puppet 6.4.4 → 6.4.5

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (221) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +1 -1
  3. data/Gemfile +4 -4
  4. data/Gemfile.lock +38 -32
  5. data/ext/build_defaults.yaml +1 -0
  6. data/ext/cert_inspector +3 -3
  7. data/ext/puppet-test +2 -2
  8. data/ext/regexp_nodes/regexp_nodes.rb +4 -4
  9. data/ext/windows/service/daemon.rb +38 -8
  10. data/install.rb +6 -6
  11. data/lib/puppet/application.rb +1 -1
  12. data/lib/puppet/application/apply.rb +2 -2
  13. data/lib/puppet/application/describe.rb +3 -9
  14. data/lib/puppet/application/doc.rb +1 -1
  15. data/lib/puppet/application/lookup.rb +1 -1
  16. data/lib/puppet/application/script.rb +2 -2
  17. data/lib/puppet/application/ssl.rb +4 -1
  18. data/lib/puppet/configurer.rb +86 -30
  19. data/lib/puppet/configurer/downloader.rb +2 -6
  20. data/lib/puppet/defaults.rb +32 -6
  21. data/lib/puppet/error.rb +9 -1
  22. data/lib/puppet/face/module/list.rb +5 -5
  23. data/lib/puppet/face/module/search.rb +1 -1
  24. data/lib/puppet/face/module/uninstall.rb +1 -1
  25. data/lib/puppet/face/module/upgrade.rb +1 -1
  26. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  27. data/lib/puppet/file_system.rb +0 -8
  28. data/lib/puppet/file_system/memory_file.rb +1 -1
  29. data/lib/puppet/file_system/posix.rb +3 -2
  30. data/lib/puppet/forge.rb +3 -3
  31. data/lib/puppet/functions.rb +1 -2
  32. data/lib/puppet/functions/camelcase.rb +2 -2
  33. data/lib/puppet/functions/epp.rb +4 -4
  34. data/lib/puppet/functions/find_file.rb +9 -9
  35. data/lib/puppet/functions/inline_epp.rb +5 -5
  36. data/lib/puppet/gettext/module_translations.rb +1 -1
  37. data/lib/puppet/graph/rb_tree_map.rb +2 -2
  38. data/lib/puppet/graph/simple_graph.rb +4 -3
  39. data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
  40. data/lib/puppet/indirector/hiera.rb +2 -0
  41. data/lib/puppet/indirector/resource/ral.rb +1 -3
  42. data/lib/puppet/indirector/resource/validator.rb +1 -1
  43. data/lib/puppet/interface.rb +2 -1
  44. data/lib/puppet/loaders.rb +0 -1
  45. data/lib/puppet/metatype/manager.rb +1 -1
  46. data/lib/puppet/module.rb +1 -1
  47. data/lib/puppet/module/task.rb +20 -4
  48. data/lib/puppet/module_tool/applications/installer.rb +1 -1
  49. data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
  50. data/lib/puppet/module_tool/metadata.rb +1 -1
  51. data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
  52. data/lib/puppet/module_tool/tar/mini.rb +1 -1
  53. data/lib/puppet/network/http/api/indirected_routes.rb +12 -11
  54. data/lib/puppet/network/http/connection.rb +10 -12
  55. data/lib/puppet/network/http/pool.rb +2 -0
  56. data/lib/puppet/network/http/site.rb +1 -1
  57. data/lib/puppet/network/resolver.rb +2 -2
  58. data/lib/puppet/node/environment.rb +4 -2
  59. data/lib/puppet/pal/pal_impl.rb +2 -2
  60. data/lib/puppet/parser/ast.rb +1 -1
  61. data/lib/puppet/parser/ast/resourceparam.rb +1 -1
  62. data/lib/puppet/parser/functions.rb +1 -1
  63. data/lib/puppet/parser/functions/epp.rb +3 -3
  64. data/lib/puppet/parser/functions/inline_epp.rb +5 -5
  65. data/lib/puppet/parser/scope.rb +8 -7
  66. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
  67. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
  68. data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
  69. data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
  70. data/lib/puppet/pops/loader/task_instantiator.rb +4 -0
  71. data/lib/puppet/pops/loaders.rb +1 -1
  72. data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
  73. data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
  74. data/lib/puppet/pops/merge_strategy.rb +22 -18
  75. data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
