chef 0.10.10 → 10.12.0.rc.1

data/lib/chef/file_access_control/windows.rb

@@ -22,9 +22,9 @@ require 'chef/win32/security'
 class Chef
   class FileAccessControl
     module Windows
-      include Chef::Win32::API::Security
+      include Chef::ReservedNames::Win32::API::Security
 
-      Security = Chef::Win32::Security
+      Security = Chef::ReservedNames::Win32::Security
       ACL = Security::ACL
       ACE = Security::ACE
       SID = Security::SID
@@ -83,9 +83,9 @@ class Chef
       def securable_object
         @securable_object ||= begin
           if file.kind_of?(String)
-            so = Chef::Win32::Security::SecurableObject.new(file.dup)
+            so = Chef::ReservedNames::Win32::Security::SecurableObject.new(file.dup)
           end
-          raise ArgumentError, "'file' must be a valid path or object of type 'Chef::Win32::Security::SecurableObject'" unless so.kind_of? Chef::Win32::Security::SecurableObject
+          raise ArgumentError, "'file' must be a valid path or object of type 'Chef::ReservedNames::Win32::Security::SecurableObject'" unless so.kind_of? Chef::ReservedNames::Win32::Security::SecurableObject
           so
         end
       end
@@ -223,20 +223,20 @@ class Chef
           if owner
             acls += mode_ace(owner, (mode & 0700) >> 6)
           elsif mode & 0700 != 0
-            raise "Mode #{mode.to_s(8)} includes bits for the owner, but owner is not specified"
+            Chef::Log.warn("Mode #{sprintf("%03o", mode)} includes bits for the owner, but owner is not specified")
           end
 
           group = target_group
           if group
             acls += mode_ace(group, (mode & 070) >> 3)
           elsif mode & 070 != 0
-            raise "Mode #{mode.to_s(8)} includes bits for the group, but group is not specified"
+            Chef::Log.warn("Mode #{sprintf("%03o", mode)} includes bits for the group, but group is not specified")
           end
 
           acls += mode_ace(SID.Everyone, (mode & 07))
         end
 
-        acls.nil? ? nil : Chef::Win32::Security::ACL.create(acls)
+        acls.nil? ? nil : Chef::ReservedNames::Win32::Security::ACL.create(acls)
       end
 
       def target_group

data/lib/chef/knife/ssh.rb

@@ -27,9 +27,11 @@ class Chef
         require 'net/ssh/multi'
         require 'readline'
         require 'chef/search/query'
-        require 'chef/mixin/command'
+        require 'chef/mixin/shell_out'
       end
 
+      include Chef::Mixin::ShellOut
+
       attr_writer :password
 
       banner "knife ssh QUERY COMMAND (options)"
@@ -294,7 +296,7 @@ class Chef
           cmd = ["tmux new-session -d -s #{tmux_name}",
                  "-n '#{server.host}'", ssh_dest.call(server),
                  new_window_cmds.call].join(" ")
-          Chef::Mixin::Command.run_command(:command => cmd)
+          shell_out!(cmd)
           exec("tmux attach-session -t #{tmux_name}")
         rescue Chef::Exceptions::Exec
         end

data/lib/chef/mixin/enforce_ownership_and_permissions.rb

@@ -31,7 +31,7 @@ class Chef
         end
         access_controls = Chef::FileAccessControl.new(new_resource, path)
         access_controls.set_all
-        new_resource.updated_by_last_action(access_controls.modified?)
+        new_resource.updated_by_last_action(true) if access_controls.modified?
       end
 
