chef 12.17.44 → 12.18.31

data/lib/chef/provider/user/linux.rb

@@ -24,23 +24,23 @@ class Chef
         provides :user, os: "linux"
 
         def create_user
-          shell_out!(*clean_array("useradd", universal_options, useradd_options, new_resource.username))
+          shell_out_compact!("useradd", universal_options, useradd_options, new_resource.username)
         end
 
         def manage_user
-          shell_out!(*clean_array("usermod", universal_options, usermod_options, new_resource.username))
+          shell_out_compact!("usermod", universal_options, usermod_options, new_resource.username)
         end
 
         def remove_user
-          shell_out!(*clean_array("userdel", userdel_options, new_resource.username))
+          shell_out_compact!("userdel", userdel_options, new_resource.username)
         end
 
         def lock_user
-          shell_out!(*clean_array("usermod", "-L", new_resource.username))
+          shell_out_compact!("usermod", "-L", new_resource.username)
         end
 
         def unlock_user
-          shell_out!(*clean_array("usermod", "-U", new_resource.username))
+          shell_out_compact!("usermod", "-U", new_resource.username)
         end
 
         # common to usermod and useradd
@@ -69,11 +69,11 @@ class Chef
         def useradd_options
           opts = []
           opts << "-r" if new_resource.system
-          if managing_home_dir?
-            opts << "-m"
-          else
-            opts << "-M"
-          end
+          opts << if managing_home_dir?
+                    "-m"
+                  else
+                    "-M"
+                  end
           opts
         end
 
@@ -97,15 +97,12 @@ class Chef
         def check_lock
           # there's an old bug in rhel (https://bugzilla.redhat.com/show_bug.cgi?id=578534)
           # which means that both 0 and 1 can be success.
-          passwd_s = shell_out("passwd", "-S", new_resource.username, returns: [ 0, 1 ])
+          passwd_s = shell_out_compact("passwd", "-S", new_resource.username, returns: [ 0, 1 ])
 
           # checking "does not exist" has to come before exit code handling since centos and ubuntu differ in exit codes
           if passwd_s.stderr =~ /does not exist/
-            if whyrun_mode?
-              return false
-            else
-              raise Chef::Exceptions::User, "User #{new_resource.username} does not exist when checking lock status for #{new_resource}"
-            end
+            return false if whyrun_mode?
+            raise Chef::Exceptions::User, "User #{new_resource.username} does not exist when checking lock status for #{new_resource}"
           end
 
           # now raise if we didn't get a 0 or 1 (see above)

data/lib/chef/provider/user/pw.rb

@@ -27,49 +27,45 @@ class Chef
 
         def load_current_resource
           super
-          raise Chef::Exceptions::User, "Could not find binary /usr/sbin/pw for #{@new_resource}" unless ::File.exists?("/usr/sbin/pw")
+          raise Chef::Exceptions::User, "Could not find binary /usr/sbin/pw for #{new_resource}" unless ::File.exist?("/usr/sbin/pw")
         end
 
         def create_user
-          command = "pw useradd"
-          command << set_options
-          run_command(:command => command)
+          shell_out_compact!("pw", "useradd", set_options)
           modify_password
         end
 
         def manage_user
-          command = "pw usermod"
-          command << set_options
-          run_command(:command => command)
+          shell_out_compact!("pw", "usermod", set_options)
           modify_password
         end
 
         def remove_user
-          command = "pw userdel #{@new_resource.username}"
-          command << " -r" if managing_home_dir?
-          run_command(:command => command)
+          command = [ "pw", "userdel", new_resource.username ]
+          command << "-r" if managing_home_dir?
+          shell_out_compact!(command)
         end
 
         def check_lock
-          case @current_resource.password
-          when /^\*LOCKED\*/
-            @locked = true
-          else
-            @locked = false
-          end
+          @locked = case current_resource.password
+                    when /^\*LOCKED\*/
+                      true
+                    else
+                      false
+                    end
           @locked
         end
 
         def lock_user
-          run_command(:command => "pw lock #{@new_resource.username}")
+          shell_out_compact!("pw", "lock", new_resource.username)
         end
 
         def unlock_user
-          run_command(:command => "pw unlock #{@new_resource.username}")
+          shell_out_compact!("pw", "unlock", new_resource.username)
         end
 
         def set_options
-          opts = " #{@new_resource.username}"
+          opts = [ new_resource.username ]
 
