rpms
/
salt
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge and update to 3005.4-1

Browse Source
i9ce changed/i9ce/salt-3005.4-1.el9
MSVSphere Packaging Team 1 year ago
parent 5faa166cb9 755b2c34b4
commit df1660029c
20 changed files with 1343 additions and 305 deletions
Show Stats Download Patch File Download Diff File

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/salt-3005.1.tar.gz
SOURCES/salt-3005.4.tar.gz

2
.salt.metadata
Unescape View File

@ -1 +1 @@
b7359edf8db1e01ce4fb7708e9bb6af0578f4ebd SOURCES/salt-3005.1.tar.gz
44052c1fca6076a85221816f38a85e14605ea0af SOURCES/salt-3005.4.tar.gz

20
SOURCES/contextvars.patch
Unescape View File

@ -0,0 +1,20 @@
--- salt-3005/requirements/base.txt.fix 2022-08-25 17:13:58.740984435 -0600
+++ salt-3005/requirements/base.txt 2022-08-25 17:14:14.428036445 -0600
@@ -4,5 +4,4 @@ PyYAML
MarkupSafe
requests>=1.0.0
distro>=1.0.1
-contextvars
psutil>=5.0.0
--- salt-3005.2/requirements/zeromq.txt~ 2023-08-03 12:27:49.000000000 -0500
+++ salt-3005.2/requirements/zeromq.txt 2023-09-05 15:00:22.172125782 -0500
@@ -1,8 +1,4 @@
-r base.txt
-r crypto.txt
-pyzmq<=20.0.0; python_version < "3.6"
-pyzmq>=20.0.0; python_version >= "3.6"
-# We can't use 23+ on Windows until they fix this:
-# https://github.com/zeromq/pyzmq/issues/1472
-pyzmq>=20.0.0,<=22.0.3 ; sys_platform == "win32"
+pyzmq>=20.0.0

156
SOURCES/salt-api
Unescape View File

@ -1,2 +1,154 @@
#!/bin/bash
exec /opt/saltstack/salt/run/run api "${@:1}"
#!/bin/sh
#
# Salt API
###################################
# LSB header
### BEGIN INIT INFO
# Provides: salt-api
# Required-Start: $local_fs $remote_fs $network $named $time
# Should-Start: $time ypbind smtp
# Required-Stop: $local_fs $remote_fs $network $named $time
# Should-Stop: ypbind smtp
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Salt API control daemon
# Description: This is a daemon that controls the Salt API.
### END INIT INFO
# chkconfig header
# chkconfig: 345 99 99
# description: This is a daemon that controls the Salt API.
#
# processname: /usr/bin/salt-api
if [ -f /etc/default/salt ]; then
. /etc/default/salt
else
SALTAPI=/usr/bin/salt-api
PYTHON=/usr/bin/python
fi
# Sanity checks.
[ -x $SALTAPI ] || exit 0
DEBIAN_VERSION=/etc/debian_version
SUSE_RELEASE=/etc/SuSE-release
# Source function library.
if [ -f $DEBIAN_VERSION ]; then
break
elif [ -f $SUSE_RELEASE -a -r /etc/rc.status ]; then
. /etc/rc.status
else
. /etc/rc.d/init.d/functions
fi
SERVICE=salt-api
PROCESS=salt-api
CONFIG_ARGS="-d"
PID_FILE="/var/run/salt-api.pid"
RETVAL=0
start() {
echo -n $"Starting salt-api daemon: "
if [ -f $SUSE_RELEASE ]; then
startproc -f -p /var/run/$SERVICE.pid $SALTAPI $CONFIG_ARGS
rc_status -v
elif [ -e $DEBIAN_VERSION ]; then
if [ -f $LOCKFILE ]; then
echo -n "already started, lock file found"
RETVAL=1
elif $PYTHON $SALTAPI; then
echo -n "OK"
RETVAL=0
fi
else
if status $PROCESS &> /dev/null; then
failure "Already running."
RETVAL=1
else
daemon --pidfile=$PID_FILE --check $SERVICE $SALTAPI $CONFIG_ARGS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SERVICE
echo
return $RETVAL
fi
fi
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping salt-api daemon: "
if [ -f $SUSE_RELEASE ]; then
killproc -TERM $SALTAPI
rc_status -v
elif [ -f $DEBIAN_VERSION ]; then
# Added this since Debian's start-stop-daemon doesn't support spawned processes
if ps -ef | grep "$PYTHON $SALTAPI" | grep -v grep | awk '{print $2}' | xargs kill &> /dev/null; then
echo -n "OK"
RETVAL=0
else
echo -n "Daemon is not started"
RETVAL=1
fi
else
killproc -d 10 $PROCESS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$SERVICE
return $RETVAL
fi
RETVAL=$?
echo
return $RETVAL
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start|stop|restart)
$1
;;
status)
if [ -f $SUSE_RELEASE ]; then
echo -n "Checking for service salt-api "
checkproc $SALTAPI
rc_status -v
RETVAL=$?
elif [ -f $DEBIAN_VERSION ]; then
if [ -f $LOCKFILE ]; then
RETVAL=0
echo "salt-api is running."
else
RETVAL=1
echo "salt-api is stopped."
fi
else
status $PROCESS
RETVAL=$?
fi
;;
condrestart|try-restart)
[ -f $LOCKFILE ] && restart || :
;;
reload)
echo "can't reload configuration, you have to restart it"
RETVAL=1
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload}"
exit 1
;;
esac
exit $RETVAL

2
SOURCES/salt-api.service
Unescape View File

@ -1,6 +1,6 @@
[Unit]
Description=The Salt API
Documentation=man:salt-api(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html
Documentation=man:salt-api(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltproject.io/en/latest/contents.html
After=network.target
[Service]

24
SOURCES/salt-common.logrotate
Unescape View File

@ -21,3 +21,27 @@
compress
notifempty
}
/var/log/salt/api {
weekly
missingok
rotate 7
compress
notifempty
}
/var/log/salt/syndic {
weekly
missingok
rotate 7
compress
notifempty
}
/var/log/salt/proxy {
weekly
missingok
rotate 7
compress
notifempty
}

147
SOURCES/salt-master
Unescape View File

@ -1,7 +1,142 @@
#!/bin/bash
if [[ -z "${SSL_CERT_DIR}" ]] && command -v openssl &> /dev/null; then
_DIR=$(openssl version -d)
export SSL_CERT_DIR=${_DIR:13:-1}"/certs"
export SSL_CERT_FILE=${_DIR:13:-1}"/cert.pem"
#!/bin/sh
#
# Salt master
###################################
# LSB header
### BEGIN INIT INFO
# Provides: salt-master
# Required-Start: $all
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Salt master control daemon
# Description: This is a daemon that controls the Salt minions.
### END INIT INFO
# chkconfig header
# chkconfig: 345 96 05
# description: This is a daemon that controls the Salt minions
#
# processname: /usr/bin/salt-master
DEBIAN_VERSION=/etc/debian_version
SUSE_RELEASE=/etc/SuSE-release
# Source function library.
if [ -f $DEBIAN_VERSION ]; then
break
elif [ -f $SUSE_RELEASE -a -r /etc/rc.status ]; then
. /etc/rc.status
else
. /etc/rc.d/init.d/functions
fi
exec /opt/saltstack/salt/run/run master "${@:1}"
# Default values (can be overridden below)
SALTMASTER=/usr/bin/salt-master
PYTHON=/usr/bin/python
MASTER_ARGS=""
if [ -f /etc/default/salt ]; then
. /etc/default/salt
fi
SERVICE=salt-master
PROCESS=salt-master
RETVAL=0
start() {
echo -n $"Starting salt-master daemon: "
if [ -f $SUSE_RELEASE ]; then
startproc -f -p /var/run/$SERVICE.pid $SALTMASTER -d $MASTER_ARGS
rc_status -v
elif [ -e $DEBIAN_VERSION ]; then
if [ -f $LOCKFILE ]; then
echo -n "already started, lock file found"
RETVAL=1
elif $PYTHON $SALTMASTER -d $MASTER_ARGS >& /dev/null; then
echo -n "OK"
RETVAL=0
fi
else
daemon --check $SERVICE $SALTMASTER -d $MASTER_ARGS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SERVICE
echo
return $RETVAL
fi
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping salt-master daemon: "
if [ -f $SUSE_RELEASE ]; then
killproc -TERM $SALTMASTER
rc_status -v
elif [ -f $DEBIAN_VERSION ]; then
# Added this since Debian's start-stop-daemon doesn't support spawned processes
if ps -ef | grep "$PYTHON $SALTMASTER" | grep -v grep | awk '{print $2}' | xargs kill &> /dev/null; then
echo -n "OK"
RETVAL=0
else
echo -n "Daemon is not started"
RETVAL=1
fi
else
killproc -d 10 $PROCESS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$SERVICE
return $RETVAL
fi
RETVAL=$?
echo
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start|stop|restart)
$1
;;
status)
if [ -f $SUSE_RELEASE ]; then
echo -n "Checking for service salt-master "
checkproc $SALTMASTER
rc_status -v
elif [ -f $DEBIAN_VERSION ]; then
if [ -f $LOCKFILE ]; then
RETVAL=0
echo "salt-master is running."
else
RETVAL=1
echo "salt-master is stopped."
fi
else
status $PROCESS
RETVAL=$?
fi
;;
condrestart)
[ -f $LOCKFILE ] && restart || :
;;
reload)
echo "can't reload configuration, you have to restart it"
RETVAL=1
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"
exit 1
;;
esac
exit $RETVAL