  76. data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
  77. data/lib/puppet/pops/parser/locator.rb +1 -1
  78. data/lib/puppet/pops/parser/pn_parser.rb +17 -16
  79. data/lib/puppet/pops/puppet_stack.rb +51 -49
  80. data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
  81. data/lib/puppet/pops/types/string_converter.rb +10 -10
  82. data/lib/puppet/pops/types/types.rb +3 -3
  83. data/lib/puppet/property.rb +1 -1
  84. data/lib/puppet/property/ensure.rb +1 -1
  85. data/lib/puppet/provider/exec.rb +6 -2
  86. data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
  87. data/lib/puppet/provider/nameservice/pw.rb +2 -2
  88. data/lib/puppet/provider/package/apt.rb +5 -1
  89. data/lib/puppet/provider/package/dnfmodule.rb +87 -0
  90. data/lib/puppet/provider/package/dpkg.rb +34 -18
  91. data/lib/puppet/provider/package/openbsd.rb +1 -1
  92. data/lib/puppet/provider/package/pip.rb +34 -9
  93. data/lib/puppet/provider/package/portage.rb +4 -4
  94. data/lib/puppet/provider/package/rpm.rb +5 -5
  95. data/lib/puppet/provider/package/windows/package.rb +1 -1
  96. data/lib/puppet/provider/package/yum.rb +1 -1
  97. data/lib/puppet/provider/package_targetable.rb +5 -4
  98. data/lib/puppet/provider/parsedfile.rb +1 -1
  99. data/lib/puppet/provider/service/daemontools.rb +9 -9
  100. data/lib/puppet/provider/service/openbsd.rb +1 -1
  101. data/lib/puppet/provider/service/rcng.rb +2 -2
  102. data/lib/puppet/provider/service/runit.rb +2 -8
  103. data/lib/puppet/provider/service/systemd.rb +9 -9
  104. data/lib/puppet/provider/user/directoryservice.rb +1 -1
  105. data/lib/puppet/provider/user/hpux.rb +1 -1
  106. data/lib/puppet/provider/user/user_role_add.rb +1 -1
  107. data/lib/puppet/provider/user/useradd.rb +22 -13
  108. data/lib/puppet/provider/user/windows_adsi.rb +4 -5
  109. data/lib/puppet/reference/indirection.rb +2 -2
  110. data/lib/puppet/reference/metaparameter.rb +1 -3
  111. data/lib/puppet/reference/providers.rb +1 -3
  112. data/lib/puppet/reference/type.rb +3 -9
  113. data/lib/puppet/reports.rb +1 -1
  114. data/lib/puppet/resource.rb +1 -1
  115. data/lib/puppet/resource/catalog.rb +1 -1
  116. data/lib/puppet/settings.rb +3 -3
  117. data/lib/puppet/settings/environment_conf.rb +1 -0
  118. data/lib/puppet/ssl/host.rb +1 -1
  119. data/lib/puppet/ssl/oids.rb +1 -1
  120. data/lib/puppet/transaction.rb +33 -11
  121. data/lib/puppet/transaction/report.rb +1 -1
  122. data/lib/puppet/type.rb +2 -4
  123. data/lib/puppet/type/exec.rb +7 -3
  124. data/lib/puppet/type/file.rb +1 -2
  125. data/lib/puppet/type/file/data_sync.rb +5 -1
  126. data/lib/puppet/type/group.rb +4 -2
  127. data/lib/puppet/type/notify.rb +3 -2
  128. data/lib/puppet/type/package.rb +10 -3
  129. data/lib/puppet/type/schedule.rb +1 -1
  130. data/lib/puppet/type/service.rb +1 -1
  131. data/lib/puppet/type/user.rb +4 -2
  132. data/lib/puppet/util.rb +35 -12
  133. data/lib/puppet/util/command_line/trollop.rb +1 -1
  134. data/lib/puppet/util/http_proxy.rb +8 -14
  135. data/lib/puppet/util/log.rb +2 -2
  136. data/lib/puppet/util/log/destinations.rb +2 -2
  137. data/lib/puppet/util/logging.rb +32 -20
  138. data/lib/puppet/util/metric.rb +2 -2
  139. data/lib/puppet/util/provider_features.rb +2 -4
  140. data/lib/puppet/util/rdoc.rb +1 -1
  141. data/lib/puppet/util/reference.rb +1 -1
  142. data/lib/puppet/util/resource_template.rb +1 -1
  143. data/lib/puppet/util/selinux.rb +3 -1
  144. data/lib/puppet/util/windows/adsi.rb +48 -18
  145. data/lib/puppet/util/windows/registry.rb +7 -5
  146. data/lib/puppet/vendor.rb +1 -1
  147. data/lib/puppet/version.rb +1 -1
  148. data/lib/puppet/x509/cert_provider.rb +13 -6
  149. data/locales/puppet.pot +199 -159
  150. data/man/man5/puppet.conf.5 +35 -5
  151. data/man/man8/puppet-agent.8 +1 -1
