puppet 3.4.1 → 3.4.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

@@ -253,6 +253,10 @@ cp -pr ext/puppet-nm-dispatcher \
253
253
  %defattr(-, puppet, puppet, 0750)
254
254
  %{_localstatedir}/log/puppet
255
255
  %{_localstatedir}/lib/puppet
256
+ # Return the default attributes to 0755 to
257
+ # prevent incorrect permission assignment on EL6
258
+ %defattr(-, root, root, 0755)
259
+
256
260
 
257
261
  %files server
258
262
  %defattr(-, root, root, 0755)
@@ -728,7 +728,7 @@ EOT
728
728
  :owner => "service",
729
729
  :group => "service",
730
730
  :mode => 0660,
731
- :desc => "Where the CA stores the password for the private key"
731
+ :desc => "Where the CA stores the password for the private key."
732
732
  },
733
733
  :serial => {
734
734
  :default => "$cadir/serial",
@@ -792,7 +792,8 @@ EOT
792
792
  :mode => 0644,
793
793
  :owner => "service",
794
794
  :group => "service",
795
- :desc => "A Complete listing of all certificates"
795
+ :desc => "The inventory file. This is a text file to which the CA writes a
796
+ complete listing of all certificates."
796
797
  }
797
798
  )
798
799
 
@@ -807,7 +808,7 @@ EOT
807
808
  :config => {
808
809
  :type => :file,
809
810
  :default => "$confdir/${config_file_name}",
810
- :desc => "The configuration file for the current puppet application",
811
+ :desc => "The configuration file for the current puppet application.",
811
812
  },
812
813
  :pidfile => {
813
814
  :type => :file,
@@ -846,7 +847,7 @@ EOT
846
847
  :default => "",
847
848
  :desc => "Code to parse directly. This is essentially only used
848
849
  by `puppet`, and should only be set if you're writing your own Puppet
849
- executable",
850
+ executable.",
850
851
  },
851
852
  :masterlog => {
852
853
  :default => "$logdir/puppetmaster.log",
@@ -951,9 +952,19 @@ EOT
951
952
  :desc => "The directory in which serialized data is stored, usually in a subdirectory."},
952
953
  :reports => {
953
954
  :default => "store",
954
- :desc => "The list of reports to generate. All reports are looked for
955
- in `puppet/reports/name.rb`, and multiple report names should be
956
- comma-separated (whitespace is okay).",
955
+ :desc => "The list of report handlers to use. When using multiple report handlers,
956
+ their names should be comma-separated, with whitespace allowed. (For example,
957
+ `reports = http, tagmail`.)
958
+
959
+ This setting is relevant to puppet master and puppet apply. The puppet
960
+ master will call these report handlers with the reports it receives from
961
+ agent nodes, and puppet apply will call them with its own report. (In
962
+ all cases, the node applying the catalog must have `report = true`.)
963
+
964
+ See the report reference for information on the built-in report
965
+ handlers; custom report handlers can also be loaded from modules.
966
+ (Report handlers are loaded from the lib directory, at
967
+ `puppet/reports/NAME.rb`.)",
957
968
  },
958
969
  :reportdir => {
959
970
  :default => "$vardir/reports",
@@ -961,12 +972,15 @@ EOT
961
972
  :mode => 0750,
962
973
  :owner => "service",
963
974
  :group => "service",
964
- :desc => "The directory in which to store reports
965
- received from the client. Each client gets a separate
966
- subdirectory."},
975
+ :desc => "The directory in which to store reports. Each node gets
976
+ a separate subdirectory in this directory. This setting is only
977
+ used when the `store` report processor is enabled (see the
978
+ `reports` setting)."},
967
979
  :reporturl => {
968
980
  :default => "http://localhost:3000/reports/upload",
969
- :desc => "The URL used by the http reports processor to send reports",
981
+ :desc => "The URL that reports should be forwarded to. This setting
982
+ is only used when the `http` report processor is enabled (see the
983
+ `reports` setting).",
970
984
  },
971
985
  :fileserverconfig => {
972
986
  :default => "$confdir/fileserver.conf",
@@ -1005,11 +1019,11 @@ EOT
1005
1019
  :default => "$vardir/devices",
1006
1020
  :type => :directory,
1007
1021
  :mode => "750",
1008
- :desc => "The root directory of devices' $vardir",
1022
+ :desc => "The root directory of devices' $vardir.",
1009
1023
  },
1010
1024
  :deviceconfig => {
1011
1025
  :default => "$confdir/device.conf",
1012
- :desc => "Path to the device config file for puppet device",
1026
+ :desc => "Path to the device config file for puppet device.",
1013
1027
  }
1014
1028
  )
1015
1029
 
