puppet 5.5.16-universal-darwin → 5.5.21-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (359) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +10 -10
  3. data/Gemfile +2 -3
  4. data/Gemfile.lock +57 -52
  5. data/ext/build_defaults.yaml +1 -0
  6. data/ext/cert_inspector +3 -3
  7. data/ext/project_data.yaml +2 -2
  8. data/ext/puppet-test +2 -2
  9. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  10. data/ext/windows/service/daemon.rb +54 -8
  11. data/install.rb +6 -24
  12. data/lib/puppet.rb +5 -2
  13. data/lib/puppet/agent.rb +5 -13
  14. data/lib/puppet/application.rb +1 -1
  15. data/lib/puppet/application/agent.rb +15 -1
  16. data/lib/puppet/application/apply.rb +2 -2
  17. data/lib/puppet/application/describe.rb +3 -9
  18. data/lib/puppet/application/device.rb +4 -4
  19. data/lib/puppet/application/doc.rb +1 -1
  20. data/lib/puppet/application/filebucket.rb +13 -0
  21. data/lib/puppet/application/lookup.rb +1 -1
  22. data/lib/puppet/application/resource.rb +4 -4
  23. data/lib/puppet/application/script.rb +2 -2
  24. data/lib/puppet/configurer.rb +86 -28
  25. data/lib/puppet/configurer/downloader.rb +2 -6
  26. data/lib/puppet/daemon.rb +1 -1
  27. data/lib/puppet/defaults.rb +82 -38
  28. data/lib/puppet/error.rb +9 -1
  29. data/lib/puppet/external/nagios/base.rb +1 -1
  30. data/lib/puppet/face/ca.rb +1 -1
  31. data/lib/puppet/face/config.rb +10 -48
  32. data/lib/puppet/face/facts.rb +1 -1
  33. data/lib/puppet/face/module/list.rb +5 -5
  34. data/lib/puppet/face/module/search.rb +1 -1
  35. data/lib/puppet/face/module/uninstall.rb +1 -1
  36. data/lib/puppet/face/module/upgrade.rb +1 -1
  37. data/lib/puppet/face/plugin.rb +9 -2
  38. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  39. data/lib/puppet/file_system.rb +0 -8
  40. data/lib/puppet/file_system/memory_file.rb +1 -1
  41. data/lib/puppet/file_system/posix.rb +3 -2
  42. data/lib/puppet/file_system/uniquefile.rb +4 -0
  43. data/lib/puppet/forge.rb +3 -3
  44. data/lib/puppet/functions/epp.rb +4 -4
  45. data/lib/puppet/functions/inline_epp.rb +5 -5
  46. data/lib/puppet/functions/reduce.rb +2 -4
  47. data/lib/puppet/gettext/module_translations.rb +1 -1
  48. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  49. data/lib/puppet/graph/simple_graph.rb +6 -5
  50. data/lib/puppet/indirector/catalog/compiler.rb +8 -0
  51. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  52. data/lib/puppet/indirector/hiera.rb +2 -0
  53. data/lib/puppet/indirector/resource/ral.rb +1 -3
  54. data/lib/puppet/indirector/resource/validator.rb +1 -1
  55. data/lib/puppet/interface.rb +2 -1
  56. data/lib/puppet/loaders.rb +0 -1
  57. data/lib/puppet/metatype/manager.rb +1 -1
  58. data/lib/puppet/module.rb +1 -1
  59. data/lib/puppet/module_tool/applications/builder.rb +1 -1
  60. data/lib/puppet/module_tool/applications/installer.rb +1 -1
  61. data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
  62. data/lib/puppet/module_tool/metadata.rb +1 -1
  63. data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
  64. data/lib/puppet/module_tool/tar/mini.rb +12 -2
  65. data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
  66. data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
  67. data/lib/puppet/network/http/connection.rb +14 -12
  68. data/lib/puppet/network/http/factory.rb +1 -11
  69. data/lib/puppet/network/http/pool.rb +7 -1
  70. data/lib/puppet/network/http/rack/rest.rb +2 -2
  71. data/lib/puppet/network/http/site.rb +1 -1
  72. data/lib/puppet/network/resolver.rb +2 -2
  73. data/lib/puppet/node/environment.rb +4 -2
  74. data/lib/puppet/parameter.rb +8 -0
  75. data/lib/puppet/parser/ast.rb +1 -1
  76. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  77. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
  78. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
  79. data/lib/puppet/parser/environment_compiler.rb +3 -0
  80. data/lib/puppet/parser/functions.rb +1 -1
  81. data/lib/puppet/parser/functions/epp.rb +3 -3
  82. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  83. data/lib/puppet/parser/resource.rb +3 -2
  84. data/lib/puppet/parser/resource/param.rb +6 -0
  85. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  86. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  87. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  88. data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
  89. data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
  90. data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
  91. data/lib/puppet/pops/issues.rb +5 -0
  92. data/lib/puppet/pops/loaders.rb +1 -1
  93. data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
  94. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  95. data/lib/puppet/pops/merge_strategy.rb +22 -18
  96. data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
  97. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  98. data/lib/puppet/pops/parser/locator.rb +1 -1
  99. data/lib/puppet/pops/parser/pn_parser.rb +17 -16
  100. data/lib/puppet/pops/puppet_stack.rb +51 -48
  101. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
  102. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  103. data/lib/puppet/pops/types/string_converter.rb +10 -10
  104. data/lib/puppet/pops/types/type_calculator.rb +24 -0
  105. data/lib/puppet/pops/types/types.rb +3 -3
  106. data/lib/puppet/pops/validation/checker4_0.rb +10 -0
  107. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
  108. data/lib/puppet/property.rb +1 -1
  109. data/lib/puppet/property/ensure.rb +1 -1
  110. data/lib/puppet/provider/augeas/augeas.rb +1 -1
  111. data/lib/puppet/provider/cron/crontab.rb +1 -1
  112. data/lib/puppet/provider/exec.rb +6 -2
  113. data/lib/puppet/provider/file/posix.rb +5 -0
  114. data/lib/puppet/provider/group/groupadd.rb +19 -19
  115. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  116. data/lib/puppet/provider/mailalias/aliases.rb +1 -1
  117. data/lib/puppet/provider/mount.rb +1 -1
  118. data/lib/puppet/provider/mount/parsed.rb +8 -8
  119. data/lib/puppet/provider/nameservice.rb +10 -3
  120. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  121. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  122. data/lib/puppet/provider/package/aix.rb +17 -2
  123. data/lib/puppet/provider/package/apt.rb +14 -3
  124. data/lib/puppet/provider/package/dnf.rb +1 -1
  125. data/lib/puppet/provider/package/dnfmodule.rb +141 -0
  126. data/lib/puppet/provider/package/dpkg.rb +16 -18
  127. data/lib/puppet/provider/package/fink.rb +20 -3
  128. data/lib/puppet/provider/package/openbsd.rb +14 -2
  129. data/lib/puppet/provider/package/pip.rb +37 -10
  130. data/lib/puppet/provider/package/pkg.rb +18 -5
  131. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  132. data/lib/puppet/provider/package/pkgng.rb +16 -4
  133. data/lib/puppet/provider/package/portage.rb +4 -4
  134. data/lib/puppet/provider/package/rpm.rb +57 -19
  135. data/lib/puppet/provider/package/windows/package.rb +1 -1
  136. data/lib/puppet/provider/package/yum.rb +35 -24
  137. data/lib/puppet/provider/package/zypper.rb +1 -0
  138. data/lib/puppet/provider/package_targetable.rb +5 -4
  139. data/lib/puppet/provider/parsedfile.rb +1 -1
  140. data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
  141. data/lib/puppet/provider/selmodule/semodule.rb +43 -26
  142. data/lib/puppet/provider/service/daemontools.rb +9 -9
  143. data/lib/puppet/provider/service/launchd.rb +20 -5
  144. data/lib/puppet/provider/service/openbsd.rb +1 -1
  145. data/lib/puppet/provider/service/rcng.rb +2 -2
  146. data/lib/puppet/provider/service/runit.rb +2 -8
  147. data/lib/puppet/provider/service/systemd.rb +35 -22
  148. data/lib/puppet/provider/service/windows.rb +8 -0
  149. data/lib/puppet/provider/user/directoryservice.rb +31 -6
  150. data/lib/puppet/provider/user/hpux.rb +1 -1
  151. data/lib/puppet/provider/user/pw.rb +12 -3
  152. data/lib/puppet/provider/user/user_role_add.rb +5 -1
  153. data/lib/puppet/provider/user/useradd.rb +62 -27
  154. data/lib/puppet/provider/user/windows_adsi.rb +4 -5
  155. data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
  156. data/lib/puppet/reference/indirection.rb +2 -2
  157. data/lib/puppet/reference/metaparameter.rb +1 -3
  158. data/lib/puppet/reference/providers.rb +1 -1
  159. data/lib/puppet/reference/type.rb +3 -9
  160. data/lib/puppet/reports.rb +1 -1
  161. data/lib/puppet/resource.rb +18 -1
  162. data/lib/puppet/resource/catalog.rb +1 -1
  163. data/lib/puppet/resource/type.rb +8 -0
  164. data/lib/puppet/settings.rb +43 -3
  165. data/lib/puppet/settings/environment_conf.rb +1 -0
  166. data/lib/puppet/ssl/certificate.rb +2 -1
  167. data/lib/puppet/ssl/certificate_authority.rb +6 -5
  168. data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
  169. data/lib/puppet/ssl/certificate_factory.rb +2 -2
  170. data/lib/puppet/ssl/host.rb +3 -3
  171. data/lib/puppet/ssl/oids.rb +1 -1
  172. data/lib/puppet/test/test_helper.rb +15 -10
  173. data/lib/puppet/transaction/report.rb +1 -1
  174. data/lib/puppet/transaction/resource_harness.rb +1 -1
  175. data/lib/puppet/type.rb +15 -4
  176. data/lib/puppet/type/cron.rb +1 -1
  177. data/lib/puppet/type/exec.rb +21 -9
  178. data/lib/puppet/type/file.rb +14 -2
  179. data/lib/puppet/type/file/data_sync.rb +5 -1
  180. data/lib/puppet/type/group.rb +4 -2
