Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 7.x] (PUP-12041) Handle libuser's unavailability in Fedora 40 #9355

Merged
merged 1 commit into from
May 21, 2024
Merged

[Backport 7.x] (PUP-12041) Handle libuser's unavailability in Fedora 40 #9355

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 30 additions & 9 deletions lib/puppet/provider/group/groupadd.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,20 @@
value.is_a? Integer
end

optional_commands :localadd => "lgroupadd", :localdelete => "lgroupdel", :localmodify => "lgroupmod"

has_feature :manages_local_users_and_groups, :manages_members if Puppet.features.libuser?

options :members, :flag => '-M', :method => :mem
optional_commands :localadd => "lgroupadd", :localdelete => "lgroupdel", :localmodify => "lgroupmod", :purgemember => "usermod"

has_feature :manages_local_users_and_groups if Puppet.features.libuser?
has_feature :manages_members if Puppet.features.libuser? ||
(Puppet.runtime[:facter].value('os.name') == "Fedora" &&
Puppet.runtime[:facter].value('os.release.major').to_i >= 40)

# Libuser's modify command 'lgroupmod' requires '-M' flag for member additions.
# 'groupmod' command requires the '-aU' flags for it.
if Puppet.features.libuser?
options :members, :flag => '-M', :method => :mem
else
options :members, :flag => '-aU', :method => :mem
end

def exists?
return !!localgid if @resource.forcelocal?
Expand Down Expand Up @@ -58,7 +67,8 @@ def create
end

def addcmd
if @resource.forcelocal?
# The localadd command (lgroupadd) must only be called when libuser is supported.
if Puppet.features.libuser? && @resource.forcelocal?
cmd = [command(:localadd)]
@custom_environment = Puppet::Util::Libuser.getenv
else
Expand Down Expand Up @@ -86,7 +96,8 @@ def validate_members(members)
end

def modifycmd(param, value)
if @resource.forcelocal? || @resource[:members]
# The localmodify command (lgroupmod) must only be called when libuser is supported.
if Puppet.features.libuser? && (@resource.forcelocal? || @resource[:members])
cmd = [command(:localmodify)]
@custom_environment = Puppet::Util::Libuser.getenv
else
Expand All @@ -109,7 +120,8 @@ def modifycmd(param, value)
end

def deletecmd
if @resource.forcelocal?
# The localdelete command (lgroupdel) must only be called when libuser is supported.
if Puppet.features.libuser? && @resource.forcelocal?
@custom_environment = Puppet::Util::Libuser.getenv
[command(:localdelete), @resource[:name]]
else
Expand All @@ -127,7 +139,16 @@ def members_to_s(current)
end

def purge_members
localmodify('-m', members_to_s(members), @resource.name)
# The groupadd provider doesn't have the ability currently to remove members from a group, libuser does.
# Use libuser's lgroupmod command to achieve purging members if libuser is supported.
# Otherwise use the 'usermod' command.
if Puppet.features.libuser?
localmodify('-m', members_to_s(members), @resource.name)
else
members.each do |member|
purgemember('-rG', @resource.name, member)
end
end
end

private
Expand Down
19 changes: 18 additions & 1 deletion spec/unit/provider/group/groupadd_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,10 @@
end

describe "on systems with libuser" do
before do
allow(Puppet.features).to receive(:libuser?).and_return(true)
end

describe "with forcelocal=true" do
before do
described_class.has_feature(:manages_local_users_and_groups)
Expand Down Expand Up @@ -71,7 +75,7 @@
describe "with a list of members" do
before do
members.each { |m| allow(Etc).to receive(:getpwnam).with(m).and_return(true) }

allow(provider).to receive(:flag).and_return('-M')
described_class.has_feature(:manages_members)
resource[:forcelocal] = false
resource[:members] = members
Expand All @@ -92,6 +96,10 @@
end

describe "on systems with libuser" do
before do
allow(Puppet.features).to receive(:libuser?).and_return(true)
end

describe "with forcelocal=false" do
before do
described_class.has_feature(:manages_local_users_and_groups)
Expand Down Expand Up @@ -156,6 +164,7 @@
before { resource[:auth_membership] = false }

it "should add to the existing users" do
allow(provider).to receive(:flag).and_return('-M')
new_members = ['user1', 'user2', 'user3', 'user4']
allow(provider).to receive(:members).and_return(members)
expect(provider).not_to receive(:localmodify).with('-m', members.join(','), 'mygroup')
Expand Down Expand Up @@ -235,6 +244,10 @@
end

describe "on systems with the libuser and forcelocal=false" do
before do
allow(Puppet.features).to receive(:libuser?).and_return(true)
end

before do
described_class.has_feature(:manages_local_users_and_groups)
resource[:forcelocal] = :false
Expand All @@ -247,6 +260,10 @@
end

describe "on systems with the libuser and forcelocal=true" do
before do
allow(Puppet.features).to receive(:libuser?).and_return(true)
end

before do
described_class.has_feature(:manages_local_users_and_groups)
resource[:forcelocal] = :true
Expand Down
Loading