Commit graph

37 commits

Author SHA1 Message Date
tnn
ad6ceadd25 Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
2008-01-18 05:06:18 +00:00
rhaen
de8a5872e1 corrected error in header of patch-ab 2007-12-10 14:12:41 +00:00
rhaen
d028a26d1d - updated to 2.2.3
- new maintainer
- PKG_DESTDIR_SUPPORT
- ok by joerg
2.2.3
        Feedback release after 2.2.2 and LISA 07, minor tweaks and bug fixes

        "Harmless features"

        IgnoreInterfaceRegex( "vm.*" ) added to control
        function added for removing data from special interfaces from class data

        Option checkroot=true/false added to copy directive. This switches
        on/off the change in 2.2.2 about setting permissions on the
        destination root when recursively copying files. Default is now
        false.

        Can escape colons in the strings now to avoid confusion with
        expansion separator.

        cfenvgraph --erasehistory users,www_in etc will now set the
        average and variance of learned cfenvd data to zero. The current
        week's trace is not affected.

        audit=true/false flag added to most actions

2.2.2

        The build procedure for cfengine changes in this version to
        incorporate an intermediate library. The default behaviour is now
        to build a static library which will be used by cfengine 3 and
        other application interfaces. To build a shared library, use

        --enable-shared=yes

        NOTE to developers: if running from the compiled code you now need
        to delete the files cfagent cfservd etc and recompile to see changes
        appear in the code. This is due to the libtool build process.

        libtoolizing compilation process for migration to cfengine shared library
        (this is to support mulitple interfaces in future, and cf 3)

        --

        XML and HTML output options added to equip the internal instrumentation
        with readable output in cfshow e.g.

           cfshow --performance --html > output.html
           firefox output.html

        provides an easier summary and searchability in browser function

        Instrumentation changed to use realtime functions where possible. Standard
        unix timer is too insensitive to measure performance.

        The beginning of an integrated auditing system has been added. See references
        to AuditLog() in the code. This logs to a compressed database and can be extracted
        in ascii, html, xml using cfshow, e.g. cfshow  --audit --html > output.html
        Auditing is switched on by

        control:
         cfinputs_version = ( 1.2.1 ) # record this version in log, e.g. cvs revision
         Auditing = true

        --

        cfshow --classes

        also shows the relative frequencies of classes
        that have occurred on the system and the last time these were
        observed.

        cfshow -f cfagent.conf --regex "lin.*"

        displays all rules in the named file whose classes match the named
        regular expression. Note that the class "any" is not automatically matched
        and the search is based on the class text from the file. The output is not
        related to which classes are currently defined, and it will not recognise
        the history of classes implicit through class-restricted imported files.

        --

        SCLI interface modifications.

        --

        Intermittency entropy code added to the copy instrumentation for
        automatic host reliability measurements.

        Special variable

           IgnoreFriendRegex = ( regex )

        prevents last-seen warnings about hosts matching the named regex

        --

        UserExists("name") and GroupExists("name") functions added to builtin functions.

        ClassMatch function added in classes/groups to match regular expressions of other classes

        --

        Additional octet variables added on default IPv4 address, for convenience:

        e.g.
           590  : ipv4_2[eth1]=192.168
           1895 : ipv4[eth1]=192.168.1.101
           2100 : ipv4_1[eth1]=192
           4049 : ipv4_3[eth1]=192.168.1


        Methods can now expand some list variables, one list only per argument set.
        This is a limited compromise pending cfengine 3. A patch for expansion of
        variables in the control part of a program in methods has also been added.

        Bug fix and code simplication of variable expansion.

        -----

        tied variable expansion added. Allows method workaround for file dissemination
        by name, e.g. copy from

        host1.conf -> /dir/host1/file.conf
        host2.conf -> /dir/host2/file.conf  e.g. for virtual or diskless machines

        -----

        Major changes to package manager code by Jo Rhett. Variable expansion
        fixed by Mark.

        -----

        Option "best" added to checksum= in files action, this allows cross checking
        of the two best known hash algorithms for each file. Currently this is md5 and sha
        due to limitations in OpenSSL libcrypto.

        UnCommentToLineMatching regex added

2.2.1
        scli: type section added. This is a special case of shellcommands, which
        send commands to the special shell scli by Juergen Schoenwaelder for
        communicating with snmp devices.

