puppet 5.5.17-universal-darwin → 5.5.22-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +1 -1
- data/Gemfile +4 -5
- data/Gemfile.lock +59 -55
- data/ext/build_defaults.yaml +1 -0
- data/ext/cert_inspector +3 -3
- data/ext/puppet-test +2 -2
- data/ext/regexp_nodes/regexp_nodes.rb +4 -4
- data/ext/windows/service/daemon.rb +54 -8
- data/install.rb +6 -6
- data/lib/puppet.rb +5 -2
- data/lib/puppet/agent.rb +5 -13
- data/lib/puppet/application.rb +1 -1
- data/lib/puppet/application/agent.rb +3 -1
- data/lib/puppet/application/apply.rb +2 -2
- data/lib/puppet/application/describe.rb +3 -9
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +13 -0
- data/lib/puppet/application/lookup.rb +1 -1
- data/lib/puppet/application/script.rb +2 -2
- data/lib/puppet/configurer.rb +106 -31
- data/lib/puppet/configurer/downloader.rb +33 -16
- data/lib/puppet/daemon.rb +1 -1
- data/lib/puppet/defaults.rb +86 -40
- data/lib/puppet/error.rb +9 -1
- data/lib/puppet/external/nagios/base.rb +1 -1
- data/lib/puppet/face/ca.rb +1 -1
- data/lib/puppet/face/module/list.rb +5 -5
- data/lib/puppet/face/module/search.rb +1 -1
- data/lib/puppet/face/module/uninstall.rb +1 -1
- data/lib/puppet/face/module/upgrade.rb +1 -1
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/mount/locales.rb +1 -2
- data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
- data/lib/puppet/file_serving/mount/plugins.rb +1 -2
- data/lib/puppet/file_system.rb +0 -8
- data/lib/puppet/file_system/memory_file.rb +1 -1
- data/lib/puppet/file_system/posix.rb +3 -2
- data/lib/puppet/file_system/uniquefile.rb +4 -0
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/functions/epp.rb +4 -4
- data/lib/puppet/functions/inline_epp.rb +5 -5
- data/lib/puppet/functions/new.rb +8 -3
- data/lib/puppet/functions/reduce.rb +2 -4
- data/lib/puppet/functions/reverse_each.rb +1 -1
- data/lib/puppet/functions/step.rb +1 -1
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/graph/rb_tree_map.rb +2 -2
- data/lib/puppet/graph/simple_graph.rb +6 -5
- data/lib/puppet/indirector/catalog/compiler.rb +8 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
- data/lib/puppet/indirector/hiera.rb +6 -0
- data/lib/puppet/indirector/resource/ral.rb +1 -3
- data/lib/puppet/indirector/resource/validator.rb +1 -1
- data/lib/puppet/interface.rb +2 -1
- data/lib/puppet/loaders.rb +0 -1
- data/lib/puppet/metatype/manager.rb +1 -1
- data/lib/puppet/module.rb +1 -1
- data/lib/puppet/module_tool/applications/builder.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +1 -1
- data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
- data/lib/puppet/module_tool/metadata.rb +1 -1
- data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
- data/lib/puppet/module_tool/tar/mini.rb +1 -1
- data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
- data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
- data/lib/puppet/network/http/connection.rb +14 -12
- data/lib/puppet/network/http/pool.rb +7 -1
- data/lib/puppet/network/http/rack/rest.rb +2 -2
- data/lib/puppet/network/http/site.rb +1 -1
- data/lib/puppet/network/resolver.rb +2 -2
- data/lib/puppet/node/environment.rb +11 -3
- data/lib/puppet/parser/ast.rb +1 -1
- data/lib/puppet/parser/ast/resourceparam.rb +1 -1
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
- data/lib/puppet/parser/environment_compiler.rb +3 -0
- data/lib/puppet/parser/functions.rb +14 -10
- data/lib/puppet/parser/functions/epp.rb +3 -3
- data/lib/puppet/parser/functions/inline_epp.rb +5 -5
- data/lib/puppet/parser/resource.rb +3 -2
- data/lib/puppet/parser/resource/param.rb +6 -0
- data/lib/puppet/pops/adaptable.rb +7 -13
- data/lib/puppet/pops/adapters.rb +8 -4
- data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
- data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
- data/lib/puppet/pops/issues.rb +5 -0
- data/lib/puppet/pops/loaders.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
- data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
- data/lib/puppet/pops/merge_strategy.rb +22 -18
- data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
- data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
- data/lib/puppet/pops/parser/locator.rb +1 -1
- data/lib/puppet/pops/parser/pn_parser.rb +17 -16
- data/lib/puppet/pops/puppet_stack.rb +51 -48
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
- data/lib/puppet/pops/types/iterable.rb +34 -8
- data/lib/puppet/pops/types/p_meta_type.rb +1 -1
