From 12244036a9074b94d6883331807af8ad82bf574b Mon Sep 17 00:00:00 2001 From: Kayou Date: Tue, 19 Jan 2021 11:20:07 +0100 Subject: [PATCH 01/15] Typo --- data/helpers.d/utils | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/utils b/data/helpers.d/utils index 24121df30..5e02ca762 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -650,7 +650,7 @@ ynh_check_app_version_changed () { # # Generally you might probably use it as follow in the upgrade script # -# if ynh_compare_current_package_version --comparaison lt --version 2.3.2~ynh1 +# if ynh_compare_current_package_version --comparison lt --version 2.3.2~ynh1 # then # # Do something that is needed for the package version older than 2.3.2~ynh1 # fi From 4b876ff07f773e1999c84ab73b0b2bc66fde6e38 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 21 Jan 2021 16:25:58 +0100 Subject: [PATCH 02/15] Handle case where DKIM record is split into several pieces --- data/hooks/diagnosis/12-dnsrecords.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 941911147..cb8193dd5 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -130,8 +130,11 @@ class DNSRecordsDiagnoser(Diagnoser): # Split expected/current # from "v=DKIM1; k=rsa; p=hugekey;" # to a set like {'v=DKIM1', 'k=rsa', 'p=...'} + # Additionally, for DKIM, because the key is pretty long, + # some DNS registrar sometime split it into several pieces like this: + # "p=foo" "bar" (with a space and quotes in the middle)... expected = set(r["value"].strip(';" ').replace(";", " ").split()) - current = set(r["current"].strip(';" ').replace(";", " ").split()) + current = set(r["current"].replace('" "', '').strip(';" ').replace(";", " ").split()) # For SPF, ignore parts starting by ip4: or ip6: if r["name"] == "@": From 4725e05470ef4c1fc48a13c83c5a524035259033 Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Jan 2021 19:06:15 +0100 Subject: [PATCH 03/15] fix de locale --- locales/de.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locales/de.json b/locales/de.json index bdf21ac1b..764ca2c1e 100644 --- a/locales/de.json +++ b/locales/de.json @@ -489,5 +489,5 @@ "global_settings_setting_smtp_relay_port": "SMTP Relay Port", "global_settings_setting_smtp_allow_ipv6": "Erlaube die Nutzung von IPv6 um Mails zu empfangen und zu versenden", "global_settings_setting_pop3_enabled": "Aktiviere das POP3 Protokoll für den Mailserver", - "domain_cannot_remove_main_add_new_one": "Du kannst \"{domain:s}\" nicht entfernen da es die Hauptdomain und deine einzige Domain ist, erst musst erst eine andere Domain hinzufügen indem du eingibst \"yunohost domain add \", setze es dann als deine Hauptdomain indem du eingibst \"yunohost domain main-domain -n \", erst jetzt kannst du die domain \"{domains:s}\" entfernen." + "domain_cannot_remove_main_add_new_one": "Du kannst \"{domain:s}\" nicht entfernen da es die Hauptdomain und deine einzige Domain ist, erst musst erst eine andere Domain hinzufügen indem du eingibst \"yunohost domain add \", setze es dann als deine Hauptdomain indem du eingibst \"yunohost domain main-domain -n \", erst jetzt kannst du die domain \"{domain:s}\" entfernen." } From 536fd9be9e066164b840895a0cc043241c57cba3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 21 Jan 2021 19:36:21 +0100 Subject: [PATCH 04/15] diagnosis: Ignore /dev/loop devices in systemresources --- data/hooks/diagnosis/50-systemresources.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/data/hooks/diagnosis/50-systemresources.py b/data/hooks/diagnosis/50-systemresources.py index f0fac4974..4ae1efadf 100644 --- a/data/hooks/diagnosis/50-systemresources.py +++ b/data/hooks/diagnosis/50-systemresources.py @@ -68,6 +68,9 @@ class SystemResourcesDiagnoser(Diagnoser): disk_partitions = sorted(psutil.disk_partitions(), key=lambda k: k.mountpoint) + # Ignore /dev/loop stuff which are ~virtual partitions ? (e.g. mounted to /snap/) + disk_partitions = [d for d in disk_partitions if not d.device.startswith("/dev/loop")] + for disk_partition in disk_partitions: device = disk_partition.device mountpoint = disk_partition.mountpoint From 2fc016e3e5d74fc6fd4ed3158c6b025087f329bd Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 22 Jan 2021 03:32:27 +0100 Subject: [PATCH 05/15] Make sure tmp_script exists .. --- src/yunohost/backup.