puppet 7.7.0-universal-darwin → 7.11.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (386) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +7 -7
  3. data/Gemfile +4 -3
  4. data/Gemfile.lock +18 -18
  5. data/README.md +4 -4
  6. data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
  7. data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
  8. data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
  9. data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
  10. data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
  11. data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
  12. data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
  13. data/{ext → examples}/nagios/check_puppet.rb +2 -2
  14. data/ext/README.md +13 -0
  15. data/ext/osx/puppet.plist +2 -0
  16. data/ext/project_data.yaml +1 -0
  17. data/install.rb +0 -4
  18. data/lib/puppet/application/agent.rb +4 -0
  19. data/lib/puppet/application/apply.rb +20 -2
  20. data/lib/puppet/application/filebucket.rb +1 -0
  21. data/lib/puppet/application/resource.rb +30 -15
  22. data/lib/puppet/application/ssl.rb +1 -0
  23. data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
  24. data/lib/puppet/configurer.rb +169 -50
  25. data/lib/puppet/confine/variable.rb +1 -1
  26. data/lib/puppet/defaults.rb +70 -30
  27. data/lib/puppet/environments.rb +75 -25
  28. data/lib/puppet/face/help/action.erb +1 -0
  29. data/lib/puppet/face/help/face.erb +1 -0
  30. data/lib/puppet/face/node/clean.rb +1 -1
  31. data/lib/puppet/facter_impl.rb +96 -0
  32. data/lib/puppet/file_serving/configuration/parser.rb +2 -0
  33. data/lib/puppet/file_serving/configuration.rb +2 -0
  34. data/lib/puppet/file_serving/mount/file.rb +4 -4
  35. data/lib/puppet/file_serving/mount/scripts.rb +24 -0
  36. data/lib/puppet/file_system/file_impl.rb +3 -1
  37. data/lib/puppet/file_system/windows.rb +2 -2
  38. data/lib/puppet/forge/cache.rb +1 -1
  39. data/lib/puppet/forge.rb +4 -4
  40. data/lib/puppet/functions/empty.rb +8 -0
  41. data/lib/puppet/functions/find_template.rb +2 -2
  42. data/lib/puppet/functions/strftime.rb +1 -0
  43. data/lib/puppet/functions/unwrap.rb +17 -2
  44. data/lib/puppet/http/service/compiler.rb +6 -1
  45. data/lib/puppet/indirector/catalog/compiler.rb +24 -6
  46. data/lib/puppet/indirector/catalog/rest.rb +1 -0
  47. data/lib/puppet/indirector/facts/facter.rb +6 -6
  48. data/lib/puppet/indirector/indirection.rb +1 -1
  49. data/lib/puppet/indirector/resource/ral.rb +6 -1
  50. data/lib/puppet/indirector/terminus.rb +4 -0
  51. data/lib/puppet/interface/documentation.rb +1 -0
  52. data/lib/puppet/module/plan.rb +0 -1
  53. data/lib/puppet/module/task.rb +1 -1
  54. data/lib/puppet/module_tool/applications/installer.rb +12 -4
  55. data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
  56. data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
  57. data/lib/puppet/module_tool/errors/shared.rb +17 -0
  58. data/lib/puppet/module_tool/tar/mini.rb +1 -1
  59. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  60. data/lib/puppet/node/environment.rb +10 -11
  61. data/lib/puppet/pal/pal_impl.rb +1 -1
  62. data/lib/puppet/parser/scope.rb +8 -7
  63. data/lib/puppet/parser/templatewrapper.rb +1 -0
  64. data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
  65. data/lib/puppet/pops/model/ast.rb +1 -0
  66. data/lib/puppet/pops/model/factory.rb +14 -13
  67. data/lib/puppet/pops/parser/egrammar.ra +2 -2
  68. data/lib/puppet/pops/parser/eparser.rb +752 -753
  69. data/lib/puppet/pops/parser/lexer2.rb +69 -68
  70. data/lib/puppet/pops/parser/slurp_support.rb +1 -0
  71. data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
  72. data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
  73. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  74. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  75. data/lib/puppet/pops/types/type_formatter.rb +7 -6
  76. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  77. data/lib/puppet/pops/types/types.rb +1 -1
  78. data/lib/puppet/provider/aix_object.rb +1 -1
  79. data/lib/puppet/provider/exec/posix.rb +16 -4
  80. data/lib/puppet/provider/group/groupadd.rb +5 -2
  81. data/lib/puppet/provider/package/apt.rb +3 -3
  82. data/lib/puppet/provider/package/nim.rb +11 -6
  83. data/lib/puppet/provider/package/pip.rb +15 -3
  84. data/lib/puppet/provider/package/pkg.rb +9 -2
  85. data/lib/puppet/provider/package/puppet_gem.rb +1 -1
  86. data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
  87. data/lib/puppet/provider/package/windows/exe_package.rb +30 -1
  88. data/lib/puppet/provider/package/windows/package.rb +2 -1
  89. data/lib/puppet/provider/package/windows.rb +14 -1
  90. data/lib/puppet/provider/package/yum.rb +4 -4
  91. data/lib/puppet/provider/package/zypper.rb +3 -3
  92. data/lib/puppet/provider/parsedfile.rb +3 -0
  93. data/lib/puppet/provider/service/base.rb +1 -1
  94. data/lib/puppet/provider/service/freebsd.rb +1 -1
  95. data/lib/puppet/provider/service/init.rb +5 -5
  96. data/lib/puppet/provider/service/launchd.rb +2 -2
  97. data/lib/puppet/provider/service/redhat.rb +1 -1
  98. data/lib/puppet/provider/service/smf.rb +3 -3
  99. data/lib/puppet/provider/service/systemd.rb +8 -3
  100. data/lib/puppet/provider/service/upstart.rb +5 -5
  101. data/lib/puppet/provider/user/aix.rb +44 -1
  102. data/lib/puppet/provider/user/directoryservice.rb +25 -12
  103. data/lib/puppet/provider/user/useradd.rb +52 -16
  104. data/lib/puppet/provider.rb +1 -1
  105. data/lib/puppet/reference/providers.rb +2 -2
  106. data/lib/puppet/resource/type_collection.rb +4 -1
  107. data/lib/puppet/runtime.rb +11 -1
  108. data/lib/puppet/settings/config_file.rb +1 -8
  109. data/lib/puppet/settings/file_setting.rb +3 -8
  110. data/lib/puppet/settings/value_translator.rb +0 -1
  111. data/lib/puppet/settings.rb +32 -9
  112. data/lib/puppet/test/test_helper.rb +4 -1
  113. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  114. data/lib/puppet/transaction/persistence.rb +11 -1
  115. data/lib/puppet/transaction/report.rb +15 -1
  116. data/lib/puppet/type/exec.rb +35 -5
  117. data/lib/puppet/type/file/mode.rb +6 -0
  118. data/lib/puppet/type/file.rb +6 -6
  119. data/lib/puppet/type/filebucket.rb +2 -2
  120. data/lib/puppet/type/group.rb +0 -1
  121. data/lib/puppet/type/resources.rb +1 -1
  122. data/lib/puppet/type/service.rb +8 -9
  123. data/lib/puppet/type/tidy.rb +1 -1
  124. data/lib/puppet/type/user.rb +39 -22
  125. data/lib/puppet/type.rb +1 -1
  126. data/lib/puppet/util/command_line.rb +1 -1
  127. data/lib/puppet/util/filetype.rb +2 -2
  128. data/lib/puppet/util/log.rb +1 -2
  129. data/lib/puppet/util/logging.rb +1 -25
  130. data/lib/puppet/util/monkey_patches.rb +2 -17
  131. data/lib/puppet/util/pidlock.rb +1 -1
  132. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  133. data/lib/puppet/util/suidmanager.rb +1 -2
  134. data/lib/puppet/util/symbolic_file_mode.rb +29 -17
  135. data/lib/puppet/util/tagging.rb +1 -0
  136. data/lib/puppet/util/windows/sid.rb +3 -1
  137. data/lib/puppet/util/windows/user.rb +0 -1
  138. data/lib/puppet/util.rb +4 -3
  139. data/lib/puppet/version.rb +1 -1
  140. data/lib/puppet/x509/cert_provider.rb +3 -21
  141. data/lib/puppet.rb +5 -9
  142. data/locales/puppet.pot +346 -274
  143. data/man/man5/puppet.conf.5 +76 -25
  144. data/man/man8/puppet-agent.8 +4 -1
  145. data/man/man8/puppet-apply.8 +1 -1
  146. data/man/man8/puppet-catalog.8 +9 -9
  147. data/man/man8/puppet-config.8 +1 -1
  148. data/man/man8/puppet-describe.8 +1 -1
  149. data/man/man8/puppet-device.8 +1 -1
  150. data/man/man8/puppet-doc.8 +1 -1
  151. data/man/man8/puppet-epp.8 +1 -1
  152. data/man/man8/puppet-facts.8 +7 -7
  153. data/man/man8/puppet-filebucket.8 +1 -1
  154. data/man/man8/puppet-generate.8 +1 -1
  155. data/man/man8/puppet-help.8 +1 -1
  156. data/man/man8/puppet-lookup.8 +1 -1
  157. data/man/man8/puppet-module.8 +3 -3
  158. data/man/man8/puppet-node.8 +5 -5
  159. data/man/man8/puppet-parser.8 +1 -1
  160. data/man/man8/puppet-plugin.8 +1 -1
  161. data/man/man8/puppet-report.8 +5 -5
  162. data/man/man8/puppet-resource.8 +1 -1
  163. data/man/man8/puppet-script.8 +1 -1
  164. data/man/man8/puppet-ssl.8 +1 -1
  165. data/man/man8/puppet.8 +2 -2
  166. data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
  167. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
  168. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
  169. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
  170. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
  171. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
  172. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
  173. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
  174. data/spec/fixtures/ssl/127.0.0.1-key.pem +106 -106
  175. data/spec/fixtures/ssl/127.0.0.1.pem +48 -48
  176. data/spec/fixtures/ssl/bad-basic-constraints.pem +54 -54
  177. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +51 -51
  178. data/spec/fixtures/ssl/ca.pem +52 -52
  179. data/spec/fixtures/ssl/crl.pem +25 -25
  180. data/spec/fixtures/ssl/ec-key-openssl.pem +8 -0
  181. data/spec/fixtures/ssl/ec-key-pk8.pem +5 -0
  182. data/spec/fixtures/ssl/ec-key.pem +11 -11
  183. data/spec/fixtures/ssl/ec.pem +32 -32
  184. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  185. data/spec/fixtures/ssl/encrypted-key.pem +107 -107
  186. data/spec/fixtures/ssl/intermediate-agent-crl.pem +25 -25
  187. data/spec/fixtures/ssl/intermediate-agent.pem +54 -54
  188. data/spec/fixtures/ssl/intermediate-crl.pem +28 -28
  189. data/spec/fixtures/ssl/intermediate.pem +51 -51
  190. data/spec/fixtures/ssl/oid-key.pem +117 -0
  191. data/spec/fixtures/ssl/oid.pem +69 -0
  192. data/spec/fixtures/ssl/pluto-key.pem +106 -106
  193. data/spec/fixtures/ssl/pluto.pem +50 -50
  194. data/spec/fixtures/ssl/request-key.pem +106 -106
  195. data/spec/fixtures/ssl/request.pem +45 -45
  196. data/spec/fixtures/ssl/revoked-key.pem +106 -106
