puppet 7.8.0 → 7.12.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (379) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +5 -5
  3. data/Gemfile +2 -2
  4. data/Gemfile.lock +15 -15
  5. data/README.md +4 -4
  6. data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
  7. data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
  8. data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
  9. data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
  10. data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
  11. data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
  12. data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
  13. data/{ext → examples}/nagios/check_puppet.rb +2 -2
  14. data/ext/README.md +13 -0
  15. data/ext/project_data.yaml +1 -0
  16. data/install.rb +0 -4
  17. data/lib/puppet/application/agent.rb +4 -0
  18. data/lib/puppet/application/apply.rb +20 -2
  19. data/lib/puppet/application/filebucket.rb +1 -0
  20. data/lib/puppet/application/resource.rb +30 -15
  21. data/lib/puppet/application/ssl.rb +1 -0
  22. data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
  23. data/lib/puppet/configurer.rb +176 -58
  24. data/lib/puppet/confine/variable.rb +1 -1
  25. data/lib/puppet/defaults.rb +67 -29
  26. data/lib/puppet/environments.rb +75 -25
  27. data/lib/puppet/face/help/action.erb +1 -0
  28. data/lib/puppet/face/help/face.erb +1 -0
  29. data/lib/puppet/face/node/clean.rb +1 -1
  30. data/lib/puppet/facter_impl.rb +96 -0
  31. data/lib/puppet/file_serving/configuration/parser.rb +2 -0
  32. data/lib/puppet/file_serving/configuration.rb +2 -0
  33. data/lib/puppet/file_serving/mount/file.rb +4 -4
  34. data/lib/puppet/file_serving/mount/scripts.rb +24 -0
  35. data/lib/puppet/file_system/file_impl.rb +3 -1
  36. data/lib/puppet/file_system/windows.rb +2 -2
  37. data/lib/puppet/file_system.rb +2 -1
  38. data/lib/puppet/forge/cache.rb +1 -1
  39. data/lib/puppet/forge.rb +4 -4
  40. data/lib/puppet/functions/empty.rb +8 -0
  41. data/lib/puppet/functions/find_template.rb +2 -2
  42. data/lib/puppet/functions/strftime.rb +1 -0
  43. data/lib/puppet/functions/unwrap.rb +17 -2
  44. data/lib/puppet/http/service/compiler.rb +6 -1
  45. data/lib/puppet/indirector/catalog/compiler.rb +24 -6
  46. data/lib/puppet/indirector/catalog/rest.rb +1 -0
  47. data/lib/puppet/indirector/facts/facter.rb +6 -6
  48. data/lib/puppet/indirector/indirection.rb +1 -1
  49. data/lib/puppet/indirector/resource/ral.rb +6 -1
  50. data/lib/puppet/indirector/terminus.rb +4 -0
  51. data/lib/puppet/interface/documentation.rb +1 -0
  52. data/lib/puppet/module/plan.rb +0 -1
  53. data/lib/puppet/module/task.rb +1 -1
  54. data/lib/puppet/module_tool/applications/installer.rb +12 -4
  55. data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
  56. data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
  57. data/lib/puppet/module_tool/errors/shared.rb +17 -0
  58. data/lib/puppet/module_tool/tar/mini.rb +1 -1
  59. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  60. data/lib/puppet/node/environment.rb +10 -11
  61. data/lib/puppet/pal/pal_impl.rb +1 -1
  62. data/lib/puppet/parser/scope.rb +8 -7
  63. data/lib/puppet/parser/templatewrapper.rb +1 -0
  64. data/lib/puppet/pops/evaluator/closure.rb +7 -5
  65. data/lib/puppet/pops/lookup/lookup_adapter.rb +3 -2
  66. data/lib/puppet/pops/model/ast.rb +1 -0
  67. data/lib/puppet/pops/model/factory.rb +14 -13
  68. data/lib/puppet/pops/parser/egrammar.ra +2 -2
  69. data/lib/puppet/pops/parser/eparser.rb +752 -753
  70. data/lib/puppet/pops/parser/lexer2.rb +69 -68
  71. data/lib/puppet/pops/parser/slurp_support.rb +1 -0
  72. data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
  73. data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
  74. data/lib/puppet/pops/types/type_formatter.rb +7 -6
  75. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  76. data/lib/puppet/pops/types/types.rb +1 -1
  77. data/lib/puppet/provider/aix_object.rb +1 -1
  78. data/lib/puppet/provider/exec/posix.rb +16 -4
  79. data/lib/puppet/provider/group/groupadd.rb +5 -2
  80. data/lib/puppet/provider/package/pip.rb +15 -3
  81. data/lib/puppet/provider/package/pkg.rb +19 -2
  82. data/lib/puppet/provider/package/puppet_gem.rb +1 -1
  83. data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
  84. data/lib/puppet/provider/package/windows/exe_package.rb +30 -1
  85. data/lib/puppet/provider/package/windows/package.rb +2 -1
  86. data/lib/puppet/provider/package/windows.rb +14 -1
  87. data/lib/puppet/provider/package/yum.rb +1 -1
  88. data/lib/puppet/provider/parsedfile.rb +3 -0
  89. data/lib/puppet/provider/service/base.rb +1 -1
  90. data/lib/puppet/provider/service/init.rb +5 -5
  91. data/lib/puppet/provider/service/launchd.rb +2 -2
  92. data/lib/puppet/provider/service/redhat.rb +1 -1
  93. data/lib/puppet/provider/service/smf.rb +3 -3
  94. data/lib/puppet/provider/service/systemd.rb +2 -2
  95. data/lib/puppet/provider/service/upstart.rb +5 -5
  96. data/lib/puppet/provider/user/aix.rb +44 -1
  97. data/lib/puppet/provider/user/directoryservice.rb +1 -1
  98. data/lib/puppet/provider/user/useradd.rb +72 -16
  99. data/lib/puppet/provider.rb +1 -1
  100. data/lib/puppet/reference/providers.rb +2 -2
  101. data/lib/puppet/resource/type_collection.rb +4 -1
  102. data/lib/puppet/runtime.rb +11 -1
  103. data/lib/puppet/settings/config_file.rb +1 -8
  104. data/lib/puppet/settings/file_setting.rb +3 -8
  105. data/lib/puppet/settings/value_translator.rb +0 -1
  106. data/lib/puppet/settings.rb +32 -9
  107. data/lib/puppet/test/test_helper.rb +4 -1
  108. data/lib/puppet/transaction/persistence.rb +11 -1
  109. data/lib/puppet/transaction/report.rb +15 -1
  110. data/lib/puppet/type/exec.rb +35 -5
  111. data/lib/puppet/type/file/mode.rb +6 -0
  112. data/lib/puppet/type/file.rb +6 -6
  113. data/lib/puppet/type/filebucket.rb +2 -2
  114. data/lib/puppet/type/group.rb +0 -1
  115. data/lib/puppet/type/resources.rb +1 -1
  116. data/lib/puppet/type/service.rb +8 -3
  117. data/lib/puppet/type/tidy.rb +1 -1
  118. data/lib/puppet/type/user.rb +1 -2
  119. data/lib/puppet/type.rb +1 -1
  120. data/lib/puppet/util/autoload.rb +1 -1
  121. data/lib/puppet/util/command_line.rb +1 -1
  122. data/lib/puppet/util/filetype.rb +2 -2
  123. data/lib/puppet/util/json.rb +3 -0
  124. data/lib/puppet/util/log.rb +1 -2
  125. data/lib/puppet/util/logging.rb +1 -25
  126. data/lib/puppet/util/monkey_patches.rb +2 -17
  127. data/lib/puppet/util/pidlock.rb +1 -1
  128. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  129. data/lib/puppet/util/suidmanager.rb +1 -2
  130. data/lib/puppet/util/symbolic_file_mode.rb +29 -17
  131. data/lib/puppet/util/tagging.rb +1 -0
  132. data/lib/puppet/util/windows/sid.rb +3 -1
  133. data/lib/puppet/util/windows/user.rb +0 -1
  134. data/lib/puppet/util.rb +4 -3
  135. data/lib/puppet/version.rb +1 -1
  136. data/lib/puppet/x509/cert_provider.rb +3 -21
  137. data/lib/puppet.rb +5 -9
  138. data/locales/puppet.pot +409 -329
  139. data/man/man5/puppet.conf.5 +73 -25
  140. data/man/man8/puppet-agent.8 +4 -1
  141. data/man/man8/puppet-apply.8 +1 -1
  142. data/man/man8/puppet-catalog.8 +9 -9
  143. data/man/man8/puppet-config.8 +1 -1
  144. data/man/man8/puppet-describe.8 +1 -1
  145. data/man/man8/puppet-device.8 +1 -1
  146. data/man/man8/puppet-doc.8 +1 -1
  147. data/man/man8/puppet-epp.8 +1 -1
  148. data/man/man8/puppet-facts.8 +7 -7
  149. data/man/man8/puppet-filebucket.8 +1 -1
  150. data/man/man8/puppet-generate.8 +1 -1
  151. data/man/man8/puppet-help.8 +1 -1
  152. data/man/man8/puppet-lookup.8 +1 -1
  153. data/man/man8/puppet-module.8 +3 -3
  154. data/man/man8/puppet-node.8 +5 -5
  155. data/man/man8/puppet-parser.8 +1 -1
  156. data/man/man8/puppet-plugin.8 +1 -1
  157. data/man/man8/puppet-report.8 +5 -5
  158. data/man/man8/puppet-resource.8 +1 -1
  159. data/man/man8/puppet-script.8 +1 -1
  160. data/man/man8/puppet-ssl.8 +1 -1
  161. data/man/man8/puppet.8 +2 -2
  162. data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
  163. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
  164. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
  165. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
  166. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
  167. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
  168. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
  169. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
  170. data/spec/fixtures/ssl/127.0.0.1-key.pem +106 -106
  171. data/spec/fixtures/ssl/127.0.0.1.pem +48 -48
  172. data/spec/fixtures/ssl/bad-basic-constraints.pem +54 -54
  173. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +51 -51
  174. data/spec/fixtures/ssl/ca.pem +52 -52
  175. data/spec/fixtures/ssl/crl.pem +25 -25
  176. data/spec/fixtures/ssl/ec-key-openssl.pem +8 -0
  177. data/spec/fixtures/ssl/ec-key-pk8.pem +5 -0
  178. data/spec/fixtures/ssl/ec-key.pem +11 -11
  179. data/spec/fixtures/ssl/ec.pem +32 -32
  180. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  181. data/spec/fixtures/ssl/encrypted-key.pem +107 -107
  182. data/spec/fixtures/ssl/intermediate-agent-crl.pem +25 -25
  183. data/spec/fixtures/ssl/intermediate-agent.pem +54 -54
  184. data/spec/fixtures/ssl/intermediate-crl.pem +28 -28
  185. data/spec/fixtures/ssl/intermediate.pem +51 -51
  186. data/spec/fixtures/ssl/oid-key.pem +117 -0
  187. data/spec/fixtures/ssl/oid.pem +69 -0
  188. data/spec/fixtures/ssl/pluto-key.pem +106 -106
  189. data/spec/fixtures/ssl/pluto.pem +50 -50
  190. data/spec/fixtures/ssl/request-key.pem +106 -106
  191. data/spec/fixtures/ssl/request.pem +45 -45
  192. data/spec/fixtures/ssl/revoked-key.pem +106 -106
