| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
File checksum is "md5" by default. When managing local files (not sourced
or content) it might be desirable to not checksum files, especially
when managing deep hierarchies containing many files.
This patch allows to write such manifests:
file {
"/path/to/deep/hierarchy":
owner => brice, recurse => true, checksum => none
}
Then puppet(d) won't checksum those files, just manage their ownership.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
| |
Some tests didn't define this setting which caused this method
to fail.
Signed-off-by: Luke Kanies <luke@reductivelabs.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/agent.rb
lib/puppet/application/puppet.rb
lib/puppet/configurer.rb
man/man5/puppet.conf.5
spec/integration/defaults.rb
spec/unit/configurer.rb
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Actually, File::PATH_SEPARATOR, which is generally, but not always, ":").
Since libdir is also the default for the plugin handler, users will need to
specify it explicitly if a multipart libdir is given (and it will need to be
one of the segments given in the libdir for the plugins to be found).
|
| | |
| |
| |
| |
| |
| | |
In some circumstances ruby's arbitrary limit on process groups is too
low (32). This patch raises the limit in the recommended manner, to
a value which should suffice in all practical cases (1024).
|
| | |
| |
| |
| |
| |
| |
| | |
In my patch for #3088 I made a erroneous assumption about the ruby exception
hierarchy and thus missed the fact that Timeout::error descends from both
SignalError and Interrupt. This is a partial reversion of the patch for #3088
to let these through so that more useful error messages can be produced.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changing rescues from the default to Exception (to catch errors that don't
descend from StandardError) had the unintended consequence of catching (and
suppressing) SystemExit.
This patch restores the behavior of by reraising the exception.
Of the other exceptions that fall through the same crack (NoMemoryError,
SignalException, LoadError, Interrupt, NotImplementedError, and ScriptError)
this patch also reraises NoMemoryError, SignalException, and Interrupt in the
same way and leaves the rest captured.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Selinux modules files also ends in ".pp".
Puppetdoc tries to parse them as if they are regular puppet files and
then fails.
This patch makes sure puppetdoc tells RDoc to exclude parsing .pp
files in the modules files section.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When the definition/hostclass/node AST types were removed, the
parentclass method was renamed to 'parent'.
This patch fixes the incorrect rdoc usage (and some deeper
integration test so that it won't happen again).
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |\|
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/ssl/host.rb
spec/spec_helper.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We create temporary files in /tmp/ with predictable names. These
could be used by an attacker to DoS a box by setting a symlink to
some other file (say, /etc/shadow) and waiting for us to overwrite
it.
The minimalistic solution employed by this patch is to wrap all such
file writing with a paranoid wrapper that:
1) Check to see if the target exists
2) Issues a warning if it was a symlink
3) Deletes it
4) Waits (0.1 seconds if it was a file, 5 seconds if it was a symlink)
5) Opens the file with EXCL, which will fail if the file has come back.
If this succeeds (as it normally will) it has exactly the same semantics
as the original code (a must, as we are right at a release boundary).
However, under no circumstances will it follow a preexisting symlink (the
operating system guarantees this with EXCL) so the danger of an exploit
has been converted into the possibility of a failure, with an appropriate
warning.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't actually rely on iconv's UTF-8 support, so its absence
shouldn't cause the PSON feature to fail on system (e.g. HPUX)
where it isn't fully implemented.
This change exposed a dependency on library load order that was causing
Puppet::Util::Log to raise an error. I've removed the dependency of
Puppet::Type from Puppet::Util::Log.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This appears to be regression introduced by threading changes. The fix was
to rearrange things to keep the old behaviour (don't clear the settings
until you know the config file parses) and the new (don't nest calls to
synchronize) by:
1. Splitting clear into two parts--clear, which works as before, and
unsafe_clear which it calls and which expects synchronization to be
handled externally.
2. Rearranging the code to recover the previous calling order
3. Trapping syntax errors and turning them into logged messages and a
no-op effect.
