chef 15.7.32-universal-mingw32 → 15.8.23-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (46) hide show
  1. checksums.yaml +4 -4
  2. data/chef-universal-mingw32.gemspec +1 -1
  3. data/lib/chef/dsl/declare_resource.rb +9 -9
  4. data/lib/chef/knife/client_key_create.rb +4 -1
  5. data/lib/chef/knife/client_key_delete.rb +4 -1
  6. data/lib/chef/knife/client_key_edit.rb +4 -1
  7. data/lib/chef/knife/client_key_list.rb +4 -1
  8. data/lib/chef/knife/client_key_show.rb +4 -1
  9. data/lib/chef/knife/config_list_profiles.rb +4 -1
  10. data/lib/chef/knife/config_use_profile.rb +4 -2
  11. data/lib/chef/knife/configure.rb +1 -1
  12. data/lib/chef/knife/cookbook_upload.rb +3 -6
  13. data/lib/chef/knife/data_bag_from_file.rb +1 -1
  14. data/lib/chef/knife/exec.rb +4 -1
  15. data/lib/chef/knife/raw.rb +0 -1
  16. data/lib/chef/knife/rehash.rb +4 -1
  17. data/lib/chef/knife/search.rb +1 -1
  18. data/lib/chef/knife/ssh.rb +3 -3
  19. data/lib/chef/knife/ssl_check.rb +1 -1
  20. data/lib/chef/knife/ssl_fetch.rb +1 -1
  21. data/lib/chef/knife/supermarket_install.rb +1 -1
  22. data/lib/chef/knife/user_key_create.rb +4 -1
  23. data/lib/chef/knife/user_key_delete.rb +4 -1
  24. data/lib/chef/knife/user_key_edit.rb +4 -1
  25. data/lib/chef/knife/user_key_list.rb +4 -1
  26. data/lib/chef/knife/user_key_show.rb +4 -1
  27. data/lib/chef/node/attribute.rb +3 -1
  28. data/lib/chef/node/common_api.rb +3 -1
  29. data/lib/chef/provider/ifconfig.rb +13 -4
  30. data/lib/chef/provider/user/mac.rb +53 -9
  31. data/lib/chef/resource/notify_group.rb +70 -0
  32. data/lib/chef/resource/sysctl.rb +26 -2
  33. data/lib/chef/resource/user/mac_user.rb +4 -1
  34. data/lib/chef/resource/windows_task.rb +2 -1
  35. data/lib/chef/resources.rb +2 -1
  36. data/lib/chef/search/query.rb +1 -1
  37. data/lib/chef/shell.rb +4 -5
  38. data/lib/chef/shell/ext.rb +3 -5
  39. data/lib/chef/version.rb +1 -1
  40. data/spec/unit/cookbook_uploader_spec.rb +1 -0
  41. data/spec/unit/knife/cookbook_upload_spec.rb +2 -2
  42. data/spec/unit/provider/ifconfig_spec.rb +43 -14
  43. data/spec/unit/resource/notify_group_spec.rb +34 -0
  44. data/spec/unit/resource/sysctl_spec.rb +23 -1
  45. data/spec/unit/search/query_spec.rb +8 -1
  46. metadata +10 -8
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "../knife"
20
- require_relative "key_delete"
21
20
 
22
21
  class Chef
23
22
  class Knife
@@ -30,6 +29,10 @@ class Chef
30
29
  class UserKeyDelete < Knife
31
30
  banner "knife user key delete USER KEYNAME (options)"
32
31
 
32
+ deps do
33
+ require_relative "key_delete"
34
+ end
35
+
33
36
  attr_reader :actor
34
37
 
35
38
  def initialize(argv = [])
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "../knife"
20
- require_relative "key_edit"
21
20
  require_relative "key_edit_base"
22
21
 
23
22
  class Chef
@@ -33,6 +32,10 @@ class Chef
33
32
 
34
33
  banner "knife user key edit USER KEYNAME (options)"
35
34
 
35
+ deps do
36
+ require_relative "key_edit"
37
+ end
38
+
36
39
  attr_reader :actor
37
40
 
38
41
  def initialize(argv = [])
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "../knife"
20
- require_relative "key_list"
21
20
  require_relative "key_list_base"
22
21
 