  193. data/spec/fixtures/ssl/revoked.pem +49 -49
  194. data/spec/fixtures/ssl/signed-key.pem +106 -106
  195. data/spec/fixtures/ssl/signed.pem +47 -47
  196. data/spec/fixtures/ssl/tampered-cert.pem +49 -49
  197. data/spec/fixtures/ssl/tampered-csr.pem +45 -45
  198. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
  199. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +106 -106
  200. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -48
  201. data/spec/fixtures/ssl/unknown-ca-key.pem +106 -106
  202. data/spec/fixtures/ssl/unknown-ca.pem +52 -52
  203. data/spec/integration/application/agent_spec.rb +118 -52
  204. data/spec/integration/application/filebucket_spec.rb +16 -0
  205. data/spec/integration/application/module_spec.rb +21 -0
  206. data/spec/integration/application/resource_spec.rb +35 -1
  207. data/spec/integration/application/ssl_spec.rb +20 -0
  208. data/spec/integration/configurer_spec.rb +18 -2
  209. data/spec/integration/defaults_spec.rb +5 -0
  210. data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
  211. data/spec/integration/indirector/facts/facter_spec.rb +93 -39
  212. data/spec/integration/l10n/compiler_spec.rb +37 -0
  213. data/spec/integration/transaction/report_spec.rb +1 -1
  214. data/spec/integration/type/exec_spec.rb +70 -45
  215. data/spec/integration/type/file_spec.rb +2 -2
  216. data/spec/integration/type/package_spec.rb +6 -6
  217. data/spec/integration/util/rdoc/parser_spec.rb +1 -1
  218. data/spec/integration/util/windows/process_spec.rb +1 -9
  219. data/spec/lib/puppet/test_ca.rb +5 -0
  220. data/spec/lib/puppet_spec/modules.rb +13 -2
  221. data/spec/lib/puppet_spec/puppetserver.rb +15 -0
  222. data/spec/lib/puppet_spec/settings.rb +1 -0
  223. data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
  224. data/spec/shared_contexts/l10n.rb +27 -0
  225. data/spec/spec_helper.rb +1 -10
  226. data/spec/unit/application/apply_spec.rb +76 -56
  227. data/spec/unit/application/resource_spec.rb +29 -0
  228. data/spec/unit/configurer_spec.rb +291 -56
  229. data/spec/unit/environments_spec.rb +184 -0
  230. data/spec/unit/facter_impl_spec.rb +31 -0
  231. data/spec/unit/file_bucket/dipper_spec.rb +2 -2
  232. data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
  233. data/spec/unit/file_serving/configuration_spec.rb +12 -4
  234. data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
  235. data/spec/unit/file_system_spec.rb +13 -0
  236. data/spec/unit/functions/assert_type_spec.rb +1 -1
  237. data/spec/unit/functions/empty_spec.rb +10 -0
  238. data/spec/unit/functions/logging_spec.rb +1 -0
  239. data/spec/unit/functions/lookup_spec.rb +87 -0
  240. data/spec/unit/functions/unwrap_spec.rb +8 -0
  241. data/spec/unit/functions4_spec.rb +2 -2
  242. data/spec/unit/http/service/compiler_spec.rb +8 -0
  243. data/spec/unit/indirector/catalog/compiler_spec.rb +87 -0
  244. data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
  245. data/spec/unit/indirector/indirection_spec.rb +10 -3
  246. data/spec/unit/indirector/resource/ral_spec.rb +40 -75
  247. data/spec/unit/interface/action_spec.rb +0 -9
  248. data/spec/unit/module_spec.rb +14 -0
  249. data/spec/unit/module_tool/applications/installer_spec.rb +52 -14
  250. data/spec/unit/network/formats_spec.rb +6 -0
  251. data/spec/unit/parser/compiler_spec.rb +29 -0
  252. data/spec/unit/parser/templatewrapper_spec.rb +12 -2
  253. data/spec/unit/pops/loaders/dependency_loader_spec.rb +0 -9
  254. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  255. data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
  256. data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
  257. data/spec/unit/pops/serialization/to_stringified_spec.rb +5 -0
  258. data/spec/unit/pops/types/type_calculator_spec.rb +6 -0
  259. data/spec/unit/provider/package/gem_spec.rb +1 -1
  260. data/spec/unit/provider/package/pip2_spec.rb +1 -1
  261. data/spec/unit/provider/package/pip3_spec.rb +1 -1
  262. data/spec/unit/provider/package/pip_spec.rb +38 -1
  263. data/spec/unit/provider/package/pkg_spec.rb +34 -5
  264. data/spec/unit/provider/package/puppet_gem_spec.rb +1 -1
  265. data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
  266. data/spec/unit/provider/package/windows/exe_package_spec.rb +17 -0
  267. data/spec/unit/provider/parsedfile_spec.rb +10 -0
  268. data/spec/unit/provider/service/launchd_spec.rb +11 -0
  269. data/spec/unit/provider/service/systemd_spec.rb +1 -1
  270. data/spec/unit/provider/user/aix_spec.rb +100 -0
  271. data/spec/unit/provider/user/directoryservice_spec.rb +1 -1
  272. data/spec/unit/provider/user/useradd_spec.rb +43 -2
  273. data/spec/unit/provider_spec.rb +4 -4
  274. data/spec/unit/puppet_spec.rb +12 -4
  275. data/spec/unit/resource/type_collection_spec.rb +16 -0
  276. data/spec/unit/resource/type_spec.rb +2 -2
  277. data/spec/unit/settings/config_file_spec.rb +1 -11
  278. data/spec/unit/settings/file_setting_spec.rb +10 -7
  279. data/spec/unit/settings/value_translator_spec.rb +4 -5
  280. data/spec/unit/settings_spec.rb +120 -79
  281. data/spec/unit/ssl/ssl_provider_spec.rb +18 -16
  282. data/spec/unit/type/exec_spec.rb +76 -29
  283. data/spec/unit/type/file/source_spec.rb +4 -4
  284. data/spec/unit/type/service_spec.rb +27 -0
  285. data/spec/unit/type/tidy_spec.rb +7 -0
  286. data/spec/unit/type_spec.rb +2 -2
  287. data/spec/unit/util/autoload_spec.rb +25 -8
  288. data/spec/unit/util/ldap/connection_spec.rb +10 -10
  289. data/spec/unit/util/ldap/manager_spec.rb +2 -2
  290. data/spec/unit/util/logging_spec.rb +2 -0
  291. data/spec/unit/util/windows/sid_spec.rb +39 -4
  292. data/spec/unit/util_spec.rb +1 -3
  293. data/spec/unit/x509/cert_provider_spec.rb +9 -1
  294. data/tasks/generate_cert_fixtures.rake +10 -1
  295. data/tasks/parallel.rake +3 -3
  296. metadata +51 -95
  297. data/ext/README.environment +0 -8
  298. data/ext/dbfix.sql +0 -132
  299. data/ext/debian/README.Debian +0 -8
  300. data/ext/debian/README.source +0 -2
  301. data/ext/debian/TODO.Debian +0 -1
  302. data/ext/debian/changelog.erb +0 -1122
  303. data/ext/debian/compat +0 -1
  304. data/ext/debian/control +0 -144
  305. data/ext/debian/copyright +0 -339
  306. data/ext/debian/docs +0 -1
  307. data/ext/debian/fileserver.conf +0 -41
  308. data/ext/debian/puppet-common.dirs +0 -13
  309. data/ext/debian/puppet-common.install +0 -3
  310. data/ext/debian/puppet-common.lintian-overrides +0 -5
  311. data/ext/debian/puppet-common.manpages +0 -28
  312. data/ext/debian/puppet-common.postinst +0 -35
  313. data/ext/debian/puppet-common.postrm +0 -33
  314. data/ext/debian/puppet-el.dirs +0 -1
  315. data/ext/debian/puppet-el.emacsen-install +0 -25
  316. data/ext/debian/puppet-el.emacsen-remove +0 -11
  317. data/ext/debian/puppet-el.emacsen-startup +0 -9
  318. data/ext/debian/puppet-el.install +0 -1
  319. data/ext/debian/puppet-testsuite.install +0 -2
  320. data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
  321. data/ext/debian/puppet.lintian-overrides +0 -3
  322. data/ext/debian/puppet.logrotate +0 -20
  323. data/ext/debian/puppet.postinst +0 -20
  324. data/ext/debian/puppet.postrm +0 -20
  325. data/ext/debian/puppet.preinst +0 -20
  326. data/ext/debian/puppetmaster-common.install +0 -2
  327. data/ext/debian/puppetmaster-common.manpages +0 -2
  328. data/ext/debian/puppetmaster-common.postinst +0 -6
  329. data/ext/debian/puppetmaster-passenger.dirs +0 -4
  330. data/ext/debian/puppetmaster-passenger.postinst +0 -162
  331. data/ext/debian/puppetmaster-passenger.postrm +0 -61
  332. data/ext/debian/puppetmaster.README.debian +0 -17
  333. data/ext/debian/puppetmaster.default +0 -14
  334. data/ext/debian/puppetmaster.init +0 -137
  335. data/ext/debian/puppetmaster.lintian-overrides +0 -3
  336. data/ext/debian/puppetmaster.postinst +0 -20
  337. data/ext/debian/puppetmaster.postrm +0 -5
  338. data/ext/debian/puppetmaster.preinst +0 -22
  339. data/ext/debian/rules +0 -132
  340. data/ext/debian/source/format +0 -1
  341. data/ext/debian/source/options +0 -1
  342. data/ext/debian/vim-puppet.README.Debian +0 -13
  343. data/ext/debian/vim-puppet.dirs +0 -5
  344. data/ext/debian/vim-puppet.yaml +0 -7
  345. data/ext/debian/watch +0 -2
  346. data/ext/freebsd/puppetd +0 -26
  347. data/ext/freebsd/puppetmasterd +0 -26
  348. data/ext/gentoo/conf.d/puppet +0 -5
  349. data/ext/gentoo/conf.d/puppetmaster +0 -12
  350. data/ext/gentoo/init.d/puppet +0 -38
  351. data/ext/gentoo/init.d/puppetmaster +0 -51
  352. data/ext/gentoo/puppet/fileserver.conf +0 -41
  353. data/ext/ips/puppet-agent +0 -44
  354. data/ext/ips/puppet-master +0 -44
  355. data/ext/ips/puppet.p5m.erb +0 -12
  356. data/ext/ips/puppetagent.xml +0 -42
  357. data/ext/ips/puppetmaster.xml +0 -42
  358. data/ext/ips/rules +0 -19
  359. data/ext/ips/transforms +0 -34
  360. data/ext/ldap/puppet.schema +0 -24
  361. data/ext/logcheck/puppet +0 -23
  362. data/ext/osx/file_mapping.yaml +0 -28
  363. data/ext/osx/postflight.erb +0 -109
  364. data/ext/osx/preflight.erb +0 -52
  365. data/ext/osx/prototype.plist.erb +0 -38
  366. data/ext/redhat/fileserver.conf +0 -41
  367. data/ext/redhat/logrotate +0 -21
  368. data/ext/redhat/puppet.spec.erb +0 -841
  369. data/ext/redhat/server.init +0 -128
  370. data/ext/redhat/server.sysconfig +0 -13
  371. data/ext/solaris/pkginfo +0 -6
  372. data/ext/solaris/smf/puppetd.xml +0 -77
  373. data/ext/solaris/smf/puppetmasterd.xml +0 -77
  374. data/ext/solaris/smf/svc-puppetd +0 -71
  375. data/ext/solaris/smf/svc-puppetmasterd +0 -67
  376. data/ext/suse/puppet.spec +0 -310
  377. data/ext/suse/server.init +0 -173
  378. data/ext/yaml_nodes.rb +0 -105
  379. data/spec/unit/indirector/store_configs_spec.rb +0 -7
@@ -11,7 +11,10 @@ module Puppet
11
11
 
