puppet 2.6.12 → 2.6.13

data/spec/unit/type/file_spec.rb

@@ -1190,4 +1190,10 @@ describe Puppet::Type.type(:file) do
       @file[:checksum].should be :md5lite
     end
   end
+
+  describe ".instances" do
+    it 'should return an empty array' do
+      Puppet::Type::File.instances.should == []
+    end
+  end
 end

data/spec/unit/type/user_spec.rb

@@ -290,6 +290,14 @@ describe user do
       @password.change_to_s("other", "mypass").should_not be_include("mypass")
     end
 
+    it "should redact the password when displaying the old value" do
+      @password.is_to_s("currentpassword").should =~ /^\[old password hash redacted\]$/
+    end
+
+    it "should redact the password when displaying the new value" do
+      @password.should_to_s("newpassword").should =~ /^\[new password hash redacted\]$/
+    end
+
     it "should fail if a ':' is included in the password" do
       lambda { @password.should = "some:thing" }.should raise_error(Puppet::Error)
     end

data/spec/unit/util/settings_spec.rb

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 
 require File.dirname(__FILE__) + '/../../spec_helper'
+require 'ostruct'
 
 describe Puppet::Util::Settings do
   describe "when specifying defaults" do
@@ -1115,4 +1116,14 @@ describe Puppet::Util::Settings do
 
     it "should cache the result"
   end
+
+  describe "#writesub" do
+    it "should only pass valid arguments to File.open" do
+      settings = Puppet::Util::Settings.new
+      settings.stubs(:get_config_file_default).with(:privatekeydir).returns(OpenStruct.new(:mode => "750"))
+
+      File.expects(:open).with("/path/to/keydir", "w", 750).returns true
+      settings.writesub(:privatekeydir, "/path/to/keydir")
+    end
+  end
 end

