class Chef::Provider::User::Solaris

Constants

PASSWORD_FILE

Public Instance Methods

check_lock() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 47
def check_lock
  user = IO.read(PASSWORD_FILE).match(/^#{Regexp.escape(new_resource.username)}:([^:]*):/)

  # If we're in whyrun mode, and the user is not created, we assume it will be
  return false if whyrun_mode? && user.nil?

  raise Chef::Exceptions::User, "Cannot determine if #{new_resource} is locked!" if user.nil?

  @locked = user[1].start_with?("*LK*")
end
create_user() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 32
def create_user
  shell_out!("useradd", universal_options, useradd_options, new_resource.username)
  manage_password
end
lock_user() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 58
def lock_user
  shell_out!("passwd", "-l", new_resource.username)
end
manage_user() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 37
def manage_user
  manage_password
  return if universal_options.empty? && usermod_options.empty?
  shell_out!("usermod", universal_options, usermod_options, new_resource.username)
end
remove_user() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 43
def remove_user
  shell_out!("userdel", userdel_options, new_resource.username)
end
unlock_user() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 62
def unlock_user
  shell_out!("passwd", "-u", new_resource.username)
end

Private Instance Methods

days_since_epoch() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 154
def days_since_epoch
  (Time.now.to_i / 86400).floor
end
manage_password() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 113
def manage_password
  return unless current_resource.password != new_resource.password && new_resource.password
  logger.trace("#{new_resource} setting password to #{new_resource.password}")
  write_shadow_file
end
universal_options() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 68
def universal_options
  opts = []
  opts << "-c" << new_resource.comment if should_set?(:comment)
  opts << "-g" << new_resource.gid if should_set?(:gid)
  opts << "-s" << new_resource.shell if should_set?(:shell)
  opts << "-u" << new_resource.uid if should_set?(:uid)
  opts << "-d" << new_resource.home if updating_home?
  opts << "-o" if new_resource.non_unique
  if updating_home?
    if new_resource.manage_home
      logger.trace("#{new_resource} managing the users home directory")
      opts << "-m"
    else
      logger.trace("#{new_resource} setting home to #{new_resource.home}")
    end
  end
  opts
end
updated_password(entry) click to toggle source
# File lib/chef/provider/user/solaris.rb, line 147
def updated_password(entry)
  fields = entry.split(":")
  fields[1] = new_resource.password
  fields[2] = days_since_epoch
  fields.join(":")
end
useradd_options() click to toggle source

Solaris does not support system users and has no '-r' option, solaris also lacks '-M' and defaults to no-manage-home.

# File lib/chef/provider/user/solaris.rb, line 107
def useradd_options
  opts = []
  opts << "-m" if new_resource.manage_home
  opts
end
userdel_options() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 98
def userdel_options
  opts = []
  opts << "-r" if new_resource.manage_home
  opts << "-f" if new_resource.force
  opts
end
usermod_options() click to toggle source
# File lib/chef/provider/user/solaris.rb, line 87
def usermod_options
  opts = []
  opts += [ "-u", new_resource.uid ] if new_resource.non_unique
  if updating_home?
    if new_resource.manage_home
      opts << "-m"
    end
  end
  opts
end
write_shadow_file() click to toggle source

XXX: this was straight copypasta'd back in 2013 and I don't think we've ever evaluted using a pipe to passwd(1) or evaluating modern ruby-shadow. See github.com/chef/chef/pull/721

# File lib/chef/provider/user/solaris.rb, line 121
def write_shadow_file
  buffer = Tempfile.new("shadow", "/etc")
  ::File.open(PASSWORD_FILE) do |shadow_file|
    shadow_file.each do |entry|
      user = entry.split(":").first
      if user == new_resource.username
        buffer.write(updated_password(entry))
      else
        buffer.write(entry)
      end
    end
  end
  buffer.close

  # FIXME: mostly duplicates code with file provider deploying a file
  s = ::File.stat(PASSWORD_FILE)
  mode = s.mode & 0o7777
  uid  = s.uid
  gid  = s.gid

  FileUtils.chown uid, gid, buffer.path
  FileUtils.chmod mode, buffer.path

  FileUtils.mv buffer.path, PASSWORD_FILE
end