puppet 6.0.5-x64-mingw32 → 6.0.7-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +30 -0
- data/Gemfile.lock +14 -14
- data/lib/puppet.rb +4 -4
- data/lib/puppet/application.rb +1 -1
- data/lib/puppet/application/filebucket.rb +6 -1
- data/lib/puppet/configurer.rb +6 -6
- data/lib/puppet/confine/boolean.rb +45 -0
- data/lib/puppet/confine/false.rb +7 -1
- data/lib/puppet/confine/true.rb +7 -1
- data/lib/puppet/defaults.rb +21 -29
- data/lib/puppet/functions/call.rb +2 -1
- data/lib/puppet/network/http/connection.rb +15 -5
- data/lib/puppet/pops/issues.rb +4 -0
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +60 -4
- data/lib/puppet/pops/model/factory.rb +38 -4
- data/lib/puppet/pops/parser/egrammar.ra +2 -2
- data/lib/puppet/pops/parser/heredoc_support.rb +17 -7
- data/lib/puppet/pops/parser/lexer2.rb +6 -1
- data/lib/puppet/pops/parser/locator.rb +106 -86
- data/lib/puppet/pops/parser/parser_support.rb +11 -2
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/provider/file/windows.rb +49 -1
- data/lib/puppet/provider/group/windows_adsi.rb +4 -1
- data/lib/puppet/provider/package/windows.rb +5 -1
- data/lib/puppet/provider/service/upstart.rb +16 -6
- data/lib/puppet/settings.rb +10 -5
- data/lib/puppet/transaction.rb +8 -6
- data/lib/puppet/transaction/resource_harness.rb +1 -0
- data/lib/puppet/type/exec.rb +27 -5
- data/lib/puppet/type/file/mode.rb +6 -1
- data/lib/puppet/type/filebucket.rb +12 -8
- data/lib/puppet/util/command_line.rb +5 -1
- data/lib/puppet/util/log.rb +7 -2
- data/lib/puppet/util/pidlock.rb +14 -1
- data/lib/puppet/util/windows/process.rb +73 -5
- data/lib/puppet/util/windows/security.rb +29 -8
- data/lib/puppet/version.rb +1 -1
- data/locales/ja/puppet.po +149 -132
- data/locales/puppet.pot +197 -148
- data/man/man5/puppet.conf.5 +14 -6
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +6 -2
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load2.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load3.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load4.rb +11 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/bad_func_load5.rb +12 -0
- data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/good_func_load.rb +9 -0
- data/spec/integration/provider/file/windows_spec.rb +162 -0
- data/spec/integration/type/file_spec.rb +0 -19
- data/spec/unit/application_spec.rb +8 -1
- data/spec/unit/configurer_spec.rb +6 -7
- data/spec/unit/confine/false_spec.rb +27 -0
- data/spec/unit/confine/true_spec.rb +27 -0
- data/spec/unit/defaults_spec.rb +0 -14
- data/spec/unit/network/http/connection_spec.rb +1 -1
- data/spec/unit/pops/loaders/loaders_spec.rb +70 -3
- data/spec/unit/pops/parser/locator_spec.rb +45 -0
- data/spec/unit/pops/parser/parse_heredoc_spec.rb +111 -15
- data/spec/unit/pops/types/type_mismatch_describer_spec.rb +9 -0
- data/spec/unit/provider/group/windows_adsi_spec.rb +7 -1
- data/spec/unit/provider/package/windows_spec.rb +12 -1
- data/spec/unit/provider/service/systemd_spec.rb +7 -5
- data/spec/unit/settings_spec.rb +36 -0
- data/spec/unit/transaction/resource_harness_spec.rb +26 -0
- data/spec/unit/transaction_spec.rb +29 -0
- data/spec/unit/type/exec_spec.rb +47 -0
- data/spec/unit/type/filebucket_spec.rb +8 -6
- data/spec/unit/util/command_line_spec.rb +23 -2
- data/spec/unit/util/execution_spec.rb +2 -2
- data/spec/unit/util/log_spec.rb +15 -0
- data/spec/unit/util/pidlock_spec.rb +21 -1
- data/spec/unit/util/storage_spec.rb +19 -19
- metadata +16 -3
- data/MAINTAINERS +0 -47
data/man/man5/puppet.conf.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPETCONF" "5" "
|
4
|
+
.TH "PUPPETCONF" "5" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
\fBThis page is autogenerated; any changes will get overwritten\fR
|
6
6
|
.