data/spec/unit/util/suidmanager_spec.rb

@@ -0,0 +1,210 @@
+#!/usr/bin/env rspec
+
+require 'spec_helper'
+
+describe Puppet::Util::SUIDManager do
+  let :user do
+    Puppet::Type.type(:user).new(:name => 'name', :uid => 42, :gid => 42)
+  end
+
+  let :xids do
+    Hash.new {|h,k| 0}
+  end
+
+  before :each do
+    Puppet::Util::SUIDManager.stubs(:convert_xid).returns(42)
+    Puppet::Util::SUIDManager.stubs(:initgroups)
+
+    [:euid, :egid, :uid, :gid, :groups].each do |id|
+      Process.stubs("#{id}=").with {|value| xids[id] = value}
+    end
+  end
+
+  describe "#uid" do
+    it "should allow setting euid/egid" do
+      Puppet::Util::SUIDManager.egid = user[:gid]
+      Puppet::Util::SUIDManager.euid = user[:uid]
+
+      xids[:egid].should == user[:gid]
+      xids[:euid].should == user[:uid]
+    end
+  end
+
+  describe "#asuser" do
+    it "should set euid/egid when root" do
+      Process.stubs(:uid).returns(0)
+
+      Process.stubs(:egid).returns(51)
+      Process.stubs(:euid).returns(50)
+
+      Puppet::Util::SUIDManager.stubs(:convert_xid).with(:gid, 51).returns(51)
+      Puppet::Util::SUIDManager.stubs(:convert_xid).with(:uid, 50).returns(50)
+
+      yielded = false
+      Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) do
+        xids[:egid].should == user[:gid]
+        xids[:euid].should == user[:uid]
+        yielded = true
+      end
+
+      xids[:egid].should == 51
+      xids[:euid].should == 50
+
+      # It's possible asuser could simply not yield, so the assertions in the
+      # block wouldn't fail. So verify those actually got checked.
+      yielded.should be_true
+    end
+
+    it "should not get or set euid/egid when not root" do
+      Process.stubs(:uid).returns(1)
+
+      Process.stubs(:egid).returns(51)
+      Process.stubs(:euid).returns(50)
+
+      Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) {}
+
+      xids.should be_empty
+    end
+  end
+
+  describe "#change_group" do
+    describe "when changing permanently" do
+      it "should try to change_privilege if it is supported" do
+        Process::GID.expects(:change_privilege).with do |gid|
+          Process.gid = gid
+          Process.egid = gid
+        end
+
+        Puppet::Util::SUIDManager.change_group(42, true)
+
+        xids[:egid].should == 42
+        xids[:gid].should == 42
+      end
+
+      it "should change both egid and gid if change_privilege isn't supported" do
+        Process::GID.stubs(:change_privilege).raises(NotImplementedError)
+
+        Puppet::Util::SUIDManager.change_group(42, true)
+
+        xids[:egid].should == 42
+        xids[:gid].should == 42
+      end
+    end
+
+    describe "when changing temporarily" do
+      it "should change only egid" do
+        Puppet::Util::SUIDManager.change_group(42, false)
+
+        xids[:egid].should == 42
+        xids[:gid].should == 0
+      end
+    end
+  end
+
+  describe "#change_user" do
+    describe "when changing permanently" do
+      it "should try to change_privilege if it is supported" do
+        Process::UID.expects(:change_privilege).with do |uid|
+          Process.uid = uid
+          Process.euid = uid
+        end
+
+        Puppet::Util::SUIDManager.change_user(42, true)
+
+        xids[:euid].should == 42
+        xids[:uid].should == 42
+      end
+
+      it "should change euid and uid and groups if change_privilege isn't supported" do
+        Process::UID.stubs(:change_privilege).raises(NotImplementedError)
+
+        Puppet::Util::SUIDManager.expects(:initgroups).with(42)
+
+        Puppet::Util::SUIDManager.change_user(42, true)
+
+        xids[:euid].should == 42
+        xids[:uid].should == 42
+      end
+    end
+
+    describe "when changing temporarily" do
+      it "should change only euid and groups" do
+        Puppet::Util::SUIDManager.change_user(42, false)
+
+        xids[:euid].should == 42
+        xids[:uid].should == 0
+      end
+
+      it "should set euid before groups if changing to root" do
+        Process.stubs(:euid).returns 50
+
+        when_not_root = sequence 'when_not_root'
+
+        Process.expects(:euid=).in_sequence(when_not_root)
+        Puppet::Util::SUIDManager.expects(:initgroups).in_sequence(when_not_root)
+
+        Puppet::Util::SUIDManager.change_user(0, false)
+      end
+
+      it "should set groups before euid if changing from root" do
