puppet 6.23.0 → 7.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (581) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +16 -2
  3. data/Gemfile +1 -3
  4. data/Gemfile.lock +34 -46
  5. data/README.md +1 -1
  6. data/conf/fileserver.conf +5 -10
  7. data/ext/build_defaults.yaml +1 -1
  8. data/ext/osx/file_mapping.yaml +0 -5
  9. data/ext/osx/puppet.plist +0 -2
  10. data/ext/project_data.yaml +1 -14
  11. data/ext/redhat/puppet.spec.erb +0 -1
  12. data/ext/windows/service/daemon.rb +6 -5
  13. data/install.rb +21 -17
  14. data/lib/puppet.rb +11 -20
  15. data/lib/puppet/application.rb +178 -108
  16. data/lib/puppet/application/agent.rb +4 -12
  17. data/lib/puppet/application/apply.rb +2 -4
  18. data/lib/puppet/application/device.rb +100 -106
  19. data/lib/puppet/application/filebucket.rb +13 -9
  20. data/lib/puppet/application/resource.rb +1 -2
  21. data/lib/puppet/application/script.rb +0 -2
  22. data/lib/puppet/application/ssl.rb +1 -12
  23. data/lib/puppet/application_support.rb +0 -7
  24. data/lib/puppet/configurer.rb +30 -45
  25. data/lib/puppet/configurer/downloader.rb +1 -2
  26. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  27. data/lib/puppet/defaults.rb +100 -192
  28. data/lib/puppet/environments.rb +60 -74
  29. data/lib/puppet/face/facts.rb +5 -103
  30. data/lib/puppet/face/help.rb +1 -1
  31. data/lib/puppet/face/plugin.rb +5 -8
  32. data/lib/puppet/ffi/windows.rb +12 -0
  33. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  34. data/lib/puppet/ffi/windows/constants.rb +404 -0
  35. data/lib/puppet/ffi/windows/functions.rb +628 -0
  36. data/lib/puppet/ffi/windows/structs.rb +338 -0
  37. data/lib/puppet/file_serving/configuration.rb +0 -5
  38. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  39. data/lib/puppet/file_serving/fileset.rb +2 -14
  40. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  41. data/lib/puppet/file_serving/mount.rb +1 -2
  42. data/lib/puppet/file_system/memory_file.rb +1 -8
  43. data/lib/puppet/file_system/windows.rb +0 -2
  44. data/lib/puppet/forge/repository.rb +0 -1
  45. data/lib/puppet/functions/all.rb +1 -1
  46. data/lib/puppet/functions/camelcase.rb +1 -1
  47. data/lib/puppet/functions/capitalize.rb +2 -2
  48. data/lib/puppet/functions/downcase.rb +2 -2
  49. data/lib/puppet/functions/get.rb +5 -5
  50. data/lib/puppet/functions/group_by.rb +5 -13
  51. data/lib/puppet/functions/lest.rb +1 -1
  52. data/lib/puppet/functions/new.rb +100 -100
  53. data/lib/puppet/functions/partition.rb +4 -12
  54. data/lib/puppet/functions/require.rb +5 -5
  55. data/lib/puppet/functions/sort.rb +3 -3
  56. data/lib/puppet/functions/tree_each.rb +9 -7
  57. data/lib/puppet/functions/type.rb +4 -4
  58. data/lib/puppet/functions/upcase.rb +2 -2
  59. data/lib/puppet/generate/models/type/type.rb +4 -1
  60. data/lib/puppet/http.rb +22 -13
  61. data/lib/puppet/http/client.rb +164 -114
  62. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  63. data/lib/puppet/http/errors.rb +16 -0
  64. data/lib/puppet/http/external_client.rb +5 -7
  65. data/lib/puppet/{network/http → http}/factory.rb +8 -15
  66. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  67. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  68. data/lib/puppet/http/proxy.rb +137 -0
  69. data/lib/puppet/http/redirector.rb +4 -12
  70. data/lib/puppet/http/resolver.rb +5 -15
  71. data/lib/puppet/http/resolver/server_list.rb +10 -25
  72. data/lib/puppet/http/resolver/settings.rb +4 -7
  73. data/lib/puppet/http/resolver/srv.rb +7 -11
  74. data/lib/puppet/http/response.rb +36 -54
  75. data/lib/puppet/http/response_converter.rb +24 -0
  76. data/lib/puppet/http/response_net_http.rb +42 -0
  77. data/lib/puppet/http/retry_after_handler.rb +4 -13
  78. data/lib/puppet/http/service.rb +12 -26
  79. data/lib/puppet/http/service/ca.rb +11 -22
  80. data/lib/puppet/http/service/compiler.rb +22 -138
  81. data/lib/puppet/http/service/file_server.rb +19 -29
  82. data/lib/puppet/http/service/puppetserver.rb +26 -12
  83. data/lib/puppet/http/service/report.rb +8 -10
  84. data/lib/puppet/http/session.rb +11 -20
  85. data/lib/puppet/{network/http → http}/site.rb +1 -2
  86. data/lib/puppet/indirector/catalog/compiler.rb +0 -1
  87. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  88. data/lib/puppet/indirector/facts/rest.rb +3 -22
  89. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  90. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  91. data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
  92. data/lib/puppet/indirector/file_server.rb +1 -8
  93. data/lib/puppet/indirector/generic_http.rb +0 -11
  94. data/lib/puppet/indirector/node/rest.rb +2 -4
  95. data/lib/puppet/indirector/report/rest.rb +3 -8
  96. data/lib/puppet/indirector/request.rb +0 -101
  97. data/lib/puppet/indirector/rest.rb +12 -263
  98. data/lib/puppet/module_tool/applications.rb +0 -1
  99. data/lib/puppet/module_tool/applications/installer.rb +2 -48
  100. data/lib/puppet/module_tool/errors/shared.rb +2 -17
  101. data/lib/puppet/network/authconfig.rb +2 -96
  102. data/lib/puppet/network/authorization.rb +13 -35
  103. data/lib/puppet/network/formats.rb +0 -67
  104. data/lib/puppet/network/http.rb +3 -3
  105. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  106. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  107. data/lib/puppet/network/http/connection.rb +247 -316
  108. data/lib/puppet/network/http/handler.rb +0 -1
  109. data/lib/puppet/network/http_pool.rb +16 -34
  110. data/lib/puppet/node.rb +1 -30
  111. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  112. data/lib/puppet/pal/pal_impl.rb +3 -1
  113. data/lib/puppet/parser/ast/leaf.rb +2 -3
  114. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  115. data/lib/puppet/parser/compiler.rb +0 -198
  116. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  117. data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
  118. data/lib/puppet/parser/resource.rb +0 -69
  119. data/lib/puppet/parser/templatewrapper.rb +1 -1
  120. data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
  121. data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
  122. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  123. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  124. data/lib/puppet/pops/issues.rb +0 -5
  125. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  126. data/lib/puppet/pops/model/ast.pp +0 -42
  127. data/lib/puppet/pops/model/ast.rb +0 -290
  128. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  129. data/lib/puppet/pops/model/factory.rb +0 -45
  130. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  131. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  132. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  133. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  134. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  135. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  136. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  137. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  138. data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
  139. data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
  140. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  141. data/lib/puppet/pops/types/type_parser.rb +0 -4
  142. data/lib/puppet/pops/types/types.rb +0 -1
  143. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  144. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  145. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  146. data/lib/puppet/property/list.rb +1 -1
  147. data/lib/puppet/provider.rb +0 -13
  148. data/lib/puppet/provider/group/groupadd.rb +8 -13
  149. data/lib/puppet/provider/nameservice.rb +0 -18
  150. data/lib/puppet/provider/package/apt.rb +2 -34
  151. data/lib/puppet/provider/package/aptitude.rb +0 -6
  152. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  153. data/lib/puppet/provider/package/dpkg.rb +0 -10
  154. data/lib/puppet/provider/package/gem.rb +23 -3
  155. data/lib/puppet/provider/package/nim.rb +6 -11
  156. data/lib/puppet/provider/package/pip.rb +0 -1
  157. data/lib/puppet/provider/package/pkg.rb +0 -4
  158. data/lib/puppet/provider/package/portage.rb +1 -1
  159. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  160. data/lib/puppet/provider/service/debian.rb +0 -2
  161. data/lib/puppet/provider/service/smf.rb +191 -73
  162. data/lib/puppet/provider/service/systemd.rb +4 -14
  163. data/lib/puppet/provider/service/windows.rb +0 -38
  164. data/lib/puppet/provider/user/aix.rb +2 -2
  165. data/lib/puppet/provider/user/directoryservice.rb +10 -33
  166. data/lib/puppet/provider/user/useradd.rb +8 -62
  167. data/lib/puppet/reference/configuration.rb +8 -7
  168. data/lib/puppet/reference/indirection.rb +1 -1
  169. data/lib/puppet/resource.rb +1 -89
  170. data/lib/puppet/resource/catalog.rb +1 -14
  171. data/lib/puppet/resource/type.rb +3 -119
  172. data/lib/puppet/resource/type_collection.rb +3 -48
  173. data/lib/puppet/runtime.rb +1 -2
  174. data/lib/puppet/settings.rb +73 -66
  175. data/lib/puppet/settings/environment_conf.rb +0 -1
  176. data/lib/puppet/settings/integer_setting.rb +17 -0
  177. data/lib/puppet/settings/port_setting.rb +15 -0
  178. data/lib/puppet/settings/priority_setting.rb +5 -4
  179. data/lib/puppet/ssl.rb +10 -6
  180. data/lib/puppet/ssl/base.rb +3 -5
  181. data/lib/puppet/ssl/certificate.rb +0 -6
  182. data/lib/puppet/ssl/certificate_request.rb +1 -12
  183. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  184. data/lib/puppet/ssl/oids.rb +3 -1
  185. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  186. data/lib/puppet/ssl/state_machine.rb +3 -1
  187. data/lib/puppet/ssl/verifier.rb +2 -0
  188. data/lib/puppet/test/test_helper.rb +1 -3
  189. data/lib/puppet/transaction.rb +1 -7
  190. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  191. data/lib/puppet/transaction/report.rb +2 -4
  192. data/lib/puppet/type.rb +0 -76
  193. data/lib/puppet/type/file.rb +6 -26
  194. data/lib/puppet/type/file/checksum.rb +1 -1
  195. data/lib/puppet/type/file/selcontext.rb +1 -1
  196. data/lib/puppet/type/file/source.rb +1 -1
  197. data/lib/puppet/type/filebucket.rb +3 -3
  198. data/lib/puppet/type/package.rb +8 -16
  199. data/lib/puppet/type/service.rb +38 -18
  200. data/lib/puppet/type/tidy.rb +2 -21
  201. data/lib/puppet/type/user.rb +20 -38
  202. data/lib/puppet/util/autoload.rb +8 -1
  203. data/lib/puppet/util/execution.rb +0 -11
  204. data/lib/puppet/util/http_proxy.rb +2 -215
  205. data/lib/puppet/util/monkey_patches.rb +0 -53
  206. data/lib/puppet/util/posix.rb +5 -54
  207. data/lib/puppet/util/rdoc.rb +0 -7
  208. data/lib/puppet/util/retry_action.rb +1 -1
  209. data/lib/puppet/util/run_mode.rb +9 -1
  210. data/lib/puppet/util/selinux.rb +4 -30
  211. data/lib/puppet/util/windows.rb +3 -8
  212. data/lib/puppet/util/windows/adsi.rb +0 -46
  213. data/lib/puppet/util/windows/daemon.rb +360 -0
  214. data/lib/puppet/util/windows/error.rb +1 -0
  215. data/lib/puppet/util/windows/eventlog.rb +4 -9
  216. data/lib/puppet/util/windows/file.rb +8 -242
  217. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  218. data/lib/puppet/util/windows/principal.rb +2 -9