@@ -1088,7 +1102,7 @@ EOT
1088
1102
  },
1089
1103
  :server => {
1090
1104
  :default => "puppet",
1091
- :desc => "The server to which the puppet agent should connect"
1105
+ :desc => "The puppet master server to which the puppet agent should connect."
1092
1106
  },
1093
1107
  :use_srv_records => {
1094
1108
  :default => false,
@@ -1102,7 +1116,7 @@ EOT
1102
1116
  :ignoreschedules => {
1103
1117
  :default => false,
1104
1118
  :type => :boolean,
1105
- :desc => "Boolean; whether puppet agent should ignore schedules. This is useful
1119
+ :desc => "Boolean; whether puppet agent should ignore schedules. This is useful
1106
1120
  for initial puppet agent runs.",
1107
1121
  },
1108
1122
  :default_schedules => {
@@ -1118,7 +1132,27 @@ EOT
1118
1132
  :noop => {
1119
1133
  :default => false,
1120
1134
  :type => :boolean,
1121
- :desc => "Whether puppet agent should be run in noop mode.",
1135
+ :desc => "Whether to apply catalogs in noop mode, which allows Puppet to
1136
+ partially simulate a normal run. This setting affects puppet agent and
1137
+ puppet apply.
1138
+
1139
+ When running in noop mode, Puppet will check whether each resource is in sync,
1140
+ like it does when running normally. However, if a resource attribute is not in
1141
+ the desired state (as declared in the catalog), Puppet will take no
1142
+ action, and will instead report the changes it _would_ have made. These
1143
+ simulated changes will appear in the report sent to the puppet master, or
1144
+ be shown on the console if running puppet agent or puppet apply in the
1145
+ foreground. The simulated changes will not send refresh events to any
1146
+ subscribing or notified resources, although Puppet will log that a refresh
1147
+ event _would_ have been sent.
1148
+
1149
+ **Important note:**
1150
+ [The `noop` metaparameter](http://docs.puppetlabs.com/references/latest/metaparameter.html#noop)
1151
+ allows you to apply individual resources in noop mode, and will override
1152
+ the global value of the `noop` setting. This means a resource with
1153
+ `noop => false` _will_ be changed if necessary, even when running puppet
1154
+ agent with `noop = true` or `--noop`. (Conversely, a resource with
1155
+ `noop => true` will only be simulated, even when noop mode is globally disabled.)",
1122
1156
  },
1123
1157
  :runinterval => {
1124
1158
  :default => "30m",
@@ -260,15 +260,12 @@ class Puppet::Pops::Validation::Checker3_1
260
260
  top(o.eContainer, o)
261
261
  end
262
262
 
263
- # Asserts that value is a valid QualifiedName. No additional checking is made, objects that use
264
- # a QualifiedName as a name should check the validity - this since a QualifiedName is used as a BARE WORD
265
- # and then additional chars may be valid (like a hyphen).
263
+ # No checking takes place - all expressions using a QualifiedName need to check. This because the
264
+ # rules are slightly different depending on the container (A variable allows a numeric start, but not
265
+ # other names). This means that (if the lexer/parser so chooses) a QualifiedName
266
+ # can be anything when it represents a Bare Word and evaluates to a String.
266
267
  #
267
268
  def check_QualifiedName(o)
268
- # Is this a valid qualified name?
269
- if o.value !~ Puppet::Pops::Patterns::NAME
270
- acceptor.accept(Issues::ILLEGAL_NAME, o, {:name=>o.value})
271
- end
272
269
  end
273
270
 
