SUSE-RU-2016:1972-1: Recommended update for cfengine, cfengine-masterfiles
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Aug 5 08:10:01 MDT 2016
SUSE Recommended Update: Recommended update for cfengine, cfengine-masterfiles
______________________________________________________________________________
Announcement ID: SUSE-RU-2016:1972-1
Rating: low
References: #990638
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP1
SUSE Linux Enterprise Module for Advanced Systems Management 12
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for cfengine, cfengine-masterfiles fixes the following issues:
CFEngine was updated from version 3.7.1 to 3.7.3, which brings fixes and
enhancements:
Behavior changes:
- classesmatching(): order of classes changed.
- Suppress standard services noise on SUSE.
Fixes:
- Reduce verbosity of yum and apt_get package modules.
- Parse def.json vars, classes in C.
- Namespaced classes can now be specified on the command line.
- getvalues() will now return a list also for data containers, and will
descend recursively into the containers.
- @if minimum_version now correctly ignores lines starting with '@'.
- Fix definition of classes from augments file.
- Don't follow symbolic links when copying extended attributes.
- Fix cf-serverd error messages with classic protocol clients.
- The isvariable() function call now correctly accepts all array variables
when specified inline. Previously it would not accept certain special
characters, even though they could be specified indirectly by using a
variable to hold it.
- Show errors regarding failure to copy extended attributes when doing a
local file copy. Errors could happen when copying across two different
mount points where the support for extended attributes is different
between the mount points.
- Fix file descriptor leak when there are network errors.
- Fix a regression which would sometimes cause "Permission denied" errors
on files inside directories with very restricted permissions.
- Check for empty server response in RemoteDirList after decryption.
- Allow def.json up to 5MB instead of 4K.
- Add guard for binary upgrade during bootstrap.
- Fix a bug which sometimes caused package promises to be skipped with "XX
Another cf-agent seems to have done this since I started" messages in
the log, most notably in long running cf-agent runs (longer than one
minute).
- Define (bootstrap|failsafe)_mode during update.cf when triggerd from
failsafe.cf.
- Fix two cases where action_policy warn still produces errors.
- Fix classes being set because of hash collision in the implementation.
- Installing packages containing version numbers using yum now works
correctly.
- readfile() and read*list() should print an error if they fail to read
file.
- If there is an error saving a mustache template file it is now logged
with log-level error (was inform).
- Fixed several bugs which prevented CFEngine from loading libraries from
the correct location.
- If file_select.file_types is set to symlink and there are regular files
in the scanned directory, CFEngine no longer produces an unnecessary
error message.
- cf-agent, cf-execd, cf-promises, cf-runagent and cf-serverd honor
multiple -D,
-N and -s arguments.
- Fix "@endif" keyword sometimes being improperly processed by policy
parser.
- It is possible to edit the same value in multiple regions of one file.
- Fix select_class not setting class when used in common bundle with slist.
- Fix broken HA policy for 3rd disaster-recovery node.
- Directories should no more be changed randomly into files.
- Include latest security updates for 3.7.
- Reduce malloc() thread contention on heavily loaded cf-serverd, by not
exiting early in the logging function, if no message is to be printed.
- Improve cf-serverd's lock contention because of getpwnam() call.
- action_policy "warn" now correctly produces warnings instead of various
other verbosity levels.
- Improve efficiency and debug reports.
- Change package modules permissions on hub package so that hub can
execute package promises.
- No longer hang when changing permissions/ownership on fifos.
- Fix exporting CSV reports through HTTPS.
- failsafe.cf will be created when needed.
- Mustache templates: Fix {{@}} key when value is not a primitive. The old
behavior, when iterating across a map or array of maps, was to abort if
the key was requested with {{@}}. The new behavior is to always replace
{{@}} with either the key name or the iteration position in the array.
An error is printed if {{@}} is used outside of a Mustache iteration
section.
- Legacy package promise: Result classes are now defined if the package
being promised is already up to date.
- TTY detection should be more reliable.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP1:
zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1161=1
- SUSE Linux Enterprise Module for Advanced Systems Management 12:
zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2016-1161=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
cfengine-debuginfo-3.7.3-13.1
cfengine-debugsource-3.7.3-13.1
libpromises-devel-3.7.3-13.1
- SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64):
cfengine-3.7.3-13.1
cfengine-debuginfo-3.7.3-13.1
cfengine-debugsource-3.7.3-13.1
cfengine-doc-3.7.3-13.1
libpromises3-3.7.3-13.1
libpromises3-debuginfo-3.7.3-13.1
- SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch):
cfengine-masterfiles-3.7.3-6.1
References:
https://bugzilla.suse.com/990638
More information about the sle-updates
mailing list