Merge pull request puppetlabs#11 from ekinanp/MODULES-8306

(MODULES-8306) Port over the crontab filetypes from Puppet

.rubocop.yml

@@ -18,7 +18,7 @@ AllCops:
   - "**/Guardfile"
 Metrics/LineLength:
   Description: People have wide screens, use them.
-  Max: 200
+  Max: 260
 RSpec/BeforeAfterAll:
   Description: Beware of using after(:all) as it may cause state to leak between tests.
     A necessary evil in acceptance testing.

lib/puppet/provider/cron/crontab.rb

@@ -1,3 +1,4 @@
+require_relative 'filetype'
 require 'puppet/provider/parsedfile'
 
 Puppet::Type.type(:cron).provide(:crontab, parent: Puppet::Provider::ParsedFile, default_target: ENV['USER'] || 'root') do
@@ -21,7 +22,7 @@ def self.filetype
                 :crontab
               end
 
-    Puppet::Util::FileType.filetype(tabname)
+    Puppet::Provider::Cron::FileType.filetype(tabname)
   end
 
   self::TIME_FIELDS = [:minute, :hour, :monthday, :month, :weekday].freeze

lib/puppet/provider/cron/filetype.rb

@@ -0,0 +1,209 @@
+require 'puppet/util/filetype'
+
+class Puppet::Provider::Cron
+  # This class defines the crontab filetypes
+  class FileType < Puppet::Util::FileType
+    class << self
+      define_method(:base_newfiletype, instance_method(:newfiletype))
+
+      # Puppet::Util::FileType.newfiletype will raise an exception if
+      # an already-defined filetype is re-defined. Unfortunately, there's
+      # a chance that this file could be loaded multiple times by Puppet's
+      # autoloader meaning that, without this wrapper, the crontab filetypes
+      # would be re-defined, causing Puppet to raise an exception.
+      def newfiletype(name, &block)
+        return if @filetypes && @filetypes.key?(name)
+
+        base_newfiletype(name, &block)
+      end
+    end
+
+    # Handle Linux-style cron tabs.
+    #
+    # TODO: We can possibly eliminate the "-u <username>" option in cmdbase
+    # by just running crontab under <username>'s uid (like we do for suntab
+    # and aixtab). It may be worth investigating this alternative
+    # implementation in the future. This way, we can refactor all three of
+    # our cron file types into a common crontab file type.
+    newfiletype(:crontab) do
+      def initialize(user)
+        self.path = user
+      end
+
+      def path=(user)
+        begin
+          @uid = Puppet::Util.uid(user)
+        rescue Puppet::Error => detail
+          raise FileReadError, _('Could not retrieve user %{user}: %{detail}') % { user: user, detail: detail }, detail.backtrace
+        end
+
+        # XXX We have to have the user name, not the uid, because some
+        # systems *cough*linux*cough* require it that way
+        @path = user
+      end
+
+      # Read a specific @path's cron tab.
+      def read
+        unless Puppet::Util.uid(@path)
+          Puppet.debug _('The %{path} user does not exist. Treating their crontab file as empty in case Puppet creates them in the middle of the run.') % { path: @path }
+
+          return ''
+        end
+
+        Puppet::Util::Execution.execute("#{cmdbase} -l", failonfail: true, combine: true)
+      rescue => detail
+        case detail.to_s
+        when %r{no crontab for}
+          return ''
+        when %r{are not allowed to}
+          Puppet.debug _('The %{path} user is not authorized to use cron. Their crontab file is treated as empty in case Puppet authorizes them in the middle of the run (by, for example, modifying the cron.deny or cron.allow files).') % { path: @path }
+
+          return ''
+        else
+          raise FileReadError, _('Could not read crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+        end
+      end
+
+      # Remove a specific @path's cron tab.
+      def remove
+        cmd = "#{cmdbase} -r"
+        if ['Darwin', 'FreeBSD', 'DragonFly'].include?(Facter.value('operatingsystem'))
+          cmd = "/bin/echo yes | #{cmd}"
+        end
+
+        Puppet::Util::Execution.execute(cmd, failonfail: true, combine: true)
+      end
+
+      # Overwrite a specific @path's cron tab; must be passed the @path name
+      # and the text with which to create the cron tab.
+      #
+      # TODO: We should refactor this at some point to make it identical to the
+      # :aixtab and :suntab's write methods so that, at the very least, the pipe
+      # is not created and the crontab command's errors are not swallowed.
+      def write(text)
+        unless Puppet::Util.uid(@path)
+          raise Puppet::Error, _("Cannot write the %{path} user's crontab: The user does not exist") % { path: @path }
+        end
+
+        # this file is managed by the OS and should be using system encoding
+        IO.popen("#{cmdbase} -", 'w', encoding: Encoding.default_external) do |p|
+          p.print text
+        end
+      end
+
+      private
+
