* Fix master hanging after a request from minion with removed key. (#33333)
* ZMQ monitor for MWorker connections.
* Reauth minion if the key was removed on the master side.
* Allow concurrency mode in state runs if using sudo (#33325)
Closes#30130
* Disambiguate non-exact matches when checking if sysv service is enabled (#33324)
Fixes#33323
* remove redundant, incorrect sudo_runas config documentation (#33318)
* remove sudo_runas documentation
`sudo_runas` was renamed to `sudo_user` and the documentation was not
updated accordingly.
* conf/minion: update sudo_user description
The description from sudo_runas was better.
* import ps from psutil_compat in beacons (#33334)
* beacons.network_info: import gate psutil
* beacons.ps: import gate psutil
* Add docs for mine_functions config var (#33326)
* Add docs for mine_functions config var
* Note that mine_enabled essentially just doesn't add the mine
update function to the scheduler.
* Bp 28467 calm mine (#33327)
* make minion mine update behavior more configurable
* Add docs for mine_functions config var
* Remove config dup from mine config options
Refs #28467
* 2015.8 does not have _DFLT_MULTIPROCESSING_MODE
* This won't be in until 2015.8.10.
* Fix network.managed for windows (#33312)
* Fix some link errors in the test writing tutorial (#33347)
* Describes parameters in register_instances function (#33339)
* Fix UnboundLocalError in git.latest (#33340)
Resolves#32260.
* Expanded documentation for boto_elb state and module (#33341)
* Describes what happens when the CNAME parameter is given.
* Describes what the recognized attributes are for for ELBs.
* Properly detect newer Linux Mint distros (#33359)
* Properly detect newer Linux Mint distros
LMDE 2 and Linux Mint 17.3 changed the DISTRIB_ID in /etc/lsb-release to
``LinuxMint``, breaking OS detection for these distros.
This commit fixes that by adding an entry to the OS_NAME_MAP in the core
grains.
* Remove LinuxMint os_family from aptpkg.py
It is no longer necessary as the distro is now detected properly, which
will lead to an os_family of Debian.
* Update job_cache and keep_jobs docs to be more specific to their behavior (#33328)
* Update job_cache and keep_jobs docs to be more specific to their behavior
Also fixed a bug discovered when investigating job_cache/keep_jobs functionality
where the jid directory and files were removed by the cache cleaner, but not the
original jid clash detection directory created in /var/cache/salt/master/jobs/.
Fixes#29286
* Add testcase for the changes in the local_cache.clean_old_jobs func
* Mark tests as destructive
* Put destructive test decorator in correct location
* Remove mentions of windows not supporting pkgs param (#33361)
Fixes#33313
* Updates docs version to 2015.8.9
Adds note regarding the os grain on Mint Linux
Adds an FAQ regarding grains that change due to upstream changes
* revved 2015.8 branch to .9 in version selector
* Add initscripts, SystemD service units and environment files for Debian (#32857)
* Add note to docs about api settings for Hipchat API v2 (#33365)
Fixes#27779
* Add win_pkg to list of modules that support "version" in pkg.installed (#33362)
Fixes#32913
* Add note about name parameter in git_pillar docs (#33369)
Fixes#27737
* Better YAML syntax error handling (#33375)
Closes#26574
* Improve doc clarity for disable_modules documentation (#33379)
* Improve doc clarity for disable_modules documentation
* Additional clarification on blacklisted name
* maintain the fallabck because I am totally sick of this crap
* blast, put the try/except int he right place
* restore whitespace
* Fix traceback in logging for config validation (#33386)
* 2015.8.10 release notes
* Sync pillarstack to latest upstream version (#33391)
* Don't lay down all available opts (#33385)
* Don't lay down all available opts
* We need at least one opt in there
* Condense defaults
* Put the default hash type back
* Catch exception raised from invalid verify_options
This fails the state gracefully in these cases.
Refs: 6b97161293 (r63577507)
* Raise an exception when package verification fails
* Catch failed package verification commands
Also, since pkg.verify is run separately on each targeted package, don't
add errors for each failure, just add one error to what we report.
* Update rpm test_verify test to reflect change from cmd.run to cmd.run_all
* Added support for the agentv2
* Updated os field to match the SD API requirement
* filename is an absolute path on official installations
* Install script URL uses a redirect now, so we should instruct curl to follow them
* Added a missing import
* Updated the settings for the v2 agent
* Fixed pep8 issues
* select v2 agent for the test
* Fix context clash.
boto_vpc uses both boto and boto3. Both utils for those use the same name for their connection context. If you used states that required both boto and boto3, the get_conn would return the object.
* Add a unit test to the boto context conflict problem
* Fix pylint errors and ensure new test to runs correctly
Merges #32985
* Fix typo
* better support for named images, locations, sizes
* better support for named images, locations, sizes
* Tests for Vultr driver
* Add sleep so test instance will be old enough to delete as part of the test
* Lint.