1
SOURCES/salt-master.fish
Unescape View File

@ -3,3 +3,4 @@
# hack to load functions from salt_common completion
complete --do-complete='salt_common --' >/dev/null

2
SOURCES/salt-master.service
Unescape View File

@ -1,6 +1,6 @@
[Unit]
Description=The Salt Master Server
Documentation=man:salt-master(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html
Documentation=man:salt-master(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltproject.io/en/latest/contents.html
After=network.target
[Service]

328
SOURCES/salt-minion
Unescape View File

@ -1,7 +1,323 @@
#!/bin/bash
if [[ -z "${SSL_CERT_DIR}" ]] && command -v openssl &> /dev/null; then
_DIR=$(openssl version -d)
export SSL_CERT_DIR=${_DIR:13:-1}"/certs"
export SSL_CERT_FILE=${_DIR:13:-1}"/cert.pem"
#!/bin/sh
#
# Salt minion
###################################
# LSB header
### BEGIN INIT INFO
# Provides: salt-minion
# Required-Start: $all
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Salt minion daemon
# Description: This is the Salt minion daemon that can be controlled by the
# Salt master.
### END INIT INFO
# chkconfig header
# chkconfig: 345 97 04
# description: This is the Salt minion daemon that can be controlled by the Salt master.
#
# processname: /usr/bin/salt-minion
# Allow these to be overridden for tests
: "${SALTMINION_BINDIR:=/usr/bin}"
: "${SALTMINION_SYSCONFDIR:=/etc}"
# Default values (can be overridden in settings file)
: "${USER:=$(id -nu)}"
SALTMINION="${SALTMINION_BINDIR}/salt-minion"
SALTCALL="${SALTMINION_BINDIR}/salt-call"
# SALTMINION_CONFIGS are newline-separated entries of: MINION_USER CONFIG_DIR
: "${SALTMINION_CONFIGS:="
$USER ${SALTMINION_SYSCONFDIR}/salt
"}"
SALTMINION_ARGS=""
SALTMINION_TIMEOUT=30
SALTMINION_TICK=1
SERVICE="salt-minion"
# Read in settings file
if [ -f "${SALTMINION_SYSCONFDIR}/default/salt" ]; then
. "${SALTMINION_SYSCONFDIR}/default/salt"
elif [ -f "${SALTMINION_SYSCONFDIR}/sysconfig/salt" ]; then
. "${SALTMINION_SYSCONFDIR}/sysconfig/salt"
fi
RETVAL=0
NS_NOTRIM="--notrim"
ERROR_TO_DEVNULL="/dev/null"
_su_cmd() {
local user="$1"
shift
if [ "X$USER" = "X$user" ]; then
eval $1
else
su -l -c "$1" "$user"
fi
}
_get_pid() {
cat $PID_FILE 2>/dev/null
}
_is_running() {
[ -n "$(_get_pid)" ] && ps wwwaxu | grep '[s]alt-minion' | awk '{print $2}' | grep -qi "\b$(_get_pid)\b"
}
_get_salt_config_value() {
_su_cmd \
"$MINION_USER" \
"\
\"$SALTCALL\" \
-c \"$CONFIG_DIR\" \
--no-color \
--skip-grains \
--local config.get \
\"$1\" \
" \
2>$ERROR_TO_DEVNULL \
| sed -r -e '2!d; s/^\s*//;'
}
_make_id_hash() {
# $1 - minion_id
local hasher=''
case "$(_get_salt_config_value hash_type)" in
(md5) hasher="md5sum";;
(sha1) hasher="sha1sum";;
(sha224) hasher="sha224sum";;
(sha256) hasher="sha256sum";;
(sha384) hasher="sha384sum";;
(sha512) hasher="sha512sum";;
(*) echo "ERROR: No salt hash_type specified";;
esac
if [ -n "$hasher" ]; then
printf "$1" | "$hasher" | cut -c 1-10
fi
}
start() {
# $1 - config dir
local retval=0
if _is_running; then
echo "Service $SERVICE:$MINION_USER:$MINION_ID already running"
return 0
fi
echo -n "Starting $SERVICE:$MINION_USER:$MINION_ID daemon: "
_su_cmd \
"$MINION_USER" \
"\
\"$SALTMINION\" \
-c \"$CONFIG_DIR\" \
-d $SALTMINION_ARGS \
${SALTMINION_DEBUG:+-l debug} \
" \
2>$ERROR_TO_DEVNULL \
|| retval=$?
if [ 0 -eq "$retval" ]; then
local endtime=$(($(date '+%s')+$SALTMINION_TIMEOUT))
while ! _is_running; do
if [ "$endtime" -lt "$(date '+%s')" ]; then
echo -n "TIMEOUT "
retval=1
break
fi
sleep $SALTMINION_TICK
done
fi
if [ 0 -eq "$retval" ]; then
echo -n "OK"
else
echo -n "FAIL"
if [ -n "$SALTMINION_DEBUG" ]; then
printf "\nPROCESSES:\n" >&2
ps wwwaxu | grep '[s]alt-minion' >&2
printf "\nSOCKETS:\n" >&2
netstat -n $NS_NOTRIM -ap --protocol=unix | grep 'salt.*minion' >&2
printf "\nLOG_FILE:\n" >&2
tail -n 20 "$LOG_FILE" >&2
printf "\nENVIRONMENT:\n" >&2
env >&2
fi
fi
echo
return $retval
}
stop() {
# $1 - config dir
local retval=0
if ! _is_running; then
echo "Service $SERVICE:$MINION_USER:$MINION_ID is not running"
return 0
fi
echo -n "Stopping $SERVICE:$MINION_USER:$MINION_ID daemon: "
local pid="$(_get_pid)"
# pid below is intentionally not quoted in case there are *multiple*
# minions running with the same configuration.
_su_cmd "$MINION_USER" "kill -TERM $pid 2>/dev/null" || retval=$?
if [ 0 -eq "$retval" ]; then
local endtime=$(($(date '+%s')+$SALTMINION_TIMEOUT))
while _is_running; do
if [ "$endtime" -lt "$(date '+%s')" ]; then
# Try one more time with a big hammer
_su_cmd "$MINION_USER" "kill -KILL $pid 2>/dev/null" || :
sleep $SALTMINION_TICK
if _is_running; then
echo -n "TIMEOUT "
retval=1
fi
break
fi
sleep 1
done
fi
if [ 0 -eq "$retval" ]; then
rm -f "$PID_FILE"
echo -n "OK"
else
echo -n "FAIL"
fi
echo
return $retval
}
status() {
local retval=0
local pid="$(_get_pid)"
if _is_running; then
# Unquote $pid here to display multiple PIDs in one line
echo "$SERVICE:$MINION_USER:$MINION_ID is running:" $pid
else
retval=3
echo "$SERVICE:$MINION_USER:$MINION_ID is stopped."
if [ -e "$PID_FILE" ]; then
echo "$SERVICE:$MINION_USER:$MINION_ID has orphaned pid file: $PID_FILE."
retval=1
fi
fi
return $retval
}
restart() {
# $1 - config dir
stop "$1"
start "$1"
}
main() {
if [ -n "$SALTMINION_DEBUG" ]; then
set -x
ERROR_TO_DEVNULL="&2"
fi
# Check to see if --notrim is a valid netstat option
if ! ( netstat --help 2>&1 | grep -wq '\-\-notrim') ; then
NS_NOTRIM=''
fi
# Pre-filter for unhandled commands
case "$1" in
(start|stop|status|restart|condrestart|try-restart) ;;
(reload)
echo "Can't reload $SERVICE - you must restart it"
exit 3
;;
(*)
echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload}"
exit 2
;;
esac
while read MINION_USER CONFIG_DIR; do
if [ -z "$CONFIG_DIR" ]; then
continue
fi
if ! [ -d "$CONFIG_DIR" ]; then
echo "ERROR: non-existent $SERVICE config directory: $CONFIG_DIR"
RETVAL=1
continue
fi
SOCK_DIR="$(_get_salt_config_value sock_dir)"
PID_FILE="$(_get_salt_config_value pidfile)"
LOG_FILE="$(_get_salt_config_value log_file)"
MINION_ID="$(_get_salt_config_value id)"
MINION_ID_HASH="$(_make_id_hash "$MINION_ID")"
if [ \
-z "$SOCK_DIR" \
-o -z "$PID_FILE" \
-o -z "$LOG_FILE" \
-o -z "$MINION_ID" \
-o -z "$MINION_ID_HASH" \
]; then
echo "ERROR: Unable to look-up config values for $CONFIG_DIR"
RETVAL=1
continue
fi
# See how we were called.
case "$1" in
(start|stop|restart|status)
"$1" || RETVAL=$?
;;
(condrestart|try-restart)
if ! _is_running; then
RETVAL=7
else
stop
start || RETVAL=$?
fi
;;
(*)
echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload}"
RETVAL=2
;;
esac
done <<EOF
$SALTMINION_CONFIGS
EOF
exit $RETVAL
}
if [ "$#" = 0 ]; then
main
else
main "$@"
fi
exec /opt/saltstack/salt/run/run minion "${@:1}"

