puppet 0.25.1 → 0.25.2

data/lib/puppet/type/host.rb

@@ -13,12 +13,11 @@ module Puppet
 
         end
 
-        newproperty(:alias) do
-            desc "Any alias the host might have.  Multiple values must be
-                specified as an array.  Note that this state has the same name
-                as one of the metaparams; using this state to set aliases will
-                make those aliases available in your Puppet scripts and also on
-                disk."
+        newproperty(:host_aliases) do
+            desc 'Any aliases the host might have.  Multiple values must be
+                specified as an array.  Note that this property is not the same as
+                the "alias" metaparam; use this property to add aliases to a host
+                on disk, and "alias" to aliases for use in your Puppet scripts.'
 
            def insync?(is)
                 is == @should
@@ -63,9 +62,7 @@ module Puppet
             end
 
             validate do |value|
-                if value =~ /\s/
-                    raise Puppet::Error, "Aliases cannot include whitespace"
-                end
+                raise Puppet::Error, "Host aliases cannot include whitespace" if value =~ /\s/
             end
         end
 

data/lib/puppet/type/k5login.rb

@@ -56,7 +56,7 @@ Puppet::Type.newtype(:k5login) do
         end
 
         # Return the principals
-        def principals
+        def principals(dummy_argument=:work_arround_for_ruby_GC_bug)
             if File.exists?(@resource[:name])
                 File.readlines(@resource[:name]).collect { |line| line.chomp }
             else

data/lib/puppet/type/maillist.rb

@@ -42,13 +42,10 @@ module Puppet
                     should = :absent
                 end
                 atype = Puppet::Type.type(:mailalias)
-                return provider.aliases.collect do |name, recipient|
-                    if atype[name]
-                        nil
-                    else
-                        malias = Puppet::Type.type(:mailalias).new(:name => name, :recipient => recipient, :ensure => should)
-                    end
-                end.compact
+
+                provider.aliases.
+                    reject  { |name,recipient| catalog.resource(:mailalias, name) }.
+                    collect { |name,recipient| atype.new(:name => name, :recipient => recipient, :ensure => should) }
             end
         end
     end

data/lib/puppet/type/port.rb

@@ -57,11 +57,12 @@
 #            desc "The port description."
 #        end
 #
-#        newproperty(:alias) do
-#            desc "Any aliases the port might have.  Multiple values must be
-#                specified as an array.  Note that this property has the same name as
-#                one of the metaparams; using this property to set aliases will make
-#                those aliases available in your Puppet scripts and also on disk."
+#        newproperty(:port_aliases) do
+#            desc 'Any aliases the port might have.  Multiple values must be
+#                specified as an array.  Note that this property is not the same as
+#                the "alias" metaparam; use this property to add aliases to a port
+#                in the services file, and "alias" to aliases for use in your Puppet 
+#                scripts.'
 #
 #            # We actually want to return the whole array here, not just the first
 #            # value.

data/lib/puppet/type/resources.rb

@@ -99,18 +99,18 @@ Puppet::Type.newtype(:resources) do
     def generate
         return [] unless self.purge?
         resource_type.instances.
-          reject { |r| managed? }.
-          reject { |r| catalog.resources.include? r.ref }.
-          select { |r| check(r) }.
-          select { |r| able_to_ensure_absent?(r) }.
-          each { |resource|
-            @parameters.each do |name, param|
-                resource[name] = param.value if param.metaparam?
-            end
-
-            # Mark that we're purging, so transactions can handle relationships
-            # correctly
-            resource.purging
+            reject { |r| catalog.resources.include? r.ref }.
+            select { |r| check(r) }.
+            select { |r| r.class.validproperty?(:ensure) }.
+            select { |r| able_to_ensure_absent?(r) }.
+            each { |resource|
+              @parameters.each do |name, param|
+                  resource[name] = param.value if param.metaparam?
+              end
+
+              # Mark that we're purging, so transactions can handle relationships
+              # correctly
+              resource.purging
           }
     end
 

