puppet 8.2.0-universal-darwin → 8.4.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/Gemfile.lock +45 -43
- data/README.md +4 -4
- data/Rakefile +0 -27
- data/examples/enc/regexp_nodes/regexp_nodes.rb +1 -1
- data/ext/project_data.yaml +2 -2
- data/ext/windows/service/daemon.rb +4 -5
- data/lib/hiera/puppet_function.rb +3 -2
- data/lib/hiera/scope.rb +2 -2
- data/lib/hiera_puppet.rb +1 -3
- data/lib/puppet/agent/disabler.rb +2 -1
- data/lib/puppet/agent/locker.rb +1 -2
- data/lib/puppet/agent.rb +2 -1
- data/lib/puppet/application/agent.rb +292 -291
- data/lib/puppet/application/apply.rb +143 -139
- data/lib/puppet/application/catalog.rb +1 -0
- data/lib/puppet/application/config.rb +1 -0
- data/lib/puppet/application/describe.rb +53 -55
- data/lib/puppet/application/device.rb +150 -150
- data/lib/puppet/application/doc.rb +61 -60
- data/lib/puppet/application/epp.rb +1 -0
- data/lib/puppet/application/face_base.rb +8 -7
- data/lib/puppet/application/facts.rb +1 -0
- data/lib/puppet/application/filebucket.rb +186 -184
- data/lib/puppet/application/generate.rb +1 -0
- data/lib/puppet/application/help.rb +1 -0
- data/lib/puppet/application/indirection_base.rb +1 -0
- data/lib/puppet/application/lookup.rb +168 -171
- data/lib/puppet/application/module.rb +1 -0
- data/lib/puppet/application/node.rb +1 -0
- data/lib/puppet/application/parser.rb +1 -0
- data/lib/puppet/application/plugin.rb +1 -0
- data/lib/puppet/application/report.rb +1 -0
- data/lib/puppet/application/resource.rb +111 -108
- data/lib/puppet/application/script.rb +92 -93
- data/lib/puppet/application/ssl.rb +119 -83
- data/lib/puppet/application.rb +13 -8
- data/lib/puppet/application_support.rb +1 -1
- data/lib/puppet/coercion.rb +3 -2
- data/lib/puppet/compilable_resource_type.rb +1 -0
- data/lib/puppet/concurrent/lock.rb +1 -2
- data/lib/puppet/concurrent/synchronized.rb +1 -2
- data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
- data/lib/puppet/concurrent.rb +1 -0
- data/lib/puppet/configurer/downloader.rb +1 -1
- data/lib/puppet/configurer/fact_handler.rb +2 -1
- data/lib/puppet/configurer/plugin_handler.rb +1 -0
- data/lib/puppet/configurer.rb +17 -13
- data/lib/puppet/confine/any.rb +1 -0
- data/lib/puppet/confine/boolean.rb +1 -0
- data/lib/puppet/confine/exists.rb +1 -0
- data/lib/puppet/confine/false.rb +1 -0
- data/lib/puppet/confine/feature.rb +1 -0
- data/lib/puppet/confine/true.rb +1 -0
- data/lib/puppet/confine/variable.rb +1 -0
- data/lib/puppet/confine.rb +2 -0
- data/lib/puppet/confine_collection.rb +3 -1
- data/lib/puppet/confiner.rb +1 -0
- data/lib/puppet/context/trusted_information.rb +1 -0
- data/lib/puppet/context.rb +1 -0
- data/lib/puppet/daemon.rb +4 -1
- data/lib/puppet/data_binding.rb +2 -1
- data/lib/puppet/datatypes/error.rb +2 -1
- data/lib/puppet/datatypes/impl/error.rb +1 -0
- data/lib/puppet/datatypes.rb +5 -1
- data/lib/puppet/defaults.rb +24 -23
- data/lib/puppet/environments.rb +3 -2
- data/lib/puppet/error.rb +9 -7
- data/lib/puppet/etc.rb +6 -3
- data/lib/puppet/external/dot.rb +12 -31
- data/lib/puppet/face/catalog/select.rb +2 -1
- data/lib/puppet/face/catalog.rb +3 -2
- data/lib/puppet/face/config.rb +19 -21
- data/lib/puppet/face/epp.rb +8 -8
- data/lib/puppet/face/facts.rb +4 -3
- data/lib/puppet/face/generate.rb +2 -0
- data/lib/puppet/face/help.rb +8 -7
- data/lib/puppet/face/module/changes.rb +2 -0
- data/lib/puppet/face/module/install.rb +2 -1
- data/lib/puppet/face/module/list.rb +9 -10
- data/lib/puppet/face/module/uninstall.rb +1 -0
- data/lib/puppet/face/module.rb +1 -0
- data/lib/puppet/face/node/clean.rb +2 -1
- data/lib/puppet/face/node.rb +2 -1
- data/lib/puppet/face/parser.rb +3 -3
- data/lib/puppet/face/plugin.rb +2 -1
- data/lib/puppet/face/report.rb +2 -1
- data/lib/puppet/face/resource.rb +1 -0
- data/lib/puppet/face.rb +1 -0
- data/lib/puppet/feature/base.rb +2 -1
- data/lib/puppet/feature/bolt.rb +1 -0
- data/lib/puppet/feature/cfpropertylist.rb +1 -0
- data/lib/puppet/feature/eventlog.rb +1 -0
- data/lib/puppet/feature/hiera_eyaml.rb +1 -0
- data/lib/puppet/feature/hocon.rb +1 -0
- data/lib/puppet/feature/libuser.rb +4 -3
- data/lib/puppet/feature/msgpack.rb +1 -0
- data/lib/puppet/feature/pe_license.rb +2 -1
- data/lib/puppet/feature/pson.rb +1 -0
- data/lib/puppet/feature/selinux.rb +1 -0
- data/lib/puppet/feature/ssh.rb +1 -0
- data/lib/puppet/feature/telnet.rb +1 -0
- data/lib/puppet/feature/zlib.rb +1 -0
- data/lib/puppet/ffi/posix/constants.rb +1 -0
- data/lib/puppet/ffi/posix/functions.rb +1 -1
- data/lib/puppet/ffi/posix.rb +1 -0
- data/lib/puppet/ffi/windows/api_types.rb +1 -0
- data/lib/puppet/ffi/windows/constants.rb +78 -77
- data/lib/puppet/ffi/windows/functions.rb +73 -73
- data/lib/puppet/ffi/windows/structs.rb +3 -3
- data/lib/puppet/ffi/windows.rb +1 -0
- data/lib/puppet/file_bucket/dipper.rb +7 -1
- data/lib/puppet/file_bucket/file.rb +1 -0
- data/lib/puppet/file_bucket.rb +1 -0
- data/lib/puppet/file_serving/base.rb +13 -6
- data/lib/puppet/file_serving/configuration/parser.rb +3 -1
- data/lib/puppet/file_serving/configuration.rb +5 -3
- data/lib/puppet/file_serving/content.rb +1 -0
- data/lib/puppet/file_serving/fileset.rb +9 -6
- data/lib/puppet/file_serving/http_metadata.rb +1 -3
- data/lib/puppet/file_serving/metadata.rb +9 -10
- data/lib/puppet/file_serving/mount/file.rb +6 -3
- data/lib/puppet/file_serving/mount/locales.rb +2 -1
- data/lib/puppet/file_serving/mount/modules.rb +2 -0
- data/lib/puppet/file_serving/mount/pluginfacts.rb +2 -1
- data/lib/puppet/file_serving/mount/plugins.rb +2 -1
- data/lib/puppet/file_serving/mount/scripts.rb +2 -0
- data/lib/puppet/file_serving/mount/tasks.rb +2 -0
- data/lib/puppet/file_serving/mount.rb +2 -0
- data/lib/puppet/file_serving/terminus_helper.rb +1 -0
- data/lib/puppet/file_serving/terminus_selector.rb +1 -0
- data/lib/puppet/file_serving.rb +1 -0
- data/lib/puppet/file_system/file_impl.rb +2 -2
- data/lib/puppet/file_system/jruby.rb +1 -0
- data/lib/puppet/file_system/memory_file.rb +2 -0
- data/lib/puppet/file_system/memory_impl.rb +3 -0
- data/lib/puppet/file_system/path_pattern.rb +1 -0
- data/lib/puppet/file_system/posix.rb +5 -1
- data/lib/puppet/file_system/uniquefile.rb +11 -11
- data/lib/puppet/file_system/windows.rb +4 -2
- data/lib/puppet/file_system.rb +3 -2
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/errors.rb +1 -3
- data/lib/puppet/forge/repository.rb +2 -0
- data/lib/puppet/forge.rb +3 -0
- data/lib/puppet/functions/abs.rb +2 -1
- data/lib/puppet/functions/alert.rb +1 -0
- data/lib/puppet/functions/all.rb +1 -0
- data/lib/puppet/functions/annotate.rb +1 -0
- data/lib/puppet/functions/any.rb +1 -0
- data/lib/puppet/functions/assert_type.rb +1 -0
- data/lib/puppet/functions/binary_file.rb +3 -1
- data/lib/puppet/functions/break.rb +2 -1
- data/lib/puppet/functions/call.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +1 -1
- data/lib/puppet/functions/ceiling.rb +2 -2
- data/lib/puppet/functions/chomp.rb +1 -1
- data/lib/puppet/functions/chop.rb +1 -1
- data/lib/puppet/functions/compare.rb +1 -0
- data/lib/puppet/functions/contain.rb +1 -0
- data/lib/puppet/functions/convert_to.rb +1 -0
- data/lib/puppet/functions/crit.rb +1 -0
- data/lib/puppet/functions/debug.rb +1 -0
- data/lib/puppet/functions/defined.rb +7 -4
- data/lib/puppet/functions/dig.rb +10 -8
- data/lib/puppet/functions/downcase.rb +1 -0
- data/lib/puppet/functions/each.rb +1 -0
- data/lib/puppet/functions/emerg.rb +1 -0
- data/lib/puppet/functions/empty.rb +1 -0
- data/lib/puppet/functions/epp.rb +1 -1
- data/lib/puppet/functions/err.rb +1 -0
- data/lib/puppet/functions/eyaml_lookup_key.rb +6 -4
- data/lib/puppet/functions/filter.rb +1 -0
- data/lib/puppet/functions/find_file.rb +1 -0
- data/lib/puppet/functions/find_template.rb +1 -0
- data/lib/puppet/functions/flatten.rb +1 -0
- data/lib/puppet/functions/floor.rb +2 -2
- data/lib/puppet/functions/get.rb +2 -1
- data/lib/puppet/functions/getvar.rb +2 -1
- data/lib/puppet/functions/hiera.rb +1 -0
- data/lib/puppet/functions/hiera_array.rb +1 -0
- data/lib/puppet/functions/hiera_hash.rb +1 -0
- data/lib/puppet/functions/hiera_include.rb +2 -0
- data/lib/puppet/functions/hocon_data.rb +1 -0
- data/lib/puppet/functions/import.rb +1 -0
- data/lib/puppet/functions/include.rb +1 -0
- data/lib/puppet/functions/index.rb +2 -2
- data/lib/puppet/functions/info.rb +1 -0
- data/lib/puppet/functions/inline_epp.rb +1 -1
- data/lib/puppet/functions/join.rb +2 -1
- data/lib/puppet/functions/json_data.rb +1 -0
- data/lib/puppet/functions/keys.rb +1 -0
- data/lib/puppet/functions/length.rb +1 -1
- data/lib/puppet/functions/lest.rb +1 -0
- data/lib/puppet/functions/lookup.rb +8 -9
- data/lib/puppet/functions/lstrip.rb +1 -1
- data/lib/puppet/functions/map.rb +1 -0
- data/lib/puppet/functions/match.rb +3 -1
- data/lib/puppet/functions/max.rb +4 -4
- data/lib/puppet/functions/min.rb +4 -4
- data/lib/puppet/functions/module_directory.rb +1 -0
- data/lib/puppet/functions/new.rb +2 -1
- data/lib/puppet/functions/next.rb +1 -0
- data/lib/puppet/functions/notice.rb +1 -0
- data/lib/puppet/functions/reduce.rb +1 -1
- data/lib/puppet/functions/regsubst.rb +1 -0
- data/lib/puppet/functions/require.rb +2 -0
- data/lib/puppet/functions/return.rb +1 -0
- data/lib/puppet/functions/reverse_each.rb +1 -0
- data/lib/puppet/functions/round.rb +1 -0
- data/lib/puppet/functions/rstrip.rb +1 -1
- data/lib/puppet/functions/scanf.rb +1 -0
- data/lib/puppet/functions/size.rb +1 -2
- data/lib/puppet/functions/slice.rb +2 -0
- data/lib/puppet/functions/sort.rb +1 -0
- data/lib/puppet/functions/split.rb +29 -1
- data/lib/puppet/functions/step.rb +1 -0
- data/lib/puppet/functions/strftime.rb +3 -2
- data/lib/puppet/functions/strip.rb +1 -1
- data/lib/puppet/functions/then.rb +2 -0
- data/lib/puppet/functions/tree_each.rb +1 -1
- data/lib/puppet/functions/type.rb +1 -0
- data/lib/puppet/functions/unique.rb +2 -1
- data/lib/puppet/functions/unwrap.rb +1 -0
- data/lib/puppet/functions/upcase.rb +1 -0
- data/lib/puppet/functions/values.rb +1 -0
- data/lib/puppet/functions/versioncmp.rb +2 -2
- data/lib/puppet/functions/warning.rb +1 -0
- data/lib/puppet/functions/with.rb +1 -0
- data/lib/puppet/functions/yaml_data.rb +1 -0
- data/lib/puppet/functions.rb +9 -9
- data/lib/puppet/generate/models/type/property.rb +2 -0
- data/lib/puppet/generate/models/type/type.rb +2 -0
- data/lib/puppet/generate/type.rb +6 -1
