chef 16.0.257 → 16.2.44

Sign up to get free protection for your applications and to get access to all the features.
Files changed (389) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +3 -1
  3. data/README.md +3 -3
  4. data/Rakefile +44 -16
  5. data/chef.gemspec +4 -4
  6. data/lib/chef/application/apply.rb +2 -2
  7. data/lib/chef/application/base.rb +1 -1
  8. data/lib/chef/application/client.rb +1 -1
  9. data/lib/chef/application/exit_code.rb +2 -2
  10. data/lib/chef/application/windows_service_manager.rb +1 -1
  11. data/lib/chef/chef_fs/chef_fs_data_store.rb +3 -3
  12. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  13. data/lib/chef/chef_fs/file_system/chef_server/acls_dir.rb +1 -1
  14. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +1 -1
  15. data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +1 -1
  16. data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +1 -1
  17. data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +1 -1
  18. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  19. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
  20. data/lib/chef/chef_fs/path_utils.rb +4 -4
  21. data/lib/chef/cookbook/chefignore.rb +1 -1
  22. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  23. data/lib/chef/cookbook/metadata.rb +2 -2
  24. data/lib/chef/cookbook_loader.rb +1 -1
  25. data/lib/chef/cookbook_manifest.rb +1 -1
  26. data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
  27. data/lib/chef/cookbook_version.rb +7 -7
  28. data/lib/chef/data_bag.rb +4 -4
  29. data/lib/chef/data_collector.rb +1 -1
  30. data/lib/chef/data_collector/error_handlers.rb +1 -1
  31. data/lib/chef/decorator/lazy_array.rb +2 -2
  32. data/lib/chef/deprecated.rb +5 -1
  33. data/lib/chef/digester.rb +4 -4
  34. data/lib/chef/dsl/declare_resource.rb +1 -1
  35. data/lib/chef/dsl/platform_introspection.rb +1 -1
  36. data/lib/chef/encrypted_data_bag_item/decryptor.rb +1 -1
  37. data/lib/chef/encrypted_data_bag_item/encryptor.rb +1 -1
  38. data/lib/chef/file_access_control.rb +1 -1
  39. data/lib/chef/formatters/base.rb +1 -1
  40. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +1 -1
  41. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
  42. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
  43. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +3 -3
  44. data/lib/chef/http.rb +18 -3
  45. data/lib/chef/http/decompressor.rb +1 -1
  46. data/lib/chef/http/http_request.rb +1 -1
  47. data/lib/chef/http/json_output.rb +1 -1
  48. data/lib/chef/http/ssl_policies.rb +18 -0
  49. data/lib/chef/json_compat.rb +1 -1
  50. data/lib/chef/key.rb +1 -1
  51. data/lib/chef/knife.rb +2 -2
  52. data/lib/chef/knife/bootstrap.rb +13 -16
  53. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  54. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  55. data/lib/chef/knife/bootstrap/templates/chef-full.erb +9 -9
  56. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +3 -1
  57. data/lib/chef/knife/client_bulk_delete.rb +1 -1
  58. data/lib/chef/knife/config_get.rb +1 -1
  59. data/lib/chef/knife/cookbook_delete.rb +1 -1
  60. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  61. data/lib/chef/knife/core/hashed_command_loader.rb +1 -1
  62. data/lib/chef/knife/core/node_presenter.rb +1 -1
  63. data/lib/chef/knife/core/status_presenter.rb +1 -1
  64. data/lib/chef/knife/core/subcommand_loader.rb +1 -1
  65. data/lib/chef/knife/core/windows_bootstrap_context.rb +18 -3
  66. data/lib/chef/knife/data_bag_create.rb +1 -1
  67. data/lib/chef/knife/environment_compare.rb +1 -1
  68. data/lib/chef/knife/key_create_base.rb +1 -1
  69. data/lib/chef/knife/key_edit_base.rb +1 -1
  70. data/lib/chef/knife/list.rb +1 -1
  71. data/lib/chef/knife/node_bulk_delete.rb +1 -1
  72. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  73. data/lib/chef/knife/role_bulk_delete.rb +1 -1
  74. data/lib/chef/knife/ssh.rb +2 -2
  75. data/lib/chef/knife/supermarket_install.rb +1 -1
  76. data/lib/chef/knife/supermarket_share.rb +1 -1
  77. data/lib/chef/knife/supermarket_unshare.rb +1 -1
  78. data/lib/chef/knife/{user_invite_recind.rb → user_invite_rescind.rb} +6 -6
  79. data/lib/chef/knife/yaml_convert.rb +2 -2
  80. data/lib/chef/log.rb +1 -1
  81. data/lib/chef/mixin/api_version_request_handling.rb +1 -1
  82. data/lib/chef/mixin/checksum.rb +0 -1
  83. data/lib/chef/mixin/create_path.rb +8 -8
  84. data/lib/chef/mixin/openssl_helper.rb +4 -4
  85. data/lib/chef/mixin/properties.rb +4 -2
  86. data/lib/chef/mixin/securable.rb +2 -2
  87. data/lib/chef/mixin/shell_out.rb +1 -1
  88. data/lib/chef/node/attribute.rb +2 -2
  89. data/lib/chef/node/immutable_collections.rb +1 -1
  90. data/lib/chef/node/mixin/deep_merge_cache.rb +7 -7
  91. data/lib/chef/policy_builder/policyfile.rb +1 -1
  92. data/lib/chef/powershell.rb +1 -1
  93. data/lib/chef/property.rb +2 -2
  94. data/lib/chef/provider.rb +3 -3
  95. data/lib/chef/provider/batch.rb +3 -10
  96. data/lib/chef/provider/cron.rb +2 -14
  97. data/lib/chef/provider/directory.rb +1 -1
  98. data/lib/chef/provider/execute.rb +3 -2
  99. data/lib/chef/provider/file.rb +1 -1
  100. data/lib/chef/provider/group/dscl.rb +2 -2
  101. data/lib/chef/provider/group/windows.rb +1 -1