  197. data/spec/fixtures/ssl/revoked.pem +49 -49
  198. data/spec/fixtures/ssl/signed-key.pem +106 -106
  199. data/spec/fixtures/ssl/signed.pem +47 -47
  200. data/spec/fixtures/ssl/tampered-cert.pem +49 -49
  201. data/spec/fixtures/ssl/tampered-csr.pem +45 -45
  202. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
  203. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +106 -106
  204. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -48
  205. data/spec/fixtures/ssl/unknown-ca-key.pem +106 -106
  206. data/spec/fixtures/ssl/unknown-ca.pem +52 -52
  207. data/spec/integration/application/agent_spec.rb +118 -52
  208. data/spec/integration/application/filebucket_spec.rb +16 -0
  209. data/spec/integration/application/module_spec.rb +21 -0
  210. data/spec/integration/application/resource_spec.rb +64 -0
  211. data/spec/integration/application/ssl_spec.rb +20 -0
  212. data/spec/integration/configurer_spec.rb +18 -2
  213. data/spec/integration/defaults_spec.rb +5 -0
  214. data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
  215. data/spec/integration/indirector/facts/facter_spec.rb +93 -39
  216. data/spec/integration/l10n/compiler_spec.rb +37 -0
  217. data/spec/integration/transaction/report_spec.rb +1 -1
  218. data/spec/integration/type/exec_spec.rb +70 -45
  219. data/spec/integration/type/file_spec.rb +2 -2
  220. data/spec/integration/type/package_spec.rb +6 -6
  221. data/spec/integration/util/rdoc/parser_spec.rb +1 -1
  222. data/spec/integration/util/windows/process_spec.rb +1 -9
  223. data/spec/lib/puppet/test_ca.rb +5 -0
  224. data/spec/lib/puppet_spec/modules.rb +13 -2
  225. data/spec/lib/puppet_spec/puppetserver.rb +15 -0
  226. data/spec/lib/puppet_spec/settings.rb +1 -0
  227. data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
  228. data/spec/shared_contexts/l10n.rb +27 -0
  229. data/spec/spec_helper.rb +1 -10
  230. data/spec/unit/application/apply_spec.rb +76 -56
  231. data/spec/unit/application/resource_spec.rb +29 -0
  232. data/spec/unit/configurer_spec.rb +277 -56
  233. data/spec/unit/environments_spec.rb +184 -0
  234. data/spec/unit/facter_impl_spec.rb +31 -0
  235. data/spec/unit/file_bucket/dipper_spec.rb +2 -2
  236. data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
  237. data/spec/unit/file_serving/configuration_spec.rb +12 -4
  238. data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
  239. data/spec/unit/file_system_spec.rb +13 -0
  240. data/spec/unit/functions/assert_type_spec.rb +1 -1
  241. data/spec/unit/functions/empty_spec.rb +10 -0
  242. data/spec/unit/functions/logging_spec.rb +1 -0
  243. data/spec/unit/functions/lookup_spec.rb +87 -0
  244. data/spec/unit/functions/unwrap_spec.rb +8 -0
  245. data/spec/unit/functions4_spec.rb +19 -10
  246. data/spec/unit/http/service/compiler_spec.rb +8 -0
  247. data/spec/unit/indirector/catalog/compiler_spec.rb +87 -0
  248. data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
  249. data/spec/unit/indirector/indirection_spec.rb +10 -3
  250. data/spec/unit/indirector/resource/ral_spec.rb +40 -75
  251. data/spec/unit/interface/action_spec.rb +0 -9
  252. data/spec/unit/module_spec.rb +14 -0
  253. data/spec/unit/module_tool/applications/installer_spec.rb +52 -14
  254. data/spec/unit/parser/compiler_spec.rb +29 -0
  255. data/spec/unit/parser/templatewrapper_spec.rb +12 -2
  256. data/spec/unit/pops/loaders/dependency_loader_spec.rb +0 -9
  257. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  258. data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
  259. data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
  260. data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
  261. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  262. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  263. data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
  264. data/spec/unit/provider/package/gem_spec.rb +1 -1
  265. data/spec/unit/provider/package/nim_spec.rb +42 -0
  266. data/spec/unit/provider/package/pip2_spec.rb +1 -1
  267. data/spec/unit/provider/package/pip3_spec.rb +1 -1
  268. data/spec/unit/provider/package/pip_spec.rb +38 -1
  269. data/spec/unit/provider/package/pkg_spec.rb +19 -5
  270. data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
  271. data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
  272. data/spec/unit/provider/package/windows/exe_package_spec.rb +17 -0
  273. data/spec/unit/provider/parsedfile_spec.rb +10 -0
  274. data/spec/unit/provider/service/freebsd_spec.rb +1 -1
  275. data/spec/unit/provider/service/launchd_spec.rb +11 -0
  276. data/spec/unit/provider/service/systemd_spec.rb +13 -1
  277. data/spec/unit/provider/user/aix_spec.rb +100 -0
  278. data/spec/unit/provider/user/directoryservice_spec.rb +68 -36
  279. data/spec/unit/provider/user/useradd_spec.rb +3 -2
  280. data/spec/unit/provider_spec.rb +4 -4
  281. data/spec/unit/puppet_spec.rb +12 -4
  282. data/spec/unit/resource/type_collection_spec.rb +16 -0
  283. data/spec/unit/resource/type_spec.rb +2 -2
  284. data/spec/unit/settings/config_file_spec.rb +1 -11
  285. data/spec/unit/settings/file_setting_spec.rb +10 -7
  286. data/spec/unit/settings/value_translator_spec.rb +4 -5
  287. data/spec/unit/settings_spec.rb +120 -79
  288. data/spec/unit/ssl/ssl_provider_spec.rb +18 -16
  289. data/spec/unit/type/exec_spec.rb +76 -29
  290. data/spec/unit/type/file/source_spec.rb +4 -4
  291. data/spec/unit/type/service_spec.rb +49 -34
  292. data/spec/unit/type/tidy_spec.rb +7 -0
  293. data/spec/unit/type/user_spec.rb +45 -0
  294. data/spec/unit/type_spec.rb +2 -2
  295. data/spec/unit/util/ldap/connection_spec.rb +10 -10
  296. data/spec/unit/util/ldap/manager_spec.rb +2 -2
  297. data/spec/unit/util/logging_spec.rb +2 -0
  298. data/spec/unit/util/windows/sid_spec.rb +39 -4
  299. data/spec/unit/util_spec.rb +1 -3
  300. data/spec/unit/x509/cert_provider_spec.rb +9 -1
  301. data/tasks/generate_cert_fixtures.rake +10 -1
  302. data/tasks/parallel.rake +3 -3
  303. metadata +53 -95
  304. data/ext/README.environment +0 -8
  305. data/ext/dbfix.sql +0 -132
  306. data/ext/debian/README.Debian +0 -8
  307. data/ext/debian/README.source +0 -2
  308. data/ext/debian/TODO.Debian +0 -1
  309. data/ext/debian/changelog.erb +0 -1122
  310. data/ext/debian/compat +0 -1
  311. data/ext/debian/control +0 -144
  312. data/ext/debian/copyright +0 -339
  313. data/ext/debian/docs +0 -1
  314. data/ext/debian/fileserver.conf +0 -41
  315. data/ext/debian/puppet-common.dirs +0 -13
  316. data/ext/debian/puppet-common.install +0 -3
  317. data/ext/debian/puppet-common.lintian-overrides +0 -5
  318. data/ext/debian/puppet-common.manpages +0 -28
  319. data/ext/debian/puppet-common.postinst +0 -35
  320. data/ext/debian/puppet-common.postrm +0 -33
  321. data/ext/debian/puppet-el.dirs +0 -1
  322. data/ext/debian/puppet-el.emacsen-install +0 -25
  323. data/ext/debian/puppet-el.emacsen-remove +0 -11
  324. data/ext/debian/puppet-el.emacsen-startup +0 -9
  325. data/ext/debian/puppet-el.install +0 -1
  326. data/ext/debian/puppet-testsuite.install +0 -2
  327. data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
  328. data/ext/debian/puppet.lintian-overrides +0 -3
  329. data/ext/debian/puppet.logrotate +0 -20
  330. data/ext/debian/puppet.postinst +0 -20
  331. data/ext/debian/puppet.postrm +0 -20
  332. data/ext/debian/puppet.preinst +0 -20
  333. data/ext/debian/puppetmaster-common.install +0 -2
  334. data/ext/debian/puppetmaster-common.manpages +0 -2
  335. data/ext/debian/puppetmaster-common.postinst +0 -6
  336. data/ext/debian/puppetmaster-passenger.dirs +0 -4
  337. data/ext/debian/puppetmaster-passenger.postinst +0 -162
  338. data/ext/debian/puppetmaster-passenger.postrm +0 -61
  339. data/ext/debian/puppetmaster.README.debian +0 -17
  340. data/ext/debian/puppetmaster.default +0 -14
  341. data/ext/debian/puppetmaster.init +0 -137
  342. data/ext/debian/puppetmaster.lintian-overrides +0 -3
  343. data/ext/debian/puppetmaster.postinst +0 -20
  344. data/ext/debian/puppetmaster.postrm +0 -5
  345. data/ext/debian/puppetmaster.preinst +0 -22
  346. data/ext/debian/rules +0 -132
  347. data/ext/debian/source/format +0 -1
  348. data/ext/debian/source/options +0 -1
  349. data/ext/debian/vim-puppet.README.Debian +0 -13
  350. data/ext/debian/vim-puppet.dirs +0 -5
  351. data/ext/debian/vim-puppet.yaml +0 -7
  352. data/ext/debian/watch +0 -2
  353. data/ext/freebsd/puppetd +0 -26
  354. data/ext/freebsd/puppetmasterd +0 -26
  355. data/ext/gentoo/conf.d/puppet +0 -5
  356. data/ext/gentoo/conf.d/puppetmaster +0 -12
  357. data/ext/gentoo/init.d/puppet +0 -38
  358. data/ext/gentoo/init.d/puppetmaster +0 -51
  359. data/ext/gentoo/puppet/fileserver.conf +0 -41
  360. data/ext/ips/puppet-agent +0 -44
  361. data/ext/ips/puppet-master +0 -44
  362. data/ext/ips/puppet.p5m.erb +0 -12
  363. data/ext/ips/puppetagent.xml +0 -42
  364. data/ext/ips/puppetmaster.xml +0 -42
  365. data/ext/ips/rules +0 -19
  366. data/ext/ips/transforms +0 -34
  367. data/ext/ldap/puppet.schema +0 -24
  368. data/ext/logcheck/puppet +0 -23
  369. data/ext/osx/file_mapping.yaml +0 -28
  370. data/ext/osx/postflight.erb +0 -109
  371. data/ext/osx/preflight.erb +0 -52
  372. data/ext/osx/prototype.plist.erb +0 -38
  373. data/ext/redhat/fileserver.conf +0 -41
  374. data/ext/redhat/logrotate +0 -21
  375. data/ext/redhat/puppet.spec.erb +0 -841
  376. data/ext/redhat/server.init +0 -128
  377. data/ext/redhat/server.sysconfig +0 -13
  378. data/ext/solaris/pkginfo +0 -6
  379. data/ext/solaris/smf/puppetd.xml +0 -77
  380. data/ext/solaris/smf/puppetmasterd.xml +0 -77
  381. data/ext/solaris/smf/svc-puppetd +0 -71
  382. data/ext/solaris/smf/svc-puppetmasterd +0 -67
  383. data/ext/suse/puppet.spec +0 -310
  384. data/ext/suse/server.init +0 -173
  385. data/ext/yaml_nodes.rb +0 -105
  386. data/spec/unit/indirector/store_configs_spec.rb +0 -7
@@ -159,7 +159,7 @@ Puppet::Type.type(:user).provide :directoryservice do
159
159
  end
160
160
 