  152. data/man/man8/puppet-apply.8 +1 -1
  153. data/man/man8/puppet-catalog.8 +1 -1
  154. data/man/man8/puppet-config.8 +1 -1
  155. data/man/man8/puppet-describe.8 +1 -1
  156. data/man/man8/puppet-device.8 +1 -1
  157. data/man/man8/puppet-doc.8 +1 -1
  158. data/man/man8/puppet-epp.8 +1 -1
  159. data/man/man8/puppet-facts.8 +1 -1
  160. data/man/man8/puppet-filebucket.8 +1 -1
  161. data/man/man8/puppet-generate.8 +1 -1
  162. data/man/man8/puppet-help.8 +1 -1
  163. data/man/man8/puppet-key.8 +1 -1
  164. data/man/man8/puppet-lookup.8 +1 -1
  165. data/man/man8/puppet-man.8 +1 -1
  166. data/man/man8/puppet-module.8 +1 -1
  167. data/man/man8/puppet-node.8 +1 -1
  168. data/man/man8/puppet-parser.8 +1 -1
  169. data/man/man8/puppet-plugin.8 +1 -1
  170. data/man/man8/puppet-report.8 +1 -1
  171. data/man/man8/puppet-resource.8 +1 -1
  172. data/man/man8/puppet-script.8 +1 -1
  173. data/man/man8/puppet-ssl.8 +1 -1
  174. data/man/man8/puppet-status.8 +1 -1
  175. data/man/man8/puppet.8 +2 -2
  176. data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list-installed.txt +11 -0
  177. data/spec/integration/configurer_spec.rb +52 -0
  178. data/spec/integration/type/notify_spec.rb +46 -0
  179. data/spec/lib/puppet/certificate_factory.rb +2 -2
  180. data/spec/spec_helper.rb +28 -0
  181. data/spec/unit/application/ssl_spec.rb +4 -7
  182. data/spec/unit/configurer_spec.rb +394 -398
  183. data/spec/unit/defaults_spec.rb +4 -4
  184. data/spec/unit/forge/forge_spec.rb +1 -3
  185. data/spec/unit/forge/repository_spec.rb +1 -3
  186. data/spec/unit/indirector/resource/ral_spec.rb +4 -4
  187. data/spec/unit/network/http/connection_spec.rb +119 -145
  188. data/spec/unit/parser/scope_spec.rb +10 -0
  189. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
  190. data/spec/unit/pops/loaders/module_loaders_spec.rb +37 -0
  191. data/spec/unit/provider/exec_spec.rb +209 -0
  192. data/spec/unit/provider/package/dnfmodule_spec.rb +186 -0
  193. data/spec/unit/provider/package/dpkg_spec.rb +238 -78
  194. data/spec/unit/provider/package/pip_spec.rb +51 -6
  195. data/spec/unit/provider/package/portage_spec.rb +4 -4
  196. data/spec/unit/provider/package_targetable_spec.rb +60 -0
  197. data/spec/unit/provider/service/daemontools_spec.rb +24 -0
  198. data/spec/unit/provider/service/runit_spec.rb +24 -0
  199. data/spec/unit/provider/service/systemd_spec.rb +25 -25
  200. data/spec/unit/provider/user/hpux_spec.rb +2 -2
  201. data/spec/unit/provider/user/useradd_spec.rb +46 -0
  202. data/spec/unit/ssl/host_spec.rb +0 -5
  203. data/spec/unit/ssl/state_machine_spec.rb +0 -6
  204. data/spec/unit/transaction_spec.rb +46 -0
  205. data/spec/unit/type/exec_spec.rb +6 -12
  206. data/spec/unit/type/file/content_spec.rb +9 -3
  207. data/spec/unit/type/file_spec.rb +9 -4
  208. data/spec/unit/type/package_spec.rb +5 -0
  209. data/spec/unit/util/execution_spec.rb +16 -0
  210. data/spec/unit/util/http_proxy_spec.rb +118 -27
  211. data/spec/unit/util/log/destinations_spec.rb +7 -3
  212. data/spec/unit/util/log_spec.rb +0 -138
  213. data/spec/unit/util/logging_spec.rb +200 -0
  214. data/spec/unit/util/windows/adsi_spec.rb +51 -0
  215. data/spec/unit/x509/cert_provider_spec.rb +24 -4
  216. data/tasks/manpages.rake +1 -0
  217. metadata +12 -10
  218. data/lib/puppet/pops/loader/null_loader.rb +0 -60
  219. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_get/should_yield_to_the_block.yml +0 -24
  220. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_head/should_yield_to_the_block.yml +0 -24
  221. data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_post/should_yield_to_the_block.yml +0 -24
@@ -215,7 +215,7 @@ class Parser
215
215
  opts[:type] = opts[:type] || type_from_default || :flag
216
216
 
