puppet 8.7.0-universal-darwin → 8.8.1-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/Gemfile.lock +32 -26
- data/ext/windows/service/daemon.rb +9 -2
- data/lib/puppet/application/doc.rb +1 -5
- data/lib/puppet/application/lookup.rb +2 -0
- data/lib/puppet/daemon.rb +0 -1
- data/lib/puppet/defaults.rb +5 -19
- data/lib/puppet/file_serving/http_metadata.rb +2 -0
- data/lib/puppet/functions/regsubst.rb +11 -14
- data/lib/puppet/indirector/catalog/compiler.rb +2 -35
- data/lib/puppet/module_tool/tar/gnu.rb +10 -8
- data/lib/puppet/node/server_facts.rb +43 -0
- data/lib/puppet/parser/functions/generate.rb +2 -1
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +41 -6
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +2 -1
- data/lib/puppet/pops/evaluator/runtime3_support.rb +0 -6
- data/lib/puppet/provider/file/posix.rb +16 -2
- data/lib/puppet/provider/package/gem.rb +1 -0
- data/lib/puppet/provider/package/pkgutil.rb +6 -5
- data/lib/puppet/provider/package/puppet_gem.rb +4 -15
- data/lib/puppet/scheduler/splay_job.rb +0 -9
- data/lib/puppet/type/file/selcontext.rb +7 -6
- data/lib/puppet/type/file/target.rb +9 -11
- data/lib/puppet/util/execution.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -30
- data/lib/puppet/util/run_mode.rb +40 -0
- data/lib/puppet/util/selinux.rb +14 -4
- data/lib/puppet/util/windows/daemon.rb +15 -32
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +90 -94
- data/man/man5/puppet.conf.5 +2 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- metadata +44 -29
@@ -8,20 +8,7 @@ Puppet::Type.type(:package).provide :puppet_gem, :parent => :gem do
|
|
8
8
|
|
9
9
|
confine :true => Puppet.runtime[:facter].value(:aio_agent_version)
|
10
10
|
|
11
|
-
|
12
|
-
puppet_dir = ENV.fetch('PUPPET_DIR', nil)
|
13
|
-
if puppet_dir
|
14
|
-
File.join(puppet_dir.to_s, 'bin', 'gem.bat')
|
15
|
-
else
|
16
|
-
File.join(Gem.default_bindir, 'gem.bat')
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
if Puppet::Util::Platform.windows?
|
21
|
-
commands :gemcmd => windows_gemcmd
|
22
|
-
else
|
23
|
-
commands :gemcmd => "/opt/puppetlabs/puppet/bin/gem"
|
24
|
-
end
|
11
|
+
commands :gemcmd => Puppet.run_mode.gem_cmd
|
25
12
|
|
26
13
|
def uninstall
|
27
14
|
super
|
@@ -30,7 +17,9 @@ Puppet::Type.type(:package).provide :puppet_gem, :parent => :gem do
|
|
30
17
|
end
|
31
18
|
|
32
19
|
def self.execute_gem_command(command, command_options, custom_environment = {})
|
33
|
-
|
20
|
+
if (pkg_config_path = Puppet.run_mode.pkg_config_path)
|
21
|
+
custom_environment['PKG_CONFIG_PATH'] = pkg_config_path
|
22
|
+
end
|
34
23
|
super(command, command_options, custom_environment)
|
35
24
|
end
|
36
25
|
end
|
@@ -25,15 +25,6 @@ module Puppet::Scheduler
|
|
25
25
|
end
|
26
26
|
end
|
27
27
|
|
28
|
-
# Recalculates splay.
|
29
|
-
#
|
30
|
-
# @param splay_limit [Integer] the maximum time (in seconds) to delay before an agent's first run.
|
31
|
-
# @return @splay [Integer] a random integer less than or equal to the splay limit that represents the seconds to
|
32
|
-
# delay before next agent run.
|
33
|
-
def splay_limit=(splay_limit)
|
34
|
-
@splay = calculate_splay(splay_limit)
|
35
|
-
end
|
36
|
-
|
37
28
|
private
|
38
29
|
|
39
30
|
def calculate_splay(limit)
|
@@ -40,11 +40,12 @@ module Puppet
|
|
40
40
|
end
|
41
41
|
|
42
42
|
def retrieve_default_context(property)
|
43
|
+
return nil if Puppet::Util::Platform.windows?