  102. data/lib/chef/provider/ifconfig.rb +7 -7
  103. data/lib/chef/provider/launchd.rb +28 -32
  104. data/lib/chef/provider/mount/aix.rb +1 -1
  105. data/lib/chef/provider/mount/windows.rb +2 -2
  106. data/lib/chef/provider/noop.rb +1 -1
  107. data/lib/chef/provider/package/cab.rb +1 -1
  108. data/lib/chef/provider/package/chocolatey.rb +1 -1
  109. data/lib/chef/provider/package/dpkg.rb +1 -1
  110. data/lib/chef/provider/package/freebsd/base.rb +2 -1
  111. data/lib/chef/provider/package/homebrew.rb +1 -1
  112. data/lib/chef/provider/package/macports.rb +0 -2
  113. data/lib/chef/provider/package/openbsd.rb +1 -1
  114. data/lib/chef/provider/package/portage.rb +3 -2
  115. data/lib/chef/provider/package/powershell.rb +6 -2
  116. data/lib/chef/provider/package/rubygems.rb +3 -3
  117. data/lib/chef/provider/package/snap.rb +96 -27
  118. data/lib/chef/provider/package/windows.rb +27 -52
  119. data/lib/chef/provider/package/windows/msi.rb +3 -3
  120. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
  121. data/lib/chef/provider/package/yum.rb +1 -1
  122. data/lib/chef/provider/package/yum/yum_cache.rb +1 -1
  123. data/lib/chef/provider/powershell_script.rb +11 -15
  124. data/lib/chef/provider/remote_directory.rb +2 -2
  125. data/lib/chef/provider/remote_file/http.rb +4 -1
  126. data/lib/chef/provider/script.rb +4 -75
  127. data/lib/chef/provider/service/arch.rb +2 -2
  128. data/lib/chef/provider/service/debian.rb +2 -2
  129. data/lib/chef/provider/service/macosx.rb +13 -2
  130. data/lib/chef/provider/service/openbsd.rb +4 -4
  131. data/lib/chef/provider/service/redhat.rb +1 -1
  132. data/lib/chef/provider/service/simple.rb +3 -3
  133. data/lib/chef/provider/service/upstart.rb +1 -1
  134. data/lib/chef/provider/service/windows.rb +1 -1
  135. data/lib/chef/provider/subversion.rb +2 -2
  136. data/lib/chef/provider/user/aix.rb +1 -1
  137. data/lib/chef/provider/user/dscl.rb +7 -7
  138. data/lib/chef/provider/user/linux.rb +3 -3
  139. data/lib/chef/provider/user/mac.rb +15 -11
  140. data/lib/chef/provider/windows_script.rb +87 -25
  141. data/lib/chef/provider/windows_task.rb +5 -3
  142. data/lib/chef/provider/zypper_repository.rb +30 -10
  143. data/lib/chef/resource.rb +25 -14
  144. data/lib/chef/resource/alternatives.rb +65 -4
  145. data/lib/chef/resource/apt_package.rb +31 -2
  146. data/lib/chef/resource/apt_preference.rb +34 -5
  147. data/lib/chef/resource/apt_repository.rb +22 -15
  148. data/lib/chef/resource/apt_update.rb +6 -4
  149. data/lib/chef/resource/archive_file.rb +33 -12
  150. data/lib/chef/resource/bash.rb +1 -2
  151. data/lib/chef/resource/batch.rb +5 -3
  152. data/lib/chef/resource/bff_package.rb +1 -1
  153. data/lib/chef/resource/breakpoint.rb +1 -1
  154. data/lib/chef/resource/build_essential.rb +8 -4
  155. data/lib/chef/resource/cab_package.rb +1 -1
  156. data/lib/chef/resource/chef_client_cron.rb +12 -9
  157. data/lib/chef/resource/chef_client_scheduled_task.rb +22 -7
  158. data/lib/chef/resource/chef_client_systemd_timer.rb +10 -7
  159. data/lib/chef/resource/chef_gem.rb +6 -2
  160. data/lib/chef/resource/chef_handler.rb +3 -3
  161. data/lib/chef/resource/chef_sleep.rb +7 -4
  162. data/lib/chef/resource/chef_vault_secret.rb +4 -4
  163. data/lib/chef/resource/chocolatey_config.rb +5 -3
  164. data/lib/chef/resource/chocolatey_feature.rb +5 -3
  165. data/lib/chef/resource/chocolatey_package.rb +5 -3
  166. data/lib/chef/resource/chocolatey_source.rb +5 -3
  167. data/lib/chef/resource/cookbook_file.rb +3 -2
  168. data/lib/chef/resource/cron/_cron_shared.rb +98 -0
  169. data/lib/chef/resource/cron/cron.rb +46 -0
  170. data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +28 -94
  171. data/lib/chef/resource/cron_access.rb +17 -6
  172. data/lib/chef/resource/csh.rb +1 -2
  173. data/lib/chef/resource/directory.rb +1 -1
  174. data/lib/chef/resource/dmg_package.rb +18 -15
  175. data/lib/chef/resource/dnf_package.rb +1 -1
  176. data/lib/chef/resource/dpkg_package.rb +1 -1
  177. data/lib/chef/resource/execute.rb +479 -9
  178. data/lib/chef/resource/file.rb +11 -8
  179. data/lib/chef/resource/freebsd_package.rb +2 -2
  180. data/lib/chef/resource/gem_package.rb +6 -6
  181. data/lib/chef/resource/group.rb +1 -1
  182. data/lib/chef/resource/helpers/cron_validations.rb +6 -3
  183. data/lib/chef/resource/homebrew_cask.rb +1 -1
  184. data/lib/chef/resource/homebrew_package.rb +30 -1
  185. data/lib/chef/resource/homebrew_tap.rb +1 -1
  186. data/lib/chef/resource/homebrew_update.rb +107 -0
  187. data/lib/chef/resource/hostname.rb +11 -24
  188. data/lib/chef/resource/http_request.rb +1 -1
  189. data/lib/chef/resource/ifconfig.rb +7 -7
  190. data/lib/chef/resource/ips_package.rb +1 -1
  191. data/lib/chef/resource/kernel_module.rb +15 -2
  192. data/lib/chef/resource/ksh.rb +1 -1
  193. data/lib/chef/resource/launchd.rb +5 -5
  194. data/lib/chef/resource/link.rb +4 -4
  195. data/lib/chef/resource/locale.rb +4 -4
  196. data/lib/chef/resource/log.rb +1 -1
  197. data/lib/chef/resource/macos_userdefaults.rb +15 -10
  198. data/lib/chef/resource/macosx_service.rb +1 -1
  199. data/lib/chef/resource/macports_package.rb +1 -1
  200. data/lib/chef/resource/mdadm.rb +1 -1
