From 77be5f80dcbe01ee89645392d2273d8d27cf402f Mon Sep 17 00:00:00 2001 From: Michael Calmer Date: Wed, 5 Jul 2023 18:11:30 +0200 Subject: [PATCH 1/2] drop spacewalk-setup-sudoers --- spacewalk/setup/Makefile.PL | 7 +- spacewalk/setup/bin/spacewalk-setup | 7 -- spacewalk/setup/bin/spacewalk-setup-sudoers | 83 ------------------- spacewalk/setup/share/sudoers.clear | 5 -- .../spacewalk-setup.changes.mcalmer.master | 2 + spacewalk/setup/spacewalk-setup.spec | 12 --- 6 files changed, 4 insertions(+), 112 deletions(-) delete mode 100755 spacewalk/setup/bin/spacewalk-setup-sudoers delete mode 100644 spacewalk/setup/share/sudoers.clear create mode 100644 spacewalk/setup/spacewalk-setup.changes.mcalmer.master diff --git a/spacewalk/setup/Makefile.PL b/spacewalk/setup/Makefile.PL index 0be240c71d7c..863a288ef68e 100644 --- a/spacewalk/setup/Makefile.PL +++ b/spacewalk/setup/Makefile.PL @@ -11,14 +11,11 @@ WriteMakefile( EXE_FILES => ['bin/spacewalk-setup', 'bin/spacewalk-make-mount-points', 'bin/spacewalk-setup-cobbler', - 'bin/spacewalk-setup-httpd', - 'bin/spacewalk-setup-sudoers'], + 'bin/spacewalk-setup-httpd'], PREREQ_PM => { 'Test::More' => 0, }, - MAN1PODS => { 'lib/Spacewalk/Setup.pm' => '$(INST_MAN1DIR)/spacewalk-setup.$(MAN1EXT)', - 'bin/spacewalk-setup-sudoers' => '$(INST_MAN1DIR)/spacewalk-setup-sudoers.$(MAN1EXT)', - }, + MAN1PODS => { 'lib/Spacewalk/Setup.pm' => '$(INST_MAN1DIR)/spacewalk-setup.$(MAN1EXT)', }, dist => { COMPRESS => 'gzip -9f', SUFFIX => 'gz', }, clean => { FILES => 'Spacewalk-Setup-*' }, ); diff --git a/spacewalk/setup/bin/spacewalk-setup b/spacewalk/setup/bin/spacewalk-setup index 3be2d0e9d5ae..e7cd3d2513db 100755 --- a/spacewalk/setup/bin/spacewalk-setup +++ b/spacewalk/setup/bin/spacewalk-setup @@ -130,8 +130,6 @@ if(not $opts{"skip-initial-configuration"}) { chown -1, $www_gid, $config_opts->{'mount_point'} . '/systems'; } -setup_sudoers(); - print Spacewalk::Setup::loc("* Configuring apache SSL virtual host.\n"); setup_mod_ssl(\%opts, \%answers); @@ -383,11 +381,6 @@ sub setup_cc { -password => 1); } -sub setup_sudoers { - Spacewalk::Setup::system_or_exit(['/usr/bin/spacewalk-setup-sudoers', ''], 1, - 'Could not setup sudo for Spacewalk commands.'); - return; -} sub passwords_match { my $password_1 = shift; diff --git a/spacewalk/setup/bin/spacewalk-setup-sudoers b/spacewalk/setup/bin/spacewalk-setup-sudoers deleted file mode 100755 index 3196b80d97a5..000000000000 --- a/spacewalk/setup/bin/spacewalk-setup-sudoers +++ /dev/null @@ -1,83 +0,0 @@ -#!/usr/bin/perl -# -# Copyright (c) 2008--2017 Red Hat, Inc. -# -# This software is licensed to you under the GNU General Public License, -# version 2 (GPLv2). There is NO WARRANTY for this software, express or -# implied, including the implied warranties of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 -# along with this software; if not, see -# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. -# -# Red Hat trademarks are not licensed under GPLv2. No permission is -# granted to use or replicate Red Hat trademarks that are incorporated -# in this software or its documentation. - -use strict; -use Spacewalk::Setup; - -sub setup_sudoers { - my $opts = shift; - my $answers = shift; - - my ($sudoers_content_orig, $sudoers_content); - my $sudoers_path = '/etc/sudoers'; - - local *FILE; - if (-e $sudoers_path) { - # If /etc/sudoers exists, let's modify that - open FILE, $sudoers_path or die "Error reading [$sudoers_path]: $!