diff --git a/0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch b/0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch deleted file mode 100644 index 8d34558..0000000 --- a/0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 7f0daf6cd3b6018c882c553ce0a3da51d47fec83 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= -Date: Thu, 30 Jul 2015 10:48:47 +0200 -Subject: [PATCH 1/3] Set sys.bindir to /usr/sbin, expect cf-*components there - -That's where the /var/cfengine/bin/* symlinks point to and where -the systemd .service files expect the daemons. - -This path is used in 'processes' of -masterfiles/update/update_processes.cf:enable_cfengine_agents ---- - libenv/sysinfo.c | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/libenv/sysinfo.c b/libenv/sysinfo.c -index 5447659da5e1..5715d9acc7b7 100644 ---- a/libenv/sysinfo.c -+++ b/libenv/sysinfo.c -@@ -589,8 +589,7 @@ static void GetNameInfo3(EvalContext *ctx) - EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "masterdir", GetMasterDir(), CF_DATA_TYPE_STRING, "source=agent"); - EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "inputdir", GetInputDir(), CF_DATA_TYPE_STRING, "source=agent"); - -- snprintf(workbuf, CF_BUFSIZE, "%s%cbin", workdir, FILE_SEPARATOR); -- EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "bindir", workbuf, CF_DATA_TYPE_STRING, "source=agent"); -+ EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "bindir", "/usr/bin", CF_DATA_TYPE_STRING, "source=agent"); - - snprintf(workbuf, CF_BUFSIZE, "%s%cfailsafe.cf", GetInputDir(), FILE_SEPARATOR); - EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "failsafe_policy_path", workbuf, CF_DATA_TYPE_STRING, "source=agent"); -@@ -635,7 +634,7 @@ static void GetNameInfo3(EvalContext *ctx) - components[i]); - } - #else -- snprintf(name, CF_MAXVARSIZE - 1, "%s%cbin%c%s", workdir, FILE_SEPARATOR, FILE_SEPARATOR, components[i]); -+ snprintf(name, CF_MAXVARSIZE - 1, "/usr/bin/%s", components[i]); - #endif - - have_component[i] = false; -@@ -660,7 +659,7 @@ static void GetNameInfo3(EvalContext *ctx) - snprintf(name, CF_MAXVARSIZE - 1, "%s%cbin%c%s.exe", workdir, FILE_SEPARATOR, FILE_SEPARATOR, - components[1]); - #else -- snprintf(name, CF_MAXVARSIZE - 1, "%s%cbin%c%s", workdir, FILE_SEPARATOR, FILE_SEPARATOR, components[1]); -+ snprintf(name, CF_MAXVARSIZE - 1, "/usr/bin/%s", components[1]); - #endif - - if (stat(name, &sb) != -1) --- -2.17.1 - diff --git a/0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch b/0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch deleted file mode 100644 index d7ef59d..0000000 --- a/0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch +++ /dev/null @@ -1,266 +0,0 @@ -From 35f37177192c77c66634346db354140b3c494dd0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= -Date: Fri, 11 Apr 2014 09:25:05 +0200 -Subject: [PATCH 2/3] Simplify and fix parsing of /etc/SuSE-release (fixes - issue #5423) - -This patch is a simplification of sysinfo.c:Linux_Suse_Version() -to achieve the following - -- distinction between "SUSE Linux Enterprise Server" (sles) and "... Desktop" (sled) -- distinction between SUSE Linux Enterprise products (suse) and openSUSE (opensuse) -- extract version from VERSION and PATCHLEVEL lines instead of - first line of /etc/SuSE-release -- verified for sles version 9,10,11,12; sled versions 10,11,12, openSUSE 13.1 ---- - libenv/sysinfo.c | 187 +++++++++++++++-------------------------------- - 1 file changed, 60 insertions(+), 127 deletions(-) - -diff --git a/libenv/sysinfo.c b/libenv/sysinfo.c -index 5715d9acc7b7..29b82b36807b 100644 ---- a/libenv/sysinfo.c -+++ b/libenv/sysinfo.c -@@ -1954,6 +1954,7 @@ static int Linux_Suse_Version(EvalContext *ctx) - #define SUSE_RELEASE_FLAG "linux " - - char classbuf[CF_MAXVARSIZE]; -+ char *vendor = "suse"; - - Log(LOG_LEVEL_VERBOSE, "This appears to be a SUSE system."); - EvalContextClassPutHard(ctx, "SUSE", "inventory,attribute_name=none,source=agent"); -@@ -1973,23 +1974,26 @@ static int Linux_Suse_Version(EvalContext *ctx) - return 1; - } - -- char vbuf[CF_BUFSIZE], strversion[CF_MAXVARSIZE], strpatch[CF_MAXVARSIZE]; -- strversion[0] = '\0'; -- strpatch[0] = '\0'; -+ char vbuf[CF_BUFSIZE]; - - int major = -1, minor = -1; - while (fgets(vbuf, sizeof(vbuf), fp) != NULL) - { - if (strncmp(vbuf, "VERSION", strlen("version")) == 0) - { -- strlcpy(strversion, vbuf, sizeof(strversion)); -- sscanf(vbuf, "VERSION = %d", &major); -+ int res; -+ res = sscanf(vbuf, "VERSION = %d.%d", &major, &minor); -+ Log(LOG_LEVEL_VERBOSE, "VERSION sscanf returned %d.", res); -+ if (res < 1) -+ major = -1; -+ else if (res < 2) -+ minor = -1; - } - - if (strncmp(vbuf, "PATCH", strlen("PATCH")) == 0) - { -- strlcpy(strpatch, vbuf, sizeof(strpatch)); -- sscanf(vbuf, "PATCHLEVEL = %d", &minor); -+ if (sscanf(vbuf, "PATCHLEVEL = %d", &minor) != 1) -+ minor = -1; - } - } - if (ferror(fp)) -@@ -2003,28 +2007,38 @@ static int Linux_Suse_Version(EvalContext *ctx) - - fclose(fp); - -- /* Check if it's a SUSE Enterprise version */ -+ /* Check which SUSE/openSUSE product it is */ - -- Log(LOG_LEVEL_VERBOSE, "Looking for SUSE enterprise info in '%s'", relstring); -+ Log(LOG_LEVEL_VERBOSE, "Looking for SUSE product info in '%s'", relstring); - -- /* Convert relstring to lowercase to handle rename of SuSE to -- * SUSE with SUSE 10.0. -- */ -- -- for (int i = 0; i < strlen(relstring); i++) -+ if (!strncasecmp(relstring, SUSE_SLES8_ID, strlen(SUSE_SLES8_ID))) - { -- relstring[i] = tolower(relstring[i]); -+ EvalContextClassPutHard(ctx, "SLES8", "inventory,attribute_name=none,source=agent"); - } -- -- /* Check if it's a SUSE Enterprise version (all in lowercase) */ -- -- if (!strncmp(relstring, SUSE_SLES8_ID, strlen(SUSE_SLES8_ID))) -+ else if (!strncasecmp(relstring, SUSE_SLES_ID, strlen(SUSE_SLES_ID))) - { -- classbuf[0] = '\0'; -- strcat(classbuf, "SLES8"); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ EvalContextClassPutHard(ctx, "sles", "inventory,attribute_name=none,source=agent"); -+ if (major != -1) -+ { -+ snprintf(classbuf, CF_MAXVARSIZE, "SLES%d", major); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ } -+ } -+ else if (!strncasecmp(relstring, SUSE_SLED_ID, strlen(SUSE_SLED_ID))) -+ { -+ EvalContextClassPutHard(ctx, "sled", "inventory,attribute_name=none,source=agent"); -+ if (major != -1) -+ { -+ snprintf(classbuf, CF_MAXVARSIZE, "SLED%d", major); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ } -+ } -+ else if (!strncasecmp(relstring, "opensuse", strlen("opensuse"))) -+ { -+ vendor = "opensuse"; -+ EvalContextClassPutHard(ctx, vendor, "inventory,attribute_name=none,source=agent"); - } -- else if (strncmp(relstring, "sles", 4) == 0) -+ else if (strncasecmp(relstring, "sles", 4) == 0) - { - Item *list, *ip; - -@@ -2042,120 +2056,39 @@ static int Linux_Suse_Version(EvalContext *ctx) - } - else - { -- for (int version = 9; version < 13; version++) -- { -- snprintf(vbuf, CF_BUFSIZE, "%s %d ", SUSE_SLES_ID, version); -- Log(LOG_LEVEL_DEBUG, "Checking for SUSE [%s]", vbuf); -- -- if (!strncmp(relstring, vbuf, strlen(vbuf))) -- { -- snprintf(classbuf, CF_MAXVARSIZE, "SLES%d", version); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- } -- else -- { -- snprintf(vbuf, CF_BUFSIZE, "%s %d ", SUSE_SLED_ID, version); -- Log(LOG_LEVEL_DEBUG, "Checking for SUSE [%s]", vbuf); -- -- if (!strncmp(relstring, vbuf, strlen(vbuf))) -- { -- snprintf(classbuf, CF_MAXVARSIZE, "SLED%d", version); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- } -- } -- } -+ Log(LOG_LEVEL_WARNING, "Unknown product '%s' in /etc/SuSE-release", relstring); - } - -- /* Determine release version. We assume that the version follows -- * the string "SuSE Linux" or "SUSE LINUX". -- */ -- -- char *release = strstr(relstring, SUSE_RELEASE_FLAG); -- if (release == NULL) -+ if (major != -1) - { -- release = strstr(relstring, "opensuse"); -- if (release == NULL) -+ strncpy(classbuf, vendor, CF_MAXVARSIZE); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", major); -+ SetFlavour(ctx, classbuf); -+ if (minor != -1) - { -- release = strversion; -+ snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", minor); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); - } -- } -- -- if (release == NULL) -- { -- Log(LOG_LEVEL_VERBOSE, -- "Could not find a numeric OS release in %s", -- SUSE_REL_FILENAME); -- return 2; -+ /* The correct spelling for SUSE is "SUSE" but CFEngine used to use "SuSE". -+ * Keep this for backwards compatibility until CFEngine 3.7 -+ */ -+ strncpy(classbuf, "SuSE", CF_MAXVARSIZE); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", major); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ if (minor != -1) -+ { -+ snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", minor); -+ EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -+ } -+ Log(LOG_LEVEL_VERBOSE, "Discovered %s version %d.