  201. data/lib/chef/resource/mount.rb +2 -2
  202. data/lib/chef/resource/msu_package.rb +2 -2
  203. data/lib/chef/resource/ohai.rb +1 -1
  204. data/lib/chef/resource/ohai_hint.rb +1 -1
  205. data/lib/chef/resource/openbsd_package.rb +1 -1
  206. data/lib/chef/resource/openssl_dhparam.rb +1 -1
  207. data/lib/chef/resource/openssl_ec_private_key.rb +1 -1
  208. data/lib/chef/resource/openssl_ec_public_key.rb +1 -1
  209. data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
  210. data/lib/chef/resource/openssl_rsa_public_key.rb +1 -1
  211. data/lib/chef/resource/openssl_x509_certificate.rb +1 -1
  212. data/lib/chef/resource/openssl_x509_crl.rb +1 -1
  213. data/lib/chef/resource/openssl_x509_request.rb +1 -1
  214. data/lib/chef/resource/osx_profile.rb +1 -1
  215. data/lib/chef/resource/package.rb +1 -1
  216. data/lib/chef/resource/pacman_package.rb +1 -1
  217. data/lib/chef/resource/paludis_package.rb +1 -1
  218. data/lib/chef/resource/perl.rb +1 -2
  219. data/lib/chef/resource/plist.rb +24 -5
  220. data/lib/chef/resource/portage_package.rb +1 -1
  221. data/lib/chef/resource/powershell_package.rb +1 -1
  222. data/lib/chef/resource/powershell_package_source.rb +1 -1
  223. data/lib/chef/resource/powershell_script.rb +5 -3
  224. data/lib/chef/resource/python.rb +1 -2
  225. data/lib/chef/resource/reboot.rb +1 -1
  226. data/lib/chef/resource/registry_key.rb +1 -1
  227. data/lib/chef/resource/remote_directory.rb +1 -1
  228. data/lib/chef/resource/remote_file.rb +26 -11
  229. data/lib/chef/resource/rhsm_errata.rb +1 -3
  230. data/lib/chef/resource/rhsm_errata_level.rb +1 -1
  231. data/lib/chef/resource/rhsm_register.rb +1 -2
  232. data/lib/chef/resource/rhsm_repo.rb +1 -2
  233. data/lib/chef/resource/rhsm_subscription.rb +1 -3
  234. data/lib/chef/resource/route.rb +1 -1
  235. data/lib/chef/resource/rpm_package.rb +5 -2
  236. data/lib/chef/resource/ruby.rb +1 -2
  237. data/lib/chef/resource/ruby_block.rb +1 -4
  238. data/lib/chef/resource/scm/_scm.rb +4 -3
  239. data/lib/chef/resource/scm/git.rb +2 -2
  240. data/lib/chef/resource/scm/subversion.rb +2 -2
  241. data/lib/chef/resource/script.rb +1 -1
  242. data/lib/chef/resource/service.rb +1 -1
  243. data/lib/chef/resource/smartos_package.rb +1 -1
  244. data/lib/chef/resource/snap_package.rb +1 -1
  245. data/lib/chef/resource/solaris_package.rb +1 -1
  246. data/lib/chef/resource/ssh_known_hosts_entry.rb +1 -1
  247. data/lib/chef/resource/sudo.rb +4 -4
  248. data/lib/chef/resource/swap_file.rb +2 -2
  249. data/lib/chef/resource/sysctl.rb +61 -2
  250. data/lib/chef/resource/systemd_unit.rb +2 -2
  251. data/lib/chef/resource/template.rb +1 -1
  252. data/lib/chef/resource/timezone.rb +1 -1
  253. data/lib/chef/resource/user.rb +2 -2
  254. data/lib/chef/resource/user_ulimit.rb +24 -22
  255. data/lib/chef/resource/windows_ad_join.rb +31 -2
  256. data/lib/chef/resource/windows_audit_policy.rb +227 -0
  257. data/lib/chef/resource/windows_auto_run.rb +13 -2
  258. data/lib/chef/resource/windows_certificate.rb +28 -2
  259. data/lib/chef/resource/windows_dfs_folder.rb +1 -1
  260. data/lib/chef/resource/windows_dfs_namespace.rb +1 -1
  261. data/lib/chef/resource/windows_dfs_server.rb +2 -2
  262. data/lib/chef/resource/windows_env.rb +10 -1
  263. data/lib/chef/resource/windows_feature.rb +57 -2
  264. data/lib/chef/resource/windows_feature_dism.rb +15 -2
  265. data/lib/chef/resource/windows_feature_powershell.rb +29 -2
  266. data/lib/chef/resource/windows_firewall_rule.rb +11 -7
  267. data/lib/chef/resource/windows_font.rb +13 -4
  268. data/lib/chef/resource/windows_package.rb +66 -6
  269. data/lib/chef/resource/windows_pagefile.rb +32 -4
  270. data/lib/chef/resource/windows_path.rb +18 -1
  271. data/lib/chef/resource/windows_printer.rb +26 -6
  272. data/lib/chef/resource/windows_printer_port.rb +29 -1
  273. data/lib/chef/resource/windows_script.rb +2 -16
  274. data/lib/chef/resource/windows_security_policy.rb +47 -16
  275. data/lib/chef/resource/windows_service.rb +1 -1
  276. data/lib/chef/resource/windows_share.rb +23 -3
  277. data/lib/chef/resource/windows_shortcut.rb +13 -3
  278. data/lib/chef/resource/windows_task.rb +143 -29
  279. data/lib/chef/resource/windows_uac.rb +20 -1
  280. data/lib/chef/resource/windows_user_privilege.rb +45 -3
  281. data/lib/chef/resource/windows_workgroup.rb +19 -3
  282. data/lib/chef/resource/yum_package.rb +88 -6
  283. data/lib/chef/resource/yum_repository.rb +36 -19
  284. data/lib/chef/resource/zypper_package.rb +29 -3
  285. data/lib/chef/resource/zypper_repository.rb +17 -5
  286. data/lib/chef/resource_inspector.rb +5 -4
  287. data/lib/chef/resources.rb +4 -2
  288. data/lib/chef/run_context/cookbook_compiler.rb +1 -1
  289. data/lib/chef/scan_access_control.rb +1 -1
  290. data/lib/chef/search/query.rb +1 -1
  291. data/lib/chef/shell/ext.rb +1 -1
  292. data/lib/chef/util/diff.rb +2 -2
  293. data/lib/chef/util/dsc/lcm_output_parser.rb +3 -3
  294. data/lib/chef/util/windows/net_user.rb +1 -1
  295. data/lib/chef/util/windows/volume.rb +1 -1
  296. data/lib/chef/version.rb +1 -1
  297. data/lib/chef/win32/api.rb +2 -2
  298. data/lib/chef/win32/api/error.rb +3 -1
