puppet 7.0.0 → 7.1.0

data/spec/unit/environments_spec.rb

@@ -629,19 +629,6 @@ config_version=$vardir/random/scripts
     context "expiration policies" do
       let(:service) { ReplayExpirationService.new }
 
-      # The environment named `:an_environment` will already be loaded when the
-      # block is yielded to
-      def with_environment_loaded(service, &block)
-        loader_from(:filesystem => [directory_tree], :directory => directory_tree.children.first) do |loader|
-          using_expiration_service(service) do
-            cached = Puppet::Environments::Cached.new(loader)
-            cached.get!(:an_environment)
-
-            yield cached if block_given?
-          end
-        end
-      end
-
       it "notifies when the environment is first created" do
         with_environment_loaded(service)
 
@@ -662,10 +649,7 @@ config_version=$vardir/random/scripts
       it "evicts an expired environment" do
         service = ReplayExpirationService.new
 
-        # The `Cached#clear_all_expired` method tries to optimize the case where
-        # no entries are expired. But if `Time.now < @next_expiration` and there is
-        # an expired entry, then the `service#expired?` method is called twice.
-        expect(service).to receive(:expired?).twice.and_return(true)
+        expect(service).to receive(:expired?).and_return(true)
 
         with_environment_loaded(service) do |cached|
           cached.get!(:an_environment)
@@ -706,8 +690,7 @@ config_version=$vardir/random/scripts
       it "evicts a recently touched environment" do
         Puppet[:environment_timeout] = 60
 
-        # see note above about "twice"
-        expect(service).to receive(:expired?).twice.and_return(true)
+        expect(service).to receive(:expired?).and_return(true)
 
         with_environment_loaded(service) do |cached|
           # even though the environment was recently touched, it's been expired
@@ -726,6 +709,87 @@ config_version=$vardir/random/scripts
           with_global_module_path([])
       end
     end
+
+    context '#clear' do
+      let(:service) { ReplayExpirationService.new }
+
+      it "evicts an environment" do
+        with_environment_loaded(service) do |cached|
+          cached.clear(:an_environment)
+        end
+
+        expect(service.evicted_envs).to eq([:an_environment])
+      end
+    end
+
+    context '#clear_all' do
+      let(:service) { ReplayExpirationService.new }
+
+      it 'evicts all environments' do
+        with_environment_loaded(service) do |cached|
+          cached.get(:an_environment)
+          cached.get(:another_environment)
+          cached.clear_all
+
+          expect(service.evicted_envs).to match([:an_environment, :another_environment])
+        end
+      end
+
+      it 'clears cached environment settings' do
+        base_dir = File.expand_path("envdir")
+        original_envdir = FS::MemoryFile.a_directory(base_dir, [
+          FS::MemoryFile.a_directory("env3", [
+            FS::MemoryFile.a_regular_file_containing("environment.conf", <<-EOF)
+              manifest=/manifest_orig
+              modulepath=/modules_orig
+              environment_timeout=60
+            EOF
+          ]),
+        ])
+
+        FS.overlay(original_envdir) do
+          dir_loader = Puppet::Environments::Directories.new(original_envdir, [])
+          loader = Puppet::Environments::Cached.new(dir_loader)
+          Puppet.override(:environments => loader) do
+            original_env = loader.get("env3") # force the environment.conf to be read
+
+            changed_envdir = FS::MemoryFile.a_directory(base_dir, [
+              FS::MemoryFile.a_directory("env3", [
+                FS::MemoryFile.a_regular_file_containing("environment.conf", <<-EOF)
+                  manifest=/manifest_changed
+                  modulepath=/modules_changed
+                  environment_timeout=60
+                EOF
+              ]),
+            ])
+
+            #Clear all cached environments
+            loader.clear_all
+
+            FS.overlay(changed_envdir) do
+              changed_env = loader.get("env3")
+
+              expect(original_env).to environment(:env3).
+                with_manifest(File.expand_path("/manifest_orig")).
+                with_full_modulepath([File.expand_path("/modules_orig")])
+
+              expect(changed_env).to environment(:env3).
+                with_manifest(File.expand_path("/manifest_changed")).
+                with_full_modulepath([File.expand_path("/modules_changed")])
+            end
+          end
+        end
+      end
+
+      it 'deletes environment text domains' do
+        with_environment_loaded(service) do |cached|
+          cached.get(:an_environment)
+          cached.clear_all
+
+          expect(FastGettext.text_domain).to eq(Puppet::GettextConfig::DEFAULT_TEXT_DOMAIN)
+        end
+      end
+    end
   end
 