%d", vendor, major, minor); - } - else - { -- char strmajor[PRINTSIZE(major)], strminor[PRINTSIZE(minor)]; -- if (strchr(release, '.')) -- { -- sscanf(release, "%*s %d.%d", &major, &minor); -- xsnprintf(strmajor, sizeof(strmajor), "%d", major); -- xsnprintf(strminor, sizeof(strminor), "%d", minor); -- -- if (major != -1 && minor != -1) -- { -- strcpy(classbuf, "SUSE"); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- strcat(classbuf, "_"); -- strcat(classbuf, strmajor); -- SetFlavor(ctx, classbuf); -- strcat(classbuf, "_"); -- strcat(classbuf, strminor); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- -- /* The correct spelling for SUSE is "SUSE" but CFEngine used to use "SuSE". -- * Keep this for backwards compatibility until CFEngine 3.7 -- */ -- strcpy(classbuf, "SuSE"); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- strcat(classbuf, "_"); -- strcat(classbuf, strmajor); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- strcat(classbuf, "_"); -- strcat(classbuf, strminor); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- -- Log(LOG_LEVEL_VERBOSE, "Discovered SUSE version %s", classbuf); -- return 0; -- } -- } -- else -- { -- sscanf(strversion, "VERSION = %s", strmajor); -- sscanf(strpatch, "PATCHLEVEL = %s", strminor); -- -- if (major != -1 && minor != -1) -- { -- strcpy(classbuf, "SLES"); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- strcat(classbuf, "_"); -- strcat(classbuf, strmajor); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- strcat(classbuf, "_"); -- strcat(classbuf, strminor); -- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- -- snprintf(classbuf, CF_MAXVARSIZE, "SUSE_%d", major); -- SetFlavor(ctx, classbuf); -- -- /* The correct spelling for SUSE is "SUSE" but CFEngine used to use "SuSE". -- * Keep this for backwards compatibility until CFEngine 3.7 -- */ -- snprintf(classbuf, CF_MAXVARSIZE, "SuSE_%d", major); -- EvalContextClassPutHard(ctx, classbuf, "source=agent"); -- -- Log(LOG_LEVEL_VERBOSE, "Discovered SUSE version %s", classbuf); -- return 0; -- } -- } -+ Log(LOG_LEVEL_VERBOSE, "Could not find a numeric OS release in %s", SUSE_REL_FILENAME); - } - -- Log(LOG_LEVEL_VERBOSE, "Could not find a numeric OS release in %s", SUSE_REL_FILENAME); -- - return 0; - } - --- -2.17.1 - diff --git a/0003-Reduce-string-truncation-warnings.patch b/0003-Reduce-string-truncation-warnings.patch deleted file mode 100644 index 5c64d5a..0000000 --- a/0003-Reduce-string-truncation-warnings.patch +++ /dev/null @@ -1,658 +0,0 @@ -From be9783fd1ba5f5150fef1c95349192271942a478 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= -Date: Tue, 3 Jul 2018 09:18:08 +0200 -Subject: [PATCH 3/3] Reduce string truncation warnings - ---- - cf-agent/verify_databases.c | 18 ++++++------- - cf-agent/verify_exec.c | 4 +-- - cf-agent/verify_packages.c | 2 +- - cf-execd/cf-execd-runner.c | 4 +-- - cf-monitord/env_monitor.c | 8 +++--- - cf-monitord/mon_network_sniffer.c | 6 ++--- - cf-runagent/cf-runagent.c | 6 ++--- - cf-serverd/server_common.c | 18 ++++++------- - libcfnet/client_protocol.c | 2 +- - libenv/sysinfo.c | 45 ++++++++++++++++--------------- - libpromises/cf3globals.c | 2 +- - libpromises/cf3lex.l | 6 ++--- - libpromises/cf3parse.y | 2 +- - libpromises/eval_context.c | 4 +-- - libpromises/evalfunction.c | 2 +- - libpromises/expand.c | 2 +- - libpromises/keyring.c | 4 +-- - libpromises/syslog_client.c | 2 +- - tests/unit/logging_test.c | 2 +- - tests/unit/set_domainname_test.c | 2 +- - 20 files changed, 71 insertions(+), 70 deletions(-) - -Index: cfengine-3.12.1/cf-agent/verify_databases.c -=================================================================== ---- cfengine-3.12.1.orig/cf-agent/verify_databases.c -+++ cfengine-3.12.1/cf-agent/verify_databases.c -@@ -221,7 +221,7 @@ static PromiseResult VerifySQLPromise(Ev - } - else - { -- snprintf(query, CF_MAXVARSIZE - 1, "%s.%s", database, table); -+ snprintf(query, sizeof(query) - 1, "%s.%s", database, table); - - if (VerifyTablePromise(ctx, &cfdb, query, a.database.columns, a, pp, &result)) - { -@@ -300,7 +300,7 @@ static int VerifyDatabasePromise(CfdbCon - if (((a.transaction.action) != cfa_warn) && (!DONTDO)) - { - Log(LOG_LEVEL_VERBOSE, "Attempting to delete the database '%s'", database); -- snprintf(query, CF_MAXVARSIZE - 1, "drop database %s", database); -+ snprintf(query, sizeof(query) - 1, "drop database %s", database); - CfVoidQueryDB(cfdb, query); - return cfdb->result; - } -@@ -316,7 +316,7 @@ static int VerifyDatabasePromise(CfdbCon - if (((a.transaction.action) != cfa_warn) && (!DONTDO)) - { - Log(LOG_LEVEL_VERBOSE, "Attempting to create the database '%s'", database); -- snprintf(query, CF_MAXVARSIZE - 1, "create database %s", database); -+ snprintf(query, sizeof(query) - 1, "create database %s", database); - CfVoidQueryDB(cfdb, query); - return cfdb->result; - } -@@ -499,7 +499,7 @@ static int ValidateRegistryPromiser(char - static int VerifyTablePromise(EvalContext *ctx, CfdbConn *cfdb, char *table_path, Rlist *columns, Attributes a, - const Promise *pp, PromiseResult *result) - { -- char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_MAXVARSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE]; -+ char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_BUFSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE]; - int i, count, size, no_of_cols, *size_table, *done, identified, retval = true; - char **name_table, **type_table; - -@@ -670,12 +670,12 @@ static int VerifyTablePromise(EvalContex - { - if (size_table[i] > 0) - { -- snprintf(query, CF_MAXVARSIZE - 1, "ALTER TABLE %s ADD %s %s(%d)", table, name_table[i], -+ snprintf(query, sizeof(query) - 1, "ALTER TABLE %s ADD %s %s(%d)", table, name_table[i], - type_table[i], size_table[i]); - } - else - { -- snprintf(query, CF_MAXVARSIZE - 1, "ALTER TABLE %s ADD %s %s", table, name_table[i], -+ snprintf(query, sizeof(query) - 1, "ALTER TABLE %s ADD %s %s", table, name_table[i], - type_table[i]); - } - -@@ -742,7 +742,7 @@ static int CreateTableColumns(CfdbConn * - - if (no_of_cols > 0) - { -- snprintf(query, CF_BUFSIZE - 1, "create table %s(", table); -+ snprintf(query, sizeof(query) - 1, "create table %s(", table); - - for (i = 0; i < no_of_cols; i++) - { -@@ -781,7 +781,7 @@ static int CreateTableColumns(CfdbConn * - static Rlist *GetSQLTables(CfdbConn *cfdb) - { - Rlist *list = NULL; -- char query[CF_MAXVARSIZE]; -+ char query[CF_BUFSIZE]; - - ListTables(cfdb->type, query); - -@@ -870,7 +870,7 @@ static int ValidateSQLTableName(char *ta - - static void QueryTableColumns(char *s, char *db, char *table) - { -- snprintf(s, CF_MAXVARSIZE - 1, -+ snprintf(s, CF_BUFSIZE - 1, - "SELECT column_name,data_type,character_maximum_length FROM information_schema.columns WHERE table_name ='%s' AND table_schema = '%s'", - table, db); - } -Index: cfengine-3.12.1/cf-agent/verify_exec.c -=================================================================== ---- cfengine-3.12.1.orig/cf-agent/verify_exec.c -+++ cfengine-3.12.1/cf-agent/verify_exec.c -@@ -203,7 +203,7 @@ static char *GetLockNameExec(Attributes - static ActionResult RepairExec(EvalContext *ctx, Attributes a, - const Promise *pp, PromiseResult *result) - { -- char eventname[CF_BUFSIZE]; -+ char eventname[CF_BUFSIZE * 2]; - char cmdline[CF_BUFSIZE]; - char comm[20]; - int outsourced, count = 0; -@@ -456,7 +456,7 @@ static ActionResult RepairExec(EvalConte - umask(maskval); - #endif - -- snprintf(eventname, CF_BUFSIZE - 1, "Exec(%s)", cmdline); -+ snprintf(eventname, CF_BUFSIZE*2 - 1, "Exec(%s)", cmdline); - - #ifndef __MINGW32__ - if ((a.transaction.background) && outsourced) -Index: cfengine-3.12.1/cf-agent/verify_packages.c -=================================================================== ---- cfengine-3.12.1.orig/cf-agent/verify_packages.c -+++ cfengine-3.12.1/cf-agent/verify_packages.c -@@ -3176,7 +3176,7 @@ static void DeletePackageManagers(Packag - - const char *PrefixLocalRepository(const Rlist *repositories, const char *package) - { -- static char quotedPath[CF_MAXVARSIZE]; /* GLOBAL_R, no need to initialize */ -+ static char quotedPath[CF_BUFSIZE * 2]; /* GLOBAL_R, no need to initialize */ - struct stat sb; - char path[CF_BUFSIZE]; - -Index: cfengine-3.12.1/cf-execd/cf-execd-runner.c -=================================================================== ---- cfengine-3.12.1.orig/cf-execd/cf-execd-runner.c -+++ cfengine-3.12.1/cf-execd/cf-execd-runner.c -@@ -195,7 +195,7 @@ void LocalExec(const ExecConfig *config) - strlcpy(esc_command, MapName(cmd), CF_BUFSIZE); - - -- char filename[CF_BUFSIZE]; -+ char filename[CF_BUFSIZE * 3]; - { - char line[CF_BUFSIZE]; - snprintf(line, CF_BUFSIZE, "_%jd_%s", (intmax_t) starttime, CanonifyName(ctime(&starttime))); -@@ -205,7 +205,7 @@ void LocalExec(const ExecConfig *config) - strlcpy(canonified_fq_name, config->fq_name, CF_BUFSIZE); - CanonifyNameInPlace(canonified_fq_name); - -- snprintf(filename, CF_BUFSIZE, "%s/outputs/cf_%s_%s_%p", -+ snprintf(filename, sizeof(filename), "%s/outputs/cf_%s_%s_%p", - GetWorkDir(), canonified_fq_name, line, thread_name); - - MapName(filename); -Index: cfengine-3.12.1/cf-monitord/env_monitor.c -=================================================================== ---- cfengine-3.12.1.orig/cf-monitord/env_monitor.c -+++ cfengine-3.12.1/cf-monitord/env_monitor.c -@@ -943,7 +943,7 @@ static double SetClasses(EvalContext *ct - { - Log(LOG_LEVEL_DEBUG, "No sigma variation .. can't measure class"); - -- snprintf(buffer, CF_MAXVARSIZE, "entropy_%s.*", name); -+ snprintf(buffer, sizeof(buffer), "entropy_%s.*", name); - MonEntropyPurgeUnused(buffer); - - return sig; -@@ -1051,13 +1051,13 @@ static void SetVariable(char *name, doub - { - char var[CF_BUFSIZE]; - -- snprintf(var, CF_MAXVARSIZE, "value_%s=%.2lf", name, value); -+ snprintf(var, sizeof(var), "value_%s=%.2lf", name, value); - AppendItem(classlist, var, ""); - -- snprintf(var, CF_MAXVARSIZE, "av_%s=%.2lf", name, average); -+ snprintf(var, sizeof(var), "av_%s=%.2lf", name, average); - AppendItem(classlist, var, ""); - -- snprintf(var, CF_MAXVARSIZE, "dev_%s=%.2lf", name, stddev); -+ snprintf(var, sizeof(var), "dev_%s=%.2lf", name, stddev); - AppendItem(classlist, var, ""); - } - -Index: cfengine-3.12.1/cf-monitord/mon_network_sniffer.c -=================================================================== ---- cfengine-3.12.1.orig/cf-monitord/mon_network_sniffer.c -+++ cfengine-3.12.1/cf-monitord/mon_network_sniffer.c -@@ -210,7 +210,7 @@ static void IncrementCounter(Item **list - - static void AnalyzeArrival(Item *ip_addresses, long iteration, char *arrival, double *cf_this) - { -- char src[CF_BUFSIZE], dest[CF_BUFSIZE], flag = '.', *arr; -+ char src[CF_BUFSIZE], dest[CF_BUFSIZE * 2], flag = '.', *arr; - int isme_dest, isme_src; - - src[0] = dest[0] = '\0'; -@@ -387,11 +387,11 @@ static void AnalyzeArrival(Item *ip_addr - - if (strstr(arrival, ".138")) - { -- snprintf(dest, CF_BUFSIZE - 1, "%s NETBIOS", src); -+ snprintf(dest, sizeof(dest) - 1, "%s NETBIOS", src); - } - else if (strstr(arrival, ".2049")) - { -- snprintf(dest, CF_BUFSIZE - 1, "%s NFS", src); -+ snprintf(dest, sizeof(dest) - 1, "%s NFS", src); - } - else - { -Index: cfengine-3.12.1/cf-runagent/cf-runagent.c -=================================================================== ---- cfengine-3.12.1.orig/cf-runagent/cf-runagent.c -+++ cfengine-3.12.1/cf-runagent/cf-runagent.c -@@ -796,15 +796,15 @@ static void HailExec(AgentConnection *co - static FILE *NewStream(char *name) - { - FILE *fp; -- char filename[CF_BUFSIZE]; -+ char filename[CF_BUFSIZE * 2]; - - if (OUTPUT_DIRECTORY[0] != '\0') - { -- snprintf(filename, CF_BUFSIZE, "%s/%s_runagent.out", OUTPUT_DIRECTORY, name); -+ snprintf(filename, sizeof(filename), "%s/%s_runagent.out", OUTPUT_DIRECTORY, name); - } - else - { -- snprintf(filename, CF_BUFSIZE, "%s%coutputs%c%s_runagent.out", -+ snprintf(filename, sizeof(filename), "%s%coutputs%c%s_runagent.out", - GetWorkDir(), FILE_SEPARATOR, FILE_SEPARATOR, name); - } - -Index: cfengine-3.12.1/cf-serverd/server_common.c -=================================================================== ---- cfengine-3.12.1.orig/cf-serverd/server_common.c -+++ cfengine-3.12.1/cf-serverd/server_common.c -@@ -370,8 +370,8 @@ static void AbortTransfer(ConnectionInfo - { - Log(LOG_LEVEL_VERBOSE, "Aborting transfer of file due to source changes"); - -- char sendbuffer[CF_BUFSIZE]; -- snprintf(sendbuffer, CF_BUFSIZE, "%s%s: %s", -+ char sendbuffer[CF_BUFSIZE*2]; -+ snprintf(sendbuffer, sizeof(sendbuffer), "%s%s: %s", - CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename); - - if (SendTransaction(connection, sendbuffer, 0, CF_DONE) == -1) -@@ -385,9 +385,9 @@ static void FailedTransfer(ConnectionInf - { - Log(LOG_LEVEL_VERBOSE, "Transfer failure"); - -- char sendbuffer[CF_BUFSIZE]; -+ char sendbuffer[CF_BUFSIZE*2]; - -- snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR); -+ snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR); - - if (SendTransaction(connection, sendbuffer, 0, CF_DONE) == -1) - { -@@ -419,7 +419,7 @@ void CfGetFile(ServerFileGetState *args) - { - Log(LOG_LEVEL_INFO, "REFUSE access to file: %s", filename); - RefuseAccess(args->conn, args->replyfile); -- snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR); -+ snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR); - if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC) - { - SendSocketStream(ConnectionInfoSocket(conn_info), sendbuffer, args->buf_size); -@@ -437,7 +437,7 @@ void CfGetFile(ServerFileGetState *args) - { - Log(LOG_LEVEL_ERR, "Open error of file '%s'. (open: %s)", - filename, GetErrorStr()); -- snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR); -+ snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR); - if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC) - { - SendSocketStream(ConnectionInfoSocket(conn_info), sendbuffer, args->buf_size); -@@ -458,7 +458,7 @@ void CfGetFile(ServerFileGetState *args) - - while (true) - { -- memset(sendbuffer, 0, CF_BUFSIZE); -+ memset(sendbuffer, 0, sizeof(sendbuffer)); - - Log(LOG_LEVEL_DEBUG, "Now reading from disk..."); - -@@ -490,7 +490,7 @@ void CfGetFile(ServerFileGetState *args) - - if (sb.st_size != savedlen) - { -- snprintf(sendbuffer, CF_BUFSIZE, "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename); -+ snprintf(sendbuffer, sizeof(sendbuffer), "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename); - - if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC) - { -@@ -606,7 +606,7 @@ void CfEncryptGetFile(ServerFileGetState - - while (true) - { -- memset(sendbuffer, 0, CF_BUFSIZE); -+ memset(sendbuffer, 0, sizeof(sendbuffer)); - - if ((n_read = read(fd, sendbuffer, blocksize)) == -1) - { -Index: cfengine-3.12.1/libcfnet/client_protocol.c -=================================================================== ---- cfengine-3.12.1.orig/libcfnet/client_protocol.c -+++ cfengine-3.12.1/libcfnet/client_protocol.c -@@ -63,7 +63,7 @@ void SetSkipIdentify(bool enabled) - - int IdentifyAgent(ConnectionInfo *conn_info) - { -- char uname[CF_BUFSIZE], sendbuff[CF_BUFSIZE]; -+ char uname[CF_MAXVARSIZE], sendbuff[CF_BUFSIZE]; - char dnsname[CF_MAXVARSIZE], localip[CF_MAX_IP_LEN]; - int ret; - -Index: cfengine-3.12.1/libenv/sysinfo.c -=================================================================== ---- cfengine-3.12.1.orig/libenv/sysinfo.c -+++ cfengine-3.12.1/libenv/sysinfo.c -@@ -443,7 +443,7 @@ static void GetNameInfo3(EvalContext *ct - }; - int have_component[COMPONENTS_SIZE]; - struct stat sb; -- char name[CF_MAXVARSIZE], quoteName[CF_MAXVARSIZE], shortname[CF_MAXVARSIZE]; -+ char name[CF_MAXVARSIZE], quoteName[CF_BUFSIZE], shortname[CF_MAXVARSIZE]; - - if (uname(&VSYSNAME) == -1) - { -@@ -2064,7 +2064,7 @@ static int Linux_Suse_Version(EvalContex - strncpy(classbuf, vendor, CF_MAXVARSIZE); - EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); - snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", major); -- SetFlavour(ctx, classbuf); -+ SetFlavor(ctx, classbuf); - if (minor != -1) - { - snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", minor); -@@ -2177,7 +2177,7 @@ static void LinuxDebianSanitizeIssue(cha - - static int Linux_Misc_Version(EvalContext *ctx) - { -- char flavor[CF_MAXVARSIZE]; -+ char flavor[CF_BUFSIZE]; - char version[CF_MAXVARSIZE]; - char os[CF_MAXVARSIZE]; - char buffer[CF_BUFSIZE]; -@@ -2218,7 +2218,7 @@ static int Linux_Misc_Version(EvalContex - - if (*os && *version) - { -- snprintf(flavor, CF_MAXVARSIZE, "%s_%s", os, version); -+ snprintf(flavor, CF_BUFSIZE, "%s_%s", os, version); - SetFlavor(ctx, flavor); - return 1; - } -@@ -2233,7 +2233,7 @@ static int Linux_Debian_Version(EvalCont - int major = -1; - int release = -1; - int result; -- char classname[CF_MAXVARSIZE], buffer[CF_MAXVARSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE]; -+ char classname[CF_BUFSIZE], buffer[CF_BUFSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE]; - - Log(LOG_LEVEL_VERBOSE, "This appears to be a debian system."); - EvalContextClassPutHard(ctx, "debian", "inventory,attribute_name=none,source=agent"); -@@ -2253,15 +2253,15 @@ static int Linux_Debian_Version(EvalCont - { - case 2: - Log(LOG_LEVEL_VERBOSE, "This appears to be a Debian %u.%u system.", major, release); -- snprintf(classname, CF_MAXVARSIZE, "debian_%u_%u", major, release); -+ snprintf(classname, CF_BUFSIZE, "debian_%u_%u", major, release); - EvalContextClassPutHard(ctx, classname, "inventory,attribute_name=none,source=agent"); -- snprintf(classname, CF_MAXVARSIZE, "debian_%u", major); -+ snprintf(classname, CF_BUFSIZE, "debian_%u", major); - SetFlavor(ctx, classname); - break; - - case 1: - Log(LOG_LEVEL_VERBOSE, "This appears to be a Debian %u system.", major); -- snprintf(classname, CF_MAXVARSIZE, "debian_%u", major); -+ snprintf(classname, CF_BUFSIZE, "debian_%u", major); - SetFlavor(ctx, classname); - break; - -@@ -2270,7 +2270,7 @@ static int Linux_Debian_Version(EvalCont - sscanf(buffer, "%25[^/]", version); - if (strlen(version) > 0) - { -- snprintf(classname, CF_MAXVARSIZE, "debian_%s", version); -+ snprintf(classname, CF_BUFSIZE, "debian_%s", version); - EvalContextClassPutHard(ctx, classname, "inventory,attribute_name=none,source=agent"); - } - break; -@@ -2288,7 +2288,7 @@ static int Linux_Debian_Version(EvalCont - { - LinuxDebianSanitizeIssue(buffer); - sscanf(buffer, "%*s %*s %[^./]", version); -- snprintf(buffer, CF_MAXVARSIZE, "debian_%s", version); -+ snprintf(buffer, CF_BUFSIZE, "debian_%s", version); - EvalContextClassPutHard(ctx, "debian", "inventory,attribute_name=none,source=agent"); - SetFlavor(ctx, buffer); - } -@@ -2296,12 +2296,12 @@ static int Linux_Debian_Version(EvalCont - { - LinuxDebianSanitizeIssue(buffer); - sscanf(buffer, "%*s %[^.].%d", version, &release); -- snprintf(buffer, CF_MAXVARSIZE, "ubuntu_%s", version); -+ snprintf(buffer, CF_BUFSIZE, "ubuntu_%s", version); - SetFlavor(ctx, buffer); - EvalContextClassPutHard(ctx, "ubuntu", "inventory,attribute_name=none,source=agent"); - if (release >= 0) - { -- snprintf(buffer, CF_MAXVARSIZE, "ubuntu_%s_%d", version, release); -+ snprintf(buffer, CF_BUFSIZE, "ubuntu_%s_%d", version, release); - EvalContextClassPutHard(ctx, buffer, "inventory,attribute_name=none,source=agent"); - } - } -@@ -2515,13 +2515,13 @@ static int EOS_Version(EvalContext *ctx) - { - if (strstr(buffer, "EOS")) - { -- char version[CF_MAXVARSIZE], class[CF_MAXVARSIZE]; -+ char version[CF_MAXVARSIZE], class[CF_BUFSIZE]; - EvalContextClassPutHard(ctx, "eos", "inventory,attribute_name=none,source=agent"); - EvalContextClassPutHard(ctx, "arista", "source=agent"); - version[0] = '\0'; - sscanf(buffer, "%*s %*s %*s %s", version); - CanonifyNameInPlace(version); -- snprintf(class, CF_MAXVARSIZE, "eos_%s", version); -+ snprintf(class, CF_BUFSIZE, "eos_%s", version); - EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent"); - } - } -@@ -2541,14 +2541,14 @@ static int MiscOS(EvalContext *ctx) - { - if (strstr(buffer, "BIG-IP")) - { -- char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_MAXVARSIZE]; -+ char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_BUFSIZE]; - EvalContextClassPutHard(ctx, "big_ip", "inventory,attribute_name=none,source=agent"); - sscanf(buffer, "%*s %s %*s %s", version, build); - CanonifyNameInPlace(version); - CanonifyNameInPlace(build); -- snprintf(class, CF_MAXVARSIZE, "big_ip_%s", version); -+ snprintf(class, CF_BUFSIZE, "big_ip_%s", version); - EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent"); -- snprintf(class, CF_MAXVARSIZE, "big_ip_%s_%s", version, build); -+ snprintf(class, CF_BUFSIZE, "big_ip_%s_%s", version, build); - EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent"); - SetFlavor(ctx, "BIG-IP"); - } -@@ -2561,7 +2561,8 @@ static int MiscOS(EvalContext *ctx) - - static int VM_Version(EvalContext *ctx) - { -- char *sp, buffer[CF_BUFSIZE], classbuf[CF_BUFSIZE], version[CF_BUFSIZE]; -+#define CF_CLASSBUFSIZE 2*CF_BUFSIZE -+ char *sp, buffer[CF_BUFSIZE], classbuf[CF_CLASSBUFSIZE], version[CF_BUFSIZE]; - int major, minor, bug; - int sufficient = 0; - -@@ -2573,17 +2574,17 @@ static int VM_Version(EvalContext *ctx) - { - if (sscanf(buffer, "VMware ESX Server %d.%d.%d", &major, &minor, &bug) > 0) - { -- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d", major); -+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d", major); - EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d.%d", major, minor); -+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d.%d", major, minor); - EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); -- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d.%d.%d", major, minor, bug); -+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d.%d.