| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
- All previous File.unlink calls go through the new FileSystem::File
abstraction so that the implementation can later be swapped for a
Windows specific one to support symlinks
|
|
- All previous File and FileTest calls to exist? or exists? go through
the new FileSystem::File abstraction so that the implementation can
later be swapped for a Windows specific one to support symlinks
|
|
- All calls to File class stat / lstat go through the new
FileSystem::File abstraction so that the implementation can later
be swapped for a Windows specific one to support symlinks
|
|
- The usage of Dir.getwd in tests has been simplified to
File.expand_path to properly handle mixed case CWD
- util_spec.rb ensures 'FOO' Env var cleared before test starts
- Windows SID checks should be performed as a regex match to
properly handle all accounts starting with S-1-5-*, which denotes
accounts with an identifier authority of SECURITY_NT_AUTHORITY
instead of hardcoding S-1-5-32-544, the Administrators group
|
|
In order to fix #20607 (where incorrect 'settings specified' file
permissions were crashing P::U#replace_file), this patch enhance
P::U#replace_file default_mode behavior.
Now P::U#replace_file supports symbolic file mode, along with
octal numerical string, and pure octal integers. It also now fails
if the given mode is incorrect.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
|
In ruby 1.8, calling File.expand_path('~') when HOME is undefined
would raise ArgumentError on both Unix and Windows.
The same test in ruby 1.9 does not raise on Windows, because ruby
also looks at HOMEDRIVE and USERPROFILE. Only if all three are
undefined does ruby raise ArgumentError as expected.
This commit ensures all 3 environment variables are undefined in util_spec. It
also only tests the platform specific RunMode functionality on the appropriate
platforms, and adds tests that were missing on the Windows side.
|
|
Without JUnit style output we don't have a good way of seeing test
failures within jenkins. This adds a new rake task ci:spec that will
run with junit output, descriptive output and spec order logging.
It turns out that some of the tests would call safe_posix_fork which
ended up closing all open file handles. This ended up also closing the
file handle that rspec would hold open for the junit output formatter.
Those tests have been modified to ensure that the file descripters are
not actually closed.
|
|
We should not fiddle with the global seed, as other people
might still depend on Kernel.rand() not being that deterministic
as it is the idea with the fqdn_rand function.
However, as ruby < 1.9.2 does not provide such a nice solution, as
a dedicated Random class we simply call Kernel.srand() again on ruby
< 1.9.2 -> Reinitialize with a less deterministic seed.
|
|
Previously, Puppet::Util.execute(command) had different semantics than
Puppet::Util::Executor.execute(command) due to the `arguments` parameter
defaulting to an empty hash.
As a result, the former defaulted failonfail and combine to false,
whereas the latter defaulted them to true.
This commit changes the Puppet::Util.execute method to pass its
arguments directly through. The only difference between the two is that
the former issues a deprecation warning.
|
|
The changed implementation of `pretty_backtrace` was indeed prettier, but it
also lost information: the function context was dropped from the trace.
Since this is a debugging tool, and knowing the method tree is quite valuable
to understanding a problem, this restores it - and any extra context that Ruby
later decided it should add to the picture.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
The whole `symbolize` API was confusing and complex: because it didn't do any
type enforcement, just passed through arbitrary data, we had very unclear API
in a whole pile of places.
This replaces that method entirely with a more rigid definition: we intern in
a bunch of places, add the occasional clear failure mode, and then delete the
original definition.
This eliminates one point of complexity from the codebase.
(These other uses have no notable performance penalty, just code complexity
and clarity issues.)
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
* 2.7.x:
Revert "Fix incorrect argument handling for expire in NodeExpirer"
Fix #14123 for Windows
Fix incorrect argument handling for expire in NodeExpirer
Fix filebucket specs on Windows
(#8778) Make '' == undef commutative in the DSL
(#14173) Enforce that filebucket paths must be absolute
(#14127) Add integration tests for ssh_authorized_key
maint: refactor integration specs for ssh_authorized_key
(#14127) ssh_authorized_keys grammer fails on blank lines.
(#14123) Puppet shouldn't explode if PATH contains ~nonexistent_user
Conflicts:
lib/puppet/provider/ssh_authorized_key/parsed.rb
lib/puppet/util.rb
|
|
Windows raised a different exception when a home directory doesn't exist, so
we catch that too.
|
|
As reported in http://bugs.debian.org/669650, when the PATH contained an
expansion for a user that doesn't exist, Puppet handled it the same way Ruby
does - to raise an exception, and explode.
