From c912a2af2f63f505a493137d4ff0b88bc3754cda Mon Sep 17 00:00:00 2001 From: Daniel Pittman Date: Thu, 3 Feb 2011 13:46:08 -0800 Subject: (#4139) hook log autoflush into global defaults We previously had an ordering dependency in the autoflush option, which was statically read from defaults when the log destination was configured. We add a hook in the defaults to update the log subsystem, which in turn updates log destinations, when autoflush is changed. This would work as desired: puppet agent --autoflush --logdest=file This would not work, as autoflush would be false: puppet agent --logdest=file --autoflush Now those changes propagate correctly. Paired-with: matt@puppetlabs.com --- lib/puppet/defaults.rb | 6 +++++- lib/puppet/util/log.rb | 6 ++++++ lib/puppet/util/log/destinations.rb | 2 ++ 3 files changed, 13 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb index 764cbbe2b..687ac4eb0 100644 --- a/lib/puppet/defaults.rb +++ b/lib/puppet/defaults.rb @@ -14,7 +14,11 @@ module Puppet setdefaults(:main, :trace => [false, "Whether to print stack traces on some errors"], - :autoflush => [false, "Whether log files should always flush to disk."], + :autoflush => { + :default => false, + :desc => "Whether log files should always flush to disk.", + :hook => proc { |value| Log.autoflush = value } + }, :syslogfacility => ["daemon", "What syslog facility to use when logging to syslog. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up."], diff --git a/lib/puppet/util/log.rb b/lib/puppet/util/log.rb index 3fdac3f69..ba1690078 100644 --- a/lib/puppet/util/log.rb +++ b/lib/puppet/util/log.rb @@ -67,6 +67,12 @@ class Puppet::Util::Log } end + def Log.autoflush=(v) + @destinations.each do |type, dest| + dest.autoflush = v if dest.respond_to?(:autoflush=) + end + end + # Create a new log message. The primary role of this method is to # avoid creating log messages below the loglevel. def Log.create(hash) diff --git a/lib/puppet/util/log/destinations.rb b/lib/puppet/util/log/destinations.rb index 22b3dedb2..c70edeb02 100644 --- a/lib/puppet/util/log/destinations.rb +++ b/lib/puppet/util/log/destinations.rb @@ -50,6 +50,8 @@ Puppet::Util::Log.newdesttype :file do @file.flush if defined?(@file) end + attr_accessor :autoflush + def initialize(path) @name = path # first make sure the directory exists -- cgit From bddfa1e22d8db53a16f71759a2d9c690bfc00417 Mon Sep 17 00:00:00 2001 From: nfagerlund Date: Thu, 3 Feb 2011 13:42:46 -0800 Subject: (6114) Update the audit metaparameter for 2.6.5. The audit metaparameter has some new behavior, its old behavior has changed, and the previous description was incomplete at any rate. This patch replaces its description string. --- lib/puppet/type.rb | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) (limited to 'lib') diff --git a/lib/puppet/type.rb b/lib/puppet/type.rb index e03650b54..f70a3ec0b 100644 --- a/lib/puppet/type.rb +++ b/lib/puppet/type.rb @@ -957,12 +957,25 @@ class Type end newmetaparam(:audit) do - desc "Audit specified attributes of resources over time, and report if any have changed. - This attribute can be used to track changes to any resource over time, and can - provide an audit trail of every change that happens on any given machine. - - Note that you cannot both audit and manage an attribute - managing it guarantees - the value, and any changes already get logged." + desc "Marks a subset of this resource's unmanaged attributes for auditing. Accepts an + attribute name or a list of attribute names. + + Auditing a resource attribute has two effects: First, whenever a catalog + is applied with puppet apply or puppet agent, Puppet will check whether + that attribute of the resource has been modified, comparing its current + value to the previous run; any change will be logged alongside any actions + performed by Puppet while applying the catalog. + + Secondly, marking a resource attribute for auditing will include that + attribute in inspection reports generated by puppet inspect; see the + puppet inspect documentation for more details. + + Managed attributes for a resource can also be audited, but note that + changes made by Puppet will be logged as additional modifications. (I.e. + if a user manually edits a file whose contents are audited and managed, + puppet agent's next two runs will both log an audit notice: the first run + will log the user's edit and then revert the file to the desired state, + and the second run will log the edit made by Puppet.)" validate do |list| list = Array(list).collect {|p| p.to_sym} -- cgit From 4ff5769119aefafa33e05449ebcfac78ba0c0fe0 Mon Sep 17 00:00:00 2001 From: Daniel Pittman Date: Thu, 3 Feb 2011 15:36:50 -0800 Subject: (#5823) run mode can now be set dynamically... Third party scripts, and complex command line tools, depend on being able to configure the run_mode value at runtime, not just when they fire up. For better or worse we used to allow this sort of thing to work, but stopped, and we have no sane, safe and consensual alternative, so we broke a bunch of client code. This enables the feature again, but does not add any safety catch; you can now happily slice off your own feet with this, if you really want to. --- lib/puppet/application.rb | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/puppet/application.rb b/lib/puppet/application.rb index 17ad69cee..b944a554e 100644 --- a/lib/puppet/application.rb +++ b/lib/puppet/application.rb @@ -264,9 +264,14 @@ class Application def initialize(command_line = nil) require 'puppet/util/command_line' @command_line = command_line || Puppet::Util::CommandLine.new - @run_mode = self.class.run_mode + set_run_mode self.class.run_mode @options = {} + require 'puppet' + end + + def set_run_mode(mode) + @run_mode = mode $puppet_application_mode = @run_mode $puppet_application_name = name @@ -281,8 +286,6 @@ class Application Puppet.settings.set_value(:rundir, Puppet.run_mode.run_dir, :mutable_defaults) Puppet.settings.set_value(:run_mode, Puppet.run_mode.name.to_s, :mutable_defaults) end - - require 'puppet' end # This is the main application entry point -- cgit From 04ea8269e70e9c1f81394ac6da2b48dcfb49b1d5 Mon Sep 17 00:00:00 2001 From: Daniel Pittman Date: Thu, 3 Feb 2011 16:19:03 -0800 Subject: (#5823) document the not-an-API status of set_run_mode Since this is totally not API, document that in big, threatening letters so that folks actually know what is going on. Include promises so they don't feel too unhappy with us. Paired-with: matt@puppetlabs.com --- lib/puppet/application.rb | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'lib') diff --git a/lib/puppet/application.rb b/lib/puppet/application.rb index b944a554e..c3d7355f6 100644 --- a/lib/puppet/application.rb +++ b/lib/puppet/application.rb @@ -270,6 +270,13 @@ class Application require 'puppet' end + # WARNING: This is a totally scary, frightening, and nasty internal API. We + # strongly advise that you do not use this, and if you insist, we will + # politely allow you to keep both pieces of your broken code. + # + # We plan to provide a supported, long-term API to deliver this in a way + # that you can use. Please make sure that you let us know if you do require + # this, and this message is still present in the code. --daniel 2011-02-03 def set_run_mode(mode) @run_mode = mode $puppet_application_mode = @run_mode -- cgit From f108f0330623f643343709b29921608b6c76874a Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 14:48:54 -0800 Subject: (#6018) Nick F's --help text for puppet inspect. --- lib/puppet/application/inspect.rb | 53 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) (limited to 'lib') diff --git a/lib/puppet/application/inspect.rb b/lib/puppet/application/inspect.rb index 77e8476a2..52ef97530 100644 --- a/lib/puppet/application/inspect.rb +++ b/lib/puppet/application/inspect.rb @@ -19,6 +19,59 @@ class Puppet::Application::Inspect < Puppet::Application end end + def help + puts <<-HELP ; exit # XXX + +SYNOPSIS +======== + +Prepare and submit an inspection report to the puppet master. + + +USAGE +===== + + puppet inspect + + +DESCRIPTION +=========== + +This command uses the cached catalog from the previous run of 'puppet +agent' to determine which attributes of which resources have been +marked as auditable with the 'audit' metaparameter. It then examines +the current state of the system, writes the state of the specified +resource attributes to a report, and submits the report to the puppet +master. + +Puppet inspect does not run as a daemon, and must be run manually or from cron. + + +OPTIONS +======= + +Any configuration setting which is valid in the configuration file is +also a valid long argument, e.g. '--server=master.domain.com'. See the +configuration file documentation at +http://docs.puppetlabs.com/references/latest/configuration.html for +the full list of acceptable settings. + + +AUTHOR +====== + +Puppet Labs + + +COPYRIGHT +========= + +Copyright (c) 2011 Puppet Labs, LLC +Licensed under the GNU General Public License version 2 + + HELP + end + def setup exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs? -- cgit