puppet 0.25.1 → 0.25.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CHANGELOG +159 -135
- data/Rakefile +4 -1
- data/conf/gentoo/conf.d/puppetmaster +1 -1
- data/conf/osx/createpackage.sh +12 -0
- data/conf/osx/preflight +4 -0
- data/conf/redhat/puppet.spec +12 -2
- data/conf/redhat/server.init +1 -0
- data/conf/redhat/server.sysconfig +1 -1
- data/ext/ldap/puppet.schema +5 -9
- data/ext/puppetlast +2 -1
- data/ext/rack/README +2 -2
- data/ext/regexp_nodes/classes/databases +2 -0
- data/ext/regexp_nodes/classes/webservers +2 -0
- data/ext/regexp_nodes/parameters/environment/prod +1 -0
- data/ext/regexp_nodes/parameters/environment/qa +3 -0
- data/ext/regexp_nodes/regexp_nodes.rb +215 -0
- data/lib/puppet.rb +1 -1
- data/lib/puppet/agent.rb +2 -2
- data/lib/puppet/application/puppet.rb +1 -1
- data/lib/puppet/application/puppetd.rb +1 -1
- data/lib/puppet/application/puppetdoc.rb +4 -3
- data/lib/puppet/application/puppetrun.rb +5 -14
- data/lib/puppet/application/ralsh.rb +9 -25
- data/lib/puppet/configurer.rb +2 -1
- data/lib/puppet/configurer/fact_handler.rb +8 -6
- data/lib/puppet/daemon.rb +2 -2
- data/lib/puppet/defaults.rb +21 -2
- data/lib/puppet/external/pson/common.rb +1 -1
- data/lib/puppet/external/pson/pure.rb +3 -3
- data/lib/puppet/feature/base.rb +3 -0
- data/lib/puppet/feature/selinux.rb +3 -0
- data/lib/puppet/feature/zlib.rb +6 -0
- data/lib/puppet/file_serving/base.rb +16 -1
- data/lib/puppet/file_serving/metadata.rb +46 -9
- data/lib/puppet/file_serving/mount/file.rb +4 -1
- data/lib/puppet/indirector/catalog/active_record.rb +5 -0
- data/lib/puppet/indirector/envelope.rb +1 -3
- data/lib/puppet/indirector/indirection.rb +13 -16
- data/lib/puppet/indirector/node/ldap.rb +7 -4
- data/lib/puppet/indirector/ssl_file.rb +1 -1
- data/lib/puppet/network/authstore.rb +48 -118
- data/lib/puppet/network/client/resource.rb +2 -15
- data/lib/puppet/network/format.rb +2 -12
- data/lib/puppet/network/format_handler.rb +15 -1
- data/lib/puppet/network/formats.rb +19 -4
- data/lib/puppet/network/handler/fileserver.rb +1 -0
- data/lib/puppet/network/http/handler.rb +1 -0
- data/lib/puppet/network/http/rack/httphandler.rb +0 -18
- data/lib/puppet/network/http/rack/rest.rb +4 -4
- data/lib/puppet/network/http/rack/xmlrpc.rb +4 -4
- data/lib/puppet/network/http/webrick.rb +2 -1
- data/lib/puppet/network/server.rb +1 -1
- data/lib/puppet/node/environment.rb +20 -9
- data/lib/puppet/parameter.rb +17 -1
- data/lib/puppet/parser/ast/boolean_operator.rb +2 -2
- data/lib/puppet/parser/ast/leaf.rb +5 -1
- data/lib/puppet/parser/ast/resourceparam.rb +4 -0
- data/lib/puppet/parser/ast/selector.rb +4 -0
- data/lib/puppet/parser/functions/generate.rb +2 -2
- data/lib/puppet/parser/functions/shellquote.rb +1 -1
- data/lib/puppet/property.rb +3 -11
- data/lib/puppet/provider/cron/crontab.rb +2 -0
- data/lib/puppet/provider/host/parsed.rb +9 -9
- data/lib/puppet/provider/package/blastwave.rb +7 -6
- data/lib/puppet/provider/package/portage.rb +23 -27
- data/lib/puppet/provider/package/rug.rb +1 -1
- data/lib/puppet/provider/package/sun.rb +5 -3
