puppet 6.19.0-x86-mingw32 → 6.22.1-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (212) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -16
  3. data/Gemfile +3 -1
  4. data/Gemfile.lock +50 -39
  5. data/ext/project_data.yaml +2 -2
  6. data/lib/puppet/application.rb +10 -6
  7. data/lib/puppet/application/agent.rb +1 -0
  8. data/lib/puppet/application/apply.rb +3 -2
  9. data/lib/puppet/application/device.rb +1 -0
  10. data/lib/puppet/application/filebucket.rb +2 -2
  11. data/lib/puppet/application/script.rb +1 -0
  12. data/lib/puppet/application/ssl.rb +11 -0
  13. data/lib/puppet/application_support.rb +7 -0
  14. data/lib/puppet/configurer.rb +28 -18
  15. data/lib/puppet/defaults.rb +46 -20
  16. data/lib/puppet/environments.rb +54 -55
  17. data/lib/puppet/face/config.rb +10 -0
  18. data/lib/puppet/face/epp.rb +12 -2
  19. data/lib/puppet/face/facts.rb +158 -0
  20. data/lib/puppet/ffi/posix.rb +10 -0
  21. data/lib/puppet/ffi/posix/constants.rb +14 -0
  22. data/lib/puppet/ffi/posix/functions.rb +24 -0
  23. data/lib/puppet/file_system/memory_file.rb +8 -1
  24. data/lib/puppet/file_system/windows.rb +2 -0
  25. data/lib/puppet/functions/epp.rb +1 -0
  26. data/lib/puppet/functions/inline_epp.rb +1 -0
  27. data/lib/puppet/functions/partition.rb +8 -0
  28. data/lib/puppet/indirector/fact_search.rb +60 -0
  29. data/lib/puppet/indirector/facts/facter.rb +24 -3
  30. data/lib/puppet/indirector/facts/json.rb +27 -0
  31. data/lib/puppet/indirector/facts/yaml.rb +3 -58
  32. data/lib/puppet/indirector/json.rb +5 -1
  33. data/lib/puppet/indirector/node/json.rb +8 -0
  34. data/lib/puppet/indirector/report/json.rb +34 -0
  35. data/lib/puppet/module_tool/applications/installer.rb +48 -2
  36. data/lib/puppet/module_tool/errors/shared.rb +17 -2
  37. data/lib/puppet/network/formats.rb +69 -1
  38. data/lib/puppet/network/http/factory.rb +4 -0
  39. data/lib/puppet/pal/pal_impl.rb +70 -17
  40. data/lib/puppet/parser/ast/leaf.rb +3 -2
  41. data/lib/puppet/parser/templatewrapper.rb +1 -1
  42. data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
  43. data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -3
  44. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  45. data/lib/puppet/property/list.rb +1 -1
  46. data/lib/puppet/provider/group/groupadd.rb +13 -8
  47. data/lib/puppet/provider/package/apt.rb +34 -2
  48. data/lib/puppet/provider/package/aptitude.rb +6 -0
  49. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  50. data/lib/puppet/provider/service/debian.rb +2 -0
  51. data/lib/puppet/provider/service/systemd.rb +1 -1
  52. data/lib/puppet/provider/user/aix.rb +2 -2
  53. data/lib/puppet/provider/user/useradd.rb +62 -8
  54. data/lib/puppet/reference/configuration.rb +6 -5
  55. data/lib/puppet/settings.rb +43 -15
  56. data/lib/puppet/settings/alias_setting.rb +37 -0
  57. data/lib/puppet/settings/base_setting.rb +26 -2
  58. data/lib/puppet/settings/environment_conf.rb +1 -0
  59. data/lib/puppet/type/package.rb +3 -3
  60. data/lib/puppet/util/autoload.rb +1 -8
  61. data/lib/puppet/util/fact_dif.rb +81 -0
  62. data/lib/puppet/util/monkey_patches.rb +7 -0
  63. data/lib/puppet/util/posix.rb +54 -5
  64. data/lib/puppet/util/rubygems.rb +5 -1
  65. data/lib/puppet/util/windows/adsi.rb +46 -0
  66. data/lib/puppet/util/windows/api_types.rb +1 -1
  67. data/lib/puppet/util/windows/principal.rb +9 -2
  68. data/lib/puppet/util/windows/service.rb +1 -1
  69. data/lib/puppet/util/windows/sid.rb +4 -2
  70. data/lib/puppet/version.rb +1 -1
  71. data/locales/puppet.pot +295 -219
  72. data/man/man5/puppet.conf.5 +15 -7
  73. data/man/man8/puppet-agent.8 +2 -2
  74. data/man/man8/puppet-apply.8 +2 -2
