| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
|
|
|
|
|
|
|
|
Problems found with existing digests:
Package memconf distfile memconf-2.16/memconf.gz
b6f4b736cac388dddc5070670351cf7262aba048 [recorded]
95748686a5ad8144232f4d4abc9bf052721a196f [calculated]
Problems found locating distfiles:
Package dc-tools: missing distfile dc-tools/abs0-dc-burn-netbsd-1.5-0-gae55ec9
Package ipw-firmware: missing distfile ipw2100-fw-1.2.tgz
Package iwi-firmware: missing distfile ipw2200-fw-2.3.tgz
Package nvnet: missing distfile nvnet-netbsd-src-20050620.tgz
Package syslog-ng: missing distfile syslog-ng-3.7.2.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
|
|
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
|
|
|
|
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
|
|
These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
|
|
|
|
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
|
|
|
|
|
|
|
|
are called p5-*.
I hope that's all of them.
|
|
|
|
Protocol fix, potential integer error in server decoding.
|
|
|
|
|
|
Fixes:
Interface 1: wm0
Interface 4: o0
cfservd: No such network device
cfservd: ioctl: Socket operation on non-socket
... at startup.
|
|
|
|
missing perl interpreter. Bumped PKGREVISION
|
|
ChangeLog:
2.2.8
Patch for cfservd serving wrong data when link->copy
Checksum changes now trigger persistent class "checksum_alerts"
and log to WORKDIR/state/file_hash_event_history
Threading error fix for cfexecd
Windows compilation fixes. Note that windows users might have to move keys and files
from /home/user/.cfagent to /var/cfengine after the standardization of administrator
paths for windows where getuid != 0.
2.2.7
Memory leak in database access, affecting cfenvd
2.2.6
Xen detection
Bug in popen - incorrect placement of conditional in setting groups added in 2.2.4.
Sensor code added for linux cfenvd. Ready for patches for other systems.
Cpu utilization and temperature measurement added for linux where available
Bug reported in installable-negated classes. Patch by jack/SiliconSlick
Bugfix for class defined by directories
2.2.5
No content changes since 2.2.4, just fixes a packaging error.
(Mark's Easter turkey)
2.2.4p
Blunder in makefile change. Compilation error fixed.
2.2.4
Build changes. libpub is now an installed library libcfpub.so/a
so that cfengine 3 can find it.
Documentation is no longer distributed in the tarball, since most
people will use the online version. Also, enhanced documentation is
now available for any user who registers (free) at cfengine.com.
compress=true option in tidy was missing from documentation, and
left uninitialized during purging leading to attempts to compress
files instead of deleting.
Bugfix for empty strings in editfiles.
Links did not get removed with nolink=kill. Code changes apparently broken earlier.
Fixed.
rxdirs= added to files. Default is false. If set to true, cfengine will not
assume that x-bits should be set when r is set on directory permissions.
Group initialization to popen, so shellcommands groups are consistent with uid login id
Rpm fix for package removal.
|
|
name change).
|
|
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
|
|
|
|
- new maintainer
- PKG_DESTDIR_SUPPORT
- ok by joerg
2.2.3
Feedback release after 2.2.2 and LISA 07, minor tweaks and bug fixes
"Harmless features"
IgnoreInterfaceRegex( "vm.*" ) added to control
function added for removing data from special interfaces from class data
Option checkroot=true/false added to copy directive. This switches
on/off the change in 2.2.2 about setting permissions on the
destination root when recursively copying files. Default is now
false.
Can escape colons in the strings now to avoid confusion with
expansion separator.
cfenvgraph --erasehistory users,www_in etc will now set the
average and variance of learned cfenvd data to zero. The current
week's trace is not affected.
audit=true/false flag added to most actions
2.2.2
The build procedure for cfengine changes in this version to
incorporate an intermediate library. The default behaviour is now
to build a static library which will be used by cfengine 3 and
other application interfaces. To build a shared library, use
--enable-shared=yes
NOTE to developers: if running from the compiled code you now need
to delete the files cfagent cfservd etc and recompile to see changes
appear in the code. This is due to the libtool build process.
libtoolizing compilation process for migration to cfengine shared library
(this is to support mulitple interfaces in future, and cf 3)
--
XML and HTML output options added to equip the internal instrumentation
with readable output in cfshow e.g.
cfshow --performance --html > output.html
firefox output.html
provides an easier summary and searchability in browser function
Instrumentation changed to use realtime functions where possible. Standard
unix timer is too insensitive to measure performance.
