Hello community, here is the log from the commit of package yast2-network for openSUSE:Factory checked in at 2016-06-02 12:49:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-network (Old) and /work/SRC/openSUSE:Factory/.yast2-network.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-network" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-network/yast2-network.changes 2016-05-23 16:36:10.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-network.new/yast2-network.changes 2016-06-02 12:49:09.000000000 +0200 @@ -1,0 +2,8 @@ +Thu May 19 21:53:16 UTC 2016 - mfi...@suse.com + +- fate#319319 + - implemented support for vncmanager in Remote module. Thanks to + m...@suse.cz. +- 3.1.152 + +------------------------------------------------------------------- Old: ---- yast2-network-3.1.151.tar.bz2 New: ---- yast2-network-3.1.152.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-network.spec ++++++ --- /var/tmp/diff_new_pack.zomhBT/_old 2016-06-02 12:49:10.000000000 +0200 +++ /var/tmp/diff_new_pack.zomhBT/_new 2016-06-02 12:49:10.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-network -Version: 3.1.151 +Version: 3.1.152 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-network-3.1.151.tar.bz2 -> yast2-network-3.1.152.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-network-3.1.151/package/yast2-network.changes new/yast2-network-3.1.152/package/yast2-network.changes --- old/yast2-network-3.1.151/package/yast2-network.changes 2016-05-17 18:24:00.000000000 +0200 +++ new/yast2-network-3.1.152/package/yast2-network.changes 2016-05-25 13:12:59.000000000 +0200 @@ -1,4 +1,12 @@ ------------------------------------------------------------------- +Thu May 19 21:53:16 UTC 2016 - mfi...@suse.com + +- fate#319319 + - implemented support for vncmanager in Remote module. Thanks to + m...@suse.cz. +- 3.1.152 + +------------------------------------------------------------------- Tue May 17 16:04:49 UTC 2016 - mfi...@suse.com - bnc#971175 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-network-3.1.151/package/yast2-network.spec new/yast2-network-3.1.152/package/yast2-network.spec --- old/yast2-network-3.1.151/package/yast2-network.spec 2016-05-17 18:24:00.000000000 +0200 +++ new/yast2-network-3.1.152/package/yast2-network.spec 2016-05-25 13:12:59.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-network -Version: 3.1.151 +Version: 3.1.152 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-network-3.1.151/src/include/network/remote/dialogs.rb new/yast2-network-3.1.152/src/include/network/remote/dialogs.rb --- old/yast2-network-3.1.151/src/include/network/remote/dialogs.rb 2016-05-17 18:24:00.000000000 +0200 +++ new/yast2-network-3.1.152/src/include/network/remote/dialogs.rb 2016-05-25 13:12:59.000000000 +0200 @@ -60,9 +60,17 @@ # RadioButton label Left( RadioButton( - Id(:allow), - _("&Allow Remote Administration"), - Remote.IsEnabled + Id(:allow_with_vncmanager), + _("&Allow Remote Administration With Session Management"), + Remote.IsEnabled && Remote.EnabledVncManager + ) + ), + # RadioButton label + Left( + RadioButton( + Id(:allow_without_vncmanager), + _("&Allow Remote Administration Without Session Management"), + Remote.IsEnabled && !Remote.EnabledVncManager ) ), # RadioButton label @@ -91,8 +99,12 @@ "<p>If this feature is enabled, you can\n" \ "administer this machine remotely from another machine. Use a VNC\n" \ "client, such as krdc (connect to <tt><hostname>:%1</tt>), or\n" \ - "a Java-capable Web browser (connect to <tt>http://<hostname>:%2/</tt>).\n" \ - "This form of remote administration is less secure than using SSH.</p>\n" + "a Java-capable Web browser (connect to <tt>https://<hostname>:%2/</tt>).</p>\n" \ + "<p>Without Session Management, only one user can be connected\n"\ + "at a time to a session, and that session is terminated when the VNC client\n" \ + "disconnects.</p>" \ + "<p>With Session Management, multiple users can interact with a single\n" \ + "session, and the session may persist even if noone is connected.