puppet 7.0.0-universal-darwin → 7.5.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +2 -16
- data/Gemfile +2 -3
- data/Gemfile.lock +45 -33
- data/ext/build_defaults.yaml +0 -1
- data/ext/project_data.yaml +1 -0
- data/lib/puppet/application.rb +10 -6
- data/lib/puppet/application/agent.rb +1 -0
- data/lib/puppet/application/apply.rb +3 -2
- data/lib/puppet/application/device.rb +1 -0
- data/lib/puppet/application/script.rb +1 -0
- data/lib/puppet/application/ssl.rb +11 -0
- data/lib/puppet/application_support.rb +7 -0
- data/lib/puppet/configurer.rb +16 -3
- data/lib/puppet/defaults.rb +14 -41
- data/lib/puppet/environments.rb +54 -55
- data/lib/puppet/face/facts.rb +26 -2
- data/lib/puppet/face/node/clean.rb +8 -0
- data/lib/puppet/ffi/posix.rb +10 -0
- data/lib/puppet/ffi/posix/constants.rb +14 -0
- data/lib/puppet/ffi/posix/functions.rb +24 -0
- data/lib/puppet/ffi/windows/api_types.rb +1 -1
- data/lib/puppet/ffi/windows/constants.rb +1 -1
- data/lib/puppet/file_serving/configuration/parser.rb +5 -2
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +2 -0
- data/lib/puppet/http/factory.rb +4 -0
- data/lib/puppet/indirector/facts/facter.rb +1 -0
- data/lib/puppet/module_tool/applications/installer.rb +48 -2
- data/lib/puppet/module_tool/errors/shared.rb +17 -2
- data/lib/puppet/network/formats.rb +67 -0
- data/lib/puppet/network/http.rb +5 -2
- data/lib/puppet/network/http/api.rb +10 -6
- data/lib/puppet/network/http/api/master.rb +3 -2
- data/lib/puppet/network/http/api/master/v3.rb +2 -25
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
- data/lib/puppet/network/http/api/server.rb +10 -0
- data/lib/puppet/network/http/api/server/v3.rb +39 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
- data/lib/puppet/parser/ast/leaf.rb +3 -2
- data/lib/puppet/parser/templatewrapper.rb +1 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/parser/lexer2.rb +0 -4
- data/lib/puppet/pops/validation/checker4_0.rb +0 -1
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +13 -8
- data/lib/puppet/provider/package/apt.rb +34 -2
- data/lib/puppet/provider/package/aptitude.rb +6 -0
- data/lib/puppet/provider/service/debian.rb +2 -0
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/useradd.rb +62 -8
- data/lib/puppet/reference/configuration.rb +6 -5
- data/lib/puppet/settings.rb +33 -28
- data/lib/puppet/settings/alias_setting.rb +37 -0
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/type/package.rb +3 -3
- data/lib/puppet/type/user.rb +1 -1
- data/lib/puppet/util/autoload.rb +1 -8
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/posix.rb +54 -5
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +166 -146
- data/man/man5/puppet.conf.5 +14 -6
- data/man/man8/puppet-agent.8 +2 -2
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -2
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
- data/spec/integration/application/agent_spec.rb +160 -3
- data/spec/integration/application/apply_spec.rb +19 -0
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/defaults_spec.rb +0 -7
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
- data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
- data/spec/integration/parser/collection_spec.rb +10 -0
- data/spec/integration/resource/type_collection_spec.rb +2 -6
- data/spec/integration/transaction_spec.rb +4 -9
- data/spec/integration/util/windows/adsi_spec.rb +21 -1
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -10
- data/spec/spec_helper.rb +1 -4
- data/spec/unit/agent_spec.rb +8 -6
- data/spec/unit/application/agent_spec.rb +0 -1
- data/spec/unit/application/facts_spec.rb +58 -7
- data/spec/unit/application/filebucket_spec.rb +0 -2
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/application_spec.rb +51 -9
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +8 -2
- data/spec/unit/defaults_spec.rb +1 -56
- data/spec/unit/environments_spec.rb +221 -68
- data/spec/unit/face/node_spec.rb +14 -13
- data/spec/unit/file_serving/configuration/parser_spec.rb +8 -1
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
- data/spec/unit/file_system_spec.rb +9 -0
- data/spec/unit/forge/module_release_spec.rb +2 -7
- data/spec/unit/http/factory_spec.rb +19 -0
- data/spec/unit/indirector/face_spec.rb +0 -1
- data/spec/unit/indirector/facts/facter_spec.rb +20 -5
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
- data/spec/unit/indirector/indirection_spec.rb +8 -12
