rpm/salt
SHA256
1
0
Fork 0
forked from pool/salt
Code Pull Requests Activity

Accepting request 339485 from devel:languages:python

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/339485
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/salt?expand=0&rev=51
This commit is contained in:
Dominique Leuenberger 2015-10-19 20:52:40 +00:00 committed by Git OBS Bridge
parent e4e14d8ea8
commit dc135e305c
8 changed files with 734 additions and 207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.SUSE
View File

@ -1,10 +1,7 @@
Salt-master as non-root user
============================
With the latest version of the salt-master package a new user has been added.
The user salt be used in later versions as the default user for the salt-master daemon.
For now the default user for the salt-master daemon will be root.
With this version of salt the salt-master will run as salt user.
Why an extra user
=================
@ -13,23 +10,22 @@ While the current setup runs the master as root user, this is considered a secur
and not in line with the other configuration management tools (eg. puppet) which runs as a
dedicated user.
How can I make the change
How can I undo the change
=========================
If you would like to make the change before you can do the following steps manually:
1. uncomment the user parameter in the master configuration
user: salt
1. change the user parameter in the master configuration
user: root
2. update the file permissions:
as root: chown -R salt /etc/salt /var/cache/salt /var/log/salt /var/run/salt
as root: chown -R root /etc/salt /var/cache/salt /var/log/salt /var/run/salt
3. restart the salt-master daemon:
as root: rcsalt-master restart or systemctl restart salt-master
NOTE
====
Running the salt-master daemon as a non-root user has some consequences, some salt operations
cannot be executed correctly when the master is not running as root, specifically the pam external
auth system, as this system needs root access to check authentication.
Running the salt-master daemon as a root user is considers by some a security risk, but
running as root, enables the pam external auth system, as this system needs root access to check authentication.
For more information:
http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html

3
salt-2015.5.5.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5cd8d317616abab691a83f7fd3f8bcf9ad8aecaa95fcfdc0f6d788de87f0beeb
size 5526444

3
salt-2015.8.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:04133839b4632859ad696a40261d1d14b62902dbcaf7df2f9e5e926c89401c23
size 6527650

5
salt-tmpfiles.d Normal file
View File

@ -0,0 +1,5 @@
# Type Path Mode UID GID Age Argument
d /var/run/salt 0750 root salt
d /var/run/salt/master 0750 salt salt
d /var/run/salt/minion 0750 root root

