Class: Chef::FileAccessControl

Inherits:
Object
  • Object
show all
Defined in:
lib/chef/file_access_control.rb

Overview

Chef::FileAccessControl

FileAccessControl objects set the owner, group and mode of file to the values specified by a value object, usually a Chef::Resource.

Constant Summary collapse

UINT =
(1 << 32)
UID_MAX =
(1 << 32) - 10

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(resource, file) ⇒ FileAccessControl

FileAccessControl objects set the owner, group and mode of file to the values specified by resource. file is completely independent of any file or path attribute on resource, so it is possible to set access control settings on a tempfile (for example).

Arguments:

resource: probably a Chef::Resource::File object (or subclass), but

this is not required. Must respond to +owner+, +group+,
and +mode+

file: The file whose access control settings you wish to modify,

given as a String.


45
46
47
48
# File 'lib/chef/file_access_control.rb', line 45

def initialize(resource, file)
  @resource, @file = resource, file
  @modified = false
end

Instance Attribute Details

#fileObject (readonly)

Returns the value of attribute file.



33
34
35
# File 'lib/chef/file_access_control.rb', line 33

def file
  @file
end

#resourceObject (readonly)

Returns the value of attribute resource.



31
32
33
# File 'lib/chef/file_access_control.rb', line 31

def resource
  @resource
end

Instance Method Details

#diminished_radix_complement(int) ⇒ Object

Workaround the fact that Ruby’s Etc module doesn’t believe in negative uids, so negative uids show up as the diminished radix complement of a uint. For example, a uid of -2 is reported as 4294967294



63
64
65
66
67
68
69
# File 'lib/chef/file_access_control.rb', line 63

def diminished_radix_complement(int)
  if int > UID_MAX
    int - UINT
  else
    int
  end
end

#modified?Boolean

Returns:

  • (Boolean)


50
51
52
# File 'lib/chef/file_access_control.rb', line 50

def modified?
  @modified
end

#set_allObject



54
55
56
57
58
# File 'lib/chef/file_access_control.rb', line 54

def set_all
  set_owner
  set_group
  set_mode
end

#set_groupObject



107
108
109
110
111
112
113
# File 'lib/chef/file_access_control.rb', line 107

def set_group
  if (gid = target_gid) && (gid != stat.gid)
    File.chown(nil, gid, file)
    Chef::Log.info("#{log_string} group changed to #{gid}")
    modified
  end
end

#set_modeObject



120
121
122
123
124
125
126
# File 'lib/chef/file_access_control.rb', line 120

def set_mode
  if (mode = target_mode) && (mode != (stat.mode & 007777))
    File.chmod(target_mode, file)
    Chef::Log.info("#{log_string} mode changed to #{mode.to_s(8)}")
    modified
  end
end

#set_ownerObject



85
86
87
88
89
90
91
# File 'lib/chef/file_access_control.rb', line 85

def set_owner
  if (uid = target_uid) && (uid != stat.uid)
    File.chown(uid, nil, file)
    Chef::Log.info("#{log_string} owner changed to #{uid}")
    modified
  end
end

#statObject



129
130
131
# File 'lib/chef/file_access_control.rb', line 129

def stat
  @stat ||= ::File.stat(file)
end

#target_gidObject



93
94
95
96
97
98
99
100
101
102
103
104
105
# File 'lib/chef/file_access_control.rb', line 93

def target_gid
  return nil if resource.group.nil?
  if resource.group.kind_of?(String)
    diminished_radix_complement( Etc.getgrnam(resource.group).gid )
  elsif resource.group.kind_of?(Integer)
    resource.group
  else
    Chef::Log.error("The `group` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})")
    raise ArgumentError, "cannot resolve #{resource.group.inspect} to gid, group must be a string or integer"
  end
rescue ArgumentError
  raise Chef::Exceptions::GroupIDNotFound, "cannot determine group id for '#{resource.group}', does the group exist on this system?"
end

#target_modeObject



115
116
117
118
# File 'lib/chef/file_access_control.rb', line 115

def target_mode
  return nil if resource.mode.nil?
  (resource.mode.respond_to?(:oct) ? resource.mode.oct : resource.mode.to_i) & 007777
end

#target_uidObject



71
72
73
74
75
76
77
78
79
80
81
82
83
# File 'lib/chef/file_access_control.rb', line 71

def target_uid
  return nil if resource.owner.nil?
  if resource.owner.kind_of?(String)
    diminished_radix_complement( Etc.getpwnam(resource.owner).uid )
  elsif resource.owner.kind_of?(Integer)
    resource.owner
  else
    Chef::Log.error("The `owner` parameter of the #@resource resource is set to an invalid value (#{resource.owner.inspect})")
    raise ArgumentError, "cannot resolve #{resource.owner.inspect} to uid, owner must be a string or integer"
  end
rescue ArgumentError
  raise Chef::Exceptions::UserIDNotFound, "cannot determine user id for '#{resource.owner}', does the user exist on this system?"
end