| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
lib/puppet/feature/base.rb
lib/puppet/file_serving/configuration.rb
spec/unit/indirector/ssl_file_spec.rb
spec/unit/parser/functions/extlookup_spec.rb
spec/unit/resource/catalog_spec.rb
test/language/ast/variable.rb
|
| | |\
| | |
| | | |
Ticket/2.7.x/8662 root on windows
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When running as root, puppet will by default manage internal file
permissions for file-related settings. However, ruby does not support
chown/chgrp functionality on Windows, so puppet will fail to run
(puppet apply generates an exception while trying to set the owner,
etc).
This commit disables internal file permissions handling on Windows
until we add support for chown (at least) as part of the larger file
type effort on Windows.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When running as root, puppet will generate a catalog from its settings
to create the various directories, e.g. var, ssl. If mkusers is true
and a setting implements owner and/or group methods, then puppet will
automatically add user and group resources to the catalog (provided
the user name is not root and the group names are not root or
wheel). This functionality will not be supported on Windows, and so
this step is skipped.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit changes Puppet::Util::SUIDManager.root? (and
Puppet.features.root?) to only return true if the user is running with
elevated privileges (granted via UAC). If this check fails because
elevated privileges are not supported, e.g. pre-Vista, then we fall
back to checking if the user is a member of the builtin Administrators
group.
This means if you are logged in as Administrator on 2008,
Puppet.features.root? will return false, unless you are explicitly
running puppet as an administrator, e.g.
runas /user:Administrator "puppet apply manifest.pp"
This commit also adds tests to ensure SUIDManager.asuser is a no-op on
Windows, since Windows does not (easily) support switching user
contexts without providing a password.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The root feature was being evaluated prior to the microsoft_windows
feature being defined. On Windows, this had the side-effect of calling
Process.uid prior to the win32 sys/admin gem being loaded. And the
default ruby implementation of Process.uid always returns 0, which
caused Puppet.features.root? to always return true.
This commit reorders the syslog, posix, microsoft_windows, and root
features due to dependencies among them. This ensures the
microsoft_windows feature is defined prior to evaluating the root
feature.
As a result of this commit, the SUIDManager now calls the win32
sys/admin version of the Process.uid method, which returns the RID
component of the user's SID. As this is not 0, Puppet.features.root?
will now always return false on Windows. A future commit will fix
this, so that Puppet.feature.root? only returns true when running as
the Windows-equivalent of root.
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
These methods aren't available until Ruby 1.8.6 (Dir.mktmpdir) and Ruby 1.8.7
(Object#tap).
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 61df3f7c39d74b82e37f48c3519293406036e1e9)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
FileSetting#to_resource had a provision to not attempt to manage files in /dev,
which effectively stopped spec from trying to make their configuration
directories in /dev/null. However, on Windows, the path turns into something
like C:/dev/null, so the specs were still trying to manage their configuration
directories when this wasn't desired or handled by the spec.
Now, we also exclude management of C:/dev (or similar), to mimic the behavior
on Windows. Because this isn't a standard path (and thus will not be used for
anything else), there seems to be no harm in treating it as though it were
really /dev.
Reviewed-By: Josh Cooper <josh@puppetlabs.com>
(cherry picked from commit 44719fcf9f9053a7be1bea59d516f24d2234ede4)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Added missing spec tests for Windows service provider methods:
:stop, :enable, :disable, and :manual_start
Refactored to match Nick's previous work.
Reviewed By: Nick Lewis [nick@puppetlabs.com]
(cherry picked from commit d08ae7fd2180c95d1fcafa149128d25cc4680c6c)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This provider, windows_adsi, uses the Puppet::Util::ADSI module to manage
groups. It can only manage group existence and memberships, but is fully
functional in those regards.
Based on work by: Joel Rosario <joel.r@.internal.directi.com>
Based on work by: Cameron Thomas <cameron@puppetlabs.com>
Reviewed-By: Matt Robinson <matt@puppetlabs.com>
(cherry picked from commit 01f09f5f395bab66b90a4e81e958aa89025977b4)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This provider, windows_adsi, uses the Puppet::Util::ADSI module to manage
users. It can currently only manage group memberships, comments, and home
directories, which are the only fields that can be managed via ADSI.
