Fri Aug 07 2009 Todd Zullinger <tmz@pobox.com> - 0.24.8-4 - Fix status -p handling on older RHEL (#501577) - Fix condrestart when daemon's aren't running (#480600) - Fix timeout reading /proc/mounts (upstream #1963) - Fix permissions on /var/log/puppet (#495096) - Fix rails test for activerecord-2.3 (#515728) Wed Jun 24 2009 Jeroen van Meeuwen <kanarip@kanarip.com> - Fix permissions on /var/run/puppet/ (#495096) - Support initializing supplementary groups (#1806, #475201, Till Maas) - Own the correct vim directory - Move ext/ outside of doc datadir (rpmlint) - Require ruby(selinux) rather then libselinux-ruby (#507848)epel9
parent
5e5467ffeb
commit
53644be932
@ -0,0 +1,46 @@
|
|||||||
|
From a7a9fb5afaa58922bb6ecb49e04b5ed59f381d22 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Luke Kanies <luke@madstop.com>
|
||||||
|
Date: Thu, 23 Apr 2009 18:56:30 -0500
|
||||||
|
Subject: [PATCH/puppet] Fixing the Rails feature test to require 2.3.x
|
||||||
|
|
||||||
|
Signed-off-by: Luke Kanies <luke@madstop.com>
|
||||||
|
---
|
||||||
|
lib/puppet/feature/rails.rb | 21 ++++-----------------
|
||||||
|
1 files changed, 4 insertions(+), 17 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/puppet/feature/rails.rb b/lib/puppet/feature/rails.rb
|
||||||
|
index 63e6f00..561863c 100644
|
||||||
|
--- a/lib/puppet/feature/rails.rb
|
||||||
|
+++ b/lib/puppet/feature/rails.rb
|
||||||
|
@@ -28,24 +28,11 @@ Puppet.features.add(:rails) do
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
- # If we couldn't find it the normal way, try using a Gem.
|
||||||
|
- unless defined? ActiveRecord
|
||||||
|
- begin
|
||||||
|
- require 'rubygems'
|
||||||
|
- require 'rails'
|
||||||
|
- rescue LoadError
|
||||||
|
- # Nothing
|
||||||
|
- end
|
||||||
|
+ unless defined?(::ActiveRecord) and ::ActiveRecord::VERSION::MAJOR == 2 and ::ActiveRecord::VERSION::MINOR == 3
|
||||||
|
+ Puppet.err "ActiveRecord 2.3 required for StoreConfigs"
|
||||||
|
+ raise "ActiveRecord 2.3 required for StoreConfigs"
|
||||||
|
end
|
||||||
|
|
||||||
|
- # We check a fairly specific class, so that we can be sure that we've
|
||||||
|
- # loaded a new enough version of AR that will support the features we
|
||||||
|
- # actually use.
|
||||||
|
- if defined? ActiveRecord::Associations::BelongsToPolymorphicAssociation
|
||||||
|
- require 'puppet/rails'
|
||||||
|
- true
|
||||||
|
- else
|
||||||
|
- false
|
||||||
|
- end
|
||||||
|
+ true
|
||||||
|
end
|
||||||
|
|
||||||
|
--
|
||||||
|
1.6.4
|
||||||
|
|
@ -0,0 +1,82 @@
|
|||||||
|
From fc161e4a5ad4d470d0fe17b734004ab675eaa6ae Mon Sep 17 00:00:00 2001
|
||||||
|
From: Todd Zullinger <tmz@pobox.com>
|
||||||
|
Date: Fri, 3 Jul 2009 10:22:19 -0400
|
||||||
|
Subject: [PATCH/puppet 2/2] conf/redhat/*.init: Fix condrestart/try-restart
|
||||||
|
|
||||||
|
Previously, the Red Hat init scripts used the $pidfile or $lockfile as a
|
||||||
|
test for whether to restart the daemons. This caused condrestart to
|
||||||
|
start the daemons even when they were not running, in cases where they
|
||||||
|
had died or been killed without cleaning up the $pidfile/$lockfile.
|
||||||
|
|
||||||
|
This was reported by Ingvar Hagelund in Red Hat bug #480600.