  181. data/lib/puppet/type/interface.rb +1 -1
  182. data/lib/puppet/type/notify.rb +3 -2
  183. data/lib/puppet/type/package.rb +107 -8
  184. data/lib/puppet/type/schedule.rb +1 -1
  185. data/lib/puppet/type/selboolean.rb +17 -3
  186. data/lib/puppet/type/service.rb +9 -10
  187. data/lib/puppet/type/user.rb +6 -24
  188. data/lib/puppet/type/yumrepo.rb +3 -7
  189. data/lib/puppet/util.rb +47 -25
  190. data/lib/puppet/util/command_line/trollop.rb +1 -1
  191. data/lib/puppet/util/execution.rb +4 -3
  192. data/lib/puppet/util/http_proxy.rb +24 -16
  193. data/lib/puppet/util/instance_loader.rb +1 -1
  194. data/lib/puppet/util/log.rb +1 -1
  195. data/lib/puppet/util/log/destinations.rb +3 -12
  196. data/lib/puppet/util/logging.rb +30 -18
  197. data/lib/puppet/util/metric.rb +2 -2
  198. data/lib/puppet/util/monkey_patches.rb +1 -1
  199. data/lib/puppet/util/nagios_maker.rb +2 -2
  200. data/lib/puppet/util/network_device/cisco/device.rb +1 -1
  201. data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
  202. data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
  203. data/lib/puppet/util/pidlock.rb +12 -6
  204. data/lib/puppet/util/plist.rb +6 -0
  205. data/lib/puppet/util/provider_features.rb +2 -4
  206. data/lib/puppet/util/rdoc.rb +1 -1
  207. data/lib/puppet/util/reference.rb +1 -1
  208. data/lib/puppet/util/resource_template.rb +1 -1
  209. data/lib/puppet/util/selinux.rb +8 -2
  210. data/lib/puppet/util/windows/adsi.rb +60 -30
  211. data/lib/puppet/util/windows/api_types.rb +45 -32
  212. data/lib/puppet/util/windows/eventlog.rb +1 -6
  213. data/lib/puppet/util/windows/principal.rb +8 -6
  214. data/lib/puppet/util/windows/process.rb +16 -15
  215. data/lib/puppet/util/windows/registry.rb +17 -15
  216. data/lib/puppet/util/windows/security.rb +3 -0
  217. data/lib/puppet/util/windows/service.rb +149 -4
  218. data/lib/puppet/util/windows/sid.rb +4 -3
  219. data/lib/puppet/vendor.rb +1 -1
  220. data/lib/puppet/version.rb +1 -1
  221. data/lib/puppet_pal.rb +2 -2
  222. data/locales/puppet.pot +479 -443
  223. data/man/man5/puppet.conf.5 +38 -8
  224. data/man/man8/puppet-agent.8 +2 -2
  225. data/man/man8/puppet-apply.8 +1 -1
  226. data/man/man8/puppet-ca.8 +1 -1
  227. data/man/man8/puppet-catalog.8 +1 -1
  228. data/man/man8/puppet-cert.8 +1 -1
  229. data/man/man8/puppet-certificate.8 +1 -1
  230. data/man/man8/puppet-certificate_request.8 +1 -1
  231. data/man/man8/puppet-certificate_revocation_list.8 +1 -1
  232. data/man/man8/puppet-config.8 +1 -1
  233. data/man/man8/puppet-describe.8 +1 -1
  234. data/man/man8/puppet-device.8 +1 -1
  235. data/man/man8/puppet-doc.8 +1 -1
  236. data/man/man8/puppet-epp.8 +1 -1
  237. data/man/man8/puppet-facts.8 +1 -1
  238. data/man/man8/puppet-filebucket.8 +16 -1
  239. data/man/man8/puppet-generate.8 +1 -1
  240. data/man/man8/puppet-help.8 +1 -1
  241. data/man/man8/puppet-key.8 +1 -1
  242. data/man/man8/puppet-lookup.8 +1 -1
  243. data/man/man8/puppet-man.8 +1 -1
  244. data/man/man8/puppet-master.8 +1 -1
  245. data/man/man8/puppet-module.8 +1 -1
  246. data/man/man8/puppet-node.8 +1 -1
  247. data/man/man8/puppet-parser.8 +1 -1
  248. data/man/man8/puppet-plugin.8 +1 -1
  249. data/man/man8/puppet-report.8 +1 -1
  250. data/man/man8/puppet-resource.8 +1 -1
  251. data/man/man8/puppet-script.8 +1 -1
  252. data/man/man8/puppet-status.8 +1 -1
  253. data/man/man8/puppet.8 +2 -2
  254. data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
  255. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
  256. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  257. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  258. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  259. data/spec/integration/configurer_spec.rb +52 -0
  260. data/spec/integration/defaults_spec.rb +1 -2
  261. data/spec/integration/indirector/facts/facter_spec.rb +4 -0
  262. data/spec/integration/parser/compiler_spec.rb +11 -0
  263. data/spec/integration/provider/service/systemd_spec.rb +8 -5
  264. data/spec/integration/type/file_spec.rb +28 -0
  265. data/spec/integration/type/notify_spec.rb +46 -0
  266. data/spec/integration/util/execution_spec.rb +27 -0
  267. data/spec/integration/util/windows/adsi_spec.rb +6 -1
  268. data/spec/integration/util/windows/registry_spec.rb +7 -7
  269. data/spec/unit/agent_spec.rb +34 -26
  270. data/spec/unit/application/agent_spec.rb +18 -0
  271. data/spec/unit/application/apply_spec.rb +2 -12
  272. data/spec/unit/application/device_spec.rb +1 -1
  273. data/spec/unit/configurer/fact_handler_spec.rb +0 -4
  274. data/spec/unit/configurer_spec.rb +377 -397
  275. data/spec/unit/daemon_spec.rb +0 -1
  276. data/spec/unit/face/facts_spec.rb +9 -0
  277. data/spec/unit/face/plugin_spec.rb +8 -0
  278. data/spec/unit/file_system/uniquefile_spec.rb +11 -0
  279. data/spec/unit/forge/forge_spec.rb +1 -3
  280. data/spec/unit/forge/repository_spec.rb +1 -3
  281. data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
  282. data/spec/unit/indirector/resource/ral_spec.rb +4 -4
  283. data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
  284. data/spec/unit/network/http/api/indirected_routes_spec.rb +28 -11
  285. data/spec/unit/network/http/connection_spec.rb +43 -1
  286. data/spec/unit/network/http/factory_spec.rb +27 -5
  287. data/spec/unit/network/http/pool_spec.rb +32 -0
  288. data/spec/unit/node_spec.rb +7 -4
  289. data/spec/unit/parser/environment_compiler_spec.rb +7 -0
  290. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
  291. data/spec/unit/pops/validator/validator_spec.rb +7 -0
  292. data/spec/unit/provider/exec_spec.rb +209 -0
  293. data/spec/unit/provider/group/groupadd_spec.rb +30 -1
  294. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  295. data/spec/unit/provider/package/aix_spec.rb +29 -0
  296. data/spec/unit/provider/package/apt_spec.rb +13 -2
  297. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  298. data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
  299. data/spec/unit/provider/package/dnf_spec.rb +7 -0
  300. data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
  301. data/spec/unit/provider/package/dpkg_spec.rb +35 -7
  302. data/spec/unit/provider/package/openbsd_spec.rb +17 -0
  303. data/spec/unit/provider/package/pip_spec.rb +93 -22
  304. data/spec/unit/provider/package/pkg_spec.rb +13 -1
  305. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  306. data/spec/unit/provider/package/pkgng_spec.rb +36 -0
  307. data/spec/unit/provider/package/portage_spec.rb +4 -4
  308. data/spec/unit/provider/package/rpm_spec.rb +150 -16
  309. data/spec/unit/provider/package/yum_spec.rb +66 -0
  310. data/spec/unit/provider/package/zypper_spec.rb +13 -0
  311. data/spec/unit/provider/package_targetable_spec.rb +60 -0
  312. data/spec/unit/provider/selmodule_spec.rb +118 -47
  313. data/spec/unit/provider/service/daemontools_spec.rb +24 -0
  314. data/spec/unit/provider/service/launchd_spec.rb +28 -0
  315. data/spec/unit/provider/service/runit_spec.rb +24 -0
  316. data/spec/unit/provider/service/systemd_spec.rb +109 -36
  317. data/spec/unit/provider/service/windows_spec.rb +20 -0
  318. data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
  319. data/spec/unit/provider/user/hpux_spec.rb +2 -2
  320. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  321. data/spec/unit/provider/user/pw_spec.rb +37 -0
  322. data/spec/unit/provider/user/useradd_spec.rb +122 -15
  323. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  324. data/spec/unit/puppet_pal_2pec.rb +3 -0
  325. data/spec/unit/resource_spec.rb +26 -1
  326. data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
  327. data/spec/unit/ssl/certificate_spec.rb +7 -0
  328. data/spec/unit/test/test_helper_spec.rb +17 -0
  329. data/spec/unit/transaction_spec.rb +18 -0
  330. data/spec/unit/type/exec_spec.rb +15 -12
  331. data/spec/unit/type/file/content_spec.rb +9 -3
  332. data/spec/unit/type/file/source_spec.rb +4 -4
  333. data/spec/unit/type/file_spec.rb +9 -4
  334. data/spec/unit/type/package_spec.rb +8 -0
  335. data/spec/unit/type/schedule_spec.rb +3 -1
  336. data/spec/unit/type/selboolean_spec.rb +4 -6
  337. data/spec/unit/type/service_spec.rb +25 -8
  338. data/spec/unit/type/user_spec.rb +32 -26
  339. data/spec/unit/type/yumrepo_spec.rb +30 -0
  340. data/spec/unit/type_spec.rb +40 -0
  341. data/spec/unit/util/execution_spec.rb +16 -0
  342. data/spec/unit/util/http_proxy_spec.rb +121 -1
  343. data/spec/unit/util/log/destinations_spec.rb +2 -26
  344. data/spec/unit/util/log_spec.rb +0 -112
  345. data/spec/unit/util/logging_spec.rb +200 -0
  346. data/spec/unit/util/pidlock_spec.rb +67 -40
  347. data/spec/unit/util/plist_spec.rb +20 -0
  348. data/spec/unit/util/windows/adsi_spec.rb +55 -4
  349. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  350. data/spec/unit/util/windows/service_spec.rb +9 -0
  351. data/spec/unit/util/windows/sid_spec.rb +2 -2
  352. data/tasks/manpages.rake +1 -0
  353. metadata +16 -11
  354. data/ext/windows/eventlog/Rakefile +0 -32
  355. data/ext/windows/eventlog/puppetres.dll +0 -0
  356. data/ext/windows/eventlog/puppetres.mc +0 -18
  357. data/lib/puppet/pops/loader/null_loader.rb +0 -60
  358. data/locales/ja/puppet.po +0 -12114
  359. data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -46,14 +46,8 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
46
46
 
