Remove obsolete packages and configure debsecan

author Silvio Rhatto <rhatto@riseup.net>

Sat, 19 Aug 2017 16:52:20 +0000 (13:52 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Sat, 19 Aug 2017 16:52:20 +0000 (13:52 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Sat, 19 Aug 2017 16:52:20 +0000 (13:52 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Sat, 19 Aug 2017 16:52:20 +0000 (13:52 -0300)
diff --git a/manifests/subsystem/security.pp b/manifests/subsystem/security.pp

index faf00bb444386bad73885f73703afd903d7899cd..701b586b65c2e4c38a6dad98d54407062eab7c85 100644 (file)
--- a/manifests/subsystem/security.pp
+++ b/manifests/subsystem/security.pp
@@ -8,4 +8,20 @@ class nodo::subsystem::security {
      group   => "root",
      mode    => "0755",
    }
+
+  package { [ 'debsecan', 'debian-security-support' ]:
+    ensure => $::lsbdistcodename ? {
+      'trusty' => absent,
+      default  => present,
+    },
+  }
+
+  file { '/etc/default/debsecan' :
+    ensure  => present,
+    owner   => "root",
+    group   => "root",
+    mode    => "0644",
+    content => template("nodo/debsecan/default.erb"),
+    require => Package['debsecan'],
+  }
  }
diff --git a/manifests/utils.pp b/manifests/utils.pp

index 0bd6b596a2d6221812bb237f0057c5e5af9d4278..d033b092ee17346a35b91804f6eca23f6d7088eb 100644 (file)
--- a/manifests/utils.pp
+++ b/manifests/utils.pp
@@ -4,14 +4,7 @@ class nodo::utils inherits nodo::utils::base {
      ensure => present,
    }
  
-  package { 'debian-security-support':
-    ensure => $::lsbdistcodename ? {
-      'trusty' => absent,
-      default  => present,
-    },
-  }
-
-  package { [ 'debsecan', 'needrestart' ]:
+  package { 'needrestart':
      ensure  => present,
    }
  
@@ -22,11 +15,6 @@ class nodo::utils inherits nodo::utils::base {
      }
    }
  
-  # To be considered
-  #package { 'needrestart':
-  #  ensure  => present,
-  #}
-
    if !defined(Package['git']) {
      package { 'git':
        ensure => latest,
diff --git a/manifests/utils/android.pp b/manifests/utils/android.pp

index b3f9d29c7c83210375b7cad983b4b5e80f594ff6..ad6860844a42f963efdc35fc6eaf52207fb358e2 100644 (file)
--- a/manifests/utils/android.pp
+++ b/manifests/utils/android.pp
@@ -4,8 +4,17 @@ class nodo::utils::android (
    package { [
      'android-tools-adb',
      'android-tools-fastboot',
+  ]:
+    ensure => $ensure,
+  }
+
+  # Not available on stretch
+  package { [
      'android-tools-fsutils',
    ]:
-    ensure  => $ensure,
+    ensure => $::lsbdistcodename ? {
+      'stretch' => undef,
+      default   => present,
+    },
    }
  }
diff --git a/manifests/utils/development/ide.pp b/manifests/utils/development/ide.pp

index 99f9112832689a0ebcafc268b7abc41cdd85d775..70045b036405da8eba0414617b4c79796d7d8e3a 100644 (file)
--- a/manifests/utils/development/ide.pp
+++ b/manifests/utils/development/ide.pp
@@ -3,7 +3,7 @@ class nodo::utils::development::ide (
  ) {
    # In use
    package { [
-    'mr',
+    'myrepos',
      'stow',
      'hexedit',
      'ack-grep',
@@ -25,4 +25,11 @@ class nodo::utils::development::ide (
    ]:
      ensure => $ensure,
    }
+
+  # Old stuff
+  package { [
+    'mr',
+  ]:
+    ensure => absent,
+  }
  }
diff --git a/manifests/utils/development/toolchain.pp b/manifests/utils/development/toolchain.pp

index 8adec0147a5f9079192a0f35e1e4287442a19619..5678d4e0a226ace1afcd33fe4efef6cac80e4fa3 100644 (file)
--- a/manifests/utils/development/toolchain.pp
+++ b/manifests/utils/development/toolchain.pp
@@ -3,7 +3,6 @@ class nodo::utils::development::toolchain (
  ) {
    package { [
      'emdebian-archive-keyring',
-    'scratchbox2',
      'qemu-user-static',
      'multistrap',
      'fakechroot',
@@ -15,6 +14,7 @@ class nodo::utils::development::toolchain (
    package { [
      'xapt',
      'pdebuild-cross',
+    'scratchbox2',
    ]:
      ensure => absent,
    }
diff --git a/manifests/utils/latex.pp b/manifests/utils/latex.pp

index d95b49baf8793dba9d7e3c7355c7e5fd8194bdb7..c8c8086991bfcce77cfcda5d0b25098fac00fb15 100644 (file)
--- a/manifests/utils/latex.pp
+++ b/manifests/utils/latex.pp
@@ -8,11 +8,18 @@ class nodo::utils::latex (
      'texlive-latex-extra',
      'texlive-fonts-extra',
      'texlive-lang-portuguese',
+    'texlive-extra-utils',
      'vim-latexsuite',
-    'pdfjam',
      'pdftk',
      #'pdfsam',
    ]:
      ensure => $ensure,
    }
+
+  # Old stuff
+  package { [
+    'pdfjam',
+  ]:
+    ensure => absent,
+  }
  }
diff --git a/templates/debsecan/default.erb b/templates/debsecan/default.erb

new file mode 100644 (file)

index 0000000..7fc18e2
--- /dev/null
+++ b/templates/debsecan/default.erb
@@ -0,0 +1,17 @@
+# Configuration file for debsecan.  Contents of this file should
+# adhere to the KEY=VALUE shell syntax.  This file may be edited by
+# debsecan's scripts, but your modifications are preserved.
+
+# If true, enable daily reports, sent by email.
+REPORT=true
+
+# For better reporting, specify the correct suite here, using the code
+# name (that is, "sid" instead of "unstable").
+SUITE=<%= scope.lookupvar('::lsbdistcodename') %>
+
+# Mail address to which reports are sent.
+MAILTO=root
+
+# The URL from which vulnerability data is downloaded.  Empty for the
+# built-in default.
+SOURCE=
author	Silvio Rhatto <rhatto@riseup.net>
	Sat, 19 Aug 2017 16:52:20 +0000 (13:52 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Sat, 19 Aug 2017 16:52:20 +0000 (13:52 -0300)
manifests/subsystem/security.pp		patch \| blob \| history
manifests/utils.pp		patch \| blob \| history
manifests/utils/android.pp		patch \| blob \| history
manifests/utils/development/ide.pp		patch \| blob \| history
manifests/utils/development/toolchain.pp		patch \| blob \| history
manifests/utils/latex.pp		patch \| blob \| history
templates/debsecan/default.erb	[new file with mode: 0644]	patch \| blob