diff options
author | Colin Guthrie <colin@mageia.org> | 2012-02-16 14:37:20 +0000 |
---|---|---|
committer | Colin Guthrie <colin@mageia.org> | 2012-02-16 14:37:20 +0000 |
commit | 0b388682796677bb8f508f7e18f43b8cda003b8f (patch) | |
tree | 28f14b5c853dff1171c66142fded6101d1ea0c66 /trunk | |
parent | bd15ccffc636ff060e4f1d77dcf59fcd584fa8c8 (diff) | |
download | rpm-helper-0.24.6.tar rpm-helper-0.24.6.tar.gz rpm-helper-0.24.6.tar.bz2 rpm-helper-0.24.6.tar.xz rpm-helper-0.24.6.zip |
version 0.24.6v0.24.6
Diffstat (limited to 'trunk')
-rw-r--r-- | trunk/.cvsignore | 1 | ||||
-rw-r--r-- | trunk/AUTHORS | 4 | ||||
-rw-r--r-- | trunk/COPYING | 340 | ||||
-rw-r--r-- | trunk/Makefile | 69 | ||||
-rw-r--r-- | trunk/NEWS | 137 | ||||
-rw-r--r-- | trunk/README | 59 | ||||
-rw-r--r-- | trunk/README.systemd | 8 | ||||
-rwxr-xr-x | trunk/add-group | 44 | ||||
-rwxr-xr-x | trunk/add-service | 265 | ||||
-rwxr-xr-x | trunk/add-shell | 34 | ||||
-rwxr-xr-x | trunk/add-syslog | 167 | ||||
-rwxr-xr-x | trunk/add-user | 31 | ||||
-rwxr-xr-x | trunk/add-webapp | 15 | ||||
-rwxr-xr-x | trunk/create-file | 31 | ||||
-rwxr-xr-x | trunk/create-ssl-certificate | 74 | ||||
-rwxr-xr-x | trunk/del-group | 24 | ||||
-rwxr-xr-x | trunk/del-service | 92 | ||||
-rwxr-xr-x | trunk/del-shell | 37 | ||||
-rwxr-xr-x | trunk/del-syslog | 74 | ||||
-rwxr-xr-x | trunk/del-user | 22 | ||||
-rwxr-xr-x | trunk/del-webapp | 23 | ||||
-rwxr-xr-x | trunk/get-password | 11 | ||||
-rw-r--r-- | trunk/migrate-service | 53 | ||||
-rwxr-xr-x | trunk/postun-unit | 40 | ||||
-rwxr-xr-x | trunk/reread-services | 31 | ||||
-rw-r--r-- | trunk/rpm-helper.macros.in | 87 | ||||
-rw-r--r-- | trunk/ssl | 12 | ||||
-rwxr-xr-x | trunk/t/add-syslog.t | 108 | ||||
-rwxr-xr-x | trunk/verify-shell | 31 |
29 files changed, 1924 insertions, 0 deletions
diff --git a/trunk/.cvsignore b/trunk/.cvsignore new file mode 100644 index 0000000..9adf581 --- /dev/null +++ b/trunk/.cvsignore @@ -0,0 +1 @@ +*.tar.bz2 diff --git a/trunk/AUTHORS b/trunk/AUTHORS new file mode 100644 index 0000000..a0e7ac2 --- /dev/null +++ b/trunk/AUTHORS @@ -0,0 +1,4 @@ +Frédéric Lepied <flepied@mandriva.com> +Herton Ronaldo Krzesinski <herton@mandriva.com> +Thierry Vignaud <tvignaud@mandriva.com> +Guillaume Rousse <guillomovitch@mandriva.org> diff --git a/trunk/COPYING b/trunk/COPYING new file mode 100644 index 0000000..d60c31a --- /dev/null +++ b/trunk/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/trunk/Makefile b/trunk/Makefile new file mode 100644 index 0000000..b5b8efb --- /dev/null +++ b/trunk/Makefile @@ -0,0 +1,69 @@ +PACKAGE = rpm-helper +VERSION = 0.24.6 +SVNPATH = svn+ssh://svn.mageia.org/svn/soft/rpm/$(PACKAGE) + +SCRIPT_FILES = add-user del-user create-file \ + add-service del-service reread-services \ + add-group del-group add-shell del-shell verify-shell \ + add-syslog del-syslog add-webapp del-webapp \ + get-password create-ssl-certificate \ + migrate-service postun-unit +MACROS_FILES = rpm-helper.macros +CONF_FILES = ssl +TEST_FILES = t/*.t +SYSTEMDMIGRATION_FILES = README.systemd +FILES = AUTHORS README COPYING NEWS Makefile \ + $(SCRIPT_FILES) $(MACROS_FILES:=.in) $(CONF_FILES) \ + $(TEST_FILES) $(SYSTEMDMIGRATION_FILES) + +pkgdatadir = /usr/share/$(PACKAGE) +rpmmacrosdir = /etc/rpm/macros.d +sysconfigdir = /etc/sysconfig +systemdmigrationdir = /var/lib/rpm-helper/systemd-migration + +all: + @echo "use make install or make dist" + +install: $(MACROS_FILES) + install -d -m 755 $(DESTDIR)$(pkgdatadir) + cp -p $(SCRIPT_FILES) $(DESTDIR)$(pkgdatadir) + install -d -m 755 $(DESTDIR)$(rpmmacrosdir) + install -m 644 $(MACROS_FILES) $(DESTDIR)/$(rpmmacrosdir) + install -d -m 755 $(DESTDIR)$(sysconfigdir) + install -m 644 $(CONF_FILES) $(DESTDIR)/$(sysconfigdir) + install -d -m 755 $(DESTDIR)$(systemdmigrationdir) + install -m 644 $(SYSTEMDMIGRATION_FILES) $(DESTDIR)/$(systemdmigrationdir) + +rpm-helper.macros: rpm-helper.macros.in + sed -e 's:@pkgdatadir@:$(pkgdatadir):' < $< > $@ + +clean: + rm -f *~ + +test: + perl -I t -MExtUtils::Command::MM -e "test_harness($(TEST_VERBOSE))" $(TEST_FILES) + +# rules to build a local distribution + +localdist: cleandist dir localcopy tar + +cleandist: clean + rm -rf $(PACKAGE)-$(VERSION) $(PACKAGE)-$(VERSION).tar.bz2 + +dir: + mkdir $(PACKAGE)-$(VERSION) + +localcopy: + tar c $(FILES) | tar x -C $(PACKAGE)-$(VERSION) + +tar: + tar cvf $(PACKAGE)-$(VERSION).tar $(PACKAGE)-$(VERSION) + bzip2 -9vf $(PACKAGE)-$(VERSION).tar + rm -rf $(PACKAGE)-$(VERSION) + +# rules to build a public distribution + +dist: cleandist dir localcopy tar svntag + +svntag: + svn cp -m 'version $(VERSION)' $(SVNPATH)/trunk $(SVNPATH)/tags/v$(VERSION) diff --git a/trunk/NEWS b/trunk/NEWS new file mode 100644 index 0000000..8741d41 --- /dev/null +++ b/trunk/NEWS @@ -0,0 +1,137 @@ +2012-02-16 Colin Guthrie <colin@mageia.org> 0.24.6 + * silent enable/disable services + * migrate service enabled/disabled status from sysvinit to systemd + on upgrade + +2011-11-03 D Morgan <dmorgan@mageia.org> 0.24.5 + * add support for systemd .path files + +2011-11-03 Colin Guthrie <colin@mageia.org> 0.24.4 + * fix up missing file in the Makefile + +2011-11-03 Colin Guthrie <colin@mageia.org> 0.24.3 + * normalise systemd unit names when created from sysvinit service name + to ensure symlinked units are not used to enable/disable services + * add a new helper to reload systemd (reread unit files) on %postun + +2011-10-30 Colin Guthrie <colin@mageia.org> 0.24.2 + * change how systemd units are passed to the helper to synthesise + the name from the sysvinit name. + * use the correct init system tool to start/stop services based on + which is running + * several code tidyups + +2011-03-07 Andrey Borzenkov <arvidjaar@gmail.com> 0.23.7 + * avoid reloading systemd twice with new chkconfig + +2011-01-25 Eugeni Dodonov <eugeni@mandriva.com 0.23.6 + * fix typo in del-service which made scriplet fail + +2011-01-25 Eugeni Dodonov <eugeni@mandriva.com 0.23.5 + * fix typo in add-service which made scriplet fail + +2011-01-25 nanardon <nanardon@mandriva.org> 0.23.4 + * make add/del-syslog code more generic + * Reload systemd daemon when removing