        Code refactoring for package management.
        Bug fixes for problems introduced in 2.2.0.

        Copy directory would not set owner correctly on root

2.2.0
        Apart from minor changes, this version is about structural internal
        changes that ease the eventual confluence with cfengine 3 and the work
        going on behind the scenes there. Every effort is being made to
        make this change easy for users and existing installations. New features
        will be introduced into 2.2.x gradually, and the new front-end will
        eventually merge into this.

        This version accompanies a new introduction to cfengine published as
        a SAGE Short Topics book.

        * Some changes

        EMANICS extensions and reference testing for context sensitive
        network navigation patterns using voluntary cooperation contracts.

        PrintFile("name") function added to alerts

        !! List expansion in editfiles actions. This is an important change
        because it can potentially affect existing configurations that contain
        variables with a list separator in them. EditSplit is used for this.

        elsdefine fixed in tidy

        processes with action=warn only install fix

        ifelapsed/expireafter fixed in editfiles

        Instrumentation of copy/shellcommands measuring time/averages
        use cfshow --performance

        background=true in shellcommands was not implemented! (Fixed)

        SLES10 recognition
        RedHat/Fedora further classes

        SELinux support begun by Jeff Sheltren UCSB, who notes.
        > Currently, I have editfiles and copy working with selinux security
        > contexts, although so far copy only has support for regular files; I
        > haven't worked on links, etc. yet.
        > Use --enable-selinux during compilation

        Bug / misleading error message in ReadArray fixed

        HostRange bug for numericals in hostname fixed by Steve Radar.
2007-12-09 22:45:13 +00:00
rillig
d76d8f4d6c Needs flex; fixes PR 33028. 2007-10-10 11:11:35 +00:00
jlam
07dd3147c6 Convert packages that test and use USE_INET6 to use the options framework
and to support the "inet6" option instead.

Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files.  Replace:

	BUILD_DEFS+=	USE_INET6
with
	BUILD_DEFS+=	IPV6_READY

and teach the README-generation tools to look for that instead.

This nukes USE_INET6 from pkgsrc proper.  We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
2007-09-07 22:12:10 +00:00
wiz
5d4498b5fc PKGREVISION bump for db4 shlib name change. 2007-06-08 12:24:59 +00:00
wiz
5524c24038 Fix installation of example files. 2007-02-07 00:03:58 +00:00
wiz
c2c0bd76a5 Update to 2.1.22:
2.1.22

	IMPORTANT: cfshow output formatting changes
	           database internal format changes

	Rewritten the checksum subsystem to allow for future development
	and improvements and tidied the fragile Berkeley DB code. Cfservd
	no longer caches checksums, as this causes update issues. This could
	lead to additional load.

	The checksum code has been rewritten with a new database model, so all
	old data will be rebuilt. The checksum database has been renamed.

	ChecksumDatabase variable is not longer used.

	Package manager debian patch added to iterate over packages
	under installation.

	Package manager for AIX code added, courtesy of Anthony Rassin

	Package manager for Gentoo added, courtesy of Eric Searcy

	ShowState(rootprocs), ShowState(otherprocs) added for
	better process reporting

	General code reorganization for better separation of concerns, looking
	towards cfengine 3.

	cfconvert removed. Change of future strategy for cfengine 3 migration.

	Rationalization of internal instrumentation and better integration
	with cfenvd.

	Bug fixes to miscmounts. Editing was broken with respect to editfilesize variable.
	Option processing for miscmounts was also broken.

	Support for old Berkeley DB APIs abandoned.

	Encryption level added for full encryption of opendir traffic.
	Must set FullEncryption = ( true ) in control for compatability

	server=none now signals noop in method execution and copy.

        Varstring expansion bug for nested variables.

2.1.21

	copy action now supports this $(this) variable which is made equal to the
	current server. This allows separating files from multiple hosts when downloading.

	cfenvd LDT fixes

	Bugs in PeerLeader/Group functions fixed.

	Some buffer limits too small and hardcoded in item.c - fix
	PH support removed from cfenvd during code rationalization - never used

	Cfenvd code rationalization and channge in database format.
	THe first time cfenvd runs, it will convert the database into the new format,
	be aware that this could take some time as it is disk intensive.

