puppet 6.18.0-x64-mingw32 → 6.21.1-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +2 -16
- data/Gemfile +2 -0
- data/Gemfile.lock +37 -34
- data/README.md +1 -2
- data/Rakefile +4 -12
- data/lib/puppet/agent/locker.rb +0 -7
- data/lib/puppet/application.rb +10 -6
- data/lib/puppet/application/agent.rb +9 -3
- data/lib/puppet/application/apply.rb +3 -2
- data/lib/puppet/application/device.rb +1 -0
- data/lib/puppet/application/doc.rb +1 -1
- data/lib/puppet/application/filebucket.rb +2 -2
- data/lib/puppet/application/lookup.rb +5 -5
- data/lib/puppet/application/script.rb +1 -0
- data/lib/puppet/application_support.rb +7 -0
- data/lib/puppet/configurer.rb +50 -8
- data/lib/puppet/defaults.rb +67 -35
- data/lib/puppet/environments.rb +84 -59
- data/lib/puppet/face/catalog.rb +1 -1
- data/lib/puppet/face/config.rb +56 -16
- data/lib/puppet/face/epp.rb +12 -2
- data/lib/puppet/face/facts.rb +60 -0
- data/lib/puppet/face/node.rb +3 -3
- data/lib/puppet/face/node/clean.rb +2 -2
- data/lib/puppet/face/status.rb +1 -1
- data/lib/puppet/ffi/posix.rb +10 -0
- data/lib/puppet/ffi/posix/constants.rb +14 -0
- data/lib/puppet/ffi/posix/functions.rb +24 -0
- data/lib/puppet/file_bucket/dipper.rb +1 -1
- data/lib/puppet/functions/epp.rb +1 -0
- data/lib/puppet/functions/inline_epp.rb +1 -0
- data/lib/puppet/functions/new.rb +8 -3
- data/lib/puppet/http.rb +1 -0
- data/lib/puppet/http/client.rb +1 -1
- data/lib/puppet/http/resolver.rb +5 -8
- data/lib/puppet/http/resolver/server_list.rb +18 -36
- data/lib/puppet/http/resolver/settings.rb +4 -4
- data/lib/puppet/http/resolver/srv.rb +5 -5
- data/lib/puppet/http/service.rb +3 -1
- data/lib/puppet/http/service/compiler.rb +1 -1
- data/lib/puppet/http/service/file_server.rb +1 -1
- data/lib/puppet/http/service/puppetserver.rb +39 -0
- data/lib/puppet/http/session.rb +5 -4
- data/lib/puppet/indirector/catalog/compiler.rb +1 -1
- data/lib/puppet/indirector/fact_search.rb +60 -0
- data/lib/puppet/indirector/facts/json.rb +27 -0
- data/lib/puppet/indirector/facts/yaml.rb +4 -59
- data/lib/puppet/indirector/json.rb +5 -1
- data/lib/puppet/indirector/msgpack.rb +1 -1
- data/lib/puppet/indirector/node/json.rb +8 -0
- data/lib/puppet/indirector/report/json.rb +34 -0
- data/lib/puppet/indirector/request.rb +4 -4
- data/lib/puppet/indirector/yaml.rb +1 -1
- data/lib/puppet/module_tool/applications/installer.rb +48 -2
- data/lib/puppet/module_tool/errors/shared.rb +17 -2
- data/lib/puppet/network/formats.rb +2 -1
- data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
- data/lib/puppet/node/facts.rb +17 -0
- data/lib/puppet/pal/pal_impl.rb +70 -17
- data/lib/puppet/parser/ast/leaf.rb +3 -2
- data/lib/puppet/parser/templatewrapper.rb +1 -1
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -3
- data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/types/p_meta_type.rb +1 -1
- data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +13 -8
- data/lib/puppet/provider/package/apt.rb +34 -2
- data/lib/puppet/provider/package/aptitude.rb +6 -0
- data/lib/puppet/provider/package/dpkg.rb +1 -1
- data/lib/puppet/provider/package/pip2.rb +17 -0
- data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
- data/lib/puppet/provider/package/yum.rb +1 -0
- data/lib/puppet/provider/service/debian.rb +2 -0
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/useradd.rb +62 -8
- data/lib/puppet/reference/configuration.rb +6 -5
- data/lib/puppet/resource/type.rb +2 -1
- data/lib/puppet/rest/route.rb +2 -2
- data/lib/puppet/settings.rb +62 -20
- data/lib/puppet/settings/alias_setting.rb +37 -0
- data/lib/puppet/settings/base_setting.rb +26 -2
- data/lib/puppet/transaction/report.rb +11 -7
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/filebucket.rb +1 -1
- data/lib/puppet/type/package.rb +3 -3
- data/lib/puppet/util/autoload.rb +1 -8
- data/lib/puppet/util/connection.rb +8 -8
- data/lib/puppet/util/fact_dif.rb +62 -0
- data/lib/puppet/util/posix.rb +54 -5
- data/lib/puppet/util/rubygems.rb +5 -1
