puppet 3.4.1 → 3.4.2

data/ext/redhat/puppet.spec.erb

@@ -253,6 +253,10 @@ cp -pr ext/puppet-nm-dispatcher \
 %defattr(-, puppet, puppet, 0750)
 %{_localstatedir}/log/puppet
 %{_localstatedir}/lib/puppet
+# Return the default attributes to 0755 to
+# prevent incorrect permission assignment on EL6
+%defattr(-, root, root, 0755)
+
 
 %files server
 %defattr(-, root, root, 0755)

data/lib/puppet/defaults.rb

@@ -728,7 +728,7 @@ EOT
       :owner => "service",
       :group => "service",
       :mode => 0660,
-      :desc => "Where the CA stores the password for the private key"
+      :desc => "Where the CA stores the password for the private key."
     },
     :serial => {
       :default => "$cadir/serial",
@@ -792,7 +792,8 @@ EOT
       :mode => 0644,
       :owner => "service",
       :group => "service",
-      :desc => "A Complete listing of all certificates"
+      :desc => "The inventory file. This is a text file to which the CA writes a
+        complete listing of all certificates."
     }
   )
 
@@ -807,7 +808,7 @@ EOT
       :config => {
           :type => :file,
           :default  => "$confdir/${config_file_name}",
-          :desc     => "The configuration file for the current puppet application",
+          :desc     => "The configuration file for the current puppet application.",
       },
       :pidfile => {
           :type => :file,
@@ -846,7 +847,7 @@ EOT
       :default    => "",
       :desc       => "Code to parse directly.  This is essentially only used
       by `puppet`, and should only be set if you're writing your own Puppet
-      executable",
+      executable.",
     },
     :masterlog => {
       :default => "$logdir/puppetmaster.log",
@@ -951,9 +952,19 @@ EOT
       :desc => "The directory in which serialized data is stored, usually in a subdirectory."},
     :reports => {
       :default    => "store",
-      :desc       => "The list of reports to generate.  All reports are looked for
-        in `puppet/reports/name.rb`, and multiple report names should be
-        comma-separated (whitespace is okay).",
+      :desc       => "The list of report handlers to use. When using multiple report handlers,
+        their names should be comma-separated, with whitespace allowed. (For example,
+        `reports = http, tagmail`.)
+
+        This setting is relevant to puppet master and puppet apply. The puppet
+        master will call these report handlers with the reports it receives from
+        agent nodes, and puppet apply will call them with its own report. (In
+        all cases, the node applying the catalog must have `report = true`.)
+
+        See the report reference for information on the built-in report
+        handlers; custom report handlers can also be loaded from modules.
+        (Report handlers are loaded from the lib directory, at
+        `puppet/reports/NAME.rb`.)",
     },
     :reportdir => {
       :default => "$vardir/reports",
@@ -961,12 +972,15 @@ EOT
       :mode => 0750,
       :owner => "service",
       :group => "service",
-      :desc => "The directory in which to store reports
-        received from the client.  Each client gets a separate
-        subdirectory."},
+      :desc => "The directory in which to store reports. Each node gets
+        a separate subdirectory in this directory. This setting is only
+        used when the `store` report processor is enabled (see the
+        `reports` setting)."},
     :reporturl => {
       :default    => "http://localhost:3000/reports/upload",
-      :desc       => "The URL used by the http reports processor to send reports",
+      :desc       => "The URL that reports should be forwarded to. This setting
+        is only used when the `http` report processor is enabled (see the
+        `reports` setting).",
     },
     :fileserverconfig => {
       :default    => "$confdir/fileserver.conf",
@@ -1005,11 +1019,11 @@ EOT
         :default  => "$vardir/devices",
         :type     => :directory,
         :mode     => "750",
-        :desc     => "The root directory of devices' $vardir",
+        :desc     => "The root directory of devices' $vardir.",
     },
     :deviceconfig => {
         :default  => "$confdir/device.conf",
-        :desc     => "Path to the device config file for puppet device",
+        :desc     => "Path to the device config file for puppet device.",
     }
   )
 
