rouster 0.5 → 0.7

data/lib/rouster/deltas.rb

@@ -1,11 +1,9 @@
 require sprintf('%s/../../%s', File.dirname(File.expand_path(__FILE__)), 'path_helper')
 
-# deltas.rb - get information about groups, packages, services and users inside a Vagrant VM
+# deltas.rb - get information about crontabs, groups, packages, ports, services and users inside a Vagrant VM
 require 'rouster'
 require 'rouster/tests'
 
-# TODO use @cache_timeout to invalidate data cached here
-
 class Rouster
 
   ##
@@ -14,13 +12,12 @@ class Rouster
   # runs `crontab -l <user>` and parses output, returns hash:
   # {
   #   user => {
-  #     logicalOrderInt => {
+  #     command => {
   #       :minute => minute,
   #       :hour   => hour,
   #       :dom    => dom, # day of month
   #       :mon    => mon, # month
   #       :dow    => dow, # day of week
-  #       :command => command,
   #     }
   #   }
   # }
@@ -33,16 +30,24 @@ class Rouster
   def get_crontab(user='root', cache=true)
 
     if cache and self.deltas[:crontab].class.eql?(Hash)
-      if self.deltas[:crontab].has_key?(user)
+
+      if self.cache_timeout and self.cache_timeout.is_a?(Integer) and (Time.now.to_i - self.cache[:crontab]) > self.cache_timeout
+        @logger.debug(sprintf('invalidating [crontab] cache, was [%s] old, allowed [%s]', (Time.now.to_i - self.cache[:crontab]), self.cache_timeout))
+        self.deltas.delete(:crontab)
+      end
+
+      if self.deltas.has_key?(:crontab) and self.deltas[:crontab].has_key?(user)
+        @logger.debug(sprintf('using cached [crontab] from [%s]', self.cache[:crontab]))
         return self.deltas[:crontab][user]
+      elsif self.deltas.has_key?(:crontab) and user.eql?('*')
+        @logger.debug(sprintf('using cached [crontab] from [%s]', self.cache[:crontab]))
+        return self.deltas[:crontab]
       else
         # noop fallthrough to gather data to cache
       end
-    elsif cache and self.deltas[:crontab].class.eql?(Hash) and user.eql?('*')
-      return self.deltas[:crontab]
+
     end
 
-    i = 0
     res = Hash.new
     users = nil
 
@@ -62,23 +67,37 @@ class Rouster
       end
 
       raw.split("\n").each do |line|
+        next if line.match(/^#|^\s+$/)
         elements = line.split("\s")
 
+        if elements.size < 5
+          # this is usually (only?) caused by ENV_VARIABLE=VALUE directives
+          @logger.debug(sprintf('line [%s] did not match format expectations for a crontab entry, skipping', line))
+          next
+        end
+
+        command = elements[5..elements.size].join(' ')
+
         res[u] ||= Hash.new
-        res[u][i] ||= Hash.new
-
-        res[u][i][:minute]  = elements[0]
-        res[u][i][:hour]    = elements[1]
-        res[u][i][:dom]     = elements[2]
-        res[u][i][:mon]     = elements[3]
-        res[u][i][:dow]     = elements[4]
-        res[u][i][:command] = elements[5..elements.size].join(" ")
-      end
 
-      i += 1
+        if res[u][command].class.eql?(Hash)
+          unique = elements.join('')
+          command = sprintf('%s-duplicate.%s', command, unique)
+          @logger.info(sprintf('duplicate crontab command found, adding hash key[%s]', command))
+        end
+
+        res[u][command]           = Hash.new
+        res[u][command][:minute]  = elements[0]
+        res[u][command][:hour]    = elements[1]
+        res[u][command][:dom]     = elements[2]
+        res[u][command][:mon]     = elements[3]
+        res[u][command][:dow]     = elements[4]
+      end
     end
 