%d", major, minor, bug); - EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); - sufficient = 1; - } - else if (sscanf(buffer, "VMware ESX Server %s", version) > 0) - { -- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %s", version); -+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %s", version); - EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent"); - sufficient = 1; - } -Index: cfengine-3.12.1/libpromises/cf3globals.c -=================================================================== ---- cfengine-3.12.1.orig/libpromises/cf3globals.c -+++ cfengine-3.12.1/libpromises/cf3globals.c -@@ -55,7 +55,7 @@ long LASTSEENEXPIREAFTER = SECONDS_PER_W - bool DONTDO = false; /* GLOBAL_A */ - - /* NB! Check use before changing sizes */ --char VFQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */ -+char VFQNAME[CF_BUFSIZE] = ""; /* GLOBAL_E GLOBAL_P */ - char VUQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E */ - char VDOMAIN[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */ - -Index: cfengine-3.12.1/libpromises/cf3lex.l -=================================================================== ---- cfengine-3.12.1.orig/libpromises/cf3lex.l -+++ cfengine-3.12.1/libpromises/cf3lex.l -@@ -334,7 +334,7 @@ promise_type [a-zA-Z_]+: - { - yyerror("identifier too long"); - } -- strncpy(P.currentid, yytext, CF_MAXVARSIZE); -+ strncpy(P.currentid, yytext, CF_MAXVARSIZE-1); - return IDSYNTAX; - } - -@@ -347,7 +347,7 @@ promise_type [a-zA-Z_]+: - { - yyerror("qualified identifier too long"); - } -- strncpy(P.currentid, yytext, CF_MAXVARSIZE); -+ strncpy(P.currentid, yytext, CF_MAXVARSIZE-1); - return IDSYNTAX; - } - -@@ -441,7 +441,7 @@ promise_type [a-zA-Z_]+: - - tmp = xstrdup(yytext); - tmp[yyleng - 1] = '\0'; -- strncpy(P.currenttype, tmp, CF_MAXVARSIZE); -+ strncpy(P.currenttype, tmp, CF_MAXVARSIZE-1); - - if (P.currentclasses != NULL) - { -Index: cfengine-3.12.1/libpromises/cf3parse.y -=================================================================== ---- cfengine-3.12.1.orig/libpromises/cf3parse.y -+++ cfengine-3.12.1/libpromises/cf3parse.y -@@ -1134,7 +1134,7 @@ functionid: IDSYNTAX - | NAKEDVAR - { - ParserDebug("\tP:%s:%s:%s:%s function nakedvar = %s\n", P.block, P.blocktype, P.blockid, P.currentclasses ? P.currentclasses : "any", P.currentstring); -- strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE); // Make a var look like an ID -+ strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE-1); // Make a var look like an ID - free(P.currentstring); - P.currentstring = NULL; - } -Index: cfengine-3.12.1/libpromises/eval_context.c -=================================================================== ---- cfengine-3.12.1.orig/libpromises/eval_context.c -+++ cfengine-3.12.1/libpromises/eval_context.c -@@ -1569,7 +1569,7 @@ Class *EvalContextClassMatch(const EvalC - static bool EvalContextClassPut(EvalContext *ctx, const char *ns, const char *name, bool is_soft, ContextScope scope, const char *tags) - { - { -- char context_copy[CF_MAXVARSIZE]; -+ char context_copy[CF_BUFSIZE]; - char canonified_context[CF_MAXVARSIZE]; - - -@@ -1592,7 +1592,7 @@ static bool EvalContextClassPut(EvalCont - - if (ns && strcmp(ns, "default") != 0) - { -- snprintf(context_copy, CF_MAXVARSIZE, "%s:%s", ns, canonified_context); -+ snprintf(context_copy, CF_BUFSIZE, "%s:%s", ns, canonified_context); - } - else - { -Index: cfengine-3.12.1/libpromises/evalfunction.c -=================================================================== ---- cfengine-3.12.1.orig/libpromises/evalfunction.c -+++ cfengine-3.12.1/libpromises/evalfunction.c -@@ -496,7 +496,7 @@ static Rlist *GetHostsFromLastseenDB(Ite - Item *ip; - time_t now = time(NULL); - double entrytime; -- char address[CF_MAXVARSIZE]; -+ char address[CF_BUFSIZE]; - - for (ip = addresses; ip != NULL; ip = ip->next) - { -Index: cfengine-3.12.1/libpromises/expand.c -=================================================================== ---- cfengine-3.12.1.orig/libpromises/expand.c -+++ cfengine-3.12.1/libpromises/expand.c -@@ -870,7 +870,7 @@ static void ResolveControlBody(EvalConte - - EvalContextVariableRemoveSpecial(ctx, SPECIAL_SCOPE_SYS, "domain"); - EvalContextVariableRemoveSpecial(ctx, SPECIAL_SCOPE_SYS, "fqhost"); -- snprintf(VFQNAME, CF_MAXVARSIZE, "%s.%s", VUQNAME, VDOMAIN); -+ snprintf(VFQNAME, CF_BUFSIZE, "%s.%s", VUQNAME, VDOMAIN); - EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "fqhost", - VFQNAME, CF_DATA_TYPE_STRING, - "inventory,source=agent,attribute_name=Host name"); -Index: cfengine-3.12.1/libpromises/keyring.c -=================================================================== ---- cfengine-3.12.1.orig/libpromises/keyring.c -+++ cfengine-3.12.1/libpromises/keyring.c -@@ -83,9 +83,9 @@ int RemovePublicKey(const char *id) - - if (c && c[strlen(suffix)] == '\0') /* dirp->d_name ends with suffix */ - { -- char keyfilename[CF_BUFSIZE]; -+ char keyfilename[CF_BUFSIZE * 2]; - -- snprintf(keyfilename, CF_BUFSIZE, "%s/%s", keysdir, dirp->d_name); -+ snprintf(keyfilename, CF_BUFSIZE * 2, "%s/%s", keysdir, dirp->d_name); - MapName(keyfilename); - - if (unlink(keyfilename) < 0) -Index: cfengine-3.12.1/libpromises/syslog_client.c -=================================================================== ---- cfengine-3.12.1.orig/libpromises/syslog_client.c -+++ cfengine-3.12.1/libpromises/syslog_client.c -@@ -112,6 +112,7 @@ void RemoteSysLog(int log_priority, cons - char timebuffer[26]; - pid_t pid = getpid(); - -+ // rfc3164_len is WAY too small - snprintf( - message, - sizeof(message), -Index: cfengine-3.12.1/tests/unit/logging_test.c -=================================================================== ---- cfengine-3.12.1.orig/tests/unit/logging_test.c -+++ cfengine-3.12.1/tests/unit/logging_test.c -@@ -6,7 +6,7 @@ - #include - #include - --char VFQNAME[CF_MAXVARSIZE]; -+char VFQNAME[CF_BUFSIZE]; - char VPREFIX[CF_MAXVARSIZE]; - - static struct sockaddr *got_address; -Index: cfengine-3.12.1/tests/unit/set_domainname_test.c -=================================================================== ---- cfengine-3.12.1.orig/tests/unit/set_domainname_test.c -+++ cfengine-3.12.1/tests/unit/set_domainname_test.c -@@ -9,7 +9,7 @@ - - /* Global variables we care about */ - --char VFQNAME[CF_MAXVARSIZE]; -+char VFQNAME[CF_BUFSIZE]; - char VUQNAME[CF_MAXVARSIZE]; - char VDOMAIN[CF_MAXVARSIZE]; - diff --git a/0004-make-home-dir-for-tests.patch b/0004-make-home-dir-for-tests.patch deleted file mode 100644 index af013b0..0000000 --- a/0004-make-home-dir-for-tests.patch +++ /dev/null @@ -1,27 +0,0 @@ -From b5e4b0ca4384400cc8822ac06cdacbb97bc3c6e3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= -Date: Tue, 3 Jul 2018 09:38:39 +0200 -Subject: [PATCH 4/4] make home dir for tests - -Author: Adam Majer -Upstream: https://tracker.mender.io/browse/CFE-2549 -BNC#1016848 -Summary: this tests requires home directory, otherwise spams logfile ---- - tests/load/run_lastseen_threaded_load.sh | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/tests/load/run_lastseen_threaded_load.sh b/tests/load/run_lastseen_threaded_load.sh -index 7dc5bcae7c25..60ea99af0c55 100755 ---- a/tests/load/run_lastseen_threaded_load.sh -+++ b/tests/load/run_lastseen_threaded_load.sh -@@ -6,4 +6,6 @@ then - exit 0; - fi - -+text -x ~/.cfagent/state || mkdir -p ~/.cfagent/state -+ - ./lastseen_threaded_load -c 1 4 1 1 --- -2.17.1 - diff --git a/cf3-Reference.pdf b/cf3-Reference.pdf deleted file mode 100644 index e450ae1..0000000 --- a/cf3-Reference.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fd7df0011fd6285788a5fcebe6ec1a78136b9454ed276c5eb3c6f6199b826d58 -size 8162816 diff --git a/cf3-conceptguide.pdf b/cf3-conceptguide.pdf deleted file mode 100644 index 34b22b5..0000000 --- a/cf3-conceptguide.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:db9eaaa9557fb2b8f61d501a548a3de3dd80334798c9037fb094889906690500 -size 981075 diff --git a/cf3-glossary.pdf b/cf3-glossary.pdf deleted file mode 100644 index de9212c..0000000 --- a/cf3-glossary.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dcbb2eabf797e84ae77cc7bf25698084691c2a9f4702ac3ad6cc21eb8012fed2 -size 157132 diff --git a/cf3-quickstart.pdf b/cf3-quickstart.pdf deleted file mode 100644 index dddb037..0000000 --- a/cf3-quickstart.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bb8774b41abdc19eb403b5c63ebb18f79cad25662de76740af29cf2cd4e33c08 -size 420062 diff --git a/cf3-solutions.pdf b/cf3-solutions.pdf deleted file mode 100644 index 5349960..0000000 --- a/cf3-solutions.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bf70b99c4bf6f36a45ee8359dcad6d50e5b931aae915c47035ed826e9587319b -size 2355867 diff --git a/cf3-tutorial.pdf b/cf3-tutorial.pdf deleted file mode 100644 index deee58c..0000000 --- a/cf3-tutorial.