214
salt.changes
View File

@ -1,3 +1,217 @@
-------------------------------------------------------------------
Thu Oct 15 09:43:16 UTC 2015 - mrueckert@suse.de
- update to 2015.8.1
- Add support for ``spm.d/*.conf`` configuration of SPM
(:issue:`27010`)
- Fix ``proxy`` grains breakage for non-proxy minions
(:issue:`27039`)
- Fix global key management for git state
- Fix passing http auth to ``util.http`` from ``state.file``
(:issue:`21917`)
- Fix ``multiprocessing: True`` in windows (on by default`)
- Add ``pkg.info`` to pkg modules
- Fix name of ``serial`` grain (this was accidentally renamed in
2015.8.0`)
- Merge config values from ``master.d``/``minion.d`` conf files
(rather than flat update`)
- Clean grains cache on grains sync (:issue:`19853`)
- Remove streamed response for fileclient to avoid HTTP
redirection problems (:issue:`27093`)
- Fixed incorrect warning about ``osrelease`` grain
(:issue:`27065`)
- Fix authentication via Salt-API with tokens (:issue:`27270`)
- Fix winrepo downloads from https locations (:issue:`27081`)
- Fix potential error with salt-call as non-root user
(:issue:`26889`)
- Fix global minion provider overrides (:issue:`27209`)
- Fix backward compatibility issues for pecl modules
- Fix Windows uninstaller to only remove ``./bin``, ``salt*``,
``nssm.exe``, ``uninst.exe`` (:issue:`27383`)
- Fix misc issues with mongo returner.
- Add sudo option to cloud config files (:issue:`27398`)
- Fix regression in RunnerClient argument handling
(:issue:`25107`)
- Fix ``dockerng.running`` replacing creation hostconfig with
runtime hostconfig (:issue:`27265`)
- Fix dockerng.running replacing creation hostconfig with runtime
hostconfig (:issue:`27265`)
- Increased performance on boto asg/elb states due to
``__states__`` integration
- Windows minion no longer requires powershell to restart
(:issue:`26629`)
- Fix x509 module to support recent versions of OpenSSL
(:issue:`27326`)
- Some issues with proxy minions were corrected.
- drop salt-2015.8-backports-susemanager.diff: included in update
- guard raet buildrequires with bcond_with raet and comment out the
recommends for salt-raet.
-------------------------------------------------------------------
Mon Oct 12 10:11:33 UTC 2015 - tampakrap@opensuse.org
- remove pygit2 global recommends, it is only needed in the master
- remove git-core, pygit2 should pull it as a dependency
- add a (currently disabled) %check
-------------------------------------------------------------------
Mon Oct 12 10:08:57 UTC 2015 - toddrme2178@gmail.com
- Add salt-2015.8-backports-susemanager.diff
Returns detailed information about a package
-------------------------------------------------------------------
Mon Oct 12 08:48:25 UTC 2015 - dmacvicar@suse.de
- ifdef Recommends to build on RHEL based distros
- use _initddir instead of _sysconfdir/init.d as
it works on both platforms.
-------------------------------------------------------------------
Mon Oct 12 08:19:45 UTC 2015 - dmacvicar@suse.de
- allow to disable docs in preparation for building
on other platforms without all dependencies.
-------------------------------------------------------------------
Mon Oct 12 08:07:01 UTC 2015 - dmacvicar@suse.de
- python-libnacl, python-ioflo are _not_ required to build the
package. They are anyways requires of python-raet, which is
also not required to build the package.
-------------------------------------------------------------------
Sat Oct 10 00:00:39 UTC 2015 - mrueckert@suse.de
- merge (build)requires/recommends with requirements/*txt and
setup.py
-------------------------------------------------------------------
Fri Oct 9 23:35:05 UTC 2015 - mrueckert@suse.de
- add raet subpackage which will pull all requires for it and
provides config snippets to enable it for the minion and master.
-------------------------------------------------------------------
Fri Oct 9 15:34:16 UTC 2015 - mrueckert@suse.de
- add tmpfiles.d file
-------------------------------------------------------------------
Fri Oct 9 14:12:39 UTC 2015 - dmacvicar@suse.de
- Remove requires on python-ioflo and python-libnacl
they will be pulled by python-raet,
which is optional.
-------------------------------------------------------------------
Fri Oct 9 12:12:48 UTC 2015 - dmacvicar@suse.de
- python-raet is optional, so make it a Recommends
-------------------------------------------------------------------
Fri Oct 9 12:04:03 UTC 2015 - dmacvicar@suse.de
- update backports patch from 2015.8 branch
-------------------------------------------------------------------
Wed Oct 7 20:06:19 UTC 2015 - mrueckert@suse.de
- update use-forking-daemon.patch:
the original intention was to get rid of the python systemd
dependency. for this we do not have daemonize the whole process.
just switching to simple mode is enough.
-------------------------------------------------------------------
Wed Oct 7 19:15:54 UTC 2015 - mrueckert@suse.de
- drop fdupes:
1. it broke python byte code handling
2. the only part of the package which would really benefit from
it would be the doc package. but given we only install the
files via %doc, we can not use it for that either.
- reenable completions on distros newer than sle11
- do not use _datarootdir, use _datadir instead.
-------------------------------------------------------------------
Wed Oct 7 14:34:18 UTC 2015 - mrueckert@suse.de
- package all directories in /var/cache/salt and /etc/salt and
have permissions set for non root salt master
- update use-salt-user-for-master.patch:
- also patch the logrotate file to include the su option
-------------------------------------------------------------------
Tue Oct 6 12:27:49 UTC 2015 - mrueckert@suse.de
- remove duplicated recommends
- never require pygit2 and git. the master can run fine without.
always use recommends
-------------------------------------------------------------------
Tue Oct 6 11:36:13 UTC 2015 - tampakrap@opensuse.org
- cleanup dependencies:
- remove a lot of unneeded buildrequires
- fdupes not present on SLE10
- python-certifi needed on SLE11
- python-zypp not needed any more
- python-pygit2 is not a global requirement
- convert python-pysqlite to recommends as it is not available on python <=2.7
- sles_version -> suse_version
- %exclude the cloud/deploy/*.sh scripts to fix build issue on SLE11
-------------------------------------------------------------------
Mon Oct 5 12:44:40 UTC 2015 - tampakrap@opensuse.org
- Remove python-PyYAML from the dependencies list, as python-yaml is the same
- Build the -completion subpackages in SLE11 as well
- Add salt-proxy (by dmacvicar@suse.de)
- Create salt user/group only in the -master subpkg
-------------------------------------------------------------------
Sat Oct 3 17:37:20 UTC 2015 - infroma@gmail.com
- Fix typo in use-forking-daemon.patch, that prevented daemon loading
-------------------------------------------------------------------
Thu Oct 1 08:13:58 UTC 2015 - toddrme2178@gmail.com
- Fix typo in Requires
-------------------------------------------------------------------
Tue Sep 29 09:11:38 UTC 2015 - toddrme2178@gmail.com
- Cleanup requirements
-------------------------------------------------------------------
Wed Sep 23 18:06:52 UTC 2015 - aboe76@gmail.com
- New Major release 2015.8.0
for more details:
http://docs.saltstack.com/en/latest/topics/releases/2015.8.0.html
- Cleaned the spec file with spec-cleaner
- Added the use-salt-user-for-master.patch see README.SUSE
- Updated the files ownership with salt user
- removed m2crypto depency
-------------------------------------------------------------------
Tue Sep 22 11:51:50 UTC 2015 - infroma@gmail.com
- Removed fish dependency for fish completions.
-------------------------------------------------------------------
Tue Sep 22 11:12:47 UTC 2015 - infroma@gmail.com
- Added fish completions.
-------------------------------------------------------------------
Mon Sep 21 08:58:31 UTC 2015 - tampakrap@opensuse.org
- Support SLE11SP{3,4}, where the M2Crypto package is named python-m2crypto
-------------------------------------------------------------------
Tue Aug 18 06:58:18 UTC 2015 - aboe76@gmail.com