47
47
  # Determine the daemon path.
48
48
  def defpath
49
- unless @defpath
50
- ["/var/lib/service", "/etc"].each do |path|
51
- if Puppet::FileSystem.exist?(path)
52
- @defpath = path
53
- break
54
- end
55
- end
56
- raise "Could not find the daemon directory (tested [/var/lib/service,/etc])" unless @defpath
49
+ @defpath ||= ["/var/lib/service", "/etc"].find do |path|
50
+ Puppet::FileSystem.exist?(path) && FileTest.directory?(path)
57
51
  end
58
52
  @defpath
59
53
  end
@@ -65,6 +59,10 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
65
59
  # ie enabled or not
66
60
  def self.instances
67
61
  path = self.defpath
62
+ unless path
63
+ Puppet.info("#{self.name} is unsuitable because service directory is nil")
64
+ return
65
+ end
68
66
  unless FileTest.directory?(path)
69
67
  Puppet.notice "Service path #{path} does not exist"
70
68
  return
@@ -109,7 +107,9 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
109
107
  # note that this path can be overridden in the resource
110
108
  # definition
111
109
  def daemon
112
- File.join(resource[:path], resource[:name])
110
+ path = resource[:path]
111
+ raise Puppet::Error.new("#{self.class.name} must specify a path for daemon directory") unless path
112
+ File.join(path, resource[:name])
113
113
  end
114
114
 