	Matt Shibla (ARM) ReturnsZeroShell function added.
	Cfrun ignored port number, fix


2.1.20
	ipv6 structure compilation error for Tru64

	Tested for compilation with latest Berkeley4.4-NC

	New option in cfservd.conf "LogEncryptedTransfers" (true/false).
	If true, any file that is granted access and is marked "encrypt=true"
	will be logged in syslog. i.e. one can keep a record of sensitive
	transfers.

	Linkcopy fix in 2.1.19 broke copying of links that point
	nowhere. Fixed.

	Copy was missing from the multi-pass detection. Fixed

	Patch to debian package management. (bastiaans@sara.nl) fixed -
	debian package always returned eq/true without cmp/version
	statement" (checking if a package is installed, regardless of
	version, now works

	However the "Comparison result" is always "eq" (equal) somehow for
	me... "

	If you are experiencing problems with 2.1.19 please get 2.1.19a.
	One of the changes in 2.1.19 has had bizarre side effects in links
	and disks.

2.1.19

	cfagent will now exit and cease processing if any class in the defined
	control list

	 AbortClasses = ( class_name_1 class_name_2 ... )

	The singlecopy feature has been rewritten after reports of it not
	working, besides, the code was bizarre and the documentation was
	even worse.

	The autodefine code also patched and tested. In both these cases,
	there are lists of *patterns* or wildcards. The code and docs now
	agree

	ExecResult now runs its command in -n mode

	Error parsing strings (esp shellcommands) that contain the $
	symbol due to a bug in 2D-lists.

	VMWare ESX recognition.

	Bug in cfservd stat-mode on symbolic links not correctly
	evaluated.  Bug in linktype=copy for copy fixed.

	Bug in array expansion fixed - would truncate string after expansion

	Constant-cosmetics and length alterations. CF_SMALLBUF introduced,
	and MAXHOSTNAMELEN used

	PID file added for each daemin in WORKDIR == /var/cfengine

	Patch for function argument parsing

	Typo in docs. SelectPartitionGroup -> SelectPartitionNeighbours

	Inform=true support for packages

	HostRange bug - recoding not implemented properly from
	2.1.16. Caused seg fault.

	Joe Buehler's harmless patch to cfexecd to flag daemon and batch mode.

	Serious bug in binserver handling fixed. (Rarely used feature)

	home tidying did not set the "done flag" for multiple pass avoidance.

	Patches to setting unqualified and qualified names

	SuSE 10 detection patch

	Minor error fixes discovered by Joe Buehler and his wonderful
	software.

        Files is the "suspicious" list were marked "not sensible" so that
	follow-up rules e.g. to delete them would not be triggered This is
	now considered a confusion of roles. Suspicious files are no
	longer skipped.

	More memory leaks in cfservd

	Compilation fix for non-IPv6 savvy machines

2.1.18


	Error in FileExists() left over from 2.1.16 changes. Fixed

	elsedefine was not defined if a copy was requested of a non-existent file. Fixed.

	HostnameKeys (dynamic keys for dhcp clients) fix for cfservd.

	Error in stat'ing links that point to non-existent files in
	cfservd. Missing "else" caused this to be reported as an error in
	remote file copy.

	5 second timeout reduced to 10 in cfservd file change check.

	Error message returned by cfservd is non-specific and previously
	said authentication denied, regardless of failure. The daemon now replies
	"Unspecified refusal". Users should use -v or -d2 on both sides of a connection
	to diagnose the true cause of failure,

	Segmentation fault when in verbose mode fixed - editfiles pointer.

	Error in parsing quotes and escaped quotes in functions.

	Bug in implementation of tidy scheduling during dependent classes fixed.

	BeginGroupIfLineMatch
	BeginGroupIfMatch
	BeginGroupIfLineContaining operations added

	Function ExecShellResult similar to ExecResult, but a shell is used,

	cfservd some additional memory reclamation during file updates, could cause memory leaks..

2.1.17

		This is a minor bugfix release


	WARNING	- the handling of function arguments has been changed. You are recommended to
	use normal C/Perl quoting of argument strings., e.g.

	  result = ( ExecResult("/bin/sh -c \"${pf_cc} -V | head -1 | cut -d\  -f3\"") )

	not

  	  result = ( ExecResult(/bin/sh -c "${pf_cc} -V | head -1 | cut -d\  -f3") )

	IsWildItemIn now has reflexive check - some confusion in the code about whether
	the needle or the haystack is the wildcard.

