puppet 0.18.4 → 0.22.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CHANGELOG +288 -0
- data/README +2 -2
- data/Rakefile +78 -5
- data/bin/puppet +28 -36
- data/bin/puppetca +81 -38
- data/bin/puppetd +65 -62
- data/bin/puppetdoc +409 -140
- data/bin/puppetmasterd +59 -47
- data/bin/puppetrun +38 -23
- data/conf/freebsd/puppetd +26 -0
- data/conf/freebsd/puppetmasterd +26 -0
- data/conf/gentoo/conf.d/puppet +5 -0
- data/conf/gentoo/conf.d/puppetmaster +12 -0
- data/conf/gentoo/init.d/puppet +38 -0
- data/conf/gentoo/init.d/puppetmaster +50 -0
- data/conf/gentoo/puppet/fileserver.conf +12 -0
- data/conf/gentoo/puppet/puppetca.conf +29 -0
- data/conf/gentoo/puppet/puppetd.conf +29 -0
- data/conf/gentoo/puppet/puppetmasterd.conf +29 -0
- data/conf/redhat/client.init +10 -5
- data/conf/redhat/client.sysconfig +1 -1
- data/conf/redhat/fileserver.conf +2 -2
- data/conf/redhat/logrotate +1 -1
- data/conf/redhat/no-lockdir.patch +13 -0
- data/conf/redhat/puppet.spec +65 -8
- data/conf/redhat/puppetd.conf +0 -4
- data/conf/redhat/server.init +3 -6
- data/conf/solaris/pkginfo +1 -1
- data/conf/solaris/smf/svc-puppetd +2 -2
- data/conf/suse/client.init +142 -0
- data/conf/suse/puppet.spec +221 -0
- data/conf/suse/server.init +162 -0
- data/examples/code/mac_automount.pp +16 -0
- data/examples/root/bin/sleeper +3 -5
- data/examples/root/etc/init.d/sleeper +8 -2
- data/examples/root/etc/puppet/fileserver.conf +12 -2
- data/examples/root/etc/puppet/namespaceauth.conf +20 -0
- data/examples/root/etc/puppet/puppetd.conf +4 -0
- data/examples/root/etc/puppet/puppetmasterd.conf +6 -9
- data/examples/root/etc/puppet/tagmail.conf +1 -0
- data/ext/emacs/puppet-mode.el +46 -1
- data/ext/logcheck/puppet +15 -0
- data/ext/module_puppet +15 -23
- data/ext/vim/puppet.vim +4 -2
- data/install.rb +2 -1
- data/lib/puppet.rb +76 -207
- data/lib/puppet/configuration.rb +331 -0
- data/lib/puppet/daemon.rb +63 -246
- data/lib/puppet/dsl.rb +371 -0
- data/lib/puppet/element.rb +8 -26
- data/lib/puppet/error.rb +54 -0
- data/lib/puppet/event.rb +8 -243
- data/lib/puppet/{base64.rb → external/base64.rb} +0 -0
- data/lib/puppet/external/event-loop.rb +1 -0
- data/lib/puppet/{event-loop → external/event-loop}/better-definers.rb +0 -0
- data/lib/puppet/{event-loop → external/event-loop}/event-loop.rb +2 -2
- data/lib/puppet/{event-loop → external/event-loop}/signal-system.rb +1 -1
- data/lib/puppet/external/gratr.rb +33 -0
- data/lib/puppet/external/gratr/adjacency_graph.rb +257 -0
- data/lib/puppet/external/gratr/base.rb +34 -0
- data/lib/puppet/external/gratr/biconnected.rb +116 -0
- data/lib/puppet/external/gratr/chinese_postman.rb +123 -0
- data/lib/puppet/external/gratr/common.rb +73 -0
- data/lib/puppet/external/gratr/comparability.rb +92 -0
- data/lib/puppet/external/gratr/digraph.rb +116 -0
- data/lib/puppet/external/gratr/digraph_distance.rb +185 -0
- data/lib/puppet/external/gratr/dot.rb +90 -0
- data/lib/puppet/external/gratr/edge.rb +145 -0
- data/lib/puppet/external/gratr/graph.rb +303 -0
- data/lib/puppet/external/gratr/graph_api.rb +83 -0
- data/lib/puppet/external/gratr/import.rb +44 -0
- data/lib/puppet/external/gratr/labels.rb +90 -0
- data/lib/puppet/external/gratr/maximum_flow.rb +64 -0
- data/lib/puppet/external/gratr/rdot.rb +327 -0
- data/lib/puppet/external/gratr/search.rb +409 -0
- data/lib/puppet/external/gratr/strong_components.rb +127 -0
- data/lib/puppet/external/gratr/undirected_graph.rb +153 -0
- data/lib/puppet/{lock.rb → external/lock.rb} +1 -1
- data/lib/puppet/feature/base.rb +20 -0
- data/lib/puppet/feature/rails.rb +52 -0
- data/lib/puppet/metatype/attributes.rb +719 -0
- data/lib/puppet/metatype/closure.rb +111 -0
- data/lib/puppet/metatype/container.rb +94 -0
- data/lib/puppet/metatype/evaluation.rb +118 -0
- data/lib/puppet/metatype/instances.rb +261 -0
- data/lib/puppet/metatype/manager.rb +169 -0
- data/lib/puppet/metatype/metaparams.rb +409 -0
- data/lib/puppet/metatype/providers.rb +260 -0
- data/lib/puppet/metatype/relationships.rb +116 -0
- data/lib/puppet/metatype/schedules.rb +39 -0
- data/lib/puppet/metatype/tags.rb +39 -0
- data/lib/puppet/modules.rb +113 -0
- data/lib/puppet/network/authconfig.rb +168 -0
- data/lib/puppet/network/authorization.rb +84 -0
- data/lib/puppet/network/authstore.rb +293 -0
- data/lib/puppet/network/client.rb +187 -0
- data/lib/puppet/network/client/ca.rb +56 -0
- data/lib/puppet/network/client/dipper.rb +81 -0
- data/lib/puppet/network/client/file.rb +7 -0
- data/lib/puppet/network/client/logger.rb +6 -0
- data/lib/puppet/network/client/master.rb +644 -0
- data/lib/puppet/{client → network/client}/proxy.rb +3 -3
- data/lib/puppet/{client/reporter.rb → network/client/report.rb} +4 -7
- data/lib/puppet/{client/pelement.rb → network/client/resource.rb} +6 -19
- data/lib/puppet/network/client/runner.rb +13 -0
- data/lib/puppet/network/client/status.rb +5 -0
- data/lib/puppet/network/client_request.rb +32 -0
- data/lib/puppet/network/handler.rb +33 -0
- data/lib/puppet/{server → network/handler}/ca.rb +5 -6
- data/lib/puppet/network/handler/filebucket.rb +180 -0
- data/lib/puppet/{server → network/handler}/fileserver.rb +277 -219
- data/lib/puppet/{server → network/handler}/logger.rb +3 -5
- data/lib/puppet/{server → network/handler}/master.rb +42 -8
- data/lib/puppet/network/handler/report.rb +158 -0
- data/lib/puppet/network/handler/resource.rb +190 -0
- data/lib/puppet/{server → network/handler}/runner.rb +17 -18
- data/lib/puppet/network/handler/status.rb +13 -0
- data/lib/puppet/network/rights.rb +74 -0
- data/lib/puppet/network/server.rb +5 -0
- data/lib/puppet/network/server/mongrel.rb +138 -0
- data/lib/puppet/network/server/webrick.rb +153 -0
- data/lib/puppet/network/xmlrpc/client.rb +129 -0
- data/lib/puppet/network/xmlrpc/processor.rb +91 -0
- data/lib/puppet/network/xmlrpc/server.rb +20 -0
- data/lib/puppet/network/xmlrpc/webrick_servlet.rb +121 -0
- data/lib/puppet/parameter.rb +390 -346
- data/lib/puppet/parser/ast.rb +116 -147
- data/lib/puppet/parser/ast/astarray.rb +17 -33
- data/lib/puppet/parser/ast/branch.rb +2 -0
- data/lib/puppet/parser/ast/caseopt.rb +7 -12
- data/lib/puppet/parser/ast/casestatement.rb +23 -32
- data/lib/puppet/parser/ast/collection.rb +19 -80
- data/lib/puppet/parser/ast/collexpr.rb +81 -0
- data/lib/puppet/parser/ast/component.rb +160 -89
- data/lib/puppet/parser/ast/else.rb +30 -0
- data/lib/puppet/parser/ast/function.rb +9 -2
- data/lib/puppet/parser/ast/hostclass.rb +47 -131
