mod 'mayflower-prosody',
git: 'https://github.com/mayflower/puppet-prosody.git',
ref: '863bb4ee0cd3369ad69a211042b4c5f7d66f4444'
-mod 'puppet-posix_acl', '0.1.1'
# OpenStack
mod 'duritong/sysctl', '0.0.11'
+++ /dev/null
-# Changelog
-
-All notable changes to this project will be documented in this file.
-Each new release typically also includes the latest modulesync defaults.
-These should not affect the functionality of the module.
-
-## [v0.1.1](https://github.com/voxpupuli/puppet-posix_acl/tree/v0.1.1) (2018-10-14)
-
-[Full Changelog](https://github.com/voxpupuli/puppet-posix_acl/compare/v0.1.0...v0.1.1)
-
-**Merged pull requests:**
-
-- modulesync 2.2.0 and allow puppet 6.x [\#53](https://github.com/voxpupuli/puppet-posix_acl/pull/53) ([bastelfreak](https://github.com/bastelfreak))
-
-## [v0.1.0](https://github.com/voxpupuli/puppet-posix_acl/tree/v0.1.0) (2018-07-16)
-
-[Full Changelog](https://github.com/voxpupuli/puppet-posix_acl/compare/0.0.5...v0.1.0)
-
-**Implemented enhancements:**
-
-- Move to Vox Pupuli [\#29](https://github.com/voxpupuli/puppet-posix_acl/issues/29)
-
-**Merged pull requests:**
-
-- Remove docker nodesets [\#47](https://github.com/voxpupuli/puppet-posix_acl/pull/47) ([bastelfreak](https://github.com/bastelfreak))
-- drop EOL OSs; fix puppet version range [\#46](https://github.com/voxpupuli/puppet-posix_acl/pull/46) ([bastelfreak](https://github.com/bastelfreak))
-- Rubocop: Fix Style/PredicateName [\#42](https://github.com/voxpupuli/puppet-posix_acl/pull/42) ([alexjfisher](https://github.com/alexjfisher))
-- Rubocop: Fix Style/GuardClause [\#41](https://github.com/voxpupuli/puppet-posix_acl/pull/41) ([alexjfisher](https://github.com/alexjfisher))
-- Rubocop: Fix Lint/UselessAssignment [\#40](https://github.com/voxpupuli/puppet-posix_acl/pull/40) ([alexjfisher](https://github.com/alexjfisher))
-- Rubocop auto fixes [\#39](https://github.com/voxpupuli/puppet-posix_acl/pull/39) ([alexjfisher](https://github.com/alexjfisher))
-- Fix metadata and add LICENSE file [\#36](https://github.com/voxpupuli/puppet-posix_acl/pull/36) ([alexjfisher](https://github.com/alexjfisher))
-- remove ruby 1.9.3 support [\#35](https://github.com/voxpupuli/puppet-posix_acl/pull/35) ([dobbymoodge](https://github.com/dobbymoodge))
-
-## [0.0.5](https://github.com/voxpupuli/puppet-posix_acl/tree/0.0.5) (2017-12-12)
-
-[Full Changelog](https://github.com/voxpupuli/puppet-posix_acl/compare/0.0.4...0.0.5)
-
-## [0.0.4](https://github.com/voxpupuli/puppet-posix_acl/tree/0.0.4) (2017-12-12)
-
-[Full Changelog](https://github.com/voxpupuli/puppet-posix_acl/compare/0.0.3...0.0.4)
-
-**Fixed bugs:**
-
-- module name conflict [\#26](https://github.com/voxpupuli/puppet-posix_acl/issues/26)
-
-**Closed issues:**
-
-- Race condition with non existing file and recursemode =\> deep [\#22](https://github.com/voxpupuli/puppet-posix_acl/issues/22)
-- Publish to the forge [\#21](https://github.com/voxpupuli/puppet-posix_acl/issues/21)
-
-**Merged pull requests:**
-
-- Time to deprecate Ruby 1.8.7 support [\#31](https://github.com/voxpupuli/puppet-posix_acl/pull/31) ([dobbymoodge](https://github.com/dobbymoodge))
-- Fixes ACL's with spaces [\#30](https://github.com/voxpupuli/puppet-posix_acl/pull/30) ([i1tech](https://github.com/i1tech))
-- fix another Ruby error when the file doesn't exist yet [\#28](https://github.com/voxpupuli/puppet-posix_acl/pull/28) ([tequeter](https://github.com/tequeter))
-- use inspect instead of join to stringify arrays [\#27](https://github.com/voxpupuli/puppet-posix_acl/pull/27) ([tequeter](https://github.com/tequeter))
-- Do not downcase acl group/user names when checking for insync?. [\#25](https://github.com/voxpupuli/puppet-posix_acl/pull/25) ([tdevelioglu](https://github.com/tdevelioglu))
-- Check if a path exists before calling getfacl [\#23](https://github.com/voxpupuli/puppet-posix_acl/pull/23) ([roidelapluie](https://github.com/roidelapluie))
-
-## [0.0.3](https://github.com/voxpupuli/puppet-posix_acl/tree/0.0.3) (2016-01-13)
-
-[Full Changelog](https://github.com/voxpupuli/puppet-posix_acl/compare/650e19723054c74baa662d3f1589398550524b33...0.0.3)
-
-**Closed issues:**
-
-- Accept short acls. [\#4](https://github.com/voxpupuli/puppet-posix_acl/issues/4)
-
-**Merged pull requests:**
-
-- Switch from Modulefile to metadata.json [\#20](https://github.com/voxpupuli/puppet-posix_acl/pull/20) ([roidelapluie](https://github.com/roidelapluie))
-- Fix defaults: behaviour [\#19](https://github.com/voxpupuli/puppet-posix_acl/pull/19) ([roidelapluie](https://github.com/roidelapluie))
-- Add autorequire on parent ACL [\#18](https://github.com/voxpupuli/puppet-posix_acl/pull/18) ([roidelapluie](https://github.com/roidelapluie))
-- Fix ruby 1.8.7 quirks [\#17](https://github.com/voxpupuli/puppet-posix_acl/pull/17) ([dobbymoodge](https://github.com/dobbymoodge))
-- Better support for 'deep' recursive acls [\#15](https://github.com/voxpupuli/puppet-posix_acl/pull/15) ([roidelapluie](https://github.com/roidelapluie))
-- Adds space around operators in ternary expressions [\#14](https://github.com/voxpupuli/puppet-posix_acl/pull/14) ([dobbymoodge](https://github.com/dobbymoodge))
-- Add recursemode parameter to apply ACLs recursively [\#13](https://github.com/voxpupuli/puppet-posix_acl/pull/13) ([dobbymoodge](https://github.com/dobbymoodge))
-- Add the Puppetlabs Skeleton for testing [\#11](https://github.com/voxpupuli/puppet-posix_acl/pull/11) ([roidelapluie](https://github.com/roidelapluie))
-- Drop duplicate ACL's. [\#10](https://github.com/voxpupuli/puppet-posix_acl/pull/10) ([kevincox](https://github.com/kevincox))
-- Update sync [\#7](https://github.com/voxpupuli/puppet-posix_acl/pull/7) ([mwoodson](https://github.com/mwoodson))
-- Normalize ACL's. [\#5](https://github.com/voxpupuli/puppet-posix_acl/pull/5) ([kevincox](https://github.com/kevincox))
-- Make posixacl the default for the redhat family [\#3](https://github.com/voxpupuli/puppet-posix_acl/pull/3) ([nhemingway](https://github.com/nhemingway))
-- Add a acl::requirements class [\#2](https://github.com/voxpupuli/puppet-posix_acl/pull/2) ([duritong](https://github.com/duritong))
-- Fix typo and make Modulefile validate by puppet module tool [\#1](https://github.com/voxpupuli/puppet-posix_acl/pull/1) ([carlossg](https://github.com/carlossg))
-
-
-
-\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
+++ /dev/null
-Checklist (and a short version for the impatient)
-=================================================
-
- * Commits:
-
- - Make commits of logical units.
