puppet 7.1.0-universal-darwin → 7.6.1-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (198) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +38 -30
  3. data/ext/build_defaults.yaml +0 -1
  4. data/lib/puppet/application.rb +10 -6
  5. data/lib/puppet/application/agent.rb +1 -0
  6. data/lib/puppet/application/apply.rb +3 -2
  7. data/lib/puppet/application/device.rb +1 -0
  8. data/lib/puppet/application/script.rb +1 -0
  9. data/lib/puppet/application/ssl.rb +11 -0
  10. data/lib/puppet/configurer.rb +16 -3
  11. data/lib/puppet/defaults.rb +14 -19
  12. data/lib/puppet/environments.rb +16 -1
  13. data/lib/puppet/face/facts.rb +26 -2
  14. data/lib/puppet/ffi/windows/api_types.rb +1 -1
  15. data/lib/puppet/ffi/windows/constants.rb +1 -1
  16. data/lib/puppet/file_serving/configuration/parser.rb +5 -2
  17. data/lib/puppet/file_system/memory_file.rb +8 -1
  18. data/lib/puppet/file_system/windows.rb +2 -0
  19. data/lib/puppet/functions.rb +1 -1
  20. data/lib/puppet/functions/partition.rb +8 -0
  21. data/lib/puppet/http/factory.rb +4 -0
  22. data/lib/puppet/indirector/facts/facter.rb +1 -0
  23. data/lib/puppet/loaders.rb +0 -4
  24. data/lib/puppet/module.rb +1 -0
  25. data/lib/puppet/module_tool/applications/installer.rb +48 -2
  26. data/lib/puppet/module_tool/errors/shared.rb +17 -2
  27. data/lib/puppet/network/formats.rb +67 -0
  28. data/lib/puppet/network/http.rb +5 -2
  29. data/lib/puppet/network/http/api.rb +10 -6
  30. data/lib/puppet/network/http/api/master.rb +3 -2
  31. data/lib/puppet/network/http/api/master/v3.rb +2 -25
  32. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
  33. data/lib/puppet/network/http/api/server.rb +10 -0
  34. data/lib/puppet/network/http/api/server/v3.rb +39 -0
  35. data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
  36. data/lib/puppet/node/environment.rb +12 -5
  37. data/lib/puppet/parser/ast/leaf.rb +3 -2
  38. data/lib/puppet/pops/evaluator/deferred_resolver.rb +5 -3
  39. data/lib/puppet/pops/loader/base_loader.rb +42 -32
  40. data/lib/puppet/pops/loader/dependency_loader.rb +2 -2
  41. data/lib/puppet/pops/loader/loader.rb +15 -5
  42. data/lib/puppet/pops/loader/module_loaders.rb +8 -8
  43. data/lib/puppet/pops/loader/predefined_loader.rb +4 -0
  44. data/lib/puppet/pops/loader/runtime3_type_loader.rb +1 -1
  45. data/lib/puppet/pops/loader/static_loader.rb +4 -0
  46. data/lib/puppet/pops/loaders.rb +4 -4
  47. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  48. data/lib/puppet/pops/parser/lexer2.rb +0 -4
  49. data/lib/puppet/pops/types/p_type_set_type.rb +1 -1
  50. data/lib/puppet/pops/validation/checker4_0.rb +0 -1
  51. data/lib/puppet/property/list.rb +1 -1
  52. data/lib/puppet/provider/group/groupadd.rb +13 -8
  53. data/lib/puppet/provider/package/apt.rb +34 -2
  54. data/lib/puppet/provider/package/aptitude.rb +6 -0
  55. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  56. data/lib/puppet/provider/package/puppet_gem.rb +12 -1
  57. data/lib/puppet/provider/service/debian.rb +2 -0
  58. data/lib/puppet/provider/service/systemd.rb +1 -1
  59. data/lib/puppet/provider/user/useradd.rb +62 -8
  60. data/lib/puppet/reference/configuration.rb +6 -5
  61. data/lib/puppet/settings.rb +36 -30
  62. data/lib/puppet/settings/alias_setting.rb +37 -0
  63. data/lib/puppet/settings/environment_conf.rb +1 -0
  64. data/lib/puppet/type/package.rb +3 -3
  65. data/lib/puppet/util/autoload.rb +1 -8
  66. data/lib/puppet/util/monkey_patches.rb +7 -0
  67. data/lib/puppet/util/posix.rb +1 -1
  68. data/lib/puppet/util/windows/adsi.rb +46 -0
  69. data/lib/puppet/util/windows/principal.rb +9 -2
  70. data/lib/puppet/util/windows/sid.rb +4 -2
  71. data/lib/puppet/version.rb +1 -1
  72. data/locales/puppet.pot +166 -146
  73. data/man/man5/puppet.conf.5 +14 -6
  74. data/man/man8/puppet-agent.8 +2 -2
  75. data/man/man8/puppet-apply.8 +2 -2
  76. data/man/man8/puppet-catalog.8 +1 -1
  77. data/man/man8/puppet-config.8 +1 -1
  78. data/man/man8/puppet-describe.8 +1 -1
  79. data/man/man8/puppet-device.8 +2 -2
  80. data/man/man8/puppet-doc.8 +1 -1
  81. data/man/man8/puppet-epp.8 +1 -1
  82. data/man/man8/puppet-facts.8 +8 -2
  83. data/man/man8/puppet-filebucket.8 +1 -1
  84. data/man/man8/puppet-generate.8 +1 -1
  85. data/man/man8/puppet-help.8 +1 -1
  86. data/man/man8/puppet-lookup.8 +1 -1
  87. data/man/man8/puppet-module.8 +1 -1
  88. data/man/man8/puppet-node.8 +1 -1
  89. data/man/man8/puppet-parser.8 +1 -1
  90. data/man/man8/puppet-plugin.8 +1 -1
  91. data/man/man8/puppet-report.8 +1 -1
  92. data/man/man8/puppet-resource.8 +1 -1
  93. data/man/man8/puppet-script.8 +2 -2
  94. data/man/man8/puppet-ssl.8 +5 -1
  95. data/man/man8/puppet.8 +2 -2
  96. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +91 -0
  97. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  98. data/spec/integration/application/agent_spec.rb +160 -3
  99. data/spec/integration/application/apply_spec.rb +19 -0
  100. data/spec/integration/application/plugin_spec.rb +1 -1
  101. data/spec/integration/defaults_spec.rb +0 -7
  102. data/spec/integration/http/client_spec.rb +12 -0
  103. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  104. data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
