chef 18.4.12 → 18.5.0

data/lib/chef/resource/hostname.rb

@@ -24,7 +24,7 @@ class Chef
     # @since 14.0.0
     class Hostname < Chef::Resource
 
-      provides :hostname
+      provides :hostname, target_mode: true
 
       description "Use the **hostname** resource to set the system's hostname, configure hostname and hosts config file, and re-run the Ohai hostname plugin so the hostname will be available in subsequent cookbooks."
       introduced "14.0"
@@ -99,7 +99,7 @@ class Chef
 
       action_class do
         def append_replacing_matching_lines(path, regex, string)
-          text = IO.read(path).split("\n")
+          text = TargetIO::IO.read(path).split("\n")
           text.reject! { |s| s =~ regex }
           text += [ string ]
           file path do
@@ -107,7 +107,7 @@ class Chef
             owner "root"
             group node["root_group"]
             mode "0644"
-            not_if { IO.read(path).split("\n").include?(string) }
+            not_if { TargetIO::IO.read(path).split("\n").include?(string) }
           end
         end
 
@@ -181,14 +181,14 @@ class Chef
             end
           when linux?
             case
-            when ::File.exist?("/usr/bin/hostnamectl") && !docker?
+            when ::TargetIO::File.exist?("/usr/bin/hostnamectl") && !docker?
               # use hostnamectl whenever we find it on linux (as systemd takes over the world)
               # this must come before other methods like /etc/hostname and /etc/sysconfig/network
               execute "hostnamectl set-hostname #{new_resource.hostname}" do
                 notifies :reload, "ohai[reload hostname]"
                 not_if { shell_out!("hostnamectl status", returns: [0, 1]).stdout =~ /Static hostname:\s*#{new_resource.hostname}\s*$/ }
               end
-            when ::File.exist?("/etc/hostname")
+            when ::TargetIO::File.exist?("/etc/hostname")
               # debian family uses /etc/hostname
               # arch also uses /etc/hostname
               # the "platform: iox_xr, platform_family: wrlinux, os: linux" platform also hits this
@@ -201,10 +201,10 @@ class Chef
                 group node["root_group"]
                 mode "0644"
               end
-            when ::File.file?("/etc/sysconfig/network")
+            when ::TargetIO::File.file?("/etc/sysconfig/network")
               # older non-systemd RHEL/Fedora derived
               append_replacing_matching_lines("/etc/sysconfig/network", /^HOSTNAME\s*=/, "HOSTNAME=#{new_resource.hostname}")
-            when ::File.exist?("/etc/HOSTNAME")
+            when ::TargetIO::File.exist?("/etc/HOSTNAME")
               # SuSE/openSUSE uses /etc/HOSTNAME
               file "/etc/HOSTNAME" do
                 content "#{new_resource.hostname}\n"
@@ -212,7 +212,7 @@ class Chef
                 group node["root_group"]
                 mode "0644"
               end
-            when ::File.exist?("/etc/conf.d/hostname")
+            when ::TargetIO::File.exist?("/etc/conf.d/hostname")
               # Gentoo
               file "/etc/conf.d/hostname" do
                 content "hostname=\"#{new_resource.hostname}\"\n"
@@ -226,7 +226,7 @@ class Chef
               # that manage sysctls on linux.
               append_replacing_matching_lines("/etc/sysctl.conf", /^\s+kernel\.hostname\s+=/, "kernel.hostname=#{new_resource.hostname}")
             end
-          when ::File.exist?("/etc/rc.conf")
+          when ::TargetIO::File.exist?("/etc/rc.conf")
             # *BSD systems with /etc/rc.conf + /etc/myname
             append_replacing_matching_lines("/etc/rc.conf", /^\s+hostname\s+=/, "hostname=#{new_resource.hostname}")
 
@@ -236,7 +236,7 @@ class Chef
               group node["root_group"]
               mode "0644"
             end
-          when ::File.exist?("/usr/sbin/svccfg") # solaris 5.11
+          when ::TargetIO::File.exist?("/usr/sbin/svccfg") # solaris 5.11
             execute "svccfg -s system/identity:node setprop config/nodename=\'#{new_resource.hostname}\'" do
               notifies :run, "execute[svcadm refresh]", :immediately
               notifies :run, "execute[svcadm restart]", :immediately
@@ -259,6 +259,7 @@ class Chef
           WINDOWS_EC2_CONFIG = 'C:\Program Files\Amazon\Ec2ConfigService\Settings\config.xml'.freeze
 
           raise "Windows hostnames cannot contain a period." if new_resource.hostname.include?(".")
+          raise "Windows not supported in Target Mode" if ChefConfig::Config.target_mode?
 