- data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
- data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
- data/lib/puppet/pops/types/string_converter.rb +10 -10
- data/lib/puppet/pops/types/type_calculator.rb +24 -0
- data/lib/puppet/pops/types/types.rb +3 -3
- data/lib/puppet/pops/validation/checker4_0.rb +29 -15
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
- data/lib/puppet/property.rb +1 -1
- data/lib/puppet/property/ensure.rb +1 -1
- data/lib/puppet/provider/augeas/augeas.rb +1 -1
- data/lib/puppet/provider/cron/crontab.rb +1 -1
- data/lib/puppet/provider/exec.rb +6 -2
- data/lib/puppet/provider/group/groupadd.rb +19 -19
- data/lib/puppet/provider/group/windows_adsi.rb +3 -3
- data/lib/puppet/provider/mailalias/aliases.rb +1 -1
- data/lib/puppet/provider/mount.rb +1 -1
- data/lib/puppet/provider/mount/parsed.rb +8 -8
- data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
- data/lib/puppet/provider/nameservice/pw.rb +2 -2
- data/lib/puppet/provider/package/aix.rb +17 -2
- data/lib/puppet/provider/package/apt.rb +14 -3
- data/lib/puppet/provider/package/dnfmodule.rb +141 -0
- data/lib/puppet/provider/package/dpkg.rb +16 -18
- data/lib/puppet/provider/package/fink.rb +20 -3
- data/lib/puppet/provider/package/gem.rb +4 -2
- data/lib/puppet/provider/package/openbsd.rb +14 -2
- data/lib/puppet/provider/package/pip.rb +37 -10
- data/lib/puppet/provider/package/pkg.rb +18 -5
- data/lib/puppet/provider/package/pkgdmg.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +16 -4
- data/lib/puppet/provider/package/portage.rb +4 -4
- data/lib/puppet/provider/package/puppet_gem.rb +5 -0
- data/lib/puppet/provider/package/rpm.rb +6 -6
- data/lib/puppet/provider/package/windows/package.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +28 -20
- data/lib/puppet/provider/package/zypper.rb +1 -0
- data/lib/puppet/provider/package_targetable.rb +5 -4
- data/lib/puppet/provider/parsedfile.rb +1 -1
- data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
- data/lib/puppet/provider/selmodule/semodule.rb +43 -26
- data/lib/puppet/provider/service/daemontools.rb +9 -9
- data/lib/puppet/provider/service/openbsd.rb +1 -1
- data/lib/puppet/provider/service/rcng.rb +2 -2
- data/lib/puppet/provider/service/runit.rb +2 -8
- data/lib/puppet/provider/service/systemd.rb +31 -13
- data/lib/puppet/provider/user/directoryservice.rb +31 -6
- data/lib/puppet/provider/user/hpux.rb +1 -1
- data/lib/puppet/provider/user/user_role_add.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +39 -20
- data/lib/puppet/provider/user/windows_adsi.rb +4 -5
- data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
- data/lib/puppet/reference/indirection.rb +2 -2
- data/lib/puppet/reference/metaparameter.rb +1 -3
- data/lib/puppet/reference/providers.rb +1 -1
- data/lib/puppet/reference/type.rb +3 -9
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/resource.rb +1 -1
- data/lib/puppet/resource/catalog.rb +1 -1
- data/lib/puppet/resource/type.rb +10 -1
- data/lib/puppet/settings.rb +3 -3
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/ssl/certificate.rb +2 -1
- data/lib/puppet/ssl/certificate_authority.rb +6 -5
- data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
- data/lib/puppet/ssl/certificate_factory.rb +2 -2
- data/lib/puppet/ssl/host.rb +3 -3
- data/lib/puppet/ssl/oids.rb +1 -1
- data/lib/puppet/test/test_helper.rb +20 -12
- data/lib/puppet/transaction/report.rb +1 -1
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +8 -4
- data/lib/puppet/type/cron.rb +1 -1
- data/lib/puppet/type/exec.rb +7 -3
- data/lib/puppet/type/file.rb +14 -2
- data/lib/puppet/type/file/data_sync.rb +5 -1
- data/lib/puppet/type/group.rb +4 -2
- data/lib/puppet/type/interface.rb +1 -1
- data/lib/puppet/type/notify.rb +3 -2
- data/lib/puppet/type/package.rb +97 -8
- data/lib/puppet/type/schedule.rb +1 -1
- data/lib/puppet/type/selboolean.rb +17 -3
- data/lib/puppet/type/service.rb +2 -8
- data/lib/puppet/type/user.rb +5 -9
- data/lib/puppet/util.rb +35 -12
- data/lib/puppet/util/autoload.rb +9 -7
- data/lib/puppet/util/command_line/trollop.rb +1 -1
- data/lib/puppet/util/http_proxy.rb +8 -14
- data/lib/puppet/util/instance_loader.rb +1 -1
- data/lib/puppet/util/log.rb +1 -1
- data/lib/puppet/util/log/destinations.rb +3 -12
- data/lib/puppet/util/logging.rb +30 -18
- data/lib/puppet/util/metric.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +1 -1
- data/lib/puppet/util/nagios_maker.rb +2 -2
