puppet 7.0.0-x64-mingw32 → 7.5.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (191) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +2 -16
  3. data/Gemfile +2 -3
  4. data/Gemfile.lock +45 -33
  5. data/ext/build_defaults.yaml +0 -1
  6. data/ext/project_data.yaml +1 -0
  7. data/lib/puppet/application.rb +10 -6
  8. data/lib/puppet/application/agent.rb +1 -0
  9. data/lib/puppet/application/apply.rb +3 -2
  10. data/lib/puppet/application/device.rb +1 -0
  11. data/lib/puppet/application/script.rb +1 -0
  12. data/lib/puppet/application/ssl.rb +11 -0
  13. data/lib/puppet/application_support.rb +7 -0
  14. data/lib/puppet/configurer.rb +16 -3
  15. data/lib/puppet/defaults.rb +14 -41
  16. data/lib/puppet/environments.rb +54 -55
  17. data/lib/puppet/face/facts.rb +26 -2
  18. data/lib/puppet/face/node/clean.rb +8 -0
  19. data/lib/puppet/ffi/posix.rb +10 -0
  20. data/lib/puppet/ffi/posix/constants.rb +14 -0
  21. data/lib/puppet/ffi/posix/functions.rb +24 -0
  22. data/lib/puppet/ffi/windows/api_types.rb +1 -1
  23. data/lib/puppet/ffi/windows/constants.rb +1 -1
  24. data/lib/puppet/file_serving/configuration/parser.rb +5 -2
  25. data/lib/puppet/file_system/memory_file.rb +8 -1
  26. data/lib/puppet/file_system/windows.rb +2 -0
  27. data/lib/puppet/http/factory.rb +4 -0
  28. data/lib/puppet/indirector/facts/facter.rb +1 -0
  29. data/lib/puppet/module_tool/applications/installer.rb +48 -2
  30. data/lib/puppet/module_tool/errors/shared.rb +17 -2
  31. data/lib/puppet/network/formats.rb +67 -0
  32. data/lib/puppet/network/http.rb +5 -2
  33. data/lib/puppet/network/http/api.rb +10 -6
  34. data/lib/puppet/network/http/api/master.rb +3 -2
  35. data/lib/puppet/network/http/api/master/v3.rb +2 -25
  36. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
  37. data/lib/puppet/network/http/api/server.rb +10 -0
  38. data/lib/puppet/network/http/api/server/v3.rb +39 -0
  39. data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
  40. data/lib/puppet/parser/ast/leaf.rb +3 -2
  41. data/lib/puppet/parser/templatewrapper.rb +1 -1
  42. data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
  43. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  44. data/lib/puppet/pops/parser/lexer2.rb +0 -4
  45. data/lib/puppet/pops/validation/checker4_0.rb +0 -1
  46. data/lib/puppet/property/list.rb +1 -1
  47. data/lib/puppet/provider/group/groupadd.rb +13 -8
  48. data/lib/puppet/provider/package/apt.rb +34 -2
  49. data/lib/puppet/provider/package/aptitude.rb +6 -0
  50. data/lib/puppet/provider/service/debian.rb +2 -0
  51. data/lib/puppet/provider/user/aix.rb +2 -2
  52. data/lib/puppet/provider/user/useradd.rb +62 -8
  53. data/lib/puppet/reference/configuration.rb +6 -5
  54. data/lib/puppet/settings.rb +33 -28
  55. data/lib/puppet/settings/alias_setting.rb +37 -0
  56. data/lib/puppet/settings/environment_conf.rb +1 -0
  57. data/lib/puppet/type/package.rb +3 -3
  58. data/lib/puppet/type/user.rb +1 -1
  59. data/lib/puppet/util/autoload.rb +1 -8
  60. data/lib/puppet/util/monkey_patches.rb +7 -0
  61. data/lib/puppet/util/posix.rb +54 -5
  62. data/lib/puppet/util/windows/adsi.rb +46 -0
  63. data/lib/puppet/util/windows/principal.rb +9 -2
  64. data/lib/puppet/util/windows/sid.rb +4 -2
  65. data/lib/puppet/version.rb +1 -1
  66. data/locales/puppet.pot +166 -146
