Merge pull request Normation#332 from Kegeruneku/ust_4740/int/4910_cr…

…eate_rudder_node_package

Fixes #4910: Create the rudder-node package (fusion-less rudder agent pa...

rudder-node/SOURCES/.dependencies

@@ -0,0 +1,7 @@
+SLES11:gcc openssl-devel bison flex pcre-devel libdb-4_5-devel zlib-devel libbz2-devel
+SLES10:gcc openssl-devel bison flex pcre-devel db42-devel zlib-devel
+RHEL3:gcc openssl-devel bison flex pcre-devel make byacc zlib-devel bzip2-devel kernel-utils
+RHEL5:gcc openssl-devel bison flex pcre-devel make db4-devel byacc zlib-devel bzip2-devel
+RHEL6:gcc openssl-devel bison flex pcre-devel make db4-devel byacc tokyocabinet-devel
+FEDORA18:gcc openssl-devel bison flex pcre-devel make db4-devel byacc tokyocabinet-devel
+FEDORA20:gcc openssl-devel bison flex pcre-devel make db4-devel byacc tokyocabinet-devel

rudder-node/SOURCES/Makefile

@@ -0,0 +1,87 @@
+#####################################################################################
+# Copyright 2014 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+.DEFAULT_GOAL := localdepends
+
+RUDDER_VERSION_TO_PACKAGE = <put Rudder version or version-snapshot here>
+CFENGINE_RELEASE = 3.6.0rc2-build1
+LMDB_RELEASE = 0.9.11
+TMP_DIR := $(shell mktemp -dq /tmp/rudder.XXXXXX)
+WGET := $(if $(PROXY), http_proxy=$(PROXY) ftp_proxy=$(PROXY)) /usr/bin/wget -q
+PATCH := /usr/bin/patch
+
+localdepends: ./initial-promises ./lmdb-source ./cfengine-source ../debian/rudder-agent.init ../debian/rudder-agent.default ./rudder-agent.cron ../debian/rudder-agent.cron.d
+	rm -rf $(TMP_DIR)
+
+./cfengine-source: /usr/bin/wget
+	# Original URL: https://github.com/cfengine/core/archive/$(CFENGINE_RELEASE).tar.gz
+	$(WGET) -O $(TMP_DIR)/cfengine.tgz http://www.normation.com/tarball/core-$(CFENGINE_RELEASE).tar.gz
+	tar xzf $(TMP_DIR)/cfengine.tgz -C $(TMP_DIR)
+	mv $(TMP_DIR)/core-$(CFENGINE_RELEASE) ./cfengine-source
+	# No patches to apply
+
+./lmdb-source: /usr/bin/wget
+	# Original URL: http://ftp.fr.debian.org/debian/pool/main/l/lmdb/lmdb_$(LMDB_RELEASE).orig.tar.xz
+	$(WGET) -O $(TMP_DIR)/lmdb.tgz http://www.normation.com/tarball/lmdb-$(LMDB_RELEASE).tar.gz
+	tar xzf $(TMP_DIR)/lmdb.tgz -C $(TMP_DIR)
+	mv $(TMP_DIR)/lmdb-$(LMDB_RELEASE) ./lmdb-source
+
+./rudder-sources.tar.bz2:
+	$(WGET) -O rudder-sources.tar.bz2 http://www.rudder-project.org/archives/rudder-sources-$(RUDDER_VERSION_TO_PACKAGE).tar.bz2
+
+./rudder-sources: ./rudder-sources.tar.bz2
+	tar -xjf rudder-sources.tar.bz2
+	mv rudder-sources-*/ rudder-sources/
+
+./initial-promises: ./rudder-sources
+	rm -rf ./initial-promises/
+	cp -a ./rudder-sources/rudder-techniques/initial-promises/node-server/ ./initial-promises
+
+../debian/rudder-agent.init:
+	cp ./rudder-agent.init ../debian/
+
+../debian/rudder-agent.default:
+	cp ./rudder-agent.default ../debian/
+
+./rudder-agent.cron: ./rudder-sources
+	cp ./rudder-sources/rudder-techniques/techniques/system/common/1.0/rudder_agent_community_cron.st ./rudder-agent.cron
+	# Set unexpanded variables of the cron file
+	sed 's@\$${sys.workdir}@/var/rudder/cfengine-community@g' -i rudder-agent.cron
+	sed 's@\$${g.rudder_base}@/opt/rudder@g' -i rudder-agent.cron
+	sed  's@\\&\\&@\&\&@g' -i rudder-agent.cron
+	sed  's@\\&1@\&1@g' -i rudder-agent.cron
+
+../debian/rudder-agent.cron.d: ./rudder-agent.cron
+	cp ./rudder-agent.cron ../debian/rudder-agent.cron.d
+
+/usr/bin/wget:
+	sudo apt-get --assume-yes install wget
+
+localclean:
+	rm -rf ./cfengine-source
+	rm -rf ./lmdb-source
+	rm -rf ./initial-promises
+	rm -f ../debian/rudder-agent.init
+	rm -f ../debian/rudder-agent.default
+	rm -rf ./rudder-sources
+	rm -f ./rudder-agent.cron ../debian/rudder-agent.cron.d
+
+veryclean:
+	rm -f ./rudder-sources.tar.bz2
+
+.PHONY: localclean localdepends veryclean

