[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, upstream, updated. 0.25.5-639-g8f94f35
test branch
puppet-dev at googlegroups.com
Wed Jul 14 10:33:51 UTC 2010
The following commit has been merged in the upstream branch:
commit 37a55306aa08e2004103e9a4a2a94bba18ffa61d
Author: Jesse Wolfe <jes5199 at gmail.com>
Date: Wed May 12 18:26:43 2010 -0700
Feature #2935 Modes: root? predicate
Use a predicate method to check if we're running as root, rather than
comparing the effective user id
Signed-off-by: Jesse Wolfe <jes5199 at gmail.com>
diff --git a/lib/puppet/application/master.rb b/lib/puppet/application/master.rb
index 433a4d2..5d597a6 100644
--- a/lib/puppet/application/master.rb
+++ b/lib/puppet/application/master.rb
@@ -95,7 +95,7 @@ class Puppet::Application::Master < Puppet::Application
Puppet::SSL::Host.ca_location = :only
end
- if Process.uid == 0
+ if Puppet.features.root?
begin
Puppet::Util.chuser
rescue => detail
diff --git a/lib/puppet/feature/base.rb b/lib/puppet/feature/base.rb
index aac04f2..1971f14 100644
--- a/lib/puppet/feature/base.rb
+++ b/lib/puppet/feature/base.rb
@@ -15,7 +15,7 @@ Puppet.features.add(:usage, :libs => %w{rdoc/ri/ri_paths rdoc/usage})
Puppet.features.add(:libshadow, :libs => ["shadow"])
# We're running as root.
-Puppet.features.add(:root) { require 'puppet/util/suidmanager'; Puppet::Util::SUIDManager.uid == 0 }
+Puppet.features.add(:root) { require 'puppet/util/suidmanager'; Puppet::Util::SUIDManager.root? }
# We've got mongrel available
Puppet.features.add(:mongrel, :libs => %w{rubygems mongrel puppet/network/http_server/mongrel})
diff --git a/lib/puppet/provider/nameservice/directoryservice.rb b/lib/puppet/provider/nameservice/directoryservice.rb
index 9a860b7..2d4fc24 100644
--- a/lib/puppet/provider/nameservice/directoryservice.rb
+++ b/lib/puppet/provider/nameservice/directoryservice.rb
@@ -215,7 +215,7 @@ class DirectoryService < Puppet::Provider::NameService
# stored in the user record. It is stored at a path that involves the
# UUID of the user record for non-Mobile local acccounts.
# Mobile Accounts are out of scope for this provider for now
- if @resource_type.validproperties.include?(:password) and Process.uid == 0
+ if @resource_type.validproperties.include?(:password) and Puppet.features.root?
attribute_hash[:password] = self.get_password(attribute_hash[:guid])
end
return attribute_hash
diff --git a/lib/puppet/type/file/owner.rb b/lib/puppet/type/file/owner.rb
index e5ca06a..2b53092 100755
--- a/lib/puppet/type/file/owner.rb
+++ b/lib/puppet/type/file/owner.rb
@@ -42,7 +42,7 @@ module Puppet
return true if uid == current
end
- unless Puppet::Util::SUIDManager.uid == 0
+ unless Puppet.features.root?
warnonce "Cannot manage ownership unless running as root"
return true
end
diff --git a/lib/puppet/util/settings.rb b/lib/puppet/util/settings.rb
index dd85342..1a21265 100644
--- a/lib/puppet/util/settings.rb
+++ b/lib/puppet/util/settings.rb
@@ -728,7 +728,7 @@ Generated on #{Time.now}.
def writesub(default, file, *args, &bloc)
obj = get_config_file_default(default)
chown = nil
- if Puppet::Util::SUIDManager.uid == 0
+ if Puppet.features.root?
chown = [obj.owner, obj.group]
else
chown = [nil, nil]
diff --git a/lib/puppet/util/suidmanager.rb b/lib/puppet/util/suidmanager.rb
index 424fb46..6f09005 100644
--- a/lib/puppet/util/suidmanager.rb
+++ b/lib/puppet/util/suidmanager.rb
@@ -44,9 +44,13 @@ module Puppet::Util::SUIDManager
alias :gid :egid
end
+ def self.root?
+ Process.uid == 0
+ end
+
# Runs block setting uid and gid if provided then restoring original ids
def asuser(new_uid=nil, new_gid=nil)
- return yield unless Process.uid == 0
+ return yield unless root?
# We set both because some programs like to drop privs, i.e. bash.
old_uid, old_gid = self.uid, self.gid
old_euid, old_egid = self.euid, self.egid
diff --git a/spec/unit/application/master.rb b/spec/unit/application/master.rb
index 54336c1..f082ece 100644
--- a/spec/unit/application/master.rb
+++ b/spec/unit/application/master.rb
@@ -391,7 +391,7 @@ describe Puppet::Application::Master do
end
it "should drop privileges if running as root" do
- Process.stubs(:uid).returns(0)
+ Puppet.features.stubs(:root?).returns true
Puppet::Util.expects(:chuser)
diff --git a/spec/unit/transaction/resource_harness.rb b/spec/unit/transaction/resource_harness.rb
index 2abec3c..3b9a42a 100755
--- a/spec/unit/transaction/resource_harness.rb
+++ b/spec/unit/transaction/resource_harness.rb
@@ -101,7 +101,7 @@ describe Puppet::Transaction::ResourceHarness do
before do
@current_state = Puppet::Resource.new(:file, "/my/file")
@resource.stubs(:retrieve).returns @current_state
- Puppet::Util::SUIDManager.stubs(:uid).returns 0
+ Puppet.features.stubs(:root?).returns true
end
it "should retrieve the current values from the resource" do
diff --git a/spec/unit/type/file/owner.rb b/spec/unit/type/file/owner.rb
index 62f7b0a..6891ba2 100755
--- a/spec/unit/type/file/owner.rb
+++ b/spec/unit/type/file/owner.rb
@@ -56,7 +56,7 @@ describe property do
describe "when determining if the file is in sync" do
describe "and not running as root" do
it "should warn once and return true" do
- Puppet::Util::SUIDManager.expects(:uid).returns 1
+ Puppet.features.expects(:root?).returns false
@owner.expects(:warnonce)
@@ -66,7 +66,7 @@ describe property do
end
before do
- Puppet::Util::SUIDManager.stubs(:uid).returns 0
+ Puppet.features.stubs(:root?).returns true
end
it "should be in sync if 'should' is not provided" do
--
Puppet packaging for Debian
More information about the Pkg-puppet-devel
mailing list