puppet 6.24.0-universal-darwin → 6.25.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/Gemfile.lock +12 -12
- data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
- data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
- data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
- data/{ext → examples}/nagios/check_puppet.rb +2 -2
- data/ext/README.md +13 -0
- data/lib/puppet/application/agent.rb +4 -0
- data/lib/puppet/application/apply.rb +20 -2
- data/lib/puppet/application/resource.rb +15 -13
- data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
- data/lib/puppet/configurer.rb +85 -57
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +36 -30
- data/lib/puppet/environments.rb +66 -26
- data/lib/puppet/face/facts.rb +1 -1
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/file_serving/configuration/parser.rb +2 -0
- data/lib/puppet/file_serving/configuration.rb +3 -0
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount/scripts.rb +24 -0
- data/lib/puppet/file_system/file_impl.rb +3 -1
- data/lib/puppet/forge.rb +1 -1
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/http/service/compiler.rb +6 -1
- data/lib/puppet/indirector/catalog/compiler.rb +24 -6
- data/lib/puppet/indirector/catalog/rest.rb +1 -0
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/terminus.rb +4 -0
- data/lib/puppet/module/plan.rb +0 -1
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +8 -4
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/node/environment.rb +10 -11
- data/lib/puppet/pal/pal_impl.rb +1 -1
- data/lib/puppet/parser/scope.rb +1 -0
- data/lib/puppet/parser/templatewrapper.rb +1 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
- data/lib/puppet/pops/model/ast.rb +1 -0
- data/lib/puppet/pops/model/factory.rb +2 -1
- data/lib/puppet/pops/parser/eparser.rb +201 -201
- data/lib/puppet/pops/parser/lexer2.rb +92 -91
- data/lib/puppet/pops/parser/slurp_support.rb +1 -0
- data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/type_formatter.rb +4 -3
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +5 -2
- data/lib/puppet/provider/package/pkg.rb +19 -2
- data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/init.rb +5 -5
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +3 -3
- data/lib/puppet/provider/service/systemd.rb +2 -2
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/user/aix.rb +44 -1
- data/lib/puppet/provider/user/directoryservice.rb +1 -1
- data/lib/puppet/provider/user/useradd.rb +72 -16
- data/lib/puppet/provider.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/type_collection.rb +1 -0
- data/lib/puppet/runtime.rb +11 -1
- data/lib/puppet/settings.rb +2 -2
- data/lib/puppet/test/test_helper.rb +4 -1
- data/lib/puppet/transaction/persistence.rb +11 -1
- data/lib/puppet/transaction/report.rb +15 -1
- data/lib/puppet/type/exec.rb +19 -2
- data/lib/puppet/type/file.rb +6 -6
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/group.rb +0 -1
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +8 -3
- data/lib/puppet/type/user.rb +0 -1
- data/lib/puppet/type.rb +1 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/json.rb +3 -0
- data/lib/puppet/util/log.rb +1 -2
- data/lib/puppet/util/logging.rb +1 -25
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +1 -2
- data/lib/puppet/util/tagging.rb +1 -0
- data/lib/puppet/util/windows/user.rb +0 -2
- data/lib/puppet/util.rb +4 -3
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet.rb +2 -6
- data/locales/puppet.pot +246 -230
- data/man/man5/puppet.conf.5 +33 -25
- data/man/man8/puppet-agent.8 +4 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +3 -3
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
- data/spec/integration/application/agent_spec.rb +113 -37
- data/spec/integration/application/filebucket_spec.rb +5 -0
- data/spec/integration/configurer_spec.rb +18 -2
- data/spec/integration/indirector/facts/facter_spec.rb +3 -3
- data/spec/integration/l10n/compiler_spec.rb +37 -0
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/type/file_spec.rb +2 -2
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/process_spec.rb +1 -9
- data/spec/lib/puppet_spec/modules.rb +13 -2
- data/spec/lib/puppet_spec/puppetserver.rb +15 -0
- data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
- data/spec/shared_contexts/l10n.rb +27 -0
- data/spec/spec_helper.rb +1 -10
- data/spec/unit/application/apply_spec.rb +76 -56
- data/spec/unit/application/resource_spec.rb +29 -0
- data/spec/unit/configurer_spec.rb +171 -56
- data/spec/unit/defaults_spec.rb +1 -0
- data/spec/unit/environments_spec.rb +150 -1
- data/spec/unit/facter_impl_spec.rb +31 -0
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
- data/spec/unit/file_serving/configuration_spec.rb +14 -4
- data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
- data/spec/unit/file_system_spec.rb +7 -0
- data/spec/unit/functions/logging_spec.rb +1 -0
- data/spec/unit/functions/lookup_spec.rb +64 -0
- data/spec/unit/http/service/compiler_spec.rb +8 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +87 -0
