RubyGems - chef - Versions diffs - 17.10.163 → 18.0.169 - Mend

chef 17.10.163 → 18.0.169

Files changed (330) hide show

checksums.yaml +4 -4
data/Gemfile +19 -20
data/README.md +7 -7
data/Rakefile +3 -22
data/{chef-universal-mingw32.gemspec → chef-universal-mingw-ucrt.gemspec} +8 -7
data/chef.gemspec +17 -15
data/lib/chef/api_client_v1.rb +9 -1
data/lib/chef/application/exit_code.rb +3 -3
data/lib/chef/client.rb +182 -0
data/lib/chef/compliance/input.rb +1 -1
data/lib/chef/compliance/profile.rb +1 -1
data/lib/chef/compliance/profile_collection.rb +0 -1
data/lib/chef/compliance/waiver.rb +1 -1
data/lib/chef/cookbook/syntax_check.rb +2 -2
data/lib/chef/dsl/reader_helpers.rb +1 -1
data/lib/chef/dsl/rest_resource.rb +77 -0
data/lib/chef/event_dispatch/base.rb +3 -0
data/lib/chef/exceptions.rb +8 -0
data/lib/chef/http/authenticator.rb +170 -3
data/lib/chef/http/ssl_policies.rb +4 -4
data/lib/chef/mixin/checksum.rb +0 -6
data/lib/chef/mixin/homebrew_user.rb +5 -15
data/lib/chef/mixin/openssl_helper.rb +13 -17
data/lib/chef/mixin/powershell_exec.rb +5 -28
data/lib/chef/node/mixin/immutablize_array.rb +1 -0
data/lib/chef/property.rb +5 -3
data/lib/chef/provider/cron.rb +1 -5
data/lib/chef/provider/file.rb +2 -2
data/lib/chef/provider/group/windows.rb +1 -1
data/lib/chef/provider/http_request.rb +11 -9
data/lib/chef/provider/mount/linux.rb +5 -0
data/lib/chef/provider/mount/mount.rb +8 -0
data/lib/chef/provider/mount/windows.rb +1 -1
data/lib/chef/provider/package/chocolatey.rb +1 -14
data/lib/chef/provider/package/rubygems.rb +1 -1
data/lib/chef/provider/package/windows/msi.rb +2 -2
data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
data/lib/chef/provider/package/windows.rb +1 -1
data/lib/chef/provider/package/yum/yum_helper.py +14 -2
data/lib/chef/provider/package/zypper/version.rb +60 -0
data/lib/chef/provider/package/zypper.rb +47 -8
data/lib/chef/provider/service/windows.rb +1 -1
data/lib/chef/provider/user/aix.rb +5 -0
data/lib/chef/provider/user/linux.rb +29 -0
data/lib/chef/provider/user/mac.rb +1 -1
data/lib/chef/provider/user.rb +46 -14
data/lib/chef/provider.rb +1 -1
data/lib/chef/recipe.rb +1 -1
data/lib/chef/resource/_rest_resource.rb +389 -0
data/lib/chef/resource/alternatives.rb +0 -1
data/lib/chef/resource/apt_package.rb +0 -1
data/lib/chef/resource/apt_preference.rb +0 -1
data/lib/chef/resource/apt_repository.rb +0 -1
data/lib/chef/resource/apt_update.rb +0 -1
data/lib/chef/resource/archive_file.rb +0 -1
data/lib/chef/resource/bash.rb +0 -1
data/lib/chef/resource/batch.rb +0 -1
data/lib/chef/resource/bff_package.rb +0 -1
data/lib/chef/resource/breakpoint.rb +0 -1
data/lib/chef/resource/build_essential.rb +0 -1
data/lib/chef/resource/cab_package.rb +0 -1
data/lib/chef/resource/chef_client_config.rb +14 -18
data/lib/chef/resource/chef_client_cron.rb +1 -2
data/lib/chef/resource/chef_client_launchd.rb +2 -2
data/lib/chef/resource/chef_client_scheduled_task.rb +3 -3
data/lib/chef/resource/chef_client_systemd_timer.rb +1 -2
data/lib/chef/resource/chef_client_trusted_certificate.rb +0 -1
data/lib/chef/resource/chef_gem.rb +0 -1
data/lib/chef/resource/chef_handler.rb +0 -1
data/lib/chef/resource/chef_sleep.rb +1 -3
data/lib/chef/resource/chef_vault_secret.rb +0 -1
data/lib/chef/resource/chocolatey_config.rb +0 -1
data/lib/chef/resource/chocolatey_feature.rb +0 -1
data/lib/chef/resource/chocolatey_package.rb +0 -1
data/lib/chef/resource/chocolatey_source.rb +0 -1
data/lib/chef/resource/cookbook_file.rb +0 -1
data/lib/chef/resource/cron/_cron_shared.rb +0 -1
data/lib/chef/resource/cron/cron.rb +0 -1
data/lib/chef/resource/cron/cron_d.rb +15 -1
data/lib/chef/resource/cron_access.rb +0 -1
data/lib/chef/resource/csh.rb +0 -1
data/lib/chef/resource/directory.rb +0 -1
data/lib/chef/resource/dmg_package.rb +0 -1
data/lib/chef/resource/dnf_package.rb +0 -1
data/lib/chef/resource/dpkg_package.rb +0 -1
data/lib/chef/resource/dsc_resource.rb +0 -1
data/lib/chef/resource/dsc_script.rb +0 -1
data/lib/chef/resource/execute.rb +0 -1
data/lib/chef/resource/file.rb +0 -1
data/lib/chef/resource/freebsd_package.rb +0 -1
data/lib/chef/resource/gem_package.rb +0 -1
data/lib/chef/resource/group.rb +25 -2