- data/lib/puppet/util/network_device/cisco/device.rb +1 -1
- data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
- data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
- data/lib/puppet/util/pidlock.rb +12 -6
- data/lib/puppet/util/plist.rb +6 -0
- data/lib/puppet/util/provider_features.rb +2 -4
- data/lib/puppet/util/rdoc.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +1 -1
- data/lib/puppet/util/selinux.rb +3 -1
- data/lib/puppet/util/windows/adsi.rb +60 -30
- data/lib/puppet/util/windows/api_types.rb +45 -32
- data/lib/puppet/util/windows/eventlog.rb +1 -6
- data/lib/puppet/util/windows/principal.rb +8 -6
- data/lib/puppet/util/windows/process.rb +16 -15
- data/lib/puppet/util/windows/registry.rb +17 -15
- data/lib/puppet/util/windows/security.rb +1 -0
- data/lib/puppet/util/windows/sid.rb +3 -3
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet_pal.rb +2 -2
- data/locales/puppet.pot +362 -318
- data/man/man5/puppet.conf.5 +39 -9
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-ca.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-cert.8 +1 -1
- data/man/man8/puppet-certificate.8 +1 -1
- data/man/man8/puppet-certificate_request.8 +1 -1
- data/man/man8/puppet-certificate_revocation_list.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +16 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-master.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
- data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
- data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
- data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
- data/spec/integration/configurer_spec.rb +66 -0
- data/spec/integration/data_binding_spec.rb +1 -0
- data/spec/integration/defaults_spec.rb +1 -2
- data/spec/integration/faces/plugin_spec.rb +29 -47
- data/spec/integration/indirector/facts/facter_spec.rb +4 -0
- data/spec/integration/parser/compiler_spec.rb +11 -0
- data/spec/integration/type/notify_spec.rb +46 -0
- data/spec/integration/util/windows/adsi_spec.rb +6 -1
- data/spec/integration/util/windows/registry_spec.rb +7 -7
- data/spec/shared_contexts/types_setup.rb +2 -0
- data/spec/unit/agent_spec.rb +34 -26
- data/spec/unit/application/apply_spec.rb +2 -12
- data/spec/unit/configurer/downloader_spec.rb +10 -0
- data/spec/unit/configurer/fact_handler_spec.rb +0 -4
- data/spec/unit/configurer_spec.rb +430 -415
- data/spec/unit/daemon_spec.rb +0 -1
- data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
- data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
- data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
- data/spec/unit/file_system/uniquefile_spec.rb +11 -0
- data/spec/unit/forge/forge_spec.rb +1 -3
- data/spec/unit/forge/repository_spec.rb +1 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
- data/spec/unit/indirector/resource/ral_spec.rb +4 -4
- data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
- data/spec/unit/network/http/connection_spec.rb +43 -1
- data/spec/unit/network/http/pool_spec.rb +32 -0
- data/spec/unit/node_spec.rb +7 -4
- data/spec/unit/parser/environment_compiler_spec.rb +7 -0
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
- data/spec/unit/provider/exec_spec.rb +209 -0
- data/spec/unit/provider/group/groupadd_spec.rb +30 -1
- data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
- data/spec/unit/provider/package/aix_spec.rb +29 -0
- data/spec/unit/provider/package/apt_spec.rb +13 -2
- data/spec/unit/provider/package/aptitude_spec.rb +1 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
- data/spec/unit/provider/package/dpkg_spec.rb +35 -7
- data/spec/unit/provider/package/openbsd_spec.rb +17 -0
- data/spec/unit/provider/package/pip_spec.rb +93 -22
- data/spec/unit/provider/package/pkg_spec.rb +13 -1
- data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
- data/spec/unit/provider/package/pkgng_spec.rb +36 -0
- data/spec/unit/provider/package/portage_spec.rb +4 -4
- data/spec/unit/provider/package/puppet_gem_spec.rb +4 -1
- data/spec/unit/provider/package/yum_spec.rb +90 -0
- data/spec/unit/provider/package/zypper_spec.rb +13 -0
- data/spec/unit/provider/package_targetable_spec.rb +60 -0
- data/spec/unit/provider/selmodule_spec.rb +118 -47
- data/spec/unit/provider/service/daemontools_spec.rb +24 -0
- data/spec/unit/provider/service/runit_spec.rb +24 -0
- data/spec/unit/provider/service/systemd_spec.rb +109 -36
- data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
- data/spec/unit/provider/user/hpux_spec.rb +2 -2
