Index: puppet-0.24.8-condrestart.patch =================================================================== RCS file: puppet-0.24.8-condrestart.patch diff -N puppet-0.24.8-condrestart.patch --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ puppet-0.24.8-condrestart.patch 3 Jul 2009 16:36:02 -0000 @@ -0,0 +1,82 @@ +From fc161e4a5ad4d470d0fe17b734004ab675eaa6ae Mon Sep 17 00:00:00 2001 +From: Todd Zullinger +Date: Fri, 3 Jul 2009 10:22:19 -0400 +Subject: [PATCH/puppet 2/2] conf/redhat/*.init: Fix condrestart/try-restart + +Previously, the Red Hat init scripts used the $pidfile or $lockfile as a +test for whether to restart the daemons. This caused condrestart to +start the daemons even when they were not running, in cases where they +had died or been killed without cleaning up the $pidfile/$lockfile. + +This was reported by Ingvar Hagelund in Red Hat bug #480600. +--- + conf/redhat/client.init | 7 ++++++- + conf/redhat/server.init | 11 ++++++++--- + 2 files changed, 14 insertions(+), 4 deletions(-) + +diff --git a/conf/redhat/client.init b/conf/redhat/client.init +index f40e81d..fda156c 100644 +--- a/conf/redhat/client.init ++++ b/conf/redhat/client.init +@@ -67,6 +67,10 @@ rh_status() { + status $statusopts $puppetd + } + ++rh_status_q() { ++ rh_status >/dev/null 2>&1 ++} ++ + genconfig() { + echo -n $"Generate configuration puppet: " + $puppetd ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --genconfig +@@ -86,7 +90,8 @@ case "$1" in + reload + ;; + condrestart|try-restart) +- [ -f "$pidfile" ] && restart ++ rh_status_q || exit 0 ++ restart + ;; + status) + rh_status +diff --git a/conf/redhat/server.init b/conf/redhat/server.init +index 6871b9a..74cb52f 100644 +--- a/conf/redhat/server.init ++++ b/conf/redhat/server.init +@@ -89,7 +89,7 @@ genconfig() { + $PUPPETMASTER $PUPPETMASTER_OPTS --genconfig + } + +-puppetmaster_status() { ++rh_status() { + if [ -n "$PUPPETMASTER_PORTS" ] && [ ${#PUPPETMASTER_PORTS[@]} -gt 1 ]; then + for ((i=0; i<${#PUPPETMASTER_PORTS[@]}; i++)); do + echo -en "Port ${PUPPETMASTER_PORTS[$i]}: " +@@ -103,6 +103,10 @@ puppetmaster_status() { + return $RETVAL + } + ++rh_status_q() { ++ rh_status >/dev/null 2>&1 ++} ++ + case "$1" in + start) + start +@@ -114,10 +118,11 @@ case "$1" in + restart + ;; + condrestart) +- [ -f "$lockfile" ] && restart ++ rh_status_q || exit 0 ++ restart + ;; + status) +- puppetmaster_status ++ rh_status + ;; + genconfig) + genconfig +-- +1.6.3.3 + Index: puppet-0.24.8-rundir-perms.patch =================================================================== RCS file: puppet-0.24.8-rundir-perms.patch diff -N puppet-0.24.8-rundir-perms.patch --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ puppet-0.24.8-rundir-perms.patch 3 Jul 2009 16:36:02 -0000 @@ -0,0 +1,31 @@ +From 25b7862c2a511f31e37ae332d33f49f4f5a82e67 Mon Sep 17 00:00:00 2001 +From: Todd Zullinger +Date: Fri, 3 Jul 2009 11:08:28 -0400 +Subject: [PATCH/puppet] Avoid world-writable $rundir (rhbz #495096) + +For our packages, we have no need to use a $rundir with 1777 perms, as +we create and use a puppet user/group. + +For further discussion on this, see the thread on puppet-dev at: + +http://groups.google.com/group/puppet-dev/browse_thread/thread/d75819c3f4f7f37c/?fwc=1 +--- + lib/puppet/defaults.rb | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb +index e36dd70..077faab 100644 +--- a/lib/puppet/defaults.rb ++++ b/lib/puppet/defaults.rb +@@ -68,7 +68,7 @@ module Puppet + }, + :rundir => { + :default => rundir, +- :mode => 01777, ++ :mode => 0755, + :desc => "Where Puppet PID files are kept." + }, + :genconfig => [false, +-- +1.6.3.3 + Index: puppet-0.24.8-status-options.patch =================================================================== RCS file: puppet-0.24.8-status-options.patch diff -N puppet-0.24.8-status-options.patch --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ puppet-0.24.8-status-options.patch 3 Jul 2009 16:36:02 -0000 @@ -0,0 +1,41 @@ +From ea04f2700ebdbac7c5abd263df1bbda9eee12097 Mon Sep 17 00:00:00 2001 +From: Todd Zullinger +Date: Fri, 3 Jul 2009 09:08:17 -0400 +Subject: [PATCH/puppet 1/2] conf/redhat/client.init: Fix #2123, status options on older RHEL + +On RHEL < 5, the status function does not accept a -p option. Using it +causes 'service puppet status' to produce erroneous output. This was +also reported by Aaron Dummer in Red Hat bug #501577. +--- + conf/redhat/client.init | 8 ++++++-- + 1 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/conf/redhat/client.init b/conf/redhat/client.init +index 44caab1..f40e81d 100644 +--- a/conf/redhat/client.init ++++ b/conf/redhat/client.init +@@ -62,6 +62,11 @@ restart() { + start + } + ++rh_status() { ++ status | grep -q -- '-p' 2>/dev/null && statusopts="-p '$pidfile'" ++ status $statusopts $puppetd ++} ++ + genconfig() { + echo -n $"Generate configuration puppet: " + $puppetd ${PUPPET_OPTS} ${PUPPET_EXTRA_OPTS} --genconfig +@@ -84,8 +89,7 @@ case "$1" in + [ -f "$pidfile" ] && restart + ;; + status) +- status -p "$pidfile" $puppetd +- RETVAL=$? ++ rh_status + ;; + once) + shift +-- +1.6.3.3 + Index: puppet.spec =================================================================== RCS file: /cvs/extras/rpms/puppet/devel/puppet.spec,v retrieving revision 1.33 diff -u -p -r1.33 puppet.spec --- puppet.spec 24 Jun 2009 11:45:39 -0000 1.33 +++ puppet.spec 3 Jul 2009 16:36:02 -0000 @@ -6,11 +6,19 @@ Name: puppet Version: 0.24.8 -Release: 2%{?dist} +Release: 3%{?dist} Summary: A network tool for managing many disparate systems License: GPLv2+ URL: http://puppet.reductivelabs.com/ Source0: http://reductivelabs.com/downloads/puppet/%{name}-%{version}.tgz +# https://bugzilla.redhat.com/501577, +# http://projects.reductivelabs.com/issues/2123, and +# http://groups.google.com/group/puppet-dev/browse_thread/thread/c3767380b2420bb7?fwc=1 +Patch0: puppet-0.24.8-status-options.patch +# https://bugzilla.redhat.com/480600 +Patch1: puppet-0.24.8-condrestart.patch +# https://bugzilla.redhat.com/495096 +Patch2: puppet-0.24.8-rundir-perms.patch Group: System Environment/Base BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -60,6 +68,9 @@ The server can also function as a certif %prep %setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 # Move puppetca, puppetd, and puppetmasterd to sbin mkdir sbin @@ -86,7 +97,7 @@ ruby install.rb --destdir=%{buildroot} - install -d -m0755 %{buildroot}%{_sysconfdir}/puppet/manifests install -d -m0755 %{buildroot}%{_localstatedir}/lib/puppet install -d -m0755 %{buildroot}%{_localstatedir}/run/puppet -install -d -m0755 %{buildroot}%{_localstatedir}/log/puppet +install -d -m0750 %{buildroot}%{_localstatedir}/log/puppet install -Dp -m0644 %{confdir}/client.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/puppet install -Dp -m0755 %{confdir}/client.init %{buildroot}%{_initrddir}/puppet install -Dp -m0644 %{confdir}/server.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/puppetmaster @@ -202,6 +213,12 @@ fi rm -rf %{buildroot} %changelog +* Fri Jul 03 2009 Todd Zullinger - 0.24.8-3 +- Fix status -p handling on older RHEL (#501577) +- Fix condrestart when daemon's aren't running (#480600) +- Fix permissions on /var/log/puppet (#495096) +- Avoid world-writable $rundir (#495096) + * Fri May 29 2009 Todd Zullinger - 0.24.8-2 - Make Augeas and SELinux requirements build time options - Install emacs mode and vim syntax files (#491437)