   RSpec::Matchers.define :environment do |name|
@@ -820,6 +884,19 @@ config_version=$vardir/random/scripts
     end
   end
 
+  # The environment named `:an_environment` will already be loaded when the
+  # block is yielded to
+  def with_environment_loaded(service, &block)
+    loader_from(:filesystem => [directory_tree], :directory => directory_tree.children.first) do |loader|
+      using_expiration_service(service) do
+        cached = Puppet::Environments::Cached.new(loader)
+        cached.get!(:an_environment)
+
+        yield cached if block_given?
+      end
+    end
+  end
+
   class ReplayExpirationService < Puppet::Environments::Cached::DefaultCacheExpirationService
     attr_reader :created_envs, :evicted_envs
 

data/spec/unit/face/node_spec.rb

@@ -89,8 +89,20 @@ describe Puppet::Face[:node, '0.0.1'] do
 
       describe "when cleaning certificate", :if => Puppet.features.puppetserver_ca? do
         it "should call the CA CLI gem's clean action" do
-          expect_any_instance_of(Puppetserver::Ca::Action::Clean).to receive(:run).with({ 'certnames' => ['hostname'] }).and_return(0)
-          subject.clean_cert('hostname')
+          expect_any_instance_of(Puppetserver::Ca::Action::Clean).
+            to receive(:clean_certs).
+            with(['hostname'], anything).
+            and_return(:success)
+
+          if Puppet[:cadir].start_with?(Puppet[:ssldir])
+            expect_any_instance_of(LoggerIO).
+              to receive(:warn).
+              with(/cadir is currently configured to be inside/)
+          end
+
+          expect(Puppet).not_to receive(:warning)
+          result = subject.clean_cert('hostname')
+          expect(result).to eq(0)
         end
 
         it "should not call the CA CLI gem's clean action if the gem is missing" do

data/spec/unit/parser/templatewrapper_spec.rb

@@ -57,9 +57,10 @@ describe Puppet::Parser::TemplateWrapper do
     expect(tw.all_tags).to eq(["tag1","tag2"])
   end
 
-  it "provides the tags defined in the current scope with #tags" do
-    expect(scope).to receive(:tags).and_return(["tag1", "tag2"])
-    expect(tw.tags).to eq(["tag1","tag2"])
+  it "raises not implemented error" do
+    expect {
+      tw.tags
+    }.to raise_error(NotImplementedError, /Call 'all_tags' instead/)
   end
 
   it "raises error on access to removed in-scope variables via method calls" do

data/spec/unit/provider/user/aix_spec.rb

@@ -143,6 +143,11 @@ describe 'Puppet::Type::User::Provider::Aix' do
     it "returns the user's password" do
       expect(call_parse_password).to eql('some_password')
     end
+
+    it "returns the user's password with tabs" do
+      resource[:name] = 'tab_password_user'
+      expect(call_parse_password).to eql('some_password')
+    end
   end
 
   # TODO: If we move from using Mocha to rspec's mocks,

data/spec/unit/provider/user/pw_spec.rb

@@ -53,12 +53,14 @@ describe Puppet::Type.type(:user).provider(:pw) do
 
     it "should use -G with the correct argument when the groups property is set" do
       resource[:groups] = "group1"
+      allow(Puppet::Util::POSIX).to receive(:groups_of).with('testuser').and_return([])
       expect(provider).to receive(:execute).with(include("-G").and(include("group1")), kind_of(Hash))
       provider.create
     end
 
     it "should use -G with all the given groups when the groups property is set to an array" do
       resource[:groups] = ["group1", "group2"]
+      allow(Puppet::Util::POSIX).to receive(:groups_of).with('testuser').and_return([])
       expect(provider).to receive(:execute).with(include("-G").and(include("group1,group2")), kind_of(Hash))
       provider.create
     end

data/spec/unit/provider/user/useradd_spec.rb

@@ -4,6 +4,7 @@ RSpec::Matchers.define_negated_matcher :excluding, :include
 
 describe Puppet::Type.type(:user).provider(:useradd) do
   before :each do
+    allow(Puppet::Util::POSIX).to receive(:groups_of).and_return([])
     allow(described_class).to receive(:command).with(:password).and_return('/usr/bin/chage')
     allow(described_class).to receive(:command).with(:localpassword).and_return('/usr/sbin/lchage')
     allow(described_class).to receive(:command).with(:add).and_return('/usr/sbin/useradd')

data/spec/unit/util/posix_spec.rb

@@ -1,5 +1,6 @@
 require 'spec_helper'
 
