Class: Chef::Provider::Group::Dscl
- Inherits:
-
Chef::Provider::Group
- Object
- Chef::Provider
- Chef::Provider::Group
- Chef::Provider::Group::Dscl
- Defined in:
- lib/chef/provider/group/dscl.rb
Instance Attribute Summary
Attributes inherited from Chef::Provider::Group
Attributes inherited from Chef::Provider
#action, #after_resource, #current_resource, #logger, #new_resource, #run_context
Instance Method Summary collapse
- #create_group ⇒ Object
- #define_resource_requirements ⇒ Object
- #dscl(*args) ⇒ Object
- #dscl_create_group ⇒ Object
-
#get_free_gid(search_limit = 1000) ⇒ Object
get a free GID greater than 200.
- #gid_used?(gid) ⇒ Boolean
- #load_current_resource ⇒ Object
- #manage_group ⇒ Object
- #remove_group ⇒ Object
- #safe_dscl(*args) ⇒ Object
- #set_gid ⇒ Object
- #set_members ⇒ Object
Methods inherited from Chef::Provider::Group
#compare_group, #group_gid_match?, #group_members_match?, #has_current_group_member?, #initialize, #validate_member!
Methods inherited from Chef::Provider
action, action_description, action_descriptions, #action_nothing, #check_resource_semantics!, #cleanup_after_converge, #compile_and_converge_action, #converge_by, #converge_if_changed, #cookbook_name, #description, #events, include_resource_dsl?, include_resource_dsl_module, #initialize, #introduced, #load_after_resource, #node, #process_resource_requirements, provides, provides?, #recipe_name, #requirements, #resource_collection, #resource_updated?, #run_action, #set_updated_status, supports?, use, use_inline_resources, #validate_required_properties!, #whyrun_mode?, #whyrun_supported?
Methods included from Mixin::Provides
#provided_as, #provides, #provides?
Methods included from Mixin::DescendantsTracker
#descendants, descendants, direct_descendants, #direct_descendants, find_descendants_by_name, #find_descendants_by_name, #inherited, store_inherited
Methods included from Mixin::LazyModuleInclude
#descendants, #include, #included
Methods included from Mixin::PowershellOut
#powershell_out, #powershell_out!
Methods included from Mixin::WindowsArchitectureHelper
#assert_valid_windows_architecture!, #disable_wow64_file_redirection, #forced_32bit_override_required?, #is_i386_process_on_x86_64_windows?, #node_supports_windows_architecture?, #node_windows_architecture, #restore_wow64_file_redirection, #valid_windows_architecture?, #with_os_architecture, #wow64_architecture_override_required?, #wow64_directory
Methods included from DSL::Secret
#default_secret_config, #default_secret_service, #secret, #with_secret_config, #with_secret_service
Methods included from DSL::RenderHelpers
#render_json, #render_toml, #render_yaml
Methods included from DSL::ReaderHelpers
#parse_file, #parse_json, #parse_toml, #parse_yaml
Methods included from DSL::Powershell
Methods included from DSL::RegistryHelper
#registry_data_exists?, #registry_get_subkeys, #registry_get_values, #registry_has_subkeys?, #registry_key_exists?, #registry_value_exists?
Methods included from DSL::ChefVault
#chef_vault, #chef_vault_item, #chef_vault_item_for_environment
Methods included from DSL::DataQuery
#data_bag, #data_bag_item, #search, #tagged?
Methods included from EncryptedDataBagItem::CheckEncrypted
Methods included from DSL::PlatformIntrospection
#older_than_win_2012_or_8?, #platform?, #platform_family?, #value_for_platform, #value_for_platform_family
Methods included from DSL::Recipe
#exec, #have_resource_class_for?, #resource_class_for
Methods included from DSL::Definitions
add_definition, #evaluate_resource_definition, #has_resource_definition?