- data/spec/unit/provider/user/openbsd_spec.rb +1 -0
- data/spec/unit/provider/user/useradd_spec.rb +81 -16
- data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
- data/spec/unit/puppet_pal_2pec.rb +3 -0
- data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
- data/spec/unit/ssl/certificate_spec.rb +7 -0
- data/spec/unit/ssl/host_spec.rb +2 -0
- data/spec/unit/test/test_helper_spec.rb +17 -0
- data/spec/unit/type/exec_spec.rb +6 -12
- data/spec/unit/type/file/content_spec.rb +9 -3
- data/spec/unit/type/file_spec.rb +9 -4
- data/spec/unit/type/package_spec.rb +8 -0
- data/spec/unit/type/selboolean_spec.rb +4 -6
- data/spec/unit/type/service_spec.rb +9 -8
- data/spec/unit/type/user_spec.rb +19 -13
- data/spec/unit/util/execution_spec.rb +16 -0
- data/spec/unit/util/http_proxy_spec.rb +97 -0
- data/spec/unit/util/log/destinations_spec.rb +2 -26
- data/spec/unit/util/log_spec.rb +0 -138
- data/spec/unit/util/logging_spec.rb +200 -0
- data/spec/unit/util/pidlock_spec.rb +67 -40
- data/spec/unit/util/plist_spec.rb +20 -0
- data/spec/unit/util/windows/adsi_spec.rb +55 -4
- data/spec/unit/util/windows/api_types_spec.rb +104 -40
- data/spec/unit/util/windows/sid_spec.rb +2 -2
- data/tasks/manpages.rake +1 -0
- metadata +16 -7
- data/lib/puppet/pops/loader/null_loader.rb +0 -60
- data/locales/ja/puppet.po +0 -12114
- data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -89,6 +89,7 @@ Puppet::Type.type(:package).provide :zypper, :parent => :rpm, :source => :rpm do
|
|
89
89
|
options = []
|
90
90
|
options << quiet
|
91
91
|
options << '--no-gpg-check' unless inst_opts.delete('--no-gpg-check').nil?
|
92
|
+
options << '--no-gpg-checks' unless inst_opts.delete('--no-gpg-checks').nil?
|
92
93
|
options << :install
|
93
94
|
|
94
95
|
#zypper 0.6.13 (OpenSuSE 10.2) does not support auto agree with licenses
|
@@ -25,24 +25,25 @@ require 'puppet/provider/package'
|
|
25
25
|
class Puppet::Provider::Package::Targetable < Puppet::Provider::Package
|
26
26
|
# Prefetch our package list, yo.
|
27
27
|
def self.prefetch(packages)
|
28
|
-
catalog_packages = packages.first
|
28
|
+
catalog_packages = packages.values.first.catalog.resources.select{ |p| p.provider.class == self }
|
29
29
|
package_commands = catalog_packages.map { |catalog_package| catalog_package::original_parameters[:command] }.uniq
|
30
30
|
package_commands.each do |command|
|
31
31
|
instances(command).each do |instance|
|
32
32
|
catalog_packages.each do |catalog_package|
|
33
|
-
if catalog_package[:name] == instance.name && catalog_package
|
33
|
+
if catalog_package[:name] == instance.name && catalog_package.original_parameters[:command] == command
|
34
34
|
catalog_package.provider = instance
|
35
|
-
self.debug "Prefetched instance: %{name} via command: %{
|
35
|
+
self.debug "Prefetched instance: %{name} via command: %{cmd}" % { name: instance.name, cmd: (command || :default) }
|
36
36
|
end
|
37
37
|
end
|
38
38
|
end
|
39
39
|
end
|
40
|
+
package_commands
|
40
41
|
end
|
41
42
|
|
42
43
|
# Returns the resource command or provider command.
|
43
44
|
|
44
45
|
def resource_or_provider_command
|
45
|
-
resource
|
46
|
+
resource.original_parameters[:command] || self.class.provider_command
|
46
47
|
end
|
47
48
|
|
48
49
|
# Targetable providers use has_command/is_optional to defer validation of provider suitability.
|
@@ -71,7 +71,7 @@ class Puppet::Provider::ParsedFile < Puppet::Provider
|
|
71
71
|
|
72
72
|
flushed = []
|
73
73
|
begin
|
74
|
-
@modified.
|
74
|
+
@modified.sort_by(&:to_s).uniq.each do |target|
|
75
75
|
Puppet.debug "Flushing #{@resource_type.name} provider target #{target}"
|
76
76
|
flushed << target
|
77
77
|
flush_target(target)
|
@@ -200,12 +200,12 @@ Puppet::Type.type(:scheduled_task).provide(:win32_taskscheduler) do
|
|
200
200
|
def user=(value)
|
201
201
|
self.fail("Invalid user: #{value}") unless Puppet::Util::Windows::SID.name_to_sid(value)
|
202
202
|
|
203
|
-
if value.to_s.
|
204
|
-
task.set_account_information(value, resource[:password])
|
205
|
-
else
|
203
|
+
if value.to_s.casecmp('system').zero?
|
206
204
|
# Win32::TaskScheduler treats a nil/empty username & password as
|
207
205
|
# requesting the SYSTEM account.
|
208
206
|
task.set_account_information(nil, nil)
|
207
|
+
else
|
208
|
+
task.set_account_information(value, resource[:password])
|
209
209
|
end
|
210
210
|
end
|
211
211
|
|
@@ -20,14 +20,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
|
|
20
20
|
|
21
21
|
def exists?