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index 242cd0bfd..dbad45746 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -673,6 +673,7 @@ class BackupManager(): settings_dir = os.path.join(self.work_dir, 'apps', app, 'settings') logger.info(m18n.n("app_start_backup", app=app)) + tmp_script = None # This is to make sure the var exists later in the 'finally' ... try: # Prepare backup directory for the app filesystem.mkdir(tmp_app_bkp_dir, 0o750, True, uid='admin') @@ -713,7 +714,8 @@ class BackupManager(): # Remove tmp files in all situations finally: - filesystem.rm(tmp_script, force=True) + if tmp_script: + filesystem.rm(tmp_script, force=True) filesystem.rm(env_dict["YNH_BACKUP_CSV"], force=True) # From 62e84d8b4bf6eba7d4e42f57fcc9c5297565fc64 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 22 Jan 2021 03:37:29 +0100 Subject: [PATCH 06/15] service_regen_conf is deprecated in factor of regen_conf --- src/yunohost/settings.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/yunohost/settings.py b/src/yunohost/settings.py index 3c79d7945..6eaa6eaa8 100644 --- a/src/yunohost/settings.py +++ b/src/yunohost/settings.py @@ -8,7 +8,7 @@ from collections import OrderedDict from moulinette import m18n from yunohost.utils.error import YunohostError from moulinette.utils.log import getActionLogger -from yunohost.service import service_regen_conf +from yunohost.regenconf import regen_conf logger = getActionLogger('yunohost.settings') @@ -325,13 +325,13 @@ def trigger_post_change_hook(setting_name, old_value, new_value): @post_change_hook("security.nginx.compatibility") def reconfigure_nginx(setting_name, old_value, new_value): if old_value != new_value: - service_regen_conf(names=['nginx']) + regen_conf(names=['nginx']) @post_change_hook("security.ssh.compatibility") def reconfigure_ssh(setting_name, old_value, new_value): if old_value != new_value: - service_regen_conf(names=['ssh']) + regen_conf(names=['ssh']) @post_change_hook("smtp.allow_ipv6") @@ -342,7 +342,7 @@ def reconfigure_ssh(setting_name, old_value, new_value): @post_change_hook("security.postfix.compatibility") def reconfigure_postfix(setting_name, old_value, new_value): if old_value != new_value: - service_regen_conf(names=['postfix']) + regen_conf(names=['postfix']) @post_change_hook("pop3.enabled") @@ -364,9 +364,9 @@ def reconfigure_dovecot(setting_name, old_value, new_value): ] subprocess.call(command, env=environment) if old_value != new_value: - service_regen_conf(names=['dovecot']) + regen_conf(names=['dovecot']) else: if old_value != new_value: - service_regen_conf(names=['dovecot']) + regen_conf(names=['dovecot']) command = ['apt-get', '-y', 'remove', dovecot_package] subprocess.call(command, env=environment) From 5ab5c83d549b6cedf457315b0c00c98a4da1a98f Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 25 Jan 2021 03:57:51 +0100 Subject: [PATCH 07/15] Misc issues with yunoprompt --- bin/yunoprompt | 15 +++++++-------- data/other/yunoprompt.service | 1 + 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/bin/yunoprompt b/bin/yunoprompt index 252e5a1a4..645dd4ab1 100755 --- a/bin/yunoprompt +++ b/bin/yunoprompt @@ -6,7 +6,7 @@ x509_fingerprint=$(openssl x509 -in /etc/yunohost/certs/yunohost.org/crt.pem -n # Fetch SSH fingerprints i=0 -for key in $(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key.pub 2> /dev/null) ; do +for key in $(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key.pub 2> /dev/null) ; do output=$(ssh-keygen -l -f $key) fingerprint[$i]=" - $(echo $output | cut -d' ' -f2) $(echo $output| cut -d' ' -f4)" i=$(($i + 1)) @@ -43,22 +43,21 @@ LOGO_AND_FINGERPRINTS=$(cat << EOF $LOGO - IP: ${local_ip} - X509 fingerprint: ${x509_fingerprint} + Local IP: ${local_ip:-(no ip detected?)