- data/lib/puppet/provider/service/daemontools.rb +1 -1
- data/lib/puppet/provider/service/debian.rb +1 -1
- data/lib/puppet/provider/service/runit.rb +1 -1
- data/lib/puppet/provider/ssh_authorized_key/parsed.rb +2 -1
- data/lib/puppet/provider/sshkey/parsed.rb +3 -5
- data/lib/puppet/provider/zone/solaris.rb +1 -1
- data/lib/puppet/rails.rb +9 -2
- data/lib/puppet/rails/benchmark.rb +1 -1
- data/lib/puppet/rails/host.rb +2 -7
- data/lib/puppet/rails/resource.rb +20 -26
- data/lib/puppet/resource/catalog.rb +3 -3
- data/lib/puppet/resource/reference.rb +13 -25
- data/lib/puppet/ssl/certificate.rb +3 -2
- data/lib/puppet/ssl/host.rb +14 -33
- data/lib/puppet/sslcertificates.rb +1 -5
- data/lib/puppet/sslcertificates/ca.rb +8 -7
- data/lib/puppet/transaction.rb +15 -12
- data/lib/puppet/type.rb +12 -5
- data/lib/puppet/type/file.rb +26 -32
- data/lib/puppet/type/file/content.rb +5 -5
- data/lib/puppet/type/file/ensure.rb +6 -17
- data/lib/puppet/type/file/mode.rb +18 -1
- data/lib/puppet/type/file/source.rb +12 -12
- data/lib/puppet/type/host.rb +6 -9
- data/lib/puppet/type/k5login.rb +1 -1
- data/lib/puppet/type/maillist.rb +4 -7
- data/lib/puppet/type/port.rb +6 -5
- data/lib/puppet/type/resources.rb +12 -12
- data/lib/puppet/type/sshkey.rb +5 -5
- data/lib/puppet/type/tidy.rb +9 -2
- data/lib/puppet/type/yumrepo.rb +3 -1
- data/lib/puppet/util.rb +64 -56
- data/lib/puppet/util/backups.rb +2 -1
- data/lib/puppet/util/filetype.rb +46 -0
- data/lib/puppet/util/log.rb +10 -18
- data/lib/puppet/util/log_paths.rb +14 -0
- data/lib/puppet/util/methodhelper.rb +3 -4
- data/lib/puppet/util/monkey_patches.rb +8 -0
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +5 -3
- data/lib/puppet/util/rdoc/parser.rb +32 -16
- data/lib/puppet/util/reference.rb +6 -3
- data/lib/puppet/util/selinux.rb +21 -14
- data/lib/puppet/util/settings.rb +30 -25
- data/lib/puppet/util/settings/file_setting.rb +7 -4
- data/lib/puppet/util/subclass_loader.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +11 -1
- data/lib/puppet/util/tagging.rb +22 -4
- data/man/man8/filebucket.8 +23 -18
- data/man/man8/pi.8 +42 -20
- data/man/man8/puppet.8 +47 -32
- data/man/man8/puppet.conf.8 +807 -764
- data/man/man8/puppetca.8 +24 -14
- data/man/man8/puppetd.8 +33 -16
- data/man/man8/puppetdoc.8 +71 -18
- data/man/man8/puppetmasterd.8 +18 -25
- data/man/man8/puppetqd.8 +60 -0
- data/man/man8/puppetrun.8 +27 -14
- data/man/man8/ralsh.8 +33 -40
- data/spec/integration/bin/puppetmasterd.rb +3 -2
- data/spec/integration/defaults.rb +11 -0
- data/spec/integration/file_serving/metadata.rb +1 -0
- data/spec/integration/indirector/file_content/file_server.rb +2 -1
- data/spec/integration/ssl/certificate_request.rb +2 -0
- data/spec/integration/type/file.rb +20 -1
- data/spec/shared_behaviours/file_serving.rb +1 -1
- data/spec/spec_helper.rb +1 -1
- data/spec/unit/application/puppet.rb +11 -30
- data/spec/unit/application/puppetd.rb +1 -0
- data/spec/unit/application/puppetdoc.rb +13 -4
- data/spec/unit/application/puppetmasterd.rb +1 -0
- data/spec/unit/application/puppetrun.rb +12 -2
