Merge pull request #23396 from basepi/merge-forward-2015.2

[2015.2] Merge forward from 2014.7 to 2015.2
2025-04-17 10:10:20 +00:00 · 2015-05-06 15:42:35 -06:00 · 2015-05-06 15:42:35 -06:00 · 1fb84450f4
commit 1fb84450f4
parent 23d4feb8b4 2766c8cb4b
13 changed files with 85 additions and 23 deletions
--- a/conf/master
+++ b/conf/master
@ -297,6 +297,17 @@
 # will cause minion to throw an exception and drop the message.
 # sign_pub_messages: False

+#####     Salt-SSH Configuration     #####
+##########################################
+
+# Pass in an alternative location for the salt-ssh roster file
+#roster_file: /etc/salt/roster
+
+# Pass in minion option overrides that will be inserted into the SHIM for
+# salt-ssh calls. The local minion config is not used for salt-ssh. Can be
+# overridden on a per-minion basis in the roster (`minion_opts`)
+#ssh_minion_opts:
+#  gpg_keydir: /root/gpg

 #####    Master Module Management    #####
 ##########################################
--- a/doc/ref/configuration/master.rst
+++ b/doc/ref/configuration/master.rst
@ -491,6 +491,10 @@ that connect to a master via localhost.

    presence_events: False

+
+Salt-SSH Configuration
+======================
+
 .. conf_master:: roster_file

 ``roster_file``
@ -504,6 +508,23 @@ Pass in an alternative location for the salt-ssh roster file.

    roster_file: /root/roster

+.. conf_master:: ssh_minion_opts
+
+``ssh_minion_opts``
+-------------------
+
+Default: None
+
+Pass in minion option overrides that will be inserted into the SHIM for
+salt-ssh calls. The local minion config is not used for salt-ssh. Can be
+overridden on a per-minion basis in the roster (``minion_opts``)
+
+.. code-block:: yaml
+
+    minion_opts:
+      gpg_keydir: /root/gpg
+
+
 Master Security Settings
 ========================

--- a/doc/topics/ssh/index.rst
+++ b/doc/topics/ssh/index.rst
@ -126,6 +126,15 @@ file is in ``/etc/salt/master``. If one wishes to use a customized configuration
 the ``-c`` option to Salt SSH facilitates passing in a directory to look inside for a
 configuration file named ``master``.

+Minion Config
+---------------
+
+.. versionadded:: 2015.2.1
+
+Minion config options can be defined globally using the master configuration
+option ``ssh_minion_opts``. It can also be defined on a per-minion basis with
+the ``minion_opts`` entry in the roster.
+
 Running Salt SSH as non-root user
 =================================

--- a/doc/topics/ssh/roster.rst
+++ b/doc/topics/ssh/roster.rst
@ -34,14 +34,16 @@ The information which can be stored in a roster `target` is the following:

 .. code-block:: yaml

-    <Salt ID>:   # The id to reference the target system with
-        host:    # The IP address or DNS name of the remote host
-        user:    # The user to log in as
-        passwd:  # The password to log in with
+    <Salt ID>:       # The id to reference the target system with
+        host:        # The IP address or DNS name of the remote host
+        user:        # The user to log in as
+        passwd:      # The password to log in with

