diff options
author | Tim Smith <tsmith@chef.io> | 2018-02-28 14:51:20 -0800 |
---|---|---|
committer | Tim Smith <tsmith@chef.io> | 2018-03-02 14:57:31 -0800 |
commit | 8f8e43e410d558b03850fc81d8ed11286d8ea1dd (patch) | |
tree | 9d161a877d3c7ca95059164787b9e9d0e16c4937 | |
parent | 6f2c11cb9c7ded1137ce2138573d3d0d41e4c551 (diff) | |
download | chef-2k3.tar.gz |
Remove support for Windows 20032k3
Windows 2003 is fully end of life at this point and hasn't been supported by Chef for quite a while. EXTENDED support for Windows 2003 ended July 14, 2015. We avoid a good number of WMI queries by removing this support entirely.
Signed-off-by: Tim Smith <tsmith@chef.io>
-rw-r--r-- | lib/chef/config.rb | 3 | ||||
-rw-r--r-- | lib/chef/dsl/reboot_pending.rb | 9 | ||||
-rw-r--r-- | lib/chef/platform/query_helpers.rb | 12 | ||||
-rw-r--r-- | lib/chef/win32/eventlog.rb | 2 | ||||
-rw-r--r-- | lib/chef/win32/security.rb | 40 | ||||
-rw-r--r-- | lib/chef/win32/security/sid.rb | 3 | ||||
-rw-r--r-- | lib/chef/win32/version.rb | 17 | ||||
-rw-r--r-- | spec/functional/event_loggers/windows_eventlog_spec.rb | 4 | ||||
-rw-r--r-- | spec/functional/resource/link_spec.rb | 8 | ||||
-rw-r--r-- | spec/functional/resource/powershell_script_spec.rb | 2 | ||||
-rw-r--r-- | spec/functional/win32/security_spec.rb | 1 | ||||
-rw-r--r-- | spec/functional/win32/versions_spec.rb | 16 | ||||
-rw-r--r-- | spec/spec_helper.rb | 2 | ||||
-rw-r--r-- | spec/support/platform_helpers.rb | 5 | ||||
-rw-r--r-- | spec/support/shared/functional/file_resource.rb | 2 | ||||
-rw-r--r-- | spec/unit/dsl/reboot_pending_spec.rb | 13 | ||||
-rw-r--r-- | spec/unit/platform/query_helpers_spec.rb | 13 | ||||
-rw-r--r-- | spec/unit/provider/link_spec.rb | 2 | ||||
-rw-r--r-- | spec/unit/provider/remote_directory_spec.rb | 2 | ||||
-rw-r--r-- | spec/unit/win32/security_spec.rb | 8 |
20 files changed, 36 insertions, 128 deletions
diff --git a/lib/chef/config.rb b/lib/chef/config.rb index 549872bfd7..f5466ae145 100644 --- a/lib/chef/config.rb +++ b/lib/chef/config.rb @@ -55,8 +55,7 @@ class Chef default :event_loggers do evt_loggers = [] - if ChefConfig.windows? && !(Chef::Platform.windows_server_2003? || - Chef::Platform.windows_nano_server?) + if ChefConfig.windows? && !Chef::Platform.windows_nano_server? evt_loggers << :win_evt end evt_loggers diff --git a/lib/chef/dsl/reboot_pending.rb b/lib/chef/dsl/reboot_pending.rb index fdd0f5a62b..2ebad7e039 100644 --- a/lib/chef/dsl/reboot_pending.rb +++ b/lib/chef/dsl/reboot_pending.rb @@ -44,14 +44,7 @@ class Chef registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired') || # Vista + Server 2008 and newer may have reboots pending from CBS - registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending') || - - # The mere existence of the UpdateExeVolatile key should indicate a pending restart for certain updates - # http://support.microsoft.com/kb/832475 - Chef::Platform.windows_server_2003? && - (registry_key_exists?('HKLM\SOFTWARE\Microsoft\Updates\UpdateExeVolatile') && - !registry_get_values('HKLM\SOFTWARE\Microsoft\Updates\UpdateExeVolatile').select { |v| v[:name] == "Flags" }[0].nil? && - [1, 2, 3].include?(registry_get_values('HKLM\SOFTWARE\Microsoft\Updates\UpdateExeVolatile').select { |v| v[:name] == "Flags" }[0][:data])) + registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending') elsif platform?("ubuntu") # This should work for Debian as well if update-notifier-common happens to be installed. We need an API for that. File.exists?("/var/run/reboot-required") diff --git a/lib/chef/platform/query_helpers.rb b/lib/chef/platform/query_helpers.rb index 624dc05e9c..b49010efc0 100644 --- a/lib/chef/platform/query_helpers.rb +++ b/lib/chef/platform/query_helpers.rb @@ -24,18 +24,6 @@ class Chef ChefConfig.windows? end - def windows_server_2003? - # WMI startup shouldn't be performed unless we're on Windows. - return false unless windows? - require "wmi-lite/wmi" - - wmi = WmiLite::Wmi.new - host = wmi.first_of("Win32_OperatingSystem") - is_server_2003 = (host["version"] && host["version"].start_with?