1
SOURCES/salt-minion.fish
Unescape View File

@ -3,3 +3,4 @@
# hack to load functions from salt_common completion
complete --do-complete='salt_common --' >/dev/null

2
SOURCES/salt-minion.service
Unescape View File

@ -1,6 +1,6 @@
[Unit]
Description=The Salt Minion
Documentation=man:salt-minion(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html
Documentation=man:salt-minion(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltproject.io/en/latest/contents.html
After=network.target salt-master.service
[Service]

2
SOURCES/salt-proxy@.service
Unescape View File

@ -1,6 +1,6 @@
[Unit]
Description=salt-proxy service for %i
Documentation=man:salt-proxy(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html
Documentation=man:salt-proxy(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltproject.io/en/latest/contents.html
After=network.target
[Service]

214
SOURCES/salt-py3-2019.2.1-rpmsign.patch
Unescape View File

@ -0,0 +1,214 @@
diff -Naur a/salt/modules/rpmbuild_pkgbuild.py b/salt/modules/rpmbuild_pkgbuild.py
--- a/salt/modules/rpmbuild_pkgbuild.py 2019-07-02 10:15:07.035874718 -0600
+++ b/salt/modules/rpmbuild_pkgbuild.py 2019-07-02 10:55:34.147934899 -0600
@@ -140,7 +140,9 @@
tgtattrs = tgt.split('-')
if tgtattrs[0] == 'amzn':
distset = '--define "dist .{0}1"'.format(tgtattrs[0])
- elif tgtattrs[1] in ['6', '7']:
+ elif tgtattrs[0] == 'amzn2':
+ distset = '--define "dist .{0}"'.format(tgtattrs[0])
+ elif tgtattrs[1] in ['6', '7', '8']:
distset = '--define "dist .el{0}"'.format(tgtattrs[1])
else:
distset = ''
@@ -173,6 +175,19 @@
return deps_list
+def _check_repo_gpg_phrase_utils():
+ '''
+ Check for /usr/libexec/gpg-preset-passphrase is installed
+ '''
+ util_name = '/usr/libexec/gpg-preset-passphrase'
+ if __salt__['file.file_exists'](util_name):
+ return True
+ else:
+ raise CommandExecutionError(
+ 'utility \'{0}\' needs to be installed'.format(util_name)
+ )
+
+
def make_src_pkg(dest_dir, spec, sources, env=None, template=None, saltenv='base', runas='root'):
'''
Create a source rpm from the given spec file and sources
@@ -450,8 +465,14 @@
Use a passphrase with the signing key presented in ``keyid``.
Passphrase is received from Pillar data which could be passed on the
- command line with ``pillar`` parameter. For example:
+ command line with ``pillar`` parameter.
+ .. versionadded:: 2018.2.1
+
+ RHEL 8 and above leverages gpg-agent and gpg-preset-passphrase for
+ caching keys, etc.
+
+ For example:
.. code-block:: bash
pillar='{ "gpg_passphrase" : "my_passphrase" }'
@@ -485,10 +506,27 @@
'''
SIGN_PROMPT_RE = re.compile(r'Enter pass phrase: ', re.M)
- define_gpg_name = ''
+ local_keygrip_to_use = None
+ local_key_fingerprint = None
local_keyid = None
local_uids = None
+ define_gpg_name = ''
phrase = ''
+ retrc = 0
+ use_gpg_agent = False
+
+ res = {
+ 'retcode': 1,
+ 'stdout': '',
+ 'stderr': 'initialization value'
+ }
+
+ if gnupghome and env is None:
+ env = {}
+ env['GNUPGHOME'] = gnupghome
+
+ if __grains__.get('osmajorrelease') >= 7:
+ use_gpg_agent = True
if keyid is not None:
# import_keys
@@ -517,8 +555,29 @@
if keyid == gpg_key['keyid'][8:]:
local_uids = gpg_key['uids']
local_keyid = gpg_key['keyid']
+ if use_gpg_agent:
+ local_keygrip_to_use = gpg_key['fingerprint']
+ local_key_fingerprint = gpg_key['fingerprint']
break
+ if use_gpg_agent:
+ cmd = 'gpg --with-keygrip --list-secret-keys'
+ local_keys2_keygrip = __salt__['cmd.run'](cmd, runas=runas, env=env)
+ local_keys2 = iter(local_keys2_keygrip.splitlines())
+ try:
+ for line in local_keys2:
+ if line.startswith('sec'):
+ line_fingerprint = next(local_keys2).lstrip().rstrip()
+ if local_key_fingerprint == line_fingerprint:
+ lkeygrip = next(local_keys2).split('=')
+ local_keygrip_to_use = lkeygrip[1].lstrip().rstrip()
+ break
+ except StopIteration:
+ raise SaltInvocationError(
+ 'unable to find keygrip associated with fingerprint \'{0}\' for keyid \'{1}\''
+ .format(local_key_fingerprint, local_keyid)
+ )
+
if local_keyid is None:
raise SaltInvocationError(
'The key ID \'{0}\' was not found in GnuPG keyring at \'{1}\''
@@ -527,6 +586,15 @@
if use_passphrase:
phrase = __salt__['pillar.get']('gpg_passphrase')
+ if use_gpg_agent:
+ _check_repo_gpg_phrase_utils()
+ cmd = '/usr/libexec/gpg-preset-passphrase --verbose --preset --passphrase "{0}" {1}'.format(phrase, local_keygrip_to_use)
+ retrc = __salt__['cmd.retcode'](cmd, runas=runas, env=env)
+ if retrc != 0:
+ raise SaltInvocationError(
+ 'Failed to preset passphrase, error {1}, '
+ 'check logs for further details'.format(retrc)
+ )
if local_uids:
define_gpg_name = '--define=\'%_signature gpg\' --define=\'%_gpg_name {0}\''.format(
@@ -553,43 +621,54 @@
number_retries = timeout / interval
times_looped = 0
error_msg = 'Failed to sign file {0}'.format(abs_file)
- cmd = 'rpm {0} --addsign {1}'.format(define_gpg_name, abs_file)
- preexec_fn = functools.partial(salt.utils.user.chugid_and_umask, runas, None)
- try:
- stdout, stderr = None, None
- proc = salt.utils.vt.Terminal(
- cmd,
- shell=True,
- preexec_fn=preexec_fn,
- stream_stdout=True,
- stream_stderr=True
- )
- while proc.has_unread_data:
- stdout, stderr = proc.recv()
- if stdout and SIGN_PROMPT_RE.search(stdout):
- # have the prompt for inputting the passphrase
- proc.sendline(phrase)
- else:
- times_looped += 1
+ if use_gpg_agent:
+ cmd = 'rpmsign --verbose --key-id={0} --addsign {1}'.format(local_keyid, abs_file)
+ retrc |= __salt__['cmd.retcode'](cmd, runas=runas, cwd=repodir, use_vt=True, env=env)
+ if retrc != 0:
+ raise SaltInvocationError(
+ 'Signing encountered errors for command \'{0}\', '
+ 'return error {1}, check logs for further details'.format(
+ cmd,
+ retrc)
+ )
+ else:
+ cmd = 'rpm {0} --addsign {1}'.format(define_gpg_name, abs_file)
+ preexec_fn = functools.partial(salt.utils.user.chugid_and_umask, runas, None)
+ try:
+ stdout, stderr = None, None
+ proc = salt.utils.vt.Terminal(
+ cmd,
+ shell=True,
+ preexec_fn=preexec_fn,
+ stream_stdout=True,
+ stream_stderr=True
+ )
+ while proc.has_unread_data:
+ stdout, stderr = proc.recv()
+ if stdout and SIGN_PROMPT_RE.search(stdout):
+ # have the prompt for inputting the passphrase
+ proc.sendline(phrase)
+ else:
+ times_looped += 1
+
+ if times_looped > number_retries:
+ raise SaltInvocationError(
+ 'Attemping to sign file {0} failed, timed out after {1} seconds'
+ .format(abs_file, int(times_looped * interval))
+ )
+ time.sleep(interval)
- if times_looped > number_retries:
+ proc_exitstatus = proc.exitstatus
+ if proc_exitstatus != 0:
raise SaltInvocationError(
- 'Attemping to sign file {0} failed, timed out after {1} seconds'
- .format(abs_file, int(times_looped * interval))
+ 'Signing file {0} failed with proc.status {1}'
+ .format(abs_file, proc_exitstatus)
)
- time.sleep(interval)
-
- proc_exitstatus = proc.exitstatus
- if proc_exitstatus != 0:
- raise SaltInvocationError(
- 'Signing file {0} failed with proc.status {1}'
- .format(abs_file, proc_exitstatus)
- )
- except salt.utils.vt.TerminalException as err:
- trace = traceback.format_exc()
- log.error(error_msg, err, trace)
- finally:
- proc.close(terminate=True, kill=True)
+ except salt.utils.vt.TerminalException as err:
+ trace = traceback.format_exc()
+ log.error(error_msg, err, trace)
+ finally:
+ proc.close(terminate=True, kill=True)
cmd = 'createrepo --update {0}'.format(repodir)
return __salt__['cmd.run_all'](cmd, runas=runas)

