Ubuntu
puppet package

Merge lp:~lynxman/ubuntu/precise/puppet/puppetlabsfixbug12844 into lp:ubuntu/precise/puppet

Proposed by Marc Cluet on 2012-03-07

Status:	Work in progress
Proposed branch:	lp:~lynxman/ubuntu/precise/puppet/puppetlabsfixbug12844
Merge into:	lp:ubuntu/precise/puppet
Diff against target:	4139 lines (+3430/-399) 29 files modified .pc/.quilt_patches (+1/-0) .pc/.quilt_series (+1/-0) .pc/applied-patches (+1/-0) .pc/puppet-12844/lib/puppet/agent.rb (+114/-0) .pc/puppet-12844/lib/puppet/agent/locker.rb (+30/-0) .pc/puppet-12844/lib/puppet/application/agent.rb (+508/-0) .pc/puppet-12844/lib/puppet/util/anonymous_filelock.rb (+36/-0) .pc/puppet-12844/lib/puppet/util/pidlock.rb (+68/-0) .pc/puppet-12844/spec/unit/agent/locker_spec.rb (+87/-0) .pc/puppet-12844/spec/unit/agent_spec.rb (+285/-0) .pc/puppet-12844/spec/unit/application/agent_spec.rb (+631/-0) .pc/puppet-12844/spec/unit/util/anonymous_filelock_spec.rb (+78/-0) .pc/puppet-12844/spec/unit/util/pidlock_spec.rb (+208/-0) debian/changelog (+13/-0) debian/patches/puppet-12844 (+979/-0) debian/patches/series (+1/-0) debian/puppetmaster-passenger.postinst (+7/-0) lib/puppet/agent.rb (+2/-4) lib/puppet/agent/locker.rb (+15/-1) lib/puppet/application/agent.rb (+3/-11) lib/puppet/util/anonymous_filelock.rb (+0/-36) lib/puppet/util/pidlock.rb (+71/-22) spec/unit/agent/locker_spec.rb (+12/-0) spec/unit/agent_backward_compatibility_spec.rb (+152/-0) spec/unit/agent_spec.rb (+0/-6) spec/unit/application/agent_spec.rb (+1/-33) spec/unit/util/anonymous_filelock_spec.rb (+0/-78) spec/unit/util/pidlock_spec.rb (+0/-208) test/util/pidlock.rb (+126/-0)
To merge this branch:	bzr merge lp:~lynxman/ubuntu/precise/puppet/puppetlabsfixbug12844
Related bugs:	Link a bug report

Reviewer	Date Requested	Status
James Page		Needs Fixing on 2012-03-14
Ubuntu branches	2012-03-07	Pending
Review via email: mp+96391@code.launchpad.net

Description of the Change

This new puppet package adds a patch by puppetlabs

This reverts commit fcac8f7163c99884fc6b75e3851c4a5e16a3ff07, which
was a backwards-compatibility workaround intended to handle some new
behavior related to puppet agent lockfiles that was introduced in
2.7.10. The fix is being reverted because we've decided to remove
the new lockfile behavior from the 2.7.x series entirely, and push
it out to 3.x.

This patch is needed in order to not break compatibility with the current user base, will be introduced as part of 2.7.12 but since we're shipping 2.7.11 for 12.04 it would be wise to include this reversion in time.

James Page (james-page) wrote on 2012-03-14:

Hi Marc

Some initial feedback:

1) d/changelog: you appear to have jumped one two many ubuntu versions :-)

puppet (2.7.11-1ubuntu2) precise; urgency=low

  * Added patch to solve puppetlabs bug #12844
    - Reverts behaviour of agent lockfiles
    - Fixes unit test to readmit old behaviour
  * debian/puppetmaster-passenger.postinst (LP: #948983)
    - Fixed rack directory location
    - Added proper enabling of apache2 headers mod
  * debian/puppetmaster-passenger.postinst (LP: #950183)
    - Make sure we error if puppet config print doesn't work

-- Marc Cluet <email address hidden> Fri, 09 Mar 2012 09:49:23 +0000

puppet (2.7.11-1) unstable; urgency=high

2) d/patches/revert_pidlock

I understand that this is the beef of this change; the DEP-3 fields should all be at the top of the patch file and you appear to have some generated content:

---
The information above should follow the Patch Tagging Guidelines, please
checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
are templates for supplementary fields that you might want to add:

It would also be great if you could reference the upstream pull request in the Origin: field - https://github.com/puppetlabs/puppet/pull/551 maybe?

You can also drop the Forwarded field - its not required in this case.

The other fixes both look OK.

review: Needs Fixing

lp:~lynxman/ubuntu/precise/puppet/puppetlabsfixbug12844 updated on 2012-03-16

62. By Marc Cluet on 2012-03-16: * Added patch to solve puppetlabs bug #12844
  - Reverts behaviour of agent lockfiles
  - Fixes unit test to readmit old behaviour
* debian/puppetmaster-passenger.postinst (LP: #948983)
  - Fixed rack directory location
  - Added proper enabling of apache2 headers mod
* debian/puppetmaster-passenger.postinst (LP: #950183)
  - Make sure we error if puppet config print doesn't work
63. By Marc Cluet on 2012-03-16: * Added patch for puppet 12844
64. By Marc Cluet on 2012-03-16: * Correct patch DEP3 header format

Unmerged revisions

64. By Marc Cluet on 2012-03-16: * Correct patch DEP3 header format
63. By Marc Cluet on 2012-03-16: * Added patch for puppet 12844
62. By Marc Cluet on 2012-03-16: * Added patch to solve puppetlabs bug #12844
  - Reverts behaviour of agent lockfiles
  - Fixes unit test to readmit old behaviour
* debian/puppetmaster-passenger.postinst (LP: #948983)
  - Fixed rack directory location
  - Added proper enabling of apache2 headers mod
* debian/puppetmaster-passenger.postinst (LP: #950183)
  - Make sure we error if puppet config print doesn't work

