From: Tom Hughes Date: Tue, 18 Jun 2013 19:26:50 +0000 (+0100) Subject: Add accounts cookbook X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/98cce464a451dba30327b140964b0eafbcb9b16a Add accounts cookbook --- diff --git a/cookbooks/accounts/README.rdoc b/cookbooks/accounts/README.rdoc new file mode 100644 index 000000000..3de2ec7a3 --- /dev/null +++ b/cookbooks/accounts/README.rdoc @@ -0,0 +1,8 @@ += DESCRIPTION: + += REQUIREMENTS: + += ATTRIBUTES: + += USAGE: + diff --git a/cookbooks/accounts/attributes/default.rb b/cookbooks/accounts/attributes/default.rb new file mode 100644 index 000000000..8535ee403 --- /dev/null +++ b/cookbooks/accounts/attributes/default.rb @@ -0,0 +1,6 @@ +default[:accounts][:home] = "/home" +default[:accounts][:shell] = "/bin/bash" +default[:accounts][:manage_home] = true + +default[:accounts][:groups] = {} +default[:accounts][:users] = {} diff --git a/cookbooks/accounts/files/default/bsupnik/.ssh/authorized_keys b/cookbooks/accounts/files/default/bsupnik/.ssh/authorized_keys new file mode 100644 index 000000000..b4044a6f7 --- /dev/null +++ b/cookbooks/accounts/files/default/bsupnik/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA3n7wYu2w29/qkHINIRxImmgMxM8tdF8sa1JiX+71uYZK09Iw1rZXd3RLznJZAHeVAW6vLHWGHww5Bn7be+kVNVNZwpvhVhnMHsmuubHunsgwLB1eSTKMLFl5Fnap/Mva7y2MpzCVRrfQx+PeBt+YMISWlDzXZjWZcVfKhfPiVlE= bsupnik@bsupniks-Computer.local. diff --git a/cookbooks/accounts/files/default/emacsen/.ssh/authorized_keys b/cookbooks/accounts/files/default/emacsen/.ssh/authorized_keys new file mode 100644 index 000000000..77b501023 --- /dev/null +++ b/cookbooks/accounts/files/default/emacsen/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA12v7P4FbTTH0T3rJcAxdS6Pb3o9XJoW9aWhamQkMY3Lq8bC8QTnrXVRBup+co2iASFZdzZ524QDkFNiuR7bZdmQ1/NKVaPL8dpRGHUPv9q5XpK1becRRe54EKIJ6qzkJhKXsxM9dBb7uo4JeQD3PA5+ut0TOnRLy+U5jcYawtq13eShGTC5GPuZ98peSk3/qZ1ZS5x/PH7i/C9c9r83MuuxJf5ymmXorJ1+wGLC67nKARlUEXD0XHiRhpG9NFtnU0JYYxK0D1d0PfvX/EE7SGgW6ipEhiLLxeqlOpBjkMKq5VIVQ2Ipgh3sFRdsi94Y1J0Fj5xCv+4+B5msa04Tzow== serge@chid diff --git a/cookbooks/accounts/files/default/grant/.screenrc b/cookbooks/accounts/files/default/grant/.screenrc new file mode 100644 index 000000000..37780a74a --- /dev/null +++ b/cookbooks/accounts/files/default/grant/.screenrc @@ -0,0 +1,2 @@ +startup_message off +defscrollback 65536 diff --git a/cookbooks/accounts/files/default/grant/.ssh/authorized_keys b/cookbooks/accounts/files/default/grant/.ssh/authorized_keys new file mode 100644 index 000000000..8099b875a --- /dev/null +++ b/cookbooks/accounts/files/default/grant/.ssh/authorized_keys @@ -0,0 +1,2 @@ +ssh-dss