- data/lib/puppet/parser/ast/ifstatement.rb +43 -0
- data/lib/puppet/parser/ast/leaf.rb +10 -21
- data/lib/puppet/parser/ast/node.rb +32 -79
- data/lib/puppet/parser/ast/resourcedef.rb +222 -0
- data/lib/puppet/parser/ast/{typedefaults.rb → resourcedefaults.rb} +10 -16
- data/lib/puppet/parser/ast/resourceoverride.rb +62 -0
- data/lib/puppet/parser/ast/{objectparam.rb → resourceparam.rb} +12 -6
- data/lib/puppet/parser/ast/resourceref.rb +44 -0
- data/lib/puppet/parser/ast/selector.rb +16 -8
- data/lib/puppet/parser/ast/tag.rb +3 -1
- data/lib/puppet/parser/ast/vardef.rb +8 -12
- data/lib/puppet/parser/collector.rb +181 -0
- data/lib/puppet/parser/functions.rb +191 -36
- data/lib/puppet/parser/interpreter.rb +802 -380
- data/lib/puppet/parser/lexer.rb +86 -19
- data/lib/puppet/parser/parser.rb +1123 -960
- data/lib/puppet/parser/resource.rb +353 -0
- data/lib/puppet/parser/resource/param.rb +57 -0
- data/lib/puppet/parser/resource/reference.rb +71 -0
- data/lib/puppet/parser/scope.rb +573 -1000
- data/lib/puppet/parser/templatewrapper.rb +54 -0
- data/lib/puppet/pgraph.rb +208 -0
- data/lib/puppet/propertychange.rb +143 -0
- data/lib/puppet/provider.rb +302 -0
- data/lib/puppet/provider/cron/crontab.rb +187 -0
- data/lib/puppet/provider/group/groupadd.rb +29 -0
- data/lib/puppet/provider/group/netinfo.rb +12 -0
- data/lib/puppet/provider/group/pw.rb +31 -0
- data/lib/puppet/provider/host/netinfo.rb +18 -0
- data/lib/puppet/provider/host/parsed.rb +73 -0
- data/lib/puppet/provider/mount.rb +57 -0
- data/lib/puppet/provider/mount/netinfo.rb +38 -0
- data/lib/puppet/provider/mount/parsed.rb +37 -0
- data/lib/puppet/provider/nameservice.rb +344 -0
- data/lib/puppet/provider/nameservice/netinfo.rb +210 -0
- data/lib/puppet/provider/nameservice/objectadd.rb +45 -0
- data/lib/puppet/provider/nameservice/pw.rb +22 -0
- data/lib/puppet/provider/package/apple.rb +53 -0
- data/lib/puppet/provider/package/apt.rb +119 -0
- data/lib/puppet/provider/package/aptitude.rb +30 -0
- data/lib/puppet/provider/package/aptrpm.rb +79 -0
- data/lib/puppet/provider/package/blastwave.rb +114 -0
- data/lib/puppet/provider/package/darwinport.rb +88 -0
- data/lib/puppet/provider/package/dpkg.rb +109 -0
- data/lib/puppet/provider/package/freebsd.rb +43 -0
- data/lib/puppet/provider/package/gem.rb +104 -0
- data/lib/puppet/provider/package/openbsd.rb +93 -0
- data/lib/puppet/provider/package/pkgdmg.rb +119 -0
- data/lib/puppet/provider/package/portage.rb +112 -0
- data/lib/puppet/provider/package/ports.rb +94 -0
- data/lib/puppet/provider/package/rpm.rb +125 -0
- data/lib/puppet/provider/package/rug.rb +53 -0
- data/lib/puppet/provider/package/sun.rb +168 -0
- data/lib/puppet/provider/package/sunfreeware.rb +9 -0
- data/lib/puppet/provider/package/up2date.rb +45 -0
- data/lib/puppet/provider/package/yum.rb +54 -0
- data/lib/puppet/provider/parsedfile.rb +342 -0
- data/lib/puppet/provider/port/parsed.rb +174 -0
- data/lib/puppet/provider/service/base.rb +136 -0
- data/lib/puppet/provider/service/debian.rb +32 -0
- data/lib/puppet/provider/service/gentoo.rb +49 -0
- data/lib/puppet/{type → provider}/service/init.rb +42 -40
- data/lib/puppet/provider/service/redhat.rb +59 -0
- data/lib/puppet/{type → provider}/service/smf.rb +24 -13
- data/lib/puppet/provider/sshkey/parsed.rb +36 -0
- data/lib/puppet/provider/user/netinfo.rb +106 -0
- data/lib/puppet/provider/user/pw.rb +41 -0
- data/lib/puppet/provider/user/useradd.rb +67 -0
- data/lib/puppet/provider/zone/solaris.rb +208 -0
- data/lib/puppet/rails.rb +102 -66
- data/lib/puppet/rails/database/001_add_indexes.rb +38 -0
- data/lib/puppet/rails/database/schema.rb +89 -0
- data/lib/puppet/rails/external/tagging/acts_as_taggable.rb +62 -0
- data/lib/puppet/rails/external/tagging/init.rb +5 -0
- data/lib/puppet/rails/external/tagging/tag.rb +50 -0
- data/lib/puppet/rails/external/tagging/tagging.rb +12 -0
- data/lib/puppet/rails/fact_name.rb +7 -0
- data/lib/puppet/rails/fact_value.rb +5 -0
- data/lib/puppet/rails/host.rb +95 -46
- data/lib/puppet/rails/param_name.rb +28 -0
- data/lib/puppet/rails/param_value.rb +5 -0
- data/lib/puppet/rails/puppet_class.rb +9 -0
- data/lib/puppet/rails/resource.rb +95 -0
- data/lib/puppet/rails/source_file.rb +5 -0
- data/lib/puppet/relationship.rb +63 -0
- data/lib/puppet/reports/log.rb +14 -0
- data/lib/puppet/reports/rrdgraph.rb +114 -10
- data/lib/puppet/reports/store.rb +64 -0
- data/lib/puppet/reports/tagmail.rb +144 -71
- data/lib/puppet/sslcertificates.rb +38 -5
- data/lib/puppet/sslcertificates/ca.rb +142 -37
- data/lib/puppet/sslcertificates/certificate.rb +3 -3
- data/lib/puppet/sslcertificates/inventory.rb +53 -0
- data/lib/puppet/sslcertificates/support.rb +128 -0
- data/lib/puppet/transaction.rb +568 -189
- data/lib/puppet/transaction/report.rb +14 -3
- data/lib/puppet/transportable.rb +18 -10
- data/lib/puppet/type.rb +279 -2299
- data/lib/puppet/type/component.rb +63 -63
- data/lib/puppet/type/cron.rb +294 -710
- data/lib/puppet/type/exec.rb +185 -129
- data/lib/puppet/type/group.rb +38 -89
- data/lib/puppet/type/host.rb +110 -0
- data/lib/puppet/type/mount.rb +189 -0
- data/lib/puppet/type/notify.rb +47 -0
- data/lib/puppet/type/package.rb +129 -257
- data/lib/puppet/type/parsedtype.rb +172 -297
- data/lib/puppet/type/pfile.rb +540 -319
- data/lib/puppet/type/pfile/checksum.rb +103 -76
- data/lib/puppet/type/pfile/content.rb +16 -10
- data/lib/puppet/type/pfile/ensure.rb +52 -34
- data/lib/puppet/type/pfile/group.rb +25 -18
- data/lib/puppet/type/pfile/mode.rb +7 -4
- data/lib/puppet/type/pfile/{uid.rb → owner.rb} +21 -17
- data/lib/puppet/type/pfile/source.rb +119 -124
- data/lib/puppet/type/pfile/target.rb +29 -45
- data/lib/puppet/type/pfile/type.rb +2 -2
- data/lib/puppet/type/pfilebucket.rb +18 -14
- data/lib/puppet/type/port.rb +121 -0
- data/lib/puppet/type/property.rb +530 -0
- data/lib/puppet/type/resources.rb +150 -0
- data/lib/puppet/type/schedule.rb +38 -22
- data/lib/puppet/type/service.rb +70 -326
- data/lib/puppet/type/sshkey.rb +76 -0
- data/lib/puppet/type/tidy.rb +197 -97
- data/lib/puppet/type/user.rb +107 -183
- data/lib/puppet/type/yumrepo.rb +53 -34
- data/lib/puppet/type/zone.rb +55 -208
- data/lib/puppet/util.rb +239 -201
- data/lib/puppet/util/autoload.rb +107 -0
- data/lib/puppet/util/classgen.rb +208 -0
- data/lib/puppet/{config.rb → util/config.rb} +102 -54
- data/lib/puppet/util/docs.rb +104 -0
- data/lib/puppet/util/errors.rb +55 -0
- data/lib/puppet/util/execution.rb +22 -0