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Marc Cluet

Ubuntu branches

 === added file '.pc/.quilt_patches'
 --- .pc/.quilt_patches	1970-01-01 00:00:00 +0000
 +++ .pc/.quilt_patches	2012-03-16 16:38:20 +0000
@@ -0,0 +1,1 @@
++patches
 === added file '.pc/.quilt_series'
 --- .pc/.quilt_series	1970-01-01 00:00:00 +0000
 +++ .pc/.quilt_series	2012-03-16 16:38:20 +0000
@@ -0,0 +1,1 @@
++series
 === modified file '.pc/applied-patches'
 --- .pc/applied-patches	2012-01-26 11:27:00 +0000
 +++ .pc/applied-patches	2012-03-16 16:38:20 +0000
@@ -1,2 +1,3 @@
  fix_logcheck
  debian-changes
++puppet-12844
 === added directory '.pc/puppet-12844'
 === added file '.pc/puppet-12844/.timestamp'
 === added directory '.pc/puppet-12844/lib'
 === added directory '.pc/puppet-12844/lib/puppet'
 === added directory '.pc/puppet-12844/lib/puppet/agent'
 === added file '.pc/puppet-12844/lib/puppet/agent.rb'
 --- .pc/puppet-12844/lib/puppet/agent.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/lib/puppet/agent.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,114 @@
++require 'sync'
++require 'puppet/external/event-loop'
++require 'puppet/application'
++
++# A general class for triggering a run of another
++# class.
++class Puppet::Agent
++  require 'puppet/agent/locker'
++  include Puppet::Agent::Locker
++
++  require 'puppet/agent/disabler'
++  include Puppet::Agent::Disabler
++
++  attr_reader :client_class, :client, :splayed
++
++  # Just so we can specify that we are "the" instance.
++  def initialize(client_class)
++    @splayed = false
++
++    @client_class = client_class
++  end
++
++  def lockfile_path
++    client_class.lockfile_path
++  end
++
++  def needing_restart?
++    Puppet::Application.restart_requested?
++  end
++
++  # Perform a run with our client.
++  def run(*args)
++    if running?
++      Puppet.notice "Run of #{client_class} already in progress; skipping"
++      return
++    end
++    if disabled?
++      Puppet.notice "Skipping run of #{client_class}; administratively disabled: #{disable_message}"
++      return
++    end
++    result = nil
++    block_run = Puppet::Application.controlled_run do
++      splay
++      with_client do |client|
++        begin
++          sync.synchronize { lock { result = client.run(*args) } }
++        rescue SystemExit,NoMemoryError
++          raise
++        rescue Exception => detail
++          puts detail.backtrace if Puppet[:trace]
++          Puppet.err "Could not run #{client_class}: #{detail}"
++        end
++      end
++      true
++    end
++    Puppet.notice "Shutdown/restart in progress; skipping run" unless block_run
++    result
++  end
++
++  def stopping?
++    Puppet::Application.stop_requested?
++  end
++
++  # Have we splayed already?
++  def splayed?
++    splayed
++  end
++
++  # Sleep when splay is enabled; else just return.
++  def splay
++    return unless Puppet[:splay]
++    return if splayed?
++
++    time = rand(Integer(Puppet[:splaylimit]) + 1)
++    Puppet.info "Sleeping for #{time} seconds (splay is enabled)"
++    sleep(time)
++    @splayed = true
++  end
++
++  # Start listening for events.  We're pretty much just listening for
++  # timer events here.
++  def start
++    # Create our timer.  Puppet will handle observing it and such.
++    timer = EventLoop::Timer.new(:interval => Puppet[:runinterval], :tolerance => 1, :start? => true) do
++      run
++    end
++
++    # Run once before we start following the timer
++    timer.sound_alarm
++  end
++
++  def sync
++    @sync ||= Sync.new
++  end
++
++  private
++
++  # Create and yield a client instance, keeping a reference
++  # to it during the yield.
++  def with_client
++    begin
++      @client = client_class.new
++    rescue SystemExit,NoMemoryError
++      raise
++    rescue Exception => detail
++      puts detail.backtrace if Puppet[:trace]
++      Puppet.err "Could not create instance of #{client_class}: #{detail}"
++      return
++    end
++    yield @client
++  ensure
++    @client = nil
++  end
++end
 === added file '.pc/puppet-12844/lib/puppet/agent/locker.rb'
 --- .pc/puppet-12844/lib/puppet/agent/locker.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/lib/puppet/agent/locker.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,30 @@
++require 'puppet/util/pidlock'
++
++# Break out the code related to locking the agent.  This module is just
++# included into the agent, but having it here makes it easier to test.
++module Puppet::Agent::Locker
++  # Yield if we get a lock, else do nothing.  Return
++  # true/false depending on whether we get the lock.
++  def lock
++    if lockfile.lock
++      begin
++        yield
++      ensure
++        lockfile.unlock
++      end
++      return true
++    else
++      return false
++    end
++  end
++
++  def lockfile
++    @lockfile ||= Puppet::Util::Pidlock.new(lockfile_path)
++
++    @lockfile
++  end
++
++  def running?
++    lockfile.locked?
++  end
++end
 === added directory '.pc/puppet-12844/lib/puppet/application'
 === added file '.pc/puppet-12844/lib/puppet/application/agent.rb'
 --- .pc/puppet-12844/lib/puppet/application/agent.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/lib/puppet/application/agent.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,508 @@
++require 'puppet/application'
++
++class Puppet::Application::Agent < Puppet::Application
++
++  should_parse_config
++  run_mode :agent
++
++  attr_accessor :args, :agent, :daemon, :host
++
++  def preinit
++    # Do an initial trap, so that cancels don't get a stack trace.
++    Signal.trap(:INT) do
++      $stderr.puts "Cancelling startup"
++      exit(0)
++    end
++
++    {
++      :waitforcert => nil,
++      :detailed_exitcodes => false,
++      :verbose => false,
++      :debug => false,
++      :centrallogs => false,
++      :setdest => false,
++      :enable => false,
++      :disable => false,
++      :client => true,
++      :fqdn => nil,
++      :serve => [],
++      :digest => :MD5,
++      :fingerprint => false,
++    }.each do |opt,val|
++      options[opt] = val
++    end
++
++    @args = {}
++    require 'puppet/daemon'
++    @daemon = Puppet::Daemon.new
++    @daemon.argv = ARGV.dup
++  end
++
++  option("--centrallogging")
++
++  option("--disable [MESSAGE]") do |message|
++    options[:disable] = true
++    options[:disable_message] = message
++  end
++
++  option("--enable")
++  option("--debug","-d")
++  option("--fqdn FQDN","-f")
++  option("--test","-t")
++  option("--verbose","-v")
++
++  option("--fingerprint")
++  option("--digest DIGEST")
++
++  option("--serve HANDLER", "-s") do |arg|
++    if Puppet::Network::Handler.handler(arg)
++      options[:serve] << arg.to_sym
++    else
++      raise "Could not find handler for #{arg}"
++    end
++  end
++
++  option("--no-client") do |arg|
++    options[:client] = false
++  end
++
++  option("--detailed-exitcodes") do |arg|
++    options[:detailed_exitcodes] = true
++  end
++
++  option("--logdest DEST", "-l DEST") do |arg|
++    begin
++      Puppet::Util::Log.newdestination(arg)
++      options[:setdest] = true
++    rescue => detail
++      puts detail.backtrace if Puppet[:debug]
++      $stderr.puts detail.to_s
++    end
++  end
++
++  option("--waitforcert WAITFORCERT", "-w") do |arg|
++    options[:waitforcert] = arg.to_i
++  end
++
++  option("--port PORT","-p") do |arg|
++    @args[:Port] = arg
++  end
++
++  def help
++    <<-HELP
++
++puppet-agent(8) -- The puppet agent daemon
++========
++
++SYNOPSIS
++--------
++Retrieves the client configuration from the puppet master and applies it to
++the local host.
++
++This service may be run as a daemon, run periodically using cron (or something
++similar), or run interactively for testing purposes.
++
++
++USAGE
++-----
++puppet agent [--certname <name>] [-D|--daemonize|--no-daemonize]
++  [-d|--debug] [--detailed-exitcodes] [--digest <digest>] [--disable [message]] [--enable]
++  [--fingerprint] [-h|--help] [-l|--logdest syslog|<file>|console]
++  [--no-client] [--noop] [-o|--onetime] [--serve <handler>] [-t|--test]
++  [-v|--verbose] [-V|--version] [-w|--waitforcert <seconds>]
++
++
++DESCRIPTION
++-----------
++This is the main puppet client. Its job is to retrieve the local
++machine's configuration from a remote server and apply it. In order to
++successfully communicate with the remote server, the client must have a
++certificate signed by a certificate authority that the server trusts;
++the recommended method for this, at the moment, is to run a certificate
++authority as part of the puppet server (which is the default). The
++client will connect and request a signed certificate, and will continue
++connecting until it receives one.
++
++Once the client has a signed certificate, it will retrieve its
++configuration and apply it.
++
++
++USAGE NOTES
++-----------
++'puppet agent' does its best to find a compromise between interactive
++use and daemon use. Run with no arguments and no configuration, it will
++go into the background, attempt to get a signed certificate, and retrieve
++and apply its configuration every 30 minutes.
++
++Some flags are meant specifically for interactive use -- in particular,
++'test', 'tags' or 'fingerprint' are useful. 'test' enables verbose
++logging, causes the daemon to stay in the foreground, exits if the
++server's configuration is invalid (this happens if, for instance, you've
++left a syntax error on the server), and exits after running the
++configuration once (rather than hanging around as a long-running
++process).
++
++'tags' allows you to specify what portions of a configuration you want
++to apply. Puppet elements are tagged with all of the class or definition
++names that contain them, and you can use the 'tags' flag to specify one
++of these names, causing only configuration elements contained within
++that class or definition to be applied. This is very useful when you are
++testing new configurations -- for instance, if you are just starting to
++manage 'ntpd', you would put all of the new elements into an 'ntpd'
++class, and call puppet with '--tags ntpd', which would only apply that
++small portion of the configuration during your testing, rather than
++applying the whole thing.
++
++'fingerprint' is a one-time flag. In this mode 'puppet agent' will run
++once and display on the console (and in the log) the current certificate
++(or certificate request) fingerprint. Providing the '--digest' option
++allows to use a different digest algorithm to generate the fingerprint.
++The main use is to verify that before signing a certificate request on
++the master, the certificate request the master received is the same as
++the one the client sent (to prevent against man-in-the-middle attacks
++when signing certificates).
++
++
++OPTIONS
++-------
++Note that any configuration parameter that's valid in the configuration
++file is also a valid long argument. For example, 'server' is a valid
++configuration parameter, so you can specify '--server <servername>' as
++an argument.
++
++See the configuration file documentation at
++http://docs.puppetlabs.com/references/stable/configuration.html for the
++full list of acceptable parameters. A commented list of all
++configuration options can also be generated by running puppet agent with
++'--genconfig'.
++
++* --certname:
++  Set the certname (unique ID) of the client. The master reads this
++  unique identifying string, which is usually set to the node's
++  fully-qualified domain name, to determine which configurations the
++  node will receive. Use this option to debug setup problems or
++  implement unusual node identification schemes.
++
++* --daemonize:
++  Send the process into the background. This is the default.
++
++* --no-daemonize:
++  Do not send the process into the background.
++
++* --debug:
++  Enable full debugging.
++
++* --detailed-exitcodes:
++  Provide transaction information via exit codes. If this is enabled, an exit
++  code of '2' means there were changes, an exit code of '4' means there were
++  failures during the transaction, and an exit code of '6' means there were both
++  changes and failures.
++
++* --digest:
++  Change the certificate fingerprinting digest algorithm. The default is
++  MD5. Valid values depends on the version of OpenSSL installed, but
++  should always at least contain MD5, MD2, SHA1 and SHA256.
++
++* --disable:
++  Disable working on the local system. This puts a lock file in place,
++  causing 'puppet agent' not to work on the system until the lock file
++  is removed. This is useful if you are testing a configuration and do
++  not want the central configuration to override the local state until
++  everything is tested and committed.
++
++  Disable can also take an optional message that will be reported by the
++  'puppet agent' at the next disabled run.
++
++  'puppet agent' uses the same lock file while it is running, so no more
++  than one 'puppet agent' process is working at a time.
++
++  'puppet agent' exits after executing this.
++
++* --enable:
++  Enable working on the local system. This removes any lock file,
++  causing 'puppet agent' to start managing the local system again
++  (although it will continue to use its normal scheduling, so it might
++  not start for another half hour).
++
++  'puppet agent' exits after executing this.
++
++* --fingerprint:
++  Display the current certificate or certificate signing request
++  fingerprint and then exit. Use the '--digest' option to change the
++  digest algorithm used.
++
++* --help:
++  Print this help message
++
++* --logdest:
++  Where to send messages. Choose between syslog, the console, and a log
++  file. Defaults to sending messages to syslog, or the console if
++  debugging or verbosity is enabled.
++
++* --no-client:
++  Do not create a config client. This will cause the daemon to run
++  without ever checking for its configuration automatically, and only
++  makes sense when puppet agent is being run with listen = true in puppet.conf
++  or was started with the `--listen` option.
++
++* --noop:
++  Use 'noop' mode where the daemon runs in a no-op or dry-run mode. This
++  is useful for seeing what changes Puppet will make without actually
++  executing the changes.
++
++* --onetime:
++  Run the configuration once. Runs a single (normally daemonized) Puppet
++  run. Useful for interactively running puppet agent when used in
++  conjunction with the --no-daemonize option.
++
++* --serve:
++  Start another type of server. By default, 'puppet agent' will start a
++  service handler that allows authenticated and authorized remote nodes
++  to trigger the configuration to be pulled down and applied. You can
++  specify any handler here that does not require configuration, e.g.,
++  filebucket, ca, or resource. The handlers are in
++  'lib/puppet/network/handler', and the names must match exactly, both
++  in the call to 'serve' and in 'namespaceauth.conf'.
++
++* --test:
++  Enable the most common options used for testing. These are 'onetime',
++  'verbose', 'ignorecache', 'no-daemonize', 'no-usecacheonfailure',
++  'detailed-exit-codes', 'no-splay', and 'show_diff'.
++
++* --verbose:
++  Turn on verbose reporting.
++
++* --version:
++  Print the puppet version number and exit.
++
++* --waitforcert:
++  This option only matters for daemons that do not yet have certificates
++  and it is enabled by default, with a value of 120 (seconds). This
++  causes 'puppet agent' to connect to the server every 2 minutes and ask
++  it to sign a certificate request. This is useful for the initial setup
++  of a puppet client. You can turn off waiting for certificates by
++  specifying a time of 0.
++
++
++EXAMPLE
++-------
++    $ puppet agent --server puppet.domain.com
++
++
++DIAGNOSTICS
++-----------
++
++Puppet agent accepts the following signals:
++
++* SIGHUP:
++  Restart the puppet agent daemon.
++* SIGINT and SIGTERM:
++  Shut down the puppet agent daemon.
++* SIGUSR1:
++  Immediately retrieve and apply configurations from the puppet master.
++
++AUTHOR
++------
++Luke Kanies
++
++
++COPYRIGHT
++---------
++Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License
++
++    HELP
++  end
++
++  def run_command
++    return fingerprint if options[:fingerprint]
++    return onetime if Puppet[:onetime]
++    main
++  end
++
++  def fingerprint
++    unless cert = host.certificate || host.certificate_request
++      $stderr.puts "Fingerprint asked but no certificate nor certificate request have yet been issued"
++      exit(1)
++      return
++    end
++    unless fingerprint = cert.fingerprint(options[:digest])
++      raise ArgumentError, "Could not get fingerprint for digest '#{options[:digest]}'"
++    end
++    puts fingerprint
++  end
++
++  def onetime
++    unless options[:client]
++      $stderr.puts "onetime is specified but there is no client"
++      exit(43)
++      return
++    end
++
++    @daemon.set_signal_traps
++
++    begin
++      report = @agent.run
++    rescue => detail
++      puts detail.backtrace if Puppet[:trace]
++      Puppet.err detail.to_s
++    end
++
++    @daemon.stop(:exit => false)
++
++    if not report
++      exit(1)
++    elsif options[:detailed_exitcodes] then
++      exit(report.exit_status)
++    else
++      exit(0)
++    end
++  end
++
++  def main
++    Puppet.notice "Starting Puppet client version #{Puppet.version}"
++
++    @daemon.start
++  end
++
++  # Enable all of the most common test options.
++  def setup_test
++    Puppet.settings.handlearg("--ignorecache")
++    Puppet.settings.handlearg("--no-usecacheonfailure")
++    Puppet.settings.handlearg("--no-splay")
++    Puppet.settings.handlearg("--show_diff")
++    Puppet.settings.handlearg("--no-daemonize")
++    options[:verbose] = true
++    Puppet[:onetime] = true
++    options[:detailed_exitcodes] = true
++  end
++
++  # Handle the logging settings.
++  def setup_logs
++    if options[:debug] or options[:verbose]
++      Puppet::Util::Log.newdestination(:console)
++      if options[:debug]
++        Puppet::Util::Log.level = :debug
++      else
++        Puppet::Util::Log.level = :info
++      end
++    end
++
++    Puppet::Util::Log.newdestination(:syslog) unless options[:setdest]
++  end
++
++  def enable_disable_client(agent)
++    if options[:enable]
++      agent.enable
++    elsif options[:disable]
++      agent.disable(options[:disable_message] || 'reason not specified')