  219. data/lib/puppet/util/windows/process.rb +4 -226
  220. data/lib/puppet/util/windows/service.rb +9 -460
  221. data/lib/puppet/util/windows/sid.rb +2 -4
  222. data/lib/puppet/util/windows/string.rb +12 -13
  223. data/lib/puppet/util/yaml.rb +0 -22
  224. data/lib/puppet/vendor/require_vendored.rb +0 -1
  225. data/lib/puppet/version.rb +1 -1
  226. data/lib/puppet/x509.rb +5 -1
  227. data/lib/puppet/x509/cert_provider.rb +29 -1
  228. data/locales/puppet.pot +651 -1436
  229. data/man/man5/puppet.conf.5 +266 -354
  230. data/man/man8/puppet-agent.8 +2 -2
  231. data/man/man8/puppet-apply.8 +2 -2
  232. data/man/man8/puppet-catalog.8 +1 -1
  233. data/man/man8/puppet-config.8 +1 -1
  234. data/man/man8/puppet-describe.8 +1 -1
  235. data/man/man8/puppet-device.8 +2 -2
  236. data/man/man8/puppet-doc.8 +1 -1
  237. data/man/man8/puppet-epp.8 +1 -1
  238. data/man/man8/puppet-facts.8 +4 -47
  239. data/man/man8/puppet-filebucket.8 +4 -4
  240. data/man/man8/puppet-generate.8 +1 -1
  241. data/man/man8/puppet-help.8 +1 -1
  242. data/man/man8/puppet-lookup.8 +1 -1
  243. data/man/man8/puppet-module.8 +1 -58
  244. data/man/man8/puppet-node.8 +1 -1
  245. data/man/man8/puppet-parser.8 +1 -1
  246. data/man/man8/puppet-plugin.8 +1 -1
  247. data/man/man8/puppet-report.8 +1 -1
  248. data/man/man8/puppet-resource.8 +1 -1
  249. data/man/man8/puppet-script.8 +2 -2
  250. data/man/man8/puppet-ssl.8 +1 -5
  251. data/man/man8/puppet.8 +2 -2
  252. data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
  253. data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
  254. data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
  255. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
  256. data/spec/fixtures/ssl/ca.pem +35 -57
  257. data/spec/fixtures/ssl/crl.pem +18 -28
  258. data/spec/fixtures/ssl/ec-key.pem +11 -11
  259. data/spec/fixtures/ssl/ec.pem +24 -33
  260. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  261. data/spec/fixtures/ssl/encrypted-key.pem +58 -108
  262. data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
  263. data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
  264. data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
  265. data/spec/fixtures/ssl/intermediate.pem +36 -57
  266. data/spec/fixtures/ssl/pluto-key.pem +57 -107
  267. data/spec/fixtures/ssl/pluto.pem +30 -52
  268. data/spec/fixtures/ssl/request-key.pem +57 -107
  269. data/spec/fixtures/ssl/request.pem +26 -47
  270. data/spec/fixtures/ssl/revoked-key.pem +57 -107
  271. data/spec/fixtures/ssl/revoked.pem +30 -52
  272. data/spec/fixtures/ssl/signed-key.pem +57 -107
  273. data/spec/fixtures/ssl/signed.pem +30 -52
  274. data/spec/fixtures/ssl/tampered-cert.pem +30 -52
  275. data/spec/fixtures/ssl/tampered-csr.pem +26 -47
  276. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
  277. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
  278. data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
  279. data/spec/fixtures/ssl/unknown-ca.pem +33 -55
  280. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  281. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
  282. data/spec/integration/application/agent_spec.rb +27 -171
  283. data/spec/integration/application/apply_spec.rb +1 -20
  284. data/spec/integration/application/filebucket_spec.rb +16 -16
  285. data/spec/integration/application/help_spec.rb +2 -0
  286. data/spec/integration/application/plugin_spec.rb +24 -2
  287. data/spec/integration/defaults_spec.rb +14 -3
  288. data/spec/integration/http/client_spec.rb +0 -12
  289. data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
  290. data/spec/integration/network/http_pool_spec.rb +3 -21
  291. data/spec/integration/parser/catalog_spec.rb +0 -38
  292. data/spec/integration/parser/node_spec.rb +0 -9
  293. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  294. data/spec/integration/resource/type_collection_spec.rb +6 -2
  295. data/spec/integration/transaction_spec.rb +9 -4
  296. data/spec/integration/type/file_spec.rb +5 -4
  297. data/spec/integration/util/windows/adsi_spec.rb +1 -21
  298. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  299. data/spec/integration/util/windows/principal_spec.rb +0 -21
  300. data/spec/integration/util/windows/registry_spec.rb +10 -6
  301. data/spec/integration/util/windows/security_spec.rb +1 -1
  302. data/spec/lib/matchers/include.rb +27 -0
  303. data/spec/lib/matchers/include_spec.rb +32 -0
  304. data/spec/lib/puppet/test_ca.rb +2 -2
  305. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  306. data/spec/lib/puppet_spec/settings.rb +1 -0
  307. data/spec/spec_helper.rb +7 -12
  308. data/spec/unit/agent_spec.rb +6 -10
  309. data/spec/unit/application/agent_spec.rb +3 -7
  310. data/spec/unit/application/facts_spec.rb +12 -456
  311. data/spec/unit/application/filebucket_spec.rb +43 -39
  312. data/spec/unit/application/ssl_spec.rb +2 -25
  313. data/spec/unit/application_spec.rb +9 -51
  314. data/spec/unit/certificate_factory_spec.rb +1 -1
  315. data/spec/unit/configurer/downloader_spec.rb +6 -8
  316. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  317. data/spec/unit/configurer_spec.rb +12 -32
  318. data/spec/unit/confine/feature_spec.rb +1 -1
  319. data/spec/unit/confine_spec.rb +2 -8
  320. data/spec/unit/context/trusted_information_spec.rb +2 -6
  321. data/spec/unit/defaults_spec.rb +68 -54
  322. data/spec/unit/environments_spec.rb +68 -224
  323. data/spec/unit/face/node_spec.rb +11 -0
  324. data/spec/unit/face/plugin_spec.rb +73 -33
  325. data/spec/unit/file_bucket/file_spec.rb +1 -1
  326. data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
  327. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  328. data/spec/unit/file_serving/fileset_spec.rb +0 -60
  329. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  330. data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
  331. data/spec/unit/file_system_spec.rb +0 -9
  332. data/spec/unit/forge/module_release_spec.rb +7 -2
  333. data/spec/unit/functions/camelcase_spec.rb +1 -1
  334. data/spec/unit/functions/capitalize_spec.rb +1 -1
  335. data/spec/unit/functions/downcase_spec.rb +1 -1
  336. data/spec/unit/functions/upcase_spec.rb +1 -1
  337. data/spec/unit/gettext/config_spec.rb +0 -12
  338. data/spec/unit/http/client_spec.rb +7 -8
  339. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  340. data/spec/unit/http/external_client_spec.rb +4 -4
  341. data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
  342. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  343. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  344. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  345. data/spec/unit/http/resolver_spec.rb +13 -13
  346. data/spec/unit/http/service/compiler_spec.rb +0 -185
  347. data/spec/unit/http/service/file_server_spec.rb +3 -3
  348. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  349. data/spec/unit/http/service_spec.rb +0 -1
  350. data/spec/unit/http/session_spec.rb +16 -14
  351. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  352. data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
  353. data/spec/unit/indirector/face_spec.rb +1 -0
  354. data/spec/unit/indirector/facts/facter_spec.rb +3 -0
  355. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  356. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
  357. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  358. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  359. data/spec/unit/indirector/file_server_spec.rb +1 -15
  360. data/spec/unit/indirector/indirection_spec.rb +12 -8
  361. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  362. data/spec/unit/indirector/request_spec.rb +0 -264
  363. data/spec/unit/indirector/rest_spec.rb +98 -752
  364. data/spec/unit/indirector_spec.rb +2 -2
  365. data/spec/unit/module_tool/applications/installer_spec.rb +0 -66
  366. data/spec/unit/network/authconfig_spec.rb +2 -129
  367. data/spec/unit/network/authorization_spec.rb +2 -55
  368. data/spec/unit/network/formats_spec.rb +4 -45
  369. data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
  370. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  371. data/spec/unit/network/http/api_spec.rb +10 -0
  372. data/spec/unit/network/http/connection_spec.rb +19 -41
  373. data/spec/unit/network/http/handler_spec.rb +0 -1
  374. data/spec/unit/network/http_pool_spec.rb +0 -4
  375. data/spec/unit/node/environment_spec.rb +33 -21
  376. data/spec/unit/node_spec.rb +2 -54
  377. data/spec/unit/parser/compiler_spec.rb +19 -3
  378. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  379. data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
  380. data/spec/unit/parser/resource_spec.rb +8 -14
  381. data/spec/unit/parser/templatewrapper_spec.rb +3 -4
  382. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  383. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  384. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  385. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  386. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  387. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  388. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  389. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  390. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
  391. data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
  392. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  393. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  394. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  395. data/spec/unit/pops/visitor_spec.rb +1 -1
  396. data/spec/unit/property_spec.rb +0 -1
  397. data/spec/unit/provider/group/groupadd_spec.rb +2 -5
  398. data/spec/unit/provider/nameservice_spec.rb +64 -122
  399. data/spec/unit/provider/package/apt_spec.rb +23 -28
  400. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  401. data/spec/unit/provider/package/base_spec.rb +5 -6
  402. data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
  403. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  404. data/spec/unit/provider/package/gem_spec.rb +32 -0
  405. data/spec/unit/provider/package/nim_spec.rb +0 -42
  406. data/spec/unit/provider/package/pacman_spec.rb +12 -18
  407. data/spec/unit/provider/package/pip_spec.rb +11 -6
  408. data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
  409. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  410. data/spec/unit/provider/service/init_spec.rb +0 -1
  411. data/spec/unit/provider/service/openwrt_spec.rb +1 -3
  412. data/spec/unit/provider/service/smf_spec.rb +401 -165
  413. data/spec/unit/provider/service/systemd_spec.rb +8 -53
  414. data/spec/unit/provider/service/windows_spec.rb +0 -203
  415. data/spec/unit/provider/user/aix_spec.rb +0 -5
  416. data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
  417. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  418. data/spec/unit/provider/user/pw_spec.rb +0 -2
  419. data/spec/unit/provider/user/useradd_spec.rb +3 -71
  420. data/spec/unit/provider_spec.rb +8 -18
  421. data/spec/unit/resource/catalog_spec.rb +1 -1