- data/lib/puppet/util/feature.rb +76 -0
- data/lib/puppet/util/fileparsing.rb +380 -0
- data/lib/puppet/util/filetype.rb +300 -0
- data/lib/puppet/util/graph.rb +39 -0
- data/lib/puppet/util/inifile.rb +209 -0
- data/lib/puppet/util/loadedfile.rb +71 -0
- data/lib/puppet/util/log.rb +549 -0
- data/lib/puppet/util/logging.rb +20 -0
- data/lib/puppet/util/metaid.rb +22 -0
- data/lib/puppet/util/methodhelper.rb +37 -0
- data/lib/puppet/util/metric.rb +160 -0
- data/lib/puppet/util/package.rb +31 -0
- data/lib/puppet/util/pidlock.rb +68 -0
- data/lib/puppet/util/plist.rb +24 -0
- data/lib/puppet/util/plist/generator.rb +226 -0
- data/lib/puppet/util/plist/parser.rb +227 -0
- data/lib/puppet/util/posix.rb +87 -0
- data/lib/puppet/util/provider_features.rb +170 -0
- data/lib/puppet/util/rails/collection_merger.rb +42 -0
- data/lib/puppet/util/storage.rb +103 -0
- data/lib/puppet/util/subclass_loader.rb +83 -0
- data/lib/puppet/util/suidmanager.rb +86 -0
- data/lib/puppet/util/variables.rb +39 -0
- data/lib/puppet/util/warnings.rb +15 -0
- data/test/Rakefile +97 -0
- data/test/certmgr/ca.rb +81 -0
- data/test/certmgr/certmgr.rb +77 -50
- data/test/certmgr/inventory.rb +79 -0
- data/test/certmgr/support.rb +81 -0
- data/test/executables/filebucket.rb +49 -0
- data/test/executables/puppetbin.rb +28 -12
- data/test/executables/puppetca.rb +75 -54
- data/test/executables/puppetd.rb +10 -13
- data/test/executables/puppetmasterd.rb +12 -17
- data/test/executables/puppetmodule.rb +18 -17
- data/test/language/ast.rb +242 -798
- data/test/language/ast/casestatement.rb +104 -0
- data/test/language/ast/component.rb +133 -0
- data/test/language/ast/hostclass.rb +162 -0
- data/test/language/ast/selector.rb +62 -0
- data/test/language/ast/variable.rb +31 -0
- data/test/language/collector.rb +369 -0
- data/test/language/functions.rb +305 -18
- data/test/language/interpreter.rb +894 -125
- data/test/language/lexer.rb +98 -12
- data/test/language/node.rb +37 -53
- data/test/language/parser.rb +455 -148
- data/test/language/resource.rb +535 -0
- data/test/language/scope.rb +451 -561
- data/test/language/snippets.rb +101 -111
- data/test/language/transportable.rb +6 -8
- data/test/lib/mocha.rb +19 -0
- data/test/lib/mocha/any_instance_method.rb +35 -0
- data/test/lib/mocha/auto_verify.rb +113 -0
- data/test/lib/mocha/central.rb +35 -0
- data/test/lib/mocha/class_method.rb +62 -0
- data/test/lib/mocha/expectation.rb +295 -0
- data/test/lib/mocha/expectation_error.rb +6 -0
- data/test/lib/mocha/infinite_range.rb +27 -0
- data/test/lib/mocha/inspect.rb +37 -0
- data/test/lib/mocha/instance_method.rb +8 -0
- data/test/lib/mocha/metaclass.rb +7 -0
- data/test/lib/mocha/mock.rb +20 -0
- data/test/lib/mocha/mock_methods.rb +122 -0
- data/test/lib/mocha/object.rb +100 -0
- data/test/lib/mocha/pretty_parameters.rb +28 -0
- data/test/lib/mocha/setup_and_teardown.rb +23 -0
- data/test/lib/mocha/standalone.rb +30 -0
- data/test/lib/mocha/test_case_adapter.rb +49 -0
- data/test/lib/mocha_standalone.rb +2 -0
- data/test/lib/puppettest.rb +294 -0
- data/test/lib/puppettest/certificates.rb +61 -0
- data/test/lib/puppettest/exetest.rb +123 -0
- data/test/lib/puppettest/fakes.rb +194 -0
- data/test/lib/puppettest/fileparsing.rb +33 -0
- data/test/lib/puppettest/filetesting.rb +231 -0
- data/test/lib/puppettest/graph.rb +41 -0
- data/test/lib/puppettest/parsertesting.rb +392 -0
- data/test/lib/puppettest/railstesting.rb +56 -0
- data/test/lib/puppettest/reporttesting.rb +19 -0
- data/test/lib/puppettest/resourcetesting.rb +73 -0
- data/test/lib/puppettest/servertest.rb +72 -0
- data/test/lib/puppettest/support.rb +8 -0
- data/test/lib/puppettest/support/assertions.rb +101 -0
- data/test/lib/puppettest/support/helpers.rb +23 -0
- data/test/lib/puppettest/support/resources.rb +37 -0
- data/test/lib/puppettest/support/utils.rb +160 -0
- data/test/lib/puppettest/testcase.rb +48 -0
- data/test/lib/rake/puppet_test_loader.rb +17 -0
- data/test/lib/rake/puppet_testtask.rb +17 -0
- data/test/lib/spec.rb +8 -0
- data/test/lib/spec/callback.rb +11 -0
- data/test/lib/spec/callback/callback_container.rb +60 -0
- data/test/lib/spec/callback/extensions/module.rb +24 -0
- data/test/lib/spec/callback/extensions/object.rb +37 -0
- data/test/lib/spec/deprecated.rb +3 -0
- data/test/lib/spec/expectations.rb +59 -0
- data/test/lib/spec/expectations/differs/default.rb +62 -0
- data/test/lib/spec/expectations/errors.rb +6 -0
- data/test/lib/spec/expectations/extensions.rb +3 -0
- data/test/lib/spec/expectations/extensions/object.rb +109 -0
- data/test/lib/spec/expectations/extensions/proc.rb +57 -0
- data/test/lib/spec/expectations/extensions/string_and_symbol.rb +17 -0
- data/test/lib/spec/expectations/handler.rb +47 -0
- data/test/lib/spec/expectations/should.rb +5 -0
- data/test/lib/spec/expectations/should/base.rb +64 -0
- data/test/lib/spec/expectations/should/change.rb +69 -0
- data/test/lib/spec/expectations/should/have.rb +128 -0
- data/test/lib/spec/expectations/should/not.rb +74 -0
- data/test/lib/spec/expectations/should/should.rb +81 -0
- data/test/lib/spec/expectations/sugar.rb +47 -0
- data/test/lib/spec/matchers.rb +160 -0
- data/test/lib/spec/matchers/be.rb +161 -0
- data/test/lib/spec/matchers/be_close.rb +37 -0
- data/test/lib/spec/matchers/change.rb +120 -0
- data/test/lib/spec/matchers/eql.rb +43 -0
- data/test/lib/spec/matchers/equal.rb +43 -0
- data/test/lib/spec/matchers/has.rb +44 -0
- data/test/lib/spec/matchers/have.rb +140 -0
- data/test/lib/spec/matchers/include.rb +50 -0
- data/test/lib/spec/matchers/match.rb +41 -0
- data/test/lib/spec/matchers/raise_error.rb +100 -0
- data/test/lib/spec/matchers/respond_to.rb +35 -0
- data/test/lib/spec/matchers/satisfy.rb +47 -0
- data/test/lib/spec/matchers/throw_symbol.rb +75 -0
- data/test/lib/spec/mocks.rb +232 -0
- data/test/lib/spec/mocks/argument_expectation.rb +132 -0
- data/test/lib/spec/mocks/error_generator.rb +85 -0
- data/test/lib/spec/mocks/errors.rb +10 -0
- data/test/lib/spec/mocks/extensions/object.rb +3 -0
- data/test/lib/spec/mocks/message_expectation.rb +231 -0
- data/test/lib/spec/mocks/methods.rb +40 -0
- data/test/lib/spec/mocks/mock.rb +26 -0
- data/test/lib/spec/mocks/mock_handler.rb +166 -0
- data/test/lib/spec/mocks/order_group.rb +29 -0
- data/test/lib/spec/rake/spectask.rb +173 -0
- data/test/lib/spec/rake/verify_rcov.rb +47 -0
- data/test/lib/spec/runner.rb +132 -0
- data/test/lib/spec/runner/backtrace_tweaker.rb +55 -0
- data/test/lib/spec/runner/command_line.rb +34 -0
