vagrant-unbundled 1.9.8.1 → 2.0.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cbfc0426952400e2cf50440f9e33da65b96de1bf
-  data.tar.gz: 6b5376cf7c8971923fa2da01b9e5cb5597cf98b2
+  metadata.gz: ab94e193c0cacc1e2503a53fc9cf56ebbacc8ca6
+  data.tar.gz: e9dff8cd516a995f503ed4e482c30bf788fb864a
 SHA512:
-  metadata.gz: 3ffe827d8f83715f2f085a458acd2b6052f34691922ba71468cc9cca2794e5217471493a2c4d02b8b0becb17d060e07637de7ecb1ce63674808fb19d1a557272
-  data.tar.gz: b0033fcd286a3445ee1acb2344e34e41419fe8551dc5ceef615eabcad07f70478f392f51ef1a950500879f621b0ced555a1a8bd63844aca79ca7630ca61afd48
+  metadata.gz: 7513bbf956fd58b41f9581ed285f799c5f26735a85d04de738aeab51261f75314840b6380e5659d4ae7a1aacc52bcf9cb0a8967d1dd071f9a75b2538efcef3e8
+  data.tar.gz: dddc399868eab9071a5c3db492680ca0896d49f66ce0a44937a2ddc0ae4ec63ee8034fa8d6cebcf05dd0c74e3fc53946175dc14d864614c4d46478168e2c708c

data/CHANGELOG.md

@@ -1,3 +1,50 @@
+## 2.0.0 (September 7, 2017)
+
+IMPROVEMENTS:
+
+  - commands/login: Add support for two-factor authentication [GH-8935]
+  - commands/ssh-config: Properly display windows path if invoked from msys2 or
+      cygwin [GH-8915]
+  - guests/alt: Add support for ALT Linux [GH-8746]
+  - guests/kali: Fix file permissions on guest plugin ruby files [GH-8950]
+  - hosts/linux: Provide common systemd detection for services interaction, fix NFS
+      host interactions [GH-8938]
+  - providers/salt: Remove duplicate stdout, stderr output from salt [GH-8767]
+  - providers/salt: Introduce salt_call_args and salt_args option for salt provisioner
+      [GH-8927]
+  - providers/virtualbox: Improving resilience of some VirtualBox commands [GH-8951]
+  - provisioners/ansible(both): Add the compatibility_mode option, with auto-detection
+      enabled by default [GH-8913, GH-6570]
+  - provisioners/ansible: Add the version option to the host-based provisioner
+      [GH-8913, GH-8914]
+  - provisioners/ansible(both): Add the become and become_user options with deprecation
+      of sudo and sudo_user options [GH-8913, GH-6570]
+  - provisioners/ansible: Add the ask_become_pass option with deprecation of the
+      ask_sudo_pass option [GH-8913, GH-6570]
+
+BUG FIXES:
+
+  - guests/shell_expand_guest_path : Properly expand guest paths that include relative
+      path alias [GH-8918]
+  - hosts/linux: Remove duplicate export folders before writing /etc/exports [GH-8945]
+  - provisioners/ansible(both): Add single quotes to the inventory host variables, only
+      when necessary [GH-8597]
+  - provisioners/ansible(both): Add the "all:vars" section to the inventory when defined
+      in `groups` option [GH-7730]
+  - provisioners/ansible_local: Extra variables are no longer truncated when a dollar ($)
+      character is present [GH-7735]
+  - provisioners/file: Align file provisioner functionality on all platforms [GH-8939]
+  - util/ssh: Properly quote key path for IdentityFile option to allow for spaces [GH-8924]
+
+BREAKING CHANGES:
+
+  - Both Ansible provisioners are now capable of automatically setting the compatibility_mode that
+      best fits with the Ansible version in use. You may encounter some compatibility issues when
+      upgrading. If you were using Ansible 2.x and referring to the _ssh-prefixed variables present
+      in the generated inventory (e.g. `ansible_ssh_host`). In this case, you can fix your Vagrant
+      setup by setting compatibility_mode = "1.8", or by migrating to the new variable names (e.g.
+      ansible_host).
+
 ## 1.9.8 (August 23, 2017)
 
