From 97684cf5454a4bc714cfc31cbe846c569339e13f Mon Sep 17 00:00:00 2001 From: Andreas Stuerz Date: Wed, 14 Oct 2020 12:41:55 +0200 Subject: [PATCH 1/5] (MODULES-10788) - fix for password prompt when creating mysql_login_path resource --- .../mysql_login_path/mysql_login_path.rb | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/lib/puppet/provider/mysql_login_path/mysql_login_path.rb b/lib/puppet/provider/mysql_login_path/mysql_login_path.rb index de71bebce..56e452484 100644 --- a/lib/puppet/provider/mysql_login_path/mysql_login_path.rb +++ b/lib/puppet/provider/mysql_login_path/mysql_login_path.rb @@ -6,6 +6,9 @@ require 'puppet/util/execution' require 'puppet/util/suidmanager' require 'open3' +require 'pty' +require 'expect' +require 'fileutils' # Implementation for the mysql_login_path type using the Resource API. class Puppet::Provider::MysqlLoginPath::MysqlLoginPath < Puppet::ResourceApi::SimpleProvider @@ -17,6 +20,7 @@ def get_homedir(_context, uid) def mysql_config_editor_set_cmd(context, uid, password = nil, *args) args.unshift('/usr/bin/mysql_config_editor') homedir = get_homedir(context, uid) + login_file_path = "#{homedir}/.mylogin.cnf" if args.is_a?(Array) command = args.flatten.map(&:to_s) @@ -25,28 +29,27 @@ def mysql_config_editor_set_cmd(context, uid, password = nil, *args) command_str = command end - Puppet::Util::SUIDManager.asuser(uid) do - @exit_status = Open3.popen3({ 'HOME' => homedir }, command_str) do |stdin, stdout, stderr, wait_thr| + begin + Puppet::Util::SUIDManager.asuser(uid) do + FileUtils.touch login_file_path + FileUtils.chmod 0o600, login_file_path + end + + PTY.spawn({ 'HOME' => homedir }, command_str) do |input, output, _pid| if password - stdin.puts(password + "\r\n") - stdin.close + input.expect(%r{Enter password:}) + output.puts password end - @captured_stdout = stdout.read - @captured_stderr = stderr.read - wait_thr.value end - end - - if @exit_status.success? == false + rescue => e raise Puppet::ExecutionFailure, _( "Execution of '%{str}' returned %{exit_status}: %{output}", ) % { str: command_str, - exit_status: @exit_status, - output: @captured_stderr.strip, + exit_status: $?.exitstatus, + output: e.message, } end - @captured_stdout end def mysql_config_editor_cmd(context, uid, *args) From f3dc01f3a186e60c56dee223a4f905d558909ecb Mon Sep 17 00:00:00 2001 From: Andreas Stuerz Date: Wed, 18 Aug 2021 14:19:07 +0200 Subject: [PATCH 2/5] fix Error: Transaction store file /opt/puppetlabs/puppet/cache/state/transactionstore.yaml is corrupt --- .../provider/mysql_login_path/sensitive.rb | 5 +++++ .../provider/mysql_login_path/sensitive.rb | 16 ++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 spec/unit/puppet/provider/mysql_login_path/sensitive.rb diff --git a/lib/puppet/provider/mysql_login_path/sensitive.rb b/lib/puppet/provider/mysql_login_path/sensitive.rb index 1c026ac9a..4063ea848 100644 --- a/lib/puppet/provider/mysql_login_path/sensitive.rb +++ b/lib/puppet/provider/mysql_login_path/sensitive.rb @@ -6,4 +6,9 @@ class Puppet::Provider::MysqlLoginPath::Sensitive < Puppet::Pops::Types::PSensit def ==(other) return true if other.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive) && unwrap == other.unwrap end + + def encode_with(coder) + coder.tag = nil + coder.scalar = 'PPuppet::Provider::MysqlLoginPath::Sensitive <>' + end end diff --git a/spec/unit/puppet/provider/mysql_login_path/sensitive.rb b/spec/unit/puppet/provider/mysql_login_path/sensitive.rb new file mode 100644 index 000000000..321f69c65 --- /dev/null +++ b/spec/unit/puppet/provider/mysql_login_path/sensitive.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'spec_helper' +require 'puppet/provider/mysql_login_path/sensitive' +require 'psych' + +RSpec.describe Puppet::Provider::MysqlLoginPath::Sensitive do + subject(:sensitive) { described_class.new('secret') } + + describe 'Puppet::Provider::MysqlLoginPath::Sensitive' do + it 'encodes its value correctly into transactionstore.yaml' do + psych_encoded = Psych.load(Psych.dump(sensitive)) + expect(psych_encoded).to eq 'Puppet::Provider::MysqlLoginPath::Sensitive <>' + end + end +end From cd8e7c4c585fcbbb043256ab699f8a5d0763005f Mon Sep 17 00:00:00 2001 From: Andreas Stuerz Date: Tue, 24 Aug 2021 08:23:56 +0200 Subject: [PATCH 3/5] add _spec.rb suffix to file --- .../provider/mysql_login_path/{sensitive.rb => sensitive_spec.rb} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename spec/unit/puppet/provider/mysql_login_path/{sensitive.rb => sensitive_spec.rb} (100%) diff --git a/spec/unit/puppet/provider/mysql_login_path/sensitive.rb b/spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb similarity index 100% rename from spec/unit/puppet/provider/mysql_login_path/sensitive.rb rename to spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb From 0ccb798dfa763b5c05d0d0ab1ddb58b44e43adcc Mon Sep 17 00:00:00 2001 From: Andreas Stuerz Date: Tue, 31 Aug 2021 08:49:05 +0200 Subject: [PATCH 4/5] fix classname --- lib/puppet/provider/mysql_login_path/sensitive.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/mysql_login_path/sensitive.rb b/lib/puppet/provider/mysql_login_path/sensitive.rb index 4063ea848..f8755fd30 100644 --- a/lib/puppet/provider/mysql_login_path/sensitive.rb +++ b/lib/puppet/provider/mysql_login_path/sensitive.rb @@ -9,6 +9,6 @@ def ==(other) def encode_with(coder) coder.tag = nil - coder.scalar = 'PPuppet::Provider::MysqlLoginPath::Sensitive <>' + coder.scalar = 'Puppet::Provider::MysqlLoginPath::Sensitive <>' end end From 0e08ccd517b5013db21653759a857db3fc8a62af Mon Sep 17 00:00:00 2001 From: Andreas Stuerz Date: Wed, 8 Sep 2021 11:26:35 +0200 Subject: [PATCH 5/5] fix uninitialized constant Puppet::Provider::MysqlLoginPath --- spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb b/spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb index 321f69c65..c5d0972b8 100644 --- a/spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb +++ b/spec/unit/puppet/provider/mysql_login_path/sensitive_spec.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true require 'spec_helper' + +ensure_module_defined('Puppet::Provider::MysqlLoginPath') require 'puppet/provider/mysql_login_path/sensitive' require 'psych'