- data/test/lib/spec/runner/context.rb +154 -0
- data/test/lib/spec/runner/context_eval.rb +142 -0
- data/test/lib/spec/runner/context_runner.rb +55 -0
- data/test/lib/spec/runner/drb_command_line.rb +21 -0
- data/test/lib/spec/runner/execution_context.rb +17 -0
- data/test/lib/spec/runner/extensions/kernel.rb +17 -0
- data/test/lib/spec/runner/extensions/object.rb +32 -0
- data/test/lib/spec/runner/formatter.rb +5 -0
- data/test/lib/spec/runner/formatter/base_text_formatter.rb +118 -0
- data/test/lib/spec/runner/formatter/html_formatter.rb +219 -0
- data/test/lib/spec/runner/formatter/progress_bar_formatter.rb +27 -0
- data/test/lib/spec/runner/formatter/rdoc_formatter.rb +22 -0
- data/test/lib/spec/runner/formatter/specdoc_formatter.rb +23 -0
- data/test/lib/spec/runner/heckle_runner.rb +71 -0
- data/test/lib/spec/runner/heckle_runner_win.rb +10 -0
- data/test/lib/spec/runner/option_parser.rb +224 -0
- data/test/lib/spec/runner/reporter.rb +105 -0
- data/test/lib/spec/runner/spec_matcher.rb +25 -0
- data/test/lib/spec/runner/spec_parser.rb +41 -0
- data/test/lib/spec/runner/spec_should_raise_handler.rb +74 -0
- data/test/lib/spec/runner/specification.rb +114 -0
- data/test/lib/spec/translator.rb +87 -0
- data/test/lib/spec/version.rb +30 -0
- data/test/lib/stubba.rb +2 -0
- data/test/network/authconfig.rb +72 -0
- data/test/network/authorization.rb +138 -0
- data/test/network/authstore.rb +450 -0
- data/test/network/client/ca.rb +38 -0
- data/test/{client → network/client}/client.rb +107 -24
- data/test/network/client/dipper.rb +35 -0
- data/test/network/client/master.rb +627 -0
- data/test/{client/pelement.rb → network/client/resource.rb} +13 -29
- data/test/network/client_request.rb +39 -0
- data/test/network/daemon.rb +71 -0
- data/test/{server → network/handler}/bucket.rb +103 -27
- data/test/{server → network/handler}/ca.rb +14 -19
- data/test/{server → network/handler}/fileserver.rb +443 -68
- data/test/network/handler/handler.rb +64 -0
- data/test/{server → network/handler}/logger.rb +26 -26
- data/test/network/handler/master.rb +352 -0
- data/test/network/handler/report.rb +185 -0
- data/test/{server/pelement.rb → network/handler/resource.rb} +25 -38
- data/test/{server → network/handler}/runner.rb +17 -16
- data/test/network/rights.rb +38 -0
- data/test/network/server/webrick.rb +140 -0
- data/test/network/xmlrpc/client.rb +68 -0
- data/test/network/xmlrpc/processor.rb +80 -0
- data/test/network/xmlrpc/server.rb +28 -0
- data/test/network/xmlrpc/webrick_servlet.rb +26 -0
- data/test/other/dsl.rb +218 -0
- data/test/other/events.rb +22 -15
- data/test/other/overrides.rb +9 -14
- data/test/other/pgraph.rb +289 -0
- data/test/other/propertychange.rb +142 -0
- data/test/other/provider.rb +162 -0
- data/test/other/puppet.rb +63 -10
- data/test/other/relationship.rb +74 -0
- data/test/other/relationships.rb +199 -123
- data/test/other/report.rb +152 -23
- data/test/other/transactions.rb +824 -78
- data/test/puppet/conffiles.rb +16 -11
- data/test/puppet/defaults.rb +7 -10
- data/test/puppet/{error.rb → errortest.rb} +5 -8
- data/test/puppet/modules.rb +58 -0
- data/test/puppet/tc_suidmanager.rb +107 -0
- data/test/rails/host.rb +177 -0
- data/test/rails/rails.rb +27 -0
- data/test/rails/railsparameter.rb +62 -0
- data/test/rails/railsresource.rb +100 -0
- data/test/ral/manager/attributes.rb +296 -0
- data/test/ral/manager/manager.rb +55 -0
- data/test/ral/manager/provider.rb +54 -0
- data/test/ral/manager/type.rb +837 -0
- data/test/ral/providers/cron/crontab.rb +346 -0
- data/test/ral/providers/group.rb +252 -0
- data/test/ral/providers/host/netinfo.rb +58 -0
- data/test/ral/providers/host/parsed.rb +226 -0
- data/test/ral/providers/mount/netinfo.rb +80 -0
- data/test/ral/providers/mount/parsed.rb +223 -0
- data/test/ral/providers/nameservice.rb +33 -0
- data/test/ral/providers/package.rb +253 -0
- data/test/ral/providers/package/apt.rb +89 -0
- data/test/ral/providers/package/aptitude.rb +69 -0
- data/test/ral/providers/package/aptrpm.rb +89 -0
- data/test/ral/providers/package/dpkg.rb +64 -0
- data/test/ral/providers/parsedfile.rb +668 -0
- data/test/ral/providers/parsedport.rb +233 -0
- data/test/ral/providers/provider.rb +423 -0
- data/test/{types → ral/providers}/service.rb +20 -121
- data/test/ral/providers/service/base.rb +75 -0
- data/test/ral/providers/sshkey/parsed.rb +111 -0
- data/test/ral/providers/user.rb +567 -0
- data/test/ral/providers/user/useradd.rb +250 -0
- data/test/ral/types/basic.rb +90 -0
- data/test/ral/types/component.rb +113 -0
- data/test/ral/types/cron.rb +480 -0
- data/test/{types → ral/types}/exec.rb +278 -82
- data/test/ral/types/file.rb +1799 -0
- data/test/ral/types/file/target.rb +363 -0
- data/test/{types → ral/types}/filebucket.rb +15 -17
- data/test/{types → ral/types}/fileignoresource.rb +9 -15
- data/test/ral/types/filesources.rb +1046 -0
- data/test/ral/types/group.rb +169 -0
- data/test/ral/types/host.rb +155 -0
- data/test/ral/types/mount.rb +312 -0
- data/test/ral/types/package.rb +85 -0
- data/test/ral/types/parameter.rb +172 -0
- data/test/ral/types/port.rb +148 -0
- data/test/ral/types/property.rb +343 -0
- data/test/ral/types/resources.rb +221 -0
- data/test/{types → ral/types}/schedule.rb +34 -12
- data/test/ral/types/service.rb +37 -0
- data/test/{types → ral/types}/sshkey.rb +75 -65
- data/test/ral/types/tidy.rb +240 -0
- data/test/ral/types/user.rb +493 -0
- data/test/{types → ral/types}/yumrepo.rb +7 -11
- data/test/{types → ral/types}/zone.rb +45 -45
- data/test/tagging/tagging.rb +17 -26
- data/test/util/autoload.rb +130 -0
- data/test/util/classgen.rb +227 -0
- data/test/{other → util}/config.rb +373 -113
- data/test/util/execution.rb +34 -0
- data/test/util/features.rb +94 -0
- data/test/util/fileparsing.rb +677 -0
- data/test/{other → util}/filetype.rb +9 -12
- data/test/util/graph.rb +108 -0
- data/test/{other → util}/inifile.rb +24 -11
- data/test/util/loadedfile.rb +106 -0
- data/test/{other → util}/log.rb +96 -50
- data/test/{other → util}/metrics.rb +7 -17
- data/test/util/package.rb +27 -0
- data/test/util/pidlock.rb +126 -0
- data/test/util/posixtest.rb +173 -0
- data/test/util/storage.rb +123 -0
- data/test/util/subclass_loader.rb +100 -0
- data/test/util/utiltest.rb +368 -0
- metadata +449 -169
- data/examples/code/classing +0 -35
- data/examples/code/failers/badclassnoparam +0 -10
- data/examples/code/failers/badclassparam +0 -10
- data/examples/code/failers/badcompnoparam +0 -9