@@ -1088,7 +1102,7 @@ EOT
     },
     :server => {
       :default => "puppet",
-      :desc => "The server to which the puppet agent should connect"
+      :desc => "The puppet master server to which the puppet agent should connect."
     },
     :use_srv_records => {
       :default    => false,
@@ -1102,7 +1116,7 @@ EOT
     :ignoreschedules => {
       :default    => false,
       :type       => :boolean,
-    :desc         => "Boolean; whether puppet agent should ignore schedules.  This is useful
+      :desc       => "Boolean; whether puppet agent should ignore schedules.  This is useful
       for initial puppet agent runs.",
     },
     :default_schedules => {
@@ -1118,7 +1132,27 @@ EOT
     :noop => {
       :default    => false,
       :type       => :boolean,
-      :desc       => "Whether puppet agent should be run in noop mode.",
+      :desc       => "Whether to apply catalogs in noop mode, which allows Puppet to
+        partially simulate a normal run. This setting affects puppet agent and
+        puppet apply.
+
+        When running in noop mode, Puppet will check whether each resource is in sync,
+        like it does when running normally. However, if a resource attribute is not in
+        the desired state (as declared in the catalog), Puppet will take no
+        action, and will instead report the changes it _would_ have made. These
+        simulated changes will appear in the report sent to the puppet master, or
+        be shown on the console if running puppet agent or puppet apply in the
+        foreground. The simulated changes will not send refresh events to any
+        subscribing or notified resources, although Puppet will log that a refresh
+        event _would_ have been sent.
+
+        **Important note:**
+        [The `noop` metaparameter](http://docs.puppetlabs.com/references/latest/metaparameter.html#noop)
+        allows you to apply individual resources in noop mode, and will override
+        the global value of the `noop` setting. This means a resource with
+        `noop => false` _will_ be changed if necessary, even when running puppet
+        agent with `noop = true` or `--noop`. (Conversely, a resource with
+        `noop => true` will only be simulated, even when noop mode is globally disabled.)",
     },
     :runinterval => {
       :default  => "30m",

data/lib/puppet/pops/validation/checker3_1.rb

@@ -260,15 +260,12 @@ class Puppet::Pops::Validation::Checker3_1
     top(o.eContainer, o)
   end
 
-  # Asserts that value is a valid QualifiedName. No additional checking is made, objects that use
-  # a QualifiedName as a name should check the validity - this since a QualifiedName is used as a BARE WORD
-  # and then additional chars may be valid (like a hyphen).
+  # No checking takes place - all expressions using a QualifiedName need to check. This because the
+  # rules are slightly different depending on the container (A variable allows a numeric start, but not
+  # other names). This means that (if the lexer/parser so chooses) a QualifiedName
+  # can be anything when it represents a Bare Word and evaluates to a String.
   #
   def check_QualifiedName(o)
-    # Is this a valid qualified name?
-    if o.value !~ Puppet::Pops::Patterns::NAME
-      acceptor.accept(Issues::ILLEGAL_NAME, o, {:name=>o.value})
-    end
   end
 
   # Checks that the value is a valid UpperCaseWord (a CLASSREF), and optionally if it contains a hypen.

data/lib/puppet/settings/autosign_setting.rb

@@ -1,10 +1,12 @@
 require 'puppet/settings/base_setting'
 
-class Puppet::Settings::AutosignSetting < Puppet::Settings::BaseSetting
-
-  def type
-    :autosign
-  end
+# A specialization of the file setting to allow boolean values.
+#
+# The autosign value can be either a boolean or a file path, and if the setting
+# is a file path then it may have a owner/group/mode specified.
+#
+# @api private
+class Puppet::Settings::AutosignSetting < Puppet::Settings::FileSetting
 
   def munge(value)
     if ['true', true].include? value

data/lib/puppet/type.rb

@@ -1199,8 +1199,24 @@ class Type
   ###############################
   # Add all of the meta-parameters.
   newmetaparam(:noop) do
-    desc "Boolean flag indicating whether work should actually
-      be done."
+    desc "Whether to apply this resource in noop mode.
+
+      When applying a resource in noop mode, Puppet will check whether it is in sync,
+      like it does when running normally. However, if a resource attribute is not in
+      the desired state (as declared in the catalog), Puppet will take no
+      action, and will instead report the changes it _would_ have made. These
+      simulated changes will appear in the report sent to the puppet master, or
+      be shown on the console if running puppet agent or puppet apply in the
+      foreground. The simulated changes will not send refresh events to any
+      subscribing or notified resources, although Puppet will log that a refresh
+      event _would_ have been sent.
+
+      **Important note:**
+      [The `noop` setting](http://docs.puppetlabs.com/references/latest/configuration.html#noop)
+      allows you to globally enable or disable noop mode, but it will _not_ override
+      the `noop` metaparameter on individual resources. That is, the value of the
+      global `noop` setting will _only_ affect resources that do not have an explicit
+      value set for their `noop` attribute."
 
     newvalues(:true, :false)
     munge do |value|

data/lib/puppet/type/file.rb

@@ -713,10 +713,8 @@ Puppet::Type.newtype(:file) do
   def write(property)
     remove_existing(:file)
 
-    assumed_default_mode = 0644
-
     mode = self.should(:mode) # might be nil
-    mode_int = mode ? symbolic_mode_to_int(mode, assumed_default_mode) : nil
+    mode_int = mode ? symbolic_mode_to_int(mode, Puppet::Util::DEFAULT_POSIX_MODE) : nil
 
     if write_temporary_file?
       Puppet::Util.replace_file(self[:path], mode_int) do |file|

data/lib/puppet/util.rb

@@ -375,6 +375,10 @@ module Util
   # exist; if the file is present we copy the existing mode/owner/group values
   # across. The default_mode can be expressed as an octal integer, a numeric string (ie '0664')
   # or a symbolic file mode.
+
+  DEFAULT_POSIX_MODE = 0644
+  DEFAULT_WINDOWS_MODE = nil
+
   def replace_file(file, default_mode, &block)
     raise Puppet::DevError, "replace_file requires a block" unless block_given?
 