++    end
++    exit(0)
++  end
++
++  def setup_listen
++    unless FileTest.exists?(Puppet[:rest_authconfig])
++      Puppet.err "Will not start without authorization file #{Puppet[:rest_authconfig]}"
++      exit(14)
++    end
++
++    handlers = nil
++
++    if options[:serve].empty?
++      handlers = [:Runner]
++    else
++      handlers = options[:serve]
++    end
++
++    require 'puppet/network/server'
++    # No REST handlers yet.
++    server = Puppet::Network::Server.new(:xmlrpc_handlers => handlers, :port => Puppet[:puppetport])
++
++    @daemon.server = server
++  end
++
++  def setup_host
++    @host = Puppet::SSL::Host.new
++    waitforcert = options[:waitforcert] || (Puppet[:onetime] ? 0 : 120)
++    cert = @host.wait_for_cert(waitforcert) unless options[:fingerprint]
++  end
++
++  def setup_agent
++    # We need tomake the client either way, we just don't start it
++    # if --no-client is set.
++    require 'puppet/agent'
++    require 'puppet/configurer'
++    @agent = Puppet::Agent.new(Puppet::Configurer)
++
++    enable_disable_client(@agent) if options[:enable] or options[:disable]
++
++    @daemon.agent = agent if options[:client]
++
++    # It'd be nice to daemonize later, but we have to daemonize before the
++    # waitforcert happens.
++    @daemon.daemonize if Puppet[:daemonize]
++
++    setup_host
++
++    @objects = []
++
++    # This has to go after the certs are dealt with.
++    if Puppet[:listen]
++      unless Puppet[:onetime]
++        setup_listen
++      else
++        Puppet.notice "Ignoring --listen on onetime run"
++      end
++    end
++  end
++
++  def setup
++    setup_test if options[:test]
++
++    setup_logs
++
++    exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
++
++    args[:Server] = Puppet[:server]
++    if options[:fqdn]
++      args[:FQDN] = options[:fqdn]
++      Puppet[:certname] = options[:fqdn]
++    end
++
++    if options[:centrallogs]
++      logdest = args[:Server]
++
++      logdest += ":" + args[:Port] if args.include?(:Port)
++      Puppet::Util::Log.newdestination(logdest)
++    end
++
++    Puppet.settings.use :main, :agent, :ssl
++
++    # Always ignoreimport for agent. It really shouldn't even try to import,
++    # but this is just a temporary band-aid.
++    Puppet[:ignoreimport] = true
++
++    # We need to specify a ca location for all of the SSL-related i
++    # indirected classes to work; in fingerprint mode we just need
++    # access to the local files and we don't need a ca.
++    Puppet::SSL::Host.ca_location = options[:fingerprint] ? :none : :remote
++
++    Puppet::Transaction::Report.indirection.terminus_class = :rest
++    # we want the last report to be persisted locally
++    Puppet::Transaction::Report.indirection.cache_class = :yaml
++
++    # Override the default; puppetd needs this, usually.
++    # You can still override this on the command-line with, e.g., :compiler.
++    Puppet[:catalog_terminus] = :rest
++
++    # Override the default.
++    Puppet[:facts_terminus] = :facter
++
++    Puppet::Resource::Catalog.indirection.cache_class = :yaml
++
++    unless options[:fingerprint]
++      setup_agent
++    else
++      setup_host
++    end
++  end
++end
 === added directory '.pc/puppet-12844/lib/puppet/util'
 === added file '.pc/puppet-12844/lib/puppet/util/anonymous_filelock.rb'
 --- .pc/puppet-12844/lib/puppet/util/anonymous_filelock.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/lib/puppet/util/anonymous_filelock.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,36 @@
++
++class Puppet::Util::AnonymousFilelock
++  attr_reader :lockfile
++
++  def initialize(lockfile)
++    @lockfile = lockfile
++  end
++
++  def anonymous?
++    true
++  end
++
++  def lock(msg = '')
++    return false if locked?
++
++    File.open(@lockfile, 'w') { |fd| fd.print(msg) }
++    true
++  end
++
++  def unlock
++    if locked?
++      File.unlink(@lockfile)
++      true
++    else
++      false
++    end
++  end
++
++  def locked?
++    File.exists? @lockfile
++  end
++
++  def message
++    return File.read(@lockfile) if locked?
++  end
++end
 \ No newline at end of file
 === added file '.pc/puppet-12844/lib/puppet/util/pidlock.rb'
 --- .pc/puppet-12844/lib/puppet/util/pidlock.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/lib/puppet/util/pidlock.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,68 @@
++require 'fileutils'
++require 'puppet/util/anonymous_filelock'
++
++class Puppet::Util::Pidlock < Puppet::Util::AnonymousFilelock
++
++  def locked?
++    clear_if_stale
++    File.exists? @lockfile
++  end
++
++  def mine?
++    Process.pid == lock_pid
++  end
++
++  def anonymous?
++    false
++  end
++
++  def lock
++    return mine? if locked?
++
++    File.open(@lockfile, "w") { |fd| fd.write(Process.pid) }
++    true
++  end
++
++  def unlock(opts = {})
++    if mine?
++      begin
++        File.unlink(@lockfile)
++      rescue Errno::ENOENT
++        # Someone deleted it for us ...and so we do nothing.  No point whining
++        # about a problem that the user can't actually do anything about.
++      rescue SystemCallError => e
++        # This one is a real failure though.  No idea what went wrong, but it
++        # is most likely "read only file(system)" or wrong permissions or
++        # something like that.
++        Puppet.err "Could not remove PID file #{@lockfile}: #{e}"
++        puts e.backtrace if Puppet[:trace]
++      end
++      true
++    else
++      false
++    end
++  end
++
++  def lock_pid
++    if File.exists? @lockfile
++      File.read(@lockfile).to_i
++    else
++      nil
++    end
++  end
++
++  private
++  def clear_if_stale
++    return if lock_pid.nil?
++
++    errors = [Errno::ESRCH]
++    # Process::Error can only happen, and is only defined, on Windows
++    errors << Process::Error if defined? Process::Error
++
++    begin
++      Process.kill(0, lock_pid)
++    rescue *errors
++      File.unlink(@lockfile)
++    end
++  end
++end
 === added directory '.pc/puppet-12844/spec'
 === added directory '.pc/puppet-12844/spec/unit'
 === added directory '.pc/puppet-12844/spec/unit/agent'
 === added file '.pc/puppet-12844/spec/unit/agent/locker_spec.rb'
 --- .pc/puppet-12844/spec/unit/agent/locker_spec.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/spec/unit/agent/locker_spec.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,87 @@
++#!/usr/bin/env rspec
++require 'spec_helper'
++require 'puppet/agent'
++require 'puppet/agent/locker'
++
++class LockerTester
++  include Puppet::Agent::Locker
++end
++
++describe Puppet::Agent::Locker do
++  before do
++    @locker = LockerTester.new
++    @locker.stubs(:lockfile_path).returns "/my/lock"
++  end
++
++  it "should use a Pidlock instance as its lockfile" do
++    @locker.lockfile.should be_instance_of(Puppet::Util::Pidlock)
++  end
++
++  it "should use 'lockfile_path' to determine its lockfile path" do
++    @locker.expects(:lockfile_path).returns "/my/lock"
++    lock = Puppet::Util::Pidlock.new("/my/lock")
++    Puppet::Util::Pidlock.expects(:new).with("/my/lock").returns lock
++
++    @locker.lockfile
++  end
++
++  it "should reuse the same lock file each time" do
++    @locker.lockfile.should equal(@locker.lockfile)
++  end
++
++  it "should have a method that yields when a lock is attained" do
++    @locker.lockfile.expects(:lock).returns true
++
++    yielded = false
++    @locker.lock do
++      yielded = true
++    end
++    yielded.should be_true
++  end
++
++  it "should return true when the lock method successfully locked" do
++    @locker.lockfile.expects(:lock).returns true
++
++    @locker.lock {}.should be_true
++  end
++
++  it "should return true when the lock method does not receive the lock" do
++    @locker.lockfile.expects(:lock).returns false
++
++    @locker.lock {}.should be_false
++  end
++
++  it "should not yield when the lock method does not receive the lock" do
++    @locker.lockfile.expects(:lock).returns false
++
++    yielded = false
++    @locker.lock { yielded = true }
++    yielded.should be_false
++  end
++
++  it "should not unlock when a lock was not received" do
++    @locker.lockfile.expects(:lock).returns false
++    @locker.lockfile.expects(:unlock).never
++
++    @locker.lock {}
++  end
++
++  it "should unlock after yielding upon obtaining a lock" do
++    @locker.lockfile.stubs(:lock).returns true
++    @locker.lockfile.expects(:unlock)
++
++    @locker.lock {}
++  end
++
++  it "should unlock after yielding upon obtaining a lock, even if the block throws an exception" do
++    @locker.lockfile.stubs(:lock).returns true
++    @locker.lockfile.expects(:unlock)
++
++    lambda { @locker.lock { raise "foo" } }.should raise_error(RuntimeError)
++  end
++
++  it "should be considered running if the lockfile is locked" do
++    @locker.lockfile.expects(:locked?).returns true
++    @locker.should be_running
++  end
++end
 === added file '.pc/puppet-12844/spec/unit/agent_backward_compatibility_spec.rb'
 === added file '.pc/puppet-12844/spec/unit/agent_spec.rb'
 --- .pc/puppet-12844/spec/unit/agent_spec.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/spec/unit/agent_spec.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,285 @@
++#!/usr/bin/env rspec
++require 'spec_helper'
++require 'puppet/agent'
++
++class AgentTestClient
++  def run
++    # no-op
++  end
++  def stop
++    # no-op
++  end
++end
++
++def without_warnings
++  flag = $VERBOSE
++  $VERBOSE = nil
++  yield
++  $VERBOSE = flag
++end
++
++describe Puppet::Agent do
++  before do
++    @agent = Puppet::Agent.new(AgentTestClient)
++
++    # So we don't actually try to hit the filesystem.
++    @agent.stubs(:lock).yields
++    @agent.stubs(:disabled?).returns(false)
++
++    # make Puppet::Application safe for stubbing; restore in an :after block; silence warnings for this.
++    without_warnings { Puppet::Application = Class.new(Puppet::Application) }
++    Puppet::Application.stubs(:clear?).returns(true)
++    Puppet::Application.class_eval do
++      class << self
++        def controlled_run(&block)
++          block.call
++        end
++      end
++    end
++  end
++
++  after do
++    # restore Puppet::Application from stub-safe subclass, and silence warnings
++    without_warnings { Puppet::Application = Puppet::Application.superclass }
++  end
++
++  it "should set its client class at initialization" do
++    Puppet::Agent.new("foo").client_class.should == "foo"
++  end
++
++  it "should include the Locker module" do
++    Puppet::Agent.ancestors.should be_include(Puppet::Agent::Locker)
++  end
++
++  it "should create an instance of its client class and run it when asked to run" do
++    client = mock 'client'
++    AgentTestClient.expects(:new).returns client
++
++    client.expects(:run)
++
++    @agent.stubs(:running?).returns false
++    @agent.run
++  end
++
++  it "should determine its lock file path by asking the client class" do
++    AgentTestClient.expects(:lockfile_path).returns "/my/lock"
++    @agent.lockfile_path.should == "/my/lock"
++  end
++
++  it "should be considered running if the lock file is locked" do
++    lockfile = mock 'lockfile'
++
++    @agent.expects(:lockfile).returns lockfile
++    lockfile.expects(:locked?).returns true
++
++    @agent.should be_running
++  end
++
++  describe "when being run" do
++    before do
++      AgentTestClient.stubs(:lockfile_path).returns "/my/lock"
++      @agent.stubs(:running?).returns false
++    end
++
++    it "should splay" do
++      @agent.expects(:splay)
++      @agent.stubs(:running?).returns false
++
++      @agent.run
++    end
++
++    it "should do nothing if already running" do
++      @agent.expects(:running?).returns true
++      AgentTestClient.expects(:new).never
++      @agent.run
++    end
++
++    it "should do nothing if disabled" do
++      @agent.expects(:disabled?).returns(true)
++      AgentTestClient.expects(:new).never
++      @agent.run
++    end
++
++    it "should use Puppet::Application.controlled_run to manage process state behavior" do
++      calls = sequence('calls')
++      Puppet::Application.expects(:controlled_run).yields.in_sequence(calls)
++      AgentTestClient.expects(:new).once.in_sequence(calls)
++      @agent.run
++    end
++
++    it "should not fail if a client class instance cannot be created" do
++      AgentTestClient.expects(:new).raises "eh"
++      Puppet.expects(:err)
++      @agent.run
++    end
++
++    it "should not fail if there is an exception while running its client" do
++      client = AgentTestClient.new
++      AgentTestClient.expects(:new).returns client
++      client.expects(:run).raises "eh"
++      Puppet.expects(:err)
++      @agent.run
++    end
++
++    it "should use a mutex to restrict multi-threading" do
++      client = AgentTestClient.new
++      AgentTestClient.expects(:new).returns client
++
++      mutex = mock 'mutex'
++      @agent.expects(:sync).returns mutex
++
++      mutex.expects(:synchronize)
++      client.expects(:run).never # if it doesn't run, then we know our yield is what triggers it
++      @agent.run
++    end
++
++    it "should use a filesystem lock to restrict multiple processes running the agent" do
++      client = AgentTestClient.new
++      AgentTestClient.expects(:new).returns client
++
++      @agent.expects(:lock)
++
++      client.expects(:run).never # if it doesn't run, then we know our yield is what triggers it
++      @agent.run
++    end
++
++    it "should make its client instance available while running" do
++      client = AgentTestClient.new
++      AgentTestClient.expects(:new).returns client
++
++      client.expects(:run).with { @agent.client.should equal(client); true }
++      @agent.run
++    end
++
++    it "should run the client instance with any arguments passed to it" do
++      client = AgentTestClient.new
++      AgentTestClient.expects(:new).returns client
++
++      client.expects(:run).with("testargs")
++      @agent.run("testargs")
++    end
++  end
++
++  describe "when splaying" do
++    before do
++      Puppet.settings.stubs(:value).with(:splay).returns true
++      Puppet.settings.stubs(:value).with(:splaylimit).returns "10"
++    end
++
++    it "should do nothing if splay is disabled" do
++      Puppet.settings.expects(:value).returns false
++      @agent.expects(:sleep).never
++      @agent.splay
++    end
++
++    it "should do nothing if it has already splayed" do
++      @agent.expects(:splayed?).returns true
++      @agent.expects(:sleep).never
++      @agent.splay
++    end
++
++    it "should log that it is splaying" do
++      @agent.stubs :sleep
++      Puppet.expects :info
++      @agent.splay
++    end
++
++    it "should sleep for a random portion of the splaylimit plus 1" do
++      Puppet.settings.expects(:value).with(:splaylimit).returns "50"
++      @agent.expects(:rand).with(51).returns 10
++      @agent.expects(:sleep).with(10)
++      @agent.splay
++    end
++
++    it "should mark that it has splayed" do
++      @agent.stubs(:sleep)
++      @agent.splay
++      @agent.should be_splayed
++    end
++  end
++
++  describe "when checking execution state" do
++    describe 'with regular run status' do
++      before :each do
++        Puppet::Application.stubs(:restart_requested?).returns(false)
++        Puppet::Application.stubs(:stop_requested?).returns(false)
++        Puppet::Application.stubs(:interrupted?).returns(false)
++        Puppet::Application.stubs(:clear?).returns(true)
++      end
++
++      it 'should be false for :stopping?' do
++        @agent.stopping?.should be_false
++      end
++
++      it 'should be false for :needing_restart?' do
++        @agent.needing_restart?.should be_false
++      end
++    end
++
++    describe 'with a stop requested' do
++      before :each do
++        Puppet::Application.stubs(:clear?).returns(false)
++        Puppet::Application.stubs(:restart_requested?).returns(false)
++        Puppet::Application.stubs(:stop_requested?).returns(true)
++        Puppet::Application.stubs(:interrupted?).returns(true)
++      end
++
++      it 'should be true for :stopping?' do
++        @agent.stopping?.should be_true
++      end
++
++      it 'should be false for :needing_restart?' do
++        @agent.needing_restart?.should be_false
++      end
++    end
++
++    describe 'with a restart requested' do
++      before :each do
++        Puppet::Application.stubs(:clear?).returns(false)
++        Puppet::Application.stubs(:restart_requested?).returns(true)
++        Puppet::Application.stubs(:stop_requested?).returns(false)
++        Puppet::Application.stubs(:interrupted?).returns(true)
++      end
++
++      it 'should be false for :stopping?' do
++        @agent.stopping?.should be_false
++      end
++
++      it 'should be true for :needing_restart?' do
++        @agent.needing_restart?.should be_true
++      end
++    end
++  end
++
++  describe "when starting" do
++    before do
++      @agent.stubs(:observe_signal)
++    end
++
++    it "should create a timer with the runinterval, a tolerance of 1, and :start? set to true" do
++      Puppet.settings.expects(:value).with(:runinterval).returns 5
++      timer = stub 'timer', :sound_alarm => nil
++      EventLoop::Timer.expects(:new).with(:interval => 5, :start? => true, :tolerance => 1).returns timer
++
++      @agent.stubs(:run)
++      @agent.start
++    end
++
++    it "should run once immediately" do
++      timer = mock 'timer'
++      EventLoop::Timer.expects(:new).returns timer
++
++      timer.expects(:sound_alarm)
++
++      @agent.start
++    end
++
++    it "should run within the block passed to the timer" do
++      timer = stub 'timer', :sound_alarm => nil
++      EventLoop::Timer.expects(:new).returns(timer).yields
++      @agent.expects(:run)
++
++      @agent.start
++    end
++  end
++end
 === added directory '.pc/puppet-12844/spec/unit/application'
 === added file '.pc/puppet-12844/spec/unit/application/agent_spec.rb'
 --- .pc/puppet-12844/spec/unit/application/agent_spec.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/spec/unit/application/agent_spec.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,631 @@
++#!/usr/bin/env rspec
++require 'spec_helper'
++
++require 'puppet/agent'
++require 'puppet/application/agent'
++require 'puppet/network/server'
++require 'puppet/daemon'
++require 'puppet/network/handler'
++
++describe Puppet::Application::Agent do
