puppet 7.6.1-universal-darwin → 7.10.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (816) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +7 -7
  3. data/Gemfile +2 -1
  4. data/Gemfile.lock +18 -18
  5. data/README.md +4 -4
  6. data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
  7. data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
  8. data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
  9. data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
  10. data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
  11. data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
  12. data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
  13. data/{ext → examples}/nagios/check_puppet.rb +2 -2
  14. data/ext/README.md +13 -0
  15. data/ext/osx/puppet.plist +2 -0
  16. data/ext/project_data.yaml +1 -0
  17. data/install.rb +11 -15
  18. data/lib/hiera_puppet.rb +1 -1
  19. data/lib/puppet.rb +40 -40
  20. data/lib/puppet/agent.rb +6 -6
  21. data/lib/puppet/agent/disabler.rb +1 -1
  22. data/lib/puppet/agent/locker.rb +2 -2
  23. data/lib/puppet/application.rb +6 -6
  24. data/lib/puppet/application/agent.rb +18 -11
  25. data/lib/puppet/application/apply.rb +6 -5
  26. data/lib/puppet/application/catalog.rb +1 -1
  27. data/lib/puppet/application/config.rb +1 -1
  28. data/lib/puppet/application/describe.rb +1 -1
  29. data/lib/puppet/application/device.rb +8 -7
  30. data/lib/puppet/application/doc.rb +7 -7
  31. data/lib/puppet/application/epp.rb +2 -2
  32. data/lib/puppet/application/face_base.rb +2 -2
  33. data/lib/puppet/application/facts.rb +1 -1
  34. data/lib/puppet/application/filebucket.rb +3 -2
  35. data/lib/puppet/application/generate.rb +1 -1
  36. data/lib/puppet/application/help.rb +1 -1
  37. data/lib/puppet/application/indirection_base.rb +1 -1
  38. data/lib/puppet/application/lookup.rb +6 -6
  39. data/lib/puppet/application/module.rb +1 -1
  40. data/lib/puppet/application/node.rb +1 -1
  41. data/lib/puppet/application/parser.rb +2 -2
  42. data/lib/puppet/application/plugin.rb +1 -1
  43. data/lib/puppet/application/report.rb +1 -1
  44. data/lib/puppet/application/resource.rb +18 -4
  45. data/lib/puppet/application/script.rb +6 -5
  46. data/lib/puppet/application/ssl.rb +3 -2
  47. data/lib/puppet/application_support.rb +4 -4
  48. data/lib/puppet/compilable_resource_type.rb +1 -1
  49. data/lib/puppet/concurrent/lock.rb +1 -1
  50. data/lib/puppet/configurer.rb +159 -50
  51. data/lib/puppet/configurer/downloader.rb +4 -3
  52. data/lib/puppet/configurer/fact_handler.rb +3 -3
  53. data/lib/puppet/configurer/plugin_handler.rb +1 -1
  54. data/lib/puppet/confine.rb +1 -1
  55. data/lib/puppet/confine/boolean.rb +1 -1
  56. data/lib/puppet/confine/exists.rb +1 -1
  57. data/lib/puppet/confine/false.rb +1 -1
  58. data/lib/puppet/confine/feature.rb +1 -1
  59. data/lib/puppet/confine/true.rb +1 -1
  60. data/lib/puppet/confine/variable.rb +1 -1
  61. data/lib/puppet/confine_collection.rb +1 -1
  62. data/lib/puppet/confiner.rb +1 -1
  63. data/lib/puppet/context.rb +2 -2
  64. data/lib/puppet/context/trusted_information.rb +1 -1
  65. data/lib/puppet/daemon.rb +2 -2
  66. data/lib/puppet/data_binding.rb +1 -1
  67. data/lib/puppet/datatypes/error.rb +1 -1
  68. data/lib/puppet/defaults.rb +67 -33
  69. data/lib/puppet/environments.rb +76 -26
  70. data/lib/puppet/etc.rb +1 -1
  71. data/lib/puppet/external/pson/common.rb +1 -1
  72. data/lib/puppet/external/pson/pure.rb +3 -3
  73. data/lib/puppet/face.rb +1 -1
  74. data/lib/puppet/face/catalog.rb +1 -1
  75. data/lib/puppet/face/config.rb +2 -2
  76. data/lib/puppet/face/epp.rb +6 -6
  77. data/lib/puppet/face/facts.rb +2 -2
  78. data/lib/puppet/face/generate.rb +2 -2
  79. data/lib/puppet/face/help.rb +3 -3
  80. data/lib/puppet/face/help/action.erb +1 -0
  81. data/lib/puppet/face/help/face.erb +1 -0
  82. data/lib/puppet/face/module.rb +3 -3
  83. data/lib/puppet/face/module/install.rb +2 -2
  84. data/lib/puppet/face/node.rb +1 -1
  85. data/lib/puppet/face/node/clean.rb +1 -1
  86. data/lib/puppet/face/parser.rb +4 -4
  87. data/lib/puppet/face/plugin.rb +2 -2
  88. data/lib/puppet/face/report.rb +1 -1
  89. data/lib/puppet/face/resource.rb +1 -1
  90. data/lib/puppet/feature/base.rb +2 -2
  91. data/lib/puppet/feature/bolt.rb +1 -1
  92. data/lib/puppet/feature/cfpropertylist.rb +1 -1
  93. data/lib/puppet/feature/eventlog.rb +1 -1
  94. data/lib/puppet/feature/hiera_eyaml.rb +1 -1
  95. data/lib/puppet/feature/hocon.rb +1 -1
  96. data/lib/puppet/feature/libuser.rb +2 -2
  97. data/lib/puppet/feature/msgpack.rb +1 -1
  98. data/lib/puppet/feature/pe_license.rb +1 -1
  99. data/lib/puppet/feature/selinux.rb +1 -1
  100. data/lib/puppet/feature/ssh.rb +1 -1
  101. data/lib/puppet/feature/telnet.rb +1 -1
  102. data/lib/puppet/feature/zlib.rb +1 -1
  103. data/lib/puppet/ffi/posix.rb +2 -2
  104. data/lib/puppet/ffi/posix/constants.rb +1 -1
  105. data/lib/puppet/ffi/posix/functions.rb +1 -1
  106. data/lib/puppet/ffi/windows.rb +4 -4
  107. data/lib/puppet/ffi/windows/api_types.rb +2 -2
  108. data/lib/puppet/ffi/windows/constants.rb +1 -1
  109. data/lib/puppet/ffi/windows/functions.rb +1 -1
  110. data/lib/puppet/ffi/windows/structs.rb +1 -1
  111. data/lib/puppet/file_bucket/dipper.rb +4 -4
  112. data/lib/puppet/file_bucket/file.rb +3 -3
  113. data/lib/puppet/file_serving/base.rb +2 -2
  114. data/lib/puppet/file_serving/configuration.rb +12 -10
  115. data/lib/puppet/file_serving/configuration/parser.rb +4 -2
  116. data/lib/puppet/file_serving/content.rb +3 -3
  117. data/lib/puppet/file_serving/fileset.rb +16 -4
  118. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  119. data/lib/puppet/file_serving/metadata.rb +6 -6
  120. data/lib/puppet/file_serving/mount.rb +4 -4
  121. data/lib/puppet/file_serving/mount/file.rb +1 -1
  122. data/lib/puppet/file_serving/mount/locales.rb +1 -1
  123. data/lib/puppet/file_serving/mount/modules.rb +1 -1
  124. data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -1
  125. data/lib/puppet/file_serving/mount/plugins.rb +1 -1
  126. data/lib/puppet/file_serving/mount/scripts.rb +24 -0
  127. data/lib/puppet/file_serving/mount/tasks.rb +1 -1
  128. data/lib/puppet/file_serving/terminus_helper.rb +2 -2
  129. data/lib/puppet/file_serving/terminus_selector.rb +1 -1
  130. data/lib/puppet/file_system.rb +9 -9
  131. data/lib/puppet/file_system/file_impl.rb +1 -1
  132. data/lib/puppet/file_system/jruby.rb +1 -1
  133. data/lib/puppet/file_system/path_pattern.rb +1 -1
  134. data/lib/puppet/file_system/uniquefile.rb +1 -1
  135. data/lib/puppet/file_system/windows.rb +4 -4
  136. data/lib/puppet/forge.rb +8 -8
  137. data/lib/puppet/forge/cache.rb +2 -2
  138. data/lib/puppet/forge/errors.rb +3 -3
  139. data/lib/puppet/forge/repository.rb +4 -4
  140. data/lib/puppet/functions/all.rb +1 -1
  141. data/lib/puppet/functions/camelcase.rb +1 -1
  142. data/lib/puppet/functions/capitalize.rb +2 -2
  143. data/lib/puppet/functions/downcase.rb +2 -2
  144. data/lib/puppet/functions/empty.rb +8 -0
  145. data/lib/puppet/functions/find_template.rb +2 -2
  146. data/lib/puppet/functions/get.rb +5 -5
  147. data/lib/puppet/functions/group_by.rb +13 -5
  148. data/lib/puppet/functions/lest.rb +1 -1
  149. data/lib/puppet/functions/new.rb +100 -100
  150. data/lib/puppet/functions/partition.rb +4 -4
  151. data/lib/puppet/functions/require.rb +5 -5
  152. data/lib/puppet/functions/sort.rb +3 -3
  153. data/lib/puppet/functions/strftime.rb +1 -0
  154. data/lib/puppet/functions/tree_each.rb +7 -9
  155. data/lib/puppet/functions/type.rb +4 -4
  156. data/lib/puppet/functions/unwrap.rb +17 -2
  157. data/lib/puppet/functions/upcase.rb +2 -2
  158. data/lib/puppet/functions/versioncmp.rb +1 -1
  159. data/lib/puppet/generate/models/type/type.rb +1 -1
  160. data/lib/puppet/generate/type.rb +2 -2
  161. data/lib/puppet/gettext/config.rb +3 -3
  162. data/lib/puppet/gettext/module_translations.rb +1 -1
  163. data/lib/puppet/graph.rb +6 -6
  164. data/lib/puppet/graph/simple_graph.rb +2 -2
  165. data/lib/puppet/http.rb +26 -26
  166. data/lib/puppet/http/factory.rb +2 -2
  167. data/lib/puppet/http/proxy.rb +1 -1
  168. data/lib/puppet/http/resolver/server_list.rb +15 -4
  169. data/lib/puppet/http/service/compiler.rb +79 -2
  170. data/lib/puppet/http/service/file_server.rb +3 -2
  171. data/lib/puppet/indirector.rb +5 -5
  172. data/lib/puppet/indirector/catalog/compiler.rb +28 -9
  173. data/lib/puppet/indirector/catalog/json.rb +2 -2
  174. data/lib/puppet/indirector/catalog/msgpack.rb +2 -2
  175. data/lib/puppet/indirector/catalog/rest.rb +3 -2
  176. data/lib/puppet/indirector/catalog/store_configs.rb +2 -2
  177. data/lib/puppet/indirector/catalog/yaml.rb +2 -2
  178. data/lib/puppet/indirector/code.rb +1 -1
  179. data/lib/puppet/indirector/data_binding/hiera.rb +1 -1
  180. data/lib/puppet/indirector/data_binding/none.rb +1 -1
  181. data/lib/puppet/indirector/direct_file_server.rb +2 -2
  182. data/lib/puppet/indirector/envelope.rb +1 -1
  183. data/lib/puppet/indirector/errors.rb +1 -1
  184. data/lib/puppet/indirector/exec.rb +2 -2
  185. data/lib/puppet/indirector/face.rb +1 -1
  186. data/lib/puppet/indirector/facts/facter.rb +2 -2
  187. data/lib/puppet/indirector/facts/json.rb +3 -3
  188. data/lib/puppet/indirector/facts/memory.rb +2 -2
  189. data/lib/puppet/indirector/facts/network_device.rb +2 -2
  190. data/lib/puppet/indirector/facts/rest.rb +2 -2
  191. data/lib/puppet/indirector/facts/store_configs.rb +2 -2
  192. data/lib/puppet/indirector/facts/yaml.rb +3 -3
  193. data/lib/puppet/indirector/file_bucket_file/file.rb +4 -4
  194. data/lib/puppet/indirector/file_bucket_file/rest.rb +2 -2
  195. data/lib/puppet/indirector/file_bucket_file/selector.rb +1 -1
  196. data/lib/puppet/indirector/file_content.rb +1 -1
  197. data/lib/puppet/indirector/file_content/file.rb +3 -3
  198. data/lib/puppet/indirector/file_content/file_server.rb +3 -3
  199. data/lib/puppet/indirector/file_content/rest.rb +3 -3
  200. data/lib/puppet/indirector/file_content/selector.rb +4 -4
  201. data/lib/puppet/indirector/file_metadata.rb +1 -1
  202. data/lib/puppet/indirector/file_metadata/file.rb +3 -3
  203. data/lib/puppet/indirector/file_metadata/file_server.rb +3 -3
  204. data/lib/puppet/indirector/file_metadata/http.rb +3 -3
  205. data/lib/puppet/indirector/file_metadata/rest.rb +4 -3
  206. data/lib/puppet/indirector/file_metadata/selector.rb +4 -4
  207. data/lib/puppet/indirector/file_server.rb +4 -4
  208. data/lib/puppet/indirector/generic_http.rb +1 -1
  209. data/lib/puppet/indirector/hiera.rb +1 -1
  210. data/lib/puppet/indirector/indirection.rb +5 -5
  211. data/lib/puppet/indirector/json.rb +2 -2
  212. data/lib/puppet/indirector/memory.rb +1 -1
  213. data/lib/puppet/indirector/msgpack.rb +2 -2