From e1191f33defcaffec5900c7122a89ca75d3a9673 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 16:10:49 -0800 Subject: Maint: remove rdoc/usage dependency --- lib/puppet/application.rb | 21 +++------------------ 1 file changed, 3 insertions(+), 18 deletions(-) (limited to 'lib') diff --git a/lib/puppet/application.rb b/lib/puppet/application.rb index c3d7355f6..7ef71bc81 100644 --- a/lib/puppet/application.rb +++ b/lib/puppet/application.rb @@ -250,7 +250,8 @@ class Application # Every app responds to --help option("--help", "-h") do |v| - help + puts help + exit end def should_parse_config? @@ -385,23 +386,7 @@ class Application end def help - if Puppet.features.usage? - # RH:FIXME: My goodness, this is ugly. - ::RDoc.const_set("PuppetSourceFile", name) - #:stopdoc: # Issue #4161 - def (::RDoc).caller - docfile = `grep -l 'Puppet::Application\\[:#{::RDoc::PuppetSourceFile}\\]' #{DOCPATTERN}`.chomp - super << "#{docfile}:0" - end - #:startdoc: - ::RDoc::usage && exit - else - puts "No help available unless you have RDoc::usage installed" - exit - end - rescue Errno::ENOENT - puts "No help available for puppet #{name}" - exit + "No help available for puppet #{name}" end private -- cgit From 8d569b36ec9ba30043b394a02e3f9fecf08068ce Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 14:48:54 -0800 Subject: Maint: remove puts and exit from inspect --help --- lib/puppet/application/inspect.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/puppet/application/inspect.rb b/lib/puppet/application/inspect.rb index 52ef97530..cee66dec2 100644 --- a/lib/puppet/application/inspect.rb +++ b/lib/puppet/application/inspect.rb @@ -20,7 +20,7 @@ class Puppet::Application::Inspect < Puppet::Application end def help - puts <<-HELP ; exit # XXX + <<-HELP SYNOPSIS ======== -- cgit From 9b521d70695b32e251fa636a73dfbc9ce6942f7a Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 14:58:38 -0800 Subject: Maint: move puppet agent --help --- lib/puppet/application/agent.rb | 206 +++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppetd | 188 -------------------------------- 2 files changed, 206 insertions(+), 188 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppetd (limited to 'lib') diff --git a/lib/puppet/application/agent.rb b/lib/puppet/application/agent.rb index 2b75505fd..5dc425556 100644 --- a/lib/puppet/application/agent.rb +++ b/lib/puppet/application/agent.rb @@ -83,6 +83,212 @@ class Puppet::Application::Agent < Puppet::Application @args[:Port] = arg end + def help + <<-HELP + +SYNOPSIS +======== +Retrieve the client configuration from the puppet master and apply it to +the local host. + +Currently must be run out periodically, using cron or something similar. + + +USAGE +===== + puppet agent [-D|--daemonize|--no-daemonize] [-d|--debug] + [--detailed-exitcodes] [--disable] [--enable] + [-h|--help] [--certname ] [-l|--logdest syslog||console] + [-o|--onetime] [--serve ] [-t|--test] [--noop] + [--digest ] [--fingerprint] [-V|--version] + [-v|--verbose] [-w|--waitforcert ] + + +DESCRIPTION +=========== +This is the main puppet client. Its job is to retrieve the local +machine's configuration from a remote server and apply it. In order to +successfully communicate with the remote server, the client must have a +certificate signed by a certificate authority that the server trusts; +the recommended method for this, at the moment, is to run a certificate +authority as part of the puppet server (which is the default). The +client will connect and request a signed certificate, and will continue +connecting until it receives one. + +Once the client has a signed certificate, it will retrieve its +configuration and apply it. + + +USAGE NOTES +=========== +'puppet agent' does its best to find a compromise between interactive +use and daemon use. Run with no arguments and no configuration, it will +go into the backgroun, attempt to get a signed certificate, and retrieve +and apply its configuration every 30 minutes. + +Some flags are meant specifically for interactive use -- in particular, +'test', 'tags' or 'fingerprint' are useful. 'test' enables verbose +logging, causes the daemon to stay in the foreground, exits if the +server's configuration is invalid (this happens if, for instance, you've +left a syntax error on the server), and exits after running the +configuration once (rather than hanging around as a long-running +process). + +'tags' allows you to specify what portions of a configuration you want +to apply. Puppet elements are tagged with all of the class or definition +names that contain them, and you can use the 'tags' flag to specify one +of these names, causing only configuration elements contained within +that class or definition to be applied. This is very useful when you are +testing new configurations -- for instance, if you are just starting to +manage 'ntpd', you would put all of the new elements into an 'ntpd' +class, and call puppet with '--tags ntpd', which would only apply that +small portion of the configuration during your testing, rather than +applying the whole thing. + +'fingerprint' is a one-time flag. In this mode 'puppet agent' will run +once and display on the console (and in the log) the current certificate +(or certificate request) fingerprint. Providing the '--digest' option +allows to use a different digest algorithm to generate the fingerprint. +The main use is to verify that before signing a certificate request on +the master, the certificate request the master received is the same as +the one the client sent (to prevent against man-in-the-middle attacks +when signing certificates). + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'server' is a valid +configuration parameter, so you can specify '--server ' as +an argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppet agent with +'--genconfig'. + +daemonize: Send the process into the background. This is the + default. + +no-daemonize: Do not send the process into the background. + +debug: Enable full debugging. + +digest: Change the certificate fingerprinting digest + algorithm. The default is MD5. Valid values depends + on the version of OpenSSL installed, but should + always at least contain MD5, MD2, SHA1 and SHA256. + +detailed-exitcodes: Provide transaction information via exit codes. If + this is enabled, an exit code of '2' means there + were changes, and an exit code of '4' means that + there were failures during the transaction. This + option only makes sense in conjunction with + --onetime. + +disable: Disable working on the local system. This puts a + lock file in place, causing 'puppet agent' not to + work on the system until the lock file is removed. + This is useful if you are testing a configuration + and do not want the central configuration to + override the local state until everything is tested + and committed. + +'puppet agent' uses the same lock file while it is running, so no more +than one 'puppet agent' process is working at a time. + +'puppet agent' exits after executing this. + +enable: Enable working on the local system. This removes any + lock file, causing 'puppet agent' to start managing + the local system again (although it will continue to + use its normal scheduling, so it might not start for + another half hour). + +'puppet agent' exits after executing this. + +certname: Set the certname (unique ID) of the client. The + master reads this unique identifying string, which + is usually set to the node's fully-qualified domain + name, to determine which configurations the node + will receive. Use this option to debug setup + problems or implement unusual node identification + schemes. + +help: Print this help message + +logdest: Where to send messages. Choose between syslog, the + console, and a log file. Defaults to sending + messages to syslog, or the console if debugging or + verbosity is enabled. + +no-client: Do not create a config client. This will cause the + daemon to run without ever checking for its + configuration automatically, and only makes sense + +onetime: Run the configuration once. Runs a single (normally + daemonized) Puppet run. Useful for interactively + running puppet agent when used in conjunction with + the --no-daemonize option. + +fingerprint: Display the current certificate or certificate + signing request fingerprint and then exit. Use the + '--digest' option to change the digest algorithm + used. + +serve: Start another type of server. By default, 'puppet + agent' will start a service handler that allows + authenticated and authorized remote nodes to trigger + the configuration to be pulled down and applied. You + can specify any handler here that does not require + configuration, e.g., filebucket, ca, or resource. + The handlers are in 'lib/puppet/network/handler', + and the names must match exactly, both in the call + to 'serve' and in 'namespaceauth.conf'. + +test: Enable the most common options used for testing. + These are 'onetime', 'verbose', 'ignorecache', + 'no-daemonize', 'no-usecacheonfailure', + 'detailed-exit-codes', 'no-splay', and 'show_diff'. + +noop: Use 'noop' mode where the daemon runs in a no-op or + dry-run mode. This is useful for seeing what changes + Puppet will make without actually executing the + changes. + +verbose: Turn on verbose reporting. + +version: Print the puppet version number and exit. + +waitforcert: This option only matters for daemons that do not yet + have certificates and it is enabled by default, with + a value of 120 (seconds). This causes 'puppet agent' + to connect to the server every 2 minutes and ask it + to sign a certificate request. This is useful for + the initial setup of a puppet client. You can turn + off waiting for certificates by specifying a time of + 0. + + +EXAMPLE +======= + puppet agent --server puppet.domain.com + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005, 2006 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def run_command return fingerprint if options[:fingerprint] return onetime if Puppet[:onetime] diff --git a/lib/puppet/util/command_line/puppetd b/lib/puppet/util/command_line/puppetd deleted file mode 100755 index 71b28429b..000000000 --- a/lib/puppet/util/command_line/puppetd +++ /dev/null @@ -1,188 +0,0 @@ -#!