puppet 5.5.19-universal-darwin → 5.5.20-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (68) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +11 -11
  3. data/lib/puppet/agent.rb +2 -10
  4. data/lib/puppet/functions/reduce.rb +2 -4
  5. data/lib/puppet/provider/group/windows_adsi.rb +3 -3
  6. data/lib/puppet/provider/package/aix.rb +17 -2
  7. data/lib/puppet/provider/package/dnfmodule.rb +39 -12
  8. data/lib/puppet/provider/package/pkgdmg.rb +1 -1
  9. data/lib/puppet/provider/package/pkgng.rb +16 -4
  10. data/lib/puppet/provider/package/yum.rb +18 -15
  11. data/lib/puppet/provider/selmodule/semodule.rb +43 -26
  12. data/lib/puppet/provider/service/systemd.rb +1 -1
  13. data/lib/puppet/type/package.rb +20 -0
  14. data/lib/puppet/util/pidlock.rb +12 -6
  15. data/lib/puppet/util/windows/adsi.rb +2 -2
  16. data/lib/puppet/util/windows/process.rb +16 -15
  17. data/lib/puppet/util/windows/security.rb +1 -0
  18. data/lib/puppet/util/windows/sid.rb +3 -3
  19. data/lib/puppet/version.rb +1 -1
  20. data/locales/puppet.pot +103 -95
  21. data/man/man5/puppet.conf.5 +2 -2
  22. data/man/man8/puppet-agent.8 +1 -1
  23. data/man/man8/puppet-apply.8 +1 -1
  24. data/man/man8/puppet-ca.8 +1 -1
  25. data/man/man8/puppet-catalog.8 +1 -1
  26. data/man/man8/puppet-cert.8 +1 -1
  27. data/man/man8/puppet-certificate.8 +1 -1
  28. data/man/man8/puppet-certificate_request.8 +1 -1
  29. data/man/man8/puppet-certificate_revocation_list.8 +1 -1
  30. data/man/man8/puppet-config.8 +1 -1
  31. data/man/man8/puppet-describe.8 +1 -1
  32. data/man/man8/puppet-device.8 +1 -1
  33. data/man/man8/puppet-doc.8 +1 -1
  34. data/man/man8/puppet-epp.8 +1 -1
  35. data/man/man8/puppet-facts.8 +1 -1
  36. data/man/man8/puppet-filebucket.8 +1 -1
  37. data/man/man8/puppet-generate.8 +1 -1
  38. data/man/man8/puppet-help.8 +1 -1
  39. data/man/man8/puppet-key.8 +1 -1
  40. data/man/man8/puppet-lookup.8 +1 -1
  41. data/man/man8/puppet-man.8 +1 -1
  42. data/man/man8/puppet-master.8 +1 -1
  43. data/man/man8/puppet-module.8 +1 -1
  44. data/man/man8/puppet-node.8 +1 -1
  45. data/man/man8/puppet-parser.8 +1 -1
  46. data/man/man8/puppet-plugin.8 +1 -1
  47. data/man/man8/puppet-report.8 +1 -1
  48. data/man/man8/puppet-resource.8 +1 -1
  49. data/man/man8/puppet-script.8 +1 -1
  50. data/man/man8/puppet-status.8 +1 -1
  51. data/man/man8/puppet.8 +2 -2
  52. data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list-enabled.txt} +2 -0
  53. data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
  54. data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
  55. data/spec/integration/util/windows/adsi_spec.rb +1 -1
  56. data/spec/unit/agent_spec.rb +33 -25
  57. data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
  58. data/spec/unit/provider/package/aix_spec.rb +29 -0
  59. data/spec/unit/provider/package/dnfmodule_spec.rb +33 -14
  60. data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
  61. data/spec/unit/provider/package/pkgng_spec.rb +36 -0
  62. data/spec/unit/provider/package/yum_spec.rb +10 -1
  63. data/spec/unit/provider/selmodule_spec.rb +118 -47
  64. data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
  65. data/spec/unit/util/pidlock_spec.rb +67 -40
