Merge branch '2016.3' into '2016.11'

Conflicts: - salt/grains/core.py - salt/modules/ddns.py - salt/templates/rh_ip/network.jinja
2025-04-17 10:10:20 +00:00 · 2016-11-28 11:08:19 -07:00 · 2016-11-28 11:08:19 -07:00 · dfedd1185a
commit dfedd1185a
parent d204099db8 c35ba1f390
27 changed files with 139 additions and 51 deletions
--- a/doc/conf.py
+++ b/doc/conf.py
@ -245,8 +245,8 @@ if on_saltstack:
    copyright = time.strftime("%Y")

 # < --- START do not merge these settings to other branches START ---> #
-build_type = 'latest'  # latest, previous, develop, next
-release = latest_release  # version, latest_release, previous_release
+build_type = 'previous'  # latest, previous, develop, next
+release = previous_release  # version, latest_release, previous_release
 # < --- END do not merge these settings to other branches END ---> #

 # Set google custom search engine
--- a/doc/ref/modules/index.rst
+++ b/doc/ref/modules/index.rst
@ -494,7 +494,7 @@ Aliasing Functions

 Sometimes one wishes to use a function name that would shadow a python built-in.
 A common example would be ``set()``. To support this, append an underscore to
-the function defintion, ``def set_():``, and use the ``__func_alias__`` feature
+the function definition, ``def set_():``, and use the ``__func_alias__`` feature
 to provide an alias to the function.

 ``__func_alias__`` is a dictionary where each key is the name of a function in
--- a/doc/topics/releases/2015.5.6.rst
+++ b/doc/topics/releases/2015.5.6.rst
@ -38,7 +38,7 @@ Changes:

 - **PR** `#27516`_: (*basepi*) [2015.5] Merge forward from 2014.7 to 2015.5

- **PR** `#27472`_: (*cachedout*) Change recommeded schema for data field in mysql event table
+- **PR** `#27472`_: (*cachedout*) Change recommended schema for data field in mysql event table

 - **PR** `#27468`_: (*cachedout*) Fix 27351

--- a/doc/topics/releases/2016.3.0.rst
+++ b/doc/topics/releases/2016.3.0.rst
@ -290,7 +290,7 @@ Thorium - Provisional New Reactor
 ---------------------------------

 The 2016.3 release introduces the new Thorium Reactor. This reactor is an
-experimental new feature that implements a flow programing interface using
+experimental new feature that implements a flow programming interface using
 the salt state system as the engine. This means that the Thorium reactor uses
 a classic state tree approach to create a reactor that can aggregate event
 data from multiple sources and make aggregate decisions about executing
--- a/doc/topics/ssh/index.rst
+++ b/doc/topics/ssh/index.rst
@ -18,7 +18,7 @@ standard ``salt`` commands.
 - Python is required on the remote system (unless using the ``-r`` option to send raw ssh commands)
 - On many systems, the ``salt-ssh`` executable will be in its own package, usually named
  ``salt-ssh``
- The Salt SSH system does not supercede the standard Salt communication
+- The Salt SSH system does not supersede the standard Salt communication
  systems, it simply offers an SSH-based alternative that does not require
  ZeroMQ and a remote agent. Be aware that since all communication with Salt SSH is
  executed via SSH it is substantially slower than standard Salt with ZeroMQ.
@ -184,7 +184,7 @@ Salt SSH with a regular user you have to modify some paths or you will get
 "Permission denied" messages. You have to modify two parameters: ``pki_dir``
 and ``cachedir``. Those should point to a full path writable for the user.

-It's recommed not to modify /etc/salt for this purpose. Create a private copy
+It's recommended not to modify /etc/salt for this purpose. Create a private copy
 of /etc/salt for the user and run the command with ``-c /new/config/path``.