  299. data/lib/chef/win32/api/file.rb +18 -18
  300. data/lib/chef/win32/api/net.rb +1 -0
  301. data/lib/chef/win32/file.rb +1 -1
  302. data/lib/chef/win32/mutex.rb +1 -1
  303. data/lib/chef/win32/net.rb +1 -0
  304. data/lib/chef/win32/process.rb +2 -2
  305. data/lib/chef/win32/registry.rb +2 -2
  306. data/lib/chef/win32/security.rb +1 -1
  307. data/lib/chef/win32/security/sid.rb +4 -4
  308. data/spec/data/lwrp/providers/buck_passer.rb +1 -1
  309. data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
  310. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
  311. data/spec/functional/resource/cron_spec.rb +10 -0
  312. data/spec/functional/resource/dnf_package_spec.rb +2 -2
  313. data/spec/functional/resource/git_spec.rb +6 -6
  314. data/spec/functional/resource/launchd_spec.rb +232 -0
  315. data/spec/functional/resource/link_spec.rb +3 -3
  316. data/spec/functional/resource/remote_file_spec.rb +3 -3
  317. data/spec/functional/resource/user/dscl_spec.rb +1 -1
  318. data/spec/functional/resource/user/mac_user_spec.rb +1 -1
  319. data/spec/functional/resource/windows_task_spec.rb +12 -12
  320. data/spec/integration/knife/raw_spec.rb +4 -4
  321. data/spec/integration/knife/redirection_spec.rb +2 -2
  322. data/spec/support/chef_helpers.rb +1 -1
  323. data/spec/support/platform_helpers.rb +1 -14
  324. data/spec/support/platforms/win32/spec_service.rb +1 -1
  325. data/spec/support/shared/functional/execute_resource.rb +1 -1
  326. data/spec/support/shared/functional/file_resource.rb +1 -1
  327. data/spec/support/shared/functional/http.rb +2 -2
  328. data/spec/support/shared/functional/windows_script.rb +1 -1
  329. data/spec/support/shared/unit/execute_resource.rb +1 -1
  330. data/spec/support/shared/unit/mock_shellout.rb +1 -1
  331. data/spec/support/shared/unit/provider/useradd_based_user_provider.rb +4 -4
  332. data/spec/unit/application_spec.rb +7 -0
  333. data/spec/unit/data_bag_spec.rb +1 -1
  334. data/spec/unit/file_access_control_spec.rb +1 -1
  335. data/spec/unit/http/ssl_policies_spec.rb +20 -0
  336. data/spec/unit/knife/bootstrap_spec.rb +2 -2
  337. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +7 -1
  338. data/spec/unit/knife/role_env_run_list_add_spec.rb +6 -6
  339. data/spec/unit/knife/role_env_run_list_clear_spec.rb +4 -4
  340. data/spec/unit/knife/role_env_run_list_remove_spec.rb +4 -4
  341. data/spec/unit/knife/role_env_run_list_replace_spec.rb +4 -4
  342. data/spec/unit/knife/role_env_run_list_set_spec.rb +4 -4
  343. data/spec/unit/knife/role_run_list_add_spec.rb +6 -6
  344. data/spec/unit/knife/role_run_list_clear_spec.rb +4 -4
  345. data/spec/unit/knife/role_run_list_remove_spec.rb +4 -4
  346. data/spec/unit/knife/role_run_list_replace_spec.rb +4 -4
  347. data/spec/unit/knife/role_run_list_set_spec.rb +4 -4
  348. data/spec/unit/mixin/openssl_helper_spec.rb +4 -4
  349. data/spec/unit/mixin/shell_out_spec.rb +25 -31
  350. data/spec/unit/mixin/user_context_spec.rb +1 -9
  351. data/spec/unit/node/attribute_spec.rb +1 -1
  352. data/spec/unit/property_spec.rb +1 -1
  353. data/spec/unit/provider/apt_repository_spec.rb +27 -27
  354. data/spec/unit/provider/batch_spec.rb +130 -0
  355. data/spec/unit/provider/cron_spec.rb +9 -49
  356. data/spec/unit/provider/git_spec.rb +3 -3
  357. data/spec/unit/provider/group/groupadd_spec.rb +1 -1
  358. data/spec/unit/provider/launchd_spec.rb +8 -50
  359. data/spec/unit/provider/osx_profile_spec.rb +2 -2
  360. data/spec/unit/provider/package/msu_spec.rb +3 -3
  361. data/spec/unit/provider/package/portage_spec.rb +2 -2
  362. data/spec/unit/provider/package/powershell_spec.rb +96 -87
  363. data/spec/unit/provider/package/snap_spec.rb +1 -1
  364. data/spec/unit/provider/powershell_script_spec.rb +3 -45
  365. data/spec/unit/provider/script_spec.rb +20 -110
  366. data/spec/unit/provider/service/gentoo_service_spec.rb +1 -1
  367. data/spec/unit/provider/zypper_repository_spec.rb +75 -25
  368. data/spec/unit/provider_resolver_spec.rb +11 -11
  369. data/spec/unit/resource/archive_file_spec.rb +11 -2
  370. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
  371. data/spec/unit/resource/cron_spec.rb +2 -2
  372. data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
  373. data/spec/unit/resource/homebrew_update_spec.rb +30 -0
  374. data/spec/unit/resource/powershell_script_spec.rb +10 -15
  375. data/spec/unit/resource/timezone_spec.rb +1 -1
  376. data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
  377. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  378. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  379. data/spec/unit/resource/windows_package_spec.rb +10 -0
  380. data/spec/unit/resource/windows_task_spec.rb +1 -1
  381. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  382. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  383. data/spec/unit/resource_spec.rb +67 -1
  384. data/spec/unit/run_context_spec.rb +1 -1
  385. data/spec/unit/util/dsc/configuration_generator_spec.rb +1 -1
  386. data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
  387. data/spec/unit/win32/registry_spec.rb +1 -1
  388. metadata +28 -27
  389. data/lib/chef/resource/cron.rb +0 -157
@@ -27,7 +27,7 @@ class Chef
27
27
 