|
22
22
|
self.debug "Checking for module #{@resource[:name]}"
|
23
|
-
|
24
|
-
out.each_line do |line|
|
25
|
-
if line =~ /^#{@resource[:name]}\b/
|
26
|
-
return :true
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
nil
|
23
|
+
return selmodules_loaded.has_key?(@resource[:name])
|
31
24
|
end
|
32
25
|
|
33
26
|
def syncversion
|
@@ -35,7 +28,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
|
|
35
28
|
|
36
29
|
loadver = selmodversion_loaded
|
37
30
|
|
38
|
-
if(loadver) then
|
31
|
+
if (loadver) then
|
39
32
|
filever = selmodversion_file
|
40
33
|
if (filever == loadver)
|
41
34
|
return :true
|
@@ -44,7 +37,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
|
|
44
37
|
:false
|
45
38
|
end
|
46
39
|
|
47
|
-
def syncversion=
|
40
|
+
def syncversion=(dosync)
|
48
41
|
execoutput("#{command(:semodule)} --upgrade #{selmod_name_to_filename}")
|
49
42
|
rescue Puppet::ExecutionFailure => detail
|
50
43
|
raise Puppet::Error, "Could not upgrade policy module: #{detail}", detail.backtrace
|
@@ -52,7 +45,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
|
|
52
45
|
|
53
46
|
# Helper functions
|
54
47
|
|
55
|
-
def execoutput
|
48
|
+
def execoutput(cmd)
|
56
49
|
output = ''
|
57
50
|
begin
|
58
51
|
execpipe(cmd) do |out|
|
@@ -72,7 +65,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
|
|
72
65
|
end
|
73
66
|
end
|
74
67
|
|
75
|
-
def selmod_readnext
|
68
|
+
def selmod_readnext(handle)
|
76
69
|
len = handle.read(4).unpack('V')[0]
|
77
70
|
handle.read(len)
|
78
71
|
end
|
@@ -118,23 +111,47 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
|
|
118
111
|
end
|
119
112
|
|
120
113
|
def selmodversion_loaded
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
114
|
+
selmodules_loaded[@resource[:name]]
|
115
|
+
end
|
116
|
+
|
117
|
+
def selmodules_loaded
|
118
|
+
self.class.selmodules_loaded
|
119
|
+
end
|
120
|
+
|
121
|
+
# Extend Class
|
122
|
+
|
123
|
+
class << self
|
124
|
+
attr_accessor :loaded_modules
|
125
|
+
end
|
126
|
+
|
127
|
+
# Prefetch loaded selinux modules.
|
128
|
+
def self.prefetch(resources)
|
129
|
+
selmodules_loaded
|
130
|
+
end
|
131
|
+
|
132
|
+
def self.selmodules_loaded
|
133
|
+
if self.loaded_modules.nil?
|
134
|
+
self.debug "Fetching loaded selinux modules"
|
135
|
+
modules = {}
|
136
|
+
selmodule_cmd = "#{command(:semodule)} --list"
|
137
|
+
output = []
|
138
|
+
begin
|
139
|
+
execpipe(selmodule_cmd) do |pipe|
|
140
|
+
pipe.each_line do |line|
|
141
|
+
line.chomp!
|
142
|
+
output << line
|
143
|
+
name, version = line.split
|
144
|
+
modules[name] = version
|
132
145
|
end
|
133
146
|
end
|
147
|
+
self.loaded_modules = modules
|
148
|
+
rescue Puppet::ExecutionFailure
|
149
|
+
raise Puppet::Error,
|
150
|
+
_('Could not list policy modules: "%{selmodule_command}" failed with "%{selmod_output}"') %
|
151
|
+
{ selmodule_command: selmodule_cmd, selmod_output: output.join(' ') },
|
152
|
+
$ERROR_INFO.backtrace
|
134
153
|
end
|
135
|
-
rescue Puppet::ExecutionFailure
|
136
|
-
raise Puppet::ExecutionFailure, _("Could not list policy modules: \"%{selmodule_command}\" failed with \"%{selmod_output}\"") % { selmodule_command: selmodule_cmd, selmod_output: selmod_output.join(' ') }