           field_list = {
             "comment" => "-c",
@@ -80,26 +76,26 @@ class Chef
           }
           field_list.sort { |a, b| a[0] <=> b[0] }.each do |field, option|
             field_symbol = field.to_sym
-            if @current_resource.send(field_symbol) != @new_resource.send(field_symbol)
-              if @new_resource.send(field_symbol)
-                Chef::Log.debug("#{@new_resource} setting #{field} to #{@new_resource.send(field_symbol)}")
-                opts << " #{option} '#{@new_resource.send(field_symbol)}'"
-              end
+            next unless current_resource.send(field_symbol) != new_resource.send(field_symbol)
+            if new_resource.send(field_symbol)
+              Chef::Log.debug("#{new_resource} setting #{field} to #{new_resource.send(field_symbol)}")
+              opts << option
+              opts << new_resource.send(field_symbol)
             end
           end
           if managing_home_dir?
-            Chef::Log.debug("#{@new_resource} is managing the users home directory")
-            opts << " -m"
+            Chef::Log.debug("#{new_resource} is managing the users home directory")
+            opts << "-m"
           end
           opts
         end
 
         def modify_password
-          if (not @new_resource.password.nil?) && (@current_resource.password != @new_resource.password)
+          if !new_resource.password.nil? && (current_resource.password != new_resource.password)
             Chef::Log.debug("#{new_resource} updating password")
-            command = "pw usermod #{@new_resource.username} -H 0"
-            status = popen4(command, :waitlast => true) do |pid, stdin, stdout, stderr|
-              stdin.puts "#{@new_resource.password}"
+            command = "pw usermod #{new_resource.username} -H 0"
+            status = popen4(command, waitlast: true) do |pid, stdin, stdout, stderr|
+              stdin.puts new_resource.password.to_s
             end
 
             unless status.exitstatus == 0

data/lib/chef/provider/user/solaris.rb

@@ -26,7 +26,7 @@ class Chef
       class Solaris < Chef::Provider::User::Useradd
         provides :solaris_user
         provides :user, os: %w{omnios solaris2}
-        UNIVERSAL_OPTIONS = [[:comment, "-c"], [:gid, "-g"], [:shell, "-s"], [:uid, "-u"]]
+        UNIVERSAL_OPTIONS = [[:comment, "-c"], [:gid, "-g"], [:shell, "-s"], [:uid, "-u"]].freeze
 
         attr_writer :password_file
 
@@ -46,22 +46,22 @@ class Chef
         end
 
         def check_lock
-          user = IO.read(@password_file).match(/^#{Regexp.escape(@new_resource.username)}:([^:]*):/)
+          user = IO.read(@password_file).match(/^#{Regexp.escape(new_resource.username)}:([^:]*):/)
 
           # If we're in whyrun mode, and the user is not created, we assume it will be
           return false if whyrun_mode? && user.nil?
 
-          raise Chef::Exceptions::User, "Cannot determine if #{@new_resource} is locked!" if user.nil?
+          raise Chef::Exceptions::User, "Cannot determine if #{new_resource} is locked!" if user.nil?
 
           @locked = user[1].start_with?("*LK*")
         end
 
         def lock_user
-          shell_out!("passwd", "-l", new_resource.username)
+          shell_out_compact!("passwd", "-l", new_resource.username)
         end
 
         def unlock_user
-          shell_out!("passwd", "-u", new_resource.username)
+          shell_out_compact!("passwd", "-u", new_resource.username)
         end
 
         private
@@ -82,10 +82,9 @@ class Chef
         end
 
         def manage_password
-          if @current_resource.password != @new_resource.password && @new_resource.password
-            Chef::Log.debug("#{@new_resource} setting password to #{@new_resource.password}")
-            write_shadow_file
-          end
+          return unless current_resource.password != new_resource.password && new_resource.password
+          Chef::Log.debug("#{new_resource} setting password to #{new_resource.password}")
+          write_shadow_file
         end
 
         def write_shadow_file
@@ -93,7 +92,7 @@ class Chef
           ::File.open(@password_file) do |shadow_file|
             shadow_file.each do |entry|
               user = entry.split(":").first
-              if user == @new_resource.username
+              if user == new_resource.username
                 buffer.write(updated_password(entry))
               else
                 buffer.write(entry)
@@ -104,7 +103,7 @@ class Chef
 
           # FIXME: mostly duplicates code with file provider deploying a file
           s = ::File.stat(@password_file)
-          mode = s.mode & 07777
+          mode = s.mode & 0o7777
           uid  = s.uid
           gid  = s.gid
 
@@ -116,7 +115,7 @@ class Chef
 
         def updated_password(entry)
           fields = entry.split(":")
-          fields[1] = @new_resource.password
+          fields[1] = new_resource.password
           fields[2] = days_since_epoch
           fields.join(":")
         end

data/lib/chef/provider/user/useradd.rb

@@ -23,25 +23,25 @@ class Chef
   class Provider
     class User
       class Useradd < Chef::Provider::User
-        # MAJOR XXX: this should become the base class of all Useradd providers instead of the linux implementation
+        # the linux version of this has been forked off, this is the base class now of solaris and AIX and should be abandoned
+        # and those provider should be rewritten like the linux version.
 