data/lib/chef/resource/habitat/habitat_package.rb +0 -1
data/lib/chef/resource/habitat/habitat_sup.rb +6 -7
data/lib/chef/resource/habitat/habitat_sup_windows.rb +1 -1
data/lib/chef/resource/habitat_config.rb +0 -1
data/lib/chef/resource/habitat_install.rb +0 -1
data/lib/chef/resource/habitat_service.rb +0 -1
data/lib/chef/resource/habitat_user_toml.rb +0 -1
data/lib/chef/resource/homebrew_cask.rb +8 -8
data/lib/chef/resource/homebrew_package.rb +1 -2
data/lib/chef/resource/homebrew_tap.rb +5 -6
data/lib/chef/resource/homebrew_update.rb +0 -2
data/lib/chef/resource/hostname.rb +0 -1
data/lib/chef/resource/http_request.rb +0 -1
data/lib/chef/resource/ifconfig.rb +0 -1
data/lib/chef/resource/inspec_input.rb +0 -1
data/lib/chef/resource/inspec_waiver.rb +0 -1
data/lib/chef/resource/inspec_waiver_file_entry.rb +2 -3
data/lib/chef/resource/ips_package.rb +0 -1
data/lib/chef/resource/kernel_module.rb +0 -1
data/lib/chef/resource/ksh.rb +0 -1
data/lib/chef/resource/launchd.rb +0 -1
data/lib/chef/resource/link.rb +0 -1
data/lib/chef/resource/locale.rb +2 -6
data/lib/chef/resource/log.rb +0 -1
data/lib/chef/resource/lwrp_base.rb +0 -4
data/lib/chef/resource/macos_userdefaults.rb +5 -10
data/lib/chef/resource/macosx_service.rb +0 -1
data/lib/chef/resource/macports_package.rb +0 -1
data/lib/chef/resource/mdadm.rb +0 -1
data/lib/chef/resource/mount.rb +0 -1
data/lib/chef/resource/msu_package.rb +0 -1
data/lib/chef/resource/notify_group.rb +0 -2
data/lib/chef/resource/ohai.rb +0 -1
data/lib/chef/resource/ohai_hint.rb +0 -1
data/lib/chef/resource/openbsd_package.rb +0 -1
data/lib/chef/resource/openssl_dhparam.rb +0 -2
data/lib/chef/resource/openssl_ec_private_key.rb +0 -2
data/lib/chef/resource/openssl_ec_public_key.rb +0 -2
data/lib/chef/resource/openssl_rsa_private_key.rb +0 -2
data/lib/chef/resource/openssl_rsa_public_key.rb +0 -2
data/lib/chef/resource/openssl_x509_certificate.rb +0 -2
data/lib/chef/resource/openssl_x509_crl.rb +0 -2
data/lib/chef/resource/openssl_x509_request.rb +0 -2
data/lib/chef/resource/osx_profile.rb +0 -1
data/lib/chef/resource/package.rb +0 -1
data/lib/chef/resource/pacman_package.rb +0 -1
data/lib/chef/resource/paludis_package.rb +0 -1
data/lib/chef/resource/perl.rb +0 -1
data/lib/chef/resource/plist.rb +7 -3
data/lib/chef/resource/portage_package.rb +0 -1
data/lib/chef/resource/powershell_package.rb +0 -1
data/lib/chef/resource/powershell_package_source.rb +0 -1
data/lib/chef/resource/powershell_script.rb +0 -1
data/lib/chef/resource/python.rb +0 -1
data/lib/chef/resource/reboot.rb +0 -1
data/lib/chef/resource/registry_key.rb +0 -1
data/lib/chef/resource/remote_directory.rb +0 -1
data/lib/chef/resource/remote_file.rb +0 -1
data/lib/chef/resource/rhsm_errata.rb +0 -1
data/lib/chef/resource/rhsm_errata_level.rb +0 -1
data/lib/chef/resource/rhsm_register.rb +0 -3
data/lib/chef/resource/rhsm_repo.rb +0 -1
data/lib/chef/resource/rhsm_subscription.rb +0 -1
data/lib/chef/resource/route.rb +0 -1
data/lib/chef/resource/rpm_package.rb +0 -1
data/lib/chef/resource/ruby.rb +0 -1
data/lib/chef/resource/ruby_block.rb +0 -1
data/lib/chef/resource/scm/_scm.rb +0 -2
data/lib/chef/resource/scm/git.rb +0 -2
data/lib/chef/resource/scm/subversion.rb +0 -2
data/lib/chef/resource/script.rb +0 -1
data/lib/chef/resource/selinux/common_helpers.rb +47 -0
data/lib/chef/resource/selinux/selinux_debian.erb +18 -0
data/lib/chef/resource/selinux/selinux_default.erb +15 -0
data/lib/chef/resource/selinux_boolean.rb +101 -0
data/lib/chef/resource/selinux_fcontext.rb +160 -0
data/lib/chef/resource/selinux_install.rb +107 -0
data/lib/chef/resource/selinux_module.rb +143 -0
data/lib/chef/resource/selinux_permissive.rb +64 -0
data/lib/chef/resource/selinux_port.rb +118 -0
data/lib/chef/resource/selinux_state.rb +166 -0
data/lib/chef/resource/service.rb +0 -1
data/lib/chef/resource/smartos_package.rb +0 -1
data/lib/chef/resource/snap_package.rb +0 -1
data/lib/chef/resource/solaris_package.rb +0 -1
data/lib/chef/resource/ssh_known_hosts_entry.rb +0 -1
data/lib/chef/resource/sudo.rb +0 -1
data/lib/chef/resource/support/client.erb +5 -6
data/lib/chef/resource/swap_file.rb +0 -1
data/lib/chef/resource/sysctl.rb +1 -2
data/lib/chef/resource/systemd_unit.rb +0 -1