  75. data/man/man8/puppet-catalog.8 +1 -1
  76. data/man/man8/puppet-config.8 +1 -1
  77. data/man/man8/puppet-describe.8 +1 -1
  78. data/man/man8/puppet-device.8 +2 -2
  79. data/man/man8/puppet-doc.8 +1 -1
  80. data/man/man8/puppet-epp.8 +1 -1
  81. data/man/man8/puppet-facts.8 +90 -1
  82. data/man/man8/puppet-filebucket.8 +3 -3
  83. data/man/man8/puppet-generate.8 +1 -1
  84. data/man/man8/puppet-help.8 +1 -1
  85. data/man/man8/puppet-key.8 +1 -1
  86. data/man/man8/puppet-lookup.8 +1 -1
  87. data/man/man8/puppet-man.8 +1 -1
  88. data/man/man8/puppet-module.8 +1 -1
  89. data/man/man8/puppet-node.8 +4 -1
  90. data/man/man8/puppet-parser.8 +1 -1
  91. data/man/man8/puppet-plugin.8 +1 -1
  92. data/man/man8/puppet-report.8 +4 -1
  93. data/man/man8/puppet-resource.8 +1 -1
  94. data/man/man8/puppet-script.8 +2 -2
  95. data/man/man8/puppet-ssl.8 +5 -1
  96. data/man/man8/puppet-status.8 +1 -1
  97. data/man/man8/puppet.8 +2 -2
  98. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
  99. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  100. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
  101. data/spec/integration/application/agent_spec.rb +160 -3
  102. data/spec/integration/application/apply_spec.rb +19 -0
  103. data/spec/integration/application/plugin_spec.rb +1 -1
  104. data/spec/integration/defaults_spec.rb +0 -7
  105. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  106. data/spec/integration/http/client_spec.rb +12 -0
  107. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  108. data/spec/integration/resource/type_collection_spec.rb +2 -6
  109. data/spec/integration/transaction_spec.rb +4 -9
  110. data/spec/integration/util/windows/adsi_spec.rb +21 -1
  111. data/spec/integration/util/windows/principal_spec.rb +21 -0
  112. data/spec/integration/util/windows/registry_spec.rb +6 -10
  113. data/spec/lib/puppet_spec/settings.rb +6 -1
  114. data/spec/spec_helper.rb +12 -5
  115. data/spec/unit/agent_spec.rb +8 -6
  116. data/spec/unit/application/agent_spec.rb +0 -1
  117. data/spec/unit/application/config_spec.rb +224 -4
  118. data/spec/unit/application/facts_spec.rb +482 -3
  119. data/spec/unit/application/filebucket_spec.rb +0 -2
  120. data/spec/unit/application/ssl_spec.rb +23 -0
  121. data/spec/unit/application_spec.rb +51 -9
  122. data/spec/unit/confine/feature_spec.rb +1 -1
  123. data/spec/unit/confine_spec.rb +8 -2
  124. data/spec/unit/defaults_spec.rb +36 -1
  125. data/spec/unit/environments_spec.rb +221 -68
  126. data/spec/unit/face/config_spec.rb +27 -32
  127. data/spec/unit/face/facts_spec.rb +4 -0
  128. data/spec/unit/face/node_spec.rb +0 -11
  129. data/spec/unit/file_serving/configuration/parser_spec.rb +0 -1
  130. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  131. data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
  132. data/spec/unit/file_system_spec.rb +9 -0
  133. data/spec/unit/forge/module_release_spec.rb +2 -7
  134. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  135. data/spec/unit/http/service/compiler_spec.rb +49 -0
  136. data/spec/unit/http/service_spec.rb +1 -1
  137. data/spec/unit/indirector/face_spec.rb +0 -1
  138. data/spec/unit/indirector/facts/facter_spec.rb +95 -1
  139. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  140. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
  141. data/spec/unit/indirector/indirection_spec.rb +8 -12
  142. data/spec/unit/indirector/key/file_spec.rb +0 -1
  143. data/spec/unit/indirector/node/json_spec.rb +33 -0
  144. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  145. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  146. data/spec/unit/indirector_spec.rb +2 -2
