Class: Chef::FileAccessControl

Inherits:

Object

• Object
• Chef::FileAccessControl

Defined in:

lib/chef/file_access_control.rb

Overview

Chef::FileAccessControl

FileAccessControl objects set the owner, group and mode of file to the values specified by a value object, usually a Chef::Resource.

Constant Summary

UINT =

(1 << 32)

UID_MAX =

(1 << 31)

Instance Attribute Summary

• #file ⇒ Object readonly

  Returns the value of attribute file.

• #resource ⇒ Object readonly

  Returns the value of attribute resource.

Instance Method Summary

• #dimished_radix_complement(int) ⇒ Object

  Workaround the fact that Ruby’s Etc module doesn’t believe in negative uids, so negative uids show up as the diminished radix complement of a uint.

• #initialize(resource, file) ⇒ FileAccessControl constructor

  FileAccessControl objects set the owner, group and mode of file to the values specified by resource.

• #modified? ⇒ Boolean
• #set_all ⇒ Object
• #set_group ⇒ Object
• #set_mode ⇒ Object
• #set_owner ⇒ Object
• #stat ⇒ Object
• #target_gid ⇒ Object
• #target_mode ⇒ Object
• #target_uid ⇒ Object

Constructor Details

#initialize(resource, file) ⇒ FileAccessControl

FileAccessControl objects set the owner, group and mode of file to the values specified by resource. file is completely independent of any file or path attribute on resource, so it is possible to set access control settings on a tempfile (for example).

Arguments:

resource: probably a Chef::Resource::File object (or subclass), but

this is not required. Must respond to +owner+, +group+,
and +mode+

file: The file whose access control settings you wish to modify,

given as a String.

# File 'lib/chef/file_access_control.rb', line 45

def initialize(resource, file)
  @resource, @file = resource, file
  @modified = false
end

Instance Attribute Details

#file ⇒ Object (readonly)

Returns the value of attribute file.

# File 'lib/chef/file_access_control.rb', line 33

def file
  @file
end

#resource ⇒ Object (readonly)

Returns the value of attribute resource.

# File 'lib/chef/file_access_control.rb', line 31

def resource
  @resource
end

Instance Method Details

#dimished_radix_complement(int) ⇒ Object

Workaround the fact that Ruby’s Etc module doesn’t believe in negative uids, so negative uids show up as the diminished radix complement of a uint. For example, a uid of -2 is reported as 4294967294

# File 'lib/chef/file_access_control.rb', line 63

def dimished_radix_complement(int)
  if int > UID_MAX
    int - UINT
  else
    int
  end
end

#modified? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/file_access_control.rb', line 50

def modified?
  @modified
end

#set_all ⇒ Object

# File 'lib/chef/file_access_control.rb', line 54

def set_all
  set_owner
  set_group
  set_mode
end

#set_group ⇒ Object

# File 'lib/chef/file_access_control.rb', line 107

def set_group
  if (gid = target_gid) && (gid != stat.gid)
    Chef::Log.debug("setting group on #{file} to #{gid}")
    File.chown(nil, gid, file)
    modified
  end
end

#set_mode ⇒ Object

# File 'lib/chef/file_access_control.rb', line 120

def set_mode
  if (mode = target_mode) && (mode != (stat.mode & 007777))
    Chef::Log.debug("setting mode on #{file} to #{mode.to_s(8)}")
    File.chmod(target_mode, file)
    modified
  end
end

#set_owner ⇒ Object

# File 'lib/chef/file_access_control.rb', line 85

def set_owner
  if (uid = target_uid) && (uid != stat.uid)
    Chef::Log.debug("setting owner on #{file} to #{uid}")
    File.chown(uid, nil, file)
    modified
  end
end

#stat ⇒ Object

# File 'lib/chef/file_access_control.rb', line 129

def stat
  @stat ||= ::File.stat(file)
end

#target_gid ⇒ Object

# File 'lib/chef/file_access_control.rb', line 93

def target_gid
  return nil if resource.group.nil?
  if resource.group.kind_of?(String)
    dimished_radix_complement( Etc.getgrnam(resource.group).gid )
  elsif resource.group.kind_of?(Integer)
    resource.group
  else
    Chef::Log.error("The `group` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})")
    raise ArgumentError, "cannot resolve #{resource.group.inspect} to gid, group must be a string or integer"
  end
rescue ArgumentError
  raise Chef::Exceptions::GroupIDNotFound, "cannot determine group id for '#{resource.group}', does the group exist on this system?"
end

#target_mode ⇒ Object

# File 'lib/chef/file_access_control.rb', line 115

def target_mode
  return nil if resource.mode.nil?
  (resource.mode.respond_to?(:oct) ? resource.mode.oct : resource.mode.to_i) & 007777
end

#target_uid ⇒ Object

# File 'lib/chef/file_access_control.rb', line 71

def target_uid
  return nil if resource.owner.nil?
  if resource.owner.kind_of?(String)
    dimished_radix_complement( Etc.getpwnam(resource.owner).uid )
  elsif resource.owner.kind_of?(Integer)
    resource.owner
  else
    Chef::Log.error("The `owner` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})")
    raise ArgumentError, "cannot resolve #{resource.owner.inspect} to uid, owner must be a string or integer"
  end
rescue ArgumentError
  raise Chef::Exceptions::UserIDNotFound, "cannot determine user id for '#{resource.owner}', does the user exist on this system?"
end