puppet 3.3.2 → 3.4.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CONTRIBUTING.md +22 -0
- data/Gemfile +11 -2
- data/README.md +13 -17
- data/README_DEVELOPER.md +1 -1
- data/Rakefile +1 -1
- data/examples/hiera/README.md +4 -4
- data/ext/debian/puppetmaster.init +1 -0
- data/ext/debian/rules +2 -5
- data/ext/nagios/check_puppet.rb +7 -7
- data/ext/osx/file_mapping.yaml +1 -1
- data/ext/osx/preflight.erb +34 -19
- data/ext/rack/{files/config.ru → config.ru} +0 -0
- data/ext/rack/{files/apache2.conf → example-passenger-vhost.conf} +6 -0
- data/ext/redhat/puppet.spec.erb +20 -2
- data/ext/systemd/{puppetagent.service → puppet.service} +0 -0
- data/lib/hiera_puppet.rb +2 -2
- data/lib/puppet/agent.rb +1 -6
- data/lib/puppet/application.rb +15 -2
- data/lib/puppet/application/agent.rb +2 -7
- data/lib/puppet/application/apply.rb +8 -13
- data/lib/puppet/application/cert.rb +47 -7
- data/lib/puppet/application/device.rb +1 -6
- data/lib/puppet/application/face_base.rb +1 -1
- data/lib/puppet/application/filebucket.rb +1 -1
- data/lib/puppet/application/inspect.rb +3 -12
- data/lib/puppet/application/master.rb +1 -6
- data/lib/puppet/application/queue.rb +1 -6
- data/lib/puppet/application/resource.rb +2 -6
- data/lib/puppet/coercion.rb +11 -0
- data/lib/puppet/configurer.rb +5 -3
- data/lib/puppet/configurer/downloader.rb +3 -1
- data/lib/puppet/configurer/plugin_handler.rb +10 -0
- data/lib/puppet/confine.rb +80 -0
- data/lib/puppet/{provider/confine → confine}/exists.rb +3 -3
- data/lib/puppet/{provider/confine → confine}/false.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/feature.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/true.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/variable.rb +2 -2
- data/lib/puppet/{provider/confine_collection.rb → confine_collection.rb} +4 -4
- data/lib/puppet/{provider/confiner.rb → confiner.rb} +4 -4
- data/lib/puppet/daemon.rb +2 -6
- data/lib/puppet/data_binding.rb +2 -30
- data/lib/puppet/defaults.rb +283 -174
- data/lib/puppet/error.rb +1 -0
- data/lib/puppet/external/nagios.rb +0 -2
- data/lib/puppet/external/nagios/base.rb +4 -3
- data/lib/puppet/external/nagios/grammar.ry +173 -112
- data/lib/puppet/external/nagios/parser.rb +233 -184
- data/lib/puppet/face/file/store.rb +1 -1
- data/lib/puppet/face/module/generate.rb +5 -7
- data/lib/puppet/face/parser.rb +12 -2
- data/lib/puppet/face/plugin.rb +6 -0
- data/lib/puppet/feature/base.rb +16 -0
- data/lib/puppet/feature/external_facts.rb +5 -0
- data/lib/puppet/feature/libuser.rb +1 -1
- data/lib/puppet/feature/msgpack.rb +1 -0
- data/lib/puppet/feature/rails.rb +2 -2
- data/lib/puppet/file_bucket/dipper.rb +8 -6
- data/lib/puppet/file_bucket/file.rb +17 -1
- data/lib/puppet/file_serving/base.rb +21 -10
- data/lib/puppet/file_serving/configuration.rb +5 -7
- data/lib/puppet/file_serving/configuration/parser.rb +1 -1
- data/lib/puppet/file_serving/content.rb +1 -1
- data/lib/puppet/file_serving/fileset.rb +3 -3
- data/lib/puppet/file_serving/metadata.rb +22 -18
- data/lib/puppet/file_serving/mount/file.rb +1 -1
- data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
- data/lib/puppet/file_system.rb +3 -0
- data/lib/puppet/file_system/file.rb +261 -0
- data/lib/puppet/file_system/file18.rb +5 -0
- data/lib/puppet/file_system/file19.rb +5 -0
- data/lib/puppet/file_system/file19windows.rb +113 -0
- data/lib/puppet/file_system/memory_file.rb +31 -0
- data/lib/puppet/file_system/tempfile.rb +20 -0
- data/lib/puppet/indirector/active_record.rb +1 -0
- data/lib/puppet/indirector/catalog/compiler.rb +28 -0
- data/lib/puppet/indirector/certificate_request/memory.rb +6 -0
- data/lib/puppet/indirector/data_binding/hiera.rb +46 -2
- data/lib/puppet/indirector/direct_file_server.rb +2 -2
- data/lib/puppet/indirector/facts/facter.rb +25 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +60 -74
- data/lib/puppet/indirector/indirection.rb +5 -1
- data/lib/puppet/indirector/json.rb +1 -1
- data/lib/puppet/indirector/key/ca.rb +4 -0
- data/lib/puppet/indirector/key/file.rb +7 -3
- data/lib/puppet/indirector/key/memory.rb +6 -0
- data/lib/puppet/indirector/node/write_only_yaml.rb +2 -2
- data/lib/puppet/indirector/request.rb +17 -11
- data/lib/puppet/indirector/resource/ral.rb +5 -0
- data/lib/puppet/indirector/resource/rest.rb +1 -0
- data/lib/puppet/indirector/resource/store_configs.rb +4 -0
- data/lib/puppet/indirector/rest.rb +2 -1
- data/lib/puppet/indirector/ssl_file.rb +7 -7
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/indirector/yaml.rb +3 -3
- data/lib/puppet/interface/documentation.rb +4 -11
- data/lib/puppet/module.rb +19 -6
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/checksums.rb +1 -1
- data/lib/puppet/module_tool/dependency.rb +7 -3
- data/lib/puppet/module_tool/metadata.rb +6 -2
- data/lib/puppet/module_tool/tar.rb +2 -1
- data/lib/puppet/module_tool/tar/gnu.rb +6 -2
- data/lib/puppet/module_tool/tar/mini.rb +2 -0
- data/lib/puppet/module_tool/tar/solaris.rb +2 -5
- data/lib/puppet/network/authconfig.rb +0 -2
- data/lib/puppet/network/authentication.rb +1 -1
- data/lib/puppet/network/authstore.rb +6 -7
- data/lib/puppet/network/format.rb +2 -3
- data/lib/puppet/network/format_handler.rb +16 -11
- data/lib/puppet/network/format_support.rb +14 -0
- data/lib/puppet/network/formats.rb +26 -0
- data/lib/puppet/network/http/connection.rb +8 -41
- data/lib/puppet/network/http/handler.rb +28 -32
- data/lib/puppet/network/http/webrick.rb +15 -22
- data/lib/puppet/network/http_pool.rb +43 -9
- data/lib/puppet/network/rights.rb +0 -0
- data/lib/puppet/node.rb +24 -8
- data/lib/puppet/node/environment.rb +18 -20
- data/lib/puppet/node/facts.rb +23 -6
- data/lib/puppet/parameter.rb +15 -2
- data/lib/puppet/parameter/boolean.rb +5 -0
- data/lib/puppet/parameter/value_collection.rb +6 -4
- data/lib/puppet/parser/ast/resourceparam.rb +2 -1
- data/lib/puppet/parser/compiler.rb +25 -9
- data/lib/puppet/parser/files.rb +1 -1
- data/lib/puppet/parser/functions.rb +12 -21
- data/lib/puppet/parser/functions/collect.rb +6 -35
- data/lib/puppet/parser/functions/contain.rb +26 -0
- data/lib/puppet/parser/functions/create_resources.rb +5 -0
- data/lib/puppet/parser/functions/extlookup.rb +2 -2
- data/lib/puppet/parser/functions/file.rb +1 -1
- data/lib/puppet/parser/functions/{reject.rb → filter.rb} +13 -12
- data/lib/puppet/parser/functions/fqdn_rand.rb +13 -5
- data/lib/puppet/parser/functions/include.rb +18 -1
- data/lib/puppet/parser/functions/map.rb +44 -0
- data/lib/puppet/parser/functions/select.rb +6 -38
- data/lib/puppet/parser/lexer.rb +1 -1
- data/lib/puppet/parser/parser_support.rb +1 -1