161
161
  def self.get_os_version
162
- @os_version ||= Facter.value(:macosx_productversion_major)
162
+ @os_version ||= Puppet.runtime[:facter].value(:macosx_productversion_major)
163
163
  end
164
164
 
165
165
  # Use dscl to retrieve an array of hashes containing attributes about all
@@ -435,7 +435,7 @@ Puppet::Type.type(:user).provide :directoryservice do
435
435
  ['home', 'uid', 'gid', 'comment', 'shell'].each do |setter_method|
436
436
  define_method("#{setter_method}=") do |value|
437
437
  if @property_hash[setter_method.intern]
438
- if self.class.get_os_version.split('.').last.to_i >= 14 && %w(home uid).include?(setter_method)
438
+ if %w(home uid).include?(setter_method)
439
439
  raise Puppet::Error, "OS X version #{self.class.get_os_version} does not allow changing #{setter_method} using puppet"
440
440
  end
441
441
  begin
@@ -536,6 +536,14 @@ Puppet::Type.type(:user).provide :directoryservice do
536
536
  if (shadow_hash_data.class == Hash) && (shadow_hash_data.has_key?('SALTED-SHA512'))
537
537
  shadow_hash_data.delete('SALTED-SHA512')
538
538
  end
539
+
540
+ # Starting with macOS 11 Big Sur, the AuthenticationAuthority field
541
+ # could be missing entirely and without it the managed user cannot log in
542
+ if needs_sha512_pbkdf2_authentication_authority_to_be_added?(users_plist)
543
+ Puppet.debug("Adding 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash to user '#{@resource.name}'")
544
+ merge_attribute_with_dscl('Users', @resource.name, 'AuthenticationAuthority', ERB::Util.html_escape(SHA512_PBKDF2_AUTHENTICATION_AUTHORITY))
545
+ end
546
+
539
547
  set_salted_pbkdf2(users_plist, shadow_hash_data, 'entropy', value)
540
548
  end
541
549
  end
@@ -562,6 +570,17 @@ Puppet::Type.type(:user).provide :directoryservice do
562
570
  end
563
571
  end
564
572
 