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
- data/spec/unit/network/formats_spec.rb +41 -0
- data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -4
- data/spec/unit/network/http/api/master_spec.rb +38 -0
- data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
- data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
- data/spec/unit/network/http/api_spec.rb +11 -11
- data/spec/unit/parser/compiler_spec.rb +3 -19
- data/spec/unit/parser/resource_spec.rb +14 -8
- data/spec/unit/parser/templatewrapper_spec.rb +4 -3
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/validator/validator_spec.rb +20 -43
- data/spec/unit/property_spec.rb +1 -0
- data/spec/unit/provider/group/groupadd_spec.rb +5 -2
- data/spec/unit/provider/nameservice_spec.rb +66 -65
- data/spec/unit/provider/package/apt_spec.rb +28 -23
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +6 -5
- data/spec/unit/provider/package/pacman_spec.rb +18 -12
- data/spec/unit/provider/package/pip_spec.rb +6 -11
- data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
- data/spec/unit/provider/user/aix_spec.rb +5 -0
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +2 -0
- data/spec/unit/provider/user/useradd_spec.rb +56 -3
- data/spec/unit/provider_spec.rb +6 -8
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +11 -10
- data/spec/unit/settings_spec.rb +13 -6
- data/spec/unit/ssl/base_spec.rb +0 -1
- data/spec/unit/ssl/certificate_request_spec.rb +4 -10
- data/spec/unit/ssl/ssl_provider_spec.rb +5 -2
- data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
- data/spec/unit/transaction/event_manager_spec.rb +14 -11
- data/spec/unit/transaction_spec.rb +13 -4
- data/spec/unit/type/file/content_spec.rb +0 -1
- data/spec/unit/type/file/selinux_spec.rb +0 -2
- data/spec/unit/type/file_spec.rb +0 -6
- data/spec/unit/type/group_spec.rb +13 -6
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +1 -1
- data/spec/unit/type/tidy_spec.rb +0 -1
- data/spec/unit/type_spec.rb +2 -2
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +5 -1
- data/spec/unit/util/backups_spec.rb +1 -2
- data/spec/unit/util/execution_spec.rb +15 -11
- data/spec/unit/util/inifile_spec.rb +6 -14
- data/spec/unit/util/log_spec.rb +8 -7
- data/spec/unit/util/logging_spec.rb +3 -3
- data/spec/unit/util/posix_spec.rb +363 -15
- data/spec/unit/util/selinux_spec.rb +76 -52
- data/spec/unit/util/storage_spec.rb +3 -1
- data/spec/unit/util/suidmanager_spec.rb +44 -41
- data/spec/unit/util/windows/sid_spec.rb +6 -0
- data/spec/unit/util_spec.rb +13 -6
- metadata +33 -16
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -42,7 +42,11 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
|
|
42
42
|
|
43
43
|
def query
|
44
44
|
hash = super
|
45
|
-
|
45
|
+
|
46
|
+
if !%i(absent purged).include?(hash[:ensure]) && aptmark('showmanual', @resource[:name]).strip == @resource[:name]
|
47
|
+
hash[:mark] = :manual
|
48
|
+
end
|
49
|
+
|
46
50
|
hash
|
47
51
|
end
|
48
52
|
|
@@ -51,6 +55,10 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
|
|
51
55
|
@property_flush = {}
|
52
56
|
end
|
53
57
|
|
58
|
+
def mark
|
59
|
+
@property_flush[:mark]
|
60
|
+
end
|
61
|
+
|
54
62
|
def mark=(value)
|
55
63
|
@property_flush[:mark] = value
|
56
64
|
end
|
@@ -143,7 +151,13 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
|
|
143
151
|
end
|
144
152
|
|
145
153
|
cmd += install_options if @resource[:install_options]
|
146
|
-
cmd << :install
|
154
|
+
cmd << :install
|
155
|
+
|
156
|
+
if source
|
157
|
+
cmd << source
|
158
|
+
else
|
159
|
+
cmd << str
|
160
|
+
end
|
147
161
|
|
148
162
|
self.unhold if self.properties[:mark] == :hold
|
149
163
|
begin
|
@@ -151,6 +165,18 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
|
|
151
165
|
ensure
|
152
166
|
self.hold if @resource[:mark] == :hold
|
153
167
|
end
|
168
|
+
|
169
|
+
# If a source file was specified, we must make sure the expected version was installed from specified file
|
170
|
+
if source && !%i(present installed).include?(should)
|
171
|
+
is = self.query
|
172
|
+
raise Puppet::Error, _("Could not find package %{name}") % { name: self.name } unless is
|
173
|
+
|
174
|
+
version = is[:ensure]
|
175
|
+
|
176
|
+
raise Puppet::Error, _("Failed to update to version %{should}, got version %{version} instead") % { should: should, version: version } unless
|
177
|
+
insync?(version)