        # Optional parameters
-        port:    # The target system's ssh port number
-        sudo:    # Boolean to run command via sudo
-        priv:    # File path to ssh private key, defaults to salt-ssh.rsa
-        timeout: # Number of seconds to wait for response when establishing a
-                   SSH connection
+        port:        # The target system's ssh port number
+        sudo:        # Boolean to run command via sudo
+        priv:        # File path to ssh private key, defaults to salt-ssh.rsa
+        timeout:     # Number of seconds to wait for response when establishing
+                     # an SSH connection
+        timeout:     # Number of seconds to wait for response
+        minion_opts: # Dictionary of minion opts
--- a/salt/client/ssh/init.py
+++ b/salt/client/ssh/init.py
@ -577,6 +577,7 @@ class Single(object):
            fsclient=None,
            thin=None,
            mine=False,
+            minion_opts=None,
            **kwargs):
        # Get mine setting and mine_functions if defined in kwargs (from roster)
        self.mine = mine
@ -623,12 +624,15 @@ class Single(object):
                'sudo': sudo,
                'tty': tty,
                'mods': self.mods}
-        self.minion_config = yaml.dump(
-                {
+        self.minion_opts = opts.get('ssh_minion_opts', {})
+        if minion_opts is not None:
+            self.minion_opts.update(minion_opts)
+        self.minion_opts.update({
                    'root_dir': os.path.join(self.thin_dir, 'running_data'),
                    'id': self.id,
                    'sock_dir': '/',
-                }, width=1000).strip()
+                })
+        self.minion_config = yaml.dump(self.minion_opts)
        self.target = kwargs
        self.target.update(args)
        self.serial = salt.payload.Serial(opts)
@ -741,6 +745,7 @@ class Single(object):
                self.opts,
                self.id,
                fsclient=self.fsclient,
+                minion_opts=self.minion_opts,
                **self.target)
            opts_pkg = pre_wrapper['test.opts_pkg']()
            opts_pkg['file_roots'] = self.opts['file_roots']
@ -798,6 +803,7 @@ class Single(object):
            opts,
            self.id,
            fsclient=self.fsclient,
+            minion_opts=self.minion_opts,
            **self.target)
        self.wfuncs = salt.loader.ssh_wrapper(opts, wrapper, self.context)
        wrapper.wfuncs = self.wfuncs
@ -855,7 +861,10 @@ class Single(object):
            debug = '1'
        arg_str = '''
 OPTIONS = OBJ()
-OPTIONS.config = '{0}'
+OPTIONS.config = \
+"""
+{0}
+"""
 OPTIONS.delimiter = '{1}'
 OPTIONS.saltdir = '{2}'
 OPTIONS.checksum = '{3}'
--- a/salt/client/ssh/wrapper/init.py
+++ b/salt/client/ssh/wrapper/init.py
@ -32,6 +32,7 @@ class FunctionWrapper(object):
            fsclient=None,
            cmd_prefix=None,
            aliases=None,
+            minion_opts=None,
            **kwargs):
        super(FunctionWrapper, self).__init__()
        self.cmd_prefix = cmd_prefix
@ -45,6 +46,7 @@ class FunctionWrapper(object):
        self.aliases = aliases
        if self.aliases is None:
            self.aliases = {}
+        self.minion_opts = minion_opts

    def __contains__(self, key):
        '''
@ -78,6 +80,7 @@ class FunctionWrapper(object):
                                   fsclient=self.fsclient,
                                   cmd_prefix=cmd,
                                   aliases=self.aliases,
+                                   minion_opts=self.minion_opts,
                                   **kwargs)

        if self.cmd_prefix:
@ -105,6 +108,7 @@ class FunctionWrapper(object):
                    mods=self.mods,
                    wipe=True,
                    fsclient=self.fsclient,
+                    minion_opts=self.minion_opts,
                    **self.kwargs
            )
            stdout, stderr, _ = single.cmd_block()
--- a/salt/config.py
+++ b/salt/config.py
@ -397,6 +397,8 @@ DEFAULT_MINION_OPTS = {
    'recon_max': 10000,
    'recon_default': 1000,
    'recon_randomize': True,
+    'syndic_log_file': os.path.join(salt.syspaths.LOGS_DIR, 'syndic'),
+    'syndic_pidfile': os.path.join(salt.syspaths.PIDFILE_DIR, 'salt-syndic.pid'),
    'random_reauth_delay': 10,
    'win_repo_cachefile': 'salt://win/repo/winrepo.p',
    'pidfile': os.path.join(salt.syspaths.PIDFILE_DIR, 'salt-minion.pid'),
@ -457,6 +459,7 @@ DEFAULT_MASTER_OPTS = {
    'pillar_roots': {
        'base': [salt.syspaths.BASE_PILLAR_ROOTS_DIR],
    },
+    'file_client': 'local',
    'gitfs_remotes': [],
    'gitfs_mountpoint': '',
    'gitfs_root': '',
@ -1028,6 +1031,7 @@ def syndic_config(master_config_path,
        'autosign_file', 'autoreject_file', 'token_dir'
    ]
    for config_key in ('log_file', 'key_logfile'):
+        # If this is not a URI and instead a local path
        if urlparse(opts.get(config_key, '')).scheme == '':
            prepend_root_dirs.append(config_key)
    prepend_root_dir(opts, prepend_root_dirs)
--- a/salt/modules/file.py
+++ b/salt/modules/file.py
@ -1282,7 +1282,7 @@ def replace(path,
                    if prepend_if_not_found or append_if_not_found:
                        # Search for content, so we don't continue pre/appending
                        # the content if it's been pre/appended in a previous run.
-                        if re.search(content, line):
+                        if re.search('^{0}$'.format(content), line):
                            # Content was found, so set found.
                            found = True