12
12
  * The command itself is already idempotent. (For example, `apt-get update`.)
13
13
  * The exec has an `onlyif`, `unless`, or `creates` attribute, which prevents
14
- Puppet from running the command unless some condition is met.
14
+ Puppet from running the command unless some condition is met. The
15
+ `onlyif` and `unless` commands of an `exec` are used in the process of
16
+ determining whether the `exec` is already in sync, therefore they must be run
17
+ during a noop Puppet run.
15
18
  * The exec has `refreshonly => true`, which allows Puppet to run the
16
19
  command only when some other resource is changed. (See the notes on refreshing
17
20
  below.)
@@ -198,10 +201,20 @@ module Puppet
198
201
  any output is logged at the `err` log level.
199
202
 
200
203
  Multiple `exec` resources can use the same `command` value; Puppet
201
- only uses the resource title to ensure `exec`s are unique."
204
+ only uses the resource title to ensure `exec`s are unique.
205
+
206
+ On *nix platforms, the command can be specified as an array of
207
+ strings and Puppet will invoke it using the more secure method of
208
+ parameterized system calls. For example, rather than executing the
209
+ malicious injected code, this command will echo it out:
210
+
211
+ command => ['/bin/echo', 'hello world; rm -rf /']
212
+ "
202
213
 