28
28
  provides :ssh_known_hosts_entry
29
29
 
30
- description "Use the ssh_known_hosts_entry resource to add an entry for the specified host in /etc/ssh/ssh_known_hosts or a user's known hosts file if specified."
30
+ description "Use the **ssh_known_hosts_entry** resource to add an entry for the specified host in /etc/ssh/ssh_known_hosts or a user's known hosts file if specified."
31
31
  introduced "14.3"
32
32
 
33
33
  property :host, String,
@@ -28,7 +28,7 @@ class Chef
28
28
 
29
29
  provides(:sudo) { true }
30
30
 
31
- description "Use the sudo resource to add or remove individual sudo entries using sudoers.d files."\
31
+ description "Use the **sudo** resource to add or remove individual sudo entries using sudoers.d files."\
32
32
  " Sudo version 1.7.2 or newer is required to use the sudo resource, as it relies on the"\
33
33
  " '#includedir' directive introduced in version 1.7.2. This resource does not enforce"\
34
34
  " installation of the required sudo version. Chef-supported releases of Ubuntu, SuSE, Debian,"\
@@ -88,15 +88,15 @@ class Chef
88
88
  default: lazy { [] }
89
89
 
90
90
  property :setenv, [TrueClass, FalseClass],
91
- description: "Determines whether or not to permit preservation of the environment with 'sudo -E'.",
91
+ description: "Determines whether or not to permit preservation of the environment with `sudo -E`.",
92
92
  default: false
93
93
 
94
94
  property :env_keep_add, Array,
95
- description: "An array of strings to add to env_keep.",
95
+ description: "An array of strings to add to `env_keep`.",
96
96
  default: lazy { [] }
97
97
 
98
98
  property :env_keep_subtract, Array,
99
- description: "An array of strings to remove from env_keep.",
99
+ description: "An array of strings to remove from `env_keep`.",
100
100
  default: lazy { [] }
101
101
 
102
102
  property :visudo_path, String,
@@ -24,7 +24,7 @@ class Chef
24
24
 
25
25
  provides(:swap_file) { true }
26
26
 
27
- description "Use the swap_file resource to create or delete swap files on Linux systems, and optionally to manage the swappiness configuration for a host."
27
+ description "Use the **swap_file** resource to create or delete swap files on Linux systems, and optionally to manage the swappiness configuration for a host."
28
28
  introduced "14.0"
29
29
 
30
30
  property :path, String,
@@ -39,7 +39,7 @@ class Chef
39
39
  default: false
40
40
 
41
41
  property :timeout, Integer,
42
- description: "Timeout for 'dd' / 'fallocate' commands.",
42
+ description: "Timeout for `dd` / `fallocate` commands.",
43
43
  default: 600,
44
44
  desired_state: false
45
45
 
@@ -25,11 +25,70 @@ class Chef
25
25
  provides(:sysctl) { true }
26
26
  provides(:sysctl_param) { true }
27
27
 
28
- description "Use the sysctl resource to set or remove kernel parameters using the sysctl"\
28
+ description "Use the **sysctl** resource to set or remove kernel parameters using the sysctl"\
29
29
  " command line tool and configuration files in the system's sysctl.d directory. "\
30
30
  "Configuration files managed by this resource are named 99-chef-KEYNAME.conf. If"\
31
31
  " an existing value was already set for the value it will be backed up to the node"\
32
32
  " and restored if the :remove action is used later."
33
+ examples <<~DOC
34
+ **Set vm.swappiness**:
35
+
36
+ ```ruby
37
+ sysctl 'vm.swappiness' do
38
+ value 19
39
+ end
40
+ ```
41
+
42
+ **Remove kernel.msgmax**:
43
+
44
+ **Note**: This only removes the sysctl.d config for kernel.msgmax. The value will be set back to the kernel default value.
45
+
46
+ ```ruby
47
+ sysctl 'kernel.msgmax' do
48
+ action :remove
49
+ end
50
+ ```
51
+
52
+ **Adding Comments to sysctl configuration files**:
53
+
54
+ ```ruby
55
+ sysctl 'vm.swappiness' do
56
+ value 19
57
+ comment "define how aggressively the kernel will swap memory pages."
58
+ end
59
+ ```
60
+
61
+ This produces /etc/sysctl.d/99-chef-vm.swappiness.conf as follows:
62
+
63
+ ```
64
+ # define how aggressively the kernel will swap memory pages.
65
+ vm.swappiness = 1
66
+ ```
67
+
68
+ **Converting sysctl settings from shell scripts**:
69
+
70
+ Example of existing settings:
71
+
72
+ ```bash
73
+ fs.aio-max-nr = 1048576 net.ipv4.ip_local_port_range = 9000 65500 kernel.sem = 250 32000 100 128
74
+ ```
75
+
76
+ Converted to sysctl resources:
77
+
78
+ ```ruby
79
+ sysctl 'fs.aio-max-nr' do
80
+ value '1048576'
81
+ end
82
+
83
+ sysctl 'net.ipv4.ip_local_port_range' do
84
+ value '9000 65500'
85
+ end
86
+
87
+ sysctl 'kernel.sem' do
88
+ value '250 32000 100 128'
89
+ end
90
+ ```
91
+ DOC
33
92
 