  66. data/spec/unit/util/windows/adsi_spec.rb +4 -4
  67. data/spec/unit/util/windows/sid_spec.rb +2 -2
  68. metadata +6 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 886eab65d19da9d2b032015657a9d5eeed0d4642b9b9e87ccf5b5618566f4a5f
4
- data.tar.gz: 71c5e9e53a6c77b5c7e42ede06f3e8b0f1b2b57a0c287726833f9511b678bf42
3
+ metadata.gz: 2468e46620f6d632763321b1949e7ab0396706e8ed2eeaf0e644291472ed3570
4
+ data.tar.gz: 25f4f7abae50f5ed3ece15ff60ee00eba8caa6a67f89a19de184da4e9e957c2e
5
5
  SHA512:
6
- metadata.gz: c799d5afb37612b7e60c73a8130698520a3bfd58cdf42b11142c2ffbdafc4c1907580289af17d7fcf5b2f5b4671fa25184abbc9c2b4bedd6e80a5e5f5910da2d
7
- data.tar.gz: 2b4e44e6b9471224d7d09dc92b86af92945fd9fad70c98ea2a4690aa9f1e2700955b7d54e88808beb48593b62059a2dea20029222e635ad10515d53e67d8e416
6
+ metadata.gz: 4e12f135ccc92a539d90c9e6720b5ae1976ae27631e1f9d16ea571434f38a74302f499518a86d7a82395e2dbba9368b6c434d6483b55d3730f75a1c644a2708b
7
+ data.tar.gz: 7c5f66c8789d30591f0a4f9bb93e75490bee91fab3896090bf6af2131fa8ce407e59d34aadf1a62c322be91942c26075bdeee3b063cdf4556e8229b4a5e137da
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- puppet (5.5.19)
4
+ puppet (5.5.20)
5
5
  CFPropertyList (~> 2.2)
6
6
  facter (>= 2.4.0, < 4)
7
7
  fast_gettext (~> 1.1.2)
@@ -46,25 +46,25 @@ GEM
46
46
  addressable (>= 2.4)
47
47
  locale (2.1.3)
48
48
  memory_profiler (0.9.14)
49
- method_source (0.9.2)
49
+ method_source (1.0.0)
50
50
  mocha (1.11.2)
51
51
  msgpack (1.3.3)
52
52
  multi_json (1.14.1)
53
53
  mustache (1.1.1)
54
54
  net-ssh (4.2.0)
55
- optimist (3.0.0)
56
- packaging (0.99.58)
55
+ optimist (3.0.1)
56
+ packaging (0.99.61)
57
57
  artifactory (~> 2)
58
58
  rake (>= 12.3)
59
59
  release-metrics
60
60
  parallel (1.19.1)
61
- parser (2.7.0.4)
61
+ parser (2.7.1.1)
62
62
  ast (~> 2.4.0)
63
63
  pathspec (0.2.1)
64
64
  powerpack (0.1.2)
65
- pry (0.12.2)
66
- coderay (~> 1.1.0)
67
- method_source (~> 0.9.0)
65
+ pry (0.13.1)
66
+ coderay (~> 1.1)
67
+ method_source (~> 1.0)
68
68
  puppet-lint (2.4.2)
69
69
  puppet-syntax (2.6.1)
70
70
  puppet (>= 5)
@@ -97,7 +97,7 @@ GEM
97
97
  rspec-expectations (>= 2.99.0.beta1)
98
98
  rspec-core (3.9.1)
99
99
  rspec-support (~> 3.9.1)
100
- rspec-expectations (3.9.0)
100
+ rspec-expectations (3.9.1)
101
101
  diff-lcs (>= 1.2.0, < 2.0)
102
102
  rspec-support (~> 3.9.0)
103
103
  rspec-its (1.3.0)
@@ -120,11 +120,11 @@ GEM
120
120
  unicode-display_width (~> 1.0, >= 1.0.1)
121
121
  rubocop-i18n (1.2.0)
122
122
  rubocop (~> 0.49.0)
123
- ruby-prof (1.3.0)
123
+ ruby-prof (1.3.2)
124
124
  ruby-progressbar (1.10.1)
125
125
  safe_yaml (1.0.5)
126
126
  text (1.3.1)
127
- unicode-display_width (1.6.1)
127
+ unicode-display_width (1.7.0)
128
128
  vcr (2.9.3)
129
129
  webmock (1.24.6)
130
130
  addressable (>= 2.3.6)
@@ -95,11 +95,9 @@ class Puppet::Agent
95
95
  atForkHandler.child
96
96
  $0 = _("puppet agent: applying configuration")
97
97
  begin
98
- exit(yield)
99
- rescue SystemExit
100
- exit(-1)
98
+ exit(yield || 1)
101
99
  rescue NoMemoryError
102
- exit(-2)
100
+ exit(254)
103
101
  end
104
102
  end
105
103
  ensure
@@ -107,12 +105,6 @@ class Puppet::Agent
107
105
  end
108
106
 