  422. data/spec/unit/resource/type_collection_spec.rb +2 -22
  423. data/spec/unit/resource/type_spec.rb +1 -1
  424. data/spec/unit/resource_spec.rb +10 -67
  425. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  426. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  427. data/spec/unit/settings/port_setting_spec.rb +31 -0
  428. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  429. data/spec/unit/settings_spec.rb +23 -13
  430. data/spec/unit/ssl/base_spec.rb +37 -3
  431. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  432. data/spec/unit/ssl/certificate_spec.rb +2 -11
  433. data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
  434. data/spec/unit/ssl/state_machine_spec.rb +5 -20
  435. data/spec/unit/ssl/verifier_spec.rb +0 -21
  436. data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
  437. data/spec/unit/transaction/event_manager_spec.rb +11 -14
  438. data/spec/unit/transaction/report_spec.rb +0 -2
  439. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  440. data/spec/unit/transaction_spec.rb +55 -96
  441. data/spec/unit/type/file/checksum_spec.rb +6 -6
  442. data/spec/unit/type/file/content_spec.rb +2 -1
  443. data/spec/unit/type/file/ensure_spec.rb +1 -1
  444. data/spec/unit/type/file/mode_spec.rb +1 -1
  445. data/spec/unit/type/file/selinux_spec.rb +5 -3
  446. data/spec/unit/type/file/source_spec.rb +0 -1
  447. data/spec/unit/type/file_spec.rb +18 -6
  448. data/spec/unit/type/group_spec.rb +6 -13
  449. data/spec/unit/type/package_spec.rb +1 -1
  450. data/spec/unit/type/resources_spec.rb +7 -7
  451. data/spec/unit/type/service_spec.rb +189 -60
  452. data/spec/unit/type/tidy_spec.rb +8 -17
  453. data/spec/unit/type/user_spec.rb +0 -45
  454. data/spec/unit/type_spec.rb +22 -2
  455. data/spec/unit/util/at_fork_spec.rb +2 -2
  456. data/spec/unit/util/autoload_spec.rb +1 -5
  457. data/spec/unit/util/backups_spec.rb +2 -3
  458. data/spec/unit/util/execution_spec.rb +11 -44
  459. data/spec/unit/util/inifile_spec.rb +14 -6
  460. data/spec/unit/util/log_spec.rb +7 -8
  461. data/spec/unit/util/logging_spec.rb +3 -3
  462. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  463. data/spec/unit/util/posix_spec.rb +15 -363
  464. data/spec/unit/util/run_mode_spec.rb +21 -121
  465. data/spec/unit/util/selinux_spec.rb +68 -163
  466. data/spec/unit/util/storage_spec.rb +1 -3
  467. data/spec/unit/util/suidmanager_spec.rb +41 -44
  468. data/spec/unit/util/windows/sid_spec.rb +0 -6
  469. data/spec/unit/util/windows/string_spec.rb +1 -3
  470. data/spec/unit/util/yaml_spec.rb +0 -54
  471. data/spec/unit/util_spec.rb +6 -31
  472. data/tasks/generate_cert_fixtures.rake +2 -2
  473. metadata +44 -181
  474. data/conf/auth.conf +0 -150
  475. data/lib/puppet/application/cert.rb +0 -76
  476. data/lib/puppet/application/key.rb +0 -4
  477. data/lib/puppet/application/man.rb +0 -4
  478. data/lib/puppet/application/status.rb +0 -4
  479. data/lib/puppet/face/key.rb +0 -16
  480. data/lib/puppet/face/man.rb +0 -145
  481. data/lib/puppet/face/module/build.rb +0 -14
  482. data/lib/puppet/face/module/generate.rb +0 -14
  483. data/lib/puppet/face/module/search.rb +0 -103
  484. data/lib/puppet/face/status.rb +0 -51
  485. data/lib/puppet/ffi/posix.rb +0 -10
  486. data/lib/puppet/ffi/posix/constants.rb +0 -14
  487. data/lib/puppet/ffi/posix/functions.rb +0 -24
  488. data/lib/puppet/indirector/certificate/file.rb +0 -9
  489. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  490. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  491. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  492. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  493. data/lib/puppet/indirector/file_content/http.rb +0 -22
  494. data/lib/puppet/indirector/key/file.rb +0 -46
  495. data/lib/puppet/indirector/key/memory.rb +0 -7
  496. data/lib/puppet/indirector/ssl_file.rb +0 -162
  497. data/lib/puppet/indirector/status.rb +0 -3
  498. data/lib/puppet/indirector/status/local.rb +0 -12
  499. data/lib/puppet/indirector/status/rest.rb +0 -27
  500. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  501. data/lib/puppet/network/auth_config_parser.rb +0 -90
  502. data/lib/puppet/network/authstore.rb +0 -283
  503. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  504. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  505. data/lib/puppet/network/http/base_pool.rb +0 -36
  506. data/lib/puppet/network/http/compression.rb +0 -127
  507. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  508. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  509. data/lib/puppet/network/rest_controller.rb +0 -2
  510. data/lib/puppet/network/rights.rb +0 -210
  511. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  512. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  513. data/lib/puppet/parser/environment_compiler.rb +0 -202
  514. data/lib/puppet/pops/types/enumeration.rb +0 -16
  515. data/lib/puppet/resource/capability_finder.rb +0 -154
  516. data/lib/puppet/rest/errors.rb +0 -15
  517. data/lib/puppet/rest/response.rb +0 -35
  518. data/lib/puppet/rest/route.rb +0 -85
  519. data/lib/puppet/rest/routes.rb +0 -135
  520. data/lib/puppet/settings/alias_setting.rb +0 -37
  521. data/lib/puppet/ssl/host.rb +0 -505
  522. data/lib/puppet/ssl/key.rb +0 -61
  523. data/lib/puppet/ssl/validator.rb +0 -61
  524. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  525. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  526. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  527. data/lib/puppet/status.rb +0 -40
  528. data/lib/puppet/util/connection.rb +0 -88
  529. data/lib/puppet/util/fact_dif.rb +0 -81
  530. data/lib/puppet/util/ssl.rb +0 -83
  531. data/lib/puppet/util/windows/api_types.rb +0 -309
  532. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  533. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  534. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  535. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  536. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  537. data/lib/puppet/vendor/pathspec/README.md +0 -53
  538. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  539. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  540. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  541. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  542. data/man/man8/puppet-key.8 +0 -126
  543. data/man/man8/puppet-man.8 +0 -76
  544. data/man/man8/puppet-status.8 +0 -108
  545. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
  546. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
  547. data/spec/integration/application/resource_spec.rb +0 -30
  548. data/spec/integration/network/authconfig_spec.rb +0 -256
  549. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  550. data/spec/unit/application/man_spec.rb +0 -52
  551. data/spec/unit/capability_spec.rb +0 -414
  552. data/spec/unit/face/key_spec.rb +0 -9
  553. data/spec/unit/face/module/search_spec.rb +0 -231
  554. data/spec/unit/face/status_spec.rb +0 -9
  555. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  556. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  557. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  558. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  559. data/spec/unit/indirector/key/file_spec.rb +0 -78
  560. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  561. data/spec/unit/indirector/status/local_spec.rb +0 -10
  562. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  563. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  564. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  565. data/spec/unit/network/authstore_spec.rb +0 -422
  566. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  567. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  568. data/spec/unit/network/http/compression_spec.rb +0 -240
  569. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  570. data/spec/unit/network/http_spec.rb +0 -9
  571. data/spec/unit/network/rights_spec.rb +0 -439
  572. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  573. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
  574. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  575. data/spec/unit/resource/capability_finder_spec.rb +0 -148
  576. data/spec/unit/rest/route_spec.rb +0 -132
  577. data/spec/unit/ssl/host_spec.rb +0 -645
  578. data/spec/unit/ssl/key_spec.rb +0 -173
  579. data/spec/unit/ssl/validator_spec.rb +0 -278
  580. data/spec/unit/status_spec.rb +0 -45
  581. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -32,13 +32,6 @@ end
32
32
  # (#19151) Reject all SSLv2 ciphers and handshakes
33
33
  require 'puppet/ssl/openssl_loader'
34
34
  unless Puppet::Util::Platform.jruby_fips?
35
- unless defined?(OpenSSL::SSL::TLS1_VERSION)
36
- module OpenSSL::SSL
37
- # see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
38
- OpenSSL::SSL::TLS1_VERSION = 0x301
39
- end
40
- end
41
-
42
35
  class OpenSSL::SSL::SSLContext
43
36
  if DEFAULT_PARAMS[:options]
44
37
  DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
@@ -109,49 +102,3 @@ unless Puppet::Util::Platform.jruby_fips?
109
102
  end
110
103
  end
111
104
  end
112
-
113
- unless Puppet::Util::Platform.jruby_fips?
114
- unless OpenSSL::PKey::EC.instance_methods.include?(:private?)
115
- class OpenSSL::PKey::EC
116
- # Added in ruby 2.4.0 in https://github.com/ruby/ruby/commit/7c971e61f04
117
- alias :private? :private_key?
118
- end
119
- end
120
-
121
- unless OpenSSL::PKey::EC.singleton_methods.include?(:generate)
122
- class OpenSSL::PKey::EC
123
- # Added in ruby 2.4.0 in https://github.com/ruby/ruby/commit/85500b66342
124
- def self.generate(string)
125
- ec = OpenSSL::PKey::EC.new(string)
126
- ec.generate_key
127
- end
128
- end
129
- end
130
- end
131
-
132
- # The Enumerable#uniq method was added in Ruby 2.4.0 (https://bugs.ruby-lang.org/issues/11090)
133
- # This is a backport to earlier Ruby versions.
134
- #
135
- unless Enumerable.instance_methods.include?(:uniq)
136
- module Enumerable
137
- def uniq
138
- result = []
139
- uniq_map = {}
140
- if block_given?
141
- each do |value|
142
- key = yield value
143
- next if uniq_map.has_key?(key)
144
- uniq_map[key] = true
145
- result << value
146
- end
147
- else
148
- each do |value|
149
- next if uniq_map.has_key?(value)
150
- uniq_map[value] = true
151
- result << value
152
- end
153
- end
154
- result
155
- end
156
- end
157
- end
@@ -12,18 +12,11 @@ module Puppet::Util::POSIX
12
12
  class << self
13
13
  # Returns an array of all the groups that the user's a member of.
14
14
  def groups_of(user)
15
- begin
16
- require 'puppet/ffi/posix'
17
- groups = get_groups_list(user)
18
- rescue StandardError, LoadError => e
19
- Puppet.debug("Falling back to Puppet::Etc.group: #{e.message}")
20
-
21
- groups = []
22
- Puppet::Etc.group do |group|
23
- groups << group.name if group.mem.include?(user)
24
- end
15
+ groups = []
16
+ Puppet::Etc.group do |group|
17
+ groups << group.name if group.mem.include?(user)
25
18
  end
26
-
19
+
27
20
  uniq_groups = groups.uniq
28
21
  if uniq_groups != groups
29
22
  Puppet.debug(_('Removing any duplicate group entries'))
@@ -31,39 +24,6 @@ module Puppet::Util::POSIX
31
24
 
