From bb581ed8f0a1553d4dc4116feb3c50728372cdab Mon Sep 17 00:00:00 2001 From: Ian Bellinfantie Date: Fri, 14 Apr 2017 18:18:23 +0300 Subject: [PATCH 1/3] added some providers --- providers/etcresolv.rb | 130 +++++++++++++++++++++++++++++++++++++ providers/userlimits.rb | 127 ++++++++++++++++++++++++++++++++++++ providers/usersec.rb | 139 ++++++++++++++++++++++++++++++++++++++++ resources/etcresolv.rb | 31 +++++++++ resources/userlimits.rb | 35 ++++++++++ resources/usersec.rb | 41 ++++++++++++ 6 files changed, 503 insertions(+) create mode 100644 providers/etcresolv.rb create mode 100644 providers/userlimits.rb create mode 100644 providers/usersec.rb create mode 100644 resources/etcresolv.rb create mode 100644 resources/userlimits.rb create mode 100644 resources/usersec.rb diff --git a/providers/etcresolv.rb b/providers/etcresolv.rb new file mode 100644 index 0000000..46515e0 --- /dev/null +++ b/providers/etcresolv.rb @@ -0,0 +1,130 @@ +# +# Copyright 2015-2016, Benoit Creau +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Amended by Ian Bellinfantie +# Contact ibellinfantie@sbm.com.sa +# +# just copied the etchosts and made the etcresolv +# uses the namerslv command instead of the namerslv command +# + +use_inline_resources + +# support whyrun +def whyrun_supported? + true +end + +# load current resource name to detremine type of resolv.conf change +def load_current_resource + @current_resource = Chef::Resource::AixEtcresolv.new(@new_resource.name) + # entry types could be domain, search, nameserver, options + @current_resource.exists = false + + # set command for all entries for /etc/resolv.conf + namerslv = shell_out("namerslv -s | grep #{@new_resource.address}") + if !namerslv.error? + namerslv_array = namerslv.stdout.split(' ') + Chef::Log.debug('etcresolv: resource exists') + @current_resource.exists = true + else + Chef::Log.debug('etcresolv: resource does not exists') + end + + # If resource exists , load values into a hash + if @current_resource.exists + Chef::Log.debug('etcresolv: resource exists loading attributes') + @current_resource.name(namerslv_array[0]) + Chef::Log.debug("etcresolv: current resource name: #{namerslv_array[0]}") + @current_resource.address(namerslv_array[1]) + Chef::Log.debug("etcresolv: current resource address: #{namerslv_array[1]}") + puts "#{namerslv_array[0]} #{namerslv_array[1]}" + end +end + + +# add +action :add do + unless @current_resource.exists + # add entry if it exists + if @new_resource.name =~ /nameserver/ + #An ip address has been given + namerslv_add_s = "namerslv -a -i #{@new_resource.address} " + elsif @new_resource.name =~ /search/ + # A search domain_name has been given + namerslv_add_s = "namerslv -a -S #{@new_resource.address} " + elsif @new_resource.name =~ /domain/ + # A domain name has been given + namerslv_add_s = "namerslv -a -D #{@new_resource.address} " + else + puts " Don't know what has been given" + end + converge_by("namerslv: add #{@new_resource.address} in /etc/resolv.conf file") do + Chef::Log.debug("etcresolv: running #{namerslv_add_s}") + shell_out!(namerslv_add_s) + end + end +end + +# delete +action :delete do + if @current_resource.exists + # delete entry if it exists + if @new_resource.name =~ /nameserver/ + #An ip address has been given for nameserver + namerslv_del_s = "namerslv -d -i #{@new_resource.address} " + elsif @new_resource.name =~ /domain/ + # A domain name has been given + namerslv_del_s = "namerslv -d -n " + else + puts " Option not supported" + end + converge_by("namerslv: delete #{@new_resource.address} in /etc/resolv.conf file") do + Chef::Log.debug("etcresolv: running #{namerslv_del_s}") + shell_out!(namerslv_del_s) + end + end +end + +# change +action :change do + if @current_resource.exists + # determine which type to change + if @new_resource.name =~ /nameserver/ + #An ip address has been given for nameserver + namerslv_change_s = "namerslv -d -i #{@new_resource.address} ; namerslv -a -i #{@new_resource.new_address}" + elsif @new_resource.name =~ /domain/ + # A domain name has been given + namerslv_change_s = "namerslv -d -n ; namerslv -a -D #{@new_resource.new_address}" + else + puts " Option not supported" + end + converge_by("namerslv: delete #{@new_resource.address} in /etc/resolv.conf file") do + Chef::Log.debug("etcresolv: running #{namerslv_change_s}") + shell_out!(namerslv_change_s) + end + end +end + +# delete_all +action :delete_all do + if @current_resource.exists + namerslv_del_all_s = "namerslv -X" + converge_by('etcresolv: removing all entries') do + Chef::Log.debug("etcresolv: running #{namerslv_del_all_s}") + shell_out!(namerslv_del_all_s) + end + end +end diff --git a/providers/userlimits.rb b/providers/userlimits.rb new file mode 100644 index 0000000..205a95d --- /dev/null +++ b/providers/userlimits.rb @@ -0,0 +1,127 @@ +# +# Copyright 2015-2016, Benoit Creau +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Amended by Ian Bellinfantie +# Contact ibellinfantie@sbm.com.sa +# +# there should only be one line in /etc/netsvc.conf +# so either add or delete the line +# + +use_inline_resources + +# support whyrun +def whyrun_supported? + true +end + +# load current resource name to detremine type of resolv.conf change +def load_current_resource + @current_resource = Chef::Resource::AixUserlimits.new(@new_resource.name) + # entry types could be domain, search, nameserver, options + @current_resource.exists = false + # set command for all entries for /etc/security/limits + user_limits = shell_out("cat /etc/security/limits | grep -v \\* | grep -wp default | grep -v default | sed \'\/^\\s*\$\/d\' | xargs | sed \'s\/=\/:\/g\' | tr -s \' \' \':\' | perl -pe \'chomp\'") + if !user_limits.error? + user_limits_array = user_limits.stdout.split(':') + Chef::Log.debug('userlimits: resource exists') + @current_resource.exists = true + else + Chef::Log.debug('userlimits: resource does not exists') + end + + # If resource exists , load values into a hash + if @current_resource.exists + Chef::Log.debug('userlimits: resource exists loading attributes') + @current_resource.name(@new_resource.name) + Chef::Log.debug("userlimits: current resource name: #{@current_resource.name}") + + @current_resource.fsize(user_limits_array[1]) + @current_resource.core(user_limits_array[3]) + @current_resource.cpu(user_limits_array[5]) + @current_resource.data(user_limits_array[7]) + @current_resource.rss(user_limits_array[9]) + @current_resource.stack(user_limits_array[11]) + @current_resource.nofiles(user_limits_array[13]) + Chef::Log.debug("userlimits: current resource fsize: #{user_limits_array[1]}") + Chef::Log.debug("userlimits: current resource core: #{user_limits_array[3]}") + Chef::Log.debug("userlimits: current resource cpu: #{user_limits_array[5]}") + Chef::Log.debug("userlimits: current resource data: #{user_limits_array[7]}") + Chef::Log.debug("userlimits: current resource rss: #{user_limits_array[9]}") + Chef::Log.debug("userlimits: current resource stack: #{user_limits_array[11]}") + Chef::Log.debug("userlimits: current resource nofiles: #{user_limits_array[13]}") + + + if @new_resource.fsize.nil? + @new_resource.fsize(@current_resource.fsize) + end + if @new_resource.core.nil? + @new_resource.core(@current_resource.core) + end + if @new_resource.cpu.nil? + @new_resource.cpu(@current_resource.cpu) + end + if @new_resource.data.nil? + @new_resource.data(@current_resource.data) + end + if @new_resource.rss.nil? + @new_resource.rss(@current_resource.rss) + end + if @new_resource.stack.nil? + @new_resource.stack(@current_resource.stack) + end + if @new_resource.nofiles.nil? + @new_resource.nofiles(@current_resource.nofiles) + end + end +end + + + +# change the default settings for user limits -- using default instaed of #{@new_resource.name} to ensure only +# the default settings are changed. +action :change do + + if @new_resource.fsize != @current_resource.fsize || @new_resource.core != @current_resource.core || @new_resource.cpu != @current_resource.cpu || @new_resource.data != @current_resource.data || @new_resource.rss != @current_resource.rss || @new_resource.stack != @current_resource.stack || @new_resource.nofiles != @current_resource.nofiles + change = true + + + nfs = @new_resource.fsize + nco = @new_resource.core + ncp = @new_resource.cpu + nda = @new_resource.data + nrs = @new_resource.rss + nst = @new_resource.stack + nno = @new_resource.nofiles + + cfs = @current_resource.fsize + cco = @current_resource.core + ccp = @current_resource.cpu + cda = @current_resource.data + crs = @current_resource.rss + cst = @current_resource.stack + cno = @current_resource.nofiles + + if change + userlimits_change_s = "cat /etc/security/limits|sed -n \'1h;1\!H;\${x;/default:/ s/fsize = #{cfs}/fsize = #{nfs}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/core = #{cco}/core = #{nco}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/cpu = #{ccp}/cpu = #{ncp}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/data = #{cda}/data = #{nda}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/rss = #{crs}/rss = #{nrs}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/stack = #{cst}/stack = #{nst}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/nofiles = #{cno}/nofiles = #{nno}/g;p;}\' >/etc/security/limits" + converge_by("userlimits: change #{@new_resource.name} in /etc/security/limits file") do + Chef::Log.debug("userlimits: running #{userlimits_change_s}") + shell_out!(userlimits_change_s) + end + else + change = false + end + end + end diff --git a/providers/usersec.rb b/providers/usersec.rb new file mode 100644 index 0000000..bfaa17e --- /dev/null +++ b/providers/usersec.rb @@ -0,0 +1,139 @@ +# +# Copyright 2015-2016, Benoit Creau +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Amended by Ian Bellinfantie +# Contact ibellinfantie@sbm.com.sa +# + + +use_inline_resources + +# support whyrun +def whyrun_supported? + true +end + +# load current resource name to detremine type of resolv.conf change +def load_current_resource + @current_resource = Chef::Resource::AixUsersec.new(@new_resource.name) + # entry types could be domain, search, nameserver, options + @current_resource.exists = false + # set command for all entries for /etc/security/limits + user_sec = shell_out("for attr in umask pwdwarntime loginretries histexpire histsize minage maxage maxexpired minalpha minother minlen mindiff maxrepeats ; do lssec -c -f /etc/security/user -s default -a $attr ; done | xargs | sed \'s/default://g\' | sed \'s/\\#name://g\' | perl -pe \'chomp\'") + if !user_sec.error? + user_sec_array = user_sec.stdout.split(' ') + Chef::Log.debug('usersec: resource exists') + @current_resource.exists = true + else + Chef::Log.debug('usersec: resource does not exists') + end + + # If resource exists , load values into a hash + if @current_resource.exists + Chef::Log.debug('usersec: resource exists loading attributes') + @current_resource.name(@new_resource.name) + Chef::Log.debug("usersec: current resource name: #{@current_resource.name}") + + @current_resource.umask(user_sec_array[1]) + @current_resource.pwdwarntime(user_sec_array[3]) + @current_resource.loginretries(user_sec_array[5]) + @current_resource.histexpire(user_sec_array[7]) + @current_resource.histsize(user_sec_array[9]) + @current_resource.minage(user_sec_array[11]) + @current_resource.maxage(user_sec_array[13]) + @current_resource.maxexpired(user_sec_array[15]) + @current_resource.minalpha(user_sec_array[17]) + @current_resource.minother(user_sec_array[19]) + @current_resource.minlen(user_sec_array[21]) + @current_resource.mindiff(user_sec_array[23]) + @current_resource.maxrepeats(user_sec_array[25]) + + Chef::Log.debug("user_sec: current resource umask: #{user_sec_array[1]}") + Chef::Log.debug("user_sec: current resource pwdwarntime: #{user_sec_array[3]}") + Chef::Log.debug("user_sec: current resource loginretries: #{user_sec_array[5]}") + Chef::Log.debug("user_sec: current resource histexpire: #{user_sec_array[7]}") + Chef::Log.debug("user_sec: current resource histsize: #{user_sec_array[9]}") + Chef::Log.debug("user_sec: current resource minage: #{user_sec_array[11]}") + Chef::Log.debug("user_sec: current resource maxage: #{user_sec_array[13]}") + Chef::Log.debug("user_sec: current resource maxexpired: #{user_sec_array[15]}") + Chef::Log.debug("user_sec: current resource minalpha: #{user_sec_array[17]}") + Chef::Log.debug("user_sec: current resource minother: #{user_sec_array[19]}") + Chef::Log.debug("user_sec: current resource minlen: #{user_sec_array[21]}") + Chef::Log.debug("user_sec: current resource mindiff: #{user_sec_array[23]}") + Chef::Log.debug("user_sec: current resource maxrepeats: #{user_sec_array[25]}") + + if @new_resource.umask.nil? + @new_resource.umask(@current_resource.umask) + end + if @new_resource.pwdwarntime.nil? + @new_resource.pwdwarntime(@current_resource.pwdwarntime) + end + if @new_resource.loginretries.nil? + @new_resource.loginretries(@current_resource.loginretries) + end + if @new_resource.histexpire.nil? + @new_resource.histexpire(@current_resource.histexpire) + end + if @new_resource.histsize.nil? + @new_resource.histsize(@current_resource.histsize) + end + if @new_resource.minage.nil? + @new_resource.minage(@current_resource.minage) + end + if @new_resource.maxage.nil? + @new_resource.maxage(@current_resource.maxage) + end + if @new_resource.maxexpired.nil? + @new_resource.maxexpired(@current_resource.maxexpired) + end + if @new_resource.minalpha.nil? + @new_resource.minalpha(@current_resource.minalpha) + end + if @new_resource.minother.nil? + @new_resource.minother(@current_resource.minother) + end + if @new_resource.minlen.nil? + @new_resource.minlen(@current_resource.minlen) + end + if @new_resource.mindiff.nil? + @new_resource.mindiff(@current_resource.mindiff) + end + if @new_resource.maxrepeats.nil? + @new_resource.maxrepeats(@current_resource.maxrepeats) + end + end +end + + + +# +action :change do + if @current_resource.exists + change = false + # check if we have changed values for any attribute + + if @new_resource.umask != @current_resource.umask || @new_resource.pwdwarntime != @current_resource.pwdwarntime || @new_resource.loginretries != @current_resource.loginretries || @new_resource.histexpire != @current_resource.histexpire || @new_resource.histsize != @current_resource.histsize || @new_resource.minage != @current_resource.minage || @new_resource.maxage != @current_resource.maxage || @new_resource.maxexpired != @current_resource.maxexpired || @new_resource.minalpha != @current_resource.minalpha || @new_resource.minother != @current_resource.minother || @new_resource.minlen != @current_resource.minlen || @new_resource.mindiff != @current_resource.mindiff || @new_resource.maxrepeats != @current_resource.maxrepeats + change = true + + if change + usersec_change_s = "chsec -f /etc/security/user -s default -a umask=#{@new_resource.umask} ; chsec -f /etc/security/user -s default -a pwdwarntime=#{@new_resource.pwdwarntime} ; chsec -f /etc/security/user -s default -a loginretries=#{@new_resource.loginretries} ; chsec -f /etc/security/user -s default -a histexpire=#{@new_resource.histexpire}; chsec -f /etc/security/user -s default -a histsize=#{@new_resource.histsize} ; chsec -f /etc/security/user -s default -a minage=#{@new_resource.minage} ; chsec -f /etc/security/user -s default -a maxage=#{@new_resource.maxage} ; chsec -f /etc/security/user -s default -a maxexpired=#{@new_resource.maxexpired} ; chsec -f /etc/security/user -s default -a minalpha=#{@new_resource.minalpha} ; chsec -f /etc/security/user -s default -a minother=#{@new_resource.minother} ; chsec -f /etc/security/user -s default -a minlen=#{@new_resource.minlen} ; chsec -f /etc/security/user -s default -a mindiff=#{@new_resource.mindiff} ; chsec -f /etc/security/user -s default -a maxrepeats=#{@new_resource.maxrepeats} " + converge_by("usersec: change #{@new_resource.name} in /etc/security/user file") do + Chef::Log.debug("usersec: running #{usersec_change_s}") + shell_out!(usersec_change_s) + end + end + end + end +end diff --git a/resources/etcresolv.rb b/resources/etcresolv.rb new file mode 100644 index 0000000..d04f22b --- /dev/null +++ b/resources/etcresolv.rb @@ -0,0 +1,31 @@ +# +# Copyright 2015-2016, Benoit Creau +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Amended by Ian Bellinfantie +# Contact ibellinfantie@sbm.com.sa +# +# just copied the etchosts and made the etcresolv +# uses the namerslv command instead of the namerslv command +# +# uses the options for IBM command namerslv +# does not cater for options. + +actions :add, :delete, :delete_all, :change +default_action :add +attr_accessor :exists + +attribute :name, name_attribute: true, kind_of: String # type of /etc/resolv.conf entry e.g. domain, search, nameserver +attribute :address, kind_of: String # Address in domain name or ip address , search option etc... +attribute :new_address, kind_of: String # value to chnge to diff --git a/resources/userlimits.rb b/resources/userlimits.rb new file mode 100644 index 0000000..4b32797 --- /dev/null +++ b/resources/userlimits.rb @@ -0,0 +1,35 @@ +# +# Copyright 2015-2016, Benoit Creau +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Amended by Ian Bellinfantie +# Contact ibellinfantie@sbm.com.sa +# +# just copied the etchosts and made the etcresolv +# uses the namerslv command instead of the namerslv command +# +# makes changes for the deafult or a particular username + +actions :change +default_action :change +attr_accessor :exists + +attribute :name, name_attribute: true, kind_of: String # will always be default... leaving users to specific application builds +attribute :fsize, kind_of: String # attributes for user limits +attribute :core, kind_of: String +attribute :cpu, kind_of: String +attribute :data, kind_of: String +attribute :rss, kind_of: String +attribute :stack, kind_of: String +attribute :nofiles, kind_of: String diff --git a/resources/usersec.rb b/resources/usersec.rb new file mode 100644 index 0000000..f9de3d3 --- /dev/null +++ b/resources/usersec.rb @@ -0,0 +1,41 @@ +# +# Copyright 2015-2016, Benoit Creau +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Amended by Ian Bellinfantie +# Contact ibellinfantie@sbm.com.sa +# +# just copied the etchosts and made the etcresolv +# uses the namerslv command instead of the namerslv command +# +# makes changes for the deafult or a particular username + +actions :change +default_action :change +attr_accessor :exists + +attribute :name, name_attribute: true, kind_of: String # will always be default... leaving users to specific application builds +attribute :umask, kind_of: String # attributes for user limits +attribute :pwdwarntime, kind_of: String +attribute :loginretries, kind_of: String +attribute :histexpire, kind_of: String +attribute :histsize, kind_of: String +attribute :minage, kind_of: String +attribute :maxage, kind_of: String +attribute :maxexpired, kind_of: String +attribute :minalpha, kind_of: String +attribute :minother, kind_of: String +attribute :minlen, kind_of: String +attribute :mindiff, kind_of: String +attribute :maxrepeats, kind_of: String From 1134a248c7419215d50416b57083befe76d7f020 Mon Sep 17 00:00:00 2001 From: Ian Bellinfantie Date: Thu, 27 Apr 2017 16:05:17 +0300 Subject: [PATCH 2/3] tidied indents --- providers/userlimits.rb | 150 +++++++++++++++++----------------- providers/usersec.rb | 174 ++++++++++++++++++++-------------------- 2 files changed, 159 insertions(+), 165 deletions(-) diff --git a/providers/userlimits.rb b/providers/userlimits.rb index 205a95d..faf03e7 100644 --- a/providers/userlimits.rb +++ b/providers/userlimits.rb @@ -33,59 +33,59 @@ def load_current_resource # entry types could be domain, search, nameserver, options @current_resource.exists = false # set command for all entries for /etc/security/limits - user_limits = shell_out("cat /etc/security/limits | grep -v \\* | grep -wp default | grep -v default | sed \'\/^\\s*\$\/d\' | xargs | sed \'s\/=\/:\/g\' | tr -s \' \' \':\' | perl -pe \'chomp\'") - if !user_limits.error? - user_limits_array = user_limits.stdout.split(':') - Chef::Log.debug('userlimits: resource exists') - @current_resource.exists = true - else - Chef::Log.debug('userlimits: resource does not exists') - end + user_limits = shell_out("cat /etc/security/limits | grep -v \\* | grep -wp default | grep -v default | sed \'\/^\\s*\$\/d\' | xargs | sed \'s\/=\/:\/g\' | tr -s \' \' \':\' | perl -pe \'chomp\'") + if !user_limits.error? + user_limits_array = user_limits.stdout.split(':') + Chef::Log.debug('userlimits: resource exists') + @current_resource.exists = true + else + Chef::Log.debug('userlimits: resource does not exists') + end - # If resource exists , load values into a hash - if @current_resource.exists - Chef::Log.debug('userlimits: resource exists loading attributes') - @current_resource.name(@new_resource.name) - Chef::Log.debug("userlimits: current resource name: #{@current_resource.name}") + # If resource exists , load values into a hash + if @current_resource.exists + Chef::Log.debug('userlimits: resource exists loading attributes') + @current_resource.name(@new_resource.name) + Chef::Log.debug("userlimits: current resource name: #{@current_resource.name}") - @current_resource.fsize(user_limits_array[1]) - @current_resource.core(user_limits_array[3]) - @current_resource.cpu(user_limits_array[5]) - @current_resource.data(user_limits_array[7]) - @current_resource.rss(user_limits_array[9]) - @current_resource.stack(user_limits_array[11]) - @current_resource.nofiles(user_limits_array[13]) - Chef::Log.debug("userlimits: current resource fsize: #{user_limits_array[1]}") - Chef::Log.debug("userlimits: current resource core: #{user_limits_array[3]}") - Chef::Log.debug("userlimits: current resource cpu: #{user_limits_array[5]}") - Chef::Log.debug("userlimits: current resource data: #{user_limits_array[7]}") - Chef::Log.debug("userlimits: current resource rss: #{user_limits_array[9]}") - Chef::Log.debug("userlimits: current resource stack: #{user_limits_array[11]}") - Chef::Log.debug("userlimits: current resource nofiles: #{user_limits_array[13]}") + @current_resource.fsize(user_limits_array[1]) + @current_resource.core(user_limits_array[3]) + @current_resource.cpu(user_limits_array[5]) + @current_resource.data(user_limits_array[7]) + @current_resource.rss(user_limits_array[9]) + @current_resource.stack(user_limits_array[11]) + @current_resource.nofiles(user_limits_array[13]) + Chef::Log.debug("userlimits: current resource fsize: #{user_limits_array[1]}") + Chef::Log.debug("userlimits: current resource core: #{user_limits_array[3]}") + Chef::Log.debug("userlimits: current resource cpu: #{user_limits_array[5]}") + Chef::Log.debug("userlimits: current resource data: #{user_limits_array[7]}") + Chef::Log.debug("userlimits: current resource rss: #{user_limits_array[9]}") + Chef::Log.debug("userlimits: current resource stack: #{user_limits_array[11]}") + Chef::Log.debug("userlimits: current resource nofiles: #{user_limits_array[13]}") - if @new_resource.fsize.nil? - @new_resource.fsize(@current_resource.fsize) - end - if @new_resource.core.nil? - @new_resource.core(@current_resource.core) - end - if @new_resource.cpu.nil? - @new_resource.cpu(@current_resource.cpu) - end - if @new_resource.data.nil? - @new_resource.data(@current_resource.data) - end - if @new_resource.rss.nil? - @new_resource.rss(@current_resource.rss) - end - if @new_resource.stack.nil? - @new_resource.stack(@current_resource.stack) - end - if @new_resource.nofiles.nil? - @new_resource.nofiles(@current_resource.nofiles) - end - end + if @new_resource.fsize.nil? + @new_resource.fsize(@current_resource.fsize) + end + if @new_resource.core.nil? + @new_resource.core(@current_resource.core) + end + if @new_resource.cpu.nil? + @new_resource.cpu(@current_resource.cpu) + end + if @new_resource.data.nil? + @new_resource.data(@current_resource.data) + end + if @new_resource.rss.nil? + @new_resource.rss(@current_resource.rss) + end + if @new_resource.stack.nil? + @new_resource.stack(@current_resource.stack) + end + if @new_resource.nofiles.nil? + @new_resource.nofiles(@current_resource.nofiles) + end + end end @@ -94,34 +94,32 @@ def load_current_resource # the default settings are changed. action :change do - if @new_resource.fsize != @current_resource.fsize || @new_resource.core != @current_resource.core || @new_resource.cpu != @current_resource.cpu || @new_resource.data != @current_resource.data || @new_resource.rss != @current_resource.rss || @new_resource.stack != @current_resource.stack || @new_resource.nofiles != @current_resource.nofiles - change = true + if @new_resource.fsize != @current_resource.fsize || @new_resource.core != @current_resource.core || @new_resource.cpu != @current_resource.cpu || @new_resource.data != @current_resource.data || @new_resource.rss != @current_resource.rss || @new_resource.stack != @current_resource.stack || @new_resource.nofiles != @current_resource.nofiles + change = true + nfs = @new_resource.fsize + nco = @new_resource.core + ncp = @new_resource.cpu + nda = @new_resource.data + nrs = @new_resource.rss + nst = @new_resource.stack + nno = @new_resource.nofiles + cfs = @current_resource.fsize + cco = @current_resource.core + ccp = @current_resource.cpu + cda = @current_resource.data + crs = @current_resource.rss + cst = @current_resource.stack + cno = @current_resource.nofiles - nfs = @new_resource.fsize - nco = @new_resource.core - ncp = @new_resource.cpu - nda = @new_resource.data - nrs = @new_resource.rss - nst = @new_resource.stack - nno = @new_resource.nofiles - - cfs = @current_resource.fsize - cco = @current_resource.core - ccp = @current_resource.cpu - cda = @current_resource.data - crs = @current_resource.rss - cst = @current_resource.stack - cno = @current_resource.nofiles - - if change - userlimits_change_s = "cat /etc/security/limits|sed -n \'1h;1\!H;\${x;/default:/ s/fsize = #{cfs}/fsize = #{nfs}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/core = #{cco}/core = #{nco}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/cpu = #{ccp}/cpu = #{ncp}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/data = #{cda}/data = #{nda}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/rss = #{crs}/rss = #{nrs}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/stack = #{cst}/stack = #{nst}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/nofiles = #{cno}/nofiles = #{nno}/g;p;}\' >/etc/security/limits" - converge_by("userlimits: change #{@new_resource.name} in /etc/security/limits file") do - Chef::Log.debug("userlimits: running #{userlimits_change_s}") - shell_out!(userlimits_change_s) - end - else - change = false - end + if change + userlimits_change_s = "cat /etc/security/limits|sed -n \'1h;1\!H;\${x;/default:/ s/fsize = #{cfs}/fsize = #{nfs}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/core = #{cco}/core = #{nco}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/cpu = #{ccp}/cpu = #{ncp}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/data = #{cda}/data = #{nda}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/rss = #{crs}/rss = #{nrs}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/stack = #{cst}/stack = #{nst}/g;p;}\'|sed -n \'1h;1\!H;\${x;/default:/ s/nofiles = #{cno}/nofiles = #{nno}/g;p;}\' >/etc/security/limits" + converge_by("userlimits: change #{@new_resource.name} in /etc/security/limits file") do + Chef::Log.debug("userlimits: running #{userlimits_change_s}") + shell_out!(userlimits_change_s) + end + else + change = false + end end end diff --git a/providers/usersec.rb b/providers/usersec.rb index bfaa17e..77a9f00 100644 --- a/providers/usersec.rb +++ b/providers/usersec.rb @@ -31,89 +31,86 @@ def load_current_resource # entry types could be domain, search, nameserver, options @current_resource.exists = false # set command for all entries for /etc/security/limits - user_sec = shell_out("for attr in umask pwdwarntime loginretries histexpire histsize minage maxage maxexpired minalpha minother minlen mindiff maxrepeats ; do lssec -c -f /etc/security/user -s default -a $attr ; done | xargs | sed \'s/default://g\' | sed \'s/\\#name://g\' | perl -pe \'chomp\'") - if !user_sec.error? + user_sec = shell_out("for attr in umask pwdwarntime loginretries histexpire histsize minage maxage maxexpired minalpha minother minlen mindiff maxrepeats ; do lssec -c -f /etc/security/user -s default -a $attr ; done | xargs | sed \'s/default://g\' | sed \'s/\\#name://g\' | perl -pe \'chomp\'") + if !user_sec.error? user_sec_array = user_sec.stdout.split(' ') Chef::Log.debug('usersec: resource exists') @current_resource.exists = true - else + else Chef::Log.debug('usersec: resource does not exists') - end - - # If resource exists , load values into a hash - if @current_resource.exists - Chef::Log.debug('usersec: resource exists loading attributes') - @current_resource.name(@new_resource.name) - Chef::Log.debug("usersec: current resource name: #{@current_resource.name}") - - @current_resource.umask(user_sec_array[1]) - @current_resource.pwdwarntime(user_sec_array[3]) - @current_resource.loginretries(user_sec_array[5]) - @current_resource.histexpire(user_sec_array[7]) - @current_resource.histsize(user_sec_array[9]) - @current_resource.minage(user_sec_array[11]) - @current_resource.maxage(user_sec_array[13]) - @current_resource.maxexpired(user_sec_array[15]) - @current_resource.minalpha(user_sec_array[17]) - @current_resource.minother(user_sec_array[19]) - @current_resource.minlen(user_sec_array[21]) - @current_resource.mindiff(user_sec_array[23]) - @current_resource.maxrepeats(user_sec_array[25]) - - Chef::Log.debug("user_sec: current resource umask: #{user_sec_array[1]}") - Chef::Log.debug("user_sec: current resource pwdwarntime: #{user_sec_array[3]}") - Chef::Log.debug("user_sec: current resource loginretries: #{user_sec_array[5]}") - Chef::Log.debug("user_sec: current resource histexpire: #{user_sec_array[7]}") - Chef::Log.debug("user_sec: current resource histsize: #{user_sec_array[9]}") - Chef::Log.debug("user_sec: current resource minage: #{user_sec_array[11]}") - Chef::Log.debug("user_sec: current resource maxage: #{user_sec_array[13]}") - Chef::Log.debug("user_sec: current resource maxexpired: #{user_sec_array[15]}") - Chef::Log.debug("user_sec: current resource minalpha: #{user_sec_array[17]}") - Chef::Log.debug("user_sec: current resource minother: #{user_sec_array[19]}") - Chef::Log.debug("user_sec: current resource minlen: #{user_sec_array[21]}") - Chef::Log.debug("user_sec: current resource mindiff: #{user_sec_array[23]}") - Chef::Log.debug("user_sec: current resource maxrepeats: #{user_sec_array[25]}") + end - if @new_resource.umask.nil? - @new_resource.umask(@current_resource.umask) - end - if @new_resource.pwdwarntime.nil? - @new_resource.pwdwarntime(@current_resource.pwdwarntime) - end - if @new_resource.loginretries.nil? - @new_resource.loginretries(@current_resource.loginretries) - end - if @new_resource.histexpire.nil? - @new_resource.histexpire(@current_resource.histexpire) - end - if @new_resource.histsize.nil? - @new_resource.histsize(@current_resource.histsize) - end - if @new_resource.minage.nil? - @new_resource.minage(@current_resource.minage) - end - if @new_resource.maxage.nil? - @new_resource.maxage(@current_resource.maxage) - end - if @new_resource.maxexpired.nil? - @new_resource.maxexpired(@current_resource.maxexpired) - end - if @new_resource.minalpha.nil? - @new_resource.minalpha(@current_resource.minalpha) - end - if @new_resource.minother.nil? - @new_resource.minother(@current_resource.minother) - end - if @new_resource.minlen.nil? - @new_resource.minlen(@current_resource.minlen) - end - if @new_resource.mindiff.nil? - @new_resource.mindiff(@current_resource.mindiff) - end - if @new_resource.maxrepeats.nil? - @new_resource.maxrepeats(@current_resource.maxrepeats) - end - end + # If resource exists , load values into a hash + if @current_resource.exists + Chef::Log.debug('usersec: resource exists loading attributes') + @current_resource.name(@new_resource.name) + Chef::Log.debug("usersec: current resource name: #{@current_resource.name}") + @current_resource.umask(user_sec_array[1]) + @current_resource.pwdwarntime(user_sec_array[3]) + @current_resource.loginretries(user_sec_array[5]) + @current_resource.histexpire(user_sec_array[7]) + @current_resource.histsize(user_sec_array[9]) + @current_resource.minage(user_sec_array[11]) + @current_resource.maxage(user_sec_array[13]) + @current_resource.maxexpired(user_sec_array[15]) + @current_resource.minalpha(user_sec_array[17]) + @current_resource.minother(user_sec_array[19]) + @current_resource.minlen(user_sec_array[21]) + @current_resource.mindiff(user_sec_array[23]) + @current_resource.maxrepeats(user_sec_array[25]) + Chef::Log.debug("user_sec: current resource umask: #{user_sec_array[1]}") + Chef::Log.debug("user_sec: current resource pwdwarntime: #{user_sec_array[3]}") + Chef::Log.debug("user_sec: current resource loginretries: #{user_sec_array[5]}") + Chef::Log.debug("user_sec: current resource histexpire: #{user_sec_array[7]}") + Chef::Log.debug("user_sec: current resource histsize: #{user_sec_array[9]}") + Chef::Log.debug("user_sec: current resource minage: #{user_sec_array[11]}") + Chef::Log.debug("user_sec: current resource maxage: #{user_sec_array[13]}") + Chef::Log.debug("user_sec: current resource maxexpired: #{user_sec_array[15]}") + Chef::Log.debug("user_sec: current resource minalpha: #{user_sec_array[17]}") + Chef::Log.debug("user_sec: current resource minother: #{user_sec_array[19]}") + Chef::Log.debug("user_sec: current resource minlen: #{user_sec_array[21]}") + Chef::Log.debug("user_sec: current resource mindiff: #{user_sec_array[23]}") + Chef::Log.debug("user_sec: current resource maxrepeats: #{user_sec_array[25]}") + if @new_resource.umask.nil? + @new_resource.umask(@current_resource.umask) + end + if @new_resource.pwdwarntime.nil? + @new_resource.pwdwarntime(@current_resource.pwdwarntime) + end + if @new_resource.loginretries.nil? + @new_resource.loginretries(@current_resource.loginretries) + end + if @new_resource.histexpire.nil? + @new_resource.histexpire(@current_resource.histexpire) + end + if @new_resource.histsize.nil? + @new_resource.histsize(@current_resource.histsize) + end + if @new_resource.minage.nil? + @new_resource.minage(@current_resource.minage) + end + if @new_resource.maxage.nil? + @new_resource.maxage(@current_resource.maxage) + end + if @new_resource.maxexpired.nil? + @new_resource.maxexpired(@current_resource.maxexpired) + end + if @new_resource.minalpha.nil? + @new_resource.minalpha(@current_resource.minalpha) + end + if @new_resource.minother.nil? + @new_resource.minother(@current_resource.minother) + end + if @new_resource.minlen.nil? + @new_resource.minlen(@current_resource.minlen) + end + if @new_resource.mindiff.nil? + @new_resource.mindiff(@current_resource.mindiff) + end + if @new_resource.maxrepeats.nil? + @new_resource.maxrepeats(@current_resource.maxrepeats) + end + end end @@ -122,18 +119,17 @@ def load_current_resource action :change do if @current_resource.exists change = false - # check if we have changed values for any attribute - - if @new_resource.umask != @current_resource.umask || @new_resource.pwdwarntime != @current_resource.pwdwarntime || @new_resource.loginretries != @current_resource.loginretries || @new_resource.histexpire != @current_resource.histexpire || @new_resource.histsize != @current_resource.histsize || @new_resource.minage != @current_resource.minage || @new_resource.maxage != @current_resource.maxage || @new_resource.maxexpired != @current_resource.maxexpired || @new_resource.minalpha != @current_resource.minalpha || @new_resource.minother != @current_resource.minother || @new_resource.minlen != @current_resource.minlen || @new_resource.mindiff != @current_resource.mindiff || @new_resource.maxrepeats != @current_resource.maxrepeats - change = true + # check if we have changed values for any attribute + if @new_resource.umask != @current_resource.umask || @new_resource.pwdwarntime != @current_resource.pwdwarntime || @new_resource.loginretries != @current_resource.loginretries || @new_resource.histexpire != @current_resource.histexpire || @new_resource.histsize != @current_resource.histsize || @new_resource.minage != @current_resource.minage || @new_resource.maxage != @current_resource.maxage || @new_resource.maxexpired != @current_resource.maxexpired || @new_resource.minalpha != @current_resource.minalpha || @new_resource.minother != @current_resource.minother || @new_resource.minlen != @current_resource.minlen || @new_resource.mindiff != @current_resource.mindiff || @new_resource.maxrepeats != @current_resource.maxrepeats + change = true - if change - usersec_change_s = "chsec -f /etc/security/user -s default -a umask=#{@new_resource.umask} ; chsec -f /etc/security/user -s default -a pwdwarntime=#{@new_resource.pwdwarntime} ; chsec -f /etc/security/user -s default -a loginretries=#{@new_resource.loginretries} ; chsec -f /etc/security/user -s default -a histexpire=#{@new_resource.histexpire}; chsec -f /etc/security/user -s default -a histsize=#{@new_resource.histsize} ; chsec -f /etc/security/user -s default -a minage=#{@new_resource.minage} ; chsec -f /etc/security/user -s default -a maxage=#{@new_resource.maxage} ; chsec -f /etc/security/user -s default -a maxexpired=#{@new_resource.maxexpired} ; chsec -f /etc/security/user -s default -a minalpha=#{@new_resource.minalpha} ; chsec -f /etc/security/user -s default -a minother=#{@new_resource.minother} ; chsec -f /etc/security/user -s default -a minlen=#{@new_resource.minlen} ; chsec -f /etc/security/user -s default -a mindiff=#{@new_resource.mindiff} ; chsec -f /etc/security/user -s default -a maxrepeats=#{@new_resource.maxrepeats} " - converge_by("usersec: change #{@new_resource.name} in /etc/security/user file") do - Chef::Log.debug("usersec: running #{usersec_change_s}") - shell_out!(usersec_change_s) - end - end + if change + usersec_change_s = "chsec -f /etc/security/user -s default -a umask=#{@new_resource.umask} ; chsec -f /etc/security/user -s default -a pwdwarntime=#{@new_resource.pwdwarntime} ; chsec -f /etc/security/user -s default -a loginretries=#{@new_resource.loginretries} ; chsec -f /etc/security/user -s default -a histexpire=#{@new_resource.histexpire}; chsec -f /etc/security/user -s default -a histsize=#{@new_resource.histsize} ; chsec -f /etc/security/user -s default -a minage=#{@new_resource.minage} ; chsec -f /etc/security/user -s default -a maxage=#{@new_resource.maxage} ; chsec -f /etc/security/user -s default -a maxexpired=#{@new_resource.maxexpired} ; chsec -f /etc/security/user -s default -a minalpha=#{@new_resource.minalpha} ; chsec -f /etc/security/user -s default -a minother=#{@new_resource.minother} ; chsec -f /etc/security/user -s default -a minlen=#{@new_resource.minlen} ; chsec -f /etc/security/user -s default -a mindiff=#{@new_resource.mindiff} ; chsec -f /etc/security/user -s default -a maxrepeats=#{@new_resource.maxrepeats} " + converge_by("usersec: change #{@new_resource.name} in /etc/security/user file") do + Chef::Log.debug("usersec: running #{usersec_change_s}") + shell_out!