- data/lib/puppet/parser/resource.rb +6 -45
- data/lib/puppet/parser/scope.rb +33 -2
- data/lib/puppet/parser/type_loader.rb +4 -60
- data/lib/puppet/pops/binder/bindings_loader.rb +1 -1
- data/lib/puppet/pops/binder/config/binder_config.rb +3 -3
- data/lib/puppet/pops/binder/hiera2/bindings_provider.rb +1 -1
- data/lib/puppet/pops/binder/scheme_handler/confdir_hiera_scheme.rb +1 -1
- data/lib/puppet/pops/binder/scheme_handler/module_hiera_scheme.rb +2 -2
- data/lib/puppet/pops/issues.rb +4 -0
- data/lib/puppet/pops/model/ast_transformer.rb +4 -1
- data/lib/puppet/pops/model/model_label_provider.rb +1 -1
- data/lib/puppet/pops/parser/egrammar.ra +5 -24
- data/lib/puppet/pops/parser/eparser.rb +859 -902
- data/lib/puppet/pops/parser/lexer.rb +48 -30
- data/lib/puppet/pops/parser/parser_support.rb +1 -1
- data/lib/puppet/pops/patterns.rb +4 -4
- data/lib/puppet/pops/utils.rb +1 -1
- data/lib/puppet/pops/validation/checker3_1.rb +25 -20
- data/lib/puppet/provider.rb +23 -6
- data/lib/puppet/provider/aixobject.rb +0 -0
- data/lib/puppet/provider/augeas/augeas.rb +21 -5
- data/lib/puppet/provider/confine.rb +5 -79
- data/lib/puppet/provider/cron/crontab.rb +0 -0
- data/lib/puppet/provider/exec.rb +9 -7
- data/lib/puppet/provider/exec/posix.rb +10 -1
- data/lib/puppet/provider/exec/windows.rb +1 -1
- data/lib/puppet/provider/file/posix.rb +1 -0
- data/lib/puppet/provider/file/windows.rb +16 -5
- data/lib/puppet/provider/group/aix.rb +0 -0
- data/lib/puppet/provider/group/windows_adsi.rb +33 -1
- data/lib/puppet/provider/macauthorization/macauthorization.rb +1 -1
- data/lib/puppet/provider/mailalias/aliases.rb +0 -0
- data/lib/puppet/provider/maillist/mailman.rb +0 -0
- data/lib/puppet/provider/mount/parsed.rb +0 -0
- data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
- data/lib/puppet/provider/package/appdmg.rb +1 -1
- data/lib/puppet/provider/package/apple.rb +1 -1
- data/lib/puppet/provider/package/apt.rb +1 -1
- data/lib/puppet/provider/package/aptitude.rb +0 -0
- data/lib/puppet/provider/package/blastwave.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +1 -1
- data/lib/puppet/provider/package/fink.rb +1 -1
- data/lib/puppet/provider/package/freebsd.rb +0 -0
- data/lib/puppet/provider/package/gem.rb +0 -0
- data/lib/puppet/provider/package/macports.rb +0 -0
- data/lib/puppet/provider/package/msi.rb +4 -10
- data/lib/puppet/provider/package/nim.rb +8 -8
- data/lib/puppet/provider/package/openbsd.rb +1 -1
- data/lib/puppet/provider/package/opkg.rb +0 -0
- data/lib/puppet/provider/package/pacman.rb +2 -2
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgutil.rb +1 -1
- data/lib/puppet/provider/package/ports.rb +0 -0
- data/lib/puppet/provider/package/rpm.rb +39 -3
- data/lib/puppet/provider/package/sun.rb +3 -3
- data/lib/puppet/provider/package/sunfreeware.rb +0 -0
- data/lib/puppet/provider/package/windows.rb +12 -19
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +2 -2
- data/lib/puppet/provider/parsedfile.rb +0 -0
- data/lib/puppet/provider/port/parsed.rb +0 -0
- data/lib/puppet/provider/service/base.rb +0 -0
- data/lib/puppet/provider/service/bsd.rb +3 -3
- data/lib/puppet/provider/service/daemontools.rb +8 -8
- data/lib/puppet/provider/service/debian.rb +0 -0
- data/lib/puppet/provider/service/freebsd.rb +3 -3
- data/lib/puppet/provider/service/init.rb +5 -4
- data/lib/puppet/provider/service/launchd.rb +35 -24
- data/lib/puppet/provider/service/openbsd.rb +23 -0
- data/lib/puppet/provider/service/redhat.rb +0 -0
- data/lib/puppet/provider/service/runit.rb +3 -3
- data/lib/puppet/provider/service/smf.rb +0 -0
- data/lib/puppet/provider/service/src.rb +0 -0
- data/lib/puppet/provider/service/systemd.rb +0 -0
- data/lib/puppet/provider/service/upstart.rb +3 -3
- data/lib/puppet/provider/ssh_authorized_key/parsed.rb +2 -2
- data/lib/puppet/provider/sshkey/parsed.rb +0 -0
- data/lib/puppet/provider/user/aix.rb +0 -0
- data/lib/puppet/provider/user/directoryservice.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +1 -1
- data/lib/puppet/provider/zone/solaris.rb +1 -1
- data/lib/puppet/rails/benchmark.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -2
- data/lib/puppet/reference/indirection.rb +12 -14
- data/lib/puppet/relationship.rb +7 -4
- data/lib/puppet/reports.rb +2 -2
- data/lib/puppet/reports/rrdgraph.rb +1 -1
- data/lib/puppet/reports/store.rb +3 -3
- data/lib/puppet/reports/tagmail.rb +2 -2
- data/lib/puppet/resource.rb +66 -8
- data/lib/puppet/resource/catalog.rb +18 -25
- data/lib/puppet/resource/status.rb +10 -4
- data/lib/puppet/run.rb +6 -2
- data/lib/puppet/settings.rb +39 -119
- data/lib/puppet/settings/base_setting.rb +8 -9
- data/lib/puppet/settings/directory_setting.rb +8 -0
- data/lib/puppet/settings/file_setting.rb +35 -1
- data/lib/puppet/settings/priority_setting.rb +42 -0
- data/lib/puppet/ssl.rb +4 -0
- data/lib/puppet/ssl/certificate.rb +18 -0
- data/lib/puppet/ssl/certificate_authority.rb +101 -72
- data/lib/puppet/ssl/certificate_authority/autosign_command.rb +44 -0
- data/lib/puppet/ssl/certificate_authority/interface.rb +21 -17
- data/lib/puppet/ssl/certificate_factory.rb +38 -12
- data/lib/puppet/ssl/certificate_request.rb +201 -47
- data/lib/puppet/ssl/certificate_request_attributes.rb +34 -0
- data/lib/puppet/ssl/certificate_revocation_list.rb +2 -2
- data/lib/puppet/ssl/host.rb +21 -10
- data/lib/puppet/ssl/inventory.rb +6 -10
- data/lib/puppet/ssl/key.rb +1 -1
- data/lib/puppet/ssl/oids.rb +78 -0
- data/lib/puppet/ssl/validator.rb +41 -97
- data/lib/puppet/ssl/validator/default_validator.rb +153 -0
- data/lib/puppet/ssl/validator/no_validator.rb +17 -0
- data/lib/puppet/status.rb +4 -0
- data/lib/puppet/test/test_helper.rb +5 -0
- data/lib/puppet/transaction.rb +13 -0
- data/lib/puppet/transaction/event.rb +8 -3
- data/lib/puppet/transaction/report.rb +6 -2
- data/lib/puppet/transaction/resource_harness.rb +173 -115
- data/lib/puppet/type.rb +30 -13
- data/lib/puppet/type/augeas.rb +12 -46
- data/lib/puppet/type/component.rb +1 -7
- data/lib/puppet/type/cron.rb +0 -0
- data/lib/puppet/type/exec.rb +13 -1
- data/lib/puppet/type/file.rb +19 -10
- data/lib/puppet/type/file/checksum.rb +0 -0
- data/lib/puppet/type/file/content.rb +3 -0
- data/lib/puppet/type/file/ensure.rb +33 -15
- data/lib/puppet/type/file/group.rb +0 -0
- data/lib/puppet/type/file/mode.rb +6 -2
- data/lib/puppet/type/file/owner.rb +0 -0
- data/lib/puppet/type/file/source.rb +65 -14
- data/lib/puppet/type/file/target.rb +6 -6
- data/lib/puppet/type/file/type.rb +0 -0
- data/lib/puppet/type/filebucket.rb +0 -0
- data/lib/puppet/type/group.rb +18 -0
- data/lib/puppet/type/host.rb +0 -0
