puppet 6.24.0-x64-mingw32 → 7.0.0-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +1 -3
- data/Gemfile.lock +35 -47
- data/README.md +5 -5
- data/conf/fileserver.conf +5 -10
- data/ext/build_defaults.yaml +1 -1
- data/ext/osx/file_mapping.yaml +0 -5
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +1 -15
- data/ext/redhat/puppet.spec.erb +0 -1
- data/ext/windows/service/daemon.rb +6 -5
- data/install.rb +21 -17
- data/lib/puppet.rb +14 -23
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application/agent.rb +4 -12
- data/lib/puppet/application/apply.rb +2 -4
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -10
- data/lib/puppet/application/resource.rb +3 -17
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -13
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/configurer.rb +30 -45
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/defaults.rb +100 -192
- data/lib/puppet/environments.rb +60 -84
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/help/action.erb +0 -1
- data/lib/puppet/face/help/face.erb +0 -1
- data/lib/puppet/face/node/clean.rb +0 -11
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/file_serving/configuration.rb +0 -5
- data/lib/puppet/file_serving/configuration/parser.rb +3 -32
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +2 -4
- data/lib/puppet/forge.rb +3 -3
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +0 -8
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +0 -1
- data/lib/puppet/functions/tree_each.rb +9 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +2 -17
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/http/client.rb +164 -114
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -12
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +22 -138
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/indirector/catalog/compiler.rb +0 -1
- data/lib/puppet/indirector/catalog/rest.rb +2 -4
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/resource/ral.rb +1 -6
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/interface/documentation.rb +0 -1
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -52
- data/lib/puppet/module_tool/errors/shared.rb +2 -34
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node.rb +1 -30
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +3 -1
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +0 -69
- data/lib/puppet/parser/templatewrapper.rb +1 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -290
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +0 -45
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/egrammar.ra +0 -56
- data/lib/puppet/pops/parser/eparser.rb +1520 -1712
- data/lib/puppet/pops/parser/lexer2.rb +4 -4
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +0 -1
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider.rb +0 -13
- data/lib/puppet/provider/exec/posix.rb +4 -16
- data/lib/puppet/provider/group/groupadd.rb +8 -13
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +3 -16
- data/lib/puppet/provider/package/pkg.rb +0 -4
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/parsedfile.rb +0 -3
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/smf.rb +191 -73
- data/lib/puppet/provider/service/systemd.rb +4 -14
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +10 -33
- data/lib/puppet/provider/user/useradd.rb +8 -62
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/resource.rb +1 -89
- data/lib/puppet/resource/catalog.rb +1 -14
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -48
- data/lib/puppet/runtime.rb +1 -2
- data/lib/puppet/settings.rb +80 -96
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +17 -0
- data/lib/puppet/ssl/state_machine.rb +3 -1
- data/lib/puppet/ssl/verifier.rb +2 -0
- data/lib/puppet/test/test_helper.rb +1 -3
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/report.rb +2 -4
- data/lib/puppet/type.rb +0 -76
- data/lib/puppet/type/exec.rb +3 -16
- data/lib/puppet/type/file.rb +6 -26
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/mode.rb +0 -6
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/service.rb +38 -18
- data/lib/puppet/type/tidy.rb +3 -22
- data/lib/puppet/type/user.rb +20 -38
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/monkey_patches.rb +0 -53
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/symbolic_file_mode.rb +17 -29
- data/lib/puppet/util/windows.rb +3 -8
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +9 -460
- data/lib/puppet/util/windows/sid.rb +2 -6
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/yaml.rb +0 -22
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/locales/puppet.pot +722 -1527
- data/man/man5/puppet.conf.5 +266 -354
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -51
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -58
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +27 -171
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -27
