* [gentoo-commits] repo/gentoo:master commit in: app-admin/vault/files/
@ 2015-10-27 23:20 Zac Medico
0 siblings, 0 replies; 5+ messages in thread
From: Zac Medico @ 2015-10-27 23:20 UTC (permalink / raw
To: gentoo-commits
commit: ca33af0c07b165bd5d81f73662fff714e3e1c48a
Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Tue Oct 27 23:19:00 2015 +0000
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Tue Oct 27 23:19:57 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca33af0c
app-admin/vault: fix openrc init script to refer to /usr/bin/vault (bug 564290)
Package-Manager: portage-2.2.23
app-admin/vault/files/vault.initd | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app-admin/vault/files/vault.initd b/app-admin/vault/files/vault.initd
index e4fb31b..8d3e2cc 100644
--- a/app-admin/vault/files/vault.initd
+++ b/app-admin/vault/files/vault.initd
@@ -8,7 +8,7 @@ group=${group:-${SVCNAME}}
pidfile=${pidfile:-"/run/${SVCNAME}/${SVCNAME}.pid"}
user=${user:-${SVCNAME}}
-command="/usr/sbin/${SVCNAME}"
+command="/usr/bin/${SVCNAME}"
command_args="agent -config-dir=/etc/vault.d ${command_args}"
command_background="true"
start_stop_daemon_args="--user ${user} --group ${group} \
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: app-admin/vault/files/
@ 2016-06-06 6:37 Zac Medico
0 siblings, 0 replies; 5+ messages in thread
From: Zac Medico @ 2016-06-06 6:37 UTC (permalink / raw
To: gentoo-commits
commit: fe2e87cdd9ba78e5ef089edb0f713f80091aa81f
Author: Georg Hopp <georg <AT> steffers <DOT> org>
AuthorDate: Mon Jun 6 06:09:35 2016 +0000
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Mon Jun 6 06:37:38 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fe2e87cd
app-admin/vault: fix init script command_args, bug 584644
Package-Manager: portage-2.3.0_rc1
app-admin/vault/files/vault.confd | 2 +-
app-admin/vault/files/vault.initd | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/app-admin/vault/files/vault.confd b/app-admin/vault/files/vault.confd
index 6060958..6263ff0 100644
--- a/app-admin/vault/files/vault.confd
+++ b/app-admin/vault/files/vault.confd
@@ -4,4 +4,4 @@
# - user (default: vault)
# extra arguments for the consul agent
-command_args="-config=/etc/consul.d"
+command_args="-config=/etc/vault.d"
diff --git a/app-admin/vault/files/vault.initd b/app-admin/vault/files/vault.initd
index 8d3e2cc..0d473fc 100644
--- a/app-admin/vault/files/vault.initd
+++ b/app-admin/vault/files/vault.initd
@@ -9,7 +9,7 @@ pidfile=${pidfile:-"/run/${SVCNAME}/${SVCNAME}.pid"}
user=${user:-${SVCNAME}}
command="/usr/bin/${SVCNAME}"
-command_args="agent -config-dir=/etc/vault.d ${command_args}"
+command_args="server ${command_args}"
command_background="true"
start_stop_daemon_args="--user ${user} --group ${group} \
--stdout /var/log/${SVCNAME}/${SVCNAME}.log \
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: app-admin/vault/files/
@ 2017-01-23 17:39 Zac Medico
0 siblings, 0 replies; 5+ messages in thread
From: Zac Medico @ 2017-01-23 17:39 UTC (permalink / raw
To: gentoo-commits
commit: d37c70a547cfcd92280c4710ef95547083bbe992
Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 23 17:39:15 2017 +0000
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Mon Jan 23 17:39:47 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d37c70a5
app-admin/vault: remove su from logrotate config
Package-Manager: Portage-2.3.3, Repoman-2.3.1
app-admin/vault/files/vault.logrotated | 1 -
