- New promise type "users" for managing local user accounts.
- TLS authentication and fully encrypted network protocol
- New attributes in 'bundle server access_rules'
- New variable type 'data' for handling of structured data
- Tagging of classes and variables with meta data
- Many new built-in variables
- Many new functions
- Replace tokyocabinet with lmdb database
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=66
Bug-fixes in the CFEngine Core:
- fix delayed abortclasses checking (Redmine #2316, #3114, #3003)
- fix maplist arguments bug (Redmine #3256)
- fix segfaults in cf-pomises (Redmine #3173, 3194)
- fix build on Solaris 10/SmartOS (Redmine #3097)
- sanitize characters from /etc/issue in sys.flavor for Debian
(Redmine #2988)
- Fix segfault when dealing with files or data > 4K
(Redmine #2912, 2698)
- Don't truncate keys to 126 characters in getindices
(Redmine #2626)
- files created via log_* actions now have mode 600
(Redmine #1578)
- fix wrong log message when a promise is ignored due to
'ifvarclass' not matching
- fix lifetime of persistent classes (Redmine #3259)
- fix segfault when process_select body had no process_result
attribute
- Default to AND'ed expression of all specified attributes
(Redmine #3224)
- include system message in output when acl promises fail
- fix invocation of standard_services bundle and corresponding
promise compliance (Redmine #2869)
- run fdupes after install
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=60
Core Changes:
- the CFEngine Standard Library in masterfiles/libraries is now
split into promise-type specific policy files, and lives in a
version-specific directory. This should have no impact on current
code, but allows more granular include of needed stdlib
elements (Redmine #3044)
- file changes are logged with log level Notice, not Error
Bug fixes:
- fix recursive copying of files (Redmine #2965)
- respect classes in templates (Redmine ##2928)
- fix timestamps on Windows (Redmine #2933)
- fix non-root cf-agent flooding syslog (Redmine #2980)
- fix email flood from cf-execd due to timestamps in agent output
(Redmine #3011)
- Preserve security context when editing or copying local files
(Redmine #2728)
- fix path for sys.crontab on redhat systems (Redmine #2553)
- prevent incorrect "insert_lines promise uses the same
select_line_matching anchor" warning (Redmine #2778)
- Fix regression of setting VIPADDRESS to 127.0.0.1 (Redmine #3010)
- Fix "changes" promise not receiving status when file is missing
(Redmine #2820)
- Fix symlinks being destroyed when editing them (Redmine #2363)
- Fix missing "promise kept" status for the last line in a file
(Redmine #2943)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=55
- new built-in functions: classesmatching, strftime, filestat,
ifelse, maparray
- action_policy => "warn" causes not_kept classes to be set on
promise needing repair.
- command line option version (-V) now prints a shorter
parsable version without graphic
- implicit execution of server and common bundles taking
arguments is skipped in cf-serverd.
- ifvarclass checked from classes promises in common bundles
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=41
New features:
- cf-promises flag --parse-tree is replaced by --policy-output-format=,
requiring the user to specify the output format (none, cf, json)
- cf-promises allows partial check of policy (without body common
control) without integrity check;
--full-check enforces integrity check
- agent binaries support JSON input format (.json file as generated
by cf-promises)
- cf-key: new options --trust-key/-t and --print-digest/-p
- Class "failsafe_fallback" is defined in failsafe.cf when main
policy contains errors and failsafe is run because of this
- add scope attribute for body classes (Redmine #2013)
Changes:
- WARNING: option --policy-server removed, require option to
--bootstrap instead
- process promises don't log if processes are out of range unless
you run in verbose mode
- reports promises are now allowed in any context (Redmine #2005)
- cf-report has been removed
- cf-execd: --once implies --no-fork
Bugfixes:
- do not wait for splaytime when executing only once
- disable xml editing functionality when libxml2 doesn't provide
necessary APIs (Redmine #1937)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=39
New Features:
- Enable zeroconf-discovery of policy hubs for automatic bootstrapping
if Avahi is present
- Support for sys.cpus on more platforms than Linux & HPUX
Changes:
- Make parser output in GCC compatible format the only supported format
(remove --gcc-brief-format flag)
- Silence license warnings in Enterprise Free25 installations
Bugfixes:
- Allocate memory dynamically to avoid out-of-buffer or out-of-hash
situations
- fix edit_xml update of existing attributes (Redmine #2034)
- use failsafe policy from compile-time specified workdir (Redmine #1991)
- Update to 3.4.2 (Bugfix and Stability release)
Bugfixes:
- Fixes to policies in masterfiles (see masterfiles/Changelog for details)
- Fixes for OpenBSD (GitHub #278)
- Do not canonify values specified in abortbundleclasses/abortclasses (Redmine #1786)
- Fix build issues on NetBSD, SLES 12.2
- Improve error message when libxml2 support is not compiled (Redmine #1799)
- fix potential segmentation fault when trimming network socket data (GitHub #233)
- fix potential segmentation fault when address-lookups in lastseen db failed (GitHub #233)
- execute background promise serially when max_children was reached, rather
than skipping them (GitHub #233)
- fix segmentation fault in cf-promises when invoked with --reports (Redmine #1931)
- fix compilation with Sun Studio 12 (Redmine #1901)
- silence type-pun warning when building on HP-UX (GitHub #287)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=37
New features:
- XML editing capabilities. See the documentation for edit_xml
body. Note the new dependency: libxml2.
- Implement inheritance of local classes by bundles called using
"usebundle". By default classes are not inherited. See the
examples/unit_inherit.cf for an example.
- Moved from Nova/Enterprise:
- POSIX ACL support,
- "outputs" promise type,
- remote syslog support.
- packages_default_arch_command hook in packages promises, to
specify default architecture of the packages on the system.
- packages_version_less_command / packages_version_equal_command hooks
in packages promises, to specify external command for native package
manager versions comparison
- Running in Solaris zone is now detected and classes "zone" and
"zone_<name>" are created in this case.
- VirtualBox support added to guest_environment promises.
- guest_environment promises are supported under OS X.
- The "depends_on" attribute is now active, for the partal ordering
of promises. If a promise depends on another (referred by handle)
it will only be considered if the depends_on list is either kept
or repaired already.
** WARNING: When upgrading, make sure that any existing use
of depends_on does not make some promises being
unintentionally ignored.
This can happen if you are currently refering to non-existant or
never-run handles in depends_on attributes.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=20