  147. data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
  148. data/spec/unit/network/authconfig_spec.rb +0 -3
  149. data/spec/unit/network/formats_spec.rb +41 -0
  150. data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -9
  151. data/spec/unit/network/http/factory_spec.rb +19 -0
  152. data/spec/unit/network/http/handler_spec.rb +0 -5
  153. data/spec/unit/parser/compiler_spec.rb +3 -19
  154. data/spec/unit/parser/resource_spec.rb +14 -8
  155. data/spec/unit/parser/templatewrapper_spec.rb +4 -3
  156. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
  157. data/spec/unit/property_spec.rb +1 -0
  158. data/spec/unit/provider/group/groupadd_spec.rb +5 -2
  159. data/spec/unit/provider/nameservice_spec.rb +66 -65
  160. data/spec/unit/provider/package/apt_spec.rb +28 -23
  161. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  162. data/spec/unit/provider/package/base_spec.rb +6 -5
  163. data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
  164. data/spec/unit/provider/package/pacman_spec.rb +18 -12
  165. data/spec/unit/provider/package/pip_spec.rb +6 -11
  166. data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
  167. data/spec/unit/provider/service/systemd_spec.rb +11 -0
  168. data/spec/unit/provider/user/aix_spec.rb +5 -0
  169. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  170. data/spec/unit/provider/user/pw_spec.rb +2 -0
  171. data/spec/unit/provider/user/useradd_spec.rb +71 -3
  172. data/spec/unit/provider_spec.rb +8 -10
  173. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  174. data/spec/unit/resource/capability_finder_spec.rb +6 -1
  175. data/spec/unit/resource/catalog_spec.rb +1 -1
  176. data/spec/unit/resource/type_spec.rb +1 -1
  177. data/spec/unit/resource_spec.rb +11 -10
  178. data/spec/unit/settings_spec.rb +543 -228
  179. data/spec/unit/ssl/base_spec.rb +0 -1
  180. data/spec/unit/ssl/host_spec.rb +0 -5
  181. data/spec/unit/ssl/ssl_provider_spec.rb +14 -8
  182. data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
  183. data/spec/unit/transaction/event_manager_spec.rb +14 -11
  184. data/spec/unit/transaction_spec.rb +13 -4
  185. data/spec/unit/type/file/content_spec.rb +0 -1
  186. data/spec/unit/type/file/selinux_spec.rb +0 -2
  187. data/spec/unit/type/file_spec.rb +0 -6
  188. data/spec/unit/type/group_spec.rb +13 -6
  189. data/spec/unit/type/resources_spec.rb +7 -7
  190. data/spec/unit/type/service_spec.rb +1 -1
  191. data/spec/unit/type/tidy_spec.rb +0 -1
  192. data/spec/unit/type_spec.rb +2 -2
  193. data/spec/unit/util/at_fork_spec.rb +2 -2
  194. data/spec/unit/util/autoload_spec.rb +5 -1
  195. data/spec/unit/util/backups_spec.rb +1 -2
  196. data/spec/unit/util/execution_spec.rb +15 -11
  197. data/spec/unit/util/inifile_spec.rb +6 -14
  198. data/spec/unit/util/log_spec.rb +8 -7
  199. data/spec/unit/util/logging_spec.rb +3 -3
  200. data/spec/unit/util/posix_spec.rb +363 -15
  201. data/spec/unit/util/rubygems_spec.rb +2 -2
  202. data/spec/unit/util/selinux_spec.rb +76 -52
  203. data/spec/unit/util/storage_spec.rb +3 -1
  204. data/spec/unit/util/suidmanager_spec.rb +44 -41
  205. data/spec/unit/util/windows/sid_spec.rb +6 -0
  206. data/spec/unit/util_spec.rb +13 -6
  207. metadata +31 -16
  208. data/spec/integration/application/config_spec.rb +0 -74
  209. data/spec/lib/matchers/include.rb +0 -27
  210. data/spec/lib/matchers/include_spec.rb +0 -32
  211. data/spec/unit/face/catalog_spec.rb +0 -6
  212. data/spec/unit/face/module_spec.rb +0 -3
@@ -33,8 +33,8 @@ describe Puppet::Util::RubyGems::Source do
33
33
  describe '::Gems18Source' do
34
34
  before(:each) { allow(described_class).to receive(:source).and_return(Puppet::Util::RubyGems::Gems18Source) }
35
35
 
