puppet 6.12.0-x64-mingw32 → 6.17.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (412) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -7
  3. data/CONTRIBUTING.md +7 -13
  4. data/Gemfile +4 -2
  5. data/Gemfile.lock +39 -36
  6. data/README.md +18 -25
  7. data/ext/project_data.yaml +1 -1
  8. data/ext/windows/service/daemon.rb +3 -3
  9. data/lib/puppet.rb +52 -13
  10. data/lib/puppet/agent.rb +20 -14
  11. data/lib/puppet/application/agent.rb +26 -17
  12. data/lib/puppet/application/describe.rb +7 -5
  13. data/lib/puppet/application/device.rb +2 -2
  14. data/lib/puppet/application/filebucket.rb +19 -15
  15. data/lib/puppet/application/plugin.rb +1 -0
  16. data/lib/puppet/application/resource.rb +1 -1
  17. data/lib/puppet/application/ssl.rb +4 -4
  18. data/lib/puppet/configurer.rb +65 -69
  19. data/lib/puppet/configurer/plugin_handler.rb +10 -1
  20. data/lib/puppet/confine.rb +1 -1
  21. data/lib/puppet/context/trusted_information.rb +14 -8
  22. data/lib/puppet/daemon.rb +13 -27
  23. data/lib/puppet/defaults.rb +154 -58
  24. data/lib/puppet/environments.rb +27 -20
  25. data/lib/puppet/face/facts.rb +8 -5
  26. data/lib/puppet/face/help.rb +29 -3
  27. data/lib/puppet/face/module/search.rb +5 -0
  28. data/lib/puppet/face/plugin.rb +2 -2
  29. data/lib/puppet/file_serving/http_metadata.rb +14 -2
  30. data/lib/puppet/file_serving/metadata.rb +4 -1
  31. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  32. data/lib/puppet/file_system/file_impl.rb +14 -10
  33. data/lib/puppet/file_system/memory_file.rb +6 -0
  34. data/lib/puppet/file_system/memory_impl.rb +13 -0
  35. data/lib/puppet/file_system/uniquefile.rb +12 -16
  36. data/lib/puppet/file_system/windows.rb +7 -10
  37. data/lib/puppet/forge.rb +1 -1
  38. data/lib/puppet/forge/cache.rb +1 -1
  39. data/lib/puppet/forge/repository.rb +4 -7
  40. data/lib/puppet/functions/call.rb +1 -1
  41. data/lib/puppet/functions/eyaml_lookup_key.rb +13 -8
  42. data/lib/puppet/functions/filter.rb +1 -0
  43. data/lib/puppet/functions/reduce.rb +2 -4
  44. data/lib/puppet/http.rb +5 -0
  45. data/lib/puppet/http/client.rb +293 -73
  46. data/lib/puppet/http/errors.rb +2 -0
  47. data/lib/puppet/http/external_client.rb +90 -0
  48. data/lib/puppet/http/redirector.rb +43 -7
  49. data/lib/puppet/http/resolver.rb +46 -3
  50. data/lib/puppet/http/resolver/server_list.rb +76 -16
  51. data/lib/puppet/http/resolver/settings.rb +23 -3
  52. data/lib/puppet/http/resolver/srv.rb +29 -3
  53. data/lib/puppet/http/response.rb +87 -1
  54. data/lib/puppet/http/retry_after_handler.rb +39 -0
  55. data/lib/puppet/http/service.rb +151 -7
  56. data/lib/puppet/http/service/ca.rb +76 -14
  57. data/lib/puppet/http/service/compiler.rb +319 -0
  58. data/lib/puppet/http/service/file_server.rb +206 -0
  59. data/lib/puppet/http/service/report.rb +49 -23
  60. data/lib/puppet/http/session.rb +103 -7
  61. data/lib/puppet/indirector.rb +1 -1
  62. data/lib/puppet/indirector/catalog/compiler.rb +10 -0
  63. data/lib/puppet/indirector/catalog/rest.rb +34 -0
  64. data/lib/puppet/indirector/facts/rest.rb +42 -0
  65. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  66. data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
  67. data/lib/puppet/indirector/file_content/http.rb +5 -0
  68. data/lib/puppet/indirector/file_content/rest.rb +30 -0
  69. data/lib/puppet/indirector/file_metadata/http.rb +27 -8
  70. data/lib/puppet/indirector/file_metadata/rest.rb +52 -0
  71. data/lib/puppet/indirector/json.rb +1 -1
  72. data/lib/puppet/indirector/msgpack.rb +1 -1
  73. data/lib/puppet/indirector/node/rest.rb +24 -0
  74. data/lib/puppet/indirector/report/rest.rb +19 -0
  75. data/lib/puppet/indirector/report/yaml.rb +23 -0
  76. data/lib/puppet/indirector/request.rb +1 -1
  77. data/lib/puppet/indirector/rest.rb +12 -0
  78. data/lib/puppet/indirector/status/rest.rb +18 -0
  79. data/lib/puppet/loaders.rb +6 -0
  80. data/lib/puppet/metatype/manager.rb +80 -80
  81. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  82. data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
  83. data/lib/puppet/network/http/base_pool.rb +7 -2
  84. data/lib/puppet/network/http/compression.rb +7 -0
  85. data/lib/puppet/network/http/connection.rb +6 -0
  86. data/lib/puppet/network/http/connection_adapter.rb +184 -0
  87. data/lib/puppet/network/http/nocache_pool.rb +2 -0
  88. data/lib/puppet/network/http/pool.rb +13 -6
  89. data/lib/puppet/network/http_pool.rb +2 -1
  90. data/lib/puppet/node/environment.rb +11 -1
  91. data/lib/puppet/pal/catalog_compiler.rb +5 -0
  92. data/lib/puppet/pal/pal_impl.rb +4 -29
  93. data/lib/puppet/parser/ast/leaf.rb +5 -5
  94. data/lib/puppet/parser/ast/pops_bridge.rb +6 -15
  95. data/lib/puppet/parser/compiler.rb +43 -33
  96. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
  97. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
  98. data/lib/puppet/parser/environment_compiler.rb +4 -1
  99. data/lib/puppet/parser/functions.rb +18 -13
  100. data/lib/puppet/parser/functions/filter.rb +1 -0
  101. data/lib/puppet/parser/resource.rb +3 -2
  102. data/lib/puppet/parser/resource/param.rb +6 -0
  103. data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
  104. data/lib/puppet/pops/evaluator/evaluator_impl.rb +6 -6
  105. data/lib/puppet/pops/issues.rb +5 -0
  106. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +12 -3
  107. data/lib/puppet/pops/loaders.rb +7 -5
  108. data/lib/puppet/pops/parser/evaluating_parser.rb +5 -7
  109. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