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/module_spec.rb +0 -21
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
- data/spec/integration/http/client_spec.rb +0 -12
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/indirector/facts/facter_spec.rb +36 -90
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -37
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/exec_spec.rb +45 -70
- data/spec/integration/type/file_spec.rb +5 -4
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -7
- data/spec/lib/puppet_spec/puppetserver.rb +1 -1
- data/spec/lib/puppet_spec/settings.rb +1 -1
- data/spec/spec_helper.rb +7 -12
- data/spec/unit/agent_spec.rb +6 -10
- data/spec/unit/application/agent_spec.rb +3 -7
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +12 -32
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/defaults_spec.rb +68 -54
- data/spec/unit/environments_spec.rb +68 -259
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
- data/spec/unit/file_serving/configuration_spec.rb +6 -12
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +0 -15
- data/spec/unit/forge/module_release_spec.rb +7 -2
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +0 -10
- data/spec/unit/functions/unwrap_spec.rb +0 -8
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +7 -8
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -185
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +12 -8
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/resource/ral_spec.rb +75 -40
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -78
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -45
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -54
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +5 -16
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -46
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +32 -0
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip_spec.rb +11 -43
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
- data/spec/unit/provider/parsedfile_spec.rb +0 -10
- data/spec/unit/provider/service/init_spec.rb +0 -1
- data/spec/unit/provider/service/openwrt_spec.rb +1 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +8 -53
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -5
- data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +3 -71
- data/spec/unit/provider_spec.rb +8 -18
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +10 -67
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +79 -110
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +15 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
- data/spec/unit/ssl/state_machine_spec.rb +5 -20
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/exec_spec.rb +29 -76
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -60
- data/spec/unit/type/tidy_spec.rb +8 -24
- data/spec/unit/type/user_spec.rb +0 -45
- data/spec/unit/type_spec.rb +22 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -41
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +0 -54
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +3 -12
- metadata +45 -253
- data/conf/auth.conf +0 -150
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
- data/spec/fixtures/ssl/oid-key.pem +0 -117
- data/spec/fixtures/ssl/oid.pem +0 -69
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -64
- data/spec/integration/application/ssl_spec.rb +0 -20
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -422
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/ssl_spec.rb +0 -91
@@ -30,7 +30,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
30
30
|
def self.instances
|
31
31
|
i = []
|
32
32
|
output = systemctl('list-unit-files', '--type', 'service', '--full', '--all', '--no-pager')
|
33
|
-
output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad|static)\s
|
33
|
+
output.scan(/^(\S+)\s+(disabled|enabled|masked|indirect|bad|static)\s*$/i).each do |m|
|
34
34
|
Puppet.debug("#{m[0]} marked as bad by `systemctl`. It is recommended to be further checked.") if m[1] == "bad"
|
35
35
|
i << new(:name => m[0])
|
36
36
|
end
|
@@ -45,13 +45,8 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
45
45
|
def enabled_insync?(current)
|
46
46
|
case cached_enabled?[:output]
|
47
47
|
when 'static'
|
48
|
-
|
49
|
-
|
50
|
-
current == @resource[:enable]
|
51
|
-
else
|
52
|
-
Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
|
53
|
-
return true
|
54
|
-
end
|
48
|
+
Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
|
49
|
+
return true
|
55
50
|
when 'indirect'
|
56
51
|
Puppet.debug("Service #{@resource[:name]} is in 'indirect' state and cannot be enabled/disabled")
|
57
52
|
return true
|
@@ -164,15 +159,10 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
|
|
164
159
|
end
|
165
160
|
|
166
161
|
def mask
|
167
|
-
disable
|
162
|
+
self.disable
|
168
163
|
systemctl_change_enable(:mask)
|
169
164
|
end
|
170
165
|
|
171
|
-
def exist?