     if cache
+      @logger.debug(sprintf('caching [crontab] at [%s]', Time.now.asctime))
+
       if ! user.eql?('*')
         self.deltas[:crontab] ||= Hash.new
         self.deltas[:crontab][user] ||= Hash.new
@@ -87,6 +106,9 @@ class Rouster
         self.deltas[:crontab] ||= Hash.new
         self.deltas[:crontab] = res
       end
+
+      self.cache[:crontab] = Time.now.to_i
+
     end
 
     return user.eql?('*') ? res : res[user]
@@ -107,28 +129,48 @@ class Rouster
   # * [cache] - boolean controlling whether data retrieved/parsed is cached, defaults to true
   # * [deep]  - boolean controlling whether get_users() is called in order to correctly populate res[group][:users]
   def get_groups(cache=true, deep=true)
+
     if cache and ! self.deltas[:groups].nil?
-      return self.deltas[:groups]
+
+      if self.cache_timeout and self.cache_timeout.is_a?(Integer) and (Time.now.to_i - self.cache[:groups]) > self.cache_timeout
+        @logger.debug(sprintf('invalidating [groups] cache, was [%s] old, allowed [%s]', (Time.now.to_i - self.cache[:groups]), self.cache_timeout))
+        self.deltas.delete(:groups)
+      else
+        @logger.debug(sprintf('using cached [groups] from [%s]', self.cache[:groups]))
+        return self.deltas[:groups]
+      end
+
     end
 
     res = Hash.new()
 
-    raw = self.run('cat /etc/group')
+    {
+      :file    => self.run('cat /etc/group'),
+      :dynamic => self.run('getent group', [0,127]),
+    }.each_pair do |source, raw|
 
-    raw.split("\n").each do |line|
-      next unless line.match(/\w+:\w+:\w+/)
+      raw.split("\n").each do |line|
+        next unless line.match(/\w+:\w+:\w+/)
 
-      data = line.split(':')
+        data = line.split(':')
 
-      group = data[0]
-      gid   = data[2]
+        group = data[0]
+        gid   = data[2]
 
-      # this works in some cases, deep functionality picks up the others
-      users = data[3].nil? ? ['NONE'] : data[3].split(',')
+        # this works in some cases, deep functionality picks up the others
+        users = data[3].nil? ? ['NONE'] : data[3].split(',')
+
+        if res.has_key?(group)
+          @logger.debug(sprintf('for[%s] old GID[%s] new GID[%s]', group, gid, res[group][:users])) unless gid.eql?(res[group][:gid])
+          @logger.debug(sprintf('for[%s] old users[%s] new users[%s]', group, users)) unless users.eql?(res[group][:users])
+        end
+
+        res[group] = Hash.new() # i miss autovivification
+        res[group][:gid]    = gid
+        res[group][:users]  = users
+        res[group][:source] = source
+      end
 
-      res[group] = Hash.new() # i miss autovivification
-      res[group][:gid]   = gid
-      res[group][:users] = users
     end
 
     groups = res
@@ -136,11 +178,19 @@ class Rouster
     if deep
       users = self.get_users(cache)
 
+      known_valid_gids = groups.keys.map { |g| groups[g][:gid] } # no need to calculate this in every loop
+
       # TODO better, much better -- since the number of users/groups is finite and usually small, this is a low priority
       users.each_key do |user|
         # iterate over each user to get their gid
         gid = users[user][:gid]
 
+        unless known_valid_gids.member?(gid)
+          @logger.warn(sprintf('found user[%s] with unknown GID[%s], known GIDs[%s]', user, gid, known_valid_gids))
+          next
+        end
+
+        ## do this more efficiently
         groups.each_key do |group|
           # iterate over each group to find the matching gid
           if gid.eql?(groups[group][:gid])
@@ -150,14 +200,15 @@ class Rouster
             groups[group][:users] << user unless groups[group][:users].member?(user)
           end
 