 Define CLI Options with Saltfile
--- a/salt/grains/core.py
+++ b/salt/grains/core.py
@ -1047,6 +1047,7 @@ _OS_NAME_MAP = {
    'manjaro': 'Manjaro',
    'antergos': 'Antergos',
    'sles': 'SUSE',
+    'slesexpand': 'RES',
    'void': 'Void',
    'linuxmint': 'Mint',
 }
@ -1070,6 +1071,7 @@ _OS_FAMILY_MAP = {
    'OEL': 'RedHat',
    'XCP': 'RedHat',
    'XenServer': 'RedHat',
+    'RES': 'RedHat',
    'Mandrake': 'Mandriva',
    'ESXi': 'VMware',
    'Mint': 'Debian',
--- a/salt/modules/ddns.py
+++ b/salt/modules/ddns.py
@ -165,7 +165,12 @@ def update(zone, name, ttl, rdtype, data, nameserver='127.0.0.1', timeout=5,
        salt ns1 ddns.update example.com host1 60 A 10.0.0.1
    '''
    name = str(name)
-    fqdn = '{0}.{1}'.format(name, zone)
+
+    if name[-1:] == '.':
+        fqdn = name
+    else:
+        fqdn = '{0}.{1}'.format(name, zone)
+
    request = dns.message.make_query(fqdn, rdtype)
    answer = dns.query.udp(request, nameserver, timeout, port)

@ -211,9 +216,13 @@ def delete(zone, name, rdtype=None, data=None, nameserver='127.0.0.1',
        salt ns1 ddns.delete example.com host1 A
    '''
    name = str(name)
-    fqdn = '{0}.{1}'.format(name, zone)
-    request = dns.message.make_query(fqdn, (rdtype or 'ANY'))

+    if name[-1:] == '.':
+        fqdn = name
+    else:
+        fqdn = '{0}.{1}'.format(name, zone)
+
+    request = dns.message.make_query(fqdn, (rdtype or 'ANY'))
    answer = dns.query.udp(request, nameserver, timeout, port)
    if not answer.answer:
        return None
--- a/salt/modules/dockerng.py
+++ b/salt/modules/dockerng.py
@ -60,6 +60,7 @@ The configuration schema is as follows:
        email: <email_address>
        password: <password>
        username: <username>
+        reauth: <boolean>

 For example:

@ -71,6 +72,22 @@ For example:
        password: s3cr3t
        username: foo

+Reauth is an optional parameter that forces the docker login to reauthorize using
+the credentials passed in the pillar data. Defaults to false.
+
+.. versionadded:: 2016.3.5,2016.11.1
+
+For example:
+
+.. code-block:: yaml
+
+    docker-registries:
+      https://index.docker.io/v1/:
+        email: foo@foo.com
+        password: s3cr3t
+        username: foo
+        reauth: True
+
 Mulitiple registries can be configured. This can be done in one of two ways.
 The first way is to configure each registry under the ``docker-registries``
 pillar key.
@ -1037,7 +1054,8 @@ def _image_wrapper(attr, *args, **kwargs):
                    creds['username'],
                    password=creds['password'],
                    email=creds.get('email'),
-                    registry=registry)
+                    registry=registry,
+                    reauth=creds.get('reauth', False))
        except KeyError:
            raise SaltInvocationError(
                err.format('Incomplete', ' for registry {0}'.format(registry))
--- a/salt/modules/drac.py
+++ b/salt/modules/drac.py
@ -257,7 +257,7 @@ def create_user(username, password, permissions, users=None):

    .. code-block:: bash

-        salt dell drac.create_user [USERNAME] [PASSWORD] [PRIVELEGES]
+        salt dell drac.create_user [USERNAME] [PASSWORD] [PRIVILEGES]
        salt dell drac.create_user diana secret login,test_alerts,clear_logs

    DRAC Privileges
@ -320,7 +320,7 @@ def set_permissions(username, permissions, uid=None):

    .. code-block:: bash

-        salt dell drac.set_permissions [USERNAME] [PRIVELEGES] [USER INDEX - optional]
+        salt dell drac.set_permissions [USERNAME] [PRIVILEGES] [USER INDEX - optional]
        salt dell drac.set_permissions diana login,test_alerts,clear_logs 4

    DRAC Privileges
--- a/salt/modules/dracr.py
+++ b/salt/modules/dracr.py
@ -548,7 +548,7 @@ def create_user(username, password, permissions,

    .. code-block:: bash

-        salt dell dracr.create_user [USERNAME] [PASSWORD] [PRIVELEGES]
+        salt dell dracr.create_user [USERNAME] [PASSWORD] [PRIVILEGES]
        salt dell dracr.create_user diana secret login,test_alerts,clear_logs