- data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
- data/spec/unit/indirector/indirection_spec.rb +10 -3
- data/spec/unit/interface/action_spec.rb +0 -9
- data/spec/unit/module_spec.rb +15 -1
- data/spec/unit/module_tool/applications/installer_spec.rb +39 -12
- data/spec/unit/network/authstore_spec.rb +0 -15
- data/spec/unit/network/formats_spec.rb +6 -0
- data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
- data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
- data/spec/unit/provider/package/gem_spec.rb +1 -1
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +1 -1
- data/spec/unit/provider/package/pkg_spec.rb +29 -4
- data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
- data/spec/unit/provider/service/launchd_spec.rb +11 -0
- data/spec/unit/provider/service/systemd_spec.rb +1 -1
- data/spec/unit/provider/user/aix_spec.rb +100 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +1 -1
- data/spec/unit/provider/user/useradd_spec.rb +43 -2
- data/spec/unit/provider_spec.rb +4 -4
- data/spec/unit/puppet_spec.rb +12 -4
- data/spec/unit/ssl/certificate_request_spec.rb +8 -14
- data/spec/unit/type/service_spec.rb +27 -0
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/logging_spec.rb +2 -0
- data/tasks/parallel.rake +3 -3
- metadata +37 -94
- data/ext/README.environment +0 -8
- data/ext/dbfix.sql +0 -132
- data/ext/debian/README.Debian +0 -8
- data/ext/debian/README.source +0 -2
- data/ext/debian/TODO.Debian +0 -1
- data/ext/debian/changelog.erb +0 -1122
- data/ext/debian/compat +0 -1
- data/ext/debian/control +0 -144
- data/ext/debian/copyright +0 -339
- data/ext/debian/docs +0 -1
- data/ext/debian/fileserver.conf +0 -41
- data/ext/debian/puppet-common.dirs +0 -13
- data/ext/debian/puppet-common.install +0 -3
- data/ext/debian/puppet-common.lintian-overrides +0 -5
- data/ext/debian/puppet-common.manpages +0 -28
- data/ext/debian/puppet-common.postinst +0 -35
- data/ext/debian/puppet-common.postrm +0 -33
- data/ext/debian/puppet-el.dirs +0 -1
- data/ext/debian/puppet-el.emacsen-install +0 -25
- data/ext/debian/puppet-el.emacsen-remove +0 -11
- data/ext/debian/puppet-el.emacsen-startup +0 -9
- data/ext/debian/puppet-el.install +0 -1
- data/ext/debian/puppet-testsuite.install +0 -2
- data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
- data/ext/debian/puppet.lintian-overrides +0 -3
- data/ext/debian/puppet.logrotate +0 -20
- data/ext/debian/puppet.postinst +0 -20
- data/ext/debian/puppet.postrm +0 -20
- data/ext/debian/puppet.preinst +0 -20
- data/ext/debian/puppetmaster-common.install +0 -2
- data/ext/debian/puppetmaster-common.manpages +0 -2
- data/ext/debian/puppetmaster-common.postinst +0 -6
- data/ext/debian/puppetmaster-passenger.dirs +0 -4
- data/ext/debian/puppetmaster-passenger.postinst +0 -162
- data/ext/debian/puppetmaster-passenger.postrm +0 -61
- data/ext/debian/puppetmaster.README.debian +0 -17
- data/ext/debian/puppetmaster.default +0 -14
- data/ext/debian/puppetmaster.init +0 -137
- data/ext/debian/puppetmaster.lintian-overrides +0 -3
- data/ext/debian/puppetmaster.postinst +0 -20
- data/ext/debian/puppetmaster.postrm +0 -5
- data/ext/debian/puppetmaster.preinst +0 -22
- data/ext/debian/rules +0 -132
- data/ext/debian/source/format +0 -1
- data/ext/debian/source/options +0 -1
- data/ext/debian/vim-puppet.README.Debian +0 -13
- data/ext/debian/vim-puppet.dirs +0 -5
- data/ext/debian/vim-puppet.yaml +0 -7
- data/ext/debian/watch +0 -2
- data/ext/freebsd/puppetd +0 -26
- data/ext/freebsd/puppetmasterd +0 -26
- data/ext/gentoo/conf.d/puppet +0 -5
- data/ext/gentoo/conf.d/puppetmaster +0 -12
- data/ext/gentoo/init.d/puppet +0 -38
- data/ext/gentoo/init.d/puppetmaster +0 -51
- data/ext/gentoo/puppet/fileserver.conf +0 -41
- data/ext/ips/puppet-agent +0 -44
- data/ext/ips/puppet-master +0 -44
- data/ext/ips/puppet.p5m.erb +0 -12
- data/ext/ips/puppetagent.xml +0 -42
- data/ext/ips/puppetmaster.xml +0 -42
- data/ext/ips/rules +0 -19
- data/ext/ips/transforms +0 -34
- data/ext/ldap/puppet.schema +0 -24
- data/ext/logcheck/puppet +0 -23
- data/ext/osx/file_mapping.yaml +0 -33
- data/ext/osx/postflight.erb +0 -109
- data/ext/osx/preflight.erb +0 -52
- data/ext/osx/prototype.plist.erb +0 -38
- data/ext/redhat/fileserver.conf +0 -41
- data/ext/redhat/logrotate +0 -21
- data/ext/redhat/puppet.spec.erb +0 -842
- data/ext/redhat/server.init +0 -128
- data/ext/redhat/server.sysconfig +0 -13
- data/ext/solaris/pkginfo +0 -6
- data/ext/solaris/smf/puppetd.xml +0 -77
- data/ext/solaris/smf/puppetmasterd.xml +0 -77
- data/ext/solaris/smf/svc-puppetd +0 -71
- data/ext/solaris/smf/svc-puppetmasterd +0 -67
- data/ext/suse/puppet.spec +0 -310
- data/ext/suse/server.init +0 -173
- data/ext/yaml_nodes.rb +0 -105
- data/spec/unit/indirector/store_configs_spec.rb +0 -7
@@ -7,9 +7,12 @@ require 'puppet/error'
|
|
7
7
|
Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameService::ObjectAdd do
|
8
8
|
desc "User management via `useradd` and its ilk. Note that you will need to
|
9
9
|
install Ruby's shadow password library (often known as `ruby-libshadow`)
|
10
|
-
if you wish to manage user passwords.