|
43
44
|
if @resource[:selinux_ignore_defaults] == :true
|
44
45
|
return nil
|
45
46
|
end
|
46
47
|
|
47
|
-
context =
|
48
|
+
context = get_selinux_default_context_with_handle(@resource[:path], provider.class.selinux_handle)
|
48
49
|
unless context
|
49
50
|
return nil
|
50
51
|
end
|
@@ -85,7 +86,7 @@ module Puppet
|
|
85
86
|
end
|
86
87
|
|
87
88
|
Puppet::Type.type(:file).newparam(:selinux_ignore_defaults) do
|
88
|
-
desc "If this is set then Puppet will not ask SELinux (via
|
89
|
+
desc "If this is set then Puppet will not ask SELinux (via selabel_lookup) to
|
89
90
|
supply defaults for the SELinux attributes (seluser, selrole,
|
90
91
|
seltype, and selrange). In general, you should leave this set at its
|
91
92
|
default and only set it to true when you need Puppet to not try to fix
|
@@ -98,7 +99,7 @@ module Puppet
|
|
98
99
|
Puppet::Type.type(:file).newproperty(:seluser, :parent => Puppet::SELFileContext) do
|
99
100
|
desc "What the SELinux user component of the context of the file should be.
|
100
101
|
Any valid SELinux user component is accepted. For example `user_u`.
|
101
|
-
If not specified it defaults to the value returned by
|
102
|
+
If not specified it defaults to the value returned by selabel_lookup for
|
102
103
|
the file, if any exists. Only valid on systems with SELinux support
|
103
104
|
enabled."
|
104
105
|
|
@@ -109,7 +110,7 @@ module Puppet
|
|
109
110
|
Puppet::Type.type(:file).newproperty(:selrole, :parent => Puppet::SELFileContext) do
|
110
111
|
desc "What the SELinux role component of the context of the file should be.
|
111
112
|
Any valid SELinux role component is accepted. For example `role_r`.
|
112
|
-
If not specified it defaults to the value returned by
|
113
|
+
If not specified it defaults to the value returned by selabel_lookup for
|
113
114
|
the file, if any exists. Only valid on systems with SELinux support
|
114
115
|
enabled."
|
115
116
|
|
@@ -120,7 +121,7 @@ module Puppet
|
|
120
121
|
Puppet::Type.type(:file).newproperty(:seltype, :parent => Puppet::SELFileContext) do
|
121
122
|
desc "What the SELinux type component of the context of the file should be.
|
122
123
|
Any valid SELinux type component is accepted. For example `tmp_t`.
|
123
|
-
If not specified it defaults to the value returned by
|
124
|
+
If not specified it defaults to the value returned by selabel_lookup for
|
124
125
|
the file, if any exists. Only valid on systems with SELinux support
|
125
126
|
enabled."
|
126
127
|
|
@@ -132,7 +133,7 @@ module Puppet
|
|
132
133
|
desc "What the SELinux range component of the context of the file should be.
|
133
134
|
Any valid SELinux range component is accepted. For example `s0` or
|
134
135
|
`SystemHigh`. If not specified it defaults to the value returned by
|
135
|
-
|
136
|
+
selabel_lookup for the file, if any exists. Only valid on systems with
|
136
137
|
SELinux support enabled and that have support for MCS (Multi-Category
|
137
138
|
Security)."