32
25
  uniq_groups
33
26
  end
34
-
35
- private
36
- def get_groups_list(user)
37
- raise LoadError, "The 'getgrouplist' method is not available" unless Puppet::FFI::POSIX::Functions.respond_to?(:getgrouplist)
38
-
39
- user_gid = Puppet::Etc.getpwnam(user).gid
40
- ngroups = Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS
41
-
42
- while true do # rubocop:disable Lint/LiteralInCondition
43
- FFI::MemoryPointer.new(:int) do |ngroups_ptr|
44
- FFI::MemoryPointer.new(:uint, ngroups) do |groups_ptr|
45
- old_ngroups = ngroups
46
- ngroups_ptr.write_int(ngroups)
47
-
48
- if Puppet::FFI::POSIX::Functions::getgrouplist(user, user_gid, groups_ptr, ngroups_ptr) != -1
49
- groups_gids = groups_ptr.get_array_of_uint(0, ngroups_ptr.read_int)
50
-
51
- result = []
52
- groups_gids.each do |group_gid|
53
- group_info = Puppet::Etc.getgrgid(group_gid)
54
- result |= [group_info.name] if group_info.mem.include?(user)
55
- end
56
- return result
57
- end
58
-
59
- ngroups = ngroups_ptr.read_int
60
- if ngroups <= old_ngroups
61
- ngroups *= 2
62
- end
63
- end
64
- end
65
- end
66
- end
67
27
  end
68
28
 