AAAAB3NzaC1kc3MAAACBAM9wZAcO8MqVXW17VXjMpxq/U2GGd4jIJ67CgDI1Jhfm78oznTF006I1zh2yDfjEXqfOvBmyqkYMDnA75d6VXwy5hD2aZ7gYu8TsaZX6uG3MRG++oR9WkIucObPaj1+LbO+73GmlKPddmKKsyDMBV6W/8qmoBQMyNXCeIm3vXLonAAAAFQC06ezuGC0jDglxsLEYeE3/A56NWQAAAIEAobS+f9KybKNeNIYnVxCuGcBw0cMkIWMqunMeG08op7VYVr9Fx7/xHWZ4LKvC4LP/9VCbKHe0SANGTpkfrmMiJ/sP6GJuL6X1g3uhIX/2Zz+ESU7y3yGXK4jU27RtlVzsMllU7BPg9eLHX6+GENwgs5eDz4IIfcIPPSD+jPFLAhwAAACBAKIamuH59UdlkqxwE+g99ia7i3Yw2wdS+FM5Aj+YTcNNqOsSvgFiYYBg9pwU3Kfms6eYBZiIdS+CJDiI9YWJXsxSJr9nyYEYx9LLXUhrSWaaBe5Nl+tum9eAJ0LJemivC8CFCF+JvsOuCk5wtzWzggcCR0TM3TVvkkKhfwA5q7Ch Main-Grant-Auth-Key +ssh-dss AAAAB3NzaC1kc3MAAACBAPv/T+094iSqNFUXqHyzH1qYUmMOalHTa2gsaDqViMSiG4qS1ft7mXTfffF5B/+kGG3wqNZqbCVZCfEeXQTPgRZ80UDpUPH5bKeb8GhmQJTwp/v9pnUGCneIxqv2SeamhtLISaVKiInocDRGZtMp0pho5xDan57vyc5EFRKAf/aFAAAAFQD4CRTqfjAosrdY/kyVzAHEvODH8QAAAIAwZzp48LQ3XKEudVNgGaSycjRMEatClyPTZ6lbEd/DFD4MkwIetCF64qX0W0ny0JaFLrAMEMpSKwEm4c8djQftmZjqOpVaYy5nSb2pLQBBopTAEUXbVwCdbEXg9rRuzKzD+ak3K43/FTCPy1C6og7mNag2shXe9QHVeM/ukxsqXQAAAIAnkPD4VvSVoB0DnhHOqrUYoD/a66Y5lHjHtQi6lwsHfN8m0zK7SP9Rj54eVpMlvm4jLLX/liUBhw+APKMWham/KRpk15q/AnZXIKzRIuzEMYe8y6j3AC4Hngnv/4RJCyWxfpqUBr1XV7qMdTeVgY3GQ3fIseKIF9qWWloX3CBeZg== Home-Grant-Auth-Key diff --git a/cookbooks/accounts/files/default/jburgess/.ssh/authorized_keys b/cookbooks/accounts/files/default/jburgess/.ssh/authorized_keys new file mode 100644 index 000000000..3f88c0410 --- /dev/null +++ b/cookbooks/accounts/files/default/jburgess/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-dss AAAAB3NzaC1kc3MAAACBAO6lwsxbR10vFcpVWi4ZcE0Fz473PuDT7O8WiWmJ86VAXJi/4QxXkSNDSy7c3SDjuFDRgDgPZH69w+UQ4PFVLrrMuhbB/zTBUQ4tK4kKhhfk+Q68X3LUiwYsl8Y6OGgdQDculxMNosBIRmwSzaFYrtybuV4J+lYVA2KYWLWqF67RAAAAFQCsq4dyMPvlcz30decwTL5WwgVPsQAAAIEAruuD25+FcunN1mR40OMlx7ahqbqvALSyPC70ymCPLdTMWpJcC8HViLI9aDWUnJ91UiLON+FZubhZ04CECFXWMah7w+pL0GdZau89BvypbZiwjoYjORIbvoWHD0IffLNupNKYXjj+Lk0CSsM976mpvJxECOklt5K00+guN/92QikAAACALUEPbjpLPk+zQdVD2i3fcTE4ZRLWRQ5ihaQx2RzeaKAphBLFBP0tCTLkesys7HCJvJy7gM56iXxuK+PfgSX/oOzxu5gPK6bpfQPaHEkNrs5+BhJJayAXzQ2BWzgc2NW8obe4QLXp8K+aaCyaBJBdofn7AdFKoMmCJFsu2vryvRU= jburgess777@googlemail.com diff --git a/cookbooks/accounts/files/default/lonvia/.ssh/authorized_keys b/cookbooks/accounts/files/default/lonvia/.ssh/authorized_keys new file mode 100644 index 000000000..30978f06d --- /dev/null +++ b/cookbooks/accounts/files/default/lonvia/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkixVTAzfDRA9EDiTOa3uFeUE1Eke5mBhV7tpVLj7eMxSNLxsy4mSJ3utyApQH7WR9KaqqJYwKhty/oMkQIhPbOJnnvPS40aiN9qyor/D84CEWSVPXwXVVA3/5fntcI2u27GPbMMtstQoXjg+W1bmKdgY+YSyJcqE46AmtJDT1U+KuhJeU684ecECdo8TEP67qjSle3bR7JXXrRhcB4/AsYLeipqllhooP0+dn6tOxdJpY3QvdlL962RGUTXERmulVt1Iv86ENpGHaM0fXKf6ZcWYvcUjfnIKf4OEkh8I66M0Gd9z97Syd2dZ3cf8ItVbITn0nUhsH2XETTlE2dI5 