diff options
| author | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2007-01-05 20:20:20 +0000 |
|---|---|---|
| committer | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2007-01-05 20:20:20 +0000 |
| commit | 54c387f36aa6032a8e16fa8a621c1ad803cf263a (patch) | |
| tree | 98cb7cad25ce31b3e7fc10de4701c621e6d5d05a /lib/puppet | |
| parent | d0ecc0e45cc5ff0cd5235e6ab9bcd031030973c2 (diff) | |
| download | puppet-54c387f36aa6032a8e16fa8a621c1ad803cf263a.tar.gz puppet-54c387f36aa6032a8e16fa8a621c1ad803cf263a.tar.xz puppet-54c387f36aa6032a8e16fa8a621c1ad803cf263a.zip | |
Adding #408.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@2055 980ebf18-57e1-0310-9a29-db15c13687c0
Diffstat (limited to 'lib/puppet')
| -rw-r--r-- | lib/puppet/provider/nameservice/netinfo.rb | 2 | ||||
| -rw-r--r-- | lib/puppet/type/resources.rb | 74 | ||||
| -rwxr-xr-x | lib/puppet/type/user.rb | 15 |
3 files changed, 85 insertions, 6 deletions
diff --git a/lib/puppet/provider/nameservice/netinfo.rb b/lib/puppet/provider/nameservice/netinfo.rb index 8f1a4ee07..3cac8f0a7 100644 --- a/lib/puppet/provider/nameservice/netinfo.rb +++ b/lib/puppet/provider/nameservice/netinfo.rb @@ -79,6 +79,8 @@ class NetInfo < Puppet::Provider::NameService def self.report(*params) dir = self.netinfodir() cmd = [command(:nireport), "/", "/%s" % dir] + + params.flatten! # We require the name in order to know if we match. There's no # way to just report on our individual object, we have to get the diff --git a/lib/puppet/type/resources.rb b/lib/puppet/type/resources.rb index 5171cb58f..4796435bf 100644 --- a/lib/puppet/type/resources.rb +++ b/lib/puppet/type/resources.rb @@ -18,6 +18,8 @@ Puppet::Type.newtype(:resources) do raise ArgumentError, "Could not find resource type '%s'" % name end end + + munge { |v| v.to_s } end newparam(:purge, :boolean => true) do @@ -30,7 +32,7 @@ Puppet::Type.newtype(:resources) do validate do |value| if [:true, true, "true"].include?(value) unless @parent.resource_type.respond_to?(:list) - raise ArgumentError, "Purging resources of type %s is not supported" % @parent[:name] + raise ArgumentError, "Purging resources of type %s is not supported, since they cannot be listed" % @parent[:name] end unless @parent.resource_type.validstate?(:ensure) raise ArgumentError, "Purging is only supported on types that accept 'ensure'" @@ -39,10 +41,60 @@ Puppet::Type.newtype(:resources) do end end - # Generate any new resources we need to manage. + newparam(:unless_system_user) do + desc "This keeps system users from being purged. By default, it + does not purge users whose UIDs are less than or equal to 500, but you can specify + a different UID as the inclusive limit." + + newvalues(:true, :false, /^\d+$/) + + munge do |value| + case value + when /^\d+/ + Integer(value) + when :true, true + 500 + when :false, false + false + when Integer: value + else + raise ArgumentError, "Invalid value %s" % value.inspect + end + end + + defaultto { + if @parent[:name] == "user" + 500 + else + nil + end + } + end + + def check(resource) + unless defined? @checkmethod + @checkmethod = "%s_check" % self[:name] + end + unless defined? @hascheck + @hascheck = respond_to?(@checkmethod) + end + if @hascheck + return send(@checkmethod, resource) + else + return true + end + end + + # Generate any new resources we need to manage. This is pretty hackish right now, + # because it only supports purging. def generate + return [] unless self.purge? + hascheck = false + method = resource_type.list.find_all do |resource| ! resource.managed? + end.find_all do |resource| + check(resource) end.each do |resource| begin resource[:ensure] = :absent @@ -66,6 +118,24 @@ Puppet::Type.newtype(:resources) do end @resource_type end + + def user_check(resource) + return true unless self[:name] == "user" + return true unless self[:unless_system_user] + + resource[:check] = :uid + resource.retrieve + + if %w{root nobody bin noaccess daemon sys}.include?(resource[:name]) + return false + end + + if resource.is(:uid) <= self[:unless_system_user] + return false + else + return true + end + end end # $Id$
\ No newline at end of file diff --git a/lib/puppet/type/user.rb b/lib/puppet/type/user.rb index e3bd6eb98..5aa7c4f4b 100755 --- a/lib/puppet/type/user.rb +++ b/lib/puppet/type/user.rb @@ -38,7 +38,6 @@ module Puppet # If they're talking about the thing at all, they generally want to # say it should exist. - #defaultto :present defaultto do if @parent.managed? :present @@ -175,7 +174,9 @@ module Puppet desc "A description of the user. Generally is a user's full name." defaultto do - "%s User" % @parent.title.capitalize + if @parent.managed? + "%s User" % @parent.title.capitalize + end end end @@ -184,7 +185,10 @@ module Puppet separately and is not currently checked for existence." defaultto do - if Facter.value(:operatingsystem) == "Darwin" + unless defined? @@os + @@os = Facter.value(:operatingsystem) + end + if @parent.managed? and @@os == "Darwin" "/var/empty" end end @@ -195,7 +199,10 @@ module Puppet executable." defaultto do - if Facter.value(:operatingsystem) == "Darwin" + unless defined? @@os + @@os = Facter.value(:operatingsystem) + end + if @@os == "Darwin" and @parent.managed? "/usr/bin/false" end end |