From 4f40138bed8c8e822e8eeacafa0702b175b4e772 Mon Sep 17 00:00:00 2001 From: Chris Rorvick Date: Tue, 31 Mar 2020 18:33:48 -0500 Subject: [PATCH] net-misc/cfengine: add 3.15.1 --- net-misc/cfengine/Manifest | 2 + net-misc/cfengine/cfengine-3.15.1.ebuild | 138 ++++++++++ .../files/cfengine-3.15.1-ipv6-address.patch | 257 ++++++++++++++++++ 3 files changed, 397 insertions(+) create mode 100644 net-misc/cfengine/cfengine-3.15.1.ebuild create mode 100644 net-misc/cfengine/files/cfengine-3.15.1-ipv6-address.patch diff --git a/net-misc/cfengine/Manifest b/net-misc/cfengine/Manifest index bcd476d..81462d5 100644 --- a/net-misc/cfengine/Manifest +++ b/net-misc/cfengine/Manifest @@ -1,6 +1,8 @@ DIST cfengine-3.10.5.tar.gz 2392398 SHA256 46ec1bf39a3ee27f8a9e10195b37daaa19b25e87ed3d45ebfb895dad0801a7b6 SHA512 89cd45b5c2ab5a5fbb32577751e80596c69edb7613674fe690a30b66a795e516a17e49934827aaff13a9b9e5e4532dbd39238f6d94acc2fc2f4f59b4f505d33f WHIRLPOOL 0e068d9837be0115d269c8cf96a093445e42503ad5e578a11e3d4b09cf894025cf26164e072e9d2ccafbcf41cbad2aefa022db0a1c1b8216a0ba5528961e326c DIST cfengine-3.12.2.tar.gz 2529342 SHA256 0285e039f576b4cf2c8a2f795fdb1687b7637e932bb1d963093546f2abee11b0 SHA512 fd2eeb95f5e70ed0ede1ba4607eccc1a798fd9ade4db57dde552ee4bce398e75d6745d10a06cf8aae6e5d43d2d4ed30b4528ef4c4ab3e6792045010a54101d0f WHIRLPOOL 07b157d643b233cf0bdf4903bb8d11478a64f9f4274ff58264f80cf33d7655aa558f005b5514a16b09b3b379f823f9782ac0881bd52de71604add1108ae290f7 +DIST cfengine-3.15.1.tar.gz 3103100 SHA256 ab597456f9d44d907bb5a2e82b8ce2af01e9c59641dc828457cd768ef05a831d SHA512 5a40386f71c40d3f12a0eb0015bcd3cd581bc8604841f5976efac980f400acf0bfcbf4e1e871cf2937f8639dd5905ac4161c53df22a412ec3b478e585a0f26e6 WHIRLPOOL bafeaf0c80ce6b913ebfcd2bf5b02733b37833bc8ea5d3ca21f6f73dd9109875391535c84bb41183fba31773fd6934aa2f580398638fbe319c4987e706622237 DIST cfengine-3.6.7.tar.gz 1991420 SHA256 d86da03ed0806b67ae4834a958bf2848c861adeb1ae138d7bfc70526a1c31328 SHA512 15a47419fbccda649fa73e2de6a21f6db903642a7e7ff83a4c6fcd941aa6772fd38ef6793e1d300b3b726ddd72e903c1398a70b924a2648c06685830922a06b6 WHIRLPOOL 2cf0aff0a49cdeb4db9082793ba5ed3d3e2623dfe0ec4dda6076dd7500812ce3f1ae07f36dc90f5beefd2ef6637859a80b5cc759fbe02b7474c3dad0106fa595 DIST cfengine-masterfiles-3.10.5.tar.gz 478962 SHA256 7482f106fa66e6b6d7a43a6ad64f062fb8f702e66ff1d0a5f47cb83b59268e57 SHA512 8223503d931557803d4a9af15e91805ae0cad7c79852014462323e9ef93b6d88c0ea72477990937ad8542d2de1728b21807d12a60b831d014d82e7f907ffb569 WHIRLPOOL 668897b728e90f3dc6936872b390b3356de1d1dc99a81d62599414cdb49bc153a9a271d88dbc6e54bb5ab3f79e77db5a5127c94cfef2f132324b61cf102ef641 DIST cfengine-masterfiles-3.12.2.tar.gz 442207 SHA256 4abeeb23f6c5c50bed6ece5e2ba09d3d485ccccfff88852bf8d2668c73ef2caa SHA512 cb7461cd028fb4ff622097bcf15e78b459c14224795cc3a6d022190c680275438703f37192c6d009c3979287ca22daf105d211cbcf4ba370344a47e4a414b0b1 WHIRLPOOL 269ab4774339eba8d2adc489b06680ebc027e3e8a83f5454dac84051ab880238d7510055b895878e69b2a7b8634df8e8a0f590efde3853e8e3213778b0c152ed +DIST cfengine-masterfiles-3.15.1.tar.gz 475038 