69
29
  # Retrieve a field from a POSIX Etc object. The id can be either an integer
@@ -184,17 +144,8 @@ module Puppet::Util::POSIX
184
144
  name = get_posix_field(location, :name, id)
185
145
  check_value = name
186
146
  end
187
-
188
147
  if check_value != field
189
- check_value_id = get_posix_field(location, id_field, check_value) if check_value
190
-
191
- if id == check_value_id
192
- Puppet.debug("Multiple entries found for resource: '#{location}' with #{id_field}: #{id}")
193
- return id
194
- else
195
- Puppet.debug("The value retrieved: '#{check_value}' is different than the required state: '#{field}', searching in all entries")
196
- return search_posix_field(location, id_field, field)
197
- end
148
+ return search_posix_field(location, id_field, field)
198
149
  else
199
150
  return id
200
151
  end
@@ -26,13 +26,6 @@ module Puppet::Util::RDoc
26
26
 
27
27
  options << "--force-update"
28
28
  options += [ "--charset", charset] if charset
29
- # Rdoc root default is Dir.pwd, but the win32-dir gem monkey patches Dir.pwd
30
- # replacing Ruby's normal / with \. When RDoc generates relative paths it
31
- # uses relative_path_from that will generate errors when the slashes don't
32
- # properly match. This is a workaround for that issue.
33
- if Puppet::Util::Platform.windows? && RDoc::VERSION !~ /^[0-3]\./
34
- options += [ "--root", Dir.pwd.tr('\\', '/')]
35
- end
36
29
  options += files
37
30
 