  214. data/lib/puppet/indirector/node/exec.rb +2 -2
  215. data/lib/puppet/indirector/node/json.rb +2 -2
  216. data/lib/puppet/indirector/node/memory.rb +2 -2
  217. data/lib/puppet/indirector/node/msgpack.rb +2 -2
  218. data/lib/puppet/indirector/node/plain.rb +2 -2
  219. data/lib/puppet/indirector/node/rest.rb +2 -2
  220. data/lib/puppet/indirector/node/store_configs.rb +2 -2
  221. data/lib/puppet/indirector/node/yaml.rb +2 -2
  222. data/lib/puppet/indirector/none.rb +1 -1
  223. data/lib/puppet/indirector/plain.rb +1 -1
  224. data/lib/puppet/indirector/report/json.rb +2 -2
  225. data/lib/puppet/indirector/report/msgpack.rb +2 -2
  226. data/lib/puppet/indirector/report/processor.rb +3 -3
  227. data/lib/puppet/indirector/report/rest.rb +1 -1
  228. data/lib/puppet/indirector/report/yaml.rb +2 -2
  229. data/lib/puppet/indirector/request.rb +3 -3
  230. data/lib/puppet/indirector/resource/ral.rb +7 -2
  231. data/lib/puppet/indirector/resource/store_configs.rb +2 -2
  232. data/lib/puppet/indirector/terminus.rb +9 -5
  233. data/lib/puppet/indirector/yaml.rb +2 -2
  234. data/lib/puppet/info_service.rb +3 -3
  235. data/lib/puppet/info_service/class_information_service.rb +3 -3
  236. data/lib/puppet/info_service/plan_information_service.rb +1 -1
  237. data/lib/puppet/info_service/task_information_service.rb +1 -1
  238. data/lib/puppet/interface.rb +10 -10
  239. data/lib/puppet/interface/documentation.rb +2 -1
  240. data/lib/puppet/loaders.rb +21 -21
  241. data/lib/puppet/metatype/manager.rb +3 -3
  242. data/lib/puppet/module.rb +4 -4
  243. data/lib/puppet/module/plan.rb +1 -2
  244. data/lib/puppet/module/task.rb +2 -2
  245. data/lib/puppet/module_tool.rb +10 -10
  246. data/lib/puppet/module_tool/applications.rb +7 -7
  247. data/lib/puppet/module_tool/applications/application.rb +2 -2
  248. data/lib/puppet/module_tool/applications/checksummer.rb +2 -2
  249. data/lib/puppet/module_tool/applications/installer.rb +19 -11
  250. data/lib/puppet/module_tool/applications/unpacker.rb +2 -2
  251. data/lib/puppet/module_tool/applications/upgrader.rb +5 -5
  252. data/lib/puppet/module_tool/checksums.rb +1 -1
  253. data/lib/puppet/module_tool/contents_description.rb +1 -1
  254. data/lib/puppet/module_tool/dependency.rb +2 -2
  255. data/lib/puppet/module_tool/errors.rb +6 -6
  256. data/lib/puppet/module_tool/errors/shared.rb +17 -0
  257. data/lib/puppet/module_tool/install_directory.rb +2 -2
  258. data/lib/puppet/module_tool/installed_modules.rb +2 -2
  259. data/lib/puppet/module_tool/local_tarball.rb +2 -2
  260. data/lib/puppet/module_tool/metadata.rb +3 -3
  261. data/lib/puppet/module_tool/tar.rb +4 -4
  262. data/lib/puppet/module_tool/tar/mini.rb +1 -1
  263. data/lib/puppet/network/format.rb +1 -1
  264. data/lib/puppet/network/format_handler.rb +3 -3
  265. data/lib/puppet/network/format_support.rb +1 -1
  266. data/lib/puppet/network/formats.rb +2 -2
  267. data/lib/puppet/network/http.rb +12 -12
  268. data/lib/puppet/network/http/api.rb +1 -1
  269. data/lib/puppet/network/http/api/indirected_routes.rb +2 -2
  270. data/lib/puppet/network/http/api/master.rb +1 -1
  271. data/lib/puppet/network/http/api/master/v3.rb +2 -2
  272. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -2
  273. data/lib/puppet/network/http/api/server/v3.rb +2 -2
  274. data/lib/puppet/network/http/api/server/v3/environments.rb +1 -1
  275. data/lib/puppet/network/http/connection.rb +1 -1
  276. data/lib/puppet/network/http/error.rb +1 -1
  277. data/lib/puppet/network/http/handler.rb +3 -3
  278. data/lib/puppet/network/http_pool.rb +1 -1
  279. data/lib/puppet/node.rb +3 -3
  280. data/lib/puppet/node/environment.rb +13 -14
  281. data/lib/puppet/node/facts.rb +3 -3
  282. data/lib/puppet/pal/pal_api.rb +10 -10
  283. data/lib/puppet/pal/pal_impl.rb +3 -3
  284. data/lib/puppet/parameter.rb +4 -4
  285. data/lib/puppet/parameter/boolean.rb +1 -1
  286. data/lib/puppet/parameter/package_options.rb +1 -1
  287. data/lib/puppet/parameter/path.rb +1 -1
  288. data/lib/puppet/parameter/value.rb +1 -1
  289. data/lib/puppet/parameter/value_collection.rb +1 -1
  290. data/lib/puppet/parser.rb +10 -10
  291. data/lib/puppet/parser/ast.rb +8 -8
  292. data/lib/puppet/parser/ast/hostclass.rb +1 -1
  293. data/lib/puppet/parser/ast/pops_bridge.rb +2 -2
  294. data/lib/puppet/parser/catalog_compiler.rb +2 -2
  295. data/lib/puppet/parser/compiler.rb +5 -5
  296. data/lib/puppet/parser/e4_parser_adapter.rb +1 -1
  297. data/lib/puppet/parser/functions.rb +4 -4
  298. data/lib/puppet/parser/functions/digest.rb +1 -1
  299. data/lib/puppet/parser/functions/file.rb +1 -1
  300. data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
  301. data/lib/puppet/parser/functions/versioncmp.rb +1 -1
  302. data/lib/puppet/parser/parser_factory.rb +2 -2
  303. data/lib/puppet/parser/resource.rb +3 -3
  304. data/lib/puppet/parser/scope.rb +3 -3
  305. data/lib/puppet/parser/script_compiler.rb +2 -2
  306. data/lib/puppet/parser/templatewrapper.rb +2 -2
  307. data/lib/puppet/parser/type_loader.rb +1 -1
  308. data/lib/puppet/plugins/configuration.rb +5 -5
  309. data/lib/puppet/pops.rb +57 -57
  310. data/lib/puppet/pops/evaluator/deferred_resolver.rb +1 -1
  311. data/lib/puppet/pops/evaluator/evaluator_impl.rb +7 -7
  312. data/lib/puppet/pops/evaluator/external_syntax_support.rb +1 -1
  313. data/lib/puppet/pops/loader/task_instantiator.rb +1 -1
  314. data/lib/puppet/pops/lookup/invocation.rb +1 -1
  315. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  316. data/lib/puppet/pops/model/pn_transformer.rb +1 -1
  317. data/lib/puppet/pops/parser/eparser.rb +2 -2
  318. data/lib/puppet/pops/parser/evaluating_parser.rb +1 -1
  319. data/lib/puppet/pops/parser/lexer2.rb +5 -5
  320. data/lib/puppet/pops/parser/lexer_support.rb +1 -1
  321. data/lib/puppet/pops/parser/parser_support.rb +4 -4
  322. data/lib/puppet/pops/puppet_stack.rb +1 -1
  323. data/lib/puppet/pops/serialization/json.rb +1 -1
  324. data/lib/puppet/pops/serialization/json_path.rb +1 -1
  325. data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
  326. data/lib/puppet/pops/time/timespan.rb +1 -1
  327. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  328. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  329. data/lib/puppet/pops/types/string_converter.rb +1 -1
  330. data/lib/puppet/pops/types/type_calculator.rb +1 -1
  331. data/lib/puppet/pops/types/type_formatter.rb +1 -1
  332. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  333. data/lib/puppet/pops/types/type_parser.rb +1 -1
  334. data/lib/puppet/pops/types/types.rb +1 -1
  335. data/lib/puppet/pops/validation/checker4_0.rb +1 -1
  336. data/lib/puppet/property.rb +3 -3
  337. data/lib/puppet/property/boolean.rb +1 -1
  338. data/lib/puppet/property/ensure.rb +1 -1
  339. data/lib/puppet/property/keyvalue.rb +1 -1
  340. data/lib/puppet/property/list.rb +1 -1
  341. data/lib/puppet/property/ordered_list.rb +1 -1
  342. data/lib/puppet/provider.rb +2 -2
  343. data/lib/puppet/provider/confine.rb +2 -2
  344. data/lib/puppet/provider/exec.rb +2 -2
  345. data/lib/puppet/provider/exec/posix.rb +17 -5
  346. data/lib/puppet/provider/exec/windows.rb +1 -1
  347. data/lib/puppet/provider/file/posix.rb +1 -1
  348. data/lib/puppet/provider/file/windows.rb +1 -1
  349. data/lib/puppet/provider/group/aix.rb +1 -1
  350. data/lib/puppet/provider/group/directoryservice.rb +1 -1
  351. data/lib/puppet/provider/group/groupadd.rb +2 -2
  352. data/lib/puppet/provider/group/ldap.rb +1 -1
  353. data/lib/puppet/provider/group/pw.rb +1 -1
  354. data/lib/puppet/provider/group/windows_adsi.rb +1 -1
  355. data/lib/puppet/provider/ldap.rb +2 -2
  356. data/lib/puppet/provider/nameservice.rb +1 -1
  357. data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
  358. data/lib/puppet/provider/nameservice/objectadd.rb +1 -1
  359. data/lib/puppet/provider/nameservice/pw.rb +1 -1
  360. data/lib/puppet/provider/package.rb +1 -1
  361. data/lib/puppet/provider/package/aix.rb +2 -2
  362. data/lib/puppet/provider/package/appdmg.rb +2 -2
  363. data/lib/puppet/provider/package/apple.rb +1 -1
  364. data/lib/puppet/provider/package/apt.rb +5 -5
  365. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  366. data/lib/puppet/provider/package/dpkg.rb +1 -1
  367. data/lib/puppet/provider/package/gem.rb +3 -3
  368. data/lib/puppet/provider/package/hpux.rb +1 -1
  369. data/lib/puppet/provider/package/macports.rb +2 -2
  370. data/lib/puppet/provider/package/nim.rb +13 -8
  371. data/lib/puppet/provider/package/openbsd.rb +1 -1
  372. data/lib/puppet/provider/package/opkg.rb +1 -1
  373. data/lib/puppet/provider/package/pacman.rb +1 -1
  374. data/lib/puppet/provider/package/pip.rb +18 -6
  375. data/lib/puppet/provider/package/pkg.rb +10 -3
  376. data/lib/puppet/provider/package/pkgdmg.rb +3 -3
  377. data/lib/puppet/provider/package/pkgin.rb +1 -1
  378. data/lib/puppet/provider/package/pkgng.rb +1 -1
  379. data/lib/puppet/provider/package/portage.rb +1 -1
  380. data/lib/puppet/provider/package/portupgrade.rb +1 -1
  381. data/lib/puppet/provider/package/puppetserver_gem.rb +0 -0
  382. data/lib/puppet/provider/package/rpm.rb +2 -2
  383. data/lib/puppet/provider/package/sun.rb +1 -1
  384. data/lib/puppet/provider/package/windows.rb +17 -4
  385. data/lib/puppet/provider/package/windows/exe_package.rb +31 -2
  386. data/lib/puppet/provider/package/windows/msi_package.rb +1 -1
  387. data/lib/puppet/provider/package/windows/package.rb +6 -5
  388. data/lib/puppet/provider/package/yum.rb +6 -6
  389. data/lib/puppet/provider/package/zypper.rb +3 -3
  390. data/lib/puppet/provider/package_targetable.rb +1 -1
  391. data/lib/puppet/provider/parsedfile.rb +6 -3
  392. data/lib/puppet/provider/service/base.rb +6 -4
  393. data/lib/puppet/provider/service/daemontools.rb +0 -1
  394. data/lib/puppet/provider/service/debian.rb +3 -5
  395. data/lib/puppet/provider/service/freebsd.rb +1 -1
  396. data/lib/puppet/provider/service/init.rb +1 -1
  397. data/lib/puppet/provider/service/launchd.rb +10 -4
  398. data/lib/puppet/provider/service/service.rb +28 -3
  399. data/lib/puppet/provider/service/smf.rb +0 -24
  400. data/lib/puppet/provider/service/src.rb +2 -2
  401. data/lib/puppet/provider/service/systemd.rb +18 -8
  402. data/lib/puppet/provider/service/windows.rb +38 -0
  403. data/lib/puppet/provider/user/aix.rb +2 -2
  404. data/lib/puppet/provider/user/directoryservice.rb +26 -13
  405. data/lib/puppet/provider/user/ldap.rb +1 -1
  406. data/lib/puppet/provider/user/openbsd.rb +1 -1
  407. data/lib/puppet/provider/user/pw.rb +1 -1
  408. data/lib/puppet/provider/user/user_role_add.rb +2 -2
  409. data/lib/puppet/provider/user/useradd.rb +45 -12
  410. data/lib/puppet/provider/user/windows_adsi.rb +1 -1
