puppet 3.3.2 → 3.4.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CONTRIBUTING.md +22 -0
- data/Gemfile +11 -2
- data/README.md +13 -17
- data/README_DEVELOPER.md +1 -1
- data/Rakefile +1 -1
- data/examples/hiera/README.md +4 -4
- data/ext/debian/puppetmaster.init +1 -0
- data/ext/debian/rules +2 -5
- data/ext/nagios/check_puppet.rb +7 -7
- data/ext/osx/file_mapping.yaml +1 -1
- data/ext/osx/preflight.erb +34 -19
- data/ext/rack/{files/config.ru → config.ru} +0 -0
- data/ext/rack/{files/apache2.conf → example-passenger-vhost.conf} +6 -0
- data/ext/redhat/puppet.spec.erb +20 -2
- data/ext/systemd/{puppetagent.service → puppet.service} +0 -0
- data/lib/hiera_puppet.rb +2 -2
- data/lib/puppet/agent.rb +1 -6
- data/lib/puppet/application.rb +15 -2
- data/lib/puppet/application/agent.rb +2 -7
- data/lib/puppet/application/apply.rb +8 -13
- data/lib/puppet/application/cert.rb +47 -7
- data/lib/puppet/application/device.rb +1 -6
- data/lib/puppet/application/face_base.rb +1 -1
- data/lib/puppet/application/filebucket.rb +1 -1
- data/lib/puppet/application/inspect.rb +3 -12
- data/lib/puppet/application/master.rb +1 -6
- data/lib/puppet/application/queue.rb +1 -6
- data/lib/puppet/application/resource.rb +2 -6
- data/lib/puppet/coercion.rb +11 -0
- data/lib/puppet/configurer.rb +5 -3
- data/lib/puppet/configurer/downloader.rb +3 -1
- data/lib/puppet/configurer/plugin_handler.rb +10 -0
- data/lib/puppet/confine.rb +80 -0
- data/lib/puppet/{provider/confine → confine}/exists.rb +3 -3
- data/lib/puppet/{provider/confine → confine}/false.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/feature.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/true.rb +2 -2
- data/lib/puppet/{provider/confine → confine}/variable.rb +2 -2
- data/lib/puppet/{provider/confine_collection.rb → confine_collection.rb} +4 -4
- data/lib/puppet/{provider/confiner.rb → confiner.rb} +4 -4
- data/lib/puppet/daemon.rb +2 -6
- data/lib/puppet/data_binding.rb +2 -30
- data/lib/puppet/defaults.rb +283 -174
- data/lib/puppet/error.rb +1 -0
- data/lib/puppet/external/nagios.rb +0 -2
- data/lib/puppet/external/nagios/base.rb +4 -3
- data/lib/puppet/external/nagios/grammar.ry +173 -112
- data/lib/puppet/external/nagios/parser.rb +233 -184
- data/lib/puppet/face/file/store.rb +1 -1
- data/lib/puppet/face/module/generate.rb +5 -7
- data/lib/puppet/face/parser.rb +12 -2
- data/lib/puppet/face/plugin.rb +6 -0
- data/lib/puppet/feature/base.rb +16 -0
- data/lib/puppet/feature/external_facts.rb +5 -0
- data/lib/puppet/feature/libuser.rb +1 -1
- data/lib/puppet/feature/msgpack.rb +1 -0
- data/lib/puppet/feature/rails.rb +2 -2
- data/lib/puppet/file_bucket/dipper.rb +8 -6
- data/lib/puppet/file_bucket/file.rb +17 -1
- data/lib/puppet/file_serving/base.rb +21 -10
- data/lib/puppet/file_serving/configuration.rb +5 -7
- data/lib/puppet/file_serving/configuration/parser.rb +1 -1
- data/lib/puppet/file_serving/content.rb +1 -1
- data/lib/puppet/file_serving/fileset.rb +3 -3
- data/lib/puppet/file_serving/metadata.rb +22 -18
- data/lib/puppet/file_serving/mount/file.rb +1 -1
- data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
- data/lib/puppet/file_system.rb +3 -0
- data/lib/puppet/file_system/file.rb +261 -0
- data/lib/puppet/file_system/file18.rb +5 -0
- data/lib/puppet/file_system/file19.rb +5 -0
- data/lib/puppet/file_system/file19windows.rb +113 -0
- data/lib/puppet/file_system/memory_file.rb +31 -0
- data/lib/puppet/file_system/tempfile.rb +20 -0
- data/lib/puppet/indirector/active_record.rb +1 -0
- data/lib/puppet/indirector/catalog/compiler.rb +28 -0
- data/lib/puppet/indirector/certificate_request/memory.rb +6 -0
- data/lib/puppet/indirector/data_binding/hiera.rb +46 -2
- data/lib/puppet/indirector/direct_file_server.rb +2 -2
- data/lib/puppet/indirector/facts/facter.rb +25 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +60 -74
- data/lib/puppet/indirector/indirection.rb +5 -1
- data/lib/puppet/indirector/json.rb +1 -1
- data/lib/puppet/indirector/key/ca.rb +4 -0
- data/lib/puppet/indirector/key/file.rb +7 -3
- data/lib/puppet/indirector/key/memory.rb +6 -0
- data/lib/puppet/indirector/node/write_only_yaml.rb +2 -2
- data/lib/puppet/indirector/request.rb +17 -11
- data/lib/puppet/indirector/resource/ral.rb +5 -0
- data/lib/puppet/indirector/resource/rest.rb +1 -0
- data/lib/puppet/indirector/resource/store_configs.rb +4 -0
- data/lib/puppet/indirector/rest.rb +2 -1
- data/lib/puppet/indirector/ssl_file.rb +7 -7
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/indirector/yaml.rb +3 -3
- data/lib/puppet/interface/documentation.rb +4 -11
- data/lib/puppet/module.rb +19 -6
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/checksums.rb +1 -1
- data/lib/puppet/module_tool/dependency.rb +7 -3
- data/lib/puppet/module_tool/metadata.rb +6 -2
- data/lib/puppet/module_tool/tar.rb +2 -1
- data/lib/puppet/module_tool/tar/gnu.rb +6 -2
- data/lib/puppet/module_tool/tar/mini.rb +2 -0
- data/lib/puppet/module_tool/tar/solaris.rb +2 -5
- data/lib/puppet/network/authconfig.rb +0 -2
- data/lib/puppet/network/authentication.rb +1 -1
- data/lib/puppet/network/authstore.rb +6 -7
- data/lib/puppet/network/format.rb +2 -3
- data/lib/puppet/network/format_handler.rb +16 -11
- data/lib/puppet/network/format_support.rb +14 -0
- data/lib/puppet/network/formats.rb +26 -0
- data/lib/puppet/network/http/connection.rb +8 -41
- data/lib/puppet/network/http/handler.rb +28 -32
- data/lib/puppet/network/http/webrick.rb +15 -22
- data/lib/puppet/network/http_pool.rb +43 -9
- data/lib/puppet/network/rights.rb +0 -0
- data/lib/puppet/node.rb +24 -8
- data/lib/puppet/node/environment.rb +18 -20
- data/lib/puppet/node/facts.rb +23 -6
- data/lib/puppet/parameter.rb +15 -2
- data/lib/puppet/parameter/boolean.rb +5 -0
- data/lib/puppet/parameter/value_collection.rb +6 -4
- data/lib/puppet/parser/ast/resourceparam.rb +2 -1