  67. data/man/man5/puppet.conf.5 +14 -6
  68. data/man/man8/puppet-agent.8 +2 -2
  69. data/man/man8/puppet-apply.8 +2 -2
  70. data/man/man8/puppet-catalog.8 +1 -1
  71. data/man/man8/puppet-config.8 +1 -1
  72. data/man/man8/puppet-describe.8 +1 -1
  73. data/man/man8/puppet-device.8 +2 -2
  74. data/man/man8/puppet-doc.8 +1 -1
  75. data/man/man8/puppet-epp.8 +1 -1
  76. data/man/man8/puppet-facts.8 +8 -2
  77. data/man/man8/puppet-filebucket.8 +1 -1
  78. data/man/man8/puppet-generate.8 +1 -1
  79. data/man/man8/puppet-help.8 +1 -1
  80. data/man/man8/puppet-lookup.8 +1 -1
  81. data/man/man8/puppet-module.8 +1 -1
  82. data/man/man8/puppet-node.8 +1 -1
  83. data/man/man8/puppet-parser.8 +1 -1
  84. data/man/man8/puppet-plugin.8 +1 -1
  85. data/man/man8/puppet-report.8 +1 -1
  86. data/man/man8/puppet-resource.8 +1 -1
  87. data/man/man8/puppet-script.8 +2 -2
  88. data/man/man8/puppet-ssl.8 +5 -1
  89. data/man/man8/puppet.8 +2 -2
  90. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
  91. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +4 -0
  92. data/spec/integration/application/agent_spec.rb +160 -3
  93. data/spec/integration/application/apply_spec.rb +19 -0
  94. data/spec/integration/application/plugin_spec.rb +1 -1
  95. data/spec/integration/defaults_spec.rb +0 -7
  96. data/spec/integration/http/client_spec.rb +12 -0
  97. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  98. data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
  99. data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
  100. data/spec/integration/parser/collection_spec.rb +10 -0
  101. data/spec/integration/resource/type_collection_spec.rb +2 -6
  102. data/spec/integration/transaction_spec.rb +4 -9
  103. data/spec/integration/util/windows/adsi_spec.rb +21 -1
  104. data/spec/integration/util/windows/principal_spec.rb +21 -0
  105. data/spec/integration/util/windows/registry_spec.rb +6 -10
  106. data/spec/spec_helper.rb +1 -4
  107. data/spec/unit/agent_spec.rb +8 -6
  108. data/spec/unit/application/agent_spec.rb +0 -1
  109. data/spec/unit/application/facts_spec.rb +58 -7
  110. data/spec/unit/application/filebucket_spec.rb +0 -2
  111. data/spec/unit/application/ssl_spec.rb +23 -0
  112. data/spec/unit/application_spec.rb +51 -9
  113. data/spec/unit/confine/feature_spec.rb +1 -1
  114. data/spec/unit/confine_spec.rb +8 -2
  115. data/spec/unit/defaults_spec.rb +1 -56
  116. data/spec/unit/environments_spec.rb +221 -68
  117. data/spec/unit/face/node_spec.rb +14 -13
  118. data/spec/unit/file_serving/configuration/parser_spec.rb +8 -1
  119. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  120. data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
  121. data/spec/unit/file_system_spec.rb +9 -0
  122. data/spec/unit/forge/module_release_spec.rb +2 -7
  123. data/spec/unit/http/factory_spec.rb +19 -0
  124. data/spec/unit/indirector/face_spec.rb +0 -1
  125. data/spec/unit/indirector/facts/facter_spec.rb +20 -5
  126. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
  127. data/spec/unit/indirector/indirection_spec.rb +8 -12
  128. data/spec/unit/indirector_spec.rb +2 -2
  129. data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
  130. data/spec/unit/network/formats_spec.rb +41 -0
  131. data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -4