573
+ # This method will check if authentication_authority key of a user's plist
574
+ # needs SALTED_SHA512_PBKDF2 to be added. This is a valid case for macOS 11 (Big Sur)
575
+ # where users created with `dscl` started to have this field missing
576
+ def needs_sha512_pbkdf2_authentication_authority_to_be_added?(users_plist)
577
+ authority = users_plist['authentication_authority']
578
+ return false if Puppet::Util::Package.versioncmp(self.class.get_os_version, '11.0.0') < 0 && authority && authority.include?(SHA512_PBKDF2_AUTHENTICATION_AUTHORITY)
579
+
580
+ Puppet.debug("User '#{@resource.name}' is missing the 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash")
581
+ true
582
+ end
583
+
565
584
  # This method will embed the binary plist data comprising the user's
566
585
  # password hash (and Salt/Iterations value if the OS is 10.8 or greater)
567
586
  # into the ShadowHashData key of the user's plist.
@@ -572,11 +591,7 @@ Puppet::Type.type(:user).provide :directoryservice do
572
591
  else
573
592
  users_plist['ShadowHashData'] = [binary_plist]
574
593
  end
575
- if Puppet::Util::Package.versioncmp(self.class.get_os_version, '10.15') < 0
576
- write_users_plist_to_disk(users_plist)
577
- else
578
- write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
579
- end
594
+ write_and_import_shadow_hash_data(users_plist['ShadowHashData'].first)
580
595
  end
581
596
 