23
22
  class Chef
@@ -33,6 +32,10 @@ class Chef
33
32
 
34
33
  banner "knife user key list USER (options)"
35
34
 
35
+ deps do
36
+ require_relative "key_list"
37
+ end
38
+
36
39
  attr_reader :actor
37
40
 
38
41
  def initialize(argv = [])
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "../knife"
20
- require_relative "key_show"
21
20
 
22
21
  class Chef
23
22
  class Knife
@@ -30,6 +29,10 @@ class Chef
30
29
  class UserKeyShow < Knife
31
30
  banner "knife user key show USER KEYNAME (options)"
32
31
 
32
+ deps do
33
+ require_relative "key_show"
34
+ end
35
+
33
36
  attr_reader :actor
34
37
 
35
38
  def initialize(argv = [])
@@ -1,7 +1,7 @@
1
1
  #--
2
2
  # Author:: Adam Jacob (<adam@chef.io>)
3
3
  # Author:: AJ Christensen (<aj@chef.io>)
4
- # Copyright:: Copyright 2008-2019, Chef Software Inc.
4
+ # Copyright:: Copyright 2008-2020, Chef Software Inc.
5
5
  # License:: Apache License, Version 2.0
6
6
  #
7
7
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -453,6 +453,8 @@ class Chef
453
453
  merged_attributes.read(*path)
454
454
  end
455
455
 
456
+ alias :dig :read
457
+
456
458
  def read!(*path)
457
459
  merged_attributes.read!(*path)
458
460
  end
@@ -1,5 +1,5 @@
1
1
  #--
2
- # Copyright:: Copyright 2016, Chef Software, Inc.
2
+ # Copyright:: Copyright 2016-2020, Chef Software Inc.
3
3
  # License:: Apache License, Version 2.0
4
4
  #
5
5
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -98,6 +98,8 @@ class Chef
98
98
  nil
99
99
  end
100
100
 
101
+ alias :dig :read
102
+
101
103
  # non-autovivifying reader that throws an exception if the attribute does not exist
102
104
  def read!(*path)
103
105
  raise Chef::Exceptions::NoSuchAttribute.new(path.join ".") unless exist?(*path)
@@ -39,6 +39,10 @@ class Chef
39
39
  attr_accessor :config_template
40
40
  attr_accessor :config_path
41
41
 
42
+ # @api private
43
+ # @return [String] the major.minor of the net-tools version as a string
44
+ attr_accessor :ifconfig_version
45
+
42
46
  def initialize(new_resource, run_context)
43
47
  super(new_resource, run_context)
44
48
  @config_template = nil
@@ -54,15 +58,20 @@ class Chef
54
58
  @ifconfig_version = nil
55
59
 
56
60
  @net_tools_version = shell_out("ifconfig", "--version")
61
+ @net_tools_version.stdout.each_line do |line|
62
+ if line =~ /^net-tools (\d+\.\d+)/
63
+ @ifconfig_version = line.match(/^net-tools (\d+\.\d+)/)[1]
64
+ end
65
+ end
57
66
  @net_tools_version.stderr.each_line do |line|
58
- if line =~ /^net-tools (\d+.\d+)/
59
- @ifconfig_version = line.match(/^net-tools (\d+.\d+)/)[1]
67
+ if line =~ /^net-tools (\d+\.\d+)/
68
+ @ifconfig_version = line.match(/^net-tools (\d+\.\d+)/)[1]
60
69
  end
61
70
  end
62
71
 
63
72
  if @ifconfig_version.nil?
64
73
  raise "net-tools not found - this is required for ifconfig"
65
- elsif @ifconfig_version.to_f < 2.0
74
+ elsif @ifconfig_version.to_i < 2
66
75
  # Example output for 1.60 is as follows: (sanitized but format intact)
67
76
  # eth0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
68
77
  # inet addr:192.168.1.1 Bcast:192.168.0.1 Mask:255.255.248.0
@@ -99,7 +108,7 @@ class Chef
99
108
  current_resource.mtu(@interface["mtu"])
100
109
  current_resource.metric(@interface["metric"])
101
110
  end
102
- elsif @ifconfig_version.to_f >= 2.0
111
+ elsif @ifconfig_version.to_i >= 2
103
112
  # Example output for 2.10-alpha is as follows: (sanitized but format intact)
104
113
  # eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
105
114
  # inet 192.168.1.1 netmask 255.255.240.0 broadcast 192.168.0.1
@@ -52,6 +52,10 @@ class Chef
52
52
  current_resource.shell(user_plist[:shell][0])
53
53
  current_resource.comment(user_plist[:comment][0])
54
54
 
