summaryrefslogtreecommitdiffstats
path: root/lib/puppet/util
diff options
context:
space:
mode:
Diffstat (limited to 'lib/puppet/util')
-rw-r--r--lib/puppet/util/settings.rb1
-rw-r--r--lib/puppet/util/settings/file_setting.rb3
-rw-r--r--lib/puppet/util/suidmanager.rb15
3 files changed, 17 insertions, 2 deletions
diff --git a/lib/puppet/util/settings.rb b/lib/puppet/util/settings.rb
index caaf61b7b..3039a7b0a 100644
--- a/lib/puppet/util/settings.rb
+++ b/lib/puppet/util/settings.rb
@@ -780,6 +780,7 @@ if @config.include?(:run_mode)
# Create the transportable objects for users and groups.
def add_user_resources(catalog, sections)
return unless Puppet.features.root?
+ return if Puppet.features.microsoft_windows?
return unless self[:mkusers]
@config.each do |name, setting|
diff --git a/lib/puppet/util/settings/file_setting.rb b/lib/puppet/util/settings/file_setting.rb
index 0fa65d846..f02a0c547 100644
--- a/lib/puppet/util/settings/file_setting.rb
+++ b/lib/puppet/util/settings/file_setting.rb
@@ -93,7 +93,8 @@ class Puppet::Util::Settings::FileSetting < Puppet::Util::Settings::Setting
if Puppet[:manage_internal_file_permissions]
resource[:mode] = self.mode if self.mode
- if Puppet.features.root?
+ # REMIND fails on Windows because chown/chgrp functionality not supported yet
+ if Puppet.features.root? and !Puppet.features.microsoft_windows?
resource[:owner] = self.owner if self.owner
resource[:group] = self.group if self.group
end
diff --git a/lib/puppet/util/suidmanager.rb b/lib/puppet/util/suidmanager.rb
index 697bce111..d2772002e 100644
--- a/lib/puppet/util/suidmanager.rb
+++ b/lib/puppet/util/suidmanager.rb
@@ -37,7 +37,20 @@ module Puppet::Util::SUIDManager
module_function :groups=
def self.root?
- Process.uid == 0
+ return Process.uid == 0 unless Puppet.features.microsoft_windows?
+
+ require 'sys/admin'
+ require 'win32/security'
+
+ # if Vista or later, check for unrestricted process token
+ begin
+ return Win32::Security.elevated_security?
+ rescue Win32::Security::Error => e
+ raise e unless e.to_s =~ /Incorrect function/i
+ end
+
+ group = Sys::Admin.get_group("Administrators", :sid => Win32::Security::SID::BuiltinAdministrators)
+ group and group.members.index(Sys::Admin.get_login) != nil
end
# Runs block setting uid and gid if provided then restoring original ids
generated by cgit (git 2.34.1) at 2024-06-15 23:52:28 +0000