- data/lib/puppet/type/k5login.rb +4 -4
- data/lib/puppet/type/mailalias.rb +0 -0
- data/lib/puppet/type/maillist.rb +0 -0
- data/lib/puppet/type/mount.rb +15 -1
- data/lib/puppet/type/package.rb +7 -1
- data/lib/puppet/type/port.rb +0 -0
- data/lib/puppet/type/schedule.rb +9 -4
- data/lib/puppet/type/service.rb +1 -1
- data/lib/puppet/type/sshkey.rb +0 -0
- data/lib/puppet/type/tidy.rb +1 -1
- data/lib/puppet/type/user.rb +3 -0
- data/lib/puppet/type/yumrepo.rb +8 -6
- data/lib/puppet/type/zpool.rb +0 -0
- data/lib/puppet/util.rb +4 -31
- data/lib/puppet/util/adsi.rb +73 -17
- data/lib/puppet/util/autoload.rb +3 -3
- data/lib/puppet/util/backups.rb +4 -4
- data/lib/puppet/util/cacher.rb +7 -13
- data/lib/puppet/util/checksums.rb +2 -2
- data/lib/puppet/util/classgen.rb +3 -1
- data/lib/puppet/util/colors.rb +1 -0
- data/lib/puppet/util/command_line.rb +5 -0
- data/lib/puppet/util/docs.rb +33 -27
- data/lib/puppet/util/execution.rb +42 -18
- data/lib/puppet/util/filetype.rb +3 -3
- data/lib/puppet/util/instance_loader.rb +2 -2
- data/lib/puppet/util/instrumentation.rb +23 -42
- data/lib/puppet/util/instrumentation/data.rb +11 -4
- data/lib/puppet/util/instrumentation/indirection_probe.rb +11 -4
- data/lib/puppet/util/instrumentation/instrumentable.rb +7 -14
- data/lib/puppet/util/instrumentation/listener.rb +15 -8
- data/lib/puppet/util/instrumentation/listeners/log.rb +4 -10
- data/lib/puppet/util/instrumentation/listeners/performance.rb +8 -14
- data/lib/puppet/util/limits.rb +12 -0
- data/lib/puppet/util/lockfile.rb +2 -2
- data/lib/puppet/util/log.rb +14 -6
- data/lib/puppet/util/log/destinations.rb +23 -1
- data/lib/puppet/util/metric.rb +9 -3
- data/lib/puppet/util/monkey_patches.rb +7 -2
- data/lib/puppet/util/network_device/config.rb +1 -1
- data/lib/puppet/util/plugins.rb +1 -1
- data/lib/puppet/util/posix.rb +0 -0
- data/lib/puppet/util/profiler.rb +7 -2
- data/lib/puppet/util/provider_features.rb +2 -2
- data/lib/puppet/util/rdoc.rb +28 -30
- data/lib/puppet/util/rdoc/code_objects.rb +75 -25
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +1 -1
- data/lib/puppet/util/rdoc/parser.rb +12 -487
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +477 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc1.rb +19 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +14 -0
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +1 -1
- data/lib/puppet/util/storage.rb +2 -2
- data/lib/puppet/util/suidmanager.rb +1 -1
- data/lib/puppet/util/tag_set.rb +29 -0
- data/lib/puppet/util/tagging.rb +8 -24
- data/lib/puppet/util/watched_file.rb +1 -1
- data/lib/puppet/util/watcher.rb +1 -1
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util/windows/access_control_entry.rb +84 -0
- data/lib/puppet/util/windows/access_control_list.rb +106 -0
- data/lib/puppet/util/windows/file.rb +213 -0
- data/lib/puppet/util/windows/process.rb +199 -0
- data/lib/puppet/util/windows/root_certs.rb +52 -37
- data/lib/puppet/util/windows/security.rb +270 -245
- data/lib/puppet/util/windows/security_descriptor.rb +62 -0
- data/lib/puppet/util/windows/sid.rb +26 -4
- data/lib/puppet/version.rb +2 -2
- data/spec/fixtures/releases/jamtur01-apache/lib/puppet/provider/a2mod/debian.rb +1 -1
- data/spec/fixtures/unit/indirector/{hiera → data_binding/hiera}/global.yaml +0 -0
- data/spec/fixtures/unit/indirector/data_binding/hiera/invalid.yaml +1 -0
- data/spec/fixtures/unit/module/trailing-comma.json +24 -0
- data/spec/fixtures/unit/util/monkey_patches/x509.pem +32 -0
- data/spec/integration/application/apply_spec.rb +1 -1
- data/spec/integration/application/doc_spec.rb +1 -1
- data/spec/integration/configurer_spec.rb +4 -2
- data/spec/integration/data_binding.rb +100 -0
- data/spec/integration/indirector/catalog/compiler_spec.rb +16 -13
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -5
- data/spec/integration/indirector/file_content/file_server_spec.rb +2 -2
- data/spec/integration/node/facts_spec.rb +1 -1
- data/spec/integration/node_spec.rb +1 -1
- data/spec/integration/parser/compiler_spec.rb +90 -0
- data/spec/integration/parser/parser_spec.rb +2 -2
- data/spec/integration/provider/cron/crontab_spec.rb +3 -5
- data/spec/integration/resource/catalog_spec.rb +1 -1
- data/spec/integration/ssl/autosign_spec.rb +90 -0
- data/spec/integration/ssl/certificate_authority_spec.rb +62 -69
- data/spec/integration/ssl/certificate_revocation_list_spec.rb +1 -1
- data/spec/integration/ssl/host_spec.rb +1 -1
- data/spec/integration/transaction_spec.rb +13 -13
- data/spec/integration/type/exec_spec.rb +2 -2
- data/spec/integration/type/file_spec.rb +287 -45
- data/spec/integration/type/tidy_spec.rb +3 -3
- data/spec/integration/util/rdoc/parser_spec.rb +236 -35
- data/spec/integration/util/settings_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +22 -0
- data/spec/integration/util/windows/security_spec.rb +316 -106
- data/spec/lib/matchers/containment_matchers.rb +52 -0
- data/spec/lib/puppet_spec/compiler.rb +6 -0
- data/spec/lib/puppet_spec/files.rb +20 -21
- data/spec/shared_behaviours/documentation_on_faces.rb +3 -3
- data/spec/shared_behaviours/file_server_terminus.rb +2 -2
- data/spec/shared_contexts/platform.rb +1 -0
- data/spec/spec_helper.rb +13 -1
- data/spec/unit/agent_spec.rb +0 -12
- data/spec/unit/application/agent_spec.rb +4 -4
- data/spec/unit/application/apply_spec.rb +18 -2
- data/spec/unit/application/cert_spec.rb +8 -6
- data/spec/unit/application/device_spec.rb +1 -1
- data/spec/unit/application/filebucket_spec.rb +1 -1
- data/spec/unit/application/inspect_spec.rb +1 -1
- data/spec/unit/application_spec.rb +24 -0
- data/spec/unit/configurer/downloader_spec.rb +8 -7
- data/spec/unit/configurer/fact_handler_spec.rb +23 -0
- data/spec/unit/configurer/plugin_handler_spec.rb +7 -2
- data/spec/unit/configurer_spec.rb +15 -5
- data/spec/unit/{provider/confine → confine}/exists_spec.rb +12 -12
- data/spec/unit/{provider/confine → confine}/false_spec.rb +9 -9
- data/spec/unit/{provider/confine → confine}/feature_spec.rb +10 -10
- data/spec/unit/{provider/confine → confine}/true_spec.rb +7 -7
- data/spec/unit/{provider/confine → confine}/variable_spec.rb +16 -16
- data/spec/unit/{provider/confine_collection_spec.rb → confine_collection_spec.rb} +30 -30
- data/spec/unit/{provider/confine_spec.rb → confine_spec.rb} +11 -11
- data/spec/unit/{provider/confiner_spec.rb → confiner_spec.rb} +4 -4
- data/spec/unit/face/parser_spec.rb +54 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/base_spec.rb +32 -9
- data/spec/unit/file_serving/configuration_spec.rb +7 -7
- data/spec/unit/file_serving/content_spec.rb +12 -7