  110. data/lib/puppet/pops/types/p_object_type_extension.rb +10 -0
  111. data/lib/puppet/pops/types/type_calculator.rb +24 -0
  112. data/lib/puppet/pops/validation/checker4_0.rb +11 -1
  113. data/lib/puppet/pops/validation/tasks_checker.rb +5 -1
  114. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
  115. data/lib/puppet/provider/aix_object.rb +4 -2
  116. data/lib/puppet/provider/group/aix.rb +1 -0
  117. data/lib/puppet/provider/group/groupadd.rb +57 -24
  118. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  119. data/lib/puppet/provider/package/aix.rb +17 -2
  120. data/lib/puppet/provider/package/apt.rb +78 -4
  121. data/lib/puppet/provider/package/aptitude.rb +1 -1
  122. data/lib/puppet/provider/package/dnfmodule.rb +69 -15
  123. data/lib/puppet/provider/package/dpkg.rb +14 -7
  124. data/lib/puppet/provider/package/fink.rb +20 -3
  125. data/lib/puppet/provider/package/gem.rb +41 -7
  126. data/lib/puppet/provider/package/openbsd.rb +13 -1
  127. data/lib/puppet/provider/package/pacman.rb +2 -5
  128. data/lib/puppet/provider/package/pip.rb +143 -48
  129. data/lib/puppet/provider/package/pip3.rb +0 -2
  130. data/lib/puppet/provider/package/pkg.rb +18 -5
  131. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  132. data/lib/puppet/provider/package/pkgng.rb +16 -4
  133. data/lib/puppet/provider/package/portage.rb +2 -2
  134. data/lib/puppet/provider/package/puppet_gem.rb +6 -2
  135. data/lib/puppet/provider/package/rpm.rb +6 -213
  136. data/lib/puppet/provider/package/yum.rb +109 -25
  137. data/lib/puppet/provider/package/zypper.rb +59 -1
  138. data/lib/puppet/provider/service/systemd.rb +22 -4
  139. data/lib/puppet/provider/service/windows.rb +23 -7
  140. data/lib/puppet/provider/user/aix.rb +1 -0
  141. data/lib/puppet/provider/user/directoryservice.rb +30 -5
  142. data/lib/puppet/provider/user/useradd.rb +22 -12
  143. data/lib/puppet/reports/http.rb +15 -9
  144. data/lib/puppet/reports/store.rb +1 -1
  145. data/lib/puppet/resource.rb +2 -1
  146. data/lib/puppet/resource/type.rb +8 -0
  147. data/lib/puppet/resource/type_collection.rb +20 -16
  148. data/lib/puppet/runtime.rb +31 -1
  149. data/lib/puppet/settings.rb +4 -0
  150. data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
  151. data/lib/puppet/ssl.rb +1 -0
  152. data/lib/puppet/ssl/certificate.rb +2 -1
  153. data/lib/puppet/ssl/host.rb +4 -4
  154. data/lib/puppet/ssl/oids.rb +1 -0
  155. data/lib/puppet/ssl/ssl_context.rb +2 -2
  156. data/lib/puppet/ssl/ssl_provider.rb +20 -1
  157. data/lib/puppet/ssl/state_machine.rb +81 -35
  158. data/lib/puppet/ssl/verifier_adapter.rb +9 -1
  159. data/lib/puppet/test/test_helper.rb +15 -11
  160. data/lib/puppet/transaction/report.rb +2 -2
  161. data/lib/puppet/transaction/resource_harness.rb +1 -1
  162. data/lib/puppet/trusted_external.rb +29 -1
  163. data/lib/puppet/type.rb +18 -6
  164. data/lib/puppet/type/file.rb +51 -13
  165. data/lib/puppet/type/file/checksum.rb +4 -4
  166. data/lib/puppet/type/file/source.rb +51 -60
  167. data/lib/puppet/type/group.rb +2 -2
  168. data/lib/puppet/type/package.rb +102 -10
  169. data/lib/puppet/type/service.rb +55 -8
  170. data/lib/puppet/type/user.rb +3 -28
  171. data/lib/puppet/util.rb +39 -15
  172. data/lib/puppet/util/at_fork.rb +1 -1
  173. data/lib/puppet/util/autoload.rb +4 -18
  174. data/lib/puppet/util/checksums.rb +19 -4
  175. data/lib/puppet/util/fileparsing.rb +2 -2
  176. data/lib/puppet/util/instance_loader.rb +14 -10
  177. data/lib/puppet/util/log/destinations.rb +2 -11
  178. data/lib/puppet/util/package/version/debian.rb +175 -0
  179. data/lib/puppet/util/package/version/gem.rb +15 -0
  180. data/lib/puppet/util/package/version/pip.rb +167 -0
  181. data/lib/puppet/util/package/version/range.rb +53 -0
  182. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  183. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  184. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  185. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  186. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  187. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  188. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  189. data/lib/puppet/util/package/version/rpm.rb +73 -0
  190. data/lib/puppet/util/pidlock.rb +36 -10
  191. data/lib/puppet/util/platform.rb +5 -0
  192. data/lib/puppet/util/plist.rb +6 -0
  193. data/lib/puppet/util/provider_features.rb +1 -1
  194. data/lib/puppet/util/reference.rb +1 -1
  195. data/lib/puppet/util/rpm_compare.rb +193 -0
  196. data/lib/puppet/util/storage.rb +0 -1
  197. data/lib/puppet/util/windows/adsi.rb +2 -2
  198. data/lib/puppet/util/windows/api_types.rb +45 -32
  199. data/lib/puppet/util/windows/eventlog.rb +1 -6
  200. data/lib/puppet/util/windows/principal.rb +8 -6
  201. data/lib/puppet/util/windows/process.rb +15 -14
  202. data/lib/puppet/util/windows/registry.rb +11 -11
  203. data/lib/puppet/util/windows/security.rb +1 -0
  204. data/lib/puppet/util/windows/service.rb +43 -26
  205. data/lib/puppet/util/windows/sid.rb +3 -3
  206. data/lib/puppet/util/windows/user.rb +23 -8
  207. data/lib/puppet/util/yaml.rb +1 -1
  208. data/lib/puppet/version.rb +1 -1
  209. data/locales/puppet.pot +707 -574
  210. data/man/man5/puppet.conf.5 +74 -14
  211. data/man/man8/puppet-agent.8 +7 -7
  212. data/man/man8/puppet-apply.8 +1 -1
  213. data/man/man8/puppet-catalog.8 +1 -1
  214. data/man/man8/puppet-config.8 +1 -1
  215. data/man/man8/puppet-describe.8 +1 -1
  216. data/man/man8/puppet-device.8 +2 -2
  217. data/man/man8/puppet-doc.8 +1 -1
  218. data/man/man8/puppet-epp.8 +1 -1