582
597
  # This method writes the ShadowHashData plist in a temporary file,
@@ -652,9 +667,7 @@ Puppet::Type.type(:user).provide :directoryservice do
652
667
  set_shadow_hash_data(users_plist, binary_plist)
653
668
  end
654
669
 
655
- # This method will accept a plist in XML format, save it to disk, convert
656
- # the plist to a binary format, and flush the dscl cache.
657
- def write_users_plist_to_disk(users_plist)
658
- Puppet::Util::Plist.write_plist_file(users_plist, "#{users_plist_dir}/#{@resource.name}.plist", :binary)
659
- end
670
+ private
671
+
672
+ SHA512_PBKDF2_AUTHENTICATION_AUTHORITY = ';ShadowHash;HASHLIST:<SALTED-SHA512-PBKDF2,SRP-RFC5054-4096-SHA512-PBKDF2>'
660
673
  end
@@ -7,9 +7,12 @@ require_relative '../../../puppet/error'
7
7
  Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameService::ObjectAdd do
8
8
  desc "User management via `useradd` and its ilk. Note that you will need to
9
9
  install Ruby's shadow password library (often known as `ruby-libshadow`)
10
- if you wish to manage user passwords."
10
+ if you wish to manage user passwords.
11
11
 
12
- commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "chage"
12
+ To use the `forcelocal` parameter, you need to install the `libuser` package (providing
13
+ `/usr/sbin/lgroupadd` and `/usr/sbin/luseradd`)."
14
+
15
+ commands :add => "useradd", :delete => "userdel", :modify => "usermod", :password => "chage", :chpasswd => "chpasswd"
13
16
 