217
217
  ## fill in :long
218
- opts[:long] = opts[:long] ? opts[:long].to_s : name.to_s.gsub("_", "-")
218
+ opts[:long] = opts[:long] ? opts[:long].to_s : name.to_s.tr("_", "-")
219
219
  opts[:long] =
220
220
  case opts[:long]
221
221
  when /^--([^-].*)$/
@@ -4,13 +4,15 @@ require 'puppet/network/http'
4
4
 
5
5
  module Puppet::Util::HttpProxy
6
6
  def self.proxy(uri)
7
- if self.no_proxy?(uri)
8
- proxy_class = Net::HTTP::Proxy(nil)
7
+ if http_proxy_host && !no_proxy?(uri)
8
+ Net::HTTP.new(uri.host, uri.port, self.http_proxy_host, self.http_proxy_port, self.http_proxy_user, self.http_proxy_password)
9
9
  else
10
- proxy_class = Net::HTTP::Proxy(self.http_proxy_host, self.http_proxy_port, self.http_proxy_user, self.http_proxy_password)
10
+ http = Net::HTTP.new(uri.host, uri.port, nil, nil, nil, nil)
11
+ # Net::HTTP defaults the proxy port even though we said not to
12
+ # use one. Set it to nil so caller is not surprised
13
+ http.proxy_port = nil if http.respond_to?(:proxy_port=)
14
+ http
11
15
  end
12
-
13
- return proxy_class.new(uri.host, uri.port)
14
16
  end
15
17
 
16
18
  def self.http_proxy_env
@@ -49,14 +51,6 @@ module Puppet::Util::HttpProxy
49
51
  host, port = d.split(':')
50
52
  host = Regexp.escape(host).gsub('\*', '.*')
51
53
 
52
- #If the host of this no_proxy value starts with '.', this entry is
53
- #a domain level entry. Don't pin the regex to the beginning of the entry.
54
- #If it does not start with a '.' then it is a host specific entry and
55
- #should be matched to the destination starting at the beginning.
56
- unless host =~ /^\\\./
57
- host = "^#{host}"
58
- end
59
-
60
54
  #If this no_proxy entry specifies a port, we want to match it against
61
55
  #the destination port. Otherwise just match hosts.
62
56
  if port
@@ -192,7 +186,7 @@ module Puppet::Util::HttpProxy
192
186
 
193
187
  headers = { 'Accept' => '*/*', 'User-Agent' => Puppet[:http_user_agent] }
194
188
  if Puppet.features.zlib?
195
- headers.merge!({"Accept-Encoding" => Puppet::Network::HTTP::Compression::ACCEPT_ENCODING})
189
+ headers["Accept-Encoding"] = Puppet::Network::HTTP::Compression::ACCEPT_ENCODING
196
190
  end
197
191
 
198
192
  response = proxy.send(:head, current_uri, headers)
@@ -175,7 +175,7 @@ class Puppet::Util::Log
175
175
  # We only select the last 10 callers in the stack to avoid being spammy
176
176
  message = _("Received a Log attribute with invalid encoding:%{log_message}") %
177
177
  { log_message: Puppet::Util::CharacterEncoding.convert_to_utf_8(str.dump)}
178
- message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller[0..10].join("\n") }
178
+ message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller(1, 10).join("\n") }
179
179
  message
180
180
  end
181
181
  private_class_method :coerce_string
@@ -392,7 +392,7 @@ class Puppet::Util::Log
392
392
  end
393
393
 
394
394
  def to_report
395
- "#{time} #{source} (#{level}): #{to_s}"
395
+ "#{time} #{source} (#{level}): #{self}"
396
396
  end
397
397
 
398
398
  def to_s
@@ -34,7 +34,7 @@ Puppet::Util::Log.newdesttype :syslog do
34
34
  end
35
35
  else
36
36
  msg.to_s.split("\n").each do |line|
37
- @syslog.send(msg.level, "(%s) %s" % [msg.source.to_s.gsub("%", ""),
37
+ @syslog.send(msg.level, "(%s) %s" % [msg.source.to_s.delete("%"),
38
38
  line.gsub("%", '%%')
39
39
  ]
40
40
  )
@@ -78,7 +78,7 @@ Puppet::Util::Log.newdesttype :file do
78
78
 
79
79
  # create the log file, if it doesn't already exist
80
80
  need_array_start = false
81
- file_exists = File.exists?(path)
81
+ file_exists = Puppet::FileSystem.exist?(path)
82
82
  if @json == 1
83
83
  need_array_start = true
84
84
  if file_exists
@@ -48,12 +48,13 @@ module Logging
48
48
  # wish to log a message at all; in this case it is likely that you are only calling this method in order
49
49
  # to take advantage of the backtrace logging.
50
50
  def log_exception(exception, message = :default, options = {})
51
- trace = Puppet[:trace] || options[:trace]
52
51
  level = options[:level] || :err
52
+ combined_trace = Puppet[:trace] || options[:trace]
53
+ puppet_trace = Puppet[:puppet_trace] || options[:puppet_trace]
54
+
53
55
  if message == :default && exception.is_a?(Puppet::ParseErrorWithIssue)
54
56
  # Retain all detailed info and keep plain message and stacktrace separate
55
- backtrace = []
56
- build_exception_trace(backtrace, exception, trace)
57
+ backtrace = build_exception_trace(exception, combined_trace, puppet_trace)
57
58
  Puppet::Util::Log.create({
58
59
  :level => level,
59
60
  :source => log_source,
@@ -67,28 +68,27 @@ module Logging
67
68
  :node => exception.node
68
69
  }.merge(log_metadata))
69
70
  else
70
- send_log(level, format_exception(exception, message, trace))
71
+ send_log(level, format_exception(exception, message, combined_trace, puppet_trace))
71
72
  end
72
73
  end
73
74
 
