diff options
author | Jesse Wolfe <jes5199@gmail.com> | 2010-05-12 18:26:43 -0700 |
---|---|---|
committer | test branch <puppet-dev@googlegroups.com> | 2010-02-17 06:50:53 -0800 |
commit | 37a55306aa08e2004103e9a4a2a94bba18ffa61d (patch) | |
tree | 0e8fd85505a8bfa17b08611ce160211420339cfa /lib | |
parent | ac7efc8f0284d6b35f5428da06ba371cf94998ec (diff) | |
download | puppet-37a55306aa08e2004103e9a4a2a94bba18ffa61d.tar.gz puppet-37a55306aa08e2004103e9a4a2a94bba18ffa61d.tar.xz puppet-37a55306aa08e2004103e9a4a2a94bba18ffa61d.zip |
Feature #2935 Modes: root? predicate
Use a predicate method to check if we're running as root, rather than
comparing the effective user id
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/puppet/application/master.rb | 2 | ||||
-rw-r--r-- | lib/puppet/feature/base.rb | 2 | ||||
-rw-r--r-- | lib/puppet/provider/nameservice/directoryservice.rb | 2 | ||||
-rwxr-xr-x | lib/puppet/type/file/owner.rb | 2 | ||||
-rw-r--r-- | lib/puppet/util/settings.rb | 2 | ||||
-rw-r--r-- | lib/puppet/util/suidmanager.rb | 6 |
6 files changed, 10 insertions, 6 deletions
diff --git a/lib/puppet/application/master.rb b/lib/puppet/application/master.rb index 433a4d2f2..5d597a69b 100644 --- a/lib/puppet/application/master.rb +++ b/lib/puppet/application/master.rb @@ -95,7 +95,7 @@ class Puppet::Application::Master < Puppet::Application Puppet::SSL::Host.ca_location = :only end - if Process.uid == 0 + if Puppet.features.root? begin Puppet::Util.chuser rescue => detail diff --git a/lib/puppet/feature/base.rb b/lib/puppet/feature/base.rb index aac04f234..1971f14f2 100644 --- a/lib/puppet/feature/base.rb +++ b/lib/puppet/feature/base.rb @@ -15,7 +15,7 @@ Puppet.features.add(:usage, :libs => %w{rdoc/ri/ri_paths rdoc/usage}) Puppet.features.add(:libshadow, :libs => ["shadow"]) # We're running as root. -Puppet.features.add(:root) { require 'puppet/util/suidmanager'; Puppet::Util::SUIDManager.uid == 0 } +Puppet.features.add(:root) { require 'puppet/util/suidmanager'; Puppet::Util::SUIDManager.root? } # We've got mongrel available Puppet.features.add(:mongrel, :libs => %w{rubygems mongrel puppet/network/http_server/mongrel}) diff --git a/lib/puppet/provider/nameservice/directoryservice.rb b/lib/puppet/provider/nameservice/directoryservice.rb index 9a860b71e..2d4fc24c0 100644 --- a/lib/puppet/provider/nameservice/directoryservice.rb +++ b/lib/puppet/provider/nameservice/directoryservice.rb @@ -215,7 +215,7 @@ class DirectoryService < Puppet::Provider::NameService # stored in the user record. It is stored at a path that involves the # UUID of the user record for non-Mobile local acccounts. # Mobile Accounts are out of scope for this provider for now - if @resource_type.validproperties.include?(:password) and Process.uid == 0 + if @resource_type.validproperties.include?(:password) and Puppet.features.root? attribute_hash[:password] = self.get_password(attribute_hash[:guid]) end return attribute_hash diff --git a/lib/puppet/type/file/owner.rb b/lib/puppet/type/file/owner.rb index e5ca06a86..2b530928e 100755 --- a/lib/puppet/type/file/owner.rb +++ b/lib/puppet/type/file/owner.rb @@ -42,7 +42,7 @@ module Puppet return true if uid == current end - unless Puppet::Util::SUIDManager.uid == 0 + unless Puppet.features.root? warnonce "Cannot manage ownership unless running as root" return true end diff --git a/lib/puppet/util/settings.rb b/lib/puppet/util/settings.rb index dd85342c0..1a2126517 100644 --- a/lib/puppet/util/settings.rb +++ b/lib/puppet/util/settings.rb @@ -728,7 +728,7 @@ Generated on #{Time.now}. def writesub(default, file, *args, &bloc) obj = get_config_file_default(default) chown = nil - if Puppet::Util::SUIDManager.uid == 0 + if Puppet.features.root? chown = [obj.owner, obj.group] else chown = [nil, nil] diff --git a/lib/puppet/util/suidmanager.rb b/lib/puppet/util/suidmanager.rb index 424fb461b..6f09005e2 100644 --- a/lib/puppet/util/suidmanager.rb +++ b/lib/puppet/util/suidmanager.rb @@ -44,9 +44,13 @@ module Puppet::Util::SUIDManager alias :gid :egid end + def self.root? + Process.uid == 0 + end + # Runs block setting uid and gid if provided then restoring original ids def asuser(new_uid=nil, new_gid=nil) - return yield unless Process.uid == 0 + return yield unless root? # We set both because some programs like to drop privs, i.e. bash. old_uid, old_gid = self.uid, self.gid old_euid, old_egid = self.euid, self.egid |