class Chef::Provider::Group::Dscl

Public Instance Methods

create_group() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 148
def create_group
  dscl_create_group
  set_gid
  set_members
end
define_resource_requirements() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 139
def define_resource_requirements
  super
  requirements.assert(:all_actions) do |a|
    a.assertion { ::File.exist?("/usr/bin/dscl") }
    a.failure_message Chef::Exceptions::Group, "Could not find binary /usr/bin/dscl for #{new_resource.name}"
    # No whyrun alternative: this component should be available in the base install of any given system that uses it
  end
end
dscl(*args) click to toggle source
# File lib/chef/provider/group/dscl.rb, line 26
def dscl(*args)
  argdup = args.dup
  cmd = argdup.shift
  shellcmd = [ "dscl", ".", "-#{cmd}", argdup ]
  status = shell_out_compact(shellcmd)
  stdout_result = ""
  stderr_result = ""
  status.stdout.each_line { |line| stdout_result << line }
  status.stderr.each_line { |line| stderr_result << line }
  [shellcmd.flatten.compact.join(" "), status, stdout_result, stderr_result]
end
dscl_create_group() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 166
def dscl_create_group
  safe_dscl("create", "/Groups/#{new_resource.group_name}")
  safe_dscl("create", "/Groups/#{new_resource.group_name}", "Password", "*")
end
get_free_gid(search_limit = 1000) click to toggle source

get a free GID greater than 200

# File lib/chef/provider/group/dscl.rb, line 75
def get_free_gid(search_limit = 1000)
  gid = nil; next_gid_guess = 200
  groups_gids = safe_dscl("list", "/Groups", "gid")
  while next_gid_guess < search_limit + 200
    if groups_gids =~ Regexp.new("#{Regexp.escape(next_gid_guess.to_s)}\n")
      next_gid_guess += 1
    else
      gid = next_gid_guess
      break
    end
  end
  gid || raise("gid not found. Exhausted. Searched #{search_limit} times")
end
gid_used?(gid) click to toggle source
# File lib/chef/provider/group/dscl.rb, line 89
def gid_used?(gid)
  return false unless gid
  search_gids = safe_dscl("search", "/Groups", "PrimaryGroupID", gid.to_s)

  # dscl -search should not return anything if the gid doesn't exist,
  # but on the off-chance that it does, check whether the given gid is
  # in the output.
  !!(search_gids =~ /\b#{gid}\b/)
end
load_current_resource() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 46
def load_current_resource
  @current_resource = Chef::Resource::Group.new(new_resource.name)
  current_resource.group_name(new_resource.group_name)
  group_info = nil
  begin
    group_info = safe_dscl("read", "/Groups/#{new_resource.group_name}")
  rescue Chef::Exceptions::Group
    @group_exists = false
    logger.trace("#{new_resource} group does not exist")
  end

  if group_info
    group_info.each_line do |line|
      key, val = line.split(": ")
      val.strip! if val
      case key.downcase
      when "primarygroupid"
        new_resource.gid(val) unless new_resource.gid
        current_resource.gid(val)
      when "groupmembership"
        current_resource.members(val.split(" "))
      end
    end
  end

  current_resource
end
manage_group() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 154
def manage_group
  if new_resource.group_name && (current_resource.group_name != new_resource.group_name)
    dscl_create_group
  end
  if new_resource.gid && (current_resource.gid != new_resource.gid)
    set_gid
  end
  if new_resource.members || new_resource.excluded_members
    set_members
  end
end
remove_group() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 171
def remove_group
  safe_dscl("delete", "/Groups/#{new_resource.group_name}")
end
safe_dscl(*args) click to toggle source
# File lib/chef/provider/group/dscl.rb, line 38
def safe_dscl(*args)
  result = dscl(*args)
  return "" if ( args.first =~ /^delete/ ) && ( result[1].exitstatus != 0 )
  raise(Chef::Exceptions::Group, "dscl error: #{result.inspect}") unless result[1].exitstatus == 0
  raise(Chef::Exceptions::Group, "dscl error: #{result.inspect}") if result[2] =~ /No such key: /
  result[2]
end
set_gid() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 99
def set_gid
  new_resource.gid(get_free_gid) if [nil, ""].include? new_resource.gid
  raise(Chef::Exceptions::Group, "gid is already in use") if gid_used?(new_resource.gid)
  safe_dscl("create", "/Groups/#{new_resource.group_name}", "PrimaryGroupID", new_resource.gid)
end
set_members() click to toggle source
# File lib/chef/provider/group/dscl.rb, line 105
def set_members
  # First reset the memberships if the append is not set
  unless new_resource.append
    logger.trace("#{new_resource} removing group members #{current_resource.members.join(' ')}") unless current_resource.members.empty?
    safe_dscl("create", "/Groups/#{new_resource.group_name}", "GroupMembers", "") # clear guid list
    safe_dscl("create", "/Groups/#{new_resource.group_name}", "GroupMembership", "") # clear user list
    current_resource.members([ ])
  end

  # Add any members that need to be added
  if new_resource.members && !new_resource.members.empty?
    members_to_be_added = [ ]
    new_resource.members.each do |member|
      members_to_be_added << member unless current_resource.members.include?(member)
    end
    unless members_to_be_added.empty?
      logger.trace("#{new_resource} setting group members #{members_to_be_added.join(', ')}")
      safe_dscl("append", "/Groups/#{new_resource.group_name}", "GroupMembership", *members_to_be_added)
    end
  end

  # Remove any members that need to be removed
  if new_resource.excluded_members && !new_resource.excluded_members.empty?
    members_to_be_removed = [ ]
    new_resource.excluded_members.each do |member|
      members_to_be_removed << member if current_resource.members.include?(member)
    end
    unless members_to_be_removed.empty?
      logger.trace("#{new_resource} removing group members #{members_to_be_removed.join(', ')}")
      safe_dscl("delete", "/Groups/#{new_resource.group_name}", "GroupMembership", *members_to_be_removed)
    end
  end
end