|
137
154
|
end
|
138
|
-
|
155
|
+
self.loaded_modules
|
139
156
|
end
|
140
157
|
end
|
@@ -46,14 +46,8 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
|
|
46
46
|
|
47
47
|
# Determine the daemon path.
|
48
48
|
def defpath
|
49
|
-
|
50
|
-
|
51
|
-
if Puppet::FileSystem.exist?(path)
|
52
|
-
@defpath = path
|
53
|
-
break
|
54
|
-
end
|
55
|
-
end
|
56
|
-
raise "Could not find the daemon directory (tested [/var/lib/service,/etc])" unless @defpath
|
49
|
+
@defpath ||= ["/var/lib/service", "/etc"].find do |path|
|
50
|
+
Puppet::FileSystem.exist?(path) && FileTest.directory?(path)
|
57
51
|
end
|
58
52
|
@defpath
|
59
53
|
end
|
@@ -65,6 +59,10 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
|
|
65
59
|
# ie enabled or not
|
66
60
|
def self.instances
|
67
61
|
path = self.defpath
|
62
|
+
unless path
|
63
|
+
Puppet.info("#{self.name} is unsuitable because service directory is nil")
|
64
|
+
return
|
65
|
+
end
|
68
66
|
unless FileTest.directory?(path)
|
69
67
|
Puppet.notice "Service path #{path} does not exist"
|
70
68
|
return
|
@@ -109,7 +107,9 @@ Puppet::Type.type(:service).provide :daemontools, :parent => :base do
|
|
109
107
|
# note that this path can be overridden in the resource
|
110
108
|
# definition
|
111
109
|
def daemon
|
112
|
-
|
110
|
+
path = resource[:path]
|
111
|
+
raise Puppet::Error.new("#{self.class.name} must specify a path for daemon directory") unless path
|
112
|
+
File.join(path, resource[:name])
|
113
113
|
end
|
114
114
|
|
115
115
|
def status
|
@@ -79,7 +79,7 @@ Puppet::Type.type(:service).provide :openbsd, :parent => :init do
|
|
79
79
|
def running?
|
80
80
|
output = execute([command(:rcctl), "check", @resource[:name]],
|
81
81
|
:failonfail => false, :combine => false, :squelch => false).chomp
|
82
|
-
return true if output
|
82
|
+
return true if output =~ /\(ok\)/
|
83
83
|
end
|
84
84
|
|
85
85
|
# Uses the wrapper to prevent failure when the service is not running;
|
@@ -17,7 +17,7 @@ Puppet::Type.type(:service).provide :rcng, :parent => :bsd do
|
|
17
17
|
if Puppet::FileSystem.exist?(rcfile)
|
18
18
|
File.open(rcfile).readlines.each do |line|
|
19
19
|
# Now look for something that looks like "service=${service:=YES}" or "service=YES"
|
20
|
-
if line
|
20
|
+
if line =~ /^\s*#{@resource[:name]}=(?:YES|\${#{@resource[:name]}:=YES})/
|
21
21
|
return :true
|
22
22
|
end
|
23
23
|
end
|
@@ -34,7 +34,7 @@ Puppet::Type.type(:service).provide :rcng, :parent => :bsd do
|
|
34
34
|
if Puppet::FileSystem.exist?(rcfile)
|
35
35
|
newcontents = []
|
36
36
|
File.open(rcfile).readlines.each do |line|
|
37
|
-
if line
|
37
|
+
if line =~ /^\s*#{@resource[:name]}=(NO|\$\{#{@resource[:name]}:NO\})/
|
38
38
|
line = "#{@resource[:name]}=${#{@resource[:name]}:=YES}"
|
39
39
|
end
|
40
40
|
newcontents.push(line)
|
@@ -40,14 +40,8 @@ Puppet::Type.type(:service).provide :runit, :parent => :daemontools do
|
|
40
40
|
# this is necessary to autodetect a valid resource
|
41
41
|
# default path, since there is no standard for such directory.
|
42
42
|
def defpath
|
43
|
-
|
44
|
-
|
45
|
-
if Puppet::FileSystem.exist?(path)
|
46
|
-
@defpath = path
|
47
|
-
break
|
48
|
-
end
|
49
|
-
end
|
50
|
-
raise "Could not find the daemon directory (tested [/etc/sv,/var/lib/service])" unless @defpath
|
43
|
+
@defpath ||= ["/var/lib/service", "/etc/sv"].find do |path|
|
44
|
+
Puppet::FileSystem.exist?(path) && FileTest.directory?(path)
|
51
45
|
end
|
52
46
|
@defpath
|
53
47
|
end
|
@@ -20,13 +20,14 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
20
20
|
defaultfor :osfamily => :coreos
|
21
21
|
defaultfor :operatingsystem => :amazon, :operatingsystemmajrelease => ["2"]
|
22
22
|
defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ["8", "stretch/sid", "9", "buster/sid", "10", "bullseye/sid"]
|
23
|
-
defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["15.04","15.10","16.04","16.10","17.04","17.10","18.04"]
|
23
|
+
defaultfor :operatingsystem => :ubuntu, :operatingsystemmajrelease => ["15.04","15.10","16.04","16.10","17.04","17.10","18.04","18.10","19.04","19.10","20.04"]
|
24
24
|
defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ["3"]
|
25
25
|
|
26
26
|
def self.instances
|
27
27
|
i = []
|
28
28
|
output = systemctl('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager')
|
29
|
-
output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect)\s*$/i).each do |m|
|
29
|
+
output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad|static)\s*$/i).each do |m|
|
30
|
+
Puppet.debug("#{m[0]} marked as bad by `systemctl`. It is recommended to be further checked.") if m[1] == "bad"
|
30
31
|
i << new(:name => m[0])
|
31
32
|
end
|
32
33
|
return i
|
@@ -34,13 +35,29 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
34
35
|
return []
