From e2ea89aa7a5da2d239fe46d036dfc7fa92e56a03 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 31 Aug 2015 19:55:17 +0000 Subject: [PATCH 01/10] reboot_required_notify: move all code to a ::wheezy class. It doesn't work on Jessie and newer (#1). --- manifests/reboot_required_notify.pp | 18 +----------------- manifests/reboot_required_notify/wheezy.pp | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 17 deletions(-) create mode 100644 manifests/reboot_required_notify/wheezy.pp diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp index 722e8a5..d0006f3 100644 --- a/manifests/reboot_required_notify.pp +++ b/manifests/reboot_required_notify.pp @@ -1,21 +1,5 @@ class apt::reboot_required_notify { - # This package installs the script that created /var/run/reboot-required*. - # This script (/usr/share/update-notifier/notify-reboot-required) is - # triggered e.g. by kernel packages. - package { 'update-notifier-common': - ensure => installed, - } - - # cron-apt defaults to run every night at 4 o'clock - # plus some random time <1h. - # so we check if a reboot is required a bit later. - cron { 'apt_reboot_required_notify': - command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi', - user => root, - hour => 5, - minute => 20, - require => Package['update-notifier-common'], - } + class { 'apt::reboot_required_notify::wheezy': } } diff --git a/manifests/reboot_required_notify/wheezy.pp b/manifests/reboot_required_notify/wheezy.pp new file mode 100644 index 0000000..14fdd79 --- /dev/null +++ b/manifests/reboot_required_notify/wheezy.pp @@ -0,0 +1,22 @@ +class apt::reboot_required_notify::wheezy { + + # On Wheezy and older, this package installs the script that created + # /var/run/reboot-required*. + # This script (/usr/share/update-notifier/notify-reboot-required) is + # triggered e.g. by kernel packages. + package { 'update-notifier-common': + ensure => installed, + } + + # cron-apt defaults to run every night at 4 o'clock + # plus some random time <1h. + # so we check if a reboot is required a bit later. + cron { 'apt_reboot_required_notify': + command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi', + user => root, + hour => 5, + minute => 20, + require => Package['update-notifier-common'], + } + +} From a82e3ae272c8510b3dc30f499316a7bfb518d330 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 31 Aug 2015 19:56:16 +0000 Subject: [PATCH 02/10] reboot_required_notify::wheezy: add an "ensure" parameter, defaulting to "present". --- manifests/reboot_required_notify/wheezy.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/manifests/reboot_required_notify/wheezy.pp b/manifests/reboot_required_notify/wheezy.pp index 14fdd79..06998ef 100644 --- a/manifests/reboot_required_notify/wheezy.pp +++ b/manifests/reboot_required_notify/wheezy.pp @@ -1,17 +1,18 @@ -class apt::reboot_required_notify::wheezy { +class apt::reboot_required_notify::wheezy ($ensure = present) { # On Wheezy and older, this package installs the script that created # /var/run/reboot-required*. # This script (/usr/share/update-notifier/notify-reboot-required) is # triggered e.g. by kernel packages. package { 'update-notifier-common': - ensure => installed, + ensure => $ensure, } # cron-apt defaults to run every night at 4 o'clock # plus some random time <1h. # so we check if a reboot is required a bit later. cron { 'apt_reboot_required_notify': + ensure => $ensure, command => 'if [ -f /var/run/reboot-required ]; then echo "Reboot required\n" ; cat /var/run/reboot-required.pkgs ; fi', user => root, hour => 5, From 3630285006d9fb60c5fbecebc976623c37dd1395 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 31 Aug 2015 20:01:22 +0000 Subject: [PATCH 03/10] reboot_required_notify: add initial support for Jessie and newer. Note that reboot-notifier is only in stretch/sid at the moment, so to use this one needs to configure APT pinning themselves to make this package installable. --- manifests/reboot_required_notify.pp | 15 ++++++++++++++- manifests/reboot_required_notify/jessie.pp | 13 +++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 manifests/reboot_required_notify/jessie.pp diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp index d0006f3..82466d2 100644 --- a/manifests/reboot_required_notify.pp +++ b/manifests/reboot_required_notify.pp @@ -1,5 +1,18 @@ class apt::reboot_required_notify { - class { 'apt::reboot_required_notify::wheezy': } + $jessie_or_newer = $::operatingsystemmajrelease ? { + 5 => false, + 6 => false, + 7 => false, + default => true, + } + + if $jessie_or_newer { + class { 'apt::reboot_required_notify::jessie': } + # Clean up systems that were upgraded from Wheezy or earlier: + class { 'apt::reboot_required_notify::wheezy': ensure => absent } + } else { + class { 'apt::reboot_required_notify::wheezy': } + } } diff --git a/manifests/reboot_required_notify/jessie.pp b/manifests/reboot_required_notify/jessie.pp new file mode 100644 index 0000000..51b75a2 --- /dev/null +++ b/manifests/reboot_required_notify/jessie.pp @@ -0,0 +1,13 @@ +class apt::reboot_required_notify::jessie ($ensure = present) { + + # On Jessie and newer, this package installs the script that created + # /var/run/reboot-required*. + # This script (/usr/share/update-notifier/notify-reboot-required) is + # triggered e.g. by kernel packages. + # This package also sends a daily email to the administrator when a system + # reboot is required, e.g. due to a kernel update. + package { 'reboot-notifier': + ensure => $ensure, + } + +} From e70a6712d31e91ecbf71f4de841735c3b36193ba Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 16 Mar 2016 14:26:52 +0000 Subject: [PATCH 04/10] apt::reboot_required_notify::jessie: manage APT pinning to fetch reboot-notifier from jessie-backports, when running on Jessie. --- manifests/reboot_required_notify/jessie.pp | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/manifests/reboot_required_notify/jessie.pp b/manifests/reboot_required_notify/jessie.pp index 51b75a2..9b5a0c0 100644 --- a/manifests/reboot_required_notify/jessie.pp +++ b/manifests/reboot_required_notify/jessie.pp @@ -1,5 +1,15 @@ class apt::reboot_required_notify::jessie ($ensure = present) { + $pinning_ensure = $::operatingsystemmajrelease ? { + 8 => present, + default => absent, + } + apt::preferences_snippet { 'reboot-notifier': + ensure => $pinning_ensure, + pin => 'release o=Debian Backports,a=jessie-backports', + priority => 991, + } + # On Jessie and newer, this package installs the script that created # /var/run/reboot-required*. # This script (/usr/share/update-notifier/notify-reboot-required) is @@ -7,7 +17,8 @@ class apt::reboot_required_notify::jessie ($ensure = present) { # This package also sends a daily email to the administrator when a system # reboot is required, e.g. due to a kernel update. package { 'reboot-notifier': - ensure => $ensure, + ensure => $ensure, + require => Apt::Preferences_snippet['reboot-notifier'], } - + } From 5102b7863b09e58bdd712c9019885313270299ce Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 29 Jun 2016 15:49:22 +0000 Subject: [PATCH 05/10] Drop apt::cron::download, and turn $apt_cron_hours into a class parameter for apt::cron::dist_upgrade. I've introduced apt::cron::download, am not using it anymore, and have never seen anyone else submit a bug or a merge request for it. Thus, I feel pretty confident in dropping it. And this allows me to trivially get rid of the $apt_cron_hours global variable noticed by LeLutin in #13. --- README.md | 3 +++ manifests/cron/base.pp | 20 -------------------- manifests/cron/dist_upgrade.pp | 21 ++++++++++++++++++++- manifests/cron/download.pp | 27 --------------------------- 4 files changed, 23 insertions(+), 48 deletions(-) delete mode 100644 manifests/cron/base.pp delete mode 100644 manifests/cron/download.pp diff --git a/README.md b/README.md index f6a0c4a..7431038 100644 --- a/README.md +++ b/README.md @@ -49,6 +49,9 @@ Ubuntu support is lagging behind but not absent either. ## Upgrade Notice + * The `$apt_cron_hours` global variable is