From b5406e624709679cc0c377576ad82d481e59f273 Mon Sep 17 00:00:00 2001 From: Olivier Raginel Date: Fri, 19 Apr 2024 11:27:46 -0700 Subject: [PATCH] Run NoOwnerGroupRoot on the entire codebase: core Summary: Just run the previous diff on `core` base to clean everything up ``` $ hg show | grep '^[-+] ' | grep -vEe "^- *(owner|group) *'root'\$" -e '^\+ *(owner|group) *node.root_(user|group)$' ``` So it literally just changes what it's supposed to. Differential Revision: D56178482 fbshipit-source-id: c1697841b5188450240b02a3750bd281e837bd1f --- cookbooks/fb_apache/recipes/default.rb | 28 +++++++++---------- cookbooks/fb_apcupsd/recipes/default.rb | 8 +++--- cookbooks/fb_apcupsd/recipes/frontend.rb | 4 +-- cookbooks/fb_apt/recipes/default.rb | 8 +++--- cookbooks/fb_apt/resources/sources_list.rb | 4 +-- cookbooks/fb_apt_cacher/recipes/default.rb | 8 +++--- cookbooks/fb_chrony/recipes/default.rb | 4 +-- cookbooks/fb_collectd/recipes/default.rb | 8 +++--- cookbooks/fb_collectd/recipes/frontend.rb | 4 +-- cookbooks/fb_consul/recipes/default.rb | 26 ++++++++--------- cookbooks/fb_cron/recipes/default.rb | 20 ++++++------- cookbooks/fb_dbus/recipes/default.rb | 8 +++--- cookbooks/fb_dnf/recipes/default.rb | 4 +-- cookbooks/fb_dnf/resources/modularity.rb | 8 +++--- cookbooks/fb_dnsmasq/recipes/default.rb | 4 +-- cookbooks/fb_dracut/recipes/default.rb | 4 +-- cookbooks/fb_e2fsprogs/recipes/default.rb | 4 +-- cookbooks/fb_ebtables/recipes/default.rb | 4 +-- cookbooks/fb_fstab/recipes/default.rb | 8 +++--- cookbooks/fb_grub/recipes/config.rb | 24 ++++++++-------- cookbooks/fb_hddtemp/recipes/default.rb | 4 +-- cookbooks/fb_hostconf/recipes/default.rb | 4 +-- cookbooks/fb_hostname/recipes/default.rb | 4 +-- cookbooks/fb_iproute/recipes/rt_protos.rb | 12 ++++---- cookbooks/fb_ipset/recipes/default.rb | 8 +++--- cookbooks/fb_ipset/resources/default.rb | 4 +-- cookbooks/fb_iptables/recipes/default.rb | 24 ++++++++-------- cookbooks/fb_kernel/recipes/bls.rb | 8 +++--- cookbooks/fb_kernel/resources/bls_entries.rb | 4 +-- cookbooks/fb_ldconfig/recipes/default.rb | 8 +++--- cookbooks/fb_logrotate/recipes/default.rb | 20 ++++++------- cookbooks/fb_mlocate/recipes/default.rb | 4 +-- cookbooks/fb_modprobe/recipes/default.rb | 20 ++++++------- cookbooks/fb_motd/resources/update_motd.rb | 4 +-- .../fb_network_scripts/recipes/default.rb | 16 +++++------ .../resources/redhat_interface.rb | 4 +-- cookbooks/fb_networkd/recipes/default.rb | 4 +-- cookbooks/fb_nscd/recipes/default.rb | 4 +-- cookbooks/fb_nsswitch/recipes/default.rb | 4 +-- cookbooks/fb_postfix/recipes/default.rb | 24 ++++++++-------- cookbooks/fb_profile/recipes/default.rb | 4 +-- cookbooks/fb_reprepro/recipes/default.rb | 8 +++--- cookbooks/fb_resolv/recipes/default.rb | 4 +-- cookbooks/fb_rpm/recipes/default.rb | 8 +++--- cookbooks/fb_rsync/recipes/secure_client.rb | 4 +-- cookbooks/fb_rsync/recipes/secure_server.rb | 4 +-- cookbooks/fb_rsync/recipes/server.rb | 8 +++--- cookbooks/fb_securetty/recipes/default.rb | 4 +-- cookbooks/fb_storage/recipes/default.rb | 24 ++++++++-------- cookbooks/fb_stunnel/recipes/default.rb | 16 +++++------ cookbooks/fb_swap/recipes/before_fb_fstab.rb | 12 ++++---- cookbooks/fb_sysfs/recipes/default.rb | 8 +++--- cookbooks/fb_systemd/recipes/boot.rb | 12 ++++---- cookbooks/fb_systemd/recipes/default.rb | 28 +++++++++---------- .../fb_systemd/recipes/journal-remote.rb | 4 +-- .../fb_systemd/recipes/journal-upload.rb | 4 +-- cookbooks/fb_systemd/recipes/journald.rb | 4 +-- cookbooks/fb_systemd/recipes/logind.rb | 4 +-- cookbooks/fb_systemd/recipes/resolved.rb | 4 +-- cookbooks/fb_systemd/recipes/timesyncd.rb | 4 +-- cookbooks/fb_systemd/recipes/udevd.rb | 16 +++++------ .../fb_systemd/resources/loader_entries.rb | 4 +-- cookbooks/fb_systemd/resources/override.rb | 8 +++--- cookbooks/fb_timers/recipes/default.rb | 12 ++++---- cookbooks/fb_timers/resources/setup.rb | 8 +++--- cookbooks/fb_vsftpd/recipes/default.rb | 12 ++++---- cookbooks/fb_yum_repos/recipes/default.rb | 4 +-- cookbooks/fb_yum_repos/resources/default.rb | 4 +-- 68 files changed, 305 insertions(+), 305 deletions(-) diff --git a/cookbooks/fb_apache/recipes/default.rb b/cookbooks/fb_apache/recipes/default.rb index 1b79716d1..2dc152d29 100644 --- a/cookbooks/fb_apache/recipes/default.rb +++ b/cookbooks/fb_apache/recipes/default.rb @@ -118,16 +118,16 @@ template sysconfig do source 'sysconfig.