From 0777b5a082a2ea793756439d0e52c39b8841fe99 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Pialasse Date: Tue, 26 Mar 2024 21:07:09 -0400 Subject: [PATCH] * Tue Mar 26 2024 Jean-Philippe Pialasse 11.0.0-4.sme - fix networking [SME: 12541] - require rsyslog [SME: 12544] - remove unsupported rsyslog option -c [SME: 12545] - remove duplicate entry logrotate for btmp and wtmp [SME: 12547] - rework systemd-default script (error and smartmatches) [SME: 12543] - fix self signed cert templates [SME: 12551] --- .../e-smith/events/actions/systemd-default | 21 +++++++++---------- .../templates/etc/logrotate.conf/40included | 15 ------------- .../etc/sysconfig/rsyslog/10rsyslogOptions | 2 +- .../e-smith/templates/home/e-smith/ssl.key | 2 +- .../usr/share/perl5/vendor_perl/esmith/ssl.pm | 4 ++-- smeserver-base.spec | 13 +++++++++++- 6 files changed, 26 insertions(+), 31 deletions(-) diff --git a/root/etc/e-smith/events/actions/systemd-default b/root/etc/e-smith/events/actions/systemd-default index 6357d54..e23dbd5 100644 --- a/root/etc/e-smith/events/actions/systemd-default +++ b/root/etc/e-smith/events/actions/systemd-default @@ -20,7 +20,7 @@ my $filename = "/etc/systemd/system-preset/49-koozali.preset"; my $filename2 = "/usr/lib/systemd/system/sme-server.target.d/50koozali.conf"; my %services; my %files; -my @WantedBy; +my @WantedBy;my %wantedBy; # expand preset file esmith::templates::processTemplate({ @@ -36,7 +36,7 @@ esmith::templates::processTemplate({ }); # make sure our target is enabled -system("/usr/bin/systemctl enable sme-server.target"); +system("/usr/bin/systemctl enable sme-server.target 2>/dev/null"); # force the main default target in /usr/lib #ln -fs sme-server.target /lib/systemd/system/default.target my $old_qfn = "sme-server.target"; @@ -76,7 +76,7 @@ foreach my $d (@presetdirpaths) { my $smewants = `grep -P '^Wants=' /usr/lib/systemd/system/sme-server.target -rs`; chomp $smewants; my @smematches = ( $smewants =~ /([a-zA-Z0-9\-_]+\.service)/g ); - +my %smewants = map { $_ => 1 } @smematches; # parse all files on reverse order : lower number take precedence # we ignore joker lines * @@ -111,15 +111,15 @@ foreach my $filen (reverse sort keys %files) { $services{$service}=$stats; # list all Services explicitely listed in preset that are also in Wants= or with WantedBy= sme-server.target - next if (/^$service$/ ~~ @WantedBy); - if ( /^$service$/ ~~ @smematches ) { - push(@WantedBy, $service); + next if ( exists($wantedBy{$service})); + if (exists($smewants{$service}) ) { + $wantedBy{$service}=1; #print "want $service \n"; } else { my $wanted = `grep -P '^WantedBy=.*sme-server.target' /usr/lib/systemd/system/$service* /etc/systemd/system/$service* -rsh` ; chomp $wanted; - push(@WantedBy , $service) unless ( $wanted eq "") ; + $wantedBy{$service}=1 unless ( $wanted eq ""); #print "want $service \n" unless ( $wanted eq "") ; } @@ -166,7 +166,7 @@ foreach my $fi (@dirfiles) { next; } # if not wanted remove - unless ( /^$fi$/ ~~ @WantedBy) { + unless ( exists($wantedBy{$fi})){ print "remove $d$fi as not declared as WantedBy or in Wants for sme-server.target\n"; unlink "$d$fi"; } @@ -176,7 +176,7 @@ foreach my $fi (@dirfiles) { # we only do it for sme-server.target, ignoring the remaining of WantedBy foreach my $service (sort keys %services) { my $wanted= "not"; - $wanted = "want" if ( /^$service$/ ~~ @WantedBy ); + $wanted = "want" if ( exists($wantedBy{$service}));#( /^$service$/ ~~ @WantedBy ); my $status = $services{$service}; my $linkedU = ( -e "/usr/lib/systemd/system/sme-server.target.wants/$service" ) ? "linked" : "not"; my $linkedE = ( -e "/etc/systemd/system/sme-server.target.wants/$service" ) ? "linked" : "not"; @@ -223,8 +223,7 @@ foreach my $fi (@dirfiles) { my $service = $fi; my $wanted = `grep -P '^WantedBy=.