- data/lib/puppet/parser/compiler.rb +25 -9
- data/lib/puppet/parser/files.rb +1 -1
- data/lib/puppet/parser/functions.rb +12 -21
- data/lib/puppet/parser/functions/collect.rb +6 -35
- data/lib/puppet/parser/functions/contain.rb +26 -0
- data/lib/puppet/parser/functions/create_resources.rb +5 -0
- data/lib/puppet/parser/functions/extlookup.rb +2 -2
- data/lib/puppet/parser/functions/file.rb +1 -1
- data/lib/puppet/parser/functions/{reject.rb → filter.rb} +13 -12
- data/lib/puppet/parser/functions/fqdn_rand.rb +13 -5
- data/lib/puppet/parser/functions/include.rb +18 -1
- data/lib/puppet/parser/functions/map.rb +44 -0
- data/lib/puppet/parser/functions/select.rb +6 -38
- data/lib/puppet/parser/lexer.rb +1 -1
- data/lib/puppet/parser/parser_support.rb +1 -1
- data/lib/puppet/parser/resource.rb +6 -45
- data/lib/puppet/parser/scope.rb +33 -2
- data/lib/puppet/parser/type_loader.rb +4 -60
- data/lib/puppet/pops/binder/bindings_loader.rb +1 -1
- data/lib/puppet/pops/binder/config/binder_config.rb +3 -3
- data/lib/puppet/pops/binder/hiera2/bindings_provider.rb +1 -1
- data/lib/puppet/pops/binder/scheme_handler/confdir_hiera_scheme.rb +1 -1
- data/lib/puppet/pops/binder/scheme_handler/module_hiera_scheme.rb +2 -2
- data/lib/puppet/pops/issues.rb +4 -0
- data/lib/puppet/pops/model/ast_transformer.rb +4 -1
- data/lib/puppet/pops/model/model_label_provider.rb +1 -1
- data/lib/puppet/pops/parser/egrammar.ra +5 -24
- data/lib/puppet/pops/parser/eparser.rb +859 -902
- data/lib/puppet/pops/parser/lexer.rb +48 -30
- data/lib/puppet/pops/parser/parser_support.rb +1 -1
- data/lib/puppet/pops/patterns.rb +4 -4
- data/lib/puppet/pops/utils.rb +1 -1
- data/lib/puppet/pops/validation/checker3_1.rb +25 -20
- data/lib/puppet/provider.rb +23 -6
- data/lib/puppet/provider/aixobject.rb +0 -0
- data/lib/puppet/provider/augeas/augeas.rb +21 -5
- data/lib/puppet/provider/confine.rb +5 -79
- data/lib/puppet/provider/cron/crontab.rb +0 -0
- data/lib/puppet/provider/exec.rb +9 -7
- data/lib/puppet/provider/exec/posix.rb +10 -1
- data/lib/puppet/provider/exec/windows.rb +1 -1
- data/lib/puppet/provider/file/posix.rb +1 -0
- data/lib/puppet/provider/file/windows.rb +16 -5
- data/lib/puppet/provider/group/aix.rb +0 -0
- data/lib/puppet/provider/group/windows_adsi.rb +33 -1
- data/lib/puppet/provider/macauthorization/macauthorization.rb +1 -1
- data/lib/puppet/provider/mailalias/aliases.rb +0 -0
- data/lib/puppet/provider/maillist/mailman.rb +0 -0
- data/lib/puppet/provider/mount/parsed.rb +0 -0
- data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
- data/lib/puppet/provider/package/appdmg.rb +1 -1
- data/lib/puppet/provider/package/apple.rb +1 -1
- data/lib/puppet/provider/package/apt.rb +1 -1
- data/lib/puppet/provider/package/aptitude.rb +0 -0
- data/lib/puppet/provider/package/blastwave.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +1 -1
- data/lib/puppet/provider/package/fink.rb +1 -1
- data/lib/puppet/provider/package/freebsd.rb +0 -0
- data/lib/puppet/provider/package/gem.rb +0 -0
- data/lib/puppet/provider/package/macports.rb +0 -0
- data/lib/puppet/provider/package/msi.rb +4 -10
- data/lib/puppet/provider/package/nim.rb +8 -8
- data/lib/puppet/provider/package/openbsd.rb +1 -1
- data/lib/puppet/provider/package/opkg.rb +0 -0
- data/lib/puppet/provider/package/pacman.rb +2 -2
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgutil.rb +1 -1
- data/lib/puppet/provider/package/ports.rb +0 -0
- data/lib/puppet/provider/package/rpm.rb +39 -3
- data/lib/puppet/provider/package/sun.rb +3 -3
- data/lib/puppet/provider/package/sunfreeware.rb +0 -0
- data/lib/puppet/provider/package/windows.rb +12 -19
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +2 -2
- data/lib/puppet/provider/parsedfile.rb +0 -0
- data/lib/puppet/provider/port/parsed.rb +0 -0
- data/lib/puppet/provider/service/base.rb +0 -0
- data/lib/puppet/provider/service/bsd.rb +3 -3
- data/lib/puppet/provider/service/daemontools.rb +8 -8
- data/lib/puppet/provider/service/debian.rb +0 -0
- data/lib/puppet/provider/service/freebsd.rb +3 -3
- data/lib/puppet/provider/service/init.rb +5 -4
- data/lib/puppet/provider/service/launchd.rb +35 -24
- data/lib/puppet/provider/service/openbsd.rb +23 -0
- data/lib/puppet/provider/service/redhat.rb +0 -0
- data/lib/puppet/provider/service/runit.rb +3 -3
- data/lib/puppet/provider/service/smf.rb +0 -0
- data/lib/puppet/provider/service/src.rb +0 -0
- data/lib/puppet/provider/service/systemd.rb +0 -0
- data/lib/puppet/provider/service/upstart.rb +3 -3
- data/lib/puppet/provider/ssh_authorized_key/parsed.rb +2 -2
- data/lib/puppet/provider/sshkey/parsed.rb +0 -0
- data/lib/puppet/provider/user/aix.rb +0 -0
- data/lib/puppet/provider/user/directoryservice.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +1 -1
- data/lib/puppet/provider/zone/solaris.rb +1 -1
- data/lib/puppet/rails/benchmark.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -2
- data/lib/puppet/reference/indirection.rb +12 -14
- data/lib/puppet/relationship.rb +7 -4
- data/lib/puppet/reports.rb +2 -2
- data/lib/puppet/reports/rrdgraph.rb +1 -1
- data/lib/puppet/reports/store.rb +3 -3
- data/lib/puppet/reports/tagmail.rb +2 -2
- data/lib/puppet/resource.rb +66 -8
- data/lib/puppet/resource/catalog.rb +18 -25
- data/lib/puppet/resource/status.rb +10 -4
- data/lib/puppet/run.rb +6 -2
- data/lib/puppet/settings.rb +39 -119
- data/lib/puppet/settings/base_setting.rb +8 -9
- data/lib/puppet/settings/directory_setting.rb +8 -0
- data/lib/puppet/settings/file_setting.rb +35 -1
- data/lib/puppet/settings/priority_setting.rb +42 -0
- data/lib/puppet/ssl.rb +4 -0
- data/lib/puppet/ssl/certificate.rb +18 -0
- data/lib/puppet/ssl/certificate_authority.rb +101 -72
- data/lib/puppet/ssl/certificate_authority/autosign_command.rb +44 -0
- data/lib/puppet/ssl/certificate_authority/interface.rb +21 -17
