chef 10.24.4 → 10.26.0.beta.0

data/lib/chef/platform.rb

@@ -73,6 +73,14 @@ class Chef
               :mdadm => Chef::Provider::Mdadm
             }
           },
+          :gcel   => {
+            :default => {
+              :package => Chef::Provider::Package::Apt,
+              :service => Chef::Provider::Service::Debian,
+              :cron => Chef::Provider::Cron,
+              :mdadm => Chef::Provider::Mdadm
+            }
+          },
           :linaro   => {
             :default => {
               :package => Chef::Provider::Package::Apt,
@@ -245,7 +253,8 @@ class Chef
               :service => Chef::Provider::Service::Solaris,
               :package => Chef::Provider::Package::Ips,
               :cron => Chef::Provider::Cron::Solaris,
-              :group => Chef::Provider::Group::Usermod
+              :group => Chef::Provider::Group::Usermod,
+              :user => Chef::Provider::User::Solaris,
             }
           },
           :solaris2 => {
@@ -253,19 +262,22 @@ class Chef
               :service => Chef::Provider::Service::Solaris,
               :package => Chef::Provider::Package::Ips,
               :cron => Chef::Provider::Cron::Solaris,
-              :group => Chef::Provider::Group::Usermod
+              :group => Chef::Provider::Group::Usermod,
+              :user => Chef::Provider::User::Solaris
             },
             "5.9" => {
               :service => Chef::Provider::Service::Solaris,
               :package => Chef::Provider::Package::Solaris,
               :cron => Chef::Provider::Cron::Solaris,
-              :group => Chef::Provider::Group::Usermod
+              :group => Chef::Provider::Group::Usermod,
+              :user => Chef::Provider::User::Solaris
             },
             "5.10" => {
               :service => Chef::Provider::Service::Solaris,
               :package => Chef::Provider::Package::Solaris,
               :cron => Chef::Provider::Cron::Solaris,
-              :group => Chef::Provider::Group::Usermod
+              :group => Chef::Provider::Group::Usermod,
+              :user => Chef::Provider::User::Solaris
             }
           },
           :smartos => {
@@ -273,7 +285,8 @@ class Chef
               :service => Chef::Provider::Service::Solaris,
               :package => Chef::Provider::Package::SmartOS,
               :cron => Chef::Provider::Cron::Solaris,
-              :group => Chef::Provider::Group::Usermod
+              :group => Chef::Provider::Group::Usermod,
+              :user => Chef::Provider::User::Solaris
             }
           },
           :netbsd => {

data/lib/chef/provider/user/solaris.rb

@@ -0,0 +1,90 @@
+#
+# Author:: Stephen Nelson-Smith (<sns@opscode.com>)
+# Author:: Jon Ramsey (<jonathon.ramsey@gmail.com>)
+# Copyright:: Copyright (c) 2012 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+class Chef
+  class Provider
+    class User
+      class Solaris < Chef::Provider::User::Useradd
+        UNIVERSAL_OPTIONS = [[:comment, "-c"], [:gid, "-g"], [:shell, "-s"], [:uid, "-u"]]
+
+        attr_writer :password_file
+
+        def initialize(new_resource, run_context)
+          @password_file = "/etc/shadow"
+          super
+        end
+
+        def create_user
+          super
+          manage_password
+        end
+
+        def manage_user
+          manage_password
+          super
+        end
+
+      private
+
+        def manage_password
+          if @current_resource.password != @new_resource.password && @new_resource.password
+            Chef::Log.debug("#{@new_resource} setting password to #{@new_resource.password}")
+            write_shadow_file
+          end
+        end
+
+        def write_shadow_file
+          buffer = Tempfile.new("shadow", "/etc")
+          ::File.open(@password_file) do |shadow_file|
+            shadow_file.each do |entry|
+              user = entry.split(":").first
+              if user == @new_resource.username
+                buffer.write(updated_password(entry))
+              else
+                buffer.write(entry)
+              end
+            end
+          end
+          buffer.close
+
+          # FIXME: mostly duplicates code with file provider deploying a file
+          mode = ::File.stat(@password_file).mode & 07777
+          uid  = ::File.stat(@password_file).uid
+          gid  = ::File.stat(@password_file).gid
+
+          FileUtils.chown uid, gid, buffer.path
+          FileUtils.chmod mode, buffer.path
+
+          FileUtils.mv buffer.path, @password_file
+        end
+
+        def updated_password(entry)
+          fields = entry.split(":")
+          fields[1] = @new_resource.password
+          fields[2] = days_since_epoch
+          fields.join(":")
+        end
+
+        def days_since_epoch
+          (Time.now.to_i / 86400).floor
+        end
+      end
+    end
+  end
+end
+