suzuki@sihtu diff --git a/cookbooks/accounts/files/default/lyonix/.ssh/authorized_keys b/cookbooks/accounts/files/default/lyonix/.ssh/authorized_keys new file mode 100644 index 000000000..afee60d97 --- /dev/null +++ b/cookbooks/accounts/files/default/lyonix/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBU549WXP/YGZ3fpvE4pAbVbrsB8to7nS052URhMnyjReJOW44dhFvgT6AWRL5TNRtdZPy+qzNbxer95QJMROINsq6n+UkqnD0kA6OyHQCRidNXhe+qv/A8GphLL6Juh9Ey1isuCusNb+Ysmx+disrqV+sSlWNRxYKQStRF2af5eFTSa4z+NSufMmbsc+DX6v7CJg6hHfR4j3eDk2ATX8idmMkiG42ftB10fN2+6bp2phf/x4gIo1k1GsRJGdzRnzKeZGuGIiPwK1CaEjKyDlQU79YjXnQ1v5los3lxFMBEwSQeK7h2MM507ycoxOMuK2i/KnuBBBp20mSkQSZP2HB djacquet@bureautique.rezopole.net diff --git a/cookbooks/accounts/files/default/matt/.ssh/authorized_keys b/cookbooks/accounts/files/default/matt/.ssh/authorized_keys new file mode 100644 index 000000000..da3a0717e --- /dev/null +++ b/cookbooks/accounts/files/default/matt/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyBrnrkjzAJqXtRP0MFKlc3v4fTnrRzzebIFH8YpFRCaLKpIXWVbg5BqXuxHB/vqf/1Gknycb7bgLPbhWr+b50D+nnodiJ35HPqrQVLG6nsqxnbbVXO1IR7KsctL+Wr3GW5pBeWct9GAALn8ACAR8zZ/4V6qXDgUvh0inefcqpks1YgdPdyAGLMFy7hzI5lY8kGh58kVPXMpyJLVnGX0yUjrip9IkPrGBvMDiGDiPwLOfKGDR0s1An1GK2i4k2rPxkZzdQSbqZXaaCw3MNJkDvwSmQNQp4Rprfy5BqptwJg4PLnGGePfYbzsqYA0/Pq4ccO+NPCDxZxb2XuVjgXEg8Q== matt@horntail.openstreetmap.org diff --git a/cookbooks/accounts/files/default/tomh/.ssh/authorized_keys b/cookbooks/accounts/files/default/tomh/.ssh/authorized_keys new file mode 100644 index 000000000..5c7d7e166 --- /dev/null +++ b/cookbooks/accounts/files/default/tomh/.ssh/authorized_keys @@ -0,0 +1,5 @@ +ssh-dss AAAAB3NzaC1kc3MAAAEAWSUuvFFDXXF/UnQepZWvxyAQX4P0AEulRZ2dDPgZDNbfmO7QilZqYO4oQxKNZNDsQCsVXU3+ulv4geWZviLUW/z+Nq8R2+bdT7uuqU+9VE35r/EBpCZN6FFs/flaHlLSWEKn/ylwSDnhOWvZWjQzwd4F9nS9uWuDLtuKm5CBGktn2KPILS8QlsNfWrMdWeTofDEJUaMnM6pgVgeCWh1ytY2gAQFZmvCNzSfklRoHUDqiobhR4v6wZ2inpEy3FUkRirhDse4Cr7y5xFAlRbYQGic2RYkkrbOQFc8RG7dT+4EOFZ2/6s9kgDTHmH3YKpKVsZ+LT2HpG8ZB56FbCAa7bQAAABUAsJDjG1S1ShyInQkvl02ImtxbhJEAAAEAAyN4uWN5/Sku18JJFw1qBiNAd6uScHgQpvIQw5nABhtqyZkXEPnMosV9HIuZ5R+ZDv3vGfZw3f7TPL1jXXoubog9/p+nCjYUOZPAoYRqcA1RieCgtja0pBRi7DeJSAXS3pMPnhGqu++i84rGIUVMEQCeRbDht3Jpygt1wRMUDTCZbaqBl9Ab2OM5i3CwQ+xYXNU1wT+vUlcmiSmjKd6u2fGGlcLk5QPbr+65svqnz979Ubsh/qbCo5O+DnjnPiaQWLjA9nIweMO+RDOGcWJCUioSFu4hK1VFJE0/X4q7mNP3NwkkPXLxsqMMfXi4Ffk7eXm0+LbXN50/M7b/Hj4m8AAAAQA6DH7H/zHoUiPIzvGg2sMhPwDkWGQKPecK6tUT7d+mga+Htk/sAe2+KbhCtorDFGAJTPhfWangPBncrb09TQvBvSC87nDkitG2yJjNAWGCmReJbnjKKzVEIct7LGgvR2vLOHaoJ8Cbi0KeY/QiF2tLc3n+V8PiQL/P1Sxd0tpIj9afezz85Fp6VFr2KqEj1Bkd+X1l3aHmAjLwdZmPP62ttF4B6JLZeIwxXyNwQQCrx44az/WSCPPG+Pe+kwkWPcFN6PAROw+QI4Et3I0/xj0dzf5DLwz1xyR9mo2OPmykeOlWt7vWN9qf//Q0AoEKXrDgD1h62U7XIkFir7wm2Q9g