-
- - Check for unnecessary whitespace with "git diff --check" before
- committing.
-
- - Commit using Unix line endings (check the settings around "crlf" in
- git-config(1)).
-
- - Do not check in commented out code or unneeded files.
-
- - The first line of the commit message should be a short
- description (50 characters is the soft limit, excluding ticket
- number(s)), and should skip the full stop.
-
- - Associate the issue in the message. The first line should include
- the issue number in the form "(#XXXX) Rest of message".
-
- - The body should provide a meaningful commit message, which:
-
- - uses the imperative, present tense: "change", not "changed" or
- "changes".
-
- - includes motivation for the change, and contrasts its
- implementation with the previous behavior.
-
- - Make sure that you have tests for the bug you are fixing, or
- feature you are adding.
-
- - Make sure the test suites passes after your commit:
- `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below
-
- - When introducing a new feature, make sure it is properly
- documented in the README.md
-
- * Submission:
-
- * Pre-requisites:
-
- - Make sure you have a [GitHub account](https://github.com/join)
-
- - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for.
-
- * Preferred method:
-
- - Fork the repository on GitHub.
-
- - Push your changes to a topic branch in your fork of the
- repository. (the format ticket/1234-short_description_of_change is
- usually preferred for this project).
-
- - Submit a pull request to the repository in the puppetlabs
- organization.
-
-The long version
-================
-
- 1. Make separate commits for logically separate changes.
-
- Please break your commits down into logically consistent units
- which include new or changed tests relevant to the rest of the
- change. The goal of doing this is to make the diff easier to
- read for whoever is reviewing your code. In general, the easier
- your diff is to read, the more likely someone will be happy to
- review it and get it into the code base.
-
- If you are going to refactor a piece of code, please do so as a
- separate commit from your feature or bug fix changes.
-
- We also really appreciate changes that include tests to make
- sure the bug is not re-introduced, and that the feature is not
- accidentally broken.
-
- Describe the technical detail of the change(s). If your
- description starts to get too long, that is a good sign that you
- probably need to split up your commit into more finely grained
- pieces.
-
- Commits which plainly describe the things which help
- reviewers check the patch and future developers understand the
- code are much more likely to be merged in with a minimum of
- bike-shedding or requested changes. Ideally, the commit message
- would include information, and be in a form suitable for
- inclusion in the release notes for the version of Puppet that
- includes them.
-
- Please also check that you are not introducing any trailing
- whitespace or other "whitespace errors". You can do this by
- running "git diff --check" on your changes before you commit.
-
- 2. Sending your patches
-
- To submit your changes via a GitHub pull request, we _highly_
- recommend that you have them on a topic branch, instead of
- directly on "master".
- It makes things much easier to keep track of, especially if
- you decide to work on another thing before your first change
- is merged in.
-
- GitHub has some pretty good
- [general documentation](http://help.github.com/) on using
- their site. They also have documentation on
- [creating pull requests](http://help.github.com/send-pull-requests/).
-
- In general, after pushing your topic branch up to your
- repository on GitHub, you can switch to the branch in the
- GitHub UI and click "Pull Request" towards the top of the page
- in order to open a pull request.
-
-
- 3. Update the related GitHub issue.
-
- If there is a GitHub issue associated with the change you
- submitted, then you should update the ticket to include the
- location of your branch, along with any other commentary you
- may wish to make.
-
-Testing
-=======
-
-Getting Started
----------------
-
-Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby
-package manager such as [bundler](http://bundler.io/) what Ruby packages,
-or Gems, are required to build, develop, and test this software.
-
-Please make sure you have [bundler installed](http://bundler.io/#getting-started)
-on your system, then use it to install all dependencies needed for this project,
-by running
-
-```shell
-% bundle install
-Fetching gem metadata from https://rubygems.org/........
-Fetching gem metadata from https://rubygems.org/..
-Using rake (10.1.0)
-Using builder (3.2.2)
--- 8><-- many more --><8 --
-Using rspec-system-puppet (2.2.0)
-Using serverspec (0.6.3)
-Using rspec-system-serverspec (1.0.0)
-Using bundler (1.3.5)
-Your bundle is complete!
-Use `bundle show [gemname]` to see where a bundled gem is installed.
-```
-
-NOTE some systems may require you to run this command with sudo.
-
-If you already have those gems installed, make sure they are up-to-date:
-
-```shell
-% bundle update
-```
-
-With all dependencies in place and up-to-date we can now run the tests:
-
-```shell
-% bundle exec rake spec
-```
-
-This will execute all the [rspec tests](http://rspec-puppet.com/) tests
-under [spec/defines](./spec/defines), [spec/classes](./spec/classes),
-and so on. rspec tests may have the same kind of dependencies as the
-module they are testing. While the module defines in its [Modulefile](./Modulefile),
-rspec tests define them in [.fixtures.yml](./fixtures.yml).
-
-Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker)
-tests. These tests spin up a virtual machine under
-[VirtualBox](https://www.virtualbox.org/)) with, controlling it with
-[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test
-scenarios. In order to run these, you will need both of those tools
-installed on your system.
-
-You can run them by issuing the following command
-
-```shell
-% bundle exec rake spec_clean
-% bundle exec rspec spec/acceptance
-```
-
-This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml),
-install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb)
-and then run all the tests under [spec/acceptance](./spec/acceptance).
-
-Writing Tests
--------------
-
-XXX getting started writing tests.
-
-If you have commit access to the repository
-===========================================
-
-Even if you have commit access to the repository, you will still need to
-go through the process above, and have someone else review and merge
-in your changes. The rule is that all changes must be reviewed by a
-developer on the project (that did not write the code) to ensure that
-all changes go through a code review process.
-
-Having someone other than the author of the topic branch recorded as
-performing the merge is the record that they performed the code
-review.
