puppet 6.4.2-universal-darwin → 6.4.3-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +17 -17
- data/ext/solaris/smf/puppet.xml +2 -0
- data/lib/hiera/scope.rb +7 -0
- data/lib/puppet.rb +1 -1
- data/lib/puppet/application/agent.rb +16 -5
- data/lib/puppet/application/device.rb +12 -3
- data/lib/puppet/application/ssl.rb +2 -0
- data/lib/puppet/configurer.rb +1 -1
- data/lib/puppet/network/http/factory.rb +5 -0
- data/lib/puppet/pops/types/types.rb +5 -3
- data/lib/puppet/provider.rb +1 -2
- data/lib/puppet/provider/package.rb +2 -0
- data/lib/puppet/provider/package/dpkg.rb +15 -2
- data/lib/puppet/provider/package/gem.rb +65 -29
- data/lib/puppet/provider/package/pip.rb +135 -111
- data/lib/puppet/provider/package/pip3.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -1
- data/lib/puppet/provider/package/rpm.rb +27 -16
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/package_targetable.rb +68 -0
- data/lib/puppet/provider/service/upstart.rb +5 -3
- data/lib/puppet/provider/user/useradd.rb +16 -13
- data/lib/puppet/settings/server_list_setting.rb +9 -0
- data/lib/puppet/ssl/host.rb +1 -1
- data/lib/puppet/ssl/state_machine.rb +99 -28
- data/lib/puppet/type/package.rb +46 -9
- data/lib/puppet/util/pidlock.rb +3 -2
- data/lib/puppet/util/windows/process.rb +8 -8
- data/lib/puppet/util/windows/registry.rb +7 -1
- data/lib/puppet/util/windows/user.rb +14 -4
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +115 -103
- data/man/man5/puppet.conf.5 +2 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/type/package_spec.rb +1 -1
- data/spec/integration/util/windows/registry_spec.rb +52 -0
- data/spec/integration/util/windows/user_spec.rb +19 -0
- data/spec/unit/application/agent_spec.rb +53 -32
- data/spec/unit/application/ssl_spec.rb +13 -0
- data/spec/unit/configurer_spec.rb +1 -1
- data/spec/unit/functions/new_spec.rb +15 -0
- data/spec/unit/hiera/scope_spec.rb +7 -0
- data/spec/unit/network/http/factory_spec.rb +6 -0
- data/spec/unit/provider/package/dpkg_spec.rb +18 -1
- data/spec/unit/provider/package/gem_spec.rb +101 -48
- data/spec/unit/provider/package/pip3_spec.rb +17 -0
- data/spec/unit/provider/package/pip_spec.rb +57 -67
- data/spec/unit/provider/package/puppet_gem_spec.rb +22 -6
- data/spec/unit/provider/package/rpm_spec.rb +116 -27
- data/spec/unit/provider/service/upstart_spec.rb +3 -22
- data/spec/unit/settings/server_list_setting_spec.rb +21 -0
- data/spec/unit/ssl/state_machine_spec.rb +206 -83
- data/spec/unit/util/pidlock_spec.rb +26 -0
- metadata +5 -2
@@ -28,14 +28,16 @@ Puppet::Type.type(:service).provide :upstart, :parent => :debian do
|
|
28
28
|
# We only want to use upstart as our provider if the upstart daemon is running.
|
29
29
|
# This can be checked by running `initctl version --quiet` on a machine that has
|
30
30
|
# upstart installed.
|
31
|
-
confine :true => lambda {
|
31
|
+
confine :true => lambda { has_initctl? }
|
32
|
+
|
33
|
+
def self.has_initctl?
|
32
34
|
# Puppet::Util::Execution.execute does not currently work on jRuby.
|
33
35
|
# Unfortunately, since this confine is invoked whenever we check for
|
34
36
|
# provider suitability and since provider suitability is still checked
|
35
37
|
# on the master, this confine will still be invoked on the master. Thus
|
36
38
|
# to avoid raising an exception, we do an early return if we're running
|
37
39
|
# on jRuby.
|
38
|
-
|
40
|
+
return false if Puppet::Util::Platform.jruby?
