giraffesoft-chef 0.7.15

data/lib/chef/provider/template.rb

@@ -0,0 +1,143 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Copyright:: Copyright (c) 2008 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/provider/file'
+require 'chef/mixin/template'
+require 'chef/mixin/checksum'
+require 'chef/mixin/find_preferred_file'
+require 'chef/rest'
+require 'chef/file_cache'
+require 'uri'
+require 'tempfile'
+
+class Chef
+  class Provider
+    class Template < Chef::Provider::File
+      
+      include Chef::Mixin::Checksum
+      include Chef::Mixin::Template
+      include Chef::Mixin::FindPreferredFile
+      
+      def action_create
+        Chef::Log.debug(@node.run_state.inspect)
+        raw_template_file = nil
+        
+        cookbook_name = @new_resource.cookbook || @new_resource.cookbook_name
+        
+        Chef::Log.debug("looking for template #{@new_resource.source} in cookbook #{cookbook_name.inspect}")
+        
+        cache_file_name = "cookbooks/#{cookbook_name}/templates/default/#{@new_resource.source}"
+        template_cache_name = "#{cookbook_name}_#{@new_resource.source}"
+        
+        if Chef::Config[:solo]
+          filename = find_preferred_file(
+            cookbook_name,
+            :template,
+            @new_resource.source,
+            @node[:fqdn],
+            @node[:platform],
+            @node[:platform_version]
+          )
+          Chef::Log.debug("Using local file for template:#{filename}")
+          cache_file_name = Pathname.new(filename).relative_path_from(Pathname.new(Chef::Config[:file_cache_path])).to_s
+        elsif @node.run_state[:template_cache].has_key?(template_cache_name)
+          Chef::Log.debug("I have already fetched the template for #{@new_resource} once this run, not checking again.")
+          template_updated = false
+        else
+          r = Chef::REST.new(Chef::Config[:template_url])
+          
+          current_checksum = nil
+          
+          if Chef::FileCache.has_key?(cache_file_name)
+            current_checksum = self.checksum(Chef::FileCache.load(cache_file_name, false))
+          else
+            Chef::Log.debug("Template #{@new_resource} is not in the template cache")
+          end
+          
+          template_url = generate_url(
+            @new_resource.source, 
+            "templates",
+            {
+              :checksum => current_checksum
+            }
+          )
+          
+          template_updated = true
+          begin
+            raw_template_file = r.get_rest(template_url, true)
+          rescue Net::HTTPRetriableError => e
+            if e.response.kind_of?(Net::HTTPNotModified)
+              template_updated = false
+              Chef::Log.debug("Cached template for #{@new_resource} is unchanged")
+            else
+              raise e
+            end
+          end
+          
+          # We have checked the cache for this template this run
+          @node.run_state[:template_cache][template_cache_name] = true
+        end  
+        
+        if template_updated
+          Chef::Log.debug("Updating template for #{@new_resource} in the cache")
+          Chef::FileCache.move_to(raw_template_file.path, cache_file_name)
+        end
+
+        context = {}
+        context.merge!(@new_resource.variables)
+        context[:node] = @node
+        template_file = render_template(Chef::FileCache.load(cache_file_name), context)
+
+        update = false
+      
+        if ::File.exists?(@new_resource.path)
+          @new_resource.checksum(self.checksum(template_file.path))
+          if @new_resource.checksum != @current_resource.checksum
+            Chef::Log.debug("#{@new_resource} changed from #{@current_resource.checksum} to #{@new_resource.checksum}")
+            Chef::Log.info("Updating #{@new_resource} at #{@new_resource.path}")
+            update = true
+          end
+        else
+          Chef::Log.info("Creating #{@new_resource} at #{@new_resource.path}")
+          update = true
+        end
+      
+        if update
+          backup
+          FileUtils.cp(template_file.path, @new_resource.path)
+          @new_resource.updated = true
+        else
+          Chef::Log.debug("#{@new_resource} is unchanged")
+        end
+              
+        set_owner if @new_resource.owner != nil
+        set_group if @new_resource.group != nil
+        set_mode if @new_resource.mode != nil
+      end
+      
+      def action_create_if_missing
+        if ::File.exists?(@new_resource.path)
+          Chef::Log.debug("Template #{@new_resource} exists, taking no action.")
+        else
+          action_create
+        end
+      end
+      
+    end
+  end
+end

