commit: 319deed791230fa6ad3d6a7443d400e1caa7409b Author: Hans de Graaff <graaff <AT> gentoo <DOT> org> AuthorDate: Sun Jan 28 06:55:19 2018 +0000 Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org> CommitDate: Sun Jan 28 06:55:19 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319deed7
app-admin/puppet: fix puppetmaster with recent ruby Backport upstream fix to make puppetmaster work on ruby 2.3.6 and 2.4.3 again. Package-Manager: Portage-2.3.19, Repoman-2.3.6 app-admin/puppet/files/puppet-4-webrick-ruby.patch | 53 ++++++ app-admin/puppet/puppet-4.10.9-r1.ebuild | 199 +++++++++++++++++++++ 2 files changed, 252 insertions(+) diff --git a/app-admin/puppet/files/puppet-4-webrick-ruby.patch b/app-admin/puppet/files/puppet-4-webrick-ruby.patch new file mode 100644 index 00000000000..ce4b055644f --- /dev/null +++ b/app-admin/puppet/files/puppet-4-webrick-ruby.patch @@ -0,0 +1,53 @@ +From a358d5ec01c6f87b39e5bfbab7a35582624fdbf7 Mon Sep 17 00:00:00 2001 +From: Josh Cooper <j...@puppet.com> +Date: Fri, 12 Jan 2018 15:30:38 -0800 +Subject: [PATCH] (PUP-8297) Don't accept already connected socket + +Webrick's start method yields an already connected socket, so it is not +necessary to call accept on the socket. In ruby versions prior to 2.3.6 and +2.4.3, the accept call was a noop. + +In 2.3.6 and 2.4.3, it is an error, because ruby those versions use a +non-blocking accept to handle clients that make an TCP connection, but +are slow to negotiate the TLS handshake[1,2]. On these versions, puppet +master would report: + + SSL_accept returned=1 errno=0 state=unknown state: unexpected record + +Remove the call to Socket#accept. + +[1] https://bugs.ruby-lang.org/issues/14005 +[2] https://github.com/ruby/ruby/commit/2e728d51e70ed3756ad760c687a08b8487b0112f +--- + lib/puppet/network/http/webrick.rb | 1 - + spec/unit/network/http/webrick_spec.rb | 5 +++++ + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/lib/puppet/network/http/webrick.rb b/lib/puppet/network/http/webrick.rb +index 9ebf1763be5..3ac2ff40650 100644 +--- a/lib/puppet/network/http/webrick.rb ++++ b/lib/puppet/network/http/webrick.rb +@@ -29,7 +29,6 @@ def listen(address, port) + if ! IO.select([sock],nil,nil,timeout) + raise "Client did not send data within %.1f seconds of connecting" % timeout + end +- sock.accept + @server.run(sock) + end + end +diff --git a/spec/unit/network/http/webrick_spec.rb b/spec/unit/network/http/webrick_spec.rb +index a90fc3f3378..843b0d54c8a 100644 +--- a/spec/unit/network/http/webrick_spec.rb ++++ b/spec/unit/network/http/webrick_spec.rb +@@ -92,6 +92,11 @@ + expect(server).to be_listening + end + ++ it "is passed an already connected socket" do ++ socket.expects(:accept).never ++ server.listen(address, port) ++ end ++ + describe "when the REST protocol is requested" do + it "should register the REST handler at /" do + # We don't care about the options here. diff --git a/app-admin/puppet/puppet-4.10.9-r1.ebuild b/app-admin/puppet/puppet-4.10.9-r1.ebuild new file mode 100644 index 00000000000..c404e787afc --- /dev/null +++ b/app-admin/puppet/puppet-4.10.9-r1.ebuild @@ -0,0 +1,199 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +USE_RUBY="ruby22 ruby23 ruby24" + +#RUBY_FAKEGEM_RECIPE_TEST="rspec3" + +RUBY_FAKEGEM_EXTRAINSTALL="locales" + +inherit xemacs-elisp-common eutils user ruby-fakegem versionator + +DESCRIPTION="A system automation and configuration management software." +HOMEPAGE="http://puppetlabs.com/"; +SRC_URI="http://downloads.puppetlabs.com/puppet/${P}.tar.gz"; + +LICENSE="Apache-2.0 GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~hppa ~ppc ~ppc64 ~x86" +IUSE="augeas diff doc emacs experimental ldap rrdtool selinux shadow sqlite vim-syntax xemacs" +RESTRICT="test" + +ruby_add_rdepend " + >=dev-ruby/gettext-setup-0.10:0 + >=dev-ruby/hiera-2.0 + >=dev-ruby/locale-2.1 + >=dev-ruby/rgen-0.6.5 + dev-ruby/json:= + >=dev-ruby/facter-3.0.0 + augeas? ( dev-ruby/ruby-augeas ) + diff? ( dev-ruby/diff-lcs ) + doc? ( dev-ruby/rdoc ) + ldap? ( dev-ruby/ruby-ldap ) + shadow? ( dev-ruby/ruby-shadow ) + sqlite? ( dev-ruby/sqlite3 ) + virtual/ruby-ssl" + +# ruby_add_bdepend " +# test? ( +# dev-ruby/mocha:0.14 +# =dev-ruby/rack-1* +# dev-ruby/rspec-its +# dev-ruby/rspec-collection_matchers +# >=dev-ruby/vcr-2.9:2 +# >=dev-ruby/webmock-1.24:0 +# )" + +DEPEND+=" ${DEPEND} + xemacs? ( app-editors/xemacs )" +RDEPEND+=" ${RDEPEND} + rrdtool? ( >=net-analyzer/rrdtool-1.2.23[ruby] ) + selinux? ( + sys-libs/libselinux[ruby] + sec-policy/selinux-puppet + ) + vim-syntax? ( >=app-vim/puppet-syntax-3.0.1 ) + >=app-portage/eix-0.18.0" +PDEPEND="emacs? ( >=app-emacs/puppet-mode-0.3-r1 )" + +SITEFILE="50${PN}-mode-gentoo.el" + +pkg_setup() { + enewgroup puppet + enewuser puppet -1 -1 /var/lib/puppet puppet +} + +all_ruby_prepare() { + # Avoid spec that require unpackaged json-schema. + rm spec/lib/matchers/json.rb $( grep -Rl matchers/json spec) || die + + # can't be run within portage. + epatch "${FILESDIR}/puppet-fix-tests-4.7.0.patch" + + # fix systemd path + epatch "${FILESDIR}/puppet-systemd.patch" + + if use experimental; then + epatch "${FILESDIR}/43e2c935252b995134ce353e5e6312cf77aea480.patch" + fi + + # fix compatibility with ruby 2.3.6/2.4.3 webrick + epatch "${FILESDIR}/puppet-4-webrick-ruby.patch" + + # Use working version of mocha + sed -i -e '1igem "mocha", "~>0.14.0"; gem "rack", "~>1.0"' spec/spec_helper.rb || die + + # Avoid specs that can only run in the puppet.git repository. This + # should be narrowed down to the specific specs. + rm spec/integration/parser/compiler_spec.rb || die + + # Avoid failing specs that need further investigation. + sed -i -e '/should resolve external facts/,/^ end/ s:^:#:' \ + spec/integration/indirector/facts/facter_spec.rb || die + sed -i -e "/describe 'cfacter'/,/^ end/ s:^:#:" spec/unit/defaults_spec.rb || die + rm -f spec/unit/indirector/ldap_spec.rb \ + spec/unit/parser/functions/create_resources_spec.rb || die + + # Avoid specs that rely on tools from other OSs + rm -f spec/unit/provider/package/{dnf,tdnf,yum}_spec.rb \ + spec/unit/provider/user/directoryservice_spec.rb || die + + # Avoid specs that depend on hiera-eyaml to avoid circular + # dependencies + rm -f spec/unit/functions/lookup_spec.rb || die + + # Avoid specs that fail due to an unpackaged file + sed -i -e '/when loading pp resource types using auto loading/,/^ end/ s:^:#:' spec/unit/pops/loaders/loaders_spec.rb || die +} + +all_ruby_compile() { + if use xemacs ; then + # Create a separate version for xemacs to be able to install + # emacs and xemacs in parallel. + mkdir ext/xemacs + cp ext/emacs/* ext/xemacs/ + xemacs-elisp-compile ext/xemacs/puppet-mode.el + fi +} + +each_ruby_install() { + each_fakegem_install +# dosym "/usr/$(get_libdir)/ruby/gems/$(ruby_get_version)/gems/${P}" "/usr/$(get_libdir)/ruby/gems/$(ruby_get_version)/gems/${PN}" +} + +all_ruby_install() { + all_fakegem_install + + # systemd stuffs + insinto /usr/lib/systemd/system + doins "${WORKDIR}/all/${P}/ext/systemd/puppet.service" + + # tmpfiles stuff + insinto /usr/lib/tmpfiles.d + newins "${FILESDIR}/tmpfiles.d" "puppet.conf" + + # openrc init stuff + newinitd "${FILESDIR}"/puppet.init-4.x puppet + newinitd "${FILESDIR}"/puppetmaster.init-4.x puppetmaster + newconfd "${FILESDIR}"/puppetmaster.confd puppetmaster + + keepdir /etc/puppetlabs/puppet/ssl + + keepdir /var/lib/puppet/facts + keepdir /var/lib/puppet/files + fowners -R puppet:puppet /var/lib/puppet + + fperms 0750 /var/lib/puppet + + fperms 0750 /etc/puppetlabs + fperms 0750 /etc/puppetlabs/puppet + fperms 0750 /etc/puppetlabs/puppet/ssl + fowners -R :puppet /etc/puppetlabs + fowners -R :puppet /var/lib/puppet + + if use xemacs ; then + xemacs-elisp-install ${PN} ext/xemacs/puppet-mode.el* + xemacs-elisp-site-file-install "${FILESDIR}/${SITEFILE}" + fi + + if use ldap ; then + insinto /etc/openldap/schema; doins ext/ldap/puppet.schema + fi + + # ext and examples files + for f in $(find ext examples -type f) ; do + docinto "$(dirname ${f})"; dodoc "${f}" + done +} + +pkg_postinst() { + elog + elog "Please, *don't* include the --ask option in EMERGE_EXTRA_OPTS as this could" + elog "cause puppet to hang while installing packages." + elog + elog "Portage Puppet module with Gentoo-specific resources:" + elog "http://forge.puppetlabs.com/gentoo/portage"; + elog + + local v + for v in ${REPLACING_VERSIONS}; do + if [ "$(get_major_version $v)" = "3" ]; then + elog + elog "If you're upgrading from 3.x then please move everything in /etc/puppet to" + elog "/etc/puppetlabs/puppet" + elog "Also, puppet now uses config directories for modules and manifests." + elog "See https://docs.puppetlabs.com/puppet/4.0/reference/upgrade_agent.html"; + elog "and https://docs.puppetlabs.com/puppet/4.0/reference/upgrade_server.html"; + elog "for more information." + elog + fi + done + + use xemacs && xemacs-elisp-site-regen +} + +pkg_postrm() { + use xemacs && xemacs-elisp-site-regen +}
