Class: Chef::Resource::User::MacUser

Inherits:
Chef::Resource::User show all
Defined in:
lib/chef/resource/user/mac_user.rb

Overview

Provide a user resource that is compatible with default TCC restrictions that were introduced in macOS 10.14.

Changes:

  • This resource and the corresponding provider have been modified to work with default macOS TCC policies. Direct access to user binary plists are no longer permitted by default, thus we've chosen to use a combination of newer utilities for managing user lifecycles and older utilities for managing passwords.

  • Due to tooling changes that were necessitated by the new policy restrictions the mac_user resource is only suitable for use on macOS

    = 10.14. Support for older platforms has been removed.

New Features:

  • Primary group management is now included.

  • 'admin' is now a boolean property that configures a user to an admin.

  • 'admin_username' and 'admin_password' are new properties that define the admin user credentials required for toggling SecureToken for a user.

The value of 'admin_username' must correspond to a system user that is part of the 'admin' with SecureToken enabled in order to toggle SecureToken.

  • 'secure_token' is a boolean property that sets the desired state for SecureToken. SecureToken token is required for FileVault full disk encryption.

  • 'secure_token_password' is the plaintext password required to enable or disable secure_token for a user. If no salt is specified we assume the 'password' property corresponds to a plaintext password and will attempt to use it in place of secure_token_password if it not set.

Constant Summary

Constants inherited from Chef::Resource

FORBIDDEN_IVARS, HIDDEN_IVARS

Instance Attribute Summary

Attributes inherited from Chef::Resource

#allowed_actions, #cookbook_name, #declared_type, #default_guard_interpreter, #elapsed_time, #enclosing_provider, #executed_by_runner, #logger, #params, #recipe_name, #resource_initializing, #run_context, #source_line, #updated

Method Summary

Methods inherited from Chef::Resource

#action, action, #action=, action_class, #action_description, #after_created, allowed_actions, allowed_actions=, #as_json, #before_notifications, chef_version_for_provides, #compile_time, #cookbook_version, #current_value, #current_value_does_not_exist!, #custom_exception_message, custom_resource?, #customize_exception, declare_action_class, #declared_key, default_action, default_action=, default_description, #defined_at, #delayed_action, #delayed_notifications, deprecated, description, #events, examples, from_hash, from_json, #guard_interpreter, #identity, identity_attr, identity_property, #ignore_failure, #immediate_notifications, inherited, #initialize, #inspect, introduced, is_custom_resource!, json_create, load_current_value, #load_from, #lookup_provider_constant, #method_missing, #name, #node, #not_if, #notifies, #notifies_before, #notifies_delayed, #notifies_immediately, #only_if, preview_resource, #provider, #provider=, #provider_for_action, provides, provides?, #resolve_notification_references, resource_for_node, resource_matching_short_name, resource_name, #resource_name, resource_name=, #retries, #retry_delay, #run_action, #sensitive, #should_skip?, skip_docs, sorted_descendants, #source_line_file, #source_line_number, state_attrs, #state_for_resource_reporter, #subscribes, #suppress_up_to_date_messages?, target_mode, #to_h, #to_json, #to_s, #to_text, #umask, unified_mode, #updated?, #updated_by_last_action, #updated_by_last_action?, use, #validate_action, #validate_resource_spec!, #value_to_text, #with_umask

Methods included from Mixin::Provides

#provided_as, #provides, #provides?

Methods included from Mixin::DescendantsTracker

#descendants, descendants, direct_descendants, #direct_descendants, find_descendants_by_name, #find_descendants_by_name, #inherited, store_inherited

Methods included from Mixin::LazyModuleInclude

#descendants, #include, #included

Methods included from Mixin::PowershellOut

#powershell_out, #powershell_out!

Methods included from Mixin::WindowsArchitectureHelper

#assert_valid_windows_architecture!, #disable_wow64_file_redirection, #forced_32bit_override_required?, #is_i386_process_on_x86_64_windows?, #node_supports_windows_architecture?, #node_windows_architecture, #restore_wow64_file_redirection, #valid_windows_architecture?, #with_os_architecture, #wow64_architecture_override_required?, #wow64_directory

Methods included from DSL::Secret

#default_secret_config, #default_secret_service, #secret, #with_secret_config, #with_secret_service

Methods included from DSL::RenderHelpers

#render_json, #render_toml, #render_yaml

Methods included from DSL::ReaderHelpers

#parse_file, #parse_json, #parse_toml, #parse_yaml

Methods included from DSL::Powershell

#ps_credential

Methods included from DSL::RegistryHelper

#registry_data_exists?, #registry_get_subkeys, #registry_get_values, #registry_has_subkeys?, #registry_key_exists?, #registry_value_exists?

Methods included from DSL::ChefVault

#chef_vault, #chef_vault_item, #chef_vault_item_for_environment

Methods included from DSL::DataQuery

#data_bag, #data_bag_item, #search, #tagged?

Methods included from EncryptedDataBagItem::CheckEncrypted

#encrypted?

Methods included from DSL::PlatformIntrospection

#older_than_win_2012_or_8?, #platform?, #platform_family?, #value_for_platform, #value_for_platform_family

Methods included from Mixin::ConvertToClassName

#convert_to_class_name, #convert_to_snake_case, #filename_to_qualified_string, #normalize_snake_case_name, #snake_case_basename

Methods included from Mixin::Deprecation

#deprecated_attr, #deprecated_attr_reader, #deprecated_attr_writer, #deprecated_ivar

Methods included from Mixin::Properties

#copy_properties_from, included, #property_description, #property_is_set?, #reset_property

Methods included from Mixin::ParamsValidate

#lazy, #set_or_return, #validate

Methods included from DSL::RebootPending

#reboot_pending?

Methods included from DSL::DeclareResource

#build_resource, #declare_resource, #delete_resource, #delete_resource!, #edit_resource, #edit_resource!, #find_resource, #find_resource!, #resources, #with_run_context

Constructor Details

This class inherits a constructor from Chef::Resource

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Chef::Resource