74
- def build_exception_trace(arr, exception, trace = true)
75
- if trace and exception.backtrace
76
- exception.backtrace.each do |line|
77
- arr << line =~ /^(.+):(\d+.*)$/ ? ("#{Pathname($1).realpath}:#{$2}" rescue line) : line
78
- end
79
- end
75
+ def build_exception_trace(exception, combined_trace = true, puppet_trace = false)
76
+ built_trace = format_backtrace(exception, combined_trace, puppet_trace)
77
+
80
78
  if exception.respond_to?(:original)
81
79
  original = exception.original
82
80
  unless original.nil?
83
- arr << _('Wrapped exception:')
84
- arr << original.message
85
- build_exception_trace(arr, original, trace)
81
+ built_trace << _('Wrapped exception:')
82
+ built_trace << original.message
83
+ built_trace += build_exception_trace(original, combined_trace, puppet_trace)
86
84
  end
87
85
  end
86
+
87
+ built_trace
88
88
  end
89
89
  private :build_exception_trace
90
90
 
91
- def format_exception(exception, message = :default, trace = true)
91
+ def format_exception(exception, message = :default, combined_trace = true, puppet_trace = false)
92
92
  arr = []
93
93
  case message
94
94
  when :default
@@ -99,16 +99,28 @@ module Logging
99
99
  arr << message
100
100
  end
101
101
 
102
- if trace and exception.backtrace
103
- arr << Puppet::Util.pretty_backtrace(exception.backtrace)
104
- end
102
+ arr += format_backtrace(exception, combined_trace, puppet_trace)
103
+
105
104
  if exception.respond_to?(:original) and exception.original
106
105
  arr << _("Wrapped exception:")
107
- arr << format_exception(exception.original, :default, trace)
106
+ arr << format_exception(exception.original, :default, combined_trace, puppet_trace)
108
107
  end
108
+
109
109
  arr.flatten.join("\n")
110
110
  end
111
111
 
112
+ def format_backtrace(exception, combined_trace, puppet_trace)
113
+ puppetstack = exception.respond_to?(:puppetstack) ? exception.puppetstack : []
114
+
115
+ if combined_trace and exception.backtrace
116
+ Puppet::Util.format_backtrace_array(exception.backtrace, puppetstack)
117
+ elsif puppet_trace && !puppetstack.empty?
118
+ Puppet::Util.format_backtrace_array(puppetstack)
119
+ else
120
+ []
121
+ end
122
+ end
123
+
112
124
  def log_and_raise(exception, message)
113
125
  log_exception(exception, message)
114
126
  raise exception, message + "\n" + exception.to_s, exception.backtrace
@@ -194,9 +206,9 @@ module Logging
194
206
  # let's find the offending line; we need to jump back up the stack a few steps to find the method that called
195
207
  # the deprecated method
196
208
  if Puppet[:trace]
197
- caller()[2..-1]
209
+ caller(3)
198
210
  else
199
- [caller()[2]]
211
+ [caller(3, 1).first]
200
212
  end
201
213
  end
202
214
 
@@ -54,11 +54,11 @@ class Puppet::Util::Metric
54
54
  end
55
55
 
56
56
  def values
57
- @values.sort { |a, b| a[1] <=> b[1] }
57
+ @values.sort_by { |a| a[1] }
58
58
  end
59
59
 
60
60
  # Convert a name into a label.
61
61
  def self.labelize(name)
62
- name.to_s.capitalize.gsub("_", " ")
62
+ name.to_s.capitalize.tr("_", " ")
63
63
  end
64
64
  end
@@ -78,7 +78,7 @@ module Puppet::Util::ProviderFeatures
78
78
  str = ""
79
79
  @features ||= {}
80
80
  return nil if @features.empty?
81
- names = @features.keys.sort { |a,b| a.to_s <=> b.to_s }
81
+ names = @features.keys.sort_by(&:to_s)
82
82
  names.each do |name|
83
83
  doc = @features[name].docs.gsub(/\n\s+/, " ")
84
84
  str << "- *#{name}*: #{doc}\n"
@@ -127,9 +127,7 @@ module Puppet::Util::ProviderFeatures
127
127
  # Create a method that will list all functional features.
128
128
  @feature_module.send(:define_method, :features) do
129
129
  return false unless defined?(features)
130
- features.keys.find_all { |n| feature?(n) }.sort { |a,b|
131
- a.to_s <=> b.to_s
132
- }
130
+ features.keys.find_all { |n| feature?(n) }.sort_by(&:to_s)
133
131
  end
134
132
 
135
133
  # Create a method that will determine if a provided list of
@@ -31,7 +31,7 @@ module Puppet::Util::RDoc
31
31
  # uses relative_path_from that will generate errors when the slashes don't
32
32
  # properly match. This is a workaround for that issue.
33
33
  if Puppet::Util::Platform.windows? && RDoc::VERSION !~ /^[0-3]\./
34
- options += [ "--root", Dir.pwd.gsub(/\\/, '/')]
34
+ options += [ "--root", Dir.pwd.tr('\\', '/')]
35
35
  end
36
36
  options += files
37
37
 
@@ -58,7 +58,7 @@ class Puppet::Util::Reference
58
58
 
59
59
  def self.references(environment)
60
60
  instance_loader(:reference).loadall(environment)
61
- loaded_instances(:reference).sort { |a,b| a.to_s <=> b.to_s }
61
+ loaded_instances(:reference).sort_by(&:to_s)
62
62
  end
63
63
 
64
64
  attr_accessor :page, :depth, :header, :title, :dynamic
@@ -53,7 +53,7 @@ class Puppet::Util::ResourceTemplate
53
53
 
54
54
  def set_resource_variables
55
55
  @resource.to_hash.each do |param, value|
56
- var = "@#{param.to_s}"
56
+ var = "@#{param}"
57
57
  instance_variable_set(var, value)
58
58
  end
59
59
  end
@@ -206,7 +206,9 @@ module Puppet::Util::SELinux
206
206
  # If possible we use read_nonblock in a loop rather than read to work-
207
207
  # a linux kernel bug. See ticket #1963 for details.
208
208
  mountfh = File.open("/proc/mounts")
209
- mounts += mountfh.read_nonblock(1024) while true
209
+ loop do
210
+ mounts += mountfh.read_nonblock(1024)
211
+ end
210
212
  else
211
213
  # Otherwise we shell out and let cat do it for us
212
214
  mountfh = IO.popen("/bin/cat /proc/mounts")
@@ -1,6 +1,23 @@
1
1
  module Puppet::Util::Windows::ADSI
2
2
  require 'ffi'
3
3
 
4
+ # https://docs.microsoft.com/en-us/windows/win32/api/dsrole/ne-dsrole-dsrole_machine_role
5
+ STANDALONE_WORKSTATION = 0
6
+ MEMBER_WORKSTATION = 1
7
+ STANDALONE_SERVER = 2
8
+ MEMBER_SERVER = 3
9
+ BACKUP_DOMAIN_CONTROLLER = 4
10
+ PRIMARY_DOMAIN_CONTROLLER = 5
11
+
12
+ DOMAIN_ROLES = {
13
+ STANDALONE_WORKSTATION => :STANDALONE_WORKSTATION,
14
+ MEMBER_WORKSTATION => :MEMBER_WORKSTATION,
15
+ STANDALONE_SERVER => :STANDALONE_SERVER,
16
+ MEMBER_SERVER => :MEMBER_SERVER,
17
+ BACKUP_DOMAIN_CONTROLLER => :BACKUP_DOMAIN_CONTROLLER,
18
+ PRIMARY_DOMAIN_CONTROLLER => :PRIMARY_DOMAIN_CONTROLLER,
19
+ }
20
+
4
21
  class << self
5
22
  extend FFI::Library
6
23
 
@@ -94,6 +111,14 @@ module Puppet::Util::Windows::ADSI
94
111
  wmi_connection.execquery(query)
95
112
  end
96
113
 
114
+ def domain_role
115
+ unless @domain_role
116
+ query_result = Puppet::Util::Windows::ADSI.execquery('select DomainRole from Win32_ComputerSystem').to_enum.first
117
+ @domain_role = DOMAIN_ROLES[query_result.DomainRole] if query_result
118
+ end
119
+ @domain_role
120
+ end
121
+
97
122
  ffi_convention :stdcall
98
123
 
99
124
  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms724295(v=vs.85).aspx
@@ -176,7 +201,12 @@ module Puppet::Util::Windows::ADSI
176
201
  well_known = false
177
202
  if (sid = Puppet::Util::Windows::SID.name_to_principal(name_or_sid))
178
203
  # Examples of SidType include SidTypeUser, SidTypeGroup
179
- return true if sid.account_type == "SidType#{@object_class.capitalize}".to_sym
204
+ if sid.account_type == "SidType#{@object_class.capitalize}".to_sym
205
+ # Check if we're getting back a local user when domain-joined
206
+ return true unless [:MEMBER_WORKSTATION, :MEMBER_SERVER].include?(Puppet::Util::Windows::ADSI.domain_role)
207
+ # The resource domain and the computer name are not always case-matching
208
+ return sid.domain.casecmp(Puppet::Util::Windows::ADSI.computer_name) == 0
209
+ end
180
210
 