34
93
  introduced "14.0"
35
94
 
@@ -44,7 +103,7 @@ class Chef
44
103
  property :value, [Array, String, Integer, Float],
45
104
  description: "The value to set.",
46
105
  coerce: proc { |v| coerce_value(v) },
47
- required: true
106
+ required: [:apply]
48
107
 
49
108
  property :comment, [Array, String],
50
109
  description: "Comments, placed above the resource setting in the generated file. For multi-line comments, use an array of strings, one per line.",
@@ -27,7 +27,7 @@ class Chef
27
27
 
28
28
  provides(:systemd_unit) { true }
29
29
 
30
- description "Use the systemd_unit resource to create, manage, and run systemd units."
30
+ description "Use the **systemd_unit** resource to create, manage, and run systemd units."
31
31
  introduced "12.11"
32
32
 
33
33
  default_action :nothing
@@ -52,7 +52,7 @@ class Chef
52
52
  description: "The user account that the systemd unit process is run under. The path to the unit for that user would be something like '/etc/systemd/user/sshd.service'. If no user account is specified, the systemd unit will run under a 'system' account, with the path to the unit being something like '/etc/systemd/system/sshd.service'."
53
53
 
54
54
  property :content, [String, Hash],
55
- description: "A string or hash that contains a systemd `unit file <https://www.freedesktop.org/software/systemd/man/systemd.unit.html>`_ definition that describes the properties of systemd-managed entities, such as services, sockets, devices, and so on. In #{Chef::Dist::PRODUCT} 14.4 or later, repeatable options can be implemented with an array."
55
+ description: "A string or hash that contains a systemd [unit file](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) definition that describes the properties of systemd-managed entities, such as services, sockets, devices, and so on. In #{Chef::Dist::PRODUCT} 14.4 or later, repeatable options can be implemented with an array."
56
56
 
57
57
  property :triggers_reload, [TrueClass, FalseClass],
58
58
  description: "Specifies whether to trigger a daemon reload when creating or deleting a unit.",
@@ -69,7 +69,7 @@ class Chef
69
69
 
70
70
  property :local, [ TrueClass, FalseClass ],
71
71
  default: false, desired_state: false,
72
- description: "Load a template from a local path. By default, the #{Chef::Dist::CLIENT} loads templates from a cookbooks /templates directory. When this property is set to true, use the source property to specify the path to a template on the local node."
72
+ description: "Load a template from a local path. By default, the #{Chef::Dist::CLIENT} loads templates from a cookbook's /templates directory. When this property is set to true, use the source property to specify the path to a template on the local node."
73
73
 
74
74
  # Declares a helper method to be defined in the template context when
75
75
  # rendering.
@@ -26,7 +26,7 @@ class Chef
26
26
 
27
27
  provides :timezone
28
28
 
29
- description "Use the timezone resource to change the system timezone on Windows, Linux, and macOS hosts. Timezones are specified in tz database format, with a complete list of available TZ values for Linux and macOS here: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones and for Windows here: https://ss64.com/nt/timezones.html."
29
+ description "Use the **timezone** resource to change the system timezone on Windows, Linux, and macOS hosts. Timezones are specified in tz database format, with a complete list of available TZ values for Linux and macOS here: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones and for Windows here: https://ss64.com/nt/timezones.html."
30
30
  introduced "14.6"
31
31
 
32
32
  property :timezone, String,
@@ -23,7 +23,7 @@ class Chef
23
23
  class User < Chef::Resource
24
24
  unified_mode true
25
25
 
26
- description "Use the user resource to add users, update existing users, remove users, and to lock/unlock user passwords."
26
+ description "Use the **user** resource to add users, update existing users, remove users, and to lock/unlock user passwords."
27
27
 
28
28
  default_action :create
29
29
  allowed_actions :create, :remove, :modify, :manage, :lock, :unlock
@@ -55,7 +55,7 @@ class Chef
55
55
  default: false, desired_state: false
56
56
 
57
57
  property :manage_home, [ TrueClass, FalseClass ],
58
- description: "Manage a users home directory.\nWhen used with the :create action, a users home directory is created based on HOME_DIR. If the home directory is missing, it is created unless CREATE_HOME in /etc/login.defs is set to no. When created, a skeleton set of files and subdirectories are included within the home directory.\nWhen used with the :modify action, a users home directory is moved to HOME_DIR. If the home directory is missing, it is created unless CREATE_HOME in /etc/login.defs is set to no. The contents of the users home directory are moved to the new location.",
58
+ description: "Manage a user's home directory.\nWhen used with the :create action, a user's home directory is created based on HOME_DIR. If the home directory is missing, it is created unless CREATE_HOME in /etc/login.defs is set to no. When created, a skeleton set of files and subdirectories are included within the home directory.\nWhen used with the :modify action, a user's home directory is moved to HOME_DIR. If the home directory is missing, it is created unless CREATE_HOME in /etc/login.defs is set to no. The contents of the user's home directory are moved to the new location.",
59
59
  default: false, desired_state: false
60
60
 
61
61
  property :force, [ TrueClass, FalseClass ],
@@ -26,32 +26,34 @@ class Chef
26
26
 
27
27
  provides :user_ulimit
28
28
 
29
+ description "Use the **user_ulimit** resource to create individual ulimit files that are installed into the `/etc/security/limits.d/` directory."
29
30
  introduced "16.0"
30
- description "Use the user_ulimit resource to create individual ulimit files that are installed into the `/etc/security/limits.d/` directory."
31
31
  examples <<~DOC
32
- set filehandle limit for the tomcat user
33
- ```ruby
34
- user_ulimit 'tomcat' do
35
- filehandle_limit 8192
36
- end
37
- ```
32
+ **Set filehandle limit for the tomcat user**:
38
33
 
39
- specify a username that differs from the name given to the resource block
40
- ```ruby
41
- user_ulimit 'Bump filehandle limits for tomcat user' do
42
- username 'tomcat'
43
- filehandle_limit 8192
44
- end
45
- ```
34
+ ```ruby
35
+ user_ulimit 'tomcat' do
36
+ filehandle_limit 8192
37
+ end
38
+ ```
46
39
 
