puppet-parse 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/.travis.yml +0 -5
- data/README.md +1 -3
- data/lib/puppet-parse/version.rb +1 -1
- data/lib/puppet-parse.rb +2 -2
- data/lib/vendor/puppet/agent/locker.rb +46 -0
- data/lib/vendor/puppet/agent.rb +99 -0
- data/lib/vendor/puppet/application/agent.rb +489 -0
- data/lib/vendor/puppet/application/apply.rb +266 -0
- data/lib/vendor/puppet/application/ca.rb +5 -0
- data/lib/vendor/puppet/application/catalog.rb +4 -0
- data/lib/vendor/puppet/application/cert.rb +240 -0
- data/lib/vendor/puppet/application/certificate.rb +13 -0
- data/lib/vendor/puppet/application/certificate_request.rb +4 -0
- data/lib/vendor/puppet/application/certificate_revocation_list.rb +4 -0
- data/lib/vendor/puppet/application/config.rb +4 -0
- data/lib/vendor/puppet/application/describe.rb +256 -0
- data/lib/vendor/puppet/application/device.rb +242 -0
- data/lib/vendor/puppet/application/doc.rb +275 -0
- data/lib/vendor/puppet/application/face_base.rb +264 -0
- data/lib/vendor/puppet/application/facts.rb +4 -0
- data/lib/vendor/puppet/application/file.rb +4 -0
- data/lib/vendor/puppet/application/filebucket.rb +191 -0
- data/lib/vendor/puppet/application/help.rb +4 -0
- data/lib/vendor/puppet/application/indirection_base.rb +4 -0
- data/lib/vendor/puppet/application/inspect.rb +191 -0
- data/lib/vendor/puppet/application/instrumentation_data.rb +4 -0
- data/lib/vendor/puppet/application/instrumentation_listener.rb +4 -0
- data/lib/vendor/puppet/application/instrumentation_probe.rb +4 -0
- data/lib/vendor/puppet/application/key.rb +4 -0
- data/lib/vendor/puppet/application/kick.rb +351 -0
- data/lib/vendor/puppet/application/man.rb +4 -0
- data/lib/vendor/puppet/application/master.rb +263 -0
- data/lib/vendor/puppet/application/module.rb +11 -0
- data/lib/vendor/puppet/application/node.rb +4 -0
- data/lib/vendor/puppet/application/parser.rb +5 -0
- data/lib/vendor/puppet/application/plugin.rb +3 -0
- data/lib/vendor/puppet/application/queue.rb +161 -0
- data/lib/vendor/puppet/application/report.rb +4 -0
- data/lib/vendor/puppet/application/resource.rb +237 -0
- data/lib/vendor/puppet/application/resource_type.rb +4 -0
- data/lib/vendor/puppet/application/secret_agent.rb +6 -0
- data/lib/vendor/puppet/application/status.rb +4 -0
- data/lib/vendor/puppet/application.rb +421 -0
- data/lib/vendor/puppet/configurer/downloader.rb +86 -0
- data/lib/vendor/puppet/configurer/fact_handler.rb +56 -0
- data/lib/vendor/puppet/configurer/plugin_handler.rb +37 -0
- data/lib/vendor/puppet/configurer.rb +249 -0
- data/lib/vendor/puppet/daemon.rb +200 -0
- data/lib/vendor/puppet/defaults.rb +970 -0
- data/lib/vendor/puppet/dsl/resource_api.rb +120 -0
- data/lib/vendor/puppet/dsl/resource_type_api.rb +34 -0
- data/lib/vendor/puppet/dsl.rb +7 -0
- data/lib/vendor/puppet/error.rb +43 -0
- data/lib/vendor/puppet/external/base64.rb +19 -0
- data/lib/vendor/puppet/external/dot.rb +326 -0
- data/lib/vendor/puppet/external/lock.rb +63 -0
- data/lib/vendor/puppet/external/nagios/base.rb +472 -0
- data/lib/vendor/puppet/external/nagios/grammar.ry +185 -0
- data/lib/vendor/puppet/external/nagios/makefile +9 -0
- data/lib/vendor/puppet/external/nagios/parser.rb +775 -0
- data/lib/vendor/puppet/external/nagios.rb +48 -0
- data/lib/vendor/puppet/external/pson/common.rb +370 -0
- data/lib/vendor/puppet/external/pson/pure/generator.rb +401 -0
- data/lib/vendor/puppet/external/pson/pure/parser.rb +264 -0
- data/lib/vendor/puppet/external/pson/pure.rb +77 -0
- data/lib/vendor/puppet/external/pson/version.rb +8 -0
- data/lib/vendor/puppet/face/ca.rb +242 -0
- data/lib/vendor/puppet/face/catalog/select.rb +49 -0
- data/lib/vendor/puppet/face/catalog.rb +131 -0
- data/lib/vendor/puppet/face/certificate.rb +148 -0
- data/lib/vendor/puppet/face/certificate_request.rb +53 -0
- data/lib/vendor/puppet/face/certificate_revocation_list.rb +58 -0
- data/lib/vendor/puppet/face/config.rb +45 -0
- data/lib/vendor/puppet/face/facts.rb +81 -0
- data/lib/vendor/puppet/face/file/download.rb +54 -0
- data/lib/vendor/puppet/face/file/store.rb +21 -0
- data/lib/vendor/puppet/face/file.rb +47 -0
- data/lib/vendor/puppet/face/help/action.erb +53 -0
- data/lib/vendor/puppet/face/help/face.erb +79 -0
- data/lib/vendor/puppet/face/help/global.erb +19 -0
- data/lib/vendor/puppet/face/help/man.erb +136 -0
- data/lib/vendor/puppet/face/help.rb +131 -0
- data/lib/vendor/puppet/face/instrumentation_data.rb +28 -0
- data/lib/vendor/puppet/face/instrumentation_listener.rb +96 -0
- data/lib/vendor/puppet/face/instrumentation_probe.rb +77 -0
- data/lib/vendor/puppet/face/key.rb +15 -0
- data/lib/vendor/puppet/face/man.rb +93 -0
- data/lib/vendor/puppet/face/module/build.rb +37 -0
- data/lib/vendor/puppet/face/module/changes.rb +38 -0
- data/lib/vendor/puppet/face/module/generate.rb +42 -0
- data/lib/vendor/puppet/face/module/install.rb +174 -0
- data/lib/vendor/puppet/face/module/list.rb +285 -0
- data/lib/vendor/puppet/face/module/search.rb +88 -0
- data/lib/vendor/puppet/face/module/uninstall.rb +86 -0
- data/lib/vendor/puppet/face/module/upgrade.rb +84 -0
- data/lib/vendor/puppet/face/module.rb +17 -0
- data/lib/vendor/puppet/face/node/clean.rb +156 -0
- data/lib/vendor/puppet/face/node.rb +43 -0
- data/lib/vendor/puppet/face/parser.rb +51 -0
- data/lib/vendor/puppet/face/plugin.rb +55 -0
- data/lib/vendor/puppet/face/report.rb +56 -0
- data/lib/vendor/puppet/face/resource.rb +53 -0
- data/lib/vendor/puppet/face/resource_type.rb +81 -0
- data/lib/vendor/puppet/face/secret_agent.rb +54 -0
- data/lib/vendor/puppet/face/status.rb +53 -0
- data/lib/vendor/puppet/face.rb +12 -0
- data/lib/vendor/puppet/feature/base.rb +67 -0
- data/lib/vendor/puppet/feature/eventlog.rb +6 -0
- data/lib/vendor/puppet/feature/pson.rb +6 -0
- data/lib/vendor/puppet/feature/rack.rb +24 -0
- data/lib/vendor/puppet/feature/rails.rb +30 -0
- data/lib/vendor/puppet/feature/rubygems.rb +3 -0
- data/lib/vendor/puppet/feature/selinux.rb +3 -0
- data/lib/vendor/puppet/feature/ssh.rb +4 -0
- data/lib/vendor/puppet/feature/stomp.rb +6 -0
- data/lib/vendor/puppet/feature/zlib.rb +6 -0
- data/lib/vendor/puppet/file_bucket/dipper.rb +107 -0
- data/lib/vendor/puppet/file_bucket/file.rb +55 -0
- data/lib/vendor/puppet/file_bucket.rb +4 -0
- data/lib/vendor/puppet/file_collection/lookup.rb +10 -0
- data/lib/vendor/puppet/file_collection.rb +19 -0
- data/lib/vendor/puppet/file_serving/base.rb +88 -0
- data/lib/vendor/puppet/file_serving/configuration/parser.rb +115 -0
- data/lib/vendor/puppet/file_serving/configuration.rb +122 -0
- data/lib/vendor/puppet/file_serving/content.rb +45 -0
- data/lib/vendor/puppet/file_serving/fileset.rb +173 -0
- data/lib/vendor/puppet/file_serving/metadata.rb +155 -0
- data/lib/vendor/puppet/file_serving/mount/file.rb +121 -0
- data/lib/vendor/puppet/file_serving/mount/modules.rb +24 -0
- data/lib/vendor/puppet/file_serving/mount/plugins.rb +26 -0
- data/lib/vendor/puppet/file_serving/mount.rb +39 -0
- data/lib/vendor/puppet/file_serving/terminus_helper.rb +21 -0
- data/lib/vendor/puppet/file_serving/terminus_selector.rb +28 -0
- data/lib/vendor/puppet/file_serving.rb +3 -0
- data/lib/vendor/puppet/forge/cache.rb +55 -0
- data/lib/vendor/puppet/forge/repository.rb +102 -0
- data/lib/vendor/puppet/forge.rb +98 -0
- data/lib/vendor/puppet/indirector/active_record.rb +28 -0
- data/lib/vendor/puppet/indirector/catalog/active_record.rb +41 -0
- data/lib/vendor/puppet/indirector/catalog/compiler.rb +153 -0
- data/lib/vendor/puppet/indirector/catalog/queue.rb +5 -0
- data/lib/vendor/puppet/indirector/catalog/rest.rb +6 -0
- data/lib/vendor/puppet/indirector/catalog/static_compiler.rb +136 -0
- data/lib/vendor/puppet/indirector/catalog/store_configs.rb +5 -0
- data/lib/vendor/puppet/indirector/catalog/yaml.rb +22 -0
- data/lib/vendor/puppet/indirector/certificate/ca.rb +9 -0
- data/lib/vendor/puppet/indirector/certificate/disabled_ca.rb +22 -0
- data/lib/vendor/puppet/indirector/certificate/file.rb +9 -0
- data/lib/vendor/puppet/indirector/certificate/rest.rb +15 -0
- data/lib/vendor/puppet/indirector/certificate_request/ca.rb +22 -0
- data/lib/vendor/puppet/indirector/certificate_request/disabled_ca.rb +22 -0
- data/lib/vendor/puppet/indirector/certificate_request/file.rb +8 -0
- data/lib/vendor/puppet/indirector/certificate_request/rest.rb +9 -0
- data/lib/vendor/puppet/indirector/certificate_revocation_list/ca.rb +8 -0
- data/lib/vendor/puppet/indirector/certificate_revocation_list/disabled_ca.rb +22 -0