203
214
  validate do |command|
204
- raise ArgumentError, _("Command must be a String, got value of class %{klass}") % { klass: command.class } unless command.is_a? String
215
+ unless command.is_a?(String) || command.is_a?(Array)
216
+ raise ArgumentError, _("Command must be a String or Array<String>, got value of class %{klass}") % { klass: command.class }
217
+ end
205
218
  end
206
219
  end
207
220
 
@@ -454,10 +467,17 @@ module Puppet
454
467
  `user`, `cwd`, and `group` as the main command. If the `path` isn't set, you
455
468
  must fully qualify the command's name.
456
469
 
470
+ Since this command is used in the process of determining whether the
471
+ `exec` is already in sync, it must be run during a noop Puppet run.
472
+
457
473
  This parameter can also take an array of commands. For example:
458
474
 
459
475
  unless => ['test -f /tmp/file1', 'test -f /tmp/file2'],
460
476
 
477
+ or an array of arrays. For example:
478
+
479
+ unless => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
480
+
461
481
  This `exec` would only run if every command in the array has a
462
482
  non-zero exit code.
463
483
  EOT
@@ -510,10 +530,17 @@ module Puppet
510
530
  `user`, `cwd`, and `group` as the main command. If the `path` isn't set, you
511
531
  must fully qualify the command's name.
512
532
 
533
+ Since this command is used in the process of determining whether the
534
+ `exec` is already in sync, it must be run during a noop Puppet run.
535
+
513
536
  This parameter can also take an array of commands. For example:
514
537
 