641
salt.spec
View File

@ -16,95 +16,146 @@
#
%if 0%{?suse_version} > 1210
%bcond_without systemd
%else
%bcond_with systemd
%endif
%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
%if 0%{?suse_version} > 1110
%bcond_without bash_completion
%bcond_without fish_completion
%bcond_without zsh_completion
%else
%bcond_with bash_completion
%bcond_with fish_completion
%bcond_with zsh_completion
%endif
%bcond_with test
%bcond_with raet
%bcond_without docs
Name: salt
Version: 2015.5.5
Version: 2015.8.1
Release: 0
Summary: A parallel remote execution system
License: Apache-2.0
Group: System/Monitoring
Url: http://saltstack.org/
Source0: http://pypi.python.org/packages/source/s/%{name}/%{name}-%{version}.tar.gz
Source1: README.SUSE
Source1: README.SUSE
Source2: salt-tmpfiles.d
# PATCH-FIX-OPENSUSE use-forking-daemon.patch tserong@suse.com -- We don't have python-systemd, so notify can't work
Patch1: use-forking-daemon.patch
#for building
BuildRequires: fdupes
# PATCH-OPENSUSE use-salt-user-for-master.patch -- Run salt master as dedicated salt user
Patch2: use-salt-user-for-master.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: logrotate
BuildRequires: python-Jinja2
BuildRequires: python-M2Crypto
BuildRequires: python-PyYAML
BuildRequires: python-apache-libcloud >= 0.14.0
BuildRequires: python
BuildRequires: python-devel
# requirements/base.txt
BuildRequires: python-Jinja2
BuildRequires: python-futures >= 2.0
BuildRequires: python-markupsafe
BuildRequires: python-msgpack-python > 0.3
BuildRequires: python-psutil
BuildRequires: python-pycrypto
BuildRequires: python-pyzmq >= 2.2.0
BuildRequires: python-requests >= 1.0.0
BuildRequires: python-tornado
BuildRequires: python-tornado >= 4.2.1
BuildRequires: python-yaml
%if 0%{?sles_version}
BuildRequires: python
Requires: python
# requirements/opt.txt (not all)
# BuildRequires: python-MySQL-python
# BuildRequires: python-timelib
# BuildRequires: python-gnupg
# BuildRequires: python-cherrypy >= 3.2.2
%if %{with raet}
# requirements/raet.txt
BuildRequires: python-libnacl >= 1.0.0
BuildRequires: python-ioflo >= 1.1.7
BuildRequires: python-raet >= 0.6.0
%endif
%if 0%{?suse_version} >= 1210
BuildRequires: systemd
%{?systemd_requires}
%endif
#for testing
# requirements/zeromq.txt
BuildRequires: python-pycrypto >= 2.6.1
BuildRequires: python-pyzmq >= 2.2.0
%if %{with test}
# requirements/dev_python27.txt
BuildRequires: python-boto >= 2.32.1
BuildRequires: python-mock
BuildRequires: python-moto >= 0.3.6
BuildRequires: python-pip
BuildRequires: python-salt-testing
BuildRequires: python-salt-testing >= 2015.2.16
BuildRequires: python-unittest2
BuildRequires: python-xml
%endif
%if %{with docs}
#for docs
BuildRequires: python-sphinx
%endif
Requires: logrotate
Requires: python-Jinja2
Requires: python-M2Crypto
Requires: python-PyYAML
Requires: python-apache-libcloud
Requires: python-msgpack-python
Requires: python-psutil
Requires: python-pycrypto
Requires: python-pyzmq
Requires: python-tornado
Requires: python-xml
Requires: python-yaml
Requires: python-zypp
Requires(pre): %fillup_prereq
Requires(pre): %{_sbindir}/groupadd
Requires(pre): %{_sbindir}/useradd
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
Requires(pre): pwdutils
%if 0%{?suse_version} < 1210
%endif
Requires: logrotate
Requires: python
#
%if ! 0%{?suse_version} > 1110
Requires: python-certifi
%endif
# requirements/base.txt
Requires: python-Jinja2
Requires: python-futures >= 2.0
Requires: python-markupsafe
Requires: python-msgpack-python > 0.3
Requires: python-psutil
Requires: python-requests >= 1.0.0
Requires: python-tornado >= 4.2.1
Requires: python-yaml
%if 0%{?suse_version}
# requirements/opt.txt (not all)
Recommends: python-MySQL-python
Recommends: python-timelib
Recommends: python-gnupg
# requirements/raet.txt
# Recommends: salt-raet
# requirements/zeromq.txt
%endif
Requires: python-pycrypto >= 2.6.1
Requires: python-pyzmq >= 2.2.0
#
%if 0%{?suse_version}
# python-xml is part of python-base in all rhel versions
Requires: python-xml
Recommends: python-Mako
Recommends: python-netaddr
%endif
%if %{with systemd}
BuildRequires: systemd
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%if 0%{?sles_version} > 10 && 0%{?sles_version} < 12
%define with_bashcomp 0
%else
%define with_bashcomp 1
%endif
%if %with_bashcomp
%if %{with fish_completion}
%define fish_dir %{_datadir}/fish/
%define fish_completions_dir %{_datadir}/fish/completions/
%endif
%if %{with bash_completion}
%if 0%{?suse_version} >= 1140
BuildRequires: bash-completion
BuildRequires: zsh
%endif #with_bashcomp
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} && 0%{?suse_version} <= 1110
%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
%else
BuildArch: noarch
BuildRequires: bash
%endif
%endif
Recommends: python-botocore
Recommends: python-netaddr
Recommends: python-pygit2
%if %{with zsh_completion}
BuildRequires: zsh
%endif
%description
Salt is a distributed remote execution system used to execute commands and
@ -119,54 +170,59 @@ Summary: The api for Salt a parallel remote execution system
Group: System/Monitoring
Requires: %{name} = %{version}
Requires: %{name}-master = %{version}
Requires: python-CherryPy
Requires: python-CherryPy >= 3.2.2
%description api
salt-api is a modular interface on top of Salt that can provide a variety of entry points into a running Salt system.
%package cloud
Summary: Salt Cloud is a generic cloud provisioning tool
Summary: Generic cloud provisioning tool for Saltstack