- data/lib/puppet/util/run_mode.rb +5 -1
- data/lib/puppet/util/windows/service.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +289 -268
- data/man/man5/puppet.conf.5 +33 -17
- data/man/man8/puppet-agent.8 +7 -4
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +6 -6
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +32 -1
- data/man/man8/puppet-filebucket.8 +3 -3
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +7 -4
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +4 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +2 -2
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
- data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
- data/spec/integration/application/agent_spec.rb +183 -22
- data/spec/integration/application/apply_spec.rb +19 -0
- data/spec/integration/application/filebucket_spec.rb +7 -7
- data/spec/integration/application/plugin_spec.rb +3 -3
- data/spec/integration/configurer_spec.rb +14 -0
- data/spec/integration/defaults_spec.rb +19 -1
- data/spec/integration/environments/setting_hooks_spec.rb +1 -1
- data/spec/integration/resource/type_collection_spec.rb +2 -6
- data/spec/integration/transaction_spec.rb +4 -9
- data/spec/integration/util/windows/adsi_spec.rb +5 -3
- data/spec/integration/util/windows/registry_spec.rb +0 -10
- data/spec/lib/puppet_spec/settings.rb +6 -1
- data/spec/shared_contexts/types_setup.rb +2 -0
- data/spec/spec_helper.rb +1 -4
- data/spec/unit/agent_spec.rb +8 -6
- data/spec/unit/application/agent_spec.rb +0 -1
- data/spec/unit/application/config_spec.rb +224 -4
- data/spec/unit/application/doc_spec.rb +2 -2
- data/spec/unit/application/facts_spec.rb +3 -1
- data/spec/unit/application/filebucket_spec.rb +0 -2
- data/spec/unit/application_spec.rb +60 -13
- data/spec/unit/configurer_spec.rb +39 -6
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +8 -2
- data/spec/unit/defaults_spec.rb +20 -1
- data/spec/unit/environments_spec.rb +176 -32
- data/spec/unit/face/config_spec.rb +62 -11
- data/spec/unit/face/node_spec.rb +2 -13
- data/spec/unit/file_serving/configuration/parser_spec.rb +0 -1
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
- data/spec/unit/file_system_spec.rb +1 -2
- data/spec/unit/forge/module_release_spec.rb +2 -7
- data/spec/unit/functions/inline_epp_spec.rb +26 -1
- data/spec/unit/http/resolver_spec.rb +24 -4
- data/spec/unit/http/service/ca_spec.rb +2 -2
- data/spec/unit/http/service/compiler_spec.rb +51 -2
- data/spec/unit/http/service/file_server_spec.rb +2 -2
- data/spec/unit/http/service/puppetserver_spec.rb +82 -0
- data/spec/unit/http/service/report_spec.rb +2 -2
- data/spec/unit/http/service_spec.rb +1 -1
- data/spec/unit/http/session_spec.rb +8 -20
- data/spec/unit/indirector/catalog/json_spec.rb +1 -1
- data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
- data/spec/unit/indirector/face_spec.rb +0 -1
- data/spec/unit/indirector/facts/facter_spec.rb +0 -1
- data/spec/unit/indirector/facts/json_spec.rb +255 -0
- data/spec/unit/indirector/facts/rest_spec.rb +1 -1
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
- data/spec/unit/indirector/indirection_spec.rb +8 -12
- data/spec/unit/indirector/json_spec.rb +8 -8
- data/spec/unit/indirector/key/file_spec.rb +0 -1
- data/spec/unit/indirector/msgpack_spec.rb +8 -8
- data/spec/unit/indirector/node/json_spec.rb +33 -0
- data/spec/unit/indirector/node/rest_spec.rb +1 -1
- data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
- data/spec/unit/indirector/report/yaml_spec.rb +72 -8
- data/spec/unit/indirector/request_spec.rb +4 -4
- data/spec/unit/indirector/rest_spec.rb +1 -1
- data/spec/unit/indirector/status/rest_spec.rb +1 -1
- data/spec/unit/indirector/yaml_spec.rb +7 -7
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
- data/spec/unit/network/authconfig_spec.rb +0 -3
- data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -9
- data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
- data/spec/unit/network/http/handler_spec.rb +0 -5
