# HG changeset patch # User Patrick Einheber # Date 1474555505 25200 # Node ID 864721a3146fa96772d018958361f95c4a62cdff # Parent ff86c93b1c69e2a883b1dcd7b7d86fc810ad2184 23019017 clone archives should remove sensitive puppet configuration data 23606517 mcollective default psk setting should be changeme diff -r ff86c93b1c69 -r 864721a3146f components/ruby/mcollective/patches/01-mco-client-config.patch --- a/components/ruby/mcollective/patches/01-mco-client-config.patch Sun Sep 18 10:50:41 2016 -0700 +++ b/components/ruby/mcollective/patches/01-mco-client-config.patch Thu Sep 22 07:45:05 2016 -0700 @@ -3,12 +3,13 @@ The default port used to connect to RabbitMQ is 61613 Default user : 'mcollective' & passwd : 'changeme' Change RabbitMQ to log to /dev/stderr, so it goes to the SMF log + Set the PSK type explicitly to UID and the default to 'changeme' NOTE : This patch is developed in-house (and Solaris specific) ---- marionette-collective-2.8.8/etc/client.cfg.dist.orig 2016-04-20 09:42:43.785159244 -0700 -+++ marionette-collective-2.8.8/etc/client.cfg.dist 2016-04-20 12:07:58.755907466 -0700 -@@ -1,19 +1,26 @@ +--- marionette-collective-2.8.8/etc/client.cfg.dist.orig 2016-09-19 08:51:01.733783224 -0700 ++++ marionette-collective-2.8.8/etc/client.cfg.dist 2016-09-19 08:51:34.482722348 -0700 +@@ -1,19 +1,27 @@ +####################################################################### +# Oracle has modified the originally distributed contents of this file. +####################################################################### @@ -25,7 +26,9 @@ # Plugins securityprovider = psk - plugin.psk = unset +-plugin.psk = unset ++plugin.psk = changeme ++plugin.psk.callertype = uid -connector = activemq -plugin.activemq.pool.size = 1 diff -r ff86c93b1c69 -r 864721a3146f components/ruby/mcollective/patches/02-mco-server-config.patch --- a/components/ruby/mcollective/patches/02-mco-server-config.patch Sun Sep 18 10:50:41 2016 -0700 +++ b/components/ruby/mcollective/patches/02-mco-server-config.patch Thu Sep 22 07:45:05 2016 -0700 @@ -3,12 +3,11 @@ The default port used to connect to RabbitMQ is 61613 Default user : 'mcollective' & passwd : 'changeme' Change RabbitMQ to log to /dev/stderr, so it goes to the SMF log - -NOTE : This patch is developed in-house (and Solaris specific) + Set the PSK type explicitly to UID and the default to 'changeme' ---- marionette-collective-2.8.8/etc/server.cfg.dist.orig 2016-04-20 12:36:27.556854540 -0700 -+++ marionette-collective-2.8.8/etc/server.cfg.dist 2016-04-20 12:37:10.186932498 -0700 -@@ -1,7 +1,13 @@ +--- marionette-collective-2.8.8/etc/server.cfg.dist.orig 2016-09-19 08:51:05.719526817 -0700 ++++ marionette-collective-2.8.8/etc/server.cfg.dist 2016-09-19 08:51:49.506159302 -0700 +@@ -1,20 +1,28 @@ +####################################################################### +# Oracle has modified the originally distributed contents of this file. +####################################################################### @@ -24,9 +23,11 @@ loglevel = info daemonize = 1 -@@ -9,12 +15,13 @@ + # Plugins securityprovider = psk - plugin.psk = unset +-plugin.psk = unset ++plugin.psk = changeme ++plugin.psk.callertype = uid -connector = activemq -plugin.activemq.pool.size = 1 diff -r ff86c93b1c69 -r 864721a3146f components/ruby/puppet/puppet.p5m --- a/components/ruby/puppet/puppet.p5m Sun Sep 18 10:50:41 2016 -0700 +++ b/components/ruby/puppet/puppet.p5m Thu Sep 22 07:45:05 2016 -0700 @@ -1341,8 +1341,10 @@ file path=usr/share/man/man8/puppet-secret_agent.8 file path=usr/share/man/man8/puppet-status.8 file path=usr/share/man/man8/puppet.8 -dir path=var/lib/puppet owner=puppet group=puppet mode=0755 -dir path=var/log/puppet owner=puppet group=puppet mode=0755 +dir path=var/lib/puppet owner=puppet group=puppet mode=0755 \ + revert-tag=system:clone=* +dir path=var/log/puppet owner=puppet group=puppet mode=0755 \ + revert-tag=system:clone=* license puppet.license license="Apache v2.0" # globally applicable low level puppet modules we provide