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9456f84e31dfa425bccfce5848eaf63221189079369c569f53f63eee16626f26 -size 1201485 diff --git a/cfengine-3.12.1.tar.gz b/cfengine-3.12.1.tar.gz deleted file mode 100644 index 1d60be1..0000000 --- a/cfengine-3.12.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:20bd406bbf79b0939e4232a9ff385443d7d286f36f8c9a8e54e18b7ad0797829 -size 2487248 diff --git a/cfengine-3.16.0.tar.gz b/cfengine-3.16.0.tar.gz new file mode 100644 index 0000000..79c5412 --- /dev/null +++ b/cfengine-3.16.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f4256e6e1ca04776a9fd48f1388a30edfa8d11fdcf870ba62ce5b0ad62a87372 +size 3137694 diff --git a/cfengine.changes b/cfengine.changes index b6e7f84..8b8e40f 100644 --- a/cfengine.changes +++ b/cfengine.changes @@ -1,3 +1,270 @@ +------------------------------------------------------------------- +Wed Sep 23 08:34:55 UTC 2020 - Klaus Kämpf + +- drop cfengine-doc subpackage in favor of cfengine-documentation + +------------------------------------------------------------------- +Tue Sep 22 07:52:50 UTC 2020 - Klaus Kämpf + +- update to 3.16.0 + - Added 'cf-secret' binary for host-specific encryption (CFE-2613) + - 'cf-check diagnose --test-write' can now be used to test writing + into LMDB files (ENT-4484) + - 'if' constraint now works in combination with class contexts + (CFE-2615) + - Added $(sys.cf_version_release) variable (ENT-5348) + - Added new macros to parser: else, maximum_version, between_versions, + before_version, at_version and after_version. Version macros now + accept single digits (CFE-3198) + - Added cf-postgres requirement to cf-apache and cf-hub systemd units + (ENT-5125) + - Added files promise content attribute (CFE-3276) + - Added string_trim() policy function (CFE-3074) + - Added warning if CSV parser parses nothing from non-empty file + (CFE-3256) + - All changes made by 'files' promises are now reported. Also, + directory and file creations are now properly reported as 'info' + messages. And failures in edit_xml result in promises marked as + failed not interrupted. Purged dirs and files are reported as + repaired (ENT-5291, CFE-3260) + - Bootstrap to loopback interface is now allowed, with a warning + (CFE-3304) + - Client initiated reporting was fixed on RHEL 8.1 (ENT-5415) + - Fixed rare crashing bug when parsing zombie entries in ps output. + The problem was only ever observed on AIX, but could theoretically happen + on any platform depending on exact libc behavior. (ENT-5329) + - Fixed an issue causing duplicate entries in sys.interfaces, and + sys.hardware. (CFE-3046) + - Fixed ifelse() to return fallback in case of unresolved variables + (ENT-4653) + - Fixed locking of promises using log_repaired / log_string with + timestamps (CFE-3376) + - Fixed memory leak in handling of inline JSON in policy evaluation + - Fixed memory leak in readlist functions (CFE-3263) + - Fixed race condition when multiple agents are acquiring critical + section locks simultaneously (CFE-3361) + - Fixed selection of standard_services when used from non-default + namespace (ENT-5406) + - Fixed service status cfengine3 on systemd managed hosts + (ENT-5528) + - Fixed some memory leaks and crashes in policy evaluation (CFE-3263) + - Improved error message for invalid body attribute names (CFE-3273) + - Improved management of secondary groups to avoid intermediary state + failures (ENT-3710) + - LMDB files are now created with correct permissions (ENT-5986) + - Log messages about broken Mustache templates are now errors + (CFE-3263) + - Made classfiltercsv() fail properly on invalid class expression index + - Measurements promises with no match no longer produce errors + (ENT-5171) + - Moved error reading file in countlinesmatching() from verbose to + error (CFE-3234) + - Added new data validation policy functions validdata() and validjson() + (CFE-2898) + - New version checking convenience policy functions (CFE-3197) + Added the following policy functions to check against local CFEngine version: + - cf_version_maximum() + - cf_version_minimum() + - cf_version_after() + - cf_version_before() + - cf_version_at() + - cf_version_between() + - Removed (USE AT YOUR OWN RISK) from cf-key help menu for -x (ENT-5090) + - Rewrote helloworld.cf to use files promises content attribute (CFE-3276) + - The outcome classes are now defined for the top-level directory when + 'include_basedir' is 'false' (ENT-5291) + - Variable references with nested parentheses no longer cause errors + (CFE-3242) + - cf-check: Added a more user friendly message when trying to print + unknown binary data (ENT-5234) + - cf-check: Added data validation for cf_lastseen.lmdb (CFE-2988) + - cf-check: Added nice printing for nova_agent_executions.lmdb + (ENT-5234) + - cf-check: Added validation for timestamps in cf_lock.lmdb (CFE-2988) + - cf-check: Added validation for timestamps in lastseen.lmdb (CFE-2988) + - cf-check: Fixed issue causing repair to target the wrong database file + (ENT-5309) + - cf-check: Symlinked LMDB databases are now preserved in repair + Performs diagnosis and repair on symlink target instead of symlink. + Repaired files / copies are placed alongside symlink target. + In some cases, the symlink target is deleted to repair a corrupt + database, and the symlink is left as a broken symlink. This is + handled gracefully by the agent, it will be recreated. + Broken symlinks are now detected as an acceptable condition in diagnose, + it won't try to repair them or delete them. (ENT-5162) + - storage promises managing nfs mounts should now correctly mount + after editing fstab entries + +- drop 0001-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch, + 0002-Reduce-string-truncation-warnings.patch, + 0003-make-home-dir-for-tests.patch - all upstream + +------------------------------------------------------------------- +Tue Jul 28 14:28:49 UTC 2020 - Thorsten Kukuk + +- Fix version format for suse_version (SuSEfirewall2 check) + +------------------------------------------------------------------- +Fri Jun 12 14:34:51 UTC 2020 - Klaus Kämpf + +- update to 3.15.0 + - New policy function basename() added (CFE-3196) + - Added read_module_protocol() policy function + This function reads module protocol from a file, and can be used + for caching the results of commands modules. (CFE-2973) + - The @ character is now allowed in the key of classic arrays defined + by the module protocol (CFE-3099) + - nth() policy function now supports negative indices (CFE-3194) + - Fixed .xy floating point numbers parsing in eval() (CFE-2762) + - Added inform constraint to commands promises, to allow suppression of + INFO log messages (CFE-2973) + - Changed unless constraint to be more consistent with if + For any situation where if would NOT skip a promise, unless + will cause the promise to be skipped. When there are + unresolved variables / function calls, if will skip, unless + will NOT skip. (CFE-3160) + - Default minimum allowed TLS version is now 1.1 (ENT-4616) + - Network protocol version 2 is now called "tls" + "tls" or "2" can be used in places where you specify network + protocol. Log messages were altered, to show "tls" instead of + "latest". (ENT-4406) + - Introduced protocol version 3 - "cookie" + This protocol is identical to version 2 ("tls"), + except it allows the enterprise reporting hub to send + the COOKIE command to enterprise hosts. This command is used for + detecting hosts using duplicate identities. Protocol version "latest" + now points to version 3. For community installations, it should not + make a difference, policy servers will not send this command. The only + visible difference is the new version number (in logs and policy). + (ENT-4406) + - Package modules now hit network when