Based on work by: Joel Rosario <joel.r@.internal.directi.com>
Based on work by: Cameron Thomas <cameron@puppetlabs.com>
Reviewed-By: Matt Robinson <matt@puppetlabs.com>
(cherry picked from commit ac00e9e289f8fdc81f060e7dd289e1a8e0f133c0)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This module (Puppet::Util::ADSI) provides access to Active Directory Services
Interfaces, using win32ole. The base module has methods for generating resource
URIs and connecting to ADSI.
It also provides classes Puppet::Util::ADSI::User and Puppet::Util::ADSI::Group
for managing Active Directory users and groups, along with their properties and
group memberships. This will be used to implement the Windows ADSI user and
group providers.
Based on work by: Joel Rosario <joel.r@.internal.directi.com>
Based on work by: Cameron Thomas <cameron@puppetlabs.com>
Reviewed-By: Matt Robinson <matt@puppetlabs.com>
(cherry picked from commit b5fd95336e71ad428109cddf6cd2f33bdd31e025)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since absolute paths on Windows do not always start with /, we need to
make sure that there is always a slash between the checksum and the
path, or the drive letter will end up being considered as part of the
checksum.
On systems where absolute paths always start with /, the extra slash
is removed by the parsing done to the constructed URL.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
(cherry picked from commit 5314376d4378c4b4f990a7d61a9677594e12a2a5)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we only considered files that matched the *nix concept of
'absolute' as being absolute paths. Since absolute paths on Windows
look more like URLs with this world-view, we need to specifically look
for the Windows absolute paths, and treat them as such.
We will still treat *nix absolute paths as absolute on Windows, even
though they are actually relative to the "current" drive. We do not
currently limit which "style" of absolute path is allowed based on
what the agent is.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
(cherry picked from commit 568d25ee10effd5e87c57cdc8c24280eabf9cd93)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rather than stating the logic as 'if !thing', the two checks done when
initializing a new Puppet::FileBucket::File are now phrased as 'unless
thing', which should lessen the likelihood of overlooking the '!'.
We also now provide a reason for the ArgumentError being raised, which
should help users of Puppet::FileBucket::File quickly figure out what
is the problem when these exceptions are raised.
In addition to updating the tests to look for these new error
messages, we update the existing tests to specify which type of
exception, and what message it should have, when something is raised.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
(cherry picked from commit b4cacfd8f95577c514999b4dd6bcb7ad57e37207)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The host provider did not work on Windows because it didn't know where
to find its hosts file. The provider now uses Win32::Resolv, which is
part of the standard ruby library, to find it.
Several host type/provider spec tests were marked as fails_on_windows,
but now that the provider is working, I removed the tag from those
tests, and verified that the tests now pass. There are two tests in
resources_spec that fail because the user and exec providers are not
supported on Windows yet, so those tests are marked as fails_on_windows.
Reviewed-by: Pieter van de Bruggen <pieter@puppetlabs.com>
(cherry picked from commit 82c6b3cb41397c989c011cf767066bcf1e403db2)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The puppet install.rb script now defaults the config directory to
%PROGRAMDATA%\PuppetLabs\puppet\etc on Windows. This is more inline
with Windows best-practices, as this directory is used to store
application data across all users. The PROGRAMDATA environment
variable also takes into account alternate system drives, by using the
SYSTEMDRIVE environment variable.
Note that the Dir::COMMON_APPDATA constant is so named because it
corresponds to the CSIDL_COMMON_APPDATA constant, which on 2000, XP,
and 2003 is %ALLUSERSPROFILE%\Application Data, and on Vista, Win7 and
2008 is %SYSTEMDRIVE%\ProgramData.
This commit also updates puppet's default run_mode var and conf
directories when running as "root" to match the install script, and
fixes the spec test, which was looking in the Dir::WINDOWS directory.
Reviewed-by: Cameron Thomas <cameron@puppetlabs.com>
(cherry picked from commit 95b21dfde7d77a61633555f20f2e3b9675d48415)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because Windows allows a service to be both running and disabled, we now
support that capability. If a service is explicitly requested to be running and
disabled, we will set it to manual start if necessary, start it, and then
disable it. If the service is requested to be running and enabled, we will now
enable it before attempting to start it (previously, this would simply try to
start it and fail).
