puppet 3.0.2 → 3.1.0.rc1

data/ext/envpuppet

@@ -67,6 +67,7 @@ EO_HELP
 fi
 
 if test -d puppet -o -d facter; then
+  (
     echo " WARNING!"
     echo "  Strange things happen if puppet or facter are in the"
     echo "  current working directory"
@@ -77,6 +78,7 @@ if test -d puppet -o -d facter; then
     echo ""
     echo "Sleeping 2 seconds."
     echo ""
+  ) 1>&2
     sleep 2
 fi
 

data/ext/gentoo/puppet/fileserver.conf

@@ -1,12 +1,41 @@
-# This file consists of arbitrarily named sections/modules
-# defining where files are served from and to whom
-
-# Define a section 'files'
-# Adapt the allow/deny settings to your needs. Order
-# for allow/deny does not matter, allow always takes precedence
-# over deny
-[files]
-  path /var/lib/puppet/files
-#  allow *.example.com
-#  deny *.evil.example.com
-#  allow 192.168.0.0/24
+# fileserver.conf
+
+# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in
+# <module name>/files/<file name> is available to authenticated nodes at
+# puppet:///modules/<module name>/<file name>. You do not need to edit this
+# file to enable this.
+
+# MOUNT POINTS
+
+# If you need to serve files from a directory that is NOT in a module,
+# you must create a static mount point in this file:
+#
+# [extra_files]
+#   path /etc/puppet/files
+#   allow *
+#
+# In the example above, anything in /etc/puppet/files/<file name> would be
+# available to authenticated nodes at puppet:///extra_files/<file name>.
+#
+# Mount points may also use three placeholders as part of their path:
+#
+# %H - The node's certname.
+# %h - The portion of the node's certname before the first dot. (Usually the
+#      node's short hostname.)
+# %d - The portion of the node's certname after the first dot. (Usually the
+#      node's domain name.)
+
+# PERMISSIONS
+
+# Every static mount point should have an `allow *` line; setting more
+# granular permissions in this file is deprecated. Instead, you can
+# control file access in auth.conf by controlling the
+# /file_metadata/<mount point> and /file_content/<mount point> paths:
+#
+# path ~ ^/file_(metadata|content)/extra_files/
+# auth yes
+# allow /^(.+)\.example\.com$/
+# allow_ip 192.168.100.0/24
+#
+# If added to auth.conf BEFORE the "path /file" rule, the rule above
+# will add stricter restrictions to the extra_files mount point.

data/ext/ips/puppet-agent

@@ -1,7 +1,4 @@
 #!/sbin/sh
-# It needs the smf property puppet-agent/server to be set to where the server is.
-# svccfg -s svc:/network/puppet/agent setprop server/name=asstring:localhost
-
 
 . /lib/svc/share/smf_include.sh
 
@@ -11,12 +8,10 @@ typeset -r CONF_FILE=/etc/puppet/puppet.conf
 [[ ! -f "${CONF_FILE}" ]] && exit $SMF_EXIT_ERR_CONFIG
 
 typeset -r PUPPET=/usr/bin/puppet
-typeset -r PUPPET_SERVER=$(svcprop -p server/name $SMF_FMRI)
-[[ -z "${PUPPET_SERVER}" ]] && exit $SMF_EXIT_ERR_CONFIG
 
 case "$1" in
 start)
-  exec $PUPPET agent --daemonize --server $PUPPET_SERVER
+  exec $PUPPET agent
   ;;
 
 stop)

data/ext/ips/puppetagent.xml

@@ -26,10 +26,6 @@
 
     <exec_method type="method" name="stop" exec="/lib/svc/method/puppet-agent stop" timeout_seconds="60"/>
 
-    <property_group name='server' type='framework'>
-      <propval name='name' type='astring' value='puppet' />
-    </property_group>
-
     <stability value="Evolving"/>
 
