Updated Red Hat spec file and RH patches for 0.25.0.

Thanks to Todd Zullinger for the patch and the updates.
2009-09-05 09:00:00 +10:00 · 2009-09-05 09:00:00 +10:00 · 2e9b706898
--- a/conf/redhat/lsb-config.patch
+++ b/conf/redhat/lsb-config.patch
@ -1,51 +0,0 @@
--- puppet-0.18.0/conf/redhat/fileserver.conf.orig	2006-06-20 12:13:49.000000000 -0700
-+++ puppet-0.18.0/conf/redhat/fileserver.conf	2006-06-20 12:14:03.000000000 -0700
-@@ -6,7 +6,7 @@
- # for allow/deny does not matter, allow always takes precedence
- # over deny
- [files]
-  path /var/puppet/files
-+  path /var/lib/puppet/files
- #  allow *.example.com
- #  deny *.evil.example.com
- #  allow 192.168.0.0/24
--- puppet-0.18.0/conf/redhat/puppetd.conf.orig	2006-06-20 12:12:01.000000000 -0700
-+++ puppet-0.18.0/conf/redhat/puppetd.conf	2006-06-20 12:14:37.000000000 -0700
-@@ -1,5 +1,33 @@
-+[puppet]
-+    # Where Puppet stores dynamic and growing data.
-+    # The default value is '/var/puppet'.
-+    vardir = /var/lib/puppet
-+
-+    # The Puppet log directory.
-+    # The default value is '$vardir/log'.
-+    logdir = /var/log/puppet
-+
-+    # Where Puppet PID files are kept.
-+    # The default value is '$vardir/run'.
-+    rundir = /var/run/puppet
-+
-+    # Where lock files are kept.
-+    # The default value is '$vardir/locks'.
-+    lockdir = /var/lock
-+
-+    # Where SSL certificates are kept.
-+    # The default value is '$confdir/ssl'.
-+    ssldir = $vardir/ssl
-+
- [puppetd]
-# Make sure all log messages are sent to the right directory
-# This directory must be writable by the puppet user
-logdir=/var/log/puppet
-rundir=/var/run
-+    # The file in which puppetd stores a list of the classes
-+    # associated with the retrieved configuratiion.  Can be loaded in
-+    # the separate ``puppet`` executable using the ``--loadclasses``
-+    # option.
-+    # The default value is '$confdir/classes.txt'.
-+    classfile = $vardir/classes.txt
-+
-+    # Where puppetd caches the local configuration.  An
-+    # extension indicating the cache format is added automatically.
-+    # The default value is '$confdir/localconfig'.
-+    localconfig = $vardir/localconfig
--- a/conf/redhat/no-chuser-0.15.1.patch
+++ b/conf/redhat/no-chuser-0.15.1.patch
@ -1,38 +0,0 @@
--- puppet-0.15.1/bin/puppetmasterd.orig	2006-03-15 08:33:45.000000000 -0800
-+++ puppet-0.15.1/bin/puppetmasterd	2006-03-22 13:07:54.000000000 -0800
-@@ -210,14 +210,15 @@
-     exit(1)
- end
- 
-if Process.uid == 0
-    begin
-        Puppet::Util.chuser
-    rescue => detail
-        $stderr.puts "Could not change user to %s: %s" % [Puppet[:user], detail]
-        exit(39)
-    end
-end
-+# FIXME: Running as non-root is not ready for primetime
-+# if Process.uid == 0
-+#     begin
-+#         Puppet::Util.chuser
-+#     rescue => detail
-+#         $stderr.puts "Could not change user to %s: %s" % [Puppet[:user], detail]
-+#         exit(39)
-+#     end
-+# end
- 
- if Puppet[:parseonly]
-     # we would have already exited if the file weren't syntactically correct
--- puppet-0.15.1/bin/puppetca.orig	2006-02-07 15:12:39.000000000 -0800
-+++ puppet-0.15.1/bin/puppetca	2006-03-22 13:07:56.000000000 -0800
-@@ -138,7 +138,8 @@
- Puppet.genconfig
- Puppet.genmanifest
- 
-Puppet::Util.chuser
-+# FIXME: Running as non-root is not ready for primetime
-+# Puppet::Util.chuser
- 
- begin
-     ca = Puppet::SSLCertificates::CA.new()
--- a/conf/redhat/no-lockdir.patch
+++ b/conf/redhat/no-lockdir.patch
@ -1,13 +0,0 @@
--- puppet-0.22.1/conf/redhat/puppetd.conf.orig	2006-09-27 10:30:35.000000000 -0700
-+++ puppet-0.22.1/conf/redhat/puppetd.conf	2007-02-11 13:27:04.000000000 -0800
-@@ -11,10 +11,6 @@
-     # The default value is '$vardir/run'.
-     rundir = /var/run/puppet
- 
-    # Where lock files are kept.
-    # The default value is '$vardir/locks'.
-    lockdir = /var/lock
-
-     # Where SSL certificates are kept.
-     # The default value is '$confdir/ssl'.
-     ssldir = $vardir/ssl
--- a/conf/redhat/puppet.spec
+++ b/conf/redhat/puppet.spec
@ -6,11 +6,12 @@