  105. data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
  106. data/spec/integration/parser/collection_spec.rb +10 -0
  107. data/spec/integration/resource/type_collection_spec.rb +2 -6
  108. data/spec/integration/transaction_spec.rb +4 -9
  109. data/spec/integration/util/windows/adsi_spec.rb +21 -1
  110. data/spec/integration/util/windows/principal_spec.rb +21 -0
  111. data/spec/integration/util/windows/registry_spec.rb +6 -10
  112. data/spec/spec_helper.rb +12 -5
  113. data/spec/unit/agent_spec.rb +8 -6
  114. data/spec/unit/application/agent_spec.rb +0 -1
  115. data/spec/unit/application/facts_spec.rb +58 -7
  116. data/spec/unit/application/filebucket_spec.rb +0 -2
  117. data/spec/unit/application/ssl_spec.rb +23 -0
  118. data/spec/unit/application_spec.rb +17 -9
  119. data/spec/unit/confine/feature_spec.rb +1 -1
  120. data/spec/unit/confine_spec.rb +8 -2
  121. data/spec/unit/environments_spec.rb +164 -88
  122. data/spec/unit/face/node_spec.rb +0 -11
  123. data/spec/unit/file_serving/configuration/parser_spec.rb +8 -1
  124. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  125. data/spec/unit/file_serving/terminus_helper_spec.rb +11 -4
  126. data/spec/unit/file_system_spec.rb +9 -0
  127. data/spec/unit/forge/module_release_spec.rb +2 -7
  128. data/spec/unit/http/factory_spec.rb +19 -0
  129. data/spec/unit/indirector/face_spec.rb +0 -1
  130. data/spec/unit/indirector/facts/facter_spec.rb +20 -5
  131. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +26 -8
  132. data/spec/unit/indirector/indirection_spec.rb +8 -12
  133. data/spec/unit/indirector_spec.rb +2 -2
  134. data/spec/unit/module_spec.rb +1 -1
  135. data/spec/unit/module_tool/applications/installer_spec.rb +66 -0
  136. data/spec/unit/network/formats_spec.rb +41 -0
  137. data/spec/unit/network/http/api/indirected_routes_spec.rb +0 -4
  138. data/spec/unit/network/http/api/master_spec.rb +38 -0
  139. data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
  140. data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
  141. data/spec/unit/network/http/api_spec.rb +11 -11
  142. data/spec/unit/parser/compiler_spec.rb +3 -19
  143. data/spec/unit/parser/resource_spec.rb +14 -8
  144. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +20 -0
  145. data/spec/unit/pops/loaders/dependency_loader_spec.rb +1 -1
  146. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  147. data/spec/unit/pops/types/type_parser_spec.rb +2 -1
  148. data/spec/unit/pops/validator/validator_spec.rb +20 -43
  149. data/spec/unit/property_spec.rb +1 -0
  150. data/spec/unit/provider/group/groupadd_spec.rb +5 -2
  151. data/spec/unit/provider/nameservice_spec.rb +66 -65
  152. data/spec/unit/provider/package/apt_spec.rb +28 -23
  153. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  154. data/spec/unit/provider/package/base_spec.rb +6 -5
  155. data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
  156. data/spec/unit/provider/package/pacman_spec.rb +18 -12
  157. data/spec/unit/provider/package/pip_spec.rb +6 -11
  158. data/spec/unit/provider/package/pkgdmg_spec.rb +0 -4
  159. data/spec/unit/provider/package/puppet_gem_spec.rb +28 -0
  160. data/spec/unit/provider/service/systemd_spec.rb +11 -0
  161. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  162. data/spec/unit/provider/user/useradd_spec.rb +70 -3
  163. data/spec/unit/provider_spec.rb +6 -8
  164. data/spec/unit/resource/type_spec.rb +1 -1
  165. data/spec/unit/resource_spec.rb +11 -10
  166. data/spec/unit/settings_spec.rb +13 -6
  167. data/spec/unit/ssl/base_spec.rb +0 -1
  168. data/spec/unit/ssl/certificate_request_spec.rb +4 -10
  169. data/spec/unit/ssl/ssl_provider_spec.rb +5 -2
  170. data/spec/unit/transaction/additional_resource_generator_spec.rb +3 -7
  171. data/spec/unit/transaction/event_manager_spec.rb +14 -11
  172. data/spec/unit/transaction_spec.rb +13 -4
  173. data/spec/unit/type/file/content_spec.rb +0 -1
  174. data/spec/unit/type/file/selinux_spec.rb +0 -2
  175. data/spec/unit/type/file_spec.rb +0 -6
  176. data/spec/unit/type/group_spec.rb +13 -6
  177. data/spec/unit/type/resources_spec.rb +7 -7
  178. data/spec/unit/type/service_spec.rb +1 -1
  179. data/spec/unit/type/tidy_spec.rb +0 -1
  180. data/spec/unit/type_spec.rb +2 -2
  181. data/spec/unit/util/at_fork_spec.rb +2 -2
  182. data/spec/unit/util/autoload_spec.rb +5 -1
  183. data/spec/unit/util/backups_spec.rb +1 -2
  184. data/spec/unit/util/execution_spec.rb +15 -11
  185. data/spec/unit/util/inifile_spec.rb +6 -14
  186. data/spec/unit/util/log_spec.rb +8 -7
  187. data/spec/unit/util/logging_spec.rb +3 -3
  188. data/spec/unit/util/posix_spec.rb +16 -10
  189. data/spec/unit/util/selinux_spec.rb +76 -52
  190. data/spec/unit/util/suidmanager_spec.rb +44 -41
  191. data/spec/unit/util/windows/sid_spec.rb +6 -0
  192. data/spec/unit/util_spec.rb +13 -6
  193. metadata +18 -16
  194. data/spec/lib/matchers/include.rb +0 -27
  195. data/spec/lib/matchers/include_spec.rb +0 -32
  196. data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
  197. data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
  198. data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -443,13 +443,9 @@ describe Puppet::Util::IniConfig::FileCollection do
443
443
  end
444
444
 
