diff options
16 files changed, 297 insertions, 13 deletions
@@ -1 +1 @@ -joeyconfig.hs
\ No newline at end of file +config-simple.hs
\ No newline at end of file diff --git a/debian/changelog b/debian/changelog index 0f85ccf0..763cecc6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -propellor (3.0.5) UNRELEASED; urgency=medium +propellor (3.0.5) unstable; urgency=medium * Modules added for Sbuild and Ccache. Thanks, Sean Whitton @@ -7,7 +7,7 @@ propellor (3.0.5) UNRELEASED; urgency=medium killing processes like screen sessions. * Systemd: Added logindConfigured property. - -- Joey Hess <id@joeyh.name> Mon, 23 May 2016 11:19:28 -0400 + -- Joey Hess <id@joeyh.name> Mon, 06 Jun 2016 17:13:21 -0400 propellor (3.0.4) unstable; urgency=medium diff --git a/doc/forum/Propellor_from_unprivileged_account.mdwn b/doc/forum/Propellor_from_unprivileged_account.mdwn new file mode 100644 index 00000000..127cee44 --- /dev/null +++ b/doc/forum/Propellor_from_unprivileged_account.mdwn @@ -0,0 +1,4 @@ +I have a need to configure the properties of some machines for which I am not the primary administrator (in particular, this is at a university where the central IT group does the administration, but delegates some tasks to department via sudo or by reading specific files). I imagine that I would have write my own properties. Is there a special way to call propellor, or code changes that need to be made to have propellor do the git clone and build in a user's home directory? + +Best, +Jack diff --git a/doc/forum/Propellor_from_unprivileged_account/comment_1_9a093f5ee1473549cef0578d1b2d1054._comment b/doc/forum/Propellor_from_unprivileged_account/comment_1_9a093f5ee1473549cef0578d1b2d1054._comment new file mode 100644 index 00000000..01fff2a8 --- /dev/null +++ b/doc/forum/Propellor_from_unprivileged_account/comment_1_9a093f5ee1473549cef0578d1b2d1054._comment @@ -0,0 +1,21 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2016-06-09T20:06:05Z" + content=""" +Well propellor is normally built in the user's home directory and then +deploys updates to the hosts and is built and run as root on them. + +If you're wanting to only run propellor as a user, to manage some +user-specific properties, see the Propellor.Location module to change +the path where propellor depploys itself to on a host. + +And in Propellor.Spin it has several `"root@"` that you'd need to change to +make it ssh into the host as a different user. + +And, in Propellor.CmdLine, there's a check of `getRealUserID` to see if it's +running as root. + +I think that's everything that assumes root (aside from a great many +properties of course!), but can't swear to it. +"""]] diff --git a/doc/forum/cabal:_Unrecognised_flags:_propellor-config.mdwn b/doc/forum/cabal:_Unrecognised_flags:_propellor-config.mdwn new file mode 100644 index 00000000..dd8048a2 --- /dev/null +++ b/doc/forum/cabal:_Unrecognised_flags:_propellor-config.mdwn @@ -0,0 +1,106 @@ +G'day Joey. Trying to deploy to a new host and I'm hitting this error: + + cabal: Unrecognised flags: propellor-config + sh: 1: ./propellor: not found + propellor: user error (ssh ["-o","ControlPath=/home/craige/.ssh/propellor/os01.mcwhirter.io.sock","-o","ControlMa + ster=auto","-o","ControlPersist=yes","root@os01.mcwhirter.io","sh -c 'if [ ! -d /usr/local/propellor/.git ] ; the + n (if ! git --version >/dev/null; then apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -qq --no-install- + recommends --no-upgrade -y install git; fi && echo STATUSNeedGitClone) || echo STATUSNeedPrecompiled ; else cd /u + sr/local/propellor && if ! cabal configure >/dev/null 2>&1; then ( apt-get update ; DEBIAN_FRONTEND=noninteractiv + e apt-get -qq --no-upgrade --no-install-recommends -y install gnupg ; DEBIAN_FRONTEND=noninteractive apt-get -qq + --no-upgrade --no-install-recommends -y install ghc ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --n + o-install-recommends -y install cabal-install ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-inst + all-recommends -y install libghc-async-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-install + -recommends -y install libghc-missingh-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-install + -recommends -y install libghc-hslogger-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-install + -recommends -y install libghc-unix-compat-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-inst + all-recommends -y install libghc-ansi-terminal-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no + -install-recommends -y install libghc-ifelse-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-i + nstall-recommends -y install libghc-network-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-in + stall-recommends -y install libghc-mtl-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-install + -recommends -y install libghc-transformers-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-ins + tall-recommends -y install libghc-exceptions-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-i + nstall-recommends -y install libghc-stm-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-instal + l-recommends -y install libghc-text-dev ; DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-install-re + commends -y install make ; cabal update ; cabal install --only-dependencies ) || true; fi&& if ! test -x ./propel + lor; then cabal configure && cabal build propellor-config && ln -sf dist/build/propellor-config/propellor-config + propellor; fi;if test -x ./propellor && ! ./propellor --check; then cabal clean && cabal configure && cabal build + propellor-config && ln -sf dist/build/propellor-config/propellor-config propellor; fi && ./propellor --boot os01 + .mcwhirter.io ; fi'"] exited 127) + +When I build propellor manually on the remote host, same issue: + + /usr/local/propellor# cabal build propellor-config + cabal: Unrecognised flags: propellor-config + +Building without the propellor-config flag *appears* to work fine: + + /usr/local/propellor# cabal build + Building propellor-3.0.4... + Preprocessing executable 'propellor-config' for propellor-3.0.4... + ... + Linking dist/build/propellor-config/propellor-config ... + Preprocessing executable 'propellor' for propellor-3.0.4... + +So when I change line 39 in Bootstrap.hs to drop "propellor-config" it appears to work OK, locally: + + % ~/.propellor/propellor --spin os01.mcwhirter.io + Preprocessing executable 'propellor-config' for propellor-3.0.4... + [85 of 90] Compiling Propellor.Bootstrap ( src/Propellor/Bootstrap.hs, dist/build/propellor-config/propellor-config-tmp/Propellor/Bootstrap.o ) + Linking dist/build/propellor-config/propellor-config ... + Propellor build ... done + + You need a passphrase to unlock the secret key for + user: ???? + 4096-bit RSA key, ID ?????, created ???? + + [master 0e810ff] propellor spin + 1 file changed, 4 insertions(+), 3 deletions(-) + Git commit ... done + Resolving dependencies... + Configuring propellor-3.0.4... + Warning: 'license: BSD2' is not a recognised license. The known licenses are: + GPL, GPL-2, GPL-3, LGPL, LGPL-2.1, LGPL-3, BSD3, MIT, Apache, Apache-2.0, + PublicDomain, AllRightsReserved, OtherLicense + Building propellor-3.0.4... + Preprocessing executable 'propellor-config' for propellor-3.0.4... + Preprocessing executable 'propellor' for propellor-3.0.4... + Preprocessing library propellor-3.0.4... + ... + +However it still fails with the original error on the remote host, despite the new Bootstrap.hs having been copied in place correctly. + + % ~/.propellor/propellor --spin os01.mcwhirter.io + Preprocessing executable 'propellor-config' for propellor-3.0.4... + [85 of 90] Compiling Propellor.Bootstrap ( src/Propellor/Bootstrap.hs, dist/build/propellor-config/propellor-config-tmp/Propellor/Bootstrap.o ) + Linking dist/build/propellor-config/propellor-config ... + Propellor build ... done + + You need a passphrase to unlock the secret key for + user: ????? + 4096-bit RSA key, ID ?????, created ????? + + [master bf1b056] propellor spin + 1 file changed, 1 deletion(-) + Git commit ... done + Sending privdata (11 bytes) to os01.mcwhirter.io ... done + Sending git update to os01.mcwhirter.io ... done + remote: Counting objects: 5, done. + remote: Compressing objects: 100% (5/5), done. + remote: Total 5 (delta 4), reused 0 (delta 0) + From . + * branch HEAD -> FETCH_HEAD + cabal: Unrecognised flags: propellor-config + Resolving dependencies... + Configuring propellor-3.0.4... + Warning: 'license: BSD2' is not a recognised license. The known licenses are: + GPL, GPL-2, GPL-3, LGPL, LGPL-2.1, LGPL-3, BSD3, MIT, Apache, Apache-2.0, + PublicDomain, AllRightsReserved, OtherLicense + cabal: Unrecognised flags: propellor-config + propellor: cabal build failed + Shared connection to os01.mcwhirter.io closed. + propellor: remote propellor failed + +I feel like I'm working around another local issue but so far my "fix" has been in Bootstrap.hs. + +Thoughts? diff --git a/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_1_5742cd0937a47a14cf3dc41e003e3855._comment b/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_1_5742cd0937a47a14cf3dc41e003e3855._comment new file mode 100644 index 00000000..93d70dc0 --- /dev/null +++ b/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_1_5742cd0937a47a14cf3dc41e003e3855._comment @@ -0,0 +1,26 