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[apache]' end [moddir, sitesdir, confdir].uniq.each do |dir| directory dir do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end end @@ -155,32 +155,32 @@ template "#{moddir}/fb_modules.conf" do not_if { node.centos6? } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :verify, 'fb_apache_verify_configs[doit]', :before notifies :restart, 'service[apache]' end template "#{sitesdir}/fb_sites.conf" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :verify, 'fb_apache_verify_configs[doit]', :before notifies :reload, 'service[apache]' end template "#{confdir}/fb_apache.conf" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :verify, 'fb_apache_verify_configs[doit]', :before notifies :reload, 'service[apache]' end template "#{moddir}/00-mpm.conf" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # MPM cannot be changed on reload, only restart notifies :verify, 'fb_apache_verify_configs[doit]', :before @@ -190,8 +190,8 @@ # We want to collect apache stats template "#{confdir}/status.conf" do source 'status.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables(:location => '/server-status') notifies :verify, 'fb_apache_verify_configs[doit]', :before diff --git a/cookbooks/fb_apcupsd/recipes/default.rb b/cookbooks/fb_apcupsd/recipes/default.rb index 9452c0e1d..17ed6de2a 100644 --- a/cookbooks/fb_apcupsd/recipes/default.rb +++ b/cookbooks/fb_apcupsd/recipes/default.rb @@ -34,16 +34,16 @@ cookbook_file '/etc/default/apcupsd' do only_if { node.debian? || node.ubuntu? } source 'apcupsd' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[apcupsd]' end template '/etc/apcupsd/apcupsd.conf' do source 'apcupsd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[apcupsd]' end diff --git a/cookbooks/fb_apcupsd/recipes/frontend.rb b/cookbooks/fb_apcupsd/recipes/frontend.rb index 709107d5f..c89b8ab53 100644 --- a/cookbooks/fb_apcupsd/recipes/frontend.rb +++ b/cookbooks/fb_apcupsd/recipes/frontend.rb @@ -24,7 +24,7 @@ template '/etc/apcupsd/hosts.conf' do source 'hosts.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_apt/recipes/default.rb b/cookbooks/fb_apt/recipes/default.rb index 85f0dbcbc..b299bda2d 100644 --- a/cookbooks/fb_apt/recipes/default.rb +++ b/cookbooks/fb_apt/recipes/default.rb @@ -47,8 +47,8 @@ # clobber that as several packages will drop configs there. template '/etc/apt/apt.conf' do source 'apt.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, 'execute[apt-get update]' end @@ -63,8 +63,8 @@ template '/etc/apt/preferences' do source 'preferences.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_apt/resources/sources_list.rb b/cookbooks/fb_apt/resources/sources_list.rb index bfacae3de..344a47071 100644 --- a/cookbooks/fb_apt/resources/sources_list.rb +++ b/cookbooks/fb_apt/resources/sources_list.rb @@ -82,8 +82,8 @@ template '/etc/apt/sources.list' do source 'sources.list.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end end diff --git a/cookbooks/fb_apt_cacher/recipes/default.rb b/cookbooks/fb_apt_cacher/recipes/default.rb index fa8c3ad5f..dd11b94e1 100644 --- a/cookbooks/fb_apt_cacher/recipes/default.rb +++ b/cookbooks/fb_apt_cacher/recipes/default.rb @@ -37,16 +37,16 @@ template '/etc/default/apt-cacher-ng' do source 'apt-cacher-ng.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[apt-cacher-ng]' end template '/etc/apt-cacher-ng/acng.conf' do source 'acng.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :section => 'config', diff --git a/cookbooks/fb_chrony/recipes/default.rb b/cookbooks/fb_chrony/recipes/default.rb index d2d68ff11..8e9ba5609 100644 --- a/cookbooks/fb_chrony/recipes/default.rb +++ b/cookbooks/fb_chrony/recipes/default.rb @@ -44,8 +44,8 @@ template 'chrony.conf' do path chrony_conf source 'chrony.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[chrony]' end diff --git a/cookbooks/fb_collectd/recipes/default.rb b/cookbooks/fb_collectd/recipes/default.rb index da504e083..279f09ee4 100644 --- a/cookbooks/fb_collectd/recipes/default.rb +++ b/cookbooks/fb_collectd/recipes/default.rb @@ -40,8 +40,8 @@ template '/etc/default/collectd' do only_if { node['platform_family'] == 'debian' } source 'collectd.