puppet 5.5.16-universal-darwin → 5.5.21-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +10 -10
- data/Gemfile +2 -3
- data/Gemfile.lock +57 -52
- data/ext/build_defaults.yaml +1 -0
- data/ext/cert_inspector +3 -3
- data/ext/project_data.yaml +2 -2
- data/ext/puppet-test +2 -2
- data/ext/regexp_nodes/regexp_nodes.rb +4 -4
- data/ext/windows/service/daemon.rb +54 -8
- data/install.rb +6 -24
- data/lib/puppet.rb +5 -2
- data/lib/puppet/agent.rb +5 -13
- data/lib/puppet/application.rb +1 -1
- data/lib/puppet/application/agent.rb +15 -1
- data/lib/puppet/application/apply.rb +2 -2
- data/lib/puppet/application/describe.rb +3 -9
- data/lib/puppet/application/device.rb +4 -4
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +13 -0
- data/lib/puppet/application/lookup.rb +1 -1
- data/lib/puppet/application/resource.rb +4 -4
- data/lib/puppet/application/script.rb +2 -2
- data/lib/puppet/configurer.rb +86 -28
- data/lib/puppet/configurer/downloader.rb +2 -6
- data/lib/puppet/daemon.rb +1 -1
- data/lib/puppet/defaults.rb +82 -38
- data/lib/puppet/error.rb +9 -1
- data/lib/puppet/external/nagios/base.rb +1 -1
- data/lib/puppet/face/ca.rb +1 -1
- data/lib/puppet/face/config.rb +10 -48
- data/lib/puppet/face/facts.rb +1 -1
- data/lib/puppet/face/module/list.rb +5 -5
- data/lib/puppet/face/module/search.rb +1 -1
- data/lib/puppet/face/module/uninstall.rb +1 -1
- data/lib/puppet/face/module/upgrade.rb +1 -1
- data/lib/puppet/face/plugin.rb +9 -2
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_system.rb +0 -8
- data/lib/puppet/file_system/memory_file.rb +1 -1
- data/lib/puppet/file_system/posix.rb +3 -2
- data/lib/puppet/file_system/uniquefile.rb +4 -0
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/functions/epp.rb +4 -4
- data/lib/puppet/functions/inline_epp.rb +5 -5
- data/lib/puppet/functions/reduce.rb +2 -4
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/graph/rb_tree_map.rb +2 -2
- data/lib/puppet/graph/simple_graph.rb +6 -5
- data/lib/puppet/indirector/catalog/compiler.rb +8 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
- data/lib/puppet/indirector/hiera.rb +2 -0
- data/lib/puppet/indirector/resource/ral.rb +1 -3
- data/lib/puppet/indirector/resource/validator.rb +1 -1
- data/lib/puppet/interface.rb +2 -1
- data/lib/puppet/loaders.rb +0 -1
- data/lib/puppet/metatype/manager.rb +1 -1
- data/lib/puppet/module.rb +1 -1
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
- data/lib/puppet/module_tool/metadata.rb +1 -1
- data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
- data/lib/puppet/module_tool/tar/mini.rb +12 -2
- data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
- data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
- data/lib/puppet/network/http/connection.rb +14 -12
- data/lib/puppet/network/http/factory.rb +1 -11
- data/lib/puppet/network/http/pool.rb +7 -1
- data/lib/puppet/network/http/rack/rest.rb +2 -2
- data/lib/puppet/network/http/site.rb +1 -1
- data/lib/puppet/network/resolver.rb +2 -2
- data/lib/puppet/node/environment.rb +4 -2
- data/lib/puppet/parameter.rb +8 -0
- data/lib/puppet/parser/ast.rb +1 -1
- data/lib/puppet/parser/ast/resourceparam.rb +1 -1
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/environment_compiler.rb +3 -0
- data/lib/puppet/parser/functions.rb +1 -1
- data/lib/puppet/parser/functions/epp.rb +3 -3
- data/lib/puppet/parser/functions/inline_epp.rb +5 -5
- data/lib/puppet/parser/resource.rb +3 -2
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
- data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
- data/lib/puppet/pops/issues.rb +5 -0
- data/lib/puppet/pops/loaders.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
- data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
- data/lib/puppet/pops/merge_strategy.rb +22 -18
- data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
- data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
- data/lib/puppet/pops/parser/locator.rb +1 -1
- data/lib/puppet/pops/parser/pn_parser.rb +17 -16
- data/lib/puppet/pops/puppet_stack.rb +51 -48
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
- data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
- data/lib/puppet/pops/types/string_converter.rb +10 -10
- data/lib/puppet/pops/types/type_calculator.rb +24 -0
- data/lib/puppet/pops/types/types.rb +3 -3
- data/lib/puppet/pops/validation/checker4_0.rb +10 -0
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
- data/lib/puppet/property.rb +1 -1
- data/lib/puppet/property/ensure.rb +1 -1
- data/lib/puppet/provider/augeas/augeas.rb +1 -1
- data/lib/puppet/provider/cron/crontab.rb +1 -1
- data/lib/puppet/provider/exec.rb +6 -2
- data/lib/puppet/provider/file/posix.rb +5 -0
- data/lib/puppet/provider/group/groupadd.rb +19 -19
- data/lib/puppet/provider/group/windows_adsi.rb +3 -3
- data/lib/puppet/provider/mailalias/aliases.rb +1 -1
- data/lib/puppet/provider/mount.rb +1 -1
- data/lib/puppet/provider/mount/parsed.rb +8 -8
- data/lib/puppet/provider/nameservice.rb +10 -3