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2016-06-07T17:13:29Z" + content=""" +propellor-config is the name of the Executable component +in the cabal file that we want cabal to build. + + Usage: cabal build [FLAGS] + or: cabal build COMPONENTS [FLAGS] + +It's the COMPONENT shown in the cabal build help. It seems that your cabal +doesn't not understand this syntax. What version of cabal is that? + +(Based on the license warning, I'm guessing its an older version of cabal +than the 1.22.6.0 I'm using here. The cabal 1.20.0.3 in Debian stable also +supports this syntax.) + +Only building the propellor-config Executable is only an optimisation; +otherwise cabal build also builds propellor as a library which is not +needed here. So your workaround to drop that parameter should be ok. + +You probably need to rebuild propellor on the remote host manually +after updating the code there, since the remote host has a version of +propellor compiled such that it tries to recompile itself using that parameter.. +"""]] diff --git a/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_2_7121b4ceb44419c7a9b3b0c2ff76e52b._comment b/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_2_7121b4ceb44419c7a9b3b0c2ff76e52b._comment new file mode 100644 index 00000000..928f5d11 --- /dev/null +++ b/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_2_7121b4ceb44419c7a9b3b0c2ff76e52b._comment @@ -0,0 +1,26 @@ +[[!comment format=mdwn + username="craige@a46118dff5bc0fad85259759970d8b4b9fc377d7" + nickname="craige" + subject="comment 2" + date="2016-06-07T22:32:04Z" + content=""" +Local (Debian \"Stretch\"): + + % cabal -V + cabal-install version 1.22.9.0 + using version 1.22.8.0 of the Cabal library + +Remote (Buntish 14.04): + + # cabal -V + cabal-install version 1.16.0.2 + using version 1.16.0 of the Cabal library + +This host needs to remain 14.04 for reasons out of my control. + +When I land in a few hours, I'll try upgrading cabal on that host and I expect the problem will disappear. + +Thanks! + +(kicking myself for not thinking of cabal versions) +"""]] diff --git a/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_3_886748a3a28e33c90bbc5485eddc8efb._comment b/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_3_886748a3a28e33c90bbc5485eddc8efb._comment new file mode 100644 index 00000000..8c04f052 --- /dev/null +++ b/doc/forum/cabal:_Unrecognised_flags:_propellor-config/comment_3_886748a3a28e33c90bbc5485eddc8efb._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 3""" + date="2016-06-08T17:07:09Z" + content=""" +This could be probed at runtime, I'd be willing to consider a patch +checking cabal --version if you want to develop one. + +(Propellor supports Debian stable, but Ubuntu 14.04 is older than that.) +"""]] diff --git a/doc/forum/functions_that_yield_properties/comment_3_76f4a92cf26ae2fcc3152a0f1a19f516._comment b/doc/forum/functions_that_yield_properties/comment_3_76f4a92cf26ae2fcc3152a0f1a19f516._comment new file mode 100644 index 00000000..7b1954bb --- /dev/null +++ b/doc/forum/functions_that_yield_properties/comment_3_76f4a92cf26ae2fcc3152a0f1a19f516._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="spwhitton" + subject="comment 3" + date="2016-06-05T06:13:05Z" + content=""" +> The type of this will be somewhat more complex than the one you gave, but it should work. + +GHC's inferred type is not something I can understand, and I suspect that it is far more general than it needs to be. In this sort of situation, are their strategies one can employ to write a sensible type signature? I think that the only thing I need to restrict is avoiding trying to ensure properties with info. + +> You might be able to finesse this by using a monoidial value and get the description of mkp mempty. + +Could you expand a little on this suggestion, please? I want to be able to use unmodified core properties like `User.accountFor`, and that takes a non-monoidal `User`. + +> Or, you could do something like this to tie the knot. I don't know if this is a good idea (it might even <<loop>>), but it illustrates the core problem nicely; to get at the Info, we need a Host, but to get a Host, we need to already know its properties. + +This seems to work! +"""]] diff --git a/doc/forum/functions_that_yield_properties/comment_4_886daf04a0fa9e6d0dd1e9ef4cc9b63f._comment b/doc/forum/functions_that_yield_properties/comment_4_886daf04a0fa9e6d0dd1e9ef4cc9b63f._comment new file mode 100644 index 00000000..aab4f6ed --- /dev/null +++ b/doc/forum/functions_that_yield_properties/comment_4_886daf04a0fa9e6d0dd1e9ef4cc9b63f._comment @@ -0,0 +1,23 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 4""" + date="2016-06-06T20:58:37Z" + content=""" +`Maybe a` is