|
39
41
|
|
40
42
|
begin
|
41
43
|
initctl('version', '--quiet')
|
@@ -43,7 +45,7 @@ Puppet::Type.type(:service).provide :upstart, :parent => :debian do
|
|
43
45
|
rescue
|
44
46
|
false
|
45
47
|
end
|
46
|
-
|
48
|
+
end
|
47
49
|
|
48
50
|
# upstart developer haven't implemented initctl enable/disable yet:
|
49
51
|
# http://www.linuxplanet.com/linuxplanet/tutorials/7033/2/
|
@@ -105,11 +105,11 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
105
105
|
# because by default duplicates are allowed. This check is
|
106
106
|
# to ensure consistent behaviour of the useradd provider when
|
107
107
|
# using both useradd and luseradd
|
108
|
-
if
|
109
|
-
if @resource.should(:uid)
|
108
|
+
if (!@resource.allowdupe?) && @resource.forcelocal?
|
109
|
+
if @resource.should(:uid) && finduser('uid', @resource.should(:uid).to_s)
|
110
110
|
raise(Puppet::Error, "UID #{@resource.should(:uid).to_s} already exists, use allowdupe to force user creation")
|
111
111
|
end
|
112
|
-
elsif @resource.allowdupe?
|
112
|
+
elsif @resource.allowdupe? && (!@resource.forcelocal?)
|
113
113
|
return ["-o"]
|
114
114
|
end
|
115
115
|
[]
|
@@ -126,16 +126,16 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
126
126
|
|
127
127
|
def check_manage_home
|
128
128
|
cmd = []
|
129
|
-
if @resource.managehome?
|
129
|
+
if @resource.managehome? && (!@resource.forcelocal?)
|
130
130
|
cmd << "-m"
|
131
|
-
elsif
|
131
|
+
elsif (!@resource.managehome?) && Facter.value(:osfamily) == 'RedHat'
|
132
132
|
cmd << "-M"
|
133
133
|
end
|
134
134
|
cmd
|
135
135
|
end
|
136
136
|
|
137
137
|
def check_system_users
|
138
|
-
if self.class.system_users?
|
138
|
+
if self.class.system_users? && resource.system?
|
139
139
|
["-r"]
|
140
140
|
else
|
141
141
|
[]
|
@@ -149,11 +149,11 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
149
149
|
Puppet::Type.type(:user).validproperties.sort.each do |property|
|
150
150
|
next if property == :ensure
|
151
151
|
next if property_manages_password_age?(property)
|
152
|
-
next if property == :groups
|
153
|
-
next if property == :expiry
|
152
|
+
next if (property == :groups) && @resource.forcelocal?
|
153
|
+
next if (property == :expiry) && @resource.forcelocal?
|
154
154
|
# the value needs to be quoted, mostly because -c might
|
155
155
|
# have spaces in it
|
156
|
-
if value = @resource.should(property)
|
156
|
+
if (value = @resource.should(property)) && (value != "")
|
157
157
|
cmd << flag(property) << munge(property, value)
|
158
158
|
end
|
159
159
|
end
|
@@ -167,7 +167,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
167
167
|
else
|
168
168
|
cmd = [command(:add)]
|
169
169
|
end
|
170
|
-
if
|
170
|
+
if (!@resource.should(:gid)) && Puppet::Util.gid(@resource[:name])
|
171
171
|
cmd += ["-g", @resource[:name]]
|
172
172
|
end
|
173
173
|
cmd += add_properties
|
@@ -203,7 +203,10 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
203
203
|
else
|
204
204
|
cmd = [command(:delete)]
|
205
205
|
end
|
206
|
-
|
206
|
+
# Solaris `userdel -r` will fail if the homedir does not exist.
|
207
|
+
if @resource.managehome? && (('Solaris' != Facter.value(:operatingsystem)) || Dir.exist?(Dir.home(@resource[:name])))
|
208
|
+
cmd << '-r'
|
209
|
+
end
|
207
210
|
cmd << @resource[:name]
|
208
211
|
end
|
209
212
|
|
@@ -239,10 +242,10 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
239
242
|
check_valid_shell
|
240
243
|
end
|
241
244
|
super
|
242
|
-
if @resource.forcelocal?
|
245
|
+
if @resource.forcelocal? && self.groups?
|
243
246
|
set(:groups, @resource[:groups])
|
244
247
|
end
|
245
|
-
if @resource.forcelocal?
