puppet 2.7.14 → 2.7.16

data/lib/puppet/util.rb

@@ -9,6 +9,7 @@ require 'sync'
 require 'monitor'
 require 'tempfile'
 require 'pathname'
+require 'puppet/util/platform'
 
 module Puppet
   # A command failed to execute.
@@ -170,16 +171,21 @@ module Util
       return bin if FileTest.file? bin and FileTest.executable? bin
     else
       ENV['PATH'].split(File::PATH_SEPARATOR).each do |dir|
-        dest = File.expand_path(File.join(dir, bin))
-        if Puppet.features.microsoft_windows? && File.extname(dest).empty?
-          exts = ENV['PATHEXT']
-          exts = exts ? exts.split(File::PATH_SEPARATOR) : %w[.COM .EXE .BAT .CMD]
-          exts.each do |ext|
-            destext = File.expand_path(dest + ext)
-            return destext if FileTest.file? destext and FileTest.executable? destext
+        begin
+          dest = File.expand_path(File.join(dir, bin))
+          if Puppet.features.microsoft_windows? && File.extname(dest).empty?
+            exts = ENV['PATHEXT']
+            exts = exts ? exts.split(File::PATH_SEPARATOR) : %w[.COM .EXE .BAT .CMD]
+            exts.each do |ext|
+              destext = File.expand_path(dest + ext)
+              return destext if FileTest.file? destext and FileTest.executable? destext
+            end
           end
+          return dest if FileTest.file? dest and FileTest.executable? dest
+        rescue ArgumentError => e
+          raise unless e.to_s =~ /doesn't exist|can't find user/
+          # ...otherwise, we just skip the non-existent entry, and do nothing.
         end
-        return dest if FileTest.file? dest and FileTest.executable? dest
       end
     end
     nil
@@ -206,7 +212,7 @@ module Util
     # would use Puppet.features.microsoft_windows?, but this method needs to
     # be called during the initialization of features so it can't depend on
     # that.
-    platform ||= File::ALT_SEPARATOR ? :windows : :posix
+    platform ||= Puppet::Util::Platform.windows? ? :windows : :posix
 