tom@mobile +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDMuTN4ke33/1/MZ+0H6FlcCM5RK0OG+JexYexN0CtyljByAfOII58GKbOJ1NS7VZvX4/gKQB59feZEE87kZVdgcAyN8lJjBIfiXk9qdqOvXbt50/0dJgOkVdoaN3yi8K+7cQkKH4zUK6n88KorMJWr/cpQ70q2umxXzOHmV4Hptw== nexus +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbC77T4TRsEE578LX/UDs6z5mvVo8r8Gh9UZ/mBlzkWU6KI6cqhGCskrU4PdjgcSWakAsoksIzk5VEQv9JdxsmX2It/fQ7k/TO/hEhMw2unT1UexuPKJaea5KQmJUx39jiulMS8gLhIbMPia8UyHRAMoDZvMkbwPk1wNf5/Cre650O1A0qGxSAn69lKJxn4rjsOJpdyzyz1D88EwjxDtOmYvTJWdFizoKkyGb+lKeLHKSY2onkAtC8gkYdWyljS4E3y9iglCBooZxoGMTFkejbCAJw6k8oxBjs+ZOBhiipQuhLVw2Ax5B2vf+yGL1IGFKRRlZP5iiOmi73HFahn1Sh tom@bericote.compton.nu +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvGdR4sW8XhS7mk5niaz+rRzRBQ/DlGzUWpM7/JNI6K/mFI/tOaUuc1jLdKyfAU6coh3m5CbuQo6a5IcahR+QsgN9PyofO+ffRxcXOonKDFjvohs9H9tO92tT7a8GrPydhDG0sRr3t8ER55XefNoI0SXi1TfEusNKRJG98m2917dOWaIhXB7iunsN38Rx5TkkJ1KYRtXwHUoiX4flemrbBGSHnkr0QnynGdmat2hAT6jyHyyeE6D3XPdLqvRkheJ8FET/PmYkzazVNrU9+kqP4Sdyvr9Dg4+PtMZlOBg95OHJumCA6zRzoqxWAoxqJMaQAHlJlgARIO0Hk1l7V6SCh tom@dunsmere.compton.nu +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDX1XEBTtLZ8DGHe6y6FKyFhUYiTPZEl6LzxZYDmSWW+rJYKkAhCxUy4Ymyd5n/IDFsNre/iJztD2bR/D19dKiyhh82bNOJzyMeJRnkAbLx8y+YIxwzJl9uOG/wGjW4Dj1xBB3VV0kj7WBwAErstC/0h5gt2LWSlEsTJi9FuJ9B01DUNhVjJOC2BOi0Knd+LkFSId4Tfgx7Ufyd2qlm6qDZ9Fic25lv97dALNPmXz6kkhFpR3Lcr6LxZO2VxrpF6j1tDJ+z2YQGiYi+qgh6vEuIqjFbAmeh635fi6uk8TsTjuLSP6WomulC6ciVjzMuTFRQvCBLX4Pi19kNWZ/scOi/ thh@bristol.uk.cyberscience.com diff --git a/cookbooks/accounts/files/default/tomh/.ssh/known_hosts b/cookbooks/accounts/files/default/tomh/.ssh/known_hosts new file mode 100644 index 000000000..e69de29bb diff --git a/cookbooks/accounts/files/default/tomh/.vimrc b/cookbooks/accounts/files/default/tomh/.vimrc new file mode 100644 index 000000000..fb8850844 --- /dev/null +++ b/cookbooks/accounts/files/default/tomh/.vimrc @@ -0,0 +1,2 @@ +" Force vim mode +set nocompatible diff --git a/cookbooks/accounts/files/default/tomh/.zcomp b/cookbooks/accounts/files/default/tomh/.zcomp new file mode 100644 index 000000000..a8142c6df --- /dev/null +++ b/cookbooks/accounts/files/default/tomh/.zcomp @@ -0,0 +1,14 @@ +# The following lines were added by compinstall + +zstyle ':completion:*' completer _complete +zstyle ':completion:*' format 'Completing %d' +zstyle ':completion:*' group-name '' +zstyle ':completion:*' insert-unambiguous true +zstyle ':completion:*' keep-prefix true +zstyle ':completion:*' menu select=long +zstyle ':completion:*' select-prompt %SScrolling active: current selection at %p%s +zstyle :compinstall filename '/home/tom/.zcomp' + +autoload -U compinit +compinit +# End of lines added by compinstall diff --git a/cookbooks/accounts/files/default/tomh/.zshrc b/cookbooks/accounts/files/default/tomh/.zshrc new file mode 100644 index 000000000..34122108b --- /dev/null +++ b/cookbooks/accounts/files/default/tomh/.zshrc @@ -0,0 +1,118 @@ +# Set file creation mask +umask 002 + +# # No core dumps +limit coredumpsize 0 + +# Terminal initialization +stty -ixon +ttyctl -f + +# Make sure we know the username +if [[ -z "$USER" ]] +then + USER=`logname`; export USER +fi + +# Setup a default path +PATH=.:$HOME/bin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin:/usr/X11R6/bin + +# Setup a pager +PAGER=less; export PAGER +LESS=aceiMs; export LESS + +# Use vi for editing +EDITOR=/usr/bin/vi; export EDITOR +VISUAL=/usr/bin/vi; export VISUAL + +# Z-shell options +setopt ALL_EXPORT +setopt AUTO_CD +setopt AUTO_LIST +setopt AUTO_MENU +setopt CDABLE_VARS +setopt CORRECT +setopt CORRECT_ALL +setopt EXTENDED_GLOB +setopt HIST_IGNORE_DUPS +setopt HIST_NO_STORE +setopt LIST_AMBIGUOUS +setopt LIST_TYPES +setopt LONG_LIST_JOBS +setopt NO_BEEP +setopt NO_NOMATCH +setopt NOTIFY +setopt RC_EXPAND_PARAM +setopt SH_WORD_SPLIT + +# Keep tramp happy +if [[ "$TERM" = "dumb" ]] +then + unsetopt ZLE +fi + +# History setup +HISTFILE=$HOME/.zshhistory +SAVEHIST=200 +HISTSIZE=200 + +# Files to ignore when completing +fignore=( \~ \# .o ) + +# Set the prompt +if [[ "$TERM" == "xterm" ]] +then + PROMPT="%{]2;%M%}%m [%~] %# " +else + PROMPT="%m [%~] %# " +fi + +# Set aliases +alias ls="ls -CFh" +alias df="df -h" +alias du="du -h" +alias mv="nocorrect mv" # no spelling correction on mv +alias cp="nocorrect cp" # no spelling correction on cp +alias mkdir="nocorrect mkdir" # no spelling correction on mkdir +alias man="nocorrect man" # no spelling correction on man +alias pg="less" +alias mailq="/usr/sbin/exim -bp" +alias runq="sudo /usr/sbin/exim -qq" +alias mailrm="sudo /usr/sbin/exim -Mrm" +alias mailedit="sudo /usr/sbin/exim -Meb" +alias mailfreeze="sudo /usr/sbin/exim -Mf" +alias mailthaw="sudo /usr/sbin/exim -Mt" + +# ish type history list (zsh: ctrl-v key, emacs ctrl-q key) +bindkey "\eOA" history-beginning-search-backward \ + "\e[A" history-beginning-search-backward \ + "\eOB" history-beginning-search-forward \ + "\e[B" history-beginning-search-forward \ + "\eOU" end-of-line \ + "\e[U" end-of-line \ + "^A" beginning-of-line \ + "^E" end-of-line \ + "\eOV" beginning-of-line \ + "\e[V" beginning-of-line \ + "\eOD" backward-char \ + "\e[D" backward-char \ + "\eOC" forward-char \ + "\e[C" forward-char \ + "^F" forward-word \ + "^B" backward-word \ + "\e[2~" overwrite-mode \ + "^P" push-line \ + "^K" kill-line \ + "\e[3~" delete-char + +# Completion