diff --git a/cf-execd.service b/cf-execd.service new file mode 100644 index 0000000..9c77067 --- /dev/null +++ b/cf-execd.service @@ -0,0 +1,9 @@ +[Unit] +Description=CFEngine Execution Daemon +After=syslog.target + +[Service] +ExecStart=/usr/sbin/cf-execd + +[Install] +WantedBy=multi-user.target diff --git a/cf-monitord.service b/cf-monitord.service new file mode 100644 index 0000000..5d2670c --- /dev/null +++ b/cf-monitord.service @@ -0,0 +1,9 @@ +[Unit] +Description=CFEngine Monitoring Daemon +After=syslog.target + +[Service] +ExecStart=/usr/sbin/cf-monitord + +[Install] +WantedBy=multi-user.target diff --git a/cf-serverd.service b/cf-serverd.service new file mode 100644 index 0000000..c112715 --- /dev/null +++ b/cf-serverd.service @@ -0,0 +1,9 @@ +[Unit] +Description=CFEngine Server Daemon +After=syslog.target + +[Service] +ExecStart=/usr/sbin/cf-serverd + +[Install] +WantedBy=multi-user.target diff --git a/cf3-Reference.pdf b/cf3-Reference.pdf index dc3e855..e450ae1 100644 --- a/cf3-Reference.pdf +++ b/cf3-Reference.pdf @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a523780fff9f66811e29f10a9642d0653cd6c09ca55558717bd3e02470cfea2e -size 7522390 +oid sha256:fd7df0011fd6285788a5fcebe6ec1a78136b9454ed276c5eb3c6f6199b826d58 +size 8162816 diff --git a/cf3-conceptguide.pdf b/cf3-conceptguide.pdf new file mode 100644 index 0000000..34b22b5 --- /dev/null +++ b/cf3-conceptguide.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:db9eaaa9557fb2b8f61d501a548a3de3dd80334798c9037fb094889906690500 +size 981075 diff --git a/cf3-glossary.pdf b/cf3-glossary.pdf new file mode 100644 index 0000000..de9212c --- /dev/null +++ b/cf3-glossary.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:dcbb2eabf797e84ae77cc7bf25698084691c2a9f4702ac3ad6cc21eb8012fed2 +size 157132 diff --git a/cf3-quickstart.pdf b/cf3-quickstart.pdf new file mode 100644 index 0000000..dddb037 --- /dev/null +++ b/cf3-quickstart.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bb8774b41abdc19eb403b5c63ebb18f79cad25662de76740af29cf2cd4e33c08 +size 420062 diff --git a/cf3-solutions.pdf b/cf3-solutions.pdf new file mode 100644 index 0000000..5349960 --- /dev/null +++ b/cf3-solutions.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bf70b99c4bf6f36a45ee8359dcad6d50e5b931aae915c47035ed826e9587319b +size 2355867 diff --git a/cf3-tutorial.pdf b/cf3-tutorial.pdf new file mode 100644 index 0000000..deee58c --- /dev/null +++ b/cf3-tutorial.pdf @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9456f84e31dfa425bccfce5848eaf63221189079369c569f53f63eee16626f26 +size 1201485 diff --git a/cfengine-3.2.4.tar.gz b/cfengine-3.2.4.tar.gz deleted file mode 100644 index feea3f1..0000000 --- a/cfengine-3.2.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:261cd300c0a8e22dfdb215da81633d80f3c4579e659f186f0da3d09fd2e4f272 -size 1134299 diff --git a/cfengine-3.4.0.patch b/cfengine-3.4.0.patch new file mode 100644 index 0000000..948b244 --- /dev/null +++ b/cfengine-3.4.0.patch @@ -0,0 +1,24 @@ +diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs -x Makefile -x Makefile.in ../orig-cfengine-3.4.0/src/files_select.c ./src/files_select.c +--- ../orig-cfengine-3.4.0/src/files_select.c 2012-11-26 12:13:20.000000000 +0100 ++++ ./src/files_select.c 2012-11-29 09:15:53.859129139 +0100 +@@ -285,7 +285,7 @@ + + #ifndef MINGW // no uids on Windows + char buffer[CF_SMALLBUF]; +- snprintf(buffer, CF_BUFSIZE, "%jd", (uintmax_t) lstatptr->st_uid); ++ snprintf(buffer, CF_SMALLBUF, "%jd", (uintmax_t) lstatptr->st_uid); + PrependAlphaList(&leafattrib, buffer); + #endif /* MINGW */ + +diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs -x Makefile -x Makefile.in ../orig-cfengine-3.4.0/src/server.c ./src/server.c +--- ../orig-cfengine-3.4.0/src/server.c 2012-11-26 