1 file changed, 1 deletion(-)
diff --git a/app-admin/vault/files/vault.logrotated b/app-admin/vault/files/vault.logrotated
index db24363..66b827b 100644
--- a/app-admin/vault/files/vault.logrotated
+++ b/app-admin/vault/files/vault.logrotated
@@ -1,5 +1,4 @@
/var/log/vault/vault.log {
- su vault vault
missingok
size 5M
rotate 3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: app-admin/vault/files/
@ 2017-06-03 23:53 Zac Medico
0 siblings, 0 replies; 5+ messages in thread
From: Zac Medico @ 2017-06-03 23:53 UTC (permalink / raw
To: gentoo-commits
commit: c6818a2ed00197497da5b368cdeea095899ab811
Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Sat Jun 3 23:45:29 2017 +0000
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Sat Jun 3 23:53:13 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c6818a2e
app-admin/vault: support systemd-233 with AmbientCapabilities
Package-Manager: Portage-2.3.6, Repoman-2.3.2
app-admin/vault/files/vault.service | 1 +
1 file changed, 1 insertion(+)
diff --git a/app-admin/vault/files/vault.service b/app-admin/vault/files/vault.service
index cee34e2845b..3071d034627 100644
--- a/app-admin/vault/files/vault.service
+++ b/app-admin/vault/files/vault.service
@@ -8,6 +8,7 @@ User=vault
Environment=VAULT_SERVER_OPTS="-config=/etc/vault.d"
ExecStart=/usr/bin/vault server $VAULT_SERVER_OPTS
CapabilityBoundingSet=CAP_IPC_LOCK
+AmbientCapabilities=CAP_IPC_LOCK
Capabilities=CAP_IPC_LOCK=ep
SecureBits=keep-caps
Restart=on-failure
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: app-admin/vault/files/
@ 2022-02-17 17:36 Conrad Kostecki
0 siblings, 0 replies; 5+ messages in thread
From: Conrad Kostecki @ 2022-02-17 17:36 UTC (permalink / raw
To: gentoo-commits
commit: 1c1caebef1709bb5fdf4911359e5232367b59cf1
Author: Michael Mair-Keimberger <mmk <AT> levelnine <DOT> at>
AuthorDate: Thu Feb 17 06:55:18 2022 +0000
Commit: Conrad Kostecki <conikost <AT> gentoo <DOT> org>
CommitDate: Thu Feb 17 17:35:24 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c1caebe
app-admin/vault: remove unused patch
Closes: https://github.com/gentoo/gentoo/pull/24227
Package-Manager: Portage-3.0.30, Repoman-3.0.3
Signed-off-by: Michael Mair-Keimberger <m.mairkeimberger <AT> gmail.com>
Signed-off-by: Conrad Kostecki <conikost <AT> gentoo.org>
app-admin/vault/files/vault-1.8.2-go-limiter.patch | 264 ---------------------
1 file changed, 264 deletions(-)
diff --git a/app-admin/vault/files/vault-1.8.2-go-limiter.patch b/app-admin/vault/files/vault-1.8.2-go-limiter.patch
deleted file mode 100644
index 3aef43e5c17b..000000000000
--- a/app-admin/vault/files/vault-1.8.2-go-limiter.patch
+++ /dev/null
@@ -1,264 +0,0 @@
-This is a combination of upstream commits:
-b368a675955707db4e940da29a1043871a3781b6
-21ea03e0f874991086d2f1bcdc285216878bd566
-
-Fixes https://bugs.gentoo.org/808791
-Fixes https://bugs.gentoo.org/810317
-
-diff --git a/go.mod b/go.mod
-index 548c0590f..22a8833e2 100644
---- a/go.mod
-+++ b/go.mod
-@@ -150,7 +150,7 @@ require (
- github.com/ryanuber/go-glob v1.0.0
- github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da
- github.com/sasha-s/go-deadlock v0.2.0
-- github.com/sethvargo/go-limiter v0.3.0
-+ github.com/sethvargo/go-limiter v0.7.1
- github.com/shirou/gopsutil v3.21.5+incompatible
- github.com/stretchr/testify v1.7.0
- github.com/tidwall/pretty v1.0.1 // indirect
-diff --git a/go.sum b/go.sum