|
248
|
+
if @resource.forcelocal? && @resource[:expiry]
|
246
249
|
set(:expiry, @resource[:expiry])
|
247
250
|
end
|
248
251
|
end
|
@@ -4,6 +4,15 @@ class Puppet::Settings::ServerListSetting < Puppet::Settings::ArraySetting
|
|
4
4
|
:server_list
|
5
5
|
end
|
6
6
|
|
7
|
+
def print(value)
|
8
|
+
if value.is_a?(Array)
|
9
|
+
#turn into a string
|
10
|
+
value.map {|item| item.join(":") }.join(",")
|
11
|
+
else
|
12
|
+
value
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
7
16
|
def munge(value)
|
8
17
|
servers = super
|
9
18
|
servers.map! { |server|
|
data/lib/puppet/ssl/host.rb
CHANGED
@@ -17,8 +17,14 @@ class Puppet::SSL::StateMachine
|
|
17
17
|
def initialize(machine, ssl_context)
|
18
18
|
@machine = machine
|
19
19
|
@ssl_context = ssl_context
|
20
|
-
@cert_provider =
|
21
|
-
@ssl_provider =
|
20
|
+
@cert_provider = machine.cert_provider
|
21
|
+
@ssl_provider = machine.ssl_provider
|
22
|
+
end
|
23
|
+
|
24
|
+
def to_error(message, cause)
|
25
|
+
detail = Puppet::Error.new(message)
|
26
|
+
detail.set_backtrace(cause.backtrace)
|
27
|
+
Error.new(@machine, message, detail)
|
22
28
|
end
|
23
29
|
end
|
24
30
|
|
@@ -45,11 +51,13 @@ class Puppet::SSL::StateMachine
|
|
45
51
|
end
|
46
52
|
|
47
53
|
NeedCRLs.new(@machine, next_ctx)
|
54
|
+
rescue OpenSSL::X509::CertificateError => e
|
55
|
+
Error.new(@machine, e.message, e)
|
48
56
|
rescue Puppet::Rest::ResponseError => e
|
49
57
|
if e.response.code.to_i == 404
|
50
|
-
|
58
|
+
to_error(_('CA certificate is missing from the server'), e)
|
51
59
|
else
|
52
|
-
|
60
|
+
to_error(_('Could not download CA certificate: %{message}') % { message: e.message }, e)
|
53
61
|
end
|
54
62
|
end
|
55
63
|
end
|
@@ -82,11 +90,13 @@ class Puppet::SSL::StateMachine
|
|
82
90
|
end
|
83
91
|
|
84
92
|
NeedKey.new(@machine, next_ctx)
|
93
|
+
rescue OpenSSL::X509::CRLError => e
|
94
|
+
Error.new(@machine, e.message, e)
|
85
95
|
rescue Puppet::Rest::ResponseError => e
|
86
96
|
if e.response.code.to_i == 404
|
87
|
-
|
97
|
+
to_error(_('CRL is missing from the server'), e)
|
88
98
|
else
|
89
|
-
|
99
|
+
to_error(_('Could not download CRLs: %{message}') % { message: e.message }, e)
|
90
100
|
end
|
91
101
|
end
|
92
102
|
end
|
@@ -145,11 +155,11 @@ class Puppet::SSL::StateMachine
|
|
145
155
|
@cert_provider.save_request(Puppet[:certname], csr)
|
146
156
|
NeedCert.new(@machine, @ssl_context, @private_key)
|
147
157
|
rescue Puppet::Rest::ResponseError => e
|
148
|
-
if e.response.code.to_i
|
149
|
-
|
158
|
+
if e.response.code.to_i == 400
|
159
|
+
NeedCert.new(@machine, @ssl_context, @private_key)
|
160
|
+
else
|
161
|
+