|
10
|
+
if you wish to manage user passwords.
|
11
11
|
|
12
|
-
|
12
|
+
To use the `forcelocal` parameter, you need to install the `libuser` package (providing
|
13
|
+
`/usr/sbin/lgroupadd` and `/usr/sbin/luseradd`)."
|
14
|
+
|
15
|
+
commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "chage", :chpasswd => "chpasswd"
|
13
16
|
|
14
17
|
options :home, :flag => "-d", :method => :dir
|
15
18
|
options :comment, :method => :gecos
|
@@ -21,13 +24,13 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
21
24
|
options :expiry, :method => :sp_expire,
|
22
25
|
:munge => proc { |value|
|
23
26
|
if value == :absent
|
24
|
-
if
|
27
|
+
if Puppet.runtime[:facter].value(:operatingsystem)=='SLES' && Puppet.runtime[:facter].value(:operatingsystemmajrelease) == "11"
|
25
28
|
-1
|
26
29
|
else
|
27
30
|
''
|
28
31
|
end
|
29
32
|
else
|
30
|
-
case
|
33
|
+
case Puppet.runtime[:facter].value(:operatingsystem)
|
31
34
|
when 'Solaris'
|
32
35
|
# Solaris uses %m/%d/%Y for useradd/usermod
|
33
36
|
expiry_year, expiry_month, expiry_day = value.split('-')
|
@@ -69,6 +72,16 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
69
72
|
get(:comment)
|
70
73
|
end
|
71
74
|
|
75
|
+
def shell
|
76
|
+
return localshell if @resource.forcelocal?
|
77
|
+
get(:shell)
|
78
|
+
end
|
79
|
+
|
80
|
+
def home
|
81
|
+
return localhome if @resource.forcelocal?
|
82
|
+
get(:home)
|
83
|
+
end
|
84
|
+
|
72
85
|
def groups
|
73
86
|
return localgroups if @resource.forcelocal?
|
74
87
|
super
|
@@ -120,6 +133,16 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
120
133
|
user[:gecos]
|
121
134
|
end
|
122
135
|
|
136
|
+
def localshell
|
137
|
+
user = finduser(:account, resource[:name])
|
138
|
+
user[:shell]
|
139
|
+
end
|
140
|
+
|
141
|
+
def localhome
|
142
|
+
user = finduser(:account, resource[:name])
|
143
|
+
user[:directory]
|
144
|
+
end
|
145
|
+
|
123
146
|
def localgroups
|
124
147
|
@groups_of ||= {}
|
125
148
|
group_file = '/etc/group'
|
@@ -152,6 +175,38 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
152
175
|
set(:groups, value)
|
153
176
|
end
|
154
177
|
|
178
|
+
def password=(value)
|
179
|
+
user = @resource[:name]
|
180
|
+
tempfile = Tempfile.new('puppet', :encoding => Encoding::UTF_8)
|
181
|
+
begin
|
182
|
+
# Puppet execute does not support strings as input, only files.
|
183
|
+
# The password is expected to be in an encrypted format given -e is specified:
|
184
|
+
tempfile << "#{user}:#{value}\n"
|
185
|
+
tempfile.flush
|
186
|
+
|
187
|
+
# Options '-e' use encrypted password
|
188
|
+
# Must receive "user:enc_password" as input
|
189
|
+
# command, arguments = {:failonfail => true, :combine => true}
|
190
|
+
cmd = [command(:chpasswd), '-e']
|
191
|
+
execute_options = {
|
192
|
+
:failonfail => false,
|
193
|
+
:combine => true,
|
194
|
+
:stdinfile => tempfile.path,
|
195
|
+
:sensitive => has_sensitive_data?
|
196
|
+
}
|
197
|
+
output = execute(cmd, execute_options)
|
198
|
+
|
199
|
+
rescue => detail
|
200
|
+
tempfile.close
|
201
|
+
tempfile.delete
|
202
|
+
raise Puppet::Error, "Could not set password on #{@resource.class.name}[#{@resource.name}]: #{detail}", detail.backtrace
|
203
|
+
end
|
204
|
+
|
205
|
+
# chpasswd can return 1, even on success (at least on AIX 6.1); empty output
|
206
|
+
# indicates success
|
207
|
+
raise Puppet::ExecutionFailure, "chpasswd said #{output}" if output != ''
|
208
|
+
end
|
209
|
+
|
155
210
|
verify :gid, "GID must be an integer" do |value|
|
156
211
|
value.is_a? Integer
|
157
212
|
end
|
@@ -161,7 +216,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
161
216
|
end
|
162
217
|
|
163
218
|
has_features :manages_homedir, :allows_duplicates, :manages_expiry
|
164
|
-
has_features :system_users unless %w{HP-UX Solaris}.include?