-          # TODO throw an error if we find a user with a GID that we don't know about from get_groups()
         end
 
       end
     end
 
     if cache
+      @logger.debug(sprintf('caching [groups] at [%s]', Time.now.asctime))
       self.deltas[:groups] = groups
+      self.cache[:groups]  = Time.now.to_i
     end
 
     groups
@@ -179,14 +230,22 @@ class Rouster
   #
   # supported OS
   # * OSX - runs `pkgutil --pkgs` and `pkgutil --pkg-info=<package>` (if deep)
-  # * RedHat - runs `rpm -qa`
+  # * RedHat - runs `rpm -qa --qf "%{n}@%{v}@%{arch}\n"` (does not support deep)
   # * Solaris - runs `pkginfo` and `pkginfo -l <package>` (if deep)
-  # * Ubuntu - runs `dpkg --get-selections` and `dpkg -s <package>` (if deep)
+  # * Ubuntu - runs `dpkg-query -W -f='${Package}\@${Version}\@${Architecture}\n'` (does not support deep)
   #
   # raises InternalError if unsupported operating system
   def get_packages(cache=true, deep=true)
     if cache and ! self.deltas[:packages].nil?
-      return self.deltas[:packages]
+
+      if self.cache_timeout and self.cache_timeout.is_a?(Integer) and (Time.now.to_i - self.cache[:packages]) > self.cache_timeout
+        @logger.debug(sprintf('invalidating [packages] cache, was [%s] old, allowed [%s]', (Time.now.to_i - self.cache[:packages]), self.cache_timeout))
+        self.deltas.delete(:packages)
+      else
+        @logger.debug(sprintf('using cached [packages] from [%s]', self.cache[:packages]))
+        return self.deltas[:packages]
+      end
+
     end
 
     res = Hash.new()
@@ -197,62 +256,93 @@ class Rouster
 
       raw = self.run('pkgutil --pkgs')
       raw.split("\n").each do |line|
+        name    = line
+        arch    = '?'
         version = '?'
 
         if deep
           # can get install time, volume and location as well
-          local_res = self.run(sprintf('pkgutil --pkg-info=%s', line))
-          version = $1 if local_res.match(/version\:\s+(.*?)$/)
+          local_res = self.run(sprintf('pkgutil --pkg-info=%s', name))
+          version   = $1 if local_res.match(/version\:\s+(.*?)$/)
+        end
+
+        if res.has_key?(name)
+          # different architecture of an already known package
+          @logger.debug(sprintf('found package with already known name[%s], value[%s], new line[%s], turning into array', name, res[name], line))
+          new_element = { :version => version, :arch => arch }
+          res[name]   = [ res[name], new_element ]
+        else
+          res[name] = { :version => version, :arch => arch }
         end
 
-        res[line] = version
       end
 
     elsif os.eql?(:solaris)
       raw = self.run('pkginfo')
       raw.split("\n").each do |line|
-        next if line.match(/(.*?)\s+(.*?)\s(.*)$/).empty?
+        next if line.match(/(.*?)\s+(.*?)\s(.*)$/).nil?
         name    = $2
+        arch    = '?'
         version = '?'
 
         if deep
-          local_res = self.run(sprintf('pkginfo -l %s', name))
-          version   = $1 if local_res.match(/VERSION\:\s+(.*?)$/i)
+          begin
+            # who throws non-0 exit codes when querying for legit package information? solaris does.
+            local_res = self.run(sprintf('pkginfo -l %s', name))
+            arch      = $1 if local_res.match(/ARCH\:\s+(.*?)$/)
+            version   = $1 if local_res.match(/VERSION\:\s+(.*?)$/)
+          rescue
+            arch    = '?' if arch.nil?
+            version = '?' if arch.nil?
+          end
         end
 
-        res[name] = version
+        if res.has_key?(name)
+          # different architecture of an already known package
+          @logger.debug(sprintf('found package with already known name[%s], value[%s], new line[%s], turning into array', name, res[name], line))
+          new_element = { :version => version, :arch => arch }
+          res[name]   = [ res[name], new_element ]
+        else
+          res[name] = { :version => version, :arch => arch }
+        end
       end
 