  132. data/spec/unit/network/http/api/master_spec.rb +38 -0
  133. data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
  134. data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
  135. data/spec/unit/network/http/api_spec.rb +11 -11
  136. data/spec/unit/parser/compiler_spec.rb +3 -19
  137. data/spec/unit/parser/resource_spec.rb +14 -8
  138. data/spec/unit/parser/templatewrapper_spec.rb +4 -3
  139. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
  140. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  141. data/spec/unit/pops/validator/validator_spec.rb +20 -43
  142. data/spec/unit/property_spec.rb +1 -0
  143. data/spec/unit/provider/group/groupadd_spec.rb +5 -2
  144. data/spec/unit/provider/nameservice_spec.rb +66 -65
  145. data/spec/unit/provider/package/apt_spec.rb +28 -23
  146. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  147. data/spec/unit/provider/package/base_spec.rb +6 -5
  148. data/spec/unit/provider/package/pacman_spec.rb +18 -12
  149. data/spec/unit/provider/package/pip_spec.rb +6 -11
  150. data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
  151. data/spec/unit/provider/user/aix_spec.rb +5 -0
  152. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  153. data/spec/unit/provider/user/pw_spec.rb +2 -0
  154. data/spec/unit/provider/user/useradd_spec.rb +56 -3
  155. data/spec/unit/provider_spec.rb +6 -8
  156. data/spec/unit/resource/type_spec.rb +1 -1
  157. data/spec/unit/resource_spec.rb +11 -10
  158. data/spec/unit/settings_spec.rb +13 -6
  159. data/spec/unit/ssl/base_spec.rb +0 -1
  160. data/spec/unit/ssl/certificate_request_spec.rb +4 -10
  161. data/spec/unit/ssl/ssl_provider_spec.rb +5 -2
  162. data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
  163. data/spec/unit/transaction/event_manager_spec.rb +14 -11
  164. data/spec/unit/transaction_spec.rb +13 -4
  165. data/spec/unit/type/file/content_spec.rb +0 -1
  166. data/spec/unit/type/file/selinux_spec.rb +0 -2
  167. data/spec/unit/type/file_spec.rb +0 -6
  168. data/spec/unit/type/group_spec.rb +13 -6
  169. data/spec/unit/type/resources_spec.rb +7 -7
  170. data/spec/unit/type/service_spec.rb +1 -1
  171. data/spec/unit/type/tidy_spec.rb +0 -1
  172. data/spec/unit/type_spec.rb +2 -2
  173. data/spec/unit/util/at_fork_spec.rb +2 -2
  174. data/spec/unit/util/autoload_spec.rb +5 -1
  175. data/spec/unit/util/backups_spec.rb +1 -2
  176. data/spec/unit/util/execution_spec.rb +15 -11
  177. data/spec/unit/util/inifile_spec.rb +6 -14
  178. data/spec/unit/util/log_spec.rb +8 -7
  179. data/spec/unit/util/logging_spec.rb +3 -3
  180. data/spec/unit/util/posix_spec.rb +363 -15
  181. data/spec/unit/util/selinux_spec.rb +76 -52
  182. data/spec/unit/util/storage_spec.rb +3 -1
  183. data/spec/unit/util/suidmanager_spec.rb +44 -41
  184. data/spec/unit/util/windows/sid_spec.rb +6 -0
  185. data/spec/unit/util_spec.rb +13 -6
  186. metadata +33 -16
  187. data/spec/lib/matchers/include.rb +0 -27
  188. data/spec/lib/matchers/include_spec.rb +0 -32
  189. data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
  190. data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
  191. data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -42,7 +42,11 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
42
42
 
