RubyGems - puppet - Versions diffs - 0.24.5 → 0.24.6 - Mend

puppet 0.24.5 → 0.24.6

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (354) hide show

data/CHANGELOG +206 -0
data/Rakefile +53 -0
data/bin/filebucket +0 -0
data/bin/puppet +32 -11
data/bin/puppetca +1 -0
data/bin/puppetd +0 -0
data/bin/puppetdoc +0 -0
data/bin/puppetmasterd +0 -0
data/bin/puppetrun +16 -8
data/bin/ralsh +0 -0
data/conf/debian/rules +0 -0
data/conf/gentoo/init.d/puppetmaster +0 -0
data/conf/osx/PackageInfo.plist +36 -0
data/conf/osx/createpackage.sh +167 -0
data/conf/osx/preflight +12 -0
data/conf/redhat/client.init +1 -1
data/conf/redhat/puppet.spec +34 -6
data/conf/redhat/server.init +42 -7
data/conf/redhat/server.sysconfig +22 -0
data/conf/solaris/smf/svc-puppetd +0 -0
data/conf/solaris/smf/svc-puppetmasterd +0 -0
data/examples/etc/init.d/sleeper +0 -0
data/examples/mac_dscl.pp +0 -0
data/examples/mac_dscl_revert.pp +0 -0
data/examples/mac_netinfo.pp +0 -0
data/examples/mac_pkgdmg.pp +0 -0
data/ext/bin/sleeper +0 -0
data/ext/module_puppet +0 -0
data/ext/nagios/check_puppet.rb +0 -0
data/ext/passenger/README +63 -0
data/ext/passenger/apache2.conf +29 -0
data/ext/passenger/config.ru +40 -0
data/ext/puppet-test +0 -0
data/ext/puppetlast +6 -31
data/ext/puppetstoredconfigclean.rb +87 -0
data/install.rb +75 -20
data/lib/puppet.rb +1 -1
data/lib/puppet/daemon.rb +0 -0
data/lib/puppet/defaults.rb +3 -7
data/lib/puppet/external/base64.rb +0 -0
data/lib/puppet/external/nagios.rb +0 -0
data/lib/puppet/external/nagios/base.rb +0 -0
data/lib/puppet/file_serving/fileset.rb +2 -2
data/lib/puppet/file_serving/metadata.rb +3 -3
data/lib/puppet/indirector/facts/facter.rb +3 -2
data/lib/puppet/indirector/yaml.rb +10 -1
data/lib/puppet/module.rb +36 -12
data/lib/puppet/network/authstore.rb +0 -0
data/lib/puppet/network/client/master.rb +12 -11
data/lib/puppet/network/handler/filebucket.rb +0 -0
data/lib/puppet/network/handler/fileserver.rb +38 -46
data/lib/puppet/network/handler/master.rb +1 -1
data/lib/puppet/network/handler/report.rb +0 -0
data/lib/puppet/network/handler/resource.rb +0 -0
data/lib/puppet/network/handler/runner.rb +0 -0
data/lib/puppet/network/http_server/rack.rb +148 -0
data/lib/puppet/network/rights.rb +0 -0
data/lib/puppet/network/xmlrpc/client.rb +5 -5
data/lib/puppet/node.rb +5 -9
data/lib/puppet/node/environment.rb +1 -17
data/lib/puppet/node/facts.rb +0 -0
data/lib/puppet/parameter.rb +1 -28
data/lib/puppet/parser/ast.rb +6 -0
data/lib/puppet/parser/ast/arithmetic_operator.rb +41 -0
data/lib/puppet/parser/ast/boolean_operator.rb +48 -0
data/lib/puppet/parser/ast/collexpr.rb +6 -1
data/lib/puppet/parser/ast/comparison_operator.rb +37 -0
data/lib/puppet/parser/ast/minus.rb +23 -0
data/lib/puppet/parser/ast/nop.rb +11 -0
data/lib/puppet/parser/ast/not.rb +19 -0
data/lib/puppet/parser/ast/resource_override.rb +23 -16
data/lib/puppet/parser/ast/resource_reference.rb +10 -6
data/lib/puppet/parser/ast/vardef.rb +2 -2
data/lib/puppet/parser/collector.rb +2 -1
data/lib/puppet/parser/functions.rb +7 -217
data/lib/puppet/parser/functions/defined.rb +27 -0
data/lib/puppet/parser/functions/fail.rb +4 -0
data/lib/puppet/parser/functions/file.rb +21 -0
data/lib/puppet/parser/functions/fqdn_rand.rb +15 -0
data/lib/puppet/parser/functions/generate.rb +35 -0
data/lib/puppet/parser/functions/include.rb +26 -0
data/lib/puppet/parser/functions/realize.rb +14 -0
data/lib/puppet/parser/functions/search.rb +7 -0
data/lib/puppet/parser/functions/sha1.rb +6 -0
data/lib/puppet/parser/functions/tag.rb +6 -0
data/lib/puppet/parser/functions/tagged.rb +18 -0
data/lib/puppet/parser/functions/template.rb +22 -0
data/lib/puppet/parser/lexer.rb +15 -5
data/lib/puppet/parser/parser.rb +1073 -715
