From: Phil Dibowitz <firstname.lastname@example.org> Trac: Refs #131 * If a directory is in auth_system_homedirs, auth shouldn't touch it in any way * auth needs to respect a 0 in min_root_keys Signed-off-by: Phil Dibowitz <email@example.com>
From: Phil Dibowitz <firstname.lastname@example.org> Trac: Refs #128 Doh, PhilFail. The existing exclude functionality does work here, I had a PEBKAC. Thanks to Chet for pushing me on this. This removes that one small part from the last commit. Signed-off-by: Phil Dibowitz <email@example.com>
…svn internal files From: Phil Dibowitz <firstname.lastname@example.org> Trac: Refs #127, #128 - Various places are trying to log with 'warn' which isn't valid and causes spine to crash instead of log the warning - While I was in various files fixing logging, I fixed " -> ' in a few places. - We ignore .svn for config keys, but not overlays. My ignoring voer overlays is not as agressive on overlays as config keys because that would break stuff, I just want to be able to do --croot with my checkout directory without dropping .svn dirs everywhere. From: Phil Dibowitz <email@example.com>
From: Chet Burgess <firstname.lastname@example.org> Trac: Refs #107 Same as changes to spine_2_1 branch, but now on trunk. The introduction of simple_exec caused a few problems. Most noteably the fact that the logic for detectin dryrun and intert functions was incorrect such that command always ran in dryrun mode even if inert was set to 0. After fixing this I discoverd a number of other issues around the fact that commands were no longer running during dryrun mode even when they needed to. More information on a file by file basis. M trunk/lib/Spine/Util.pm -do_rsync needs to support inert since it can be called in cases that need to run even during dryrun -Fixed typo wraper => wrapper -exec_command was only used by RestartServices, updated RestartService to just use simple_exec directly. Checked the existing TM data tree and found no uses of the exec_command function in templates. M trunk/lib/Spine/Util/Exec.pm -Fixed detection of dryrun mode (c_dryrun not dryrun). -_readlines would error if we were in dryrun, no returns undef if we are running in dryrun mode. M trunk/lib/Spine/Plugin/Overlay.pm -Call do_rsync with inert=1 when copying the content of c_root to the temp overlay. M trunk/lib/Spine/Plugin/RestartServices.pm -Call simple_exec directly instead of exec_command. Signed-off-by: Chet Burgess <email@example.com>
Trac: Refs #4 - Added support for --quiet mode to support future tools which may need it. - Modified quick_template to call spine-mgmt using --quiet. Signed-off-by: Rafi Khardalian
Trac: Refs #101 - Fix to prevent service restarts from being triggered during a dryrun.
Author: Chet Burges Trac: Refs #96 Rename the spine binary to spine-mgmt. Rename most references of spine to spine-mgmt. Move config files to /etc/spine-mgmt/ Note: Yet another commit message form. Hopefully the subject at the top will make the messages look cleaner in RSS readers. Signed-off-by: Chet Burgess <firstname.lastname@example.org>
Trac: Refs #95 Spine::Register::load_plugin always returns SPINE_SUCCESS instead of the actual rc value generated from attempting to laod the plugins. Signed-off-by: Chet Burgess <email@example.com>
…if desired. - Force privfiles call to return an array, #refs 90
… is doing. SystemHarden will now print an informative message telling you it is running.
Data.pm calls syslog() without calling openlog(), which Sys::Syslog considers a no-no. This spine-config now calls openlog and closelog. Additionally openlog is called with user configurable options for facility, syslog opts, and the ident string. These can be configured in the config file under the Spine section using SyslogIdent, SyslogFacility, and SyslogOptions. Patch provided by Alexander Toth (atoth).
Use lstat instead of stat in order to ensure we are testing the permissions of the symlink and not the underlying file. The underlying file should be caught about the search anyway. Additionally log if we encounter a symlink with the SUID and/or SGID bit set as we can't reliably change the permissions of the symlink.
SystemInfo will now look for a key called network_path that provides the path to where the the network directory is located. If the key is not present the code will default to simply "network" (the current behavior). The network_path key will need to be placed in the spine_internal directory as SystemInfo runs during the DISCOVERY/populate phase before the tree is parsed.
There are 3 primary changes. 1) There is now a config file option called Parser under the spine section to control what type of TT parser is used. The current values are pureTT and lameTT. The code defaults to pureTT. pureTT does not call the convert_lame_to_TT function. 2) The convert_lame_to_TT function will now store the name of every key it encounters that has lame syntax in the c_lame_keys key. This key can be used by existing data tree to help clean-up their trees and remove existing lame syntax. 3) At the end of a spine run the count of lame keys encountered will be printed if any lame keys were encountered. This will help in the clean-up of existing trees.
Also removed Spine::Parser as it is not used and will be replaced in 2.2 Tests show it to work cleanly but as this is a large change heavy QA is needed. Currently yum changes are untested.
…. It might be better to move this to tests/lib/Spine/Plugin since it's not needed for production