Leaving aside the sanity of literal tilde in the PATH, we shouldn't explode in
that case - we should just skip that entry and carry on to the next element in
the path instead.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
The changes to enable Windows support in `replace_file` were not actually
complete, and it didn't work when the file didn't exist - because of
limitations of the emulation done on our side, rather than anything else.
Windows has a bunch of quirks, and Ruby doesn't actually abstract over the
underlying platform a great deal. We can use the Windows API ReplaceFile, and
MoveFileEx, to achieve the desired behaviour though.
This adds even more conditional code inside the `replace_file` method to
handle multiple platforms - but it really isn't very clean. Better to get
this working now, then refactor, though.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
* 2.7.x:
(maint) Remove unnecessary step from puppet module build help
(#13659) Convert fact values to string when searching database
(#13649) Restrict module name matching
(#13643) Make the use of FileUtils.rm_rf secure
(#13642) Move search notice message
(#13639) Don't send errors directly to stderr
(#13638) Add SemVer#pre function
(#3581) Stop forking around: Add fork helper method
(#13397) fix gem provider ensure=>latest bug
(#12101) Make Puppet::Util::absolute_path? usable in autoloader
(#12101) Add shared context for specs to imitate windows or posix
Conflicts:
lib/puppet/util.rb
spec/unit/util_spec.rb
|
|
Ticket/2.7.x/12101 reapply autoload
|
|
kelseyhightower/kelseyhightower/ticket/2.7.x/3581_fork_that
(#3581) Stop forking around: Add fork helper method
|
|
* 2.7.x:
(#9167) Do not send email when nothing changes
[#13686] Fix directoryservices ShadowHashData code
Fixup tests to work on CentOS 5
fix bug in Util#symbolizehash!
(#13567) Fix create_resources name parameter bug
(#13636) Update Module Face copyright date
(#13737) Swap build_tree and format_tree method names
(#9167) Do not send email when nothing changes
Add Module Tool
Make core changes needed for the puppet module tool
(#13367) Patch SemVer to permit ranges including pre-release components.
Monkey patch FileUtils.mv in Ruby 1.8.5
(#1076) Show warning if an empty group is specified
Maint: Remove unused mock objects in user spec
Maint: Use real objects in user spec
Maint: Add a real provider class to user spec
Maint: Remove unused variable in user spec
Conflicts:
lib/puppet/util/monkey_patches.rb
spec/unit/type/resources_spec.rb
spec/unit/type/user_spec.rb
|
|
The method Puppet::Util.symbolizehash! was modifying a hash
during iteration; this is (sanely, thankfully) not legal
in ruby 1.9. This has been broken in our code for quite
some time, but we hadn't noticed because nothing was calling
this method. A recent commit introduced code that calls it,
highlighting the bug, which is fixed by this commit.
|
|
Without this patch we are forking all over the place. All this forking
around is problematic when it comes to things like ActiveRecord and
database connections. It turns out that forking has a nasty side effect
of aggressively closing database connections and spewing errors all over
the place.
This patch introduces a new `Puppet::Util#safe_posix_fork` method that
does forking the right way (closing file descriptors, and resetting
stdin, stdout, and stderr). Tagmail, Puppet kick, and
`Puppet::Util#execute_posix` have been updated to make use of this new
functionality.
In the future, `Puppet::Util#safe_posix_fork` should be used in-place of
direct calls to `Kernel#fork`.
This patch includes related spec tests.
|
|
This reverts commit 4272d1f7674911c15da3ff6516d5827646a6bda6.
To quote:
Our current approach of setting owner/mode in the Puppet way risks
losing any extra permissions beyond owner/group/everyone, which is
significant enough that it is better to simply not support this
operation until we have a better solution. replace_file isn't used in
any code which actually runs on Windows at the moment, so this is
a benign change.
...except that it isn't so benign as all that: various other parts of the code
open-code the same method, poorly, and with various different bugs. They will
all, without question, lose permissions in exactly the same way on Windows.
At least by routing them through a central path we can start to unify their
behaviour and get to a place where fixing one point in the code fixes all the
faulty permission transfers that we previously had.