     <template>

data/ext/osx/postflight.erb

@@ -0,0 +1,109 @@
+#!/bin/bash
+
+#by doing the below, we are ensuring we are modifying the target system the package is being installed on,
+#not the OS running the installer
+declare -x dest_vol="${3}"
+declare -x dscl="${dest_vol}/usr/bin/dscl"
+declare -x dspath="${dest_vol}/var/db/dslocal/nodes/Default/"
+declare -x scripts_dir="${1}/Contents/Resources/"
+declare -x awk="/usr/bin/awk"
+declare -x last_user_id='-1'
+declare -x last_group_id='-1'
+
+function idFree() {
+  declare -a idArray=("${!2}")
+  for inc in ${idArray[@]}
+  do
+    if  [ $inc == $1 ]
+    then
+      return 1
+    fi
+  done
+
+  return 0
+
+}
+
+function create_puser () {
+  "${dscl}" -f "${dspath}" localonly -create /Local/Target/Users/puppet
+  "${dscl}" -f "${dspath}" localonly -create /Local/Target/Users/puppet UniqueID $1
+  "${dscl}" -f "${dspath}" localonly -create /Local/Target/Users/puppet PrimaryGroupID $2
+}
+
+function create_pgroup () {
+  "${dscl}" -f "${dspath}" localonly -create /Local/Target/Groups/puppet
+  "${dscl}" -f "${dspath}" localonly -create /Local/Target/Groups/puppet PrimaryGroupID $1
+}
+
+function scan_users () {
+  UniqueIDS=(`"${dscl}" -f "${dspath}" localonly  list /Local/Target/Users UniqueID | $awk '{print $2}'`);
+
+  #first just check for UID 52
+  if idFree '52' UniqueIDS[@]
+  then
+    last_user_id='52'
+  else
+    for possibleUID in {450..495}
+    do
+      if idFree $possibleUID UniqueIDS[@]
+      then
+        last_user_id=$possibleUID
+        #echo $last_good_id
+      fi
+    done
+  fi
+}
+
+function scan_groups () {
+  GroupIDS=(`"${dscl}" -f "${dspath}" localonly list /Local/Target/Groups PrimaryGroupID | $awk '{print $2}'`);
+  #check for 52 for group, if it's free, take it, don't bother doing the big search
+  if idFree '52' GroupIDS[@]
+  then
+    last_group_id='52'
+  else
+   for groupID in {450..495}
+    do
+     if idFree $groupID GroupIDS[@]
+     then
+        last_group_id=$groupID
+      fi
+    done
+  fi
+}
+
+echo "looking for Puppet User"
+"${dscl}" -f "${dspath}" localonly -read /Local/Target/Users/puppet
+puser_exists=$?
+echo "Looking for Puppet Group"
+"${dscl}" -f "${dspath}" localonly -read /Local/Target/Groups/puppet
+pgroup_exists=$?
+# exit status 56 indicates user/group not found
+# exit status 0 indicates user/group does exist
+
+if [ $pgroup_exists == '0' ] && [ $puser_exists == '0' ]; then
+  #Puppet user and group already exist
+  echo "Puppet User / Group already exist, not adding anything"
+  #storing the existing UID/GID to set permissions for /var/lib/puppet and /etc/puppet/puppet.conf
+  last_group_id=`"${dscl}" -f "${dspath}" localonly -read /Local/Target/Groups/puppet PrimaryGroupID | awk '{print $2}'`
+  last_user_id=`"${dscl}" -f "${dspath}" localonly -read /Local/Target/Users/puppet UniqueID | awk '{print $2}'`
+elif [ $pgroup_exists == '0' ] && [ $puser_exists == '56' ]; then
+  #puppet group exists, but user does not
+  last_group_id=`"${dscl}" -f "${dspath}" localonly -read /Local/Target/Groups/puppet PrimaryGroupID | awk '{print $2}'`
+  scan_users
+  echo "Creating Puppet User (uid: $last_user_id) in existing Puppet Group (gid: $last_group_id)"
+  create_puser $last_user_id $last_group_id
+elif [ $pgroup_exists == '56' ] && [ $puser_exists == '0' ]; then
+  #puppet user exists, but group does not
+  last_user_id=`"${dscl}" -f "${dspath}" localonly -read /Local/Target/Users/puppet UniqueID | awk '{print $2}'`
+  scan_groups
+  echo "Creating Puppet Group (gid: $last_group_id), Puppet User exists (uid: $last_user_id)"
+  create_pgroup $last_group_id
+elif [ $pgroup_exists == '56' ] && [ $puser_exists == '56' ]; then
+  scan_users
+  scan_groups
+  echo "Creating Puppet User (uid: $last_user_id) in new Puppet Group (gid: $last_group_id)"
+  create_pgroup $last_group_id
+  create_puser $last_user_id $last_group_id
+else
+  echo "Something went wrong and user creation will need to be done manually"
+fi

data/ext/project_data.yaml

@@ -15,8 +15,8 @@ gem_executables: 'puppet'
 gem_default_executables: 'puppet'
 gem_forge_project: 'puppet'
 gem_runtime_dependencies:
-  facter: '~> 1.6.11'
-  hiera: '~> 1.0.0'
+  facter: '~> 1.6'
+  hiera: '~> 1.0'
 gem_rdoc_options:
   - --title
   - "Puppet - Configuration Management"