445
445
  it "yields every section from every file" do
446
- [sect_a1, sect_a2, sect_b1, sect_b2].each do |sect|
447
- expect(sect).to receive(:touch).once
448
- end
449
-
450
- subject.each_section do |sect|
451
- sect.touch
452
- end
446
+ expect { |b|
447
+ subject.each_section(&b)
448
+ }.to yield_successive_args(sect_a1, sect_a2, sect_b1, sect_b2)
453
449
  end
454
450
  end
455
451
 
@@ -460,13 +456,9 @@ describe Puppet::Util::IniConfig::FileCollection do
460
456
  end
461
457
 
462
458
  it "yields the path to every file in the collection" do
463
- seen = []
464
- subject.each_file do |file|
465
- seen << file
466
- end
467
-
468
- expect(seen).to include(path_a)
469
- expect(seen).to include(path_b)
459
+ expect { |b|
460
+ subject.each_file(&b)
461
+ }.to yield_successive_args(path_a, path_b)
470
462
  end
471
463
  end
472
464
 
@@ -111,16 +111,20 @@ describe Puppet::Util::Log do
111
111
  end
112
112
 
113
113
  it "should fall back to :eventlog" do
114
- allow(Puppet.features).to receive(:syslog?).and_return(false)
115
- allow(Puppet.features).to receive(:eventlog?).and_return(true)
114
+ without_partial_double_verification do
115
+ allow(Puppet.features).to receive(:syslog?).and_return(false)
116
+ allow(Puppet.features).to receive(:eventlog?).and_return(true)
117
+ end
116
118
  expect(Puppet::Util::Log).to receive(:newdestination).with(:eventlog)
117
119
 
118
120
  Puppet::Util::Log.setup_default
119
121
  end
120
122
 
121
123
  it "should fall back to :file" do
122
- allow(Puppet.features).to receive(:syslog?).and_return(false)
123
- allow(Puppet.features).to receive(:eventlog?).and_return(false)
124
+ without_partial_double_verification do
125
+ allow(Puppet.features).to receive(:syslog?).and_return(false)
126
+ allow(Puppet.features).to receive(:eventlog?).and_return(false)
127
+ end
124
128
  expect(Puppet::Util::Log).to receive(:newdestination).with(Puppet[:puppetdlog])
125
129
 