109
107
  exit_code = Process.waitpid2(child_pid)
110
- case exit_code[1].exitstatus
111
- when -1
112
- raise SystemExit
113
- when -2
114
- raise NoMemoryError
115
- end
116
108
  exit_code[1].exitstatus
117
109
  end
118
110
 
@@ -39,11 +39,9 @@
39
39
  # values to the lambda.
40
40
  #
41
41
  # Puppet calls the lambda for each of the data structure's remaining values. For each
42
- # call, it passes the result of the previous call as the first parameter ($memo in the
42
+ # call, it passes the result of the previous call as the first parameter (`$memo` in the
43
43
  # above examples) and the next value from the data structure as the second parameter
44
- # ($value).
45
- #
46
- # If the structure has one value, Puppet returns the value and does not call the lambda.
44
+ # (`$value`).
47
45
  #
48
46
  # @example Using the `reduce` function
49
47
  #
@@ -24,7 +24,7 @@ Puppet::Type.type(:group).provide :windows_adsi do
24
24
  # since the default array_matching comparison is not commutative
25
25
 
26
26
  # dupes automatically weeded out when hashes built
27
- current_members = Puppet::Util::Windows::ADSI::Group.name_sid_hash(current)
27
+ current_members = Puppet::Util::Windows::ADSI::Group.name_sid_hash(current, true)
28
28
  specified_members = Puppet::Util::Windows::ADSI::Group.name_sid_hash(should)
29
29
 
30
30
  current_sids = current_members.keys.to_a
@@ -52,7 +52,7 @@ Puppet::Type.type(:group).provide :windows_adsi do
52
52
  account = sid.account
53
53
  end
54
54
  resource.debug("#{sid.domain}\\#{account} (#{sid.sid})")
55
- "#{sid.domain}\\#{account}"
55
+ sid.domain ? "#{sid.domain}\\#{account}" : account
56
56
  end
57
57
  return users.join(',')
58
58
  end
@@ -66,7 +66,7 @@ Puppet::Type.type(:group).provide :windows_adsi do
66
66
  end
67
67
 
68
68
  def members
69
- @members ||= Puppet::Util::Windows::ADSI::Group.name_sid_hash(group.members)
69
+ @members ||= Puppet::Util::Windows::ADSI::Group.name_sid_hash(group.members, true)
70
70
 
71
71
  # @members.keys returns an array of SIDs. We need to convert those SIDs into
72
72
  # names so that `puppet resource` prints the right output.
@@ -29,6 +29,15 @@ Puppet::Type.type(:package).provide :aix, :parent => Puppet::Provider::Package d
29
29
 