115
115
  def status
@@ -240,12 +240,20 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
240
240
  def status
241
241
  if @resource && ((@resource[:hasstatus] == :false) || (@resource[:status]))
242
242
  return super
243
- else
244
- if @property_hash[:status].nil?
245
- :absent
243
+ elsif @property_hash[:status].nil?
244
+ # property_hash was flushed so the service changed status
245
+ service_name = @resource[:name]
246
+ # Updating services with new statuses
247
+ job_list = self.class.job_list
248
+ # if job is present in job_list, return its status
249
+ if job_list.key?(service_name)
250
+ job_list[service_name]
251
+ # if job is no longer present in job_list, it was stopped
246
252
  else
247
- @property_hash[:status]
253
+ :stopped
248
254
  end
255
+ else
256
+ @property_hash[:status]
249
257
  end
250
258
  end
251
259
 
@@ -313,7 +321,14 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
313
321
  job_plist_disabled = nil
314
322
  overrides_disabled = nil
315
323
 
316
- _, job_plist = plist_from_label(resource[:name])
324
+ begin
325
+ _, job_plist = plist_from_label(resource[:name])
326
+ rescue Puppet::Error => err
327
+ # if job does not exist, log the error and return false as on other platforms
328
+ Puppet.log_exception(err)
329
+ return :false
330
+ end
331
+
317
332
  job_plist_disabled = job_plist["Disabled"] if job_plist.has_key?("Disabled")
318
333
 