126
130
  Puppet::Util::Log.setup_default
@@ -224,9 +228,6 @@ describe Puppet::Util::Log do
224
228
  describe Puppet::Util::Log::DestEventlog, :if => Puppet.features.eventlog? do
225
229
  before :each do
226
230
  allow(Puppet::Util::Windows::EventLog).to receive(:open).and_return(double('mylog', :close => nil))
227
- allow(Puppet::Util::Windows::EventLog).to receive(:report_event)
228
- allow(Puppet::Util::Windows::EventLog).to receive(:close)
229
- allow(Puppet.features).to receive(:eventlog?).and_return(true)
230
231
  end
231
232
 
232
233
  it "should restrict its suitability to Windows" do
@@ -552,7 +552,7 @@ original
552
552
 
553
553
  describe 'does support debugging' do
554
554
  before :each do
555
- allow(Facter).to receive(:respond_to?).with(:debugging).and_return(true)
555
+ allow(Facter).to receive(:respond_to?).with(:debugging, any_args).and_return(true)
556
556
  end
557
557
 
558
558
  it 'enables Facter debugging when debug level' do
@@ -568,7 +568,7 @@ original
568
568
 
569
569
  describe 'does support trace' do
570
570
  before :each do
571
- allow(Facter).to receive(:respond_to?).with(:trace).and_return(true)
571
+ allow(Facter).to receive(:respond_to?).with(:trace, any_args).and_return(true)
572
572
  end
573
573
 
574
574
  it 'enables Facter trace when enabled' do
@@ -584,7 +584,7 @@ original
584
584
 
585
585
  describe 'does support on_message' do
586
586
  before :each do
587
- allow(Facter).to receive(:respond_to?).with(:on_message).and_return(true)
587
+ allow(Facter).to receive(:respond_to?).with(:on_message, any_args).and_return(true)
588
588
  end
589
589
 
590
590
  def setup(level, message)
@@ -63,7 +63,7 @@ describe Puppet::Util::POSIX do
63
63
  end
64
64
 
65
65
  before(:each) do
66
- allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist).and_return(true)
66
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
67
67
  end
68
68
 
69
69
  describe 'when it uses FFI function getgrouplist' do
@@ -77,7 +77,7 @@ describe Puppet::Util::POSIX do
77
77
  context 'for user1' do
78
78
  let(:user) { 'user1' }
79
79
  let(:expected_groups) { ['group1', 'group3'] }
80
-
80
+
81
81
  before(:each) do
82
82
  prepare_user_and_groups_env(user, expected_groups)
83
83
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
@@ -96,9 +96,10 @@ describe Puppet::Util::POSIX do
96
96
  context 'for user2' do
97
97
  let(:user) { 'user2' }
98
98
  let(:expected_groups) { ['group1', 'group2', 'group4'] }
99
-
99
+
100
100
  before(:each) do
101
101
  prepare_user_and_groups_env(user, expected_groups)
102
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
102
103
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
103
104
  end
104
105
 
@@ -116,9 +117,10 @@ describe Puppet::Util::POSIX do
116
117
  describe 'when there are no groups' do
117
118
  let(:user) { 'nomembers' }
118
119
  let(:expected_groups) { [] }
119
-
120
+
120
121
  before(:each) do
121
122
  prepare_user_and_groups_env(user, expected_groups)
123
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
122
124
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
123
125
  end
124
126
 
@@ -138,6 +140,7 @@ describe Puppet::Util::POSIX do
138
140
 
139
141
  before(:each) do
140
142
  prepare_user_and_groups_env(user, expected_groups)
143
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
141
144
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
142
145
  end
143
146
 
@@ -157,6 +160,7 @@ describe Puppet::Util::POSIX do
157
160
 
158
161
  before(:each) do
159
162
  prepare_user_and_groups_env(user, expected_groups)
163
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
160
164
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
161
165
  end
162
166
 
@@ -184,6 +188,7 @@ describe Puppet::Util::POSIX do
184
188
  let(:expected_groups) { ['root'] }
185
189
 
186
190
  before(:each) do
191
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
187
192
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(1)
188
193
  end
189
194
 
@@ -206,6 +211,7 @@ describe Puppet::Util::POSIX do
206
211
  allow(FFI::MemoryPointer).to receive(:new).with(:uint, Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS * 2).and_yield(groups_ptr)
207
212
  allow(ngroups_ptr).to receive(:write_int).with(Puppet::FFI::POSIX::Constants::MAXIMUM_NUMBER_OF_GROUPS * 2).and_return(ngroups_ptr)
208
213
 
214
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(true)
209
215
  allow(Puppet::FFI::POSIX::Functions).to receive(:getgrouplist).and_return(-1, 1)
210
216
  end
211
217
 
@@ -233,7 +239,7 @@ describe Puppet::Util::POSIX do
233
239
  allow(Puppet::Etc).to receive(:getpwnam).with(user).and_raise(ArgumentError, "can't find user for #{user}")
234
240
  allow(Puppet).to receive(:debug)
235
241
 
236
- expect(Puppet::FFI::POSIX::Functions).not_to receive(:getgrouplist)
242
+ allow(Puppet::FFI::POSIX::Functions).to receive(:respond_to?).with(:getgrouplist, any_args).and_return(false)
237
243
  end
238
244
 
239
245
  describe 'when there are groups' do
@@ -246,7 +252,7 @@ describe Puppet::Util::POSIX do
246
252
  end
247
253
 