Group: System/Monitoring
Requires: %{name} = %{version}
Requires: %{name}-master = %{version}
Requires: python-apache-libcloud
Requires: python-requests
%if 0%{?suse_version}
Recommends: python-botocore
Recommends: python-netaddr
%endif
%description cloud
public cloud VM management system
provision virtual machines on various public clouds via a cleanly
controlled profile and mapping system.
%if %{with docs}
%package doc
Summary: Documentation for salt, a parallel remote execution system
Group: Documentation/HTML
Requires: %{name} = %{version}
%description doc
Documentation of salt, offline version of http://docs.saltstack.com.
This contains the documentation of salt, it is an offline version of http://docs.saltstack.com.
%endif
%package master
Summary: Management component for salt, a parallel remote execution system
Summary: The management component of Saltstack both protocols zmq and raet supported
Group: System/Monitoring
Requires: %{name} = %{version}
%if 0%{?suse_version} == 1315
Recommends: git-core
Recommends: python-pygit2
%else
Requires: git
Requires: python-pygit2
%if 0%{?suse_version}
Recommends: python-pygit2 >= 0.20.3
%endif
%ifarch %{ix86} x86_64
%if 0%{?suse_version} && 0%{?sles_version} == 0
%if 0%{?suse_version}
Requires: dmidecode
%endif
%endif
%if 0%{?suse_version} < 1210
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description master
The Salt master is the central server to which all minions connect.
@ -174,27 +230,84 @@ Enabled commands to remote systems to be called in parallel rather
than serially.
%package minion
Summary: Client component for salt, a parallel remote execution system
Summary: The client component for Saltstack
Group: System/Monitoring
Requires: %{name} = %{version}
%if 0%{?suse_version} < 1210
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description minion
Salt minion is queried and controlled from the master.
Listens to the salt master and execute the commands.
%package raet
Summary: Raet Support for Saltstack
Group: System/Monitoring
Requires: %{name} = %{version}
Requires: python-enum34
Requires: python-ioflo >= 1.1.7
Requires: python-libnacl >= 1.0.0
Requires: python-raet >= 0.6.0
%description raet
The Reliable Asynchronous Event Transport, or RAET, is an alternative transport
medium developed specifically with Salt in mind. It has been developed to allow
queuing to happen up on the application layer and comes with socket layer
encryption. It also abstracts a great deal of control over the socket layer and
makes it easy to bubble up errors and exceptions.
RAET also offers very powerful message routing capabilities, allowing for
messages to be routed between processes on a single machine all the way up to
processes on multiple machines. Messages can also be restricted, allowing
processes to be sent messages of specific types from specific sources allowing
for trust to be established.
%package proxy
Summary: Component for salt that enables controlling arbitrary devices
Group: System/Monitoring
Requires: %{name} = %{version}
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description proxy
Proxy minions are a developing Salt feature that enables controlling devices that,
for whatever reason, cannot run a standard salt-minion.
Examples include network gear that has an API but runs a proprietary OS,
devices with limited CPU or memory, or devices that could run a minion, but for
security reasons, will not.
%package syndic
Summary: Syndic component for salt, a parallel remote execution system
Summary: The syndic component for saltstack
Group: System/Monitoring
Requires: %{name} = %{version}
Requires: %{name}-master = %{version}
%if 0%{?suse_version} < 1210
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description syndic
Salt syndic is the master-of-masters for salt
@ -202,90 +315,138 @@ The master of masters for salt-- it enables
the management of multiple masters at a time..
%package ssh
Summary: Ssh component for salt, a parallel remote execution system
Summary: Management component for Saltstack with ssh protocol
Group: System/Monitoring
Requires: %{name} = %{version}
BuildRequires: python-markupsafe
Requires: python-markupsafe
%if 0%{?suse_version} < 1210
Requires: %{name}-master = %{version}
%if 0%{?suse_version}
Recommends: sshpass
%endif
%if %{with systemd}
%{?systemd_requires}
%else
%if 0%{?suse_version}
Requires(pre): %insserv_prereq
%endif
%endif
%if 0%{?suse_version}
Requires(pre): %fillup_prereq
%endif
%description ssh
Salt ssh is a master running without zmq.
it enables the management of minions over a ssh connection.
%if %with_bashcomp
%if %{with bash_completion}
%package bash-completion
Summary: Bash Completion for %{name}
Group: System/Management
Requires: %{name} = %{version}
Requires: bash-completion
%if 0%{?suse_version} > 1110
BuildArch: noarch
%endif
%description bash-completion
Bash command line completion support for %{name}.
%endif
%if %{with fish_completion}
%package fish-completion
Summary: Fish Completion for %{name}
Group: System/Management
Requires: %{name} = %{version}
%if 0%{?suse_version} > 1110
BuildArch: noarch
%endif
%description fish-completion
Fish command line completion support for %{name}.
%endif
%if %{with zsh_completion}
%package zsh-completion
Summary: Zsh Completion for %{name}
Group: System/Management
Requires: %{name} = %{version}
Requires: zsh
%if 0%{?suse_version} > 1110
BuildArch: noarch
%endif
%description zsh-completion