  411. data/lib/puppet/reference/configuration.rb +1 -1
  412. data/lib/puppet/reference/indirection.rb +4 -4
  413. data/lib/puppet/reference/report.rb +1 -1
  414. data/lib/puppet/reports.rb +1 -1
  415. data/lib/puppet/reports/http.rb +2 -2
  416. data/lib/puppet/reports/log.rb +1 -1
  417. data/lib/puppet/reports/store.rb +2 -2
  418. data/lib/puppet/resource.rb +4 -4
  419. data/lib/puppet/resource/catalog.rb +5 -5
  420. data/lib/puppet/resource/status.rb +2 -2
  421. data/lib/puppet/resource/type.rb +4 -4
  422. data/lib/puppet/resource/type_collection.rb +6 -4
  423. data/lib/puppet/runtime.rb +1 -1
  424. data/lib/puppet/scheduler.rb +4 -4
  425. data/lib/puppet/settings.rb +58 -35
  426. data/lib/puppet/settings/autosign_setting.rb +1 -1
  427. data/lib/puppet/settings/base_setting.rb +2 -2
  428. data/lib/puppet/settings/certificate_revocation_setting.rb +1 -1
  429. data/lib/puppet/settings/config_file.rb +2 -9
  430. data/lib/puppet/settings/errors.rb +1 -1
  431. data/lib/puppet/settings/priority_setting.rb +3 -3
  432. data/lib/puppet/settings/value_translator.rb +0 -1
  433. data/lib/puppet/ssl.rb +11 -11
  434. data/lib/puppet/ssl/base.rb +3 -3
  435. data/lib/puppet/ssl/certificate.rb +1 -1
  436. data/lib/puppet/ssl/certificate_request.rb +2 -2
  437. data/lib/puppet/ssl/certificate_request_attributes.rb +2 -2
  438. data/lib/puppet/ssl/oids.rb +1 -1
  439. data/lib/puppet/ssl/openssl_loader.rb +1 -1
  440. data/lib/puppet/ssl/ssl_context.rb +1 -1
  441. data/lib/puppet/ssl/ssl_provider.rb +1 -1
  442. data/lib/puppet/ssl/state_machine.rb +2 -2
  443. data/lib/puppet/ssl/verifier.rb +5 -1
  444. data/lib/puppet/syntax_checkers/base64.rb +1 -1
  445. data/lib/puppet/syntax_checkers/epp.rb +1 -1
  446. data/lib/puppet/syntax_checkers/json.rb +1 -1
  447. data/lib/puppet/syntax_checkers/pp.rb +1 -1
  448. data/lib/puppet/transaction.rb +11 -11
  449. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  450. data/lib/puppet/transaction/event.rb +4 -4
  451. data/lib/puppet/transaction/event_manager.rb +1 -1
  452. data/lib/puppet/transaction/persistence.rb +12 -2
  453. data/lib/puppet/transaction/report.rb +17 -3
  454. data/lib/puppet/transaction/resource_harness.rb +1 -1
  455. data/lib/puppet/type.rb +15 -15
  456. data/lib/puppet/type/component.rb +3 -3
  457. data/lib/puppet/type/exec.rb +26 -4
  458. data/lib/puppet/type/file.rb +43 -25
  459. data/lib/puppet/type/file/checksum.rb +1 -1
  460. data/lib/puppet/type/file/checksum_value.rb +2 -2
  461. data/lib/puppet/type/file/content.rb +2 -2
  462. data/lib/puppet/type/file/data_sync.rb +2 -2
  463. data/lib/puppet/type/file/ensure.rb +1 -1
  464. data/lib/puppet/type/file/group.rb +1 -1
  465. data/lib/puppet/type/file/mode.rb +7 -1
  466. data/lib/puppet/type/file/selcontext.rb +2 -2
  467. data/lib/puppet/type/file/source.rb +4 -4
  468. data/lib/puppet/type/filebucket.rb +3 -3
  469. data/lib/puppet/type/group.rb +2 -2
  470. data/lib/puppet/type/package.rb +2 -2
  471. data/lib/puppet/type/resources.rb +2 -2
  472. data/lib/puppet/type/service.rb +18 -38
  473. data/lib/puppet/type/tidy.rb +25 -6
  474. data/lib/puppet/type/user.rb +43 -25
  475. data/lib/puppet/util.rb +43 -34
  476. data/lib/puppet/util/at_fork.rb +3 -3
  477. data/lib/puppet/util/at_fork/solaris.rb +1 -1
  478. data/lib/puppet/util/autoload.rb +4 -4
  479. data/lib/puppet/util/checksums.rb +3 -3
  480. data/lib/puppet/util/colors.rb +1 -1
  481. data/lib/puppet/util/command_line.rb +6 -6
  482. data/lib/puppet/util/command_line/puppet_option_parser.rb +2 -2
  483. data/lib/puppet/util/execution.rb +2 -2
  484. data/lib/puppet/util/feature.rb +2 -2
  485. data/lib/puppet/util/filetype.rb +1 -1
  486. data/lib/puppet/util/http_proxy.rb +1 -1
  487. data/lib/puppet/util/inifile.rb +2 -2
  488. data/lib/puppet/util/instance_loader.rb +3 -3
  489. data/lib/puppet/util/json_lockfile.rb +1 -1
  490. data/lib/puppet/util/ldap/connection.rb +1 -1
  491. data/lib/puppet/util/ldap/generator.rb +1 -1
  492. data/lib/puppet/util/ldap/manager.rb +3 -3
  493. data/lib/puppet/util/limits.rb +1 -1
  494. data/lib/puppet/util/log.rb +6 -6
  495. data/lib/puppet/util/log/destinations.rb +1 -1
  496. data/lib/puppet/util/logging.rb +2 -2
  497. data/lib/puppet/util/metric.rb +2 -2
  498. data/lib/puppet/util/monkey_patches.rb +9 -20
  499. data/lib/puppet/util/network_device/base.rb +3 -3
  500. data/lib/puppet/util/network_device/config.rb +2 -2
  501. data/lib/puppet/util/network_device/transport.rb +1 -1
  502. data/lib/puppet/util/network_device/transport/base.rb +2 -2
  503. data/lib/puppet/util/package/version/range.rb +6 -6
  504. data/lib/puppet/util/package/version/range/eq.rb +1 -1
  505. data/lib/puppet/util/package/version/range/gt.rb +1 -1
  506. data/lib/puppet/util/package/version/range/gt_eq.rb +1 -1
  507. data/lib/puppet/util/package/version/range/lt.rb +1 -1
  508. data/lib/puppet/util/package/version/range/lt_eq.rb +1 -1
  509. data/lib/puppet/util/package/version/range/min_max.rb +1 -1
  510. data/lib/puppet/util/package/version/range/simple.rb +1 -1
  511. data/lib/puppet/util/package/version/rpm.rb +1 -1
  512. data/lib/puppet/util/pidlock.rb +1 -1
  513. data/lib/puppet/util/plist.rb +1 -1
  514. data/lib/puppet/util/posix.rb +1 -1
  515. data/lib/puppet/util/profiler.rb +3 -3
  516. data/lib/puppet/util/profiler/aggregate.rb +2 -2
  517. data/lib/puppet/util/profiler/object_counts.rb +1 -1
  518. data/lib/puppet/util/profiler/wall_clock.rb +1 -1
  519. data/lib/puppet/util/provider_features.rb +2 -2
  520. data/lib/puppet/util/rdoc.rb +2 -2
  521. data/lib/puppet/util/rdoc/generators/puppet_generator.rb +2 -2
  522. data/lib/puppet/util/rdoc/parser.rb +6 -6
  523. data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -1
  524. data/lib/puppet/util/reference.rb +1 -1
  525. data/lib/puppet/util/resource_template.rb +2 -2
  526. data/lib/puppet/util/rubygems.rb +1 -1
  527. data/lib/puppet/util/selinux.rb +30 -4
  528. data/lib/puppet/util/skip_tags.rb +1 -1
  529. data/lib/puppet/util/storage.rb +1 -1
  530. data/lib/puppet/util/suidmanager.rb +2 -2
  531. data/lib/puppet/util/symbolic_file_mode.rb +30 -18
  532. data/lib/puppet/util/tag_set.rb +1 -1
  533. data/lib/puppet/util/tagging.rb +1 -1
  534. data/lib/puppet/util/watched_file.rb +1 -1
  535. data/lib/puppet/util/watcher.rb +3 -3
  536. data/lib/puppet/util/windows.rb +20 -20
  537. data/lib/puppet/util/windows/access_control_entry.rb +1 -1
  538. data/lib/puppet/util/windows/adsi.rb +1 -1
  539. data/lib/puppet/util/windows/daemon.rb +1 -1
  540. data/lib/puppet/util/windows/error.rb +2 -2
  541. data/lib/puppet/util/windows/file.rb +1 -1
  542. data/lib/puppet/util/windows/monkey_patches/process.rb +2 -2
  543. data/lib/puppet/util/windows/principal.rb +1 -1
  544. data/lib/puppet/util/windows/process.rb +2 -2
  545. data/lib/puppet/util/windows/registry.rb +1 -1
  546. data/lib/puppet/util/windows/root_certs.rb +2 -2
  547. data/lib/puppet/util/windows/security.rb +1 -1
  548. data/lib/puppet/util/windows/security_descriptor.rb +1 -1
  549. data/lib/puppet/util/windows/service.rb +1 -1
  550. data/lib/puppet/util/windows/sid.rb +4 -2
  551. data/lib/puppet/util/windows/user.rb +1 -1
  552. data/lib/puppet/vendor.rb +1 -1
  553. data/lib/puppet/version.rb +1 -1
  554. data/lib/puppet/x509.rb +4 -4
  555. data/lib/puppet/x509/cert_provider.rb +4 -22
  556. data/lib/puppet/x509/pem_store.rb +1 -1
  557. data/lib/puppet_pal.rb +2 -2
  558. data/locales/puppet.pot +441 -357
  559. data/man/man5/puppet.conf.5 +322 -264
  560. data/man/man8/puppet-agent.8 +1 -1
  561. data/man/man8/puppet-apply.8 +1 -1
  562. data/man/man8/puppet-catalog.8 +9 -9
  563. data/man/man8/puppet-config.8 +1 -1
  564. data/man/man8/puppet-describe.8 +1 -1
  565. data/man/man8/puppet-device.8 +1 -1
  566. data/man/man8/puppet-doc.8 +1 -1
  567. data/man/man8/puppet-epp.8 +1 -1
  568. data/man/man8/puppet-facts.8 +7 -7
  569. data/man/man8/puppet-filebucket.8 +1 -1
  570. data/man/man8/puppet-generate.8 +1 -1
  571. data/man/man8/puppet-help.8 +1 -1
  572. data/man/man8/puppet-lookup.8 +1 -1
  573. data/man/man8/puppet-module.8 +3 -3
  574. data/man/man8/puppet-node.8 +5 -5
  575. data/man/man8/puppet-parser.8 +1 -1
  576. data/man/man8/puppet-plugin.8 +1 -1
  577. data/man/man8/puppet-report.8 +5 -5
  578. data/man/man8/puppet-resource.8 +1 -1
  579. data/man/man8/puppet-script.8 +1 -1
  580. data/man/man8/puppet-ssl.8 +1 -1
  581. data/man/man8/puppet.8 +2 -2
  582. data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
  583. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
  584. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
  585. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
  586. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
  587. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
  588. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
  589. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
  590. data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
  591. data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
  592. data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
  593. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
  594. data/spec/fixtures/ssl/ca.pem +57 -35
  595. data/spec/fixtures/ssl/crl.pem +28 -18
  596. data/spec/fixtures/ssl/ec-key-openssl.pem +8 -0
  597. data/spec/fixtures/ssl/ec-key-pk8.pem +5 -0
  598. data/spec/fixtures/ssl/ec-key.pem +11 -11
  599. data/spec/fixtures/ssl/ec.pem +33 -24
  600. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  601. data/spec/fixtures/ssl/encrypted-key.pem +108 -58
  602. data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
  603. data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
  604. data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
  605. data/spec/fixtures/ssl/intermediate.pem +57 -36
  606. data/spec/fixtures/ssl/oid-key.pem +117 -0
  607. data/spec/fixtures/ssl/oid.pem +69 -0
  608. data/spec/fixtures/ssl/pluto-key.pem +107 -57
  609. data/spec/fixtures/ssl/pluto.pem +52 -30
  610. data/spec/fixtures/ssl/request-key.pem +107 -57
  611. data/spec/fixtures/ssl/request.pem +47 -26
  612. data/spec/fixtures/ssl/revoked-key.pem +107 -57
  613. data/spec/fixtures/ssl/revoked.pem +52 -30
  614. data/spec/fixtures/ssl/signed-key.pem +107 -57
  615. data/spec/fixtures/ssl/signed.pem +52 -30
  616. data/spec/fixtures/ssl/tampered-cert.pem +52 -30
  617. data/spec/fixtures/ssl/tampered-csr.pem +47 -26
  618. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
  619. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
  620. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
  621. data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
  622. data/spec/fixtures/ssl/unknown-ca.pem +55 -33