|
172
|
-
result = execute([command(:systemctl), 'cat', '--', @resource[:name]], :failonfail => false)
|
173
|
-
result.exitstatus == 0
|
174
|
-
end
|
175
|
-
|
176
166
|
def unmask
|
177
167
|
systemctl_change_enable(:unmask)
|
178
168
|
end
|
@@ -128,55 +128,17 @@ Puppet::Type.type(:service).provide :windows, :parent => :service do
|
|
128
128
|
services
|
129
129
|
end
|
130
130
|
|
131
|
-
def logonaccount_insync?(current)
|
132
|
-
@normalized_logon_account ||= normalize_logonaccount
|
133
|
-
@resource[:logonaccount] = @normalized_logon_account
|
134
|
-
|
135
|
-
insync = @resource[:logonaccount] == current
|
136
|
-
self.logonpassword = @resource[:logonpassword] if insync
|
137
|
-
insync
|
138
|
-
end
|
139
|
-
|
140
131
|
def logonaccount
|
141
132
|
return unless Puppet::Util::Windows::Service.exists?(@resource[:name])
|
142
133
|
Puppet::Util::Windows::Service.logon_account(@resource[:name])
|
143
134
|
end
|
144
135
|
|
145
136
|
def logonaccount=(value)
|
146
|
-
validate_logon_credentials
|
147
137
|
Puppet::Util::Windows::Service.set_startup_configuration(@resource[:name], options: {logon_account: value, logon_password: @resource[:logonpassword]})
|
148
138
|
restart if @resource[:ensure] == :running && [:running, :paused].include?(status)
|
149
139
|
end
|
150
140
|
|
151
141
|
def logonpassword=(value)
|
152
|
-
validate_logon_credentials
|
153
142
|
Puppet::Util::Windows::Service.set_startup_configuration(@resource[:name], options: {logon_password: value})
|
154
143
|
end
|
155
|
-
|
156
|
-
private
|
157
|
-
|
158
|
-
def normalize_logonaccount
|
159
|
-
logon_account = @resource[:logonaccount].sub(/^\.\\/, "#{Puppet::Util::Windows::ADSI.computer_name}\\")
|
160
|
-
return 'LocalSystem' if Puppet::Util::Windows::User::localsystem?(logon_account)
|
161
|
-
|
162
|
-
@logonaccount_information ||= Puppet::Util::Windows::SID.name_to_principal(logon_account)
|
163
|
-
return logon_account unless @logonaccount_information
|
164
|
-
return ".\\#{@logonaccount_information.account}" if @logonaccount_information.domain == Puppet::Util::Windows::ADSI.computer_name
|
165
|
-
@logonaccount_information.domain_account
|
166
|
-
end
|
167
|
-
|
168
|
-
def validate_logon_credentials
|
169
|
-
unless Puppet::Util::Windows::User::localsystem?(@normalized_logon_account)
|
170
|
-
raise Puppet::Error.new("\"#{@normalized_logon_account}\" is not a valid account") unless @logonaccount_information && [:SidTypeUser, :SidTypeWellKnownGroup].include?(@logonaccount_information.account_type)
|
171
|
-
|
172
|
-
user_rights = Puppet::Util::Windows::User::get_rights(@logonaccount_information.domain_account) unless Puppet::Util::Windows::User::default_system_account?(@normalized_logon_account)
|
173
|
-
raise Puppet::Error.new("\"#{@normalized_logon_account}\" has the 'Log On As A Service' right set to denied.") if user_rights =~ /SeDenyServiceLogonRight/
|
174
|
-
raise Puppet::Error.new("\"#{@normalized_logon_account}\" is missing the 'Log On As A Service' right.") unless user_rights.nil? || user_rights =~ /SeServiceLogonRight/
|
175
|
-
end
|
176
|
-
|
177
|
-
is_a_predefined_local_account = Puppet::Util::Windows::User::default_system_account?(@normalized_logon_account) || @normalized_logon_account == 'LocalSystem'
|
178
|
-
account_info = @normalized_logon_account.split("\\")
|
179
|
-
able_to_logon = Puppet::Util::Windows::User.password_is?(account_info[1], @resource[:logonpassword], account_info[0]) unless is_a_predefined_local_account
|
180
|
-
raise Puppet::Error.new("The given password is invalid for user '#{@normalized_logon_account}'.") unless is_a_predefined_local_account || able_to_logon
|
181
|
-
end
|
182
144
|
end
|
@@ -178,7 +178,7 @@ Puppet::Type.type(:user).provide :aix, :parent => Puppet::Provider::AixObject do