     elsif os.eql?(:ubuntu) or os.eql?(:debian)
-      raw = self.run('dpkg --get-selections')
+      raw = self.run("dpkg-query -W -f='${Package}@${Version}@${Architecture}\n'")
       raw.split("\n").each do |line|
-        next if line.match(/^(.*?)\s/).nil?
+        next if line.match(/(.*?)\@(.*?)\@(.*)/).nil?
         name    = $1
-        version = '?'
-
-        if deep
-          local_res = self.run(sprintf('dpkg -s %s', name))
-          version   = $1 if local_res.match(/Version\:\s(.*?)$/)
+        version = $2
+        arch    = $3
+
+        if res.has_key?(name)
+          # different architecture of an already known package
+          @logger.debug(sprintf('found package with already known name[%s], value[%s], new line[%s], turning into array', name, res[name], line))
+          new_element = { :version => version, :arch => arch }
+          res[name]   = [ res[name], new_element ]
+        else
+          res[name] = { :version => version, :arch => arch }
         end
 
-        res[name] = version
       end
 
-    elsif os.eql?(:redhat)
-      raw = self.run('rpm -qa')
+    elsif os.eql?(:rhel)
+      raw = self.run('rpm -qa --qf "%{n}@%{v}@%{arch}\n"')
       raw.split("\n").each do |line|
-        next if line.match(/(.*?)-(\d*\..*)/).nil? # ht petersen.allen
-        #next if line.match(/(.*)-(\d+\.\d+.*)/).nil? # another alternate, but still not perfect
+        next if line.match(/(.*?)\@(.*?)\@(.*)/).nil?
         name    = $1
-        version = '?' # we could use $2, but we don't trust it
-
-        if deep
-          local_res = self.run(sprintf('rpm -qi %s', line))
-          name    = $1 if local_res.match(/Name\s+:\s(\S*)/)
-          version = $1 if local_res.match(/Version\s+:\s(\S*)/)
+        version = $2
+        arch    = $3
+
+        if res.has_key?(name)
+          # different architecture of an already known package
+          @logger.debug(sprintf('found package with already known name[%s], value[%s], new line[%s], turning into array', name, res[name], line))
+          new_element = { :version => version, :arch => arch }
+          res[name]   = [ res[name], new_element ]
+        else
+          res[name] = { :version => version, :arch => arch }
         end
 
-        res[name] = version
       end
 
     else
@@ -260,7 +350,9 @@ class Rouster
     end
 
     if cache
+      @logger.debug(sprintf('caching [packages] at [%s]', Time.now.asctime))
       self.deltas[:packages] = res
+      self.cache[:packages]  = Time.now.to_i
     end
 
     res
@@ -290,13 +382,19 @@ class Rouster
     # TODO improve ipv6 support
 
     if cache and ! self.deltas[:ports].nil?
-      return self.deltas[:ports]
+      if self.cache_timeout and self.cache_timeout.is_a?(Integer) and (Time.now.to_i - self.cache[:ports]) > self.cache_timeout
+        @logger.debug(sprintf('invalidating [ports] cache, was [%s] old, allowed [%s]', (Time.now.to_i - self.cache[:ports]), self.cache_timeout))
+        self.deltas.delete(:ports)
+      else
+        @logger.debug(sprintf('using cached [ports] from [%s]', self.cache[:ports]))
+        return self.deltas[:ports]
+      end
     end
 
     res = Hash.new()
     os  = self.os_type()
 
-    if os.eql?(:redhat) or os.eql?(:ubuntu) or os.eql?(:debian)
+    if os.eql?(:rhel) or os.eql?(:ubuntu) or os.eql?(:debian)
 
       raw = self.run('netstat -ln')
 
@@ -320,7 +418,9 @@ class Rouster
     end
 
     if cache
+      @logger.debug(sprintf('caching [ports] at [%s]', Time.now.asctime))
       self.deltas[:ports] = res
+      self.cache[:ports]  = Time.now.to_i
     end
 