deprecated. + Use `apt::cron::dist_upgrade`'s `cron_hours` parameter instead. + * The default value of the `$repos` parameter was removed since the logic is now in the `apt::params` class. If you have explicitly set `$repos` to 'auto' in your manifests, you should remove this. diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp deleted file mode 100644 index 39fc306..0000000 --- a/manifests/cron/base.pp +++ /dev/null @@ -1,20 +0,0 @@ -class apt::cron::base { - - package { 'cron-apt': ensure => installed } - - case $apt_cron_hours { - '': {} - default: { - # cron-apt defaults to run every night at 4 o'clock - # so we try not to run at the same time. - cron { 'apt_cron_every_N_hours': - command => 'test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt', - user => root, - hour => "${apt_cron_hours}", - minute => 10, - require => Package['cron-apt'], - } - } - } - -} diff --git a/manifests/cron/dist_upgrade.pp b/manifests/cron/dist_upgrade.pp index 74403bb..e1a03ed 100644 --- a/manifests/cron/dist_upgrade.pp +++ b/manifests/cron/dist_upgrade.pp @@ -1,4 +1,23 @@ -class apt::cron::dist_upgrade inherits apt::cron::base { +class apt::cron::dist_upgrade ( + $cron_hours = '', +) { + + package { 'cron-apt': ensure => installed } + + case $cron_hours { + '': {} + default: { + # cron-apt defaults to run every night at 4 o'clock + # so we try not to run at the same time. + cron { 'apt_cron_every_N_hours': + command => 'test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt', + user => root, + hour => "${cron_hours}", + minute => 10, + require => Package['cron-apt'], + } + } + } $action = "autoclean -y dist-upgrade -y -o APT::Get::Show-Upgraded=true -o 'DPkg::Options::=--force-confold' diff --git a/manifests/cron/download.pp b/manifests/cron/download.pp deleted file mode 100644 index 4a19fec..0000000 --- a/manifests/cron/download.pp +++ /dev/null @@ -1,27 +0,0 @@ -class apt::cron::download inherits apt::cron::base { - - $action = "autoclean -y -dist-upgrade -d -y -o APT::Get::Show-Upgraded=true -" - - file { '/etc/cron-apt/action.d/4-dist-upgrade': - ensure => absent, - } - - file { '/etc/cron-apt/action.d/3-download': - content => $action, - require => Package[cron-apt], - owner => root, - group => 0, - mode => '0644'; - } - - file { '/etc/cron-apt/config.d/MAILON': - content => "MAILON=changes\n", - require => Package[cron-apt], - owner => root, - group => 0, - mode => '0644'; - } - -} From 195ed5d31bf5dabd5efe4460127002351499eac2 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 29 Jun 2016 17:39:14 +0000 Subject: [PATCH 06/10] apt::dist_upgrade: add a timeout parameter (#8). --- manifests/dist_upgrade.pp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/manifests/dist_upgrade.pp b/manifests/dist_upgrade.pp index 19c031e..e5475fc 100644 --- a/manifests/dist_upgrade.pp +++ b/manifests/dist_upgrade.pp @@ -1,8 +1,13 @@ -class apt::dist_upgrade { +# Parameters: +# - timeout: specified in seconds +class apt::dist_upgrade ( + $timeout = 300, +) { exec { 'apt_dist-upgrade': command => '/usr/bin/apt-get -q -y -o \'DPkg::Options::=--force-confold\' dist-upgrade', refreshonly => true, + timeout => $timeout, before => Exec['apt_updated'] } From 89a024678e39fec8a5c05371bcceaece605fbd88 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 29 Jun 2016 17:54:16 +0000 Subject: [PATCH 07/10] apt::reboot_required_notify::jessie: explicitly check that $apt::use_backports is true when running Jessie. Otherwise, it would fail anyway when trying to install reboot-notifier, but in a way less user-friendly. Thanks to lavamind for the suggestion! --- manifests/reboot_required_notify/jessie.