248
254
  it 'logs a debug message' do
249
- expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
255
+ expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: The 'getgrouplist' method is not available")
250
256
  Puppet::Util::POSIX.groups_of(user)
251
257
  end
252
258
  end
@@ -260,7 +266,7 @@ describe Puppet::Util::POSIX do
260
266
  end
261
267
 
262
268
  it 'logs a debug message' do
263
- expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
269
+ expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: The 'getgrouplist' method is not available")
264
270
  Puppet::Util::POSIX.groups_of(user)
265
271
  end
266
272
  end
@@ -275,7 +281,7 @@ describe Puppet::Util::POSIX do
275
281
  end
276
282
 
277
283
  it 'logs a debug message' do
278
- expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
284
+ expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: The 'getgrouplist' method is not available")
279
285
  Puppet::Util::POSIX.groups_of(user)
280
286
  end
281
287
  end
@@ -289,7 +295,7 @@ describe Puppet::Util::POSIX do
289
295
  end
290
296
 
291
297
  it 'logs a debug message' do
292
- expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
298
+ expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: The 'getgrouplist' method is not available")
293
299
  Puppet::Util::POSIX.groups_of(user)
294
300
  end
295
301
  end
@@ -303,7 +309,7 @@ describe Puppet::Util::POSIX do
303
309
  end
304
310
 
305
311
  it 'logs a debug message' do
306
- expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: can't find user for #{user}")
312
+ expect(Puppet).to receive(:debug).with("Falling back to Puppet::Etc.group: The 'getgrouplist' method is not available")
307
313
  Puppet::Util::POSIX.groups_of(user)
308
314
  end
309
315
  end
@@ -111,15 +111,19 @@ describe Puppet::Util::SELinux do
111
111
  end
112
112
 
113
113
  it "should return a context" do
114
- expect(self).to receive(:selinux_support?).and_return(true)
115
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
116
- expect(get_selinux_current_context("/foo")).to eq("user_u:role_r:type_t:s0")
114
+ without_partial_double_verification do
115
+ expect(self).to receive(:selinux_support?).and_return(true)
116
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
117
+ expect(get_selinux_current_context("/foo")).to eq("user_u:role_r:type_t:s0")
118
+ end
117
119
  end
118
120
 
119
121
  it "should return nil if lgetfilecon fails" do
120
- expect(self).to receive(:selinux_support?).and_return(true)
121
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return(-1)
122
- expect(get_selinux_current_context("/foo")).to be_nil
122
+ without_partial_double_verification do
123
+ expect(self).to receive(:selinux_support?).and_return(true)
124
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return(-1)
125
+ expect(get_selinux_current_context("/foo")).to be_nil
126
+ end
123
127
  end
124
128
  end
125
129
 
@@ -130,47 +134,57 @@ describe Puppet::Util::SELinux do
130
134
  end
131
135
 
132
136
  it "should return a context if a default context exists" do
133
- expect(self).to receive(:selinux_support?).and_return(true)
134
- fstat = double('File::Stat', :mode => 0)
135
- expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
136
- expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
137
- expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return([0, "user_u:role_r:type_t:s0"])
138
-
139
- expect(get_selinux_default_context("/foo")).to eq("user_u:role_r:type_t:s0")
137
+ without_partial_double_verification do
138
+ expect(self).to receive(:selinux_support?).and_return(true)
139
+ fstat = double('File::Stat', :mode => 0)
140
+ expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
141
+ expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
142
+ expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return([0, "user_u:role_r:type_t:s0"])
143
+
144
+ expect(get_selinux_default_context("/foo")).to eq("user_u:role_r:type_t:s0")
145
+ end
140
146
  end
141
147
 
142
148
  it "handles permission denied errors by issuing a warning" do
143
- allow(self).to receive(:selinux_support?).and_return(true)
144
- allow(self).to receive(:selinux_label_support?).and_return(true)
145
- allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
146
- allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::EACCES, "/root/chuj")
149
+ without_partial_double_verification do
150
+ allow(self).to receive(:selinux_support?).and_return(true)
151
+ allow(self).to receive(:selinux_label_support?).and_return(true)
152
+ allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
153
+ allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::EACCES, "/root/chuj")
147
154
 
148
- expect(get_selinux_default_context("/root/chuj")).to be_nil
155
+ expect(get_selinux_default_context("/root/chuj")).to be_nil
156
+ end
149
157
  end
150
158
 
151
159
  it "handles no such file or directory errors by issuing a warning" do
152
- allow(self).to receive(:selinux_support?).and_return(true)
153
- allow(self).to receive(:selinux_label_support?).and_return(true)
154
- allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
155
- allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
160
+ without_partial_double_verification do
161
+ allow(self).to receive(:selinux_support?).and_return(true)
162
+ allow(self).to receive(:selinux_label_support?).and_return(true)
163
+ allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
164
+ allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
156
165
 