47
- specify a non-default filename
48
- set filehandle limit for the tomcat user
49
- ```ruby
50
- user_ulimit 'tomcat' do
51
- filehandle_limit 8192
52
- filename 'tomcat_filehandle_limits.conf'
53
- end
54
- ```
40
+ **Specify a username that differs from the name given to the resource block**:
41
+
42
+ ```ruby
43
+ user_ulimit 'Bump filehandle limits for tomcat user' do
44
+ username 'tomcat'
45
+ filehandle_limit 8192
46
+ end
47
+ ```
48
+
49
+ **Set filehandle limit for the tomcat user with a non-default filename**:
50
+
51
+ ```ruby
52
+ user_ulimit 'tomcat' do
53
+ filehandle_limit 8192
54
+ filename 'tomcat_filehandle_limits.conf'
55
+ end
56
+ ```
55
57
  DOC
56
58
 
57
59
  property :username, String, name_property: true
@@ -23,8 +23,37 @@ class Chef
23
23
  class WindowsAdJoin < Chef::Resource
24
24
  provides :windows_ad_join
25
25
 
26
- description "Use the windows_ad_join resource to join a Windows Active Directory domain."
26
+ description "Use the **windows_ad_join** resource to join a Windows Active Directory domain."
27
27
  introduced "14.0"
28
+ examples <<~DOC
29
+ **Join a domain**
30
+
31
+ ```ruby
32
+ windows_ad_join 'ad.example.org' do
33
+ domain_user 'nick'
34
+ domain_password 'p@ssw0rd1'
35
+ end
36
+ ```
37
+
38
+ **Join a domain, as `win-workstation`**
39
+
40
+ ```ruby
41
+ windows_ad_join 'ad.example.org' do
42
+ domain_user 'nick'
43
+ domain_password 'p@ssw0rd1'
44
+ new_hostname 'win-workstation'
45
+ end
46
+ ```
47
+
48
+ **Leave the current domain and re-join the `local` workgroup**
49
+
50
+ ```ruby
51
+ windows_ad_join 'Leave domain' do
52
+ action :leave
53
+ workgroup 'local'
54
+ end
55
+ ```
56
+ DOC
28
57
 
