From 3a09788bf8364f02468ee0ad6ea071b102345465 Mon Sep 17 00:00:00 2001 From: Todd Zullinger Date: Aug 08 2009 15:49:04 +0000 Subject: Fix a number of packaging and source bugs Fri Aug 07 2009 Todd Zullinger - 0.24.8-4 - Fix status -p handling on older RHEL (#501577) - Fix condrestart when daemon's aren't running (#480600) - Fix timeout reading /proc/mounts (upstream #1963) - Fix permissions on /var/log/puppet (#495096) - Fix rails test for activerecord-2.3 (#515728) Wed Jun 24 2009 Jeroen van Meeuwen - Fix permissions on /var/run/puppet/ (#495096) - Support initializing supplementary groups (#1806, #475201, Till Maas) - Own the correct vim directory - Move ext/ outside of doc datadir (rpmlint) - Require ruby(selinux) rather then libselinux-ruby (#507848) --- diff --git a/puppet-0.24.8-activerecord-test.patch b/puppet-0.24.8-activerecord-test.patch new file mode 100644 index 0000000..fac8473 --- /dev/null +++ b/puppet-0.24.8-activerecord-test.patch @@ -0,0 +1,46 @@ +From a7a9fb5afaa58922bb6ecb49e04b5ed59f381d22 Mon Sep 17 00:00:00 2001 +From: Luke Kanies +Date: Thu, 23 Apr 2009 18:56:30 -0500 +Subject: [PATCH/puppet] Fixing the Rails feature test to require 2.3.x + +Signed-off-by: Luke Kanies +--- + lib/puppet/feature/rails.rb | 21 ++++----------------- + 1 files changed, 4 insertions(+), 17 deletions(-) + +diff --git a/lib/puppet/feature/rails.rb b/lib/puppet/feature/rails.rb +index 63e6f00..561863c 100644 +--- a/lib/puppet/feature/rails.rb ++++ b/lib/puppet/feature/rails.rb +@@ -28,24 +28,11 @@ Puppet.features.add(:rails) do + end + end + +- # If we couldn't find it the normal way, try using a Gem. +- unless defined? ActiveRecord +- begin +- require 'rubygems' +- require 'rails' +- rescue LoadError +- # Nothing +- end ++ unless defined?(::ActiveRecord) and ::ActiveRecord::VERSION::MAJOR == 2 and ::ActiveRecord::VERSION::MINOR == 3 ++ Puppet.err "ActiveRecord 2.3 required for StoreConfigs" ++ raise "ActiveRecord 2.3 required for StoreConfigs" + end + +- # We check a fairly specific class, so that we can be sure that we've +- # loaded a new enough version of AR that will support the features we +- # actually use. +- if defined? ActiveRecord::Associations::BelongsToPolymorphicAssociation +- require 'puppet/rails' +- true +- else +- false +- end ++ true + end + +-- +1.6.4 + diff --git a/puppet-0.24.8-condrestart.patch b/puppet-0.24.8-condrestart.patch new file mode 100644 index 0000000..2809c1c --- /dev/null +++ b/puppet-0.24.8-condrestart.patch @@ -0,0 +1,82 @@ +From fc161e4a5ad4d470d0fe17b734004ab675eaa6ae Mon Sep 17 00:00:00 2001 +From: Todd Zullinger +Date: Fri, 3 Jul 2009 10:22:19 -0400 +Subject: [PATCH/puppet 2/2] conf/redhat/*.init: Fix condrestart/try-restart + +Previously, the Red Hat init scripts used the $pidfile or $lockfile as a +test for whether to restart the daemons. This caused condrestart to +start the daemons even when they were not running, in cases where they +had died or been killed without cleaning up the $pidfile/$lockfile. + +This was reported by Ingvar Hagelund in Red Hat bug #480600. +--- + conf/redhat/client.init | 7 ++++++- + conf/redhat/server.init | 11 ++++++++--- + 2 files changed, 14 insertions(+), 4 deletions(-) + +diff --git a/conf/redhat/client.init b/conf/redhat/client.init +index f40e81d..fda156c 