- data/lib/vendor/puppet/indirector/certificate_revocation_list/file.rb +8 -0
- data/lib/vendor/puppet/indirector/certificate_revocation_list/rest.rb +9 -0
- data/lib/vendor/puppet/indirector/certificate_status/file.rb +82 -0
- data/lib/vendor/puppet/indirector/certificate_status/rest.rb +10 -0
- data/lib/vendor/puppet/indirector/certificate_status.rb +4 -0
- data/lib/vendor/puppet/indirector/code.rb +6 -0
- data/lib/vendor/puppet/indirector/couch.rb +78 -0
- data/lib/vendor/puppet/indirector/direct_file_server.rb +19 -0
- data/lib/vendor/puppet/indirector/envelope.rb +11 -0
- data/lib/vendor/puppet/indirector/exec.rb +48 -0
- data/lib/vendor/puppet/indirector/face.rb +137 -0
- data/lib/vendor/puppet/indirector/facts/active_record.rb +36 -0
- data/lib/vendor/puppet/indirector/facts/couch.rb +31 -0
- data/lib/vendor/puppet/indirector/facts/facter.rb +96 -0
- data/lib/vendor/puppet/indirector/facts/inventory_active_record.rb +100 -0
- data/lib/vendor/puppet/indirector/facts/inventory_service.rb +20 -0
- data/lib/vendor/puppet/indirector/facts/memory.rb +9 -0
- data/lib/vendor/puppet/indirector/facts/network_device.rb +25 -0
- data/lib/vendor/puppet/indirector/facts/rest.rb +8 -0
- data/lib/vendor/puppet/indirector/facts/store_configs.rb +5 -0
- data/lib/vendor/puppet/indirector/facts/yaml.rb +82 -0
- data/lib/vendor/puppet/indirector/file_bucket_file/file.rb +136 -0
- data/lib/vendor/puppet/indirector/file_bucket_file/rest.rb +8 -0
- data/lib/vendor/puppet/indirector/file_bucket_file/selector.rb +49 -0
- data/lib/vendor/puppet/indirector/file_content/file.rb +7 -0
- data/lib/vendor/puppet/indirector/file_content/file_server.rb +7 -0
- data/lib/vendor/puppet/indirector/file_content/rest.rb +7 -0
- data/lib/vendor/puppet/indirector/file_content/selector.rb +30 -0
- data/lib/vendor/puppet/indirector/file_content.rb +5 -0
- data/lib/vendor/puppet/indirector/file_metadata/file.rb +22 -0
- data/lib/vendor/puppet/indirector/file_metadata/file_server.rb +7 -0
- data/lib/vendor/puppet/indirector/file_metadata/rest.rb +7 -0
- data/lib/vendor/puppet/indirector/file_metadata/selector.rb +30 -0
- data/lib/vendor/puppet/indirector/file_metadata.rb +5 -0
- data/lib/vendor/puppet/indirector/file_server.rb +65 -0
- data/lib/vendor/puppet/indirector/indirection.rb +323 -0
- data/lib/vendor/puppet/indirector/instrumentation_data/local.rb +19 -0
- data/lib/vendor/puppet/indirector/instrumentation_data/rest.rb +5 -0
- data/lib/vendor/puppet/indirector/instrumentation_data.rb +3 -0
- data/lib/vendor/puppet/indirector/instrumentation_listener/local.rb +23 -0
- data/lib/vendor/puppet/indirector/instrumentation_listener/rest.rb +5 -0
- data/lib/vendor/puppet/indirector/instrumentation_listener.rb +3 -0
- data/lib/vendor/puppet/indirector/instrumentation_probe/local.rb +24 -0
- data/lib/vendor/puppet/indirector/instrumentation_probe/rest.rb +5 -0
- data/lib/vendor/puppet/indirector/instrumentation_probe.rb +3 -0
- data/lib/vendor/puppet/indirector/inventory/yaml.rb +81 -0
- data/lib/vendor/puppet/indirector/key/ca.rb +12 -0
- data/lib/vendor/puppet/indirector/key/disabled_ca.rb +22 -0
- data/lib/vendor/puppet/indirector/key/file.rb +42 -0
- data/lib/vendor/puppet/indirector/ldap.rb +78 -0
- data/lib/vendor/puppet/indirector/memory.rb +21 -0
- data/lib/vendor/puppet/indirector/node/active_record.rb +13 -0
- data/lib/vendor/puppet/indirector/node/exec.rb +60 -0
- data/lib/vendor/puppet/indirector/node/ldap.rb +256 -0
- data/lib/vendor/puppet/indirector/node/memory.rb +10 -0
- data/lib/vendor/puppet/indirector/node/plain.rb +19 -0
- data/lib/vendor/puppet/indirector/node/rest.rb +7 -0
- data/lib/vendor/puppet/indirector/node/store_configs.rb +5 -0
- data/lib/vendor/puppet/indirector/node/yaml.rb +7 -0
- data/lib/vendor/puppet/indirector/plain.rb +9 -0
- data/lib/vendor/puppet/indirector/queue.rb +81 -0
- data/lib/vendor/puppet/indirector/report/processor.rb +61 -0
- data/lib/vendor/puppet/indirector/report/rest.rb +7 -0
- data/lib/vendor/puppet/indirector/report/yaml.rb +11 -0
- data/lib/vendor/puppet/indirector/request.rb +204 -0
- data/lib/vendor/puppet/indirector/resource/active_record.rb +93 -0
- data/lib/vendor/puppet/indirector/resource/ral.rb +53 -0
- data/lib/vendor/puppet/indirector/resource/rest.rb +5 -0
- data/lib/vendor/puppet/indirector/resource/store_configs.rb +3 -0
- data/lib/vendor/puppet/indirector/resource_type/parser.rb +43 -0
- data/lib/vendor/puppet/indirector/resource_type/rest.rb +7 -0
- data/lib/vendor/puppet/indirector/resource_type.rb +5 -0
- data/lib/vendor/puppet/indirector/rest.rb +166 -0
- data/lib/vendor/puppet/indirector/run/local.rb +8 -0
- data/lib/vendor/puppet/indirector/run/rest.rb +6 -0
- data/lib/vendor/puppet/indirector/ssl_file.rb +178 -0
- data/lib/vendor/puppet/indirector/status/local.rb +7 -0
- data/lib/vendor/puppet/indirector/status/rest.rb +5 -0
- data/lib/vendor/puppet/indirector/status.rb +3 -0
- data/lib/vendor/puppet/indirector/store_configs.rb +30 -0
- data/lib/vendor/puppet/indirector/terminus.rb +145 -0
- data/lib/vendor/puppet/indirector/yaml.rb +75 -0
- data/lib/vendor/puppet/indirector.rb +57 -0
- data/lib/vendor/puppet/interface/action.rb +322 -0
- data/lib/vendor/puppet/interface/action_builder.rb +74 -0
- data/lib/vendor/puppet/interface/action_manager.rb +74 -0
- data/lib/vendor/puppet/interface/documentation.rb +230 -0
- data/lib/vendor/puppet/interface/face_collection.rb +128 -0
- data/lib/vendor/puppet/interface/option.rb +127 -0
- data/lib/vendor/puppet/interface/option_builder.rb +67 -0
- data/lib/vendor/puppet/interface/option_manager.rb +68 -0
- data/lib/vendor/puppet/interface.rb +161 -0
- data/lib/vendor/puppet/metatype/manager.rb +141 -0
- data/lib/vendor/puppet/module.rb +314 -0
- data/lib/vendor/puppet/module_tool/applications/application.rb +82 -0
- data/lib/vendor/puppet/module_tool/applications/builder.rb +91 -0
- data/lib/vendor/puppet/module_tool/applications/checksummer.rb +56 -0
- data/lib/vendor/puppet/module_tool/applications/generator.rb +141 -0
- data/lib/vendor/puppet/module_tool/applications/installer.rb +183 -0
- data/lib/vendor/puppet/module_tool/applications/searcher.rb +15 -0
- data/lib/vendor/puppet/module_tool/applications/uninstaller.rb +107 -0
- data/lib/vendor/puppet/module_tool/applications/unpacker.rb +67 -0
- data/lib/vendor/puppet/module_tool/applications/upgrader.rb +109 -0
- data/lib/vendor/puppet/module_tool/applications.rb +15 -0
- data/lib/vendor/puppet/module_tool/checksums.rb +52 -0
- data/lib/vendor/puppet/module_tool/contents_description.rb +82 -0
- data/lib/vendor/puppet/module_tool/dependency.rb +24 -0
- data/lib/vendor/puppet/module_tool/errors/base.rb +15 -0
- data/lib/vendor/puppet/module_tool/errors/installer.rb +90 -0
- data/lib/vendor/puppet/module_tool/errors/shared.rb +115 -0
- data/lib/vendor/puppet/module_tool/errors/uninstaller.rb +45 -0
- data/lib/vendor/puppet/module_tool/errors/upgrader.rb +72 -0
- data/lib/vendor/puppet/module_tool/errors.rb +9 -0
- data/lib/vendor/puppet/module_tool/metadata.rb +141 -0
- data/lib/vendor/puppet/module_tool/modulefile.rb +75 -0
- data/lib/vendor/puppet/module_tool/shared_behaviors.rb +161 -0
- data/lib/vendor/puppet/module_tool/skeleton/templates/generator/Modulefile.erb +11 -0
- data/lib/vendor/puppet/module_tool/skeleton/templates/generator/README.erb +16 -0
- data/lib/vendor/puppet/module_tool/skeleton/templates/generator/manifests/init.pp.erb +41 -0
- data/lib/vendor/puppet/module_tool/skeleton/templates/generator/spec/spec_helper.rb +17 -0
- data/lib/vendor/puppet/module_tool/skeleton/templates/generator/tests/init.pp.erb +11 -0
- data/lib/vendor/puppet/module_tool/skeleton.rb +34 -0
- data/lib/vendor/puppet/module_tool.rb +99 -0
- data/lib/vendor/puppet/network/authconfig.rb +174 -0
- data/lib/vendor/puppet/network/authorization.rb +76 -0
- data/lib/vendor/puppet/network/authstore.rb +267 -0
- data/lib/vendor/puppet/network/client_request.rb +29 -0
- data/lib/vendor/puppet/network/format.rb +111 -0
- data/lib/vendor/puppet/network/format_handler.rb +181 -0
- data/lib/vendor/puppet/network/formats.rb +171 -0
- data/lib/vendor/puppet/network/handler/ca.rb +61 -0
- data/lib/vendor/puppet/network/handler/filebucket.rb +53 -0
- data/lib/vendor/puppet/network/handler/fileserver.rb +732 -0
- data/lib/vendor/puppet/network/handler/master.rb +87 -0
- data/lib/vendor/puppet/network/handler/report.rb +82 -0
- data/lib/vendor/puppet/network/handler/runner.rb +33 -0
- data/lib/vendor/puppet/network/handler/status.rb +18 -0
- data/lib/vendor/puppet/network/handler.rb +50 -0
- data/lib/vendor/puppet/network/http/api/v1.rb +83 -0