+require 'puppet/ffi/posix'
 require 'puppet/util/posix'
 
 class PosixTest
@@ -11,35 +12,338 @@ describe Puppet::Util::POSIX do
     @posix = PosixTest.new
   end
 
-  describe '.groups_of' do
+  describe '.groups_of' do 
+    let(:mock_user_data) { double(user, :gid => 1000) }
+
+    let(:ngroups_ptr) { double('FFI::MemoryPointer', :address => 0x0001, :size => 4) }
+    let(:groups_ptr) { double('FFI::MemoryPointer', :address => 0x0002, :size => Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS) }
+
     let(:mock_groups) do
       [
-        ['group1', ['user1', 'user2']],
-        ['group2', ['user2']],
-        ['group1', ['user1', 'user2']],
-        ['group3', ['user1']],
-        ['group4', ['user2']]
-      ].map do |(name, members)|
+        ['root', ['root'], 0],
+        ['nomembers', [], 5 ],
+        ['group1', ['user1', 'user2'], 1001],
+        ['group2', ['user2'], 2002],
+        ['group1', ['user1', 'user2'], 1001],
+        ['group3', ['user1'], 3003],
+        ['group4', ['user2'], 4004],
+        ['user1', [], 1111],
+        ['user2', [], 2222]
+      ].map do |(name, members, gid)|
         group_struct = double("Group #{name}")
         allow(group_struct).to receive(:name).and_return(name)
         allow(group_struct).to receive(:mem).and_return(members)
+        allow(group_struct).to receive(:gid).and_return(gid)
 
         group_struct
       end
     end
 
+    def prepare_user_and_groups_env(user, groups)
+      groups_gids = []
+      groups_and_user = []
+      groups_and_user.replace(groups)
+      groups_and_user.push(user)
+
+      groups_and_user.each do |group|
+        mock_group = mock_groups.find { |m| m.name == group }
+        groups_gids.push(mock_group.gid)
+
+        allow(Puppet::Etc).to receive(:getgrgid).with(mock_group.gid).and_return(mock_group)
+      end
+
+      if groups_and_user.size > Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS
+        allow(ngroups_ptr).to receive(:read_int).and_return(Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS, groups_and_user.size)
+      else
+        allow(ngroups_ptr).to receive(:read_int).and_return(groups_and_user.size)
+      end
+
+      allow(groups_ptr).to receive(:get_array_of_uint).with(0, groups_and_user.size).and_return(groups_gids)
+      allow(Puppet::Etc).to receive(:getpwnam).with(user).and_return(mock_user_data)
+    end
+
     before(:each) do
-      etc_stub = receive(:group)
-      mock_groups.each do |mock_group|
-        etc_stub = etc_stub.and_yield(mock_group)
+      allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist).and_return(true)
+    end
+
+    describe 'when it uses FFI function getgrouplist' do
+      before(:each) do
+        allow(FFI::MemoryPointer).to receive(:new).with(:int).and_yield(ngroups_ptr)
+        allow(FFI::MemoryPointer).to receive(:new).with(:uint, Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS).and_yield(groups_ptr)
+        allow(ngroups_ptr).to receive(:write_int).with(Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS).and_return(ngroups_ptr)
+      end
+
+      describe 'when there are groups' do
+        context 'for user1' do
+          let(:user) { 'user1' }
+          let(:expected_groups) { ['group1', 'group3'] }
+          
+          before(:each) do
+            prepare_user_and_groups_env(user, expected_groups)
+            allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
+          end
+
+          it "should return the groups for given user" do
+            expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+          end
+
+          it 'should not print any debug message about falling back to Puppet::Etc.group' do
+            expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+            Puppet::Util::POSIX.groups_of(user)
+          end
+        end
+
+        context 'for user2' do
+          let(:user) { 'user2' }
+          let(:expected_groups) { ['group1', 'group2', 'group4'] }
+          
+          before(:each) do
+            prepare_user_and_groups_env(user, expected_groups)
+            allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
+          end
+
+          it "should return the groups for given user" do
+            expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+          end
+
+          it 'should not print any debug message about falling back to Puppet::Etc.group' do
+            expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+            Puppet::Util::POSIX.groups_of(user)
+          end
+        end
+      end
+
+      describe 'when there are no groups' do
+        let(:user) { 'nomembers' }
+        let(:expected_groups) { [] }
+        
+        before(:each) do
+          prepare_user_and_groups_env(user, expected_groups)
+          allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
+        end
+
+        it "should return no groups for given user" do
+          expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+        end
+
+        it 'should not print any debug message about falling back to Puppet::Etc.group' do
+          expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+      describe 'when primary group explicitly contains user' do
+        let(:user) { 'root' }
+        let(:expected_groups) { ['root'] }
+
+        before(:each) do
+          prepare_user_and_groups_env(user, expected_groups)
+          allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
+        end
+
+        it "should return the groups, including primary group, for given user" do
+          expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+        end
+
+        it 'should not print any debug message about falling back to Puppet::Etc.group' do
+          expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+      describe 'when primary group does not explicitly contain user' do
+        let(:user) { 'user1' }
+        let(:expected_groups) { ['group1', 'group3'] }
+
+        before(:each) do
+          prepare_user_and_groups_env(user, expected_groups)
+          allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
+        end
+
+        it "should not return primary group for given user" do
+          expect(Puppet::Util::POSIX.groups_of(user)).not_to include(user)
+        end
+
+        it 'should not print any debug message about falling back to Puppet::Etc.group' do
+          expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+      context 'number of groups' do
+        before(:each) do
+          stub_const("Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS", 2)
+          prepare_user_and_groups_env(user, expected_groups)
+
+          allow(FFI::MemoryPointer).to receive(:new).with(:uint, Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS).and_yield(groups_ptr)
+          allow(ngroups_ptr).to receive(:write_int).with(Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS).and_return(ngroups_ptr)
+        end
+
+        describe 'when there are less than maximum expected number of groups' do
+          let(:user) { 'root' }
+          let(:expected_groups) { ['root'] }
+
+          before(:each) do
+            allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
+          end
+
+          it "should return the groups for given user, after one 'getgrouplist' call" do
+            expect(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).once
+            expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+          end
+
+          it 'should not print any debug message about falling back to Puppet::Etc.group' do
+            expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+            Puppet::Util::POSIX.groups_of(user)
+          end
+        end
+
+        describe 'when there are more than maximum expected number of groups' do
+          let(:user) { 'user1' }
+          let(:expected_groups) { ['group1', 'group3'] }
+
+          before(:each) do
+            allow(FFI::MemoryPointer).to receive(:new).with(:uint, Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS * 2).and_yield(groups_ptr)
+            allow(ngroups_ptr).to receive(:write_int).with(Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS * 2).and_return(ngroups_ptr)
+
+            allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(-1, 1)
+          end
+
+          it "should return the groups for given user, after two 'getgrouplist' calls" do
+            expect(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).twice
+            expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+          end
+
+          it 'should not print any debug message about falling back to Puppet::Etc.group' do
+            expect(Puppet).not_to receive(:debug).with(/Falling back to Puppet::Etc.group:/)
+            Puppet::Util::POSIX.groups_of(user)
+          end
+        end
       end
-      allow(Puppet::Etc).to etc_stub
     end
 