</p>" ), 5901, 5801 @@ -142,9 +154,12 @@ if ret == :next CWMFirewallInterfaces.OpenFirewallStore(firewall_widget, "", event) - allowed = Convert.to_boolean(UI.QueryWidget(Id(:allow), :Value)) + allow_with_vncmanager = UI.QueryWidget(Id(:allow_with_vncmanager), :Value) + allow_without_vncmanager = UI.QueryWidget(Id(:allow_without_vncmanager), :Value) - if allowed + if allow_with_vncmanager + Remote.EnableVncManager + elsif allow_without_vncmanager Remote.Enable else Remote.Disable diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-network-3.1.151/src/modules/Remote.rb new/yast2-network-3.1.152/src/modules/Remote.rb --- old/yast2-network-3.1.151/src/modules/Remote.rb 2016-05-17 18:24:00.000000000 +0200 +++ new/yast2-network-3.1.152/src/modules/Remote.rb 2016-05-25 13:12:59.000000000 +0200 @@ -36,8 +36,10 @@ XDM_SERVICE_NAME = "display-manager" XINETD_SERVICE = "xinetd" + VNCMANAGER_SERVICE = "vncmanager" PKG_CONTAINING_FW_SERVICES = "xorg-x11-Xvnc" + PKG_CONTAINING_VNCMANAGER = "vncmanager" GRAPHICAL_TARGET = "graphical" @@ -59,11 +61,8 @@ # Currently, all attributes (enablement of remote access) # are applied on vnc1 even vnchttpd1 configuration - # Allow remote administration - @allow_administration = false - - # Default display manager - @default_dm = "xdm" + # Remote administration mode, :disabled, :xinetd or :vncmanager + @mode = :disabled # Remote administration has been already proposed # Only force-reset can change it @@ -72,39 +71,51 @@ # Checks if remote administration is currently allowed def IsEnabled - @allow_administration + !IsDisabled() end # Checks if remote administration is currently disallowed def IsDisabled - !IsEnabled() + @mode == :disabled end - # Enables remote administration. + # Enables remote administration without vnc manager. def Enable - @allow_administration = true + @mode = :xinetd + + nil + end + + # Enables remote administration with vnc manager. + def EnableVncManager + @mode = :vncmanager nil end # Disables remote administration. def Disable - @allow_administration = false + @mode = :disabled nil end + def EnabledVncManager + @mode == :vncmanager + end + # Reset all module data. def Reset @already_proposed = true # Bugzilla #135605 - enabling Remote Administration when installing using VNC - @allow_administration = Linuxrc.vnc + if Linuxrc.vnc + Enable() + else + Disable() + end - Builtins.y2milestone( - "Remote Administration was proposed as: %1", - @allow_administration ? "enabled" : "disabled" - ) + log.info("Remote Administration was proposed as: #{@mode}") nil end @@ -120,33 +131,21 @@ # Read the current status # @return true on success def Read - xdm = Service.Enabled(XDM_SERVICE_NAME) - dm_ra = Convert.to_string( - SCR.Read(path(".sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS")) - ) == "yes" - @default_dm = Convert.to_string( - SCR.Read(path(".sysconfig.displaymanager.DISPLAYMANAGER")) - ) - - xinetd = Service.Enabled(XINETD_SERVICE) # are the proper services enabled in xinetd? - xinetd_conf = Convert.convert( - SCR.Read(path(".etc.xinetd_conf.services")), - from: "any", - to: "list <map>" - ) - vnc_conf = Builtins.filter(xinetd_conf) do |m| - s = Ops.get_string(m, "service", "") - s == "vnc1" || s == "vnchttpd1" - end - vnc = Builtins.size(vnc_conf) == 2 && - Ops.get_boolean(vnc_conf, [0, "enabled"], false) && - Ops.get_boolean(vnc_conf, [1, "enabled"], false) + xinetd_conf = SCR.Read(path(".etc.xinetd_conf.services")) || {} + xinetd_vnc1_enabled = xinetd_conf.any? { |c| c["service"] == "vnc1" && c["enabled"] } - log.info "#{XDM_SERVICE_NAME}: #{xdm}, DM_R_A: #{dm_ra}" - log.info "xinetd: #{xinetd}, VNC: #{vnc}" + log.info "VNC1 enabled: #{xinetd_vnc1_enabled}" - @allow_administration = xdm && dm_ra && xinetd && vnc + vncmanager = Service.Enabled(VNCMANAGER_SERVICE) + vnc_service_running = xinetd_vnc1_enabled || vncmanager + + if xinet_ready? && vnc_service_running + Enable() if xinetd_vnc1_enabled + EnableVncManager() if vncmanager + else + Disable() + end # Package containing SuSEfirewall2 services has to be installed before # reading SuSEFirewall, otherwise exception is thrown by firewall @@ -175,12 +174,17 @@ to: "list <map>" ) - xinetd = Builtins.maplist(xinetd) do |m| - s = Ops.get_string(m, "service", "") - next deep_copy(m) if !