- data/spec/unit/application/ralsh.rb +39 -22
- data/spec/unit/configurer.rb +6 -0
- data/spec/unit/configurer/fact_handler.rb +15 -1
- data/spec/unit/file_serving/metadata.rb +128 -16
- data/spec/unit/file_serving/mount/file.rb +8 -0
- data/spec/unit/indirector/catalog/active_record.rb +20 -1
- data/spec/unit/indirector/catalog/compiler.rb +2 -1
- data/spec/unit/indirector/indirection.rb +29 -18
- data/spec/unit/indirector/node/ldap.rb +20 -6
- data/spec/unit/network/authstore.rb +197 -0
- data/spec/unit/network/format_handler.rb +28 -8
- data/spec/unit/network/formats.rb +31 -0
- data/spec/unit/network/http/handler.rb +10 -0
- data/spec/unit/network/http/webrick.rb +2 -2
- data/spec/unit/network/rest_authconfig.rb +2 -2
- data/spec/unit/network/rights.rb +1 -1
- data/spec/unit/node/environment.rb +39 -23
- data/spec/unit/other/selinux.rb +2 -2
- data/spec/unit/parameter.rb +8 -0
- data/spec/unit/parser/ast/leaf.rb +9 -0
- data/spec/unit/parser/ast/selector.rb +8 -1
- data/spec/unit/parser/lexer.rb +1 -1
- data/spec/unit/parser/resource.rb +11 -0
- data/spec/unit/parser/resource/reference.rb +13 -1
- data/spec/unit/property.rb +6 -0
- data/spec/unit/provider/mount/parsed.rb +3 -1
- data/spec/unit/provider/service/debian.rb +1 -1
- data/spec/unit/provider/ssh_authorized_key/parsed.rb +9 -1
- data/spec/unit/provider/sshkey/parsed.rb +19 -0
- data/spec/unit/rails.rb +22 -9
- data/spec/unit/rails/resource.rb +20 -0
- data/spec/unit/ssl/host.rb +19 -57
- data/spec/unit/transaction.rb +39 -4
- data/spec/unit/type.rb +9 -0
- data/spec/unit/type/file/content.rb +29 -0
- data/spec/unit/type/maillist.rb +42 -0
- data/spec/unit/type/resources.rb +66 -1
- data/spec/unit/type/tidy.rb +14 -1
- data/spec/unit/util/autoload.rb +2 -0
- data/spec/unit/util/ldap/connection.rb +1 -1
- data/spec/unit/util/log.rb +14 -0
- data/spec/unit/util/monkey_patches.rb +103 -0
- data/spec/unit/util/queue.rb +10 -2
- data/spec/unit/util/selinux.rb +61 -2
- data/spec/unit/util/settings.rb +19 -0
- data/spec/unit/util/settings/file_setting.rb +25 -0
- data/spec/unit/util/tagging.rb +10 -0
- data/tasks/rake/changelog.rake +15 -0
- data/tasks/rake/ci.rake +22 -0
- data/tasks/rake/dailybuild.rake +9 -0
- data/tasks/rake/gem.rake +46 -0
- data/tasks/rake/git_workflow.rake +121 -0
- data/tasks/rake/metrics.rake +6 -0
- data/tasks/rake/sign.rake +14 -0
- data/tasks/rake/testbranch.rake +16 -0
- data/tasks/rake/tracdocs.rake +8 -0
- data/test/data/providers/ssh_authorized_key/parsed/authorized_keys +1 -0
- metadata +1042 -1288
- data/ext/bin/sleeper +0 -67
- data/ext/module_puppet +0 -209
@@ -12,11 +12,10 @@ module Puppet::Util::MethodHelper
|
|
12
12
|
def set_options(options)
|
13
13
|
options.each do |param,value|
|
14
14
|
method = param.to_s + "="
|
15
|
-
|
15
|
+
if respond_to? method
|
16
16
|
self.send(method, value)
|
17
|
-
|
18
|
-
raise ArgumentError, "Invalid parameter
|
19
|
-
[param,self.class.to_s]
|
17
|
+
else
|
18
|
+
raise ArgumentError, "Invalid parameter #{param} to object class #{self.class}"
|
20
19
|
end
|
21
20
|
end
|
22
21
|
end
|