515
538
  onlyif => ['test -f /tmp/file1', 'test -f /tmp/file2'],
516
539
 
540
+ or an array of arrays. For example:
541
+
542
+ onlyif => [['test', '-f', '/tmp/file1'], 'test -f /tmp/file2']
543
+
517
544
  This `exec` would only run if every command in the array has an
518
545
  exit code of 0 (success).
519
546
  EOT
@@ -562,12 +589,14 @@ module Puppet
562
589
  reqs << self[:cwd] if self[:cwd]
563
590
 
564
591
  file_regex = Puppet::Util::Platform.windows? ? %r{^([a-zA-Z]:[\\/]\S+)} : %r{^(/\S+)}
592
+ cmd = self[:command]
593
+ cmd = cmd[0] if cmd.is_a? Array
565
594
 
566
- self[:command].scan(file_regex) { |str|
595
+ cmd.scan(file_regex) { |str|
567
596
  reqs << str
568
597
  }
569
598
 
570
- self[:command].scan(/^"([^"]+)"/) { |str|
599
+ cmd.scan(/^"([^"]+)"/) { |str|
571
600
  reqs << str
572
601
  }
573
602
 
@@ -583,6 +612,7 @@ module Puppet
583
612
  # fully qualified. It might not be a bad idea to add
584
613
  # unqualified files, but, well, that's a bit more annoying
585
614
  # to do.
615
+ line = line[0] if line.is_a? Array
586
616
  reqs += line.scan(file_regex)
587
617
  end
588
618
  }
@@ -90,9 +90,15 @@ module Puppet
90
90
  raise Puppet::Error, "The file mode specification is invalid: #{value.inspect}"
91
91
  end
92
92
 
93
+ # normalizes to symbolic form, e.g. u+a, an octal string without leading 0
93
94
  normalize_symbolic_mode(value)
94
95
  end
95
96
 
97
+ unmunge do |value|
98
+ # return symbolic form or octal string *with* leading 0's
99
+ display_mode(value) if value
100
+ end
101
+
96
102
  def desired_mode_from_current(desired, current)
97
103
  current = current.to_i(8) if current.is_a? String
98
104
  is_a_directory = @resource.stat && @resource.stat.directory?
@@ -91,23 +91,23 @@ Puppet::Type.newtype(:file) do
91
91
 
92
92
  Backing up to a local filebucket isn't particularly useful. If you want
93
93
  to make organized use of backups, you will generally want to use the
94
- puppet master server's filebucket service. This requires declaring a
94
+ primary Puppet server's filebucket service. This requires declaring a
95
95
  filebucket resource and a resource default for the `backup` attribute
96
96
  in site.pp:
97
97
 
98
98
  # /etc/puppetlabs/puppet/manifests/site.pp
99
99
  filebucket { 'main':
100
100
  path => false, # This is required for remote filebuckets.
101
- server => 'puppet.example.com', # Optional; defaults to the configured puppet master.
101
+ server => 'puppet.example.com', # Optional; defaults to the configured primary Puppet server.
102
102
  }
103
103
 
104
104
  File { backup => main, }
105
105
 
106
- If you are using multiple puppet master servers, you will want to
106
+ If you are using multiple primary servers, you will want to
107
107
  centralize the contents of the filebucket. Either configure your load
108
- balancer to direct all filebucket traffic to a single master, or use
108
+ balancer to direct all filebucket traffic to a single primary server, or use
109
109
  something like an out-of-band rsync task to synchronize the content on all
110
- masters.
110
+ primary servers.
111
111
 
112
112
  > **Note**: Enabling and using the backup option, and by extension the
113
113
  filebucket resource, requires appropriate planning and management to ensure
@@ -359,7 +359,7 @@ Puppet::Type.newtype(:file) do
359
359
  This command must have a fully qualified path, and should contain a
360
360
  percent (`%`) token where it would expect an input file. It must exit `0`
361
361
  if the syntax is correct, and non-zero otherwise. The command will be
362
- run on the target system while applying the catalog, not on the puppet master.
362
+ run on the target system while applying the catalog, not on the primary Puppet server.
363
363
 
364
364
  Example:
365
365
 
@@ -4,7 +4,7 @@ module Puppet
4
4
  Type.newtype(:filebucket) do
5
5
  @doc = <<-EOT
6
6
  A repository for storing and retrieving file content by MD5 checksum. Can
7
- be local to each agent node, or centralized on a puppet master server. All
7
+ be local to each agent node, or centralized on a primary Puppet server. All
8
8
  puppet servers provide a filebucket service that agent nodes can access
9
9
  via HTTP, but you must declare a filebucket resource before any agents
10
10
  will do so.
@@ -25,7 +25,7 @@ module Puppet
25
25
  # /etc/puppetlabs/puppet/manifests/site.pp
26
26
  filebucket { 'main':
27
27
  path => false, # This is required for remote filebuckets.
28
- server => 'puppet.example.com', # Optional; defaults to the configured puppet master.
28
+ server => 'puppet.example.com', # Optional; defaults to the configured primary server.
29
29
  }
30
30
 
31
31
  File { backup => main, }
@@ -1,5 +1,4 @@
1
1
  require 'etc'
2
- require 'facter'
3
2
  require_relative '../../puppet/property/keyvalue'
4
3
  require_relative '../../puppet/parameter/boolean'
5
4
 
@@ -175,7 +175,7 @@ Puppet::Type.newtype(:resources) do
175
175
  end
176
176
 
177
177
  # Otherwise, use a sensible default based on the OS family
178
- @system_users_max_uid ||= case Facter.value(:osfamily)
178
+ @system_users_max_uid ||= case Puppet.runtime[:facter].value(:osfamily)
179
179
  when 'OpenBSD', 'FreeBSD'
180
180
  999
181
181
  else
@@ -272,9 +272,14 @@ module Puppet
272
272
 
273
273
  newparam(:timeout, :required_features => :configurable_timeout) do
274
274
  desc "Specify an optional minimum timeout (in seconds) for puppet to wait when syncing service properties"
275
- defaultto { provider.class.respond_to?(:default_timeout) ? provider.default_timeout : 10 }
276
- validate do |value|
277
- if (not value.is_a? Integer) || value < 1
275
+ defaultto { provider.respond_to?(:default_timeout) ? provider.default_timeout : 10 }
276
+
277
+ munge do |value|
278
+ begin
279
+ value = value.to_i
280
+ raise if value < 1
281
+ value
282
+ rescue
278
283
  raise Puppet::Error.new(_("\"%{value}\" is not a positive integer: the timeout parameter must be specified as a positive integer") % { value: value })
279
284
  end
280
285
  end
@@ -144,7 +144,7 @@ Puppet::Type.newtype(:tidy) do
144
144
 