data/lib/puppet/parser/parser_support.rb +18 -13
data/lib/puppet/parser/resource.rb +1 -1
data/lib/puppet/parser/resource/param.rb +10 -2
data/lib/puppet/parser/scope.rb +63 -5
data/lib/puppet/parser/templatewrapper.rb +61 -15
data/lib/puppet/property.rb +7 -1
data/lib/puppet/property/keyvalue.rb +96 -0
data/lib/puppet/property/list.rb +78 -0
data/lib/puppet/provider/confine.rb +1 -1
data/lib/puppet/provider/confine/variable.rb +10 -1
data/lib/puppet/provider/cron/crontab.rb +0 -0
data/lib/puppet/provider/mailalias/aliases.rb +0 -0
data/lib/puppet/provider/maillist/mailman.rb +0 -0
data/lib/puppet/provider/mount/parsed.rb +0 -0
data/lib/puppet/provider/nameservice.rb +24 -39
data/lib/puppet/provider/nameservice/directoryservice.rb +12 -3
data/lib/puppet/provider/nameservice/netinfo.rb +12 -2
data/lib/puppet/provider/nameservice/objectadd.rb +1 -10
data/lib/puppet/provider/package/appdmg.rb +1 -1
data/lib/puppet/provider/package/apple.rb +0 -0
data/lib/puppet/provider/package/apt.rb +14 -21
data/lib/puppet/provider/package/aptitude.rb +0 -0
data/lib/puppet/provider/package/blastwave.rb +2 -0
data/lib/puppet/provider/package/darwinport.rb +0 -0
data/lib/puppet/provider/package/dpkg.rb +33 -51
data/lib/puppet/provider/package/fink.rb +1 -1
data/lib/puppet/provider/package/freebsd.rb +0 -0
data/lib/puppet/provider/package/gem.rb +0 -0
data/lib/puppet/provider/package/hpux.rb +46 -0
data/lib/puppet/provider/package/openbsd.rb +0 -0
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/portage.rb +3 -1
data/lib/puppet/provider/package/ports.rb +3 -3
data/lib/puppet/provider/package/rpm.rb +8 -1
data/lib/puppet/provider/package/rug.rb +2 -2
data/lib/puppet/provider/package/sun.rb +2 -0
data/lib/puppet/provider/package/sunfreeware.rb +3 -0
data/lib/puppet/provider/package/yum.rb +24 -17
data/lib/puppet/provider/package/yumhelper.py +92 -11
data/lib/puppet/provider/parsedfile.rb +0 -0
data/lib/puppet/provider/port/parsed.rb +0 -0
data/lib/puppet/provider/selboolean/getsetsebool.rb +47 -0
data/lib/puppet/provider/selmodule/semodule.rb +143 -0
data/lib/puppet/provider/service/base.rb +0 -0
data/lib/puppet/provider/service/daemontools.rb +154 -0
data/lib/puppet/provider/service/debian.rb +1 -1
data/lib/puppet/provider/service/freebsd.rb +2 -0
data/lib/puppet/provider/service/gentoo.rb +2 -0
data/lib/puppet/provider/service/init.rb +0 -0
data/lib/puppet/provider/service/redhat.rb +1 -1
data/lib/puppet/provider/service/runit.rb +93 -0
data/lib/puppet/provider/service/smf.rb +2 -0
data/lib/puppet/provider/ssh_authorized_key/parsed.rb +7 -1
data/lib/puppet/provider/sshkey/parsed.rb +0 -0
data/lib/puppet/provider/user/hpux.rb +30 -0
data/lib/puppet/provider/user/user_role_add.rb +156 -0
data/lib/puppet/provider/user/useradd.rb +23 -14
data/lib/puppet/rails/database/002_remove_duplicated_index_on_all_tables.rb +17 -0
data/lib/puppet/rails/database/schema.rb +0 -8
data/lib/puppet/rails/resource.rb +6 -6
data/lib/puppet/reference/configuration.rb +0 -7
data/lib/puppet/reports.rb +0 -0
data/lib/puppet/reports/rrdgraph.rb +3 -2
data/lib/puppet/sslcertificates.rb +0 -0
data/lib/puppet/sslcertificates/inventory.rb +3 -2
data/lib/puppet/sslcertificates/support.rb +3 -0
data/lib/puppet/transaction/report.rb +1 -7
data/lib/puppet/transportable.rb +10 -7
data/lib/puppet/type.rb +2110 -14
data/lib/puppet/type/cron.rb +0 -0
data/lib/puppet/type/exec.rb +0 -0
data/lib/puppet/type/file.rb +12 -2
data/lib/puppet/type/file/checksum.rb +4 -0
data/lib/puppet/type/file/content.rb +0 -0
data/lib/puppet/type/file/ensure.rb +0 -0
data/lib/puppet/type/file/group.rb +30 -43
data/lib/puppet/type/file/mode.rb +0 -0
data/lib/puppet/type/file/owner.rb +0 -0
data/lib/puppet/type/file/selcontext.rb +104 -0