    DRAC Privileges
@ -616,7 +616,7 @@ def set_permissions(username, permissions,

    .. code-block:: bash

-        salt dell dracr.set_permissions [USERNAME] [PRIVELEGES]
+        salt dell dracr.set_permissions [USERNAME] [PRIVILEGES]
             [USER INDEX - optional]
        salt dell dracr.set_permissions diana login,test_alerts,clear_logs 4

--- a/salt/modules/extfs.py
+++ b/salt/modules/extfs.py
@ -245,6 +245,8 @@ def dump(device, args=None):
            elif line.startswith('Group') and not line.startswith('Group descriptor size'):
                mode = 'blocks'
            else:
+                if len(comps) < 2:
+                    continue
                ret['attributes'][comps[0]] = comps[1].strip()

        if mode == 'blocks':
--- a/salt/modules/ipmi.py
+++ b/salt/modules/ipmi.py
@ -704,7 +704,7 @@ def set_bootdev(bootdev='default', persist=False, uefiboot=False, **kwargs):
                    this

    :param uefiboot: If true, request UEFI boot explicitly.  Strictly
-                    speaking, the spec sugests that if not set, the system
+                    speaking, the spec suggests that if not set, the system
                    should BIOS boot and offers no "don't care" option.
                    In practice, this flag not being set does not preclude
                    UEFI boot on any system I've encountered.
--- a/salt/modules/linux_acl.py
+++ b/salt/modules/linux_acl.py
@ -250,10 +250,12 @@ def delfacl(acl_type, acl_name='', *args, **kwargs):

    _raise_on_no_files(*args)

-    cmd = 'setfacl -x'
+    cmd = 'setfacl'
    if recursive:
        cmd += ' -R'

+    cmd += ' -x'
+
    cmd = '{0} {1}:{2}'.format(cmd, _acl_prefix(acl_type), acl_name)

    for dentry in args:
--- a/salt/modules/nacl.py
+++ b/salt/modules/nacl.py
@ -78,6 +78,30 @@ Or do something interesting with grains like:
        '{{ opts['id'] }}':
            - {{ role }}
        {%- endif %}
+
+Multi-line text items like certificates require a bit of extra work. You have to strip the new lines
+and replace them with '/n' characters. Certificates specifically require some leading white space when
+calling nacl.enc so that the '--' in the first line (commonly -----BEGIN CERTIFICATE-----) doesn't get
+interpreted as an argument to nacl.enc. For instance if you have a certificate file that lives in cert.crt:
+
+.. code-block:: bash
+
+    cert=$(cat cert.crt |awk '{printf "%s\\n",$0} END {print ""}'); salt-run nacl.enc "  $cert"
+
+Pillar data should look the same, even though the secret will be quite long. However, when calling
+multiline encrypted secrets from pillar in a state, use the following format to avoid issues with /n
+creating extra whitespace at the beginning of each line in the cert file:
+
+.. code-block:: yaml
+    secret.txt:
+        file.managed:
+            - template: jinja
+            - user: user
+            - group: group
+            - mode: 700
+            - contents: "{{- salt['pillar.get']('secret') }}"
+
+The '{{-' will tell jinja to strip the whitespace from the beginning of each of the new lines.
 '''

 from __future__ import absolute_import
--- a/salt/modules/selinux.py
+++ b/salt/modules/selinux.py
@ -266,16 +266,36 @@ def list_semod():

    .. versionadded:: 2016.3.0
    '''
-    mdata = __salt__['cmd.run']('semodule -l').splitlines()
-    ret = {}
-    for line in mdata[1:]:
-        if not line.strip():
-            continue
-        comps = line.split()
-        if len(comps) == 3:
-            ret[comps[0]] = {'Enabled': False,
-                             'Version': comps[1]}
-        else:
-            ret[comps[0]] = {'Enabled': True,
-                             'Version': comps[1]}
+    helptext = __salt__['cmd.run']('semodule -h').splitlines()
+    semodule_version = ''
+    for line in helptext:
+        if line.strip().startswith('full'):
+            semodule_version = 'new'
+
+    if semodule_version == 'new':
+        mdata = __salt__['cmd.run']('semodule -lfull').splitlines()
+        ret = {}
+        for line in mdata:
+            if not line.strip():
+                continue
+            comps = line.split()
+            if len(comps) == 4:
+                ret[comps[1]] = {'Enabled': False,
+                                 'Version': None}
+            else:
+                ret[comps[1]] = {'Enabled': True,
+                                 'Version': None}
+    else:
+        mdata = __salt__['cmd.run']('semodule -l').splitlines()
+        ret = {}
+        for line in mdata:
+            if not line.strip():
+                continue
+            comps = line.split()
+            if len(comps) == 3:
+                ret[comps[0]] = {'Enabled': False,
+                                 'Version': comps[1]}
+            else:
+                ret[comps[0]] = {'Enabled': True,
+                                 'Version': comps[1]}
    return ret
--- a/salt/modules/win_update.py
+++ b/salt/modules/win_update.py
@ -551,7 +551,7 @@ def list_updates(verbose=False, fields=None, skips=None, retries=5, categories=N
    fields
        Return a list of specific fields for each update. The optional
        values here are those at the root level of the verbose list. This
-        is superceded by the verbose option.
+        is superseded by the verbose option.