rudder-node/SOURCES/check-rudder-agent

@@ -0,0 +1,205 @@
+#!/bin/sh
+#####################################################################################
+# Copyright 2013 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+set -e
+
+# Ensure our PATH includes Rudder's bin dir (for uuidgen on AIX in particular)
+export PATH=/opt/rudder/bin/:$PATH
+
+# Variables
+BACKUP_DIR=/var/backups/rudder/
+OS_FAMILY=$(uname -s)
+
+# If we are on AIX, use alternative commands and options
+if [ "z${OS_FAMILY}" = "zAIX" ]; then
+  CP_A="cp -hpPr"
+  PS_OPTIONS="-ef"
+else
+  CP_A="cp -a"
+  PS_OPTIONS="-efww"
+fi
+
+echo_n() {
+  if [ "z${OS_FAMILY}" = "zAIX" ]; then
+    /usr/bin/echo "$*\c"
+  else
+    echo -n $*
+  fi
+}
+
+# Default variables for CFEngine binaries and disable files
+CFE_DIR=/var/rudder/cfengine-community
+CFE_BIN_DIR=${CFE_DIR}/bin
+CFE_DISABLE_FILE=/opt/rudder/etc/disable-agent
+
+LAST_UPDATE_FILE=${CFE_DIR}/last_successful_inputs_update
+
+UUID_FILE=/opt/rudder/etc/uuid.hive
+
+clean_cf_lock_files() {
+  rm -f ${CFE_DIR}/state/cf_lock.tcdb
+  rm -f ${CFE_DIR}/state/cf_lock.tcdb.lock
+}
+
+check_and_fix_cfengine_processes() {
+
+# Detect the correct ps tool to use
+# Supported tools are ps, vzps, and the rudder supplied vzps.py
+PS=ps
+VZPS=/bin/vzps
+RUDDERPS=/opt/rudder/bin/vzps.py
+
+# Detect if we are a VZ host
+if [ -e "/proc/bc/0" ]; then
+  # Detect if vzps is present
+  if [ -e ${VZPS} ]; then
+    PS="${VZPS} -E 0"
+  else
+    PS="${RUDDERPS} -E 0"
+  fi
+fi
+
+# List the CFEngine processes running
+CF_PROCESS_RUNNING=`${PS} ${PS_OPTIONS} | grep -E "${CFE_BIN_DIR}/(cf-execd|cf-agent)" | grep -v grep | cat`
+# Count the number of processes running, filtering empty lines
+NB_CF_PROCESS_RUNNING=`echo "${CF_PROCESS_RUNNING}" | grep -v ^$ | wc -l`
+
+# If no disable file AND no process of CFEngine from Rudder, then relaunch cf-agent with a failsafe first
+# But this is applied only on servers or nodes already initialized (policy server set)
+if [ ! -e ${CFE_DISABLE_FILE} -a ${NB_CF_PROCESS_RUNNING} -eq 0 -a -f ${CFE_DIR}/policy_server.dat ]; then
+  echo_n "WARNING: No disable file detected and no CFEngine process neither. Relaunching CFEngine processes..."
+  ${CFE_BIN_DIR}/cf-agent -f failsafe.cf >/dev/null 2>&1
+  ${CFE_BIN_DIR}/cf-agent >/dev/null 2>&1
+  echo " Done"
+fi
+
+
+RUN_INTERVAL=`cat /var/rudder/cfengine-community/inputs/run_interval`
+CHECK_INTERVAL=`expr ${RUN_INTERVAL} \* 2`
+
+# Check for the age of the last update file
+# if it is older than CHECK_INTERVAL minutes, we need to kill the lock file on tcdb database
+if [ ! -e ${LAST_UPDATE_FILE} ]; then
+  # The file ${LAST_UPDATE_FILE} is not yet present, this node is probably 
+  # not accepted yet. Do nothing
+  :
+elif test `find ${LAST_UPDATE_FILE} -mmin +${CHECK_INTERVAL}`; then
+  echo_n "WARNING: The file ${LAST_UPDATE_FILE} is older than ${CHECK_INTERVAL} minutes, the agent is probably stuck. Purging the TokyoCabinet lock file..."
+  clean_cf_lock_files
+  echo " Done";
+fi
+
+
+# Check for anomalous number of CFEngine processes
+# If there are more than 8 agent/executor processes, we should kill them, and purge the tcdb database
+if [ ${NB_CF_PROCESS_RUNNING} -gt 8 ]; then
+  echo_n "WARNING: Too many instance of CFEngine processes running. Killing them, and purging the TokyoCabinet database..."
