From 9e778d72e937f8955235cc995b1b2b2ce7d468c8 Mon Sep 17 00:00:00 2001
From: Marco Malavolti <marco.malavolti@gmail.com>
Date: Fri, 14 Nov 2014 12:39:06 +0100
Subject: [PATCH] Added Ubuntu 14.04 support
---
.../customlenses/tomcatxml_0-10-0.aug} | 3 +-
.../files/customlenses/tomcatxml_1-2-0.aug | 163 ++++++++++++++++++
.../customlenses/webappxml_0-10-0.aug} | 0
.../files/customlenses/webappxml_1-2-0.aug | 162 +++++++++++++++++
garr/shib2common/manifests/classes/augeas.pp | 58 ++++++-
.../manifests/classes/prerequisites.pp | 8 +
6 files changed, 390 insertions(+), 4 deletions(-)
rename garr/shib2common/{lib/augeas/lenses/tomcatxml.aug => files/customlenses/tomcatxml_0-10-0.aug} (99%)
create mode 100644 garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug
rename garr/shib2common/{lib/augeas/lenses/webappxml.aug => files/customlenses/webappxml_0-10-0.aug} (100%)
create mode 100644 garr/shib2common/files/customlenses/webappxml_1-2-0.aug
diff --git a/garr/shib2common/lib/augeas/lenses/tomcatxml.aug b/garr/shib2common/files/customlenses/tomcatxml_0-10-0.aug
similarity index 99%
rename from garr/shib2common/lib/augeas/lenses/tomcatxml.aug
rename to garr/shib2common/files/customlenses/tomcatxml_0-10-0.aug
index 7854025..900d014 100644
--- a/garr/shib2common/lib/augeas/lenses/tomcatxml.aug
+++ b/garr/shib2common/files/customlenses/tomcatxml_0-10-0.aug
@@ -143,4 +143,5 @@ let filter = (incl "/etc/tomcat6/tomcat-users.xml") . (incl "/etc/tomcat6/server
. (incl "/etc/tomcat7/tomcat-users.xml") . (incl "/etc/tomcat7/server.xml")
. Util.stdexcl
-let xfm = transform lns filter
\ No newline at end of file
+let xfm = transform lns filter
+
diff --git a/garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug b/garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug
new file mode 100644
index 0000000..300a90b
--- /dev/null
+++ b/garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug
@@ -0,0 +1,163 @@
+(* XML lens for Augeas
+ Author: Francis Giraldeau <francis.giraldeau@usherbrooke.ca>
+
+ Reference: http://www.w3.org/TR/2006/REC-xml11-20060816/
+*)
+
+module TomcatXml =
+
+autoload xfm
+
+(************************************************************************
+ * Utilities lens
+ *************************************************************************)
+
+let dels (s:string) = del s s
+let spc = /[ \t\r\n]+/
+let osp = /[ \t\r\n]*/
+let sep_spc = del /[ \t\r\n]+/ " "
+let sep_osp = del /[ \t\r\n]*/ ""
+let sep_eq = del /[ \t\r\n]*=[ \t\r\n]*/ "="
+
+let nmtoken = /[a-zA-Z:_][a-zA-Z0-9:_.-]*/
+let word = /[a-zA-Z][a-zA-Z0-9._-]*/
+let char = /.|(\r?\n)/
+(* if we hide the quotes, then we can only accept single or double quotes *)
+(* otherwise a put ambiguity is raised *)
+let sto_dquote = dels "\"" . store /[^"]*/ . dels "\"" (* " *)
+let sto_squote = dels "'" . store /[^']*/ . dels "'"
+
+let comment = [ label "#comment" .
+ dels "<!--" .
+ store /([^-]|-[^-])*/ .
+ dels "-->" ]
+
+let pi_target = nmtoken - /[Xx][Mm][Ll]/
+let empty = Util.empty
+let del_end = del />[\r?\n]?/ ">\n"
+let del_end_simple = dels ">"
+
+(* This is siplified version of processing instruction
+ * pi has to not start or end with a white space and the string
+ * must not contain "?>". We restrict too much by not allowing any
+ * "?" nor ">" in PI
+ *)
+let pi = /[^ \r\n\t]|[^ \r\n\t][^?>]*[^ \r\n\t]/
+
+(************************************************************************
+ * Attributes
+ *************************************************************************)
+
+
+let decl = [ label "#decl" . sep_spc .