++  before :each do
++    @puppetd = Puppet::Application[:agent]
++    @puppetd.stubs(:puts)
++    @daemon = stub_everything 'daemon'
++    Puppet::Daemon.stubs(:new).returns(@daemon)
++    Puppet[:daemonize] = false
++    @agent = stub_everything 'agent'
++    Puppet::Agent.stubs(:new).returns(@agent)
++    @puppetd.preinit
++    Puppet::Util::Log.stubs(:newdestination)
++
++    Puppet::Node.indirection.stubs(:terminus_class=)
++    Puppet::Node.indirection.stubs(:cache_class=)
++    Puppet::Node::Facts.indirection.stubs(:terminus_class=)
++  end
++
++  it "should operate in agent run_mode" do
++    @puppetd.class.run_mode.name.should == :agent
++  end
++
++  it "should ask Puppet::Application to parse Puppet configuration file" do
++    @puppetd.should_parse_config?.should be_true
++  end
++
++  it "should declare a main command" do
++    @puppetd.should respond_to(:main)
++  end
++
++  it "should declare a onetime command" do
++    @puppetd.should respond_to(:onetime)
++  end
++
++  it "should declare a fingerprint command" do
++    @puppetd.should respond_to(:fingerprint)
++  end
++
++  it "should declare a preinit block" do
++    @puppetd.should respond_to(:preinit)
++  end
++
++  describe "in preinit" do
++    it "should catch INT" do
++      Signal.expects(:trap).with { |arg,block| arg == :INT }
++
++      @puppetd.preinit
++    end
++
++    it "should init client to true" do
++      @puppetd.preinit
++
++      @puppetd.options[:client].should be_true
++    end
++
++    it "should init fqdn to nil" do
++      @puppetd.preinit
++
++      @puppetd.options[:fqdn].should be_nil
++    end
++
++    it "should init serve to []" do
++      @puppetd.preinit
++
++      @puppetd.options[:serve].should == []
++    end
++
++    it "should use MD5 as default digest algorithm" do
++      @puppetd.preinit
++
++      @puppetd.options[:digest].should == :MD5
++    end
++
++    it "should not fingerprint by default" do
++      @puppetd.preinit
++
++      @puppetd.options[:fingerprint].should be_false
++    end
++  end
++
++  describe "when handling options" do
++    before do
++      @puppetd.command_line.stubs(:args).returns([])
++    end
++
++    [:centrallogging, :enable, :debug, :fqdn, :test, :verbose, :digest].each do |option|
++      it "should declare handle_#{option} method" do
++        @puppetd.should respond_to("handle_#{option}".to_sym)
++      end
++
++      it "should store argument value when calling handle_#{option}" do
++        @puppetd.options.expects(:[]=).with(option, 'arg')
++        @puppetd.send("handle_#{option}".to_sym, 'arg')
++      end
++    end
++
++    describe "when handling --disable" do
++      it "should declare handle_disable method" do
++        @puppetd.should respond_to(:handle_disable)
++      end
++
++      it "should set disable to true" do
++        @puppetd.options.stubs(:[]=)
++        @puppetd.options.expects(:[]=).with(:disable, true)
++        @puppetd.handle_disable('')
++      end
++
++      it "should store disable message" do
++        @puppetd.options.stubs(:[]=)
++        @puppetd.options.expects(:[]=).with(:disable_message, "message")
++        @puppetd.handle_disable('message')
++      end
++    end
++
++    it "should set an existing handler on server" do
++      Puppet::Network::Handler.stubs(:handler).with("handler").returns(true)
++
++      @puppetd.handle_serve("handler")
++      @puppetd.options[:serve].should == [ :handler ]
++    end
++
++    it "should set client to false with --no-client" do
++      @puppetd.handle_no_client(nil)
++      @puppetd.options[:client].should be_false
++    end
++
++    it "should set waitforcert to 0 with --onetime and if --waitforcert wasn't given" do
++      Puppet[:onetime] = true
++      Puppet::SSL::Host.any_instance.expects(:wait_for_cert).with(0)
++      @puppetd.setup_host
++    end
++
++    it "should use supplied waitforcert when --onetime is specified" do
++      Puppet[:onetime] = true
++      @puppetd.handle_waitforcert(60)
++      Puppet::SSL::Host.any_instance.expects(:wait_for_cert).with(60)
++      @puppetd.setup_host
++    end
++
++    it "should use a default value for waitforcert when --onetime and --waitforcert are not specified" do
++      Puppet::SSL::Host.any_instance.expects(:wait_for_cert).with(120)
++      @puppetd.setup_host
++    end
++
++    it "should set the log destination with --logdest" do
++      @puppetd.options.stubs(:[]=).with { |opt,val| opt == :setdest }
++      Puppet::Log.expects(:newdestination).with("console")
++
++      @puppetd.handle_logdest("console")
++    end
++
++    it "should put the setdest options to true" do
++      @puppetd.options.expects(:[]=).with(:setdest,true)
++
++      @puppetd.handle_logdest("console")
++    end
++
++    it "should parse the log destination from the command line" do
++      @puppetd.command_line.stubs(:args).returns(%w{--logdest /my/file})
++
++      Puppet::Util::Log.expects(:newdestination).with("/my/file")
++
++      @puppetd.parse_options
++    end
++
++    it "should store the waitforcert options with --waitforcert" do
++      @puppetd.options.expects(:[]=).with(:waitforcert,42)
++
++      @puppetd.handle_waitforcert("42")
++    end
++
++    it "should set args[:Port] with --port" do
++      @puppetd.handle_port("42")
++      @puppetd.args[:Port].should == "42"
++    end
++
++  end
++
++  describe "during setup" do
++    before :each do
++      @puppetd.options.stubs(:[])
++      Puppet.stubs(:info)
++      FileTest.stubs(:exists?).returns(true)
++      Puppet[:libdir] = "/dev/null/lib"
++      Puppet::SSL::Host.stubs(:ca_location=)
++      Puppet::Transaction::Report.indirection.stubs(:terminus_class=)
++      Puppet::Transaction::Report.indirection.stubs(:cache_class=)
++      Puppet::Resource::Catalog.indirection.stubs(:terminus_class=)
++      Puppet::Resource::Catalog.indirection.stubs(:cache_class=)
++      Puppet::Node::Facts.indirection.stubs(:terminus_class=)
++      @host = stub_everything 'host'
++      Puppet::SSL::Host.stubs(:new).returns(@host)
++      Puppet.stubs(:settraps)
++    end
++
++    describe "with --test" do
++      before :each do
++        #Puppet.settings.stubs(:handlearg)
++        @puppetd.options.stubs(:[]=)
++      end
++
++      it "should call setup_test" do
++        @puppetd.options.stubs(:[]).with(:test).returns(true)
++        @puppetd.expects(:setup_test)
++        @puppetd.setup
++      end
++
++      it "should set options[:verbose] to true" do
++        @puppetd.options.expects(:[]=).with(:verbose,true)
++        @puppetd.setup_test
++      end
++      it "should set options[:onetime] to true" do
++        Puppet[:onetime] = false
++        @puppetd.setup_test
++        Puppet[:onetime].should == true
++      end
++      it "should set options[:detailed_exitcodes] to true" do
++        @puppetd.options.expects(:[]=).with(:detailed_exitcodes,true)
++        @puppetd.setup_test
++      end
++    end
++
++    it "should call setup_logs" do
++      @puppetd.expects(:setup_logs)
++      @puppetd.setup
++    end
++
++    describe "when setting up logs" do
++      before :each do
++        Puppet::Util::Log.stubs(:newdestination)
++      end
++
++      it "should set log level to debug if --debug was passed" do
++        @puppetd.options.stubs(:[]).with(:debug).returns(true)
++        @puppetd.setup_logs
++        Puppet::Util::Log.level.should == :debug
++      end
++
++      it "should set log level to info if --verbose was passed" do
++        @puppetd.options.stubs(:[]).with(:verbose).returns(true)
++        @puppetd.setup_logs
++        Puppet::Util::Log.level.should == :info
++      end
++
++      [:verbose, :debug].each do |level|
++        it "should set console as the log destination with level #{level}" do
++          @puppetd.options.stubs(:[]).with(level).returns(true)
++
++          Puppet::Util::Log.expects(:newdestination).with(:console)
++
++          @puppetd.setup_logs
++        end
++      end
++
++      it "should set syslog as the log destination if no --logdest" do
++        @puppetd.options.stubs(:[]).with(:setdest).returns(false)
++
++        Puppet::Util::Log.expects(:newdestination).with(:syslog)
++
++        @puppetd.setup_logs
++      end
++
++    end
++
++    it "should print puppet config if asked to in Puppet config" do
++      Puppet[:configprint] = "pluginsync"
++      Puppet.settings.expects(:print_configs).returns true
++      expect { @puppetd.setup }.to exit_with 0
++    end
++
++    it "should exit after printing puppet config if asked to in Puppet config" do
++      Puppet[:modulepath] = '/my/path'
++      Puppet[:configprint] = "modulepath"
++      Puppet::Util::Settings.any_instance.expects(:puts).with('/my/path')
++      expect { @puppetd.setup }.to exit_with 0
++    end
++
++    it "should set a central log destination with --centrallogs" do
++      @puppetd.options.stubs(:[]).with(:centrallogs).returns(true)
++      Puppet[:server] = "puppet.reductivelabs.com"
++      Puppet::Util::Log.stubs(:newdestination).with(:syslog)
++
++      Puppet::Util::Log.expects(:newdestination).with("puppet.reductivelabs.com")
++
++      @puppetd.setup
++    end
++
++    it "should use :main, :puppetd, and :ssl" do
++      Puppet.settings.expects(:use).with(:main, :agent, :ssl)
++
++      @puppetd.setup
++    end
++
++    it "should install a remote ca location" do
++      Puppet::SSL::Host.expects(:ca_location=).with(:remote)
++
++      @puppetd.setup
++    end
++
++    it "should install a none ca location in fingerprint mode" do
++      @puppetd.options.stubs(:[]).with(:fingerprint).returns(true)
++      Puppet::SSL::Host.expects(:ca_location=).with(:none)
++
++      @puppetd.setup
++    end
++
++    it "should tell the report handler to use REST" do
++      Puppet::Transaction::Report.indirection.expects(:terminus_class=).with(:rest)
++
++      @puppetd.setup
++    end
++
++    it "should tell the report handler to cache locally as yaml" do
++      Puppet::Transaction::Report.indirection.expects(:cache_class=).with(:yaml)
++
++      @puppetd.setup
++    end
++
++    it "should change the catalog_terminus setting to 'rest'" do
++      Puppet[:catalog_terminus] = :foo
++      @puppetd.setup
++      Puppet[:catalog_terminus].should ==  :rest
++    end
++
++    it "should tell the catalog handler to use cache" do
++      Puppet::Resource::Catalog.indirection.expects(:cache_class=).with(:yaml)
++
++      @puppetd.setup
++    end
++
++    it "should change the facts_terminus setting to 'facter'" do
++      Puppet[:facts_terminus] = :foo
++
++      @puppetd.setup
++      Puppet[:facts_terminus].should == :facter
++    end
++
++    it "should create an agent" do
++      Puppet::Agent.stubs(:new).with(Puppet::Configurer)
++
++      @puppetd.setup
++    end
++
++    [:enable, :disable].each do |action|
++      it "should delegate to enable_disable_client if we #{action} the agent" do
++        @puppetd.options.stubs(:[]).with(action).returns(true)
++        @puppetd.expects(:enable_disable_client).with(@agent)
++
++        @puppetd.setup
++      end
++    end
++
++    describe "when enabling or disabling agent" do
++      [:enable, :disable].each do |action|
++        it "should call client.#{action}" do
++          @puppetd.options.stubs(:[]).with(action).returns(true)
++          @agent.expects(action)
++          expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++        end
++      end
++
++      it "should pass the disable message when disabling" do
++        @puppetd.options.stubs(:[]).with(:disable).returns(true)
++        @puppetd.options.stubs(:[]).with(:disable_message).returns("message")
++        @agent.expects(:disable).with("message")
++        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++      end
++
++      it "should pass the default disable message when disabling without a message" do
++        @puppetd.options.stubs(:[]).with(:disable).returns(true)
++        @puppetd.options.stubs(:[]).with(:disable_message).returns(nil)
++        @agent.expects(:disable).with("reason not specified")
++        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++      end
++
++      it "should finally exit" do
++        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++      end
++    end
++
++    it "should inform the daemon about our agent if :client is set to 'true'" do
++      @puppetd.options.expects(:[]).with(:client).returns true
++      @daemon.expects(:agent=).with(@agent)
++      @puppetd.setup
++    end
++
++    it "should not inform the daemon about our agent if :client is set to 'false'" do
++      @puppetd.options[:client] = false
++      @daemon.expects(:agent=).never
++      @puppetd.setup
++    end
++
++    it "should daemonize if needed" do
++      Puppet.features.stubs(:microsoft_windows?).returns false
++      Puppet[:daemonize] = true
++
++      @daemon.expects(:daemonize)
++
++      @puppetd.setup
++    end
++
++    it "should wait for a certificate" do
++      @puppetd.options.stubs(:[]).with(:waitforcert).returns(123)
++      @host.expects(:wait_for_cert).with(123)
++
++      @puppetd.setup
++    end
++
++    it "should not wait for a certificate in fingerprint mode" do
++      @puppetd.options.stubs(:[]).with(:fingerprint).returns(true)
++      @puppetd.options.stubs(:[]).with(:waitforcert).returns(123)
++      @host.expects(:wait_for_cert).never
++
++      @puppetd.setup
++    end
++
++    it "should setup listen if told to and not onetime" do
++      Puppet[:listen] = true
++      @puppetd.options.stubs(:[]).with(:onetime).returns(false)
++
++      @puppetd.expects(:setup_listen)
++
++      @puppetd.setup
++    end
++
++    describe "when setting up listen" do
++      before :each do
++        Puppet[:authconfig] = 'auth'
++        FileTest.stubs(:exists?).with('auth').returns(true)
++        File.stubs(:exist?).returns(true)
++        @puppetd.options.stubs(:[]).with(:serve).returns([])
++        @server = stub_everything 'server'
++        Puppet::Network::Server.stubs(:new).returns(@server)
++      end
++
++
++      it "should exit if no authorization file" do
++        Puppet.stubs(:err)
++        FileTest.stubs(:exists?).with(Puppet[:rest_authconfig]).returns(false)
++        expect { @puppetd.setup_listen }.to exit_with 14
++      end
++
++      it "should create a server to listen on at least the Runner handler" do
++        Puppet::Network::Server.expects(:new).with { |args| args[:xmlrpc_handlers] == [:Runner] }
++
++        @puppetd.setup_listen
++      end
++
++      it "should create a server to listen for specific handlers" do
++        @puppetd.options.stubs(:[]).with(:serve).returns([:handler])
++        Puppet::Network::Server.expects(:new).with { |args| args[:xmlrpc_handlers] == [:handler] }
++
++        @puppetd.setup_listen
++      end
++
++      it "should use puppet default port" do
++        Puppet[:puppetport] = 32768
++
++        Puppet::Network::Server.expects(:new).with { |args| args[:port] == 32768 }
++
++        @puppetd.setup_listen
++      end
++    end
++
++    describe "when setting up for fingerprint" do
++      before(:each) do
++        @puppetd.options.stubs(:[]).with(:fingerprint).returns(true)
++      end
++
++      it "should not setup as an agent" do
++        @puppetd.expects(:setup_agent).never
++        @puppetd.setup
++      end
++
++      it "should not create an agent" do
++        Puppet::Agent.stubs(:new).with(Puppet::Configurer).never
++        @puppetd.setup
++      end
++
++      it "should not daemonize" do
++        @daemon.expects(:daemonize).never
++        @puppetd.setup
++      end
++
++      it "should setup our certificate host" do
++        @puppetd.expects(:setup_host)
++        @puppetd.setup
++      end
++    end
++  end
++
++
++  describe "when running" do
++    before :each do
++      @puppetd.agent = @agent
++      @puppetd.daemon = @daemon
++      @puppetd.options.stubs(:[]).with(:fingerprint).returns(false)
++    end
++
++    it "should dispatch to fingerprint if --fingerprint is used" do
++      @puppetd.options.stubs(:[]).with(:fingerprint).returns(true)
++
++      @puppetd.stubs(:fingerprint)
++      @puppetd.run_command
++    end
++
++    it "should dispatch to onetime if --onetime is used" do
++      @puppetd.options.stubs(:[]).with(:onetime).returns(true)
++
++      @puppetd.stubs(:onetime)
++      @puppetd.run_command
++    end
++
++    it "should dispatch to main if --onetime and --fingerprint are not used" do
++      @puppetd.options.stubs(:[]).with(:onetime).returns(false)
++
++      @puppetd.stubs(:main)
++      @puppetd.run_command
++    end
++
++    describe "with --onetime" do
++
++      before :each do
++        @agent.stubs(:run).returns(:report)
++        @puppetd.options.stubs(:[]).with(:client).returns(:client)
++        @puppetd.options.stubs(:[]).with(:detailed_exitcodes).returns(false)
++        Puppet.stubs(:newservice)
++      end
++
++      it "should exit if no defined --client" do
++        $stderr.stubs(:puts)
++        @puppetd.options.stubs(:[]).with(:client).returns(nil)
++        expect { @puppetd.onetime }.to exit_with 43
++      end
++
++      it "should setup traps" do
++        @daemon.expects(:set_signal_traps)
++        expect { @puppetd.onetime }.to exit_with 0
++      end
++
++      it "should let the agent run" do
++        @agent.expects(:run).returns(:report)
++        expect { @puppetd.onetime }.to exit_with 0
++      end
++
++      it "should finish by exiting with 0 error code" do
++        expect { @puppetd.onetime }.to exit_with 0
++      end
++
++      it "should stop the daemon" do
++        @daemon.expects(:stop).with(:exit => false)
++        expect { @puppetd.onetime }.to exit_with 0
++      end
++
++      describe "and --detailed-exitcodes" do
++        before :each do
++          @puppetd.options.stubs(:[]).with(:detailed_exitcodes).returns(true)
++        end
++
++        it "should exit with report's computed exit status" do
++          Puppet[:noop] = false
++          report = stub 'report', :exit_status => 666
++          @agent.stubs(:run).returns(report)
++
++          expect { @puppetd.onetime }.to exit_with 666
++        end
++
++        it "should exit with the report's computer exit status, even if --noop is set." do
++          Puppet[:noop] = true
++          report = stub 'report', :exit_status => 666
++          @agent.stubs(:run).returns(report)
++