- data/lib/puppet/gettext/config.rb +6 -0
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/gettext/stubs.rb +1 -0
- data/lib/puppet/graph/key.rb +1 -0
- data/lib/puppet/graph/prioritizer.rb +1 -0
- data/lib/puppet/graph/rb_tree_map.rb +12 -2
- data/lib/puppet/graph/relationship_graph.rb +3 -2
- data/lib/puppet/graph/sequential_prioritizer.rb +1 -0
- data/lib/puppet/graph/simple_graph.rb +38 -31
- data/lib/puppet/graph.rb +1 -0
- data/lib/puppet/http/client.rb +4 -1
- data/lib/puppet/http/dns.rb +5 -5
- data/lib/puppet/http/errors.rb +1 -0
- data/lib/puppet/http/external_client.rb +2 -2
- data/lib/puppet/http/factory.rb +1 -0
- data/lib/puppet/http/pool.rb +2 -1
- data/lib/puppet/http/pool_entry.rb +1 -0
- data/lib/puppet/http/proxy.rb +3 -2
- data/lib/puppet/http/redirector.rb +1 -0
- data/lib/puppet/http/resolver/server_list.rb +1 -1
- data/lib/puppet/http/resolver/settings.rb +1 -1
- data/lib/puppet/http/resolver/srv.rb +1 -1
- data/lib/puppet/http/resolver.rb +1 -0
- data/lib/puppet/http/response.rb +1 -0
- data/lib/puppet/http/response_converter.rb +1 -0
- data/lib/puppet/http/response_net_http.rb +1 -1
- data/lib/puppet/http/retry_after_handler.rb +1 -1
- data/lib/puppet/http/service/ca.rb +1 -0
- data/lib/puppet/http/service/compiler.rb +9 -3
- data/lib/puppet/http/service/file_server.rb +2 -1
- data/lib/puppet/http/service/puppetserver.rb +1 -1
- data/lib/puppet/http/service/report.rb +1 -1
- data/lib/puppet/http/service.rb +1 -0
- data/lib/puppet/http/session.rb +2 -1
- data/lib/puppet/http/site.rb +1 -0
- data/lib/puppet/http.rb +1 -0
- data/lib/puppet/indirector/catalog/compiler.rb +50 -40
- data/lib/puppet/indirector/catalog/json.rb +1 -0
- data/lib/puppet/indirector/catalog/msgpack.rb +1 -0
- data/lib/puppet/indirector/catalog/rest.rb +9 -0
- data/lib/puppet/indirector/catalog/store_configs.rb +1 -2
- data/lib/puppet/indirector/catalog/yaml.rb +1 -0
- data/lib/puppet/indirector/code.rb +1 -0
- data/lib/puppet/indirector/data_binding/hiera.rb +1 -0
- data/lib/puppet/indirector/data_binding/none.rb +1 -0
- data/lib/puppet/indirector/direct_file_server.rb +3 -1
- data/lib/puppet/indirector/envelope.rb +1 -0
- data/lib/puppet/indirector/errors.rb +1 -0
- data/lib/puppet/indirector/exec.rb +1 -0
- data/lib/puppet/indirector/face.rb +7 -6
- data/lib/puppet/indirector/fact_search.rb +1 -0
- data/lib/puppet/indirector/facts/facter.rb +3 -1
- data/lib/puppet/indirector/facts/json.rb +1 -0
- data/lib/puppet/indirector/facts/memory.rb +1 -0
- data/lib/puppet/indirector/facts/network_device.rb +1 -0
- data/lib/puppet/indirector/facts/rest.rb +1 -0
- data/lib/puppet/indirector/facts/store_configs.rb +1 -1
- data/lib/puppet/indirector/facts/yaml.rb +1 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +11 -6
- data/lib/puppet/indirector/file_bucket_file/rest.rb +2 -0
- data/lib/puppet/indirector/file_bucket_file/selector.rb +1 -0
- data/lib/puppet/indirector/file_content/file.rb +1 -0
- data/lib/puppet/indirector/file_content/file_server.rb +1 -0
- data/lib/puppet/indirector/file_content/rest.rb +1 -0
- data/lib/puppet/indirector/file_content/selector.rb +1 -0
- data/lib/puppet/indirector/file_content.rb +1 -0
- data/lib/puppet/indirector/file_metadata/file.rb +1 -0
- data/lib/puppet/indirector/file_metadata/file_server.rb +1 -0
- data/lib/puppet/indirector/file_metadata/http.rb +1 -0
- data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
- data/lib/puppet/indirector/file_metadata/selector.rb +1 -0
- data/lib/puppet/indirector/file_metadata.rb +1 -0
- data/lib/puppet/indirector/file_server.rb +2 -0
- data/lib/puppet/indirector/generic_http.rb +1 -0
- data/lib/puppet/indirector/hiera.rb +5 -4
- data/lib/puppet/indirector/indirection.rb +12 -2
- data/lib/puppet/indirector/json.rb +3 -1
- data/lib/puppet/indirector/memory.rb +2 -0
- data/lib/puppet/indirector/msgpack.rb +5 -2
- data/lib/puppet/indirector/node/exec.rb +3 -2
- data/lib/puppet/indirector/node/json.rb +1 -1
- data/lib/puppet/indirector/node/memory.rb +1 -0
- data/lib/puppet/indirector/node/msgpack.rb +1 -0
- data/lib/puppet/indirector/node/plain.rb +1 -0
- data/lib/puppet/indirector/node/rest.rb +1 -0
- data/lib/puppet/indirector/node/store_configs.rb +1 -2
- data/lib/puppet/indirector/node/yaml.rb +1 -0
- data/lib/puppet/indirector/none.rb +1 -0
- data/lib/puppet/indirector/plain.rb +1 -0
- data/lib/puppet/indirector/report/json.rb +1 -0
- data/lib/puppet/indirector/report/msgpack.rb +1 -0
- data/lib/puppet/indirector/report/processor.rb +2 -0
- data/lib/puppet/indirector/report/rest.rb +1 -0
- data/lib/puppet/indirector/report/yaml.rb +1 -0
- data/lib/puppet/indirector/request.rb +7 -5
- data/lib/puppet/indirector/resource/ral.rb +1 -0
- data/lib/puppet/indirector/resource/store_configs.rb +1 -0
- data/lib/puppet/indirector/resource/validator.rb +1 -0
- data/lib/puppet/indirector/rest.rb +1 -0
- data/lib/puppet/indirector/store_configs.rb +1 -0
- data/lib/puppet/indirector/terminus.rb +4 -1
- data/lib/puppet/indirector/yaml.rb +1 -0
- data/lib/puppet/indirector.rb +2 -0
- data/lib/puppet/info_service/class_information_service.rb +5 -3
- data/lib/puppet/info_service/plan_information_service.rb +1 -0
- data/lib/puppet/info_service/task_information_service.rb +2 -1
- data/lib/puppet/interface/action.rb +32 -27
- data/lib/puppet/interface/action_builder.rb +14 -14
- data/lib/puppet/interface/action_manager.rb +2 -0
- data/lib/puppet/interface/documentation.rb +21 -15
- data/lib/puppet/interface/face_collection.rb +5 -2
- data/lib/puppet/interface/option.rb +15 -4
- data/lib/puppet/interface/option_builder.rb +13 -9
- data/lib/puppet/interface/option_manager.rb +3 -2
- data/lib/puppet/interface.rb +3 -3
- data/lib/puppet/loaders.rb +1 -1
- data/lib/puppet/metatype/manager.rb +9 -8
- data/lib/puppet/module/plan.rb +10 -4
- data/lib/puppet/module/task.rb +8 -2
- data/lib/puppet/module.rb +13 -3
- data/lib/puppet/module_tool/applications/application.rb +6 -4
- data/lib/puppet/module_tool/applications/checksummer.rb +1 -2
- data/lib/puppet/module_tool/applications/installer.rb +32 -45
- data/lib/puppet/module_tool/applications/uninstaller.rb +22 -21
- data/lib/puppet/module_tool/applications/unpacker.rb +3 -0
- data/lib/puppet/module_tool/applications/upgrader.rb +28 -26
- data/lib/puppet/module_tool/applications.rb +1 -0
- data/lib/puppet/module_tool/checksums.rb +1 -1
- data/lib/puppet/module_tool/contents_description.rb +1 -2
- data/lib/puppet/module_tool/dependency.rb +1 -1
- data/lib/puppet/module_tool/errors/base.rb +1 -0
- data/lib/puppet/module_tool/errors/installer.rb +4 -4
- data/lib/puppet/module_tool/errors/shared.rb +12 -12
- data/lib/puppet/module_tool/errors/uninstaller.rb +2 -2
- data/lib/puppet/module_tool/errors/upgrader.rb +3 -3
- data/lib/puppet/module_tool/errors.rb +1 -0
- data/lib/puppet/module_tool/install_directory.rb +6 -4
- data/lib/puppet/module_tool/installed_modules.rb +2 -0
- data/lib/puppet/module_tool/local_tarball.rb +3 -0
- data/lib/puppet/module_tool/metadata.rb +21 -20
- data/lib/puppet/module_tool/shared_behaviors.rb +23 -21
- data/lib/puppet/module_tool/tar/gnu.rb +1 -0
- data/lib/puppet/module_tool/tar/mini.rb +1 -0
- data/lib/puppet/module_tool/tar.rb +2 -1
- data/lib/puppet/module_tool.rb +2 -2
- data/lib/puppet/network/authconfig.rb +1 -0
- data/lib/puppet/network/authorization.rb +1 -0
- data/lib/puppet/network/client_request.rb +1 -0
- data/lib/puppet/network/format.rb +5 -0
- data/lib/puppet/network/format_handler.rb +2 -1
- data/lib/puppet/network/format_support.rb +6 -5
- data/lib/puppet/network/formats.rb +18 -14
- data/lib/puppet/network/http/api/indirected_routes.rb +8 -8
- data/lib/puppet/network/http/api/indirection_type.rb +1 -1
- data/lib/puppet/network/http/api/master/v3/environments.rb +1 -0
- data/lib/puppet/network/http/api/master/v3.rb +1 -0
- data/lib/puppet/network/http/api/master.rb +1 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +20 -14
- data/lib/puppet/network/http/api/server/v3.rb +13 -13
- data/lib/puppet/network/http/api/server.rb +1 -0
- data/lib/puppet/network/http/api.rb +11 -10
- data/lib/puppet/network/http/connection.rb +1 -0
- data/lib/puppet/network/http/error.rb +2 -1
- data/lib/puppet/network/http/handler.rb +3 -2
- data/lib/puppet/network/http/issues.rb +1 -0
- data/lib/puppet/network/http/memory_response.rb +2 -1
- data/lib/puppet/network/http/request.rb +13 -6
- data/lib/puppet/network/http/response.rb +1 -0
- data/lib/puppet/network/http/route.rb +4 -2
- data/lib/puppet/network/http.rb +1 -0
- data/lib/puppet/network/http_pool.rb +2 -1
- data/lib/puppet/network/uri.rb +1 -0
- data/lib/puppet/network.rb +1 -0
- data/lib/puppet/node/environment.rb +12 -9
- data/lib/puppet/node/facts.rb +2 -1
- data/lib/puppet/node.rb +3 -2
- data/lib/puppet/pal/catalog_compiler.rb +1 -3
- data/lib/puppet/pal/compiler.rb +6 -2
- data/lib/puppet/pal/function_signature.rb +2 -1
- data/lib/puppet/pal/json_catalog_encoder.rb +5 -1
- data/lib/puppet/pal/pal_api.rb +1 -0
- data/lib/puppet/pal/pal_impl.rb +20 -19
- data/lib/puppet/pal/plan_signature.rb +2 -1
- data/lib/puppet/pal/script_compiler.rb +3 -2
- data/lib/puppet/pal/task_signature.rb +14 -9
- data/lib/puppet/parameter/boolean.rb +1 -0
- data/lib/puppet/parameter/package_options.rb +1 -0
- data/lib/puppet/parameter/path.rb +3 -0
- data/lib/puppet/parameter/value.rb +1 -0
- data/lib/puppet/parameter/value_collection.rb +6 -6
- data/lib/puppet/parameter.rb +4 -3
- data/lib/puppet/parser/abstract_compiler.rb +0 -2
- data/lib/puppet/parser/ast/block_expression.rb +1 -0
- data/lib/puppet/parser/ast/branch.rb +1 -0
- data/lib/puppet/parser/ast/hostclass.rb +1 -0
- data/lib/puppet/parser/ast/leaf.rb +2 -0
- data/lib/puppet/parser/ast/node.rb +1 -0
- data/lib/puppet/parser/ast/pops_bridge.rb +6 -6
- data/lib/puppet/parser/ast/resource.rb +2 -3
- data/lib/puppet/parser/ast/resource_instance.rb +2 -0
- data/lib/puppet/parser/ast/resourceparam.rb +6 -5
- data/lib/puppet/parser/ast/top_level_construct.rb +1 -0
- data/lib/puppet/parser/ast.rb +4 -3
- data/lib/puppet/parser/catalog_compiler.rb +1 -2
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +3 -0
- data/lib/puppet/parser/compiler/catalog_validator.rb +1 -0
- data/lib/puppet/parser/compiler.rb +10 -8
- data/lib/puppet/parser/e4_parser_adapter.rb +15 -15
- data/lib/puppet/parser/files.rb +5 -4
- data/lib/puppet/parser/functions/assert_type.rb +55 -54