- data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
- data/lib/puppet/provider/nameservice/pw.rb +2 -2
- data/lib/puppet/provider/package/aix.rb +17 -2
- data/lib/puppet/provider/package/apt.rb +14 -3
- data/lib/puppet/provider/package/dnf.rb +1 -1
- data/lib/puppet/provider/package/dnfmodule.rb +141 -0
- data/lib/puppet/provider/package/dpkg.rb +16 -18
- data/lib/puppet/provider/package/fink.rb +20 -3
- data/lib/puppet/provider/package/openbsd.rb +14 -2
- data/lib/puppet/provider/package/pip.rb +37 -10
- data/lib/puppet/provider/package/pkg.rb +18 -5
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +16 -4
- data/lib/puppet/provider/package/portage.rb +4 -4
- data/lib/puppet/provider/package/rpm.rb +57 -19
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +35 -24
- data/lib/puppet/provider/package/zypper.rb +1 -0
- data/lib/puppet/provider/package_targetable.rb +5 -4
- data/lib/puppet/provider/parsedfile.rb +1 -1
- data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
- data/lib/puppet/provider/selmodule/semodule.rb +43 -26
- data/lib/puppet/provider/service/daemontools.rb +9 -9
- data/lib/puppet/provider/service/launchd.rb +20 -5
- data/lib/puppet/provider/service/openbsd.rb +1 -1
- data/lib/puppet/provider/service/rcng.rb +2 -2
- data/lib/puppet/provider/service/runit.rb +2 -8
- data/lib/puppet/provider/service/systemd.rb +35 -22
- data/lib/puppet/provider/service/windows.rb +8 -0
- data/lib/puppet/provider/user/directoryservice.rb +31 -6
- data/lib/puppet/provider/user/hpux.rb +1 -1
- data/lib/puppet/provider/user/pw.rb +12 -3
- data/lib/puppet/provider/user/user_role_add.rb +5 -1
- data/lib/puppet/provider/user/useradd.rb +62 -27
- data/lib/puppet/provider/user/windows_adsi.rb +4 -5
- data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
- data/lib/puppet/reference/indirection.rb +2 -2
- data/lib/puppet/reference/metaparameter.rb +1 -3
- data/lib/puppet/reference/providers.rb +1 -1
- data/lib/puppet/reference/type.rb +3 -9
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/resource.rb +18 -1
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type.rb +8 -0
- data/lib/puppet/settings.rb +43 -3
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/ssl/certificate.rb +2 -1
- data/lib/puppet/ssl/certificate_authority.rb +6 -5
- data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
- data/lib/puppet/ssl/certificate_factory.rb +2 -2
- data/lib/puppet/ssl/host.rb +3 -3
- data/lib/puppet/ssl/oids.rb +1 -1
- data/lib/puppet/test/test_helper.rb +15 -10
- data/lib/puppet/transaction/report.rb +1 -1
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +15 -4
- data/lib/puppet/type/cron.rb +1 -1
- data/lib/puppet/type/exec.rb +21 -9
- data/lib/puppet/type/file.rb +14 -2
- data/lib/puppet/type/file/data_sync.rb +5 -1
- data/lib/puppet/type/group.rb +4 -2
- data/lib/puppet/type/interface.rb +1 -1
- data/lib/puppet/type/notify.rb +3 -2
- data/lib/puppet/type/package.rb +107 -8
- data/lib/puppet/type/schedule.rb +1 -1
- data/lib/puppet/type/selboolean.rb +17 -3
- data/lib/puppet/type/service.rb +9 -10
- data/lib/puppet/type/user.rb +6 -24
- data/lib/puppet/type/yumrepo.rb +3 -7
- data/lib/puppet/util.rb +47 -25
- data/lib/puppet/util/command_line/trollop.rb +1 -1
- data/lib/puppet/util/execution.rb +4 -3
- data/lib/puppet/util/http_proxy.rb +24 -16
- data/lib/puppet/util/instance_loader.rb +1 -1
- data/lib/puppet/util/log.rb +1 -1
- data/lib/puppet/util/log/destinations.rb +3 -12
- data/lib/puppet/util/logging.rb +30 -18
- data/lib/puppet/util/metric.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +1 -1
- data/lib/puppet/util/nagios_maker.rb +2 -2
- data/lib/puppet/util/network_device/cisco/device.rb +1 -1
- data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
- data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
- data/lib/puppet/util/pidlock.rb +12 -6
- data/lib/puppet/util/plist.rb +6 -0
- data/lib/puppet/util/provider_features.rb +2 -4
- data/lib/puppet/util/rdoc.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +8 -2
- data/lib/puppet/util/windows/adsi.rb +60 -30
- data/lib/puppet/util/windows/api_types.rb +45 -32
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +16 -15
- data/lib/puppet/util/windows/registry.rb +17 -15
- data/lib/puppet/util/windows/security.rb +3 -0
- data/lib/puppet/util/windows/service.rb +149 -4
- data/lib/puppet/util/windows/sid.rb +4 -3
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet_pal.rb +2 -2
- data/locales/puppet.pot +479 -443
- data/man/man5/puppet.conf.5 +38 -8
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-ca.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-cert.8 +1 -1
- data/man/man8/puppet-certificate.8 +1 -1
- data/man/man8/puppet-certificate_request.8 +1 -1
- data/man/man8/puppet-certificate_revocation_list.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +16 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-master.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/integration/configurer_spec.rb +52 -0