data/lib/chef/provider/user.rb

@@ -0,0 +1,170 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Copyright:: Copyright (c) 2008 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/provider'
+require 'chef/mixin/command'
+require 'chef/resource/user'
+require 'etc'
+
+class Chef
+  class Provider
+    class User < Chef::Provider
+      
+      include Chef::Mixin::Command
+      
+      attr_accessor :user_exists, :locked
+      
+      def initialize(node, new_resource, collection=nil, definitions=nil, cookbook_loader=nil)
+        super(node, new_resource, collection, definitions, cookbook_loader)
+        @user_exists = true
+        @locked = nil
+      end
+  
+      def convert_group_name
+        if @new_resource.gid.is_a? String
+          @new_resource.gid Etc.getgrnam(@new_resource.gid).gid
+        end
+      rescue ArgumentError => e
+        raise Chef::Exceptions::User, "Couldn't lookup integer GID for group name #{@new_resource.gid}"
+      end
+      
+      def load_current_resource
+        @current_resource = Chef::Resource::User.new(@new_resource.name)
+        @current_resource.username(@new_resource.username)
+      
+        user_info = nil
+        begin
+          user_info = Etc.getpwnam(@new_resource.username)
+        rescue ArgumentError => e
+          @user_exists = false
+          Chef::Log.debug("User #{@new_resource.username} does not exist")
+        end
+        
+        if user_info
+          @current_resource.uid(user_info.uid)
+          @current_resource.gid(user_info.gid)
+          @current_resource.comment(user_info.gecos)
+          @current_resource.home(user_info.dir)
+          @current_resource.shell(user_info.shell)
+          @current_resource.password(user_info.passwd)
+        
+          if @new_resource.password && @current_resource.password == 'x'
+            begin
+              require 'shadow'
+            rescue LoadError
+              Chef::Log.error("You must have ruby-shadow installed for password support!")
+              raise Chef::Exceptions::MissingLibrary, "You must have ruby-shadow installed for password support!"
+            else
+              shadow_info = Shadow::Passwd.getspnam(@new_resource.username)
+              @current_resource.password(shadow_info.sp_pwdp)
+            end
+          end
+          
+          if @new_resource.gid
+            convert_group_name
+          end
+        end
+        
+        @current_resource
+      end
+
+      # Check to see if the user needs any changes
+      #
+      # === Returns
+      # <true>:: If a change is required
+      # <false>:: If the users are identical
+      def compare_user
+        [ :uid, :gid, :comment, :home, :shell, :password ].any? do |user_attrib|
+          !@new_resource.send(user_attrib).nil? && @new_resource.send(user_attrib) != @current_resource.send(user_attrib)
+        end
+      end
+      
+      def action_create
+        case @user_exists
+        when false
+          create_user
+          Chef::Log.info("Created #{@new_resource}")
+          @new_resource.updated = true
+        else 
+          if compare_user
+            manage_user
+            Chef::Log.info("Altered #{@new_resource}")
+            @new_resource.updated = true
+          end
+        end
+      end
+      
+      def action_remove
+        if @user_exists
+          remove_user
+          @new_resource.updated = true
+          Chef::Log.info("Removed #{@new_resource}")
+        end
+      end
+      
+      def action_manage
+        if @user_exists && compare_user
+          manage_user 
+          @new_resource.updated = true
+          Chef::Log.info("Managed #{@new_resource}")
+        end
+      end
+      
+      def action_modify
+        if @user_exists 
+          if compare_user
+            manage_user
+            @new_resource.updated = true
+            Chef::Log.info("Modified #{@new_resource}")
+          end
+        else
+          raise Chef::Exceptions::User, "Cannot modify #{@new_resource} - user does not exist!"
+        end
+      end
+      
+      def action_lock
+        if @user_exists
+          if check_lock() == false
+            lock_user
+            @new_resource.updated = true
+            Chef::Log.info("Locked #{@new_resource}")
+          else
+            Chef::Log.debug("No need to lock #{@new_resource}")
+          end
+        else
+          raise Chef::Exceptions::User, "Cannot lock #{@new_resource} - user does not exist!"
+        end
+      end
+      
+      def action_unlock
+        if @user_exists
+          if check_lock() == true
+            unlock_user
+            @new_resource.updated = true
+            Chef::Log.info("Unlocked #{@new_resource}")
+          else
+            Chef::Log.debug("No need to unlock #{@new_resource}")
+          end
+        else
+          raise Chef::Exceptions::User, "Cannot unlock #{@new_resource} - user does not exist!"
+        end
+      end
+      
+    end
+  end
+end