           # suppress EC2 config service from setting our hostname
           if ::File.exist?(WINDOWS_EC2_CONFIG)

data/lib/chef/resource/http_request.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class HttpRequest < Chef::Resource
 
-      provides :http_request
+      provides :http_request, target_mode: true
 
       description "Use the **http_request** resource to send an HTTP request (`GET`, `PUT`, `POST`, `DELETE`, `HEAD`, or `OPTIONS`) with an arbitrary message. This resource is often useful when custom callbacks are necessary."
 

data/lib/chef/resource/ifconfig.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class Ifconfig < Chef::Resource
 
-      provides :ifconfig
+      provides :ifconfig, target_mode: true
 
       description "Use the **ifconfig** resource to manage interfaces on Unix and Linux systems. Note: This resource requires the ifconfig binary to be present on the system and may require additional packages to be installed first. On Ubuntu 18.04 or later you will need to install the `ifupdown` package, which disables the built in Netplan functionality. Warning: This resource will not work with Fedora release 33 or later."
       examples <<~DOC

data/lib/chef/resource/inspec_input.rb

@@ -19,7 +19,7 @@ require_relative "../resource"
 class Chef
   class Resource
     class InspecInput < Chef::Resource
-      provides :inspec_input
+      provides :inspec_input, target_mode: true
 
       description "Use the **inspec_input** resource to add an input to the Compliance Phase."
       introduced "17.5"
@@ -105,6 +105,8 @@ class Chef
         def build_source
           return new_resource.source unless new_resource.source.nil?
           return nil unless new_resource.input.count(::File::SEPARATOR) > 0 || (::File::ALT_SEPARATOR && new_resource.input.count(::File::ALT_SEPARATOR) > 0 )
+
+          # InSpec gets processed locally, so no TargetIO
           return nil unless ::File.exist?(new_resource.input)
 
           new_resource.input

data/lib/chef/resource/inspec_waiver.rb

@@ -19,7 +19,7 @@ require_relative "../resource"
 class Chef
   class Resource
     class InspecWaiver < Chef::Resource
-      provides :inspec_waiver
+      provides :inspec_waiver, target_mode: true
 
       description "Use the **inspec_waiver** resource to add a waiver to the Compliance Phase."
       introduced "17.5"

data/lib/chef/resource/inspec_waiver_file_entry.rb

@@ -23,7 +23,7 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class InspecWaiverFileEntry < Chef::Resource
-      provides :inspec_waiver_file_entry
+      provides :inspec_waiver_file_entry, target_mode: true
 
       description "Use the **inspec_waiver_file_entry** resource to add or remove entries from an InSpec waiver file. This can be used in conjunction with the Compliance Phase."
       introduced "17.1"

data/lib/chef/resource/ips_package.rb

@@ -23,8 +23,8 @@ class Chef
   class Resource
     class IpsPackage < ::Chef::Resource::Package
 
-      provides :ips_package
-      provides :package, os: "solaris2"
+      provides :ips_package, target_mode: true
+      provides :package, os: "solaris2", target_mode: true
 
       description "Use the **ips_package** resource to manage packages (using Image Packaging System (IPS)) on the Solaris 11 platform."
 

data/lib/chef/resource/kernel_module.rb

@@ -12,7 +12,7 @@ class Chef
   class Resource
     class KernelModule < Chef::Resource
 
-      provides :kernel_module
+      provides :kernel_module, target_mode: true
 
       description "Use the **kernel_module** resource to manage kernel modules on Linux systems. This resource can load, unload, blacklist, disable, enable, install, and uninstall modules."
       introduced "14.3"
@@ -232,7 +232,7 @@ class Chef
         # see if the module is listed in /proc/modules or not
         # @return [Boolean]
         def module_loaded?
-          /^#{new_resource.modname}/.match?(::File.read("/proc/modules"))
+          /^#{new_resource.modname}/.match?(::TargetIO::File.read("/proc/modules"))
         end
       end
     end

data/lib/chef/resource/link.rb

@@ -25,7 +25,7 @@ class Chef
     class Link < Chef::Resource
       include Chef::Mixin::Securable
 