319
334
  if FileTest.file?(self.class.launchd_overrides) and overrides = self.class.read_overrides
@@ -79,7 +79,7 @@ Puppet::Type.type(:service).provide :openbsd, :parent => :init do
79
79
  def running?
80
80
  output = execute([command(:rcctl), "check", @resource[:name]],
81
81
  :failonfail => false, :combine => false, :squelch => false).chomp
82
- return true if output.match(/\(ok\)/)
82
+ return true if output =~ /\(ok\)/
83
83
  end
84
84
 
85
85
  # Uses the wrapper to prevent failure when the service is not running;
@@ -17,7 +17,7 @@ Puppet::Type.type(:service).provide :rcng, :parent => :bsd do
17
17
  if Puppet::FileSystem.exist?(rcfile)
18
18
  File.open(rcfile).readlines.each do |line|
19
19
  # Now look for something that looks like "service=${service:=YES}" or "service=YES"
20
- if line.match(/^\s*#{@resource[:name]}=(?:YES|\${#{@resource[:name]}:=YES})/)
20
+ if line =~ /^\s*#{@resource[:name]}=(?:YES|\${#{@resource[:name]}:=YES})/
21
21
  return :true
22
22
  end
23
23
  end
@@ -34,7 +34,7 @@ Puppet::Type.type(:service).provide :rcng, :parent => :bsd do
34
34
  if Puppet::FileSystem.exist?(rcfile)
35
35
  newcontents = []
36
36
  File.open(rcfile).readlines.each do |line|
37
- if line.match(/^\s*#{@resource[:name]}=(NO|\$\{#{@resource[:name]}:NO\})/)
37
+ if line =~ /^\s*#{@resource[:name]}=(NO|\$\{#{@resource[:name]}:NO\})/
38
38
  line = "#{@resource[:name]}=${#{@resource[:name]}:=YES}"
39
39
  end
40
40
  newcontents.push(line)
@@ -40,14 +40,8 @@ Puppet::Type.type(:service).provide :runit, :parent => :daemontools do
40
40
  # this is necessary to autodetect a valid resource
41
41
  # default path, since there is no standard for such directory.
42
42
  def defpath
43
- unless @defpath
44
- ["/etc/sv", "/var/lib/service"].each do |path|
45
- if Puppet::FileSystem.exist?(path)
46
- @defpath = path
47
- break
48
- end
49
- end
50
- raise "Could not find the daemon directory (tested [/etc/sv,/var/lib/service])" unless @defpath
43
+ @defpath ||= ["/var/lib/service", "/etc/sv"].find do |path|
44
+ Puppet::FileSystem.exist?(path) && FileTest.directory?(path)
51
45
  end
52
46
  @defpath
53
47
  end
@@ -1,5 +1,7 @@
1
1
  # Manage systemd services using systemctl
2
2
 
3
+ require 'puppet/file_system'
4
+
3
5
  Puppet::Type.type(:service).provide :systemd, :parent => :base do
4
6
  desc "Manages `systemd` services using `systemctl`.
5
7
 
@@ -9,14 +11,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
9
11
 
10
12
  commands :systemctl => "systemctl"
11
13
 
12
- if Facter.value(:osfamily).downcase == 'debian'
13
- # With multiple init systems on Debian, it is possible to have
14
- # pieces of systemd around (e.g. systemctl) but not really be
15
- # using systemd. We do not do this on other platforms as it can
16
- # cause issues when running in a chroot without /run mounted
17
- # (PUP-5577)
18
- confine :exists => "/run/systemd/system"
19
- end
14
+ confine :true => Puppet::FileSystem.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd')
20
15
 
21
16
  defaultfor :osfamily => [:archlinux]
22
17
  defaultfor :osfamily => :redhat, :operatingsystemmajrelease => ["7", "8"]
@@ -24,14 +19,15 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
24
19
  defaultfor :osfamily => :suse
25
20
  defaultfor :osfamily => :coreos
26
21
  defaultfor :operatingsystem => :amazon, :operatingsystemmajrelease => ["2"]
27
- defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ["8", "stretch/sid", "9", "buster/sid"]
28
- defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["15.04","15.10","16.04","16.10","17.04","17.10","18.04"]
22
+ defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ["8", "stretch/sid", "9", "buster/sid", "10", "bullseye/sid"]
23
+ defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["15.04","15.10","16.04","16.10","17.04","17.10","18.04","18.10","19.04","19.10","20.04"]
29
24
  defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ["3"]
30
25
 
31
26
  def self.instances
32
27
  i = []
33
28
  output = systemctl('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager')
34
- output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect)\s*$/i).each do |m|
29
+ output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad|static)\s*$/i).each do |m|
30
+ Puppet.debug("#{m[0]} marked as bad by `systemctl`. It is recommended to be further checked.") if m[1] == "bad"
35
31
  i << new(:name => m[0])
36
32
  end
37
33
  return i
@@ -39,13 +35,29 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
39
35
  return []
40
36
  end
41
37
 
38
+ # Static services cannot be enabled or disabled manually. Indirect services
39
+ # should not be enabled or disabled due to limitations in systemd (see
40
+ # https://github.com/systemd/systemd/issues/6681).
41
+ def enabled_insync?(current)
42
+ case cached_enabled?[:output]
43
+ when 'static'
44
+ Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
45
+ return true
46
+ when 'indirect'
47
+ Puppet.debug("Service #{@resource[:name]} is in 'indirect' state and cannot be enabled/disabled")
48
+ return true
49
+ else
50
+ current == @resource[:enable]
51
+ end
52
+ end
53
+
42
54
  # This helper ensures that the enable state cache is always reset
43
55
  # after a systemctl enable operation. A particular service state is not guaranteed
44
56
  # after such an operation, so the cache must be emptied to prevent inconsistencies
45
57
  # in the provider's believed state of the service and the actual state.
46
58
  # @param action [String,Symbol] One of 'enable', 'disable', 'mask' or 'unmask'
47
59
  def systemctl_change_enable(action)
48
- output = systemctl(action, @resource[:name])
60
+ output = systemctl(action, '--', @resource[:name])
49
61
  rescue
50
62
  raise Puppet::Error, "Could not #{action} #{self.name}: #{output}", $!.backtrace
51
63
  ensure
@@ -58,7 +70,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
58
70
 