12:13:20.000000000 +0100 ++++ ./src/server.c 2012-11-29 08:49:31.871817185 +0100 +@@ -2367,7 +2367,7 @@ + + if (strlen(ReadLastNode(filename)) > CF_MAXLINKSIZE) + { +- snprintf(sendbuffer, CF_BUFSIZE * 2, "BAD: Filename suspiciously long [%s]\n", filename); ++ snprintf(sendbuffer, CF_BUFSIZE, "BAD: Filename suspiciously long [%s]\n", filename); + CfOut(cf_error, "", "%s", sendbuffer); + SendTransaction(conn->sd_reply, sendbuffer, 0, CF_DONE); + return -1; diff --git a/cfengine-3.4.0.tar.bz2 b/cfengine-3.4.0.tar.bz2 new file mode 100644 index 0000000..b5db3ed --- /dev/null +++ b/cfengine-3.4.0.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:75c113b37988529634237b3bc349aa69dfcb3c69ed92f649a0e6f2e97d72b025 +size 4263916 diff --git a/cfengine.changes b/cfengine.changes index 6d9881f..89adad9 100644 --- a/cfengine.changes +++ b/cfengine.changes @@ -1,3 +1,68 @@ +------------------------------------------------------------------- +Thu Nov 29 07:48:20 UTC 2012 - kkaempf@suse.com + +- update to 3.4.0 final + +------------------------------------------------------------------- +Sun Oct 21 10:07:18 UTC 2012 - kkaempf@suse.com + +- fix systemd check (use systemd for openSUSE 12.1 too) + +------------------------------------------------------------------- +Mon Oct 8 14:31:23 UTC 2012 - kkaempf@suse.com + +- workaround for potential buffer overflow + +------------------------------------------------------------------- +Thu Oct 4 08:48:10 UTC 2012 - kkaempf@suse.com + +- honor filesystem hierachy standard (FHS): + - build with --enable-fhs + +- honor documentation + - install in /var/cfengine + +- support systemd where applicable + +- update to 3.0.4b2 + New features: + - XML editing capabilities. See the documentation for edit_xml + body. Note the new dependency: libxml2. + - Implement inheritance of local classes by bundles called using + "usebundle". By default classes are not inherited. See the + examples/unit_inherit.cf for an example. + - Moved from Nova/Enterprise: + - POSIX ACL support, + - "outputs" promise type, + - remote syslog support. + - packages_default_arch_command hook in packages promises, to + specify default architecture of the packages on the system. + - packages_version_less_command / packages_version_equal_command hooks + in packages promises, to specify external command for native package + manager versions comparison + - Running in Solaris zone is now detected and classes "zone" and + "zone_" are created in this case. + - VirtualBox support added to guest_environment promises. + - guest_environment promises are supported under OS X. + - The "depends_on" attribute is now active, for the partal ordering + of promises. If a promise depends on another (referred by handle) + it will only be considered if the depends_on list is either kept + or repaired already. + + ** WARNING: When upgrading, make sure that any existing use + of depends_on does not make some promises being + unintentionally ignored. + This can happen if you are currently refering to non-existant or + never-run handles in depends_on attributes. + - methods return values, initial implementation + - New format for cf-key -s, includes timestamp of last connection + + Changed functionality: + - cf-execd -F switch no longer implies 'run once'. New -O/--once + option is added to achieve this behaviour. This makes cf-execd + easier to run from systemd, launchd and other supervision + systems. + ------------------------------------------------------------------- Wed Feb 15 13:49:18 UTC 2012 - chris@computersalat.de diff --git a/cfengine.spec b/cfengine.spec index 38caabe..0d3586f 100644 --- a/cfengine.spec +++ b/cfengine.spec @@ -19,27 +19,51 @@ Name: cfengine %define libname libpromises %define libsoname %{libname}1 -%define