-index c5b3b410d..98a5dd0a8 100644
---- a/go.sum
-+++ b/go.sum
-@@ -1120,8 +1120,8 @@ github.com/sean-/conswriter v0.0.0-20180208195008-f5ae3917a627/go.mod h1:7zjs06q
- github.com/sean-/pager v0.0.0-20180208200047-666be9bf53b5/go.mod h1:BeybITEsBEg6qbIiqJ6/Bqeq25bCLbL7YFmpaFfJDuM=
- github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I=
- github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
--github.com/sethvargo/go-limiter v0.3.0 h1:yRMc+Qs2yqw6YJp6UxrO2iUs6DOSq4zcnljbB7/rMns=
--github.com/sethvargo/go-limiter v0.3.0/go.mod h1:C0kbSFbiriE5k2FFOe18M1YZbAR2Fiwf72uGu0CXCcU=
-+github.com/sethvargo/go-limiter v0.7.1 h1:wWNhTj0pxjyJ7wuJHpRJpYwJn+bUnjYfw2a85eu5w9U=
-+github.com/sethvargo/go-limiter v0.7.1/go.mod h1:C0kbSFbiriE5k2FFOe18M1YZbAR2Fiwf72uGu0CXCcU=
- github.com/shirou/gopsutil v3.21.5+incompatible h1:OloQyEerMi7JUrXiNzy8wQ5XN+baemxSl12QgIzt0jc=
- github.com/shirou/gopsutil v3.21.5+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
- github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24 h1:pntxY8Ary0t43dCZ5dqY4YTJCObLY1kIXl0uzMv+7DE=
-diff --git a/http/util.go b/http/util.go
-index 0550a93c7..cbb364843 100644
---- a/http/util.go
-+++ b/http/util.go
-@@ -48,7 +48,7 @@ func rateLimitQuotaWrapping(handler http.Handler, core *vault.Core) http.Handler
- return
- }
-
-- quotaResp, err := core.ApplyRateLimitQuota("as.Request{
-+ quotaResp, err := core.ApplyRateLimitQuota(r.Context(), "as.Request{
- Type: quotas.TypeRateLimit,
- Path: path,
- MountPath: strings.TrimPrefix(core.MatchingMount(r.Context(), path), ns.Path),
-diff --git a/vault/core.go b/vault/core.go
-index 3b6e461fd..27741e8c6 100644
---- a/vault/core.go
-+++ b/vault/core.go
-@@ -2744,7 +2744,7 @@ func (c *Core) setupQuotas(ctx context.Context, isPerfStandby bool) error {
-
- // ApplyRateLimitQuota checks the request against all the applicable quota rules.
- // If the given request's path is exempt, no rate limiting will be applied.
--func (c *Core) ApplyRateLimitQuota(req *quotas.Request) (quotas.Response, error) {
-+func (c *Core) ApplyRateLimitQuota(ctx context.Context, req *quotas.Request) (quotas.Response, error) {
- req.Type = quotas.TypeRateLimit
-
- resp := quotas.Response{
-@@ -2758,7 +2758,7 @@ func (c *Core) ApplyRateLimitQuota(req *quotas.Request) (quotas.Response, error)
- return resp, nil
- }
-
-- return c.quotaManager.ApplyQuota(req)
-+ return c.quotaManager.ApplyQuota(ctx, req)
- }
-
- return resp, nil
-diff --git a/vault/quotas/quotas.go b/vault/quotas/quotas.go
-index 68cc72f9f..80ee59521 100644
---- a/vault/quotas/quotas.go
-+++ b/vault/quotas/quotas.go
-@@ -168,7 +168,7 @@ type Manager struct {
- // Quota represents the common properties of every quota type
- type Quota interface {
- // allow checks the if the request is allowed by the quota type implementation.
-- allow(*Request) (Response, error)
-+ allow(context.Context, *Request) (Response, error)
-
- // quotaID is the identifier of the quota rule
- quotaID() string
-@@ -181,7 +181,7 @@ type Quota interface {
-
- // close defines any cleanup behavior that needs to be executed when a quota
- // rule is deleted.
-- close() error
-+ close(context.Context) error
-
- // handleRemount takes in the new mount path in the quota
- handleRemount(string)
-@@ -287,7 +287,7 @@ func (m *Manager) setQuotaLocked(ctx context.Context, qType string, quota Quota,
- // If there already exists an entry in the db, remove that first.