43
43
  def query
44
44
  hash = super
45
- hash[:mark] = :manual if aptmark('showmanual').split("\n").include?(@resource[:name])
45
+
46
+ if !%i(absent purged).include?(hash[:ensure]) && aptmark('showmanual', @resource[:name]).strip == @resource[:name]
47
+ hash[:mark] = :manual
48
+ end
49
+
46
50
  hash
47
51
  end
48
52
 
@@ -51,6 +55,10 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
51
55
  @property_flush = {}
52
56
  end
53
57
 
58
+ def mark
59
+ @property_flush[:mark]
60
+ end
61
+
54
62
  def mark=(value)
55
63
  @property_flush[:mark] = value
56
64
  end
@@ -143,7 +151,13 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
143
151
  end
144
152
 
145
153
  cmd += install_options if @resource[:install_options]
146
- cmd << :install << str
154
+ cmd << :install
155
+
156
+ if source
157
+ cmd << source
158
+ else
159
+ cmd << str
160
+ end
147
161
 
148
162
  self.unhold if self.properties[:mark] == :hold
149
163
  begin
@@ -151,6 +165,18 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
151
165
  ensure
152
166
  self.hold if @resource[:mark] == :hold
153
167
  end
168
+
169
+ # If a source file was specified, we must make sure the expected version was installed from specified file
170
+ if source && !%i(present installed).include?(should)
171
+ is = self.query
172
+ raise Puppet::Error, _("Could not find package %{name}") % { name: self.name } unless is
173
+
174
+ version = is[:ensure]
175
+
176
+ raise Puppet::Error, _("Failed to update to version %{should}, got version %{version} instead") % { should: should, version: version } unless
177
+ insync?(version)
178
+ end
179
+
154
180
  end
155
181
 
156
182
  # What's the latest package version available?
@@ -227,4 +253,10 @@ Puppet::Type.type(:package).provide :apt, :parent => :dpkg, :source => :dpkg do
227
253
  end
228
254
  should_range.include?(is_version)
229
255
  end
256
+
257
+ private
258
+
259
+ def source
260
+ @source ||= @resource[:source]
261
+ end
230
262
  end
@@ -26,4 +26,10 @@ Puppet::Type.type(:package).provide :aptitude, :parent => :apt, :source => :dpkg
26
26
  def purge
27
27
  aptitude '-y', 'purge', @resource[:name]
28
28
  end
29
+
30
+ private
31
+
32
+ def source
33
+ nil
34
+ end
29
35
  end
@@ -17,6 +17,8 @@ Puppet::Type.type(:service).provide :debian, :parent => :init do
17
17
  commands :invoke_rc => "/usr/sbin/invoke-rc.d"
18
18
  commands :service => "/usr/sbin/service"
19
19
 
20
+ confine :false => Puppet::FileSystem.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd')
21
+
20
22
  defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ['1','2']
21
23
  defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ['5','6','7']
22
24
  defaultfor :operatingsystem => :devuan
@@ -178,7 +178,7 @@ Puppet::Type.type(:user).provide :aix, :parent => Puppet::Provider::AixObject do
178
178
  # does not have a password.
179
179
  break if line =~ /^\S+:$/
180
180
 
181
- match_obj = /password = (\S+)/.match(line)
181
+ match_obj = /password\s+=\s+(\S+)/.match(line)
182
182
  end
183
183
  return :absent unless match_obj
184
184
 
@@ -211,7 +211,7 @@ Puppet::Type.type(:user).provide :aix, :parent => Puppet::Provider::AixObject do
211
211
  tempfile = Tempfile.new("puppet_#{user}_pw", :encoding => Encoding::ASCII)
212
212
  tempfile << "#{user}:#{value}\n"
213
213
  tempfile.close()
214
-
214
+
215
215
  # Options '-e', '-c', use encrypted password and clear flags
216
216
  # Must receive "user:enc_password" as input
217
217
  # command, arguments = {:failonfail => true, :combine => true}
@@ -59,23 +59,37 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
59
59
  get(:uid)
60
60
  end
61
61
 
62
+ def gid
63
+ return localgid if @resource.forcelocal?
64
+ get(:gid)
65
+ end
66
+
62
67
  def comment
63
68
  return localcomment if @resource.forcelocal?
64
69
  get(:comment)
65
70
  end
66
71
 