- data/spec/unit/parser/compiler_spec.rb +3 -19
- data/spec/unit/parser/resource_spec.rb +14 -8
- data/spec/unit/parser/templatewrapper_spec.rb +4 -3
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
- data/spec/unit/property_spec.rb +1 -0
- data/spec/unit/provider/exec_spec.rb +4 -3
- data/spec/unit/provider/group/groupadd_spec.rb +5 -2
- data/spec/unit/provider/nameservice_spec.rb +66 -65
- data/spec/unit/provider/package/apt_spec.rb +28 -23
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +6 -5
- data/spec/unit/provider/package/dpkg_spec.rb +22 -7
- data/spec/unit/provider/package/openbsd_spec.rb +2 -0
- data/spec/unit/provider/package/pacman_spec.rb +18 -12
- data/spec/unit/provider/package/pip2_spec.rb +36 -0
- data/spec/unit/provider/package/pip_spec.rb +6 -11
- data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
- data/spec/unit/provider/package/yum_spec.rb +31 -0
- data/spec/unit/provider/service/base_spec.rb +2 -4
- data/spec/unit/provider/service/bsd_spec.rb +5 -1
- data/spec/unit/provider/service/daemontools_spec.rb +1 -1
- data/spec/unit/provider/service/debian_spec.rb +3 -5
- data/spec/unit/provider/service/freebsd_spec.rb +1 -1
- data/spec/unit/provider/service/gentoo_spec.rb +4 -5
- data/spec/unit/provider/service/init_spec.rb +4 -5
- data/spec/unit/provider/service/launchd_spec.rb +5 -6
- data/spec/unit/provider/service/openrc_spec.rb +4 -5
- data/spec/unit/provider/service/openwrt_spec.rb +1 -1
- data/spec/unit/provider/service/redhat_spec.rb +1 -1
- data/spec/unit/provider/service/runit_spec.rb +2 -1
- data/spec/unit/provider/service/smf_spec.rb +1 -1
- data/spec/unit/provider/service/src_spec.rb +3 -5
- data/spec/unit/provider/service/systemd_spec.rb +3 -1
- data/spec/unit/provider/service/upstart_spec.rb +4 -5
- data/spec/unit/provider/user/aix_spec.rb +5 -0
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +2 -0
- data/spec/unit/provider/user/useradd_spec.rb +56 -3
- data/spec/unit/provider_spec.rb +8 -10
- data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
- data/spec/unit/resource/capability_finder_spec.rb +6 -1
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +11 -10
- data/spec/unit/rest/route_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +576 -239
- data/spec/unit/ssl/base_spec.rb +0 -1
- data/spec/unit/ssl/host_spec.rb +0 -5
- data/spec/unit/ssl/ssl_provider_spec.rb +14 -8
- data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
- data/spec/unit/transaction/event_manager_spec.rb +14 -11
- data/spec/unit/transaction/report_spec.rb +2 -0
- data/spec/unit/transaction_spec.rb +13 -4
- data/spec/unit/type/file/content_spec.rb +0 -1
- data/spec/unit/type/file/selinux_spec.rb +0 -2
- data/spec/unit/type/file/source_spec.rb +1 -1
- data/spec/unit/type/file_spec.rb +0 -6
- data/spec/unit/type/filebucket_spec.rb +1 -1
- data/spec/unit/type/group_spec.rb +13 -6
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +1 -1
- data/spec/unit/type/tidy_spec.rb +0 -1
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +5 -1
- data/spec/unit/util/backups_spec.rb +1 -2
- data/spec/unit/util/execution_spec.rb +15 -11
- data/spec/unit/util/inifile_spec.rb +6 -14
- data/spec/unit/util/log_spec.rb +8 -7
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/posix_spec.rb +363 -15
- data/spec/unit/util/rubygems_spec.rb +2 -2
- data/spec/unit/util/run_mode_spec.rb +6 -6
- data/spec/unit/util/selinux_spec.rb +76 -52
- data/spec/unit/util/storage_spec.rb +3 -1
- data/spec/unit/util/suidmanager_spec.rb +44 -41
- data/spec/unit/util_spec.rb +13 -6
- metadata +32 -10
- data/spec/integration/application/config_spec.rb +0 -74
- data/spec/unit/face/catalog_spec.rb +0 -6
- data/spec/unit/face/module_spec.rb +0 -3
@@ -33,8 +33,8 @@ describe Puppet::Util::RubyGems::Source do
|
|
33
33
|
describe '::Gems18Source' do
|
34
34
|
before(:each) { allow(described_class).to receive(:source).and_return(Puppet::Util::RubyGems::Gems18Source) }
|
35
35
|
|
36
|
-
it "#directories returns the lib subdirs of Gem::Specification.