-
-
-Additional Resources
-====================
-
-* [Getting additional help](http://puppetlabs.com/community/get-help)
-
-* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests)
-
-* [Patchwork](https://patchwork.puppetlabs.com)
-
-* [General GitHub documentation](http://help.github.com/)
-
-* [GitHub pull request documentation](http://help.github.com/send-pull-requests/)
-
+++ /dev/null
-source ENV['GEM_SOURCE'] || "https://rubygems.org"
-
-def location_for(place, fake_version = nil)
- if place =~ /^(git[:@][^#]*)#(.*)/
- [fake_version, { :git => $1, :branch => $2, :require => false }].compact
- elsif place =~ /^file:\/\/(.*)/
- ['>= 0', { :path => File.expand_path($1), :require => false }]
- else
- [place, { :require => false }]
- end
-end
-
-group :test do
- gem 'puppetlabs_spec_helper', '>= 2.11.0', :require => false
- gem 'rspec-puppet-facts', '>= 1.8.0', :require => false
- gem 'rspec-puppet-utils', :require => false
- gem 'puppet-lint-leading_zero-check', :require => false
- gem 'puppet-lint-trailing_comma-check', :require => false
- gem 'puppet-lint-version_comparison-check', :require => false
- gem 'puppet-lint-classes_and_types_beginning_with_digits-check', :require => false
- gem 'puppet-lint-unquoted_string-check', :require => false
- gem 'puppet-lint-variable_contains_upcase', :require => false
- gem 'metadata-json-lint', :require => false
- gem 'redcarpet', :require => false
- gem 'rubocop', '~> 0.49.1', :require => false if RUBY_VERSION >= '2.3.0'
- gem 'rubocop-rspec', '~> 1.15.0', :require => false if RUBY_VERSION >= '2.3.0'
- gem 'mocha', '~> 1.4.0', :require => false
- gem 'coveralls', :require => false
- gem 'simplecov-console', :require => false
- gem 'rack', '~> 1.0', :require => false if RUBY_VERSION < '2.2.2'
- gem 'parallel_tests', :require => false
-end
-
-group :development do
- gem 'travis', :require => false
- gem 'travis-lint', :require => false
- gem 'guard-rake', :require => false
- gem 'overcommit', '>= 0.39.1', :require => false
-end
-
-group :system_tests do
- gem 'winrm', :require => false
- if beaker_version = ENV['BEAKER_VERSION']
- gem 'beaker', *location_for(beaker_version)
- else
- gem 'beaker', '>= 3.9.0', :require => false
- end
- if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION']
- gem 'beaker-rspec', *location_for(beaker_rspec_version)
- else
- gem 'beaker-rspec', :require => false
- end
- gem 'serverspec', :require => false
- gem 'beaker-hostgenerator', '>= 1.1.10', :require => false
- gem 'beaker-docker', :require => false
- gem 'beaker-puppet', :require => false
- gem 'beaker-puppet_install_helper', :require => false
- gem 'beaker-module_install_helper', :require => false
- gem 'rbnacl', '>= 4', :require => false if RUBY_VERSION >= '2.2.6'
- gem 'rbnacl-libsodium', :require => false if RUBY_VERSION >= '2.2.6'
- gem 'bcrypt_pbkdf', :require => false
-end
-
-group :release do
- gem 'github_changelog_generator', :require => false, :git => 'https://github.com/github-changelog-generator/github-changelog-generator' if RUBY_VERSION >= '2.2.2'
- gem 'puppet-blacksmith', :require => false
- gem 'voxpupuli-release', :require => false, :git => 'https://github.com/voxpupuli/voxpupuli-release-gem'
- gem 'puppet-strings', '>= 1.0', :require => false
-end
-
-
-
-if facterversion = ENV['FACTER_GEM_VERSION']
- gem 'facter', facterversion.to_s, :require => false, :groups => [:test]
-else
- gem 'facter', :require => false, :groups => [:test]
-end
-
-ENV['PUPPET_VERSION'].nil? ? puppetversion = '~> 5.0' : puppetversion = ENV['PUPPET_VERSION'].to_s
-gem 'puppet', puppetversion, :require => false, :groups => [:test]
-
-# vim: syntax=ruby
+++ /dev/null
-
- Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "[]"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright [yyyy] [name of copyright owner]
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
+++ /dev/null
-#+TITLE: Acl module for Puppet
-
-* Description
-This plugin module provides a way to set POSIX 1.e (and other standards) file ACLs via Puppet.
-
-* Usage:
- - the =posix_acl= resource =title= is used as the path specifier.
- - ACLs are specified in the =permission= property as an array of strings in the same format as is used for =setfacl=.
- - the =action= parameter can be one of =set=, =exact=, =unset= or =purge=. These are described in detail below.
- - the =provider= parameter allows a choice of filesystem ACL provider. Currently only POSIX 1.e is implemented.
- - the =recursive= parameter allows you to apply the ACLs to all files under the specified path.
-
- : posix_acl { "/var/log/httpd":
- : action => set,
- : permission => [
- : "user::rwx",
- : "group::---",
- : "mask::r-x",
- : "other::---",
- : "group:logview:r-x",
- : "default:user::rwx",
- : "default:group::---",
- : "default:mask::rwx",
- : "default:other::---",
- : "default:group:logview:r-x",
- : ],
- : provider => posixacl,
- : require => [
- : Group["logview"],
- : Package["httpd"],
- : Mount["/var"],
- : ],
- : recursive => false,
- : }
-
-** Using action => set:
-The =set= option for the =action= parameter allows you to specify a minimal set of ACLs which will be guaranteed by Puppet. ACLs applied to the path which do not match those specified in the =permission= property will remain unchanged.
-*** Initial permissions:
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : group:webadmin:r-x
- : group:httpadmin:rwx
-*** Specified acls:
- : permission => [
- : 'user::rwx',
- : 'group::r-x',
- : 'other::r-x',
- : 'mask::rwx',
- : 'group:webadmin:rwx',
- : 'user:apache:rwx',
- : ],
-*** Updated permissions:
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : user:apache:rwx
- : group:webadmin:rwx
- : group:httpadmin:rwx
-** Using action => exact:
-The =exact= option for the =action= parameter will specify the exact set of ACLs guaranteed and enforced by Puppet. ACLs applied to the path which do not match those specified in the =permission= property will be removed.
-*** Initial permissions:
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : group:webadmin:r-x
- : group:httpadmin:rwx
-*** Specified acls:
- : permission => [
- : 'user::rwx',
- : 'group::r-x',
- : 'other::r-x',
- : 'mask::rwx',
- : 'group:webadmin:r--',
- : 'user:apache:rwx',
- : ],
-*** Updated permissions:
- - group:httpadmin permission is removed
- - user:apache permission is added
- - group:webadmin permission is updated
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : group:webadmin:r--
- : user:apache:rwx
-** Using action => unset:
-The =unset= option for the =action= parameter will specify the set of ACLs guaranteed by Puppet to NOT be applied to the path. ACLs applied to the path which match those specified in the =permission= property will be removed. ACLs applied to the path which do not match those specified in the =permission= property will remain unchanged.
-*** Initial permissions:
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : group:webadmin:r-x
- : group:httpadmin:rwx
-*** Specified acls:
- : permission => [
- : 'user::rwx',
- : 'group::r-x',
- : 'other::r-x',
- : 'mask::rwx',
- : 'group:webadmin:r--',
- : 'user:apache:rwx',
- : ],
-*** Updated permissions:
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : group:httpadmin:rwx
-** Using action => purge:
-The =purge= option for the =action= parameter will cause Puppet to remove any file ACLs applied to the path.
-
-NOTE: Although the =permission= property is unused for this action, it needs to have a valid ACL value for the action to work. This is a known issue.