55
+ if user_plist[:is_hidden]
56
+ current_resource.hidden(user_plist[:is_hidden][0] == "1" ? true : false)
57
+ end
58
+
55
59
  shadow_hash = user_plist[:shadow_hash]
56
60
  if shadow_hash
57
61
  current_resource.password(shadow_hash[0]["SALTED-SHA512-PBKDF2"]["entropy"].string.unpack("H*")[0])
@@ -137,7 +141,7 @@ class Chef
137
141
  def create_user
138
142
  cmd = [-"-addUser", new_resource.username]
139
143
  cmd += ["-fullName", new_resource.comment] if prop_is_set?(:comment)
140
- cmd += ["-UID", new_resource.uid] if prop_is_set?(:uid)
144
+ cmd += ["-UID", prop_is_set?(:uid) ? new_resource.uid : get_free_uid]
141
145
  cmd += ["-shell", new_resource.shell]
142
146
  cmd += ["-home", new_resource.home]
143
147
  cmd += ["-admin"] if new_resource.admin
@@ -165,6 +169,10 @@ class Chef
165
169
  reload_user_plist
166
170
  reload_admin_group_plist
167
171
 
172
+ if prop_is_set?(:hidden)
173
+ set_hidden
174
+ end
175
+
168
176
  if prop_is_set?(:password)
169
177
  converge_by("set password") { set_password }
170
178
  end
@@ -196,7 +204,7 @@ class Chef
196
204
  end.run_action(group_action)
197
205
 
198
206
  converge_by("create primary group ID") do
199
- run_dscl("create", "/Users/#{new_resource.username}", "PrimaryGroupID", new_resource.gid)
207
+ run_dscl("create", "/Users/#{new_resource.username}", "PrimaryGroupID", group_id)
200
208
  end
201
209
  end
202
210
 
@@ -208,7 +216,7 @@ class Chef
208
216
  end
209
217
 
210
218
  def compare_user
211
- %i{comment shell uid gid salt password admin secure_token}.any? { |m| diverged?(m) }
219
+ %i{comment shell uid gid salt password admin secure_token hidden}.any? { |m| diverged?(m) }
212
220
  end
213
221
 
214
222
  def manage_user
@@ -272,7 +280,13 @@ class Chef
272
280
 
273
281
  if diverged?(:gid)
274
282
  converge_by("alter group membership") do
275
- run_dscl("create", "/Users/#{new_resource.username}", "PrimaryGroupID", new_resource.gid)
283
+ run_dscl("create", "/Users/#{new_resource.username}", "PrimaryGroupID", group_id)
284
+ end
285
+ end
286
+
287
+ if diverged?(:hidden)
288
+ converge_by("alter hidden") do
289
+ set_hidden
276
290
  end
277
291
  end
278
292
 
@@ -336,6 +350,8 @@ class Chef
336
350
  user_group_diverged?
337
351
  when :secure_token
338
352
  secure_token_diverged?
353
+ when :hidden
354
+ hidden_diverged?
339
355
  else
340
356
  # Other fields are have been set on current resource so just compare
341
357
  # them.
@@ -343,6 +359,24 @@ class Chef
343
359
  end
344
360
  end
345
361
 
362
+ # Find the next available uid on the system.
363
+ # Starting with 200 if `system` is set, 501 otherwise.
364
+ def get_free_uid(search_limit = 1000)
365
+ uid = nil
366
+ base_uid = new_resource.system ? 200 : 501
367
+ next_uid_guess = base_uid
368
+ users_uids = run_dscl("list", "/Users", "uid")
369
+ while next_uid_guess < search_limit + base_uid
370
+ if users_uids =~ Regexp.new("#{Regexp.escape(next_uid_guess.to_s)}\n")
371
+ next_uid_guess += 1
372
+ else
373
+ uid = next_uid_guess
374
+ break
375
+ end
376
+ end
377
+ uid || raise("uid not found. Exhausted. Searched #{search_limit} times")
378
+ end
379
+
346
380
  # Attempt to resolve the group name, gid, and the action required for
347
381
  # associated group resource. If a group exists we'll modify it, otherwise
348
382
  # create it.
@@ -410,12 +444,21 @@ class Chef
410
444
  return false unless prop_is_set?(:gid)
411
445
 