data/lib/chef/provider/user/pw.rb

@@ -0,0 +1,113 @@
+#
+# Author:: Stephen Haynes (<sh@nomitor.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/provider/user'
+
+class Chef
+  class Provider
+    class User
+      class Pw < Chef::Provider::User
+
+        def load_current_resource
+          super
+          raise Chef::Exceptions::User, "Could not find binary /usr/sbin/pw for #{@new_resource}" unless ::File.exists?("/usr/sbin/pw")
+        end
+
+        def create_user
+          command = "pw useradd"
+          command << set_options
+          run_command(:command => command)
+          modify_password
+        end
+        
+        def manage_user
+          command = "pw usermod"
+          command << set_options
+          run_command(:command => command)
+          modify_password
+        end
+        
+        def remove_user
+          command = "pw userdel #{@new_resource.username}"
+          command << " -r" if @new_resource.supports[:manage_home]
+          run_command(:command => command)
+        end
+        
+        def check_lock
+          case @current_resource.password
+          when /^\*LOCKED\*/
+            @locked = true
+          else
+            @locked = false
+          end
+          @locked
+        end
+        
+        def lock_user
+          run_command(:command => "pw lock #{@new_resource.username}")
+        end
+        
+        def unlock_user
+          run_command(:command => "pw unlock #{@new_resource.username}")
+        end
+        
+        def set_options
+          opts = " #{@new_resource.username}"
+          
+          field_list = {
+            'comment' => "-c",
+            'home' => "-d",
+            'gid' => "-g",
+            'uid' => "-u",
+            'shell' => "-s"
+          }
+          field_list.sort{ |a,b| a[0] <=> b[0] }.each do |field, option|
+            field_symbol = field.to_sym
+            if @current_resource.send(field_symbol) != @new_resource.send(field_symbol)
+              if @new_resource.send(field_symbol)
+                Chef::Log.debug("Setting #{@new_resource} #{field} to #{@new_resource.send(field_symbol)}")
+                opts << " #{option} '#{@new_resource.send(field_symbol)}'"
+              end
+            end
+          end
+          if @new_resource.supports[:manage_home]
+            Chef::Log.debug("Managing the home directory for #{@new_resource}")
+            opts << " -m"
+          end
+          opts
+        end
+      
+        def modify_password
+          if @current_resource.password != @new_resource.password
+            Chef::Log.debug("#{new_resource}: updating password")
+            command = "pw usermod #{@new_resource.username} -H 0"
+            status = popen4(command, :waitlast => true) do |pid, stdin, stdout, stderr|
+              stdin.puts "#{@new_resource.password}"
+            end
+            
+            unless status.exitstatus == 0
+              raise Chef::Exceptions::User, "pw failed - #{status.inspect}!"
+            end
+          else
+            Chef::Log.debug("#{new_resource}: no change needed to password")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/chef/provider/user/useradd.rb

@@ -0,0 +1,107 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Copyright:: Copyright (c) 2008 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/provider/user'
+
+class Chef
+  class Provider
+    class User 
+      class Useradd < Chef::Provider::User
+        def create_user
+          command = "useradd"
+          command << set_options
+          run_command(:command => command)
+        end
+        
+        def manage_user
+          command = "usermod"
+          command << set_options
+          run_command(:command => command)
+        end
+        
+        def remove_user
+          command = "userdel"
+          command << " -r" if @new_resource.supports[:manage_home]
+          command << " #{@new_resource.username}"
+          run_command(:command => command)
+        end
+        
+        def check_lock
+          status = popen4("passwd -S #{@new_resource.username}") do |pid, stdin, stdout, stderr|
+            status_line = stdout.gets.split(' ')
+            case status_line[1]
+            when /^P/
+              @locked = false
+            when /^N/
+              @locked = false
+            when /^L/
+              @locked = true
+            end
+          end
+
+          unless status.exitstatus == 0
+            raise Chef::Exceptions::User, "Cannot determine if #{@new_resource} is locked!"
+          end
+
+          @locked
+        end
+        
+        def lock_user
+          run_command(:command => "usermod -L #{@new_resource.username}")
+        end
+        
+        def unlock_user
+          run_command(:command => "usermod -U #{@new_resource.username}")
+        end
+        
+        def set_options
+          opts = ''
+          
+          field_list = {
+            'comment' => "-c",
+            'gid' => "-g",
+            'uid' => "-u",
+            'shell' => "-s",
+            'password' => "-p"
+          }
+          field_list.sort{ |a,b| a[0] <=> b[0] }.each do |field, option|
+            field_symbol = field.to_sym
+            if @current_resource.send(field_symbol) != @new_resource.send(field_symbol)
+              if @new_resource.send(field_symbol)
+                Chef::Log.debug("Setting #{@new_resource} #{field} to #{@new_resource.send(field_symbol)}")
+                opts << " #{option} '#{@new_resource.send(field_symbol)}'"
+              end
+            end
+          end
+          if @current_resource.home != @new_resource.home && @new_resource.home
+            if @new_resource.supports[:manage_home]
+              Chef::Log.debug("Managing the home directory for #{@new_resource}")
+              opts << " -d '#{@new_resource.home}' -m"
+            else
+              Chef::Log.debug("Setting #{@new_resource} home to #{@new_resource.home}")
+              opts << " -d '#{@new_resource.home}'"
+            end
+          end
+          opts << " #{@new_resource.username}"
+          opts
+        end
+      
+      end
+    end
+  end
+end