(s == "vnc1" || s == "vnchttpd1") - Ops.set(m, "changed", true) - Ops.set(m, "enabled", @allow_administration) - log.info "Updated xinet cfg: #{m}" + xinetd = xinetd.map do |m| + case m["service"] + when "vnc1" + m["enabled"] = IsEnabled() && !EnabledVncManager() + m["changed"] = true + when "vnchttpd1" + m["enabled"] = IsEnabled() + m["changed"] = true + end + + log.info "Updated xinet cfg: #{m}" if m["changed"] deep_copy(m) end @@ -235,25 +239,36 @@ def configure_display_manager if IsEnabled() # Install required packages - if !Package.InstallAll(Packages.vnc_packages) - log.error "Installing of required packages failed" - return false - end + packages = Packages.vnc_packages + packages << PKG_CONTAINING_VNCMANAGER if EnabledVncManager() - # Enable xinetd - if !Service.Enable(XINETD_SERVICE) - Report.Error( - _("Enabling service %{service} has failed") % { service: XINETD_SERVICE } - ) + if !Package.InstallAll(packages) + log.error "Installing of required packages failed" return false end - # Enable XDM - if !Service.Enable(XDM_SERVICE_NAME) - Report.Error( - _("Enabling service %{service} has failed") % { service: XDM_SERVICE_NAME } - ) - return false + services = [ + [XINETD_SERVICE, true], + [XDM_SERVICE_NAME, true], + [VNCMANAGER_SERVICE, EnabledVncManager()] + ] + + services.each do |service, enable| + if enable + if !Service.Enable(service) + Report.Error( + _("Enabling service %{service} has failed") % { service: service } + ) + return false + end + else + if !Service.Disable(service) + Report.Error( + _("Disabling service %{service} has failed") % { service: service } + ) + return false + end + end end end @@ -296,12 +311,18 @@ Report.Error(Message.CannotRestartService(XINETD_SERVICE)) unless Service.Restart(XINETD_SERVICE) + if EnabledVncManager() + Report.Error(Message.CannotRestartService(VNCMANAGER_SERVICE)) unless Service.Restart(VNCMANAGER_SERVICE) + end + restart_display_manager else # xinetd may be needed for other services so we never turn it # off. It will exit anyway if no services are configured. # If it is running, restart it. Service.Reload(XINETD_SERVICE) if Service.active?(XINETD_SERVICE) + + Service.Stop(VNCMANAGER_SERVICE) end end @@ -312,7 +333,6 @@ IsEnabled() ? _("Remote administration is enabled.") : _("Remote administration is disabled.") end - publish variable: :default_dm, type: "string" publish function: :IsEnabled, type: "boolean ()" publish function: :IsDisabled, type: "boolean ()" publish function: :Enable, type: "void ()" @@ -322,6 +342,22 @@ publish function: :Read, type: "boolean ()" publish function: :Write, type: "boolean ()" publish function: :Summary, type: "string ()" + + private + + # Checks and reports if system is configured for remote access + # + # @return [true,false] true when all necessarry services are running + # and sysconfig is configured properly, false otherwise + def xinet_ready? + xdm = Service.Enabled(XDM_SERVICE_NAME) + dm_ra = SCR.Read(path(".sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS")).to_s == "yes" + xinetd = Service.Enabled(XINETD_SERVICE) + + log.info "#{XDM_SERVICE_NAME}: #{xdm}, DM_R_A configured: #{dm_ra}" + + xdm && dm_ra && xinetd + end end Remote = RemoteClass.new diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-network-3.1.151/test/remote_test.rb new/yast2-network-3.1.152/test/remote_test.rb --- old/yast2-network-3.1.151/test/remote_test.rb 2016-05-17 18:24:00.000000000 +0200 +++ new/yast2-network-3.1.152/test/remote_test.rb 2016-05-25 13:12:59.000000000 +0200 @@ -11,6 +11,10 @@ import "Packages" describe Remote do + before do + allow(Packages).to receive(:vnc_packages).and_return %w(some names) + end + describe ".Reset" do context "on vnc installation" do before do @@ -35,6 +39,114 @@ end end + describe ".Read" do + before do + allow(Yast::SCR).to receive(:Read).with( + Yast::Path.new(".sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS") + ).and_return("yes") + + allow(Yast::SCR).to receive(:Read).with( + Yast::Path.new(".sysconfig.displaymanager.DISPLAYMANAGER") + ).and_return("xdm") + + allow(SuSEFirewall).to receive(:Read).and_return true + end + + context "vncmanager mode is on" do + before do + allow(Service).to receive(:Enabled).with("display-manager").and_return true + allow(Service).to receive(:Enabled).with("xinetd").and_return true + allow(Service).to receive(:Enabled).with("vncmanager").and_return true + + allow(Yast::SCR).to receive(:Read).with( + Yast::Path.new(".etc.xinetd_conf.services") + ).and_return( + [{ "service" => "vnc1", "enabled" => false }, { "service" => "vnchttpd1", "enabled" => true }] + ) + end + + it "recognizes vncmanager mode" do + Remote.Read + expect(Remote.IsEnabled).to eql(true) + expect(Remote.EnabledVncManager).to eql(true) + end + end + + context "xinetd mode is on" do + before do + allow(Service).to receive(:Enabled).with("display-manager").and_return true + allow(Service).to receive(:Enabled).with("xinetd").and_return true + allow(Service).to receive(:Enabled).with("vncmanager").and_return false + + allow(Yast::SCR).to receive(:Read).with( + Yast::Path.new(".etc.xinetd_conf.services") + ).and_return( + [{ "service" => "vnc1", "enabled" => true }, { "service" => "vnchttpd1", "enabled" => true }] + ) + end + + it "recognizes xinetd mode" do + Remote.Read + expect(Remote.IsEnabled).to eql(true) + expect(Remote.EnabledVncManager).to eql(false) + end + end + + context "xinetd service is off" do + before do + allow(Service).to receive(:Enabled).with("display-manager").and_return true + allow(Service).to receive(:Enabled).with("xinetd").and_return false + allow(Service).to receive(:Enabled).with("vncmanager").and_return false + + allow(Yast::SCR).to receive(:Read).with( + Yast::Path.new(".etc.xinetd_conf.services") + ).and_return( + [{ "service" => "vnc1", "enabled" => true }, { "service" => "vnchttpd1", "enabled" => true }] + ) + end + + it "recognizes disabled mode" do + Remote.Read + expect(Remote.IsEnabled).to eql(false) + end + end + end + + describe ".enable_disable_remote_administration" do + context "with VNC enabled and with session management" do + before do + Remote.EnableVncManager + end + + it "enables vnc without session management" do + expect(Remote.IsEnabled).to eql(true) + expect(Remote.EnabledVncManager).to eql(true) + end + end + + context "with VNC enabled and without session management" do + before do + Remote.Enable + end + + it "enables vnc without session management" do + expect(Remote.IsEnabled).to eql(true) + expect(Remote.EnabledVncManager).to eql(false) + end + end + + context "with VNC disabled" do + before do + Remote.Disable + end + + it "disables vnc" do + expect(Remote.IsEnabled).to eql(false) + end + end + + end + describe ".configure_display_manager" do before do stub_scr_write @@ -42,31 +154,31 @@ allow(Package).to receive(:Installed).with("xinetd").and_return true end - context "with VNC enabled" do + context "with VNC enabled without session management" do before do Remote.Enable end it "installs packages provided by Packages.vnc_packages" do allow(Service).to receive(:Enable).and_return true + allow(Service).to receive(:Disable).and_return true - expect(Packages).to receive(:vnc_packages).and_return %w(some names) expect(Package).to receive(:InstallAll).with(%w(some names)).and_return true expect(Remote.configure_display_manager).to eql(true) end it "enables the services" do - allow(Packages).to receive(:vnc_packages) allow(Package).to receive(:InstallAll).and_return true expect(Service).to receive(:Enable).with("display-manager").and_return true expect(Service).to receive(:Enable).with("xinetd").and_return true + expect(Service).to receive(:Disable).with("vncmanager").and_return true expect(Remote.configure_display_manager).to