-    it 'returns the groups of the given user' do
-      expect(Puppet::Util::POSIX.groups_of('user1')).to eql(
-        ['group1', 'group3']
-      )
+    describe 'when it falls back to Puppet::Etc.group method' do
+      before(:each) do
+        etc_stub = receive(:group)
+        mock_groups.each do |mock_group|
+          etc_stub = etc_stub.and_yield(mock_group)
+        end
+        allow(Puppet::Etc).to etc_stub
+
+        allow(Puppet::Etc).to receive(:getpwnam).with(user).and_raise(ArgumentError, "can't find user for #{user}")
+        allow(Puppet).to receive(:debug)
+
+        expect(Puppet::FFI::POSIX::Functions).not_to receive(:getgrouplist)
+      end
+
+      describe 'when there are groups' do
+        context 'for user1' do
+          let(:user) { 'user1' }
+          let(:expected_groups) { ['group1', 'group3'] }
+
+          it "should return the groups for given user" do
+            expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+          end
+
+          it 'logs a debug message' do
+            expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
+            Puppet::Util::POSIX.groups_of(user)
+          end
+        end
+
+        context 'for user2' do
+          let(:user) { 'user2' }
+          let(:expected_groups) { ['group1', 'group2', 'group4'] }
+
+          it "should return the groups for given user" do
+            expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+          end
+
+          it 'logs a debug message' do
+            expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
+            Puppet::Util::POSIX.groups_of(user)
+          end
+        end
+      end
+
+      describe 'when there are no groups' do
+        let(:user) { 'nomembers' }
+        let(:expected_groups) { [] }
+
+        it "should return no groups for given user" do
+          expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+        end
+
+        it 'logs a debug message' do
+          expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+      describe 'when primary group explicitly contains user' do
+        let(:user) { 'root' }
+        let(:expected_groups) { ['root'] }
+
+        it "should return the groups, including primary group, for given user" do
+          expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+        end
+
+        it 'logs a debug message' do
+          expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+      describe 'when primary group does not explicitly contain user' do
+        let(:user) { 'user1' }
+        let(:expected_groups) { ['group1', 'group3'] }
+
+        it "should not return primary group for given user" do
+          expect(Puppet::Util::POSIX.groups_of(user)).not_to include(user)
+        end
+
+        it 'logs a debug message' do
+          expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+      describe "when the 'getgrouplist' method is not available" do
+        let(:user) { 'user1' }
+        let(:expected_groups) { ['group1', 'group3'] }
+
+        before(:each) do
+          allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist).and_return(false)
+        end
+
+        it "should return the groups" do
+          expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+        end
+
+        it 'logs a debug message' do
+          expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: The 'getgrouplist' method is not available")
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
+
+
+      describe "when ffi is not available on the machine" do
+        let(:user) { 'user1' }
+        let(:expected_groups) { ['group1', 'group3'] }
+
+        before(:each) do
+          allow(Puppet::Util::POSIX).to receive(:require).with('puppet/ffi/posix').and_raise(LoadError, 'cannot load such file -- ffi')
+        end
+
+        it "should return the groups" do
+          expect(Puppet::Util::POSIX.groups_of(user)).to eql(expected_groups)
+        end
+
+        it 'logs a debug message' do
+          expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: cannot load such file -- ffi")
+          Puppet::Util::POSIX.groups_of(user)
+        end
+      end
     end
   end
 