services. + +2011-01-23 Eugeni Dodonov <eugeni@mandriva.com> 0.23.3 + * fix typo in services removal (#62278) + +2011-01-23 Eugeni Dodonov <eugeni@mandriva.com> 0.23.2 + * add systemd support for services addition/removal (#62278) + +2010-05-29 Guillaume Rousse <guillomovitch@mandriva.org> 0.23.1 + * force group creation when creating user, whatever /etc/login.defs + says, to ensure expected group ownership (fix #59327) + +2010-02-04 Guillaume Rousse <guillomovitch@mandriva.org> 0.23.0 + * drop ugly workaround from release 0.21.4, various services should + have been fixed now (#52313) + * change {add,del}_syslog behaviour to only deal with default + syslog implementation for current release + * change {add,del}_syslog interface to make facility argument + mandatory, instead of computing a free one if not given + +2009-10-30 Olivier Blin <blino@mandriva.com> 0.22.2 + * do not stop service during install + (or else shorewall will be stopped because moved in another + package, making the install hang for a while) + +2009-03-30 Guillaume Rousse <guillomovitch@mandriva.org> 0.22.1 + * fix stupid typos in user/group creation scriptlets + +2009-03-29 Guillaume Rousse <guillomovitch@mandriva.org> 0.22.0 + * do not silent stderr output (#48851) + * test user/group existence before creating them + * do not bypass certificate creation on package update, but + if key file already exists + +2008-04-02 Pixel <pixel@mandriva.com> 0.21.4 + * workaround services "disabled" by default getting disabled on + upgrade (#39720) + +2008-03-14 Guillaume Rousse <guillomovitch@mandriva.org> 0.21.3 + * fix error in syslog-ng helper, and avoid spurious error + messages in output + +2008-02-14 Guillaume Rousse <guillomovitch@mandriva.org> 0.21.2 + * fix %_create-ssl-certificate args _correctly_ + +2008-02-05 Guillaume Rousse <guillomovitch@mandriva.org> 0.21.1 + * fix %_create-ssl-certificate args + +2008-01-27 Guillaume Rousse <guillomovitch@mandriva.org> 0.21.0 + * ssl certificate creation helper: + - rename macro to %_create-ssl-certificate, by + consistency with all other macros (except %create_ghost_file) + - change its interface to use switches for optional args + - use service name for certificate file, not package name + * document all helper macros in README + +2007-09-06 Guillaume Rousse <guillomovitch@mandriva.org> 0.20.0 + * ship a default configuration file for ssl certificate creation helpe + +2007-09-05 Guillaume Rousse <guillomovitch@mandriva.org> 0.19.2 + * ship a default configuration file for ssl certificate creation helpe + +2007-08-17 Guillaume Rousse <guillomovitch@mandriva.org> 0.19.1 + * fix usage of ssl certificate creation helper without 3rd argument + * allow local certificate configuration + +2007-06-29 Guillaume Rousse <guillomovitch@mandriva.org> 0.19.0 + * new ssl certificate creation helper + * renamed ChangeLog to NEWS + +2007-05-08 Herton Ronaldo Krzesinski <herton@mandriva.com> 0.18.5 + + * fixed deprecated chown syntax inside create-file and del-shell + usage inside rpm-helper.macros.in, reported by Vincent Danen on + ticket #30568 + * fixed my entry in AUTHORS file + +2007-03-07 Guillaume Rousse <guillomovitch@mandriva.org> 0.18.4 + + * revert to previous name for %create_ghostfile, as my attempt to + achieve compatibility failed + +2007-03-06 Guillaume Rousse <guillomovitch@mandriva.org> 0.18.3 + + * prefix all rpm macros with underscore for coherency + * really fix macros definitions, so as to be executed at installation, + not during build + * search for local pattern at the beginning of line in syslog.conf + * README files cleanup + * switch to a manual Changelog + +2007-03-05 Guillaume Rousse <guillomovitch@mandriva.org> 0.18.2 + + * fix rpm macros definitions + +2007-03-05 Guillaume Rousse <guillomovitch@mandriva.org> 0.18.1 + + * fix a typo in makefile preventing installation + +2007-03-05 Guillaume Rousse <guillomovitch@mandriva.org> 0.18 + + * new helper scripts: get-free-syslog-facility and get-password + * Makefile cleanup diff --git a/trunk/README b/trunk/README new file mode 100644 index 0000000..6988331 --- /dev/null +++ b/trunk/README @@ -0,0 +1,59 @@ +rpm-helper is a set of helper scripts to be executed at package installation +time. They are invocated through rpm macros. Here is a list of them, along with +their usage instructions. +rpm-helper is a set of scripts called by rpm scriptlets. + +%_get_password <length> +Return a random password from given length (default 8). + +%create_ghostfile <file> <owner> <group> <mode> +Create an empty file, with given owner, group and mode. + +%_create_ssl_certificate <name> [-g <group>] [-b] +Create a ssl key and certificate pair with given name under /etc/pki/tls. +Optional arguments: +-b: concatenate certificate with the key file (bundle mode) +-g: ensure key is readable by given group + +%_post_service <service> +Add given service to boot sequence, by running chkconfig --add on it. + +%_preun_service <service> +Remove given service from boot sequence, by running chkconfig --del on it. + +%_pre_useradd <name> <homedir> <shell> +Add given user, with given homedir and shell. + +%_postun_userdel <name> +Does nothing currently. + +%_pre_groupadd <group> [user1,user2,...] +Add given group, with optional list of coma-separated users as members. + +%_postun_groupdel <group> +Does nothing currently. + +%_post_shelladd <shell> +Add given shell to the list of available system shells. + +%_preun_shelldel <shell> +Remove given shell from the list of available system shells. + +%_post_syslogadd <destination> [-s <source>] [-f <facility>] [-m <min>] [-M <max>] +Add a syslog entry, with given destination (usually a log file), and returns +used facility. Support sysklogd and syslog-ng. +Optional arguments: +-s: ensure given source (usually /dev/log) is readable by syslog daemon. +-f: use given facility (otherwise first available local one is used). +-m: use given minimal priority. +-M: use given maximal priority. + +%_preun_syslogdel +Delete syslog entry created by previous macro. Support sysklogd and syslog-ng. + +%_post_webapp +Handle apache configuration reloading if needed when adding a web