data/lib/chef/resource/template.rb +0 -1
data/lib/chef/resource/timezone.rb +0 -1
data/lib/chef/resource/user/aix_user.rb +0 -1
data/lib/chef/resource/user/linux_user.rb +0 -1
data/lib/chef/resource/user/mac_user.rb +0 -1
data/lib/chef/resource/user/pw_user.rb +0 -1
data/lib/chef/resource/user/solaris_user.rb +0 -1
data/lib/chef/resource/user/windows_user.rb +0 -1
data/lib/chef/resource/user.rb +10 -1
data/lib/chef/resource/user_ulimit.rb +0 -1
data/lib/chef/resource/whyrun_safe_ruby_block.rb +0 -1
data/lib/chef/resource/windows_ad_join.rb +0 -2
data/lib/chef/resource/windows_audit_policy.rb +0 -2
data/lib/chef/resource/windows_auto_run.rb +0 -1
data/lib/chef/resource/windows_defender.rb +0 -1
data/lib/chef/resource/windows_defender_exclusion.rb +0 -1
data/lib/chef/resource/windows_dfs_folder.rb +0 -1
data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
data/lib/chef/resource/windows_dfs_server.rb +0 -1
data/lib/chef/resource/windows_dns_record.rb +0 -1
data/lib/chef/resource/windows_dns_zone.rb +0 -1
data/lib/chef/resource/windows_env.rb +0 -1
data/lib/chef/resource/windows_feature.rb +0 -1
data/lib/chef/resource/windows_feature_dism.rb +0 -1
data/lib/chef/resource/windows_feature_powershell.rb +0 -1
data/lib/chef/resource/windows_firewall_profile.rb +0 -2
data/lib/chef/resource/windows_firewall_rule.rb +0 -1
data/lib/chef/resource/windows_font.rb +2 -3
data/lib/chef/resource/windows_package.rb +0 -1
data/lib/chef/resource/windows_pagefile.rb +0 -2
data/lib/chef/resource/windows_path.rb +0 -1
data/lib/chef/resource/windows_printer.rb +0 -1
data/lib/chef/resource/windows_printer_port.rb +0 -1
data/lib/chef/resource/windows_script.rb +0 -2
data/lib/chef/resource/windows_security_policy.rb +0 -1
data/lib/chef/resource/windows_service.rb +0 -1
data/lib/chef/resource/windows_share.rb +0 -1
data/lib/chef/resource/windows_shortcut.rb +1 -2
data/lib/chef/resource/windows_task.rb +0 -1
data/lib/chef/resource/windows_uac.rb +0 -1
data/lib/chef/resource/windows_update_settings.rb +0 -1
data/lib/chef/resource/windows_user_privilege.rb +0 -1
data/lib/chef/resource/windows_workgroup.rb +0 -1
data/lib/chef/resource/yum_package.rb +0 -1
data/lib/chef/resource/yum_repository.rb +0 -1
data/lib/chef/resource/zypper_package.rb +0 -1
data/lib/chef/resource/zypper_repository.rb +0 -1
data/lib/chef/resource.rb +12 -5
data/lib/chef/resources.rb +7 -0
data/lib/chef/run_context.rb +3 -3
data/lib/chef/secret_fetcher/azure_key_vault.rb +1 -1
data/lib/chef/version.rb +1 -1
data/lib/chef/win32/handle.rb +6 -7
data/lib/chef/win32/registry.rb +7 -3
data/spec/data/rubygems.org/sexp_processor-info +2 -1
data/spec/data/trusted_certs/example.crt +20 -29
data/spec/data/trusted_certs/example_no_cn.crt +34 -30
data/spec/data/trusted_certs/opscode.pem +54 -33
data/spec/functional/resource/chocolatey_package_spec.rb +20 -32
data/spec/functional/resource/dsc_script_spec.rb +1 -1
data/spec/functional/resource/group_spec.rb +26 -42
data/spec/functional/resource/link_spec.rb +8 -8
data/spec/functional/resource/macos_userdefaults_spec.rb +4 -4
data/spec/functional/resource/plist_spec.rb +25 -0
data/spec/functional/resource/user/linux_user_spec.rb +127 -0
data/spec/functional/resource/windows_certificate_spec.rb +1 -26
data/spec/functional/resource/windows_font_spec.rb +12 -9
data/spec/functional/resource/yum_package_spec.rb +1 -17
data/spec/functional/resource/zypper_package_spec.rb +12 -10
data/spec/functional/shell_spec.rb +1 -2
data/spec/functional/version_spec.rb +1 -1
data/spec/functional/win32/registry_spec.rb +0 -3
data/spec/integration/client/client_spec.rb +82 -3
data/spec/integration/client/exit_code_spec.rb +1 -1
data/spec/integration/client/ipv6_spec.rb +1 -1
data/spec/integration/compliance/compliance_spec.rb +1 -1
data/spec/integration/recipes/accumulator_spec.rb +1 -1
data/spec/integration/recipes/lwrp_inline_resources_spec.rb +1 -1
data/spec/integration/recipes/lwrp_spec.rb +1 -1
data/spec/integration/recipes/notifies_spec.rb +1 -1
data/spec/integration/recipes/notifying_block_spec.rb +1 -1
data/spec/integration/recipes/remote_directory.rb +1 -1
data/spec/integration/recipes/unified_mode_spec.rb +1 -1
data/spec/integration/recipes/use_partial_spec.rb +2 -1