We win an overall net reduction in bug count, and an increase in
predictability of bugs, from this change.
|
|
Add "windows" and "posix" shared contexts to rspec. If you give :as_platform
=> :posix or :as_platform => :windows as argument to a describe block, it will
automatically stub the relevant facts and path behavior to imitate windows or
posix.
|
|
* 2.7.x: (63 commits)
Maint: Fix bad copy and paste
(#12725) Fix puppet agent --listen on Windows
(#11740) Wait on the handle from the PROCESS_INFORMATION structure
(#12564) Stub CHILDSTATUS in all test cases, not just failure cases.
Updating CHANGELOG and lib/puppet.rb for 2.7.11
(#12412) Mark symbolic file modes test as pending on Windows
Symbolic file mode test fixes when no mode change happens.
Fix spec ordering failure on environment
Updating CHANGELOG and lib/puppet.rb for 2.7.11
Disable specs that use replace_file on Windows
Disable replace_file on Windows
Remove unnecessary fallbacks in change_{user,group}
Document uid/gid-related methods in Puppet::Util
Copy owner/group in replace_file
(#12463) eliminate `secure_open` in favour of `replace_file`
(#12460) use `replace_file` for the .k5login file
(#12462) user_role_add: use `replace_file` for /etc/shadow
(#12463) add secure `replace_file` to Puppet::Util
(#12459) drop supplementary groups when permanently dropping UID
(#12458) default to users primary group, not root, in `asuser`
...
Conflicts:
lib/puppet/application/queue.rb
lib/puppet/provider/package/openbsd.rb
lib/puppet/util.rb
spec/unit/network/http/webrick_spec.rb
spec/unit/util_spec.rb
test/lib/puppettest/servertest.rb
|
|
|
|
(#11740) Wait on the handle from the PROCESS_INFORMATION structure
|
|
Previously, the `Puppet::Util.execute` method was using `waitpid2` to
wait for the child process to exit and retrieve its exit status. On
Windows, this method (as implemented by the win32-process gem) opens a
handle to the process with the given pid, and then calls
`WaitForSingleObject` and `GetExitCodeProcess` on the process
handle. However, the pid-to-handle lookup will raise an exception if
the child process has exited. As a result there was a race condition
whereby puppet could sometimes fail to retrieve the exit status of
child processes.
The normal way of getting the exit code for a child process on Windows
is to use the child process handle contained in the
`PROCESS_INFORMATION` structure returned by `CreateProcess`. This
works regardless of whether the child process is currently executing
or not.
This commit reworks the `Puppet::Util.execute_windows` method to wait
on the child process handle contained in the process information
structure. This requires that we pass the `:close_handles => false`
option to the win32-process gem so that it doesn't close the handles.
This commit also re-enables tests that were previously being skipped
due to this bug.
|
|
On my machine, $CHILDSTATUS is always "success", so I didn't notice the
failure to stub out the first couple of tests correctly. Now, with them
stubbed, it is no longer possible that a previous test can leave global state
dangling that will break their assumptions.
Signed-off-by: Daniel Pittman <daniel@rimspace.net>
|
|
Our current approach of setting owner/mode in the Puppet way risks
losing any extra permissions beyond owner/group/everyone, which is
significant enough that it is better to simply not support this
operation until we have a better solution. replace_file isn't used in
any code which actually runs on Windows at the moment, so this is
a benign change.
|
|
There is some complex logic around replacing an existing file safely, and it
used to be scattered all over the tree - making the whole system much harder
to use nicely and pleasantly.
It is much better that we provide a central, and easy to use, method for
achieving that specific and common goal in a consistent, secure, and easy to
audit fashion.
Based on code submitted by me on 2010-04-08.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
Previously the `execpipe` method would create a command from an array by
pasting the content together as strings. This was all well and good, but it
required the caller to add whitespace manually when invoking the command.
Instead, we can paste together with a space character - leading to a better
external experience, and less repetitious code.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
This should fix the failures in exec_spec.rb and util_spec.rb. Has
been tested on Win2k3.
|
|
In certain circumstances (user's HOME environment variable is not set, or has
been unset during ruby execution, plus PATH contains a literal ~ character), Util::w
hich would raise an ArgumentError. Handle this error by logging a warning (one time only) and ignoring this element of the PATH.
|
|
There are still deprecated stubs for execpipe, execfail, and execute in Puppet::Util for backwards compatibility. rspecs are all passing, but would still like to go through and check for deprecation warnings that were triggered by this changeset (and fix them, obviously).
