From d0b3ae3969fb46e20b57d0b7cc0c2191ddd44c60 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 15 Jul 2017 17:23:05 -0400 Subject: releasing package propellor version 4.3.4 --- propellor.cabal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'propellor.cabal') diff --git a/propellor.cabal b/propellor.cabal index 1bcc1618..733dda3e 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 4.3.3 +Version: 4.3.4 Cabal-Version: >= 1.20 License: BSD2 Maintainer: Joey Hess -- cgit v1.3-2-g0d8e From cb885b8a925fcaaec3e3685fc5cd4c369593afef Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 16 Jul 2017 12:10:34 -0400 Subject: Propellor.Property.Timezone: New module, contributed by Sean Whitton. --- debian/changelog | 6 ++++++ doc/todo/merge_request:_Timezone.hs.mdwn | 2 ++ .../comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment | 15 +++++++++++++++ propellor.cabal | 1 + 4 files changed, 24 insertions(+) create mode 100644 doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment (limited to 'propellor.cabal') diff --git a/debian/changelog b/debian/changelog index a60c5f18..517151d8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +propellor (4.3.5) UNRELEASED; urgency=medium + + * Propellor.Property.Timezone: New module, contributed by Sean Whitton. + + -- Joey Hess Sun, 16 Jul 2017 12:07:15 -0400 + propellor (4.3.4) unstable; urgency=medium * Propellor.Property.Versioned: New module which allows different diff --git a/doc/todo/merge_request:_Timezone.hs.mdwn b/doc/todo/merge_request:_Timezone.hs.mdwn index 3f67da2c..a8ba3eae 100644 --- a/doc/todo/merge_request:_Timezone.hs.mdwn +++ b/doc/todo/merge_request:_Timezone.hs.mdwn @@ -5,3 +5,5 @@ Adds `Timezone.configured`. I think that this works fine on stretch, but on Jessie there is some oddness. For example, if you set the timezone of a host to `US/Arizona`, the apt reconfiguration will put `America/Phoenix` in /etc/timezone, resulting in the property reporting a change every time that it is run. I think this is harmless. --spwhitton + +> [[merged|done]] --[[Joey]] diff --git a/doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment b/doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment new file mode 100644 index 00000000..026b13de --- /dev/null +++ b/doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment @@ -0,0 +1,15 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2017-07-16T15:57:20Z" + content=""" +I generally consider properties that do work every time to be a minor bug. + +I wonder if it would be better to preseed tzdata rather than writing the +config file. I observe the same substitution from eg, US/Eastern to +America/New_York in the file when reconfiguring noninteractively, +but reconfiguring interactively I can select US/Eastern and that gets +into the file. + +Anyway, merged as this is certianly a good starting point. +"""]] diff --git a/propellor.cabal b/propellor.cabal index 733dda3e..43a3ab5e 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -150,6 +150,7 @@ Library Propellor.Property.Sudo Propellor.Property.Systemd Propellor.Property.Systemd.Core + Propellor.Property.Timezone Propellor.Property.Tor Propellor.Property.Unbound Propellor.Property.User -- cgit v1.3-2-g0d8e From b6d650730be9369b89623f46cb773dcc880630cb Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 17 Jul 2017 12:42:31 -0400 Subject: Propellor.Property.Sudo.enabledFor: Made revertable (minor API change) This commit was sponsored by Henrik Riomar on Patreon. --- debian/changelog | 4 +++- propellor.cabal | 2 +- src/Propellor/Property/Sudo.hs | 24 +++++++++++++++++------- 3 files changed, 21 insertions(+), 9 deletions(-) (limited to 'propellor.cabal') diff --git a/debian/changelog b/debian/changelog index 517151d8..d70018cc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ -propellor (4.3.5) UNRELEASED; urgency=medium +propellor (4.4.0) UNRELEASED; urgency=medium * Propellor.Property.Timezone: New module, contributed by Sean Whitton. + * Propellor.Property.Sudo.enabledFor: Made revertable. + (minor API change) -- Joey Hess Sun, 16 Jul 2017 12:07:15 -0400 diff --git a/propellor.cabal b/propellor.cabal index 43a3ab5e..d4417578 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 4.3.4 +Version: 4.4.0 Cabal-Version: >= 1.20 License: BSD2 Maintainer: Joey Hess diff --git a/src/Propellor/Property/Sudo.hs b/src/Propellor/Property/Sudo.hs index 45ab8af2..1614801d 100644 --- a/src/Propellor/Property/Sudo.hs +++ b/src/Propellor/Property/Sudo.hs @@ -9,23 +9,33 @@ import Propellor.Property.User -- | Allows a user to sudo. If the user has a password, sudo is configured -- to require it. If not, NOPASSWORD is enabled for the user. -enabledFor :: User -> Property DebianLike -enabledFor user@(User u) = go `requires` Apt.installed ["sudo"] +enabledFor :: User -> RevertableProperty DebianLike DebianLike +enabledFor user@(User u) = setup `requires` Apt.installed ["sudo"] cleanup where - go :: Property UnixLike - go = property' desc $ \w -> do + setup :: Property UnixLike + setup = property' desc $ \w -> do locked <- liftIO $ isLockedPassword user ensureProperty w $ fileProperty desc (modify locked . filter (wanted locked)) - "/etc/sudoers" - desc = u ++ " is sudoer" + sudoers + where + desc = u ++ " is sudoer" + + cleanup :: Property DebianLike + cleanup = tightenTargets $ + fileProperty desc (filter notuserline) sudoers + where + desc = u ++ " is not sudoer" + + sudoers = "/etc/sudoers" sudobaseline = u ++ " ALL=(ALL:ALL)" + notuserline l = not (sudobaseline `isPrefixOf` l) sudoline True = sudobaseline ++ " NOPASSWD:ALL" sudoline False = sudobaseline ++ " ALL" wanted locked l -- TOOD: Full sudoers file format parse.. - | not (sudobaseline `isPrefixOf` l) = True + | notuserline l = True | "NOPASSWD" `isInfixOf` l = locked | otherwise = True modify locked ls -- cgit v1.3-2-g0d8e