Merge puppetlabs-xinetd v1.3.1 module

Commit: 0740f5343b54523d9ed27f65c05f6c9f045f022b
Source: https://github.com/puppetlabs/puppetlabs-xinetd.git

Change-Id: I05944255240752c07efae6fe18cf4668bfe37ff6
Related: blueprint merge-openstack-puppet-modules

deployment/puppet/xinetd/.fixtures.yml

@@ -1,3 +1,5 @@
 fixtures:
+  repositories:
+    "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib"
   symlinks:
     "xinetd": "#{source_dir}"

deployment/puppet/xinetd/.gitignore

@@ -1,5 +1,5 @@
-*.swp
 pkg/
 .DS_Store
-metadata.json
+*.swp
-coverage/
+Gemfile.lock
+.rspec_system/

deployment/puppet/xinetd/CHANGELOG

@@ -1,3 +1,37 @@
+2014-07-15 Release 1.3.1
+
+Summary:
+
+This release merely updates metadata.json so the module can be uninstalled and
+upgraded via the puppet module command.
+
+2014-06-18 Release 1.3.0
+Features:
+- Add 'log_on_success', 'log_on_success_operator' and 'log_on_failure_operator
+parameters to xinetd::service
+- Add 'service_restart', 'service_status', 'service_hasrestart', and
+'service_hasstatus' parameters to class xinetd.
+- Add support for Amazon Linux.
+- License changes to ASLv2
+- Testing and documentation updates.
+
+Bugfixes:
+- Remove duplicated $log_on_failure parameter
+
+
+2013-07-30 Release 1.2.0
+Features:
+- Add `confdir`, `conffile`, `package_name`, and `service_name` parameters to
+`Class['xinetd']`
+- Add support for FreeBSD and Suse.
+- Add `log_on_failure`, `service_name`, `groups`, `no_access`, `access_times`,
+`log_type`, `only_from`, and `xtype` parameters to `Xinetd::Service` define
+
+Bugfixes:
+- Redesign for `xinetd::params` pattern
+- Add validation
+- Add unit testing
+
 * 2012-06-07 1.1.0
 - Add port and bind options to services
 - make services deletable

deployment/puppet/xinetd/Gemfile

@@ -0,0 +1,20 @@
+source 'https://rubygems.org'
+
+group :development, :test do
+  gem 'rake',                    :require => false
+  gem 'rspec-puppet',            :require => false
+  gem 'puppetlabs_spec_helper',  :require => false
+  gem 'puppet-lint',             :require => false
+  gem 'serverspec',              :require => false
+  gem 'rspec-system',            :require => false
+  gem 'rspec-system-puppet',     :require => false
+  gem 'rspec-system-serverspec', :require => false
+end
+
+if puppetversion = ENV['PUPPET_GEM_VERSION']
+  gem 'puppet', puppetversion, :require => false
+else
+  gem 'puppet', :require => false
+end
+
+# vim:ft=ruby

deployment/puppet/xinetd/LICENSE

@@ -1,17 +1,15 @@
-Xinetd Puppet Module. Copyright (C) 2010 Garrett Honeycutt
+Xinetd Puppet Module. Copyright (C) 2010-2014 Garrett Honeycutt
 
 Garrett Honeycutt can be contacted at: contact@garretthoneycutt.com.
 
-This program and entire repository is free software; you can
+Licensed under the Apache License, Version 2.0 (the "License");
-redistribute it and/or modify it under the terms of the GNU
+you may not use this file except in compliance with the License.
-General Public License version 2 as published by the Free Software
+You may obtain a copy of the License at
-Foundation.
 