	Templating in editfiles. A new editfiles directive "ExpandVariables"
	adds an "m4" like function to cfengine -- allowing predefined variable strings
	to be expanded into text.

	Patch contributed to expansvariables: Davor Ocelic <docelic@mail.inet.hr>

	Alerts patch - some alerts not installed, if classes not defined.

	Patch for missing variable expansion after function
	parameter rewrite in 2.1.16. Some functions were not fully ported.

	vicf eliminated from distribution

	PrepModule environment fix

	Compilation error C++ mixed into cfetool fix

	Chdir to / when ascting as a daemon for cfservd, cfexecd etc

2.1.16
	Bugfix release

	Moved method parameter setting to fix a bug where parameters would
	be set too late to be used in the parser

	action=warn in copy required inform=true to work, fixed.

	Function arg expansion bug and improvement fix

	Include directive added to cfrun.hosts (Olivier Fauchon)

	MOUNT_RO name collision fix

	SEG fault fixed when signalling cfenvd

	SkipIdentify partial fix

	Alf Wachsmann and Elizabeth Cassel's cfetool added, based on cfenvd.

	"cfetool makes a standalone tool out of cfenvd that accepts arbitrary
	periodic data. In addition, it has support for yearly periodic data.
	It's function and the user interface is in many aspects like rrdtool's.
	cfetoolgraph was added to work with the new features of cfetool.
	It works basically like cfenvgraph."


	Bug fix for multipass evaluation when resolving dependencies.

	Cfservd reread patch. Timeout on polling for linux,

	Default route code now uses "route" command exclusively for portability.

	EmailFrom patch to cfexecd / redundant code was paste error

	Increase pass depth in evaluation of action sequence.

	Skipident patch

	Size increase for interface buffer list

	HPUX,AIX ifconfig location fix

	Methods documentation improved.

	New control function for testing tcp services
          var = ReadTCP(host,port,"send string",maxbytes)

2.1.15

	-f removal in cfservd patch

	Segmentation fault in cfservd with RSA key exchange fixed.

	Disk freespace alerting bug - did not agree with manual specification. Message
	appears only in verbose. Fixed.

	Autodefine install patch.

	Abspath in shellcommands was not parsed and acted on...

	Warnall action was not respected in copy. Permissions were altered on destination file anyway.

	cfcolon added to special symbols.

2.1.14

	Alerts processed now in update context.

	More locking canonification fixes

	Exception for ReplaceALL convergence warning. Warning is not fatal
	if the operation is inside an editgroup.

	md5/sha1 message incorrect on new file found.

       Fixup Makefile.am and doc/Makefile.am.  Docs are now installed
       in the CFEngine "share" directory where they belong.

	Directory iteration fixed. New: owner=LastNode sets the owner of
	the directory to the name of the last node in the dir name. This allows
	the creation of homedirs.

	CentOS support added.

	Extra encryption stage added in C5 protocol. NOTE: This makes 2.1.14
	cfagent clients unable to talk to older servers. (Upgrade servers
	first, or at the same time.)

	Class "no_default_route" is now defined if a default route is not previously
	set, and a default route is defined for the current host.

	Added class functions IsGreaterThan, IsLessThan for numerical or string comparisons

	control:

  	 actionsequence = ( files )

	 a = ( 2.12 )
 	 b = ( 2.11 )

	classes:

	lt = ( LessThan(${a},${b}) )
   	gt = ( GreaterThan(${a},${b}) )

	alerts:

	  lt:: "$(a) LESS THAN $(b)"
	  gt:: "$(a) GREATER THAN $(b)"


	Bugfix for cfshow -c options (Nathan Hruby)

2.1.13
	Mistake in placement of update.conf runs fixed.

	Alteration to lock hashing to avoid conflicts

	Mandrake version type patch/repatched

	Error message in disable now
	underlines move to respository where defined.

	Locking patch to tidy. Did not release lock when tidying
	recursively with subdirectory deletions. (Eric Sorensen).

	Host range patched (again) (Bas VdV)

2.1.12
	cf.preconf can now cause an abort if the script prints out a string
	containing the substring "cfengine-preconf-abort".
	An exit code of 2 signals this failure

	Cfrun bug in placement of workdir initialization. Would try to open
	/inputs/cfrun.hosts instead of /var/cfengine/inputs/cfrun.hosts

	Moved mutex locks in address purging, to see if it prevents some
	segmentation faults.