data/lib/chef/provider/user/useradd.rb

@@ -6,9 +6,9 @@
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -21,7 +21,7 @@ require 'chef/provider/user'
 
 class Chef
   class Provider
-    class User 
+    class User
       class Useradd < Chef::Provider::User
         UNIVERSAL_OPTIONS = [[:comment, "-c"], [:gid, "-g"], [:password, "-p"], [:shell, "-s"], [:uid, "-u"]]
 
@@ -32,21 +32,23 @@ class Chef
           end
           run_command(:command => command)
         end
-        
+
         def manage_user
-          command = compile_command("usermod") do |u|
-            u << universal_options
+          if universal_options != ""
+            command = compile_command("usermod") do |u|
+              u << universal_options
+            end
+            run_command(:command => command)
           end
-          run_command(:command => command)
         end
-        
+
         def remove_user
           command = "userdel"
           command << " -r" if managing_home_dir?
           command << " #{@new_resource.username}"
           run_command(:command => command)
         end
-        
+
         def check_lock
           status = popen4("passwd -S #{@new_resource.username}") do |pid, stdin, stdout, stderr|
             status_line = stdout.gets.split(' ')
@@ -80,11 +82,11 @@ class Chef
 
           @locked
         end
-        
+
         def lock_user
           run_command(:command => "usermod -L #{@new_resource.username}")
         end
-        
+
         def unlock_user
           run_command(:command => "usermod -U #{@new_resource.username}")
         end
@@ -94,29 +96,36 @@ class Chef
           base_command << " #{@new_resource.username}"
           base_command
         end
-        
+
         def universal_options
-          opts = ''
-          
-          UNIVERSAL_OPTIONS.each do |field, option|
-            if @current_resource.send(field) != @new_resource.send(field)
-              if @new_resource.send(field)
-                Chef::Log.debug("#{@new_resource} setting #{field} to #{@new_resource.send(field)}")
-                opts << " #{option} '#{@new_resource.send(field)}'"
+          @universal_options ||=
+            begin
+              opts = ''
+              # magic allows UNIVERSAL_OPTIONS to be overridden in a subclass
+              self.class::UNIVERSAL_OPTIONS.each do |field, option|
+                update_options(field, option, opts)
               end
+              if updating_home?
+                if managing_home_dir?
+                  Chef::Log.debug("#{@new_resource} managing the users home directory")
+                  opts << " -m -d '#{@new_resource.home}'"
+                else
+                  Chef::Log.debug("#{@new_resource} setting home to #{@new_resource.home}")
+                  opts << " -d '#{@new_resource.home}'"
+                end
+              end
+              opts << " -o" if @new_resource.non_unique || @new_resource.supports[:non_unique]
+              opts
             end
-          end
-          if updating_home?
-            if managing_home_dir?
-              Chef::Log.debug("#{@new_resource} managing the users home directory")
-              opts << " -m -d '#{@new_resource.home}'"
-            else
-              Chef::Log.debug("#{@new_resource} setting home to #{@new_resource.home}")
-              opts << " -d '#{@new_resource.home}'"
+        end
+
+        def update_options(field, option, opts)
+          if @current_resource.send(field) != @new_resource.send(field)
+            if @new_resource.send(field)
+              Chef::Log.debug("#{@new_resource} setting #{field} to #{@new_resource.send(field)}")
+              opts << " #{option} '#{@new_resource.send(field)}'"
             end
           end
-          opts << " -o" if @new_resource.non_unique || @new_resource.supports[:non_unique]
-          opts
         end
 
         def useradd_options

data/lib/chef/providers.rb

@@ -82,6 +82,7 @@ require 'chef/provider/user/dscl'
 require 'chef/provider/user/pw'
 require 'chef/provider/user/useradd'
 require 'chef/provider/user/windows'
+require 'chef/provider/user/solaris'
 
 require 'chef/provider/group/aix'
 require 'chef/provider/group/dscl'

data/lib/chef/resource.rb

@@ -146,6 +146,15 @@ F
     include Chef::Mixin::ConvertToClassName
     include Chef::Mixin::Deprecation
 