-      provides :link
+      provides :link, target_mode: true
 
       description "Use the **link** resource to create symbolic or hard links.\n\n"\
                   "A symbolic link—sometimes referred to as a soft link—is a directory entry"\

data/lib/chef/resource/locale.rb

@@ -21,7 +21,7 @@ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 class Chef
   class Resource
     class Locale < Chef::Resource
-      provides :locale
+      provides :locale, target_mode: true
 
       description "Use the **locale** resource to set the system's locale on Debian and Windows systems. Windows support was added in Chef Infra Client 16.0"
       introduced "14.5"
@@ -79,7 +79,7 @@ class Chef
           lang get_system_locale_windows
         else
           begin
-            old_content = ::File.read(LOCALE_CONF)
+            old_content = ::TargetIO::File.read(LOCALE_CONF)
             locale_values = Hash[old_content.split("\n").map { |v| v.split("=") }]
             lang locale_values["LANG"]
           rescue Errno::ENOENT => e

data/lib/chef/resource/mount.rb

@@ -24,7 +24,7 @@ class Chef
     class Mount < Chef::Resource
       description "Use the **mount** resource to manage a mounted file system."
 
-      provides :mount
+      provides :mount, target_mode: true
 
       default_action :mount
       allowed_actions :mount, :umount, :unmount, :remount, :enable, :disable

data/lib/chef/resource/notify_group.rb

@@ -19,7 +19,7 @@ require_relative "../resource"
 class Chef
   class Resource
     class NotifyGroup < Chef::Resource
-      provides :notify_group
+      provides :notify_group, target_mode: true
 
       description "The notify_group resource does nothing, and always fires notifications which are set on it.  Use it to DRY blocks of notifications that are common to multiple resources, and provide a single target for other resources to notify.  Unlike most resources, its default action is :nothing."
       introduced "15.8"

data/lib/chef/resource/ohai.rb

@@ -26,7 +26,7 @@ class Chef
   class Resource
     class Ohai < Chef::Resource
 
-      provides :ohai
+      provides :ohai, target_mode: true
 
       description "Use the **ohai** resource to reload the Ohai configuration on a node. This allows recipes that change system attributes (like a recipe that adds a user) to refer to those attributes later on during the #{ChefUtils::Dist::Infra::PRODUCT} run."
 

data/lib/chef/resource/ohai_hint.rb

@@ -21,7 +21,7 @@ class Chef
   class Resource
     class OhaiHint < Chef::Resource
 
-      provides(:ohai_hint) { true }
+      provides(:ohai_hint, target_mode: true) { true }
 
       description "Use the **ohai_hint** resource to aid in configuration detection by passing hint data to Ohai."
       introduced "14.0"

data/lib/chef/resource/openbsd_package.rb

@@ -25,8 +25,8 @@ require_relative "../provider/package/openbsd"
 class Chef
   class Resource
     class OpenbsdPackage < Chef::Resource::Package
-      provides :openbsd_package
-      provides :package, os: "openbsd"
+      provides :openbsd_package, target_mode: true
+      provides :package, os: "openbsd", target_mode: true
 
       description "Use the **openbsd_package** resource to manage packages for the OpenBSD platform."
       introduced "12.1"

data/lib/chef/resource/package.rb

@@ -22,7 +22,7 @@ require_relative "../resource"
 class Chef
   class Resource
     class Package < Chef::Resource
-      provides :package
+      provides :package, target_mode: true
 
       description "Use the **package** resource to manage packages. When the package is"\
                   " installed from a local file (such as with RubyGems, dpkg, or RPM"\

data/lib/chef/resource/pacman_package.rb

@@ -22,7 +22,7 @@ class Chef
   class Resource
     class PacmanPackage < Chef::Resource::Package
 
-      provides :pacman_package
+      provides :pacman_package, target_mode: true
 
       allowed_actions :install, :upgrade, :remove, :purge
 

data/lib/chef/resource/paludis_package.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class PaludisPackage < Chef::Resource::Package
 
-      provides :paludis_package
+      provides :paludis_package, target_mode: true
 
       description "Use the **paludis_package** resource to manage packages for the Paludis platform."
       introduced "12.1"

data/lib/chef/resource/portage_package.rb

@@ -22,7 +22,7 @@ class Chef
   class Resource
     class PortagePackage < Chef::Resource::Package
 
-      provides :portage_package
+      provides :portage_package, target_mode: true
 
       description "Use the **portage_package** resource to manage packages for the Gentoo platform."
 

data/lib/chef/resource/powershell_package.rb

@@ -44,6 +44,10 @@ class Chef
         description: "Skip validating module author.",
         default: false, introduced: "14.3", desired_state: false
 