options +. $HOME/.zcomp + +# Add the local functions to the function search path +fpath=($HOME/zshfuncs $fpath) + +# Autoload all functions on the function search path +foreach file in $HOME/zshfuncs/* +do + autoload `basename $file` +done diff --git a/cookbooks/accounts/files/default/yellowbkpk/.ssh/authorized_keys b/cookbooks/accounts/files/default/yellowbkpk/.ssh/authorized_keys new file mode 100644 index 000000000..0a070fe8d --- /dev/null +++ b/cookbooks/accounts/files/default/yellowbkpk/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDESqvUNR8uNH6vKyi1NlZlwvwRy6VxNpPuheIuUiEH4hNJ1uWGtllknIV6skIFrkM+PAQKMoPpGX6EzrF3IIT3JqGXpzwqVr/OMekfCLPARVcmN30jc8eMbOFtefKE+XyVrRmMSS6KVuap1elodoeZ2SQzk5zE+WW2RuMp0JquVSgZbM7FnmT16kNeasHiZ9QEwijY49bCcGEMZreRi1U9nmQssL4YCsptIHGiYGxm8bLhvjhTWEL/hFHwQ9by9sK2PDiQ4kv0h15nSzpxYcTNPurTarzMPgdULazC6nKVvuWOV1z385w6F4A58sHcrWAyGTJr8S//DunBMo2NoABv iandees@Ians-MacBook-Pro.local diff --git a/cookbooks/accounts/libraries/remote_directory.rb b/cookbooks/accounts/libraries/remote_directory.rb new file mode 100644 index 000000000..97adee117 --- /dev/null +++ b/cookbooks/accounts/libraries/remote_directory.rb @@ -0,0 +1,26 @@ +class Chef + class Provider + class RemoteDirectory + def action_create + super + Chef::Log.debug("Doing a remote recursive directory transfer for #{@new_resource}") + + files_transferred = Set.new + files_to_transfer.each do |cookbook_file_relative_path| + create_cookbook_file(cookbook_file_relative_path) + files_transferred << ::File.dirname(::File.join(@new_resource.path, cookbook_file_relative_path)) + files_transferred << ::File.join(@new_resource.path, cookbook_file_relative_path) + end + if @new_resource.purge + files_to_purge = Set.new( + Dir.glob(::File.join(@new_resource.path, '**', '*'), ::File::FNM_DOTMATCH).select do |name| + name !~ /(?:^|#{Regexp.escape(::File::SEPARATOR)})\.\.?$/ + end + ) + files_to_purge = files_to_purge - files_transferred + purge_unmanaged_files(files_to_purge) + end + end + end + end +end diff --git a/cookbooks/accounts/metadata.rb b/cookbooks/accounts/metadata.rb new file mode 100644 index 000000000..1bed5c348 --- /dev/null +++ b/cookbooks/accounts/metadata.rb @@ -0,0 +1,26 @@ +maintainer "OpenStreetMap Administrators" +maintainer_email "admins@openstreetmap.org" +license "Apache 2.0" +description "Accounts management" +long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc')) +version "1.0.0" + +attribute "accounts", + :display_name => "Accounts", + :description => "Hash of account attributes", + :type => "hash" + +attribute "accounts/home", + :display_name => "Home Directory", + :description => "Home directory for accounts", + :default => "/home" + +attribute "accounts/shell", + :display_name => "Default Shell", + :description => "Default shell for accounts", + :default => "/bin/bash" + +attribute "accounts/users", + :display_name => "Users", + :description => "User account details", + :type => "hash" diff --git a/cookbooks/accounts/recipes/default.rb b/cookbooks/accounts/recipes/default.rb new file mode 100644 index 000000000..07d94ee57 --- /dev/null +++ b/cookbooks/accounts/recipes/default.rb @@ -0,0 +1,116 @@ +# -*- coding: utf-8 -*- +# +# Cookbook Name:: accounts +# Recipe:: default +# +# Copyright 2010, OpenStreetMap Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package "zsh" do + action :install +end + +administrators = [] + +search(:accounts, "*:*").each do |account| + name = account["id"] + details = node[:accounts][:users][name] || {} + + if details[:status] + group_members = details[:members] || account["members"] || [] + user_home = details[:home] || account["home"] || "#{node[:accounts][:home]}/#{name.to_s}" + manage_home = details[:manage_home] || account["manage_home"] || node[:accounts][:manage_home] + groups = details[:groups] || account["groups"] || [] + + group_members = group_members.collect { |m| m.to_s }.sort + + case details[:status] + when "role" + user_shell = "/sbin/nologin" + when "user", "administrator" + user_shell = details[:shell] || account["shell"] || node[:accounts][:shell] + end + + group name.to_s do + action :create + gid account["uid"].to_i + members group_members & node[:etc][:passwd].keys + end + + user name.to_s do + action :create + uid account["uid"].to_i + gid account["uid"].to_i + comment account["comment"] if account["comment"] + home user_home + shell user_shell + supports :manage_home => manage_home + end + + remote_directory user_home do + source name.to_s + owner name.to_s + group name.to_s + mode 0755 + files_owner name.to_s + files_group name.to_s + files_mode 0644 + only_if do + begin + cookbook = run_context.cookbook_collection[cookbook_name] + files = cookbook.relative_filenames_in_preferred_directory(node, :files, name.to_s) + not files.empty? + rescue Chef::Exceptions::FileNotFound + false + end + end + end + + if details[:status] == "administrator" + administrators.push(name.to_s) + end + else + user name.to_s do + action :remove + end + + group name.to_s do + action :remove + end + end +end + +node[:accounts][:groups].each do |name,details| + group name do + action :modify + members details[:members] + append true + end +end + +group "sudo" do + action :manage + members administrators.sort +end + +group "admin" do + action :manage + members administrators.sort +end + +group "adm" do + action :modify + members administrators.sort +end