|
178
|
+
end
|
179
|
+
|
154
180
|
end
|
155
181
|
|
156
182
|
# What's the latest package version available?
|
@@ -227,4 +253,10 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
|
|
227
253
|
end
|
228
254
|
should_range.include?(is_version)
|
229
255
|
end
|
256
|
+
|
257
|
+
private
|
258
|
+
|
259
|
+
def source
|
260
|
+
@source ||= @resource[:source]
|
261
|
+
end
|
230
262
|
end
|
@@ -17,6 +17,8 @@ Puppet::Type.type(:service).provide :debian, :parent => :init do
|
|
17
17
|
commands :invoke_rc => "/usr/sbin/invoke-rc.d"
|
18
18
|
commands :service => "/usr/sbin/service"
|
19
19
|
|
20
|
+
confine :false => Puppet::FileSystem.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd')
|
21
|
+
|
20
22
|
defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ['1','2']
|
21
23
|
defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ['5','6','7']
|
22
24
|
defaultfor :operatingsystem => :devuan
|
@@ -178,7 +178,7 @@ Puppet::Type.type(:user).provide :aix, :parent => Puppet::Provider::AixObject do
|
|
178
178
|
# does not have a password.
|
179
179
|
break if line =~ /^\S+:$/
|
180
180
|
|
181
|
-
match_obj = /password
|
181
|
+
match_obj = /password\s+=\s+(\S+)/.match(line)
|
182
182
|
end
|
183
183
|
return :absent unless match_obj
|
184
184
|
|
@@ -211,7 +211,7 @@ Puppet::Type.type(:user).provide :aix, :parent => Puppet::Provider::AixObject do
|
|
211
211
|
tempfile = Tempfile.new("puppet_#{user}_pw", :encoding => Encoding::ASCII)
|
212
212
|
tempfile << "#{user}:#{value}\n"
|
213
213
|
tempfile.close()
|
214
|
-
|
214
|
+
|
215
215
|
# Options '-e', '-c', use encrypted password and clear flags
|
216
216
|
# Must receive "user:enc_password" as input
|
217
217
|
# command, arguments = {:failonfail => true, :combine => true}
|
@@ -59,23 +59,37 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
59
59
|
get(:uid)
|
60
60
|
end
|
61
61
|
|
62
|
+
def gid
|
63
|
+
return localgid if @resource.forcelocal?
|
64
|
+
get(:gid)
|
65
|
+
end
|
66
|
+
|
62
67
|
def comment
|
63
68
|
return localcomment if @resource.forcelocal?
|
64
69
|
get(:comment)
|
65
70
|
end
|
66
71
|
|
72
|
+
def groups
|
73
|
+
return localgroups if @resource.forcelocal?