data/lib/puppet/type/file/source.rb +0 -0
data/lib/puppet/type/file/type.rb +0 -0
data/lib/puppet/type/filebucket.rb +0 -0
data/lib/puppet/type/group.rb +0 -8
data/lib/puppet/type/host.rb +0 -0
data/lib/puppet/type/mailalias.rb +0 -0
data/lib/puppet/type/maillist.rb +0 -0
data/lib/puppet/type/mount.rb +0 -0
data/lib/puppet/type/package.rb +2 -2
data/lib/puppet/type/port.rb +0 -0
data/lib/puppet/type/schedule.rb +0 -0
data/lib/puppet/type/selboolean.rb +31 -0
data/lib/puppet/type/selmodule.rb +54 -0
data/lib/puppet/type/ssh_authorized_key.rb +3 -3
data/lib/puppet/type/sshkey.rb +0 -0
data/lib/puppet/type/tidy.rb +0 -0
data/lib/puppet/type/user.rb +153 -137
data/lib/puppet/type/yumrepo.rb +18 -2
data/lib/puppet/type/zone.rb +5 -1
data/lib/puppet/util.rb +7 -7
data/lib/puppet/util/filetype.rb +7 -0
data/lib/puppet/util/instance_loader.rb +0 -0
data/lib/puppet/util/ldap/connection.rb +11 -1
data/lib/puppet/util/ldap/manager.rb +1 -1
data/lib/puppet/util/loadedfile.rb +0 -0
data/lib/puppet/util/log.rb +42 -43
data/lib/puppet/util/metric.rb +23 -9
data/lib/puppet/util/posix.rb +69 -18
data/lib/puppet/util/selinux.rb +139 -0
data/lib/puppet/util/settings.rb +5 -7
data/lib/puppet/util/user_attr.rb +21 -0
data/test/certmgr/ca.rb +0 -0
data/test/certmgr/certmgr.rb +0 -0
data/test/certmgr/inventory.rb +0 -0
data/test/certmgr/support.rb +0 -0
data/test/data/providers/ssh_authorized_key/parsed/authorized_keys1 +3 -0
data/test/data/snippets/append.pp +11 -0
data/test/data/snippets/arithmetic_expression.pp +8 -0
data/test/data/snippets/arraytrailingcomma.pp +3 -0
data/test/data/snippets/emptyifelse.pp +9 -0
data/test/data/snippets/funccomma.pp +5 -0
data/test/data/snippets/ifexpression.rb +6 -0
data/test/data/snippets/subclass_name_duplication.pp +0 -0
data/test/executables/filebucket.rb +0 -0
data/test/executables/puppetbin.rb +0 -0
data/test/executables/puppetca.rb +0 -0
data/test/executables/puppetd.rb +0 -0
data/test/executables/puppetmasterd.rb +0 -0
data/test/executables/puppetmodule.rb +0 -0
data/test/language/ast.rb +0 -0
data/test/language/ast/casestatement.rb +0 -0
data/test/language/ast/resource.rb +0 -0
data/test/language/ast/resource_reference.rb +0 -28
data/test/language/ast/selector.rb +0 -0
data/test/language/ast/variable.rb +0 -0
data/test/language/functions.rb +91 -12
data/test/language/parser.rb +21 -0
data/test/language/resource.rb +0 -0
data/test/language/scope.rb +28 -0
data/test/language/snippets.rb +14 -0
data/test/language/transportable.rb +0 -0
data/test/lib/puppettest.rb +0 -0
data/test/lib/puppettest/reporttesting.rb +0 -2
data/test/lib/puppettest/runnable_test.rb +2 -0
data/test/lib/puppettest/support/resources.rb +0 -0
data/test/network/authconfig.rb +0 -0
data/test/network/authorization.rb +0 -0
data/test/network/authstore.rb +0 -0
data/test/network/client/ca.rb +0 -0
data/test/network/client/client.rb +0 -0
data/test/network/client/dipper.rb +0 -0
data/test/network/client/master.rb +2 -6
data/test/network/client/resource.rb +0 -0
data/test/network/client_request.rb +0 -0
data/test/network/daemon.rb +0 -0
data/test/network/handler/bucket.rb +0 -0
data/test/network/handler/ca.rb +0 -0
data/test/network/handler/fileserver.rb +8 -0
data/test/network/handler/handler.rb +0 -0
data/test/network/handler/master.rb +3 -1
data/test/network/handler/report.rb +0 -0
data/test/network/handler/resource.rb +0 -0
data/test/network/handler/runner.rb +0 -0
data/test/network/rights.rb +0 -0
data/test/network/server/mongrel_test.rb +0 -0
data/test/network/server/webrick.rb +0 -0
data/test/network/xmlrpc/client.rb +0 -0
data/test/network/xmlrpc/processor.rb +0 -0
data/test/network/xmlrpc/server.rb +0 -0
data/test/network/xmlrpc/webrick_servlet.rb +0 -0
