Class: Puppet::Provider::NameService

Inherits:

Puppet::Provider

• Object
• Puppet::Provider
• Puppet::Provider::NameService

Defined in:

lib/puppet/provider/nameservice.rb,
lib/puppet/provider/nameservice/pw.rb,
lib/puppet/provider/nameservice/objectadd.rb

Overview

This is the parent class of all NSS classes. They're very different in their backend, but they're pretty similar on the front-end. This class provides a way for them all to be as similar as possible.

Direct Known Subclasses

DirectoryService, ObjectAdd

Defined Under Namespace

Classes: DirectoryService, ObjectAdd, PW

Constant Summary

Constants inherited from Puppet::Provider

Confine

Constants included from Util

Util::AbsolutePathPosix, Util::AbsolutePathWindows, Util::DEFAULT_ENV, Util::DEFAULT_POSIX_MODE, Util::DEFAULT_WINDOWS_MODE, Util::PUPPET_STACK_INSERTION_FRAME, Util::RFC_3986_URI_REGEX

Constants included from Util::SymbolicFileMode

Util::SymbolicFileMode::SetGIDBit, Util::SymbolicFileMode::SetUIDBit, Util::SymbolicFileMode::StickyBit, Util::SymbolicFileMode::SymbolicMode, Util::SymbolicFileMode::SymbolicSpecialToBit

Constants included from Util::POSIX

Util::POSIX::LOCALE_ENV_VARS, Util::POSIX::USER_ENV_VARS

Constants included from Util::Docs

Util::Docs::HEADER_LEVELS

Instance Attribute Summary

Attributes inherited from Puppet::Provider

#resource

Attributes included from Util::Docs

#doc, #nodoc

Class Method Summary

• .autogen_default(param) ⇒ Object
• .autogen_defaults(hash) ⇒ Object
• .autogen_id(field, resource_type) ⇒ Object

  Autogenerate either a uid or a gid.

• .initvars ⇒ Object
• .instances ⇒ Object
• .listbyname ⇒ Object

  List everything out by name.

• .option(name, option) ⇒ Object
• .options(name, hash) ⇒ Object
• .resource_type=(resource_type) ⇒ Object
• .section ⇒ Object

  This is annoying, but there really aren't that many options, and this is built into Ruby.

• .validate(name, value) ⇒ Object
• .verify(name, error, &block) ⇒ Object

Instance Method Summary

• #autogen(field) ⇒ Object

  Autogenerate a value.

• #comments_insync?(current, should) ⇒ Boolean

  From overriding Puppet::Property#insync? Ruby Etc::getpwnam < 2.1.0 always returns a struct with binary encoded string values, and >= 2.1.0 will return binary encoded strings for values incompatible with current locale charset, or Encoding.default_external if compatible.

• #create ⇒ Object
• #delete ⇒ Object
• #ensure ⇒ Object
• #exists? ⇒ Boolean

  Does our object exist?.

• #get(param) ⇒ Object

  Retrieve a specific value by name.

• #getinfo(refresh) ⇒ Object

  Retrieve what we can about our object.

• #groups ⇒ Object

  The list of all groups the user is a member of.

• #has_sensitive_data?(property = nil) ⇒ Boolean

  Derived classes can override to declare sensitive data so a flag can be passed to execute.

• #info2hash(info) ⇒ Object

  Convert the Etc struct into a hash.

• #initialize(resource) ⇒ NameService constructor

  A new instance of NameService.

• #munge(name, value) ⇒ Object
• #set(param, value) ⇒ Object
• #unmunge(name, value) ⇒ Object

Methods inherited from Puppet::Provider

#<=>, #clear, command, #command, commands, declared_feature?, default?, default_match, defaultfor, execfail, #execfail, execpipe, #execpipe, execute, #execute, fact_match, feature_match, #flush, has_command, #inspect, mk_resource_methods, #name, notdefaultfor, optional_commands, post_resource_eval, prefetch, some_default_match, specificity, supports_parameter?, #to_s