- if raw != nil {
- quota := raw.(Quota)
-- if err := quota.close(); err != nil {
-+ if err := quota.close(ctx); err != nil {
- return err
- }
- err = txn.Delete(qType, raw)
-@@ -518,7 +518,7 @@ func (m *Manager) DeleteQuota(ctx context.Context, qType string, name string) er
- }
-
- quota := raw.(Quota)
-- if err := quota.close(); err != nil {
-+ if err := quota.close(ctx); err != nil {
- return err
- }
-
-@@ -541,7 +541,7 @@ func (m *Manager) DeleteQuota(ctx context.Context, qType string, name string) er
- // ApplyQuota runs the request against any quota rule that is applicable to it. If
- // there are multiple quota rule that matches the request parameters, rule that
- // takes precedence will be used to allow/reject the request.
--func (m *Manager) ApplyQuota(req *Request) (Response, error) {
-+func (m *Manager) ApplyQuota(ctx context.Context, req *Request) (Response, error) {
- var resp Response
-
- quota, err := m.QueryQuota(req)
-@@ -562,7 +562,7 @@ func (m *Manager) ApplyQuota(req *Request) (Response, error) {
- return resp, nil
- }
-
-- return quota.allow(req)
-+ return quota.allow(ctx, req)
- }
-
- // SetEnableRateLimitAuditLogging updates the operator preference regarding the
-diff --git a/vault/quotas/quotas_rate_limit.go b/vault/quotas/quotas_rate_limit.go
-index 64117b002..ad58b2af3 100644
---- a/vault/quotas/quotas_rate_limit.go
-+++ b/vault/quotas/quotas_rate_limit.go
-@@ -1,6 +1,7 @@
- package quotas
-
- import (
-+ "context"
- "encoding/hex"
- "fmt"
- "math"
-@@ -264,7 +265,7 @@ func (rlq *RateLimitQuota) QuotaName() string {
- // returned if the request ID or address is empty. If the path is exempt, the
- // quota will not be evaluated. Otherwise, the client rate limiter is retrieved
- // by address and the rate limit quota is checked against that limiter.
--func (rlq *RateLimitQuota) allow(req *Request) (Response, error) {
-+func (rlq *RateLimitQuota) allow(ctx context.Context, req *Request) (Response, error) {
- resp := Response{
- Headers: make(map[string]string),
- }
-@@ -300,7 +301,11 @@ func (rlq *RateLimitQuota) allow(req *Request) (Response, error) {
- }
- }
-
-- limit, remaining, reset, allow := rlq.store.Take(req.ClientAddress)
-+ limit, remaining, reset, allow, err := rlq.store.Take(ctx, req.ClientAddress)
-+ if err != nil {
-+ return resp, err
-+ }
-+
- resp.Allowed = allow
- resp.Headers[httplimit.HeaderRateLimitLimit] = strconv.FormatUint(limit, 10)
- resp.Headers[httplimit.HeaderRateLimitRemaining] = strconv.FormatUint(remaining, 10)
-@@ -320,13 +325,13 @@ func (rlq *RateLimitQuota) allow(req *Request) (Response, error) {
-
- // close stops the current running client purge loop.
- // It should be called with the write lock held.