	In image.c:
	/*      if (TRAVLINKS || ip->linktype == 'n') */
	Took out linktype reference. This appears to be erroneous.

	Patch to tidy: "Guolin Cheng" <guolin@alexa.com>

	Patch to -Q to prevent update.conf from being executed.

	Patch to rationalize choice of port number for new getaddrinfo
	interfaces. (ip.c)

	small patch to allow the use of PCRE if it is compiled with
	--with-pcre.  This is using the POSIX compatible API that PCRE provides,
	so the change necessary is to use pcreposix.h instead of regex.h and to
	link in pcreposix.so. cindy.marasco@pnl.gov)

2.1.11

	SUPPORT FOR POSIX ACLS IN LINUX IS NOT AS STRAIGHTFORWARD AS
	ORIGINALLY THOUGHT.  THE API DOES NOT MATCH EXISTING
	IMPLEMENTATIONS AND SEEMS SIGNIFICANTLY MORE COMPLEX. IN THE
	INTERESTS OF STABILITY THIS WILL HAVE TO BE DEFERRED TO A LATER
	RELEASE.

	Comma in function argument bug in FileExists etc, fixed

	Option -z (--schedule) now prints only the run schedule.  Option
	-Q (--query) added to print values of variables defined in
	configuration

	  cfagent -Q sysadm,domain,site,ipaddress

	in format  varname=value

	New variables can be used in cfagent.conf for cfexecd control:

	  EmailFrom = ( )
	  EmailTo   = ( )  - overrides sysadm if set


	White Box linux class recognition added


	When setting classes or variables by function call, the function
	evaluation is no longer performed if it is not in an active class.

	Cfexecd now calls cfagent with -D from_cfexecd to define the class
	"from_cfexecd::" when run from the executor

	WarnIfFileMissing added to editfiles and default is not to warn
	of non-existent files, except in inform/verbose modes.

	Check added for DefineInGroup, signals error if not in group
	Added copy type "any" for any matching criteria, date/sum etc.

	Respository variable was not expanded like a normal variable

	cfshow tool added for consulting the databases

	Better autodetection of Berkeley DB in some distros of Linux (SuSE) - has anyone heard of "standards"?
	Date format changed in cfexecd output files
	Errors if remote copy is not encrypted when server demands encryption. (patch)

	Renaming of directories is now allowed if dest= is set specifically.

	Check added for variables defined in terms of undefined variables.

	Patch for solaris package manager added (Louis Erickson - wwonko@rdwarf.com)

	file added as synonym til reg in filter

	Patch to HostRange (item.c) (rader@ginseng.hep.wisc.edu)
	Internal variable determining WORKDIR for non-privileged users.

	Various minor changes and cosmetics.

	Lock string must include server name in copy - added
	Method reply bundles fixed to work correctly with ipv6 addresses

	SIGPIPE and SIGCHLD added to signal handler (SIGCHILD ignored against posix, but
	how the hell do you sort this out?)
	srand -> srand48 typo in cfenvd

	Multiple method reply variables were incorrectly separated.
	Added options to disable LastSeen data recording feature.

	fclose used instead of pclose when calling ifconfig - resulted in zombies
2007-02-07 00:03:28 +00:00
rillig
2829e658f2 Mechanically replaced man/* with ${PKGMANDIR}/* in the definition of
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.

Fixes PR 35265, although I did not use the patch provided therein.
2007-01-07 09:13:46 +00:00
wiz
5c007cc7c1 Reset maintainer:
Name service error for name=ethmoid.org type=MX: Host not found, try again
2006-11-24 23:04:14 +00:00
wiz
751d30d637 DEPENDS and PKGREVISION bumps because db4's library name changed. 2006-01-06 15:10:01 +00:00
jlam
dc9594e09d Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
2005-12-29 06:21:30 +00:00
minskim
2d8f110a35 Fix PLIST. Bump PKGREVISION. 2005-09-22 02:08:14 +00:00
wiz
0d71f091c5 Drop trailing whitespace. 2005-05-03 15:51:51 +00:00
wiz
9ef535d7c7 Sort. 2005-05-03 15:51:24 +00:00
reed
ee8be9d0c1 RCD_SCRIPTS_EXAMPLEDIR is no longer customizable.
And always is defined as share/examples/rc.d
which was the default before.