data/test/other/dsl.rb +0 -0
data/test/other/events.rb +0 -0
data/test/other/overrides.rb +0 -0
data/test/other/provider.rb +0 -0
data/test/other/puppet.rb +0 -0
data/test/other/relationships.rb +0 -0
data/test/other/report.rb +2 -4
data/test/other/transactions.rb +1 -1
data/test/puppet/conffiles.rb +0 -0
data/test/puppet/defaults.rb +0 -0
data/test/puppet/errortest.rb +0 -0
data/test/puppet/tc_suidmanager.rb +0 -0
data/test/rails/ast.rb +0 -0
data/test/rails/configuration.rb +0 -0
data/test/rails/host.rb +0 -0
data/test/rails/rails.rb +0 -0
data/test/rails/railsparameter.rb +0 -0
data/test/rails/railsresource.rb +0 -0
data/test/ral/manager/attributes.rb +0 -0
data/test/ral/manager/instances.rb +0 -0
data/test/ral/manager/manager.rb +0 -0
data/test/ral/manager/provider.rb +0 -0
data/test/ral/manager/type.rb +0 -0
data/test/ral/providers/cron/crontab.rb +0 -0
data/test/ral/providers/group.rb +14 -13
data/test/ral/providers/host/netinfo.rb +0 -0
data/test/ral/providers/host/parsed.rb +0 -0
data/test/ral/providers/mailalias/aliases.rb +0 -0
data/test/ral/providers/mount/netinfo.rb +0 -0
data/test/ral/providers/nameservice.rb +0 -0
data/test/ral/providers/package.rb +0 -31
data/test/ral/providers/package/aptitude.rb +1 -2
data/test/ral/providers/package/aptrpm.rb +2 -2
data/test/ral/providers/parsedfile.rb +0 -0
data/test/ral/providers/port/parsed.rb +0 -0
data/test/ral/providers/provider.rb +0 -0
data/test/ral/providers/service/base.rb +0 -0
data/test/ral/providers/service/debian.rb +0 -0
data/test/ral/providers/sshkey/parsed.rb +0 -0
data/test/ral/providers/user.rb +8 -8
data/test/ral/providers/user/useradd.rb +0 -0
data/test/ral/type/basic.rb +0 -0
data/test/ral/type/cron.rb +0 -0
data/test/ral/type/exec.rb +0 -0
data/test/ral/type/file.rb +0 -0
data/test/ral/type/file/target.rb +0 -0
data/test/ral/type/filebucket.rb +0 -0
data/test/ral/type/fileignoresource.rb +0 -0
data/test/ral/type/filesources.rb +1 -3
data/test/ral/type/group.rb +0 -0
data/test/ral/type/host.rb +0 -0
data/test/ral/type/mailalias.rb +1 -2
data/test/ral/type/parameter.rb +0 -0
data/test/ral/type/port.rb +0 -0
data/test/ral/type/property.rb +0 -0
data/test/ral/type/resources.rb +0 -0
data/test/ral/type/service.rb +0 -0
data/test/ral/type/sshkey.rb +0 -0
data/test/ral/type/tidy.rb +0 -0
data/test/ral/type/user.rb +0 -50
data/test/ral/type/yumrepo.rb +7 -1
data/test/ral/type/zone.rb +0 -0
data/test/test +0 -0
data/test/util/autoload.rb +0 -0
data/test/util/classgen.rb +0 -0
data/test/util/execution.rb +0 -0
data/test/util/features.rb +0 -0
data/test/util/fileparsing.rb +0 -0
data/test/util/filetype.rb +0 -0
data/test/util/inifile.rb +0 -0
data/test/util/instance_loader.rb +0 -0
data/test/util/log.rb +0 -59
data/test/util/metrics.rb +0 -0
data/test/util/package.rb +0 -0
data/test/util/pidlock.rb +0 -0
data/test/util/settings.rb +0 -0
data/test/util/storage.rb +0 -0
data/test/util/subclass_loader.rb +0 -0
data/test/util/utiltest.rb +0 -0
metadata +54 -19
data/lib/puppet/metatype/attributes.rb +0 -685
data/lib/puppet/metatype/closure.rb +0 -49
data/lib/puppet/metatype/container.rb +0 -50
data/lib/puppet/metatype/evaluation.rb +0 -163
data/lib/puppet/metatype/instances.rb +0 -305
data/lib/puppet/metatype/metaparams.rb +0 -423
data/lib/puppet/metatype/providers.rb +0 -247
data/lib/puppet/metatype/relationships.rb +0 -115
data/lib/puppet/metatype/schedules.rb +0 -33
data/lib/puppet/metatype/tags.rb +0 -38
data/lib/puppet/util/plist.rb +0 -23
data/lib/puppet/util/plist/generator.rb +0 -225
data/lib/puppet/util/plist/parser.rb +0 -226
data/test/ral/providers/package/apt.rb +0 -169
data/test/ral/providers/package/dpkg.rb +0 -64
data/test/util/posixtest.rb +0 -169