30
30
  attr_accessor :latest_info
31
31
 
32
+ STATE_CODE = {
33
+ 'A' => :applied,
34
+ 'B' => :broken,
35
+ 'C' => :committed,
36
+ 'E' => :efix_locked,
37
+ 'O' => :obsolete,
38
+ '?' => :inconsistent,
39
+ }.freeze
40
+
32
41
  def self.srclistcmd(source)
33
42
  [ command(:installp), "-L", "-d", source ]
34
43
  end
@@ -96,6 +105,11 @@ Puppet::Type.type(:package).provide :aix, :parent => Puppet::Provider::Package d
96
105
  if output =~ /^#{Regexp.escape(@resource[:name])}\s+.*\s+Already superseded by.*$/
97
106
  self.fail _("aix package provider is unable to downgrade packages")
98
107
  end
108
+
109
+ pkg_info = query
110
+ if pkg_info && [:broken, :inconsistent].include?(pkg_info[:status])
111
+ self.fail _("Package '%{name}' is in a %{status} state and requires manual intervention") % { name: @resource[:name], status: pkg_info[:status] }
112
+ end
99
113
  end
100
114
 
101
115
  def self.pkglist(hash = {})
@@ -106,8 +120,9 @@ Puppet::Type.type(:package).provide :aix, :parent => Puppet::Provider::Package d
106
120
  end
107
121
 
108
122
  begin
109
- list = execute(cmd).scan(/^[^#][^:]*:([^:]*):([^:]*)/).collect { |n,e|
110
- { :name => n, :ensure => e, :provider => self.name }
123
+ list = execute(cmd).scan(/^[^#][^:]*:([^:]*):([^:]*):[^:]*:[^:]*:([^:])/).collect { |n,e,s|
124
+ e = :absent if [:broken, :inconsistent].include?(STATE_CODE[s])
125
+ { :name => n, :ensure => e, :status => STATE_CODE[s], :provider => self.name }
111
126
  }
112
127
  rescue Puppet::ExecutionFailure => detail
113
128
  if hash[:pkgname]
@@ -34,14 +34,22 @@ Puppet::Type.type(:package).provide :dnfmodule, :parent => :dnf do
34
34
 
35
35
  def self.instances
36
36
  packages = []
37
- cmd = "#{command(:dnf)} module list --installed -d 0 -e #{error_level}"
37
+ cmd = "#{command(:dnf)} module list --enabled -d 0 -e #{error_level}"
38
38
  execute(cmd).each_line do |line|
39
- next unless line =~ /\[i\][, ]/ # get rid of non-package lines (including last Hint line)
40
- line.gsub!(/\[[de]\]/, '') # we don't care about default/enabled flags
39
+ # select only lines with actual packages since DNF clutters the output
40
+ next unless line =~ /\[[ei]\][, ]/
41
+ line.gsub!(/\[d\]/, '') # we don't care about the default flag
42
+
43
+ flavor = if line.include?('[i]')
44
+ line.split('[i]').first.split.last
45
+ else
46
+ :absent
47
+ end
48
+
41
49
  packages << new(
42
50
  name: line.split[0],
43
51
  ensure: line.split[1],
44
- flavor: line.split('[i]').first.split.last, # this is nasty
52
+ flavor: flavor,
45
53
  provider: name
46
54
  )
47
55
  end
@@ -55,28 +63,43 @@ Puppet::Type.type(:package).provide :dnfmodule, :parent => :dnf do
55
63
  pkg ? pkg.properties : nil
56
64
  end
57
65
 
