RubyGems - puppet - Versions diffs - 0.24.9 → 0.25.0 - Mend

puppet 0.24.9 → 0.25.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (910) hide show

data/CHANGELOG +18680 -1241
data/CHANGELOG.old +1705 -0
data/LICENSE +2 -2
data/README +1 -1
data/README.queueing +126 -0
data/README.rst +4 -4
data/Rakefile +62 -216
data/bin/filebucket +6 -117
data/bin/pi +50 -0
data/bin/puppet +7 -188
data/bin/puppetdoc +7 -198
data/bin/ralsh +4 -191
data/conf/auth.conf +94 -0
data/conf/gentoo/init.d/puppetmaster +30 -30
data/conf/osx/PackageInfo.plist +30 -30
data/conf/osx/createpackage.sh +23 -18
data/conf/osx/preflight +8 -0
data/conf/puppet-queue.conf +10 -0
data/conf/redhat/client.init +52 -41
data/conf/redhat/logrotate +1 -0
data/conf/redhat/puppet.spec +74 -36
data/conf/redhat/rundir-perms.patch +28 -0
data/conf/redhat/server.init +48 -43
data/conf/redhat/server.sysconfig +4 -4
data/conf/solaris/smf/puppetd.xml +53 -53
data/conf/solaris/smf/puppetmasterd.xml +53 -53
data/conf/solaris/smf/svc-puppetd +4 -4
data/conf/solaris/smf/svc-puppetmasterd +3 -3
data/conf/suse/client.init +4 -4
data/conf/suse/puppet.spec +14 -14
data/conf/suse/server.init +17 -17
data/examples/etc/init.d/sleeper +8 -8
data/examples/mac_dscl.pp +2 -2
data/examples/mac_dscl_revert.pp +1 -1
data/examples/mcx_dock_default.pp +108 -108
data/examples/mcx_dock_full.pp +108 -108
data/examples/mcx_nogroup.pp +108 -108
data/examples/modules/sample-module/lib/puppet/parser/functions/hostname_to_dn.rb +5 -5
data/examples/modules/sample-module/manifests/init.pp +2 -2
data/examples/relationships +1 -1
data/ext/autotest/config +6 -6
data/ext/bin/sleeper +12 -12
data/ext/dbfix.sql +21 -21
data/ext/emacs/puppet-mode.el +42 -41
data/ext/extlookup.rb +183 -0
data/ext/ldap/puppet.schema +2 -1
data/ext/logcheck/puppet +1 -1
data/ext/module_puppet +7 -7
data/ext/nagios/check_puppet.rb +83 -83
data/ext/nagios/naggen +302 -0
data/ext/puppet-test +61 -18
data/ext/puppetlisten/puppetlisten.rb +76 -0
data/ext/puppetlisten/puppetrun.rb +39 -0
data/ext/puppetstoredconfigclean.rb +29 -29
data/ext/rack/README +73 -0
data/ext/rack/files/apache2.conf +38 -0
data/ext/rack/files/config.ru +18 -0
data/ext/rack/manifest.pp +59 -0
data/ext/vim/syntax/puppet.vim +54 -35
data/install.rb +37 -26
data/lib/puppet.rb +15 -227
data/lib/puppet/agent.rb +134 -0
data/lib/puppet/agent/locker.rb +42 -0
data/lib/puppet/agent/runner.rb +65 -0
data/lib/puppet/application.rb +313 -0
data/lib/puppet/application/filebucket.rb +87 -0
data/lib/puppet/application/pi.rb +214 -0
data/lib/puppet/application/puppet.rb +177 -0
data/lib/puppet/application/puppetca.rb +71 -0
data/lib/puppet/application/puppetd.rb +256 -0
data/lib/puppet/application/puppetdoc.rb +222 -0
data/lib/puppet/application/puppetmasterd.rb +168 -0
data/lib/puppet/application/puppetqd.rb +96 -0
data/lib/puppet/application/puppetrun.rb +219 -0
data/lib/puppet/application/ralsh.rb +168 -0
data/lib/puppet/configurer.rb +177 -0
data/lib/puppet/configurer/downloader.rb +79 -0
data/lib/puppet/configurer/fact_handler.rb +68 -0
data/lib/puppet/configurer/plugin_handler.rb +26 -0
data/lib/puppet/daemon.rb +78 -28
data/lib/puppet/defaults.rb +239 -166
data/lib/puppet/dsl.rb +7 -7
data/lib/puppet/external/dot.rb +271 -271
data/lib/puppet/external/event-loop/better-definers.rb +298 -298
data/lib/puppet/external/event-loop/event-loop.rb +274 -274
data/lib/puppet/external/event-loop/signal-system.rb +163 -163
data/lib/puppet/external/lock.rb +1 -1
data/lib/puppet/external/nagios.rb +20 -20
data/lib/puppet/external/nagios/base.rb +3 -3
data/lib/puppet/external/nagios/grammar.ry +185 -0
data/lib/puppet/external/nagios/makefile +9 -0
data/lib/puppet/external/nagios/parser.rb +1 -1
data/lib/puppet/feature/json.rb +2 -0
data/lib/puppet/feature/rack.rb +24 -0
data/lib/puppet/feature/rails.rb +23 -33
data/lib/puppet/feature/rubygems.rb +6 -0
data/lib/puppet/feature/stomp.rb +6 -0
data/lib/puppet/file_serving/{file_base.rb → base.rb} +10 -9
data/lib/puppet/file_serving/configuration.rb +61 -61
data/lib/puppet/file_serving/configuration/parser.rb +24 -29
data/lib/puppet/file_serving/content.rb +26 -11
data/lib/puppet/file_serving/fileset.rb +54 -19
data/lib/puppet/file_serving/indirection_hooks.rb +12 -24
data/lib/puppet/file_serving/metadata.rb +8 -8
data/lib/puppet/file_serving/mount.rb +9 -151
data/lib/puppet/file_serving/mount/file.rb +126 -0
data/lib/puppet/file_serving/mount/modules.rb +25 -0
data/lib/puppet/file_serving/mount/plugins.rb +27 -0
data/lib/puppet/file_serving/terminus_helper.rb +9 -4
data/lib/puppet/indirector.rb +6 -4
data/lib/puppet/indirector/active_record.rb +28 -0
data/lib/puppet/indirector/catalog/active_record.rb +36 -0
data/lib/puppet/indirector/catalog/compiler.rb +50 -24
data/lib/puppet/indirector/catalog/queue.rb +5 -0
data/lib/puppet/indirector/catalog/rest.rb +6 -0
data/lib/puppet/indirector/catalog/yaml.rb +2 -4
data/lib/puppet/indirector/certificate/ca.rb +9 -0
data/lib/puppet/indirector/certificate/file.rb +9 -0
data/lib/puppet/indirector/certificate/rest.rb +9 -0
data/lib/puppet/indirector/certificate_request/ca.rb +14 -0
data/lib/puppet/indirector/certificate_request/file.rb +8 -0
data/lib/puppet/indirector/certificate_request/rest.rb +9 -0
data/lib/puppet/indirector/certificate_revocation_list/ca.rb +8 -0
data/lib/puppet/indirector/certificate_revocation_list/file.rb +8 -0
data/lib/puppet/indirector/certificate_revocation_list/rest.rb +9 -0
data/lib/puppet/indirector/direct_file_server.rb +4 -8
data/lib/puppet/indirector/exec.rb +2 -6
data/lib/puppet/indirector/facts/active_record.rb +36 -0
data/lib/puppet/indirector/facts/facter.rb +30 -22
data/lib/puppet/indirector/facts/rest.rb +6 -0
data/lib/puppet/indirector/file.rb +1 -0
data/lib/puppet/indirector/file_content/rest.rb +0 -1
data/lib/puppet/indirector/file_metadata/file.rb +2 -2
data/lib/puppet/indirector/file_metadata/rest.rb +0 -1
data/lib/puppet/indirector/file_server.rb +31 -18
data/lib/puppet/indirector/indirection.rb +46 -33
data/lib/puppet/indirector/key/ca.rb +12 -0
data/lib/puppet/indirector/key/file.rb +42 -0
data/lib/puppet/indirector/node/active_record.rb +13 -0
data/lib/puppet/indirector/node/ldap.rb +1 -1
data/lib/puppet/indirector/queue.rb +83 -0
data/lib/puppet/indirector/report/processor.rb +1 -1
data/lib/puppet/indirector/report/rest.rb +7 -0
data/lib/puppet/indirector/request.rb +158 -15
data/lib/puppet/indirector/rest.rb +74 -36
data/lib/puppet/indirector/runner/rest.rb +7 -0
data/lib/puppet/indirector/ssl_file.rb +174 -0
data/lib/puppet/indirector/terminus.rb +4 -4
data/lib/puppet/indirector/yaml.rb +1 -1
data/lib/puppet/metatype/manager.rb +3 -3
data/lib/puppet/module.rb +99 -124
data/lib/puppet/network/authconfig.rb +57 -42
data/lib/puppet/network/authstore.rb +58 -10
data/lib/puppet/network/client.rb +0 -2
data/lib/puppet/network/client/ca.rb +1 -1
data/lib/puppet/network/client/dipper.rb +7 -2
data/lib/puppet/network/format.rb +123 -0
data/lib/puppet/network/format_handler.rb +156 -0
data/lib/puppet/network/formats.rb +123 -0
data/lib/puppet/network/handler/filebucket.rb +1 -1
data/lib/puppet/network/handler/fileserver.rb +43 -35
data/lib/puppet/network/handler/master.rb +4 -4
data/lib/puppet/network/handler/report.rb +1 -1
data/lib/puppet/network/handler/resource.rb +16 -20
data/lib/puppet/network/handler/runner.rb +9 -42
data/lib/puppet/network/http.rb +4 -4
data/lib/puppet/network/http/api.rb +4 -0
data/lib/puppet/network/http/api/v1.rb +65 -0
data/lib/puppet/network/http/handler.rb +163 -56
data/lib/puppet/network/http/mongrel.rb +19 -15
data/lib/puppet/network/http/mongrel/rest.rb +35 -17
data/lib/puppet/network/http/rack.rb +62 -0
data/lib/puppet/network/http/rack/httphandler.rb +34 -0
data/lib/puppet/network/http/rack/rest.rb +79 -0
data/lib/puppet/network/http/rack/xmlrpc.rb +65 -0
data/lib/puppet/network/http/webrick.rb +89 -16
data/lib/puppet/network/http/webrick/rest.rb +24 -11
data/lib/puppet/network/http_pool.rb +28 -29
data/lib/puppet/network/http_server/mongrel.rb +8 -10
data/lib/puppet/network/http_server/webrick.rb +1 -3
data/lib/puppet/network/rest_authconfig.rb +89 -0
data/lib/puppet/network/rest_authorization.rb +25 -0