- data/lib/vendor/puppet/network/http/api.rb +4 -0
- data/lib/vendor/puppet/network/http/compression.rb +114 -0
- data/lib/vendor/puppet/network/http/handler.rb +247 -0
- data/lib/vendor/puppet/network/http/mongrel/rest.rb +99 -0
- data/lib/vendor/puppet/network/http/mongrel.rb +55 -0
- data/lib/vendor/puppet/network/http/rack/httphandler.rb +16 -0
- data/lib/vendor/puppet/network/http/rack/rest.rb +100 -0
- data/lib/vendor/puppet/network/http/rack/xmlrpc.rb +65 -0
- data/lib/vendor/puppet/network/http/rack.rb +65 -0
- data/lib/vendor/puppet/network/http/webrick/rest.rb +81 -0
- data/lib/vendor/puppet/network/http/webrick.rb +141 -0
- data/lib/vendor/puppet/network/http.rb +15 -0
- data/lib/vendor/puppet/network/http_pool.rb +57 -0
- data/lib/vendor/puppet/network/http_server/mongrel.rb +129 -0
- data/lib/vendor/puppet/network/http_server.rb +3 -0
- data/lib/vendor/puppet/network/rest_authconfig.rb +102 -0
- data/lib/vendor/puppet/network/rest_authorization.rb +23 -0
- data/lib/vendor/puppet/network/rest_controller.rb +2 -0
- data/lib/vendor/puppet/network/rights.rb +275 -0
- data/lib/vendor/puppet/network/server.rb +164 -0
- data/lib/vendor/puppet/network/xmlrpc/processor.rb +86 -0
- data/lib/vendor/puppet/network/xmlrpc/server.rb +19 -0
- data/lib/vendor/puppet/network/xmlrpc/webrick_servlet.rb +114 -0
- data/lib/vendor/puppet/network.rb +3 -0
- data/lib/vendor/puppet/node/environment.rb +216 -0
- data/lib/vendor/puppet/node/facts.rb +99 -0
- data/lib/vendor/puppet/node/inventory.rb +7 -0
- data/lib/vendor/puppet/node.rb +120 -0
- data/lib/vendor/puppet/parameter/path.rb +34 -0
- data/lib/vendor/puppet/parameter/value.rb +69 -0
- data/lib/vendor/puppet/parameter/value_collection.rb +143 -0
- data/lib/vendor/puppet/parameter.rb +316 -0
- data/lib/vendor/puppet/parser/ast/arithmetic_operator.rb +39 -0
- data/lib/vendor/puppet/parser/ast/astarray.rb +50 -0
- data/lib/vendor/puppet/parser/ast/asthash.rb +37 -0
- data/lib/vendor/puppet/parser/ast/boolean_operator.rb +46 -0
- data/lib/vendor/puppet/parser/ast/branch.rb +37 -0
- data/lib/vendor/puppet/parser/ast/caseopt.rb +52 -0
- data/lib/vendor/puppet/parser/ast/casestatement.rb +44 -0
- data/lib/vendor/puppet/parser/ast/collection.rb +49 -0
- data/lib/vendor/puppet/parser/ast/collexpr.rb +57 -0
- data/lib/vendor/puppet/parser/ast/comparison_operator.rb +38 -0
- data/lib/vendor/puppet/parser/ast/definition.rb +17 -0
- data/lib/vendor/puppet/parser/ast/else.rb +22 -0
- data/lib/vendor/puppet/parser/ast/function.rb +50 -0
- data/lib/vendor/puppet/parser/ast/hostclass.rb +29 -0
- data/lib/vendor/puppet/parser/ast/ifstatement.rb +34 -0
- data/lib/vendor/puppet/parser/ast/in_operator.rb +24 -0
- data/lib/vendor/puppet/parser/ast/leaf.rb +221 -0
- data/lib/vendor/puppet/parser/ast/match_operator.rb +28 -0
- data/lib/vendor/puppet/parser/ast/minus.rb +23 -0
- data/lib/vendor/puppet/parser/ast/node.rb +20 -0
- data/lib/vendor/puppet/parser/ast/nop.rb +11 -0
- data/lib/vendor/puppet/parser/ast/not.rb +19 -0
- data/lib/vendor/puppet/parser/ast/relationship.rb +47 -0
- data/lib/vendor/puppet/parser/ast/resource.rb +74 -0
- data/lib/vendor/puppet/parser/ast/resource_defaults.rb +24 -0
- data/lib/vendor/puppet/parser/ast/resource_instance.rb +9 -0
- data/lib/vendor/puppet/parser/ast/resource_override.rb +67 -0
- data/lib/vendor/puppet/parser/ast/resource_reference.rb +28 -0
- data/lib/vendor/puppet/parser/ast/resourceparam.rb +29 -0
- data/lib/vendor/puppet/parser/ast/selector.rb +44 -0
- data/lib/vendor/puppet/parser/ast/tag.rb +24 -0
- data/lib/vendor/puppet/parser/ast/top_level_construct.rb +4 -0
- data/lib/vendor/puppet/parser/ast/vardef.rb +33 -0
- data/lib/vendor/puppet/parser/ast.rb +139 -0
- data/lib/vendor/puppet/parser/collector.rb +176 -0
- data/lib/vendor/puppet/parser/compiler.rb +476 -0
- data/lib/vendor/puppet/parser/files.rb +88 -0
- data/lib/vendor/puppet/parser/functions/create_resources.rb +75 -0
- data/lib/vendor/puppet/parser/functions/defined.rb +49 -0
- data/lib/vendor/puppet/parser/functions/extlookup.rb +152 -0
- data/lib/vendor/puppet/parser/functions/fail.rb +4 -0
- data/lib/vendor/puppet/parser/functions/file.rb +23 -0
- data/lib/vendor/puppet/parser/functions/fqdn_rand.rb +13 -0
- data/lib/vendor/puppet/parser/functions/generate.rb +37 -0
- data/lib/vendor/puppet/parser/functions/include.rb +24 -0
- data/lib/vendor/puppet/parser/functions/inline_template.rb +21 -0
- data/lib/vendor/puppet/parser/functions/md5.rb +5 -0
- data/lib/vendor/puppet/parser/functions/realize.rb +14 -0
- data/lib/vendor/puppet/parser/functions/regsubst.rb +119 -0
- data/lib/vendor/puppet/parser/functions/require.rb +57 -0
- data/lib/vendor/puppet/parser/functions/search.rb +7 -0
- data/lib/vendor/puppet/parser/functions/sha1.rb +5 -0
- data/lib/vendor/puppet/parser/functions/shellquote.rb +61 -0
- data/lib/vendor/puppet/parser/functions/split.rb +29 -0
- data/lib/vendor/puppet/parser/functions/sprintf.rb +39 -0
- data/lib/vendor/puppet/parser/functions/tag.rb +6 -0
- data/lib/vendor/puppet/parser/functions/tagged.rb +18 -0
- data/lib/vendor/puppet/parser/functions/template.rb +23 -0
- data/lib/vendor/puppet/parser/functions/versioncmp.rb +37 -0
- data/lib/vendor/puppet/parser/functions.rb +165 -0
- data/lib/vendor/puppet/parser/grammar.ra +771 -0
- data/lib/vendor/puppet/parser/lexer.rb +617 -0
- data/lib/vendor/puppet/parser/makefile +8 -0
- data/lib/vendor/puppet/parser/parser.rb +2421 -0
- data/lib/vendor/puppet/parser/parser_support.rb +211 -0
- data/lib/vendor/puppet/parser/relationship.rb +62 -0
- data/lib/vendor/puppet/parser/resource/param.rb +25 -0
- data/lib/vendor/puppet/parser/resource.rb +341 -0
- data/lib/vendor/puppet/parser/scope.rb +497 -0
- data/lib/vendor/puppet/parser/templatewrapper.rb +115 -0
- data/lib/vendor/puppet/parser/type_loader.rb +172 -0
- data/lib/vendor/puppet/parser/yaml_trimmer.rb +9 -0
- data/lib/vendor/puppet/parser.rb +4 -0
- data/lib/vendor/puppet/property/ensure.rb +92 -0
- data/lib/vendor/puppet/property/keyvalue.rb +86 -0
- data/lib/vendor/puppet/property/list.rb +75 -0
- data/lib/vendor/puppet/property/ordered_list.rb +22 -0
- data/lib/vendor/puppet/property.rb +373 -0
- data/lib/vendor/puppet/provider/aixobject.rb +393 -0
- data/lib/vendor/puppet/provider/augeas/augeas.rb +418 -0
- data/lib/vendor/puppet/provider/cisco.rb +9 -0
- data/lib/vendor/puppet/provider/computer/computer.rb +20 -0
- data/lib/vendor/puppet/provider/confine/exists.rb +19 -0
- data/lib/vendor/puppet/provider/confine/false.rb +19 -0
- data/lib/vendor/puppet/provider/confine/feature.rb +17 -0
- data/lib/vendor/puppet/provider/confine/true.rb +20 -0
- data/lib/vendor/puppet/provider/confine/variable.rb +59 -0
- data/lib/vendor/puppet/provider/confine.rb +80 -0
- data/lib/vendor/puppet/provider/confine_collection.rb +50 -0
- data/lib/vendor/puppet/provider/confiner.rb +16 -0
- data/lib/vendor/puppet/provider/cron/crontab.rb +200 -0
- data/lib/vendor/puppet/provider/exec/posix.rb +39 -0
- data/lib/vendor/puppet/provider/exec/shell.rb +25 -0
- data/lib/vendor/puppet/provider/exec/windows.rb +56 -0
- data/lib/vendor/puppet/provider/exec.rb +84 -0
- data/lib/vendor/puppet/provider/file/posix.rb +135 -0
- data/lib/vendor/puppet/provider/file/windows.rb +88 -0
- data/lib/vendor/puppet/provider/group/aix.rb +141 -0
- data/lib/vendor/puppet/provider/group/directoryservice.rb +12 -0
- data/lib/vendor/puppet/provider/group/groupadd.rb +29 -0
- data/lib/vendor/puppet/provider/group/ldap.rb +45 -0
- data/lib/vendor/puppet/provider/group/pw.rb +48 -0
- data/lib/vendor/puppet/provider/group/windows_adsi.rb +54 -0
- data/lib/vendor/puppet/provider/host/parsed.rb +44 -0
- data/lib/vendor/puppet/provider/interface/base.rb +0 -0
- data/lib/vendor/puppet/provider/interface/cisco.rb +27 -0
- data/lib/vendor/puppet/provider/ldap.rb +137 -0
- data/lib/vendor/puppet/provider/macauthorization/macauthorization.rb +313 -0
- data/lib/vendor/puppet/provider/mailalias/aliases.rb +44 -0
- data/lib/vendor/puppet/provider/maillist/mailman.rb +108 -0
- data/lib/vendor/puppet/provider/mcx/mcxcontent.rb +166 -0
- data/lib/vendor/puppet/provider/mount/parsed.rb +124 -0
- data/lib/vendor/puppet/provider/mount.rb +46 -0
- data/lib/vendor/puppet/provider/naginator.rb +63 -0
- data/lib/vendor/puppet/provider/nameservice/directoryservice.rb +652 -0
- data/lib/vendor/puppet/provider/nameservice/objectadd.rb +33 -0
- data/lib/vendor/puppet/provider/nameservice/pw.rb +21 -0
- data/lib/vendor/puppet/provider/nameservice.rb +276 -0