36
- it "#directories returns the lib subdirs of Gem::Specification.latest_specs" do
37
- expect(Gem::Specification).to receive(:latest_specs).with(true).and_return([fake_gem])
36
+ it "#directories returns the lib subdirs of Gem::Specification.stubs" do
37
+ expect(Gem::Specification).to receive(:stubs).and_return([fake_gem])
38
38
 
39
39
  expect(described_class.new.directories).to eq([gem_lib])
40
40
  end
@@ -111,15 +111,19 @@ describe Puppet::Util::SELinux do
111
111
  end
112
112
 
113
113
  it "should return a context" do
114
- expect(self).to receive(:selinux_support?).and_return(true)
115
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
116
- expect(get_selinux_current_context("/foo")).to eq("user_u:role_r:type_t:s0")
114
+ without_partial_double_verification do
115
+ expect(self).to receive(:selinux_support?).and_return(true)
116
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
117
+ expect(get_selinux_current_context("/foo")).to eq("user_u:role_r:type_t:s0")
118
+ end
117
119
  end
118
120
 
119
121
  it "should return nil if lgetfilecon fails" do
120
- expect(self).to receive(:selinux_support?).and_return(true)
121
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return(-1)
122
- expect(get_selinux_current_context("/foo")).to be_nil
122
+ without_partial_double_verification do
123
+ expect(self).to receive(:selinux_support?).and_return(true)
124
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return(-1)
125
+ expect(get_selinux_current_context("/foo")).to be_nil
126
+ end
123
127
  end
124
128
  end
125
129
 
@@ -130,47 +134,57 @@ describe Puppet::Util::SELinux do
130
134
  end
131
135
 
132
136
  it "should return a context if a default context exists" do
133
- expect(self).to receive(:selinux_support?).and_return(true)
134
- fstat = double('File::Stat', :mode => 0)
135
- expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
136
- expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
137
- expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return([0, "user_u:role_r:type_t:s0"])
138
-
139
- expect(get_selinux_default_context("/foo")).to eq("user_u:role_r:type_t:s0")
137
+ without_partial_double_verification do
138
+ expect(self).to receive(:selinux_support?).and_return(true)
139
+ fstat = double('File::Stat', :mode => 0)
140
+ expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
141
+ expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
142
+ expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return([0, "user_u:role_r:type_t:s0"])
143
+
144
+ expect(get_selinux_default_context("/foo")).to eq("user_u:role_r:type_t:s0")
145
+ end
140
146
  end
141
147
 
142
148
  it "handles permission denied errors by issuing a warning" do
143
- allow(self).to receive(:selinux_support?).and_return(true)
144
- allow(self).to receive(:selinux_label_support?).and_return(true)
145
- allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
146
- allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::EACCES, "/root/chuj")
149
+ without_partial_double_verification do
150
+ allow(self).to receive(:selinux_support?).and_return(true)
151
+ allow(self).to receive(:selinux_label_support?).and_return(true)
152
+ allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
153
+ allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::EACCES, "/root/chuj")
147
154
 
148
- expect(get_selinux_default_context("/root/chuj")).to be_nil
155
+ expect(get_selinux_default_context("/root/chuj")).to be_nil
156
+ end
149
157
  end
150
158
 
151
159
  it "handles no such file or directory errors by issuing a warning" do
152
- allow(self).to receive(:selinux_support?).and_return(true)
153
- allow(self).to receive(:selinux_label_support?).and_return(true)
154
- allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
155
- allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
160
+ without_partial_double_verification do
161
+ allow(self).to receive(:selinux_support?).and_return(true)
162
+ allow(self).to receive(:selinux_label_support?).and_return(true)
163
+ allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
164
+ allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
156
165
 
157
- expect(get_selinux_default_context("/root/chuj")).to be_nil
166
+ expect(get_selinux_default_context("/root/chuj")).to be_nil
167
+ end
158
168
  end
159
169
 
160
170
  it "should return nil if matchpathcon returns failure" do
161
- expect(self).to receive(:selinux_support?).and_return(true)
162
- fstat = double('File::Stat', :mode => 0)
163
- expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
164
- expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
165
- expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return(-1)
166
-
167
- expect(get_selinux_default_context("/foo")).to be_nil
171
+ without_partial_double_verification do
172
+ expect(self).to receive(:selinux_support?).and_return(true)
173
+ fstat = double('File::Stat', :mode => 0)
174
+ expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
175
+ expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
176
+ expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return(-1)
177
+
178
+ expect(get_selinux_default_context("/foo")).to be_nil
179
+ end
168
180
  end
169
181
 