data/lib/puppet/util/filetype.rb CHANGED

@@ -1,8 +1,13 @@
 # Basic classes for reading, writing, and emptying files.  Not much
 # to see here.
+require 'puppet/util/selinux'
 class Puppet::Util::FileType
     attr_accessor :loaded, :path, :synced
+    include Puppet::Util::SELinux
     class << self
         attr_accessor :name
         include Puppet::Util::ClassGen
@@ -109,6 +114,8 @@ class Puppet::Util::FileType
             tf.print text; tf.flush
             FileUtils.cp(tf.path, @path)
             tf.close
+            # If SELinux is present, we need to ensure the file has its expected context
+            set_selinux_default_context(@path)
         end
     end

data/lib/puppet/util/instance_loader.rb CHANGED

File without changes

data/lib/puppet/util/ldap/connection.rb CHANGED

@@ -17,7 +17,17 @@ class Puppet::Util::Ldap::Connection
               else
                   false
               end
-        new(Puppet[:ldapserver], Puppet[:ldapport], :ssl => ssl)
+        options = {}
+        options[:ssl] = ssl
+        if user = Puppet.settings[:ldapuser] and user != ""
+            options[:user] = user
+            if pass = Puppet.settings[:ldappassword] and pass != ""
+                options[:password] = pass
+            end
+        end
+        new(Puppet[:ldapserver], Puppet[:ldapport], options)
     end
     def close

data/lib/puppet/util/ldap/manager.rb CHANGED

@@ -80,7 +80,7 @@ class Puppet::Util::Ldap::Manager
     # Calculate the dn for a given resource.
     def dn(name)
-        ["#{rdn.to_s}=%s" % name, base].join(",")
+        ["%s=%s" % [rdn, name], base].join(",")
     end
     # Convert an ldap-style entry hash to a provider-style hash.