package cache is first initialized + (CFE-3094) + - Fixed promise skipping bug in unless (CFE-2689) + - Fixed error message for unexpanded variables in function calls in unless + (CFE-2689) + - Prevented buffer overflow when policy variable names are longer than + 1024 bytes + - Zero bytes in class guards no longer cause crashes (CFE-3028) + - Fixed bug in ps parsing on OpenBSD / NetBSD causing bootstrap to fail + - Fixed crash in policy/JSON parsing of numbers with too many decimal + points (CFE-3138) + - copy_from without preserve now respects destination mode (ENT-4016) + - Removed stime_range and ttime_range constraints from promise hash + (ENT-4921) + - Fixed promise result when using process_stop in processes type promises + (ENT-4988) + - cf-execd now sends SIGKILL to the agent process in case of + agent_expireafter, after attempting SIGINT and SIGTERM (CFE-2664) + - cf-serverd now tries to accept connection multiple times (CFE-3066) + - Fixed multiple measurements tracking growth of same file (ENT-4814) + - Set create permissions of monitord files in state directory to 0600 + 0600 matches the permissions enforced by policy. + Affected files: + * state/cf_incoming.* + * state/cf_outgoing.* + * state/cf_users + * state/env_data + (ENT-4863) + - Clarified descriptions of io_writtendata and io_readdata (ENT-5127) + - Clarified log message about process_count and restart_class being used + concurrently (CFE-208) + - Agent runs that hit abortclasses now record results (ENT-2471) + - An ID of rhel in os-release file will now define both rhel and redhat + classes (CFE-3140) + - Version specific distro classes are now collected by default in + Enterprise (ENT-4752) + - redhat_8 and redhat_8_0 are now defined on RHEL 8 (CFE-3140) + - Added derived-from-file tag to hard classes based on /etc/redhat-release + (CFE-3140) + - Added sys.bootstrap_id policy variable containing the ID from + /var/cfengine/bootstrap_id.dat, if present (CFE-2977) + - sys.interfaces now contains interfaces even when they only have + IPv6 addresses (ENT-4858) + - IPv6-only interfaces added to sys.hardware_(addresses,mac) (CFE-3164) + - IPv6 addresses are now added to policy variable sys.ip_addresses + (CFE-682) + - IPv6 addresses now respect ignored_interfaces.rx (CFE-3156) + - hostname now allowed in bindtoaddress (CFE-3190) + - Fixed issue when removing comments from files in various policy functions + This also fixes many erroneous occurences of the error message + mentioning: + + [...] because it legally matches nothing + + (A warning can still appear if a comment regex actually matches nothing). + Also made this comment removing logic faster. + Affected functions include: + * readstringlist() + * readintlist() + * readreallist() + * peers() + * peerleader() + * peerleaders() + * data_readstringarray() + * data_readstringarrayidx() + * data_expand() + * readstringarray() + * readstringarrayidx() + * readintarray() + * readrealarray() + * parsestringarray() + * parsestringarrayidx() + * parseintarray() + * parserealarray() + (CFE-3188, ENT-5019) + - Fixed memory leak in JSON / env file parsing (CFE-3210) + - Fixed memory leak in handling of nfs / fstab (CFE-3210) + - Fixed memory leak in string_replace() and regex_replace() (CFE-3210) + - Fixed memory leak when using with constraint (CFE-3210) + - Fixed minor memory leak in policy evaluation (CFE-3210) + - Fixed small memory leak in SQL database promises (CFE-3210) + - Received SIGBUS now triggers a repair of local DBs (CFE-3127) + - Corrupted LMDB files are now automatically repaired (CFE-3127) + - Keys in the lock database, cf_lock.lmdb, are now human-readable + (CFE-2596) + - Local databases now use synchronous access on AIX and Solaris (ENT-4002) + - Report corrupted local database with a critical log message (CFE-2469) + - Local DB errors are now logged with the particular DB file path (CFE-2469) + - cf-check: repair now preserves readable data in corrupted LMDB files + (CFE-3127) + - cf-check: --dump option was added to the backup command + - cf-check: Added --no-fork to diagnose command (CFE-3145) + - cf-check: Added -M manpage option and other common options (CFE-3082) + - cf-check: No DB files in state dir now causes errors + - cf-check: dump command now dumps DB contents to JSON5 (CFE-3126) + - cf-check: help command can now take a topic as argument + +------------------------------------------------------------------- +Fri Feb 7 17:51:06 UTC 2020 - Stefan Brüns + +- Drop fakeroot build dependency, unused. +- Drop python build dependency, determine-version.py is not used. +- Always build with systemd, distribution versions without + systemd are no longer supported by CFEngine. +- Drop RHEL5/SLE11 only remove-am_subst_notmake.patch +- Cleanup spec file, remove obsolete conditionals. +- Make doc and examples packages noarch. + +- rename 0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch + to 0001-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch + 0003-Reduce-string-truncation-warnings.patch + to 0002-Reduce-string-truncation-warnings.patch + 0004-make-home-dir-for-tests.patch + to 0003-make-home-dir-for-tests.patch +- remove 0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch + +------------------------------------------------------------------- +Mon Feb 3 12:08:28 UTC 2020 - Dominique Leuenberger + +- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to + shortcut through the -mini flavors. + +------------------------------------------------------------------- +Mon Dec 16 13:25:37 UTC 2019 - Klaus Kämpf + +- Update to 3.14.0.2 (upstream 3.14.0-2) + see https://github.com/cfengine/core/blob/3.14.0-2/ChangeLog + ------------------------------------------------------------------- Tue Jul 23 11:23:47 UTC 2019 - matthias.gerstner@suse.com diff --git a/cfengine.spec b/cfengine.spec index 1082533..60f2358 100644 --- a/cfengine.spec +++ b/cfengine.spec @@ -1,7 +1,7 @@ # # spec file for package cfengine # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -22,30 +22,29 @@ # reported upstream as https://cfengine.com/dev/issues/1896 %define basedir %{_localstatedir}/%{name} %define workdir %{basedir} -%if 0%{?suse_version} >= 1210 -%define have_systemd 1 -%else -%define have_systemd 0 -%endif -%if 0%{?suse_version} <= 150100 +# This is the place where workdir should be +#define basedir /var/lib/%%{name} +#define workdir %%{basedir}/work + +%if 0%{?suse_version} < 1500 +# assume SuSEfirewall2 %define with_sfw2 1 %else +# assume firewalld %define with_sfw2 0 %endif # pass --with-bla to enable the build %bcond_with mysql %bcond_with postgresql %bcond_with libvirt + Name: cfengine -Version: 3.12.1 +Version: 3.16.0 Release: 0 -# This is the place where workdir should be -#define basedir /var/lib/%%{name} -#define workdir %%{basedir}/work Summary: Configuration management framework License: GPL-3.0-only Group: Productivity/Networking/System -Url: http://www.cfengine.org/ +URL: http://www.cfengine.org/ Source: https://cfengine-package-repos.s3.amazonaws.com/tarballs/cfengine-%{version}.tar.gz Source1: %{name}.SuSEfirewall2 Source2: cf-execd.service @@ -56,33 +55,11 @@ Source6: cf-execd Source7: cf-serverd Source10: %{name}.cron Source11: %{name}-rpmlintrc -# docs -Source101: http://www.cfengine.org/manuals/cf3-Reference.pdf -Source102: http://www.cfengine.org/manuals/cf3-conceptguide.pdf -Source103: http://www.cfengine.org/manuals/cf3-glossary.pdf -Source104: http://www.cfengine.org/manuals/cf3-quickstart.pdf -Source105: http://www.cfengine.org/manuals/cf3-solutions.pdf -Source106: http://www.cfengine.org/manuals/cf3-tutorial.pdf -Source107: http://www.verticalsysadmin.com/cfengine/primer.pdf -# PATCH-FIX-SUSE -# set cfengine's notion of bindir to /usr/bin instead of /var/cfengine/bin -# kkaempf@suse.de -Patch1: 0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch -# PATCH-FIX-UPSTREAM add 'suse' class for consistency with other vendor classes -# PATCH-FEATURE-UPSTREAM better /etc/SuSE-release parsing, upstream #5423 -# kkaempf@suse.de -Patch2: 0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch -# PATCH-FIX-SUSE reduce "string truncated" (in strncpy) warnings -Patch3: 0003-Reduce-string-truncation-warnings.patch -# PATCH-FIX-SUSE BNC#1016848, adam.majer -Patch10: 0004-make-home-dir-for-tests.patch -# SLE 11 or RHEL5 autoconf does not support AM_SUBST_NOTMAKE, kkaempf@suse.de -Patch99: remove-am_subst_notmake.patch +Recommends: %{name}-documentation BuildRequires: bison BuildRequires: db-devel -BuildRequires: fakeroot BuildRequires: flex BuildRequires: libacl-devel BuildRequires: libtool @@ -91,13 +68,14 @@ BuildRequires: lmdb-devel >= 0.9.17 BuildRequires: openssl-devel >= 1.0.2e BuildRequires: pam-devel BuildRequires: pcre-devel >= 8.38 -BuildRequires: python # for flock BuildRequires: util-linux # for llzma BuildRequires: xz-devel Requires: %{libsoname} = %{version} -BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if !