  623. data/spec/integration/application/agent_spec.rb +102 -52
  624. data/spec/integration/application/filebucket_spec.rb +16 -0
  625. data/spec/integration/application/module_spec.rb +21 -0
  626. data/spec/integration/application/resource_spec.rb +64 -0
  627. data/spec/integration/application/ssl_spec.rb +20 -0
  628. data/spec/integration/configurer_spec.rb +17 -1
  629. data/spec/integration/defaults_spec.rb +5 -0
  630. data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
  631. data/spec/integration/indirector/facts/facter_spec.rb +90 -36
  632. data/spec/integration/l10n/compiler_spec.rb +37 -0
  633. data/spec/integration/type/exec_spec.rb +70 -45
  634. data/spec/integration/type/file_spec.rb +5 -5
  635. data/spec/lib/puppet/test_ca.rb +7 -2
  636. data/spec/lib/puppet_spec/files.rb +1 -1
  637. data/spec/lib/puppet_spec/modules.rb +13 -2
  638. data/spec/lib/puppet_spec/puppetserver.rb +15 -0
  639. data/spec/lib/puppet_spec/settings.rb +1 -0
  640. data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
  641. data/spec/shared_contexts/l10n.rb +27 -0
  642. data/spec/shared_contexts/provider.rb +16 -0
  643. data/spec/spec_helper.rb +1 -10
  644. data/spec/unit/application/agent_spec.rb +7 -2
  645. data/spec/unit/configurer/downloader_spec.rb +6 -0
  646. data/spec/unit/configurer_spec.rb +288 -54
  647. data/spec/unit/environments_spec.rb +184 -0
  648. data/spec/unit/file_bucket/dipper_spec.rb +1 -1
  649. data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
  650. data/spec/unit/file_serving/configuration_spec.rb +12 -4
  651. data/spec/unit/file_serving/fileset_spec.rb +60 -0
  652. data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
  653. data/spec/unit/file_system_spec.rb +6 -0
  654. data/spec/unit/functions/assert_type_spec.rb +1 -1
  655. data/spec/unit/functions/empty_spec.rb +10 -0
  656. data/spec/unit/functions/logging_spec.rb +1 -0
  657. data/spec/unit/functions/lookup_spec.rb +23 -0
  658. data/spec/unit/functions/unwrap_spec.rb +8 -0
  659. data/spec/unit/functions4_spec.rb +19 -10
  660. data/spec/unit/gettext/config_spec.rb +12 -0
  661. data/spec/unit/http/service/compiler_spec.rb +131 -0
  662. data/spec/unit/indirector/catalog/compiler_spec.rb +101 -10
  663. data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
  664. data/spec/unit/indirector/resource/ral_spec.rb +40 -75
  665. data/spec/unit/interface/action_spec.rb +0 -9
  666. data/spec/unit/module_spec.rb +14 -0
  667. data/spec/unit/module_tool/applications/installer_spec.rb +52 -14
  668. data/spec/unit/parser/compiler_spec.rb +29 -0
  669. data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
  670. data/spec/unit/parser/templatewrapper_spec.rb +12 -2
  671. data/spec/unit/pops/loaders/dependency_loader_spec.rb +0 -9
  672. data/spec/unit/pops/lookup/context_spec.rb +1 -1
  673. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  674. data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
  675. data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
  676. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  677. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  678. data/spec/unit/provider/package/dnfmodule_spec.rb +3 -3
  679. data/spec/unit/provider/package/gem_spec.rb +3 -1
  680. data/spec/unit/provider/package/nim_spec.rb +42 -0
  681. data/spec/unit/provider/package/pip2_spec.rb +3 -1
  682. data/spec/unit/provider/package/pip3_spec.rb +3 -1
  683. data/spec/unit/provider/package/pip_spec.rb +40 -1
  684. data/spec/unit/provider/package/pkg_spec.rb +63 -49
  685. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -1
  686. data/spec/unit/provider/package/puppetserver_gem_spec.rb +2 -0
  687. data/spec/unit/provider/package/windows/exe_package_spec.rb +17 -0
  688. data/spec/unit/provider/parsedfile_spec.rb +10 -0
  689. data/spec/unit/provider/service/base_spec.rb +8 -8
  690. data/spec/unit/provider/service/bsd_spec.rb +0 -4
  691. data/spec/unit/provider/service/daemontools_spec.rb +1 -1
  692. data/spec/unit/provider/service/debian_spec.rb +15 -17
  693. data/spec/unit/provider/service/freebsd_spec.rb +1 -1
  694. data/spec/unit/provider/service/gentoo_spec.rb +19 -14
  695. data/spec/unit/provider/service/init_spec.rb +29 -20
  696. data/spec/unit/provider/service/launchd_spec.rb +21 -12
  697. data/spec/unit/provider/service/openbsd_spec.rb +21 -35
  698. data/spec/unit/provider/service/openrc_spec.rb +15 -14
  699. data/spec/unit/provider/service/openwrt_spec.rb +3 -1
  700. data/spec/unit/provider/service/redhat_spec.rb +20 -19
  701. data/spec/unit/provider/service/smf_spec.rb +6 -5
  702. data/spec/unit/provider/service/src_spec.rb +5 -10
  703. data/spec/unit/provider/service/systemd_spec.rb +70 -30
  704. data/spec/unit/provider/service/upstart_spec.rb +25 -20
  705. data/spec/unit/provider/service/windows_spec.rb +202 -0
  706. data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
  707. data/spec/unit/provider/user/useradd_spec.rb +3 -2
  708. data/spec/unit/resource/catalog_spec.rb +1 -1
  709. data/spec/unit/resource/type_collection_spec.rb +16 -0
  710. data/spec/unit/resource/type_spec.rb +2 -2
  711. data/spec/unit/settings/config_file_spec.rb +1 -11
  712. data/spec/unit/settings/value_translator_spec.rb +4 -5
  713. data/spec/unit/settings_spec.rb +120 -79
  714. data/spec/unit/ssl/ssl_provider_spec.rb +18 -16
  715. data/spec/unit/ssl/state_machine_spec.rb +19 -5
  716. data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
  717. data/spec/unit/transaction_spec.rb +18 -20
  718. data/spec/unit/type/exec_spec.rb +76 -29
  719. data/spec/unit/type/file/selinux_spec.rb +3 -3
  720. data/spec/unit/type/file/source_spec.rb +4 -4
  721. data/spec/unit/type/service_spec.rb +59 -188
  722. data/spec/unit/type/tidy_spec.rb +24 -7
  723. data/spec/unit/type/user_spec.rb +45 -0
  724. data/spec/unit/util/at_fork_spec.rb +9 -9
  725. data/spec/unit/util/ldap/connection_spec.rb +10 -10
  726. data/spec/unit/util/ldap/manager_spec.rb +2 -2
  727. data/spec/unit/util/posix_spec.rb +1 -1
  728. data/spec/unit/util/selinux_spec.rb +87 -16
  729. data/spec/unit/util/windows/sid_spec.rb +39 -4
  730. data/spec/unit/util_spec.rb +1 -3
  731. data/spec/unit/x509/cert_provider_spec.rb +9 -1
  732. data/tasks/generate_cert_fixtures.rake +12 -3
  733. metadata +52 -95
  734. data/ext/README.environment +0 -8
  735. data/ext/dbfix.sql +0 -132
  736. data/ext/debian/README.Debian +0 -8
  737. data/ext/debian/README.source +0 -2
  738. data/ext/debian/TODO.Debian +0 -1
  739. data/ext/debian/changelog.erb +0 -1122
  740. data/ext/debian/compat +0 -1
  741. data/ext/debian/control +0 -144
  742. data/ext/debian/copyright +0 -339
  743. data/ext/debian/docs +0 -1
  744. data/ext/debian/fileserver.conf +0 -41
  745. data/ext/debian/puppet-common.dirs +0 -13
  746. data/ext/debian/puppet-common.install +0 -3
  747. data/ext/debian/puppet-common.lintian-overrides +0 -5
  748. data/ext/debian/puppet-common.manpages +0 -28
  749. data/ext/debian/puppet-common.postinst +0 -35
  750. data/ext/debian/puppet-common.postrm +0 -33
  751. data/ext/debian/puppet-el.dirs +0 -1
  752. data/ext/debian/puppet-el.emacsen-install +0 -25
  753. data/ext/debian/puppet-el.emacsen-remove +0 -11
  754. data/ext/debian/puppet-el.emacsen-startup +0 -9
  755. data/ext/debian/puppet-el.install +0 -1
  756. data/ext/debian/puppet-testsuite.install +0 -2
  757. data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
  758. data/ext/debian/puppet.lintian-overrides +0 -3
  759. data/ext/debian/puppet.logrotate +0 -20
  760. data/ext/debian/puppet.postinst +0 -20
  761. data/ext/debian/puppet.postrm +0 -20
  762. data/ext/debian/puppet.preinst +0 -20
  763. data/ext/debian/puppetmaster-common.install +0 -2
  764. data/ext/debian/puppetmaster-common.manpages +0 -2
  765. data/ext/debian/puppetmaster-common.postinst +0 -6
  766. data/ext/debian/puppetmaster-passenger.dirs +0 -4
  767. data/ext/debian/puppetmaster-passenger.postinst +0 -162
  768. data/ext/debian/puppetmaster-passenger.postrm +0 -61
  769. data/ext/debian/puppetmaster.README.debian +0 -17
  770. data/ext/debian/puppetmaster.default +0 -14
  771. data/ext/debian/puppetmaster.init +0 -137
  772. data/ext/debian/puppetmaster.lintian-overrides +0 -3
  773. data/ext/debian/puppetmaster.postinst +0 -20
  774. data/ext/debian/puppetmaster.postrm +0 -5
  775. data/ext/debian/puppetmaster.preinst +0 -22
  776. data/ext/debian/rules +0 -132
  777. data/ext/debian/source/format +0 -1
  778. data/ext/debian/source/options +0 -1
  779. data/ext/debian/vim-puppet.README.Debian +0 -13
  780. data/ext/debian/vim-puppet.dirs +0 -5
  781. data/ext/debian/vim-puppet.yaml +0 -7
  782. data/ext/debian/watch +0 -2
  783. data/ext/freebsd/puppetd +0 -26
  784. data/ext/freebsd/puppetmasterd +0 -26
  785. data/ext/gentoo/conf.d/puppet +0 -5
  786. data/ext/gentoo/conf.d/puppetmaster +0 -12
  787. data/ext/gentoo/init.d/puppet +0 -38
  788. data/ext/gentoo/init.d/puppetmaster +0 -51
  789. data/ext/gentoo/puppet/fileserver.conf +0 -41
  790. data/ext/ips/puppet-agent +0 -44
  791. data/ext/ips/puppet-master +0 -44
  792. data/ext/ips/puppet.p5m.erb +0 -12
  793. data/ext/ips/puppetagent.xml +0 -42
  794. data/ext/ips/puppetmaster.xml +0 -42
  795. data/ext/ips/rules +0 -19
  796. data/ext/ips/transforms +0 -34
  797. data/ext/ldap/puppet.schema +0 -24
  798. data/ext/logcheck/puppet +0 -23
  799. data/ext/osx/file_mapping.yaml +0 -28
  800. data/ext/osx/postflight.erb +0 -109
  801. data/ext/osx/preflight.erb +0 -52
  802. data/ext/osx/prototype.plist.erb +0 -38
  803. data/ext/redhat/fileserver.conf +0 -41
  804. data/ext/redhat/logrotate +0 -21
  805. data/ext/redhat/puppet.spec.erb +0 -841
  806. data/ext/redhat/server.init +0 -128
  807. data/ext/redhat/server.sysconfig +0 -13
  808. data/ext/solaris/pkginfo +0 -6
  809. data/ext/solaris/smf/puppetd.xml +0 -77
  810. data/ext/solaris/smf/puppetmasterd.xml +0 -77
  811. data/ext/solaris/smf/svc-puppetd +0 -71
  812. data/ext/solaris/smf/svc-puppetmasterd +0 -67
  813. data/ext/suse/puppet.spec +0 -310
  814. data/ext/suse/server.init +0 -173
  815. data/ext/yaml_nodes.rb +0 -105
  816. data/spec/unit/indirector/store_configs_spec.rb +0 -7
@@ -74,7 +74,7 @@ Puppet::Type.type(:service).provide :freebsd, :parent => :init do
74
74
  if Puppet::FileSystem.exist?(filename)
75
75
  s = File.read(filename)
76
76
  if s.gsub!(/^(#{rcvar}(_enable)?)=\"?(YES|NO)\"?/, "\\1=\"#{yesno}\"")
77
- File.open(filename, File::WRONLY) { |f| f << s }
77
+ Puppet::FileSystem.replace_file(filename) { |f| f << s }
78
78
  self.debug("Replaced in #{filename}")
79
79
  success = true
80
80
  end
@@ -170,7 +170,7 @@ Puppet::Type.type(:service).provide :init, :parent => :base do
170
170
  (@resource[:hasrestart] == :true) && [initscript, :restart]
171
171
  end
172
172
 
173
- def texecute(type, command, fof = true, squelch = false, combine = true)
173
+ def service_execute(type, command, fof = true, squelch = false, combine = true)
174
174
  if type == :start && Facter.value(:osfamily) == "Solaris"
175
175
  command = ["/usr/bin/ctrun -l child", command].flatten.join(" ")
176
176
  end
@@ -1,4 +1,4 @@
1
- require 'puppet/util/plist'
1
+ require_relative '../../../puppet/util/plist'
2
2
  Puppet::Type.type(:service).provide :launchd, :parent => :base do
3
3
  desc <<-'EOT'
4
4
  This provider manages jobs with `launchd`, which is the default service
@@ -138,7 +138,7 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
138
138
  Puppet.debug("Reading launchd plist #{filepath}")
139
139
  job = read_plist(filepath)
140
140
  next if job.nil?
141
- if job.has_key?("Label")
141
+ if job.respond_to?(:key) && job.key?("Label")
142
142
  @label_to_path_map[job["Label"]] = filepath
143
143
  else
144
144
  #TRANSLATORS 'plist' and label' should not be translated
@@ -262,7 +262,10 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
262
262
  # conditionally enable at load, then disable by modifying the plist file
263
263
  # directly.
264
264
  def start
265
- return ucommand(:start) if resource[:start]
265
+ if resource[:start]
266
+ service_command(:start)
267
+ return nil
268
+ end
266
269
  job_path, _ = plist_from_label(resource[:name])
267
270
  did_enable_job = false
268
271
  cmds = []
@@ -285,7 +288,10 @@ Puppet::Type.type(:service).provide :launchd, :parent => :base do
285
288
 