181
211
  # 'well known group' is special as it can be a group like Everyone OR a user like SYSTEM
182
212
  # so try to resolve it
@@ -386,23 +416,23 @@ module Puppet::Util::Windows::ADSI
386
416
  ADS_UF_SCRIPT: 0x0001,
387
417
  ADS_UF_ACCOUNTDISABLE: 0x0002,
388
418
  ADS_UF_HOMEDIR_REQUIRED: 0x0008,
389
- ADS_UF_LOCKOUT: 0x0010,
390
- ADS_UF_PASSWD_NOTREQD: 0x0020,
391
- ADS_UF_PASSWD_CANT_CHANGE: 0x0040,
392
- ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED: 0x0080,
393
- ADS_UF_TEMP_DUPLICATE_ACCOUNT: 0x0100,
394
- ADS_UF_NORMAL_ACCOUNT: 0x0200,
395
- ADS_UF_INTERDOMAIN_TRUST_ACCOUNT: 0x0800,
396
- ADS_UF_WORKSTATION_TRUST_ACCOUNT: 0x1000,
397
- ADS_UF_SERVER_TRUST_ACCOUNT: 0x2000,
398
- ADS_UF_DONT_EXPIRE_PASSWD: 0x10000,
399
- ADS_UF_MNS_LOGON_ACCOUNT: 0x20000,
400
- ADS_UF_SMARTCARD_REQUIRED: 0x40000,
401
- ADS_UF_TRUSTED_FOR_DELEGATION: 0x80000,
402
- ADS_UF_NOT_DELEGATED: 0x100000,
403
- ADS_UF_USE_DES_KEY_ONLY: 0x200000,
404
- ADS_UF_DONT_REQUIRE_PREAUTH: 0x400000,
405
- ADS_UF_PASSWORD_EXPIRED: 0x800000,
419
+ ADS_UF_LOCKOUT: 0x0010,
420
+ ADS_UF_PASSWD_NOTREQD: 0x0020,
421
+ ADS_UF_PASSWD_CANT_CHANGE: 0x0040,
422
+ ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED: 0x0080,
423
+ ADS_UF_TEMP_DUPLICATE_ACCOUNT: 0x0100,
424
+ ADS_UF_NORMAL_ACCOUNT: 0x0200,
425
+ ADS_UF_INTERDOMAIN_TRUST_ACCOUNT: 0x0800,
426
+ ADS_UF_WORKSTATION_TRUST_ACCOUNT: 0x1000,
427
+ ADS_UF_SERVER_TRUST_ACCOUNT: 0x2000,
428
+ ADS_UF_DONT_EXPIRE_PASSWD: 0x10000,
429
+ ADS_UF_MNS_LOGON_ACCOUNT: 0x20000,
430
+ ADS_UF_SMARTCARD_REQUIRED: 0x40000,
431
+ ADS_UF_TRUSTED_FOR_DELEGATION: 0x80000,
432
+ ADS_UF_NOT_DELEGATED: 0x100000,
433
+ ADS_UF_USE_DES_KEY_ONLY: 0x200000,
434
+ ADS_UF_DONT_REQUIRE_PREAUTH: 0x400000,
435
+ ADS_UF_PASSWORD_EXPIRED: 0x800000,
406
436
  ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION: 0x1000000
407
437
  }
408
438
 
@@ -46,11 +46,12 @@ module Puppet::Util::Windows
46
46
 
47
47
  subkey_max_len, _ = reg_query_info_key_max_lengths(key)
48
48
 
49
- begin
49
+ loop do
50
50
  subkey, filetime = reg_enum_key(key, index, subkey_max_len)
51
51
  yield subkey, filetime if !subkey.nil?
52
52
  index += 1
53
- end while !subkey.nil?
53
+ break if subkey.nil?
54
+ end
54
55
 
55
56
  index
56
57
  end
@@ -93,11 +94,12 @@ module Puppet::Util::Windows
93
94
 
94
95
  _, value_max_len = reg_query_info_key_max_lengths(key)
95
96
 
96
- begin
97
+ loop do
97
98
  subkey, type, data = reg_enum_value(key, index, value_max_len)
98
99
  yield subkey, type, data if !subkey.nil?
99
100
  index += 1
100
- end while !subkey.nil?
101
+ break if subkey.nil?
102
+ end
101
103
 