  219. data/man/man8/puppet-facts.8 +1 -1
  220. data/man/man8/puppet-filebucket.8 +17 -2
  221. data/man/man8/puppet-generate.8 +1 -1
  222. data/man/man8/puppet-help.8 +6 -3
  223. data/man/man8/puppet-key.8 +1 -1
  224. data/man/man8/puppet-lookup.8 +1 -1
  225. data/man/man8/puppet-man.8 +1 -1
  226. data/man/man8/puppet-module.8 +4 -1
  227. data/man/man8/puppet-node.8 +1 -1
  228. data/man/man8/puppet-parser.8 +1 -1
  229. data/man/man8/puppet-plugin.8 +1 -1
  230. data/man/man8/puppet-report.8 +1 -1
  231. data/man/man8/puppet-resource.8 +1 -1
  232. data/man/man8/puppet-script.8 +1 -1
  233. data/man/man8/puppet-ssl.8 +2 -2
  234. data/man/man8/puppet-status.8 +1 -1
  235. data/man/man8/puppet.8 +2 -2
  236. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
  237. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
  238. data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
  239. data/spec/fixtures/ssl/unknown-ca.pem +59 -0
  240. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
  241. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  242. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  243. data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
  244. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
  245. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_fetch_if_not_on_the_local_disk.yml +1 -102
  246. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_not_update_if_content_on_disk_is_up-to-date.yml +1 -106
  247. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_md5/should_update_if_content_differs_on_disk.yml +1 -106
  248. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_mtime_is_older_on_disk.yml +1 -102
  249. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_no_header_specified.yml +1 -98
  250. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_fetch_if_not_on_the_local_disk.yml +1 -102
  251. data/spec/fixtures/vcr/cassettes/Puppet_Type_File/when_sourcing/from_http/using_mtime/should_not_update_if_mtime_is_newer_on_disk.yml +1 -102
  252. data/spec/integration/application/agent_spec.rb +483 -0
  253. data/spec/integration/application/apply_spec.rb +132 -3
  254. data/spec/integration/application/filebucket_spec.rb +190 -0
  255. data/spec/integration/application/plugin_spec.rb +73 -0
  256. data/spec/integration/configurer_spec.rb +26 -7
  257. data/spec/integration/defaults_spec.rb +1 -2
  258. data/spec/integration/http/client_spec.rb +47 -37
  259. data/spec/integration/indirector/facts/facter_spec.rb +4 -0
  260. data/spec/integration/indirector/report/yaml.rb +83 -0
  261. data/spec/integration/module_tool/forge_spec.rb +2 -15
  262. data/spec/integration/network/http_pool_spec.rb +93 -20
  263. data/spec/integration/node/environment_spec.rb +15 -0
  264. data/spec/integration/parser/compiler_spec.rb +11 -0
  265. data/spec/integration/type/file_spec.rb +1 -1
  266. data/spec/integration/util/windows/adsi_spec.rb +6 -1
  267. data/spec/integration/util/windows/registry_spec.rb +7 -7
  268. data/spec/integration/util/windows/user_spec.rb +40 -5
  269. data/spec/lib/puppet/test_ca.rb +2 -2
  270. data/spec/lib/puppet_spec/https.rb +16 -7
  271. data/spec/lib/puppet_spec/puppetserver.rb +119 -0
  272. data/spec/shared_contexts/https.rb +29 -0
  273. data/spec/unit/agent_spec.rb +80 -26
  274. data/spec/unit/application/agent_spec.rb +9 -5
  275. data/spec/unit/application/apply_spec.rb +2 -12
  276. data/spec/unit/application/describe_spec.rb +88 -50
  277. data/spec/unit/application/device_spec.rb +2 -2
  278. data/spec/unit/application/filebucket_spec.rb +22 -2
  279. data/spec/unit/application/resource_spec.rb +2 -2
  280. data/spec/unit/configurer/fact_handler_spec.rb +4 -8
  281. data/spec/unit/configurer/plugin_handler_spec.rb +36 -19
  282. data/spec/unit/configurer_spec.rb +17 -18
  283. data/spec/unit/context/trusted_information_spec.rb +25 -2
  284. data/spec/unit/daemon_spec.rb +5 -64
  285. data/spec/unit/defaults_spec.rb +25 -2
  286. data/spec/unit/environments_spec.rb +65 -28
  287. data/spec/unit/face/facts_spec.rb +24 -20
  288. data/spec/unit/face/module/search_spec.rb +17 -0
  289. data/spec/unit/face/plugin_spec.rb +12 -10
  290. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  291. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  292. data/spec/unit/file_system/uniquefile_spec.rb +11 -0
  293. data/spec/unit/file_system_spec.rb +26 -2
  294. data/spec/unit/functions/lookup_spec.rb +13 -0
  295. data/spec/unit/http/client_spec.rb +327 -35
  296. data/spec/unit/http/external_client_spec.rb +201 -0
  297. data/spec/unit/http/resolver_spec.rb +34 -2
  298. data/spec/unit/http/response_spec.rb +75 -0
  299. data/spec/unit/http/service/ca_spec.rb +53 -11
  300. data/spec/unit/http/service/compiler_spec.rb +627 -0
  301. data/spec/unit/http/service/file_server_spec.rb +308 -0
  302. data/spec/unit/http/service/report_spec.rb +27 -9
  303. data/spec/unit/http/service_spec.rb +98 -5
  304. data/spec/unit/http/session_spec.rb +190 -7
  305. data/spec/unit/indirector/catalog/compiler_spec.rb +47 -29
  306. data/spec/unit/indirector/catalog/rest_spec.rb +59 -2
  307. data/spec/unit/indirector/facts/rest_spec.rb +79 -24
  308. data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
  309. data/spec/unit/indirector/file_content/rest_spec.rb +53 -2
  310. data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
  311. data/spec/unit/indirector/file_metadata/rest_spec.rb +110 -2
  312. data/spec/unit/indirector/node/rest_spec.rb +57 -2
  313. data/spec/unit/indirector/report/rest_spec.rb +58 -51