58
- def reset
59
- execute([command(:dnf), 'module', 'reset', '-d', '0', '-e', self.class.error_level, '-y', @resource[:name]])
60
- end
61
-
62
66
  # to install specific streams and profiles:
63
67
  # $ dnf module install module-name:stream/profile
64
68
  # $ dnf module install perl:5.24/minimal
65
69
  # if unspecified, they will be defaulted (see [d] param in dnf module list output)
66
70
  def install
67
- args = @resource[:name]
68
71
  # ensure we start fresh (remove existing stream)
69
72
  uninstall unless [:absent, :purged].include?(@property_hash[:ensure])
73
+
74
+ args = @resource[:name].dup
70
75
  case @resource[:ensure]
71
76
  when true, false, Symbol
72
77
  # pass
73
78
  else
74
79
  args << ":#{@resource[:ensure]}"
75
80
  end
76
- if @resource[:flavor]
77
- args << "/#{@resource[:flavor]}"
81
+ args << "/#{@resource[:flavor]}" if @resource[:flavor]
82
+
83
+ if @resource[:enable_only] == true
84
+ enable(args)
85
+ else
86
+ begin
87
+ execute([command(:dnf), 'module', 'install', '-d', '0', '-e', self.class.error_level, '-y', args])
88
+ rescue Puppet::ExecutionFailure => e
89
+ # module has no default profile and no profile was requested, so just enable the stream
90
+ # DNF versions prior to 4.2.8 do not need this workaround
91
+ # see https://bugzilla.redhat.com/show_bug.cgi?id=1669527
92
+ if @resource[:flavor] == nil && e.message =~ /^missing groups or modules: #{Regexp.quote(@resource[:name])}$/
93
+ enable(args)
94
+ else
95
+ raise
96
+ end
97
+ end
78
98
  end
79
- execute([command(:dnf), 'module', 'install', '-d', '0', '-e', self.class.error_level, '-y', args])
99
+ end
100
+
101
+ def enable(args = @resource[:name])
102
+ execute([command(:dnf), 'module', 'enable', '-d', '0', '-e', self.class.error_level, '-y', args])
80
103
  end
81
104
 
82
105
  def uninstall
@@ -84,6 +107,10 @@ Puppet::Type.type(:package).provide :dnfmodule, :parent => :dnf do
84
107
  reset # reset module to the default stream
85
108
  end
86
109
 
110
+ def reset
111
+ execute([command(:dnf), 'module', 'reset', '-d', '0', '-e', self.class.error_level, '-y', @resource[:name]])
112
+ end
113
+
87
114
  def flavor
88
115
  @property_hash[:flavor]
89
116
  end
@@ -102,7 +102,7 @@ Puppet::Type.type(:package).provide :pkgdmg, :parent => Puppet::Provider::Packag
102
102
  if source =~ /\.dmg$/i
103
103
  # If you fix this to use open-uri again, you must update the docs above. -NF
104
104
  File.open(cached_source) do |dmg|
105
- xml_str = hdiutil "mount", "-plist", "-nobrowse", "-readonly", "-noidme", "-mountrandom", "/tmp", dmg.path
105
+ xml_str = hdiutil "mount", "-plist", "-nobrowse", "-readonly", "-mountrandom", "/tmp", dmg.path
106
106
  hdiutil_info = Puppet::Util::Plist.parse_plist(xml_str)
107
107
  raise Puppet::Error.new(_("No disk entities returned by mount at %{path}") % { path: dmg.path }) unless hdiutil_info.has_key?("system-entities")
108
108
  mounts = hdiutil_info["system-entities"].collect { |entity|
@@ -11,6 +11,7 @@ Puppet::Type.type(:package).provide :pkgng, :parent => Puppet::Provider::Package
11
11
 
12
12
  has_feature :versionable
13
13
  has_feature :upgradeable
14
+ has_feature :install_options
14
15
 
15
16
  def self.get_query
16
17
  pkg(['query', '-a', '%n %v %o'])
@@ -22,7 +23,11 @@ Puppet::Type.type(:package).provide :pkgng, :parent => Puppet::Provider::Package
22
23
 
23
24
  def self.get_latest_version(origin, version_list)
24
25
  if latest_version = version_list.lines.find { |l| l =~ /^#{origin} / }
25
- latest_version = latest_version.split(' ').last.split(')').first
26
+ _name, compare, status = latest_version.chomp.split(' ', 3)
27
+ if ['!', '?'].include?(compare)
28
+ return nil
29
+ end
30
+ latest_version = status.split(' ').last.split(')').first
26
31
  return latest_version
27
32
  end
28
33
  nil
@@ -97,13 +102,16 @@ Puppet::Type.type(:package).provide :pkgng, :parent => Puppet::Provider::Package
97
102
  end
98
103
 