170
182
  it "should return nil if selinux_label_support returns false" do
171
- expect(self).to receive(:selinux_support?).and_return(true)
172
- expect(self).to receive(:find_fs).with("/foo").and_return("nfs")
173
- expect(get_selinux_default_context("/foo")).to be_nil
183
+ without_partial_double_verification do
184
+ expect(self).to receive(:selinux_support?).and_return(true)
185
+ expect(self).to receive(:find_fs).with("/foo").and_return("nfs")
186
+ expect(get_selinux_default_context("/foo")).to be_nil
187
+ end
174
188
  end
175
189
  end
176
190
 
@@ -261,37 +275,47 @@ describe Puppet::Util::SELinux do
261
275
  end
262
276
 
263
277
  it "should use lsetfilecon to set a context" do
264
- expect(self).to receive(:selinux_support?).and_return(true)
265
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
266
- expect(set_selinux_context("/foo", "user_u:role_r:type_t:s0")).to be_truthy
278
+ without_partial_double_verification do
279
+ expect(self).to receive(:selinux_support?).and_return(true)
280
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
281
+ expect(set_selinux_context("/foo", "user_u:role_r:type_t:s0")).to be_truthy
282
+ end
267
283
  end
268
284
 
269
285
  it "should use lsetfilecon to set user_u user context" do
270
- expect(self).to receive(:selinux_support?).and_return(true)
271
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "foo:role_r:type_t:s0"])
272
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
273
- expect(set_selinux_context("/foo", "user_u", :seluser)).to be_truthy
286
+ without_partial_double_verification do
287
+ expect(self).to receive(:selinux_support?).and_return(true)
288
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "foo:role_r:type_t:s0"])
289
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
290
+ expect(set_selinux_context("/foo", "user_u", :seluser)).to be_truthy
291
+ end
274
292
  end
275
293
 
276
294
  it "should use lsetfilecon to set role_r role context" do
277
- expect(self).to receive(:selinux_support?).and_return(true)
278
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:foo:type_t:s0"])
279
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
280
- expect(set_selinux_context("/foo", "role_r", :selrole)).to be_truthy
295
+ without_partial_double_verification do
296
+ expect(self).to receive(:selinux_support?).and_return(true)
297
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:foo:type_t:s0"])
298
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
299
+ expect(set_selinux_context("/foo", "role_r", :selrole)).to be_truthy
300
+ end
281
301
  end
282
302
 
283
303
  it "should use lsetfilecon to set type_t type context" do
284
- expect(self).to receive(:selinux_support?).and_return(true)
285
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:foo:s0"])
286
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
287
- expect(set_selinux_context("/foo", "type_t", :seltype)).to be_truthy
304
+ without_partial_double_verification do
305
+ expect(self).to receive(:selinux_support?).and_return(true)
306
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:foo:s0"])
307
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
308
+ expect(set_selinux_context("/foo", "type_t", :seltype)).to be_truthy
309
+ end
288
310
  end
289
311
 
290
312
  it "should use lsetfilecon to set s0:c3,c5 range context" do
291
- expect(self).to receive(:selinux_support?).and_return(true)
292
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
293
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0:c3,c5").and_return(0)
294
- expect(set_selinux_context("/foo", "s0:c3,c5", :selrange)).to be_truthy
313
+ without_partial_double_verification do
314
+ expect(self).to receive(:selinux_support?).and_return(true)
315
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
316
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0:c3,c5").and_return(0)
317
+ expect(set_selinux_context("/foo", "s0:c3,c5", :selrange)).to be_truthy
318
+ end
295
319
  end
296
320
  end
297
321
 
@@ -143,9 +143,11 @@ describe Puppet::Util::Storage do
143
143
  end
144
144
 
145
145
  it "should raise an error if the state file does not contain valid YAML and cannot be renamed" do
146
+ allow(File).to receive(:rename).and_call_original
147
+
146
148
  write_state_file('{ invalid')
147
149
 
148
- expect(File).to receive(:rename).and_raise(SystemCallError)
150
+ expect(File).to receive(:rename).with(@state_file, "#{@state_file}.bad").and_raise(SystemCallError)
149
151
 
150
152
  expect { Puppet::Util::Storage.load }.to raise_error(Puppet::Error, /Could not rename/)
151
153
  end
@@ -14,12 +14,14 @@ describe Puppet::Util::SUIDManager do
14
14
  pwent = double('pwent', :name => 'fred', :uid => 42, :gid => 42)
15
15
  allow(Etc).to receive(:getpwuid).with(42).and_return(pwent)
16
16
 