274
271
  # Checks that the value is a valid UpperCaseWord (a CLASSREF), and optionally if it contains a hypen.
@@ -1,10 +1,12 @@
1
1
  require 'puppet/settings/base_setting'
2
2
 
3
- class Puppet::Settings::AutosignSetting < Puppet::Settings::BaseSetting
4
-
5
- def type
6
- :autosign
7
- end
3
+ # A specialization of the file setting to allow boolean values.
4
+ #
5
+ # The autosign value can be either a boolean or a file path, and if the setting
6
+ # is a file path then it may have a owner/group/mode specified.
7
+ #
8
+ # @api private
9
+ class Puppet::Settings::AutosignSetting < Puppet::Settings::FileSetting
8
10
 
9
11
  def munge(value)
10
12
  if ['true', true].include? value
@@ -1199,8 +1199,24 @@ class Type
1199
1199
  ###############################
1200
1200
  # Add all of the meta-parameters.
1201
1201
  newmetaparam(:noop) do
1202
- desc "Boolean flag indicating whether work should actually
1203
- be done."
1202
+ desc "Whether to apply this resource in noop mode.
1203
+
1204
+ When applying a resource in noop mode, Puppet will check whether it is in sync,
1205
+ like it does when running normally. However, if a resource attribute is not in
1206
+ the desired state (as declared in the catalog), Puppet will take no
1207
+ action, and will instead report the changes it _would_ have made. These
1208
+ simulated changes will appear in the report sent to the puppet master, or
1209
+ be shown on the console if running puppet agent or puppet apply in the
1210
+ foreground. The simulated changes will not send refresh events to any
1211
+ subscribing or notified resources, although Puppet will log that a refresh
1212
+ event _would_ have been sent.
1213
+
1214
+ **Important note:**
1215
+ [The `noop` setting](http://docs.puppetlabs.com/references/latest/configuration.html#noop)
1216
+ allows you to globally enable or disable noop mode, but it will _not_ override
1217
+ the `noop` metaparameter on individual resources. That is, the value of the
1218
+ global `noop` setting will _only_ affect resources that do not have an explicit
1219
+ value set for their `noop` attribute."
1204
1220
 
1205
1221
  newvalues(:true, :false)
1206
1222
  munge do |value|
@@ -713,10 +713,8 @@ Puppet::Type.newtype(:file) do
713
713
  def write(property)
714
714
  remove_existing(:file)
715
715
 
716
- assumed_default_mode = 0644
717
-
718
716
  mode = self.should(:mode) # might be nil
719
- mode_int = mode ? symbolic_mode_to_int(mode, assumed_default_mode) : nil
717
+ mode_int = mode ? symbolic_mode_to_int(mode, Puppet::Util::DEFAULT_POSIX_MODE) : nil
720
718
 
721
719
  if write_temporary_file?
722
720
  Puppet::Util.replace_file(self[:path], mode_int) do |file|
@@ -375,6 +375,10 @@ module Util
375
375
  # exist; if the file is present we copy the existing mode/owner/group values
376
376
  # across. The default_mode can be expressed as an octal integer, a numeric string (ie '0664')
377
377
  # or a symbolic file mode.
378
+
379
+ DEFAULT_POSIX_MODE = 0644
380
+ DEFAULT_WINDOWS_MODE = nil
381
+
378
382
  def replace_file(file, default_mode, &block)
379
383
  raise Puppet::DevError, "replace_file requires a block" unless block_given?
380
384
 
@@ -384,6 +388,12 @@ module Util
384
388
  end
385
389
 
386
390
  mode = symbolic_mode_to_int(normalize_symbolic_mode(default_mode))
391
+ else
392
+ if Puppet.features.microsoft_windows?
393
+ mode = DEFAULT_WINDOWS_MODE
394
+ else
395
+ mode = DEFAULT_POSIX_MODE
396
+ end
387
397
  end
388
398
 
