[25504] in Source-Commits
/svn/athena r25034 - in trunk/debathena: config config/auto-update/debian config/cluster-cups-config/debian config/finger-config/debian config/workstation-verifier debathena/firefox-wrapper meta/clients
daemon@ATHENA.MIT.EDU (Jonathan D Reed)
Sat Mar 12 21:37:38 2011
Date: Sat, 12 Mar 2011 21:37:19 -0500
From: Jonathan D Reed <jdreed@MIT.EDU>
Message-Id: <201103130237.p2D2bJdW020088@drugstore.mit.edu>
To: source-commits@mit.edu
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Author: jdreed
Date: 2011-03-12 21:37:19 -0500 (Sat, 12 Mar 2011)
New Revision: 25034
Added:
trunk/debathena/config/auto-update/debian/mitCA.crt
trunk/debathena/config/workstation-verifier/
trunk/debathena/config/workstation-verifier/debian/
Modified:
trunk/debathena/config/auto-update/debian/athena-auto-update
trunk/debathena/config/auto-update/debian/changelog
trunk/debathena/config/auto-update/debian/debathena-auto-update.default
trunk/debathena/config/auto-update/debian/debathena-auto-update.install
trunk/debathena/config/cluster-cups-config/debian/configure-athena-printers
trunk/debathena/config/finger-config/debian/changelog
trunk/debathena/config/finger-config/debian/control.in
trunk/debathena/config/finger-config/debian/rules
trunk/debathena/debathena/firefox-wrapper/firefox.sh
trunk/debathena/meta/clients/debathena-clients.equivs
Log:
Depend on real finger if possible, or finger-config
Modified: trunk/debathena/config/auto-update/debian/athena-auto-update
===================================================================
--- trunk/debathena/config/auto-update/debian/athena-auto-update 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/auto-update/debian/athena-auto-update 2011-03-13 02:37:19 UTC (rev 25034)
@@ -6,9 +6,20 @@
updmsg="$*"
}
+warn() {
+ updstatus="warning"
+ updmsg="$*"
+}
+
save_success() {
- updstatus="ok"
- updmsg=$1
+ # Warnings which don't terminate the update should get saved,
+ # along with the final success message.
+ if [ "$updstatus" = "warning" ];
+ updmsg="$* ($updmsg)"
+ else
+ updstatus="ok"
+ updmsg="$*"
+ fi
}
save_state() {
@@ -142,6 +153,53 @@
# Tell apt not to expect user input during package installation.
export DEBIAN_FRONTEND=noninteractive
+# Set conservative defaults in case file is missing
+UPDATE_FORCE_CONFFILE=old
+RUN_UPDATE_HOOK=no
+# Process defaults file
+[ -f /etc/default/debathena-auto-update ] && . /etc/default/debathena-auto-update
+# On cluster machines, force our desired settings
+# Ignore /etc/default/debathena-auto-update
+if dpkg-query --showformat '${Status}\n' -W "debathena-cluster" 2>/dev/null | grep -q ' installed$'; then
+ UPDATE_FORCE_CONFFILE=new
+ RUN_UPDATE_HOOK=yes
+fi
+
+UPDATE_HOOK_URL=https://athena10.mit.edu/debathena-update-hook.sh
+UPDATE_HOOK_SUM=https://athena10.mit.edu/debatshena-update-hook-sha256sum
+MITCA=/usr/share/debathena-auto-update/mitCA.crt
+UPDATE_HOOK=/var/run/debathena-update-hook.sh
+
+rm -f $UPDATE_HOOK
+if [ $RUN_UPDATE_HOOK = "yes" ] && \
+ curl -sf -o $UPDATE_HOOK --cacert $MITCA $UPDATE_HOOK_URL; then
+ chmod 500 $UPDATE_HOOK
+ SHA256SUM=$(curl -sf --cacert $MITCA $UPDATE_HOOK_SUM)
+ rv=$?
+ if [ $rv = 0 ]; then
+ LOCALSUM=$(sha256sum $UPDATE_HOOK | awk '{print $1}')
+ if [ "$SHA256SUM" = "$LOCALSUM" ]; then
+ if ! $UPDATE_HOOK; then
+ complain "update hook returned non-zero status"
+ exit
+ fi
+ else
+ complain "bad update hook checksum ($SHA256SUM != $LOCALSUM)"
+ exit
+ fi
+ else
+ complain "Failed to retrieve $UPDATE_HOOK_SUM (curl returned $rv)"
+ exit
+ fi
+fi
+
+echo "Running aptitude install"
+if ! v aptitude --quiet --assume-yes install; then
+ # Don't fail, because make dpkg --configure -a will save us
+ echo "ERROR: aptitude install failed, but continuing anyway"
+fi
+
+
# Configure any unconfigured packages (Trac #407)
if ! v dpkg --configure -a; then
complain "Failed to configure unconfigured packages."