+      property :allow_clobber,  [TrueClass, FalseClass],
+        description: "Overrides warning messages about installation conflicts about existing commands on a computer.",
+        default: false, introduced: "18.5"
+
     end
   end
 end

data/lib/chef/resource/reboot.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class Reboot < Chef::Resource
 
-      provides :reboot
+      provides :reboot, target_mode: true
 
       description "Use the **reboot** resource to reboot a node, a necessary step with some"\
                   " installations on certain platforms. This resource is supported for use on"\

data/lib/chef/resource/remote_directory.rb

@@ -26,7 +26,7 @@ class Chef
     class RemoteDirectory < Chef::Resource::Directory
       include Chef::Mixin::Securable
 
-      provides :remote_directory
+      provides :remote_directory, target_mode: true
 
       description "Use the **remote_directory** resource to incrementally transfer a directory from a cookbook to a node. The directory that is copied from the cookbook should be located under `COOKBOOK_NAME/files/default/REMOTE_DIRECTORY`. The `remote_directory` resource will obey file specificity."
 

data/lib/chef/resource/remote_file.rb

@@ -29,7 +29,7 @@ class Chef
     class RemoteFile < Chef::Resource::File
       include Chef::Mixin::Securable
 
-      provides :remote_file
+      provides :remote_file, target_mode: true
 
       description "Use the **remote_file** resource to transfer a file from a remote location using file specificity. This resource is similar to the **file** resource. Note: Fetching files from the `files/` directory in a cookbook should be done with the **cookbook_file** resource."
 

data/lib/chef/resource/rhsm_errata.rb

@@ -20,7 +20,7 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmErrata < Chef::Resource
-      provides(:rhsm_errata) { true }
+      provides(:rhsm_errata, target_mode: true) { true }
 
       description "Use the **rhsm_errata** resource to install packages associated with a given Red Hat Subscription Manager Errata ID. This is helpful if packages to mitigate a single vulnerability must be installed on your hosts."
       introduced "14.0"

data/lib/chef/resource/rhsm_errata_level.rb

@@ -20,7 +20,7 @@ require_relative "../resource"
 class Chef
   class Resource
     class RhsmErrataLevel < Chef::Resource
-      provides(:rhsm_errata_level) { true }
+      provides(:rhsm_errata_level, target_mode: true) { true }
 
       description "Use the **rhsm_errata_level** resource to install all packages of a specified errata level from the Red Hat Subscription Manager. For example, you can ensure that all packages associated with errata marked at a 'Critical' security level are installed."
       introduced "14.0"

data/lib/chef/resource/rhsm_register.rb

@@ -22,7 +22,7 @@ require "shellwords" unless defined?(Shellwords)
 class Chef
   class Resource
     class RhsmRegister < Chef::Resource
-      provides(:rhsm_register) { true }
+      provides(:rhsm_register, target_mode: true) { true }
 
       description "Use the **rhsm_register** resource to register a node with the Red Hat Subscription Manager or a local Red Hat Satellite server."
       introduced "14.0"

data/lib/chef/resource/rhsm_repo.rb

@@ -21,7 +21,7 @@ class Chef
   class Resource
     class RhsmRepo < Chef::Resource
 
-      provides(:rhsm_repo) { true }
+      provides(:rhsm_repo, target_mode: true) { true }
 
       description "Use the **rhsm_repo** resource to enable or disable Red Hat Subscription Manager repositories that are made available via attached subscriptions."
       introduced "14.0"
@@ -65,9 +65,8 @@ class Chef
 
       action_class do
         def repo_enabled?(repo)
-          # FIXME: use shell_out()
-          cmd = Mixlib::ShellOut.new("subscription-manager repos --list-enabled", env: { LANG: "en_US" })
-          cmd.run_command
+          # FIXME: Add `env` support
+          cmd = shell_out("subscription-manager repos --list-enabled", env: { LANG: "en_US" })
           repo == "*" || !cmd.stdout.match(/Repo ID:\s+#{repo}$/).nil?
         end
       end

data/lib/chef/resource/rhsm_subscription.rb

@@ -21,7 +21,7 @@ class Chef
   class Resource
     class RhsmSubscription < Chef::Resource
 