+ store /[^> \t\n\r]|[^> \t\n\r][^>\t\n\r]*[^> \t\n\r]/ ]
+
+let decl_def (r:regexp) (b:lens) = [ dels "<" . key r .
+ sep_spc . store word .
+ b . sep_osp . del_end_simple ]
+
+let elem_def = decl_def /!ELEMENT/ decl
+
+let enum = "(" . osp . nmtoken . ( osp . "|" . osp . nmtoken )* . osp . ")"
+
+let att_type = /CDATA|ID|IDREF|IDREFS|ENTITY|ENTITIES|NMTOKEN|NMTOKENS/ |
+ enum
+
+let id_def = [ sep_spc . key /PUBLIC/ .
+ [ label "#literal" . sep_spc . sto_dquote ]* ] |
+ [ sep_spc . key /SYSTEM/ . sep_spc . sto_dquote ]
+
+let notation_def = decl_def /!NOTATION/ id_def
+
+let att_def = counter "att_id" .
+ [ sep_spc . seq "att_id" .
+ [ label "#name" . store word . sep_spc ] .
+ [ label "#type" . store att_type . sep_spc ] .
+ ([ key /#REQUIRED|#IMPLIED/ ] |
+ [ label "#FIXED" . del /#FIXED[ \r\n\t]*|/ "" . sto_dquote ]) ]*
+
+let att_list_def = decl_def /!ATTLIST/ att_def
+
+let entity_def = decl_def /!ENTITY/ ([sep_spc . label "#decl" . sto_dquote ])
+
+let decl_def_item = elem_def | entity_def | att_list_def | notation_def
+
+let decl_outer = sep_osp . del /\[[ \n\t\r]*/ "[\n" .
+ (decl_def_item . sep_osp )* . dels "]"
+
+(* let dtd_def = [ sep_spc . key "SYSTEM" . sep_spc . sto_dquote ] *)
+
+let doctype = decl_def /!DOCTYPE/ (decl_outer|id_def)
+
+(* General shape of an attribute
+ * q is the regexp matching the quote character for the value
+ * qd is the default quote character
+ * brx is what the actual attribute value must match *)
+let attval (q:regexp) (qd:string) (brx:regexp) =
+ let quote = del q qd in
+ let body = store brx in
+ [ sep_spc . key nmtoken . sep_eq . square quote body quote ]
+
+(* We treat attributes according to one of the following three patterns:
+ attval1 : values that must be quoted with single quotes
+ attval2 : values that must be quoted with double quotes
+ attval3 : values that can be quoted with either *)
+let attributes =
+ let attval1 = attval "'" "'" /[^']*"[^']*/ in (* " *)
+ let attval2 = attval "\"" "\"" /[^"]*'[^"]*/ in
+ let attval3 = attval /['"]/ "\"" /[^'\"]*/ in (* " *)
+ [ label "#attribute" . (attval1|attval2|attval3)+ ]
+
+let prolog = [ label "#declaration" .
+ dels "<?xml" .
+ attributes .
+ sep_osp .
+ dels "?>" ]
+
+
+(************************************************************************
+ * Tags
+ *************************************************************************)
+
+(* we consider entities as simple text *)
+let text_re = /[^<]+/ - /([^<]*\]\]>[^<]*)/
+let text = [ label "#text" . store text_re ]
+let cdata = [ label "#CDATA" . dels "<![CDATA[" .
+ store (char* - (char* . "]]>" . char*)) . dels "]]>" ]
+
+(* the value of nmtoken_del is always the nmtoken_key string *)
+let nmtoken_key = key nmtoken
+let nmtoken_del = del nmtoken "a"
+
+let element (body:lens) =
+ let h = attributes? . sep_osp . dels ">" . body* . dels "</" in
+ [ dels "<" . square nmtoken_key h nmtoken_del . sep_osp . del_end ]
+
+let empty_element = [ dels "<" . nmtoken_key . value "#empty" .