286
289
 
287
290
  def stop
288
- return ucommand(:stop) if resource[:stop]
291
+ if resource[:stop]
292
+ service_command(:stop)
293
+ return nil
294
+ end
289
295
  job_path, _ = plist_from_label(resource[:name])
290
296
  did_disable_job = false
291
297
  cmds = []
@@ -8,7 +8,8 @@ Puppet::Type.type(:service).provide :service do
8
8
  # How to restart the process.
9
9
  def restart
10
10
  if @resource[:restart] or restartcmd
11
- ucommand(:restart)
11
+ service_command(:restart)
12
+ nil
12
13
  else
13
14
  self.stop
14
15
  self.start
@@ -19,7 +20,7 @@ Puppet::Type.type(:service).provide :service do
19
20
  def restartcmd
20
21
  end
21
22
 
22
- # A simple wrapper so execution failures are a bit more informative.
23
+ # @deprecated because the exit status is not returned, use service_execute instead
23
24
  def texecute(type, command, fof = true, squelch = false, combine = true)
24
25
  begin
25
26
  execute(command, :failonfail => fof, :override_locale => false, :squelch => squelch, :combine => combine)
@@ -29,7 +30,7 @@ Puppet::Type.type(:service).provide :service do
29
30
  nil
30
31
  end
31
32
 
32
- # Use either a specified command or the default for our provider.
33
+ # @deprecated because the exitstatus is not returned, use service_command instead
33
34
  def ucommand(type, fof = true)
34
35
  c = @resource[type]
35
36
  if c
@@ -39,5 +40,29 @@ Puppet::Type.type(:service).provide :service do
39
40
  end
40
41
  texecute(type, cmd, fof)
41
42
  end
43
+
44
+ # Execute a command, failing the resource if the command fails.
45
+ #
46
+ # @return [Puppet::Util::Execution::ProcessOutput]
47
+ def service_execute(type, command, fof = true, squelch = false, combine = true)
48
+ begin
49
+ execute(command, :failonfail => fof, :override_locale => false, :squelch => squelch, :combine => combine)
50
+ rescue Puppet::ExecutionFailure => detail
51
+ @resource.fail Puppet::Error, "Could not #{type} #{@resource.ref}: #{detail}", detail
52
+ end
53
+ end
54
+
55
+ # Use either a specified command or the default for our provider.
56
+ #
57
+ # @return [Puppet::Util::Execution::ProcessOutput]
58
+ def service_command(type, fof = true)
59
+ c = @resource[type]
60
+ if c
61
+ cmd = [c]
62
+ else
63
+ cmd = [send("#{type}cmd")].flatten
64
+ end
65
+ service_execute(type, cmd, fof)
66
+ end
42
67
  end
43
68
 