29
58
  property :domain_name, String,
30
59
  description: "An optional property to set the FQDN of the Active Directory domain to join if it differs from the resource block's name.",
@@ -175,7 +204,7 @@ class Chef
175
204
  # links: https://docs.microsoft.com/en-us/windows/win32/ad/naming-properties#userprincipalname https://tools.ietf.org/html/rfc822
176
205
  # regex: https://rubular.com/r/isAWojpTMKzlnp
177
206
  def sanitize_usename
178
- if new_resource.domain_user =~ /@/
207
+ if /@/.match?(new_resource.domain_user)
179
208
  new_resource.domain_user
180
209
  else
181
210
  "#{new_resource.domain_user}@#{new_resource.domain_name}"
@@ -0,0 +1,227 @@
1
+ #
2
+ # Author:: Ross Moles (<rmoles@chef.io>)
3
+ # Author:: Rachel Rice (<rrice@chef.io>)
4
+ # Author:: Davin Taddeo (<davin@chef.io>)
5
+ # Copyright:: Copyright (c) Chef Software Inc.
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../resource"
21
+
22
+ class Chef
23
+ class Resource
24
+ class WindowsAuditPolicy < Chef::Resource
25
+ WIN_AUDIT_SUBCATEGORIES = ["Account Lockout",
26
+ "Application Generated",
27
+ "Application Group Management",
28
+ "Audit Policy Change",
29
+ "Authentication Policy Change",
30
+ "Authorization Policy Change",
31
+ "Central Policy Staging",
32
+ "Certification Services",
33
+ "Computer Account Management",
34
+ "Credential Validation",
35
+ "DPAPI Activity",
36
+ "Detailed Directory Service Replication",
37
+ "Detailed File Share",
38
+ "Directory Service Access",
39
+ "Directory Service Changes",
40
+ "Directory Service Replication",
41
+ "Distribution Group Management",
42
+ "File Share",
43
+ "File System",
44
+ "Filtering Platform Connection",
45
+ "Filtering Platform Packet Drop",
46
+ "Filtering Platform Policy Change",
47
+ "Group Membership",
48
+ "Handle Manipulation",
49
+ "IPsec Driver",
50
+ "IPsec Extended Mode",
51
+ "IPsec Main Mode",
52
+ "IPsec Quick Mode",
53
+ "Kerberos Authentication Service",
54
+ "Kerberos Service Ticket Operations",
55
+ "Kernel Object",
56
+ "Logoff",
57
+ "Logon",
58
+ "MPSSVC Rule-Level Policy Change",
59
+ "Network Policy Server",
60
+ "Non Sensitive Privilege Use",
61
+ "Other Account Logon Events",
62
+ "Other Account Management Events",
63
+ "Other Logon/Logoff Events",
64
+ "Other Object Access Events",
65
+ "Other Policy Change Events",
66
+ "Other Privilege Use Events",
67
+ "Other System Events",
68
+ "Plug and Play Events",
69
+ "Process Creation",
70
+ "Process Termination",
71
+ "RPC Events",
72
+ "Registry",
73
+ "Removable Storage",
74
+ "SAM",
75
+ "Security Group Management",
76
+ "Security State Change",
77
+ "Security System Extension",
78
+ "Sensitive Privilege Use",
79
+ "Special Logon",
80
+ "System Integrity",
81
+ "Token Right Adjusted Events",
82
+ "User / Device Claims",
83
+ "User Account Management",
84
+ ].freeze
85
+ provides :windows_audit_policy
86
+
87
+ description "Use the **windows_audit_policy** resource to configure system level and per-user Windows advanced audit policy settings."
88
+ introduced "16.2"
89
+
90
+ examples <<~DOC
91
+ **Set Logon and Logoff policy to "Success and Failure"**:
92
+
93
+ ```ruby
94
+ windows_audit_policy "Set Audit Policy for 'Logon and Logoff' actions to 'Success and Failure'" do
95
+ subcategory %w(Logon Logoff)
96
+ success true
97
+ failure true
98
+ action :set
99
+ end
100
+ ```
101
+
102
+ **Set Credential Validation policy to "Success"**:
103
+
104
+ ```ruby
105
+ windows_audit_policy "Set Audit Policy for 'Credential Validation' actions to 'Success'" do
106
+ subcategory 'Credential Validation'
107
+ success true
108
+ failure false
109
+ action :set
110
+ end
111
+ ```
112
+
113
+ **Enable CrashOnAuditFail option**:
114
+
115
+ ```ruby
116
+ windows_audit_policy 'Enable CrashOnAuditFail option' do
117
+ crash_on_audit_fail true
118
+ action :set
119
+ end
120
+ ```
121
+ DOC
122
+
123
+ property :subcategory, [String, Array],
124
+ coerce: proc { |p| Array(p) },
125
+ description: "The audit policy subcategory, specified by GUID or name. Applied system-wide if no user is specified.",
126
+ callbacks: { "Subcategories entered should be actual advanced audit policy subcategories" => proc { |n| (Array(n) - WIN_AUDIT_SUBCATEGORIES).empty? } }
127
+
128
+ property :success, [true, false],
129
+ description: "Specify success auditing. By setting this property to true the resource will enable success for the category or sub category. Success is the default and is applied if neither success nor failure are specified."
130
+
131
+ property :failure, [true, false],
132
+ description: "Specify failure auditing. By setting this property to true the resource will enable failure for the category or sub category. Success is the default and is applied if neither success nor failure are specified."
133
+
134
+ property :include_user, String,
135
+ description: "The audit policy specified by the category or subcategory is applied per-user if specified. When a user is specified, include user. Include and exclude cannot be used at the same time."
136
+
137
+ property :exclude_user, String,
138
+ description: "The audit policy specified by the category or subcategory is applied per-user if specified. When a user is specified, exclude user. Include and exclude cannot be used at the same time."
139
+
140
+ property :crash_on_audit_fail, [true, false],
141
+ description: "Setting this audit policy option to true will cause the system to crash if the auditing system is unable to log events."
142
+
143
+ property :full_privilege_auditing, [true, false],
144
+ description: "Setting this audit policy option to true will force the audit of all privilege changes except SeAuditPrivilege. Setting this property may cause the logs to fill up more quickly."
145
+
146
+ property :audit_base_objects, [true, false],
147
+ description: "Setting this audit policy option to true will force the system to assign a System Access Control List to named objects to enable auditing of base objects such as mutexes."
148
+
149
+ property :audit_base_directories, [true, false],
150
+ description: "Setting this audit policy option to true will force the system to assign a System Access Control List to named objects to enable auditing of container objects such as directories."
151
+
152
+ def subcategory_configured?(sub_cat, success_value, failure_value)
153
+ setting = if success_value && failure_value
154
+ "Success and Failure$"
155
+ elsif success_value && !failure_value
156
+ "Success$"
157
+ elsif !success_value && failure_value
158
+ "(Failure$)&!(Success and Failure$)"
159
+ else
160
+ "No Auditing"
161
+ end
162
+ powershell_exec(<<-CODE).result
163
+ $auditpol_config = auditpol /get /subcategory:"#{sub_cat}"
164
+ if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
165
+ CODE
166
+ end
167
+
168
+ def option_configured?(option_name, option_setting)
169
+ setting = option_setting ? "Enabled$" : "Disabled$"
170
+ powershell_exec(<<-CODE).result
171
+ $auditpol_config = auditpol /get /option:#{option_name}
172
+ if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
173
+ CODE
174
+ end
175
+
176
+ action :set do
177
+ unless new_resource.subcategory.nil?
178
+ new_resource.subcategory.each do |subcategory|
179
+ next if subcategory_configured?(subcategory, new_resource.success, new_resource.failure)
180
+
181
+ s_val = new_resource.success ? "enable" : "disable"
182
+ f_val = new_resource.failure ? "enable" : "disable"
183
+ converge_by "Update Audit Policy for \"#{subcategory}\" to Success:#{s_val} and Failure:#{f_val}" do
184
+ cmd = "auditpol /set "
185
+ cmd += "/user:\"#{new_resource.include_user}\" /include " if new_resource.include_user
186
+ cmd += "/user:\"#{new_resource.exclude_user}\" /exclude " if new_resource.exclude_user
187
+ cmd += "/subcategory:\"#{subcategory}\" /success:#{s_val} /failure:#{f_val}"
188
+ powershell_exec!(cmd)
189
+ end
190
+ end
191
+ end
192
+
193
+ if !new_resource.crash_on_audit_fail.nil? && option_configured?("CrashOnAuditFail", new_resource.crash_on_audit_fail)
194
+ val = new_resource.crash_on_audit_fail ? "Enable" : "Disable"
195
+ converge_by "Configure Audit: CrashOnAuditFail to #{val}" do
196
+ cmd = "auditpol /set /option:CrashOnAuditFail /value:#{val}"
197
+ powershell_exec!(cmd)
198
+ end
199
+ end
200
+
201
+ if !new_resource.full_privilege_auditing.nil? && option_configured?("FullPrivilegeAuditing", new_resource.full_privilege_auditing)
202
+ val = new_resource.full_privilege_auditing ? "Enable" : "Disable"
203
+ converge_by "Configure Audit: FullPrivilegeAuditing to #{val}" do
204
+ cmd = "auditpol /set /option:FullPrivilegeAuditing /value:#{val}"
205
+ powershell_exec!(cmd)
206
+ end
207
+ end
208
+
209
+ if !new_resource.audit_base_directories.nil? && option_configured?("AuditBaseDirectories", new_resource.audit_base_directories)
210
+ val = new_resource.audit_base_directories ? "Enable" : "Disable"
211
+ converge_by "Configure Audit: AuditBaseDirectories to #{val}" do
212
+ cmd = "auditpol /set /option:AuditBaseDirectories /value:#{val}"
213
+ powershell_exec!(cmd)
214
+ end
215
+ end
216
+
217
+ if !new_resource.audit_base_objects.nil? && option_configured?("AuditBaseObjects", new_resource.audit_base_objects)
218
+ val = new_resource.audit_base_objects ? "Enable" : "Disable"
219
+ converge_by "Configure Audit: AuditBaseObjects to #{val}" do
220
+ cmd = "auditpol /set /option:AuditBaseObjects /value:#{val}"
221
+ powershell_exec!(cmd)
222
+ end
223
+ end
224
+ end
225
+ end
226
+ end
227
+ end