application. + +%_postun_webapp +Handle apache configuration reloading if needed when removing a web application. +Comments and new scripts welcome. diff --git a/trunk/README.systemd b/trunk/README.systemd new file mode 100644 index 0000000..db76ef8 --- /dev/null +++ b/trunk/README.systemd @@ -0,0 +1,8 @@ +This folder is used to track systemd migration. + +When you install an updated package that contains a native systemd unit which +supersedes the legacy sysvinit script, the fact that the service is enabled or +not must be migrated to the systemd way of doing things. + +This folder is simply a place to store a note of which services have been +migrated, such that the process is not repeated on subsequent package updates. diff --git a/trunk/add-group b/trunk/add-group new file mode 100755 index 0000000..603466e --- /dev/null +++ b/trunk/add-group @@ -0,0 +1,44 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : add-group +# Version : $Id$ +# Author : Frederic Lepied +# Created On : Mon Jul 29 15:07:28 2002 +# Purpose : helper script for rpm scriptlets to add a +# system group. +#--------------------------------------------------------------- + +if [ $# -lt 3 ]; then + echo "usage: $0 <pkg name> <num installed> <group name> [<user1>,<user2>...]" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +name=$3 # name of the group +users=$4 # users to add to this group + +if ! getent group $name > /dev/null 2>&1; then + /usr/sbin/groupadd -r $name > /dev/null + + if [ -n "$users" ]; then + SAVED_IFS="$IFS" + export IFS="$IFS", + set $users + IFS="$SAVED_IFS" + + for u in $*; do + old=`egrep "[:,]$u(,|$)" /etc/group | cut -d : -f 1 | xargs echo` + if [ -n "$old" ]; then + old=`echo ",$old" | sed 's/ /,/g'` + fi + /usr/sbin/usermod -G $name$old $u > /dev/null + done + fi +fi + +exit 0 + +# add-group ends here diff --git a/trunk/add-service b/trunk/add-service new file mode 100755 index 0000000..bd51d86 --- /dev/null +++ b/trunk/add-service @@ -0,0 +1,265 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : add-service +# Version : $Id$ +# Authors : Frederic Lepied, Andrey Borzenkov +# Created On : Mon Jul 8 08:14:34 2002 +# Purpose : helper script for rpm scriptlets to add a +# service. +#--------------------------------------------------------------- + +if [ x$1 = x--no-sysv ]; then + do_sysv=no + shift +else + do_sysv=yes +fi + +if [ $# -lt 3 ]; then + echo "usage: $0 [--no-sysv] <pkg name> <number installed> [<service name>] [<unit name> ...]" 1>&2 + exit 1 +fi + +# What init system are we currently using? +if /bin/mountpoint -q /sys/fs/cgroup/systemd; then + init=systemd +else + init=sysvinit +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +if [ $do_sysv = yes ]; then + srv=$3 # name of the SysV script + shift 3 +else + srv= + shift 2 +fi +units="$*" # systemd units +units_to_enable= # units enabled by msec +systemd_migration_dir=/var/lib/rpm-helper/systemd-migration +mkdir -p "${systemd_migration_dir}" + +SYSTEMUNITDIR=/lib/systemd/system +USERUNITDIR=/etc/systemd/system +RUNTIMEUNITDIR=/run/systemd/system + +find_unit() { + unit=$(basename $1) + + # We need to normalise the systemd unit name as the native unit may not have + # the same filename (sans it's .service suffix) as sysvinit script. + # In this case, symlinks are used to mask the sysvinit file, but for enabling + # and disabling units we must use the official name. + + searchunit= + if [ -f "$SYSTEMUNITDIR/$unit" ]; then + if [ -L "$SYSTEMUNITDIR/$unit" ]; then + searchunit=$(/usr/bin/readlink "$SYSTEMUNITDIR/$unit") + else + searchunit="$SYSTEMUNITDIR/$unit" + fi + elif [ -f "$USERUNITDIR/$unit" ]; then + if [ -L "$USERUNITDIR/$unit" ]; then + searchunit=$(/usr/bin/readlink "$USERUNITDIR/$unit") + else + searchunit="$USERUNITDIR/$unit" + fi + elif [ -f "$RUNTIMEUNITDIR/$unit" ]; then + if [ -L "$RUNTIMEUNITDIR/$unit" ]; then + searchunit=$(/usr/bin/readlink "$RUNTIMEUNITDIR/$unit") + else + searchunit="$RUNTIMEUNITDIR/$unit" + fi + fi + if [ -n "$searchunit" ]; then + echo -n $searchunit + fi +} + + +# If only a sysvinit service is given, then deal with a systemd unit of the same +# name. Specific specs can enable specific unit names as needed but this should +# catch the most common usage. +if [ -z "$units" ]; then + units="$srv.service" + searchunit=$(find_unit $units) + if [ -n "$searchunit" ]; then + units=$(basename $searchunit) + fi +fi + +add_service() { + # Add the service + if [ -r /etc/sysconfig/msec ]; then + . /etc/sysconfig/msec + fi + + # High security: add only authorized services + LIST=/etc/security/msec/server + + # during the install the symlink isn't done so find the right file + # by ourselves + if [ -n "$DURING_INSTALL" -a ! -f $LIST ]; then + LIST=/etc/security/msec/server.$SECURE_LEVEL + fi + + # This is half-hearted support for msec: we check "srv" for a unit + # with name "srv.service". This should account for most(?) common + # case when SysV script srv is replaced by single unit srv.service + # If SysV name was supplied, we assume units are equivalent and do + # not need to be checked. + # TODO should msec support full unit name? + if [ -f $LIST ]; then + if [ -n "$srv" ]; then + if fgrep -qx "${srv}" $LIST; then + units_to_enable="$units" + else + srv= + fi + else + for i in $units; do + [ $i != ${i%.service} ] && ! fgrep -qx ${i%.service} $LIST && continue + [ $i != ${i%.socket} ] && ! fgrep -qx ${i%.socket} $LIST && continue + [ $i != ${i%.path} ] && ! fgrep -qx ${i%.path} $LIST && continue + units_to_enable="$units_to_enable $i" + done + fi + else + units_to_enable="$units" + fi + + # Actually do enable/disable foo + if [ -n "$units_to_enable" ]; then + /bin/systemctl --quiet enable $units_to_enable >/dev/null + fi + + # When no native systemd unit exists, the above command will actually + # just end up running chkconfig anyway, but if a native systemd unit exists + # the legacy init script will not be enabled. + # In order to enable switching back ot sysvinit, we should enable the + # sysvinit scripts too. + if [ -n "$srv" -a -f /etc/rc.d/init.d/$srv ]; then + /sbin/chkconfig --add $srv + + if [ -r /etc/sysconfig/system ]; then + . /etc/sysconfig/system + fi + + # TODO what to do with system units here? + if [ -z "$ADD_SERVICES_TO_CURRENT_PROFILE_ONLY" ]; then + # add the service to all the profiles at once + if [ -d /etc/netprofile/profiles/default/services ]; then + for dir in /etc/netprofile/profiles/*/services; do + touch $dir/$srv + done + fi + fi + fi +} + +check_sysvinit_service() { + rl=$1 + srv=$2 + + set -- /etc/rc${rl}.d/S??