- data/lib/puppet/ssl/certificate_factory.rb +38 -12
- data/lib/puppet/ssl/certificate_request.rb +201 -47
- data/lib/puppet/ssl/certificate_request_attributes.rb +34 -0
- data/lib/puppet/ssl/certificate_revocation_list.rb +2 -2
- data/lib/puppet/ssl/host.rb +21 -10
- data/lib/puppet/ssl/inventory.rb +6 -10
- data/lib/puppet/ssl/key.rb +1 -1
- data/lib/puppet/ssl/oids.rb +78 -0
- data/lib/puppet/ssl/validator.rb +41 -97
- data/lib/puppet/ssl/validator/default_validator.rb +153 -0
- data/lib/puppet/ssl/validator/no_validator.rb +17 -0
- data/lib/puppet/status.rb +4 -0
- data/lib/puppet/test/test_helper.rb +5 -0
- data/lib/puppet/transaction.rb +13 -0
- data/lib/puppet/transaction/event.rb +8 -3
- data/lib/puppet/transaction/report.rb +6 -2
- data/lib/puppet/transaction/resource_harness.rb +173 -115
- data/lib/puppet/type.rb +30 -13
- data/lib/puppet/type/augeas.rb +12 -46
- data/lib/puppet/type/component.rb +1 -7
- data/lib/puppet/type/cron.rb +0 -0
- data/lib/puppet/type/exec.rb +13 -1
- data/lib/puppet/type/file.rb +19 -10
- data/lib/puppet/type/file/checksum.rb +0 -0
- data/lib/puppet/type/file/content.rb +3 -0
- data/lib/puppet/type/file/ensure.rb +33 -15
- data/lib/puppet/type/file/group.rb +0 -0
- data/lib/puppet/type/file/mode.rb +6 -2
- data/lib/puppet/type/file/owner.rb +0 -0
- data/lib/puppet/type/file/source.rb +65 -14
- data/lib/puppet/type/file/target.rb +6 -6
- data/lib/puppet/type/file/type.rb +0 -0
- data/lib/puppet/type/filebucket.rb +0 -0
- data/lib/puppet/type/group.rb +18 -0
- data/lib/puppet/type/host.rb +0 -0
- data/lib/puppet/type/k5login.rb +4 -4
- data/lib/puppet/type/mailalias.rb +0 -0
- data/lib/puppet/type/maillist.rb +0 -0
- data/lib/puppet/type/mount.rb +15 -1
- data/lib/puppet/type/package.rb +7 -1
- data/lib/puppet/type/port.rb +0 -0
- data/lib/puppet/type/schedule.rb +9 -4
- data/lib/puppet/type/service.rb +1 -1
- data/lib/puppet/type/sshkey.rb +0 -0
- data/lib/puppet/type/tidy.rb +1 -1
- data/lib/puppet/type/user.rb +3 -0
- data/lib/puppet/type/yumrepo.rb +8 -6
- data/lib/puppet/type/zpool.rb +0 -0
- data/lib/puppet/util.rb +4 -31
- data/lib/puppet/util/adsi.rb +73 -17
- data/lib/puppet/util/autoload.rb +3 -3
- data/lib/puppet/util/backups.rb +4 -4
- data/lib/puppet/util/cacher.rb +7 -13
- data/lib/puppet/util/checksums.rb +2 -2
- data/lib/puppet/util/classgen.rb +3 -1
- data/lib/puppet/util/colors.rb +1 -0
- data/lib/puppet/util/command_line.rb +5 -0
- data/lib/puppet/util/docs.rb +33 -27
- data/lib/puppet/util/execution.rb +42 -18
- data/lib/puppet/util/filetype.rb +3 -3
- data/lib/puppet/util/instance_loader.rb +2 -2
- data/lib/puppet/util/instrumentation.rb +23 -42
- data/lib/puppet/util/instrumentation/data.rb +11 -4
- data/lib/puppet/util/instrumentation/indirection_probe.rb +11 -4
- data/lib/puppet/util/instrumentation/instrumentable.rb +7 -14
- data/lib/puppet/util/instrumentation/listener.rb +15 -8
- data/lib/puppet/util/instrumentation/listeners/log.rb +4 -10
- data/lib/puppet/util/instrumentation/listeners/performance.rb +8 -14
- data/lib/puppet/util/limits.rb +12 -0
- data/lib/puppet/util/lockfile.rb +2 -2
- data/lib/puppet/util/log.rb +14 -6
- data/lib/puppet/util/log/destinations.rb +23 -1
- data/lib/puppet/util/metric.rb +9 -3
- data/lib/puppet/util/monkey_patches.rb +7 -2
- data/lib/puppet/util/network_device/config.rb +1 -1
- data/lib/puppet/util/plugins.rb +1 -1
- data/lib/puppet/util/posix.rb +0 -0
- data/lib/puppet/util/profiler.rb +7 -2
- data/lib/puppet/util/provider_features.rb +2 -2
- data/lib/puppet/util/rdoc.rb +28 -30
- data/lib/puppet/util/rdoc/code_objects.rb +75 -25
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +1 -1
- data/lib/puppet/util/rdoc/parser.rb +12 -487
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +477 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc1.rb +19 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +14 -0
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +1 -1
- data/lib/puppet/util/storage.rb +2 -2
- data/lib/puppet/util/suidmanager.rb +1 -1
- data/lib/puppet/util/tag_set.rb +29 -0
- data/lib/puppet/util/tagging.rb +8 -24
- data/lib/puppet/util/watched_file.rb +1 -1
- data/lib/puppet/util/watcher.rb +1 -1
- data/lib/puppet/util/windows.rb +3 -0
- data/lib/puppet/util/windows/access_control_entry.rb +84 -0
- data/lib/puppet/util/windows/access_control_list.rb +106 -0
- data/lib/puppet/util/windows/file.rb +213 -0
- data/lib/puppet/util/windows/process.rb +199 -0
- data/lib/puppet/util/windows/root_certs.rb +52 -37
- data/lib/puppet/util/windows/security.rb +270 -245
- data/lib/puppet/util/windows/security_descriptor.rb +62 -0
- data/lib/puppet/util/windows/sid.rb +26 -4
- data/lib/puppet/version.rb +2 -2
- data/spec/fixtures/releases/jamtur01-apache/lib/puppet/provider/a2mod/debian.rb +1 -1
- data/spec/fixtures/unit/indirector/{hiera → data_binding/hiera}/global.yaml +0 -0
- data/spec/fixtures/unit/indirector/data_binding/hiera/invalid.yaml +1 -0
- data/spec/fixtures/unit/module/trailing-comma.json +24 -0
- data/spec/fixtures/unit/util/monkey_patches/x509.pem +32 -0
- data/spec/integration/application/apply_spec.rb +1 -1
- data/spec/integration/application/doc_spec.rb +1 -1
- data/spec/integration/configurer_spec.rb +4 -2
- data/spec/integration/data_binding.rb +100 -0
- data/spec/integration/indirector/catalog/compiler_spec.rb +16 -13
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -5
- data/spec/integration/indirector/file_content/file_server_spec.rb +2 -2
- data/spec/integration/node/facts_spec.rb +1 -1
- data/spec/integration/node_spec.rb +1 -1
- data/spec/integration/parser/compiler_spec.rb +90 -0
- data/spec/integration/parser/parser_spec.rb +2 -2
- data/spec/integration/provider/cron/crontab_spec.rb +3 -5
- data/spec/integration/resource/catalog_spec.rb +1 -1
- data/spec/integration/ssl/autosign_spec.rb +90 -0
- data/spec/integration/ssl/certificate_authority_spec.rb +62 -69