     !! (path =~ regexes[platform])
   end

data/lib/puppet/util/colors.rb

@@ -1,83 +1,113 @@
+require 'puppet/util/platform'
+
 module Puppet::Util::Colors
-  BLACK      = {:console => "\e[0;30m", :html => "color: #FFA0A0"     }
-  RED        = {:console => "\e[0;31m", :html => "color: #FFA0A0"     }
-  GREEN      = {:console => "\e[0;32m", :html => "color: #00CD00"     }
-  YELLOW     = {:console => "\e[0;33m", :html => "color: #FFFF60"     }
-  BLUE       = {:console => "\e[0;34m", :html => "color: #80A0FF"     }
-  PURPLE     = {:console => "\e[0;35m", :html => "color: #FFA500"     }
-  CYAN       = {:console => "\e[0;36m", :html => "color: #40FFFF"     }
-  WHITE      = {:console => "\e[0;37m", :html => "color: #FFFFFF"     }
-  HBLACK     = {:console => "\e[1;30m", :html => "color: #FFA0A0"     }
-  HRED       = {:console => "\e[1;31m", :html => "color: #FFA0A0"     }
-  HGREEN     = {:console => "\e[1;32m", :html => "color: #00CD00"     }
-  HYELLOW    = {:console => "\e[1;33m", :html => "color: #FFFF60"     }
-  HBLUE      = {:console => "\e[1;34m", :html => "color: #80A0FF"     }
-  HPURPLE    = {:console => "\e[1;35m", :html => "color: #FFA500"     }
-  HCYAN      = {:console => "\e[1;36m", :html => "color: #40FFFF"     }
-  HWHITE     = {:console => "\e[1;37m", :html => "color: #FFFFFF"     }
-  BG_RED     = {:console => "\e[0;41m", :html => "background: #FFA0A0"}
-  BG_GREEN   = {:console => "\e[0;42m", :html => "background: #00CD00"}
-  BG_YELLOW  = {:console => "\e[0;43m", :html => "background: #FFFF60"}
-  BG_BLUE    = {:console => "\e[0;44m", :html => "background: #80A0FF"}
-  BG_PURPLE  = {:console => "\e[0;45m", :html => "background: #FFA500"}
-  BG_CYAN    = {:console => "\e[0;46m", :html => "background: #40FFFF"}
-  BG_WHITE   = {:console => "\e[0;47m", :html => "background: #FFFFFF"}
-  BG_HRED    = {:console => "\e[1;41m", :html => "background: #FFA0A0"}
-  BG_HGREEN  = {:console => "\e[1;42m", :html => "background: #00CD00"}
-  BG_HYELLOW = {:console => "\e[1;43m", :html => "background: #FFFF60"}
-  BG_HBLUE   = {:console => "\e[1;44m", :html => "background: #80A0FF"}
-  BG_HPURPLE = {:console => "\e[1;45m", :html => "background: #FFA500"}
-  BG_HCYAN   = {:console => "\e[1;46m", :html => "background: #40FFFF"}
-  BG_HWHITE  = {:console => "\e[1;47m", :html => "background: #FFFFFF"}
-  RESET      = {:console => "\e[0m",    :html => ""                   }
+  BLACK       = {:console => "\e[0;30m", :html => "color: #FFA0A0"     }
+  RED         = {:console => "\e[0;31m", :html => "color: #FFA0A0"     }
+  GREEN       = {:console => "\e[0;32m", :html => "color: #00CD00"     }
+  YELLOW      = {:console => "\e[0;33m", :html => "color: #FFFF60"     }
+  BLUE        = {:console => "\e[0;34m", :html => "color: #80A0FF"     }
+  MAGENTA     = {:console => "\e[0;35m", :html => "color: #FFA500"     }
+  CYAN        = {:console => "\e[0;36m", :html => "color: #40FFFF"     }
+  WHITE       = {:console => "\e[0;37m", :html => "color: #FFFFFF"     }
+  HBLACK      = {:console => "\e[1;30m", :html => "color: #FFA0A0"     }
+  HRED        = {:console => "\e[1;31m", :html => "color: #FFA0A0"     }
+  HGREEN      = {:console => "\e[1;32m", :html => "color: #00CD00"     }
+  HYELLOW     = {:console => "\e[1;33m", :html => "color: #FFFF60"     }
+  HBLUE       = {:console => "\e[1;34m", :html => "color: #80A0FF"     }
+  HMAGENTA    = {:console => "\e[1;35m", :html => "color: #FFA500"     }
+  HCYAN       = {:console => "\e[1;36m", :html => "color: #40FFFF"     }
+  HWHITE      = {:console => "\e[1;37m", :html => "color: #FFFFFF"     }
+  BG_RED      = {:console => "\e[0;41m", :html => "background: #FFA0A0"}
+  BG_GREEN    = {:console => "\e[0;42m", :html => "background: #00CD00"}
+  BG_YELLOW   = {:console => "\e[0;43m", :html => "background: #FFFF60"}
+  BG_BLUE     = {:console => "\e[0;44m", :html => "background: #80A0FF"}
+  BG_MAGENTA  = {:console => "\e[0;45m", :html => "background: #FFA500"}
+  BG_CYAN     = {:console => "\e[0;46m", :html => "background: #40FFFF"}
+  BG_WHITE    = {:console => "\e[0;47m", :html => "background: #FFFFFF"}
+  BG_HRED     = {:console => "\e[1;41m", :html => "background: #FFA0A0"}
+  BG_HGREEN   = {:console => "\e[1;42m", :html => "background: #00CD00"}
+  BG_HYELLOW  = {:console => "\e[1;43m", :html => "background: #FFFF60"}
+  BG_HBLUE    = {:console => "\e[1;44m", :html => "background: #80A0FF"}
+  BG_HMAGENTA = {:console => "\e[1;45m", :html => "background: #FFA500"}
+  BG_HCYAN    = {:console => "\e[1;46m", :html => "background: #40FFFF"}
+  BG_HWHITE   = {:console => "\e[1;47m", :html => "background: #FFFFFF"}
+  RESET       = {:console => "\e[0m",    :html => ""                   }
 