$srv + if [ $# -gt 1 ]; then + echo 1>&2 "add-service: Error: $srv appears multiple times at runlevel $rl: $*" + fi + + echo -n $1 +} +if [ $num = 1 ]; then + # First install mode + add_service +else + # Upgrade mode. + + # Handle migration to systemd. + # If a previously installed package only had a sysvinit script, but an + # updated package has a native systemd unit, we need to make sure we migrate + # any service enablement for various targets (née runlevels) + if [ -n "$srv" -a -n "$units" ]; then + if [ ! -f "${systemd_migration_dir}/$srv" ]; then + full_path_units= + for unit in $units; do + # We need a full path for the symlink. Also it's possible + # that $unit contains "foo.service" where foo is actually + # a sysvinit script and thus we'll not have anything native. + # We only consider a "migration" to have taken place when + # we genuinely have a native systemd unit. + unit=$(find_unit $unit) + if [ -n "$unit" ]; then + full_path_units="$full_path_units $unit" + fi + done + + if [ -n "$full_path_units" ]; then + enable_targets= + # We have not yet migrated this service + # First we check in which runlevels the legacy service is enabled + # Only bother checking runlevels 1 3 and 5 + script=$(check_sysvinit_service 1 $srv) + + # NB We only check that the link exists as the old sysvinit + # script may have been removed during migration to systemd + # native unit. + if [ -L "$script" ]; then + enable_targets="$enable_targets rescue.target" + fi + + script=$(check_sysvinit_service 3 $srv) + if [ -L "$script" ]; then + enable_targets="$enable_targets multi-user.target" + else + # As graphical.target includes everything in multi-user.target, + # we only need to check 5 when 3 does NOT give us a result. + script=$(check_sysvinit_service 5 $srv) + if [ -L "$script" ]; then + enable_targets="$enable_targets graphical.target" + fi + fi + + if [ -n "$enable_targets" ]; then + for enable_target in $enable_targets; do + wantsdir=$USERUNITDIR/${enable_target}.wants + mkdir -p $wantsdir + for unit in $full_path_units; do + if [ ! -f $wantsdir/$(basename $unit) ]; then + echo 1>&2 "Migrating sysvinit service '$srv' to systemd native unit '$(basename $unit)' for target '${enable_target}'" + ln -s $unit $wantsdir/$(basename $unit) + fi + done + done + if [ x$init = xsystemd ]; then + /bin/systemctl --system daemon-reload + fi + fi + + # It could be that a package is installed but not enabled. + # If that is the case, we should still consider it "migrated" + # even when we do not enable anything. + touch "${systemd_migration_dir}/$srv" + fi + fi + fi + + if [ x$init = xsystemd ]; then + /bin/systemctl --quiet try-restart $units + elif [ -f /etc/rc.d/init.d/$srv ]; then + script=$(check_sysvinit_service 3 $srv); + if [ -f "$script" ]; then + /sbin/chkconfig --add $srv + fi + + # restart the service if already running + if [ -f /var/lock/subsys/$srv ]; then + /sbin/service $srv restart > /dev/null || : + fi + fi +fi + +# add-service ends here diff --git a/trunk/add-shell b/trunk/add-shell new file mode 100755 index 0000000..2949063 --- /dev/null +++ b/trunk/add-shell @@ -0,0 +1,34 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : add-shell +# Version : $Id$ +# Author : Thierry Vignaud +# Created On : Tue Nov 5 13:52:20 2002 +# Purpose : helper script for rpm scriptlets to add a +# shell from /etc/shells +#--------------------------------------------------------------- + +if [ $# != 3 ]; then + echo "usage: $0 <pkg name> <number installed> <shell name>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +shl=$3 # name of the shell + +CFG_FILE=/etc/shells + +# Create $CFG_FILE if needed +if [ ! -f $CFG_FILE ]; then + > $CFG_FILE +fi + +if ! grep -q "^$shl$" $CFG_FILE; then + (cat $CFG_FILE; echo "$shl") | sort | uniq > $CFG_FILE.new + mv -f $CFG_FILE.new $CFG_FILE +fi + +exit 0 diff --git a/trunk/add-syslog b/trunk/add-syslog new file mode 100755 index 0000000..50cec83 --- /dev/null +++ b/trunk/add-syslog @@ -0,0 +1,167 @@ +#!/usr/bin/perl +# rpm helper scriptlet to add an entry into default syslog implementation +# $Id$ +use Getopt::Std; +use strict; + +my @facilities = qw/auth authpriv cron daemon \ + kern lpr mail mark news syslog \ + user uucp local0 local1 local2 \ + local3 local4 local5 local6 local7/; +my %facilities = map { $_ => 1 } @facilities; +my @priorities = qw/debug info notice warning err crit alert emerg/; +my $i; +my %priorities = map { $_ => $i++ } @priorities; + +main(@ARGV) unless caller(); + +sub main { + my %opts = ( + s => '/dev/log', + m => 'debug', + M => 'emerg' + ); + getopts('s:m:M:', \%opts); + my ($source, $min, $max) = @opts{qw/s m M/}; + + die <<EOF if @ARGV < 4; +usage: $0 [options] <pkg> <nb> <facility> <dest> +Available options: +-s <source> source (default: /dev/log) +-m <priority> min priority (default: debug) +-M <priority> max priority (default: emerg) +EOF + my ($package, $number, $dest, $facility) = @ARGV; + + # don't do anything for upgrade + exit(0) if $number == 2; + + # check arguments + die "invalid facility '$facility'" if $facility && !$facilities{$facility}; + + die "invalid min priority '$min'" if $min && ! defined $priorities{$min}; + die "invalid max priority '$max'" if $max && ! defined $priorities{$max}; + die "maximum priority '$max' lower than minimum priority '$min'" + if $min && $max && ($priorities{$max} < $priorities{$min}); + + my $release_file = '/etc/release'; + open(my $fh, '<', $release_file) + or die "can't open $release_file: $!"; + my $line = <$fh>; + $line =~ /^Mageia release (\d\d\d\d\.