data/lib/puppet/util/loadedfile.rb CHANGED

File without changes

data/lib/puppet/util/log.rb CHANGED

@@ -1,10 +1,12 @@
 require 'syslog'
+require 'puppet/util/tagging'
 # Pass feedback to the user.  Log levels are modeled after syslog's, and it is
 # expected that that will be the most common log destination.  Supports
 # multiple destinations, one of which is a remote server.
 class Puppet::Util::Log
     include Puppet::Util
+    include Puppet::Util::Tagging
     @levels = [:debug,:info,:notice,:warning,:err,:alert,:emerg,:crit]
     @loglevel = 2
@@ -244,23 +246,31 @@ class Puppet::Util::Log
     newdesttype :console do
-        PINK = {:console => "[0;31m", :html => "FFA0A0"}
-        GREEN = {:console => "[0;32m", :html => "00CD00"}
-        YELLOW = {:console => "[0;33m", :html => "FFFF60"}
-        SLATE = {:console => "[0;34m", :html => "80A0FF"}
-        ORANGE = {:console => "[0;35m", :html => "FFA500"}
-        BLUE = {:console => "[0;36m", :html => "40FFFF"}
-        RESET = {:console => "[0m", :html => ""}
+        RED 	= {:console => "[0;31m", :html => "FFA0A0"}
+        GREEN 	= {:console => "[0;32m", :html => "00CD00"}
+        YELLOW 	= {:console => "[0;33m", :html => "FFFF60"}
+        BLUE 	= {:console => "[0;34m", :html => "80A0FF"}
+        PURPLE 	= {:console => "[0;35m", :html => "FFA500"}
+        CYAN 	= {:console => "[0;36m", :html => "40FFFF"}
+        WHITE	= {:console => "[0;37m", :html => "FFFFFF"}
+        HRED	= {:console => "[1;31m", :html => "FFA0A0"}
+        HGREEN 	= {:console => "[1;32m", :html => "00CD00"}
+        HYELLOW	= {:console => "[1;33m", :html => "FFFF60"}
+        HBLUE 	= {:console => "[1;34m", :html => "80A0FF"}
+        HPURPLE	= {:console => "[1;35m", :html => "FFA500"}
+        HCYAN 	= {:console => "[1;36m", :html => "40FFFF"}
+        HWHITE	= {:console => "[1;37m", :html => "FFFFFF"}
+        RESET 	= {:console => "[0m", :html => ""}
         @@colormap = {
-            :debug => SLATE,
+            :debug => WHITE,
             :info => GREEN,
-            :notice => PINK,
-            :warning => ORANGE,
-            :err => YELLOW,
-            :alert => BLUE,
-            :emerg => RESET,
-            :crit => RESET
+            :notice => CYAN,
+            :warning => YELLOW,
+            :err => HPURPLE,
+            :alert => RED,
+            :emerg => HRED,
+            :crit => HRED
         }
         def colorize(level, str)
@@ -462,12 +472,12 @@ class Puppet::Util::Log
         @levels.include?(level)
     end
-    attr_accessor :level, :message, :time, :tags, :remote
+    attr_accessor :level, :message, :time, :remote
     attr_reader :source
     def initialize(args)
         unless args.include?(:level) && args.include?(:message)
-            raise Puppet::DevError, "Puppet::Util::Log called incorrectly"
+            raise ArgumentError, "Puppet::Util::Log called incorrectly"
         end
         if args[:level].class == String
@@ -475,35 +485,27 @@ class Puppet::Util::Log
         elsif args[:level].class == Symbol
             @level = args[:level]
         else
-            raise Puppet::DevError,
-                "Level is not a string or symbol: #{args[:level].class}"
+            raise ArgumentError, "Level is not a string or symbol: #{args[:level].class}"
         end
-        # Just return unless we're actually at a level we should send
-        #return unless self.class.sendlevel?(@level)
         @message = args[:message].to_s
         @time = Time.now
-        # this should include the host name, and probly lots of other
-        # stuff, at some point
-        unless self.class.validlevel?(level)
-            raise Puppet::DevError, "Invalid message level #{level}"
-        end
-        if args.include?(:tags)
-            @tags = args[:tags]
-        end
+        raise ArgumentError, "Invalid log level %s" % level unless self.class.validlevel?(level)
-        if args.include?(:source)
-            self.source = args[:source]
-        else
-            @source = "Puppet"
+        if tags = args[:tags]
+            tags.each { |t| self.tag(t) }
         end
+        self.source = args[:source] || "Puppet"
+        # Tag myself with my log level
+        tag(level)
         Log.newmessage(self)
     end
-    # Was the source of this log an object?
+    # Was the source of this log a Puppet resource or parameter?
     def objectsource?
         if defined? @objectsource and @objectsource
             @objectsource
@@ -525,17 +527,11 @@ class Puppet::Util::Log
             @objectsource = false
             @source = source.to_s
         end
-        unless defined? @tags and @tags
-            if source.respond_to?(:tags)
-                @tags = source.tags
-            end
+        if source.respond_to?(:tags)
+            source.tags.each { |t| tag(t) }
         end
     end
-    def tagged?(tag)
-        @tags.detect { |t| t.to_s == tag.to_s }
-    end
     def to_report
         "%s %s (%s): %s" % [self.time, self.source, self.level, self.to_s]
     end
@@ -544,5 +540,8 @@ class Puppet::Util::Log
         return @message
     end
 end
-Puppet::Log = Puppet::Util::Log
+# This is for backward compatibility from when we changed the constant to Puppet::Util::Log
+# because the reports include the constant name.  Apparently the alias was created in
+# March 2007, should could probably be removed soon.
+Puppet::Log = Puppet::Util::Log

