RubyGems - puppet - Versions diffs - 0.24.4 → 0.24.5 - Mend

puppet 0.24.4 → 0.24.5

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (316) hide show

data/CHANGELOG +170 -0
data/Rakefile +6 -4
data/bin/filebucket +3 -2
data/bin/puppet +7 -4
data/bin/puppetca +32 -14
data/bin/puppetd +12 -34
data/bin/puppetmasterd +3 -2
data/bin/puppetrun +5 -43
data/bin/ralsh +2 -2
data/conf/debian/README.source +2 -0
data/conf/debian/TODO.Debian +1 -0
data/conf/debian/changelog +257 -0
data/conf/debian/compat +1 -0
data/conf/debian/control +45 -0
data/conf/debian/copyright +17 -0
data/conf/debian/docs +1 -0
data/conf/debian/fileserver.conf +12 -0
data/conf/debian/puppet.NEWS +63 -0
data/conf/debian/puppet.conf +8 -0
data/conf/debian/puppet.dirs +7 -0
data/conf/debian/puppet.files +6 -0
data/conf/debian/puppet.init +64 -0
data/conf/debian/puppet.logrotate +11 -0
data/conf/debian/puppet.postinst +9 -0
data/conf/debian/puppet.postrm +21 -0
data/conf/debian/puppet.preinst +25 -0
data/conf/debian/puppetmaster.files +4 -0
data/conf/debian/puppetmaster.init +58 -0
data/conf/debian/rules +115 -0
data/conf/debian/watch +2 -0
data/conf/gentoo/init.d/puppet +1 -1
data/conf/gentoo/init.d/puppetmaster +32 -31
data/conf/redhat/client.init +10 -2
data/conf/redhat/puppet.spec +4 -1
data/conf/redhat/server.init +9 -1
data/examples/{code/allatonce → allatonce} +0 -0
data/examples/{code/assignments → assignments} +0 -0
data/examples/{code/components → components} +0 -0
data/examples/{root/etc → etc}/init.d/sleeper +0 -0
data/examples/{root/etc → etc}/otherfile +0 -0
data/examples/{root/etc → etc}/puppet/fileserver.conf +0 -0
data/examples/{root/etc → etc}/puppet/namespaceauth.conf +0 -0
data/examples/{root/etc → etc}/puppet/puppet.conf +0 -0
data/examples/{root/etc → etc}/puppet/tagmail.conf +0 -0
data/examples/{code/execs → execs} +0 -0
data/examples/{code/file.bl → file.bl} +0 -0
data/examples/{code/filedefaults → filedefaults} +0 -0
data/examples/{code/fileparsing → fileparsing} +0 -0
data/examples/{code/filerecursion → filerecursion} +0 -0
data/examples/{code/functions → functions} +0 -0
data/examples/{code/groups → groups} +0 -0
data/examples/{code/head → head} +0 -0
data/examples/{code/importing → importing} +0 -0
data/examples/{code/mac_automount.pp → mac_automount.pp} +0 -0
data/examples/{code/mac_dscl.pp → mac_dscl.pp} +0 -0
data/examples/{code/mac_dscl_revert.pp → mac_dscl_revert.pp} +0 -0
data/examples/{code/mac_netinfo.pp → mac_netinfo.pp} +0 -0
data/examples/{code/mac_pkgdmg.pp → mac_pkgdmg.pp} +0 -0
data/examples/{code/modules → modules}/sample-module.pp +0 -0
data/examples/{code/modules → modules}/sample-module/README.txt +0 -0
data/examples/{code/modules → modules}/sample-module/lib/puppet/parser/functions/hostname_to_dn.rb +0 -0
data/examples/{code/modules → modules}/sample-module/manifests/init.pp +0 -0
data/examples/{code/modules → modules}/sample-module/templates/sample.erb +0 -0
data/examples/{code/nodes → nodes} +0 -0
data/examples/{code/one → one} +0 -0
data/examples/{code/relationships → relationships} +0 -0
data/examples/{code/selectors → selectors} +0 -0
data/examples/{code/simpletests → simpletests} +0 -0
data/examples/{code/svncommit → svncommit} +0 -0
data/ext/autotest/Rakefile +8 -0
data/ext/autotest/config +43 -0
data/ext/autotest/readme.rst +16 -0
data/{examples/root → ext}/bin/sleeper +1 -1
data/ext/emacs/puppet-mode.el +246 -184
data/ext/ldap/puppet.schema +7 -2
data/ext/module_puppet +4 -3
data/ext/nagios/check_puppet.rb +117 -0
data/ext/puppetlast +40 -0
data/install.rb +12 -3
