| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
This involves a bit of refactoring in the rest
of the code to make it all work, but most of the
changes are fixing or removing old tests.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit is hopefully less messy than it
first appears, but it's certainly cross-cutting.
The reason for all of this is that we previously only
looked up builtin resource types from outside the parser,
but now that the defined resource types are available globally
via environments, we can push that lookup code to Resource.
Once we do that, however, we have to have environment and
namespace information in every resource.
Here I remove the Resource::Reference classes (except
the AST class), and use Resource instances instead. I
did this because the shared code between the two classes
got incredibly complicated, such that they should have had
a hierarchical relationship disallowed by their constants.
This complexity convinced me just to get rid of References
entirely.
I also make Puppet::Parser::Resource a subclass
of Puppet::Resource.
There are still broken tests in test/, but this was a big
enough commit I wanted to get it in.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
|
|
|
|
| |
We need the ability to set the namespace and
environment at initialization so the resource
can look up qualified types.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
|
|
|
|
| |
ralsh --host works now, and is using REST.
A node running puppetd --listen will allow ralsh to find, search, and
modify live resources, via REST.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| |
|
|
|
|
|
| |
We previously passed a hash of options but now just
the environment.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
|
|
|
| |
This stops hiding some really difficult to track down
problems.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |
|
|
|
| |
This is the patch from Mike Pountney <Mike.Pountney@gmail.com> off
the list with the additional test Luke requested.
|
| |
|
|
|
|
|
|
| |
The original pure ruby yaml patch missed some edge cases; specifically, classes
that were modified by the syck version to directly call it and thus never
reached the pure ruby version. This adds monkey patches to all of those case
which we might reasonably care about (omitting, for example, calls within the
syck version to itself) and tests which show that the monkey patch works.
|
| |
|
|
|
|
|
|
| |
This patch brings in a pure ruby yaml generation library, analagous
to what we did with JSON/PSON, but without the renaming dodge we had
to do in that case to avoid fighting with Rails.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously, the Log class knew a lot about RAL objects,
but now the Logging module is the only one that does.
This greatly simplifies the Log class, which is good,
and means that whatever complexity does need to exist
is directly exposed in the Logging middleware module.
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
File checksum is "md5" by default. When managing local files (not sourced
or content) it might be desirable to not checksum files, especially
when managing deep hierarchies containing many files.
This patch allows to write such manifests:
file {
"/path/to/deep/hierarchy":
owner => brice, recurse => true, checksum => none
}
Then puppet(d) won't checksum those files, just manage their ownership.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
| |
Some tests didn't define this setting which caused this method
to fail.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/agent.rb
lib/puppet/application/puppet.rb
lib/puppet/configurer.rb
man/man5/puppet.conf.5
spec/integration/defaults.rb
spec/unit/configurer.rb
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Actually, File::PATH_SEPARATOR, which is generally, but not always, ":").
Since libdir is also the default for the plugin handler, users will need to
specify it explicitly if a multipart libdir is given (and it will need to be
one of the segments given in the libdir for the plugins to be found).
|
| | |
| |
| |
| |
| |
| | |
In some circumstances ruby's arbitrary limit on process groups is too
low (32). This patch raises the limit in the recommended manner, to
a value which should suffice in all practical cases (1024).
|
| | |
| |
| |
| |
| |
| |
| | |
In my patch for #3088 I made a erroneous assumption about the ruby exception
hierarchy and thus missed the fact that Timeout::error descends from both
SignalError and Interrupt. This is a partial reversion of the patch for #3088
to let these through so that more useful error messages can be produced.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changing rescues from the default to Exception (to catch errors that don't
descend from StandardError) had the unintended consequence of catching (and
suppressing) SystemExit.
This patch restores the behavior of by reraising the exception.
Of the other exceptions that fall through the same crack (NoMemoryError,
SignalException, LoadError, Interrupt, NotImplementedError, and ScriptError)
this patch also reraises NoMemoryError, SignalException, and Interrupt in the
same way and leaves the rest captured.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Selinux modules files also ends in ".pp".
Puppetdoc tries to parse them as if they are regular puppet files and
then fails.
This patch makes sure puppetdoc tells RDoc to exclude parsing .pp
files in the modules files section.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When the definition/hostclass/node AST types were removed, the
parentclass method was renamed to 'parent'.
This patch fixes the incorrect rdoc usage (and some deeper
integration test so that it won't happen again).
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |\|
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/ssl/host.rb
spec/spec_helper.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We create temporary files in /tmp/ with predictable names. These
could be used by an attacker to DoS a box by setting a symlink to
some other file (say, /etc/shadow) and waiting for us to overwrite
it.
The minimalistic solution employed by this patch is to wrap all such
file writing with a paranoid wrapper that:
1) Check to see if the target exists
2) Issues a warning if it was a symlink
3) Deletes it
4) Waits (0.1 seconds if it was a file, 5 seconds if it was a symlink)
5) Opens the file with EXCL, which will fail if the file has come back.
If this succeeds (as it normally will) it has exactly the same semantics
as the original code (a must, as we are right at a release boundary).