- data/examples/code/failers/badcompparam +0 -9
- data/examples/code/failers/badtypeparam +0 -3
- data/examples/code/failers/noobjectrvalue +0 -1
- data/examples/code/snippets/aliastest.pp +0 -16
- data/examples/code/snippets/argumentdefaults +0 -14
- data/examples/code/snippets/casestatement.pp +0 -58
- data/examples/code/snippets/classheirarchy.pp +0 -15
- data/examples/code/snippets/classincludes.pp +0 -17
- data/examples/code/snippets/classpathtest +0 -11
- data/examples/code/snippets/componentmetaparams.pp +0 -11
- data/examples/code/snippets/deepclassheirarchy.pp +0 -23
- data/examples/code/snippets/defineoverrides.pp +0 -17
- data/examples/code/snippets/dirchmod +0 -19
- data/examples/code/snippets/emptyclass.pp +0 -9
- data/examples/code/snippets/emptyexec.pp +0 -3
- data/examples/code/snippets/failmissingexecpath.pp +0 -13
- data/examples/code/snippets/falsevalues.pp +0 -3
- data/examples/code/snippets/filecreate +0 -11
- data/examples/code/snippets/implicititeration +0 -15
- data/examples/code/snippets/multipleinstances +0 -7
- data/examples/code/snippets/namevartest +0 -9
- data/examples/code/snippets/scopetest +0 -13
- data/examples/code/snippets/selectorvalues.pp +0 -42
- data/examples/code/snippets/simpledefaults +0 -5
- data/examples/code/snippets/simpleselector +0 -38
- data/examples/code/snippets/singleary.pp +0 -19
- data/examples/code/snippets/singlequote.pp +0 -11
- data/examples/code/snippets/singleselector.pp +0 -22
- data/examples/code/snippets/tag.pp +0 -9
- data/examples/code/snippets/tagged.pp +0 -35
- data/lib/puppet/client.rb +0 -177
- data/lib/puppet/client/ca.rb +0 -21
- data/lib/puppet/client/dipper.rb +0 -76
- data/lib/puppet/client/file.rb +0 -20
- data/lib/puppet/client/log.rb +0 -17
- data/lib/puppet/client/master.rb +0 -531
- data/lib/puppet/client/runner.rb +0 -17
- data/lib/puppet/client/status.rb +0 -7
- data/lib/puppet/event-loop.rb +0 -1
- data/lib/puppet/filetype.rb +0 -308
- data/lib/puppet/inifile.rb +0 -201
- data/lib/puppet/log.rb +0 -524
- data/lib/puppet/metric.rb +0 -132
- data/lib/puppet/networkclient.rb +0 -175
- data/lib/puppet/parsedfile.rb +0 -58
- data/lib/puppet/parser/ast/classdef.rb +0 -79
- data/lib/puppet/parser/ast/compdef.rb +0 -75
- data/lib/puppet/parser/ast/nodedef.rb +0 -73
- data/lib/puppet/parser/ast/objectdef.rb +0 -284
- data/lib/puppet/parser/ast/objectref.rb +0 -77
- data/lib/puppet/rails/database.rb +0 -40
- data/lib/puppet/rails/rails_object.rb +0 -42
- data/lib/puppet/rails/rails_parameter.rb +0 -5
- data/lib/puppet/server.rb +0 -196
- data/lib/puppet/server/authconfig.rb +0 -177
- data/lib/puppet/server/authstore.rb +0 -226
- data/lib/puppet/server/filebucket.rb +0 -155
- data/lib/puppet/server/pelement.rb +0 -188
- data/lib/puppet/server/report.rb +0 -184
- data/lib/puppet/server/rights.rb +0 -78
- data/lib/puppet/server/servlet.rb +0 -274
- data/lib/puppet/statechange.rb +0 -129
- data/lib/puppet/storage.rb +0 -98
- data/lib/puppet/type/nameservice.rb +0 -264
- data/lib/puppet/type/nameservice/netinfo.rb +0 -232
- data/lib/puppet/type/nameservice/objectadd.rb +0 -146
- data/lib/puppet/type/nameservice/posix.rb +0 -12
- data/lib/puppet/type/nameservice/pw.rb +0 -107
- data/lib/puppet/type/package/apple.rb +0 -41
- data/lib/puppet/type/package/apt.rb +0 -107
- data/lib/puppet/type/package/blastwave.rb +0 -136
- data/lib/puppet/type/package/darwinport.rb +0 -97
- data/lib/puppet/type/package/dpkg.rb +0 -113
- data/lib/puppet/type/package/freebsd.rb +0 -19
- data/lib/puppet/type/package/gem.rb +0 -119
- data/lib/puppet/type/package/openbsd.rb +0 -112
- data/lib/puppet/type/package/ports.rb +0 -103
- data/lib/puppet/type/package/rpm.rb +0 -121
- data/lib/puppet/type/package/sun.rb +0 -174
- data/lib/puppet/type/package/sunfreeware.rb +0 -7
- data/lib/puppet/type/package/yum.rb +0 -52
- data/lib/puppet/type/parsedtype/host.rb +0 -144
- data/lib/puppet/type/parsedtype/mount.rb +0 -271
- data/lib/puppet/type/parsedtype/port.rb +0 -261
- data/lib/puppet/type/parsedtype/sshkey.rb +0 -123
- data/lib/puppet/type/service/base.rb +0 -12
- data/lib/puppet/type/service/debian.rb +0 -46
- data/lib/puppet/type/service/redhat.rb +0 -38
- data/lib/puppet/type/state.rb +0 -393
- data/lib/puppet/type/symlink.rb +0 -186
- data/test/client/master.rb +0 -207
- data/test/language/rails.rb +0 -105
- data/test/other/parsedfile.rb +0 -58
- data/test/other/storage.rb +0 -100
- data/test/puppet/utiltest.rb +0 -299
- data/test/puppettest.rb +0 -1170
- data/test/server/authconfig.rb +0 -56
- data/test/server/authstore.rb +0 -218
- data/test/server/master.rb +0 -201
- data/test/server/report.rb +0 -93
- data/test/server/rights.rb +0 -41
- data/test/server/server.rb +0 -152
- data/test/test +0 -61
- data/test/types/basic.rb +0 -117
- data/test/types/component.rb +0 -298
- data/test/types/cron.rb +0 -718
- data/test/types/file.rb +0 -1314
- data/test/types/filesources.rb +0 -590
- data/test/types/group.rb +0 -323
- data/test/types/host.rb +0 -186
- data/test/types/mount.rb +0 -294
- data/test/types/package.rb +0 -538
- data/test/types/parameter.rb +0 -107
- data/test/types/port.rb +0 -201
- data/test/types/query.rb +0 -101
- data/test/types/state.rb +0 -92
- data/test/types/symlink.rb +0 -120
- data/test/types/tidy.rb +0 -102
- data/test/types/type.rb +0 -469
- data/test/types/user.rb +0 -563
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
# Support for modules
|
|
2
|
+
class Puppet::Module
|
|
3
|
+
|
|
4
|
+
TEMPLATES = "templates"
|
|
5
|
+
FILES = "files"
|
|
6
|
+
MANIFESTS = "manifests"
|
|
7
|
+
|
|
8
|
+
# Return an array of paths by splitting the +modulepath+ config
|
|
9
|
+
# parameter. Only consider paths that are absolute and existing
|
|
10
|
+
# directories
|
|
11
|
+
def self.modulepath
|
|
12
|
+
dirs = Puppet[:modulepath].split(":")
|
|
13
|
+
if ENV["PUPPETLIB"]
|
|
14
|
+
dirs = ENV["PUPPETLIB"].split(":") + dirs
|
|
15
|
+
end
|
|
16
|
+
dirs.select do |p|
|
|
17
|
+
p =~ /^#{File::SEPARATOR}/ && File::directory?(p)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
# Find and return the +module+ that +path+ belongs to. If +path+ is
|
|
22
|
+
# absolute, or if there is no module whose name is the first component
|
|
23
|
+
# of +path+, return +nil+
|
|
24
|
+
def self.find(path)
|
|
25
|
+
if path =~ %r/^#{File::SEPARATOR}/
|
|
26
|
+
return nil
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
modname, rest = path.split(File::SEPARATOR, 2)
|
|
30
|
+
return nil if modname.nil? || modname.empty?