* modules.postgres: fix handling of empty string in db_create
The code responsible for collecting the parameters used in the CREATE
DATABASE query works unexpectedly in case for values which are evaluated
to False as bool, but are not None.
This caused queries with missing rvalues like this one (lc_collate=""):
2016-05-13 16:04:05,243 [salt.loaded.int.module.cmdmod][ERROR ][2990]
stderr: ERROR: syntax error at or near "OWNER"
LINE 1: ..._production" WITH ENCODING = 'utf8' LC_COLLATE = OWNER =
"g...
Please note that proper escaping or a different approach would be needed
here.
* modules.postgres: handle trivial sqli in db_create
* modules.postgres: fix OrderedDict usage
* modules.postgres: quote TABLESPACE too in db_create
* gentoo service enhancements
* fixing command examples
making sure enabled handles multiple runlevel
* unused import removed
* replacing collection.OrderedDict with salt.utils.odict.OrderedDict
* set replaced with list
* Check rendered YAML for invalid keys
PyYAML will for some reason allow improper YAML, specifically double
curly-braces like ``{{ }}``, to be formed into an unhashable dict (that
is, one with a dict as a key). This commit will change the YAML renderer
such that the rendered data is recursively checked for keys that are
dicts, and raises an SaltRenderError if such a key is encountered.
Resolves#33073.
* Fix smtp returner test
This test was using jinja placeholders but was not passing the template
through the jinja renderer. This commit adds the use of the jinja
renderer to this test to fix the failure caused by the addition of
verification of the loaded YAML inthe previous commit.
* Fix file.managed for Windows (#33181)
* Revert back to import string_types
For some reason, there is a problem with the following
code when run from the file.py module:
```
from salt.ext import six
comment = 'This is a string'
isinstance(comment, six.string_types)
```
When run from within the python shell it works fine.
* Add six import
* Fix some lint
* Use correct six import
* Changed it back to explicit import
* Additional comments specific to 2015.5
* Fix file.managed for real
* Move comment to clarify purpose
* update 2015.5.11 release notes (#33197)
* Add pip installed and removed test (#33178)
* Resolve issue with pkg module on Mint Linux (#33205)
Closes#32198
* Add run_on_start docs to schedule.rst (#32958)
Fixes#22580
* Backport #33021 manually to 2015.5 (#33044)
* Saltfile with pillar tests (#33045)
* add file.managed with pillar data tests
* do not require git for other tests
* Fix minor document error of test.assertion (#33067)
* test pillar.items output (#33060)
* File and User test fixes for 2015.5 on Fedora23 (#33055)
* Fix file_test.test_symlink on 2015.5
* Fix failing user present test
* add test for installing package while using salt-call --local (#33025)
* add test for installing package while using salt-call --local
* fix pylint
* ssh docs: install py-2.6 for RHEL 5
* Bugfix: Restore boolean values from the repo configuration
* Add test data for repos
* Add repo config test
* Bugfix (follow-up): setting priority requires non-positive integer
* modules.npm: do not log npm --version at info level (#33084)
* salt-cloud: fix ipv6-only virtual machines (#32865)
* salt-cloud: fix ipv6-only virtual machines
* fix hostname for rsync fallback in scp_file function
* use 4 spaces instead of 2
* remove global variable, use direct socket call instead
* Use saltstack repo in buildpackage.py on CentOS 5 (#33080)
* Lower display of msgpack failure msg to debug (#33078)
Closes#33074
* cloud.query needs to define mapper.opts (#33098)
* clarify docs that map is designed to be run once. is not stateful (#33102)
* Moved _finger_fail method to parent class.
Method _finger_fail method from SAuth to AsyncAuth class to make method available
in both class and fix an issue where _finger_Fail is called inside AsyncAuth.
* Fix 33058 (#33099)
* Fix servermanager module
- Added check for 2008 version of windows
- Added Import-Module ServerManager to _pshell_json.
Apparently this needs to run each time we issue a
servermanager command.
* Fix list_available
* salt.utils.gitfs: fix formatting for warning messages (#33064)
* salt.utils.gitfs: fix formatting for warning messages
When git_pillar support was added to salt.utils.gitfs, the
recommendation globals had string formatting placeholders added to them,
but the locations where these values are referenced do not call
``.format()`` to properly replace them. This commit fixes that
oversight.
* Remove more gitfs and master-specific wording from log messages
* Add a check that the cmdline of the found proc matches (#33129)
* Doc mock decorators (#33132)
* Add mock function for mocking decorators
* Mock the stdlib user module because importing it will open the repl
* Fix broken parsing of usermgmt.conf on OpenBSD (#33135)
When creating a new user, if a group of the same name already exists,
the usermgmt.conf file is consulted to determine the primary group.
It's in these cases that the parsing bug is triggered.
This code change addresses several of the existing issues:
- The previous split statement explicitly specified a single space.
Since a config line may have any number of spaces and/or tabs
surrounding the entries, the resulting array's elements may be
incorrect.