-        UNIVERSAL_OPTIONS = [[:comment, "-c"], [:gid, "-g"], [:password, "-p"], [:shell, "-s"], [:uid, "-u"]]
+        UNIVERSAL_OPTIONS = [[:comment, "-c"], [:gid, "-g"], [:password, "-p"], [:shell, "-s"], [:uid, "-u"]].freeze
 
         def create_user
           command = compile_command("useradd") do |useradd|
             useradd.concat(universal_options)
             useradd.concat(useradd_options)
           end
-          shell_out!(*command)
+          shell_out_compact!(command)
         end
 
         def manage_user
-          unless universal_options.empty?
-            command = compile_command("usermod") do |u|
-              u.concat(universal_options)
-            end
-            shell_out!(*command)
+          return if universal_options.empty?
+          command = compile_command("usermod") do |u|
+            u.concat(universal_options)
           end
+          shell_out_compact!(command)
         end
 
         def remove_user
@@ -49,19 +49,19 @@ class Chef
           command << "-r" if managing_home_dir?
           command << "-f" if new_resource.force
           command << new_resource.username
-          shell_out!(*command)
+          shell_out_compact!(command)
         end
 
         def check_lock
           # we can get an exit code of 1 even when it's successful on
           # rhel/centos (redhat bug 578534). See additional error checks below.
-          passwd_s = shell_out!("passwd", "-S", new_resource.username, :returns => [0, 1])
+          passwd_s = shell_out_compact!("passwd", "-S", new_resource.username, returns: [0, 1])
           if whyrun_mode? && passwd_s.stdout.empty? && passwd_s.stderr.match(/does not exist/)
             # if we're in whyrun mode and the user is not yet created we assume it would be
             return false
           end
 
-          raise Chef::Exceptions::User, "Cannot determine if #{@new_resource} is locked!" if passwd_s.stdout.empty?
+          raise Chef::Exceptions::User, "Cannot determine if #{new_resource} is locked!" if passwd_s.stdout.empty?
 
           status_line = passwd_s.stdout.split(" ")
           case status_line[1]
@@ -76,7 +76,7 @@ class Chef
           unless passwd_s.exitstatus == 0
             raise_lock_error = false
             if %w{redhat centos}.include?(node[:platform])
-              passwd_version_check = shell_out!("rpm -q passwd")
+              passwd_version_check = shell_out_compact!("rpm", "-q", "passwd")
               passwd_version = passwd_version_check.stdout.chomp
 
               unless passwd_version == "passwd-0.73-1"
@@ -93,11 +93,11 @@ class Chef
         end
 
         def lock_user
-          shell_out!("usermod", "-L", new_resource.username)
+          shell_out_compact!("usermod", "-L", new_resource.username)
         end
 
         def unlock_user
-          shell_out!("usermod", "-U", new_resource.username)
+          shell_out_compact!("usermod", "-U", new_resource.username)
         end
 
         def compile_command(base_command)
@@ -130,12 +130,10 @@ class Chef
         end
 
         def update_options(field, option, opts)
-          if @current_resource.send(field).to_s != new_resource.send(field).to_s
-            if new_resource.send(field)
-              Chef::Log.debug("#{new_resource} setting #{field} to #{new_resource.send(field)}")
-              opts << option << new_resource.send(field).to_s
-            end
-          end
+          return unless current_resource.send(field).to_s != new_resource.send(field).to_s
+          return unless new_resource.send(field)
+          Chef::Log.debug("#{new_resource} setting #{field} to #{new_resource.send(field)}")
+          opts << option << new_resource.send(field).to_s
         end
 
         def useradd_options
@@ -150,8 +148,8 @@ class Chef
           # Pathname#cleanpath does a better job than ::File::expand_path (on both unix and windows)
           # ::File.expand_path("///tmp") == ::File.expand_path("/tmp") => false
           # ::File.expand_path("\\tmp") => "C:/tmp"
-          return true if @current_resource.home.nil? && new_resource.home
-          new_resource.home && Pathname.new(@current_resource.home).cleanpath != Pathname.new(new_resource.home).cleanpath
+          return true if current_resource.home.nil? && new_resource.home
+          new_resource.home && Pathname.new(current_resource.home).cleanpath != Pathname.new(new_resource.home).cleanpath
         end
 
       end

data/lib/chef/provider/user/windows.rb

@@ -31,31 +31,30 @@ class Chef
 
         def initialize(new_resource, run_context)
           super
-          @net_user = Chef::Util::Windows::NetUser.new(@new_resource.username)
+          @net_user = Chef::Util::Windows::NetUser.new(new_resource.username)
         end
 
         def load_current_resource
-          if @new_resource.gid
+          if new_resource.gid
             Chef::Log.warn("The 'gid' attribute is not implemented by the Windows platform. Please use the 'group' resource to assign a user to a group.")
           end
 
