Skip to content

Commit

Permalink
add possibility to manage permissions for dhparam
Browse files Browse the repository at this point in the history
  • Loading branch information
@trefzer
trefzer committed Apr 10, 2022
1 parent 5894c65 commit 39aa2a0
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 1 deletion.
8 changes: 7 additions & 1 deletion lib/puppet/provider/dhparam/openssl.rb
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,12 @@
# frozen_string_literal: true

require 'pathname'
Puppet::Type.type(:dhparam).provide(:openssl) do
require File.join(File.dirname(__FILE__), '..', '..', '..', 'puppet/provider/openssl')

Puppet::Type.type(:dhparam).provide(
:openssl,
parent: Puppet::Provider::Openssl,
) do
desc 'Manages dhparam files with OpenSSL'

commands openssl: 'openssl'
Expand All @@ -19,6 +24,7 @@ def create
options.insert(1, '-dsaparam') if resource[:fastmode]

openssl options
set_file_perm(resource[:path], resource[:owner], resource[:group], resource[:mode])
end

def destroy
Expand Down
27 changes: 27 additions & 0 deletions lib/puppet/type/dhparam.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,31 @@
autorequire(:file) do
Pathname.new(self[:path]).parent.to_s
end

newproperty(:owner) do
desc 'owner of the file'
validate do |value|
unless value =~ %r{^\w+}
raise ArgumentError, '%s is not a valid user name' % value
end
end
end

newproperty(:group) do
desc 'group of the file'
validate do |value|
unless value =~ %r{^\w+}
raise ArgumentError, '%s is not a valid group name' % value
end
end
end

newproperty(:mode) do
desc 'mode of the file'
validate do |value|
unless value =~ %r{^0\d\d\d$}
raise ArgumentError, '%s is not a valid file mode' % value
end
end
end
end
16 changes: 16 additions & 0 deletions spec/unit/puppet/type/dhparam_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,20 @@
resource[:size] = 1.5
end.to raise_error(Puppet::Error, %r{Size must be a positive integer: 1.5})
end

it 'accepts mode' do
resource[:mode] = '0700'
expect(resource[:mode]).to eq('0700')
end

it 'accepts owner' do
resource[:owner] = 'someone'
expect(resource[:owner]).to eq('someone')
end

it 'accepts group' do
resource[:group] = 'party'
expect(resource[:group]).to eq('party')
end

end

0 comments on commit 39aa2a0

Please sign in to comment.