4. Fixing reparse to not wrap a call to this code with a synchronize.
5. Tests.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the SELinux library marginally more robust by dealing
consistently with a missing proc/mounts, and also resoves the test
failures in a way that allows meaningful test runs on non-SELinux
systems.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| | |
This is Matthias Saou's patch from the ticket; it adjusts the regular
expression to permit capital letters where needed.
|
| | |
| |
| |
| |
| |
| | |
The refactoring in 8f60f0c50ee3dfb6453644f5dcded58e6e80e8bb lost the
return code--should be true in all non-exception cases--and this was
causing a false failure when the result was checked higher up.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a flag "manage_internal_file_permissions" which is enabled by
default. Disabling this flag prevents Puppet from managing the owner,
group, or mode of files created from Puppet::Util::Settings::FileSetting
I think this is a wide enough net to follow Luke's suggestion of
"disable management of everything", and it certainly satisfies the
requests I'm aware of, but if I've missed anything, let me know.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Clean up AIX crontab type:
- The return "" if output.include?(...) prevented the
raise from ever being reached.
- Ensure the temp file is deleted after feeding it
to cron.
- Prevent dumping of the new crontab to STDOUT.
Signed-off-by: Andrew Forgue <andrew.forgue@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The problem is that regex node contains '/' which is a directory
separator on unix.
Since puppetdoc writes a file for each node this was creating empty
directories and documentation for such node couldn't be stored.
This patch removes the slashes in the node names.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/agent.rb
lib/puppet/application/puppetd.rb
lib/puppet/parser/ast/leaf.rb
lib/puppet/util/rdoc/parser.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Symlinks confuse the "What file system am I on?" logic. This patch just
runs the paths through a beefed up version of the standard 'realpath'
method.
Includes some of Markus's suggested changes.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Check that a specific file supports selinux properties before trying to
set them.
This patch is functionally identical to the one Darrell Fuhriman
submitted with the bug report.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Patch thanks to Till Maas
Signed-off-by: James Turnbull <james@lovedthanlost.net>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a moderately ugly workaround for the MRI garbage collection
bug (see the ticket for details).
I explored several other potential solutions (notably, monkey
patching the routines that trigger the bug) but none of them were
satisfactory. Monkey patching sub, gsub, sub!, gsub!, etc., for
example, either changes the scoping of $~, $1, etc. in a way that
could potentially subtly change the meaning of programs or (if you
are clever) faithfully reproduces the behaviour of MRI--including
the memory leak.
I decided to go with the standardized and somewhat obnoxious never-
used optional argument as it was easy to automatically insert and
should be even easier to automatically find and remove if a better
fix is developed. It also should be obtrusive enough to escape
accidental removal in refactoring.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Puppet::Transaction was handling "tags" strings differently depending on
whether they came in from Puppet[:tags] or another source.
This was causing puppetrun's tags to be misparsed if there was not
exactly one --tag parameter.
I've moved the code to Util::Tagging.
|
| | |
| |
| |
| |
| |
| |
| | |
Monkey-patch workaround for RDoc so it doesn't get confused by rubygems
stub executables.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes parameters responsible for the canonicalization of their values and
provides a default (passthrough) implementation. It changes munge to pre-
canonicalize the value and resource references to builtin types to canonicalize
titles (which map to resorce namevars) with the corresponding parameter's
classes's canonicalization.
It adds a canonicalization routine to file paths that normalizes the behaviour
(trailing slashes are ignored) and DRYs up the related code.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix code that was passing an Array of code to a method that was
expecting a single tag.
Includes Markus's suggestions
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
class klass {
include a, b, c
}
wasn't producing any rdoc documentation.
We were thinking code was always embedded in an array which is not
the case for mono-instruction code.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch fix this bug by adding more to_s methods to ast member
so that puppetdoc can just to_s the AST to reconstruct the original
puppet code.
Of course this is not perfect, but should work most of the time.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When puppetdoc rdoc dies with an unhandled exception, the error
message produced didn't mention the file and line where the parser
choked.
This patch fixes this by trying to locate on which AST structure
the rdoc system failed.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patches fixes a bug where setting an invalid option for "--color"
caused the word "nil" to be printed on every line of the log, instead
of printing out log messages.
Invalid color options now just produce uncolored output.
It seems to me that this isn't important enough to issue a warning
about an invalid setting.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit extracts these three classes into a single
ResourceType class in the Parser heirarchy, now completely
independent of the AST heirarchy.
Most of the other changes are just changing the interface
to the new class, which is greatly simplified over the previous
classes.
This opens up the possibility of drastically simplifying a lot
of this other code, too -- in particular, replacing the reference
to the parser with a reference to the (soon to be renamed)
LoadedCode class.
