diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/chef/cookbook/metadata.rb | 9 | ||||
| -rw-r--r-- | lib/chef/cookbook_loader.rb | 2 | ||||
| -rw-r--r-- | lib/chef/deprecated.rb | 10 | ||||
| -rw-r--r-- | lib/chef/dsl/platform_introspection.rb | 2 | ||||
| -rw-r--r-- | lib/chef/dsl/reboot_pending.rb | 6 | ||||
| -rw-r--r-- | lib/chef/knife.rb | 2 | ||||
| -rw-r--r-- | lib/chef/knife/bootstrap/templates/README.md | 4 | ||||
| -rw-r--r-- | lib/chef/knife/core/ui.rb | 2 | ||||
| -rw-r--r-- | lib/chef/knife/edit.rb | 2 | ||||
| -rw-r--r-- | lib/chef/mixin/api_version_request_handling.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider/batch.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider/package/rubygems.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider/powershell_script.rb | 4 | ||||
| -rw-r--r-- | lib/chef/provider/windows_script.rb | 4 | ||||
| -rw-r--r-- | lib/chef/resource/cron.rb | 2 | ||||
| -rw-r--r-- | lib/chef/resource/cron_d.rb | 2 | ||||
| -rw-r--r-- | lib/chef/resource/timezone.rb | 21 | ||||
| -rw-r--r-- | lib/chef/resource/windows_security_policy.rb | 90 | ||||
| -rw-r--r-- | lib/chef/resources.rb | 1 | ||||
| -rw-r--r-- | lib/chef/shell/ext.rb | 2 | ||||
| -rw-r--r-- | lib/chef/version.rb | 2 |
22 files changed, 127 insertions, 48 deletions
diff --git a/lib/chef/cookbook/metadata.rb b/lib/chef/cookbook/metadata.rb index d5821a799e..ad7acb0e7b 100644 --- a/lib/chef/cookbook/metadata.rb +++ b/lib/chef/cookbook/metadata.rb @@ -604,7 +604,7 @@ class Chef msg = <<~OBSOLETED The dependency specification syntax you are using is no longer valid. You may not specify more than one version constraint for a particular cookbook. - Consult https://docs.chef.io/config_rb_metadata.html for the updated syntax. + Consult https://docs.chef.io/config_rb_metadata/ for the updated syntax. Called by: #{caller_name} '#{dep_name}', #{version_constraints.map(&:inspect).join(", ")} Called from: @@ -621,9 +621,10 @@ class Chef msg = <<~INVALID The version constraint syntax you are using is not valid. If you recently - upgraded to Chef 0.10.0, be aware that you no may longer use "<<" and ">>" for - 'less than' and 'greater than'; use '<' and '>' instead. - Consult https://docs.chef.io/config_rb_metadata.html for more information. + upgraded from Chef Infra releases before 0.10, be aware that you no may + longer use "<<" and ">>" for 'less than' and 'greater than'; use '<' and + '>' instead. Consult https://docs.chef.io/config_rb_metadata/ for more + information. Called by: #{caller_name} '#{dep_name}', '#{constraint_str}' Called from: diff --git a/lib/chef/cookbook_loader.rb b/lib/chef/cookbook_loader.rb index f02b07eaaf..68e678c928 100644 --- a/lib/chef/cookbook_loader.rb +++ b/lib/chef/cookbook_loader.rb @@ -88,7 +88,7 @@ class Chef # @return [Chef::CookbookVersion] def load_cookbook(cookbook_name) unless cookbook_version_loaders.key?(cookbook_name) - raise Exceptions::CookbookNotFoundInRepo, "Cannot find a cookbook named #{cookbook_name}; did you forget to add metadata to a cookbook? (https://docs.chef.io/config_rb_metadata.html)" + raise Exceptions::CookbookNotFoundInRepo, "Cannot find a cookbook named #{cookbook_name}; did you forget to add metadata to a cookbook? (https://docs.chef.io/config_rb_metadata/)" end return cookbooks_by_name[cookbook_name] if cookbooks_by_name.key?