+        Process.stubs(:euid).returns 0
+
+        when_root = sequence 'when_root'
+
+        Puppet::Util::SUIDManager.expects(:initgroups).in_sequence(when_root)
+        Process.expects(:euid=).in_sequence(when_root)
+
+        Puppet::Util::SUIDManager.change_user(50, false)
+      end
+    end
+  end
+
+  describe "when running commands" do
+    before :each do
+      # We want to make sure $CHILD_STATUS is set
+      Kernel.system '' if $CHILD_STATUS.nil?
+    end
+
+    describe "with #system" do
+      it "should set euid/egid when root" do
+        Process.stubs(:uid).returns(0)
+        Process.stubs(:egid).returns(51)
+        Process.stubs(:euid).returns(50)
+
+        Puppet::Util::SUIDManager.stubs(:convert_xid).with(:gid, 51).returns(51)
+        Puppet::Util::SUIDManager.stubs(:convert_xid).with(:uid, 50).returns(50)
+
+        Puppet::Util::SUIDManager.expects(:change_group).with(user[:uid])
+        Puppet::Util::SUIDManager.expects(:change_user).with(user[:uid])
+
+        Puppet::Util::SUIDManager.expects(:change_group).with(51)
+        Puppet::Util::SUIDManager.expects(:change_user).with(50)
+
+        Kernel.expects(:system).with('blah')
+        Puppet::Util::SUIDManager.system('blah', user[:uid], user[:gid])
+      end
+
+      it "should not get or set euid/egid when not root" do
+        Process.stubs(:uid).returns(1)
+        Kernel.expects(:system).with('blah')
+
+        Puppet::Util::SUIDManager.system('blah', user[:uid], user[:gid])
+
+        xids.should be_empty
+      end
+    end
+
+    describe "with #run_and_capture" do
+      it "should capture the output and return process status" do
+        Puppet::Util.
+          expects(:execute).
+          with('yay', :combine => true, :failonfail => false, :uid => user[:uid], :gid => user[:gid]).
+          returns('output')
+        output = Puppet::Util::SUIDManager.run_and_capture 'yay', user[:uid], user[:gid]
+
+        output.first.should == 'output'
+        output.last.should be_a(Process::Status)
+      end
+    end
+  end
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: puppet
 version: !ruby/object:Gem::Version 
-  hash: 15
+  hash: 13
   prerelease: 
   segments: 
   - 2
   - 6
-  - 12
-  version: 2.6.12
+  - 13
+  version: 2.6.13
 platform: ruby
 authors: 
 - Puppet Labs
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-10-22 00:00:00 Z
+date: 2011-12-12 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: facter
@@ -53,6 +53,7 @@ extra_rdoc_files: []
 files: 
 - CHANGELOG
 - CHANGELOG.old
+- CONTRIBUTING.md
 - COPYING
 - LICENSE
 - Rakefile
@@ -156,6 +157,7 @@ files:
 - lib/puppet/indirector/facts/couch.rb
 - lib/puppet/indirector/facts/facter.rb
 - lib/puppet/indirector/facts/inventory_active_record.rb
+- lib/puppet/indirector/facts/inventory_service.rb
 - lib/puppet/indirector/facts/memory.rb
 - lib/puppet/indirector/facts/rest.rb
 - lib/puppet/indirector/facts/yaml.rb
@@ -234,6 +236,8 @@ files:
 - lib/puppet/network/http/webrick.rb
 - lib/puppet/network/http.rb
 - lib/puppet/network/http_pool.rb
+- lib/puppet/network/http_server/mongrel.rb
+- lib/puppet/network/http_server.rb
 - lib/puppet/network/rest_authconfig.rb
 - lib/puppet/network/rest_authorization.rb
 - lib/puppet/network/rest_controller.rb
@@ -721,6 +725,7 @@ files:
 - ext/regexp_nodes/parameters/environment/prod
 - ext/regexp_nodes/parameters/environment/qa
 - ext/regexp_nodes/regexp_nodes.rb
+- ext/upload_facts.rb
 - ext/vim/ftdetect/puppet.vim
 - ext/vim/ftplugin/puppet.vim
 - ext/vim/indent/puppet.vim
@@ -869,7 +874,6 @@ files:
 - test/other/transactions.rb
 - test/puppet/defaults.rb
 - test/puppet/errortest.rb
-- test/puppet/tc_suidmanager.rb
 - test/rails/rails.rb
 - test/rails/railsparameter.rb
 - test/Rakefile
@@ -1052,6 +1056,7 @@ files:
 - spec/unit/indirector/facts/couch_spec.rb
 - spec/unit/indirector/facts/facter_spec.rb
 - spec/unit/indirector/facts/inventory_active_record_spec.rb
+- spec/unit/indirector/facts/inventory_service_spec.rb
 - spec/unit/indirector/facts/rest_spec.rb
 - spec/unit/indirector/facts/yaml_spec.rb
 - spec/unit/indirector/file_bucket_file/file_spec.rb
@@ -1351,6 +1356,7 @@ files:
 - spec/unit/util/settings/file_setting_spec.rb
 - spec/unit/util/settings_spec.rb
 - spec/unit/util/storage_spec.rb
+- spec/unit/util/suidmanager_spec.rb
 - spec/unit/util/tagging_spec.rb
 - spec/unit/util/user_attr_spec.rb
 - spec/unit/util/warnings_spec.rb