- data/lib/vendor/puppet/provider/network_device.rb +68 -0
- data/lib/vendor/puppet/provider/package/aix.rb +128 -0
- data/lib/vendor/puppet/provider/package/appdmg.rb +109 -0
- data/lib/vendor/puppet/provider/package/apple.rb +47 -0
- data/lib/vendor/puppet/provider/package/apt.rb +111 -0
- data/lib/vendor/puppet/provider/package/aptitude.rb +29 -0
- data/lib/vendor/puppet/provider/package/aptrpm.rb +83 -0
- data/lib/vendor/puppet/provider/package/blastwave.rb +111 -0
- data/lib/vendor/puppet/provider/package/dpkg.rb +155 -0
- data/lib/vendor/puppet/provider/package/fink.rb +81 -0
- data/lib/vendor/puppet/provider/package/freebsd.rb +49 -0
- data/lib/vendor/puppet/provider/package/gem.rb +127 -0
- data/lib/vendor/puppet/provider/package/hpux.rb +44 -0
- data/lib/vendor/puppet/provider/package/macports.rb +105 -0
- data/lib/vendor/puppet/provider/package/msi.rb +141 -0
- data/lib/vendor/puppet/provider/package/nim.rb +35 -0
- data/lib/vendor/puppet/provider/package/openbsd.rb +112 -0
- data/lib/vendor/puppet/provider/package/pacman.rb +94 -0
- data/lib/vendor/puppet/provider/package/pip.rb +111 -0
- data/lib/vendor/puppet/provider/package/pkg.rb +112 -0
- data/lib/vendor/puppet/provider/package/pkgdmg.rb +123 -0
- data/lib/vendor/puppet/provider/package/pkgutil.rb +174 -0
- data/lib/vendor/puppet/provider/package/portage.rb +124 -0
- data/lib/vendor/puppet/provider/package/ports.rb +94 -0
- data/lib/vendor/puppet/provider/package/portupgrade.rb +241 -0
- data/lib/vendor/puppet/provider/package/rpm.rb +132 -0
- data/lib/vendor/puppet/provider/package/rug.rb +52 -0
- data/lib/vendor/puppet/provider/package/sun.rb +154 -0
- data/lib/vendor/puppet/provider/package/sunfreeware.rb +9 -0
- data/lib/vendor/puppet/provider/package/up2date.rb +41 -0
- data/lib/vendor/puppet/provider/package/urpmi.rb +59 -0
- data/lib/vendor/puppet/provider/package/yum.rb +106 -0
- data/lib/vendor/puppet/provider/package/yumhelper.py +129 -0
- data/lib/vendor/puppet/provider/package/zypper.rb +84 -0
- data/lib/vendor/puppet/provider/package.rb +28 -0
- data/lib/vendor/puppet/provider/parsedfile.rb +374 -0
- data/lib/vendor/puppet/provider/port/parsed.rb +173 -0
- data/lib/vendor/puppet/provider/scheduled_task/win32_taskscheduler.rb +565 -0
- data/lib/vendor/puppet/provider/selboolean/getsetsebool.rb +47 -0
- data/lib/vendor/puppet/provider/selmodule/semodule.rb +134 -0
- data/lib/vendor/puppet/provider/service/base.rb +105 -0
- data/lib/vendor/puppet/provider/service/bsd.rb +49 -0
- data/lib/vendor/puppet/provider/service/daemontools.rb +194 -0
- data/lib/vendor/puppet/provider/service/debian.rb +68 -0
- data/lib/vendor/puppet/provider/service/freebsd.rb +139 -0
- data/lib/vendor/puppet/provider/service/gentoo.rb +54 -0
- data/lib/vendor/puppet/provider/service/init.rb +140 -0
- data/lib/vendor/puppet/provider/service/launchd.rb +303 -0
- data/lib/vendor/puppet/provider/service/openrc.rb +69 -0
- data/lib/vendor/puppet/provider/service/redhat.rb +76 -0
- data/lib/vendor/puppet/provider/service/runit.rb +103 -0
- data/lib/vendor/puppet/provider/service/service.rb +43 -0
- data/lib/vendor/puppet/provider/service/smf.rb +104 -0
- data/lib/vendor/puppet/provider/service/src.rb +86 -0
- data/lib/vendor/puppet/provider/service/systemd.rb +64 -0
- data/lib/vendor/puppet/provider/service/upstart.rb +347 -0
- data/lib/vendor/puppet/provider/service/windows.rb +106 -0
- data/lib/vendor/puppet/provider/ssh_authorized_key/parsed.rb +88 -0
- data/lib/vendor/puppet/provider/sshkey/parsed.rb +37 -0
- data/lib/vendor/puppet/provider/user/aix.rb +357 -0
- data/lib/vendor/puppet/provider/user/directoryservice.rb +86 -0
- data/lib/vendor/puppet/provider/user/hpux.rb +31 -0
- data/lib/vendor/puppet/provider/user/ldap.rb +129 -0
- data/lib/vendor/puppet/provider/user/pw.rb +101 -0
- data/lib/vendor/puppet/provider/user/user_role_add.rb +207 -0
- data/lib/vendor/puppet/provider/user/useradd.rb +127 -0
- data/lib/vendor/puppet/provider/user/windows_adsi.rb +99 -0
- data/lib/vendor/puppet/provider/vlan/cisco.rb +28 -0
- data/lib/vendor/puppet/provider/zfs/solaris.rb +45 -0
- data/lib/vendor/puppet/provider/zone/solaris.rb +260 -0
- data/lib/vendor/puppet/provider/zpool/solaris.rb +116 -0
- data/lib/vendor/puppet/provider.rb +290 -0
- data/lib/vendor/puppet/rails/benchmark.rb +63 -0
- data/lib/vendor/puppet/rails/database/001_add_created_at_to_all_tables.rb +13 -0
- data/lib/vendor/puppet/rails/database/002_remove_duplicated_index_on_all_tables.rb +13 -0
- data/lib/vendor/puppet/rails/database/003_add_environment_to_host.rb +9 -0
- data/lib/vendor/puppet/rails/database/004_add_inventory_service_tables.rb +36 -0
- data/lib/vendor/puppet/rails/database/schema.rb +131 -0
- data/lib/vendor/puppet/rails/fact_name.rb +6 -0
- data/lib/vendor/puppet/rails/fact_value.rb +8 -0
- data/lib/vendor/puppet/rails/host.rb +258 -0
- data/lib/vendor/puppet/rails/inventory_fact.rb +5 -0
- data/lib/vendor/puppet/rails/inventory_node.rb +43 -0
- data/lib/vendor/puppet/rails/param_name.rb +25 -0
- data/lib/vendor/puppet/rails/param_value.rb +74 -0
- data/lib/vendor/puppet/rails/puppet_tag.rb +10 -0
- data/lib/vendor/puppet/rails/resource.rb +231 -0
- data/lib/vendor/puppet/rails/resource_tag.rb +26 -0
- data/lib/vendor/puppet/rails/source_file.rb +8 -0
- data/lib/vendor/puppet/rails.rb +132 -0
- data/lib/vendor/puppet/rb_tree_map.rb +388 -0
- data/lib/vendor/puppet/reference/configuration.rb +69 -0
- data/lib/vendor/puppet/reference/function.rb +17 -0
- data/lib/vendor/puppet/reference/indirection.rb +32 -0
- data/lib/vendor/puppet/reference/metaparameter.rb +43 -0
- data/lib/vendor/puppet/reference/network.rb +39 -0
- data/lib/vendor/puppet/reference/providers.rb +119 -0
- data/lib/vendor/puppet/reference/report.rb +23 -0
- data/lib/vendor/puppet/reference/type.rb +116 -0
- data/lib/vendor/puppet/relationship.rb +95 -0
- data/lib/vendor/puppet/reports/http.rb +25 -0
- data/lib/vendor/puppet/reports/log.rb +14 -0
- data/lib/vendor/puppet/reports/rrdgraph.rb +128 -0
- data/lib/vendor/puppet/reports/store.rb +74 -0
- data/lib/vendor/puppet/reports/tagmail.rb +179 -0
- data/lib/vendor/puppet/reports.rb +49 -0
- data/lib/vendor/puppet/resource/catalog.rb +661 -0
- data/lib/vendor/puppet/resource/status.rb +79 -0
- data/lib/vendor/puppet/resource/type.rb +344 -0
- data/lib/vendor/puppet/resource/type_collection.rb +215 -0
- data/lib/vendor/puppet/resource/type_collection_helper.rb +7 -0
- data/lib/vendor/puppet/resource.rb +467 -0
- data/lib/vendor/puppet/run.rb +77 -0
- data/lib/vendor/puppet/simple_graph.rb +550 -0
- data/lib/vendor/puppet/ssl/base.rb +86 -0
- data/lib/vendor/puppet/ssl/certificate.rb +40 -0
- data/lib/vendor/puppet/ssl/certificate_authority/interface.rb +182 -0
- data/lib/vendor/puppet/ssl/certificate_authority.rb +374 -0
- data/lib/vendor/puppet/ssl/certificate_factory.rb +166 -0
- data/lib/vendor/puppet/ssl/certificate_request.rb +149 -0
- data/lib/vendor/puppet/ssl/certificate_revocation_list.rb +84 -0
- data/lib/vendor/puppet/ssl/host.rb +365 -0
- data/lib/vendor/puppet/ssl/inventory.rb +54 -0
- data/lib/vendor/puppet/ssl/key.rb +56 -0
- data/lib/vendor/puppet/ssl.rb +8 -0
- data/lib/vendor/puppet/status.rb +28 -0
- data/lib/vendor/puppet/test/test_helper.rb +141 -0
- data/lib/vendor/puppet/transaction/event.rb +66 -0
- data/lib/vendor/puppet/transaction/event_manager.rb +115 -0
- data/lib/vendor/puppet/transaction/report.rb +200 -0
- data/lib/vendor/puppet/transaction/resource_harness.rb +178 -0
- data/lib/vendor/puppet/transaction.rb +493 -0
- data/lib/vendor/puppet/transportable.rb +248 -0
- data/lib/vendor/puppet/type/augeas.rb +218 -0
- data/lib/vendor/puppet/type/component.rb +85 -0
- data/lib/vendor/puppet/type/computer.rb +66 -0
- data/lib/vendor/puppet/type/cron.rb +421 -0
- data/lib/vendor/puppet/type/exec.rb +520 -0
- data/lib/vendor/puppet/type/file/checksum.rb +33 -0
- data/lib/vendor/puppet/type/file/content.rb +230 -0
- data/lib/vendor/puppet/type/file/ctime.rb +18 -0
- data/lib/vendor/puppet/type/file/ensure.rb +172 -0
- data/lib/vendor/puppet/type/file/group.rb +41 -0
- data/lib/vendor/puppet/type/file/mode.rb +148 -0
- data/lib/vendor/puppet/type/file/mtime.rb +17 -0
- data/lib/vendor/puppet/type/file/owner.rb +44 -0
- data/lib/vendor/puppet/type/file/selcontext.rb +123 -0
- data/lib/vendor/puppet/type/file/source.rb +195 -0
- data/lib/vendor/puppet/type/file/target.rb +87 -0
- data/lib/vendor/puppet/type/file/type.rb +19 -0
- data/lib/vendor/puppet/type/file.rb +829 -0
- data/lib/vendor/puppet/type/filebucket.rb +114 -0
- data/lib/vendor/puppet/type/group.rb +149 -0
