summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
l---------config.hs2
-rw-r--r--debian/changelog1
-rw-r--r--doc/forum/Apt.backportInstalledMin___63__.mdwn1
-rw-r--r--doc/forum/Apt.backportInstalledMin___63__/comment_1_4e5e6b479e478897eea3337b9468db15._comment11
-rw-r--r--doc/forum/__34__predictable__34___network_interface_names.mdwn3
-rw-r--r--doc/forum/__34__predictable__34___network_interface_names/comment_1_6bf05129a9aa5b427c0838753b5b0673._comment12
-rw-r--r--doc/todo/support_for_libvirt_KVM_VMs/comment_4_dbd2c399c8ef8ac56ae06f1a701fdc45._comment19
-rw-r--r--doc/todo/support_for_libvirt_KVM_VMs/comment_5_364df45dda89ed83cf8db6fa4cbdc186._comment8
-rw-r--r--privdata/relocate1
-rw-r--r--src/Propellor/Property/Apt.hs19
-rw-r--r--src/Propellor/Property/Sudo.hs3
11 files changed, 72 insertions, 8 deletions
diff --git a/config.hs b/config.hs
index 97d90636..ec313725 120000
--- a/config.hs
+++ b/config.hs
@@ -1 +1 @@
-joeyconfig.hs \ No newline at end of file
+config-simple.hs \ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
index b0f7121b..5b283861 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -17,6 +17,7 @@ propellor (5.5.0) UNRELEASED; urgency=medium
* Borg: Added UsesEnvVar.
* Added DiskImage.noBootloader, useful for eg, direct booting with
qemu. Thanks, David Bremner.
+ * Added Apt.backportInstalledMin.
-- Joey Hess <id@joeyh.name> Thu, 09 Aug 2018 10:54:41 -0400
diff --git a/doc/forum/Apt.backportInstalledMin___63__.mdwn b/doc/forum/Apt.backportInstalledMin___63__.mdwn
new file mode 100644
index 00000000..64d95c72
--- /dev/null
+++ b/doc/forum/Apt.backportInstalledMin___63__.mdwn
@@ -0,0 +1 @@
+I just installed git-annex using Apt.backportInstalled on a server and was kindof of horrified by the dependendencies dragged in. I suspect much of this is probably just youtube-dl, which should be fixed soon, but anyway, shouldn't there be a way to install from backports without recommends?
diff --git a/doc/forum/Apt.backportInstalledMin___63__/comment_1_4e5e6b479e478897eea3337b9468db15._comment b/doc/forum/Apt.backportInstalledMin___63__/comment_1_4e5e6b479e478897eea3337b9468db15._comment
new file mode 100644
index 00000000..83b976d2
--- /dev/null
+++ b/doc/forum/Apt.backportInstalledMin___63__/comment_1_4e5e6b479e478897eea3337b9468db15._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2018-10-14T16:28:46Z"
+ content="""
+Indeed, that's the kind of improvement I will gladly
+accept any time, and should be very easy to add. So don't hesitate to add
+properties like that and send patches.
+
+(In this case I had 5 minutes so I implemented it already.)
+"""]]
diff --git a/doc/forum/__34__predictable__34___network_interface_names.mdwn b/doc/forum/__34__predictable__34___network_interface_names.mdwn
new file mode 100644
index 00000000..88b4b414
--- /dev/null
+++ b/doc/forum/__34__predictable__34___network_interface_names.mdwn
@@ -0,0 +1,3 @@
+When using propellor to install/create VM images, one naturally wants to set some kind of sane network configuration. Unfortunately the name of the network interface in the guest (or newly installed system) varies according to the hardware setup. As a concrete example, in a newly created stretch amd64 image it is ens0, while in a stretch s390x image it is enc0. I guess the Debian installer must have some way of figuring this out and creating a sane /etc/network/interfaces. Is this something that Property.DiskImage can help with, or do I need to carry per-VM configuration information? I don't mind so much the extra config info, but it's a bit annoying that I need to boot the vm to see what the network device is called.
+
+I guess the Luddite solution is to turn off interface renaming via boot options; I'm not sure that option will always be available to me, e.g. when deploying images on someone else's host.
diff --git a/doc/forum/__34__predictable__34___network_interface_names/comment_1_6bf05129a9aa5b427c0838753b5b0673._comment b/doc/forum/__34__predictable__34___network_interface_names/comment_1_6bf05129a9aa5b427c0838753b5b0673._comment
new file mode 100644
index 00000000..c3e4e663
--- /dev/null
+++ b/doc/forum/__34__predictable__34___network_interface_names/comment_1_6bf05129a9aa5b427c0838753b5b0673._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2018-10-14T16:18:37Z"
+ content="""
+I don't think this is specific to disk image creation, you just need a
+property that arranges whatever configuration will lead to the names you
+want.
+
+You may be looking for /lib/systemd/network/99-default.link which can be
+masked to get the kernel's traditional names.