- data/spec/integration/defaults_spec.rb +1 -2
- data/spec/integration/indirector/facts/facter_spec.rb +4 -0
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/provider/service/systemd_spec.rb +8 -5
- data/spec/integration/type/file_spec.rb +28 -0
- data/spec/integration/type/notify_spec.rb +46 -0
- data/spec/integration/util/execution_spec.rb +27 -0
- data/spec/integration/util/windows/adsi_spec.rb +6 -1
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/unit/agent_spec.rb +34 -26
- data/spec/unit/application/agent_spec.rb +18 -0
- data/spec/unit/application/apply_spec.rb +2 -12
- data/spec/unit/application/device_spec.rb +1 -1
- data/spec/unit/configurer/fact_handler_spec.rb +0 -4
- data/spec/unit/configurer_spec.rb +377 -397
- data/spec/unit/daemon_spec.rb +0 -1
- data/spec/unit/face/facts_spec.rb +9 -0
- data/spec/unit/face/plugin_spec.rb +8 -0
- data/spec/unit/file_system/uniquefile_spec.rb +11 -0
- data/spec/unit/forge/forge_spec.rb +1 -3
- data/spec/unit/forge/repository_spec.rb +1 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
- data/spec/unit/indirector/resource/ral_spec.rb +4 -4
- data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
- data/spec/unit/network/http/api/indirected_routes_spec.rb +28 -11
- data/spec/unit/network/http/connection_spec.rb +43 -1
- data/spec/unit/network/http/factory_spec.rb +27 -5
- data/spec/unit/network/http/pool_spec.rb +32 -0
- data/spec/unit/node_spec.rb +7 -4
- data/spec/unit/parser/environment_compiler_spec.rb +7 -0
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
- data/spec/unit/pops/validator/validator_spec.rb +7 -0
- data/spec/unit/provider/exec_spec.rb +209 -0
- data/spec/unit/provider/group/groupadd_spec.rb +30 -1
- data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
- data/spec/unit/provider/package/aix_spec.rb +29 -0
- data/spec/unit/provider/package/apt_spec.rb +13 -2
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
- data/spec/unit/provider/package/dnf_spec.rb +7 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
- data/spec/unit/provider/package/dpkg_spec.rb +35 -7
- data/spec/unit/provider/package/openbsd_spec.rb +17 -0
- data/spec/unit/provider/package/pip_spec.rb +93 -22
- data/spec/unit/provider/package/pkg_spec.rb +13 -1
- data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
- data/spec/unit/provider/package/pkgng_spec.rb +36 -0
- data/spec/unit/provider/package/portage_spec.rb +4 -4
- data/spec/unit/provider/package/rpm_spec.rb +150 -16
- data/spec/unit/provider/package/yum_spec.rb +66 -0
- data/spec/unit/provider/package/zypper_spec.rb +13 -0
- data/spec/unit/provider/package_targetable_spec.rb +60 -0
- data/spec/unit/provider/selmodule_spec.rb +118 -47
- data/spec/unit/provider/service/daemontools_spec.rb +24 -0
- data/spec/unit/provider/service/launchd_spec.rb +28 -0
- data/spec/unit/provider/service/runit_spec.rb +24 -0
- data/spec/unit/provider/service/systemd_spec.rb +109 -36
- data/spec/unit/provider/service/windows_spec.rb +20 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
- data/spec/unit/provider/user/hpux_spec.rb +2 -2
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/pw_spec.rb +37 -0
- data/spec/unit/provider/user/useradd_spec.rb +122 -15
- data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
- data/spec/unit/puppet_pal_2pec.rb +3 -0
- data/spec/unit/resource_spec.rb +26 -1
- data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
- data/spec/unit/ssl/certificate_spec.rb +7 -0
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/transaction_spec.rb +18 -0
- data/spec/unit/type/exec_spec.rb +15 -12
- data/spec/unit/type/file/content_spec.rb +9 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/file_spec.rb +9 -4
- data/spec/unit/type/package_spec.rb +8 -0
- data/spec/unit/type/schedule_spec.rb +3 -1
- data/spec/unit/type/selboolean_spec.rb +4 -6
- data/spec/unit/type/service_spec.rb +25 -8
- data/spec/unit/type/user_spec.rb +32 -26
- data/spec/unit/type/yumrepo_spec.rb +30 -0
- data/spec/unit/type_spec.rb +40 -0
- data/spec/unit/util/execution_spec.rb +16 -0
- data/spec/unit/util/http_proxy_spec.rb +121 -1
- data/spec/unit/util/log/destinations_spec.rb +2 -26
- data/spec/unit/util/log_spec.rb +0 -112
- data/spec/unit/util/logging_spec.rb +200 -0
- data/spec/unit/util/pidlock_spec.rb +67 -40
- data/spec/unit/util/plist_spec.rb +20 -0
- data/spec/unit/util/windows/adsi_spec.rb +55 -4
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/service_spec.rb +9 -0
- data/spec/unit/util/windows/sid_spec.rb +2 -2
- data/tasks/manpages.rake +1 -0
- metadata +16 -11
- data/ext/windows/eventlog/Rakefile +0 -32
- data/ext/windows/eventlog/puppetres.dll +0 -0
- data/ext/windows/eventlog/puppetres.mc +0 -18
- data/lib/puppet/pops/loader/null_loader.rb +0 -60
- data/locales/ja/puppet.po +0 -12114
- data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -46,14 +46,8 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