|
219
|
+
has_features :system_users unless %w{HP-UX Solaris}.include? Puppet.runtime[:facter].value(:operatingsystem)
|
165
220
|
|
166
221
|
has_features :manages_passwords, :manages_password_age if Puppet.features.libshadow?
|
167
222
|
has_features :manages_shell
|
@@ -196,8 +251,8 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
196
251
|
# libuser does not implement the -m flag
|
197
252
|
cmd << "-m" unless @resource.forcelocal?
|
198
253
|
else
|
199
|
-
osfamily =
|
200
|
-
osversion =
|
254
|
+
osfamily = Puppet.runtime[:facter].value(:osfamily)
|
255
|
+
osversion = Puppet.runtime[:facter].value(:operatingsystemmajrelease).to_i
|
201
256
|
# SLES 11 uses pwdutils instead of shadow, which does not have -M
|
202
257
|
# Solaris and OpenBSD use different useradd flavors
|
203
258
|
unless osfamily =~ /Solaris|OpenBSD/ || osfamily == 'Suse' && osversion <= 11
|
@@ -215,13 +270,15 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
215
270
|
end
|
216
271
|
end
|
217
272
|
|
273
|
+
# Add properties and flags but skipping password related properties due to
|
274
|
+
# security risks
|
218
275
|
def add_properties
|
219
276
|
cmd = []
|
220
277
|
# validproperties is a list of properties in undefined order
|
221
278
|
# sort them to have a predictable command line in tests
|
222
279
|
Puppet::Type.type(:user).validproperties.sort.each do |property|
|
223
280
|
value = get_value_for_property(property)
|
224
|
-
next if value.nil?
|
281
|
+
next if value.nil? || property == :password
|
225
282
|
# the value needs to be quoted, mostly because -c might
|
226
283
|
# have spaces in it
|
227
284
|
cmd << flag(property) << munge(property, value)
|
@@ -293,7 +350,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
293
350
|
cmd = [command(:delete)]
|
294
351
|
end
|
295
352
|
# Solaris `userdel -r` will fail if the homedir does not exist.
|
296
|
-
if @resource.managehome? && (('Solaris' !=
|
353
|
+
if @resource.managehome? && (('Solaris' != Puppet.runtime[:facter].value(:operatingsystem)) || Dir.exist?(Dir.home(@resource[:name])))
|
297
354
|
cmd << '-r'
|
298
355
|
end
|
299
356
|
cmd << @resource[:name]
|
@@ -331,13 +388,12 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
331
388
|
if @resource[:shell]
|
332
389
|
check_valid_shell
|
333
390
|
end
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
|
340
|
-
end
|
391
|
+
super
|
392
|
+
if @resource.forcelocal?
|
393
|
+
set(:groups, @resource[:groups]) if self.groups?
|
394
|
+
set(:expiry, @resource[:expiry]) if @resource[:expiry]
|
395
|
+
end
|
396
|
+
set(:password, @resource[:password]) if @resource[:password]
|
341
397
|
end
|
342
398
|
|
343
399
|
def groups?
|
data/lib/puppet/provider.rb
CHANGED
@@ -302,7 +302,7 @@ class Puppet::Provider
|
|
302
302
|
# values. Given one or more Regexp instances, fact is compared via the basic
|
303
303
|
# pattern-matching operator.
|
304
304
|
def self.fact_match(fact, values)
|
305
|
-
fact_val =
|
305
|
+
fact_val = Puppet.runtime[:facter].value(fact).to_s.downcase
|
306
306
|
if fact_val.empty?
|
307
307
|
return false
|
308
308
|
else
|
@@ -15,7 +15,7 @@ providers = Puppet::Util::Reference.newreference :providers, :title => "Provider
|
|
15
15
|
# Throw some facts in there, so we know where the report is from.
|
16
16
|
["Ruby Version", "Puppet Version", "Operating System", "Operating System Release"].each do |label|
|
17
17
|
name = label.gsub(/\s+/, '')
|
18
|
-
value =
|
18
|
+
value = Puppet.runtime[:facter].value(name)
|
19
19
|
ret << option(label, value)
|
20
20
|
end
|
21
21
|
ret << "\n"
|
@@ -61,7 +61,7 @@ providers = Puppet::Util::Reference.newreference :providers, :title => "Provider
|
|
61
61
|
if Puppet.settings.valid?(name)
|
62
62
|
details << _(" - Setting %{name} (currently %{value}) not in list %{facts}\n") % { name: name, value: Puppet.settings.value(name).inspect, facts: facts.join(", ") }
|
63
63
|
else
|
64
|
-
details << _(" - Fact %{name} (currently %{value}) not in list %{facts}\n") % { name: name, value:
|
64
|
+
details << _(" - Fact %{name} (currently %{value}) not in list %{facts}\n") % { name: name, value: Puppet.runtime[:facter].value(name).inspect, facts: facts.join(", ") }
|
65
65
|
end
|
66
66
|
end
|
67
67
|
when :true
|
data/lib/puppet/runtime.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'puppet/http'
|
2
|
+
require 'puppet/facter_impl'
|
2
3
|
require 'singleton'