|
|
178
178
|
# does not have a password.
|
179
179
|
break if line =~ /^\S+:$/
|
180
180
|
|
181
|
-
match_obj = /password
|
181
|
+
match_obj = /password = (\S+)/.match(line)
|
182
182
|
end
|
183
183
|
return :absent unless match_obj
|
184
184
|
|
@@ -211,7 +211,7 @@ Puppet::Type.type(:user).provide :aix, :parent => Puppet::Provider::AixObject do
|
|
211
211
|
tempfile = Tempfile.new("puppet_#{user}_pw", :encoding => Encoding::ASCII)
|
212
212
|
tempfile << "#{user}:#{value}\n"
|
213
213
|
tempfile.close()
|
214
|
-
|
214
|
+
|
215
215
|
# Options '-e', '-c', use encrypted password and clear flags
|
216
216
|
# Must receive "user:enc_password" as input
|
217
217
|
# command, arguments = {:failonfail => true, :combine => true}
|
@@ -435,7 +435,7 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
435
435
|
['home', 'uid', 'gid', 'comment', 'shell'].each do |setter_method|
|
436
436
|
define_method("#{setter_method}=") do |value|
|
437
437
|
if @property_hash[setter_method.intern]
|
438
|
-
if %w(home uid).include?(setter_method)
|
438
|
+
if self.class.get_os_version.split('.').last.to_i >= 14 && %w(home uid).include?(setter_method)
|
439
439
|
raise Puppet::Error, "OS X version #{self.class.get_os_version} does not allow changing #{setter_method} using puppet"
|
440
440
|
end
|
441
441
|
begin
|
@@ -536,14 +536,6 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
536
536
|
if (shadow_hash_data.class == Hash) && (shadow_hash_data.has_key?('SALTED-SHA512'))
|
537
537
|
shadow_hash_data.delete('SALTED-SHA512')
|
538
538
|
end
|
539
|
-
|
540
|
-
# Starting with macOS 11 Big Sur, the AuthenticationAuthority field
|
541
|
-
# could be missing entirely and without it the managed user cannot log in
|
542
|
-
if needs_sha512_pbkdf2_authentication_authority_to_be_added?(users_plist)
|
543
|
-
Puppet.debug("Adding 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash to user '#{@resource.name}'")
|
544
|
-
merge_attribute_with_dscl('Users', @resource.name, 'AuthenticationAuthority', ERB::Util.html_escape(SHA512_PBKDF2_AUTHENTICATION_AUTHORITY))
|
545
|
-
end
|
546
|
-
|
547
539
|
set_salted_pbkdf2(users_plist, shadow_hash_data, 'entropy', value)
|
548
540
|
end
|
549
541
|
end
|
@@ -570,17 +562,6 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
570
562
|
end
|
571
563
|
end
|
572
564
|
|
573
|
-
# This method will check if authentication_authority key of a user's plist
|
574
|
-
# needs SALTED_SHA512_PBKDF2 to be added. This is a valid case for macOS 11 (Big Sur)
|
575
|
-
# where users created with `dscl` started to have this field missing
|
576
|
-
def needs_sha512_pbkdf2_authentication_authority_to_be_added?(users_plist)
|
577
|
-
authority = users_plist['authentication_authority']
|
578
|
-
return false if Puppet::Util::Package.versioncmp(self.class.get_os_version, '11.0.0') < 0 && authority && authority.include?(SHA512_PBKDF2_AUTHENTICATION_AUTHORITY)
|
579
|
-
|
580
|
-
Puppet.debug("User '#{@resource.name}' is missing the 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash")