|
37
|
-
expect(Gem::Specification).to receive(:
|
36
|
+
it "#directories returns the lib subdirs of Gem::Specification.stubs" do
|
37
|
+
expect(Gem::Specification).to receive(:stubs).and_return([fake_gem])
|
38
38
|
|
39
39
|
expect(described_class.new.directories).to eq([gem_lib])
|
40
40
|
end
|
@@ -25,12 +25,12 @@ describe Puppet::Util::RunMode do
|
|
25
25
|
as_non_root { expect(@run_mode.conf_dir).to eq(File.expand_path('~/.puppetlabs/etc/puppet')) }
|
26
26
|
end
|
27
27
|
|
28
|
-
context "
|
28
|
+
context "server run mode" do
|
29
29
|
before do
|
30
|
-
@run_mode = Puppet::Util::UnixRunMode.new('
|
30
|
+
@run_mode = Puppet::Util::UnixRunMode.new('server')
|
31
31
|
end
|
32
32
|
|
33
|
-
it "has confdir ~/.puppetlabs/etc/puppet when run as non-root and
|
33
|
+
it "has confdir ~/.puppetlabs/etc/puppet when run as non-root and server run mode" do
|
34
34
|
as_non_root { expect(@run_mode.conf_dir).to eq(File.expand_path('~/.puppetlabs/etc/puppet')) }
|
35
35
|
end
|
36
36
|
end
|
@@ -53,12 +53,12 @@ describe Puppet::Util::RunMode do
|
|
53
53
|
as_non_root { expect(@run_mode.code_dir).to eq(File.expand_path('~/.puppetlabs/etc/code')) }
|
54
54
|
end
|
55
55
|
|
56
|
-
context "
|
56
|
+
context "server run mode" do
|
57
57
|
before do
|
58
|
-
@run_mode = Puppet::Util::UnixRunMode.new('
|
58
|
+
@run_mode = Puppet::Util::UnixRunMode.new('server')
|
59
59
|
end
|
60
60
|
|
61
|
-
it "has codedir ~/.puppetlabs/etc/code when run as non-root and
|
61
|
+
it "has codedir ~/.puppetlabs/etc/code when run as non-root and server run mode" do
|
62
62
|
as_non_root { expect(@run_mode.code_dir).to eq(File.expand_path('~/.puppetlabs/etc/code')) }
|
63
63
|
end
|
64
64
|
end
|
@@ -111,15 +111,19 @@ describe Puppet::Util::SELinux do
|
|
111
111
|
end
|
112
112
|
|
113
113
|
it "should return a context" do
|
114
|
-
|
115
|
-
|
116
|
-
|
114
|
+
without_partial_double_verification do
|
115
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
116
|
+
expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
|
117
|
+
expect(get_selinux_current_context("/foo")).to eq("user_u:role_r:type_t:s0")
|
118
|
+
end
|
117
119
|
end
|
118
120
|
|
119
121
|
it "should return nil if lgetfilecon fails" do
|
120
|
-
|
121
|
-
|
122
|
-
|
122
|
+
without_partial_double_verification do
|
123
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
124
|
+
expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return(-1)
|
125
|
+
expect(get_selinux_current_context("/foo")).to be_nil
|
126
|
+
end
|
123
127
|
end
|
124
128
|
end
|
125
129
|
|
@@ -130,47 +134,57 @@ describe Puppet::Util::SELinux do
|
|
130
134
|
end
|
131
135
|
|
132
136
|
it "should return a context if a default context exists" do
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
137
|
+
without_partial_double_verification do
|
138
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
139
|
+
fstat = double('File::Stat', :mode => 0)
|
140
|
+
expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
|
141
|
+
expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
|
142
|
+
expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return([0, "user_u:role_r:type_t:s0"])
|
143
|
+
|
144
|
+
expect(get_selinux_default_context("/foo")).to eq("user_u:role_r:type_t:s0")
|
145
|
+
end
|
140
146
|
end
|
141
147
|
|
142
148
|
it "handles permission denied errors by issuing a warning" do
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
149
|
+
without_partial_double_verification do
|
150
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
151
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
152
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
|
153
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::EACCES, "/root/chuj")
|
147
154
|
|
148
|
-
|
155
|
+
expect(get_selinux_default_context("/root/chuj")).to be_nil
|
156
|
+
end
|
149
157
|
end
|
150
158
|
|
151
159
|
it "handles no such file or directory errors by issuing a warning" do
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
160
|
+
without_partial_double_verification do
|
161
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
162
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
163
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
|
164
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
156
165
|
|
157
|
-
|
166
|
+
expect(get_selinux_default_context("/root/chuj")).to be_nil
|
167
|
+
end
|
158
168
|
end
|
159
169
|
|
160
170
|