-This program is distributed in the hope that it will be useful,
+    http://www.apache.org/licenses/LICENSE-2.0
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
 
-You should have received a copy of the GNU General Public License
+Unless required by applicable law or agreed to in writing, software
-along with this program; if not, write to the Free Software
+distributed under the License is distributed on an "AS IS" BASIS,
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

deployment/puppet/xinetd/README.md

@@ -0,0 +1,69 @@
+# xinetd
+[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-xinetd.png)](https://travis-ci.org/puppetlabs/puppetlabs-xinetd)
+
+This is the xinetd module.
+
+## Overview
+
+This module configures xinetd, and exposes the xinetd::service definition
+for adding new services.
+
+## Class: xinetd
+
+Sets up the xinetd daemon. Has options for you in case you have specific
+package names and service needs.
+
+### Parameters
+
+ * `confdir`
+ * `conffile`
+ * `package_name`
+ * `service_name`
+ * `service_restart`
+ * `service_status`
+ * `service_hasrestart`
+ * `service_hasstatus`
+
+## Definition: xinetd::service
+
+Sets up a xinetd service. All parameters match up with xinetd.conf(5) man
+page.
+
+### Parameters:
+
+ * `server`       - required - determines the program to execute for this service
+ * `port`         - required - determines the service port
+ * `cps`          - optional
+ * `flags`        - optional
+ * `per_source`   - optional
+ * `server_args`  - optional
+ * `disable`      - optional - defaults to "no"
+ * `socket_type`  - optional - defaults to "stream"
+ * `protocol`     - optional - defaults to "tcp"
+ * `user`         - optional - defaults to "root"
+ * `group`        - optional - defaults to "root"
+ * `instances`    - optional - defaults to "UNLIMITED"
+ * `wait`         - optional - based on $protocol will default to "yes" for udp and "no" for tcp
+ * `service_type` - optional - type setting in xinetd
+
+### Sample Usage
+
+```puppet
+xinetd::service { 'tftp':
+  port        => '69',
+  server      => '/usr/sbin/in.tftpd',
+  server_args => '-s /var/lib/tftp/',
+  socket_type => 'dgram',
+  protocol    => 'udp',
+  cps         => '100 2',
+  flags       => 'IPv4',
+  per_source  => '11',
+}
+```
+
+## Supported OSes
+
+Supports Debian, FreeBSD, Suse, RedHat, and Amazon Linux OS Families. 
+
+
+

deployment/puppet/xinetd/Rakefile

@@ -1,2 +1,2 @@
-require 'rubygems'
 require 'puppetlabs_spec_helper/rake_tasks'
+require 'rspec-system/rake_task'

deployment/puppet/xinetd/manifests/init.pp

@@ -9,19 +9,49 @@
 #     server_args => '--daemon --config /etc/rsync.conf',
 #  }
 #
-class xinetd {
+class xinetd (
+  $confdir            = $xinetd::params::confdir,
+  $conffile           = $xinetd::params::conffile,
+  $package_name       = $xinetd::params::package_name,
+  $service_name       = $xinetd::params::service_name,
+  $service_restart    = $xinetd::params::service_restart,
+  $service_status     = $xinetd::params::service_status,
+  $service_hasrestart = $xinetd::params::service_hasrestart,
+  $service_hasstatus  = $xinetd::params::service_hasstatus,
+) inherits xinetd::params {
 
-  package { 'xinetd': }
+  File {
-
+    owner   => 'root',
-  file { '/etc/xinetd.conf':
+    group   => '0',
-    source => 'puppet:///modules/xinetd/xinetd.conf',
+    notify  => Service[$service_name],
+    require => Package[$package_name],
   }
 
-  service { 'xinetd':
+  file { $confdir:
-    ensure  => running,
+    ensure  => directory,
-    enable  => true,
+    mode    => '0755',
-    restart => '/etc/init.d/xinetd reload',
+  }
-    require => [ Package['xinetd'],
+
-                File['/etc/xinetd.conf'] ],
+  # Template uses:
+  #   $confdir
+  file { $conffile:
+    ensure  => file,
+    mode    => '0644',
+    content => template('xinetd/xinetd.conf.erb'),
+  }
+
+  package { $package_name:
+    ensure => installed,
+    before => Service[$service_name],
+  }
+
+  service { $service_name:
+    ensure     => running,
+    enable     => true,
+    hasrestart => $service_hasrestart,
+    hasstatus  => $service_hasstatus,
+    restart    => $service_restart,
+    status     => $service_status,
+    require    => File[$conffile],
   }
 }