data/lib/puppet.rb +1 -44
data/lib/puppet/defaults.rb +23 -10
data/lib/puppet/dsl.rb +2 -2
data/lib/puppet/executables/client/certhandler.rb +77 -0
data/lib/puppet/external/nagios.rb +1 -1
data/lib/puppet/external/nagios/base.rb +60 -46
data/lib/puppet/file_serving/indirection_hooks.rb +4 -2
data/lib/puppet/file_serving/metadata.rb +0 -9
data/lib/puppet/file_serving/terminus_helper.rb +4 -4
data/lib/puppet/indirector.rb +26 -28
data/lib/puppet/indirector/catalog/compiler.rb +6 -28
data/lib/puppet/indirector/checksum/file.rb +2 -2
data/lib/puppet/indirector/direct_file_server.rb +7 -7
data/lib/puppet/indirector/envelope.rb +13 -0
data/lib/puppet/indirector/exec.rb +2 -2
data/lib/puppet/indirector/facts/facter.rb +2 -2
data/lib/puppet/indirector/file.rb +17 -14
data/lib/puppet/indirector/file_metadata/file.rb +2 -2
data/lib/puppet/indirector/file_server.rb +14 -14
data/lib/puppet/indirector/indirection.rb +113 -48
data/lib/puppet/indirector/ldap.rb +13 -25
data/lib/puppet/indirector/memory.rb +7 -7
data/lib/puppet/indirector/module_files.rb +14 -14
data/lib/puppet/indirector/node/exec.rb +3 -10
data/lib/puppet/indirector/node/ldap.rb +138 -41
data/lib/puppet/indirector/node/plain.rb +1 -8
data/lib/puppet/indirector/node/rest.rb +1 -1
data/lib/puppet/indirector/plain.rb +2 -2
data/lib/puppet/indirector/report/processor.rb +2 -2
data/lib/puppet/indirector/request.rb +42 -0
data/lib/puppet/indirector/rest.rb +51 -3
data/lib/puppet/indirector/terminus.rb +0 -27
data/lib/puppet/indirector/yaml.rb +12 -17
data/lib/puppet/metatype/attributes.rb +3 -7
data/lib/puppet/metatype/evaluation.rb +2 -2
data/lib/puppet/module.rb +6 -2
data/lib/puppet/network/client/master.rb +29 -81
data/lib/puppet/network/handler/master.rb +12 -43
data/lib/puppet/network/http.rb +8 -6
data/lib/puppet/network/http/handler.rb +42 -32
data/lib/puppet/network/http/mongrel.rb +8 -9
data/lib/puppet/network/http/mongrel/rest.rb +42 -15
data/lib/puppet/network/http/webrick.rb +27 -16
data/lib/puppet/network/http/webrick/rest.rb +38 -14
data/lib/puppet/network/http_pool.rb +3 -2
data/lib/puppet/network/server.rb +24 -22
data/lib/puppet/network/xmlrpc/client.rb +6 -1
data/lib/puppet/node.rb +38 -79
data/lib/puppet/node/catalog.rb +9 -0
data/lib/puppet/node/facts.rb +9 -1
data/lib/puppet/parser/ast/function.rb +1 -1
data/lib/puppet/parser/collector.rb +6 -0
data/lib/puppet/parser/compiler.rb +1 -1
data/lib/puppet/parser/functions.rb +25 -1
data/lib/puppet/parser/interpreter.rb +2 -17
data/lib/puppet/parser/parser.rb +4 -4
data/lib/puppet/parser/parser_support.rb +6 -2
data/lib/puppet/parser/resource.rb +6 -0
data/lib/puppet/parser/templatewrapper.rb +9 -0
data/lib/puppet/pgraph.rb +1 -1
data/lib/puppet/property.rb +0 -1
data/lib/puppet/provider.rb +9 -95
data/lib/puppet/provider/confine.rb +77 -0
data/lib/puppet/provider/confine/exists.rb +22 -0
data/lib/puppet/provider/confine/false.rb +19 -0
data/lib/puppet/provider/confine/feature.rb +17 -0
data/lib/puppet/provider/confine/true.rb +20 -0
data/lib/puppet/provider/confine/variable.rb +42 -0
data/lib/puppet/provider/confine_collection.rb +47 -0
data/lib/puppet/provider/confiner.rb +20 -0
data/lib/puppet/provider/cron/crontab.rb +6 -2
data/lib/puppet/provider/group/groupadd.rb +1 -1
data/lib/puppet/provider/group/ldap.rb +48 -0
data/lib/puppet/provider/ldap.rb +137 -0
data/lib/puppet/provider/nameservice.rb +1 -2
data/lib/puppet/provider/nameservice/objectadd.rb +2 -5
data/lib/puppet/provider/package/dpkg.rb +16 -1
data/lib/puppet/provider/package/freebsd.rb +15 -4