++          expect { @puppetd.onetime }.to exit_with 666
++        end
++      end
++    end
++
++    describe "with --fingerprint" do
++      before :each do
++        @cert = stub_everything 'cert'
++        @puppetd.options.stubs(:[]).with(:fingerprint).returns(true)
++        @puppetd.options.stubs(:[]).with(:digest).returns(:MD5)
++        @host = stub_everything 'host'
++        @puppetd.stubs(:host).returns(@host)
++      end
++
++      it "should fingerprint the certificate if it exists" do
++        @host.expects(:certificate).returns(@cert)
++        @cert.expects(:fingerprint).with(:MD5).returns "fingerprint"
++        @puppetd.fingerprint
++      end
++
++      it "should fingerprint the certificate request if no certificate have been signed" do
++        @host.expects(:certificate).returns(nil)
++        @host.expects(:certificate_request).returns(@cert)
++        @cert.expects(:fingerprint).with(:MD5).returns "fingerprint"
++        @puppetd.fingerprint
++      end
++
++      it "should display the fingerprint" do
++        @host.stubs(:certificate).returns(@cert)
++        @cert.stubs(:fingerprint).with(:MD5).returns("DIGEST")
++
++        @puppetd.expects(:puts).with "DIGEST"
++
++        @puppetd.fingerprint
++      end
++    end
++
++    describe "without --onetime and --fingerprint" do
++      before :each do
++        Puppet.stubs(:notice)
++        @puppetd.options.stubs(:[]).with(:client)
++      end
++
++      it "should start our daemon" do
++        @daemon.expects(:start)
++
++        @puppetd.main
++      end
++    end
++  end
++end
 === added directory '.pc/puppet-12844/spec/unit/util'
 === added file '.pc/puppet-12844/spec/unit/util/anonymous_filelock_spec.rb'
 --- .pc/puppet-12844/spec/unit/util/anonymous_filelock_spec.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/spec/unit/util/anonymous_filelock_spec.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,78 @@
++#!/usr/bin/env rspec
++require 'spec_helper'
++
++require 'puppet/util/anonymous_filelock'
++
++describe Puppet::Util::AnonymousFilelock do
++  require 'puppet_spec/files'
++  include PuppetSpec::Files
++
++  before(:each) do
++    @lockfile = tmpfile("lock")
++    @lock = Puppet::Util::AnonymousFilelock.new(@lockfile)
++  end
++
++  it "should be anonymous" do
++    @lock.should be_anonymous
++  end
++
++  describe "#lock" do
++    it "should return false if already locked" do
++      @lock.stubs(:locked?).returns(true)
++      @lock.lock.should be_false
++    end
++
++    it "should return true if it successfully locked" do
++      @lock.lock.should be_true
++    end
++
++    it "should create a lock file" do
++      @lock.lock
++
++      File.should be_exists(@lockfile)
++    end
++
++    it "should create a lock file containing a message" do
++      @lock.lock("message")
++
++      File.read(@lockfile).should == "message"
++    end
++  end
++
++  describe "#unlock" do
++    it "should return true when unlocking" do
++      @lock.lock
++      @lock.unlock.should be_true
++    end
++
++    it "should return false when not locked" do
++      @lock.unlock.should be_false
++    end
++
++    it "should clear the lock file" do
++      File.open(@lockfile, 'w') { |fd| fd.print("locked") }
++      @lock.unlock
++      File.should_not be_exists(@lockfile)
++    end
++  end
++
++  it "should be locked when locked" do
++    @lock.lock
++    @lock.should be_locked
++  end
++
++  it "should not be locked when not locked" do
++    @lock.should_not be_locked
++  end
++
++  it "should not be locked when unlocked" do
++    @lock.lock
++    @lock.unlock
++    @lock.should_not be_locked
++  end
++
++  it "should return the lock message" do
++    @lock.lock("lock message")
++    @lock.message.should == "lock message"
++  end
++end
 \ No newline at end of file
 === added file '.pc/puppet-12844/spec/unit/util/pidlock_spec.rb'
 --- .pc/puppet-12844/spec/unit/util/pidlock_spec.rb	1970-01-01 00:00:00 +0000
 +++ .pc/puppet-12844/spec/unit/util/pidlock_spec.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,208 @@
++#!/usr/bin/env rspec
++require 'spec_helper'
++
++require 'puppet/util/pidlock'
++
++describe Puppet::Util::Pidlock do
++  require 'puppet_spec/files'
++  include PuppetSpec::Files
++
++  before(:each) do
++    @lockfile = tmpfile("lock")
++    @lock = Puppet::Util::Pidlock.new(@lockfile)
++  end
++
++  it "should not be anonymous" do
++    @lock.should_not be_anonymous
++  end
++
++  describe "#lock" do
++    it "should not be locked at start" do
++      @lock.should_not be_locked
++    end
++
++    it "should not be mine at start" do
++      @lock.should_not be_mine
++    end
++
++    it "should become locked" do
++      @lock.lock
++      @lock.should be_locked
++    end
++
++    it "should become mine" do
++      @lock.lock
++      @lock.should be_mine
++    end
++
++    it "should be possible to lock multiple times" do
++      @lock.lock
++      lambda { @lock.lock }.should_not raise_error
++    end
++
++    it "should return true when locking" do
++      @lock.lock.should be_true
++    end
++
++    it "should return true if locked by me" do
++      @lock.lock
++      @lock.lock.should be_true
++    end
++
++    it "should return false if locked by someone else" do
++      Process.stubs(:kill)
++      File.open(@lockfile, "w") { |fd| fd.print('0') }
++
++      @lock.lock.should be_false
++    end
++
++    it "should create a lock file" do
++      @lock.lock
++      File.should be_exists(@lockfile)
++    end
++
++    it "should create a lock file containing our pid" do
++      @lock.lock
++      File.read(@lockfile).to_i.should == Process.pid.to_i
++    end
++  end
++
++  describe "#unlock" do
++    it "should not be locked anymore" do
++      @lock.lock
++      @lock.unlock
++      @lock.should_not be_locked
++    end
++
++    it "should return false if not locked" do
++      @lock.unlock.should be_false
++    end
++
++    it "should return true if properly unlocked" do
++      @lock.lock
++      @lock.unlock.should be_true
++    end
++
++    it "should get rid of the lock file" do
++      @lock.lock
++      @lock.unlock
++      File.should_not be_exists(@lockfile)
++    end
++
++    it "should not warn if the lockfile was deleted by someone else" do
++      @lock.lock
++      File.unlink(@lockfile)
++
++      Puppet.expects(:err).never # meh
++      @lock.unlock
++    end
++
++    it "should warn if the lockfile can't be deleted" do
++      @lock.lock
++      File.expects(:unlink).with(@lockfile).raises(Errno::EIO)
++      Puppet.expects(:err).with do |argument|
++        argument.should =~ /Input\/output error/
++      end
++      @lock.unlock
++
++      # This is necessary because our cleanup code uses File.unlink
++      File.unstub(:unlink)
++      @lock.unlock
++    end
++  end
++
++  describe "#locked?" do
++    it "should return true if locked" do
++      @lock.lock
++      @lock.should be_locked
++    end
++  end
++
++  describe "with a stale lock" do
++    before(:each) do
++      Process.stubs(:kill).with(0, 6789)
++      Process.stubs(:kill).with(0, 1234).raises(Errno::ESRCH)
++      Process.stubs(:pid).returns(6789)
++      File.open(@lockfile, 'w') { |fd| fd.write("1234") }
++    end
++
++    it "should not be locked" do
++      @lock.should_not be_locked
++    end
++
++    describe "#lock" do
++      it "should clear stale locks" do
++        @lock.locked?
++        File.should_not be_exists(@lockfile)
++      end
++
++      it "should replace with new locks" do
++        @lock.lock
++        File.should be_exists(@lockfile)
++        @lock.lock_pid.should == 6789
++        @lock.should be_mine
++        @lock.should be_locked
++      end
++    end
++
++    describe "#unlock" do
++      it "should not be allowed" do
++        @lock.unlock.should be_false
++      end
++
++      it "should not remove the lock file" do
++        @lock.unlock
++        File.should be_exists(@lockfile)
++      end
++    end
++  end
++
++  describe "with another process lock" do
++    before(:each) do
++      Process.stubs(:kill).with(0, 6789)
++      Process.stubs(:kill).with(0, 1234)
++      Process.stubs(:pid).returns(6789)
++      File.open(@lockfile, 'w') { |fd| fd.write("1234") }
++    end
++
++    it "should be locked" do
++      @lock.should be_locked
++    end
++
++    it "should not be mine" do
++      @lock.should_not be_mine
++    end
++
++    describe "#lock" do
++      it "should not be possible" do
++        @lock.lock.should be_false
++      end
++
++      it "should not overwrite the lock" do
++        @lock.lock
++        @lock.should_not be_mine
++      end
++    end
++
++    describe "#unlock" do
++      it "should not be possible" do
++        @lock.unlock.should be_false
++      end
++
++      it "should not remove the lock file" do
++        @lock.unlock
++        File.should be_exists(@lockfile)
++      end
++
++      it "should still not be our lock" do
++        @lock.unlock
++        @lock.should_not be_mine
++      end
++
++      it "should not warn" do
++        Puppet.expects(:err).never
++        @lock.unlock
++      end
++    end
++  end
++end
 === added directory '.pc/puppet-12844/test'
 === added directory '.pc/puppet-12844/test/util'
 === added file '.pc/puppet-12844/test/util/pidlock.rb'
 === modified file 'debian/changelog'
 --- debian/changelog	2012-02-23 18:24:48 +0000
 +++ debian/changelog	2012-03-16 16:38:20 +0000
@@ -1,3 +1,16 @@
++puppet (2.7.11-1ubuntu1) precise; urgency=low
++
++  * Added patch to solve puppetlabs bug #12844
++    - Reverts behaviour of agent lockfiles
++    - Fixes unit test to readmit old behaviour
++  * debian/puppetmaster-passenger.postinst (LP: #948983)
++    - Fixed rack directory location
++    - Added proper enabling of apache2 headers mod
++  * debian/puppetmaster-passenger.postinst (LP: #950183)
++    - Make sure we error if puppet config print doesn't work
++
++ -- Marc Cluet <marc.cluet@ubuntu.com>  Fri, 16 Mar 2012 15:36:35 +0000
++
  puppet (2.7.11-1) unstable; urgency=high
    * New upstream release
 === added file 'debian/patches/puppet-12844'
 --- debian/patches/puppet-12844	1970-01-01 00:00:00 +0000
 +++ debian/patches/puppet-12844	2012-03-16 16:38:20 +0000
@@ -0,0 +1,979 @@
++Description: Reverts lockfile behaviour to previous model
++ This reverts commit fcac8f7163c99884fc6b75e3851c4a5e16a3ff07, which
++ was a backwards-compatibility workaround intended to handle some new
++ behavior related to puppet agent lockfiles that was introduced in
++ 2.7.10.  The fix is being reverted because we've decided to remove
++ the new lockfile behavior from the 2.7.x series entirely, and push
++ it out to 3.x.
++Author: cprice <chris@puppetlabs.com>
++Origin: upstream
++Bug: http://projects.puppetlabs.com/issues/12844
++Forwarded: not-needed
++Reviewed-By: Marc Cluet <marc.cluet@ubuntu.com>
++
++Index: puppet-new-bzr/lib/puppet/agent.rb
++===================================================================
++--- puppet-new-bzr.orig/lib/puppet/agent.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/lib/puppet/agent.rb	2012-03-16 15:15:47.974498349 +0000
++@@ -8,9 +8,6 @@
++   require 'puppet/agent/locker'
++   include Puppet::Agent::Locker
++
++-  require 'puppet/agent/disabler'
++-  include Puppet::Agent::Disabler
++-
++   attr_reader :client_class, :client, :splayed
++
++   # Just so we can specify that we are "the" instance.
++@@ -35,9 +32,10 @@
++       return
++     end
++     if disabled?
++-      Puppet.notice "Skipping run of #{client_class}; administratively disabled: #{disable_message}"
+++      Puppet.notice "Skipping run of #{client_class}; administratively disabled; use 'puppet #{client_class} --enable' to re-enable."
++       return
++     end
+++
++     result = nil
++     block_run = Puppet::Application.controlled_run do
++       splay
++Index: puppet-new-bzr/lib/puppet/agent/locker.rb
++===================================================================
++--- puppet-new-bzr.orig/lib/puppet/agent/locker.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/lib/puppet/agent/locker.rb	2012-03-16 15:15:47.994506350 +0000
++@@ -3,6 +3,16 @@
++ # Break out the code related to locking the agent.  This module is just
++ # included into the agent, but having it here makes it easier to test.
++ module Puppet::Agent::Locker
+++  # Let the daemon run again, freely in the filesystem.
+++  def enable
+++    lockfile.unlock(:anonymous => true)
+++  end
+++
+++  # Stop the daemon from making any catalog runs.
+++  def disable
+++    lockfile.lock(:anonymous => true)
+++  end
+++
++   # Yield if we get a lock, else do nothing.  Return
++   # true/false depending on whether we get the lock.
++   def lock
++@@ -25,6 +35,10 @@
++   end
++
++   def running?
++-    lockfile.locked?
+++    lockfile.locked? and !lockfile.anonymous?
+++  end
+++
+++  def disabled?
+++    lockfile.locked? and lockfile.anonymous?
++   end
++ end
++Index: puppet-new-bzr/lib/puppet/application/agent.rb
++===================================================================
++--- puppet-new-bzr.orig/lib/puppet/application/agent.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/lib/puppet/application/agent.rb	2012-03-16 15:15:47.998507951 +0000
++@@ -39,12 +39,7 @@
++   end
++
++   option("--centrallogging")
++-
++-  option("--disable [MESSAGE]") do |message|
++-    options[:disable] = true
++-    options[:disable_message] = message
++-  end
++-
+++  option("--disable")
++   option("--enable")
++   option("--debug","-d")
++   option("--fqdn FQDN","-f")
++@@ -106,7 +101,7 @@
++ USAGE
++ -----
++ puppet agent [--certname <name>] [-D|--daemonize|--no-daemonize]
++-  [-d|--debug] [--detailed-exitcodes] [--digest <digest>] [--disable [message]] [--enable]
+++  [-d|--debug] [--detailed-exitcodes] [--digest <digest>] [--disable] [--enable]
++   [--fingerprint] [-h|--help] [-l|--logdest syslog|<file>|console]
++   [--no-client] [--noop] [-o|--onetime] [--serve <handler>] [-t|--test]
++   [-v|--verbose] [-V|--version] [-w|--waitforcert <seconds>]
++@@ -210,9 +205,6 @@
++   not want the central configuration to override the local state until
++   everything is tested and committed.
++
++-  Disable can also take an optional message that will be reported by the
++-  'puppet agent' at the next disabled run.
++-
++   'puppet agent' uses the same lock file while it is running, so no more
++   than one 'puppet agent' process is working at a time.
++
++@@ -394,7 +386,7 @@
++     if options[:enable]
++       agent.enable
++     elsif options[:disable]
++-      agent.disable(options[:disable_message] || 'reason not specified')
+++      agent.disable
++     end
++     exit(0)
++   end
++Index: puppet-new-bzr/lib/puppet/util/anonymous_filelock.rb
++===================================================================
++--- puppet-new-bzr.orig/lib/puppet/util/anonymous_filelock.rb	2012-03-16 15:14:51.672976000 +0000
+++++ /dev/null	1970-01-01 00:00:00.000000000 +0000
++@@ -1,36 +0,0 @@
++-
++-class Puppet::Util::AnonymousFilelock
++-  attr_reader :lockfile
++-
++-  def initialize(lockfile)
++-    @lockfile = lockfile
++-  end
++-
++-  def anonymous?
++-    true
++-  end
++-
++-  def lock(msg = '')
++-    return false if locked?
++-
++-    File.open(@lockfile, 'w') { |fd| fd.print(msg) }
++-    true
++-  end
++-
++-  def unlock
++-    if locked?
++-      File.unlink(@lockfile)
++-      true
++-    else
++-      false
++-    end
++-  end
++-
++-  def locked?
++-    File.exists? @lockfile
++-  end
++-
++-  def message
++-    return File.read(@lockfile) if locked?
++-  end
++-end
++\ No newline at end of file
++Index: puppet-new-bzr/lib/puppet/util/pidlock.rb
++===================================================================
++--- puppet-new-bzr.orig/lib/puppet/util/pidlock.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/lib/puppet/util/pidlock.rb	2012-03-16 15:15:47.998507951 +0000
++@@ -1,10 +1,20 @@
++ require 'fileutils'
++-require 'puppet/util/anonymous_filelock'
++
++-class Puppet::Util::Pidlock < Puppet::Util::AnonymousFilelock
+++class Puppet::Util::Pidlock
+++  attr_reader :lockfile
+++
+++  def initialize(lockfile)
+++    @lockfile = lockfile
+++  end
++
++   def locked?
++     clear_if_stale
+++    return true if File.exists? @lockfile
+++
+++    # HACK!  There was a temporary change to the lockfile behavior introduced in 2.7.10 and 2.7.11, and reverted
+++    # in 2.7.12.  We need to pull some chicanery to be backwards-compatible with those versions.  For more info,
+++    # see the comments on the method... and this hack should be removed for the 3.x series.
+++    handle_2_7_10_disabled_lockfile
++     File.exists? @lockfile
++   end
++
++@@ -13,36 +23,39 @@
++   end
++
++   def anonymous?
++-    false
+++    return false unless File.exists?(@lockfile)
+++    File.read(@lockfile) == ""
++   end
++
++-  def lock
++-    return mine? if locked?
+++  def lock(opts = {})
+++    opts = {:anonymous => false}.merge(opts)
++
++-    File.open(@lockfile, "w") { |fd| fd.write(Process.pid) }
++-    true
+++    if locked?
+++      mine?
+++    else
+++      if opts[:anonymous]
+++        File.open(@lockfile, 'w') { |fd| true }
+++      else
+++        File.open(@lockfile, "w") { |fd| fd.write(Process.pid) }
+++      end
+++      true
+++    end
++   end
++
++   def unlock(opts = {})
++-    if mine?
++-      begin
++-        File.unlink(@lockfile)
++-      rescue Errno::ENOENT
++-        # Someone deleted it for us ...and so we do nothing.  No point whining
++-        # about a problem that the user can't actually do anything about.
++-      rescue SystemCallError => e
++-        # This one is a real failure though.  No idea what went wrong, but it
++-        # is most likely "read only file(system)" or wrong permissions or
++-        # something like that.
++-        Puppet.err "Could not remove PID file #{@lockfile}: #{e}"
++-        puts e.backtrace if Puppet[:trace]
++-      end
+++    return false unless locked?
+++
+++    opts = {:anonymous => false}.merge(opts)
+++
+++    if mine? or (opts[:anonymous] and anonymous?)
+++      File.unlink(@lockfile)
++       true
++     else
++       false
++     end
++   end
++
+++  private
++   def lock_pid
++     if File.exists? @lockfile
++       File.read(@lockfile).to_i
++@@ -51,7 +64,6 @@
++     end
++   end
++
++-  private
++   def clear_if_stale
++     return if lock_pid.nil?
++
++@@ -65,4 +77,41 @@
++       File.unlink(@lockfile)