|
|
31
|
+
|
|
32
|
+
modpath = modulepath.collect { |p|
|
|
33
|
+
File::join(p, modname)
|
|
34
|
+
}.find { |f| File::directory?(f) }
|
|
35
|
+
return nil unless modpath
|
|
36
|
+
|
|
37
|
+
return self.new(modname, modpath)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
# Instance methods
|
|
41
|
+
|
|
42
|
+
# Find the concrete file denoted by +file+. If +file+ is absolute,
|
|
43
|
+
# return it directly. Otherwise try to find it as a template in a
|
|
44
|
+
# module. If that fails, return it relative to the +templatedir+ config
|
|
45
|
+
# param.
|
|
46
|
+
# In all cases, an absolute path is returned, which does not
|
|
47
|
+
# necessarily refer to an existing file
|
|
48
|
+
def self.find_template(file)
|
|
49
|
+
if file =~ /^#{File::SEPARATOR}/
|
|
50
|
+
return file
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
mod = find(file)
|
|
54
|
+
if mod
|
|
55
|
+
return mod.template(file)
|
|
56
|
+
else
|
|
57
|
+
return File.join(Puppet[:templatedir], file)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
# Return a list of manifests (as absolute filenames) that match +pat+
|
|
62
|
+
# with the current directory set to +cwd+. If the first component of
|
|
63
|
+
# +pat+ does not contain any wildcards and is an existing module, return
|
|
64
|
+
# a list of manifests in that module matching the rest of +pat+
|
|
65
|
+
# Otherwise, try to find manifests matching +pat+ relative to +cwd+
|
|
66
|
+
def self.find_manifests(pat, cwd = nil)
|
|
67
|
+
cwd ||= Dir.getwd
|
|
68
|
+
mod = find(pat)
|
|
69
|
+
if mod
|
|
70
|
+
return mod.manifests(pat)
|
|
71
|
+
else
|
|
72
|
+
abspat = File::expand_path(pat, cwd)
|
|
73
|
+
files = Dir.glob(abspat).reject { |f| FileTest.directory?(f) }
|
|
74
|
+
if files.size == 0
|
|
75
|
+
files = Dir.glob(abspat + ".pp").reject { |f| FileTest.directory?(f) }
|
|
76
|
+
end
|
|
77
|
+
return files
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
attr_reader :name, :path
|
|
82
|
+
def initialize(name, path)
|
|
83
|
+
@name = name
|
|
84
|
+
@path = path
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def strip(file)
|
|
88
|
+
n, rest = file.split(File::SEPARATOR, 2)
|
|
89
|
+
rest = nil if rest && rest.empty?
|
|
90
|
+
return rest
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def template(file)
|
|
94
|
+
return File::join(path, TEMPLATES, strip(file))
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
def files
|
|
98
|
+
return File::join(path, FILES)
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
def manifests(pat)
|
|
102
|
+
rest = strip(pat)
|
|
103
|
+
rest ||= "init.pp"
|
|
104
|
+
p = File::join(path, MANIFESTS, rest)
|
|
105
|
+
files = Dir.glob(p)
|
|
106
|
+
if files.size == 0
|
|
107
|
+
files = Dir.glob(p + ".pp")
|
|
108
|
+
end
|
|
109
|
+
return files
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
private :initialize
|
|
113
|
+
end
|
|
@@ -0,0 +1,168 @@
|
|
|
1
|
+
require 'puppet/util/loadedfile'
|
|
2
|
+
require 'puppet/network/rights'
|
|
3
|
+
|
|
4
|
+
module Puppet
|
|
5
|
+
class ConfigurationError < Puppet::Error; end
|
|
6
|
+
class Network::AuthConfig < Puppet::Util::LoadedFile
|
|
7
|
+
|
|
8
|
+
def self.main
|
|
9
|
+
unless defined? @main
|
|
10
|
+
@main = self.new()
|
|
11
|
+
end
|
|
12
|
+
@main
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
# Just proxy the setting methods to our rights stuff
|
|
16
|
+
[:allow, :deny].each do |method|
|
|
17
|
+
define_method(method) do |*args|
|
|
18
|
+
@rights.send(method, *args)
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
# Here we add a little bit of semantics. They can set auth on a whole
|
|
23
|
+
# namespace or on just a single method in the namespace.
|
|
24
|
+
def allowed?(request)
|
|
25
|
+
name = request.call.intern
|
|
26
|
+
namespace = request.handler.intern
|
|
27
|
+
method = request.method.intern
|
|
28
|
+
|
|
29
|
+
read()
|
|
30
|
+
|
|
31
|
+
if @rights.include?(name)
|
|
32
|
+
return @rights[name].allowed?(request.name, request.ip)
|
|
33
|
+
elsif @rights.include?(namespace)
|
|
34
|
+
return @rights[namespace].allowed?(request.name, request.ip)
|
|
35
|
+
else
|
|
36
|
+
return false
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
# Does the file exist? Puppetmasterd does not require it, but
|
|
41
|
+
# puppetd does.
|
|
42
|
+
def exists?
|
|
43
|
+
FileTest.exists?(@file)
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def initialize(file = nil, parsenow = true)
|
|
47
|
+
@file ||= Puppet[:authconfig]
|
|
48
|
+
|
|
49
|
+
unless @file
|
|
50
|
+
raise Puppet::DevError, "No authconfig file defined"
|
|
51
|
+
end
|
|
52
|
+
return unless self.exists?
|
|
53
|
+
super(@file)
|
|
54
|
+
@rights = Puppet::Network::Rights.new
|
|
55
|
+
@configstamp = @configstatted = nil
|
|
56
|
+
@configtimeout = 60
|
|
57
|
+
|
|
58
|
+
if parsenow
|
|
59
|
+
read()
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
# Read the configuration file.
|
|
64
|
+
def read
|
|
65
|
+
return unless FileTest.exists?(@file)
|
|
66
|
+
|
|
67
|
+
if @configstamp
|
|
68
|
+
if @configtimeout and @configstatted
|
|
69
|
+
if Time.now - @configstatted > @configtimeout
|
|
70
|
+
@configstatted = Time.now
|
|
71
|
+
tmp = File.stat(@file).ctime
|
|
72
|
+
|
|
73
|
+
if tmp == @configstamp
|
|
74
|
+
return
|
|
75
|
+
else
|
|
76
|
+
Puppet.notice "%s vs %s" % [tmp, @configstamp]
|
|
77
|
+
end
|
|
78
|
+
else
|
|
79
|
+
return
|
|
80
|
+
end
|
|
81
|
+
else
|
|
82
|
+
Puppet.notice "%s and %s" % [@configtimeout, @configstatted]
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
parse()
|
|
87
|
+
|
|
88
|
+
@configstamp = File.stat(@file).ctime
|
|
89
|
+
@configstatted = Time.now
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
private
|
|
93
|
+
|
|
94
|
+
def parse
|
|
95
|
+
newrights = Puppet::Network::Rights.new
|
|
96
|
+
begin
|
|
97
|
+
File.open(@file) { |f|
|
|
98
|
+
right = nil
|
|
99
|
+
count = 1
|
|
100
|
+
f.each { |line|
|
|
101
|
+
case line
|
|
102
|
+
when /^\s*#/: next # skip comments
|
|
103
|
+
when /^\s*$/: next # skip blank lines
|
|
104
|
+
when /\[([\w.]+)\]/: # "namespace" or "namespace.method"
|
|
105
|
+
name = $1
|
|
106
|
+
if newrights.include?(name)
|
|
107
|
+
raise FileServerError, "%s is already set at %s" %
|
|
108
|
+
[newrights[name], name]
|
|
109
|
+
end
|
|
110
|
+
newrights.newright(name)
|
|
111
|
+
right = newrights[name]
|
|
112
|
+
when /^\s*(\w+)\s+(.+)$/:
|
|
113
|
+
var = $1
|
|
114
|
+
value = $2
|
|
115
|
+
case var
|
|
116
|
+
when "allow":
|
|
117
|
+
value.split(/\s*,\s*/).each { |val|
|
|
118
|
+
begin
|
|
119
|
+
right.info "allowing %s access" % val
|
|
120
|
+
right.allow(val)
|
|
121
|
+
rescue AuthStoreError => detail
|
|
122
|
+
raise ConfigurationError, "%s at line %s of %s" %
|
|
123
|
+
[detail.to_s, count, @config]
|
|
124
|
+
end
|
|
125
|
+
}
|
|
126
|
+
when "deny":
|
|
127
|
+
value.split(/\s*,\s*/).each { |val|
|
|
128
|
+
begin
|
|
129
|
+
right.info "denying %s access" % val
|
|
130
|
+
right.deny(val)
|
|
131
|
+
rescue AuthStoreError => detail
|
|
132
|
+
raise ConfigurationError, "%s at line %s of %s" %
|
|
133
|
+
[detail.to_s, count, @config]
|
|
134
|
+
end
|
|
135
|
+
}
|
|
136
|
+
else
|
|
137
|
+
raise ConfigurationError,
|
|
138
|
+
"Invalid argument '%s' at line %s" % [var, count]
|
|
139
|
+
end
|
|
140
|
+
else
|
|
141
|
+
raise ConfigurationError, "Invalid line %s: %s" % [count, line]
