From 00600229ac41ae618bf01e8af6e2c0183d924204 Mon Sep 17 00:00:00 2001 From: Theo Chatzimichos Date: Sat, 2 Apr 2016 12:29:04 +0200 Subject: [PATCH 06/12] Update to 2015.8.8.2 upstream released a bunch of fixes on top of 2015.8.8, without creating a new tag and proper release. This commit includes: - https://github.com/saltstack/salt/pull/32135 - https://github.com/saltstack/salt/pull/32023 - https://github.com/saltstack/salt/pull/32117 see https://docs.saltstack.com/en/latest/topics/releases/2015.8.8.html#salt-2015-8-8-2 --- salt/config.py | 63 ++++++++++++++++++++++++++++-------------------- salt/modules/win_dacl.py | 7 +++--- 2 files changed, 41 insertions(+), 29 deletions(-) diff --git a/salt/config.py b/salt/config.py index fe1f572..929e094 100644 --- a/salt/config.py +++ b/salt/config.py @@ -63,7 +63,7 @@ FLO_DIR = os.path.join( VALID_OPTS = { # The address of the salt master. May be specified as IP address or hostname - 'master': str, + 'master': (str, list), # The TCP/UDP port of the master to connect to in order to listen to publications 'master_port': int, @@ -541,7 +541,7 @@ VALID_OPTS = { 'file_recv': bool, 'file_recv_max_size': int, 'file_ignore_regex': list, - 'file_ignore_glob': bool, + 'file_ignore_glob': list, 'fileserver_backend': list, 'fileserver_followsymlinks': bool, 'fileserver_ignoresymlinks': bool, @@ -833,7 +833,7 @@ DEFAULT_MINION_OPTS = { 'file_recv': False, 'file_recv_max_size': 100, 'file_ignore_regex': [], - 'file_ignore_glob': None, + 'file_ignore_glob': [], 'fileserver_backend': ['roots'], 'fileserver_followsymlinks': True, 'fileserver_ignoresymlinks': False, @@ -1348,26 +1348,30 @@ def _validate_opts(opts): Check that all of the types of values passed into the config are of the right types ''' + def format_multi_opt(valid_type): + try: + num_types = len(valid_type) + except TypeError: + # Bare type name won't have a length, return the name of the type + # passed. + return valid_type.__name__ + else: + if num_types == 1: + return valid_type.__name__ + elif num_types > 1: + ret = ', '.join(x.__name__ for x in valid_type[:-1]) + ret += ' or ' + valid_type[-1].__name__ + errors = [] - err = ('Key {0} with value {1} has an invalid type of {2}, a {3} is ' + + err = ('Key \'{0}\' with value {1} has an invalid type of {2}, a {3} is ' 'required for this value') for key, val in six.iteritems(opts): if key in VALID_OPTS: - if isinstance(VALID_OPTS[key](), list): - if isinstance(val, VALID_OPTS[key]): - continue - else: - errors.append( - err.format(key, val, type(val).__name__, 'list') - ) - if isinstance(VALID_OPTS[key](), dict): - if isinstance(val, VALID_OPTS[key]): - continue - else: - errors.append( - err.format(key, val, type(val).__name__, 'dict') - ) - else: + if isinstance(val, VALID_OPTS[key]): + continue + + if hasattr(VALID_OPTS[key], '__call__'): try: VALID_OPTS[key](val) if isinstance(val, (list, dict)): @@ -1384,14 +1388,21 @@ def _validate_opts(opts): VALID_OPTS[key].__name__ ) ) - except ValueError: + except (TypeError, ValueError): errors.append( - err.format(key, val, type(val).__name__, VALID_OPTS[key]) - ) - except TypeError: - errors.append( - err.format(key, val, type(val).__name__, VALID_OPTS[key]) + err.format(key, + val, + type(val).__name__, + VALID_OPTS[key].__name__) ) + continue + + errors.append( + err.format(key, + val, + type(val).__name__, + format_multi_opt(VALID_OPTS[key].__name__)) + ) # RAET on Windows uses 'win32file.CreateMailslot()' for IPC. Due to this, # sock_dirs must start with '\\.\mailslot\' and not contain any colons. @@ -1404,7 +1415,7 @@ def _validate_opts(opts): '\\\\.\\mailslot\\' + opts['sock_dir'].replace(':', '')) for error in errors: - log.warning(error) + log.debug(error) if errors: return False return True diff --git a/salt/modules/win_dacl.py b/salt/modules/win_dacl.py index d57bb7b..d9ee27a 100644 --- a/salt/modules/win_dacl.py +++ b/salt/modules/win_dacl.py @@ -44,9 +44,10 @@ class daclConstants(object): # in ntsecuritycon has the extra bits 0x200 enabled. # Note that you when you set this permission what you'll generally get back is it # ORed with 0x200 (SI_NO_ACL_PROTECT), which is what ntsecuritycon incorrectly defines. - FILE_ALL_ACCESS = (ntsecuritycon.STANDARD_RIGHTS_REQUIRED | ntsecuritycon.SYNCHRONIZE | 0x1ff) def __init__(self): + self.FILE_ALL_ACCESS = (ntsecuritycon.STANDARD_RIGHTS_REQUIRED | ntsecuritycon.SYNCHRONIZE | 0x1ff) + self.hkeys_security = { 'HKEY_LOCAL_MACHINE': 'MACHINE', 'HKEY_USERS': 'USERS', @@ -88,7 +89,7 @@ class daclConstants(object): ntsecuritycon.DELETE, 'TEXT': 'modify'}, 'FULLCONTROL': { - 'BITS': daclConstants.FILE_ALL_ACCESS, + 'BITS': self.FILE_ALL_ACCESS, 'TEXT': 'full control'} } } @@ -368,7 +369,7 @@ def add_ace(path, objectType, user, permission, acetype, propagation): path: path to the object (i.e. c:\\temp\\file, HKEY_LOCAL_MACHINE\\SOFTWARE\\KEY, etc) user: user to add permission: permissions for the user - acetypes: either allow/deny for each user/permission (ALLOW, DENY) + acetype: either allow/deny for each user/permission (ALLOW, DENY) propagation: how the ACE applies to children for Registry Keys and Directories(KEY, KEY&SUBKEYS, SUBKEYS) CLI Example: -- 2.1.4