("5.2")) - - is_server_2003 - end - def windows_nano_server? return false unless windows? require "win32/registry" diff --git a/lib/chef/win32/eventlog.rb b/lib/chef/win32/eventlog.rb index eae0ae4abf..418d72e65e 100644 --- a/lib/chef/win32/eventlog.rb +++ b/lib/chef/win32/eventlog.rb @@ -16,7 +16,7 @@ # limitations under the License. # -if Chef::Platform.windows? && (not Chef::Platform.windows_server_2003?) +if Chef::Platform.windows? if !defined? Chef::Win32EventLogLoaded if defined? Windows::Constants [:INFINITE, :WAIT_FAILED, :FORMAT_MESSAGE_IGNORE_INSERTS, :ERROR_INSUFFICIENT_BUFFER].each do |c| diff --git a/lib/chef/win32/security.rb b/lib/chef/win32/security.rb index 63b626b1d7..821d81ef81 100644 --- a/lib/chef/win32/security.rb +++ b/lib/chef/win32/security.rb @@ -643,32 +643,26 @@ class Chef # Checks if the caller has the admin privileges in their # security token def self.has_admin_privileges? - if Chef::Platform.windows_server_2003? - # Admin privileges do not exist on Windows Server 2003 - - true - else - # a regular user doesn't have privileges to call Chef::ReservedNames::Win32::Security.OpenProcessToken - # hence we return false if the open_current_process_token fails with `Access is denied.` error message. - begin - process_token = open_current_process_token(TOKEN_READ) - rescue Exception => run_error - return false if run_error.message =~ /Access is denied/ - Chef::ReservedNames::Win32::Error.raise! - end + # a regular user doesn't have privileges to call Chef::ReservedNames::Win32::Security.OpenProcessToken + # hence we return false if the open_current_process_token fails with `Access is denied.` error message. + begin + process_token = open_current_process_token(TOKEN_READ) + rescue Exception => run_error + return false if run_error.message =~ /Access is denied/ + Chef::ReservedNames::Win32::Error.raise! + end - # display token elevation details - token_elevation_type = get_token_information_elevation_type(process_token) - Chef::Log.debug("Token Elevation Type: #{token_elevation_type}") + # display token elevation details + token_elevation_type = get_token_information_elevation_type(process_token) + Chef::Log.debug("Token Elevation Type: #{token_elevation_type}") - elevation_result = FFI::Buffer.new(:ulong) - elevation_result_size = FFI::MemoryPointer.new(:uint32) - success = GetTokenInformation(process_token.handle.handle, :TokenElevation, elevation_result, 4, elevation_result_size) + elevation_result = FFI::Buffer.new(:ulong) + elevation_result_size = FFI::MemoryPointer.new(:uint32) + success = GetTokenInformation(process_token.handle.handle, :TokenElevation, elevation_result, 4, elevation_result_size) - # Assume process is not elevated if the call fails. - # Process is elevated if the result is different than 0. - success && (elevation_result.read_ulong != 0) - end + # Assume process is not elevated if the call fails. + # Process is elevated if the result is different than 0. + success && (elevation_result.read_ulong != 0) end def self.logon_user(username, domain, password, logon_type, logon_provider) diff --git a/lib/chef/win32/security/sid.rb b/lib/chef/win32/security/sid.rb index c77616853c..b551cbd2e3 100644 --- a/lib/chef/win32/security/sid.rb +++ b/lib/chef/win32/security/sid.rb @@ -248,8 +248,7 @@ class Chef # See https://technet.microsoft.com/en-us/library/cc961992.aspx # In practice, this is SID.Administrators if the current_user is an admin (even if not - # running elevated), and is current_user otherwise. On win2k3, it technically can be - # current_user in all cases if a certain group policy is set. + # running elevated), and is current_user otherwise. def self.default_security_object_owner token = Chef::ReservedNames::Win32::Security.open_current_process_token Chef::ReservedNames::Win32::Security.get_token_information_owner(token) diff --git a/lib/chef/win32/version.rb b/lib/chef/win32/version.rb index f8228d40b3..944cb207f5 100644 --- a/lib/chef/win32/version.rb +++ b/lib/chef/win32/version.rb @@ -76,15 +76,8 @@ class Chef @sp_minor_version = ver_info[:w_service_pack_minor] # Obtain sku information for the purpose of identifying - # datacenter, cluster, and