     end

data/lib/chef/provider/link.rb

@@ -30,7 +30,16 @@ class Chef
       def file_class
         @host_os_file ||= if Chef::Platform.windows?
           require 'chef/win32/file'
-          Chef::Win32::File
+          begin
+            Chef::ReservedNames::Win32::File.verify_links_supported!
+          rescue Chef::Exceptions::Win32APIFunctionNotImplemented => e
+            message = "Link resource is not supported on this version of Windows"
+            message << ": #{node[:kernel][:name]}" if node
+            message << " (#{node[:platform_version]})" if node
+            Chef::Log.fatal(message)
+            raise e
+          end
+          Chef::ReservedNames::Win32::File
         else
           ::File
         end
@@ -48,44 +57,47 @@ class Chef
       def load_current_resource
         @current_resource = Chef::Resource::Link.new(@new_resource.name)
         @current_resource.target_file(@new_resource.target_file)
-        @current_resource.link_type(@new_resource.link_type)
-        if @new_resource.link_type == :symbolic
-          if ::File.exists?(@current_resource.target_file) && file_class.symlink?(@current_resource.target_file)
-            @current_resource.to(
-              ::File.expand_path(file_class.readlink(@current_resource.target_file))
-            )
-            cstats = ::File.lstat(@current_resource.target_file)
-            @current_resource.owner(cstats.uid)
-            @current_resource.group(cstats.gid)
-          else
-            @current_resource.to("")
-          end
-        elsif @new_resource.link_type == :hard
-          if ::File.exists?(@current_resource.target_file) && ::File.exists?(@new_resource.to)
-            if ::File.stat(@current_resource.target_file).ino == ::File.stat(@new_resource.to).ino
-              @current_resource.to(@new_resource.to)
+        if file_class.symlink?(@current_resource.target_file)
+          @current_resource.link_type(:symbolic)
+          @current_resource.to(
+            canonicalize(file_class.readlink(@current_resource.target_file))
+          )
+          cstats = ::File.lstat(@current_resource.target_file)
+          @current_resource.owner(cstats.uid)
+          @current_resource.group(cstats.gid)
+        else
+          @current_resource.link_type(:hard)
+          if ::File.exists?(@current_resource.target_file)
+            if ::File.exists?(@new_resource.to) &&
+               file_class.stat(@current_resource.target_file).ino ==
+               file_class.stat(@new_resource.to).ino
+              @current_resource.to(canonicalize(@new_resource.to))
             else
               @current_resource.to("")
             end
-          else
-            @current_resource.to("")
           end
         end
         @current_resource
       end
 
+      def canonicalize(path)
+        Chef::Platform.windows? ? path.gsub('/', '\\') : path
+      end
+
       def action_create
-        if @current_resource.to != ::File.expand_path(@new_resource.to, @new_resource.target_file)
+        if @current_resource.to != canonicalize(@new_resource.to) ||
+           @current_resource.link_type != @new_resource.link_type
           if @new_resource.link_type == :symbolic
-            unless (file_class.symlink?(@new_resource.target_file) && file_class.readlink(@new_resource.target_file) == @new_resource.to)
-              if file_class.symlink?(@new_resource.target_file) || ::File.exist?(@new_resource.target_file)
-                ::File.unlink(@new_resource.target_file)
-              end
-              file_class.symlink(@new_resource.to,@new_resource.target_file)
-              Chef::Log.debug("#{@new_resource} created #{@new_resource.link_type} link from #{@new_resource.to} -> #{@new_resource.target_file}")
-              Chef::Log.info("#{@new_resource} created")
+            if @current_resource.to # nil if target_file does not exist
+              ::File.unlink(@new_resource.target_file)
             end
+            file_class.symlink(canonicalize(@new_resource.to),@new_resource.target_file)
+            Chef::Log.debug("#{@new_resource} created #{@new_resource.link_type} link from #{@new_resource.to} -> #{@new_resource.target_file}")
+            Chef::Log.info("#{@new_resource} created")
           elsif @new_resource.link_type == :hard
+            if @current_resource.to # nil if target_file does not exist
+              ::File.unlink(@new_resource.target_file)
+            end
             file_class.link(@new_resource.to, @new_resource.target_file)
             Chef::Log.debug("#{@new_resource} created #{@new_resource.link_type} link from #{@new_resource.to} -> #{@new_resource.target_file}")
             Chef::Log.info("#{@new_resource} created")
@@ -93,29 +105,21 @@ class Chef
           @new_resource.updated_by_last_action(true)
         end
         if @new_resource.link_type == :symbolic
-          enforce_ownership_and_permissions
+          enforce_ownership_and_permissions @new_resource.target_file
         end
       end
 