- data/lib/puppet/parser/functions/binary_file.rb +19 -18
- data/lib/puppet/parser/functions/break.rb +35 -34
- data/lib/puppet/parser/functions/contain.rb +1 -0
- data/lib/puppet/parser/functions/create_resources.rb +8 -6
- data/lib/puppet/parser/functions/defined.rb +102 -101
- data/lib/puppet/parser/functions/dig.rb +33 -32
- data/lib/puppet/parser/functions/digest.rb +1 -0
- data/lib/puppet/parser/functions/each.rb +99 -98
- data/lib/puppet/parser/functions/epp.rb +2 -2
- data/lib/puppet/parser/functions/fail.rb +9 -8
- data/lib/puppet/parser/functions/file.rb +14 -13
- data/lib/puppet/parser/functions/filter.rb +74 -73
- data/lib/puppet/parser/functions/find_file.rb +22 -21
- data/lib/puppet/parser/functions/fqdn_rand.rb +23 -22
- data/lib/puppet/parser/functions/generate.rb +20 -20
- data/lib/puppet/parser/functions/hiera.rb +94 -93
- data/lib/puppet/parser/functions/hiera_array.rb +82 -81
- data/lib/puppet/parser/functions/hiera_hash.rb +92 -91
- data/lib/puppet/parser/functions/hiera_include.rb +92 -91
- data/lib/puppet/parser/functions/include.rb +2 -1
- data/lib/puppet/parser/functions/inline_epp.rb +2 -2
- data/lib/puppet/parser/functions/inline_template.rb +11 -11
- data/lib/puppet/parser/functions/lest.rb +44 -43
- data/lib/puppet/parser/functions/lookup.rb +131 -130
- data/lib/puppet/parser/functions/map.rb +71 -70
- data/lib/puppet/parser/functions/match.rb +39 -38
- data/lib/puppet/parser/functions/md5.rb +2 -1
- data/lib/puppet/parser/functions/new.rb +985 -984
- data/lib/puppet/parser/functions/next.rb +34 -33
- data/lib/puppet/parser/functions/realize.rb +9 -9
- data/lib/puppet/parser/functions/reduce.rb +132 -131
- data/lib/puppet/parser/functions/regsubst.rb +6 -5
- data/lib/puppet/parser/functions/require.rb +5 -4
- data/lib/puppet/parser/functions/return.rb +88 -87
- data/lib/puppet/parser/functions/reverse_each.rb +78 -77
- data/lib/puppet/parser/functions/scanf.rb +28 -27
- data/lib/puppet/parser/functions/sha1.rb +2 -1
- data/lib/puppet/parser/functions/sha256.rb +1 -0
- data/lib/puppet/parser/functions/shellquote.rb +1 -0
- data/lib/puppet/parser/functions/slice.rb +34 -33
- data/lib/puppet/parser/functions/split.rb +5 -6
- data/lib/puppet/parser/functions/sprintf.rb +3 -3
- data/lib/puppet/parser/functions/step.rb +79 -78
- data/lib/puppet/parser/functions/strftime.rb +180 -179
- data/lib/puppet/parser/functions/tag.rb +7 -6
- data/lib/puppet/parser/functions/tagged.rb +13 -12
- data/lib/puppet/parser/functions/template.rb +24 -23
- data/lib/puppet/parser/functions/then.rb +68 -67
- data/lib/puppet/parser/functions/type.rb +48 -47
- data/lib/puppet/parser/functions/versioncmp.rb +1 -1
- data/lib/puppet/parser/functions/with.rb +23 -22
- data/lib/puppet/parser/functions.rb +3 -1
- data/lib/puppet/parser/parser_factory.rb +1 -0
- data/lib/puppet/parser/relationship.rb +3 -0
- data/lib/puppet/parser/resource/param.rb +1 -0
- data/lib/puppet/parser/resource.rb +10 -4
- data/lib/puppet/parser/scope.rb +40 -32
- data/lib/puppet/parser/script_compiler.rb +5 -6
- data/lib/puppet/parser/templatewrapper.rb +1 -0
- data/lib/puppet/parser/type_loader.rb +19 -17
- data/lib/puppet/parser.rb +1 -0
- data/lib/puppet/plugins/configuration.rb +1 -0
- data/lib/puppet/plugins/syntax_checkers.rb +1 -1
- data/lib/puppet/plugins.rb +1 -0
- data/lib/puppet/pops/adaptable.rb +3 -1
- data/lib/puppet/pops/adapters.rb +3 -1
- data/lib/puppet/pops/evaluator/access_operator.rb +79 -65
- data/lib/puppet/pops/evaluator/callable_signature.rb +1 -1
- data/lib/puppet/pops/evaluator/closure.rb +273 -277
- data/lib/puppet/pops/evaluator/collector_transformer.rb +11 -9
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -0
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +2 -2
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +4 -4
- data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +1 -1
- data/lib/puppet/pops/evaluator/compare_operator.rb +15 -3
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +2 -2
- data/lib/puppet/pops/evaluator/epp_evaluator.rb +10 -10
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +140 -138
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +1 -1
- data/lib/puppet/pops/evaluator/json_strict_literal_evaluator.rb +2 -1
- data/lib/puppet/pops/evaluator/literal_evaluator.rb +1 -1
- data/lib/puppet/pops/evaluator/puppet_proc.rb +2 -0
- data/lib/puppet/pops/evaluator/relationship_operator.rb +5 -3
- data/lib/puppet/pops/evaluator/runtime3_converter.rb +21 -19
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +31 -33
- data/lib/puppet/pops/evaluator/runtime3_support.rb +16 -19
- data/lib/puppet/pops/functions/dispatch.rb +1 -0
- data/lib/puppet/pops/functions/dispatcher.rb +1 -1
- data/lib/puppet/pops/functions/function.rb +1 -2
- data/lib/puppet/pops/issue_reporter.rb +19 -17
- data/lib/puppet/pops/issues.rb +8 -4
- data/lib/puppet/pops/label_provider.rb +1 -0
- data/lib/puppet/pops/loader/base_loader.rb +2 -2
- data/lib/puppet/pops/loader/dependency_loader.rb +3 -0
- data/lib/puppet/pops/loader/gem_support.rb +3 -1
- data/lib/puppet/pops/loader/generic_plan_instantiator.rb +1 -0
- data/lib/puppet/pops/loader/loader.rb +1 -2
- data/lib/puppet/pops/loader/loader_paths.rb +24 -23
- data/lib/puppet/pops/loader/module_loaders.rb +28 -28
- data/lib/puppet/pops/loader/predefined_loader.rb +1 -2
- data/lib/puppet/pops/loader/puppet_function_instantiator.rb +4 -2
- data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +4 -2
- data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +1 -1
- data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +4 -1
- data/lib/puppet/pops/loader/ruby_function_instantiator.rb +4 -1
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -2
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +2 -2
- data/lib/puppet/pops/loader/simple_environment_loader.rb +1 -2
- data/lib/puppet/pops/loader/static_loader.rb +22 -21
- data/lib/puppet/pops/loader/task_instantiator.rb +1 -0
- data/lib/puppet/pops/loader/type_definition_instantiator.rb +6 -4
- data/lib/puppet/pops/loader/typed_name.rb +1 -0
- data/lib/puppet/pops/loader/uri_helper.rb +1 -0
- data/lib/puppet/pops/loaders.rb +21 -18
- data/lib/puppet/pops/lookup/configured_data_provider.rb +1 -0
- data/lib/puppet/pops/lookup/context.rb +24 -23
- data/lib/puppet/pops/lookup/data_adapter.rb +1 -0
- data/lib/puppet/pops/lookup/data_dig_function_provider.rb +2 -2
- data/lib/puppet/pops/lookup/data_hash_function_provider.rb +1 -0
- data/lib/puppet/pops/lookup/data_provider.rb +1 -0
- data/lib/puppet/pops/lookup/environment_data_provider.rb +1 -0
- data/lib/puppet/pops/lookup/explainer.rb +35 -34
- data/lib/puppet/pops/lookup/function_provider.rb +7 -6
- data/lib/puppet/pops/lookup/global_data_provider.rb +1 -1
- data/lib/puppet/pops/lookup/hiera_config.rb +137 -101
- data/lib/puppet/pops/lookup/interpolation.rb +5 -1
- data/lib/puppet/pops/lookup/invocation.rb +3 -0
- data/lib/puppet/pops/lookup/key_recorder.rb +3 -1
- data/lib/puppet/pops/lookup/location_resolver.rb +2 -1
- data/lib/puppet/pops/lookup/lookup_adapter.rb +22 -20
- data/lib/puppet/pops/lookup/lookup_key.rb +1 -0
- data/lib/puppet/pops/lookup/lookup_key_function_provider.rb +1 -0
- data/lib/puppet/pops/lookup/module_data_provider.rb +3 -1
- data/lib/puppet/pops/lookup/sub_lookup.rb +5 -2
- data/lib/puppet/pops/lookup.rb +13 -8
- data/lib/puppet/pops/merge_strategy.rb +5 -2
- data/lib/puppet/pops/migration/migration_checker.rb +3 -1
- data/lib/puppet/pops/model/ast.rb +786 -685
- data/lib/puppet/pops/model/ast_transformer.rb +4 -3
- data/lib/puppet/pops/model/factory.rb +18 -14
- data/lib/puppet/pops/model/model_label_provider.rb +1 -1
- data/lib/puppet/pops/model/model_tree_dumper.rb +10 -9
- data/lib/puppet/pops/model/pn_transformer.rb +4 -6
- data/lib/puppet/pops/model/tree_dumper.rb +3 -1
- data/lib/puppet/pops/parser/code_merger.rb +0 -1
- data/lib/puppet/pops/parser/epp_parser.rb +1 -1
- data/lib/puppet/pops/parser/epp_support.rb +3 -3
- data/lib/puppet/pops/parser/evaluating_parser.rb +6 -3
- data/lib/puppet/pops/parser/heredoc_support.rb +6 -7
- data/lib/puppet/pops/parser/interpolation_support.rb +2 -3
- data/lib/puppet/pops/parser/lexer2.rb +32 -29
- data/lib/puppet/pops/parser/lexer_support.rb +38 -41
- data/lib/puppet/pops/parser/locatable.rb +1 -2
- data/lib/puppet/pops/parser/locator.rb +31 -28
- data/lib/puppet/pops/parser/parser_support.rb +2 -0
- data/lib/puppet/pops/parser/pn_parser.rb +2 -2
- data/lib/puppet/pops/parser/slurp_support.rb +33 -32
- data/lib/puppet/pops/patterns.rb +2 -3
- data/lib/puppet/pops/pcore.rb +2 -2
- data/lib/puppet/pops/pn.rb +4 -1
- data/lib/puppet/pops/puppet_stack.rb +1 -0
- data/lib/puppet/pops/resource/param.rb +11 -10
- data/lib/puppet/pops/resource/resource_type_impl.rb +37 -36
- data/lib/puppet/pops/semantic_error.rb +1 -0
- data/lib/puppet/pops/serialization/abstract_reader.rb +3 -2
- data/lib/puppet/pops/serialization/abstract_writer.rb +5 -4
- data/lib/puppet/pops/serialization/deserializer.rb +2 -0
- data/lib/puppet/pops/serialization/extension.rb +7 -0
- data/lib/puppet/pops/serialization/from_data_converter.rb +3 -0
- data/lib/puppet/pops/serialization/instance_reader.rb +1 -0
- data/lib/puppet/pops/serialization/instance_writer.rb +1 -0
- data/lib/puppet/pops/serialization/json.rb +6 -3
- data/lib/puppet/pops/serialization/json_path.rb +2 -1
- data/lib/puppet/pops/serialization/object.rb +4 -1
- data/lib/puppet/pops/serialization/serializer.rb +6 -2
- data/lib/puppet/pops/serialization/time_factory.rb +1 -1
- data/lib/puppet/pops/serialization/to_data_converter.rb +4 -2
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +2 -2
- data/lib/puppet/pops/serialization.rb +1 -0
- data/lib/puppet/pops/time/timespan.rb +16 -6
- data/lib/puppet/pops/time/timestamp.rb +4 -0
- data/lib/puppet/pops/types/annotatable.rb +1 -1
- data/lib/puppet/pops/types/annotation.rb +1 -0
- data/lib/puppet/pops/types/class_loader.rb +8 -6
- data/lib/puppet/pops/types/implementation_registry.rb +1 -0
- data/lib/puppet/pops/types/iterable.rb +18 -9
- data/lib/puppet/pops/types/p_binary_type.rb +2 -3
- data/lib/puppet/pops/types/p_init_type.rb +12 -9
- data/lib/puppet/pops/types/p_meta_type.rb +1 -1
- data/lib/puppet/pops/types/p_object_type.rb +65 -42
- data/lib/puppet/pops/types/p_object_type_extension.rb +10 -7
- data/lib/puppet/pops/types/p_runtime_type.rb +11 -9