data/lib/puppet/network/rights.rb +230 -27
data/lib/puppet/network/server.rb +133 -31
data/lib/puppet/network/xmlrpc/client.rb +5 -5
data/lib/puppet/network/xmlrpc/webrick_servlet.rb +6 -6
data/lib/puppet/node.rb +28 -21
data/lib/puppet/node/environment.rb +48 -0
data/lib/puppet/node/facts.rb +21 -0
data/lib/puppet/parameter.rb +291 -219
data/lib/puppet/parser/ast.rb +1 -0
data/lib/puppet/parser/ast/astarray.rb +5 -1
data/lib/puppet/parser/ast/boolean_operator.rb +3 -3
data/lib/puppet/parser/ast/caseopt.rb +10 -0
data/lib/puppet/parser/ast/casestatement.rb +12 -27
data/lib/puppet/parser/ast/collection.rb +31 -0
data/lib/puppet/parser/ast/collexpr.rb +18 -11
data/lib/puppet/parser/ast/comparison_operator.rb +1 -1
data/lib/puppet/parser/ast/definition.rb +6 -2
data/lib/puppet/parser/ast/function.rb +7 -2
data/lib/puppet/parser/ast/ifstatement.rb +11 -6
data/lib/puppet/parser/ast/leaf.rb +106 -3
data/lib/puppet/parser/ast/match_operator.rb +31 -0
data/lib/puppet/parser/ast/node.rb +10 -6
data/lib/puppet/parser/ast/resource_defaults.rb +2 -2
data/lib/puppet/parser/ast/resource_override.rb +1 -1
data/lib/puppet/parser/ast/resource_reference.rb +11 -3
data/lib/puppet/parser/ast/selector.rb +14 -32
data/lib/puppet/parser/ast/vardef.rb +1 -1
data/lib/puppet/parser/collector.rb +67 -15
data/lib/puppet/parser/compiler.rb +21 -53
data/lib/puppet/parser/files.rb +92 -0
data/lib/puppet/parser/functions.rb +3 -3
data/lib/puppet/parser/functions/defined.rb +3 -3
data/lib/puppet/parser/functions/fqdn_rand.rb +3 -3
data/lib/puppet/parser/functions/inline_template.rb +4 -4
data/lib/puppet/parser/functions/regsubst.rb +37 -35
data/lib/puppet/parser/functions/require.rb +34 -0
data/lib/puppet/parser/functions/shellquote.rb +41 -0
data/lib/puppet/parser/functions/split.rb +29 -0
data/lib/puppet/parser/functions/sprintf.rb +6 -6
data/lib/puppet/parser/functions/template.rb +4 -4
data/lib/puppet/parser/functions/versioncmp.rb +22 -1
data/lib/puppet/parser/grammar.ra +812 -0
data/lib/puppet/parser/interpreter.rb +4 -4
data/lib/puppet/parser/lexer.rb +44 -15
data/lib/puppet/parser/loaded_code.rb +115 -0
data/lib/puppet/parser/makefile +8 -0
data/lib/puppet/parser/parser.rb +1080 -928
data/lib/puppet/parser/parser_support.rb +118 -96
data/lib/puppet/parser/resource.rb +56 -126
data/lib/puppet/parser/resource/param.rb +2 -76
data/lib/puppet/parser/resource/reference.rb +15 -8
data/lib/puppet/parser/scope.rb +68 -35
data/lib/puppet/parser/templatewrapper.rb +8 -8
data/lib/puppet/parser/yaml_trimmer.rb +11 -0
data/lib/puppet/property.rb +69 -124
data/lib/puppet/property/list.rb +3 -3
data/lib/puppet/provider.rb +5 -5
data/lib/puppet/provider/augeas/augeas.rb +119 -118
data/lib/puppet/provider/computer/computer.rb +3 -3
data/lib/puppet/provider/confine/variable.rb +1 -1
data/lib/puppet/provider/cron/crontab.rb +8 -7
data/lib/puppet/provider/group/directoryservice.rb +2 -2
data/lib/puppet/provider/group/groupadd.rb +1 -1
data/lib/puppet/provider/group/ldap.rb +3 -3
data/lib/puppet/provider/group/pw.rb +1 -1
data/lib/puppet/provider/host/parsed.rb +3 -3
data/lib/puppet/provider/ldap.rb +1 -3
data/lib/puppet/provider/macauthorization/macauthorization.rb +62 -55
data/lib/puppet/provider/mailalias/aliases.rb +9 -1
data/lib/puppet/provider/maillist/mailman.rb +8 -4
data/lib/puppet/provider/mcx/mcxcontent.rb +11 -11
data/lib/puppet/provider/mount/parsed.rb +2 -2
data/lib/puppet/provider/nameservice.rb +6 -6
data/lib/puppet/provider/nameservice/directoryservice.rb +83 -87
data/lib/puppet/provider/package/appdmg.rb +10 -9
data/lib/puppet/provider/package/apple.rb +1 -3
data/lib/puppet/provider/package/apt.rb +5 -5
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/aptrpm.rb +1 -1
data/lib/puppet/provider/package/darwinport.rb +1 -1
data/lib/puppet/provider/package/dpkg.rb +2 -2
data/lib/puppet/provider/package/fink.rb +6 -6
data/lib/puppet/provider/package/freebsd.rb +1 -1
data/lib/puppet/provider/package/gem.rb +2 -2
data/lib/puppet/provider/package/hpux.rb +5 -5
data/lib/puppet/provider/package/pkgdmg.rb +30 -22
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/ports.rb +1 -1
data/lib/puppet/provider/package/rpm.rb +5 -5
data/lib/puppet/provider/package/rug.rb +1 -1
data/lib/puppet/provider/package/sun.rb +7 -7
data/lib/puppet/provider/package/up2date.rb +1 -1
data/lib/puppet/provider/package/yum.rb +2 -2
data/lib/puppet/provider/package/yumhelper.py +2 -2
data/lib/puppet/provider/port/parsed.rb +1 -1
data/lib/puppet/provider/selmodule/semodule.rb +3 -3
data/lib/puppet/provider/service/base.rb +21 -12
data/lib/puppet/provider/service/daemontools.rb +86 -49
data/lib/puppet/provider/service/debian.rb +20 -12
data/lib/puppet/provider/service/freebsd.rb +5 -5
data/lib/puppet/provider/service/gentoo.rb +2 -2
data/lib/puppet/provider/service/init.rb +21 -33
data/lib/puppet/provider/service/launchd.rb +120 -48
data/lib/puppet/provider/service/redhat.rb +12 -21
data/lib/puppet/provider/service/runit.rb +19 -9
data/lib/puppet/provider/service/smf.rb +49 -34
data/lib/puppet/provider/ssh_authorized_key/parsed.rb +34 -0
data/lib/puppet/provider/sshkey/parsed.rb +2 -2
data/lib/puppet/provider/user/directoryservice.rb +12 -29
data/lib/puppet/provider/user/hpux.rb +3 -3
data/lib/puppet/provider/user/ldap.rb +2 -2
data/lib/puppet/provider/zfs/solaris.rb +1 -1
data/lib/puppet/provider/zone/solaris.rb +4 -4
data/lib/puppet/provider/zpool/solaris.rb +3 -3
data/lib/puppet/rails.rb +9 -9
data/lib/puppet/rails/benchmark.rb +69 -0
data/lib/puppet/rails/database/001_add_created_at_to_all_tables.rb +5 -5
data/lib/puppet/rails/database/002_remove_duplicated_index_on_all_tables.rb +2 -2
data/lib/puppet/rails/database/003_add_environment_to_host.rb +1 -1
data/lib/puppet/rails/database/schema.rb +8 -8
data/lib/puppet/rails/fact_value.rb +1 -1
data/lib/puppet/rails/host.rb +211 -93
data/lib/puppet/rails/param_name.rb +5 -1
data/lib/puppet/rails/param_value.rb +29 -2
data/lib/puppet/rails/puppet_tag.rb +5 -0
data/lib/puppet/rails/resource.rb +120 -20
data/lib/puppet/rails/resource_tag.rb +1 -1
data/lib/puppet/rails/source_file.rb +1 -1
data/lib/puppet/reference/configuration.rb +14 -14
data/lib/puppet/reference/function.rb +1 -1
data/lib/puppet/reference/metaparameter.rb +48 -0
data/lib/puppet/reference/providers.rb +6 -6
data/lib/puppet/reference/type.rb +1 -37
data/lib/puppet/relationship.rb +57 -30
data/lib/puppet/reports/rrdgraph.rb +4 -4
data/lib/puppet/reports/store.rb +3 -3
data/lib/puppet/reports/tagmail.rb +15 -15
data/lib/puppet/resource.rb +265 -0
data/lib/puppet/{node → resource}/catalog.rb +188 -112
data/lib/puppet/{resource_reference.rb → resource/reference.rb} +46 -24
data/lib/puppet/simple_graph.rb +165 -27
data/lib/puppet/ssl.rb +7 -0
data/lib/puppet/ssl/base.rb +62 -0
data/lib/puppet/ssl/certificate.rb +34 -0
data/lib/puppet/ssl/certificate_authority.rb +298 -0
data/lib/puppet/ssl/certificate_authority/interface.rb +118 -0
data/lib/puppet/ssl/certificate_factory.rb +145 -0
data/lib/puppet/ssl/certificate_request.rb +51 -0
data/lib/puppet/ssl/certificate_revocation_list.rb +86 -0
data/lib/puppet/ssl/host.rb +271 -0
data/lib/puppet/ssl/inventory.rb +52 -0
data/lib/puppet/ssl/key.rb +56 -0
data/lib/puppet/sslcertificates.rb +6 -6
data/lib/puppet/sslcertificates/ca.rb +15 -15
data/lib/puppet/sslcertificates/certificate.rb +4 -4
data/lib/puppet/sslcertificates/inventory.rb +3 -3
data/lib/puppet/transaction.rb +113 -139
data/lib/puppet/transaction/change.rb +6 -6
data/lib/puppet/transaction/event.rb +1 -1
data/lib/puppet/transaction/report.rb +7 -1
data/lib/puppet/transportable.rb +28 -28
data/lib/puppet/type.rb +263 -688
data/lib/puppet/type/augeas.rb +3 -2
data/lib/puppet/type/component.rb +28 -95
data/lib/puppet/type/computer.rb +10 -10
data/lib/puppet/type/cron.rb +19 -14
data/lib/puppet/type/exec.rb +21 -20
data/lib/puppet/type/file.rb +306 -633
data/lib/puppet/type/file/checksum.rb +10 -11
data/lib/puppet/type/file/content.rb +83 -22
data/lib/puppet/type/file/ensure.rb +15 -9
data/lib/puppet/type/file/group.rb +7 -1
data/lib/puppet/type/file/mode.rb +1 -1
data/lib/puppet/type/file/owner.rb +9 -3