 IMPROVEMENTS:

data/Gemfile.lock

@@ -11,7 +11,7 @@ GIT
 PATH
   remote: .
   specs:
-    vagrant-unbundled (1.9.8.1)
+    vagrant-unbundled (2.0.0.1)
       childprocess (~> 0.6.0)
       erubis (~> 2.7.0)
       hashicorp-checkpoint (~> 0.1.1)

data/lib/vagrant/errors.rb

@@ -468,6 +468,10 @@ module Vagrant
       error_key(:nfs_bad_exports)
     end
 
+    class NFSDupePerms < VagrantError
+      error_key(:nfs_dupe_permissions)
+    end
+
     class NFSExportsFailed < VagrantError
       error_key(:nfs_exports_failed)
     end

data/lib/vagrant/util/guest_inspection.rb

@@ -8,7 +8,7 @@ module Vagrant
 
         ## systemd helpers
 
-        # systemd is in used
+        # systemd is in use
         #
         # @return [Boolean]
         def systemd?(comm)

data/lib/vagrant/util/platform.rb

@@ -4,6 +4,7 @@ require "tmpdir"
 
 require "vagrant/util/subprocess"
 require "vagrant/util/powershell"
+require "vagrant/util/which"
 
 module Vagrant
   module Util
@@ -19,6 +20,15 @@ module Vagrant
           @_cygwin
         end
 
+        def msys?
+          if !defined?(@_msys)
+            @_msys = ENV["VAGRANT_DETECTED_OS"].to_s.downcase.include?("msys") ||
+              platform.include?("msys") ||
+              ENV["OSTYPE"].to_s.downcase.include?("msys")
+          end
+          @_msys
+        end
+
         def wsl?
           if !defined?(@_wsl)
             @_wsl = false
@@ -93,25 +103,36 @@ module Vagrant
         # @param [String] path
         # @return [String]
         def cygwin_path(path)
-          if cygwin?
-            begin
-              # First try the real cygpath
-              process = Subprocess.execute("cygpath", "-u", "-a", path.to_s)
-              return process.stdout.chomp
-            rescue Errors::CommandUnavailableWindows
-            end
+          begin
+            # We have to revert to the old env
+            # path here, otherwise it looks like
+            # msys2 ends up using the wrong cygpath
+            # binary and ends up with a `/cygdrive`
+            # when it doesn't exist in msys2
+            original_path_env = ENV['PATH']
+            ENV['PATH'] = ENV['VAGRANT_OLD_ENV_PATH']
+            cygpath = Vagrant::Util::Which.which("cygpath")
+            cygpath.gsub!("/", '\\')
+            process = Subprocess.execute(
+              cygpath, "-u", "-a", path.to_s)
+            return process.stdout.chomp
+          rescue Errors::CommandUnavailableWindows => e
+            # Sometimes cygpath isn't available (msys). Instead, do what we
+            # can with bash tricks.
+            process = Subprocess.execute(
+              "bash",
+              "--noprofile",
+              "--norc",
+              "-c", "cd #{Shellwords.escape(path)} && pwd")
+            return process.stdout.chomp
+          ensure
+            ENV['PATH'] = original_path_env
           end
-
-          # Sometimes cygpath isn't available (msys). Instead, do what we
-          # can with bash tricks.
-          process = Subprocess.execute(
-            "bash",
-            "--noprofile",
-            "--norc",
-            "-c", "cd #{Shellwords.escape(path)} && pwd")
-          return process.stdout.chomp
         end
 
+        # Identical to cygwin_path for now
+        alias_method :msys_path, :cygwin_path
+
         # This takes any path and converts it to a full-length Windows
         # path on Windows machines in Cygwin.
         #
@@ -264,6 +285,23 @@ module Vagrant
           end
         end
 
+        # Takes a windows path and formats it to the
+        # 'unix' style (i.e. `/cygdrive/c` or `/c/`)
+        #
+        # @param [Pathname, String] path Path to convert
+        # @param [Hash] hash of arguments
+        # @return [String]
+        def format_windows_path(path, *args)
+          path = cygwin_path(path) if cygwin?
+          path = msys_path(path) if msys?
+          path = wsl_to_windows_path(path) if wsl?
+          if windows? || wsl?
+            path = windows_unc_path(path) if !args.include?(:disable_unc)
+          end
+
+          path
+        end
+
         # Automatically convert a given path to a Windows path. Will only
         # be applied if running on a Windows host. If running on Windows
         # host within the WSL, the actual Windows path will be returned.
@@ -410,6 +448,19 @@ module Vagrant
           end
         end
 