deployment/puppet/xinetd/manifests/params.pp

@@ -0,0 +1,58 @@
+class xinetd::params {
+
+  case $::osfamily {
+    'Debian':  {
+      $confdir            = '/etc/xinetd.d'
+      $conffile           = '/etc/xinetd.conf'
+      $package_name       = 'xinetd'
+      $service_hasrestart = true
+      $service_hasstatus  = false
+      $service_name       = 'xinetd'
+      $service_restart    = "/usr/sbin/service ${service_name} reload"
+    }
+    'FreeBSD': {
+      $confdir            = '/usr/local/etc/xinetd.d'
+      $conffile           = '/usr/local/etc/xinetd.conf'
+      $package_name       = 'security/xinetd'
+      $service_hasrestart = false
+      $service_hasstatus  = true
+      $service_name       = 'xinetd'
+    }
+    'Suse':  {
+      $confdir            = '/etc/xinetd.d'
+      $conffile           = '/etc/xinetd.conf'
+      $package_name       = 'xinetd'
+      $service_hasrestart = true
+      $service_hasstatus  = false
+      $service_name       = 'xinetd'
+      $service_restart    = "/sbin/service ${service_name} reload"
+    }
+    'RedHat':  {
+      $confdir            = '/etc/xinetd.d'
+      $conffile           = '/etc/xinetd.conf'
+      $package_name       = 'xinetd'
+      $service_hasrestart = true
+      $service_hasstatus  = true
+      $service_name       = 'xinetd'
+      $service_restart    = "/sbin/service ${service_name} reload"
+    }
+    'Linux': {
+      case $::operatingsystem {
+        'Amazon': {
+          $confdir      = '/etc/xinetd.d'
+          $conffile     = '/etc/xinetd.conf'
+          $package_name = 'xinetd'
+          $service_name = 'xinetd'
+        }
+        default: {
+          fail("xinetd: module does not support Linux operatingsystem ${::operatingsystem}")
+        }
+      }
+    }
+    default:   {
+      fail("xinetd: module does not support osfamily ${::osfamily}")
+    }
+  }
+
+}
+

deployment/puppet/xinetd/manifests/service.pp

@@ -4,27 +4,40 @@
 # all parameters match up with xinetd.conf(5) man page
 #
 # Parameters:
-#   $port           - required - determines the service port
-#   $server         - required - determines the executable for this service
 #   $ensure         - optional - defaults to 'present'
-#   $cps            - optional
+#   $log_on_success - optional - may contain any combination of
-#   $flags          - optional
+#                       'PID', 'HOST', 'USERID', 'EXIT', 'DURATION', 'TRAFFIC'
-#   $per_source     - optional
+#   $log_on_success_operator - optional - defaults to '+='.  This is whether or
-#   $server_args    - optional
+#                              not values specified will be add, set or remove
+#                              from the default.
 #   $log_on_failure - optional - may contain any combination of
 #                       'HOST', 'USERID', 'ATTEMPT'
-#   $disable        - optional - defaults to 'no'
+#   $log_on_failure_operator - optional - defaults to '+='.  This is whether or
-#   $socket_type    - optional - defaults to 'stream'
+#                              not values specified will be add, set or remove
-#   $protocol       - optional - defaults to 'tcp'
+#                              from the default.
-#   $user           - optional - defaults to 'root'
-#   $group          - optional - defaults to 'root'
-#   $instances      - optional - defaults to 'UNLIMITED'
-#   $wait           - optional - based on $protocol
-#                       will default to 'yes' for udp and 'no' for tcp
-#   $bind           - optional - defaults to '0.0.0.0'
 #   $service_type   - optional - type setting in xinetd
 #                       may contain any combinarion of 'RPC', 'INTERNAL',
 #                       'TCPMUX/TCPMUXPLUS', 'UNLISTED'
+#   $cps            - optional
+#   $flags          - optional
+#   $per_source     - optional
+#   $port           - required - determines the service port
+#   $server         - required - determines the program to execute for this service
+#   $server_args    - optional
+#   $disable        - optional - defaults to "no"
+#   $socket_type    - optional - defaults to "stream"
+#   $protocol       - optional - defaults to "tcp"
+#   $user           - optional - defaults to "root"
+#   $group          - optional - defaults to "root"
+#   $groups         - optional - defaults to "yes"
+#   $instances      - optional - defaults to "UNLIMITED"
+#   $only_from      - optional
+#   $wait           - optional - based on $protocol will default to "yes" for udp and "no" for tcp
+#   $xtype          - optional - determines the "type" of service, see xinetd.conf(5)
+#   $no_access      - optional
+#   $access_times   - optional
+#   $log_type       - optional
+#   $bind           - optional
 #
 # Actions:
 #   setups up a xinetd service by creating a file in /etc/xinetd.d/
@@ -49,35 +62,77 @@
 define xinetd::service (
   $port,
   $server,
-  $ensure         = present,
+  $ensure                  = present,
-  $cps            = undef,
+  $log_on_success          = undef,
-  $flags          = undef,
+  $log_on_success_operator = '+=',
-  $log_on_failure = undef,
+  $log_on_failure          = undef,
-  $per_source     = undef,
+  $log_on_failure_operator = '+=',
-  $server_args    = undef,
+  $service_type            = undef,
-  $disable        = 'no',
+  $service_name            = $title,
-  $socket_type    = 'stream',
+  $cps                     = undef,
-  $protocol       = 'tcp',
+  $disable                 = 'no',
-  $user           = 'root',
+  $flags                   = undef,
-  $group          = 'root',
+  $group                   = 'root',
-  $instances      = 'UNLIMITED',
+  $groups                  = 'yes',
-  $wait           = undef,
+  $instances               = 'UNLIMITED',
-  $bind           = '0.0.0.0',
+  $per_source              = undef,
-  $service_type   = undef
+  $protocol                = 'tcp',
+  $server_args             = undef,
+  $socket_type             = 'stream',
+  $user                    = 'root',
+  $only_from               = undef,
+  $wait                    = undef,
+  $xtype                   = undef,
+  $no_access               = undef,
+  $access_times            = undef,
+  $log_type                = undef,
+  $bind                    = undef
 ) {
 