       def action_delete
-        if @new_resource.link_type == :symbolic
-          if file_class.symlink?(@new_resource.target_file)
-            ::File.delete(@new_resource.target_file)
-            Chef::Log.info("#{@new_resource} deleted")
-            @new_resource.updated_by_last_action(true)
-          elsif ::File.exists?(@new_resource.target_file)
-            raise Chef::Exceptions::Link, "Cannot delete #{@new_resource} at #{@new_resource.target_file}! Not a symbolic link."
-          end
-        elsif @new_resource.link_type == :hard
-          if ::File.exists?(@new_resource.target_file)
-             if ::File.exists?(@new_resource.to) && (file_class.stat(@current_resource.target_file).ino == file_class.stat(@new_resource.to).ino)
-               ::File.delete(@new_resource.target_file)
-               Chef::Log.info("#{@new_resource} deleted")
-               @new_resource.updated_by_last_action(true)
-             else
-               raise Chef::Exceptions::Link, "Cannot delete #{@new_resource} at #{@new_resource.target_file}! Not a hard link."
-             end
+        if @current_resource.to # Exists
+          if @current_resource.link_type == @new_resource.link_type
+            unless @current_resource.link_type == :hard && @current_resource.to == ''
+              ::File.delete(@new_resource.target_file)
+              Chef::Log.info("#{@new_resource} deleted")
+              @new_resource.updated_by_last_action(true)
+              return
+            end
           end
+          raise Chef::Exceptions::Link, "Cannot delete #{@new_resource} at #{@new_resource.target_file}! Not a #{@new_resource.link_type.to_s} link."
         end
       end
     end

data/lib/chef/provider/mdadm.rb

@@ -51,7 +51,10 @@ class Chef
 
       def action_create
         unless @current_resource.exists
-          command = "yes | mdadm --create #{@new_resource.raid_device} --chunk=#{@new_resource.chunk} --level #{@new_resource.level} --metadata=#{@new_resource.metadata} --bitmap=#{@new_resource.bitmap} --raid-devices #{@new_resource.devices.length} #{@new_resource.devices.join(" ")}"
+          command = "yes | mdadm --create #{@new_resource.raid_device} --chunk=#{@new_resource.chunk} --level #{@new_resource.level}"
+          command << " --metadata=#{@new_resource.metadata}"
+          command << " --bitmap=#{@new_resource.bitmap}" if @new_resource.bitmap
+          command << " --raid-devices #{@new_resource.devices.length} #{@new_resource.devices.join(" ")}"
           Chef::Log.debug("#{@new_resource} mdadm command: #{command}")
           #pid, stdin, stdout, stderr = popen4(command)
           shell_out!(command)

data/lib/chef/provider/package/rubygems.rb

@@ -344,6 +344,7 @@ class Chef
             # Opscode Omnibus - The ruby that ships inside omnibus is only used for Chef
             # Default to installing somewhere more functional
             gem_location = find_gem_by_path
+            @new_resource.gem_binary gem_location
             @gem_env = AlternateGemEnvironment.new(gem_location)
             Chef::Log.debug("#{@new_resource} using gem '#{gem_location}'")
           else
@@ -353,7 +354,7 @@ class Chef
         end
 