17
- [:euid, :egid, :uid, :gid, :groups].each do |id|
18
- allow(Process).to receive("#{id}=") {|value| xids[id] = value}
17
+ unless Puppet::Util::Platform.windows?
18
+ [:euid, :egid, :uid, :gid, :groups].each do |id|
19
+ allow(Process).to receive("#{id}=") {|value| xids[id] = value}
20
+ end
19
21
  end
20
22
  end
21
23
 
22
- describe "#initgroups" do
24
+ describe "#initgroups", unless: Puppet::Util::Platform.windows? do
23
25
  it "should use the primary group of the user as the 'basegid'" do
24
26
  expect(Process).to receive(:initgroups).with('fred', 42)
25
27
  described_class.initgroups(42)
@@ -27,7 +29,7 @@ describe Puppet::Util::SUIDManager do
27
29
  end
28
30
 
29
31
  describe "#uid" do
30
- it "should allow setting euid/egid" do
32
+ it "should allow setting euid/egid", unless: Puppet::Util::Platform.windows? do
31
33
  Puppet::Util::SUIDManager.egid = user[:gid]
32
34
  Puppet::Util::SUIDManager.euid = user[:uid]
33
35
 
@@ -37,8 +39,7 @@ describe Puppet::Util::SUIDManager do
37
39
  end
38
40
 
39
41
  describe "#asuser" do
40
- it "should not get or set euid/egid when not root" do
41
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
42
+ it "should not get or set euid/egid when not root", unless: Puppet::Util::Platform.windows? do
42
43
  allow(Process).to receive(:uid).and_return(1)
43
44
 
44
45
  allow(Process).to receive(:egid).and_return(51)
@@ -49,13 +50,12 @@ describe Puppet::Util::SUIDManager do
49
50
  expect(xids).to be_empty
50
51
  end
51
52
 
52
- context "when root and not windows" do
53
+ context "when root and not Windows" do
53
54
  before :each do
54
55
  allow(Process).to receive(:uid).and_return(0)
55
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
56
56
  end
57
57
 
58
- it "should set euid/egid" do
58
+ it "should set euid/egid", unless: Puppet::Util::Platform.windows? do
59
59
  allow(Process).to receive(:egid).and_return(51, 51, user[:gid])
60
60
  allow(Process).to receive(:euid).and_return(50, 50, user[:uid])
61
61
 
@@ -79,29 +79,23 @@ describe Puppet::Util::SUIDManager do
79
79
  end
80
80
 
81
81
  it "should just yield if user and group are nil" do
82
- yielded = false
83
- Puppet::Util::SUIDManager.asuser(nil, nil) { yielded = true }
84
- expect(yielded).to be_truthy
82
+ expect { |b| Puppet::Util::SUIDManager.asuser(nil, nil, &b) }.to yield_control
85
83
  expect(xids).to eq({})
86
84
  end
87
85
 
88
- it "should just change group if only group is given" do
89
- yielded = false
90
- Puppet::Util::SUIDManager.asuser(nil, 42) { yielded = true }
91
- expect(yielded).to be_truthy
86
+ it "should just change group if only group is given", unless: Puppet::Util::Platform.windows? do
87
+ expect { |b| Puppet::Util::SUIDManager.asuser(nil, 42, &b) }.to yield_control
92
88
  expect(xids).to eq({ :egid => 42 })
93
89
  end
94
90
 
95
- it "should change gid to the primary group of uid by default" do
91
+ it "should change gid to the primary group of uid by default", unless: Puppet::Util::Platform.windows? do
96
92
  allow(Process).to receive(:initgroups)
97
93
 
98
- yielded = false
99
- Puppet::Util::SUIDManager.asuser(42) { yielded = true }
100
- expect(yielded).to be_truthy
94
+ expect { |b| Puppet::Util::SUIDManager.asuser(42, nil, &b) }.to yield_control
101
95
  expect(xids).to eq({ :euid => 42, :egid => 42 })
102
96
  end
103
97
 