|
581
|
-
true
|
582
|
-
end
|
583
|
-
|
584
565
|
# This method will embed the binary plist data comprising the user's
|
585
566
|
# password hash (and Salt/Iterations value if the OS is 10.8 or greater)
|
586
567
|
# into the ShadowHashData key of the user's plist.
|
@@ -591,7 +572,11 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
591
572
|
else
|
592
573
|
users_plist['ShadowHashData'] = [binary_plist]
|
593
574
|
end
|
594
|
-
|
575
|
+
if Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.15') < 0
|
576
|
+
write_users_plist_to_disk(users_plist)
|
577
|
+
else
|
578
|
+
write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
|
579
|
+
end
|
595
580
|
end
|
596
581
|
|
597
582
|
# This method writes the ShadowHashData plist in a temporary file,
|
@@ -667,17 +652,9 @@ Puppet::Type.type(:user).provide :directoryservice do
|
|
667
652
|
set_shadow_hash_data(users_plist, binary_plist)
|
668
653
|
end
|
669
654
|
|
670
|
-
# This
|
671
|
-
|
672
|
-
|
673
|
-
|
674
|
-
File.open(filename, 'w') { |f| f.write(value)}
|
675
|
-
rescue Errno::EACCES => detail
|
676
|
-
raise Puppet::Error, "Could not write to file #{filename}: #{detail}", detail.backtrace
|
677
|
-
end
|
655
|
+
# This method will accept a plist in XML format, save it to disk, convert
|
656
|
+
# the plist to a binary format, and flush the dscl cache.
|
657
|
+
def write_users_plist_to_disk(users_plist)
|
658
|
+
Puppet::Util::Plist.write_plist_file(users_plist, "#{users_plist_dir}/#{@resource.name}.plist", :binary)
|
678
659
|
end
|
679
|
-
|
680
|
-
private
|
681
|
-
|
682
|
-
SHA512_PBKDF2_AUTHENTICATION_AUTHORITY = ';ShadowHash;HASHLIST:<SALTED-SHA512-PBKDF2,SRP-RFC5054-4096-SHA512-PBKDF2>'
|
683
660
|
end
|
@@ -59,37 +59,23 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
59
59
|
get(:uid)
|
60
60
|
end
|
61
61
|
|
62
|
-
def gid
|
63
|
-
return localgid if @resource.forcelocal?
|
64
|
-
get(:gid)
|
65
|
-
end
|
66
|
-
|
67
62
|
def comment
|
68
63
|
return localcomment if @resource.forcelocal?
|
69
64
|
get(:comment)
|
70
65
|
end
|
71
66
|
|
72
|
-
def groups
|
73
|
-
return localgroups if @resource.forcelocal?
|
74
|
-
super
|
75
|
-
end
|
76
|
-
|
77
67
|
def finduser(key, value)
|
78
|
-
passwd_file =
|
68
|
+
passwd_file = "/etc/passwd"
|
79
69
|
passwd_keys = [:account, :password, :uid, :gid, :gecos, :directory, :shell]
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
@users = []
|
87
|
-
Puppet::FileSystem.each_line(passwd_file) do |line|
|
88
|
-
user = line.chomp.split(':')
|
89
|
-
@users << Hash[passwd_keys.zip(user)]
|
70
|
+
index = passwd_keys.index(key)
|
71
|
+
@passwd_content ||= File.read(passwd_file)
|
72
|
+
@passwd_content.each_line do |line|
|
73
|
+
user = line.split(":")
|
74
|
+
if user[index] == value
|
75
|
+
return Hash[passwd_keys.zip(user)]
|
90
76
|
end
|
91
77
|
end
|
92
|
-
|
78
|
+
false
|
93
79
|
end
|
94
80
|
|
95
81
|
def local_username
|
@@ -102,56 +88,16 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
102
88
|
false
|
103
89
|
end
|
104
90
|
|
105
|
-
def localgid
|
106
|
-
user = finduser(:account, resource[:name])
|
107
|
-
if user
|
108
|
-
begin
|
109
|
-
return Integer(user[:gid])
|
110
|
-
rescue ArgumentError
|
111
|
-
Puppet.debug("Non-numeric GID found in /etc/passwd for user #{resource[:name]}")
|
112
|