+ attributes? . sep_osp . del /\/>[\r?\n]?/ "/>\n" ]
+
+let pi_instruction = [ dels "<?" . label "#pi" .
+ [ label "#target" . store pi_target ] .
+ [ sep_spc . label "#instruction" . store pi ]? .
+ sep_osp . del /\?>/ "?>" ]
+
+(* Typecheck is weaker on rec lens, detected by unfolding *)
+(*
+let content1 = element text
+let rec content2 = element (content1|text|comment)
+*)
+
+let rec content = element (text|comment|content|empty_element|pi_instruction)
+
+(* Constraints are weaker here, but it's better than being too strict *)
+let doc = (sep_osp . (prolog | comment | doctype | pi_instruction))* .
+ ((sep_osp . content) | (sep_osp . empty_element)) .
+ (sep_osp . (comment | pi_instruction ))* . sep_osp
+
+let lns = doc
+
+let filter = (incl "/etc/tomcat6/tomcat-users.xml") . (incl "/etc/tomcat6/server.xml")
+ . (incl "/etc/tomcat7/tomcat-users.xml") . (incl "/etc/tomcat7/server.xml")
+ . (incl "/etc/xml/catalog")
+
+let xfm = transform lns filter
diff --git a/garr/shib2common/lib/augeas/lenses/webappxml.aug b/garr/shib2common/files/customlenses/webappxml_0-10-0.aug
similarity index 100%
rename from garr/shib2common/lib/augeas/lenses/webappxml.aug
rename to garr/shib2common/files/customlenses/webappxml_0-10-0.aug
diff --git a/garr/shib2common/files/customlenses/webappxml_1-2-0.aug b/garr/shib2common/files/customlenses/webappxml_1-2-0.aug
new file mode 100644
index 0000000..f8eedc8
--- /dev/null
+++ b/garr/shib2common/files/customlenses/webappxml_1-2-0.aug
@@ -0,0 +1,162 @@
+(* XML lens for Augeas
+ Author: Francis Giraldeau <francis.giraldeau@usherbrooke.ca>
+
+ Reference: http://www.w3.org/TR/2006/REC-xml11-20060816/
+*)
+
+module WebAppXml =
+
+autoload xfm
+
+(************************************************************************
+ * Utilities lens
+ *************************************************************************)
+
+let dels (s:string) = del s s
+let spc = /[ \t\r\n]+/
+let osp = /[ \t\r\n]*/
+let sep_spc = del /[ \t\r\n]+/ " "
+let sep_osp = del /[ \t\r\n]*/ ""
+let sep_eq = del /[ \t\r\n]*=[ \t\r\n]*/ "="
+
+let nmtoken = /[a-zA-Z:_][a-zA-Z0-9:_.-]*/
+let word = /[a-zA-Z][a-zA-Z0-9._-]*/
+let char = /.|(\r?\n)/
+(* if we hide the quotes, then we can only accept single or double quotes *)
+(* otherwise a put ambiguity is raised *)
+let sto_dquote = dels "\"" . store /[^"]*/ . dels "\"" (* " *)
+let sto_squote = dels "'" . store /[^']*/ . dels "'"
+
+let comment = [ label "#comment" .
+ dels "<!--" .
+ store /([^-]|-[^-])*/ .
+ dels "-->" ]
+
+let pi_target = nmtoken - /[Xx][Mm][Ll]/
+let empty = Util.empty
+let del_end = del />[\r?\n]?/ ">\n"
+let del_end_simple = dels ">"
+
+(* This is siplified version of processing instruction
+ * pi has to not start or end with a white space and the string
+ * must not contain "?>". We restrict too much by not allowing any
+ * "?" nor ">" in PI
+ *)
+let pi = /[^ \r\n\t]|[^ \r\n\t][^?>]*[^ \r\n\t]/
+
+(************************************************************************
+ * Attributes
+ *************************************************************************)
+
+
+let decl = [ label "#decl" . sep_spc .