++     end
++   end
+++
+++
+++  ######################################################################################
+++  # Backwards compatibility hack
+++  ######################################################################################
+++  # A change to lockfile behavior was introduced in 2.7.10 and 2.7.11; basically,
+++  # instead of using a single lockfile to indicate both administrative disabling of
+++  # the agent *and* the case where an agent run is already in progress, we started using
+++  # two separate lockfiles: the 'normal' one for the "run in progress" case, and a
+++  # separate one with a ".disabled" extension to indicate administrative disabling.
+++  #
+++  # This was determined to cause incompatibilities with mcollective, so the behavior
+++  # was reverted for 2.7.12.  Unfortunately this leaves the possibility that someone
+++  # may have run "agent --disable" to administratively disable a 2.7.10 or 2.7.11
+++  # agent, and then upgraded to a newer version.  This method exists only to
+++  # provide backwards compatibility.  Basically, it just recognizes the 2.7.10/2.7.11
+++  # ".disabled" lock file, warns, and cleans it up.
+++  #
+++  # This should be removed for the 3.x series.
+++  #
+++  # For more information, please see tickets #12844, #3757, #4836, and #11057
+++  #
+++  # -- cprice 2012-03-01
+++  #
+++  def handle_2_7_10_disabled_lockfile
+++    disabled_lockfile_path = @lockfile + ".disabled"
+++    if (File.exists?(disabled_lockfile_path))
+++      Puppet.warning("Found special lockfile '#{disabled_lockfile_path}'; this file was " +
+++          "generated by a call to 'puppet agent --disable' in puppet 2.7.10 or 2.7.11. " +
+++          "The expected lockfile path is '#{@lockfile}'; renaming the lock file.")
+++      File.rename(disabled_lockfile_path, @lockfile)
+++    end
+++  end
+++  private :handle_2_7_10_disabled_lockfile
+++  ######################################################################################
+++  # End backwards compatibility hack
+++  ######################################################################################
++ end
++Index: puppet-new-bzr/spec/unit/agent/locker_spec.rb
++===================================================================
++--- puppet-new-bzr.orig/spec/unit/agent/locker_spec.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/spec/unit/agent/locker_spec.rb	2012-03-16 15:15:47.998507951 +0000
++@@ -29,6 +29,18 @@
++     @locker.lockfile.should equal(@locker.lockfile)
++   end
++
+++  it "should use the lock file to anonymously lock the process when disabled" do
+++    @locker.lockfile.expects(:lock).with(:anonymous => true)
+++
+++    @locker.disable
+++  end
+++
+++  it "should use the lock file to anonymously unlock the process when enabled" do
+++    @locker.lockfile.expects(:unlock).with(:anonymous => true)
+++
+++    @locker.enable
+++  end
+++
++   it "should have a method that yields when a lock is attained" do
++     @locker.lockfile.expects(:lock).returns true
++
++Index: puppet-new-bzr/spec/unit/agent_backward_compatibility_spec.rb
++===================================================================
++--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++++ puppet-new-bzr/spec/unit/agent_backward_compatibility_spec.rb	2012-03-16 15:15:48.002509551 +0000
++@@ -0,0 +1,152 @@
+++#!/usr/bin/env rspec
+++require 'spec_helper'
+++require 'puppet/agent'
+++
+++
+++############################################################################
+++#                                  NOTE                                    #
+++############################################################################
+++#                                                                          #
+++# This entire spec is only here for backwards compatibility from 2.7.12+   #
+++# with 2.7.10 and 2.7.11. The entire file should be able to be removed     #
+++# for the 3.x series.                                                      #
+++#                                                                          #
+++# For more info, see the comments on the #handle_2_7_10_disabled_lockfile  #
+++# method in pidlock.rb                                                     #
+++#                                                                          #
+++# --cprice 2012-03-01                                                      #
+++############################################################################
+++
+++class AgentTestClient
+++  def run
+++    # no-op
+++  end
+++  def stop
+++    # no-op
+++  end
+++end
+++
+++describe Puppet::Agent do
+++  include PuppetSpec::Files
+++
+++  let(:agent) { Puppet::Agent.new(AgentTestClient) }
+++
+++  describe "in order to be backwards-compatibility with versions 2.7.10 and 2.7.11" do
+++
+++    describe "when the 2.7.10/2.7.11 'disabled' lockfile exists" do
+++
+++      # the "normal" lockfile
+++      let(:lockfile_path) { tmpfile("agent_spec_lockfile") }
+++
+++      # the 2.7.10/2.7.11 "disabled" lockfile
+++      # (can't use PuppetSpec::Files.tmpfile here because we need the ".disabled" file to have *exactly* the same
+++      #   path/name as the original file, plus the ".disabled" suffix.)
+++      let(:disabled_lockfile_path) { lockfile_path + ".disabled" }
+++
+++      # some regexes to match log messages
+++      let(:warning_regex) { /^Found special lockfile '#{disabled_lockfile_path}'.*renaming/ }
+++      let(:disabled_regex) { /^Skipping run of .*; administratively disabled/ }
+++
+++      before(:each) do
+++        # create the 2.7.10 "disable" lockfile.
+++        FileUtils.touch(disabled_lockfile_path)
+++
+++        # stub in our temp lockfile path.
+++        AgentTestClient.expects(:lockfile_path).returns lockfile_path
+++      end
+++
+++      after(:each) do
+++        # manually clean up the files that we didn't create via PuppetSpec::Files.tmpfile
+++        begin
+++          File.unlink(disabled_lockfile_path)
+++        rescue Errno::ENOENT
+++          # some of the tests expect for the agent code to take care of deleting this file,
+++          # so it may (validly) not exist.
+++        end
+++      end
+++
+++      describe "when the 'regular' lockfile also exists" do
+++        # the logic here is that if a 'regular' lockfile already exists, then there is some state that the
+++        # current version of puppet is responsible for dealing with.  All of the tests in this block are
+++        # simply here to make sure that our backwards-compatibility hack does *not* interfere with this.
+++        #
+++        # Even if the ".disabled" lockfile exists--it can be dealt with at another time, when puppet is
+++        # in *exactly* the state that we want it to be in (mostly meaning that the 'regular' lockfile
+++        # does not exist.)
+++
+++        before(:each) do
+++          # create the "regular" lockfile
+++          FileUtils.touch(lockfile_path)
+++        end
+++
+++        it "should be recognized as 'disabled'" do
+++          agent.should be_disabled
+++        end
+++
+++        it "should not try to start a new agent run" do
+++          AgentTestClient.expects(:new).never
+++          Puppet.expects(:notice).with(regexp_matches(disabled_regex))
+++
+++          agent.run
+++        end
+++
+++        it "should not delete the 2.7.10/2.7.11 lockfile" do
+++          agent.run
+++
+++          File.exists?(disabled_lockfile_path).should == true
+++        end
+++
+++        it "should not print the warning message" do
+++          Puppet.expects(:warning).with(regexp_matches(warning_regex)).never
+++
+++          agent.run
+++        end
+++      end
+++
+++      describe "when the 'regular' lockfile does not exist" do
+++        # this block of tests is for actually testing the backwards compatibility hack.  This
+++        # is where we're in a clean state and we know it's safe(r) to muck with the lockfile
+++        # situation.
+++
+++        it "should recognize that the agent is disabled" do
+++          agent.should be_disabled
+++        end
+++
+++        describe "when an agent run is requested" do
+++          it "should not try to start a new agent run" do
+++            AgentTestClient.expects(:new).never
+++            Puppet.expects(:notice).with(regexp_matches(disabled_regex))
+++
+++            agent.run
+++          end
+++
+++          it "should warn, remove the 2.7.10/2.7.11 lockfile, and create the 'normal' lockfile" do
+++            Puppet.expects(:warning).with(regexp_matches(warning_regex))
+++
+++            agent.run
+++
+++            File.exists?(disabled_lockfile_path).should == false
+++            File.exists?(lockfile_path).should == true
+++          end
+++        end
+++
+++        describe "when running --enable" do
+++          it "should recognize that the agent is disabled" do
+++            agent.should be_disabled
+++          end
+++
+++          it "should warn and clean up the 2.7.10/2.7.11 lockfile" do
+++            Puppet.expects(:warning).with(regexp_matches(warning_regex))
+++
+++            agent.enable
+++
+++            File.exists?(disabled_lockfile_path).should == false
+++            File.exists?(lockfile_path).should == false
+++          end
+++        end
+++      end
+++    end
+++  end
+++
+++
+++end
++Index: puppet-new-bzr/spec/unit/agent_spec.rb
++===================================================================
++--- puppet-new-bzr.orig/spec/unit/agent_spec.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/spec/unit/agent_spec.rb	2012-03-16 15:15:48.002509551 +0000
++@@ -94,12 +94,6 @@
++       @agent.run
++     end
++
++-    it "should do nothing if disabled" do
++-      @agent.expects(:disabled?).returns(true)
++-      AgentTestClient.expects(:new).never
++-      @agent.run
++-    end
++-
++     it "should use Puppet::Application.controlled_run to manage process state behavior" do
++       calls = sequence('calls')
++       Puppet::Application.expects(:controlled_run).yields.in_sequence(calls)
++Index: puppet-new-bzr/spec/unit/application/agent_spec.rb
++===================================================================
++--- puppet-new-bzr.orig/spec/unit/application/agent_spec.rb	2012-03-16 15:14:51.672976000 +0000
+++++ puppet-new-bzr/spec/unit/application/agent_spec.rb	2012-03-16 15:15:48.002509551 +0000
++@@ -91,7 +91,7 @@
++       @puppetd.command_line.stubs(:args).returns([])
++     end
++
++-    [:centrallogging, :enable, :debug, :fqdn, :test, :verbose, :digest].each do |option|
+++    [:centrallogging, :disable, :enable, :debug, :fqdn, :test, :verbose, :digest].each do |option|
++       it "should declare handle_#{option} method" do
++         @puppetd.should respond_to("handle_#{option}".to_sym)
++       end
++@@ -102,24 +102,6 @@
++       end
++     end
++
++-    describe "when handling --disable" do
++-      it "should declare handle_disable method" do
++-        @puppetd.should respond_to(:handle_disable)
++-      end
++-
++-      it "should set disable to true" do
++-        @puppetd.options.stubs(:[]=)
++-        @puppetd.options.expects(:[]=).with(:disable, true)
++-        @puppetd.handle_disable('')
++-      end
++-
++-      it "should store disable message" do
++-        @puppetd.options.stubs(:[]=)
++-        @puppetd.options.expects(:[]=).with(:disable_message, "message")
++-        @puppetd.handle_disable('message')
++-      end
++-    end
++-
++     it "should set an existing handler on server" do
++       Puppet::Network::Handler.stubs(:handler).with("handler").returns(true)
++
++@@ -367,20 +349,6 @@
++         end
++       end
++
++-      it "should pass the disable message when disabling" do
++-        @puppetd.options.stubs(:[]).with(:disable).returns(true)
++-        @puppetd.options.stubs(:[]).with(:disable_message).returns("message")
++-        @agent.expects(:disable).with("message")
++-        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++-      end
++-
++-      it "should pass the default disable message when disabling without a message" do
++-        @puppetd.options.stubs(:[]).with(:disable).returns(true)
++-        @puppetd.options.stubs(:[]).with(:disable_message).returns(nil)
++-        @agent.expects(:disable).with("reason not specified")
++-        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++-      end
++-
++       it "should finally exit" do
++         expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
++       end
++Index: puppet-new-bzr/spec/unit/util/anonymous_filelock_spec.rb
++===================================================================
++--- puppet-new-bzr.orig/spec/unit/util/anonymous_filelock_spec.rb	2012-03-16 15:14:51.672976000 +0000
+++++ /dev/null	1970-01-01 00:00:00.000000000 +0000
++@@ -1,78 +0,0 @@
++-#!/usr/bin/env rspec
++-require 'spec_helper'
++-
++-require 'puppet/util/anonymous_filelock'
++-
++-describe Puppet::Util::AnonymousFilelock do
++-  require 'puppet_spec/files'
++-  include PuppetSpec::Files
++-
++-  before(:each) do
++-    @lockfile = tmpfile("lock")
++-    @lock = Puppet::Util::AnonymousFilelock.new(@lockfile)
++-  end
++-
++-  it "should be anonymous" do
++-    @lock.should be_anonymous
++-  end
++-
++-  describe "#lock" do
++-    it "should return false if already locked" do
++-      @lock.stubs(:locked?).returns(true)
++-      @lock.lock.should be_false
++-    end
++-
++-    it "should return true if it successfully locked" do
++-      @lock.lock.should be_true
++-    end
++-
++-    it "should create a lock file" do
++-      @lock.lock
++-
++-      File.should be_exists(@lockfile)
++-    end
++-
++-    it "should create a lock file containing a message" do
++-      @lock.lock("message")
++-
++-      File.read(@lockfile).should == "message"
++-    end
++-  end
++-
++-  describe "#unlock" do
++-    it "should return true when unlocking" do
++-      @lock.lock
++-      @lock.unlock.should be_true
++-    end
++-
++-    it "should return false when not locked" do
++-      @lock.unlock.should be_false
++-    end
++-
++-    it "should clear the lock file" do
++-      File.open(@lockfile, 'w') { |fd| fd.print("locked") }
++-      @lock.unlock
++-      File.should_not be_exists(@lockfile)
++-    end
++-  end
++-
++-  it "should be locked when locked" do
++-    @lock.lock
++-    @lock.should be_locked
++-  end
++-
++-  it "should not be locked when not locked" do
++-    @lock.should_not be_locked
++-  end
++-
++-  it "should not be locked when unlocked" do
++-    @lock.lock
++-    @lock.unlock
++-    @lock.should_not be_locked
++-  end
++-
++-  it "should return the lock message" do
++-    @lock.lock("lock message")
++-    @lock.message.should == "lock message"
++-  end
++-end
++\ No newline at end of file
++Index: puppet-new-bzr/spec/unit/util/pidlock_spec.rb
++===================================================================
++--- puppet-new-bzr.orig/spec/unit/util/pidlock_spec.rb	2012-03-16 15:14:51.672976000 +0000
+++++ /dev/null	1970-01-01 00:00:00.000000000 +0000
++@@ -1,208 +0,0 @@
++-#!/usr/bin/env rspec
++-require 'spec_helper'
++-
++-require 'puppet/util/pidlock'
++-
++-describe Puppet::Util::Pidlock do
++-  require 'puppet_spec/files'
++-  include PuppetSpec::Files
++-
++-  before(:each) do
++-    @lockfile = tmpfile("lock")
++-    @lock = Puppet::Util::Pidlock.new(@lockfile)
++-  end
++-
++-  it "should not be anonymous" do
++-    @lock.should_not be_anonymous
++-  end
++-
++-  describe "#lock" do
++-    it "should not be locked at start" do
++-      @lock.should_not be_locked
++-    end
++-
++-    it "should not be mine at start" do
++-      @lock.should_not be_mine
++-    end
++-
++-    it "should become locked" do
++-      @lock.lock
++-      @lock.should be_locked
++-    end
++-
++-    it "should become mine" do
++-      @lock.lock
++-      @lock.should be_mine
++-    end
++-
++-    it "should be possible to lock multiple times" do
++-      @lock.lock
++-      lambda { @lock.lock }.should_not raise_error
++-    end
++-
++-    it "should return true when locking" do
++-      @lock.lock.should be_true
++-    end
++-
++-    it "should return true if locked by me" do
++-      @lock.lock
++-      @lock.lock.should be_true
++-    end
++-
++-    it "should return false if locked by someone else" do
++-      Process.stubs(:kill)
++-      File.open(@lockfile, "w") { |fd| fd.print('0') }
++-
++-      @lock.lock.should be_false
++-    end
++-
++-    it "should create a lock file" do
++-      @lock.lock
++-      File.should be_exists(@lockfile)
++-    end
++-
++-    it "should create a lock file containing our pid" do
++-      @lock.lock
++-      File.read(@lockfile).to_i.should == Process.pid.to_i
++-    end
++-  end
++-
++-  describe "#unlock" do
++-    it "should not be locked anymore" do
++-      @lock.lock
++-      @lock.unlock
++-      @lock.should_not be_locked
++-    end
++-
++-    it "should return false if not locked" do
++-      @lock.unlock.should be_false
++-    end
++-
++-    it "should return true if properly unlocked" do
++-      @lock.lock
++-      @lock.unlock.should be_true
++-    end
++-
++-    it "should get rid of the lock file" do
++-      @lock.lock
++-      @lock.unlock
++-      File.should_not be_exists(@lockfile)
++-    end
++-
++-    it "should not warn if the lockfile was deleted by someone else" do
++-      @lock.lock
++-      File.unlink(@lockfile)
++-
++-      Puppet.expects(:err).never # meh
++-      @lock.unlock
++-    end
++-
++-    it "should warn if the lockfile can't be deleted" do
++-      @lock.lock
++-      File.expects(:unlink).with(@lockfile).raises(Errno::EIO)
++-      Puppet.expects(:err).with do |argument|
++-        argument.should =~ /Input\/output error/
++-      end
++-      @lock.unlock
++-
++-      # This is necessary because our cleanup code uses File.unlink
++-      File.unstub(:unlink)
++-      @lock.unlock
++-    end
++-  end
++-
++-  describe "#locked?" do
++-    it "should return true if locked" do
++-      @lock.lock
++-      @lock.should be_locked
++-    end
++-  end
++-
++-  describe "with a stale lock" do
++-    before(:each) do
++-      Process.stubs(:kill).with(0, 6789)
++-      Process.stubs(:kill).with(0, 1234).raises(Errno::ESRCH)
++-      Process.stubs(:pid).returns(6789)
++-      File.open(@lockfile, 'w') { |fd| fd.write("1234") }
++-    end
++-
++-    it "should not be locked" do
++-      @lock.should_not be_locked
++-    end
++-
++-    describe "#lock" do