data/lib/puppet/type/file/selcontext.rb +4 -4
data/lib/puppet/type/file/source.rb +78 -179
data/lib/puppet/type/file/target.rb +3 -3
data/lib/puppet/type/file/type.rb +2 -2
data/lib/puppet/type/filebucket.rb +33 -54
data/lib/puppet/type/group.rb +8 -8
data/lib/puppet/type/host.rb +7 -7
data/lib/puppet/type/k5login.rb +2 -2
data/lib/puppet/type/macauthorization.rb +77 -52
data/lib/puppet/type/mailalias.rb +2 -2
data/lib/puppet/type/maillist.rb +2 -2
data/lib/puppet/type/mcx.rb +3 -3
data/lib/puppet/type/mount.rb +16 -11
data/lib/puppet/type/notify.rb +4 -4
data/lib/puppet/type/package.rb +6 -28
data/lib/puppet/type/port.rb +1 -1
data/lib/puppet/type/resources.rb +19 -19
data/lib/puppet/type/schedule.rb +18 -20
data/lib/puppet/type/selmodule.rb +1 -1
data/lib/puppet/type/service.rb +11 -7
data/lib/puppet/type/ssh_authorized_key.rb +26 -9
data/lib/puppet/type/sshkey.rb +2 -2
data/lib/puppet/type/tidy.rb +285 -289
data/lib/puppet/type/user.rb +9 -7
data/lib/puppet/type/yumrepo.rb +17 -16
data/lib/puppet/type/zone.rb +8 -7
data/lib/puppet/util.rb +11 -36
data/lib/puppet/util/autoload.rb +31 -19
data/lib/puppet/util/autoload/file_cache.rb +115 -0
data/lib/puppet/util/backups.rb +86 -0
data/lib/puppet/util/cacher.rb +135 -0
data/lib/puppet/util/checksums.rb +11 -1
data/lib/puppet/util/classgen.rb +1 -1
data/lib/puppet/util/config_store.rb +2 -2
data/lib/puppet/util/constant_inflector.rb +1 -1
data/lib/puppet/util/diff.rb +2 -2
data/lib/puppet/util/docs.rb +9 -3
data/lib/puppet/util/execution.rb +1 -1
data/lib/puppet/util/feature.rb +27 -20
data/lib/puppet/util/fileparsing.rb +3 -3
data/lib/puppet/util/filetype.rb +8 -6
data/lib/puppet/util/graph.rb +5 -5
data/lib/puppet/util/inifile.rb +5 -5
data/lib/puppet/util/json.rb +13 -0
data/lib/puppet/util/ldap/connection.rb +2 -2
data/lib/puppet/util/log.rb +48 -31
data/lib/puppet/util/metric.rb +4 -4
data/lib/puppet/util/monkey_patches.rb +43 -0
data/lib/puppet/util/nagios_maker.rb +1 -1
data/lib/puppet/util/package.rb +4 -4
data/lib/puppet/util/pidlock.rb +59 -59
data/lib/puppet/util/posix.rb +13 -52
data/lib/puppet/util/provider_features.rb +3 -3
data/lib/puppet/util/queue.rb +96 -0
data/lib/puppet/util/queue/stomp.rb +47 -0
data/lib/puppet/util/rails/cache_accumulator.rb +65 -0
data/lib/puppet/util/rails/collection_merger.rb +0 -39
data/lib/puppet/util/rails/reference_serializer.rb +17 -3
data/lib/puppet/util/rdoc.rb +1 -0
data/lib/puppet/util/rdoc/code_objects.rb +5 -1
data/lib/puppet/util/rdoc/generators/puppet_generator.rb +5 -5
data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +13 -13
data/lib/puppet/util/rdoc/parser.rb +28 -32
data/lib/puppet/util/reference.rb +29 -8
data/lib/puppet/util/resource_template.rb +1 -1
data/lib/puppet/util/selinux.rb +12 -6
data/lib/puppet/util/settings.rb +203 -578
data/lib/puppet/util/settings/boolean_setting.rb +33 -0
data/lib/puppet/util/settings/file_setting.rb +119 -0
data/lib/puppet/util/settings/setting.rb +110 -0
data/lib/puppet/util/subclass_loader.rb +1 -1
data/lib/puppet/util/suidmanager.rb +2 -2
data/lib/puppet/util/tagging.rb +1 -1
data/lib/puppet/util/warnings.rb +17 -9
data/man/man8/filebucket.8 +2 -2
data/man/man8/pi.8 +2 -2
data/man/man8/puppet.8 +3 -4
data/man/man8/puppet.conf.8 +63 -63
data/man/man8/puppetca.8 +2 -2
data/man/man8/puppetd.8 +2 -2
data/man/man8/puppetdoc.8 +2 -2
data/man/man8/puppetmasterd.8 +2 -2
data/man/man8/puppetrun.8 +2 -2
data/man/man8/ralsh.8 +3 -3
data/sbin/puppetca +102 -0
data/sbin/puppetd +159 -0
data/sbin/puppetmasterd +66 -0
data/sbin/puppetqd +53 -0
data/sbin/puppetrun +130 -0
data/spec/Rakefile +2 -2
data/spec/integration/application/puppet.rb +33 -0
data/spec/integration/bin/puppetmasterd.rb +110 -0
data/spec/integration/configurer.rb +18 -0
data/spec/integration/defaults.rb +158 -7
data/spec/integration/file_serving/content.rb +2 -0
data/spec/integration/file_serving/fileset.rb +14 -0
data/spec/integration/file_serving/metadata.rb +2 -0
data/spec/integration/file_serving/terminus_helper.rb +22 -0
data/spec/integration/indirector/catalog/compiler.rb +67 -0
data/spec/integration/indirector/catalog/queue.rb +61 -0
data/spec/integration/indirector/certificate/rest.rb +69 -0
data/spec/integration/indirector/certificate_request/rest.rb +89 -0
data/spec/integration/indirector/certificate_revocation_list/rest.rb +77 -0
data/spec/integration/indirector/direct_file_server.rb +16 -23
data/spec/integration/indirector/file_content/file_server.rb +75 -0
data/spec/integration/indirector/report/rest.rb +95 -0
data/spec/integration/indirector/rest.rb +207 -147
data/spec/integration/network/client.rb +19 -0
data/spec/integration/network/formats.rb +110 -0
data/spec/integration/network/handler.rb +25 -0
data/spec/integration/network/server/mongrel.rb +26 -8
data/spec/integration/network/server/webrick.rb +49 -11
data/spec/integration/node/environment.rb +58 -0
data/spec/integration/node/facts.rb +4 -2
data/spec/integration/parser/compiler.rb +29 -0
data/spec/integration/parser/functions/require.rb +67 -0
data/spec/integration/provider/mailalias/aliases.rb +25 -0
data/spec/integration/{node → resource}/catalog.rb +17 -10
data/spec/integration/ssl/certificate_authority.rb +135 -0
data/spec/integration/ssl/certificate_request.rb +59 -0
data/spec/integration/ssl/certificate_revocation_list.rb +42 -0
data/spec/integration/ssl/host.rb +90 -0
data/spec/integration/transaction.rb +66 -0
data/spec/integration/transaction/report.rb +2 -5
data/spec/integration/type.rb +22 -0
data/spec/integration/type/file.rb +458 -0
data/spec/integration/type/package.rb +1 -1
data/spec/integration/type/tidy.rb +27 -0
data/spec/integration/util/autoload.rb +114 -0
data/spec/integration/util/feature.rb +54 -0
data/spec/integration/util/file_locking.rb +2 -1
data/spec/integration/util/settings.rb +27 -0
data/spec/lib/puppet_spec/files.rb +9 -0
data/spec/monkey_patches/add_confine_and_runnable_to_rspec_dsl.rb +1 -0
data/spec/monkey_patches/alias_should_to_must.rb +1 -0
data/spec/shared_behaviours/file_server_terminus.rb +14 -11
data/spec/shared_behaviours/file_serving.rb +13 -17
data/spec/spec_helper.rb +22 -5
data/spec/unit/agent.rb +259 -0
data/spec/unit/agent/locker.rb +100 -0
data/spec/unit/agent/runner.rb +118 -0
data/spec/unit/application.rb +420 -0
data/spec/unit/application/filebucket.rb +220 -0
data/spec/unit/application/pi.rb +84 -0
data/spec/unit/application/puppet.rb +404 -0
data/spec/unit/application/puppetca.rb +142 -0
data/spec/unit/application/puppetd.rb +502 -0
data/spec/unit/application/puppetdoc.rb +345 -0
data/spec/unit/application/puppetmasterd.rb +456 -0
data/spec/unit/application/puppetqd.rb +186 -0
data/spec/unit/application/puppetrun.rb +279 -0
data/spec/unit/application/ralsh.rb +237 -0
data/spec/unit/configurer.rb +232 -0
data/spec/unit/configurer/downloader.rb +188 -0
data/spec/unit/configurer/fact_handler.rb +150 -0
data/spec/unit/configurer/plugin_handler.rb +112 -0
data/spec/unit/daemon.rb +287 -0
data/spec/unit/file_serving/{file_base.rb → base.rb} +39 -31
data/spec/unit/file_serving/configuration.rb +104 -93
data/spec/unit/file_serving/configuration/parser.rb +64 -18
data/spec/unit/file_serving/content.rb +65 -26
data/spec/unit/file_serving/fileset.rb +116 -14
data/spec/unit/file_serving/indirection_hooks.rb +34 -95
data/spec/unit/file_serving/metadata.rb +27 -40
data/spec/unit/file_serving/mount.rb +7 -118
data/spec/unit/file_serving/mount/file.rb +188 -0
data/spec/unit/file_serving/mount/modules.rb +63 -0
data/spec/unit/file_serving/mount/plugins.rb +61 -0
data/spec/unit/file_serving/terminus_helper.rb +39 -27
data/spec/unit/indirector.rb +6 -1
data/spec/unit/indirector/active_record.rb +76 -0
data/spec/unit/indirector/catalog/active_record.rb +122 -0
data/spec/unit/indirector/catalog/compiler.rb +222 -118
data/spec/unit/indirector/catalog/queue.rb +20 -0
data/spec/unit/indirector/catalog/rest.rb +11 -0
data/spec/unit/indirector/catalog/yaml.rb +6 -6
data/spec/unit/indirector/certificate/ca.rb +28 -0
data/spec/unit/indirector/certificate/file.rb +28 -0
data/spec/unit/indirector/certificate/rest.rb +23 -0
data/spec/unit/indirector/certificate_request/ca.rb +19 -0