- data/spec/unit/file_serving/fileset_spec.rb +57 -27
- data/spec/unit/file_serving/metadata_spec.rb +74 -12
- data/spec/unit/file_serving/mount/file_spec.rb +10 -10
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +73 -0
- data/spec/unit/file_system/file_spec.rb +486 -0
- data/spec/unit/file_system/tempfile_spec.rb +48 -0
- data/spec/unit/graph/relationship_graph_spec.rb +0 -6
- data/spec/unit/hiera_puppet_spec.rb +2 -2
- data/spec/unit/indirector/catalog/compiler_spec.rb +15 -19
- data/spec/unit/indirector/certificate_status/file_spec.rb +30 -40
- data/spec/unit/indirector/data_binding/hiera_spec.rb +95 -2
- data/spec/unit/indirector/direct_file_server_spec.rb +6 -6
- data/spec/unit/indirector/facts/facter_spec.rb +33 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +61 -52
- data/spec/unit/indirector/file_metadata/file_spec.rb +2 -2
- data/spec/unit/indirector/file_server_spec.rb +4 -4
- data/spec/unit/indirector/json_spec.rb +4 -4
- data/spec/unit/indirector/key/file_spec.rb +13 -14
- data/spec/unit/indirector/resource/ral_spec.rb +7 -0
- data/spec/unit/indirector/resource/store_configs_spec.rb +11 -0
- data/spec/unit/indirector/rest_spec.rb +7 -3
- data/spec/unit/indirector/ssl_file_spec.rb +14 -17
- data/spec/unit/indirector/yaml_spec.rb +4 -4
- data/spec/unit/module_spec.rb +43 -15
- data/spec/unit/module_tool/tar/gnu_spec.rb +2 -2
- data/spec/unit/module_tool/tar/solaris_spec.rb +2 -2
- data/spec/unit/module_tool/tar_spec.rb +45 -0
- data/spec/unit/network/authconfig_spec.rb +2 -1
- data/spec/unit/network/authentication_spec.rb +2 -2
- data/spec/unit/network/format_handler_spec.rb +2 -2
- data/spec/unit/network/formats_spec.rb +24 -0
- data/spec/unit/network/http/connection_spec.rb +76 -199
- data/spec/unit/network/http/handler_spec.rb +33 -34
- data/spec/unit/network/http_pool_spec.rb +8 -5
- data/spec/unit/node/environment_spec.rb +76 -90
- data/spec/unit/node/facts_spec.rb +20 -3
- data/spec/unit/node_spec.rb +43 -0
- data/spec/unit/parameter/boolean_spec.rb +22 -12
- data/spec/unit/parser/ast/resourceparam_spec.rb +51 -0
- data/spec/unit/parser/compiler_spec.rb +103 -35
- data/spec/unit/parser/eparser_adapter_spec.rb +12 -12
- data/spec/unit/parser/files_spec.rb +11 -11
- data/spec/unit/parser/functions/contain_spec.rb +185 -0
- data/spec/unit/parser/functions/create_resources_spec.rb +13 -5
- data/spec/unit/parser/functions/generate_spec.rb +1 -1
- data/spec/unit/parser/functions_spec.rb +2 -2
- data/spec/unit/parser/lexer_spec.rb +1 -1
- data/spec/unit/parser/methods/each_spec.rb +1 -1
- data/spec/unit/parser/methods/{select_spec.rb → filter_spec.rb} +11 -11
- data/spec/unit/parser/methods/map_spec.rb +95 -0
- data/spec/unit/parser/methods/reduce_spec.rb +12 -11
- data/spec/unit/parser/methods/shared.rb +5 -5
- data/spec/unit/parser/methods/slice_spec.rb +13 -13
- data/spec/unit/parser/parser_spec.rb +1 -1
- data/spec/unit/parser/resource/param_spec.rb +44 -0
- data/spec/unit/parser/resource_spec.rb +16 -15
- data/spec/unit/pops/model/ast_transformer_spec.rb +18 -4
- data/spec/unit/pops/parser/lexer_spec.rb +22 -5
- data/spec/unit/pops/parser/parse_calls_spec.rb +5 -5
- data/spec/unit/pops/transformer/transform_calls_spec.rb +6 -6
- data/spec/unit/pops/transformer/transform_containers_spec.rb +2 -2
- data/spec/unit/pops/validator/validator_spec.rb +31 -0
- data/spec/unit/provider/augeas/augeas_spec.rb +57 -2
- data/spec/unit/provider/exec/posix_spec.rb +8 -3
- data/spec/unit/provider/file/posix_spec.rb +2 -2
- data/spec/unit/provider/group/windows_adsi_spec.rb +70 -3
- data/spec/unit/provider/nameservice/directoryservice_spec.rb +3 -3
- data/spec/unit/provider/package/apt_spec.rb +1 -1
- data/spec/unit/provider/package/msi_spec.rb +15 -42
- data/spec/unit/provider/package/openbsd_spec.rb +3 -3
- data/spec/unit/provider/package/rpm_spec.rb +56 -13
- data/spec/unit/provider/package/windows_spec.rb +15 -19
- data/spec/unit/provider/service/base_spec.rb +1 -1
- data/spec/unit/provider/service/daemontools_spec.rb +18 -8
- data/spec/unit/provider/service/freebsd_spec.rb +3 -3
- data/spec/unit/provider/service/gentoo_spec.rb +5 -2
- data/spec/unit/provider/service/init_spec.rb +17 -17
- data/spec/unit/provider/service/launchd_spec.rb +76 -23
- data/spec/unit/provider/service/openbsd_spec.rb +125 -0
- data/spec/unit/provider/service/openwrt_spec.rb +1 -1
- data/spec/unit/provider/service/runit_spec.rb +12 -5
- data/spec/unit/provider/service/upstart_spec.rb +4 -4
- data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +5 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +4 -4
- data/spec/unit/provider/zone/solaris_spec.rb +1 -1
- data/spec/unit/provider_spec.rb +2 -2
- data/spec/unit/reports/http_spec.rb +19 -34
- data/spec/unit/reports/store_spec.rb +2 -2
- data/spec/unit/resource/catalog_spec.rb +81 -11
- data/spec/unit/resource/status_spec.rb +11 -1
- data/spec/unit/resource/type_spec.rb +30 -1
- data/spec/unit/resource_spec.rb +40 -4
- data/spec/unit/settings/file_setting_spec.rb +2 -2
- data/spec/unit/settings/path_setting_spec.rb +2 -2
- data/spec/unit/settings/priority_setting_spec.rb +66 -0
- data/spec/unit/settings_spec.rb +16 -31
- data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +30 -0
- data/spec/unit/ssl/certificate_authority_spec.rb +129 -134
- data/spec/unit/ssl/certificate_factory_spec.rb +18 -0
- data/spec/unit/ssl/certificate_request_attributes_spec.rb +61 -0
- data/spec/unit/ssl/certificate_request_spec.rb +103 -0
- data/spec/unit/ssl/certificate_spec.rb +31 -18
- data/spec/unit/ssl/host_spec.rb +34 -8
- data/spec/unit/ssl/inventory_spec.rb +27 -62
- data/spec/unit/ssl/key_spec.rb +4 -4
- data/spec/unit/ssl/oids_spec.rb +48 -0
- data/spec/unit/ssl/validator_spec.rb +49 -6
- data/spec/unit/status_spec.rb +9 -0
- data/spec/unit/transaction/event_spec.rb +1 -9
- data/spec/unit/transaction/report_spec.rb +20 -1
- data/spec/unit/transaction/resource_harness_spec.rb +60 -210
- data/spec/unit/transaction_spec.rb +54 -8
- data/spec/unit/type/component_spec.rb +2 -2
- data/spec/unit/type/exec_spec.rb +14 -7
- data/spec/unit/type/file/content_spec.rb +13 -2
- data/spec/unit/type/file/ctime_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +48 -2
- data/spec/unit/type/file/mtime_spec.rb +1 -1
- data/spec/unit/type/file/source_spec.rb +177 -7
- data/spec/unit/type/file_spec.rb +63 -71
- data/spec/unit/type/group_spec.rb +20 -0
- data/spec/unit/type/k5login_spec.rb +3 -3
- data/spec/unit/type/mount_spec.rb +53 -0
- data/spec/unit/type/nagios_spec.rb +216 -0
- data/spec/unit/type/package_spec.rb +7 -1
- data/spec/unit/type/schedule_spec.rb +6 -0
- data/spec/unit/type/service_spec.rb +3 -3