\n"; - } else { - return; - } - { - local $/ = undef; - $sudoers_content = ; - $sudoers_content_orig = $sudoers_content if not defined $sudoers_content_orig; - } - close FILE; - - # The sudoers.clear file has regular expressions for clearing - # old configuration - if (open FILE, Spacewalk::Setup::SHARED_DIR . '/sudoers.clear') { - while (defined(my $regexp = )) { - chomp $regexp; - $sudoers_content =~ s!$regexp!!igm; - } - close FILE; - } - - if ($sudoers_content ne $sudoers_content_orig) { - open FILE, "> $sudoers_path" or die "Error writing [$sudoers_path]: $!\n"; - chmod 0440, $sudoers_path; - print FILE $sudoers_content; - close FILE; - } - - return; -} - -setup_sudoers(); - -=head1 NAME - -spacewalk-setup-sudoers - utility to clear sudo configuration from previous version of -Spacewalk / Satellite - -=head1 SYNOPSIS - -B - -=head1 DESCRIPTION - -B is a utility to clear sudo configuration from previous version of -Spacewalk / Satellite. New configuration is properly put into b. - -Ordinarily, spacewalk-setup-sudoers is called by spacewalk-setup(1) during -initial Spacewalk / Satellite configuration or upgrade. - -=head1 SEE ALSO - -B(1) - Spacewalk setup program - -=cut diff --git a/spacewalk/setup/share/sudoers.clear b/spacewalk/setup/share/sudoers.clear deleted file mode 100644 index fbb593bc4435..000000000000 --- a/spacewalk/setup/share/sudoers.clear +++ /dev/null @@ -1,5 +0,0 @@ -(^[ \t]*#.*\n)*^[ \t]*Cmnd_Alias[ \t]+INSTALL_RHN(.+\\\n)*.+\n+ -(^[ \t]*#.*\n)*(^[ \t]*(apache|tomcat|wwwrun).+INSTALL_RHN[ \t]*\n)+ -^([ \t]*#.+\n)*Cmnd_Alias[ \t]+CONFIG_RHN(.+\\\n)*.+\n -^([ \t]*#.*\n)*[ \t]*((apache|tomcat).+CONFIG_RHN[ \t]*\n)+ -^([ \t]*#.*\n)*[ \t]*(Defaults[ \t]*:[ \t]*(apache|tomcat)\b.+![ \t]*requiretty[ \t]*\n)+ diff --git a/spacewalk/setup/spacewalk-setup.changes.mcalmer.master b/spacewalk/setup/spacewalk-setup.changes.mcalmer.master new file mode 100644 index 000000000000..b94d61e46d67 --- /dev/null +++ b/spacewalk/setup/spacewalk-setup.changes.mcalmer.master @@ -0,0 +1,2 @@ +- drop spacewalk-setup-sudoers which does only cleanups which should be + applied already since several years. The functionality is obsolete diff --git a/spacewalk/setup/spacewalk-setup.spec b/spacewalk/setup/spacewalk-setup.spec index ef4e91bbc2ea..17b5bf29ea20 100644 --- a/spacewalk/setup/spacewalk-setup.spec +++ b/spacewalk/setup/spacewalk-setup.spec @@ -160,7 +160,6 @@ install -d -m 755 %{buildroot}/%{_datadir}/spacewalk/setup/ install -d -m 755 %{buildroot}/%{_sysconfdir}/salt/master.d/ install -d -m 755 %{buildroot}/%{_sysconfdir}/tomcat/conf.d/ install -m 0755 share/embedded_diskspace_check.py %{buildroot}/%{_datadir}/spacewalk/setup/ -install -m 0644 share/sudoers.* %{buildroot}/%{_datadir}/spacewalk/setup/ install -m 0644 share/mod_ssl.conf.