1
SOURCES/salt-run.fish
Unescape View File

@ -3,3 +3,4 @@
# hack to load functions from salt_common completion
complete --do-complete='salt_common --' >/dev/null

138
SOURCES/salt-syndic
Unescape View File

@ -1,2 +1,136 @@
#!/bin/bash
exec /opt/saltstack/salt/run/run syndic "${@:1}"
#!/bin/sh
#
# Salt syndic
###################################
# LSB header
### BEGIN INIT INFO
# Provides: salt-syndic
# Required-Start: $all
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Salt syndic master-minion passthrough daemon
# Description: This is a the Salt syndic daemon that enables Salt master-minion
# remote control passthrough.
### END INIT INFO
# chkconfig header
# chkconfig: - 99 99
# description: This is a the Salt syndic daemon that enables Salt master-minion remote control passthrough.
#
# processname: /usr/bin/salt-syndic
DEBIAN_VERSION=/etc/debian_version
SUSE_RELEASE=/etc/SuSE-release
# Source function library.
if [ -f $DEBIAN_VERSION ]; then
break
elif [ -f $SUSE_RELEASE -a -r /etc/rc.status ]; then
. /etc/rc.status
else
. /etc/rc.d/init.d/functions
fi
# Default values (can be overridden below)
SALTSYNDIC=/usr/bin/salt-syndic
PYTHON=/usr/bin/python
SYNDIC_ARGS=""
if [ -f /etc/default/salt ]; then
. /etc/default/salt
fi
SERVICE=salt-syndic
PROCESS=salt-syndic
RETVAL=0
start() {
echo -n $"Starting salt-syndic daemon: "
if [ -f $SUSE_RELEASE ]; then
startproc -f -p /var/run/$SERVICE.pid $SALTSYNDIC -d $SYNDIC_ARGS
rc_status -v
elif [ -e $DEBIAN_VERSION ]; then
if [ -f $LOCKFILE ]; then
echo -n "already started, lock file found"
RETVAL=1
elif $PYTHON $SALTSYNDIC -d $SYNDIC_ARGS >& /dev/null; then
echo -n "OK"
RETVAL=0
fi
else
daemon --check $SERVICE $SALTSYNDIC -d $SYNDIC_ARGS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SERVICE
echo
return $RETVAL
fi
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping salt-syndic daemon: "
if [ -f $SUSE_RELEASE ]; then
killproc -TERM $SALTSYNDIC
rc_status -v
elif [ -f $DEBIAN_VERSION ]; then
# Added this since Debian's start-stop-daemon doesn't support spawned processes
if ps -ef | grep "$PYTHON $SALTSYNDIC" | grep -v grep | awk '{print $2}' | xargs kill &> /dev/null; then
echo -n "OK"
RETVAL=0
else
echo -n "Daemon is not started"
RETVAL=1
fi
else
killproc -d 10 $PROCESS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$SERVICE
return $RETVAL
fi
RETVAL=$?
echo
}
restart() {
stop
start
}
# See how we were called.
case "$1" in
start|stop|restart)
$1
;;
status)
if [ -f $SUSE_RELEASE ]; then
echo -n "Checking for service salt-syndic "
checkproc $SALTSYNDIC
rc_status -v
elif [ -f $DEBIAN_VERSION ]; then
if [ -f $LOCKFILE ]; then
RETVAL=0
echo "salt-syndic is running."
else
RETVAL=1
echo "salt-syndic is stopped."
fi
else
status $PROCESS
RETVAL=$?
fi
;;
*)
echo $"Usage: $0 {start|stop|status|restart}"
exit 1
;;
esac
exit $RETVAL

1
SOURCES/salt-syndic.fish
Unescape View File

@ -3,3 +3,4 @@
# hack to load functions from salt_common completion
complete --do-complete='salt_common --' >/dev/null

2
SOURCES/salt-syndic.service
Unescape View File

@ -1,6 +1,6 @@
[Unit]
Description=The Salt Master Server
Documentation=man:salt-syndic(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html
Documentation=man:salt-syndic(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltproject.io/en/latest/contents.html
After=network.target
PartOf=salt-master.service