- data/spec/unit/type/tidy_spec.rb +14 -14
- data/spec/unit/type/user_spec.rb +9 -0
- data/spec/unit/type_spec.rb +86 -4
- data/spec/unit/util/adsi_spec.rb +120 -12
- data/spec/unit/util/autoload_spec.rb +14 -14
- data/spec/unit/util/backups_spec.rb +29 -21
- data/spec/unit/util/checksums_spec.rb +2 -1
- data/spec/unit/util/command_line_spec.rb +41 -0
- data/spec/unit/util/docs_spec.rb +91 -0
- data/spec/unit/util/execution_spec.rb +26 -2
- data/spec/unit/util/filetype_spec.rb +7 -7
- data/spec/unit/util/lockfile_spec.rb +2 -2
- data/spec/unit/util/log/destinations_spec.rb +32 -0
- data/spec/unit/util/monkey_patches_spec.rb +41 -0
- data/spec/unit/util/pidlock_spec.rb +6 -6
- data/spec/unit/util/rdoc/parser_spec.rb +15 -13
- data/spec/unit/util/rdoc_spec.rb +18 -24
- data/spec/unit/util/resource_template_spec.rb +3 -3
- data/spec/unit/util/selinux_spec.rb +4 -2
- data/spec/unit/util/storage_spec.rb +4 -4
- data/spec/unit/util/suidmanager_spec.rb +7 -0
- data/spec/unit/util/tag_set_spec.rb +46 -0
- data/spec/unit/util/tagging_spec.rb +82 -45
- data/spec/unit/util/watcher_spec.rb +4 -1
- data/spec/unit/util/windows/access_control_entry_spec.rb +67 -0
- data/spec/unit/util/windows/access_control_list_spec.rb +133 -0
- data/spec/unit/util/windows/root_certs_spec.rb +10 -8
- data/spec/unit/util/windows/security_descriptor_spec.rb +117 -0
- data/spec/unit/util/windows/sid_spec.rb +69 -0
- data/spec/unit/util_spec.rb +7 -7
- data/tasks/ci.rake +17 -36
- metadata +2811 -2746
- checksums.yaml +0 -7
- data/examples/mac_automount.pp +0 -16
- data/examples/mcx_dock_absent.pp +0 -4
- data/examples/mcx_dock_default.pp +0 -118
- data/examples/mcx_dock_full.pp +0 -125
- data/examples/mcx_dock_invalid.pp +0 -9
- data/examples/mcx_nogroup.pp +0 -118
- data/examples/mcx_notexists_absent.pp +0 -4
- data/ext/rack/README +0 -58
- data/ext/rack/manifest.pp +0 -59
- data/lib/puppet/external/lock.rb +0 -63
- data/lib/puppet/indirector/hiera.rb +0 -39
- data/lib/puppet/parser/functions/foreach.rb +0 -95
- data/spec/integration/network/server/webrick_spec.rb +0 -76
- data/spec/integration/parser/functions_spec.rb +0 -16
- data/spec/unit/indirector/hiera_spec.rb +0 -154
- data/spec/unit/parser/methods/collect_spec.rb +0 -153
- data/spec/unit/parser/methods/foreach_spec.rb +0 -91
- data/spec/unit/parser/methods/reject_spec.rb +0 -73
- data/spec/unit/resource/resource_type.json +0 -34
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'puppet/util/rdoc/parser/puppet_parser_core.rb'
|
2
|
+
|
3
|
+
module RDoc
|
4
|
+
PUPPET_RDOC_VERSION = 1
|
5
|
+
|
6
|
+
# @api private
|
7
|
+
class PuppetParserRDoc1
|
8
|
+
extend ParserFactory
|
9
|
+
include PuppetParserCore
|
10
|
+
|
11
|
+
def create_rdoc_preprocess
|
12
|
+
preprocess = SM::PreProcess.new(@input_file_name, @options.rdoc_include)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
# For backwards compatibility
|
17
|
+
# @api private
|
18
|
+
Parser = PuppetParserRDoc1
|
19
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
require 'puppet/util/rdoc/parser/puppet_parser_core.rb'
|
2
|
+
|
3
|
+
module RDoc
|
4
|
+
PUPPET_RDOC_VERSION = 2
|
5
|
+
|
6
|
+
# @api private
|
7
|
+
class PuppetParserRDoc2 < Parser
|
8
|
+
include PuppetParserCore
|
9
|
+
|
10
|
+
def create_rdoc_preprocess
|
11
|
+
preprocess = Markup::PreProcess.new(@input_file_name, @options.rdoc_include)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -46,7 +46,7 @@ class Puppet::Util::Reference
|
|
46
46
|
# There used to be an attempt to use secure_open / replace_file to secure
|
47
47
|
# the target, too, but that did nothing: the race was still here. We can
|
48
48
|
# get exactly the same benefit from running this effort:
|
49
|
-
File.unlink('/tmp/puppetdoc.tex') rescue nil
|
49
|
+
Puppet::FileSystem::File.unlink('/tmp/puppetdoc.tex') rescue nil
|
50
50
|
output = %x{#{cmd}}
|
51
51
|
unless $CHILD_STATUS == 0
|
52
52
|
$stderr.puts "rst2latex failed"
|
@@ -44,7 +44,7 @@ class Puppet::Util::ResourceTemplate
|
|
44
44
|
end
|
45
45
|
|
46
46
|
def initialize(file, resource)
|
47
|
-
raise ArgumentError, "Template #{file} does not exist" unless
|
47
|
+
raise ArgumentError, "Template #{file} does not exist" unless Puppet::FileSystem::File.exist?(file)
|
48
48
|
@file = file
|
49
49
|
@resource = resource
|
50
50
|
end
|
data/lib/puppet/util/selinux.rb
CHANGED
data/lib/puppet/util/storage.rb
CHANGED
@@ -45,7 +45,7 @@ class Puppet::Util::Storage
|
|
45
45
|
Puppet.settings.use(:main) unless FileTest.directory?(Puppet[:statedir])
|
46
46
|
filename = Puppet[:statefile]
|
47
47
|
|
48
|
-
unless File.
|
48
|
+
unless Puppet::FileSystem::File.exist?(filename)
|
49
49
|
self.init if @@state.nil?
|
50
50
|
return
|
51
51
|
end
|
@@ -80,7 +80,7 @@ class Puppet::Util::Storage
|
|
80
80
|
def self.store
|
81
81
|
Puppet.debug "Storing state"
|
82
82
|
|
83
|
-
Puppet.info "Creating state file #{Puppet[:statefile]}" unless
|
83
|
+
Puppet.info "Creating state file #{Puppet[:statefile]}" unless Puppet::FileSystem::File.exist?(Puppet[:statefile])
|
84
84
|
|
85
85
|
Puppet::Util.benchmark(:debug, "Stored state") do
|
86
86
|
Puppet::Util::Yaml.dump(@@state, Puppet[:statefile])
|
@@ -178,7 +178,7 @@ module Puppet::Util::SUIDManager
|
|
178
178
|
# :custom_environment (default {}) -- a hash of key/value pairs to set as environment variables for the duration
|
179
179
|
# of the command
|
180
180
|
def run_and_capture(command, new_uid=nil, new_gid=nil, options = {})
|
181
|
-
|
181
|
+
Puppet.deprecation_warning("Puppet::Util::SUIDManager.run_and_capture is deprecated; please use Puppet::Util::Execution.execute instead.")
|
182
182
|
# specifying these here rather than in the method signature to allow callers to pass in a partial
|
183
183
|
# set of overrides without affecting the default values for options that they don't pass in
|
184
184
|
default_options = {
|
@@ -0,0 +1,29 @@
|
|
1
|
+
require 'set'
|
2
|
+
|
3
|
+
class Puppet::Util::TagSet < Set
|
4
|
+
def self.from_yaml(yaml)
|
5
|
+
self.new(YAML.load(yaml))
|
6
|
+
end
|
7
|
+
|
8
|
+
def to_yaml
|
9
|
+
@hash.keys.to_yaml
|
10
|
+
end
|
11
|
+
|
12
|
+
def self.from_pson(data)
|
13
|
+
self.new(data)
|
14
|
+
end
|
15
|
+
|
16
|
+
def to_pson(*args)
|
17
|
+
to_a.to_pson
|
18
|
+
end
|
19
|
+
|
20
|
+
# this makes puppet serialize it as an array for backwards
|
21
|
+
# compatibility
|
22
|
+
def to_zaml(z)
|
23
|
+
to_a.to_zaml(z)
|
24
|
+
end
|
25
|
+
|
26
|
+
def join(*args)
|
27
|
+
to_a.join(*args)
|
28
|
+
end
|
29
|
+
end
|
data/lib/puppet/util/tagging.rb
CHANGED
@@ -1,30 +1,10 @@
|
|
1
|
-
|
2
|
-
# Copyright Luke Kanies
|
1
|
+
require 'puppet/util/tag_set'
