puppet 8.7.0 → 8.8.1

data/lib/puppet/provider/package/puppet_gem.rb

@@ -8,20 +8,7 @@ Puppet::Type.type(:package).provide :puppet_gem, :parent => :gem do
 
   confine :true => Puppet.runtime[:facter].value(:aio_agent_version)
 
-  def self.windows_gemcmd
-    puppet_dir = ENV.fetch('PUPPET_DIR', nil)
-    if puppet_dir
-      File.join(puppet_dir.to_s, 'bin', 'gem.bat')
-    else
-      File.join(Gem.default_bindir, 'gem.bat')
-    end
-  end
-
-  if Puppet::Util::Platform.windows?
-    commands :gemcmd => windows_gemcmd
-  else
-    commands :gemcmd => "/opt/puppetlabs/puppet/bin/gem"
-  end
+  commands :gemcmd => Puppet.run_mode.gem_cmd
 
   def uninstall
     super
@@ -30,7 +17,9 @@ Puppet::Type.type(:package).provide :puppet_gem, :parent => :gem do
   end
 
   def self.execute_gem_command(command, command_options, custom_environment = {})
-    custom_environment['PKG_CONFIG_PATH'] = '/opt/puppetlabs/puppet/lib/pkgconfig' unless Puppet::Util::Platform.windows?
+    if (pkg_config_path = Puppet.run_mode.pkg_config_path)
+      custom_environment['PKG_CONFIG_PATH'] = pkg_config_path
+    end
     super(command, command_options, custom_environment)
   end
 end

data/lib/puppet/scheduler/splay_job.rb

@@ -25,15 +25,6 @@ module Puppet::Scheduler
       end
     end
 
-    # Recalculates splay.
-    #
-    # @param splay_limit [Integer] the maximum time (in seconds) to delay before an agent's first run.
-    # @return @splay [Integer] a random integer less than or equal to the splay limit that represents the seconds to
-    # delay before next agent run.
-    def splay_limit=(splay_limit)
-      @splay = calculate_splay(splay_limit)
-    end
-
     private
 
     def calculate_splay(limit)

data/lib/puppet/type/file/selcontext.rb

@@ -40,11 +40,12 @@ module Puppet
     end
 
     def retrieve_default_context(property)
+      return nil if Puppet::Util::Platform.windows?
       if @resource[:selinux_ignore_defaults] == :true
         return nil
       end
 
-      context = get_selinux_default_context(@resource[:path], @resource[:ensure])
+      context = get_selinux_default_context_with_handle(@resource[:path], provider.class.selinux_handle)
       unless context
         return nil
       end
@@ -85,7 +86,7 @@ module Puppet
   end
 
   Puppet::Type.type(:file).newparam(:selinux_ignore_defaults) do
-    desc "If this is set then Puppet will not ask SELinux (via matchpathcon) to
+    desc "If this is set then Puppet will not ask SELinux (via selabel_lookup) to
       supply defaults for the SELinux attributes (seluser, selrole,
       seltype, and selrange). In general, you should leave this set at its
       default and only set it to true when you need Puppet to not try to fix
@@ -98,7 +99,7 @@ module Puppet
   Puppet::Type.type(:file).newproperty(:seluser, :parent => Puppet::SELFileContext) do
     desc "What the SELinux user component of the context of the file should be.
       Any valid SELinux user component is accepted.  For example `user_u`.
-      If not specified it defaults to the value returned by matchpathcon for
+      If not specified it defaults to the value returned by selabel_lookup for
       the file, if any exists.  Only valid on systems with SELinux support
       enabled."
 
@@ -109,7 +110,7 @@ module Puppet
   Puppet::Type.type(:file).newproperty(:selrole, :parent => Puppet::SELFileContext) do
     desc "What the SELinux role component of the context of the file should be.
       Any valid SELinux role component is accepted.  For example `role_r`.
-      If not specified it defaults to the value returned by matchpathcon for
+      If not specified it defaults to the value returned by selabel_lookup for
       the file, if any exists.  Only valid on systems with SELinux support
       enabled."
 
@@ -120,7 +121,7 @@ module Puppet
   Puppet::Type.type(:file).newproperty(:seltype, :parent => Puppet::SELFileContext) do
     desc "What the SELinux type component of the context of the file should be.
       Any valid SELinux type component is accepted.  For example `tmp_t`.
-      If not specified it defaults to the value returned by matchpathcon for
+      If not specified it defaults to the value returned by selabel_lookup for
       the file, if any exists.  Only valid on systems with SELinux support
       enabled."
 