data/lib/puppet/provider/package/gem.rb +33 -12
data/lib/puppet/provider/package/pkgdmg.rb +1 -60
data/lib/puppet/provider/package/ports.rb +6 -1
data/lib/puppet/provider/package/rpm.rb +14 -13
data/lib/puppet/provider/package/urpmi.rb +3 -3
data/lib/puppet/provider/service/base.rb +4 -4
data/lib/puppet/provider/service/debian.rb +1 -1
data/lib/puppet/provider/service/init.rb +5 -3
data/lib/puppet/provider/service/redhat.rb +35 -7
data/lib/puppet/provider/ssh_authorized_key/parsed.rb +69 -0
data/lib/puppet/provider/user/ldap.rb +133 -0
data/lib/puppet/provider/user/useradd.rb +1 -1
data/lib/puppet/rails/database/001_add_created_at_to_all_tables.rb +14 -14
data/lib/puppet/rails/database/schema.rb +9 -0
data/lib/puppet/rails/resource.rb +1 -0
data/lib/puppet/reference/providers.rb +8 -2
data/lib/puppet/reference/report.rb +23 -0
data/lib/puppet/reports/rrdgraph.rb +4 -2
data/lib/puppet/sslcertificates/ca.rb +9 -4
data/lib/puppet/sslcertificates/support.rb +26 -2
data/lib/puppet/transaction.rb +11 -16
data/lib/puppet/transaction/change.rb +94 -0
data/lib/puppet/transaction/event.rb +21 -0
data/lib/puppet/transaction/report.rb +4 -0
data/lib/puppet/type.rb +0 -2
data/lib/puppet/type/file/ensure.rb +0 -5
data/lib/puppet/type/file/group.rb +13 -7
data/lib/puppet/type/file/source.rb +8 -15
data/lib/puppet/type/file/target.rb +2 -0
data/lib/puppet/type/group.rb +1 -1
data/lib/puppet/type/mount.rb +4 -2
data/lib/puppet/type/nagios_hostescalation.rb +3 -0
data/lib/puppet/type/nagios_servicegroup.rb +3 -0
data/lib/puppet/type/ssh_authorized_key.rb +56 -0
data/lib/puppet/type/user.rb +3 -0
data/lib/puppet/type/yumrepo.rb +0 -1
data/lib/puppet/util.rb +1 -1
data/lib/puppet/util/ldap.rb +5 -0
data/lib/puppet/util/ldap/connection.rb +69 -0
data/lib/puppet/util/ldap/generator.rb +45 -0
data/lib/puppet/util/ldap/manager.rb +281 -0
data/lib/puppet/util/posix.rb +2 -2
data/lib/puppet/util/resource_template.rb +61 -0
data/lib/puppet/util/settings.rb +63 -3
data/lib/puppet/util/storage.rb +4 -0
data/lib/puppet/util/warnings.rb +7 -0
data/man/man8/filebucket.8 +116 -0
data/man/man8/pi.8 +34 -0
data/man/man8/puppet.8 +78 -0
data/man/man8/puppet.conf.8 +1747 -0
data/man/man8/puppetca.8 +118 -0
data/man/man8/puppetd.8 +184 -0
data/man/man8/puppetdoc.8 +62 -0
data/man/man8/puppetmasterd.8 +87 -0
data/man/man8/puppetrun.8 +151 -0
data/man/man8/ralsh.8 +135 -0
data/test/README +24 -0
data/test/certmgr/support.rb +28 -1
data/test/data/failers/badclassnoparam +10 -0
data/test/data/failers/badclassparam +10 -0
data/test/data/failers/badcompnoparam +9 -0
data/test/data/failers/badcompparam +9 -0
data/test/data/failers/badtypeparam +3 -0
data/test/data/failers/noobjectrvalue +1 -0
data/test/data/providers/cron/crontab.allthree +17 -0
data/test/data/providers/cron/crontab.envNcomment +12 -0
data/test/data/providers/cron/crontab.envNname +11 -0
data/test/data/providers/cron/crontab.multirecords +12 -0
data/test/data/providers/cron/crontab_collections.yaml +44 -0
data/test/data/providers/cron/crontab_multiple_with_env.yaml +54 -0
data/test/data/providers/cron/crontab_sample_records.yaml +272 -0
data/test/data/providers/cron/examples/freebsd +2 -0
data/test/data/providers/cron/examples/one +14 -0
data/test/data/providers/cron/examples/openbsd +20 -0
data/test/data/providers/package/testpackages.yaml +65 -0
data/test/data/providers/ssh_authorized_key/parsed/authorized_keys +5 -0
data/test/data/reports/1.yaml +108 -0
data/test/data/reports/2.yaml +108 -0
data/test/data/reports/tagmail_failers.conf +3 -0
