Class: Chef::Provider::User::Linux

Inherits:
Chef::Provider::User show all
Defined in:
lib/chef/provider/user/linux.rb

Instance Attribute Summary

Attributes inherited from Chef::Provider::User

#change_desc, #locked, #user_exists

Attributes inherited from Chef::Provider

#action, #after_resource, #current_resource, #logger, #new_resource, #run_context

Instance Method Summary collapse

Methods inherited from Chef::Provider::User

#convert_group_name, #define_resource_requirements, #initialize, #load_shadow_options

Methods inherited from Chef::Provider

action, action_description, action_descriptions, #action_nothing, #check_resource_semantics!, #cleanup_after_converge, #compile_and_converge_action, #converge_by, #converge_if_changed, #cookbook_name, #define_resource_requirements, #description, #events, include_resource_dsl?, include_resource_dsl_module, #initialize, #introduced, #load_after_resource, #node, #process_resource_requirements, provides, provides?, #recipe_name, #requirements, #resource_collection, #resource_updated?, #run_action, #set_updated_status, supports?, use, use_inline_resources, #validate_required_properties!, #whyrun_mode?, #whyrun_supported?

Methods included from Mixin::Provides

#provided_as, #provides, #provides?

Methods included from Mixin::DescendantsTracker

descendants, #descendants, direct_descendants, #direct_descendants, find_descendants_by_name, #find_descendants_by_name, #inherited, store_inherited

Methods included from Mixin::LazyModuleInclude

#descendants, #include, #included

Methods included from Mixin::PowershellOut

#powershell_out, #powershell_out!

Methods included from Mixin::WindowsArchitectureHelper

#assert_valid_windows_architecture!, #disable_wow64_file_redirection, #forced_32bit_override_required?, #is_i386_process_on_x86_64_windows?, #node_supports_windows_architecture?, #node_windows_architecture, #restore_wow64_file_redirection, #valid_windows_architecture?, #with_os_architecture, #wow64_architecture_override_required?, #wow64_directory

Methods included from DSL::Secret

#default_secret_config, #default_secret_service, #secret, #with_secret_config, #with_secret_service

Methods included from DSL::RenderHelpers

#render_json, #render_toml, #render_yaml

Methods included from DSL::ReaderHelpers

#parse_file, #parse_json, #parse_toml, #parse_yaml

Methods included from DSL::Powershell

#ps_credential

Methods included from DSL::RegistryHelper

#registry_data_exists?, #registry_get_subkeys, #registry_get_values, #registry_has_subkeys?, #registry_key_exists?, #registry_value_exists?

Methods included from DSL::ChefVault

#chef_vault, #chef_vault_item, #chef_vault_item_for_environment

Methods included from DSL::DataQuery

#data_bag, #data_bag_item, #search, #tagged?

Methods included from EncryptedDataBagItem::CheckEncrypted

#encrypted?

Methods included from DSL::PlatformIntrospection

#older_than_win_2012_or_8?, #platform?, #platform_family?, #value_for_platform, #value_for_platform_family

Methods included from DSL::Recipe

#exec, #have_resource_class_for?, #resource_class_for

Methods included from DSL::Definitions

add_definition, #evaluate_resource_definition, #has_resource_definition?

Methods included from DSL::Resources

add_resource_dsl, remove_resource_dsl

Methods included from DSL::Cheffish

load_cheffish

Methods included from DSL::RebootPending

#reboot_pending?

Methods included from DSL::IncludeRecipe

#include_recipe, #load_recipe

Methods included from Mixin::NotifyingBlock

#notifying_block, #subcontext_block

Methods included from DSL::DeclareResource

#build_resource, #declare_resource, #delete_resource, #delete_resource!, #edit_resource, #edit_resource!, #find_resource, #find_resource!, #resources, #with_run_context

Methods included from DSL::Compliance

#include_input, #include_profile, #include_waiver

Constructor Details

This class inherits a constructor from Chef::Provider::User

Instance Method Details

#check_lockObject



121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# File 'lib/chef/provider/user/linux.rb', line 121

def check_lock
  # there's an old bug in rhel (https://bugzilla.redhat.com/show_bug.cgi?id=578534)
  # which means that both 0 and 1 can be success.
  passwd_s = shell_out("passwd", "-S", new_resource.username, returns: [ 0, 1 ])

  # checking "does not exist" has to come before exit code handling since centos and ubuntu differ in exit codes
  if /does not exist/.match?(passwd_s.stderr)
    return false if whyrun_mode?

    raise Chef::Exceptions::User, "User #{new_resource.username} does not exist when checking lock status for #{new_resource}"
  end

  # now raise if we didn't get a 0 or 1 (see above)
  passwd_s.error!

  # now the actual output parsing
  @locked = nil
  status_line = passwd_s.stdout.split(" ")
  @locked = false if /^[PN]/.match?(status_line[1])
  @locked = true if /^L/.match?(status_line[1])

  raise Chef::Exceptions::User, "Cannot determine if user #{new_resource.username} is locked for #{new_resource}" if @locked.nil?