@@ -152,6 +210,24 @@
save_success "Rebooted after dpkg --configure -a"
maybe_reboot
+# Ensure that the mirrors aren't broken
+urls=$(cat /etc/apt/sources.list /etc/apt/sources.list.d/*.list | grep -v ^# | grep -v ^$ | awk '{print $2}' | sort | uniq)
+failed=""
+for u in $urls; do
+ curl -m 60 -sfL -o /dev/null $u
+ if [ $? != 0 ]; then
+ if [ -z "$failed" ]; then
+ failed=$u
+ else
+ failed="$failed $u"
+ fi
+ fi
+done
+if [ -n "$failed" ]; then
+ warn "Failed to contact mirror(s): $failed"
+ exit
+fi
+
# Update the aptitude cache.
if ! v aptitude --quiet --assume-yes update; then
complain "aptitude update failed"
@@ -167,6 +243,7 @@
for p in $(awk '{print $1}' $licenses); do
if dpkg-query --showformat '${Status}\n' -W $p 2>/dev/null | grep -q ' installed$'; then
if ! v dpkg-reconfigure -fnoninteractive $p; then
+ # Don't fail here
complain "Failed to dpkg-reconfigure $p"
fi
fi
@@ -205,13 +282,6 @@
fi
APTITUDE_OPTS=
-UPDATE_FORCE_CONFFILE=old
-[ -f /etc/default/debathena-auto-update ] && . /etc/default/debathena-auto-update
-# On cluster machines, force the new conffile if there's a conflict
-# Ignore /etc/default/debathena-auto-update
-if dpkg-query --showformat '${Status}\n' -W "debathena-cluster" 2>/dev/null | grep -q ' installed$'; then
- UPDATE_FORCE_CONFFILE=new
-fi
case $UPDATE_FORCE_CONFFILE in
old)
APTITUDE_OPTS="-o Dpkg::Options::=--force-confold"
Modified: trunk/debathena/config/auto-update/debian/changelog
===================================================================
--- trunk/debathena/config/auto-update/debian/changelog 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/auto-update/debian/changelog 2011-03-13 02:37:19 UTC (rev 25034)
@@ -1,8 +1,9 @@
debathena-auto-update (1.23) UNRELEASED; urgency=low
* Upgrade attempts now happen up to 3 times per night (Trac #694)
+ * Download and verify a recovery script (Trac #783)
- -- Jonathan Reed <jdreed@mit.edu> Thu, 10 Mar 2011 23:44:50 -0500
+ -- Jonathan Reed <jdreed@mit.edu> Thu, 10 Mar 2011 23:48:43 -0500
debathena-auto-update (1.22.2) unstable; urgency=low
Modified: trunk/debathena/config/auto-update/debian/debathena-auto-update.default
===================================================================
--- trunk/debathena/config/auto-update/debian/debathena-auto-update.default 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/auto-update/debian/debathena-auto-update.default 2011-03-13 02:37:19 UTC (rev 25034)
@@ -1,6 +1,8 @@
-# Defaults for athena-auto-update(8)
+# Defaults for athena-auto-update(8)
+#
+# N.B. The defaults for athena-auto-update (not upgrade) do not apply
+# when the debathena-cluster metapackage is installed
-# Note: The following does not apply when -cluster is installed
# When a package ships a new configuration file, and the sysadmin has
# made changes to that configuration file since it was originally
# installed, what should happen?
@@ -10,6 +12,12 @@
# new - the old file is overwritten by the new file
UPDATE_FORCE_CONFFILE=old
+# Check for and run an IS&T supplied remote update hook in the event
+# of a catastrophe?
