[Fusionforge-commits] FusionForge branch GUM updated. 511344b5b261f87e99e1db939ef207ae91c4071d

Sylvain Beucler beuc-inria at fusionforge.org
Fri Aug 22 11:45:12 CEST 2014


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".

The branch, GUM has been updated
       via  511344b5b261f87e99e1db939ef207ae91c4071d (commit)
       via  aaba178e216f342a6397eee0bfa1c781343f67ca (commit)
       via  a1e33983004d235a90cf005cca647b9e9f739809 (commit)
       via  f6f14b9ddc83e4201d441093511e287c21d19028 (commit)
       via  e1d8c9b05747289a8a83f277a4f23fcd12caa6e8 (commit)
      from  c1f7086e75a8683f3fc0720a3b2a48f3ad1240b0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 511344b5b261f87e99e1db939ef207ae91c4071d
Author: Sylvain Beucler <sylvain.beucler at inria.fr>
Date:   Fri Aug 22 11:45:06 2014 +0200

    rpm: instructions to easily rebuild libnss-pgsql and moin from Fedora

diff --git a/tests/scripts/rpm/install.sh b/tests/scripts/rpm/install.sh
index 14f23b0..11efd7f 100755
--- a/tests/scripts/rpm/install.sh
+++ b/tests/scripts/rpm/install.sh
@@ -20,6 +20,36 @@
 
 # moin: no available package for RHEL; though 'moin' is available in Fedora
 # libnss-pgsql: id., plus http://yum.postgresql.org/8.4/redhat/rhel-5-x86_64/
+cat <<'EOF' > /etc/yum.repos.d/fedora-source.repo
+[fedora]
+name=Fedora 20
+failovermethod=priority
+metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-20&arch=$basearch
+enabled=0
+gpgcheck=0
+[fedora-source]
+name=Fedora 20 - Source
+failovermethod=priority
+metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-20&arch=$basearch
+enabled=0
+gpgcheck=0
+EOF
+yum install -y yum-utils  # yumdownloader
+
+yumdownloader --enablerepo=fedora --source libnss-pgsql
+DEPS="python-devel"
+yum install -y $DEPS
+rpmbuild --rebuild moin-*.src.rpm
+yum remove -y $DEPS
+rpm -ivh ~/rpmbuild/RPMS/noarch/moin-1.9.7-2.el6.noarch.rpm
+
+yumdownloader --enablerepo=fedora --source libnss-pgsql
+DEPS="gcc postgresql-devel xmlto"
+yum install -y $DEPS
+rpmbuild --rebuild libnss-pgsql-*.src.rpm
+yum remove -y $DEPS
+rpm -ivh ~/rpmbuild/RPMS/x86_64/libnss-pgsql-1.5.0-0.9.beta.el6.x86_64.rpm
+
 
 # mediawiki (provided by mediawiki119): EPEL
 

commit aaba178e216f342a6397eee0bfa1c781343f67ca
Author: Sylvain Beucler <sylvain.beucler at inria.fr>
Date:   Fri Aug 22 11:44:07 2014 +0200

    install: nss: create nss user and grants

diff --git a/src/post-install.d/db/populate.sh b/src/post-install.d/db/populate.sh
index ef2d5c6..a923dd3 100755
--- a/src/post-install.d/db/populate.sh
+++ b/src/post-install.d/db/populate.sh
@@ -20,11 +20,17 @@ if su - postgres -c "psql $database_name" </dev/null 2>/dev/null; then
 fi
 
 # Create DB user
-su - postgres -c 'createuser -SDR fusionforge'
+su - postgres -c "createuser -SDR $database_user"
 database_password_quoted=$(echo $database_password | sed -e "s/'/''/")
 su - postgres -c psql <<EOF
 ALTER ROLE $database_user WITH PASSWORD '$database_password_quoted' ;
 EOF
+su - postgres -c "createuser -SDR ${database_user}_nss"
+su - postgres -c 'psql fusionforge' <<EOF
+GRANT SELECT ON nss_passwd TO ${database_user}_nss;
+GRANT SELECT ON nss_groups TO ${database_user}_nss;
+GRANT SELECT ON nss_usergroups TO ${database_user}_nss;
+EOF
 
 # Create database
 su - postgres -c "createdb --template template0 --encoding UNICODE $database_name"

commit a1e33983004d235a90cf005cca647b9e9f739809
Author: Sylvain Beucler <sylvain.beucler at inria.fr>
Date:   Fri Aug 22 11:43:47 2014 +0200

    install: web: start apache on boot

diff --git a/src/post-install.d/web/configure.sh b/src/post-install.d/web/configure.sh
index 4e2ad70..67852b0 100755
--- a/src/post-install.d/web/configure.sh
+++ b/src/post-install.d/web/configure.sh
@@ -64,6 +64,11 @@ if [ -x /usr/sbin/a2dissite ]; then
     a2dissite default
 fi
 
