New features:
- Introduced Solaris and AIX support into the 3.6 series, with
many associated build and bug fixes.
Changes:
- Short-circuit evaluation of classes promises if class is already
set (Redmine #5241)
- fix to assume all non-specified return codes are failed in
commands promises (Redmine #5986)
- cf-serverd logs reconfiguration message to NOTICE (was INFO)
so that it's always logged in syslog
Bug fixes:
- File monitoring has been completely rewritten (changes attribute
in files promise), which eliminates many bugs, particularly
regarding files that are deleted. Upgrading will keep all
monitoring data, but downgrading again will reinitialize the DB,
so all files will be reported as if they were new. (Redmine #2917)
- $(this.promiser) expands in files promises for 'transformer',
'edit_template', 'copy_from.source', 'file_select.exec_program',
'classes' and 'action' bodies (Redmine #1554, #1496, #3530, #1563)
- 'body changes' notifies about disappeared files in file monitoring
(Redmine #2917)
- Set not-kept classes when files or commands promise should be
repaired, but is warn-only (Redmine #2359)
- Fixed CFEngine template producing a zero-sized file (Redmine #6088)
- Add 0-9 A-Z _ to allowed context of module protocol (Redmine #6063)
- Extend ps command column width on Solaris and filter on zone
rather than adding it to the ps output.
- Fixed strftime() function on Solaris when called with certain
specifiers.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=101
to prevent crash on syntax error
- add 0007-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch
* add 'suse' class for consistency with other vendor classes
(fixes#5417)
* distinction between "SUSE Linux Enterprise Server" (sles) and
"... Desktop" (sled)
* distinction between SUSE Linux Enterprise products (suse) and
openSUSE (opensuse)
* extract version from VERSION and PATCHLEVEL lines instead of
first line of /etc/SuSE-release
- merge cfengine-server with cfengine. A policy server only
gets cfengine-masterfiles but is otherwise identical to
a client.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=89
- performance has been significantly improved, with a 10-20% speed
increase over 3.5 when using the default masterfiles
- agents support the legacy protocol without TLS envelope
This allows upgrading of an agent before the policy server.
- several general improvements and bug fixes too numerous to list
here.
- remove cfengine-bootstrap.patch, included upstream
- split masterfiles off as cfengine-masterfiles package
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=76
- New promise type "users" for managing local user accounts.
- TLS authentication and fully encrypted network protocol
- New attributes in 'bundle server access_rules'
- New variable type 'data' for handling of structured data
- Tagging of classes and variables with meta data
- Many new built-in variables
- Many new functions
- Replace tokyocabinet with lmdb database
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=66
Bug-fixes in the CFEngine Core:
- fix delayed abortclasses checking (Redmine #2316, #3114, #3003)
- fix maplist arguments bug (Redmine #3256)
- fix segfaults in cf-pomises (Redmine #3173, 3194)
- fix build on Solaris 10/SmartOS (Redmine #3097)
- sanitize characters from /etc/issue in sys.flavor for Debian
(Redmine #2988)
- Fix segfault when dealing with files or data > 4K
(Redmine #2912, 2698)
- Don't truncate keys to 126 characters in getindices
(Redmine #2626)
- files created via log_* actions now have mode 600
(Redmine #1578)
- fix wrong log message when a promise is ignored due to
'ifvarclass' not matching
- fix lifetime of persistent classes (Redmine #3259)
- fix segfault when process_select body had no process_result
attribute
- Default to AND'ed expression of all specified attributes
(Redmine #3224)
- include system message in output when acl promises fail
- fix invocation of standard_services bundle and corresponding
promise compliance (Redmine #2869)
- run fdupes after install
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=60
Core Changes:
- the CFEngine Standard Library in masterfiles/libraries is now
split into promise-type specific policy files, and lives in a
version-specific directory. This should have no impact on current
code, but allows more granular include of needed stdlib
elements (Redmine #3044)
- file changes are logged with log level Notice, not Error
Bug fixes:
- fix recursive copying of files (Redmine #2965)
- respect classes in templates (Redmine ##2928)
- fix timestamps on Windows (Redmine #2933)
- fix non-root cf-agent flooding syslog (Redmine #2980)
- fix email flood from cf-execd due to timestamps in agent output
(Redmine #3011)
- Preserve security context when editing or copying local files
(Redmine #2728)
- fix path for sys.crontab on redhat systems (Redmine #2553)
- prevent incorrect "insert_lines promise uses the same
select_line_matching anchor" warning (Redmine #2778)
- Fix regression of setting VIPADDRESS to 127.0.0.1 (Redmine #3010)
- Fix "changes" promise not receiving status when file is missing
(Redmine #2820)
- Fix symlinks being destroyed when editing them (Redmine #2363)
- Fix missing "promise kept" status for the last line in a file
(Redmine #2943)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=55
- new built-in functions: classesmatching, strftime, filestat,
ifelse, maparray
- action_policy => "warn" causes not_kept classes to be set on
promise needing repair.
- command line option version (-V) now prints a shorter
parsable version without graphic
- implicit execution of server and common bundles taking
arguments is skipped in cf-serverd.
- ifvarclass checked from classes promises in common bundles
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=41
New features:
- cf-promises flag --parse-tree is replaced by --policy-output-format=,
requiring the user to specify the output format (none, cf, json)
- cf-promises allows partial check of policy (without body common
control) without integrity check;
--full-check enforces integrity check
- agent binaries support JSON input format (.json file as generated
by cf-promises)
- cf-key: new options --trust-key/-t and --print-digest/-p
- Class "failsafe_fallback" is defined in failsafe.cf when main
policy contains errors and failsafe is run because of this
- add scope attribute for body classes (Redmine #2013)
Changes:
- WARNING: option --policy-server removed, require option to
--bootstrap instead
- process promises don't log if processes are out of range unless
you run in verbose mode
- reports promises are now allowed in any context (Redmine #2005)
- cf-report has been removed
- cf-execd: --once implies --no-fork
Bugfixes:
- do not wait for splaytime when executing only once
- disable xml editing functionality when libxml2 doesn't provide
necessary APIs (Redmine #1937)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=39
New Features:
- Enable zeroconf-discovery of policy hubs for automatic bootstrapping
if Avahi is present
- Support for sys.cpus on more platforms than Linux & HPUX
Changes:
- Make parser output in GCC compatible format the only supported format
(remove --gcc-brief-format flag)
- Silence license warnings in Enterprise Free25 installations
Bugfixes:
- Allocate memory dynamically to avoid out-of-buffer or out-of-hash
situations
- fix edit_xml update of existing attributes (Redmine #2034)
- use failsafe policy from compile-time specified workdir (Redmine #1991)
- Update to 3.4.2 (Bugfix and Stability release)
Bugfixes:
- Fixes to policies in masterfiles (see masterfiles/Changelog for details)
- Fixes for OpenBSD (GitHub #278)
- Do not canonify values specified in abortbundleclasses/abortclasses (Redmine #1786)
- Fix build issues on NetBSD, SLES 12.2
- Improve error message when libxml2 support is not compiled (Redmine #1799)
- fix potential segmentation fault when trimming network socket data (GitHub #233)
- fix potential segmentation fault when address-lookups in lastseen db failed (GitHub #233)
- execute background promise serially when max_children was reached, rather
than skipping them (GitHub #233)
- fix segmentation fault in cf-promises when invoked with --reports (Redmine #1931)
- fix compilation with Sun Studio 12 (Redmine #1901)
- silence type-pun warning when building on HP-UX (GitHub #287)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/cfengine?expand=0&rev=37
