diff options
author | Tim Smith <tsmith@chef.io> | 2019-09-11 12:50:17 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-09-11 12:50:17 -0700 |
commit | 7fc5cac40f00b2f1b587574af6a1118bc63369fe (patch) | |
tree | 13eab8842ad27c7f211b12fe9f7502fe0ca8fe1c | |
parent | d775e6f3d7b584beb523546bbd0ccd85d6fdc133 (diff) | |
parent | d87c0072188d7c2f53d85ee9f37cb7244ec09b0d (diff) | |
download | chef-7fc5cac40f00b2f1b587574af6a1118bc63369fe.tar.gz |
Merge pull request #8877 from chef/release_notes_stuff
Add release notes for new user changes in 15.3
-rw-r--r-- | RELEASE_NOTES.md | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index ebb3acba6c..eb068f3278 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -42,7 +42,25 @@ The `archive_file` resource now supports archives in the RAR 5.0 format as well ### user -The `user` resource now allows specifying the `gid` property as a string. For example: +#### macOS 10.14 / 10.15 support + +The `user` resource now supports the creation of users on macOS 10.14 and 10.15 systems. The updated resource now complies with macOS TCC policies by using a user with admin privileges to create and modify users. The following new properties have been added for macOS user creation: + +* `admin` sets a user to be an admin. + +* `admin_username` and `admin_password` define the admin user credentials required for toggling SecureToken for a user. The value of 'admin_username' must correspond to a system user that is part of the 'admin' with SecureToken enabled in order to toggle SecureToken. + +* `secure_token` is a boolean property that sets the desired state for SecureToken. FileVault requires a SecureToken for full disk encryption. + +* `secure_token_password` is the plaintext password required to enable or disable `secure_token` for a user. If no salt is specified we assume the 'password' property corresponds to a plaintext password and will attempt to use it in place of secure_token_password if it is not set. + +#### Password property is now sensitive + +The `password` property is now set to sensitive to prevent the password from being shown in debug or failure logs. + +#### gid property can now be a string + +The `gid` property now allows specifying the user's gid as a string. For example: ```ruby user 'tim' do |