Changeset 1190


Ignore:
Timestamp:
Feb 15, 2011, 11:46:55 AM (9 years ago)
Author:
Bruno Cornec
Message:
  • Fix bugs in sudoers generation (syntax issue)
  • Improve pb_get_sudocmds to remov duplicates, and take an additional list of commands to filter
  • Change pb_date2v interface to just return the line we want.
Location:
devel
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • devel/pb-modules/etc/pb.conf

    r1181 r1190  
    203203
    204204# Command to update the distribution to latest state
    205 osupd du = sudo apt-get update; export DEBIAN_FRONTEND="noninteractive"; apt-get --quiet -y --force-yes dist-upgrade
     205osupd du = sudo /usr/bin/apt-get update; export DEBIAN_FRONTEND="noninteractive"; /usr/bin/apt-get --quiet -y --force-yes dist-upgrade
    206206osupd gen = sudo emerge --update --deep world; sudo revdep-rebuild
    207207osupd rpm = sudo /usr/bin/yum clean all; sudo /usr/bin/yum -y update
     
    213213# Chaining the commands allow to only test for what is able to be installed,
    214214# not the update of the repo which may well be unaccessible if too old
    215 osins du = sudo apt-get update ; sudo apt-get -y install
     215osins du = sudo /usr/bin/apt-get update ; sudo /usr/bin/apt-get -y install
    216216osins gen = sudo emerge
    217217osins rpm = sudo /usr/bin/yum clean all; sudo /usr/bin/yum -y update ; sudo /usr/bin/yum -y install
  • devel/pb/bin/pb

    r1189 r1190  
    24052405my $upddate = strftime("%m%d%H%M%Y", @date);
    24062406my $dateline = "sudo /bin/date $upddate";
    2407 return($ntpline,$dateline);
     2407if (defined $ntpline) {
     2408    return($ntpline);
     2409} else {
     2410    return($dateline);
     2411}
    24082412}
    24092413
     
    24692473    }
    24702474
    2471     my ($ntpline,$dateline) = pb_date2v($vtype,$v);
     2475    my $ntpline = pb_date2v($vtype,$v);
    24722476    print SCRIPT "# Time sync\n";
    24732477    print SCRIPT "echo 'setting up date with '";
    2474     if (defined $ntpline) {
    2475         print SCRIPT "echo $ntpline\n";
    2476         print SCRIPT "$ntpline\n";
    2477     } else {
    2478         print SCRIPT "echo $dateline\n";
    2479         print SCRIPT "$dateline\n";
    2480     }
     2478    print SCRIPT "echo $ntpline\n";
     2479    print SCRIPT "$ntpline\n";
    24812480    # Use potential local proxy declaration in case we need it to download repo, pkgs, ...
    24822481    if (defined $ENV{'http_proxy'}) {
     
    27192718
    27202719    # Deal with date sync.
    2721     my ($ntpline,$dateline) = pb_date2v($vtype,$v);
     2720    my $ntpline = pb_date2v($vtype,$v);
    27222721
    27232722    # Get distro context
     
    27952794    }
    27962795
    2797 if ($vtype =~ /(v|r)m/) {
     2796    if ($vtype =~ /(v|r)m/) {
    27982797        print SCRIPT << 'EOF';
    27992798# Removes duplicate in .ssh/authorized_keys of our key if needed
     
    28172816chmod 0600,\$file1;
    28182817
    2819 # Sync date
    2820 EOF
    2821         if (defined $ntpline) {
    2822             print SCRIPT "pb_system(\"$ntpline\");\n";
    2823         } else {
    2824             print SCRIPT "pb_system(\"$dateline\");\n";
    2825         }
     2818EOF
    28262819    }
    28272820    print SCRIPT << 'EOF';
     