This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.

This was discussed on tech-pkg in late January and late April.

Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
2005-05-02 20:33:57 +00:00
tv
f816d81489 Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. 2005-04-11 21:44:48 +00:00
agc
d81d19f8e0 Add RMD160 digests. 2005-02-24 12:51:41 +00:00
reed
32d8f290c2 The default location of the pkgsrc-installed rc.d scripts is now
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.

This is from ideas from Greg Woods and others.

Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
2004-12-28 02:47:40 +00:00
tv
c487cb967a Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
2004-10-03 00:12:51 +00:00
ben
fab8f071ab Remove example crontab entry from FILESDIR and add it to MESSAGE, the more
customary place.
2004-09-23 23:16:33 +00:00
ben
e098d5d7de Add example crontab entry for cfexecd. This addresses one of the issues
in PR#26614.
2004-09-23 22:57:28 +00:00
ben
51e49a5bfb Move man pages from cfengine2-doc to cfengine package.
Addresses one of the issues in PR#26614.
2004-09-23 22:50:59 +00:00
ben
52c02b621d Add startup files missed on update to version 2.0.10. 2004-08-19 17:13:36 +00:00
ben
1c6cdbfda0 Update cfengine2 to version 2.0.10. Addresses PR#26614.
Notable changes include:

Persistent class protection added to returned remote vrpc calls to
prevent meaningless multiple replies.

Change added to IPRange to avoid possible bootstrap problem with
unconfigured resolver.  IP address setting was contingent on having DNS.
Misplaced } fixed in nameinfo

EmptyResolvConf removed only nameserver entries. Now removes everything.

Due to an error in constructing 2.1.9 some of the advertised
changes below were not included. They are included in this version.

Workaround error message for parser bug with nested variables.

WORKDIR/state/allclasses file caches all class date during cfagent
execution, just like the $(allclasses) variable, but the file can grow
much larger without overflow.

.cfengine -> .cfagent in non-root public keys (some missing conversions)
Expand buffer incorrectly zeroed out public name key causing empty
keyname in RSA dialogue

Old style bind reverse lookup added to Hostname2IPAddress
2004-08-18 23:03:44 +00:00
ben
6693e8c82f Update cfengine to 2.1.9, addresses PR#26608. 2004-08-10 14:18:44 +00:00
snj
f2d0c7f3f7 Convert to buildlink3. 2004-05-04 02:07:06 +00:00
wiz
a661ce60c0 PKGREVISION bump after openssl-security-fix-update to 0.9.6m.
Buildlink files: RECOMMENDED version changed to current version.
2004-03-26 02:27:34 +00:00
seb
b52c6c78fb Update to cfengine version 2.0.8p1.
Provided in PR pkg/22816 by Michael Santos <mike at ethmoid dot org>.

Changes since last packaged version:

        2.0.8 - released this far as a 2.0.x patch

        Check for illegal characters in classes.
        Able to bind to a specific IP addressed interface in cfservd.
                BindToInterface = ( 10.10.43.6 )

        Security fix to transaction lengths in remote copying.
        Suspicious names now applies only to regular files
2003-09-16 19:24:25 +00:00
wiz
b8737eca68 Bump PKGREVISION because of db4 shlib major bump. 2003-06-10 09:56:16 +00:00
seb
7ae8c4f567 Update to version 2.0.7p3.
Versions 2.0.7p1, 2.0.7p2 and 2.0.7p3 are patch releases.

Changes in version 2.0.7:

Resolv.conf search directive removed from code. This was wrong, in spite
of pressure to put it in.

EditBackup -> Backup corrected in manual
Check for class definitions that are not installable

SMTP client handling patch in cfexecd - must wait for reply

AppendIfNoLineMatching replaced with regex, not Setline value

ChecksumPurge = ( on ) causes cfagent to purge its checksum database of
files that no longer exist.

