Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package clone-master-clean-up for
openSUSE:Factory checked in at 2023-04-05 21:28:46
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/clone-master-clean-up (Old)
and /work/SRC/openSUSE:Factory/.clone-master-clean-up.new.19717 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clone-master-clean-up"
Wed Apr 5 21:28:46 2023 rev:4 rq:1077560 version:1.11
Changes:
--------
---
/work/SRC/openSUSE:Factory/clone-master-clean-up/clone-master-clean-up.changes
2020-08-18 12:02:51.303421929 +0200
+++
/work/SRC/openSUSE:Factory/.clone-master-clean-up.new.19717/clone-master-clean-up.changes
2023-04-05 21:36:09.062738315 +0200
@@ -1,0 +2,38 @@
+Tue Feb 7 12:26:43 UTC 2023 - Peter Varkoly <[email protected]>
+
+- Bump version to 1.11
+- clone-master-clean-up fails when /etc/iscsi/initiatorname.iscsi doesn't exist
+ The entire section is wrapped in a test for the existence of this file.
+ (bsc#1207993)
+
+-------------------------------------------------------------------
+Fri Oct 28 11:41:37 UTC 2022 - Peter Varkoly <[email protected]>
+
+- Bump version to 1.10
+- clone-master-clean-up fails if postfix is not installed (bsc#1204835)
+ Check if the directory does exists.
+
+-------------------------------------------------------------------
+Fri Sep 23 14:49:49 UTC 2022 - Peter Varkoly <[email protected]>
+
+- Bump version to 1.9
+- [clone-master-clean-up] Cleannup initiatorname.iscsi
+ Remove all no comment files
+ (bsc#1203024)
+
+-------------------------------------------------------------------
+Thu Sep 22 09:08:16 UTC 2022 - Peter Varkoly <[email protected]>
+
+- Bump version to 1.8
+- clone-master-clean-up fails to remove btrfs snapshots
+ (bsc#1203651)
+
+-------------------------------------------------------------------
+Tue Aug 30 15:02:45 UTC 2022 - [email protected]
+
+- Bump version to 1.7
+- CVE-2021-32000: fix some potentially dangerous file system
+ operations
+ (bsc#1181050)
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ clone-master-clean-up.spec ++++++
--- /var/tmp/diff_new_pack.ravx1m/_old 2023-04-05 21:36:09.550741100 +0200
+++ /var/tmp/diff_new_pack.ravx1m/_new 2023-04-05 21:36:09.554741123 +0200
@@ -1,7 +1,7 @@
#
# spec file for package clone-master-clean-up
#
-# Copyright (c) 2017-2020 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: clone-master-clean-up
-Version: 1.6
+Version: 1.11
Release: 0
Summary: Tool to clean up a system for cloning preparation
License: GPL-2.0-or-later
++++++ clone-master-clean-up.1 ++++++
--- /var/tmp/diff_new_pack.ravx1m/_old 2023-04-05 21:36:09.686741877 +0200
+++ /var/tmp/diff_new_pack.ravx1m/_new 2023-04-05 21:36:09.690741900 +0200
@@ -14,7 +14,7 @@
.\" * GNU General Public License for more details.
.\" */
.\"
-.TH clone-master-clean-up "1" "May 2017" "" "Clean-Up For Cloning Preparation"
+.TH clone-master-clean-up "1" "September 2022" "" "Clean-Up For Cloning
Preparation"
.SH NAME
clone\-master\-clean\-up - Clean up a system for cloning preparation.
@@ -77,7 +77,7 @@
.IP \[bu]
SUSE registration, all software repositories.
.IP \[bu]
-SSH host keys, user SSH keys, user authorized keys, user shell history.
+SSH host keys, root user SSH keys, root user authorized keys, root user shell
history.
.IP \[bu]
User mails and user cron jobs.
.IP \[bu]
++++++ clone-master-clean-up.sh ++++++
--- /var/tmp/diff_new_pack.ravx1m/_old 2023-04-05 21:36:09.714742036 +0200
+++ /var/tmp/diff_new_pack.ravx1m/_new 2023-04-05 21:36:09.722742082 +0200
@@ -4,6 +4,7 @@
# Author: Howard Guo <[email protected]>
set -e
+shopt -s nullglob
# bsc#1092378
DROP_IN_FILE=/etc/clone-master-clean-up/custom_remove
SYSCONF_FILE=/etc/sysconfig/clone-master-clean-up
@@ -16,10 +17,21 @@
[ "$UID" != "0" ] && echo 'Please run this program as root user.' && exit 1
-echo 'The script will delete all SSH keys, log data, and more. Type YES and
enter to proceed.'
