Hello community, here is the log from the commit of package puppet.3813 for openSUSE:13.1:Update checked in at 2015-06-09 10:32:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/puppet.3813 (Old) and /work/SRC/openSUSE:13.1:Update/.puppet.3813.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "puppet.3813" Changes: -------- New Changes file: --- /dev/null 2015-05-15 19:41:08.266053825 +0200 +++ /work/SRC/openSUSE:13.1:Update/.puppet.3813.new/puppet.changes 2015-06-09 10:32:24.000000000 +0200 @@ -0,0 +1,659 @@ +------------------------------------------------------------------- +Mon Jun 1 09:45:26 UTC 2015 - kstreit...@suse.com + +- add puppet-3.7.3-systemd_default_service_provider.patch to make + systemd the default service provider for openSUSE >= 12 and + SLES 12 [bnc#927946] + +------------------------------------------------------------------- +Sat Nov 8 20:23:07 UTC 2014 - da...@darins.net + +- update to 3.7.3 + * PUP-3601: Bump facter dependency to 2.3.0 + * PUP-3471: Windows Puppet x86 Installer Expands Environment Variables in Path + * PUP-3302: Puppet resource broken when directory environments enabled + * PUP-3500: Adding a setting to puppet.conf that has a :hook handled on define preloads incorrect directory environment settings. + * PUP-3505: Future parser handling undef’s incorrectly + * PUP-3514: Future parser not showing line/column for error + * PUP-3558: Future parser, square brackets in references cause syntax errors related to non-ASCII characters + * PUP-3602: Do not convert strings that are on the form “0e" to floating point + * PUP-3555: introduce override-able factory pattern for constructing environment cache entries + + See release notes for update information: + https://docs.puppetlabs.com/puppet/3.7/reference/release_notes.html + + For a full list of bugs fixes see: + https://tickets.puppetlabs.com/secure/ReleaseNote.jspa?projectId=10102&version=12001 + +- remove old .changelog +- fix invalid arg in init script for SLE + +------------------------------------------------------------------- +Tue Oct 28 09:21:58 UTC 2014 - bo...@steki.net + +- updated buildrequires to use rubygem(xxx) syntax as that is correct syntax + +------------------------------------------------------------------- +Thu Oct 23 16:57:53 UTC 2014 - da...@darins.net + +- Update to 3.7.2 + * PUP-3467: Reject SSLv3 connections in Puppet + * PUP-3345: Puppet Master Memory Leak + * PUP-643: Solaris pkg package provider does not handle expiring + certificates + * PUP-1165: Spurious ‘trigger changed’ messages generated by scheduled + task provider + * PUP-3203: scheduled_task triggers cannot be updated + * PUP-3357: Unexpected error with multiple SSH keys without comments + * PUP-3351: Puppet evaluates classes declared with parameters before + classes declared without parameters + * PUP-3258: puppet apply + ENC + 3.7.x: does not read the .pp file + * PUP-3244: ENC returned environment ignored when using directory environments + * PUP-3334: Changes to environment.conf are not being picked up, even + when environment timeout is set to 0. + * PUP-3363: future parser give weird error in trailing comma after assignment + * PUP-3366: type system does not handle Enum/String compare correctly + * PUP-3401: Type system does not handle Pattern correctly + * PUP-3365: consider not doing deep undef to empty string map in 3xi + function API + * PUP-3364: Attempt to use Numeric as title in a Resource type causes + internal error + * PUP-3201: Validation thinks that an Undef instance is of type Runtime + * PUP-3315: Windows agent installer should specify that FQDN is expected + * PUP-3227: Upgrade conflict: puppetmaster-common and puppet-common + + See release notes for update information: + https://docs.puppetlabs.com/puppet/3.7/reference/release_notes.html + + For a full list of bugs fixes see: + https://tickets.puppetlabs.com/secure/ReleaseNote.jspa?projectId=10102&version=11925 + +------------------------------------------------------------------- +Sat Sep 27 06:31:18 UTC 2014 - tbecht...