\d)/; + my $release = $1; + close($fh); + + # add an entry to default syslog implementation, if installed + add_rsyslog_entry($package, $source, $dest, $facility, $min, $max) + if -f '/etc/init.d/rsyslog'; +} + +sub add_sysklogd_entry { + my ($package, $source, $dest, $facility, $min, $max) = @_; + + # ensure source is configured + add_new_source($source, '/etc/sysconfig/syslog') + if $source ne '/dev/log'; + + # compute selector + my $selector = get_selector($facility, $min, $max); + + # compute spacing to keep default configuration file formatting + my $tabs = length($selector) < 48 ? + ((48 - length($selector)) / 8) : + 1; + + # append entry + open(my $out, '>>', '/etc/syslog.conf') + or die "Can't open /etc/syslog.conf for appending: $!"; + print $out "# BEGIN: Automatically added by $package installation\n"; + print $out "$selector" . ("\t" x $tabs) . "-$dest\n"; + print $out "# END\n"; + close($out); + + # relaunch syslog + system('service syslog condrestart 2>&1 >/dev/null'); +} + +sub add_rsyslog_entry { + my ($package, $source, $dest, $facility, $min, $max) = @_; + + # compute selector + my $selector = get_selector($facility, $min, $max); + + # append entry + open(my $out, '>', "/etc/rsyslog.d/$package.conf") + or die "Can't open /etc/rsyslog.d/$package.conf for writing: $!"; + print $out "# Automatically added by $package installation\n"; + print $out "\$AddUnixListenSocket $source\n" if $source ne '/dev/log'; + print $out "$selector\t-$dest\n"; + close($out); + + # relaunch rsyslog + system('service rsyslog condrestart 2>&1 >/dev/null'); +} + +sub add_new_source { + my ($source, $file) = @_; + + my ($content, $changed); + open(my $in, '<', $file) + or die "Can't open $file for reading: $!"; + + while (my $line = <$in>) { + if ($line =~ /^SYSLOGD_OPTIONS=(.*)/) { + my $options = $1; + if ($options) { + my $quote; + if ($options !~ /-a\s+$source/) { + if ($options =~ /^(["'])(.*)\1$/) { + $quote = $1; + $options = $2; + } else { + $quote = '"'; + } + $options = $quote . $options . " -a $source" . $quote; + $changed = 1; + } + } else { + $options = "\"-a $source\""; + $changed = 1; + } + + $content .= "SYSLOGD_OPTIONS=$options\n"; + } else { + $content .= $line; + } + } + close($in); + + if ($changed) { + open(my $out, '>', $file) + or die "Can't open $file for writing: $!"; + print $out $content; + close($out); + } +} + +sub get_selector { + my ($facility, $min, $max) = @_; + + my $selector; + if ($max eq 'emerg') { + if ($min eq 'debug') { + $selector = "$facility.*"; + } else { + $selector = "$facility.$min"; + } + } else { + for my $i ($priorities{$min} .. $priorities{$max}) { + $selector .= ';' if $selector; + $selector .= "$facility.=$priorities[$i]"; + } + } + + return $selector; +} + +1; diff --git a/trunk/add-user b/trunk/add-user new file mode 100755 index 0000000..ac54186 --- /dev/null +++ b/trunk/add-user @@ -0,0 +1,31 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : add-user +# Version : $Id$ +# Author : Frederic Lepied +# Created On : Mon Jul 8 08:14:34 2002 +# Purpose : helper script for rpm scriptlets to add a +# system user. +#--------------------------------------------------------------- + +if [ $# -lt 5 ]; then + echo "usage: $0 <pkg name> <num installed> <user name> <home dir> <shell>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +name=$3 # name of the user +dir=$4 # home directory +shell=$5 # shell + +if ! getent passwd $name > /dev/null 2>&1; then + /usr/sbin/useradd -r -M -U \ + -s $shell -d $dir -c "system user for $pkg" $name > /dev/null +fi + +exit 0 + +# add-user ends here diff --git a/trunk/add-webapp b/trunk/add-webapp new file mode 100755 index 0000000..6468280 --- /dev/null +++ b/trunk/add-webapp @@ -0,0 +1,15 @@ +#!/bin/sh + +if [ $# != 2 ]; then + echo "usage: $0 <pkg name> <number installed>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed + +if [ $num = 1 ]; then + # installation: restart web server if running, + # as there is a new configuration file + /sbin/service httpd condrestart +fi diff --git a/trunk/create-file b/trunk/create-file new file mode 100755 index 0000000..6ae3417 --- /dev/null +++ b/trunk/create-file @@ -0,0 +1,31 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : create-file +# Version : $Id$ +# Author : Frederic Lepied +# Created On : Wed Jul 10 15:12:29 2002 +# Purpose : helper script for rpm scriptlets to create +# a non existent file. +#--------------------------------------------------------------- + +if [ $# != 6 ]; then + echo "usage: $0 <pkg name> <num installed> <file> <owner> <group> <mode>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +file=$3 # filename +owner=$4 # owner of the file +group=$5 # group of the file +mode=$6 # mode of the file + +if [ ! -f $file ]; then + touch $file + chown $owner:$group $file + chmod $mode $file +fi + +# create-file ends here diff --git a/trunk/create-ssl-certificate b/trunk/create-ssl-certificate new file mode 100755 index 0000000..954f187 --- /dev/null +++ b/trunk/create-ssl-certificate @@ -0,0 +1,74 @@ +#!/bin/sh +# $Id$ +# helper script for creating ssl certificates + +while [ $# -gt 0 ]; do + case $1 in + -g) group=$2; shift 2;; + -b) bundle="true"; shift;; + *) args=( ${args[@]:-} $1 ); shift;; + esac +done + +pkg=${args[0]} # name of the package +num=${args[1]} # number of packages installed +srv=${args[2]} # name of the service + +if [ -z "$pkg" -o -z "$num" -o -z "$srv" ]; then + echo "usage: $0 [-g <group>] [-b] <pkg name> <num installed> <service>" 1>&2 + exit 1 +fi + +if [ ! -f /etc/pki/tls/private/$srv.pem ]; then + # default values + host=$(hostname) + KEY_LENGTH=1024 + CERT_DAYS=365 + EMAIL_ADDRESS=root@$host + COMMON_NAME=$host + ORGANISATIONAL_UNIT_NAME="default $srv cert for $host" + + # source configuration + if [ -f /etc/sysconfig/ssl ]; then + . /etc/sysconfig/ssl + fi + + conffile=/tmp/$$ + keyfile=/etc/pki/tls/private/$srv.pem + if [ "$bundle" == true ]; then + certfile=$keyfile + else + certfile=/etc/pki/tls/certs/$srv.pem + fi + + # create a temporary configuration file + cat > $conffile <<EOF +default_bits = $KEY_LENGTH +encrypt_key = no +prompt = no +distinguished_name = req_dn +req_extensions = req_ext + +[ req_dn ] +commonName = $COMMON_NAME +organizationalUnitName = $ORGANISATIONAL_UNIT_NAME +emailAddress = $EMAIL_ADDRESS + +[ req_ext ] +basicConstraints = CA:FALSE +EOF + + # generate