 Name:           puppet
 Version:        0.25.0
-Release:        0.1.beta1%{?dist}
+Release:        1%{?dist}
 Summary:        A network tool for managing many disparate systems
 License:        GPLv2+
 URL:            http://puppet.reductivelabs.com/
-Source0:        http://reductivelabs.com/downloads/puppet/%{name}-%{version}beta1.tar.gz
+Source0:        http://reductivelabs.com/downloads/puppet/%{name}-%{version}.tar.gz
+Patch0:         rundir-perms.patch
 Group:          System Environment/Base

 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -24,10 +25,14 @@ Requires:       ruby(abi) = 1.8
 Requires:       ruby-shadow
 %endif

-# Pull in libselinux-ruby where it is available
-%if 0%{?fedora} >=9
+# Pull in ruby selinux bindings where available
+%if 0%{?fedora}
+%if 0%{?fedora} >= 12
+%{!?_without_selinux:Requires: ruby(selinux)}
+%else
 %{!?_without_selinux:Requires: libselinux-ruby}
 %endif
+%endif

 Requires:       facter >= 1.5
 Requires:       ruby >= 1.8.1
@ -59,7 +64,8 @@ Provides the central puppet server daemon which provides manifests to clients.
 The server can also function as a certificate authority and file server.

 %prep
-%setup -q -n %{name}-%{version}beta1
+%setup -q
+%patch0 -p1

 %build
 # Fix some rpmlint complaints
@ -71,6 +77,7 @@ done
 for f in external/nagios.rb network/http_server/mongrel.rb relationship.rb; do
  sed -i -e '1d' lib/puppet/$f
 done
+chmod +x ext/puppetstoredconfigclean.rb

 find examples/ -type f -empty | xargs rm
 find examples/ -type f | xargs chmod a-x
@ -82,7 +89,7 @@ ruby install.rb --destdir=%{buildroot} --quick --no-rdoc
 install -d -m0755 %{buildroot}%{_sysconfdir}/puppet/manifests
 install -d -m0755 %{buildroot}%{_localstatedir}/lib/puppet
 install -d -m0755 %{buildroot}%{_localstatedir}/run/puppet
-install -d -m0755 %{buildroot}%{_localstatedir}/log/puppet
+install -d -m0750 %{buildroot}%{_localstatedir}/log/puppet
 install -Dp -m0644 %{confdir}/client.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/puppet
 install -Dp -m0755 %{confdir}/client.init %{buildroot}%{_initrddir}/puppet
 install -Dp -m0644 %{confdir}/server.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/puppetmaster
@ -97,8 +104,26 @@ touch %{buildroot}%{_sysconfdir}/puppet/puppetmasterd.conf
 touch %{buildroot}%{_sysconfdir}/puppet/puppetca.conf
 touch %{buildroot}%{_sysconfdir}/puppet/puppetd.conf