data/lib/puppet/type/sshkey.rb

@@ -21,11 +21,11 @@ module Puppet
 
         # FIXME This should automagically check for aliases to the hosts, just
         # to see if we can automatically glean any aliases.
-        newproperty(:alias) do
-            desc "Any alias the host might have.  Multiple values must be
-                specified as an array.  Note that this parameter has the same name
-                as one of the metaparams; using this parameter to set aliases will
-                make those aliases available in your Puppet scripts."
+        newproperty(:host_aliases) do
+           desc 'Any aliases the host might have.  Multiple values must be
+                specified as an array.  Note that this property is not the same as
+                the "alias" metaparam; use this property to add aliases to a host
+                on disk, and "alias" to aliases for use in your Puppet scripts.'
 
             attr_accessor :meta
 

data/lib/puppet/type/tidy.rb

@@ -247,8 +247,15 @@ Puppet::Type.newtype(:tidy) do
     def generate
         return [] unless stat(self[:path])
 
-        if self[:recurse]
-            files = Puppet::FileServing::Fileset.new(self[:path], :recurse => self[:recurse]).files.collect do |f|
+        case self[:recurse]
+        when Integer, Fixnum, Bignum, /^\d+$/
+            parameter = { :recurse => true, :recurselimit => self[:recurse] }
+        when true, :true, :inf
+            parameter = { :recurse => true }
+        end
+
+        if parameter
+            files = Puppet::FileServing::Fileset.new(self[:path], parameter).files.collect do |f|
                 f == "." ? self[:path] : File.join(self[:path], f)
             end
         else

data/lib/puppet/type/yumrepo.rb

@@ -233,12 +233,14 @@ module Puppet
         end
 
         newparam(:name) do
-            desc "The name of the repository."
+            desc "The name of the repository.  This corresponds to the
+                  repositoryid parameter in yum.conf(5)."
             isnamevar
         end
 
         newproperty(:descr, :parent => Puppet::IniProperty) do
             desc "A human readable description of the repository.
+                  This corresponds to the name parameter in yum.conf(5).
                   #{ABSENT_DOC}"
             newvalue(:absent) { self.should = :absent }
             newvalue(/.*/) { }

data/lib/puppet/util.rb

@@ -55,10 +55,11 @@ module Util
             end
             unless Puppet::Util::SUIDManager.uid == user
                 begin
+                    Puppet::Util::SUIDManager.initgroups(user)
                     Puppet::Util::SUIDManager.uid = user
                     Puppet::Util::SUIDManager.euid = user
-                rescue
-                    $stderr.puts "could not change to user %s" % user
+                rescue => detail
+                    $stderr.puts "Could not change to user %s: %s" % [user, detail]
                     exit(74)
                 end
             end
@@ -258,39 +259,56 @@ module Util
         @@os ||= Facter.value(:operatingsystem)
         output = nil
         child_pid, child_status = nil
-        # There are problems with read blocking with badly behaved children
-        # read.partialread doesn't seem to capture either stdout or stderr
-        # We hack around this using a temporary file
-
-        # The idea here is to avoid IO#read whenever possible.
-        output_file="/dev/null"
-        error_file="/dev/null"
-        if ! arguments[:squelch]
-            require "tempfile"
-            output_file = Tempfile.new("puppet")
-            if arguments[:combine]
-                error_file=output_file
-            end
-        end
+        output_read, output_write = IO.pipe
 
