Class: Chef::FileAccessControl
- Defined in:
- lib/chef/file_access_control.rb
Overview
Chef::FileAccessControl
FileAccessControl objects set the owner, group and mode of file
to the values specified by a value object, usually a Chef::Resource.
Constant Summary collapse
- UINT =
(1 << 32)
- UID_MAX =
(1 << 32) - 10
Instance Attribute Summary collapse
-
#file ⇒ Object
readonly
Returns the value of attribute file.
-
#resource ⇒ Object
readonly
Returns the value of attribute resource.
Instance Method Summary collapse
-
#diminished_radix_complement(int) ⇒ Object
Workaround the fact that Ruby’s Etc module doesn’t believe in negative uids, so negative uids show up as the diminished radix complement of a uint.
-
#initialize(resource, file) ⇒ FileAccessControl
constructor
FileAccessControl objects set the owner, group and mode of
file
to the values specified byresource
. - #modified? ⇒ Boolean
- #set_all ⇒ Object
- #set_group ⇒ Object
- #set_mode ⇒ Object
- #set_owner ⇒ Object
- #stat ⇒ Object
- #target_gid ⇒ Object
- #target_mode ⇒ Object
- #target_uid ⇒ Object
Constructor Details
#initialize(resource, file) ⇒ FileAccessControl
FileAccessControl objects set the owner, group and mode of file
to the values specified by resource
. file
is completely independent of any file or path attribute on resource
, so it is possible to set access control settings on a tempfile (for example).
Arguments:
resource: probably a Chef::Resource::File object (or subclass), but
this is not required. Must respond to +owner+, +group+,
and +mode+
file: The file whose access control settings you wish to modify,
given as a String.
45 46 47 48 |
# File 'lib/chef/file_access_control.rb', line 45 def initialize(resource, file) @resource, @file = resource, file @modified = false end |
Instance Attribute Details
#file ⇒ Object (readonly)
Returns the value of attribute file.
33 34 35 |
# File 'lib/chef/file_access_control.rb', line 33 def file @file end |
#resource ⇒ Object (readonly)
Returns the value of attribute resource.
31 32 33 |
# File 'lib/chef/file_access_control.rb', line 31 def resource @resource end |
Instance Method Details
#diminished_radix_complement(int) ⇒ Object
Workaround the fact that Ruby’s Etc module doesn’t believe in negative uids, so negative uids show up as the diminished radix complement of a uint. For example, a uid of -2 is reported as 4294967294
63 64 65 66 67 68 69 |
# File 'lib/chef/file_access_control.rb', line 63 def diminished_radix_complement(int) if int > UID_MAX int - UINT else int end end |
#modified? ⇒ Boolean
50 51 52 |
# File 'lib/chef/file_access_control.rb', line 50 def modified? @modified end |
#set_all ⇒ Object
54 55 56 57 58 |
# File 'lib/chef/file_access_control.rb', line 54 def set_all set_owner set_group set_mode end |
#set_group ⇒ Object
107 108 109 110 111 112 113 |
# File 'lib/chef/file_access_control.rb', line 107 def set_group if (gid = target_gid) && (gid != stat.gid) File.chown(nil, gid, file) Chef::Log.info("#{log_string} group changed to #{gid}") modified end end |
#set_mode ⇒ Object
120 121 122 123 124 125 126 |
# File 'lib/chef/file_access_control.rb', line 120 def set_mode if (mode = target_mode) && (mode != (stat.mode & 007777)) File.chmod(target_mode, file) Chef::Log.info("#{log_string} mode changed to #{mode.to_s(8)}") modified end end |
#set_owner ⇒ Object
85 86 87 88 89 90 91 |
# File 'lib/chef/file_access_control.rb', line 85 def set_owner if (uid = target_uid) && (uid != stat.uid) File.chown(uid, nil, file) Chef::Log.info("#{log_string} owner changed to #{uid}") modified end end |
#stat ⇒ Object
129 130 131 |
# File 'lib/chef/file_access_control.rb', line 129 def stat @stat ||= ::File.stat(file) end |
#target_gid ⇒ Object
93 94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/chef/file_access_control.rb', line 93 def target_gid return nil if resource.group.nil? if resource.group.kind_of?(String) diminished_radix_complement( Etc.getgrnam(resource.group).gid ) elsif resource.group.kind_of?(Integer) resource.group else Chef::Log.error("The `group` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})") raise ArgumentError, "cannot resolve #{resource.group.inspect} to gid, group must be a string or integer" end rescue ArgumentError raise Chef::Exceptions::GroupIDNotFound, "cannot determine group id for '#{resource.group}', does the group exist on this system?" end |
#target_mode ⇒ Object
115 116 117 118 |
# File 'lib/chef/file_access_control.rb', line 115 def target_mode return nil if resource.mode.nil? (resource.mode.respond_to?(:oct) ? resource.mode.oct : resource.mode.to_i) & 007777 end |
#target_uid ⇒ Object
71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'lib/chef/file_access_control.rb', line 71 def target_uid return nil if resource.owner.nil? if resource.owner.kind_of?(String) diminished_radix_complement( Etc.getpwnam(resource.owner).uid ) elsif resource.owner.kind_of?(Integer) resource.owner else Chef::Log.error("The `owner` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})") raise ArgumentError, "cannot resolve #{resource.owner.inspect} to uid, owner must be a string or integer" end rescue ArgumentError raise Chef::Exceptions::UserIDNotFound, "cannot determine user id for '#{resource.owner}', does the user exist on this system?" end |