   Colormap = {
     :debug => WHITE,
     :info => GREEN,
     :notice => CYAN,
     :warning => YELLOW,
-    :err => HPURPLE,
+    :err => HMAGENTA,
     :alert => RED,
     :emerg => HRED,
     :crit => HRED,
 
-    :black      => BLACK,
-    :red        => RED,
-    :green      => GREEN,
-    :yellow     => YELLOW,
-    :blue       => BLUE,
-    :purple     => PURPLE,
-    :cyan       => CYAN,
-    :white      => WHITE,
-    :hblack     => HBLACK,
-    :hred       => HRED,
-    :hgreen     => HGREEN,
-    :hyellow    => HYELLOW,
-    :hblue      => HBLUE,
-    :hpurple    => HPURPLE,
-    :hcyan      => HCYAN,
-    :hwhite     => HWHITE,
-    :bg_red     => BG_RED,
-    :bg_green   => BG_GREEN,
-    :bg_yellow  => BG_YELLOW,
-    :bg_blue    => BG_BLUE,
-    :bg_purple  => BG_PURPLE,
-    :bg_cyan    => BG_CYAN,
-    :bg_white   => BG_WHITE,
-    :bg_hred    => BG_HRED,
-    :bg_hgreen  => BG_HGREEN,
-    :bg_hyellow => BG_HYELLOW,
-    :bg_hblue   => BG_HBLUE,
-    :bg_hpurple => BG_HPURPLE,
-    :bg_hcyan   => BG_HCYAN,
-    :bg_hwhite  => BG_HWHITE,
-    :reset      => { :console => "\e[m", :html => "" }
+    :black       => BLACK,
+    :red         => RED,
+    :green       => GREEN,
+    :yellow      => YELLOW,
+    :blue        => BLUE,
+    :magenta     => MAGENTA,
+    :cyan        => CYAN,
+    :white       => WHITE,
+    :hblack      => HBLACK,
+    :hred        => HRED,
+    :hgreen      => HGREEN,
+    :hyellow     => HYELLOW,
+    :hblue       => HBLUE,
+    :hmagenta    => HMAGENTA,
+    :hcyan       => HCYAN,
+    :hwhite      => HWHITE,
+    :bg_red      => BG_RED,
+    :bg_green    => BG_GREEN,
+    :bg_yellow   => BG_YELLOW,
+    :bg_blue     => BG_BLUE,
+    :bg_magenta  => BG_MAGENTA,
+    :bg_cyan     => BG_CYAN,
+    :bg_white    => BG_WHITE,
+    :bg_hred     => BG_HRED,
+    :bg_hgreen   => BG_HGREEN,
+    :bg_hyellow  => BG_HYELLOW,
+    :bg_hblue    => BG_HBLUE,
+    :bg_hmagenta => BG_HMAGENTA,
+    :bg_hcyan    => BG_HCYAN,
+    :bg_hwhite   => BG_HWHITE,
+    :reset       => { :console => "\e[m", :html => "" }
   }
 
+  # We define console_has_color? at load time since it's checking the
+  # underlying platform which will not change, and we don't want to perform
+  # the check every time we use logging
+  if Puppet::Util::Platform.windows?
+    # We're on windows, need win32console for color to work
+    begin
+      require 'rubygems'
+      require 'win32console'
+    rescue LoadError
+      def console_has_color?
+        false
+      end
+    else
+      def console_has_color?
+        true
+      end
+    end
+  else
+    # On a posix system we can just enable it
+    def console_has_color?
+      true
+    end
+  end
+
   def colorize(color, str)
     case Puppet[:color]
     when true, :ansi, "ansi", "yes"
-      console_color(color, str)
+      if console_has_color?
+        console_color(color, str)
+      else
+        str
+      end
     when :html, "html"
       html_color(color, str)
     else