-*** Initial permissions:
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
- : mask::rwx
- : group:webadmin:r-x
- : group:httpadmin:rwx
-*** Specified acls:
-See above
- : permission => [
- : 'user::rwx',
- : 'group::r-x',
- : 'other::r-x',
- : 'mask::rwx',
- : 'group:webadmin:r--',
- : 'user:apache:rwx',
- : ],
-*** Updated permissions:
- - All file ACLs are removed
- : # file /var/www/site1
- : user::rwx
- : group::r-x
- : other::r-x
-
-* Notes:
-** Conflicts with "file" resource type:
-If the path being modified is managed via the =File= resource type, the path's mode bits must match the value specified in the =permission= property of the ACL
-** Mask check:
-The ACL setter doesn't recalculate the rights mask based on the user/group ACLs specified, so it is possible to specify ACLs on a file for which a more restrictive set of rights is enforced, known as "effective rights". For example, with these =permission= parameters on a file =test=:
- : permission => [
- : 'user::rw-',
- : 'group::---',
- : 'mask::r--',
- : 'other::---',
- : 'user:apache:rwx',
- : 'group:root:r-x',
- : 'group:admin:rwx',
- : ],
-
-The output of =getfacl test= reveals a more restrictive set of effective rights, which might not be what was expected:
- : # file: test
- : # owner: root
- : # group: root
- : user::rw-
- : group::---
- : other::---
- : mask::r--
- : user:apache:rwx #effective:r--
- : group:root:r-x #effective:r--
- : group:admin:rwx #effective:r--
+++ /dev/null
-require 'puppetlabs_spec_helper/rake_tasks'
-
-# load optional tasks for releases
-# only available if gem group releases is installed
-begin
- require 'puppet_blacksmith/rake_tasks'
- require 'voxpupuli/release/rake_tasks'
- require 'puppet-strings/tasks'
-rescue LoadError
-end
-
-PuppetLint.configuration.log_format = '%{path}:%{line}:%{check}:%{KIND}:%{message}'
-PuppetLint.configuration.fail_on_warnings = true
-PuppetLint.configuration.send('relative')
-PuppetLint.configuration.send('disable_140chars')
-PuppetLint.configuration.send('disable_class_inherits_from_params_class')
-PuppetLint.configuration.send('disable_documentation')
-PuppetLint.configuration.send('disable_single_quote_string_with_variables')
-
-exclude_paths = %w(
- pkg/**/*
- vendor/**/*
- .vendor/**/*
- spec/**/*
-)
-PuppetLint.configuration.ignore_paths = exclude_paths
-PuppetSyntax.exclude_paths = exclude_paths
-
-desc 'Auto-correct puppet-lint offenses'
-task 'lint:auto_correct' do
- PuppetLint.configuration.fix = true
- Rake::Task[:lint].invoke
-end
-
-desc 'Run acceptance tests'
-RSpec::Core::RakeTask.new(:acceptance) do |t|
- t.pattern = 'spec/acceptance'
-end
-
-desc 'Run tests metadata_lint, release_checks'
-task test: [
- :metadata_lint,
- :release_checks,
-]
-
-desc "Run main 'test' task and report merged results to coveralls"
-task test_with_coveralls: [:test] do
- if Dir.exist?(File.expand_path('../lib', __FILE__))
- require 'coveralls/rake/task'
- Coveralls::RakeTask.new
- Rake::Task['coveralls:push'].invoke
- else
- puts 'Skipping reporting to coveralls. Module has no lib dir'
- end
-end
-
-desc "Print supported beaker sets"
-task 'beaker_sets', [:directory] do |t, args|
- directory = args[:directory]
-
- metadata = JSON.load(File.read('metadata.json'))
-
- (metadata['operatingsystem_support'] || []).each do |os|
- (os['operatingsystemrelease'] || []).each do |release|
- if directory
- beaker_set = "#{directory}/#{os['operatingsystem'].downcase}-#{release}"
- else
- beaker_set = "#{os['operatingsystem'].downcase}-#{release}-x64"
- end
-
- filename = "spec/acceptance/nodesets/#{beaker_set}.yml"
-
- puts beaker_set if File.exists? filename
- end
- end
-end
-
-begin
- require 'github_changelog_generator/task'
- GitHubChangelogGenerator::RakeTask.new :changelog do |config|
- version = (Blacksmith::Modulefile.new).version
- config.future_release = "v#{version}" if version =~ /^\d+\.\d+.\d+$/
- config.header = "# Changelog\n\nAll notable changes to this project will be documented in this file.\nEach new release typically also includes the latest modulesync defaults.\nThese should not affect the functionality of the module."
- config.exclude_labels = %w{duplicate question invalid wontfix wont-fix modulesync skip-changelog}
- config.user = 'voxpupuli'
- metadata_json = File.join(File.dirname(__FILE__), 'metadata.json')
- metadata = JSON.load(File.read(metadata_json))
- config.project = metadata['name']
- end
-rescue LoadError
-end
-# vim: syntax=ruby
+++ /dev/null
-{
- "CHANGELOG.md": "a9773633c6662eb81dc1746eab49dc25",
- "CONTRIBUTING.md": "ad65d271f183b5adb9fdd58207939f5f",
- "Gemfile": "cdd43fe4fc5ef35ddc132407551180b2",
- "LICENSE": "3b83ef96387f14655fc854ddc3c6bd57",
- "README.org": "64db9bd628c28fe105bc2be006b5fd17",
- "Rakefile": "3c6f218e7e63e1a6e24251f365423e49",
- "lib/puppet/provider/posix_acl/genericacl.rb": "4f0869eb98de0f3c8d1d7bd57d27ba96",
- "lib/puppet/provider/posix_acl/posixacl.rb": "de6392553292e752fee9426e83a33e66",
- "lib/puppet/type/posix_acl.rb": "2d5efc0bf8039f81eb28745b561dd1f6",
- "manifests/requirements.pp": "899a1e79ead355c8f98aad3520e80d39",
- "metadata.json": "4f219497dd99654406b0c37e31f8d31f",
- "spec/acceptance/nodesets/archlinux-2-x64.yml": "daafcfcb4c8c8766856f52cec6ae5e86",
- "spec/acceptance/nodesets/centos-511-x64.yml": "ca8258bc835dd985a1754689d124cd66",
- "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151",
- "spec/acceptance/nodesets/centos-6-x64.yml": "58065782a8d40780d9728257a23504cd",
- "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b",
- "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af",
- "spec/acceptance/nodesets/centos-66-x64-pe.yml": "e68e03dc562bf58f7c5bba54a1a34619",
- "spec/acceptance/nodesets/centos-7-x64.yml": "68d3556f670b8ac0a169a8270ff8c37a",
- "spec/acceptance/nodesets/debian-78-x64.yml": "56af2760a64c13a0bccd59404435939c",
- "spec/acceptance/nodesets/debian-82-x64.yml": "26f2f696e6073549fe0a844f9a46f85b",
- "spec/acceptance/nodesets/ec2/amazonlinux-2016091.yml": "b3dc2d81918fcc6d56855c88ba5b7ce8",
- "spec/acceptance/nodesets/ec2/image_templates.yaml": "516f9c4c3407993a100090ce9e1a643c",
- "spec/acceptance/nodesets/ec2/rhel-73-x64.yml": "e74670a1cb8eea32afc879a5d786f9bd",
- "spec/acceptance/nodesets/ec2/sles-12sp2-x64.yml": "2506efcc9fb420132edc37bf88d6e21d",
- "spec/acceptance/nodesets/ec2/ubuntu-1604-x64.yml": "87efd97ff1b073c3448f429a8ffc5a7c",
- "spec/acceptance/nodesets/ec2/windows-2016-base-x64.yml": "e9db4dd16c60c52b433694130c2583a0",
- "spec/acceptance/nodesets/fedora-25-x64.yml": "807fbf45f95fc7bc2af8c689d34e4160",
- "spec/acceptance/nodesets/fedora-26-x64.yml": "e7ee1e18590548ff098192c2127c6697",
- "spec/acceptance/nodesets/fedora-27-x64.yml": "326a10c4eb327ccd85775dfa0f76e5c1",
- "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297",
- "spec/acceptance/nodesets/ubuntu-server-1204-x64.yml": "0dd7639bf95bfb18169ebba9a2bac163",
- "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269",
- "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "7455367b784060b921360b29a56cd74c",
- "spec/acceptance/nodesets/ubuntu-server-1604-x64.yml": "37673118cc3bf052755d65fb5dd90226",
- "spec/default_facts.yml": "11504073ebebb30015eb85ff9805f2d9",
- "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c",
- "spec/spec_helper.rb": "2e78c273353985a5b95d70b47019a344",
- "spec/unit/puppet/provider/posixacl_spec.rb": "9715390fbd16bd566ea0784a1739facc",
- "spec/unit/puppet/type/acl_spec.rb": "e349f44546d03614e01bbc08a943778c"
-}
\ No newline at end of file
+++ /dev/null
-Puppet::Type.type(:posix_acl).provide(:genericacl, parent: Puppet::Provider) do
-end
+++ /dev/null
-Puppet::Type.type(:posix_acl).provide(:posixacl, parent: Puppet::Provider) do
- desc 'Provide posix 1e acl functions using posix getfacl/setfacl commands'
-
- commands setfacl: '/usr/bin/setfacl'
- commands getfacl: '/usr/bin/getfacl'
-
- confine feature: :posix
- defaultfor operatingsystem: [:debian, :ubuntu, :redhat, :centos, :fedora, :sles]
-
- def exists?