     res
@@ -331,103 +431,306 @@ class Rouster
   #
   # runs an OS appropriate command to gather service information, returns hash:
   # {
-  #   serviceN => mode # running|stopped|unsure
+  #   serviceN => mode # exists|installed|operational|running|stopped|unsure
   # }
   #
   # parameters
-  # * [cache] - boolean controlling whether data retrieved/parsed is cached, defaults to true
+  # * [cache]    - boolean controlling whether data retrieved/parsed is cached, defaults to true
+  # * [humanize] - boolean controlling whether data retrieved is massaged into simplified names or returned mostly as retrieved
+  # * [type]     - symbol indicating which service controller to query, defaults to :all
+  # * [seed]     - test hook to seed the output of service commands
   #
-  # supported OS
-  # * OSX - runs `launchctl list`
-  # * RedHat - runs `/sbin/service --status-all`
-  # * Solaris - runs `svcs`
-  # * Ubuntu - runs `service --status-all`
+  # supported OS and types
+  # * OSX     - :launchd
+  # * RedHat  - :systemv or :upstart
+  # * Solaris - :smf
+  # * Ubuntu  - :systemv or :upstart
   #
-  # raises InternalError if unsupported operating system
-  def get_services(cache=true)
+  # notes
+  # * raises InternalError if unsupported operating system
+  # * OSX, Solaris and Ubuntu/Debian will only return running|stopped|unsure, the exists|installed|operational modes are RHEL/CentOS only
+
+  def get_services(cache=true, humanize=true, type=:all, seed=nil)
     if cache and ! self.deltas[:services].nil?
-      return self.deltas[:services]
+
+      if self.cache_timeout and self.cache_timeout.is_a?(Integer) and (Time.now.to_i - self.cache[:services]) > self.cache_timeout
+        @logger.debug(sprintf('invalidating [services] cache, was [%s] old, allowed [%s]', (Time.now.to_i - self.cache[:services]), self.cache_timeout))
+        self.deltas.delete(:services)
+      else
+        @logger.debug(sprintf('using cached [services] from [%s]', self.cache[:services]))
+        return self.deltas[:services]
+      end
+
     end
 
     res = Hash.new()
+    os  = self.os_type
+
+    commands = {
+      :osx => {
+        :launchd => 'launchctl list',
+      },
+      :solaris => {
+        :smf => 'svcs -a',
+      },
+
+      # TODO we really need to implement something like osfamily
+      :ubuntu => {
+        :systemv => 'service --status-all 2>&1',
+        :upstart => 'initctl list',
+      },
+      :debian => {
+        :systemv => 'service --status-all 2>&1',
+        :upstart => 'initctl list',
+      },
+      :rhel => {
+        :systemd => 'systemctl list-units --type=service --no-pager',
+        :systemv => 'service --status-all',
+        :upstart => 'initctl list',
+      },
+
+      :invalid => {
+        :invalid => 'invalid',
+      },
+    }
+
+    if type.eql?(:all)
+      type = commands[os].keys
+    end
 
-    os = self.os_type
+    type = type.class.eql?(Array) ? type : [ type ]
 
-    if os.eql?(:osx)
+    type.each do |provider|
 
-      raw = self.run('launchctl list')
-      raw.split("\n").each do |line|
-        next if line.match(/(?:\S*?)\s+(\S*?)\s+(\S*)$/).nil?
+      raise InternalError.new(sprintf('unable to get service information from VM operating system[%s]', os)) if provider.eql?(:invalid)
+      raise ArgumentError.new(sprintf('unable to find command provider[%s] for [%s]', provider, os))  if commands[os][provider].nil?
+
+      unless seed or self.is_in_path?(commands[os][provider].split(' ').first)
+        @logger.info(sprintf('skipping provider[%s], not in $PATH[%s]', provider, commands[os][provider]))
+        next
+      end
 
-        service = $2
-        mode    = $1
+      @logger.info(sprintf('get_services using provider [%s] on [%s]', provider, os))
 