The exception to this rule is a service which is disabled, and for which we are
not managing the enable property. In that case, we assume that some other
authority has disabled the service, and respect that, failing to start. Thus,
if the user actually wants a service to be running and disabled, they must
explicitly declare that intent.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 12d0018f93e5a72a728c6decffb351a693a86344)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because the enable property of the service type uses :true and :false as its
valid values, rather than true and false, we need to return :true and :false
from our enabled? method. Otherwise, the property was being synced every time
it was enabled or disabled, regardless of whether it was actually in sync or
not.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 44e2d494f499e2005c1b31b92b97834189d4224d)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We want to use self.debug for logging in the provider, so that log messages are
properly associated with the resource, rather than generically coming from
Puppet.
Also fix the self.instances method to not use an unnecessary extra variable
when collecting.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 38c181d00e87ecc699c6a3e23dd2155f716a6602)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The environment validates its modulepath and manifestdir settings, but
it uses Dir.getwd to convert a relative path into an absolute path. The
problem is that on Windows, Dir.getwd returns a path with backslashes.
(Interestingly this only happens when puppet is loaded, not in irb for
example.) And since we do not yet support backslashes in Windows paths
or UNC paths, the directory is not included in the environment.
For the time being, I am using File.expand_path to normalize the path.
It has the side-effect of converting backslashes to forward slashes.
This is sufficient to work around backslashes in Dir.getwd. In the near
future, I will be refactoring how paths are split, validated, tested,
etc, and I have a REMIND in place to fix the environment.
But as a result of this change it exposed a bug in our rdoc parser
dealing with the finding the root of a path. The parser assumed that the
root was '/', but caused an infinite loop when passed a Windows path.
I added a test for this case, which is only run on Windows, because on
Unix File.dirname("C:/") == '.'.
After all of that, I had to disable one of the rdoc spec tests, because
it attempted to reproduce a specific bug, which caused rdoc to try to
create a directory of the form: C:/.../files/C:/.... Of course, this
fails because ':' is not a valid filename character on Windows.
Paired-with: Nick Lewis <nick@puppetlabs.com>
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 9279d0954eb20d75e18a666fd572b5492e157608)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This provider allows us to query the system state through "puppet
resource", and manage the ensure, and enabled properties of services on
Windows.
This also adds support for a new enabled value of 'manual' on Windows
only. With this we support the three major start types for services on
Windows, with the following mapping of enabled to start type:
true => Automatic
false => Disabled
manual => Manual (Demand)
We use the win32-service gem to provide access to the Windows APIs for
our operations. This does add a new gem requirement for running Puppet
on Windows, but we were already requiring some gems from the same suite
that win32-service is a part of.
When referring to a service, the simple service name must be used,
instead of the display name. For example, "snmptrap", instead of
"SNMP Trap".
All system services are reported in 'puppet resource service',
including those started prior to run level 3 (system, device drivers,
etc.). These services should probably not be managed, without careful
thought and planning.
This currently does not support being able to move a service from
{enabled => false, ensure => stopped} to {enabled => true, ensure =>
running} (or enabled => manual) in a single Puppet run, since Puppet
currently always tries to sync ensure before any other property.
Because of this, the puppet run will fail every time, and the service
must first be managed as {ensure => stopped, enabled => true} (or
enabled => manual), before it can be managed as running and automatic
start or manual start.
Reviewed by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 82476e8be41b62ce1767ab6854a72b481b917380)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have removed every usage of cached_attr in which the attribute needs to be
manually expired. Thus, the only meaningful behavior provided by
Puppet::Util::Cacher is expiration based on TTLs. This commit reworks the
cacher to only support that behavior.
Rather than accepting an options hash, of which :ttl is the only available
option, cached_attr now requires a second argument, which is the TTL.