99
104
  if not source # install using default repo logic
100
- args = ['install', '-qy', installname]
105
+ args = ['install', '-qy']
101
106
  elsif source.scheme == 'urn' # install from repo named in URN
102
107
  tag = repo_tag_from_urn(source.to_s)
103
- args = ['install', '-qy', '-r', tag, installname]
108
+ args = ['install', '-qy', '-r', tag]
104
109
  else # add package located at URL
105
- args = ['add', '-q', source.to_s]
110
+ args = ['add', '-q']
111
+ installname = source.to_s
106
112
  end
113
+ args += install_options if @resource[:install_options]
114
+ args << installname
107
115
 
108
116
  pkg(args)
109
117
  end
@@ -140,4 +148,8 @@ Puppet::Type.type(:package).provide :pkgng, :parent => Puppet::Provider::Package
140
148
  @property_hash[:origin]
141
149
  end
142
150
 
151
+ def install_options
152
+ join_options(@resource[:install_options])
153
+ end
154
+
143
155
  end
@@ -25,6 +25,8 @@ Puppet::Type.type(:package).provide :yum, :parent => :rpm, :source => :rpm do
25
25
 
26
26
  defaultfor :osfamily => :redhat
27
27
 
28
+ VERSION_REGEX = /^(?:(\d+):)?(\S+)-(\S+)$/
29
+
28
30
  def self.prefetch(packages)
29
31
  raise Puppet::Error, _("The yum provider can only be used as root") if Process.euid != 0
30
32
  super
@@ -86,23 +88,24 @@ Puppet::Type.type(:package).provide :yum, :parent => :rpm, :source => :rpm do
86
88
  end
87
89
 
88
90
  def self.parse_updates(str)
89
- # Strip off all content before the first blank line
90
- body = str.partition(/^\s*\n/m).last
91
+ # Strip off all content that contains Obsoleting, Security: or Update
92
+ body = str.partition(/^(Obsoleting|Security:|Update)/).first
91
93
 
92
94
  updates = Hash.new { |h, k| h[k] = [] }
93
- body.split.each_slice(3) do |tuple|
94
- break if tuple[0] =~ /^(Obsoleting|Security:|Update)/
95
- break unless tuple[1] =~ /^(?:(\d+):)?(\S+)-(\S+)$/
96
- hash = update_to_hash(*tuple[0..1])
97
- # Create entries for both the package name without a version and a
98
- # version since yum considers those as mostly interchangeable.
99
- short_name = hash[:name]
100
- long_name = "#{hash[:name]}.#{hash[:arch]}"
101
-
102
- updates[short_name] << hash
103
- updates[long_name] << hash
104
- end
105
95
 
96
+ body.split(/^\s*\n/).each do |line|
97
+ line.split.each_slice(3) do |tuple|
98
+ next unless tuple[0].include?('.') && tuple[1] =~ VERSION_REGEX
99
+
100
+ hash = update_to_hash(*tuple[0..1])
101
+ # Create entries for both the package name without a version and a
102
+ # version since yum considers those as mostly interchangeable.
103
+ short_name = hash[:name]
104
+ long_name = "#{hash[:name]}.#{hash[:arch]}"
105
+ updates[short_name] << hash
106
+ updates[long_name] << hash
107
+ end
108
+ end
106
109
  updates
107
110
  end
108
111
 
@@ -117,7 +120,7 @@ Puppet::Type.type(:package).provide :yum, :parent => :rpm, :source => :rpm do
117
120
  raise _("Failed to parse package name and architecture from '%{pkgname}'") % { pkgname: pkgname }
118
121
  end
119
122
 
120
- match = pkgversion.match(/^(?:(\d+):)?(\S+)-(\S+)$/)
123
+ match = pkgversion.match(VERSION_REGEX)
121
124
  epoch = match[1] || '0'
122
125
  version = match[2]
123
126
  release = match[3]
@@ -20,14 +20,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
20
20
 
