saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Merge branch '2016.11' into 'nitrogen'

Browse source 
Conflicts:
  - salt/modules/dockermod.py
  - salt/modules/file.py
This commit is contained in:
rallytime 2017-04-11 15:03:34 -06:00
commit e90622bc22
12 changed files with 97 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
conf/minion
View file

@ -737,6 +737,10 @@
#
#zmq_monitor: False
# Number of times to try to authenticate with the salt master when reconnecting
# to the master
#tcp_authentication_retries: 5
###### Module configuration #####
###########################################
# Salt allows for modules to be passed arbitrary configuration data, any data

14
doc/ref/configuration/minion.rst
View file

@ -2256,6 +2256,20 @@ ZeroMQ is installed.
.. conf_minion:: failhard
``tcp_authentication_retries``
------------------------------
Default: ``5``
The number of times to retry authenticating with the salt master when it comes
back online.
Zeromq does a lot to make sure when connections come back online that they
reauthenticate. The tcp transport should try to connect with a new connection
if the old one times out on reauthenticating.
`-1` for infinite tries.
``failhard``
------------

1
pkg/suse/salt-api.service
View file

@ -1 +0,0 @@
../salt-api.service

14
pkg/suse/salt-api.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=The Salt API
After=network.target
[Service]
User=salt
Type=simple
Environment=SHELL=/bin/bash
LimitNOFILE=8192
ExecStart=/usr/bin/salt-api
TimeoutStopSec=3
[Install]
WantedBy=multi-user.target

2
salt/client/ssh/state.py
View file

@ -218,7 +218,7 @@ def prep_trans_tar(opts, file_client, chunks, file_refs, pillar=None, id_=None):
files = ''
if files:
for filename in files:
fn = filename[len(cache_dest):].strip('/')
fn = filename[len(file_client.get_cachedir(cache_dest)):].strip('/')
tgt = os.path.join(
env_root,
short,

5
salt/config/__init__.py
View file

@ -1029,6 +1029,10 @@ VALID_OPTS = {
# django auth
'django_auth_path': str,
'django_auth_settings': str,
# Number of times to try to auth with the master on a reconnect with the
# tcp transport
'tcp_authentication_retries': int,
}
# default configurations
@ -1169,6 +1173,7 @@ DEFAULT_MINION_OPTS = {
'file_buffer_size': 262144,
'tcp_pub_port': 4510,
'tcp_pull_port': 4511,
'tcp_authentication_retries': 5,
'log_file': os.path.join(salt.syspaths.LOGS_DIR, 'minion'),
'log_level': 'warning',
'log_level_logfile': None,

93
salt/fileclient.py
View file

@ -132,11 +132,7 @@ class Client(object):
'''
Return the local location to cache the file, cache dirs will be made
'''
if cachedir is None:
cachedir = self.opts['cachedir']
elif not os.path.isabs(cachedir):
cachedir = os.path.join(self.opts['cachedir'], cachedir)
cachedir = self.get_cachedir(cachedir)
dest = salt.utils.path_join(cachedir,
'files',
saltenv,
@ -159,6 +155,13 @@ class Client(object):
yield dest
os.umask(cumask)
def get_cachedir(self, cachedir=None):
if cachedir is None:
cachedir = self.opts['cachedir']
elif not os.path.isabs(cachedir):
cachedir = os.path.join(self.opts['cachedir'], cachedir)
return cachedir
def get_file(self,
path,
dest='',
@ -250,10 +253,7 @@ class Client(object):
# prefix = ''
# else:
# prefix = separated[0]
if cachedir is None:
cachedir = self.opts['cachedir']
elif not os.path.isabs(cachedir):
cachedir = os.path.join(self.opts['cachedir'], cachedir)
cachedir = self.get_cachedir(cachedir)
dest = salt.utils.path_join(cachedir, 'files', saltenv)
for fn_ in self.file_list_emptydirs(saltenv):
@ -818,22 +818,6 @@ class LocalClient(Client):
if not fnd_path:
return ''
try:
fnd_mode = fnd.get('stat', [])[0]
except (IndexError, TypeError):
fnd_mode = None
if not salt.utils.is_windows():
if fnd_mode is not None:
try:
if os.stat(dest).st_mode != fnd_mode:
try:
os.chmod(dest, fnd_mode)
except OSError as exc:
log.warning('Failed to chmod %s: %s', dest, exc)
except Exception:
pass
return fnd_path
def file_list(self, saltenv='base', prefix=''):
@ -1085,47 +1069,7 @@ class RemoteClient(Client):
mode_local = None
if hash_local == hash_server:
if not salt.utils.is_windows():
if mode_server is None:
log.debug('No file mode available for \'%s\'', path)
elif mode_local is None:
log.debug(
'No file mode available for \'%s\'',
dest2check
)
else:
if mode_server == mode_local:
log.info(
'Fetching file from saltenv \'%s\', '
'** skipped ** latest already in cache '
'\'%s\', mode up-to-date', saltenv, path
)
else:
try:
os.chmod(dest2check, mode_server)
log.info(
'Fetching file from saltenv \'%s\', '
'** updated ** latest already in cache, '
'\'%s\', mode updated from %s to %s',
saltenv,
path,
salt.utils.st_mode_to_octal(mode_local),
salt.utils.st_mode_to_octal(mode_server)
)
except OSError as exc:
log.warning(
'Failed to chmod %s: %s', dest2check, exc
)
# We may not have been able to check/set the mode, but we
# don't want to re-download the file because of a failure
# in mode checking. Return the cached path.
return dest2check
else:
log.info(
'Fetching file from saltenv \'%s\', ** skipped ** '
'latest already in cache \'%s\'', saltenv, path
)
return dest2check
return dest2check
log.debug(
'Fetching file from saltenv \'%s\', ** attempting ** \'%s\'',
@ -1242,23 +1186,6 @@ class RemoteClient(Client):
saltenv, path
)
if not salt.utils.is_windows():
if mode_server is not None:
try:
if os.stat(dest).st_mode != mode_server:
try:
os.chmod(dest, mode_server)
log.info(
'Fetching file from saltenv \'%s\', '
'** done ** \'%s\', mode set to %s',
saltenv,
path,
salt.utils.st_mode_to_octal(mode_server)
)
except OSError:
log.warning('Failed to chmod %s: %s', dest, exc)
except OSError:
pass
return dest
def file_list(self, saltenv='base', prefix=''):