certificates + openssl req -new -x509 -days $CERT_DAYS \ + -config $conffile \ + -keyout $keyfile \ + -out $certfile >/dev/null + + # enforce strict perms on key + if [ -n "$group" ]; then + chmod 640 $keyfile + chgrp $group $keyfile + else + chmod 600 $keyfile + fi +fi diff --git a/trunk/del-group b/trunk/del-group new file mode 100755 index 0000000..6949791 --- /dev/null +++ b/trunk/del-group @@ -0,0 +1,24 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : del-group +# Version : $Id$ +# Author : Frederic Lepied +# Created On : Mon Jul 29 16:17:34 2002 +# Purpose : helper script for rpm scriptlets to remove a +# system group. +#--------------------------------------------------------------- + +if [ $# -lt 3 ]; then + echo "usage: $0 <pkg name> <num installed> <group name>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +name=$3 # name of the group + +exit 0 + +# del-group ends here diff --git a/trunk/del-service b/trunk/del-service new file mode 100755 index 0000000..82c2520 --- /dev/null +++ b/trunk/del-service @@ -0,0 +1,92 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : del-service +# Version : $Id$ +# Authors : Frederic Lepied, Andrey Borzenkov +# Created On : Tue Jul 9 08:11:26 2002 +# Purpose : helper script for rpm scriptlets to remove a +# service. +#--------------------------------------------------------------- + +if [ x$1 = x--no-sysv ]; then + do_sysv=no + shift +else + do_sysv=yes +fi + +if [ $# -lt 3 ]; then + echo "usage: $0 [--no-sysv] <pkg name> <number installed> [<service name>] [<unit name> ...]" 1>&2 + exit 1 +fi + +# What init system are we currently using? +if /bin/mountpoint -q /sys/fs/cgroup/systemd; then + init=systemd +else + init=sysvinit +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +if [ $do_sysv = yes ]; then + srv=$3 # name of the SysV script + shift 3 +else + srv= + shift 2 +fi +units="$*" # systemd units + +# If only a sysvinit service is given, then deal with a systemd unit of the same +# name. Specific specs can enable specific unit names as needed but this should +# catch the most common usage. +if [ -z "$units" ]; then + units="$srv.service" + + # We need to normalise the systemd unit name as the native unit may not have + # the same filename (sans it's .service suffix) as sysvinit script. + # In this case, symlinks are used to mask the sysvinit file, but for enabling + # and disabling units we must use the official name. + SYSTEMUNITDIR=/lib/systemd/system + USERUNITDIR=/etc/systemd/system + RUNTIMEUNITDIR=/run/systemd/system + + searchunit= + if [ -f "$SYSTEMUNITDIR/$units" ]; then + searchunit=$(/usr/bin/readlink "$SYSTEMUNITDIR/$units") + elif [ -f "$USERUNITDIR/$units" ]; then + searchunit=$(/usr/bin/readlink "$USERUNITDIR/$units") + elif [ -f "$RUNTIMEUNITDIR/$units" ]; then + searchunit=$(/usr/bin/readlink "$RUNTIMEUNITDIR/$units") + fi + if [ -n "$searchunit" ]; then + units=$searchunit + fi +fi + +if [ $num = 0 ]; then + + if [ -z "$DURING_INSTALL" ]; then + if [ x$init = xsystemd ]; then + /bin/systemctl stop $units + elif [ -n "srv" ]; then + /sbin/service $srv stop > /dev/null || : + fi + fi + + /bin/systemctl --no-reload --quiet disable $units >/dev/null + [ -n "$srv" ] && /sbin/chkconfig --del $srv + + # Yes - this is very ugly workaround. chkconfig --del does daemon-reload, + # but initscript is still there, so it remains loaded. Remove file and + # reload again. Systemd units are supposed to provide postun script + if [ -n "$srv" -a -f /etc/rc.d/init.d/$srv -a x$init = xsystemd ]; then + /bin/rm -f /etc/rc.d/init.d/$srv + /bin/systemctl daemon-reload + fi +fi + +# del-service ends here diff --git a/trunk/del-shell b/trunk/del-shell new file mode 100755 index 0000000..baeee15 --- /dev/null +++ b/trunk/del-shell @@ -0,0 +1,37 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : del-shell +# Version : $Id$ +# Author : Thierry Vignaud +# Created On : Tue Nov 5 13:52:20 2002 +# Purpose : helper script for rpm scriptlets to remove a +# shell from /etc/shells. +#--------------------------------------------------------------- + +if [ $# != 3 ]; then + echo "usage: $0 <pkg name> <number installed> <shell name>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +shl=$3 # name of the shell + +CFG_FILE=/etc/shells + +# Create $CFG_FILE if needed +if [ ! -f $CFG_FILE ]; then + > $CFG_FILE + exit 0 +fi + +if [ "$num" = 0 ]; then + if [ ! -x $shl ]; then + grep -v "^$shl$" < $CFG_FILE > $CFG_FILE.new + mv -f $CFG_FILE.new $CFG_FILE + fi +fi + +exit 0 diff --git a/trunk/del-syslog b/trunk/del-syslog new file mode 100755 index 0000000..456ffe0 --- /dev/null +++ b/trunk/del-syslog @@ -0,0 +1,74 @@ +#!/usr/bin/perl +# rpm helper scriptlet to remove a syslog entry (sysklogd and syslog-ng) +# $Id$ +use strict; + +main(@ARGV) unless caller(); + +sub main { + die <<EOF if @ARGV < 2; +usage: $0 <pkg> <nb> +EOF + my ($package, $number) = @ARGV; + + # don't do anything for upgrade + exit(0) if $number == 1; + + my $release_file = '/etc/release'; + open(my $fh, '<', $release_file) + or die "can't open $release_file: $!"; + my $line = <$fh>; + $line =~ /^Mageia release (\d\d\d\d\.\d)/; + my $release = $1; + close($fh); + + del_rsyslog_entry($package); +} + +sub del_sysklogd_entry { + my ($package) = @_; + + my $file = "/etc/syslog.conf"; + + my $content; + open(my $in, '<', $file) + or die "Can't open $file for reading: $!"; + while (my $line = <$in>) { + if ($line =~ /^# BEGIN: Automatically added by $package installation$/) { + while ($line = <$in>) { + last if $line =~ /^# END$/; + } + } else { + $content .