         def is_omnibus?
-          if RbConfig::CONFIG['bindir'] == "/opt/chef/embedded/bin"
+          if RbConfig::CONFIG['bindir'] =~ %r!/opt/(opscode|chef)/embedded/bin!
             Chef::Log.debug("#{@new_resource} detected omnibus installation in #{RbConfig::CONFIG['bindir']}")
             # Omnibus installs to a static path because of linking on unix, find it.
             true

data/lib/chef/provider/remote_file.rb

@@ -39,7 +39,7 @@ class Chef
         if current_resource_matches_target_checksum?
           Chef::Log.debug("#{@new_resource} checksum matches target checksum (#{@new_resource.checksum}) - not updating")
         else
-          Chef::REST.new(@new_resource.source, nil, nil).fetch(@new_resource.source) do |raw_file|
+          Chef::REST.new(@new_resource.source, nil, nil, http_client_opts).fetch(@new_resource.source) do |raw_file|
             if matches_current_checksum?(raw_file)
               Chef::Log.debug "#{@new_resource} target and source checksums are the same - not updating"
             else
@@ -99,6 +99,22 @@ class Chef
         end
       end
 
+      def http_client_opts
+        opts={}
+        # CHEF-3140
+        # 1. If it's already compressed, trying to compress it more will
+        # probably be counter-productive.
+        # 2. Some servers are misconfigured so that you GET $URL/file.tgz but
+        # they respond with content type of tar and content encoding of gzip,
+        # which tricks Chef::REST into decompressing the response body. In this
+        # case you'd end up with a tar archive (no gzip) named, e.g., foo.tgz,
+        # which is not what you wanted.
+        if @new_resource.path =~ /gz$/ or @new_resource.source =~ /gz$/
+          opts[:disable_gzip] = true
+        end
+        opts
+      end
+
       private
 
       def absolute_uri?(source)

data/lib/chef/reserved_names.rb

@@ -0,0 +1,9 @@
+class Chef
+
+  # This module exists to hide conflicting constant names from the DSL.
+  # Hopefully we'll have a better/prettier/more sustainable solution in the
+  # future, but for now this will fix a regression introduced in Chef 0.10.10
+  # (conflict with the Win32 namespace)
+  module ReservedNames
+  end
+end

data/lib/chef/resource/link.rb

@@ -39,7 +39,7 @@ class Chef
 
       def to(arg=nil)
         set_or_return(
-          :source_file,
+          :to,
           arg,
           :kind_of => String
         )
@@ -62,22 +62,6 @@ class Chef
         )
       end
 
-      def group(arg=nil)
-        set_or_return(
-          :group,
-          arg,
-          :regex => Chef::Config[:group_valid_regex]
-        )
-      end
-
-      def owner(arg=nil)
-        set_or_return(
-          :owner,
-          arg,
-          :regex => Chef::Config[:user_valid_regex]
-        )
-      end
-
     end
   end
 end

data/lib/chef/resource/mdadm.rb

@@ -31,7 +31,7 @@ class Chef
         @exists = false
         @level = 1
         @metadata = "0.90"
-        @bitmap = "none"
+        @bitmap = nil
         @raid_device = name
 
         @action = :create

data/lib/chef/resource_platform_map.rb

@@ -43,7 +43,6 @@ class Chef
 
         if map.has_key?(platform_sym)
           if map[platform_sym].has_key?(version)
-            Chef::Log.debug("Platform #{platform_sym} version #{version} found")
             if map[platform_sym].has_key?(:default)
               resource_map.merge!(map[platform_sym][:default])
             end
@@ -51,8 +50,6 @@ class Chef
           elsif map[platform_sym].has_key?(:default)
             resource_map.merge!(map[platform_sym][:default])
           end
-        else
-          Chef::Log.debug("Platform #{platform} not found, using all defaults. (Unsupported platform?)")
         end
         resource_map
       end
@@ -136,6 +133,7 @@ class Chef
       def platform_resource(short_name, platform, version)
         pmap = filter(platform, version)
         rtkey = short_name.kind_of?(Chef::Resource) ? short_name.resource_name.to_sym : short_name
+
         pmap.has_key?(rtkey) ? pmap[rtkey] : nil
       end
 