14
17
  options :home, :flag => "-d", :method => :dir
15
18
  options :comment, :method => :gecos
@@ -21,13 +24,13 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
21
24
  options :expiry, :method => :sp_expire,
22
25
  :munge => proc { |value|
23
26
  if value == :absent
24
- if Facter.value(:operatingsystem)=='SLES' && Facter.value(:operatingsystemmajrelease) == "11"
27
+ if Puppet.runtime[:facter].value(:operatingsystem)=='SLES' && Puppet.runtime[:facter].value(:operatingsystemmajrelease) == "11"
25
28
  -1
26
29
  else
27
30
  ''
28
31
  end
29
32
  else
30
- case Facter.value(:operatingsystem)
33
+ case Puppet.runtime[:facter].value(:operatingsystem)
31
34
  when 'Solaris'
32
35
  # Solaris uses %m/%d/%Y for useradd/usermod
33
36
  expiry_year, expiry_month, expiry_day = value.split('-')
@@ -152,6 +155,38 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
152
155
  set(:groups, value)
153
156
  end
154
157
 
158
+ def password=(value)
159
+ user = @resource[:name]
160
+ tempfile = Tempfile.new('puppet', :encoding => Encoding::UTF_8)
161
+ begin
162
+ # Puppet execute does not support strings as input, only files.
163
+ # The password is expected to be in an encrypted format given -e is specified:
164
+ tempfile << "#{user}:#{value}\n"
165
+ tempfile.flush
166
+
167
+ # Options '-e' use encrypted password
168
+ # Must receive "user:enc_password" as input
169
+ # command, arguments = {:failonfail => true, :combine => true}
170
+ cmd = [command(:chpasswd), '-e']
171
+ execute_options = {
172
+ :failonfail => false,
173
+ :combine => true,
174
+ :stdinfile => tempfile.path,
175
+ :sensitive => has_sensitive_data?
176
+ }
177
+ output = execute(cmd, execute_options)
178
+
179
+ rescue => detail
180
+ tempfile.close
181
+ tempfile.delete
182
+ raise Puppet::Error, "Could not set password on #{@resource.class.name}[#{@resource.name}]: #{detail}", detail.backtrace
183
+ end
184
+
185
+ # chpasswd can return 1, even on success (at least on AIX 6.1); empty output
186
+ # indicates success
187
+ raise Puppet::ExecutionFailure, "chpasswd said #{output}" if output != ''
188
+ end
189
+
155
190
  verify :gid, "GID must be an integer" do |value|
156
191
  value.is_a? Integer
157
192
  end
@@ -161,7 +196,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
161
196
  end
162
197
 
163
198
  has_features :manages_homedir, :allows_duplicates, :manages_expiry
164
- has_features :system_users unless %w{HP-UX Solaris}.include? Facter.value(:operatingsystem)
199
+ has_features :system_users unless %w{HP-UX Solaris}.include? Puppet.runtime[:facter].value(:operatingsystem)
165
200
 
166
201
  has_features :manages_passwords, :manages_password_age if Puppet.features.libshadow?
167
202
  has_features :manages_shell
@@ -196,8 +231,8 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
196
231
  # libuser does not implement the -m flag
197
232
  cmd << "-m" unless @resource.forcelocal?
198
233
  else
199
- osfamily = Facter.value(:osfamily)
200
- osversion = Facter.value(:operatingsystemmajrelease).to_i
234
+ osfamily = Puppet.runtime[:facter].value(:osfamily)
235
+ osversion = Puppet.runtime[:facter].value(:operatingsystemmajrelease).to_i
201
236
  # SLES 11 uses pwdutils instead of shadow, which does not have -M
202
237
  # Solaris and OpenBSD use different useradd flavors
203
238
  unless osfamily =~ /Solaris|OpenBSD/ || osfamily == 'Suse' && osversion <= 11
@@ -215,13 +250,15 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
215
250
  end
216
251
  end
217
252
 
253
+ # Add properties and flags but skipping password related properties due to
254
+ # security risks
218
255
  def add_properties
219
256
  cmd = []
220
257
  # validproperties is a list of properties in undefined order
221
258
  # sort them to have a predictable command line in tests
222
259
  Puppet::Type.type(:user).validproperties.sort.each do |property|
223
260
  value = get_value_for_property(property)
224
- next if value.nil?
261
+ next if value.nil? || property == :password
225
262
  # the value needs to be quoted, mostly because -c might
226
263
  # have spaces in it
227
264
  cmd << flag(property) << munge(property, value)
@@ -293,7 +330,7 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
293
330
  cmd = [command(:delete)]
294
331
  end
295
332
  # Solaris `userdel -r` will fail if the homedir does not exist.
296
- if @resource.managehome? && (('Solaris' != Facter.value(:operatingsystem)) || Dir.exist?(Dir.home(@resource[:name])))
333
+ if @resource.managehome? && (('Solaris' != Puppet.runtime[:facter].value(:operatingsystem)) || Dir.exist?(Dir.home(@resource[:name])))
297
334
  cmd << '-r'
298
335
  end
299
336
  cmd << @resource[:name]
@@ -331,13 +368,12 @@ Puppet::Type.type(:user).provide :useradd, :parent => Puppet::Provider::NameServ
331
368
  if @resource[:shell]
332
369
  check_valid_shell
333
370
  end
334
- super
335
- if @resource.forcelocal? && self.groups?
336
- set(:groups, @resource[:groups])
337
- end
338
- if @resource.forcelocal? && @resource[:expiry]
339
- set(:expiry, @resource[:expiry])
340
- end
371
+ super
372
+ if @resource.forcelocal?
373
+ set(:groups, @resource[:groups]) if self.groups?
374
+ set(:expiry, @resource[:expiry]) if @resource[:expiry]
375
+ end
376
+ set(:password, @resource[:password]) if @resource[:password]
341
377
  end
342
378
 