|
74
|
+
super
|
75
|
+
end
|
76
|
+
|
67
77
|
def finduser(key, value)
|
68
|
-
passwd_file =
|
78
|
+
passwd_file = '/etc/passwd'
|
69
79
|
passwd_keys = [:account, :password, :uid, :gid, :gecos, :directory, :shell]
|
70
|
-
|
71
|
-
@
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
80
|
+
|
81
|
+
unless @users
|
82
|
+
unless Puppet::FileSystem.exist?(passwd_file)
|
83
|
+
raise Puppet::Error.new("Forcelocal set for user resource '#{resource[:name]}', but #{passwd_file} does not exist")
|
84
|
+
end
|
85
|
+
|
86
|
+
@users = []
|
87
|
+
Puppet::FileSystem.each_line(passwd_file) do |line|
|
88
|
+
user = line.chomp.split(':')
|
89
|
+
@users << Hash[passwd_keys.zip(user)]
|
76
90
|
end
|
77
91
|
end
|
78
|
-
false
|
92
|
+
@users.find { |param| param[key] == value } || false
|
79
93
|
end
|
80
94
|
|
81
95
|
def local_username
|
@@ -88,16 +102,56 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
|
|
88
102
|
false
|
89
103
|
end
|
90
104
|
|
105
|
+
def localgid
|
106
|
+
user = finduser(:account, resource[:name])
|
107
|
+
if user
|
108
|
+
begin
|
109
|
+
return Integer(user[:gid])
|
110
|
+
rescue ArgumentError
|
111
|
+
Puppet.debug("Non-numeric GID found in /etc/passwd for user #{resource[:name]}")
|
112
|
+
return user[:gid]
|
113
|
+
end
|
114
|
+
end
|
115
|
+
false
|
116
|
+
end
|
117
|
+
|
91
118
|
def localcomment
|
92
119
|
user = finduser(:account, resource[:name])
|
93
120
|
user[:gecos]
|
94
121
|
end
|
95
122
|
|
123
|
+
def localgroups
|
124
|
+
@groups_of ||= {}
|
125
|
+
group_file = '/etc/group'
|
126
|
+
user = resource[:name]
|
127
|
+
|
128
|
+
return @groups_of[user] if @groups_of[user]
|
129
|
+
|
130
|
+
@groups_of[user] = []
|
131
|
+
|
132
|
+
unless Puppet::FileSystem.exist?(group_file)
|
133
|
+
raise Puppet::Error.new("Forcelocal set for user resource '#{user}', but #{group_file} does not exist")
|
134
|
+
end
|
135
|
+
|
136
|
+
Puppet::FileSystem.each_line(group_file) do |line|
|
137
|
+
data = line.chomp.split(':')
|
138
|
+
if data.last.split(',').include?(user)
|
139
|
+
@groups_of[user] << data.first
|
140
|
+
end
|
141
|
+
end
|
142
|
+
|
143
|
+
@groups_of[user]
|
144
|
+
end
|
145
|
+
|
96
146
|
def shell=(value)
|
97
147
|
check_valid_shell
|
98
148
|
set(:shell, value)
|
99
149
|
end
|
100
150
|
|
151
|
+
def groups=(value)
|
152
|
+
set(:groups, value)
|
153
|
+
end
|
154
|
+
|
101
155
|
verify :gid, "GID must be an integer" do |value|
|
102
156
|
value.is_a? Integer
|
103
157
|
end
|
@@ -57,11 +57,12 @@ config.header = <<EOT
|
|
57
57
|
* Each of these settings can be specified in `puppet.conf` or on the
|
58
58
|
command line.
|
59
59
|
* Puppet Enterprise (PE) and open source Puppet share the configuration settings
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
60
|
+
documented here. However, PE defaults differ from open source defaults for some
|
61
|
+
settings, such as `node_terminus`, `storeconfigs`, `always_retry_plugins`,
|
62
|
+
`disable18n`, `environment_timeout` (when Code Manager is enabled), and the
|
63
|
+
Puppet Server JRuby `max-active-instances` setting. To verify PE configuration
|
64
|
+
defaults, check the `puppet.conf` or `pe-puppet-server.conf` file after
|
65
|
+
installation.
|
65
66
|
* When using boolean settings on the command line, use `--setting` and
|
66
67
|
`--no-setting` instead of `--setting (true|false)`. (Using `--setting false`
|
67
68
|
results in "Error: Could not parse application options: needless argument".)
|
data/lib/puppet/settings.rb
CHANGED
@@ -34,6 +34,7 @@ class Puppet::Settings
|
|
34
34
|
require 'puppet/settings/server_list_setting'
|
35
35
|
require 'puppet/settings/http_extra_headers_setting'
|
36
36
|
require 'puppet/settings/certificate_revocation_setting'
|
37
|
+
require 'puppet/settings/alias_setting'
|
37
38
|
|
38
39
|
# local reference for convenience
|
39
40
|
PuppetOptionParser = Puppet::Util::CommandLine::PuppetOptionParser
|
@@ -388,19 +389,6 @@ class Puppet::Settings
|
|
388
389
|
call_hooks_deferred_to_application_initialization
|
389
390
|
issue_deprecations
|
390
391
|
|
391
|
-
run_mode = Puppet::Util::RunMode[self.preferred_run_mode]
|
392
|
-
if run_mode.agent? || run_mode.server?