= $line; + } + } + + open(my $out, '>', $file) + or die "Can't open $file for writing: $!"; + print $out $content; + close($out); + + system('service syslog condrestart 2>&1 >/dev/null'); +} + +sub del_rsyslog_entry { + my ($package) = @_; + + my $file = "/etc/rsyslog.d/$package.conf"; + + # check the file exists + return unless -f $file; + + # check the file is the one created by package installation + open(my $in, '<', $file) + or die "Can't open $file for reading: $!"; + my $line = <$in>; + close($in); + return if $line ne "# Automatically added by $package installation\n"; + + unlink $file + or die "Can't delete $file: $!"; + system('service rsyslog condrestart 2>&1 >/dev/null'); +} + +1; diff --git a/trunk/del-user b/trunk/del-user new file mode 100755 index 0000000..5938c97 --- /dev/null +++ b/trunk/del-user @@ -0,0 +1,22 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : del-user +# Version : $Id$ +# Author : Frederic Lepied +# Created On : Mon Jul 8 08:26:40 2002 +# Purpose : helper script for rpm scriptlets to remove a +# system user. +#--------------------------------------------------------------- + +if [ $# != 3 ]; then + echo "usage: $0 <pkg name> <num installed> <user name>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +name=$3 # name of the user + +# del-user ends here diff --git a/trunk/del-webapp b/trunk/del-webapp new file mode 100755 index 0000000..ec407a8 --- /dev/null +++ b/trunk/del-webapp @@ -0,0 +1,23 @@ +#!/bin/sh + +if [ $# != 2 ]; then + echo "usage: $0 <pkg name> <number installed>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed + +if [ $num = 0 ]; then + # in simultaneous removal scenario, web server may + # already have been removed + if [ -f /etc/init.d/httpd ]; then + # uninstallation: restart web server if running, + # a there is one less configuration file + /sbin/service httpd condrestart + fi +else + # update: just reload web server if running, + # as the number of configuration files didn't change + /sbin/service httpd condreload +fi diff --git a/trunk/get-password b/trunk/get-password new file mode 100755 index 0000000..caa783a --- /dev/null +++ b/trunk/get-password @@ -0,0 +1,11 @@ +#!/bin/sh +# $Id$ +# helper script for rpm scriptlets to get a random password + +if [ -n "$1" ]; then + length=$1 +else + length=8 +fi + +perl -e "@c = (a..z,A..Z,0..9); print map { @c[rand @c] } 0..$length" diff --git a/trunk/migrate-service b/trunk/migrate-service new file mode 100644 index 0000000..de08435 --- /dev/null +++ b/trunk/migrate-service @@ -0,0 +1,53 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : migrate-service +# Version : $Id$ +# Authors : Andrey Borzenkov +# Created On : Sat Mar 12 18:37:00 2011 +# Purpose : helper script for rpm scriptlets to migrate +# from SysV script to systemd unit. +#--------------------------------------------------------------- + +if [ $# -lt 3 ]; then + echo "usage: $0 {pre|post} <service name> <unit name> ..." 1>&2 + exit 1 +fi + +phase=$1 # pre/post +srv=$2 # name of the SysV script +shift 2 # systemd units + +if [ $phase = pre ]; then + # create flag that service was active and stop it + # As we are booted under systemd, we can just as well ask it ... + /bin/rm -f /tmp/systemd-migrate-active-$srv + if /bin/mountpoint -q /sys/fs/cgroup/systemd; then + active=$(/bin/systemctl show --no-pager -p ActiveState $srv.service 2> /dev/null) + if [ "${active#ActiveState=}" = active ]; then + /bin/touch /tmp/systemd-migrate-active-$srv + /bin/systemctl stop $srv.service + fi + fi + + # enable units if service was active in run-levels 3 or 5. + # This loosely corresponds to systemctl is-enabled. We assume, that + # units do include correct [Install] entries. + if /sbin/chkconfig --no-redirect --level=3 $srv || \ + /sbin/chkconfig --no-redirect --level=5 $srv; then + /bin/systemctl --no-reload --quiet enable "$@" || : + fi +else + # Reload daemon after old package was removed + # Restart new units if old SysV script was started. + if /bin/mountpoint -q /sys/fs/cgroup/systemd; then + /bin/systemctl daemon-reload + if [ -f /tmp/systemd-migrate-active-$srv ]; then + /bin/systemctl start "$@" + fi + fi + /bin/rm -f /tmp/systemd-migrate-active-$srv +fi + +# migrate-service ends here diff --git a/trunk/postun-unit b/trunk/postun-unit new file mode 100755 index 0000000..dfc4b82 --- /dev/null +++ b/trunk/postun-unit @@ -0,0 +1,40 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : postun-unit +# Version : $Id$ +# Authors : Andrey Borzenkov +# Created On : Sat Mar 12 18:05:00 2011 +# Purpose : helper script for rpm scriptlets to remove a +# systemd unit. +#--------------------------------------------------------------- + +# Reload systemd configuration and try to restart units +# It has to be done in postun because package removal may delete +# some links and we need to inform systemd about it + +/bin/mountpoint -q /sys/fs/cgroup/systemd || exit 0 + +if [ $# -lt 3 ]; then + echo "usage: $0 <pkg name> <number installed> <unit> ..." 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +shift 2 # systemd units + +/bin/systemctl daemon-reload + +if [ $num -ge 1 ]; then + if [ -z "$DURING_INSTALL" ]; then + # New package may have removed some units so restart will + # fail for them; catch it. + # TODO find a way to pass parameters from current packages + # into script installed by previous version + /bin/systemctl try-restart "$@" || : + fi +fi + +# postun-unit ends here diff --git a/trunk/reread-services b/trunk/reread-services new file mode 100755 index 0000000..73092d6 --- /dev/null +++ b/trunk/reread-services @@ -0,0 +1,31 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mageia Linux +# Module : rpm-helper +# File : reread-services +# Version : $Id$ +# Authors : Colin Guthrie +# Created On : Thu Nov 3 10:00:00 2011 +# Purpose : helper script for rpm scriptlets to ensure +# a service is reread by the init system +#--------------------------------------------------------------- + +if [ $# -lt 1 ]; then + echo "usage: $0 <pkg name>" 1>&2 + exit 1 +fi + +# What init system are we currently using? +if /bin/mountpoint -q /sys/fs/cgroup/systemd; then + init=systemd +else + init=sysvinit +fi + +pkg=$1 # name of the package + +if [ x$init = xsystemd ]; then + /bin/systemctl daemon-reload || : +fi + +# reread-services ends here diff --git a/trunk/rpm-helper.macros.in b/trunk/rpm-helper.macros.in new file mode 100644 index 0000000..2c88716 --- /dev/null +++ b/trunk/rpm-helper.macros.in @@ -0,0 +1,87 @@ +# $Id$ + +%_rpm_helper_dir @pkgdatadir@ + +%_get_password_helper %_rpm_helper_dir/get-password +%_get_password() $(%_get_password_helper %{1}) + +%_create_ghostfile_helper %_rpm_helper_dir/create-file +%create_ghostfile() %_create_ghostfile_helper %{name} $1 %{1} %{2} %{3} %{4} \ +%{nil} + +%_create_ssl_certificate_helper %_rpm_helper_dir/create-ssl-certificate +%_create_ssl_certificate(bg:) %_create_ssl_certificate_helper %{name} $1 %{1} %{?