SHA256 051369054a2e17a4ea1f68a41198fe5377fbbf33f600168246bf0b667fc1ab74 SHA512 efa38b1868c94f97bc8af4c247ec71a8f4e3809b2da2b32d3759010fbea46c369de3bcd4cfc3de318e1278d91d28cf0bea42e2807316c295e608aaebd61bf391 WHIRLPOOL a9cf59f517e36abb92ef3825fc3a4e13d31b392b4a2baf0278dd43057b642c0910b5a1604b9b07da3dde14a7d423c819083cf9337cfb8c4cc3162528e89571cd DIST cfengine-masterfiles-3.6.7.tar.gz 248547 SHA256 ce883925e1b1c891a06e602c9c11a62e0f8e68a4355e66006f4b29de10502a9f SHA512 e179b7065a3d13cc559f0d38bcad202baeda2e7bc98e629df9614db0f7b748b3b0deced7681d86418a7f9a01fd54975761eb4551b82d6866ab0207ffbd55182c WHIRLPOOL d96242d251bb44f87d05aff6215a7a2d5003d8ad5e23fe3e81aab0ac11c56f3835e465428b2af261841e230a01477e31144f4b592abc6d994ea03809a5719934 diff --git a/net-misc/cfengine/cfengine-3.15.1.ebuild b/net-misc/cfengine/cfengine-3.15.1.ebuild new file mode 100644 index 0000000..47d4642 --- /dev/null +++ b/net-misc/cfengine/cfengine-3.15.1.ebuild @@ -0,0 +1,138 @@ +# Copyright 1999-2020 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils autotools flag-o-matic + +MY_PV="${PV//_beta/b}" +MY_PV="${MY_PV/_p/p}" +MY_P="${PN}-${MY_PV}" + +DESCRIPTION="An automated suite of programs for configuring and maintaining +Unix-like computers" +HOMEPAGE="http://www.cfengine.org/" +SRC_URI="https://cfengine-package-repos.s3.amazonaws.com/tarballs/${MY_P}.tar.gz + masterfiles? ( https://cfengine-package-repos.s3.amazonaws.com/tarballs/${PN}-masterfiles-${MY_PV}.tar.gz )" + +LICENSE="GPL-3" +SLOT="3" +KEYWORDS="~amd64" + +IUSE="acl curl examples libvirt +lmdb mysql +masterfiles postgres qdbm selinux tokyocabinet vim-syntax xml yaml" + +DEPEND="acl? ( virtual/acl ) + mysql? ( virtual/mysql ) + postgres? ( dev-db/postgresql ) + selinux? ( sys-libs/libselinux ) + tokyocabinet? ( dev-db/tokyocabinet ) + qdbm? ( dev-db/qdbm ) + lmdb? ( dev-db/lmdb ) + libvirt? ( app-emulation/libvirt ) + xml? ( dev-libs/libxml2:2 ) + curl? ( net-misc/curl ) + xml? ( dev-libs/libxml2:2 ) + yaml? ( dev-libs/libyaml ) + dev-libs/openssl + dev-libs/libpcre" +RDEPEND="${DEPEND}" +PDEPEND="vim-syntax? ( app-vim/cfengine-syntax )" + +REQUIRED_USE="^^ ( qdbm tokyocabinet lmdb )" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + default + epatch "${FILESDIR}/${P}-ipv6-address.patch" + eautoreconf +} + +src_unpack() { + unpack ${MY_P}.tar.gz + if use masterfiles; then + unpack ${PN}-masterfiles-${MY_PV}.tar.gz + mv ${PN}-masterfiles-${MY_PV} masterfiles + fi +} + +src_configure() { + # Enforce /var/cfengine for historical compatibility + + econf \ + --enable-fhs \ + --docdir=/usr/share/doc/${PF} \ + --with-workdir=/var/cfengine \ + --with-pcre \ + $(use_with acl libacl) \ + $(use_with qdbm) \ + $(use_with tokyocabinet) \ + $(use_with postgres postgresql) \ + $(use_with mysql mysql check) \ + $(use_with libvirt) \ + $(use_with curl libcurl) \ + $(use_with xml libxml2) \ + $(use_with yaml libyaml) \ + $(use_enable selinux) +} + +src_install() { + newinitd "${FILESDIR}"/cf-serverd.rc6 cf-serverd || die + newinitd "${FILESDIR}"/cf-monitord.rc6 cf-monitord || die + newinitd "${FILESDIR}"/cf-execd.rc6 cf-execd || die + newconfd "${FILESDIR}"/cfengine3.confd cfengine3 + + emake DESTDIR="${D}" install || die + + # fix ifconfig path in provided promises + find "${D}"/usr/share -name "*.cf" | xargs sed -i "s,/sbin/ifconfig,$(which ifconfig),g" + + dodoc AUTHORS + + if ! use examples; then + rm -rf "${D}"/usr/share/doc/${PF}/example* + fi + + # Create cfengine working directory + dodir /var/cfengine/bin + fperms 700 /var/cfengine + + # Copy cfagent into the cfengine tree otherwise cfexecd won't + # find it. Most hosts cache their copy of the cfengine + # binaries here. This is the default search location for the + # binaries. + for bin in promises agent monitord serverd execd runagent key; do + dosym /usr/bin/cf-$bin /var/cfengine/bin/cf-$bin || die + done + + if use masterfiles; then + insinto /var/cfengine + doins -r "${WORKDIR}/masterfiles" + fi + + dodir /etc/env.d + echo 'CONFIG_PROTECT=/var/cfengine/masterfiles' >"${ED}/etc/env.d/99${PN}" || die +} + +pkg_postinst() { + echo + einfo "Init scripts for cf-serverd, cf-monitord, and cf-execd are provided." + einfo + einfo "To run cfengine out of cron every half hour modify your crontab:" + einfo "0,30 * * * * /usr/sbin/cf-execd -F" + echo + + elog "If you run cfengine the very first time, you MUST generate the keys for cfengine by running:" + elog "emerge --config ${CATEGORY}/${PN}" +} + +pkg_config() { + if [ "${ROOT}" == "/" ]; then + if [ ! -f "/var/cfengine/ppkeys/localhost.priv" ]; then + einfo "Generating keys for localhost." + /usr/sbin/cf-key + fi + else + die "cfengine cfkey does not support any value of ROOT other than /." + fi +} diff --git a/net-misc/cfengine/files/cfengine-3.15.1-ipv6-address.patch b/net-misc/cfengine/files/cfengine-3.15.1-ipv6-address.patch new file mode 100644 index 0000000..c3c182c --- /dev/null +++ b/net-misc/cfengine/files/cfengine-3.15.1-ipv6-address.patch @@ -0,0 +1,257 @@ +From 4021058d729fd618e5770300664ecfcc6fd29d5d Mon Sep 17 00:00:00 2001 +From: Chris Rorvick +Date: Tue, 28 May 2019 00:44:52 -0500 +Subject: [PATCH] prefer routable IPv6 addresses over link-local + +Currently the IPv6 address provided for an interface in the $(sys.inet6) +data is arbitrary if more than one address is bound to that interface. +Given that IPv6 requires all interfaces have a link-local address, this +is a common scenario. Add a mechanism to GetProcFileInfo() to choose +between the previous and new entries if more than one is found for an +extracted key, and use this mechanism to rank link-local addresses below +others. + +Also, the post-processing functions passed to GetProcFileInfo() have a +strange return value. This is seemingly due to a misunderstanding with +how function pointer types relate to function definitions. Clean this +up. +--- + libenv/unix_iface.c | 106 +++++++++++++++++++++++++++++++++++--------- + 1 file changed, 86 insertions(+), 20 deletions(-) + +diff --git a/libenv/unix_iface.c b/libenv/unix_iface.c +index c62e1cb73..0adbb0a7b 100644 +--- a/libenv/unix_iface.c ++++ b/libenv/unix_iface.c +@@ -88,6 +88,7 @@ static void InitIgnoreInterfaces(void); + static Rlist *IGNORE_INTERFACES = NULL; /* GLOBAL_E */ + + typedef void (*ProcPostProcessFn)(void *ctx, void *json); ++typedef JsonElement * (*ProcTiebreakerFn)(JsonElement *prev_item, JsonElement *this_item); + + + /*********************************************************************/ +@@ -1021,7 +1022,7 @@ static void NetworkingRoutesPostProcessInfo( + # endif + } + +-static ProcPostProcessFn NetworkingIPv6RoutesPostProcessInfo( ++static void NetworkingIPv6RoutesPostProcessInfo( + ARG_UNUSED void *passed_ctx, ARG_LINUX_ONLY void *json) + { + # if defined (__linux__) +@@ -1054,10 +1055,9 @@ static ProcPostProcessFn NetworkingIPv6RoutesPostProcessInfo( + // like we do with IPv4 routes + + # endif +- return NULL; + } + +-static ProcPostProcessFn NetworkingIPv6AddressesPostProcessInfo(ARG_UNUSED void *passed_ctx, void *json) ++static void NetworkingIPv6AddressesPostProcessInfo(ARG_UNUSED void *passed_ctx, void *json) + { + JsonElement *entry = json; + +@@ -1066,7 +1066,50 @@ static ProcPostProcessFn NetworkingIPv6AddressesPostProcessInfo(ARG_UNUSED void + JsonExtractParsedNumber(entry, "raw_device_number", "device_number", true, false); + JsonExtractParsedNumber(entry, "raw_prefix_length", "prefix_length", true, false); + JsonExtractParsedNumber(entry, "raw_scope", "scope", true, false); +- return NULL; ++} ++ ++static unsigned RankIPv6Address(const char *address) ++{ ++ unsigned long first_word = 0; ++ char *end; ++ ++ if (address == NULL) ++ { ++ return 0; ++ } ++ ++ first_word = strtoul(address, &end, 16); ++ ++ if (*end != ':') ++ { ++ return 0; // invalid IPv6 address? ++ } ++ ++ if ((first_word & 0xffc0) == 0xfe80) ++ { ++ // link-local (fe80:://10) ++ ++ return 1; ++ } ++ else ++ { ++ return 2; ++ } ++} ++ ++static JsonElement *NetworkingIPv6AddressesTiebreaker(JsonElement *prev_item, JsonElement *this_item) ++{ ++ const char *prev_addr = JsonObjectGetAsString(prev_item, "address"); ++ const char *this_addr = JsonObjectGetAsString(this_item, "address"); ++ ++ if (RankIPv6Address(this_addr) >= RankIPv6Address(prev_addr)) ++ { ++ return this_item; ++ } ++ else ++ { ++ return prev_item; ++ } + } + + /*******************************************************************/ +@@ -1095,7 +1138,7 @@ static const char* GetPortStateString(ARG_LINUX_ONLY int state) + + // used in evalfunction.c but defined here so + // JsonRewriteParsedIPAddress() etc. can stay local +-ProcPostProcessFn NetworkingPortsPostProcessInfo(ARG_UNUSED void *passed_ctx, void *json) ++void NetworkingPortsPostProcessInfo(ARG_UNUSED void *passed_ctx, void *json) + { + JsonElement *conn = json; + +@@ -1112,8 +1155,6 @@ ProcPostProcessFn NetworkingPortsPostProcessInfo(ARG_UNUSED void *passed_ctx, vo + JsonObjectAppendString(conn, "state", GetPortStateString(num_state)); + } + } +- +- return NULL; + } + + /*******************************************************************/ +@@ -1180,7 +1221,7 @@ static JsonElement* GetNetworkingStatsInfo(const char *filename) + // always returns the parsed data. If