-        if mode.match(/^\d/)
-          mode = 'running'
-        else
-          mode = 'stopped'
+      # TODO while this is true, what if self.user is 'root'.. -- the problem is we don't have self.user, and we store this data differently depending on self.passthrough?
+      @logger.warn('gathering service information typically works better with sudo, which is currently not being used') unless self.uses_sudo?
+
+      # TODO come up with a better test hook -- real problem is that we can't seed 'raw' with different values per iteration
+      raw = seed.nil? ? self.run(commands[os][provider]) : seed
+
+      if os.eql?(:osx)
+
+        raw.split("\n").each do |line|
+          next if line.match(/(?:\S*?)\s+(\S*?)\s+(\S+)$/).nil?
+          tokens = line.split("\s")
+          service = tokens[-1]
+          mode    = tokens[0]
+
+          if humanize # should we do this with a .freeze instead?
+            if mode.match(/^\d/)
+              mode = 'running'
+            elsif mode.match(/-/)
+              mode = 'stopped'
+            else
+              next # this should handle the banner "PID     Status  Label"
+            end
+          end
+
+          res[service] = mode
         end
 
-        res[service] = mode
-      end
+      elsif os.eql?(:solaris)
 
-    elsif os.eql?(:solaris)
+        raw.split("\n").each do |line|
+          next if line.match(/(.*?)\s+(?:.*?)\s+(.*?)$/).nil?
 
-      raw = self.run('svcs')
-      raw.split("\n").each do |line|
-        next if line.match(/(.*?)\s+(?:.*?)\s+(.*?)$/).nil?
+          service = $2
+          mode    = $1
 
-        service = $2
-        mode    = $1
+          if humanize
+            if mode.match(/^online/)
+              mode = 'running'
+            elsif mode.match(/^legacy_run/)
+              mode = 'running'
+            elsif mode.match(/^disabled/)
+              mode = 'stopped'
+            end
+
+            if service.match(/^svc:\/.*\/(.*?):.*/)
+              # turning 'svc:/network/cswpuppetd:default' into 'cswpuppetd'
+              service = $1
+            elsif service.match(/^lrc:\/.*?\/.*\/(.*)/)
+              # turning 'lrc:/etc/rcS_d/S50sk98Sol' into 'S50sk98Sol'
+              service = $1
+            end
+          end
+
+          res[service] = mode
 
-        if mode.match(/online/)
-          mode = 'running'
-        elsif mode.match(/legacy_run/)
-          mode = 'running'
-        elsif mode.match(//)
-          mode = 'stopped'
         end
 
-        res[service] = mode
+      elsif os.eql?(:ubuntu) or os.eql?(:debian)
+
+        raw.split("\n").each do |line|
+          if provider.eql?(:systemv)
+              next if line.match(/\[(.*?)\]\s+(.*)$/).nil?
+              mode    = $1
+              service = $2
+
+              if humanize
+                mode = 'stopped' if mode.match('-')
+                mode = 'running' if mode.match('\+')
+                mode = 'unsure'  if mode.match('\?')
+              end
+
+              res[service] = mode
+          elsif provider.eql?(:upstart)
+              if line.match(/(.*?)\s.*?(.*?),/)
+                # tty (/dev/tty3) start/running, process 1601
+                # named start/running, process 8959
+                service = $1
+                mode    = $2
+              elsif line.match(/(.*?)\s(.*)/)
+                # rcS stop/waiting
+                service = $1
+                mode    = $2
+              else
+                @logger.warn("unable to process upstart line[#{line}], skipping")
+                next
+              end
+
+              if humanize
+                mode = 'stopped' if mode.match('stop/waiting')
+                mode = 'running' if mode.match('start/running')
+                mode = 'unsure'  unless mode.eql?('stopped') or mode.eql?('running')
+              end
+
+              res[service] = mode
+          end
+        end
 