22
salt/modules/cp.py
View file

@ -632,6 +632,28 @@ def hash_file(path, saltenv='base'):
return _client().hash_file(path, saltenv)
def stat_file(path, saltenv='base', octal=True):
'''
Return the permissions of a file, to get the permissions of a file on the
salt master file server prepend the path with salt://<file on server>
otherwise, prepend the file with / for a local file.
CLI Example:
.. code-block:: bash
salt '*' cp.stat_file salt://path/to/file
'''
path, senv = salt.utils.url.split_env(path)
if senv:
saltenv = senv
stat = _client().hash_and_stat_file(path, saltenv)[1]
if stat is None:
return stat
return salt.utils.st_mode_to_octal(stat[0]) if octal is True else stat[0]
def push(path, keep_symlinks=False, upload_path=None, remove_source=False):
'''
WARNING Files pushed to the master will have global read permissions..

2
salt/modules/dockermod.py
View file

@ -5240,7 +5240,7 @@ def sls(name, mods=None, saltenv='base', **kwargs):
copy_to(name,
trans_tar,
os.path.join(trans_dest_path, 'salt_state.tgz'),
exec_driver='nsenter',
exec_driver=_get_exec_driver(),
overwrite=True)
# Now execute the state into the container

11
salt/modules/file.py
View file

@ -4394,7 +4394,7 @@ def check_managed_changes(
if _urlparse(source).scheme in ('salt', 'file') \
or source.startswith('/'):
try:
mode = salt.utils.st_mode_to_octal(os.stat(sfn).st_mode)
mode = __salt__['cp.stat_file'](source, saltenv=saltenv, octal=True)
except Exception as exc:
log.warning('Unable to stat %s: %s', sfn, exc)
changes = check_file_meta(name, sfn, source, source_sum, user,
@ -4660,6 +4660,13 @@ def manage_file(name,
a local file on the minion), the mode of the destination file will be
set to the mode of the source file.
.. note:: keep_mode does not work with salt-ssh.
As a consequence of how the files are transfered to the minion, and
the inability to connect back to the master with salt-ssh, salt is
unable to stat the file as it exists on the fileserver and thus
cannot mirror the mode on the salt-ssh minion
encoding : None
If None, str() will be applied to contents.
If not None, specified encoding will be used.
@ -4709,7 +4716,7 @@ def manage_file(name,
if _urlparse(source).scheme in ('salt', 'file') \
or source.startswith('/'):
try:
mode = salt.utils.st_mode_to_octal(os.stat(sfn).st_mode)
mode = __salt__['cp.stat_file'](source, saltenv=saltenv, octal=True)
except Exception as exc:
log.warning('Unable to stat %s: %s', sfn, exc)

7
salt/states/file.py
View file

@ -1735,6 +1735,13 @@ def managed(name,
the ``contents`` options, setting the ``mode`` to ``keep`` is also
incompatible with the ``contents`` options.
.. note:: keep does not work with salt-ssh.
As a consequence of how the files are transfered to the minion, and
the inability to connect back to the master with salt-ssh, salt is
unable to stat the file as it exists on the fileserver and thus
cannot mirror the mode on the salt-ssh minion
template
If this setting is applied, the named templating engine will be used to
render the downloaded file. The following templates are supported:

9
salt/transport/tcp.py
View file

@ -408,7 +408,14 @@ class AsyncTCPPubChannel(salt.transport.mixins.auth.AESPubClientMixin, salt.tran
raise tornado.gen.Return(True)
if force_auth or not self.auth.authenticated:
yield self.auth.authenticate()
count = 0
while count <= self.opts['tcp_authentication_retries'] or self.opts['tcp_authentication_retries'] < 0:
try:
yield self.auth.authenticate()
break
except SaltClientError as exc:
log.debug(exc)
count += 1
try:
ret = yield _do_transfer()
raise tornado.gen.Return(ret)

3
salt/utils/minions.py
View file

@ -207,7 +207,8 @@ class CkMinions(object):
'''
if isinstance(expr, six.string_types):
expr = [m for m in expr.split(',') if m]
return [x for x in expr if x in self._pki_minions()]
minions = self._pki_minions()
return [x for x in expr if x in minions]
def _check_pcre_minions(self, expr, greedy): # pylint: disable=unused-argument
'''