From d530acecd938050d1bdd573976f930fb19fe9487 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 15 Jul 2017 18:42:37 -0400 Subject: improve haddock --- src/Propellor/Property/Versioned.hs | 4 ++-- src/Propellor/Types.hs | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Versioned.hs b/src/Propellor/Property/Versioned.hs index d6517ab9..58d3e8d5 100644 --- a/src/Propellor/Property/Versioned.hs +++ b/src/Propellor/Property/Versioned.hs @@ -18,11 +18,11 @@ -- -- > demo :: Versioned Int (RevertableProperty DebianLike DebianLike) -- > demo ver = --- > ver ( (== 1) --> Apache.modEnabled "foo" +-- > ver ( (== 1) --> Apache.modEnabled "foo" -- > `requires` Apache.modEnabled "foosupport" -- > <|> (== 2) --> Apache.modEnabled "bar" -- > <|> (> 2) --> Apache.modEnabled "baz" --- > ) +-- > ) -- > -- > foo :: Host -- > foo = host "foo.example.com" $ props diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs index 155662c2..b7c7c7f7 100644 --- a/src/Propellor/Types.hs +++ b/src/Propellor/Types.hs @@ -107,6 +107,10 @@ adjustPropertySatisfy (Property t d s i c) f = Property t d (f <$> s) i c -- | A property that can be reverted. The first Property is run -- normally and the second is run when it's reverted. +-- +-- See `Propellor.Property.Versioned.Versioned` +-- for a way to use RevertableProperty to define different +-- versions of a host. data RevertableProperty setupmetatypes undometatypes = RevertableProperty { setupRevertableProperty :: Property setupmetatypes , undoRevertableProperty :: Property undometatypes -- cgit v1.3-2-g0d8e From 6f2ea4ecc79dc191ec690d57d0cabb19542ddd65 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 15 Jul 2017 17:02:48 -0700 Subject: add Timezone.configured --- src/Propellor/Property/Timezone.hs | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 src/Propellor/Property/Timezone.hs (limited to 'src') diff --git a/src/Propellor/Property/Timezone.hs b/src/Propellor/Property/Timezone.hs new file mode 100644 index 00000000..91dcbfc6 --- /dev/null +++ b/src/Propellor/Property/Timezone.hs @@ -0,0 +1,19 @@ +-- | Maintainer: Sean Whitton + +module Propellor.Property.Timezone where + +import Propellor.Base +import qualified Propellor.Property.Apt as Apt + +type Timezone = String + +-- | Sets the system's timezone +configured :: Timezone -> Property DebianLike +configured zone = File.hasContent "/etc/timezone" zone + `onChange` update + `describe` (zone ++ " timezone configured") + where + update = Apt.reConfigure "tzdata" mempty + -- work around a bug in recent tzdata. See + -- https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1554806/ + `requires` File.notPresent "/etc/localtime" -- cgit v1.3-2-g0d8e From f14958e11eed0c4167972b0d434d251f4c81f7df Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 15 Jul 2017 17:05:26 -0700 Subject: missing import --- src/Propellor/Property/Timezone.hs | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/Propellor/Property/Timezone.hs b/src/Propellor/Property/Timezone.hs index 91dcbfc6..896e83fb 100644 --- a/src/Propellor/Property/Timezone.hs +++ b/src/Propellor/Property/Timezone.hs @@ -4,6 +4,7 @@ module Propellor.Property.Timezone where import Propellor.Base import qualified Propellor.Property.Apt as Apt +import qualified Propellor.Property.File as File type Timezone = String -- cgit v1.3-2-g0d8e From 7c91ef33df74808423e28daee9e87b513d278360 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 15 Jul 2017 17:06:44 -0700 Subject: docstring for Timezone type --- src/Propellor/Property/Timezone.hs | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/Propellor/Property/Timezone.hs b/src/Propellor/Property/Timezone.hs index 896e83fb..267c4f0b 100644 --- a/src/Propellor/Property/Timezone.hs +++ b/src/Propellor/Property/Timezone.hs @@ -6,6 +6,7 @@ import Propellor.Base import qualified Propellor.Property.Apt as Apt import qualified Propellor.Property.File as File +-- | A timezone from /usr/share/zoneinfo type Timezone = String -- | Sets the system's timezone -- cgit v1.3-2-g0d8e From 2d1b302bb29332f6afa602bb4b4a5cca75bf99fd Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 15 Jul 2017 17:06:54 -0700 Subject: fix usage of File.hasContent --- src/Propellor/Property/Timezone.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/Propellor/Property/Timezone.hs b/src/Propellor/Property/Timezone.hs index 267c4f0b..96a5e59c 100644 --- a/src/Propellor/Property/Timezone.hs +++ b/src/Propellor/Property/Timezone.hs @@ -11,7 +11,7 @@ type Timezone = String -- | Sets the system's timezone configured :: Timezone -> Property DebianLike -configured zone = File.hasContent "/etc/timezone" zone +configured zone = File.hasContent "/etc/timezone" [zone] `onChange` update `describe` (zone ++ " timezone configured") where -- cgit v1.3-2-g0d8e From b6d650730be9369b89623f46cb773dcc880630cb Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 17 Jul 2017 12:42:31 -0400 Subject: Propellor.Property.Sudo.enabledFor: Made revertable (minor API change) This commit was sponsored by Henrik Riomar on Patreon. --- debian/changelog | 4 +++- propellor.cabal | 2 +- src/Propellor/Property/Sudo.hs | 24 +++++++++++++++++------- 3 files changed, 21 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/debian/changelog b/debian/changelog index 517151d8..d70018cc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ -propellor (4.3.5) UNRELEASED; urgency=medium +propellor (4.4.0) UNRELEASED; urgency=medium * Propellor.Property.Timezone: New module, contributed by Sean Whitton. + * Propellor.Property.Sudo.enabledFor: Made revertable. + (minor API change) -- Joey Hess Sun, 16 Jul 2017 12:07:15 -0400 diff --git a/propellor.cabal b/propellor.cabal index 43a3ab5e..d4417578 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 4.3.4 +Version: 4.4.0 Cabal-Version: >= 1.20 License: BSD2 Maintainer: Joey Hess diff --git a/src/Propellor/Property/Sudo.hs b/src/Propellor/Property/Sudo.hs index 45ab8af2..1614801d 100644 --- a/src/Propellor/Property/Sudo.hs +++ b/src/Propellor/Property/Sudo.hs @@ -9,23 +9,33 @@ import Propellor.Property.User -- | Allows a user to sudo. If the user has a password, sudo is configured -- to require it. If not, NOPASSWORD is enabled for the user. -enabledFor :: User -> Property DebianLike -enabledFor user@(User u) = go `requires` Apt.installed ["sudo"] +enabledFor :: User -> RevertableProperty DebianLike DebianLike +enabledFor user@(User u) = setup `requires` Apt.installed ["sudo"] cleanup where - go :: Property UnixLike - go = property' desc $ \w -> do + setup :: Property UnixLike + setup = property' desc $ \w -> do locked <- liftIO $ isLockedPassword user ensureProperty w $ fileProperty desc (modify locked . filter (wanted locked)) - "/etc/sudoers" - desc = u ++ " is sudoer" + sudoers + where + desc = u ++ " is sudoer" + + cleanup :: Property DebianLike + cleanup = tightenTargets $ + fileProperty desc (filter notuserline) sudoers + where + desc = u ++ " is not sudoer" + + sudoers = "/etc/sudoers" sudobaseline = u ++ " ALL=(ALL:ALL)" + notuserline l = not (sudobaseline `isPrefixOf` l) sudoline True = sudobaseline ++ " NOPASSWD:ALL" sudoline False = sudobaseline ++ " ALL" wanted locked l -- TOOD: Full sudoers file format parse.. - | not (sudobaseline `isPrefixOf` l) = True + | notuserline l = True | "NOPASSWD" `isInfixOf` l = locked | otherwise = True modify locked ls -- cgit v1.3-2-g0d8e From 1522d270077abad43a6d8d7fea2bd8163ed912fd Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 17 Jul 2017 12:51:40 -0400 Subject: Propellor.Property.LightDM.autoLogin: Made revertable. * Propellor.Property.LightDM.autoLogin: Made revertable. (minor API change) * Propellor.Property.Conffile: Added lacksIniSetting. This commit was sponsored by Jack Hill on Patreon. --- debian/changelog | 3 +++ src/Propellor/Property/ConfFile.hs | 14 ++++++++++++++ src/Propellor/Property/LightDM.hs | 14 +++++++++----- 3 files changed, 26 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/debian/changelog b/debian/changelog index d70018cc..e8b0358c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,9 @@ propellor (4.4.0) UNRELEASED; urgency=medium * Propellor.Property.Timezone: New module, contributed by Sean Whitton. * Propellor.Property.Sudo.enabledFor: Made revertable. (minor API change) + * Propellor.Property.LightDM.autoLogin: Made revertable. + (minor API change) + * Propellor.Property.Conffile: Added lacksIniSetting. -- Joey Hess Sun, 16 Jul 2017 12:07:15 -0400 diff --git a/src/Propellor/Property/ConfFile.hs b/src/Propellor/Property/ConfFile.hs index ce092ec9..76d52bd9 100644 --- a/src/Propellor/Property/ConfFile.hs +++ b/src/Propellor/Property/ConfFile.hs @@ -9,6 +9,7 @@ module Propellor.Property.ConfFile ( IniSection, IniKey, containsIniSetting, + lacksIniSetting, hasIniSection, lacksIniSection, iniFileContains, @@ -93,6 +94,19 @@ containsIniSetting f (header, key, value) = adjustIniSection go (l:ls) = if isKeyVal l then confline : ls else l : go ls isKeyVal x = (filter (/= ' ') . takeWhile (/= '=')) x `elem` [key, '#':key] +-- | Removes a key=value setting from a section of an .ini file. +-- Note that the section heading is left in the file, so this is not a +-- perfect reversion of containsIniSetting. +lacksIniSetting :: FilePath -> (IniSection, IniKey, String) -> Property UnixLike +lacksIniSetting f (header, key, value) = adjustIniSection + (f ++ " section [" ++ header ++ "] lacks " ++ key ++ "=" ++ value) + header + (filter (/= confline)) + id + f + where + confline = key ++ "=" ++ value + -- | Ensures that a .ini file exists and contains a section -- with a given key=value list of settings. hasIniSection :: FilePath -> IniSection -> [(IniKey, String)] -> Property UnixLike diff --git a/src/Propellor/Property/LightDM.hs b/src/Propellor/Property/LightDM.hs index 44f0e9f0..d471d314 100644 --- a/src/Propellor/Property/LightDM.hs +++ b/src/Propellor/Property/LightDM.hs @@ -10,8 +10,12 @@ installed :: Property DebianLike installed = Apt.installed ["lightdm"] -- | Configures LightDM to skip the login screen and autologin as a user. -autoLogin :: User -> Property DebianLike -autoLogin (User u) = "/etc/lightdm/lightdm.conf" `ConfFile.containsIniSetting` - ("Seat:*", "autologin-user", u) - `describe` "lightdm autologin" - `requires` installed +autoLogin :: User -> RevertableProperty DebianLike DebianLike +autoLogin (User u) = (setup cleanup) + `describe` ("lightdm autologin for " ++ u) + where + cf = "/etc/lightdm/lightdm.conf" + setting = ("Seat:*", "autologin-user", u) + setup = cf `ConfFile.containsIniSetting` setting + `requires` installed + cleanup = tightenTargets $ cf `ConfFile.lacksIniSetting` setting -- cgit v1.3-2-g0d8e