@@ -189,6 +493,25 @@ describe Puppet::Util::POSIX do
         expect(@posix.gid("asdf")).to eq(100)
       end
 
+      it "returns the id without full groups query if multiple groups have the same id" do
+        expect(@posix).to receive(:get_posix_field).with(:group, :gid, "asdf").and_return(100)
+        expect(@posix).to receive(:get_posix_field).with(:group, :name, 100).and_return("boo")
+        expect(@posix).to receive(:get_posix_field).with(:group, :gid, "boo").and_return(100)
+
+        expect(@posix).not_to receive(:search_posix_field)
+        expect(@posix.gid("asdf")).to eq(100)
+      end
+
+      it "returns the id with full groups query if name is nil" do
+        expect(@posix).to receive(:get_posix_field).with(:group, :gid, "asdf").and_return(100)
+        expect(@posix).to receive(:get_posix_field).with(:group, :name, 100).and_return(nil)
+        expect(@posix).not_to receive(:get_posix_field).with(:group, :gid, nil)
+
+
+        expect(@posix).to receive(:search_posix_field).with(:group, :gid, "asdf").and_return(100)
+        expect(@posix.gid("asdf")).to eq(100)
+      end
+
       it "should use :search_posix_field if the discovered name does not match the passed-in name" do
         expect(@posix).to receive(:get_posix_field).with(:group, :gid, "asdf").and_return(100)
         expect(@posix).to receive(:get_posix_field).with(:group, :name, 100).and_return("boo")
@@ -265,6 +588,25 @@ describe Puppet::Util::POSIX do
         expect(@posix.uid("asdf")).to eq(100)
       end
 
+      it "returns the id without full users query if multiple users have the same id" do
+        expect(@posix).to receive(:get_posix_field).with(:passwd, :uid, "asdf").and_return(100)
+        expect(@posix).to receive(:get_posix_field).with(:passwd, :name, 100).and_return("boo")
+        expect(@posix).to receive(:get_posix_field).with(:passwd, :uid, "boo").and_return(100)
+
+        expect(@posix).not_to receive(:search_posix_field)
+        expect(@posix.uid("asdf")).to eq(100)
+      end
+
+      it "returns the id with full users query if name is nil" do
+        expect(@posix).to receive(:get_posix_field).with(:passwd, :uid, "asdf").and_return(100)
+        expect(@posix).to receive(:get_posix_field).with(:passwd, :name, 100).and_return(nil)
+        expect(@posix).not_to receive(:get_posix_field).with(:passwd, :uid, nil)
+
+
+        expect(@posix).to receive(:search_posix_field).with(:passwd, :uid, "asdf").and_return(100)
+        expect(@posix.uid("asdf")).to eq(100)
+      end
+
       it "should use :search_posix_field if the discovered name does not match the passed-in name" do
         expect(@posix).to receive(:get_posix_field).with(:passwd, :uid, "asdf").and_return(100)
         expect(@posix).to receive(:get_posix_field).with(:passwd, :name, 100).and_return("boo")