| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
For a while Luke, and other authors, injected a created tag, copyright
statement, and "All rights reserved" into every new file they added to the
Puppet project.
This isn't really true, and we have a global license covering the code, so
we have now stripped out all those old tags.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
| |
|
|
|
|
|
| |
The create_resources function's doc string was not particularly clear and had
incorrect markdown formatting. This commit adds a more complete example which
demonstrates the necessary hash format, and changes the doc string to a
heredoc to simplify escaping.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6.x:
Reset indirector state after configurer tests.
(#8770) Don't fail to set supplementary groups when changing user to root
(#8770) Always fully drop privileges when changing user
(#8662) Migrate suidmanager test case to rspec
(#8740) Do not enumerate files in the root directory.
(#3553) Explain that cron resources require time attributes
Conflicts:
lib/puppet/application/resource.rb
test/puppet/tc_suidmanager.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, Puppet::Util::SUIDManager.change_user would always try to set
supplementary groups (Process.initgroups) before changing its EUID.
Process.initgroups requires the calling process to have EUID 0 in order to
succeed.
This worked fine in the case where the process was changing from root to a
normal user, as it would set groups as root and then change EUID to 0.
However, in the case where the process was changing back to root from a normal
user, it would attempt to set groups as the normal user, and fail.
Now, we check Process.euid before changing, and will set groups first if root,
and will set euid first if not root. This ensures we can freely switch back
and forth between root.
This behavior is maintained inside of the change_user, rather than being broken
into eg. raise_privilege and lower_privilege, because it is a relatively minor
behavior difference, and the helper methods on their own would not have been
generically useful.
|
| | |\
| | |
| | |
| | |
| | |
| | | |
* nicklewis/ticket/2.6.x/8770:
(#8770) Always fully drop privileges when changing user
(#8662) Migrate suidmanager test case to rspec
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On Mac OS X, it is only possible to directly change the euid of a process, and
not the uid. Thus, when a puppet master started as root on OS X would change to
the service user (puppet), it would leave the uid of its process set to 0.
This allowed any type of Ruby plugin executed on the master (a type, provider,
function, etc.) to trivially regain root privileges (by setting the euid of
its process back to 0) and potentially compromise the master.
Now, when permanently changing user, we will first try
Process::UID.change_privilege, before falling back to setting the euid/uid
ourselves. change_privilege correctly sets the uid of the process to the
desired new uid, preventing the process from later escalating itself back to
root. Similar behavior is also used when changing group. This has no effect on
the behavior when temporarily changing user/group (for instance, to execute a
single command or create a file as a particular user).
Reviewed-By: Jacob Helwig <jacob@puppetlabs.com>
|
| | |\ \
| | | |
| | | |
| | | |
| | | | |
joshcooper/ticket/2.6.x/8740-cannot-manage-files-of-type-socket
Ticket/2.6.x/8740 cannot manage files of type socket
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously the command 'puppet resource file' would enumerate all files
in the root directory, and generate an exception if the file type was
not a directory, file, or link. Worse, it would also do this when a file
or directory was specified, e.g. 'puppet resource file /etc/hosts'.
Ideally, the find method of the ral terminus should not need to call the
type's instances class method, instead just creating an instance of the
type with the specified name and parameters. However, some types, like
package, depend on this behavior. The type walks all providers and all
instances that they provide, checking to see if the provider provides an
instance with that name, and also warning if another provider provides
an instance with the same name.
Also, ideally, puppet should not blow up when encountering an
unsupported file type, e.g. Unix domain socket, but that would be too
big of a change for 2.6.x.
This commit changes 'puppet resource file' to return a message saying
that the operation is not supported:
Listing all file instances is not supported. Please specify a file
or directory, e.g. puppet resource file /etc
The change is bit of a hack, as ideally, the file type's instances
method could raise an exception when called in a 'search' context, but
return an empty array in a 'find' context. But that also would be too
big of a change for 2.6.x.
This commit also adds spec tests for the resource application and file
type, as well as an acceptance test, which creates a Unix domain socket
in the root directory, while running 'puppet resource file'.
Paired-with: Nick Lewis <nick@puppetlabs.com>
Reviewed-by: Jacob Helwig <jacob@puppetlabs.com>
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The cron resource docs previously read, "All fields except the command and the
user are optional, although specifying no periodic fields would result in the
command being executed every minute." This was factually incorrect; instead,
specifying no periodic fields results in a failure and an unhelpful error on
Puppet 2.6 and 2.7.
Although the issue will remain open as a behavior bug, this commit corrects
the documentation of which attributes are required. It also changes the @doc
string to a heredoc to simplify quote escaping.
|
| |\ \ \
| | | |
| | | | |
(#9039) Update Augeas commands documentation
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Added documentation on commands added as part of #6494 and clarified existing
commands documentation.