basedir /var/lib/%{name} -%define workdir %{basedir}/work -Summary: A Tool to Maintain Complicated Networks +# Yes, its not FHS conformant but in sync with cfengine documentation +%define basedir /var/%{name} +%define workdir %{basedir} + +Summary: CFEngine automates large-scale IT computing infrastructure License: GPL-3.0 Group: Productivity/Networking/System -Version: 3.2.4 +Version: 3.4.0 Release: 0 Url: http://www.cfengine.org/ -Source: %{name}-%{version}.tar.gz +Source: %{name}-%{version}.tar.bz2 +# fix possible buffer overflows, reported upstream, kkaempf@suse.de +Patch: %{name}-%{version}.patch Source1: http://www.cfengine.org/manuals/cf3-Reference.pdf -Source2: cf-monitord -Source3: cf-execd -Source4: cf-serverd +Source2: http://www.cfengine.org/manuals/cf3-conceptguide.pdf +Source3: http://www.cfengine.org/manuals/cf3-glossary.pdf +Source4: http://www.cfengine.org/manuals/cf3-quickstart.pdf +Source5: http://www.cfengine.org/manuals/cf3-solutions.pdf +Source6: http://www.cfengine.org/manuals/cf3-tutorial.pdf +%if 0%{?suse_version} >= 1210 +Source7: cf-execd.service +Source8: cf-monitord.service +Source9: cf-serverd.service +%else +Source7: cf-monitord +Source8: cf-execd +Source9: cf-serverd +%endif Source10: %{name}.cron BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison BuildRequires: db-devel BuildRequires: flex +BuildRequires: libtokyocabinet-devel BuildRequires: libtool +BuildRequires: libxml2-devel +# Disable mysql for SLE_11: +# configure: error: MySQL client library exports symbols clashing with +# OpenSSL. Get the update from distribution provider, recompile MySQL +# library or disable MySQL connector. See +# http://bugs.mysql.com/bug.php?id=65055 for details. +%if 0%{?suse_version} != 1110 BuildRequires: mysql-devel +%endif BuildRequires: openssl-devel BuildRequires: pcre-devel BuildRequires: postgresql-devel @@ -54,11 +78,20 @@ PreReq: %install_info_prereq BuildRequires: texlive %endif +%if 0%{?suse_version} >= 1210 +BuildRequires: systemd +%{?systemd_requires} +%endif + %description -GNU cfengine is an abstract programming language for system -administrators of huge heterogeneous networks. With cfengine, system -administrators have an easy and elegant way to maintain complicated -networks. +CFEngine automates large-scale IT computing infrastructure: ensuring +the availability, security and compliance of mission-critical +applications and services. Based on popular and flexible open source +configuration management software, CFEngine configuration management +products are highly scalable through decentralized, autonomous agents +that can continuously monitor, self-repair, and update the IT +infrastructure of a global multi-site enterprise - with negligible +impact on system resources or performance. %package -n %{libsoname} Summary: Shared library of cfengine @@ -83,20 +116,20 @@ This package contains the files needed to compile programs that use the libguess library. %package doc -Summary: A Tool to Maintain Complicated Networks (docs) +Summary: CFEngine automates large-scale IT computing infrastructure - documentation Group: Productivity/Networking/System %if 0%{?rhel_version} || 0%{?centos_version} -BuildRequires: texinfo BuildRequires: tetex BuildRequires: tetex-dvips BuildRequires: tetex-latex +BuildRequires: texinfo %endif %description doc Full documentation for cfengine %package server -Summary: Files needed for cfengine server +Summary: CFEngine automates large-scale IT computing infrastructure - server Group: Productivity/Networking/System Requires: %{name} = %{version}-%{release} @@ -106,21 +139,14 @@ This package contains the files of the cfengine server. %prep %setup -q +# Buffer overflow at server.c:2362 +%patch -p1 ##### rpmlint #### wrong-file-end-of-line-encoding #### incorrect-fsf-address ### http://www.fsf.org/about/contact/ find ./examples -type f -name "*.cf" -exec perl -p -i -e 's|\r\n|\n|,s|^# Foundation.