+        # systemd is in use
+        def systemd?
+          if !defined?(@_systemd)
+            if !windows?
+              result = Vagrant::Util::Subprocess.execute("ps", "-o", "comm=", "1")
+              @_systemd = result.stdout.chomp == "systemd"
+            else
+              @_systemd = false
+            end
+          end
+          @_systemd
+        end
+
         # @private
         # Reset the cached values for platform. This is not considered a public
         # API and should only be used for testing.

data/lib/vagrant/util/ssh.rb

@@ -139,7 +139,8 @@ module Vagrant
             # Use '-o' instead of '-i' because '-i' does not call
             # percent_expand in misc.c, but '-o' does. when passing the path,
             # replace '%' in the path with '%%' to escape the '%'
-            command_options += ["-o", "IdentityFile=%s" % [path.to_s.gsub('%', '%%')]]
+            path = path.to_s.gsub('%', '%%')
+            command_options += ["-o", "IdentityFile=\"#{path}\""]
           end
         end
 

data/plugins/commands/login/client.rb

@@ -5,8 +5,15 @@ require "vagrant/util/presence"
 module VagrantPlugins
   module LoginCommand
     class Client
+      APP = "app".freeze
+
       include Vagrant::Util::Presence
 
+      attr_accessor :username_or_email
+      attr_accessor :password
+      attr_reader :two_factor_default_delivery_method
+      attr_reader :two_factor_delivery_methods
+
       # Initializes a login client with the given Vagrant::Environment.
       #
       # @param [Vagrant::Environment] env
@@ -35,29 +42,67 @@ module VagrantPlugins
           RestClient.get(url, content_type: :json)
           true
         end
+      rescue Errors::Unauthorized
+        false
       end
 
       # Login logs a user in and returns the token for that user. The token
       # is _not_ stored unless {#store_token} is called.
       #
-      # @param [String] username_or_email
-      # @param [String] password
       # @param [String] description
+      # @param [String] code
       # @return [String] token The access token, or nil if auth failed.
-      def login(username_or_email, password, description: nil)
+      def login(description: nil, code: nil)
         @logger.info("Logging in '#{username_or_email}'")
 
-        with_error_handling do
-          url = "#{Vagrant.server_url}/api/v1/authenticate"
-          request = {
+        response = post(
+          "/api/v1/authenticate", {
             user: {
               login: username_or_email,
               password: password
             },
             token: {
               description: description
+            },
+            two_factor: {
+              code: code
+            }
+          }
+        )
+
+        response["token"]
+      end
+
+      # Requests a 2FA code
+      # @param [String] delivery_method
+      def request_code(delivery_method)
+        @env.ui.warn("Requesting 2FA code via #{delivery_method.upcase}...")
+
+        response = post(
+          "/api/v1/two-factor/request-code", {
+            user: {
+              login: username_or_email,
+              password: password
+            },
+            two_factor: {
+              delivery_method: delivery_method.downcase
             }
           }
+        )
+
+        two_factor = response['two_factor']
+        obfuscated_destination = two_factor['obfuscated_destination']
+
+        @env.ui.success("2FA code sent to #{obfuscated_destination}.")
+      end
+
+      # Issues a post to a Vagrant Cloud path with the given payload.
+      # @param [String] path
+      # @param [Hash] payload
+      # @return [Hash] response data
+      def post(path, payload)
+        with_error_handling do
+          url = File.join(Vagrant.server_url, path)
 
           proxy   = nil
           proxy ||= ENV["HTTPS_PROXY"] || ENV["https_proxy"]
@@ -67,7 +112,7 @@ module VagrantPlugins
           response = RestClient::Request.execute(
             method: :post,
             url: url,
-            payload: JSON.dump(request),
+            payload: JSON.dump(payload),
             proxy: proxy,
             headers: {
               accept: :json,
@@ -76,8 +121,7 @@ module VagrantPlugins
             },
           )
 
-          data = JSON.load(response.to_s)
-          data["token"]
+          JSON.load(response.to_s)
         end
       end
 
@@ -138,14 +182,33 @@ EOH
         yield
       rescue RestClient::Unauthorized
         @logger.debug("Unauthorized!")
-        false
+        raise Errors::Unauthorized
+      rescue RestClient::BadRequest => e
+        @logger.debug("Bad request:")
+        @logger.debug(e.message)
+        @logger.debug(e.backtrace.join("\n"))
+        parsed_response = JSON.parse(e.response)
+        errors = parsed_response["errors"].join("\n")
+        raise Errors::ServerError, errors: errors
       rescue RestClient::NotAcceptable => e
         @logger.debug("Got unacceptable response:")
         @logger.debug(e.message)
         @logger.debug(e.backtrace.join("\n"))
 