- data/lib/puppet/pops/types/p_sem_ver_range_type.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +5 -5
- data/lib/puppet/pops/types/p_sensitive_type.rb +1 -4
- data/lib/puppet/pops/types/p_timespan_type.rb +4 -2
- data/lib/puppet/pops/types/p_timestamp_type.rb +3 -2
- data/lib/puppet/pops/types/p_type_set_type.rb +36 -28
- data/lib/puppet/pops/types/p_uri_type.rb +25 -18
- data/lib/puppet/pops/types/puppet_object.rb +1 -1
- data/lib/puppet/pops/types/recursion_guard.rb +7 -2
- data/lib/puppet/pops/types/ruby_generator.rb +9 -6
- data/lib/puppet/pops/types/ruby_method.rb +6 -5
- data/lib/puppet/pops/types/string_converter.rb +71 -63
- data/lib/puppet/pops/types/tree_iterators.rb +6 -7
- data/lib/puppet/pops/types/type_acceptor.rb +1 -0
- data/lib/puppet/pops/types/type_asserter.rb +1 -0
- data/lib/puppet/pops/types/type_assertion_error.rb +0 -1
- data/lib/puppet/pops/types/type_calculator.rb +10 -4
- data/lib/puppet/pops/types/type_conversion_error.rb +1 -10
- data/lib/puppet/pops/types/type_factory.rb +7 -4
- data/lib/puppet/pops/types/type_formatter.rb +14 -13
- data/lib/puppet/pops/types/type_mismatch_describer.rb +13 -8
- data/lib/puppet/pops/types/type_parser.rb +111 -107
- data/lib/puppet/pops/types/type_set_reference.rb +2 -0
- data/lib/puppet/pops/types/type_with_members.rb +1 -1
- data/lib/puppet/pops/types/types.rb +178 -153
- data/lib/puppet/pops/utils.rb +1 -0
- data/lib/puppet/pops/validation/checker4_0.rb +17 -11
- data/lib/puppet/pops/validation/tasks_checker.rb +2 -1
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/pops/validation.rb +8 -6
- data/lib/puppet/pops/visitable.rb +1 -0
- data/lib/puppet/pops/visitor.rb +14 -1
- data/lib/puppet/pops.rb +2 -0
- data/lib/puppet/property/boolean.rb +1 -0
- data/lib/puppet/property/ensure.rb +4 -1
- data/lib/puppet/property/keyvalue.rb +5 -4
- data/lib/puppet/property/list.rb +5 -5
- data/lib/puppet/property/ordered_list.rb +4 -4
- data/lib/puppet/property.rb +13 -11
- data/lib/puppet/provider/aix_object.rb +5 -0
- data/lib/puppet/provider/command.rb +1 -0
- data/lib/puppet/provider/confine.rb +1 -0
- data/lib/puppet/provider/exec/posix.rb +2 -0
- data/lib/puppet/provider/exec/shell.rb +1 -0
- data/lib/puppet/provider/exec/windows.rb +2 -1
- data/lib/puppet/provider/exec.rb +1 -0
- data/lib/puppet/provider/file/posix.rb +1 -0
- data/lib/puppet/provider/file/windows.rb +10 -6
- data/lib/puppet/provider/group/aix.rb +1 -0
- data/lib/puppet/provider/group/directoryservice.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +9 -4
- data/lib/puppet/provider/group/ldap.rb +2 -0
- data/lib/puppet/provider/group/pw.rb +1 -0
- data/lib/puppet/provider/group/windows_adsi.rb +2 -0
- data/lib/puppet/provider/ldap.rb +2 -0
- data/lib/puppet/provider/nameservice/directoryservice.rb +30 -21
- data/lib/puppet/provider/nameservice/objectadd.rb +1 -0
- data/lib/puppet/provider/nameservice/pw.rb +6 -5
- data/lib/puppet/provider/nameservice.rb +8 -4
- data/lib/puppet/provider/network_device.rb +1 -2
- data/lib/puppet/provider/package/aix.rb +5 -4
- data/lib/puppet/provider/package/appdmg.rb +20 -19
- data/lib/puppet/provider/package/apple.rb +3 -2
- data/lib/puppet/provider/package/apt.rb +5 -5
- data/lib/puppet/provider/package/aptitude.rb +1 -0
- data/lib/puppet/provider/package/aptrpm.rb +2 -1
- data/lib/puppet/provider/package/blastwave.rb +6 -6
- data/lib/puppet/provider/package/dnf.rb +3 -1
- data/lib/puppet/provider/package/dnfmodule.rb +8 -7
- data/lib/puppet/provider/package/dpkg.rb +4 -4
- data/lib/puppet/provider/package/fink.rb +2 -1
- data/lib/puppet/provider/package/freebsd.rb +3 -2
- data/lib/puppet/provider/package/gem.rb +9 -5
- data/lib/puppet/provider/package/hpux.rb +4 -3
- data/lib/puppet/provider/package/macports.rb +2 -1
- data/lib/puppet/provider/package/nim.rb +13 -15
- data/lib/puppet/provider/package/openbsd.rb +6 -4
- data/lib/puppet/provider/package/opkg.rb +2 -0
- data/lib/puppet/provider/package/pacman.rb +12 -12
- data/lib/puppet/provider/package/pip.rb +3 -1
- data/lib/puppet/provider/package/pip2.rb +2 -2
- data/lib/puppet/provider/package/pip3.rb +2 -2
- data/lib/puppet/provider/package/pkg.rb +17 -13
- data/lib/puppet/provider/package/pkgdmg.rb +7 -2
- data/lib/puppet/provider/package/pkgin.rb +5 -5
- data/lib/puppet/provider/package/pkgng.rb +11 -7
- data/lib/puppet/provider/package/pkgutil.rb +7 -6
- data/lib/puppet/provider/package/portage.rb +11 -6
- data/lib/puppet/provider/package/ports.rb +6 -5
- data/lib/puppet/provider/package/portupgrade.rb +6 -12
- data/lib/puppet/provider/package/puppet_gem.rb +1 -0
- data/lib/puppet/provider/package/puppetserver_gem.rb +1 -0
- data/lib/puppet/provider/package/rpm.rb +10 -6
- data/lib/puppet/provider/package/rug.rb +2 -1
- data/lib/puppet/provider/package/sun.rb +20 -17
- data/lib/puppet/provider/package/sunfreeware.rb +1 -0
- data/lib/puppet/provider/package/tdnf.rb +1 -0
- data/lib/puppet/provider/package/up2date.rb +2 -1
- data/lib/puppet/provider/package/urpmi.rb +1 -0
- data/lib/puppet/provider/package/windows/exe_package.rb +1 -0
- data/lib/puppet/provider/package/windows/msi_package.rb +1 -0
- data/lib/puppet/provider/package/windows/package.rb +5 -3
- data/lib/puppet/provider/package/windows.rb +4 -2
- data/lib/puppet/provider/package/yum.rb +17 -14
- data/lib/puppet/provider/package/zypper.rb +15 -14
- data/lib/puppet/provider/package.rb +7 -6
- data/lib/puppet/provider/package_targetable.rb +1 -0
- data/lib/puppet/provider/parsedfile.rb +7 -2
- data/lib/puppet/provider/service/base.rb +2 -1
- data/lib/puppet/provider/service/bsd.rb +1 -0
- data/lib/puppet/provider/service/daemontools.rb +9 -7
- data/lib/puppet/provider/service/debian.rb +4 -3
- data/lib/puppet/provider/service/freebsd.rb +5 -6
- data/lib/puppet/provider/service/gentoo.rb +5 -4
- data/lib/puppet/provider/service/init.rb +10 -11
- data/lib/puppet/provider/service/launchd.rb +10 -4
- data/lib/puppet/provider/service/openbsd.rb +4 -4
- data/lib/puppet/provider/service/openrc.rb +1 -1
- data/lib/puppet/provider/service/openwrt.rb +1 -1
- data/lib/puppet/provider/service/rcng.rb +1 -0
- data/lib/puppet/provider/service/redhat.rb +3 -2
- data/lib/puppet/provider/service/runit.rb +8 -7
- data/lib/puppet/provider/service/service.rb +1 -0
- data/lib/puppet/provider/service/smf.rb +5 -2
- data/lib/puppet/provider/service/src.rb +16 -16
- data/lib/puppet/provider/service/systemd.rb +8 -4
- data/lib/puppet/provider/service/upstart.rb +8 -7
- data/lib/puppet/provider/service/windows.rb +22 -26
- data/lib/puppet/provider/user/aix.rb +3 -2
- data/lib/puppet/provider/user/directoryservice.rb +53 -45
- data/lib/puppet/provider/user/hpux.rb +15 -14
- data/lib/puppet/provider/user/ldap.rb +8 -6
- data/lib/puppet/provider/user/openbsd.rb +21 -20
- data/lib/puppet/provider/user/pw.rb +3 -2
- data/lib/puppet/provider/user/user_role_add.rb +19 -14
- data/lib/puppet/provider/user/useradd.rb +51 -41
- data/lib/puppet/provider/user/windows_adsi.rb +4 -1
- data/lib/puppet/provider.rb +9 -9
- data/lib/puppet/reference/configuration.rb +44 -43
- data/lib/puppet/reference/function.rb +1 -0
- data/lib/puppet/reference/indirection.rb +43 -42
- data/lib/puppet/reference/metaparameter.rb +1 -0
- data/lib/puppet/reference/providers.rb +2 -0
- data/lib/puppet/reference/report.rb +1 -0
- data/lib/puppet/reference/type.rb +4 -3
- data/lib/puppet/relationship.rb +3 -2
- data/lib/puppet/reports/http.rb +1 -1
- data/lib/puppet/reports/log.rb +1 -0
- data/lib/puppet/reports/store.rb +3 -1
- data/lib/puppet/reports.rb +5 -4
- data/lib/puppet/resource/catalog.rb +14 -10
- data/lib/puppet/resource/status.rb +1 -1
- data/lib/puppet/resource/type.rb +28 -18
- data/lib/puppet/resource/type_collection.rb +4 -0
- data/lib/puppet/resource.rb +24 -16
- data/lib/puppet/runtime.rb +1 -0
- data/lib/puppet/scheduler/job.rb +1 -0
- data/lib/puppet/scheduler/scheduler.rb +1 -0
- data/lib/puppet/scheduler/splay_job.rb +1 -0
- data/lib/puppet/scheduler/timer.rb +1 -0
- data/lib/puppet/scheduler.rb +1 -0
- data/lib/puppet/settings/alias_setting.rb +1 -0
- data/lib/puppet/settings/array_setting.rb +1 -1
- data/lib/puppet/settings/autosign_setting.rb +1 -1
- data/lib/puppet/settings/base_setting.rb +9 -5
- data/lib/puppet/settings/boolean_setting.rb +1 -0
- data/lib/puppet/settings/certificate_revocation_setting.rb +1 -1
- data/lib/puppet/settings/config_file.rb +3 -3
- data/lib/puppet/settings/directory_setting.rb +1 -0
- data/lib/puppet/settings/duration_setting.rb +1 -0
- data/lib/puppet/settings/enum_setting.rb +2 -1
- data/lib/puppet/settings/environment_conf.rb +9 -8
- data/lib/puppet/settings/errors.rb +2 -0
- data/lib/puppet/settings/file_or_directory_setting.rb +1 -5
- data/lib/puppet/settings/file_setting.rb +3 -13
- data/lib/puppet/settings/http_extra_headers_setting.rb +1 -1
- data/lib/puppet/settings/ini_file.rb +1 -0
- data/lib/puppet/settings/integer_setting.rb +1 -0
- data/lib/puppet/settings/path_setting.rb +1 -0
- data/lib/puppet/settings/port_setting.rb +2 -1
- data/lib/puppet/settings/priority_setting.rb +9 -8
- data/lib/puppet/settings/server_list_setting.rb +2 -2
- data/lib/puppet/settings/string_setting.rb +1 -0
- data/lib/puppet/settings/symbolic_enum_setting.rb +2 -1
- data/lib/puppet/settings/terminus_setting.rb +1 -0
- data/lib/puppet/settings/ttl_setting.rb +2 -0
- data/lib/puppet/settings/value_translator.rb +8 -7
- data/lib/puppet/settings.rb +89 -66
- data/lib/puppet/ssl/base.rb +4 -0
- data/lib/puppet/ssl/certificate.rb +3 -2
- data/lib/puppet/ssl/certificate_request.rb +9 -7
- data/lib/puppet/ssl/certificate_request_attributes.rb +3 -1
- data/lib/puppet/ssl/certificate_signer.rb +2 -3
- data/lib/puppet/ssl/digest.rb +1 -0
- data/lib/puppet/ssl/error.rb +2 -0
- data/lib/puppet/ssl/oids.rb +3 -3
- data/lib/puppet/ssl/openssl_loader.rb +1 -0
- data/lib/puppet/ssl/ssl_context.rb +11 -15
- data/lib/puppet/ssl/ssl_provider.rb +2 -1
- data/lib/puppet/ssl/state_machine.rb +1 -0
- data/lib/puppet/ssl/verifier.rb +2 -2
- data/lib/puppet/ssl.rb +1 -0
- data/lib/puppet/syntax_checkers/base64.rb +2 -1
- data/lib/puppet/syntax_checkers/epp.rb +1 -1
- data/lib/puppet/syntax_checkers/json.rb +1 -2
- data/lib/puppet/syntax_checkers/pp.rb +1 -1
- data/lib/puppet/syntax_checkers.rb +1 -0
- data/lib/puppet/test/test_helper.rb +16 -14
- data/lib/puppet/thread_local.rb +1 -0
- data/lib/puppet/transaction/additional_resource_generator.rb +5 -1
- data/lib/puppet/transaction/event.rb +5 -3