|
393
|
-
if self.set_in_section?(:masterport, run_mode.name) && !self.set_in_section?(:serverport, run_mode.name)
|
394
|
-
self[:serverport] = self[:masterport]
|
395
|
-
elsif self.set_by_config?(:masterport) && !self.set_by_config?(:serverport)
|
396
|
-
self[:serverport] = self[:masterport]
|
397
|
-
elsif self.set_in_section?(:serverport, run_mode.name) && !self.set_in_section?(:masterport, run_mode.name)
|
398
|
-
self[:masterport] = self[:serverport]
|
399
|
-
elsif self.set_by_config?(:serverport) && !self.set_by_config?(:masterport)
|
400
|
-
self[:masterport] = self[:serverport]
|
401
|
-
end
|
402
|
-
end
|
403
|
-
|
404
392
|
REQUIRED_APP_SETTINGS.each do |key|
|
405
393
|
create_ancestors(Puppet[key])
|
406
394
|
end
|
@@ -747,7 +735,8 @@ class Puppet::Settings
|
|
747
735
|
:autosign => AutosignSetting,
|
748
736
|
:server_list => ServerListSetting,
|
749
737
|
:http_extra_headers => HttpExtraHeadersSetting,
|
750
|
-
:certificate_revocation => CertificateRevocationSetting
|
738
|
+
:certificate_revocation => CertificateRevocationSetting,
|
739
|
+
:alias => AliasSetting
|
751
740
|
}
|
752
741
|
|
753
742
|
# Create a new setting. The value is passed in because it's used to determine
|
@@ -1285,27 +1274,37 @@ Generated on #{Time.now}.
|
|
1285
1274
|
end
|
1286
1275
|
|
1287
1276
|
def add_environment_resources(catalog, sections)
|
1288
|
-
path = self[:environmentpath]
|
1289
|
-
envdir = path.split(File::PATH_SEPARATOR).first if path
|
1290
1277
|
configured_environment = self[:environment]
|
1291
|
-
|
1292
|
-
|
1293
|
-
|
1294
|
-
|
1295
|
-
|
1278
|
+
|
1279
|
+
if configured_environment == "production" && !production_environment_exists?
|
1280
|
+
environment_path = self[:environmentpath]
|
1281
|
+
first_environment_path = environment_path.split(File::PATH_SEPARATOR).first
|
1282
|
+
|
1283
|
+
if Puppet::FileSystem.exist?(first_environment_path)
|
1284
|
+
production_environment_path = File.join(first_environment_path, configured_environment)
|
1296
1285
|
parameters = { :ensure => 'directory' }
|
1297
|
-
|
1298
|
-
|
1299
|
-
if
|
1300
|
-
|
1301
|
-
parameters[:group] = Puppet[:group] if service_group_available?
|
1302
|
-
end
|
1286
|
+
parameters[:mode] = '0750'
|
1287
|
+
if Puppet.features.root?
|
1288
|
+
parameters[:owner] = Puppet[:user] if service_user_available?
|
1289
|
+
parameters[:group] = Puppet[:group] if service_group_available?
|
1303
1290
|
end
|
1304
|
-
catalog.add_resource(Puppet::Resource.new(:file,
|
1291
|
+
catalog.add_resource(Puppet::Resource.new(:file, production_environment_path, :parameters => parameters))
|
1305
1292
|
end
|
1306
1293
|
end
|
1307
1294
|
end
|
1308
1295
|
|
1296
|
+
def production_environment_exists?
|
1297
|
+
environment_path = self[:environmentpath]
|
1298
|
+
paths = environment_path.split(File::PATH_SEPARATOR)
|
1299
|
+
|
1300
|
+
paths.any? do |path|
|
1301
|
+
# If expected_path is a symlink, assume the source path is being managed
|
1302
|
+
# elsewhere, so accept it also as a valid production environment path
|
1303
|
+
expected_path = File.join(path, 'production')
|
1304
|
+
Puppet::FileSystem.directory?(expected_path) || Puppet::FileSystem.symlink?(expected_path)
|
1305
|
+
end
|
1306
|
+
end
|
1307
|
+
|
1309
1308
|
def add_user_resources(catalog, sections)
|
1310
1309
|
return unless Puppet.features.root?
|
1311
1310
|
return if Puppet::Util::Platform.windows?