+"""]]
diff --git a/doc/todo/support_for_libvirt_KVM_VMs/comment_4_dbd2c399c8ef8ac56ae06f1a701fdc45._comment b/doc/todo/support_for_libvirt_KVM_VMs/comment_4_dbd2c399c8ef8ac56ae06f1a701fdc45._comment
new file mode 100644
index 00000000..8ce06a1c
--- /dev/null
+++ b/doc/todo/support_for_libvirt_KVM_VMs/comment_4_dbd2c399c8ef8ac56ae06f1a701fdc45._comment
@@ -0,0 +1,19 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 4"""
+ date="2018-10-14T01:10:16Z"
+ content="""
+I do think that the conditional property would be a good way for this to
+work.
+
+I think there could also be VMs where you don't want the overhead of
+running propellor inside the VM (especially if the emulation is slow, or
+you don't want to allocate that much memory to the VM, or just have a lot
+of VMs), and the content is disposable. Then propellor could restart the VM
+when it changes the disk image.
+
+There's room for multiple ways to do it..
+
+The disk image building side of this looks easy to me, so if you do the libvirt
+stuff, Sean, I might contribute something. :)
+"""]]
diff --git a/doc/todo/support_for_libvirt_KVM_VMs/comment_5_364df45dda89ed83cf8db6fa4cbdc186._comment b/doc/todo/support_for_libvirt_KVM_VMs/comment_5_364df45dda89ed83cf8db6fa4cbdc186._comment
new file mode 100644
index 00000000..5062ed5d
--- /dev/null
+++ b/doc/todo/support_for_libvirt_KVM_VMs/comment_5_364df45dda89ed83cf8db6fa4cbdc186._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="insufficient magic"
+ date="2018-10-14T11:12:36Z"
+ content="""
+right, changing the backing image would probably break everything.
+"""]]
diff --git a/privdata/relocate b/privdata/relocate
deleted file mode 100644
index 271692d8..00000000
--- a/privdata/relocate
+++ /dev/null
@@ -1 +0,0 @@
-.joeyconfig
diff --git a/src/Propellor/Property/Apt.hs b/src/Propellor/Property/Apt.hs
index 064221f9..6d7fc4d6 100644
--- a/src/Propellor/Property/Apt.hs
+++ b/src/Propellor/Property/Apt.hs
@@ -241,6 +241,10 @@ type Package = String
installed :: [Package] -> Property DebianLike
installed = installed' ["-y"]
+-- | Minimal install of package, without recommends.
+installedMin :: [Package] -> Property DebianLike
+installedMin = installed' ["--no-install-recommends", "-y"]
+
installed' :: [String] -> [Package] -> Property DebianLike
installed' params ps = robustly $ check (not <$> isInstalled' ps) go
`describe` unwords ("apt installed":ps)
@@ -253,20 +257,23 @@ installed' params ps = robustly $ check (not <$> isInstalled' ps) go
-- dependencies from stable-backports too, you will need to include those
-- dependencies in the list of packages passed to this function.
backportInstalled :: [Package] -> Property Debian
-backportInstalled ps = withOS desc $ \w o -> case o of
+backportInstalled = backportInstalled' ["-y"]
+
+-- | Minimal install from the stable-backports suite, without recommends.
+backportInstalledMin :: [Package] -> Property Debian
+backportInstalledMin = backportInstalled' ["--no-install-recommends", "-y"]
+
+backportInstalled' :: [String] -> [Package] -> Property Debian
+backportInstalled' params ps = withOS desc $ \w o -> case o of
(Just (System (Debian _ suite) _)) -> case backportSuite suite of
Nothing -> unsupportedOS'
Just bs -> ensureProperty w $
- runApt (["install", "-y"] ++ ((++ '/':bs) <$> ps))
+ runApt (("install":params) ++ ((++ '/':bs) <$> ps))
`changesFile` dpkgStatus
_ -> unsupportedOS'
where
desc = unwords ("apt installed backport":ps)
--- | Minimal install of package, without recommends.
-installedMin :: [Package] -> Property DebianLike
-installedMin = installed' ["--no-install-recommends", "-y"]
-
removed :: [Package] -> Property DebianLike
removed ps = check (any (== IsInstalled) <$> getInstallStatus ps)
(runApt (["-y", "remove"] ++ ps))
diff --git a/src/Propellor/Property/Sudo.hs b/src/Propellor/Property/Sudo.hs
index 12660aa9..ad577439 100644
--- a/src/Propellor/Property/Sudo.hs
+++ b/src/Propellor/Property/Sudo.hs
@@ -18,6 +18,8 @@ import Propellor.Property.User
--
-- If the main sudoers file contains a conflicting line for
-- the user for ALL commands, the line will be removed.
+--
+-- Also ensures that the main sudoers file includes /etc/sudoers.d/
enabledFor :: User -> RevertableProperty DebianLike DebianLike
enabledFor user@(User u) = setup `requires` Apt.installed ["sudo"] <!> cleanup
where
@@ -25,6 +27,7 @@ enabledFor user@(User u) = setup `requires` Apt.installed ["sudo"] <!> cleanup
setup = property' desc $ \w -> do
locked <- liftIO $ isLockedPassword user
ensureProperty w $ combineProperties desc $ props
+ & containsLine sudoers "#includedir /etc/sudoers.d"
& fileProperty desc
(modify locked . filter (wanted locked))
dfile