The beginning of an integrated auditing system has been added. See references
to AuditLog() in the code. This logs to a compressed database and can be extracted
in ascii, html, xml using cfshow, e.g. cfshow --audit --html > output.html
Auditing is switched on by
control:
cfinputs_version = ( 1.2.1 ) # record this version in log, e.g. cvs revision
Auditing = true
--
cfshow --classes
also shows the relative frequencies of classes
that have occurred on the system and the last time these were
observed.
cfshow -f cfagent.conf --regex "lin.*"
displays all rules in the named file whose classes match the named
regular expression. Note that the class "any" is not automatically matched
and the search is based on the class text from the file. The output is not
related to which classes are currently defined, and it will not recognise
the history of classes implicit through class-restricted imported files.
--
SCLI interface modifications.
--
Intermittency entropy code added to the copy instrumentation for
automatic host reliability measurements.
Special variable
IgnoreFriendRegex = ( regex )
prevents last-seen warnings about hosts matching the named regex
--
UserExists("name") and GroupExists("name") functions added to builtin functions.
ClassMatch function added in classes/groups to match regular expressions of other classes
--
Additional octet variables added on default IPv4 address, for convenience:
e.g.
590 : ipv4_2[eth1]=192.168
1895 : ipv4[eth1]=192.168.1.101
2100 : ipv4_1[eth1]=192
4049 : ipv4_3[eth1]=192.168.1
Methods can now expand some list variables, one list only per argument set.
This is a limited compromise pending cfengine 3. A patch for expansion of
variables in the control part of a program in methods has also been added.
Bug fix and code simplication of variable expansion.
-----
tied variable expansion added. Allows method workaround for file dissemination
by name, e.g. copy from
host1.conf -> /dir/host1/file.conf
host2.conf -> /dir/host2/file.conf e.g. for virtual or diskless machines
-----
Major changes to package manager code by Jo Rhett. Variable expansion
fixed by Mark.
-----
Option "best" added to checksum= in files action, this allows cross checking
of the two best known hash algorithms for each file. Currently this is md5 and sha
due to limitations in OpenSSL libcrypto.
UnCommentToLineMatching regex added
2.2.1
scli: type section added. This is a special case of shellcommands, which
send commands to the special shell scli by Juergen Schoenwaelder for
communicating with snmp devices.
Code refactoring for package management.
Bug fixes for problems introduced in 2.2.0.
Copy directory would not set owner correctly on root
2.2.0
Apart from minor changes, this version is about structural internal
changes that ease the eventual confluence with cfengine 3 and the work
going on behind the scenes there. Every effort is being made to
make this change easy for users and existing installations. New features
will be introduced into 2.2.x gradually, and the new front-end will
eventually merge into this.
This version accompanies a new introduction to cfengine published as
a SAGE Short Topics book.
* Some changes
EMANICS extensions and reference testing for context sensitive
network navigation patterns using voluntary cooperation contracts.
PrintFile("name") function added to alerts
!! List expansion in editfiles actions. This is an important change
because it can potentially affect existing configurations that contain
variables with a list separator in them. EditSplit is used for this.
elsdefine fixed in tidy
processes with action=warn only install fix
ifelapsed/expireafter fixed in editfiles
Instrumentation of copy/shellcommands measuring time/averages
use cfshow --performance
background=true in shellcommands was not implemented! (Fixed)
SLES10 recognition
RedHat/Fedora further classes
SELinux support begun by Jeff Sheltren UCSB, who notes.
> Currently, I have editfiles and copy working with selinux security
> contexts, although so far copy only has support for regular files; I
> haven't worked on links, etc. yet.
> Use --enable-selinux during compilation
Bug / misleading error message in ReadArray fixed
HostRange bug for numericals in hostname fixed by Steve Radar.
|
|
|
|
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
|
|
|
|
|
|
2.1.22
IMPORTANT: cfshow output formatting changes
database internal format changes
Rewritten the checksum subsystem to allow for future development
and improvements and tidied the fragile Berkeley DB code. Cfservd
no longer caches checksums, as this causes update issues. This could
lead to additional load.
The checksum code has been rewritten with a new database model, so all
old data will be rebuilt. The checksum database has been renamed.
ChecksumDatabase variable is not longer used.
Package manager debian patch added to iterate over packages
under installation.
Package manager for AIX code added, courtesy of Anthony Rassin
Package manager for Gentoo added, courtesy of Eric Searcy
ShowState(rootprocs), ShowState(otherprocs) added for
better process reporting
General code reorganization for better separation of concerns, looking
towards cfengine 3.
cfconvert removed. Change of future strategy for cfengine 3 migration.