+    if Module.method(:const_defined?).arity == 1
+      def self.strict_const_defined?(const)
+        const_defined?(const)
+      end
+    else
+      def self.strict_const_defined?(const)
+        const_defined?(const, false)
+      end
+    end
 
     # Set or return the list of "state attributes" implemented by the Resource
     # subclass. State attributes are attributes that describe the desired state
@@ -731,7 +740,7 @@ F
 
       # Add log entry if we override an existing light-weight resource.
       class_name = convert_to_class_name(rname)
-      if Chef::Resource.const_defined?(class_name, false)
+      if Chef::Resource.strict_const_defined?(class_name)
         Chef::Log.info("#{class_name} light-weight resource already initialized -- overriding!")
         old_class = Chef::Resource.send(:remove_const, class_name)
         Chef::Resource.resource_classes.delete(old_class)

data/lib/chef/shef/shef_session.rb

@@ -202,8 +202,8 @@ module Shef
       Chef::Cookbook::FileVendor.on_create { |manifest| Chef::Cookbook::RemoteFileVendor.new(manifest, Chef::REST.new(Chef::Config[:server_url])) }
       cookbook_hash = @client.sync_cookbooks
       cookbook_collection = Chef::CookbookCollection.new(cookbook_hash)
-      @run_context = Chef::RunContext.new(node, cookbook_collection, @events) 
-      @run_context.load(Chef::RunList::RunListExpansionFromAPI.new("_default", []))
+      @run_context = Chef::RunContext.new(node, cookbook_collection, @events)
+      @run_context.load(@node.run_list.expand(@node.chef_environment))
       @run_status.run_context = run_context
     end
 

data/lib/chef/version.rb

@@ -17,7 +17,7 @@
 
 class Chef
   CHEF_ROOT = File.dirname(File.expand_path(File.dirname(__FILE__)))
-  VERSION = '10.24.4'
+  VERSION = '10.26.0.beta.0'
 end
 
 # NOTE: the Chef::Version class is defined in version_class.rb

data/spec/unit/application/client_spec.rb

@@ -19,7 +19,7 @@ require 'spec_helper'
 
 describe Chef::Application::Client, "reconfigure" do
   before do
-    @original_config = Chef::Config.configuration
+    @original_config = Chef::Config.configuration.dup
 
     @app = Chef::Application::Client.new
     @app.stub!(:configure_opt_parser).and_return(true)
@@ -134,3 +134,38 @@ describe Chef::Application::Client, "setup_application" do
     Chef::Config[:solo] = false
   end
 end
+
+describe Chef::Application::Client, "run_application", :unix_only do
+  before do
+    Chef::Config[:daemonize] = false
+    Chef::Config[:interval] = 10
+
+    @pipe = IO.pipe
+    @app = Chef::Application::Client.new
+    @app.stub(:run_chef_client) do
+      @pipe[1].puts 'started'
+      sleep 1
+      @pipe[1].puts 'finished'
+    end
+  end
+
+  it "should exit gracefully when sent SIGTERM" do
+    pid = fork do
+      begin
+        @app.run_application
+      rescue SystemExit # expected
+      rescue Exception => e
+        $stderr.puts e
+        $stderr.puts e.backtrace
+      ensure
+        exit!
+      end
+    end
+    IO.select([@pipe[0]], nil, nil, 10).should_not be_nil
+    @pipe[0].gets.should == "started\n"
+    Process.kill("TERM", pid)
+    Process.wait
+    IO.select([@pipe[0]], nil, nil, 0).should_not be_nil
+    @pipe[0].gets.should == "finished\n"
+  end
+end

data/spec/unit/knife/cookbook_upload_spec.rb

@@ -41,7 +41,8 @@ describe Chef::Knife::CookbookUpload do
 
   describe 'run' do
     before(:each) do
-      @knife.stub!(:upload).and_return(true)
+      @cookbook_uploader = stub(:upload_cookbooks => nil)
+      Chef::CookbookUploader.stub(:new => @cookbook_uploader)
       Chef::CookbookVersion.stub(:list_all_versions).and_return({})
     end
 
