puppet 6.17.0-universal-darwin → 6.18.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (189) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +6 -5
  3. data/lib/puppet/application/apply.rb +18 -20
  4. data/lib/puppet/application/lookup.rb +16 -4
  5. data/lib/puppet/configurer/downloader.rb +31 -10
  6. data/lib/puppet/confine.rb +1 -1
  7. data/lib/puppet/confine/any.rb +1 -1
  8. data/lib/puppet/defaults.rb +21 -3
  9. data/lib/puppet/feature/base.rb +1 -1
  10. data/lib/puppet/file_serving/mount/locales.rb +1 -2
  11. data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
  12. data/lib/puppet/file_serving/mount/plugins.rb +1 -2
  13. data/lib/puppet/file_system/file_impl.rb +3 -3
  14. data/lib/puppet/functions/lstrip.rb +4 -4
  15. data/lib/puppet/functions/reverse_each.rb +1 -1
  16. data/lib/puppet/functions/rstrip.rb +4 -4
  17. data/lib/puppet/functions/step.rb +1 -1
  18. data/lib/puppet/functions/strip.rb +4 -4
  19. data/lib/puppet/gettext/config.rb +5 -5
  20. data/lib/puppet/gettext/module_translations.rb +4 -4
  21. data/lib/puppet/indirector/exec.rb +1 -1
  22. data/lib/puppet/indirector/facts/facter.rb +3 -3
  23. data/lib/puppet/indirector/file_metadata/http.rb +1 -0
  24. data/lib/puppet/indirector/hiera.rb +4 -0
  25. data/lib/puppet/indirector/indirection.rb +1 -1
  26. data/lib/puppet/indirector/report/processor.rb +2 -2
  27. data/lib/puppet/module.rb +1 -2
  28. data/lib/puppet/network/format_support.rb +2 -2
  29. data/lib/puppet/network/http/route.rb +2 -2
  30. data/lib/puppet/node/environment.rb +12 -5
  31. data/lib/puppet/pal/pal_impl.rb +27 -3
  32. data/lib/puppet/parameter.rb +1 -1
  33. data/lib/puppet/parser/functions.rb +21 -17
  34. data/lib/puppet/parser/functions/create_resources.rb +11 -7
  35. data/lib/puppet/parser/type_loader.rb +2 -2
  36. data/lib/puppet/pops/adaptable.rb +7 -13
  37. data/lib/puppet/pops/adapters.rb +8 -4
  38. data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
  39. data/lib/puppet/pops/loaders.rb +18 -11
  40. data/lib/puppet/pops/lookup/context.rb +1 -1
  41. data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
  42. data/lib/puppet/pops/types/iterable.rb +34 -8
  43. data/lib/puppet/pops/validation/checker4_0.rb +19 -15
  44. data/lib/puppet/provider/file/windows.rb +1 -1
  45. data/lib/puppet/provider/package/apt.rb +34 -0
  46. data/lib/puppet/provider/package/gem.rb +4 -2
  47. data/lib/puppet/provider/package/puppet_gem.rb +5 -0
  48. data/lib/puppet/provider/package/zypper.rb +3 -0
  49. data/lib/puppet/provider/user/aix.rb +1 -1
  50. data/lib/puppet/provider/user/user_role_add.rb +1 -1
  51. data/lib/puppet/provider/user/windows_adsi.rb +18 -1
  52. data/lib/puppet/settings.rb +1 -1
  53. data/lib/puppet/ssl/validator/default_validator.rb +1 -1
  54. data/lib/puppet/test/test_helper.rb +10 -3
  55. data/lib/puppet/transaction.rb +2 -2
  56. data/lib/puppet/transaction/persistence.rb +1 -1
  57. data/lib/puppet/transaction/report.rb +1 -1
  58. data/lib/puppet/trusted_external.rb +2 -2
  59. data/lib/puppet/type.rb +4 -3
  60. data/lib/puppet/type/file.rb +2 -2
  61. data/lib/puppet/type/file/source.rb +27 -7
  62. data/lib/puppet/type/notify.rb +2 -2
  63. data/lib/puppet/type/service.rb +4 -0
  64. data/lib/puppet/type/user.rb +18 -3
  65. data/lib/puppet/util.rb +26 -12
  66. data/lib/puppet/util/autoload.rb +9 -7
  67. data/lib/puppet/util/character_encoding.rb +9 -5
  68. data/lib/puppet/util/execution.rb +2 -2
  69. data/lib/puppet/util/windows.rb +1 -0
  70. data/lib/puppet/util/windows/api_types.rb +15 -1
  71. data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
  72. data/lib/puppet/util/windows/security.rb +4 -4
  73. data/lib/puppet/util/windows/user.rb +219 -0
  74. data/lib/puppet/version.rb +1 -1
  75. data/locales/puppet.pot +78 -69
  76. data/man/man5/puppet.conf.5 +22 -3
  77. data/man/man8/puppet-agent.8 +1 -1
  78. data/man/man8/puppet-apply.8 +1 -1
  79. data/man/man8/puppet-catalog.8 +1 -1
  80. data/man/man8/puppet-config.8 +1 -1
  81. data/man/man8/puppet-describe.8 +1 -1
  82. data/man/man8/puppet-device.8 +1 -1
  83. data/man/man8/puppet-doc.8 +1 -1
  84. data/man/man8/puppet-epp.8 +1 -1
  85. data/man/man8/puppet-facts.8 +1 -1
  86. data/man/man8/puppet-filebucket.8 +1 -1
  87. data/man/man8/puppet-generate.8 +1 -1
  88. data/man/man8/puppet-help.8 +1 -1
  89. data/man/man8/puppet-key.8 +1 -1
  90. data/man/man8/puppet-lookup.8 +2 -2
  91. data/man/man8/puppet-man.8 +1 -1
  92. data/man/man8/puppet-module.8 +1 -1
  93. data/man/man8/puppet-node.8 +1 -1
  94. data/man/man8/puppet-parser.8 +1 -1
  95. data/man/man8/puppet-plugin.8 +1 -1
  96. data/man/man8/puppet-report.8 +1 -1
  97. data/man/man8/puppet-resource.8 +1 -1
  98. data/man/man8/puppet-script.8 +1 -1
  99. data/man/man8/puppet-ssl.8 +1 -1
  100. data/man/man8/puppet-status.8 +1 -1
  101. data/man/man8/puppet.8 +2 -2
  102. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
  103. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
  104. data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
  105. data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
  106. data/spec/integration/application/agent_spec.rb +29 -37
  107. data/spec/integration/application/apply_spec.rb +149 -149
  108. data/spec/integration/application/config_spec.rb +74 -0
  109. data/spec/integration/application/doc_spec.rb +16 -6
  110. data/spec/integration/application/filebucket_spec.rb +65 -16
  111. data/spec/integration/application/help_spec.rb +42 -0
  112. data/spec/integration/application/lookup_spec.rb +13 -0
  113. data/spec/integration/application/module_spec.rb +68 -0
  114. data/spec/integration/application/plugin_spec.rb +50 -0
  115. data/spec/integration/data_binding_spec.rb +82 -0
  116. data/spec/integration/directory_environments_spec.rb +17 -17
  117. data/spec/integration/indirector/facts/facter_spec.rb +8 -6
  118. data/spec/integration/node/environment_spec.rb +1 -1
  119. data/spec/integration/util/execution_spec.rb +22 -0
  120. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
  121. data/spec/integration/util/windows/process_spec.rb +26 -32
  122. data/spec/integration/util/windows/user_spec.rb +7 -0
  123. data/spec/integration/util_spec.rb +7 -33
  124. data/spec/lib/puppet_spec/matchers.rb +0 -80
  125. data/spec/lib/puppet_spec/puppetserver.rb +8 -0
  126. data/spec/unit/application/agent_spec.rb +3 -4
  127. data/spec/unit/application/face_base_spec.rb +6 -4
  128. data/spec/unit/application/facts_spec.rb +39 -10
  129. data/spec/unit/application/man_spec.rb +52 -0
  130. data/spec/unit/application/resource_spec.rb +3 -1
  131. data/spec/unit/application/ssl_spec.rb +15 -2
  132. data/spec/unit/configurer/downloader_spec.rb +10 -0
  133. data/spec/unit/configurer_spec.rb +47 -31
  134. data/spec/unit/confine_spec.rb +2 -1
  135. data/spec/unit/face/config_spec.rb +3 -1
  136. data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
  137. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
  138. data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
  139. data/spec/unit/file_system/uniquefile_spec.rb +18 -0
  140. data/spec/unit/http/client_spec.rb +0 -1
  141. data/spec/unit/http/resolver_spec.rb +0 -1
  142. data/spec/unit/http/service/ca_spec.rb +0 -1
  143. data/spec/unit/http/service/compiler_spec.rb +0 -1
  144. data/spec/unit/http/service/file_server_spec.rb +0 -1
  145. data/spec/unit/http/service/report_spec.rb +0 -1
  146. data/spec/unit/http/service_spec.rb +0 -1
  147. data/spec/unit/http/session_spec.rb +0 -1
  148. data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
  149. data/spec/unit/network/format_support_spec.rb +3 -2
  150. data/spec/unit/node/environment_spec.rb +18 -1
  151. data/spec/unit/pops/loaders/loaders_spec.rb +70 -0
  152. data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
  153. data/spec/unit/provider/package/apt_spec.rb +77 -0
  154. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  155. data/spec/unit/provider/package/puppet_gem_spec.rb +4 -1
  156. data/spec/unit/provider/package/zypper_spec.rb +14 -0
  157. data/spec/unit/provider/service/init_spec.rb +41 -0
  158. data/spec/unit/provider/service/systemd_spec.rb +1 -6
  159. data/spec/unit/provider/service/windows_spec.rb +28 -0
  160. data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
  161. data/spec/unit/puppet_pal_2pec.rb +40 -0
  162. data/spec/unit/reports/store_spec.rb +17 -13
  163. data/spec/unit/transaction/persistence_spec.rb +15 -0
  164. data/spec/unit/type/service_spec.rb +35 -2
  165. data/spec/unit/type/user_spec.rb +31 -2
  166. data/spec/unit/util/character_encoding_spec.rb +4 -4
  167. data/spec/unit/util/command_line_spec.rb +11 -6
  168. metadata +21 -44
  169. data/spec/integration/faces/config_spec.rb +0 -91
  170. data/spec/integration/faces/documentation_spec.rb +0 -57
  171. data/spec/integration/file_bucket/file_spec.rb +0 -50
  172. data/spec/integration/file_serving/content_spec.rb +0 -7
  173. data/spec/integration/file_serving/fileset_spec.rb +0 -12
  174. data/spec/integration/file_serving/metadata_spec.rb +0 -8
  175. data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
  176. data/spec/integration/file_system/uniquefile_spec.rb +0 -26
  177. data/spec/integration/module_tool/forge_spec.rb +0 -51
  178. data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
  179. data/spec/integration/provider/service/init_spec.rb +0 -48
  180. data/spec/integration/provider/service/systemd_spec.rb +0 -25
  181. data/spec/integration/provider/service/windows_spec.rb +0 -50
  182. data/spec/integration/reference/providers_spec.rb +0 -21
  183. data/spec/integration/reports_spec.rb +0 -13
  184. data/spec/integration/ssl/certificate_request_spec.rb +0 -44
  185. data/spec/integration/ssl/host_spec.rb +0 -72
  186. data/spec/integration/ssl/key_spec.rb +0 -99
  187. data/spec/shared_behaviours/file_serving_model.rb +0 -51
  188. data/spec/unit/face/man_spec.rb +0 -25
  189. data/spec/unit/man_spec.rb +0 -31
@@ -104,7 +104,7 @@ class Puppet::SSL::Validator::DefaultValidator #< class Puppet::SSL::Validator
104
104
  crl = store_context.current_crl
105
105
  if crl
106
106
  if crl.last_update && crl.last_update < Time.now + FIVE_MINUTES_AS_SECONDS
107
- Puppet.debug("Ignoring CRL not yet valid, current time #{Time.now.utc}, CRL last updated #{crl.last_update.utc}")
107
+ Puppet.debug { "Ignoring CRL not yet valid, current time #{Time.now.utc}, CRL last updated #{crl.last_update.utc}" }
108
108
  preverify_ok = true
109
109
  else
110
110
  @verify_errors << "#{error_string} for #{crl.issuer.to_utf8}"
@@ -120,8 +120,11 @@ module Puppet::Test
120
120
  indirections = Puppet::Indirector::Indirection.send(:class_variable_get, :@@indirections)
121
121
  indirections.each do |indirector|
122
122
  $saved_indirection_state[indirector.name] = {
123
- :@terminus_class => indirector.instance_variable_get(:@terminus_class).value,
124
- :@cache_class => indirector.instance_variable_get(:@cache_class).value
123
+ :@terminus_class => indirector.instance_variable_get(:@terminus_class).value,
124
+ :@cache_class => indirector.instance_variable_get(:@cache_class).value,
125
+ # dup the termini hash so termini created and registered during
126
+ # the test aren't stored in our saved_indirection_state
127
+ :@termini => indirector.instance_variable_get(:@termini).dup
125
128
  }
126
129
  end
127
130
 
@@ -176,7 +179,11 @@ module Puppet::Test
176
179
  indirections = Puppet::Indirector::Indirection.send(:class_variable_get, :@@indirections)
177
180
  indirections.each do |indirector|
178
181
  $saved_indirection_state.fetch(indirector.name, {}).each do |variable, value|
179
- indirector.instance_variable_get(variable).value = value
182
+ if variable == :@termini
183
+ indirector.instance_variable_set(variable, value)
184
+ else
185
+ indirector.instance_variable_get(variable).value = value
186
+ end
180
187
  end
181
188
  end
182
189
  $saved_indirection_state = nil
@@ -202,7 +202,7 @@ class Puppet::Transaction
202
202
  # mark the end of transaction evaluate.
203
203
  report.transaction_completed = true
204
204
 
205
- Puppet.debug "Finishing transaction #{object_id}"
205
+ Puppet.debug { "Finishing transaction #{object_id}" }
206
206
  end
207
207
 
208
208
  # Wraps application run state check to flag need to interrupt processing
@@ -373,7 +373,7 @@ class Puppet::Transaction
373
373
  type_name = provider_class.resource_type.name
374
374
  return if @prefetched_providers[type_name][provider_class.name] ||
375
375
  @prefetch_failed_providers[type_name][provider_class.name]
376
- Puppet.debug "Prefetching #{provider_class.name} resources for #{type_name}"
376
+ Puppet.debug { "Prefetching #{provider_class.name} resources for #{type_name}" }
377
377
  begin
378
378
  provider_class.prefetch(resources)
379
379
  rescue LoadError, Puppet::MissingCommand => detail
@@ -62,7 +62,7 @@ class Puppet::Transaction::Persistence
62
62
  result = nil
63
63
  Puppet::Util.benchmark(:debug, _("Loaded transaction store file in %{seconds} seconds")) do
64
64
  begin
65
- result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol])
65
+ result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol, Time])
66
66
  rescue Puppet::Util::Yaml::YamlLoadError => detail
67
67
  Puppet.log_exception(detail, _("Transaction store file %{filename} is corrupt (%{detail}); replacing") % { filename: filename, detail: detail })
68
68
 
@@ -122,7 +122,7 @@ class Puppet::Transaction::Report
122
122
 
123
123
  # @!attribute [r] corrective_change
124
124
  # @return [Boolean] true if the report contains any events and resources that had
125
- # corrective changes.
125
+ # corrective changes, including noop corrective changes.
126
126
  attr_reader :corrective_change
127
127
 
128
128
  # @return [Boolean] true if one or more resources attempted to generate
@@ -3,7 +3,7 @@ module Puppet::TrustedExternal
3
3
  def retrieve(certname)
4
4
  command = Puppet[:trusted_external_command]
5
5
  return nil unless command
6
- Puppet.debug _("Retrieving trusted external data from %{command}") % {command: command}
6
+ Puppet.debug { _("Retrieving trusted external data from %{command}") % {command: command} }
7
7
  setting_type = Puppet.settings.setting(:trusted_external_command).type
8
8
  if setting_type == :file
9
9
  return fetch_data(command, certname)
@@ -17,7 +17,7 @@ module Puppet::TrustedExternal
17
17
  abs_path = Puppet::FileSystem.expand_path(file)
18
18
  executable_file = Puppet::FileSystem.file?(abs_path) && Puppet::FileSystem.executable?(abs_path)
19
19
  unless executable_file
20
- Puppet.debug _("Skipping non-executable file %{file}") % { file: abs_path }
20
+ Puppet.debug { _("Skipping non-executable file %{file}") % { file: abs_path } }
21
21
  next
22
22
  end
23
23
  basename = file.basename(file.extname).to_s
@@ -1212,8 +1212,9 @@ class Type
1212
1212
  title = instance.respond_to?(:title) ? instance.title : instance.name
1213
1213
  other = provider_instances[title]
1214
1214
  if other
1215
- Puppet.debug "%s %s found in both %s and %s; skipping the %s version" %
1216
- [self.name.to_s.capitalize, title, other.class.name, instance.class.name, instance.class.name]
1215
+ Puppet.debug {
1216
+ "%s %s found in both %s and %s; skipping the %s version" % [self.name.to_s.capitalize, title, other.class.name, instance.class.name, instance.class.name]
1217
+ }
1217
1218
  next
1218
1219
  end
1219
1220
  provider_instances[title] = instance
@@ -1895,7 +1896,7 @@ end
1895
1896
  name = name.intern
1896
1897
 
1897
1898
  if unprovide(name)
1898
- Puppet.debug "Reloading #{name} #{self.name} provider"
1899
+ Puppet.debug { "Reloading #{name} #{self.name} provider" }
1899
1900
  end
1900
1901
 
1901
1902
  pname = options[:parent]
@@ -116,9 +116,9 @@ Puppet::Type.newtype(:file) do
116
116
  that sufficient disk space is available for the file backups. Generally, you
117
117
  can implement this using one of the following two options:
118
118
  - Use a `find` command and `crontab` entry to retain only the last X days
119
- of file backups. For example,
119
+ of file backups. For example:
120
120
 
121
- ```shell script
121
+ ```
122
122
  find /opt/puppetlabs/server/data/puppetserver/bucket -type f -mtime +45 -atime +45 -print0 | xargs -0 rm
123
123
  ```
124
124
 
@@ -23,7 +23,7 @@ module Puppet
23
23
  * Fully qualified paths to locally available files (including files on NFS
24
24
  shares or Windows mapped drives).
25
25
  * `file:` URIs, which behave the same as local file paths.
26
- * `http:` URIs, which point to files served by common web servers.
26
+ * `http(s):` URIs, which point to files served by common web servers.
27
27
 
28
28
  The normal form of a `puppet:` URI is:
29
29
 
@@ -44,11 +44,26 @@ module Puppet
44
44
  because HTTP servers do not transfer any metadata that translates to
45
45
  ownership or permission details.
46
46
 
47
- The `http` source uses the server `Content-MD5` header as a checksum to
48
- determine if the remote file has changed. If the server response does not
49
- include that header, Puppet defaults to using the `Last-Modified` header.
50
- Puppet will update the local file if the header is newer than the modified
51
- time (mtime) of the local file.
47
+ Puppet determines if file content is synchronized by computing a checksum
48
+ for the local file and comparing it against the `checksum_value`
49
+ parameter. If the `checksum_value` parameter is not specified for
50
+ `puppet` and `file` sources, Puppet computes a checksum based on its
51
+ `Puppet[:digest_algorithm]`. For `http(s)` sources, Puppet uses the
52
+ first HTTP header it recognizes out of the following list:
53
+ `X-Checksum-Sha256`, `X-Checksum-Sha1`, `X-Checksum-Md5` or `Content-MD5`.
54
+ If the server response does not include one of these headers, Puppet
55
+ defaults to using the `Last-Modified` header. Puppet updates the local
56
+ file if the header is newer than the modified time (mtime) of the local
57
+ file.
58
+
59
+ _HTTP_ URIs can include a user information component so that Puppet can
60
+ retrieve file metadata and content from HTTP servers that require HTTP Basic
61
+ authentication. For example `https://<user>:<pass>@<server>:<port>/path/to/file.`
62
+
63
+ When connecting to _HTTPS_ servers, Puppet trusts CA certificates in the
64
+ puppet-agent certificate bundle and the Puppet CA. You can configure Puppet
65
+ to trust additional CA certificates using the `Puppet[:ssl_trust_store]`
66
+ setting.
52
67
 
53
68
  Multiple `source` values can be specified as an array, and Puppet will
54
69
  use the first source that exists. This can be used to serve different
@@ -307,7 +322,12 @@ module Puppet
307
322
 
308
323
  def chunk_file_from_source(&block)
309
324
  if uri.scheme =~ /^https?/
310
- get_from_http_source(uri, &block)
325
+ # Historically puppet has not encoded the http(s) source URL before parsing
326
+ # it, for example, if the path contains spaces, then it must be URL encoded
327
+ # as %20 in the manifest. Puppet behaves the same when retrieving file
328
+ # metadata via http(s), see Puppet::Indirector::FileMetadata::Http#find.
329
+ url = URI.parse(metadata.source)
330
+ get_from_http_source(url, &block)
311
331
  elsif metadata.content_uri
312
332
  content_url = URI.parse(Puppet::Util.uri_encode(metadata.content_uri))
313
333
  get_from_content_uri_source(content_url, &block)
@@ -4,12 +4,12 @@
4
4
 
5
5
  module Puppet
6
6
  Type.newtype(:notify) do
7
- @doc = "Sends an arbitrary message to the agent run-time log. It's important to note that the notify resource type is not idempotent. As a result, notifications are shown as a change on every Puppet run."