|
35
36
|
end
|
36
37
|
|
38
|
+
# Static services cannot be enabled or disabled manually. Indirect services
|
39
|
+
# should not be enabled or disabled due to limitations in systemd (see
|
40
|
+
# https://github.com/systemd/systemd/issues/6681).
|
41
|
+
def enabled_insync?(current)
|
42
|
+
case cached_enabled?[:output]
|
43
|
+
when 'static'
|
44
|
+
Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
|
45
|
+
return true
|
46
|
+
when 'indirect'
|
47
|
+
Puppet.debug("Service #{@resource[:name]} is in 'indirect' state and cannot be enabled/disabled")
|
48
|
+
return true
|
49
|
+
else
|
50
|
+
current == @resource[:enable]
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
37
54
|
# This helper ensures that the enable state cache is always reset
|
38
55
|
# after a systemctl enable operation. A particular service state is not guaranteed
|
39
56
|
# after such an operation, so the cache must be emptied to prevent inconsistencies
|
40
57
|
# in the provider's believed state of the service and the actual state.
|
41
58
|
# @param action [String,Symbol] One of 'enable', 'disable', 'mask' or 'unmask'
|
42
59
|
def systemctl_change_enable(action)
|
43
|
-
output = systemctl(action, @resource[:name])
|
60
|
+
output = systemctl(action, '--', @resource[:name])
|
44
61
|
rescue
|
45
62
|
raise Puppet::Error, "Could not #{action} #{self.name}: #{output}", $!.backtrace
|
46
63
|
ensure
|
@@ -53,7 +70,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
53
70
|
|
54
71
|
def get_start_link_count
|
55
72
|
# Start links don't include '.service'. Just search for the service name.
|
56
|
-
if @resource[:name]
|
73
|
+
if @resource[:name] =~ /\.service/
|
57
74
|
link_name = @resource[:name].split('.')[0]
|
58
75
|
else
|
59
76
|
link_name = @resource[:name]
|
@@ -64,13 +81,14 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
64
81
|
|
65
82
|
def cached_enabled?
|
66
83
|
return @cached_enabled if @cached_enabled
|
67
|
-
cmd = [command(:systemctl), 'is-enabled', @resource[:name]]
|
68
|
-
|
84
|
+
cmd = [command(:systemctl), 'is-enabled', '--', @resource[:name]]
|
85
|
+
result = execute(cmd, :failonfail => false)
|
86
|
+
@cached_enabled = { output: result.chomp, exitcode: result.exitstatus }
|
69
87
|
end
|
70
88
|
|
71
89
|
def enabled?
|
72
|
-
output = cached_enabled?
|
73
|
-
code =
|
90
|
+
output = cached_enabled?[:output]
|
91
|
+
code = cached_enabled?[:exitcode]
|
74
92
|
|
75
93
|
# The masked state is equivalent to the disabled state in terms of
|
76
94
|
# comparison so we only care to check if it is masked if we want to keep
|
@@ -83,7 +101,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
83
101
|
# The indirect state indicates that the unit is not enabled.
|
84
102
|
return :false if output == 'indirect'
|
85
103
|
return :true if (code == 0)
|
86
|
-
if (output.empty?) && (code > 0) && (Facter.value(:osfamily).
|
104
|
+
if (output.empty?) && (code > 0) && (Facter.value(:osfamily).casecmp('debian').zero?)
|
87
105
|
ret = debian_enabled?