data/ext/redhat/fileserver.conf

@@ -1,12 +1,41 @@
-# This file consists of arbitrarily named sections/modules
-# defining where files are served from and to whom
-
-# Define a section 'files'
-# Adapt the allow/deny settings to your needs. Order
-# for allow/deny does not matter, allow always takes precedence
-# over deny
-# [files]
-#  path /var/lib/puppet/files
-#  allow *.example.com
-#  deny *.evil.example.com
-#  allow 192.168.0.0/24
+# fileserver.conf
+
+# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in
+# <module name>/files/<file name> is available to authenticated nodes at
+# puppet:///modules/<module name>/<file name>. You do not need to edit this
+# file to enable this.
+
+# MOUNT POINTS
+
+# If you need to serve files from a directory that is NOT in a module,
+# you must create a static mount point in this file:
+#
+# [extra_files]
+#   path /etc/puppet/files
+#   allow *
+#
+# In the example above, anything in /etc/puppet/files/<file name> would be
+# available to authenticated nodes at puppet:///extra_files/<file name>.
+#
+# Mount points may also use three placeholders as part of their path:
+#
+# %H - The node's certname.
+# %h - The portion of the node's certname before the first dot. (Usually the
+#      node's short hostname.)
+# %d - The portion of the node's certname after the first dot. (Usually the
+#      node's domain name.)
+
+# PERMISSIONS
+
+# Every static mount point should have an `allow *` line; setting more
+# granular permissions in this file is deprecated. Instead, you can
+# control file access in auth.conf by controlling the
+# /file_metadata/<mount point> and /file_content/<mount point> paths:
+#
+# path ~ ^/file_(metadata|content)/extra_files/
+# auth yes
+# allow /^(.+)\.example\.com$/
+# allow_ip 192.168.100.0/24
+#
+# If added to auth.conf BEFORE the "path /file" rule, the rule above
+# will add stricter restrictions to the extra_files mount point.

data/ext/redhat/puppet.spec.erb

@@ -97,22 +97,11 @@ patch -s -p1 < ext/redhat/rundir-perms.patch
 
 
 %build
-# Fix some rpmlint complaints
-for f in mac_dscl.pp mac_dscl_revert.pp \
-         mac_pkgdmg.pp ; do
-  sed -i -e'1d' examples/$f
-  chmod a-x examples/$f
-done
 for f in external/nagios.rb relationship.rb; do
   sed -i -e '1d' lib/puppet/$f
 done
-#chmod +x ext/puppetstoredconfigclean.rb
-
-find examples/ -type f -empty | xargs rm
-find examples/ -type f | xargs chmod a-x
 
-# puppet-queue.conf is more of an example, used for stompserver
-mv conf/puppet-queue.conf examples/etc/puppet/
+find examples/ -type f | xargs --no-run-if-empty chmod a-x
 
 %install
 rm -rf %{buildroot}
@@ -206,7 +195,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/%{name}/modules
 # These need to be owned by puppet so the server can
 # write to them
 %attr(-, puppet, puppet) %{_localstatedir}/run/puppet
-%attr(-, puppet, puppet) %{_localstatedir}/log/puppet
+%attr(0750, puppet, puppet) %{_localstatedir}/log/puppet
 %attr(-, puppet, puppet) %{_localstatedir}/lib/puppet
 %{_mandir}/man5/puppet.conf.5.gz
 %{_mandir}/man8/puppet.8.gz
@@ -386,6 +375,12 @@ rm -rf %{buildroot}
 * <%= Time.now.strftime("%a %b %d %Y") %> Puppet Labs Release <info@puppetlabs.com> -  <%= @rpmversion %>-<%= @rpmrelease %>
 - Build for <%= @version %>
 
+* Tue Dec 18 2012 Matthaus Owens <matthaus@puppetlabs.com>
+- Remove for loop on examples/ code which no longer exists. Add --no-run-if-empty to xargs invocations.
+
+* Sat Dec 1 2012 Ryan Uber <ryuber@cisco.com>
+- Fix for logdir perms regression (#17866)
+
 * Wed Aug 29 2012 Moses Mendoza <moses@puppetlabs.com> - 3.0.0-0.1rc5
 - Update for 3.0.0 rc5
 