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
The changes attribute for the Augeas type's second example was
incorrect, as it had leading slashes that took the paths out of the
context of /files. This commit fixes the bad example, and changes the doc
string to a heredoc to eliminate some messy escaping.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Because this provider only applies when the posix feature is present (and thus
not the windows feature), it can never be used on Windows. Thus, the
Windows-specific command handling is unnecessary and unused.
Also added more specific error messages for the cases where a command doesn't
exist, isn't a file, and isn't executable. These only apply when the command
path is absolute (otherwise the message is simply command not found).
Reviewed-By: Matt Robinson <matt@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
It was not clear to all readers that /var/tmp/myfile was being extracted from
the tarball. This commit adds a sentence to make the conditions when the exec
will run more explicit and fixes an error in the tar command.
|
| |\ \ \
| | | |
| | | | |
(#8808) Fail Augeas resource when unable to save changes
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Raise a failure when Augeas changes cannot be saved (due to invalid layout of
the tree, permissions etc). Fixes a regression.
|
| |\ \ \ \
| | | | |
| | | | | |
Maint/2.7.x/minor docs fixes
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Unlike several other tools that accept a number of seconds between runs,
puppet agent doesn't use 0 as a special value representing "never;" instead,
it takes this as an instruction to run continuously. As this has caused some
user confusion, this commit updates runinterval's description to explain this,
and points to the correct method to make puppet agent do nothing.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
alphabetically
Puppet agent's man text was missing the --no-client option in its command
synopsis, and the long text for --no-client cut off weirdly in the middle of a
sentence. This commit fixes both problems, and arranges all the options
alphabetically so they're easier to reference.
|
| |\ \ \ \ \
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | | |
* 2.6.x:
(#8302) Improve documentation of exec providers
Add document outlining preferred contribution methods
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | | |
The documentation for the shell and posix providers didn't fully explain the
differences between them or the security implications of each. This commit
improves the documentation of both providers.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The tagmail report docs did not mention that you could use log levels as
tags, and was unclear in several other minor ways. This commit improves that
documentation.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Previously, `audit => all` wasn't documented anywhere. This commit adds
a note on it to the metaparameter reference.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The content parameter's doc string said: "The primary purpose of this
parameter is to provide a kind of limited templating... This attribute
is especially useful when used with templating." This commit clarifies
said awkward wording.
|
| | |/ /
|/| |
| | |
| | |
| | |
| | | |
The versioncmp function's documentation was missing punctuation and was
unnecessarily vague. This commit clarifies the return data and makes the
documentation more legible at a glance.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Mac's filesystems aren't case sensitive, so developing this change
didn't catch the issue with requiring filenames that had been
uppercased.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Inspect wasn't documenting the only two options it has, archive_files
and archive_file_server. Now it does.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Running `puppet help inspect` did not result in help:
Unable to find application 'inspect'.
err: exit
err: Try 'puppet help help help' for usage
It turned out that the only reason applications were getting required so
that their help could be found was the LegacyName conversion table in
lib/puppet/util/command_line.rb:7. Inspect never had a legacy name, so
the help system couldn't find it since it never got required. Now
instead of checking for the class constant to see if the application has
been loaded, we try to require the application and exit if it's not
found.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| | |/
|/|
| |
| | |
Signed-off-by: Michael Stahnke <stahnma@puppetlabs.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we only allowed Puppet Clients at a maximum distance of somewhere
between 7,494 and 14,988 kilometers from the master, depending on the variance
in local conditions.
While this gave us good data security against hostile clients connecting from
the dark side of the moon, real world testing shows the moon folks are likely
to just take over a local staging host and attack that way.
So, instead, allow clients sufficient time they should be comfortable able to
connect to a master from the moon. We still refuse clients further out, like
Mars, since it seems unlikely that Puppet management over that distance should
work.
We advise the manned Mars expedition to deploy a local Puppet Master to manage
infrastructure in their base, and to watch out for the martians.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
vcsrepo is available in a module of its own, is missing tests, and
goes against the long-term goal of moving "extra" types out of core
puppet into modules (an example of this is the nagios types).
This reverts commit 25b967559dfa39eb094008c7a3952c4ee885530b, reversing
changes made to b87a1dea704ed981f2f0af728afac2c63e87b5a8.
Reviewed-by: Michael Stahnke <mike@puppetlabs.com>
|
| |\ \
| | |
| | |
| | |
| | | |
* ticket/2.7.x/8704-fileserverconf_parse_errors:
(#8704) Give better errors for invalid fileserver.conf
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If you tried to just put an allow or deny line in the fileserver.conf
without a mount point, you got a really confusing error message:
lib/puppet/network/handler/fileserver.rb:285:in `readconfig': undefined method `info' for nil:NilClass (NoMethodError)
Now instead we give an error saying no mount point was specified.