412
446
  group_name, group_id = user_group_info
447
+ current_resource.gid != group_id.to_i
448
+ end
413
449
 
414
- if current_resource.gid.is_a?(String)
415
- current_resource.gid != group_name
416
- else
417
- current_resource.gid != group_id.to_i
418
- end
450
+ def hidden_diverged?
451
+ return false unless prop_is_set?(:hidden)
452
+
453
+ (current_resource.hidden ? 1 : 0) != hidden_value.to_i
454
+ end
455
+
456
+ def set_hidden
457
+ run_dscl("create", "/Users/#{new_resource.username}", "IsHidden", hidden_value.to_i)
458
+ end
459
+
460
+ def hidden_value
461
+ new_resource.hidden ? 1 : 0
419
462
  end
420
463
 
421
464
  def password_diverged?
@@ -593,6 +636,7 @@ class Chef
593
636
  auth_authority: "dsAttrTypeStandard:AuthenticationAuthority",
594
637
  shadow_hash: "dsAttrTypeNative:ShadowHashData",
595
638
  group_members: "dsAttrTypeStandard:GroupMembers",
639
+ is_hidden: "dsAttrTypeNative:IsHidden",
596
640
  }.freeze
597
641
 
598
642
  attr_accessor :plist_hash, :property_map
@@ -0,0 +1,70 @@
1
+ #
2
+ # Copyright:: 2019-2020, Chef Software Inc.
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+ #
16
+
17
+ require_relative "../resource"
18
+ require_relative "../dist"
19
+
20
+ class Chef
21
+ class Resource
22
+ class NotifyGroup < Chef::Resource
23
+ resource_name :notify_group
24
+ provides :notify_group
25
+
26
+ unified_mode true
27
+
28
+ description "The notify_group resource does nothing, and always fires notifications which are set on it. Use it to DRY blocks of notifications that are common to multiple resources, and provide a single target for other resources to notify. Unlike most resources, its default action is :nothing."
29
+ introduced "15.8"
30
+
31
+ examples <<~DOC
32
+ Wire up a notification from a service resource to stop and start the service with a 60 second delay.
33
+
34
+ ```
35
+ service "crude" do
36
+ action [ :enable, :start ]
37
+ end
38
+
39
+ chef_sleep "60" do
40
+ action :nothing
41
+ end
42
+
43
+ # Example code for a hypothetical badly behaved service that requires
44
+ # 60 seconds between a stop and start in order to restart the service
45
+ # (due to race conditions, bleeding connections down, resources that only
46
+ # slowly unlock in the background, or other poor software behaviors that
47
+ # are sometimes encountered).
48
+ #
49
+ notify_group "crude_stop_and_start" do
50
+ notifies :stop, "service[crude]", :immediately
51
+ notifies :sleep, "chef_sleep[60]", :immediately
52
+ notifies :start, "service[crude]", :immediately
53
+ end
54
+
55
+ template "/etc/crude/crude.conf" do
56
+ source "crude.conf.erb"
57
+ variables node["crude"]
58
+ notifies :run, "notify_group[crude_stop_and_start]", :immediately
59
+ end
60
+ ```
61
+ DOC
62
+
63
+ action :run do
64
+ new_resource.updated_by_last_action(true)
65
+ end
66
+
67
+ default_action :nothing
68
+ end
69
+ end
70
+ end
@@ -1,6 +1,6 @@
1
1
  #
2
2
  # Copyright:: 2018, Webb Agile Solutions Ltd.
3
- # Copyright:: 2018-2018, Chef Software Inc.
3
+ # Copyright:: 2018-2020, Chef Software Inc.
4
4
  #
5
5
  # Licensed under the Apache License, Version 2.0 (the "License");
6
6
  # you may not use this file except in compliance with the License.
@@ -45,6 +45,11 @@ class Chef
45
45
  coerce: proc { |v| coerce_value(v) },
46
46
  required: true
47
47
 