@suse.com + +- Also create user/group when only installing the puppet client + +------------------------------------------------------------------- +Wed Sep 24 15:23:25 UTC 2014 - da...@darins.net + +- Updated systemd coding style + +------------------------------------------------------------------- +Thu Sep 18 17:32:47 UTC 2014 - da...@darins.net + +- Fix packaging for SLE_11 + +------------------------------------------------------------------- +Tue Sep 16 19:59:22 UTC 2014 - da...@darins.net + +- Update to 3.7.1 + * PUP-3222: Windows service provider references a non-existent class + * PUP-3190: “each” no longer supported in Puppet 3.7.0 + * PUP-3191: Symlinks to missing targets cause a File Not Found error + instead of a warning + * PUP-3231: Specifying –tags doesn’t cause suitability check to be + skipped for skipped resources + * PUP-894: Too easy to hit “CRL not yet valid for <host>” + (and not very informative) + * PUP-1680: “incorrect header check” using Ruby 2 + * PUP-3177: Resource titles ending with square brackets fail + * PUP-3174: After enabling directory environments the manifestdir + setting is still required to be valid + * PUP-3162: Block $environment in directory based environment + configuration settings + * PUP-3186: Puppetmaster removes /etc/puppet/environments/production + if it’s a link rather than a directory + + See release notes for update information: + https://docs.puppetlabs.com/puppet/3.7/reference/release_notes.html + + For a full list of bugs fixes see: + https://tickets.puppetlabs.com/secure/ReleaseNote.jspa?projectId=10102&version=11854 + +------------------------------------------------------------------- +Fri Sep 5 16:57:18 UTC 2014 - da...@darins.net + +- Update to 3.7.0 + * A nearly-final implementation of the Puppet 4 language + * Preview support for a new, fast, natively compiled Facter + * 64-bit Puppet packages for Windows + * Lots of deprecations to prepare for Puppet 4.0 + + See release notes for update information: + https://docs.puppetlabs.com/puppet/3.7/reference/release_notes.html + + For a full list of bugs fixes see: + https://tickets.puppetlabs.com/issues/?filter=12643 + +------------------------------------------------------------------- +Sun Aug 3 08:19:53 UTC 2014 - tampak...@opensuse.org + +- Add Supplements: packageand(vim,puppet), in order to trigger automatic + installation for users of both packages. Suggested by dimstar + +------------------------------------------------------------------- +Sat Jul 26 18:36:00 UTC 2014 - tampak...@opensuse.org + +- Split the vim syntax files to separate subpackage, puppet-vim + +------------------------------------------------------------------- +Wed Jun 11 13:06:50 UTC 2014 - da...