Rationalization of internal instrumentation and better integration
with cfenvd.
Bug fixes to miscmounts. Editing was broken with respect to editfilesize variable.
Option processing for miscmounts was also broken.
Support for old Berkeley DB APIs abandoned.
Encryption level added for full encryption of opendir traffic.
Must set FullEncryption = ( true ) in control for compatability
server=none now signals noop in method execution and copy.
Varstring expansion bug for nested variables.
2.1.21
copy action now supports this $(this) variable which is made equal to the
current server. This allows separating files from multiple hosts when downloading.
cfenvd LDT fixes
Bugs in PeerLeader/Group functions fixed.
Some buffer limits too small and hardcoded in item.c - fix
PH support removed from cfenvd during code rationalization - never used
Cfenvd code rationalization and channge in database format.
THe first time cfenvd runs, it will convert the database into the new format,
be aware that this could take some time as it is disk intensive.
Matt Shibla (ARM) ReturnsZeroShell function added.
Cfrun ignored port number, fix
2.1.20
ipv6 structure compilation error for Tru64
Tested for compilation with latest Berkeley4.4-NC
New option in cfservd.conf "LogEncryptedTransfers" (true/false).
If true, any file that is granted access and is marked "encrypt=true"
will be logged in syslog. i.e. one can keep a record of sensitive
transfers.
Linkcopy fix in 2.1.19 broke copying of links that point
nowhere. Fixed.
Copy was missing from the multi-pass detection. Fixed
Patch to debian package management. (bastiaans@sara.nl) fixed -
debian package always returned eq/true without cmp/version
statement" (checking if a package is installed, regardless of
version, now works
However the "Comparison result" is always "eq" (equal) somehow for
me... "
If you are experiencing problems with 2.1.19 please get 2.1.19a.
One of the changes in 2.1.19 has had bizarre side effects in links
and disks.
2.1.19
cfagent will now exit and cease processing if any class in the defined
control list
AbortClasses = ( class_name_1 class_name_2 ... )
The singlecopy feature has been rewritten after reports of it not
working, besides, the code was bizarre and the documentation was
even worse.
The autodefine code also patched and tested. In both these cases,
there are lists of *patterns* or wildcards. The code and docs now
agree
ExecResult now runs its command in -n mode
Error parsing strings (esp shellcommands) that contain the $
symbol due to a bug in 2D-lists.
VMWare ESX recognition.
Bug in cfservd stat-mode on symbolic links not correctly
evaluated. Bug in linktype=copy for copy fixed.
Bug in array expansion fixed - would truncate string after expansion
Constant-cosmetics and length alterations. CF_SMALLBUF introduced,
and MAXHOSTNAMELEN used
PID file added for each daemin in WORKDIR == /var/cfengine
Patch for function argument parsing
Typo in docs. SelectPartitionGroup -> SelectPartitionNeighbours
Inform=true support for packages
HostRange bug - recoding not implemented properly from
2.1.16. Caused seg fault.
Joe Buehler's harmless patch to cfexecd to flag daemon and batch mode.
Serious bug in binserver handling fixed. (Rarely used feature)
home tidying did not set the "done flag" for multiple pass avoidance.
Patches to setting unqualified and qualified names
SuSE 10 detection patch
Minor error fixes discovered by Joe Buehler and his wonderful
software.
Files is the "suspicious" list were marked "not sensible" so that
follow-up rules e.g. to delete them would not be triggered This is
now considered a confusion of roles. Suspicious files are no
longer skipped.
More memory leaks in cfservd
Compilation fix for non-IPv6 savvy machines
2.1.18
Error in FileExists() left over from 2.1.16 changes. Fixed
elsedefine was not defined if a copy was requested of a non-existent file. Fixed.
HostnameKeys (dynamic keys for dhcp clients) fix for cfservd.
Error in stat'ing links that point to non-existent files in
cfservd. Missing "else" caused this to be reported as an error in
remote file copy.
5 second timeout reduced to 10 in cfservd file change check.
Error message returned by cfservd is non-specific and previously
said authentication denied, regardless of failure. The daemon now replies
"Unspecified refusal". Users should use -v or -d2 on both sides of a connection
to diagnose the true cause of failure,
Segmentation fault when in verbose mode fixed - editfiles pointer.
Error in parsing quotes and escaped quotes in functions.
Bug in implementation of tidy scheduling during dependent classes fixed.