data/spec/integration/solo/solo_spec.rb +2 -2
data/spec/spec_helper.rb +1 -5
data/spec/support/platform_helpers.rb +0 -4
data/spec/support/ruby_installer.rb +1 -1
data/spec/support/shared/functional/windows_script.rb +2 -2
data/spec/unit/application/client_spec.rb +0 -10
data/spec/unit/client_spec.rb +70 -2
data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +1 -1
data/spec/unit/cookbook/syntax_check_spec.rb +3 -0
data/spec/unit/http/authenticator_spec.rb +68 -0
data/spec/unit/mixin/checksum_spec.rb +0 -28
data/spec/unit/mixin/homebrew_user_spec.rb +7 -30
data/spec/unit/mixin/openssl_helper_spec.rb +1 -1
data/spec/unit/mixin/powershell_exec_spec.rb +5 -5
data/spec/unit/platform/query_helpers_spec.rb +2 -17
data/spec/unit/provider/cron_spec.rb +0 -34
data/spec/unit/provider/http_request_spec.rb +60 -72
data/spec/unit/provider/mount/linux_spec.rb +10 -0
data/spec/unit/provider/package/chocolatey_spec.rb +3 -20
data/spec/unit/provider/package/rubygems_spec.rb +1 -1
data/spec/unit/provider/package/zypper_spec.rb +32 -0
data/spec/unit/provider/user/linux_spec.rb +51 -11
data/spec/unit/provider/user_spec.rb +24 -6
data/spec/unit/resource/archive_file_spec.rb +1 -1
data/spec/unit/resource/chef_client_cron_spec.rb +5 -0
data/spec/unit/resource/chef_client_launchd_spec.rb +5 -0
data/spec/unit/resource/chef_client_scheduled_task_spec.rb +5 -0
data/spec/unit/resource/chef_client_systemd_timer_spec.rb +2 -2
data/spec/unit/resource/cron_d_spec.rb +37 -1
data/spec/unit/resource/macos_user_defaults_spec.rb +4 -4
data/spec/unit/resource/rest_resource_spec.rb +381 -0
data/spec/unit/resource/selinux_boolean_spec.rb +92 -0
data/spec/unit/resource/selinux_fcontext_spec.rb +65 -0
data/spec/unit/resource/selinux_install_spec.rb +60 -0
data/spec/unit/resource/selinux_module_spec.rb +55 -0
data/spec/unit/resource/selinux_permissive_spec.rb +39 -0
data/spec/unit/resource/selinux_port_spec.rb +42 -0
data/spec/unit/resource/selinux_state_spec.rb +46 -0
data/spec/unit/resource/sysctl_spec.rb +2 -2
data/spec/unit/resource/user/linux_user_spec.rb +42 -0
data/spec/unit/resource_spec.rb +8 -2
data/spec/unit/util/dsc/local_configuration_manager_spec.rb +1 -1
data/tasks/rspec.rb +1 -1
metadata +106 -55
data/spec/functional/assets/yumrepo-empty/repodata/01a3b-filelists.sqlite.bz2 +0 -0
data/spec/functional/assets/yumrepo-empty/repodata/401dc-filelists.xml.gz +0 -0
data/spec/functional/assets/yumrepo-empty/repodata/5dc1e-primary.sqlite.bz2 +0 -0
data/spec/functional/assets/yumrepo-empty/repodata/6bf96-other.xml.gz +0 -0
data/spec/functional/assets/yumrepo-empty/repodata/7c365-other.sqlite.bz2 +0 -0
data/spec/functional/assets/yumrepo-empty/repodata/dabe2-primary.xml.gz +0 -0
data/spec/functional/assets/yumrepo-empty/repodata/repomd.xml +0 -55
data/spec/integration/client/fips_spec.rb +0 -29
data/spec/integration/client/open_ssl_spec.rb +0 -20
/data/spec/functional/assets/chocolatey_feed/{test-A.1.0.0.nupkg → test-A.1.0.nupkg} +0 -0
/data/spec/functional/assets/chocolatey_feed/{test-A.1.5.0.nupkg → test-A.1.5.nupkg} +0 -0
/data/spec/functional/assets/chocolatey_feed/{test-A.2.0.0.nupkg → test-A.2.0.nupkg} +0 -0
/data/spec/functional/assets/chocolatey_feed/{test-B.1.0.0.nupkg → test-B.1.0.nupkg} +0 -0
/data/spec/functional/assets/yumrepo/repodata/{01a3b-filelists.sqlite.bz2 → 4632d67cb92636e7575d911c24f0e04d3505a944e97c483abe0c3e73a7c62d33-filelists.sqlite.bz2} +0 -0
/data/spec/functional/assets/yumrepo/repodata/{6bf96-other.xml.gz → 74599b793e54d877323837d2d81a1c3c594c44e4335f9528234bb490f7b9b439-other.xml.gz} +0 -0
/data/spec/functional/assets/yumrepo/repodata/{5dc1e-primary.sqlite.bz2 → a845d418f919d2115ab95a56b2c76f6825ad0d0bede49181a55c04f58995d057-primary.sqlite.bz2} +0 -0
/data/spec/functional/assets/yumrepo/repodata/{7c365-other.sqlite.bz2 → af9b7cf9ef23bd7b43068d74a460f3b5d06753d638e58e4a0c9edc35bfb9cdc4-other.sqlite.bz2} +0 -0
/data/spec/functional/assets/yumrepo/repodata/{401dc-filelists.xml.gz → bdb4f5f1492a3b9532f22c43110a81500dd744f23da0aec5c33b2a41317c737d-filelists.xml.gz} +0 -0
/data/spec/functional/assets/yumrepo/repodata/{dabe2-primary.xml.gz → c10d1d34ce99e02f12ec96ef68360543ab1bb7c3cb81a4a2bf78df7d8597e9df-primary.xml.gz} +0 -0

