From 39aa2a021a119ae3f858bc039b94c440d7a26bfd Mon Sep 17 00:00:00 2001 From: Benedikt Trefzer Date: Sun, 6 Dec 2020 15:21:30 +0100 Subject: [PATCH] add possibility to manage permissions for dhparam --- lib/puppet/provider/dhparam/openssl.rb | 8 +++++++- lib/puppet/type/dhparam.rb | 27 ++++++++++++++++++++++++++ spec/unit/puppet/type/dhparam_spec.rb | 16 +++++++++++++++ 3 files changed, 50 insertions(+), 1 deletion(-) diff --git a/lib/puppet/provider/dhparam/openssl.rb b/lib/puppet/provider/dhparam/openssl.rb index 7eca3c5d..0181408e 100644 --- a/lib/puppet/provider/dhparam/openssl.rb +++ b/lib/puppet/provider/dhparam/openssl.rb @@ -1,7 +1,12 @@ # frozen_string_literal: true require 'pathname' -Puppet::Type.type(:dhparam).provide(:openssl) do +require File.join(File.dirname(__FILE__), '..', '..', '..', 'puppet/provider/openssl') + +Puppet::Type.type(:dhparam).provide( + :openssl, + parent: Puppet::Provider::Openssl, +) do desc 'Manages dhparam files with OpenSSL' commands openssl: 'openssl' @@ -19,6 +24,7 @@ def create options.insert(1, '-dsaparam') if resource[:fastmode] openssl options + set_file_perm(resource[:path], resource[:owner], resource[:group], resource[:mode]) end def destroy diff --git a/lib/puppet/type/dhparam.rb b/lib/puppet/type/dhparam.rb index bce7bd10..3ec2a948 100644 --- a/lib/puppet/type/dhparam.rb +++ b/lib/puppet/type/dhparam.rb @@ -34,4 +34,31 @@ autorequire(:file) do Pathname.new(self[:path]).parent.to_s end + + newproperty(:owner) do + desc 'owner of the file' + validate do |value| + unless value =~ %r{^\w+} + raise ArgumentError, '%s is not a valid user name' % value + end + end + end + + newproperty(:group) do + desc 'group of the file' + validate do |value| + unless value =~ %r{^\w+} + raise ArgumentError, '%s is not a valid group name' % value + end + end + end + + newproperty(:mode) do + desc 'mode of the file' + validate do |value| + unless value =~ %r{^0\d\d\d$} + raise ArgumentError, '%s is not a valid file mode' % value + end + end + end end diff --git a/spec/unit/puppet/type/dhparam_spec.rb b/spec/unit/puppet/type/dhparam_spec.rb index 935ff505..2a348e3e 100644 --- a/spec/unit/puppet/type/dhparam_spec.rb +++ b/spec/unit/puppet/type/dhparam_spec.rb @@ -38,4 +38,20 @@ resource[:size] = 1.5 end.to raise_error(Puppet::Error, %r{Size must be a positive integer: 1.5}) end + + it 'accepts mode' do + resource[:mode] = '0700' + expect(resource[:mode]).to eq('0700') + end + + it 'accepts owner' do + resource[:owner] = 'someone' + expect(resource[:owner]).to eq('someone') + end + + it 'accepts group' do + resource[:group] = 'party' + expect(resource[:group]).to eq('party') + end + end