} + Local SSL CA X509 fingerprint: + ${x509_fingerprint} SSH fingerprints: ${fingerprint[0]} ${fingerprint[1]} ${fingerprint[2]} - ${fingerprint[3]} - ${fingerprint[4]} EOF ) -if [[ -f /etc/yunohost/installed ]] +echo "$LOGO_AND_FINGERPRINTS" > /etc/issue + +if [[ ! -f /etc/yunohost/installed ]] then - echo "$LOGO_AND_FINGERPRINTS" > /etc/issue -else chvt 2 # Formatting diff --git a/data/other/yunoprompt.service b/data/other/yunoprompt.service index 3c4df50f9..effb69590 100644 --- a/data/other/yunoprompt.service +++ b/data/other/yunoprompt.service @@ -1,6 +1,7 @@ [Unit] Description=YunoHost boot prompt After=getty@tty2.service +After=network.target [Service] Type=simple From 4e335e07823e863686f60d65992e17d362a428af Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 21 Dec 2020 05:00:45 +0100 Subject: [PATCH 08/15] [fix] If uid is less than 1000 nsswitch ignore it --- src/yunohost/user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/user.py b/src/yunohost/user.py index edb1c7c8f..c0ca0f3fb 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -170,7 +170,7 @@ def user_create(operation_logger, username, firstname, lastname, domain, passwor uid_guid_found = False while not uid_guid_found: # LXC uid number is limited to 65536 by default - uid = str(random.randint(200, 65000)) + uid = str(random.randint(1000, 65000)) uid_guid_found = uid not in all_uid and uid not in all_gid # Adapt values for LDAP From aef3ee1434e8ea472d73cc13de99c7d3e6fef8a7 Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 21 Dec 2020 05:02:22 +0100 Subject: [PATCH 09/15] [fix] If uid is less than 1001 nsswitch ignore it --- src/yunohost/user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/user.py b/src/yunohost/user.py index c0ca0f3fb..9e4cbc219 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -170,7 +170,7 @@ def user_create(operation_logger, username, firstname, lastname, domain, passwor uid_guid_found = False while not uid_guid_found: # LXC uid number is limited to 65536 by default - uid = str(random.randint(1000, 65000)) + uid = str(random.randint(1001, 65000)) uid_guid_found = uid not in all_uid and uid not in all_gid # Adapt values for LDAP From 9fbd1a02dbd901df5eaa4338b6c001dba72a7b71 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 25 Jan 2021 17:51:17 +0100 Subject: [PATCH 10/15] Recommend yunohost.local in yunoprompt --- bin/yunoprompt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/yunoprompt b/bin/yunoprompt index 645dd4ab1..be46fc9ab 100755 --- a/bin/yunoprompt +++ b/bin/yunoprompt @@ -72,7 +72,7 @@ be asked for : - the administration password. You can perform this step : - - from your web browser, by accessing : ${local_ip} + - from your web browser, by accessing : https://yunohost.local/ or ${local_ip} - or in this terminal by answering 'yes' to the following question If this is your first time with YunoHost, it is strongly recommended to take From b94ff1c20087bbe0030c6508649d9198ae399b8d Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 22 Jan 2021 17:08:28 +0100 Subject: [PATCH 11/15] Add ynh_exec_as to official --- data/helpers.d/logging | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/data/helpers.d/logging b/data/helpers.d/logging index 45b5b7e67..50772d8f4 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -100,6 +100,30 @@ ynh_print_err () { ynh_print_log "[Error] ${message}" >&2 } +# Execute a command as another user +# +# usage: ynh_exec_as --user=USER --command=COMMAND [ARG ...] +# | arg: -u, --user= - the user that will execute the command +# | arg: -n, --command= - the command to be executed +# +# Requires YunoHost version 