389
399
  file = Puppet::FileSystem::File.new(file)
@@ -45,7 +45,7 @@ class Puppet::Util::Autoload
45
45
  file, old_mtime = loaded[name]
46
46
  return true unless file == get_file(name)
47
47
  begin
48
- old_mtime != File.mtime(file)
48
+ old_mtime.to_i != File.mtime(file).to_i
49
49
  rescue Errno::ENOENT
50
50
  true
51
51
  end
@@ -7,7 +7,7 @@
7
7
 
8
8
 
9
9
  module Puppet
10
- PUPPETVERSION = '3.4.1'
10
+ PUPPETVERSION = '3.4.2'
11
11
 
12
12
  ##
13
13
  # version is a public API method intended to always provide a fast and
@@ -58,6 +58,10 @@ describe Puppet::Util do
58
58
  :if => Puppet.features.microsoft_windows? do
59
59
 
60
60
  dir = tmpdir('DACL_playground')
61
+ protected_sd = Puppet::Util::Windows::Security.get_security_descriptor(dir)
62
+ protected_sd.protect = true
63
+ Puppet::Util::Windows::Security.set_security_descriptor(dir, protected_sd)
64
+
61
65
  sibling_path = File.join(dir, 'sibling_file')
62
66
  FileUtils.touch(sibling_path)
63
67
 
@@ -19,11 +19,13 @@ describe "validating 3x" do
19
19
  end
20
20
 
21
21
  it 'should raise error for illegal names' do
22
+ pending "validation was too strict, now too relaxed - validation missing"
22
23
  expect(validate(fqn('Aaa'))).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
23
24
  expect(validate(fqn('AAA'))).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
24
25
  end
25
26
 
26
27
  it 'should raise error for illegal variable names' do
28
+ pending "validation was too strict, now too relaxed - validation missing"
27
29
  expect(validate(fqn('Aaa').var())).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
28
30
  expect(validate(fqn('AAA').var())).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
29
31
  end
@@ -4,10 +4,19 @@ require 'puppet/settings'
4
4
  require 'puppet/settings/autosign_setting'
5
5
 
6
6
  describe Puppet::Settings::AutosignSetting do
7
- let(:setting) { described_class.new(:settings => mock('settings'), :desc => "test") }
7
+ let(:settings) do
8
+ s = stub('settings')
9
+ s.stubs(:[]).with(:mkusers).returns true
10
+ s.stubs(:[]).with(:user).returns 'puppet'
11
+ s.stubs(:[]).with(:group).returns 'puppet'
12
+ s.stubs(:[]).with(:manage_internal_file_permissions).returns true
13
+ s
14
+ end
15
+
16
+ let(:setting) { described_class.new(:name => 'autosign', :section => 'section', :settings => settings, :desc => "test") }
8
17
 
9
- it "is of type :autosign" do
10
- expect(setting.type).to eq :autosign
18
+ it "is of type :file" do
19
+ expect(setting.type).to eq :file
11
20
  end
12
21
 