145
145
  def tidy?(path, stat)
146
146
  # If the file's older than we allow, we should get rid of it.
147
- (Time.now.to_i - stat.send(resource[:type]).to_i) > value
147
+ (Time.now.to_i - stat.send(resource[:type]).to_i) >= value
148
148
  end
149
149
 
150
150
  munge do |age|
@@ -1,5 +1,4 @@
1
1
  require 'etc'
2
- require 'facter'
3
2
  require_relative '../../puppet/parameter/boolean'
4
3
  require_relative '../../puppet/property/list'
5
4
  require_relative '../../puppet/property/ordered_list'
@@ -695,7 +694,7 @@ module Puppet
695
694
  end
696
695
 
697
696
  def generate
698
- if !self[:purge_ssh_keys].empty?
697
+ if !self[:purge_ssh_keys].empty? && self[:purge_ssh_keys] != :false
699
698
  return [] if self[:ensure] == :present && !provider.exists?
700
699
  if Puppet::Type.type(:ssh_authorized_key).nil?
701
700
  warning _("Ssh_authorized_key type is not available. Cannot purge SSH keys.")
data/lib/puppet/type.rb CHANGED
@@ -1272,7 +1272,7 @@ class Type
1272
1272
  like it does when running normally. However, if a resource attribute is not in
1273
1273
  the desired state (as declared in the catalog), Puppet will take no
1274
1274
  action, and will instead report the changes it _would_ have made. These
1275
- simulated changes will appear in the report sent to the puppet master, or
1275
+ simulated changes will appear in the report sent to the primary Puppet server, or
1276
1276
  be shown on the console if running puppet agent or puppet apply in the
1277
1277
  foreground. The simulated changes will not send refresh events to any
1278
1278
  subscribing or notified resources, although Puppet will log that a refresh
@@ -117,7 +117,7 @@ class Puppet::Util::Autoload
117
117
 
118
118
  # @api private
119
119
  def files_in_dir(dir, path)
120
- dir = Pathname.new(File.expand_path(dir))
120
+ dir = Pathname.new(Puppet::FileSystem.expand_path(dir))
121
121
  Dir.glob(File.join(dir, path, "*.rb")).collect do |file|
122
122
  Pathname.new(file).relative_path_from(dir).to_s
123
123
  end
@@ -135,7 +135,7 @@ module Puppet
135
135
 
136
136
  # Puppet requires Facter, which initializes its lookup paths. Reset Facter to
137
137
  # pickup the new $LOAD_PATH.
138
- Facter.reset
138
+ Puppet.runtime[:facter].reset
139
139
  end
140
140
  end
141
141
 
@@ -215,7 +215,7 @@ class Puppet::Util::FileType
215
215
  # Remove a specific @path's cron tab.
216
216
  def remove
217
217
  cmd = "#{cmdbase} -r"
218
- if %w{Darwin FreeBSD DragonFly}.include?(Facter.value("operatingsystem"))
218
+ if %w{Darwin FreeBSD DragonFly}.include?(Puppet.runtime[:facter].value("operatingsystem"))
219
219
  cmd = "/bin/echo yes | #{cmd}"
220
220
  end
221
221
 
@@ -244,7 +244,7 @@ class Puppet::Util::FileType
244
244
  # Only add the -u flag when the @path is different. Fedora apparently
245
245
  # does not think I should be allowed to set the @path to my own user name
246
246
  def cmdbase
247
- if @uid == Puppet::Util::SUIDManager.uid || Facter.value(:operatingsystem) == "HP-UX"
247
+ if @uid == Puppet::Util::SUIDManager.uid || Puppet.runtime[:facter].value(:operatingsystem) == "HP-UX"
248
248
  return "crontab"
249
249
  else
250
250
  return "crontab -u #{@path}"
@@ -60,6 +60,9 @@ module Puppet::Util
60
60
  def self.dump(object, options = {})
61
61
  if defined? MultiJson
62
62
  MultiJson.dump(object, options)
63
+ elsif options.is_a?(JSON::State)
64
+ # we're being called recursively
65
+ object.to_json(options)
63
66
  else
64
67
  options.merge!(::JSON::PRETTY_STATE_PROTOTYPE.to_h) if options.delete(:pretty)
65
68
  object.to_json(options)
@@ -2,7 +2,6 @@ require_relative '../../puppet/util/tagging'
2
2
  require_relative '../../puppet/util/classgen'
3
3
  require_relative '../../puppet/util/psych_support'
4
4
  require_relative '../../puppet/network/format_support'
5
- require 'facter'
6
5
 
7
6
  # Pass feedback to the user. Log levels are modeled after syslog's, and it is
8
7
  # expected that that will be the most common log destination. Supports
@@ -111,7 +110,7 @@ class Puppet::Util::Log
111
110
  @loglevel = @levels.index(level)
112
111
 
113
112
  # Enable or disable Facter debugging
114
- Facter.debugging(level == :debug) if Facter.respond_to? :debugging
113
+ Puppet.runtime[:facter].debugging(level == :debug)
115
114
  end
116
115
 
117
116
  def Log.levels
@@ -2,8 +2,6 @@
2
2
  require_relative '../../puppet/util/log'
3
3
  require_relative '../../puppet/error'
4
4
 
5
- require 'facter'
6
-
7
5
  module Puppet::Util
8
6
  module Logging
9
7
 
@@ -254,29 +252,7 @@ module Logging
254
252
  # Sets up Facter logging.
255
253
  # This method causes Facter output to be forwarded to Puppet.
256
254
  def self.setup_facter_logging!
257
- # Only recent versions of Facter support this feature
258
- return false unless Facter.respond_to? :on_message
259
-
260
- # The current Facter log levels are: :trace, :debug, :info, :warn, :error, and :fatal.
261
- # Convert to the corresponding levels in Puppet
262
- Facter.on_message do |level, message|
263
- case level
264
- when :trace, :debug
265
- level = :debug
266
- when :info
267
- # Same as Puppet
268
- when :warn
269
- level = :warning
270
- when :error
271
- level = :err
272
- when :fatal
273
- level = :crit
274
- else
275
- next
276
- end
277
- Puppet::Util::Log.create({:level => level, :source => 'Facter', :message => message})
278
- nil
279
- end
255
+ Puppet.runtime[:facter]
280
256
  true
281
257
  end
282
258
 