38
31
  # launch the documentation process
@@ -7,7 +7,7 @@ module Puppet::Util::RetryAction
7
7
  # Execute the supplied block retrying with exponential backoff.
8
8
  #
9
9
  # @param [Hash] options the retry options
10
- # @option options [FixNum] :retries Maximum number of times to retry.
10
+ # @option options [Integer] :retries Maximum number of times to retry.
11
11
  # @option options [Array<Exception>] :retry_exceptions ([StandardError]) Optional array of exceptions that are allowed to be retried.
12
12
  # @yield The block to be executed.
13
13
  def self.retry_action(options = {})
@@ -74,6 +74,10 @@ module Puppet
74
74
  which_dir("/opt/puppetlabs/puppet/cache", "~/.puppetlabs/opt/puppet/cache")
75
75
  end
76
76
 
77
+ def public_dir
78
+ which_dir("/opt/puppetlabs/puppet/public", "~/.puppetlabs/opt/puppet/public")
79
+ end
80
+
77
81
  def run_dir
78
82
  which_dir("/var/run/puppetlabs", "~/.puppetlabs/var/run")
79
83
  end
@@ -96,6 +100,10 @@ module Puppet
96
100
  which_dir(File.join(windows_common_base("puppet/cache")), "~/.puppetlabs/opt/puppet/cache")
97
101
  end
98
102
 
103
+ def public_dir
104
+ which_dir(File.join(windows_common_base("puppet/public")), "~/.puppetlabs/opt/puppet/public")
105
+ end
106
+
99
107
  def run_dir
100
108
  which_dir(File.join(windows_common_base("puppet/var/run")), "~/.puppetlabs/var/run")
101
109
  end
@@ -107,7 +115,7 @@ module Puppet
107
115
  private
108
116
 