+  echo "${CF_PROCESS_RUNNING}" | awk 'BEGIN { OFS=" "} {print $2 }' | xargs kill -9 || true
+  if [ "z${OS_FAMILY}" != "zAIX" ]; then
+    /etc/init.d/rudder-agent forcestop || true
+  fi
+  clean_cf_lock_files
+  echo " Done"
+fi
+}
+
+# Check the size of the cf_lock.tcdb file
+check_and_fix_cf_lock() {
+  MAX_CF_LOCK_SIZE=10485760
+  if [ -e "${CFE_DIR}/state/cf_lock.tcdb" ]; then
+    CF_LOCK_SIZE=`stat -c%s "${CFE_DIR}/state/cf_lock.tcdb"`
+    if [ ${CF_LOCK_SIZE} -ge ${MAX_CF_LOCK_SIZE} ]; then
+      echo -n "WARNING: The file ${CFE_DIR}/state/cf_lock.tcdb is too big ( ${CF_LOCK_SIZE} bytes), purging it..."
+      clean_cf_lock_files
+      echo " Done"
+    fi
+  fi
+}
+
+check_and_fix_rudder_uuid() {
+
+# Default variable about UUID backup
+LATEST_BACKUPED_UUID=""
+
+# Generate a UUID if we don't have one yet
+if [ ! -e ${UUID_FILE} ]; then
+  if [ -d ${BACKUP_DIR} ]; then
+    LATEST_BACKUPED_UUID=$(ls -v1 ${BACKUP_DIR}uuid-*.hive | tail -n1)
+  fi
+  if [ "z${LATEST_BACKUPED_UUID}" != "z" ]; then
+    echo_n "WARNING: The UUID of the node does not exist. The lastest backup (${LATEST_BACKUPED_UUID}) will be recovered..."
+    ${CP_A} ${LATEST_BACKUPED_UUID} ${UUID_FILE} >/dev/null 2>&1
+    echo " Done"
+  else
+    echo_n "WARNING: The UUID of the node does not exist and no backup exist. A new one will be generated..."
+    uuidgen > ${UUID_FILE}
+    echo " Done"
+  fi
+else
+  # UUID is valid only if it has been generetaed by uuidgen or if it is set to 'root' for policy server
+  CHECK_UUID=`cat /opt/rudder/etc/uuid.hive | grep -E "^[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}|root" | wc -l`
+  # If the UUID is not valid, regenerate it
+  if [ ${CHECK_UUID} -ne 1 ]; then
+    echo_n "INFO: Creating a new UUID for Rudder as the existing one is invalid..."
+    # Keep a backup of UUID even if it is not valid
+    mkdir -p /var/backups/rudder
+    cp -f /opt/rudder/etc/uuid.hive /var/backups/rudder/uuid-$(date +%Y%m%d).hive
+    # Generate a new one
+    uuidgen > ${UUID_FILE}
+    echo " Done."
+  fi
+fi
+}
+
+
+check_and_fix_specific_rudder_agent_file() {
+
+FILE_TO_RESTORE=$1
+FILE_TYPE=$2
+LATEST_BACKUPED_FILES=""
+
+if [ ! -e ${FILE_TO_RESTORE} ]; then
+  if [ -d ${BACKUP_DIR} ]; then
+    LATEST_BACKUPED_FILES=$(ls -v1 ${BACKUP_DIR}rudder-agent.${FILE_TYPE}-* | tail -n1)
+  fi
+  if [ "z${LATEST_BACKUPED_FILES}" != "z" ]; then
+    echo_n "WARNING: The file ${FILE_TO_RESTORE} does not exist. The lastest backup (${LATEST_BACKUPED_FILES}) will be recovered..."
+    ${CP_A} ${LATEST_BACKUPED_FILES} ${FILE_TO_RESTORE} >/dev/null 2>&1
+    echo " Done"
+  else
+    echo "WARNING: The file ${FILE_TO_RESTORE} does not exist and no backup exist. Please reinstall the rudder-agent package"
+  fi
+fi
+}
+
+
+# Ensure script is executed by root
+if [ ! $(whoami) = 'root' ];then echo "You must be root"; exit; fi
+
+# Launch each check with a certain order
+check_and_fix_rudder_uuid
+check_and_fix_cfengine_processes
+check_and_fix_cf_lock
+
+# The following files are not present on AIX systems
+if [ "z${OS_FAMILY}" != "zAIX" ]; then
+  check_and_fix_specific_rudder_agent_file /etc/init.d/rudder-agent init
+  check_and_fix_specific_rudder_agent_file /etc/default/rudder-agent default
+  check_and_fix_specific_rudder_agent_file /etc/cron.d/rudder-agent cron
+fi