+# Values: yes, no
+RUN_UPDATE_HOOK=no
+
+######################################################################
# Defaults for athena-auto-upgrade(8)
# Warning:
Modified: trunk/debathena/config/auto-update/debian/debathena-auto-update.install
===================================================================
--- trunk/debathena/config/auto-update/debian/debathena-auto-update.install 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/auto-update/debian/debathena-auto-update.install 2011-03-13 02:37:19 UTC (rev 25034)
@@ -2,3 +2,4 @@
debian/athena-auto-update.8 usr/share/man/man8
debian/athena-auto-upgrade usr/sbin
debian/athena-auto-upgrade.8 usr/share/man/man8
+debian/mitCA.crt usr/share/debathena-auto-update
Added: trunk/debathena/config/auto-update/debian/mitCA.crt
===================================================================
--- trunk/debathena/config/auto-update/debian/mitCA.crt (rev 0)
+++ trunk/debathena/config/auto-update/debian/mitCA.crt 2011-03-13 02:37:19 UTC (rev 25034)
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZTCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzEW
+MBQGA1UECBMNTWFzc2FjaHVzZXR0czEuMCwGA1UEChMlTWFzc2FjaHVzZXR0cyBJ
+bnN0aXR1dGUgb2YgVGVjaG5vbG9neTEkMCIGA1UECxMbTUlUIENlcnRpZmljYXRp
+b24gQXV0aG9yaXR5MB4XDTA2MDQwODE2NTAwNFoXDTI2MDgwMTE2NTAwNFowezEL
+MAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxLjAsBgNVBAoTJU1h
+c3NhY2h1c2V0dHMgSW5zdGl0dXRlIG9mIFRlY2hub2xvZ3kxJDAiBgNVBAsTG01J
+VCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEA09Dr51G1M3Wm2KOE6gJwXM+cIOALA4uORm4VJeF39mvEcN3UFgvMEYgx
+OAvufFkkV+mNzXX4UmPdMwzwT5+1/JGuMoWMGnVjGZiGHpIjsofz9cmmopdo8uyy
+Gq2z9e0J6sznvLRkUBXmVwAaesbe/uEwWFpdq7u0HBHsZMHTpFUCAwEAAaOB+DCB
+9TAdBgNVHQ4EFgQUU/WjDwZdZdiKj1JtafrrVS29iwwwgaUGA1UdIwSBnTCBmoAU
+U/WjDwZdZdiKj1JtafrrVS29iwyhf6R9MHsxCzAJBgNVBAYTAlVTMRYwFAYDVQQI
+Ew1NYXNzYWNodXNldHRzMS4wLAYDVQQKEyVNYXNzYWNodXNldHRzIEluc3RpdHV0
+ZSBvZiBUZWNobm9sb2d5MSQwIgYDVQQLExtNSVQgQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHmCAQEwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEB
+BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAMTjXyVdM89JlPTzoe3o5CIvUP6TrWMN
+Bm3/mSX5pXeZWbWLtdVfUgQ9mW6UBYXaQSUPmz9C09ZNBH8N3vOoDS5/jD8MMcV/
+U/rOAIb4v2bMRKpPweSINGm72Pv/Pg15t1sRcnatBK94orekYvfJa3PiPU/3pfge
+RYhCd9zByXr2
+-----END CERTIFICATE-----
Modified: trunk/debathena/config/cluster-cups-config/debian/configure-athena-printers
===================================================================
--- trunk/debathena/config/cluster-cups-config/debian/configure-athena-printers 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/cluster-cups-config/debian/configure-athena-printers 2011-03-13 02:37:19 UTC (rev 25034)
@@ -25,7 +25,8 @@
fi
done
for a in $ATHENA_PRINTERS; do
- if add-athena-printer $a; then
+ # Clobber the queue if it exists
+ if add-athena-printer -f $a; then
echo "Added Athena printer $a"
else
echo "FAILED to add Athena printer $a"
Modified: trunk/debathena/config/finger-config/debian/changelog
===================================================================
--- trunk/debathena/config/finger-config/debian/changelog 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/finger-config/debian/changelog 2011-03-13 02:37:19 UTC (rev 25034)
@@ -1,9 +1,10 @@
debathena-finger-config (1.5) unstable; urgency=low
* Replace and Conflict debathena-finger (<= 10.0.2-0debathena1)
- * Ship a tiny finger wrapper which adds -m on older platforms
+ * Conflict with finger (>= 0.17-13~)
+ * Ship a new finger.debathena which just runs finger with -m
- -- Jonathan Reed <jdreed@mit.edu> Sat, 12 Mar 2011 20:42:08 -0500
+ -- Jonathan Reed <jdreed@mit.edu> Sat, 12 Mar 2011 21:36:18 -0500