1
SOURCES/salt_common.fish
Unescape View File

@ -436,3 +436,4 @@ function __fish_salt_prefix_with_arg_name
tee
end
end

602
SPECS/pkg.spec → SPECS/salt.spec
Unescape View File

@ -1,66 +1,46 @@
%global __brp_check_rpaths %{nil}
## For Python 3 only
%bcond_with tests
%bcond_with docs
# Release Candidate
%global __rc_ver %{nil}
# Disable build-id symlinks
%define _build_id_links none
%undefine _missing_build_ids_terminate_build
%global fish_dir %{_datadir}/fish/vendor_functions.d
%global zsh_dir %{_datadir}/zsh/site-functions
# Disable private libraries from showing in provides
%global __provides_exclude_from ^.*\\.so.*$
%global __requires_exclude_from ^.*\\.so.*$
# Disable python bytecompile for MANY reasons
%global __os_install_post %(echo '%{__os_install_post}' | sed -e 's!/usr/lib[^[:space:]]*/brp-python-bytecompile[[:space:]].*$!!g')
%define fish_dir %{_datadir}/fish/vendor_functions.d
# py3_shbang_flags is '-s' and causing issues with pip install.
%global py3_shebang_flags %(echo %py3_shebang_flags | sed s/s//)
Name: salt
Version: 3005.1
Release: 4%{?dist}
Version: 3005.4
Release: 1%{?dist}
Summary: A parallel remote execution system
Group: System Environment/Daemons
License: ASL 2.0
URL: http://saltstack.org/
Source0: %{name}-%{version}.tar.gz
Source1: build.conf
Source3: requirements.txt
Source5: %{name}-proxy@.service
URL: https://saltproject.io/
Source0: %{pypi_source}
Source1: %{name}-proxy@.service
Source2: %{name}-master
Source3: %{name}-syndic
Source4: %{name}-minion
Source5: %{name}-api
Source6: %{name}-master.service
Source7: %{name}-syndic.service
Source8: %{name}-minion.service
Source9: %{name}-api.service
Source10: README.fedora
Source11: %{name}-common.logrotate
Source12: salt.bash
Source13: salt.fish
Source14: salt_common.fish
Source15: salt-call.fish
Source16: salt-cp.fish
Source17: salt-key.fish
Source18: salt-master.fish
Source19: salt-minion.fish
Source20: salt-run.fish
Source21: salt-syndic.fish
Source22: salt
Source23: salt-master
Source24: salt-minion
Source25: salt-api
Source26: salt-cp
Source27: salt-key
Source28: salt-run
Source29: salt-cloud
Source30: salt-ssh
Source31: salt-syndic
Source32: salt-call
Source33: salt-proxy
Source34: spm
Source35: salt-pip
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: x86_64
Source12: %{name}.bash
Source13: %{name}.fish
Source14: %{name}_common.fish
Source15: %{name}-call.fish
Source16: %{name}-cp.fish
Source17: %{name}-key.fish
Source18: %{name}-master.fish
Source19: %{name}-minion.fish
Source20: %{name}-run.fish
Source21: %{name}-syndic.fish
Patch0: contextvars.patch
BuildArch: noarch
%ifarch %{ix86} x86_64
Requires: dmidecode
@ -68,20 +48,12 @@ Requires: dmidecode
Requires: pciutils
Requires: which
Requires: openssl
%if 0%{?systemd_preun:1}
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
%endif
Requires: dnf-utils
Requires: logrotate
BuildRequires: systemd-units
#BuildRequires: python3
#BuildRequires: python3-devel
#BuildRequires: openssl-devel
BuildRequires: git
BuildRequires: systemd-rpm-macros
BuildRequires: python3-devel
BuildRequires: python3-toml
%description
Salt is a distributed remote execution system used to execute commands and
@ -96,9 +68,11 @@ servers, handle them quickly and through a simple and manageable interface.
Summary: Management component for salt, a parallel remote execution system
Group: System Environment/Daemons
Requires: %{name} = %{version}-%{release}
Requires: python3-systemd
%description master
The Salt master is the central server to which all minions connect.
Supports Python 3.
%package minion
@ -109,6 +83,7 @@ Requires: %{name} = %{version}-%{release}
%description minion
The Salt minion is the agent component of Salt. It listens for instructions
from the master, runs jobs, and returns results back to the master.
Supports Python 3.
%package syndic
@ -120,25 +95,30 @@ Requires: %{name}-master = %{version}-%{release}
The Salt syndic is a master daemon which can receive instruction from a
higher-level master, allowing for tiered organization of your Salt
infrastructure.
Supports Python 3.
%package api
Summary: REST API for Salt, a parallel remote execution system
Group: Applications/System
Requires: %{name}-master = %{version}-%{release}
Requires: python3-cherrypy >= 3.2.2
%description api
salt-api provides a REST interface to the Salt master.
Supports Python 3.
%package cloud
Summary: Cloud provisioner for Salt, a parallel remote execution system
Group: Applications/System
Requires: %{name}-master = %{version}-%{release}
Requires: python3-libcloud
%description cloud
The salt-cloud tool provisions new cloud VMs, installs salt-minion on them, and
adds them to the master's collection of controllable minions.
Supports Python 3.
%package ssh
@ -149,309 +129,324 @@ Requires: %{name} = %{version}-%{release}
%description ssh
The salt-ssh tool can run remote execution functions and states without the use
of an agent (salt-minion) service.
Supports Python 3.
%prep
tar xvf %{SOURCE0}
%autosetup -p1
%generate_buildrequires
%pyproject_buildrequires
%build
mv_srcdir=$RPM_BUILD_DIR/%{name}-3005.1
mv_dstdir=$RPM_BUILD_DIR/%{name}-%{version}
if [ "${mv_srcdir}" != "${mv_dstdir}" ]; then
mv ${mv_srcdir} ${mv_dstdir}
fi
cd %{name}-%{version}
PYTHONPATH="/usr/local/lib/python3.6/site-packages/:/usr/local/lib64/python3.6/site-packages/" tiamat --log-level=debug build -c %{SOURCE1} -r %{SOURCE3}
find . -name __pycache__ | xargs rm -fR
pwd
ls -l
%pyproject_wheel
%install
rm -rf %{buildroot}
#cd $RPM_BUILD_DIR/%{name}-%{version}
pwd
ls -l
mkdir -p %{buildroot}/opt/saltstack/salt
# pip installs directory
mkdir -p %{buildroot}/opt/saltstack/salt/pypath/
cp -ra %{name}-%{version}/dist/run %{buildroot}/opt/saltstack/salt
%pyproject_install
%pyproject_save_files salt
# Add some directories
install -d -m 0755 %{buildroot}%{_var}/log/salt
touch %{buildroot}%{_var}/log/salt/minion
touch %{buildroot}%{_var}/log/salt/master
install -d -m 0755 %{buildroot}%{_var}/cache/salt
install -d -m 0755 %{buildroot}%{_sysconfdir}/salt
install -d -m 0755 %{buildroot}%{_sysconfdir}/salt/master.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/salt/minion.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/salt/pki
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/pki/master
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/pki/minion
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/cloud.conf.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/cloud.deploy.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/cloud.maps.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/cloud.profiles.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/cloud.providers.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/salt/proxy.d
install -d -m 0755 %{buildroot}%{_bindir}
# Add helper scripts
install -m 0755 %{SOURCE22} %{buildroot}%{_bindir}/salt
install -m 0755 %{SOURCE23} %{buildroot}%{_bindir}/salt-master
install -m 0755 %{SOURCE24} %{buildroot}%{_bindir}/salt-minion
install -m 0755 %{SOURCE25} %{buildroot}%{_bindir}/salt-api
install -m 0755 %{SOURCE26} %{buildroot}%{_bindir}/salt-cp
install -m 0755 %{SOURCE27} %{buildroot}%{_bindir}/salt-key
install -m 0755 %{SOURCE28} %{buildroot}%{_bindir}/salt-run
install -m 0755 %{SOURCE29} %{buildroot}%{_bindir}/salt-cloud
install -m 0755 %{SOURCE30} %{buildroot}%{_bindir}/salt-ssh
install -m 0755 %{SOURCE31} %{buildroot}%{_bindir}/salt-syndic
install -m 0755 %{SOURCE32} %{buildroot}%{_bindir}/salt-call
