X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/98cce464a451dba30327b140964b0eafbcb9b16a..090fe909149f22d158c859a7d4a9edfb523df2fb:/cookbooks/accounts/recipes/default.rb diff --git a/cookbooks/accounts/recipes/default.rb b/cookbooks/accounts/recipes/default.rb index 07d94ee57..b0110cf3c 100644 --- a/cookbooks/accounts/recipes/default.rb +++ b/cookbooks/accounts/recipes/default.rb @@ -1,4 +1,3 @@ -# -*- coding: utf-8 -*- # # Cookbook Name:: accounts # Recipe:: default @@ -18,9 +17,7 @@ # limitations under the License. # -package "zsh" do - action :install -end +package "zsh" administrators = [] @@ -30,57 +27,53 @@ search(:accounts, "*:*").each do |account| if details[:status] group_members = details[:members] || account["members"] || [] - user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name.to_s}" - manage_home = details[:manage_home] || account["manage_home"] || node[:accounts][:manage_home] - groups = details[:groups] || account["groups"] || [] + user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name}" + manage_user_home = details.fetch(:manage_home, account.fetch("manage_home", node[:accounts][:manage_home])) - group_members = group_members.collect { |m| m.to_s }.sort + group_members = group_members.collect(&:to_s).sort case details[:status] when "role" - user_shell = "/sbin/nologin" + user_shell = "/usr/sbin/nologin" when "user", "administrator" user_shell = details[:shell] || account["shell"] || node[:accounts][:shell] end group name.to_s do - action :create gid account["uid"].to_i members group_members & node[:etc][:passwd].keys end user name.to_s do - action :create uid account["uid"].to_i gid account["uid"].to_i comment account["comment"] if account["comment"] home user_home shell user_shell - supports :manage_home => manage_home + manage_home manage_user_home end - remote_directory user_home do + remote_directory "/home/#{name}" do + path user_home source name.to_s owner name.to_s group name.to_s - mode 0755 + mode 0o755 files_owner name.to_s files_group name.to_s - files_mode 0644 + files_mode 0o644 only_if do begin cookbook = run_context.cookbook_collection[cookbook_name] files = cookbook.relative_filenames_in_preferred_directory(node, :files, name.to_s) - not files.empty? + !files.empty? rescue Chef::Exceptions::FileNotFound false end end end - if details[:status] == "administrator" - administrators.push(name.to_s) - end + administrators.push(name.to_s) if details[:status] == "administrator" else user name.to_s do action :remove @@ -92,7 +85,7 @@ search(:accounts, "*:*").each do |account| end end -node[:accounts][:groups].each do |name,details| +node[:accounts][:groups].each do |name, details| group name do action :modify members details[:members]