+# Start web server on boot
+if [ -e /etc/redhat-release ]; then
+    chkconfig httpd on
+fi
+
 # Hard-coded detection of distro-specific Apache conf layout
 apache_service=$(forge_get_config apache_service)
 if service $apache_service status; then

commit f6f14b9ddc83e4201d441093511e287c21d19028
Author: Sylvain Beucler <sylvain.beucler at inria.fr>
Date:   Fri Aug 22 11:43:17 2014 +0200

    install: fix web/expand-conf.php include path

diff --git a/src/post-install.d/web/expand-conf.php b/src/post-install.d/web/expand-conf.php
index f4963f2..a172e20 100755
--- a/src/post-install.d/web/expand-conf.php
+++ b/src/post-install.d/web/expand-conf.php
@@ -5,7 +5,7 @@
 // Don't try to connect to the DB, just reading config files
 putenv('FUSIONFORGE_NO_DB=true');
 
-require (dirname(__FILE__).'/../common/include/env.inc.php');
+require (dirname(__FILE__).'/../../common/include/env.inc.php');
 require_once $gfcommon.'include/pre.php';
 
 if (count($argv) != 3) {

commit e1d8c9b05747289a8a83f277a4f23fcd12caa6e8
Author: Sylvain Beucler <sylvain.beucler at inria.fr>
Date:   Fri Aug 22 10:33:08 2014 +0200

    install: doc fixes

diff --git a/src/GNUmakefile b/src/GNUmakefile
index 56cda38..1b828f3 100644
--- a/src/GNUmakefile
+++ b/src/GNUmakefile
@@ -99,20 +99,20 @@ uninstall:
 
 
 ## Step 3: configure & update system
-# not relying on 'prefix' for post-install:
-source_path:=$(shell forge_get_config source_path)
+# not relying on 'prefix' for post-install (for no-install/dev setups)
+fgc_source_path:=$(shell forge_get_config source_path)
 post-install: post-install-core post-install-plugins
 post-install-core:  # common+db+web
-	$(source_path)/post-install.d/core.sh
+	$(fgc_source_path)/post-install.d/core.sh
 
 post-install-shell:
-	$(source_path)/post-install.d/shell/shell.sh configure
+	$(fgc_source_path)/post-install.d/shell/shell.sh configure
 
-PLUGINS_INSTALLED:=$(shell ls $(source_path)/plugins 2>/dev/null)
+PLUGINS_INSTALLED:=$(shell ls $(fgc_source_path)/plugins 2>/dev/null)
 PLUGINS_POST_INSTALL_TARGETS=$(addprefix post-install-plugin-,$(PLUGINS_INSTALLED))
 post-install-plugins: $(PLUGINS_POST_INSTALL_TARGETS)
-post-install-plugin-%: $(source_path)/plugins/%/
-	$(source_path)/post-install.d/common/plugin.sh $*
+post-install-plugin-%: $(fgc_source_path)/plugins/%/
+	$(fgc_source_path)/post-install.d/common/plugin.sh $*
 
 
 ## TODO: make uninstall? make purge?
diff --git a/src/cronjobs/README.root b/src/cronjobs/README.root
deleted file mode 100644
index a19e839..0000000
--- a/src/cronjobs/README.root
+++ /dev/null
@@ -1,21 +0,0 @@
-Several scripts in this directory will allow you to automate the
-process of adding users, groups, cvs trees etc. to your machine. These
-scripts build the /etc/passwd /etc/shadow and /etc/group files based
-on the contents of your gforge database.
-
-WARNING: There are potential security risks. Any fusionforge project admin could 
-add a user to a project, who would then have unix-level access to your 
-machine. For best security, you should separate the SCM hosting machine from 
-the web/database machine. To do this, simply copy the fusionforge tarball 
-and configure a new /etc/fusionforge/config.ini on the SCM machine. You can create 
-a second, read-only database user, and place that user's name/password in 
-the config.ini file. This user only needs read access to the users, groups tables.
-See the postgres manual for information on managing database users and permissions.
-
-To use these files, you should first create any default users/groups you 
-want on your machine. YOU MUST CREATE A USER CALLED "anonymous" with /bin/false 
-as its shell. Then copy /etc/group to /etc/group.org, and do the 
-same for /etc/shadow -> /etc/shadow.org /etc/passwd -> /etc/passwd.org
-
-The auth_unix.php script will build on the .org file and replace them as standard
-files (/etc/shadow & /etc/passwd).
diff --git a/src/cronjobs/misc/README b/src/cronjobs/misc/README
new file mode 100644
index 0000000..0694eb5
--- /dev/null
+++ b/src/cronjobs/misc/README
@@ -0,0 +1 @@
+These needs to be sorted out and/or trashed.
\ No newline at end of file

-----------------------------------------------------------------------

Summary of changes:
 src/GNUmakefile                        |   14 +++++++-------
 src/cronjobs/README.root               |   21 ---------------------
 src/cronjobs/misc/README               |    1 +
 src/post-install.d/db/populate.sh      |    8 +++++++-
 src/post-install.d/web/configure.sh    |    5 +++++
 src/post-install.d/web/expand-conf.php |    2 +-
 tests/scripts/rpm/install.sh           |   30 ++++++++++++++++++++++++++++++
 7 files changed, 51 insertions(+), 30 deletions(-)
 delete mode 100644 src/cronjobs/README.root
 create mode 100644 src/cronjobs/misc/README


hooks/post-receive
-- 
FusionForge



More information about the Fusionforge-commits mailing list