|
3
4
|
|
4
5
|
# Provides access to runtime implementations.
|
@@ -17,11 +18,20 @@ class Puppet::Runtime
|
|
17
18
|
else
|
18
19
|
Puppet::HTTP::ExternalClient.new(klass)
|
19
20
|
end
|
20
|
-
end
|
21
|
+
end,
|
22
|
+
facter: proc { Puppet::FacterImpl.new }
|
21
23
|
}
|
22
24
|
end
|
23
25
|
private :initialize
|
24
26
|
|
27
|
+
# Loads all runtime implementations.
|
28
|
+
#
|
29
|
+
# @return Array[Symbol] the names of loaded implementations
|
30
|
+
# @api private
|
31
|
+
def load_services
|
32
|
+
@runtime_services.keys.each { |key| self[key] }
|
33
|
+
end
|
34
|
+
|
25
35
|
# Get a runtime implementation.
|
26
36
|
#
|
27
37
|
# @param name [Symbol] the name of the implementation
|
data/lib/puppet/settings.rb
CHANGED
@@ -75,11 +75,11 @@ class Puppet::Settings
|
|
75
75
|
end
|
76
76
|
|
77
77
|
def self.hostname_fact()
|
78
|
-
|
78
|
+
Puppet.runtime[:facter].value :hostname
|
79
79
|
end
|
80
80
|
|
81
81
|
def self.domain_fact()
|
82
|
-
|
82
|
+
Puppet.runtime[:facter].value :domain
|
83
83
|
end
|
84
84
|
|
85
85
|
def self.default_config_file_name
|
@@ -142,7 +142,9 @@ module Puppet::Test
|
|
142
142
|
},
|
143
143
|
"Context for specs")
|
144
144
|
|
145
|
-
|
145
|
+
# trigger `require 'facter'`
|
146
|
+
Puppet.runtime[:facter]
|
147
|
+
|
146
148
|
Puppet::Parser::Functions.reset
|
147
149
|
Puppet::Application.clear!
|
148
150
|
Puppet::Util::Profiler.clear
|
@@ -169,6 +171,7 @@ module Puppet::Test
|
|
169
171
|
|
170
172
|
Puppet::Util::Storage.clear
|
171
173
|
Puppet::Util::ExecutionStub.reset
|
174
|
+
Puppet.runtime.clear
|
172
175
|
|
173
176
|
Puppet.clear_deprecation_warnings
|
174
177
|
|
@@ -87,7 +87,17 @@ class Puppet::Transaction::Persistence
|
|
87
87
|
|
88
88
|
# Save data from internal class to persistence store on disk.
|
89
89
|
def save
|
90
|
-
Puppet::
|
90
|
+
converted_data = Puppet::Pops::Serialization::ToDataConverter.convert(
|
91
|
+
@new_data, {
|
92
|
+
symbol_as_string: false,
|
93
|
+
local_reference: false,
|
94
|
+
type_by_reference: true,
|
95
|
+
force_symbol: true,
|
96
|
+
silence_warnings: true,
|
97
|
+
message_prefix: to_s
|
98
|
+
}
|
99
|
+
)
|
100
|
+
Puppet::Util::Yaml.dump(converted_data, Puppet[:transactionstorefile])
|
91
101
|
end
|
92
102
|
|
93
103
|
# Use the catalog and run_mode to determine if persistence should be enabled or not
|
@@ -77,6 +77,10 @@ class Puppet::Transaction::Report
|
|
77
77
|
# @return [String] the environment name
|
78
78
|
attr_accessor :environment
|
79
79
|
|
80
|
+
# The name of the environment the agent initially started in
|
81
|
+
# @return [String] the environment name
|
82
|
+
attr_accessor :initial_environment
|
83
|
+
|
80
84
|
# Whether there are changes that we decided not to apply because of noop
|
81
85
|
# @return [Boolean]
|
82
86
|
#
|
@@ -377,7 +381,17 @@ class Puppet::Transaction::Report
|
|
377
381
|
# @api public
|
378
382
|
#
|
379
383
|
def raw_summary
|
380
|
-
report = {
|
384
|
+
report = {
|
385
|
+
"version" => {
|
386
|
+
"config" => configuration_version,
|
387
|
+
"puppet" => Puppet.version
|
388
|
+
},
|
389
|
+
"application" => {
|
390
|
+
"run_mode" => Puppet.run_mode.name.to_s,
|
391
|
+
"initial_environment" => initial_environment,
|
392
|
+
"converged_environment" => environment
|
393
|
+
}
|
394
|
+
}
|
381
395
|
|
382
396
|
@metrics.each do |name, metric|
|
383
397
|
key = metric.name.to_s
|
data/lib/puppet/type/exec.rb
CHANGED
@@ -11,7 +11,10 @@ module Puppet
|
|
11
11
|
|
12
12
|
* The command itself is already idempotent. (For example, `apt-get update`.)