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| | |
| |
| |
| | |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| | |
| |
| |
| |
| |
| |
| | |
This is so that you can still use docs without AST
being the parent class.
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Puppetdoc wasn't parsing the realize function.
This patch let puppetdoc find realize and display in RDoc html
mode the list of realized resource per class or node.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a flag "manage_internal_file_permissions" which is enabled by
default. Disabling this flag prevents Puppet from managing the owner,
group, or mode of files created from Puppet::Util::Settings::FileSetting
I think this is a wide enough net to follow Luke's suggestion of
"disable management of everything", and it certainly satisfies the
requests I'm aware of, but if I've missed anything, let me know.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Wrap Puppet::Settings.use in a block that disables noop mode during the
execution of the block and ensures that noop returns to its original
value afterwards. This allows internal puppet catalog operations like
ssl directory creation to occur even when puppet is run in --noop mode.
This should actually solve a broader class of related bugs.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch fix this bug by adding more to_s methods to ast member
so that puppetdoc can just to_s the AST to reconstruct the original
puppet code.
Of course this is not perfect, but should work most of the time.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When puppetdoc rdoc dies with an unhandled exception, the error
message produced didn't mention the file and line where the parser
choked.
This patch fixes this by trying to locate on which AST structure
the rdoc system failed.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
class klass {
include a, b, c
}
wasn't producing any rdoc documentation.
We were thinking code was always embedded in an array which is not
the case for mono-instruction code.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This doesn't cover all the code, only the part that interacts with
Puppet internals which is what matters when Puppet changes.
This patch also contains an integration test.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While we were keeping track of superclass/nodes during RDoc generation
we weren't doing the reverse.
This patch enhance Puppetdoc RDoc mode by tracking inheritance and
for each base/super class/nodes displays the list of inherited classes
/nodes.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |/
|
|
|
|
|
| |
Puppetdoc wasn't parsing 'require'. This patch adds a 'require' section
to list all required class from nodes and classes.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When code comes in via STDIN or --code ,
Puppet::Util::Settings interpolates $values in the code,
which is probably never the intended behavior.
This is the least destructive fix I could think of:
have Puppet::Parser::Interpreter ask for the uninterpolated value.
More general fixes could be to:
a) Add an escape character to Settings's interpolator, and escape STDIN
b) Add a mechanism to Settings to mark some values as uninterpolated
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bundeling and renaming the pure ruby json library to addresses a
number of cross version serliaization bugs (#2615, et al).
This patch adds a subset of the files from the json_pure gem to
lib/puppet/external/pson (renamed to avoid conflicts with rails) so
that we will always have a known-good erialization format available.
The pure ruby json gem as distibuted defers to the compiled version
if it is installed. This is problematic in some circumstances so the
files that have been brought over have been modified to always and
only use the bundled version.
It's a large patch, so here's a breakdown of the change categories:
The majority of the lines are only marginally interesting:
* The json lib itself (in lib/puppet/external/pson) make up the bulk
of the lines.
* Renaming of json to pson make up the second largest group.
Somewhat more interesting are the following, which can be located by
searching the diffs for the indicated strings:
* Adjusting tests to reflect the changes
* Changing the encoding/decoding behavior so that nested structures
(e.g. resources) don't serialize as escaped strings. This should
make it much easier to process the results with external tools, if
needed. Search for "to_pson" and "to_pson_data_hash"
* Cleaning up the envelope/metadata
* Now provides a document_type (as opposed to a ruby class name) by
using a symple registration scheme instead of constant lookup
(search for "document_type")
* Added an api_version (search for "api_version")
* Added a hash for document metadata (search for "metadata")
* Removing the yaml monkeypatch and instead disabling yaml serialization
on ruby 1.8.1 in favor of pson (search for "yaml")
* Cleaning up the json/rails feature interaction (they're now totally
independent) (search for "feature")
|
| |
|
|
| |
Yumrepo type will now chmod on all files when a change happens. If the content is not changed then no chmod will occur.
|
| |
|
|
|
|
|
|
|
|
| |
Reworks the error message to 1) make it clearer that it's an internal
error, not something the user did, 2) rearrange the sentence to make
it clearer that "setting" is being used as a noun 3) combined several
fields to increase the chance that the identifying information would
suffice to lead someone to the actual source of the error.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
