class Chef::Provider::User
Attributes
change_desc[RW]
locked[RW]
user_exists[RW]
Public Class Methods
new(new_resource, run_context)
click to toggle source
Calls superclass method
Chef::Provider::new
# File lib/chef/provider/user.rb, line 29 def initialize(new_resource, run_context) super @user_exists = true @locked = nil @shadow_lib_ok = true @group_name_resolved = true end
Public Instance Methods
check_lock()
click to toggle source
# File lib/chef/provider/user.rb, line 249 def check_lock raise NotImplementedError end
compare_user()
click to toggle source
Check to see if the user needs any changes
Returns¶ ↑
- <true>
-
If a change is required
- <false>
-
If the users are identical
# File lib/chef/provider/user.rb, line 149 def compare_user @change_desc = [] if !new_resource.home.nil? && Pathname.new(new_resource.home).cleanpath != Pathname.new(current_resource.home).cleanpath @change_desc << "change homedir from #{current_resource.home} to #{new_resource.home}" end %i{comment shell password uid gid}.each do |user_attrib| new_val = new_resource.send(user_attrib) cur_val = current_resource.send(user_attrib) if !new_val.nil? && new_val.to_s != cur_val.to_s @change_desc << "change #{user_attrib} from #{cur_val} to #{new_val}" end end !@change_desc.empty? end
convert_group_name()
click to toggle source
# File lib/chef/provider/user.rb, line 37 def convert_group_name if new_resource.gid.is_a?(String) && new_resource.gid.to_i == 0 new_resource.gid(TargetIO::Etc.getgrnam(new_resource.gid).gid) end rescue ArgumentError @group_name_resolved = false end
create_user()
click to toggle source
# File lib/chef/provider/user.rb, line 229 def create_user raise NotImplementedError end
define_resource_requirements()
click to toggle source
# File lib/chef/provider/user.rb, line 119 def define_resource_requirements requirements.assert(:create, :modify, :manage, :lock, :unlock) do |a| a.assertion { @group_name_resolved } a.failure_message Chef::Exceptions::User, "Couldn't lookup integer GID for group name #{new_resource.gid}" a.whyrun "group name #{new_resource.gid} does not exist. This will cause group assignment to fail. Assuming this group will have been created previously." end requirements.assert(:all_actions) do |a| a.assertion { !supports_ruby_shadow? || @shadow_lib_ok } a.failure_message Chef::Exceptions::MissingLibrary, "You must have ruby-shadow installed for password support!" a.whyrun "ruby-shadow is not installed. Attempts to set user password will cause failure. Assuming that this gem will have been previously installed." \ "Note that user update converge may report false-positive on the basis of mismatched password. " end requirements.assert(:all_actions) do |a| # either neither linux-only value is set, or we need to be on Linux. a.assertion { (!new_resource.expire_date && !new_resource.inactive) || linux? } a.failure_message Chef::Exceptions::User, "Properties expire_date and inactive are not supported by this OS or have not been implemented for this OS yet." a.whyrun "Properties expire_date and inactive are ignored as they are not supported by this OS or have not been implemented yet for this OS" end requirements.assert(:modify, :lock, :unlock) do |a| a.assertion { @user_exists } a.failure_message(Chef::Exceptions::User, "Cannot modify user #{new_resource.username} - does not exist!") a.whyrun("Assuming user #{new_resource.username} would have been created") end end
load_current_resource()
click to toggle source
# File lib/chef/provider/user.rb, line 45 def load_current_resource @current_resource = Chef::Resource::User.new(new_resource.name) current_resource.username(new_resource.username) begin user_info = TargetIO::Etc.getpwnam(new_resource.username) rescue ArgumentError @user_exists = false logger.trace("#{new_resource} user does not exist") user_info = nil end if user_info current_resource.uid(user_info.uid) current_resource.gid(user_info.gid) current_resource.home(user_info.dir) current_resource.shell(user_info.shell) current_resource.password(user_info.passwd) if new_resource.comment user_info.gecos.force_encoding(new_resource.comment.encoding) end current_resource.comment(user_info.gecos) begin require "shadow" # Cannot use this library remotely @shadow_lib_ok = false if ChefConfig::Config.target_mode? rescue LoadError @shadow_lib_ok = false else @shadow_info = TargetIO::Shadow::Passwd.getspnam(new_resource.username) # This conditional remains in place until we can sort out whether we need it. # Currently removing it causes tests to fail, but that /seems/ to be mocking/setup issues. # Some notes for context: # 1. Ruby's ETC.getpwnam makes use of /etc/passwd file (https://github.com/ruby/etc/blob/master/ext/etc/etc.c), # which returns "x" for a nil password. on AIX it returns a "*" # (https://www.ibm.com/docs/bg/aix/7.2?topic=passwords-using-etcpasswd-file) # 2. On AIX platforms ruby_shadow does not work as it does not # store encrypted passwords in the /etc/passwd file but in /etc/security/passwd file. # The AIX provider for user currently declares it does not support ruby-shadow. if new_resource.password && current_resource.password == "x" current_resource.password(@shadow_info.sp_pwdp) end end convert_group_name if new_resource.gid end current_resource end
load_shadow_options()
click to toggle source
# File lib/chef/provider/user.rb, line 105 def load_shadow_options unless @shadow_info.nil? current_resource.inactive(@shadow_info.sp_inact&.to_i) # sp_expire gives time since epoch in days till expiration. Need to convert that # to time in seconds since epoch and output date format for comparison expire_date = if @shadow_info.sp_expire.nil? @shadow_info.sp_expire else Time.at(@shadow_info.sp_expire * 60 * 60 * 24).strftime("%Y-%m-%d") end current_resource.expire_date(expire_date) end end
lock_user()
click to toggle source
# File lib/chef/provider/user.rb, line 241 def lock_user raise NotImplementedError end
manage_user()
click to toggle source
# File lib/chef/provider/user.rb, line 237 def manage_user raise NotImplementedError end
remove_user()
click to toggle source
# File lib/chef/provider/user.rb, line 233 def remove_user raise NotImplementedError end
supports_ruby_shadow?()
click to toggle source
An overridable for platforms that do not support ruby shadow. This way we can verify that the platform supports ruby shadow before requiring that it be available.
# File lib/chef/provider/user.rb, line 101 def supports_ruby_shadow? true end
unlock_user()
click to toggle source
# File lib/chef/provider/user.rb, line 245 def unlock_user raise NotImplementedError end
Private Instance Methods
should_set?(sym)
click to toggle source
helpers for subclasses
# File lib/chef/provider/user.rb, line 259 def should_set?(sym) current_resource.send(sym).to_s != new_resource.send(sym).to_s && new_resource.send(sym) end
updating_home?()
click to toggle source
# File lib/chef/provider/user.rb, line 263 def updating_home? return false if new_resource.home.nil? return true if current_resource.home.nil? # Pathname#cleanpath matches more edge conditions than File.expand_path() new_resource.home && Pathname.new(current_resource.home).cleanpath != Pathname.new(new_resource.home).cleanpath end