+ store /[^> \t\n\r]|[^> \t\n\r][^>\t\n\r]*[^> \t\n\r]/ ]
+
+let decl_def (r:regexp) (b:lens) = [ dels "<" . key r .
+ sep_spc . store word .
+ b . sep_osp . del_end_simple ]
+
+let elem_def = decl_def /!ELEMENT/ decl
+
+let enum = "(" . osp . nmtoken . ( osp . "|" . osp . nmtoken )* . osp . ")"
+
+let att_type = /CDATA|ID|IDREF|IDREFS|ENTITY|ENTITIES|NMTOKEN|NMTOKENS/ |
+ enum
+
+let id_def = [ sep_spc . key /PUBLIC/ .
+ [ label "#literal" . sep_spc . sto_dquote ]* ] |
+ [ sep_spc . key /SYSTEM/ . sep_spc . sto_dquote ]
+
+let notation_def = decl_def /!NOTATION/ id_def
+
+let att_def = counter "att_id" .
+ [ sep_spc . seq "att_id" .
+ [ label "#name" . store word . sep_spc ] .
+ [ label "#type" . store att_type . sep_spc ] .
+ ([ key /#REQUIRED|#IMPLIED/ ] |
+ [ label "#FIXED" . del /#FIXED[ \r\n\t]*|/ "" . sto_dquote ]) ]*
+
+let att_list_def = decl_def /!ATTLIST/ att_def
+
+let entity_def = decl_def /!ENTITY/ ([sep_spc . label "#decl" . sto_dquote ])
+
+let decl_def_item = elem_def | entity_def | att_list_def | notation_def
+
+let decl_outer = sep_osp . del /\[[ \n\t\r]*/ "[\n" .
+ (decl_def_item . sep_osp )* . dels "]"
+
+(* let dtd_def = [ sep_spc . key "SYSTEM" . sep_spc . sto_dquote ] *)
+
+let doctype = decl_def /!DOCTYPE/ (decl_outer|id_def)
+
+(* General shape of an attribute
+ * q is the regexp matching the quote character for the value
+ * qd is the default quote character
+ * brx is what the actual attribute value must match *)
+let attval (q:regexp) (qd:string) (brx:regexp) =
+ let quote = del q qd in
+ let body = store brx in
+ [ sep_spc . key nmtoken . sep_eq . square quote body quote ]
+
+(* We treat attributes according to one of the following three patterns:
+ attval1 : values that must be quoted with single quotes
+ attval2 : values that must be quoted with double quotes
+ attval3 : values that can be quoted with either *)
+let attributes =
+ let attval1 = attval "'" "'" /[^']*"[^']*/ in (* " *)
+ let attval2 = attval "\"" "\"" /[^"]*'[^"]*/ in
+ let attval3 = attval /['"]/ "\"" /[^'\"]*/ in (* " *)
+ [ label "#attribute" . (attval1|attval2|attval3)+ ]
+
+let prolog = [ label "#declaration" .
+ dels "<?xml" .
+ attributes .
+ sep_osp .
+ dels "?>" ]
+
+
+(************************************************************************
+ * Tags
+ *************************************************************************)
+
+(* we consider entities as simple text *)
+let text_re = /[^<]+/ - /([^<]*\]\]>[^<]*)/
+let text = [ label "#text" . store text_re ]
+let cdata = [ label "#CDATA" . dels "<![CDATA[" .
+ store (char* - (char* . "]]>" . char*)) . dels "]]>" ]
+
+(* the value of nmtoken_del is always the nmtoken_key string *)
+let nmtoken_key = key nmtoken
+let nmtoken_del = del nmtoken "a"
+
+let element (body:lens) =
+ let h = attributes? . sep_osp . dels ">" . body* . dels "</" in
+ [ dels "<" . square nmtoken_key h nmtoken_del . sep_osp . del_end ]
+
+let empty_element = [ dels "<" . nmtoken_key . value "#empty" .
+ attributes? . sep_osp . del /\/>[\r?\n]?/ "/>\n" ]
+
+let pi_instruction = [ dels "<?" . label "#pi" .
+ [ label "#target" . store pi_target ] .
+ [ sep_spc . label "#instruction" . store pi ]? .