@@ -125,8 +126,11 @@ describe Chef::Knife::CookbookUpload do
 
     describe 'when a frozen cookbook exists on the server' do
       it 'should fail to replace it' do
-        @knife.stub!(:upload).and_raise(Chef::Exceptions::CookbookFrozen)
-        @knife.ui.should_receive(:error).with(/Failed to upload 1 cookbook/)
+        exception = Chef::Exceptions::CookbookFrozen.new
+        @cookbook_uploader.should_receive(:upload_cookbooks).
+          and_raise(exception)
+        @knife.ui.stub(:error)
+        @knife.ui.should_receive(:error).with(exception)
         lambda { @knife.run }.should raise_error(SystemExit)
       end
 
@@ -140,5 +144,5 @@ describe Chef::Knife::CookbookUpload do
         lambda { @knife.run }.should raise_error(SystemExit)
       end
     end
-  end
-end # run
+  end # run
+end

data/spec/unit/platform_spec.rb

@@ -35,7 +35,8 @@ describe "Chef::Platform supports" do
     :solaris,
     :mswin,
     :mingw32,
-    :windows
+    :windows,
+    :gcel
   ].each do |platform|
     it "#{platform}" do
       Chef::Platform.platforms.should have_key(platform)

data/spec/unit/provider/user/solaris_spec.rb

@@ -0,0 +1,414 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Daniel DeLeo (<dan@opscode.com>)
+# Copyright:: Copyright (c) 2008, 2010 Opscode, Inc.
+#
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+
+describe Chef::Provider::User::Solaris do
+  before(:each) do
+    @node = Chef::Node.new
+    @events = Chef::EventDispatch::Dispatcher.new
+    @run_context = Chef::RunContext.new(@node, {}, @events)
+
+    @new_resource = Chef::Resource::User.new("adam", @run_context)
+    @new_resource.comment "Adam Jacob"
+    @new_resource.uid 1000
+    @new_resource.gid 1000
+    @new_resource.home "/home/adam"
+    @new_resource.shell "/usr/bin/zsh"
+    @new_resource.password "abracadabra"
+    @new_resource.system false
+    @new_resource.manage_home false
+    @new_resource.non_unique false
+    @current_resource = Chef::Resource::User.new("adam", @run_context)
+    @current_resource.comment "Adam Jacob"
+    @current_resource.uid 1000
+    @current_resource.gid 1000
+    @current_resource.home "/home/adam"
+    @current_resource.shell "/usr/bin/zsh"
+    @current_resource.password "abracadabra"
+    @current_resource.system false
+    @current_resource.manage_home false
+    @current_resource.non_unique false
+    @current_resource.supports({:manage_home => false, :non_unique => false})
+    @provider = Chef::Provider::User::Solaris.new(@new_resource, @run_context)
+    @provider.current_resource = @current_resource
+  end
+
+  describe "when setting option" do
+    field_list = {
+      'comment' => "-c",
+      'gid' => "-g",
+      'uid' => "-u",
+      'shell' => "-s"
+    }
+
+    field_list.each do |attribute, option|
+      it "should check for differences in #{attribute} between the new and current resources" do
+        @current_resource.should_receive(attribute)
+        @new_resource.should_receive(attribute)
+        @provider.universal_options
+      end
+
+      it "should set the option for #{attribute} if the new resources #{attribute} is not nil" do
+        @new_resource.stub!(attribute).and_return("hola")
+        @provider.universal_options.should eql(" #{option} 'hola'")
+      end
+
+      it "should set the option for #{attribute} if the new resources #{attribute} is not nil, without homedir management" do
+        @new_resource.stub!(:supports).and_return({:manage_home => false,
+                                                    :non_unique => false})
+        @new_resource.stub!(attribute).and_return("hola")
+        @provider.universal_options.should eql(" #{option} 'hola'")
+      end
+
+      it "should set the option for #{attribute} if the new resources #{attribute} is not nil, without homedir management (using real attributes)" do
+        @new_resource.stub!(:manage_home).and_return(false)
+        @new_resource.stub!(:non_unique).and_return(false)
+        @new_resource.stub!(attribute).and_return("hola")
+        @provider.universal_options.should eql(" #{option} 'hola'")
+      end
+    end
+
+    it "should combine all the possible options" do
+      match_string = ""
+      field_list.sort{ |a,b| a[0] <=> b[0] }.each do |attribute, option|
+        @new_resource.stub!(attribute).and_return("hola")
+        match_string << " #{option} 'hola'"
+      end
+      @provider.universal_options.should eql(match_string)
+    end