install -m 0755 %{SOURCE33} %{buildroot}%{_bindir}/salt-proxy
install -m 0755 %{SOURCE34} %{buildroot}%{_bindir}/spm
install -m 0755 %{SOURCE35} %{buildroot}%{_bindir}/salt-pip
install -d -m 0755 %{buildroot}%{_var}/log/%{name}
touch %{buildroot}%{_var}/log/%{name}/minion
touch %{buildroot}%{_var}/log/%{name}/master
install -d -m 0755 %{buildroot}%{_var}/cache/%{name}
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/master.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/minion.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/pki
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/pki/master
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/pki/minion
install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/cloud.conf.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/cloud.deploy.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/cloud.maps.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/cloud.profiles.d
install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/cloud.providers.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/proxy.d
# Add the config files
install -p -m 0640 %{name}-%{version}/conf/minion %{buildroot}%{_sysconfdir}/salt/minion
install -p -m 0640 %{name}-%{version}/conf/master %{buildroot}%{_sysconfdir}/salt/master
install -p -m 0600 %{name}-%{version}/conf/cloud %{buildroot}%{_sysconfdir}/salt/cloud
install -p -m 0640 %{name}-%{version}/conf/roster %{buildroot}%{_sysconfdir}/salt/roster
install -p -m 0640 %{name}-%{version}/conf/proxy %{buildroot}%{_sysconfdir}/salt/proxy
install -p -m 0640 conf/minion %{buildroot}%{_sysconfdir}/%{name}/minion
install -p -m 0640 conf/master %{buildroot}%{_sysconfdir}/%{name}/master
install -p -m 0600 conf/cloud %{buildroot}%{_sysconfdir}/%{name}/cloud
install -p -m 0640 conf/roster %{buildroot}%{_sysconfdir}/%{name}/roster
install -p -m 0640 conf/proxy %{buildroot}%{_sysconfdir}/%{name}/proxy
# Add the unit files
mkdir -p %{buildroot}%{_unitdir}
install -p -m 0644 %{SOURCE5} %{buildroot}%{_unitdir}/
install -p -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/
install -p -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/
install -p -m 0644 %{SOURCE8} %{buildroot}%{_unitdir}/
install -p -m 0644 %{SOURCE9} %{buildroot}%{_unitdir}/
install -p -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/
# Logrotate
install -p %{SOURCE10} .
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d/
install -p -m 0644 %{SOURCE11} %{buildroot}%{_sysconfdir}/logrotate.d/salt
install -p -m 0644 %{SOURCE11} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
# Bash completion
mkdir -p %{buildroot}%{_sysconfdir}/bash_completion.d/
install -p -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/bash_completion.d/salt.bash
install -p -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/bash_completion.d/%{name}.bash
# Fish completion (TBD remove -v)
mkdir -p %{buildroot}%{fish_dir}
install -p -m 0644 %{SOURCE13} %{buildroot}%{fish_dir}/salt.fish
install -p -m 0644 %{SOURCE14} %{buildroot}%{fish_dir}/salt_common.fish
install -p -m 0644 %{SOURCE15} %{buildroot}%{fish_dir}/salt-call.fish
install -p -m 0644 %{SOURCE16} %{buildroot}%{fish_dir}/salt-cp.fish
install -p -m 0644 %{SOURCE17} %{buildroot}%{fish_dir}/salt-key.fish
install -p -m 0644 %{SOURCE18} %{buildroot}%{fish_dir}/salt-master.fish
install -p -m 0644 %{SOURCE19} %{buildroot}%{fish_dir}/salt-minion.fish
install -p -m 0644 %{SOURCE20} %{buildroot}%{fish_dir}/salt-run.fish
install -p -m 0644 %{SOURCE21} %{buildroot}%{fish_dir}/salt-syndic.fish
# Man files
mkdir -p %{buildroot}%{_mandir}/man1
mkdir -p %{buildroot}%{_mandir}/man7
ls -alh %{name}-%{version}/*
install -p -m 0644 %{name}-%{version}/doc/man/spm.1 %{buildroot}%{_mandir}/man1/spm.1
install -p -m 0644 %{name}-%{version}/doc/man/salt.1 %{buildroot}%{_mandir}/man1/salt.1
install -p -m 0644 %{name}-%{version}/doc/man/salt.7 %{buildroot}%{_mandir}/man7/salt.7
install -p -m 0644 %{name}-%{version}/doc/man/salt-cp.1 %{buildroot}%{_mandir}/man1/salt-cp.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-key.1 %{buildroot}%{_mandir}/man1/salt-key.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-master.1 %{buildroot}%{_mandir}/man1/salt-master.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-run.1 %{buildroot}%{_mandir}/man1/salt-run.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-call.1 %{buildroot}%{_mandir}/man1/salt-call.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-minion.1 %{buildroot}%{_mandir}/man1/salt-minion.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-proxy.1 %{buildroot}%{_mandir}/man1/salt-proxy.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-syndic.1 %{buildroot}%{_mandir}/man1/salt-syndic.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-api.1 %{buildroot}%{_mandir}/man1/salt-api.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-cloud.1 %{buildroot}%{_mandir}/man1/salt-cloud.1
install -p -m 0644 %{name}-%{version}/doc/man/salt-ssh.1 %{buildroot}%{_mandir}/man1/salt-ssh.1
%clean
rm -rf %{buildroot}
%files
%defattr(-,root,root,-)
%{_sysconfdir}/logrotate.d/salt
%{_sysconfdir}/bash_completion.d/salt.bash
%{_var}/cache/salt
%{_var}/log/salt
/opt/saltstack/
/opt/saltstack/salt
/opt/saltstack/salt/run
/opt/saltstack/salt/pypath
%doc %{_mandir}/man1/spm.1*
install -p -m 0644 %{SOURCE13} %{buildroot}%{fish_dir}/%{name}.fish
install -p -m 0644 %{SOURCE14} %{buildroot}%{fish_dir}/%{name}_common.fish
install -p -m 0644 %{SOURCE15} %{buildroot}%{fish_dir}/%{name}-call.fish
install -p -m 0644 %{SOURCE16} %{buildroot}%{fish_dir}/%{name}-cp.fish
install -p -m 0644 %{SOURCE17} %{buildroot}%{fish_dir}/%{name}-key.fish
install -p -m 0644 %{SOURCE18} %{buildroot}%{fish_dir}/%{name}-master.fish
install -p -m 0644 %{SOURCE19} %{buildroot}%{fish_dir}/%{name}-minion.fish
install -p -m 0644 %{SOURCE20} %{buildroot}%{fish_dir}/%{name}-run.fish
install -p -m 0644 %{SOURCE21} %{buildroot}%{fish_dir}/%{name}-syndic.fish
# ZSH completion
mkdir -p %{buildroot}%{zsh_dir}
install -p -m 0644 pkg/%{name}.zsh %{buildroot}%{zsh_dir}/_%{name}
%check
%pyproject_check_import -t
%files -f %{pyproject_files}
%license LICENSE
%doc README.fedora
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%config(noreplace) %{_sysconfdir}/bash_completion.d/%{name}.bash
%{_var}/cache/%{name}
%{_var}/log/%{name}
%{_bindir}/spm
%{_bindir}/salt-pip
%config(noreplace) %{_sysconfdir}/salt/
#%config(noreplace) %{_sysconfdir}/salt/pki
%config(noreplace) %{fish_dir}/salt*.fish
%doc %{_mandir}/man1/spm.1*
%dir %{zsh_dir}
%dir %{_sysconfdir}/%{name}/
%dir %{_sysconfdir}/%{name}/pki/
%{fish_dir}/%{name}*.fish
%{zsh_dir}/_%{name}
%files master
%defattr(-,root,root)
%doc %{_mandir}/man7/salt.7*
%doc %{_mandir}/man1/salt.1*
%doc %{_mandir}/man1/salt-cp.1*
%doc %{_mandir}/man1/salt-key.1*
%doc %{_mandir}/man1/salt-master.1*
%doc %{_mandir}/man1/salt-run.1*
%{_bindir}/salt
%{_bindir}/salt-cp
%{_bindir}/salt-key
%{_bindir}/salt-master
%{_bindir}/salt-run
%{_unitdir}/salt-master.service
%config(noreplace) %{_sysconfdir}/salt/master
%config(noreplace) %{_sysconfdir}/salt/master.d
%config(noreplace) %{_sysconfdir}/salt/pki/master
%doc %{_mandir}/man7/%{name}.7*
%doc %{_mandir}/man1/%{name}.1*
%doc %{_mandir}/man1/%{name}-cp.1*
%doc %{_mandir}/man1/%{name}-key.1*
%doc %{_mandir}/man1/%{name}-master.1*
%doc %{_mandir}/man1/%{name}-run.1*
%{_bindir}/%{name}
%{_bindir}/%{name}-cp
%{_bindir}/%{name}-key