+ sep_osp . del /\?>/ "?>" ]
+
+(* Typecheck is weaker on rec lens, detected by unfolding *)
+(*
+let content1 = element text
+let rec content2 = element (content1|text|comment)
+*)
+
+let rec content = element (text|comment|content|empty_element|pi_instruction)
+
+(* Constraints are weaker here, but it's better than being too strict *)
+let doc = (sep_osp . (prolog | comment | doctype | pi_instruction))* .
+ ((sep_osp . content) | (sep_osp . empty_element)) .
+ (sep_osp . (comment | pi_instruction ))* . sep_osp
+
+let lns = doc
+
+let filter = (incl "/usr/local/src/shibboleth-identityprovider/src/main/webapp/WEB-INF/*.xml")
+ . (incl "/etc/xml/catalog")
+
+let xfm = transform lns filter
diff --git a/garr/shib2common/manifests/classes/augeas.pp b/garr/shib2common/manifests/classes/augeas.pp
index 5fa4d5c..eddbae4 100644
--- a/garr/shib2common/manifests/classes/augeas.pp
+++ b/garr/shib2common/manifests/classes/augeas.pp
@@ -37,8 +37,20 @@ class shib2common::augeas (
}
if($lsbdistid == 'Ubuntu'){
- package { ['augeas-lenses','libaugeas0','augeas-tools','libaugeas-ruby1.8']:
- ensure => 'present',
+ if ($rubyversion == '1.8.7'){
+ package { ['augeas-lenses','libaugeas0','augeas-tools','libaugeas-ruby1.8']:
+ ensure => 'present',
+ }
+ }
+ # For Ruby 1.9.3
+ else{
+ package { 'libaugeas-ruby1.8':
+ ensure => 'purged',
+ }
+
+ package { ['augeas-lenses','libaugeas0','augeas-tools','ruby-augeas']:
+ ensure => 'present',
+ }
}
}
elsif($lsbdistid == 'Debian' and $lsbdistcodename == 'squeeze'){
@@ -118,4 +130,44 @@ class shib2common::augeas (
require => Package['augeas-lenses'];
}
-}
\ No newline at end of file
+ if ($augeasversion == '0.10.0'){
+ file {
+ '/usr/share/augeas/lenses/dist/tomcatxml.aug':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => '644',
+ source => 'puppet:///modules/shib2common/customlenses/tomcatxml_0-10-0.aug',
+ require => File["${lens_dir}/dist"];
+
+ '/usr/share/augeas/lenses/dist/webappxml.aug':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => '644',
+ source => 'puppet:///modules/shib2common/customlenses/webappxml_0-10-0.aug',
+ require => File["${lens_dir}/dist"];
+ }
+ }
+ if ($augeasversion == '1.2.0'){
+ file {
+ '/usr/share/augeas/lenses/dist/tomcatxml.aug':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => '644',
+ source => 'puppet:///modules/shib2common/customlenses/tomcatxml_1-2-0.aug',
+ require => File["${lens_dir}/dist"];
+
+ '/usr/share/augeas/lenses/dist/webappxml.aug':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => '644',
+ source => 'puppet:///modules/shib2common/customlenses/webappxml_1-2-0.aug',
+ require => File["${lens_dir}/dist"];
+ }
+ }
+
+
+}
diff --git a/garr/shib2common/manifests/classes/prerequisites.pp b/garr/shib2common/manifests/classes/prerequisites.pp
index a53164b..e8287e8 100644
--- a/garr/shib2common/manifests/classes/prerequisites.pp
+++ b/garr/shib2common/manifests/classes/prerequisites.pp
@@ -64,6 +64,14 @@ class shib2common::prerequisites(
if ($install_apache == true) {
# Install Apache2 Web server and default modules for Prefork version.
+ if ($operatingsystem == 'Ubuntu' and $operatingsystemmajrelease == '14.04'){
+ package { 'apache2-utils':
+ ensure => installed,
+ }
+
+ ::apache::mod { 'authn_core': }
+ }
+
class { 'apache':
default_vhost => false,
mpm_module => 'prefork',
--
GitLab