100644 +--- a/conf/redhat/client.init ++++ b/conf/redhat/client.init +@@ -67,6 +67,10 @@ rh_status() { + status $statusopts $puppetd + } + ++rh_status_q() { ++ rh_status >/dev/null 2>&1 ++} ++ + genconfig() { + echo -n $"Generate configuration puppet: " + $puppetd ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --genconfig +@@ -86,7 +90,8 @@ case "$1" in + reload + ;; + condrestart|try-restart) +- [ -f "$pidfile" ] && restart ++ rh_status_q || exit 0 ++ restart + ;; + status) + rh_status +diff --git a/conf/redhat/server.init b/conf/redhat/server.init +index 6871b9a..74cb52f 100644 +--- a/conf/redhat/server.init ++++ b/conf/redhat/server.init +@@ -89,7 +89,7 @@ genconfig() { + $PUPPETMASTER $PUPPETMASTER_OPTS --genconfig + } + +-puppetmaster_status() { ++rh_status() { + if [ -n "$PUPPETMASTER_PORTS" ] && [ ${#PUPPETMASTER_PORTS[@]} -gt 1 ]; then + for ((i=0; i<${#PUPPETMASTER_PORTS[@]}; i++)); do + echo -en "Port ${PUPPETMASTER_PORTS[$i]}: " +@@ -103,6 +103,10 @@ puppetmaster_status() { + return $RETVAL + } + ++rh_status_q() { ++ rh_status >/dev/null 2>&1 ++} ++ + case "$1" in + start) + start +@@ -114,10 +118,11 @@ case "$1" in + restart + ;; + condrestart) +- [ -f "$lockfile" ] && restart ++ rh_status_q || exit 0 ++ restart + ;; + status) +- puppetmaster_status ++ rh_status + ;; + genconfig) + genconfig +-- +1.6.3.3 + diff --git a/puppet-0.24.8-read-proc-mounts.patch b/puppet-0.24.8-read-proc-mounts.patch new file mode 100644 index 0000000..4c22b79 --- /dev/null +++ b/puppet-0.24.8-read-proc-mounts.patch @@ -0,0 +1,36 @@ +From 0ce5b22a45d675de6969f3f5e5d4565be0a2d2d1 Mon Sep 17 00:00:00 2001 +From: Ricky Zhou +Date: Sat, 11 Jul 2009 01:57:52 -0400 +Subject: [PATCH/puppet] Fix #1963 - Failing to read /proc/mounts for selinux kills file downloads + +This works around a linux kernel bug that causes a select() on +/proc/mounts to hang. +--- + lib/puppet/util/selinux.rb | 10 ++++++++-- + 1 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/lib/puppet/util/selinux.rb b/lib/puppet/util/selinux.rb +index cd3b2ac..dc5daec 100644 +--- a/lib/puppet/util/selinux.rb ++++ b/lib/puppet/util/selinux.rb +@@ -152,9 +152,15 @@ module Puppet::Util::SELinux + + # Internal helper function to read and parse /proc/mounts + def read_mounts ++ mounts = "" + begin +- mountfh = File.open("/proc/mounts", NONBLOCK) +- mounts = mountfh.read ++ mountfh = File.open("/proc/mounts") ++ # We use read_nonblock() in a loop rather than read() to work-around ++ # a linux kernel bug. See ticket #1963 for details. ++ while true ++ mounts += mountfh.read_nonblock(1024) ++ end ++ rescue EOFError + mountfh.close + rescue + return nil +-- +1.6.3.3 + diff --git a/puppet-0.24.8-rundir-perms.patch b/puppet-0.24.8-rundir-perms.patch new file mode 100644 index 0000000..d7205fe --- /dev/null +++ b/puppet-0.24.8-rundir-perms.patch @@ -0,0 +1,25 @@ +From f9ccc92662c53d9890e337d4e9f1629eb1ff650f Mon Sep 17 00:00:00 2001 +From: Jeroen van Meeuwen (Fedora Unity) +Date: Wed, 24 Jun 2009 15:19:01 +0200 +Subject: [PATCH/puppet 1/6] Simplest fix for #495096 as it applies to the Fedora based distributions using the Red Hat RPM. Story continues. + +--- + lib/puppet/defaults.rb | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb +index e36dd70..077faab 100644 +--- a/lib/puppet/defaults.rb ++++ b/lib/puppet/defaults.rb +@@ -68,7 +68,7 @@ module Puppet + }, + :rundir => { + :default => rundir, +- :mode => 01777, ++ :mode => 0755, + :desc => "Where Puppet PID files are kept." + }, + :genconfig => [false, +-- +1.6.3.3 + diff --git a/puppet-0.24.8-status-options.patch b/puppet-0.24.8-status-options.patch new file mode 100644 index 0000000..aad9ee5 --- /dev/null +++ b/puppet-0.24.8-status-options.patch @@ -0,0 +1,41 @@ +From ea04f2700ebdbac7c5abd263df1bbda9eee12097 Mon Sep 17 00:00:00 2001 +From: Todd Zullinger +Date: Fri, 3 Jul 2009 09:08:17 -0400 +Subject: [PATCH/puppet 1/2] conf/redhat/client.init: Fix #2123, status options on older RHEL + +On RHEL < 5, the status function does not accept a -p option. Using it +causes 'service puppet status' to produce erroneous output. This was +also reported by Aaron Dummer in Red Hat bug #501577. +--- + conf/redhat/client.init | 8 ++++++-- + 1 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/conf/redhat/client.init b/conf/redhat/client.init +index 44caab1..f40e81d 100644 +--- a/conf/redhat/client.init ++++ b/conf/redhat/client.init +@@ -62,6 +62,11 @@ restart() { + start + } + ++rh_status() { ++ status | grep -q -- '-p' 2>/dev/null && statusopts="-p $pidfile" ++ status $statusopts $puppetd ++} ++ + genconfig() { + echo -n $"Generate configuration puppet: " + $puppetd ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --genconfig +@@ -84,8 +89,7 @@ case "$1" in + [ -f "$pidfile" ] && restart + ;; + status) +- status -p "$pidfile" $puppetd +- RETVAL=$? ++ rh_status + ;; + once) + shift +-- +1.6.3.3 + diff --git a/puppet-0.24.8-supplementary-groups.patch b/puppet-0.24.8-supplementary-groups.patch new file mode 100644 index 0000000..42687da --- /dev/null +++ b/puppet-0.24.8-supplementary-groups.patch @@ -0,0 +1,74 @@ +From 2a401c6897af3abbc27dfaaf162556745267d6b2 Mon Sep 17 00:00:00 2001 +From: Jeroen van Meeuwen (Fedora Unity) +Date: Wed, 24 Jun 2009 15:30:19 +0200 +Subject: [PATCH/puppet 2/6] Support supplementary groups (Till Maas) + +--- + lib/puppet/util.rb | 5 +++-- + lib/puppet/util/suidmanager.rb | 11 ++++++++++- + 2 files changed, 13 insertions(+), 3 deletions(-) + +diff --git a/lib/puppet/util.rb b/lib/puppet/util.rb +index f8a8721..51a2a16 100644 +--- a/lib/puppet/util.rb ++++ b/lib/puppet/util.rb +@@ -58,10 +58,11 @@ module Util + end + unless Puppet::Util::SUIDManager.uid == user + begin ++ Puppet::Util::SUIDManager.initgroups(user) + Puppet::Util::SUIDManager.uid = user + Puppet::Util::SUIDManager.euid = user +- rescue +- $stderr.puts "could not change to user %s" % user ++ rescue => detail ++ $stderr.puts "could not change to user %s: %s" % [user, detail] + exit(74) + end + end +diff --git a/lib/puppet/util/suidmanager.rb b/lib/puppet/util/suidmanager.rb +index b071dca..9f6e3b6 100644 +--- a/lib/puppet/util/suidmanager.rb ++++ b/lib/puppet/util/suidmanager.rb +@@ -7,7 +7,7 @@ module Puppet::Util::SUIDManager + extend Forwardable + + to_delegate_to_process = [ :euid=, :euid, :egid=, :egid, +- :uid=, :uid, :gid=, :gid ] ++ :uid=, :uid, :gid=, :gid, :groups=, :groups ] + + to_delegate_to_process.each do |method| + def_delegator Process, method +@@ -26,13 +26,16 @@ module Puppet::Util::SUIDManager + # We set both because some programs like to drop