7
+ @doc = "Sends an arbitrary message, specified as a string, to the agent run-time log. It's important to note that the notify resource type is not idempotent. As a result, notifications are shown as a change on every Puppet run."
8
8
 
9
9
  apply_to_all
10
10
 
11
11
  newproperty(:message, :idempotent => false) do
12
- desc "The message to be sent to the log."
12
+ desc "The message to be sent to the log. Note that the value specified must be a string."
13
13
  def sync
14
14
  message = @sensitive ? 'Sensitive [value redacted]' : self.should
15
15
  case @resource["withpath"]
@@ -147,6 +147,10 @@ module Puppet
147
147
  user_information = Puppet::Util::Windows::SID.name_to_principal(value)
148
148
  raise Puppet::Error.new("\"#{value}\" is not a valid account") unless user_information && [:SidTypeUser, :SidTypeWellKnownGroup].include?(user_information.account_type)
149
149
 
150
+ user_rights = Puppet::Util::Windows::User::get_rights(user_information.domain_account) unless Puppet::Util::Windows::User::default_system_account?(value)
151
+ raise Puppet::Error.new("\"#{user_information.domain_account}\" has the 'Log On As A Service' right set to denied.") if user_rights =~ /SeDenyServiceLogonRight/
152
+ raise Puppet::Error.new("\"#{user_information.domain_account}\" is missing the 'Log On As A Service' right.") unless user_rights.nil? || user_rights =~ /SeServiceLogonRight/
153
+
150
154
  if user_information.domain == Puppet::Util::Windows::ADSI.computer_name
151
155
  ".\\#{user_information.account}"
152
156
  else
@@ -40,7 +40,10 @@ module Puppet
40
40
  implement PBKDF2 passwords with salt properties."
41
41
 
42
42
  feature :manages_solaris_rbac,
43
- "The provider can manage roles and normal users"
43
+ "The provider can manage normal users"
44
+
45
+ feature :manages_roles,
46
+ "The provider can manage roles"
44
47
 
45
48
  feature :manages_expiry,
46
49
  "The provider can manage the expiry date for a user."
@@ -97,6 +100,18 @@ module Puppet
97
100
  return :absent
98
101
  end
99
102
  end
103
+
104
+ def sync
105
+ event = super
106
+
107
+ property = @resource.property(:roles)
108
+ if property
109
+ val = property.retrieve
110
+ property.sync unless property.safe_insync?(val)
111
+ end
112
+
113
+ event
114
+ end
100
115
  end
101
116
 
102
117
  newproperty(:home) do
@@ -493,7 +508,7 @@ module Puppet
493
508
  provider.exists?
494
509
  end
495
510
 
496
- newproperty(:roles, :parent => Puppet::Property::List, :required_features => :manages_solaris_rbac) do
511
+ newproperty(:roles, :parent => Puppet::Property::List, :required_features => :manages_roles) do
497
512
  desc "The roles the user has. Multiple roles should be
498
513
  specified as an array."
499
514
 
@@ -520,7 +535,7 @@ module Puppet
520
535
  end
521
536
 
522
537
  reqs
523
- end
538
+ end unless Puppet::Util::Platform.windows?
524
539
 
525
540
  newparam(:role_membership) do
526
541
  desc "Whether specified roles should be considered the **complete list**
@@ -26,20 +26,21 @@ module Util
26
26
 
27
27
  extend Puppet::Util::SymbolicFileMode
28
28
 
29
- DEFAULT_ENV = if Puppet::Util::Platform.windows?
30
- :windows
31
- else
32
- :posix
33
- end.freeze
29
+ def default_env
30
+ Puppet.features.microsoft_windows? ?