@@ -1,5 +1,7 @@
|
|
1
1
|
require 'rdoc/generators/html_generator'
|
2
2
|
require 'puppet/util/rdoc/code_objects'
|
3
|
+
require 'digest/md5'
|
4
|
+
|
3
5
|
module Generators
|
4
6
|
|
5
7
|
# This module holds all the classes needed to generate the HTML documentation
|
@@ -335,7 +337,7 @@ module Generators
|
|
335
337
|
resources.each do |r|
|
336
338
|
res << {
|
337
339
|
"name" => CGI.escapeHTML(r.name),
|
338
|
-
"aref" => "
|
340
|
+
"aref" => CGI.escape(path_prefix)+"\#"+CGI.escape(r.aref)
|
339
341
|
}
|
340
342
|
end
|
341
343
|
res
|
@@ -414,7 +416,7 @@ module Generators
|
|
414
416
|
if path['<<']
|
415
417
|
path.gsub!(/<<\s*(\w*)/) { "from-#$1" }
|
416
418
|
end
|
417
|
-
File.join(prefix, path.split("::")) + ".html"
|
419
|
+
File.join(prefix, path.split("::").collect { |p| Digest::MD5.hexdigest(p) }) + ".html"
|
418
420
|
end
|
419
421
|
|
420
422
|
def parent_name
|
@@ -508,7 +510,7 @@ module Generators
|
|
508
510
|
h_name = CGI.escapeHTML(name)
|
509
511
|
|
510
512
|
@values["classmod"] = "Node"
|
511
|
-
@values["title"] = "#{@values['classmod']}: #{h_name}"
|
513
|
+
@values["title"] = CGI.escapeHTML("#{@values['classmod']}: #{h_name}")
|
512
514
|
|
513
515
|
c = @context
|
514
516
|
c = c.parent while c and !c.diagram
|
@@ -148,6 +148,7 @@ class Parser
|
|
148
148
|
# create documentation for include statements we can find in +code+
|
149
149
|
# and associate it with +container+
|
150
150
|
def scan_for_include(container, code)
|
151
|
+
code = [code] unless code.is_a?(Array)
|
151
152
|
code.each do |stmt|
|
152
153
|
scan_for_include(container,stmt.children) if stmt.is_a?(Puppet::Parser::AST::ASTArray)
|
153
154
|
|
@@ -163,6 +164,7 @@ class Parser
|
|
163
164
|
# create documentation for global variables assignements we can find in +code+
|
164
165
|
# and associate it with +container+
|
165
166
|
def scan_for_vardef(container, code)
|
167
|
+
code = [code] unless code.is_a?(Array)
|
166
168
|
code.each do |stmt|
|
167
169
|
scan_for_vardef(container,stmt.children) if stmt.is_a?(Puppet::Parser::AST::ASTArray)
|
168
170
|
|
@@ -176,24 +178,29 @@ class Parser
|
|
176
178
|
# create documentation for resources we can find in +code+
|
177
179
|
# and associate it with +container+
|
178
180
|
def scan_for_resource(container, code)
|
181
|
+
code = [code] unless code.is_a?(Array)
|
179
182
|
code.each do |stmt|
|
180
183
|
scan_for_resource(container,stmt.children) if stmt.is_a?(Puppet::Parser::AST::ASTArray)
|
181
184
|
|
182
185
|
if stmt.is_a?(Puppet::Parser::AST::Resource) and !stmt.type.nil?
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
186
|
+
begin
|
187
|
+
type = stmt.type.split("::").collect { |s| s.capitalize }.join("::")
|
188
|
+
title = stmt.title.is_a?(Puppet::Parser::AST::ASTArray) ? stmt.title.to_s.gsub(/\[(.*)\]/,'\1') : stmt.title.to_s
|
189
|
+
Puppet.debug "rdoc: found resource: %s[%s]" % [type,title]
|
190
|
+
|
191
|
+
param = []
|
192
|
+
stmt.params.children.each do |p|
|
193
|
+
res = {}
|
194
|
+
res["name"] = p.param
|
195
|
+
res["value"] = "#{p.value.to_s}" unless p.value.nil?