- data/lib/puppet/transaction/event_manager.rb +4 -3
- data/lib/puppet/transaction/persistence.rb +2 -1
- data/lib/puppet/transaction/report.rb +24 -16
- data/lib/puppet/transaction/resource_harness.rb +6 -3
- data/lib/puppet/transaction.rb +11 -6
- data/lib/puppet/trusted_external.rb +8 -4
- data/lib/puppet/type/component.rb +11 -5
- data/lib/puppet/type/exec.rb +26 -10
- data/lib/puppet/type/file/checksum.rb +1 -0
- data/lib/puppet/type/file/checksum_value.rb +3 -2
- data/lib/puppet/type/file/content.rb +16 -13
- data/lib/puppet/type/file/ctime.rb +2 -1
- data/lib/puppet/type/file/data_sync.rb +4 -2
- data/lib/puppet/type/file/ensure.rb +5 -5
- data/lib/puppet/type/file/group.rb +2 -1
- data/lib/puppet/type/file/mode.rb +4 -2
- data/lib/puppet/type/file/mtime.rb +2 -1
- data/lib/puppet/type/file/owner.rb +2 -1
- data/lib/puppet/type/file/selcontext.rb +2 -2
- data/lib/puppet/type/file/source.rb +12 -10
- data/lib/puppet/type/file/target.rb +2 -2
- data/lib/puppet/type/file/type.rb +2 -1
- data/lib/puppet/type/file.rb +22 -13
- data/lib/puppet/type/filebucket.rb +2 -1
- data/lib/puppet/type/group.rb +8 -8
- data/lib/puppet/type/notify.rb +1 -1
- data/lib/puppet/type/package.rb +21 -21
- data/lib/puppet/type/resources.rb +30 -25
- data/lib/puppet/type/schedule.rb +9 -10
- data/lib/puppet/type/service.rb +9 -7
- data/lib/puppet/type/stage.rb +1 -0
- data/lib/puppet/type/tidy.rb +9 -4
- data/lib/puppet/type/user.rb +28 -24
- data/lib/puppet/type/whit.rb +1 -1
- data/lib/puppet/type.rb +71 -61
- data/lib/puppet/util/at_fork/noop.rb +1 -0
- data/lib/puppet/util/at_fork/solaris.rb +2 -1
- data/lib/puppet/util/at_fork.rb +2 -1
- data/lib/puppet/util/autoload.rb +5 -0
- data/lib/puppet/util/backups.rb +3 -2
- data/lib/puppet/util/character_encoding.rb +1 -0
- data/lib/puppet/util/checksums.rb +11 -9
- data/lib/puppet/util/classgen.rb +8 -13
- data/lib/puppet/util/colors.rb +32 -31
- data/lib/puppet/util/command_line/puppet_option_parser.rb +12 -12
- data/lib/puppet/util/command_line/trollop.rb +693 -690
- data/lib/puppet/util/command_line.rb +1 -0
- data/lib/puppet/util/constant_inflector.rb +3 -3
- data/lib/puppet/util/diff.rb +14 -14
- data/lib/puppet/util/docs.rb +3 -0
- data/lib/puppet/util/errors.rb +1 -0
- data/lib/puppet/util/execution.rb +24 -21
- data/lib/puppet/util/execution_stub.rb +1 -0
- data/lib/puppet/util/feature.rb +1 -0
- data/lib/puppet/util/file_watcher.rb +2 -0
- data/lib/puppet/util/fileparsing.rb +2 -0
- data/lib/puppet/util/filetype.rb +3 -0
- data/lib/puppet/util/http_proxy.rb +1 -0
- data/lib/puppet/util/inifile.rb +5 -5
- data/lib/puppet/util/instance_loader.rb +2 -0
- data/lib/puppet/util/json.rb +1 -0
- data/lib/puppet/util/json_lockfile.rb +3 -1
- data/lib/puppet/util/ldap/connection.rb +19 -18
- data/lib/puppet/util/ldap/generator.rb +1 -0
- data/lib/puppet/util/ldap/manager.rb +3 -2
- data/lib/puppet/util/ldap.rb +1 -0
- data/lib/puppet/util/libuser.rb +1 -1
- data/lib/puppet/util/limits.rb +1 -0
- data/lib/puppet/util/lockfile.rb +1 -0
- data/lib/puppet/util/log/destination.rb +1 -0
- data/lib/puppet/util/log/destinations.rb +14 -13
- data/lib/puppet/util/log.rb +21 -17
- data/lib/puppet/util/logging.rb +18 -14
- data/lib/puppet/util/metaid.rb +1 -0
- data/lib/puppet/util/metric.rb +2 -0
- data/lib/puppet/util/monkey_patches.rb +19 -0
- data/lib/puppet/util/multi_match.rb +4 -1
- data/lib/puppet/util/network_device/base.rb +1 -1
- data/lib/puppet/util/network_device/config.rb +3 -4
- data/lib/puppet/util/network_device/transport/base.rb +0 -1
- data/lib/puppet/util/network_device/transport.rb +1 -0
- data/lib/puppet/util/network_device.rb +1 -0
- data/lib/puppet/util/package/version/debian.rb +5 -3
- data/lib/puppet/util/package/version/gem.rb +2 -0
- data/lib/puppet/util/package/version/pip.rb +7 -2
- data/lib/puppet/util/package/version/range/eq.rb +2 -0
- data/lib/puppet/util/package/version/range/gt.rb +2 -0
- data/lib/puppet/util/package/version/range/gt_eq.rb +2 -0
- data/lib/puppet/util/package/version/range/lt.rb +2 -0
- data/lib/puppet/util/package/version/range/lt_eq.rb +2 -0
- data/lib/puppet/util/package/version/range/min_max.rb +4 -0
- data/lib/puppet/util/package/version/range/simple.rb +1 -0
- data/lib/puppet/util/package/version/range.rb +3 -0
- data/lib/puppet/util/package/version/rpm.rb +7 -5
- data/lib/puppet/util/package.rb +3 -0
- data/lib/puppet/util/pidlock.rb +7 -7
- data/lib/puppet/util/platform.rb +1 -0
- data/lib/puppet/util/plist.rb +1 -1
- data/lib/puppet/util/posix.rb +8 -5
- data/lib/puppet/util/profiler/aggregate.rb +2 -5
- data/lib/puppet/util/profiler/around_profiler.rb +1 -1
- data/lib/puppet/util/profiler/logging.rb +1 -0
- data/lib/puppet/util/profiler/object_counts.rb +1 -0
- data/lib/puppet/util/profiler/wall_clock.rb +1 -0
- data/lib/puppet/util/profiler.rb +1 -0
- data/lib/puppet/util/provider_features.rb +5 -1
- data/lib/puppet/util/psych_support.rb +1 -0
- data/lib/puppet/util/rdoc/code_objects.rb +3 -7
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +37 -50
- data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +50 -68
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +5 -5
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -0
- data/lib/puppet/util/rdoc/parser.rb +1 -0
- data/lib/puppet/util/rdoc.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +2 -0
- data/lib/puppet/util/retry_action.rb +3 -3
- data/lib/puppet/util/rpm_compare.rb +6 -3
- data/lib/puppet/util/rubygems.rb +1 -1
- data/lib/puppet/util/run_mode.rb +2 -1
- data/lib/puppet/util/selinux.rb +23 -12
- data/lib/puppet/util/skip_tags.rb +1 -0
- data/lib/puppet/util/splayer.rb +1 -0
- data/lib/puppet/util/storage.rb +2 -1
- data/lib/puppet/util/suidmanager.rb +8 -5
- data/lib/puppet/util/symbolic_file_mode.rb +3 -1
- data/lib/puppet/util/tag_set.rb +1 -0
- data/lib/puppet/util/tagging.rb +2 -1
- data/lib/puppet/util/terminal.rb +1 -0
- data/lib/puppet/util/user_attr.rb +1 -0
- data/lib/puppet/util/warnings.rb +3 -0
- data/lib/puppet/util/watched_file.rb +1 -0
- data/lib/puppet/util/watcher/change_watcher.rb +1 -0
- data/lib/puppet/util/watcher/periodic_watcher.rb +1 -0
- data/lib/puppet/util/watcher/timer.rb +1 -0
- data/lib/puppet/util/watcher.rb +1 -0
- data/lib/puppet/util/windows/access_control_entry.rb +2 -1
- data/lib/puppet/util/windows/access_control_list.rb +4 -3
- data/lib/puppet/util/windows/adsi.rb +41 -27
- data/lib/puppet/util/windows/com.rb +5 -3
- data/lib/puppet/util/windows/daemon.rb +33 -33
- data/lib/puppet/util/windows/error.rb +4 -3
- data/lib/puppet/util/windows/eventlog.rb +8 -5
- data/lib/puppet/util/windows/file.rb +32 -26
- data/lib/puppet/util/windows/monkey_patches/process.rb +0 -1
- data/lib/puppet/util/windows/principal.rb +27 -27
- data/lib/puppet/util/windows/process.rb +8 -7
- data/lib/puppet/util/windows/registry.rb +43 -41
- data/lib/puppet/util/windows/root_certs.rb +1 -0
- data/lib/puppet/util/windows/security.rb +43 -44
- data/lib/puppet/util/windows/security_descriptor.rb +1 -0
- data/lib/puppet/util/windows/service.rb +12 -1
- data/lib/puppet/util/windows/sid.rb +10 -8
- data/lib/puppet/util/windows/string.rb +1 -0
- data/lib/puppet/util/windows/user.rb +33 -33
- data/lib/puppet/util/windows.rb +6 -0
- data/lib/puppet/util/yaml.rb +1 -0
- data/lib/puppet/util.rb +20 -23
- data/lib/puppet/vendor.rb +2 -1
- data/lib/puppet/version.rb +3 -1
- data/lib/puppet/x509/cert_provider.rb +13 -3
- data/lib/puppet/x509/pem_store.rb +1 -0
- data/lib/puppet/x509.rb +1 -0
- data/lib/puppet.rb +1 -0
- data/lib/puppet_pal.rb +1 -0
- data/lib/puppet_x.rb +1 -0
- data/locales/puppet.pot +214 -210
- data/man/man5/puppet.conf.5 +3 -3
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/application/agent_spec.rb +13 -0
- data/spec/integration/type/exec_spec.rb +13 -0
- data/spec/lib/puppet_spec/puppetserver.rb +1 -0
- data/spec/lib/puppet_spec/verbose.rb +15 -4
- data/spec/unit/agent_spec.rb +2 -14
- data/spec/unit/application/ssl_spec.rb +49 -0
- data/spec/unit/daemon_spec.rb +3 -20
- data/spec/unit/functions/split_spec.rb +6 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +17 -0
- data/spec/unit/indirector/catalog/rest_spec.rb +17 -0
- data/spec/unit/info_service_spec.rb +1 -1
- data/spec/unit/provider/package/appdmg_spec.rb +1 -1
- data/spec/unit/provider/package/dnf_spec.rb +7 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +22 -2
- data/spec/unit/provider/service/systemd_spec.rb +8 -6
- data/spec/unit/ssl/certificate_signer_spec.rb +17 -0
- data/spec/unit/ssl/ssl_provider_spec.rb +1 -1
- data/spec/unit/type/exec_spec.rb +14 -9
- data/spec/unit/util/execution_spec.rb +1 -0
- data/spec/unit/util/monkey_patches_spec.rb +42 -0
- data/spec/unit/util/rpm_compare_spec.rb +8 -8
- data/spec/unit/util/windows/adsi_spec.rb +25 -0
- metadata +5 -4
- data/CONTRIBUTING.md +0 -161
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
# This class maps POSIX owner, group, and modes to the Windows
|
|
3
4
|
# security model, and back.
|
|
4
5
|
#
|
|
@@ -86,7 +87,7 @@ module Puppet::Util::Windows::Security
|
|
|
86
87
|
S_IRWXG = 0000070
|
|
87
88
|
S_IRWXO = 0000007
|
|
88
89
|
S_ISVTX = 0001000
|
|
89
|
-
S_IEXTRA = 02000000
|
|
90
|
+
S_IEXTRA = 02000000 # represents an extra ace
|
|
90
91
|
S_ISYSTEM_MISSING = 04000000
|
|
91
92
|
|
|
92
93
|
# constants that are missing from Windows::Security
|
|
@@ -160,7 +161,7 @@ module Puppet::Util::Windows::Security
|
|
|
160
161
|
get_security_descriptor(path).group
|
|
161
162
|
end
|
|
162
163
|
|
|
163
|
-
FILE_PERSISTENT_ACLS
|
|
164
|
+
FILE_PERSISTENT_ACLS = 0x00000008
|
|
164
165
|
|
|
165
166
|
def supports_acl?(path)
|
|
166
167
|
supported = false
|
|
@@ -170,10 +171,11 @@ module Puppet::Util::Windows::Security
|
|
|
170
171
|
|
|
171
172
|
FFI::MemoryPointer.new(:pointer, 1) do |flags_ptr|
|
|
172
173
|
if GetVolumeInformationW(wide_string(root), FFI::Pointer::NULL, 0,
|
|
173
|
-
|
|
174
|
-
|
|
174
|
+
FFI::Pointer::NULL, FFI::Pointer::NULL,
|
|
175
|
+
flags_ptr, FFI::Pointer::NULL, 0) == FFI::WIN32_FALSE
|
|
175
176
|
raise Puppet::Util::Windows::Error.new(_("Failed to get volume information"))
|
|
176
177
|
end
|
|
178
|
+
|
|
177
179
|
supported = flags_ptr.read_dword & FILE_PERSISTENT_ACLS == FILE_PERSISTENT_ACLS
|
|
178
180
|
end
|
|
179
181
|
|
|
@@ -237,10 +239,10 @@ module Puppet::Util::Windows::Security
|
|
|
237
239
|
if (ace.mask & FILE::FILE_APPEND_DATA).nonzero?