|
7
7
|
.SH "Configuration settings"
|
@@ -237,16 +237,16 @@ The certificate directory\.
|
|
237
237
|
Whether certificate revocation checking should be enabled, and what level of checking should be performed\.
|
238
238
|
.
|
239
239
|
.P
|
240
|
-
When certificate revocation is enabled Puppet expects the contents of its CRL to be one or more PEM
|
240
|
+
When certificate revocation is enabled, Puppet expects the contents of its CRL to be one or more PEM\-encoded CRLs concatenated together\. When using a cert bundle, CRLs for all CAs in the chain of trust must be included in the crl file\. The chain should be ordered from least to most authoritative, with the first CRL listed being for the root of the chain and the last being for the leaf CA\.
|
241
241
|
.
|
242
242
|
.P
|
243
|
-
When certificate_revocation is set to \'true\' or \'chain\', Puppet
|
243
|
+
When certificate_revocation is set to \'true\' or \'chain\', Puppet ensures that each CA in the chain of trust has not been revoked by its issuing CA\.
|
244
244
|
.
|
245
245
|
.P
|
246
|
-
When certificate_revocation is set to \'leaf\', Puppet
|
246
|
+
When certificate_revocation is set to \'leaf\', Puppet verifies certs against the issuing CA\'s revocation list, but it does not verify the revocation status of the issuing CA or any CA above it within the chain of trust\.
|
247
247
|
.
|
248
248
|
.P
|
249
|
-
When certificate_revocation is set to \'false\', Puppet
|
249
|
+
When certificate_revocation is set to \'false\', Puppet disables all certificate revocation checking and does not attempt to download the CRL\.
|
250
250
|
.
|
251
251
|
.IP "\(bu" 4
|
252
252
|
\fIDefault\fR: chain
|
@@ -692,6 +692,14 @@ Freezes the \'main\' class, disallowing any code to be added to it\. This essent
|
|
692
692
|
.
|
693
693
|
.IP "" 0
|
694
694
|
.
|
695
|
+
.SS "func3x_check"
|
696
|
+
Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that could cause harm or that simply does not work\. This flag is on by default\. This flag is made available so that the validation can be turned off in case the method of validation is faulty \- if encountered, please file a bug report\.
|
697
|
+
.
|
698
|
+
.IP "\(bu" 4
|
699
|
+
\fIDefault\fR: true
|
700
|
+
.
|
701
|
+
.IP "" 0
|
702
|
+
.
|
695
703
|
.SS "future_features"
|
696
704
|
Whether or not to enable all features currently being developed for future major releases of Puppet\. Should be used with caution, as in development features are experimental and can have unexpected effects\.
|
697
705
|
.
|
@@ -868,7 +876,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
|
|
868
876
|
The HTTP User\-Agent string to send when making network requests\.
|
869
877
|
.
|
870
878
|
.IP "\(bu" 4
|
871
|
-
\fIDefault\fR: Puppet/6\.0\.
|
879
|
+
\fIDefault\fR: Puppet/6\.0\.7 Ruby/2\.4\.1\-p111 (x86_64\-linux)
|
872
880
|
.
|
873
881
|
.IP "" 0
|
874
882
|
.
|
data/man/man8/puppet-agent.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-AGENT" "8" "
|
4
|
+
.TH "PUPPET\-AGENT" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-agent\fR \- The puppet agent daemon
|
data/man/man8/puppet-apply.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-APPLY" "8" "
|
4
|
+
.TH "PUPPET\-APPLY" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-apply\fR \- Apply Puppet manifests locally
|
data/man/man8/puppet-catalog.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-CATALOG" "8" "
|
4
|
+
.TH "PUPPET\-CATALOG" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.
|
data/man/man8/puppet-config.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-CONFIG" "8" "
|
4
|
+
.TH "PUPPET\-CONFIG" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-config\fR \- Interact with Puppet\'s settings\.