- permission
- end
-
- def unset_perm(perm, path)
- # Don't try to unset mode bits, it doesn't make sense!
- return if perm =~ %r{^(((u(ser)?)|(g(roup)?)|(m(ask)?)|(o(ther)?)):):}
-
- perm = perm.split(':')[0..-2].join(':')
- if check_recursive
- setfacl('-R', '-n', '-x', perm, path)
- else
- setfacl('-n', '-x', perm, path)
- end
- end
-
- def set_perm(perm, path)
- if check_recursive
- setfacl('-R', '-n', '-m', perm, path)
- else
- setfacl('-n', '-m', perm, path)
- end
- end
-
- def unset
- @resource.value(:permission).each do |perm|
- unset_perm(perm, @resource.value(:path))
- end
- end
-
- def purge
- if check_recursive
- setfacl('-R', '-b', @resource.value(:path))
- else
- setfacl('-b', @resource.value(:path))
- end
- end
-
- def permission
- return [] unless File.exist?(@resource.value(:path))
- value = []
- # String#lines would be nice, but we need to support Ruby 1.8.5
- getfacl('--absolute-names', '--no-effective', @resource.value(:path)).split("\n").each do |line|
- # Strip comments and blank lines
- value << line.gsub('\040', ' ') if line !~ %r{^#} && line != ''
- end
- value.sort
- end
-
- def check_recursive
- # Changed functionality to return boolean true or false
- @resource.value(:recursive) == :true && resource.value(:recursemode) == :lazy
- end
-
- def check_exact
- @resource.value(:action) == :exact
- end
-
- def check_unset
- @resource.value(:action) == :unset
- end
-
- def check_purge
- @resource.value(:action) == :purge
- end
-
- def check_set
- @resource.value(:action) == :set
- end
-
- def permission=(_value) # TODO: Investigate why we're not using this parameter
- Puppet.debug @resource.value(:action)
- case @resource.value(:action)
- when :unset
- unset
- when :purge
- purge
- when :exact, :set
- cur_perm = permission
- perm_to_set = @resource.value(:permission) - cur_perm
- perm_to_unset = cur_perm - @resource.value(:permission)
- return false if perm_to_set.empty? && perm_to_unset.empty?
- # Take supplied perms literally, unset any existing perms which
- # are absent from ACLs given
- if check_exact
- perm_to_unset.each do |perm|
- # Skip base perms in unset step
- if perm =~ %r{^(((u(ser)?)|(g(roup)?)|(m(ask)?)|(o(ther)?)):):}
- Puppet.debug "skipping unset of base perm: #{perm}"
- else
- unset_perm(perm, @resource.value(:path))
- end
- end
- end
- perm_to_set.each do |perm|
- set_perm(perm, @resource.value(:path))
- end
- end
- end
-end
+++ /dev/null
-require 'set'
-require 'pathname'
-
-Puppet::Type.newtype(:posix_acl) do
- desc <<-EOT
- Ensures that a set of ACL permissions are applied to a given file
- or directory.
-
- Example:
-
- posix_acl { '/var/www/html':
- action => exact,
- permission => [
- 'user::rwx',
- 'group::r-x',
- 'mask::rwx',
- 'other::r--',
- 'default:user::rwx',
- 'default:user:www-data:r-x',
- 'default:group::r-x',
- 'default:mask::rwx',
- 'default:other::r--',
- ],
- provider => posixacl,
- recursive => true,
- }
-
- In this example, Puppet will ensure that the user and group
- permissions are set recursively on /var/www/html as well as add
- default permissions that will apply to new directories and files
- created under /var/www/html
-
- Setting an ACL can change a file's mode bits, so if the file is
- managed by a File resource, that resource needs to set the mode
- bits according to what the calculated mode bits will be, for
- example, the File resource for the ACL above should be:
-
- file { '/var/www/html':
- mode => 754,
- }
- EOT
-
- newparam(:action) do
- desc 'What do we do with this list of ACLs? Options are set, unset, exact, and purge'
- newvalues(:set, :unset, :exact, :purge)
- defaultto :set
- end
-
- newparam(:path) do
- desc 'The file or directory to which the ACL applies.'
- isnamevar
- validate do |value|
- path = Pathname.new(value)
- unless path.absolute?
- raise ArgumentError, "Path must be absolute: #{path}"
- end
- end
- end
-
- newparam(:recursemode) do
- desc "Should Puppet apply the ACL recursively with the -R option or
- apply it to individual files?
-
- lazy means -R option
- deep means apply to every file"
-
- newvalues(:lazy, :deep)
- defaultto :lazy
- end
-
- # Credits to @itdoesntwork
- # http://stackoverflow.com/questions/26878341/how-do-i-tell-if-one-path-is-an-ancestor-of-another
- def self.descendant?(a, b)
- a_list = File.expand_path(a).split('/')
- b_list = File.expand_path(b).split('/')
-
- b_list[0..a_list.size - 1] == a_list && b_list != a_list
- end
-
- # Snippet based on upstream Puppet (ASL 2.0)
- [:posix_acl, :file].each do |autorequire_type|
- autorequire(autorequire_type) do
- req = []
- path = Pathname.new(self[:path])
- # rubocop:disable Style/MultilineBlockChain
- if autorequire_type != :posix_acl
- if self[:recursive] == :true
- catalog.resources.select do |r|
- r.is_a?(Puppet::Type.type(autorequire_type)) && self.class.descendant?(self[:path], r[:path])
- end.each do |found|
- req << found[:path]
- end
- end
- req << self[:path]
- end
- unless path.root?
- # Start at our parent, to avoid autorequiring ourself
- parents = path.parent.enum_for(:ascend)
- # should this be = or == ? I don't know
- if found = parents.find { |p| catalog.resource(autorequire_type, p.to_s) } # rubocop:disable Lint/AssignmentInCondition
- req << found.to_s
- end
- end
- req
- end
- # rubocop:enable Style/MultilineBlockChain
- end
- # End of Snippet
-
- autorequire(:package) do
- ['acl']
- end
-
- newproperty(:permission, array_matching: :all) do
- desc 'ACL permission(s).'
-
- def is_to_s(value) # rubocop:disable Style/PredicateName
- if value == :absent || value.include?(:absent)
- super
- else
- value.sort.inspect
- end
- end
-
- def should_to_s(value)
- if value == :absent || value.include?(:absent)
- super
- else
- value.sort.inspect
- end
- end
-
- def retrieve
- provider.permission
- end
-
- # Remove permission bits from an ACL line, eg:
- # 'user:root:rwx' becomes 'user:root:'
- def strip_perms(pl)
- Puppet.debug 'permission.strip_perms'
- value = []
- pl.each do |perm|
- unless perm =~ %r{^(((u(ser)?)|(g(roup)?)|(m(ask)?)|(o(ther)?)):):}
- perm = perm.split(':', -1)[0..-2].join(':')
- value << perm
- end
- end
- value.sort
- end
-
- # in unset_insync and set_insync the test_should has been added as a work around
- # to prevent puppet-posix_acl from interpreting recursive permission notation (e.g. rwX)
- # from causing a false mismatch. A better solution needs to be implemented to
- # recursively check permissions, not rely upon getfacl
- def unset_insync(cur_perm)
- # Puppet.debug "permission.unset_insync"
- test_should = []
- @should.each { |x| test_should << x.downcase }
- cp = strip_perms(cur_perm)
- sp = strip_perms(test_should)
- (sp - cp).sort == sp
- end
-
- def set_insync(cur_perm) # rubocop:disable Style/AccessorMethodName
- should = @should.uniq.sort
- (cur_perm.sort == should) || (provider.check_set && (should - cur_perm).empty?)