|
|
238
240
|
mode |= S_ISVTX
|
|
239
241
|
end
|
|
240
|
-
when well_known_app_packages_sid
|
|
241
|
-
|
|
242
|
+
when well_known_app_packages_sid, well_known_system_sid
|
|
243
|
+
# do nothing
|
|
242
244
|
else
|
|
243
|
-
#puts "Warning, unable to map SID into POSIX mode: #{ace.sid}"
|
|
245
|
+
# puts "Warning, unable to map SID into POSIX mode: #{ace.sid}"
|
|
244
246
|
mode |= S_IEXTRA
|
|
245
247
|
end
|
|
246
248
|
|
|
@@ -251,11 +253,11 @@ module Puppet::Util::Windows::Security
|
|
|
251
253
|
# if owner and group the same, then user and group modes are the OR of both
|
|
252
254
|
if sd.owner == sd.group
|
|
253
255
|
mode |= ((mode & S_IRWXG) << 3) | ((mode & S_IRWXU) >> 3)
|
|
254
|
-
#puts "owner: #{sd.group}, 0x#{ace.mask.to_s(16)}, #{mode.to_s(8)}"
|
|
256
|
+
# puts "owner: #{sd.group}, 0x#{ace.mask.to_s(16)}, #{mode.to_s(8)}"
|
|
255
257
|
end
|
|
256
258
|
end
|
|
257
259
|
|
|
258
|
-
#puts "get_mode: #{mode.to_s(8)}"
|
|
260
|
+
# puts "get_mode: #{mode.to_s(8)}"
|
|
259
261
|
mode
|
|
260
262
|
end
|
|
261
263
|
|
|
@@ -337,13 +339,13 @@ module Puppet::Util::Windows::Security
|
|
|
337
339
|
# If owner and group are both SYSTEM but group is unmanaged the control rights of system will be set to FullControl by
|
|
338
340
|
# the unmanaged group, so there is no need for the warning
|
|
339
341
|
if managing_owner && (!isownergroup || managing_group)
|
|
340
|
-
#TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
342
|
+
# TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
341
343
|
Puppet.warning _("Setting control rights for %{path} owner SYSTEM to less than Full Control rights. Setting SYSTEM rights to less than Full Control may have unintented consequences for operations on this file") % { path: path }
|
|
342
344
|
elsif managing_owner && isownergroup
|
|
343
|
-
#TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
345
|
+
# TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
344
346
|
Puppet.debug { _("%{path} owner and group both set to user SYSTEM, but group is not managed directly: SYSTEM user rights will be set to FullControl by group") % { path: path } }
|
|
345
347
|
else
|
|
346
|
-
#TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
348
|
+
# TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
347
349
|
Puppet.debug { _("An attempt to set mode %{mode} on item %{path} would result in the owner, SYSTEM, to have less than Full Control rights. This attempt has been corrected to Full Control") % { mode: mode.to_s(8), path: path } }
|
|
348
350
|
owner_allow = FILE::FILE_ALL_ACCESS
|
|
349
351
|
end
|
|
@@ -353,13 +355,13 @@ module Puppet::Util::Windows::Security
|
|
|
353
355
|
# If owner and group are both SYSTEM but owner is unmanaged the control rights of system will be set to FullControl by
|
|
354
356
|
# the unmanaged owner, so there is no need for the warning.
|
|
355
357
|
if managing_group && (!isownergroup || managing_owner)
|
|
356
|
-
#TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
358
|
+
# TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
357
359
|
Puppet.warning _("Setting control rights for %{path} group SYSTEM to less than Full Control rights. Setting SYSTEM rights to less than Full Control may have unintented consequences for operations on this file") % { path: path }
|
|
358
360
|
elsif managing_group && isownergroup
|
|
359
|
-
#TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
361
|
+
# TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
360
362
|
Puppet.debug { _("%{path} owner and group both set to user SYSTEM, but owner is not managed directly: SYSTEM user rights will be set to FullControl by owner") % { path: path } }
|
|
361
363
|
else
|
|
362
|
-
#TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
364
|
+
# TRANSLATORS 'SYSTEM' is a Windows name and should not be translated
|
|
363
365
|
Puppet.debug { _("An attempt to set mode %{mode} on item %{path} would result in the group, SYSTEM, to have less than Full Control rights. This attempt has been corrected to Full Control") % { mode: mode.to_s(8), path: path } }
|
|
364
366
|
group_allow = FILE::FILE_ALL_ACCESS
|
|
365
367
|
end
|
|
@@ -424,7 +426,7 @@ module Puppet::Util::Windows::Security
|
|
|
424
426
|
nil
|
|
425
427
|
end
|
|
426
428
|
|
|
427
|
-
ACL_REVISION
|
|
429
|
+
ACL_REVISION = 2
|
|
428
430
|
|
|
429
431
|
def add_access_allowed_ace(acl, mask, sid, inherit = nil)
|
|
430
432
|
inherit ||= NO_INHERITANCE
|
|
@@ -476,12 +478,11 @@ module Puppet::Util::Windows::Security
|
|
|
476
478
|
|
|
477
479
|
0.upto(ace_count - 1) do |i|
|
|
478
480
|
FFI::MemoryPointer.new(:pointer, 1) do |ace_ptr|
|
|
479
|
-
|
|
480
481
|
next if GetAce(dacl_ptr, i, ace_ptr) == FFI::WIN32_FALSE
|
|
481
482
|
|
|
482
483
|
# ACE structures vary depending on the type. We are only concerned with
|
|
483
484
|
# ACCESS_ALLOWED_ACE and ACCESS_DENIED_ACEs, which have the same layout
|
|
484
|
-
ace = GENERIC_ACCESS_ACE.new(ace_ptr.get_pointer(0)) #deref LPVOID *
|
|
485
|
+
ace = GENERIC_ACCESS_ACE.new(ace_ptr.get_pointer(0)) # deref LPVOID *
|
|
485
486
|
|
|
486
487
|
ace_type = ace[:Header][:AceType]
|
|
487
488
|
if ace_type != Puppet::Util::Windows::AccessControlEntry::ACCESS_ALLOWED_ACE_TYPE &&
|
|
@@ -511,13 +512,13 @@ module Puppet::Util::Windows::Security
|
|
|
511
512
|
# block with the opened file HANDLE.
|
|
512
513
|
def open_file(path, access, &block)
|
|
513
514
|
handle = CreateFileW(
|
|
514
|
-
|
|
515
|
-
|
|
516
|
-
|
|
517
|
-
|
|
518
|
-
|
|
519
|
-
|
|
520
|
-
|
|
515
|
+
wide_string(path),
|
|
516
|
+
access,
|
|
517
|
+
FILE::FILE_SHARE_READ | FILE::FILE_SHARE_WRITE,
|
|
518
|
+
FFI::Pointer::NULL, # security_attributes
|
|
519
|
+
FILE::OPEN_EXISTING,
|
|
520
|
+
FILE::FILE_FLAG_OPEN_REPARSE_POINT | FILE::FILE_FLAG_BACKUP_SEMANTICS,
|
|
521
|
+
FFI::Pointer::NULL_HANDLE) # template
|
|
521
522
|
|
|
522
523
|
if handle == Puppet::Util::Windows::File::INVALID_HANDLE_VALUE
|
|
523
524
|
raise Puppet::Util::Windows::Error.new(_("Failed to open '%{path}'") % { path: path })
|
|
@@ -565,8 +566,8 @@ module Puppet::Util::Windows::Security
|
|
|
565
566
|
# size is correct given we only have 1 LUID, otherwise would be:
|
|
566
567
|
# [:PrivilegeCount].size + [:PrivilegeCount] * LUID_AND_ATTRIBUTES.size
|
|
567
568
|
if AdjustTokenPrivileges(token, FFI::WIN32_FALSE,
|
|
568
|
-
|
|
569
|
-
|
|
569
|
+
token_privileges, token_privileges.size,
|
|
570
|
+
FFI::MemoryPointer::NULL, FFI::MemoryPointer::NULL) == FFI::WIN32_FALSE
|
|
570
571
|
raise Puppet::Util::Windows::Error.new(_("Failed to adjust process privileges"))
|
|
571
572
|
end
|
|
572
573
|
end
|
|
@@ -587,7 +588,6 @@ module Puppet::Util::Windows::Security
|
|
|
587
588
|
FFI::MemoryPointer.new(:pointer, 1) do |group_sid_ptr_ptr|
|
|
588
589
|
FFI::MemoryPointer.new(:pointer, 1) do |dacl_ptr_ptr|
|
|
589
590
|
FFI::MemoryPointer.new(:pointer, 1) do |sd_ptr_ptr|
|
|
590
|
-
|
|
591
591
|
rv = GetSecurityInfo(
|
|
592
592
|
handle,
|
|
593
593
|
:SE_FILE_OBJECT,
|
|
@@ -595,8 +595,8 @@ module Puppet::Util::Windows::Security
|
|
|
595
595
|
owner_sid_ptr_ptr,
|
|
596
596
|
group_sid_ptr_ptr,
|
|
597
597
|
dacl_ptr_ptr,
|
|
598
|
-
FFI::Pointer::NULL, #sacl
|
|
599
|
-
sd_ptr_ptr) #sec desc
|
|
598
|
+
FFI::Pointer::NULL, # sacl
|
|
599
|
+
sd_ptr_ptr) # sec desc
|
|
600
600
|
raise Puppet::Util::Windows::Error.new(_("Failed to get security information")) if rv != FFI::ERROR_SUCCESS
|
|
601
601
|
|
|
602
602
|
# these 2 convenience params are not freed since they point inside sd_ptr
|
|
@@ -606,7 +606,6 @@ module Puppet::Util::Windows::Security
|
|
|
606
606
|
FFI::MemoryPointer.new(:word, 1) do |control|
|
|
607
607
|
FFI::MemoryPointer.new(:dword, 1) do |revision|
|
|
608
608
|
sd_ptr_ptr.read_win32_local_pointer do |sd_ptr|
|
|
609
|
-
|
|
610
609
|
if GetSecurityDescriptorControl(sd_ptr, control, revision) == FFI::WIN32_FALSE
|
|
611
610
|
raise Puppet::Util::Windows::Error.new(_("Failed to get security descriptor control"))
|
|
612
611
|
end
|
|
@@ -656,10 +655,10 @@ module Puppet::Util::Windows::Security
|
|
|
656
655
|
sd.dacl.each do |ace|
|
|
657
656
|
case ace.type
|
|
658
657
|
when Puppet::Util::Windows::AccessControlEntry::ACCESS_ALLOWED_ACE_TYPE
|
|
659
|
-
#puts "ace: allow, sid #{Puppet::Util::Windows::SID.sid_to_name(ace.sid)}, mask 0x#{ace.mask.to_s(16)}"
|
|
658
|
+
# puts "ace: allow, sid #{Puppet::Util::Windows::SID.sid_to_name(ace.sid)}, mask 0x#{ace.mask.to_s(16)}"
|
|
660
659
|
add_access_allowed_ace(acl_ptr, ace.mask, ace.sid, ace.flags)
|
|
661
660
|
when Puppet::Util::Windows::AccessControlEntry::ACCESS_DENIED_ACE_TYPE
|
|
662
|
-
#puts "ace: deny, sid #{Puppet::Util::Windows::SID.sid_to_name(ace.sid)}, mask 0x#{ace.mask.to_s(16)}"
|
|
661
|
+
# puts "ace: deny, sid #{Puppet::Util::Windows::SID.sid_to_name(ace.sid)}, mask 0x#{ace.mask.to_s(16)}"
|
|
663
662
|
add_access_denied_ace(acl_ptr, ace.mask, ace.sid, ace.flags)
|
|
664
663
|
else
|
|
665
664
|
raise "We should never get here"
|
|
@@ -704,7 +703,7 @@ module Puppet::Util::Windows::Security
|
|
|
704
703
|
# );
|
|
705
704
|
ffi_lib :kernel32
|
|
706
705
|
attach_function_private :CreateFileW,
|
|
707
|
-
|
|
706
|
+
[:lpcwstr, :dword, :dword, :pointer, :dword, :dword, :handle], :handle
|
|
708
707
|
|
|
709
708
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa364993(v=vs.85).aspx
|
|
710
709
|
# BOOL WINAPI GetVolumeInformation(
|
|