-      end
+      elsif os.eql?(:rhel)
+
+        raw.split("\n").each do |line|
+          if provider.eql?(:systemv)
+            if humanize
+              if line.match(/^(\w+?)\sis\s(.*)$/)
+                # <service> is <state>
+                name = $1
+                state = $2
+                res[name] = state
+
+                if state.match(/^not/)
+                  # this catches 'Kdump is not operational'
+                  res[name] = 'stopped'
+                end
+
+              elsif line.match(/^(\w+?)\s\(pid.*?\)\sis\s(\w+)$/)
+                # <service> (pid <pid> [pid]) is <state>...
+                res[$1] = $2
+              elsif line.match(/^(\w+?)\sis\s(\w+)\.*$/) # not sure this is actually needed
+                @logger.debug('triggered supposedly unnecessary regex')
+                # <service> is <state>. whatever
+                res[$1] = $2
+              elsif line.match(/razor_daemon:\s(\w+).*$/)
+                # razor_daemon: running [pid 11325]
+                # razor_daemon: no instances running
+                res['razor_daemon'] = $1.eql?('running') ? $1 : 'stopped'
+              elsif line.match(/^(\w+?)\:.*?(\w+)$/)
+                # <service>: whatever <state>
+                res[$1] = $2
+              elsif line.match(/^(\w+?):.*?\sis\snot\srunning\.$/)
+                # ip6tables: Firewall is not running.
+                res[$1] = 'stopped'
+              elsif line.match(/^(\w+?)\s.*?\s(.*)$/)
+                # netconsole module not loaded
+                state = $2
+                res[$1] = $2.match(/not/) ? 'stopped' : 'running'
+              elsif line.match(/^(\w+)\s(\w+).*$/)
+                # <process> <state> whatever
+                res[$1] = $2
+              else
+                # original regex implementation, if we didn't match anything else, failover to this
+                next if line.match(/^([^\s:]*).*\s(\w*)(?:\.?){3}$/).nil?
+                res[$1] = $2
+              end
+            else
+              next if line.match(/^([^\s:]*).*\s(\w*)(?:\.?){3}$/).nil?
+              res[$1] = $2
+            end
+          elsif provider.eql?(:upstart)
+
+            if line.match(/(.*?)\s.*?(.*?),/)
+              # tty (/dev/tty3) start/running, process 1601
+              # named start/running, process 8959
+              service = $1
+              mode    = $2
+            elsif line.match(/(.*?)\s(.*)/)
+              # rcS stop/waiting
+              service = $1
+              mode    = $2
+            else
+              @logger.warn("unable to process upstart line[#{line}], skipping")
+              next
+            end
 
-    elsif os.eql?(:ubuntu) or os.eql?(:debian)
+            if humanize
+              mode = 'stopped' if mode.match('stop/waiting')
+              mode = 'running' if mode.match('start/running')
+              mode = 'unsure'  unless mode.eql?('stopped') or mode.eql?('running')
+            end
 
-      raw = self.run('service --status-all 2>&1')
-      raw.split("\n").each do |line|
-        next if line.match(/\[(.*?)\]\s+(.*)$/).nil?
-        mode    = $1
-        service = $2
+            res[service] = mode unless res.has_key?(service)
 
-        mode = 'stopped' if mode.match('-')
-        mode = 'running' if mode.match('\+')
-        mode = 'unsure'  if mode.match('\?')
+          elsif provider.eql?(:systemd)
+            # UNIT              LOAD   ACTIVE   SUB      DESCRIPTION
+            # nfs-utils.service loaded inactive dead     NFS server and client services
+            # crond.service     loaded active   running  Command Scheduler
 
-        res[service] = mode
-      end
+            if line.match(/^\W*(.*?)\.service\s+(?:.*?)\s+(.*?)\s+(.*?)\s+(?:.*?)$/) # 5 space separated characters
+              service = $1
+              active  = $2
+              sub     = $3
 
-    elsif os.eql?(:redhat)
+              if humanize
+                mode = sub.match('running') ? 'running' : 'stopped'
+                mode = 'unsure'  unless mode.eql?('stopped') or mode.eql?('running')
+              end
 
-      raw = self.run('/sbin/service --status-all')
-      raw.split("\n").each do |line|
-        # TODO support:
-        # <service> is <state>
-        # <service> (pid <pid> [pid]) is <state>...
-        # <service> is <state>. whatever
-        # <service>: whatever <state>
-        # <process> <state> whatever
-
-        next if line.match(/^([^\s:]*).*\s(\w*)(?:\.?){3}$/).nil?
-        res[$1] = $2
+              res[service] = mode
+            else
+              # not logging here, there is a bunch of garbage output at the end of the output that we can't seem to suppress
+              next
+            end
+
+          end
+
+        end
+      else
+        raise InternalError.new(sprintf('unable to get service information from VM operating system[%s]', os))
       end
 