data/install.rb

@@ -179,8 +179,6 @@ def prepare_installation
   end
 
 
-  InstallOptions.tests = true
-
   ARGV.options do |opts|
     opts.banner = "Usage: #{File.basename($0)} [options]"
     opts.separator ""
@@ -190,8 +188,9 @@ def prepare_installation
     opts.on('--[no-]ri', 'Prevents the creation of RI output.', 'Default off on mswin32.') do |onri|
       InstallOptions.ri = onri
     end
-    opts.on('--[no-]tests', 'Prevents the execution of unit tests.', 'Default on.') do |ontest|
+    opts.on('--[no-]tests', 'Prevents the execution of unit tests.', 'Default off.') do |ontest|
       InstallOptions.tests = ontest
+      warn "The tests flag is no longer functional in Puppet and is deprecated as of Dec 19, 2012. It will be removed in a future version of Puppet."
     end
     opts.on('--[no-]configs', 'Prevents the installation of config files', 'Default off.') do |ontest|
       InstallOptions.configs = ontest
@@ -217,13 +216,11 @@ def prepare_installation
     opts.on('--quick', 'Performs a quick installation. Only the', 'installation is done.') do |quick|
       InstallOptions.rdoc    = false
       InstallOptions.ri      = false
-      InstallOptions.tests   = false
       InstallOptions.configs = true
     end
     opts.on('--full', 'Performs a full installation. All', 'optional installation steps are run.') do |full|
       InstallOptions.rdoc    = true
       InstallOptions.ri      = true
-      InstallOptions.tests   = true
       InstallOptions.configs = true
     end
     opts.separator("")

data/lib/puppet.rb

@@ -9,6 +9,9 @@ require 'puppet/settings'
 require 'puppet/util/feature'
 require 'puppet/util/suidmanager'
 require 'puppet/util/run_mode'
+require 'puppet/external/pson/common'
+require 'puppet/external/pson/version'
+require 'puppet/external/pson/pure'
 
 #------------------------------------------------------------
 # the top-level module
@@ -18,6 +21,9 @@ require 'puppet/util/run_mode'
 #
 # it's also a place to find top-level commands like 'debug'
 
+# The main Puppet class. Everything is contained here.
+#
+# @api public
 module Puppet
   class << self
     include Puppet::Util
@@ -46,7 +52,11 @@ module Puppet
     @@settings.define_settings(section, hash)
   end
 
-  # configuration parameter access and stuff
+  # Get the value for a setting
+  #
+  # @param [Symbol] param the setting to retrieve
+  #
+  # @api public
   def self.[](param)
     if param == :debug
       return Puppet::Util::Log.level == :debug
@@ -102,31 +112,36 @@ module Puppet
   end
 
   # Parse the config file for this process.
+  # @deprecated Use {#initialize_settings}
   def self.parse_config()
     Puppet.deprecation_warning("Puppet.parse_config is deprecated; please use Faces API (which will handle settings and state management for you), or (less desirable) call Puppet.initialize_settings")
     Puppet.initialize_settings
   end
 
-  # Initialize puppet's settings.  This is intended only for use by external tools that are not
-  #  built off of the Faces API or the Puppet::Util::Application class.  It may also be used
+  # Initialize puppet's settings. This is intended only for use by external tools that are not
+  #  built off of the Faces API or the Puppet::Util::Application class. It may also be used
   #  to initialize state so that a Face may be used programatically, rather than as a stand-alone
   #  command-line tool.
   #
-  # Note that this API may be subject to change in the future.
-  def self.initialize_settings()
-    do_initialize_settings_for_run_mode(:user)
+  # @api public
+  # @param args [Array<String>] the command line arguments to use for initialization
+  # @return [void]
+  def self.initialize_settings(args = [])
+    do_initialize_settings_for_run_mode(:user, args)
   end
 
-  # Initialize puppet's settings for a specified run_mode.  This
+  # Initialize puppet's settings for a specified run_mode.
+  #
+  # @deprecated Use {#initialize_settings}
   def self.initialize_settings_for_run_mode(run_mode)
     Puppet.deprecation_warning("initialize_settings_for_run_mode may be removed in a future release, as may run_mode itself")
-    do_initialize_settings_for_run_mode(run_mode)
+    do_initialize_settings_for_run_mode(run_mode, [])
   end
 
   # private helper method to provide the implementation details of initializing for a run mode,
   #  but allowing us to control where the deprecation warning is issued
-  def self.do_initialize_settings_for_run_mode(run_mode)
-    Puppet.settings.initialize_global_settings
+  def self.do_initialize_settings_for_run_mode(run_mode, args)
+    Puppet.settings.initialize_global_settings(args)
     run_mode = Puppet::Util::RunMode[run_mode]
     Puppet.settings.initialize_app_defaults(Puppet::Settings.app_defaults_for_run_mode(run_mode))
   end
@@ -140,9 +155,11 @@ module Puppet
   end
 end
 
-# This feels weird to me; I would really like for us to get to a state where there is never a "require" statement
-#  anywhere besides the very top of a file.  That would not be possible at the moment without a great deal of
-#  effort, but I think we should strive for it and revisit this at some point.  --cprice 2012-03-16
+# This feels weird to me; I would really like for us to get to a state where
+# there is never a "require" statement anywhere besides the very top of a
+# file. That would not be possible at the moment without a great deal of
+# effort, but I think we should strive for it and revisit this at some point.
+# --cprice 2012-03-16
 
 require 'puppet/type'
 require 'puppet/parser'