Merge pull request #401 from cyberious/FM-2131

FM-2131 Move to non temp directory for factor_dot_d
puppetlabs · Jan 15, 2015 · 7a91f20 · 7a91f20
2 parents 80f0962 + 9e380b9
commit 7a91f20
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+##2015-01-14 - Supported Release 4.5.1
+###Summary
+
+This release changes the temporary facter_dot_d cache locations outside of the /tmp directory due to a possible security vunerability. CVE-2015-1029
+
+####Bugfixes
+- Facter_dot_d cache will now be stored in puppet libdir instead of tmp
+
 ##2014-12-15 - Supported Release 4.5.0
 ###Summary
 

diff --git a/lib/facter/facter_dot_d.rb b/lib/facter/facter_dot_d.rb
@@ -15,15 +15,15 @@
 class Facter::Util::DotD
   require 'yaml'
 
-  def initialize(dir="/etc/facts.d", cache_file="/tmp/facts_cache.yml")
+  def initialize(dir="/etc/facts.d", cache_file=File.join(Puppet[:libdir], "facts_dot_d.cache"))
     @dir = dir
     @cache_file = cache_file
     @cache = nil
     @types = {".txt" => :txt, ".json" => :json, ".yaml" => :yaml}
   end
 
   def entries
-    Dir.entries(@dir).reject{|f| f =~ /^\.|\.ttl$/}.sort.map {|f| File.join(@dir, f) }
+    Dir.entries(@dir).reject { |f| f =~ /^\.|\.ttl$/ }.sort.map { |f| File.join(@dir, f) }
   rescue
     []
   end
@@ -113,7 +113,7 @@ def script_parser(file)
 
   def cache_save!
     cache = load_cache
-    File.open(@cache_file, "w", 0600) {|f| f.write(YAML.dump(cache)) }
+    File.open(@cache_file, "w", 0600) { |f| f.write(YAML.dump(cache)) }
   rescue
   end
 

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "puppetlabs-stdlib",
-  "version": "4.5.0",
+  "version": "4.5.1",
   "author": "puppetlabs",
   "summary": "Standard library of resources for Puppet modules.",
   "license": "Apache-2.0",