+# Install the ext/ directory to %{_datadir}/%{name}
+install -d %{buildroot}%{_datadir}/%{name}
+cp -a ext/ %{buildroot}%{_datadir}/%{name}
+# emacs and vim bits are installed elsewhere
+rm -rf %{buildroot}%{_datadir}/%{name}/ext/{emacs,vim}
+
+# Install emacs mode files
+emacsdir=%{buildroot}%{_datadir}/emacs/site-lisp
+install -Dp -m0644 ext/emacs/puppet-mode.el $emacsdir/puppet-mode.el
+install -Dp -m0644 ext/emacs/puppet-mode-init.el \
+    $emacsdir/site-start.d/puppet-mode-init.el
+
+# Install vim syntax files
+vimdir=%{buildroot}%{_datadir}/vim/vimfiles
+install -Dp -m0644 ext/vim/ftdetect/puppet.vim $vimdir/ftdetect/puppet.vim
+install -Dp -m0644 ext/vim/syntax/puppet.vim $vimdir/syntax/puppet.vim
+
 %files
 %defattr(-, root, root, 0755)
+%doc CHANGELOG COPYING LICENSE README examples
 %exclude %{_bindir}/pi
 %{_bindir}/puppet
 %{_bindir}/ralsh
@ -111,8 +136,11 @@ touch %{buildroot}%{_sysconfdir}/puppet/puppetd.conf
 %config(noreplace) %{_sysconfdir}/sysconfig/puppet
 %config(noreplace) %{_sysconfdir}/puppet/puppet.conf
 %ghost %config(noreplace,missingok) %{_sysconfdir}/puppet/puppetd.conf
-%doc CHANGELOG COPYING LICENSE README examples
 %config(noreplace) %{_sysconfdir}/logrotate.d/puppet
+# We don't want to require emacs or vim, so we need to own these dirs
+%{_datadir}/emacs
+%{_datadir}/vim
+%{_datadir}/%{name}
 # These need to be owned by puppet so the server can
 # write to them
 %attr(-, puppet, puppet) %{_localstatedir}/run/puppet
@ -186,6 +214,12 @@ fi
 rm -rf %{buildroot}

 %changelog
+* Fri Sep 04 2009 Todd Zullinger <tmz@pobox.com> - 0.25.0-1
+- Update to 0.25.0
+- Fix permissions on /var/log/puppet (#495096)
+- Install emacs mode and vim syntax files (#491437)
+- Install ext/ directory in %%{_datadir}/%{name} (/usr/share/puppet)
+
 * Mon May 04 2009 Todd Zullinger <tmz@pobox.com> - 0.25.0-0.1.beta1
 - Update to 0.25.0beta1
 - Make Augeas and SELinux requirements build time options
--- a/conf/redhat/rundir-perms.patch
+++ b/conf/redhat/rundir-perms.patch
@ -0,0 +1,28 @@
+From 9c4f335261aa48b6a2b82e91d4d6fcd95f030d09 Mon Sep 17 00:00:00 2001
+From: Jeroen van Meeuwen (Fedora Unity) <kanarip@fedoraunity.org>
+Date: Fri, 4 Sep 2009 09:13:19 -0400
+Subject: [PATCH/puppet] Tighten rundir perms (rhbz #495096)
+
+The loose default permissions are not required for Red Hat systems
+installed via rpm packages because the packages create the required
+service user/group.
+---
+ lib/puppet/defaults.rb |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
+index 3a0feec..3132830 100644
+--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
+@@ -62,7 +62,7 @@ module Puppet
+         },
+         :rundir => {
+             :default => rundir,
+-            :mode => 01777,
+            :mode => 0755,
+             :desc => "Where Puppet PID files are kept."
+         },
+         :genconfig => [false,
+-- 
+1.6.4.2
+