4.1.7 or higher. +ynh_exec_as() +{ + # Declare an array to define the options of this helper. + local legacy_args=uc + local -A args_array=( [u]=user= [c]=command= ) + local user + local command + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + if [[ $user = $(whoami) ]]; then + eval "$command" + else + sudo -u "$user" "$command" + fi +} + # Execute a command and print the result as an error # # usage: ynh_exec_err your_command From 6b2d76dddd61ef498a249e8782368137aa18c0fa Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Thu, 28 Jan 2021 08:07:53 +0100 Subject: [PATCH 12/15] Move ynh_exec_as helper to user section --- data/helpers.d/logging | 24 ------------------------ data/helpers.d/user | 24 ++++++++++++++++++++++++ 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/data/helpers.d/logging b/data/helpers.d/logging index 50772d8f4..45b5b7e67 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -100,30 +100,6 @@ ynh_print_err () { ynh_print_log "[Error] ${message}" >&2 } -# Execute a command as another user -# -# usage: ynh_exec_as --user=USER --command=COMMAND [ARG ...] -# | arg: -u, --user= - the user that will execute the command -# | arg: -n, --command= - the command to be executed -# -# Requires YunoHost version 4.1.7 or higher. -ynh_exec_as() -{ - # Declare an array to define the options of this helper. - local legacy_args=uc - local -A args_array=( [u]=user= [c]=command= ) - local user - local command - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - if [[ $user = $(whoami) ]]; then - eval "$command" - else - sudo -u "$user" "$command" - fi -} - # Execute a command and print the result as an error # # usage: ynh_exec_err your_command diff --git a/data/helpers.d/user b/data/helpers.d/user index aeac3a9c5..f5d4b1680 100644 --- a/data/helpers.d/user +++ b/data/helpers.d/user @@ -163,3 +163,27 @@ ynh_system_user_delete () { delgroup $username fi } + +# Execute a command as another user +# +# usage: ynh_exec_as --user=USER --command=COMMAND [ARG ...] +# | arg: -u, --user= - the user that will execute the command +# | arg: -n, --command= - the command to be executed +# +# Requires YunoHost version 4.1.7 or higher. +ynh_exec_as() +{ + # Declare an array to define the options of this helper. + local legacy_args=uc + local -A args_array=( [u]=user= [c]=command= ) + local user + local command + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + if [[ $user = $(whoami) ]]; then + eval "$command" + else + sudo -u "$user" "$command" + fi +} From 29fe7c31030f70a0b01dc8c9a4722ffc83458564 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 31 Jan 2021 11:57:34 +0100 Subject: [PATCH 13/15] Do not ynh_die if systemctl action fails, because we don't want to exit in the middle of a remove script ... instead, return a non-zero code which should trigger script failure only if set -eu is enabled --- data/helpers.d/apt | 2 +- data/helpers.d/systemd | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 1998c80f0..6abaf20a2 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -32,7 +32,7 @@ ynh_wait_dpkg_free() { if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$" then # If so, that a remaining of dpkg. - ynh_print_err "E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem." + ynh_print_err "dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem." set -o xtrace # set -x return 1 fi diff --git a/data/helpers.d/systemd b/data/helpers.d/systemd index ff1b9587c..b0e175d4d 100644 --- a/data/helpers.d/systemd +++ b/data/helpers.d/systemd @@ -149,11 +149,9 @@ ynh_systemd_action() { # If a log is specified for this service, show also the content of this log if [ -e "$log_path" ] then - ynh_print_err --message="--" ynh_exec_err tail --lines=$length "$log_path" fi - # Fail the app script, since the service failed. - ynh_die + return 1 fi # Start the timeout and try to find line_match From 08e7b42c82fb1ccc0c54c54f818267e0daee9bac Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 2 Feb 2021 03:57:33 +0100 Subject: [PATCH 14/15] logger.exception -> logger.error because logger.exception displays a stacktrace and it ain't relevant in any of these cases --- src/yunohost/app.py | 2 +- src/yunohost/backup.py | 6 +++--- src/yunohost/tools.