Zsh command line completion support for %{name}.
%endif # with_bashcomp
%prep
%setup -q
cp %{S:1} .
%patch1 -p1
%build
python setup.py build
## documentation
cd doc && make html && rm _build/html/.buildinfo && rm _build/html/_images/proxy_minions.png && cd _build/html && chmod -R -x+X *
%install
python setup.py install --prefix=%{_prefix} --root=%{buildroot}
%fdupes %{buildroot}%{_prefix}
%fdupes $RPM_BUILD_ROOT%{python_sitelib}
## create missing directories
mkdir -p %{buildroot}%{_sysconfdir}/salt/master.d
mkdir -p %{buildroot}%{_sysconfdir}/salt/minion.d
mkdir -p %{buildroot}%{_sysconfdir}/salt/cloud.maps.d
mkdir -p %{buildroot}%{_sysconfdir}/salt/cloud.profiles.d
mkdir -p %{buildroot}%{_sysconfdir}/salt/cloud.providers.d
%if 0%{?suse_version} < 1210
mkdir -p %{buildroot}%{_sysconfdir}/init.d
%endif
mkdir -p %{buildroot}%{_localstatedir}/log/salt
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d/
mkdir -p %{buildroot}%{_sbindir}
mkdir -p %{buildroot}/var/log/salt
mkdir -p %{buildroot}/srv/salt
mkdir -p %{buildroot}/srv/pillar
mkdir -p %{buildroot}%{_docdir}/salt
%prep
%setup -q -n salt-%{version}
cp %{S:1} .
%patch1 -p1
%patch2 -p1
%build
python setup.py --salt-transport=both build
%if %{with docs}
## documentation
cd doc && make html && rm _build/html/.buildinfo && rm _build/html/_images/proxy_minions.png && cd _build/html && chmod -R -x+X *
%endif
%install
python setup.py --salt-transport=both install --prefix=%{_prefix} --root=%{buildroot}
## create missing directories
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/master.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/minion.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/cloud.maps.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/cloud.profiles.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/cloud.providers.d
install -Dd -m 0750 %{buildroot}%{_localstatedir}/log/salt
install -Dd -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d/
install -Dd -m 0755 %{buildroot}%{_sbindir}
install -Dd -m 0750 %{buildroot}%{_localstatedir}/log/salt
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/minion/extmod
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master/jobs
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master/proc
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master/queues
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master/roots
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master/syndics
install -Dd -m 0750 %{buildroot}%{_localstatedir}/cache/salt/master/tokens
install -Dd -m 0750 %{buildroot}/srv/salt
install -Dd -m 0750 %{buildroot}/srv/pillar
install -Dd -m 0750 %{buildroot}/srv/spm
install -Dd -m 0755 %{buildroot}%{_docdir}/salt
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/cloud.maps.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/cloud.profiles.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/cloud.providers.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/master.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/minion.d
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/master
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/master/minions
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/master/minions_autosign
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/master/minions_denied
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/master/minions_pre
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/master/minions_rejected
install -Dd -m 0750 %{buildroot}%{_sysconfdir}/salt/pki/minion
## install init and systemd scripts
%if 0%{?_unitdir:1}
install -Dpm 0644 pkg/salt-master.service %{buildroot}%_unitdir/salt-master.service
install -Dpm 0644 pkg/salt-minion.service %{buildroot}%_unitdir/salt-minion.service
install -Dpm 0644 pkg/salt-syndic.service %{buildroot}%_unitdir/salt-syndic.service
install -Dpm 0644 pkg/salt-api.service %{buildroot}%_unitdir/salt-api.service
%if %{with systemd}
install -Dpm 0644 pkg/salt-master.service %{buildroot}%{_unitdir}/salt-master.service
install -Dpm 0644 pkg/salt-minion.service %{buildroot}%{_unitdir}/salt-minion.service
install -Dpm 0644 pkg/salt-syndic.service %{buildroot}%{_unitdir}/salt-syndic.service
install -Dpm 0644 pkg/salt-api.service %{buildroot}%{_unitdir}/salt-api.service
ln -s service %{buildroot}%{_sbindir}/rcsalt-master
ln -s service %{buildroot}%{_sbindir}/rcsalt-syndic
ln -s service %{buildroot}%{_sbindir}/rcsalt-minion
ln -s service %{buildroot}%{_sbindir}/rcsalt-api
install -Dpm 644 %{S:2} %{buildroot}/usr/lib/tmpfiles.d/salt.conf
%else
mkdir -p %{buildroot}%{_initddir}
## install init scripts
install -Dpm 0755 pkg/suse/salt-master %{buildroot}%{_initddir}/salt-master
install -Dpm 0755 pkg/suse/salt-syndic %{buildroot}%{_initddir}/salt-syndic
@ -299,12 +460,13 @@ ln -sf %{_initddir}/salt-api %{buildroot}%{_sbindir}/rcsalt-api
#
## install config files
install -Dpm 0644 conf/minion %{buildroot}%{_sysconfdir}/salt/minion
install -Dpm 0644 conf/master %{buildroot}%{_sysconfdir}/salt/master
install -Dpm 0644 conf/roster %{buildroot}%{_sysconfdir}/salt/roster
install -Dpm 0644 conf/cloud %{buildroot}%{_sysconfdir}/salt/cloud
install -Dpm 0644 conf/cloud.profiles %{buildroot}%{_sysconfdir}/salt/cloud.profiles
install -Dpm 0644 conf/cloud.providers %{buildroot}%{_sysconfdir}/salt/cloud.providers
install -Dpm 0640 conf/minion %{buildroot}%{_sysconfdir}/salt/minion
install -Dpm 0640 /dev/null %{buildroot}%{_sysconfdir}/salt/minion_id