%{_bindir}/%{name}-master
%{_bindir}/%{name}-run
%{_unitdir}/%{name}-master.service
%config(noreplace) %{_sysconfdir}/%{name}/master
%config(noreplace) %{_sysconfdir}/%{name}/master.d
%config(noreplace) %{_sysconfdir}/%{name}/pki/master
%files minion
%defattr(-,root,root)
%doc %{_mandir}/man1/salt-call.1*
%doc %{_mandir}/man1/salt-minion.1*
%doc %{_mandir}/man1/salt-proxy.1*
%{_bindir}/salt-minion
%{_bindir}/salt-call
%{_bindir}/salt-proxy
%{_unitdir}/salt-minion.service
%{_unitdir}/salt-proxy@.service
%config(noreplace) %{_sysconfdir}/salt/minion
%config(noreplace) %{_sysconfdir}/salt/proxy
%config(noreplace) %{_sysconfdir}/salt/minion.d
%config(noreplace) %{_sysconfdir}/salt/pki/minion
%doc %{_mandir}/man1/%{name}-call.1*
%doc %{_mandir}/man1/%{name}-minion.1*
%doc %{_mandir}/man1/%{name}-proxy.1*
%{_bindir}/%{name}-minion
%{_bindir}/%{name}-call
%{_bindir}/%{name}-proxy
%{_unitdir}/%{name}-minion.service
%{_unitdir}/%{name}-proxy@.service
%config(noreplace) %{_sysconfdir}/%{name}/minion
%config(noreplace) %{_sysconfdir}/%{name}/proxy
%config(noreplace) %{_sysconfdir}/%{name}/minion.d
%config(noreplace) %{_sysconfdir}/%{name}/pki/minion
%files syndic
%doc %{_mandir}/man1/salt-syndic.1*
%{_bindir}/salt-syndic
%{_unitdir}/salt-syndic.service
%doc %{_mandir}/man1/%{name}-syndic.1*
%{_bindir}/%{name}-syndic
%{_unitdir}/%{name}-syndic.service
%files api
%defattr(-,root,root)
%doc %{_mandir}/man1/salt-api.1*
%{_bindir}/salt-api
%{_unitdir}/salt-api.service
%doc %{_mandir}/man1/%{name}-api.1*
%{_bindir}/%{name}-api
%{_unitdir}/%{name}-api.service
%files cloud
%doc %{_mandir}/man1/salt-cloud.1*
%{_bindir}/salt-cloud
%{_sysconfdir}/salt/cloud.conf.d
%{_sysconfdir}/salt/cloud.deploy.d
%{_sysconfdir}/salt/cloud.maps.d
%{_sysconfdir}/salt/cloud.profiles.d
%{_sysconfdir}/salt/cloud.providers.d
%config(noreplace) %{_sysconfdir}/salt/cloud
%doc %{_mandir}/man1/%{name}-cloud.1*
%{_bindir}/%{name}-cloud
%{_sysconfdir}/%{name}/cloud.conf.d
%{_sysconfdir}/%{name}/cloud.deploy.d
%{_sysconfdir}/%{name}/cloud.maps.d
%{_sysconfdir}/%{name}/cloud.profiles.d
%{_sysconfdir}/%{name}/cloud.providers.d
%config(noreplace) %{_sysconfdir}/%{name}/cloud
%files ssh
%doc %{_mandir}/man1/salt-ssh.1*
%{_bindir}/salt-ssh
%config(noreplace) %{_sysconfdir}/salt/roster
%doc %{_mandir}/man1/%{name}-ssh.1*
%{_bindir}/%{name}-ssh
%config(noreplace) %{_sysconfdir}/%{name}/roster
# assumes systemd for RHEL 7 & 8 & 9
# assumes systemd for RHEL 7 & 8
%preun master
# RHEL 9 is giving warning msg if syndic is not installed, supress it
%systemd_preun salt-syndic.service > /dev/null 2>&1
%systemd_preun %{name}-syndic.service
%preun minion
%systemd_preun salt-minion.service
%systemd_preun %{name}-minion.service
%preun api
%systemd_preun salt-api.service
%systemd_preun %{name}-api.service
%post master
%systemd_post salt-master.service
if [ $1 -lt 2 ]; then
# install
# ensure hmac are up to date, master or minion, rest install one or the other
# key used is from openssl/crypto/fips/fips_standalone_hmac.c openssl 1.1.1k
if [ $(cat /etc/os-release | grep VERSION_ID | cut -d '=' -f 2 | sed 's/\"//g' | cut -d '.' -f 1) = "8" ]; then
/bin/openssl sha256 -r -hmac orboDeJITITejsirpADONivirpUkvarP /opt/saltstack/salt/run/libssl.so.1.1 | cut -d ' ' -f 1 > /opt/saltstack/salt/run/.libssl.so.1.1.hmac || :
/bin/openssl sha256 -r -hmac orboDeJITITejsirpADONivirpUkvarP /opt/saltstack/salt/run/libcrypto.so.1.1 | cut -d ' ' -f 1 > /opt/saltstack/salt/run/.libcrypto.so.1.1.hmac || :
fi
fi
%systemd_post %{name}-master.service
%post syndic
%systemd_post salt-syndic.service
%systemd_post %{name}-syndic.service
%post minion
%systemd_post salt-minion.service
if [ $1 -lt 2 ]; then
# install
# ensure hmac are up to date, master or minion, rest install one or the other
# key used is from openssl/crypto/fips/fips_standalone_hmac.c openssl 1.1.1k
if [ $(cat /etc/os-release | grep VERSION_ID | cut -d '=' -f 2 | sed 's/\"//g' | cut -d '.' -f 1) = "8" ]; then
/bin/openssl sha256 -r -hmac orboDeJITITejsirpADONivirpUkvarP /opt/saltstack/salt/run/libssl.so.1.1 | cut -d ' ' -f 1 > /opt/saltstack/salt/run/.libssl.so.1.1.hmac || :
/bin/openssl sha256 -r -hmac orboDeJITITejsirpADONivirpUkvarP /opt/saltstack/salt/run/libcrypto.so.1.1 | cut -d ' ' -f 1 > /opt/saltstack/salt/run/.libcrypto.so.1.1.hmac || :
fi
fi
%systemd_post %{name}-minion.service
%post api
%systemd_post salt-api.service
%systemd_post %{name}-api.service
%postun master
%systemd_postun_with_restart salt-master.service
if [ $1 -eq 0 ]; then
if [ $(cat /etc/os-release | grep VERSION_ID | cut -d '=' -f 2 | sed 's/\"//g' | cut -d '.' -f 1) = "8" ]; then
if [ -z "$(rpm -qi salt-minion | grep Name | grep salt-minion)" ]; then
# uninstall and no minion running
/bin/rm -f /opt/saltstack/salt/run/.libssl.so.1.1.hmac || :
/bin/rm -f /opt/saltstack/salt/run/.libcrypto.so.1.1.hmac || :
fi
fi
fi
%systemd_postun_with_restart %{name}-master.service
%postun syndic
%systemd_postun_with_restart salt-syndic.service
%systemd_postun_with_restart %{name}-syndic.service
%postun minion
%systemd_postun_with_restart salt-minion.service
if [ $1 -eq 0 ]; then
if [ $(cat /etc/os-release | grep VERSION_ID | cut -d '=' -f 2 | sed 's/\"//g' | cut -d '.' -f 1) = "8" ]; then
if [ -z "$(rpm -qi salt-master | grep Name | grep salt-master)" ]; then
# uninstall and no master running
/bin/rm -f /opt/saltstack/salt/run/.libssl.so.1.1.hmac || :
/bin/rm -f /opt/saltstack/salt/run/.libcrypto.so.1.1.hmac || :
fi
fi
fi
%systemd_postun_with_restart %{name}-minion.service
%postun api
%systemd_postun_with_restart salt-api.service
%systemd_postun_with_restart %{name}-api.service
%changelog
* Mon Oct 30 2023 Gwyn Ciesla <gwync@protonmail.com> - 3005.4-1
- 3005.4
* Tue Sep 05 2023 Gwyn Ciesla <gwync@protonmail.com> - 3005.2-1
- 3005.2
* Tue Apr 25 2023 Sergey Cherevko <s.cherevko@msvsphere.ru> - 3005.1-4
- Rebuilt for MSVSphere 9.1
* Tue Nov 01 2022 SaltStack Packaging Team <packaging@saltstack.com> - 3005-2
- Generate HMAC files post-install in case FIPS mode used only if libraries exist
* Mon Oct 10 2022 Robby Callicotte <rcallicotte@fedoraproject.org> - 3005.1-2
- Removed macros from changelog
* Tue Sep 27 2022 SaltStack Packaging Team <packaging@saltstack.com> - 3005-1
- Generate HMAC files post-install in case FIPS mode used
- Added MAN pages
* Tue Oct 04 2022 Salt Project Packaging <saltproject-packaging@vmware.com> - 3005.1-1
- Update to feature release 3005.1-1 for Python 3
* Fri Apr 10 2020 SaltStack Packaging Team <packaging@frogunder.com> - 3001
- Update to use pop-build
* Thu Aug 25 2022 Salt Project Packaging <saltproject-packaging@vmware.com> - 3005-1
- Update to feature release 3005-1 for Python 3
* Mon Feb 03 2020 SaltStack Packaging Team <packaging@frogunder.com> - 3000-1
- Update to feature release 3000-1 for Python 3
* Thu Jul 28 2022 Robby Callicotte <rcallicotte@fedoraproject.org> - 3004.2-3
- Cleaned up specfile
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3004.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 21 2022 Salt Project Packaging <saltproject-packaging@vmware.com> - 3004.2-1
- Update to CVE release 3004.2-1 for Python 3
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 3004.1-2
- Rebuilt for Python 3.11
* Mon Mar 28 2022 Salt Project Packaging <saltproject-packaging@vmware.com> - 3004.1-1
- Update to CVE release 3004.1-1 for Python 3