72
+ def groups
73
+ return localgroups if @resource.forcelocal?
74
+ super
75
+ end
76
+
67
77
  def finduser(key, value)
68
- passwd_file = "/etc/passwd"
78
+ passwd_file = '/etc/passwd'
69
79
  passwd_keys = [:account, :password, :uid, :gid, :gecos, :directory, :shell]
70
- index = passwd_keys.index(key)
71
- @passwd_content ||= File.read(passwd_file)
72
- @passwd_content.each_line do |line|
73
- user = line.split(":")
74
- if user[index] == value
75
- return Hash[passwd_keys.zip(user)]
80
+
81
+ unless @users
82
+ unless Puppet::FileSystem.exist?(passwd_file)
83
+ raise Puppet::Error.new("Forcelocal set for user resource '#{resource[:name]}', but #{passwd_file} does not exist")
84
+ end
85
+
86
+ @users = []
87
+ Puppet::FileSystem.each_line(passwd_file) do |line|
88
+ user = line.chomp.split(':')
89
+ @users << Hash[passwd_keys.zip(user)]
76
90
  end
77
91
  end
78
- false
92
+ @users.find { |param| param[key] == value } || false
79
93
  end
80
94
 
81
95
  def local_username
@@ -88,16 +102,56 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
88
102
  false
89
103
  end
90
104
 
105
+ def localgid
106
+ user = finduser(:account, resource[:name])
107
+ if user
108
+ begin
109
+ return Integer(user[:gid])
110
+ rescue ArgumentError
111
+ Puppet.debug("Non-numeric GID found in /etc/passwd for user #{resource[:name]}")
112
+ return user[:gid]
113
+ end
114
+ end
115
+ false
116
+ end
117
+
91
118
  def localcomment
92
119
  user = finduser(:account, resource[:name])
93
120
  user[:gecos]
94
121
  end
95
122
 
123
+ def localgroups
124
+ @groups_of ||= {}
125
+ group_file = '/etc/group'
126
+ user = resource[:name]
127
+
128
+ return @groups_of[user] if @groups_of[user]
129
+
130
+ @groups_of[user] = []
131
+
132
+ unless Puppet::FileSystem.exist?(group_file)
133
+ raise Puppet::Error.new("Forcelocal set for user resource '#{user}', but #{group_file} does not exist")
134
+ end
135
+
136
+ Puppet::FileSystem.each_line(group_file) do |line|
137
+ data = line.chomp.split(':')
138
+ if data.last.split(',').include?(user)
139
+ @groups_of[user] << data.first
140
+ end
141
+ end
142
+
143
+ @groups_of[user]
144
+ end
145
+
96
146
  def shell=(value)
97
147
  check_valid_shell
98
148
  set(:shell, value)
99
149
  end
100
150
 
151
+ def groups=(value)
152
+ set(:groups, value)
153
+ end
154
+
101
155
  verify :gid, "GID must be an integer" do |value|
102
156
  value.is_a? Integer
103
157
  end
@@ -57,11 +57,12 @@ config.header = <<EOT
57
57
  * Each of these settings can be specified in `puppet.conf` or on the
58
58
  command line.
59
59
  * Puppet Enterprise (PE) and open source Puppet share the configuration settings
60
- that are documented here. However, PE defaults for some settings differ from
61
- the open source Puppet defaults. Some examples of settings that have different
62
- PE defaults include `disable18n`, `environment_timeout`, `always_retry_plugins`,
63
- and the Puppet Server JRuby `max-active-instances` setting. To verify PE
64
- configuration defaults, check the `puppet.conf` file after installation.
60
+ documented here. However, PE defaults differ from open source defaults for some
61
+ settings, such as `node_terminus`, `storeconfigs`, `always_retry_plugins`,
62
+ `disable18n`, `environment_timeout` (when Code Manager is enabled), and the
63
+ Puppet Server JRuby `max-active-instances` setting. To verify PE configuration
64
+ defaults, check the `puppet.conf` or `pe-puppet-server.conf` file after
65
+ installation.
65
66
  * When using boolean settings on the command line, use `--setting` and
66
67
  `--no-setting` instead of `--setting (true|false)`. (Using `--setting false`
67
68
  results in "Error: Could not parse application options: needless argument".)
@@ -34,6 +34,7 @@ class Puppet::Settings
34
34
  require 'puppet/settings/server_list_setting'
35
35
  require 'puppet/settings/http_extra_headers_setting'
36
36
  require 'puppet/settings/certificate_revocation_setting'
37
+ require 'puppet/settings/alias_setting'
37
38
 