  314. data/spec/unit/indirector/request_spec.rb +1 -1
  315. data/spec/unit/indirector/resource/ral_spec.rb +7 -8
  316. data/spec/unit/indirector/rest_spec.rb +13 -0
  317. data/spec/unit/indirector/status/rest_spec.rb +43 -2
  318. data/spec/unit/interface_spec.rb +3 -3
  319. data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
  320. data/spec/unit/network/http/connection_spec.rb +559 -175
  321. data/spec/unit/network/http/nocache_pool_spec.rb +25 -3
  322. data/spec/unit/network/http/pool_spec.rb +89 -11
  323. data/spec/unit/network/http_pool_spec.rb +63 -57
  324. data/spec/unit/network/http_spec.rb +1 -1
  325. data/spec/unit/node/environment_spec.rb +16 -0
  326. data/spec/unit/node/facts_spec.rb +2 -1
  327. data/spec/unit/node_spec.rb +7 -4
  328. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  329. data/spec/unit/parser/environment_compiler_spec.rb +7 -0
  330. data/spec/unit/parser/scope_spec.rb +1 -1
  331. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
  332. data/spec/unit/pops/loaders/loaders_spec.rb +1 -1
  333. data/spec/unit/pops/serialization/to_from_hr_spec.rb +6 -1
  334. data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
  335. data/spec/unit/pops/validator/validator_spec.rb +7 -2
  336. data/spec/unit/provider/aix_object_spec.rb +16 -2
  337. data/spec/unit/provider/group/groupadd_spec.rb +181 -56
  338. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  339. data/spec/unit/provider/package/aix_spec.rb +29 -0
  340. data/spec/unit/provider/package/apt_spec.rb +43 -2
  341. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  342. data/spec/unit/provider/package/dnfmodule_spec.rb +76 -15
  343. data/spec/unit/provider/package/dpkg_spec.rb +28 -6
  344. data/spec/unit/provider/package/gem_spec.rb +40 -0
  345. data/spec/unit/provider/package/openbsd_spec.rb +17 -0
  346. data/spec/unit/provider/package/pacman_spec.rb +6 -21
  347. data/spec/unit/provider/package/pip_spec.rb +68 -19
  348. data/spec/unit/provider/package/pkg_spec.rb +15 -1
  349. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  350. data/spec/unit/provider/package/pkgng_spec.rb +38 -0
  351. data/spec/unit/provider/package/portage_spec.rb +5 -0
  352. data/spec/unit/provider/package/puppet_gem_spec.rb +8 -0
  353. data/spec/unit/provider/package/rpm_spec.rb +0 -212
  354. data/spec/unit/provider/package/yum_spec.rb +292 -0
  355. data/spec/unit/provider/package/zypper_spec.rb +84 -0
  356. data/spec/unit/provider/service/init_spec.rb +1 -0
  357. data/spec/unit/provider/service/openbsd_spec.rb +9 -0
  358. data/spec/unit/provider/service/openwrt_spec.rb +1 -0
  359. data/spec/unit/provider/service/redhat_spec.rb +9 -0
  360. data/spec/unit/provider/service/systemd_spec.rb +92 -12
  361. data/spec/unit/provider/service/windows_spec.rb +22 -14
  362. data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
  363. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  364. data/spec/unit/provider/user/useradd_spec.rb +43 -24
  365. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  366. data/spec/unit/puppet_pal_2pec.rb +0 -26
  367. data/spec/unit/puppet_pal_catalog_spec.rb +46 -0
  368. data/spec/unit/puppet_spec.rb +47 -0
  369. data/spec/unit/reports/http_spec.rb +70 -52
  370. data/spec/unit/resource_spec.rb +3 -3
  371. data/spec/unit/settings/autosign_setting_spec.rb +1 -1
  372. data/spec/unit/settings/http_extra_headers_spec.rb +64 -0
  373. data/spec/unit/ssl/certificate_spec.rb +7 -0
  374. data/spec/unit/ssl/host_spec.rb +4 -2
  375. data/spec/unit/ssl/oids_spec.rb +1 -0
  376. data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
  377. data/spec/unit/ssl/state_machine_spec.rb +99 -13
  378. data/spec/unit/test/test_helper_spec.rb +17 -0
  379. data/spec/unit/transaction/persistence_spec.rb +1 -10
  380. data/spec/unit/transaction/report_spec.rb +5 -1
  381. data/spec/unit/transaction_spec.rb +0 -2
  382. data/spec/unit/type/file/ensure_spec.rb +1 -2
  383. data/spec/unit/type/file/source_spec.rb +89 -38
  384. data/spec/unit/type/file_spec.rb +122 -96
  385. data/spec/unit/type/package_spec.rb +8 -0
  386. data/spec/unit/type/service_spec.rb +185 -8
  387. data/spec/unit/type/user_spec.rb +1 -2
  388. data/spec/unit/type_spec.rb +50 -0
  389. data/spec/unit/util/at_fork_spec.rb +3 -2
  390. data/spec/unit/util/autoload_spec.rb +2 -1
  391. data/spec/unit/util/checksums_spec.rb +16 -0
  392. data/spec/unit/util/log/destinations_spec.rb +1 -29
  393. data/spec/unit/util/package/version/debian_spec.rb +83 -0
  394. data/spec/unit/util/package/version/pip_spec.rb +464 -0
  395. data/spec/unit/util/package/version/range_spec.rb +175 -0
  396. data/spec/unit/util/package/version/rpm_spec.rb +121 -0
  397. data/spec/unit/util/pidlock_spec.rb +112 -42
  398. data/spec/unit/util/plist_spec.rb +20 -0
  399. data/spec/unit/util/rpm_compare_spec.rb +196 -0
  400. data/spec/unit/util/storage_spec.rb +1 -8
  401. data/spec/unit/util/windows/adsi_spec.rb +4 -4
  402. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  403. data/spec/unit/util/windows/service_spec.rb +4 -4
  404. data/spec/unit/util/windows/sid_spec.rb +2 -2
  405. data/spec/unit/util_spec.rb +3 -3
  406. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  407. data/tasks/generate_cert_fixtures.rake +15 -1
  408. data/tasks/manpages.rake +5 -35
  409. metadata +73 -12
  410. data/COMMITTERS.md +0 -244
  411. data/spec/integration/faces/plugin_spec.rb +0 -61
  412. data/spec/integration/test/test_helper_spec.rb +0 -31
@@ -1,5 +1,4 @@
1
1
  require 'yaml'
2
- require 'sync'
3
2
  require 'singleton'
4
3
  require 'puppet/util/yaml'
5
4
 