    29432936while (<PBFILE>) {
    29442937EOF
     2938    # Skip what will be generated
    29452939    print SCRIPT << "EOF";
    2946     next if (/^$pbac->{$ENV{'PBPROJ'}}   /);
     2940    next if (/^$pbac->{$ENV{'PBPROJ'}}\\s+/);
     2941    next if (/^Defaults:$pbac->{$ENV{'PBPROJ'}}\\s+/);
     2942    next if (/^Defaults:root \!requiretty/);
    29472943EOF
    29482944    print SCRIPT << 'EOF';
     
    29612957    # Try to restrict security to what is really needed
    29622958    if ($vtype =~ /^vm/) {
    2963         my @sudocmds = pb_get_sudocmds($pbos);
    29642959        my $hpath = "/sbin";
     2960        # TODO: make that an external variable !
    29652961        # Solaris has halt elsewhere
    29662962        if ($pbos->{'type'} eq "pkg") {
    29672963            $hpath = "/usr/sbin";
    29682964        }
     2965        my @sudocmds = pb_get_sudocmds($pbos,$ntpline,"$hpath/halt");
    29692966        print SCRIPT << "EOF";
    29702967# This is needed in order to be able on VM to halt the machine from the $pbac->{$ENV{'PBPROJ'}} account at least
    29712968# Build account $pbac->{$ENV{'PBPROJ'}} in VM also needs to setup date and install deps.
    29722969# Nothing else should be needed
    2973 print PBOUT "$pbac->{$ENV{'PBPROJ'}}   localhost=NOPASSWD:$hpath/halt\n";
    29742970EOF
    29752971        foreach my $c (@sudocmds) {
    2976             print SCRIPT "print PBOUT \"$pbac->{$ENV{'PBPROJ'}}   localhost=NOPASSWD:$c\n\";";
     2972            print SCRIPT "print PBOUT \"$pbac->{$ENV{'PBPROJ'}}   localhost = NOPASSWD: $c\n\";";
    29772973        }
    29782974    } elsif ($vtype =~ /^rm/) {
    2979         my @sudocmds = pb_get_sudocmds($pbos);
     2975        my @sudocmds = pb_get_sudocmds($pbos,$ntpline);
    29802976        print SCRIPT << "EOF";
    29812977# Build account $pbac->{$ENV{'PBPROJ'}} in RM only needs to setup date and install deps if needed each time
    29822978EOF
    29832979        foreach my $c (@sudocmds) {
    2984             print SCRIPT "print PBOUT \"$pbac->{$ENV{'PBPROJ'}}   localhost=NOPASSWD:$c\n\";";
     2980            print SCRIPT "print PBOUT \"$pbac->{$ENV{'PBPROJ'}}   localhost = NOPASSWD: $c\n\";";
    29852981        }
    29862982    } else {
     
    29972993EOF
    29982994
     2995    if ($vtype =~ /(v|r)m/) {
     2996        # Sync date
     2997        # do it after sudoers is setup
     2998        print SCRIPT "pb_system(\"$ntpline\");\n";
     2999    }
    29993000    # We may need a proxy configuration. Get it from the local env
    30003001
     
    37623763       
    37633764my $pbos = shift;
    3764 my @sudocmds;
    3765 
    3766 foreach my $c (split(/;/,$pbos->{'update'}),split(/;/,$pbos->{'install'})) {
     3765my @lines = shift;
     3766my %sudocmds;
     3767
     3768foreach my $c (split(/;/,$pbos->{'update'}),split(/;/,$pbos->{'install'}),@lines) {
    37673769    next if ($c !~ /^sudo/);
    3768     $c =~ s/^sudo[ \t]+//;
    3769     push @sudocmds,$c;
    3770 }
    3771 pb_log(2,"pb_get_sudcomds returns ".Dumper(@sudocmds)."\n");
    3772 return(@sudocmds);
     3770    $c =~ s/^sudo\s+//;
     3771    $c =~ s/^\s+//;
     3772    $c =~ s/\s+$//;
     3773    $sudocmds{$c} = "";
     3774}
     3775pb_log(2,"pb_get_sudcomds returns ".Dumper(%sudocmds)."\n");
     3776return(keys %sudocmds);
    37733777}
    37743778
Note: See TracChangeset for help on using the changeset viewer.