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3004-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Oct 19 2021 Salt Project Packaging <saltproject-packaging@vmware.com> - 3004-1
- Update to feature release 3004-1 for Python 3
* Wed Sep 08 2021 SaltStack Packaging Team <saltproject-packaging@vmware.com> - 3003.3-1
- Update to CVE release 3003.3-1 https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
* Thu Aug 12 2021 SaltStack Packaging Team <packaging@saltstack.com> - 3003.2-1
- Update to bugfix release 3003.2-1 for Python 3
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3003.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Jul 01 2021 SaltStack Packaging Team <packaging@saltstack.com> - 3003.1-1
- Update to bugfix release 3003.1-1 for Python 3
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 3003-2
- Rebuilt for Python 3.10
* Mon Apr 26 2021 SaltStack Packaging Team <packaging@saltstack.com> - 3003-1
- Update to feature release 3003-1 for Python 3
* Fri Mar 26 2021 SaltStack Packaging Team <packaging@saltstack.com> - 3002.6-1
- Update to bugfix release 3002.6-1 for Python 3
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3002.5-2
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Fri Feb 26 2021 SaltStack Packaging Team <packaging@saltstack.com> - 3002.5-1
- Update to CVE release 3002.5-1 for Python 3
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3002.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Nov 18 2020 SaltStack Packaging Team <packaging@saltstack.com> - 3002.2-1
- Update to bugfix release 3002.2-1 for Python3
- Revert _scope_id patch since it's been fixed upstream
## - Removed Torando since salt.ext.tornado, add dependencies for Tornado
* Wed Nov 04 2020 SaltStack Packaging Team <packaging@saltstack.com> - 3002.1-1
- Update to CVE release 3002.1-1 for Python3
* Wed Jan 22 2020 SaltStack Packaging Team <packaging@garethgreenaway.com> - 3000.0.0rc2-1
* Sun Oct 25 2020 Gwyn Ciesla <gwync@protonmail.com> - 3002-1
- 3002
- Patch for _scope_id 3.9 error.
* Mon Jul 27 2020 SaltStack Packaging Team <packaging@saltstack.com> - 3001.1-1
- Update to feature release 3001.1-1 for Python 3
* Thu Jun 18 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 30001-1
- Update to feature release 30001-1 for Python 3
* Wed Jun 03 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3001rc1-2
- Altered msgpack and python-zmq versions limitation
* Tue Jun 02 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3001rc1-1
- Update to Release Candidate rc1 for point release 3001
* Fri May 15 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000.3-1
- Update to feature release 3000.3-1 for Python 3
* Wed Apr 29 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000.2-1
- Update to feature release 3000.2-1 for Python 3
* Wed Apr 01 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000.1-1
- Update to feature release 3000.1-1 for Python 3
* Tue Feb 25 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000-5
- Fix lint clean up issues
* Tue Feb 25 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000-4
- Removed cherrypy < 18.0.0 check since python 3.5 no longer used on Fedora
* Mon Feb 24 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000-3
- Added distro as a build and requires dependency for Fedora >= 31
* Mon Feb 24 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000-2
- Changed dependency for crypto to pycryptodomex
* Mon Feb 03 2020 SaltStack Packaging Team <packaging@saltstack.com.com> - 3000-1
- Update to feature release 3000-1 for Python 3
- Removed Torando since salt.ext.tornado, add dependencies for Tornado
* Wed Jan 22 2020 SaltStack Packaging Team <packaging@saltstack.com> - 3000.0.0rc2-1
- Update to Neon Release Candidate 2 for Python 3
- Updated spec file to not use py3_build due to '-s' preventing pip installs
- Updated patch file to support Tornado4
* Wed Jan 08 2020 SaltStack Packaging Team <packaging@frogunder.com> - 2019.2.3-1
* Wed Jan 08 2020 SaltStack Packaging Team <packaging@saltstack.com> - 2019.2.3-1
- Update to feature release 2019.2.3-1 for Python 3
* Tue Oct 15 2019 SaltStack Packaging Team <packaging@frogunder.com> - 2019.2.2-1
* Tue Oct 15 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2019.2.2-1
- Update to feature release 2019.2.2-1 for Python 3
* Thu Sep 12 2019 SaltStack Packaging Team <packaging@frogunder.com> - 2019.2.1-1
* Thu Sep 12 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2019.2.1-1
- Update to feature release 2019.2.1-1 for Python 3
* Tue Sep 10 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2019.2.0-10
@ -484,27 +479,70 @@ fi
* Mon Apr 08 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.4-2
- Update to allow for Python 3.6
* Mon Mar 04 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2019.2.0-1
- Update to feature release 2019.2.0-1 for Python 2
* Sat Feb 16 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2019.2.0-1
- Update to feature release 2019.2.0-1 for Python 3
* Sat Feb 16 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.4-1
- Update to feature release 2018.3.4-1 for Python 3
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2018.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 09 2019 SaltStack Packaging Team <packaging@saltstack.com> - 2019.2.0-0
- Update to feature release branch 2019.2.0-0 for Python 2
- Revised acceptable versions of cherrypy, futures
* Thu Nov 29 2018 SaltStack Packaging Team <packaging@Ch3LL.com> - 2018.3.3-2
- Revised BuildRequires and Requires to use python2 versions of packages
- Cleaned up spec file to apply to Fedora 28 and above
* Mon Oct 15 2018 SaltStack Packaging Team <packaging@Ch3LL.com> - 2018.3.3-1
- Update to feature release 2018.3.3-1 for Python 2
- Revised versions of cherrypy acceptable
* Tue Oct 09 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.3-1
- Update to feature release 2018.3.3-1 for Python 3
- Revised versions of cherrypy acceptable
* Tue Jul 24 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.2-5
- Fix version of python used, multiple addition of 2.7
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2018.3.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 09 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.2-3
- Allow for removal of /usr/bin/python
* Mon Jul 09 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.2-2
- Correct tornado version check
* Thu Jun 21 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.2-1
- Update to feature release 2018.3.2-1 for Python 2
* Mon Jun 11 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.1-1
- Update to feature release 2018.3.1-1 for Python 3
- Revised minimum msgpack version >= 0.4
* Fri Jun 08 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.1-1
- Update to feature release 2018.3.1-1 for Python 2
- Revised minimum msgpack version >= 0.4
* Mon Apr 02 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.0-1
- Development build for Python 3 support
* Fri Mar 30 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2018.3.0-1
- Update to feature release 2018.3.0-1
* Tue Mar 27 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2017.7.5-1
- Update to feature release 2017.7.5-1
* Fri Feb 16 2018 SaltStack Packaging Team <packaging@saltstack.com> - 2017.7.4-1
- Update to feature release 2017.7.4-1
- Limit to Tornado use to between versions 4.2.1 and less than 5.0
* Tue Jan 30 2018 SaltStack Packaging Team <packaging@Ch3LL.com> - 2017.7.3-1
- Update to feature release 2017.7.3-1
Write Preview
Loading…
Cancel
Save