- end
-
- def purge_insync(cur_perm)
- # Puppet.debug "permission.purge_insync"
- cur_perm.each do |perm|
- # If anything other than the mode bits are set, we're not in sync
- return false unless perm =~ %r{^(((u(ser)?)|(g(roup)?)|(o(ther)?)):):}
- end
- true
- end
-
- def insync?(is)
- Puppet.debug "permission.insync? is: #{is.inspect} @should: #{@should.inspect}"
- return purge_insync(is) if provider.check_purge
- return unset_insync(is) if provider.check_unset
- set_insync(is)
- end
-
- # Munge into normalised form
- munge do |acl|
- r = ''
- a = acl.split ':', -1 # -1 keeps trailing empty fields.
- raise ArgumentError, "Too few fields. At least 3 required, got #{a.length}." if a.length < 3
- raise ArgumentError, "Too many fields. At most 4 allowed, got #{a.length}." if a.length > 4
- if a.length == 4
- d = a.shift
- raise ArgumentError, %(First field of 4 must be "d" or "default", got "#{d}".) unless %w[d default].include?(d)
- r << 'default:'
- end
- t = a.shift # Copy the type.
- r << case t
- when 'u', 'user'
- 'user:'
- when 'g', 'group'
- 'group:'
- when 'o', 'other'
- 'other:'
- when 'm', 'mask'
- 'mask:'
- else
- raise ArgumentError, %(Unknown type "#{t}", expected "user", "group", "other" or "mask".)
- end
- r << "#{a.shift}:" # Copy the "who".
- p = a.shift
- if p =~ %r{[0-7]}
- p = p.oct
- r << (p | 4 ? 'r' : '-')
- r << (p | 2 ? 'w' : '-')
- r << (p | 1 ? 'x' : '-')
- else
- # Not the most efficient but checks for multiple and invalid chars.
- s = p.tr '-', ''
- r << (s.sub!('r', '') ? 'r' : '-')
- r << (s.sub!('w', '') ? 'w' : '-')
- r << (s.sub!('x', '') ? 'x' : '-')
- raise ArgumentError, %(Invalid permission set "#{p}".) unless s.empty?
- end
- r
- end
- end
-
- newparam(:recursive) do
- desc 'Apply ACLs recursively.'
- newvalues(:true, :false)
- defaultto :false
- end
-
- def self.pick_default_perms(acl)
- acl.reject { |a| a.split(':', -1).length == 4 }
- end
-
- def newchild(path)
- options = @original_parameters.merge(name: path).reject { |_param, value| value.nil? }
- unless File.directory?(options[:name])
- options[:permission] = self.class.pick_default_perms(options[:permission]) if options.include?(:permission)
- end
- [:recursive, :recursemode, :path].each do |param|
- options.delete(param) if options.include?(param)
- end
- self.class.new(options)
- end
-
- def generate
- return [] unless self[:recursive] == :true && self[:recursemode] == :deep
- results = []
- paths = Set.new
- if File.directory?(self[:path])
- Dir.chdir(self[:path]) do
- Dir['**/*'].each do |path|
- paths << ::File.join(self[:path], path)
- end
- end
- end
- # At the time we generate extra resources, all the files might now be present yet.
- # In prediction to that we also create ACL resources for child file resources that
- # might not have been applied yet.
- catalog.resources.select do |r|
- r.is_a?(Puppet::Type.type(:file)) && self.class.descendant?(self[:path], r[:path])
- end.each do |found| # rubocop:disable Style/MultilineBlockChain
- paths << found[:path]
- end
- paths.each do |path|
- results << newchild(path)
- end
- results
- end
-
- validate do
- unless self[:permission]
- raise(Puppet::Error, 'permission is a required property.')
- end
- end
-end
+++ /dev/null
-class posix_acl::requirements {
- package { 'acl':
- ensure => 'present',
- }
-}
+++ /dev/null
-{
- "name": "puppet-posix_acl",
- "version": "0.1.1",
- "author": "Vox Pupuli",
- "summary": "Puppet ACL Module",
- "license": "Apache-2.0",
- "source": "https://github.com/voxpupuli/puppet-posix_acl.git",
- "project_page": "https://github.com/voxpupuli/puppet-posix_acl",
- "issues_url": "https://github.com/voxpupuli/puppet-posix_acl/issues",
- "dependencies": [
-
- ],
- "data_provider": null,
- "operatingsystem_support": [
- {
- "operatingsystem": "RedHat",
- "operatingsystemrelease": [
- "7"
- ]
- },
- {
- "operatingsystem": "CentOS",
- "operatingsystemrelease": [
- "7"
- ]
- },
- {
- "operatingsystem": "OracleLinux",
- "operatingsystemrelease": [
- "7"
- ]
- },
- {
- "operatingsystem": "Scientific",
- "operatingsystemrelease": [
- "7"
- ]
- }
- ],
- "requirements": [
- {
- "name": "puppet",
- "version_requirement": ">= 4.10.0 < 7.0.0"
- }
- ],
- "description": "Manages posix 1e ACLs on files, provides base classes so additional ACL standards can be supported."
-}
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- archlinux-2-x64:
- roles:
- - master
- platform: archlinux-2-x64
- box: archlinux/archlinux
- hypervisor: vagrant
-CONFIG:
- type: foss
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- centos-511-x64:
- roles:
- - master
- platform: el-5-x86_64
- box: puppetlabs/centos-5.11-64-nocm
- hypervisor: vagrant
-CONFIG:
- type: foss
-...
-# vim: syntax=yaml
+++ /dev/null
-HOSTS:
- centos-59-x64:
- roles:
- - master
- platform: el-5-x86_64
- box : centos-59-x64-vbox4210-nocm
- box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box
- hypervisor : vagrant
-CONFIG:
- type: git
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- centos-6-x64:
- roles:
- - master
- platform: el-6-x86_64
- box: centos/6
- hypervisor: vagrant
-CONFIG:
- type: aio
-...
-# vim: syntax=yaml
+++ /dev/null
-HOSTS:
- centos-64-x64:
- roles:
- - master
- - database
- - dashboard
- platform: el-6-x86_64
- box : centos-64-x64-vbox4210-nocm
- box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box
- hypervisor : vagrant
-CONFIG:
- type: pe
+++ /dev/null
-HOSTS:
- centos-65-x64:
- roles:
- - master
- platform: el-6-x86_64
- box : centos-65-x64-vbox436-nocm
- box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box
- hypervisor : vagrant
-CONFIG:
- type: foss
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- centos-66-x64:
- roles:
- - master
- - database
- - dashboard
- platform: el-6-x86_64
- box: puppetlabs/centos-6.6-64-puppet-enterprise
- hypervisor: vagrant
-CONFIG:
- type: pe
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- centos-7-x64:
- roles:
- - master
- platform: el-7-x86_64
- box: centos/7
- hypervisor: vagrant
-CONFIG:
- type: aio
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- debian-78-x64:
- roles:
- - master
- platform: debian-7-amd64
- box: puppetlabs/debian-7.8-64-nocm
- hypervisor: vagrant
-CONFIG:
- type: foss
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- debian-82-x64:
- roles:
- - master
- platform: debian-8-amd64
- box: puppetlabs/debian-8.2-64-nocm
- hypervisor: vagrant
-CONFIG:
- type: foss
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# Additional ~/.fog config file with AWS EC2 credentials
-# required.
