-
-
Save natewalck/33cd7705e6d5ccdb2929 to your computer and use it in GitHub Desktop.
FileAccessControl::Macosx fix for elcap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Author:: Adam Jacob (<adam@opscode.com>) | |
# Author:: Daniel DeLeo (<dan@opscode.com>) | |
# Copyright:: Copyright (c) 2008, 2010 Opscode, Inc. | |
# License:: Apache License, Version 2.0 | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
# | |
require 'chef/log' | |
class Chef | |
# == Chef::FileAccessControl | |
# FileAccessControl objects set the owner, group and mode of +file+ to | |
# the values specified by a value object, usually a Chef::Resource. | |
class FileAccessControl | |
if RUBY_PLATFORM =~ /mswin|mingw|windows/ | |
require 'chef/file_access_control/windows' | |
include FileAccessControl::Windows | |
elsif RUBY_PLATFORM =~ /darwin/ | |
require 'chef/file_access_control/macosx' | |
include FileAccessControl::Macosx | |
else | |
require 'chef/file_access_control/unix' | |
include FileAccessControl::Unix | |
end | |
attr_reader :current_resource | |
attr_reader :resource | |
attr_reader :provider | |
attr_reader :file | |
# FileAccessControl objects set the owner, group and mode of +file+ to | |
# the values specified by +resource+. +file+ is completely independent | |
# of any file or path attribute on +resource+, so it is possible to set | |
# access control settings on a tempfile (for example). | |
# === Arguments: | |
# resource: probably a Chef::Resource::File object (or subclass), but | |
# this is not required. Must respond to +owner+, +group+, | |
# and +mode+ | |
# file: The file whose access control settings you wish to modify, | |
# given as a String. | |
# | |
# TODO requiring current_resource will break cookbook_file template_file | |
def initialize(current_resource, new_resource, provider) | |
@current_resource, @resource, @provider = current_resource, new_resource, provider | |
@file = @current_resource.path | |
@modified = false | |
end | |
def modified? | |
@modified | |
end | |
private | |
def modified | |
@modified = true | |
end | |
def log_string | |
@resource || @file | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'chef/log' | |
require 'chef/file_access_control/unix' | |
class Chef | |
class FileAccessControl | |
module Macosx | |
include FileAccessControl::Macosx | |
module ClassMethods | |
# We want to mix these in as class methods | |
def writable?(path) | |
if ::File.writable?(path) | |
true | |
else | |
if Gem::Version.new(node['platform_version']) >= Gem::Version.new('10.11') | |
get_sip_paths['exceptions'].each do |sip_path| | |
if path.to_s.match(/^#{sip_path}/) | |
true | |
else | |
false | |
end | |
end | |
end | |
end | |
end | |
def self.included(base) | |
# When this file is mixed in, make sure we also add the class methods | |
base.send :extend, ClassMethods | |
end | |
def get_sip_paths | |
sip_paths = [] | |
sip_exceptions = [] | |
::File.read('/System/Library/Sandbox/rootless.conf').split("\n").each do | entry | | |
entry = entry.split("\t\t\t\t") | |
if entry.include?("*") | |
sip_exceptions << entry[1] | |
else | |
sip_paths << entry[1] | |
end | |
end | |
sip_exceptions | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment