puppet 2.6.2 → 2.6.3

data/lib/puppet/indirector/catalog/compiler.rb

@@ -107,10 +107,14 @@ class Puppet::Resource::Catalog::Compiler < Puppet::Indirector::Code
       return node
     end
 
-    # If the request is authenticated, then the 'node' info will
-    # be available; if not, then we use the passed-in key.  We rely
-    # on our authorization system to determine whether this is allowed.
-    name = request.node || request.key
+    # We rely on our authorization system to determine whether the connected
+    # node is allowed to compile the catalog's node referenced by key.
+    # By default the REST authorization system makes sure only the connected node
+    # can compile his catalog.
+    # This allows for instance monitoring systems or puppet-load to check several
+    # node's catalog with only one certificate and a modification to auth.conf 
+    # If no key is provided we can only compile the currently connected node.
+    name = request.key || request.node
     if node = find_node(name)
       return node
     end

data/lib/puppet/network/handler/fileserver.rb

@@ -5,6 +5,8 @@ require 'cgi'
 require 'delegate'
 require 'sync'
 
+require 'puppet/network/handler'
+require 'puppet/network/xmlrpc/server'
 require 'puppet/file_serving'
 require 'puppet/file_serving/metadata'
 

data/lib/puppet/network/server.rb

@@ -32,14 +32,14 @@ class Puppet::Network::Server
   # Create a pidfile for our daemon, so we can be stopped and others
   # don't try to start.
   def create_pidfile
-    Puppet::Util.sync(Puppet[:name]).synchronize(Sync::EX) do
+    Puppet::Util.synchronize_on(Puppet[:name],Sync::EX) do
       raise "Could not create PID file: #{pidfile}" unless Puppet::Util::Pidlock.new(pidfile).lock
     end
   end
 
   # Remove the pid file for our daemon.
   def remove_pidfile
-    Puppet::Util.sync(Puppet[:name]).synchronize(Sync::EX) do
+    Puppet::Util.synchronize_on(Puppet[:name],Sync::EX) do
       locker = Puppet::Util::Pidlock.new(pidfile)
       locker.unlock or Puppet.err "Could not remove PID file #{pidfile}" if locker.locked?
     end

data/lib/puppet/node/environment.rb

@@ -124,6 +124,10 @@ class Puppet::Node::Environment
     name.to_s
   end
 
+  def to_sym
+    to_s.to_sym
+  end
+
   # The only thing we care about when serializing an environment is its 
   # identity; everything else is ephemeral and should not be stored or
   # transmitted.

data/lib/puppet/parser/ast/collection.rb

@@ -5,61 +5,44 @@ require 'puppet/parser/collector'
 # An object that collects stored objects from the central cache and returns
 # them to the current host, yo.
 class Puppet::Parser::AST
-class Collection < AST::Branch
-  attr_accessor :type, :query, :form
-  attr_reader :override
-
-  associates_doc
-
-  # We return an object that does a late-binding evaluation.
-  def evaluate(scope)
-    if self.query
-      str, code = self.query.safeevaluate scope
-    else
-      str = code = nil
-    end
-
-    newcoll = Puppet::Parser::Collector.new(scope, @type, str, code, self.form)
-
-    scope.compiler.add_collection(newcoll)
-
-    # overrides if any
-    # Evaluate all of the specified params.
-    if @override
-      params = @override.collect do |param|
-        param.safeevaluate(scope)
+  class Collection < AST::Branch
+    attr_accessor :type, :query, :form
+    attr_reader :override
+
+    associates_doc
+
+    # We return an object that does a late-binding evaluation.
+    def evaluate(scope)
+      str, code = query && query.safeevaluate(scope)
+
+      resource_type = scope.find_resource_type(@type)
+      newcoll = Puppet::Parser::Collector.new(scope, resource_type.name, str, code, self.form)
+
+      scope.compiler.add_collection(newcoll)
+
+      # overrides if any
+      # Evaluate all of the specified params.
+      if @override
+        params = @override.collect { |param| param.safeevaluate(scope) }
+        newcoll.add_override(
+          :parameters => params,
+          :file => @file,
+          :line => @line,
+          :source => scope.source,        
+          :scope => scope
+        )
       end
 
-
-            newcoll.add_override(
-                
-        :parameters => params,
-        :file => @file,
-        :line => @line,
-        :source => scope.source,
-        
-        :scope => scope
-      )
+      newcoll
     end
 
-    newcoll
-  end
-
-  # Handle our parameter ourselves
-  def override=(override)
-    if override.is_a?(AST::ASTArray)
-      @override = override
-    else
-
-            @override = AST::ASTArray.new(
-                
-        :line => override.line,
-        :file => override.file,
-        
-        :children => [override]
-      )
+    # Handle our parameter ourselves
+    def override=(override)
+      @override = if override.is_a?(AST::ASTArray)
+        override
+      else
+        AST::ASTArray.new(:line => override.line,:file => override.file,:children => [override])
+      end
     end
   end
-
-end
 end

data/lib/puppet/parser/ast/leaf.rb

@@ -148,12 +148,20 @@ class Puppet::Parser::AST
       key.respond_to?(:evaluate) ? key.safeevaluate(scope) : key
     end
 
+    def array_index_or_key(object, key)
+      if object.is_a?(Array)
+        raise Puppet::ParserError, "#{key} is not an integer, but is used as an index of an array" unless key = Puppet::Parser::Scope.number?(key)
+      end
+      key
+    end
+
     def evaluate(scope)
       object = evaluate_container(scope)
+      accesskey = evaluate_key(scope)
 
       raise Puppet::ParseError, "#{variable} is not an hash or array when accessing it with #{accesskey}" unless object.is_a?(Hash) or object.is_a?(Array)
 
-      object[evaluate_key(scope)]
+      object[array_index_or_key(object, accesskey)]
     end
 
     # Assign value to this hashkey or array index
@@ -166,7 +174,7 @@ class Puppet::Parser::AST
       end
 
       # assign to hash or array
-      object[accesskey] = value
+      object[array_index_or_key(object, accesskey)] = value
     end
 
     def to_s

data/lib/puppet/parser/ast/resource.rb

@@ -49,10 +49,11 @@ class Resource < AST::ResourceReference
           :strict => true
         )
 
-        # And then store the resource in the compiler.
-        # At some point, we need to switch all of this to return
-        # resources instead of storing them like this.
+        if resource.resource_type.is_a? Puppet::Resource::Type
+          resource.resource_type.instantiate_resource(scope, resource)
+        end
         scope.compiler.add_resource(scope, resource)
+        scope.compiler.evaluate_classes([resource_title],scope,false) if fully_qualified_type == 'class'
         resource
       end
     }.reject { |resource| resource.nil? }

data/lib/puppet/parser/compiler.rb

@@ -144,7 +144,7 @@ class Puppet::Parser::Compiler
       if klass = scope.find_hostclass(name)
         found << name and next if scope.class_scope(klass)
 
-        resource = klass.mk_plain_resource(scope)
+        resource = klass.ensure_in_catalog(scope)
 
         # If they've disabled lazy evaluation (which the :include function does),
         # then evaluate our resource immediately.
@@ -220,7 +220,7 @@ class Puppet::Parser::Compiler
 
     # Create a resource to model this node, and then add it to the list
     # of resources.
-    resource = astnode.mk_plain_resource(topscope)
+    resource = astnode.ensure_in_catalog(topscope)
 
     resource.evaluate
 

data/lib/puppet/parser/functions.rb

@@ -73,8 +73,10 @@ module Puppet::Parser::Functions
   def self.function(name)
     name = symbolize(name)
 
-    unless functions.include?(name) or functions(Puppet::Node::Environment.root).include?(name)
-      autoloader.load(name,Environment.current || Environment.root)
+    @functions.synchronize do
+      unless functions.include?(name) or functions(Puppet::Node::Environment.root).include?(name)
+        autoloader.load(name,Environment.current || Environment.root)
+      end
     end
 
     ( functions(Environment.root)[name] || functions[name] || {:name => false} )[:name]

data/lib/puppet/parser/lexer.rb

@@ -522,13 +522,14 @@ class Puppet::Parser::Lexer
     # backslash; the caret is there to match empty strings
     str = @scanner.scan_until(/([^\\]|^|[^\\])([\\]{2})*[#{terminators}]/) or lex_error "Unclosed quote after '#{last}' in '#{rest}'"
     @line += str.count("\n") # literal carriage returns add to the line count.
-    str.gsub!(/\\(.)/) {
+    str.gsub!(/\\(.)/m) {
       ch = $1
       if escapes.include? ch
         case ch
         when 'n'; "\n"
         when 't'; "\t"
         when 's'; " "
+        when "\n": ''
         else      ch
         end
       else

data/lib/puppet/parser/parser_support.rb

@@ -46,12 +46,12 @@ class Puppet::Parser::Parser
   # Create an AST object, and automatically add the file and line information if
   # available.
   def ast(klass, hash = {})
-    klass.new ast_context(klass.use_docs).merge(hash)
+    klass.new ast_context(klass.use_docs, hash[:line]).merge(hash)
   end
 
-  def ast_context(include_docs = false)
+  def ast_context(include_docs = false, ast_line = nil)
     result = {
-      :line => lexer.line,
+      :line => ast_line || lexer.line,
       :file => lexer.file
     }
     result[:doc] = lexer.getcomment(result[:line]) if include_docs

data/lib/puppet/provider.rb

@@ -12,7 +12,7 @@ class Puppet::Provider
   Puppet::Util.logmethods(self, true)
 
   class << self
-    # Include the util module so we have access to things like 'binary'
+    # Include the util module so we have access to things like 'which'
     include Puppet::Util, Puppet::Util::Docs
     include Puppet::Util::Logging
     attr_accessor :name
@@ -43,7 +43,7 @@ class Puppet::Provider
       raise Puppet::DevError, "No command #{name} defined for provider #{self.name}"
     end
 
-    binary(command)
+    which(command)
   end
 
   # Define commands that are not optional.

data/lib/puppet/provider/confine/exists.rb

@@ -6,10 +6,7 @@ class Puppet::Provider::Confine::Exists < Puppet::Provider::Confine
   end
 
   def pass?(value)
-    if for_binary?
-      return false unless value = binary(value)
-    end
-    value and FileTest.exist?(value)
+    value && (for_binary? ? which(value) : FileTest.exist?(value))
   end
 
   def message(value)

data/lib/puppet/provider/mount.rb

@@ -41,7 +41,7 @@ module Puppet::Provider::Mount
       case platform
       when "Darwin"
         line =~ / on #{name} / or line =~ %r{ on /private/var/automount#{name}}
-      when "Solaris"
+      when "Solaris", "HP-UX"
         line =~ /^#{name} on /
       else
         line =~ / on #{name} /

data/lib/puppet/provider/nameservice.rb

@@ -165,7 +165,9 @@ class Puppet::Provider::NameService < Puppet::Provider
 
     begin
       execute(self.addcmd)
-      execute(self.passcmd) if self.feature? :manages_password_age
+      if feature?(:manages_password_age) && (cmd = passcmd)
+        execute(cmd)
+      end
     rescue Puppet::ExecutionFailure => detail
       raise Puppet::Error, "Could not create #{@resource.class.name} #{@resource.name}: #{detail}"
     end

data/lib/puppet/provider/package/openbsd.rb

@@ -2,7 +2,6 @@ require 'puppet/provider/package'
 
 # Packaging on OpenBSD.  Doesn't work anywhere else that I know of.
 Puppet::Type.type(:package).provide :openbsd, :parent => Puppet::Provider::Package do
-  include Puppet::Util::Execution
   desc "OpenBSD's form of `pkg_add` support."
 
   commands :pkginfo => "pkg_info", :pkgadd => "pkg_add", :pkgdelete => "pkg_delete"
@@ -61,18 +60,15 @@ Puppet::Type.type(:package).provide :openbsd, :parent => Puppet::Provider::Packa
         "You must specify a package source for BSD packages"
     end
 
-    old_ensure = @resource[:ensure]
-
-    if @resource[:source] =~ /\/$/
-      withenv :PKG_PATH => @resource[:source] do
-        @resource[:ensure] = old_ensure if (@resource[:ensure] = get_version) == nil
-        full_name = [ @resource[:name], @resource[:ensure], @resource[:flavor] ]
-        pkgadd full_name.join('-').chomp('-')
-      end
+    if @resource[:source][-1,1] == ::File::PATH_SEPARATOR
+      e_vars = { :PKG_PATH => @resource[:source] }
+      full_name = [ @resource[:name], get_version || @resource[:ensure], @resource[:flavor] ].join('-').chomp('-')
     else
-      pkgadd @resource[:source]
+      e_vars = {}
+      full_name = @resource[:source]
     end
 
+     Puppet::Util::Execution::withenv(e_vars) { pkgadd full_name }
   end
 
   def get_version

data/lib/puppet/provider/service/freebsd.rb

@@ -18,6 +18,9 @@ Puppet::Type.type(:service).provide :freebsd, :parent => :init do
   def rcvar
     rcvar = execute([self.initscript, :rcvar], :failonfail => true, :squelch => false)
     rcvar = rcvar.split("\n")
+    rcvar.delete_if {|str| str =~ /^#\s*$/}
+    rcvar[1] = rcvar[1].gsub(/^\$/, '')
+    rcvar
   end
 
   # Extract service name
@@ -44,7 +47,7 @@ Puppet::Type.type(:service).provide :freebsd, :parent => :init do
   def rcvar_value
     value = self.rcvar[1]
     self.error("No rcvar value found in rcvar") if value.nil?
-    value = value.gsub!(/(.*)_enable=\"?(.*)\"?/, '\2')
+    value = value.gsub!(/(.*)_enable="?(\w+)"?/, '\2')
     self.error("rcvar value is empty") if value.nil?
     self.debug("rcvar value is #{value}")
     value

data/lib/puppet/provider/service/launchd.rb

@@ -56,7 +56,7 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
   # Read a plist, whether its format is XML or in Apple's "binary1"
   # format.
   def self.read_plist(path)
-    Plist::parse_xml(plutil('-convert', 'xml1', '-o', '-', path))
+    Plist::parse_xml(plutil('-convert', 'xml1', '-o', '/dev/stdout', path))
   end
 
   # returns a label => path map for either all jobs, or just a single

data/lib/puppet/provider/user/user_role_add.rb

@@ -6,15 +6,15 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
 
   defaultfor :operatingsystem => :solaris
 
-  commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "chage", :role_add => "roleadd", :role_delete => "roledel", :role_modify => "rolemod"
+  commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "passwd", :role_add => "roleadd", :role_delete => "roledel", :role_modify => "rolemod"
   options :home, :flag => "-d", :method => :dir
   options :comment, :method => :gecos
   options :groups, :flag => "-G"
   options :roles, :flag => "-R"
   options :auths, :flag => "-A"
   options :profiles, :flag => "-P"
-  options :password_min_age, :flag => "-m"
-  options :password_max_age, :flag => "-M"
+  options :password_min_age, :flag => "-n"
+  options :password_max_age, :flag => "-x"
 
   verify :gid, "GID must be an integer" do |value|
     value.is_a? Integer
@@ -81,7 +81,9 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
       run(transition("normal"), "transition role to")
     else
       run(addcmd, "create")
-      run(passcmd, "change password policy for")
+      if cmd = passcmd
+        run(cmd, "change password policy for")
+      end
     end
     # added to handle case when password is specified
     self.password = @resource[:password] if @resource[:password]
@@ -154,11 +156,11 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
     shadow_entry[1] if shadow_entry
   end
 
-  def min_age
+  def password_min_age
     shadow_entry ? shadow_entry[3] : :absent
   end
 
-  def max_age
+  def password_max_age
     shadow_entry ? shadow_entry[4] : :absent
   end
 

data/lib/puppet/provider/user/useradd.rb

@@ -70,16 +70,15 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
   end
 
   def passcmd
-    cmd = [command(:password)]
-    [:password_min_age, :password_max_age].each do |property|
-      if value = @resource.should(property)
-        cmd << flag(property) << value
-      end
+    age_limits = [:password_min_age, :password_max_age].select { |property| @resource.should(property) }
+    if age_limits.empty?
+      nil
+    else
+      [command(:password),age_limits.collect { |property| [flag(property), @resource.should(property)]}, @resource[:name]].flatten
     end
-    cmd << @resource[:name]
   end
 
-  def min_age
+  def password_min_age
     if Puppet.features.libshadow?
       if ent = Shadow::Passwd.getspnam(@resource.name)
         return ent.sp_min
@@ -88,7 +87,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
     :absent
   end
 
-  def max_age
+  def password_max_age
     if Puppet.features.libshadow?
       if ent = Shadow::Passwd.getspnam(@resource.name)
         return ent.sp_max