the key is not NULL, also + // creates a sys.KEY variable. + +-JsonElement* GetProcFileInfo(EvalContext *ctx, const char* filename, const char* key, const char* extracted_key, ProcPostProcessFn post, const char* regex) ++JsonElement* GetProcFileInfo(EvalContext *ctx, const char* filename, const char* key, const char* extracted_key, ProcPostProcessFn post, ProcTiebreakerFn tiebreak, const char* regex) + { + JsonElement *info = NULL; + bool extract_key_mode = (extracted_key != NULL); +@@ -1218,14 +1259,39 @@ JsonElement* GetProcFileInfo(EvalContext *ctx, const char* filename, const char* + + if (extract_key_mode) + { +- if (JsonObjectGetAsString(item, extracted_key) == NULL) ++ const char *extracted_key_value = JsonObjectGetAsString(item, extracted_key); ++ ++ if (extracted_key_value == NULL) + { + Log(LOG_LEVEL_ERR, "While parsing %s, looked to extract key %s but couldn't find it in line %s", filename, extracted_key, line); + } + else + { +- Log(LOG_LEVEL_DEBUG, "While parsing %s, got key %s from line %s", filename, JsonObjectGetAsString(item, extracted_key), line); +- JsonObjectAppendElement(info, JsonObjectGetAsString(item, extracted_key), item); ++ JsonElement *prev_item = JsonObjectGet(info, extracted_key_value); ++ ++ Log(LOG_LEVEL_DEBUG, "While parsing %s, got key %s from line %s", filename, extracted_key_value, line); ++ ++ if (prev_item != NULL && tiebreak != NULL) ++ { ++ JsonElement *winner = (*tiebreak)(prev_item, item); ++ ++ if (winner == prev_item) ++ { ++ Log(LOG_LEVEL_DEBUG, "Multiple entries for key %s, preferring previous value", extracted_key_value); ++ ++ JsonDestroy(item); ++ item = NULL; ++ } ++ else ++ { ++ Log(LOG_LEVEL_DEBUG, "Multiple entries for key %s, preferring new value", extracted_key_value); ++ } ++ } ++ ++ if (item != NULL) ++ { ++ JsonObjectAppendElement(info, extracted_key_value, item); ++ } + } + } + else +@@ -1274,7 +1340,7 @@ void GetNetworkingInfo(EvalContext *ctx) + } + + BufferPrintf(pbuf, "%s/proc/net/route", procdir_root); +- JsonElement *routes = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, (ProcPostProcessFn) &NetworkingRoutesPostProcessInfo, ++ JsonElement *routes = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingRoutesPostProcessInfo, NULL, + // format: Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT + // eth0 00000000 0102A8C0 0003 0 0 1024 00000000 0 0 0 + "^(?\\S+)\\t(?[[:xdigit:]]+)\\t(?[[:xdigit:]]+)\\t(?[[:xdigit:]]+)\\t(?\\d+)\\t(?\\d+)\\t(?[[:xdigit:]]+)\\t(?[[:xdigit:]]+)\\t(?\\d+)\\t(?\\d+)\\t(?[[:xdigit:]]+)"); +@@ -1322,7 +1388,7 @@ void GetNetworkingInfo(EvalContext *ctx) + JsonElement *inet6 = JsonObjectCreate(3); + + BufferPrintf(pbuf, "%s/proc/net/snmp6", procdir_root); +- JsonElement *inet6_stats = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, NULL, ++ JsonElement *inet6_stats = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, NULL, NULL, + "^\\s*(?\\S+)\\s+(?