/usr/bin/env ruby - -# == Synopsis -# -# Retrieve the client configuration from the puppet master and apply -# it to the local host. -# -# Currently must be run out periodically, using cron or something similar. -# -# = Usage -# -# puppet agent [-D|--daemonize|--no-daemonize] [-d|--debug] -# [--detailed-exitcodes] [--disable] [--enable] -# [-h|--help] [--certname ] [-l|--logdest syslog||console] -# [-o|--onetime] [--serve ] [-t|--test] [--noop] -# [--digest ] [--fingerprint] [-V|--version] -# [-v|--verbose] [-w|--waitforcert ] -# -# = Description -# -# This is the main puppet client. Its job is to retrieve the local machine's -# configuration from a remote server and apply it. In order to successfully -# communicate with the remote server, the client must have a certificate signed -# by a certificate authority that the server trusts; the recommended method -# for this, at the moment, is to run a certificate authority as part of the -# puppet server (which is the default). The client will connect and request -# a signed certificate, and will continue connecting until it receives one. -# -# Once the client has a signed certificate, it will retrieve its configuration -# and apply it. -# -# = Usage Notes -# -# +puppet agent+ does its best to find a compromise between interactive use and -# daemon use. Run with no arguments and no configuration, it will go into the -# backgroun, attempt to get a signed certificate, and retrieve and apply its -# configuration every 30 minutes. -# -# Some flags are meant specifically for interactive use -- in particular, -# +test+, +tags+ or +fingerprint+ are useful. +test+ enables verbose logging, causes -# the daemon to stay in the foreground, exits if the server's configuration is -# invalid (this happens if, for instance, you've left a syntax error on the -# server), and exits after running the configuration once (rather than hanging -# around as a long-running process). -# -# +tags+ allows you to specify what portions of a configuration you want to apply. -# Puppet elements are tagged with all of the class or definition names that -# contain them, and you can use the +tags+ flag to specify one of these names, -# causing only configuration elements contained within that class or definition -# to be applied. This is very useful when you are testing new configurations -- -# for instance, if you are just starting to manage +ntpd+, you would put all of -# the new elements into an +ntpd+ class, and call puppet with +--tags ntpd+, -# which would only apply that small portion of the configuration during your -# testing, rather than applying the whole thing. -# -# +fingerprint+ is a one-time flag. In this mode +puppet agent+ will run once and -# display on the console (and in the log) the current certificate (or certificate -# request) fingerprint. Providing the +--digest+ option allows to use a different -# digest algorithm to generate the fingerprint. The main use is to verify that -# before signing a certificate request on the master, the certificate request the -# master received is the same as the one the client sent (to prevent against -# man-in-the-middle attacks when signing certificates). -# -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'server' is a valid configuration -# parameter, so you can specify '--server ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppet agent with -# '--genconfig'. -# -# daemonize:: -# Send the process into the background. This is the default. -# -# no-daemonize:: -# Do not send the process into the background. -# -# debug:: -# Enable full debugging. -# -# digest:: -# Change the certificate fingerprinting digest algorithm. The default is MD5. -# Valid values depends on the version of OpenSSL installed, but should always -# at least contain MD5, MD2, SHA1 and SHA256. -# -# detailed-exitcodes:: -# Provide transaction information via exit codes. If this is enabled, an -# exit code of '2' means there were changes, and an exit code of '4' means -# that there were failures during the transaction. This option only makes -# sense in conjunction with --onetime. -# -# disable:: -# Disable working on the local system. This puts a lock file in place, -# causing +puppet agent+ not to work on the system until the lock file is removed. -# This is useful if you are testing a configuration and do not want the central -# configuration to override the local state until everything is tested and -# committed. -# -# +puppet agent+ uses the same lock file while it is running, so no more than one -# +puppet agent+ process is working at a time. -# -# +puppet agent+ exits after executing this. -# -# enable:: -# Enable working on the local system. This removes any lock file, causing -# +puppet agent+ to start managing the local system again (although it will continue -# to use its normal scheduling, so it might not start for another half hour). -# -# +puppet agent+ exits after executing this. -# -# certname:: -# Set the certname (unique ID) of the client. The master reads this unique -# identifying string, which is usually set to the node's fully-qualified domain -# name, to determine which configurations the node will receive. Use this option -# to debug setup problems or implement unusual node identification schemes. -# -# help:: -# Print this help message -# -# logdest:: -# Where to send messages. Choose between syslog, the console, and a log file. -# Defaults to sending messages to syslog, or the console if debugging or -# verbosity is enabled. -# -# no-client:: -# Do not create a config client. This will cause the daemon to run -# without ever checking for its configuration automatically, and only -# makes sense when used in conjunction with --listen. -# -# onetime:: -# Run the configuration once. Runs a single (normally daemonized) Puppet run. -# Useful for interactively running puppet agent when used in conjunction with -# the --no-daemonize option. -# -# fingerprint:: -# Display the current certificate or certificate signing request fingerprint -# and then exit. Use the +--digest+ option to change the digest algorithm used. -# -# serve:: -# Start another type of server. By default, +puppet agent+ will start -# a service handler that allows authenticated and authorized remote nodes to -# trigger the configuration to be pulled down and applied. You can specify -# any handler here that does not require configuration, e.g., filebucket, ca, -# or resource. The handlers are in +lib/puppet/network/handler+, and the names -# must match exactly, both in the call to +serve+ and in +namespaceauth.conf+. -# -# test:: -# Enable the most common options used for testing. These are +onetime+, -# +verbose+, +ignorecache, +no-daemonize+, +no-usecacheonfailure+, -# +detailed-exit-codes+, +no-splay+, and +show_diff+. -# -# noop:: -# Use +noop+ mode where the daemon runs in a no-op or dry-run mode. This is useful -# for seeing what changes Puppet will make without actually executing the changes. -# -# verbose:: -# Turn on verbose reporting. -# -# version:: -# Print the puppet version number and exit. -# -# waitforcert:: -# This option only matters for daemons that do not yet have certificates -# and it is enabled by default, with a value of 120 (seconds). This causes -# +puppet agent+ to connect to the server every 2 minutes and ask it to sign a -# certificate request. This is useful for the initial setup of a puppet -# client. You can turn off waiting for certificates by specifying a time -# of 0. -# -# = Example -# -# puppet agent --server puppet.domain.com -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005, 2006 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:agent].run -- cgit From fc66e576b7bfc08ad9460d05702ad8750045fa07 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:00:46 -0800 Subject: Maint: move puppet master --help --- lib/puppet/application/master.rb | 77 ++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppetmasterd | 74 ---------------------------- 2 files changed, 77 insertions(+), 74 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppetmasterd (limited to 'lib') diff --git a/lib/puppet/application/master.rb b/lib/puppet/application/master.rb index fde474907..398c0694e 100644 --- a/lib/puppet/application/master.rb +++ b/lib/puppet/application/master.rb @@ -25,6 +25,83 @@ class Puppet::Application::Master < Puppet::Application end end + def help + <<-HELP + +SYNOPSIS +======== +The central puppet server. Functions as a certificate authority by +default. + + +USAGE +===== + puppet master [-D|--daemonize|--no-daemonize] [-d|--debug] [-h|--help] + [-l|--logdest |console|syslog] [-v|--verbose] [-V|--version] + [--compile ] [--apply ] + +DESCRIPTION +=========== +This is the puppet central daemon. + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'ssldir' is a valid +configuration parameter, so you can specify '--ssldir ' as an +argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppetmasterdd +with '--genconfig'. + +daemonize: Send the process into the background. This is the default. + +no-daemonize: Do not send the process into the background. + +debug: Enable full debugging. + +help: Print this help message. + +logdest: Where to send messages. Choose between syslog, the + console, and a log file. Defaults to sending messages to + syslog, or the console if debugging or verbosity is + enabled. + +verbose: Enable verbosity. + +version: Print the puppet version number and exit. + +compile: Capability to compile a catalogue and output it in JSON + from the Puppet master. Uses facts contained in the + $vardir/yaml/ directory to compile the catalog. + +apply: Capability to apply JSON catalog (such as one generated + with --compile). You can either specify a JSON file or + pipe in JSON from standard input. + + +EXAMPLE +======= + puppet master + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def preinit trap(:INT) do $stderr.puts "Cancelling startup" diff --git a/lib/puppet/util/command_line/puppetmasterd b/lib/puppet/util/command_line/puppetmasterd deleted file mode 100755 index 445169820..000000000 --- a/lib/puppet/util/command_line/puppetmasterd +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# The central puppet server. Functions as a certificate authority by default. -# -# = Usage -# -# puppet master [-D|--daemonize|--no-daemonize] [-d|--debug] [-h|--help] -# [-l|--logdest |console|syslog] [-v|--verbose] [-V|--version] -# [--compile ] [--apply ] -# -# = Description -# -# This is the puppet central daemon. -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'ssldir' is a valid configuration -# parameter, so you can specify '--ssldir ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppetmasterdd with -# '--genconfig'. -# -# daemonize:: -# Send the process into the background. This is the default. -# -# no-daemonize:: -# Do not send the process into the background. -# -# debug:: -# Enable full debugging. -# -# help:: -# Print this help message. -# -# logdest:: -# Where to send messages. Choose between syslog, the console, and a log file. -# Defaults to sending messages to syslog, or the console -# if debugging or verbosity is enabled. -# -# verbose:: -# Enable verbosity. -# -# version:: -# Print the puppet version number and exit. -# -# compile:: -# Capability to compile a catalogue and output it in JSON from the Puppet master. Uses -# facts contained in the $vardir/yaml/ directory to compile the catalog. -# -# apply:: -# Capability to apply JSON catalog (such as one generated with --compile). You can either specify -# a JSON file or pipe in JSON from standard input. -# -# = Example -# -# puppet master -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:master].run -- cgit From ae78264c8c3cd8ec38128b13c265a07faa0eaa84 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:12:55 -0800 Subject: Maint: move puppet filebucket --help --- lib/puppet/application/filebucket.rb | 98 +++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/filebucket | 97 -------------------------------- 2 files changed, 98 insertions(+), 97 deletions(-) delete mode 100755 lib/puppet/util/command_line/filebucket (limited to 'lib') diff --git a/lib/puppet/application/filebucket.rb b/lib/puppet/application/filebucket.rb index 9c3c79bc3..77ebbb843 100644 --- a/lib/puppet/application/filebucket.rb +++ b/lib/puppet/application/filebucket.rb @@ -12,6 +12,104 @@ class Puppet::Application::Filebucket < Puppet::Application attr :args + def help + <<-HELP + +SYNOPSIS +======== +A stand-alone Puppet filebucket client. + + +USAGE +===== + puppet filebucket [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose] + [-l|--local] [-r|--remote] + [-s|--server ] [-b|--bucket ] ... + + +DESCRIPTION +=========== +This is a stand-alone filebucket client for sending files to a local or +central filebucket. + + +USAGE +===== +This client can operate in three modes, with only one mode per call: + +backup: Send one or more files to the specified file bucket. Each sent + file is printed with its resulting md5 sum. + +get: Return the text associated with an md5 sum. The text is printed + to stdout, and only one file can be retrieved at a time. + +restore: Given a file path and an md5 sum, store the content associated + with the sum into the specified file path. You can specify an + entirely new path to this argument; you are not restricted to + +Note that 'filebucket' defaults to using a network-based filebucket +available on the server named 'puppet'. To use this, you'll have to be +running as a user with valid Puppet certificates. Alternatively, you can +use your local file bucket by specifying '--local'. + + +EXAMPLE +======= + $ puppet filebucket backup /etc/passwd + /etc/passwd: 429b225650b912a2ee067b0a4cf1e949 + $ puppet filebucket restore /tmp/passwd 429b225650b912a2ee067b0a4cf1e949 + $ + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'ssldir' is a valid +configuration parameter, so you can specify '--ssldir ' as an +argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppet with +'--genconfig'. + +debug: Enable full debugging. + +help: Print this help message + +local: Use the local filebucket. This will use the default + configuration information. + +remote: Use a remote filebucket. This will use the default + configuration information. + +server: The server to send the file to, instead of locally. + +verbose: Print extra information. + +version: Print version information. + + +EXAMPLE +======= + puppet filebucket -b /tmp/filebucket /my/file + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + + def run_command @args = command_line.args command = args.shift diff --git a/lib/puppet/util/command_line/filebucket b/lib/puppet/util/command_line/filebucket deleted file mode 100755 index 34b01508e..000000000 --- a/lib/puppet/util/command_line/filebucket +++ /dev/null @@ -1,97 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# A stand-alone Puppet filebucket client. -# -# = Usage -# -# puppet filebucket [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose] -# [-l|--local] [-r|--remote] -# [-s|--server ] [-b|--bucket ] ... -# -# = Description -# -# This is a stand-alone filebucket client for sending files to a local -# or central filebucket. -# -# = Usage -# -# This client can operate in three modes, with only one mode per call: -# -# backup:: -# Send one or more files to the specified file bucket. Each sent file -# is printed with its resulting md5 sum. -# -# get:: -# Return the text associated with an md5 sum. The text is printed to -# stdout, and only one file can be retrieved at a time. -# -# restore:: -# Given a file path and an md5 sum, store the content associated with the -# sum into the specified file path. You can specify an entirely new path -# to this argument; you are not restricted to restoring the content to its -# original location. -# -# Note that +filebucket+ defaults to using a network-based filebucket available on -# the server named +puppet+. To use this, you'll have to be running as a user -# with valid Puppet certificates. Alternatively, you can use your local file bucket -# by specifying +--local+. -# -# = Example -# -# $ puppet filebucket backup /etc/passwd -# /etc/passwd: 429b225650b912a2ee067b0a4cf1e949 -# $ puppet filebucket restore /tmp/passwd 429b225650b912a2ee067b0a4cf1e949 -# $ -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'ssldir' is a valid configuration -# parameter, so you can specify '--ssldir ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppet with -# '--genconfig'. -# -# debug:: -# Enable full debugging. -# -# help:: -# Print this help message -# -# local:: -# Use the local filebucket. This will use the default configuration -# information. -# -# remote:: -# Use a remote filebucket. This will use the default configuration -# information. -# -# server:: -# The server to send the file to, instead of locally. -# -# verbose:: -# Print extra information. -# -# version:: -# Print version information. -# -# = Example -# -# puppet filebucket -b /tmp/filebucket /my/file -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:filebucket].run -- cgit From c61d6d0c133ba185bf63884b9e513df5234211cf Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:14:51 -0800 Subject: Maint: move puppet describe --help --- lib/puppet/application/describe.rb | 53 ++++++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/pi | 48 ---------------------------------- 2 files changed, 53 insertions(+), 48 deletions(-) delete mode 100755 lib/puppet/util/command_line/pi (limited to 'lib') diff --git a/lib/puppet/application/describe.rb b/lib/puppet/application/describe.rb index e76b347f6..0c7bea96d 100644 --- a/lib/puppet/application/describe.rb +++ b/lib/puppet/application/describe.rb @@ -180,6 +180,59 @@ class Puppet::Application::Describe < Puppet::Application option("--list", "-l") option("--meta","-m") + def help + <<-HELP + +SYNOPSIS +======== +Print help about puppet types on the console. Run with '-h' to get +detailed help. + + +USAGE +===== + puppet describe [-h|--help] [-s|--short] [-p|--providers] [-l|--list] [-m|--meta] + + +DESCRIPTION +=========== +Prints details of Puppet types, providers and metaparameters on the +console. + + +OPTIONS +======= +help: Print this help text + +providers: Describe providers in detail for each type + +list: List all types + +meta: List all metaparameters + +short: List only parameters without detail + + +EXAMPLE +======= + puppet describe --list + puppet describe file --providers + puppet describe user -s -m + + +AUTHOR +====== +David Lutterkort + + +COPYRIGHT +========= +Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def preinit options[:parameters] = true end diff --git a/lib/puppet/util/command_line/pi b/lib/puppet/util/command_line/pi deleted file mode 100755 index 3d80eea8f..000000000 --- a/lib/puppet/util/command_line/pi +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# Print help about puppet types on the console. Run with '-h' to get detailed -# help. -# = Usage -# -# puppet describe [-h|--help] [-s|--short] [-p|--providers] [-l|--list] [-m|--meta] -# -# = Description -# -# Prints details of Puppet types, providers and metaparameters on the console. -# -# = Options -# -# help:: -# Print this help text -# -# providers:: -# Describe providers in detail for each type -# -# list:: -# List all types -# -# meta:: -# List all metaparameters -# -# short:: -# List only parameters without detail -# -# = Example -# -# puppet describe --list -# puppet describe file --providers -# puppet describe user -s -m -# -# = Author -# -# David Lutterkort -# -# = Copyright -# -# Copyright (c) 2005 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:describe].run -- cgit From 9fdd66b3b481e658c8951530b90ca4dd4707fcf0 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:17:13 -0800 Subject: Maint: move puppet apply --help --- lib/puppet/application/apply.rb | 76 +++++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppet | 69 --------------------------------- 2 files changed, 76 insertions(+), 69 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppet (limited to 'lib') diff --git a/lib/puppet/application/apply.rb b/lib/puppet/application/apply.rb index 33a70ce8a..63a51f253 100644 --- a/lib/puppet/application/apply.rb +++ b/lib/puppet/application/apply.rb @@ -26,6 +26,82 @@ class Puppet::Application::Apply < Puppet::Application end end + def help + <<-HELP + +SYNOPSIS +======== +Run a stand-alone 'puppet' manifest. + + +USAGE +===== + puppet apply [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose] [-e|--execute] + [--detailed-exitcodes] [-l|--logdest ] + + +DESCRIPTION +=========== +This is the standalone puppet execution tool; use it to execute +individual manifests that you write. If you need to execute site-wide +manifests, use 'puppet agent' and 'puppet master'. + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'ssldir' is a valid +configuration parameter, so you can specify '--ssldir ' as an +argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppet with +'--genconfig'. + +debug: Enable full debugging. + +detailed-exitcodes: Provide transaction information via exit codes. If + this is enabled, an exit code of '2' means there + were changes, and an exit code of '4' means that + there were failures during the transaction. + +help: Print this help message + +loadclasses: Load any stored classes. 'puppet agent' caches + configured classes (usually at + /etc/puppet/classes.txt), and setting this option + causes all of those classes to be set in your puppet + manifest. + +logdest: Where to send messages. Choose between syslog, the + console, and a log file. Defaults to sending + messages to the console. + +execute: Execute a specific piece of Puppet code + +verbose: Print extra information. + + +EXAMPLE +======= + puppet -l /tmp/manifest.log manifest.pp + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def run_command if options[:catalog] apply diff --git a/lib/puppet/util/command_line/puppet b/lib/puppet/util/command_line/puppet deleted file mode 100755 index e75b92af8..000000000 --- a/lib/puppet/util/command_line/puppet +++ /dev/null @@ -1,69 +0,0 @@ - -# -# = Synopsis -# -# Run a stand-alone +puppet+ manifest. -# -# = Usage -# -# puppet apply [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose] [-e|--execute] -# [--detailed-exitcodes] [-l|--logdest ] -# -# = Description -# -# This is the standalone puppet execution tool; use it to execute -# individual manifests that you write. If you need to execute site-wide -# manifests, use 'puppet agent' and 'puppet master'. -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'ssldir' is a valid configuration -# parameter, so you can specify '--ssldir ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppet with -# '--genconfig'. -# -# debug:: -# Enable full debugging. -# -# detailed-exitcodes:: -# Provide transaction information via exit codes. If this is enabled, an exit -# code of '2' means there were changes, and an exit code of '4' means that there -# were failures during the transaction. -# -# help:: -# Print this help message -# -# loadclasses:: -# Load any stored classes. 'puppet agent' caches configured classes (usually at -# /etc/puppet/classes.txt), and setting this option causes all of those classes -# to be set in your puppet manifest. -# -# logdest:: -# Where to send messages. Choose between syslog, the console, and a log file. -# Defaults to sending messages to the console. -# -# execute:: -# Execute a specific piece of Puppet code -# -# verbose:: -# Print extra information. -# -# = Example -# -# puppet -l /tmp/manifest.log manifest.pp -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:apply].run -- cgit From 7568b780702d53beabc3fba3017c4c70179aafd7 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:43:54 -0800 Subject: Maint: move puppet cert --help --- lib/puppet/application/cert.rb | 111 ++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppetca | 110 --------------------------------- 2 files changed, 111 insertions(+), 110 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppetca (limited to 'lib') diff --git a/lib/puppet/application/cert.rb b/lib/puppet/application/cert.rb index 467b0c859..0db968e9e 100644 --- a/lib/puppet/application/cert.rb +++ b/lib/puppet/application/cert.rb @@ -45,6 +45,117 @@ class Puppet::Application::Cert < Puppet::Application Puppet::Util::Log.level = :info end + def help + <<-HELP + +SYNOPSIS +======== +Stand-alone certificate authority. Capable of generating certificates +but mostly meant for signing certificate requests from puppet clients. + + +USAGE +===== + puppet cert [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose] + [-g|--generate] [-l|--list] [-s|--sign] [-r|--revoke] + [-p|--print] [-c|--clean] [--verify] [--digest DIGEST] + [--fingerprint] [host] + + +DESCRIPTION +=========== +Because the puppetmasterd daemon defaults to not signing client +certificate requests, this script is available for signing outstanding +requests. It can be used to list outstanding requests and then either +sign them individually or sign all of them. + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'ssldir' is a valid +configuration parameter, so you can specify '--ssldir ' as an +argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppet cert with +'--genconfig'. + +all: Operate on all items. Currently only makes sense with + '--sign', '--clean', or '--list'. + +digest: Set the digest for fingerprinting (defaults to md5). Valid + values depends on your openssl and openssl ruby extension + version, but should contain at least md5, sha1, md2, + sha256. + +clean: Remove all files related to a host from puppet cert's + storage. This is useful when rebuilding hosts, since new + certificate signing requests will only be honored if puppet + cert does not have a copy of a signed certificate for that + host. The certificate of the host is also revoked. If + '--all' is specified then all host certificates, both + signed and unsigned, will be removed. + +debug: Enable full debugging. + +generate: Generate a certificate for a named client. A + certificate/keypair will be generated for each client named + on the command line. + +help: Print this help message + +list: List outstanding certificate requests. If '--all' is + specified, signed certificates are also listed, prefixed by + '+', and revoked or invalid certificates are prefixed by + '-' (the verification outcome is printed in parenthesis). + +print: Print the full-text version of a host's certificate. + +fingerprint: Print the DIGEST (defaults to md5) fingerprint of a host's + certificate. + +revoke: Revoke the certificate of a client. The certificate can be + specified either by its serial number, given as a decimal + number or a hexadecimal number prefixed by '0x', or by its + hostname. The certificate is revoked by adding it to the + Certificate Revocation List given by the 'cacrl' config + parameter. Note that the puppetmasterd needs to be + restarted after revoking certificates. + +sign: Sign an outstanding certificate request. Unless '--all' is + specified, hosts must be listed after all flags. + +verbose: Enable verbosity. + +version: Print the puppet version number and exit. + +verify: Verify the named certificate against the local CA + certificate. + + +EXAMPLE +======= + $ puppet cert -l + culain.madstop.com + $ puppet cert -s culain.madstop.com + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def main if @all hosts = :all diff --git a/lib/puppet/util/command_line/puppetca b/lib/puppet/util/command_line/puppetca deleted file mode 100755 index 317d99881..000000000 --- a/lib/puppet/util/command_line/puppetca +++ /dev/null @@ -1,110 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# Stand-alone certificate authority. Capable of generating certificates -# but mostly meant for signing certificate requests from puppet clients. -# -# = Usage -# -# puppet cert [-h|--help] [-V|--version] [-d|--debug] [-v|--verbose] -# [-g|--generate] [-l|--list] [-s|--sign] [-r|--revoke] -# [-p|--print] [-c|--clean] [--verify] [--digest DIGEST] -# [--fingerprint] [host] -# -# = Description -# -# Because the puppetmasterd daemon defaults to not signing client certificate -# requests, this script is available for signing outstanding requests. It -# can be used to list outstanding requests and then either sign them individually -# or sign all of them. -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'ssldir' is a valid configuration -# parameter, so you can specify '--ssldir ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppet cert with -# '--genconfig'. -# -# all:: -# Operate on all items. Currently only makes sense with '--sign', -# '--clean', or '--list'. -# -# digest:: -# Set the digest for fingerprinting (defaults to md5). Valid values depends -# on your openssl and openssl ruby extension version, but should contain at -# least md5, sha1, md2, sha256. -# -# clean:: -# Remove all files related to a host from puppet cert's storage. This is -# useful when rebuilding hosts, since new certificate signing requests -# will only be honored if puppet cert does not have a copy of a signed -# certificate for that host. The certificate of the host is also revoked. -# If '--all' is specified then all host certificates, both signed and -# unsigned, will be removed. -# -# debug:: -# Enable full debugging. -# -# generate:: -# Generate a certificate for a named client. A certificate/keypair will be -# generated for each client named on the command line. -# -# help:: -# Print this help message -# -# list:: -# List outstanding certificate requests. If '--all' is specified, -# signed certificates are also listed, prefixed by '+', and revoked -# or invalid certificates are prefixed by '-' (the verification outcome -# is printed in parenthesis). -# -# print:: -# Print the full-text version of a host's certificate. -# -# fingerprint:: -# Print the DIGEST (defaults to md5) fingerprint of a host's certificate. -# -# revoke:: -# Revoke the certificate of a client. The certificate can be specified -# either by its serial number, given as a decimal number or a hexadecimal -# number prefixed by '0x', or by its hostname. The certificate is revoked -# by adding it to the Certificate Revocation List given by the 'cacrl' -# config parameter. Note that the puppetmasterd needs to be restarted -# after revoking certificates. -# -# sign:: -# Sign an outstanding certificate request. Unless '--all' is specified, -# hosts must be listed after all flags. -# -# verbose:: -# Enable verbosity. -# -# version:: -# Print the puppet version number and exit. -# -# verify:: -# Verify the named certificate against the local CA certificate. -# -# = Example -# -# $ puppet cert -l -# culain.madstop.com -# $ puppet cert -s culain.madstop.com -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:cert].run -- cgit From a041e194c41febe752ee39ba5d26291a775ecb5f Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:45:53 -0800 Subject: Maint: move puppet doc --help --- lib/puppet/application/doc.rb | 84 ++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppetdoc | 67 --------------------------- 2 files changed, 84 insertions(+), 67 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppetdoc (limited to 'lib') diff --git a/lib/puppet/application/doc.rb b/lib/puppet/application/doc.rb index aaefd6e75..c7f270c8d 100644 --- a/lib/puppet/application/doc.rb +++ b/lib/puppet/application/doc.rb @@ -50,6 +50,90 @@ class Puppet::Application::Doc < Puppet::Application options[:references] << arg.intern end + def help + <<-HELP + +SYNOPSIS +======== +Generate a reference for all Puppet types. Largely meant for internal +Puppet Labs use. + + +USAGE +===== + puppet doc [-a|--all] [-h|--help] [-o|--outputdir ] [-m|--mode ] + [-r|--reference <[type]|configuration|..>] [--charset CHARSET] [manifest-file] + + +DESCRIPTION +=========== +If mode is not 'rdoc', then this command generates a Markdown document +describing all installed Puppet types or all allowable arguments to +puppet executables. It is largely meant for internal use and is used to +generate the reference document available on the Puppet Labs web site. + +In 'rdoc' mode, this command generates an html RDoc hierarchy describing +the manifests that are in 'manifestdir' and 'modulepath' configuration +directives. The generated documentation directory is doc by default but +can be changed with the 'outputdir' option. + +If the command is started with 'manifest-file' command-line arguments, +puppet doc generate a single manifest documentation that is output on +stdout. + + +OPTIONS +======= +all: Output the docs for all of the reference types. In 'rdoc' + modes, this also outputs documentation for all resources + +help: Print this help message + +outputdir: Specifies the directory where to output the rdoc + documentation in 'rdoc' mode. + +mode: Determine the output mode. Valid modes are 'text', 'pdf' and + 'rdoc'. The 'pdf' mode creates PDF formatted files in the + /tmp directory. The default mode is 'text'. In 'rdoc' mode + you must provide 'manifests-path' + +reference: Build a particular reference. Get a list of references by + running 'puppet doc --list'. + +charset: Used only in 'rdoc' mode. It sets the charset used in the + html files produced. + + +EXAMPLE +======= + $ puppet doc -r type > /tmp/type_reference.markdown + +or + + $ puppet doc --outputdir /tmp/rdoc --mode rdoc /path/to/manifests + +or + + $ puppet doc /etc/puppet/manifests/site.pp + +or + + $ puppet doc -m pdf -r configuration + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005-2007 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def handle_unknown( opt, arg ) @unknown_args << {:opt => opt, :arg => arg } true diff --git a/lib/puppet/util/command_line/puppetdoc b/lib/puppet/util/command_line/puppetdoc deleted file mode 100755 index 45a9c6518..000000000 --- a/lib/puppet/util/command_line/puppetdoc +++ /dev/null @@ -1,67 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# Generate a reference for all Puppet types. Largely meant for internal Puppet -# Labs use. -# -# = Usage -# -# puppet doc [-a|--all] [-h|--help] [-o|--outputdir ] [-m|--mode ] -# [-r|--reference <[type]|configuration|..