proxy/installer/configure-proxy.sh | 75 +++++++++++++++++--------------- proxy/installer/configure-proxy.sh.sgml | 28 ----------- 2 files changed, 44 insertions(+), 59 deletions(-)
New commits: commit 232c9f72c6c2b79c7900924b39502c94f65047b9 Author: Matej Kollar mkollar@redhat.com Date: Mon Oct 7 17:33:39 2013 +0200
Honour behavior described in help
diff --git a/proxy/installer/configure-proxy.sh b/proxy/installer/configure-proxy.sh index 6dfb18e..affebfb 100755 --- a/proxy/installer/configure-proxy.sh +++ b/proxy/installer/configure-proxy.sh @@ -163,6 +163,11 @@ if [[ $INTERACTIVE == 0 \ exit 1 fi
+if [[ $INTERACTIVE == 0 && -z $ANSWER_FILE ]]; then + echo "Option --non-interactive is for use only with option --answer-file." + exit 1 +fi + ACCUMULATED_ANSWERS=""
generate_answers() {
commit af4525277614b70ba6aeef55471f6b323e6f646f Author: Matej Kollar mkollar@redhat.com Date: Mon Oct 7 17:15:35 2013 +0200
Revert "Removed set_value as getopt made it redundant"
This reverts commit acf4e0dd94e425e9e4d94549642c74d64392bf0f.
Some users wanted this, even though it is fundamentally wrong. By this we are guessing that someone made mistake and forgot to pass required arguments.
diff --git a/proxy/installer/configure-proxy.sh b/proxy/installer/configure-proxy.sh index 34eadf6..6dfb18e 100755 --- a/proxy/installer/configure-proxy.sh +++ b/proxy/installer/configure-proxy.sh @@ -90,6 +90,16 @@ parse_answer_file() { done }
+set_value() { + local OPTION="$1" + local VAR="$2" + local ARG="$3" + [[ "$ARG" =~ ^- ]] \ + && echo "$0: option $OPTION requires argument! Use answer file if your argument starts with '-'." \ + && print_help + eval "$(printf "%q=%q" "$VAR" "$ARG")" +} + INTERACTIVE=1 CNAME_INDEX=0
@@ -105,34 +115,34 @@ eval set -- "$OPTS" while : ; do case "$1" in --help|-h) print_help;; - --answer-file) ANSWER_FILE="$2"; + --answer-file) set_value "$1" ANSWER_FILE "$2"; parse_answer_file "$ANSWER_FILE"; shift;; --non-interactive) INTERACTIVE=0;; - --version) VERSION="$2"; shift;; - --traceback-email) TRACEBACK_EMAIL="$2"; shift;; + --version) set_value "$1" VERSION "$2"; shift;; + --traceback-email) set_value "$1" TRACEBACK_EMAIL "$2"; shift;; --use-ssl) USE_SSL="${2:-1}"; shift;; --force-own-ca) FORCE_OWN_CA=1;; - --http-proxy) HTTP_PROXY="$2"; shift;; - --http-username) HTTP_USERNAME="$2"; shift;; - --http-password) HTTP_PASSWORD="$2"; shift;; - --ssl-build-dir) SSL_BUILD_DIR="$2"; shift;; - --ssl-org) SSL_ORG="$2"; shift;; - --ssl-orgunit) SSL_ORGUNIT="$2"; shift;; - --ssl-common) SSL_COMMON="$2"; shift;; - --ssl-city) SSL_CITY="$2"; shift;; - --ssl-state) SSL_STATE="$2"; shift;; - --ssl-country) SSL_COUNTRY="$2"; shift;; - --ssl-email) SSL_EMAIL="$2"; shift;; - --ssl-password) SSL_PASSWORD="$2"; shift;; + --http-proxy) set_value "$1" HTTP_PROXY "$2"; shift;; + --http-username) set_value "$1" HTTP_USERNAME "$2"; shift;; + --http-password) set_value "$1" HTTP_PASSWORD "$2"; shift;; + --ssl-build-dir) set_value "$1" SSL_BUILD_DIR "$2"; shift;; + --ssl-org) set_value "$1" SSL_ORG "$2"; shift;; + --ssl-orgunit) set_value "$1" SSL_ORGUNIT "$2"; shift;; + --ssl-common) set_value "$1" SSL_COMMON "$2"; shift;; + --ssl-city) set_value "$1" SSL_CITY "$2"; shift;; + --ssl-state) set_value "$1" SSL_STATE "$2"; shift;; + --ssl-country) set_value "$1" SSL_COUNTRY "$2"; shift;; + --ssl-email) set_value "$1" SSL_EMAIL "$2"; shift;; + --ssl-password) set_value "$1" SSL_PASSWORD "$2"; shift;; --ssl-cname) SSL_CNAME_PARSED[CNAME_INDEX++]="--set-cname=$2"; shift;; - --install-monitoring) INSTALL_MONITORING="${2:-Y}"; shift;; + --install-monitoring) set_value "$1" INSTALL_MONITORING "${2:-Y}"; shift;; --enable-scout) ENABLE_SCOUT="${2:-1}"; shift;; - --monitoring-parent) MONITORING_PARENT="$2"; shift;; - --monitoring-parent-ip) MONITORING_PARENT_IP="$2"; shift;; + --monitoring-parent) set_value "$1" MONITORING_PARENT "$2"; shift;; + --monitoring-parent-ip) set_value "$1" MONITORING_PARENT_IP "$2"; shift;; --populate-config-channel) POPULATE_CONFIG_CHANNEL="${2:-Y}"; shift;; --start-services) START_SERVICES="${2:-Y}"; shift;; - --rhn-user) RHN_USER="$2"; shift;; - --rhn-password) RHN_PASSWORD="$2"; shift;; + --rhn-user) set_value "$1" RHN_USER "$2"; shift;; + --rhn-password) set_value "$1" RHN_PASSWORD "$2"; shift;; --) shift; if [ $# -gt 0 ] ; then echo "Error: Extra arguments found: $@"
commit b81c5aec47f665837a6d8a0f9af20ab3213e01a5 Author: Matej Kollar mkollar@redhat.com Date: Mon Oct 7 15:53:34 2013 +0200
Removing unhealthy options RHN_PARENT and CA_CHAIN
Setting those during script run is too late.
diff --git a/proxy/installer/configure-proxy.sh b/proxy/installer/configure-proxy.sh index eac2d6d..34eadf6 100755 --- a/proxy/installer/configure-proxy.sh +++ b/proxy/installer/configure-proxy.sh @@ -14,8 +14,6 @@ options: Indicates the location of an answer file to be use for answering questions asked during the installation process. See man page for for an example and documentation. - --ca-chain=CA_CHAIN - The CA cert used to verify the ssl connection to parent. --enable-scout Enable monitoring scout. --force-own-ca @@ -31,8 +29,7 @@ options: --install-monitoring Install and enable monitoring. --monitoring-parent=MONITORING_PARENT - Name of the parent for your scout. Usually the same value as in - RHN_PARENT. + Name of the parent for your scout. Usually RHN parent. --monitoring-parent-ip=MONITORING_PARENT_IP IP address of MONITORING_PARENT --non-interactive @@ -41,8 +38,6 @@ options: --populate-config-channel Create config chanel and save configuration files to that channel. Configuration channel name is rhn_proxy_config_${SYSTEM_ID}. - --rhn-parent=RHN_PARENT - Your parent Spacewalk server. --rhn-password=RHN_PASSWORD Red Hat Network or Spacewalk password. --rhn-user=RHN_USER @@ -98,7 +93,7 @@ parse_answer_file() { INTERACTIVE=1 CNAME_INDEX=0
-OPTS=$(getopt --longoptions=help,answer-file:,non-interactive,version:,rhn-parent:,traceback-email:,use-ssl::,ca-chain:,force-own-ca,http-proxy:,http-username:,http-password:,ssl-build-dir:,ssl-org:,ssl-orgunit:,ssl-common:,ssl-city:,ssl-state:,ssl-country:,ssl-email:,ssl-password:,ssl-cname:,install-monitoring::,enable-scout::,monitoring-parent:,monitoring-parent-ip:,populate-config-channel::,start-services:: -n ${0##*/} -- h "$@") +OPTS=$(getopt --longoptions=help,answer-file:,non-interactive,version:,traceback-email:,use-ssl::,force-own-ca,http-proxy:,http-username:,http-password:,ssl-build-dir:,ssl-org:,ssl-orgunit:,ssl-common:,ssl-city:,ssl-state:,ssl-country:,ssl-email:,ssl-password:,ssl-cname:,install-monitoring::,enable-scout::,monitoring-parent:,monitoring-parent-ip:,populate-config-channel::,start-services:: -n ${0##*/} -- h "$@")
if [ $? != 0 ] ; then print_help @@ -114,10 +109,8 @@ while : ; do parse_answer_file "$ANSWER_FILE"; shift;; --non-interactive) INTERACTIVE=0;; --version) VERSION="$2"; shift;; - --rhn-parent) RHN_PARENT="$2"; shift;; --traceback-email) TRACEBACK_EMAIL="$2"; shift;; --use-ssl) USE_SSL="${2:-1}"; shift;; - --ca-chain) CA_CHAIN="$2"; shift;; --force-own-ca) FORCE_OWN_CA=1;; --http-proxy) HTTP_PROXY="$2"; shift;; --http-username) HTTP_USERNAME="$2"; shift;; @@ -294,7 +287,9 @@ if ! [ -d $SSL_BUILD_DIR ] && [ 0$FORCE_OWN_CA -eq 0 ]; then exit 1 fi