|
3
2
|
|
4
|
-
# A common module to handle tagging.
|
5
|
-
#
|
6
|
-
# So, do you want the bad news or the good news first?
|
7
|
-
#
|
8
|
-
# The bad news is that using an array here is hugely costly compared to using
|
9
|
-
# a hash. Like, the same speed empty, 50 percent slower with one item, and
|
10
|
-
# 300 percent slower at 6 - one of our common peaks for tagging items.
|
11
|
-
#
|
12
|
-
# ...and that assumes an efficient implementation, just using include?. These
|
13
|
-
# methods have even more costs hidden in them.
|
14
|
-
#
|
15
|
-
# The good news is that this module has no API. Various objects directly
|
16
|
-
# interact with their `@tags` member as an array, or dump it directly in YAML,
|
17
|
-
# or whatever.
|
18
|
-
#
|
19
|
-
# So, er, you can't actually change this. No matter how much you want to be
|
20
|
-
# cause it is inefficient in both CPU and object allocation terms.
|
21
|
-
#
|
22
|
-
# Good luck, my friend. --daniel 2012-07-17
|
23
3
|
module Puppet::Util::Tagging
|
24
4
|
# Add a tag to our current list. These tags will be added to all
|
25
5
|
# of the objects contained in this scope.
|
26
6
|
def tag(*ary)
|
27
|
-
@tags ||=
|
7
|
+
@tags ||= new_tags
|
28
8
|
|
29
9
|
qualified = []
|
30
10
|
|
@@ -45,12 +25,12 @@ module Puppet::Util::Tagging
|
|
45
25
|
# Return a copy of the tag list, so someone can't ask for our tags
|
46
26
|
# and then modify them.
|
47
27
|
def tags
|
48
|
-
@tags ||=
|
28
|
+
@tags ||= new_tags
|
49
29
|
@tags.dup
|
50
30
|
end
|
51
31
|
|
52
32
|
def tags=(tags)
|
53
|
-
@tags =
|
33
|
+
@tags = new_tags
|
54
34
|
|
55
35
|
return if tags.nil? or tags == ""
|
56
36
|
|
@@ -73,4 +53,8 @@ module Puppet::Util::Tagging
|
|
73
53
|
def valid_tag?(tag)
|
74
54
|
tag.is_a?(String) and tag =~ ValidTagRegex
|
75
55
|
end
|
56
|
+
|
57
|
+
def new_tags
|
58
|
+
Puppet::Util::TagSet.new
|
59
|
+
end
|
76
60
|
end
|
data/lib/puppet/util/watcher.rb
CHANGED
@@ -7,7 +7,7 @@ module Puppet::Util::Watcher
|
|
7
7
|
def self.file_ctime_change_watcher(filename)
|
8
8
|
Puppet::Util::Watcher::ChangeWatcher.watch(lambda do
|
9
9
|
begin
|
10
|
-
File.
|
10
|
+
Puppet::FileSystem::File.new(filename).stat.ctime
|
11
11
|
rescue Errno::ENOENT, Errno::ENOTDIR
|
12
12
|
:absent
|
13
13
|
end
|
data/lib/puppet/util/windows.rb
CHANGED
@@ -8,6 +8,9 @@ module Puppet::Util::Windows
|
|
8
8
|
require 'puppet/util/windows/process'
|
9
9
|
require 'puppet/util/windows/file'
|
10
10
|
require 'puppet/util/windows/root_certs'
|
11
|
+
require 'puppet/util/windows/access_control_entry'
|
12
|
+
require 'puppet/util/windows/access_control_list'
|
13
|
+
require 'puppet/util/windows/security_descriptor'
|
11
14
|
end
|
12
15
|
require 'puppet/util/windows/registry'
|
13
16
|
end
|
@@ -0,0 +1,84 @@
|
|
1
|
+
# Windows Access Control Entry
|
2
|
+
#
|
3
|
+
# Represents an access control entry, which grants or denies a subject,
|
4
|
+
# identified by a SID, rights to a securable object.
|
5
|
+
#
|
6
|
+
# @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa374868(v=vs.85).aspx
|
7
|
+
# @api private
|
8
|
+
class Puppet::Util::Windows::AccessControlEntry
|
9
|
+
require 'puppet/util/windows/security'
|
10
|
+
include Puppet::Util::Windows::SID
|
11
|
+
|
12
|
+
attr_accessor :sid
|
13
|
+
attr_reader :mask, :flags, :type
|
14
|
+
|
15
|
+
OBJECT_INHERIT_ACE = 0x1
|
16
|
+
CONTAINER_INHERIT_ACE = 0x2
|
17
|
+
NO_PROPAGATE_INHERIT_ACE = 0x4
|
18
|
+
INHERIT_ONLY_ACE = 0x8
|
19
|
+
INHERITED_ACE = 0x10
|
20
|
+
|
21
|
+
ACCESS_ALLOWED_ACE_TYPE = 0x0
|
22
|
+
ACCESS_DENIED_ACE_TYPE = 0x1
|
23
|
+
|
24
|
+
def initialize(sid, mask, flags = 0, type = ACCESS_ALLOWED_ACE_TYPE)
|
25
|
+
@sid = sid
|
26
|
+
@mask = mask
|
27
|
+
@flags = flags
|
28
|
+
@type = type
|
29
|
+
end
|
30
|
+
|
31
|
+
# Returns true if this ACE is inherited from a parent. If false,
|
32
|
+
# then the ACE is set directly on the object to which it refers.
|
33
|
+
#
|
34
|
+
# @return [Boolean] true if the ACE is inherited
|
35
|
+
def inherited?
|
36
|
+
(@flags & INHERITED_ACE) == INHERITED_ACE
|
37
|
+
end
|
38
|
+
|
39
|
+
# Returns true if this ACE only applies to children of the object.
|
40
|
+
# If false, it applies to the object.
|
41
|
+
#
|
42
|
+
# @return [Boolean] true if the ACE only applies to children and
|
43
|
+
# not the object itself.
|
44
|
+
def inherit_only?
|
45
|
+
(@flags & INHERIT_ONLY_ACE) == INHERIT_ONLY_ACE
|
46
|
+
end
|
47
|
+
|
48
|
+
# Returns true if this ACE applies to child directories.
|
49
|
+
#
|
50
|
+
# @return [Boolean] true if the ACE applies to child direcories
|
51
|
+
def container_inherit?
|
52
|
+
(@flags & CONTAINER_INHERIT_ACE) == CONTAINER_INHERIT_ACE
|
53
|
+
end
|
54
|
+
|
55
|
+
# Returns true if this ACE applies to child files.
|
56
|
+
#
|
57
|
+
# @return [Boolean] true if the ACE applies to child files.
|
58
|
+
def object_inherit?
|
59
|
+
(@flags & OBJECT_INHERIT_ACE) == OBJECT_INHERIT_ACE
|
60
|
+
end
|
61
|
+
|
62
|
+
def inspect
|
63
|
+
inheritance = ""
|
64
|
+
inheritance << '(I)' if inherited?
|
65
|
+
inheritance << '(OI)' if object_inherit?
|
66
|
+
inheritance << '(CI)' if container_inherit?
|
67
|
+
inheritance << '(IO)' if inherit_only?
|
68
|
+
|
69
|
+
left = "#{sid_to_name(sid)}:#{inheritance}"
|
70
|
+
left = left.ljust(45)
|
71
|
+
"#{left} 0x#{mask.to_s(16)}"
|
72
|
+
end
|
73
|
+
|
74
|
+
# Returns true if this ACE is equal to +other+
|
75
|
+
def ==(other)
