From 5c5ffa21ddcce610d5bbf7b3885b08497e85dac4 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Wed, 19 Jun 2013 18:28:41 +0100 Subject: [PATCH 1/1] Drop support for old Ubuntu versions we no longer use --- cookbooks/dhcpd/recipes/default.rb | 16 +++------- cookbooks/networking/recipes/default.rb | 12 ++------ cookbooks/ntp/recipes/default.rb | 28 ++++------------- cookbooks/openssh/recipes/default.rb | 6 +--- cookbooks/sysctl/recipes/default.rb | 22 +++++--------- .../sysctl/templates/default/sysctl.conf.erb | 30 ------------------- cookbooks/tools/recipes/default.rb | 5 +--- cookbooks/web/recipes/cgimap.rb | 7 +---- 8 files changed, 21 insertions(+), 105 deletions(-) delete mode 100644 cookbooks/sysctl/templates/default/sysctl.conf.erb diff --git a/cookbooks/dhcpd/recipes/default.rb b/cookbooks/dhcpd/recipes/default.rb index 0bdba6a32..bcf49aada 100644 --- a/cookbooks/dhcpd/recipes/default.rb +++ b/cookbooks/dhcpd/recipes/default.rb @@ -19,19 +19,11 @@ include_recipe "networking" -if node[:lsb][:release].to_f < 12.04 - package_name = "dhcp3-server" - config_file = "/etc/dhcp3/dhcpd.conf" -else - package_name = "isc-dhcp-server" - config_file = "/etc/dhcp/dhcpd.conf" -end - -package package_name +package "isc-dhcp-server" domain = "#{node[:networking][:roles][:external][:zone]}.openstreetmap.org" -template config_file do +template "/etc/dhcp/dhcpd.conf" do source "dhcpd.conf.erb" owner "root" group "root" @@ -39,8 +31,8 @@ template config_file do variables :domain => domain end -service package_name do +service "isc-dhcp-server" do action [ :enable, :start ] supports :status => true, :restart => true - subscribes :restart, resources(:template => config_file) + subscribes :restart, "template[/etc/dhcp/dhcpd.conf]" end diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb index f68522bcf..29ea9ad65 100644 --- a/cookbooks/networking/recipes/default.rb +++ b/cookbooks/networking/recipes/default.rb @@ -196,11 +196,7 @@ firewall_rule "limit-icmp-echo" do dest "fw" proto "icmp" dest_ports "echo-request" - if node[:lsb][:release].to_f >= 10.04 - rate_limit "s:1/sec:5" - else - rate_limit "1/sec:5" - end + rate_limit "s:1/sec:5" end [ "ucl", "ic", "bm" ].each do |zone| @@ -305,11 +301,7 @@ if not node.interfaces(:family => :inet6).empty? dest "fw" proto "ipv6-icmp" dest_ports "echo-request" - if node[:lsb][:release].to_f >= 10.04 - rate_limit "s:1/sec:5" - else - rate_limit "1/sec:5" - end + rate_limit "s:1/sec:5" end end diff --git a/cookbooks/ntp/recipes/default.rb b/cookbooks/ntp/recipes/default.rb index d56804777..938aa47ac 100644 --- a/cookbooks/ntp/recipes/default.rb +++ b/cookbooks/ntp/recipes/default.rb @@ -51,30 +51,12 @@ template "/etc/ntp.conf" do notifies :restart, resources(:service => "ntp") end -munin_plugins = [] +munin_plugins = [ "ntp_kernel_err", "ntp_kernel_pll_freq", "ntp_kernel_pll_off", "ntp_offset" ] -if node[:lsb][:release].to_f <= 8.04 - munin_plugins = [ "ntp_states" ] - - node[:ntp][:servers].each do |name| - name = Socket.gethostbyname(name)[0].gsub!(/[.-]/, "_") - - munin_plugin "ntp_#{name}" do - target "ntp_" - end - - munin_plugins.push("ntp_#{name}") - end - - munin_plugin "ntp_states" -else - munin_plugins = [ "ntp_kernel_err", "ntp_kernel_pll_freq", "ntp_kernel_pll_off", "ntp_offset" ] - - munin_plugin "ntp_kernel_err" - munin_plugin "ntp_kernel_pll_freq" - munin_plugin "ntp_kernel_pll_off" - munin_plugin "ntp_offset" -end +munin_plugin "ntp_kernel_err" +munin_plugin "ntp_kernel_pll_freq" +munin_plugin "ntp_kernel_pll_off" +munin_plugin "ntp_offset" if File.directory?