to_error(_("Failed to submit the CSR, HTTP response was %{code}") % { code: e.response.code }, e)
|
150
162
|
end
|
151
|
-
|
152
|
-
NeedCert.new(@machine, @ssl_context, @private_key)
|
153
163
|
end
|
154
164
|
end
|
155
165
|
|
@@ -170,34 +180,37 @@ class Puppet::SSL::StateMachine
|
|
170
180
|
@cert_provider.delete_request(Puppet[:certname])
|
171
181
|
Done.new(@machine, next_ctx)
|
172
182
|
rescue Puppet::SSL::SSLError => e
|
173
|
-
|
174
|
-
Wait.new(@machine, @ssl_context)
|
183
|
+
Error.new(@machine, e.message, e)
|
175
184
|
rescue OpenSSL::X509::CertificateError => e
|
176
|
-
|
177
|
-
Wait.new(@machine, @ssl_context)
|
185
|
+
Error.new(@machine, _("Failed to parse certificate: %{message}") % {message: e.message}, e)
|
178
186
|
rescue Puppet::Rest::ResponseError => e
|
179
187
|
if e.response.code.to_i == 404
|
180
188
|
Puppet.info(_("Certificate for %{certname} has not been signed yet") % {certname: Puppet[:certname]})
|
189
|
+
$stdout.puts _("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}).") % { name: Puppet[:certname] }
|
190
|
+
Wait.new(@machine)
|
181
191
|
else
|
182
|
-
|
183
|
-
|
192
|
+
to_error(_("Failed to retrieve certificate for %{certname}: %{message}") %
|
193
|
+
{certname: Puppet[:certname], message: e.response.message}, e)
|
184
194
|
end
|
185
|
-
Wait.new(@machine, @ssl_context)
|
186
195
|
end
|
187
196
|
end
|
188
197
|
|
189
|
-
# We cannot make progress, so wait if allowed to do so, or
|
198
|
+
# We cannot make progress, so wait if allowed to do so, or exit.
|
190
199
|
#
|
191
200
|
class Wait < SSLState
|
201
|
+
def initialize(machine)
|
202
|
+
super(machine, nil)
|
203
|
+
end
|
204
|
+
|
192
205
|
def next_state
|
193
206
|
time = @machine.waitforcert
|
194
207
|
if time < 1
|
195
|
-
puts _("
|
208
|
+
puts _("Exiting now because the waitforcert setting is set to 0.")
|
196
209
|
exit(1)
|
197
210
|
else
|
198
|
-
Puppet.info(_("
|
211
|
+
Puppet.info(_("Will try again in %{time} seconds.") % {time: time})
|
199
212
|
|
200
|
-
sleep(time)
|
213
|
+
Kernel.sleep(time)
|
201
214
|
|
202
215
|
# our ssl directory may have been cleaned while we were
|
203
216
|
# sleeping, start over from the top
|
@@ -206,28 +219,68 @@ class Puppet::SSL::StateMachine
|
|
206
219
|
end
|
207
220
|
end
|
208
221
|
|
222
|
+
# We cannot make progress due to an error.
|
223
|
+
#
|
224
|
+
class Error < SSLState
|
225
|
+
attr_reader :message, :error
|
226
|
+
|
227
|
+
def initialize(machine, message, error)
|
228
|
+
super(machine, nil)
|
229
|
+
@message = message
|
230
|
+
@error = error
|
231
|
+
end
|
232
|
+
|
233
|
+
def next_state
|
234
|
+
Puppet.log_exception(@error, @message)
|
235
|
+
Wait.new(@machine)