31
+ :windows :
32
+ :posix
33
+ end
34
+ module_function :default_env
34
35
 
35
36
  # @param name [String] The name of the environment variable to retrieve
36
37
  # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows. Use nil to autodetect
37
38
  # @return [String] Value of the specified environment variable. nil if it does not exist
38
39
  # @api private
39
- def get_env(name, mode = DEFAULT_ENV)
40
+ def get_env(name, mode = default_env)
40
41
  if mode == :windows
41
- Puppet::Util::Windows::Process.get_environment_strings.find do |key, value|
42
- if name.casecmp(key) == 0
42
+ Puppet::Util::Windows::Process.get_environment_strings.each do |key, value |
43
+ if name.casecmp(key) == 0 then
43
44
  return value
44
45
  end
45
46
  end
@@ -53,7 +54,7 @@ module Util
53
54
  # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows. Use nil to autodetect
54
55
  # @return [Hash] A hashtable of all environment variables
55
56
  # @api private
56
- def get_environment(mode = DEFAULT_ENV)
57
+ def get_environment(mode = default_env)
57
58
  case mode
58
59
  when :posix
59
60
  ENV.to_hash
@@ -68,7 +69,7 @@ module Util
68
69
  # Removes all environment variables
69
70
  # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows. Use nil to autodetect
70
71
  # @api private
71
- def clear_environment(mode = DEFAULT_ENV)
72
+ def clear_environment(mode = default_env)
72
73
  case mode
73
74
  when :posix
74
75
  ENV.clear
@@ -86,7 +87,7 @@ module Util
86
87
  # @param value [String] The value to set the variable to. nil deletes the environment variable
87
88
  # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows. Use nil to autodetect
88
89
  # @api private
89
- def set_env(name, value = nil, mode = DEFAULT_ENV)
90
+ def set_env(name, value = nil, mode = default_env)
90
91
  case mode
91
92
  when :posix
92
93
  ENV[name] = value
@@ -101,7 +102,7 @@ module Util
101
102
  # @param name [Hash] Environment variables to merge into the existing environment. nil values will remove the variable
102
103
  # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows. Use nil to autodetect
103
104
  # @api private
104
- def merge_environment(env_hash, mode = DEFAULT_ENV)
105
+ def merge_environment(env_hash, mode = default_env)
105
106
  case mode
106
107
  when :posix
107
108
  env_hash.each { |name, val| ENV[name.to_s] = val }
@@ -758,6 +759,19 @@ module Util
758
759
  Random.new(seed).rand(max)
759
760
  end
760
761
  module_function :deterministic_rand_int
762
+
763
+ # Executes a block of code, wrapped around Facter.load_external(false) and
764
+ # Facter.load_external(true) which will cause Facter to not evaluate external facts.
765
+ def skip_external_facts
766
+ return yield unless Facter.respond_to? :load_external
767
+ begin
768
+ Facter.load_external(false)
769
+ yield
770
+ ensure
771
+ Facter.load_external(true)
772
+ end
773
+ end
774
+ module_function :skip_external_facts
761
775
  end
762
776
  end
763
777
 
@@ -10,6 +10,14 @@ require 'puppet/concurrent/synchronized'
10
10
  # @api private
11
11
  class Puppet::Util::ModuleDirectoriesAdapter < Puppet::Pops::Adaptable::Adapter
12
12
  attr_accessor :directories
13
+
14
+ def self.create_adapter(env)
15
+ adapter = super(env)
16
+ adapter.directories = env.modulepath.flat_map do |dir|
17
+ Dir.glob(File.join(dir, '*', 'lib'))
18
+ end
19
+ adapter
20
+ end
13
21
  end
14
22
 
15
23
  # Autoload paths, either based on names or all at once.
@@ -119,13 +127,7 @@ class Puppet::Util::Autoload
119
127
  def module_directories(env)
120
128
  raise ArgumentError, "Autoloader requires an environment" unless env
121
129
 
122
- Puppet::Util::ModuleDirectoriesAdapter.adapt(env) do |a|
123
- a.directories ||= env.modulepath.collect do |dir|
124
- Dir.entries(dir).reject { |f| f =~ /^\./ }.collect { |f| File.join(dir, f, "lib") }
125
- end.flatten.find_all do |d|
126
- FileTest.directory?(d)
127
- end
128
- end.directories
130
+ Puppet::Util::ModuleDirectoriesAdapter.adapt(env).directories
129
131
  end
130
132
 
131
133
  # @api private
@@ -19,8 +19,9 @@ module Puppet::Util::CharacterEncoding
19
19
  begin
20
20
  if original_encoding == Encoding::UTF_8
21
21
  if !string_copy.valid_encoding?
