lp:charm-helpers

Created by Matthew Wedgwood on 2013-05-13 and last modified on 2017-10-02
Get this branch:
bzr branch lp:charm-helpers
Members of Charm Helper Maintainers can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Charm Helper Maintainers
Project:
Charm Helpers
Review team:
charmers
Status:
Development

Recent revisions

790. By James Page on 2017-10-02

Remove branch content and leave message to redirect pull requests to github.com

789. By James Page on 2017-09-18

[jamespage, r=tinwood] Add remove_alternative helper

788. By Alex Kavanagh on 2017-08-31

[shaner,r=ajkavanagh] Fixes parsing of currently loaded apache modules

When hardening apache, the returned list of currently
enabled modules is always empty.

This change splits on linefeeds from the output of
'apachectl -M' instead of spaces which allows the
regex to match.

Since the returned list of modules could potentitialy
be used as input to '_disable_module' the regex was tweaked
to truncate the module name, removing the '_module' since
this is what a2dismod expects.

Closes-Bug: #1712203

787. By Tim Van Steenburgh on 2017-08-29

v0.18.1

785. By Tim Van Steenburgh on 2017-08-28

v0.18.0

784. By Alex Kavanagh on 2017-08-17

[joeborg, r=tinwood] Adding test coverage for FilePermissionAudit

(note tinwood had to patch the test slightly to get it to merge due
to recent changes in charm-helpers).

783. By Alex Kavanagh on 2017-08-15

[stub, r=tinwood] A feature of the PostgreSQL charm had stopped working, as
charm-helpers was attempting to do more validation of GPG key formats and the
PG charm happens to add comments to its keys so they don't get mixed up.

While fixing this, noticed that insecure usage still seems to be promoted.
Clearly flag this cases in the docstring and add WARNING messages to logs when
people open themselves up to attack (the key retrieval protocol is unencrypted
for historical reasons and the same man-in-the-middle attack that poisons an
archive can also make people trust keys retrieved this way).

782. By David Ames on 2017-08-14

[tinwood, r=thedac] Update the core.host.write_file(...) function to do less work

The primary motivation for this change is to do less work, touch the
filesystem less, and try to clean the logs up a bit. This change is
to the rendering of configuration files, which generates noise in the
logs (at INFO) level, and often results in writing the exact same
content, thus updating the atime of the file even when the contents
haven't changed.

This change detects if the content will change, and if not, doesn't
write the file. It does detect if the uid,gid is changing and takes
the appropriate action. The logs are demoted to the lowest level of
DEBUG/TRACE, and are only generated IFF the file is actually written
or the uid/gid is changed.

781. By Billy Olsen on 2017-08-11

[thedac,r=billy-olsen] Allow IPv4/IPv6 Dual Stack

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.