data/lib/chef/resource/locale.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class Locale < Chef::Resource
-      unified_mode true
       provides :locale
       description "Use the **locale** resource to set the system's locale on Debian and Windows systems. Windows support was added in Chef Infra Client 16.0"
@@ -113,11 +112,8 @@ class Chef
           end
           requirements.assert(:all_actions) do |a|
-            a.assertion do
-              # RHEL/CentOS type platforms don't have locale-gen
-              # Windows has locale-gen as part of the install, but not in the path
-              which("locale-gen") || windows?
-            end
+            # RHEL/CentOS type platforms don't have locale-gen
+            a.assertion { which("locale-gen") }
             a.failure_message(Chef::Exceptions::ProviderNotFound, "The locale resource requires the locale-gen tool")
           end
         end

data/lib/chef/resource/log.rb CHANGED Viewed

@@ -29,7 +29,6 @@ class Chef
     #     level :debug
     #   end
     class Log < Chef::Resource
-      unified_mode true
       provides :log, target_mode: true

data/lib/chef/resource/lwrp_base.rb CHANGED Viewed

@@ -54,10 +54,6 @@ class Chef
           resource_class.run_context = run_context
           resource_class.class_from_file(filename)
-          if !resource_class.unified_mode && !deprecated_class(resource_class) && cookbook_name.to_s != "chef_client_updater"
-            Chef.deprecated :unified_mode, "The #{resource_class.resource_name} resource in the #{cookbook_name} cookbook should declare `unified_mode true`", filename
-          end
           # Make a useful string for the class (rather than <Class:312894723894>)
           resource_class.instance_eval do
             define_singleton_method(:to_s) do