|
data/man/man8/puppet-describe.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-DESCRIBE" "8" "
|
4
|
+
.TH "PUPPET\-DESCRIBE" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-describe\fR \- Display help about resource types
|
data/man/man8/puppet-device.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-DEVICE" "8" "
|
4
|
+
.TH "PUPPET\-DEVICE" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-device\fR \- Manage remote network devices
|
data/man/man8/puppet-doc.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-DOC" "8" "
|
4
|
+
.TH "PUPPET\-DOC" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-doc\fR \- Generate Puppet references
|
data/man/man8/puppet-epp.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-EPP" "8" "
|
4
|
+
.TH "PUPPET\-EPP" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.
|
data/man/man8/puppet-facts.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-FACTS" "8" "
|
4
|
+
.TH "PUPPET\-FACTS" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-facts\fR \- Retrieve and store facts\.
|
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-FILEBUCKET" "8" "
|
4
|
+
.TH "PUPPET\-FILEBUCKET" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket
|
@@ -67,8 +67,12 @@ Use the local filebucket\. This uses the default configuration information and t
|
|
67
67
|
Use a remote filebucket\. This uses the default configuration information and the bucket located at the \'$bucketdir\' setting by default\.
|
68
68
|
.
|
69
69
|
.TP
|
70
|
+
\-\-server_list
|
71
|
+
A list of comma seperated servers; only the first entry is used for file storage\. This setting takes precidence over \fBserver\fR\.
|
72
|
+
.
|
73
|
+
.TP
|
70
74
|
\-\-server
|
71
|
-
The server to
|
75
|
+
The server to use for file storage\. This setting is only used if \fBserver_list\fR is not set\.
|
72
76
|
.
|
73
77
|
.TP
|
74
78
|
\-\-todate
|
data/man/man8/puppet-generate.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-GENERATE" "8" "
|
4
|
+
.TH "PUPPET\-GENERATE" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.
|
data/man/man8/puppet-help.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-HELP" "8" "
|
4
|
+
.TH "PUPPET\-HELP" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-help\fR \- Display Puppet help\.
|
data/man/man8/puppet-key.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-KEY" "8" "
|
4
|
+
.TH "PUPPET\-KEY" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-key\fR \- Create, save, and remove certificate keys\.
|
data/man/man8/puppet-lookup.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-LOOKUP" "8" "
|
4
|
+
.TH "PUPPET\-LOOKUP" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-lookup\fR \- Interactive Hiera lookup
|
data/man/man8/puppet-man.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-MAN" "8" "
|
4
|
+
.TH "PUPPET\-MAN" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-man\fR \- Display Puppet manual pages\.
|
data/man/man8/puppet-module.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-MODULE" "8" "
|
4
|
+
.TH "PUPPET\-MODULE" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.
|
data/man/man8/puppet-node.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-NODE" "8" "
|
4
|
+
.TH "PUPPET\-NODE" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-node\fR \- View and manage node definitions\.
|
data/man/man8/puppet-parser.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-PARSER" "8" "
|
4
|
+
.TH "PUPPET\-PARSER" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-parser\fR \- Interact directly with the parser\.
|
data/man/man8/puppet-plugin.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-PLUGIN" "8" "
|
4
|
+
.TH "PUPPET\-PLUGIN" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.
|
data/man/man8/puppet-report.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-REPORT" "8" "
|
4
|
+
.TH "PUPPET\-REPORT" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-report\fR \- Create, display, and submit reports\.
|
data/man/man8/puppet-resource.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-RESOURCE" "8" "
|
4
|
+
.TH "PUPPET\-RESOURCE" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-resource\fR \- The resource abstraction layer shell
|
data/man/man8/puppet-script.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-SCRIPT" "8" "
|
4
|
+
.TH "PUPPET\-SCRIPT" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog
|
data/man/man8/puppet-ssl.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-SSL" "8" "
|
4
|
+
.TH "PUPPET\-SSL" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients
|
data/man/man8/puppet-status.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-STATUS" "8" "
|
4
|
+
.TH "PUPPET\-STATUS" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-status\fR \- View puppet server status\.