data/spec/unit/indirector/certificate_request/file.rb +19 -0
data/spec/unit/indirector/certificate_request/rest.rb +23 -0
data/spec/unit/indirector/certificate_revocation_list/ca.rb +21 -0
data/spec/unit/indirector/certificate_revocation_list/file.rb +20 -0
data/spec/unit/indirector/certificate_revocation_list/rest.rb +23 -0
data/spec/unit/indirector/direct_file_server.rb +3 -8
data/spec/unit/indirector/exec.rb +6 -1
data/spec/unit/indirector/facts/active_record.rb +104 -0
data/spec/unit/indirector/facts/facter.rb +53 -12
data/spec/unit/indirector/facts/rest.rb +11 -0
data/spec/unit/indirector/file.rb +8 -1
data/spec/unit/indirector/file_metadata/file.rb +5 -5
data/spec/unit/indirector/file_server.rb +181 -98
data/spec/unit/indirector/indirection.rb +102 -38
data/spec/unit/indirector/key/ca.rb +28 -0
data/spec/unit/indirector/key/file.rb +104 -0
data/spec/unit/indirector/node/active_record.rb +34 -0
data/spec/unit/indirector/node/ldap.rb +1 -1
data/spec/unit/indirector/node/rest.rb +2 -2
data/spec/unit/indirector/queue.rb +123 -0
data/spec/unit/indirector/report/rest.rb +28 -0
data/spec/unit/indirector/request.rb +221 -0
data/spec/unit/indirector/rest.rb +343 -334
data/spec/unit/indirector/runner/rest.rb +11 -0
data/spec/unit/indirector/ssl_file.rb +280 -0
data/spec/unit/module.rb +180 -180
data/spec/unit/network/authconfig.rb +292 -0
data/spec/unit/network/authstore.rb +94 -0
data/spec/unit/network/client.rb +2 -2
data/spec/unit/network/client/dipper.rb +16 -0
data/spec/unit/network/format.rb +191 -0
data/spec/unit/network/format_handler.rb +306 -0
data/spec/unit/network/formats.rb +249 -0
data/spec/unit/network/handler/fileserver.rb +2 -5
data/spec/unit/network/http.rb +3 -3
data/spec/unit/network/http/api/v1.rb +122 -0
data/spec/unit/network/http/handler.rb +448 -0
data/spec/unit/network/http/mongrel.rb +46 -32
data/spec/unit/network/http/mongrel/rest.rb +174 -319
data/spec/unit/network/http/rack.rb +102 -0
data/spec/unit/network/http/rack/rest.rb +199 -0
data/spec/unit/network/http/rack/xmlrpc.rb +157 -0
data/spec/unit/network/http/webrick.rb +249 -37
data/spec/unit/network/http/webrick/rest.rb +113 -279
data/spec/unit/network/http_pool.rb +86 -110
data/spec/unit/network/rest_authconfig.rb +146 -0
data/spec/unit/network/rest_authorization.rb +43 -0
data/spec/unit/network/rights.rb +519 -0
data/spec/unit/network/server.rb +475 -257
data/spec/unit/node.rb +43 -10
data/spec/unit/node/environment.rb +143 -9
data/spec/unit/node/facts.rb +77 -24
data/spec/unit/other/selinux.rb +85 -0
data/spec/unit/other/transbucket.rb +29 -13
data/spec/unit/other/transobject.rb +35 -15
data/spec/unit/parameter.rb +378 -5
data/spec/unit/parser/ast.rb +1 -1
data/spec/unit/parser/ast/arithmetic_operator.rb +17 -17
data/spec/unit/parser/ast/astarray.rb +16 -10
data/spec/unit/parser/ast/boolean_operator.rb +2 -2
data/spec/unit/parser/ast/casestatement.rb +143 -0
data/spec/unit/parser/ast/collection.rb +63 -0
data/spec/unit/parser/ast/collexpr.rb +31 -8
data/spec/unit/parser/ast/comparison_operator.rb +9 -9
data/spec/unit/parser/ast/definition.rb +18 -0
data/spec/unit/parser/ast/function.rb +6 -0
data/spec/unit/parser/ast/ifstatement.rb +75 -0
data/spec/unit/parser/ast/leaf.rb +261 -0
data/spec/unit/parser/ast/match_operator.rb +50 -0
data/spec/unit/parser/ast/minus.rb +1 -1
data/spec/unit/parser/ast/node.rb +20 -0
data/spec/unit/parser/ast/not.rb +1 -1
data/spec/unit/parser/ast/resource_override.rb +5 -5
data/spec/unit/parser/ast/resource_reference.rb +11 -5
data/spec/unit/parser/ast/selector.rb +156 -0
data/spec/unit/parser/ast/vardef.rb +11 -11
data/spec/unit/parser/collector.rb +167 -48
data/spec/unit/parser/compiler.rb +128 -104
data/spec/unit/parser/files.rb +190 -0
data/spec/unit/parser/functions/inline_template.rb +0 -0
data/spec/unit/parser/functions/regsubst.rb +42 -42
data/spec/unit/parser/functions/require.rb +36 -0
data/spec/unit/parser/functions/shellquote.rb +92 -0
data/spec/unit/parser/functions/split.rb +51 -0
data/spec/unit/parser/functions/sprintf.rb +11 -11
data/spec/unit/parser/functions/template.rb +0 -0
data/spec/unit/parser/functions/versioncmp.rb +2 -2
data/spec/unit/parser/interpreter.rb +16 -7
data/spec/unit/parser/lexer.rb +72 -12
data/spec/unit/parser/loaded_code.rb +198 -0
data/spec/unit/parser/parser.rb +215 -28
data/spec/unit/parser/resource.rb +131 -22
data/spec/unit/parser/scope.rb +207 -12
data/spec/unit/parser/templatewrapper.rb +8 -3
data/spec/unit/property.rb +270 -16
data/spec/unit/property/list.rb +12 -6
data/spec/unit/provider.rb +31 -0
data/spec/unit/provider/augeas/augeas.rb +61 -33
data/spec/unit/provider/macauthorization.rb +29 -29
data/spec/unit/provider/mcx/mcxcontent.rb +4 -4
data/spec/unit/provider/mount/parsed.rb +5 -8
data/spec/unit/provider/naginator.rb +0 -0
data/spec/unit/provider/package/apt.rb +6 -6
data/spec/unit/provider/package/pkgdmg.rb +73 -0
data/spec/unit/provider/selboolean.rb +1 -1
data/spec/unit/provider/selmodule.rb +2 -2
data/spec/unit/provider/service/daemontools.rb +40 -15
data/spec/unit/provider/service/debian.rb +89 -0
data/spec/unit/provider/service/init.rb +106 -0
data/spec/unit/provider/service/launchd.rb +71 -13
data/spec/unit/provider/service/redhat.rb +94 -0
data/spec/unit/provider/service/runit.rb +14 -2
data/spec/unit/provider/ssh_authorized_key/parsed.rb +66 -2
data/spec/unit/provider/user/ldap.rb +1 -1
data/spec/unit/provider/user/user_role_add.rb +1 -1
data/spec/unit/provider/zfs/solaris.rb +18 -6
data/spec/unit/provider/zone/solaris.rb +1 -1
data/spec/unit/rails.rb +16 -22
data/spec/unit/rails/host.rb +163 -0
data/spec/unit/rails/param_value.rb +49 -0
data/spec/unit/rails/resource.rb +87 -0
data/spec/unit/relationship.rb +141 -29
data/spec/unit/resource.rb +504 -0
data/spec/unit/resource/catalog.rb +1061 -0
data/spec/unit/resource/reference.rb +111 -0
data/spec/unit/simple_graph.rb +448 -191
data/spec/unit/ssl/certificate.rb +124 -0
data/spec/unit/ssl/certificate_authority.rb +741 -0
data/spec/unit/ssl/certificate_authority/interface.rb +269 -0
data/spec/unit/ssl/certificate_factory.rb +107 -0
data/spec/unit/ssl/certificate_request.rb +193 -0
data/spec/unit/ssl/certificate_revocation_list.rb +180 -0
data/spec/unit/ssl/host.rb +704 -0
data/spec/unit/ssl/inventory.rb +180 -0
data/spec/unit/ssl/key.rb +198 -0
data/spec/unit/transaction.rb +65 -2
data/spec/unit/transaction/change.rb +1 -1
data/spec/unit/transaction/report.rb +1 -1
data/spec/unit/type.rb +361 -8
data/spec/unit/type/augeas.rb +30 -37
data/spec/unit/type/component.rb +63 -0
data/spec/unit/type/computer.rb +17 -21
data/spec/unit/type/exec.rb +27 -2
data/spec/unit/type/file.rb +704 -83
data/spec/unit/type/file/content.rb +253 -15
data/spec/unit/type/file/ensure.rb +65 -2
data/spec/unit/type/file/group.rb +5 -0
data/spec/unit/type/file/owner.rb +5 -0
data/spec/unit/type/file/selinux.rb +12 -16
data/spec/unit/type/file/source.rb +264 -0
data/spec/unit/type/filebucket.rb +74 -0
data/spec/unit/type/group.rb +1 -5
data/spec/unit/type/macauthorization.rb +59 -26
data/spec/unit/type/mcx.rb +8 -16
data/spec/unit/type/mount.rb +8 -16
data/spec/unit/type/noop_metaparam.rb +0 -2
data/spec/unit/type/package.rb +13 -23
data/spec/unit/type/resources.rb +4 -7
data/spec/unit/type/schedule.rb +1 -7
data/spec/unit/type/selboolean.rb +4 -6
data/spec/unit/type/service.rb +23 -33
data/spec/unit/type/ssh_authorized_key.rb +25 -14
data/spec/unit/type/tidy.rb +329 -21
data/spec/unit/type/user.rb +18 -10
data/spec/unit/type/zfs.rb +6 -6
data/spec/unit/util/autoload.rb +94 -3
data/spec/unit/util/autoload/file_cache.rb +183 -0
data/spec/unit/util/backups.rb +159 -0
data/spec/unit/util/cache_accumulator.rb +69 -0
data/spec/unit/util/cacher.rb +185 -0
data/spec/unit/util/checksums.rb +9 -1
data/spec/unit/util/feature.rb +72 -0
data/spec/unit/util/filetype.rb +1 -11
data/spec/unit/util/json.rb +21 -0
data/spec/unit/util/log.rb +45 -0
data/spec/unit/util/package.rb +2 -2
data/spec/unit/util/queue.rb +88 -0
data/spec/unit/util/queue/stomp.rb +140 -0
data/spec/unit/util/reference_serializer.rb +52 -0
data/spec/unit/util/selinux.rb +5 -3
data/spec/unit/util/settings.rb +413 -264
data/spec/unit/util/settings/file_setting.rb +223 -0