-default_or_input "RHN Parent" RHN_PARENT $(awk -F= '/serverURL=/ {split($2, a, "/")} END { print a[3]}' $SYSCONFIG_DIR/up2date) +UP2DATE_FILE=$SYSCONFIG_DIR/up2date +RHN_PARENT=$(awk -F= '/serverURL=/ {split($2, a, "/")} END {print a[3]}' $UP2DATE_FILE) +echo "Using RHN parent (from $UP2DATE_FILE): $RHN_PARENT"
if [ "$RHN_PARENT" == "rhn.redhat.com" ]; then RHN_PARENT="xmlrpc.rhn.redhat.com" @@ -304,7 +299,8 @@ if [ "$RHN_PARENT" == "rhn.redhat.com" ]; then WARNING fi
-default_or_input "CA Chain" CA_CHAIN $(awk -F'[=;]' '/sslCACert=/ {a=$2} END { print a}' $SYSCONFIG_DIR/up2date) +CA_CHAIN=$(awk -F'[=;]' '/sslCACert=/ {a=$2} END {print a}' $UP2DATE_FILE) +echo "Using CA Chain (from $UP2DATE_FILE): $CA_CHAIN"
if [ 0$FORCE_OWN_CA -eq 0 ] && \ ! is_hosted "$RHN_PARENT" && \ @@ -315,7 +311,6 @@ Please do copy your CA key and public certificate from $RHN_PARENT to /root/ssl-build directory. You may want to execute this command: scp 'root@$RHN_PARENT:/root/ssl-build/{RHN-ORG-PRIVATE-SSL-KEY,RHN-ORG-TRUSTED-SSL-CERT,rhn-ca-openssl.cnf}' $SSL_BUILD_DIR CA_KEYS - generate_answers exit 1 fi
@@ -323,7 +318,6 @@ check_ca_conf
if ! /sbin/runuser nobody -s /bin/sh --command="[ -r $CA_CHAIN ]" ; then echo Error: File $CA_CHAIN is not readable by nobody user. - generate_answers exit 1 fi
diff --git a/proxy/installer/configure-proxy.sh.sgml b/proxy/installer/configure-proxy.sh.sgml index b2dee09..3903d2a 100644 --- a/proxy/installer/configure-proxy.sh.sgml +++ b/proxy/installer/configure-proxy.sh.sgml @@ -64,12 +64,6 @@ provide a required response, default answer is used.</para> </para> <variablelist> <varlistentry> - <term>--ca-chain=CA_CHAIN</term> - <listitem> - <para>The CA cert used to verify the ssl connection to parent.</para> - </listitem> - </varlistentry> - <varlistentry> <term>--enable-scout=1</term> <listitem> <para>1 to enable monitoring scout, 0 otherwise.</para> @@ -108,7 +102,7 @@ provide a required response, default answer is used.</para> <varlistentry> <term>--monitoring-parent=MONITORING_PARENT</term> <listitem> - <para>Name of the parent for your scout. Usually the same value as in RHN_PARENT.</para> + <para>Name of the parent for your scout. Usually RHN parent.</para> </listitem> </varlistentry> <varlistentry> @@ -124,12 +118,6 @@ provide a required response, default answer is used.</para> </listitem> </varlistentry> <varlistentry> - <term>--rhn-parent=RHN_PARENT</term> - <listitem> - <para>Your parent Spacewalk server.</para> - </listitem> - </varlistentry> - <varlistentry> <term>--rhn-password=RHN_PASSWORD</term> <listitem> <para>Red Hat Network or Spacewalk password.</para> @@ -240,12 +228,6 @@ provide a required response, default answer is used.</para> </listitem> </varlistentry> <varlistentry> - <term>RHN_PARENT</term> - <listitem> - <para>Your parent Spacewalk server.</para> - </listitem> - </varlistentry> - <varlistentry> <term>RHN_PASSWORD</term> <listitem> <para>Red Hat Network or Spacewalk password.</para> @@ -270,12 +252,6 @@ provide a required response, default answer is used.</para> </listitem> </varlistentry> <varlistentry> - <term>CA_CHAIN</term> - <listitem> - <para>The CA cert used to verify the ssl connection to parent.</para> - </listitem> - </varlistentry> - <varlistentry> <term>FORCE_OWN_CA</term> <listitem> <para>Do not use parent CA and force to create your own.</para> @@ -382,7 +358,7 @@ provide a required response, default answer is used.</para> <varlistentry> <term>MONITORING_PARENT</term> <listitem> - <para>Name of the parent for your scout. Usually the same value as in RHN_PARENT.</para> + <para>Name of the parent for your scout. Usually RHN parent.</para> </listitem> </varlistentry> <varlistentry>
spacewalk-commits@lists.fedorahosted.org