@@ -32,13 +32,6 @@ end
32
32
  # (#19151) Reject all SSLv2 ciphers and handshakes
33
33
  require_relative '../../puppet/ssl/openssl_loader'
34
34
  unless Puppet::Util::Platform.jruby_fips?
35
- unless defined?(OpenSSL::SSL::TLS1_VERSION)
36
- module OpenSSL::SSL
37
- # see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
38
- OpenSSL::SSL::TLS1_VERSION = 0x301
39
- end
40
- end
41
-
42
35
  class OpenSSL::SSL::SSLContext
43
36
  if DEFAULT_PARAMS[:options]
44
37
  DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
@@ -94,20 +87,12 @@ unless Puppet::Util::Platform.jruby_fips?
94
87
  OpenSSL::X509.const_set(:V_ERR_HOSTNAME_MISMATCH, 62)
95
88
  end
96
89
 
90
+ # jruby-openssl doesn't support this
97
91
  unless OpenSSL::X509::Name.instance_methods.include?(:to_utf8)
98
92
  class OpenSSL::X509::Name
99
- # https://github.com/openssl/openssl/blob/OpenSSL_1_1_0j/include/openssl/asn1.h#L362
100
- ASN1_STRFLGS_ESC_MSB = 4
101
-
102
- FLAGS = if RUBY_PLATFORM == 'java'
103
- OpenSSL::X509::Name::RFC2253
104
- else
105
- OpenSSL::X509::Name::RFC2253 & ~ASN1_STRFLGS_ESC_MSB
106
- end
107
-
108
93
  def to_utf8
109
94
  # https://github.com/ruby/ruby/blob/v2_5_5/ext/openssl/ossl_x509name.c#L317
110
- str = to_s(FLAGS)
95
+ str = to_s(OpenSSL::X509::Name::RFC2253)
111
96
  str.force_encoding(Encoding::UTF_8)
112
97
  end
113
98
  end
@@ -46,7 +46,7 @@ class Puppet::Util::Pidlock
46
46
  private
47
47
 
48
48
  def ps_argument_for_current_kernel
49
- case Facter.value(:kernel)
49
+ case Puppet.runtime[:facter].value(:kernel)
50
50
  when "Linux"
51
51
  "-eq"
52
52
  when "AIX"
@@ -154,7 +154,7 @@ module RDoc::PuppetParserCore
154
154
  # fetch comments
155
155
  if line =~ /^[ \t]*# ?(.*)$/
156
156
  comments += $1 + "\n"
157
- elsif line =~ /^[ \t]*Facter.add\(['"](.*?)['"]\)/
157
+ elsif line =~ /^[ \t]*(Facter.add|Puppet\.runtime\[:facter\].add)\(['"](.*?)['"]\)/
158
158
  current_fact = RDoc::Fact.new($1,{})
159
159
  look_for_directives_in(container, comments) unless comments.empty?
160
160
  current_fact.comment = comments
@@ -1,4 +1,3 @@
1
- require 'facter'
2
1
  require_relative '../../puppet/util/warnings'
3
2
  require 'forwardable'
4
3
  require 'etc'
@@ -18,7 +17,7 @@ module Puppet::Util::SUIDManager
18
17
 
19
18
  def osx_maj_ver
20
19
  return @osx_maj_ver unless @osx_maj_ver.nil?
21
- @osx_maj_ver = Facter.value('macosx_productversion_major') || false
20
+ @osx_maj_ver = Puppet.runtime[:facter].value('macosx_productversion_major') || false
22
21
  end
23
22
  module_function :osx_maj_ver
24
23
 
@@ -19,25 +19,37 @@ module SymbolicFileMode
19
19
  return false
20
20
  end
21
21
 
22
+ def display_mode(value)
23
+ if value =~ /^0?[0-7]{1,4}$/
24
+ value.rjust(4, "0")
25
+ else
26
+ value
27
+ end
28
+ end
29
+
22
30
  def normalize_symbolic_mode(value)
23
31
  return nil if value.nil?
24
32
 
25
33
  # We need to treat integers as octal numbers.
26
- if value.is_a? Numeric then
27
- return value.to_s(8)
28
- elsif value =~ /^0?[0-7]{1,4}$/ then
29
- return value.to_i(8).to_s(8)
34
+ #
35
+ # "A numeric mode is from one to four octal digits (0-7), derived by adding
36
+ # up the bits with values 4, 2, and 1. Omitted digits are assumed to be
37
+ # leading zeros."
38
+ if value.is_a? Numeric
39
+ value.to_s(8)
40
+ elsif value =~ /^0?[0-7]{1,4}$/
41
+ value.to_i(8).to_s(8) # strip leading 0's
30
42
  else
31
- return value
43
+ value
32
44
  end
33
45
  end
34
46
 
35
47
  def symbolic_mode_to_int(modification, to_mode = 0, is_a_directory = false)
36
- if modification.nil? or modification == '' then
48
+ if modification.nil? or modification == ''
37
49
  raise Puppet::Error, _("An empty mode string is illegal")
38
- end
39
- if modification =~ /^[0-7]+$/ then return modification.to_i(8) end
40
- if modification =~ /^\d+$/ then
50
+ elsif modification =~ /^[0-7]+$/
51
+ return modification.to_i(8)
52
+ elsif modification =~ /^\d+$/
41
53
  raise Puppet::Error, _("Numeric modes must be in octal, not decimal!")
42
54
  end
43
55
 
@@ -84,31 +96,31 @@ module SymbolicFileMode
84
96
 
85
97
  dsl.split('').each do |op|
86
98
  case op
87
- when /[-+=]/ then
99
+ when /[-+=]/
88
100
  action = op
89
101
  # Clear all bits, if this is assignment
90
102
  value = 0 if op == '='
91
103
 
92
- when /[ugo]/ then
104
+ when /[ugo]/
93
105
  value = actions[action].call(value, snapshot_mode[op])
94
106
 
95
- when /[rwx]/ then
107
+ when /[rwx]/
96
108
  value = actions[action].call(value, SymbolicMode[op])
97
109
 
98
- when 'X' then
110
+ when 'X'
99
111
  # Only meaningful in combination with "set" actions.
100
- if action != '+' then
112
+ if action != '+'
101
113
  raise Puppet::Error, _("X only works with the '+' operator")
102
114
  end
103
115
 
104
116
  # As per the BSD manual page, set if this is a directory, or if
105
117
  # any execute bit is set on the original (unmodified) mode.
106
118
  # Ignored otherwise; it is "add if", not "add or clear".
107
- if is_a_directory or original_mode['any x?'] then
119
+ if is_a_directory or original_mode['any x?']
108
120
  value = actions[action].call(value, ExecBit)
109
121
  end
110
122
 