(cookbook_name) diff --git a/lib/chef/deprecated.rb b/lib/chef/deprecated.rb index 4817c1e8ec..3d6ced6526 100644 --- a/lib/chef/deprecated.rb +++ b/lib/chef/deprecated.rb @@ -47,7 +47,7 @@ class Chef # # @return [String] def url - "#{BASE_URL}#{self.class.doc_page}" + "#{BASE_URL}#{self.class.doc_page}/" end # Render the user-visible message for this deprecation. @@ -104,7 +104,7 @@ class Chef # # @example # class MyDeprecation < Base - # target 123, "my_deprecation.html" + # target 123, "my_deprecation" # end # @param id [Integer] Deprecation ID number. This must be unique among # all deprecations. @@ -113,7 +113,7 @@ class Chef # @return [void] def target(id, page = nil) @deprecation_id = id - @doc_page = page || "#{deprecation_key}.html" + @doc_page = page || "#{deprecation_key}" end end end @@ -137,7 +137,7 @@ class Chef end class CustomResource < Base - target 5, "custom_resource_cleanups.html" + target 5, "custom_resource_cleanups" end class EasyInstall < Base @@ -235,7 +235,7 @@ class Chef class Generic < Base def url - "https://docs.chef.io/chef_deprecations_client.html" + "https://docs.chef.io/chef_deprecations_client/" end def to_s diff --git a/lib/chef/dsl/platform_introspection.rb b/lib/chef/dsl/platform_introspection.rb index 9ce3aa3513..521eea76b6 100644 --- a/lib/chef/dsl/platform_introspection.rb +++ b/lib/chef/dsl/platform_introspection.rb @@ -252,7 +252,7 @@ class Chef # @deprecated Windows releases before Windows 2012 and 8 are no longer supported # @return [Boolean] Is the system older than Windows 8 / 2012 def older_than_win_2012_or_8?(node = run_context.nil? ? nil : run_context.node) - node["platform_version"].to_f < 6.2 + false # we don't support platforms that would be true end # ^^^^^^ NOTE: PLEASE DO NOT CONTINUE TO ADD THESE KINDS OF PLATFORM_VERSION APIS WITHOUT ^^^^^^^ diff --git a/lib/chef/dsl/reboot_pending.rb b/lib/chef/dsl/reboot_pending.rb index e554ca83ad..e19faad881 100644 --- a/lib/chef/dsl/reboot_pending.rb +++ b/lib/chef/dsl/reboot_pending.rb @@ -39,11 +39,11 @@ class Chef # http://technet.microsoft.com/en-us/library/cc960241.aspx registry_value_exists?('HKLM\SYSTEM\CurrentControlSet\Control\Session Manager', { name: "PendingFileRenameOperations" }) || - # RebootRequired key contains Update IDs with a value of 1 if they require a reboot. - # The existence of RebootRequired alone is sufficient on my Windows 8.1 workstation in Windows Update + # RebootRequired key contains Update IDs with a value of 1 if they require a reboot. + # The existence of RebootRequired alone is sufficient on my Windows 8.1 workstation in Windows Update registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired') || - # Vista + Server 2008 and newer may have reboots pending from CBS + # Vista + Server 2008 and newer may have reboots pending from CBS registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending') elsif platform?("ubuntu") # This should work for Debian as well if update-notifier-common happens to be installed. We need an API for that. diff --git a/lib/chef/knife.rb b/lib/chef/knife.rb index 2975dcb4e9..0debcbc429 100644 --- a/lib/chef/knife.rb +++ b/lib/chef/knife.rb @@ -191,7 +191,7 @@ class Chef config_loader.profile = profile config_loader.load - ui.warn("No knife configuration file found. See https://docs.chef.io/config_rb_knife.html for details.") if config_loader.no_config_found? + ui.warn("No knife configuration file found. See https://docs.chef.io/config_rb/ for details.") if config_loader.no_config_found? config_loader rescue Exceptions::ConfigurationError => e diff --git a/lib/chef/knife/bootstrap/templates/README.md b/lib/chef/knife/bootstrap/templates/README.md index b5bca25d8e..7f28f8f40f 100644 --- a/lib/chef/knife/bootstrap/templates/README.md +++ b/lib/chef/knife/bootstrap/templates/README.md @@ -5,7 +5,7 @@ standardized on the [Omnibus](https://github.com/chef/omnibus) built installatio packages. The 'chef-full' template downloads a script which is used to determine the correct -Omnibus package for this system from the [Omnitruck](https://docs.chef.io/api_omnitruck.html) API. +Omnibus package for this system from the [Omnitruck](https://docs.chef.io/api_omnitruck/) API. You can still utilize custom bootstrap templates on your system if your installation -needs are unique. Additional information can be found on the [docs site](https://docs.chef.io/knife_bootstrap.html#custom-templates). +needs