data/spec/unit/util/storage.rb +11 -11
data/spec/unit/util/warnings.rb +21 -17
data/test/Rakefile +6 -5
data/test/certmgr/ca.rb +5 -5
data/test/certmgr/certmgr.rb +4 -4
data/test/data/providers/cron/crontab.allthree +2 -2
data/test/data/providers/cron/crontab.envNcomment +1 -1
data/test/data/providers/cron/crontab.envNname +1 -1
data/test/data/providers/cron/crontab.multirecords +1 -1
data/test/data/providers/cron/crontab_collections.yaml +14 -14
data/test/data/providers/cron/crontab_multiple_with_env.yaml +6 -6
data/test/data/providers/cron/crontab_sample_records.yaml +102 -102
data/test/data/providers/mailalias/aliases/test1 +28 -0
data/test/data/providers/package/testpackages.yaml +6 -6
data/test/data/reports/1.yaml +17 -17
data/test/data/reports/tagmail_passers.conf +2 -2
data/test/data/snippets/append.pp +5 -5
data/test/data/snippets/casestatement.pp +9 -2
data/test/data/snippets/classincludes.pp +1 -1
data/test/data/snippets/collection_override.pp +8 -0
data/test/data/snippets/fqparents.pp +2 -2
data/test/data/snippets/ifexpression.pp +12 -0
data/test/data/snippets/multilinecomments.pp +5 -1
data/test/data/snippets/selectorvalues.pp +7 -0
data/test/data/types/hosts/1 +1 -1
data/test/data/types/hosts/2 +3 -3
data/test/data/types/hosts/solaris +2 -2
data/test/data/types/mount/freebsd.fstab +7 -7
data/test/data/types/mount/solaris.fstab +10 -10
data/test/data/types/port/1 +472 -472
data/test/data/types/port/darwin +4347 -4347
data/test/language/ast.rb +3 -2
data/test/language/ast/casestatement.rb +12 -12
data/test/language/ast/resource.rb +4 -4
data/test/language/ast/resource_reference.rb +5 -5
data/test/language/ast/selector.rb +11 -11
data/test/language/ast/variable.rb +4 -4
data/test/language/functions.rb +16 -16
data/test/language/parser.rb +89 -111
data/test/language/resource.rb +3 -88
data/test/language/scope.rb +14 -55
data/test/language/snippets.rb +31 -31
data/test/lib/puppettest.rb +12 -12
data/test/lib/puppettest/certificates.rb +2 -2
data/test/lib/puppettest/exetest.rb +0 -1
data/test/lib/puppettest/fakes.rb +1 -1
data/test/lib/puppettest/parsertesting.rb +9 -4
data/test/lib/puppettest/railstesting.rb +3 -3
data/test/lib/puppettest/servertest.rb +1 -1
data/test/lib/puppettest/support/assertions.rb +2 -2
data/test/lib/puppettest/support/collection.rb +1 -1
data/test/lib/puppettest/support/resources.rb +7 -7
data/test/lib/puppettest/support/utils.rb +10 -16
data/test/lib/puppettest/testcase.rb +2 -1
data/test/network/authconfig.rb +1 -1
data/test/network/authorization.rb +1 -1
data/test/network/authstore.rb +57 -14
data/test/network/client/ca.rb +1 -0
data/test/network/client/resource.rb +12 -50
data/test/network/client_request.rb +1 -1
data/test/network/handler/bucket.rb +2 -2
data/test/network/handler/fileserver.rb +17 -21
data/test/network/handler/master.rb +5 -5
data/test/network/handler/report.rb +3 -3
data/test/network/handler/resource.rb +29 -75
data/test/network/handler/runner.rb +8 -58
data/test/network/rights.rb +1 -1
data/test/network/server/mongrel_test.rb +15 -1
data/test/network/server/webrick.rb +0 -36
data/test/network/xmlrpc/webrick_servlet.rb +5 -5
data/test/other/dsl.rb +3 -3
data/test/other/events.rb +15 -15
data/test/other/puppet.rb +2 -32
data/test/other/relationships.rb +21 -148
data/test/other/report.rb +20 -23
data/test/other/transactions.rb +110 -298
data/test/puppet/defaults.rb +1 -1
data/test/puppet/tc_suidmanager.rb +1 -1
data/test/rails/railsparameter.rb +4 -4
data/test/ral/manager/attributes.rb +12 -68
data/test/ral/manager/instances.rb +3 -19
data/test/ral/manager/manager.rb +7 -7
data/test/ral/manager/provider.rb +7 -7
data/test/ral/manager/type.rb +54 -349
data/test/ral/providers/cron/crontab.rb +14 -14
data/test/ral/providers/group.rb +5 -6
data/test/ral/providers/host/parsed.rb +3 -3
data/test/ral/providers/mailalias/aliases.rb +4 -4
data/test/ral/providers/package.rb +3 -3
data/test/ral/providers/package/aptitude.rb +55 -55
data/test/ral/providers/package/aptrpm.rb +7 -7
data/test/ral/providers/parsedfile.rb +10 -14
data/test/ral/providers/port/parsed.rb +6 -6
data/test/ral/providers/provider.rb +10 -10
data/test/ral/providers/service/base.rb +32 -32
data/test/ral/providers/sshkey/parsed.rb +14 -14
data/test/ral/providers/user.rb +16 -17
data/test/ral/providers/user/useradd.rb +19 -22
data/test/ral/type/cron.rb +21 -28
data/test/ral/type/exec.rb +57 -60
data/test/ral/type/file.rb +88 -862
data/test/ral/type/file/target.rb +21 -70
data/test/ral/type/fileignoresource.rb +37 -44
data/test/ral/type/filesources.rb +43 -473
data/test/ral/type/group.rb +6 -7
data/test/ral/type/host.rb +14 -30
data/test/ral/type/mailalias.rb +3 -3
data/test/ral/type/port.rb +5 -5
data/test/ral/type/resources.rb +37 -37
data/test/ral/type/service.rb +3 -3
data/test/ral/type/sshkey.rb +34 -39
data/test/ral/type/user.rb +15 -14
data/test/ral/type/yumrepo.rb +18 -17
data/test/ral/type/zone.rb +4 -6
data/test/test +9 -9
data/test/util/fileparsing.rb +10 -10
data/test/util/inifile.rb +6 -6
data/test/util/instance_loader.rb +1 -1
data/test/util/log.rb +2 -2
data/test/util/metrics.rb +1 -6
data/test/util/package.rb +1 -1
data/test/util/pidlock.rb +116 -116
data/test/util/settings.rb +40 -429
data/test/util/storage.rb +5 -5
data/test/util/subclass_loader.rb +0 -7
data/test/util/utiltest.rb +10 -29
metadata +1369 -941
data/bin/puppetca +0 -363
data/bin/puppetd +0 -439
data/bin/puppetmasterd +0 -289
data/bin/puppetrun +0 -369
data/conf/redhat/lsb-config.patch +0 -51
data/conf/redhat/no-chuser-0.15.1.patch +0 -38
data/conf/redhat/no-lockdir.patch +0 -13
data/examples/mac_netinfo.pp +0 -5
data/ext/passenger/README +0 -63
data/ext/passenger/apache2.conf +0 -29
data/ext/passenger/config.ru +0 -40
data/lib/puppet/config_stores/rest.rb +0 -60
data/lib/puppet/executables/client/certhandler.rb +0 -82
data/lib/puppet/indirector/file_content/modules.rb +0 -11
data/lib/puppet/indirector/file_metadata/modules.rb +0 -17
data/lib/puppet/indirector/module_files.rb +0 -82
data/lib/puppet/indirector/ssl_rsa.rb +0 -5
data/lib/puppet/indirector/ssl_rsa/file.rb +0 -33
data/lib/puppet/network/client/master.rb +0 -524
data/lib/puppet/network/http_server/rack.rb +0 -148
data/lib/puppet/pgraph.rb +0 -121
data/lib/puppet/provider/group/netinfo.rb +0 -15
data/lib/puppet/provider/host/netinfo.rb +0 -19
data/lib/puppet/provider/mount/netinfo.rb +0 -37
data/lib/puppet/provider/nameservice/netinfo.rb +0 -224
data/lib/puppet/provider/user/netinfo.rb +0 -111
data/lib/puppet/util/fact_store.rb +0 -59
data/lib/puppet/util/uri_helper.rb +0 -22
data/spec/integration/file_serving/configuration.rb +0 -43
data/spec/integration/indirector/module_files.rb +0 -57
data/spec/unit/executables/client/certhandler.rb +0 -135
data/spec/unit/indirector/file_content/modules.rb +0 -18
data/spec/unit/indirector/file_metadata/modules.rb +0 -42
data/spec/unit/indirector/module_files.rb +0 -259
data/spec/unit/indirector/ssl_rsa/file.rb +0 -121
data/spec/unit/network/client/master.rb +0 -442
data/spec/unit/node/catalog.rb +0 -865
data/spec/unit/other/pgraph.rb +0 -210
data/spec/unit/resource_reference.rb +0 -73
data/spec/unit/util/uri_helper.rb +0 -41
data/test/data/snippets/ifexpression.rb +0 -6
data/test/executables/filebucket.rb +0 -51
data/test/executables/puppetbin.rb +0 -104
data/test/executables/puppetca.rb +0 -115
data/test/executables/puppetd.rb +0 -55
data/test/executables/puppetmasterd.rb +0 -147
data/test/network/client/client.rb +0 -195
data/test/network/client/master.rb +0 -490
data/test/network/daemon.rb +0 -70
data/test/network/handler/handler.rb +0 -63
data/test/other/overrides.rb +0 -107
data/test/puppet/conffiles.rb +0 -107
data/test/rails/ast.rb +0 -73
data/test/rails/configuration.rb +0 -71
data/test/rails/host.rb +0 -154
data/test/rails/railsresource.rb +0 -251
data/test/ral/providers/host/netinfo.rb +0 -56
data/test/ral/providers/mount/netinfo.rb +0 -79
data/test/ral/type/basic.rb +0 -85
data/test/ral/type/filebucket.rb +0 -157
data/test/ral/type/parameter.rb +0 -174
data/test/ral/type/property.rb +0 -388
data/test/ral/type/tidy.rb +0 -291
data/test/util/autoload.rb +0 -145
data/test/util/features.rb +0 -95