- data/lib/vendor/puppet/type/host.rb +87 -0
- data/lib/vendor/puppet/type/interface.rb +112 -0
- data/lib/vendor/puppet/type/k5login.rb +88 -0
- data/lib/vendor/puppet/type/macauthorization.rb +167 -0
- data/lib/vendor/puppet/type/mailalias.rb +48 -0
- data/lib/vendor/puppet/type/maillist.rb +62 -0
- data/lib/vendor/puppet/type/mcx.rb +99 -0
- data/lib/vendor/puppet/type/mount.rb +241 -0
- data/lib/vendor/puppet/type/nagios_command.rb +3 -0
- data/lib/vendor/puppet/type/nagios_contact.rb +3 -0
- data/lib/vendor/puppet/type/nagios_contactgroup.rb +3 -0
- data/lib/vendor/puppet/type/nagios_host.rb +3 -0
- data/lib/vendor/puppet/type/nagios_hostdependency.rb +3 -0
- data/lib/vendor/puppet/type/nagios_hostescalation.rb +3 -0
- data/lib/vendor/puppet/type/nagios_hostextinfo.rb +3 -0
- data/lib/vendor/puppet/type/nagios_hostgroup.rb +3 -0
- data/lib/vendor/puppet/type/nagios_service.rb +3 -0
- data/lib/vendor/puppet/type/nagios_servicedependency.rb +3 -0
- data/lib/vendor/puppet/type/nagios_serviceescalation.rb +3 -0
- data/lib/vendor/puppet/type/nagios_serviceextinfo.rb +3 -0
- data/lib/vendor/puppet/type/nagios_servicegroup.rb +3 -0
- data/lib/vendor/puppet/type/nagios_timeperiod.rb +3 -0
- data/lib/vendor/puppet/type/notify.rb +44 -0
- data/lib/vendor/puppet/type/package.rb +357 -0
- data/lib/vendor/puppet/type/port.rb +119 -0
- data/lib/vendor/puppet/type/resources.rb +131 -0
- data/lib/vendor/puppet/type/router.rb +17 -0
- data/lib/vendor/puppet/type/schedule.rb +360 -0
- data/lib/vendor/puppet/type/scheduled_task.rb +166 -0
- data/lib/vendor/puppet/type/selboolean.rb +26 -0
- data/lib/vendor/puppet/type/selmodule.rb +59 -0
- data/lib/vendor/puppet/type/service.rb +221 -0
- data/lib/vendor/puppet/type/ssh_authorized_key.rb +112 -0
- data/lib/vendor/puppet/type/sshkey.rb +72 -0
- data/lib/vendor/puppet/type/stage.rb +19 -0
- data/lib/vendor/puppet/type/tidy.rb +333 -0
- data/lib/vendor/puppet/type/user.rb +524 -0
- data/lib/vendor/puppet/type/vlan.rb +26 -0
- data/lib/vendor/puppet/type/whit.rb +34 -0
- data/lib/vendor/puppet/type/yumrepo.rb +361 -0
- data/lib/vendor/puppet/type/zfs.rb +146 -0
- data/lib/vendor/puppet/type/zone.rb +492 -0
- data/lib/vendor/puppet/type/zpool.rb +91 -0
- data/lib/vendor/puppet/type.rb +1979 -0
- data/lib/vendor/puppet/util/adsi.rb +296 -0
- data/lib/vendor/puppet/util/autoload/file_cache.rb +92 -0
- data/lib/vendor/puppet/util/autoload.rb +158 -0
- data/lib/vendor/puppet/util/backups.rb +87 -0
- data/lib/vendor/puppet/util/cacher.rb +80 -0
- data/lib/vendor/puppet/util/checksums.rb +143 -0
- data/lib/vendor/puppet/util/classgen.rb +209 -0
- data/lib/vendor/puppet/util/colors.rb +128 -0
- data/lib/vendor/puppet/util/command_line.rb +185 -0
- data/lib/vendor/puppet/util/constant_inflector.rb +15 -0
- data/lib/vendor/puppet/util/diff.rb +77 -0
- data/lib/vendor/puppet/util/docs.rb +123 -0
- data/lib/vendor/puppet/util/errors.rb +63 -0
- data/lib/vendor/puppet/util/execution.rb +20 -0
- data/lib/vendor/puppet/util/execution_stub.rb +26 -0
- data/lib/vendor/puppet/util/feature.rb +83 -0
- data/lib/vendor/puppet/util/file_locking.rb +47 -0
- data/lib/vendor/puppet/util/fileparsing.rb +373 -0
- data/lib/vendor/puppet/util/filetype.rb +296 -0
- data/lib/vendor/puppet/util/graph.rb +27 -0
- data/lib/vendor/puppet/util/inifile.rb +203 -0
- data/lib/vendor/puppet/util/inline_docs.rb +26 -0
- data/lib/vendor/puppet/util/instance_loader.rb +81 -0
- data/lib/vendor/puppet/util/instrumentation/data.rb +34 -0
- data/lib/vendor/puppet/util/instrumentation/indirection_probe.rb +29 -0
- data/lib/vendor/puppet/util/instrumentation/instrumentable.rb +143 -0
- data/lib/vendor/puppet/util/instrumentation/listener.rb +60 -0
- data/lib/vendor/puppet/util/instrumentation/listeners/log.rb +29 -0
- data/lib/vendor/puppet/util/instrumentation/listeners/performance.rb +30 -0
- data/lib/vendor/puppet/util/instrumentation.rb +171 -0
- data/lib/vendor/puppet/util/ldap/connection.rb +74 -0
- data/lib/vendor/puppet/util/ldap/generator.rb +42 -0
- data/lib/vendor/puppet/util/ldap/manager.rb +279 -0
- data/lib/vendor/puppet/util/ldap.rb +2 -0
- data/lib/vendor/puppet/util/loadedfile.rb +61 -0
- data/lib/vendor/puppet/util/log/destination.rb +49 -0
- data/lib/vendor/puppet/util/log/destinations.rb +268 -0
- data/lib/vendor/puppet/util/log.rb +275 -0
- data/lib/vendor/puppet/util/log_paths.rb +22 -0
- data/lib/vendor/puppet/util/logging.rb +51 -0
- data/lib/vendor/puppet/util/metaid.rb +21 -0
- data/lib/vendor/puppet/util/methodhelper.rb +32 -0
- data/lib/vendor/puppet/util/metric.rb +186 -0
- data/lib/vendor/puppet/util/monkey_patches.rb +243 -0
- data/lib/vendor/puppet/util/nagios_maker.rb +60 -0
- data/lib/vendor/puppet/util/network_device/base.rb +27 -0
- data/lib/vendor/puppet/util/network_device/cisco/device.rb +257 -0
- data/lib/vendor/puppet/util/network_device/cisco/facts.rb +72 -0
- data/lib/vendor/puppet/util/network_device/cisco/interface.rb +82 -0
- data/lib/vendor/puppet/util/network_device/cisco.rb +4 -0
- data/lib/vendor/puppet/util/network_device/config.rb +92 -0
- data/lib/vendor/puppet/util/network_device/ipcalc.rb +68 -0
- data/lib/vendor/puppet/util/network_device/transport/base.rb +26 -0
- data/lib/vendor/puppet/util/network_device/transport/ssh.rb +121 -0
- data/lib/vendor/puppet/util/network_device/transport/telnet.rb +42 -0
- data/lib/vendor/puppet/util/network_device/transport.rb +3 -0
- data/lib/vendor/puppet/util/network_device.rb +17 -0
- data/lib/vendor/puppet/util/package.rb +31 -0
- data/lib/vendor/puppet/util/pidlock.rb +117 -0
- data/lib/vendor/puppet/util/platform.rb +22 -0
- data/lib/vendor/puppet/util/plugins.rb +82 -0
- data/lib/vendor/puppet/util/posix.rb +137 -0
- data/lib/vendor/puppet/util/provider_features.rb +168 -0
- data/lib/vendor/puppet/util/pson.rb +13 -0
- data/lib/vendor/puppet/util/queue/stomp.rb +60 -0
- data/lib/vendor/puppet/util/queue.rb +96 -0
- data/lib/vendor/puppet/util/rails/cache_accumulator.rb +65 -0
- data/lib/vendor/puppet/util/rails/collection_merger.rb +17 -0
- data/lib/vendor/puppet/util/rails/reference_serializer.rb +32 -0
- data/lib/vendor/puppet/util/rdoc.rb +87 -0
- data/lib/vendor/puppet/util/reference.rb +124 -0
- data/lib/vendor/puppet/util/resource_template.rb +61 -0
- data/lib/vendor/puppet/util/retryaction.rb +48 -0
- data/lib/vendor/puppet/util/run_mode.rb +82 -0
- data/lib/vendor/puppet/util/selinux.rb +211 -0
- data/lib/vendor/puppet/util/settings/boolean_setting.rb +30 -0
- data/lib/vendor/puppet/util/settings/file_setting.rb +135 -0
- data/lib/vendor/puppet/util/settings/setting.rb +94 -0
- data/lib/vendor/puppet/util/settings.rb +926 -0
- data/lib/vendor/puppet/util/storage.rb +96 -0
- data/lib/vendor/puppet/util/subclass_loader.rb +82 -0
- data/lib/vendor/puppet/util/suidmanager.rb +173 -0
- data/lib/vendor/puppet/util/symbolic_file_mode.rb +140 -0
- data/lib/vendor/puppet/util/tagging.rb +78 -0
- data/lib/vendor/puppet/util/terminal.rb +16 -0
- data/lib/vendor/puppet/util/user_attr.rb +21 -0
- data/lib/vendor/puppet/util/warnings.rb +29 -0
- data/lib/vendor/puppet/util/windows/error.rb +16 -0
- data/lib/vendor/puppet/util/windows/file.rb +27 -0
- data/lib/vendor/puppet/util/windows/process.rb +33 -0
- data/lib/vendor/puppet/util/windows/security.rb +622 -0
- data/lib/vendor/puppet/util/windows/sid.rb +96 -0
- data/lib/vendor/puppet/util/windows/user.rb +106 -0
- data/lib/vendor/puppet/util/windows.rb +8 -0
- data/lib/vendor/puppet/util/zaml.rb +407 -0
- data/lib/vendor/puppet/util.rb +646 -0
- data/lib/vendor/puppet/version.rb +18 -0
- data/lib/vendor/puppet.rb +125 -0
- data/lib/vendor/semver.rb +124 -0
- data/puppet-parse.gemspec +2 -8
- metadata +812 -94
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'puppet/util/windows'
|
2
|
+
|
3
|
+
module Puppet::Util::Windows::Process
|
4
|
+
extend ::Windows::Process
|
5
|
+
extend ::Windows::Handle
|
6
|
+
extend ::Windows::Synchronize
|
7
|
+
|
8
|
+
def execute(command, arguments, stdin, stdout, stderr)
|
9
|
+
Process.create( :command_line => command, :startup_info => {:stdin => stdin, :stdout => stdout, :stderr => stderr}, :close_handles => false )
|
10
|
+
end
|
11
|
+
module_function :execute
|
12
|
+
|
13
|
+
def wait_process(handle)
|
14
|
+
while WaitForSingleObject(handle, 0) == Windows::Synchronize::WAIT_TIMEOUT
|
15
|
+
sleep(1)
|
16
|
+
end
|
17
|
+
|
18
|
+
exit_status = [0].pack('L')
|
19
|
+
unless GetExitCodeProcess(handle, exit_status)
|
20
|
+
raise Puppet::Util::Windows::Error.new("Failed to get child process exit code")
