Ping? There are security fixes, Open bad compatibility, and a major bug with the yum module fixed in this update.
---------- Forwarded message ---------- From: Edward Lopez-Acosta <elopezaco...@gmail.com> Date: Monday, November 5, 2018 Subject: UPDATE: sysutils/ansible-2.7.1 To: ports@openbsd.org Minor update but lots of fixes. Was able to remove the patch for the reboot action as it was merged upstream. Notable changes: - user module - do not pass ssh_key_passphrase on cmdline (CVE-2018-16837) - reboot - add support for OpenBSD - Fixed: Appropriate code to expand value was missing so assigning SSL certificate is not working as described in the documentation. https://github.com/ansible/ansible/pull/45830 Full changelog: https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1 If ok can a dev please merge this? -- Edward Lopez-Acosta
diff --git a/sysutils/ansible/Makefile b/sysutils/ansible/Makefile index 3b282bbc5e1..c0d0ead8732 100644 --- a/sysutils/ansible/Makefile +++ b/sysutils/ansible/Makefile @@ -3,7 +3,7 @@ COMMENT-main = ssh based config management framework COMMENT-html = offline Ansible documentation in HTML format -MODPY_EGG_VERSION = 2.7.0 +MODPY_EGG_VERSION = 2.7.1 DISTNAME = ansible-${MODPY_EGG_VERSION} PKGNAME-main = ${PKGNAME} PKGNAME-html = ansible-html-${MODPY_EGG_VERSION} @@ -38,6 +38,7 @@ NO_TEST = Yes DOCDIR = ${PREFIX}/share/doc/ansible EXDIR = ${PREFIX}/share/examples/ansible +SCRIPTDIR = ${EXDIR}/scripts PLUGINDIR = ${PREFIX}/share/ansible_plugins pre-configure: @@ -56,8 +57,9 @@ post-build: ${WRKSRC}/docs/docsite/_build/html/_static/css/theme.min.css post-install: - ${INSTALL_DATA_DIR} ${EXDIR} ${DOCDIR} - ${INSTALL_DATA} ${WRKSRC}/examples/* ${EXDIR} + ${INSTALL_DATA_DIR} ${EXDIR} ${DOCDIR} ${SCRIPTDIR} + ${INSTALL_SCRIPT} ${WRKSRC}/examples/scripts/* ${SCRIPTDIR} + ${INSTALL_DATA} ${WRKSRC}/examples/{ansible.cfg,hosts} ${EXDIR} ${SUBST_CMD} ${EXDIR}/hosts ${INSTALL_DATA} ${WRKSRC}/docs/man/man1/*.1 ${PREFIX}/man/man1 cp -R ${WRKBUILD}/docs/docsite/_build/html ${DOCDIR} diff --git a/sysutils/ansible/distinfo b/sysutils/ansible/distinfo index 0796987e9c0..c87a9264788 100644 --- a/sysutils/ansible/distinfo +++ b/sysutils/ansible/distinfo @@ -1,2 +1,2 @@ -SHA256 (ansible-2.7.0.tar.gz) = oauODxPnmiBmGtZUb0WhQq/q62ZN6ywpDjI2LYrlthg= -SIZE (ansible-2.7.0.tar.gz) = 11773769 +SHA256 (ansible-2.7.1.tar.gz) = 55U0cjR/zG3KEIOREbV2qfeQ4ABWNE8tz0SObEUv6Tk= +SIZE (ansible-2.7.1.tar.gz) = 11738557 diff --git a/sysutils/ansible/patches/patch-lib_ansible_plugins_action_reboot_py b/sysutils/ansible/patches/patch-lib_ansible_plugins_action_reboot_py deleted file mode 100644 index fb931422600..00000000000 --- a/sysutils/ansible/patches/patch-lib_ansible_plugins_action_reboot_py +++ /dev/null @@ -1,84 +0,0 @@ -$OpenBSD: patch-lib_ansible_plugins_action_reboot_py,v 1.1 2018/10/19 11:46:42 danj Exp $ - -Backport until 2.7.1 -https://github.com/ansible/ansible/commit/26de4f97493adeb388c1c8fad7a266bb7652bac6 -https://github.com/ansible/ansible/commit/a0f38bdab5ae0e183cb960fe9e964bf1edf7c326 - -Index: lib/ansible/plugins/action/reboot.py ---- lib/ansible/plugins/action/reboot.py.orig -+++ lib/ansible/plugins/action/reboot.py -@@ -28,7 +28,7 @@ class TimedOutException(Exception): - - class ActionModule(ActionBase): - TRANSFERS_FILES = False -- _VALID_ARGS = frozenset(('connect_timeout', 'msg', 'post_reboot_delay', 'pre_reboot_delay', 'test_command')) -+ _VALID_ARGS = frozenset(('connect_timeout', 'msg', 'post_reboot_delay', 'pre_reboot_delay', 'test_command', 'reboot_timeout')) - - DEFAULT_REBOOT_TIMEOUT = 600 - DEFAULT_CONNECT_TIMEOUT = None -@@ -42,18 +42,24 @@ class ActionModule(ActionBase): - - DEPRECATED_ARGS = {} - -+ BOOT_TIME_COMMANDS = { -+ 'openbsd': "/sbin/sysctl kern.boottime", -+ } -+ - SHUTDOWN_COMMANDS = { - 'linux': DEFAULT_SHUTDOWN_COMMAND, - 'freebsd': DEFAULT_SHUTDOWN_COMMAND, - 'sunos': '/usr/sbin/shutdown', - 'darwin': '/sbin/shutdown', -+ 'openbsd': DEFAULT_SHUTDOWN_COMMAND, - } - - SHUTDOWN_COMMAND_ARGS = { - 'linux': '-r {delay_min} "{message}"', - 'freebsd': '-r +{delay_sec}s "{message}"', - 'sunos': '-y -g {delay_sec} -r "{message}"', -- 'darwin': '-r +{delay_min_macos} "{message}"' -+ 'darwin': '-r +{delay_min_macos} "{message}"', -+ 'openbsd': '-r +{delay_min} "{message}"', - } - - def __init__(self, *args, **kwargs): -@@ -94,18 +100,37 @@ class ActionModule(ActionBase): - return reboot_command - - def get_system_boot_time(self): -- command_result = self._low_level_execute_command(self.DEFAULT_BOOT_TIME_COMMAND, sudoable=self.DEFAULT_SUDOABLE) -+ stdout = u'' -+ stderr = u'' - -+ # Determine the system distribution in order to use the correct shutdown command arguments -+ uname_result = self._low_level_execute_command('uname') -+ distribution = uname_result['stdout'].strip().lower() -+ -+ boot_time_command = self.BOOT_TIME_COMMANDS.get(distribution, self.DEFAULT_BOOT_TIME_COMMAND) -+ command_result = self._low_level_execute_command(boot_time_command, sudoable=self.DEFAULT_SUDOABLE) -+ - # For single board computers, e.g., Raspberry Pi, that lack a real time clock and are using fake-hwclock - # launched by systemd, the update of utmp/wtmp is not done correctly. - # Fall back to using uptime -s for those systems. - # https://github.com/systemd/systemd/issues/6057 - if '1970-01-01 00:00' in command_result['stdout']: -+ stdout += command_result['stdout'] -+ stderr += command_result['stderr'] - command_result = self._low_level_execute_command('uptime -s', sudoable=self.DEFAULT_SUDOABLE) - -+ # This is a last resort for bare Linux systems (e.g. OpenELEC) where 'who -b' or 'uptime -s' are not supported. -+ # Other options like parsing /proc/uptime or default uptime output are less reliable than this - if command_result['rc'] != 0: -+ stdout += command_result['stdout'] -+ stderr += command_result['stderr'] -+ command_result = self._low_level_execute_command('cat /proc/sys/kernel/random/boot_id', sudoable=self.DEFAULT_SUDOABLE) -+ -+ if command_result['rc'] != 0: -+ stdout += command_result['stdout'] -+ stderr += command_result['stderr'] - raise AnsibleError("%s: failed to get host boot time info, rc: %d, stdout: %s, stderr: %s" -- % (self._task.action, command_result.rc, to_native(command_result['stdout']), to_native(command_result['stderr']))) -+ % (self._task.action, command_result['rc'], to_native(stdout), to_native(stderr))) - - return command_result['stdout'].strip() - diff --git a/sysutils/ansible/pkg/PLIST-main b/sysutils/ansible/pkg/PLIST-main index 84b30bee4a6..3b3c3da4ee0 100644 --- a/sysutils/ansible/pkg/PLIST-main +++ b/sysutils/ansible/pkg/PLIST-main @@ -6729,6 +6729,7 @@ share/doc/ansible/html/dev_guide/developing_locally.html share/doc/ansible/html/dev_guide/developing_modules_general_aci.html share/doc/ansible/html/dev_guide/module_lifecycle.html share/doc/ansible/html/dev_guide/testing/sanity/changelog.html +share/doc/ansible/html/dev_guide/testing/sanity/symlinks.html share/doc/ansible/html/dev_guide/testing_documentation.html share/doc/ansible/html/network/user_guide/platform_cnos.html share/doc/ansible/html/network/user_guide/platform_enos.html @@ -6772,3 +6773,6 @@ share/examples/ansible/ansible.cfg @sample ${SYSCONFDIR}/ansible/ansible.cfg share/examples/ansible/hosts @sample ${SYSCONFDIR}/ansible/hosts +share/examples/ansible/scripts/ +share/examples/ansible/scripts/ConfigureRemotingForAnsible.ps1 +share/examples/ansible/scripts/upgrade_to_ps3.ps1