-
return user[:gid]
|
113
|
-
end
|
114
|
-
end
|
115
|
-
false
|
116
|
-
end
|
117
|
-
|
118
91
|
def localcomment
|
119
92
|
user = finduser(:account, resource[:name])
|
120
93
|
user[:gecos]
|
121
94
|
end
|
122
95
|
|
123
|
-
def localgroups
|
124
|
-
@groups_of ||= {}
|
125
|
-
group_file = '/etc/group'
|
126
|
-
user = resource[:name]
|
127
|
-
|
128
|
-
return @groups_of[user] if @groups_of[user]
|
129
|
-
|
130
|
-
@groups_of[user] = []
|
131
|
-
|
132
|
-
unless Puppet::FileSystem.exist?(group_file)
|
133
|
-
raise Puppet::Error.new("Forcelocal set for user resource '#{user}', but #{group_file} does not exist")
|
134
|
-
end
|
135
|
-
|
136
|
-
Puppet::FileSystem.each_line(group_file) do |line|
|
137
|
-
data = line.chomp.split(':')
|
138
|
-
if !data.empty? && data.last.split(',').include?(user)
|
139
|
-
@groups_of[user] << data.first
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
@groups_of[user]
|
144
|
-
end
|
145
|
-
|
146
96
|
def shell=(value)
|
147
97
|
check_valid_shell
|
148
98
|
set(:shell, value)
|
149
99
|
end
|
150
100
|
|
151
|
-
def groups=(value)
|
152
|
-
set(:groups, value)
|
153
|
-
end
|
154
|
-
|
155
101
|
verify :gid, "GID must be an integer" do |value|
|
156
102
|
value.is_a? Integer
|
157
103
|
end
|
@@ -24,6 +24,8 @@ config = Puppet::Util::Reference.newreference(:configuration, :depth => 1, :doc
|
|
24
24
|
val = object.default
|
25
25
|
if name.to_s == 'vardir'
|
26
26
|
val = 'Unix/Linux: /opt/puppetlabs/puppet/cache -- Windows: C:\ProgramData\PuppetLabs\puppet\cache -- Non-root user: ~/.puppetlabs/opt/puppet/cache'
|
27
|
+
elsif name.to_s == 'publicdir'
|
28
|
+
val = 'Unix/Linux: /opt/puppetlabs/puppet/public -- Windows: C:\ProgramData\PuppetLabs\puppet\public -- Non-root user: ~/.puppetlabs/opt/puppet/public'
|
27
29
|
elsif name.to_s == 'confdir'
|
28
30
|
val = 'Unix/Linux: /etc/puppetlabs/puppet -- Windows: C:\ProgramData\PuppetLabs\puppet\etc -- Non-root user: ~/.puppetlabs/etc/puppet'
|
29
31
|
elsif name.to_s == 'codedir'
|
@@ -41,7 +43,7 @@ config = Puppet::Util::Reference.newreference(:configuration, :depth => 1, :doc
|
|
41
43
|
# Leave out the section information; it was apparently confusing people.
|
42
44
|
#str << "- **Section**: #{object.section}\n"
|
43
45
|
unless val == ""
|
44
|
-
str << "- *Default*:
|
46
|
+
str << "- *Default*: #{val}\n"
|
45
47
|
end
|
46
48
|
str << "\n"
|
47
49
|
end
|
@@ -55,12 +57,11 @@ config.header = <<EOT
|
|
55
57
|
* Each of these settings can be specified in `puppet.conf` or on the
|
56
58
|
command line.
|
57
59
|
* Puppet Enterprise (PE) and open source Puppet share the configuration settings
|
58
|
-
documented here. However, PE defaults
|
59
|
-
|
60
|
-
`disable18n`, `environment_timeout`
|
61
|
-
Puppet Server JRuby `max-active-instances` setting. To verify PE
|
62
|
-
defaults, check the `puppet.conf`
|
63
|
-
installation.
|
60
|
+
that are documented here. However, PE defaults for some settings differ from
|
61
|
+
the open source Puppet defaults. Some examples of settings that have different
|
62
|
+
PE defaults include `disable18n`, `environment_timeout`, `always_retry_plugins`,
|
63
|
+
and the Puppet Server JRuby `max-active-instances` setting. To verify PE
|
64
|
+
configuration defaults, check the `puppet.conf` file after installation.