privs, i.e. bash. + old_uid, old_gid = self.uid, self.gid + old_euid, old_egid = self.euid, self.egid ++ old_groups = self.groups + begin + self.egid = convert_xid :gid, new_gid if new_gid ++ self.initgroups(convert_xid(:uid, new_uid)) if new_uid + self.euid = convert_xid :uid, new_uid if new_uid + + yield + ensure + self.euid, self.egid = old_euid, old_egid ++ self.groups = old_groups + end + end + module_function :asuser +@@ -49,6 +52,12 @@ module Puppet::Util::SUIDManager + end + module_function :convert_xid + ++ # Initialize supplementary groups ++ def initgroups(user) ++ require 'etc' ++ Process.initgroups(Etc.getpwuid(user).name, Process.gid) ++ end ++ module_function :initgroups + + def run_and_capture(command, new_uid=nil, new_gid=nil) + output = Puppet::Util.execute(command, :failonfail => false, :uid => new_uid, :gid => new_gid) +-- +1.6.3.3 + diff --git a/puppet.spec b/puppet.spec index 4b25efc..d2cc5f7 100644 --- a/puppet.spec +++ b/puppet.spec @@ -1,13 +1,30 @@ +# Augeas and SELinux requirements may be disabled at build time by passing +# --without augeas and/or --without selinux to rpmbuild or mock + %{!?ruby_sitelibdir: %define ruby_sitelibdir %(ruby -rrbconfig -e 'puts Config::CONFIG["sitelibdir"]')} %define confdir conf/redhat Name: puppet Version: 0.24.8 -Release: 1%{?dist} +Release: 4%{?dist} Summary: A network tool for managing many disparate systems License: GPLv2+ URL: http://puppet.reductivelabs.com/ Source0: http://reductivelabs.com/downloads/puppet/%{name}-%{version}.tgz + +# https://bugzilla.redhat.com/495096 +Patch0: puppet-0.24.8-rundir-perms.patch +# https://bugzilla.redhat.com/475201 +Patch1: puppet-0.24.8-supplementary-groups.patch +# http://projects.reductivelabs.com/issues/1963 +Patch2: puppet-0.24.8-read-proc-mounts.patch +# https://bugzilla.redhat.com/501577 +Patch3: puppet-0.24.8-status-options.patch +# https://bugzilla.redhat.com/480600 +Patch4: puppet-0.24.8-condrestart.patch +# https://bugzilla.redhat.com/515728 +Patch5: puppet-0.24.8-activerecord-test.patch + Group: System Environment/Base BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -21,14 +38,19 @@ Requires: ruby(abi) = 1.8 Requires: ruby-shadow %endif -# Pull in libselinux-ruby where it is available -%if 0%{?fedora} >=9 -Requires: libselinux-ruby +# Pull in ruby selinux bindings where available +%if 0%{?fedora} +%if 0%{?fedora} >= 12 +%{!?_without_selinux:Requires: ruby(selinux)} +%else +%{!?_without_selinux:Requires: libselinux-ruby} +%endif %endif Requires: facter >= 1.5 Requires: ruby >= 1.8.1 -Requires: ruby-augeas +%{!?_without_augeas:Requires: ruby-augeas} + Requires(pre): shadow-utils Requires(post): chkconfig Requires(preun): chkconfig @@ -57,6 +79,15 @@ The server can also function as a certificate authority and file server. %prep %setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%if 0%{?fedora} >= 11 +%patch5 -p1 +%endif + # Move puppetca, puppetd, and puppetmasterd to sbin mkdir sbin mv bin/puppet{ca,d,masterd} sbin/ @@ -71,6 +102,7 @@ done for f in external/nagios.rb network/http_server/mongrel.rb relationship.rb; do sed -i -e '1d' lib/puppet/$f done +chmod +x ext/puppetstoredconfigclean.rb find examples/ -type f -empty | xargs rm find examples/ -type f | xargs chmod a-x @@ -82,7 +114,7 @@ ruby install.rb --destdir=%{buildroot} --quick --no-rdoc install -d -m0755 %{buildroot}%{_sysconfdir}/puppet/manifests install -d -m0755 %{buildroot}%{_localstatedir}/lib/puppet install -d -m0755 %{buildroot}%{_localstatedir}/run/puppet -install -d -m0755 %{buildroot}%{_localstatedir}/log/puppet +install -d -m0750 %{buildroot}%{_localstatedir}/log/puppet install -Dp -m0644 %{confdir}/client.