@darins.net + +- Update to 3.6.2 + Security Fixes + * CVE-2014-3248 + (Arbitrary Code Execution with Required Social Engineering) + * CVE-2014-3253 + (Apache 2.4+ does not enforce CRL checks by default) + * [PUP-2635] - user purge_ssh_keys not purged + * [PUP-2639] - Increase environment_timeout default. + * [PUP-2650] - 3.6.1 issues "warning" message for deprecation + * [PUP-2659] - Puppet stops working with error 'Attempted to pop, + but already at root of the context stack.' + * [PUP-2660] - purging ssh_authorized_key fails because of missing user value + * [PUP-2689] - A node can't always collect its own exported resources + * [PUP-2692] - Puppet master passenger processes keep growing + * [PUP-2705] - Regression with external facts pluginsync not preserving + executable bit + +------------------------------------------------------------------- +Tue May 27 12:03:10 UTC 2014 - bo...@steki.net + +- Puppet 3.6.1 is a bug fix release in the Puppet 3.6 series. + It also makes the transaction_uuid more reliably available to extensions. + +------------------------------------------------------------------- +Wed May 21 20:30:00 UTC 2014 - da...@darins.net + +- Update to 3.6.0 + Bug Fixes + * [PUP-530] - Installer for Puppet 3 does not check for hiera + * [PUP-748] - PR (2067): Zypper provider install options - darix + * [PUP-1041] - PR (2385) naginator not parsing blank parameters + * [PUP-1114] - Deprecate environment configuration in puppet.conf + * [PUP-1332] - "puppet resource service" fails on Ubuntu + * [PUP-1547] - PR (2311) Undefined method `groups' for nil:NilClass + * [PUP-1552] - V2.0 API reports Not Authorized as a "RUNTIME_ERROR" + * [PUP-1585] - PR (2342) cron resources with target specified generate + duplicate entries + * [PUP-1586] - PR (2331) Cron Type sanity check for the command parameter + is broken + * [PUP-1624] - PR (2342) Cron handles crontab's equality of target + and user strangely + * [PUP-1749] - Puppet module tool does not work on Solaris + * [PUP-1751] - PR (2383): Suse chkconfig --check boot.<service> always + returns 1 whether the service is enabled/disabled. - m4ce + + Improvement + * [PUP-485] - Add assert_type functions for type checks + * [PUP-620] - (PR 2429) Add install_options to gem provider + * [PUP-740] - Validator + * [PUP-1174] - PR (2247) Ability to purge .ssh/authorized_keys + * [PUP-1596] - Make modulepath, manifest, and config_version configurable + per-environment + * [PUP-1699] - Cache environments + * [PUP-1769] - PR (2414) yum provider to support install_options + * [PUP-1799] - New Function API + ++++ 462 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.puppet.3813.new/puppet.changes New: ---- puppet-3.7.3-systemd_default_service_provider.patch puppet-3.7.3.tar.gz puppet.changes puppet.fw puppet.spec puppetmaster.fw ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ puppet.spec ++++++ # # spec file for package puppet # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # backward compatible requirement SLE... %{?!_initddir:%define _initddir %_initrddir} %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services Name: puppet Version: 3.7.3 Release: 0 Summary: A network tool for managing many disparate systems License: Apache-2.0 Group: Productivity/Networking/System Url: http://puppetlabs.com/puppet/what-is-puppet/ Source: http://downloads.puppetlabs.com/puppet/%{name}-%{version}.tar.gz Source1: puppetmaster.fw Source2: puppet.fw # PATCH-FIX-UPSTREAM bnc#927946 kstreit...