*|# Foundation, 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA|' {} \; -### FIXME -# there are 3 different cfengine_stdlib.cf -## as of 3.2.4 -# ./examples/cfengine_stdlib.cf - Rev: 95 -# ./examples/example_config/cfengine_stdlib.cf - Rev: 61 -# ./masterfiles/cfengine_stdlib.cf - Rev: 84 -%{__cp} -a ./examples/cfengine_stdlib.cf ./examples/example_config/ -%{__cp} -a ./examples/cfengine_stdlib.cf ./masterfiles/ - %build %if 0%{?suse_version} %{suse_update_config -f} @@ -129,7 +155,9 @@ find ./examples -type f -name "*.cf" -exec perl -p -i -e 's|\r\n|\n|,s|^# Founda CC=gcc CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \ %configure \ --disable-static \ - --datadir=/var/lib \ + --enable-fhs \ + --with-libxml2 \ + --datadir=/var \ --docdir=%{_docdir}/%{name} \ --with-workdir=%{workdir} %{__make} %{?_smp_mflags} @@ -141,20 +169,24 @@ CC=gcc CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \ [ -d %{buildroot} ] && [ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot} %endif %{__make} "DESTDIR=%{buildroot}" install -%{__install} -d %{buildroot}/{usr/sbin,etc/init.d,%{workdir}/{bin,inputs}} +%{__install} -d %{buildroot}/{usr/sbin,%{workdir}/{bin,inputs,reports}} # create dirs needed for better organizing dirs and files %{__install} -d %{buildroot}/%{basedir}/{backup,failsafe,config} #%{__install} -d %{buildroot}/%{basedir}/config/{development,production} -# install missing AUTHORS LICENSE {S:1} -%{__install} -m0644 AUTHORS LICENSE %{S:1} %{buildroot}/%{_docdir}/%{name}/ - # install cron file %{__install} -D -m0644 %{S:10} %{buildroot}/%{_sysconfdir}/cron.d/%{name} +%if 0%{?suse_version} >= 1210 +# install systemd scripts +%{__install} -D -m 0644 %{S:7} %{buildroot}/%_unitdir/cf-execd.service +%{__install} -D -m 0644 %{S:8} %{buildroot}/%_unitdir/cf-monitord.service +%{__install} -D -m 0644 %{S:9} %{buildroot}/%_unitdir/cf-serverd.service +%else # install init scripts -%{__install} -m 0755 %{S:2} %{S:3} %{S:4} %{buildroot}/etc/init.d/ +%{__install} -d %{buildroot}/etc/init.d +%{__install} -m 0755 %{S:7} %{S:8} %{S:9} %{buildroot}/etc/init.d/ %{__ln_s} -f ../../etc/init.d/cf-monitord %{buildroot}/%{_sbindir}/rccf-monitord %{__ln_s} -f ../../etc/init.d/cf-execd %{buildroot}/%{_sbindir}/rccf-execd %{__ln_s} -f ../../etc/init.d/cf-serverd %{buildroot}/%{_sbindir}/rccf-serverd @@ -163,23 +195,72 @@ sed -i\ -e "s,@workdir@,%{workdir},g"\ -e "s,@basedir@,%{basedir},g" \ %{buildroot}/etc/init.d/cf-* %{buildroot}/etc/cron.d/%{name} +%endif + +# install docs +%{__install} -d %{buildroot}/%{_datadir}/doc/%{name} +%{__install} -m 0644 %{S:1} %{S:2} %{S:3} %{S:4} %{S:5} %{S:6} %{buildroot}/%{_datadir}/doc/%{name} # create symlinks for sbin_PROGRAMS -for i in cf-agent cf-execd cf-key cf-know cf-monitord cf-promises cf-report cf-runagent cf-serverd; do - %{__ln_s} -f ../../../../..%{_sbindir}/${i} %{buildroot}%{workdir}/bin/${i} +# because: cf-promises needs to be installed in /var/cfengine/work/bin for pre-validation of full configuration +for i in cf-agent cf-execd cf-key cf-monitord cf-promises cf-report cf-runagent cf-serverd; do + %{__ln_s} -f ../../..