-#
-# see: https://github.com/puppetlabs/beaker/blob/master/docs/how_to/hypervisors/ec2.md
-#
-# Amazon Linux is not a RHEL clone.
-#
-HOSTS:
- amazonlinux-2016091-x64:
- roles:
- - master
- platform: centos-6-x86_64
- hypervisor: ec2
- # refers to image_tempaltes.yaml AMI[vmname] entry:
- vmname: amazonlinux-2016091-eu-central-1
- # refers to image_tempaltes.yaml entry inside AMI[vmname][:image]:
- snapshot: aio
- # t2.micro is free tier eligible (https://aws.amazon.com/en/free/):
- amisize: t2.micro
- # required so that beaker sanitizes sshd_config and root authorized_keys:
- user: ec2-user
-CONFIG:
- type: aio
- :ec2_yaml: spec/acceptance/nodesets/ec2/image_templates.yaml
-...
-# vim: syntax=yaml
+++ /dev/null
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# see also: https://github.com/puppetlabs/beaker/blob/master/docs/how_to/hypervisors/ec2.md
-#
-# Hint: image IDs (ami-*) for the same image are different per location.
-#
-AMI:
- # Amazon Linux AMI 2016.09.1 (HVM), SSD Volume Type
- amazonlinux-2016091-eu-central-1:
- :image:
- :aio: ami-af0fc0c0
- :region: eu-central-1
- # Red Hat Enterprise Linux 7.3 (HVM), SSD Volume Type
- rhel-73-eu-central-1:
- :image:
- :aio: ami-e4c63e8b
- :region: eu-central-1
- # SUSE Linux Enterprise Server 12 SP2 (HVM), SSD Volume Type
- sles-12sp2-eu-central-1:
- :image:
- :aio: ami-c425e4ab
- :region: eu-central-1
- # Ubuntu Server 16.04 LTS (HVM), SSD Volume Type
- ubuntu-1604-eu-central-1:
- :image:
- :aio: ami-fe408091
- :region: eu-central-1
- # Microsoft Windows Server 2016 Base
- windows-2016-base-eu-central-1:
- :image:
- :aio: ami-88ec20e7
- :region: eu-central-1
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# Additional ~/.fog config file with AWS EC2 credentials
-# required.
-#
-# see: https://github.com/puppetlabs/beaker/blob/master/docs/how_to/hypervisors/ec2.md
-#
-HOSTS:
- rhel-73-x64:
- roles:
- - master
- platform: el-7-x86_64
- hypervisor: ec2
- # refers to image_tempaltes.yaml AMI[vmname] entry:
- vmname: rhel-73-eu-central-1
- # refers to image_tempaltes.yaml entry inside AMI[vmname][:image]:
- snapshot: aio
- # t2.micro is free tier eligible (https://aws.amazon.com/en/free/):
- amisize: t2.micro
- # required so that beaker sanitizes sshd_config and root authorized_keys:
- user: ec2-user
-CONFIG:
- type: aio
- :ec2_yaml: spec/acceptance/nodesets/ec2/image_templates.yaml
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# Additional ~/.fog config file with AWS EC2 credentials
-# required.
-#
-# see: https://github.com/puppetlabs/beaker/blob/master/docs/how_to/hypervisors/ec2.md
-#
-HOSTS:
- sles-12sp2-x64:
- roles:
- - master
- platform: sles-12-x86_64
- hypervisor: ec2
- # refers to image_tempaltes.yaml AMI[vmname] entry:
- vmname: sles-12sp2-eu-central-1
- # refers to image_tempaltes.yaml entry inside AMI[vmname][:image]:
- snapshot: aio
- # t2.micro is free tier eligible (https://aws.amazon.com/en/free/):
- amisize: t2.micro
- # required so that beaker sanitizes sshd_config and root authorized_keys:
- user: ec2-user
-CONFIG:
- type: aio
- :ec2_yaml: spec/acceptance/nodesets/ec2/image_templates.yaml
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# Additional ~/.fog config file with AWS EC2 credentials
-# required.
-#
-# see: https://github.com/puppetlabs/beaker/blob/master/docs/how_to/hypervisors/ec2.md
-#
-HOSTS:
- ubuntu-1604-x64:
- roles:
- - master
- platform: ubuntu-16.04-amd64
- hypervisor: ec2
- # refers to image_tempaltes.yaml AMI[vmname] entry:
- vmname: ubuntu-1604-eu-central-1
- # refers to image_tempaltes.yaml entry inside AMI[vmname][:image]:
- snapshot: aio
- # t2.micro is free tier eligible (https://aws.amazon.com/en/free/):
- amisize: t2.micro
- # required so that beaker sanitizes sshd_config and root authorized_keys:
- user: ubuntu
-CONFIG:
- type: aio
- :ec2_yaml: spec/acceptance/nodesets/ec2/image_templates.yaml
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# Additional ~/.fog config file with AWS EC2 credentials
-# required.
-#
-# see: https://github.com/puppetlabs/beaker/blob/master/docs/how_to/hypervisors/ec2.md
-#
-HOSTS:
- windows-2016-base-x64:
- roles:
- - master
- platform: windows-2016-64
- hypervisor: ec2
- # refers to image_tempaltes.yaml AMI[vmname] entry:
- vmname: windows-2016-base-eu-central-1
- # refers to image_tempaltes.yaml entry inside AMI[vmname][:image]:
- snapshot: aio
- # t2.micro is free tier eligible (https://aws.amazon.com/en/free/):
- amisize: t2.micro
- # required so that beaker sanitizes sshd_config and root authorized_keys:
- user: ec2-user
-CONFIG:
- type: aio
- :ec2_yaml: spec/acceptance/nodesets/ec2/image_templates.yaml
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-HOSTS:
- fedora-25-x64:
- roles:
- - master
- platform: fedora-25-x86_64
- box: fedora/25-cloud-base
- hypervisor: vagrant
-CONFIG:
- type: aio
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-HOSTS:
- fedora-26-x64:
- roles:
- - master
- platform: fedora-26-x86_64
- box: fedora/26-cloud-base
- hypervisor: vagrant
-CONFIG:
- type: aio
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# platform is fedora 26 because there is no puppet-agent
-# for fedora 27 as of 2017-11-17
-HOSTS:
- fedora-27-x64:
- roles:
- - master
- platform: fedora-26-x86_64
- box: fedora/27-cloud-base
- hypervisor: vagrant
-CONFIG:
- type: aio
-...
-# vim: syntax=yaml
+++ /dev/null
-HOSTS:
- ubuntu-server-10044-x64:
- roles:
- - master
- platform: ubuntu-10.04-amd64
- box : ubuntu-server-10044-x64-vbox4210-nocm
- box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box
- hypervisor : vagrant
-CONFIG:
- type: foss
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- ubuntu-server-1204-x64:
- roles:
- - master
- platform: ubuntu-12.04-amd64
- box: puppetlabs/ubuntu-12.04-64-nocm
- hypervisor: vagrant
-CONFIG:
- type: foss
-...
-# vim: syntax=yaml
+++ /dev/null
-HOSTS:
- ubuntu-server-12042-x64:
- roles:
- - master
- platform: ubuntu-12.04-amd64
- box : ubuntu-server-12042-x64-vbox4210-nocm
- box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box
- hypervisor : vagrant
-CONFIG:
- type: foss
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- ubuntu-server-1404-x64:
- roles:
- - master
- platform: ubuntu-14.04-amd64
- box: puppetlabs/ubuntu-14.04-64-nocm
- hypervisor: vagrant
-CONFIG:
- type: foss
-...