+      # Only add the -u flag when the @path is different.  Fedora apparently
+      # does not think I should be allowed to set the @path to my own user name
+      def cmdbase
+        return 'crontab' if @uid == Puppet::Util::SUIDManager.uid || Facter.value(:operatingsystem) == 'HP-UX'
+
+        "crontab -u #{@path}"
+      end
+    end
+
+    # SunOS has completely different cron commands; this class implements
+    # its versions.
+    newfiletype(:suntab) do
+      # Read a specific @path's cron tab.
+      def read
+        unless Puppet::Util.uid(@path)
+          Puppet.debug _('The %{path} user does not exist. Treating their crontab file as empty in case Puppet creates them in the middle of the run.') % { path: @path }
+
+          return ''
+        end
+
+        Puppet::Util::Execution.execute(['crontab', '-l'], cronargs)
+      rescue => detail
+        case detail.to_s
+        when %r{can't open your crontab}
+          return ''
+        when %r{you are not authorized to use cron}
+          Puppet.debug _('The %{path} user is not authorized to use cron. Their crontab file is treated as empty in case Puppet authorizes them in the middle of the run (by, for example, modifying the cron.deny or cron.allow files).') % { path: @path }
+
+          return ''
+        else
+          raise FileReadError, _('Could not read crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+        end
+      end
+
+      # Remove a specific @path's cron tab.
+      def remove
+        Puppet::Util::Execution.execute(['crontab', '-r'], cronargs)
+      rescue => detail
+        raise FileReadError, _('Could not remove crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+      end
+
+      # Overwrite a specific @path's cron tab; must be passed the @path name
+      # and the text with which to create the cron tab.
+      def write(text)
+        # this file is managed by the OS and should be using system encoding
+        output_file = Tempfile.new('puppet_suntab', encoding: Encoding.default_external)
+        begin
+          output_file.print text
+          output_file.close
+          # We have to chown the stupid file to the user.
+          File.chown(Puppet::Util.uid(@path), nil, output_file.path)
+          Puppet::Util::Execution.execute(['crontab', output_file.path], cronargs)
+        rescue => detail
+          raise FileReadError, _('Could not write crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+        ensure
+          output_file.close
+          output_file.unlink
+        end
+      end
+    end
+
+    #  Support for AIX crontab with output different than suntab's crontab command.
+    newfiletype(:aixtab) do
+      # Read a specific @path's cron tab.
+      def read
+        unless Puppet::Util.uid(@path)
+          Puppet.debug _('The %{path} user does not exist. Treating their crontab file as empty in case Puppet creates them in the middle of the run.') % { path: @path }
+
+          return ''
+        end
+
+        Puppet::Util::Execution.execute(['crontab', '-l'], cronargs)
+      rescue => detail
+        case detail.to_s
+        when %r{open.*in.*directory}
+          return ''
+        when %r{not.*authorized.*cron}
+          Puppet.debug _('The %{path} user is not authorized to use cron. Their crontab file is treated as empty in case Puppet authorizes them in the middle of the run (by, for example, modifying the cron.deny or cron.allow files).') % { path: @path }
+
+          return ''
+        else
+          raise FileReadError, _('Could not read crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+        end
+      end
+
+      # Remove a specific @path's cron tab.
+      def remove
+        Puppet::Util::Execution.execute(['crontab', '-r'], cronargs)
+      rescue => detail
+        raise FileReadError, _('Could not remove crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+      end
+
+      # Overwrite a specific @path's cron tab; must be passed the @path name
+      # and the text with which to create the cron tab.
+      def write(text)
+        # this file is managed by the OS and should be using system encoding
+        output_file = Tempfile.new('puppet_aixtab', encoding: Encoding.default_external)
+
+        begin
+          output_file.print text
+          output_file.close
+          # We have to chown the stupid file to the user.
+          File.chown(Puppet::Util.uid(@path), nil, output_file.path)
+          Puppet::Util::Execution.execute(['crontab', output_file.path], cronargs)
+        rescue => detail
+          raise FileReadError, _('Could not write crontab for %{path}: %{detail}') % { path: @path, detail: detail }, detail.backtrace
+        ensure
+          output_file.close
+          output_file.unlink
+        end
+      end
+    end
+  end
+end

