puppet 0.25.4 → 0.25.5

data/lib/puppet/provider/augeas/augeas.rb

@@ -39,6 +39,7 @@ Puppet::Type.type(:augeas).provide(:augeas) do
       "match" => [ :path, :glob ],
       "size" => [:comparator, :int],
       "include" => [:string],
+      "not_include" => [:string],
       "==" => [:glob],
       "!=" => [:glob]
     }
@@ -81,18 +82,24 @@ Puppet::Type.type(:augeas).provide(:augeas) do
                 if f == :path
                     start = sc.pos
                     nbracket = 0
+                    inSingleTick = false
+                    inDoubleTick = false
                     begin
-                        sc.skip(/([^\]\[\s\\]|\\.)+/)
+                        sc.skip(/([^\]\[\s\\'"]|\\.)+/)
                         ch = sc.getch
                         nbracket += 1 if ch == "["
                         nbracket -= 1 if ch == "]"
+                        inSingleTick = !inSingleTick if ch == "'"
+                        inDoubleTick = !inDoubleTick if ch == "\""
                         fail("unmatched [") if nbracket < 0
-                    end until nbracket == 0 && (sc.eos? || ch =~ /\s/)
+                    end until ((nbracket == 0 && !inSingleTick && !inDoubleTick && (ch =~ /\s/)) || sc.eos?)
                         len = sc.pos - start
                         len -= 1 unless sc.eos?
                     unless p = sc.string[start, len]
                         fail("missing path argument #{narg} for #{cmd}")
                     end
+                    # Rip off any ticks if they are there.
+                    p = p[1, (p.size - 2)] if p[0,1] == "'" || p[0,1] == "\""
                     p.chomp!("/")
                     if p[0,1] != "$" && p[0,1] != "/"
                         argline << context + p
@@ -196,6 +203,8 @@ Puppet::Type.type(:augeas).provide(:augeas) do
 
         #Get the values from augeas
         result = @aug.match(path) || []
+        fail("Error trying to match path '#{path}'") if (result == -1)
+
         # Now do the work
         case verb
         when "size"
@@ -206,6 +215,9 @@ Puppet::Type.type(:augeas).provide(:augeas) do
         when "include"
             arg = clause_array.shift
             return_value = result.include?(arg)
+        when "not_include"
+            arg = clause_array.shift
+            return_value = !result.include?(arg)
         when "=="
             begin
                 arg = clause_array.shift
@@ -272,7 +284,7 @@ Puppet::Type.type(:augeas).provide(:augeas) do
                     save_result = @aug.save
                     saved_files = @aug.match("/augeas/events/saved")
                     if save_result and not files_changed?
-                        debug("Skipping becuase no files were changed")
+                        debug("Skipping because no files were changed")
                         return_value = false
                     else
                         debug("Files changed, should execute")
@@ -317,13 +329,16 @@ Puppet::Type.type(:augeas).provide(:augeas) do
                 case command
                     when "set"
                         debug("sending command '#{command}' with params #{cmd_array.inspect}")
-                        aug.set(cmd_array[0], cmd_array[1])
+                        rv = aug.set(cmd_array[0], cmd_array[1])
+                        fail("Error sending command '#{command}' with params #{cmd_array.inspect}") if (!rv)
                     when "rm", "remove"
                         debug("sending command '#{command}' with params #{cmd_array.inspect}")
-                        aug.rm(cmd_array[0])
+                        rv = aug.rm(cmd_array[0])
+                        fail("Error sending command '#{command}' with params #{cmd_array.inspect}") if (rv == -1)
                     when "clear"
                         debug("sending command '#{command}' with params #{cmd_array.inspect}")
-                        @aug.clear(cmd_array[0])
+                        rv = aug.clear(cmd_array[0])
+                        fail("Error sending command '#{command}' with params #{cmd_array.inspect}") if (!rv)
                     when "insert", "ins"
                         label = cmd_array[0]
                         where = cmd_array[1]
@@ -334,7 +349,8 @@ Puppet::Type.type(:augeas).provide(:augeas) do
                             else fail("Invalid value '#{where}' for where param")
                         end
                         debug("sending command '#{command}' with params #{[label, where, path].inspect}")
-                        aug.insert(path, label, before)
+                        rv = aug.insert(path, label, before)
+                        fail("Error sending command '#{command}' with params #{cmd_array.inspect}") if (rv == -1)
                     else fail("Command '#{command}' is not supported")
                 end
             rescue SystemExit,NoMemoryError

data/lib/puppet/provider/macauthorization/macauthorization.rb

@@ -15,7 +15,7 @@ Puppet::Type.type(:macauthorization).provide :macauthorization, :parent => Puppe
     confine :operatingsystem => :darwin
 