109
117
  def windows_common_base(*extra)
110
- [Dir::COMMON_APPDATA, "PuppetLabs"] + extra
118
+ [ENV['ALLUSERSPROFILE'], "PuppetLabs"] + extra
111
119
  end
112
120
  end
113
121
  end
@@ -13,10 +13,6 @@ require 'pathname'
13
13
 
14
14
  module Puppet::Util::SELinux
15
15
 
16
- S_IFREG = 0100000
17
- S_IFDIR = 0040000
18
- S_IFLNK = 0120000
19
-
20
16
  def self.selinux_support?
21
17
  return false unless defined?(Selinux)
22
18
  if Selinux.is_selinux_enabled == 1
@@ -42,7 +38,7 @@ module Puppet::Util::SELinux
42
38
 
43
39
  # Retrieve and return the default context of the file. If we don't have
44
40
  # SELinux support or if the SELinux call fails to file a default then return nil.
45
- def get_selinux_default_context(file, resource_ensure=nil)
41
+ def get_selinux_default_context(file)
46
42
  return nil unless selinux_support?
47
43
  # If the filesystem has no support for SELinux labels, return a default of nil
48
44
  # instead of what matchpathcon would return
@@ -52,14 +48,8 @@ module Puppet::Util::SELinux
52
48
  begin
53
49
  filestat = file_lstat(file)
54
50
  mode = filestat.mode
55
- rescue Errno::EACCES
51
+ rescue Errno::EACCES, Errno::ENOENT
56
52
  mode = 0
57
- rescue Errno::ENOENT
58
- if resource_ensure
59
- mode = get_create_mode(resource_ensure)
60
- else
61
- mode = 0
62
- end
63
53
  end
64
54
 
65
55
  retval = Selinux.matchpathcon(file, mode)
@@ -146,8 +136,8 @@ module Puppet::Util::SELinux
146
136
  # Puppet uses. This will set the file's SELinux context to the policy's
147
137
  # default context (if any) if it differs from the context currently on
148
138
  # the file.
149
- def set_selinux_default_context(file, resource_ensure=nil)
150
- new_context = get_selinux_default_context(file, resource_ensure)
139
+ def set_selinux_default_context(file)
140
+ new_context = get_selinux_default_context(file)
151
141
  return nil unless new_context
152
142
  cur_context = get_selinux_current_context(file)
153
143
  if new_context != cur_context
@@ -208,22 +198,6 @@ module Puppet::Util::SELinux
208
198
  filesystems.include?(fstype)
209
199
  end
210
200
 
211
- # Get mode file type bits set based on ensure on
212
- # the file resource. This helps SELinux determine
213
- # what context a new resource being created should have.
214
- def get_create_mode(resource_ensure)
215
- mode = 0
216
- case resource_ensure
217
- when :present, :file
218
- mode |= S_IFREG
219
- when :directory
220
- mode |= S_IFDIR
221
- when :link
222
- mode |= S_IFLNK
223
- end
224
- mode
225
- end
226
-
227
201
  # Internal helper function to read and parse /proc/mounts
228
202
  def read_mounts
229
203
  mounts = ""
@@ -1,4 +1,5 @@
1
1
  require 'puppet/util/platform'
2
+
2
3
  module Puppet::Util::Windows
3
4
  module ADSI
4
5
  class ADSIObject; end
@@ -15,8 +16,6 @@ module Puppet::Util::Windows
15
16
  class EventLog; end
16
17
 
17
18
  if Puppet::Util::Platform.windows?
18
- require 'Win32API' # case matters in this require!
19
-
20
19
  # Note: Setting codepage here globally ensures all strings returned via
21
20
  # WIN32OLE (Ruby's late-bound COM support) are encoded in Encoding::UTF_8
22
21
  #
@@ -24,14 +23,9 @@ module Puppet::Util::Windows
24
23
  # to 2048 (at least on US English Windows) and is not listed in the MS
25
24
  # locales table, here: https://msdn.microsoft.com/en-us/library/ms912047(v=winembedded.10).aspx
26
25
  require 'win32ole' ; WIN32OLE.codepage = WIN32OLE::CP_UTF8
27
- # gems
28
- require 'win32/process'
29
- require 'puppet/util/windows/monkey_patches/dir'
30
- require 'win32/dir'
31
- require 'win32/service'
32
26
 
33
27
  # these reference platform specific gems
34
- require 'puppet/util/windows/api_types'
28
+ require 'puppet/ffi/windows'
35
29
  require 'puppet/util/windows/string'
36
30
  require 'puppet/util/windows/error'
37
31
  require 'puppet/util/windows/com'
@@ -49,5 +43,6 @@ module Puppet::Util::Windows
49
43
  require 'puppet/util/windows/registry'
50
44
  require 'puppet/util/windows/eventlog'
51
45
  require 'puppet/util/windows/service'
46
+ require 'puppet/util/windows/monkey_patches/process'
52
47
  end
53
48
  end
@@ -504,43 +504,6 @@ module Puppet::Util::Windows::ADSI
504
504
  user_name
505
505
  end
506
506
 
507
- # https://docs.microsoft.com/en-us/windows/win32/api/secext/ne-secext-extended_name_format
508
- NameUnknown = 0
509
- NameFullyQualifiedDN = 1
510
- NameSamCompatible = 2
511
- NameDisplay = 3
512
- NameUniqueId = 6
513
- NameCanonical = 7
514
- NameUserPrincipal = 8
515
- NameCanonicalEx = 9
516
- NameServicePrincipal = 10
517
- NameDnsDomain = 12
518
- NameGivenName = 13
519
- NameSurname = 14
520
-
521
- def self.current_user_name_with_format(format)
522
- user_name = ''
523
- max_length = 1024
524
-
525
- FFI::MemoryPointer.new(:lpwstr, max_length * 2 + 1) do |buffer|
526
- FFI::MemoryPointer.new(:dword, 1) do |buffer_size|
527
- buffer_size.write_dword(max_length + 1)
528
-
529
- if GetUserNameExW(format.to_i, buffer, buffer_size) == FFI::WIN32_FALSE
530
- raise Puppet::Util::Windows::Error.new(_("Failed to get user name"), FFI.errno)
531
- end
532
-
533
- user_name = buffer.read_wide_string(buffer_size.read_dword).chomp
534
- end
535
- end
536
-
537
- user_name
538
- end
539
-
540
- def self.current_sam_compatible_user_name
541
- current_user_name_with_format(NameSamCompatible)
542
- end
543
-
544
507
  def self.current_user_sid
545
508
  Puppet::Util::Windows::SID.name_to_principal(current_user_name)
546
509
  end
@@ -555,15 +518,6 @@ module Puppet::Util::Windows::ADSI
555
518
  ffi_lib :advapi32
556
519
  attach_function_private :GetUserNameW,
557
520
  [:lpwstr, :lpdword], :win32_bool
558
-
559
- # https://docs.microsoft.com/en-us/windows/win32/api/secext/nf-secext-getusernameexa
560
- # BOOLEAN SEC_ENTRY GetUserNameExA(
561
- # EXTENDED_NAME_FORMAT NameFormat,
562
- # LPSTR lpNameBuffer,
563
- # PULONG nSize
564
- # );type
565
- ffi_lib :secur32
566
- attach_function_private :GetUserNameExW, [:uint16, :lpwstr, :pointer], :win32_bool
567
521
  end
568
522
 