59
71
  def get_start_link_count
60
72
  # Start links don't include '.service'. Just search for the service name.
61
- if @resource[:name].match(/\.service/)
73
+ if @resource[:name] =~ /\.service/
62
74
  link_name = @resource[:name].split('.')[0]
63
75
  else
64
76
  link_name = @resource[:name]
@@ -69,13 +81,14 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
69
81
 
70
82
  def cached_enabled?
71
83
  return @cached_enabled if @cached_enabled
72
- cmd = [command(:systemctl), 'is-enabled', @resource[:name]]
73
- @cached_enabled = execute(cmd, :failonfail => false).strip
84
+ cmd = [command(:systemctl), 'is-enabled', '--', @resource[:name]]
85
+ result = execute(cmd, :failonfail => false)
86
+ @cached_enabled = { output: result.chomp, exitcode: result.exitstatus }
74
87
  end
75
88
 
76
89
  def enabled?
77
- output = cached_enabled?
78
- code = $CHILD_STATUS.exitstatus
90
+ output = cached_enabled?[:output]
91
+ code = cached_enabled?[:exitcode]
79
92
 
80
93
  # The masked state is equivalent to the disabled state in terms of
81
94
  # comparison so we only care to check if it is masked if we want to keep
@@ -88,7 +101,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
88
101
  # The indirect state indicates that the unit is not enabled.
89
102
  return :false if output == 'indirect'
90
103
  return :true if (code == 0)
91
- if (output.empty?) && (code > 0) && (Facter.value(:osfamily).downcase == 'debian')
104
+ if (output.empty?) && (code > 0) && (Facter.value(:osfamily).casecmp('debian').zero?)
92
105
  ret = debian_enabled?
93
106
  return ret if ret
94
107
  end
@@ -136,20 +149,20 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
136
149
  end
137
150
 
138
151
  def restartcmd
139
- [command(:systemctl), "restart", @resource[:name]]
152
+ [command(:systemctl), "restart", '--', @resource[:name]]
140
153
  end
141
154
 
142
155
  def startcmd
143
156
  self.unmask
144
- [command(:systemctl), "start", @resource[:name]]
157
+ [command(:systemctl), "start", '--', @resource[:name]]
145
158
  end
146
159
 
147
160
  def stopcmd
148
- [command(:systemctl), "stop", @resource[:name]]
161
+ [command(:systemctl), "stop", '--', @resource[:name]]
149
162
  end
150
163
 
151
164
  def statuscmd
152
- [command(:systemctl), "is-active", @resource[:name]]
165
+ [command(:systemctl), "is-active", '--', @resource[:name]]
153
166
  end
154
167
 
155
168
  def restart
@@ -34,6 +34,12 @@ Puppet::Type.type(:service).provide :windows, :parent => :service do
34
34
  raise Puppet::Error.new(_("Cannot enable %{resource_name} for manual start, error was: %{detail}") % { resource_name: @resource[:name], detail: detail }, detail )
35
35
  end
36
36
 
37
+ def delayed_start
38
+ Puppet::Util::Windows::Service.set_startup_mode( @resource[:name], :SERVICE_AUTO_START, true )
39
+ rescue => detail
40
+ raise Puppet::Error.new(_("Cannot enable %{resource_name} for delayed start, error was: %{detail}") % { resource_name: @resource[:name], detail: detail }, detail )
41
+ end
42
+
37
43
  def enabled?
38
44
  return :false unless Puppet::Util::Windows::Service.exists?(@resource[:name])
39
45
 
@@ -46,6 +52,8 @@ Puppet::Type.type(:service).provide :windows, :parent => :service do
46
52
  :true
47
53
  when :SERVICE_DEMAND_START
48
54
  :manual
55
+ when :SERVICE_DELAYED_AUTO_START
56
+ :delayed
49
57
  when :SERVICE_DISABLED
50
58
  :false
51
59
  else
@@ -386,7 +386,7 @@ Puppet::Type.type(:user).provide :directoryservice do
386
386
  if (Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.7') > 0)
387
387
  assert_full_pbkdf2_password
388
388
 
389
- sleep 2
389
+ sleep 3
390
390
  flush_dscl_cache
391
391
  users_plist = get_users_plist(@resource.name)
392
392
  shadow_hash_data = get_shadow_hash_data(users_plist)
@@ -403,7 +403,7 @@ Puppet::Type.type(:user).provide :directoryservice do
403
403
  if (Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.7') > 0)
404
404
  assert_full_pbkdf2_password
405
405
 