|
196
|
+
|
197
|
+
param << res
|
198
|
+
end
|
199
|
+
|
200
|
+
container.add_resource(PuppetResource.new(type, title, stmt.doc, param))
|
201
|
+
rescue => detail
|
202
|
+
raise Puppet::ParseError, "impossible to parse resource in #{stmt.file} at line #{stmt.line}: #{detail}"
|
194
203
|
end
|
195
|
-
|
196
|
-
container.add_resource(PuppetResource.new(type, title, stmt.doc, param))
|
197
204
|
end
|
198
205
|
end
|
199
206
|
end
|
@@ -225,6 +232,8 @@ class Parser
|
|
225
232
|
end
|
226
233
|
|
227
234
|
cls.comment = comment
|
235
|
+
rescue => detail
|
236
|
+
raise Puppet::ParseError, "impossible to parse class '#{name}' in #{klass.file} at line #{klass.line}: #{detail}"
|
228
237
|
end
|
229
238
|
|
230
239
|
# create documentation for a node
|
@@ -247,6 +256,8 @@ class Parser
|
|
247
256
|
end
|
248
257
|
|
249
258
|
n.comment = comment
|
259
|
+
rescue => detail
|
260
|
+
raise Puppet::ParseError, "impossible to parse node '#{name}' in #{node.file} at line #{node.line}: #{detail}"
|
250
261
|
end
|
251
262
|
|
252
263
|
# create documentation for a define
|
@@ -263,12 +274,15 @@ class Parser
|
|
263
274
|
declaration = ""
|
264
275
|
define.arguments.each do |arg,value|
|
265
276
|
declaration << "\$#{arg}"
|
266
|
-
|
277
|
+
unless value.nil?
|
267
278
|
declaration << " => "
|
268
|
-
|
279
|
+
case value
|
280
|
+
when Puppet::Parser::AST::Leaf
|
269
281
|
declaration << "'#{value.value}'"
|
270
|
-
|
282
|
+
when Puppet::Parser::AST::ASTArray
|
271
283
|
declaration << "[%s]" % value.children.collect { |v| "'#{v}'" }.join(", ")
|
284
|
+
else
|
285
|
+
declaration << "#{value.to_s}"
|
272
286
|
end
|
273
287
|
end
|
274
288
|
declaration << ", "
|
@@ -284,6 +298,8 @@ class Parser
|
|
284
298
|
meth.visibility = :public
|
285
299
|
meth.document_self = true
|
286
300
|
meth.singleton = false
|
301
|
+
rescue => detail
|
302
|
+
raise Puppet::ParseError, "impossible to parse definition '#{name}' in #{define.file} at line #{define.line}: #{detail}"
|
287
303
|
end
|
288
304
|
|
289
305
|
# Traverse the AST tree and produce code-objects node
|
@@ -36,7 +36,7 @@ class Puppet::Util::Reference
|
|
36
36
|
|
37
37
|
def self.pdf(text)
|
38
38
|
puts "creating pdf"
|
39
|
-
|
39
|
+
Puppet::Util.secure_open("/tmp/puppetdoc.txt", "w") do |f|
|
40
40
|
f.puts text
|
41
41
|
end
|
42
42
|
rst2latex = %x{which rst2latex}
|
@@ -48,6 +48,9 @@ class Puppet::Util::Reference
|
|
48
48
|
end
|
49
49
|
rst2latex.chomp!
|
50
50
|
cmd = %{#{rst2latex} /tmp/puppetdoc.txt > /tmp/puppetdoc.tex}
|
51
|
+
Puppet::Util.secure_open("/tmp/puppetdoc.tex","w") do |f|
|
52
|
+
# If we get here without an error, /tmp/puppetdoc.tex isn't a tricky cracker's symlink
|
53
|
+
end
|
51
54
|
output = %x{#{cmd}}
|
52
55
|
unless $? == 0
|
53
56
|
$stderr.puts "rst2latex failed"
|
@@ -67,7 +70,7 @@ class Puppet::Util::Reference
|
|
67
70
|
puts "Creating markdown for #{name} reference."