13
22
  describe "when munging the setting" do
@@ -43,4 +52,52 @@ describe Puppet::Settings::AutosignSetting do
43
52
  end
44
53
  end
45
54
  end
55
+
56
+ describe "setting additional setting values" do
57
+ it "can set the file mode" do
58
+ setting.mode = '0664'
59
+ expect(setting.mode).to eq '0664'
60
+ end
61
+
62
+ it "can set the file owner" do
63
+ setting.owner = 'service'
64
+ expect(setting.owner).to eq 'puppet'
65
+ end
66
+
67
+ it "can set the file group" do
68
+ setting.group = 'service'
69
+ expect(setting.group).to eq 'puppet'
70
+ end
71
+ end
72
+
73
+ describe "converting the setting to a resource" do
74
+ it "converts the file path to a file resource" do
75
+ path = File.expand_path('/path/to/autosign.conf')
76
+ settings.stubs(:value).with('autosign').returns(path)
77
+ Puppet::FileSystem::File.stubs(:exist?).with(path).returns true
78
+ Puppet.stubs(:features).returns(stub(:root? => true, :microsoft_windows? => false))
79
+
80
+ setting.mode = '0664'
81
+ setting.owner = 'service'
82
+ setting.group = 'service'
83
+
84
+ resource = setting.to_resource
85
+
86
+ expect(resource.title).to eq path
87
+ expect(resource[:ensure]).to eq :file
88
+ expect(resource[:mode]).to eq '664'
89
+ expect(resource[:owner]).to eq 'puppet'
90
+ expect(resource[:group]).to eq 'puppet'
91
+ end
92
+
93
+ it "returns nil when the setting is a boolean" do
94
+ settings.stubs(:value).with('autosign').returns 'true'
95
+
96
+ setting.mode = '0664'
97
+ setting.owner = 'service'
98
+ setting.group = 'service'
99
+
100
+ expect(setting.to_resource).to be_nil
101
+ end
102
+ end
46
103
  end
@@ -1093,6 +1093,73 @@ describe Puppet::Type.type(:file) do
1093
1093
  expect { file.write :NOTUSED }.to_not raise_error
1094
1094
  end
1095
1095
  end
1096
+
1097
+ describe "when resource mode is supplied" do
1098
+ before { file.stubs(:property_fix) }
1099
+
1100
+ context "and writing temporary files" do
1101
+ before { file.stubs(:write_temporary_file?).returns(true) }
1102
+
1103
+ it "should convert symbolic mode to int" do
1104
+ file[:mode] = 'oga=r'
1105
+ Puppet::Util.expects(:replace_file).with(file[:path], 0444)
1106
+ file.write :NOTUSED
1107
+ end
1108
+
1109
+ it "should support int modes" do
1110
+ file[:mode] = '0444'
1111
+ Puppet::Util.expects(:replace_file).with(file[:path], 0444)
1112
+ file.write :NOTUSED
1113
+ end
1114
+ end
1115
+
1116
+ context "and not writing temporary files" do
1117
+ before { file.stubs(:write_temporary_file?).returns(false) }
1118
+
1119
+ it "should set a umask of 0" do
1120
+ file[:mode] = 'oga=r'
1121
+ Puppet::Util.expects(:withumask).with(0)
1122
+ file.write :NOTUSED
1123
+ end
1124
+
1125
+ it "should convert symbolic mode to int" do
1126
+ file[:mode] = 'oga=r'
1127
+ File.expects(:open).with(file[:path], anything, 0444)
1128
+ file.write :NOTUSED
1129
+ end
1130
+
1131
+ it "should support int modes" do
1132
+ file[:mode] = '0444'
1133
+ File.expects(:open).with(file[:path], anything, 0444)
1134
+ file.write :NOTUSED
1135
+ end
1136
+ end
1137
+ end
1138
+
1139
+ describe "when resource mode is not supplied" do
1140
+ context "and content is supplied" do
1141
+ it "should default to 0644 mode" do
1142
+ file = described_class.new(:path => path, :content => "file content")
1143
+
1144
+ file.write :NOTUSED
1145
+
1146
+ expect(File.stat(file[:path]).mode & 0777).to eq(0644)
1147
+ end
1148
+ end
1149
+
1150
+ context "and no content is supplied" do
1151
+ it "should use puppet's default umask of 022" do
1152
+ file = described_class.new(:path => path)
1153
+
1154
+ umask_from_the_user = 0777
1155
+ Puppet::Util.withumask(umask_from_the_user) do
1156
+ file.write :NOTUSED
1157
+ end
1158
+
1159
+ expect(File.stat(file[:path]).mode & 0777).to eq(0644)
1160
+ end
1161
+ end
1162
+ end
1096
1163
  end
1097
1164
 