|
data/man/man8/puppet.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET" "8" "
|
4
|
+
.TH "PUPPET" "8" "March 2019" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\fR
|
@@ -25,4 +25,4 @@ Specialized:
|
|
25
25
|
catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
|
26
26
|
.
|
27
27
|
.P
|
28
|
-
See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v6\.0\.
|
28
|
+
See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v6\.0\.7
|
@@ -0,0 +1,11 @@
|
|
1
|
+
module Puppet::Parser::Functions
|
2
|
+
newfunction(:bad_func_load3, :type => :rvalue, :doc => <<-EOS
|
3
|
+
A function using the 3x API
|
4
|
+
EOS
|
5
|
+
) do |arguments|
|
6
|
+
def bad_func_load3_illegal_method
|
7
|
+
"some return value from illegal method"
|
8
|
+
end
|
9
|
+
"some return value"
|
10
|
+
end
|
11
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
module Puppet::Parser::Functions
|
2
|
+
newfunction(:bad_func_load4, :type => :rvalue, :doc => <<-EOS
|
3
|
+
A function using the 3x API
|
4
|
+
EOS
|
5
|
+
) do |arguments|
|
6
|
+
def self.bad_func_load4_illegal_method
|
7
|
+
"some return value from illegal method"
|
8
|
+
end
|
9
|
+
"some return value"
|
10
|
+
end
|
11
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
x = module Puppet::Parser::Functions
|
2
|
+
newfunction(:bad_func_load5, :type => :rvalue, :doc => <<-EOS
|
3
|
+
A function using the 3x API
|
4
|
+
EOS
|
5
|
+
) do |arguments|
|
6
|
+
"some return value"
|
7
|
+
end
|
8
|
+
end
|
9
|
+
def self.bad_func_load5_illegal_method
|
10
|
+
end
|
11
|
+
# Attempt to get around problem of not returning what newfunction returns
|
12
|
+
x
|
@@ -0,0 +1,162 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet_spec/compiler'
|
3
|
+
require 'puppet_spec/files'
|
4
|
+
|
5
|
+
# For some reason the provider test will not filter out on windows when using the
|
6
|
+
# :if => Puppet.features.microsoft_windows? method of filtering the tests.
|
7
|
+
if Puppet.features.microsoft_windows?
|
8
|
+
require 'puppet/util/windows'
|
9
|
+
describe Puppet::Type.type(:file).provider(:windows), '(integration)' do
|
10
|
+
include PuppetSpec::Compiler
|
11
|
+
include PuppetSpec::Files
|
12
|
+
|
13
|
+
def create_temp_file(owner_sid, group_sid, initial_mode)
|
14
|
+
tmp_file = tmpfile('filewindowsprovider')
|
15
|
+
File.delete(tmp_file) if File.exist?(tmp_file)
|
16
|
+
File.open(tmp_file, 'w') { |file| file.write("rspec test") }
|
17
|
+
|
18
|
+
# There are other tests to ensure that these methods do indeed
|
19
|
+
# set the owner and group. Therefore it's ok to depend on them
|
20
|
+
# here
|
21
|
+
Puppet::Util::Windows::Security.set_owner(owner_sid, tmp_file) unless owner_sid.nil?
|
22
|
+
Puppet::Util::Windows::Security.set_group(group_sid, tmp_file) unless group_sid.nil?
|
23
|
+
# Pretend we are managing the owner and group to FORCE this mode, even if it's "bad"
|
24
|
+
Puppet::Util::Windows::Security.set_mode(initial_mode.to_i(8), tmp_file, true, true, true) unless initial_mode.nil?