     # This should be confined based on macosx_productversion once
-    # http://projects.reductivelabs.com/issues/show/1796
+    # http://projects.puppetlabs.com/issues/show/1796
     # is resolved.
     if FileTest.exists?("/usr/bin/sw_vers")
         product_version = sw_vers "-productVersion"

data/lib/puppet/provider/maillist/mailman.rb

@@ -67,7 +67,7 @@ Puppet::Type.type(:maillist).provide(:mailman) do
     end
 
     # Delete the list.
-    def delete(purge = false)
+    def destroy(purge = false)
         args = []
         if purge
             args << "--archives"
@@ -99,7 +99,7 @@ Puppet::Type.type(:maillist).provide(:mailman) do
 
     # Remove the list and its archives.
     def purge
-        delete(true)
+        destroy(true)
     end
 
     # Pull the current state of the list from the full list.  We're

data/lib/puppet/provider/package/portage.rb

@@ -12,7 +12,7 @@ Puppet::Type.type(:package).provide :portage, :parent => Puppet::Provider::Packa
     defaultfor :operatingsystem => :gentoo
 
     def self.instances
-        result_format = /(\S+) (\S+) \[(\S+)\] \[(\S+)\] (\S+) (.*)/
+        result_format = /^(\S+)\s+(\S+)\s+\[(\S+)\]\s+\[(\S+)\]\s+(\S+)\s+(.*)$/
         result_fields = [:category, :name, :ensure, :version_available, :vendor, :description]
 
         version_format = "{last}<version>{}"
@@ -72,7 +72,7 @@ Puppet::Type.type(:package).provide :portage, :parent => Puppet::Provider::Packa
     end
 
     def query
-        result_format = /(\S+) (\S+) \[(\S*)\] \[(\S+)\] (\S+) (.*)/
+        result_format = /^(\S+)\s+(\S+)\s+\[(\S*)\]\s+\[(\S+)\]\s+(\S+)\s+(.*)$/
         result_fields = [:category, :name, :ensure, :version_available, :vendor, :description]
 
         version_format = "{last}<version>{}"

data/lib/puppet/provider/service/debian.rb

@@ -10,7 +10,7 @@ Puppet::Type.type(:service).provide :debian, :parent => :init do
 
     commands :update_rc => "/usr/sbin/update-rc.d"
     # note this isn't being used as a command until
-    # http://projects.reductivelabs.com/issues/2538
+    # http://projects.puppetlabs.com/issues/2538
     # is resolved.
     commands :invoke_rc => "/usr/sbin/invoke-rc.d"
     
@@ -28,7 +28,7 @@ Puppet::Type.type(:service).provide :debian, :parent => :init do
 
     def enabled?
         # TODO: Replace system() call when Puppet::Util.execute gives us a way
-        # to determine exit status.  http://projects.reductivelabs.com/issues/2538
+        # to determine exit status.  http://projects.puppetlabs.com/issues/2538
         system("/usr/sbin/invoke-rc.d", "--quiet", "--query", @resource[:name], "start")
         
         # 104 is the exit status when you query start an enabled service.

data/lib/puppet/provider/service/redhat.rb

@@ -1,6 +1,6 @@
 # Manage Red Hat services.  Start/stop uses /sbin/service and enable/disable uses chkconfig
 
-Puppet::Type.type(:service).provide :redhat, :parent => :init do
+Puppet::Type.type(:service).provide :redhat, :parent => :init, :source => :init do
     desc "Red Hat's (and probably many others) form of ``init``-style service management:
 
     Uses ``chkconfig`` for service enabling and disabling.

data/lib/puppet/provider/service/smf.rb

@@ -70,7 +70,10 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
         end
 
         begin
-            state = svcs("-H", "-o", "state", @resource[:name]).chomp
+            # get the current state and the next state, and if the next
+            # state is set (i.e. not "-") use it for state comparison
+            states = svcs("-H", "-o", "state,nstate", @resource[:name]).chomp.split
+            state = states[1] == "-" ? states[0] : states[1]
         rescue Puppet::ExecutionFailure
             info "Could not get status on service %s" % self.name
             return :stopped

data/lib/puppet/provider/ssh_authorized_key/parsed.rb

@@ -62,36 +62,16 @@ Puppet::Type.type(:ssh_authorized_key).provide(:parsed,
     end
 
