Class: Chef::FileAccessControl

Inherits:
Object
  • Object
show all
Includes:
Unix, Windows
Defined in:
lib/chef/file_access_control.rb,
lib/chef/file_access_control/unix.rb,
lib/chef/file_access_control/windows.rb

Overview

Chef::FileAccessControl

FileAccessControl objects set the owner, group and mode of file to the values specified by a value object, usually a Chef::Resource.

Defined Under Namespace

Modules: Unix, Windows

Constant Summary

Constants included from Unix

Unix::UID_MAX, Unix::UINT

Constants included from Windows

Windows::ACE, Windows::ACL, Windows::SID, Windows::Security

Constants included from ReservedNames::Win32::API::Security

ReservedNames::Win32::API::Security::ACCESS_ALLOWED_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_COMPOUND_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V2_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V3_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V4_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V5_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MIN_MS_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MIN_MS_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_SYSTEM_SECURITY, ReservedNames::Win32::API::Security::ACL_REVISION, ReservedNames::Win32::API::Security::ACL_REVISION1, ReservedNames::Win32::API::Security::ACL_REVISION2, ReservedNames::Win32::API::Security::ACL_REVISION3, ReservedNames::Win32::API::Security::ACL_REVISION4, ReservedNames::Win32::API::Security::ACL_REVISION_DS, ReservedNames::Win32::API::Security::CONTAINER_INHERIT_ACE, ReservedNames::Win32::API::Security::DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::DELETE, ReservedNames::Win32::API::Security::ELEVATION_TYPE, ReservedNames::Win32::API::Security::FAILED_ACCESS_ACE_FLAG, ReservedNames::Win32::API::Security::FILE_ADD_FILE, ReservedNames::Win32::API::Security::FILE_ADD_SUBDIRECTORY, ReservedNames::Win32::API::Security::FILE_ALL_ACCESS, ReservedNames::Win32::API::Security::FILE_APPEND_DATA, ReservedNames::Win32::API::Security::FILE_CREATE_PIPE_INSTANCE, ReservedNames::Win32::API::Security::FILE_DELETE_CHILD, ReservedNames::Win32::API::Security::FILE_EXECUTE, ReservedNames::Win32::API::Security::FILE_GENERIC_EXECUTE, ReservedNames::Win32::API::Security::FILE_GENERIC_READ, ReservedNames::Win32::API::Security::FILE_GENERIC_WRITE, ReservedNames::Win32::API::Security::FILE_LIST_DIRECTORY, ReservedNames::Win32::API::Security::FILE_READ_ATTRIBUTES, ReservedNames::Win32::API::Security::FILE_READ_DATA, ReservedNames::Win32::API::Security::FILE_READ_EA, ReservedNames::Win32::API::Security::FILE_TRAVERSE, ReservedNames::Win32::API::Security::FILE_WRITE_ATTRIBUTES, ReservedNames::Win32::API::Security::FILE_WRITE_DATA, ReservedNames::Win32::API::Security::FILE_WRITE_EA, ReservedNames::Win32::API::Security::GENERIC_ALL, ReservedNames::Win32::API::Security::GENERIC_EXECUTE, ReservedNames::Win32::API::Security::GENERIC_READ, ReservedNames::Win32::API::Security::GENERIC_WRITE, ReservedNames::Win32::API::Security::GROUP_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::INHERITED_ACE, ReservedNames::Win32::API::Security::INHERIT_ONLY_ACE, ReservedNames::Win32::API::Security::LABEL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::LOGON32_LOGON_BATCH, ReservedNames::Win32::API::Security::LOGON32_LOGON_INTERACTIVE, ReservedNames::Win32::API::Security::LOGON32_LOGON_NETWORK, ReservedNames::Win32::API::Security::LOGON32_LOGON_NETWORK_CLEARTEXT, ReservedNames::Win32::API::Security::LOGON32_LOGON_NEW_CREDENTIALS, ReservedNames::Win32::API::Security::LOGON32_LOGON_SERVICE, ReservedNames::Win32::API::Security::LOGON32_LOGON_UNLOCK, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_DEFAULT, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT35, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT40, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT50, ReservedNames::Win32::API::Security::MAXDWORD, ReservedNames::Win32::API::Security::MAX_ACL_REVISION, ReservedNames::Win32::API::Security::MIN_ACL_REVISION, ReservedNames::Win32::API::Security::NO_PROPAGATE_INHERIT_ACE, ReservedNames::Win32::API::Security::OBJECT_INHERIT_ACE, ReservedNames::Win32::API::Security::OWNER_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::POLICY_AUDIT_LOG_ADMIN, ReservedNames::Win32::API::Security::POLICY_CREATE_ACCOUNT, ReservedNames::Win32::API::Security::POLICY_CREATE_PRIVILEGE, ReservedNames::Win32::API::Security::POLICY_CREATE_SECRET, ReservedNames::Win32::API::Security::POLICY_GET_PRIVATE_INFORMATION, ReservedNames::Win32::API::Security::POLICY_LOOKUP_NAMES, ReservedNames::Win32::API::Security::POLICY_NOTIFICATION, ReservedNames::Win32::API::Security::POLICY_SERVER_ADMIN, ReservedNames::Win32::API::Security::POLICY_SET_AUDIT_REQUIREMENTS, ReservedNames::Win32::API::Security::POLICY_SET_DEFAULT_QUOTA_LIMITS, ReservedNames::Win32::API::Security::POLICY_TRUST_ADMIN, ReservedNames::Win32::API::Security::POLICY_VIEW_AUDIT_INFORMATION, ReservedNames::Win32::API::Security::POLICY_VIEW_LOCAL_INFORMATION, ReservedNames::Win32::API::Security::PROTECTED_DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::PROTECTED_SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::READ_CONTROL, ReservedNames::Win32::API::Security::SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_MIN_LENGTH, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_REVISION, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_REVISION1, ReservedNames::Win32::API::Security::SECURITY_IMPERSONATION_LEVEL, ReservedNames::Win32::API::Security::SE_DACL_AUTO_INHERITED, ReservedNames::Win32::API::Security::SE_DACL_AUTO_INHERIT_REQ, ReservedNames::Win32::API::Security::SE_DACL_DEFAULTED, ReservedNames::Win32::API::Security::SE_DACL_PRESENT, ReservedNames::Win32::API::Security::SE_DACL_PROTECTED, ReservedNames::Win32::API::Security::SE_GROUP_DEFAULTED, ReservedNames::Win32::API::Security::SE_OBJECT_TYPE, ReservedNames::Win32::API::Security::SE_OWNER_DEFAULTED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED_BY_DEFAULT, ReservedNames::Win32::API::Security::SE_PRIVILEGE_REMOVED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_USED_FOR_ACCESS, ReservedNames::Win32::API::Security::SE_PRIVILEGE_VALID_ATTRIBUTES, ReservedNames::Win32::API::Security::SE_RM_CONTROL_VALID, ReservedNames::Win32::API::Security::SE_SACL_AUTO_INHERITED, ReservedNames::Win32::API::Security::SE_SACL_AUTO_INHERIT_REQ, ReservedNames::Win32::API::Security::SE_SACL_DEFAULTED, ReservedNames::Win32::API::Security::SE_SACL_PRESENT, ReservedNames::Win32::API::Security::SE_SACL_PROTECTED, ReservedNames::Win32::API::Security::SE_SELF_RELATIVE, ReservedNames::Win32::API::Security::SID_NAME_USE, ReservedNames::Win32::API::Security::SPECIFIC_RIGHTS_ALL, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_ALL, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_EXECUTE, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_READ, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_REQUIRED, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_WRITE, ReservedNames::Win32::API::Security::SUBFOLDERS_AND_FILES_ONLY, ReservedNames::Win32::API::Security::SUCCESSFUL_ACCESS_ACE_FLAG, ReservedNames::Win32::API::Security::SYNCHRONIZE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_MANDATORY_LABEL_ACE_TYPE, ReservedNames::Win32::API::Security::TOKEN_ADJUST_DEFAULT, ReservedNames::Win32::API::Security::TOKEN_ADJUST_GROUPS, ReservedNames::Win32::API::Security::TOKEN_ADJUST_PRIVILEGES, ReservedNames::Win32::API::Security::TOKEN_ADJUST_SESSIONID, ReservedNames::Win32::API::Security::TOKEN_ALL_ACCESS, ReservedNames::Win32::API::Security::TOKEN_ASSIGN_PRIMARY, ReservedNames::Win32::API::Security::TOKEN_DUPLICATE, ReservedNames::Win32::API::Security::TOKEN_IMPERSONATE, ReservedNames::Win32::API::Security::TOKEN_INFORMATION_CLASS, ReservedNames::Win32::API::Security::TOKEN_QUERY, ReservedNames::Win32::API::Security::TOKEN_QUERY_SOURCE, ReservedNames::Win32::API::Security::TOKEN_READ, ReservedNames::Win32::API::Security::UNPROTECTED_DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::UNPROTECTED_SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::VALID_INHERIT_FLAGS, ReservedNames::Win32::API::Security::WRITE, ReservedNames::Win32::API::Security::WRITE_DAC, ReservedNames::Win32::API::Security::WRITE_OWNER