data/test/data/reports/tagmail_passers.conf +30 -0
data/test/data/snippets/aliastest.pp +16 -0
data/test/data/snippets/argumentdefaults +14 -0
data/test/data/snippets/casestatement.pp +58 -0
data/test/data/snippets/classheirarchy.pp +15 -0
data/test/data/snippets/classincludes.pp +17 -0
data/test/data/snippets/classpathtest +11 -0
data/test/data/snippets/collection.pp +10 -0
data/test/data/snippets/collection_within_virtual_definitions.pp +20 -0
data/test/data/snippets/componentmetaparams.pp +11 -0
data/test/data/snippets/componentrequire.pp +8 -0
data/test/data/snippets/deepclassheirarchy.pp +23 -0
data/test/data/snippets/defineoverrides.pp +17 -0
data/test/data/snippets/emptyclass.pp +9 -0
data/test/data/snippets/emptyexec.pp +3 -0
data/test/data/snippets/falsevalues.pp +3 -0
data/test/data/snippets/filecreate +11 -0
data/test/data/snippets/fqdefinition.pp +5 -0
data/test/data/snippets/fqparents.pp +11 -0
data/test/data/snippets/implicititeration +15 -0
data/test/data/snippets/multipleinstances +7 -0
data/test/data/snippets/multisubs.pp +13 -0
data/test/data/snippets/namevartest +9 -0
data/test/data/snippets/scopetest +13 -0
data/test/data/snippets/selectorvalues.pp +42 -0
data/test/data/snippets/simpledefaults +5 -0
data/test/data/snippets/simpleselector +38 -0
data/test/data/snippets/singleary.pp +19 -0
data/test/data/snippets/singlequote.pp +11 -0
data/test/data/snippets/singleselector.pp +22 -0
data/test/data/snippets/subclass_name_duplication.pp +11 -0
data/test/data/snippets/tag.pp +9 -0
data/test/data/snippets/tagged.pp +35 -0
data/test/data/snippets/virtualresources.pp +14 -0
data/test/data/types/hosts/1 +3 -0
data/test/data/types/hosts/2 +13 -0
data/test/data/types/hosts/solaris +5 -0
data/test/data/types/mailalias/file1 +183 -0
data/test/data/types/mount/freebsd.fstab +7 -0
data/test/data/types/mount/linux.fstab +11 -0
data/test/data/types/mount/solaris.fstab +11 -0
data/test/data/types/port/1 +533 -0
data/test/data/types/port/darwin +11866 -0
data/test/data/types/ssh_authorized_key/1 +2 -0
data/test/data/types/sshkey/1 +21 -0
data/test/data/types/yumrepos/fedora-devel.repo +26 -0
data/test/data/types/yumrepos/fedora.repo +9 -0
data/test/language/parser.rb +8 -1
data/test/lib/puppettest/runnable_test.rb +3 -0
data/test/lib/puppettest/support/utils.rb +1 -1
data/test/lib/rake/puppet_testtask.rb +3 -0
data/test/lib/stubba.rb +1 -1
data/test/network/client/ca.rb +1 -0
data/test/network/client/master.rb +13 -127
data/test/network/handler/master.rb +61 -80
data/test/other/provider.rb +0 -45
data/test/other/transactions.rb +53 -15
data/test/rails/host.rb +0 -37
data/test/ral/providers/cron/crontab.rb +32 -3
data/test/ral/providers/provider.rb +28 -7
data/test/ral/type/filesources.rb +2 -18
data/test/ral/type/sshkey.rb +0 -1
data/test/ral/type/user.rb +6 -0
data/test/test +241 -0
metadata +289 -113
data/examples/root/etc/configfile +0 -0
data/examples/root/etc/debian-passwd +0 -29
data/examples/root/etc/debian-syslog.conf +0 -71
data/lib/puppet/event.rb +0 -28
data/lib/puppet/network/handler/configuration.rb +0 -184
data/lib/puppet/network/http/mongrel/xmlrpc.rb +0 -4
data/lib/puppet/network/http/webrick/xmlrpc.rb +0 -4
data/lib/puppet/propertychange.rb +0 -141
data/lib/puppet/provider/interface/redhat.rb +0 -250
data/lib/puppet/provider/interface/sunos.rb +0 -133
data/lib/puppet/type/interface.rb +0 -60
data/lib/puppet/util/variables.rb +0 -38
data/test/network/handler/configuration.rb +0 -160
data/test/other/propertychange.rb +0 -140
data/test/util/loadedfile.rb +0 -121