data/lib/puppet/util/platform.rb

@@ -0,0 +1,15 @@
+module Puppet
+  module Util
+    module Platform
+      def windows?
+        # Ruby only sets File::ALT_SEPARATOR on Windows and the Ruby standard
+        # library uses that to test what platform it's on. In some places we
+        # would use Puppet.features.microsoft_windows?, but this method can be
+        # used to determine the behavior of the underlying system without
+        # requiring features to be initialized and without side effect.
+        !!File::ALT_SEPARATOR
+      end
+      module_function :windows?
+    end
+  end
+end

data/man/man5/puppet.conf.5

@@ -1,8 +1,8 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "PUPPETCONF" "5" "June 2011" "Puppet Labs, LLC" "Puppet manual"
-\fBThis page is autogenerated; any changes will get overwritten\fR \fI(last generated on Wed Jun 08 17:09:41 \-0700 2011)\fR
+.TH "PUPPETCONF" "5" "June 2012" "Puppet Labs, LLC" "Puppet manual"
+\fBThis page is autogenerated; any changes will get overwritten\fR \fI(last generated on Wed Jun 06 13:43:46 \-0700 2012)\fR
 .
 .SH "Configuration Settings"
 .
@@ -73,7 +73,7 @@ The configuration file that defines the rights to the different namespaces and m
 Whether log files should always flush to disk\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: false
+\fIDefault\fR: true
 .
 .IP "" 0
 .
@@ -105,7 +105,7 @@ Wether the master should function as a certificate authority\.
 .IP "" 0
 .
 .SS "ca_days"
-How long a certificate should be valid\. This parameter is deprecated, use ca_ttl instead
+How long a certificate should be valid, in days\. This setting is deprecated; use \fBca_ttl\fR instead
 .
 .SS "ca_md"
 The type of hash used in certificates\.
@@ -140,7 +140,7 @@ The server to use for certificate authority requests\. It\'s a separate server b
 .IP "" 0
 .
 .SS "ca_ttl"
-The default TTL for new certificates; valid values must be an integer, optionally followed by one of the units \'y\' (years of 365 days), \'d\' (days), \'h\' (hours), or \'s\' (seconds)\. The unit defaults to seconds\. If this parameter is set, ca_days is ignored\. Examples are \'3600\' (one hour) and \'1825d\', which is the same as \'5y\' (5 years)
+The default TTL for new certificates; valid values must be an integer, optionally followed by one of the units \'y\' (years of 365 days), \'d\' (days), \'h\' (hours), or \'s\' (seconds)\. The unit defaults to seconds\. If this setting is set, ca_days is ignored\. Examples are \'3600\' (one hour) and \'1825d\', which is the same as \'5y\' (5 years)
 .
 .IP "\(bu" 4
 \fIDefault\fR: 5y
@@ -231,7 +231,7 @@ The certificate directory\.
 .IP "" 0
 .
 .SS "certdnsnames"
-The DNS names on the Server certificate as a colon\-separated list\. If it\'s anything other than an empty string, it will be used as an alias in the created certificate\. By default, only the server gets an alias set up, and only for \'puppet\'\.
+The \fBcertdnsnames\fR setting is no longer functional, after CVE\-2011\-3872\. We ignore the value completely\. For your own certificate request you can set \fBdns_alt_names\fR in the configuration and it will apply locally\. There is no configuration option to set DNS alt names, or any other \fBsubjectAltName\fR value, for another nodes certificate\. Alternately you can use the \fB\-\-dns_alt_names\fR command line option to set the labels added while generating your own CSR\.
 .
 .SS "certificate_revocation"
 Whether certificate revocation should be supported by downloading a Certificate Revocation List (CRL) to all clients\. If enabled, CA chaining will almost definitely not work\.
@@ -245,7 +245,7 @@ Whether certificate revocation should be supported by downloading a Certificate
 The name to use when handling certificates\. Defaults to the fully qualified domain name\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: magpie\.puppetlabs\.lan
+\fIDefault\fR: wyclef\.puppetlabs\.lan
 .
 .IP "" 0
 .
@@ -285,7 +285,7 @@ The directory in which client\-side YAML data is stored\.
 Code to parse directly\. This is essentially only used by \fBpuppet\fR, and should only be set if you\'re writing your own Puppet executable
 .
 .SS "color"
-Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR (mostly used during testing with TextMate), and \fBfalse\fR, which produces no color\.
+Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR, and \fBfalse\fR, which produces no color\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: ansi
@@ -293,7 +293,7 @@ Whether to use colors when logging to the console\. Valid values are \fBansi\fR
 .IP "" 0
 .
 .SS "confdir"
-The main Puppet configuration directory\. The default for this parameter is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
+The main Puppet configuration directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: /etc/puppet
@@ -312,7 +312,7 @@ The configuration file for doc\.
 How to determine the configuration version\. By default, it will be the time that the configuration is parsed, but you can provide a shell script to override how the version is determined\. The output of this script will be added to every log message in the reports, allowing you to correlate changes on your hosts to the source version on the server\.
 .
 .SS "configprint"
-Print the value of a specific configuration parameter\. If a parameter is provided for this, then the value is printed and puppet exits\. Comma\-separate multiple values\. For a list of all values, specify \'all\'\. This feature is only available in Puppet versions higher than 0\.18\.4\.
+Print the value of a specific configuration setting\. If the name of a setting is provided for this, then the value is printed and puppet exits\. Comma\-separate multiple values\. For a list of all values, specify \'all\'\.
 .
 .SS "configtimeout"
 How long the client should wait for the configuration to be retrieved before considering it a failure\. This can help reduce flapping if too many clients contact the server at one time\.
@@ -339,7 +339,7 @@ Where the CA stores certificate requests
 .IP "" 0
 .
 .SS "daemonize"
-Send the process into the background\. This is the default\.
+Whether to send the process into the background\. This defaults to true on POSIX systems, and to false on Windows (where Puppet currently cannot daemonize)\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: true
@@ -428,7 +428,7 @@ The root directory of devices\' $vardir
 .IP "" 0
 .
 .SS "diff"
-Which diff command to use when printing differences between files\.
+Which diff command to use when printing differences between files\. This setting has no default value on Windows, as standard \fBdiff\fR is not available, but Puppet can use many third\-party diff tools\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: diff
@@ -436,13 +436,16 @@ Which diff command to use when printing differences between files\.
 .IP "" 0
 .
 .SS "diff_args"
-Which arguments to pass to the diff command when printing differences between files\.
+Which arguments to pass to the diff command when printing differences between files\. The command to use can be chosen with the \fBdiff\fR setting\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: \-u
 .
 .IP "" 0
 .
+.SS "dns_alt_names"
+The comma\-separated list of alternative DNS names to use for the local host\. When the node generates a CSR for itself, these are added to the request as the desired \fBsubjectAltName\fR in the certificate: additional DNS labels that the certificate is also valid answering as\. This is generally required if you use a non\-hostname \fBcertname\fR, or if you want to use \fBpuppet kick\fR or \fBpuppet resource \-H\fR and the primary certname does not match the DNS name you use to communicate with the host\. This is unnecessary for agents, unless you intend to use them as a server for \fBpuppet kick\fR or remote \fBpuppet resource\fR management\. It is rarely necessary for servers; it is usually helpful only if you need to have a pool of multiple load balanced masters, or for the same master to respond on two physically separate networks under different names\.
+.
 .SS "document_all"
 Document all resources
 .
@@ -484,7 +487,7 @@ Whether each resource should log when it is being evaluated\. This allows you to
 .IP "" 0
 .
 .SS "external_nodes"