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Unix

#current_gid, #current_mode, #current_uid, #define_resource_requirements, #describe_changes, #gid_from_resource, included, #manage_symlink_attrs?, #mode_from_resource, #mode_to_s, #requires_changes?, #set_all, #set_all!, #set_group, #set_group!, #set_mode, #set_mode!, #set_owner, #set_owner!, #should_update_group?, #should_update_mode?, #should_update_owner?, #stat, #target_gid, #target_mode, #target_uid

Methods included from Windows

#define_resource_requirements, #describe_changes, included, #requires_changes?, #set_all, #set_all!

Constructor Details

#initialize(current_resource, new_resource, provider) ⇒ FileAccessControl

FileAccessControl objects set the owner, group and mode of file to the values specified by resource. file is completely independent of any file or path attribute on resource, so it is possible to set access control settings on a tempfile (for example).

Arguments:

resource: probably a Chef::Resource::File object (or subclass), but

this is not required. Must respond to +owner+, +group+,
and +mode+

file: The file whose access control settings you wish to modify,

given as a String.

TODO requiring current_resource will break cookbook_file template_file



54
55
56
57
58
# File 'lib/chef/file_access_control.rb', line 54

def initialize(current_resource, new_resource, provider)
  @current_resource, @resource, @provider = current_resource, new_resource, provider
  @file = @current_resource.path
  @modified = false
end

Instance Attribute Details

#current_resourceObject (readonly)

Returns the value of attribute current_resource



37
38
39
# File 'lib/chef/file_access_control.rb', line 37

def current_resource
  @current_resource
end

#fileObject (readonly)

Returns the value of attribute file



40
41
42
# File 'lib/chef/file_access_control.rb', line 40

def file
  @file
end

#providerObject (readonly)

Returns the value of attribute provider



39
40
41
# File 'lib/chef/file_access_control.rb', line 39

def provider
  @provider
end

#resourceObject (readonly)

Returns the value of attribute resource



38
39
40
# File 'lib/chef/file_access_control.rb', line 38

def resource
  @resource
end

Instance Method Details

#modified?Boolean

Returns:

  • (Boolean)


60
61
62
# File 'lib/chef/file_access_control.rb', line 60

def modified?
  @modified
end