data/lib/chef/rest.rb

@@ -62,6 +62,8 @@ class Chef
       @sign_on_redirect, @sign_request = true, true
       @redirects_followed = 0
       @redirect_limit = 10
+      @disable_gzip = false
+      handle_options(options)
     end
 
     def signing_key_filename
@@ -267,15 +269,19 @@ class Chef
     end
 
     def decompress_body(response)
-      case response[CONTENT_ENCODING]
-      when GZIP
-        Chef::Log.debug "decompressing gzip response"
-        Zlib::Inflate.new(Zlib::MAX_WBITS + 16).inflate(response.body)
-      when DEFLATE
-        Chef::Log.debug "decompressing deflate response"
-        Zlib::Inflate.inflate(response.body)
-      else
+      if gzip_disabled?
         response.body
+      else
+        case response[CONTENT_ENCODING]
+        when GZIP
+          Chef::Log.debug "decompressing gzip response"
+          Zlib::Inflate.new(Zlib::MAX_WBITS + 16).inflate(response.body)
+        when DEFLATE
+          Chef::Log.debug "decompressing deflate response"
+          Zlib::Inflate.inflate(response.body)
+        else
+          response.body
+        end
       end
     end
 
@@ -403,7 +409,7 @@ class Chef
       headers['Accept']       = "application/json" unless raw
       headers["Content-Type"] = 'application/json' if json_body
       headers['Content-Length'] = json_body.bytesize.to_s if json_body
-      headers[RESTRequest::ACCEPT_ENCODING] = RESTRequest::ENCODING_GZIP_DEFLATE
+      headers[RESTRequest::ACCEPT_ENCODING] = RESTRequest::ENCODING_GZIP_DEFLATE unless gzip_disabled?
       headers.merge!(authentication_headers(method, url, json_body)) if sign_requests?
       headers.merge!(Chef::Config[:custom_http_headers]) if Chef::Config[:custom_http_headers]
       headers
@@ -419,15 +425,19 @@ class Chef
       # Kudos to _why!
       size, total = 0, response.header['Content-Length'].to_i
 
-      inflater = case response[CONTENT_ENCODING]
-      when GZIP
-        Chef::Log.debug "decompressing gzip stream"
-        Zlib::Inflate.new(Zlib::MAX_WBITS + 16)
-      when DEFLATE
-        Chef::Log.debug "decompressing inflate stream"
-        Zlib::Inflate.new
-      else
+      inflater = if gzip_disabled?
         NoopInflater.new
+      else
+        case response[CONTENT_ENCODING]
+        when GZIP
+          Chef::Log.debug "decompressing gzip stream"
+          Zlib::Inflate.new(Zlib::MAX_WBITS + 16)
+        when DEFLATE
+          Chef::Log.debug "decompressing inflate stream"
+          Zlib::Inflate.new
+        else
+          NoopInflater.new
+        end
       end
 
       response.read_body do |chunk|
@@ -441,5 +451,26 @@ class Chef
       raise
     end
 
+    # gzip is disabled using the disable_gzip => true option in the
+    # constructor. When gzip is disabled, no 'Accept-Encoding' header will be
+    # set, and the response will not be decompressed, no matter what the
+    # Content-Encoding header of the response is. The intended use case for
+    # this is to work around situations where you request +file.tar.gz+, but
+    # the server responds with a content type of tar and a content encoding of
+    # gzip, tricking the client into decompressing the response so you end up
+    # with a tar archive (no gzip) named file.tar.gz
+    def gzip_disabled?
+      @disable_gzip
+    end
+
+    def handle_options(opts)
+      opts.each do |name, value|
+        case name.to_s
+        when 'disable_gzip'
+          @disable_gzip = value
+        end
+      end
+    end
+
   end
 end