install -Dpm 0640 conf/master %{buildroot}%{_sysconfdir}/salt/master
install -Dpm 0640 conf/roster %{buildroot}%{_sysconfdir}/salt/roster
install -Dpm 0640 conf/cloud %{buildroot}%{_sysconfdir}/salt/cloud
install -Dpm 0640 conf/cloud.profiles %{buildroot}%{_sysconfdir}/salt/cloud.profiles
install -Dpm 0640 conf/cloud.providers %{buildroot}%{_sysconfdir}/salt/cloud.providers
#
## install logrotate file
install -Dpm 0644 pkg/salt-common.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/salt
@ -313,149 +475,216 @@ install -Dpm 0644 pkg/salt-common.logrotate %{buildroot}%{_sysconfdir}/logrotat
install -Dpm 0644 pkg/suse/salt.SuSEfirewall2 %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/salt
#
## install completion scripts
%if %with_bashcomp
install -Dpm 0644 pkg/salt.bash %{buildroot}/etc/bash_completion.d/%{name}
install -Dpm 0644 pkg/zsh_completion.zsh %{buildroot}/etc/zsh_completion.d/%{name}
%endif #with_bashcomp
%if %{with bash_completion}
install -Dpm 0644 pkg/salt.bash %{buildroot}%{_sysconfdir}/bash_completion.d/salt
%endif
%if %{with zsh_completion}
install -Dpm 0644 pkg/zsh_completion.zsh %{buildroot}%{_sysconfdir}/zsh_completion.d/salt
%endif
#%%check
#%%if 0%{?suse_version} < 1310
#%%{__python} setup.py test --runtests-opts=-u
#%%endif
%if %{with fish_completion}
mkdir -p %{buildroot}%{fish_completions_dir}
install -Dpm 0644 pkg/fish-completions/* %{buildroot}%{fish_completions_dir}
%endif
# raet transport config
echo "transport: raet" > %{buildroot}%{_sysconfdir}/salt/master.d/transport-raet.conf
echo "transport: raet" > %{buildroot}%{_sysconfdir}/salt/minion.d/transport-raet.conf
%check
%if %{with test}
python setup.py test --runtests-opts=-u
%endif
%pre
getent group salt >/dev/null || %{_sbindir}/groupadd -r salt
getent passwd salt >/dev/null || %{_sbindir}/useradd -r -g salt -d /srv/salt -s /bin/false -c "salt-master daemon" salt
%if %{with systemd}
%post
systemd-tmpfiles --create /usr/lib/tmpfiles.d/salt.conf || true
%endif
%preun syndic
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_preun salt-syndic.service
%else
%if 0%{?suse_version}
%stop_on_removal salt-syndic
%else
if [ $1 -eq 0 ] ; then
/sbin/service salt-syndic stop >/dev/null 2>&1
/sbin/chkconfig --del salt-syndic
fi
%endif
%endif
%pre syndic
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_pre salt-syndic.service
%endif
%post syndic
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_post salt-syndic.service
%fillup_only
%else
%if 0%{?suse_version}
%fillup_and_insserv
%endif
%endif
%postun syndic
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_postun salt-syndic.service
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update salt-syndic
%endif
%endif
%preun master
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_preun salt-master.service
%else
%if 0%{?suse_version}
%stop_on_removal salt-master
%else
if [ $1 -eq 0 ] ; then
/sbin/service salt-master stop >/dev/null 2>&1
/sbin/chkconfig --del salt-master
fi
%endif
%endif
%pre master
getent group salt >/dev/null || %{_sbindir}/groupadd -r salt
getent passwd salt >/dev/null || %{_sbindir}/useradd -r -g salt -d /srv/salt -s /bin/false -c "salt-master daemon" salt
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_pre salt-master.service
%endif
%post master
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_post salt-master.service
%fillup_only
%else
%if 0%{?suse_version}
%fillup_and_insserv
%else
/sbin/chkconfig --add salt-master
%endif
%endif
%postun master
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_postun salt-master.service
%else
%if 0%{?suse_version}
%restart_on_update salt-master
%insserv_cleanup
%else
if [ "$1" -ge "1" ] ; then
/sbin/service salt-master condrestart >/dev/null 2>&1 || :
fi
%endif
%endif
%preun minion
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_preun salt-minion.service
%else
%if 0%{?suse_version}
%stop_on_removal salt-minion
%else
if [ $1 -eq 0 ] ; then
/sbin/service salt-minion stop >/dev/null 2>&1
/sbin/chkconfig --del salt-minion
fi
%endif
%endif
%pre minion
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_pre salt-minion.service
%endif
%post minion
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_post salt-minion.service
%fillup_only
%else
%if 0%{?suse_version}
%fillup_and_insserv
%else
/sbin/chkconfig --add salt-minion
%endif
%endif
%postun minion
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_postun salt-minion.service
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update salt-minion
%else
if [ "$1" -ge "1" ] ; then
/sbin/service salt-minion condrestart >/dev/null 2>&1 || :
fi
%endif
%endif
%preun api
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_preun salt-api.service
%else
%stop_on_removal
%endif
%pre api
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_pre salt-api.service
%endif
%post api
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_add_post salt-api.service
%else
%if 0%{?suse_version}
%fillup_and_insserv
%endif
%endif
%postun api
%if 0%{?_unitdir:1}
%if %{with systemd}
%service_del_postun salt-api.service
%else
%if 0%{?suse_version}
%insserv_cleanup
%restart_on_update
%endif
%endif
%files api
%defattr(-,root,root)
%{_bindir}/salt-api
%{_sbindir}/rcsalt-api
%if 0%{?_unitdir:1}
%_unitdir/salt-api.service
%if %{with systemd}
%{_unitdir}/salt-api.service
%else
%{_sysconfdir}/init.d/salt-api
%{_initddir}/salt-api
%endif
%{_mandir}/man1/salt-api.1.*
%files cloud
%defattr(-,root,root)
%{_bindir}/salt-cloud