+  include xinetd
+
   if $wait {
-    $mywait = $wait
+    $_wait = $wait
   } else {
-    $mywait = $protocol ? {
+    validate_re($protocol, '(tcp|udp)')
+    $_wait = $protocol ? {
       tcp => 'no',
       udp => 'yes'
     }
   }
 
-  file { "/etc/xinetd.d/${name}":
+  # Template uses:
+  # - $port
+  # - $disable
+  # - $socket_type
+  # - $protocol
+  # - $_wait
+  # - $user
+  # - $group
+  # - $groups
+  # - $server
+  # - $bind
+  # - $service_type
+  # - $server_args
+  # - $only_from
+  # - $per_source
+  # - $log_on_success
+  # - $log_on_success_operator
+  # - $log_on_failure
+  # - $log_on_failure_operator
+  # - $cps
+  # - $flags
+  # - $xtype
+  # - $no_access
+  # - $access_types
+  # - $log_type
+  file { "${xinetd::confdir}/${title}":
     ensure  => $ensure,
+    owner   => 'root',
+    mode    => '0644',
     content => template('xinetd/service.erb'),
-    notify  => Service['xinetd'],
+    notify  => Service[$xinetd::service_name],
+    require => File[$xinetd::confdir],
   }
+
 }

deployment/puppet/xinetd/metadata.json

@@ -0,0 +1,20 @@
+{
+  "name": "puppetlabs-xinetd",
+  "version": "1.3.1",
+  "author": "puppetlabs",
+  "summary": "Puppet Labs Xinetd Module",
+  "license": "Apache License, Version 2.0",
+  "source": "https://github.com/puppetlabs/puppetlabs-xinetd",
+  "project_page": "https://github.com/puppetlabs/puppetlabs-xinetd",
+  "issues_url": "https://github.com/puppetlabs/puppetlabs-xinetd/issues",
+  "types": [
+  
+  ],
+  "description": "Puppet module to configure xinetd services",
+  "dependencies": [
+    {
+      "name": "puppetlabs/stdlib",
+      "version_requirement": ">=2.2.1"
+    }
+  ]
+}

deployment/puppet/xinetd/spec/classes/xinetd_init_spec.rb

@@ -1,9 +1,14 @@
 require 'spec_helper'
 