|
88
106
|
return ret if ret
|
89
107
|
end
|
@@ -131,20 +149,20 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
131
149
|
end
|
132
150
|
|
133
151
|
def restartcmd
|
134
|
-
[command(:systemctl), "restart", @resource[:name]]
|
152
|
+
[command(:systemctl), "restart", '--', @resource[:name]]
|
135
153
|
end
|
136
154
|
|
137
155
|
def startcmd
|
138
156
|
self.unmask
|
139
|
-
[command(:systemctl), "start", @resource[:name]]
|
157
|
+
[command(:systemctl), "start", '--', @resource[:name]]
|
140
158
|
end
|
141
159
|
|
142
160
|
def stopcmd
|
143
|
-
[command(:systemctl), "stop", @resource[:name]]
|
161
|
+
[command(:systemctl), "stop", '--', @resource[:name]]
|
144
162
|
end
|
145
163
|
|
146
164
|
def statuscmd
|
147
|
-
[command(:systemctl), "is-active", @resource[:name]]
|
165
|
+
[command(:systemctl), "is-active", '--', @resource[:name]]
|
148
166
|
end
|
149
167
|
|
150
168
|
def restart
|
@@ -386,7 +386,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
386
386
|
if (Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.7') > 0)
|
387
387
|
assert_full_pbkdf2_password
|
388
388
|
|
389
|
-
sleep
|
389
|
+
sleep 3
|
390
390
|
flush_dscl_cache
|
391
391
|
users_plist = get_users_plist(@resource.name)
|
392
392
|
shadow_hash_data = get_shadow_hash_data(users_plist)
|
@@ -403,7 +403,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
403
403
|
if (Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.7') > 0)
|
404
404
|
assert_full_pbkdf2_password
|
405
405
|
|
406
|
-
sleep
|
406
|
+
sleep 3
|
407
407
|
flush_dscl_cache
|
408
408
|
users_plist = get_users_plist(@resource.name)
|
409
409
|
shadow_hash_data = get_shadow_hash_data(users_plist)
|
@@ -434,8 +434,8 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
434
434
|
['home', 'uid', 'gid', 'comment', 'shell'].each do |setter_method|
|
435
435
|
define_method("#{setter_method}=") do |value|
|
436
436
|
if @property_hash[setter_method.intern]
|
437
|
-
if self.class.get_os_version
|
438
|
-
raise Puppet::Error, "OS X version
|
437
|
+
if self.class.get_os_version.split('.').last.to_i >= 14 && %w(home uid).include?(setter_method)
|
438
|
+
raise Puppet::Error, "OS X version #{self.class.get_os_version} does not allow changing #{setter_method} using puppet"
|
439
439
|
end
|
440
440
|
begin
|
441
441
|
dscl '.', '-change', "/Users/#{resource.name}", self.class.ns_to_ds_attribute_map[setter_method.intern], @property_hash[setter_method.intern], value
|
@@ -503,7 +503,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
503
503
|
def next_system_id(min_id=20)
|
504
504
|
dscl_output = dscl '.', '-list', '/Users', 'uid'
|
505
505
|
# We're ok with throwing away negative uids here. Also, remove nil values.
|
506
|
-
user_ids = dscl_output.split.compact.collect { |l| l.to_i if l
|
506
|
+
user_ids = dscl_output.split.compact.collect { |l| l.to_i if l =~ /^\d+$/ }
|
507
507
|
ids = user_ids.compact!.sort! { |a,b| a.to_f <=> b.to_f }
|
508
508
|
# We're just looking for an unused id in our sorted array.
|
509
509
|
ids.each_index do |i|
|
@@ -571,7 +571,32 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
571
571
|
else
|
572
572
|
users_plist['ShadowHashData'] = [binary_plist]
|
573
573
|
end
|
574
|
-
|
574
|
+
if Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.15') < 0
|
575
|
+
write_users_plist_to_disk(users_plist)
|
576
|
+
else
|
577
|
+
write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
|
578
|
+
end
|
579
|
+
end
|
580
|
+
|
581
|
+
# This method writes the ShadowHashData plist in a temporary file,
|
582
|
+
# then imports it using dsimport. macOS versions 10.15 and newer do
|
583
|
+
# not support directly managing binary plists, so we have to use an
|
584
|
+
# intermediary.
|
585
|
+
# dsimport is an archaic utilitary with hard-to-find documentation
|
586
|
+
#
|
587
|
+
# See http://web.archive.org/web/20090106120111/http://support.apple.com/kb/TA21305?viewlocale=en_US
|
588
|
+
# for information regarding the dsimport syntax
|
589
|
+
def write_and_import_shadow_hash_data(data_plist)
|
590
|
+
Tempfile.create("dsimport_#{@resource.name}", :encoding => Encoding::ASCII) do |dsimport_file|
|
591
|
+
dsimport_file.write <<-DSIMPORT
|
592
|
+
0x0A 0x5C 0x3A 0x2C dsRecTypeStandard:Users 2 dsAttrTypeStandard:RecordName base64:dsAttrTypeNative:ShadowHashData
|
593
|
+
#{@resource.name}:#{Base64.strict_encode64(data_plist)}
|
594
|
+
DSIMPORT
|
595
|
+
dsimport_file.flush
|
596
|
+
# Delete the user's existing ShadowHashData, since dsimport appends, not replaces
|
597
|
+
dscl('.', 'delete', "/Users/#{@resource.name}", 'ShadowHashData')
|
598
|
+
dsimport(dsimport_file.path, '/Local/Default', 'M')
|
599
|
+
end
|
575
600
|
end
|
576
601
|
|
577
602
|
# This method accepts an argument of a hex password hash, and base64
|
@@ -29,7 +29,7 @@ Puppet::Type.type(:user).provide :hpuxuseradd, :parent => :useradd do
|
|
29
29
|
|
30
30
|
def modifycmd(param,value)
|
31
31
|
cmd = super(param, value)
|
32
|
-
cmd
|
32
|
+
cmd.insert(1,"-F")
|
33
33
|
if trusted then
|
34
34
|
# Append an additional command to reset the password age to 0
|
35
35
|
# until a workaround with expiry module can be found for trusted
|