Update upstream cookbooks

2017-03-20 13:19:10 +00:00
parent bfd2d52ea8
commit bcfd44b923
340 changed files with 12576 additions and 5465 deletions
--- a/cookbooks/users/providers/manage.rb
+++ b/cookbooks/users/providers/manage.rb
@@ -1,9 +1,9 @@
 #
-# Cookbook Name:: users
+# Cookbook:: users
 # Provider:: manage
 #
-# Copyright 2011, Eric G. Wolfe
-# Copyright 2009-2015, Chef Software, Inc.
+# Copyright:: 2011-2016, Eric G. Wolfe
+# Copyright:: 2009-2016, Chef Software, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -24,26 +24,11 @@ def whyrun_supported?
  true
 end

-def chef_solo_search_installed?
-  klass = ::Search.const_get('Helper')
-  return klass.is_a?(Class)
-rescue NameError
-  return false
-end
-
-def search_missing?
-  Chef::Config[:solo] && !(Chef::Config[:local_mode] || chef_solo_search_installed?)
-end
-
 action :remove do
-  if search_missing?
-    Chef::Log.warn('This recipe uses search. Chef Solo does not support search unless you install the chef-solo-search cookbook.')
-  else
-    search(new_resource.data_bag, "groups:#{new_resource.search_group} AND action:remove") do |rm_user|
-      user rm_user['username'] ||= rm_user['id'] do
-        action :remove
-        force rm_user['force'] ||= false
-      end
+  search(new_resource.data_bag, "groups:#{new_resource.search_group} AND action:remove") do |rm_user|
+    user rm_user['username'] ||= rm_user['id'] do
+      action :remove
+      force rm_user['force'] ||= false
    end
  end
 end
@@ -52,121 +37,120 @@ action :create do
  users_groups = {}
  users_groups[new_resource.group_name] = []

-  if search_missing?
-    Chef::Log.warn('This recipe uses search. Chef Solo does not support search unless you install the chef-solo-search cookbook.')
-  else
-    search(new_resource.data_bag, "groups:#{new_resource.search_group} AND NOT action:remove") do |u|
-      u['username'] ||= u['id']
-      u['groups'].each do |g|
-        users_groups[g] = [] unless users_groups.key?(g)
-        users_groups[g] << u['username']
+  search(new_resource.data_bag, "groups:#{new_resource.search_group} AND NOT action:remove") do |u|
+    u['username'] ||= u['id']
+    u['groups'].each do |g|
+      users_groups[g] = [] unless users_groups.key?(g)
+      users_groups[g] << u['username']
+    end
+
+    if node['apache'] && node['apache']['allowed_openids']
+      Array(u['openid']).compact.each do |oid|
+        node.default['apache']['allowed_openids'] << oid unless node['apache']['allowed_openids'].include?(oid)
+      end
+    end
+
+    # Platform specific checks
+    #  Set home_basedir
+    #  Set shell on FreeBSD
+    home_basedir = '/home'
+
+    case node['platform_family']
+    when 'mac_os_x'
+      home_basedir = '/Users'
+    when 'freebsd'
+      # Check if we need to prepend shell with /usr/local/?
+      u['shell'] = (!::File.exist?(u['shell']) && ::File.exist?("/usr/local#{u['shell']}") ? "/usr/local#{u['shell']}" : '/bin/sh')
+    end
+
+    # Set home to location in data bag,
+    # or a reasonable default ($home_basedir/$user).
+    home_dir = (u['home'] ? u['home'] : "#{home_basedir}/#{u['username']}")
+
+    # check whether home dir is null
+    manage_home = (home_dir == '/dev/null' ? false : true)
+
+    # The user block will fail if the group does not yet exist.
+    # See the -g option limitations in man 8 useradd for an explanation.
+    # This should correct that without breaking functionality.
+    group u['username'] do # ~FC022
+      gid validate_id(u['gid'])
+      only_if { u['gid'] && u['gid'].is_a?(Numeric) }
+    end
+
+    # Create user object.
+    # Do NOT try to manage null home directories.
+    user u['username'] do
+      uid validate_id(u['uid'])
+      gid validate_id(u['gid']) if u['gid']
+      shell u['shell']
+      comment u['comment']
+      password u['password'] if u['password']
+      salt u['salt'] if u['salt']
+      iterations u['iterations'] if u['iterations']
+      manage_home manage_home
+      home home_dir
+      action u['action'] if u['action']
+    end
+
+    if manage_home_files?(home_dir, u['username'])
+      Chef::Log.debug("Managing home files for #{u['username']}")
+
+      directory "#{home_dir}/.ssh" do
+        recursive true
+        owner u['uid'] ? validate_id(u['uid']) : u['username']
+        group validate_id(u['gid']) if u['gid']
+        mode '0700'
+        only_if { !!(u['ssh_keys'] || u['ssh_private_key'] || u['ssh_public_key']) }
      end

-      if node['apache'] && node['apache']['allowed_openids']
-        Array(u['openid']).compact.each do |oid|
-          node.default['apache']['allowed_openids'] << oid unless node['apache']['allowed_openids'].include?(oid)
-        end
+      template "#{home_dir}/.ssh/authorized_keys" do
+        source 'authorized_keys.erb'
+        cookbook new_resource.cookbook
+        owner u['uid'] ? validate_id(u['uid']) : u['username']
+        group validate_id(u['gid']) if u['gid']
+        mode '0600'
+        variables ssh_keys: u['ssh_keys']
+        only_if { !!(u['ssh_keys']) }
      end