 describe 'xinetd' do
+
+  let :facts do
+    { :osfamily => 'Debian' }
+  end
+
   it {
     should contain_package('xinetd')
     should contain_file('/etc/xinetd.conf')
-    should contain_service('xinetd').with_restart('/etc/init.d/xinetd reload')
+    should contain_service('xinetd')
   }
 end

deployment/puppet/xinetd/spec/defines/xinetd_service_spec.rb

@@ -1,6 +1,11 @@
 require 'spec_helper'
 
 describe 'xinetd::service' do
+
+  let :facts do
+    { :osfamily => 'Debian' }
+  end
+
   let :default_params do
     {
       'port'   => '80',
@@ -38,4 +43,47 @@ describe 'xinetd::service' do
       should contain_file('/etc/xinetd.d/httpd').with_ensure('absent')
     }
   end
+
+  describe 'without log_on_<success|failure>' do
+    let :params do
+      default_params
+    end
+    it {
+      should contain_file('/etc/xinetd.d/httpd').without_content(/log_on_success/)
+      should contain_file('/etc/xinetd.d/httpd').without_content(/log_on_failure/)
+    }
+  end
+
+  describe 'with log_on_<success|failure> w/default operator' do
+    let :params do
+      default_params.merge({
+        :log_on_success => 'SUCCESS_TEST',
+        :log_on_failure => 'FAILURE_TEST',
+      })
+    end
+    it {
+      should contain_file('/etc/xinetd.d/httpd').with_content(
+        /log_on_success\s*\+=\s*SUCCESS_TEST/)
+      should contain_file('/etc/xinetd.d/httpd').with_content(
+        /log_on_failure\s*\+=\s*FAILURE_TEST/)
+    }
+  end
+
+  describe 'with log_on_<success|failure> with equal operator' do
+    let :params do
+      default_params.merge({
+        :log_on_success => 'SUCCESS_TEST',
+        :log_on_failure => 'FAILURE_TEST',
+        :log_on_success_operator => '=',
+        :log_on_failure_operator => '=',
+      })
+    end
+    it {
+      should contain_file('/etc/xinetd.d/httpd').with_content(
+        /log_on_success\s*\=\s*SUCCESS_TEST/)
+      should contain_file('/etc/xinetd.d/httpd').with_content(
+        /log_on_failure\s*\=\s*FAILURE_TEST/)
+    }
+  end
+
 end

deployment/puppet/xinetd/spec/spec_helper_system.rb

@@ -0,0 +1,27 @@
+require 'rspec-system/spec_helper'
+require 'rspec-system-puppet/helpers'
+require 'rspec-system-serverspec/helpers'
+include Serverspec::Helper::RSpecSystem
+include Serverspec::Helper::DetectOS
+include RSpecSystemPuppet::Helpers
+
+RSpec.configure do |c|
+  # Project root
+  proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+  # Enable colour
+  c.tty = true
+
+  c.include RSpecSystemPuppet::Helpers
+
+  # This is where we 'setup' the nodes before running our tests
+  c.before :suite do
+    # Install puppet
+    puppet_install
+
+    # Install modules and dependencies
+    puppet_module_install(:source => proj_root, :module_name => 'xinetd')
+    shell('puppet module install puppetlabs-stdlib')
+  end
+end
+

deployment/puppet/xinetd/spec/system/class_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper_system'
+
+describe 'xinetd class' do
+  describe puppet_apply(<<-EOS
+        class { 'xinetd': }
+      EOS
+  ) do
+
+    its(:exit_code) { should_not eq(1) }
+    its(:refresh) { should be_nil }
+    its(:exit_code) { should be_zero }
+  end
+
+  describe service('xinetd') do
+    it { should be_running }
+    it { should be_enabled }
+  end
+end