         oldverb = $VERBOSE
         $VERBOSE = nil
         child_pid = Kernel.fork
         $VERBOSE = oldverb
         if child_pid
+            output_write.close
+
+            # Read output in if required
+            if ! arguments[:squelch]
+                output = ''
+                begin
+                    loop do
+                        output << output_read.readpartial(4096)
+                    end
+                rescue EOFError
+                    # End of file
+                ensure
+                    output_read.close
+                end
+            end
+
             # Parent process executes this
-            child_status = (Process.waitpid2(child_pid)[1]).to_i >> 8
+            Process.waitpid(child_pid)
+            child_status = $?.exitstatus
         else
             # Child process executes this
             Process.setsid
             begin
+                output_read.close
+
+                if arguments[:squelch]
+                    output_write.close
+                    $stdout.reopen('/dev/null', 'w')
+                    $stderr.reopen('/dev/null', 'w')
+                else
+                    $stdout.reopen(output_write)
+                    if arguments[:combine]
+                        $stderr.reopen(output_write)
+                    else
+                        $stderr.reopen('/dev/null', 'w')
+                    end
+                end
+
                 if arguments[:stdinfile]
                     $stdin.reopen(arguments[:stdinfile])
                 else
-                    $stdin.reopen("/dev/null")
+                    $stdin.close
                 end
-                $stdout.reopen(output_file)
-                $stderr.reopen(error_file)
 
                 3.upto(256){|fd| IO::new(fd).close rescue nil}
                 if arguments[:gid]
@@ -302,42 +320,10 @@ module Util
                     Process.uid = arguments[:uid] unless @@os == "Darwin"
                 end
                 ENV['LANG'] = ENV['LC_ALL'] = ENV['LC_MESSAGES'] = ENV['LANGUAGE'] = 'C'
-                if command.is_a?(Array)
-                    Kernel.exec(*command)
-                else
-                    Kernel.exec(command)
-                end
+                Kernel.exec(*command)
             rescue => detail
-                puts detail.to_s
-                exit!(1)
-            end # begin; rescue
-        end # if child_pid
-
-        # read output in if required
-        if ! arguments[:squelch]
-
-            # Make sure the file's actually there.  This is
-            # basically a race condition, and is probably a horrible
-            # way to handle it, but, well, oh well.
-            unless FileTest.exists?(output_file.path)
-                Puppet.warning "sleeping"
-                sleep 0.5
-                unless FileTest.exists?(output_file.path)
-                    Puppet.warning "sleeping 2"
-                    sleep 1
-                    unless FileTest.exists?(output_file.path)
-                        Puppet.warning "Could not get output"
-                        output = ""
-                    end
-                end
-            end
-            unless output
-                # We have to explicitly open here, so that it reopens
-                # after the child writes.
-                output = output_file.open.read
-
-                # The 'true' causes the file to get unlinked right away.
-                output_file.close(true)
+                puts detail
+                exit(1)
             end
         end
 
@@ -347,7 +333,7 @@ module Util
             end
         end
 
-        return output
+        output
     end
 
     module_function :execute
@@ -421,6 +407,28 @@ module Util
     end
 
     module_function :memory, :thinmark
+
+    def secure_open(file,must_be_w,&block)
+        raise Puppet::DevError,"secure_open only works with mode 'w'" unless must_be_w == 'w'
+        raise Puppet::DevError,"secure_open only requires a block"    unless block_given?
+        Puppet.warning "#{file} was a symlink to #{File.readlink(file)}" if File.symlink?(file)
+        if File.exists?(file) or File.symlink?(file)
+            wait = File.symlink?(file) ? 5.0 : 0.1
+            File.delete(file)
+            sleep wait # give it a chance to reappear, just in case someone is actively trying something.
+        end
+        begin
+            File.open(file,File::CREAT|File::EXCL|File::TRUNC|File::WRONLY,&block)
+        rescue Errno::EEXIST
+            desc = File.symlink?(file) ? "symlink to #{File.readlink(file)}" : File.stat(file).ftype
+            puts "Warning: #{file} was apparently created by another process (as"
+            puts "a #{desc}) as soon as it was deleted by this process.  Someone may be trying"
+            puts "to do something objectionable (such as tricking you into overwriting system"
+            puts "files if you are running as root)."
+            raise
+        end
+    end
+    module_function :secure_open
 end
 end
 