@@ -77,30 +77,6 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
77
77
  raise Puppet::Error.new( "Cannot config #{@resource[:name]} to enable it: #{detail}", detail )
78
78
  end
79
79
 
80
- # Returns the service's FMRI. We fail if multiple FMRIs correspond to
81
- # @resource[:name].
82
- #
83
- # If the service does not exist or we fail to get any FMRIs from svcs,
84
- # this method will raise a Puppet::ExecutionFailure
85
- def service_fmri
86
- return @fmri if @fmri
87
-
88
- # `svcs -l` is better to use because we can detect service instances
89
- # that have not yet been activated or enabled (i.e. it lets us detect
90
- # services that svcadm has not yet touched). `svcs -H -o fmri` is a bit
91
- # more limited.
92
- lines = svcs("-l", @resource[:name]).chomp.lines.to_a
93
- lines.select! { |line| line =~ /^fmri/ }
94
- fmris = lines.map! { |line| line.split(' ')[-1].chomp }
95
- unless fmris.length == 1
96
- raise Puppet::Error.new(
97
- "Failed to get #{@resource[:name]}'s FMRI: The pattern '#{@resource[:name]}' matches multiple FMRIs! These are the FMRIs it matches: #{fmris.join(', ')}"
98
- )
99
- end
100
-
101
- @fmri = fmris.first
102
- end
103
-
104
80
  # Returns the service's FMRI. We fail if multiple FMRIs correspond to
105
81
  # @resource[:name].
106
82
  #
@@ -53,8 +53,8 @@ Puppet::Type.type(:service).provide :src, :parent => :base do
53
53
  end
54
54
 
55
55
  def enabled?
56
- execute([command(:lsitab), @resource[:name]], {:failonfail => false, :combine => true})
57
- $CHILD_STATUS.exitstatus == 0 ? :true : :false
56
+ output = execute([command(:lsitab), @resource[:name]], {:failonfail => false, :combine => true})
57
+ output.exitstatus == 0 ? :true : :false
58
58
  end
59
59
 
60
60
  def enable
@@ -1,6 +1,6 @@
1
1
  # Manage systemd services using systemctl
2
2
 
3
- require 'puppet/file_system'
3
+ require_relative '../../../puppet/file_system'
4
4
 
5
5
  Puppet::Type.type(:service).provide :systemd, :parent => :base do
6
6
  desc "Manages `systemd` services using `systemctl`.
@@ -14,7 +14,7 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
14
14
  confine :true => Puppet::FileSystem.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd')
15
15
 
16
16
  defaultfor :osfamily => [:archlinux]
17
- defaultfor :osfamily => :redhat, :operatingsystemmajrelease => ["7", "8"]
17
+ defaultfor :osfamily => :redhat, :operatingsystemmajrelease => ["7", "8", "9"]
18
18
  defaultfor :osfamily => :redhat, :operatingsystem => :fedora
19
19
  defaultfor :osfamily => :suse
20
20
  defaultfor :osfamily => :coreos
@@ -45,8 +45,13 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
45
45
  def enabled_insync?(current)
46
46
  case cached_enabled?[:output]
47
47
  when 'static'
48
- Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
49
- return true
48
+ # masking static services is OK, but enabling/disabling them is not
49
+ if @resource[:enable] == :mask
50
+ current == @resource[:enable]
51
+ else
52
+ Puppet.debug("Unable to enable or disable static service #{@resource[:name]}")
53
+ return true
54
+ end
50
55
  when 'indirect'
51
56
  Puppet.debug("Service #{@resource[:name]} is in 'indirect' state and cannot be enabled/disabled")
52
57
  return true
@@ -119,10 +124,10 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
119
124
  # whether it is enabled or not. See PUP-5016 for more details.
120
125
  #
121
126
  def debian_enabled?
122
- system("/usr/sbin/invoke-rc.d", "--quiet", "--query", @resource[:name], "start")
123
- if [104, 106].include?($CHILD_STATUS.exitstatus)
127
+ status = execute(["/usr/sbin/invoke-rc.d", "--quiet", "--query", @resource[:name], "start"], :failonfail => false)
128
+ if [104, 106].include?(status.exitstatus)
124
129
  return :true
125
- elsif [101, 105].include?($CHILD_STATUS.exitstatus)
130
+ elsif [101, 105].include?(status.exitstatus)
126
131
  # 101 is action not allowed, which means we have to do the check manually.
127
132
  # 105 is unknown, which generally means the initscript does not support query
128
133
  # The debian policy states that the initscript should support methods of query
@@ -159,10 +164,15 @@ Puppet::Type.type(:service).provide :systemd, :parent => :base do
159
164
  end
160
165
 
161
166
  def mask
162
- self.disable
167
+ disable if exist?
163
168
  systemctl_change_enable(:mask)
164
169
  end
165
170
 
171
+ def exist?
172
+ result = execute([command(:systemctl), 'cat', '--', @resource[:name]], :failonfail => false)
173
+ result.exitstatus == 0
174
+ end
175
+
166
176
  def unmask
167
177
  systemctl_change_enable(:unmask)
168
178
  end
@@ -128,17 +128,55 @@ Puppet::Type.type(:service).provide :windows, :parent => :service do
128
128
  services
129
129
  end
130
130
 
131
+ def logonaccount_insync?(current)
132
+ @normalized_logon_account ||= normalize_logonaccount
133
+ @resource[:logonaccount] = @normalized_logon_account
134
+
135
+ insync = @resource[:logonaccount] == current
136
+ self.logonpassword = @resource[:logonpassword] if insync
137
+ insync
138
+ end
139
+
131
140
  def logonaccount
132
141
  return unless Puppet::Util::Windows::Service.exists?(@resource[:name])
133
142
  Puppet::Util::Windows::Service.logon_account(@resource[:name])
134
143
  end
135
144
 
136
145
  def logonaccount=(value)
146
+ validate_logon_credentials
137
147
  Puppet::Util::Windows::Service.set_startup_configuration(@resource[:name], options: {logon_account: value, logon_password: @resource[:logonpassword]})
138
148
  restart if @resource[:ensure] == :running && [:running, :paused].include?(status)
139
149
  end
140
150
 
141
151
  def logonpassword=(value)
152
+ validate_logon_credentials
142
153
  Puppet::Util::Windows::Service.set_startup_configuration(@resource[:name], options: {logon_password: value})
143
154
  end
155
+
156
+ private
157
+
158
+ def normalize_logonaccount
159
+ logon_account = @resource[:logonaccount].sub(/^\.\\/, "#{Puppet::Util::Windows::ADSI.computer_name}\\")
160
+ return 'LocalSystem' if Puppet::Util::Windows::User::localsystem?(logon_account)
161
+
162
+ @logonaccount_information ||= Puppet::Util::Windows::SID.name_to_principal(logon_account)
163
+ return logon_account unless @logonaccount_information
164
+ return ".\\#{@logonaccount_information.account}" if @logonaccount_information.domain == Puppet::Util::Windows::ADSI.computer_name
165
+ @logonaccount_information.domain_account
166
+ end
167
+
168
+ def validate_logon_credentials
169
+ unless Puppet::Util::Windows::User::localsystem?(@normalized_logon_account)
170
+ raise Puppet::Error.new("\"#{@normalized_logon_account}\" is not a valid account") unless @logonaccount_information && [:SidTypeUser, :SidTypeWellKnownGroup].include?(@logonaccount_information.account_type)
171
+
172
+ user_rights = Puppet::Util::Windows::User::get_rights(@logonaccount_information.domain_account) unless Puppet::Util::Windows::User::default_system_account?(@normalized_logon_account)
173
+ raise Puppet::Error.new("\"#{@normalized_logon_account}\" has the 'Log On As A Service' right set to denied.") if user_rights =~ /SeDenyServiceLogonRight/
174
+ raise Puppet::Error.new("\"#{@normalized_logon_account}\" is missing the 'Log On As A Service' right.") unless user_rights.nil? || user_rights =~ /SeServiceLogonRight/
175
+ end
176
+
177
+ is_a_predefined_local_account = Puppet::Util::Windows::User::default_system_account?(@normalized_logon_account) || @normalized_logon_account == 'LocalSystem'
178
+ account_info = @normalized_logon_account.split("\\")
179
+ able_to_logon = Puppet::Util::Windows::User.password_is?(account_info[1], @resource[:logonpassword], account_info[0]) unless is_a_predefined_local_account
180
+ raise Puppet::Error.new("The given password is invalid for user '#{@normalized_logon_account}'.") unless is_a_predefined_local_account || able_to_logon
181
+ end
144
182
  end
@@ -9,8 +9,8 @@
9
9
  #
10
10
  # See https://puppet.com/docs/puppet/latest/provider_development.html
11
11
  # for more information
12
- require 'puppet/provider/aix_object'
13
- require 'puppet/util/posix'
12
+ require_relative '../../../puppet/provider/aix_object'
13
+ require_relative '../../../puppet/util/posix'
14
14
  require 'tempfile'
15
15
  require 'date'
16
16
 