|
13
13
|
* The exec has an `onlyif`, `unless`, or `creates` attribute, which prevents
|
14
|
-
Puppet from running the command unless some condition is met.
|
14
|
+
Puppet from running the command unless some condition is met. The
|
15
|
+
`onlyif` and `unless` commands of an `exec` are used in the process of
|
16
|
+
determining whether the `exec` is already in sync, therefore they must be run
|
17
|
+
during a noop Puppet run.
|
15
18
|
* The exec has `refreshonly => true`, which allows Puppet to run the
|
16
19
|
command only when some other resource is changed. (See the notes on refreshing
|
17
20
|
below.)
|
@@ -198,7 +201,15 @@ module Puppet
|
|
198
201
|
any output is logged at the `err` log level.
|
199
202
|
|
200
203
|
Multiple `exec` resources can use the same `command` value; Puppet
|
201
|
-
only uses the resource title to ensure `exec`s are unique.
|
204
|
+
only uses the resource title to ensure `exec`s are unique.
|
205
|
+
|
206
|
+
On *nix platforms, the command can be specified as an array of
|
207
|
+
strings and Puppet will invoke it using the more secure method of
|
208
|
+
parameterized system calls. For example, rather than executing the
|
209
|
+
malicious injected code, this command will echo it out:
|
210
|
+
|
211
|
+
command => ['/bin/echo', 'hello world; rm -rf /']
|
212
|
+
"
|
202
213
|
|
203
214
|
validate do |command|
|
204
215
|
unless command.is_a?(String) || command.is_a?(Array)
|
@@ -456,6 +467,9 @@ module Puppet
|
|
456
467
|
`user`, `cwd`, and `group` as the main command. If the `path` isn't set, you
|
457
468
|
must fully qualify the command's name.
|
458
469
|
|
470
|
+
Since this command is used in the process of determining whether the
|
471
|
+
`exec` is already in sync, it must be run during a noop Puppet run.
|
472
|
+
|
459
473
|
This parameter can also take an array of commands. For example:
|
460
474
|
|
461
475
|
unless => ['test -f /tmp/file1', 'test -f /tmp/file2'],
|
@@ -516,6 +530,9 @@ module Puppet
|
|
516
530
|
`user`, `cwd`, and `group` as the main command. If the `path` isn't set, you
|
517
531
|
must fully qualify the command's name.
|
518
532
|
|
533
|
+
Since this command is used in the process of determining whether the
|
534
|
+
`exec` is already in sync, it must be run during a noop Puppet run.
|
535
|
+
|
519
536
|
This parameter can also take an array of commands. For example:
|
520
537
|
|
521
538
|
onlyif => ['test -f /tmp/file1', 'test -f /tmp/file2'],
|
data/lib/puppet/type/file.rb
CHANGED
@@ -93,23 +93,23 @@ Puppet::Type.newtype(:file) do
|
|
93
93
|
|
94
94
|
Backing up to a local filebucket isn't particularly useful. If you want
|
95
95
|
to make organized use of backups, you will generally want to use the
|
96
|
-
|
96
|
+
primary Puppet server's filebucket service. This requires declaring a
|
97
97
|
filebucket resource and a resource default for the `backup` attribute
|
98
98
|
in site.pp:
|
99
99
|
|
100
100
|
# /etc/puppetlabs/puppet/manifests/site.pp
|
101
101
|
filebucket { 'main':
|
102
102
|
path => false, # This is required for remote filebuckets.
|
103
|
-
server => 'puppet.example.com', # Optional; defaults to the configured
|
103
|
+
server => 'puppet.example.com', # Optional; defaults to the configured primary Puppet server.
|
104
104
|
}
|
105
105
|
|
106
106
|
File { backup => main, }
|
107
107
|
|
108
|
-
If you are using multiple
|
108
|
+
If you are using multiple primary servers, you will want to
|
109
109
|
centralize the contents of the filebucket. Either configure your load
|
110
|
-
balancer to direct all filebucket traffic to a single
|
110
|
+
balancer to direct all filebucket traffic to a single primary server, or use
|
111
111
|
something like an out-of-band rsync task to synchronize the content on all
|
112
|
-
|
112
|
+
primary servers.
|
113
113
|
|
114
114
|
> **Note**: Enabling and using the backup option, and by extension the
|
115
115
|
filebucket resource, requires appropriate planning and management to ensure
|
@@ -361,7 +361,7 @@ Puppet::Type.newtype(:file) do
|
|
361
361
|
This command must have a fully qualified path, and should contain a
|
362
362
|
percent (`%`) token where it would expect an input file. It must exit `0`
|
363
363
|
if the syntax is correct, and non-zero otherwise. The command will be
|
364
|
-
run on the target system while applying the catalog, not on the
|
364
|
+
run on the target system while applying the catalog, not on the primary Puppet server.