BeginGroupIfLineMatch
BeginGroupIfMatch
BeginGroupIfLineContaining operations added
Function ExecShellResult similar to ExecResult, but a shell is used,
cfservd some additional memory reclamation during file updates, could cause memory leaks..
2.1.17
This is a minor bugfix release
WARNING - the handling of function arguments has been changed. You are recommended to
use normal C/Perl quoting of argument strings., e.g.
result = ( ExecResult("/bin/sh -c \"${pf_cc} -V | head -1 | cut -d\ -f3\"") )
not
result = ( ExecResult(/bin/sh -c "${pf_cc} -V | head -1 | cut -d\ -f3") )
IsWildItemIn now has reflexive check - some confusion in the code about whether
the needle or the haystack is the wildcard.
Templating in editfiles. A new editfiles directive "ExpandVariables"
adds an "m4" like function to cfengine -- allowing predefined variable strings
to be expanded into text.
Patch contributed to expansvariables: Davor Ocelic <docelic@mail.inet.hr>
Alerts patch - some alerts not installed, if classes not defined.
Patch for missing variable expansion after function
parameter rewrite in 2.1.16. Some functions were not fully ported.
vicf eliminated from distribution
PrepModule environment fix
Compilation error C++ mixed into cfetool fix
Chdir to / when ascting as a daemon for cfservd, cfexecd etc
2.1.16
Bugfix release
Moved method parameter setting to fix a bug where parameters would
be set too late to be used in the parser
action=warn in copy required inform=true to work, fixed.
Function arg expansion bug and improvement fix
Include directive added to cfrun.hosts (Olivier Fauchon)
MOUNT_RO name collision fix
SEG fault fixed when signalling cfenvd
SkipIdentify partial fix
Alf Wachsmann and Elizabeth Cassel's cfetool added, based on cfenvd.
"cfetool makes a standalone tool out of cfenvd that accepts arbitrary
periodic data. In addition, it has support for yearly periodic data.
It's function and the user interface is in many aspects like rrdtool's.
cfetoolgraph was added to work with the new features of cfetool.
It works basically like cfenvgraph."
Bug fix for multipass evaluation when resolving dependencies.
Cfservd reread patch. Timeout on polling for linux,
Default route code now uses "route" command exclusively for portability.
EmailFrom patch to cfexecd / redundant code was paste error
Increase pass depth in evaluation of action sequence.
Skipident patch
Size increase for interface buffer list
HPUX,AIX ifconfig location fix
Methods documentation improved.
New control function for testing tcp services
var = ReadTCP(host,port,"send string",maxbytes)
2.1.15
-f removal in cfservd patch
Segmentation fault in cfservd with RSA key exchange fixed.
Disk freespace alerting bug - did not agree with manual specification. Message
appears only in verbose. Fixed.
Autodefine install patch.
Abspath in shellcommands was not parsed and acted on...
Warnall action was not respected in copy. Permissions were altered on destination file anyway.
cfcolon added to special symbols.
2.1.14
Alerts processed now in update context.
More locking canonification fixes
Exception for ReplaceALL convergence warning. Warning is not fatal
if the operation is inside an editgroup.
md5/sha1 message incorrect on new file found.
Fixup Makefile.am and doc/Makefile.am. Docs are now installed
in the CFEngine "share" directory where they belong.
Directory iteration fixed. New: owner=LastNode sets the owner of
the directory to the name of the last node in the dir name. This allows
the creation of homedirs.
CentOS support added.
Extra encryption stage added in C5 protocol. NOTE: This makes 2.1.14
cfagent clients unable to talk to older servers. (Upgrade servers
first, or at the same time.)
Class "no_default_route" is now defined if a default route is not previously
set, and a default route is defined for the current host.
Added class functions IsGreaterThan, IsLessThan for numerical or string comparisons
control:
actionsequence = ( files )
a = ( 2.12 )
b = ( 2.11 )
classes:
lt = ( LessThan(${a},${b}) )
gt = ( GreaterThan(${a},${b}) )
alerts:
lt:: "$(a) LESS THAN $(b)"
gt:: "$(a) GREATER THAN $(b)"
Bugfix for cfshow -c options (Nathan Hruby)
2.1.13
Mistake in placement of update.conf runs fixed.
Alteration to lock hashing to avoid conflicts
Mandrake version type patch/repatched
Error message in disable now
underlines move to respository where defined.
Locking patch to tidy. Did not release lock when tidying
recursively with subdirectory deletions. (Eric Sorensen).