rudder-node/SOURCES/patches/DEBIAN_8/0001-use-lmdb-from-packages.patch

@@ -0,0 +1,73 @@
+diff -Naur debian/control debian/control
+--- debian/control	2014-05-30 16:57:24.673815597 +0200
++++ debian/control	2014-05-30 17:10:54.760130342 +0200
+@@ -2,7 +2,7 @@
+ Section: admin
+ Priority: extra
+ Maintainer: Rudder packaging team <rudder-packaging@rudder-project.org>
+-Build-Depends: debhelper (>= 7), libssl-dev, bison, gcc, flex, libpcre3-dev, libpam0g-dev
++Build-Depends: debhelper (>= 7), libssl-dev, bison, gcc, flex, libpcre3-dev, libpam0g-dev, liblmdb-dev
+ Standards-Version: 3.8.0
+ Homepage: http://www.rudder-project.org
+
+diff -Naur debian/postinst debian/postinst
+--- debian/postinst	2014-05-30 17:06:19.883354427 +0200
++++ debian/postinst	2014-05-30 17:19:40.081435149 +0200
+@@ -33,9 +33,6 @@
+             fi
+         fi
+
+-        # Reload the linker cache (to acknowledge LMDB's presence if needed)
+-        if [ -e /etc/ld.so.conf.d/rudder.conf ]; then ldconfig; fi
+-
+         # Copy new binaries to workdir, make sure daemons are stopped first
+
+         # Set a "lock" to avoid CFEngine being restarted during the upgrade process
+diff -Naur debian/rules debian/rules
+--- debian/rules	2014-05-30 17:09:15.051849954 +0200
++++ debian/rules	2014-05-30 17:12:39.868424641 +0200
+@@ -12,15 +12,8 @@
+ configure: configure-stamp
+ configure-stamp:
+ 	dh_testdir
+-	# dh_prep has been moved from 'install' target since we need to build LMDB first
+-	dh_prep
+-	# Compile the LMDB library and install it in /opt/rudder
+-	# LMDB source code does not know how to create destination folders, do it ourselves
+-	for i in bin lib include man/man1; do mkdir -p $(CURDIR)/debian/tmp/opt/rudder/$$i; done
+-	cd SOURCES/lmdb-source/libraries/liblmdb && make
+-	cd SOURCES/lmdb-source/libraries/liblmdb && make install prefix=/opt/rudder DESTDIR=$(CURDIR)/debian/tmp
+-	# Prepare CFEngine 3.6.x build with defined path of LMDB
+-	cd SOURCES/cfengine-source && ./configure --prefix=/opt/rudder --with-workdir=/var/rudder/cfengine-community --enable-static=yes --enable-shared=no --with-lmdb=$(CURDIR)/debian/tmp/opt/rudder
++	# Prepare CFEngine 3.6.x build
++	cd SOURCES/cfengine-source && ./configure --prefix=/opt/rudder --with-workdir=/var/rudder/cfengine-community --enable-static=yes --enable-shared=no
+
+ 	touch configure-stamp
+
+@@ -45,6 +38,7 @@
+ install: build
+ 	dh_testdir
+ 	dh_testroot
++	dh_prep
+ 	dh_installdirs
+ 	# Add here commands to install the package into debian/tmp
+ 	cd SOURCES/cfengine-source && make install DESTDIR=$(CURDIR)/debian/tmp
+@@ -74,9 +68,6 @@
+ 	dh_install --SOURCEDIR=$(CURDIR)/SOURCES initial-promises /opt/rudder/share
+ 	# Install an empty uuid.hive file before generating an uuid
+ 	dh_install --SOURCEDIR=$(CURDIR)/SOURCES/ uuid.hive /opt/rudder/etc/
+-	# Install /etc/ld.so.conf.d/rudder.conf in order to use libraries contain
+-	# in /opt/rudder/lib like LMDB
+-	dh_install --SOURCEDIR=$(CURDIR)/SOURCES/ rudder.conf /etc/ld.so.conf.d
+ 	# Install a verification script for cron
+ 	dh_install --SOURCEDIR=$(CURDIR)/SOURCES/ check-rudder-agent /opt/rudder/bin/
+ 	# Install script to get local processes on VZ systems
+@@ -89,7 +80,7 @@
+ 	dh_compress
+ 	dh_fixperms
+ #	dh_perl
+-	dh_makeshlibs
++#	dh_makeshlibs
+ 	dh_installdeb
+ 	dh_shlibdeps
+ 	dh_gencontrol