|
365
365
|
|
366
366
|
Example:
|
367
367
|
|
@@ -4,8 +4,8 @@ module Puppet
|
|
4
4
|
Type.newtype(:filebucket) do
|
5
5
|
@doc = <<-EOT
|
6
6
|
A repository for storing and retrieving file content by MD5 checksum. Can
|
7
|
-
be local to each agent node, or centralized on a
|
8
|
-
puppet
|
7
|
+
be local to each agent node, or centralized on a primary Puppet server. All
|
8
|
+
puppet servers provide a filebucket service that agent nodes can access
|
9
9
|
via HTTP, but you must declare a filebucket resource before any agents
|
10
10
|
will do so.
|
11
11
|
|
@@ -25,7 +25,7 @@ module Puppet
|
|
25
25
|
# /etc/puppetlabs/puppet/manifests/site.pp
|
26
26
|
filebucket { 'main':
|
27
27
|
path => false, # This is required for remote filebuckets.
|
28
|
-
server => 'puppet.example.com', # Optional; defaults to the configured
|
28
|
+
server => 'puppet.example.com', # Optional; defaults to the configured primary server.
|
29
29
|
}
|
30
30
|
|
31
31
|
File { backup => main, }
|
data/lib/puppet/type/group.rb
CHANGED
@@ -175,7 +175,7 @@ Puppet::Type.newtype(:resources) do
|
|
175
175
|
end
|
176
176
|
|
177
177
|
# Otherwise, use a sensible default based on the OS family
|
178
|
-
@system_users_max_uid ||= case
|
178
|
+
@system_users_max_uid ||= case Puppet.runtime[:facter].value(:osfamily)
|
179
179
|
when 'OpenBSD', 'FreeBSD'
|
180
180
|
999
|
181
181
|
else
|
data/lib/puppet/type/service.rb
CHANGED
@@ -272,9 +272,14 @@ module Puppet
|
|
272
272
|
|
273
273
|
newparam(:timeout, :required_features => :configurable_timeout) do
|
274
274
|
desc "Specify an optional minimum timeout (in seconds) for puppet to wait when syncing service properties"
|
275
|
-
defaultto { provider.
|
276
|
-
|
277
|
-
|
275
|
+
defaultto { provider.respond_to?(:default_timeout) ? provider.default_timeout : 10 }
|
276
|
+
|
277
|
+
munge do |value|
|
278
|
+
begin
|
279
|
+
value = value.to_i
|
280
|
+
raise if value < 1
|
281
|
+
value
|
282
|
+
rescue
|
278
283
|
raise Puppet::Error.new(_("\"%{value}\" is not a positive integer: the timeout parameter must be specified as a positive integer") % { value: value })
|
279
284
|
end
|
280
285
|
end
|
data/lib/puppet/type/user.rb
CHANGED
data/lib/puppet/type.rb
CHANGED
@@ -1295,7 +1295,7 @@ class Type
|
|
1295
1295
|
like it does when running normally. However, if a resource attribute is not in
|
1296
1296
|
the desired state (as declared in the catalog), Puppet will take no
|
1297
1297
|
action, and will instead report the changes it _would_ have made. These
|
1298
|
-
simulated changes will appear in the report sent to the
|
1298
|
+
simulated changes will appear in the report sent to the primary Puppet server, or
|
1299
1299
|
be shown on the console if running puppet agent or puppet apply in the
|
1300
1300
|
foreground. The simulated changes will not send refresh events to any
|
1301
1301
|
subscribing or notified resources, although Puppet will log that a refresh
|
data/lib/puppet/util/filetype.rb
CHANGED
@@ -215,7 +215,7 @@ class Puppet::Util::FileType
|
|
215
215
|
# Remove a specific @path's cron tab.
|
216
216
|
def remove
|
217
217
|
cmd = "#{cmdbase} -r"
|
218
|
-
if %w{Darwin FreeBSD DragonFly}.include?(
|
218
|
+
if %w{Darwin FreeBSD DragonFly}.include?(Puppet.runtime[:facter].value("operatingsystem"))
|
219
219
|
cmd = "/bin/echo yes | #{cmd}"
|
220
220
|
end
|
221
221
|
|
@@ -244,7 +244,7 @@ class Puppet::Util::FileType
|
|
244
244
|
# Only add the -u flag when the @path is different. Fedora apparently
|
245
245
|
# does not think I should be allowed to set the @path to my own user name
|
246
246
|
def cmdbase
|
247
|
-
if @uid == Puppet::Util::SUIDManager.uid ||
|
247
|
+
if @uid == Puppet::Util::SUIDManager.uid || Puppet.runtime[:facter].value(:operatingsystem) == "HP-UX"
|
248
248
|
return "crontab"
|
249
249
|
else
|
250
250
|
return "crontab -u #{@path}"
|
data/lib/puppet/util/json.rb
CHANGED
@@ -60,6 +60,9 @@ module Puppet::Util
|
|
60
60
|
def self.dump(object, options = {})
|
61
61
|
if defined? MultiJson
|
62
62
|
MultiJson.dump(object, options)
|
63
|
+
elsif options.is_a?(JSON::State)
|
64
|
+
# we're being called recursively
|
65
|
+
object.to_json(options)
|
63
66
|
else
|
64
67
|
options.merge!(::JSON::PRETTY_STATE_PROTOTYPE.to_h) if options.delete(:pretty)
|
65
68
|
object.to_json(options)
|
data/lib/puppet/util/log.rb
CHANGED
@@ -2,7 +2,6 @@ require 'puppet/util/tagging'
|
|
2
2
|
require 'puppet/util/classgen'
|
3
3
|
require 'puppet/util/psych_support'
|
4
4
|
require 'puppet/network/format_support'
|
5
|
-
require 'facter'
|
6
5
|
|
7
6
|
# Pass feedback to the user. Log levels are modeled after syslog's, and it is
|
8
7
|
# expected that that will be the most common log destination. Supports
|
@@ -111,7 +110,7 @@ class Puppet::Util::Log
|
|
111
110
|
@loglevel = @levels.index(level)
|
112
111
|
|
113
112
|
# Enable or disable Facter debugging
|
114
|
-
|
113
|
+
Puppet.runtime[:facter].debugging(level == :debug)
|
115
114
|
end
|
116
115
|
|
117
116
|
def Log.levels
|
data/lib/puppet/util/logging.rb
CHANGED
@@ -2,8 +2,6 @@
|
|
2
2
|
require 'puppet/util/log'
|
3
3
|
require 'puppet/error'
|
4
4
|
|
5
|
-
require 'facter'