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manifests/reboot_required_notify/jessie.pp b/manifests/reboot_required_notify/jessie.pp index 9b5a0c0..2de6b62 100644 --- a/manifests/reboot_required_notify/jessie.pp +++ b/manifests/reboot_required_notify/jessie.pp @@ -1,5 +1,9 @@ class apt::reboot_required_notify::jessie ($ensure = present) { + if $::operatingsystemmajrelease == 8 and ! $::apt::use_backports { + fail('apt::reboot_required_notify requires $apt::use_backports on Jessie') + } + $pinning_ensure = $::operatingsystemmajrelease ? { 8 => present, default => absent, From 70118955f6dae59a021880865408cf9367c3dc57 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 29 Jun 2016 17:56:40 +0000 Subject: [PATCH 08/10] apt::reboot_required_notify: get rid of temporary variable. --- manifests/reboot_required_notify.pp | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/manifests/reboot_required_notify.pp b/manifests/reboot_required_notify.pp index 82466d2..efd8aeb 100644 --- a/manifests/reboot_required_notify.pp +++ b/manifests/reboot_required_notify.pp @@ -1,13 +1,6 @@ class apt::reboot_required_notify { - $jessie_or_newer = $::operatingsystemmajrelease ? { - 5 => false, - 6 => false, - 7 => false, - default => true, - } - - if $jessie_or_newer { + if versioncmp($::operatingsystemmajrelease, 8) >= 0 { class { 'apt::reboot_required_notify::jessie': } # Clean up systems that were upgraded from Wheezy or earlier: class { 'apt::reboot_required_notify::wheezy': ensure => absent } From c439b8a524fc8f797e98b2c5351b028cf91ce237 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 29 Jun 2016 18:45:32 +0000 Subject: [PATCH 09/10] Remove documentation for apt::cron::download, and document the new parameter to apt::cron::dist_upgrade. --- README.md | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 2173d7e..2028e2a 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,6 @@ * [Classes](#classes) * [apt](#apt) * [apt::apticron](#apt-apticron) - * [apt::cron::download](#apt-cron-download) * [apt::cron::dist_upgrade](#apt-cron-dist_upgrade) * [apt::dist_upgrade](#apt-dist_upgrade) * [apt::dist_upgrade::initiator](#apt-dist_upgrade-initiator) @@ -324,29 +323,19 @@ Example usage: } -## apt::cron::download - -This class sets up `cron-apt` so that it downloads upgradable packages, does not -actually do any upgrade and emails when the output changes. - -`cron-apt` defaults to run at 4 AM. You may want to set the -`$apt_cron_hours` variable before you include the class: its value will -be passed as the "hours" parameter of a cronjob. Example: - - # Run cron-apt every three hours - $apt_cron_hours = '*/3' - -Note that the default 4 AM cronjob won't be disabled. - - ## apt::cron::dist_upgrade This class sets up cron-apt so that it dist-upgrades the system and emails when upgrades are performed. -See [apt::cron::download](#apt-cron-download) above if you need to run `cron-apt` more often -than once a day. +`cron-apt` defaults to run at 4 AM. You may want to set the +`$cron_hours` class parameter before you include the class: its value will +be passed as the "hours" parameter of a cronjob. Example: + # Run cron-apt every three hours + class { 'apt::cron::dist_upgrade': cron_hours => '*/3' } + +Note that the default 4 AM cronjob won't be disabled. ## apt::dist_upgrade From 13cb9fb48538fc7eed9b2f924aa4c84dd1434e3b Mon Sep 17 00:00:00 2001 From: intrigeri Date: Wed, 29 Jun 2016 18:49:23 +0000 Subject: [PATCH 10/10] Move documentation to README, and expand a bit on it. --- README.md | 5 +++++ manifests/dist_upgrade.pp | 2 -- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c0d5f85..185efb0 100644 --- a/README.md +++ b/README.md @@ -356,6 +356,11 @@ classes may inherit from this one and add to its subscription list using the plusignment (`+>`) operator. A real-world example can be seen in the `apt::dist_upgrade::initiator` source. +Parameters: + + * timeout: specified in seconds; the maximum time the `dist-upgrade` + command should take. If the command takes longer than the timeout, + the command is considered to have failed and will be stopped. ## apt::dist_upgrade::initiator diff --git a/manifests/dist_upgrade.pp b/manifests/dist_upgrade.pp index e5475fc..3061fb8 100644 --- a/manifests/dist_upgrade.pp +++ b/manifests/dist_upgrade.pp @@ -1,5 +1,3 @@ -# Parameters: -# - timeout: specified in seconds class apt::dist_upgrade ( $timeout = 300, ) {