|
138
139
|
|
@@ -44,22 +44,20 @@ module Puppet
|
|
44
44
|
|
45
45
|
raise Puppet::Error, "Could not remove existing file" if Puppet::FileSystem.exist?(@resource[:path])
|
46
46
|
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
Puppet::Util.withumask(0o00) do
|
52
|
-
Puppet::FileSystem.symlink(target, @resource[:path])
|
53
|
-
end
|
54
|
-
else
|
47
|
+
Puppet::Util::SUIDManager.asuser(@resource.asuser) do
|
48
|
+
mode = @resource.should(:mode)
|
49
|
+
if mode
|
50
|
+
Puppet::Util.withumask(0o00) do
|
55
51
|
Puppet::FileSystem.symlink(target, @resource[:path])
|
56
52
|
end
|
53
|
+
else
|
54
|
+
Puppet::FileSystem.symlink(target, @resource[:path])
|
57
55
|
end
|
56
|
+
end
|
58
57
|
|
59
|
-
|
58
|
+
@resource.send(:property_fix)
|
60
59
|
|
61
|
-
|
62
|
-
end
|
60
|
+
:link_created
|
63
61
|
end
|
64
62
|
|
65
63
|
def insync?(currentvalue)
|
@@ -323,7 +323,7 @@ module Puppet::Util::Execution
|
|
323
323
|
unless options[:squelch]
|
324
324
|
# if we opened a pipe, we need to clean it up.
|
325
325
|
reader.close if reader
|
326
|
-
stdout.close! if Puppet::Util::Platform.windows?
|
326
|
+
stdout.close! if stdout && Puppet::Util::Platform.windows?
|
327
327
|
end
|
328
328
|
end
|
329
329
|
|
@@ -13,7 +13,7 @@ class Puppet::Util::Reference
|
|
13
13
|
instance_load(:reference, 'puppet/reference')
|
14
14
|
|
15
15
|
def self.modes
|
16
|
-
%w[
|
16
|
+
%w[text]
|
17
17
|
end
|
18
18
|
|
19
19
|
def self.newreference(name, options = {}, &block)
|
@@ -32,35 +32,6 @@ class Puppet::Util::Reference
|
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
|
-
def self.pdf(text)
|
36
|
-
puts _("creating pdf")
|
37
|
-
rst2latex = which('rst2latex') || which('rst2latex.py') ||
|
38
|
-
raise(_("Could not find rst2latex"))
|
39
|
-
|
40
|
-
cmd = %(#{rst2latex} /tmp/puppetdoc.txt > /tmp/puppetdoc.tex)
|
41
|
-
Puppet::Util.replace_file("/tmp/puppetdoc.txt") { |f| f.puts text }
|
42
|
-
# There used to be an attempt to use secure_open / replace_file to secure
|
43
|
-
# the target, too, but that did nothing: the race was still here. We can
|
44
|
-
# get exactly the same benefit from running this effort:
|
45
|
-
begin
|
46
|
-
Puppet::FileSystem.unlink('/tmp/puppetdoc.tex')
|
47
|
-
rescue
|
48
|
-
nil
|
49
|
-
end
|
50
|
-
output = %x(#{cmd})
|
51
|
-
unless $CHILD_STATUS == 0
|
52
|
-
$stderr.puts _("rst2latex failed")
|
53
|
-
$stderr.puts output
|
54
|
-
exit(1)
|
55
|
-
end
|
56
|
-
$stderr.puts output
|
57
|
-
|
58
|
-
# Now convert to pdf
|
59
|
-
Dir.chdir("/tmp") do
|
60
|
-
%x(texi2pdf puppetdoc.tex >/dev/null 2>/dev/null)
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
35
|