Methods included from DSL::Resources
add_resource_dsl, remove_resource_dsl
Methods included from DSL::Cheffish
Methods included from DSL::RebootPending
Methods included from DSL::IncludeRecipe
Methods included from Mixin::NotifyingBlock
#notifying_block, #subcontext_block
Methods included from DSL::DeclareResource
#build_resource, #declare_resource, #delete_resource, #delete_resource!, #edit_resource, #edit_resource!, #find_resource, #find_resource!, #resources, #with_run_context
Methods included from DSL::Compliance
#include_input, #include_profile, #include_waiver
Constructor Details
This class inherits a constructor from Chef::Provider::Group
Instance Method Details
#create_group ⇒ Object
151 152 153 154 155 |
# File 'lib/chef/provider/group/dscl.rb', line 151 def create_group dscl_create_group set_gid set_members end |
#define_resource_requirements ⇒ Object
142 143 144 145 146 147 148 149 |
# File 'lib/chef/provider/group/dscl.rb', line 142 def define_resource_requirements super requirements.assert(:all_actions) do |a| a.assertion { ::File.exist?("/usr/bin/dscl") } a. Chef::Exceptions::Group, "Could not find binary /usr/bin/dscl for #{new_resource.name}" # No whyrun alternative: this component should be available in the base install of any given system that uses it end end |
#dscl(*args) ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/chef/provider/group/dscl.rb', line 26 def dscl(*args) argdup = args.dup cmd = argdup.shift shellcmd = [ "dscl", ".", "-#{cmd}", argdup ] status = shell_out(shellcmd) stdout_result = "" stderr_result = "" status.stdout.each_line { |line| stdout_result << line } status.stderr.each_line { |line| stderr_result << line } [shellcmd.flatten.compact.join(" "), status, stdout_result, stderr_result] end |
#dscl_create_group ⇒ Object
169 170 171 172 |
# File 'lib/chef/provider/group/dscl.rb', line 169 def dscl_create_group safe_dscl("create", "/Groups/#{new_resource.group_name}") safe_dscl("create", "/Groups/#{new_resource.group_name}", "Password", "*") end |
#get_free_gid(search_limit = 1000) ⇒ Object
get a free GID greater than 200
76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/chef/provider/group/dscl.rb', line 76 def get_free_gid(search_limit = 1000) gid = nil; next_gid_guess = 200 groups_gids = safe_dscl("list", "/Groups", "gid") while next_gid_guess < search_limit + 200 if groups_gids&.match?(Regexp.new("#{Regexp.escape(next_gid_guess.to_s)}\n")) next_gid_guess += 1 else gid = next_gid_guess break end end gid || raise("gid not found. Exhausted. Searched #{search_limit} times") end |
#gid_used?(gid) ⇒ Boolean
90 91 92 93 94 95 96 97 98 99 |
# File 'lib/chef/provider/group/dscl.rb', line 90 def gid_used?(gid) return false unless gid search_gids = safe_dscl("search", "/Groups", "PrimaryGroupID", gid.to_s) # dscl -search should not return anything if the gid doesn't exist, # but on the off-chance that it does, check whether the given gid is # in the output. !!(search_gids =~ /\b#{gid}\b/) end |
#load_current_resource ⇒ Object
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/chef/provider/group/dscl.rb', line 47 def load_current_resource @current_resource = Chef::Resource::Group.new(new_resource.name) current_resource.group_name(new_resource.group_name) group_info = nil begin group_info = safe_dscl("read", "/Groups/#{new_resource.group_name}") rescue Chef::Exceptions::Group @group_exists = false logger.trace("#{new_resource} group does not exist") end if group_info group_info.each_line do |line| key, val = line.split(": ") val.strip! if val case key.downcase when "primarygroupid" new_resource.gid(val) unless new_resource.gid current_resource.gid(val) when "groupmembership" current_resource.members(val.split(" ")) end end end current_resource end |
#manage_group ⇒ Object
157 158 159 160 161 162 163 164 165 166 167 |
# File 'lib/chef/provider/group/dscl.rb', line 157 def manage_group if new_resource.group_name && (current_resource.group_name != new_resource.group_name) dscl_create_group end if new_resource.gid && (current_resource.gid != new_resource.gid.to_s) set_gid end if new_resource.members || new_resource.excluded_members set_members end end |
#remove_group ⇒ Object
174 175 176 |
# File 'lib/chef/provider/group/dscl.rb', line 174 def remove_group safe_dscl("delete", "/Groups/#{new_resource.group_name}") end |
#safe_dscl(*args) ⇒ Object
38 39 40 41 42 43 44 45 |
# File 'lib/chef/provider/group/dscl.rb', line 38 def safe_dscl(*args) result = dscl(*args) return "" if ( args.first =~ /^delete/ ) && ( result[1].exitstatus != 0 ) raise(Chef::Exceptions::Group, "dscl error: #{result.inspect}") unless result[1].exitstatus == 0 raise(Chef::Exceptions::Group, "dscl error: #{result.inspect}") if /No such key: /.match?(result[2]) result[2] end |
#set_gid ⇒ Object
101 102 103 104 105 106 |
# File 'lib/chef/provider/group/dscl.rb', line 101 def set_gid new_resource.gid(get_free_gid) if [nil, ""].include? new_resource.gid raise(Chef::Exceptions::Group, "gid is already in use") if gid_used?(new_resource.gid) safe_dscl("create", "/Groups/#{new_resource.group_name}", "PrimaryGroupID", new_resource.gid) end |
#set_members ⇒ Object
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
# File 'lib/chef/provider/group/dscl.rb', line 108 def set_members # First reset the memberships if the append is not set unless new_resource.append logger.trace("#{new_resource} removing group members #{current_resource.members.join(" ")}") unless current_resource.members.empty? safe_dscl("create", "/Groups/#{new_resource.group_name}", "GroupMembers", "") # clear guid list safe_dscl("create", "/Groups/#{new_resource.group_name}", "GroupMembership", "") # clear user list current_resource.members([ ]) end # Add any members that need to be added if new_resource.members && !new_resource.members.empty? members_to_be_added = [ ] new_resource.members.each do |member| members_to_be_added << member unless current_resource.members.include?(member) end unless members_to_be_added.empty? logger.trace("#{new_resource} setting group members #{members_to_be_added.join(", ")}") safe_dscl("append", "/Groups/#{new_resource.group_name}", "GroupMembership", *members_to_be_added) end end # Remove any members that need to be removed if new_resource.excluded_members && !new_resource.excluded_members.empty? members_to_be_removed = [ ] new_resource.excluded_members.each do |member| members_to_be_removed << member if current_resource.members.include?(member) end unless members_to_be_removed.empty? logger.trace("#{new_resource} removing group members #{members_to_be_removed.join(", ")}") safe_dscl("delete", "/Groups/#{new_resource.group_name}", "GroupMembership", *members_to_be_removed) end end end |