\\d+)"); + + if (inet6_stats != NULL) +@@ -1348,7 +1414,7 @@ void GetNetworkingInfo(EvalContext *ctx) + } + + BufferPrintf(pbuf, "%s/proc/net/ipv6_route", procdir_root); +- JsonElement *inet6_routes = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, (ProcPostProcessFn) &NetworkingIPv6RoutesPostProcessInfo, ++ JsonElement *inet6_routes = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingIPv6RoutesPostProcessInfo, NULL, + // format: dest dest_prefix source source_prefix next_hop metric refcnt use flags interface + // fe800000000000000000000000000000 40 00000000000000000000000000000000 00 00000000000000000000000000000000 00000100 00000000 00000000 00000001 eth0 + "^(?[[:xdigit:]]+)\\s+(?[[:xdigit:]]+)\\s+" +@@ -1363,7 +1429,7 @@ void GetNetworkingInfo(EvalContext *ctx) + } + + BufferPrintf(pbuf, "%s/proc/net/if_inet6", procdir_root); +- JsonElement *inet6_addresses = GetProcFileInfo(ctx, BufferData(pbuf), NULL, "interface", (ProcPostProcessFn) &NetworkingIPv6AddressesPostProcessInfo, ++ JsonElement *inet6_addresses = GetProcFileInfo(ctx, BufferData(pbuf), NULL, "interface", &NetworkingIPv6AddressesPostProcessInfo, &NetworkingIPv6AddressesTiebreaker, + // format: address device_number prefix_length scope flags interface_name + // 00000000000000000000000000000001 01 80 10 80 lo + // fe80000000000000004249fffebdd7b4 04 40 20 80 docker0 +@@ -1387,7 +1453,7 @@ void GetNetworkingInfo(EvalContext *ctx) + + BufferPrintf(pbuf, "%s/proc/net/dev", procdir_root); + JsonElement *interfaces_data = +- GetProcFileInfo(ctx, BufferData(pbuf), "interfaces_data", "device", NULL, ++ GetProcFileInfo(ctx, BufferData(pbuf), "interfaces_data", "device", NULL, NULL, + "^\\s*(?[^:]+)\\s*:\\s*" + // All of the below are just decimal digits separated by spaces + "(?\\d+)\\s+" +@@ -1420,28 +1486,28 @@ JsonElement* GetNetworkingConnections(EvalContext *ctx) + Buffer *pbuf = BufferNew(); + + BufferPrintf(pbuf, "%s/proc/net/tcp", procdir_root); +- data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, (ProcPostProcessFn) &NetworkingPortsPostProcessInfo, ports_regex); ++ data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex); + if (data != NULL) + { + JsonObjectAppendElement(json, "tcp", data); + } + + BufferPrintf(pbuf, "%s/proc/net/tcp6", procdir_root); +- data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, (ProcPostProcessFn) &NetworkingPortsPostProcessInfo, ports_regex); ++ data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex); + if (data != NULL) + { + JsonObjectAppendElement(json, "tcp6", data); + } + + BufferPrintf(pbuf, "%s/proc/net/udp", procdir_root); +- data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, (ProcPostProcessFn) &NetworkingPortsPostProcessInfo, ports_regex); ++ data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex); + if (data != NULL) + { + JsonObjectAppendElement(json, "udp", data); + } + + BufferPrintf(pbuf, "%s/proc/net/udp6", procdir_root); +- data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, (ProcPostProcessFn) &NetworkingPortsPostProcessInfo, ports_regex); ++ data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex); + if (data != NULL) + { + JsonObjectAppendElement(json, "udp6", data); +-- +2.24.1 + -- 2.24.1