102
104
  index
103
105
  end
@@ -314,7 +316,7 @@ module Puppet::Util::Windows
314
316
 
315
317
  def sanitize(value)
316
318
  # Replace null bytes with a space
317
- value.gsub!("\x00", ' ')
319
+ value.tr!("\x00", ' ')
318
320
  value
319
321
  end
320
322
 
@@ -45,7 +45,7 @@ module Puppet
45
45
  #
46
46
  def load_vendored
47
47
  Dir.entries(vendor_dir).each do |entry|
48
- if entry.match(/load_(\w+?)\.rb$/)
48
+ if entry =~ /load_(\w+?)\.rb$/
49
49
  load_entry entry
50
50
  end
51
51
  end
@@ -6,7 +6,7 @@
6
6
  # Raketasks and such to set the version based on the output of `git describe`
7
7
 
8
8
  module Puppet
9
- PUPPETVERSION = '6.4.4'
9
+ PUPPETVERSION = '6.4.5'
10
10
 
11
11
  ##
12
12
  # version is a public API method intended to always provide a fast and
@@ -15,12 +15,16 @@ class Puppet::X509::CertProvider
15
15
  crlpath: Puppet[:hostcrl],
16
16
  privatekeydir: Puppet[:privatekeydir],
17
17
  certdir: Puppet[:certdir],
18
- requestdir: Puppet[:requestdir])
18
+ requestdir: Puppet[:requestdir],
19
+ hostprivkey: Puppet.settings.set_by_config?(:hostprivkey) ? Puppet[:hostprivkey] : nil,
20
+ hostcert: Puppet.settings.set_by_config?(:hostcert) ? Puppet[:hostcert] : nil)
19
21
  @capath = capath
20
22
  @crlpath = crlpath
21
23
  @privatekeydir = privatekeydir
22
24
  @certdir = certdir
23
25
  @requestdir = requestdir
26
+ @hostprivkey = hostprivkey
27
+ @hostcert = hostcert
24
28
  end
25
29
 
26
30
  # Save `certs` to the configured `capath`.
@@ -117,7 +121,7 @@ class Puppet::X509::CertProvider
117
121
  # @raise [Puppet::Error] if the private key cannot be saved
118
122
  # @api private
119
123
  def save_private_key(name, key)
120
- path = to_path(@privatekeydir, name)
124
+ path = @hostprivkey || to_path(@privatekeydir, name)
121
125
  save_pem(key.to_pem, path, **permissions_for_setting(:hostprivkey))
122
126
  rescue SystemCallError => e
123
127
  raise Puppet::Error.new(_("Failed to save private key for '%{name}'") % {name: name}, e)
@@ -133,7 +137,7 @@ class Puppet::X509::CertProvider
133
137
  # @raise [Puppet::Error] if the private key cannot be loaded
134
138
  # @api private
135
139
  def load_private_key(name, required: false)
136
- path = to_path(@privatekeydir, name)
140
+ path = @hostprivkey || to_path(@privatekeydir, name)
137
141
  pem = load_pem(path)
138
142
  if !pem && required
139
143
  raise Puppet::Error, _("The private key is missing from '%{path}'") % { path: path }
@@ -163,7 +167,7 @@ class Puppet::X509::CertProvider
163
167
  # @raise [Puppet::Error] if the client cert cannot be saved
164
168
  # @api private
165
169
  def save_client_cert(name, cert)
166
- path = to_path(@certdir, name)
170
+ path = @hostcert || to_path(@certdir, name)
167
171
  save_pem(cert.to_pem, path, **permissions_for_setting(:hostcert))
168
172
  rescue SystemCallError => e
169
173
  raise Puppet::Error.new(_("Failed to save client certificate for '%{name}'") % {name: name}, e)
@@ -178,7 +182,7 @@ class Puppet::X509::CertProvider
178
182
  # @raise [Puppet::Error] if the client cert cannot be loaded
179
183
  # @api private
180
184
  def load_client_cert(name, required: false)
181
- path = to_path(@certdir, name)
185
+ path = @hostcert || to_path(@certdir, name)
182
186
  pem = load_pem(path)
183
187
  if !pem && required
184
188
  raise Puppet::Error, _("The client certificate is missing from '%{path}'") % { path: path }
@@ -280,7 +284,10 @@ class Puppet::X509::CertProvider
280
284
  def permissions_for_setting(name)
281
285
  setting = Puppet.settings.setting(name)
282
286
  perm = { mode: setting.mode.to_i(8) }
283
- perm.merge!(owner: setting.owner, group: setting.group) if Puppet.features.root? && !Puppet::Util::Platform.windows?
287
+ if Puppet.features.root? && !Puppet::Util::Platform.windows?
288
+ perm[:owner] = setting.owner
289
+ perm[:group] = setting.group
290
+ end
284
291
  perm
285
292
  end
286
293
  end