|
76
|
+
self.class == other.class &&
|
77
|
+
sid == other.sid &&
|
78
|
+
mask == other.mask &&
|
79
|
+
flags == other.flags &&
|
80
|
+
type == other.type
|
81
|
+
end
|
82
|
+
|
83
|
+
alias eql? ==
|
84
|
+
end
|
@@ -0,0 +1,106 @@
|
|
1
|
+
# Windows Access Control List
|
2
|
+
#
|
3
|
+
# Represents a list of access control entries (ACEs).
|
4
|
+
#
|
5
|
+
# @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa374872(v=vs.85).aspx
|
6
|
+
# @api private
|
7
|
+
class Puppet::Util::Windows::AccessControlList
|
8
|
+
include Enumerable
|
9
|
+
|
10
|
+
ACCESS_ALLOWED_ACE_TYPE = 0x0
|
11
|
+
ACCESS_DENIED_ACE_TYPE = 0x1
|
12
|
+
|
13
|
+
# Construct an ACL.
|
14
|
+
#
|
15
|
+
# @param acl [Enumerable] A list of aces to copy from.
|
16
|
+
def initialize(acl = nil)
|
17
|
+
if acl
|
18
|
+
@aces = acl.map(&:dup)
|
19
|
+
else
|
20
|
+
@aces = []
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
# Enumerate each ACE in the list.
|
25
|
+
#
|
26
|
+
# @yieldparam ace [Hash] the ace
|
27
|
+
def each
|
28
|
+
@aces.each {|ace| yield ace}
|
29
|
+
end
|
30
|
+
|
31
|
+
# Allow the +sid+ to access a resource with the specified access +mask+.
|
32
|
+
#
|
33
|
+
# @param sid [String] The SID that the ACE is granting access to
|
34
|
+
# @param mask [int] The access mask granted to the SID
|
35
|
+
# @param flags [int] The flags assigned to the ACE, e.g. +INHERIT_ONLY_ACE+
|
36
|
+
def allow(sid, mask, flags = 0)
|
37
|
+
@aces << Puppet::Util::Windows::AccessControlEntry.new(sid, mask, flags, ACCESS_ALLOWED_ACE_TYPE)
|
38
|
+
end
|
39
|
+
|
40
|
+
# Deny the +sid+ access to a resource with the specified access +mask+.
|
41
|
+
#
|
42
|
+
# @param sid [String] The SID that the ACE is denying access to
|
43
|
+
# @param mask [int] The access mask denied to the SID
|
44
|
+
# @param flags [int] The flags assigned to the ACE, e.g. +INHERIT_ONLY_ACE+
|
45
|
+
def deny(sid, mask, flags = 0)
|
46
|
+
@aces << Puppet::Util::Windows::AccessControlEntry.new(sid, mask, flags, ACCESS_DENIED_ACE_TYPE)
|
47
|
+
end
|
48
|
+
|
49
|
+
# Reassign all ACEs currently assigned to +old_sid+ to +new_sid+ instead.
|
50
|
+
# If an ACE is inherited or is not assigned to +old_sid+, then it will
|
51
|
+
# be copied as-is to the new ACL, preserving its order within the ACL.
|
52
|
+
#
|
53
|
+
# @param old_sid [String] The old SID, e.g. 'S-1-5-18'
|
54
|
+
# @param new_sid [String] The new SID
|
55
|
+
# @return [AccessControlList] The copied ACL.
|
56
|
+
def reassign!(old_sid, new_sid)
|
57
|
+
new_aces = []
|
58
|
+
prepend_needed = false
|
59
|
+
aces_to_prepend = []
|
60
|
+
|
61
|
+
@aces.each do |ace|
|
62
|
+
new_ace = ace.dup
|
63
|
+
|
64
|
+
if ace.sid == old_sid
|
65
|
+
if ace.inherited?
|
66
|
+
# create an explicit ACE granting or denying the
|
67
|
+
# new_sid the rights that the inherited ACE
|
68
|
+
# granted or denied the old_sid. We mask off all
|
69
|
+
# flags except those affecting inheritance of the
|
70
|
+
# ACE we're creating.
|
71
|
+
inherit_mask = Windows::Security::CONTAINER_INHERIT_ACE |
|
72
|
+
Windows::Security::OBJECT_INHERIT_ACE |
|
73
|
+
Windows::Security::INHERIT_ONLY_ACE
|
74
|
+
explicit_ace = Puppet::Util::Windows::AccessControlEntry.new(new_sid, ace.mask, ace.flags & inherit_mask, ace.type)
|
75
|
+
aces_to_prepend << explicit_ace
|
76
|
+
else
|
77
|
+
new_ace.sid = new_sid
|
78
|
+
|
79
|
+
prepend_needed = old_sid == Win32::Security::SID::LocalSystem
|
80
|
+
end
|
81
|
+
end
|
82
|
+
new_aces << new_ace
|
83
|
+
end
|
84
|
+
|
85
|
+
@aces = []
|
86
|
+
|
87
|
+
if prepend_needed
|
88
|
+
mask = Windows::Security::STANDARD_RIGHTS_ALL | Windows::Security::SPECIFIC_RIGHTS_ALL
|
89
|
+
ace = Puppet::Util::Windows::AccessControlEntry.new(
|
90
|
+
Win32::Security::SID::LocalSystem,
|
91
|
+
mask)
|
92
|
+
@aces << ace
|
93
|
+
end
|
94
|
+
|
95
|
+
@aces.concat(aces_to_prepend)
|
96
|
+
@aces.concat(new_aces)
|
97
|
+
end
|
98
|
+
|
99
|
+
def inspect
|
100
|
+
str = ""
|
101
|
+
@aces.each do |ace|
|
102
|
+
str << " #{ace.inspect}\n"
|
103
|
+
end
|
104
|
+
str
|
105
|
+
end
|
106
|
+
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'puppet/util/windows'
|
2
2
|
|
3
3
|
module Puppet::Util::Windows::File
|
4
|
+
require 'ffi'
|
4
5
|
require 'windows/api'
|
5
6
|
require 'windows/wide_string'
|
6
7
|
|
@@ -24,4 +25,216 @@ module Puppet::Util::Windows::File
|
|
24
25
|
new("MoveFileEx(#{source}, #{target}, #{flags.to_s(8)})")
|
25
26
|
end
|
26
27
|
module_function :move_file_ex
|
28
|
+
|
29
|
+
module API
|
30
|
+
extend FFI::Library
|
31
|
+
ffi_lib 'kernel32'
|
32
|
+
ffi_convention :stdcall
|
33
|
+
|
34
|
+
# BOOLEAN WINAPI CreateSymbolicLink(
|
35
|
+
# _In_ LPTSTR lpSymlinkFileName, - symbolic link to be created
|
36
|
+
# _In_ LPTSTR lpTargetFileName, - name of target for symbolic link
|
37
|
+
# _In_ DWORD dwFlags - 0x0 target is a file, 0x1 target is a directory
|
38
|
+
# );
|
39
|
+
# rescue on Windows < 6.0 so that code doesn't explode
|
40
|
+
begin
|
41
|
+
attach_function :create_symbolic_link, :CreateSymbolicLinkW,
|
42
|
+
[:buffer_in, :buffer_in, :uint], :bool
|
43
|
+
rescue LoadError
|
44
|
+
end
|
45
|
+
|
46
|
+
# DWORD WINAPI GetFileAttributes(
|
47
|
+
# _In_ LPCTSTR lpFileName
|
48
|
+
# );
|
49
|
+
attach_function :get_file_attributes, :GetFileAttributesW,
|
50
|
+
[:buffer_in], :uint
|
51
|
+
|
52
|
+
# HANDLE WINAPI CreateFile(
|
53
|
+
# _In_ LPCTSTR lpFileName,
|
54
|
+
# _In_ DWORD dwDesiredAccess,
|
55
|
+
# _In_ DWORD dwShareMode,
|
56
|
+
# _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes,
|
57
|
+
# _In_ DWORD dwCreationDisposition,
|
58
|
+
# _In_ DWORD dwFlagsAndAttributes,
|
59
|
+
# _In_opt_ HANDLE hTemplateFile
|
60
|
+
# );
|
61
|
+
attach_function :create_file, :CreateFileW,
|
62
|
+
[:buffer_in, :uint, :uint, :pointer, :uint, :uint, :uint], :uint
|
63
|
+
|
64
|
+
# http://msdn.microsoft.com/en-us/library/windows/desktop/aa363216(v=vs.85).aspx
|
65
|
+
# BOOL WINAPI DeviceIoControl(
|
66
|
+
# _In_ HANDLE hDevice,
|
67
|
+
# _In_ DWORD dwIoControlCode,
|
68
|
+
# _In_opt_ LPVOID lpInBuffer,
|
69
|
+
# _In_ DWORD nInBufferSize,
|
70
|
+
# _Out_opt_ LPVOID lpOutBuffer,
|
71
|
+
# _In_ DWORD nOutBufferSize,
|
72
|
+
# _Out_opt_ LPDWORD lpBytesReturned,
|
73
|
+
# _Inout_opt_ LPOVERLAPPED lpOverlapped
|
74
|
+
# );
|
75
|
+
attach_function :device_io_control, :DeviceIoControl,
|
76
|
+
[:uint, :uint, :pointer, :uint, :pointer, :uint, :pointer, :pointer], :bool