+
+    describe "when we want to set a password" do
+      before do
+        @new_resource.password "hocus-pocus"
+      end
+
+      it "should use its own shadow file writer to set the password" do
+        @provider.should_receive(:write_shadow_file)
+        @provider.stub!(:run_command).and_return(true)
+        @provider.manage_user
+      end
+
+      it "should write out a modified version of the password file" do
+        password_file = Tempfile.new("shadow")
+        password_file.puts "adam:existingpassword:15441::::::"
+        password_file.close
+        @provider.password_file = password_file.path
+        @provider.stub!(:run_command).and_return(true)
+        # may not be able to write to /etc for tests...
+        temp_file = Tempfile.new("shadow")
+        Tempfile.stub!(:new).with("shadow", "/etc").and_return(temp_file)
+        @new_resource.password "verysecurepassword"
+        @provider.manage_user
+        ::File.open(password_file.path, "r").read.should =~ /adam:verysecurepassword:/
+        password_file.unlink
+      end
+    end
+
+    describe "when we want to create a system user" do
+      before do
+        @new_resource.manage_home(true)
+        @new_resource.non_unique(false)
+      end
+
+      it "should set useradd -r" do
+        @new_resource.system(true)
+        @provider.useradd_options.should == " -r"
+      end
+    end
+
+    describe "when the resource has a different home directory and supports home directory management" do
+      before do
+        @new_resource.stub!(:home).and_return("/wowaweea")
+        @new_resource.stub!(:supports).and_return({:manage_home => true,
+                                                   :non_unique => false})
+      end
+
+      it "should set -m -d /homedir" do
+        @provider.universal_options.should == " -m -d '/wowaweea'"
+        @provider.useradd_options.should == ""
+      end
+    end
+
+    describe "when the resource has a different home directory and supports home directory management (using real attributes)" do
+      before do
+        @new_resource.stub!(:home).and_return("/wowaweea")
+        @new_resource.stub!(:manage_home).and_return(true)
+        @new_resource.stub!(:non_unique).and_return(false)
+      end
+
+      it "should set -m -d /homedir" do
+        @provider.universal_options.should eql(" -m -d '/wowaweea'")
+        @provider.useradd_options.should == ""
+      end
+    end
+
+    describe "when the resource supports non_unique ids" do
+      before do
+        @new_resource.stub!(:supports).and_return({:manage_home => false,
+                                                  :non_unique => true})
+      end
+
+      it "should set -m -o" do
+        @provider.universal_options.should eql(" -o")
+      end
+    end
+
+    describe "when the resource supports non_unique ids (using real attributes)" do
+      before do
+        @new_resource.stub!(:manage_home).and_return(false)
+        @new_resource.stub!(:non_unique).and_return(true)
+      end
+
+      it "should set -m -o" do
+        @provider.universal_options.should eql(" -o")
+      end
+    end
+  end
+
+  describe "when creating a user" do
+    before(:each) do
+      @current_resource = Chef::Resource::User.new(@new_resource.name, @run_context)
+      @current_resource.username(@new_resource.username)
+      @provider.current_resource = @current_resource
+      @provider.new_resource.manage_home true
+      @provider.new_resource.home "/Users/mud"
+      @provider.new_resource.gid '23'
+    end
+
+    it "runs useradd with the computed command options" do
+      command = "useradd -c 'Adam Jacob' -g '23' -s '/usr/bin/zsh' -u '1000' -m -d '/Users/mud' adam"
+      @provider.should_receive(:run_command).with({ :command => command }).and_return(true)
+      @provider.should_receive(:manage_password).and_return(nil)
+      @provider.create_user
+    end
+
+    describe "and home is not specified for new system user resource" do
+
+      before do
+        @provider.new_resource.system true
+        # there is no public API to set attribute's value to nil
+        @provider.new_resource.instance_variable_set("@home", nil)
+      end
+
+      it "should not include -m or -d in the command options" do
+        command = "useradd -c 'Adam Jacob' -g '23' -s '/usr/bin/zsh' -u '1000' -r adam"
+        @provider.should_receive(:run_command).with({ :command => command }).and_return(true)