-An external command that can produce node information\. The output must be a YAML dump of a hash, and that hash must have one or both of \fBclasses\fR and \fBparameters\fR, where \fBclasses\fR is an array and \fBparameters\fR is a hash\. For unknown nodes, the commands should exit with a non\-zero exit code\. This command makes it straightforward to store your node mapping information in other data sources like databases\.
+An external command that can produce node information\. The command\'s output must be a YAML dump of a hash, and that hash must have a \fBclasses\fR key and/or a \fBparameters\fR key, where \fBclasses\fR is an array or hash and \fBparameters\fR is a hash\. For unknown nodes, the command should exit with a non\-zero exit code\. This command makes it straightforward to store your node mapping information in other data sources like databases\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: none
@@ -500,7 +503,7 @@ Where Puppet should store facts that it pulls down from the central server\.
 .IP "" 0
 .
 .SS "factpath"
-Where Puppet should look for facts\. Multiple directories should be colon\-separated, like normal PATH variables\.
+Where Puppet should look for facts\. Multiple directories should be separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
 .
 .IP "\(bu" 4
 \fIDefault\fR: $vardir/lib/facter:$vardir/facts
@@ -684,7 +687,7 @@ Ignore cache and always recompile the configuration\. This is useful for testing
 .IP "" 0
 .
 .SS "ignoreimport"
-A parameter that can be used in commit hooks, since it enables you to parse\-check a single file rather than requiring that all files exist\.
+If true, allows the parser to continue without requiring all files referenced with \fBimport\fR statements to exist\. This setting was primarily designed for use with commit hooks for parse\-checking\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: false
@@ -727,7 +730,7 @@ Should usually be the same as the facts terminus
 The bit length of keys\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: 1024
+\fIDefault\fR: 4096
 .
 .IP "" 0
 .
@@ -948,8 +951,24 @@ Whether to create the necessary user and group that puppet agent will run as\.
 .
 .IP "" 0
 .
+.SS "module_repository"
+The module repository
+.
+.IP "\(bu" 4
+\fIDefault\fR: http://forge\.puppetlabs\.com
+.
+.IP "" 0
+.
+.SS "module_working_dir"
+The directory into which module tool data is stored
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/puppet\-module
+.
+.IP "" 0
+.
 .SS "modulepath"
-The search path for modules as a colon\-separated list of directories\.
+The search path for modules, as a list of directories separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
 .
 .IP "\(bu" 4
 \fIDefault\fR: $confdir/modules:/usr/share/puppet/modules
@@ -972,6 +991,17 @@ How the puppet master determines the client\'s identity and sets the \'hostname\
 .
 .IP "" 0
 .
+.SS "node_name_fact"
+The fact name used to determine the node name used for all requests the agent makes to the master\. WARNING: This setting is mutually exclusive with node_name_value\. Changing this setting also requires changes to the default auth\.conf configuration on the Puppet Master\. Please see http://links\.puppetlabs\.com/node_name_fact for more information\.
+.
+.SS "node_name_value"
+The explicit value used for the node name for all requests the agent makes to the master\. WARNING: This setting is mutually exclusive with node_name_fact\. Changing this setting also requires changes to the default auth\.conf configuration on the Puppet Master\. Please see http://links\.puppetlabs\.com/node_name_value for more information\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $certname
+.
+.IP "" 0
+.
 .SS "node_terminus"
 Where to find information about nodes\.
 .
@@ -1182,7 +1212,7 @@ The directory in which to store reports received from the client\. Each client g
 The \'from\' email address for the reports\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: report@magpie\.puppetlabs\.lan
+\fIDefault\fR: report@wyclef\.puppetlabs\.lan
 .
 .IP "" 0
 .
@@ -1206,7 +1236,7 @@ The list of reports to generate\. All reports are looked for in \fBpuppet/report
 The URL used by the http reports processor to send reports
 .
 .IP "\(bu" 4
-\fIDefault\fR: http://localhost:3000/reports