-    else
-      raise InternalError.new(sprintf('unable to get service information from VM operating system[%s]', os))
+
+      # end of provider processing
+    end
+
+    # issue #63 handling
+    # TODO should we consider using symbols here instead?
+    allowed_modes = %w(exists installed operational running stopped unsure)
+    failover_mode = 'unsure'
+
+    if humanize
+      res.each_pair do |k,v|
+        next if allowed_modes.member?(v)
+        @logger.debug(sprintf('replacing service[%s] status of [%s] with [%s] for uniformity', k, v, failover_mode))
+        res[k] = failover_mode
+      end
     end
 
     if cache
+      @logger.debug(sprintf('caching [services] at [%s]', Time.now.asctime))
       self.deltas[:services] = res
+      self.cache[:services]  = Time.now.to_i
     end
 
     res
@@ -450,29 +753,58 @@ class Rouster
   # * [cache] - boolean controlling whether data retrieved/parsed is cached, defaults to true
   def get_users(cache=true)
     if cache and ! self.deltas[:users].nil?
-      return self.deltas[:users]
+
+      if self.cache_timeout and self.cache_timeout.is_a?(Integer) and (Time.now.to_i - self.cache[:users]) > self.cache_timeout
+        @logger.debug(sprintf('invalidating [users] cache, was [%s] old, allowed [%s]', (Time.now.to_i - self.cache[:users]), self.cache_timeout))
+        self.deltas.delete(:users)
+      else
+        @logger.debug(sprintf('using cached [users] from [%s]', self.cache[:users]))
+        return self.deltas[:users]
+      end
+
     end
 
     res = Hash.new()
 
-    raw = self.run('cat /etc/passwd')
-
-    raw.split("\n").each do |line|
-      next if line.match(/(\w+)(?::\w+){3,}/).nil?
+    {
+      :file    => self.run('cat /etc/passwd'),
+      :dynamic => self.run('getent passwd', [0,127]),
+    }.each do |source, raw|
 
-      user = $1
-      data = line.split(':')
+      raw.split("\n").each do |line|
+        next if line.match(/(\w+)(?::\w+){3,}/).nil?
+
+        user = $1
+        data = line.split(':')
+
+        shell       = data[-1]
+        home        = data[-2]
+        home_exists = self.is_dir?(data[-2])
+        uid         = data[2]
+        gid         = data[3]
+
+        if res.has_key?(user)
+          @logger.info(sprintf('for[%s] old shell[%s], new shell[%s]', res[user][:shell], shell)) unless shell.eql?(res[user][:shell])
+          @logger.info(sprintf('for[%s] old home[%s], new home[%s]', res[user][:home], home)) unless home.eql?(res[user][:home])
+          @logger.info(sprintf('for[%s] old home_exists[%s], new home_exists[%s]', res[user][:home_exists], home_exists)) unless home_exists.eql?(res[user][:home_exists])
+          @logger.info(sprintf('for[%s] old UID[%s], new UID[%s]', res[user][:uid], uid)) unless uid.eql?(res[user][:uid])
+          @logger.info(sprintf('for[%s] old GID[%s], new GID[%s]', res[user][:gid], gid)) unless gid.eql?(res[user][:gid])
+        end
 
-      res[user] = Hash.new()
-      res[user][:shell] = data[-1]
-      res[user][:home]  = data[-2]
-      res[user][:home_exists] = self.is_dir?(data[-2])
-      res[user][:uid]   = data[2]
-      res[user][:gid]   = data[3]
+        res[user] = Hash.new()
+        res[user][:shell]       = shell
+        res[user][:home]        = home
+        res[user][:home_exists] = home_exists
+        res[user][:uid]         = uid
+        res[user][:gid]         = gid
+        res[user][:source]      = source
+      end
     end
 
     if cache
+      @logger.debug(sprintf('caching [users] at [%s]', Time.now.asctime))
       self.deltas[:users] = res
+      self.cache[:users]  = Time.now.to_i
     end
 
     res