+        @provider.should_receive(:manage_password).and_return(nil)
+        @provider.create_user
+      end
+
+    end
+
+  end
+
+  describe "when managing a user" do
+    before(:each) do
+      @provider.new_resource.manage_home true
+      @provider.new_resource.home "/Users/mud"
+      @provider.new_resource.gid '23'
+    end
+
+    # CHEF-3423, -m must come before the username
+    it "runs usermod with the computed command options" do
+      @provider.should_receive(:run_command).with({ :command => "usermod -g '23' -m -d '/Users/mud' adam" }).and_return(true)
+      @provider.manage_user
+    end
+
+    it "does not set the -r option to usermod" do
+      @new_resource.system(true)
+      @provider.should_receive(:run_command).with({ :command => "usermod -g '23' -m -d '/Users/mud' adam" }).and_return(true)
+      @provider.manage_user
+    end
+
+    it "CHEF-3429: does not set -m if we aren't changing the home directory" do
+      @provider.should_receive(:updating_home?).and_return(false)
+      @provider.should_receive(:run_command).with({ :command => "usermod -g '23' adam" }).and_return(true)
+      @provider.manage_user
+    end
+  end
+
+  describe "when removing a user" do
+
+    it "should run userdel with the new resources user name" do
+      @provider.should_receive(:run_command).with({ :command => "userdel #{@new_resource.username}" }).and_return(true)
+      @provider.remove_user
+    end
+
+    it "should run userdel with the new resources user name and -r if manage_home is true" do
+      @new_resource.stub!(:supports).and_return({ :manage_home => true,
+                                                  :non_unique => false})
+      @provider.should_receive(:run_command).with({ :command => "userdel -r #{@new_resource.username}"}).and_return(true)
+      @provider.remove_user
+    end
+
+    it "should run userdel with the new resources user name if non_unique is true" do
+      @new_resource.stub!(:supports).and_return({ :manage_home => false,
+                                                  :non_unique => true})
+      @provider.should_receive(:run_command).with({ :command => "userdel #{@new_resource.username}"}).and_return(true)
+      @provider.remove_user
+    end
+  end
+
+  describe "when checking the lock" do
+    before(:each) do
+      # @node = Chef::Node.new
+      # @new_resource = mock("Chef::Resource::User",
+      #   :nil_object => true,
+      #   :username => "adam"
+      # )
+      @status = mock("Status", :exitstatus => 0)
+      #@provider = Chef::Provider::User::Useradd.new(@node, @new_resource)
+      @provider.stub!(:popen4).and_return(@status)
+      @stdin = mock("STDIN", :nil_object => true)
+      @stdout = mock("STDOUT", :nil_object => true)
+      @stdout.stub!(:gets).and_return("root P 09/02/2008 0 99999 7 -1")
+      @stderr = mock("STDERR", :nil_object => true)
+      @pid = mock("PID", :nil_object => true)
+    end
+
+    it "should call passwd -S to check the lock status" do
+      @provider.should_receive(:popen4).with("passwd -S #{@new_resource.username}").and_return(@status)
+      @provider.check_lock
+    end
+
+    it "should get the first line of passwd -S STDOUT" do
+      @provider.should_receive(:popen4).and_yield(@pid, @stdin, @stdout, @stderr).and_return(@status)
+      @stdout.should_receive(:gets).and_return("root P 09/02/2008 0 99999 7 -1")
+      @provider.check_lock
+    end
+
+    it "should return false if status begins with P" do
+      @provider.should_receive(:popen4).and_yield(@pid, @stdin, @stdout, @stderr).and_return(@status)
+      @provider.check_lock.should eql(false)
+    end
+
+    it "should return false if status begins with N" do
+      @stdout.stub!(:gets).and_return("root N")
+      @provider.should_receive(:popen4).and_yield(@pid, @stdin, @stdout, @stderr).and_return(@status)
+      @provider.check_lock.should eql(false)
+    end
+
+    it "should return true if status begins with L" do
+      @stdout.stub!(:gets).and_return("root L")
+      @provider.should_receive(:popen4).and_yield(@pid, @stdin, @stdout, @stderr).and_return(@status)
+      @provider.check_lock.should eql(true)
+    end
+
+    it "should raise a Chef::Exceptions::User if passwd -S fails on anything other than redhat/centos" do
+      @node.automatic_attrs[:platform] = 'ubuntu'
+      @status.should_receive(:exitstatus).and_return(1)
+      lambda { @provider.check_lock }.should raise_error(Chef::Exceptions::User)
+    end
+
+    ['redhat', 'centos'].each do |os|