- data/spec/integration/ssl/certificate_revocation_list_spec.rb +1 -1
- data/spec/integration/ssl/host_spec.rb +1 -1
- data/spec/integration/transaction_spec.rb +13 -13
- data/spec/integration/type/exec_spec.rb +2 -2
- data/spec/integration/type/file_spec.rb +287 -45
- data/spec/integration/type/tidy_spec.rb +3 -3
- data/spec/integration/util/rdoc/parser_spec.rb +236 -35
- data/spec/integration/util/settings_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +22 -0
- data/spec/integration/util/windows/security_spec.rb +316 -106
- data/spec/lib/matchers/containment_matchers.rb +52 -0
- data/spec/lib/puppet_spec/compiler.rb +6 -0
- data/spec/lib/puppet_spec/files.rb +20 -21
- data/spec/shared_behaviours/documentation_on_faces.rb +3 -3
- data/spec/shared_behaviours/file_server_terminus.rb +2 -2
- data/spec/shared_contexts/platform.rb +1 -0
- data/spec/spec_helper.rb +13 -1
- data/spec/unit/agent_spec.rb +0 -12
- data/spec/unit/application/agent_spec.rb +4 -4
- data/spec/unit/application/apply_spec.rb +18 -2
- data/spec/unit/application/cert_spec.rb +8 -6
- data/spec/unit/application/device_spec.rb +1 -1
- data/spec/unit/application/filebucket_spec.rb +1 -1
- data/spec/unit/application/inspect_spec.rb +1 -1
- data/spec/unit/application_spec.rb +24 -0
- data/spec/unit/configurer/downloader_spec.rb +8 -7
- data/spec/unit/configurer/fact_handler_spec.rb +23 -0
- data/spec/unit/configurer/plugin_handler_spec.rb +7 -2
- data/spec/unit/configurer_spec.rb +15 -5
- data/spec/unit/{provider/confine → confine}/exists_spec.rb +12 -12
- data/spec/unit/{provider/confine → confine}/false_spec.rb +9 -9
- data/spec/unit/{provider/confine → confine}/feature_spec.rb +10 -10
- data/spec/unit/{provider/confine → confine}/true_spec.rb +7 -7
- data/spec/unit/{provider/confine → confine}/variable_spec.rb +16 -16
- data/spec/unit/{provider/confine_collection_spec.rb → confine_collection_spec.rb} +30 -30
- data/spec/unit/{provider/confine_spec.rb → confine_spec.rb} +11 -11
- data/spec/unit/{provider/confiner_spec.rb → confiner_spec.rb} +4 -4
- data/spec/unit/face/parser_spec.rb +54 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/base_spec.rb +32 -9
- data/spec/unit/file_serving/configuration_spec.rb +7 -7
- data/spec/unit/file_serving/content_spec.rb +12 -7
- data/spec/unit/file_serving/fileset_spec.rb +57 -27
- data/spec/unit/file_serving/metadata_spec.rb +74 -12
- data/spec/unit/file_serving/mount/file_spec.rb +10 -10
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +73 -0
- data/spec/unit/file_system/file_spec.rb +486 -0
- data/spec/unit/file_system/tempfile_spec.rb +48 -0
- data/spec/unit/graph/relationship_graph_spec.rb +0 -6
- data/spec/unit/hiera_puppet_spec.rb +2 -2
- data/spec/unit/indirector/catalog/compiler_spec.rb +15 -19
- data/spec/unit/indirector/certificate_status/file_spec.rb +30 -40
- data/spec/unit/indirector/data_binding/hiera_spec.rb +95 -2
- data/spec/unit/indirector/direct_file_server_spec.rb +6 -6
- data/spec/unit/indirector/facts/facter_spec.rb +33 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +61 -52
- data/spec/unit/indirector/file_metadata/file_spec.rb +2 -2
- data/spec/unit/indirector/file_server_spec.rb +4 -4
- data/spec/unit/indirector/json_spec.rb +4 -4
- data/spec/unit/indirector/key/file_spec.rb +13 -14
- data/spec/unit/indirector/resource/ral_spec.rb +7 -0
- data/spec/unit/indirector/resource/store_configs_spec.rb +11 -0
- data/spec/unit/indirector/rest_spec.rb +7 -3
- data/spec/unit/indirector/ssl_file_spec.rb +14 -17
- data/spec/unit/indirector/yaml_spec.rb +4 -4
- data/spec/unit/module_spec.rb +43 -15
- data/spec/unit/module_tool/tar/gnu_spec.rb +2 -2
- data/spec/unit/module_tool/tar/solaris_spec.rb +2 -2
- data/spec/unit/module_tool/tar_spec.rb +45 -0
- data/spec/unit/network/authconfig_spec.rb +2 -1
- data/spec/unit/network/authentication_spec.rb +2 -2
- data/spec/unit/network/format_handler_spec.rb +2 -2
- data/spec/unit/network/formats_spec.rb +24 -0
- data/spec/unit/network/http/connection_spec.rb +76 -199
- data/spec/unit/network/http/handler_spec.rb +33 -34
- data/spec/unit/network/http_pool_spec.rb +8 -5
- data/spec/unit/node/environment_spec.rb +76 -90
- data/spec/unit/node/facts_spec.rb +20 -3
- data/spec/unit/node_spec.rb +43 -0
- data/spec/unit/parameter/boolean_spec.rb +22 -12
- data/spec/unit/parser/ast/resourceparam_spec.rb +51 -0
- data/spec/unit/parser/compiler_spec.rb +103 -35
- data/spec/unit/parser/eparser_adapter_spec.rb +12 -12
- data/spec/unit/parser/files_spec.rb +11 -11
- data/spec/unit/parser/functions/contain_spec.rb +185 -0
- data/spec/unit/parser/functions/create_resources_spec.rb +13 -5
- data/spec/unit/parser/functions/generate_spec.rb +1 -1
- data/spec/unit/parser/functions_spec.rb +2 -2
- data/spec/unit/parser/lexer_spec.rb +1 -1
- data/spec/unit/parser/methods/each_spec.rb +1 -1
- data/spec/unit/parser/methods/{select_spec.rb → filter_spec.rb} +11 -11
- data/spec/unit/parser/methods/map_spec.rb +95 -0
- data/spec/unit/parser/methods/reduce_spec.rb +12 -11
- data/spec/unit/parser/methods/shared.rb +5 -5
- data/spec/unit/parser/methods/slice_spec.rb +13 -13
- data/spec/unit/parser/parser_spec.rb +1 -1
- data/spec/unit/parser/resource/param_spec.rb +44 -0
- data/spec/unit/parser/resource_spec.rb +16 -15
- data/spec/unit/pops/model/ast_transformer_spec.rb +18 -4
- data/spec/unit/pops/parser/lexer_spec.rb +22 -5
- data/spec/unit/pops/parser/parse_calls_spec.rb +5 -5
- data/spec/unit/pops/transformer/transform_calls_spec.rb +6 -6
- data/spec/unit/pops/transformer/transform_containers_spec.rb +2 -2
- data/spec/unit/pops/validator/validator_spec.rb +31 -0
- data/spec/unit/provider/augeas/augeas_spec.rb +57 -2
- data/spec/unit/provider/exec/posix_spec.rb +8 -3
- data/spec/unit/provider/file/posix_spec.rb +2 -2
- data/spec/unit/provider/group/windows_adsi_spec.rb +70 -3