data/lib/puppet/network/http/webrick/rest.rb CHANGED

@@ -1,4 +1,5 @@
 require 'puppet/network/http/handler'
+require 'resolv'
 class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet
@@ -10,9 +11,10 @@ class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet
         initialize_for_puppet(:server => server, :handler => handler)
     end
-    # We had to expose this method for testing purposes.
+    # Retrieve the request parameters, including authentication information.
     def params(request)
         result = request.query
+        result = decode_params(result)
         result.merge(client_information(request))
     end
@@ -21,29 +23,38 @@ class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet
         process(request, response)
     end
-  private
+    def accept_header(request)
+        request["accept"]
+    end
+    def content_type_header(request)
+        request["content-type"]
+    end
     def http_method(request)
         request.request_method
     end
     def path(request)
-        # LAK:NOTE See http://snurl.com/21zf8  [groups_google_com]
-        x = '/' + request.path.split('/')[1]
-    end
-    def request_key(request)
-        # LAK:NOTE See http://snurl.com/21zf8  [groups_google_com]
-        x = request.path.split('/')[2]
+        request.path
     end
     def body(request)
         request.body
     end
-    def encode_result(request, response, result, status = 200)
+    # Set the specified format as the content type of the response.
+    def set_content_type(response, format)
+        response["content-type"] = format_to_mime(format)
+    end
+    def set_response(response, result, status = 200)
         response.status = status
-        response.body = result
+        if status >= 200 and status < 300
+            response.body = result
+        else
+            response.reason_phrase = result
+        end
     end
     # Retrieve node/cert/ip information from the request object.
@@ -60,6 +71,8 @@ class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet
         if cert = request.client_cert and nameary = cert.subject.to_a.find { |ary| ary[0] == "CN" }
             result[:node] = nameary[1]
             result[:authenticated] = true
+        else
+            result[:node] = resolve_node(result)
         end
         result