it "should return nil if matchpathcon returns failure" do
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
171
|
+
without_partial_double_verification do
|
172
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
173
|
+
fstat = double('File::Stat', :mode => 0)
|
174
|
+
expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
|
175
|
+
expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
|
176
|
+
expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return(-1)
|
177
|
+
|
178
|
+
expect(get_selinux_default_context("/foo")).to be_nil
|
179
|
+
end
|
168
180
|
end
|
169
181
|
|
170
182
|
it "should return nil if selinux_label_support returns false" do
|
171
|
-
|
172
|
-
|
173
|
-
|
183
|
+
without_partial_double_verification do
|
184
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
185
|
+
expect(self).to receive(:find_fs).with("/foo").and_return("nfs")
|
186
|
+
expect(get_selinux_default_context("/foo")).to be_nil
|
187
|
+
end
|
174
188
|
end
|
175
189
|
end
|
176
190
|
|
@@ -261,37 +275,47 @@ describe Puppet::Util::SELinux do
|
|
261
275
|
end
|
262
276
|
|
263
277
|
it "should use lsetfilecon to set a context" do
|
264
|
-
|
265
|
-
|
266
|
-
|
278
|
+
without_partial_double_verification do
|
279
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
280
|
+
expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
|
281
|
+
expect(set_selinux_context("/foo", "user_u:role_r:type_t:s0")).to be_truthy
|
282
|
+
end
|
267
283
|
end
|
268
284
|
|
269
285
|
it "should use lsetfilecon to set user_u user context" do
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
286
|
+
without_partial_double_verification do
|
287
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
288
|
+
expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "foo:role_r:type_t:s0"])
|
289
|
+
expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
|
290
|
+
expect(set_selinux_context("/foo", "user_u", :seluser)).to be_truthy
|
291
|
+
end
|
274
292
|
end
|
275
293
|
|
276
294
|
it "should use lsetfilecon to set role_r role context" do
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
295
|
+
without_partial_double_verification do
|
296
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
297
|
+
expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:foo:type_t:s0"])
|
298
|
+
expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
|
299
|
+
expect(set_selinux_context("/foo", "role_r", :selrole)).to be_truthy
|
300
|
+
end
|
281
301
|
end
|
282
302
|
|
283
303
|
it "should use lsetfilecon to set type_t type context" do
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
304
|
+
without_partial_double_verification do
|
305
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
306
|
+
expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:foo:s0"])
|
307
|
+
expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
|
308
|
+
expect(set_selinux_context("/foo", "type_t", :seltype)).to be_truthy
|
309
|
+
end
|
288
310
|
end
|
289
311
|
|
290
312
|
it "should use lsetfilecon to set s0:c3,c5 range context" do
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
313
|
+
without_partial_double_verification do
|
314
|
+
expect(self).to receive(:selinux_support?).and_return(true)
|
315
|
+
expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
|
316
|
+
expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0:c3,c5").and_return(0)
|
317
|
+
expect(set_selinux_context("/foo", "s0:c3,c5", :selrange)).to be_truthy
|
318
|
+
end
|
295
319
|
end
|
296
320
|
end
|
297
321
|
|
@@ -143,9 +143,11 @@ describe Puppet::Util::Storage do
|
|
143
143
|
end
|
144
144
|
|
145
145
|
it "should raise an error if the state file does not contain valid YAML and cannot be renamed" do
|
146
|
+
allow(File).to receive(:rename).and_call_original
|
147
|
+
|
146
148
|
write_state_file('{ invalid')
|
147
149
|
|
148
|
-
expect(File).to receive(:rename).and_raise(SystemCallError)
|
150
|
+
expect(File).to receive(:rename).with(@state_file, "#{@state_file}.bad").and_raise(SystemCallError)
|
149
151
|
|
150
152
|
expect { Puppet::Util::Storage.load }.to raise_error(Puppet::Error, /Could not rename/)
|
151
153
|
end
|
@@ -14,12 +14,14 @@ describe Puppet::Util::SUIDManager do
|
|
14
14
|
pwent = double('pwent', :name => 'fred', :uid => 42, :gid => 42)
|
15
15
|
allow(Etc).to receive(:getpwuid).with(42).and_return(pwent)
|
16
16
|
|
17
|
-
|
18
|
-
|
17
|
+
unless Puppet::Util::Platform.windows?