-      provides(:rhsm_subscription) { true }
+      provides(:rhsm_subscription, target_mode: true) { true }
 
       description "Use the **rhsm_subscription** resource to add or remove Red Hat Subscription Manager subscriptions from your host. This can be used when a host's activation_key does not attach all necessary subscriptions to your host."
       introduced "14.0"
@@ -50,10 +50,9 @@ class Chef
 
       action_class do
         def subscription_attached?(subscription)
-          # FIXME: use shell_out
-          cmd = Mixlib::ShellOut.new("subscription-manager list --consumed | grep #{subscription}", env: { LANG: "en_US" })
-          cmd.run_command
-          !cmd.stdout.match(/Pool ID:\s+#{subscription}$/).nil?
+          cmd = "subscription-manager list --consumed | grep #{subscription}"
+          stdout = shell_out(cmd, env: { LANG: "en_US" }).stdout
+          !stdout.match(/Pool ID:\s+#{subscription}$/).nil?
         end
 
         def serials_by_pool
@@ -61,10 +60,10 @@ class Chef
           pool = nil
           serial = nil
 
-          # FIXME: use shell_out
-          cmd = Mixlib::ShellOut.new("subscription-manager list --consumed", env: { LANG: "en_US" })
-          cmd.run_command
-          cmd.stdout.lines.each do |line|
+          cmd = "subscription-manager list --consumed"
+          stdout = shell_out(cmd, env: { LANG: "en_US" }).stdout
+
+          stdout.lines.each do |line|
             line.strip!
             key, value = line.split(/:\s+/, 2)
             next unless ["Pool ID", "Serial"].include?(key)

data/lib/chef/resource/route.rb

@@ -23,7 +23,7 @@ class Chef
   class Resource
     class Route < Chef::Resource
 
-      provides :route
+      provides :route, target_mode: true
 
       default_action :add
       allowed_actions :add, :delete

data/lib/chef/resource/rpm_package.rb

@@ -22,7 +22,7 @@ class Chef
   class Resource
     class RpmPackage < Chef::Resource::Package
 
-      provides :rpm_package
+      provides :rpm_package, target_mode: true
 
       allowed_actions :install, :upgrade, :remove
 

data/lib/chef/resource/scm/git.rb

@@ -23,7 +23,7 @@ class Chef
     class Git < Chef::Resource
       use "scm"
 
-      provides :git
+      provides :git, target_mode: true
 
       description "Use the **git** resource to manage source control resources that exist in a git repository. git version 1.6.5 (or higher) is required to use all of the functionality in the git resource."
       examples <<~DOC

data/lib/chef/resource/scm/subversion.rb

@@ -24,7 +24,7 @@ class Chef
     class Subversion < Chef::Resource
       use "scm"
 
-      provides :subversion
+      provides :subversion, target_mode: true
 
       description "Use the **subversion** resource to manage source control resources that exist in a Subversion repository. Warning: The subversion resource has known bugs and may not work as expected. For more information see Chef GitHub issues, particularly [#4050](https://github.com/chef/chef/issues/4050) and [#4257](https://github.com/chef/chef/issues/4257)."
       examples <<~DOC

data/lib/chef/resource/selinux/common_helpers.rb

@@ -40,7 +40,7 @@ class Chef
       def selinux_activate_required?
         return false unless platform_family?("debian")
 
-        !File.read("/etc/default/grub").match?("security=selinux")
+        !TargetIO::File.read("/etc/default/grub").match?("security=selinux")
       end
     end
   end

data/lib/chef/resource/selinux_boolean.rb

@@ -20,7 +20,7 @@ class Chef
     class SelinuxBoolean < Chef::Resource
       unified_mode true
 
-      provides :selinux_boolean
+      provides :selinux_boolean, target_mode: true
 
       description "Use **selinux_boolean** resource to set SELinux boolean values."
       introduced "18.0"

data/lib/chef/resource/selinux_fcontext.rb

@@ -20,7 +20,7 @@ class Chef
     class SelinuxFcontext < Chef::Resource
       unified_mode true
 
-      provides :selinux_fcontext
+      provides :selinux_fcontext, target_mode: true
 
       description "Use the **selinux_fcontext** resource to set the SELinux context of files using the `semanage fcontext` command."
       introduced "18.0"
@@ -95,7 +95,7 @@ class Chef
           # if path is not absolute, ignore it and search everything
           common = "/" if common[0] != "/"
 
-          if ::File.exist? common
+          if ::TargetIO::File.exist? common
             shell_out!("find #{common.shellescape} -ignore_readdir_race -regextype posix-egrep -regex #{spec.shellescape} -prune -print0 | xargs -0 restorecon -iRv")
           end
         end
@@ -157,4 +157,4 @@ class Chef
       end
     end
   end
-end
+end

data/lib/chef/resource/selinux_install.rb

@@ -18,7 +18,7 @@ class Chef
     class SelinuxInstall < Chef::Resource
       unified_mode true
 