38
39
  # local reference for convenience
39
40
  PuppetOptionParser = Puppet::Util::CommandLine::PuppetOptionParser
@@ -388,19 +389,6 @@ class Puppet::Settings
388
389
  call_hooks_deferred_to_application_initialization
389
390
  issue_deprecations
390
391
 
391
- run_mode = Puppet::Util::RunMode[self.preferred_run_mode]
392
- if run_mode.agent? || run_mode.server?
393
- if self.set_in_section?(:masterport, run_mode.name) && !self.set_in_section?(:serverport, run_mode.name)
394
- self[:serverport] = self[:masterport]
395
- elsif self.set_by_config?(:masterport) && !self.set_by_config?(:serverport)
396
- self[:serverport] = self[:masterport]
397
- elsif self.set_in_section?(:serverport, run_mode.name) && !self.set_in_section?(:masterport, run_mode.name)
398
- self[:masterport] = self[:serverport]
399
- elsif self.set_by_config?(:serverport) && !self.set_by_config?(:masterport)
400
- self[:masterport] = self[:serverport]
401
- end
402
- end
403
-
404
392
  REQUIRED_APP_SETTINGS.each do |key|
405
393
  create_ancestors(Puppet[key])
406
394
  end
@@ -747,7 +735,8 @@ class Puppet::Settings
747
735
  :autosign => AutosignSetting,
748
736
  :server_list => ServerListSetting,
749
737
  :http_extra_headers => HttpExtraHeadersSetting,
750
- :certificate_revocation => CertificateRevocationSetting
738
+ :certificate_revocation => CertificateRevocationSetting,
739
+ :alias => AliasSetting
751
740
  }
752
741
 
753
742
  # Create a new setting. The value is passed in because it's used to determine
@@ -1285,27 +1274,37 @@ Generated on #{Time.now}.
1285
1274
  end
1286
1275
 
1287
1276
  def add_environment_resources(catalog, sections)
1288
- path = self[:environmentpath]
1289
- envdir = path.split(File::PATH_SEPARATOR).first if path
1290
1277
  configured_environment = self[:environment]
1291
- if configured_environment == "production" && envdir && Puppet::FileSystem.exist?(envdir)
1292
- configured_environment_path = File.join(envdir, configured_environment)
1293
- # If configured_environment_path is a symlink, assume the source path is being managed
1294
- # elsewhere, so don't do any of this configuration
1295
- if !Puppet::FileSystem.symlink?(configured_environment_path)
1278
+
1279
+ if configured_environment == "production" && !production_environment_exists?
1280
+ environment_path = self[:environmentpath]
1281
+ first_environment_path = environment_path.split(File::PATH_SEPARATOR).first
1282
+
1283
+ if Puppet::FileSystem.exist?(first_environment_path)
1284
+ production_environment_path = File.join(first_environment_path, configured_environment)
1296
1285
  parameters = { :ensure => 'directory' }
1297
- unless Puppet::FileSystem.exist?(configured_environment_path)
1298
- parameters[:mode] = '0750'
1299
- if Puppet.features.root?
1300
- parameters[:owner] = Puppet[:user] if service_user_available?
1301
- parameters[:group] = Puppet[:group] if service_group_available?
1302
- end
1286
+ parameters[:mode] = '0750'
1287
+ if Puppet.features.root?
1288
+ parameters[:owner] = Puppet[:user] if service_user_available?
1289
+ parameters[:group] = Puppet[:group] if service_group_available?
1303
1290
  end
1304
- catalog.add_resource(Puppet::Resource.new(:file, configured_environment_path, :parameters => parameters))
1291
+ catalog.add_resource(Puppet::Resource.new(:file, production_environment_path, :parameters => parameters))
1305
1292
  end
1306
1293
  end
1307
1294
  end
1308
1295
 