("/etc/munin/plugins") Dir.new("/etc/munin/plugins").each do |plugin| diff --git a/cookbooks/openssh/recipes/default.rb b/cookbooks/openssh/recipes/default.rb index 59c8fe7d8..ceb9a6792 100644 --- a/cookbooks/openssh/recipes/default.rb +++ b/cookbooks/openssh/recipes/default.rb @@ -25,11 +25,7 @@ package "openssh-server" service "ssh" do action [ :enable, :start ] - if node[:lsb][:release].to_f >= 10.04 - supports :status => true, :restart => true, :reload => true - else - supports :restart => true, :reload => true - end + supports :status => true, :restart => true, :reload => true end hosts = search(:node, "networking:interfaces").sort_by do |node| diff --git a/cookbooks/sysctl/recipes/default.rb b/cookbooks/sysctl/recipes/default.rb index 58e86f94c..02f753580 100644 --- a/cookbooks/sysctl/recipes/default.rb +++ b/cookbooks/sysctl/recipes/default.rb @@ -21,27 +21,19 @@ package "procps" do action :install end -if node[:lsb][:release].to_f <= 8.04 - sysctl_template = "sysctl.conf.erb" - sysctl_conf = "/etc/sysctl.conf" -else - directory "/etc/sysctl.d" do - owner "root" - group "root" - mode 0755 - end - - sysctl_template = "chef.conf.erb" - sysctl_conf = "/etc/sysctl.d/60-chef.conf" +directory "/etc/sysctl.d" do + owner "root" + group "root" + mode 0755 end execute "sysctl" do action :nothing - command "/sbin/sysctl -p #{sysctl_conf}" + command "/sbin/sysctl -p /etc/sysctl.d/60-chef.conf" end -template sysctl_conf do - source sysctl_template +template "/etc/sysctl.d/60-chef.conf" do + source "chef.conf.erb" owner "root" group "root" mode 0644 diff --git a/cookbooks/sysctl/templates/default/sysctl.conf.erb b/cookbooks/sysctl/templates/default/sysctl.conf.erb deleted file mode 100644 index 0172a4334..000000000 --- a/cookbooks/sysctl/templates/default/sysctl.conf.erb +++ /dev/null @@ -1,30 +0,0 @@ -# DO NOT EDIT - This file is being maintained by Chef - -# Stop low-level messages on console -kernel.printk = 4 4 1 7 - -# Enable /proc/$pid/maps privacy so that memory relocations are not -# visible to other users. (Added in kernel 2.6.22.) -kernel.maps_protect = 1 - -# Protect the zero page of memory from userspace mmap to prevent kernel -# NULL-dereference attacks against potential future kernel security -# vulnerabilities. (Added in kernel 2.6.23.) -# -# While this default is built into the Ubuntu kernel, there is no way to -# restore the kernel default if the value is changed during runtime; for -# example via package removal (e.g. wine, dosemu). Therefore, this value -# is reset to the secure default each time the sysctl values are loaded. -vm.mmap_min_addr = 65536 - -# Turn on Source Address Verification in all interfaces to -# prevent some spoofing attacks. -net.ipv4.conf.default.rp_filter = 1 -net.ipv4.conf.all.rp_filter = 1 -<% node[:sysctl].each do |name,group| -%> - -# <%= group[:comment] %> -<% group[:parameters].each do |key,value| -%> -<%= key %> = <%= value %> -<% end -%> -<% end -%> diff --git a/cookbooks/tools/recipes/default.rb b/cookbooks/tools/recipes/default.rb index 432f0fd69..c5e85a6ab 100644 --- a/cookbooks/tools/recipes/default.rb +++ b/cookbooks/tools/recipes/default.rb @@ -32,10 +32,7 @@ package "usbutils" package "numactl" package "xfsprogs" package "sysv-rc-conf" - -if node[:lsb][:release].to_f >= 10.04 - package "iotop" -end +package "iotop" if node[:lsb][:release].to_f <= 11.04 package "lslk" diff --git a/cookbooks/web/recipes/cgimap.rb b/cookbooks/web/recipes/cgimap.rb index 73114c1e7..41b27f049 100644 --- a/cookbooks/web/recipes/cgimap.rb +++ b/cookbooks/web/recipes/cgimap.rb @@ -32,14 +32,9 @@ package "libmemcached-dev" package "libboost-regex-dev" package "libboost-program-options-dev" package "libboost-date-time-dev" +package "libpqxx3-dev" package "zlib1g-dev" -if node[:lsb][:release].to_f < 12.04 - package "libpqxx-dev" -else - package "libpqxx3-dev" -end - cgimap_directory = "#{node[:web][:base_directory]}/cgimap" pid_directory = node[:web][:pid_directory] log_directory = node[:web][:log_directory] -- 2.43.2