data/lib/chef/resource/macos_userdefaults.rb CHANGED Viewed

@@ -23,7 +23,6 @@ autoload :Plist, "plist"
 class Chef
   class Resource
     class MacosUserDefaults < Chef::Resource
-      unified_mode true
       # align with apple's marketing department
       provides(:macos_userdefaults) { true }
@@ -51,17 +50,15 @@ class Chef
         end
         ```
-        **Setting a value for specific user and hosts**
+        **Specifying the type of a key to skip automatic type detection**
         ```ruby
-        macos_userdefaults 'Enable macOS firewall' do
-          key 'globalstate'
-          value 1
-          user 'jane'
-          host :current
+        macos_userdefaults 'Finder expanded save dialogs' do
+          key 'NSNavPanelExpandedStateForSaveMode'
+          value 'TRUE'
+          type 'bool'
         end
         ```
       DOC
       property :domain, String,
@@ -82,7 +79,6 @@ class Chef
       property :host, [String, Symbol],
         description: "Set either :current, :all or a hostname to set the user default at the host level.",
-        default: :all,
         desired_state: false,
         introduced: "16.3"
@@ -98,7 +94,6 @@ class Chef
       property :user, [String, Symbol],
         description: "The system user that the default will be applied to. Set :current for current user, :all for all users or pass a valid username",
-        default: :current,
         desired_state: false
       property :sudo, [TrueClass, FalseClass],

data/lib/chef/resource/macosx_service.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "service"
 class Chef
   class Resource
     class MacosxService < Chef::Resource::Service
-      unified_mode true
       provides :macosx_service
       provides :service, os: "darwin"

data/lib/chef/resource/macports_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class MacportsPackage < Chef::Resource::Package
-      unified_mode true
       provides :macports_package
       description "Use the **macports_package** resource to manage packages for the macOS platform using the MacPorts package management system."

data/lib/chef/resource/mdadm.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class Mdadm < Chef::Resource
-      unified_mode true
       provides :mdadm

data/lib/chef/resource/mount.rb CHANGED Viewed

@@ -23,7 +23,6 @@ class Chef
   class Resource
     class Mount < Chef::Resource
       description "Use the **mount** resource to manage a mounted file system."
-      unified_mode true
       provides :mount

data/lib/chef/resource/msu_package.rb CHANGED Viewed

@@ -23,7 +23,6 @@ class Chef
   class Resource
     class MsuPackage < Chef::Resource::Package
       include Chef::Mixin::Uris
-      unified_mode true
       provides :msu_package

data/lib/chef/resource/notify_group.rb CHANGED Viewed

@@ -21,8 +21,6 @@ class Chef
     class NotifyGroup < Chef::Resource
       provides :notify_group
-      unified_mode true
       description "The notify_group resource does nothing, and always fires notifications which are set on it.  Use it to DRY blocks of notifications that are common to multiple resources, and provide a single target for other resources to notify.  Unlike most resources, its default action is :nothing."
       introduced "15.8"
       examples <<~DOC

data/lib/chef/resource/ohai.rb CHANGED Viewed

@@ -25,7 +25,6 @@ require "ohai" unless defined?(Ohai::System)
 class Chef
   class Resource
     class Ohai < Chef::Resource
-      unified_mode true
       provides :ohai

data/lib/chef/resource/ohai_hint.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class OhaiHint < Chef::Resource
-      unified_mode true
       provides(:ohai_hint) { true }

data/lib/chef/resource/openbsd_package.rb CHANGED Viewed

@@ -25,7 +25,6 @@ require_relative "../provider/package/openbsd"
 class Chef
   class Resource
     class OpenbsdPackage < Chef::Resource::Package
-      unified_mode true
       provides :openbsd_package
       provides :package, os: "openbsd"

data/lib/chef/resource/openssl_dhparam.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides(:openssl_dhparam) { true }
       description "Use the **openssl_dhparam** resource to generate `dhparam.pem` files. If a valid `dhparam.pem` file is found at the specified location, no new file will be created. If a file is found at the specified location but it is not a valid `dhparam.pem` file, it will be overwritten."

data/lib/chef/resource/openssl_ec_private_key.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_ec_private_key
       description "Use the **openssl_ec_private_key** resource to generate an elliptic curve (EC) private key file. If a valid EC key file can be opened at the specified location, no new file will be created. If the EC key file cannot be opened, either because it does not exist or because the password to the EC key file does not match the password in the recipe, then it will be overwritten."

data/lib/chef/resource/openssl_ec_public_key.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_ec_public_key
       description "Use the **openssl_ec_public_key** resource to generate elliptic curve (EC) public key files from a given EC private key."

data/lib/chef/resource/openssl_rsa_private_key.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides(:openssl_rsa_private_key) { true }
       provides(:openssl_rsa_key) { true } # legacy cookbook resource name

data/lib/chef/resource/openssl_rsa_public_key.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides(:openssl_rsa_public_key) { true }
       examples <<~DOC

data/lib/chef/resource/openssl_x509_certificate.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_x509_certificate
       provides(:openssl_x509) { true } # legacy cookbook name.

data/lib/chef/resource/openssl_x509_crl.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_x509_crl
       description "Use the **openssl_x509_crl** resource to generate PEM-formatted x509 certificate revocation list (CRL) files."

data/lib/chef/resource/openssl_x509_request.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
       require_relative "../mixin/openssl_helper"
       include Chef::Mixin::OpenSSLHelper
-      unified_mode true
       provides :openssl_x509_request
       description "Use the **openssl_x509_request** resource to generate PEM-formatted x509 certificates requests. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate."