|
||||||
|
---
|
||||||
|
conf/redhat/client.init | 7 ++++++-
|
||||||
|
conf/redhat/server.init | 11 ++++++++---
|
||||||
|
2 files changed, 14 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/conf/redhat/client.init b/conf/redhat/client.init
|
||||||
|
index f40e81d..fda156c 100644
|
||||||
|
--- a/conf/redhat/client.init
|
||||||
|
+++ b/conf/redhat/client.init
|
||||||
|
@@ -67,6 +67,10 @@ rh_status() {
|
||||||
|
status $statusopts $puppetd
|
||||||
|
}
|
||||||
|
|
||||||
|
+rh_status_q() {
|
||||||
|
+ rh_status >/dev/null 2>&1
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
genconfig() {
|
||||||
|
echo -n $"Generate configuration puppet: "
|
||||||
|
$puppetd ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --genconfig
|
||||||
|
@@ -86,7 +90,8 @@ case "$1" in
|
||||||
|
reload
|
||||||
|
;;
|
||||||
|
condrestart|try-restart)
|
||||||
|
- [ -f "$pidfile" ] && restart
|
||||||
|
+ rh_status_q || exit 0
|
||||||
|
+ restart
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
rh_status
|
||||||
|
diff --git a/conf/redhat/server.init b/conf/redhat/server.init
|
||||||
|
index 6871b9a..74cb52f 100644
|
||||||
|
--- a/conf/redhat/server.init
|
||||||
|
+++ b/conf/redhat/server.init
|
||||||
|
@@ -89,7 +89,7 @@ genconfig() {
|
||||||
|
$PUPPETMASTER $PUPPETMASTER_OPTS --genconfig
|
||||||
|
}
|
||||||
|
|
||||||
|
-puppetmaster_status() {
|
||||||
|
+rh_status() {
|
||||||
|
if [ -n "$PUPPETMASTER_PORTS" ] && [ ${#PUPPETMASTER_PORTS[@]} -gt 1 ]; then
|
||||||
|
for ((i=0; i<${#PUPPETMASTER_PORTS[@]}; i++)); do
|
||||||
|
echo -en "Port ${PUPPETMASTER_PORTS[$i]}: "
|
||||||
|
@@ -103,6 +103,10 @@ puppetmaster_status() {
|
||||||
|
return $RETVAL
|
||||||
|
}
|
||||||
|
|
||||||
|
+rh_status_q() {
|
||||||
|
+ rh_status >/dev/null 2>&1
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
case "$1" in
|
||||||
|
start)
|
||||||
|
start
|
||||||
|
@@ -114,10 +118,11 @@ case "$1" in
|
||||||
|
restart
|
||||||
|
;;
|
||||||
|
condrestart)
|
||||||
|
- [ -f "$lockfile" ] && restart
|
||||||
|
+ rh_status_q || exit 0
|
||||||
|
+ restart
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
- puppetmaster_status
|
||||||
|
+ rh_status
|
||||||
|
;;
|
||||||
|
genconfig)
|
||||||
|
genconfig
|
||||||
|
--
|
||||||
|
1.6.3.3
|
||||||
|
|
@ -0,0 +1,36 @@
|
|||||||
|
From 0ce5b22a45d675de6969f3f5e5d4565be0a2d2d1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ricky Zhou <ricky@fedoraproject.org>
|
||||||
|
Date: Sat, 11 Jul 2009 01:57:52 -0400
|
||||||
|
Subject: [PATCH/puppet] Fix #1963 - Failing to read /proc/mounts for selinux kills file downloads
|
||||||
|
|
||||||
|
This works around a linux kernel bug that causes a select() on
|
||||||
|
/proc/mounts to hang.
|
||||||
|
---
|
||||||
|
lib/puppet/util/selinux.rb | 10 ++++++++--
|
||||||
|
1 files changed, 8 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/puppet/util/selinux.rb b/lib/puppet/util/selinux.rb
|
||||||
|
index cd3b2ac..dc5daec 100644
|
||||||
|
--- a/lib/puppet/util/selinux.rb
|
||||||
|
+++ b/lib/puppet/util/selinux.rb
|
||||||
|
@@ -152,9 +152,15 @@ module Puppet::Util::SELinux
|
||||||
|
|
||||||
|
# Internal helper function to read and parse /proc/mounts
|
||||||
|
def read_mounts
|
||||||
|
+ mounts = ""
|
||||||
|
begin
|
||||||
|
- mountfh = File.open("/proc/mounts", NONBLOCK)
|
||||||
|
- mounts = mountfh.read
|
||||||
|
+ mountfh = File.open("/proc/mounts")
|
||||||
|
+ # We use read_nonblock() in a loop rather than read() to work-around
|
||||||
|
+ # a linux kernel bug. See ticket #1963 for details.