data/lib/puppet/type/file/target.rb CHANGED

@@ -54,6 +54,8 @@ module Puppet
         def insync?(currentvalue)
             if [:nochange, :notlink].include?(self.should) or @resource.recurse?
                 return true
+            elsif ! @resource.replace? and File.exists?(@resource[:path])
+                return true
             else
                 return super(currentvalue)
             end

data/lib/puppet/type/group.rb CHANGED

@@ -110,7 +110,7 @@ module Puppet
             isnamevar
         end
-        newparam(:allowdupe) do
+        newparam(:allowdupe, :boolean => true) do
             desc "Whether to allow duplicate GIDs.  This option does not work on
                 FreeBSD (contract to the ``pw`` man page)."

data/lib/puppet/type/mount.rb CHANGED

@@ -95,7 +95,7 @@ module Puppet
         # Solaris specifies two devices, not just one.
         newproperty(:blockdevice) do
-            desc "The the device to fsck.  This is property is only valid
+            desc "The device to fsck.  This is property is only valid
                 on Solaris, and in most cases will default to the correct
                 value."
@@ -141,7 +141,9 @@ module Puppet
         newproperty(:dump) do
             desc "Whether to dump the mount.  Not all platforms
-                support this."
+                support this. Valid values are ``1`` or ``0``. Default is ``0``."
+             newvalue(%r{(0|1)}) { }
             defaultto {
                 if @resource.managed?

data/lib/puppet/type/nagios_hostescalation.rb ADDED

@@ -0,0 +1,3 @@
+require 'puppet/util/nagios_maker'
+Puppet::Util::NagiosMaker.create_nagios_type :hostescalation

data/lib/puppet/type/nagios_servicegroup.rb ADDED

@@ -0,0 +1,3 @@
+require 'puppet/util/nagios_maker'
+Puppet::Util::NagiosMaker.create_nagios_type :servicegroup

data/lib/puppet/type/ssh_authorized_key.rb ADDED

@@ -0,0 +1,56 @@
+module Puppet
+    newtype(:ssh_authorized_key) do
+        @doc = "Manages ssh authorized keys."
+        ensurable
+        newparam(:name) do
+            desc "The SSH key comment."
+            isnamevar
+        end
+        newproperty(:type) do
+            desc "The encryption type used.  Usually ssh-dss or ssh-rsa for
+                  SSH version 2. Not used for SSH version 1."
+            newvalue("ssh-dss")
+            newvalue("ssh-rsa")
+            aliasvalue(:dsa, "ssh-dss")
+            aliasvalue(:rsa, "ssh-rsa")
+        end
+        newproperty(:key) do
+            desc "The key itself; generally a long string of hex digits."
+        end
+        newproperty(:user) do
+            desc "The user account in which the SSH key should be installed."
+        end
+        newproperty(:target) do
+            desc "The file in which to store the SSH key."
+        end
+        newproperty(:options, :array_matching => :all) do
+            desc "Key options, see sshd(8) for possible values. Multiple values
+                  should be specified as an array."
+            defaultto do :absent end
+        end
+        autorequire(:user) do
+            if should(:user)
+                should(:user)
+            end
+        end
+        validate do
+            unless should(:target) or should(:user)
+                raise Puppet::Error, "Attribute 'user' or 'target' is mandatory"
+            end
+        end
+    end
+end