22
- Puppet.debug(_("%{value} is already labeled as UTF-8 but this encoding is invalid. It cannot be transcoded by Puppet.") %
23
- { value: string.dump })
22
+ Puppet.debug {
23
+ _("%{value} is already labeled as UTF-8 but this encoding is invalid. It cannot be transcoded by Puppet.") % { value: string.dump }
24
+ }
24
25
  end
25
26
  # String is already valid UTF-8 - noop
26
27
  return string_copy
@@ -40,8 +41,9 @@ module Puppet::Util::CharacterEncoding
40
41
  # Catch both our own self-determined failure to transcode as well as any
41
42
  # error on ruby's part, ie Encoding::UndefinedConversionError on a
42
43
  # failure to encode!.
43
- Puppet.debug(_("%{error}: %{value} cannot be transcoded by Puppet.") %
44
- { error: detail.inspect, value: string.dump })
44
+ Puppet.debug {
45
+ _("%{error}: %{value} cannot be transcoded by Puppet.") % { error: detail.inspect, value: string.dump }
46
+ }
45
47
  return string_copy
46
48
  end
47
49
  end
@@ -67,7 +69,9 @@ module Puppet::Util::CharacterEncoding
67
69
  if string_copy.force_encoding(Encoding::UTF_8).valid_encoding?
68
70
  return string_copy
69
71
  else
70
- Puppet.debug(_("%{value} is not valid UTF-8 and result of overriding encoding would be invalid.") % { value: string.dump })
72
+ Puppet.debug {
73
+ _("%{value} is not valid UTF-8 and result of overriding encoding would be invalid.") % { value: string.dump }
74
+ }
71
75
  # Set copy back to its original encoding before returning
72
76
  return string_copy.force_encoding(original_encoding)
73
77
  end
@@ -68,7 +68,7 @@ module Puppet::Util::Execution
68
68
  if respond_to? :debug
69
69
  debug "Executing '#{command_str}'"
70
70
  else
71
- Puppet.debug "Executing '#{command_str}'"
71
+ Puppet.debug { "Executing '#{command_str}'" }
72
72
  end
73
73
 
74
74
  # force the run of the command with
@@ -186,7 +186,7 @@ module Puppet::Util::Execution
186
186
  if respond_to? :debug
187
187
  debug "Executing#{user_log_s}: '#{command_str}'"
188
188
  else
189
- Puppet.debug "Executing#{user_log_s}: '#{command_str}'"
189
+ Puppet.debug { "Executing#{user_log_s}: '#{command_str}'" }
190
190
  end
191
191
 
192
192
  null_file = Puppet::Util::Platform.windows? ? 'NUL' : '/dev/null'
@@ -26,6 +26,7 @@ module Puppet::Util::Windows
26
26
  require 'win32ole' ; WIN32OLE.codepage = WIN32OLE::CP_UTF8
27
27
  # gems
28
28
  require 'win32/process'
29
+ require 'puppet/util/windows/monkey_patches/dir'
29
30
  require 'win32/dir'
30
31
  require 'win32/service'
31
32
 
@@ -60,7 +60,7 @@ module Puppet::Util::Windows::APITypes
60
60
 
61
61
  str.encode(dst_encoding, str.encoding, encode_options)
62
62
  rescue EncodingError => e
63
- Puppet.debug "Unable to convert value #{str.nil? ? 'nil' : str.dump} to encoding #{dst_encoding} due to #{e.inspect}"
63
+ Puppet.debug { "Unable to convert value #{str.nil? ? 'nil' : str.dump} to encoding #{dst_encoding} due to #{e.inspect}" }
64
64
  raise
65
65
  end
66
66
 
@@ -196,6 +196,20 @@ module Puppet::Util::Windows::APITypes
196
196
  FFI.typedef :uchar, :byte
197
197
  FFI.typedef :uint16, :wchar
198
198
 
199
+ # Definitions for data types used in LSA structures and functions
200
+ # https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/
201
+ # https://docs.microsoft.com/sr-latn-rs/windows/win32/secmgmt/management-data-types
202
+ FFI.typedef :pointer, :pwstr
203
+ FFI.typedef :pointer, :pulong
204
+ FFI.typedef :pointer, :lsa_handle
205
+ FFI.typedef :pointer, :plsa_handle
206
+ FFI.typedef :pointer, :psid
207
+ FFI.typedef :pointer, :pvoid
208
+ FFI.typedef :pointer, :plsa_unicode_string
209
+ FFI.typedef :pointer, :plsa_object_attributes
210
+ FFI.typedef :uint32, :ntstatus
211
+ FFI.typedef :dword, :access_mask
212
+
199
213
  module ::FFI::WIN32
200
214
  extend ::FFI::Library
201
215