1296
+ def production_environment_exists?
1297
+ environment_path = self[:environmentpath]
1298
+ paths = environment_path.split(File::PATH_SEPARATOR)
1299
+
1300
+ paths.any? do |path|
1301
+ # If expected_path is a symlink, assume the source path is being managed
1302
+ # elsewhere, so accept it also as a valid production environment path
1303
+ expected_path = File.join(path, 'production')
1304
+ Puppet::FileSystem.directory?(expected_path) || Puppet::FileSystem.symlink?(expected_path)
1305
+ end
1306
+ end
1307
+
1309
1308
  def add_user_resources(catalog, sections)
1310
1309
  return unless Puppet.features.root?
1311
1310
  return if Puppet::Util::Platform.windows?
@@ -1406,6 +1405,12 @@ Generated on #{Time.now}.
1406
1405
  end
1407
1406
  end
1408
1407
 
1408
+ setting = @defaults[name]
1409
+ if setting.respond_to?(:alias_name)
1410
+ val = lookup(setting.alias_name)
1411
+ return val if val
1412
+ end
1413
+
1409
1414
  @defaults[name].default
1410
1415
  end
1411
1416
 
@@ -0,0 +1,37 @@
1
+ class Puppet::Settings::AliasSetting
2
+ attr_reader :name, :alias_name
3
+
4
+ def initialize(args = {})
5
+ @name = args[:name]
6
+ @alias_name = args[:alias_for]
7
+ @alias_for = Puppet.settings.setting(alias_name)
8
+ end
9
+
10
+ def optparse_args
11
+ args = @alias_for.optparse_args
12
+ args[0].gsub!(alias_name.to_s, name.to_s)
13
+ args
14
+ end
15
+
16
+ def getopt_args
17
+ args = @alias_for.getopt_args
18
+ args[0].gsub!(alias_name.to_s, name.to_s)
19
+ args
20
+ end
21
+
22
+ def type
23
+ :alias
24
+ end
25
+
26
+ def method_missing(method, *args)
27
+ begin
28
+ alias_for.send(method, *args)
29
+ rescue => e
30
+ Puppet.log_exception(self.class, e.message)
31
+ end
32
+ end
33
+
34
+ private
35
+
36
+ attr_reader :alias_for
37
+ end
@@ -29,6 +29,7 @@ class Puppet::Settings::EnvironmentConf
29
29
  section = config.sections[:main]
30
30
  rescue Errno::ENOENT
31
31
  # environment.conf is an optional file
32
+ Puppet.debug { "Path to #{path_to_env} does not exist, using default environment.conf" }
32
33
  end
33
34
 
34
35
  new(path_to_env, section, global_module_path)
@@ -422,10 +422,10 @@ module Puppet
422
422
  end
423
423
 
424
424
  newparam(:source) do
425
- desc "Where to find the package file. This is only used by providers that don't
425
+ desc "Where to find the package file. This is mostly used by providers that don't
426
426
  automatically download packages from a central repository. (For example:
427
- the `yum` and `apt` providers ignore this attribute, but the `rpm` and
428
- `dpkg` providers require it.)
427
+ the `yum` provider ignores this attribute, `apt` provider uses it if present
428
+ and the `rpm` and `dpkg` providers require it.)
429
429
 
430
430
  Different providers accept different values for `source`. Most providers
431
431
  accept paths to local files stored on the target system. Some providers
@@ -465,7 +465,7 @@ module Puppet
465
465
  groups = obj.shouldorig if obj
466
466
  if groups
467
467
  groups = groups.collect { |group|
468
- if group =~ /^\d+$/
468
+ if group.is_a?(String) && group =~/^\d+$/
469
469
  Integer(group)
470
470
  else
471
471
  group
@@ -166,14 +166,7 @@ class Puppet::Util::Autoload
166
166
  # Normalize a path. This converts ALT_SEPARATOR to SEPARATOR on Windows
167
167
  # and eliminates unnecessary parts of a path.
168
168
  def cleanpath(path)
169
- # There are two cases here because cleanpath does not handle absolute
170
- # paths correctly on windows (c:\ and c:/ are treated as distinct) but
171
- # we don't want to convert relative paths to absolute
172
- if Puppet::Util.absolute_path?(path)
173
- File.expand_path(path)
174
- else
175
- Pathname.new(path).cleanpath.to_s
176
- end
169
+ Pathname.new(path).cleanpath.to_s
177
170
  end
178
171
  end
179
172
 