However, under no circumstances will it follow a preexisting symlink (the
operating system guarantees this with EXCL) so the danger of an exploit
has been converted into the possibility of a failure, with an appropriate
warning.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't actually rely on iconv's UTF-8 support, so its absence
shouldn't cause the PSON feature to fail on system (e.g. HPUX)
where it isn't fully implemented.
This change exposed a dependency on library load order that was causing
Puppet::Util::Log to raise an error. I've removed the dependency of
Puppet::Type from Puppet::Util::Log.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This appears to be regression introduced by threading changes. The fix was
to rearrange things to keep the old behaviour (don't clear the settings
until you know the config file parses) and the new (don't nest calls to
synchronize) by:
1. Splitting clear into two parts--clear, which works as before, and
unsafe_clear which it calls and which expects synchronization to be
handled externally.
2. Rearranging the code to recover the previous calling order
3. Trapping syntax errors and turning them into logged messages and a
no-op effect.
4. Fixing reparse to not wrap a call to this code with a synchronize.
5. Tests.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the SELinux library marginally more robust by dealing
consistently with a missing proc/mounts, and also resoves the test
failures in a way that allows meaningful test runs on non-SELinux
systems.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| | |
This is Matthias Saou's patch from the ticket; it adjusts the regular
expression to permit capital letters where needed.
|
| | |
| |
| |
| |
| |
| | |
The refactoring in 8f60f0c50ee3dfb6453644f5dcded58e6e80e8bb lost the
return code--should be true in all non-exception cases--and this was
causing a false failure when the result was checked higher up.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a flag "manage_internal_file_permissions" which is enabled by
default. Disabling this flag prevents Puppet from managing the owner,
group, or mode of files created from Puppet::Util::Settings::FileSetting
I think this is a wide enough net to follow Luke's suggestion of
"disable management of everything", and it certainly satisfies the
requests I'm aware of, but if I've missed anything, let me know.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Clean up AIX crontab type:
- The return "" if output.include?(...) prevented the
raise from ever being reached.
- Ensure the temp file is deleted after feeding it
to cron.
- Prevent dumping of the new crontab to STDOUT.
Signed-off-by: Andrew Forgue <andrew.forgue@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The problem is that regex node contains '/' which is a directory
separator on unix.
Since puppetdoc writes a file for each node this was creating empty
directories and documentation for such node couldn't be stored.
This patch removes the slashes in the node names.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/agent.rb
lib/puppet/application/puppetd.rb
lib/puppet/parser/ast/leaf.rb
lib/puppet/util/rdoc/parser.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Symlinks confuse the "What file system am I on?" logic. This patch just
runs the paths through a beefed up version of the standard 'realpath'
method.
Includes some of Markus's suggested changes.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Check that a specific file supports selinux properties before trying to
set them.
This patch is functionally identical to the one Darrell Fuhriman
submitted with the bug report.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Patch thanks to Till Maas
Signed-off-by: James Turnbull <james@lovedthanlost.net>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a moderately ugly workaround for the MRI garbage collection
bug (see the ticket for details).
I explored several other potential solutions (notably, monkey
patching the routines that trigger the bug) but none of them were
satisfactory. Monkey patching sub, gsub, sub!, gsub!, etc., for
example, either changes the scoping of $~, $1, etc. in a way that
could potentially subtly change the meaning of programs or (if you
are clever) faithfully reproduces the behaviour of MRI--including
the memory leak.
I decided to go with the standardized and somewhat obnoxious never-
used optional argument as it was easy to automatically insert and
should be even easier to automatically find and remove if a better
fix is developed. It also should be obtrusive enough to escape
accidental removal in refactoring.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Puppet::Transaction was handling "tags" strings differently depending on
whether they came in from Puppet[:tags] or another source.
This was causing puppetrun's tags to be misparsed if there was not
exactly one --tag parameter.
I've moved the code to Util::Tagging.
|
| | |
| |
| |
| |
| |
| |
| | |
Monkey-patch workaround for RDoc so it doesn't get confused by rubygems
stub executables.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes parameters responsible for the canonicalization of their values and
provides a default (passthrough) implementation. It changes munge to pre-
canonicalize the value and resource references to builtin types to canonicalize
titles (which map to resorce namevars) with the corresponding parameter's
classes's canonicalization.
It adds a canonicalization routine to file paths that normalizes the behaviour
(trailing slashes are ignored) and DRYs up the related code.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix code that was passing an Array of code to a method that was
expecting a single tag.
Includes Markus's suggestions
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
class klass {
include a, b, c
}
wasn't producing any rdoc documentation.
We were thinking code was always embedded in an array which is not
the case for mono-instruction code.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch fix this bug by adding more to_s methods to ast member
so that puppetdoc can just to_s the AST to reconstruct the original
puppet code.
Of course this is not perfect, but should work most of the time.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When puppetdoc rdoc dies with an unhandled exception, the error
message produced didn't mention the file and line where the parser
choked.
This patch fixes this by trying to locate on which AST structure
the rdoc system failed.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