|
|
46
46
|
|
47
47
|
# Determine the daemon path.
|
48
48
|
def defpath
|
49
|
-
|
50
|
-
|
51
|
-
if Puppet::FileSystem.exist?(path)
|
52
|
-
@defpath = path
|
53
|
-
break
|
54
|
-
end
|
55
|
-
end
|
56
|
-
raise "Could not find the daemon directory (tested [/var/lib/service,/etc])" unless @defpath
|
49
|
+
@defpath ||= ["/var/lib/service", "/etc"].find do |path|
|
50
|
+
Puppet::FileSystem.exist?(path) && FileTest.directory?(path)
|
57
51
|
end
|
58
52
|
@defpath
|
59
53
|
end
|
@@ -65,6 +59,10 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
|
|
65
59
|
# ie enabled or not
|
66
60
|
def self.instances
|
67
61
|
path = self.defpath
|
62
|
+
unless path
|
63
|
+
Puppet.info("#{self.name} is unsuitable because service directory is nil")
|
64
|
+
return
|
65
|
+
end
|
68
66
|
unless FileTest.directory?(path)
|
69
67
|
Puppet.notice "Service path #{path} does not exist"
|
70
68
|
return
|
@@ -109,7 +107,9 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
|
|
109
107
|
# note that this path can be overridden in the resource
|
110
108
|
# definition
|
111
109
|
def daemon
|
112
|
-
|
110
|
+
path = resource[:path]
|
111
|
+
raise Puppet::Error.new("#{self.class.name} must specify a path for daemon directory") unless path
|
112
|
+
File.join(path, resource[:name])
|
113
113
|
end
|
114
114
|
|
115
115
|
def status
|
@@ -240,12 +240,20 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
|
|
240
240
|
def status
|
241
241
|
if @resource && ((@resource[:hasstatus] == :false) || (@resource[:status]))
|
242
242
|
return super
|
243
|
-
|
244
|
-
|
245
|
-
|
243
|
+
elsif @property_hash[:status].nil?
|
244
|
+
# property_hash was flushed so the service changed status
|
245
|
+
service_name = @resource[:name]
|
246
|
+
# Updating services with new statuses
|
247
|
+
job_list = self.class.job_list
|
248
|
+
# if job is present in job_list, return its status
|
249
|
+
if job_list.key?(service_name)
|
250
|
+
job_list[service_name]
|
251
|
+
# if job is no longer present in job_list, it was stopped
|
246
252
|
else
|
247
|
-
|
253
|
+
:stopped
|
248
254
|
end
|
255
|
+
else
|
256
|
+
@property_hash[:status]
|
249
257
|
end
|
250
258
|
end
|
251
259
|
|
@@ -313,7 +321,14 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
|
|
313
321
|
job_plist_disabled = nil
|
314
322
|
overrides_disabled = nil
|
315
323
|
|
316
|
-
|
324
|
+
begin
|
325
|
+
_, job_plist = plist_from_label(resource[:name])
|
326
|
+
rescue Puppet::Error => err
|
327
|
+
# if job does not exist, log the error and return false as on other platforms
|
328
|
+
Puppet.log_exception(err)
|
329
|
+
return :false
|
330
|
+
end
|
331
|
+
|
317
332
|
job_plist_disabled = job_plist["Disabled"] if job_plist.has_key?("Disabled")
|
318
333
|
|
319
334
|
if FileTest.file?(self.class.launchd_overrides) and overrides = self.class.read_overrides
|
@@ -79,7 +79,7 @@ Puppet::Type.type(:service).provide :openbsd, :parent => :init do
|
|
79
79
|
def running?
|
80
80
|
output = execute([command(:rcctl), "check", @resource[:name]],
|
81
81
|
:failonfail => false, :combine => false, :squelch => false).chomp
|
82
|
-
return true if output
|
82
|
+
return true if output =~ /\(ok\)/
|
83
83
|
end
|
84
84
|
|
85
85
|
# Uses the wrapper to prevent failure when the service is not running;
|
@@ -17,7 +17,7 @@ Puppet::Type.type(:service).provide :rcng, :parent => :bsd do
|
|
17
17
|
if Puppet::FileSystem.exist?(rcfile)
|
18
18
|
File.open(rcfile).readlines.each do |line|
|
19
19
|
# Now look for something that looks like "service=${service:=YES}" or "service=YES"
|
20
|
-
if line
|
20
|
+
if line =~ /^\s*#{@resource[:name]}=(?:YES|\${#{@resource[:name]}:=YES})/
|
21
21
|
return :true
|
22
22
|
end
|
23
23
|
end
|
@@ -34,7 +34,7 @@ Puppet::Type.type(:service).provide :rcng, :parent => :bsd do
|
|
34
34
|
if Puppet::FileSystem.exist?(rcfile)
|
35
35
|
newcontents = []
|
36
36
|
File.open(rcfile).readlines.each do |line|
|
37
|
-
if line
|
37
|
+
if line =~ /^\s*#{@resource[:name]}=(NO|\$\{#{@resource[:name]}:NO\})/
|
38
38
|
line = "#{@resource[:name]}=${#{@resource[:name]}:=YES}"
|
39
39
|
end
|
40
40
|
newcontents.push(line)
|
@@ -40,14 +40,8 @@ Puppet::Type.type(:service).provide :runit, :parent => :daemontools do
|
|
40
40
|
# this is necessary to autodetect a valid resource
|
41
41
|
# default path, since there is no standard for such directory.
|
42
42
|
def defpath
|
43
|
-
|
44
|
-
|
45
|
-
if Puppet::FileSystem.exist?(path)
|
46
|
-
@defpath = path
|
47
|
-
break
|
48
|
-
end
|
49
|
-
end
|
50
|
-
raise "Could not find the daemon directory (tested [/etc/sv,/var/lib/service])" unless @defpath
|
43
|
+
@defpath ||= ["/var/lib/service", "/etc/sv"].find do |path|
|
44
|
+
Puppet::FileSystem.exist?(path) && FileTest.directory?(path)
|
51
45
|
end
|
52
46
|
@defpath
|
53
47
|
end
|
@@ -1,5 +1,7 @@
|
|
1
1
|
# Manage systemd services using systemctl
|
2
2
|
|
3
|
+
require 'puppet/file_system'
|
4
|
+
|
3
5
|
Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
4
6
|
desc "Manages `systemd` services using `systemctl`.