@@ -32,6 +32,13 @@ end
32
32
  # (#19151) Reject all SSLv2 ciphers and handshakes
33
33
  require 'puppet/ssl/openssl_loader'
34
34
  unless Puppet::Util::Platform.jruby_fips?
35
+ unless defined?(OpenSSL::SSL::TLS1_VERSION)
36
+ module OpenSSL::SSL
37
+ # see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
38
+ OpenSSL::SSL::TLS1_VERSION = 0x301
39
+ end
40
+ end
41
+
35
42
  class OpenSSL::SSL::SSLContext
36
43
  if DEFAULT_PARAMS[:options]
37
44
  DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
@@ -12,11 +12,18 @@ module Puppet::Util::POSIX
12
12
  class << self
13
13
  # Returns an array of all the groups that the user's a member of.
14
14
  def groups_of(user)
15
- groups = []
16
- Puppet::Etc.group do |group|
17
- groups << group.name if group.mem.include?(user)
15
+ begin
16
+ require 'puppet/ffi/posix'
17
+ groups = get_groups_list(user)
18
+ rescue StandardError, LoadError => e
19
+ Puppet.debug("Falling back to Puppet::Etc.group: #{e.message}")
20
+
21
+ groups = []
22
+ Puppet::Etc.group do |group|
23
+ groups << group.name if group.mem.include?(user)
24
+ end
18
25
  end
19
-
26
+
20
27
  uniq_groups = groups.uniq
21
28
  if uniq_groups != groups
22
29
  Puppet.debug(_('Removing any duplicate group entries'))
@@ -24,6 +31,39 @@ module Puppet::Util::POSIX
24
31
 
25
32
  uniq_groups
26
33
  end
34
+
35
+ private
36
+ def get_groups_list(user)
37
+ raise LoadError, "The 'getgrouplist' method is not available" unless Puppet::FFI::POSIX::Functions.respond_to?(:getgrouplist)
38
+
39
+ user_gid = Puppet::Etc.getpwnam(user).gid
40
+ ngroups = Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS
41
+
42
+ while true do # rubocop:disable Lint/LiteralInCondition
43
+ FFI::MemoryPointer.new(:int) do |ngroups_ptr|
44
+ FFI::MemoryPointer.new(:uint, ngroups) do |groups_ptr|
45
+ old_ngroups = ngroups
46
+ ngroups_ptr.write_int(ngroups)
47
+
48
+ if Puppet::FFI::POSIX::Functions::getgrouplist(user, user_gid, groups_ptr, ngroups_ptr) != -1
49
+ groups_gids = groups_ptr.get_array_of_uint(0, ngroups_ptr.read_int)
50
+
51
+ result = []
52
+ groups_gids.each do |group_gid|
53
+ group_info = Puppet::Etc.getgrgid(group_gid)
54
+ result |= [group_info.name] if group_info.mem.include?(user)
55
+ end
56
+ return result
57
+ end
58
+
59
+ ngroups = ngroups_ptr.read_int
60
+ if ngroups <= old_ngroups
61
+ ngroups *= 2
62
+ end
63
+ end
64
+ end
65
+ end
66
+ end
27
67
  end
28
68
 
29
69
  # Retrieve a field from a POSIX Etc object. The id can be either an integer
@@ -144,8 +184,17 @@ module Puppet::Util::POSIX
144
184
  name = get_posix_field(location, :name, id)
145
185
  check_value = name
146
186
  end
187
+
147
188
  if check_value != field
148
- return search_posix_field(location, id_field, field)
189
+ check_value_id = get_posix_field(location, id_field, check_value) if check_value
190
+
191
+ if id == check_value_id
192
+ Puppet.debug("Multiple entries found for resource: '#{location}' with #{id_field}: #{id}")
193
+ return id
194
+ else
195
+ Puppet.debug("The value retrieved: '#{check_value}' is different than the required state: '#{field}', searching in all entries")
196
+ return search_posix_field(location, id_field, field)
197
+ end
149
198
  else
150
199
  return id
151
200
  end