@@ -384,6 +388,12 @@ module Util
       end
 
       mode = symbolic_mode_to_int(normalize_symbolic_mode(default_mode))
+    else
+      if Puppet.features.microsoft_windows?
+        mode = DEFAULT_WINDOWS_MODE
+      else
+        mode = DEFAULT_POSIX_MODE
+      end
     end
 
     file     = Puppet::FileSystem::File.new(file)

data/lib/puppet/util/autoload.rb

@@ -45,7 +45,7 @@ class Puppet::Util::Autoload
       file, old_mtime = loaded[name]
       return true unless file == get_file(name)
       begin
-        old_mtime != File.mtime(file)
+        old_mtime.to_i != File.mtime(file).to_i
       rescue Errno::ENOENT
         true
       end

data/lib/puppet/version.rb

@@ -7,7 +7,7 @@
 
 
 module Puppet
-  PUPPETVERSION = '3.4.1'
+  PUPPETVERSION = '3.4.2'
 
   ##
   # version is a public API method intended to always provide a fast and

data/spec/integration/util_spec.rb

@@ -58,6 +58,10 @@ describe Puppet::Util do
       :if => Puppet.features.microsoft_windows? do
 
       dir = tmpdir('DACL_playground')
+      protected_sd = Puppet::Util::Windows::Security.get_security_descriptor(dir)
+      protected_sd.protect = true
+      Puppet::Util::Windows::Security.set_security_descriptor(dir, protected_sd)
+
       sibling_path = File.join(dir, 'sibling_file')
       FileUtils.touch(sibling_path)
 

data/spec/unit/pops/validator/validator_spec.rb

@@ -19,11 +19,13 @@ describe "validating 3x" do
   end
 
   it 'should raise error for illegal names' do
+    pending "validation was too strict, now too relaxed - validation missing"
     expect(validate(fqn('Aaa'))).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
     expect(validate(fqn('AAA'))).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
   end
 
   it 'should raise error for illegal variable names' do
+    pending "validation was too strict, now too relaxed - validation missing"
     expect(validate(fqn('Aaa').var())).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
     expect(validate(fqn('AAA').var())).to have_issue(Puppet::Pops::Issues::ILLEGAL_NAME)
   end

data/spec/unit/settings/autosign_setting_spec.rb

@@ -4,10 +4,19 @@ require 'puppet/settings'
 require 'puppet/settings/autosign_setting'
 
 describe Puppet::Settings::AutosignSetting do
-  let(:setting) { described_class.new(:settings => mock('settings'), :desc => "test") }
+  let(:settings) do
+    s = stub('settings')
+    s.stubs(:[]).with(:mkusers).returns true
+    s.stubs(:[]).with(:user).returns 'puppet'
+    s.stubs(:[]).with(:group).returns 'puppet'
+    s.stubs(:[]).with(:manage_internal_file_permissions).returns true
+    s
+  end
+
+  let(:setting) { described_class.new(:name => 'autosign', :section => 'section', :settings => settings, :desc => "test") }
 
-  it "is of type :autosign" do
-    expect(setting.type).to eq :autosign
+  it "is of type :file" do
+    expect(setting.type).to eq :file
   end
 
   describe "when munging the setting" do
@@ -43,4 +52,52 @@ describe Puppet::Settings::AutosignSetting do
       end
     end
   end
+
+  describe "setting additional setting values" do
+    it "can set the file mode" do
+      setting.mode = '0664'
+      expect(setting.mode).to eq '0664'
+    end
+
+    it "can set the file owner" do
+      setting.owner = 'service'
+      expect(setting.owner).to eq 'puppet'
+    end
+
+    it "can set the file group" do
+      setting.group = 'service'
+      expect(setting.group).to eq 'puppet'
+    end
+  end
+
+  describe "converting the setting to a resource" do
+    it "converts the file path to a file resource" do
+      path = File.expand_path('/path/to/autosign.conf')
+      settings.stubs(:value).with('autosign').returns(path)
+      Puppet::FileSystem::File.stubs(:exist?).with(path).returns true
+      Puppet.stubs(:features).returns(stub(:root? => true, :microsoft_windows? => false))
+
+      setting.mode = '0664'
+      setting.owner = 'service'
+      setting.group = 'service'
+
+      resource = setting.to_resource
+
+      expect(resource.title).to eq path
+      expect(resource[:ensure]).to eq :file
+      expect(resource[:mode]).to eq '664'
+      expect(resource[:owner]).to eq 'puppet'
+      expect(resource[:group]).to eq 'puppet'
+    end
+
+    it "returns nil when the setting is a boolean" do
+      settings.stubs(:value).with('autosign').returns 'true'
+
+      setting.mode = '0664'
+      setting.owner = 'service'
+      setting.group = 'service'
+
+      expect(setting.to_resource).to be_nil
+    end
+  end
 end