@@ -180,11 +180,11 @@ module Puppet::Util::Windows::ADSI
180
180
  sids
181
181
  end
182
182
 
183
- def name_sid_hash(names)
183
+ def name_sid_hash(names, allow_unresolved = false)
184
184
  return {} if names.nil? || names.empty?
185
185
 
186
186
  sids = names.map do |name|
187
- sid = Puppet::Util::Windows::SID.name_to_principal(name)
187
+ sid = Puppet::Util::Windows::SID.name_to_principal(name, allow_unresolved)
188
188
  raise Puppet::Error.new( _("Could not resolve name: %{name}") % { name: name } ) if !sid
189
189
  [sid.sid, sid]
190
190
  end
@@ -19,15 +19,11 @@ module Puppet::Util::Windows::APITypes
19
19
 
20
20
  class ::FFI::Pointer
21
21
  NULL_HANDLE = 0
22
+ WCHAR_NULL = "\0\0".encode('UTF-16LE').freeze
22
23
 
23
24
  def self.from_string_to_wide_string(str, &block)
24
25
  str = Puppet::Util::Windows::String.wide_string(str)
25
- FFI::MemoryPointer.new(:byte, str.bytesize) do |ptr|
26
- # uchar here is synonymous with byte
27
- ptr.put_array_of_uchar(0, str.bytes.to_a)
28
-
29
- yield ptr
30
- end
26
+ FFI::MemoryPointer.from_wide_string(str, &block)
31
27
 
32
28
  # ptr has already had free called, so nothing to return
33
29
  nil
@@ -53,11 +49,17 @@ module Puppet::Util::Windows::APITypes
53
49
  alias_method :read_word, :read_uint16
54
50
  alias_method :read_array_of_wchar, :read_array_of_uint16
55
51
 
56
- def read_wide_string(char_length, dst_encoding = Encoding::UTF_8, encode_options = {})
52
+ def read_wide_string(char_length, dst_encoding = Encoding::UTF_8, strip = false, encode_options = {})
57
53
  # char_length is number of wide chars (typically excluding NULLs), *not* bytes
58
54
  str = get_bytes(0, char_length * 2).force_encoding('UTF-16LE')
55
+
56
+ if strip
57
+ i = str.index(WCHAR_NULL)
58
+ str = str[0, i] if i
59
+ end
60
+
59
61
  str.encode(dst_encoding, str.encoding, encode_options)
60
- rescue Exception => e
62
+ rescue EncodingError => e
61
63
  Puppet.debug "Unable to convert value #{str.nil? ? 'nil' : str.dump} to encoding #{dst_encoding} due to #{e.inspect}"
62
64
  raise
63
65
  end
@@ -68,32 +70,31 @@ module Puppet::Util::Windows::APITypes
68
70
  # null_terminator = :double_null, then the terminating sequence is four bytes of zero. This is UNIT32 = 0
69
71
  # @param encode_options [Hash] Accepts the same option hash that may be passed to String#encode in Ruby
70
72
  def read_arbitrary_wide_string_up_to(max_char_length = 512, null_terminator = :single_null, encode_options = {})
71
- if null_terminator != :single_null && null_terminator != :double_null
72
- raise _("Unable to read wide strings with %{null_terminator} terminal nulls") % { null_terminator: null_terminator }
73
- end
74
-
75
- terminator_width = null_terminator == :single_null ? 1 : 2
76
- reader_method = null_terminator == :single_null ? :get_uint16 : :get_uint32
77
-
78
- # Look for a null terminating characters; if found, read up to that null (exclusive)
79
- (0...max_char_length - terminator_width).each do |i|
80
- return read_wide_string(i, Encoding::UTF_8, encode_options) if send(reader_method, (i * 2)) == 0
81
- end
82
-
83
- # String is longer than the max; read just to the max
84
- read_wide_string(max_char_length, Encoding::UTF_8, encode_options)
73
+ idx = case null_terminator
74
+ when :single_null
75
+ # find index of wide null between 0 and max (exclusive)
76
+ (0...max_char_length).find do |i|
77
+ get_uint16(i * 2) == 0
78
+ end
79
+ when :double_null
80
+ # find index of double-wide null between 0 and max - 1 (exclusive)
81
+ (0...max_char_length - 1).find do |i|
82
+ get_uint32(i * 2) == 0
83
+ end
84
+ else
85
+ raise _("Unable to read wide strings with %{null_terminator} terminal nulls") % { null_terminator: null_terminator }
86
+ end
87
+
88
+ read_wide_string(idx || max_char_length, Encoding::UTF_8, false, encode_options)
85
89
  end
86
90
 
87
91
  def read_win32_local_pointer(&block)
88
- ptr = nil
92
+ ptr = read_pointer
89
93
  begin
90
- ptr = read_pointer
91
94
  yield ptr
92
95
  ensure
93
- if ptr && ! ptr.null?
94
- if FFI::WIN32::LocalFree(ptr.address) != FFI::Pointer::NULL_HANDLE
95
- Puppet.debug "LocalFree memory leak"
96
- end
96
+ if !ptr.null? && FFI::WIN32::LocalFree(ptr.address) != FFI::Pointer::NULL_HANDLE
97
+ Puppet.debug "LocalFree memory leak"
97
98
  end
98
99
  end
99
100
 
@@ -102,23 +103,35 @@ module Puppet::Util::Windows::APITypes
102
103
  end
103
104
 
104
105
  def read_com_memory_pointer(&block)
105
- ptr = nil
106
+ ptr = read_pointer
106
107
  begin
107
- ptr = read_pointer
108
108
  yield ptr
109
109
  ensure
110
- FFI::WIN32::CoTaskMemFree(ptr) if ptr && ! ptr.null?
110
+ FFI::WIN32::CoTaskMemFree(ptr) unless ptr.null?
111
111
  end
112
112
 
113
113
  # ptr has already had CoTaskMemFree called, so nothing to return
114
114
  nil
115
115
  end
116
116
 
117
-
118
117
  alias_method :write_dword, :write_uint32
119
118
  alias_method :write_word, :write_uint16
120
119
  end
121
120
 
121
+ class FFI::MemoryPointer
122
+ # Return a MemoryPointer that points to wide string. This is analogous to the
123
+ # FFI::MemoryPointer.from_string method.
124
+ def self.from_wide_string(wstr)
125
+ ptr = FFI::MemoryPointer.new(:uchar, wstr.bytesize + 2)
126
+ ptr.put_array_of_uchar(0, wstr.bytes.to_a)
127
+ ptr.put_uint16(wstr.bytesize, 0)
128
+
129
+ yield ptr if block_given?
130
+
131
+ ptr
132
+ end
133
+ end
134
+
122
135
  # FFI Types
123
136
  # https://github.com/ffi/ffi/wiki/Types
124
137
 