|
18
|
+
[:euid, :egid, :uid, :gid, :groups].each do |id|
|
19
|
+
allow(Process).to receive("#{id}=") {|value| xids[id] = value}
|
20
|
+
end
|
19
21
|
end
|
20
22
|
end
|
21
23
|
|
22
|
-
describe "#initgroups" do
|
24
|
+
describe "#initgroups", unless: Puppet::Util::Platform.windows? do
|
23
25
|
it "should use the primary group of the user as the 'basegid'" do
|
24
26
|
expect(Process).to receive(:initgroups).with('fred', 42)
|
25
27
|
described_class.initgroups(42)
|
@@ -27,7 +29,7 @@ describe Puppet::Util::SUIDManager do
|
|
27
29
|
end
|
28
30
|
|
29
31
|
describe "#uid" do
|
30
|
-
it "should allow setting euid/egid" do
|
32
|
+
it "should allow setting euid/egid", unless: Puppet::Util::Platform.windows? do
|
31
33
|
Puppet::Util::SUIDManager.egid = user[:gid]
|
32
34
|
Puppet::Util::SUIDManager.euid = user[:uid]
|
33
35
|
|
@@ -37,8 +39,7 @@ describe Puppet::Util::SUIDManager do
|
|
37
39
|
end
|
38
40
|
|
39
41
|
describe "#asuser" do
|
40
|
-
it "should not get or set euid/egid when not root" do
|
41
|
-
allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
|
42
|
+
it "should not get or set euid/egid when not root", unless: Puppet::Util::Platform.windows? do
|
42
43
|
allow(Process).to receive(:uid).and_return(1)
|
43
44
|
|
44
45
|
allow(Process).to receive(:egid).and_return(51)
|
@@ -49,13 +50,12 @@ describe Puppet::Util::SUIDManager do
|
|
49
50
|
expect(xids).to be_empty
|
50
51
|
end
|
51
52
|
|
52
|
-
context "when root and not
|
53
|
+
context "when root and not Windows" do
|
53
54
|
before :each do
|
54
55
|
allow(Process).to receive(:uid).and_return(0)
|
55
|
-
allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
|
56
56
|
end
|
57
57
|
|
58
|
-
it "should set euid/egid" do
|
58
|
+
it "should set euid/egid", unless: Puppet::Util::Platform.windows? do
|
59
59
|
allow(Process).to receive(:egid).and_return(51, 51, user[:gid])
|
60
60
|
allow(Process).to receive(:euid).and_return(50, 50, user[:uid])
|
61
61
|
|
@@ -79,29 +79,23 @@ describe Puppet::Util::SUIDManager do
|
|
79
79
|
end
|
80
80
|
|
81
81
|
it "should just yield if user and group are nil" do
|
82
|
-
|
83
|
-
Puppet::Util::SUIDManager.asuser(nil, nil) { yielded = true }
|
84
|
-
expect(yielded).to be_truthy
|
82
|
+
expect { |b| Puppet::Util::SUIDManager.asuser(nil, nil, &b) }.to yield_control
|
85
83
|
expect(xids).to eq({})
|
86
84
|
end
|
87
85
|
|
88
|
-
it "should just change group if only group is given" do
|
89
|
-
|
90
|
-
Puppet::Util::SUIDManager.asuser(nil, 42) { yielded = true }
|
91
|
-
expect(yielded).to be_truthy
|
86
|
+
it "should just change group if only group is given", unless: Puppet::Util::Platform.windows? do
|
87
|
+
expect { |b| Puppet::Util::SUIDManager.asuser(nil, 42, &b) }.to yield_control
|
92
88
|
expect(xids).to eq({ :egid => 42 })
|
93
89
|
end
|
94
90
|
|
95
|
-
it "should change gid to the primary group of uid by default" do
|
91
|
+
it "should change gid to the primary group of uid by default", unless: Puppet::Util::Platform.windows? do
|
96
92
|
allow(Process).to receive(:initgroups)
|
97
93
|
|
98
|
-
|
99
|
-
Puppet::Util::SUIDManager.asuser(42) { yielded = true }
|
100
|
-
expect(yielded).to be_truthy
|
94
|
+
expect { |b| Puppet::Util::SUIDManager.asuser(42, nil, &b) }.to yield_control
|
101
95
|
expect(xids).to eq({ :euid => 42, :egid => 42 })
|
102
96
|
end
|
103
97
|
|
104
|
-
it "should change both uid and gid if given" do
|
98
|
+
it "should change both uid and gid if given", unless: Puppet::Util::Platform.windows? do
|
105
99
|
# I don't like the sequence, but it is the only way to assert on the
|
106
100
|
# internal behaviour in a reliable fashion, given we need multiple
|
107
101
|
# sequenced calls to the same methods. --daniel 2012-02-05
|