- data/spec/unit/provider/nameservice/directoryservice_spec.rb +3 -3
- data/spec/unit/provider/package/apt_spec.rb +1 -1
- data/spec/unit/provider/package/msi_spec.rb +15 -42
- data/spec/unit/provider/package/openbsd_spec.rb +3 -3
- data/spec/unit/provider/package/rpm_spec.rb +56 -13
- data/spec/unit/provider/package/windows_spec.rb +15 -19
- data/spec/unit/provider/service/base_spec.rb +1 -1
- data/spec/unit/provider/service/daemontools_spec.rb +18 -8
- data/spec/unit/provider/service/freebsd_spec.rb +3 -3
- data/spec/unit/provider/service/gentoo_spec.rb +5 -2
- data/spec/unit/provider/service/init_spec.rb +17 -17
- data/spec/unit/provider/service/launchd_spec.rb +76 -23
- data/spec/unit/provider/service/openbsd_spec.rb +125 -0
- data/spec/unit/provider/service/openwrt_spec.rb +1 -1
- data/spec/unit/provider/service/runit_spec.rb +12 -5
- data/spec/unit/provider/service/upstart_spec.rb +4 -4
- data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +5 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +4 -4
- data/spec/unit/provider/zone/solaris_spec.rb +1 -1
- data/spec/unit/provider_spec.rb +2 -2
- data/spec/unit/reports/http_spec.rb +19 -34
- data/spec/unit/reports/store_spec.rb +2 -2
- data/spec/unit/resource/catalog_spec.rb +81 -11
- data/spec/unit/resource/status_spec.rb +11 -1
- data/spec/unit/resource/type_spec.rb +30 -1
- data/spec/unit/resource_spec.rb +40 -4
- data/spec/unit/settings/file_setting_spec.rb +2 -2
- data/spec/unit/settings/path_setting_spec.rb +2 -2
- data/spec/unit/settings/priority_setting_spec.rb +66 -0
- data/spec/unit/settings_spec.rb +16 -31
- data/spec/unit/ssl/certificate_authority/autosign_command_spec.rb +30 -0
- data/spec/unit/ssl/certificate_authority_spec.rb +129 -134
- data/spec/unit/ssl/certificate_factory_spec.rb +18 -0
- data/spec/unit/ssl/certificate_request_attributes_spec.rb +61 -0
- data/spec/unit/ssl/certificate_request_spec.rb +103 -0
- data/spec/unit/ssl/certificate_spec.rb +31 -18
- data/spec/unit/ssl/host_spec.rb +34 -8
- data/spec/unit/ssl/inventory_spec.rb +27 -62
- data/spec/unit/ssl/key_spec.rb +4 -4
- data/spec/unit/ssl/oids_spec.rb +48 -0
- data/spec/unit/ssl/validator_spec.rb +49 -6
- data/spec/unit/status_spec.rb +9 -0
- data/spec/unit/transaction/event_spec.rb +1 -9
- data/spec/unit/transaction/report_spec.rb +20 -1
- data/spec/unit/transaction/resource_harness_spec.rb +60 -210
- data/spec/unit/transaction_spec.rb +54 -8
- data/spec/unit/type/component_spec.rb +2 -2
- data/spec/unit/type/exec_spec.rb +14 -7
- data/spec/unit/type/file/content_spec.rb +13 -2
- data/spec/unit/type/file/ctime_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +48 -2
- data/spec/unit/type/file/mtime_spec.rb +1 -1
- data/spec/unit/type/file/source_spec.rb +177 -7
- data/spec/unit/type/file_spec.rb +63 -71
- data/spec/unit/type/group_spec.rb +20 -0
- data/spec/unit/type/k5login_spec.rb +3 -3
- data/spec/unit/type/mount_spec.rb +53 -0
- data/spec/unit/type/nagios_spec.rb +216 -0
- data/spec/unit/type/package_spec.rb +7 -1
- data/spec/unit/type/schedule_spec.rb +6 -0
- data/spec/unit/type/service_spec.rb +3 -3
- data/spec/unit/type/tidy_spec.rb +14 -14
- data/spec/unit/type/user_spec.rb +9 -0
- data/spec/unit/type_spec.rb +86 -4
- data/spec/unit/util/adsi_spec.rb +120 -12
- data/spec/unit/util/autoload_spec.rb +14 -14
- data/spec/unit/util/backups_spec.rb +29 -21
- data/spec/unit/util/checksums_spec.rb +2 -1
- data/spec/unit/util/command_line_spec.rb +41 -0
- data/spec/unit/util/docs_spec.rb +91 -0
- data/spec/unit/util/execution_spec.rb +26 -2
- data/spec/unit/util/filetype_spec.rb +7 -7
- data/spec/unit/util/lockfile_spec.rb +2 -2
- data/spec/unit/util/log/destinations_spec.rb +32 -0
- data/spec/unit/util/monkey_patches_spec.rb +41 -0
- data/spec/unit/util/pidlock_spec.rb +6 -6
- data/spec/unit/util/rdoc/parser_spec.rb +15 -13
- data/spec/unit/util/rdoc_spec.rb +18 -24
- data/spec/unit/util/resource_template_spec.rb +3 -3
- data/spec/unit/util/selinux_spec.rb +4 -2
- data/spec/unit/util/storage_spec.rb +4 -4
- data/spec/unit/util/suidmanager_spec.rb +7 -0
- data/spec/unit/util/tag_set_spec.rb +46 -0
- data/spec/unit/util/tagging_spec.rb +82 -45
- data/spec/unit/util/watcher_spec.rb +4 -1
- data/spec/unit/util/windows/access_control_entry_spec.rb +67 -0
- data/spec/unit/util/windows/access_control_list_spec.rb +133 -0
- data/spec/unit/util/windows/root_certs_spec.rb +10 -8
- data/spec/unit/util/windows/security_descriptor_spec.rb +117 -0
- data/spec/unit/util/windows/sid_spec.rb +69 -0
- data/spec/unit/util_spec.rb +7 -7
- data/tasks/ci.rake +17 -36
- metadata +2811 -2746
- checksums.yaml +0 -7
- data/examples/mac_automount.pp +0 -16
- data/examples/mcx_dock_absent.pp +0 -4
- data/examples/mcx_dock_default.pp +0 -118
- data/examples/mcx_dock_full.pp +0 -125
- data/examples/mcx_dock_invalid.pp +0 -9
- data/examples/mcx_nogroup.pp +0 -118
- data/examples/mcx_notexists_absent.pp +0 -4
- data/ext/rack/README +0 -58
- data/ext/rack/manifest.pp +0 -59
- data/lib/puppet/external/lock.rb +0 -63
- data/lib/puppet/indirector/hiera.rb +0 -39
- data/lib/puppet/parser/functions/foreach.rb +0 -95
- data/spec/integration/network/server/webrick_spec.rb +0 -76
- data/spec/integration/parser/functions_spec.rb +0 -16
- data/spec/unit/indirector/hiera_spec.rb +0 -154
- data/spec/unit/parser/methods/collect_spec.rb +0 -153
- data/spec/unit/parser/methods/foreach_spec.rb +0 -91
- data/spec/unit/parser/methods/reject_spec.rb +0 -73
- data/spec/unit/resource/resource_type.json +0 -34
@@ -3,92 +3,129 @@ require 'spec_helper'
|
|
3
3
|
|
4
4
|
require 'puppet/util/tagging'
|
5
5
|
|
6
|
-
describe Puppet::Util::Tagging
|
7
|
-
|
8
|
-
@tagger = Object.new
|
9
|
-
@tagger.extend(Puppet::Util::Tagging)
|
10
|
-
end
|
11
|
-
|
12
|
-
it "should have a method for adding tags" do
|
13
|
-
@tagger.should be_respond_to(:tag)
|
14
|
-
end
|
15
|
-