|
25
|
+
|
26
|
+
tmp_file
|
27
|
+
end
|
28
|
+
|
29
|
+
def strip_sticky(value)
|
30
|
+
# For the purposes of these tests we don't care about the extra-ace bit in modes
|
31
|
+
# This function removes it
|
32
|
+
value & ~Puppet::Util::Windows::Security::S_IEXTRA
|
33
|
+
end
|
34
|
+
|
35
|
+
sids = {
|
36
|
+
:system => Puppet::Util::Windows::SID::LocalSystem,
|
37
|
+
:administrators => Puppet::Util::Windows::SID::BuiltinAdministrators,
|
38
|
+
:users => Puppet::Util::Windows::SID::BuiltinUsers,
|
39
|
+
:power_users => Puppet::Util::Windows::SID::PowerUsers,
|
40
|
+
:none => Puppet::Util::Windows::SID::Nobody,
|
41
|
+
:everyone => Puppet::Util::Windows::SID::Everyone
|
42
|
+
}
|
43
|
+
|
44
|
+
# Testcase Hash options
|
45
|
+
# create_* : These options are used when creating the initial test file
|
46
|
+
# create_owner (Required!)
|
47
|
+
# create_group (Required!)
|
48
|
+
# create_mode
|
49
|
+
#
|
50
|
+
# manifest_* : These options are used to craft the manifest which is applied to the test file after createion
|
51
|
+
# manifest_owner,
|
52
|
+
# manifest_group,
|
53
|
+
# manifest_mode (Required!)
|
54
|
+
#
|
55
|
+
# actual_* : These options are used to check the _actual_ values as opposed to the munged values from puppet
|
56
|
+
# actual_mode (Uses manifest_mode for checks if not set)
|
57
|
+
|
58
|
+
RSpec.shared_examples "a mungable file resource" do |testcase|
|
59
|
+
|
60
|
+
before(:each) do
|
61
|
+
@tmp_file = create_temp_file(sids[testcase[:create_owner]], sids[testcase[:create_group]], testcase[:create_mode])
|
62
|
+
raise "Could not create temporary file" if @tmp_file.nil?
|
63
|
+
end
|
64
|
+
|
65
|
+
after(:each) do
|
66
|
+
File.delete(@tmp_file) if File.exist?(@tmp_file)
|
67
|
+
end
|
68
|
+
|
69
|
+
context_name = "With initial owner '#{testcase[:create_owner]}' and initial group '#{testcase[:create_owner]}'"
|
70
|
+
context_name += " and initial mode of '#{testcase[:create_mode]}'" unless testcase[:create_mode].nil?
|
71
|
+
context_name += " and a mode of '#{testcase[:manifest_mode]}' in the manifest"
|
72
|
+
context_name += " and an owner of '#{testcase[:manifest_owner]}' in the manifest" unless testcase[:manifest_owner].nil?
|
73
|
+
context_name += " and a group of '#{testcase[:manifest_group]}' in the manifest" unless testcase[:manifest_group].nil?
|
74
|
+
|
75
|
+
context context_name do
|
76
|
+
is_idempotent = testcase[:is_idempotent].nil? || testcase[:is_idempotent]
|
77
|
+
|
78
|
+
let(:manifest) do
|
79
|
+
value = <<-MANIFEST
|
80
|
+
file { 'rspec_example':
|
81
|
+
ensure => present,
|
82
|
+
path => '#{@tmp_file}',
|
83
|
+
mode => '#{testcase[:manifest_mode]}',
|
84
|
+
MANIFEST
|
85
|
+
value += " owner => '#{testcase[:manifest_owner]}',\n" unless testcase[:manifest_owner].nil?
|
86
|
+
value += " group => '#{testcase[:manifest_group]}',\n" unless testcase[:manifest_group].nil?