data/lib/chef/resource/osx_profile.rb CHANGED Viewed

@@ -25,7 +25,6 @@ autoload :Plist, "plist"
 class Chef
   class Resource
     class OsxProfile < Chef::Resource
-      unified_mode true
       provides :osx_profile
       provides :osx_config_profile

data/lib/chef/resource/package.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class Package < Chef::Resource
-      unified_mode true
       provides :package
       description "Use the **package** resource to manage packages. When the package is"\

data/lib/chef/resource/pacman_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class PacmanPackage < Chef::Resource::Package
-      unified_mode true
       provides :pacman_package

data/lib/chef/resource/paludis_package.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../provider/package/paludis"
 class Chef
   class Resource
     class PaludisPackage < Chef::Resource::Package
-      unified_mode true
       provides :paludis_package

data/lib/chef/resource/perl.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "script"
 class Chef
   class Resource
     class Perl < Chef::Resource::Script
-      unified_mode true
       provides :perl

data/lib/chef/resource/plist.rb CHANGED Viewed

@@ -22,7 +22,6 @@ class Chef
   class Resource
     class PlistResource < Chef::Resource # we name this PlistResource to avoid confusion with Plist from the plist gem
-      unified_mode true
       provides :plist
@@ -85,7 +84,7 @@ class Chef
         converge_if_changed :path do
           converge_by "create new plist: '#{new_resource.path}'" do
             file new_resource.path do
-              content {}.to_plist
+              content({}.to_plist)
               owner new_resource.owner
               group new_resource.group
               mode new_resource.mode if property_is_set?(:mode)
@@ -189,7 +188,12 @@ class Chef
         sep = " "
         arg = case subcommand.to_s
               when "add"
-                type_to_commandline_string(value)
+                if value.is_a?(Hash)
+                  sep = ":"
+                  value.map { |k, v| "#{k} #{type_to_commandline_string(v)}" }
+                else
+                  type_to_commandline_string(value)
+                end
               when "set"
                 if value.is_a?(Hash)
                   sep = ":"

data/lib/chef/resource/portage_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class PortagePackage < Chef::Resource::Package
-      unified_mode true
       provides :portage_package

data/lib/chef/resource/powershell_package.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "package"
 class Chef
   class Resource
     class PowershellPackage < Chef::Resource::Package
-      unified_mode true
       provides :powershell_package

data/lib/chef/resource/powershell_package_source.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class PowershellPackageSource < Chef::Resource
-      unified_mode true
       provides :powershell_package_source

data/lib/chef/resource/powershell_script.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "windows_script"
 class Chef
   class Resource
     class PowershellScript < Chef::Resource::WindowsScript
-      unified_mode true
       set_guard_inherited_attributes(:interpreter)

data/lib/chef/resource/python.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "script"
 class Chef
   class Resource
     class Python < Chef::Resource::Script
-      unified_mode true
       provides :python

data/lib/chef/resource/reboot.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class Reboot < Chef::Resource
-      unified_mode true
       provides :reboot

data/lib/chef/resource/registry_key.rb CHANGED Viewed

@@ -23,7 +23,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class RegistryKey < Chef::Resource
-      unified_mode true
       provides(:registry_key) { true }

data/lib/chef/resource/remote_directory.rb CHANGED Viewed

@@ -25,7 +25,6 @@ class Chef
   class Resource
     class RemoteDirectory < Chef::Resource::Directory
       include Chef::Mixin::Securable
-      unified_mode true
       provides :remote_directory

data/lib/chef/resource/remote_file.rb CHANGED Viewed

@@ -28,7 +28,6 @@ class Chef
   class Resource
     class RemoteFile < Chef::Resource::File
       include Chef::Mixin::Securable
-      unified_mode true
       provides :remote_file

data/lib/chef/resource/rhsm_errata.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmErrata < Chef::Resource
-      unified_mode true
       provides(:rhsm_errata) { true }
       description "Use the **rhsm_errata** resource to install packages associated with a given Red Hat Subscription Manager Errata ID. This is helpful if packages to mitigate a single vulnerability must be installed on your hosts."

data/lib/chef/resource/rhsm_errata_level.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmErrataLevel < Chef::Resource
-      unified_mode true
       provides(:rhsm_errata_level) { true }
       description "Use the **rhsm_errata_level** resource to install all packages of a specified errata level from the Red Hat Subscription Manager. For example, you can ensure that all packages associated with errata marked at a 'Critical' security level are installed."