+echo -e 'The script will delete root SSH keys, log data, and more.\n' \
+ 'WARNING: This should only be used on a pristine system\n' \
+ 'WARNING: with no populated /home directories!\n' \
+ 'Type YES and enter to proceed.'
read -r answer
[ "$answer" != "YES" ] && exit 1
+if [ -n "$(echo /home/*/.ssh/* /home/*/.*_history)" ]; then
+ echo -e 'There seem to be populated /home directories on this system\n' \
+ 'Cloning such systems is not recommended.\n' \
+ 'Type YES if you still would like to proceed.'
+ read answer
+ [ "$answer" != "YES" ] && exit 1
+fi
+
# source config file
if [ -r "$SYSCONF_FILE" ]; then
. "$SYSCONF_FILE"
@@ -45,22 +57,33 @@
echo "Removing zypper anonymous ID"
rm -rf /var/lib/zypp/AnonymousUniqueId
-echo 'Removing SSH host keys, user SSH keys, authorized keys, and shell
history'
-rm -rf /etc/ssh/ssh_host*key* /root/.ssh/* /home/*/.ssh/* /home/*/.*_history
&> /dev/null
+echo 'Removing SSH host keys, root user SSH keys, authorized keys, and shell
history'
+rm -rf /etc/ssh/ssh_host*key* /root/.ssh/* &> /dev/null
echo 'Removing all mails and cron-jobs'
rm -rf /var/spool/mail/*
rm -rf /var/spool/cron/{lastrun,tabs}/*
echo "Clean up postfix"
-rm -rf
/var/spool/postfix/{active,corrupt,deferred,hold,maildrop,saved,bounce,defer,flush,incoming,trace}/*
+for i in
/var/spool/postfix/{active,corrupt,deferred,hold,maildrop,saved,bounce,defer,flush,incoming,trace};
do
+ if [ -d "$i" ]; then
+ # descend following symlink and check if it was symlink, if not,
recursively delete entries in this directory. 'rm -rf' doesn't follow symlinks.
+ cd -P "$i"
+ [ "$i" != "$PWD" ] && continue
+ info=( $(stat --printf="%u %g" ".") )
+ owner=${info[0]}
+ group=${info[1]}
+ setpriv --clear-groups --reuid "$owner" --regid "$group" rm -rf ./*
+ fi
+done
echo 'Removing all temporary files'
rm -rf /tmp/* /tmp/.* /var/tmp/* /var/tmp/.* &> /dev/null || true
-echo 'Clearing log files and removing log archives'
-find /var/log -type f -exec truncate -s 0 {} \;
+echo 'Removing log archives'
find /var/log \( -iname '*.old' -o -iname '*.xz' -o -iname '*.gz' \) -delete
+echo 'Clearing log files'
+find /var/log -type f -exec truncate -s 0 {} \;
echo 'Clearing HANA firewall script'
rm -rf /etc/hana-firewall.d/generated_hana_firewall_script
@@ -119,55 +142,51 @@
if [ "$CMCU_RSNAP" = "yes" ]; then
-SNAPPER_CMD="snapper delete"
- if [ -d /.snapshots ]; then
- echo "Removing all pre/post btrfs snapshots from /.snapshot"
- snapshots=$(dbus-send --type=method_call --system --print-reply \
- --dest=org.opensuse.Snapper \
- /org/opensuse/Snapper \
- org.opensuse.Snapper.ListSnapshots string:root \
- 2>/dev/null | awk -- "
+ if [ -d /.snapshots ]; then
+ echo "Removing all pre/post btrfs snapshots from /.snapshot"
+ presnapshots=$(dbus-send --type=method_call --system --print-reply \
+ --dest=org.opensuse.Snapper \
+ /org/opensuse/Snapper \
+ org.opensuse.Snapper.ListSnapshots string:root \
+ 2>/dev/null | awk -- "