    retries
        Number of retries to make before giving up. This is total, not per
--- a/salt/modules/x509.py
+++ b/salt/modules/x509.py
@ -1089,7 +1089,7 @@ def create_certificate(
                - x509.sign_remote_certificate

    subject properties:
-        Any of the values below can be incldued to set subject properties
+        Any of the values below can be included to set subject properties
        Any other subject properties supported by OpenSSL should also work.

        C:
--- a/salt/netapi/rest_cherrypy/app.py
+++ b/salt/netapi/rest_cherrypy/app.py
@ -264,7 +264,7 @@ documentation, but in short:
  <salt.wheel.key>` exposes similar functionality as the ``salt-key`` CLI
  command.

-Most clients have variants like synchronous or asyncronous execution as well as
+Most clients have variants like synchronous or asynchronous execution as well as
 others like batch execution. See the :ref:`full list of client interfaces
 <netapi-clients>`.

--- a/salt/states/augeas.py
+++ b/salt/states/augeas.py
@ -265,7 +265,7 @@ def change(name, context=None, changes=None, lens=None,
        filename = re.sub('^/files|/$', '', context)

    if __opts__['test']:
-        ret['result'] = None
+        ret['result'] = True
        ret['comment'] = 'Executing commands'
        if context:
            ret['comment'] += ' in file "{0}":\n'.format(context)
--- a/salt/states/chocolatey.py
+++ b/salt/states/chocolatey.py
@ -31,8 +31,9 @@ def install(*args, **kwargs):
    installed(*args, **kwargs)


-def installed(name, version=None, source=None, force=False, install_args=None,
-            override_args=False, force_x86=False, package_args=None):
+def installed(name, version=None, source=None, force=False, pre_versions=False,
+              install_args=None, override_args=False, force_x86=False,
+              package_args=None):
    '''
    Installs a package if not already installed

@ -49,6 +50,9 @@ def installed(name, version=None, source=None, force=False, install_args=None,
    force
      Reinstall the current version of an existing package. Default is false.

+    pre_versions
+      Include pre-release packages. Default is False.
+
    install_args
      A list of install arguments you want to pass to the installation
      process i.e product key or feature list
@ -97,13 +101,11 @@ def installed(name, version=None, source=None, force=False, install_args=None,
        return ret

    # Install the package
-    ret['changes'] = {name: __salt__['chocolatey.install'](name, version,
-                                                             source,
-                                                             force,
-                                                             install_args,
-                                                             override_args,
-                                                             force_x86,
-                                                             package_args)}
+    ret['changes'] = {name: __salt__['chocolatey.install'](
+        name=name, version=version, source=source, force=force,
+        pre_versions=pre_versions, install_args=install_args,
+        override_args=override_args, force_x86=force_x86,
+        package_args=package_args)}

    if 'Running chocolatey failed' not in ret['changes']:
        ret['result'] = True
--- a/salt/states/ddns.py
+++ b/salt/states/ddns.py
@ -37,8 +37,9 @@ def present(name, zone, ttl, data, rdtype='A', **kwargs):

    name
        The host portion of the DNS record, e.g., 'webserver'. Name and zone
-        are concatenated when the entry is created, so make sure that
-        information is not duplicated in these two arguments.
+        are concatenated when the entry is created unless name includes a
+        trailing dot, so make sure that information is not duplicated in these
+        two arguments.