--- a/salt/modules/localemod.py
+++ b/salt/modules/localemod.py
@ -271,7 +271,7 @@ def gen_locale(locale, **kwargs):
        log.error('The provided locale "{0}" is not found in {1}'.format(locale, search))
        return False

-    if on_debian or on_gentoo:
+    if os.path.exists('/etc/locale.gen'):
        __salt__['file.replace'](
            '/etc/locale.gen',
            r'^#\s*{0}$'.format(locale),
--- a/salt/modules/makeconf.py
+++ b/salt/modules/makeconf.py
@ -43,8 +43,10 @@ def _add_var(var, value):
    fullvar = '{0}="{1}"'.format(var, value)
    if __salt__['file.contains'](makeconf, layman):
        # TODO perhaps make this a function in the file module?
-        cmd = ['sed', '-i', '/{0}/'.format(layman.replace('/', '\\/')),
-               fullvar, makeconf]
+        cmd = ['sed', '-i', r'/{0}/ i\{1}'.format(
+                    layman.replace('/', '\\/'),
+                    fullvar),
+               makeconf]
        __salt__['cmd.run'](cmd)
    else:
        __salt__['file.append'](makeconf, fullvar)
--- a/salt/renderers/gpg.py
+++ b/salt/renderers/gpg.py
@ -136,10 +136,9 @@ def render(gpg_data, saltenv='base', sls='', argline='', **kwargs):
    '''
    if not HAS_GPG:
        raise SaltRenderError('GPG unavailable')
-    homedir = None
    if 'config.get' in __salt__:
-        homedir = __salt__['config.get']('gpg_keydir', None)
-    if homedir is None:
+        homedir = __salt__['config.get']('gpg_keydir', DEFAULT_GPG_KEYDIR)
+    else:
        homedir = __opts__.get('gpg_keydir', DEFAULT_GPG_KEYDIR)
    log.debug('Reading GPG keys from: {0}'.format(homedir))
    try:
--- a/salt/runners/lxc.py
+++ b/salt/runners/lxc.py
@ -265,7 +265,8 @@ def init(names, host=None, saltcloud_mode=False, quiet=False, **kwargs):
                expr_form='list', timeout=600).get(host, {})
        name = kw.pop('name', name)
        # be sure not to seed an already seeded host
-        kw['seed'] = seeds.get(name, True)
+        seed = kwargs.get('seed', True)
+        kw['seed'] = seeds.get(name, seed)
        if not kw['seed']:
            kw.pop('seed_cmd', '')
        cmds.append(
--- a/tests/unit/config_test.py
+++ b/tests/unit/config_test.py
@ -356,8 +356,8 @@ class ConfigTestCase(TestCase, integration.AdaptedConfigurationTestCaseMixIn):
        self.assertEqual(syndic_opts['master'], 'localhost')
        self.assertEqual(syndic_opts['sock_dir'], os.path.join(root_dir, 'minion_sock'))
        self.assertEqual(syndic_opts['cachedir'], os.path.join(root_dir, 'cache'))
-        self.assertEqual(syndic_opts['log_file'], os.path.join(root_dir, 'osyndic.log'))
-        self.assertEqual(syndic_opts['pidfile'], os.path.join(root_dir, 'osyndic.pid'))
+        self.assertEqual(syndic_opts['log_file'], os.path.join(root_dir, 'var/log/salt/syndic'))
+        self.assertEqual(syndic_opts['pidfile'], os.path.join(root_dir, 'var/run/salt-syndic.pid'))
        # Show that the options of localclient that repub to local master
        # are not merged with syndic ones
        self.assertEqual(syndic_opts['_master_conf_file'], minion_conf_path)