|
@@ -1406,6 +1405,12 @@ Generated on #{Time.now}.
|
|
1406
1405
|
end
|
1407
1406
|
end
|
1408
1407
|
|
1408
|
+
setting = @defaults[name]
|
1409
|
+
if setting.respond_to?(:alias_name)
|
1410
|
+
val = lookup(setting.alias_name)
|
1411
|
+
return val if val
|
1412
|
+
end
|
1413
|
+
|
1409
1414
|
@defaults[name].default
|
1410
1415
|
end
|
1411
1416
|
|
@@ -0,0 +1,37 @@
|
|
1
|
+
class Puppet::Settings::AliasSetting
|
2
|
+
attr_reader :name, :alias_name
|
3
|
+
|
4
|
+
def initialize(args = {})
|
5
|
+
@name = args[:name]
|
6
|
+
@alias_name = args[:alias_for]
|
7
|
+
@alias_for = Puppet.settings.setting(alias_name)
|
8
|
+
end
|
9
|
+
|
10
|
+
def optparse_args
|
11
|
+
args = @alias_for.optparse_args
|
12
|
+
args[0].gsub!(alias_name.to_s, name.to_s)
|
13
|
+
args
|
14
|
+
end
|
15
|
+
|
16
|
+
def getopt_args
|
17
|
+
args = @alias_for.getopt_args
|
18
|
+
args[0].gsub!(alias_name.to_s, name.to_s)
|
19
|
+
args
|
20
|
+
end
|
21
|
+
|
22
|
+
def type
|
23
|
+
:alias
|
24
|
+
end
|
25
|
+
|
26
|
+
def method_missing(method, *args)
|
27
|
+
begin
|
28
|
+
alias_for.send(method, *args)
|
29
|
+
rescue => e
|
30
|
+
Puppet.log_exception(self.class, e.message)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
attr_reader :alias_for
|
37
|
+
end
|
@@ -29,6 +29,7 @@ class Puppet::Settings::EnvironmentConf
|
|
29
29
|
section = config.sections[:main]
|
30
30
|
rescue Errno::ENOENT
|
31
31
|
# environment.conf is an optional file
|
32
|
+
Puppet.debug { "Path to #{path_to_env} does not exist, using default environment.conf" }
|
32
33
|
end
|
33
34
|
|
34
35
|
new(path_to_env, section, global_module_path)
|
data/lib/puppet/type/package.rb
CHANGED
@@ -422,10 +422,10 @@ module Puppet
|
|
422
422
|
end
|
423
423
|
|
424
424
|
newparam(:source) do
|
425
|
-
desc "Where to find the package file. This is
|
425
|
+
desc "Where to find the package file. This is mostly used by providers that don't
|
426
426
|
automatically download packages from a central repository. (For example:
|
427
|
-
the `yum`
|
428
|
-
`dpkg` providers require it.)
|
427
|
+
the `yum` provider ignores this attribute, `apt` provider uses it if present
|
428
|
+
and the `rpm` and `dpkg` providers require it.)
|
429
429
|
|
430
430
|
Different providers accept different values for `source`. Most providers
|
431
431
|
accept paths to local files stored on the target system. Some providers
|
data/lib/puppet/type/user.rb
CHANGED
data/lib/puppet/util/autoload.rb
CHANGED
@@ -166,14 +166,7 @@ class Puppet::Util::Autoload
|
|
166
166
|
# Normalize a path. This converts ALT_SEPARATOR to SEPARATOR on Windows
|
167
167
|
# and eliminates unnecessary parts of a path.
|
168
168
|
def cleanpath(path)
|
169
|
-
|
170
|
-
# paths correctly on windows (c:\ and c:/ are treated as distinct) but
|
171
|
-
# we don't want to convert relative paths to absolute
|
172
|
-
if Puppet::Util.absolute_path?(path)
|
173
|
-
File.expand_path(path)
|
174
|
-
else
|
175
|
-
Pathname.new(path).cleanpath.to_s
|
176
|
-
end
|
169
|
+
Pathname.new(path).cleanpath.to_s
|
177
170
|
end
|
178
171
|
end
|
179
172
|
|
@@ -32,6 +32,13 @@ end
|
|
32
32
|
# (#19151) Reject all SSLv2 ciphers and handshakes
|
33
33
|
require 'puppet/ssl/openssl_loader'
|
34
34
|
unless Puppet::Util::Platform.jruby_fips?