|
5
7
|
|
@@ -9,14 +11,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
9
11
|
|
10
12
|
commands :systemctl => "systemctl"
|
11
13
|
|
12
|
-
|
13
|
-
# With multiple init systems on Debian, it is possible to have
|
14
|
-
# pieces of systemd around (e.g. systemctl) but not really be
|
15
|
-
# using systemd. We do not do this on other platforms as it can
|
16
|
-
# cause issues when running in a chroot without /run mounted
|
17
|
-
# (PUP-5577)
|
18
|
-
confine :exists => "/run/systemd/system"
|
19
|
-
end
|
14
|
+
confine :true => Puppet::FileSystem.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd')
|
20
15
|
|
21
16
|
defaultfor :osfamily => [:archlinux]
|
22
17
|
defaultfor :osfamily => :redhat, :operatingsystemmajrelease => ["7", "8"]
|
@@ -24,14 +19,15 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
24
19
|
defaultfor :osfamily => :suse
|
25
20
|
defaultfor :osfamily => :coreos
|
26
21
|
defaultfor :operatingsystem => :amazon, :operatingsystemmajrelease => ["2"]
|
27
|
-
defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ["8", "stretch/sid", "9", "buster/sid"]
|
28
|
-
defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["15.04","15.10","16.04","16.10","17.04","17.10","18.04"]
|
22
|
+
defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ["8", "stretch/sid", "9", "buster/sid", "10", "bullseye/sid"]
|
23
|
+
defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["15.04","15.10","16.04","16.10","17.04","17.10","18.04","18.10","19.04","19.10","20.04"]
|
29
24
|
defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ["3"]
|
30
25
|
|
31
26
|
def self.instances
|
32
27
|
i = []
|
33
28
|
output = systemctl('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager')
|
34
|
-
output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect)\s*$/i).each do |m|
|
29
|
+
output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad|static)\s*$/i).each do |m|
|
30
|
+
Puppet.debug("#{m[0]} marked as bad by `systemctl`. It is recommended to be further checked.") if m[1] == "bad"
|
35
31
|
i << new(:name => m[0])
|
36
32
|
end
|
37
33
|
return i
|
@@ -39,13 +35,29 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
39
35
|
return []
|
40
36
|
end
|
41
37
|
|
38
|
+
# Static services cannot be enabled or disabled manually. Indirect services
|
39
|
+
# should not be enabled or disabled due to limitations in systemd (see
|
40
|
+
# https://github.com/systemd/systemd/issues/6681).
|
41
|
+
def enabled_insync?(current)
|
42
|
+
case cached_enabled?[:output]
|
43
|
+
when 'static'
|
44
|
+
Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
|
45
|
+
return true
|
46
|
+
when 'indirect'
|
47
|
+
Puppet.debug("Service #{@resource[:name]} is in 'indirect' state and cannot be enabled/disabled")
|
48
|
+
return true
|
49
|
+
else
|
50
|
+
current == @resource[:enable]
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
42
54
|
# This helper ensures that the enable state cache is always reset
|
43
55
|
# after a systemctl enable operation. A particular service state is not guaranteed
|
44
56
|
# after such an operation, so the cache must be emptied to prevent inconsistencies
|
45
57
|
# in the provider's believed state of the service and the actual state.
|
46
58
|
# @param action [String,Symbol] One of 'enable', 'disable', 'mask' or 'unmask'
|
47
59
|
def systemctl_change_enable(action)
|
48
|
-
output = systemctl(action, @resource[:name])
|
60
|
+
output = systemctl(action, '--', @resource[:name])
|
49
61
|
rescue
|
50
62
|
raise Puppet::Error, "Could not #{action} #{self.name}: #{output}", $!.backtrace
|
51
63
|
ensure
|
@@ -58,7 +70,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
58
70
|
|
59
71
|
def get_start_link_count
|
60
72
|
# Start links don't include '.service'. Just search for the service name.
|
61
|
-
if @resource[:name]
|
73
|
+
if @resource[:name] =~ /\.service/
|
62
74
|
link_name = @resource[:name].split('.')[0]
|
63
75
|
else
|
64
76
|
link_name = @resource[:name]
|
@@ -69,13 +81,14 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
69
81
|
|
70
82
|
def cached_enabled?
|
71
83
|
return @cached_enabled if @cached_enabled
|
72
|
-
cmd = [command(:systemctl), 'is-enabled', @resource[:name]]
|
73
|
-
|
84
|
+
cmd = [command(:systemctl), 'is-enabled', '--', @resource[:name]]
|
85
|
+
result = execute(cmd, :failonfail => false)
|
86
|
+
@cached_enabled = { output: result.chomp, exitcode: result.exitstatus }
|
74
87
|
end
|
75
88
|
|
76
89
|
def enabled?
|
77
|
-
output = cached_enabled?
|
78
|
-
code =
|
90
|
+
output = cached_enabled?[:output]
|
91
|
+
code = cached_enabled?[:exitcode]
|
79
92
|
|
80
93
|
# The masked state is equivalent to the disabled state in terms of
|
81
94
|
# comparison so we only care to check if it is masked if we want to keep
|
@@ -88,7 +101,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
88
101
|
# The indirect state indicates that the unit is not enabled.
|
89
102
|
return :false if output == 'indirect'
|
90
103
|
return :true if (code == 0)
|
91
|
-
if (output.empty?) && (code > 0) && (Facter.value(:osfamily).
|
104
|
+
if (output.empty?) && (code > 0) && (Facter.value(:osfamily).casecmp('debian').zero?)
|
92
105
|
ret = debian_enabled?