@@ -140,12 +140,7 @@ class Puppet::Util::Windows::EventLog
140
140
  # @api private
141
141
  def from_string_to_wide_string(str, &block)
142
142
  str = wide_string(str)
143
- FFI::MemoryPointer.new(:uchar, str.bytesize) do |ptr|
144
- # uchar here is synonymous with byte
145
- ptr.put_array_of_uchar(0, str.bytes.to_a)
146
-
147
- yield ptr
148
- end
143
+ FFI::MemoryPointer.from_wide_string(str) { |ptr| yield ptr }
149
144
 
150
145
  # ptr has already had free called, so nothing to return
151
146
  nil
@@ -41,6 +41,7 @@ module Puppet::Util::Windows::SID
41
41
  # = 8 + max sub identifiers (15) * 4
42
42
  MAXIMUM_SID_BYTE_LENGTH = 68
43
43
 
44
+ ERROR_INVALID_PARAMETER = 87
44
45
  ERROR_INSUFFICIENT_BUFFER = 122
45
46
 
46
47
  def self.lookup_account_name(system_name = nil, account_name)
@@ -48,9 +49,7 @@ module Puppet::Util::Windows::SID
48
49
  begin
49
50
  if system_name
50
51
  system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)
51
- # uchar here is synonymous with byte
52
- system_name_ptr = FFI::MemoryPointer.new(:byte, system_name_wide.bytesize)
53
- system_name_ptr.put_array_of_uchar(0, system_name_wide.bytes.to_a)
52
+ system_name_ptr = FFI::MemoryPointer.from_wide_string(system_name_wide)
54
53
  end
55
54
 
56
55
  FFI::MemoryPointer.from_string_to_wide_string(account_name) do |account_name_ptr|
@@ -101,9 +100,7 @@ module Puppet::Util::Windows::SID
101
100
  begin
102
101
  if system_name
103
102
  system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)
104
- # uchar here is synonymous with byte
105
- system_name_ptr = FFI::MemoryPointer.new(:byte, system_name_wide.bytesize)
106
- system_name_ptr.put_array_of_uchar(0, system_name_wide.bytes.to_a)
103
+ system_name_ptr = FFI::MemoryPointer.from_wide_string(system_name_wide)
107
104
  end
108
105
 
109
106
  FFI::MemoryPointer.new(:byte, sid_bytes.length) do |sid_ptr|
@@ -112,6 +109,11 @@ module Puppet::Util::Windows::SID
112
109
  FFI::MemoryPointer.new(:uint32, 1) do |name_use_enum_ptr|
113
110
 
114
111
  sid_ptr.write_array_of_uchar(sid_bytes)
112
+
113
+ if Puppet::Util::Windows::SID.IsValidSid(sid_ptr) == FFI::WIN32_FALSE
114
+ raise Puppet::Util::Windows::Error.new(_('Byte array for lookup_account_sid is invalid: %{sid_bytes}') % { sid_bytes: sid_bytes }, ERROR_INVALID_PARAMETER)
115
+ end
116
+
115
117
  success = LookupAccountSidW(system_name_ptr, sid_ptr, FFI::Pointer::NULL, name_length_ptr,
116
118
  FFI::Pointer::NULL, domain_length_ptr, name_use_enum_ptr)
117
119
  last_error = FFI.errno
@@ -122,21 +122,22 @@ module Puppet::Util::Windows::Process
122
122
  def get_process_image_name_by_pid(pid)
123
123
  image_name = ""
124
124
 
125
- open_process(PROCESS_QUERY_INFORMATION, false, pid) do |phandle|
126
-
127
- FFI::MemoryPointer.new(:dword, 1) do |exe_name_length_ptr|
128
- # UTF is 2 bytes/char:
129
- max_chars = MAX_PATH_LENGTH + 1
130
- exe_name_length_ptr.write_dword(max_chars)
131
- FFI::MemoryPointer.new(:wchar, max_chars) do |exe_name_ptr|
132
- use_win32_path_format = 0
133
- result = QueryFullProcessImageNameW(phandle, use_win32_path_format, exe_name_ptr, exe_name_length_ptr)
134
- if result == FFI::WIN32_FALSE
135
- raise Puppet::Util::Windows::Error.new(
136
- "QueryFullProcessImageNameW(phandle, #{use_win32_path_format}, " +
137
- "exe_name_ptr, #{max_chars}")
125
+ Puppet::Util::Windows::Security.with_privilege(Puppet::Util::Windows::Security::SE_DEBUG_NAME) do
126
+ open_process(PROCESS_QUERY_INFORMATION, false, pid) do |phandle|
127
+ FFI::MemoryPointer.new(:dword, 1) do |exe_name_length_ptr|
128
+ # UTF is 2 bytes/char:
129
+ max_chars = MAX_PATH_LENGTH + 1
130
+ exe_name_length_ptr.write_dword(max_chars)
131
+ FFI::MemoryPointer.new(:wchar, max_chars) do |exe_name_ptr|
132
+ use_win32_path_format = 0
133
+ result = QueryFullProcessImageNameW(phandle, use_win32_path_format, exe_name_ptr, exe_name_length_ptr)
134
+ if result == FFI::WIN32_FALSE
135
+ raise Puppet::Util::Windows::Error.new(
136
+ "QueryFullProcessImageNameW(phandle, #{use_win32_path_format}, " +
137
+ "exe_name_ptr, #{max_chars}")
138
+ end
139
+ image_name = exe_name_ptr.read_wide_string(exe_name_length_ptr.read_dword)
138
140
  end
139
- image_name = exe_name_ptr.read_wide_string(exe_name_length_ptr.read_dword)
140
141
  end
141
142
  end
142
143
  end
@@ -110,13 +110,16 @@ module Puppet::Util::Windows
110
110
 
111
111
  private
112
112
 
113
- def reg_enum_key(key, index, max_key_length = Win32::Registry::Constants::MAX_KEY_LENGTH)
113
+ # max number of wide characters including NULL terminator
114
+ MAX_KEY_CHAR_LENGTH = 255 + 1
115
+
116
+ def reg_enum_key(key, index, max_key_char_length = MAX_KEY_CHAR_LENGTH)
114
117
  subkey, filetime = nil, nil
115
118
 