|
16
|
-
it "should have a method for returning all tags" do
|
17
|
-
@tagger.should be_respond_to(:tags)
|
18
|
-
end
|
6
|
+
describe Puppet::Util::Tagging do
|
7
|
+
let(:tagger) { Object.new.extend(Puppet::Util::Tagging) }
|
19
8
|
|
20
9
|
it "should add tags to the returned tag list" do
|
21
|
-
|
22
|
-
|
23
|
-
end
|
24
|
-
|
25
|
-
it "should not add duplicate tags to the returned tag list" do
|
26
|
-
@tagger.tag("one")
|
27
|
-
@tagger.tag("one")
|
28
|
-
@tagger.tags.should == ["one"]
|
10
|
+
tagger.tag("one")
|
11
|
+
expect(tagger.tags).to include("one")
|
29
12
|
end
|
30
13
|
|
31
14
|
it "should return a duplicate of the tag list, rather than the original" do
|
32
|
-
|
33
|
-
tags =
|
15
|
+
tagger.tag("one")
|
16
|
+
tags = tagger.tags
|
34
17
|
tags << "two"
|
35
|
-
|
18
|
+
expect(tagger.tags).to_not include("two")
|
36
19
|
end
|
37
20
|
|
38
21
|
it "should add all provided tags to the tag list" do
|
39
|
-
|
40
|
-
|
41
|
-
|
22
|
+
tagger.tag("one", "two")
|
23
|
+
expect(tagger.tags).to include("one")
|
24
|
+
expect(tagger.tags).to include("two")
|
42
25
|
end
|
43
26
|
|
44
27
|
it "should fail on tags containing '*' characters" do
|
45
|
-
expect {
|
28
|
+
expect { tagger.tag("bad*tag") }.to raise_error(Puppet::ParseError)
|
46
29
|
end
|
47
30
|
|
48
31
|
it "should fail on tags starting with '-' characters" do
|
49
|
-
expect {
|
32
|
+
expect { tagger.tag("-badtag") }.to raise_error(Puppet::ParseError)
|
50
33
|
end
|
51
34
|
|
52
35
|
it "should fail on tags containing ' ' characters" do
|
53
|
-
expect {
|
36
|
+
expect { tagger.tag("bad tag") }.to raise_error(Puppet::ParseError)
|
54
37
|
end
|
55
38
|
|
56
39
|
it "should allow alpha tags" do
|
57
|
-
expect {
|
40
|
+
expect { tagger.tag("good_tag") }.not_to raise_error
|
58
41
|
end
|
59
42
|
|
60
43
|
it "should allow tags containing '.' characters" do
|
61
|
-
expect {
|
44
|
+
expect { tagger.tag("good.tag") }.to_not raise_error(Puppet::ParseError)
|
62
45
|
end
|
63
46
|
|
64
47
|
it "should add qualified classes as tags" do
|
65
|
-
|
66
|
-
|
48
|
+
tagger.tag("one::two")
|
49
|
+
expect(tagger.tags).to include("one::two")
|
67
50
|
end
|
68
51
|
|
69
52
|
it "should add each part of qualified classes as tags" do
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
53
|
+
tagger.tag("one::two::three")
|
54
|
+
expect(tagger.tags).to include('one')
|
55
|
+
expect(tagger.tags).to include("two")
|
56
|
+
expect(tagger.tags).to include("three")
|
74
57
|
end
|
75
58
|
|
76
59
|
it "should indicate when the object is tagged with a provided tag" do
|
77
|
-
|
78
|
-
|
60
|
+
tagger.tag("one")
|
61
|
+
expect(tagger).to be_tagged("one")
|
79
62
|
end
|
80
63
|
|
81
64
|
it "should indicate when the object is not tagged with a provided tag" do
|
82
|
-
|
65
|
+
expect(tagger).to_not be_tagged("one")
|
83
66
|
end
|
84
67
|
|
85
68
|
it "should indicate when the object is tagged with any tag in an array" do
|
86
|
-
|
87
|
-
|
69
|
+
tagger.tag("one")
|
70
|
+
expect(tagger).to be_tagged("one","two","three")
|
88
71
|
end
|
89
72
|
|
90
73
|
it "should indicate when the object is not tagged with any tag in an array" do
|
91
|
-
|
92
|
-
|
74
|
+
tagger.tag("one")
|
75
|
+
expect(tagger).to_not be_tagged("two","three")
|
76
|
+
end
|
77
|
+
|
78
|
+
context "when tagging" do
|
79
|
+
it "converts symbols to strings" do
|
80
|
+
tagger.tag(:hello)
|
81
|
+
expect(tagger.tags).to include('hello')
|
82
|
+
end
|
83
|
+
|
84
|
+
it "downcases tags" do
|
85
|
+
tagger.tag(:HEllO)
|
86
|
+
tagger.tag("GooDByE")
|
87
|
+
expect(tagger).to be_tagged("hello")
|
88
|
+
expect(tagger).to be_tagged("goodbye")
|
89
|
+
end
|
90
|
+
|
91
|
+
it "accepts hyphenated tags" do
|
92
|
+
tagger.tag("my-tag")
|
93
|
+
expect(tagger).to be_tagged("my-tag")
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
context "when querying if tagged" do
|
98
|
+
it "responds true if queried on the entire set" do
|
99
|
+
tagger.tag("one", "two")
|
100
|
+
expect(tagger).to be_tagged("one", "two")
|
101
|
+
end
|
102
|
+
|
103
|
+
it "responds true if queried on a subset" do
|
104
|
+
tagger.tag("one", "two", "three")
|
105
|
+
expect(tagger).to be_tagged("two", "one")
|
106
|
+
end
|
107
|
+
|
108
|
+
it "responds true if queried on an overlapping but not fully contained set" do
|
109
|
+
tagger.tag("one", "two")
|
110
|
+
expect(tagger).to be_tagged("zero", "one")
|
111
|
+
end
|
112
|
+
|
113
|
+
it "responds false if queried on a disjoint set" do
|
114
|
+
tagger.tag("one", "two", "three")
|
115
|
+
expect(tagger).to_not be_tagged("five")
|
116
|
+
end
|
117
|
+
|
118
|
+
it "responds false if queried on the empty set" do
|
119
|
+
expect(tagger).to_not be_tagged
|
120
|
+
end
|
121
|
+
end
|
122
|
+
|
123
|
+
context "when assigning tags" do
|
124
|
+
it "splits a string on ','" do
|
125
|
+
tagger.tags = "one, two, three"
|
126
|
+
expect(tagger).to be_tagged("one")
|
127
|
+
expect(tagger).to be_tagged("two")
|
128
|
+
expect(tagger).to be_tagged("three")
|
129
|
+
end
|
93
130
|
end
|
94
131
|
end
|
@@ -14,7 +14,10 @@ describe Puppet::Util::Watcher do
|
|
14
14
|
let(:filename) { "fake" }
|
15
15
|
|
16
16
|
def after_reading_the_sequence(initial, *results)
|
17
|
-
|
17
|
+
mock_file = mock(filename)
|
18
|
+
Puppet::FileSystem::File.expects(:new).with(filename).at_least(1).returns mock_file
|
19
|
+
|
20
|
+
expectation = mock_file.stubs(:stat)
|
18
21
|
([initial] + results).each do |result|
|
19
22
|
expectation = if result.is_a? Class
|
20
23
|
expectation.raises(result)
|
@@ -0,0 +1,67 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'spec_helper'
|
3
|
+
require 'puppet/util/windows'
|
4
|
+
|
5
|
+
describe "Puppet::Util::Windows::AccessControlEntry", :if => Puppet.features.microsoft_windows? do
|
6
|
+
let(:klass) { Puppet::Util::Windows::AccessControlEntry }
|
7
|
+