|
93
106
|
return ret if ret
|
94
107
|
end
|
@@ -136,20 +149,20 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
136
149
|
end
|
137
150
|
|
138
151
|
def restartcmd
|
139
|
-
[command(:systemctl), "restart", @resource[:name]]
|
152
|
+
[command(:systemctl), "restart", '--', @resource[:name]]
|
140
153
|
end
|
141
154
|
|
142
155
|
def startcmd
|
143
156
|
self.unmask
|
144
|
-
[command(:systemctl), "start", @resource[:name]]
|
157
|
+
[command(:systemctl), "start", '--', @resource[:name]]
|
145
158
|
end
|
146
159
|
|
147
160
|
def stopcmd
|
148
|
-
[command(:systemctl), "stop", @resource[:name]]
|
161
|
+
[command(:systemctl), "stop", '--', @resource[:name]]
|
149
162
|
end
|
150
163
|
|
151
164
|
def statuscmd
|
152
|
-
[command(:systemctl), "is-active", @resource[:name]]
|
165
|
+
[command(:systemctl), "is-active", '--', @resource[:name]]
|
153
166
|
end
|
154
167
|
|
155
168
|
def restart
|
@@ -34,6 +34,12 @@ Puppet::Type.type(:service).provide :windows, :parent => :service do
|
|
34
34
|
raise Puppet::Error.new(_("Cannot enable %{resource_name} for manual start, error was: %{detail}") % { resource_name: @resource[:name], detail: detail }, detail )
|
35
35
|
end
|
36
36
|
|
37
|
+
def delayed_start
|
38
|
+
Puppet::Util::Windows::Service.set_startup_mode( @resource[:name], :SERVICE_AUTO_START, true )
|
39
|
+
rescue => detail
|
40
|
+
raise Puppet::Error.new(_("Cannot enable %{resource_name} for delayed start, error was: %{detail}") % { resource_name: @resource[:name], detail: detail }, detail )
|
41
|
+
end
|
42
|
+
|
37
43
|
def enabled?
|
38
44
|
return :false unless Puppet::Util::Windows::Service.exists?(@resource[:name])
|
39
45
|
|
@@ -46,6 +52,8 @@ Puppet::Type.type(:service).provide :windows, :parent => :service do
|
|
46
52
|
:true
|
47
53
|
when :SERVICE_DEMAND_START
|
48
54
|
:manual
|
55
|
+
when :SERVICE_DELAYED_AUTO_START
|
56
|
+
:delayed
|
49
57
|
when :SERVICE_DISABLED
|
50
58
|
:false
|
51
59
|
else
|
@@ -386,7 +386,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
386
386
|
if (Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.7') > 0)
|
387
387
|
assert_full_pbkdf2_password
|
388
388
|
|
389
|
-
sleep
|
389
|
+
sleep 3
|
390
390
|
flush_dscl_cache
|
391
391
|
users_plist = get_users_plist(@resource.name)
|
392
392
|
shadow_hash_data = get_shadow_hash_data(users_plist)
|
@@ -403,7 +403,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
403
403
|
if (Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.7') > 0)
|
404
404
|
assert_full_pbkdf2_password
|
405
405
|
|
406
|
-
sleep
|
406
|
+
sleep 3
|
407
407
|
flush_dscl_cache
|
408
408
|
users_plist = get_users_plist(@resource.name)
|
409
409
|
shadow_hash_data = get_shadow_hash_data(users_plist)
|
@@ -434,8 +434,8 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
434
434
|
['home', 'uid', 'gid', 'comment', 'shell'].each do |setter_method|
|
435
435
|
define_method("#{setter_method}=") do |value|
|
436
436
|
if @property_hash[setter_method.intern]
|
437
|
-
if self.class.get_os_version
|
438
|
-
raise Puppet::Error, "OS X version
|
437
|
+
if self.class.get_os_version.split('.').last.to_i >= 14 && %w(home uid).include?(setter_method)
|
438
|
+
raise Puppet::Error, "OS X version #{self.class.get_os_version} does not allow changing #{setter_method} using puppet"
|
439
439
|
end
|
440
440
|
begin
|
441
441
|
dscl '.', '-change', "/Users/#{resource.name}", self.class.ns_to_ds_attribute_map[setter_method.intern], @property_hash[setter_method.intern], value
|
@@ -503,7 +503,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
503
503
|
def next_system_id(min_id=20)
|
504
504
|
dscl_output = dscl '.', '-list', '/Users', 'uid'
|
505
505
|
# We're ok with throwing away negative uids here. Also, remove nil values.
|
506
|
-
user_ids = dscl_output.split.compact.collect { |l| l.to_i if l
|
506
|
+
user_ids = dscl_output.split.compact.collect { |l| l.to_i if l =~ /^\d+$/ }
|
507
507
|
ids = user_ids.compact!.sort! { |a,b| a.to_f <=> b.to_f }
|
508
508
|
# We're just looking for an unused id in our sorted array.
|
509
509
|
ids.each_index do |i|
|
@@ -571,7 +571,32 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
571
571
|
else
|
572
572
|
users_plist['ShadowHashData'] = [binary_plist]
|
573
573
|
end
|
574
|
-
|
574
|
+
if Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.15') < 0
|
575
|
+
write_users_plist_to_disk(users_plist)