data/lib/chef/resource/rhsm_register.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require "shellwords" unless defined?(Shellwords)
 class Chef
   class Resource
     class RhsmRegister < Chef::Resource
-      unified_mode true
       provides(:rhsm_register) { true }
       description "Use the **rhsm_register** resource to register a node with the Red Hat Subscription Manager or a local Red Hat Satellite server."
@@ -137,8 +136,6 @@ class Chef
       end
       action :unregister, description: "Unregister the node from RHSM." do
-        description "Unregister the node from RHSM."
         package flush_package_cache_name do
           action :nothing
         end

data/lib/chef/resource/rhsm_repo.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmRepo < Chef::Resource
-      unified_mode true
       provides(:rhsm_repo) { true }

data/lib/chef/resource/rhsm_subscription.rb CHANGED Viewed

@@ -20,7 +20,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmSubscription < Chef::Resource
-      unified_mode true
       provides(:rhsm_subscription) { true }

data/lib/chef/resource/route.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "../resource"
 class Chef
   class Resource
     class Route < Chef::Resource
-      unified_mode true
       provides :route

data/lib/chef/resource/rpm_package.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "package"
 class Chef
   class Resource
     class RpmPackage < Chef::Resource::Package
-      unified_mode true
       provides :rpm_package

data/lib/chef/resource/ruby.rb CHANGED Viewed

@@ -21,7 +21,6 @@ require_relative "script"
 class Chef
   class Resource
     class Ruby < Chef::Resource::Script
-      unified_mode true
       provides :ruby

data/lib/chef/resource/ruby_block.rb CHANGED Viewed

@@ -24,7 +24,6 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class RubyBlock < Chef::Resource
-      unified_mode true
       provides :ruby_block, target_mode: true

data/lib/chef/resource/scm/_scm.rb CHANGED Viewed

@@ -16,8 +16,6 @@
 # limitations under the License.
 #
-unified_mode true
 default_action :sync
 allowed_actions :checkout, :export, :sync, :diff, :log

data/lib/chef/resource/scm/git.rb CHANGED Viewed

@@ -23,8 +23,6 @@ class Chef
     class Git < Chef::Resource
       use "scm"
-      unified_mode true
       provides :git
       description "Use the **git** resource to manage source control resources that exist in a git repository. git version 1.6.5 (or higher) is required to use all of the functionality in the git resource."

data/lib/chef/resource/scm/subversion.rb CHANGED Viewed

@@ -24,8 +24,6 @@ class Chef
     class Subversion < Chef::Resource
       use "scm"
-      unified_mode true
       provides :subversion
       description "Use the **subversion** resource to manage source control resources that exist in a Subversion repository. Warning: The subversion resource has known bugs and may not work as expected. For more information see Chef GitHub issues, particularly [#4050](https://github.com/chef/chef/issues/4050) and [#4257](https://github.com/chef/chef/issues/4257)."

data/lib/chef/resource/script.rb CHANGED Viewed

@@ -22,7 +22,6 @@ require_relative "execute"
 class Chef
   class Resource
     class Script < Chef::Resource::Execute
-      unified_mode true
       provides :script

data/lib/chef/resource/selinux/common_helpers.rb ADDED Viewed

@@ -0,0 +1,47 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+class Chef
+  module SELinux
+    module CommonHelpers
+      def selinux_disabled?
+        selinux_state.eql?(:disabled)
+      end
+      def selinux_enforcing?
+        selinux_state.eql?(:enforcing)
+      end
+      def selinux_permissive?
+        selinux_state.eql?(:permissive)
+      end
+      def state_change_reboot_required?
+        (selinux_disabled? && %i{enforcing permissive}.include?(action)) || ((selinux_enforcing? || selinux_permissive?) && action == :disabled)
+      end
+      def selinux_state
+        state = shell_out!("getenforce").stdout.strip.downcase.to_sym
+        raise "Got unknown SELinux state #{state}" unless %i{disabled enforcing permissive}.include?(state)
+        state
+      end
+      def selinux_activate_required?
+        return false unless platform_family?("debian")
+        !File.read("/etc/default/grub").match?("security=selinux")
+      end
+    end
+  end
+end

data/lib/chef/resource/selinux/selinux_debian.erb ADDED Viewed

@@ -0,0 +1,18 @@
+# Generated by Chef for <%= node['fqdn'] %>
+# Do NOT modify this file by hand.
+#
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+# enforcing - SELinux security policy is enforced.
+# permissive - SELinux prints warnings instead of enforcing.
+# disabled - No SELinux policy is loaded.
+SELINUX=<%= @selinux %>
+# SELINUXTYPE= can take one of these three values:
+# default - equivalent to the old strict and targeted policies
+# mls     - Multi-Level Security (for military and educational use)
+# src     - Custom policy built from source
+SELINUXTYPE=<%= @selinuxtype %>
+# SETLOCALDEFS= Check local definition changes
+SETLOCALDEFS=0

data/lib/chef/resource/selinux/selinux_default.erb ADDED Viewed

@@ -0,0 +1,15 @@
+# Generated by Chef for <%= node['fqdn'] %>
+# Do NOT modify this file by hand.
+#
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#     enforcing - SELinux security policy is enforced.
+#     permissive - SELinux prints warnings instead of enforcing.
+#     disabled - No SELinux policy is loaded.
+SELINUX=<%= @selinux %>
+# SELINUXTYPE= can take one of these three values:
+#     targeted - Targeted processes are protected,
+#     minimum - Modification of targeted policy. Only selected processes are protected.
+#     mls - Multi Level Security protection.
+SELINUXTYPE=<%= @selinuxtype %>