+      it "should not raise a Chef::Exceptions::User if passwd -S exits with 1 on #{os} and the passwd package is version 0.73-1" do
+        @node.automatic_attrs[:platform] = os
+        @stdout.stub!(:gets).and_return("passwd-0.73-1\n")
+        @status.should_receive(:exitstatus).twice.and_return(1)
+        @provider.should_receive(:popen4).with("passwd -S #{@new_resource.username}")
+        @provider.should_receive(:popen4).with("rpm -q passwd").and_yield(@pid, @stdin, @stdout, @stderr).and_return(@status)
+        lambda { @provider.check_lock }.should_not raise_error(Chef::Exceptions::User)
+      end
+
+      it "should raise a Chef::Exceptions::User if passwd -S exits with 1 on #{os} and the passwd package is not version 0.73-1" do
+        @node.automatic_attrs[:platform] = os
+        @stdout.stub!(:gets).and_return("passwd-0.73-2\n")
+        @status.should_receive(:exitstatus).twice.and_return(1)
+        @provider.should_receive(:popen4).with("passwd -S #{@new_resource.username}")
+        @provider.should_receive(:popen4).with("rpm -q passwd").and_yield(@pid, @stdin, @stdout, @stderr).and_return(@status)
+        lambda { @provider.check_lock }.should raise_error(Chef::Exceptions::User)
+      end
+
+      it "should raise a Chef::Exceptions::User if passwd -S exits with something other than 0 or 1 on #{os}" do
+        @node.automatic_attrs[:platform] = os
+        @status.should_receive(:exitstatus).twice.and_return(2)
+        lambda { @provider.check_lock }.should raise_error(Chef::Exceptions::User)
+      end
+    end
+  end
+
+  describe "when locking the user" do
+    it "should run usermod -L with the new resources username" do
+      @provider.should_receive(:run_command).with({ :command => "usermod -L #{@new_resource.username}"})
+      @provider.lock_user
+    end
+  end
+
+  describe "when unlocking the user" do
+    it "should run usermod -L with the new resources username" do
+      @provider.should_receive(:run_command).with({ :command => "usermod -U #{@new_resource.username}"})
+      @provider.unlock_user
+    end
+  end
+
+  describe "when checking if home needs updating" do
+    [
+     {
+       "action" => "should return false if home matches",
+       "current_resource_home" => [ "/home/laurent" ],
+       "new_resource_home" => [ "/home/laurent" ],
+       "expected_result" => false
+     },
+     {
+       "action" => "should return true if home doesn't match",
+       "current_resource_home" => [ "/home/laurent" ],
+       "new_resource_home" => [ "/something/else" ],
+       "expected_result" => true
+     },
+     {
+       "action" => "should return false if home only differs by trailing slash",
+       "current_resource_home" => [ "/home/laurent" ],
+       "new_resource_home" => [ "/home/laurent/", "/home/laurent" ],
+       "expected_result" => false
+     },
+     {
+       "action" => "should return false if home is an equivalent path",
+       "current_resource_home" => [ "/home/laurent" ],
+       "new_resource_home" => [ "/home/./laurent", "/home/laurent" ],
+       "expected_result" => false
+     },
+    ].each do |home_check|
+      it home_check["action"] do
+        @provider.current_resource.home home_check["current_resource_home"].first
+        @current_home_mock = mock("Pathname")
+        @provider.new_resource.home home_check["new_resource_home"].first
+        @new_home_mock = mock("Pathname")
+
+        Pathname.should_receive(:new).with(@current_resource.home).and_return(@current_home_mock)
+        @current_home_mock.should_receive(:cleanpath).and_return(home_check["current_resource_home"].last)
+        Pathname.should_receive(:new).with(@new_resource.home).and_return(@new_home_mock)
+        @new_home_mock.should_receive(:cleanpath).and_return(home_check["new_resource_home"].last)
+
+        @provider.updating_home?.should == home_check["expected_result"]
+      end
+    end
+    it "should return true if the current home does not exist but a home is specified by the new resource" do
+      @new_resource = Chef::Resource::User.new("adam", @run_context)
+      @current_resource = Chef::Resource::User.new("adam", @run_context)
+      @provider = Chef::Provider::User::Solaris.new(@new_resource, @run_context)
+      @provider.current_resource = @current_resource
+      @current_resource.home nil
+      @new_resource.home "/home/kitten"
+
+      @provider.updating_home?.should == true
+    end
+  end
+end