def self.references(environment)
|
65
36
|
instance_loader(:reference).loadall(environment)
|
66
37
|
loaded_instances(:reference).sort_by(&:to_s)
|
data/lib/puppet/util/run_mode.rb
CHANGED
@@ -87,6 +87,22 @@ module Puppet
|
|
87
87
|
def log_dir
|
88
88
|
which_dir("/var/log/puppetlabs/puppet", "~/.puppetlabs/var/log")
|
89
89
|
end
|
90
|
+
|
91
|
+
def pkg_config_path
|
92
|
+
'/opt/puppetlabs/puppet/lib/pkgconfig'
|
93
|
+
end
|
94
|
+
|
95
|
+
def gem_cmd
|
96
|
+
'/opt/puppetlabs/puppet/bin/gem'
|
97
|
+
end
|
98
|
+
|
99
|
+
def common_module_dir
|
100
|
+
'/opt/puppetlabs/puppet/modules'
|
101
|
+
end
|
102
|
+
|
103
|
+
def vendor_module_dir
|
104
|
+
'/opt/puppetlabs/puppet/vendor_modules'
|
105
|
+
end
|
90
106
|
end
|
91
107
|
|
92
108
|
class WindowsRunMode < RunMode
|
@@ -114,8 +130,32 @@ module Puppet
|
|
114
130
|
which_dir(File.join(windows_common_base("puppet/var/log")), "~/.puppetlabs/var/log")
|
115
131
|
end
|
116
132
|
|
133
|
+
def pkg_config_path
|
134
|
+
nil
|
135
|
+
end
|
136
|
+
|
137
|
+
def gem_cmd
|
138
|
+
if (puppet_dir = ENV.fetch('PUPPET_DIR', nil))
|
139
|
+
File.join(puppet_dir.to_s, 'bin', 'gem.bat')
|
140
|
+
else
|
141
|
+
File.join(Gem.default_bindir, 'gem.bat')
|
142
|
+
end
|
143
|
+
end
|
144
|
+
|
145
|
+
def common_module_dir
|
146
|
+
"#{installdir}/puppet/modules" if installdir
|
147
|
+
end
|
148
|
+
|
149
|
+
def vendor_module_dir
|
150
|
+
"#{installdir}\\puppet\\vendor_modules" if installdir
|
151
|
+
end
|
152
|
+
|
117
153
|
private
|
118
154
|
|
155
|
+
def installdir
|
156
|
+
ENV.fetch('FACTER_env_windows_installdir', nil)
|
157
|
+
end
|
158
|
+
|
119
159
|
def windows_common_base(*extra)
|
120
160
|
[ENV.fetch('ALLUSERSPROFILE', nil), "PuppetLabs"] + extra
|
121
161
|
end
|
data/lib/puppet/util/selinux.rb
CHANGED
@@ -46,6 +46,7 @@ module Puppet::Util::SELinux
|
|
46
46
|
|
47
47
|
# Retrieve and return the default context of the file. If we don't have
|
48
48
|
# SELinux support or if the SELinux call fails to file a default then return nil.
|
49
|
+
# @deprecated matchpathcon is a deprecated method, selabel_lookup is preferred
|
49
50
|
def get_selinux_default_context(file, resource_ensure = nil)
|
50
51
|
return nil unless selinux_support?
|
51
52
|
# If the filesystem has no support for SELinux labels, return a default of nil
|
@@ -68,11 +69,20 @@ module Puppet::Util::SELinux
|
|
68
69
|
end
|
69
70
|
|
70
71
|
retval = Selinux.matchpathcon(file, mode)
|
71
|
-
|
72
|
-
|
73
|
-
end
|
72
|
+
retval == -1 ? nil : retval[1]
|
73
|
+
end
|
74
74
|
|
75
|
-
|
75
|
+
def get_selinux_default_context_with_handle(file, handle)
|
76
|
+
return nil unless selinux_support?