|
21
|
+
end
|
22
|
+
exit_status = exit_status.unpack('L').first
|
23
|
+
|
24
|
+
# $CHILD_STATUS is not set when calling win32/process Process.create
|
25
|
+
# and since it's read-only, we can't set it. But we can execute a
|
26
|
+
# a shell that simply returns the desired exit status, which has the
|
27
|
+
# desired effect.
|
28
|
+
%x{#{ENV['COMSPEC']} /c exit #{exit_status}}
|
29
|
+
|
30
|
+
exit_status
|
31
|
+
end
|
32
|
+
module_function :wait_process
|
33
|
+
end
|
@@ -0,0 +1,622 @@
|
|
1
|
+
# This class maps POSIX owner, group, and modes to the Windows
|
2
|
+
# security model, and back.
|
3
|
+
#
|
4
|
+
# The primary goal of this mapping is to ensure that owner, group, and
|
5
|
+
# modes can be round-tripped in a consistent and deterministic
|
6
|
+
# way. Otherwise, Puppet might think file resources are out-of-sync
|
7
|
+
# every time it runs. A secondary goal is to provide equivalent
|
8
|
+
# permissions for common use-cases. For example, setting the owner to
|
9
|
+
# "Administrators", group to "Users", and mode to 750 (which also
|
10
|
+
# denies access to everyone else.
|
11
|
+
#
|
12
|
+
# There are some well-known problems mapping windows and POSIX
|
13
|
+
# permissions due to differences between the two security
|
14
|
+
# models. Search for "POSIX permission mapping leak". In POSIX, access
|
15
|
+
# to a file is determined solely based on the most specific class
|
16
|
+
# (user, group, other). So a mode of 460 would deny write access to
|
17
|
+
# the owner even if they are a member of the group. But in Windows,
|
18
|
+
# the entire access control list is walked until the user is
|
19
|
+
# explicitly denied or allowed (denied take precedence, and if neither
|
20
|
+
# occurs they are denied). As a result, a user could be allowed access
|
21
|
+
# based on their group membership. To solve this problem, other people
|
22
|
+
# have used deny access control entries to more closely model POSIX,
|
23
|
+
# but this introduces a lot of complexity.
|
24
|
+
#
|
25
|
+
# In general, this implementation only supports "typical" permissions,
|
26
|
+
# where group permissions are a subset of user, and other permissions
|
27
|
+
# are a subset of group, e.g. 754, but not 467. However, there are
|
28
|
+
# some Windows quirks to be aware of.
|
29
|
+
#
|
30
|
+
# * The owner can be either a user or group SID, and most system files
|
31
|
+
# are owned by the Administrators group.
|
32
|
+
# * The group can be either a user or group SID.
|
33
|
+
# * Unexpected results can occur if the owner and group are the
|
34
|
+
# same, but the user and group classes are different, e.g. 750. In
|
35
|
+
# this case, it is not possible to allow write access to the owner,
|
36
|
+
# but not the group. As a result, the actual permissions set on the
|
37
|
+
# file would be 770.
|
38
|
+
# * In general, only privileged users can set the owner, group, or
|
39
|
+
# change the mode for files they do not own. In 2003, the user must
|
40
|
+
# be a member of the Administrators group. In Vista/2008, the user
|
41
|
+
# must be running with elevated privileges.
|
42
|
+
# * A file/dir can be deleted by anyone with the DELETE access right
|
43
|
+
# OR by anyone that has the FILE_DELETE_CHILD access right for the
|
44
|
+
# parent. See http://support.microsoft.com/kb/238018. But on Unix,
|
45
|
+
# the user must have write access to the file/dir AND execute access
|
46
|
+
# to all of the parent path components.
|
47
|
+
# * Many access control entries are inherited from parent directories,
|
48
|
+
# and it is common for file/dirs to have more than 3 entries,
|
49
|
+
# e.g. Users, Power Users, Administrators, SYSTEM, etc, which cannot
|
50
|
+
# be mapped into the 3 class POSIX model. The get_mode method will
|
51
|
+
# set the S_IEXTRA bit flag indicating that an access control entry
|
52
|
+
# was found whose SID is neither the owner, group, or other. This
|
53
|
+
# enables Puppet to detect when file/dirs are out-of-sync,
|
54
|
+
# especially those that Puppet did not create, but is attempting
|
55
|
+
# to manage.
|
56
|
+
# * On Unix, the owner and group can be modified without changing the
|
57
|
+
# mode. But on Windows, an access control entry specifies which SID
|
58
|
+
# it applies to. As a result, the set_owner and set_group methods
|
59
|
+
# automatically rebuild the access control list based on the new
|
60
|
+
# (and different) owner or group.
|
61
|
+
|
62
|
+
require 'puppet/util/windows'
|
63
|
+
require 'pathname'
|
64
|
+
|
65
|
+
require 'win32/security'
|
66
|
+
|
67
|
+
require 'windows/file'
|
68
|
+
require 'windows/handle'
|
69
|
+
require 'windows/security'
|
70
|
+
require 'windows/process'
|
71
|
+
require 'windows/memory'
|
72
|
+
require 'windows/volume'
|
73
|
+
|
74
|
+
module Puppet::Util::Windows::Security
|
75
|
+
include ::Windows::File
|
76
|
+
include ::Windows::Handle
|
77
|
+
include ::Windows::Security
|
78
|
+
include ::Windows::Process
|
79
|
+
include ::Windows::Memory
|
80
|
+
include ::Windows::MSVCRT::Buffer
|
81
|
+
include ::Windows::Volume
|
82
|
+
|
83
|
+
include Puppet::Util::Windows::SID
|
84
|
+
|
85
|
+
extend Puppet::Util::Windows::Security
|
86
|
+
|
87
|
+
# file modes
|
88
|
+
S_IRUSR = 0000400
|
89
|
+
S_IRGRP = 0000040
|
90
|
+
S_IROTH = 0000004
|
91
|
+
S_IWUSR = 0000200
|
92
|
+
S_IWGRP = 0000020
|
93
|
+
S_IWOTH = 0000002
|
94
|
+
S_IXUSR = 0000100
|
95
|
+
S_IXGRP = 0000010
|
96
|
+
S_IXOTH = 0000001
|
97
|
+
S_IRWXU = 0000700
|
98
|
+
S_IRWXG = 0000070
|
99
|
+
S_IRWXO = 0000007
|
100
|
+
S_ISVTX = 0001000
|
101
|
+
S_IEXTRA = 02000000 # represents an extra ace
|
102
|
+
|
103
|
+
# constants that are missing from Windows::Security
|
104
|
+
PROTECTED_DACL_SECURITY_INFORMATION = 0x80000000
|
105
|
+
UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000
|
106
|
+
NO_INHERITANCE = 0x0
|
107
|
+
|
108
|
+
# Set the owner of the object referenced by +path+ to the specified
|
109
|
+
# +owner_sid+. The owner sid should be of the form "S-1-5-32-544"
|
110
|
+
# and can either be a user or group. Only a user with the
|
111
|
+
# SE_RESTORE_NAME privilege in their process token can overwrite the
|
112
|
+
# object's owner to something other than the current user.
|
113
|
+
def set_owner(owner_sid, path)
|
114
|
+
old_sid = get_owner(path)
|
115
|
+
|
116
|
+
change_sid(old_sid, owner_sid, OWNER_SECURITY_INFORMATION, path)
|
117
|
+
end
|
118
|
+
|
119
|
+
# Get the owner of the object referenced by +path+. The returned
|
120
|
+
# value is a SID string, e.g. "S-1-5-32-544". Any user with read
|
121
|
+
# access to an object can get the owner. Only a user with the
|
122
|
+
# SE_BACKUP_NAME privilege in their process token can get the owner
|
123
|
+
# for objects they do not have read access to.
|
124
|
+
def get_owner(path)
|
125
|
+
return unless supports_acl?(path)
|
126
|
+
|
127
|
+
get_sid(OWNER_SECURITY_INFORMATION, path)
|
128
|
+
end
|
129
|
+
|
130
|
+
# Set the owner of the object referenced by +path+ to the specified
|
131
|
+
# +group_sid+. The group sid should be of the form "S-1-5-32-544"
|
132
|
+
# and can either be a user or group. Any user with WRITE_OWNER
|
133
|
+
# access to the object can change the group (regardless of whether
|
134
|
+
# the current user belongs to that group or not).
|
135
|
+
def set_group(group_sid, path)
|
136
|
+
old_sid = get_group(path)
|
137
|
+
|
138
|
+
change_sid(old_sid, group_sid, GROUP_SECURITY_INFORMATION, path)
|
139
|
+
end
|
140
|
+
|
141
|
+
# Get the group of the object referenced by +path+. The returned
|
142
|
+
# value is a SID string, e.g. "S-1-5-32-544". Any user with read
|
143
|
+
# access to an object can get the group. Only a user with the
|
144
|
+
# SE_BACKUP_NAME privilege in their process token can get the group
|
145
|
+
# for objects they do not have read access to.
|
146
|
+
def get_group(path)
|
147
|
+
return unless supports_acl?(path)
|
148
|
+
|
149
|
+
get_sid(GROUP_SECURITY_INFORMATION, path)
|
150
|
+
end
|
151
|
+
|
152
|
+
def supports_acl?(path)
|
153
|
+
flags = 0.chr * 4
|
154
|
+
|
155
|
+
root = Pathname.new(path).enum_for(:ascend).to_a.last.to_s
|
156
|
+
# 'A trailing backslash is required'
|
157
|
+
root = "#{root}\\" unless root =~ /[\/\\]$/
|
158
|
+
unless GetVolumeInformation(root, nil, 0, nil, nil, flags, nil, 0)
|
159
|
+
raise Puppet::Util::Windows::Error.new("Failed to get volume information")
|
160
|
+
end
|
161
|
+
|
162
|
+
(flags.unpack('L')[0] & Windows::File::FILE_PERSISTENT_ACLS) != 0
|
163
|
+
end
|
164
|
+
|
165
|
+
def change_sid(old_sid, new_sid, info, path)
|
166
|
+
if old_sid != new_sid
|
167
|
+
mode = get_mode(path)
|
168
|
+
|
169
|
+
string_to_sid_ptr(new_sid) do |psid|
|
170
|
+
with_privilege(SE_RESTORE_NAME) do
|
171
|
+
open_file(path, WRITE_OWNER) do |handle|
|
172
|
+
set_security_info(handle, info, psid)
|
173
|
+
end
|
174
|
+
end
|
175
|
+
end
|
176
|
+
|
177
|
+
# rebuild dacl now that sid has changed
|
178
|
+
set_mode(mode, path)
|
179
|
+
end
|
180
|
+
end
|
181
|
+
|
182
|
+
def get_sid(info, path)
|
183
|
+
with_privilege(SE_BACKUP_NAME) do
|
184
|
+
open_file(path, READ_CONTROL) do |handle|
|
185
|
+
get_security_info(handle, info)
|
186
|
+
end
|
187
|
+
end
|
188
|
+
end
|
189
|
+
|
190
|
+
def get_attributes(path)
|
191
|
+
attributes = GetFileAttributes(path)
|
192
|
+
|
193
|
+
raise Puppet::Util::Windows::Error.new("Failed to get file attributes") if attributes == INVALID_FILE_ATTRIBUTES
|
194
|
+
|
195
|
+
attributes
|
196
|
+
end
|
197
|
+
|
198
|
+
def add_attributes(path, flags)
|
199
|
+
oldattrs = get_attributes(path)
|
200
|
+
|
201
|
+
if (oldattrs | flags) != oldattrs
|
202
|
+
set_attributes(path, oldattrs | flags)
|
203
|
+
end
|
204
|
+
end
|
205
|
+
|
206
|
+
def remove_attributes(path, flags)
|
207
|
+
oldattrs = get_attributes(path)
|
208
|
+
|
209
|
+
if (oldattrs & ~flags) != oldattrs
|
210
|
+
set_attributes(path, oldattrs & ~flags)
|
211
|
+
end
|
212
|
+
end
|
213
|
+
|
214
|
+
def set_attributes(path, flags)
|
215
|
+
raise Puppet::Util::Windows::Error.new("Failed to set file attributes") unless SetFileAttributes(path, flags)