|
64
65
|
* When using boolean settings on the command line, use `--setting` and
|
65
66
|
`--no-setting` instead of `--setting (true|false)`. (Using `--setting false`
|
66
67
|
results in "Error: Could not parse application options: needless argument".)
|
@@ -46,7 +46,7 @@ An indirector has five methods, which are mapped into HTTP verbs for the REST in
|
|
46
46
|
|
47
47
|
These methods are available via the `indirection` class method on the indirected classes. For example:
|
48
48
|
|
49
|
-
|
49
|
+
node = Puppet::Node.indirection.find('foo.example.com')
|
50
50
|
|
51
51
|
At startup, each indirection is configured with a terminus.
|
52
52
|
In most cases, this is the default terminus defined by the indirected class, but it can be overridden by the application or face, or overridden with the `route_file` configuration.
|
data/lib/puppet/resource.rb
CHANGED
@@ -32,7 +32,6 @@ class Puppet::Resource
|
|
32
32
|
ATTRIBUTES = [:file, :line, :exported].freeze
|
33
33
|
TYPE_CLASS = 'Class'.freeze
|
34
34
|
TYPE_NODE = 'Node'.freeze
|
35
|
-
TYPE_SITE = 'Site'.freeze
|
36
35
|
|
37
36
|
PCORE_TYPE_KEY = '__ptype'.freeze
|
38
37
|
VALUE_KEY = 'value'.freeze
|
@@ -340,29 +339,6 @@ class Puppet::Resource
|
|
340
339
|
catalog ? catalog.resource(to_s) : nil
|
341
340
|
end
|
342
341
|
|
343
|
-
# A resource is an application component if it exports or consumes
|
344
|
-
# one or more capabilities, or if it requires a capability resource
|
345
|
-
def is_application_component?
|
346
|
-
return true if ! export.empty? || self[:consume]
|
347
|
-
# Array(self[:require]) does not work for Puppet::Resource instances
|
348
|
-
req = self[:require] || []
|
349
|
-
req = [ req ] unless req.is_a?(Array)
|
350
|
-
req.any? { |r| r.is_capability? }
|
351
|
-
end
|
352
|
-
|
353
|
-
# A resource is a capability (instance) if its underlying type is a
|
354
|
-
# capability type
|
355
|
-
def is_capability?
|
356
|
-
!resource_type.nil? && resource_type.is_capability?
|
357
|
-
end
|
358
|
-
|
359
|
-
# Returns the value of the 'export' metaparam as an Array
|
360
|
-
# @api private
|
361
|
-
def export
|
362
|
-
v = self[:export] || []
|
363
|
-
v.is_a?(Array) ? v : [ v ]
|
364
|
-
end
|
365
|
-
|
366
342
|
# The resource's type implementation
|
367
343
|
# @return [Puppet::Type, Puppet::Resource::Type]
|
368
344
|
# @api private
|
@@ -377,12 +353,11 @@ class Puppet::Resource
|
|
377
353
|
case type
|
378
354
|
when TYPE_CLASS; environment.known_resource_types.hostclass(title == :main ? "" : title)
|
379
355
|
when TYPE_NODE; environment.known_resource_types.node(title)
|
380
|
-
when TYPE_SITE; environment.known_resource_types.site(nil)
|
381
356
|
else
|
382
357
|
result = Puppet::Type.type(type)
|
383
358
|
if !result
|
384
359
|
krt = environment.known_resource_types
|
385
|
-
result = krt.definition(type)
|
360
|
+
result = krt.definition(type)
|
386
361
|
end
|
387
362
|
result
|
388
363
|
end
|
@@ -515,38 +490,6 @@ class Puppet::Resource
|
|
515
490
|
end
|
516
491
|
private :missing_arguments
|
517
492
|
|
518
|
-
# @deprecated Not used by Puppet
|
519
|
-
# @api private
|
520
|
-
def set_default_parameters(scope)
|
521
|
-
Puppet.deprecation_warning(_('The method Puppet::Resource.set_default_parameters is deprecated and will be removed in the next major release of Puppet.'))