|
236
|
+
end
|
237
|
+
end
|
238
|
+
|
209
239
|
# We have a CA bundle, optional CRL bundle, a private key and matching cert
|
210
240
|
# that chains to one of the root certs in our bundle.
|
211
241
|
#
|
212
242
|
class Done < SSLState; end
|
213
243
|
|
214
|
-
attr_reader :waitforcert
|
244
|
+
attr_reader :waitforcert, :cert_provider, :ssl_provider
|
215
245
|
|
216
|
-
|
246
|
+
# Construct a state machine to manage the SSL initialization process. By
|
247
|
+
# default, if the state machine encounters an exception, it will log the
|
248
|
+
# exception and wait for `waitforcert` seconds and retry, restarting from the
|
249
|
+
# beginning of the state machine.
|
250
|
+
#
|
251
|
+
# However, if `onetime` is true, then the state machine will raise the first
|
252
|
+
# error it encounters, instead of waiting. Otherwise, if `waitforcert` is 0,
|
253
|
+
# then then state machine will exit instead of wait.
|
254
|
+
#
|
255
|
+
# @param waitforcert [Integer] how many seconds to wait between attempts
|
256
|
+
# @param onetime [Boolean] whether to run onetime
|
257
|
+
# @param cert_provider [Puppet::X509::CertProvider] cert provider to use
|
258
|
+
# to load and save X509 objects.
|
259
|
+
# @param ssl_provider [Puppet::SSL::SSLProvider] ssl provider to use
|
260
|
+
# to construct ssl contexts.
|
261
|
+
def initialize(waitforcert: Puppet[:waitforcert],
|
262
|
+
onetime: Puppet[:onetime],
|
263
|
+
cert_provider: Puppet::X509::CertProvider.new,
|
264
|
+
ssl_provider: Puppet::SSL::SSLProvider.new)
|
217
265
|
@waitforcert = waitforcert
|
266
|
+
@onetime = onetime
|
267
|
+
@cert_provider = cert_provider
|
268
|
+
@ssl_provider = ssl_provider
|
218
269
|
end
|
219
270
|
|
220
|
-
# Run the state machine for CA certs and CRLs
|
271
|
+
# Run the state machine for CA certs and CRLs.
|
221
272
|
#
|
222
273
|
# @return [Puppet::SSL::SSLContext] initialized SSLContext
|
274
|
+
# @raise [Puppet::Error] If we fail to generate an SSLContext
|
223
275
|
def ensure_ca_certificates
|
224
276
|
final_state = run_machine(NeedCACerts.new(self), NeedKey)
|
225
277
|
final_state.ssl_context
|
226
278
|
end
|
227
279
|
|
228
|
-
# Run the state machine for CA certs and CRLs
|
280
|
+
# Run the state machine for CA certs and CRLs.
|
229
281
|
#
|
230
282
|
# @return [Puppet::SSL::SSLContext] initialized SSLContext
|
283
|
+
# @raise [Puppet::Error] If we fail to generate an SSLContext
|
231
284
|
def ensure_client_certificate
|
232
285
|
final_state = run_machine(NeedCACerts.new(self), Done)
|
233
286
|
ssl_context = final_state.ssl_context
|
@@ -252,9 +305,27 @@ class Puppet::SSL::StateMachine
|
|
252
305
|
|
253
306
|
def run_machine(state, stop)
|
254
307
|
loop do
|
255
|
-
state = state
|
256
|
-
|
257
|
-
|
308
|
+
state = run_step(state)
|
309
|
+
|
310
|
+
case state
|
311
|
+
when stop
|
312
|
+
break
|
313
|
+
when Error
|
314
|
+
if @onetime
|
315
|
+
Puppet.log_exception(state.error)
|
316
|
+
raise state.error
|
317
|
+
end
|
318
|
+
else
|
319
|
+
# fall through
|
320
|
+
end
|
258
321
|
end
|
322
|
+
|
323
|
+
state
|
324
|
+
end
|
325
|
+
|
326
|
+
def run_step(state)
|
327
|
+
state.next_state
|
328
|
+
rescue => e
|
329
|
+
state.to_error(e.message, e)
|
259
330
|
end
|
260
331
|
end
|
data/lib/puppet/type/package.rb
CHANGED
@@ -20,8 +20,8 @@ module Puppet
|
|
20
20
|
requires in order to function, and you must meet those requirements
|
21
21
|
to use a given provider.
|
22
22
|
|
23
|
-
You can declare multiple package resources with the same `name
|
24
|
-
as they specify different providers and
|
23
|
+
You can declare multiple package resources with the same `name` as long
|
24
|
+
as they have unique titles, and specify different providers and commands.
|
25
25
|
|
26
26
|
Note that you must use the _title_ to make a reference to a package
|
27
27
|
resource; `Package[<NAME>]` is not a synonym for `Package[<TITLE>]` like
|
@@ -66,6 +66,8 @@ module Puppet
|
|
66
66
|
:methods => [:package_settings_insync?, :package_settings, :package_settings=]
|
67
67
|
feature :virtual_packages, "The provider accepts virtual package names for install and uninstall."
|
68
68
|
|
69
|
+
feature :targetable, "The provider accepts a targeted package management command."