@suse.com -- enable systemd as a default service provider Patch: puppet-3.7.3-systemd_default_service_provider.patch Obsoletes: hiera-puppet < 1.0.0 Provides: hiera-puppet >= 1.0.0 Requires: facter >= 1.6.0 Requires: ruby >= 1.8.7 Requires: rubygem(hiera) >= 1.0.0 Requires: rubygem(ruby-shadow) >= 2.1.4 BuildRequires: facter >= 1.6.0 BuildRequires: fdupes BuildRequires: ruby >= 1.8.7 BuildRequires: rubygem(hiera) >= 1.0.0 # not really required but we do not wanna own their folders BuildRequires: emacs-nox BuildRequires: vim BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires(pre): /usr/sbin/groupadd Requires(pre): /usr/sbin/useradd %if 0%{?suse_version} >= 1210 BuildRequires: systemd %{?systemd_requires} %define has_systemd 1 %endif %define _unitdir /usr/lib/systemd %description Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and files. %package server Summary: A network tool for managing many disparate systems Group: Productivity/Networking/System %if 0%{?suse_version} > 1210 %{?systemd_requires} %endif %description server Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and files. %package vim Summary: Vim syntax files for Puppet manifests Group: Productivity/Text/Editors Requires: vim %if 0%{?suse_version} > 1110 BuildArch: noarch %endif Supplements: packageand(vim:%{name}) %{!?vim_data_dir:%global vim_data_dir /usr/share/vim/%(readlink /usr/share/vim/current)} %description vim Vim ftdetect and syntax files for Puppet manifests %prep %setup -q %patch -p1 %build %install ruby install.rb install --destdir=%{buildroot} --sitelibdir=%{_libdir}/ruby/vendor_ruby/%{rb_ver} mkdir -p %{buildroot}%{_sysconfdir}/puppet mkdir -p %{buildroot}/%{_sbindir} mkdir -p %{buildroot}%{_localstatedir}/lib/puppet mkdir -p %{buildroot}%{_localstatedir}/log/puppet mkdir -p %{buildroot}/%{_fwdefdir} mkdir -p %{buildroot}%{_unitdir}/system install -m0644 ext/redhat/puppet.conf %{buildroot}%{_sysconfdir}/puppet/puppet.conf install -m0644 conf/auth.conf %{buildroot}%{_sysconfdir}/puppet/auth.conf # %if 0%{?has_systemd} ln -sf service %{buildroot}/%{_sbindir}/rcpuppet ln -sf service %{buildroot}/%{_sbindir}/rcpuppetmaster %else mkdir -p %{buildroot}%_initddir # fix old port arg sed -i 's/--port/--masterport/' ext/suse/client.init install -m0755 ext/suse/client.init %{buildroot}/%_initddir/puppet install -m0755 ext/suse/server.init %{buildroot}/%_initddir/puppetmaster ln -sf %_initddir/puppet %{buildroot}/%{_sbindir}/rcpuppet ln -sf %_initddir/puppetmaster %{buildroot}/%{_sbindir}/rcpuppetmaster %endif # install -m 644 %{SOURCE1} %{buildroot}/%{_fwdefdir}/puppetmasterd install -m 644 %{SOURCE2} %{buildroot}/%{_fwdefdir}/puppet # Latest git calls the service for agent puppet again install -m 644 ext/systemd/puppet.service %{buildroot}%{_unitdir}/system/puppet.service install -m 644 ext/systemd/puppetmaster.service %{buildroot}%{_unitdir}/system/puppetmaster.service %fdupes -s %{buildroot}/%{_mandir} # puppet ext/ data install -d -m0755 %{buildroot}%{_datadir}/%{name} install -d -m0755 %{buildroot}%{_datadir}/%{name}/ext # be specific, we don't need/want the OS specific stuff for ii in \ autotest \ cert_inspector \ dbfix.sql \ envpuppet \ ldap \ logcheck \ nagios \ puppetlisten \ puppet-load.rb \ puppet-test \ pure_ruby_dsl \ rack \ regexp_nodes \ upload_facts.rb \ yaml_nodes.rb do cp -a ext/$ii %{buildroot}%{_datadir}/%{name}/ext done # Install vim syntax files install -Dp -m0644 ext/vim/ftdetect/puppet.vim %{buildroot}%{vim_data_dir}/ftdetect/puppet.vim install -Dp -m0644 ext/vim/syntax/puppet.vim %{buildroot}%{vim_data_dir}/syntax/puppet.vim # Install emacs mode files emacsdir=%{buildroot}%{_datadir}/emacs/site-lisp install -Dp -m0644 ext/emacs/puppet-mode.el $emacsdir/puppet-mode.el install -Dp -m0644 ext/emacs/puppet-mode-init.el \ $emacsdir/site-start.d/puppet-mode-init.el %pretrans server if [ -x /usr/bin/puppet ] && [ "`/usr/bin/puppet --version | grep '^3.3.1'`" ]; then echo old > /run/puppet_migrate fi %pre server getent group puppet >/dev/null || /usr/sbin/groupadd -r puppet getent passwd puppet >/dev/null || /usr/sbin/useradd -r -g puppet -d /var/lib/puppet -s /bin/false -c "Puppet daemon" puppet %if 0%{?has_systemd} %service_add_pre puppetmaster.service %endif %pre getent group puppet >/dev/null || /usr/sbin/groupadd -r puppet getent passwd puppet >/dev/null || /usr/sbin/useradd -r -g puppet -d /var/lib/puppet -s /bin/false -c "Puppet daemon" puppet %if 0%{?has_systemd} %service_add_pre puppet.service %endif %preun %if 0%{?has_systemd} %service_del_preun puppet.service %endif %if 0%{?suse_version} == 1110 %stop_on_removal %{name} %endif %postun %if 0%{?has_systemd} %service_del_postun puppet.service %endif %if 0%{?suse_version} == 1110 %insserv_cleanup %endif %post # Compatibility with old setups if [ -f /etc/sysconfig/puppet ] && [ -z "`grep 'PUPPET_EXTRA_OPTS="' /etc/sysconfig/puppet | grep ' --server=${PUPPET_SERVER} --masterport=${PUPPET_PORT} --logdest=${PUPPET_LOG}"'`" ]; then echo 'PUPPET_EXTRA_OPTS=" --server=${PUPPET_SERVER} --masterport=${PUPPET_PORT} --logdest=${PUPPET_LOG} ${PUPPET_EXTRA_OPTS}"' >> /etc/sysconfig/puppet fi %if 0%{?has_systemd} %service_add_post puppet.service %endif %preun server %if 0%{?has_systemd} %service_del_preun puppetmaster.service %endif %if 0%{?suse_version} == 1110 %stop_on_removal %{name} %endif %postun server %if 0%{?has_systemd} %service_del_postun puppetmaster.service %endif %if 0%{?suse_version} == 1110 %insserv_cleanup %endif %post server # Compatibility with old setups if [ -f /etc/sysconfig/puppetmasterd ] && [ -z "`grep 'PUPPETMASTER_EXTRA_OPTS="' /etc/sysconfig/puppetmasterd | grep ' --manifest=${PUPPETMASTER_MANIFEST} --masterport=${PUPPETMASTER_PORTS[0]} --logdest ${PUPPETMASTER_LOG}'`" ]; then echo 'PUPPETMASTER_EXTRA_OPTS=" --manifest=${PUPPETMASTER_MANIFEST} --masterport=${PUPPETMASTER_PORTS[0]} --logdest ${PUPPETMASTER_LOG} ${PUPPETMASTER_EXTRA_OPTS}' >> /etc/sysconfig/puppet fi %if 0%{?has_systemd} %service_add_post puppetmaster.service %endif if [ -f /run/puppet_migrate ]; then cat > %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release} << EOF Warning: If you used puppet on openSUSE/SLE before be aware, that service is now Warning: called puppemaster instead of puppetmasterd. This was done to comply Warning: with upstream naming of the service and hopefully with everybody else EOF rm -f /run/puppet_migrate fi %files %defattr(-,root,root,-) %doc LICENSE README.* %{_bindir}/puppet %{_bindir}/extlookup2hiera %{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppet/ %{_libdir}/ruby/vendor_ruby/%{rb_ver}/hiera/ %{_libdir}/ruby/vendor_ruby/%{rb_ver}/hiera_puppet.rb %{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppet.rb %{_libdir}/ruby/vendor_ruby/%{rb_ver}/semver.rb %{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppetx.rb %{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppetx/ %dir %{_sysconfdir}/puppet %attr(0750,%{name},%{name}) %dir %{_localstatedir}/lib/puppet %attr(0750,%{name},%{name}) %dir %{_localstatedir}/log/puppet # emacs-mode files %{_datadir}/emacs/site-lisp/puppet-mode.el # emacs by default does not own it so we must own it... %dir %{_datadir}/emacs/site-lisp/site-start.d %{_datadir}/emacs/site-lisp/site-start.d/puppet-mode-init.el # puppet extensions %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/ext %{_datadir}/%{name}/ext/autotest %{_datadir}/%{name}/ext/cert_inspector %{_datadir}/%{name}/ext/dbfix.sql %{_datadir}/%{name}/ext/envpuppet %{_datadir}/%{name}/ext/ldap %{_datadir}/%{name}/ext/logcheck %{_datadir}/%{name}/ext/nagios %{_datadir}/%{name}/ext/puppetlisten %{_datadir}/%{name}/ext/puppet-load.rb %{_datadir}/%{name}/ext/puppet-test %{_datadir}/%{name}/ext/pure_ruby_dsl %{_datadir}/%{name}/ext/rack %{_datadir}/%{name}/ext/regexp_nodes %{_datadir}/%{name}/ext/upload_facts.rb %{_datadir}/%{name}/ext/yaml_nodes.rb # %config %{_sysconfdir}/puppet/puppet.conf %config %{_sysconfdir}/puppet/auth.conf %{_mandir}/man?