|
|
142
|
+
end
|
|
143
|
+
count += 1
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
rescue Errno::EACCES => detail
|
|
147
|
+
Puppet.err "Configuration error: Cannot read %s; cannot serve" % @file
|
|
148
|
+
#raise Puppet::Error, "Cannot read %s" % @config
|
|
149
|
+
rescue Errno::ENOENT => detail
|
|
150
|
+
Puppet.err "Configuration error: '%s' does not exit; cannot serve" %
|
|
151
|
+
@file
|
|
152
|
+
#raise Puppet::Error, "%s does not exit" % @config
|
|
153
|
+
#rescue FileServerError => detail
|
|
154
|
+
# Puppet.err "FileServer error: %s" % detail
|
|
155
|
+
end
|
|
156
|
+
|
|
157
|
+
# Verify each of the rights are valid.
|
|
158
|
+
# We let the check raise an error, so that it can raise an error
|
|
159
|
+
# pointing to the specific problem.
|
|
160
|
+
newrights.each { |name, right|
|
|
161
|
+
right.valid?
|
|
162
|
+
}
|
|
163
|
+
@rights = newrights
|
|
164
|
+
end
|
|
165
|
+
end
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
# $Id: authconfig.rb 2345 2007-03-22 15:40:28Z luke $
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
require 'puppet/network/client_request'
|
|
2
|
+
require 'puppet/network/authconfig'
|
|
3
|
+
|
|
4
|
+
module Puppet::Network
|
|
5
|
+
# Most of our subclassing is just so that we can get
|
|
6
|
+
# access to information from the request object, like
|
|
7
|
+
# the client name and IP address.
|
|
8
|
+
class InvalidClientRequest < Puppet::Error; end
|
|
9
|
+
module Authorization
|
|
10
|
+
# Create our config object if necessary. This works even if
|
|
11
|
+
# there's no configuration file.
|
|
12
|
+
def authconfig
|
|
13
|
+
unless defined? @authconfig
|
|
14
|
+
@authconfig = Puppet::Network::AuthConfig.main()
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
@authconfig
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
# Verify that our client has access. We allow untrusted access to
|
|
21
|
+
# puppetca methods but no others.
|
|
22
|
+
def authorized?(request)
|
|
23
|
+
msg = "%s client %s access to %s" %
|
|
24
|
+
[request.authenticated? ? "authenticated" : "unauthenticated",
|
|
25
|
+
request, request.call]
|
|
26
|
+
|
|
27
|
+
if request.authenticated?
|
|
28
|
+
if authconfig.exists?
|
|
29
|
+
if authconfig.allowed?(request)
|
|
30
|
+
Puppet.debug "Allowing " + msg
|
|
31
|
+
return true
|
|
32
|
+
else
|
|
33
|
+
Puppet.notice "Denying " + msg
|
|
34
|
+
return false
|
|
35
|
+
end
|
|
36
|
+
else
|
|
37
|
+
# This is a hack way of seeing if we're a config master.
|
|
38
|
+
if Puppet[:name] == "puppetmasterd"
|
|
39
|
+
Puppet.debug "Allowing " + msg
|
|
40
|
+
return true
|
|
41
|
+
else
|
|
42
|
+
Puppet.notice "Denying " + msg
|
|
43
|
+
return false
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
else
|
|
47
|
+
if request.handler == "puppetca"
|
|
48
|
+
Puppet.notice "Allowing " + msg
|
|
49
|
+
else
|
|
50
|
+
Puppet.notice "Denying " + msg
|
|
51
|
+
return false
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
# Is this functionality available?
|
|
57
|
+
def available?(request)
|
|
58
|
+
if handler_loaded?(request.handler)
|
|
59
|
+
return true
|
|
60
|
+
else
|
|
61
|
+
Puppet.warning "Client %s requested unavailable functionality %s" %
|
|
62
|
+
[request, request.handler]
|
|
63
|
+
return false
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
# Make sure that this method is available and authorized.
|
|
68
|
+
def verify(request)
|
|
69
|
+
unless available?(request)
|
|
70
|
+
raise InvalidClientRequest.new(
|
|
71
|
+
"Functionality %s not available" % request.handler
|
|
72
|
+
)
|
|
73
|
+
end
|
|
74
|
+
unless authorized?(request)
|
|
75
|
+
raise InvalidClientRequest.new(
|
|
76
|
+
"Host %s not authorized to call %s" %
|
|
77
|
+
[request, request.call]
|
|
78
|
+
)
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
# $Id: authorization.rb 2259 2007-03-06 19:03:05Z luke $
|
|
@@ -0,0 +1,293 @@
|
|
|
1
|
+
# standard module for determining whether a given hostname or IP has access to
|
|
2
|
+
# the requested resource
|
|
3
|
+
|
|
4
|
+
require 'ipaddr'
|
|
5
|
+
require 'puppet/util/logging'
|
|
6
|
+
|
|
7
|
+
module Puppet
|
|
8
|
+
class AuthStoreError < Puppet::Error; end
|
|
9
|
+
class AuthorizationError < Puppet::Error; end
|
|
10
|
+
|
|
11
|
+
class Network::AuthStore
|
|
12
|
+
include Puppet::Util::Logging
|
|
13
|
+
|
|
14
|
+
# Mark a given pattern as allowed.
|
|
15
|
+
def allow(pattern)
|
|
16
|
+
# a simple way to allow anyone at all to connect
|
|
17
|
+
if pattern == "*"
|
|
18
|
+
@globalallow = true
|
|
19
|
+
else
|
|
20
|
+
store(:allow, pattern)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
return nil
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# Is a given combination of name and ip address allowed? If either input
|
|
27
|
+
# is non-nil, then both inputs must be provided. If neither input
|
|
28
|
+
# is provided, then the authstore is considered local and defaults to "true".
|
|
29
|
+
def allowed?(name, ip)
|
|
30
|
+
if name or ip
|
|
31
|
+
# This is probably unnecessary, and can cause some weirdnesses in
|
|
32
|
+
# cases where we're operating over localhost but don't have a real
|
|
33
|
+
# IP defined.
|
|
34
|
+
unless name and ip
|
|
35
|
+
raise Puppet::DevError, "Name and IP must be passed to 'allowed?'"
|
|
36
|
+
end
|
|
37
|
+
# else, we're networked and such
|
|
38
|
+
else
|
|
39
|
+
# we're local
|
|
40
|
+
return true
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
# yay insecure overrides
|
|
44
|
+
if globalallow?
|
|
45
|
+
return true
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
if decl = @declarations.find { |d| d.match?(name, ip) }
|
|
49
|
+
return decl.result
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
self.info "defaulting to no access for %s" % name
|
|
53
|
+
return false
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
# Deny a given pattern.
|
|
57
|
+
def deny(pattern)
|
|
58
|
+
store(:deny, pattern)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
# Is global allow enabled?
|
|
62
|
+
def globalallow?
|
|
63
|
+
@globalallow
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def initialize
|
|
67
|
+
@globalallow = nil
|
|
68
|
+
@declarations = []
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
private
|
|
72
|
+
|
|
73
|
+
# Store the results of a pattern into our hash. Basically just
|
|
74
|
+
# converts the pattern and sticks it into the hash.
|
|
75
|
+
def store(type, pattern)
|
|
76
|
+
@declarations << Declaration.new(type, pattern)
|
|
77
|
+
@declarations.sort!
