| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
There was an intermittent bug in Puppet::Parser::Resource::Reference,
during initialization, and object could sometimes have its title set
before its type is set. This prevented the title from going through
type-specific canonicalization.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
This solves some SELinux issues with programs such as mount being denied
from writing to temporary files and removes a race condition with
temporary file creation.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The first patch for #2994, to which this is an extension, exposed
the fact that checksums were not being included in the metadata
for followed links; checksums are needed for managing the contents
of files that are represented on the server as links (links => follow).
This patch adds checksums for followed links and tests to confirm that
it works as expected.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't actually rely on iconv's UTF-8 support, so its absence
shouldn't cause the PSON feature to fail on system (e.g. HPUX)
where it isn't fully implemented.
This change exposed a dependency on library load order that was causing
Puppet::Util::Log to raise an error. I've removed the dependency of
Puppet::Type from Puppet::Util::Log.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Due to problems introduced on HP-UX (See #2997)
This reverts commit 6ab2453d966d1d48e12d8a8cec34b9e460597d04.
|
| | |
| |
| |
| |
| |
| | |
We don't actually rely on iconv's UTF-8 support, so its absence
shouldn't cause the PSON feature to fail on system (e.g. HPUX)
where it isn't fully implemented.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Attempting to call a constructed method name with a nil component
(the checksum type in this case) causes an unhelpful error message
in a case where either 1) the results were not needed anyway or 2)
a more useful error message would otherwise be generated. It also
opens (at least hypothetically) then possibility that some unrelated
method (in this case "_file" would be called if it existed.
|
| | |
| |
| |
| | |
It looks like something got lost during transition to host_aliases.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The core bug here was a regression introduced by my IPv6 patch.
Wildcarded domains are stored as ["com","reductivelabs","*"] but
the code in question was assuming it was in normal order.
Added tests to prevet recurrence.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rather than just creating a new featureless resource for cases like:
ralsh host localhost.localdomain
(and the analogous cases with other parsed resources such as ssh keys, etc),
we first check to see if the appropriate provider can find a resource with
the requested name. If so, we use it; if not we fall back to the featureless
form.
There are a number of potential shortcomings with this fix:
* It may not be particularly performant if there are many resources to
be parsed.
* It always (and only) checks the first provider; perhaps it should try
all providers of the appropriate type.
* It only checks the name property, and not any aliases or host_aliases.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| | |
These are a grab-bag of code simplification changes I made in
the process of figuring out what was going on with #2881; they
should all be absolutely behavior neutral.
|
| | |
| |
| |
| |
| | |
When I changed the alias property of hosts to host_aliases I missed
these changes in the parsed file provider.
|
| | |
| |
| |
| |
| |
| |
| | |
This logic had a bug where it would not insert data if it had just been
deleted.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In some cases communicating with child processes via temprary files is not
viable. This is Ricky Zhou's patch from the ticket, which solves the problem
by using the more normal system of pipes. It is a broader reaching change
than suggested by the ticket (it affects all execs, not just SELinux) but IMHO
is the right way to go.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| | |
As suggested in the ticket, set :reconnect to true. Our in-house Rails
experts suggest that this is unlikely to cause any problems.
The setting is silently ignored before Rails 2.3
|
| | |
| |
| |
| |
| |
| |
| | |
Renamed :alias property to :host_aliases / :port_aliases (in the
sidelined port code) and corrected the comments.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This is basically the fix suggested on the ticket, cleaned up and
ruby-ized, with tests. The only functional modification is leaving
the default on entry2hash as --no-fqdn to preserve 0.25.1 behaviour
as the default.
Signed- ff-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This appears to be regression introduced by threading changes. The fix was
to rearrange things to keep the old behaviour (don't clear the settings
until you know the config file parses) and the new (don't nest calls to
synchronize) by:
1. Splitting clear into two parts--clear, which works as before, and
unsafe_clear which it calls and which expects synchronization to be
handled externally.
2. Rearranging the code to recover the previous calling order
3. Trapping syntax errors and turning them into logged messages and a
no-op effect.
4. Fixing reparse to not wrap a call to this code with a synchronize.
5. Tests.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the SELinux library marginally more robust by dealing
consistently with a missing proc/mounts, and also resoves the test
failures in a way that allows meaningful test runs on non-SELinux
systems.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch implements the two-part suggestion from the ticket;
1) a client that receives a certificate that doesn't match its current
private key does not accept, store or use the certificate--instead it
removes any locally cached copies and acts as if the certificate had
never been found.
2) a puppetmaster that receives a csr from a client for whom it already
has a signed certificate now honors the request and considers it to
supercede any previously signed certificates.