Methods included from Util::Logging

#clear_deprecation_warnings, #debug, #deprecation_warning, #format_backtrace, #format_exception, #get_deprecation_offender, #log_and_raise, #log_deprecations_to_file, #log_exception, #puppet_deprecation_warning, #send_log, setup_facter_logging!, #warn_once

Methods included from Util

absolute_path?, benchmark, chuser, clear_environment, deterministic_rand, deterministic_rand_int, exit_on_fail, format_backtrace_array, format_puppetstack_frame, get_env, get_environment, logmethods, merge_environment, path_to_uri, pretty_backtrace, replace_file, resolve_stackframe, safe_posix_fork, set_env, symbolizehash, thinmark, uri_encode, uri_query_encode, uri_to_path, uri_unescape, which, withenv, withumask

Methods included from Util::SymbolicFileMode

#normalize_symbolic_mode, #symbolic_mode_to_int, #valid_symbolic_mode?

Methods included from Util::POSIX

#get_posix_field, #gid, groups_of, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::Docs

#desc, #dochook, #doctable, #markdown_definitionlist, #markdown_header, #nodoc?, #pad, scrub

Methods included from Confiner

#confine, #confine_collection, #suitable?

Methods included from Util::Warnings

clear_warnings, debug_once, maybe_log, notice_once, warnonce

Methods included from Util::Errors

#adderrorcontext, #devfail, #error_context, error_location, error_location_with_space, error_location_with_unknowns, #exceptwrap, #fail

Constructor Details

#initialize(resource) ⇒ NameService

Returns a new instance of NameService.

# File 'lib/puppet/provider/nameservice.rb', line 268

def initialize(resource)
  super
  @custom_environment = {}
  @objectinfo = nil
  if resource.is_a?(Hash) && !resource[:canonical_name].nil?
    @canonical_name = resource[:canonical_name]
  else
    @canonical_name = resource[:name]
  end
end

Class Method Details

.autogen_default(param) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 8

def autogen_default(param)
  defined?(@autogen_defaults) ? @autogen_defaults[param.intern] : nil
end

.autogen_defaults(hash) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 12

def autogen_defaults(hash)
  @autogen_defaults ||= {}
  hash.each do |param, value|
    @autogen_defaults[param.intern] = value
  end
end

.autogen_id(field, resource_type) ⇒ Object

Autogenerate either a uid or a gid. This is not very flexible: we can only generate one field type per class, and get kind of confused if asked for both.

# File 'lib/puppet/provider/nameservice.rb', line 141

def self.autogen_id(field, resource_type)
  # Figure out what sort of value we want to generate.
  case resource_type
  when :user;   database = :passwd;  method = :uid
  when :group;  database = :group;   method = :gid
  else
    #TRANSLATORS "autogen_id()" is a method name and should not be translated
    raise Puppet::DevError, _("autogen_id() does not support auto generation of id for resource type %{resource_type}") % { resource_type: resource_type }
  end

  # Initialize from the data set, if needed.
  unless @prevauto
    # Sadly, Etc doesn't return an enumerator, it just invokes the block
    # given, or returns the first record from the database.  There is no
    # other, more convenient enumerator for these, so we fake one with this
    # loop.  Thanks, Ruby, for your awesome abstractions. --daniel 2012-03-23
    highest = []
    Puppet::Etc.send(database) {|entry| highest << entry.send(method) }
    highest = highest.reject {|x| x > 65000 }.max

    @prevauto = highest || 1000
  end

  # ...and finally increment and return the next value.
  @prevauto += 1
end

.initvars ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 19

def initvars
  @checks = {}
  @options = {}
  super
end

.instances ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 25

def instances
  objects = []
  begin
    method = Puppet::Etc.method(:"get#{section}ent")
    while ent = method.call #rubocop:disable Lint/AssignmentInCondition
      objects << new(:name => ent.name, :canonical_name => ent.canonical_name, :ensure => :present)
    end
  ensure
    Puppet::Etc.send("end#{section}ent")
  end
  objects
end

.listbyname ⇒ Object

List everything out by name. Abstracted a bit so that it works for both users and groups.