116
119
  FFI::MemoryPointer.new(:dword) do |subkey_length_ptr|
117
120
  FFI::MemoryPointer.new(FFI::WIN32::FILETIME.size) do |filetime_ptr|
118
- FFI::MemoryPointer.new(:wchar, max_key_length) do |subkey_ptr|
119
- subkey_length_ptr.write_dword(max_key_length)
121
+ FFI::MemoryPointer.new(:wchar, max_key_char_length) do |subkey_ptr|
122
+ subkey_length_ptr.write_dword(max_key_char_length)
120
123
 
121
124
  # RegEnumKeyEx cannot be called twice to properly size the buffer
122
125
  result = RegEnumKeyExW(key.hkey, index,
@@ -141,7 +144,10 @@ module Puppet::Util::Windows
141
144
  [subkey, filetime]
142
145
  end
143
146
 
144
- def reg_enum_value(key, index, max_value_length = Win32::Registry::Constants::MAX_VALUE_LENGTH)
147
+ # max number of wide characters including NULL terminator
148
+ MAX_VALUE_CHAR_LENGTH = 16383 + 1
149
+
150
+ def reg_enum_value(key, index, max_value_length = MAX_VALUE_CHAR_LENGTH)
145
151
  subkey, type, data = nil, nil, nil
146
152
 
147
153
  FFI::MemoryPointer.new(:dword) do |subkey_length_ptr|
@@ -234,7 +240,7 @@ module Puppet::Util::Windows
234
240
  begin
235
241
  case type
236
242
  when Win32::Registry::REG_SZ, Win32::Registry::REG_EXPAND_SZ
237
- result = [ type, sanitize(data_ptr.read_wide_string(string_length)) ]
243
+ result = [ type, data_ptr.read_wide_string(string_length, Encoding::UTF_8, true) ]
238
244
  when Win32::Registry::REG_MULTI_SZ
239
245
  result = [ type, data_ptr.read_wide_string(string_length).split(/\0/) ]
240
246
  when Win32::Registry::REG_BINARY
@@ -314,12 +320,6 @@ module Puppet::Util::Windows
314
320
  result
315
321
  end
316
322
 
317
- def sanitize(value)
318
- # Replace null bytes with a space
319
- value.tr!("\x00", ' ')
320
- value
321
- end
322
-
323
323
  ffi_convention :stdcall
324
324
 
325
325
  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms724862(v=vs.85).aspx
@@ -97,6 +97,7 @@ module Puppet::Util::Windows::Security
97
97
  FILE = Puppet::Util::Windows::File
98
98
 
99
99
  SE_BACKUP_NAME = 'SeBackupPrivilege'
100
+ SE_DEBUG_NAME = 'SeDebugPrivilege'
100
101
  SE_RESTORE_NAME = 'SeRestorePrivilege'
101
102
 
102
103
  DELETE = 0x00010000
@@ -440,43 +440,60 @@ module Puppet::Util::Windows
440
440
  end
441
441
  module_function :service_start_type
442
442
 
443
- # Change the startup mode of a windows service
443
+ # Query the configuration of a service using QueryServiceConfigW
444
+ # to find its current logon account
444
445
  #
445
- # @param [String] service_name the name of the service to modify
446
- # @param [Integer] startup_type a code corresponding to a start type for
447
- # windows service, see the "Service start type codes" section in the
448
- # Puppet::Util::Windows::Service file for the list of available codes
449
- # @param [Bool] delayed whether the service should be started with a delay
450
- def set_startup_mode(service_name, startup_type, delayed=false)
451
- startup_code = SERVICE_START_TYPES.key(startup_type)
452
- if startup_code.nil?
453
- raise Puppet::Error.new(_("Unknown start type %{start_type}") % {startup_type: startup_type.to_s})
446
+ # @return [String] logon_account account currently set for the service's logon
447
+ # in the format "DOMAIN\Account" or ".\Account" if it's a local account
448
+ def logon_account(service_name)
449
+ open_service(service_name, SC_MANAGER_CONNECT, SERVICE_QUERY_CONFIG) do |service|
450
+ query_config(service) do |config|
451
+ return config[:lpServiceStartName].read_arbitrary_wide_string_up_to(Puppet::Util::Windows::ADSI::User::MAX_USERNAME_LENGTH)
452
+ end
454
453
  end
454
+ end
455
+ module_function :logon_account
456
+
457
+ # Set the startup configuration of a windows service
458
+ #
459
+ # @param [String] service_name the name of the service to modify
460
+ # @param [Hash] options the configuration to be applied. Expected option keys:
461
+ # - [Integer] startup_type a code corresponding to a start type for
462
+ # windows service, see the "Service start type codes" section in the
463
+ # Puppet::Util::Windows::Service file for the list of available codes
464
+ # - [String] logon_account the account to be used by the service for logon
465
+ # - [String] logon_password the provided logon_account's password to be used by the service for logon
466
+ # - [Bool] delayed whether the service should be started with a delay
467
+ def set_startup_configuration(service_name, options: {})
468
+ options[:startup_type] = SERVICE_START_TYPES.key(options[:startup_type]) || SERVICE_NO_CHANGE
469
+ options[:logon_account] = wide_string(options[:logon_account]) || FFI::Pointer::NULL
470
+ options[:logon_password] = wide_string(options[:logon_password]) || FFI::Pointer::NULL
471
+
455
472
  open_service(service_name, SC_MANAGER_CONNECT, SERVICE_CHANGE_CONFIG) do |service|
456
- # Currently the only thing puppet's API can really manage
457
- # in this list is dwStartType (the third param). Thus no
458
- # generic function was written to make use of all the params
459
- # since the API as-is couldn't use them anyway
460
473
  success = ChangeServiceConfigW(
461
474
  service,
462
- SERVICE_NO_CHANGE, # dwServiceType
463
- startup_code, # dwStartType
464
- SERVICE_NO_CHANGE, # dwErrorControl
465
- FFI::Pointer::NULL, # lpBinaryPathName
466
- FFI::Pointer::NULL, # lpLoadOrderGroup
467
- FFI::Pointer::NULL, # lpdwTagId
468
- FFI::Pointer::NULL, # lpDependencies
469
- FFI::Pointer::NULL, # lpServiceStartName
470
- FFI::Pointer::NULL, # lpPassword
471
- FFI::Pointer::NULL # lpDisplayName
475
+ SERVICE_NO_CHANGE, # dwServiceType
476
+ options[:startup_type], # dwStartType
477
+ SERVICE_NO_CHANGE, # dwErrorControl
478
+ FFI::Pointer::NULL, # lpBinaryPathName
479
+ FFI::Pointer::NULL, # lpLoadOrderGroup
480
+ FFI::Pointer::NULL, # lpdwTagId
481
+ FFI::Pointer::NULL, # lpDependencies
482
+ options[:logon_account], # lpServiceStartName
483
+ options[:logon_password], # lpPassword
484
+ FFI::Pointer::NULL # lpDisplayName
472
485
  )
473
486
  if success == FFI::WIN32_FALSE
474
487
  raise Puppet::Util::Windows::Error.new(_("Failed to update service configuration"))
475
488
  end
476
489
  end
477
- set_startup_mode_delayed(service_name, delayed)
490
+
491
+ if options[:startup_type]
492
+ options[:delayed] ||= false
493
+ set_startup_mode_delayed(service_name, options[:delayed])
494
+ end
478
495
  end
479
- module_function :set_startup_mode
496
+ module_function :set_startup_configuration
480
497
 