In order to make the cache expiration work as expected, I changed a few
assumptions in the caching system:
* The expiration of a cached certificate is the earlier of the envelope
expiration and the certificate's expiration, as opposed to just overriding
the cache value
* Telling the cache to expire an item now removes it from the cache if
possible, rather than just setting an expiration date in the past and
hoping that somebody notices.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This removes some of the IPv4 centricism from authstore's handling
of IP addresses. It isn't full IPv6 support (and doesn't even fully
handle all the cases within its limited scope, as ruby's IPAddr
library does not work with hybrid addresses), but it should simplify
adding IPv6 support when the time comes.
|
| | |
| |
| |
| |
| | |
This patch fixes #2567 by always pre-validating IP addresses with a
strict regular expression check before calling IPAddr.new() on them.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit refactors the code in authstore to enable a fix for #2567,
goes part of the way towards fixing #2708 (DNS/reverse DNS dependence),
and is a start on #2623 (authstore needs to be refactored), though it
stops short of fully addressing some of the more egregious structural
issues ("opaque", ill-placed pattern transformations, etc.).
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added an info message about what database we're connecting to.
In the case of the default database, it looks like:
info: Connecting to sqlite3 database: /var/lib/puppet/state/clientconfigs.sqlite3
Also squashes the deprecation warning #2941, since fixing that makes
this patch smaller.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Disables the b64_zlib_yaml format if zlib cannot be loaded.
I've added a --no-zlib to make it possible to test this on a single
machine, but it might also be useful if someone finds themselves failing
to connect to a server that doesn't have zlib installed.
FactHandler' format is still hard-coded to YAML rather than using
facts.class.default_format
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| | |
This is Luke's suggested fix, from the ticket.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 82714246b913087292f04190e03a885c99723f52 lost the distinction
between links that were being followed and links that were being managed.
This reinstated the distinction and (taking Luke up on his offer) also
includes various cleanups.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Make sure that we don't try to do anything to webrick until it has
really started.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| | |
This is Matthias Saou's patch from the ticket; it adjusts the regular
expression to permit capital letters where needed.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Andrew Forgue's suggested patch; changes the regular expression to
accept any non-space characters, non-vertical bar characters in a
version "number".
Examples
v | SLES10-SP1-Updates | | resmgr | 0.9.8_SVNr75-18.9 | x86_64
v | SLES10-SP1-Updates | | wireless-tools | 28pre13-22.16.2 | x86_64
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| | |
| |
| |
| |
| |
| | |
The refactoring in 8f60f0c50ee3dfb6453644f5dcded58e6e80e8bb lost the
return code--should be true in all non-exception cases--and this was
causing a false failure when the result was checked higher up.
|
| | |
| |
| |
| |
| |
| | |
Fail rathing than raising the exception so that the line and file are
preserved. A more general solution to these sorts of issues is called
for on the code smell list.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a fix for the core issue of #2863, calling each on a nil tag (instead
of empty) tag list for a resource with no tags, combined with various cleanup
in related code to forestall reintroduction of a similar bug.
* Replace the direct @var access with an initializing getter
* Rename it from @tags_hash to @tags_list since it's not a hash
* Do the same with the otherwise identical params setup.
* Eliminate the now-redundant external initialization for params.
* Remove the parameters method as it was never used and obviously
faulty (calling a non-existent get_params_hash method).
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a flag "manage_internal_file_permissions" which is enabled by
default. Disabling this flag prevents Puppet from managing the owner,
group, or mode of files created from Puppet::Util::Settings::FileSetting
I think this is a wide enough net to follow Luke's suggestion of
"disable management of everything", and it certainly satisfies the
requests I'm aware of, but if I've missed anything, let me know.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Puppet was mis-parsing sshkey aliases when the last alias is an empty
string.
This is due to the counter-intuitive behavior of Ruby's String#split.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Clean up warning messages so that they don't fail when run inside the
test class.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Clean up AIX crontab type:
- The return "" if output.include?(...) prevented the
raise from ever being reached.
- Ensure the temp file is deleted after feeding it
to cron.
- Prevent dumping of the new crontab to STDOUT.
Signed-off-by: Andrew Forgue <andrew.forgue@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
No message was being displayed on the server if a file could not be
opened by the file server.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Replace this message that looks like an error
debug: Format s not supported for Puppet::FileServing::Metadata; has not implemented method 'from_s'
with
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml; using pson
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
modulepath/manifestdir
I was told that setting manifestdir in environment is not supported.
Only the manifest setting seems to be supported in environments.
This patch changes how puppetdoc handles manifestdir, instead
of getting it through the manifestdir variable, we now get the
manifest settings and infer the directory from this, exactly as
the parser is doing.
This allows puppetdoc to handle what user are doing with environments.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The problem is that regex node contains '/' which is a directory
separator on unix.
Since puppetdoc writes a file for each node this was creating empty
directories and documentation for such node couldn't be stored.
This patch removes the slashes in the node names.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