/* %{_sbindir}/rcpuppet %config %{_fwdefdir}/puppet %{_unitdir}/system/puppet.service %if 0%{?suse_version} == 1110 %_initddir/puppet %dir /usr/lib/systemd %dir /usr/lib/systemd/system %endif %files server %defattr(-, root, root, 0755) %dir %attr(755,root,root) %{_sbindir}/rcpuppetmaster %config %{_fwdefdir}/puppetmasterd %{_unitdir}/system/puppetmaster.service %if 0%{?suse_version} == 1110 %_initddir/puppetmaster %dir /usr/lib/systemd %dir /usr/lib/systemd/system %endif %files vim %defattr(-, root, root) %dir %{vim_data_dir}/ftdetect %{vim_data_dir}/ftdetect/puppet.vim %{vim_data_dir}/syntax/puppet.vim %changelog ++++++ puppet-3.7.3-systemd_default_service_provider.patch ++++++ >From bdd0dfdda47032a269b42a53c864fe91856eaedd Mon Sep 17 00:00:00 2001 From: Rob Braden <brad...@puppetlabs.com> Date: Wed, 24 Sep 2014 11:41:51 -0700 Subject: [PATCH] (pup-3338) Make systemd the default service provider for SLES 12 openSUSE >= 12 and SLES 12 use systemd as the default service management framework. This updates puppet to use the systemd provider by default on openSUSE 12 and 13 and SLES 12 --- lib/puppet/provider/service/systemd.rb | 1 + spec/unit/provider/service/systemd_spec.rb | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/lib/puppet/provider/service/systemd.rb b/lib/puppet/provider/service/systemd.rb index eb6df29..e717049 100644 --- a/lib/puppet/provider/service/systemd.rb +++ b/lib/puppet/provider/service/systemd.rb @@ -7,6 +7,7 @@ defaultfor :osfamily => [:archlinux] defaultfor :osfamily => :redhat, :operatingsystemmajrelease => "7" + defaultfor :osfamily => :suse, :operatingsystemmajrelease => ["12", "13"] def self.instances i = [] diff --git a/spec/unit/provider/service/systemd_spec.rb b/spec/unit/provider/service/systemd_spec.rb index 54c95da..5d269af 100755 --- a/spec/unit/provider/service/systemd_spec.rb +++ b/spec/unit/provider/service/systemd_spec.rb @@ -36,6 +36,24 @@ described_class.default?.should_not be_true end + it "should be the default provider on sles12" do + Facter.expects(:value).with(:osfamily).at_least_once.returns(:suse) + Facter.expects(:value).with(:operatingsystemmajrelease).returns("12") + described_class.default?.should be_true + end + + it "should be the default provider on opensuse13" do + Facter.expects(:value).with(:osfamily).at_least_once.returns(:suse) + Facter.expects(:value).with(:operatingsystemmajrelease).returns("13") + described_class.default?.should be_true + end + + it "should not be the default provider on sles11" do + Facter.expects(:value).with(:osfamily).at_least_once.returns(:suse) + Facter.expects(:value).with(:operatingsystemmajrelease).returns("11") + described_class.default?.should_not be_true + end + [:enabled?, :enable, :disable, :start, :stop, :status, :restart].each do |method| it "should have a #{method} method" do provider.should respond_to(method) ++++++ puppet.fw ++++++ ## Name: Puppet ## Description: Retrieve the client configuration from the central puppet server and apply it to the local host. # space separated list of allowed TCP ports TCP="8139" ++++++ puppetmaster.fw ++++++ ## Name: Puppet ## Description: The central puppet server. Functions as a certificate authority by default. # space separated list of allowed TCP ports TCP="8140"