-          @current_resource = Chef::Resource::User.new(@new_resource.name)
-          @current_resource.username(@new_resource.username)
-          user_info = nil
+          @current_resource = Chef::Resource::User.new(new_resource.name)
+          current_resource.username(new_resource.username)
           begin
             user_info = @net_user.get_info
 
-            @current_resource.uid(user_info[:user_id])
-            @current_resource.comment(user_info[:full_name])
-            @current_resource.home(user_info[:home_dir])
-            @current_resource.shell(user_info[:script_path])
+            current_resource.uid(user_info[:user_id])
+            current_resource.comment(user_info[:full_name])
+            current_resource.home(user_info[:home_dir])
+            current_resource.shell(user_info[:script_path])
           rescue Chef::Exceptions::UserIDNotFound => e
             # e.message should be "The user name could not be found" but checking for that could cause a localization bug
             @user_exists = false
-            Chef::Log.debug("#{@new_resource} does not exist (#{e.message})")
+            Chef::Log.debug("#{new_resource} does not exist (#{e.message})")
           end
 
-          @current_resource
+          current_resource
         end
 
         # Check to see if the user needs any changes
@@ -64,12 +63,12 @@ class Chef
         # <true>:: If a change is required
         # <false>:: If the users are identical
         def compare_user
-          unless @net_user.validate_credentials(@new_resource.password)
-            Chef::Log.debug("#{@new_resource} password has changed")
+          unless @net_user.validate_credentials(new_resource.password)
+            Chef::Log.debug("#{new_resource} password has changed")
             return true
           end
           [ :uid, :comment, :home, :shell ].any? do |user_attrib|
-            !@new_resource.send(user_attrib).nil? && @new_resource.send(user_attrib) != @current_resource.send(user_attrib)
+            !new_resource.send(user_attrib).nil? && new_resource.send(user_attrib) != current_resource.send(user_attrib)
           end
         end
 
@@ -98,7 +97,7 @@ class Chef
         end
 
         def set_options
-          opts = { :name => @new_resource.username }
+          opts = { name: new_resource.username }
 
           field_list = {
             "comment" => "full_name",
@@ -110,14 +109,12 @@ class Chef
 
           field_list.sort { |a, b| a[0] <=> b[0] }.each do |field, option|
             field_symbol = field.to_sym
-            if @current_resource.send(field_symbol) != @new_resource.send(field_symbol)
-              if @new_resource.send(field_symbol)
-                unless field_symbol == :password
-                  Chef::Log.debug("#{@new_resource} setting #{field} to #{@new_resource.send(field_symbol)}")
-                end
-                opts[option.to_sym] = @new_resource.send(field_symbol)
-              end
+            next unless current_resource.send(field_symbol) != new_resource.send(field_symbol)
+            next unless new_resource.send(field_symbol)
+            unless field_symbol == :password
+              Chef::Log.debug("#{new_resource} setting #{field} to #{new_resource.send(field_symbol)}")
             end
+            opts[option.to_sym] = new_resource.send(field_symbol)
           end
           opts
         end

data/lib/chef/provider_resolver.rb

@@ -90,8 +90,10 @@ class Chef
       @prioritized_handlers ||= begin
         supported_handlers = self.supported_handlers
         if supported_handlers.empty?
-          # if none of the providers specifically support the resource, we still need to pick one of the providers that are
-          # enabled on the node to handle the why-run use case. FIXME we should only do this in why-run mode then.
+          # We always require a provider to be able to call define_resource_requirements on.  In the why-run case we need
+          # a provider to say "assuming /etc/init.d/whatever would have been installed" and in the non-why-run case we
+          # need to make a best guess at "cannot find /etc/init.d/whatever".  We are essentially defining a "default" provider
+          # for the platform, which is the best we can do, but which might give misleading errors, but we cannot read minds.
           Chef::Log.debug "No providers responded true to `supports?` for action #{action} on resource #{resource}, falling back to enabled handlers so we can return something anyway."
           supported_handlers = enabled_handlers
         end

data/lib/chef/providers.rb

@@ -65,6 +65,7 @@ require "chef/provider/env/windows"
 require "chef/provider/package/apt"
 require "chef/provider/package/chocolatey"
 require "chef/provider/package/dpkg"
+require "chef/provider/package/dnf"
 require "chef/provider/package/easy_install"
 require "chef/provider/package/freebsd/port"
 require "chef/provider/package/freebsd/pkg"