|
216
|
+
end
|
217
|
+
|
218
|
+
MASK_TO_MODE = {
|
219
|
+
FILE_GENERIC_READ => S_IROTH,
|
220
|
+
FILE_GENERIC_WRITE => S_IWOTH,
|
221
|
+
(FILE_GENERIC_EXECUTE & ~FILE_READ_ATTRIBUTES) => S_IXOTH
|
222
|
+
}
|
223
|
+
|
224
|
+
# Get the mode of the object referenced by +path+. The returned
|
225
|
+
# integer value represents the POSIX-style read, write, and execute
|
226
|
+
# modes for the user, group, and other classes, e.g. 0640. Any user
|
227
|
+
# with read access to an object can get the mode. Only a user with
|
228
|
+
# the SE_BACKUP_NAME privilege in their process token can get the
|
229
|
+
# mode for objects they do not have read access to.
|
230
|
+
def get_mode(path)
|
231
|
+
return unless supports_acl?(path)
|
232
|
+
|
233
|
+
owner_sid = get_owner(path)
|
234
|
+
group_sid = get_group(path)
|
235
|
+
well_known_world_sid = Win32::Security::SID::Everyone
|
236
|
+
well_known_nobody_sid = Win32::Security::SID::Nobody
|
237
|
+
|
238
|
+
with_privilege(SE_BACKUP_NAME) do
|
239
|
+
open_file(path, READ_CONTROL) do |handle|
|
240
|
+
mode = 0
|
241
|
+
|
242
|
+
get_dacl(handle).each do |ace|
|
243
|
+
case ace[:sid]
|
244
|
+
when owner_sid
|
245
|
+
MASK_TO_MODE.each_pair do |k,v|
|
246
|
+
if (ace[:mask] & k) == k
|
247
|
+
mode |= (v << 6)
|
248
|
+
end
|
249
|
+
end
|
250
|
+
when group_sid
|
251
|
+
MASK_TO_MODE.each_pair do |k,v|
|
252
|
+
if (ace[:mask] & k) == k
|
253
|
+
mode |= (v << 3)
|
254
|
+
end
|
255
|
+
end
|
256
|
+
when well_known_world_sid
|
257
|
+
MASK_TO_MODE.each_pair do |k,v|
|
258
|
+
if (ace[:mask] & k) == k
|
259
|
+
mode |= (v << 6) | (v << 3) | v
|
260
|
+
end
|
261
|
+
end
|
262
|
+
if File.directory?(path) and (ace[:mask] & (FILE_WRITE_DATA | FILE_EXECUTE | FILE_DELETE_CHILD)) == (FILE_WRITE_DATA | FILE_EXECUTE)
|
263
|
+
mode |= S_ISVTX;
|
264
|
+
end
|
265
|
+
when well_known_nobody_sid
|
266
|
+
if (ace[:mask] & FILE_APPEND_DATA).nonzero?
|
267
|
+
mode |= S_ISVTX
|
268
|
+
end
|
269
|
+
else
|
270
|
+
#puts "Warning, unable to map SID into POSIX mode: #{ace[:sid]}"
|
271
|
+
mode |= S_IEXTRA
|
272
|
+
end
|
273
|
+
|
274
|
+
# if owner and group the same, then user and group modes are the OR of both
|
275
|
+
if owner_sid == group_sid
|
276
|
+
mode |= ((mode & S_IRWXG) << 3) | ((mode & S_IRWXU) >> 3)
|
277
|
+
#puts "owner: #{group_sid}, 0x#{ace[:mask].to_s(16)}, #{mode.to_s(8)}"
|
278
|
+
end
|
279
|
+
end
|
280
|
+
|
281
|
+
#puts "get_mode: #{mode.to_s(8)}"
|
282
|
+
mode
|
283
|
+
end
|
284
|
+
end
|
285
|
+
end
|
286
|
+
|
287
|
+
MODE_TO_MASK = {
|
288
|
+
S_IROTH => FILE_GENERIC_READ,
|
289
|
+
S_IWOTH => FILE_GENERIC_WRITE,
|
290
|
+
S_IXOTH => (FILE_GENERIC_EXECUTE & ~FILE_READ_ATTRIBUTES),
|
291
|
+
}
|
292
|
+
|
293
|
+
# Set the mode of the object referenced by +path+ to the specified
|
294
|
+
# +mode+. The mode should be specified as POSIX-stye read, write,
|
295
|
+
# and execute modes for the user, group, and other classes,
|
296
|
+
# e.g. 0640. The sticky bit, S_ISVTX, is supported, but is only
|
297
|
+
# meaningful for directories. If set, group and others are not
|
298
|
+
# allowed to delete child objects for which they are not the owner.
|
299
|
+
# By default, the DACL is set to protected, meaning it does not
|
300
|
+
# inherit access control entries from parent objects. This can be
|
301
|
+
# changed by setting +protected+ to false. The owner of the object
|
302
|
+
# (with READ_CONTROL and WRITE_DACL access) can always change the
|
303
|
+
# mode. Only a user with the SE_BACKUP_NAME and SE_RESTORE_NAME
|
304
|
+
# privileges in their process token can change the mode for objects
|
305
|
+
# that they do not have read and write access to.
|
306
|
+
def set_mode(mode, path, protected = true)
|
307
|
+
owner_sid = get_owner(path)
|
308
|
+
group_sid = get_group(path)
|
309
|
+
well_known_world_sid = Win32::Security::SID::Everyone
|
310
|
+
well_known_nobody_sid = Win32::Security::SID::Nobody
|
311
|
+
|
312
|
+
owner_allow = STANDARD_RIGHTS_ALL | FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES
|
313
|
+
group_allow = STANDARD_RIGHTS_READ | FILE_READ_ATTRIBUTES | SYNCHRONIZE
|
314
|
+
other_allow = STANDARD_RIGHTS_READ | FILE_READ_ATTRIBUTES | SYNCHRONIZE
|
315
|
+
nobody_allow = 0
|
316
|
+
|
317
|
+
MODE_TO_MASK.each do |k,v|
|
318
|
+
if ((mode >> 6) & k) == k
|
319
|
+
owner_allow |= v
|
320
|
+
end
|
321
|
+
if ((mode >> 3) & k) == k
|
322
|
+
group_allow |= v
|
323
|
+
end
|
324
|
+
if (mode & k) == k
|
325
|
+
other_allow |= v
|
326
|
+
end
|
327
|
+
end
|
328
|
+
|
329
|
+
if (mode & S_ISVTX).nonzero?
|
330
|
+
nobody_allow |= FILE_APPEND_DATA;
|
331
|
+
end
|
332
|
+
|
333
|
+
isdir = File.directory?(path)
|
334
|
+
|
335
|
+
if isdir
|
336
|
+
if (mode & (S_IWUSR | S_IXUSR)) == (S_IWUSR | S_IXUSR)
|
337
|
+
owner_allow |= FILE_DELETE_CHILD
|
338
|
+
end
|
339
|
+
if (mode & (S_IWGRP | S_IXGRP)) == (S_IWGRP | S_IXGRP) and (mode & S_ISVTX) == 0
|
340
|
+
group_allow |= FILE_DELETE_CHILD
|
341
|
+
end
|
342
|
+
if (mode & (S_IWOTH | S_IXOTH)) == (S_IWOTH | S_IXOTH) and (mode & S_ISVTX) == 0
|
343
|
+
other_allow |= FILE_DELETE_CHILD
|
344
|
+
end
|
345
|
+
end
|
346
|
+
|
347
|
+
# if owner and group the same, then map group permissions to the one owner ACE
|
348
|
+
isownergroup = owner_sid == group_sid
|
349
|
+
if isownergroup
|
350
|
+
owner_allow |= group_allow
|
351
|
+
end
|
352
|
+
|
353
|
+
# if any ACE allows write, then clear readonly bit, but do this before we overwrite
|
354
|
+
# the DACl and lose our ability to set the attribute
|
355
|
+
if ((owner_allow | group_allow | other_allow ) & FILE_WRITE_DATA) == FILE_WRITE_DATA
|
356
|
+
remove_attributes(path, FILE_ATTRIBUTE_READONLY)
|
357
|
+
end
|
358
|
+
|
359
|
+
set_acl(path, protected) do |acl|
|
360
|
+
#puts "ace: owner #{owner_sid}, mask 0x#{owner_allow.to_s(16)}"
|
361
|
+
add_access_allowed_ace(acl, owner_allow, owner_sid)
|
362
|
+
|
363
|
+
unless isownergroup
|
364
|
+
#puts "ace: group #{group_sid}, mask 0x#{group_allow.to_s(16)}"
|
365
|
+
add_access_allowed_ace(acl, group_allow, group_sid)
|
366
|
+
end
|
367
|
+
|
368
|
+
#puts "ace: other #{well_known_world_sid}, mask 0x#{other_allow.to_s(16)}"
|
369
|
+
add_access_allowed_ace(acl, other_allow, well_known_world_sid)
|
370
|
+
|
371
|
+
#puts "ace: nobody #{well_known_nobody_sid}, mask 0x#{nobody_allow.to_s(16)}"
|
372
|
+
add_access_allowed_ace(acl, nobody_allow, well_known_nobody_sid)
|
373
|
+
|
374
|
+
# add inherit-only aces for child dirs and files that are created within the dir
|
375
|
+
if isdir
|
376
|
+
inherit = INHERIT_ONLY_ACE | CONTAINER_INHERIT_ACE
|
377
|
+
add_access_allowed_ace(acl, owner_allow, Win32::Security::SID::CreatorOwner, inherit)
|
378
|
+
add_access_allowed_ace(acl, group_allow, Win32::Security::SID::CreatorGroup, inherit)
|
379
|
+
|
380
|
+
inherit = INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE
|
381
|
+
add_access_allowed_ace(acl, owner_allow & ~FILE_EXECUTE, Win32::Security::SID::CreatorOwner, inherit)
|
382
|
+
add_access_allowed_ace(acl, group_allow & ~FILE_EXECUTE, Win32::Security::SID::CreatorGroup, inherit)