+\fIDefault\fR: http://localhost:3000/reports/upload
 .
 .IP "" 0
 .
@@ -1214,7 +1244,7 @@ The URL used by the http reports processor to send reports
 The bit length of the certificates\.
 .
 .IP "\(bu" 4
-\fIDefault\fR: 2048
+\fIDefault\fR: 4096
 .
 .IP "" 0
 .
@@ -1226,6 +1256,14 @@ Where host certificate requests are stored\.
 .
 .IP "" 0
 .
+.SS "resourcefile"
+The file in which puppet agent stores a list of the resources associated with the retrieved configuration\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/resources\.txt
+.
+.IP "" 0
+.
 .SS "rest_authconfig"
 The configuration file that defines the rights to the different rest indirections\. This can be used as a fine\-grained authorization system for \fBpuppet master\fR\.
 .
@@ -1275,7 +1313,7 @@ Where Puppet PID files are kept\.
 .IP "" 0
 .
 .SS "runinterval"
-How often puppet agent applies the client configuration; in seconds\.
+How often puppet agent applies the client configuration; in seconds\. Note that a runinterval of 0 means "run continuously" rather than "never run\." If you want puppet agent to never run, you should start it with the \fB\-\-no\-client\fR option\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: 1800
@@ -1323,7 +1361,7 @@ The type of server to use\. Currently supported options are webrick and mongrel\
 .IP "" 0
 .
 .SS "show_diff"
-Whether to print a contextual diff when files are being replaced\. The diff is printed on stdout, so this option is meaningless unless you are running Puppet interactively\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
+Whether to log and report a contextual diff when files are being replaced\. This causes partial file contents to pass through Puppet\'s normal logging and reporting system, so this setting should be used with caution if you are sending Puppet\'s reports to an insecure destination\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: false
@@ -1403,13 +1441,21 @@ Where puppet agent and puppet master store state associated with the running con
 .IP "" 0
 .
 .SS "storeconfigs"
-Whether to store each client\'s configuration\. This requires ActiveRecord from Ruby on Rails\.
+Whether to store each client\'s configuration, including catalogs, facts, and related data\. This also enables the import and export of resources in the Puppet language \- a mechanism for exchange resources between nodes\. By default this uses ActiveRecord and an SQL database to store and query the data; this, in turn, will depend on Rails being available\. You can adjust the backend using the storeconfigs_backend setting\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: false
 .
 .IP "" 0
 .
+.SS "storeconfigs_backend"
+Configure the backend terminus used for StoreConfigs\. By default, this uses the ActiveRecord store, which directly talks to the database from within the Puppet Master process\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: active_record
+.
+.IP "" 0
+.
 .SS "strict_hostname_checking"
 Whether to only search for the complete hostname as it is in the certificate when searching for node information in the catalogs\.
 .
@@ -1446,7 +1492,7 @@ The mapping between reporting tags and email addresses\.
 Tags to use to find resources\. If this is set, then only resources tagged with the specified tags will be applied\. Values must be comma\-separated\.
 .
 .SS "templatedir"
-Where Puppet looks for template files\. Can be a list of colon\-seperated directories\.
+Where Puppet looks for template files\. Can be a list of colon\-separated directories\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: $vardir/templates
@@ -1494,7 +1540,7 @@ The user puppet master should run as\.
 .IP "" 0
 .
 .SS "vardir"
-Where Puppet stores dynamic and growing data\. The default for this parameter is calculated specially, like \fBconfdir\fR_\.
+Where Puppet stores dynamic and growing data\. The default for this setting is calculated specially, like \fBconfdir\fR_\.
 .
 .IP "\(bu" 4
 \fIDefault\fR: /var/lib/puppet
@@ -1518,4 +1564,4 @@ Boolean; whether to use the zlib library
 .IP "" 0
 .
 .P
-\fIThis page autogenerated on Wed Jun 08 17:09:41 \-0700 2011\fR
+\fIThis page autogenerated on Wed Jun 06 13:43:46 \-0700 2012\fR