|
68
71
|
dir = "/tmp/" + Puppet::PUPPETVERSION
|
69
72
|
FileUtils.mkdir(dir) unless File.directory?(dir)
|
70
|
-
|
73
|
+
Puppet::Util.secure_open(dir + "/" + "#{name}.rst", "w") do |f|
|
71
74
|
f.puts text
|
72
75
|
end
|
73
76
|
pandoc = %x{which pandoc}
|
@@ -190,7 +193,7 @@ class Puppet::Util::Reference
|
|
190
193
|
end
|
191
194
|
|
192
195
|
def trac
|
193
|
-
|
196
|
+
Puppet::Util.secure_open("/tmp/puppetdoc.txt", "w") do |f|
|
194
197
|
f.puts self.to_trac
|
195
198
|
end
|
196
199
|
|
data/lib/puppet/util/selinux.rb
CHANGED
@@ -7,11 +7,9 @@
|
|
7
7
|
# was abysmal. At this time (2008-11-02) the only distribution providing
|
8
8
|
# these Ruby SELinux bindings which I am aware of is Fedora (in libselinux-ruby).
|
9
9
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
# Nothing
|
14
|
-
end
|
10
|
+
Puppet.features.selinux? # check, but continue even if it's not
|
11
|
+
|
12
|
+
require 'pathname'
|
15
13
|
|
16
14
|
module Puppet::Util::SELinux
|
17
15
|
|
@@ -71,7 +69,7 @@ module Puppet::Util::SELinux
|
|
71
69
|
if context.nil? or context == "unlabeled"
|
72
70
|
return nil
|
73
71
|
end
|
74
|
-
unless context =~ /^([a-z0-9_]+):([a-z0-9_]+):([a-
|
72
|
+
unless context =~ /^([a-z0-9_]+):([a-z0-9_]+):([a-zA-Z0-9_]+)(?::([a-zA-Z0-9:,._-]+))?/
|
75
73
|
raise Puppet::Error, "Invalid context to parse: #{context}"
|
76
74
|
end
|
77
75
|
ret = {
|
@@ -91,7 +89,7 @@ module Puppet::Util::SELinux
|
|
91
89
|
# I believe that the OS should always provide at least a fall-through context
|
92
90
|
# though on any well-running system.
|
93
91
|
def set_selinux_context(file, value, component = false)
|
94
|
-
unless selinux_support?
|
92
|
+
unless selinux_support? && selinux_label_support?(file)
|
95
93
|
return nil
|
96
94
|
end
|
97
95
|
|
@@ -168,8 +166,8 @@ module Puppet::Util::SELinux
|
|
168
166
|
# that's expected
|
169
167
|
rescue
|
170
168
|
return nil
|
171
|
-
ensure
|
172
|
-
mountfh.close
|
169
|
+
ensure
|
170
|
+
mountfh.close if mountfh
|
173
171
|
end
|
174
172
|
|
175
173
|
mntpoint = {}
|
@@ -185,9 +183,19 @@ module Puppet::Util::SELinux
|
|
185
183
|
return mntpoint
|
186
184
|
end
|
187
185
|
|
186
|
+
def realpath(path)
|
187
|
+
path, rest = Pathname.new(path), []
|
188
|
+
path, rest = path.dirname, [path.basename] + rest while ! path.exist?
|
189
|
+
File.join( path.realpath, *rest )
|
190
|
+
end
|
191
|
+
|
192
|
+
def parent_directory(path)
|
193
|
+
Pathname.new(path).dirname.to_s
|
194
|
+
end
|
195
|
+
|
188
196
|
# Internal helper function to return which type of filesystem a
|
189
197
|
# given file path resides on
|
190
|
-
def find_fs(
|
198
|
+
def find_fs(path)
|
191
199
|
unless mnts = read_mounts()
|
192
200
|
return nil
|
193
201
|
end
|
@@ -198,13 +206,12 @@ module Puppet::Util::SELinux
|
|
198
206
|
# Just in case: return something if you're down to "/" or ""
|
199
207
|
# Remove the last slash and everything after it,
|
200
208
|
# and repeat with that as the file for the next loop through.
|
201
|
-
|
202
|
-
while not
|
203
|
-
path = ary.join('/')
|
209
|
+
path = realpath(path)
|
210
|
+
while not path.empty? do
|
204
211
|
if mnts.has_key?(path)
|
205
212
|
return mnts[path]
|
206
213
|
end
|
207
|
-
|
214
|
+
path = parent_directory(path)
|
208
215
|
end
|
209
216
|
return mnts['/']