data/lib/puppet/util/backups.rb

@@ -26,8 +26,9 @@ module Puppet::Util::Backups
             info "Recursively backing up to filebucket"
             Find.find(self[:path]) { |f| backup_file_with_filebucket(f) if File.file?(f) }
         when "file"; backup_file_with_filebucket(file)
-        when "link"; return true
+        when "link";
         end
+        true
     end
 
     def perform_backup_with_backuplocal(fileobj, backup)

data/lib/puppet/util/filetype.rb

@@ -251,4 +251,50 @@ class Puppet::Util::FileType
             output_file.delete
         end
     end
+
+    #  Support for AIX crontab with output different than suntab's crontab command.
+    newfiletype(:aixtab) do
+        # Read a specific @path's cron tab.
+        def read
+            begin
+                output = Puppet::Util.execute(%w{crontab -l}, :uid => @path)
+                if output.include?("You are not authorized to use the cron command")
+                    raise Puppet::Error, "User %s not authorized to use cron" % @path 
+                end
+                return output
+            rescue => detail
+                raise Puppet::Error, "Could not read crontab for %s: %s" % [@path, detail]
+            end
+        end
+
+        # Remove a specific @path's cron tab.
+        def remove
+            begin
+                Puppet::Util.execute(%w{crontab -r}, :uid => @path)
+            rescue => detail
+                raise Puppet::Error, "Could not remove crontab for %s: %s" % [@path, detail]
+            end
+        end
+
+        # Overwrite a specific @path's cron tab; must be passed the @path name
+        # and the text with which to create the cron tab.
+        def write(text)
+            require "tempfile"
+            output_file = Tempfile.new("puppet")
+            fh = output_file.open
+            fh.print text
+            fh.close
+
+            # We have to chown the stupid file to the user.
+            File.chown(Puppet::Util.uid(@path), nil, output_file.path)
+
+            begin
+                Puppet::Util.execute(["crontab", output_file.path], :uid => @path)
+            rescue => detail
+                raise Puppet::Error, "Could not write crontab for %s: %s" % [@path, detail]
+            ensure
+                output_file.delete
+            end
+        end
+    end
 end

data/lib/puppet/util/log.rb

@@ -511,11 +511,16 @@ class Puppet::Util::Log
     # If they pass a source in to us, we make sure it is a string, and
     # we retrieve any tags we can.
     def source=(source)
-        # We can't store the actual source, we just store the path.
-        # We can't just check for whether it responds to :path, because
-        # plenty of providers respond to that in their normal function.
-        if (source.is_a?(Puppet::Type) or source.is_a?(Puppet::Parameter)) and source.respond_to?(:path)
-            set_source_from_ral(source)
+        if source.respond_to?(:source_descriptors)
+            descriptors = source.source_descriptors
+            @source = descriptors[:path]
+
+            descriptors[:tags].each { |t| tag(t) }
+
+            [:file, :line, :version].each do |param|
+                next unless descriptors[param]
+                send(param.to_s + "=", descriptors[param])
+            end
         else
             @source = source.to_s
         end
@@ -528,19 +533,6 @@ class Puppet::Util::Log
     def to_s
         return @message
     end
-
-    private
-
-    def set_source_from_ral(source)
-        @source = source.path
-
-        source.tags.each { |t| tag(t) }
-
-        [:file, :line, :version].each do |param|
-            next unless value = source.send(param)
-            send(param.to_s + "=", value)
-        end
-    end
 end
 
 # This is for backward compatibility from when we changed the constant to Puppet::Util::Log

data/lib/puppet/util/log_paths.rb

@@ -11,5 +11,19 @@ module Puppet::Util::LogPaths
 
         return "/" + @path.join("/")
     end
+
+    def source_descriptors
+        descriptors = {}
+
+        descriptors[:tags] = tags
+
+        [:path, :file, :line, :version].each do |param|
+            next unless value = send(param)
+            descriptors[param] = value
+        end
+
+        return descriptors
+    end
+
 end