|
522
|
-
|
523
|
-
return [] unless resource_type and resource_type.respond_to?(:arguments)
|
524
|
-
|
525
|
-
unless is_a?(Puppet::Parser::Resource)
|
526
|
-
fail Puppet::DevError, _("Cannot evaluate default parameters for %{resource} - not a parser resource") % { resource: self }
|
527
|
-
end
|
528
|
-
|
529
|
-
missing_arguments.collect do |param, default|
|
530
|
-
rtype = resource_type
|
531
|
-
if rtype.type == :hostclass
|
532
|
-
using_bound_value = false
|
533
|
-
catch(:no_such_key) do
|
534
|
-
bound_value = Puppet::Pops::Lookup.search_and_merge("#{rtype.name}::#{param}", Puppet::Pops::Lookup::Invocation.new(scope), nil)
|
535
|
-
# Assign bound value but don't let an undef trump a default expression
|
536
|
-
unless bound_value.nil? && !default.nil?
|
537
|
-
self[param.to_sym] = bound_value
|
538
|
-
using_bound_value = true
|
539
|
-
end
|
540
|
-
end
|
541
|
-
end
|
542
|
-
unless using_bound_value
|
543
|
-
next if default.nil?
|
544
|
-
self[param.to_sym] = default.safeevaluate(scope)
|
545
|
-
end
|
546
|
-
param
|
547
|
-
end.compact
|
548
|
-
end
|
549
|
-
|
550
493
|
def copy_as_resource
|
551
494
|
Puppet::Resource.new(self)
|
552
495
|
end
|
@@ -555,37 +498,6 @@ class Puppet::Resource
|
|
555
498
|
resource_type.valid_parameter?(name)
|
556
499
|
end
|
557
500
|
|
558
|
-
# Verify that all required arguments are either present or
|
559
|
-
# have been provided with defaults.
|
560
|
-
# Must be called after 'set_default_parameters'. We can't join the methods
|
561
|
-
# because Type#set_parameters needs specifically ordered behavior.
|
562
|
-
#
|
563
|
-
# @deprecated Not used by Puppet
|
564
|
-
# @api private
|
565
|
-
def validate_complete
|
566
|
-
Puppet.deprecation_warning(_('The method Puppet::Resource.validate_complete is deprecated and will be removed in the next major release of Puppet.'))
|
567
|
-
|
568
|
-
return unless resource_type and resource_type.respond_to?(:arguments)
|
569
|
-
|
570
|
-
resource_type.arguments.each do |param, default|
|
571
|
-
param = param.to_sym
|
572
|
-
fail Puppet::ParseError, _("Must pass %{param} to %{resource}") % { param: param, resource: self } unless parameters.include?(param)
|
573
|
-
end
|
574
|
-
|
575
|
-
# Perform optional type checking
|
576
|
-
arg_types = resource_type.argument_types
|
577
|
-
# Parameters is a map from name, to parameter, and the parameter again has name and value
|
578
|
-
parameters.each do |name, value|
|
579
|
-
t = arg_types[name.to_s] # untyped, and parameters are symbols here (aargh, strings in the type)
|
580
|
-
next unless t
|
581
|
-
unless Puppet::Pops::Types::TypeCalculator.instance?(t, value.value)
|
582
|
-
inferred_type = Puppet::Pops::Types::TypeCalculator.infer_set(value.value)
|
583
|
-
actual = inferred_type.generalize()
|
584
|
-
fail Puppet::ParseError, _("Expected parameter '%{name}' of '%{value0}' to have type %{value1}, got %{value2}") % { name: name, value0: self, value1: t.to_s, value2: actual.to_s }
|
585
|
-
end
|
586
|
-
end
|
587
|
-
end
|
588
|
-
|
589
501
|
def validate_parameter(name)
|
590
502
|
raise Puppet::ParseError.new(_("no parameter named '%{name}'") % { name: name }, file, line) unless valid_parameter?(name)
|
591
503
|
end
|