data/lib/puppet/network/http_pool.rb CHANGED

@@ -1,11 +1,24 @@
-require 'puppet/sslcertificates/support'
+require 'puppet/ssl/host'
 require 'net/https'
+require 'puppet/util/cacher'
-module Puppet::Network
-end
+module Puppet::Network; end
 # Manage Net::HTTP instances for keep-alive.
 module Puppet::Network::HttpPool
+    class << self
+        include Puppet::Util::Cacher
+        private
+        cached_attr(:http_cache) { Hash.new }
+    end
+    # Use the global localhost instance.
+    def self.ssl_host
+        Puppet::SSL::Host.localhost
+    end
     # 2008/03/23
     # LAK:WARNING: Enabling this has a high propability of
     # causing corrupt files and who knows what else.  See #1010.
@@ -15,18 +28,12 @@ module Puppet::Network::HttpPool
         HTTP_KEEP_ALIVE
     end
-    # This handles reading in the key and such-like.
-    extend Puppet::SSLCertificates::Support
-    @http_cache = {}
     # Clear our http cache, closing all connections.
     def self.clear_http_instances
-        @http_cache.each do |name, connection|
+        http_cache.each do |name, connection|
             connection.finish if connection.started?
         end
-        @http_cache.clear
-        @cert = nil
-        @key = nil
+        Puppet::Util::Cacher.expire
     end
     # Make sure we set the driver up when we read the cert in.
@@ -44,20 +51,16 @@ module Puppet::Network::HttpPool
     # Use cert information from a Puppet client to set up the http object.
     def self.cert_setup(http)
         # Just no-op if we don't have certs.
-        return false unless (defined?(@cert) and @cert) or self.read_cert
-        store = OpenSSL::X509::Store.new
-        store.add_file Puppet[:localcacert]
-        store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
+        return false unless FileTest.exist?(Puppet[:hostcert]) and FileTest.exist?(Puppet[:localcacert])
-        http.cert_store = store
+        http.cert_store = ssl_host.ssl_store
         http.ca_file = Puppet[:localcacert]
-        http.cert = self.cert
+        http.cert = ssl_host.certificate.content
         http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        http.key = self.key
+        http.key = ssl_host.key.content
     end
-    # Retrieve a cached http instance of caching is enabled, else return
+    # Retrieve a cached http instance if caching is enabled, else return
     # a new one.
     def self.http_instance(host, port, reset = false)
         # We overwrite the uninitialized @http here with a cached one.
@@ -66,11 +69,11 @@ module Puppet::Network::HttpPool
         # Return our cached instance if we've got a cache, as long as we're not
         # resetting the instance.
         if keep_alive?
-            return @http_cache[key] if ! reset and @http_cache[key]
+            return http_cache[key] if ! reset and http_cache[key]
             # Clean up old connections if we have them.
-            if http = @http_cache[key]
-                @http_cache.delete(key)
+            if http = http_cache[key]
+                http_cache.delete(key)
                 http.finish if http.started?
             end
         end
@@ -92,15 +95,11 @@ module Puppet::Network::HttpPool
         http.read_timeout = Puppet[:configtimeout]
         http.open_timeout = Puppet[:configtimeout]
         # JJM Configurable fix for #896.
-        if Puppet[:http_enable_post_connection_check]
-            http.enable_post_connection_check = true
-        else
-            http.enable_post_connection_check = false
-        end
+        http.enable_post_connection_check = Puppet[:http_enable_post_connection_check]
         cert_setup(http)
-        @http_cache[key] = http if keep_alive?
+        http_cache[key] = http if keep_alive?
         return http
     end

data/lib/puppet/network/http_server/mongrel.rb CHANGED

@@ -3,7 +3,7 @@
 # Author:     Manuel Holtgrewe <purestorm at ggnore.net>
 #
 # Copyright (c) 2006 Manuel Holtgrewe, 2007 Luke Kanies
-#
+#
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
 # "Software"), to deal in the Software without restriction, including
@@ -11,10 +11,10 @@
 # distribute, sublicense, and/or sell copies of the Software, and to
 # permit persons to whom the Software is furnished to do so, subject to
 # the following conditions:
-#
+#
 # The above copyright notice and this permission notice shall be
 # included in all copies or substantial portions of the Software.
-#
+#
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
@@ -34,7 +34,6 @@ require 'puppet/network/xmlrpc/server'
 require 'puppet/network/http_server'
 require 'puppet/network/client_request'
 require 'puppet/network/handler'
-require 'puppet/daemon'
 require 'resolv'
@@ -51,7 +50,6 @@ require 'resolv'
 # </pre>
 module Puppet::Network
     class HTTPServer::Mongrel < ::Mongrel::HttpHandler
-        include Puppet::Daemon
         attr_reader :xmlrpc_server
         def initialize(handlers)
@@ -64,11 +62,11 @@ module Puppet::Network
             # behaviour and we have to subclass Mongrel::HttpHandler so our handler
             # works for Mongrel.
             @xmlrpc_server = Puppet::Network::XMLRPCServer.new
-            handlers.each do |name, args|
+            handlers.each do |name|
                 unless handler = Puppet::Network::Handler.handler(name)
                     raise ArgumentError, "Invalid handler %s" % name
                 end
-                @xmlrpc_server.add_handler(handler.interface, handler.new(args))
+                @xmlrpc_server.add_handler(handler.interface, handler.new({}))
             end
         end
@@ -115,12 +113,12 @@ module Puppet::Network
                 end
             end
         end
         private
         def client_info(request)
             params = request.params
-            ip = params["REMOTE_ADDR"]
+            ip = params["HTTP_X_FORWARDED_FOR"] ? params["HTTP_X_FORWARDED_FOR"].split(',').last.strip : params["REMOTE_ADDR"]
             # JJM #906 The following dn.match regular expression is forgiving
             # enough to match the two Distinguished Name string contents
             # coming from Apache, Pound or other reverse SSL proxies.
@@ -146,7 +144,7 @@ module Puppet::Network
         def parse_content_type(str)
             a, *b = str.split(";")
             return a.strip, *b
-        end
+        end
     end
 end

data/lib/puppet/network/http_server/webrick.rb CHANGED

@@ -1,5 +1,4 @@
 require 'puppet'
-require 'puppet/daemon'
 require 'webrick'
 require 'webrick/https'
 require 'fcntl'
@@ -16,11 +15,10 @@ module Puppet
         # The old-school, pure ruby webrick server, which is the default serving
         # mechanism.
         class HTTPServer::WEBrick < WEBrick::HTTPServer
-            include Puppet::Daemon
             include Puppet::SSLCertificates::Support
             # Read the CA cert and CRL and populate an OpenSSL::X509::Store
-            # with them, with flags appropriate for checking client
+            # with them, with flags appropriate for checking client
             # certificates for revocation
             def x509store
                 if Puppet[:cacrl] == 'false'

data/lib/puppet/network/rest_authconfig.rb ADDED

@@ -0,0 +1,89 @@
+require 'puppet/network/authconfig'
+module Puppet
+    class Network::RestAuthConfig < Network::AuthConfig
+        attr_accessor :rights
+        DEFAULT_ACL = [
+            { :acl => "~ ^\/catalog\/([^\/]+)$", :method => :find, :allow => '$1', :authenticated => true },
+            # this one will allow all file access, and thus delegate
+            # to fileserver.conf
+            { :acl => "/file" },
+            { :acl => "/certificate_revocation_list/ca", :method => :find, :authenticated => true },
+            { :acl => "/report", :method => :save, :authenticated => true },
+            { :acl => "/certificate/ca", :method => :find, :authenticated => false },
+            { :acl => "/certificate/", :method => :find, :authenticated => false },
+            { :acl => "/certificate_request", :method => [:find, :save], :authenticated => false },
+        ]
+        def self.main
+            add_acl = @main.nil?
+            super
+            @main.insert_default_acl if add_acl and !@main.exists?
+            @main
+        end
+        # check wether this request is allowed in our ACL
+        # raise an Puppet::Network::AuthorizedError if the request
+        # is denied.
+        def allowed?(request)
+            read()
+            # we're splitting the request in part because
+            # fail_on_deny could as well be called in the XMLRPC context
+            # with a ClientRequest.
+            @rights.fail_on_deny(build_uri(request),
+                                    :node => request.node,
+                                    :ip => request.ip,
+                                    :method => request.method,
+                                    :environment => request.environment,
+                                    :authenticated => request.authenticated)
+        end
+        def initialize(file = nil, parsenow = true)
+            super(file || Puppet[:rest_authconfig], parsenow)
+            # if we didn't read a file (ie it doesn't exist)
+            # make sure we can create some default rights
+            @rights ||= Puppet::Network::Rights.new
+        end
+        def parse()
+            super()
+            insert_default_acl
+        end
+        # force regular ACLs to be present
+        def insert_default_acl
+            DEFAULT_ACL.each do |acl|
+                unless rights[acl[:acl]]
+                    Puppet.info "Inserting default '#{acl[:acl]}'(%s) acl because %s" % [acl[:authenticated] ? "auth" : "non-auth" , ( !exists? ? "#{Puppet[:rest_authconfig]} doesn't exist" : "none where found in '#{@file}'")]
+                    mk_acl(acl)
+                end
+            end
+            # queue an empty (ie deny all) right for every other path
+            # actually this is not strictly necessary as the rights system
+            # denies not explicitely allowed paths
+            unless rights["/"]
+                rights.newright("/")
+                rights.restrict_authenticated("/", :any)
+            end
+        end
+        def mk_acl(acl)
+            @rights.newright(acl[:acl])
+            @rights.allow(acl[:acl], acl[:allow] || "*")
+            if method = acl[:method]
+                method = [method] unless method.is_a?(Array)
+                method.each { |m| @rights.restrict_method(acl[:acl], m) }
+            end
+            @rights.restrict_authenticated(acl[:acl], acl[:authenticated]) unless acl[:authenticated].nil?
+        end
+        def build_uri(request)
+            "/#{request.indirection_name}/#{request.key}"
+        end
+    end
+end