are unique. Additional information can be found on the [docs site](https://docs.chef.io/knife_bootstrap/#custom-templates). diff --git a/lib/chef/knife/core/ui.rb b/lib/chef/knife/core/ui.rb index 0dfa1db79c..03b11a1b4d 100644 --- a/lib/chef/knife/core/ui.rb +++ b/lib/chef/knife/core/ui.rb @@ -216,7 +216,7 @@ class Chef tf.sync = true tf.puts output tf.close - raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_setup.html for details." unless system("#{config[:editor]} #{tf.path}") + raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_setup/ for details." unless system("#{config[:editor]} #{tf.path}") output = IO.read(tf.path) end diff --git a/lib/chef/knife/edit.rb b/lib/chef/knife/edit.rb index e1e9ee1b0d..caca201566 100644 --- a/lib/chef/knife/edit.rb +++ b/lib/chef/knife/edit.rb @@ -74,7 +74,7 @@ class Chef # Let the user edit the temporary file unless system("#{config[:editor]} #{file.path}") - raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_setup.html for details." + raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_setup/ for details." end result_text = IO.read(file.path) diff --git a/lib/chef/mixin/api_version_request_handling.rb b/lib/chef/mixin/api_version_request_handling.rb index c2f7a3203f..776190f3a4 100644 --- a/lib/chef/mixin/api_version_request_handling.rb +++ b/lib/chef/mixin/api_version_request_handling.rb @@ -55,7 +55,7 @@ class Chef The server that received the request supports a min version of #{min_version} and a max version of #{max_version}. User keys are now managed via the key rotation commmands. Please refer to the documentation on how to manage your keys via the key rotation commands: - https://docs.chef.io/server_security.html#key-rotation + https://docs.chef.io/ctl_chef_server/#key-rotation EOH end diff --git a/lib/chef/provider.rb b/lib/chef/provider.rb index 06e0341089..07cdea6dfc 100644 --- a/lib/chef/provider.rb +++ b/lib/chef/provider.rb @@ -63,7 +63,7 @@ class Chef # # @return [void] def self.action(name, &block) - # We need the block directly in a method so that `super` works. + # We need the block directly in a method so that `return` works. define_method("compile_action_#{name}", &block) class_eval <<-EOM def action_#{name} diff --git a/lib/chef/provider/batch.rb b/lib/chef/provider/batch.rb index 21dc8f84dd..00593707e7 100644 --- a/lib/chef/provider/batch.rb +++ b/lib/chef/provider/batch.rb @@ -1,6 +1,6 @@ # # Author:: Adam Edwards (<adamed@chef.io>) -# Copyright:: Copyright 2013-2016, Chef Software Inc. +# Copyright:: Copyright 2013-2020, Chef Software Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/lib/chef/provider/package/rubygems.rb b/lib/chef/provider/package/rubygems.rb index 876a90392c..60df50ddd3 100644 --- a/lib/chef/provider/package/rubygems.rb +++ b/lib/chef/provider/package/rubygems.rb @@ -403,7 +403,7 @@ class Chef "Gem options must be passed to gem_package as a string instead of a hash when", "using this installation of #{Chef::Dist::PRODUCT} because it runs with its own packaged Ruby. A hash", "may only be used when installing a gem to the same Ruby installation that #{Chef::Dist::PRODUCT} is", - "running under. See https://docs.chef.io/resource_gem_package.html for more information.", + "running under. See https://docs.chef.io/resources/gem_package/ for more information.", "Error raised at #{new_resource} from #{new_resource.source_line}", ].join("\n") raise ArgumentError, msg diff --git a/lib/chef/provider/powershell_script.rb b/lib/chef/provider/powershell_script.rb index f7979ca6f5..00cc450253 100644 --- a/lib/chef/provider/powershell_script.rb +++ b/lib/chef/provider/powershell_script.rb @@ -1,6 +1,6 @@ # # Author:: Adam Edwards (<adamed@chef.io>) -# Copyright:: Copyright 2013-2016, Chef Software Inc. +# Copyright:: Copyright 2013-2020, Chef Software Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -32,7 +32,7 @@ class Chef action :run do validate_script_syntax! - super + super() end def command diff --git a/lib/chef/provider/windows_script.rb b/lib/chef/provider/windows_script.rb index c4ea244ea1..4325236607 100644 --- a/lib/chef/provider/windows_script.rb +++ b/lib/chef/provider/windows_script.rb @@ -1,6 +1,6 @@ # # Author:: Adam Edwards (<adamed@chef.io>) -# Copyright:: Copyright 2013-2016, Chef Software Inc. +# Copyright:: Copyright 2013-2020, Chef Software Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -54,7 +54,7 @@ class Chef end begin - super + super() rescue raise ensure diff --git a/lib/chef/resource/cron.rb b/lib/chef/resource/cron.rb index 1396ee6cf3..ff28550001 100644 --- a/lib/chef/resource/cron.rb +++ b/lib/chef/resource/cron.rb @@ -135,7 +135,7 @@ class Chef end property :time, Symbol, - description: "A time interval. Possible values: :annually, :daily, :hourly, :midnight, :monthly, :reboot, :weekly, or :yearly.", + description: "A time interval.", equal_to: Chef::Provider::Cron::SPECIAL_TIME_VALUES property :mailto, String, diff --git a/lib/chef/resource/cron_d.rb b/lib/chef/resource/cron_d.rb index 270edfd705..befe951a35 100644 --- a/lib/chef/resource/cron_d.rb +++ b/lib/chef/resource/cron_d.rb @@ -147,7 +147,7 @@ class Chef property :cookbook, String, desired_state: false property :predefined_value, String, - description: 'Schedule your cron job with one of the special predefined value instead of ** * pattern. This correspond to "@reboot", "@yearly", "@annually", "@monthly", "@weekly", "@daily", "@midnight" or "@hourly".', + description: "Schedule your cron job with one of the special predefined value instead of ** * pattern.", equal_to: %w{ @reboot @yearly @annually @monthly @weekly @daily @midnight @hourly } property :minute, [Integer, String], diff --git a/lib/chef/resource/timezone.rb b/lib/chef/resource/timezone.rb index df92495703..32727c1a75 100644 --- a/lib/chef/resource/timezone.rb +++ b/lib/chef/resource/timezone.rb @@ -37,14 +37,14 @@ class Chef description "Set the timezone." # some linux systems may be missing the timezone data - if node["os"] == "linux" + if linux? package "tzdata" do - package_name platform_family?("suse") ? "timezone" : "tzdata" + package_name suse? ? "timezone" : "tzdata" end end - # Modern Amazon, Fedora, RHEL, Ubuntu & Debian - if node["init_package"] == "systemd" + # Modern SUSE, Amazon, Fedora, RHEL, Ubuntu & Debian + if systemd? cmd_set_tz = "/usr/bin/timedatectl --no-ask-password set-timezone #{new_resource.timezone}" cmd_check_if_set = "/usr/bin/timedatectl status" @@ -78,19 +78,6 @@ class Chef to "/usr/share/zoneinfo/#{new_resource.timezone}" not_if { ::File.executable?("/usr/sbin/tzdata-update") } end - # debian < 8 and Ubuntu < 16.04 - when "debian" - file "/etc/timezone" do - action :create - content "#{new_resource.timezone}\n" - end - - bash "dpkg-reconfigure tzdata" do - user "root" - code "/usr/sbin/dpkg-reconfigure -f noninteractive tzdata" - action :nothing - subscribes :run, "file[/etc/timezone]", :immediately - end when "mac_os_x" unless current_darwin_tz == new_resource.timezone converge_by("set timezone to #{new_resource.timezone}") do diff --git a/lib/chef/resource/windows_security_policy.rb b/lib/chef/resource/windows_security_policy.rb new file mode 100644 index 0000000000..65d52acca8 --- /dev/null +++ b/lib/chef/resource/windows_security_policy.rb @@ -0,0 +1,90 @@ +# +# Author:: Ashwini Nehate (<anehate@chef.io>) +# Author:: Davin Taddeo (<davin@chef.io>) +# Author:: Jeff Brimager (<jbrimager@chef.io>) +# Copyright:: 2019-2020, Chef Software Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +require_relative "../resource" + +class Chef + class Resource + class WindowsSecurityPolicy < Chef::Resource + resource_name :windows_security_policy + + # The valid policy_names options found here + # https://github.com/ChrisAWalker/cSecurityOptions