|
87
|
+
value + "}"
|
88
|
+
end
|
89
|
+
|
90
|
+
it "should apply with no errors and have expected ACL" do
|
91
|
+
apply_with_error_check(manifest)
|
92
|
+
new_mode = strip_sticky(Puppet::Util::Windows::Security.get_mode(@tmp_file))
|
93
|
+
expect(new_mode.to_s(8)).to eq (testcase[:actual_mode].nil? ? testcase[:manifest_mode] : testcase[:actual_mode])
|
94
|
+
end
|
95
|
+
|
96
|
+
it "should be idempotent", :if => is_idempotent do
|
97
|
+
result = apply_with_error_check(manifest)
|
98
|
+
result = apply_with_error_check(manifest)
|
99
|
+
# Idempotent. Should be no changed resources
|
100
|
+
expect(result.changed?.count).to eq 0
|
101
|
+
end
|
102
|
+
|
103
|
+
it "should NOT be idempotent", :unless => is_idempotent do
|
104
|
+
result = apply_with_error_check(manifest)
|
105
|
+
result = apply_with_error_check(manifest)
|
106
|
+
result = apply_with_error_check(manifest)
|
107
|
+
result = apply_with_error_check(manifest)
|
108
|
+
# Not idempotent. Expect changed resources
|
109
|
+
expect(result.changed?.count).to be > 0
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
# These scenarios round-trip permissions and are idempotent
|
115
|
+
[
|
116
|
+
{ :create_owner => :system, :create_group => :administrators, :manifest_mode => '760' },
|
117
|
+
{ :create_owner => :administrators, :create_group => :administrators, :manifest_mode => '660' },
|
118
|
+
{ :create_owner => :system, :create_group => :system, :manifest_mode => '770' },
|
119
|
+
].each do |testcase|
|
120
|
+
# What happens if the owner and group are not managed
|
121
|
+
it_behaves_like "a mungable file resource", testcase
|
122
|
+
# What happens if the owner is managed
|
123
|
+
it_behaves_like "a mungable file resource", testcase.merge({ :manifest_owner => testcase[:create_owner]})
|
124
|
+
# What happens if the group is managed
|
125
|
+
it_behaves_like "a mungable file resource", testcase.merge({ :manifest_group => testcase[:create_group]})
|
126
|
+
# What happens if both the owner and group are managed
|
127
|
+
it_behaves_like "a mungable file resource", testcase.merge({
|
128
|
+
:manifest_owner => testcase[:create_owner],
|
129
|
+
:manifest_group => testcase[:create_group]
|
130
|
+
})
|
131
|
+
end
|
132
|
+
|
133
|
+
# SYSTEM is special in that when specifying less than mode 7, the owner and/or group MUST be managed
|
134
|
+
# otherwise it's munged to 7 behind the scenes and is not idempotent
|
135
|
+
both_system_testcase = { :create_owner => :system, :create_group => :system, :manifest_mode => '660', :actual_mode => '770', :is_idempotent => false }
|
136
|
+
# What happens if the owner and group are not managed
|
137
|
+
it_behaves_like "a mungable file resource", both_system_testcase.merge({ :is_idempotent => true })
|
138
|
+
# What happens if the owner is managed
|
139
|
+
it_behaves_like "a mungable file resource", both_system_testcase.merge({ :manifest_owner => both_system_testcase[:create_owner]})
|
140
|
+
# What happens if the group is managed
|
141
|
+
it_behaves_like "a mungable file resource", both_system_testcase.merge({ :manifest_group => both_system_testcase[:create_group]})
|
142
|
+
|
143
|
+
# However when we manage SYSTEM explicitly, then the modes lower than 7 stick and the file provider
|
144
|
+
# assumes it's insync (i.e. idempotent)
|
145
|
+
it_behaves_like "a mungable file resource", both_system_testcase.merge({
|
146
|
+
:manifest_owner => both_system_testcase[:create_owner],
|
147
|
+
:manifest_group => both_system_testcase[:create_group],
|
148
|
+
:actual_mode => both_system_testcase[:manifest_mode],
|
149
|
+
:is_idempotent => true
|
150
|
+
})
|
151
|
+
|
152
|
+
# What happens if we _create_ a file that SYSTEM is a part of, and is Full Control, but the manifest says it should not be Full Control
|
153
|
+
# Behind the scenes the mode should be changed to 7 and be idempotent
|
154
|
+
[
|
155
|
+
{ :create_owner => :system, :create_group => :system, :manifest_mode => '660' },
|
156
|
+
{ :create_owner => :administrators, :create_group => :system, :manifest_mode => '760' },
|
157
|
+
{ :create_owner => :system, :create_group => :administrators, :manifest_mode => '670' },
|
158
|
+
].each do |testcase|
|
159
|
+
it_behaves_like "a mungable file resource", testcase.merge({ :create_mode => '770', :actual_mode => '770'})
|
160
|
+
end
|
161
|
+
end
|
162
|
+
end
|