111
- when /[st]/ then
123
+ when /[st]/
112
124
  bit = SymbolicSpecialToBit[op][who] or fail _("internal error")
113
125
  final_mode['s'] = actions[action].call(final_mode['s'], bit)
114
126
 
@@ -122,7 +134,7 @@ module SymbolicFileMode
122
134
  end
123
135
 
124
136
  rescue Puppet::Error => e
125
- if part.inspect != modification.inspect then
137
+ if part.inspect != modification.inspect
126
138
  rest = " at #{part.inspect}"
127
139
  else
128
140
  rest = ''
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  require_relative '../../puppet/util/tag_set'
2
3
 
3
4
  module Puppet::Util::Tagging
@@ -75,7 +75,9 @@ module Puppet::Util::Windows
75
75
  raw_sid_bytes = sid_ptr.read_array_of_uchar(get_length_sid(sid_ptr))
76
76
  end
77
77
  rescue => e
78
- Puppet.debug("Could not retrieve raw SID bytes from '#{name}': #{e.message}")
78
+ # Avoid debug logs pollution with valid account names
79
+ # https://docs.microsoft.com/en-us/windows/win32/api/sddl/nf-sddl-convertstringsidtosidw#return-value
80
+ Puppet.debug("Could not retrieve raw SID bytes from '#{name}': #{e.message}") unless e.code == ERROR_INVALID_SID_STRUCTURE
79
81
  end
80
82
 
81
83
  raw_sid_bytes ? Principal.lookup_account_sid(raw_sid_bytes) : Principal.lookup_account_name(name)
@@ -1,6 +1,5 @@
1
1
  require_relative '../../../puppet/util/windows'
2
2
 
3
- require 'facter'
4
3
  require 'ffi'
5
4
 
6
5
  module Puppet::Util::Windows::User
data/lib/puppet/util.rb CHANGED
@@ -772,12 +772,13 @@ module Util
772
772
  # Executes a block of code, wrapped around Facter.load_external(false) and
773
773
  # Facter.load_external(true) which will cause Facter to not evaluate external facts.
774
774
  def skip_external_facts
775
- return yield unless Facter.respond_to? :load_external
775
+ return yield unless Puppet.runtime[:facter].load_external?
776
+
776
777
  begin
777
- Facter.load_external(false)
778
+ Puppet.runtime[:facter].load_external(false)
778
779
  yield
779
780
  ensure
780
- Facter.load_external(true)
781
+ Puppet.runtime[:facter].load_external(true)
781
782
  end
782
783
  end
783
784
  module_function :skip_external_facts
@@ -6,7 +6,7 @@
6
6
  # Raketasks and such to set the version based on the output of `git describe`
7
7
 
8
8
  module Puppet
9
- PUPPETVERSION = '7.8.0'
9
+ PUPPETVERSION = '7.12.0'
10
10
 
11
11
  ##
12
12
  # version is a public API method intended to always provide a fast and
@@ -15,7 +15,6 @@ class Puppet::X509::CertProvider
15
15
  VALID_CERTNAME = /\A[ -.0-~]+\Z/
16
16
  CERT_DELIMITERS = /-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----/m
17
17
  CRL_DELIMITERS = /-----BEGIN X509 CRL-----.*?-----END X509 CRL-----/m
18
- EC_HEADER = /-----BEGIN EC PRIVATE KEY-----/
19
18
 
20
19
  def initialize(capath: Puppet[:localcacert],
21
20
  crlpath: Puppet[:hostcrl],
@@ -207,26 +206,9 @@ class Puppet::X509::CertProvider
207
206
  # @api private
208
207
  def load_private_key_from_pem(pem, password: nil)
209
208
  # set a non-nil password to ensure openssl doesn't prompt
210
- # but ruby 2.4.0 & 2.4.1 require at least 4 bytes due to
211
- # https://github.com/ruby/openssl/commit/f38501249f33bff7ca9d208670b8cde695ea8b7b
212
- # and corrected in https://github.com/ruby/openssl/commit/a896c3d1dfa090e92dec1abf8ac12843af6af721
213
- password ||= ' '
214
-
215
- # Can't use OpenSSL::PKey.read, because it's broken in MRI 2.3, doesn't exist
216
- # in JRuby 9.1, and is broken in JRuby 9.2
217
- begin
218
- if pem =~ EC_HEADER
219
- OpenSSL::PKey::EC.new(pem, password)
220
- else
221
- OpenSSL::PKey::RSA.new(pem, password)
222
- end
223
- rescue OpenSSL::PKey::PKeyError => e
224
- if e.message =~ /Neither PUB key nor PRIV key/
225
- raise OpenSSL::PKey::PKeyError, "Could not parse PKey: no start line"
226
- else
227
- raise e
228
- end
229
- end
209
+ password ||= ''
210
+
211
+ OpenSSL::PKey.read(pem, password)
230
212
  end
231
213
 
232
214
  # Load the private key password.
data/lib/puppet.rb CHANGED
@@ -12,7 +12,6 @@ $LOAD_PATH.extend(Puppet::Concurrent::Synchronized)
12
12
  # see the bottom of the file for further inclusions
13
13
  # Also see the new Vendor support - towards the end
14
14
  #
15
- require 'facter'
16
15
  require_relative 'puppet/error'
17
16
  require_relative 'puppet/util'
18
17
  require_relative 'puppet/util/autoload'
@@ -88,9 +87,6 @@ module Puppet
88
87
  require_relative 'puppet/util/logging'
89
88
  extend Puppet::Util::Logging
90
89
 
91
- # Setup facter's logging
92
- Puppet::Util::Logging.setup_facter_logging!
93
-
94
90
  # The feature collection
95
91
  @features = Puppet::Util::Feature.new('puppet/feature')
96
92
 
@@ -193,15 +189,15 @@ module Puppet
193
189
  def self.initialize_facts
194
190
  # Add the puppetversion fact; this is done before generating the hash so it is
195
191
  # accessible to custom facts.
196
- Facter.add(:puppetversion) do
192
+ Puppet.runtime[:facter].add(:puppetversion) do
197
193
  setcode { Puppet.version.to_s }
198
194
  end
199
195
 
200
- Facter.add(:agent_specified_environment) do
196
+ Puppet.runtime[:facter].add(:agent_specified_environment) do
201
197
  setcode do
202
- if Puppet.settings.set_by_config?(:environment)
203
- Puppet[:environment]
204
- end
198
+ Puppet.settings.set_by_cli(:environment) ||
199
+ Puppet.settings.set_in_section(:environment, :agent) ||
200
+ Puppet.settings.set_in_section(:environment, :main)
205
201
  end
206
202
  end
207
203
  end