@@ -1,5 +1,5 @@
1
- require 'puppet'
2
- require 'puppet/util/plist' if Puppet.features.cfpropertylist?
1
+ require_relative '../../../puppet'
2
+ require_relative '../../../puppet/util/plist' if Puppet.features.cfpropertylist?
3
3
  require 'base64'
4
4
 
5
5
  Puppet::Type.type(:user).provide :directoryservice do
@@ -435,7 +435,7 @@ Puppet::Type.type(:user).provide :directoryservice do
435
435
  ['home', 'uid', 'gid', 'comment', 'shell'].each do |setter_method|
436
436
  define_method("#{setter_method}=") do |value|
437
437
  if @property_hash[setter_method.intern]
438
- if self.class.get_os_version.split('.').last.to_i >= 14 && %w(home uid).include?(setter_method)
438
+ if %w(home uid).include?(setter_method)
439
439
  raise Puppet::Error, "OS X version #{self.class.get_os_version} does not allow changing #{setter_method} using puppet"
440
440
  end
441
441
  begin
@@ -536,6 +536,14 @@ Puppet::Type.type(:user).provide :directoryservice do
536
536
  if (shadow_hash_data.class == Hash) && (shadow_hash_data.has_key?('SALTED-SHA512'))
537
537
  shadow_hash_data.delete('SALTED-SHA512')
538
538
  end
539
+
540
+ # Starting with macOS 11 Big Sur, the AuthenticationAuthority field
541
+ # could be missing entirely and without it the managed user cannot log in
542
+ if needs_sha512_pbkdf2_authentication_authority_to_be_added?(users_plist)
543
+ Puppet.debug("Adding 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash to user '#{@resource.name}'")
544
+ merge_attribute_with_dscl('Users', @resource.name, 'AuthenticationAuthority', ERB::Util.html_escape(SHA512_PBKDF2_AUTHENTICATION_AUTHORITY))
545
+ end
546
+
539
547
  set_salted_pbkdf2(users_plist, shadow_hash_data, 'entropy', value)
540
548
  end
541
549
  end
@@ -562,6 +570,17 @@ Puppet::Type.type(:user).provide :directoryservice do
562
570
  end
563
571
  end
564
572
 
573
+ # This method will check if authentication_authority key of a user's plist
574
+ # needs SALTED_SHA512_PBKDF2 to be added. This is a valid case for macOS 11 (Big Sur)
575
+ # where users created with `dscl` started to have this field missing
576
+ def needs_sha512_pbkdf2_authentication_authority_to_be_added?(users_plist)
577
+ authority = users_plist['authentication_authority']
578
+ return false if Puppet::Util::Package.versioncmp(self.class.get_os_version, '11.0.0') < 0 && authority && authority.include?(SHA512_PBKDF2_AUTHENTICATION_AUTHORITY)
579
+
580
+ Puppet.debug("User '#{@resource.name}' is missing the 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash")
581
+ true
582
+ end
583
+
565
584
  # This method will embed the binary plist data comprising the user's
566
585
  # password hash (and Salt/Iterations value if the OS is 10.8 or greater)
567
586
  # into the ShadowHashData key of the user's plist.
@@ -572,11 +591,7 @@ Puppet::Type.type(:user).provide :directoryservice do
572
591
  else
573
592
  users_plist['ShadowHashData'] = [binary_plist]
574
593
  end
575
- if Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.15') < 0
576
- write_users_plist_to_disk(users_plist)
577
- else
578
- write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
579
- end
594
+ write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
580
595
  end
581
596
 
582
597
  # This method writes the ShadowHashData plist in a temporary file,
@@ -652,9 +667,7 @@ Puppet::Type.type(:user).provide :directoryservice do
652
667
  set_shadow_hash_data(users_plist, binary_plist)
653
668
  end
654
669
 
655
- # This method will accept a plist in XML format, save it to disk, convert
656
- # the plist to a binary format, and flush the dscl cache.
657
- def write_users_plist_to_disk(users_plist)
658
- Puppet::Util::Plist.write_plist_file(users_plist, "#{users_plist_dir}/#{@resource.name}.plist", :binary)
659
- end
670
+ private
671
+
672
+ SHA512_PBKDF2_AUTHENTICATION_AUTHORITY = ';ShadowHash;HASHLIST:<SALTED-SHA512-PBKDF2,SRP-RFC5054-4096-SHA512-PBKDF2>'
660
673
  end
@@ -1,4 +1,4 @@
1
- require 'puppet/provider/ldap'
1
+ require_relative '../../../puppet/provider/ldap'
2
2
 
3
3
  Puppet::Type.type(:user).provide :ldap, :parent => Puppet::Provider::Ldap do
4
4
  desc "User management via LDAP.
@@ -1,4 +1,4 @@
1
- require 'puppet/error'
1
+ require_relative '../../../puppet/error'
2
2
 
3
3
  Puppet::Type.type(:user).provide :openbsd, :parent => :useradd do
4
4
  desc "User management via `useradd` and its ilk for OpenBSD. Note that you
@@ -1,4 +1,4 @@
1
- require 'puppet/provider/nameservice/pw'
1
+ require_relative '../../../puppet/provider/nameservice/pw'
2
2
  require 'open3'
3
3
 
4
4
  Puppet::Type.type(:user).provide :pw, :parent => Puppet::Provider::NameService::PW do
@@ -1,5 +1,5 @@
1
- require 'puppet/util'
2
- require 'puppet/util/user_attr'
1
+ require_relative '../../../puppet/util'
2
+ require_relative '../../../puppet/util/user_attr'
3
3
  require 'date'
4
4
 
5
5
  Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source => :useradd do
@@ -1,15 +1,15 @@
1
- require 'puppet/provider/nameservice/objectadd'
1
+ require_relative '../../../puppet/provider/nameservice/objectadd'
2
2
  require 'date'
3
- require 'puppet/util/libuser'
3
+ require_relative '../../../puppet/util/libuser'
4
4
  require 'time'
5
- require 'puppet/error'
5
+ require_relative '../../../puppet/error'
6
6
 
7
7
  Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameService::ObjectAdd do
8
8
  desc "User management via `useradd` and its ilk. Note that you will need to
9
9
  install Ruby's shadow password library (often known as `ruby-libshadow`)
10
10
  if you wish to manage user passwords."
11
11
 
12
- commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "chage"
12
+ commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "chage", :chpasswd => "chpasswd"
13
13
 
14
14
  options :home, :flag => "-d", :method => :dir
15
15
  options :comment, :method => :gecos
@@ -152,6 +152,38 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
152
152
  set(:groups, value)
153
153
  end
154
154
 
155
+ def password=(value)
156
+ user = @resource[:name]
157
+ tempfile = Tempfile.new('puppet', :encoding => Encoding::UTF_8)
158
+ begin
159
+ # Puppet execute does not support strings as input, only files.
160
+ # The password is expected to be in an encrypted format given -e is specified:
161
+ tempfile << "#{user}:#{value}\n"
162
+ tempfile.flush
163
+
164
+ # Options '-e' use encrypted password
165
+ # Must receive "user:enc_password" as input
166
+ # command, arguments = {:failonfail => true, :combine => true}
167
+ cmd = [command(:chpasswd), '-e']
168
+ execute_options = {
169
+ :failonfail => false,
170
+ :combine => true,
171
+ :stdinfile => tempfile.path,
172
+ :sensitive => has_sensitive_data?
173
+ }
174
+ output = execute(cmd, execute_options)
175
+
176
+ rescue => detail
177
+ tempfile.close
178
+ tempfile.delete
179
+ raise Puppet::Error, "Could not set password on #{@resource.class.name}[#{@resource.name}]: #{detail}", detail.backtrace
180
+ end
181
+
182
+ # chpasswd can return 1, even on success (at least on AIX 6.1); empty output
183
+ # indicates success
184
+ raise Puppet::ExecutionFailure, "chpasswd said #{output}" if output != ''
185
+ end
186
+
155
187
  verify :gid, "GID must be an integer" do |value|
156
188
  value.is_a? Integer
157
189
  end
@@ -215,13 +247,15 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
215
247
  end
216
248
  end
217
249
 
250
+ # Add properties and flags but skipping password related properties due to
251
+ # security risks
218
252
  def add_properties
219
253
  cmd = []
220
254
  # validproperties is a list of properties in undefined order
221
255
  # sort them to have a predictable command line in tests
222
256
  Puppet::Type.type(:user).validproperties.sort.each do |property|
223
257
  value = get_value_for_property(property)
224
- next if value.nil?
258
+ next if value.nil? || property == :password
225
259
  # the value needs to be quoted, mostly because -c might
226
260
  # have spaces in it
227
261
  cmd << flag(property) << munge(property, value)
@@ -331,13 +365,12 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
331
365
  if @resource[:shell]
332
366
  check_valid_shell
333
367
  end
334
- super
335
- if @resource.forcelocal? && self.groups?
336
- set(:groups, @resource[:groups])
337
- end
338
- if @resource.forcelocal? && @resource[:expiry]
339
- set(:expiry, @resource[:expiry])
340
- end
368
+ super
369
+ if @resource.forcelocal?
370
+ set(:groups, @resource[:groups]) if self.groups?
371
+ set(:expiry, @resource[:expiry]) if @resource[:expiry]
372
+ end
373
+ set(:password, @resource[:password]) if @resource[:password]
341
374
  end
342
375
 
343
376
  def groups?