* %{buildroot}/%{_datadir}/spacewalk/setup/ install -m 0644 share/tomcat_java_opts.conf %{buildroot}/%{_sysconfdir}/tomcat/conf.d/ %if 0%{?suse_version} @@ -181,9 +180,7 @@ install -d -m 755 %{buildroot}/%{misc_path}/spacewalk mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8 /usr/bin/pod2man --section=8 $RPM_BUILD_ROOT/%{_bindir}/spacewalk-make-mount-points | gzip > $RPM_BUILD_ROOT%{_mandir}/man8/spacewalk-make-mount-points.8.gz -/usr/bin/pod2man --section=1 $RPM_BUILD_ROOT/%{_bindir}/spacewalk-setup-sudoers| gzip > $RPM_BUILD_ROOT%{_mandir}/man1/spacewalk-setup-sudoers.1.gz /usr/bin/pod2man --section=1 $RPM_BUILD_ROOT/%{_bindir}/spacewalk-setup-httpd | gzip > $RPM_BUILD_ROOT%{_mandir}/man1/spacewalk-setup-httpd.1.gz -/usr/bin/pod2man --section=1 $RPM_BUILD_ROOT/%{_bindir}/spacewalk-setup-sudoers| gzip > $RPM_BUILD_ROOT%{_mandir}/man1/spacewalk-setup-sudoers.1.gz # Sphinx built manpage %define SPHINX_BASE_DIR %(echo %{SOURCE0}| sed -e 's/\.tar\.gz//' | sed 's@.*/@@') install -m 0644 %{_builddir}/%{SPHINX_BASE_DIR}/out/spacewalk-cobbler-setup.1 $RPM_BUILD_ROOT%{_mandir}/man1/spacewalk-setup-cobbler.1 @@ -218,14 +215,6 @@ if [ -d /var/cache/salt/master/thin ]; then rm -rf /var/cache/salt/master/thin fi -# sudoers file is now in /etc/sudoers.d/spacewalk -if [ -f /etc/sudoers.d/spacewalk -a -f /etc/sudoers.d/susemanager ]; then - # do not fail if one is just a link to the other one - cp /etc/sudoers.d/spacewalk /etc/sudoers.d/spacewalk.tmp - rm -f /etc/sudoers.d/spacewalk /etc/sudoers.d/susemanager - mv /etc/sudoers.d/spacewalk.tmp /etc/sudoers.d/spacewalk -fi - if grep 'authn_spacewalk' /etc/cobbler/modules.conf > /dev/null 2>&1; then sed -i 's/module = authn_spacewalk/module = authentication.spacewalk/' /etc/cobbler/modules.conf fi @@ -291,7 +280,6 @@ make test %{_bindir}/spacewalk-setup-httpd %{_bindir}/spacewalk-make-mount-points %{_bindir}/spacewalk-setup-cobbler -%{_bindir}/spacewalk-setup-sudoers %{_mandir}/man[13]/*.[13]* %dir %attr(0755, root, root) %{_prefix}/share/salt-formulas/ %dir %attr(0755, root, root) %{_prefix}/share/salt-formulas/states/ From 8330e65f3071f39b5a7e6fd0e409f9732d49d27e Mon Sep 17 00:00:00 2001 From: Michael Calmer Date: Wed, 5 Jul 2023 18:21:29 +0200 Subject: [PATCH 2/2] drop susemanager-upgrade.sh it is not part of any docs anymore and was used to upgrade oracle to pg --- susemanager/bin/susemanager-upgrade.sh | 134 ------------------ ...anager.changes.mcalmer.cleanup-sudo-config | 1 + 2 files changed, 1 insertion(+), 134 deletions(-) delete mode 100755 susemanager/bin/susemanager-upgrade.sh create mode 100644 susemanager/susemanager.changes.mcalmer.cleanup-sudo-config diff --git a/susemanager/bin/susemanager-upgrade.sh b/susemanager/bin/susemanager-upgrade.sh deleted file mode 100755 index 13ab5f527559..000000000000 --- a/susemanager/bin/susemanager-upgrade.sh +++ /dev/null @@ -1,134 +0,0 @@ -#! /bin/bash -# -# Copyright (C) 2014 Novell, Inc. -# This software is licensed to you under the GNU General Public License, -# version 2 (GPLv2). There is NO WARRANTY for this software, express or -# implied, including the implied warranties of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 -# along with this software; if not, see -# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. - -LOGFILE="/var/log/susemanager-upgrade.log" -# set -x -exec > >(tee -a $LOGFILE) 2>&1 - -if [ $UID -ne 0 ]; then - echo "You must run this as root." - exit -fi - -read_value() { - local key=$1 - local val=$( egrep -m1 "^$key[[:space:]]*=" /etc/rhn/rhn.conf | sed "s/^$key[[:space:]]*=[[:space:]]*\(.