data/lib/puppet/network/rest_authorization.rb ADDED

@@ -0,0 +1,25 @@
+require 'puppet/network/client_request'
+require 'puppet/network/rest_authconfig'
+module Puppet::Network
+    module RestAuthorization
+        # Create our config object if necessary. If there's no configuration file
+        # we install our defaults
+        def authconfig
+            unless defined? @authconfig
+                @authconfig = Puppet::Network::RestAuthConfig.main
+            end
+            @authconfig
+        end
+        # Verify that our client has access.
+        def check_authorization(request)
+            authconfig.allowed?(request)
+        end
+    end
+end

data/lib/puppet/network/rights.rb CHANGED

@@ -1,15 +1,22 @@
-require 'ipaddr'
 require 'puppet/network/authstore'
+require 'puppet/error'
+module Puppet::Network
+# this exception is thrown when a request is not authenticated
+class AuthorizationError < Puppet::Error; end
 # Define a set of rights and who has access to them.
-class Puppet::Network::Rights < Hash
+# There are two types of rights:
+#  * named rights (ie a common string)
+#  * path based rights (which are matched on a longest prefix basis)
+class Rights
     # We basically just proxy directly to our rights.  Each Right stores
     # its own auth abilities.
-    [:allow, :allowed?, :deny].each do |method|
+    [:allow, :deny, :restrict_method, :restrict_environment, :restrict_authenticated].each do |method|
         define_method(method) do |name, *args|
-            name = name.intern if name.is_a? String
-            if obj = right(name)
+            if obj = self[name]
                 obj.send(method, *args)
             else
                 raise ArgumentError, "Unknown right '%s'" % name
@@ -17,45 +24,139 @@ class Puppet::Network::Rights < Hash
         end
     end
-    def [](name)
-        name = name.intern if name.is_a? String
-        super(name)
+    # Check that name is allowed or not
+    def allowed?(name, *args)
+        begin
+            fail_on_deny(name, :node => args[0], :ip => args[1])
+        rescue AuthorizationError
+            return false
+        rescue ArgumentError
+            # the namespace contract says we should raise this error
+            # if we didn't find the right acl
+            raise
+        end
+        return true
     end
-    # Define a new right to which access can be provided.
-    def newright(name)
-        name = name.intern if name.is_a? String
-        shortname = Right.shortname(name)
-        if self.include? name
-            raise ArgumentError, "Right '%s' is already defined" % name
+    def fail_on_deny(name, args = {})
+        res = :nomatch
+        right = @rights.find do |acl|
+            found = false
+            # an acl can return :dunno, which means "I'm not qualified to answer your question,
+            # please ask someone else". This is used when for instance an acl matches, but not for the
+            # current rest method, where we might think some other acl might be more specific.
+            if match = acl.match?(name)
+                args[:match] = match
+                if (res = acl.allowed?(args[:node], args[:ip], args)) != :dunno
+                    # return early if we're allowed
+                    return if res
+                    # we matched, select this acl
+                    found = true
+                end
+            end
+            found
+        end
+        # if we end here, then that means we either didn't match
+        # or failed, in any case will throw an error to the outside world
+        if name =~ /^\// or right
+            # we're a patch ACL, let's fail
+            msg = "%s access to %s [%s]" % [ (args[:node].nil? ? args[:ip] : "#{args[:node]}(#{args[:ip]})"), name, args[:method] ]
+            msg += " authenticated " if args[:authenticated]
+            error = AuthorizationError.new("Forbidden request: " + msg)
+            if right
+                error.file = right.file
+                error.line = right.line
+            end
+            Puppet.warning("Denying access: " + error.to_s)
         else
-            self[name] = Right.new(name, shortname)
+            # there were no rights allowing/denying name
+            # if name is not a path, let's throw
+            error = ArgumentError.new "Unknown namespace right '%s'" % name
         end
+        raise error
+    end
+    def initialize()
+        @rights = []
+    end
+    def [](name)
+        @rights.find { |acl| acl == name }
+    end
+    def include?(name)
+        @rights.include?(name)
+    end
+    def each
+        @rights.each { |r| yield r.name,r }
+    end
+    # Define a new right to which access can be provided.
+    def newright(name, line=nil, file=nil)
+        add_right( Right.new(name, line, file) )
     end
     private
+    def add_right(right)
+        if right.acl_type == :name and include?(right.key)
+            raise ArgumentError, "Right '%s' already exists"
+        end
+        @rights << right
+        sort_rights
+        right
+    end
+    def sort_rights
+        @rights.sort!
+    end
     # Retrieve a right by name.
     def right(name)
-        name = name.intern if name.is_a? String
         self[name]
     end
     # A right.
     class Right < Puppet::Network::AuthStore
-        attr_accessor :name, :shortname
+        include Puppet::FileCollection::Lookup
-        Puppet::Util.logmethods(self, true)
+        attr_accessor :name, :key, :acl_type
+        attr_accessor :methods, :environment, :authentication
-        def self.shortname(name)
-            name.to_s[0..0]
-        end
+        ALL = [:save, :destroy, :find, :search]
-        def initialize(name, shortname = nil)
+        Puppet::Util.logmethods(self, true)
+        def initialize(name, line, file)
+            @methods = []
+            @environment = []
+            @authentication = true # defaults to authenticated
             @name = name
-            @shortname = shortname
-            unless @shortname
-                @shortname = Right.shortname(name)
+            @line = line || 0
+            @file = file
+            case name
+            when Symbol
+                @acl_type = :name
+                @key = name
+            when /^\[(.+)\]$/
+                @acl_type = :name
+                @key = $1.intern if name.is_a?(String)
+            when /^\//
+                @acl_type = :regex
+                @key = Regexp.new("^" + Regexp.escape(name))
+                @methods = ALL
+            when /^~/ # this is a regex
+                @acl_type = :regex
+                @name = name.gsub(/^~\s+/,'')
+                @key = Regexp.new(@name)
+                @methods = ALL
+            else
+                raise ArgumentError, "Unknown right type '%s'" % name
             end
             super()
         end
@@ -68,6 +169,108 @@ class Puppet::Network::Rights < Hash
         def valid?
             true
         end
+        def regex?
+            acl_type == :regex
+        end
+        # does this right is allowed for this triplet?
+        # if this right is too restrictive (ie we don't match this access method)
+        # then return :dunno so that upper layers have a chance to try another right
+        # tailored to the given method
+        def allowed?(name, ip, args = {})
+            return :dunno if acl_type == :regex and not @methods.include?(args[:method])
+            return :dunno if acl_type == :regex and @environment.size > 0 and not @environment.include?(args[:environment])
+            return :dunno if acl_type == :regex and not @authentication.nil? and args[:authenticated] != @authentication
+            begin
+                # make sure any capture are replaced if needed
+                interpolate(args[:match]) if acl_type == :regex and args[:match]
+                res = super(name,ip)
+            ensure
+                reset_interpolation if acl_type == :regex
+            end
+            res
+        end
+        # restrict this right to some method only
+        def restrict_method(m)
+            m = m.intern if m.is_a?(String)
+            unless ALL.include?(m)
+                raise ArgumentError, "'%s' is not an allowed value for method directive" % m
+            end
+            # if we were allowing all methods, then starts from scratch
+            if @methods === ALL
+                @methods = []
+            end
+            if @methods.include?(m)
+                raise ArgumentError, "'%s' is already in the '%s' ACL" % [m, name]
+            end
+            @methods << m
+        end
+        def restrict_environment(env)
+            env = Puppet::Node::Environment.new(env)
+            if @environment.include?(env)
+                raise ArgumentError, "'%s' is already in the '%s' ACL" % [env, name]
+            end
+            @environment << env
+        end
+        def restrict_authenticated(authentication)
+            case authentication
+            when "yes", "on", "true", true
+                authentication = true
+            when "no", "off", "false", false
+                authentication = false
+            when "all","any", :all, :any
+                authentication = nil
+            else
+                raise ArgumentError, "'%s' incorrect authenticated value: %s" % [name, authentication]
+            end
+            @authentication = authentication
+        end
+        def match?(key)
+            # if we are a namespace compare directly
+            return self.key == namespace_to_key(key) if acl_type == :name
+            # otherwise match with the regex
+            return self.key.match(key)
+        end
+        def namespace_to_key(key)
+            key = key.intern if key.is_a?(String)
+            key
+        end
+        # this is where all the magic happens.
+        # we're sorting the rights array with this scheme:
+        #  * namespace rights are all in front
+        #  * regex path rights are then all queued in file order
+        def <=>(rhs)
+            # move namespace rights at front
+            if self.acl_type != rhs.acl_type
+                return self.acl_type == :name ? -1 : 1
+            end
+            # sort by creation order (ie first match appearing in the file will win)
+            # that is don't sort, in which case the sort algorithm will order in the
+            # natural array order (ie the creation order)
+            return 0
+        end
+        def ==(name)
+            return self.key == namespace_to_key(name) if acl_type == :name
+            return self.name == name.gsub(/^~\s+/,'')
+        end
     end
-end
+end
+end