get spec tests running against Puppet::Util -> Util::Execution refactor
|
|
|
|
cprice-puppet/bug/master/5224-user-env-vars-during-Exec
(#5224) Unset USER-related env vars during execs
|
|
Conflicts:
spec/unit/daemon_spec.rb
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
|
This bug report was related to the fact that you may end up with very different values for environment variables such as "HOME", "USER", "LOGNAME" depending on how you start puppet (at boot time, via "service", via /etc/init.d, etc.). These variations can have an effect on the behavior of programs / services that are launched by puppet, particularly those that are triggered via Exec resources. Change the behavior such that these environment variables are simply unset by puppet prior to executing commands.
|
|
Previously, the daemon and execute_posix spec tests were failing on
Windows, but this functionality is not supported on Windows, and so
the tests are skipped on Windows.
|
|
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
(#11860) Minor cleanup as per pull request comments
|
|
Puppet::Util.execute_posix contained some code that would override some locale-related environment variables in order to force the command being executed to produce well-known, consistent, predictably formatted output so that it could be parsed. However, there are some cases (such as a user-defined "exec" block) where we need to respect the system/user locale settings. Add a boolean parameter to the Puppet::Util.execute method that allows toggling this locale override behavior.
The "exec" provider now passes "false" for this value, meaning that we no longer override the locale for user-defined "exec" resources. Users may choose to override the locale themselves by specifying the appropriate locale-related vars in the "environment" section of their resource.
All of this is ignored on windows at the moment, but the parameter is passed in to "execute", which is responsible for calling "execute_windows" on windows systems. We could decide to do something with this parameter on windows at some point in the future.
|
|
This reverts commit edc544d73bc8f9f7de07de4b30e344d1f4db3178.
This doesn't work with rspec < 2.6.0 and it's breaking continuous integration.
|
|
Add "windows" and "posix" shared contexts to rspec. If you give :as_platform
=> :posix or :as_platform => :windows as argument to a describe block, it will
automatically stub the relevant facts and path behavior to imitate windows or
posix.
|
|
Previously, I had created a utility method `Puppet::Util.binread`,
since `IO.binread` was added in ruby 1.9. This commit monkey patches
the method, if it's not defined, to make the transition to ruby 1.9
seamless. And while I was at it, I add the corresponding `IO.binwrite`
method.
The motivation for these methods is that, in general, we should always
be using binary mode when performing file I/O. However, text mode is
the default on Windows, and using text mode can corrupt binary data,
e.g. executables. So use binary mode, unless you know what text mode
is and why you need to use it.
Conflicts:
spec/unit/file_serving/content_spec.rb
|
|
The method IO#binread is not available prior to ruby 1.9, so this
commit adds a method Puppet::Util.binread that does just that.
|
|
'josh/ticket/2.7.x/9636-onlyif-unless-windows-exec' into 2.7.x
* josh/ticket/2.7.x/9636-onlyif-unless-windows-exec:
Maint: Remove duplicate path extension code
(#9636) Always set $CHILD_STATUS when executing on Windows
(#9636) Fix PATHEXT resolution for paths other than system32
|
|
Previously, Puppet::Util.which could only resolve executables that
were located in the first PATH directory entry, typically
c:\windows\system32.
This was introduced in 0258096c4 due to the inner loop overwriting the
'bin' variable that was used in the outer loop. And it wasn't noticed
during testing, because I was always using executables from
c:\windows\system32, e.g. cmd.exe.
This commit changes that the inner loop to use a different variable so
as to not clobber the 'bin' variable. It also updates the spec test.
|
|
Originally we were relying on the behavior that Array.new would call
#to_a on its argument, which is a no-op if the object is already an
array. When #to_a is called on a string, it does not always return
[original_string]. Because string.to_a is effectively equivalent to
string.each_line.to_a (at least in Ruby 1.8.7) we were breaking
commands with embedded newlines.
Manually wrapping the passed in command in an array, and calling
#flatten is much safer since it will not "helpfully" split up the
command string for us.
|
|
Previously, 'puppet resource package' fails on Windows when attempting
to invoke the 'gem' executable, because on Windows, 'gem' is a ruby
script which must be executed by calling the batch wrapper, 'gem.bat'.
This commit modifies Puppet::Util.which such that if a non-absolute
path is given, then for each directory in PATH, and each extension in
PATHEXT, it returns the first file that exists and is executable. If
the PATHEXT environment variable is not defined, then it defaults to
the same values that cmd.exe uses and are known to work across all
Windows versions.
|