a Monoid, so something along that line was what I was +thinking. + +---- + + withMyAcc + :: (SingI outer, Cannot_ensureProperty_WithInfo inner ~ 'True, + NotSuperset (Targets inner) (Targets outer) ~ 'CanCombine) + => Desc + -> (User -> Property (MetaTypes inner)) + -> Property (MetaTypes outer) + +The complicated constraints there are inherited from the use of `ensureProperty`. + +A less general form of that is: + + withMyAcc :: Desc -> (User -> Property DebianLike) -> Property DebianLike +"""]] diff --git a/doc/forum/functions_that_yield_properties/comment_5_922e9e20c5326ceb695f7593d8bd72f5._comment b/doc/forum/functions_that_yield_properties/comment_5_922e9e20c5326ceb695f7593d8bd72f5._comment new file mode 100644 index 00000000..7cbcdd84 --- /dev/null +++ b/doc/forum/functions_that_yield_properties/comment_5_922e9e20c5326ceb695f7593d8bd72f5._comment @@ -0,0 +1,38 @@ +[[!comment format=mdwn + username="spwhitton" + subject="comment 5" + date="2016-06-07T07:32:49Z" + content=""" +Unfortunately, the more general type doesn't seem to work: + + withMyAcc + :: (SingI outer, Cannot_ensureProperty_WithInfo inner ~ 'True, + NotSuperset (Targets inner) (Targets outer) ~ 'CanCombine) + => Desc + -> (User -> Property (MetaTypes inner)) + -> Property (MetaTypes outer) + withMyAcc desc mkp = property' desc $ \w -> do + u <- getMyAcc + ensureProperty w (mkp u) + + accountForSean :: Property DebianLike + accountForSean = withMyAcc \"account for Sean\" User.accountFor + +yields + + src/Propellor/Property/SiteSpecific/SPW/Account.hs:85:18: + Couldn't match kind ‘*’ with ‘MetaType’ + Expected type: Property DebianLike + Actual type: Property (MetaTypes outer0) + In the expression: withMyAcc \"account for Sean\" User.accountFor + In an equation for ‘accountForSean’: + accountForSean = withMyAcc \"account for Sean\" User.accountFor + + src/Propellor/Property/SiteSpecific/SPW/Account.hs:85:47: + Couldn't match kind ‘MetaType’ with ‘*’ + Expected type: User -> Property (MetaTypes inner0) + Actual type: User -> Property DebianLike + In the second argument of ‘withMyAcc’, namely ‘User.accountFor’ + In the expression: withMyAcc \"account for Sean\" User.accountFor + +"""]] diff --git a/doc/forum/recent_propellor_snapshots_cause_ghc_OOMs/comment_11_ac0d07af8234d6adb9b40524f6d5b10b._comment b/doc/forum/recent_propellor_snapshots_cause_ghc_OOMs/comment_11_ac0d07af8234d6adb9b40524f6d5b10b._comment new file mode 100644 index 00000000..8a1ef763 --- /dev/null +++ b/doc/forum/recent_propellor_snapshots_cause_ghc_OOMs/comment_11_ac0d07af8234d6adb9b40524f6d5b10b._comment @@ -0,0 +1,14 @@ +[[!comment format=mdwn + username="craige@a46118dff5bc0fad85259759970d8b4b9fc377d7" + nickname="craige" + subject="Thanks!" + date="2016-06-03T00:40:32Z" + content=""" +That all makes sense. Thanks joey. + +The update to Propellor 3.x caught me by surprise and this all resulted from that. Clearly I need to watch Propellor blog posts more more carefully :-) + +I'll take your example, read the upgrading doco and get things going from there, now the I understand the problem. + +I'll pass on those modules when the move beyond \"embarrassingly incomplete\" and become something that I think other people can use :-D +"""]] diff --git a/doc/news/version_3.0.4.mdwn b/doc/news/version_3.0.4.mdwn deleted file mode 100644 index f6e1eac2..00000000 --- a/doc/news/version_3.0.4.mdwn +++ /dev/null @@ -1,8 +0,0 @@ -propellor 3.0.4 released with [[!toggle text="these changes"]] -[[!toggleable text=""" - * Run letsencrypt with --noninteractive. - * Fix build with ghc 8.0.1. - Thanks, davean. - * Module added for the Borg backup system. - Thanks, Félix Sipma. - * Fix build with directory-1.2.6.2."""]]
\ No newline at end of file diff --git a/doc/news/version_3.0.5.mdwn b/doc/news/version_3.0.5.mdwn new file mode 100644 index 00000000..b9655cf5 --- /dev/null +++ b/doc/news/version_3.0.5.mdwn @@ -0,0 +1,8 @@ +propellor 3.0.5 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Modules added for Sbuild and Ccache. + Thanks, Sean Whitton + * Systemd: Added killUserProcesses property, which can be reverted + to return systemd to its default behavior before version 230 started + killing processes like screen sessions. + * Systemd: Added logindConfigured property."""]]
\ No newline at end of file diff --git a/privdata/relocate b/privdata/relocate deleted file mode 100644 index 271692d8..00000000 --- a/privdata/relocate +++ /dev/null @@ -1 +0,0 @@ -.joeyconfig diff --git a/propellor.cabal b/propellor.cabal index 670676df..dd71ab05 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 3.0.4 +Version: 3.0.5 Cabal-Version: >= 1.8 License: BSD2 Maintainer: Joey Hess <id@joeyh.name> |