48
+ property :comment, [Array, String],
49
+ description: "Comments, placed above the resource setting in the generated file. For multi-line comments, use an array of strings, one per line.",
50
+ default: [],
51
+ introduced: "15.8"
52
+
48
53
  property :conf_dir, String,
49
54
  description: "The configuration directory to write the config to.",
50
55
  default: "/etc/sysctl.d"
@@ -81,7 +86,7 @@ class Chef
81
86
  directory new_resource.conf_dir
82
87
 
83
88
  file "#{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf" do
84
- content "#{new_resource.key} = #{new_resource.value}"
89
+ content contruct_sysctl_content
85
90
  end
86
91
 
87
92
  execute "Load sysctl values" do
@@ -112,9 +117,28 @@ class Chef
112
117
  end
113
118
 
114
119
  action_class do
120
+ #
121
+ # Shell out to set the sysctl value
122
+ #
123
+ # @param [String] key The sysctl key
124
+ # @param [String] value The value of the sysctl key
125
+ #
115
126
  def set_sysctl_param(key, value)
116
127
  shell_out!("sysctl #{"-e " if new_resource.ignore_error}-w \"#{key}=#{value}\"")
117
128
  end
129
+
130
+ #
131
+ # construct a string, joining members of new_resource.comment and new_resource.value
132
+ #
133
+ # @return [String] The text file content
134
+ #
135
+ def contruct_sysctl_content
136
+ sysctl_lines = Array(new_resource.comment).map { |c| "# #{c.strip}" }
137
+
138
+ sysctl_lines << "#{new_resource.key} = #{new_resource.value}"
139
+
140
+ sysctl_lines.join("\n")
141
+ end
118
142
  end
119
143
 
120
144
  private
@@ -1,6 +1,6 @@
1
1
  #
2
2
  # Author:: Ryan Cragun (<ryan@chef.io>)
3
- # Copyright:: Copyright 2019, Chef Software Inc.
3
+ # Copyright:: Copyright 2019-2020, Chef Software Inc.
4
4
  # License:: Apache License, Version 2.0
5
5
  #
6
6
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -100,6 +100,9 @@ class Chef
100
100
 
101
101
  property :admin, [TrueClass, FalseClass], description: "Create the user as an admin", default: false
102
102
 
103
+ # Hide a user account in the macOS login window
104
+ property :hidden, [TrueClass, FalseClass, nil], description: "Hide account from loginwindow and system preferences", default: nil, introduced: "15.8"
105
+
103
106
  # TCC on macOS >= 10.14 requires admin credentials of an Admin user that
104
107
  # has SecureToken enabled in order to toggle SecureToken.
105
108
  property :admin_username, String, description: "Admin username for superuser actions"
@@ -77,7 +77,8 @@ class Chef
77
77
  description: "The frequency with which to run the task."
78
78
 
79
79
  property :start_day, String,
80
- description: "Specifies the first date on which the task runs in MM/DD/YYYY format."
80
+ description: "Specifies the first date on which the task runs in MM/DD/YYYY format.",
81
+ default_description: "The current date."
81
82
 
82
83
  property :start_time, String,
83
84
  description: "Specifies the start time to run the task, in HH:mm format."
@@ -1,6 +1,6 @@
1
1
  #
2
2
  # Author:: Daniel DeLeo (<dan@chef.io>)
3
- # Copyright:: Copyright 2010-2019, Chef Software, Inc.
3
+ # Copyright:: Copyright 2010-2020, Chef Software Inc.
4
4
  # License:: Apache License, Version 2.0
5
5
  #
6
6
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -66,6 +66,7 @@ require_relative "resource/macports_package"
66
66
  require_relative "resource/macos_userdefaults"
67
67
  require_relative "resource/mdadm"
68
68
  require_relative "resource/mount"
69
+ require_relative "resource/notify_group"
69
70
  require_relative "resource/ohai"
70
71
  require_relative "resource/ohai_hint"
71
72
  require_relative "resource/openbsd_package"