++-      it "should clear stale locks" do
++-        @lock.locked?
++-        File.should_not be_exists(@lockfile)
++-      end
++-
++-      it "should replace with new locks" do
++-        @lock.lock
++-        File.should be_exists(@lockfile)
++-        @lock.lock_pid.should == 6789
++-        @lock.should be_mine
++-        @lock.should be_locked
++-      end
++-    end
++-
++-    describe "#unlock" do
++-      it "should not be allowed" do
++-        @lock.unlock.should be_false
++-      end
++-
++-      it "should not remove the lock file" do
++-        @lock.unlock
++-        File.should be_exists(@lockfile)
++-      end
++-    end
++-  end
++-
++-  describe "with another process lock" do
++-    before(:each) do
++-      Process.stubs(:kill).with(0, 6789)
++-      Process.stubs(:kill).with(0, 1234)
++-      Process.stubs(:pid).returns(6789)
++-      File.open(@lockfile, 'w') { |fd| fd.write("1234") }
++-    end
++-
++-    it "should be locked" do
++-      @lock.should be_locked
++-    end
++-
++-    it "should not be mine" do
++-      @lock.should_not be_mine
++-    end
++-
++-    describe "#lock" do
++-      it "should not be possible" do
++-        @lock.lock.should be_false
++-      end
++-
++-      it "should not overwrite the lock" do
++-        @lock.lock
++-        @lock.should_not be_mine
++-      end
++-    end
++-
++-    describe "#unlock" do
++-      it "should not be possible" do
++-        @lock.unlock.should be_false
++-      end
++-
++-      it "should not remove the lock file" do
++-        @lock.unlock
++-        File.should be_exists(@lockfile)
++-      end
++-
++-      it "should still not be our lock" do
++-        @lock.unlock
++-        @lock.should_not be_mine
++-      end
++-
++-      it "should not warn" do
++-        Puppet.expects(:err).never
++-        @lock.unlock
++-      end
++-    end
++-  end
++-end
++Index: puppet-new-bzr/test/util/pidlock.rb
++===================================================================
++--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++++ puppet-new-bzr/test/util/pidlock.rb	2012-03-16 15:15:48.002509551 +0000
++@@ -0,0 +1,126 @@
+++require File.expand_path(File.dirname(__FILE__) + '/../lib/puppettest')
+++
+++require 'puppet/util/pidlock'
+++require 'fileutils'
+++
+++# This is *fucked* *up*
+++Puppet.debug = false
+++
+++class TestPuppetUtilPidlock < Test::Unit::TestCase
+++  include PuppetTest
+++
+++  def setup
+++    super
+++    @workdir = tstdir
+++  end
+++
+++  def teardown
+++    super
+++    FileUtils.rm_rf(@workdir)
+++  end
+++
+++  def test_00_basic_create
+++    l = nil
+++    assert_nothing_raised { l = Puppet::Util::Pidlock.new(@workdir + '/nothingmuch') }
+++
+++    assert_equal Puppet::Util::Pidlock, l.class
+++
+++    assert_equal @workdir + '/nothingmuch', l.lockfile
+++  end
+++
+++  def test_10_uncontended_lock
+++    l = Puppet::Util::Pidlock.new(@workdir + '/test_lock')
+++
+++    assert !l.locked?
+++    assert !l.mine?
+++    assert l.lock
+++    assert l.locked?
+++    assert l.mine?
+++    assert !l.anonymous?
+++    # It's OK to call lock multiple times
+++    assert l.lock
+++    assert l.unlock
+++    assert !l.locked?
+++    assert !l.mine?
+++  end
+++
+++  def test_20_someone_elses_lock
+++    childpid = nil
+++    l = Puppet::Util::Pidlock.new(@workdir + '/someone_elses_lock')
+++
+++    # First, we need a PID that's guaranteed to be (a) used, (b) someone
+++    # else's, and (c) around for the life of this test.
+++    childpid = fork { loop do; sleep 10; end }
+++
+++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
+++
+++    assert l.locked?
+++    assert !l.mine?
+++    assert !l.lock
+++    assert l.locked?
+++    assert !l.mine?
+++    assert !l.unlock
+++    assert l.locked?
+++    assert !l.mine?
+++  ensure
+++    Process.kill("KILL", childpid) unless childpid.nil?
+++  end
+++
+++  def test_30_stale_lock
+++    # This is a bit hard to guarantee, but we need a PID that is definitely
+++    # unused, and will stay so for the the life of this test.  Our best
+++    # bet is to create a process, get it's PID, let it die, and *then*
+++    # lock on it.
+++    childpid = fork { exit }
+++
+++    # Now we can't continue until we're sure that the PID is dead
+++    Process.wait(childpid)
+++
+++    l = Puppet::Util::Pidlock.new(@workdir + '/stale_lock')
+++
+++    # locked? should clear the lockfile
+++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
+++    assert File.exists?(l.lockfile)
+++    assert !l.locked?
+++    assert !File.exists?(l.lockfile)
+++
+++    # lock should replace the lockfile with our own
+++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
+++    assert File.exists?(l.lockfile)
+++    assert l.lock
+++    assert l.locked?
+++    assert l.mine?
+++
+++    # unlock should fail, and should *not* molest the existing lockfile,
+++    # despite it being stale
+++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
+++    assert File.exists?(l.lockfile)
+++    assert !l.unlock
+++    assert File.exists?(l.lockfile)
+++  end
+++
+++  def test_40_not_locked_at_all
+++    l = Puppet::Util::Pidlock.new(@workdir + '/not_locked')
+++
+++    assert !l.locked?
+++    # We can't unlock if we don't hold the lock
+++    assert !l.unlock
+++  end
+++
+++  def test_50_anonymous_lock
+++    l = Puppet::Util::Pidlock.new(@workdir + '/anonymous_lock')
+++
+++    assert !l.locked?
+++    assert l.lock(:anonymous => true)
+++    assert l.locked?
+++    assert l.anonymous?
+++    assert !l.mine?
+++    assert "", File.read(l.lockfile)
+++    assert !l.unlock
+++    assert l.locked?
+++    assert l.anonymous?
+++    assert l.unlock(:anonymous => true)
+++    assert !File.exists?(l.lockfile)
+++  end
+++end
+++
 === modified file 'debian/patches/series'
 --- debian/patches/series	2012-01-26 11:27:00 +0000
 +++ debian/patches/series	2012-03-16 16:38:20 +0000
@@ -1,2 +1,3 @@
  fix_logcheck
  debian-changes
++puppet-12844
 === modified file 'debian/puppetmaster-passenger.postinst'
 --- debian/puppetmaster-passenger.postinst	2011-10-22 14:08:22 +0000
 +++ debian/puppetmaster-passenger.postinst	2012-03-16 16:38:20 +0000
@@ -20,6 +20,11 @@
  	if [ ! -e "$(puppet config print hostcert)" ]; then
  	    puppet cert generate $(puppet config print certname)
  	fi
++	# Check that puppet config print works properly
++	if [ $(puppet config print 2>&1 | grep "Could not parse" | wc -l) != "0" ]; then
++		echo "Puppet config print not working properly, exiting"
++		exit 1
++	fi
          # Setup apache2 configuration files
          APACHE2_SITE_FILE="/etc/apache2/sites-available/puppetmaster"
          if  [ ! -e "${APACHE2_SITE_FILE}" ]; then
@@ -30,8 +35,10 @@
              sed -r -i "s|(SSLCACertificateFile\s+).+$|\1$(puppet config print localcacert)|" "${APACHE2_SITE_FILE}"
              sed -r -i "s|(SSLCertificateChainFile\s+).+$|\1$(puppet config print localcacert)|" "${APACHE2_SITE_FILE}"
              sed -r -i "s|(SSLCARevocationFile\s+).+$|\1$(puppet config print cacrl)|" "${APACHE2_SITE_FILE}"
++            sed -r -i "s|/etc/puppet/rack|/usr/share/puppet/rack/puppetmasterd|" "${APACHE2_SITE_FILE}"
          fi
          a2enmod ssl
++	a2enmod headers
          a2ensite puppetmaster
          if [ -x "/etc/init.d/apache2" ]; then
              # Seems that a restart is needed. reload breaks ssl apparently.
 === modified file 'lib/puppet/agent.rb'
 --- lib/puppet/agent.rb	2012-01-26 11:27:00 +0000
 +++ lib/puppet/agent.rb	2012-03-16 16:38:20 +0000
@@ -8,9 +8,6 @@
    require 'puppet/agent/locker'
    include Puppet::Agent::Locker
--  require 'puppet/agent/disabler'
--  include Puppet::Agent::Disabler
--
    attr_reader :client_class, :client, :splayed
    # Just so we can specify that we are "the" instance.
@@ -35,9 +32,10 @@
        return
      end
      if disabled?
--      Puppet.notice "Skipping run of #{client_class}; administratively disabled: #{disable_message}"
++      Puppet.notice "Skipping run of #{client_class}; administratively disabled; use 'puppet #{client_class} --enable' to re-enable."
        return
      end
++
      result = nil
      block_run = Puppet::Application.controlled_run do
        splay
 === modified file 'lib/puppet/agent/locker.rb'
 --- lib/puppet/agent/locker.rb	2012-01-26 11:27:00 +0000
 +++ lib/puppet/agent/locker.rb	2012-03-16 16:38:20 +0000
@@ -3,6 +3,16 @@
  # Break out the code related to locking the agent.  This module is just
  # included into the agent, but having it here makes it easier to test.
  module Puppet::Agent::Locker
++  # Let the daemon run again, freely in the filesystem.
++  def enable
++    lockfile.unlock(:anonymous => true)
++  end
++
++  # Stop the daemon from making any catalog runs.
++  def disable
++    lockfile.lock(:anonymous => true)
++  end
++
    # Yield if we get a lock, else do nothing.  Return
    # true/false depending on whether we get the lock.
    def lock
@@ -25,6 +35,10 @@
    end
    def running?
--    lockfile.locked?
++    lockfile.locked? and !lockfile.anonymous?
++  end
++
++  def disabled?
++    lockfile.locked? and lockfile.anonymous?
    end
  end
 === modified file 'lib/puppet/application/agent.rb'
 --- lib/puppet/application/agent.rb	2012-01-26 11:27:00 +0000
 +++ lib/puppet/application/agent.rb	2012-03-16 16:38:20 +0000
@@ -39,12 +39,7 @@
    end
    option("--centrallogging")
--
--  option("--disable [MESSAGE]") do |message|
--    options[:disable] = true
--    options[:disable_message] = message
--  end
--
++  option("--disable")
    option("--enable")
    option("--debug","-d")
    option("--fqdn FQDN","-f")
@@ -106,7 +101,7 @@
  USAGE
  -----
  puppet agent [--certname <name>] [-D|--daemonize|--no-daemonize]
--  [-d|--debug] [--detailed-exitcodes] [--digest <digest>] [--disable [message]] [--enable]
++  [-d|--debug] [--detailed-exitcodes] [--digest <digest>] [--disable] [--enable]
    [--fingerprint] [-h|--help] [-l|--logdest syslog|<file>|console]
    [--no-client] [--noop] [-o|--onetime] [--serve <handler>] [-t|--test]
    [-v|--verbose] [-V|--version] [-w|--waitforcert <seconds>]
@@ -210,9 +205,6 @@
    not want the central configuration to override the local state until
    everything is tested and committed.
--  Disable can also take an optional message that will be reported by the
--  'puppet agent' at the next disabled run.
--
    'puppet agent' uses the same lock file while it is running, so no more
    than one 'puppet agent' process is working at a time.
@@ -394,7 +386,7 @@
      if options[:enable]
        agent.enable
      elsif options[:disable]
--      agent.disable(options[:disable_message] || 'reason not specified')
++      agent.disable
      end
      exit(0)
    end
 === removed file 'lib/puppet/util/anonymous_filelock.rb'
 --- lib/puppet/util/anonymous_filelock.rb	2012-01-26 11:27:00 +0000
 +++ lib/puppet/util/anonymous_filelock.rb	1970-01-01 00:00:00 +0000
@@ -1,36 +0,0 @@
--
--class Puppet::Util::AnonymousFilelock
--  attr_reader :lockfile
--
--  def initialize(lockfile)
--    @lockfile = lockfile
--  end
--
--  def anonymous?
--    true
--  end
--
--  def lock(msg = '')
--    return false if locked?
--
--    File.open(@lockfile, 'w') { |fd| fd.print(msg) }
--    true
--  end
--
--  def unlock
--    if locked?
--      File.unlink(@lockfile)
--      true
--    else
--      false
--    end
--  end
--
--  def locked?
--    File.exists? @lockfile
--  end
--
--  def message
--    return File.read(@lockfile) if locked?
--  end
--end
 \ No newline at end of file
 === modified file 'lib/puppet/util/pidlock.rb'
 --- lib/puppet/util/pidlock.rb	2012-02-23 18:24:48 +0000
 +++ lib/puppet/util/pidlock.rb	2012-03-16 16:38:20 +0000
@@ -1,10 +1,20 @@
  require 'fileutils'
--require 'puppet/util/anonymous_filelock'
--
--class Puppet::Util::Pidlock < Puppet::Util::AnonymousFilelock
++
++class Puppet::Util::Pidlock
++  attr_reader :lockfile
++
++  def initialize(lockfile)
++    @lockfile = lockfile
++  end
    def locked?
      clear_if_stale
++    return true if File.exists? @lockfile
++
++    # HACK!  There was a temporary change to the lockfile behavior introduced in 2.7.10 and 2.7.11, and reverted
++    # in 2.7.12.  We need to pull some chicanery to be backwards-compatible with those versions.  For more info,
++    # see the comments on the method... and this hack should be removed for the 3.x series.
++    handle_2_7_10_disabled_lockfile
      File.exists? @lockfile
    end
@@ -13,36 +23,39 @@
    end
    def anonymous?
--    false
++    return false unless File.exists?(@lockfile)
++    File.read(@lockfile) == ""
    end
--  def lock
--    return mine? if locked?
++  def lock(opts = {})
++    opts = {:anonymous => false}.merge(opts)
--    File.open(@lockfile, "w") { |fd| fd.write(Process.pid) }
--    true
++    if locked?
++      mine?
++    else
++      if opts[:anonymous]
++        File.open(@lockfile, 'w') { |fd| true }
++      else
++        File.open(@lockfile, "w") { |fd| fd.write(Process.pid) }
++      end
++      true
++    end
    end
    def unlock(opts = {})
--    if mine?
--      begin
--        File.unlink(@lockfile)
--      rescue Errno::ENOENT
--        # Someone deleted it for us ...and so we do nothing.  No point whining
--        # about a problem that the user can't actually do anything about.
--      rescue SystemCallError => e
--        # This one is a real failure though.  No idea what went wrong, but it
--        # is most likely "read only file(system)" or wrong permissions or
--        # something like that.
--        Puppet.err "Could not remove PID file #{@lockfile}: #{e}"
--        puts e.backtrace if Puppet[:trace]
--      end
++    return false unless locked?
++
++    opts = {:anonymous => false}.merge(opts)
++
++    if mine? or (opts[:anonymous] and anonymous?)
++      File.unlink(@lockfile)
        true
      else
        false
      end
    end
++  private
    def lock_pid
      if File.exists? @lockfile
        File.read(@lockfile).to_i
@@ -51,7 +64,6 @@
      end
    end
--  private
    def clear_if_stale
      return if lock_pid.nil?
@@ -65,4 +77,41 @@
        File.unlink(@lockfile)
      end
    end
++
++
++  ######################################################################################
++  # Backwards compatibility hack
++  ######################################################################################
++  # A change to lockfile behavior was introduced in 2.7.10 and 2.7.11; basically,
++  # instead of using a single lockfile to indicate both administrative disabling of
++  # the agent *and* the case where an agent run is already in progress, we started using
++  # two separate lockfiles: the 'normal' one for the "run in progress" case, and a
++  # separate one with a ".disabled" extension to indicate administrative disabling.
++  #
++  # This was determined to cause incompatibilities with mcollective, so the behavior
++  # was reverted for 2.7.12.  Unfortunately this leaves the possibility that someone
++  # may have run "agent --disable" to administratively disable a 2.7.10 or 2.7.11
++  # agent, and then upgraded to a newer version.  This method exists only to
++  # provide backwards compatibility.  Basically, it just recognizes the 2.7.10/2.7.11
++  # ".disabled" lock file, warns, and cleans it up.
++  #
++  # This should be removed for the 3.x series.
++  #
++  # For more information, please see tickets #12844, #3757, #4836, and #11057
++  #
++  # -- cprice 2012-03-01
++  #
++  def handle_2_7_10_disabled_lockfile
++    disabled_lockfile_path = @lockfile + ".disabled"
++    if (File.exists?(disabled_lockfile_path))
++      Puppet.warning("Found special lockfile '#{disabled_lockfile_path}'; this file was " +
++          "generated by a call to 'puppet agent --disable' in puppet 2.7.10 or 2.7.11. " +
++          "The expected lockfile path is '#{@lockfile}'; renaming the lock file.")
++      File.rename(disabled_lockfile_path, @lockfile)
++    end
++  end
++  private :handle_2_7_10_disabled_lockfile
++  ######################################################################################
++  # End backwards compatibility hack
++  ######################################################################################
  end
 === modified file 'spec/unit/agent/locker_spec.rb'
 --- spec/unit/agent/locker_spec.rb	2012-01-26 11:27:00 +0000
 +++ spec/unit/agent/locker_spec.rb	2012-03-16 16:38:20 +0000
@@ -29,6 +29,18 @@
      @locker.lockfile.should equal(@locker.lockfile)
    end
++  it "should use the lock file to anonymously lock the process when disabled" do
++    @locker.lockfile.expects(:lock).with(:anonymous => true)
++
++    @locker.disable
++  end
++
++  it "should use the lock file to anonymously unlock the process when enabled" do
++    @locker.lockfile.expects(:unlock).with(:anonymous => true)
++
++    @locker.enable
++  end
++
    it "should have a method that yields when a lock is attained" do
      @locker.lockfile.expects(:lock).returns true
 === added file 'spec/unit/agent_backward_compatibility_spec.rb'
 --- spec/unit/agent_backward_compatibility_spec.rb	1970-01-01 00:00:00 +0000
 +++ spec/unit/agent_backward_compatibility_spec.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,152 @@
++#!/usr/bin/env rspec
++require 'spec_helper'
++require 'puppet/agent'
++
++
++############################################################################
++#                                  NOTE                                    #
++############################################################################
++#                                                                          #
++# This entire spec is only here for backwards compatibility from 2.7.12+   #
++# with 2.7.10 and 2.7.11. The entire file should be able to be removed     #
++# for the 3.x series.                                                      #
++#                                                                          #
++# For more info, see the comments on the #handle_2_7_10_disabled_lockfile  #
++# method in pidlock.rb                                                     #
++#                                                                          #
++# --cprice 2012-03-01                                                      #
++############################################################################
++
++class AgentTestClient
++  def run
++    # no-op
++  end
++  def stop
++    # no-op
++  end
++end
++
++describe Puppet::Agent do