569
523
  class UserProfile
@@ -0,0 +1,360 @@
1
+ require 'puppet/ffi/windows'
2
+
3
+ module Puppet::Util::Windows
4
+
5
+ # The Daemon class, based on the chef/win32-service implementation
6
+ class Daemon
7
+ include Puppet::FFI::Windows::Constants
8
+ extend Puppet::FFI::Windows::Constants
9
+
10
+ include Puppet::FFI::Windows::Structs
11
+ extend Puppet::FFI::Windows::Structs
12
+
13
+ include Puppet::FFI::Windows::Functions
14
+ extend Puppet::FFI::Windows::Functions
15
+
16
+ # Service is not running
17
+ STOPPED = SERVICE_STOPPED
18
+
19
+ # Service has received a start signal but is not yet running
20
+ START_PENDING = SERVICE_START_PENDING
21
+
22
+ # Service has received a stop signal but is not yet stopped
23
+ STOP_PENDING = SERVICE_STOP_PENDING
24
+
25
+ # Service is running
26
+ RUNNING = SERVICE_RUNNING
27
+
28
+ # Service has received a signal to resume but is not yet running
29
+ CONTINUE_PENDING = SERVICE_CONTINUE_PENDING
30
+
31
+ # Service has received a signal to pause but is not yet paused
32
+ PAUSE_PENDING = SERVICE_PAUSE_PENDING
33
+
34
+ # Service is paused
35
+ PAUSED = SERVICE_PAUSED
36
+
37
+ # Service controls
38
+
39
+ # Notifies service that it should stop
40
+ CONTROL_STOP = SERVICE_CONTROL_STOP
41
+
42
+ # Notifies service that it should pause
43
+ CONTROL_PAUSE = SERVICE_CONTROL_PAUSE
44
+
45
+ # Notifies service that it should resume
46
+ CONTROL_CONTINUE = SERVICE_CONTROL_CONTINUE
47
+
48
+ # Notifies service that it should return its current status information
49
+ CONTROL_INTERROGATE = SERVICE_CONTROL_INTERROGATE
50
+
51
+ # Notifies a service that its parameters have changed
52
+ CONTROL_PARAMCHANGE = SERVICE_CONTROL_PARAMCHANGE
53
+
54
+ # Notifies a service that there is a new component for binding
55
+ CONTROL_NETBINDADD = SERVICE_CONTROL_NETBINDADD
56
+
57
+ # Notifies a service that a component for binding has been removed
58
+ CONTROL_NETBINDREMOVE = SERVICE_CONTROL_NETBINDREMOVE
59
+
60
+ # Notifies a service that a component for binding has been enabled
61
+ CONTROL_NETBINDENABLE = SERVICE_CONTROL_NETBINDENABLE
62
+
63
+ # Notifies a service that a component for binding has been disabled
64
+ CONTROL_NETBINDDISABLE = SERVICE_CONTROL_NETBINDDISABLE
65
+
66
+ IDLE = 0
67
+
68
+ # Misc
69
+ IDLE_CONTROL_CODE = 0
70
+ WAIT_OBJECT_0 = 0
71
+ WAIT_TIMEOUT = 0x00000102
72
+ WAIT_FAILED = 0xFFFFFFFF
73
+ NO_ERROR = 0
74
+
75
+ # Wraps SetServiceStatus.
76
+ SetTheServiceStatus = Proc.new do |dwCurrentState, dwWin32ExitCode, dwCheckPoint, dwWaitHint|
77
+ ss = SERVICE_STATUS.new # Current status of the service.
78
+
79
+ # Disable control requests until the service is started.
80
+ if dwCurrentState == SERVICE_START_PENDING
81
+ ss[:dwControlsAccepted] = 0
82
+ else
83
+ ss[:dwControlsAccepted] =
84
+ SERVICE_ACCEPT_STOP|SERVICE_ACCEPT_SHUTDOWN|
85
+ SERVICE_ACCEPT_PAUSE_CONTINUE|SERVICE_ACCEPT_PARAMCHANGE
86
+ end
87
+
88
+ # Initialize ss structure.
89
+ ss[:dwServiceType] = SERVICE_WIN32_OWN_PROCESS
90
+ ss[:dwServiceSpecificExitCode] = 0
91
+ ss[:dwCurrentState] = dwCurrentState
92
+ ss[:dwWin32ExitCode] = dwWin32ExitCode
93
+ ss[:dwCheckPoint] = dwCheckPoint
94
+ ss[:dwWaitHint] = dwWaitHint
95
+
96
+ @@dwServiceState = dwCurrentState
97
+
98
+ # Send status of the service to the Service Controller.
99
+ if !SetServiceStatus(@@ssh, ss)
100
+ SetEvent(@@hStopEvent)
101
+ end
102
+ end
103
+
104
+ ERROR_CALL_NOT_IMPLEMENTED = 0x78
105
+
106
+ # Handles control signals from the service control manager.
107
+ Service_Ctrl_ex = Proc.new do |dwCtrlCode, dwEventType, lpEventData, lpContext|
108
+ @@waiting_control_code = dwCtrlCode;
109
+ return_value = NO_ERROR
110
+
111
+ begin
112
+ dwState = SERVICE_RUNNING
113
+
114
+ case dwCtrlCode
115
+ when SERVICE_CONTROL_STOP
116
+ dwState = SERVICE_STOP_PENDING
117
+ when SERVICE_CONTROL_SHUTDOWN
118
+ dwState = SERVICE_STOP_PENDING
119
+ when SERVICE_CONTROL_PAUSE
120
+ dwState = SERVICE_PAUSED
121
+ when SERVICE_CONTROL_CONTINUE
122
+ dwState = SERVICE_RUNNING
123
+ #else
124
+ # TODO: Handle other control codes? Retain the current state?
125
+ end
126
+
127
+ # Set the status of the service except on interrogation.
128
+ unless dwCtrlCode == SERVICE_CONTROL_INTERROGATE
129
+ SetTheServiceStatus.call(dwState, NO_ERROR, 0, 0)
130
+ end
131
+
132
+ # Tell service_main thread to stop.
133
+ if dwCtrlCode == SERVICE_CONTROL_STOP || dwCtrlCode == SERVICE_CONTROL_SHUTDOWN
134
+ if SetEvent(@@hStopEvent) == 0
135
+ SetTheServiceStatus.call(SERVICE_STOPPED, FFI.errno, 0, 0)
136
+ end
137
+ end
138
+ rescue
139
+ return_value = ERROR_CALL_NOT_IMPLEMENTED
140
+ end
141
+
142
+ return_value
143
+ end
144
+
145
+ # Called by the service control manager after the call to StartServiceCtrlDispatcher.
146
+ Service_Main = FFI::Function.new(:void, [:ulong, :pointer], :blocking => false) do |dwArgc, lpszArgv|
147
+ begin
148
+ # Obtain the name of the service.
149
+ if lpszArgv.address != 0
150
+ argv = lpszArgv.get_array_of_string(0, dwArgc)
151
+ lpszServiceName = argv[0]
152
+ else
153
+ lpszServiceName = ''
154
+ end
155
+
156
+ # Args passed to Service.start
157
+ if(dwArgc > 1)
158
+ @@Argv = argv[1..-1]
159
+ else
160
+ @@Argv = nil
161
+ end
162
+
163
+ # Register the service ctrl handler.
164
+ @@ssh = RegisterServiceCtrlHandlerExW(
165
+ lpszServiceName,
166
+ Service_Ctrl_ex,
167
+ nil
168
+ )
169
+
170
+ # No service to stop, no service handle to notify, nothing to do but exit.
171
+ break if @@ssh == 0
172
+
173
+ # The service has started.
174
+ SetTheServiceStatus.call(SERVICE_RUNNING, NO_ERROR, 0, 0)
175
+
176
+ SetEvent(@@hStartEvent)
177
+
178
+ # Main loop for the service.
179
+ while(WaitForSingleObject(@@hStopEvent, 1000) != WAIT_OBJECT_0) do
180
+ end
181
+
182
+ # Main loop for the service.
183
+ while(WaitForSingleObject(@@hStopCompletedEvent, 1000) != WAIT_OBJECT_0) do
184
+ end
185
+ ensure
186
+ # Stop the service.
187
+ SetTheServiceStatus.call(SERVICE_STOPPED, NO_ERROR, 0, 0)
188
+ end
189
+ end
190
+
191
+ ThreadProc = FFI::Function.new(:ulong,[:pointer]) do |lpParameter|
192
+ ste = FFI::MemoryPointer.new(SERVICE_TABLE_ENTRYW, 2)
193
+
194
+ s = SERVICE_TABLE_ENTRYW.new(ste[0])
195
+ s[:lpServiceName] = FFI::MemoryPointer.from_string('')
196
+ s[:lpServiceProc] = lpParameter
197
+
198
+ s = SERVICE_TABLE_ENTRYW.new(ste[1])
199
+ s[:lpServiceName] = nil
200
+ s[:lpServiceProc] = nil
201
+
202
+ # No service to step, no service handle, no ruby exceptions, just terminate the thread..
203
+ if !StartServiceCtrlDispatcherW(ste)
204
+ return 1
205
+ end
206
+
207
+ return 0
208
+ end
209
+
210
+ # This is a shortcut for Daemon.new + Daemon#mainloop.
211
+ #
212
+ def self.mainloop
213
+ self.new.mainloop
214
+ end
215
+
216
+ # This is the method that actually puts your code into a loop and allows it
217
+ # to run as a service. The code that is actually run while in the mainloop
218
+ # is what you defined in your own Daemon#service_main method.
219
+ #
220
+ def mainloop
221
+ @@waiting_control_code = IDLE_CONTROL_CODE
222
+ @@dwServiceState = 0
223
+
224
+ # Redirect STDIN, STDOUT and STDERR to the NUL device if they're still
225
+ # associated with a tty. This helps newbs avoid Errno::EBADF errors.
226
+ STDIN.reopen('NUL') if STDIN.isatty
227
+ STDOUT.reopen('NUL') if STDOUT.isatty
228
+ STDERR.reopen('NUL') if STDERR.isatty
229
+
230
+ # Calling init here so that init failures never even tries to start the
231
+ # service. Of course that means that init methods must be very quick
232
+ # because the SCM will be receiving no START_PENDING messages while
233
+ # init's running.
234
+ #
235
+ # TODO: Fix?
236
+ service_init() if respond_to?('service_init')
237
+
238
+ # Create the event to signal the service to start.
239
+ @@hStartEvent = CreateEventW(nil, 1, 0, nil)
240
+
241
+ if @@hStartEvent == 0
242
+ raise SystemCallError.new('CreateEvent', FFI.errno)
243
+ end
244
+
245
+ # Create the event to signal the service to stop.
246
+ @@hStopEvent = CreateEventW(nil, 1, 0, nil)
247
+
248
+ if @@hStopEvent == 0
249
+ raise SystemCallError.new('CreateEvent', FFI.errno)
250
+ end
251
+
252
+ # Create the event to signal the service that stop has completed
253
+ @@hStopCompletedEvent = CreateEventW(nil, 1, 0, nil)
254
+
255
+ if @@hStopCompletedEvent == 0
256
+ raise SystemCallError.new('CreateEvent', FFI.errno)
257
+ end
258
+
259
+ hThread = CreateThread(nil, 0, ThreadProc, Service_Main, 0, nil)
260
+
261
+ if hThread == 0
262
+ raise SystemCallError.new('CreateThread', FFI.errno)
263
+ end
264
+
265
+ events = FFI::MemoryPointer.new(:pointer, 2)
266
+ events.put_pointer(0, FFI::Pointer.new(hThread))
267
+ events.put_pointer(FFI::Pointer.size, FFI::Pointer.new(@@hStartEvent))
268
+
269
+ while ((index = WaitForMultipleObjects(2, events, 0, 1000)) == WAIT_TIMEOUT) do
270
+ end
271
+
272
+ if index == WAIT_FAILED
273
+ raise SystemCallError.new('WaitForMultipleObjects', FFI.errno)
274
+ end
275
+
276
+ # The thread exited, so the show is off.
277
+ if index == WAIT_OBJECT_0
278
+ raise "Service_Main thread exited abnormally"
279
+ end
280
+
281
+ thr = Thread.new do
282
+ begin
283
+ while(WaitForSingleObject(@@hStopEvent, 1000) == WAIT_TIMEOUT)
284
+ # Check to see if anything interesting has been signaled
285
+ case @@waiting_control_code
286
+ when SERVICE_CONTROL_PAUSE
287
+ service_pause() if respond_to?('service_pause')
288
+ when SERVICE_CONTROL_CONTINUE
289
+ service_resume() if respond_to?('service_resume')
290
+ when SERVICE_CONTROL_INTERROGATE
291
+ service_interrogate() if respond_to?('service_interrogate')
292
+ when SERVICE_CONTROL_SHUTDOWN
293
+ service_shutdown() if respond_to?('service_shutdown')
294
+ when SERVICE_CONTROL_PARAMCHANGE
295
+ service_paramchange() if respond_to?('service_paramchange')
296
+ when SERVICE_CONTROL_NETBINDADD
297
+ service_netbindadd() if respond_to?('service_netbindadd')
298
+ when SERVICE_CONTROL_NETBINDREMOVE
299
+ service_netbindremove() if respond_to?('service_netbindremove')
300
+ when SERVICE_CONTROL_NETBINDENABLE
301
+ service_netbindenable() if respond_to?('service_netbindenable')
302
+ when SERVICE_CONTROL_NETBINDDISABLE
303
+ service_netbinddisable() if respond_to?('service_netbinddisable')
304
+ end
305
+ @@waiting_control_code = IDLE_CONTROL_CODE
306
+ end
307
+
308
+ service_stop() if respond_to?('service_stop')
309
+ ensure
310
+ SetEvent(@@hStopCompletedEvent)
311
+ end
312
+ end
313
+
314
+ if respond_to?('service_main')
315
+ service_main(*@@Argv)
316
+ end
317
+
318
+ thr.join
319
+ end
320
+
321
+ # Returns the state of the service (as an constant integer) which can be any
322
+ # of the service status constants, e.g. RUNNING, PAUSED, etc.
323
+ #
324
+ # This method is typically used within your service_main method to setup the
325
+ # loop. For example:
326
+ #
327
+ # class MyDaemon < Daemon
328
+ # def service_main
329
+ # while state == RUNNING || state == PAUSED || state == IDLE
330
+ # # Your main loop here
331
+ # end
332
+ # end
333
+ # end
334
+ #
335
+ # See the Daemon#running? method for an abstraction of the above code.
336
+ #
337
+ def state
338
+ @@dwServiceState
339
+ end
340
+
341
+ #
342
+ # Returns whether or not the service is in a running state, i.e. the service
343
+ # status is either RUNNING, PAUSED or IDLE.
344
+ #
345
+ # This is typically used within your service_main method to setup the main
346
+ # loop. For example:
347
+ #
348
+ # class MyDaemon < Daemon
349
+ # def service_main
350
+ # while running?
351
+ # # Your main loop here
352
+ # end
353
+ # end
354
+ # end
355
+ #
356
+ def running?
357
+ [SERVICE_RUNNING, SERVICE_PAUSED, 0].include?(@@dwServiceState)
358
+ end
359
+ end
360
+ end