%{_sysconfdir}/salt/cloud.maps.d
%{_sysconfdir}/salt/cloud.profiles.d
%{_sysconfdir}/salt/cloud.providers.d
%attr(0644, root, root) %config(noreplace) %{_sysconfdir}/salt/cloud
%attr(0644, root, root) %config(noreplace) %{_sysconfdir}/salt/cloud.profiles
%attr(0644, root, root) %config(noreplace) %{_sysconfdir}/salt/cloud.providers
%dir %attr(0750, root, salt) %{_sysconfdir}/salt/cloud.maps.d
%dir %attr(0750, root, salt) %{_sysconfdir}/salt/cloud.profiles.d
%dir %attr(0750, root, salt) %{_sysconfdir}/salt/cloud.providers.d
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/cloud
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/cloud.profiles
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/cloud.providers
%{_mandir}/man1/salt-cloud.1.*
%files ssh
@ -468,25 +697,33 @@ getent passwd salt >/dev/null || %{_sbindir}/useradd -r -g salt -d /srv/salt -s
%{_bindir}/salt-syndic
%{_mandir}/man1/salt-syndic.1.gz
%{_sbindir}/rcsalt-syndic
%if 0%{?_unitdir:1}
%_unitdir/salt-syndic.service
%if %{with systemd}
%{_unitdir}/salt-syndic.service
%else
%{_sysconfdir}/init.d/salt-syndic
%{_initddir}/salt-syndic
%endif
%files minion
%defattr(-,root,root)
%{_bindir}/salt-minion
%{_mandir}/man1/salt-minion.1.gz
%attr(0644, root, root) %config(noreplace) %{_sysconfdir}/salt/minion
%{_sysconfdir}/salt/minion.d
%config(noreplace) %attr(0640, root, root) %{_sysconfdir}/salt/minion
%config(noreplace) %attr(0640, root, root) %ghost %{_sysconfdir}/salt/minion_id
%dir %attr(0750, root, root) %{_sysconfdir}/salt/minion.d/
%dir %attr(0750, root, root) %{_sysconfdir}/salt/pki/minion/
%dir %attr(0750, root, root) %{_localstatedir}/cache/salt/minion/
%{_sbindir}/rcsalt-minion
%if 0%{?_unitdir:1}
%_unitdir/salt-minion.service
%if %{with systemd}
%{_unitdir}/salt-minion.service
%else
%config(noreplace) %{_sysconfdir}/init.d/salt-minion
%config(noreplace) %{_initddir}/salt-minion
%endif
%files proxy
%defattr(-,root,root)
%{_bindir}/salt-proxy
%{_mandir}/man1/salt-proxy.1.gz
%files master
%defattr(-,root,root)
%{_bindir}/salt
@ -500,45 +737,85 @@ getent passwd salt >/dev/null || %{_sbindir}/useradd -r -g salt -d /srv/salt -s
%{_mandir}/man1/salt-run.1.gz
%{_mandir}/man7/salt.7.gz
%config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/salt
%attr(0644, root, root) %config(noreplace) %{_sysconfdir}/salt/master
%attr(0644, root, root) %config(noreplace) %{_sysconfdir}/salt/roster
%{_sysconfdir}/salt/master.d
%dir /srv/salt
%dir /srv/pillar
%{_sbindir}/rcsalt-master
%if 0%{?_unitdir:1}
%_unitdir/salt-master.service
%if %{with systemd}
%{_unitdir}/salt-master.service
%else
%config(noreplace) %{_sysconfdir}/init.d/salt-master
%config(noreplace) %{_initddir}/salt-master
%endif
#
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/master
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/roster
%dir %attr(0755, root, salt) %{_sysconfdir}/salt/master.d/
%dir %attr(0750, salt, salt) %{_sysconfdir}/salt/pki/master/
%dir %attr(0750, salt, salt) %{_sysconfdir}/salt/pki/master/minions/
%dir %attr(0750, salt, salt) %{_sysconfdir}/salt/pki/master/minions_autosign/
%dir %attr(0750, salt, salt) %{_sysconfdir}/salt/pki/master/minions_denied/
%dir %attr(0750, salt, salt) %{_sysconfdir}/salt/pki/master/minions_pre/
%dir %attr(0750, salt, salt) %{_sysconfdir}/salt/pki/master/minions_rejected/
%dir %attr(0755, root, salt) /srv/salt
%dir %attr(0755, root, salt) /srv/pillar
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/jobs/
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/proc/
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/queues/
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/roots/
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/syndics/
%dir %attr(0750, salt, salt) %{_localstatedir}/cache/salt/master/tokens/
%files doc
%defattr(-,root,root)
%doc doc/_build/html
%files raet
%defattr(-,root,root,-)
%config(noreplace) %attr(0640, root, salt) %{_sysconfdir}/salt/master.d/transport-raet.conf
%config(noreplace) %attr(0640, root, root) %{_sysconfdir}/salt/minion.d/transport-raet.conf
%files
%defattr(-,root,root,-)
%dir %{_sysconfdir}/salt
%dir /var/log/salt
%{_bindir}/spm
%{_bindir}/salt-call
%{_bindir}/salt-unity
%{_mandir}/man1/salt-unity.1.gz
%{_mandir}/man1/salt-call.1.gz
%config(noreplace) %{_sysconfdir}/logrotate.d/salt
%attr(755,root,root)%{python_sitelib}/salt/cloud/deploy/*.sh
%{python_sitelib}/*
%exclude %{python_sitelib}/salt/cloud/deploy/*.sh
%attr(755,root,root)%{python_sitelib}/salt/cloud/deploy/*.sh
%doc LICENSE AUTHORS README.rst HACKING.rst README.SUSE
#
%dir %attr(0750, root, salt) %{_sysconfdir}/salt
%dir %attr(0750, root, salt) %{_sysconfdir}/salt/pki
%dir %attr(0750, salt, salt) %{_localstatedir}/log/salt
%dir %attr(0750, root, salt) %{_localstatedir}/cache/salt
%dir %attr(0750, root, salt) /srv/spm
%if %{with systemd}
/usr/lib/tmpfiles.d/salt.conf
%endif
%if %with_bashcomp
%if %{with docs}
%files doc
%defattr(-,root,root)
%doc doc/_build/html
%endif
%if %{with bash_completion}
%files bash-completion
%defattr(-,root,root)
%dir %{_sysconfdir}/bash_completion.d/
%config %{_sysconfdir}/bash_completion.d/%{name}
%endif
%if %{with zsh_completion}
%files zsh-completion
%defattr(-,root,root)
%dir %{_sysconfdir}/zsh_completion.d/
%config %{_sysconfdir}/zsh_completion.d/%{name}
%endif
%endif #with_bashcomp
%if %{with fish_completion}
%files fish-completion
%defattr(-,root,root)
%{fish_completions_dir}/salt*
%dir %{fish_completions_dir}
%dir %{fish_dir}
%endif
%changelog