--func (rlq *RateLimitQuota) close() error {
-+func (rlq *RateLimitQuota) close(ctx context.Context) error {
- if rlq.purgeBlocked {
- close(rlq.closePurgeBlockedCh)
- }
-
- if rlq.store != nil {
-- return rlq.store.Close()
-+ return rlq.store.Close(ctx)
- }
-
- return nil
-diff --git a/vault/quotas/quotas_rate_limit_test.go b/vault/quotas/quotas_rate_limit_test.go
-index 27225e338..21f35dac3 100644
---- a/vault/quotas/quotas_rate_limit_test.go
-+++ b/vault/quotas/quotas_rate_limit_test.go
-@@ -37,7 +37,7 @@ func TestNewRateLimitQuota(t *testing.T) {
- err := tc.rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink())
- require.Equal(t, tc.expectErr, err != nil, err)
- if err == nil {
-- require.Nil(t, tc.rlq.close())
-+ require.Nil(t, tc.rlq.close(context.Background()))
- }
- })
- }
-@@ -46,7 +46,7 @@ func TestNewRateLimitQuota(t *testing.T) {
- func TestRateLimitQuota_Close(t *testing.T) {
- rlq := NewRateLimitQuota("test-rate-limiter", "qa", "/foo/bar", 16.7, time.Second, time.Minute)
- require.NoError(t, rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink()))
-- require.NoError(t, rlq.close())
-+ require.NoError(t, rlq.close(context.Background()))
-
- time.Sleep(time.Second) // allow enough time for purgeClientsLoop to receive on closeCh
- require.False(t, rlq.getPurgeBlocked(), "expected blocked client purging to be disabled after explicit close")
-@@ -66,14 +66,14 @@ func TestRateLimitQuota_Allow(t *testing.T) {
- }
-
- require.NoError(t, rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink()))
-- defer rlq.close()
-+ defer rlq.close(context.Background())
-
- var wg sync.WaitGroup
-
- reqFunc := func(addr string, atomicNumAllow, atomicNumFail *atomic.Int32) {
- defer wg.Done()
-
-- resp, err := rlq.allow(&Request{ClientAddress: addr})
-+ resp, err := rlq.allow(context.Background(), &Request{ClientAddress: addr})
- if err != nil {
- return
- }
-@@ -141,7 +141,7 @@ func TestRateLimitQuota_Allow_WithBlock(t *testing.T) {
- }
-
- require.NoError(t, rlq.initialize(logging.NewVaultLogger(log.Trace), metricsutil.BlackholeSink()))
-- defer rlq.close()
-+ defer rlq.close(context.Background())
- require.True(t, rlq.getPurgeBlocked())
-
- var wg sync.WaitGroup
-@@ -149,7 +149,7 @@ func TestRateLimitQuota_Allow_WithBlock(t *testing.T) {
- reqFunc := func(addr string, atomicNumAllow, atomicNumFail *atomic.Int32) {
- defer wg.Done()
-
-- resp, err := rlq.allow(&Request{ClientAddress: addr})
-+ resp, err := rlq.allow(context.Background(), &Request{ClientAddress: addr})
- if err != nil {
- return
- }
-@@ -221,5 +221,5 @@ func TestRateLimitQuota_Update(t *testing.T) {
- require.NoError(t, qm.SetQuota(context.Background(), TypeRateLimit.String(), quota, true))
- require.NoError(t, qm.SetQuota(context.Background(), TypeRateLimit.String(), quota, true))
-
-- require.Nil(t, quota.close())
-+ require.Nil(t, quota.close(context.Background()))
- }
-diff --git a/vault/quotas/quotas_util.go b/vault/quotas/quotas_util.go
-index dc2fcdfac..7c0732f67 100644
---- a/vault/quotas/quotas_util.go
-+++ b/vault/quotas/quotas_util.go
-@@ -40,7 +40,7 @@ func (*entManager) Reset() error {
-
- type LeaseCountQuota struct{}
-
--func (l LeaseCountQuota) allow(request *Request) (Response, error) {
-+func (l LeaseCountQuota) allow(_ context.Context, _ *Request) (Response, error) {
- panic("implement me")
- }
-
-@@ -56,7 +56,7 @@ func (l LeaseCountQuota) initialize(logger log.Logger, sink *metricsutil.Cluster
- panic("implement me")
- }
-
--func (l LeaseCountQuota) close() error {
-+func (l LeaseCountQuota) close(_ context.Context) error {
- panic("implement me")
- }
-
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-02-17 17:36 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-02-17 17:36 [gentoo-commits] repo/gentoo:master commit in: app-admin/vault/files/ Conrad Kostecki
-- strict thread matches above, loose matches on Subject: below --
2017-06-03 23:53 Zac Medico
2017-01-23 17:39 Zac Medico
2016-06-06 6:37 Zac Medico
2015-10-27 23:20 Zac Medico
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox