puppet 2.6.13 → 2.6.14

data/CHANGELOG

@@ -1,3 +1,22 @@
+2.6.14
+===
+d48ad59 Revert "(#5246) Puppetd does not remove it's pidfile when it exits"
+ade5965 Remove unnecessary fallbacks in change_{user,group}
+0a09a64 Document uid/gid-related methods in Puppet::Util
+2599d56 Copy owner/group in replace_file
+ead36ff (#12463) eliminate `secure_open` in favour of `replace_file`
+1469538 (#12460) use `replace_file` for the .k5login file
+8461203 (#12462) user_role_add: use `replace_file` for /etc/shadow
+0ad532a (#12463) add secure `replace_file` to Puppet::Util
+76d0749 (#12459) drop supplementary groups when permanently dropping UID
+50909b9 (#12458) default to users primary group, not root, in `asuser`
+d00c5cc (#12457) add users primary group, not Process.gid, in initgroups
+d937ae3 (#6541) Use the same filebucket for backup and restore
+a758066 (#11996) Fix test failures due to hash processing order changes.
+e0e31d5 (#5246) Puppetd does not remove it's pidfile when it exits
+0ab4597 (#11764) Fix failing cron test
+073ca03 (#11764) Fix cron jobs for passing block to method
+
 2.6.13
 ===
 e4ee794 (#10739) Provide default subjectAltNames while bootstrapping master

data/lib/puppet.rb

@@ -24,7 +24,7 @@ require 'puppet/util/run_mode'
 # it's also a place to find top-level commands like 'debug'
 
 module Puppet
-  PUPPETVERSION = '2.6.13'
+  PUPPETVERSION = '2.6.14'
 
   def Puppet.version
     PUPPETVERSION

data/lib/puppet/daemon.rb

@@ -33,9 +33,9 @@ class Puppet::Daemon
       Puppet::Util::Log.reopen
     rescue => detail
       Puppet.err "Could not start #{Puppet[:name]}: #{detail}"
-      Puppet::Util::secure_open("/tmp/daemonout", "w") { |f|
+      Puppet::Util::replace_file("/tmp/daemonout", 0644) do |f|
         f.puts "Could not start #{Puppet[:name]}: #{detail}"
-      }
+      end
       exit(12)
     end
   end

data/lib/puppet/network/server.rb

@@ -22,7 +22,7 @@ class Puppet::Network::Server
       $stderr.reopen $stdout
       Puppet::Util::Log.reopen
     rescue => detail
-      Puppet::Util.secure_open("/tmp/daemonout", "w") { |f|
+      Puppet::Util.replace_file("/tmp/daemonout", 0644) { |f|
         f.puts "Could not start #{Puppet[:name]}: #{detail}"
       }
       raise "Could not start #{Puppet[:name]}: #{detail}"

data/lib/puppet/provider/user/user_role_add.rb

@@ -1,3 +1,4 @@
+require 'puppet/util'
 require 'puppet/util/user_attr'
 
 Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source => :useradd do
@@ -145,11 +146,22 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
     run([command(:modify)] + build_keys_cmd(keys_hash) << @resource[:name], "modify attribute key pairs")
   end
 
+
+  # This helper makes it possible to test this on stub data without having to
+  # do too many crazy things!
+  def target_file_path
+    "/etc/shadow"
+  end
+  private :target_file_path
+
   #Read in /etc/shadow, find the line for this user (skipping comments, because who knows) and return it
   #No abstraction, all esoteric knowledge of file formats, yay
   def shadow_entry
     return @shadow_entry if defined? @shadow_entry
-    @shadow_entry = File.readlines("/etc/shadow").reject { |r| r =~ /^[^\w]/ }.collect { |l| l.chomp.split(':') }.find { |user, _| user == @resource[:name] }
+    @shadow_entry = File.readlines(target_file_path).
+      reject { |r| r =~ /^[^\w]/ }.
+      collect { |l| l.chomp.split(':') }.
+      find { |user, _| user == @resource[:name] }
   end
 
   def password
@@ -164,28 +176,31 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd, :source =>
     shadow_entry ? shadow_entry[4] : :absent
   end
 
-  #Read in /etc/shadow, find the line for our used and rewrite it with the new pw
-  #Smooth like 80 grit
+  # Read in /etc/shadow, find the line for our used and rewrite it with the
+  # new pw.  Smooth like 80 grit sandpaper.
+  #
+  # Now uses the `replace_file` mechanism to minimize the chance that we lose
+  # data, but it is still terrible.  We still skip platform locking, so a
+  # concurrent `vipw -s` session will have no idea we risk data loss.
   def password=(cryptopw)
     begin
-      File.open("/etc/shadow", "r") do |shadow|
-        File.open("/etc/shadow_tmp", "w", 0600) do |shadow_tmp|
-          while line = shadow.gets
-            line_arr = line.split(':')
-            if line_arr[0] == @resource[:name]
-              line_arr[1] = cryptopw
-              line = line_arr.join(':')
-            end
-            shadow_tmp.print line
+      shadow = File.read(target_file_path)
+
+      # Go Mifune loves the race here where we can lose data because
+      # /etc/shadow changed between reading it and writing it.
+      # --daniel 2012-02-05
+      Puppet::Util.replace_file(target_file_path, 0640) do |fh|
+        shadow.each_line do |line|
+          line_arr = line.split(':')
+          if line_arr[0] == @resource[:name]
+            line_arr[1] = cryptopw
+            line = line_arr.join(':')
           end
+          fh.print line
         end
       end
-      File.rename("/etc/shadow_tmp", "/etc/shadow")
     rescue => detail
-      fail "Could not write temporary shadow file: #{detail}"
-    ensure
-      # Make sure this *always* gets deleted
-      File.unlink("/etc/shadow_tmp") if File.exist?("/etc/shadow_tmp")
+      fail "Could not write replace #{target_file_path}: #{detail}"
     end
   end
 end

data/lib/puppet/rails/benchmark.rb

@@ -58,6 +58,6 @@ module Puppet::Rails::Benchmark
       data = {}
     end
     data[branch] = $benchmarks
-    Puppet::Util.secure_open(file, "w") { |f| f.print YAML.dump(data) }
+    Puppet::Util.replace_file(file, 0644) { |f| f.print YAML.dump(data) }
   end
 end

data/lib/puppet/type/k5login.rb

@@ -1,4 +1,5 @@
 # Plug-in type for handling k5login files
+require 'puppet/util'
 
 Puppet::Type.newtype(:k5login) do
   @doc = "Manage the `.k5login` file for a user.  Specify the full path to
@@ -79,8 +80,8 @@ Puppet::Type.newtype(:k5login) do
 
     private
     def write(value)
-      Puppet::Util.secure_open(@resource[:name], "w") do |f|
-        f.puts value.join("\n")
+      Puppet::Util.replace_file(@resource[:name], 0644) do |f|
+        f.puts value
       end
     end
   end

data/lib/puppet/util.rb

@@ -1,10 +1,11 @@
 # A module to collect utility functions.
-
 require 'puppet/util/monkey_patches'
-require 'sync'
 require 'puppet/external/lock'
-require 'monitor'
 require 'puppet/util/execution_stub'
+require 'sync'
+require 'monitor'
+require 'tempfile'
+require 'pathname'
 
 module Puppet
   # A command failed to execute.
@@ -261,7 +262,6 @@ module Util
     output_file="/dev/null"
     error_file="/dev/null"
     if ! arguments[:squelch]
-      require "tempfile"
       output_file = Tempfile.new("puppet")
       error_file=output_file if arguments[:combine]
     end
@@ -287,8 +287,7 @@ module Util
           $stderr.reopen(error_file)
 
           3.upto(256){|fd| IO::new(fd).close rescue nil}
-          Puppet::Util::SUIDManager.change_group(arguments[:gid], true) if arguments[:gid]
-          Puppet::Util::SUIDManager.change_user(arguments[:uid], true) if arguments[:uid]
+          Puppet::Util::SUIDManager.change_privileges(arguments[:uid], arguments[:gid], true)
           ENV['LANG'] = ENV['LC_ALL'] = ENV['LC_MESSAGES'] = ENV['LANGUAGE'] = 'C'
           if command.is_a?(Array)
             Kernel.exec(*command)
@@ -409,27 +408,82 @@ module Util
 
   module_function :memory, :thinmark
 
-  def secure_open(file,must_be_w,&block)
-    raise Puppet::DevError,"secure_open only works with mode 'w'" unless must_be_w == 'w'
-    raise Puppet::DevError,"secure_open only requires a block"    unless block_given?
-    Puppet.warning "#{file} was a symlink to #{File.readlink(file)}" if File.symlink?(file)
-    if File.exists?(file) or File.symlink?(file)
-      wait = File.symlink?(file) ? 5.0 : 0.1
-      File.delete(file)
-      sleep wait # give it a chance to reappear, just in case someone is actively trying something.
+  # Replace a file, securely.  This takes a block, and passes it the file
+  # handle of a file open for writing.  Write the replacement content inside
+  # the block and it will safely replace the target file.
+  #
+  # This method will make no changes to the target file until the content is
+  # successfully written and the block returns without raising an error.
+  #
+  # As far as possible the state of the existing file, such as mode, is
+  # preserved.  This works hard to avoid loss of any metadata, but will result
+  # in an inode change for the file.
+  #
+  # Arguments: `filename`, `default_mode`
+  #
+  # The filename is the file we are going to replace.
+  #
+  # The default_mode is the mode to use when the target file doesn't already
+  # exist; if the file is present we copy the existing mode/owner/group values
+  # across.
+  def replace_file(file, default_mode, &block)
+    raise Puppet::DevError, "replace_file requires a block" unless block_given?
+
+    file     = Pathname(file)
+    tempfile = Tempfile.new(file.basename.to_s, file.dirname.to_s)
+
+    file_exists = file.exist?
+
+    # If the file exists, use its current mode/owner/group. If it doesn't, use
+    # the supplied mode, and default to current user/group.
+    if file_exists
+      stat = file.lstat
+
+      # We only care about the four lowest-order octets. Higher octets are
+      # filesystem-specific.
+      mode = stat.mode & 07777
+      uid = stat.uid
+      gid = stat.gid
+    else
+      mode = default_mode
+      uid = Process.euid
+      gid = Process.egid
     end
+
+    # Set properties of the temporary file before we write the content, because
+    # Tempfile doesn't promise to be safe from reading by other people, just
+    # that it avoids races around creating the file.
+    tempfile.chmod(mode)
+    tempfile.chown(uid, gid)
+
+    # OK, now allow the caller to write the content of the file.
+    yield tempfile
+
+    # Now, make sure the data (which includes the mode) is safe on disk.
+    tempfile.flush
     begin
-      File.open(file,File::CREAT|File::EXCL|File::TRUNC|File::WRONLY,&block)
-    rescue Errno::EEXIST
-      desc = File.symlink?(file) ? "symlink to #{File.readlink(file)}" : File.stat(file).ftype
-      puts "Warning: #{file} was apparently created by another process (as"
-      puts "a #{desc}) as soon as it was deleted by this process.  Someone may be trying"
-      puts "to do something objectionable (such as tricking you into overwriting system"
-      puts "files if you are running as root)."
-      raise
+      tempfile.fsync
+    rescue NotImplementedError
+      # fsync may not be implemented by Ruby on all platforms, but
+      # there is absolutely no recovery path if we detect that.  So, we just
+      # ignore the return code.
+      #
+      # However, don't be fooled: that is accepting that we are running in
+      # an unsafe fashion.  If you are porting to a new platform don't stub
+      # that out.
     end
+
+    tempfile.close
+
+    File.rename(tempfile.path, file)
+
+    # Ideally, we would now fsync the directory as well, but Ruby doesn't
+    # have support for that, and it doesn't matter /that/ much...
+
+    # Return something true, and possibly useful.
+    file
   end
-  module_function :secure_open
+  module_function :replace_file
 end
 end
 

data/lib/puppet/util/reference.rb

@@ -36,14 +36,15 @@ class Puppet::Util::Reference
 
   def self.pdf(text)
     puts "creating pdf"
-    Puppet::Util.secure_open("/tmp/puppetdoc.txt", "w") do |f|
-      f.puts text
-    end
-    rst2latex = which('rst2latex') || which('rst2latex.py') || raise("Could not find rst2latex")
+    rst2latex = which('rst2latex') || which('rst2latex.py') ||
+      raise("Could not find rst2latex")
+
     cmd = %{#{rst2latex} /tmp/puppetdoc.txt > /tmp/puppetdoc.tex}
-    Puppet::Util.secure_open("/tmp/puppetdoc.tex","w") do |f|
-      # If we get here without an error, /tmp/puppetdoc.tex isn't a tricky cracker's symlink
-    end
+    Puppet::Util.replace_file("/tmp/puppetdoc.txt") {|f| f.puts text }
+    # There used to be an attempt to use secure_open / replace_file to secure
+    # the target, too, but that did nothing: the race was still here.  We can
+    # get exactly the same benefit from running this effort:
+    File.unlink('/tmp/puppetdoc.tex') rescue nil
     output = %x{#{cmd}}
     unless $CHILD_STATUS == 0
       $stderr.puts "rst2latex failed"

data/lib/puppet/util/suidmanager.rb

@@ -1,5 +1,6 @@
 require 'puppet/util/warnings'
 require 'forwardable'
+require 'etc'
 
 module Puppet::Util::SUIDManager
   include Puppet::Util::Warnings
@@ -40,55 +41,76 @@ module Puppet::Util::SUIDManager
     Process.uid == 0
   end
 
-  # Runs block setting uid and gid if provided then restoring original ids
+  # Methods to handle changing uid/gid of the running process. In general,
+  # these will noop or fail on Windows, and require root to change to anything
+  # but the current uid/gid (which is a noop).
+
+  # Runs block setting euid and egid if provided then restoring original ids.
+  # If running on Windows or without root, the block will be run with the
+  # current euid/egid.
   def asuser(new_uid=nil, new_gid=nil)
-    return yield if Puppet.features.microsoft_windows? or !root?
+    return yield if Puppet.features.microsoft_windows?
+    return yield unless root?
+    return yield unless new_uid or new_gid
 
     old_euid, old_egid = self.euid, self.egid
     begin
-      change_group(new_gid) if new_gid
-      change_user(new_uid) if new_uid
+      change_privileges(new_uid, new_gid, false)
 
       yield
     ensure
-      change_group(old_egid)
-      change_user(old_euid)
+      change_privileges(new_uid ? old_euid : nil, old_egid, false)
     end
   end
   module_function :asuser
 
+  # If `permanently` is set, will permanently change the uid/gid of the
+  # process. If not, it will only set the euid/egid. If only uid is supplied,
+  # the primary group of the supplied gid will be used. If only gid is
+  # supplied, only gid will be changed. This method will fail if used on
+  # Windows.
+  def change_privileges(uid=nil, gid=nil, permanently=false)
+    return unless uid or gid
+
+    unless gid
+      uid = convert_xid(:uid, uid)
+      gid = Etc.getpwuid(uid).gid
+    end
+
+    change_group(gid, permanently)
+    change_user(uid, permanently) if uid
+  end
+  module_function :change_privileges
+
+  # Changes the egid of the process if `permanently` is not set, otherwise
+  # changes gid. This method will fail if used on Windows, or attempting to
+  # change to a different gid without root.
   def change_group(group, permanently=false)
     gid = convert_xid(:gid, group)
     raise Puppet::Error, "No such group #{group}" unless gid
 
     if permanently
-      begin
-        Process::GID.change_privilege(gid)
-      rescue NotImplementedError
-        Process.egid = gid
-        Process.gid  = gid
-      end
+      Process::GID.change_privilege(gid)
     else
       Process.egid = gid
     end
   end
   module_function :change_group
 
+  # As change_group, but operates on uids. If changing user permanently,
+  # supplementary groups will be set the to default groups for the new uid.
   def change_user(user, permanently=false)
     uid = convert_xid(:uid, user)
     raise Puppet::Error, "No such user #{user}" unless uid
 
     if permanently
-      begin
-        Process::UID.change_privilege(uid)
-      rescue NotImplementedError
-        # If changing uid, we must be root. So initgroups first here.
-        initgroups(uid)
-        Process.euid = uid
-        Process.uid  = uid
-      end
+      # If changing uid, we must be root. So initgroups first here.
+      initgroups(uid)
+
+      Process::UID.change_privilege(uid)
     else
-      # If we're already root, initgroups before changing euid. If we're not,
+      # We must be root to initgroups, so initgroups before dropping euid if
+      # we're root, otherwise elevate euid before initgroups.
       # change euid (to root) first.
       if Process.euid == 0
         initgroups(uid)
@@ -113,10 +135,13 @@ module Puppet::Util::SUIDManager
   end
   module_function :convert_xid
 
-  # Initialize supplementary groups
-  def initgroups(user)
-    require 'etc'
-    Process.initgroups(Etc.getpwuid(user).name, Process.gid)
+  # Initialize primary and supplemental groups to those of the target user.  We
+  # take the UID and manually look up their details in the system database,
+  # including username and primary group. This method will fail on Windows, or
+  # if used without root to initgroups of another user.
+  def initgroups(uid)
+    pwent = Etc.getpwuid(uid)
+    Process.initgroups(pwent.name, pwent.gid)
   end
 
   module_function :initgroups
@@ -126,15 +151,5 @@ module Puppet::Util::SUIDManager
     [output, $CHILD_STATUS.dup]
   end
   module_function :run_and_capture
-
-  def system(command, new_uid=nil, new_gid=nil)
-    status = nil
-    asuser(new_uid, new_gid) do
-      Kernel.system(command)
-      status = $CHILD_STATUS.dup
-    end
-    status
-  end
-  module_function :system
 end
 

data/spec/unit/parser/ast/asthash_spec.rb

@@ -92,7 +92,6 @@ describe Puppet::Parser::AST::ASTHash do
 
   it "should return a valid string with to_s" do
     hash = Puppet::Parser::AST::ASTHash.new(:value => { "a" => "b", "c" => "d" })
-
-    hash.to_s.should == '{a => b, c => d}'
+    ["{a => b, c => d}", "{c => d, a => b}"].should be_include hash.to_s
   end
 end

data/spec/unit/property/keyvalue_spec.rb

@@ -36,8 +36,11 @@ describe klass do
       @property.should_to_s({:foo => "baz", :bar => "boo"}) == "foo=baz;bar=boo"
     end
 
-    it "should return the passed in array values joined with the delimiter from is_to_s" do
-      @property.is_to_s({"foo" => "baz" , "bar" => "boo"}).should == "foo=baz;bar=boo"
+    it "should return the passed in hash values joined with the delimiter from is_to_s" do
+      s = @property.is_to_s({"foo" => "baz" , "bar" => "boo"})
+
+      # We can't predict the order the hash is processed in...
+      ["foo=baz;bar=boo", "bar=boo;foo=baz"].should be_include s
     end
 
     describe "when calling inclusive?" do

data/spec/unit/provider/user/user_role_add_spec.rb

@@ -1,10 +1,13 @@
 #!/usr/bin/env ruby
 
 require File.dirname(__FILE__) + '/../../../spec_helper'
+require 'tempfile'
 
 provider_class = Puppet::Type.type(:user).provider(:user_role_add)
 
 describe provider_class do
+  include PuppetSpec::Files
+
   before do
     @resource = stub("resource", :name => "myuser", :managehome? => nil)
     @resource.stubs(:should).returns "fakeval"
@@ -244,17 +247,51 @@ describe provider_class do
   end
 
   describe "when setting the password" do
-    #how can you mock these blocks up?
-    it "should open /etc/shadow for reading and /etc/shadow_tmp for writing" do
-      File.expects(:open).with("/etc/shadow", "r")
-      File.stubs(:rename)
-      @provider.password=("hashedpassword")
-    end
-
-    it "should rename the /etc/shadow_tmp to /etc/shadow" do
-      File.stubs(:open).with("/etc/shadow", "r")
-      File.expects(:rename).with("/etc/shadow_tmp", "/etc/shadow")
-      @provider.password=("hashedpassword")
+    let(:path) { tmpfile('etc-shadow') }
+
+    before :each do
+      @provider.stubs(:target_file_path).returns(path)
+    end
+
+    def write_fixture(content)
+      File.open(path, 'w') { |f| f.print(content) }
+    end
+
+    it "should update the target user" do
+      write_fixture <<FIXTURE
+fakeval:seriously:15315:0:99999:7:::
+FIXTURE
+      @provider.password = "totally"
+      File.read(path).should =~ /^fakeval:totally:/
+    end
+
+    it "should only update the target user" do
+      write_fixture <<FIXTURE
+before:seriously:15315:0:99999:7:::
+fakeval:seriously:15315:0:99999:7:::
+fakevalish:seriously:15315:0:99999:7:::
+after:seriously:15315:0:99999:7:::
+FIXTURE
+      @provider.password = "totally"
+      File.read(path).should == <<EOT
+before:seriously:15315:0:99999:7:::
+fakeval:totally:15315:0:99999:7:::
+fakevalish:seriously:15315:0:99999:7:::
+after:seriously:15315:0:99999:7:::
+EOT
+    end
+
+    # This preserves the current semantics, but is it right? --daniel 2012-02-05
+    it "should do nothing if the target user is missing" do
+      fixture = <<FIXTURE
+before:seriously:15315:0:99999:7:::
+fakevalish:seriously:15315:0:99999:7:::
+after:seriously:15315:0:99999:7:::
+FIXTURE
+
+      write_fixture fixture
+      @provider.password = "totally"
+      File.read(path).should == fixture
     end
   end
 

data/spec/unit/type/k5login_spec.rb

@@ -0,0 +1,115 @@
+#!/usr/bin/env ruby
+require 'spec_helper'
+require 'fileutils'
+require 'puppet/type'
+
+describe Puppet::Type.type(:k5login) do
+  include PuppetSpec::Files
+
+  context "the type class" do
+    subject { described_class }
+    it { should be_validattr :ensure }
+    it { should be_validattr :path }
+    it { should be_validattr :principals }
+    it { should be_validattr :mode }
+    # We have one, inline provider implemented.
+    it { should be_validattr :provider }
+  end
+
+  let(:path) { tmpfile('k5login') }
+
+  def resource(attrs = {})
+    attrs = {
+      :ensure     => 'present',
+      :path       => path,
+      :principals => 'fred@EXAMPLE.COM'
+    }.merge(attrs)
+
+    if content = attrs.delete(:content)
+      File.open(path, 'w') { |f| f.print(content) }
+    end
+
+    resource = described_class.new(attrs)
+    resource
+  end
+
+  before :each do
+    FileUtils.touch(path)
+  end
+
+  context "the provider" do
+    context "when the file is missing" do
+      it "should initially be absent" do
+        File.delete(path)
+        resource.retrieve[:ensure].must == :absent
+      end
+
+      it "should create the file when synced" do
+        resource(:ensure => 'present').parameter(:ensure).sync
+        File.should be_exist path
+      end
+    end
+
+    context "when the file is present" do
+      context "retrieved initial state" do
+        subject { resource.retrieve }
+
+        it "should retrieve its properties correctly with zero principals" do
+          subject[:ensure].should == :present
+          subject[:principals].should == []
+          # We don't really care what the mode is, just that it got it
+          subject[:mode].should_not be_nil
+        end
+
+        context "with one principal" do
+          subject { resource(:content => "daniel@EXAMPLE.COM\n").retrieve }
+
+          it "should retrieve its principals correctly" do
+            subject[:principals].should == ["daniel@EXAMPLE.COM"]
+          end
+        end
+
+        context "with two principals" do
+          subject do
+            content = ["daniel@EXAMPLE.COM", "george@EXAMPLE.COM"].join("\n")
+            resource(:content => content).retrieve
+          end
+
+          it "should retrieve its principals correctly" do
+            subject[:principals].should == ["daniel@EXAMPLE.COM", "george@EXAMPLE.COM"]
+          end
+        end
+      end
+
+      it "should remove the file ensure is absent" do
+        resource(:ensure => 'absent').property(:ensure).sync
+        File.should_not be_exist path
+      end
+
+      it "should write one principal to the file" do
+        File.read(path).should == ""
+        resource(:principals => ["daniel@EXAMPLE.COM"]).property(:principals).sync
+        File.read(path).should == "daniel@EXAMPLE.COM\n"
+      end
+
+      it "should write multiple principals to the file" do
+        content = ["daniel@EXAMPLE.COM", "george@EXAMPLE.COM"]
+
+        File.read(path).should == ""
+        resource(:principals => content).property(:principals).sync
+        File.read(path).should == content.join("\n") + "\n"
+      end
+
+      describe "when setting the mode", :unless => Puppet.features.microsoft_windows? do
+        # The defined input type is "mode, as an octal string"
+        ["400", "600", "700", "644", "664"].each do |mode|
+          it "should update the mode to #{mode}" do
+            resource(:mode => mode).property(:mode).sync
+
+            (File.stat(path).mode & 07777).to_s(8).should == mode
+          end
+        end
+      end
+    end
+  end
+end

data/spec/unit/util/suidmanager_spec.rb

@@ -13,10 +13,18 @@ describe Puppet::Util::SUIDManager do
 
   before :each do
     Puppet::Util::SUIDManager.stubs(:convert_xid).returns(42)
-    Puppet::Util::SUIDManager.stubs(:initgroups)
+    pwent = stub('pwent', :name => 'fred', :uid => 42, :gid => 42)
+    Etc.stubs(:getpwuid).with(42).returns(pwent)
 
     [:euid, :egid, :uid, :gid, :groups].each do |id|
-      Process.stubs("#{id}=").with {|value| xids[id] = value}
+      Process.stubs("#{id}=").with {|value| xids[id] = value }
+    end
+  end
+
+  describe "#initgroups" do
+    it "should use the primary group of the user as the 'basegid'" do
+      Process.expects(:initgroups).with('fred', 42)
+      described_class.initgroups(42)
     end
   end
 
@@ -31,45 +39,93 @@ describe Puppet::Util::SUIDManager do
   end
 
   describe "#asuser" do
-    it "should set euid/egid when root" do
-      Process.stubs(:uid).returns(0)
+    it "should not get or set euid/egid when not root" do
+      Process.stubs(:uid).returns(1)
 
       Process.stubs(:egid).returns(51)
       Process.stubs(:euid).returns(50)
 
-      Puppet::Util::SUIDManager.stubs(:convert_xid).with(:gid, 51).returns(51)
-      Puppet::Util::SUIDManager.stubs(:convert_xid).with(:uid, 50).returns(50)
+      Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) {}
+
+      xids.should be_empty
+    end
 
-      yielded = false
-      Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) do
-        xids[:egid].should == user[:gid]
-        xids[:euid].should == user[:uid]
-        yielded = true
+    context "when root and not windows" do
+      before :each do
+        Process.stubs(:uid).returns(0)
+        Puppet.features.stubs(:microsoft_windows?).returns(false)
       end
 
-      xids[:egid].should == 51
-      xids[:euid].should == 50
+      it "should set euid/egid when root" do
+        Process.stubs(:uid).returns(0)
 
-      # It's possible asuser could simply not yield, so the assertions in the
-      # block wouldn't fail. So verify those actually got checked.
-      yielded.should be_true
-    end
+        Process.stubs(:egid).returns(51)
+        Process.stubs(:euid).returns(50)
 
-    it "should not get or set euid/egid when not root" do
-      Process.stubs(:uid).returns(1)
+        Puppet::Util::SUIDManager.stubs(:convert_xid).with(:gid, 51).returns(51)
+        Puppet::Util::SUIDManager.stubs(:convert_xid).with(:uid, 50).returns(50)
+        Puppet::Util::SUIDManager.stubs(:initgroups).returns([])
 
-      Process.stubs(:egid).returns(51)
-      Process.stubs(:euid).returns(50)
+        yielded = false
+        Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) do
+          xids[:egid].should == user[:gid]
+          xids[:euid].should == user[:uid]
+          yielded = true
+        end
 
-      Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) {}
+        xids[:egid].should == 51
+        xids[:euid].should == 50
 
-      xids.should be_empty
+        # It's possible asuser could simply not yield, so the assertions in the
+        # block wouldn't fail. So verify those actually got checked.
+        yielded.should be_true
+      end
+
+      it "should just yield if user and group are nil" do
+        yielded = false
+        Puppet::Util::SUIDManager.asuser(nil, nil) { yielded = true }
+        yielded.should be_true
+        xids.should == {}
+      end
+
+      it "should just change group if only group is given" do
+        yielded = false
+        Puppet::Util::SUIDManager.asuser(nil, 42) { yielded = true }
+        yielded.should be_true
+        xids.should == { :egid => 42 }
+      end
+
+      it "should change gid to the primary group of uid by default" do
+        Process.stubs(:initgroups)
+
+        yielded = false
+        Puppet::Util::SUIDManager.asuser(42) { yielded = true }
+        yielded.should be_true
+        xids.should == { :euid => 42, :egid => 42 }
+      end
+
+      it "should change both uid and gid if given" do
+        # I don't like the sequence, but it is the only way to assert on the
+        # internal behaviour in a reliable fashion, given we need multiple
+        # sequenced calls to the same methods. --daniel 2012-02-05
+        horror = sequence('of user and group changes')
+        Puppet::Util::SUIDManager.expects(:change_group).with(43, false).in_sequence(horror)
+        Puppet::Util::SUIDManager.expects(:change_user).with(42, false).in_sequence(horror)
+        Puppet::Util::SUIDManager.expects(:change_group).
+          with(Puppet::Util::SUIDManager.egid, false).in_sequence(horror)
+        Puppet::Util::SUIDManager.expects(:change_user).
+          with(Puppet::Util::SUIDManager.euid, false).in_sequence(horror)
+
+        yielded = false
+        Puppet::Util::SUIDManager.asuser(42, 43) { yielded = true }
+        yielded.should be_true
+      end
     end
   end
 
   describe "#change_group" do
     describe "when changing permanently" do
-      it "should try to change_privilege if it is supported" do
+      it "should change_privilege" do
         Process::GID.expects(:change_privilege).with do |gid|
           Process.gid = gid
           Process.egid = gid
@@ -80,15 +136,6 @@ describe Puppet::Util::SUIDManager do
         xids[:egid].should == 42
         xids[:gid].should == 42
       end
-
-      it "should change both egid and gid if change_privilege isn't supported" do
-        Process::GID.stubs(:change_privilege).raises(NotImplementedError)
-
-        Puppet::Util::SUIDManager.change_group(42, true)
-
-        xids[:egid].should == 42
-        xids[:gid].should == 42
-      end
     end
 
     describe "when changing temporarily" do
@@ -103,21 +150,12 @@ describe Puppet::Util::SUIDManager do
 
   describe "#change_user" do
     describe "when changing permanently" do
-      it "should try to change_privilege if it is supported" do
+      it "should change_privilege" do
         Process::UID.expects(:change_privilege).with do |uid|
           Process.uid = uid
           Process.euid = uid
         end
 
-        Puppet::Util::SUIDManager.change_user(42, true)
-
-        xids[:euid].should == 42
-        xids[:uid].should == 42
-      end
-
-      it "should change euid and uid and groups if change_privilege isn't supported" do
-        Process::UID.stubs(:change_privilege).raises(NotImplementedError)
-
         Puppet::Util::SUIDManager.expects(:initgroups).with(42)
 
         Puppet::Util::SUIDManager.change_user(42, true)
@@ -129,6 +167,7 @@ describe Puppet::Util::SUIDManager do
 
     describe "when changing temporarily" do
       it "should change only euid and groups" do
+        Puppet::Util::SUIDManager.stubs(:initgroups).returns([])
         Puppet::Util::SUIDManager.change_user(42, false)
 
         xids[:euid].should == 42
@@ -165,35 +204,6 @@ describe Puppet::Util::SUIDManager do
       Kernel.system '' if $CHILD_STATUS.nil?
     end
 
-    describe "with #system" do
-      it "should set euid/egid when root" do
-        Process.stubs(:uid).returns(0)
-        Process.stubs(:egid).returns(51)
-        Process.stubs(:euid).returns(50)
-
-        Puppet::Util::SUIDManager.stubs(:convert_xid).with(:gid, 51).returns(51)
-        Puppet::Util::SUIDManager.stubs(:convert_xid).with(:uid, 50).returns(50)
-
-        Puppet::Util::SUIDManager.expects(:change_group).with(user[:uid])
-        Puppet::Util::SUIDManager.expects(:change_user).with(user[:uid])
-
-        Puppet::Util::SUIDManager.expects(:change_group).with(51)
-        Puppet::Util::SUIDManager.expects(:change_user).with(50)
-
-        Kernel.expects(:system).with('blah')
-        Puppet::Util::SUIDManager.system('blah', user[:uid], user[:gid])
-      end
-
-      it "should not get or set euid/egid when not root" do
-        Process.stubs(:uid).returns(1)
-        Kernel.expects(:system).with('blah')
-
-        Puppet::Util::SUIDManager.system('blah', user[:uid], user[:gid])
-
-        xids.should be_empty
-      end
-    end
-
     describe "with #run_and_capture" do
       it "should capture the output and return process status" do
         Puppet::Util.

data/spec/unit/util/zaml_spec.rb

@@ -36,29 +36,31 @@ describe "Pure ruby yaml implementation" do
     end
   }
 
-  def set_of_lines(l)
-    l.split("\n").sort
-  end
-
   it "should handle references to Array in Hash values correctly" do
     list = [1]
     data = { "one" => list, "two" => list }
-    data.to_yaml.should == "--- \n  two: &id001 \n    - 1\n  one: *id001"
+    data.to_yaml.should =~ /  two: [&*]id001/
+    data.to_yaml.should =~ /  one: [&*]id001/
     expect { YAML.load(data.to_yaml).should == data }.should_not raise_error
   end
 
   it "should handle references to Hash in Hash values correctly" do
     hash = { 1 => 1 }
     data = { "one" => hash, "two" => hash }
-    # This could still someday fail because the order change would also change which one got the back ref
-    set_of_lines(data.to_yaml).should == set_of_lines("--- \n  two: &id001 \n    1: 1\n  one: *id001")
+    lines = data.to_yaml.split("\n")
+    lines.should be_any {|x| x =~ /--- / }
+    lines.should be_any {|x| x =~ /  one: [*&]id001/ }
+    lines.should be_any {|x| x =~ /  two: [*&]id001/ }
     expect { YAML.load(data.to_yaml).should == data }.should_not raise_error
   end
 
   it "should handle references to Scalar in Hash" do
     str = "hello"
     data = { "one" => str, "two" => str }
-    set_of_lines(data.to_yaml).should == set_of_lines("--- \n  two: hello\n  one: hello")
+    lines = data.to_yaml.split("\n")
+    lines.should be_any {|x| x =~ /--- / }
+    lines.should be_any {|x| x =~ /  one: hello/ }
+    lines.should be_any {|x| x =~ /  two: hello/ }
     expect { YAML.load(data.to_yaml).should == data }.should_not raise_error
   end
 

data/spec/unit/util_spec.rb

@@ -0,0 +1,104 @@
+#!/usr/bin/env rspec
+require 'spec_helper'
+
+describe Puppet::Util do
+  subject { Puppet::Util }
+  include PuppetSpec::Files
+
+  context "#replace_file" do
+    it { should respond_to :replace_file }
+
+    let :target do
+      target = Tempfile.new("puppet-util-replace-file")
+      target.puts("hello, world")
+      target.flush              # make sure content is on disk.
+      target.fsync rescue nil
+      target.close
+      target
+    end
+
+    it "should fail if no block is given" do
+      expect { subject.replace_file(target.path, 0600) }.to raise_error /block/
+    end
+
+    it "should replace a file when invoked" do
+      # Check that our file has the expected content.
+      File.read(target.path).should == "hello, world\n"
+
+      # Replace the file.
+      subject.replace_file(target.path, 0600) do |fh|
+        fh.puts "I am the passenger..."
+      end
+
+      # ...and check the replacement was complete.
+      File.read(target.path).should == "I am the passenger...\n"
+    end
+
+    [0555, 0600, 0660, 0700, 0770].each do |mode|
+      it "should copy 0#{mode.to_s(8)} permissions from the target file by default" do
+        File.chmod(mode, target.path)
+
+        (File.stat(target.path).mode & 07777).should == mode
+
+        subject.replace_file(target.path, 0000) {|fh| fh.puts "bazam" }
+
+        (File.stat(target.path).mode & 07777).should == mode
+        File.read(target.path).should == "bazam\n"
+      end
+    end
+
+    it "should copy the permissions of the source file before yielding" do
+      File.chmod(0555, target.path)
+      inode = File.stat(target.path).ino
+
+      yielded = false
+      subject.replace_file(target.path, 0600) do |fh|
+        (File.stat(fh.path).mode & 07777).should == 0555
+        yielded = true
+      end
+      yielded.should be_true
+
+      # We can't check inode on Windows
+      File.stat(target.path).ino.should_not == inode
+
+      (File.stat(target.path).mode & 07777).should == 0555
+    end
+
+    it "should use the default permissions if the source file doesn't exist" do
+      new_target = target.path + '.foo'
+      File.should_not be_exist(new_target)
+
+      begin
+        subject.replace_file(new_target, 0555) {|fh| fh.puts "foo" }
+        (File.stat(new_target).mode & 07777).should == 0555
+      ensure
+        File.unlink(new_target) if File.exists?(new_target)
+      end
+    end
+
+    it "should not replace the file if an exception is thrown in the block" do
+      yielded = false
+      threw   = false
+
+      begin
+        subject.replace_file(target.path, 0600) do |fh|
+          yielded = true
+          fh.puts "different content written, then..."
+          raise "...throw some random failure"
+        end
+      rescue Exception => e
+        if e.to_s =~ /some random failure/
+          threw = true
+        else
+          raise
+        end
+      end
+
+      yielded.should be_true
+      threw.should be_true
+
+      # ...and check the replacement was complete.
+      File.read(target.path).should == "hello, world\n"
+    end
+  end
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: puppet
 version: !ruby/object:Gem::Version 
-  hash: 13
+  hash: 11
   prerelease: 
   segments: 
   - 2
   - 6
-  - 13
-  version: 2.6.13
+  - 14
+  version: 2.6.14
 platform: ruby
 authors: 
 - Puppet Labs
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-12-12 00:00:00 Z
+date: 2012-02-22 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: facter
@@ -1296,6 +1296,7 @@ files:
 - spec/unit/type/file_spec.rb
 - spec/unit/type/filebucket_spec.rb
 - spec/unit/type/group_spec.rb
+- spec/unit/type/k5login_spec.rb
 - spec/unit/type/macauthorization_spec.rb
 - spec/unit/type/maillist_spec.rb
 - spec/unit/type/mcx_spec.rb
@@ -1361,6 +1362,7 @@ files:
 - spec/unit/util/user_attr_spec.rb
 - spec/unit/util/warnings_spec.rb
 - spec/unit/util/zaml_spec.rb
+- spec/unit/util_spec.rb
 - bin/puppetca
 - bin/puppetd
 - bin/puppetmasterd