|
210
217
|
end
|
data/lib/puppet/util/settings.rb
CHANGED
@@ -64,20 +64,25 @@ class Puppet::Util::Settings
|
|
64
64
|
# Remove all set values, potentially skipping cli values.
|
65
65
|
def clear(exceptcli = false)
|
66
66
|
@sync.synchronize do
|
67
|
-
|
68
|
-
|
69
|
-
|
67
|
+
unsafe_clear(exceptcli)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
# Remove all set values, potentially skipping cli values.
|
72
|
+
def unsafe_clear(exceptcli = false)
|
73
|
+
@values.each do |name, values|
|
74
|
+
@values.delete(name) unless exceptcli and name == :cli
|
75
|
+
end
|
70
76
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
77
|
+
# Don't clear the 'used' in this case, since it's a config file reparse,
|
78
|
+
# and we want to retain this info.
|
79
|
+
unless exceptcli
|
80
|
+
@used = []
|
81
|
+
end
|
76
82
|
|
77
|
-
|
83
|
+
@cache.clear
|
78
84
|
|
79
|
-
|
80
|
-
end
|
85
|
+
@name = nil
|
81
86
|
end
|
82
87
|
|
83
88
|
# This is mostly just used for testing.
|
@@ -317,23 +322,25 @@ class Puppet::Util::Settings
|
|
317
322
|
# and reparsed if necessary.
|
318
323
|
set_filetimeout_timer()
|
319
324
|
|
320
|
-
# Retrieve the value now, so that we don't lose it in the 'clear' call.
|
321
|
-
file = self[:config]
|
322
|
-
|
323
|
-
return unless FileTest.exist?(file)
|
324
|
-
|
325
|
-
# We have to clear outside of the sync, because it's
|
326
|
-
# also using synchronize().
|
327
|
-
clear(true)
|
328
|
-
|
329
325
|
@sync.synchronize do
|
330
|
-
unsafe_parse(
|
326
|
+
unsafe_parse(self[:config])
|
331
327
|
end
|
332
328
|
end
|
333
329
|
|
334
330
|
# Unsafely parse the file -- this isn't thread-safe and causes plenty of problems if used directly.
|
335
331
|
def unsafe_parse(file)
|
336
|
-
|
332
|
+
return unless FileTest.exist?(file)
|
333
|
+
begin
|
334
|
+
data = parse_file(file)
|
335
|
+
rescue => details
|
336
|
+
puts details.backtrace if Puppet[:trace]
|
337
|
+
Puppet.err "Could not parse #{file}: #{details}"
|
338
|
+
return
|
339
|
+
end
|
340
|
+
|
341
|
+
unsafe_clear(true)
|
342
|
+
|
343
|
+
data.each do |area, values|
|
337
344
|
@values[area] = values
|
338
345
|
end
|
339
346
|
|
@@ -425,9 +432,7 @@ class Puppet::Util::Settings
|
|
425
432
|
def reparse
|
426
433
|
if file and file.changed?
|
427
434
|
Puppet.notice "Reparsing %s" % file.file
|
428
|
-
|
429
|
-
parse
|
430
|
-
end
|
435
|
+
parse
|
431
436
|
reuse()
|
432
437
|
end
|
433
438
|
end
|
@@ -89,11 +89,14 @@ class Puppet::Util::Settings::FileSetting < Puppet::Util::Settings::Setting
|
|
89
89
|
return nil if path =~ /^\/dev/
|
90
90
|
|
91
91
|
resource = Puppet::Resource.new(:file, path)
|
92
|
-
resource[:mode] = self.mode if self.mode
|
93
92
|
|
94
|
-
if Puppet
|
95
|
-
resource[:
|
96
|
-
|
93
|
+
if Puppet[:manage_internal_file_permissions]
|
94
|
+
resource[:mode] = self.mode if self.mode
|
95
|
+
|
96
|
+
if Puppet.features.root?