%{_sbindir}/${i} %{buildroot}%{workdir}/bin/${i} done -# mv all masterfiles/*.cf to masterfiles/*.cf.default -pushd %{buildroot}%{basedir}/masterfiles -for j in $(ls -1); do - cp -a * ../work/inputs/ - mv ${j} ${j}.default -done +# Install masterfiles (as %config(noreplace) ) +%{__install} -d %{buildroot}/%{basedir}/masterfiles +%{__install} -m 0644 masterfiles/def.cf %{buildroot}/%{basedir}/masterfiles +%{__install} -m 0644 masterfiles/promises.cf %{buildroot}/%{basedir}/masterfiles +%{__install} -m 0644 masterfiles/libraries/cfengine_stdlib.cf %{buildroot}/%{basedir}/masterfiles +%{__install} -m 0644 masterfiles/failsafe/failsafe.cf %{buildroot}/%{basedir}/masterfiles -## FIXME: what is the purpose of theses libs ? -## are they really needed ? -#rm -rf %{buildroot}/%{_libdir}/libpromises.la -#{__rm} -rf %{buildroot}/%{_libdir}/libpromises.a +rm -rf %{buildroot}/%{_libdir}/%{name}/libpromises.la + +# will appear in %docdir +rm -rf %{buildroot}/%{_datadir}/%{name}/ChangeLog +rm -rf %{buildroot}/%{_datadir}/%{name}/README + +# systemd +%if 0%{?suse_version} >= 1210 + +%pre +%service_add_pre cf-execd.service cf-monitord.service + +%post +%service_add_post cf-execd.service cf-monitord.service +%if 0%{?suse_version} > 1010 +%install_info --name=%{name} --info-dir=%{_infodir} %{_infodir}/cf3-reference.info.gz +%endif +/sbin/ldconfig + +%preun +%service_del_preun cf-execd.service cf-monitord.service + +%postun +%service_del_postun cf-execd.service cf-monitord.service +%if 0%{?suse_version} > 1010 +%install_info_delete --name=%{name} --info-dir=%{_infodir} %{_infodir}/cf3-reference.info.gz +%endif +/sbin/ldconfig + +%pre server +%service_add_pre cf-serverd.service + +%post server +if [ ${1:-0} -ne 1 ]; then + cp -a /usr/share/cfengine/CoreBase/controls /var/cfengine/inputs + cp -a /usr/share/cfengine/CoreBase/libraries /var/cfengine/inputs + cp -a /usr/share/cfengine/CoreBase/services /var/cfengine/inputs +fi +%service_add_post cf-serverd.service + +%preun server +%service_del_preun cf-serverd.service + +%postun server +%service_del_postun cf-serverd.service + +%else # !systemd %preun %if 0%{?suse_version} @@ -234,55 +315,79 @@ done fi %endif +%endif # !systemd + %post -n %{libsoname} -p /sbin/ldconfig %postun -n %{libsoname} -p /sbin/ldconfig %files %defattr(-,root,root) -%{_docdir}/%{name}/LICENSE -%exclude %{_docdir}/%{name}/AUTHORS -%exclude %{_docdir}/%{name}/ChangeLog -%exclude %{_docdir}/%{name}/README -%exclude %{_docdir}/%{name}/example_config -%exclude %{_docdir}/%{name}/examples -/usr/sbin/* -%exclude /usr/sbin/cf-serverd -%exclude /usr/sbin/rccf-serverd +%doc LICENSE +%doc README +%doc ChangeLog +%{_sbindir}/cf-agent +%{_sbindir}/cf-execd +%{_sbindir}/cf-key +%{_sbindir}/cf-monitord +%{_sbindir}/cf-promises +%{_sbindir}/cf-report +%{_sbindir}/cf-runagent +%{_sbindir}/rpmvercmp +%if 0%{?suse_version} >= 1210 +%_unitdir/cf-execd.service +%_unitdir/cf-monitord.service +%else +%exclude /etc/init.d/cf-serverd +%config %attr(0755,root,root) /etc/init.d/* +%{_sbindir}/rccf-execd +%{_sbindir}/rccf-monitord +%endif + %{_mandir}/man?/* %dir %{basedir} -%{basedir} -#%dir %{workdir} -#%{workdir}/* +/var/%{name} %exclude %{basedir}/backup %exclude %{basedir}/config #%exclude %{basedir}/failsafe + +%dir %{_datadir}/%{name} +%{_datadir}/%{name}/* + +%dir %{workdir} +%{workdir}/* %exclude %{workdir}/bin/cf-serverd + %config(noreplace) /etc/cron.d/%{name} -%config %attr(0755,root,root) /etc/init.d/* -%exclude /etc/init.d/cf-serverd + +%dir %{basedir}/masterfiles +%config(noreplace) %{basedir}/masterfiles/*.cf %files -n %{libsoname} %defattr(-,root,root) -%{_libdir}/%{libname}.la -%{_libdir}/%{libname}.so.* +%dir %{_libdir}/%{name} +%{_libdir}/%{name}/%{libname}.so.* %files devel %defattr(-,root,root) -%{_libdir}/%{libname}.so +%{_libdir}/%{name}/%{libname}.so %files doc %defattr(-,root,root) -%{_docdir}/%{name} -%exclude %{_docdir}/%{name}/LICENSE +%dir %{_datadir}/doc/%{name} +%{_datadir}/doc/%{name}/* %files server %defattr(-,root,root) %{basedir}/backup %{basedir}/config -/usr/sbin/cf-serverd -/usr/sbin/rccf-serverd +%{_sbindir}/cf-serverd %{workdir}/bin/cf-serverd +%if 0%{?suse_version} >= 1210 +%_unitdir/cf-serverd.service +%else /etc/init.d/cf-serverd +%{_sbindir}/rccf-serverd +%endif %changelog