Class: Chef::Provider::Script

Inherits:
Execute show all
Extended by:
Forwardable
Defined in:
lib/chef/provider/script.rb

Direct Known Subclasses

WindowsScript

Instance Attribute Summary collapse

Attributes inherited from Chef::Provider

#action, #current_resource, #logger, #new_resource, #recipe_name, #run_context

Instance Method Summary collapse

Methods inherited from Execute

#define_resource_requirements, #timeout

Methods inherited from Chef::Provider

action, #action_nothing, #check_resource_semantics!, #cleanup_after_converge, #compile_and_converge_action, #converge_by, #converge_if_changed, #cookbook_name, #define_resource_requirements, #description, #events, include_resource_dsl?, include_resource_dsl_module, #introduced, #node, #process_resource_requirements, provides, provides?, #requirements, #resource_collection, #resource_updated?, #run_action, #set_updated_status, supports?, use_inline_resources, #whyrun_mode?, #whyrun_supported?

Methods included from Mixin::Provides

#provided_as, #provides, #provides?

Methods included from Mixin::DescendantsTracker

#descendants, descendants, direct_descendants, #direct_descendants, find_descendants_by_name, #find_descendants_by_name, #inherited, store_inherited

Methods included from Mixin::LazyModuleInclude

#descendants, #include, #included

Methods included from Mixin::ShellOut

apply_default_env, maybe_add_timeout, #shell_out, #shell_out!

Methods included from Mixin::PowershellOut

#powershell_out, #powershell_out!

Methods included from Mixin::WindowsArchitectureHelper

#assert_valid_windows_architecture!, #disable_wow64_file_redirection, #forced_32bit_override_required?, #is_i386_process_on_x86_64_windows?, #node_supports_windows_architecture?, #node_windows_architecture, #restore_wow64_file_redirection, #valid_windows_architecture?, #with_os_architecture, #wow64_architecture_override_required?, #wow64_directory

Methods included from Mixin::PowershellExec

#powershell_exec

Methods included from DSL::Powershell

#ps_credential

Methods included from DSL::RegistryHelper

#registry_data_exists?, #registry_get_subkeys, #registry_get_values, #registry_has_subkeys?, #registry_key_exists?, #registry_value_exists?

Methods included from DSL::DataQuery

#data_bag, #data_bag_item, #search, #tagged?

Methods included from EncryptedDataBagItem::CheckEncrypted

#encrypted?

Methods included from DSL::PlatformIntrospection

#older_than_win_2012_or_8?, #platform?, #platform_family?, #value_for_platform, #value_for_platform_family

Methods included from Mixin::NotifyingBlock

#notifying_block, #subcontext_block

Methods included from DSL::DeclareResource

#build_resource, #declare_resource, #delete_resource, #delete_resource!, #edit_resource, #edit_resource!, #find_resource, #find_resource!, #resources, #with_run_context

Constructor Details

#initialize(new_resource, run_context) ⇒ Script

Returns a new instance of Script.



41
42
43
44
 
# File 'lib/chef/provider/script.rb', line 41

def initialize(new_resource, run_context)
  super
  self.code = new_resource.code
end

Instance Attribute Details

#codeObject

Returns the value of attribute code.



39
40
41
 
# File 'lib/chef/provider/script.rb', line 39

def code
  @code
end

Instance Method Details

#action_runObject 



54
55
56
57
58
59
60
61
62
63
 
# File 'lib/chef/provider/script.rb', line 54

def action_run
  script_file.puts(code)
  script_file.close

  set_owner_and_group

  super

  unlink_script_file
end

#commandObject 



46
47
48
 
# File 'lib/chef/provider/script.rb', line 46

def command
  "\"#{interpreter}\" #{flags} \"#{script_file.path}\""
end

#grant_alternate_user_read_accessObject 



77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
 
# File 'lib/chef/provider/script.rb', line 77

def grant_alternate_user_read_access
  # Do nothing if an alternate user isn't specified -- the file
  # will already have the correct permissions for the user as part
  # of the default ACL behavior on Windows.
  return if new_resource.user.nil?

  # Duplicate the script file's existing DACL
  # so we can add an ACE later
  securable_object = Chef::ReservedNames::Win32::Security::SecurableObject.new(script_file.path)
  aces = securable_object.security_descriptor.dacl.reduce([]) { |result, current| result.push(current) }

  username = new_resource.user

  if new_resource.domain
    username = new_resource.domain + '\\' + new_resource.user
  end

  # Create an ACE that allows the alternate user read access to the script
  # file so it can be read and executed.
  user_sid = Chef::ReservedNames::Win32::Security::SID.(username)
  read_ace = Chef::ReservedNames::Win32::Security::ACE.access_allowed(user_sid, Chef::ReservedNames::Win32::API::Security::GENERIC_READ | Chef::ReservedNames::Win32::API::Security::GENERIC_EXECUTE, 0)
  aces.push(read_ace)
  acl = Chef::ReservedNames::Win32::Security::ACL.create(aces)

  # This actually applies the modified DACL to the file
  # Use parentheses to bypass RuboCop / ChefStyle warning
  # about useless setter
  (securable_object.dacl = acl)
end

#load_current_resourceObject 



50
51
52
 
# File 'lib/chef/provider/script.rb', line 50

def load_current_resource
  super
end

#script_fileObject 



107
108
109
 
# File 'lib/chef/provider/script.rb', line 107

def script_file
  @script_file ||= Tempfile.open("chef-script")
end

#set_owner_and_groupObject 



65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/chef/provider/script.rb', line 65

def set_owner_and_group
  if ChefUtils.windows?
    # And on Windows also this is a no-op if there is no user specified.
    grant_alternate_user_read_access
  else
    # FileUtils itself implements a no-op if +user+ or +group+ are nil
    # You can prove this by running FileUtils.chown(nil,nil,'/tmp/file')
    # as an unprivileged user.
    FileUtils.chown(new_resource.user, new_resource.group, script_file.path)
  end
end

#unlink_script_fileObject 



111
112
113
 
# File 'lib/chef/provider/script.rb', line 111

def unlink_script_file
  script_file && script_file.close!
end