let(:sid) { 'S-1-5-18' }
|
8
|
+
let(:mask) { Windows::File::FILE_ALL_ACCESS }
|
9
|
+
|
10
|
+
it "creates an access allowed ace" do
|
11
|
+
ace = klass.new(sid, mask)
|
12
|
+
|
13
|
+
ace.type.should == klass::ACCESS_ALLOWED_ACE_TYPE
|
14
|
+
end
|
15
|
+
|
16
|
+
it "creates an access denied ace" do
|
17
|
+
ace = klass.new(sid, mask, 0, klass::ACCESS_DENIED_ACE_TYPE)
|
18
|
+
|
19
|
+
ace.type.should == klass::ACCESS_DENIED_ACE_TYPE
|
20
|
+
end
|
21
|
+
|
22
|
+
it "creates a non-inherited ace by default" do
|
23
|
+
ace = klass.new(sid, mask)
|
24
|
+
|
25
|
+
ace.should_not be_inherited
|
26
|
+
end
|
27
|
+
|
28
|
+
it "creates an inherited ace" do
|
29
|
+
ace = klass.new(sid, mask, klass::INHERITED_ACE)
|
30
|
+
|
31
|
+
ace.should be_inherited
|
32
|
+
end
|
33
|
+
|
34
|
+
it "creates a non-inherit-only ace by default" do
|
35
|
+
ace = klass.new(sid, mask)
|
36
|
+
|
37
|
+
ace.should_not be_inherit_only
|
38
|
+
end
|
39
|
+
|
40
|
+
it "creates an inherit-only ace" do
|
41
|
+
ace = klass.new(sid, mask, klass::INHERIT_ONLY_ACE)
|
42
|
+
|
43
|
+
ace.should be_inherit_only
|
44
|
+
end
|
45
|
+
|
46
|
+
context "when comparing aces" do
|
47
|
+
let(:ace1) { klass.new(sid, mask, klass::INHERIT_ONLY_ACE, klass::ACCESS_DENIED_ACE_TYPE) }
|
48
|
+
let(:ace2) { klass.new(sid, mask, klass::INHERIT_ONLY_ACE, klass::ACCESS_DENIED_ACE_TYPE) }
|
49
|
+
|
50
|
+
it "returns true if different objects have the same set of values" do
|
51
|
+
ace1.should == ace2
|
52
|
+
end
|
53
|
+
|
54
|
+
it "returns false if different objects have different sets of values" do
|
55
|
+
ace = klass.new(sid, mask)
|
56
|
+
ace.should_not == ace1
|
57
|
+
end
|
58
|
+
|
59
|
+
it "returns true when testing if two objects are eql?" do
|
60
|
+
ace1.eql?(ace2)
|
61
|
+
end
|
62
|
+
|
63
|
+
it "returns false when comparing object identity" do
|
64
|
+
ace1.should_not be_equal(ace2)
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,133 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'spec_helper'
|
3
|
+
require 'puppet/util/windows'
|
4
|
+
|
5
|
+
describe "Puppet::Util::Windows::AccessControlList", :if => Puppet.features.microsoft_windows? do
|
6
|
+
let(:klass) { Puppet::Util::Windows::AccessControlList }
|
7
|
+
let(:system_sid) { 'S-1-5-18' }
|
8
|
+
let(:admins_sid) { 'S-1-5-544' }
|
9
|
+
let(:none_sid) { 'S-1-0-0' }
|
10
|
+
|
11
|
+
let(:system_ace) do
|
12
|
+
Puppet::Util::Windows::AccessControlEntry.new(system_sid, 0x1)
|
13
|
+
end
|
14
|
+
let(:admins_ace) do
|
15
|
+
Puppet::Util::Windows::AccessControlEntry.new(admins_sid, 0x2)
|
16
|
+
end
|
17
|
+
let(:none_ace) do
|
18
|
+
Puppet::Util::Windows::AccessControlEntry.new(none_sid, 0x3)
|
19
|
+
end
|
20
|
+
|
21
|
+
it "constructs an empty list" do
|
22
|
+
acl = klass.new
|
23
|
+
|
24
|
+
acl.to_a.should be_empty
|
25
|
+
end
|
26
|
+
|
27
|
+
it "supports copy constructor" do
|
28
|
+
aces = klass.new([system_ace]).to_a
|
29
|
+
|
30
|
+
aces.to_a.should == [system_ace]
|
31
|
+
end
|
32
|
+
|
33
|
+
context "appending" do
|
34
|
+
it "appends an allow ace" do
|
35
|
+
acl = klass.new
|
36
|
+
acl.allow(system_sid, 0x1, 0x2)
|
37
|
+
|
38
|
+
acl.first.type.should == klass::ACCESS_ALLOWED_ACE_TYPE
|
39
|
+
end
|
40
|
+
|
41
|
+
it "appends a deny ace" do
|
42
|
+
acl = klass.new
|
43
|
+
acl.deny(system_sid, 0x1, 0x2)
|
44
|
+
|
45
|
+
acl.first.type.should == klass::ACCESS_DENIED_ACE_TYPE
|
46
|
+
end
|
47
|
+
|
48
|
+
it "always appends, never overwrites an ACE" do
|
49
|
+
acl = klass.new([system_ace])
|
50
|
+
acl.allow(admins_sid, admins_ace.mask, admins_ace.flags)
|
51
|
+
|
52
|
+
aces = acl.to_a
|
53
|
+
aces.size.should == 2
|
54
|
+
aces[0].should == system_ace
|
55
|
+
aces[1].sid.should == admins_sid
|
56
|
+
aces[1].mask.should == admins_ace.mask
|
57
|
+
aces[1].flags.should == admins_ace.flags
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
context "reassigning" do
|
62
|
+
it "preserves the mask from the old sid when reassigning to the new sid" do
|
63
|
+
dacl = klass.new([system_ace])
|
64
|
+
|
65
|
+
dacl.reassign!(system_ace.sid, admins_ace.sid)
|
66
|
+
# we removed system, so ignore prepended ace
|
67
|
+
ace = dacl.to_a[1]
|
68
|
+
ace.sid.should == admins_sid
|
69
|
+
ace.mask.should == system_ace.mask
|
70
|
+
end
|
71
|
+
|
72
|
+
it "matches multiple sids" do
|
73
|
+
dacl = klass.new([system_ace, system_ace])
|
74
|
+
|
75
|
+
dacl.reassign!(system_ace.sid, admins_ace.sid)
|
76
|
+
# we removed system, so ignore prepended ace
|
77
|
+
aces = dacl.to_a
|
78
|
+
aces.size.should == 3
|
79
|
+
aces.to_a[1,2].each do |ace|
|
80
|
+
ace.sid.should == admins_ace.sid
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
it "preserves aces for sids that don't match, in their original order" do
|
85
|
+
dacl = klass.new([system_ace, admins_ace])
|
86
|
+
|
87
|
+
dacl.reassign!(system_sid, none_sid)
|
88
|
+
aces = dacl.to_a
|
89
|
+
aces[1].sid == admins_ace.sid
|
90
|
+
end
|
91
|
+
|
92
|
+
it "preserves inherited aces, even if the sids match" do
|
93
|
+
flags = Puppet::Util::Windows::AccessControlEntry::INHERITED_ACE
|
94
|
+
inherited_ace = Puppet::Util::Windows::AccessControlEntry.new(system_sid, 0x1, flags)
|
95
|
+
dacl = klass.new([inherited_ace, system_ace])
|
96
|
+
dacl.reassign!(system_sid, none_sid)
|
97
|
+
aces = dacl.to_a
|
98
|
+
|
99
|
+
aces[0].sid.should == system_sid
|
100
|
+
end
|
101
|
+
|
102
|
+
it "prepends an explicit ace for the new sid with the same mask and basic inheritance as the inherited ace" do
|
103
|
+
expected_flags =
|
104
|
+
Puppet::Util::Windows::AccessControlEntry::OBJECT_INHERIT_ACE |
|
105
|
+
Puppet::Util::Windows::AccessControlEntry::CONTAINER_INHERIT_ACE |
|
106
|
+
Puppet::Util::Windows::AccessControlEntry::INHERIT_ONLY_ACE
|
107
|
+
|
108
|
+
flags = Puppet::Util::Windows::AccessControlEntry::INHERITED_ACE | expected_flags
|
109
|
+
|
110
|
+
inherited_ace = Puppet::Util::Windows::AccessControlEntry.new(system_sid, 0x1, flags)
|
111
|
+
dacl = klass.new([inherited_ace])
|
112
|
+
dacl.reassign!(system_sid, none_sid)
|
113
|
+
aces = dacl.to_a
|
114
|
+
|
115
|
+
aces.size.should == 2
|
116
|
+
aces[0].sid.should == none_sid
|
117
|
+
aces[0].should_not be_inherited
|
118
|
+
aces[0].flags.should == expected_flags
|
119
|
+
|
120
|
+
aces[1].sid.should == system_sid
|
121
|
+
aces[1].should be_inherited
|
122
|
+
end
|
123
|
+
|
124
|
+
it "makes a copy of the ace prior to modifying it" do
|
125
|
+
arr = [system_ace]
|
126
|
+
|
127
|
+
acl = klass.new(arr)
|
128
|
+
acl.reassign!(system_sid, none_sid)
|
129
|
+
|
130
|
+
arr[0].sid.should == system_sid
|
131
|
+
end
|
132
|
+
end
|
133
|
+
end
|
@@ -3,13 +3,15 @@ require 'spec_helper'
|
|
3
3
|
require 'puppet/util/windows'
|
4
4
|
|
5
5
|
describe "Puppet::Util::Windows::RootCerts", :if => Puppet::Util::Platform.windows? do
|
6
|
-
let(:
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
6
|
+
let(:x509_store) { Puppet::Util::Windows::RootCerts.instance.to_a }
|
7
|
+
|
8
|
+
it "should return at least one X509 certificate" do
|
9
|
+
expect(x509_store.to_a).to have_at_least(1).items
|
10
|
+
end
|
11
|
+
|
12
|
+
it "should return an X509 certificate with a subject" do
|
13
|
+
x509 = x509_store.first
|
14
|
+
|
15
|
+
expect(x509.subject.to_s).to match(/CN=.*/)
|
14
16
|
end
|
15
17
|
end
|
@@ -0,0 +1,117 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
require 'puppet/util/windows'
|
5
|
+
|
6
|
+
describe "Puppet::Util::Windows::SecurityDescriptor", :if => Puppet.features.microsoft_windows? do
|
7
|
+
let(:system_sid) { Win32::Security::SID::LocalSystem }
|
8
|
+
let(:admins_sid) { Win32::Security::SID::BuiltinAdministrators }
|
9
|
+
let(:group_sid) { Win32::Security::SID::Nobody }
|
10
|
+
let(:new_sid) { 'S-1-5-32-500-1-2-3' }
|
11
|
+
|
12
|
+
def empty_dacl
|
13
|
+
Puppet::Util::Windows::AccessControlList.new
|
14
|
+
end
|
15
|
+
|
16
|
+
def system_ace_dacl
|
17
|
+
dacl = Puppet::Util::Windows::AccessControlList.new
|
18
|
+
dacl.allow(system_sid, 0x1)
|
19
|
+
dacl
|
20
|
+
end
|
21
|
+
|
22
|
+
context "owner" do
|
23
|
+
it "changes the owner" do
|
24
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(system_sid, group_sid, system_ace_dacl)
|
25
|
+
sd.owner = new_sid
|
26
|
+
|
27
|
+
sd.owner.should == new_sid
|
28
|
+
end
|
29
|
+
|
30
|
+
it "performs a noop if the new owner is the same as the old one" do
|
31
|
+
dacl = system_ace_dacl
|
32
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(system_sid, group_sid, dacl)
|
33
|
+
sd.owner = sd.owner
|
34
|
+
|
35
|
+
sd.dacl.object_id.should == dacl.object_id
|
36
|
+
end
|
37
|
+
|
38
|
+
it "prepends SYSTEM when security descriptor owner is no longer SYSTEM" do
|
39
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(system_sid, group_sid, system_ace_dacl)
|
40
|
+
sd.owner = new_sid
|
41
|
+
|
42
|
+
aces = sd.dacl.to_a
|
43
|
+
aces.size.should == 2
|
44
|
+
aces[0].sid.should == system_sid
|
45
|
+
aces[1].sid.should == new_sid
|
46
|
+
end
|
47
|
+
|
48
|
+
it "does not prepend SYSTEM when DACL already contains inherited SYSTEM ace" do
|
49
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(admins_sid, system_sid, empty_dacl)
|
50
|
+
sd.dacl.allow(admins_sid, 0x1)
|
51
|
+
sd.dacl.allow(system_sid, 0x1, Puppet::Util::Windows::AccessControlEntry::INHERITED_ACE)
|
52
|
+
sd.owner = new_sid
|
53
|
+
|
54
|
+
aces = sd.dacl.to_a
|
55
|
+
aces.size.should == 2
|
56
|
+
aces[0].sid.should == new_sid
|
57
|
+
end
|
58
|
+
|
59
|
+
it "does not prepend SYSTEM when security descriptor owner wasn't SYSTEM" do
|
60
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(group_sid, group_sid, empty_dacl)
|
61
|
+
sd.dacl.allow(group_sid, 0x1)
|
62
|
+
sd.owner = new_sid
|
63
|
+
|
64
|
+
aces = sd.dacl.to_a
|
65
|
+
aces.size.should == 1
|
66
|
+
aces[0].sid.should == new_sid
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
context "group" do
|
71
|
+
it "changes the group" do
|
72
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(system_sid, group_sid, system_ace_dacl)
|
73
|
+
sd.group = new_sid
|
74
|
+
|
75
|
+
sd.group.should == new_sid
|
76
|
+
end
|
77
|
+
|
78
|
+
it "performs a noop if the new group is the same as the old one" do
|
79
|
+
dacl = system_ace_dacl
|
80
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(system_sid, group_sid, dacl)
|
81
|
+
sd.group = sd.group
|
82
|
+
|
83
|
+
sd.dacl.object_id.should == dacl.object_id
|
84
|
+
end
|
85
|
+
|
86
|
+
it "prepends SYSTEM when security descriptor group is no longer SYSTEM" do
|
87
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(new_sid, system_sid, system_ace_dacl)
|
88
|
+
sd.group = new_sid
|
89
|
+
|
90
|
+
aces = sd.dacl.to_a
|
91
|
+
aces.size.should == 2
|
92
|
+
aces[0].sid.should == system_sid
|
93
|
+
aces[1].sid.should == new_sid
|
94
|
+
end
|
95
|
+
|
96
|
+
it "does not prepend SYSTEM when DACL already contains inherited SYSTEM ace" do
|
97
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(admins_sid, admins_sid, empty_dacl)
|
98
|
+
sd.dacl.allow(admins_sid, 0x1)
|
99
|
+
sd.dacl.allow(system_sid, 0x1, Puppet::Util::Windows::AccessControlEntry::INHERITED_ACE)
|
100
|
+
sd.group = new_sid
|
101
|
+
|
102
|
+
aces = sd.dacl.to_a
|
103
|
+
aces.size.should == 2
|
104
|
+
aces[0].sid.should == new_sid
|
105
|
+
end
|
106
|
+
|
107
|
+
it "does not prepend SYSTEM when security descriptor group wasn't SYSTEM" do
|
108
|
+
sd = Puppet::Util::Windows::SecurityDescriptor.new(group_sid, group_sid, empty_dacl)
|
109
|
+
sd.dacl.allow(group_sid, 0x1)
|
110
|
+
sd.group = new_sid
|
111
|
+
|
112
|
+
aces = sd.dacl.to_a
|
113
|
+
aces.size.should == 1
|
114
|
+
aces[0].sid.should == new_sid
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|