21
21
  def exists?
22
22
  self.debug "Checking for module #{@resource[:name]}"
23
- execpipe("#{command(:semodule)} --list") do |out|
24
- out.each_line do |line|
25
- if line =~ /^#{@resource[:name]}\b/
26
- return :true
27
- end
28
- end
29
- end
30
- nil
23
+ return selmodules_loaded.has_key?(@resource[:name])
31
24
  end
32
25
 
33
26
  def syncversion
@@ -35,7 +28,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
35
28
 
36
29
  loadver = selmodversion_loaded
37
30
 
38
- if(loadver) then
31
+ if (loadver) then
39
32
  filever = selmodversion_file
40
33
  if (filever == loadver)
41
34
  return :true
@@ -44,7 +37,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
44
37
  :false
45
38
  end
46
39
 
47
- def syncversion= (dosync)
40
+ def syncversion=(dosync)
48
41
  execoutput("#{command(:semodule)} --upgrade #{selmod_name_to_filename}")
49
42
  rescue Puppet::ExecutionFailure => detail
50
43
  raise Puppet::Error, "Could not upgrade policy module: #{detail}", detail.backtrace
@@ -52,7 +45,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
52
45
 
53
46
  # Helper functions
54
47
 
55
- def execoutput (cmd)
48
+ def execoutput(cmd)
56
49
  output = ''
57
50
  begin
58
51
  execpipe(cmd) do |out|
@@ -72,7 +65,7 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
72
65
  end
73
66
  end
74
67
 
75
- def selmod_readnext (handle)
68
+ def selmod_readnext(handle)
76
69
  len = handle.read(4).unpack('V')[0]
77
70
  handle.read(len)
78
71
  end
@@ -118,23 +111,47 @@ Puppet::Type.type(:selmodule).provide(:semodule) do
118
111
  end
119
112
 
120
113
  def selmodversion_loaded
121
- selmod_output = []
122
- selmodule_cmd = "#{command(:semodule)} --list"
123
- begin
124
- execpipe(selmodule_cmd) do |output|
125
- output.each_line do |line|
126
- line.chomp!
127
- selmod_output << line
128
- bits = line.split
129
- if bits[0] == @resource[:name]
130
- self.debug "load version #{bits[1]}"
131
- return bits[1]
114
+ selmodules_loaded[@resource[:name]]
115
+ end
116
+
117
+ def selmodules_loaded
118
+ self.class.selmodules_loaded
119
+ end
120
+
121
+ # Extend Class
122
+
123
+ class << self
124
+ attr_accessor :loaded_modules
125
+ end
126
+
127
+ # Prefetch loaded selinux modules.
128
+ def self.prefetch(resources)
129
+ selmodules_loaded
130
+ end
131
+
132
+ def self.selmodules_loaded
133
+ if self.loaded_modules.nil?
134
+ self.debug "Fetching loaded selinux modules"
135
+ modules = {}
136
+ selmodule_cmd = "#{command(:semodule)} --list"
137
+ output = []
138
+ begin
139
+ execpipe(selmodule_cmd) do |pipe|
140
+ pipe.each_line do |line|
141
+ line.chomp!
142
+ output << line
143
+ name, version = line.split
144
+ modules[name] = version
132
145
  end
133
146
  end
147
+ self.loaded_modules = modules
148
+ rescue Puppet::ExecutionFailure
149
+ raise Puppet::Error,
150
+ _('Could not list policy modules: "%{selmodule_command}" failed with "%{selmod_output}"') %
151
+ { selmodule_command: selmodule_cmd, selmod_output: output.join(' ') },
152
+ $ERROR_INFO.backtrace
134
153
  end
135
- rescue Puppet::ExecutionFailure
136
- raise Puppet::ExecutionFailure, _("Could not list policy modules: \"%{selmodule_command}\" failed with \"%{selmod_output}\"") % { selmodule_command: selmodule_cmd, selmod_output: selmod_output.join(' ') }
137
154
  end
138
- nil
155
+ self.loaded_modules
139
156
  end
140
157
  end