data/lib/puppet/type/user.rb CHANGED

@@ -220,6 +220,9 @@ module Puppet
                 if value =~ /^\d+$/
                     raise ArgumentError, "Group names must be provided, not numbers"
                 end
+                if value.include?(",")
+                    raise ArgumentError, "Group names must be provided as an array, not a comma-separated list"
+                end
             end
         end

data/lib/puppet/type/yumrepo.rb CHANGED

@@ -1,6 +1,5 @@
 # Description of yum repositories
-require 'puppet/propertychange'
 require 'puppet/util/inifile'
 module Puppet

data/lib/puppet/util.rb CHANGED

@@ -313,7 +313,7 @@ module Util
         $VERBOSE = oldverb
         if child_pid
             # Parent process executes this
-            child_status = Process.waitpid2(child_pid)[1]
+            child_status = (Process.waitpid2(child_pid)[1]).to_i >> 8
         else
             # Child process executes this
             Process.setsid

data/lib/puppet/util/ldap.rb ADDED

@@ -0,0 +1,5 @@
+#
+#  Created by Luke Kanies on 2008-3-23.
+#  Copyright (c) 2008. All rights reserved.
+module Puppet::Util::Ldap
+end

data/lib/puppet/util/ldap/connection.rb ADDED

@@ -0,0 +1,69 @@
+#
+#  Created by Luke Kanies on 2008-3-23.
+#  Copyright (c) 2008. All rights reserved.
+require 'puppet/util/ldap'
+class Puppet::Util::Ldap::Connection
+    attr_accessor :host, :port, :user, :password, :reset, :ssl
+    attr_reader :connection
+    # Return a default connection, using our default settings.
+    def self.instance
+        ssl = if Puppet[:ldaptls]
+                  :tls
+              elsif Puppet[:ldapssl]
+                  true
+              else
+                  false
+              end
+        new(Puppet[:ldapserver], Puppet[:ldapport], :ssl => ssl)
+    end
+    def close
+        connection.unbind if connection.bound?
+    end
+    def initialize(host, port, options = {})
+        raise Puppet::Error, "Could not set up LDAP Connection: Missing ruby/ldap libraries" unless Puppet.features.ldap?
+        @host, @port = host, port
+        options.each do |param, value|
+            begin
+                send(param.to_s + "=", value)
+            rescue
+                raise ArgumentError, "LDAP connections do not support %s parameters" % param
+            end
+        end
+    end
+    # Create a per-connection unique name.
+    def name
+        [host, port, user, password, ssl].collect { |p| p.to_s }.join("/")
+    end
+    # Should we reset the connection?
+    def reset?
+        reset
+    end
+    # Start our ldap connection.
+    def start
+        begin
+            case ssl
+            when :tls:
+                @connection = LDAP::SSLConn.new(host, port, true)
+            when true:
+                @connection = LDAP::SSLConn.new(host, port)
+            else
+                @connection = LDAP::Conn.new(host, port)
+            end
+            @connection.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+            @connection.set_option(LDAP::LDAP_OPT_REFERRALS, LDAP::LDAP_OPT_ON)
+            @connection.simple_bind(user, password)
+        rescue => detail
+            raise Puppet::Error, "Could not connect to LDAP: %s" % detail
+        end
+    end
+end

data/lib/puppet/util/ldap/generator.rb ADDED

@@ -0,0 +1,45 @@
+#
+#  Created by Luke Kanies on 2008-3-28.
+#  Copyright (c) 2008. All rights reserved.
+require 'puppet/util/ldap'
+class Puppet::Util::Ldap::Generator
+    # Declare the attribute we'll use to generate the value.
+    def from(source)
+        @source = source
+        return self
+    end
+    # Actually do the generation.
+    def generate(value = nil)
+        if value.nil?
+            @generator.call
+        else
+            @generator.call(value)
+        end
+    end
+    # Initialize our generator with the name of the parameter
+    # being generated.
+    def initialize(name)
+        @name = name
+    end
+    def name
+        @name.to_s
+    end
+    def source
+        if defined?(@source) and @source
+            @source.to_s
+        else
+            nil
+        end
+    end
+    # Provide the code that does the generation.
+    def with(&block)
+        @generator = block
+        return self
+    end
+end

