diff options
author | Lamont Granquist <lamont@opscode.com> | 2013-04-16 18:07:30 -0700 |
---|---|---|
committer | Lamont Granquist <lamont@opscode.com> | 2013-04-16 18:07:30 -0700 |
commit | 86fbcb043eb99062d836e1da522770724a9ab5a8 (patch) | |
tree | a31d193713a734ed155a7a5684a0e22c56fa66f4 /lib | |
parent | 540097f5ea50fac9bbdb53c12e9ecace338f0177 (diff) | |
download | chef-86fbcb043eb99062d836e1da522770724a9ab5a8.tar.gz |
fully implemented windows mv deployment
Diffstat (limited to 'lib')
-rw-r--r-- | lib/chef/provider/file/deploy/mv_windows.rb | 52 |
1 files changed, 34 insertions, 18 deletions
diff --git a/lib/chef/provider/file/deploy/mv_windows.rb b/lib/chef/provider/file/deploy/mv_windows.rb index eec4b79887..12e4696e81 100644 --- a/lib/chef/provider/file/deploy/mv_windows.rb +++ b/lib/chef/provider/file/deploy/mv_windows.rb @@ -28,39 +28,55 @@ class Chef class File class Deploy class MvWindows + + Security = Chef::ReservedNames::Win32::Security + ACL = Security::ACL + def create(file) Chef::Log.debug("touching #{file} to create it") FileUtils.touch(file) end ALL_ACLS = - Chef::ReservedNames::Win32::Security::OWNER_SECURITY_INFORMATION | - Chef::ReservedNames::Win32::Security::GROUP_SECURITY_INFORMATION | - Chef::ReservedNames::Win32::Security::DACL_SECURITY_INFORMATION - #Chef::ReservedNames::Win32::Security::SACL_SECURITY_INFORMATION + Security::OWNER_SECURITY_INFORMATION | + Security::GROUP_SECURITY_INFORMATION | + Security::DACL_SECURITY_INFORMATION | + Security::SACL_SECURITY_INFORMATION def deploy(src, dst) - result = Chef::ReservedNames::Win32::Security.get_named_security_info(dst, :SE_FILE_OBJECT, ALL_ACLS) + dst_so = Security::SecurableObject.new(dst) + + # FIXME: catch exception when we can't elevate privs? + dst_sd = dst_so.security_descriptor(true) # get the sd with the SACL + + #result = Security.get_named_security_info(dst, :SE_FILE_OBJECT, ALL_ACLS) + + if dst_sd.dacl_present? + apply_dacl = ACL.create(dst_sd.dacl.select { |ace| !ace.inherited? }) + end + if dst_sd.sacl_present? + apply_sacl = ACL.create(dst_sd.sacl.select { |ace| !ace.inherited? }) + end + + Chef::Log.debug("applying owner #{dst_sd.owner} to staged file") + Chef::Log.debug("applying group #{dst_sd.group} to staged file") + Chef::Log.debug("applying dacl #{dst_sd.dacl} to staged file") if dst_sd.dacl_present? + Chef::Log.debug("applying dacl inheritance to staged file") if dst_sd.dacl_inherits? + Chef::Log.debug("applying sacl #{dst_sd.sacl} to staged file") if dst_sd.sacl_present? + Chef::Log.debug("applying sacl inheritance to staged file") if dst_sd.sacl_inherits? - Chef::Log.debug("applying owner #{result.owner} to staged file") - Chef::Log.debug("applying group #{result.group} to staged file") - Chef::Log.debug("applying dacl #{result.dacl} to staged file") - Chef::Log.debug("applying dacl inheritance to staged file") if result.dacl_inherits? + # FIXME: self_relative? - # FIXME: SACL - # FIXME: inheritance - # FIXME: control? - # FIXME: filter out inherited DACLs - so = Chef::ReservedNames::Win32::Security::SecurableObject.new(src) + so = Security::SecurableObject.new(src) - so.set_dacl(result.dacl, result.dacl_inherits?) + so.set_dacl(apply_dacl, dst_sd.dacl_inherits?) if dst_sd.dacl_present? - so.group = result.group + so.group = dst_sd.group - so.owner = result.owner + so.owner = dst_sd.owner - #so.set_sacl(result.sacl, result.sacl_inherits?) + so.set_sacl(apply_sacl, dst_sd.sacl_inherits?) if dst_sd.sacl_present? FileUtils.mv(src, dst) end |