# File 'lib/puppet/provider/nameservice.rb', line 59

def listbyname
  Puppet.deprecation_warning(_("listbyname is deprecated and will be removed in a future release of Puppet. Please use `self.instances` to obtain a list of users."))
  names = []
  Puppet::Etc.send("set#{section()}ent")
  begin
    while ent = Puppet::Etc.send("get#{section()}ent") #rubocop:disable Lint/AssignmentInCondition
      names << ent.name
      yield ent.name if block_given?
    end
  ensure
    Puppet::Etc.send("end#{section()}ent")
  end

  names
end

.option(name, option) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 38

def option(name, option)
  name = name.intern if name.is_a? String
  (defined?(@options) and @options.include? name and @options[name].include? option) ? @options[name][option] : nil
end

.options(name, hash) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 43

def options(name, hash)
  unless resource_type.valid_parameter?(name)
    raise Puppet::DevError, _("%{name} is not a valid attribute for %{resource_type}") % { name: name, resource_type: resource_type.name }
  end
  @options ||= {}
  @options[name] ||= {}

  # Set options individually, so we can call the options method
  # multiple times.
  hash.each do |param, value|
    @options[name][param] = value
  end
end

.resource_type=(resource_type) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 75

def resource_type=(resource_type)
  super
  @resource_type.validproperties.each do |prop|
    next if prop == :ensure
    define_method(prop) { get(prop) || :absent} unless public_method_defined?(prop)
    define_method(prop.to_s + "=") { |*vals| set(prop, *vals) } unless public_method_defined?(prop.to_s + "=")
  end
end

.section ⇒ Object

This is annoying, but there really aren't that many options, and this is built into Ruby.

# File 'lib/puppet/provider/nameservice.rb', line 86

def section
  unless resource_type
    raise Puppet::DevError,
      "Cannot determine Etc section without a resource type"
  end

  if @resource_type.name == :group
    "gr"
  else
    "pw"
  end
end

.validate(name, value) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 99

def validate(name, value)
  name = name.intern if name.is_a? String
  if @checks.include? name
    block = @checks[name][:block]
    raise ArgumentError, _("Invalid value %{value}: %{error}") % { value: value, error: @checks[name][:error] } unless block.call(value)
  end
end

.verify(name, error, &block) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 107

def verify(name, error, &block)
  name = name.intern if name.is_a? String
  @checks[name] = {:error => error, :block => block}
end

Instance Method Details

#autogen(field) ⇒ Object

Autogenerate a value. Mostly used for uid/gid, but also used heavily with DirectoryServices

# File 'lib/puppet/provider/nameservice.rb', line 121

def autogen(field)
  field = field.intern
  id_generators = {:user => :uid, :group => :gid}
  if id_generators[@resource.class.name] == field
    return self.class.autogen_id(field, @resource.class.name)
  else
    value = self.class.autogen_default(field)
    if value
      return value
    elsif respond_to?("autogen_#{field}")
      return send("autogen_#{field}")
    else
      return nil
    end
  end
end

#comments_insync?(current, should) ⇒ Boolean

From overriding Puppet::Property#insync? Ruby Etc::getpwnam < 2.1.0 always returns a struct with binary encoded string values, and >= 2.1.0 will return binary encoded strings for values incompatible with current locale charset, or Encoding.default_external if compatible. Compare a “should” value with encoding of “current” value, to avoid unnecessary property syncs and comparison of strings with different encodings. (PUP-6777)

return basic string comparison after re-encoding (same as Puppet::Property#property_matches)

Returns:

• (Boolean)

# File 'lib/puppet/provider/nameservice.rb', line 305

def comments_insync?(current, should)
  # we're only doing comparison here so don't mutate the string
  desired = should[0].to_s.dup
  current == desired.force_encoding(current.encoding)
end

#create ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 168

def create
  if exists?
    info _("already exists")
    # The object already exists
    return nil
  end

  begin
    sensitive = has_sensitive_data?
    execute(self.addcmd, {:failonfail => true, :combine => true, :custom_environment => @custom_environment, :sensitive => sensitive})
    if feature?(:manages_password_age) && (cmd = passcmd)
      execute(cmd, {:failonfail => true, :combine => true, :custom_environment => @custom_environment, :sensitive => sensitive})
    end
  rescue Puppet::ExecutionFailure => detail
    raise Puppet::Error, _("Could not create %{resource} %{name}: %{detail}") % { resource: @resource.class.name, name: @resource.name, detail: detail }, detail.backtrace
  end
end