@@ -132,7 +133,7 @@ module Puppet
     desc "What the SELinux range component of the context of the file should be.
       Any valid SELinux range component is accepted.  For example `s0` or
       `SystemHigh`.  If not specified it defaults to the value returned by
-      matchpathcon for the file, if any exists.  Only valid on systems with
+      selabel_lookup for the file, if any exists.  Only valid on systems with
       SELinux support enabled and that have support for MCS (Multi-Category
       Security)."
 

data/lib/puppet/type/file/target.rb

@@ -44,22 +44,20 @@ module Puppet
 
       raise Puppet::Error, "Could not remove existing file" if Puppet::FileSystem.exist?(@resource[:path])
 
-      Dir.chdir(File.dirname(@resource[:path])) do
-        Puppet::Util::SUIDManager.asuser(@resource.asuser) do
-          mode = @resource.should(:mode)
-          if mode
-            Puppet::Util.withumask(0o00) do
-              Puppet::FileSystem.symlink(target, @resource[:path])
-            end
-          else
+      Puppet::Util::SUIDManager.asuser(@resource.asuser) do
+        mode = @resource.should(:mode)
+        if mode
+          Puppet::Util.withumask(0o00) do
             Puppet::FileSystem.symlink(target, @resource[:path])
           end
+        else
+          Puppet::FileSystem.symlink(target, @resource[:path])
         end
+      end
 
-        @resource.send(:property_fix)
+      @resource.send(:property_fix)
 
-        :link_created
-      end
+      :link_created
     end
 
     def insync?(currentvalue)

data/lib/puppet/util/execution.rb

@@ -323,7 +323,7 @@ module Puppet::Util::Execution
       unless options[:squelch]
         # if we opened a pipe, we need to clean it up.
         reader.close if reader
-        stdout.close! if Puppet::Util::Platform.windows?
+        stdout.close! if stdout && Puppet::Util::Platform.windows?
       end
     end
 

data/lib/puppet/util/reference.rb

@@ -13,7 +13,7 @@ class Puppet::Util::Reference
   instance_load(:reference, 'puppet/reference')
 
   def self.modes
-    %w[pdf text]
+    %w[text]
   end
 
   def self.newreference(name, options = {}, &block)
@@ -32,35 +32,6 @@ class Puppet::Util::Reference
     end
   end
 
-  def self.pdf(text)
-    puts _("creating pdf")
-    rst2latex = which('rst2latex') || which('rst2latex.py') ||
-                raise(_("Could not find rst2latex"))
-
-    cmd = %(#{rst2latex} /tmp/puppetdoc.txt > /tmp/puppetdoc.tex)
-    Puppet::Util.replace_file("/tmp/puppetdoc.txt") { |f| f.puts text }
-    # There used to be an attempt to use secure_open / replace_file to secure
-    # the target, too, but that did nothing: the race was still here.  We can
-    # get exactly the same benefit from running this effort:
-    begin
-      Puppet::FileSystem.unlink('/tmp/puppetdoc.tex')
-    rescue
-      nil
-    end
-    output = %x(#{cmd})
-    unless $CHILD_STATUS == 0
-      $stderr.puts _("rst2latex failed")
-      $stderr.puts output
-      exit(1)
-    end
-    $stderr.puts output
-
-    # Now convert to pdf
-    Dir.chdir("/tmp") do
-      %x(texi2pdf puppetdoc.tex >/dev/null 2>/dev/null)
-    end
-  end
-
   def self.references(environment)
     instance_loader(:reference).loadall(environment)
     loaded_instances(:reference).sort_by(&:to_s)

data/lib/puppet/util/run_mode.rb

@@ -87,6 +87,22 @@ module Puppet
       def log_dir
         which_dir("/var/log/puppetlabs/puppet", "~/.puppetlabs/var/log")
       end
+
+      def pkg_config_path
+        '/opt/puppetlabs/puppet/lib/pkgconfig'
+      end
+
+      def gem_cmd
+        '/opt/puppetlabs/puppet/bin/gem'
+      end
+
+      def common_module_dir
+        '/opt/puppetlabs/puppet/modules'
+      end
+
+      def vendor_module_dir
+        '/opt/puppetlabs/puppet/vendor_modules'
+      end
     end
 
     class WindowsRunMode < RunMode
@@ -114,8 +130,32 @@ module Puppet
         which_dir(File.join(windows_common_base("puppet/var/log")), "~/.puppetlabs/var/log")
       end
 
+      def pkg_config_path
+        nil
+      end
+
+      def gem_cmd
+        if (puppet_dir = ENV.fetch('PUPPET_DIR', nil))
+          File.join(puppet_dir.to_s, 'bin', 'gem.bat')
+        else
+          File.join(Gem.default_bindir, 'gem.bat')
+        end
+      end
+
+      def common_module_dir
+        "#{installdir}/puppet/modules" if installdir
+      end
+
+      def vendor_module_dir
+        "#{installdir}\\puppet\\vendor_modules" if installdir
+      end
+
       private
 
+      def installdir
+        ENV.fetch('FACTER_env_windows_installdir', nil)
+      end
+
       def windows_common_base(*extra)
         [ENV.fetch('ALLUSERSPROFILE', nil), "PuppetLabs"] + extra
       end

data/lib/puppet/util/selinux.rb

@@ -46,6 +46,7 @@ module Puppet::Util::SELinux
 
   # Retrieve and return the default context of the file.  If we don't have
   # SELinux support or if the SELinux call fails to file a default then return nil.
+  # @deprecated matchpathcon is a deprecated method, selabel_lookup is preferred
   def get_selinux_default_context(file, resource_ensure = nil)
     return nil unless selinux_support?
     # If the filesystem has no support for SELinux labels, return a default of nil
@@ -68,11 +69,20 @@ module Puppet::Util::SELinux
     end
 
     retval = Selinux.matchpathcon(file, mode)
-    if retval == -1
-      return nil
-    end
+    retval == -1 ? nil : retval[1]
+  end
 
-    retval[1]
+  def get_selinux_default_context_with_handle(file, handle)
+    return nil unless selinux_support?
+    # If the filesystem has no support for SELinux labels, return a default of nil
+    # instead of what selabel_lookup would return
+    return nil unless selinux_label_support?(file)
+
+    # Handle is needed for selabel_lookup
+    raise ArgumentError, _("Cannot get default context with nil handle") unless handle
+
+    retval = Selinux.selabel_lookup(handle, file, 0)
+    retval == -1 ? nil : retval[1]
   end
 
   # Take the full SELinux context returned from the tools and parse it

data/lib/puppet/util/windows/daemon.rb

@@ -187,25 +187,6 @@ module Puppet::Util::Windows
       SetTheServiceStatus.call(SERVICE_STOPPED, NO_ERROR, 0, 0)
     end
 
-    ThreadProc = FFI::Function.new(:ulong, [:pointer]) do |lpParameter|
-      ste = FFI::MemoryPointer.new(SERVICE_TABLE_ENTRYW, 2)
-
-      s = SERVICE_TABLE_ENTRYW.new(ste[0])
-      s[:lpServiceName] = FFI::MemoryPointer.from_string('')
-      s[:lpServiceProc] = lpParameter
-
-      s = SERVICE_TABLE_ENTRYW.new(ste[1])
-      s[:lpServiceName] = nil
-      s[:lpServiceProc] = nil
-
-      # No service to step, no service handle, no ruby exceptions, just terminate the thread..
-      unless StartServiceCtrlDispatcherW(ste)
-        return 1
-      end
-
-      return 0
-    end
-
     # This is a shortcut for Daemon.new + Daemon#mainloop.
     #
     def self.mainloop
@@ -255,26 +236,28 @@ module Puppet::Util::Windows
         raise SystemCallError.new('CreateEvent', FFI.errno)
       end
 
-      hThread = CreateThread(nil, 0, ThreadProc, Service_Main, 0, nil)
+      hThread = Thread.new do
+        ste = FFI::MemoryPointer.new(SERVICE_TABLE_ENTRYW, 2)
 
-      if hThread == 0
-        raise SystemCallError.new('CreateThread', FFI.errno)
-      end
+        s = SERVICE_TABLE_ENTRYW.new(ste[0])
+        s[:lpServiceName] = FFI::MemoryPointer.from_string("")
+        s[:lpServiceProc] = Service_Main
 
-      events = FFI::MemoryPointer.new(:pointer, 2)
-      events.put_pointer(0, FFI::Pointer.new(hThread))
-      events.put_pointer(FFI::Pointer.size, FFI::Pointer.new(@@hStartEvent))
+        s = SERVICE_TABLE_ENTRYW.new(ste[1])
+        s[:lpServiceName] = nil
+        s[:lpServiceProc] = nil
 
-      while (index = WaitForMultipleObjects(2, events, 0, 1000)) == WAIT_TIMEOUT
+        # No service to step, no service handle, no ruby exceptions, just terminate the thread..
+        StartServiceCtrlDispatcherW(ste)
       end
 
-      if index == WAIT_FAILED
-        raise SystemCallError.new('WaitForMultipleObjects', FFI.errno)
+      while (index = WaitForSingleObject(@@hStartEvent, 1000)) == WAIT_TIMEOUT
+        # The thread exited, so the show is off.
+        raise "Service_Main thread exited abnormally" unless hThread.alive?
       end
 
-      # The thread exited, so the show is off.
-      if index == WAIT_OBJECT_0
-        raise "Service_Main thread exited abnormally"
+      if index == WAIT_FAILED
+        raise SystemCallError.new("WaitForSingleObject", FFI.errno)
       end
 
       thr = Thread.new do

data/lib/puppet/version.rb

@@ -8,7 +8,7 @@
 # Raketasks and such to set the version based on the output of `git describe`
 
 module Puppet
-  PUPPETVERSION = '8.7.0'
+  PUPPETVERSION = '8.8.1'
 
   ##
   # version is a public API method intended to always provide a fast and