|
6
|
-
|
7
5
|
module Puppet::Util
|
8
6
|
module Logging
|
9
7
|
|
@@ -254,29 +252,7 @@ module Logging
|
|
254
252
|
# Sets up Facter logging.
|
255
253
|
# This method causes Facter output to be forwarded to Puppet.
|
256
254
|
def self.setup_facter_logging!
|
257
|
-
|
258
|
-
return false unless Facter.respond_to? :on_message
|
259
|
-
|
260
|
-
# The current Facter log levels are: :trace, :debug, :info, :warn, :error, and :fatal.
|
261
|
-
# Convert to the corresponding levels in Puppet
|
262
|
-
Facter.on_message do |level, message|
|
263
|
-
case level
|
264
|
-
when :trace, :debug
|
265
|
-
level = :debug
|
266
|
-
when :info
|
267
|
-
# Same as Puppet
|
268
|
-
when :warn
|
269
|
-
level = :warning
|
270
|
-
when :error
|
271
|
-
level = :err
|
272
|
-
when :fatal
|
273
|
-
level = :crit
|
274
|
-
else
|
275
|
-
next
|
276
|
-
end
|
277
|
-
Puppet::Util::Log.create({:level => level, :source => 'Facter', :message => message})
|
278
|
-
nil
|
279
|
-
end
|
255
|
+
Puppet.runtime[:facter]
|
280
256
|
true
|
281
257
|
end
|
282
258
|
|
data/lib/puppet/util/pidlock.rb
CHANGED
@@ -154,7 +154,7 @@ module RDoc::PuppetParserCore
|
|
154
154
|
# fetch comments
|
155
155
|
if line =~ /^[ \t]*# ?(.*)$/
|
156
156
|
comments += $1 + "\n"
|
157
|
-
elsif line =~ /^[ \t]*Facter.add\(['"](.*?)['"]\)/
|
157
|
+
elsif line =~ /^[ \t]*(Facter.add|Puppet\.runtime\[:facter\].add)\(['"](.*?)['"]\)/
|
158
158
|
current_fact = RDoc::Fact.new($1,{})
|
159
159
|
look_for_directives_in(container, comments) unless comments.empty?
|
160
160
|
current_fact.comment = comments
|
@@ -1,4 +1,3 @@
|
|
1
|
-
require 'facter'
|
2
1
|
require 'puppet/util/warnings'
|
3
2
|
require 'forwardable'
|
4
3
|
require 'etc'
|
@@ -18,7 +17,7 @@ module Puppet::Util::SUIDManager
|
|
18
17
|
|
19
18
|
def osx_maj_ver
|
20
19
|
return @osx_maj_ver unless @osx_maj_ver.nil?
|
21
|
-
@osx_maj_ver =
|
20
|
+
@osx_maj_ver = Puppet.runtime[:facter].value('macosx_productversion_major') || false
|
22
21
|
end
|
23
22
|
module_function :osx_maj_ver
|
24
23
|
|
data/lib/puppet/util/tagging.rb
CHANGED
data/lib/puppet/util.rb
CHANGED
@@ -763,12 +763,13 @@ module Util
|
|
763
763
|
# Executes a block of code, wrapped around Facter.load_external(false) and
|
764
764
|
# Facter.load_external(true) which will cause Facter to not evaluate external facts.
|
765
765
|
def skip_external_facts
|
766
|
-
return yield unless
|
766
|
+
return yield unless Puppet.runtime[:facter].load_external?
|
767
|
+
|
767
768
|
begin
|
768
|
-
|
769
|
+
Puppet.runtime[:facter].load_external(false)
|
769
770
|
yield
|
770
771
|
ensure
|
771
|
-
|
772
|
+
Puppet.runtime[:facter].load_external(true)
|
772
773
|
end
|
773
774
|
end
|
774
775
|
module_function :skip_external_facts
|
data/lib/puppet/version.rb
CHANGED