|
70
|
+
|
69
71
|
ensurable do
|
70
72
|
desc <<-EOT
|
71
73
|
What state the package should be in. On packaging systems that can
|
@@ -275,20 +277,55 @@ module Puppet
|
|
275
277
|
[:provider]
|
276
278
|
end
|
277
279
|
|
278
|
-
#
|
279
|
-
|
280
|
-
|
281
|
-
|
280
|
+
# Specify a targeted package management command.
|
281
|
+
newparam(:command, :required_features => :targetable) do
|
282
|
+
desc <<-EOT
|
283
|
+
The targeted command to use when managing a package:
|
284
|
+
|
285
|
+
package { 'mysql':
|
286
|
+
provider => gem,
|
287
|
+
}
|
288
|
+
|
289
|
+
package { 'mysql-opt':
|
290
|
+
name => 'mysql',
|
291
|
+
provider => gem,
|
292
|
+
command => '/opt/ruby/bin/gem',
|
293
|
+
}
|
294
|
+
|
295
|
+
Each provider defines a package management command; and uses the first
|
296
|
+
instance of the command found in the PATH.
|
297
|
+
|
298
|
+
Providers supporting the targetable feature allow you to specify the
|
299
|
+
absolute path of the package management command; useful when multiple
|
300
|
+
instances of the command are installed, or the command is not in the PATH.
|
301
|
+
EOT
|
302
|
+
|
303
|
+
isnamevar
|
304
|
+
defaultto :default
|
305
|
+
end
|
306
|
+
|
307
|
+
# We have more than one namevar, so we need title_patterns.
|
308
|
+
# However, we cheat and set the patterns to map to name only
|
309
|
+
# and completely ignore provider (and command, for targetable providers).
|
310
|
+
# So far, the logic that determines uniqueness appears to just
|
311
|
+
# "Do The Right Thing™" when provider (and command) are explicitly set.
|
282
312
|
#
|
283
313
|
# The following resources will be seen as unique by puppet:
|
284
314
|
#
|
285
315
|
# # Uniqueness Key: ['mysql', nil]
|
286
|
-
# package{'mysql': }
|
316
|
+
# package {'mysql': }
|
317
|
+
#
|
318
|
+
# # Uniqueness Key: ['mysql', 'gem', nil]
|
319
|
+
# package {'gem-mysql':
|
320
|
+
# name => 'mysql,
|
321
|
+
# provider => gem,
|
322
|
+
# }
|
287
323
|
#
|
288
|
-
# # Uniqueness Key: ['mysql', 'gem']
|
289
|
-
# package{'gem-mysql':
|
324
|
+
# # Uniqueness Key: ['mysql', 'gem', '/opt/ruby/bin/gem']
|
325
|
+
# package {'gem-mysql-opt':
|
290
326
|
# name => 'mysql,
|
291
327
|
# provider => gem
|
328
|
+
# command => '/opt/ruby/bin/gem',
|
292
329
|
# }
|
293
330
|
#
|
294
331
|
# This does not handle the case where providers like 'yum' and 'rpm' should
|
data/lib/puppet/util/pidlock.rb
CHANGED
@@ -62,12 +62,13 @@ class Puppet::Util::Pidlock
|
|
62
62
|
# POSIX and Windows platforms (PUP-9247).
|
63
63
|
if Puppet.features.posix?
|
64
64
|
procname = Puppet::Util::Execution.execute(["ps", "-p", lock_pid, "-o", "comm="]).strip
|
65
|
-
|
65
|
+
args = Puppet::Util::Execution.execute(["ps", "-p", lock_pid, "-o", "args="]).strip
|
66
|
+
@lockfile.unlock unless procname =~ /ruby/ && args =~ /puppet/ || procname =~ /puppet(-.*)?$/
|
66
67
|
elsif Puppet.features.microsoft_windows?
|
67
68
|
# On Windows, we're checking if the filesystem path name of the running
|
68
69
|
# process is our vendored ruby:
|
69
70
|
exe_path = Puppet::Util::Windows::Process::get_process_image_name_by_pid(lock_pid)
|
70
|
-
@lockfile.unlock unless exe_path =~
|
71
|
+
@lockfile.unlock unless exe_path =~ /\\bin\\ruby.exe$/
|
71
72
|
end
|
72
73
|
end
|
73
74
|
private :clear_if_stale
|