157
- expect(get_selinux_default_context("/root/chuj")).to be_nil
166
+ expect(get_selinux_default_context("/root/chuj")).to be_nil
167
+ end
158
168
  end
159
169
 
160
170
  it "should return nil if matchpathcon returns failure" do
161
- expect(self).to receive(:selinux_support?).and_return(true)
162
- fstat = double('File::Stat', :mode => 0)
163
- expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
164
- expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
165
- expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return(-1)
166
-
167
- expect(get_selinux_default_context("/foo")).to be_nil
171
+ without_partial_double_verification do
172
+ expect(self).to receive(:selinux_support?).and_return(true)
173
+ fstat = double('File::Stat', :mode => 0)
174
+ expect(Puppet::FileSystem).to receive(:lstat).with('/foo').and_return(fstat)
175
+ expect(self).to receive(:find_fs).with("/foo").and_return("ext3")
176
+ expect(Selinux).to receive(:matchpathcon).with("/foo", 0).and_return(-1)
177
+
178
+ expect(get_selinux_default_context("/foo")).to be_nil
179
+ end
168
180
  end
169
181
 
170
182
  it "should return nil if selinux_label_support returns false" do
171
- expect(self).to receive(:selinux_support?).and_return(true)
172
- expect(self).to receive(:find_fs).with("/foo").and_return("nfs")
173
- expect(get_selinux_default_context("/foo")).to be_nil
183
+ without_partial_double_verification do
184
+ expect(self).to receive(:selinux_support?).and_return(true)
185
+ expect(self).to receive(:find_fs).with("/foo").and_return("nfs")
186
+ expect(get_selinux_default_context("/foo")).to be_nil
187
+ end
174
188
  end
175
189
  end
176
190
 
@@ -261,37 +275,47 @@ describe Puppet::Util::SELinux do
261
275
  end
262
276
 
263
277
  it "should use lsetfilecon to set a context" do
264
- expect(self).to receive(:selinux_support?).and_return(true)
265
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
266
- expect(set_selinux_context("/foo", "user_u:role_r:type_t:s0")).to be_truthy
278
+ without_partial_double_verification do
279
+ expect(self).to receive(:selinux_support?).and_return(true)
280
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
281
+ expect(set_selinux_context("/foo", "user_u:role_r:type_t:s0")).to be_truthy
282
+ end
267
283
  end
268
284
 
269
285
  it "should use lsetfilecon to set user_u user context" do
270
- expect(self).to receive(:selinux_support?).and_return(true)
271
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "foo:role_r:type_t:s0"])
272
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
273
- expect(set_selinux_context("/foo", "user_u", :seluser)).to be_truthy
286
+ without_partial_double_verification do
287
+ expect(self).to receive(:selinux_support?).and_return(true)
288
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "foo:role_r:type_t:s0"])
289
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
290
+ expect(set_selinux_context("/foo", "user_u", :seluser)).to be_truthy
291
+ end
274
292
  end
275
293
 
276
294
  it "should use lsetfilecon to set role_r role context" do
277
- expect(self).to receive(:selinux_support?).and_return(true)
278
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:foo:type_t:s0"])
279
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
280
- expect(set_selinux_context("/foo", "role_r", :selrole)).to be_truthy
295
+ without_partial_double_verification do
296
+ expect(self).to receive(:selinux_support?).and_return(true)
297
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:foo:type_t:s0"])
298
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
299
+ expect(set_selinux_context("/foo", "role_r", :selrole)).to be_truthy
300
+ end
281
301
  end
282
302
 
283
303
  it "should use lsetfilecon to set type_t type context" do
284
- expect(self).to receive(:selinux_support?).and_return(true)
285
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:foo:s0"])
286
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
287
- expect(set_selinux_context("/foo", "type_t", :seltype)).to be_truthy
304
+ without_partial_double_verification do
305
+ expect(self).to receive(:selinux_support?).and_return(true)
306
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:foo:s0"])
307
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").and_return(0)
308
+ expect(set_selinux_context("/foo", "type_t", :seltype)).to be_truthy
309
+ end
288
310
  end
289
311
 
290
312
  it "should use lsetfilecon to set s0:c3,c5 range context" do
291
- expect(self).to receive(:selinux_support?).and_return(true)
292
- expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
293
- expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0:c3,c5").and_return(0)
294
- expect(set_selinux_context("/foo", "s0:c3,c5", :selrange)).to be_truthy
313
+ without_partial_double_verification do
314
+ expect(self).to receive(:selinux_support?).and_return(true)
315
+ expect(Selinux).to receive(:lgetfilecon).with("/foo").and_return([0, "user_u:role_r:type_t:s0"])
316
+ expect(Selinux).to receive(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0:c3,c5").and_return(0)
317
+ expect(set_selinux_context("/foo", "s0:c3,c5", :selrange)).to be_truthy
318
+ end
295
319
  end
296
320
  end
297
321
 
@@ -14,12 +14,14 @@ describe Puppet::Util::SUIDManager do
14
14
  pwent = double('pwent', :name => 'fred', :uid => 42, :gid => 42)
15
15
  allow(Etc).to receive(:getpwuid).with(42).and_return(pwent)
16
16
 