18
use-forking-daemon.patch
View File

@ -1,17 +1,13 @@
Index: salt-2014.7.4/pkg/salt-master.service
Index: salt-2015.8.0/pkg/salt-master.service
===================================================================
--- salt-2014.7.4.orig/pkg/salt-master.service
+++ salt-2014.7.4/pkg/salt-master.service
@@ -3,8 +3,10 @@ Description=The Salt Master Server
After=syslog.target network.target
--- salt-2015.8.0.orig/pkg/salt-master.service
+++ salt-2015.8.0/pkg/salt-master.service
@@ -4,7 +4,7 @@ After=syslog.target network.target
[Service]
LimitNOFILE=16384
-Type=notify
-ExecStart=/usr/bin/salt-master
+Type=forking
+ExecStart=/usr/bin/salt-master --daemon
+# Daemon mode doesn't seem to work reliably without PIDFile
+PIDFile=/var/run/salt-master.pid
+Type=simple
ExecStart=/usr/bin/salt-master
[Install]
WantedBy=multi-user.target

39
use-salt-user-for-master.patch Normal file
View File

@ -0,0 +1,39 @@
Index: salt-2015.8.0/conf/master
===================================================================
--- salt-2015.8.0.orig/conf/master
+++ salt-2015.8.0/conf/master
@@ -25,7 +25,7 @@
# permissions to allow the specified user to run the master. The exception is
# the job cache, which must be deleted if this user is changed. If the
# modified files cause conflicts, set verify_env to False.
-#user: root
+user: salt
# Max open files
#
Index: salt-2015.8.0/pkg/salt-common.logrotate
===================================================================
--- salt-2015.8.0.orig/pkg/salt-common.logrotate
+++ salt-2015.8.0/pkg/salt-common.logrotate
@@ -1,4 +1,5 @@
/var/log/salt/master {
+ su salt salt
weekly
missingok
rotate 7
@@ -7,6 +8,7 @@
}
/var/log/salt/minion {
+ su salt salt
weekly
missingok
rotate 7
@@ -15,6 +17,7 @@
}
/var/log/salt/key {
+ su salt salt
weekly
missingok
rotate 7