TTLs are now used to compute expirations, which are stored and used for
expiring values. Previously, we stored a timestamp and used it and the TTL to
determine whether the attribute was expired. This had the potentially
undesirable side effect that the lifetime of a cached attribute could be
extended after its insertion by modifying the TTL setting for the cache. Now,
the lifetime of an attribute is determined when it is set, and is thereafter
immutable, aside from deliberately re-setting the expiration for that
particular attribute.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit d198fedf65e472b384666fc9ae3bef487852068a)
Conflicts:
spec/integration/node/facts_spec.rb
spec/unit/node_spec.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This class was previously using a cached_attr for its 'localhost' attribute,
representing the Puppet::SSL::Host entry corresponding to the cert in
Puppet[:certname]. We now no longer expire this attribute. This has the effect
that a change to certname during the lifetime of an agent will not be reflected
in the certificate it uses. If this behavior is desired, it will need to be
reimplemented another way.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 7048b4c4d8c4a8ad45caf6a02b263ac0a9fa333e)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
In the past, Puppet::Util::Autoload used a cached_attr for its 'searchpath'.
However, it no longer does that, so its references to Puppet::Util::Cacher are
unnecessary.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit ce08cba9eb92abce7f7ab77dcf7eb9f9435d4040)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, indirections were storing their termini in a cached_attr, so that
they could be easily cleared for tests. Because this provides no value outside
of testing, we instead simply create an attr_reader for termini, and expire
them manually in tests.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit e74090468192697a6a2447dc6fcece3dd09a46f1)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Types and parameters were registering their catalog as their expirer, so that
the catalog could expire them between uses. However, because catalogs are never
reused (and neither are types or parameters), there is no need to expire
anything. Thus, we remove the entire cleanup/expire logic from catalog, type,
and parameter.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit e2ea023f809c2bdc53b5259047c28f8061f57e54)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These values needn't be cached_attrs, because they can be managed manually.
'stat' does need to be cached, so that we avoid statting the file for each
property we want to check from disk. The 'content' attribute of 'source' also
needs to be cached, because it's retrieved from the server, which we certainly
don't want to do multiple times.
We need a mechanism for invalidating the 'stat' after we've written the file,
so we use a special value :needs_stat, which essentially represented
"undefined". We use this rather than nil so that we can store a failed stat
if it occurs.
Because the content and metadata of our source file will never change, there is
no need to be able to similarly expire the values of those attributes.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 4b0c847f19d5db81758b5561bdc8196591209ef0)
Conflicts:
lib/puppet/type/file/source.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The path attribute was being unnecessarily cached. The value is a LoadedFile
instance, which already knows how to check whether it needs to be reloaded. The
act of reparsing was being triggered separately from the cacher mechanism.
The comment indicated this value was only being cached so it could be easily
cleared for tests, but it wasn't being cleared for tests. Thus, there is no
reason for this attribute to be cached, so remove it.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit bdcb9be3b5d7cd54548cbeb7b13bee6fe4e730f7)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allowing the singleton_instance value to be expirable is unnecessary, because
there will never be a need for a different CA instance in the lifetime of a
master. Additionally, the master never expired its cache anyway. This was only
using the cacher so it could be expired for tests, so it can safely be removed.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit fac867c7bdbfbd431b089eb1bfb6eb73230e912c)
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The use of Puppet::Util::Cacher in this module was removed previously, and this
stray, unnecessary require was left around.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 93299e90e231bb407923e3534a0e33d841b95355)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allowing this value to be expirable is superfluous; it is only used on the
master, which never expires its cache. Additionally, it was providing partial
support for an event we don't fully support already (hostname and domain
changing during the lifetime of a master).
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 6a1b65760a0d8c6299d5c6d260dc37b5e0637706)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This class was using Util::Cacher for its singleton instance, when that was
unnecessary. The FileServing::Configuration instance already manages whether or
not to reparse its config file, based on whether it has changed. Thus, there is
no need for it to be manually expired via the cacher.
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 4bad729f56c26d8154cd0f20614fa4e478de9d40)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Keep alive has been disabled since 2008, and seems to have caused problems when
it was enabled before then. Since there doesn't seem to be any push to get it
working again, just remove it to simplify this code.
This also allows us to entirely remove the usage of Puppet::Util::Cacher from
HttpPool.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 185a666018c0cf0b2c497f655f942a82cd22e49e)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When testing whether a file path is absolute, the regexp was only
handling POSIX style file paths. This commit requires Windows
style file paths to start with a drive letter. A future commit
will refacter the various places we do path validation to
support both Windows drive letters and UNC paths.
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 45ae5b4a9ced26dfcd3e324391f9a26cb02bf93d)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Puppet uses both colon and File::PATH_SEPARATOR in various places, which
does not work on Windows, where File::PATH_SEPARATOR is a semi-colon. This
commit changes the code and tests to consistently use File::PATH_SEPARATOR.