data/lib/puppet/util/metric.rb CHANGED

@@ -5,6 +5,8 @@ require 'puppet'
 class Puppet::Util::Metric
     # Load the library as a feature, so we can test its presence.
+    # It's only used by this class, so there's no reason to move it
+    # to the main feature list.
     Puppet.features.add :rrd, :libs => 'RRDtool'
     attr_accessor :type, :name, :value, :label
@@ -12,6 +14,15 @@ class Puppet::Util::Metric
     attr_writer :basedir
+    # Return a specific value
+    def [](name)
+        if value = @values.find { |v| v[0] == name }
+            return value[2]
+        else
+            return nil
+        end
+    end
     def basedir
         if defined? @basedir
             @basedir
@@ -93,11 +104,7 @@ class Puppet::Util::Metric
     def initialize(name,label = nil)
         @name = name.to_s
-        if label
-            @label = label
-        else
-            @label = name.to_s.capitalize.gsub("_", " ")
-        end
+        @label = label || labelize(name)
         @values = []
     end
@@ -107,9 +114,7 @@ class Puppet::Util::Metric
     end
     def newvalue(name,value,label = nil)
-        unless label
-            label = name.to_s.capitalize.gsub("_", " ")
-        end
+        label ||= labelize(name)
         @values.push [name,label,value]
     end
@@ -145,7 +150,16 @@ class Puppet::Util::Metric
     def values
         @values.sort { |a, b| a[1] <=> b[1] }
     end
+    private
+    # Convert a name into a label.
+    def labelize(name)
+        name.to_s.capitalize.gsub("_", " ")
+    end
 end
+# This is necessary because we changed the class path in early 2007,
+# and reports directly yaml-dump these metrics, so both client and server
+# have to agree on the class name.
 Puppet::Metric = Puppet::Util::Metric

data/lib/puppet/util/posix.rb CHANGED

@@ -3,23 +3,20 @@ module Puppet::Util::POSIX
     # Retrieve a field from a POSIX Etc object.  The id can be either an integer
     # or a name.  This only works for users and groups.  It's also broken on
-    # some platforms, unfortunately.
-    def old_get_posix_field(space, field, id)
-        unless id
-            raise ArgumentError, "Did not get id"
-        end
-        if id =~ /^\d+$/
-            id = Integer(id)
-        end
-        prefix = "get" + space.to_s
+    # some platforms, unfortunately, which is why we fall back to the other
+    # method search_posix_field in the gid and uid methods if a sanity check
+    # fails
+    def get_posix_field(space, field, id)
+        raise Puppet::DevError, "Did not get id from caller" unless id
         if id.is_a?(Integer)
             if id > Puppet[:maximum_uid].to_i
                 Puppet.err "Tried to get %s field for silly id %s" % [field, id]
                 return nil
             end
-            method = (prefix + idfield(space).to_s).intern
+            method = methodbyid(space)
         else
-            method = (prefix + "nam").intern
+            method = methodbyname(space)
         end
         begin
@@ -31,13 +28,11 @@ module Puppet::Util::POSIX
     end
     # A degenerate method of retrieving name/id mappings.  The job of this method is
-    # to find a specific entry and then return a given field from that entry.
-    def get_posix_field(type, field, id)
+    # to retrieve all objects of a certain type, search for a specific entry
+    # and then return a given field from that entry.
+    def search_posix_field(type, field, id)
         idmethod = idfield(type)
         integer = false
-        if id =~ /^\d+$/
-            id = Integer(id)
-        end
         if id.is_a?(Integer)
             integer = true
             if id > Puppet[:maximum_uid].to_i
@@ -112,14 +107,70 @@ module Puppet::Util::POSIX
         end
     end
+    # Determine what the method is to get users and groups by id
+    def methodbyid(space)
+        case Puppet::Util.symbolize(space)
+        when :gr, :group: return :getgrgid
+        when :pw, :user, :passwd: return :getpwuid
+        else
+            raise ArgumentError.new("Can only handle users and groups")
+        end
+    end
+    # Determine what the method is to get users and groups by name
+    def methodbyname(space)
+        case Puppet::Util.symbolize(space)
+        when :gr, :group: return :getgrnam
+        when :pw, :user, :passwd: return :getpwnam
+        else
+            raise ArgumentError.new("Can only handle users and groups")
+        end
+    end
     # Get the GID of a given group, provided either a GID or a name
     def gid(group)
-        get_posix_field(:group, :gid, group)
+        begin
+            group = Integer(group)
+        rescue ArgumentError
+            # pass
+        end
+        if group.is_a?(Integer)
+            return nil unless name = get_posix_field(:group, :name, group)
+            gid = get_posix_field(:group, :gid, name)
+            check_value = gid
+        else
+            return nil unless gid = get_posix_field(:group, :gid, group)
+            name = get_posix_field(:group, :name, gid)
+            check_value = name
+        end
+        if check_value != group
+            return search_posix_field(:group, :gid, group)
+        else
+            return gid
+        end
     end
     # Get the UID of a given user, whether a UID or name is provided
     def uid(user)
-        get_posix_field(:passwd, :uid, user)
+        begin
+            user = Integer(user)
+        rescue ArgumentError
+            # pass
+        end
+        if user.is_a?(Integer)
+            return nil unless name = get_posix_field(:passwd, :name, user)
+            uid = get_posix_field(:passwd, :uid, name)
+            check_value = uid
+        else
+            return nil unless uid = get_posix_field(:passwd, :uid, user)
+            name = get_posix_field(:passwd, :name, uid)
+            check_value = name
+        end
+        if check_value != user
+            return search_posix_field(:passwd, :uid, user)
+        else
+            return uid
+        end
     end
 end