*\)/\1/" || echo "" ) - echo $val - return 0 - -} - -is_embedded_db() { - if [ "$DBHOST" = "localhost" ]; then - return 0 - else - return 1 - fi -} - -exists_pg_db() { - EXISTS=$(su - postgres -c 'psql -t -c "select datname from pg_database where datname='"'$DBNAME'"';"') - if [ "x$EXISTS" == "x $DBNAME" ] ; then - return 0 - else - return 1 - fi -} - -exists_plpgsql() { - EXISTS=$(su - postgres -c 'psql -At -c "select lanname from pg_catalog.pg_language where lanname='"'plpgsql'"';"'" $DBNAME") - if [ "x$EXISTS" == "xplpgsql" ] ; then - return 0 - else - return 1 - fi -} - -exists_pltclu() { - if is_embedded_db ; then - EXISTS=$(su - postgres -c 'psql -At -c "select lanname from pg_catalog.pg_language where lanname='"'pltclu'"';"'" $DBNAME") - else - EXISTS=$(echo "select lanname from pg_catalog.pg_language where lanname='pltclu';" | spacewalk-sql --select-mode - | grep pltclu | sed 's/^[[:space:]]*\(pltclu\)[[:space:]]*$/\1/') - fi - if [ "x$EXISTS" == "xpltclu" ] ; then - return 0 - else - return 1 - fi -} - -upgrade_pg() { - - if ! db_exists ; then - echo "Database does not exist or is not running" - exit 1 - fi - if ! is_embedded_db ; then - if ! exists_pltclu ; then - echo "SUSE Manager is not running with an embedded DB and your installation miss the 'pltclu' extension." - echo "Please install it before you continue" - exit 1 - fi - return 0 - fi - rcpostgresql status || rcpostgresql start - if ! exists_pg_db ; then - echo "Database does not exist." - exit 1 - fi - if ! exists_plpgsql ; then - su - postgres -c "createlang plpgsql '$DBNAME'" - fi - if ! exists_pltclu ; then - su - postgres -c "createlang pltclu '$DBNAME'" - fi -} - -db_exists() { - EXISTS=$(echo "select label from rhnVersionInfo;" | spacewalk-sql --select-mode - | grep "schema") - if [ -z "$EXISTS" ]; then - return 1 - else - return 0 - fi -} - -upgrade_schema() { - spacewalk-schema-upgrade -y || exit 1 -} - -upgrade_post_db() { - sed -i '/.*\/usr\/sbin\/mgr-ncc-sync,\\.*/d' /etc/sudoers -} - -DBBACKEND=`read_value db_backend` -DBNAME=`read_value db_name` -DBHOST=`read_value db_host` -DBUSER=`read_value db_user` - -if [ "$DBBACKEND" != "postgresql" ]; then - echo "Unknown database backend '$DBBACKEND'" - exit 1 -fi - -if [ "$DBBACKEND" = "postgresql" -a ! -e "/usr/bin/psql" ]; then - echo "/usr/bin/psql not found" - exit 1 -fi - -rcapache2 status && spacewalk-service stop - -upgrade_pg - -upgrade_schema - -upgrade_post_db - -spacewalk-service start diff --git a/susemanager/susemanager.changes.mcalmer.cleanup-sudo-config b/susemanager/susemanager.changes.mcalmer.cleanup-sudo-config new file mode 100644 index 000000000000..8e434ba8f58c --- /dev/null +++ b/susemanager/susemanager.changes.mcalmer.cleanup-sudo-config @@ -0,0 +1 @@ +- drop unused susemanager-upgrade.sh