1098
1165
  describe "#fail_if_checksum_is_wrong" do
metadata CHANGED
@@ -1,18 +1,20 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppet
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.1
4
+ version: 3.4.2
5
+ prerelease:
5
6
  platform: ruby
6
7
  authors:
7
8
  - Puppet Labs
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2013-12-26 00:00:00.000000000 Z
12
+ date: 2014-01-06 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: facter
15
16
  requirement: !ruby/object:Gem::Requirement
17
+ none: false
16
18
  requirements:
17
19
  - - ~>
18
20
  - !ruby/object:Gem::Version
@@ -20,6 +22,7 @@ dependencies:
20
22
  type: :runtime
21
23
  prerelease: false
22
24
  version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
23
26
  requirements:
24
27
  - - ~>
25
28
  - !ruby/object:Gem::Version
@@ -27,6 +30,7 @@ dependencies:
27
30
  - !ruby/object:Gem::Dependency
28
31
  name: hiera
29
32
  requirement: !ruby/object:Gem::Requirement
33
+ none: false
30
34
  requirements:
31
35
  - - ~>
32
36
  - !ruby/object:Gem::Version
@@ -34,6 +38,7 @@ dependencies:
34
38
  type: :runtime
35
39
  prerelease: false
36
40
  version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
37
42
  requirements:
38
43
  - - ~>
39
44
  - !ruby/object:Gem::Version
@@ -41,6 +46,7 @@ dependencies:
41
46
  - !ruby/object:Gem::Dependency
42
47
  name: rgen
43
48
  requirement: !ruby/object:Gem::Requirement
49
+ none: false
44
50
  requirements:
45
51
  - - ~>
46
52
  - !ruby/object:Gem::Version
@@ -48,6 +54,7 @@ dependencies:
48
54
  type: :runtime
49
55
  prerelease: false
50
56
  version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
51
58
  requirements:
52
59
  - - ~>
53
60
  - !ruby/object:Gem::Version
@@ -2195,7 +2202,6 @@ files:
2195
2202
  - spec/watchr.rb
2196
2203
  homepage: https://github.com/puppetlabs/puppet
2197
2204
  licenses: []
2198
- metadata: {}
2199
2205
  post_install_message:
2200
2206
  rdoc_options:
2201
2207
  - --title
@@ -2206,20 +2212,22 @@ rdoc_options:
2206
2212
  require_paths:
2207
2213
  - lib
2208
2214
  required_ruby_version: !ruby/object:Gem::Requirement
2215
+ none: false
2209
2216
  requirements:
2210
- - - '>='
2217
+ - - ! '>='
2211
2218
  - !ruby/object:Gem::Version
2212
2219
  version: '0'
2213
2220
  required_rubygems_version: !ruby/object:Gem::Requirement
2221
+ none: false
2214
2222
  requirements:
2215
- - - '>='
2223
+ - - ! '>='
2216
2224
  - !ruby/object:Gem::Version
2217
2225
  version: '0'
2218
2226
  requirements: []
2219
2227
  rubyforge_project: puppet
2220
- rubygems_version: 2.0.3
2228
+ rubygems_version: 1.8.23
2221
2229
  signing_key:
2222
- specification_version: 4
2230
+ specification_version: 3
2223
2231
  summary: Puppet, an automated configuration management tool
2224
2232
  test_files:
2225
2233
  - spec/fixtures/faulty_face/puppet/face/syntax.rb
checksums.yaml DELETED
@@ -1,7 +0,0 @@
1
- ---
2
- SHA1:
3
- metadata.gz: 68668528e38b1e5f1736b47b3afcb517372ced94
4
- data.tar.gz: ff046f6e2a601f59700bbbadf2589be1e6917dcd
5
- SHA512:
6
- metadata.gz: 55b1ffdca0b53888d129366a1932874bc5749dbcc429512c75ed647d42e8312bc5a947b817bed4f26db182e972f0d8cf19d578ff7fc5c368936cc163a2226507
7
- data.tar.gz: c38f970a8be8e4c65d9d1015eae0e5a605bf5d2ed6fbeb07cfd206185b73b282c96836051d96d0115319828f0e76df2fb7a26f946efc9f45b72e3443c2bcb04b