- According to the man pages for usermgmt.conf, the "group" config
entry accpets a single parameter -- so we shouldn't iterate.
- The "val[1]" was returning the 2nd letter of each word and not the
second word on the config line as intended.
* Move salt-ssh thin dir location to /var/tmp (#33130)
* Move salt-ssh thin dir location to /var/tmp
Closes#32771
* Remove performance penelty language
* If cache_jobs: True is set, populate the local job cache when running salt-call (#33100)
* If cache_jobs: True is set, populate the local job cache
Fixes#32834
Allows a masterless minion to query the job cache.
* Refactor cache_jobs functionality to be DRY
* Skipping salt-call --local test
* Back-port #31769 to 2015.8 (#33139)
* Handle empty acl_name in linux_acl state
Calls to setfacl interpret an empty group or user name to mean to be the
owner of the file they're operating on. For example, for a directory
owned by group 'admin', the ACL 'default:group::rwx' is equivalent to
'default:group:admin:rwx'.
The output of the getfacl execution module returns ACLs in the format of
'group:admin:rwx' instead of 'group::rwx'. This commit changes the
acl.present state to look for the owner of the file if the acl_name
paremeter is empty.
* Fix acl.present/acl.absent changing default ACLs
The behaviour of the acl.present and acl.absent is to check the data
structure returned by getfacl contains a key by the name of acl_type.
However, this data structure does not contain any default ACLs if none
exist, so this check will fail. We omit the check if a default ACL was
passed into the state functions.
Unfortunately, the call to modfacl may fail if the user passes in an
acl_type such as 'default:random'. In this case the state will appear to
succeed, but do nothing.
This fixes the state module to allow setting default ACLs on files which
have none.
* Fix regression in 2016.3 HEAD when version is specified (#33146)
Resolves#33013.
* Hash fileclients by opts (#33142)
* Hash fileclients by opts
There was an issue whereby the cache of the fileclient was being overwritten
by dueling minion instances in multimaster mode. This protects them by hashing
by the id of opts.
Closes#25040
* Silly typo!
* Remove tests which do not test any actual functionality or are too tightly coupled to the implementation
* Strip ldap fqdn (#33127)
* Add option to strip off domain names on computer names that come from LDAP/AD
* Add strip_domains option for ldap.
* Add documentation for auth.ldap.minion_stripdomains.
* [2015.5] Update to latest bootstrap script v2016.05.10 (#33155)
* [2015.8] Update to latest bootstrap script v2016.05.10 (#33156)
* [2016.3] Update to latest bootstrap script v2016.05.10 (#33157)
* add 2015.5.11 release notes (#33160)
* add 2015.8.9 release notes (#33161)
* Pip fix (#33180)
* fix pip!!
* make it work with old pip as well
* Added resiliency
* Don't need to check, just get the right name
* [2015.5] Update to latest bootstrap script v2016.05.11 (#33185)
* Hash fileclients by opts
There was an issue whereby the cache of the fileclient was being overwritten
by dueling minion instances in multimaster mode. This protects them by hashing
by the id of opts.
Closes#25040
* Silly typo!
* Remove tests which do not test any actual functionality or are too tightly coupled to the implementation
* * Improve init script: specifically manage salt configurations rather than arbitrary salt processes
Unfortunately SysV init scripts tend to rummage through PIDs filtering for
appropriate processes to manage. Unfortunately the filters are usually weak
and don't account for similar processes run by other users, PIDs of dead
processes being re-used for completely different executables, etc.. These
weaknesses can result in killing unrelated processes with potentially serious
results.
These improvements to the SysV init script is a complete rewrite with the
following improvements:
* Specifically manage individual salt configurations rather than looking for
salt minion-like processes.
* Obtain salt minion information from the salt configuration - use the
information to manage the specifically configured process.
* Drop all of the platform-specific helper functions that allow the
previously-mentioned weaknesses.
+ Unfortunately this means that the output information may not match the
specific platform (this could easily be corrected).
* Now can manage multiple salt processes started by different users
+ Unfortunately starts/stops/restarts as a group and is unable to manage
them both as a group or as individual processes (this could easily be
corrected)
The new initscript also allows various control variables to be overridden by
environment variables or through settings put in ``/etc/sysconf/salt`` or
``/etc/default/salt``.
:SALTMINION_DEBUG: Dump each line expansion before execution, output system
information on failure. Default: unset
:SALTMINION_BINDIR: Location of ``salt-minion``, ``salt-call`` and other
executables. Default: ``/usr/bin``
:SALTMINION_SYSCONFDIR: The parent directory for the ``salt`` configuration
directory and the ``sysconfig`` or ``default``
directory.
* Add lines that went missing in the rebase+squash
* Disallow negative value for fib number
Fibonacci number is supposed to be nonnegative. Add this new feature to
disallow negative value to be passed in for fib number.
* Minimize code duplication
* Use /etc/adjtime for Gentoo
* Add integration test for timezone module