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit 26ee468e8b963d63933d9a27a65d55510ff87618)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because we default the color setting to "false" on Microsoft Windows,
the heuristics used to detect which type of setting we're using were
getting confused, and mis-detected color as being a BooleanSetting
rather than just a Setting.
By specifying that color is a "Setting", we can skip the
auto-detection, and avoid this problem entirely.
Reviewed-by: Josh Cooper <josh@puppetlabs.com>
(cherry picked from commit b84bdbf31bbb0c5d5501bf6f32a9c0d0dc6acc94)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Windows consoles do not support ansi escape sequences for colorizing
output. This commit changes the default setting of 'color' to false when
the "microsoft_windows" feature is present.
Paired-with: Jacob Helwig <jacob@puppetlabs.com>
(cherry picked from commit d7d384ec0b7f28a8f0be20defcc2eebd0550aff0)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Running the Puppet master on Windows is not supported, so instead of
failing with what can be cryptic error messages about failed resources
we fail with an explicit error message about the master on Windows not
being supported. This way a user isn't mistakenly given the
impression that running a master on Windows will work, and they just
have something mis-configured.
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Max Martin <max@puppetlabs.com>
(cherry picked from commit 3a70503b60f9fd51177df4e9267c5ac28b06fb2d)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Running Puppet on Windows requires the sys-admin, win32-process &
win32-dir gems. If any of these gems were missing, Puppet would fail
with the message "Cannot determine basic system flavour".
When trying to determine if we are on Windows, we now warn with the
message "Cannot run on Microsoft Windows without the sys-admin,
win32-process & win32-dir gems: #{err}", where err is the normal ruby
load error message stating which gem could not be loaded.
We also only warn if the POSIX feature is not present.
Signed-off-by: James Turnbull <james@puppetlabs.com>
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Cameron Thomas <cameron@puppetlabs.com>
(cherry picked from commit faf8a5c05f50d98835a1db05b96146618f485a04)
|
| | |\
| | |
| | |
| | |
| | | |
daniel-pittman/maint/2.7.x/strip-incorrect-rights-statements
Maint/2.7.x/strip incorrect rights statements
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For a while Luke, and other authors, injected a created tag, copyright
statement, and "All rights reserved" into every new file they added to the
Puppet project.
This isn't really true, and we have a global license covering the code, so
we have now stripped out all those old tags.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
There's a known bug that prevents remote filebucket resources from working
unless you set path => false. Until this bug is fixed, the docs should reflect
reality as she is played. This commit mentions the bug in both areas where it
is relevant.
|
| | |/
| |
| |
| |
| | |
This is a cosmetic commit improving the line wrapping in the create_resources
function's documentation string.
|
| | |
| |
| |
| |
| |
| |
| | |
The create_resources function's doc string was not particularly clear and had
incorrect markdown formatting. This commit adds a more complete example which
demonstrates the necessary hash format, and changes the doc string to a
heredoc to simplify escaping.
|
| |\| |
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.6.x:
Reset indirector state after configurer tests.
(#8770) Don't fail to set supplementary groups when changing user to root
(#8770) Always fully drop privileges when changing user
(#8662) Migrate suidmanager test case to rspec
(#8740) Do not enumerate files in the root directory.
(#3553) Explain that cron resources require time attributes
Conflicts:
lib/puppet/application/resource.rb
test/puppet/tc_suidmanager.rb
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, Puppet::Util::SUIDManager.change_user would always try to set
supplementary groups (Process.initgroups) before changing its EUID.
Process.initgroups requires the calling process to have EUID 0 in order to
succeed.
This worked fine in the case where the process was changing from root to a
normal user, as it would set groups as root and then change EUID to 0.
However, in the case where the process was changing back to root from a normal
user, it would attempt to set groups as the normal user, and fail.
Now, we check Process.euid before changing, and will set groups first if root,
and will set euid first if not root. This ensures we can freely switch back
and forth between root.
This behavior is maintained inside of the change_user, rather than being broken
into eg. raise_privilege and lower_privilege, because it is a relatively minor
behavior difference, and the helper methods on their own would not have been
generically useful.
|