481
498
  # enumerate over all services in all states and return them as a hash
482
499
  #
@@ -64,7 +64,7 @@ module Puppet::Util::Windows
64
64
  # 'BUILTIN\Administrators', or 'S-1-5-32-544', and will return the
65
65
  # SID object. Returns nil if the account doesn't exist.
66
66
  # This method returns a SID::Principal with the account, domain, SID, etc
67
- def name_to_principal(name)
67
+ def name_to_principal(name, allow_unresolved = false)
68
68
  # Apparently, we accept a symbol..
69
69
  name = name.to_s.strip if name
70
70
 
@@ -79,7 +79,7 @@ module Puppet::Util::Windows
79
79
 
80
80
  raw_sid_bytes ? Principal.lookup_account_sid(raw_sid_bytes) : Principal.lookup_account_name(name)
81
81
  rescue
82
- nil
82
+ (allow_unresolved && raw_sid_bytes) ? unresolved_principal(name, raw_sid_bytes) : nil
83
83
  end
84
84
  module_function :name_to_principal
85
85
  class << self; alias name_to_sid_object name_to_principal; end
@@ -236,7 +236,7 @@ module Puppet::Util::Windows
236
236
  # @api private
237
237
  def self.unresolved_principal(name, sid_bytes)
238
238
  Principal.new(
239
- name + " (unresolvable)", # account
239
+ name, # account
240
240
  sid_bytes, # sid_bytes
241
241
  name, # sid string
242
242
  nil, #domain
@@ -16,6 +16,22 @@ module Puppet::Util::Windows::User
16
16
  end
17
17
  module_function :admin?
18
18
 
19
+ # The name of the account in all locales is `LocalSystem`. `.\LocalSystem` or `ComputerName\LocalSystem' can also be used.
20
+ # This account is not recognized by the security subsystem, so you cannot specify its name in a call to the `LookupAccountName` function.
21
+ # https://docs.microsoft.com/en-us/windows/win32/services/localsystem-account
22
+ def localsystem?(name)
23
+ ["LocalSystem", ".\\LocalSystem", "#{Puppet::Util::Windows::ADSI.computer_name}\\LocalSystem"].any?{ |s| s.casecmp(name) == 0 }
24
+ end
25
+ module_function :localsystem?
26
+
27
+ # Check if a given user is one of the default system accounts
28
+ # These accounts do not have a password and all checks done through logon attempt will fail
29
+ # https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/local-accounts#default-local-system-accounts
30
+ def default_system_account?(name)
31
+ user_sid = Puppet::Util::Windows::SID.name_to_sid(name)
32
+ [Puppet::Util::Windows::SID::LocalSystem, Puppet::Util::Windows::SID::NtLocal, Puppet::Util::Windows::SID::NtNetwork].include?(user_sid)
33
+ end
34
+ module_function :default_system_account?
19
35
 
20
36
  # https://msdn.microsoft.com/en-us/library/windows/desktop/ee207397(v=vs.85).aspx
21
37
  SECURITY_MAX_SID_SIZE = 68
@@ -57,9 +73,9 @@ module Puppet::Util::Windows::User
57
73
  end
58
74
  module_function :check_token_membership
59
75
 
60
- def password_is?(name, password)
76
+ def password_is?(name, password, domain = '.')
61
77
  begin
62
- logon_user(name, password) { |token| }
78
+ logon_user(name, password, domain) { |token| }
63
79
  rescue Puppet::Util::Windows::Error => detail
64
80
 
65
81
  authenticated_error_codes = Set[
@@ -74,7 +90,7 @@ module Puppet::Util::Windows::User
74
90
  end
75
91
  module_function :password_is?
76
92
 
77
- def logon_user(name, password, &block)
93
+ def logon_user(name, password, domain = '.', &block)
78
94
  fLOGON32_PROVIDER_DEFAULT = 0
79
95
  fLOGON32_LOGON_INTERACTIVE = 2
80
96
  fLOGON32_LOGON_NETWORK = 3
@@ -83,8 +99,8 @@ module Puppet::Util::Windows::User
83
99
  begin
84
100
  FFI::MemoryPointer.new(:handle, 1) do |token_pointer|
85
101
  #try logon using network else try logon using interactive mode
86
- if logon_user_by_logon_type(name, password, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, token_pointer) == FFI::WIN32_FALSE
87
- if logon_user_by_logon_type(name, password, fLOGON32_LOGON_INTERACTIVE, fLOGON32_PROVIDER_DEFAULT, token_pointer) == FFI::WIN32_FALSE
102
+ if logon_user_by_logon_type(name, domain, password, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, token_pointer) == FFI::WIN32_FALSE
103
+ if logon_user_by_logon_type(name, domain, password, fLOGON32_LOGON_INTERACTIVE, fLOGON32_PROVIDER_DEFAULT, token_pointer) == FFI::WIN32_FALSE
88
104
  raise Puppet::Util::Windows::Error.new(_("Failed to logon user %{name}") % {name: name.inspect})
89
105
  end
90
106
  end
@@ -98,11 +114,10 @@ module Puppet::Util::Windows::User
98
114
  # token has been closed by this point
99
115
  true
100
116
  end
101
-
102
117
  module_function :logon_user
103
118
 
104
- def self.logon_user_by_logon_type(name, password, logon_type, logon_provider, token)
105
- LogonUserW(wide_string(name), wide_string('.'), password.nil? ? FFI::Pointer::NULL : wide_string(password), logon_type, logon_provider, token)
119
+ def self.logon_user_by_logon_type(name, domain, password, logon_type, logon_provider, token)
120
+ LogonUserW(wide_string(name), wide_string(domain), password.nil? ? FFI::Pointer::NULL : wide_string(password), logon_type, logon_provider, token)
106
121
  end
107
122
 
108
123
  private_class_method :logon_user_by_logon_type