    zone
        The zone to check/update
@ -95,8 +96,9 @@ def absent(name, zone, data=None, rdtype=None, **kwargs):

    name
        The host portion of the DNS record, e.g., 'webserver'. Name and zone
-        are concatenated when the entry is created, so make sure that
-        information is not duplicated in these two arguments.
+        are concatenated when the entry is created unless name includes a
+        trailing dot, so make sure that information is not duplicated in these
+        two arguments.

    zone
        The zone to check
--- a/salt/states/pkg.py
+++ b/salt/states/pkg.py
@ -1898,7 +1898,7 @@ def latest(
    targets = {}
    problems = []
    for pkg in desired_pkgs:
-        if not avail[pkg]:
+        if not avail.get(pkg):
            # Package either a) is up-to-date, or b) does not exist
            if not cur[pkg]:
                # Package does not exist
--- a/salt/states/selinux.py
+++ b/salt/states/selinux.py
@ -202,7 +202,8 @@ def module(name, module_state='Enabled', version='any'):
        installed_version = modules[name]['Version']
        if not installed_version == version:
            ret['comment'] = 'Module version is {0} and does not match ' \
-                             'the desired version of {1}'.format(installed_version, version)
+                             'the desired version of {1} or you are ' \
+                             'using semodule >= 2.4'.format(installed_version, version)
            ret['result'] = False
            return ret
    current_module_state = _refine_module_state(modules[name]['Enabled'])
@ -211,7 +212,7 @@ def module(name, module_state='Enabled', version='any'):
        return ret
    if __opts__['test']:
        ret['result'] = None
-        ret['comment'] = 'Module {0} is set to be togggled to {1}'.format(
+        ret['comment'] = 'Module {0} is set to be toggled to {1}'.format(
            name, module_state)
        return ret

--- a/salt/states/svn.py
+++ b/salt/states/svn.py
@ -102,6 +102,10 @@ def latest(name,
                    ('{0} doesn\'t exist and is set to be checked out.').format(target))
        svn_cmd = 'svn.diff'
        opts += ('-r', 'HEAD')
+
+        if trust:
+            opts += ('--trust-server-cert',)
+
        out = __salt__[svn_cmd](cwd, target, user, username, password, *opts)
        return _neutral_test(
                ret,
--- a/salt/templates/rh_ip/network.jinja
+++ b/salt/templates/rh_ip/network.jinja
@ -4,5 +4,7 @@
 {%endif%}{% if gateway %}GATEWAY={{gateway}}
 {%endif%}{% if gatewaydev %}GATEWAYDEV={{gatewaydev}}
 {%endif%}{% if nisdomain %}NISDOMAIN={{nisdomain}}
+{%endif%}{% if networkdelay %}NETWORKDELAY={{networkdelay}}
+{%endif%}{% if devtimeout %}DEVTIMEOUT={{devtimeout}}
 {%endif%}{% if nozeroconf %}NOZEROCONF={{nozeroconf}}
 {%endif%}
--- a/tests/unit/modules/linux_acl_test.py
+++ b/tests/unit/modules/linux_acl_test.py
@ -193,4 +193,4 @@ class LinuxAclTestCase(TestCase):

    def test_delfacl__recursive_w_multiple_args(self):
        linux_acl.delfacl(*(self.default_user_acl[:-1] + self.files), recursive=True)
-        self.cmdrun.assert_called_once_with('setfacl -x -R ' + ' '.join([self.default_user_acl_cmd.rpartition(':')[0]] + self.files), python_shell=False)
+        self.cmdrun.assert_called_once_with('setfacl -R -x ' + ' '.join([self.default_user_acl_cmd.rpartition(':')[0]] + self.files), python_shell=False)
--- a/tests/unit/states/augeas_test.py
+++ b/tests/unit/states/augeas_test.py
@ -84,7 +84,7 @@ class AugeasTestCase(TestCase):
        comt = ('Executing commands in file "/files/etc/services":\n'
                'ins service-name after service-name[last()]'
                '\nset service-name[last()] zabbix-agent')
-        self.ret.update({'comment': comt, 'result': None})
+        self.ret.update({'comment': comt, 'result': True})

        with patch.dict(augeas.__opts__, {'test': True}):
            self.assertDictEqual(