++  include PuppetSpec::Files
++
++  let(:agent) { Puppet::Agent.new(AgentTestClient) }
++
++  describe "in order to be backwards-compatibility with versions 2.7.10 and 2.7.11" do
++
++    describe "when the 2.7.10/2.7.11 'disabled' lockfile exists" do
++
++      # the "normal" lockfile
++      let(:lockfile_path) { tmpfile("agent_spec_lockfile") }
++
++      # the 2.7.10/2.7.11 "disabled" lockfile
++      # (can't use PuppetSpec::Files.tmpfile here because we need the ".disabled" file to have *exactly* the same
++      #   path/name as the original file, plus the ".disabled" suffix.)
++      let(:disabled_lockfile_path) { lockfile_path + ".disabled" }
++
++      # some regexes to match log messages
++      let(:warning_regex) { /^Found special lockfile '#{disabled_lockfile_path}'.*renaming/ }
++      let(:disabled_regex) { /^Skipping run of .*; administratively disabled/ }
++
++      before(:each) do
++        # create the 2.7.10 "disable" lockfile.
++        FileUtils.touch(disabled_lockfile_path)
++
++        # stub in our temp lockfile path.
++        AgentTestClient.expects(:lockfile_path).returns lockfile_path
++      end
++
++      after(:each) do
++        # manually clean up the files that we didn't create via PuppetSpec::Files.tmpfile
++        begin
++          File.unlink(disabled_lockfile_path)
++        rescue Errno::ENOENT
++          # some of the tests expect for the agent code to take care of deleting this file,
++          # so it may (validly) not exist.
++        end
++      end
++
++      describe "when the 'regular' lockfile also exists" do
++        # the logic here is that if a 'regular' lockfile already exists, then there is some state that the
++        # current version of puppet is responsible for dealing with.  All of the tests in this block are
++        # simply here to make sure that our backwards-compatibility hack does *not* interfere with this.
++        #
++        # Even if the ".disabled" lockfile exists--it can be dealt with at another time, when puppet is
++        # in *exactly* the state that we want it to be in (mostly meaning that the 'regular' lockfile
++        # does not exist.)
++
++        before(:each) do
++          # create the "regular" lockfile
++          FileUtils.touch(lockfile_path)
++        end
++
++        it "should be recognized as 'disabled'" do
++          agent.should be_disabled
++        end
++
++        it "should not try to start a new agent run" do
++          AgentTestClient.expects(:new).never
++          Puppet.expects(:notice).with(regexp_matches(disabled_regex))
++
++          agent.run
++        end
++
++        it "should not delete the 2.7.10/2.7.11 lockfile" do
++          agent.run
++
++          File.exists?(disabled_lockfile_path).should == true
++        end
++
++        it "should not print the warning message" do
++          Puppet.expects(:warning).with(regexp_matches(warning_regex)).never
++
++          agent.run
++        end
++      end
++
++      describe "when the 'regular' lockfile does not exist" do
++        # this block of tests is for actually testing the backwards compatibility hack.  This
++        # is where we're in a clean state and we know it's safe(r) to muck with the lockfile
++        # situation.
++
++        it "should recognize that the agent is disabled" do
++          agent.should be_disabled
++        end
++
++        describe "when an agent run is requested" do
++          it "should not try to start a new agent run" do
++            AgentTestClient.expects(:new).never
++            Puppet.expects(:notice).with(regexp_matches(disabled_regex))
++
++            agent.run
++          end
++
++          it "should warn, remove the 2.7.10/2.7.11 lockfile, and create the 'normal' lockfile" do
++            Puppet.expects(:warning).with(regexp_matches(warning_regex))
++
++            agent.run
++
++            File.exists?(disabled_lockfile_path).should == false
++            File.exists?(lockfile_path).should == true
++          end
++        end
++
++        describe "when running --enable" do
++          it "should recognize that the agent is disabled" do
++            agent.should be_disabled
++          end
++
++          it "should warn and clean up the 2.7.10/2.7.11 lockfile" do
++            Puppet.expects(:warning).with(regexp_matches(warning_regex))
++
++            agent.enable
++
++            File.exists?(disabled_lockfile_path).should == false
++            File.exists?(lockfile_path).should == false
++          end
++        end
++      end
++    end
++  end
++
++
++end
 === modified file 'spec/unit/agent_spec.rb'
 --- spec/unit/agent_spec.rb	2012-01-26 11:27:00 +0000
 +++ spec/unit/agent_spec.rb	2012-03-16 16:38:20 +0000
@@ -94,12 +94,6 @@
        @agent.run
      end
--    it "should do nothing if disabled" do
--      @agent.expects(:disabled?).returns(true)
--      AgentTestClient.expects(:new).never
--      @agent.run
--    end
--
      it "should use Puppet::Application.controlled_run to manage process state behavior" do
        calls = sequence('calls')
        Puppet::Application.expects(:controlled_run).yields.in_sequence(calls)
 === modified file 'spec/unit/application/agent_spec.rb'
 --- spec/unit/application/agent_spec.rb	2012-01-26 11:27:00 +0000
 +++ spec/unit/application/agent_spec.rb	2012-03-16 16:38:20 +0000
@@ -91,7 +91,7 @@
        @puppetd.command_line.stubs(:args).returns([])
      end
--    [:centrallogging, :enable, :debug, :fqdn, :test, :verbose, :digest].each do |option|
++    [:centrallogging, :disable, :enable, :debug, :fqdn, :test, :verbose, :digest].each do |option|
        it "should declare handle_#{option} method" do
          @puppetd.should respond_to("handle_#{option}".to_sym)
        end
@@ -102,24 +102,6 @@
        end
      end
--    describe "when handling --disable" do
--      it "should declare handle_disable method" do
--        @puppetd.should respond_to(:handle_disable)
--      end
--
--      it "should set disable to true" do
--        @puppetd.options.stubs(:[]=)
--        @puppetd.options.expects(:[]=).with(:disable, true)
--        @puppetd.handle_disable('')
--      end
--
--      it "should store disable message" do
--        @puppetd.options.stubs(:[]=)
--        @puppetd.options.expects(:[]=).with(:disable_message, "message")
--        @puppetd.handle_disable('message')
--      end
--    end
--
      it "should set an existing handler on server" do
        Puppet::Network::Handler.stubs(:handler).with("handler").returns(true)
@@ -367,20 +349,6 @@
          end
        end
--      it "should pass the disable message when disabling" do
--        @puppetd.options.stubs(:[]).with(:disable).returns(true)
--        @puppetd.options.stubs(:[]).with(:disable_message).returns("message")
--        @agent.expects(:disable).with("message")
--        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
--      end
--
--      it "should pass the default disable message when disabling without a message" do
--        @puppetd.options.stubs(:[]).with(:disable).returns(true)
--        @puppetd.options.stubs(:[]).with(:disable_message).returns(nil)
--        @agent.expects(:disable).with("reason not specified")
--        expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
--      end
--
        it "should finally exit" do
          expect { @puppetd.enable_disable_client(@agent) }.to exit_with 0
        end
 === removed file 'spec/unit/util/anonymous_filelock_spec.rb'
 --- spec/unit/util/anonymous_filelock_spec.rb	2012-01-26 11:27:00 +0000
 +++ spec/unit/util/anonymous_filelock_spec.rb	1970-01-01 00:00:00 +0000
@@ -1,78 +0,0 @@
--#!/usr/bin/env rspec
--require 'spec_helper'
--
--require 'puppet/util/anonymous_filelock'
--
--describe Puppet::Util::AnonymousFilelock do
--  require 'puppet_spec/files'
--  include PuppetSpec::Files
--
--  before(:each) do
--    @lockfile = tmpfile("lock")
--    @lock = Puppet::Util::AnonymousFilelock.new(@lockfile)
--  end
--
--  it "should be anonymous" do
--    @lock.should be_anonymous
--  end
--
--  describe "#lock" do
--    it "should return false if already locked" do
--      @lock.stubs(:locked?).returns(true)
--      @lock.lock.should be_false
--    end
--
--    it "should return true if it successfully locked" do
--      @lock.lock.should be_true
--    end
--
--    it "should create a lock file" do
--      @lock.lock
--
--      File.should be_exists(@lockfile)
--    end
--
--    it "should create a lock file containing a message" do
--      @lock.lock("message")
--
--      File.read(@lockfile).should == "message"
--    end
--  end
--
--  describe "#unlock" do
--    it "should return true when unlocking" do
--      @lock.lock
--      @lock.unlock.should be_true
--    end
--
--    it "should return false when not locked" do
--      @lock.unlock.should be_false
--    end
--
--    it "should clear the lock file" do
--      File.open(@lockfile, 'w') { |fd| fd.print("locked") }
--      @lock.unlock
--      File.should_not be_exists(@lockfile)
--    end
--  end
--
--  it "should be locked when locked" do
--    @lock.lock
--    @lock.should be_locked
--  end
--
--  it "should not be locked when not locked" do
--    @lock.should_not be_locked
--  end
--
--  it "should not be locked when unlocked" do
--    @lock.lock
--    @lock.unlock
--    @lock.should_not be_locked
--  end
--
--  it "should return the lock message" do
--    @lock.lock("lock message")
--    @lock.message.should == "lock message"
--  end
--end
 \ No newline at end of file
 === removed file 'spec/unit/util/pidlock_spec.rb'
 --- spec/unit/util/pidlock_spec.rb	2012-02-23 18:24:48 +0000
 +++ spec/unit/util/pidlock_spec.rb	1970-01-01 00:00:00 +0000
@@ -1,208 +0,0 @@
--#!/usr/bin/env rspec
--require 'spec_helper'
--
--require 'puppet/util/pidlock'
--
--describe Puppet::Util::Pidlock do
--  require 'puppet_spec/files'
--  include PuppetSpec::Files
--
--  before(:each) do
--    @lockfile = tmpfile("lock")
--    @lock = Puppet::Util::Pidlock.new(@lockfile)
--  end
--
--  it "should not be anonymous" do
--    @lock.should_not be_anonymous
--  end
--
--  describe "#lock" do
--    it "should not be locked at start" do
--      @lock.should_not be_locked
--    end
--
--    it "should not be mine at start" do
--      @lock.should_not be_mine
--    end
--
--    it "should become locked" do
--      @lock.lock
--      @lock.should be_locked
--    end
--
--    it "should become mine" do
--      @lock.lock
--      @lock.should be_mine
--    end
--
--    it "should be possible to lock multiple times" do
--      @lock.lock
--      lambda { @lock.lock }.should_not raise_error
--    end
--
--    it "should return true when locking" do
--      @lock.lock.should be_true
--    end
--
--    it "should return true if locked by me" do
--      @lock.lock
--      @lock.lock.should be_true
--    end
--
--    it "should return false if locked by someone else" do
--      Process.stubs(:kill)
--      File.open(@lockfile, "w") { |fd| fd.print('0') }
--
--      @lock.lock.should be_false
--    end
--
--    it "should create a lock file" do
--      @lock.lock
--      File.should be_exists(@lockfile)
--    end
--
--    it "should create a lock file containing our pid" do
--      @lock.lock
--      File.read(@lockfile).to_i.should == Process.pid.to_i
--    end
--  end
--
--  describe "#unlock" do
--    it "should not be locked anymore" do
--      @lock.lock
--      @lock.unlock
--      @lock.should_not be_locked
--    end
--
--    it "should return false if not locked" do
--      @lock.unlock.should be_false
--    end
--
--    it "should return true if properly unlocked" do
--      @lock.lock
--      @lock.unlock.should be_true
--    end
--
--    it "should get rid of the lock file" do
--      @lock.lock
--      @lock.unlock
--      File.should_not be_exists(@lockfile)
--    end
--
--    it "should not warn if the lockfile was deleted by someone else" do
--      @lock.lock
--      File.unlink(@lockfile)
--
--      Puppet.expects(:err).never # meh
--      @lock.unlock
--    end
--
--    it "should warn if the lockfile can't be deleted" do
--      @lock.lock
--      File.expects(:unlink).with(@lockfile).raises(Errno::EIO)
--      Puppet.expects(:err).with do |argument|
--        argument.should =~ /Input\/output error/
--      end
--      @lock.unlock
--
--      # This is necessary because our cleanup code uses File.unlink
--      File.unstub(:unlink)
--      @lock.unlock
--    end
--  end
--
--  describe "#locked?" do
--    it "should return true if locked" do
--      @lock.lock
--      @lock.should be_locked
--    end
--  end
--
--  describe "with a stale lock" do
--    before(:each) do
--      Process.stubs(:kill).with(0, 6789)
--      Process.stubs(:kill).with(0, 1234).raises(Errno::ESRCH)
--      Process.stubs(:pid).returns(6789)
--      File.open(@lockfile, 'w') { |fd| fd.write("1234") }
--    end
--
--    it "should not be locked" do
--      @lock.should_not be_locked
--    end
--
--    describe "#lock" do
--      it "should clear stale locks" do
--        @lock.locked?
--        File.should_not be_exists(@lockfile)
--      end
--
--      it "should replace with new locks" do
--        @lock.lock
--        File.should be_exists(@lockfile)
--        @lock.lock_pid.should == 6789
--        @lock.should be_mine
--        @lock.should be_locked
--      end
--    end
--
--    describe "#unlock" do
--      it "should not be allowed" do
--        @lock.unlock.should be_false
--      end
--
--      it "should not remove the lock file" do
--        @lock.unlock
--        File.should be_exists(@lockfile)
--      end
--    end
--  end
--
--  describe "with another process lock" do
--    before(:each) do
--      Process.stubs(:kill).with(0, 6789)
--      Process.stubs(:kill).with(0, 1234)
--      Process.stubs(:pid).returns(6789)
--      File.open(@lockfile, 'w') { |fd| fd.write("1234") }
--    end
--
--    it "should be locked" do
--      @lock.should be_locked
--    end
--
--    it "should not be mine" do
--      @lock.should_not be_mine
--    end
--
--    describe "#lock" do
--      it "should not be possible" do
--        @lock.lock.should be_false
--      end
--
--      it "should not overwrite the lock" do
--        @lock.lock
--        @lock.should_not be_mine
--      end
--    end
--
--    describe "#unlock" do
--      it "should not be possible" do
--        @lock.unlock.should be_false
--      end
--
--      it "should not remove the lock file" do
--        @lock.unlock
--        File.should be_exists(@lockfile)
--      end
--
--      it "should still not be our lock" do
--        @lock.unlock
--        @lock.should_not be_mine
--      end
--
--      it "should not warn" do
--        Puppet.expects(:err).never
--        @lock.unlock
--      end
--    end
--  end
--end
 === added file 'test/util/pidlock.rb'
 --- test/util/pidlock.rb	1970-01-01 00:00:00 +0000
 +++ test/util/pidlock.rb	2012-03-16 16:38:20 +0000
@@ -0,0 +1,126 @@
++require File.expand_path(File.dirname(__FILE__) + '/../lib/puppettest')
++
++require 'puppet/util/pidlock'
++require 'fileutils'
++
++# This is *fucked* *up*
++Puppet.debug = false
++
++class TestPuppetUtilPidlock < Test::Unit::TestCase
++  include PuppetTest
++
++  def setup
++    super
++    @workdir = tstdir
++  end
++
++  def teardown
++    super
++    FileUtils.rm_rf(@workdir)
++  end
++
++  def test_00_basic_create
++    l = nil
++    assert_nothing_raised { l = Puppet::Util::Pidlock.new(@workdir + '/nothingmuch') }
++
++    assert_equal Puppet::Util::Pidlock, l.class
++
++    assert_equal @workdir + '/nothingmuch', l.lockfile
++  end
++
++  def test_10_uncontended_lock
++    l = Puppet::Util::Pidlock.new(@workdir + '/test_lock')
++
++    assert !l.locked?
++    assert !l.mine?
++    assert l.lock
++    assert l.locked?
++    assert l.mine?
++    assert !l.anonymous?
++    # It's OK to call lock multiple times
++    assert l.lock
++    assert l.unlock
++    assert !l.locked?
++    assert !l.mine?
++  end
++
++  def test_20_someone_elses_lock
++    childpid = nil
++    l = Puppet::Util::Pidlock.new(@workdir + '/someone_elses_lock')
++
++    # First, we need a PID that's guaranteed to be (a) used, (b) someone
++    # else's, and (c) around for the life of this test.
++    childpid = fork { loop do; sleep 10; end }
++
++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
++
++    assert l.locked?
++    assert !l.mine?
++    assert !l.lock
++    assert l.locked?
++    assert !l.mine?
++    assert !l.unlock
++    assert l.locked?
++    assert !l.mine?
++  ensure
++    Process.kill("KILL", childpid) unless childpid.nil?
++  end
++
++  def test_30_stale_lock
++    # This is a bit hard to guarantee, but we need a PID that is definitely
++    # unused, and will stay so for the the life of this test.  Our best
++    # bet is to create a process, get it's PID, let it die, and *then*
++    # lock on it.
++    childpid = fork { exit }
++
++    # Now we can't continue until we're sure that the PID is dead
++    Process.wait(childpid)
++
++    l = Puppet::Util::Pidlock.new(@workdir + '/stale_lock')
++
++    # locked? should clear the lockfile
++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
++    assert File.exists?(l.lockfile)
++    assert !l.locked?
++    assert !File.exists?(l.lockfile)
++
++    # lock should replace the lockfile with our own
++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
++    assert File.exists?(l.lockfile)
++    assert l.lock
++    assert l.locked?
++    assert l.mine?
++
++    # unlock should fail, and should *not* molest the existing lockfile,
++    # despite it being stale
++    File.open(l.lockfile, 'w') { |fd| fd.write(childpid) }
++    assert File.exists?(l.lockfile)
++    assert !l.unlock
++    assert File.exists?(l.lockfile)
++  end
++
++  def test_40_not_locked_at_all
++    l = Puppet::Util::Pidlock.new(@workdir + '/not_locked')
++
++    assert !l.locked?
++    # We can't unlock if we don't hold the lock
++    assert !l.unlock
++  end
++
++  def test_50_anonymous_lock
++    l = Puppet::Util::Pidlock.new(@workdir + '/anonymous_lock')
++
++    assert !l.locked?
++    assert l.lock(:anonymous => true)
++    assert l.locked?
++    assert l.anonymous?
++    assert !l.mine?
++    assert "", File.read(l.lockfile)
++    assert !l.unlock
++    assert l.locked?
++    assert l.anonymous?
++    assert l.unlock(:anonymous => true)
++    assert !File.exists?(l.lockfile)
++  end
++end
++

Ubuntupuppet package