Forgotten built in function RandomInt(a,b) - returns a random number in variable
assignments. Actually introduced in 2.0.6. Forgot this control:

           rand = ( RandomInt(4,7) )

Major rewrite of parser

  - code simplifications
  - Allowed escaping of quotes in strings and newlines e.g.

        var1 = ( "a b c\"substring\" d e" )
        var2 = ( "a b
        c" )

Tidy code tidied and bug fixed for new scheduler

Moduledirectory defaults to /var/cfengine/modules
2003-05-29 21:08:26 +00:00
wiz
7166660e08 Dependency bumps, needed because of devel/pth's major bump, and related
dependency bumps.
2003-05-02 11:53:34 +00:00
seb
bab6c45e24 Update cfengine2 and cfengine2-doc to version 2.0.6.
Package changes
	Vicf moved from $PREFIX/sbin to $PREFIX/share/examples/cfengine
	as it can really be used as is: site tuning is required.

	Both packages now share the same distinfo file.

Changes in version 2.0.6

	SKIPVERIFY removed from AccessControl checks. This was
	wrongly allowing access to files if they only had an accepted
	encryption key.

	SetLine added to AppendIfNoLineMatching to allow current
	line to be added.

	 ForEachLineIn "/tmp/in"
	    AppendIfNoLineMatching "ThisLine"
	 EndLoop

	Changed /etc/services reference to port 5308 in ipv6
	compatible calls.

	Efficiency, removed getpwnam from GetFile(). Was unnecessarily
	looking up the uid multiple times, which delays copying
	speed. Copy rates improved by five to ten times!!

	Single copy uses too much cache memory. Optimize by only
	caching copies that use the singlecopy keyword.

	Message status change: %s is a link which points to %s,
	but that file doesn't seem to exist Verbose only

	Patches to editfiles to check empty files. DefineinGroup
	added.

Changes in version 2.0.5

	Cfrun ipv6 patch

	Syslog messages name patch

	mountables, binservers variable usage fix

	backup=timestamp added in copy so that multiple backups
	can coexist.  Other backups use this by default.

	Cfenvd records loadaverage - and av.db renamed to cf_averages.db
	since records in av.db no longer compatible.

	Iteration added to disk paths

	Typo in filters.c UID -> USER meant that Owner field in
	filters would not always work for processes.  Bug in removal
	of spaces in process-filter matches could cause some criteria
	to fail to match.

	Netstat changed entry in solaris 2.9
	Hard class hpux10 -> hpux and the old hpux is deprecated

	tidy //tmp would start tidying / due to error in
	ExpandWildcardsAndDo. FIxed

	Cfenvd netstat state recorded in separate files now in
	WORKDIR, by protocol and incoming/outgoing. This allows
	accurate record of the state to which classes refer.

	excludes and ignores would not appended in a tidy command
	if a path already existed in another previous command.
	Fixed so that all excludes and ignores are concatenated
	for all related paths.

	Local AF_LOCAL addresses not handled by sockaddr in IPv6
	compatible functions.  Now returns 127.0.0.1 (why not ::1??)

	Typo in tidy.c prevented tidy old links from working.
	Documentation patches.

	Checksums no longer performed on dry run (-n) in files,
	but still in copy.

	No errors written to syslog in dryrun mode.
	Umask patch in editfiles - umask was not properly installed

	New copy options / variables singlecopy= and autodefine
	added.

	Alerts added as own section alerts: allow users to define
	a custom message triggered by a class activation. Alerts
	can also quote state information from cfenvd and the process
	table.

	tidy define= does not set class if file could not be tidied.

	debian detect patch (Andy Stribblehill)
	cfservd descriptor leak (Andy Stribblehill)
	cfservd daemonize modification
2003-04-26 08:33:00 +00:00
seb
c0fc274217 Remove ftp.cfengine.webmotion.net from MASTER_SITES, it has been
a while since it worked.
2003-04-25 21:08:41 +00:00
seb
7b1e40667b Give OpenSSL prefix to configure so that systems without in-tree
OpenSSL can actually build this package.
2003-03-05 15:55:57 +00:00
seb
74faa7fd67 Add a final dot. 2002-12-22 13:09:51 +00:00
seb
3b91c7b547 Initial import of Cfengine version 2 into the NetBSD Packages Collection.
Provided in PR pkg/19456 by Michael Santos <mike at ethmoid dot org>, slighty
edited by me.

Cfengine, or the "configuration engine" is a very high level language
for building expert systems which administrate and configure large
computer networks. Cfengine uses the idea of classes and a primitive
form of intelligence to define and automate the configuration of
large systems in the most economical way possible. Cfengine is
designed to be a part of computer immune system
2002-12-22 13:04:38 +00:00