|
||||||
|
+ while true
|
||||||
|
+ mounts += mountfh.read_nonblock(1024)
|
||||||
|
+ end
|
||||||
|
+ rescue EOFError
|
||||||
|
mountfh.close
|
||||||
|
rescue
|
||||||
|
return nil
|
||||||
|
--
|
||||||
|
1.6.3.3
|
||||||
|
|
@ -0,0 +1,25 @@
|
|||||||
|
From f9ccc92662c53d9890e337d4e9f1629eb1ff650f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jeroen van Meeuwen (Fedora Unity) <kanarip@fedoraunity.org>
|
||||||
|
Date: Wed, 24 Jun 2009 15:19:01 +0200
|
||||||
|
Subject: [PATCH/puppet 1/6] Simplest fix for #495096 as it applies to the Fedora based distributions using the Red Hat RPM. Story continues.
|
||||||
|
|
||||||
|
---
|
||||||
|
lib/puppet/defaults.rb | 2 +-
|
||||||
|
1 files changed, 1 insertions(+), 1 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
|
||||||
|
index e36dd70..077faab 100644
|
||||||
|
--- a/lib/puppet/defaults.rb
|
||||||
|
+++ b/lib/puppet/defaults.rb
|
||||||
|
@@ -68,7 +68,7 @@ module Puppet
|
||||||
|
},
|
||||||
|
:rundir => {
|
||||||
|
:default => rundir,
|
||||||
|
- :mode => 01777,
|
||||||
|
+ :mode => 0755,
|
||||||
|
:desc => "Where Puppet PID files are kept."
|
||||||
|
},
|
||||||
|
:genconfig => [false,
|
||||||
|
--
|
||||||
|
1.6.3.3
|
||||||
|
|
@ -0,0 +1,41 @@
|
|||||||
|
From ea04f2700ebdbac7c5abd263df1bbda9eee12097 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Todd Zullinger <tmz@pobox.com>
|
||||||
|
Date: Fri, 3 Jul 2009 09:08:17 -0400
|
||||||
|
Subject: [PATCH/puppet 1/2] conf/redhat/client.init: Fix #2123, status options on older RHEL
|
||||||
|
|
||||||
|
On RHEL < 5, the status function does not accept a -p option. Using it
|
||||||
|
causes 'service puppet status' to produce erroneous output. This was
|
||||||
|
also reported by Aaron Dummer in Red Hat bug #501577.
|
||||||
|
---
|
||||||
|
conf/redhat/client.init | 8 ++++++--
|
||||||
|
1 files changed, 6 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/conf/redhat/client.init b/conf/redhat/client.init
|
||||||
|
index 44caab1..f40e81d 100644
|
||||||
|
--- a/conf/redhat/client.init
|
||||||
|
+++ b/conf/redhat/client.init
|
||||||
|
@@ -62,6 +62,11 @@ restart() {
|
||||||
|
start
|
||||||
|
}
|
||||||
|
|
||||||
|
+rh_status() {
|
||||||
|
+ status | grep -q -- '-p' 2>/dev/null && statusopts="-p $pidfile"
|
||||||
|
+ status $statusopts $puppetd
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
genconfig() {
|
||||||
|
echo -n $"Generate configuration puppet: "
|
||||||
|
$puppetd ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --genconfig
|
||||||
|
@@ -84,8 +89,7 @@ case "$1" in
|
||||||
|
[ -f "$pidfile" ] && restart
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
- status -p "$pidfile" $puppetd
|
||||||
|
- RETVAL=$?