Host range patched (again) (Bas VdV)
2.1.12
cf.preconf can now cause an abort if the script prints out a string
containing the substring "cfengine-preconf-abort".
An exit code of 2 signals this failure
Cfrun bug in placement of workdir initialization. Would try to open
/inputs/cfrun.hosts instead of /var/cfengine/inputs/cfrun.hosts
Moved mutex locks in address purging, to see if it prevents some
segmentation faults.
In image.c:
/* if (TRAVLINKS || ip->linktype == 'n') */
Took out linktype reference. This appears to be erroneous.
Patch to tidy: "Guolin Cheng" <guolin@alexa.com>
Patch to -Q to prevent update.conf from being executed.
Patch to rationalize choice of port number for new getaddrinfo
interfaces. (ip.c)
small patch to allow the use of PCRE if it is compiled with
--with-pcre. This is using the POSIX compatible API that PCRE provides,
so the change necessary is to use pcreposix.h instead of regex.h and to
link in pcreposix.so. cindy.marasco@pnl.gov)
2.1.11
SUPPORT FOR POSIX ACLS IN LINUX IS NOT AS STRAIGHTFORWARD AS
ORIGINALLY THOUGHT. THE API DOES NOT MATCH EXISTING
IMPLEMENTATIONS AND SEEMS SIGNIFICANTLY MORE COMPLEX. IN THE
INTERESTS OF STABILITY THIS WILL HAVE TO BE DEFERRED TO A LATER
RELEASE.
Comma in function argument bug in FileExists etc, fixed
Option -z (--schedule) now prints only the run schedule. Option
-Q (--query) added to print values of variables defined in
configuration
cfagent -Q sysadm,domain,site,ipaddress
in format varname=value
New variables can be used in cfagent.conf for cfexecd control:
EmailFrom = ( )
EmailTo = ( ) - overrides sysadm if set
White Box linux class recognition added
When setting classes or variables by function call, the function
evaluation is no longer performed if it is not in an active class.
Cfexecd now calls cfagent with -D from_cfexecd to define the class
"from_cfexecd::" when run from the executor
WarnIfFileMissing added to editfiles and default is not to warn
of non-existent files, except in inform/verbose modes.
Check added for DefineInGroup, signals error if not in group
Added copy type "any" for any matching criteria, date/sum etc.
Respository variable was not expanded like a normal variable
cfshow tool added for consulting the databases
Better autodetection of Berkeley DB in some distros of Linux (SuSE) - has anyone heard of "standards"?
Date format changed in cfexecd output files
Errors if remote copy is not encrypted when server demands encryption. (patch)
Renaming of directories is now allowed if dest= is set specifically.
Check added for variables defined in terms of undefined variables.
Patch for solaris package manager added (Louis Erickson - wwonko@rdwarf.com)
file added as synonym til reg in filter
Patch to HostRange (item.c) (rader@ginseng.hep.wisc.edu)
Internal variable determining WORKDIR for non-privileged users.
Various minor changes and cosmetics.
Lock string must include server name in copy - added
Method reply bundles fixed to work correctly with ipv6 addresses
SIGPIPE and SIGCHLD added to signal handler (SIGCHILD ignored against posix, but
how the hell do you sort this out?)
srand -> srand48 typo in cfenvd
Multiple method reply variables were incorrectly separated.
Added options to disable LastSeen data recording feature.
fclose used instead of pclose when calling ifconfig - resulted in zombies
|
|
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
|
|
Name service error for name=ethmoid.org type=MX: Host not found, try again
|
|
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
|
|
|
|
|
|
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
|
|
|
|
|
|
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
customary place.
|
|
in PR#26614.
|
|
Addresses one of the issues in PR#26614.
|
|
|
|
Notable changes include:
Persistent class protection added to returned remote vrpc calls to
prevent meaningless multiple replies.
Change added to IPRange to avoid possible bootstrap problem with
unconfigured resolver. IP address setting was contingent on having DNS.
Misplaced } fixed in nameinfo
EmptyResolvConf removed only nameserver entries. Now removes everything.
Due to an error in constructing 2.1.9 some of the advertised
changes below were not included. They are included in this version.
Workaround error message for parser bug with nested variables.
WORKDIR/state/allclasses file caches all class date during cfagent
execution, just like the $(allclasses) variable, but the file can grow
much larger without overflow.
.cfengine -> .cfagent in non-root public keys (some missing conversions)
Expand buffer incorrectly zeroed out public name key causing empty
keyname in RSA dialogue
Old style bind reverse lookup added to Hostname2IPAddress
|