-      # Platform specific checks
-      #  Set home_basedir
-      #  Set shell on FreeBSD
-      home_basedir = '/home'
-
-      case node['platform_family']
-      when 'mac_os_x'
-        home_basedir = '/Users'
-      when 'freebsd'
-        # Check if we need to prepend shell with /usr/local/?
-        u['shell'] = (!File.exist?(u['shell']) && File.exist?("/usr/local#{u['shell']}") ? "/usr/local#{u['shell']}" : '/bin/sh')
-      end
-
-      # Set home to location in data bag,
-      # or a reasonable default ($home_basedir/$user).
-      home_dir = (u['home'] ? u['home'] : "#{home_basedir}/#{u['username']}")
-
-      # check whether home dir is null
-      manage_home = (home_dir == '/dev/null' ? false : true)
-
-      # The user block will fail if the group does not yet exist.
-      # See the -g option limitations in man 8 useradd for an explanation.
-      # This should correct that without breaking functionality.
-      group u['username'] do
-        gid validate_id(u['gid'])
-        only_if { u['gid'] && u['gid'].is_a?(Numeric) }
-      end
-
-      # Create user object.
-      # Do NOT try to manage null home directories.
-      user u['username'] do
-        uid validate_id(u['uid'])
-        gid validate_id(u['gid']) if u['gid']
-        shell u['shell']
-        comment u['comment']
-        password u['password'] if u['password']
-        supports manage_home: manage_home
-        home home_dir
-        action u['action'] if u['action']
-      end
-
-      if manage_home_files?(home_dir, u['username'])
-        Chef::Log.debug("Managing home files for #{u['username']}")
-
-        directory "#{home_dir}/.ssh" do
-          owner u['uid'] ? validate_id(u['uid']) : u['username']
-          group validate_id(u['gid']) if u['gid']
-          mode '0700'
-          only_if { u['ssh_keys'] || u['ssh_private_key'] || u['ssh_public_key'] }
-        end
-
-        template "#{home_dir}/.ssh/authorized_keys" do
-          source 'authorized_keys.erb'
+      if u['ssh_private_key']
+        key_type = u['ssh_private_key'].include?('BEGIN RSA PRIVATE KEY') ? 'rsa' : 'dsa'
+        template "#{home_dir}/.ssh/id_#{key_type}" do
+          source 'private_key.erb'
          cookbook new_resource.cookbook
          owner u['uid'] ? validate_id(u['uid']) : u['username']
          group validate_id(u['gid']) if u['gid']
-          mode '0600'
-          variables ssh_keys: u['ssh_keys']
-          only_if { u['ssh_keys'] }
+          mode '0400'
+          variables private_key: u['ssh_private_key']
        end
-
-        if u['ssh_private_key']
-          key_type = u['ssh_private_key'].include?('BEGIN RSA PRIVATE KEY') ? 'rsa' : 'dsa'
-          template "#{home_dir}/.ssh/id_#{key_type}" do
-            source 'private_key.erb'
-            cookbook new_resource.cookbook
-            owner u['uid'] ? validate_id(u['uid']) : u['username']
-            group validate_id(u['gid']) if u['gid']
-            mode '0400'
-            variables private_key: u['ssh_private_key']
-          end
-        end
-
-        if u['ssh_public_key']
-          key_type = u['ssh_public_key'].include?('ssh-rsa') ? 'rsa' : 'dsa'
-          template "#{home_dir}/.ssh/id_#{key_type}.pub" do
-            source 'public_key.pub.erb'
-            cookbook new_resource.cookbook
-            owner u['uid'] ? validate_id(u['uid']) : u['username']
-            group validate_id(u['gid']) if u['gid']
-            mode '0400'
-            variables public_key: u['ssh_public_key']
-          end
-        end
-      else
-        Chef::Log.debug("Not managing home files for #{u['username']}")
      end
-    end

-    # Populating users to appropriates groups
-    users_groups.each do |g, u|
-      group g do
-        members u
-        append true
-        action :manage # Do nothing if group doesn't exist
-      end unless g == new_resource.group_name # Dealing with managed group later
+      if u['ssh_public_key']
+        key_type = u['ssh_public_key'].include?('ssh-rsa') ? 'rsa' : 'dsa'
+        template "#{home_dir}/.ssh/id_#{key_type}.pub" do
+          source 'public_key.pub.erb'
+          cookbook new_resource.cookbook
+          owner u['uid'] ? validate_id(u['uid']) : u['username']
+          group validate_id(u['gid']) if u['gid']
+          mode '0400'
+          variables public_key: u['ssh_public_key']
+        end
+      end
+    else
+      Chef::Log.debug("Not managing home files for #{u['username']}")
    end
  end

+  # Populating users to appropriates groups
+  users_groups.each do |g, u|
+    group g do
+      members u
+      append true
+      action :manage # Do nothing if group doesn't exist
+    end unless g == new_resource.group_name # Dealing with managed group later
+  end
+
  group new_resource.group_name do
    gid new_resource.group_id if new_resource.group_id
    members users_groups[new_resource.group_name]