data/lib/puppet/util/ldap/manager.rb ADDED

@@ -0,0 +1,281 @@
+require 'puppet/util/ldap'
+require 'puppet/util/ldap/connection'
+require 'puppet/util/ldap/generator'
+# The configuration class for LDAP providers, plus
+# connection handling for actually interacting with ldap.
+class Puppet::Util::Ldap::Manager
+    attr_reader :objectclasses, :puppet2ldap, :location, :rdn
+    # A null-op that just returns the config.
+    def and
+        return self
+    end
+    # Set the offset from the search base and return the config.
+    def at(location)
+        @location = location
+        return self
+    end
+    # The basic search base.
+    def base
+        [location, Puppet[:ldapbase]].join(",")
+    end
+    # Convert the name to a dn, then pass the args along to
+    # our connection.
+    def create(name, attributes)
+        attributes = attributes.dup
+        # Add the objectclasses
+        attributes["objectClass"] = objectclasses.collect { |o| o.to_s }
+        attributes["objectClass"] << "top" unless attributes["objectClass"].include?("top")
+        attributes[rdn.to_s] = [name]
+        # Generate any new values we might need.
+        generate(attributes)
+        # And create our resource.
+        connect { |conn| conn.add dn(name), attributes }
+    end
+    # Open, yield, and close the connection.  Cannot be left
+    # open, at this point.
+    def connect
+        raise ArgumentError, "You must pass a block to #connect" unless block_given?
+        unless defined?(@connection) and @connection
+            if Puppet[:ldaptls]
+                ssl = :tls
+            elsif Puppet[:ldapssl]
+                ssl = true
+            else
+                ssl = false
+            end
+            options = {:ssl => ssl}
+            if user = Puppet[:ldapuser] and user != ""
+                options[:user] = user
+            end
+            if password = Puppet[:ldappassword] and password != ""
+                options[:password] = password
+            end
+            @connection = Puppet::Util::Ldap::Connection.new(Puppet[:ldapserver], Puppet[:ldapport], options)
+        end
+        @connection.start
+        begin
+            yield @connection.connection
+        ensure
+            @connection.close
+        end
+        return nil
+    end
+    # Convert the name to a dn, then pass the args along to
+    # our connection.
+    def delete(name)
+        connect { |connection| connection.delete dn(name) }
+    end
+    # Calculate the dn for a given resource.
+    def dn(name)
+        ["#{rdn.to_s}=%s" % name, base].join(",")
+    end
+    # Convert an ldap-style entry hash to a provider-style hash.
+    def entry2provider(entry)
+        raise ArgumentError, "Could not get dn from ldap entry" unless entry["dn"]
+        # DN is always a single-entry array.  Strip off the bits before the
+        # first comma, then the bits after the remaining equal sign.  This is the
+        # name.
+        name = entry["dn"].dup.pop.split(",").shift.split("=").pop
+        result = {:name => name}
+        @ldap2puppet.each do |ldap, puppet|
+            result[puppet] = entry[ldap.to_s] || :absent
+        end
+        result
+    end
+    # Create our normal search filter.
+    def filter
+        return "objectclass=%s" % objectclasses[0] if objectclasses.length == 1
+        return "(&(objectclass=" + objectclasses.join(")(objectclass=") + "))"
+    end
+    # Find the associated entry for a resource.  Returns a hash, minus
+    # 'dn', or nil if the entry cannot be found.
+    def find(name)
+        result = nil
+        connect do |conn|
+            begin
+                conn.search2(dn(name), 0, "objectclass=*") do |result|
+                    # Convert to puppet-appropriate attributes
+                    return entry2provider(result)
+                end
+            rescue => detail
+                return nil
+            end
+        end
+    end
+    # Declare a new attribute generator.
+    def generates(parameter)
+        @generators << Puppet::Util::Ldap::Generator.new(parameter)
+        @generators[-1]
+    end
+    # Generate any extra values we need to make the ldap entry work.
+    def generate(values)
+        return unless @generators.length > 0
+        @generators.each do |generator|
+            # Don't override any values that might exist.
+            next if values[generator.name]
+            if generator.source