-# vim: syntax=yaml
+++ /dev/null
----
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-HOSTS:
- ubuntu-server-1604-x64:
- roles:
- - master
- platform: ubuntu-16.04-amd64
- box: puppetlabs/ubuntu-16.04-64-nocm
- hypervisor: vagrant
-CONFIG:
- type: foss
-...
-# vim: syntax=yaml
+++ /dev/null
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-#
-# use default_module_facts.yaml for module specific
-# facts.
-#
-# Hint if using with rspec-puppet-facts ("on_supported_os.each"):
-# if a same named fact exists in facterdb it will be overridden.
----
-ipaddress: "172.16.254.254"
-is_pe: false
-macaddress: "AA:AA:AA:AA:AA:AA"
+++ /dev/null
---format
-s
---colour
---loadby
-mtime
---backtrace
+++ /dev/null
-# This file is managed via modulesync
-# https://github.com/voxpupuli/modulesync
-# https://github.com/voxpupuli/modulesync_config
-require 'puppetlabs_spec_helper/module_spec_helper'
-require 'rspec-puppet-facts'
-include RspecPuppetFacts
-
-if Dir.exist?(File.expand_path('../../lib', __FILE__))
- require 'coveralls'
- require 'simplecov'
- require 'simplecov-console'
- SimpleCov.formatters = [
- SimpleCov::Formatter::HTMLFormatter,
- SimpleCov::Formatter::Console
- ]
- SimpleCov.start do
- track_files 'lib/**/*.rb'
- add_filter '/spec'
- add_filter '/vendor'
- add_filter '/.vendor'
- end
-end
-
-RSpec.configure do |c|
- default_facts = {}
- default_facts.merge!(YAML.load(File.read(File.expand_path('../default_facts.yml', __FILE__)))) if File.exist?(File.expand_path('../default_facts.yml', __FILE__))
- default_facts.merge!(YAML.load(File.read(File.expand_path('../default_module_facts.yml', __FILE__)))) if File.exist?(File.expand_path('../default_module_facts.yml', __FILE__))
- c.default_facts = default_facts
-
- # Coverage generation
- c.after(:suite) do
- RSpec::Puppet::Coverage.report!
- end
-end
+++ /dev/null
-require 'spec_helper'
-require 'rspec/mocks'
-
-provider_class = Puppet::Type.type(:posix_acl).provider(:posixacl)
-
-describe provider_class do
- it 'declares a getfacl command' do
- expect do
- provider_class.command :getfacl
- end.not_to raise_error
- end
- it 'declares a setfacl command' do
- expect do
- provider_class.command :setfacl
- end.not_to raise_error
- end
- it 'encodes spaces in group names' do
- RSpec::Mocks.with_temporary_scope do
- Puppet::Type.stubs(:getfacl).returns("group:test group:rwx\n")
- File.stubs(:exist?).returns(true)
- expect do
- provider_class.command :permission
- end == ['group:test\040group:rwx']
- end
- end
-end
+++ /dev/null
-require 'spec_helper'
-
-# rubocop:disable RSpec/MultipleExpectations
-acl_type = Puppet::Type.type(:posix_acl)
-
-describe acl_type do
- context 'when not setting parameters' do
- it 'fails without permissions' do
- expect do
- acl_type.new name: '/tmp/foo'
- end.to raise_error
- end
- end
- context 'when setting parameters' do
- it 'works with a correct permission parameter' do
- resource = acl_type.new name: '/tmp/foo', permission: ['user:root:rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:permission]).to eq(['user:root:rwx'])
- end
- it 'converts a permission string to an array' do
- resource = acl_type.new name: '/tmp/foo', permission: 'user:root:rwx'
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:permission]).to eq(['user:root:rwx'])
- end
- it 'converts the u: shorcut to user:' do
- resource = acl_type.new name: '/tmp/foo', permission: ['u:root:rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:permission]).to eq(['user:root:rwx'])
- end
- it 'converts the g: shorcut to group:' do
- resource = acl_type.new name: '/tmp/foo', permission: ['g:root:rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:permission]).to eq(['group:root:rwx'])
- end
- it 'converts the m: shorcut to mask:' do
- resource = acl_type.new name: '/tmp/foo', permission: ['m::rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:permission]).to eq(['mask::rwx'])
- end
- it 'converts the o: shorcut to other:' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:permission]).to eq(['other::rwx'])
- end
- it 'has the "set" action by default' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:action]).to eq(:set)
- end
- it 'accepts an action "set"' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], action: :set
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:action]).to eq(:set)
- end
- it 'accepts an action "purge"' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], action: :purge
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:action]).to eq(:purge)
- end
- it 'accepts an action "unset"' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], action: :unset
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:action]).to eq(:unset)
- end
- it 'accepts an action "exact"' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], action: :exact
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:action]).to eq(:exact)
- end
- it 'has path as namevar' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:path]).to eq(resource[:name])
- end
- it 'accepts a path parameter' do
- resource = acl_type.new path: '/tmp/foo', permission: ['o::rwx'], action: :exact
- expect(resource[:path]).to eq('/tmp/foo')
- expect(resource[:name]).to eq(resource[:path])
- end
- it 'is not recursive by default' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:recursive]).to eq(:false)
- end
- it 'accepts a recursive "true"' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], recursive: true
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:recursive]).to eq(:true)
- end
- it 'accepts a recurse "false"' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], recursive: false
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:recursive]).to eq(:false)
- end
- it 'gets recursemode lazy by default' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx']
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:recursemode]).to eq(:lazy)
- end
- it 'accepts a recursemode deep' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], recursemode: 'deep'
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:recursemode]).to eq(:deep)
- end
- it 'accepts a recursemode lazy' do
- resource = acl_type.new name: '/tmp/foo', permission: ['o::rwx'], recursemode: :lazy
- expect(resource[:name]).to eq('/tmp/foo')
- expect(resource[:recursemode]).to eq(:lazy)
- end
- it 'fails with a wrong action' do
- expect do
- acl_type.new name: '/tmp/foo', permission: ['o::rwx'], action: :xset
- end.to raise_error
- end
- it 'fails with a wrong recurselimit' do
- expect do
- acl_type.new name: '/tmp/foo', permission: ['o::rwx'], recurselimit: :a
- end.to raise_error
- end
- it 'fails with a wrong first argument' do
- expect do
- acl_type.new name: '/tmp/foo', permission: ['wrong::rwx']
- end.to raise_error
- end
- it 'fails with a wrong last argument' do
- expect do
- acl_type.new name: '/tmp/foo', permission: ['user::-_-']
- end.to raise_error
- end
- end
-
- context 'when removing default parameters' do
- basic_perms = ['user:foo:rwx', 'group:foo:rwx']
- advanced_perms = ['user:foo:rwx', 'group:foo:rwx', 'default:user:foo:---']
- advanced_perms_results = ['user:foo:rwx', 'group:foo:rwx']
- mysql_perms = [
- 'user:mysql:rwx',
- 'd:user:mysql:rw',
- 'mask::rwx'
- ]
- mysql_perms_results = [
- 'user:mysql:rwx',
- 'mask::rwx'
- ]
- it 'does not do anything with no defaults' do
- expect(acl_type.pick_default_perms(basic_perms)).to match_array(basic_perms)
- end
- it 'removes defaults' do
- expect(acl_type.pick_default_perms(advanced_perms)).to match_array(advanced_perms_results)
- end
- it 'removes defaults with d:' do
- expect(acl_type.pick_default_perms(mysql_perms)).to match_array(mysql_perms_results)
- end
- end
-end
-# rubocop:enable RSpec/MultipleExpectations
projects / mirror / dsa-puppet.git / commitdiff