%{with_sfw2} +BuildRequires: firewall-macros +%endif %if %{with mysql} BuildRequires: mysql-devel %endif @@ -107,23 +85,9 @@ BuildRequires: libvirt-devel %if %{with postgresql} BuildRequires: postgresql-devel %endif -%if %{have_systemd} -BuildRequires: systemd +BuildRequires: pkgconfig(systemd) %{?systemd_requires} -%else -# Without systemd we require cron -Requires: cron -%if 0%{?suse_version} -Requires(post): %insserv_prereq %fillup_prereq -%endif -%endif -# FHS was a hit with sle11 so it dies out otherwise -%if 0%{?suse_version} <= 1110 -BuildRequires: -post-build-checks -%endif -%if 0%{?suse_version} > 1020 BuildRequires: fdupes -%endif %if 0%{?fedora_version} == 20 BuildRequires: perl-Exporter %endif @@ -157,29 +121,16 @@ A character set detection library. This package contains the files needed to compile programs that use the libpromises library. -%package doc -Summary: Documentation for CFEngine, a config management framework -Group: Documentation/Other - -%description doc -Documentation for cfengine. - %package examples Summary: CFEngine example promises Group: Documentation/Other +BuildArch: noarch %description examples Lots of example promises for CFEngine. %prep %setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%if 0%{?suse_version} <= 1110 -%patch99 -p1 -%endif -%patch10 -p1 ##### rpmlint #### wrong-file-end-of-line-encoding @@ -187,12 +138,7 @@ Lots of example promises for CFEngine. ### http://www.fsf.org/about/contact/ find ./examples -type f -name "*.cf" -exec perl -p -i -e 's|\r\n|\n|,s|^# Foundation.*|# Foundation, 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA|' {} \; -### install extra docs -install -d docs -cp -a $RPM_SOURCE_DIR/*pdf docs/ - %build -echo %{version} > CFVERSION EXPLICIT_VERSION=%{version} autoreconf -fvi -I m4 CC=cc CFLAGS="%{optflags} -fno-strict-aliasing" \ %configure \ @@ -243,35 +189,15 @@ install -d %{buildroot}/{%{_bindir},%{_sbindir},%{workdir}/{bin,inputs,reports}} # create dirs needed for better organizing dirs and files install -d %{buildroot}/%{basedir}/{backup,failsafe,config,plugins} -%if %{have_systemd} # systemd: install sample cron file in docdir cp %{SOURCE10} %{buildroot}/%{_docdir}/%{name} -%else -# no systemd -> use cron -# install cron file -install -D -m0644 %{SOURCE10} %{buildroot}/%{_sysconfdir}/cron.d/%{name} -%endif -%if %{have_systemd} # install systemd scripts install -d %{buildroot}%{_unitdir} install -m 0644 %{SOURCE2} %{SOURCE3} %{SOURCE4} %{buildroot}/%{_unitdir} ln -s -f service %{buildroot}/%{_sbindir}/rccf-monitord ln -s -f service %{buildroot}/%{_sbindir}/rccf-execd ln -s -f service %{buildroot}/%{_sbindir}/rccf-serverd -%else -# install init scripts -install -d %{buildroot}%{_initddir} -install -m 0755 %{SOURCE5} %{SOURCE6} %{SOURCE7} %{buildroot}%{_initddir}/ -ln -s -f ../..%{_initddir}/cf-monitord %{buildroot}/%{_sbindir}/rccf-monitord -ln -s -f ../..%{_initddir}/cf-execd %{buildroot}/%{_sbindir}/rccf-execd -ln -s -f ../..%{_initddir}/cf-serverd %{buildroot}/%{_sbindir}/rccf-serverd -# sed @workdir@ in initscripts/cron.d -sed -i\ - -e "s,@workdir@,%{workdir},g"\ - -e "s,@basedir@,%{basedir},g" \ - %{buildroot}%{_initddir}/cf-* %{buildroot}%{_sysconfdir}/cron.d/%{name} -%endif # create symlinks for bin_PROGRAMS # because: cf-promises needs to be installed in /var/cfengine/work/bin for pre-validation of full configuration @@ -299,50 +225,33 @@ install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2. %endif # Ckeabyo dyoes -%if 0%{?suse_version} > 1020 %fdupes %{buildroot}%{_datadir}/cfengine -%endif %pre -%if %{have_systemd} -%service_add_pre cf-execd.service cf-monitord.service cf-serverd.service -%endif +%service_add_pre cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service %post -%if %{have_systemd} -%service_add_post cf-execd.service cf-monitord.service cf-serverd.service -%else -for i in execd monitord serverd; do - %fillup_and_insserv cf-${i} -done -%endif +%service_add_post cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service if [ $1 -lt 2 ]; then # first install, generate key pair cf-key fi +%if !%{with_sfw2} +%firewalld_reload +%endif %preun -%if %{have_systemd} -%service_del_preun cf-execd.service cf-monitord.service cf-serverd.service -%else -for i in execd monitord serverd; do - %stop_on_removal cf-${i} -done -%endif +%service_del_preun cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service %postun -%if %{have_systemd} -%service_del_postun cf-execd.service cf-monitord.service cf-serverd.service -%else -%insserv_cleanup -for i in execd monitord serverd; do - %restart_on_update cf-${i} -done -%endif +%service_del_postun cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service if [ $1 -eq 0 ]; then # clean up inputs cache dir on removal rm -rf %{basedir}/inputs/* fi +%if !%{with_sfw2} +%firewalld_reload +%endif %post -n %{libsoname} -p /sbin/ldconfig @@ -359,32 +268,28 @@ fi %{_bindir}/cf-net %{_bindir}/cf-monitord %{_bindir}/cf-promises +%{_bindir}/cf-secret %{_bindir}/cf-serverd %{_bindir}/cf-upgrade %{_bindir}/cf-runagent %{_bindir}/rpmvercmp -%if %{have_systemd} %{_unitdir}/cf-execd.service %{_unitdir}/cf-monitord.service %{_unitdir}/cf-serverd.service -%else -%config %attr(0755,root,root) %{_initddir}/* -%endif %{_sbindir}/rccf-execd %{_sbindir}/rccf-monitord %{_sbindir}/rccf-serverd +%{_unitdir}/*.service %if %{with_sfw2} +%config %dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d +%config %dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/cfengine %endif %{_mandir}/man8/* %dir %{basedir} %dir %{workdir} %{workdir}/* -%if %{have_systemd} %{_docdir}/%{name}/cfengine.cron -%else -%config(noreplace) %{_sysconfdir}/cron.d/%{name} -%endif %files -n %{libsoname} %defattr(-,root,root) @@ -395,10 +300,6 @@ fi %defattr(-,root,root) %{_libdir}/%{name}/%{libname}.so -%files doc -%defattr(-,root,root) -%doc docs/*.pdf - %files examples %defattr(-,root,root) %doc examples/*cf diff --git a/primer.pdf b/primer.pdf deleted file mode 100644 index e026b4d..0000000 --- a/primer.pdf +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cf1a0385d355136810cd278ab70033c7402fc31437c763305c1836f7690813ad -size 23415 diff --git a/remove-am_subst_notmake.patch b/remove-am_subst_notmake.patch deleted file mode 100644 index 8890a61..0000000 --- a/remove-am_subst_notmake.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs ../orig-core-3.6.3rc-build1/configure.ac ./configure.ac ---- ../orig-core-3.6.3rc-build1/configure.ac 2014-11-27 20:17:34.000000000 +0100 -+++ ./configure.ac 2014-11-28 10:21:03.077231135 +0100 -@@ -1328,7 +1328,6 @@ - # Populate contents of config.post.h - # - AC_SUBST(post_macros) --AM_SUBST_NOTMAKE(post_macros) - - dnl ###################################################################### - dnl Summarize