data/test/puppet/tc_suidmanager.rb

@@ -1,120 +0,0 @@
-#!/usr/bin/env ruby
-
-require File.dirname(__FILE__) + '/../lib/puppettest'
-
-require 'puppet'
-require 'puppettest'
-require 'test/unit'
-require 'mocha'
-
-class TestSUIDManager < Test::Unit::TestCase
-  include PuppetTest
-
-  def setup
-    the_id = 42
-    Puppet::Util::SUIDManager.stubs(:convert_xid).returns(the_id)
-    Puppet::Util::SUIDManager.stubs(:initgroups)
-    @user = stub('user', :uid => the_id, :gid => the_id, :name => 'name')
-    super
-  end
-
-  def test_metaprogramming_function_additions
-    # NOTE: the way that we are dynamically generating the methods in
-    # SUIDManager for the UID/GID calls was causing problems due to the
-    # modification of a closure. Should the bug rear itself again, this
-    # test will fail.
-    Process.expects(:uid).times(2)
-
-    assert_nothing_raised do
-      Puppet::Util::SUIDManager.uid
-      Puppet::Util::SUIDManager.uid
-    end
-  end
-
-  def test_id_set
-    Process.expects(:euid=).with(@user.uid)
-    Process.expects(:egid=).with(@user.gid)
-
-    assert_nothing_raised do
-      Puppet::Util::SUIDManager.egid = @user.gid
-      Puppet::Util::SUIDManager.euid = @user.uid
-    end
-  end
-
-  def test_utiluid
-    assert_not_equal(nil, Puppet::Util.uid(nonrootuser.name))
-  end
-
-  def test_asuser_as_root
-    Process.stubs(:uid).returns(0)
-    expects_id_set_and_revert @user.uid, @user.gid
-    Puppet::Util::SUIDManager.asuser @user.uid, @user.gid do end
-  rescue Errno::EPERM
-  end
-
-  def test_asuser_as_nonroot
-    Process.stubs(:uid).returns(1)
-    expects_no_id_set
-    Puppet::Util::SUIDManager.asuser @user.uid, @user.gid do end
-  end
-
-
-  def test_system_as_root
-    Process.stubs(:uid).returns(0)
-    set_exit_status!
-    expects_id_set_and_revert @user.uid, @user.gid
-    Kernel.expects(:system).with('blah')
-    Puppet::Util::SUIDManager.system('blah', @user.uid, @user.gid)
-  end
-
-  def test_system_as_nonroot
-    Process.stubs(:uid).returns(1)
-    set_exit_status!
-    expects_no_id_set
-    Kernel.expects(:system).with('blah')
-    Puppet::Util::SUIDManager.system('blah', @user.uid, @user.gid)
-  end
-
-  def test_run_and_capture
-    if (RUBY_VERSION <=> "1.8.4") < 0
-      warn "Cannot run this test on ruby < 1.8.4"
-    else
-      set_exit_status!
-      Puppet::Util.
-        expects(:execute).
-        with('yay',:combine => true, :failonfail => false, :uid => @user.uid, :gid => @user.gid).
-        returns('output')
-      output = Puppet::Util::SUIDManager.run_and_capture 'yay', @user.uid, @user.gid
-
-      assert_equal 'output', output.first
-      assert_kind_of Process::Status, output.last
-    end
-  end
-
-  private
-
-  def expects_id_set_and_revert(uid, gid)
-    Process.stubs(:groups=)
-    Process.expects(:euid).returns(99997)
-    Process.expects(:egid).returns(99996)
-
-    Process.expects(:euid=).with(uid)
-    Process.expects(:egid=).with(gid)
-
-    Process.expects(:euid=).with(99997)
-    Process.expects(:egid=).with(99996)
-  end
-
-  def expects_no_id_set
-    Process.expects(:egid).never
-    Process.expects(:euid).never
-    Process.expects(:egid=).never
-    Process.expects(:euid=).never
-  end
-
-  def set_exit_status!
-    # We want to make sure $CHILD_STATUS is set, this is the only way I know how.
-    Kernel.system '' if $CHILD_STATUS.nil?
-  end
-end
-