diff options
| author | Thom May <thom@may.lt> | 2016-02-16 18:48:42 +0000 |
|---|---|---|
| committer | Thom May <thom@may.lt> | 2016-02-16 18:48:42 +0000 |
| commit | 94494e761763b877c3ef3b52eee9ac9df2186340 (patch) | |
| tree | 8ded67175e2d6202ecce1931f8ca740ec64dfd24 | |
| parent | a95a87d50c9e5af2fbd583afcf972880656d1a4b (diff) | |
| parent | 8e0d3cab1775cc016224f2b00f8e143ee52f0304 (diff) | |
| download | chef-94494e761763b877c3ef3b52eee9ac9df2186340.tar.gz | |
Merge pull request #4465 from artursitarski/change-shell-for-locked-user
Change shell for locked user.
| -rw-r--r-- | lib/chef/provider/user/useradd.rb | 4 | ||||
| -rw-r--r-- | spec/functional/resource/user/useradd_spec.rb | 3 | ||||
| -rw-r--r-- | spec/support/shared/unit/provider/useradd_based_user_provider.rb | 8 |
3 files changed, 9 insertions, 6 deletions
diff --git a/lib/chef/provider/user/useradd.rb b/lib/chef/provider/user/useradd.rb index e2f5b5897a..8f41ca3f5d 100644 --- a/lib/chef/provider/user/useradd.rb +++ b/lib/chef/provider/user/useradd.rb @@ -93,11 +93,11 @@ class Chef end def lock_user - shell_out!("usermod", "-L", new_resource.username) + shell_out!("usermod", "-L", "-s", "/bin/false", new_resource.username) end def unlock_user - shell_out!("usermod", "-U", new_resource.username) + shell_out!("usermod", "-U", "-s", new_resource.shell, new_resource.username) end def compile_command(base_command) diff --git a/spec/functional/resource/user/useradd_spec.rb b/spec/functional/resource/user/useradd_spec.rb index 84757cc197..b376e5b28b 100644 --- a/spec/functional/resource/user/useradd_spec.rb +++ b/spec/functional/resource/user/useradd_spec.rb @@ -144,6 +144,7 @@ describe Chef::Provider::User::Useradd, metadata do let(:password) { nil } let(:system) { false } let(:comment) { nil } + let(:shell) { nil } let(:user_resource) do r = Chef::Resource::User.new("TEST USER RESOURCE", run_context) @@ -154,6 +155,7 @@ describe Chef::Provider::User::Useradd, metadata do r.manage_home(manage_home) r.password(password) r.system(system) + r.shell(shell) r end @@ -625,6 +627,7 @@ describe Chef::Provider::User::Useradd, metadata do context "when the user exists" do include_context "user exists for lock/unlock" + let(:shell) { "/bin/bash" } before do begin diff --git a/spec/support/shared/unit/provider/useradd_based_user_provider.rb b/spec/support/shared/unit/provider/useradd_based_user_provider.rb index 6677a069ea..b792c43fd7 100644 --- a/spec/support/shared/unit/provider/useradd_based_user_provider.rb +++ b/spec/support/shared/unit/provider/useradd_based_user_provider.rb @@ -365,15 +365,15 @@ shared_examples_for "a useradd-based user provider" do |supported_useradd_option end describe "when locking the user" do - it "should run usermod -L with the new resources username" do - expect(provider).to receive(:shell_out!).with("usermod", "-L", @new_resource.username) + it "should run usermod -L -s /bin/false with the new resources username" do + expect(provider).to receive(:shell_out!).with("usermod", "-L", "-s", "/bin/false", @new_resource.username) provider.lock_user end end describe "when unlocking the user" do - it "should run usermod -L with the new resources username" do - expect(provider).to receive(:shell_out!).with("usermod", "-U", @new_resource.username) + it "should run usermod -U -s with the new resources shell and username" do + expect(provider).to receive(:shell_out!).with("usermod", "-U", "-s", @new_resource.shell, @new_resource.username) provider.unlock_user end end |