|
97
|
+
resource[:owner] = self.owner if self.owner
|
98
|
+
resource[:group] = self.group if self.group
|
99
|
+
end
|
97
100
|
end
|
98
101
|
|
99
102
|
resource[:ensure] = type
|
@@ -7,7 +7,7 @@ module Puppet::Util::SUIDManager
|
|
7
7
|
extend Forwardable
|
8
8
|
|
9
9
|
to_delegate_to_process = [ :euid=, :euid, :egid=, :egid,
|
10
|
-
:uid=, :uid, :gid=, :gid ]
|
10
|
+
:uid=, :uid, :gid=, :gid, :groups=, :groups ]
|
11
11
|
|
12
12
|
to_delegate_to_process.each do |method|
|
13
13
|
def_delegator Process, method
|
@@ -26,13 +26,16 @@ module Puppet::Util::SUIDManager
|
|
26
26
|
# We set both because some programs like to drop privs, i.e. bash.
|
27
27
|
old_uid, old_gid = self.uid, self.gid
|
28
28
|
old_euid, old_egid = self.euid, self.egid
|
29
|
+
old_groups = self.groups
|
29
30
|
begin
|
30
31
|
self.egid = convert_xid :gid, new_gid if new_gid
|
32
|
+
self.initgroups(convert_xid(:uid, new_uid)) if new_uid
|
31
33
|
self.euid = convert_xid :uid, new_uid if new_uid
|
32
34
|
|
33
35
|
yield
|
34
36
|
ensure
|
35
37
|
self.euid, self.egid = old_euid, old_egid
|
38
|
+
self.groups = old_groups
|
36
39
|
end
|
37
40
|
end
|
38
41
|
module_function :asuser
|
@@ -49,6 +52,13 @@ module Puppet::Util::SUIDManager
|
|
49
52
|
end
|
50
53
|
module_function :convert_xid
|
51
54
|
|
55
|
+
# Initialize supplementary groups
|
56
|
+
def initgroups(user)
|
57
|
+
require 'etc'
|
58
|
+
Process.initgroups(Etc.getpwuid(user).name, Process.gid)
|
59
|
+
end
|
60
|
+
|
61
|
+
module_function :initgroups
|
52
62
|
|
53
63
|
def run_and_capture(command, new_uid=nil, new_gid=nil)
|
54
64
|
output = Puppet::Util.execute(command, :failonfail => false, :uid => new_uid, :gid => new_gid)
|
data/lib/puppet/util/tagging.rb
CHANGED
@@ -16,13 +16,12 @@ module Puppet::Util::Tagging
|
|
16
16
|
@tags << tag unless @tags.include?(tag)
|
17
17
|
end
|
18
18
|
|
19
|
-
|
20
|
-
qualified.collect { |name| x = name.split("::") }.flatten.each { |tag| @tags << tag unless @tags.include?(tag) }
|
19
|
+
handle_qualified_tags( qualified )
|
21
20
|
end
|
22
21
|
|
23
22
|
# Are we tagged with the provided tag?
|
24
|
-
def tagged?(
|
25
|
-
|
23
|
+
def tagged?(*tags)
|
24
|
+
not ( self.tags & tags.flatten.collect { |t| t.to_s } ).empty?
|
26
25
|
end
|
27
26
|
|
28
27
|
# Return a copy of the tag list, so someone can't ask for our tags
|
@@ -32,8 +31,27 @@ module Puppet::Util::Tagging
|
|
32
31
|
@tags.dup
|
33
32
|
end
|
34
33
|
|
34
|
+
def tags=(tags)
|
35
|
+
@tags = []
|
36
|
+
|
37
|
+
return if tags.nil? or tags == ""
|
38
|
+
|
39
|
+
if tags.is_a?(String)
|
40
|
+
tags = tags.strip.split(/\s*,\s*/)
|
41
|
+
end
|
42
|
+
|
43
|
+
tags.each do |t|
|
44
|
+
tag(t)
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
35
48
|
private
|
36
49
|
|
50
|
+
def handle_qualified_tags( qualified )
|
51
|
+
# LAK:NOTE See http://snurl.com/21zf8 [groups_google_com]
|
52
|
+
qualified.collect { |name| x = name.split("::") }.flatten.each { |tag| @tags << tag unless @tags.include?(tag) }
|
53
|
+
end
|
54
|
+
|
37
55
|
def valid_tag?(tag)
|
38
56
|
tag =~ /^\w[-\w:.]*$/
|
39
57
|
end
|