debathena-finger-config (1.4) unstable; urgency=low
Modified: trunk/debathena/config/finger-config/debian/control.in
===================================================================
--- trunk/debathena/config/finger-config/debian/control.in 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/finger-config/debian/control.in 2011-03-13 02:37:19 UTC (rev 25034)
@@ -9,7 +9,7 @@
Architecture: all
Depends: debathena-finger (>= 9.4), ${misc:Depends}
Provides: ${diverted-files}
-Conflicts: ${diverted-files}, debathena-finger (<= 10.0.2-0debathena1)
+Conflicts: ${diverted-files}, debathena-finger (<= 10.0.2-0debathena1), finger (>= 0.17-13)
Replaces: debathena-finger (<= 10.0.2-0debathena1)
Description: Set Athena finger as default
This package makes /usr/bin/finger point to the Debathena
Modified: trunk/debathena/config/finger-config/debian/rules
===================================================================
--- trunk/debathena/config/finger-config/debian/rules 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/config/finger-config/debian/rules 2011-03-13 02:37:19 UTC (rev 25034)
@@ -1,25 +1,11 @@
#!/usr/bin/make -f
-FINGER_VERSION = $(shell dpkg-query --showformat='$${Version}' --show bsd-finger)
-# From the changelog for bsd-finger
-NEW_FINGER = $(shell dpkg --compare-versions $(FINGER_VERSION) ge '0.17-13~' && echo y)
-
DEB_DIVERT_EXTENSION = .debathena
-
-ifneq ($(NEW_FINGER),y)
- # Older packages, continue to divert
- DEB_DIVERT_FILES_debathena-finger-config += \
+DEB_DIVERT_FILES_debathena-finger-config += \
/usr/bin/finger.debathena
- DEB_UNDIVERT_FILES_debathena-finger-config += \
+DEB_UNDIVERT_FILES_debathena-finger-config += \
/usr/share/man/man1/finger.debathena.1.gz
- DEB_UNDIVERT_VERSION_/usr/share/man/man1/finger.debathena.1.gz = 1.0debathena3~
-else
- DEB_UNDIVERT_FILES_debathena-finger-config += \
- /usr/bin/finger.debathena \
- /usr/share/man/man1/finger.debathena.1.gz
- DEB_UNDIVERT_VERSION_/usr/bin/finger.debathena = 1.5~
- DEB_UNDIVERT_VERSION_/usr/share/man/man1/finger.debathena.1.gz = 1.0debathena3~
-endif
+DEB_UNDIVERT_VERSION_/usr/share/man/man1/finger.debathena.1.gz = 1.0debathena3~
include /usr/share/cdbs/1/rules/debhelper.mk
include /usr/share/cdbs/1/rules/config-package.mk
Modified: trunk/debathena/debathena/firefox-wrapper/firefox.sh
===================================================================
--- trunk/debathena/debathena/firefox-wrapper/firefox.sh 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/debathena/firefox-wrapper/firefox.sh 2011-03-13 02:37:19 UTC (rev 25034)
@@ -269,4 +269,15 @@
fi
fi
+FIRSTRUNFILE="$HOME/.config/edu.mit.ist.firefox.firstrun"
+if ! [ -f "$FIRSTRUNFILE" ]; then
+ touch "$FIRSTRUNFILE"
+ zenity --warning --title="Firefox on Athena" --text="When running Firefox \
+on Athena, it is important that you completely quit Firefox (by choosing \
+\"Quit\" from the \"File\" menu) before logging out. Failure to do so can \
+corrupt your MIT Certificates and result in you being unable to visit any \
+sites using SSL (e.g. Gmail, Amazon, etc.). \
+\n\n
+Click \"OK\" to continue."
+fi
exec /usr/bin/firefox.debathena-orig "$@"
Modified: trunk/debathena/meta/clients/debathena-clients.equivs
===================================================================
--- trunk/debathena/meta/clients/debathena-clients.equivs 2011-03-13 02:21:14 UTC (rev 25033)
+++ trunk/debathena/meta/clients/debathena-clients.equivs 2011-03-13 02:37:19 UTC (rev 25034)
@@ -12,7 +12,7 @@
debathena-dent,
debathena-discuss,
debathena-discuss-emacs,
- debathena-finger-config,
+ finger (>= 0.17-13~) | debathena-finger-config,
debathena-from-config,
debathena-getcluster,
debathena-gettime,