@@ -110,21 +104,23 @@ describe Puppet::Util::SUIDManager do
|
|
110
104
|
expect(Puppet::Util::SUIDManager).to receive(:change_group).with(Puppet::Util::SUIDManager.egid, false).ordered()
|
111
105
|
expect(Puppet::Util::SUIDManager).to receive(:change_user).with(Puppet::Util::SUIDManager.euid, false).ordered()
|
112
106
|
|
113
|
-
|
114
|
-
Puppet::Util::SUIDManager.asuser(42, 43) { yielded = true }
|
115
|
-
expect(yielded).to be_truthy
|
107
|
+
expect { |b| Puppet::Util::SUIDManager.asuser(42, 43, &b) }.to yield_control
|
116
108
|
end
|
117
109
|
end
|
118
110
|
|
119
|
-
it "should
|
120
|
-
Puppet::Util::SUIDManager.asuser(
|
121
|
-
|
122
|
-
expect(xids).to be_empty
|
111
|
+
it "should just yield on Windows", if: Puppet::Util::Platform.windows? do
|
112
|
+
expect { |b| Puppet::Util::SUIDManager.asuser(1, 2, &b) }.to yield_control
|
123
113
|
end
|
124
114
|
end
|
125
115
|
|
126
116
|
describe "#change_group" do
|
127
|
-
|
117
|
+
it "raises on Windows", if: Puppet::Util::Platform.windows? do
|
118
|
+
expect {
|
119
|
+
Puppet::Util::SUIDManager.change_group(42, true)
|
120
|
+
}.to raise_error(NotImplementedError, /change_privilege\(\) function is unimplemented/)
|
121
|
+
end
|
122
|
+
|
123
|
+
describe "when changing permanently", unless: Puppet::Util::Platform.windows? do
|
128
124
|
it "should change_privilege" do
|
129
125
|
expect(Process::GID).to receive(:change_privilege) do |gid|
|
130
126
|
Process.gid = gid
|
@@ -150,7 +146,7 @@ describe Puppet::Util::SUIDManager do
|
|
150
146
|
end
|
151
147
|
end
|
152
148
|
|
153
|
-
describe "when changing temporarily" do
|
149
|
+
describe "when changing temporarily", unless: Puppet::Util::Platform.windows? do
|
154
150
|
it "should change only egid" do
|
155
151
|
Puppet::Util::SUIDManager.change_group(42, false)
|
156
152
|
|
@@ -161,7 +157,13 @@ describe Puppet::Util::SUIDManager do
|
|
161
157
|
end
|
162
158
|
|
163
159
|
describe "#change_user" do
|
164
|
-
|
160
|
+
it "raises on Windows", if: Puppet::Util::Platform.windows? do
|
161
|
+
expect {
|
162
|
+
Puppet::Util::SUIDManager.change_user(42, true)
|
163
|
+
}.to raise_error(NotImplementedError, /initgroups\(\) function is unimplemented/)
|
164
|
+
end
|
165
|
+
|
166
|
+
describe "when changing permanently", unless: Puppet::Util::Platform.windows? do
|
165
167
|
it "should change_privilege" do
|
166
168
|
expect(Process::UID).to receive(:change_privilege) do |uid|
|
167
169
|
Process.uid = uid
|
@@ -191,7 +193,7 @@ describe Puppet::Util::SUIDManager do
|
|
191
193
|
end
|
192
194
|
end
|
193
195
|
|
194
|
-
describe "when changing temporarily" do
|
196
|
+
describe "when changing temporarily", unless: Puppet::Util::Platform.windows? do
|
195
197
|
it "should change only euid and groups" do
|
196
198
|
allow(Puppet::Util::SUIDManager).to receive(:initgroups).and_return([])
|
197
199
|
Puppet::Util::SUIDManager.change_user(42, false)
|
@@ -221,12 +223,7 @@ describe Puppet::Util::SUIDManager do
|
|
221
223
|
end
|
222
224
|
|
223
225
|
describe "#root?" do
|
224
|
-
describe "on POSIX systems" do
|
225
|
-
before :each do
|
226
|
-
allow(Puppet.features).to receive(:posix?).and_return(true)
|
227
|
-
allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
|
228
|
-
end
|
229
|
-
|
226
|
+
describe "on POSIX systems", unless: Puppet::Util::Platform.windows? do
|
230
227
|
it "should be root if uid is 0" do
|
231
228
|
allow(Process).to receive(:uid).and_return(0)
|
232
229
|
|
@@ -240,7 +237,7 @@ describe Puppet::Util::SUIDManager do
|
|
240
237
|
end
|
241
238
|
end
|
242
239
|
|
243
|
-
describe "on
|
240
|
+
describe "on Windows", :if => Puppet::Util::Platform.windows? do
|
244
241
|
it "should be root if user is privileged" do
|
245
242
|
allow(Puppet::Util::Windows::User).to receive(:admin?).and_return(true)