|
77
|
+
|
78
|
+
MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 16384
|
79
|
+
|
80
|
+
# REPARSE_DATA_BUFFER
|
81
|
+
# http://msdn.microsoft.com/en-us/library/cc232006.aspx
|
82
|
+
# http://msdn.microsoft.com/en-us/library/windows/hardware/ff552012(v=vs.85).aspx
|
83
|
+
# struct is always MAXIMUM_REPARSE_DATA_BUFFER_SIZE bytes
|
84
|
+
class ReparseDataBuffer < FFI::Struct
|
85
|
+
layout :reparse_tag, :uint,
|
86
|
+
:reparse_data_length, :ushort,
|
87
|
+
:reserved, :ushort,
|
88
|
+
:substitute_name_offset, :ushort,
|
89
|
+
:substitute_name_length, :ushort,
|
90
|
+
:print_name_offset, :ushort,
|
91
|
+
:print_name_length, :ushort,
|
92
|
+
:flags, :uint,
|
93
|
+
# max less above fields dword / uint 4 bytes, ushort 2 bytes
|
94
|
+
:path_buffer, [:uchar, MAXIMUM_REPARSE_DATA_BUFFER_SIZE - 20]
|
95
|
+
end
|
96
|
+
|
97
|
+
# BOOL WINAPI CloseHandle(
|
98
|
+
# _In_ HANDLE hObject
|
99
|
+
# );
|
100
|
+
attach_function :close_handle, :CloseHandle, [:uint], :bool
|
101
|
+
end
|
102
|
+
|
103
|
+
def symlink(target, symlink)
|
104
|
+
flags = File.directory?(target) ? 0x1 : 0x0
|
105
|
+
result = API.create_symbolic_link(WideString.new(symlink.to_s),
|
106
|
+
WideString.new(target.to_s), flags)
|
107
|
+
return true if result
|
108
|
+
raise Puppet::Util::Windows::Error.new(
|
109
|
+
"CreateSymbolicLink(#{symlink}, #{target}, #{flags.to_s(8)})")
|
110
|
+
end
|
111
|
+
module_function :symlink
|
112
|
+
|
113
|
+
INVALID_FILE_ATTRIBUTES = 0xFFFFFFFF #define INVALID_FILE_ATTRIBUTES (DWORD (-1))
|
114
|
+
def self.get_file_attributes(file_name)
|
115
|
+
result = API.get_file_attributes(WideString.new(file_name.to_s))
|
116
|
+
return result unless result == INVALID_FILE_ATTRIBUTES
|
117
|
+
raise Puppet::Util::Windows::Error.new("GetFileAttributes(#{file_name})")
|
118
|
+
end
|
119
|
+
|
120
|
+
INVALID_HANDLE_VALUE = -1 #define INVALID_HANDLE_VALUE ((HANDLE)(LONG_PTR)-1)
|
121
|
+
def self.create_file(file_name, desired_access, share_mode, security_attributes,
|
122
|
+
creation_disposition, flags_and_attributes, template_file_handle)
|
123
|
+
|
124
|
+
result = API.create_file(WideString.new(file_name.to_s),
|
125
|
+
desired_access, share_mode, security_attributes, creation_disposition,
|
126
|
+
flags_and_attributes, template_file_handle)
|
127
|
+
|
128
|
+
return result unless result == INVALID_HANDLE_VALUE
|
129
|
+
raise Puppet::Util::Windows::Error.new(
|
130
|
+
"CreateFile(#{file_name}, #{desired_access.to_s(8)}, #{share_mode.to_s(8)}, " +
|
131
|
+
"#{security_attributes}, #{creation_disposition.to_s(8)}, " +
|
132
|
+
"#{flags_and_attributes.to_s(8)}, #{template_file_handle})")
|
133
|
+
end
|
134
|
+
|
135
|
+
def self.device_io_control(handle, io_control_code, in_buffer = nil, out_buffer = nil)
|
136
|
+
if out_buffer.nil?
|
137
|
+
raise Puppet::Util::Windows::Error.new("out_buffer is required")
|
138
|
+
end
|
139
|
+
|
140
|
+
result = API.device_io_control(
|
141
|
+
handle,
|
142
|
+
io_control_code,
|
143
|
+
in_buffer, in_buffer.nil? ? 0 : in_buffer.size,
|
144
|
+
out_buffer, out_buffer.size,
|
145
|
+
FFI::MemoryPointer.new(:uint, 1),
|
146
|
+
nil
|
147
|
+
)
|
148
|
+
|
149
|
+
return out_buffer if result
|
150
|
+
raise Puppet::Util::Windows::Error.new(
|
151
|
+
"DeviceIoControl(#{handle}, #{io_control_code}, #{in_buffer}, #{in_buffer.size}, " +
|
152
|
+
"#{out_buffer}, #{out_buffer.size}")
|
153
|
+
end
|
154
|
+
|
155
|
+
FILE_ATTRIBUTE_REPARSE_POINT = 0x400
|
156
|
+
def symlink?(file_name)
|
157
|
+
begin
|
158
|
+
attributes = get_file_attributes(file_name)
|
159
|
+
(attributes & FILE_ATTRIBUTE_REPARSE_POINT) == FILE_ATTRIBUTE_REPARSE_POINT
|
160
|
+
rescue
|
161
|
+
# raised INVALID_FILE_ATTRIBUTES is equivalent to file not found
|
162
|
+
false
|
163
|
+
end
|
164
|
+
end
|
165
|
+
module_function :symlink?
|
166
|
+
|
167
|
+
GENERIC_READ = 0x80000000
|
168
|
+
FILE_SHARE_READ = 1
|
169
|
+
OPEN_EXISTING = 3
|
170
|
+
FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000
|
171
|
+
FILE_FLAG_BACKUP_SEMANTICS = 0x02000000
|
172
|
+
|
173
|
+
def self.open_symlink(link_name)
|
174
|
+
begin
|
175
|
+
yield handle = create_file(
|
176
|
+
WideString.new(link_name.to_s),
|
177
|
+
GENERIC_READ,
|
178
|
+
FILE_SHARE_READ,
|
179
|
+
nil, # security_attributes
|
180
|
+
OPEN_EXISTING,
|
181
|
+
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
|
182
|
+
0) # template_file
|
183
|
+
ensure
|
184
|
+
API.close_handle(handle) if handle
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
def readlink(link_name)
|
189
|
+
open_symlink(link_name) do |handle|
|
190
|
+
resolve_symlink(handle)
|
191
|
+
end
|
192
|
+
end
|
193
|
+
module_function :readlink
|
194
|
+
|
195
|
+
def stat(file_name)
|
196
|
+
file_name = file_name.to_s # accomodate PathName or String
|
197
|
+
stat = File.stat(file_name)
|
198
|
+
if symlink?(file_name)
|
199
|
+
link_ftype = File.stat(readlink(file_name)).ftype
|
200
|
+
# sigh, monkey patch instance method for instance, and close over link_ftype
|
201
|
+
singleton_class = class << stat; self; end
|
202
|
+
singleton_class.send(:define_method, :ftype) do
|
203
|
+
link_ftype
|
204
|
+
end
|
205
|
+
end
|
206
|
+
stat
|
207
|
+
end
|
208
|
+
module_function :stat
|
209
|
+
|
210
|
+
def lstat(file_name)
|
211
|
+
file_name = file_name.to_s # accomodate PathName or String
|
212
|
+
# monkey'ing around!
|
213
|
+
stat = File.lstat(file_name)
|
214
|
+
if symlink?(file_name)
|
215
|
+
def stat.ftype
|
216
|
+
"link"
|
217
|
+
end
|
218
|
+
end
|
219
|
+
stat
|
220
|
+
end
|
221
|
+
module_function :lstat
|
222
|
+
|
223
|
+
private
|
224
|
+
|
225
|
+
# http://msdn.microsoft.com/en-us/library/windows/desktop/aa364571(v=vs.85).aspx
|
226
|
+
FSCTL_GET_REPARSE_POINT = 0x900a8
|
227
|
+
|
228
|
+
def self.resolve_symlink(handle)
|
229
|
+
# must be multiple of 1024, min 10240
|
230
|
+
out_buffer = FFI::MemoryPointer.new(API::ReparseDataBuffer.size)
|
231
|
+
device_io_control(handle, FSCTL_GET_REPARSE_POINT, nil, out_buffer)
|
232
|
+
|
233
|
+
reparse_data = API::ReparseDataBuffer.new(out_buffer)
|
234
|
+
offset = reparse_data[:print_name_offset]
|
235
|
+
length = reparse_data[:print_name_length]
|
236
|
+
|
237
|
+
result = reparse_data[:path_buffer].to_a[offset, length].pack('C*')
|
238
|
+
result.force_encoding('UTF-16LE').encode(Encoding.default_external)
|
239
|
+
end
|
27
240
|
end
|