104
- it "should change both uid and gid if given" do
98
+ it "should change both uid and gid if given", unless: Puppet::Util::Platform.windows? do
105
99
  # I don't like the sequence, but it is the only way to assert on the
106
100
  # internal behaviour in a reliable fashion, given we need multiple
107
101
  # sequenced calls to the same methods. --daniel 2012-02-05
@@ -110,21 +104,23 @@ describe Puppet::Util::SUIDManager do
110
104
  expect(Puppet::Util::SUIDManager).to receive(:change_group).with(Puppet::Util::SUIDManager.egid, false).ordered()
111
105
  expect(Puppet::Util::SUIDManager).to receive(:change_user).with(Puppet::Util::SUIDManager.euid, false).ordered()
112
106
 
113
- yielded = false
114
- Puppet::Util::SUIDManager.asuser(42, 43) { yielded = true }
115
- expect(yielded).to be_truthy
107
+ expect { |b| Puppet::Util::SUIDManager.asuser(42, 43, &b) }.to yield_control
116
108
  end
117
109
  end
118
110
 
119
- it "should not get or set euid/egid on Windows", if: Puppet::Util::Platform.windows? do
120
- Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) {}
121
-
122
- expect(xids).to be_empty
111
+ it "should just yield on Windows", if: Puppet::Util::Platform.windows? do
112
+ expect { |b| Puppet::Util::SUIDManager.asuser(1, 2, &b) }.to yield_control
123
113
  end
124
114
  end
125
115
 
126
116
  describe "#change_group" do
127
- describe "when changing permanently" do
117
+ it "raises on Windows", if: Puppet::Util::Platform.windows? do
118
+ expect {
119
+ Puppet::Util::SUIDManager.change_group(42, true)
120
+ }.to raise_error(NotImplementedError, /change_privilege\(\) function is unimplemented/)
121
+ end
122
+
123
+ describe "when changing permanently", unless: Puppet::Util::Platform.windows? do
128
124
  it "should change_privilege" do
129
125
  expect(Process::GID).to receive(:change_privilege) do |gid|
130
126
  Process.gid = gid
@@ -150,7 +146,7 @@ describe Puppet::Util::SUIDManager do
150
146
  end
151
147
  end
152
148
 
153
- describe "when changing temporarily" do
149
+ describe "when changing temporarily", unless: Puppet::Util::Platform.windows? do
154
150
  it "should change only egid" do
155
151
  Puppet::Util::SUIDManager.change_group(42, false)
156
152
 
@@ -161,7 +157,13 @@ describe Puppet::Util::SUIDManager do
161
157
  end
162
158
 
163
159
  describe "#change_user" do
164
- describe "when changing permanently" do
160
+ it "raises on Windows", if: Puppet::Util::Platform.windows? do
161
+ expect {
162
+ Puppet::Util::SUIDManager.change_user(42, true)
163
+ }.to raise_error(NotImplementedError, /initgroups\(\) function is unimplemented/)
164
+ end
165
+
166
+ describe "when changing permanently", unless: Puppet::Util::Platform.windows? do
165
167
  it "should change_privilege" do
166
168
  expect(Process::UID).to receive(:change_privilege) do |uid|
167
169
  Process.uid = uid
@@ -191,7 +193,7 @@ describe Puppet::Util::SUIDManager do
191
193
  end
192
194
  end
193
195
 
194
- describe "when changing temporarily" do
196
+ describe "when changing temporarily", unless: Puppet::Util::Platform.windows? do
195
197
  it "should change only euid and groups" do
196
198
  allow(Puppet::Util::SUIDManager).to receive(:initgroups).and_return([])
197
199
  Puppet::Util::SUIDManager.change_user(42, false)
@@ -221,12 +223,7 @@ describe Puppet::Util::SUIDManager do
221
223
  end
222
224
 
223
225
  describe "#root?" do
224
- describe "on POSIX systems" do
225
- before :each do
226
- allow(Puppet.features).to receive(:posix?).and_return(true)
227
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
228
- end
229
-
226
+ describe "on POSIX systems", unless: Puppet::Util::Platform.windows? do
230
227
  it "should be root if uid is 0" do
231
228
  allow(Process).to receive(:uid).and_return(0)
232
229
 
@@ -240,7 +237,7 @@ describe Puppet::Util::SUIDManager do
240
237
  end
241
238
  end
242
239
 
243
- describe "on Microsoft Windows", :if => Puppet::Util::Platform.windows? do
240
+ describe "on Windows", :if => Puppet::Util::Platform.windows? do
244
241
  it "should be root if user is privileged" do
245
242
  allow(Puppet::Util::Windows::User).to receive(:admin?).and_return(true)
246
243
 
@@ -261,13 +258,19 @@ describe 'Puppet::Util::SUIDManager#groups=' do
261
258
  Puppet::Util::SUIDManager
262
259
  end
263
260
 