under 'AccountSettings' + policy_names = %w{MinimumPasswordAge + MaximumPasswordAge + MinimumPasswordLength + PasswordComplexity + PasswordHistorySize + LockoutBadCount + RequireLogonToChangePassword + ForceLogoffWhenHourExpire + NewAdministratorName + NewGuestName + ClearTextPassword + LSAAnonymousNameLookup + EnableAdminAccount + EnableGuestAccount + } + description "Use the windows_security_policy resource to set a security policy on the Microsoft Windows platform." + introduced "16.0" + + property :secoption, String, name_property: true, required: true, equal_to: policy_names, + description: "The name of the policy to be set on windows platform to maintain its security." + + property :secvalue, String, required: true, + description: "Policy value to be set for policy name." + + action :set do + security_option = new_resource.secoption + security_value = new_resource.secvalue + powershell_script "#{security_option} set to #{security_value}" do + convert_boolean_return true + code <<-EOH + $security_option = "#{security_option}" + if ( ($security_option -match "NewGuestName") -Or ($security_option -match "NewAdministratorName") ) + { + $#{security_option}_Remediation = (Get-Content $env:TEMP\\#{security_option}_Export.inf) | Foreach-Object { $_ -replace '#{security_option}\\s*=\\s*\\"\\w*\\"', '#{security_option} = "#{security_value}"' } | Set-Content $env:TEMP\\#{security_option}_Export.inf + C:\\Windows\\System32\\secedit /configure /db $env:windir\\security\\new.sdb /cfg $env:TEMP\\#{security_option}_Export.inf /areas SECURITYPOLICY + } + else + { + $#{security_option}_Remediation = (Get-Content $env:TEMP\\#{security_option}_Export.inf) | Foreach-Object { $_ -replace "#{security_option}\\s*=\\s*\\d*", "#{security_option} = #{security_value}" } | Set-Content $env:TEMP\\#{security_option}_Export.inf + C:\\Windows\\System32\\secedit /configure /db $env:windir\\security\\new.sdb /cfg $env:TEMP\\#{security_option}_Export.inf /areas SECURITYPOLICY + } + Remove-Item $env:TEMP\\#{security_option}_Export.inf -force + EOH + not_if <<-EOH + $#{security_option}_Export = C:\\Windows\\System32\\secedit /export /cfg $env:TEMP\\#{security_option}_Export.inf + $ExportAudit = (Get-Content $env:TEMP\\#{security_option}_Export.inf | Select-String -Pattern #{security_option}) + $check_digit = $ExportAudit -match '#{security_option} = #{security_value}' + $check_string = $ExportAudit -match '#{security_option} = "#{security_value}"' + if ( $check_string -Or $check_digit ) + { + Remove-Item $env:TEMP\\#{security_option}_Export.inf -force + $true + } + else + { + $false + } + EOH + end + end + end + end +end diff --git a/lib/chef/resources.rb b/lib/chef/resources.rb index 8bdd207e84..7d9a24c830 100644 --- a/lib/chef/resources.rb +++ b/lib/chef/resources.rb @@ -159,3 +159,4 @@ require_relative "resource/windows_uac" require_relative "resource/windows_workgroup" require_relative "resource/timezone" require_relative "resource/windows_user_privilege" +require_relative "resource/windows_security_policy" diff --git a/lib/chef/shell/ext.rb b/lib/chef/shell/ext.rb index 8640216d45..01a7407de5 100644 --- a/lib/chef/shell/ext.rb +++ b/lib/chef/shell/ext.rb @@ -211,7 +211,7 @@ module Shell desc "prints information about #{Chef::Dist::PRODUCT}" def version puts "Welcome to the #{Chef::Dist::SHELL} #{::Chef::VERSION}\n" + - "For usage see https://docs.chef.io/chef_shell.html" + "For usage see https://docs.chef.io/chef_shell/" :ucanhaz_automation end alias :shell :version diff --git a/lib/chef/version.rb b/lib/chef/version.rb index d1349a1f6c..8a1cc4d54b 100644 --- a/lib/chef/version.rb +++ b/lib/chef/version.rb @@ -23,7 +23,7 @@ require_relative "version_string" class Chef CHEF_ROOT = File.expand_path("../..", __FILE__) - VERSION = Chef::VersionString.new("16.0.109") + VERSION = Chef::VersionString.new("16.0.115") end # |