406
- sleep 2
406
+ sleep 3
407
407
  flush_dscl_cache
408
408
  users_plist = get_users_plist(@resource.name)
409
409
  shadow_hash_data = get_shadow_hash_data(users_plist)
@@ -434,8 +434,8 @@ Puppet::Type.type(:user).provide :directoryservice do
434
434
  ['home', 'uid', 'gid', 'comment', 'shell'].each do |setter_method|
435
435
  define_method("#{setter_method}=") do |value|
436
436
  if @property_hash[setter_method.intern]
437
- if self.class.get_os_version == '10.14' && %w(home uid).include?(setter_method)
438
- raise Puppet::Error, "OS X version 10\.14 does not allow changing #{setter_method} using puppet"
437
+ if self.class.get_os_version.split('.').last.to_i >= 14 && %w(home uid).include?(setter_method)
438
+ raise Puppet::Error, "OS X version #{self.class.get_os_version} does not allow changing #{setter_method} using puppet"
439
439
  end
440
440
  begin
441
441
  dscl '.', '-change', "/Users/#{resource.name}", self.class.ns_to_ds_attribute_map[setter_method.intern], @property_hash[setter_method.intern], value
@@ -503,7 +503,7 @@ Puppet::Type.type(:user).provide :directoryservice do
503
503
  def next_system_id(min_id=20)
504
504
  dscl_output = dscl '.', '-list', '/Users', 'uid'
505
505
  # We're ok with throwing away negative uids here. Also, remove nil values.
506
- user_ids = dscl_output.split.compact.collect { |l| l.to_i if l.match(/^\d+$/) }
506
+ user_ids = dscl_output.split.compact.collect { |l| l.to_i if l =~ /^\d+$/ }
507
507
  ids = user_ids.compact!.sort! { |a,b| a.to_f <=> b.to_f }
508
508
  # We're just looking for an unused id in our sorted array.
509
509
  ids.each_index do |i|
@@ -571,7 +571,32 @@ Puppet::Type.type(:user).provide :directoryservice do
571
571
  else
572
572
  users_plist['ShadowHashData'] = [binary_plist]
573
573
  end
574
- write_users_plist_to_disk(users_plist)
574
+ if Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.15') < 0
575
+ write_users_plist_to_disk(users_plist)
576
+ else
577
+ write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
578
+ end
579
+ end
580
+
581
+ # This method writes the ShadowHashData plist in a temporary file,
582
+ # then imports it using dsimport. macOS versions 10.15 and newer do
583
+ # not support directly managing binary plists, so we have to use an
584
+ # intermediary.
585
+ # dsimport is an archaic utilitary with hard-to-find documentation
586
+ #
587
+ # See http://web.archive.org/web/20090106120111/http://support.apple.com/kb/TA21305?viewlocale=en_US
588
+ # for information regarding the dsimport syntax
589
+ def write_and_import_shadow_hash_data(data_plist)
590
+ Tempfile.create("dsimport_#{@resource.name}", :encoding => Encoding::ASCII) do |dsimport_file|
591
+ dsimport_file.write <<-DSIMPORT
592
+ 0x0A 0x5C 0x3A 0x2C dsRecTypeStandard:Users 2 dsAttrTypeStandard:RecordName base64:dsAttrTypeNative:ShadowHashData
593
+ #{@resource.name}:#{Base64.strict_encode64(data_plist)}
594
+ DSIMPORT
595
+ dsimport_file.flush
596
+ # Delete the user's existing ShadowHashData, since dsimport appends, not replaces
597
+ dscl('.', 'delete', "/Users/#{@resource.name}", 'ShadowHashData')
598
+ dsimport(dsimport_file.path, '/Local/Default', 'M')
599
+ end
575
600
  end
576
601
 
577
602
  # This method accepts an argument of a hex password hash, and base64
@@ -29,7 +29,7 @@ Puppet::Type.type(:user).provide :hpuxuseradd, :parent => :useradd do
29
29
 
30
30
  def modifycmd(param,value)
31
31
  cmd = super(param, value)
32
- cmd << "-F"
32
+ cmd.insert(1,"-F")
33
33
  if trusted then
34
34
  # Append an additional command to reset the password age to 0
35
35
  # until a workaround with expiry module can be found for trusted
@@ -66,11 +66,11 @@ Puppet::Type.type(:user).provide :pw, :parent => Puppet::Provider::NameService::
66
66
 
67
67
  # use pw to update password hash
68
68
  def password=(cryptopw)
69
- Puppet.debug "change password for user '#{@resource[:name]}' method called with hash '#{cryptopw}'"
69
+ Puppet.debug "change password for user '#{@resource[:name]}' method called with hash [redacted]"
70
70
  stdin, _, _ = Open3.popen3("pw user mod #{@resource[:name]} -H 0")
71
71
  stdin.puts(cryptopw)
72
72
  stdin.close
73
- Puppet.debug "finished password for user '#{@resource[:name]}' method called with hash '#{cryptopw}'"
73
+ Puppet.debug "finished password for user '#{@resource[:name]}' method called with hash [redacted]"
74
74
  end
75
75
 
76
76
  # get password from /etc/master.passwd
@@ -78,10 +78,19 @@ Puppet::Type.type(:user).provide :pw, :parent => Puppet::Provider::NameService::
78
78
  Puppet.debug "checking password for user '#{@resource[:name]}' method called"
79
79
  current_passline = `getent passwd #{@resource[:name]}`
80
80
  current_password = current_passline.chomp.split(':')[1] if current_passline
81
- Puppet.debug "finished password for user '#{@resource[:name]}' method called : '#{current_password}'"
81
+ Puppet.debug "finished password for user '#{@resource[:name]}' method called : [redacted]"
82
82
  current_password
83
83
  end
84
84
 
85
+ def has_sensitive_data?(property = nil)
86
+ #Check for sensitive values?
87
+ properties = property ? [property] : Puppet::Type.type(:user).validproperties
88
+ properties.any? do |prop|
89
+ p = @resource.parameter(prop)
90
+ p && p.respond_to?(:is_sensitive) && p.is_sensitive
91
+ end
92
+ end
93
+
85
94
  # Get expiry from system and convert to Puppet-style date
86
95
  def expiry
87
96
  expiry = self.get(:expiry)
@@ -36,7 +36,7 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
36
36
  has_features :manages_homedir, :allows_duplicates, :manages_solaris_rbac, :manages_passwords, :manages_password_age, :manages_shell
37
37
 
38
38
  def check_valid_shell
39
- unless File.exists?(@resource.should(:shell))
39
+ unless File.exist?(@resource.should(:shell))
40
40
  raise(Puppet::Error, "Shell #{@resource.should(:shell)} must exist")
41
41
  end
42
42
  unless File.executable?(@resource.should(:shell).to_s)
@@ -202,6 +202,10 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
202
202
  shadow_entry[5].empty? ? -1 : shadow_entry[5]
203
203
  end
204
204
 