|
576
|
+
else
|
577
|
+
write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
|
578
|
+
end
|
579
|
+
end
|
580
|
+
|
581
|
+
# This method writes the ShadowHashData plist in a temporary file,
|
582
|
+
# then imports it using dsimport. macOS versions 10.15 and newer do
|
583
|
+
# not support directly managing binary plists, so we have to use an
|
584
|
+
# intermediary.
|
585
|
+
# dsimport is an archaic utilitary with hard-to-find documentation
|
586
|
+
#
|
587
|
+
# See http://web.archive.org/web/20090106120111/http://support.apple.com/kb/TA21305?viewlocale=en_US
|
588
|
+
# for information regarding the dsimport syntax
|
589
|
+
def write_and_import_shadow_hash_data(data_plist)
|
590
|
+
Tempfile.create("dsimport_#{@resource.name}", :encoding => Encoding::ASCII) do |dsimport_file|
|
591
|
+
dsimport_file.write <<-DSIMPORT
|
592
|
+
0x0A 0x5C 0x3A 0x2C dsRecTypeStandard:Users 2 dsAttrTypeStandard:RecordName base64:dsAttrTypeNative:ShadowHashData
|
593
|
+
#{@resource.name}:#{Base64.strict_encode64(data_plist)}
|
594
|
+
DSIMPORT
|
595
|
+
dsimport_file.flush
|
596
|
+
# Delete the user's existing ShadowHashData, since dsimport appends, not replaces
|
597
|
+
dscl('.', 'delete', "/Users/#{@resource.name}", 'ShadowHashData')
|
598
|
+
dsimport(dsimport_file.path, '/Local/Default', 'M')
|
599
|
+
end
|
575
600
|
end
|
576
601
|
|
577
602
|
# This method accepts an argument of a hex password hash, and base64
|
@@ -29,7 +29,7 @@ Puppet::Type.type(:user).provide :hpuxuseradd, :parent => :useradd do
|
|
29
29
|
|
30
30
|
def modifycmd(param,value)
|
31
31
|
cmd = super(param, value)
|
32
|
-
cmd
|
32
|
+
cmd.insert(1,"-F")
|
33
33
|
if trusted then
|
34
34
|
# Append an additional command to reset the password age to 0
|
35
35
|
# until a workaround with expiry module can be found for trusted
|
@@ -66,11 +66,11 @@ Puppet::Type.type(:user).provide :pw, :parent => Puppet::Provider::NameService::
|
|
66
66
|
|
67
67
|
# use pw to update password hash
|
68
68
|
def password=(cryptopw)
|
69
|
-
Puppet.debug "change password for user '#{@resource[:name]}' method called with hash
|
69
|
+
Puppet.debug "change password for user '#{@resource[:name]}' method called with hash [redacted]"
|
70
70
|
stdin, _, _ = Open3.popen3("pw user mod #{@resource[:name]} -H 0")
|
71
71
|
stdin.puts(cryptopw)
|
72
72
|
stdin.close
|
73
|
-
Puppet.debug "finished password for user '#{@resource[:name]}' method called with hash
|
73
|
+
Puppet.debug "finished password for user '#{@resource[:name]}' method called with hash [redacted]"
|
74
74
|
end
|
75
75
|
|
76
76
|
# get password from /etc/master.passwd
|
@@ -78,10 +78,19 @@ Puppet::Type.type(:user).provide :pw, :parent => Puppet::Provider::NameService::
|
|
78
78
|
Puppet.debug "checking password for user '#{@resource[:name]}' method called"
|
79
79
|
current_passline = `getent passwd #{@resource[:name]}`
|
80
80
|
current_password = current_passline.chomp.split(':')[1] if current_passline
|
81
|
-
Puppet.debug "finished password for user '#{@resource[:name]}' method called :
|
81
|
+
Puppet.debug "finished password for user '#{@resource[:name]}' method called : [redacted]"
|
82
82
|
current_password
|
83
83
|
end
|
84
84
|
|
85
|
+
def has_sensitive_data?(property = nil)
|
86
|
+
#Check for sensitive values?
|
87
|
+
properties = property ? [property] : Puppet::Type.type(:user).validproperties
|
88
|
+
properties.any? do |prop|
|
89
|
+
p = @resource.parameter(prop)
|
90
|
+
p && p.respond_to?(:is_sensitive) && p.is_sensitive
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
85
94
|
# Get expiry from system and convert to Puppet-style date
|
86
95
|
def expiry
|
87
96
|
expiry = self.get(:expiry)
|
@@ -36,7 +36,7 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
|
|
36
36
|
has_features :manages_homedir, :allows_duplicates, :manages_solaris_rbac, :manages_passwords, :manages_password_age, :manages_shell
|
37
37
|
|
38
38
|
def check_valid_shell
|
39
|
-
unless File.
|
39
|
+
unless File.exist?(@resource.should(:shell))
|
40
40
|
raise(Puppet::Error, "Shell #{@resource.should(:shell)} must exist")
|
41
41
|
end
|
42
42
|
unless File.executable?(@resource.should(:shell).to_s)
|
@@ -202,6 +202,10 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
|
|
202
202
|
shadow_entry[5].empty? ? -1 : shadow_entry[5]
|
203
203
|
end
|
204
204
|
|
205
|
+
def has_sensitive_data?(property = nil)
|
206
|
+
false
|
207
|
+
end
|
208
|
+
|
205
209
|
# Read in /etc/shadow, find the line for our used and rewrite it with the
|
206
210
|
# new pw. Smooth like 80 grit sandpaper.
|
207
211
|
#
|
@@ -21,7 +21,11 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
21
21
|
options :expiry, :method => :sp_expire,
|
22
22
|
:munge => proc { |value|
|
23
23
|
if value == :absent
|
24
|
-
''
|
24
|
+
if Facter.value(:operatingsystem)=='SLES' && Facter.value(:operatingsystemmajrelease) == "11"
|
25
|
+
-1
|
26
|
+
else
|
27
|
+
''
|
28
|
+
end
|
25
29
|
else
|
26
30
|
case Facter.value(:operatingsystem)
|
27
31
|
when 'Solaris'
|
@@ -55,35 +59,43 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
55
59
|
get(:uid)
|
56
60
|
end
|
57
61
|
|
62
|
+
def comment
|
63
|
+
return localcomment if @resource.forcelocal?
|
64
|
+
get(:comment)
|
65
|
+
end
|
66
|
+
|
58
67
|
def finduser(key, value)
|
59
68
|
passwd_file = "/etc/passwd"
|
60
|
-
passwd_keys = [
|
69
|
+
passwd_keys = [:account, :password, :uid, :gid, :gecos, :directory, :shell]
|
61
70
|
index = passwd_keys.index(key)
|
62
|
-
File.
