aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* release Consfigurator 0.12.3 (-1 to Debian unstable)v0.12.3debian/0.12.3-1archive/debian/0.12.3-1Sean Whitton2021-11-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* define +ALPHANUM+ at compile time tooSean Whitton2021-11-28
| | | | | | | Necessary because we use #.(length +alphanum+) later in the file. Reported-by: Yehouda Harpaz <yeh@lispworks.com> Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* replace usage of UIOP version comparison utilities with our ownSean Whitton2021-11-28
| | | | | | | | | DATA.GIT-SNAPSHOT generates version numbers like 2342423.ab09890f2bcd where only the first, purely numerical component is intended for comparison, and the second component is just additional information. UIOP's utilities don't give the correct answers for cases like that; e.g. (uiop:version<= "1.a" "0") => T. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* EVAL-IN-REINVOKED: use a more descriptive name for the dumped imageSean Whitton2021-11-28
| | | | | | The name will show up in, e.g., top(1) inside containers. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* LXC:LXC-LS: always pass -1 command line argumentSean Whitton2021-11-28
| | | | | | | | With most connection types stdout is not a tty and so we get one entry per line anyway. However, unless we explicitly pass -1, lxc-ls(1) can add unwanted trailing whitespace to these lines. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* LINES: support trimming the linesSean Whitton2021-11-20
| | | | | | TRIMFUN will typically be STRING-TRIM, STRING-LEFT-TRIM or STRING-RIGHT-TRIM. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* release Consfigurator 0.12.2 (-1 to Debian unstable)v0.12.2debian/0.12.2-1archive/debian/0.12.2-1Sean Whitton2021-11-15
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* fixes to permit dumping and reinvoking and then dumping againSean Whitton2021-11-14
| | | | | | | | | | | | | | | | | | - Update stored checksums when reinvoking, else the SBCL-specific checks in %DUMP-CONSFIGURATOR-IN-GRANDCHILD will always fail in reinvoked images. - Also update *US* when reinvoking; previously, the code in IMAGE-DUMPED to skip the dump when the target filename is the executable we're running from was using the old value of *US* and thus would probably never skip the dump. - Don't abort the dump just because the target filename is the executable we're running from (I believe the restriction was accidentally included when refactoring a previous work-in-progress version of fbe55a361f). - %DUMP-CONSFIGURATOR-IN-GRANDCHILD: ensure we remove the hook which evaluates the parent process's request so it doesn't get run again. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* *US*: use SB-EXT:*RUNTIME-PATHNAME* not SB-EXT:*CORE-PATHNAME*Sean Whitton2021-11-14
| | | | | | SB-EXT:*RUNTIME-PATHNAME* is the path to the executable. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add HAS-HOSTATTRSSean Whitton2021-11-14
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* FILE:{DATA,SECRET}-UPLOADED: add descriptionsSean Whitton2021-11-11
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* always use CL, ANAPHORA, ALEXANDRIA and CONSFIGURATOR packagesSean Whitton2021-11-11
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add RANDOM-ALPHANUMERICSean Whitton2021-11-11
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* release Consfigurator 0.12.1 (-1 to Debian unstable)v0.12.1debian/0.12.1-1archive/debian/0.12.1-1Sean Whitton2021-11-09
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* avoid trying to define +NAMESPACE-TYPES+ at all on non-LinuxSean Whitton2021-11-09
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* LXC:USER-CONTAINER-FOR docstring: fix typoSean Whitton2021-11-09
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* avoid unbound variable error on older kernels without CLONE_NEWTIMESean Whitton2021-11-09
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* INSTALLER:CLEANLY-INSTALLED-ONCE: fix type of :REMOTE-HOME connattrSean Whitton2021-11-09
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* COLLAPSE{,-PROPAPP}-TYPES: invert logicSean Whitton2021-11-09
| | | | | | | | | These functions are used to determine whether a composite property is :POSIX or :LISP. If any of the composing properties are :LISP, then we need to return :LISP, such that attempting to apply the composite property using a POSIX-type connection produces an error. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* release Consfigurator 0.12.0 (-1 to Debian unstable)v0.12.0debian/0.12.0-1archive/debian/0.12.0-1Sean Whitton2021-11-08
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* style guide: prefer to switch user than to update ownershipSean Whitton2021-11-08
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* use higher-numbered codes for change status, 1 for unhandled errorsSean Whitton2021-11-08
| | | | | | | | When SBCL fails to start up, such as when previously-loaded shared libraries cannot be found while trying to reinvoke a dumped image, it exits 1. We must avoid erroneously interpreting this as a successful attempt to make changes. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SBCL: avoid adding :DATA hostattrs that persist in *HOST*Sean Whitton2021-11-08