343
379
  def groups?
@@ -289,7 +289,7 @@ class Puppet::Provider
289
289
  # values. Given one or more Regexp instances, fact is compared via the basic
290
290
  # pattern-matching operator.
291
291
  def self.fact_match(fact, values)
292
- fact_val = Facter.value(fact).to_s.downcase
292
+ fact_val = Puppet.runtime[:facter].value(fact).to_s.downcase
293
293
  if fact_val.empty?
294
294
  return false
295
295
  else
@@ -15,7 +15,7 @@ providers = Puppet::Util::Reference.newreference :providers, :title => "Provider
15
15
  # Throw some facts in there, so we know where the report is from.
16
16
  ["Ruby Version", "Puppet Version", "Operating System", "Operating System Release"].each do |label|
17
17
  name = label.gsub(/\s+/, '')
18
- value = Facter.value(name)
18
+ value = Puppet.runtime[:facter].value(name)
19
19
  ret << option(label, value)
20
20
  end
21
21
  ret << "\n"
@@ -61,7 +61,7 @@ providers = Puppet::Util::Reference.newreference :providers, :title => "Provider
61
61
  if Puppet.settings.valid?(name)
62
62
  details << _(" - Setting %{name} (currently %{value}) not in list %{facts}\n") % { name: name, value: Puppet.settings.value(name).inspect, facts: facts.join(", ") }
63
63
  else
64
- details << _(" - Fact %{name} (currently %{value}) not in list %{facts}\n") % { name: name, value: Facter.value(name).inspect, facts: facts.join(", ") }
64
+ details << _(" - Fact %{name} (currently %{value}) not in list %{facts}\n") % { name: name, value: Puppet.runtime[:facter].value(name).inspect, facts: facts.join(", ") }
65
65
  end
66
66
  end
67
67
  when :true
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  require_relative '../../puppet/parser/type_loader'
2
3
  require_relative '../../puppet/util/file_watcher'
3
4
  require_relative '../../puppet/util/warnings'
@@ -61,6 +62,7 @@ class Puppet::Resource::TypeCollection
61
62
  def add_hostclass(instance)
62
63
  handle_hostclass_merge(instance)
63
64
  dupe_check(instance, @hostclasses) { |dupe| _("Class '%{klass}' is already defined%{error}; cannot redefine") % { klass: instance.name, error: dupe.error_context } }
65
+ dupe_check(instance, @nodes) { |dupe| _("Node '%{klass}' is already defined%{error}; cannot be redefined as a class") % { klass: instance.name, error: dupe.error_context } }
64
66
  dupe_check(instance, @definitions) { |dupe| _("Definition '%{klass}' is already defined%{error}; cannot be redefined as a class") % { klass: instance.name, error: dupe.error_context } }
65
67
 
66
68
  @hostclasses[instance.name] = instance
@@ -93,6 +95,7 @@ class Puppet::Resource::TypeCollection
93
95
 
94
96
  def add_node(instance)
95
97
  dupe_check(instance, @nodes) { |dupe| _("Node '%{name}' is already defined%{error}; cannot redefine") % { name: instance.name, error: dupe.error_context } }
98
+ dupe_check(instance, @hostclasses) { |dupe| _("Class '%{klass}' is already defined%{error}; cannot be redefined as a node") % { klass: instance.name, error: dupe.error_context } }
96
99
 
97
100
  @node_list << instance
98
101
  @nodes[instance.name] = instance
@@ -177,7 +180,7 @@ class Puppet::Resource::TypeCollection
177
180
 
178
181
  private
179
182
 
180
- COLON_COLON = "::".freeze
183
+ COLON_COLON = "::"
181
184
 
182
185
  # Resolve namespaces and find the given object. Autoload it if
183
186
  # necessary.
@@ -1,4 +1,5 @@
1
1
  require_relative '../puppet/http'
2
+ require_relative '../puppet/facter_impl'
2
3
  require 'singleton'
3
4
 
4
5
  # Provides access to runtime implementations.
@@ -16,11 +17,20 @@ class Puppet::Runtime
16
17
  else
17
18
  Puppet::HTTP::ExternalClient.new(klass)
18
19
  end
19
- end
20
+ end,
21
+ facter: proc { Puppet::FacterImpl.new }
20
22
  }
21
23
  end
22
24
  private :initialize
23
25
 
26
+ # Loads all runtime implementations.
27
+ #
28
+ # @return Array[Symbol] the names of loaded implementations
29
+ # @api private
30
+ def load_services
31
+ @runtime_services.keys.each { |key| self[key] }
32
+ end
33
+
24
34
  # Get a runtime implementation.
25
35
  #
26
36
  # @param name [Symbol] the name of the implementation
@@ -98,14 +98,7 @@ private
98
98
 
99
99
  def parse_setting(setting, section)
100
100
  var = setting.name.intern
101
-
102
- # We don't want to munge modes, because they're specified in octal, so we'll
103
- # just leave them as a String, since Puppet handles that case correctly.
104
- if var == :mode
105
- value = setting.value
106
- else
107
- value = @value_converter[setting.value]
108
- end
101
+ value = @value_converter[setting.value]
109
102
 
110
103
  # Check to see if this is a file argument and it has extra options
111
104
  begin
@@ -53,7 +53,7 @@ class Puppet::Settings::FileSetting < Puppet::Settings::StringSetting
53
53
  end
54
54
  end
55
55
 