|
35
|
+
unless defined?(OpenSSL::SSL::TLS1_VERSION)
|
36
|
+
module OpenSSL::SSL
|
37
|
+
# see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
|
38
|
+
OpenSSL::SSL::TLS1_VERSION = 0x301
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
35
42
|
class OpenSSL::SSL::SSLContext
|
36
43
|
if DEFAULT_PARAMS[:options]
|
37
44
|
DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
|
data/lib/puppet/util/posix.rb
CHANGED
@@ -12,11 +12,18 @@ module Puppet::Util::POSIX
|
|
12
12
|
class << self
|
13
13
|
# Returns an array of all the groups that the user's a member of.
|
14
14
|
def groups_of(user)
|
15
|
-
|
16
|
-
|
17
|
-
groups
|
15
|
+
begin
|
16
|
+
require 'puppet/ffi/posix'
|
17
|
+
groups = get_groups_list(user)
|
18
|
+
rescue StandardError, LoadError => e
|
19
|
+
Puppet.debug("Falling back to Puppet::Etc.group: #{e.message}")
|
20
|
+
|
21
|
+
groups = []
|
22
|
+
Puppet::Etc.group do |group|
|
23
|
+
groups << group.name if group.mem.include?(user)
|
24
|
+
end
|
18
25
|
end
|
19
|
-
|
26
|
+
|
20
27
|
uniq_groups = groups.uniq
|
21
28
|
if uniq_groups != groups
|
22
29
|
Puppet.debug(_('Removing any duplicate group entries'))
|
@@ -24,6 +31,39 @@ module Puppet::Util::POSIX
|
|
24
31
|
|
25
32
|
uniq_groups
|
26
33
|
end
|
34
|
+
|
35
|
+
private
|
36
|
+
def get_groups_list(user)
|
37
|
+
raise LoadError, "The 'getgrouplist' method is not available" unless Puppet::FFI::POSIX::Functions.respond_to?(:getgrouplist)
|
38
|
+
|
39
|
+
user_gid = Puppet::Etc.getpwnam(user).gid
|
40
|
+
ngroups = Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS
|
41
|
+
|
42
|
+
while true do # rubocop:disable Lint/LiteralInCondition
|
43
|
+
FFI::MemoryPointer.new(:int) do |ngroups_ptr|
|
44
|
+
FFI::MemoryPointer.new(:uint, ngroups) do |groups_ptr|
|
45
|
+
old_ngroups = ngroups
|
46
|
+
ngroups_ptr.write_int(ngroups)
|
47
|
+
|
48
|
+
if Puppet::FFI::POSIX::Functions::getgrouplist(user, user_gid, groups_ptr, ngroups_ptr) != -1
|
49
|
+
groups_gids = groups_ptr.get_array_of_uint(0, ngroups_ptr.read_int)
|
50
|
+
|
51
|
+
result = []
|
52
|
+
groups_gids.each do |group_gid|
|
53
|
+
group_info = Puppet::Etc.getgrgid(group_gid)
|
54
|
+
result |= [group_info.name] if group_info.mem.include?(user)
|
55
|
+
end
|
56
|
+
return result
|
57
|
+
end
|
58
|
+
|
59
|
+
ngroups = ngroups_ptr.read_int
|
60
|
+
if ngroups <= old_ngroups
|
61
|
+
ngroups *= 2
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
27
67
|
end
|
28
68
|
|
29
69
|
# Retrieve a field from a POSIX Etc object. The id can be either an integer
|
@@ -144,8 +184,17 @@ module Puppet::Util::POSIX
|
|
144
184
|
name = get_posix_field(location, :name, id)
|
145
185
|
check_value = name
|
146
186
|
end
|
187
|
+
|
147
188
|
if check_value != field
|
148
|
-
|
189
|
+
check_value_id = get_posix_field(location, id_field, check_value) if check_value
|
190
|
+
|
191
|
+
if id == check_value_id
|
192
|
+
Puppet.debug("Multiple entries found for resource: '#{location}' with #{id_field}: #{id}")
|
193
|
+
return id
|
194
|
+
else
|
195
|
+
Puppet.debug("The value retrieved: '#{check_value}' is different than the required state: '#{field}', searching in all entries")
|
196
|
+
return search_posix_field(location, id_field, field)
|
197
|
+
end
|
149
198
|
else
|
150
199
|
return id
|
151
200
|
end
|