|
246
243
|
|
@@ -261,13 +258,19 @@ describe 'Puppet::Util::SUIDManager#groups=' do
|
|
261
258
|
Puppet::Util::SUIDManager
|
262
259
|
end
|
263
260
|
|
264
|
-
it "
|
261
|
+
it "raises on Windows", if: Puppet::Util::Platform.windows? do
|
262
|
+
expect {
|
263
|
+
subject.groups = []
|
264
|
+
}.to raise_error(NotImplementedError, /groups=\(\) function is unimplemented/)
|
265
|
+
end
|
266
|
+
|
267
|
+
it "(#3419) should rescue Errno::EINVAL on OS X", unless: Puppet::Util::Platform.windows? do
|
265
268
|
expect(Process).to receive(:groups=).and_raise(Errno::EINVAL, 'blew up')
|
266
269
|
expect(subject).to receive(:osx_maj_ver).and_return('10.7').twice
|
267
270
|
subject.groups = ['list', 'of', 'groups']
|
268
271
|
end
|
269
272
|
|
270
|
-
it "(#3419) should fail if an Errno::EINVAL is raised NOT on OS X" do
|
273
|
+
it "(#3419) should fail if an Errno::EINVAL is raised NOT on OS X", unless: Puppet::Util::Platform.windows? do
|
271
274
|
expect(Process).to receive(:groups=).and_raise(Errno::EINVAL, 'blew up')
|
272
275
|
expect(subject).to receive(:osx_maj_ver).and_return(false)
|
273
276
|
expect { subject.groups = ['list', 'of', 'groups'] }.to raise_error(Errno::EINVAL)
|
data/spec/unit/util_spec.rb
CHANGED
@@ -315,7 +315,7 @@ describe Puppet::Util do
|
|
315
315
|
|
316
316
|
describe "when using platform :posix" do
|
317
317
|
before :each do
|
318
|
-
allow(Puppet.features).to receive(:posix).and_return(true)
|
318
|
+
allow(Puppet.features).to receive(:posix?).and_return(true)
|
319
319
|
allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
|
320
320
|
end
|
321
321
|
|
@@ -328,7 +328,7 @@ describe Puppet::Util do
|
|
328
328
|
|
329
329
|
describe "when using platform :windows" do
|
330
330
|
before :each do
|
331
|
-
allow(Puppet.features).to receive(:posix).and_return(false)
|
331
|
+
allow(Puppet.features).to receive(:posix?).and_return(false)
|
332
332
|
allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
|
333
333
|
end
|
334
334
|
|
@@ -462,7 +462,7 @@ describe Puppet::Util do
|
|
462
462
|
|
463
463
|
describe "when using platform :posix" do
|
464
464
|
before :each do
|
465
|
-
allow(Puppet.features).to receive(:posix).and_return(true)
|
465
|
+
allow(Puppet.features).to receive(:posix?).and_return(true)
|
466
466
|
allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
|
467
467
|
end
|
468
468
|
|
@@ -501,7 +501,7 @@ describe Puppet::Util do
|
|
501
501
|
|
502
502
|
describe "when using platform :windows" do
|
503
503
|
before :each do
|
504
|
-
allow(Puppet.features).to receive(:posix).and_return(false)
|
504
|
+
allow(Puppet.features).to receive(:posix?).and_return(false)
|
505
505
|
allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
|
506
506
|
end
|
507
507
|
|
@@ -539,7 +539,6 @@ describe Puppet::Util do
|
|
539
539
|
expect(Puppet::Util.uri_to_path(URI.parse('http://foo/bar%20baz'))).to eq('/bar baz')
|
540
540
|
end
|
541
541
|
|
542
|
-
|
543
542
|
[
|
544
543
|
"http://foo/A%DB%BF%E1%9A%A0%F0%A0%9C%8E",
|
545
544
|
"http://foo/A%DB%BF%E1%9A%A0%F0%A0%9C%8E".force_encoding(Encoding::ASCII)
|
@@ -589,7 +588,15 @@ describe Puppet::Util do
|
|
589
588
|
end
|
590
589
|
end
|
591
590
|
|
592
|
-
describe "safe_posix_fork" do
|
591
|
+
describe "safe_posix_fork on Windows and JRuby", if: Puppet::Util::Platform.windows? || Puppet::Util::Platform.jruby? do
|
592
|
+
it "raises not implemented error" do
|
593
|
+
expect {
|
594
|
+
Puppet::Util.safe_posix_fork
|
595
|
+
}.to raise_error(NotImplementedError, /fork/)
|
596
|
+
end
|
597
|
+
end
|
598
|
+
|
599
|
+
describe "safe_posix_fork", unless: Puppet::Util::Platform.windows? || Puppet::Util::Platform.jruby? do
|
593
600
|
let(:pid) { 5501 }
|
594
601
|
|
595
602
|
before :each do
|