core skus, the latter 2 only - # exist in releases after Windows Server 2003 - if ! Chef::Platform.windows_server_2003? - @sku = get_product_info(@major_version, @minor_version, @sp_major_version, @sp_minor_version) - else - # The get_product_info API is not supported on Win2k3, - # use an alternative to identify datacenter skus - @sku = get_datacenter_product_info_windows_server_2003(ver_info) - end + # datacenter, cluster, and core skus + @sku = get_product_info(@major_version, @minor_version, @sp_major_version, @sp_minor_version) end marketing_names = Array.new @@ -153,12 +146,6 @@ class Chef out.get_uint(0) end - def get_datacenter_product_info_windows_server_2003(ver_info) - # The intent is not to get the actual sku, just identify - # Windows Server 2003 datacenter - sku = (ver_info[:w_suite_mask] & VER_SUITE_DATACENTER) ? PRODUCT_DATACENTER_SERVER : 0 - end - end end end diff --git a/spec/functional/event_loggers/windows_eventlog_spec.rb b/spec/functional/event_loggers/windows_eventlog_spec.rb index 019595ea8d..8a9475680d 100644 --- a/spec/functional/event_loggers/windows_eventlog_spec.rb +++ b/spec/functional/event_loggers/windows_eventlog_spec.rb @@ -19,12 +19,12 @@ require "spec_helper" require "securerandom" require "chef/event_loggers/windows_eventlog" -if Chef::Platform.windows? && (not Chef::Platform.windows_server_2003?) +if Chef::Platform.windows? require "win32/eventlog" include Win32 end -describe Chef::EventLoggers::WindowsEventLogger, :windows_only, :not_supported_on_win2k3 do +describe Chef::EventLoggers::WindowsEventLogger, :windows_only do def rand random.rand(1 << 32).to_s end diff --git a/spec/functional/resource/link_spec.rb b/spec/functional/resource/link_spec.rb index e8a95436f7..8073bbc92e 100644 --- a/spec/functional/resource/link_spec.rb +++ b/spec/functional/resource/link_spec.rb @@ -172,7 +172,7 @@ describe Chef::Resource::Link do create_resource end - describe "when supported on platform", :not_supported_on_win2k3 do + describe "when supported on platform" do shared_examples_for "delete errors out" do it "delete errors out" do expect { resource.run_action(:delete) }.to raise_error(Chef::Exceptions::Link) @@ -694,10 +694,4 @@ describe Chef::Resource::Link do end end end - - describe "when not supported on platform", :win2k3_only do - it "raises error" do - expect { resource }.to raise_error(Chef::Exceptions::Win32APIFunctionNotImplemented) - end - end end diff --git a/spec/functional/resource/powershell_script_spec.rb b/spec/functional/resource/powershell_script_spec.rb index af345b0ea4..bbd304fd06 100644 --- a/spec/functional/resource/powershell_script_spec.rb +++ b/spec/functional/resource/powershell_script_spec.rb @@ -36,8 +36,6 @@ describe Chef::Resource::WindowsScript::PowershellScript, :windows_only do let(:cmdlet_exit_code_success_content) { "get-item ." } let(:windows_process_exit_code_success_content) { "#{ENV['SystemRoot']}\\system32\\attrib.exe $env:systemroot" } let(:windows_process_exit_code_not_found_content) { "findstr /notavalidswitch" } - # Note that process exit codes on 32-bit Win2k3 cannot - # exceed maximum value of signed integer let(:arbitrary_nonzero_process_exit_code) { 4193 } let(:arbitrary_nonzero_process_exit_code_content) { "exit #{arbitrary_nonzero_process_exit_code}" } let(:invalid_powershell_interpreter_flag) { "/thisflagisinvalid" } diff --git a/spec/functional/win32/security_spec.rb b/spec/functional/win32/security_spec.rb index 6c24cbec08..22c749b609 100644 --- a/spec/functional/win32/security_spec.rb +++ b/spec/functional/win32/security_spec.rb @@ -42,7 +42,6 @@ describe "Chef::Win32::Security", :windows_only do before do allow_any_instance_of(Chef::Mixin::UserContext).to receive(:node).and_return({ "platform_family" => "windows" }) - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(false) add_user = Mixlib::ShellOut.new("net user #{user} #{password} /ADD") add_user.run_command add_user.error! diff --git a/spec/functional/win32/versions_spec.rb b/spec/functional/win32/versions_spec.rb index d6e840ed7f..19bd0e3875 100644 --- a/spec/functional/win32/versions_spec.rb +++ b/spec/functional/win32/versions_spec.rb @@ -21,7 +21,7 @@ if Chef::Platform.windows? require "chef/win32/version" end -describe "Chef::ReservedNames::Win32::Version", :windows_only, :not_supported_on_win2k3 do +describe "Chef::ReservedNames::Win32::Version", :windows_only do before do wmi = WmiLite::Wmi.new @@ -31,14 +31,12 @@ describe "Chef::ReservedNames::Win32::Version", :windows_only, :not_supported_on # On Win2k8R2 and later, we can dynamically obtain marketing # names for comparison from WMI so the test should not # need to be modified when new Windows releases arise. - # For Win2k3 and Win2k8, we use static names in this test - # based on the version number information from WMI. The names - # from WMI contain extended characters such as registered - # trademark on Win2k8 and Win2k3 that we're not using in our - # library, so we have to set the expectation statically. - if Chef::Platform.windows_server_2003? - @current_os_version = "Windows Server 2003 R2" - elsif is_windows_server_2008?(host) + # For Win2k8 we use static names in this test based on the + # version number information from WMI. The names from WMI + # contain extended characters such as registered trademark + # on Win2k8 that we're not using in our library, so we have + # to set the expectation statically. + if is_windows_server_2008?(host) @current_os_version = "Windows Server 2008" else # The name from WMI is actually what we want in Win2k8R2+. diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index dbefbf29e4..78f8da7b51 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -146,11 +146,9 @@ RSpec.configure do |config| config.filter_run_excluding :not_supported_on_mac_osx_106 => true if mac_osx_106? config.filter_run_excluding :not_supported_on_mac_osx => true if mac_osx? config.filter_run_excluding :mac_osx_only => true if !mac_osx? - config.filter_run_excluding :not_supported_on_win2k3 => true if windows_win2k3? config.filter_run_excluding :not_supported_on_solaris => true if solaris? config.filter_run_excluding :not_supported_on_gce => true if gce? config.filter_run_excluding :not_supported_on_nano => true if windows_nano_server? - config.filter_run_excluding :win2k3_only => true unless windows_win2k3? config.filter_run_excluding :win2012r2_only => true unless windows_2012r2? config.filter_run_excluding :windows_2008r2_or_later => true unless windows_2008r2_or_later? config.filter_run_excluding :windows64_only => true unless windows64? diff --git a/spec/support/platform_helpers.rb b/spec/support/platform_helpers.rb index 3cc8778f7a..f015a6cd50 100644 --- a/spec/support/platform_helpers.rb +++ b/spec/support/platform_helpers.rb @@ -51,11 +51,6 @@ def windows_domain_joined? computer_system["partofdomain"] end -def windows_win2k3? - return false unless windows? - (host_version && host_version.start_with?("5.2")) -end - def windows_2008r2_or_later? return false unless windows? return false unless host_version diff --git a/spec/support/shared/functional/file_resource.rb b/spec/support/shared/functional/file_resource.rb index eb7a378db9..d025a0806d 100644 --- a/spec/support/shared/functional/file_resource.rb +++ b/spec/support/shared/functional/file_resource.rb @@ -399,7 +399,7 @@ shared_examples_for "a configured file resource" do content end - context "when the target file is a symlink", :not_supported_on_win2k3 do + context "when the target file is a symlink" do let(:symlink_target) do File.join(CHEF_SPEC_DATA, "file-test-target") end diff --git a/spec/unit/dsl/reboot_pending_spec.rb b/spec/unit/dsl/reboot_pending_spec.rb index 5cd7c7794f..2a12e27610 100644 --- a/spec/unit/dsl/reboot_pending_spec.rb +++ b/spec/unit/dsl/reboot_pending_spec.rb @@ -49,19 +49,6 @@ describe Chef::DSL::RebootPending do allow(recipe).to receive(:registry_key_exists?).with('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending').and_return(true) expect(recipe.reboot_pending?).to be_truthy end - - context "version is server 2003" do - before do - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(true) - end - - it 'should return true if value "HKLM\SOFTWARE\Microsoft\Updates\UpdateExeVolatile" contains