 +1470,7 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, (len(added), added)) self.logger.debug("Metadata: Removed %s clients: %s" % (len(removed), removed)) - # we could do this with set.symmetric_difference(), but we - # want detailed numbers of added/removed clients for - # logging + for client in added.union(removed): self.expire_cache(client) -- cgit v1.2.3-1-g7c22 From 418c799f74c66dc2ab3228a7044a57292f2344b4 Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Sat, 17 May 2014 11:00:56 -0500 Subject: Init: Remove stray whitespace Signed-off-by: Sol Jerome --- src/lib/Bcfg2/Server/Admin/Init.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Server/Admin/Init.py b/src/lib/Bcfg2/Server/Admin/Init.py index 153d7bea6..fdab5abca 100644 --- a/src/lib/Bcfg2/Server/Admin/Init.py +++ b/src/lib/Bcfg2/Server/Admin/Init.py @@ -113,7 +113,7 @@ def create_key(hostname, keypath, certpath, country, state, location): hostname, keypath)) subprocess.call((kcstr), shell=True) - ccstr = ("openssl req -batch -new -subj '/C=%s/ST=%s/L=%s/CN=%s' -key %s " + ccstr = ("openssl req -batch -new -subj '/C=%s/ST=%s/L=%s/CN=%s' -key %s " "| openssl x509 -req -days 1000 -signkey %s -out %s" % (country, state, location, -- cgit v1.2.3-1-g7c22 From ff5164c949215a8d961bb20971c70c62781309a0 Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Thu, 22 May 2014 09:09:43 -0400 Subject: GroupLogic: parse generated template properly to allow xinclude --- src/lib/Bcfg2/Server/Plugins/GroupLogic.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Server/Plugins/GroupLogic.py b/src/lib/Bcfg2/Server/Plugins/GroupLogic.py index d74c16e8b..24547949b 100644 --- a/src/lib/Bcfg2/Server/Plugins/GroupLogic.py +++ b/src/lib/Bcfg2/Server/Plugins/GroupLogic.py @@ -66,7 +66,7 @@ class GroupLogic(Bcfg2.Server.Plugin.Plugin, return [] self._local.building.add(metadata.hostname) rv = [] - for el in self.config.get_xml_value(metadata).findall("Group"): + for el in self.config.get_xml_value(metadata).xpath("//Group"): if el.get("category"): rv.append(MetadataGroup(el.get("name"), category=el.get("category"))) -- cgit v1.2.3-1-g7c22 From c96e850180467ef0710ec5d5e7b1e7010a3f6050 Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Mon, 9 Jun 2014 14:26:36 -0500 Subject: doc: Clarify genshi bundle specification Signed-off-by: Sol Jerome --- doc/server/plugins/structures/bundler/index.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/doc/server/plugins/structures/bundler/index.txt b/doc/server/plugins/structures/bundler/index.txt index a19959e66..51f2da60c 100644 --- a/doc/server/plugins/structures/bundler/index.txt +++ b/doc/server/plugins/structures/bundler/index.txt @@ -1,4 +1,5 @@ .. -*- mode: rst -*- +.. vim: ft=rst .. _server-plugins-structures-bundler-index: @@ -114,12 +115,12 @@ Genshi templates ================ Genshi XML templates allow you to use the `Genshi -`_ templating system to dynamically -generate a bundle. Genshi templates can be specified one of two ways: +`_ templating system to dynamically generate +a bundle. Genshi templates can be specified **one** of two ways: -1. Add an XML-style genshi template to the Bundler directory with a +* Add an XML-style genshi template to the Bundler directory with a ``.genshi`` and the associated namespace attribute. -2. Simply add the appropriate namespace attribute to your existing XML +* Simply add the appropriate namespace attribute to your existing XML bundle. The top-level Bundle tag should look like the following:: -- cgit v1.2.3-1-g7c22 From 433974d9311f68f199bedf1c2710381e0bc8d34a Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Tue, 10 Jun 2014 09:30:17 -0500 Subject: misc/bcfg2.spec: Remove unnecessary requirement python-nose is only required for running the nosetests. It is not required by bcfg2-server. Signed-off-by: Sol Jerome --- misc/bcfg2.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/misc/bcfg2.spec b/misc/bcfg2.spec index 12be59fd1..c538aa438 100644 --- a/misc/bcfg2.spec +++ b/misc/bcfg2.spec @@ -201,7 +201,6 @@ Requires: python-daemon Requires: /usr/sbin/sendmail Requires: /usr/bin/openssl Requires: graphviz -Requires: python-nose %if %{_vendor} == redhat %if 0%{?fedora} >= 16 -- cgit v1.2.3-1-g7c22 From d8a3dcc84dfcbe3f67d7768c0050962b1f953d7e Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Tue, 10 Jun 2014 09:46:19 -0500 Subject: Revert "misc/bcfg2.spec: Remove unnecessary requirement" This reverts commit 433974d9311f68f199bedf1c2710381e0bc8d34a. python-nose is required by bcfg2-test. --- misc/bcfg2.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/misc/bcfg2.spec b/misc/bcfg2.spec index c538aa438..12be59fd1 100644 --- a/misc/bcfg2.spec +++ b/misc/bcfg2.spec @@ -201,6 +201,7 @@ Requires: python-daemon Requires: /usr/sbin/sendmail Requires: /usr/bin/openssl Requires: graphviz +Requires: python-nose %if %{_vendor} == redhat %if 0%{?fedora} >= 16 -- cgit v1.2.3-1-g7c22 From 9b36d0bf226e19baf50c45faac601effb8c17090 Mon Sep 17 00:00:00 2001 From: Tim Laszlo Date: Tue, 10 Jun 2014 12:03:28 -0500 Subject: Setup reporting transport before starting threads --- src/lib/Bcfg2/Server/Plugins/Reporting.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Server/Plugins/Reporting.py b/src/lib/Bcfg2/Server/Plugins/Reporting.py index 3354763d4..fa11d9250 100644 --- a/src/lib/Bcfg2/Server/Plugins/Reporting.py +++ b/src/lib/Bcfg2/Server/Plugins/Reporting.py @@ -57,7 +57,7 @@ class Reporting(Statistics, Threaded, PullSource, Debuggable): self.logger.error(msg) raise PluginInitError(msg) - def start_threads(self): + # This must be loaded here for bcfg2-admin try: self.transport = load_transport_from_config(self.core.setup) except TransportError: @@ -68,6 +68,9 @@ class Reporting(Statistics, Threaded, PullSource, Debuggable): if self.debug_flag: self.transport.set_debug(self.debug_flag) + def start_threads(self): + pass + def set_debug(self, debug): rv = Debuggable.set_debug(self, debug) if self.transport is not None: -- cgit v1.2.3-1-g7c22