Module: Chef::FileAccessControl::Unix

Included in:
Chef::FileAccessControl
Defined in:
lib/chef/file_access_control/unix.rb

Constant Summary collapse

UINT = 
(1 << 32)
UID_MAX = 
(1 << 32) - 10

Instance Method Summary collapse

Instance Method Details

#diminished_radix_complement(int) ⇒ Object

Workaround the fact that Ruby’s Etc module doesn’t believe in negative uids, so negative uids show up as the diminished radix complement of a uint. For example, a uid of -2 is reported as 4294967294



38
39
40
41
42
43
44
 
# File 'lib/chef/file_access_control/unix.rb', line 38

def diminished_radix_complement(int)
  if int > UID_MAX
    int - UINT
  else
    int
  end
end

#set_allObject 



29
30
31
32
33
 
# File 'lib/chef/file_access_control/unix.rb', line 29

def set_all
  set_owner
  set_group
  set_mode unless resource.instance_of?(Chef::Resource::Link)
end

#set_groupObject 



82
83
84
85
86
87
88
 
# File 'lib/chef/file_access_control/unix.rb', line 82

def set_group
  if (gid = target_gid) && (gid != stat.gid)
    chown(nil, gid, file)
    Chef::Log.info("#{log_string} group changed to #{gid}")
    modified
  end
end

#set_modeObject

TODO rename this to a more generic set_permissions



97
98
99
100
101
102
103
 
# File 'lib/chef/file_access_control/unix.rb', line 97

def set_mode
  if (mode = target_mode) && (mode != (stat.mode & 007777))
    File.chmod(target_mode, file)
    Chef::Log.info("#{log_string} mode changed to #{mode.to_s(8)}")
    modified
  end
end

#set_ownerObject 



60
61
62
63
64
65
66
 
# File 'lib/chef/file_access_control/unix.rb', line 60

def set_owner
  if (uid = target_uid) && (uid != stat.uid)
    chown(uid, nil, file)
    Chef::Log.info("#{log_string} owner changed to #{uid}")
    modified
  end
end

#statObject 



105
106
107
 
# File 'lib/chef/file_access_control/unix.rb', line 105

def stat
  @stat ||= ::File.stat(file)
end

#target_gidObject 



68
69
70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/chef/file_access_control/unix.rb', line 68

def target_gid
  return nil if resource.group.nil?
  if resource.group.kind_of?(String)
    diminished_radix_complement( Etc.getgrnam(resource.group).gid )
  elsif resource.group.kind_of?(Integer)
    resource.group
  else
    Chef::Log.error("The `group` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})")
    raise ArgumentError, "cannot resolve #{resource.group.inspect} to gid, group must be a string or integer"
  end
rescue ArgumentError
  raise Chef::Exceptions::GroupIDNotFound, "cannot determine group id for '#{resource.group}', does the group exist on this system?"
end

#target_modeObject

TODO rename this to a more generic target_permissions



91
92
93
94
 
# File 'lib/chef/file_access_control/unix.rb', line 91

def target_mode
  return nil if resource.mode.nil?
  (resource.mode.respond_to?(:oct) ? resource.mode.oct : resource.mode.to_i) & 007777
end

#target_uidObject 



46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/chef/file_access_control/unix.rb', line 46

def target_uid
  return nil if resource.owner.nil?
  if resource.owner.kind_of?(String)
    diminished_radix_complement( Etc.getpwnam(resource.owner).uid )
  elsif resource.owner.kind_of?(Integer)
    resource.owner
  else
    Chef::Log.error("The `owner` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})")
    raise ArgumentError, "cannot resolve #{resource.owner.inspect} to uid, owner must be a string or integer"
  end
rescue ArgumentError
  raise Chef::Exceptions::UserIDNotFound, "cannot determine user id for '#{resource.owner}', does the user exist on this system?"
end