264
- it "(#3419) should rescue Errno::EINVAL on OS X" do
261
+ it "raises on Windows", if: Puppet::Util::Platform.windows? do
262
+ expect {
263
+ subject.groups = []
264
+ }.to raise_error(NotImplementedError, /groups=\(\) function is unimplemented/)
265
+ end
266
+
267
+ it "(#3419) should rescue Errno::EINVAL on OS X", unless: Puppet::Util::Platform.windows? do
265
268
  expect(Process).to receive(:groups=).and_raise(Errno::EINVAL, 'blew up')
266
269
  expect(subject).to receive(:osx_maj_ver).and_return('10.7').twice
267
270
  subject.groups = ['list', 'of', 'groups']
268
271
  end
269
272
 
270
- it "(#3419) should fail if an Errno::EINVAL is raised NOT on OS X" do
273
+ it "(#3419) should fail if an Errno::EINVAL is raised NOT on OS X", unless: Puppet::Util::Platform.windows? do
271
274
  expect(Process).to receive(:groups=).and_raise(Errno::EINVAL, 'blew up')
272
275
  expect(subject).to receive(:osx_maj_ver).and_return(false)
273
276
  expect { subject.groups = ['list', 'of', 'groups'] }.to raise_error(Errno::EINVAL)
@@ -158,6 +158,12 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
158
158
  # this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
159
159
  expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
160
160
  end
161
+
162
+ it "should print a debug message on failures" do
163
+ expect(Puppet).to receive(:debug).with(/Could not retrieve raw SID bytes from 'NonExistingUser'/)
164
+ expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
165
+ subject.name_to_principal('NonExistingUser')
166
+ end
161
167
  end
162
168
 
163
169
  context "#ads_to_principal" do
@@ -315,7 +315,7 @@ describe Puppet::Util do
315
315
 
316
316
  describe "when using platform :posix" do
317
317
  before :each do
318
- allow(Puppet.features).to receive(:posix).and_return(true)
318
+ allow(Puppet.features).to receive(:posix?).and_return(true)
319
319
  allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
320
320
  end
321
321
 
@@ -328,7 +328,7 @@ describe Puppet::Util do
328
328
 
329
329
  describe "when using platform :windows" do
330
330
  before :each do
331
- allow(Puppet.features).to receive(:posix).and_return(false)
331
+ allow(Puppet.features).to receive(:posix?).and_return(false)
332
332
  allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
333
333
  end
334
334
 
@@ -462,7 +462,7 @@ describe Puppet::Util do
462
462
 
463
463
  describe "when using platform :posix" do
464
464
  before :each do
465
- allow(Puppet.features).to receive(:posix).and_return(true)
465
+ allow(Puppet.features).to receive(:posix?).and_return(true)
466
466
  allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
467
467
  end
468
468
 
@@ -501,7 +501,7 @@ describe Puppet::Util do
501
501
 
502
502
  describe "when using platform :windows" do
503
503
  before :each do
504
- allow(Puppet.features).to receive(:posix).and_return(false)
504
+ allow(Puppet.features).to receive(:posix?).and_return(false)
505
505
  allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
506
506
  end
507
507
 
@@ -539,7 +539,6 @@ describe Puppet::Util do
539
539
  expect(Puppet::Util.uri_to_path(URI.parse('http://foo/bar%20baz'))).to eq('/bar baz')
540
540
  end
541
541
 
542
-
543
542
  [
544
543
  "http://foo/A%DB%BF%E1%9A%A0%F0%A0%9C%8E",
545
544
  "http://foo/A%DB%BF%E1%9A%A0%F0%A0%9C%8E".force_encoding(Encoding::ASCII)
@@ -589,7 +588,15 @@ describe Puppet::Util do
589
588
  end
590
589
  end
591
590
 
592
- describe "safe_posix_fork" do
591
+ describe "safe_posix_fork on Windows and JRuby", if: Puppet::Util::Platform.windows? || Puppet::Util::Platform.jruby? do
592
+ it "raises not implemented error" do
593
+ expect {
594
+ Puppet::Util.safe_posix_fork
595
+ }.to raise_error(NotImplementedError, /fork/)
596
+ end
597
+ end
598
+
599
+ describe "safe_posix_fork", unless: Puppet::Util::Platform.windows? || Puppet::Util::Platform.jruby? do
593
600
  let(:pid) { 5501 }
594
601
 
595
602
  before :each do