     def flush
-        # As path expansion had to be moved in the provider, we cannot generate new file
-        # resources and thus have to chown and chmod here. It smells hackish.
-
-        # Create target's parent directory if nonexistant
-        if target
-            dir = File.dirname(target)
-            if not File.exist? dir
-                Puppet.debug("Creating directory %s which did not exist" % dir)
-                Dir.mkdir(dir, dir_perm)
-            end
-        end
-
-        # Generate the file
-        super
-
-        # Ensure correct permissions
-        if target and user
-            uid = Puppet::Util.uid(user)
-
-            if uid
-                File.chown(uid, nil, dir)
-                File.chown(uid, nil, target)
-            else
-                raise Puppet::Error, "Specified user does not exist"
-            end
-        end
-
-        if target
-            File.chmod(file_perm, target)
+        raise Puppet::Error, "Cannot write SSH authorized keys without user" unless user
+        raise Puppet::Error, "User '#{user}' does not exist"                 unless uid = Puppet::Util.uid(user)
+        unless File.exist?(dir = File.dirname(target))
+            Puppet.debug "Creating #{dir}"
+            Dir.mkdir(dir, dir_perm)
+            File.chown(uid, nil, dir)
         end
+        Puppet::Util::SUIDManager.asuser(user) { super }
+        File.chown(uid, nil, target)
+        File.chmod(file_perm, target)
     end
 
     # parse sshv2 option strings, wich is a comma separated list of

data/lib/puppet/provider/user/user_role_add.rb

@@ -1,6 +1,6 @@
 require 'puppet/util/user_attr'
 
-Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd do
+Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source => :useradd do
 
     desc "User management inherits ``useradd`` and adds logic to manage roles on Solaris using roleadd."
 

data/lib/puppet/reference/configuration.rb

@@ -25,7 +25,7 @@ config = Puppet::Util::Reference.newreference(:configuration, :depth => 1, :doc
         str += ""
         val = object.default
         if name.to_s == "vardir"
-            val = "/var/puppet"
+            val = "/var/lib/puppet"
         elsif name.to_s == "confdir"
             val = "/etc/puppet"
         end

data/lib/puppet/reference/providers.rb

@@ -96,7 +96,7 @@ providers = Puppet::Util::Reference.newreference :providers, :title => "Provider
 
         ret += h(type.name.to_s + "_", 2)
 
-        ret += ".. _%s: %s\n\n" % [type.name, "http://reductivelabs.com/trac/puppet/wiki/TypeReference#%s" % type.name]
+        ret += ".. _%s: %s\n\n" % [type.name, "http://puppetlabs.com/trac/puppet/wiki/TypeReference#%s" % type.name]
         ret += option("Default provider", default)
         ret += doctable(headers, table_data)
 

data/lib/puppet/reports/tagmail.rb

@@ -2,6 +2,7 @@ require 'puppet'
 require 'pp'
 
 require 'net/smtp'
+require 'time'
 
 Puppet::Reports.register_report(:tagmail) do
     desc "This report sends specific log messages to specific email addresses

data/lib/puppet/resource/catalog.rb

@@ -16,7 +16,7 @@ class Puppet::Resource::Catalog < Puppet::SimpleGraph
     class DuplicateResourceError < Puppet::Error; end
 
     extend Puppet::Indirector
-    indirects :catalog, :terminus_class => :compiler
+    indirects :catalog, :terminus_setting => :catalog_terminus
 
     include Puppet::Util::Tagging
     extend Puppet::Util::Pson
@@ -160,7 +160,6 @@ class Puppet::Resource::Catalog < Puppet::SimpleGraph
     ensure
         @applying = false
         cleanup()
-        transaction.cleanup if defined? transaction and transaction
     end
 
     # Are we in the middle of applying the catalog?
@@ -508,12 +507,6 @@ class Puppet::Resource::Catalog < Puppet::SimpleGraph
     private
 
     def cleanup
-        unless @transient_resources.empty?
-            remove_resource(*@transient_resources)
-            @transient_resources.clear
-            @relationship_graph = nil
-        end
-
         # Expire any cached data the resources are keeping.
         expire()
     end