deployment/puppet/xinetd/spec/system/service_spec.rb

@@ -0,0 +1,27 @@
+require 'spec_helper_system'
+
+describe 'adding a service' do
+  describe puppet_apply(<<-EOS
+      class { 'xinetd': }
+      xinetd::service { 'tftp':
+        port        => '69',
+        server      => '/usr/sbin/in.tftpd',
+        server_args => '-s $base',
+        socket_type => 'dgram',
+        protocol    => 'udp',
+        cps         => '100 2',
+        flags       => 'IPv4',
+        per_source  => '11',
+      }
+    EOS
+  ) do
+    its(:exit_code) { should_not eq(1) }
+    its(:refresh) { should be_nil }
+    its(:exit_code) { should be_zero }
+  end
+
+  describe service('xinetd') do
+    it { should be_running }
+    it { should be_enabled }
+  end
+end

deployment/puppet/xinetd/templates/service.erb

@@ -1,21 +1,54 @@
 # This file is being maintained by Puppet.
 # DO NOT EDIT
 
-service <%= @name %>
+service <%= @service_name %>
 {
         port            = <%= @port %>
         disable         = <%= @disable %>
         socket_type     = <%= @socket_type %>
         protocol        = <%= @protocol %>
-        wait            = <%= @mywait %>
+        wait            = <%= @_wait %>
         user            = <%= @user %>
         group           = <%= @group %>
+        groups          = <%= @groups %>
         server          = <%= @server %>
+<% if @bind -%>
         bind            = <%= @bind %>
-<% if @server_args %>        server_args     = <%= @server_args %><% end %>
+<% end -%>
-<% if @per_source %>        per_source      = <%= @per_source %><% end %>
+<% if @service_type -%>
-<% if @log_on_failure %>       log_on_failure      += <%= @log_on_failure %><% end %>
+        type            = <%= @service_type %>
-<% if @cps %>        cps             = <%= @cps %><% end %>
+<% end -%>
-<% if @flags %>        flags           = <%= @flags %><% end %>
+<% if @server_args -%>
-<% if @service_type %>        type     = <%= @service_type %><% end %>
+        server_args     = <%= @server_args %>
+<% end -%>
+<% if @only_from -%>
+        only_from       = <%= @only_from %>
+<% end -%>
+<% if @per_source -%>
+        per_source      = <%= @per_source %>
+<% end -%>
+<% if @log_on_success -%>
+        log_on_success <%= @log_on_success_operator %> <%= @log_on_success %>
+<% end -%>
+<% if @log_on_failure -%>
+        log_on_failure <%= @log_on_failure_operator %> <%= @log_on_failure %>
+<% end -%>
+<% if @cps -%>
+        cps             = <%= @cps %>
+<% end -%>
+<% if @flags -%>
+        flags           = <%= @flags %>
+<% end -%>
+<% if @xtype -%>
+        type            = <%= @xtype %>
+<% end -%>
+<% if @no_access -%>
+        no_access       = <%= @no_access %>
+<% end -%>
+<% if @access_times -%>
+        access_times    = <%= @access_times %>
+<% end -%>
+<% if @log_type -%>
+        log_type        = <%= @log_type %>
+<% end -%>
 }

deployment/puppet/xinetd/templates/xinetd.conf.erb

@@ -0,0 +1,51 @@
+# This file is being maintained by Puppet.
+# DO NOT EDIT
+#
+# This is the master xinetd configuration file. Settings in the
+# default section will be inherited by all service configurations
+# unless explicitly overridden in the service configuration. See
+# xinetd.conf in the man pages for a more detailed explanation of
+# these attributes.
+
+defaults
+{
+# The next two items are intended to be a quick access place to
+# temporarily enable or disable services.
+#
+#       enabled         =
+#       disabled        =
+
+# Define general logging characteristics.
+        log_type        = SYSLOG daemon info
+        log_on_failure  = HOST
+        log_on_success  = PID HOST DURATION EXIT
+
+# Define access restriction defaults
+#
+#       no_access       =
+#       only_from       =
+#       max_load        = 0
+        cps             = 50 10
+        instances       = 50
+        per_source      = 10
+
+# Address and networking defaults
+#
+#       bind            =
+#       mdns            = yes
+        v6only          = no
+
+# setup environmental attributes
+#
+#       passenv         =
+        groups          = yes
+        umask           = 002
+
+# Generally, banners are not used. This sets up their global defaults
+#
+#       banner          =
+#       banner_fail     =
+#       banner_success  =
+}
+
+includedir <%= @confdir %>