+                unless value = values[generator.source]
+                    raise ArgumentError, "%s must be defined to generate %s" % [generator.source, generator.name]
+                end
+                result = generator.generate(value)
+            else
+                result = generator.generate
+            end
+            result = [result] unless result.is_a?(Array)
+            result = result.collect { |r| r.to_s }
+            values[generator.name] = result
+        end
+    end
+    def initialize
+        @rdn = :cn
+        @generators = []
+    end
+    # Specify what classes this provider models.
+    def manages(*classes)
+        @objectclasses = classes
+        return self
+    end
+    # Specify the attribute map.  Assumes the keys are the puppet
+    # attributes, and the values are the ldap attributes, and creates a map
+    # for each direction.
+    def maps(attributes)
+        # The map with the puppet attributes as the keys
+        @puppet2ldap = attributes
+        # and the ldap attributes as the keys.
+        @ldap2puppet = attributes.inject({}) { |map, ary| map[ary[1]] = ary[0]; map }
+        return self
+    end
+    # Return the ldap name for a puppet attribute.
+    def ldap_name(attribute)
+        @puppet2ldap[attribute].to_s
+    end
+    # Convert the name to a dn, then pass the args along to
+    # our connection.
+    def modify(name, mods)
+        connect { |connection| connection.modify dn(name), mods }
+    end
+    # Specify the rdn that we use to build up our dn.
+    def named_by(attribute)
+        @rdn = attribute
+        self
+    end
+    # Return the puppet name for an ldap attribute.
+    def puppet_name(attribute)
+        @ldap2puppet[attribute]
+    end
+    # Search for all entries at our base.  A potentially expensive search.
+    def search(sfilter = nil)
+        sfilter ||= filter()
+        result = []
+        connect do |conn|
+            conn.search2(base, 1, sfilter) do |entry|
+                result << entry2provider(entry)
+            end
+        end
+        return nil if result.empty?
+        return result
+    end
+    # Update the ldap entry with the desired state.
+    def update(name, is, should)
+        if should[:ensure] == :absent
+            Puppet.info "Removing %s from ldap" % dn(name)
+            delete(name)
+            return
+        end
+        # We're creating a new entry
+        if is.empty? or is[:ensure] == :absent
+            Puppet.info "Creating %s in ldap" % dn(name)
+            # Remove any :absent params and :ensure, then convert the names to ldap names.
+            attrs = ldap_convert(should)
+            create(name, attrs)
+            return
+        end
+        # We're modifying an existing entry.  Yuck.
+        mods = []
+        # For each attribute we're deleting that is present, create a
+        # modify instance for deletion.
+        [is.keys, should.keys].flatten.uniq.each do |property|
+            # They're equal, so do nothing.
+            next if is[property] == should[property]
+            attributes = ldap_convert(should)
+            prop_name = ldap_name(property).to_s
+            # We're creating it.
+            if is[property] == :absent or is[property].nil?
+                mods << LDAP::Mod.new(LDAP::LDAP_MOD_ADD, prop_name, attributes[prop_name])
+                next
+            end
+            # We're deleting it
+            if should[property] == :absent or should[property].nil?
+                mods << LDAP::Mod.new(LDAP::LDAP_MOD_DELETE, prop_name, [])
+                next
+            end
+            # We're replacing an existing value
+            mods << LDAP::Mod.new(LDAP::LDAP_MOD_REPLACE, prop_name, attributes[prop_name])
+        end
+        modify(name, mods)
+    end
+    # Is this a complete ldap configuration?
+    def valid?
+        location and objectclasses and ! objectclasses.empty? and puppet2ldap
+    end
+    private
+    # Convert a hash of attributes to ldap-like forms.  This mostly means
+    # getting rid of :ensure and making sure everything's an array of strings.
+    def ldap_convert(attributes)
+        attributes.reject { |param, value| value == :absent or param == :ensure }.inject({}) do |result, ary|
+            value = (ary[1].is_a?(Array) ? ary[1] : [ary[1]]).collect { |v| v.to_s }
+            result[ldap_name(ary[0])] = value
+            result
+        end
+    end
+end