eql(true) end it "writes the VNC configuration" do - allow(Packages).to receive(:vnc_packages) allow(Service).to receive(:Enable).twice.and_return true + allow(Service).to receive(:Disable).once.and_return true allow(Package).to receive(:InstallAll).and_return true expect(Remote.configure_display_manager).to eql(true) @@ -74,10 +186,47 @@ expect(written_value_for(".sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS")).to eq("yes") expect(written_value_for(".sysconfig.displaymanager.DISPLAYMANAGER_ROOT_LOGIN_REMOTE")).to eq("yes") - # vnc1 and vnchttp1 services are enabled + # vnc1 and vnchttpd1 services are enabled services = written_value_for(".etc.xinetd_conf.services") - services = services.select { |s| s["service"] =~ /vnc/ } - expect(services.map { |s| s["enabled"] }).to eq([true, true]) + services = services.select { |s| s["service"] =~ /vnc/ }.map { |s| [s["service"], s["enabled"]] }.to_h + expect(services).to eq("vnc1" => true, "vnchttpd1" => true) + end + end + + context "with VNC enabled with session management" do + before do + Remote.EnableVncManager + end + + it "installs packages provided by Packages.vnc_packages" do + allow(Service).to receive(:Enable).and_return true + + expect(Package).to receive(:InstallAll).with(%w(some names vncmanager)).and_return true + expect(Remote.configure_display_manager).to eql(true) + end + + it "enables the services" do + allow(Package).to receive(:InstallAll).and_return true + + expect(Service).to receive(:Enable).with("display-manager").and_return true + expect(Service).to receive(:Enable).with("xinetd").and_return true + expect(Service).to receive(:Enable).with("vncmanager").and_return true + expect(Remote.configure_display_manager).to eql(true) + end + + it "writes the VNC configuration" do + allow(Service).to receive(:Enable).exactly(3).times.and_return true + allow(Package).to receive(:InstallAll).and_return true + + expect(Remote.configure_display_manager).to eql(true) + + expect(written_value_for(".sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS")).to eq("yes") + expect(written_value_for(".sysconfig.displaymanager.DISPLAYMANAGER_ROOT_LOGIN_REMOTE")).to eq("yes") + + # vnchttpd1 service is enabled but vnc1 is disabled + services = written_value_for(".etc.xinetd_conf.services") + services = services.select { |s| s["service"] =~ /vnc/ }.map { |s| [s["service"], s["enabled"]] }.to_h + expect(services).to eq("vnc1" => false, "vnchttpd1" => true) end end @@ -102,10 +251,10 @@ expect(written_value_for(".sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS")).to eq("no") expect(written_value_for(".sysconfig.displaymanager.DISPLAYMANAGER_ROOT_LOGIN_REMOTE")).to eq("no") - # vnc1 and vnchttp1 services are enabled + # vnc1 and vnchttpd1 services are disabled services = written_value_for(".etc.xinetd_conf.services") - services = services.select { |s| s["service"] =~ /vnc/ } - expect(services.map { |s| s["enabled"] }).to eq([false, false]) + services = services.select { |s| s["service"] =~ /vnc/ }.map { |s| [s["service"], s["enabled"]] }.to_h + expect(services).to eq("vnc1" => false, "vnchttpd1" => false) end end end @@ -113,7 +262,7 @@ describe "#restart_services" do context "when remote administration is being enabled" do before(:each) do - Remote.Enable() + Remote.Enable allow(Service).to receive(:active?).with("display-manager").and_return(active_display_manager) end @@ -154,15 +303,25 @@ expect(Service).to receive(:Reload).with("xinetd").and_return(true) Remote.restart_services end + + it "disables vncmanager" do + expect(Service).to receive(:Stop).with("vncmanager").and_return(true) + Remote.restart_services + end end context "xinetd is inactive" do let(:active_xinetd) { false } - it "does nothing with services" do + it "does nothing with xinetd service" do expect(Service).not_to receive(:Reload) Remote.restart_services end + + it "disables vncmanager" do + expect(Service).to receive(:Stop).with("vncmanager").and_return(true) + Remote.restart_services + end end end end