|
77
|
+
# If the filesystem has no support for SELinux labels, return a default of nil
|
78
|
+
# instead of what selabel_lookup would return
|
79
|
+
return nil unless selinux_label_support?(file)
|
80
|
+
|
81
|
+
# Handle is needed for selabel_lookup
|
82
|
+
raise ArgumentError, _("Cannot get default context with nil handle") unless handle
|
83
|
+
|
84
|
+
retval = Selinux.selabel_lookup(handle, file, 0)
|
85
|
+
retval == -1 ? nil : retval[1]
|
76
86
|
end
|
77
87
|
|
78
88
|
# Take the full SELinux context returned from the tools and parse it
|
@@ -187,25 +187,6 @@ module Puppet::Util::Windows
|
|
187
187
|
SetTheServiceStatus.call(SERVICE_STOPPED, NO_ERROR, 0, 0)
|
188
188
|
end
|
189
189
|
|
190
|
-
ThreadProc = FFI::Function.new(:ulong, [:pointer]) do |lpParameter|
|
191
|
-
ste = FFI::MemoryPointer.new(SERVICE_TABLE_ENTRYW, 2)
|
192
|
-
|
193
|
-
s = SERVICE_TABLE_ENTRYW.new(ste[0])
|
194
|
-
s[:lpServiceName] = FFI::MemoryPointer.from_string('')
|
195
|
-
s[:lpServiceProc] = lpParameter
|
196
|
-
|
197
|
-
s = SERVICE_TABLE_ENTRYW.new(ste[1])
|
198
|
-
s[:lpServiceName] = nil
|
199
|
-
s[:lpServiceProc] = nil
|
200
|
-
|
201
|
-
# No service to step, no service handle, no ruby exceptions, just terminate the thread..
|
202
|
-
unless StartServiceCtrlDispatcherW(ste)
|
203
|
-
return 1
|
204
|
-
end
|
205
|
-
|
206
|
-
return 0
|
207
|
-
end
|
208
|
-
|
209
190
|
# This is a shortcut for Daemon.new + Daemon#mainloop.
|
210
191
|
#
|
211
192
|
def self.mainloop
|
@@ -255,26 +236,28 @@ module Puppet::Util::Windows
|
|
255
236
|
raise SystemCallError.new('CreateEvent', FFI.errno)
|
256
237
|
end
|
257
238
|
|
258
|
-
hThread =
|
239
|
+
hThread = Thread.new do
|
240
|
+
ste = FFI::MemoryPointer.new(SERVICE_TABLE_ENTRYW, 2)
|
259
241
|
|
260
|
-
|
261
|
-
|
262
|
-
|
242
|
+
s = SERVICE_TABLE_ENTRYW.new(ste[0])
|
243
|
+
s[:lpServiceName] = FFI::MemoryPointer.from_string("")
|
244
|
+
s[:lpServiceProc] = Service_Main
|
263
245
|
|
264
|
-
|
265
|
-
|
266
|
-
|
246
|
+
s = SERVICE_TABLE_ENTRYW.new(ste[1])
|
247
|
+
s[:lpServiceName] = nil
|
248
|
+
s[:lpServiceProc] = nil
|
267
249
|
|
268
|
-
|
250
|
+
# No service to step, no service handle, no ruby exceptions, just terminate the thread..
|
251
|
+
StartServiceCtrlDispatcherW(ste)
|
269
252
|
end
|
270
253
|
|
271
|
-
|
272
|
-
|
254
|
+
while (index = WaitForSingleObject(@@hStartEvent, 1000)) == WAIT_TIMEOUT
|
255
|
+
# The thread exited, so the show is off.
|
256
|
+
raise "Service_Main thread exited abnormally" unless hThread.alive?
|
273
257
|
end
|
274
258
|
|
275
|
-
|
276
|
-
|
277
|
-
raise "Service_Main thread exited abnormally"
|
259
|
+
if index == WAIT_FAILED
|
260
|
+
raise SystemCallError.new("WaitForSingleObject", FFI.errno)
|
278
261
|
end
|
279
262
|
|
280
263
|
thr = Thread.new do
|
data/lib/puppet/version.rb
CHANGED