|
383
|
+
end
|
384
|
+
end
|
385
|
+
|
386
|
+
nil
|
387
|
+
end
|
388
|
+
|
389
|
+
# setting DACL requires both READ_CONTROL and WRITE_DACL access rights,
|
390
|
+
# and their respective privileges, SE_BACKUP_NAME and SE_RESTORE_NAME.
|
391
|
+
def set_acl(path, protected = true)
|
392
|
+
with_privilege(SE_BACKUP_NAME) do
|
393
|
+
with_privilege(SE_RESTORE_NAME) do
|
394
|
+
open_file(path, READ_CONTROL | WRITE_DAC) do |handle|
|
395
|
+
acl = 0.chr * 1024 # This can be increased later as needed
|
396
|
+
|
397
|
+
unless InitializeAcl(acl, acl.size, ACL_REVISION)
|
398
|
+
raise Puppet::Util::Windows::Error.new("Failed to initialize ACL")
|
399
|
+
end
|
400
|
+
|
401
|
+
raise Puppet::Util::Windows::Error.new("Invalid DACL") unless IsValidAcl(acl)
|
402
|
+
|
403
|
+
yield acl
|
404
|
+
|
405
|
+
# protected means the object does not inherit aces from its parent
|
406
|
+
info = DACL_SECURITY_INFORMATION
|
407
|
+
info |= protected ? PROTECTED_DACL_SECURITY_INFORMATION : UNPROTECTED_DACL_SECURITY_INFORMATION
|
408
|
+
|
409
|
+
# set the DACL
|
410
|
+
set_security_info(handle, info, acl)
|
411
|
+
end
|
412
|
+
end
|
413
|
+
end
|
414
|
+
end
|
415
|
+
|
416
|
+
def add_access_allowed_ace(acl, mask, sid, inherit = NO_INHERITANCE)
|
417
|
+
string_to_sid_ptr(sid) do |sid_ptr|
|
418
|
+
raise Puppet::Util::Windows::Error.new("Invalid SID") unless IsValidSid(sid_ptr)
|
419
|
+
|
420
|
+
unless AddAccessAllowedAceEx(acl, ACL_REVISION, inherit, mask, sid_ptr)
|
421
|
+
raise Puppet::Util::Windows::Error.new("Failed to add access control entry")
|
422
|
+
end
|
423
|
+
end
|
424
|
+
end
|
425
|
+
|
426
|
+
def add_access_denied_ace(acl, mask, sid)
|
427
|
+
string_to_sid_ptr(sid) do |sid_ptr|
|
428
|
+
raise Puppet::Util::Windows::Error.new("Invalid SID") unless IsValidSid(sid_ptr)
|
429
|
+
|
430
|
+
unless AddAccessDeniedAce(acl, ACL_REVISION, mask, sid_ptr)
|
431
|
+
raise Puppet::Util::Windows::Error.new("Failed to add access control entry")
|
432
|
+
end
|
433
|
+
end
|
434
|
+
end
|
435
|
+
|
436
|
+
def get_dacl(handle)
|
437
|
+
get_dacl_ptr(handle) do |dacl_ptr|
|
438
|
+
# REMIND: need to handle NULL DACL
|
439
|
+
raise Puppet::Util::Windows::Error.new("Invalid DACL") unless IsValidAcl(dacl_ptr)
|
440
|
+
|
441
|
+
# ACL structure, size and count are the important parts. The
|
442
|
+
# size includes both the ACL structure and all the ACEs.
|
443
|
+
#
|
444
|
+
# BYTE AclRevision
|
445
|
+
# BYTE Padding1
|
446
|
+
# WORD AclSize
|
447
|
+
# WORD AceCount
|
448
|
+
# WORD Padding2
|
449
|
+
acl_buf = 0.chr * 8
|
450
|
+
memcpy(acl_buf, dacl_ptr, acl_buf.size)
|
451
|
+
ace_count = acl_buf.unpack('CCSSS')[3]
|
452
|
+
|
453
|
+
dacl = []
|
454
|
+
|
455
|
+
# deny all
|
456
|
+
return dacl if ace_count == 0
|
457
|
+
|
458
|
+
0.upto(ace_count - 1) do |i|
|
459
|
+
ace_ptr = [0].pack('L')
|
460
|
+
|
461
|
+
next unless GetAce(dacl_ptr, i, ace_ptr)
|
462
|
+
|
463
|
+
# ACE structures vary depending on the type. All structures
|
464
|
+
# begin with an ACE header, which specifies the type, flags
|
465
|
+
# and size of what follows. We are only concerned with
|
466
|
+
# ACCESS_ALLOWED_ACE and ACCESS_DENIED_ACEs, which have the
|
467
|
+
# same structure:
|
468
|
+
#
|
469
|
+
# BYTE C AceType
|
470
|
+
# BYTE C AceFlags
|
471
|
+
# WORD S AceSize
|
472
|
+
# DWORD L ACCESS_MASK
|
473
|
+
# DWORD L Sid
|
474
|
+
# .. ...
|
475
|
+
# DWORD L Sid
|
476
|
+
|
477
|
+
ace_buf = 0.chr * 8
|
478
|
+
memcpy(ace_buf, ace_ptr.unpack('L')[0], ace_buf.size)
|
479
|
+
|
480
|
+
ace_type, ace_flags, size, mask = ace_buf.unpack('CCSL')
|
481
|
+
|
482
|
+
# skip aces that only serve to propagate inheritance
|
483
|
+
next if (ace_flags & INHERIT_ONLY_ACE).nonzero?
|
484
|
+
|
485
|
+
case ace_type
|
486
|
+
when ACCESS_ALLOWED_ACE_TYPE
|
487
|
+
sid_ptr = ace_ptr.unpack('L')[0] + 8 # address of ace_ptr->SidStart
|
488
|
+
raise Puppet::Util::Windows::Error.new("Failed to read DACL, invalid SID") unless IsValidSid(sid_ptr)
|
489
|
+
sid = sid_ptr_to_string(sid_ptr)
|
490
|
+
dacl << {:sid => sid, :type => ace_type, :mask => mask}
|
491
|
+
else
|
492
|
+
Puppet.warning "Unsupported access control entry type: 0x#{ace_type.to_s(16)}"
|
493
|
+
end
|
494
|
+
end
|
495
|
+
|
496
|
+
dacl
|
497
|
+
end
|
498
|
+
end
|
499
|
+
|
500
|
+
def get_dacl_ptr(handle)
|
501
|
+
dacl = [0].pack('L')
|
502
|
+
sd = [0].pack('L')
|
503
|
+
|
504
|
+
rv = GetSecurityInfo(
|
505
|
+
handle,
|
506
|
+
SE_FILE_OBJECT,
|
507
|
+
DACL_SECURITY_INFORMATION,
|
508
|
+
nil,
|
509
|
+
nil,
|
510
|
+
dacl, #dacl
|
511
|
+
nil, #sacl
|
512
|
+
sd) #sec desc
|
513
|
+
raise Puppet::Util::Windows::Error.new("Failed to get DACL") unless rv == ERROR_SUCCESS
|
514
|
+
begin
|
515
|
+
yield dacl.unpack('L')[0]
|
516
|
+
ensure
|
517
|
+
LocalFree(sd.unpack('L')[0])
|
518
|
+
end
|
519
|
+
end
|
520
|
+
|
521
|
+
# Set the security info on the specified handle.
|
522
|
+
def set_security_info(handle, info, ptr)
|
523
|
+
rv = SetSecurityInfo(
|
524
|
+
handle,
|
525
|
+
SE_FILE_OBJECT,
|
526
|
+
info,
|
527
|
+
(info & OWNER_SECURITY_INFORMATION) == OWNER_SECURITY_INFORMATION ? ptr : nil,
|
528
|
+
(info & GROUP_SECURITY_INFORMATION) == GROUP_SECURITY_INFORMATION ? ptr : nil,
|
529
|
+
(info & DACL_SECURITY_INFORMATION) == DACL_SECURITY_INFORMATION ? ptr : nil,
|
530
|
+
nil)
|
531
|
+
raise Puppet::Util::Windows::Error.new("Failed to set security information") unless rv == ERROR_SUCCESS
|
532
|
+
end
|
533
|
+
|
534
|
+
# Get the SID string, e.g. "S-1-5-32-544", for the specified handle
|
535
|
+
# and type of information (owner, group).
|
536
|
+
def get_security_info(handle, info)
|
537
|
+
sid = [0].pack('L')
|
538
|
+
sd = [0].pack('L')
|
539
|
+
|
540
|
+
rv = GetSecurityInfo(
|
541
|
+
handle,
|
542
|
+
SE_FILE_OBJECT,
|
543
|
+
info, # security info
|
544
|
+
info == OWNER_SECURITY_INFORMATION ? sid : nil,
|
545
|
+
info == GROUP_SECURITY_INFORMATION ? sid : nil,
|
546
|
+
nil, #dacl
|
547
|
+
nil, #sacl
|
548
|
+
sd) #sec desc
|
549
|
+
raise Puppet::Util::Windows::Error.new("Failed to get security information") unless rv == ERROR_SUCCESS
|
550
|
+
|
551
|
+
begin
|
552
|
+
return sid_ptr_to_string(sid.unpack('L')[0])
|
553
|
+
ensure
|
554
|
+
LocalFree(sd.unpack('L')[0])
|
555
|
+
end
|
556
|
+
end
|
557
|
+
|
558
|
+
# Open an existing file with the specified access mode, and execute a
|
559
|
+
# block with the opened file HANDLE.
|
560
|
+
def open_file(path, access)
|
561
|
+
handle = CreateFile(
|
562
|
+
path,
|
563
|
+
access,
|
564
|
+
FILE_SHARE_READ | FILE_SHARE_WRITE,
|
565
|
+
0, # security_attributes
|
566
|
+
OPEN_EXISTING,
|
567
|
+
FILE_FLAG_BACKUP_SEMANTICS,
|
568
|
+
0) # template
|
569
|
+
raise Puppet::Util::Windows::Error.new("Failed to open '#{path}'") if handle == INVALID_HANDLE_VALUE
|
570
|
+
begin
|
571
|
+
yield handle
|
572
|
+
ensure
|
573
|
+
CloseHandle(handle)
|
574
|
+
end
|
575
|
+
end
|
576
|
+
|
577
|
+
# Execute a block with the specified privilege enabled
|
578
|
+
def with_privilege(privilege)
|
579
|
+
set_privilege(privilege, true)
|
580
|
+
yield
|
581
|
+
ensure
|
582
|
+
set_privilege(privilege, false)
|
583
|
+
end
|
584
|
+
|
585
|
+
# Enable or disable a privilege. Note this doesn't add any privileges the
|
586
|
+
# user doesn't already has, it just enables privileges that are disabled.
|
587
|
+
def set_privilege(privilege, enable)
|
588
|
+
return unless Puppet.features.root?
|
589
|
+
|
590
|
+
with_process_token(TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY) do |token|
|
591
|
+
tmpLuid = 0.chr * 8
|
592
|
+
|
593
|
+
# Get the LUID for specified privilege.
|
594
|
+
unless LookupPrivilegeValue("", privilege, tmpLuid)
|
595
|
+
raise Puppet::Util::Windows::Error.new("Failed to lookup privilege")
|
596
|
+
end
|
597
|
+
|
598
|
+
# DWORD + [LUID + DWORD]
|
599
|
+
tkp = [1].pack('L') + tmpLuid + [enable ? SE_PRIVILEGE_ENABLED : 0].pack('L')
|
600
|
+
|
601
|
+
unless AdjustTokenPrivileges(token, 0, tkp, tkp.length , nil, nil)
|
602
|
+
raise Puppet::Util::Windows::Error.new("Failed to adjust process privileges")
|
603
|
+
end
|
604
|
+
end
|
605
|
+
end
|
606
|
+
|
607
|
+
# Execute a block with the current process token
|
608
|
+
def with_process_token(access)
|
609
|
+
token = 0.chr * 4
|
610
|
+
|
611
|
+
unless OpenProcessToken(GetCurrentProcess(), access, token)
|
612
|
+
raise Puppet::Util::Windows::Error.new("Failed to open process token")
|
613
|
+
end
|
614
|
+
begin
|
615
|
+
token = token.unpack('L')[0]
|
616
|
+
|
617
|
+
yield token
|
618
|
+
ensure
|
619
|
+
CloseHandle(token)
|
620
|
+
end
|
621
|
+
end
|
622
|
+
end
|