205
+ def has_sensitive_data?(property = nil)
206
+ false
207
+ end
208
+
205
209
  # Read in /etc/shadow, find the line for our used and rewrite it with the
206
210
  # new pw. Smooth like 80 grit sandpaper.
207
211
  #
@@ -21,7 +21,11 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
21
21
  options :expiry, :method => :sp_expire,
22
22
  :munge => proc { |value|
23
23
  if value == :absent
24
- ''
24
+ if Facter.value(:operatingsystem)=='SLES' && Facter.value(:operatingsystemmajrelease) == "11"
25
+ -1
26
+ else
27
+ ''
28
+ end
25
29
  else
26
30
  case Facter.value(:operatingsystem)
27
31
  when 'Solaris'
@@ -55,35 +59,43 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
55
59
  get(:uid)
56
60
  end
57
61
 
62
+ def comment
63
+ return localcomment if @resource.forcelocal?
64
+ get(:comment)
65
+ end
66
+
58
67
  def finduser(key, value)
59
68
  passwd_file = "/etc/passwd"
60
- passwd_keys = ['account', 'password', 'uid', 'gid', 'gecos', 'directory', 'shell']
69
+ passwd_keys = [:account, :password, :uid, :gid, :gecos, :directory, :shell]
61
70
  index = passwd_keys.index(key)
62
- File.open(passwd_file) do |f|
63
- f.each_line do |line|
64
- user = line.split(":")
65
- if user[index] == value
66
- f.close
67
- return user
68
- end
71
+ @passwd_content ||= File.read(passwd_file)
72
+ @passwd_content.each_line do |line|
73
+ user = line.split(":")
74
+ if user[index] == value
75
+ return Hash[passwd_keys.zip(user)]
69
76
  end
70
77
  end
71
78
  false
72
79
  end
73
80
 
74
81
  def local_username
75
- finduser('uid', @resource.uid)
82
+ finduser(:uid, @resource.uid)
76
83
  end
77
84
 
78
85
  def localuid
79
- user = finduser('account', resource[:name])
80
- return user[2] if user
86
+ user = finduser(:account, resource[:name])
87
+ return user[:uid] if user
81
88
  false
82
89
  end
83
90
 
91
+ def localcomment
92
+ user = finduser(:account, resource[:name])
93
+ user[:gecos]
94
+ end
95
+
84
96
  def shell=(value)
85
97
  check_valid_shell
86
- set("shell", value)
98
+ set(:shell, value)
87
99
  end
88
100
 
89
101
  verify :gid, "GID must be an integer" do |value|
@@ -106,8 +118,8 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
106
118
  # to ensure consistent behaviour of the useradd provider when
107
119
  # using both useradd and luseradd
108
120
  if (!@resource.allowdupe?) && @resource.forcelocal?
109
- if @resource.should(:uid) && finduser('uid', @resource.should(:uid).to_s)
110
- raise(Puppet::Error, "UID #{@resource.should(:uid).to_s} already exists, use allowdupe to force user creation")
121
+ if @resource.should(:uid) && finduser(:uid, @resource.should(:uid).to_s)
122
+ raise(Puppet::Error, "UID #{@resource.should(:uid)} already exists, use allowdupe to force user creation")
111
123
  end
112
124
  elsif @resource.allowdupe? && (!@resource.forcelocal?)
113
125
  return ["-o"]
@@ -116,7 +128,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
116
128
  end
117
129
 
118
130
  def check_valid_shell
119
- unless File.exists?(@resource.should(:shell))
131
+ unless File.exist?(@resource.should(:shell))
120
132
  raise(Puppet::Error, "Shell #{@resource.should(:shell)} must exist")
121
133
  end
122
134
  unless File.executable?(@resource.should(:shell).to_s)
@@ -126,10 +138,17 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
126
138
 
127
139
  def check_manage_home
128
140
  cmd = []
129
- if @resource.managehome? && (!@resource.forcelocal?)
130
- cmd << "-m"
131
- elsif (!@resource.managehome?) && Facter.value(:osfamily) == 'RedHat'
132
- cmd << "-M"
141
+ if @resource.managehome?
142
+ # libuser does not implement the -m flag
143
+ cmd << "-m" unless @resource.forcelocal?
144
+ else
145
+ osfamily = Facter.value(:osfamily)
146
+ osversion = Facter.value(:operatingsystemmajrelease).to_i
147
+ # SLES 11 uses pwdutils instead of shadow, which does not have -M
148
+ # Solaris and OpenBSD use different useradd flavors
149
+ unless osfamily =~ /Solaris|OpenBSD/ || osfamily == 'Suse' && osversion <= 11
150
+ cmd << "-M"
151
+ end
133
152
  end
134
153
  cmd
135
154
  end
@@ -147,19 +166,35 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
147
166
  # validproperties is a list of properties in undefined order
148
167
  # sort them to have a predictable command line in tests
149
168
  Puppet::Type.type(:user).validproperties.sort.each do |property|
150
- next if property == :ensure
151
- next if property_manages_password_age?(property)
152
- next if (property == :groups) && @resource.forcelocal?
153
- next if (property == :expiry) && @resource.forcelocal?
169
+ value = get_value_for_property(property)
170
+ next if value.nil?
154
171
  # the value needs to be quoted, mostly because -c might
155
172
  # have spaces in it
156
- if (value = @resource.should(property)) && (value != "")
157
- cmd << flag(property) << munge(property, value)
158
- end
173
+ cmd << flag(property) << munge(property, value)
159
174
  end
160
175
  cmd
161
176
  end
162
177
 
178
+ def get_value_for_property(property)
179
+ return nil if property == :ensure
180
+ return nil if property_manages_password_age?(property)
181
+ return nil if property == :groups and @resource.forcelocal?
182
+ return nil if property == :expiry and @resource.forcelocal?
183
+ value = @resource.should(property)
184
+ return nil if !value || value == ""
185
+
186
+ value
187
+ end
188
+
189
+ def has_sensitive_data?(property = nil)
190
+ #Check for sensitive values?
191
+ properties = property ? [property] : Puppet::Type.type(:user).validproperties
192
+ properties.any? do |prop|
193
+ p = @resource.parameter(prop)
194
+ p && p.respond_to?(:is_sensitive) && p.is_sensitive
195
+ end
196
+ end
197
+
163
198
  def addcmd
164
199
  if @resource.forcelocal?
165
200
  cmd = [command(:localadd)]