data/lib/puppet/util/selinux.rb ADDED

@@ -0,0 +1,139 @@
+# Provides utility functions to help interfaces Puppet to SELinux.
+#
+# Currently this is implemented via the command line tools.  At some
+# point support should be added to use the new SELinux ruby bindings
+# as that will be faster and more reliable then shelling out when they
+# are available.  At this time (2008-09-26) these bindings aren't bundled on
+# any SELinux-using distribution I know of.
+require 'puppet/util'
+module Puppet::Util::SELinux
+    include Puppet::Util
+    def selinux_support?
+        FileTest.exists?("/selinux/enforce")
+    end
+    # Retrieve and return the full context of the file.  If we don't have
+    # SELinux support or if the stat call fails then return nil.
+    def get_selinux_current_context(file)
+        unless selinux_support?
+            return nil
+        end
+        context = ""
+        begin
+            execpipe("/usr/bin/stat -c %C #{file}") do |out|
+                out.each do |line|
+                    context << line
+                end
+            end
+        rescue Puppet::ExecutionFailure
+            return nil
+        end
+        context.chomp!
+        # Handle the case that the system seems to have SELinux support but
+        # stat finds unlabled files.
+        if context == "(null)"
+            return nil
+        end
+        return context
+    end
+    # Use the matchpathcon command, if present, to return the SELinux context
+    # which the SELinux policy on the system expects the file to have.  We can
+    # use this to obtain a good default context.  If the command does not
+    # exist or the call fails return nil.
+    #
+    # Note: For this command to work a full, non-relative, filesystem path
+    # should be given.
+    def get_selinux_default_context(file)
+        unless selinux_support?
+            return nil
+        end
+        unless FileTest.executable?("/usr/sbin/matchpathcon")
+            return nil
+        end
+        context = ""
+        begin
+            execpipe("/usr/sbin/matchpathcon #{file}") do |out|
+                out.each do |line|
+                    context << line
+                end
+            end
+        rescue Puppet::ExecutionFailure
+            return nil
+        end
+        # For a successful match, matchpathcon returns two fields separated by
+        # a variable amount of whitespace.  The second field is the full context.
+        context = context.split(/\s/)[1]
+        return context
+    end
+    # Take the full SELinux context returned from the tools and parse it
+    # out to the three (or four) component parts.  Supports :seluser, :selrole,
+    # :seltype, and on systems with range support, :selrange.
+    def parse_selinux_context(component, context)
+        if context.nil? or context == "unlabeled"
+            return nil
+        end
+        unless context =~ /^([a-z0-9_]+):([a-z0-9_]+):([a-z0-9_]+)(?::([a-zA-Z0-9:,._-]+))?/
+            raise Puppet::Error, "Invalid context to parse: #{context}"
+        end
+        ret = {
+            :seluser => $1,
+            :selrole => $2,
+            :seltype => $3,
+            :selrange => $4,
+        }
+        return ret[component]
+    end
+    # This updates the actual SELinux label on the file.  You can update
+    # only a single component or update the entire context.  It is just a
+    # wrapper around the chcon command.
+    def set_selinux_context(file, value, component = false)
+        unless selinux_support?
+            return nil
+        end
+        case component
+            when :seluser
+                flag = "-u"
+            when :selrole
+                flag = "-r"
+            when :seltype
+                flag = "-t"
+            when :selrange
+                flag = "-l"
+            else
+                flag = nil
+        end
+        if flag.nil?
+            cmd = ["/usr/bin/chcon","-h",value,file]
+        else
+            cmd = ["/usr/bin/chcon","-h",flag,value,file]
+        end
+        execute(cmd)
+        return true
+    end
+    # Since this call relies on get_selinux_default_context it also needs a
+    # full non-relative path to the file.  Fortunately, that seems to be all
+    # Puppet uses.  This will set the file's SELinux context to the policy's
+    # default context (if any) if it differs from the context currently on
+    # the file.
+    def set_selinux_default_context(file)
+        new_context = get_selinux_default_context(file)
+        unless new_context
+            return nil
+        end
+        cur_context = get_selinux_current_context(file)
+        if new_context != cur_context
+            set_selinux_context(file, new_context)
+            return new_context
+        end
+        return nil
+    end
+end