BEGIN {arr=0; cnt=0; u2=0; u4=0; del=0}
/array \[/ {arr++}
/struct {/ {if (arr==1) cnt++}
-/}/ {if(arr==1&&--cnt==0){if(del==1) print id \"|\" lst;del=0;u4=0;u2=0}}
+/}/ {if(arr==1&&--cnt==0){if(del==1) print id ;del=0;u4=0;u2=0}}
/\]/ {arr--}
# Don't delete current snapshot
/string "current"/ {if (arr==1 && cnt==1) del=0}
# ID: 1st uint32 value of each top struct in top array
/uint32/ {if (arr==1 && cnt==1) if (++u4==1)id=\$2; else if (u4==2)lst=\$2}
# Type: 1st uint16 value of each top struct in top array
-/uint16/ {if (arr==1 && cnt==1){if (++u2==1) {if (\$2==1 || \$2==2){del=1}}}}
+/uint16/ {if (arr==1 && cnt==1){if (++u2==1) {if (\$2==1 ){del=1}}}}
")
-
- # Create chains
- OFS=$IFS
- IFS=" "
- while read line; do
- [[ $line =~ ([^\|]+)\|(.*) ]]
- last[${BASH_REMATCH[1]}]=${BASH_REMATCH[2]};
- [ -z "${next[${BASH_REMATCH[1]}]}" ] && next[${BASH_REMATCH[1]}]=0
- next[${BASH_REMATCH[2]}]=${BASH_REMATCH[1]}
- done <<< $snapshots
- IFS=$OFS
- # Find end of each chain and work backwards
- for i in ${!next[@]}; do
- [ -n "${next[$i]}" ] || continue # unpopulated
- a=${next[$i]}; unset next[$i]; b=$i
- while true; do
- if [ $a -eq 0 ]
- then
- while true; do
- unset next[$b]; $SNAPPER_CMD $b
- b=${last[$b]}
- [ $b -eq 0 ] && break 2
- done
- else
- b=$a; a=${next[$a]}; unset next[$b]
- fi
- done
- done
- fi
+ for i in $presnapshots
+ do
+ /usr/bin/snapper delete --sync $i
+ done
+ postsnapshots=$(dbus-send --type=method_call --system --print-reply \
+ --dest=org.opensuse.Snapper \
+ /org/opensuse/Snapper \
+ org.opensuse.Snapper.ListSnapshots string:root \
+ 2>/dev/null | awk -- "
+BEGIN {arr=0; cnt=0; u2=0; u4=0; del=0}
+/array \[/ {arr++}
+/struct {/ {if (arr==1) cnt++}
+/}/ {if(arr==1&&--cnt==0){if(del==1) print id ;del=0;u4=0;u2=0}}
+/\]/ {arr--}
+# Don't delete current snapshot
+/string "current"/ {if (arr==1 && cnt==1) del=0}
+# ID: 1st uint32 value of each top struct in top array
+/uint32/ {if (arr==1 && cnt==1) if (++u4==1)id=\$2; else if (u4==2)lst=\$2}
+# Type: 1st uint16 value of each top struct in top array
+/uint16/ {if (arr==1 && cnt==1){if (++u2==1) {if (\$2==2 ){del=1}}}}
+")
+ for i in $postsnapshots
+ do
+ /usr/bin/snapper delete --sync $i
+ done
+ fi
fi
if [ "$CMCU_ZYPP_REPOS" = "yes" ]; then
@@ -234,7 +253,7 @@
rm -rf /tmp/fstab.tmp
echo "Clean up network files (except interfaces using dhcp boot protocol)"
-# additional files like bondig interfaces or vlans can be found in
+# additional files like bondig interfaces or vlans can be found in
# /usr/share/clone-master-clean-up/custom_remove.template
for intf in /etc/sysconfig/network/ifcfg-eth*; do
bprot=$(grep "^BOOTPROTO=" "$intf" | sed "s/^BOOTPROTO=//")
@@ -271,6 +290,11 @@
done < $DROP_IN_FILE
fi
+if [ -e /etc/iscsi/initiatorname.iscsi ]; then
+ echo 'Clean up initiatorname.iscsi'
+ sed -i '/^[^#]/d' /etc/iscsi/initiatorname.iscsi
+fi
+
echo 'Finished. The system is now sparkling clean. Feel free to shut it down
and image it.'