>] [--charset CHARSET] [manifest-file] -# -# = Description -# -# If mode is not 'rdoc', then this command generates a Markdown document describing all installed -# Puppet types or all allowable arguments to puppet executables. It is largely -# meant for internal use and is used to generate the reference document -# available on the Puppet Labs web site. -# -# In 'rdoc' mode, this command generates an html RDoc hierarchy describing the manifests that -# are in 'manifestdir' and 'modulepath' configuration directives. -# The generated documentation directory is doc by default but can be changed with the 'outputdir' option. -# -# If the command is started with 'manifest-file' command-line arguments, puppet doc generate a single -# manifest documentation that is output on stdout. -# -# = Options -# -# all:: -# Output the docs for all of the reference types. In 'rdoc' modes, this also outputs documentation for all resources -# -# help:: -# Print this help message -# -# outputdir:: -# Specifies the directory where to output the rdoc documentation in 'rdoc' mode. -# -# mode:: -# Determine the output mode. Valid modes are 'text', 'pdf' and 'rdoc'. The 'pdf' mode creates PDF formatted files in the /tmp directory. The default mode is 'text'. In 'rdoc' mode you must provide 'manifests-path' -# -# reference:: -# Build a particular reference. Get a list of references by running +puppet doc --list+. -# -# charset:: -# Used only in 'rdoc' mode. It sets the charset used in the html files produced. -# -# = Example -# -# $ puppet doc -r type > /tmp/type_reference.markdown -# or -# $ puppet doc --outputdir /tmp/rdoc --mode rdoc /path/to/manifests -# or -# $ puppet doc /etc/puppet/manifests/site.pp -# or -# $ puppet doc -m pdf -r configuration -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005-2007 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:doc].run -- cgit From 95fc38c1a06cddbc8de9e308b6abc4ada65671c6 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:50:06 -0800 Subject: Maint: move puppet queue --help --- lib/puppet/application/queue.rb | 59 +++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppetqd | 53 ------------------------------- 2 files changed, 59 insertions(+), 53 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppetqd (limited to 'lib') diff --git a/lib/puppet/application/queue.rb b/lib/puppet/application/queue.rb index 239f6b2ad..651177109 100644 --- a/lib/puppet/application/queue.rb +++ b/lib/puppet/application/queue.rb @@ -37,6 +37,65 @@ class Puppet::Application::Queue < Puppet::Application option("--debug","-d") option("--verbose","-v") + def help + <<-HELP + +SYNOPSIS +======== +Retrieve serialized records from a queue and process them in order. + + +USAGE +===== + puppet queue [-d|--debug] [-v|--verbose] + + +DESCRIPTION +=========== +This is a simple application that just processes entities in a queue as +they are recieved. + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'server' is a valid +configuration parameter, so you can specify '--server ' as +an argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppetd with +'--genconfig'. + +debug: Enable full debugging. + +help: Print this help message + +verbose: Turn on verbose reporting. + +version: Print the puppet version number and exit. + + +EXAMPLE +======= + puppet queue + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2009 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def main require 'puppet/indirector/catalog/queue' # provides Puppet::Indirector::Queue.subscribe Puppet.notice "Starting puppetqd #{Puppet.version}" diff --git a/lib/puppet/util/command_line/puppetqd b/lib/puppet/util/command_line/puppetqd deleted file mode 100755 index 81963d537..000000000 --- a/lib/puppet/util/command_line/puppetqd +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env ruby - -# == Synopsis -# -# Retrieve serialized records from a queue and process them in order. -# -# = Usage -# -# puppet queue [-d|--debug] [-v|--verbose] -# -# = Description -# -# This is a simple application that just processes entities in a queue as they -# are recieved. -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'server' is a valid configuration -# parameter, so you can specify '--server ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppetd with -# '--genconfig'. -# -# debug:: -# Enable full debugging. -# -# help:: -# Print this help message -# -# verbose:: -# Turn on verbose reporting. -# -# version:: -# Print the puppet version number and exit. -# -# = Example -# -# puppet queue -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2009 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:queue].run -- cgit From 82e004f810b0e578c39c605237e9a99fd7d2d3d1 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 15:52:16 -0800 Subject: Maint: move puppet kick --help --- lib/puppet/application/kick.rb | 131 +++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/puppetrun | 126 ------------------------------- 2 files changed, 131 insertions(+), 126 deletions(-) delete mode 100755 lib/puppet/util/command_line/puppetrun (limited to 'lib') diff --git a/lib/puppet/application/kick.rb b/lib/puppet/application/kick.rb index 37aeb1ef2..c05f09783 100644 --- a/lib/puppet/application/kick.rb +++ b/lib/puppet/application/kick.rb @@ -37,6 +37,137 @@ class Puppet::Application::Kick < Puppet::Application end end + def help + <<-HELP + +SYNOPSIS +======== +Trigger a puppet agent run on a set of hosts. + + +USAGE +===== + puppet kick [-a|--all] [-c|--class ] [-d|--debug] [-f|--foreground] + [-h|--help] [--host ] [--no-fqdn] [--ignoreschedules] + [-t|--tag ] [--test] [-p|--ping] [ [...]] + + +DESCRIPTION +=========== +This script can be used to connect to a set of machines running 'puppet +agent' and trigger them to run their configurations. The most common +usage would be to specify a class of hosts and a set of tags, and +'puppet kick' would look up in LDAP all of the hosts matching that +class, then connect to each host and trigger a run of all of the objects +with the specified tags. + +If you are not storing your host configurations in LDAP, you can specify +hosts manually. + +You will most likely have to run 'puppet kick' as root to get access to +the SSL certificates. + +'puppet kick' reads 'puppet master''s configuration file, so that it can +copy things like LDAP settings. + + +USAGE NOTES +=========== +'puppet kick' is useless unless 'puppet agent' is listening. See its +documentation for more information, but the gist is that you must enable +'listen' on the 'puppet agent' daemon, either using '--listen' on the +command line or adding 'listen: true' in its config file. In addition, +you need to set the daemons up to specifically allow connections by +creating the 'namespaceauth' file, normally at +'/etc/puppet/namespaceauth.conf'. This file specifies who has access to +each namespace; if you create the file you must add every namespace you +want any Puppet daemon to allow -- it is currently global to all Puppet +daemons. + +An example file looks like this:: + + [fileserver] + allow *.madstop.com + + [puppetmaster] + allow *.madstop.com + + [puppetrunner] + allow culain.madstop.com + +This is what you would install on your Puppet master; non-master hosts +could leave off the 'fileserver' and 'puppetmaster' namespaces. + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'ssldir' is a valid +configuration parameter, so you can specify '--ssldir ' as an +argument. + +See the configuration file documentation at +http://reductivelabs.com/projects/puppet/reference/configref.html for +the full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppet master +with '--genconfig'. + +all: Connect to all available hosts. Requires LDAP support + at this point. + +class: Specify a class of machines to which to connect. This + only works if you have LDAP configured, at the moment. + +debug: Enable full debugging. + +foreground: Run each configuration in the foreground; that is, when + connecting to a host, do not return until the host has + finished its run. The default is false. + +help: Print this help message + +host: A specific host to which to connect. This flag can be + specified more than once. + +ignoreschedules: Whether the client should ignore schedules when running + its configuration. This can be used to force the client + to perform work it would not normally perform so soon. + The default is false. + +parallel: How parallel to make the connections. Parallelization + is provided by forking for each client to which to + connect. The default is 1, meaning serial execution. + +tag: Specify a tag for selecting the objects to apply. Does + not work with the --test option. + +test: Print the hosts you would connect to but do not + actually connect. This option requires LDAP support at + this point. + +ping:: + + Do a ICMP echo against the target host. Skip hosts that don't respond to ping. + + +EXAMPLE +======= + sudo puppet kick -p 10 -t remotefile -t webserver host1 host2 + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def run_command @hosts += command_line.args options[:test] ? test : main diff --git a/lib/puppet/util/command_line/puppetrun b/lib/puppet/util/command_line/puppetrun deleted file mode 100755 index 7eba3b2c4..000000000 --- a/lib/puppet/util/command_line/puppetrun +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# Trigger a puppet agent run on a set of hosts. -# -# = Usage -# -# puppet kick [-a|--all] [-c|--class ] [-d|--debug] [-f|--foreground] -# [-h|--help] [--host ] [--no-fqdn] [--ignoreschedules] -# [-t|--tag ] [--test] [-p|--ping] [ [...]] -# -# = Description -# -# This script can be used to connect to a set of machines running +puppet agent+ -# and trigger them to run their configurations. The most common usage would -# be to specify a class of hosts and a set of tags, and +puppet kick+ would -# look up in LDAP all of the hosts matching that class, then connect to -# each host and trigger a run of all of the objects with the specified tags. -# -# If you are not storing your host configurations in LDAP, you can specify -# hosts manually. -# -# You