17
- [:euid, :egid, :uid, :gid, :groups].each do |id|
18
- allow(Process).to receive("#{id}=") {|value| xids[id] = value}
17
+ unless Puppet::Util::Platform.windows?
18
+ [:euid, :egid, :uid, :gid, :groups].each do |id|
19
+ allow(Process).to receive("#{id}=") {|value| xids[id] = value}
20
+ end
19
21
  end
20
22
  end
21
23
 
22
- describe "#initgroups" do
24
+ describe "#initgroups", unless: Puppet::Util::Platform.windows? do
23
25
  it "should use the primary group of the user as the 'basegid'" do
24
26
  expect(Process).to receive(:initgroups).with('fred', 42)
25
27
  described_class.initgroups(42)
@@ -27,7 +29,7 @@ describe Puppet::Util::SUIDManager do
27
29
  end
28
30
 
29
31
  describe "#uid" do
30
- it "should allow setting euid/egid" do
32
+ it "should allow setting euid/egid", unless: Puppet::Util::Platform.windows? do
31
33
  Puppet::Util::SUIDManager.egid = user[:gid]
32
34
  Puppet::Util::SUIDManager.euid = user[:uid]
33
35
 
@@ -37,8 +39,7 @@ describe Puppet::Util::SUIDManager do
37
39
  end
38
40
 
39
41
  describe "#asuser" do
40
- it "should not get or set euid/egid when not root" do
41
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
42
+ it "should not get or set euid/egid when not root", unless: Puppet::Util::Platform.windows? do
42
43
  allow(Process).to receive(:uid).and_return(1)
43
44
 
44
45
  allow(Process).to receive(:egid).and_return(51)
@@ -49,13 +50,12 @@ describe Puppet::Util::SUIDManager do
49
50
  expect(xids).to be_empty
50
51
  end
51
52
 
52
- context "when root and not windows" do
53
+ context "when root and not Windows" do
53
54
  before :each do
54
55
  allow(Process).to receive(:uid).and_return(0)
55
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
56
56
  end
57
57
 
58
- it "should set euid/egid" do
58
+ it "should set euid/egid", unless: Puppet::Util::Platform.windows? do
59
59
  allow(Process).to receive(:egid).and_return(51, 51, user[:gid])
60
60
  allow(Process).to receive(:euid).and_return(50, 50, user[:uid])
61
61
 
@@ -79,29 +79,23 @@ describe Puppet::Util::SUIDManager do
79
79
  end
80
80
 
81
81
  it "should just yield if user and group are nil" do
82
- yielded = false
83
- Puppet::Util::SUIDManager.asuser(nil, nil) { yielded = true }
84
- expect(yielded).to be_truthy
82
+ expect { |b| Puppet::Util::SUIDManager.asuser(nil, nil, &b) }.to yield_control
85
83
  expect(xids).to eq({})
86
84
  end
87
85
 
88
- it "should just change group if only group is given" do
89
- yielded = false
90
- Puppet::Util::SUIDManager.asuser(nil, 42) { yielded = true }
91
- expect(yielded).to be_truthy
86
+ it "should just change group if only group is given", unless: Puppet::Util::Platform.windows? do
87
+ expect { |b| Puppet::Util::SUIDManager.asuser(nil, 42, &b) }.to yield_control
92
88
  expect(xids).to eq({ :egid => 42 })
93
89
  end
94
90
 
95
- it "should change gid to the primary group of uid by default" do
91
+ it "should change gid to the primary group of uid by default", unless: Puppet::Util::Platform.windows? do
96
92
  allow(Process).to receive(:initgroups)
97
93
 
98
- yielded = false
99
- Puppet::Util::SUIDManager.asuser(42) { yielded = true }
100
- expect(yielded).to be_truthy
94
+ expect { |b| Puppet::Util::SUIDManager.asuser(42, nil, &b) }.to yield_control
101
95
  expect(xids).to eq({ :euid => 42, :egid => 42 })
102
96
  end
103
97
 
104
- it "should change both uid and gid if given" do
98
+ it "should change both uid and gid if given", unless: Puppet::Util::Platform.windows? do
105
99
  # I don't like the sequence, but it is the only way to assert on the
106
100
  # internal behaviour in a reliable fashion, given we need multiple
107
101
  # sequenced calls to the same methods. --daniel 2012-02-05
@@ -110,21 +104,23 @@ describe Puppet::Util::SUIDManager do
110
104
  expect(Puppet::Util::SUIDManager).to receive(:change_group).with(Puppet::Util::SUIDManager.egid, false).ordered()
111
105
  expect(Puppet::Util::SUIDManager).to receive(:change_user).with(Puppet::Util::SUIDManager.euid, false).ordered()
112
106
 
113
- yielded = false
114
- Puppet::Util::SUIDManager.asuser(42, 43) { yielded = true }
115
- expect(yielded).to be_truthy
107
+ expect { |b| Puppet::Util::SUIDManager.asuser(42, 43, &b) }.to yield_control
116
108
  end
117
109
  end
118
110
 