#delete ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 186

def delete
  unless exists?
    info _("already absent")
    # the object already doesn't exist
    return nil
  end

  begin
    execute(self.deletecmd, {:failonfail => true, :combine => true, :custom_environment => @custom_environment})
  rescue Puppet::ExecutionFailure => detail
    raise Puppet::Error, _("Could not delete %{resource} %{name}: %{detail}") % { resource: @resource.class.name, name: @resource.name, detail: detail }, detail.backtrace
  end
end

#ensure ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 200

def ensure
  if exists?
    :present
  else
    :absent
  end
end

#exists? ⇒ Boolean

Does our object exist?

Returns:

• (Boolean)

# File 'lib/puppet/provider/nameservice.rb', line 209

def exists?
  !!getinfo(true)
end

#get(param) ⇒ Object

Retrieve a specific value by name.

# File 'lib/puppet/provider/nameservice.rb', line 214

def get(param)
  (hash = getinfo(false)) ? unmunge(param, hash[param]) : nil
end

#getinfo(refresh) ⇒ Object

Retrieve what we can about our object

# File 'lib/puppet/provider/nameservice.rb', line 237

def getinfo(refresh)
  if @objectinfo.nil? or refresh == true
    @etcmethod ||= ("get" + self.class.section.to_s + "nam").intern
    begin
      @objectinfo = Puppet::Etc.send(@etcmethod, @canonical_name)
    rescue ArgumentError
      @objectinfo = nil
    end
  end

  # Now convert our Etc struct into a hash.
  @objectinfo ? info2hash(@objectinfo) : nil
end

#groups ⇒ Object

The list of all groups the user is a member of. Different user mgmt systems will need to override this method.

# File 'lib/puppet/provider/nameservice.rb', line 253

def groups
  Puppet::Util::POSIX.groups_of(@resource[:name]).join(',')
end

#has_sensitive_data?(property = nil) ⇒ Boolean

Derived classes can override to declare sensitive data so a flag can be passed to execute

Returns:

• (Boolean)

# File 'lib/puppet/provider/nameservice.rb', line 292

def has_sensitive_data?(property = nil)
  false
end

#info2hash(info) ⇒ Object

Convert the Etc struct into a hash.

# File 'lib/puppet/provider/nameservice.rb', line 258

def info2hash(info)
  hash = {}
  self.class.resource_type.validproperties.each do |param|
    method = posixmethod(param)
    hash[param] = info.send(posixmethod(param)) if info.respond_to? method
  end

  hash
end

#munge(name, value) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 218

def munge(name, value)
  block = self.class.option(name, :munge)
  if block and block.is_a? Proc
    block.call(value)
  else
    value
  end
end

#set(param, value) ⇒ Object

Raises:

• (Puppet::DevError)

# File 'lib/puppet/provider/nameservice.rb', line 279

def set(param, value)
  self.class.validate(param, value)
  cmd = modifycmd(param, munge(param, value))
  raise Puppet::DevError, _("Nameservice command must be an array") unless cmd.is_a?(Array)
  sensitive = has_sensitive_data?(param)
  begin
    execute(cmd, {:failonfail => true, :combine => true, :custom_environment => @custom_environment, :sensitive => sensitive})
  rescue Puppet::ExecutionFailure => detail
    raise Puppet::Error, _("Could not set %{param} on %{resource}[%{name}]: %{detail}") % { param: param, resource: @resource.class.name, name: @resource.name, detail: detail }, detail.backtrace
  end
end

#unmunge(name, value) ⇒ Object

# File 'lib/puppet/provider/nameservice.rb', line 227

def unmunge(name, value)
  block = self.class.option(name, :unmunge)
  if block and block.is_a? Proc
    block.call(value)
  else
    value
  end
end