specific data on 2k3' do - allow(recipe).to receive(:registry_key_exists?).with('HKLM\SOFTWARE\Microsoft\Updates\UpdateExeVolatile').and_return(true) - allow(recipe).to receive(:registry_get_values).with('HKLM\SOFTWARE\Microsoft\Updates\UpdateExeVolatile').and_return( - [{ :name => "Flags", :type => :dword, :data => 3 }]) - expect(recipe.reboot_pending?).to be_truthy - end - end end context "platform is ubuntu" do diff --git a/spec/unit/platform/query_helpers_spec.rb b/spec/unit/platform/query_helpers_spec.rb index aa2b3c1f11..ac5158e913 100644 --- a/spec/unit/platform/query_helpers_spec.rb +++ b/spec/unit/platform/query_helpers_spec.rb @@ -18,19 +18,6 @@ require "spec_helper" -describe "Chef::Platform#windows_server_2003?" do - it "returns false early when not on windows" do - allow(ChefConfig).to receive(:windows?).and_return(false) - expect(Chef::Platform).not_to receive(:require) - expect(Chef::Platform.windows_server_2003?).to be_falsey - end - - # CHEF-4888: Need to call WIN32OLE.ole_initialize in new threads - it "does not raise an exception" do - expect { Thread.fork { Chef::Platform.windows_server_2003? }.join }.not_to raise_error - end -end - describe "Chef::Platform#windows_nano_server?" do include_context "Win32" diff --git a/spec/unit/provider/link_spec.rb b/spec/unit/provider/link_spec.rb index 9426cf41dc..b233fac72b 100644 --- a/spec/unit/provider/link_spec.rb +++ b/spec/unit/provider/link_spec.rb @@ -25,7 +25,7 @@ if Chef::Platform.windows? require "chef/win32/file" #probably need this in spec_helper end -describe Chef::Resource::Link, :not_supported_on_win2k3 do +describe Chef::Resource::Link do let(:provider) do node = Chef::Node.new @events = Chef::EventDispatch::Dispatcher.new diff --git a/spec/unit/provider/remote_directory_spec.rb b/spec/unit/provider/remote_directory_spec.rb index cb1b6e3cd8..d391da3010 100644 --- a/spec/unit/provider/remote_directory_spec.rb +++ b/spec/unit/provider/remote_directory_spec.rb @@ -193,7 +193,7 @@ describe Chef::Provider::RemoteDirectory do expect(::File.exist?(@destination_dir + "/a/multiply/nested/directory/qux.txt")).to be_falsey end - it "removes directory symlinks properly", :not_supported_on_win2k3 do + it "removes directory symlinks properly" do symlinked_dir_path = @destination_dir + "/symlinked_dir" @provider.action = :create @provider.run_action diff --git a/spec/unit/win32/security_spec.rb b/spec/unit/win32/security_spec.rb index 6e4441a482..9d98ccdf49 100644 --- a/spec/unit/win32/security_spec.rb +++ b/spec/unit/win32/security_spec.rb @@ -65,14 +65,8 @@ describe "Chef::Win32::Security", :windows_only do end describe "self.has_admin_privileges?" do - it "returns true for windows server 2003" do - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(true) - expect(Chef::ReservedNames::Win32::Security.has_admin_privileges?).to be true - end - context "when the user doesn't have admin privileges" do it "returns false" do - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(false) allow(Chef::ReservedNames::Win32::Security).to receive(:open_current_process_token).and_raise("Access is denied.") expect(Chef::ReservedNames::Win32::Security.has_admin_privileges?).to be false end @@ -80,7 +74,6 @@ describe "Chef::Win32::Security", :windows_only do context "when open_current_process_token fails with some other error than `Access is Denied`" do it "raises error" do - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(false) allow(Chef::ReservedNames::Win32::Security).to receive(:open_current_process_token).and_raise("boom") expect { Chef::ReservedNames::Win32::Security.has_admin_privileges? }.to raise_error(Chef::Exceptions::Win32APIError) end @@ -88,7 +81,6 @@ describe "Chef::Win32::Security", :windows_only do context "when the user has admin privileges" do it "returns true" do - allow(Chef::Platform).to receive(:windows_server_2003?).and_return(false) allow(Chef::ReservedNames::Win32::Security).to receive(:open_current_process_token) token = Chef::ReservedNames::Win32::Security.open_current_process_token allow(token).to receive_message_chain(:handle, :handle) |