spec/fixtures/unit/provider/cron/filetype/aixtab_output

@@ -0,0 +1,44 @@
+# @(#)08        1.15.1.3  src/bos/usr/sbin/cron/root, cmdcntl, bos530 2/11/94 17:19:47
+# IBM_PROLOG_BEGIN_TAG 
+# This is an automatically generated prolog. 
+#  
+# bos530 src/bos/usr/sbin/cron/root 1.15.1.3 
+#  
+# Licensed Materials - Property of IBM 
+#  
+# (C) COPYRIGHT International Business Machines Corp. 1989,1994 
+# All Rights Reserved 
+#  
+# US Government Users Restricted Rights - Use, duplication or 
+# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
+#  
+# IBM_PROLOG_END_TAG 
+#
+# COMPONENT_NAME: (CMDCNTL) commands needed for basic system needs
+#
+# FUNCTIONS: 
+#
+# ORIGINS: 27
+#
+# (C) COPYRIGHT International Business Machines Corp. 1989,1994
+# All Rights Reserved
+# Licensed Materials - Property of IBM
+#
+# US Government Users Restricted Rights - Use, duplication or
+# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
+#
+#0 3 * * * /usr/sbin/skulker
+#45 2 * * 0 /usr/lib/spell/compress
+#45 23 * * * ulimit 5000; /usr/lib/smdemon.cleanu > /dev/null
+0 11 * * * /usr/bin/errclear -d S,O 30
+0 12 * * * /usr/bin/errclear -d H 90
+0 15 * * *  /usr/lib/ras/dumpcheck >/dev/null 2>&1
+# SSA warning : Deleting the next two lines may cause errors in redundant
+# SSA warning : hardware to go undetected.
+01 5 * * * /usr/lpp/diagnostics/bin/run_ssa_ela 1>/dev/null 2>/dev/null
+0 * * * * /usr/lpp/diagnostics/bin/run_ssa_healthcheck 1>/dev/null 2>/dev/null
+# SSA warning : Deleting the next line may allow enclosure hardware errors to go undetected
+30 * * * * /usr/lpp/diagnostics/bin/run_ssa_encl_healthcheck 1>/dev/null 2>/dev/null
+# SSA warning : Deleting the next line may allow link speed exceptions to go undetected
+30 4 * * * /usr/lpp/diagnostics/bin/run_ssa_link_speed 1>/dev/null 2>/dev/null
+55 23 * * * /var/perf/pm/bin/pmcfg >/dev/null 2>&1      #Enable PM Data Collection

spec/fixtures/unit/provider/cron/filetype/crontab_output

@@ -0,0 +1,5 @@
+# Puppet Name: pe-mcollective-metadata
+0,15,30,45 * * * * /opt/puppet/sbin/refresh-mcollective-metadata
+# Puppet Name: pe-puppet-console-prune-task
+* 1 * * * /opt/puppet/bin/rake -f /opt/puppet/share/puppet-dashboard/Rakefile RAILS_ENV=production reports:prune reports:prune:failed upto=30 unit=day > /dev/null
+0 2 * * * /usr/sbin/logrotate

spec/fixtures/unit/provider/cron/filetype/suntab_output

@@ -0,0 +1,9 @@
+#ident  "@(#)root       1.19    98/07/06 SMI"   /* SVr4.0 1.1.3.1       */
+#
+# The root crontab should be used to perform accounting data collection.
+#
+#
+10 3 * * * /usr/sbin/logadm
+15 3 * * 0 /usr/lib/fs/nfs/nfsfind
+30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean
+#10 3 * * * /usr/lib/krb5/kprop_script ___slave_kdcs___