############################################################# # #$Id: cf.debian_packages,v 1.30 2006/11/10 22:58:55 ncampi Exp $ # ############################################################# # # This task is to apply the list of packages in the base image to a host # # NOTE: This depends on the box being able to reach a working apt repository. # If this isn't the case then NOTHING here will work. # ############################################################# # # The following classes trigger apt actions: # # UpdatePackageLists Loads a known file into dpkg --set-selections # instead of adding packages line by line/ # UpdateApt Updates the apt package database. (ie: security fixes) # CleanApt Cleans out the apt download cache. # DebianUpgrade Calls "apt-get upgrade" to upgrade existing packages. # DselectUpgrade Calls "apt-get dselect-upgrade" to # install/remove packages based on what was fed to # UpdatePackageLists above. # ############ # # WARNING!!! # # If you use this - it'll dist-upgrade your woody to sarge (or whatever # Debian stable happens to be at the present time). It forces the list of # packages that is the current Looksmart Debian base package list onto your # host via an "apt-get dist-upgrade". # # This is really only here to be applied to boxes that weren't imaged with an # old skool LookSmart image but installed via CD or with a new image. # # You have been warned. # # WARNING!!! # ####################################################################### classes: # this one isn't used yet, NPC 8/4/06 pagecomp = ( sv_pweb_host sv_nweb_host sv_pval_host ) # this box is the guinea pig accessible_syslog_server = ( sv_syslog2i ) # # linux_x86_64_2_6_16_5 is a very specific Debian amd64 with Craig's # kernel # # sarge is a host, not specifying the debian release here # install_pam_packages = ( linux_x86_64_2_6_16_5 sarge devbing3 ) ####################################################################### control: Access = ( root ) AddInstallable = ( PackageListsUpdated AptUpdated AptCleaned UpgradedDebian UpgradedDselect ) actionsequence = ( editfiles copy shellcommands ) ####################################################################### editfiles: debian:: # Forget debconf, don't use it. { /etc/apt/apt.conf.d/70debconf CommentLinesStarting "DPkg::Pre-Install-Pkgs" } # Dpkg options for config files. { /etc/dpkg/dpkg.cfg AutoCreate AppendIfNoSuchLine 'force-confold' AppendIfNoSuchLine 'force-confdef' } { /var/lib/dpkg/statoverride DeleteLinesContaining "Debian-exim" } ####################################################################### copy: debian:: # Apt options are kept in this file. $(master_etc)/apt/apt.conf.d/10cfengine dest=/etc/apt/apt.conf.d/10cfengine type=checksum mode=444 server=$(fileserver) encrypt=true owner=root group=root # # maybe keep it with just debian_3_1 for now, this method of getting # our base package list onto boxes will upgrade from woody to sarge # ..which is seldom what you want # #debian:: debian_3_1:: $(master_etc)/package-lists/ dest=/usr/pkg/adm/etc/package-lists/ r=inf mode=600 type=checksum ignore=RCS ignore=*,v purge=true server=$(policyhost) trustkey=true encrypt=true owner=root group=root # # Apt's sources list - will probably need to dist this out # # /remote/conf/etc/apt/sources.list # dest=/etc/apt/sources.list # m=444 o=root g=root type=sum ####################################################################### # # If you run 'cfagent -Dinitial_install' you'll get auto-install of # packages, start to finish. # shellcommands: ########################################### # # Load up the package lists # Update the dpkg (dselect) package selections # Package lists from dpkg --get-selections debian.(UpdatePackageLists|initial_install):: # # this is strictly additive, hence the name of the file # "/usr/bin/dpkg --set-selections < /usr/pkg/adm/etc/package-lists/base_additions" timeout=600 define=PackageListsUpdated # # You can load as many lists of packages into 'dpkg --set-selections' as you like # debian.(UpdatePackageLists|initial_install).cvs_host:: "/usr/bin/dpkg --set-selections < /usr/pkg/adm/etc/package-lists/cvs_host" timeout=600 define=PackageListsUpdated debian.(UpdatePackageLists|initial_install).accessible_syslog_server:: "/usr/bin/dpkg --set-selections < /usr/pkg/adm/etc/package-lists/accessible_syslog_server_list" timeout=600 define=PackageListsUpdated debian.(UpdatePackageLists|initial_install).install_pam_packages:: "/usr/bin/dpkg --set-selections < /usr/pkg/adm/etc/package-lists/pam_packages" timeout=600 define=PackageListsUpdated # Done loading package lists # ########################################### # Download updates to Apt's package database # # "cfrun -v hostname -- -DUpdateApt --" # debian.(UpdateApt|PackageListsUpdated):: "/usr/bin/apt-get update" timeout=3600 define=AptUpdated ########################################### # Purge locally downloaded files. debian.CleanApt:: "/usr/bin/apt-get clean" timeout=600 define=AptCleaned ########################################### # # Upgrade anything in the distro, including security updates. # Uses Apt's package database, so update first! # # I don't ever use upgrade, just dselect-upgrade # debian.DebianUpgrade:: "/usr/bin/apt-get upgrade" timeout=3600 define=UpgradedDebian ########################################### # # Upgrade things in the dpkg (dselect) selections lists # This is useful if new packages were specified in the package # lists for dpkg (dselect). # # "cfrun -v hostname -- -DDselectUpgrade --" or # "cfagent -DDselectUpgrade" # debian.(AptUpdated|DselectUpgrade):: #debian.DselectUpgrade:: #"/usr/bin/apt-get dselect-upgrade" "/usr/bin/yes yes | DEBIAN_FRONTEND=noninteractive DEBCONF_FRONTEND=noninteractive PATH=/sbin:/usr/sbin:/bin:/usr/bin /usr/bin/apt-get -q -q -y -f dselect-upgrade" timeout=3600 define=UpgradedDselect ########################################### # # Run a command for apache on the subversion boxes after package # installation # debian.UpgradedDselect.cvs_host:: "/usr/sbin/a2enmod ssl" timeout=60 ############################################################# files: debian:: /etc/dpkg/dpkg.cfg m=644 action=fixall inform=true ################################################### directories: debian:: /usr/pkg/adm/etc mode=750 owner=software group=root inform=false /usr/pkg/adm/etc/package-lists mode=750 owner=software group=root inform=false ###################################################