data/lib/puppet/simple_graph.rb

@@ -64,6 +64,14 @@ class Puppet::SimpleGraph
             end
         end
 
+        def each_out_edges
+            @adjacencies[:out].values.each do |edges|
+                edges.each do |edge|
+                    yield edge
+                end
+            end
+        end
+
         # The other vertex in the edge.
         def other_vertex(direction, edge)
             case direction
@@ -146,20 +154,37 @@ class Puppet::SimpleGraph
     # Collect all of the edges that the passed events match.  Returns
     # an array of edges.
     def matching_edges(events, base = nil)
-        events.collect do |event|
-            source = base || event.source
-
-            unless vertex?(source)
-                Puppet.warning "Got an event from invalid vertex %s" % source.ref
-                next
+        # collect edges out from sources
+        if base
+            # consider only edges which are not pointing to any event sources
+            # which is what a recursive file resources produces
+            event_sources = events.inject({}) { |hash, event| hash[event.source] = event.source ; hash}
+            edges = (adjacent(base, :direction => :out, :type => :edges) - event_sources.keys)
+        else
+            edges = events.inject([]) do |edges,event|
+                if wrapper = @vertices[event.source]
+                    wrapper.each_out_edges do |edge|
+                        edges << edge
+                    end
+                else
+                    Puppet.warning "Got an event from invalid #{event.source.ref}"
+                end
+                edges
             end
-            # Get all of the edges that this vertex should forward events
-            # to, which is the same thing as saying all edges directly below
-            # This vertex in the graph.
-            adjacent(source, :direction => :out, :type => :edges).find_all do |edge|
-                edge.match?(event.name)
+        end
+
+        # find all the different event names, we assume there won't be that many
+        # which should greatly shorten the next loop and reduce the cross-join
+        # between events x out-edges
+        event_names = events.inject({}) { |hash, event| hash[event.name] = event.name ; hash }
+
+        # match all our events to the edges
+        event_names.keys.inject([]) do |matching, event_name|
+            edges.each do |edge|
+                matching << edge if edge.match?(event_name)
             end
-        end.compact.flatten
+            matching
+        end
     end
 
     # Return a reversed version of this graph.

data/lib/puppet/ssl/certificate.rb

@@ -28,8 +28,7 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base
     end
 
     def expiration
-        # Our expiration is either that of the cache or the content, whichever comes first
-        cache_expiration = @expiration
-        [(content and content.not_after), cache_expiration].compact.sort.first
+        return nil unless content
+        return content.not_after
     end
 end

data/lib/puppet/ssl/certificate_authority.rb

@@ -284,7 +284,7 @@ class Puppet::SSL::CertificateAuthority
         store.add_file Puppet[:cacert]
         store.add_crl crl.content if self.crl
         store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
-        store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK
+        store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK if Puppet.settings[:certificate_revocation]
 
         unless store.verify(cert.content)
             raise CertificateVerificationError.new(store.error), store.error_string

data/lib/puppet/ssl/host.rb

@@ -154,19 +154,26 @@ class Puppet::SSL::Host
     end
 
     def certificate
-        @certificate ||= (
+        unless @certificate
+            generate_key unless key
+
             # get the CA cert first, since it's required for the normal cert
             # to be of any use.
-            if not (key or generate_key) or not (ca? or Certificate.find("ca")) or not (cert = Certificate.find(name)) or cert.expired?
-                nil
-            elsif not cert.content.check_private_key(key.content)
-                Certificate.expire(name)
-                Puppet.warning "Retrieved certificate does not match private key"
-                nil
-            else
-                cert
+            return nil unless Certificate.find("ca") unless ca?
+            return nil unless @certificate = Certificate.find(name)
+
+            unless certificate_matches_key?
+                raise Puppet::Error, "Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key"
             end
-            )
+        end
+        @certificate
+    end
+
+    def certificate_matches_key?
+        return false unless key
+        return false unless certificate
+
+        return certificate.content.check_private_key(key.content)
     end
 
     # Generate all necessary parts of our ssl host.
@@ -206,7 +213,7 @@ class Puppet::SSL::Host
 
             # If there's a CRL, add it to our store.
             if crl = Puppet::SSL::CertificateRevocationList.find("ca")
-                @ssl_store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK
+                @ssl_store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK if Puppet.settings[:certificate_revocation]
                 @ssl_store.add_crl(crl.content)
             end
             return @ssl_store
@@ -225,7 +232,7 @@ class Puppet::SSL::Host
         rescue Exception => detail
             Puppet.err "Could not request certificate: %s" % detail.to_s
             if time < 1
-                puts "Exiting; failed to retrieve certificate and watiforcert is disabled"
+                puts "Exiting; failed to retrieve certificate and waitforcert is disabled"
                 exit(1)
             else
                 sleep(time)

data/lib/puppet/sslcertificates/ca.rb

@@ -278,13 +278,12 @@ class Puppet::SSLCertificates::CA
         host = thing2name(csr)
 
         csrfile = host2csrfile(host)
-        raise Puppet::Error, "Certificate request for #{host} already exists" if File.exists?(csrfile)
-        Puppet.settings.writesub(:csrdir, csrfile) { |f| f.print csr.to_pem }
+        if File.exists?(csrfile)
+            raise Puppet::Error, "Certificate request for %s already exists" % host
+        end
 
-        certfile = host2certfile(host)
-        if File.exists?(certfile)
-            Puppet.notice "Removing previously signed certificate #{certfile} for #{host}"
-            Puppet::SSLCertificates::Inventory::rebuild
+        Puppet.settings.writesub(:csrdir, csrfile) do |f|
+            f.print csr.to_pem
         end
     end