56
- attr_accessor :mode, :create
56
+ attr_accessor :mode
57
57
 
58
58
  def initialize(args)
59
59
  @group = Unspecified.new
@@ -61,11 +61,6 @@ class Puppet::Settings::FileSetting < Puppet::Settings::StringSetting
61
61
  super(args)
62
62
  end
63
63
 
64
- # Should we create files, rather than just directories?
65
- def create_files?
66
- create
67
- end
68
-
69
64
  # @param value [String] the group to use on the created file (can only be "root" or "service")
70
65
  # @api public
71
66
  def group=(value)
@@ -135,8 +130,8 @@ class Puppet::Settings::FileSetting < Puppet::Settings::StringSetting
135
130
  # Make sure the paths are fully qualified.
136
131
  path = File.expand_path(path)
137
132
 
138
- return nil unless type == :directory or create_files? or Puppet::FileSystem.exist?(path)
139
- return nil if path =~ /^\/dev/ or path =~ /^[A-Z]:\/dev/i
133
+ return nil unless type == :directory || Puppet::FileSystem.exist?(path)
134
+ return nil if path =~ /^\/dev/ || path =~ /^[A-Z]:\/dev/i
140
135
 
141
136
  resource = Puppet::Resource.new(:file, path)
142
137
 
@@ -5,7 +5,6 @@ class Puppet::Settings::ValueTranslator
5
5
  return case value
6
6
  when /^false$/i; false
7
7
  when /^true$/i; true
8
- when /^\d+$/i; Integer(value)
9
8
  when true; true
10
9
  when false; false
11
10
  else
@@ -79,11 +79,11 @@ class Puppet::Settings
79
79
  end
80
80
 
81
81
  def self.hostname_fact()
82
- Facter.value :hostname
82
+ Puppet.runtime[:facter].value :hostname
83
83
  end
84
84
 
85
85
  def self.domain_fact()
86
- Facter.value :domain
86
+ Puppet.runtime[:facter].value :domain
87
87
  end
88
88
 
89
89
  def self.default_config_file_name
@@ -868,7 +868,11 @@ class Puppet::Settings
868
868
  if self[:user]
869
869
  user = Puppet::Type.type(:user).new :name => self[:user], :audit => :ensure
870
870
 
871
- @service_user_available = user.exists?
871
+ if user.suitable?
872
+ @service_user_available = user.exists?
873
+ else
874
+ raise Puppet::Error, (_("Cannot manage owner permissions, because the provider for '%{name}' is not functional") % { name: user })
875
+ end
872
876
  else
873
877
  @service_user_available = false
874
878
  end
@@ -880,7 +884,11 @@ class Puppet::Settings
880
884
  if self[:group]
881
885
  group = Puppet::Type.type(:group).new :name => self[:group], :audit => :ensure
882
886
 
883
- @service_group_available = group.exists?
887
+ if group.suitable?
888
+ @service_group_available = group.exists?
889
+ else
890
+ raise Puppet::Error, (_("Cannot manage group permissions, because the provider for '%{name}' is not functional") % { name: group })
891
+ end
884
892
  else
885
893
  @service_group_available = false
886
894
  end
@@ -889,9 +897,16 @@ class Puppet::Settings
889
897
  # Allow later inspection to determine if the setting was set on the
890
898
  # command line, or through some other code path. Used for the
891
899
  # `dns_alt_names` option during cert generate. --daniel 2011-10-18
892
- def set_by_cli?(param)
900
+ #
901
+ # @param param [String, Symbol] the setting to look up
902
+ # @return [Object, nil] the value of the setting or nil if unset
903
+ def set_by_cli(param)
893
904
  param = param.to_sym
894
- !@value_sets[:cli].lookup(param).nil?
905
+ @value_sets[:cli].lookup(param)
906
+ end
907
+
908
+ def set_by_cli?(param)
909
+ !!set_by_cli(param)
895
910
  end
896
911
 
897
912
  # Get values from a search path entry.
@@ -924,9 +939,13 @@ class Puppet::Settings
924
939
  end
925
940
  end
926
941
 
927
- # Allow later inspection to determine if the setting was set by user
928
- # config, rather than a default setting.
929
- def set_in_section?(param, section)
942
+ # Allow later inspection to determine if the setting was set in a specific
943
+ # section
944
+ #
945
+ # @param param [String, Symbol] the setting to look up
946
+ # @param section [Symbol] the section in which to look up the setting
947
+ # @return [Object, nil] the value of the setting or nil if unset
948
+ def set_in_section(param, section)
930
949
  param = param.to_sym
931
950
  vals = searchpath_values(SearchPathElement.new(section, :section))
932
951
  if vals
@@ -934,6 +953,10 @@ class Puppet::Settings
934
953
  end
935
954
  end
936
955
 
956
+ def set_in_section?(param, section)
957
+ !!set_in_section(param, section)
958
+ end
959
+
937
960
  # Patches the value for a param in a section.
938
961
  # This method is required to support the use case of unifying --dns-alt-names and
939
962
  # --dns_alt_names in the certificate face. Ideally this should be cleaned up.
@@ -142,7 +142,9 @@ module Puppet::Test
142
142
  },
143
143
  "Context for specs")
144
144
 
145
- Puppet.runtime.clear
145
+ # trigger `require 'facter'`
146
+ Puppet.runtime[:facter]
147
+
146
148
  Puppet::Parser::Functions.reset
147
149
  Puppet::Application.clear!
148
150
  Puppet::Util::Profiler.clear
@@ -166,6 +168,7 @@ module Puppet::Test
166
168
 
167
169
  Puppet::Util::Storage.clear
168
170
  Puppet::Util::ExecutionStub.reset
171
+ Puppet.runtime.clear
169
172
 
170
173
  Puppet.clear_deprecation_warnings
171
174