-g:-g %{-g*}} %{?-b:-b} \ +%{nil} + +# initscripts macros +%_add_service_helper %_rpm_helper_dir/add-service +%_post_service() %_add_service_helper %{name} $1 %{*} \ +%{nil} + +%_del_service_helper %_rpm_helper_dir/del-service +%_preun_service() %_del_service_helper %{name} $1 %{*} \ +%{nil} + +%_reread_services_helper %_rpm_helper_dir/reread-services +%_postun_service() %_reread_services_helper %{name} \ +%{nil} + +%_add_user_helper %_rpm_helper_dir/add-user +%_pre_useradd() %_add_user_helper %{name} $1 %{1} %{2} %{3} \ +%{nil} + +%_del_user_helper %_rpm_helper_dir/del-user +%_postun_userdel() %_del_user_helper %{name} $1 %{1} \ +%{nil} + +%_add_group_helper %_rpm_helper_dir/add-group +%_pre_groupadd() %_add_group_helper %{name} $1 %{1} %{?2:%2} \ +%{nil} + +%_del_group_helper %_rpm_helper_dir/del-group +%_postun_groupdel() %_del_group_helper %{name} $1 %{1} \ +%{nil} + +%_add_shell_helper %_rpm_helper_dir/add-shell +%_post_shelladd() %_add_shell_helper %{name} $1 %{1} \ +%{nil} + +%_del_shell_helper %_rpm_helper_dir/del-shell +%_preun_shelldel() %_del_shell_helper %{name} $1 %{1} \ +%{nil} + +%_add_syslog_helper %_rpm_helper_dir/add-syslog +%_post_syslogadd(s:m:M:) \ +%_add_syslog_helper %{name} $1 %{1} %{2} %{?-s:-s %{-s*}} %{?-m:-m %{-m*}} %{?-M:-M %{-M*}} \ +%{nil} + +%_del_syslog_helper %_rpm_helper_dir/del-syslog +%_preun_syslogdel() %_del_syslog_helper %{name} $1 \ +%{nil} + +# Web App dir + +%_add_webapp_helper %_rpm_helper_dir/add-webapp +%_post_webapp() %_add_webapp_helper %{name} $1 \ +%{nil} + +%_del_webapp_helper %_rpm_helper_dir/del-webapp +%_postun_webapp() %_del_webapp_helper %{name} $1 \ +%{nil} + +# systemd support +%_migrate_service_helper %_rpm_helper_dir/migrate-service +%_systemd_migrate_service_pre() %_migrate_service_helper pre %{*} \ +%{nil} +%_systemd_migrate_service_post() %_migrate_service_helper post %{*} \ +%{nil} + +%_post_unit() %_add_service_helper --no-sysv %{name} $1 %{*} \ +%{nil} + +%_preun_unit() %_del_service_helper --no-sysv %{name} $1 %{*} \ +%{nil} + +%_postun_unit_helper %_rpm_helper_dir/postun-unit +%_postun_unit() %_postun_unit_helper %{name} $1 %{*} \ +%{nil} diff --git a/trunk/ssl b/trunk/ssl new file mode 100644 index 0000000..9e03c04 --- /dev/null +++ b/trunk/ssl @@ -0,0 +1,12 @@ +# configuration file for create-ssl-certificate rpm scriptlet + +# key length +KEY_LENGTH=1024 + +# certificate duration +CERT_DAYS=365 + +# certificate values +EMAIL_ADDRESS=root@$host +COMMON_NAME=$host +ORGANISATIONAL_UNIT_NAME="default $srv cert for $host" diff --git a/trunk/t/add-syslog.t b/trunk/t/add-syslog.t new file mode 100755 index 0000000..638040e --- /dev/null +++ b/trunk/t/add-syslog.t @@ -0,0 +1,108 @@ +#!/usr/bin/perl +# $Id: gprintify 257533 2009-05-23 12:45:15Z guillomovitch $ + +use strict; +use warnings; +use Test::More; +use Digest::MD5; +use FindBin qw/$Bin/; +use File::Temp; +use lib "$Bin/../lib"; + +my @selector_tests = ( + [ [ qw/local1 debug emerg/ ], 'local1.*' , 'debug -> emerg' ], + [ [ qw/local1 info emerg/ ], 'local1.info' , 'info -> emerg' ], + [ [ qw/local1 debug alert/ ], 'local1.=debug;local1.=info;local1.=notice;local1.=warning;local1.=err;local1.=crit;local1.=alert' , 'debug -> alert' ], + [ [ qw/local1 info alert/ ], 'local1.=info;local1.=notice;local1.=warning;local1.=err;local1.=crit;local1.=alert' , 'info -> alert' ], +); + +plan tests => 5 + scalar @selector_tests; + +# test loading +ok(require("add-syslog"), "loading file OK"); + +# test string function +foreach my $test (@selector_tests) { + is(get_selector(@{$test->[0]}), $test->[1], $test->[2]); +} + +# test service configuration file modification +my $file; +$file = setup(<<EOF); +SYSLOGD_OPTIONS= +EOF + +add_new_source('/tmp/log', $file); + +is( + get_syslog_option($file), + '"-a /tmp/log"', + 'new source, without prior option' +); +unlink($file) unless $ENV{TEST_DEBUG}; + +$file = setup(<<EOF); +SYSLOGD_OPTIONS=-x +EOF + +add_new_source('/tmp/log', $file); + +is( + get_syslog_option($file), + '"-x -a /tmp/log"', + 'new source, with prior unquoted option' +); +unlink($file) unless $ENV{TEST_DEBUG}; + +$file = setup(<<EOF); +SYSLOGD_OPTIONS="-a /dev/log" +EOF + +add_new_source('/tmp/log', $file); + +is( + get_syslog_option($file), + '"-a /dev/log -a /tmp/log"', + 'new source, with prior quoted option' +); +unlink($file) unless $ENV{TEST_DEBUG}; + +$file = setup(<<EOF); +SYSLOGD_OPTIONS="-a /tmp/log" +EOF + +add_new_source('/tmp/log', $file); + +is( + get_syslog_option($file), + '"-a /tmp/log"', + 'new source, already defined' +); +unlink($file) unless $ENV{TEST_DEBUG}; + +sub setup { + my ($content) = @_; + + my $out = File::Temp->new(UNLINK => 0); + print $out $content; + close $out; + + return $out->filename(); +} + +sub get_syslog_option { + my ($file) = @_; + + my $options; + open(my $in, '<', $file) or die "can't read $file: $!"; + while (my $line = <$in>) { + chomp $line; + next unless $line =~ /^SYSLOGD_OPTIONS=(.+)/; + $options = $1; + last; + } + close($in); + + return $options; +} + diff --git a/trunk/verify-shell b/trunk/verify-shell new file mode 100755 index 0000000..3aeefe6 --- /dev/null +++ b/trunk/verify-shell @@ -0,0 +1,31 @@ +#!/bin/sh +#--------------------------------------------------------------- +# Project : Mandriva Linux +# Module : rpm-helper +# File : verify-shell +# Version : $Id$ +# Author : Thierry Vignaud +# Created On : Tue Nov 5 13:52:20 2002 +# Purpose : helper script for rpm scriptlets to check a +# shell is in /etc/shells +#--------------------------------------------------------------- + +if [ $# != 3 ]; then + echo "usage: $0 <pkg name> <number installed> <shell name>" 1>&2 + exit 1 +fi + +pkg=$1 # name of the package +num=$2 # number of packages installed +shl=$3 # name of the shell + +CFG_FILE=/etc/shells + + +echo -n "Looking for $shl in /etc/shells... " +if ! grep "^/bin/${shl}\$" /etc/shells > /dev/null; then + echo "missing" + echo "${shl} missing from /etc/shells" >&2 +else + echo "found" +fi |