will most likely have to run +puppet kick+ as root to get access to -# the SSL certificates. -# -# +puppet kick+ reads +puppet master+'s configuration file, so that it can copy -# things like LDAP settings. -# -# = Usage Notes -# -# +puppet kick+ is useless unless +puppet agent+ is listening. See its documentation -# for more information, but the gist is that you must enable +listen+ on the -# +puppet agent+ daemon, either using +--listen+ on the command line or adding -# 'listen: true' in its config file. In addition, you need to set the daemons -# up to specifically allow connections by creating the +namespaceauth+ file, -# normally at '/etc/puppet/namespaceauth.conf'. This file specifies who has -# access to each namespace; if you create the file you must add every namespace -# you want any Puppet daemon to allow -- it is currently global to all Puppet -# daemons. -# -# An example file looks like this:: -# -# [fileserver] -# allow *.madstop.com -# -# [puppetmaster] -# allow *.madstop.com -# -# [puppetrunner] -# allow culain.madstop.com -# -# This is what you would install on your Puppet master; non-master hosts could -# leave off the 'fileserver' and 'puppetmaster' namespaces. -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'ssldir' is a valid configuration -# parameter, so you can specify '--ssldir ' as an argument. -# -# See the configuration file documentation at -# http://reductivelabs.com/projects/puppet/reference/configref.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppet master with -# '--genconfig'. -# -# -# all:: -# Connect to all available hosts. Requires LDAP support at this point. -# -# class:: -# Specify a class of machines to which to connect. This only works if you -# have LDAP configured, at the moment. -# -# debug:: -# Enable full debugging. -# -# foreground:: -# Run each configuration in the foreground; that is, when connecting to a host, -# do not return until the host has finished its run. The default is false. -# -# help:: -# Print this help message -# -# host:: -# A specific host to which to connect. This flag can be specified more -# than once. -# -# ignoreschedules:: -# Whether the client should ignore schedules when running its configuration. -# This can be used to force the client to perform work it would not normally -# perform so soon. The default is false. -# -# parallel:: -# How parallel to make the connections. Parallelization is provided by forking -# for each client to which to connect. The default is 1, meaning serial execution. -# -# tag:: -# Specify a tag for selecting the objects to apply. Does not work with the -# --test option. -# -# -# test:: -# Print the hosts you would connect to but do not actually connect. This -# option requires LDAP support at this point. -# -# ping:: -# -# Do a ICMP echo against the target host. Skip hosts that don't respond to ping. -# -# = Example -# -# sudo puppet kick -p 10 -t remotefile -t webserver host1 host2 -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:kick].run -- cgit From 3f2f1c2456cf5f08bd67ab5730ab970be5285711 Mon Sep 17 00:00:00 2001 From: Jesse Wolfe Date: Thu, 3 Feb 2011 16:02:46 -0800 Subject: Maint: move puppet resource --help --- lib/puppet/application/resource.rb | 104 +++++++++++++++++++++++++++++++++++++ lib/puppet/util/command_line/ralsh | 89 ------------------------------- 2 files changed, 104 insertions(+), 89 deletions(-) delete mode 100755 lib/puppet/util/command_line/ralsh (limited to 'lib') diff --git a/lib/puppet/application/resource.rb b/lib/puppet/application/resource.rb index f55caa58a..55b190a76 100644 --- a/lib/puppet/application/resource.rb +++ b/lib/puppet/application/resource.rb @@ -35,6 +35,110 @@ class Puppet::Application::Resource < Puppet::Application @extra_params << arg.to_sym end + def help + <<-HELP + +SYNOPSIS +======== +Use the Puppet RAL to directly interact with the system. + + +USAGE +===== + puppet resource [-h|--help] [-d|--debug] [-v|--verbose] [-e|--edit] + [-H|--host ] [-p|--param ] [-t|--types] + type + + +DESCRIPTION +=========== +This command provides simple facilities for converting current system +state into Puppet code, along with some ability to use Puppet to affect +the current state. + +By default, you must at least provide a type to list, which case puppet +resource will tell you everything it knows about all instances of that +type. You can optionally specify an instance name, and puppet resource +will only describe that single instance. + +You can also add '--edit' as an argument, and puppet resource will write +its output to a file, open that file in an editor, and then apply the +file as a Puppet transaction. You can easily use this to use Puppet to +make simple changes to a system. + + +OPTIONS +======= +Note that any configuration parameter that's valid in the configuration +file is also a valid long argument. For example, 'ssldir' is a valid +configuration parameter, so you can specify '--ssldir ' as an +argument. + +See the configuration file documentation at +http://docs.puppetlabs.com/references/stable/configuration.html for the +full list of acceptable parameters. A commented list of all +configuration options can also be generated by running puppet with +'--genconfig'. + +debug: Enable full debugging. + +edit: + + Write the results of the query to a file, open the file in an editor, + and read the file back in as an executable Puppet manifest. + +host: + + When specified, connect to the resource server on the named host + and retrieve the list of resouces of the type specified. + +help: + + Print this help message. + +param: + + Add more parameters to be outputted from queries. + +types: + + List all available types. + +verbose: + + Print extra information. + + +EXAMPLE +======= +This example uses `puppet resource` to return Puppet configuration for +the user `luke`: + + $ puppet resource user luke + user { 'luke': + home => '/home/luke', + uid => '100', + ensure => 'present', + comment => 'Luke Kanies,,,', + gid => '1000', + shell => '/bin/bash', + groups => ['sysadmin','audio','video','puppet'] + } + + +AUTHOR +====== +Luke Kanies + + +COPYRIGHT +========= +Copyright (c) 2005-2007 Puppet Labs, LLC Licensed under the GNU Public +License + + HELP + end + def main args = command_line.args type = args.shift or raise "You must specify the type to display" diff --git a/lib/puppet/util/command_line/ralsh b/lib/puppet/util/command_line/ralsh deleted file mode 100755 index 5c1f719e2..000000000 --- a/lib/puppet/util/command_line/ralsh +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env ruby - -# -# = Synopsis -# -# Use the Puppet RAL to directly interact with the system. -# -# = Usage -# -# puppet resource [-h|--help] [-d|--debug] [-v|--verbose] [-e|--edit] -# [-H|--host ] [-p|--param ] [-t|--types] -# type -# -# = Description -# -# This command provides simple facilities for converting current system state -# into Puppet code, along with some ability to use Puppet to affect the current -# state. -# -# By default, you must at least provide a type to list, which case puppet resource -# will tell you everything it knows about all instances of that type. You can -# optionally specify an instance name, and puppet resource will only describe that single -# instance. -# -# You can also add +--edit+ as an argument, and puppet resource will write its output -# to a file, open that file in an editor, and then apply the file as a Puppet -# transaction. You can easily use this to use Puppet to make simple changes to -# a system. -# -# = Options -# -# Note that any configuration parameter that's valid in the configuration file -# is also a valid long argument. For example, 'ssldir' is a valid configuration -# parameter, so you can specify '--ssldir ' as an argument. -# -# See the configuration file documentation at -# http://docs.puppetlabs.com/references/stable/configuration.html for -# the full list of acceptable parameters. A commented list of all -# configuration options can also be generated by running puppet with -# '--genconfig'. -# -# debug:: -# Enable full debugging. -# -# edit: -# Write the results of the query to a file, open the file in an editor, -# and read the file back in as an executable Puppet manifest. -# -# host: -# When specified, connect to the resource server on the named host -# and retrieve the list of resouces of the type specified. -# -# help: -# Print this help message. -# -# param: -# Add more parameters to be outputted from queries. -# -# types: -# List all available types. -# -# verbose: -# Print extra information. -# -# = Example -# -# This example uses `puppet resource` to return Puppet configuration for the user `luke`: -# -# $ puppet resource user luke -# user { 'luke': -# home => '/home/luke', -# uid => '100', -# ensure => 'present', -# comment => 'Luke Kanies,,,', -# gid => '1000', -# shell => '/bin/bash', -# groups => ['sysadmin','audio','video','puppet'] -# } -# -# = Author -# -# Luke Kanies -# -# = Copyright -# -# Copyright (c) 2005-2007 Puppet Labs, LLC -# Licensed under the GNU Public License - -#Puppet::Application[:resource].run -- cgit