|
|
78
|
+
|
|
79
|
+
return nil
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
# A single declaration. Stores the info for a given declaration,
|
|
83
|
+
# provides the methods for determining whether a declaration matches,
|
|
84
|
+
# and handles sorting the declarations appropriately.
|
|
85
|
+
class Declaration
|
|
86
|
+
include Puppet::Util
|
|
87
|
+
include Comparable
|
|
88
|
+
|
|
89
|
+
# The type of declaration: either :allow or :deny
|
|
90
|
+
attr_reader :type
|
|
91
|
+
|
|
92
|
+
# The name: :ip or :domain
|
|
93
|
+
attr_accessor :name
|
|
94
|
+
|
|
95
|
+
# The pattern we're matching against. Can be an IPAddr instance,
|
|
96
|
+
# or an array of strings, resulting from reversing a hostname
|
|
97
|
+
# or domain name.
|
|
98
|
+
attr_reader :pattern
|
|
99
|
+
|
|
100
|
+
# The length. Only used for iprange and domain.
|
|
101
|
+
attr_accessor :length
|
|
102
|
+
|
|
103
|
+
# Sort the declarations specially.
|
|
104
|
+
def <=>(other)
|
|
105
|
+
# Sort first based on whether the matches are exact.
|
|
106
|
+
if r = compare(exact?, other.exact?)
|
|
107
|
+
return r
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
# Then by type
|
|
111
|
+
if r = compare(self.ip?, other.ip?)
|
|
112
|
+
return r
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# Next sort based on length
|
|
116
|
+
unless self.length == other.length
|
|
117
|
+
# Longer names/ips should go first, because they're more
|
|
118
|
+
# specific.
|
|
119
|
+
return other.length <=> self.length
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
# Then sort deny before allow
|
|
123
|
+
if r = compare(self.deny?, other.deny?)
|
|
124
|
+
return r
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
# We've already sorted by name and length, so all that's left
|
|
128
|
+
# is the pattern
|
|
129
|
+
if ip?
|
|
130
|
+
return self.pattern.to_s <=> other.pattern.to_s
|
|
131
|
+
else
|
|
132
|
+
return self.pattern <=> other.pattern
|
|
133
|
+
end
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
def deny?
|
|
137
|
+
self.type == :deny
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
# Are we an exact match?
|
|
141
|
+
def exact?
|
|
142
|
+
self.length.nil?
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
def initialize(type, pattern)
|
|
146
|
+
self.type = type
|
|
147
|
+
self.pattern = pattern
|
|
148
|
+
end
|
|
149
|
+
|
|
150
|
+
# Are we an IP type?
|
|
151
|
+
def ip?
|
|
152
|
+
self.name == :ip
|
|
153
|
+
end
|
|
154
|
+
|
|
155
|
+
# Does this declaration match the name/ip combo?
|
|
156
|
+
def match?(name, ip)
|
|
157
|
+
if self.ip?
|
|
158
|
+
return pattern.include?(IPAddr.new(ip))
|
|
159
|
+
else
|
|
160
|
+
return matchname?(name)
|
|
161
|
+
end
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
# Set the pattern appropriately. Also sets the name and length.
|
|
165
|
+
def pattern=(pattern)
|
|
166
|
+
parse(pattern)
|
|
167
|
+
@orig = pattern
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
# Mapping a type of statement into a return value.
|
|
171
|
+
def result
|
|
172
|
+
case @type
|
|
173
|
+
when :allow: true
|
|
174
|
+
else
|
|
175
|
+
false
|
|
176
|
+
end
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
def to_s
|
|
180
|
+
"%s: %s" % [self.type, self.pattern]
|
|
181
|
+
end
|
|
182
|
+
|
|
183
|
+
# Set the declaration type. Either :allow or :deny.
|
|
184
|
+
def type=(type)
|
|
185
|
+
type = symbolize(type)
|
|
186
|
+
unless [:allow, :deny].include?(type)
|
|
187
|
+
raise ArgumentError, "Invalid declaration type %s" % type
|
|
188
|
+
end
|
|
189
|
+
@type = type
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
private
|
|
193
|
+
|
|
194
|
+
# Returns nil if both values are true or both are false, returns
|
|
195
|
+
# -1 if the first is true, and 1 if the second is true. Used
|
|
196
|
+
# in the <=> operator.
|
|
197
|
+
def compare(me, them)
|
|
198
|
+
unless me and them
|
|
199
|
+
if me
|
|
200
|
+
return -1
|
|
201
|
+
elsif them
|
|
202
|
+
return 1
|
|
203
|
+
else
|
|
204
|
+
return false
|
|
205
|
+
end
|
|
206
|
+
end
|
|
207
|
+
return nil
|
|
208
|
+
end
|
|
209
|
+
|
|
210
|
+
# Does the name match our pattern?
|
|
211
|
+
def matchname?(name)
|
|
212
|
+
name = munge_name(name)
|
|
213
|
+
return true if self.pattern == name
|
|
214
|
+
|
|
215
|
+
# If it's an exact match, then just return false, since the
|
|
216
|
+
# exact didn't match.
|
|
217
|
+
if exact?
|
|
218
|
+
return false
|
|
219
|
+
end
|
|
220
|
+
|
|
221
|
+
# If every field in the pattern matches, then we consider it
|
|
222
|
+
# a match.
|
|
223
|
+
pattern.zip(name) do |p,n|
|
|
224
|
+
unless p == n
|
|
225
|
+
return false
|
|
226
|
+
end
|
|
227
|
+
end
|
|
228
|
+
|
|
229
|
+
return true
|
|
230
|
+
end
|
|
231
|
+
|
|
232
|
+
# Convert the name to a common pattern.
|
|
233
|
+
def munge_name(name)
|
|
234
|
+
name.downcase.split(".").reverse
|
|
235
|
+
end
|
|
236
|
+
|
|
237
|
+
# Parse our input pattern and figure out what kind of allowal
|
|
238
|
+
# statement it is. The output of this is used for later matching.
|
|
239
|
+
def parse(value)
|
|
240
|
+
case value
|
|
241
|
+
when /^(\d+\.){1,3}\*$/: # an ip address with a '*' at the end
|
|
242
|
+
@name = :ip
|
|
243
|
+
match = $1
|
|
244
|
+
match.sub!(".", '')
|
|
245
|
+
ary = value.split(".")
|
|
246
|
+
|
|
247
|
+
mask = case ary.index(match)
|
|
248
|
+
when 0: 8
|
|
249
|
+
when 1: 16
|
|
250
|
+
when 2: 24
|
|
251
|
+
else
|
|
252
|
+
raise AuthStoreError, "Invalid IP pattern %s" % value
|
|
253
|
+
end
|
|
254
|
+
|
|
255
|
+
@length = mask
|
|
256
|
+
|
|
257
|
+
ary.pop
|
|
258
|
+
while ary.length < 4
|
|
259
|
+
ary.push("0")
|
|
260
|
+
end
|
|
261
|
+
|
|
262
|
+
begin
|
|
263
|
+
@pattern = IPAddr.new(ary.join(".") + "/" + mask.to_s)
|
|
264
|
+
rescue ArgumentError => detail
|
|
265
|
+
raise AuthStoreError, "Invalid IP address pattern %s" % value
|
|
266
|
+
end
|
|
267
|
+
when /^([a-zA-Z][-\w]*\.)+[-\w]+$/: # a full hostname
|
|
268
|
+
@name = :domain
|
|
269
|
+
@pattern = munge_name(value)
|
|
270
|
+
when /^\*(\.([a-zA-Z][-\w]*)){1,}$/: # *.domain.com
|
|
271
|
+
@name = :domain
|
|
272
|
+
@pattern = munge_name(value)
|
|
273
|
+
@pattern.pop # take off the '*'
|
|
274
|
+
@length = @pattern.length
|
|
275
|
+
else
|
|
276
|
+
# Else, use the IPAddr class to determine if we've got a
|
|
277
|
+
# valid IP address.
|
|
278
|
+
if value =~ /\/(\d+)$/
|
|
279
|
+
@length = Integer($1)
|
|
280
|
+
end
|
|
281
|
+
begin
|
|
282
|
+
@pattern = IPAddr.new(value)
|
|
283
|
+
rescue ArgumentError => detail
|
|
284
|
+
raise AuthStoreError, "Invalid pattern %s" % value
|
|
285
|
+
end
|
|
286
|
+
@name = :ip
|
|
287
|
+
end
|
|
288
|
+
end
|
|
289
|
+
end
|
|
290
|
+
end
|
|
291
|
+
end
|
|
292
|
+
|
|
293
|
+
# $Id: authstore.rb 2262 2007-03-08 00:16:53Z luke $
|