data/spec/unit/type/file_spec.rb

@@ -1093,6 +1093,73 @@ describe Puppet::Type.type(:file) do
         expect { file.write :NOTUSED }.to_not raise_error
       end
     end
+
+    describe "when resource mode is supplied" do
+      before { file.stubs(:property_fix) }
+
+      context "and writing temporary files" do
+        before { file.stubs(:write_temporary_file?).returns(true) }
+
+        it "should convert symbolic mode to int" do
+          file[:mode] = 'oga=r'
+          Puppet::Util.expects(:replace_file).with(file[:path], 0444)
+          file.write :NOTUSED
+        end
+
+        it "should support int modes" do
+          file[:mode] = '0444'
+          Puppet::Util.expects(:replace_file).with(file[:path], 0444)
+          file.write :NOTUSED
+        end
+      end
+
+      context "and not writing temporary files" do
+        before { file.stubs(:write_temporary_file?).returns(false) }
+
+        it "should set a umask of 0" do
+          file[:mode] = 'oga=r'
+          Puppet::Util.expects(:withumask).with(0)
+          file.write :NOTUSED
+        end
+
+        it "should convert symbolic mode to int" do
+          file[:mode] = 'oga=r'
+          File.expects(:open).with(file[:path], anything, 0444)
+          file.write :NOTUSED
+        end
+
+        it "should support int modes" do
+          file[:mode] = '0444'
+          File.expects(:open).with(file[:path], anything, 0444)
+          file.write :NOTUSED
+        end
+      end
+    end
+
+    describe "when resource mode is not supplied" do
+      context "and content is supplied" do
+        it "should default to 0644 mode" do
+          file = described_class.new(:path => path, :content => "file content")
+
+          file.write :NOTUSED
+
+          expect(File.stat(file[:path]).mode & 0777).to eq(0644)
+        end
+      end
+
+      context "and no content is supplied" do
+        it "should use puppet's default umask of 022" do
+          file = described_class.new(:path => path)
+
+          umask_from_the_user = 0777
+          Puppet::Util.withumask(umask_from_the_user) do
+            file.write :NOTUSED
+          end
+
+          expect(File.stat(file[:path]).mode & 0777).to eq(0644)
+        end
+      end
+    end
   end
 
   describe "#fail_if_checksum_is_wrong" do

metadata

@@ -1,18 +1,20 @@
 --- !ruby/object:Gem::Specification
 name: puppet
 version: !ruby/object:Gem::Version
-  version: 3.4.1
+  version: 3.4.2
+  prerelease: 
 platform: ruby
 authors:
 - Puppet Labs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-26 00:00:00.000000000 Z
+date: 2014-01-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: facter
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -20,6 +22,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -27,6 +30,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: hiera
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -34,6 +38,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -41,6 +46,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rgen
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -48,6 +54,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -2195,7 +2202,6 @@ files:
 - spec/watchr.rb
 homepage: https://github.com/puppetlabs/puppet
 licenses: []
-metadata: {}
 post_install_message: 
 rdoc_options:
 - --title
@@ -2206,20 +2212,22 @@ rdoc_options:
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
-  - - '>='
+  - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
-  - - '>='
+  - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: puppet
-rubygems_version: 2.0.3
+rubygems_version: 1.8.23
 signing_key: 
-specification_version: 4
+specification_version: 3
 summary: Puppet, an automated configuration management tool
 test_files:
 - spec/fixtures/faulty_face/puppet/face/syntax.rb

checksums.yaml

@@ -1,7 +0,0 @@
----
-SHA1:
-  metadata.gz: 68668528e38b1e5f1736b47b3afcb517372ced94
-  data.tar.gz: ff046f6e2a601f59700bbbadf2589be1e6917dcd
-SHA512:
-  metadata.gz: 55b1ffdca0b53888d129366a1932874bc5749dbcc429512c75ed647d42e8312bc5a947b817bed4f26db182e972f0d8cf19d578ff7fc5c368936cc163a2226507
-  data.tar.gz: c38f970a8be8e4c65d9d1015eae0e5a605bf5d2ed6fbeb07cfd206185b73b282c96836051d96d0115319828f0e76df2fb7a26f946efc9f45b72e3443c2bcb04b