+        parsed_response = JSON.parse(e.response)
+
+        if two_factor = parsed_response['two_factor']
+          store_two_factor_information two_factor
+
+          if two_factor_default_delivery_method != APP
+            request_code two_factor_default_delivery_method
+          end
+
+          raise Errors::TwoFactorRequired
+        end
+
         begin
-          errors = JSON.parse(e.response)["errors"].join("\n")
+          errors = parsed_response["errors"].join("\n")
           raise Errors::ServerError, errors: errors
         rescue JSON::ParserError; end
 
@@ -158,6 +221,33 @@ EOH
       def token_path
         @env.data_dir.join("vagrant_login_token")
       end
+
+      def store_two_factor_information(two_factor)
+        @two_factor_default_delivery_method =
+          two_factor['default_delivery_method']
+
+        @two_factor_delivery_methods =
+          two_factor['delivery_methods']
+
+        @env.ui.warn "2FA is enabled for your account."
+        if two_factor_default_delivery_method == APP
+          @env.ui.info "Enter the code from your authenticator."
+        else
+          @env.ui.info "Default method is " \
+            "'#{two_factor_default_delivery_method}'."
+        end
+
+        other_delivery_methods =
+          two_factor_delivery_methods - [APP]
+
+        if other_delivery_methods.any?
+          other_delivery_methods_sentence = other_delivery_methods
+            .map { |word| "'#{word}'" }
+            .join(' or ')
+          @env.ui.info "You can also type #{other_delivery_methods_sentence} " \
+            "to request a new code."
+        end
+      end
     end
   end
 end

data/plugins/commands/login/command.rb

@@ -17,6 +17,10 @@ module VagrantPlugins
             options[:check] = c
           end
 
+          o.on("-d", "--description DESCRIPTION", String, "Description for the Vagrant Cloud token") do |t|
+            options[:description] = t
+          end
+
           o.on("-k", "--logout", "Logs you out if you're logged in") do |k|
             options[:logout] = k
           end
@@ -24,6 +28,10 @@ module VagrantPlugins
           o.on("-t", "--token TOKEN", String, "Set the Vagrant Cloud token") do |t|
             options[:token] = t
           end
+
+          o.on("-u", "--username USERNAME_OR_EMAIL", String, "Specify your Vagrant Cloud username or email address") do |t|
+            options[:login] = t
+          end
         end
 
         # Parse the options
@@ -31,6 +39,7 @@ module VagrantPlugins
         return if !argv
 
         @client = Client.new(@env)
+        @client.username_or_email = options[:login]
 
         # Determine what task we're actually taking based on flags
         if options[:check]
@@ -50,28 +59,44 @@ module VagrantPlugins
         end
 
         # Ask for the username
-        login       = nil
-        password    = nil
-        description = nil
-        while !login
-          login = @env.ui.ask("Vagrant Cloud Username: ")
+        if @client.username_or_email
+          @env.ui.output("Vagrant Cloud username or email: #{@client.username_or_email}")
+        end
+        until @client.username_or_email
+          @client.username_or_email = @env.ui.ask("Vagrant Cloud username or email: ")
         end
 
-        while !password
-          password = @env.ui.ask("Password (will be hidden): ", echo: false)
+        until @client.password
+          @client.password = @env.ui.ask("Password (will be hidden): ", echo: false)
         end
 
-        description_default = "Vagrant login from #{Socket.gethostname}"
-        while !description
-          description =
-            @env.ui.ask("Token description (Defaults to #{description_default.inspect}): ")
+        description = options[:description]
+        if description
+          @env.ui.output("Token description: #{description}")
+        else
+          description_default = "Vagrant login from #{Socket.gethostname}"
+          until description
+            description =
+              @env.ui.ask("Token description (Defaults to #{description_default.inspect}): ")
+          end
+          description = description_default if description.empty?
         end
-        description = description_default if description.empty?
 
-        token = @client.login(login, password, description: description)
-        if !token
-          @env.ui.error(I18n.t("login_command.invalid_login"))
-          return 1
+        code = nil
+
+        begin
+          token = @client.login(description: description, code: code)
+        rescue Errors::TwoFactorRequired
+          until code
+            code = @env.ui.ask("2FA code: ")
+
+            if @client.two_factor_delivery_methods.include?(code.downcase)
+              delivery_method, code = code, nil
+              @client.request_code delivery_method
+            end
+          end
+
+          retry
         end
 
         @client.store_token(token)