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/puppet install -Dp -m0755 %{confdir}/client.init %{buildroot}%{_initrddir}/puppet install -Dp -m0644 %{confdir}/server.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/puppetmaster @@ -97,8 +129,26 @@ touch %{buildroot}%{_sysconfdir}/puppet/puppetmasterd.conf touch %{buildroot}%{_sysconfdir}/puppet/puppetca.conf touch %{buildroot}%{_sysconfdir}/puppet/puppetd.conf +# Install the ext/ directory to %{_datadir}/%{name} +install -d %{buildroot}%{_datadir}/%{name} +cp -a ext/ %{buildroot}%{_datadir}/%{name} +# emacs and vim bits are installed elsewhere +rm -rf %{buildroot}%{_datadir}/%{name}/ext/{emacs,vim} + +# Install emacs mode files +emacsdir=%{buildroot}%{_datadir}/emacs/site-lisp +install -Dp -m0644 ext/emacs/puppet-mode.el $emacsdir/puppet-mode.el +install -Dp -m0644 ext/emacs/puppet-mode-init.el \ + $emacsdir/site-start.d/puppet-mode-init.el + +# Install vim syntax files +vimdir=%{buildroot}%{_datadir}/vim/vimfiles +install -Dp -m0644 ext/vim/ftdetect/puppet.vim $vimdir/ftdetect/puppet.vim +install -Dp -m0644 ext/vim/syntax/puppet.vim $vimdir/syntax/puppet.vim + %files %defattr(-, root, root, 0755) +%doc CHANGELOG COPYING LICENSE README examples %{_bindir}/puppet %{_bindir}/ralsh %{_bindir}/filebucket @@ -111,8 +161,11 @@ touch %{buildroot}%{_sysconfdir}/puppet/puppetd.conf %config(noreplace) %{_sysconfdir}/sysconfig/puppet %config(noreplace) %{_sysconfdir}/puppet/puppet.conf %ghost %config(noreplace,missingok) %{_sysconfdir}/puppet/puppetd.conf -%doc CHANGELOG COPYING LICENSE README examples %config(noreplace) %{_sysconfdir}/logrotate.d/puppet +# We don't want to require emacs or vim, so we need to own these dirs +%{_datadir}/emacs +%{_datadir}/vim +%{_datadir}/%{name} # These need to be owned by puppet so the server can # write to them %attr(-, puppet, puppet) %{_localstatedir}/run/puppet @@ -184,6 +237,28 @@ fi rm -rf %{buildroot} %changelog +* Fri Aug 07 2009 Todd Zullinger - 0.24.8-4 +- Fix status -p handling on older RHEL (#501577) +- Fix condrestart when daemon's aren't running (#480600) +- Fix timeout reading /proc/mounts (upstream #1963) +- Fix permissions on /var/log/puppet (#495096) +- Fix rails test for activerecord-2.3 (#515728) + +* Sun Jul 26 2009 Fedora Release Engineering - 0.24.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Jun 24 2009 Jeroen van Meeuwen +- Fix permissions on /var/run/puppet/ (#495096) +- Support initializing supplementary groups (#1806, #475201, Till Maas) +- Own the correct vim directory +- Move ext/ outside of doc datadir (rpmlint) +- Require ruby(selinux) rather then libselinux-ruby (#507848) + +* Fri May 29 2009 Todd Zullinger - 0.24.8-2 +- Make Augeas and SELinux requirements build time options +- Install emacs mode and vim syntax files (#491437) +- Include ext/ directory in %%doc + * Mon Mar 23 2009 Todd Zullinger - 0.24.8-1 - Update to 0.24.8 - Quiet output from %%pre