Reviewed-by: Josh Cooper <josh@puppetlabs.com>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
* tickets/2.7.x/1886:
(Maint.) Disable cleaning of storeconfigs.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This feature (and the corresponding tests) were causing intermittent
failures which we were unable to trace. We will reintroduce this
behavior when we can do so without test fragility.
Reviewed-By: Matt Robinson
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we introduced verification of options, we forgot to handle the case that
global options from the Puppet settings system could be passed to the face.
This, in turn, means that the system would fail if you used any of those.
This remediates that, and now these work as expected.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | | |
This includes various style changes, and assorted fixes to testing.
Paired-With: Matt Robinson
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Here is a changeset that adds a new action to the puppet node face.
This application removes all traces of a node on the puppetmaster
(including certs, cached facts and nodes, reports, and storedconfig
entries).
Furthermore it is capable of unexporting exported resources of a
host so that consumers of these resources can remove the exported
resources and we will safely remove the node from our
infrastructure.
Usage:
puppet node clean [--unexport] <host> [<host2> ...]
To achieve this we add different destroy methods to the different
parts of the indirector. So for example for yaml indirections we
already offer read access for the yaml, this changeset adds
the destroy handler which only removes the yaml file for
a request. This can be used to remove cached entries.
This work is based on the initial work of Brice Figureau
<brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
#allowed? was a poorly named method since it isn't actually a predicate
method. Instead of returning a boolean, this methods throws an
exception when the access is denied (in order to keep the full context
of what ACE triggered the deny).
Given that #allowed? was overriding the behavior from AuthConfig, we
leave a version of #allowed? in place that will issue a deprecation
warning before delegating to #check_authorization. Once support for
XML-RPC agents is removed from the master, we will be able to remove
this delegation, since there should no longer be a reason for a
distinction between AuthConfig and RestAuthConfig.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Auth.conf, namespaceauth.conf and fileserver.conf were not supporting
trailing inlined comments.
Also this commit fixes some indentation and error management.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
| |
| |
| |
| |
| |
| | |
The regex used to detect ACE is too lax and would allow trailing
spaces to sneak in, which in turn would confuse the ACE parser.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
2.7.x
* ticket/2.7.x/maint-show_help_for_cert_without_subcommand:
maint: Fix cert app to print help and exit if no subcommand
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In 2.6.x this was the behavior, but the changes to the way options
parsing worked in 2.7.x to support faces changed the behavior of how
help was called.
This resulted in the follow unhelpful error message when you just called
`puppet cert`:
/Users/matthewrobinson/work/puppet/lib/puppet/ssl/certificate_authority/interface.rb:85:in `method='
Invalid method to apply
Reviewed-by: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Much like the infamous "hostname was not match" error message, there's
another SSL error that people run into that isn't clear how to
troubleshoot.
err: Could not send report: SSL_connect returned=1 errno=0
state=SSLv3 read server certificate B: certificate verify failed.
As far as I can tell this only ever happens when the clock is off on the
master or client. People seem to think it will happen other times, but
I haven't been able to reproduce it other ways - missing private key,
revoked cert, offline CA all have their own errors. I googled around
and the only thing I've seen for this error in relation to puppet is the
time sync problem.
So the error message text just has some additional info to suggest you
check your clocks.
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
|
| |\ \ \
| |/ /
|/| /
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The introduction of composite namevars caused the resource title used in
resource aliases to be set as an array, even when the resource only had one
namevar. This would fail to conflict with non-alias entries in the resource
table, which used a string for the title, even though the single element array
contained the same string.
Now, we flatten the key used in the resource table, so that single element
arrays are represented as strings, and will properly conflict with resource
titles.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | | |
* ticket/2.6.x/8418-inspect_respect_run_mode:
(#8418) Fix inspect app to have the correct run_mode
maint: Adding logging to include environment when source fails
maint: Add debug logging when the master receives a report
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Requiring puppet before the run_mode has been set by the application
causes the default run_mode of 'user' to be set instead of what the
application wants. This leads to the incorrect default settings to be
used, which lead to inspect not being able to properly retrieve file
metadata from a fileserver.
Reviewed-by: Max Martin <max@puppetlabs.com>
|
| | | |
| | |
| | |
| | | |
Reviewed-by: Max Martin <max@puppetlabs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It's always bothered me that when running puppet inspect (or any
application that produces a report really) the master gives no
indication that anything happened when it processes the report.
Reviewed-by: Max Martin <max@puppetlabs.com>
|