@@ -719,7 +718,7 @@ module Puppet::Util::Windows::Security
|
|
|
719
718
|
# );
|
|
720
719
|
ffi_lib :kernel32
|
|
721
720
|
attach_function_private :GetVolumeInformationW,
|
|
722
|
-
|
|
721
|
+
[:lpcwstr, :lpwstr, :dword, :lpdword, :lpdword, :lpdword, :lpwstr, :dword], :win32_bool
|
|
723
722
|
|
|
724
723
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa374951(v=vs.85).aspx
|
|
725
724
|
# BOOL WINAPI AddAccessAllowedAceEx(
|
|
@@ -731,7 +730,7 @@ module Puppet::Util::Windows::Security
|
|
|
731
730
|
# );
|
|
732
731
|
ffi_lib :advapi32
|
|
733
732
|
attach_function_private :AddAccessAllowedAceEx,
|
|
734
|
-
|
|
733
|
+
[:pointer, :dword, :dword, :dword, :pointer], :win32_bool
|
|
735
734
|
|
|
736
735
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa374964(v=vs.85).aspx
|
|
737
736
|
# BOOL WINAPI AddAccessDeniedAceEx(
|
|
@@ -743,7 +742,7 @@ module Puppet::Util::Windows::Security
|
|
|
743
742
|
# );
|
|
744
743
|
ffi_lib :advapi32
|
|
745
744
|
attach_function_private :AddAccessDeniedAceEx,
|
|
746
|
-
|
|
745
|
+
[:pointer, :dword, :dword, :dword, :pointer], :win32_bool
|
|
747
746
|
|
|
748
747
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa374931(v=vs.85).aspx
|
|
749
748
|
# typedef struct _ACL {
|
|
@@ -813,7 +812,7 @@ module Puppet::Util::Windows::Security
|
|
|
813
812
|
# );
|
|
814
813
|
ffi_lib :advapi32
|
|
815
814
|
attach_function_private :GetAce,
|
|
816
|
-
|
|
815
|
+
[:pointer, :dword, :pointer], :win32_bool
|
|
817
816
|
|
|
818
817
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa375202(v=vs.85).aspx
|
|
819
818
|
# BOOL WINAPI AdjustTokenPrivileges(
|
|
@@ -826,7 +825,7 @@ module Puppet::Util::Windows::Security
|
|
|
826
825
|
# );
|
|
827
826
|
ffi_lib :advapi32
|
|
828
827
|
attach_function_private :AdjustTokenPrivileges,
|
|
829
|
-
|
|
828
|
+
[:handle, :win32_bool, :pointer, :dword, :pointer, :pdword], :win32_bool
|
|
830
829
|
|
|
831
830
|
# https://msdn.microsoft.com/en-us/library/windows/hardware/ff556610(v=vs.85).aspx
|
|
832
831
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379561(v=vs.85).aspx
|
|
@@ -839,7 +838,7 @@ module Puppet::Util::Windows::Security
|
|
|
839
838
|
# );
|
|
840
839
|
ffi_lib :advapi32
|
|
841
840
|
attach_function_private :GetSecurityDescriptorControl,
|
|
842
|
-
|
|
841
|
+
[:pointer, :lpword, :lpdword], :win32_bool
|
|
843
842
|
|
|
844
843
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa378853(v=vs.85).aspx
|
|
845
844
|
# BOOL WINAPI InitializeAcl(
|
|
@@ -849,7 +848,7 @@ module Puppet::Util::Windows::Security
|
|
|
849
848
|
# );
|
|
850
849
|
ffi_lib :advapi32
|
|
851
850
|
attach_function_private :InitializeAcl,
|
|
852
|
-
|
|
851
|
+
[:pointer, :dword, :dword], :win32_bool
|
|
853
852
|
|
|
854
853
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379142(v=vs.85).aspx
|
|
855
854
|
# BOOL WINAPI IsValidAcl(
|
|
@@ -857,7 +856,7 @@ module Puppet::Util::Windows::Security
|
|
|
857
856
|
# );
|
|
858
857
|
ffi_lib :advapi32
|
|
859
858
|
attach_function_private :IsValidAcl,
|
|
860
|
-
|
|
859
|
+
[:pointer], :win32_bool
|
|
861
860
|
|
|
862
861
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379593(v=vs.85).aspx
|
|
863
862
|
SE_OBJECT_TYPE = enum(
|
|
@@ -889,7 +888,7 @@ module Puppet::Util::Windows::Security
|
|
|
889
888
|
# );
|
|
890
889
|
ffi_lib :advapi32
|
|
891
890
|
attach_function_private :GetSecurityInfo,
|
|
892
|
-
|
|
891
|
+
[:handle, SE_OBJECT_TYPE, :dword, :pointer, :pointer, :pointer, :pointer, :pointer], :dword
|
|
893
892
|
|
|
894
893
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379588(v=vs.85).aspx
|
|
895
894
|
# DWORD WINAPI SetSecurityInfo(
|
|
@@ -904,5 +903,5 @@ module Puppet::Util::Windows::Security
|
|
|
904
903
|
ffi_lib :advapi32
|
|
905
904
|
# TODO: SECURITY_INFORMATION is actually a bitmask the size of a DWORD
|
|
906
905
|
attach_function_private :SetSecurityInfo,
|
|
907
|
-
|
|
906
|
+
[:handle, SE_OBJECT_TYPE, :dword, :pointer, :pointer, :pointer, :pointer], :dword
|
|
908
907
|
end
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
# coding: utf-8
|
|
2
2
|
# frozen_string_literal: true
|
|
3
|
+
|
|
3
4
|
require_relative '../../../puppet/ffi/windows'
|
|
4
5
|
|
|
5
6
|
module Puppet::Util::Windows
|
|
@@ -28,6 +29,7 @@ module Puppet::Util::Windows
|
|
|
28
29
|
end
|
|
29
30
|
rescue Puppet::Util::Windows::Error => e
|
|
30
31
|
return false if e.code == ERROR_SERVICE_DOES_NOT_EXIST
|
|
32
|
+
|
|
31
33
|
raise e
|
|
32
34
|
end
|
|
33
35
|
module_function :exists?
|
|
@@ -111,6 +113,7 @@ module Puppet::Util::Windows
|
|
|
111
113
|
if state.nil?
|
|
112
114
|
raise Puppet::Error.new(_("Unknown Service state '%{current_state}' for '%{service_name}'") % { current_state: state.to_s, service_name: service_name})
|
|
113
115
|
end
|
|
116
|
+
|
|
114
117
|
state
|
|
115
118
|
end
|
|
116
119
|
module_function :service_state
|
|
@@ -138,6 +141,7 @@ module Puppet::Util::Windows
|
|
|
138
141
|
if start_type.nil?
|
|
139
142
|
raise Puppet::Error.new(_("Unknown start type '%{start_type}' for '%{service_name}'") % { start_type: start_type.to_s, service_name: service_name})
|
|
140
143
|
end
|
|
144
|
+
|
|
141
145
|
start_type
|
|
142
146
|
end
|
|
143
147
|
module_function :service_start_type
|
|
@@ -253,6 +257,7 @@ module Puppet::Util::Windows
|
|
|
253
257
|
if success == FFI::WIN32_FALSE
|
|
254
258
|
raise Puppet::Util::Windows::Error.new(_("Failed to fetch services"))
|
|
255
259
|
end
|
|
260
|
+
|
|
256
261
|
# Now that the buffer is populated with services
|
|
257
262
|
# we pull the data from memory using pointer arithmetic:
|
|
258
263
|
# the number of services returned by the function is
|
|
@@ -301,6 +306,7 @@ module Puppet::Util::Windows
|
|
|
301
306
|
open_scm(scm_access) do |scm|
|
|
302
307
|
service = OpenServiceW(scm, wide_string(service_name), service_access)
|
|
303
308
|
raise Puppet::Util::Windows::Error.new(_("Failed to open a handle to the service")) if service == FFI::Pointer::NULL_HANDLE
|
|
309
|
+
|
|
304
310
|
result = yield service
|
|
305
311
|
end
|
|
306
312
|
|
|
@@ -318,6 +324,7 @@ module Puppet::Util::Windows
|
|
|
318
324
|
def open_scm(scm_access, &block)
|
|
319
325
|
scm = OpenSCManagerW(FFI::Pointer::NULL, FFI::Pointer::NULL, scm_access)
|
|
320
326
|
raise Puppet::Util::Windows::Error.new(_("Failed to open a handle to the service control manager")) if scm == FFI::Pointer::NULL_HANDLE
|
|
327
|
+
|
|
321
328
|
yield scm
|
|
322
329
|
ensure
|
|
323
330
|
CloseServiceHandle(scm)
|
|
@@ -363,7 +370,7 @@ module Puppet::Util::Windows
|
|
|
363
370
|
FINAL_STATES[pending_state] == final_state
|
|
364
371
|
end
|
|
365
372
|
if possible_pending_states.include?(initial_state)
|
|
366
|
-
Puppet.debug _("There is already a pending transition to the %{final_state} state for the %{service_name} service.")
|
|
373
|
+
Puppet.debug _("There is already a pending transition to the %{final_state} state for the %{service_name} service.") % { final_state: SERVICE_STATES[final_state], service_name: service_name }
|
|
367
374
|
wait_on_pending_state(service, initial_state, timeout)
|
|
368
375
|
|
|
369
376
|
next
|
|
@@ -434,6 +441,7 @@ module Puppet::Util::Windows
|
|
|
434
441
|
if success == FFI::WIN32_FALSE
|
|
435
442
|
raise Puppet::Util::Windows::Error.new(_("Service query failed"))
|
|
436
443
|
end
|
|
444
|
+
|
|
437
445
|
yield status
|
|
438
446
|
end
|
|
439
447
|
end
|
|
@@ -470,6 +478,7 @@ module Puppet::Util::Windows
|
|
|
470
478
|
if success == FFI::WIN32_FALSE
|
|
471
479
|
raise Puppet::Util::Windows::Error.new(_("Service query failed"))
|
|
472
480
|
end
|
|
481
|
+
|
|
473
482
|
yield config
|
|
474
483
|
end
|
|
475
484
|
end
|
|
@@ -513,6 +522,7 @@ module Puppet::Util::Windows
|
|
|
513
522
|
if success == FFI::WIN32_FALSE
|
|
514
523
|
raise Puppet::Util::Windows::Error.new(_("Service query for %{parameter_name} failed") % { parameter_name: SERVICE_CONFIG_TYPES[info_level] } )
|
|
515
524
|
end
|
|
525
|
+
|
|
516
526
|
yield config
|
|
517
527
|
end
|
|
518
528
|
end
|
|
@@ -595,6 +605,7 @@ module Puppet::Util::Windows
|
|
|
595
605
|
query_status(service) do |status|
|
|
596
606
|
state = status[:dwCurrentState]
|
|
597
607
|
return if state == final_state
|
|
608
|
+
|
|
598
609
|
if state == pending_state
|
|
599
610
|
Puppet.debug _("The service transitioned to the %{pending_state} state.") % { pending_state: SERVICE_STATES[pending_state] }
|
|
600
611
|
wait_on_pending_state(service, pending_state, timeout)
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require_relative '../../../puppet/util/windows'
|
|
3
4
|
|
|
4
5
|
module Puppet::Util::Windows
|
|
@@ -7,8 +8,10 @@ module Puppet::Util::Windows
|
|
|
7
8
|
extend FFI::Library
|
|
8
9
|
|
|
9
10
|
# missing from Windows::Error
|
|
10
|
-
ERROR_NONE_MAPPED
|
|
11
|
-
ERROR_INVALID_SID_STRUCTURE
|
|
11
|
+
ERROR_NONE_MAPPED = 1332
|
|
12
|
+
ERROR_INVALID_SID_STRUCTURE = 1337
|
|
13
|
+
ERROR_TRUSTED_DOMAIN_FAILURE = 1788
|
|
14
|
+
ERROR_TRUSTED_RELATIONSHIP_FAILURE = 1789
|
|
12
15
|
|
|
13
16
|
# Well Known SIDs
|
|
14
17
|
Null = 'S-1-0'
|
|
@@ -115,6 +118,7 @@ module Puppet::Util::Windows
|
|
|
115
118
|
!ads_object.ole_respond_to?(:objectSID) || !ads_object.ole_respond_to?(:Name)
|
|
116
119
|
raise Puppet::Error.new("ads_object must be an IAdsUser or IAdsGroup instance")
|
|
117
120
|
end
|
|
121
|
+
|
|
118
122
|
octet_string_to_principal(ads_object.objectSID)