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index ade39bf20..7e2204f12 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2174,7 +2174,7 @@ def _get_git_last_commit_hash(repository, reference='HEAD'): repository, reference), shell=True) except subprocess.CalledProcessError: - logger.exception("unable to get last commit from %s", repository) + logger.error("unable to get last commit from %s", repository) raise ValueError("Unable to get last commit with git") else: return commit.strip() diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index dbad45746..7aee5dfd1 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -700,7 +700,7 @@ class BackupManager(): except: abs_tmp_app_dir = os.path.join(self.work_dir, 'apps/', app) shutil.rmtree(abs_tmp_app_dir, ignore_errors=True) - logger.exception(m18n.n('backup_app_failed', app=app)) + logger.error(m18n.n('backup_app_failed', app=app)) self.targets.set_result("apps", app, "Error") else: # Add app info @@ -942,7 +942,7 @@ class RestoreManager(): if system_part not in self.info['system'] or\ 'paths' not in self.info['system'][system_part] or\ len(self.info['system'][system_part]['paths']) == 0: - logger.exception(m18n.n('restore_hook_unavailable', part=system_part)) + logger.error(m18n.n('restore_hook_unavailable', part=system_part)) self.targets.set_result("system", system_part, "Skipped") continue @@ -1390,7 +1390,7 @@ class RestoreManager(): env=env_dict)[0] except: msg = m18n.n('restore_app_failed', app=app_instance_name) - logger.exception(msg) + logger.error(msg) operation_logger.error(msg) if msettings.get('interface') != 'api': diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index 96bd01ed6..291c9c7b5 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -150,7 +150,7 @@ def tools_adminpw(new_password, check_strength=True): try: ldap.update("cn=admin", {"userPassword": [new_hash], }) except: - logger.exception('unable to change admin password') + logger.error('unable to change admin password') raise YunohostError('admin_password_change_failed') else: # Write as root password From adc83b4c9c2c30e9ef75f3609c538b646f91f1db Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 2 Feb 2021 04:25:05 +0100 Subject: [PATCH 15/15] Update changelog for 4.1.7 --- debian/changelog | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/debian/changelog b/debian/changelog index 6a3691b4e..4ac5b6cbf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,20 @@ +yunohost (4.1.7) stable; urgency=low + + - [fix] diagnosis: Handle case where DKIM record is split into several pieces (4b876ff0) + - [fix] i18n: de locale was broken (4725e054) + - [enh] diagnosis: Ignore /dev/loop devices in systemresources (536fd9be) + - [fix] backup: fix a small issue dur to var not existing in some edge case ... (2fc016e3) + - [fix] settings: service_regen_conf is deprecated in favor of regen_conf (62e84d8b) + - [fix] users: If uid is less than 1001, nsswitch ignores it (4e335e07, aef3ee14) + - [enh] misc: fixes/enh in yunoprompt (5ab5c83d, 9fbd1a02) + - [enh] helpers: Add ynh_exec_as (b94ff1c2, 6b2d76dd) + - [fix] helpers: Do not ynh_die if systemctl action fails, to avoid exiting during a remove script (29fe7c31) + - [fix] misc: logger.exception -> logger.error (08e7b42c) + + Thanks to all contributors <3 ! (ericgaspar, Kayou, ljf) + + -- Alexandre Aubin Tue, 02 Feb 2021 04:18:01 +0100 + yunohost (4.1.6) stable; urgency=low - [fix] Make dyndns update more resilient to ns0.yunohost.org being down ([#1140](https://github.com/yunohost/yunohost/pull/1140))