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* REHOME-CONNECTION: move call to UPLOAD-ALL-PREREQUISITE-DATASean Whitton2021-11-08
| | | | | | | | It's the fact we're changing to a different home directory that's part of the same root filesystem, and with the same UID/GID ranges, that means we call UPLOAD-ALL-PREREQUISITE-DATA with this connection object. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add LXC properties, :LXC{,-UNPRIV-ATTACH} connections, WITH-HOMEDIRSean Whitton2021-11-08
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add Linux namespace-entering connectionsSean Whitton2021-11-08
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add CAPABILITY-P and grovel for some Linux capability constantsSean Whitton2021-11-04
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SETUID: pass target uid to POSIX-LOGIN-ENVIRONMENT for correct PATHSean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* rename FIREWALLD:ZONE-DIRECT-RULE -> FIREWALLD:DIRECT-RULESean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* ON{-APPLY,}-CHANGE: always return result of primary propappSean Whitton2021-11-01
| | | | | | | In particular, if the secondary propapps are applied but make no change, do not return :NO-CHANGE as the overall result. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add APT:BACKPORTS-INSTALLED{,-MINIMALLY}Sean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* FIREWALLD:ZONE: note idea to use hostattrs to gather zone settingsSean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* FIREWALLD:HAS-ZONE: reload after adding zoneSean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add SYSTEMD:{DAEMON-RELOADED,RELOADED,RESTARTED}Sean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* firewall-cmd: --reload less often & respect SERVICE:NO-SERVICES-PSean Whitton2021-11-01
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* SYSTEMD:LINGERING-ENABLED :CHECK: handle non-zero exit from loginctlSean Whitton2021-10-29
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* CONSFIGURATOR.PROPERTY.SYSTEMD: respect :NO-SERVICES connattrSean Whitton2021-10-29
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add & propagate :NO-SERVICES connattr and respect in LIBVIRT:STARTEDSean Whitton2021-10-29
| | | | | | | | | | | | | | | | | This change was prompted by the realisation that RECONNECTS nullifies any enclosing SERVICE:WITHOUT-STARTING-SERVICES because *HOST* during RECONNECTS is a distinct HOST value, computed at hostattrs time, which can't be affected by an enclosing combinator that works by temporarily pushing hostattrs at :APPLY time. So, for example, if we chroot and subsequently establish a :SETUID connection, properties might try to start services as the non-root user and there is no way for them to know they shouldn't. We can avoid this problem by using a connattr instead because we have a mechanism for propagating connattrs to subsequently established connections. And as in most cases the reason for not starting services is solely due to the way in which we're connecting to the host, a connattr is more appropriate. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* basic systemctl(1) properties: add USER argument for --userSean Whitton2021-10-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SETUID: avoid creating user's ~/.cache/consfigurator/ owned by rootSean Whitton2021-10-28
| | | | | | This reverts and replaces commit b4eb20904aa8f4ea7ec0ef58eac7889b4b864277. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* expand remarks on portability & update in light of recent changesSean Whitton2021-10-28
| | | | | | | | We've long required package-local nicknames but this was not mentioned. We now additionally require multithreading, a C toolchain and development headers for libacl. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* IMAGE-DUMPED: also abort if shlibs not readableSean Whitton2021-10-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* discuss limitations which apply to dumping images with IMAGE-DUMPEDSean Whitton2021-10-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* IMAGE-DUMPED: support skipping when same build of SBCL unavailableSean Whitton2021-10-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* debian/: Run 'wrap-and-sort -abst'Sean Whitton2021-10-23
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* debian/: Add ${sphinxdoc:Built-Using} to Built-UsingSean Whitton2021-10-23
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* LIBVIRT:KVM-BOOTS-CHROOT-FOR: ADDITIONAL-PROPERTIES usage exampleSean Whitton2021-10-23
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* HANDLE-FORK-REQUEST: use return values of BT:JOIN-THREADSean Whitton2021-10-23
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* HANDLE-FORK-REQUEST: immediately begin reading from out & err pipesSean Whitton2021-10-23
| | | | | | | Previously we waited for waitpid(2) to return before reading from the pipes. If either pipe filled up before the child process exited, we would deadlock. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* note about PROGRAMMATIC-APPLY-HOSTATTRS for DEFPROPLIST/DEFPROPSPECSean Whitton2021-10-23
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-17 20:26:38 +0000