(usersec_change_s) + end end end + end end From af7c9a3c4bf61fdfc57eb50875a159f5bcaf1afd Mon Sep 17 00:00:00 2001 From: Ian Bellinfantie Date: Thu, 27 Apr 2017 16:12:56 +0300 Subject: [PATCH 3/3] tidied indents --- providers/etcresolv.rb | 133 ++++++++++++++++++++--------------------- 1 file changed, 66 insertions(+), 67 deletions(-) diff --git a/providers/etcresolv.rb b/providers/etcresolv.rb index 46515e0..fc45be8 100644 --- a/providers/etcresolv.rb +++ b/providers/etcresolv.rb @@ -32,99 +32,98 @@ def load_current_resource @current_resource = Chef::Resource::AixEtcresolv.new(@new_resource.name) # entry types could be domain, search, nameserver, options @current_resource.exists = false - - # set command for all entries for /etc/resolv.conf - namerslv = shell_out("namerslv -s | grep #{@new_resource.address}") - if !namerslv.error? + # set command for all entries for /etc/resolv.conf + namerslv = shell_out("namerslv -s | grep #{@new_resource.address}") + if !namerslv.error? namerslv_array = namerslv.stdout.split(' ') Chef::Log.debug('etcresolv: resource exists') @current_resource.exists = true - else + else Chef::Log.debug('etcresolv: resource does not exists') - end + end - # If resource exists , load values into a hash - if @current_resource.exists - Chef::Log.debug('etcresolv: resource exists loading attributes') - @current_resource.name(namerslv_array[0]) - Chef::Log.debug("etcresolv: current resource name: #{namerslv_array[0]}") - @current_resource.address(namerslv_array[1]) - Chef::Log.debug("etcresolv: current resource address: #{namerslv_array[1]}") - puts "#{namerslv_array[0]} #{namerslv_array[1]}" - end + # If resource exists , load values into a hash + if @current_resource.exists + Chef::Log.debug('etcresolv: resource exists loading attributes') + @current_resource.name(namerslv_array[0]) + Chef::Log.debug("etcresolv: current resource name: #{namerslv_array[0]}") + @current_resource.address(namerslv_array[1]) + Chef::Log.debug("etcresolv: current resource address: #{namerslv_array[1]}") + puts "#{namerslv_array[0]} #{namerslv_array[1]}" + end end # add action :add do unless @current_resource.exists - # add entry if it exists - if @new_resource.name =~ /nameserver/ - #An ip address has been given - namerslv_add_s = "namerslv -a -i #{@new_resource.address} " - elsif @new_resource.name =~ /search/ - # A search domain_name has been given - namerslv_add_s = "namerslv -a -S #{@new_resource.address} " - elsif @new_resource.name =~ /domain/ - # A domain name has been given - namerslv_add_s = "namerslv -a -D #{@new_resource.address} " - else - puts " Don't know what has been given" - end - converge_by("namerslv: add #{@new_resource.address} in /etc/resolv.conf file") do - Chef::Log.debug("etcresolv: running #{namerslv_add_s}") - shell_out!(namerslv_add_s) - end + # add entry if it exists + if @new_resource.name =~ /nameserver/ + #An ip address has been given + namerslv_add_s = "namerslv -a -i #{@new_resource.address} " + elsif @new_resource.name =~ /search/ + # A search domain_name has been given + namerslv_add_s = "namerslv -a -S #{@new_resource.address} " + elsif @new_resource.name =~ /domain/ + # A domain name has been given + namerslv_add_s = "namerslv -a -D #{@new_resource.address} " + else + puts " Don't know what has been given" + end + converge_by("namerslv: add #{@new_resource.address} in /etc/resolv.conf file") do + Chef::Log.debug("etcresolv: running #{namerslv_add_s}") + shell_out!(namerslv_add_s) + end end end # delete action :delete do - if @current_resource.exists - # delete entry if it exists - if @new_resource.name =~ /nameserver/ - #An ip address has been given for nameserver - namerslv_del_s = "namerslv -d -i #{@new_resource.address} " - elsif @new_resource.name =~ /domain/ - # A domain name has been given - namerslv_del_s = "namerslv -d -n " - else - puts " Option not supported" - end - converge_by("namerslv: delete #{@new_resource.address} in /etc/resolv.conf file") do - Chef::Log.debug("etcresolv: running #{namerslv_del_s}") - shell_out!(namerslv_del_s) - end + if @current_resource.exists + # delete entry if it exists + if @new_resource.name =~ /nameserver/ + #An ip address has been given for nameserver + namerslv_del_s = "namerslv -d -i #{@new_resource.address} " + elsif @new_resource.name =~ /domain/ + # A domain name has been given + namerslv_del_s = "namerslv -d -n " + else + puts " Option not supported" + end + converge_by("namerslv: delete #{@new_resource.address} in /etc/resolv.conf file") do + Chef::Log.debug("etcresolv: running #{namerslv_del_s}") + shell_out!(namerslv_del_s) end + end end # change action :change do - if @current_resource.exists - # determine which type to change - if @new_resource.name =~ /nameserver/ - #An ip address has been given for nameserver - namerslv_change_s = "namerslv -d -i #{@new_resource.address} ; namerslv -a -i #{@new_resource.new_address}" - elsif @new_resource.name =~ /domain/ - # A domain name has been given - namerslv_change_s = "namerslv -d -n ; namerslv -a -D #{@new_resource.new_address}" - else - puts " Option not supported" - end - converge_by("namerslv: delete #{@new_resource.address} in /etc/resolv.conf file") do - Chef::Log.debug("etcresolv: running #{namerslv_change_s}") - shell_out!(namerslv_change_s) - end + if @current_resource.exists + # determine which type to change + if @new_resource.name =~ /nameserver/ + #An ip address has been given for nameserver + namerslv_change_s = "namerslv -d -i #{@new_resource.address} ; namerslv -a -i #{@new_resource.new_address}" + elsif @new_resource.name =~ /domain/ + # A domain name has been given + namerslv_change_s = "namerslv -d -n ; namerslv -a -D #{@new_resource.new_address}" + else + puts " Option not supported" + end + converge_by("namerslv: delete #{@new_resource.address} in /etc/resolv.conf file") do + Chef::Log.debug("etcresolv: running #{namerslv_change_s}") + shell_out!(namerslv_change_s) end + end end # delete_all action :delete_all do if @current_resource.exists - namerslv_del_all_s = "namerslv -X" - converge_by('etcresolv: removing all entries') do - Chef::Log.debug("etcresolv: running #{namerslv_del_all_s}") - shell_out!(namerslv_del_all_s) - end + namerslv_del_all_s = "namerslv -X" + converge_by('etcresolv: removing all entries') do + Chef::Log.debug("etcresolv: running #{namerslv_del_all_s}") + shell_out!(namerslv_del_all_s) + end end end