*sme-server.target' /usr/lib/systemd/system/$service* /etc/systemd/system/$service* -rsh` ; chomp $wanted; - #unless ( /^$fi$/ ~~ @WantedBy ) { - unless (grep(/^$fi$/, @WantedBy ) ) { + unless ( exists($wantedBy{$fi})) { print "$d$fi is not declared as WantedBy or in Wants for sme-server.target\n"; } } diff --git a/root/etc/e-smith/templates/etc/logrotate.conf/40included b/root/etc/e-smith/templates/etc/logrotate.conf/40included index 38b8735..d0f80e6 100644 --- a/root/etc/e-smith/templates/etc/logrotate.conf/40included +++ b/root/etc/e-smith/templates/etc/logrotate.conf/40included @@ -1,16 +1 @@ -# no packages own wtmp and btmp -- we'll rotate them here -/var/log/wtmp \{ - monthly - create 0664 root utmp - minsize 1M - rotate 1 -\} - -/var/log/btmp \{ - missingok - monthly - create 0600 root utmp - rotate 1 -\} - # system-specific logs may be also be configured here. diff --git a/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions b/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions index 87e9103..8a0037e 100644 --- a/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions +++ b/root/etc/e-smith/templates/etc/sysconfig/rsyslog/10rsyslogOptions @@ -1 +1 @@ -SYSLOGD_OPTIONS="-c 5" +SYSLOGD_OPTIONS="" diff --git a/root/etc/e-smith/templates/home/e-smith/ssl.key b/root/etc/e-smith/templates/home/e-smith/ssl.key index c1ae063..ff1c9d0 100644 --- a/root/etc/e-smith/templates/home/e-smith/ssl.key +++ b/root/etc/e-smith/templates/home/e-smith/ssl.key @@ -42,7 +42,7 @@ /proc/interrupts /proc/ioports /proc/bus/pci/devices - /proc/rtc + /proc/driver/rtc /proc/uptime )), "$KeySize") diff --git a/root/usr/share/perl5/vendor_perl/esmith/ssl.pm b/root/usr/share/perl5/vendor_perl/esmith/ssl.pm index 00c241e..d35390f 100644 --- a/root/usr/share/perl5/vendor_perl/esmith/ssl.pm +++ b/root/usr/share/perl5/vendor_perl/esmith/ssl.pm @@ -53,7 +53,7 @@ sub key_exists_good_size { # check key size openssl rsa -in /home/e-smith/ssl.key/$host.$domain.key -text -noout | sed -rn "s/Private-Key: \((.*) bit\)/\1/p" my $signatureKeySize = `openssl rsa -in $key -text -noout | grep "Private-Key" | head -1`; chomp $signatureKeySize; - $signatureKeySize =~ s/^ *Private-Key: \((.*) bit\)/$1/p; + $signatureKeySize =~ s/^.*Private-Key: \((.*) bit.*\)/$1/p; if ( $signatureKeySize == $KeySize ) { #print "key size is correct ($KeySize)\n"; # key exists and key size is correct, we can proceed @@ -86,7 +86,7 @@ sub cert_exists_good_size { #openssl x509 -text -noout -in /home/e-smith/ssl.crt/$host.$domain.crt| sed -rn "s/Public-Key: \((.*) bit\)/\1/p" my $signatureKeySize = `openssl x509 -text -noout -in $crt | grep "Public-Key" | head -1`; chomp $signatureKeySize; - $signatureKeySize =~ s/^ *Public-Key: \((.*) bit\)/$1/p; + $signatureKeySize =~ s/^.*Public-Key: \((.*) bit\)/$1/p; if ( $signatureKeySize == $KeySize ) { #print "$signatureKeySize\n"; # cert is correct size and exists, we can proceed. diff --git a/smeserver-base.spec b/smeserver-base.spec index 8d53f52..d92bd15 100644 --- a/smeserver-base.spec +++ b/smeserver-base.spec @@ -4,7 +4,7 @@ Summary: smeserver server and gateway - base module %define name smeserver-base Name: %{name} %define version 11.0.0 -%define release 3 +%define release 4 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -18,7 +18,10 @@ Requires: pwauth Requires: smeserver-lib >= 2.2.0-2 Requires: server-manager-images, server-manager Requires: smeserver-formmagick >= 1.4.0-12 +Requires: plymouth Requires: initscripts >= 6.67-1es17 +Requires: network-scripts +Requires: rsyslog Requires: smeserver-daemontools >= 1.7.1-04 Requires: perl(Locale::gettext) Requires: perl(Crypt::Cracklib) @@ -178,6 +181,14 @@ fi %changelog +* Tue Mar 26 2024 Jean-Philippe Pialasse 11.0.0-4.sme +- fix networking [SME: 12541] +- require rsyslog [SME: 12544] +- remove unsupported rsyslog option -c [SME: 12545] +- remove duplicate entry logrotate for btmp and wtmp [SME: 12547] +- rework systemd-default script (error and smartmatches) [SME: 12543] +- fix self signed cert templates [SME: 12551] + * Sat Mar 23 2024 Jean-Philippe Pialasse 11.0.0-3.sme - fix requirement for el8 SME11 [SME: 12521]