-      provides :selinux_install
+      provides :selinux_install, target_mode: true
 
       description "Use **selinux_install** resource to encapsulates the set of selinux packages to install in order to manage selinux. It also ensures the directory `/etc/selinux` is created."
       introduced "18.0"

data/lib/chef/resource/selinux_login.rb

@@ -19,7 +19,7 @@ class Chef
     class SelinuxLogin < Chef::Resource
       unified_mode true
 
-      provides :selinux_login
+      provides :selinux_login, target_mode: true
 
       description "Use the **selinux_login** resource to add, update, or remove SELinux user to OS login mappings."
       introduced "18.1"

data/lib/chef/resource/selinux_module.rb

@@ -18,7 +18,7 @@ class Chef
     class SelinuxModule < Chef::Resource
       unified_mode true
 
-      provides :selinux_module
+      provides :selinux_module, target_mode: true
 
       description "Use **selinux_module** module resource to create an SELinux policy module from a cookbook file or content provided as a string."
       introduced "18.0"
@@ -103,7 +103,7 @@ class Chef
           notifies :run, "execute[Install SELinux module '#{selinux_module_filepath("pp")}']", :immediately
         end
 
-        raise "Compilation must have failed, no 'pp' file found at: '#{selinux_module_filepath("pp")}'" unless ::File.exist?(selinux_module_filepath("pp"))
+        raise "Compilation must have failed, no 'pp' file found at: '#{selinux_module_filepath("pp")}'" unless ::TargetIO::File.exist?(selinux_module_filepath("pp"))
 
         execute "Install SELinux module '#{selinux_module_filepath("pp")}'" do
           command "semodule --install '#{selinux_module_filepath("pp")}'"
@@ -113,7 +113,7 @@ class Chef
 
       action :delete, description: "Remove module source files from `/etc/selinux/local`." do
         %w{fc if pp te}.each do |type|
-          next unless ::File.exist?(selinux_module_filepath(type))
+          next unless ::TargetIO::File.exist?(selinux_module_filepath(type))
 
           file selinux_module_filepath(type) do
             action :delete
@@ -122,7 +122,7 @@ class Chef
       end
 
       action :install, description: "Install a compiled module into the system." do
-        raise "Module must be compiled before it can be installed, no 'pp' file found at: '#{selinux_module_filepath("pp")}'" unless ::File.exist?(selinux_module_filepath("pp"))
+        raise "Module must be compiled before it can be installed, no 'pp' file found at: '#{selinux_module_filepath("pp")}'" unless ::TargetIO::File.exist?(selinux_module_filepath("pp"))
 
         unless list_installed_modules.include? new_resource.module_name
           converge_by "Install SELinux module #{selinux_module_filepath("pp")}" do
@@ -140,4 +140,4 @@ class Chef
       end
     end
   end
-end
+end

data/lib/chef/resource/selinux_permissive.rb

@@ -18,7 +18,7 @@ class Chef
     class SelinuxPermissive < Chef::Resource
       unified_mode true
 
-      provides :selinux_permissive
+      provides :selinux_permissive, target_mode: true
 
       description "Use the **selinux_permissive** resource to allow some domains to misbehave without stopping them. This is not as good as setting specific policies, but better than disabling SELinux entirely."
       introduced "18.0"
@@ -61,4 +61,4 @@ class Chef
       end
     end
   end
-end
+end

data/lib/chef/resource/selinux_port.rb

@@ -19,7 +19,7 @@ class Chef
     class SelinuxPort < Chef::Resource
       unified_mode true
 
-      provides :selinux_port
+      provides :selinux_port, target_mode: true
 
       description "Use the **selinux_port** resource to assign a network port to a specific SELinux context. For example, running a web server on a non-standard port."
       introduced "18.0"
@@ -115,4 +115,4 @@ class Chef
 
     end
   end
-end
+end

data/lib/chef/resource/selinux_state.rb

@@ -19,7 +19,7 @@ class Chef
     class SelinuxState < Chef::Resource
       unified_mode true
 
-      provides :selinux_state
+      provides :selinux_state, target_mode: true
 
       description "Use **selinux_state** resource to manages the SELinux state on the system. It does this by using the `setenforce` command and rendering the `/etc/selinux/config` file from a template."
       introduced "18.0"
@@ -163,4 +163,4 @@ class Chef
       end
     end
   end
-end
+end