  # FIXME: should probably go on the current_resource
  @locked
end

#compare_userObject



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/chef/provider/user/linux.rb', line 36

def compare_user
  user_changed = super

  @change_desc ||= []

  %i{expire_date inactive}.each do |user_attrib|
    new_val = new_resource.send(user_attrib)
    cur_val = current_resource.send(user_attrib)
    if !new_val.nil? && new_val.to_s != cur_val.to_s
      @change_desc << "change #{user_attrib} from #{cur_val} to #{new_val}"
    end
  end

  user_changed || !@change_desc.empty?
end

#create_userObject



52
53
54
# File 'lib/chef/provider/user/linux.rb', line 52

def create_user
  shell_out!("useradd", universal_options, useradd_options, new_resource.username)
end

#load_current_resourceObject



26
27
28
29
# File 'lib/chef/provider/user/linux.rb', line 26

def load_current_resource
  super
  load_shadow_options
end

#lock_userObject



69
70
71
# File 'lib/chef/provider/user/linux.rb', line 69

def lock_user
  shell_out!("usermod", "-L", new_resource.username)
end

#manage_userObject



56
57
58
59
60
61
62
63
# File 'lib/chef/provider/user/linux.rb', line 56

def manage_user
  manage_u = shell_out("usermod", universal_options, usermod_options, new_resource.username, returns: [0, 12])
  if manage_u.exitstatus == 12 && manage_u.stderr !~ /exists/
    raise Chef::Exceptions::User, "Unable to modify home directory for #{new_resource.username}"
  end

  manage_u.error!
end

#prop_is_set?(prop) ⇒ Boolean

Returns:

  • (Boolean)


148
149
150
151
152
# File 'lib/chef/provider/user/linux.rb', line 148

def prop_is_set?(prop)
  v = new_resource.send(prop.to_sym)

  !v.nil? && v != ""
end

#remove_userObject



65
66
67
# File 'lib/chef/provider/user/linux.rb', line 65

def remove_user
  shell_out!("userdel", userdel_options, new_resource.username)
end

#supports_ruby_shadow?Boolean

Returns:

  • (Boolean)


31
32
33
34
# File 'lib/chef/provider/user/linux.rb', line 31

def supports_ruby_shadow?
  # For target mode, ruby-shadow is redirected to a file-based implementation
  true unless ChefConfig::Config.target_mode?
end

#universal_optionsObject

common to usermod and useradd



78
79
80
81
82
83
84
85
86
87
88
89
90
# File 'lib/chef/provider/user/linux.rb', line 78

def universal_options
  opts = []
  opts << "-c" << new_resource.comment if should_set?(:comment)
  opts << "-e" << new_resource.expire_date if prop_is_set?(:expire_date)
  opts << "-g" << new_resource.gid if should_set?(:gid)
  opts << "-f" << new_resource.inactive if prop_is_set?(:inactive)
  opts << "-p" << new_resource.password if should_set?(:password)
  opts << "-s" << new_resource.shell if should_set?(:shell)
  opts << "-u" << new_resource.uid if should_set?(:uid)
  opts << "-d" << new_resource.home if updating_home?
  opts << "-o" if new_resource.non_unique
  opts
end

#unlock_userObject



73
74
75
# File 'lib/chef/provider/user/linux.rb', line 73

def unlock_user
  shell_out!("usermod", "-U", new_resource.username)
end

#useradd_optionsObject



103
104
105
106
107
108
109
110
111
112
# File 'lib/chef/provider/user/linux.rb', line 103

def useradd_options
  opts = []
  opts << "-r" if new_resource.system
  opts << if new_resource.manage_home
            "-m"
          else
            "-M"
          end
  opts
end

#userdel_optionsObject



114
115
116
117
118
119
# File 'lib/chef/provider/user/linux.rb', line 114

def userdel_options
  opts = []
  opts << "-r" if new_resource.manage_home
  opts << "-f" if new_resource.force
  opts
end

#usermod_optionsObject



92
93
94
95
96
97
98
99
100
101
# File 'lib/chef/provider/user/linux.rb', line 92

def usermod_options
  opts = []
  opts += [ "-u", new_resource.uid ] if new_resource.non_unique
  if updating_home?
    if new_resource.manage_home
      opts << "-m"
    end
  end
  opts
end