|
||||||
|
+ rh_status
|
||||||
|
;;
|
||||||
|
once)
|
||||||
|
shift
|
||||||
|
--
|
||||||
|
1.6.3.3
|
||||||
|
|
@ -0,0 +1,74 @@
|
|||||||
|
From 2a401c6897af3abbc27dfaaf162556745267d6b2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jeroen van Meeuwen (Fedora Unity) <kanarip@fedoraunity.org>
|
||||||
|
Date: Wed, 24 Jun 2009 15:30:19 +0200
|
||||||
|
Subject: [PATCH/puppet 2/6] Support supplementary groups (Till Maas)
|
||||||
|
|
||||||
|
---
|
||||||
|
lib/puppet/util.rb | 5 +++--
|
||||||
|
lib/puppet/util/suidmanager.rb | 11 ++++++++++-
|
||||||
|
2 files changed, 13 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/puppet/util.rb b/lib/puppet/util.rb
|
||||||
|
index f8a8721..51a2a16 100644
|
||||||
|
--- a/lib/puppet/util.rb
|
||||||
|
+++ b/lib/puppet/util.rb
|
||||||
|
@@ -58,10 +58,11 @@ module Util
|
||||||
|
end
|
||||||
|
unless Puppet::Util::SUIDManager.uid == user
|
||||||
|
begin
|
||||||
|
+ Puppet::Util::SUIDManager.initgroups(user)
|
||||||
|
Puppet::Util::SUIDManager.uid = user
|
||||||
|
Puppet::Util::SUIDManager.euid = user
|
||||||
|
- rescue
|
||||||
|
- $stderr.puts "could not change to user %s" % user
|
||||||
|
+ rescue => detail
|
||||||
|
+ $stderr.puts "could not change to user %s: %s" % [user, detail]
|
||||||
|
exit(74)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
diff --git a/lib/puppet/util/suidmanager.rb b/lib/puppet/util/suidmanager.rb
|
||||||
|
index b071dca..9f6e3b6 100644
|
||||||
|
--- a/lib/puppet/util/suidmanager.rb
|
||||||
|
+++ b/lib/puppet/util/suidmanager.rb
|
||||||
|
@@ -7,7 +7,7 @@ module Puppet::Util::SUIDManager
|
||||||
|
extend Forwardable
|
||||||
|
|
||||||
|
to_delegate_to_process = [ :euid=, :euid, :egid=, :egid,
|
||||||
|
- :uid=, :uid, :gid=, :gid ]
|
||||||
|
+ :uid=, :uid, :gid=, :gid, :groups=, :groups ]
|
||||||
|
|
||||||
|
to_delegate_to_process.each do |method|
|
||||||
|
def_delegator Process, method
|
||||||
|
@@ -26,13 +26,16 @@ module Puppet::Util::SUIDManager
|
||||||
|
# We set both because some programs like to drop privs, i.e. bash.
|
||||||
|
old_uid, old_gid = self.uid, self.gid
|
||||||
|
old_euid, old_egid = self.euid, self.egid
|
||||||
|
+ old_groups = self.groups
|
||||||
|
begin
|
||||||
|
self.egid = convert_xid :gid, new_gid if new_gid
|
||||||
|
+ self.initgroups(convert_xid(:uid, new_uid)) if new_uid
|
||||||
|
self.euid = convert_xid :uid, new_uid if new_uid
|
||||||
|
|
||||||
|
yield
|
||||||
|
ensure
|
||||||
|
self.euid, self.egid = old_euid, old_egid
|
||||||
|
+ self.groups = old_groups
|
||||||
|
end
|
||||||
|
end
|
||||||
|
module_function :asuser
|
||||||
|
@@ -49,6 +52,12 @@ module Puppet::Util::SUIDManager
|
||||||
|
end
|
||||||
|
module_function :convert_xid
|
||||||
|
|
||||||
|
+ # Initialize supplementary groups
|
||||||
|
+ def initgroups(user)
|
||||||
|
+ require 'etc'
|
||||||
|
+ Process.initgroups(Etc.getpwuid(user).name, Process.gid)
|
||||||
|
+ end
|
||||||
|
+ module_function :initgroups
|
||||||
|
|
||||||
|
def run_and_capture(command, new_uid=nil, new_gid=nil)
|
||||||
|
output = Puppet::Util.execute(command, :failonfail => false, :uid => new_uid, :gid => new_gid)
|
||||||
|
--
|
||||||
|
1.6.3.3
|
||||||
|
|
Loading…
Reference in new issue