119
- it "should not get or set euid/egid on Windows", if: Puppet::Util::Platform.windows? do
120
- Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) {}
121
-
122
- expect(xids).to be_empty
111
+ it "should just yield on Windows", if: Puppet::Util::Platform.windows? do
112
+ expect { |b| Puppet::Util::SUIDManager.asuser(1, 2, &b) }.to yield_control
123
113
  end
124
114
  end
125
115
 
126
116
  describe "#change_group" do
127
- describe "when changing permanently" do
117
+ it "raises on Windows", if: Puppet::Util::Platform.windows? do
118
+ expect {
119
+ Puppet::Util::SUIDManager.change_group(42, true)
120
+ }.to raise_error(NotImplementedError, /change_privilege\(\) function is unimplemented/)
121
+ end
122
+
123
+ describe "when changing permanently", unless: Puppet::Util::Platform.windows? do
128
124
  it "should change_privilege" do
129
125
  expect(Process::GID).to receive(:change_privilege) do |gid|
130
126
  Process.gid = gid
@@ -150,7 +146,7 @@ describe Puppet::Util::SUIDManager do
150
146
  end
151
147
  end
152
148
 
153
- describe "when changing temporarily" do
149
+ describe "when changing temporarily", unless: Puppet::Util::Platform.windows? do
154
150
  it "should change only egid" do
155
151
  Puppet::Util::SUIDManager.change_group(42, false)
156
152
 
@@ -161,7 +157,13 @@ describe Puppet::Util::SUIDManager do
161
157
  end
162
158
 
163
159
  describe "#change_user" do
164
- describe "when changing permanently" do
160
+ it "raises on Windows", if: Puppet::Util::Platform.windows? do
161
+ expect {
162
+ Puppet::Util::SUIDManager.change_user(42, true)
163
+ }.to raise_error(NotImplementedError, /initgroups\(\) function is unimplemented/)
164
+ end
165
+
166
+ describe "when changing permanently", unless: Puppet::Util::Platform.windows? do
165
167
  it "should change_privilege" do
166
168
  expect(Process::UID).to receive(:change_privilege) do |uid|
167
169
  Process.uid = uid
@@ -191,7 +193,7 @@ describe Puppet::Util::SUIDManager do
191
193
  end
192
194
  end
193
195
 
194
- describe "when changing temporarily" do
196
+ describe "when changing temporarily", unless: Puppet::Util::Platform.windows? do
195
197
  it "should change only euid and groups" do
196
198
  allow(Puppet::Util::SUIDManager).to receive(:initgroups).and_return([])
197
199
  Puppet::Util::SUIDManager.change_user(42, false)
@@ -221,12 +223,7 @@ describe Puppet::Util::SUIDManager do
221
223
  end
222
224
 
223
225
  describe "#root?" do
224
- describe "on POSIX systems" do
225
- before :each do
226
- allow(Puppet.features).to receive(:posix?).and_return(true)
227
- allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
228
- end
229
-
226
+ describe "on POSIX systems", unless: Puppet::Util::Platform.windows? do
230
227
  it "should be root if uid is 0" do
231
228
  allow(Process).to receive(:uid).and_return(0)
232
229
 
@@ -240,7 +237,7 @@ describe Puppet::Util::SUIDManager do
240
237
  end
241
238
  end
242
239
 
243
- describe "on Microsoft Windows", :if => Puppet::Util::Platform.windows? do
240
+ describe "on Windows", :if => Puppet::Util::Platform.windows? do
244
241
  it "should be root if user is privileged" do
245
242
  allow(Puppet::Util::Windows::User).to receive(:admin?).and_return(true)
246
243
 
@@ -261,13 +258,19 @@ describe 'Puppet::Util::SUIDManager#groups=' do
261
258
  Puppet::Util::SUIDManager
262
259
  end
263
260
 
264
- it "(#3419) should rescue Errno::EINVAL on OS X" do
261
+ it "raises on Windows", if: Puppet::Util::Platform.windows? do
262
+ expect {
263
+ subject.groups = []
264
+ }.to raise_error(NotImplementedError, /groups=\(\) function is unimplemented/)
265
+ end
266
+
267
+ it "(#3419) should rescue Errno::EINVAL on OS X", unless: Puppet::Util::Platform.windows? do
265
268
  expect(Process).to receive(:groups=).and_raise(Errno::EINVAL, 'blew up')
266
269
  expect(subject).to receive(:osx_maj_ver).and_return('10.7').twice
267
270
  subject.groups = ['list', 'of', 'groups']
268
271
  end
269
272
 
270
- it "(#3419) should fail if an Errno::EINVAL is raised NOT on OS X" do
273
+ it "(#3419) should fail if an Errno::EINVAL is raised NOT on OS X", unless: Puppet::Util::Platform.windows? do
271
274
  expect(Process).to receive(:groups=).and_raise(Errno::EINVAL, 'blew up')
272
275
  expect(subject).to receive(:osx_maj_ver).and_return(false)
273
276
  expect { subject.groups = ['list', 'of', 'groups'] }.to raise_error(Errno::EINVAL)