|
|
119
123
|
rescue Puppet::Util::Windows::Error => e
|
|
120
124
|
# if the error is not a lookup / mapping problem, immediately re-raise
|
|
@@ -135,7 +139,6 @@ module Puppet::Util::Windows
|
|
|
135
139
|
# e.g. 'BUILTIN\Administrators'. Returns nil if an account
|
|
136
140
|
# for that SID does not exist.
|
|
137
141
|
def sid_to_name(value)
|
|
138
|
-
|
|
139
142
|
sid_bytes = []
|
|
140
143
|
begin
|
|
141
144
|
string_to_sid_ptr(value) do |ptr|
|
|
@@ -186,7 +189,6 @@ module Puppet::Util::Windows
|
|
|
186
189
|
def string_to_sid_ptr(string_sid, &block)
|
|
187
190
|
FFI::MemoryPointer.from_string_to_wide_string(string_sid) do |lpcwstr|
|
|
188
191
|
FFI::MemoryPointer.new(:pointer, 1) do |sid_ptr_ptr|
|
|
189
|
-
|
|
190
192
|
if ConvertStringSidToSidW(lpcwstr, sid_ptr_ptr) == FFI::WIN32_FALSE
|
|
191
193
|
raise Puppet::Util::Windows::Error.new(_("Failed to convert string SID: %{string_sid}") % { string_sid: string_sid })
|
|
192
194
|
end
|
|
@@ -244,7 +246,7 @@ module Puppet::Util::Windows
|
|
|
244
246
|
name, # account
|
|
245
247
|
sid_bytes, # sid_bytes
|
|
246
248
|
name, # sid string
|
|
247
|
-
nil, #domain
|
|
249
|
+
nil, # domain
|
|
248
250
|
# https://msdn.microsoft.com/en-us/library/cc245534.aspx?f=255&MSPPError=-2147217396
|
|
249
251
|
# Indicates that the type of object could not be determined. For example, no object with that SID exists.
|
|
250
252
|
:SidTypeUnknown)
|
|
@@ -258,7 +260,7 @@ module Puppet::Util::Windows
|
|
|
258
260
|
# );
|
|
259
261
|
ffi_lib :advapi32
|
|
260
262
|
attach_function_private :IsValidSid,
|
|
261
|
-
|
|
263
|
+
[:pointer], :win32_bool
|
|
262
264
|
|
|
263
265
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa376399(v=vs.85).aspx
|
|
264
266
|
# BOOL ConvertSidToStringSid(
|
|
@@ -267,7 +269,7 @@ module Puppet::Util::Windows
|
|
|
267
269
|
# );
|
|
268
270
|
ffi_lib :advapi32
|
|
269
271
|
attach_function_private :ConvertSidToStringSidW,
|
|
270
|
-
|
|
272
|
+
[:pointer, :pointer], :win32_bool
|
|
271
273
|
|
|
272
274
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa376402(v=vs.85).aspx
|
|
273
275
|
# BOOL WINAPI ConvertStringSidToSid(
|
|
@@ -276,7 +278,7 @@ module Puppet::Util::Windows
|
|
|
276
278
|
# );
|
|
277
279
|
ffi_lib :advapi32
|
|
278
280
|
attach_function_private :ConvertStringSidToSidW,
|
|
279
|
-
|
|
281
|
+
[:lpcwstr, :pointer], :win32_bool
|
|
280
282
|
|
|
281
283
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa446642(v=vs.85).aspx
|
|
282
284
|
# DWORD WINAPI GetLengthSid(
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
+
|
|
2
3
|
require_relative '../../../puppet/util/windows'
|
|
3
4
|
|
|
4
5
|
require 'ffi'
|
|
@@ -77,7 +78,6 @@ module Puppet::Util::Windows::User
|
|
|
77
78
|
begin
|
|
78
79
|
logon_user(name, password, domain) { |token| }
|
|
79
80
|
rescue Puppet::Util::Windows::Error => detail
|
|
80
|
-
|
|
81
81
|
authenticated_error_codes = Set[
|
|
82
82
|
ERROR_ACCOUNT_RESTRICTION,
|
|
83
83
|
ERROR_INVALID_LOGON_HOURS,
|
|
@@ -98,7 +98,7 @@ module Puppet::Util::Windows::User
|
|
|
98
98
|
token = nil
|
|
99
99
|
begin
|
|
100
100
|
FFI::MemoryPointer.new(:handle, 1) do |token_pointer|
|
|
101
|
-
#try logon using network else try logon using interactive mode
|
|
101
|
+
# try logon using network else try logon using interactive mode
|
|
102
102
|
if logon_user_by_logon_type(name, domain, password, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, token_pointer) == FFI::WIN32_FALSE
|
|
103
103
|
if logon_user_by_logon_type(name, domain, password, fLOGON32_LOGON_INTERACTIVE, fLOGON32_PROVIDER_DEFAULT, token_pointer) == FFI::WIN32_FALSE
|
|
104
104
|
raise Puppet::Util::Windows::Error.new(_("Failed to logon user %{name}") % {name: name.inspect})
|
|
@@ -248,17 +248,17 @@ module Puppet::Util::Windows::User
|
|
|
248
248
|
error_code = LsaNtStatusToWinError(status)
|
|
249
249
|
|
|
250
250
|
error_reason = case error_code.to_s(16)
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
251
|
+
when '0' # ERROR_SUCCESS
|
|
252
|
+
return # Method call succeded
|
|
253
|
+
when '2' # ERROR_FILE_NOT_FOUND
|
|
254
|
+
return # No rights/privilleges assigned to given user
|
|
255
|
+
when '5' # ERROR_ACCESS_DENIED
|
|
256
|
+
"Access is denied. Please make sure that puppet is running as administrator."
|
|
257
|
+
when '521' # ERROR_NO_SUCH_PRIVILEGE
|
|
258
|
+
"One or more of the given rights/privilleges are incorrect."
|
|
259
|
+
when '6ba' # RPC_S_SERVER_UNAVAILABLE
|
|
260
|
+
"The RPC server is unavailable or given domain name is invalid."
|
|
261
|
+
end
|
|
262
262
|
|
|
263
263
|
raise Puppet::Error.new("Calling `#{method_name}` returned 'Win32 Error Code 0x%08X'. #{error_reason}" % error_code)
|
|
264
264
|
end
|
|
@@ -277,7 +277,7 @@ module Puppet::Util::Windows::User
|
|
|
277
277
|
# );
|
|
278
278
|
ffi_lib :advapi32
|
|
279
279
|
attach_function_private :LogonUserW,
|
|
280
|
-
|
|
280
|
+
[:lpwstr, :lpwstr, :lpwstr, :dword, :dword, :phandle], :win32_bool
|
|
281
281
|
|
|
282
282
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/bb773378(v=vs.85).aspx
|
|
283
283
|
# typedef struct _PROFILEINFO {
|
|
@@ -310,7 +310,7 @@ module Puppet::Util::Windows::User
|
|
|
310
310
|
# );
|
|
311
311
|
ffi_lib :userenv
|
|
312
312
|
attach_function_private :LoadUserProfileW,
|
|
313
|
-
|
|
313
|
+
[:handle, :pointer], :win32_bool
|
|
314
314
|
|
|
315
315
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/bb762282(v=vs.85).aspx
|
|
316
316
|
# BOOL WINAPI UnloadUserProfile(
|
|
@@ -319,7 +319,7 @@ module Puppet::Util::Windows::User
|
|
|
319
319
|
# );
|
|
320
320
|
ffi_lib :userenv
|
|
321
321
|
attach_function_private :UnloadUserProfile,
|
|
322
|
-
|
|
322
|
+
[:handle, :handle], :win32_bool
|
|
323
323
|
|
|
324
324
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa376389(v=vs.85).aspx
|
|
325
325
|
# BOOL WINAPI CheckTokenMembership(
|
|
@@ -329,7 +329,7 @@ module Puppet::Util::Windows::User
|
|
|
329
329
|
# );
|
|
330
330
|
ffi_lib :advapi32
|
|
331
331
|
attach_function_private :CheckTokenMembership,
|
|
332
|
-
|
|
332
|
+
[:handle, :pointer, :pbool], :win32_bool
|
|
333
333
|
|
|
334
334
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379650(v=vs.85).aspx
|
|
335
335
|
WELL_KNOWN_SID_TYPE = enum(
|
|
@@ -439,7 +439,7 @@ module Puppet::Util::Windows::User
|
|
|
439
439
|
# );
|
|
440
440
|
ffi_lib :advapi32
|
|
441
441
|
attach_function_private :CreateWellKnownSid,
|
|
442
|
-
|
|
442
|
+
[WELL_KNOWN_SID_TYPE, :pointer, :pointer, :lpdword], :win32_bool
|
|
443
443
|
|
|
444
444
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379151(v=vs.85).aspx
|
|
445
445
|
# BOOL WINAPI IsValidSid(
|
|
@@ -447,7 +447,7 @@ module Puppet::Util::Windows::User
|
|
|
447
447
|
# );
|
|
448
448
|
ffi_lib :advapi32
|
|
449
449
|
attach_function_private :IsValidSid,
|
|
450
|
-
|
|
450
|
+
[:pointer], :win32_bool
|
|
451
451
|
|
|
452
452
|
# https://docs.microsoft.com/en-us/windows/win32/api/lsalookup/ns-lsalookup-lsa_object_attributes
|
|
453
453
|
# typedef struct _LSA_OBJECT_ATTRIBUTES {
|
|
@@ -460,11 +460,11 @@ module Puppet::Util::Windows::User
|
|
|
460
460
|
# } LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
|
|
461
461
|
class LSA_OBJECT_ATTRIBUTES < FFI::Struct
|
|
462
462
|
layout :Length, :ulong,
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
463
|
+
:RootDirectory, :handle,
|
|
464
|
+
:ObjectName, :plsa_unicode_string,
|
|
465
|
+
:Attributes, :ulong,
|
|
466
|
+
:SecurityDescriptor, :pvoid,
|
|
467
|
+
:SecurityQualityOfService, :pvoid
|
|
468
468
|
end
|
|
469
469
|
|
|
470
470
|
# https://docs.microsoft.com/en-us/windows/win32/api/lsalookup/ns-lsalookup-lsa_unicode_string
|
|
@@ -475,8 +475,8 @@ module Puppet::Util::Windows::User
|
|
|
475
475
|
# } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
|
|
476
476
|
class LSA_UNICODE_STRING < FFI::Struct
|
|
477
477
|
layout :Length, :ushort,
|
|
478
|
-
|
|
479
|
-
|
|
478
|
+
:MaximumLength, :ushort,
|
|
479
|
+
:Buffer, :pwstr
|
|
480
480
|
end
|
|
481
481
|
|
|
482
482
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsaenumerateaccountrights
|
|
@@ -489,7 +489,7 @@ module Puppet::Util::Windows::User
|
|
|
489
489
|
# );
|
|
490
490
|
ffi_lib :advapi32
|
|
491
491
|
attach_function_private :LsaEnumerateAccountRights,
|
|
492
|
-
|
|
492
|
+
[:lsa_handle, :psid, :plsa_unicode_string, :pulong], :ntstatus
|
|
493
493
|
|
|
494
494
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsaaddaccountrights
|
|
495
495
|
# NTSTATUS LsaAddAccountRights(
|
|
@@ -500,7 +500,7 @@ module Puppet::Util::Windows::User
|
|
|
500
500
|
# );
|
|
501
501
|
ffi_lib :advapi32
|
|
502
502
|
attach_function_private :LsaAddAccountRights,
|
|
503
|
-
|
|
503
|
+
[:lsa_handle, :psid, :plsa_unicode_string, :ulong], :ntstatus
|
|
504
504
|
|
|
505
505
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsaremoveaccountrights
|
|
506
506
|
# NTSTATUS LsaRemoveAccountRights(
|
|
@@ -512,7 +512,7 @@ module Puppet::Util::Windows::User
|
|
|
512
512
|
# );
|
|
513
513
|
ffi_lib :advapi32
|
|
514
514
|
attach_function_private :LsaRemoveAccountRights,
|
|
515
|
-
|
|
515
|
+
[:lsa_handle, :psid, :bool, :plsa_unicode_string, :ulong], :ntstatus
|
|
516
516
|
|
|
517
517
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsaopenpolicy
|
|
518
518
|
# NTSTATUS LsaOpenPolicy(
|
|
@@ -523,7 +523,7 @@ module Puppet::Util::Windows::User
|
|
|
523
523
|
# );
|
|
524
524
|
ffi_lib :advapi32
|
|
525
525
|
attach_function_private :LsaOpenPolicy,
|
|
526
|
-
|
|
526
|
+
[:plsa_unicode_string, :plsa_object_attributes, :access_mask, :plsa_handle], :ntstatus
|
|
527
527
|
|
|
528
528
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsaclose
|
|
529
529
|
# NTSTATUS LsaClose(
|
|
@@ -531,7 +531,7 @@ module Puppet::Util::Windows::User
|
|
|
531
531
|
# );
|
|
532
532
|
ffi_lib :advapi32
|
|
533
533
|
attach_function_private :LsaClose,
|
|
534
|
-
|
|
534
|
+
[:lsa_handle], :ntstatus
|
|
535
535
|
|
|
536
536
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsafreememory
|
|
537
537
|
# NTSTATUS LsaFreeMemory(
|
|
@@ -539,7 +539,7 @@ module Puppet::Util::Windows::User
|
|
|
539
539
|
# );
|
|
540
540
|
ffi_lib :advapi32
|
|
541
541
|
attach_function_private :LsaFreeMemory,
|
|
542
|
-
|
|
542
|
+
[:pvoid], :ntstatus
|
|
543
543
|
|
|
544
544
|
# https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-lsantstatustowinerror
|
|
545
545
|
# ULONG LsaNtStatusToWinError(
|
|
@@ -547,5 +547,5 @@ module Puppet::Util::Windows::User
|
|
|
547
547
|
# );
|
|
548
548
|
ffi_lib :advapi32
|
|
549
549
|
attach_function_private :LsaNtStatusToWinError,
|
|
550
|
-
|
|
550
|
+
[:ntstatus], :ulong
|
|
551
551
|
end
|