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
return user
|
68
|
-
end
|
71
|
+
@passwd_content ||= File.read(passwd_file)
|
72
|
+
@passwd_content.each_line do |line|
|
73
|
+
user = line.split(":")
|
74
|
+
if user[index] == value
|
75
|
+
return Hash[passwd_keys.zip(user)]
|
69
76
|
end
|
70
77
|
end
|
71
78
|
false
|
72
79
|
end
|
73
80
|
|
74
81
|
def local_username
|
75
|
-
finduser(
|
82
|
+
finduser(:uid, @resource.uid)
|
76
83
|
end
|
77
84
|
|
78
85
|
def localuid
|
79
|
-
user = finduser(
|
80
|
-
return user[
|
86
|
+
user = finduser(:account, resource[:name])
|
87
|
+
return user[:uid] if user
|
81
88
|
false
|
82
89
|
end
|
83
90
|
|
91
|
+
def localcomment
|
92
|
+
user = finduser(:account, resource[:name])
|
93
|
+
user[:gecos]
|
94
|
+
end
|
95
|
+
|
84
96
|
def shell=(value)
|
85
97
|
check_valid_shell
|
86
|
-
set(
|
98
|
+
set(:shell, value)
|
87
99
|
end
|
88
100
|
|
89
101
|
verify :gid, "GID must be an integer" do |value|
|
@@ -106,8 +118,8 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
106
118
|
# to ensure consistent behaviour of the useradd provider when
|
107
119
|
# using both useradd and luseradd
|
108
120
|
if (!@resource.allowdupe?) && @resource.forcelocal?
|
109
|
-
if @resource.should(:uid) && finduser(
|
110
|
-
raise(Puppet::Error, "UID #{@resource.should(:uid)
|
121
|
+
if @resource.should(:uid) && finduser(:uid, @resource.should(:uid).to_s)
|
122
|
+
raise(Puppet::Error, "UID #{@resource.should(:uid)} already exists, use allowdupe to force user creation")
|
111
123
|
end
|
112
124
|
elsif @resource.allowdupe? && (!@resource.forcelocal?)
|
113
125
|
return ["-o"]
|
@@ -116,7 +128,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
116
128
|
end
|
117
129
|
|
118
130
|
def check_valid_shell
|
119
|
-
unless File.
|
131
|
+
unless File.exist?(@resource.should(:shell))
|
120
132
|
raise(Puppet::Error, "Shell #{@resource.should(:shell)} must exist")
|
121
133
|
end
|
122
134
|
unless File.executable?(@resource.should(:shell).to_s)
|
@@ -126,10 +138,17 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
126
138
|
|
127
139
|
def check_manage_home
|
128
140
|
cmd = []
|
129
|
-
if @resource.managehome?
|
130
|
-
|
131
|
-
|
132
|
-
|
141
|
+
if @resource.managehome?
|
142
|
+
# libuser does not implement the -m flag
|
143
|
+
cmd << "-m" unless @resource.forcelocal?
|
144
|
+
else
|
145
|
+
osfamily = Facter.value(:osfamily)
|
146
|
+
osversion = Facter.value(:operatingsystemmajrelease).to_i
|
147
|
+
# SLES 11 uses pwdutils instead of shadow, which does not have -M
|
148
|
+
# Solaris and OpenBSD use different useradd flavors
|
149
|
+
unless osfamily =~ /Solaris|OpenBSD/ || osfamily == 'Suse' && osversion <= 11
|
150
|
+
cmd << "-M"
|
151
|
+
end
|
133
152
|
end
|
134
153
|
cmd
|
135
154
|
end
|
@@ -147,19 +166,35 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
147
166
|
# validproperties is a list of properties in undefined order
|
148
167
|
# sort them to have a predictable command line in tests
|
149
168
|
Puppet::Type.type(:user).validproperties.sort.each do |property|
|
150
|
-
|
151
|
-
next if
|
152
|
-
next if (property == :groups) && @resource.forcelocal?
|
153
|
-
next if (property == :expiry) && @resource.forcelocal?
|
169
|
+
value = get_value_for_property(property)
|
170
|
+
next if value.nil?
|
154
171
|
# the value needs to be quoted, mostly because -c might
|
155
172
|
# have spaces in it
|
156
|
-
|
157
|
-
cmd << flag(property) << munge(property, value)
|
158
|
-
end
|
173
|
+
cmd << flag(property) << munge(property, value)
|
159
174
|
end
|
160
175
|
cmd
|
161
176
|
end
|
162
177
|
|
178
|
+
def get_value_for_property(property)
|
179
|
+
return nil if property == :ensure
|
180
|
+
return nil if property_manages_password_age?(property)
|
181
|
+
return nil if property == :groups and @resource.forcelocal?
|
182
|
+
return nil if property == :expiry and @resource.forcelocal?
|
183
|
+
value = @resource.should(property)
|
184
|
+
return nil if !value || value == ""
|
185
|
+
|
186
|
+
value
|
187
|
+
end
|
188
|
+
|
189
|
+
def has_sensitive_data?(property = nil)
|
190
|
+
#Check for sensitive values?
|
191
|
+
properties = property ? [property] : Puppet::Type.type(:user).validproperties
|
192
|
+
properties.any? do |prop|
|
193
|
+
p = @resource.parameter(prop)
|
194
|
+
p && p.respond_to?(:is_sensitive) && p.is_sensitive
|
195
|
+
end
|
196
|
+
end
|
197
|
+
|
163
198
|
def addcmd
|
164
199
|
if @resource.forcelocal?
|
165
200
|
cmd = [command(:localadd)]
|