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[collectd]' end @@ -54,8 +54,8 @@ template conf do source 'collectd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[collectd]' end diff --git a/cookbooks/fb_collectd/recipes/frontend.rb b/cookbooks/fb_collectd/recipes/frontend.rb index 805f84c1a..917e03faf 100644 --- a/cookbooks/fb_collectd/recipes/frontend.rb +++ b/cookbooks/fb_collectd/recipes/frontend.rb @@ -37,7 +37,7 @@ template conf do source 'collection.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_consul/recipes/default.rb b/cookbooks/fb_consul/recipes/default.rb index b6058c86c..212cae9e0 100644 --- a/cookbooks/fb_consul/recipes/default.rb +++ b/cookbooks/fb_consul/recipes/default.rb @@ -58,28 +58,28 @@ end path lazy { node['fb_consul']['config']['data_dir'] } owner 'consul' - group 'root' + group node.root_group mode '0770' end directory '/etc/consul' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end cookbook_file '/etc/default/consul' do source 'consul.default' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end cookbook_file '/etc/consul/consul-agent-ca.pem' do # rubocop:disable Chef/Meta/AvoidCookbookProperty only_if { node['fb_consul']['certificate_cookbook'] } cookbook lazy { node['fb_consul']['certificate_cookbook'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[consul]' end @@ -91,7 +91,7 @@ end cookbook lazy { node['fb_consul']['certificate_cookbook'] } owner 'consul' - group 'root' + group node.root_group mode '0600' notifies :restart, 'service[consul]' end @@ -103,8 +103,8 @@ end cookbook lazy { node['fb_consul']['certificate_cookbook'] } source "consul-server-#{node['hostname']}.pem" - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[consul]' end @@ -117,7 +117,7 @@ cookbook lazy { node['fb_consul']['certificate_cookbook'] } source "consul-server-key-#{node['hostname']}.pem" owner 'consul' - group 'root' + group node.root_group mode '0600' notifies :restart, 'service[consul]' end @@ -137,8 +137,8 @@ end template '/etc/consul/consul.json' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' source 'consul.json.erb' verify '/usr/bin/consul validate %{path}' diff --git a/cookbooks/fb_cron/recipes/default.rb b/cookbooks/fb_cron/recipes/default.rb index a831f9b70..a0709f49a 100644 --- a/cookbooks/fb_cron/recipes/default.rb +++ b/cookbooks/fb_cron/recipes/default.rb @@ -94,16 +94,16 @@ node['fb_cron']['_crontab_path'] } source 'fb_crontab.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end template '/etc/anacrontab' do only_if { node['platform_family'] == 'rhel' } source 'anacrontab.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end @@ -114,8 +114,8 @@ if envfile template envfile do source 'crond_env.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[cron]' end @@ -142,16 +142,16 @@ cookbook_file '/usr/local/bin/exclusive_cron.sh' do source 'exclusive_cron.sh' - owner 'root' - group 0 + owner node.root_user + group node.root_group mode '0755' end if node.macos? cookbook_file '/usr/local/bin/osx_make_crond.sh' do source 'osx_make_crond.sh' - owner 'root' - group 0 + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_dbus/recipes/default.rb b/cookbooks/fb_dbus/recipes/default.rb index 5508a0095..f6c15b101 100644 --- a/cookbooks/fb_dbus/recipes/default.rb +++ b/cookbooks/fb_dbus/recipes/default.rb @@ -40,16 +40,16 @@ directory '/usr/lib/systemd/scripts' do only_if { node['fb_dbus']['implementation'] == 'dbus-daemon' } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end # Drop in override to force a daemon-reload when dbus restarts (#10321854) cookbook_file '/usr/lib/systemd/scripts/dbus-restart-hack.sh' do only_if { node['fb_dbus']['implementation'] == 'dbus-daemon' } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_dnf/recipes/default.rb b/cookbooks/fb_dnf/recipes/default.rb index 899c85ad3..8f4140b68 100644 --- a/cookbooks/fb_dnf/recipes/default.rb +++ b/cookbooks/fb_dnf/recipes/default.rb @@ -29,8 +29,8 @@ include_recipe 'fb_yum_repos' directory '/etc/dnf' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_dnf/resources/modularity.rb b/cookbooks/fb_dnf/resources/modularity.rb index 52c1582db..d79984359 100644 --- a/cookbooks/fb_dnf/resources/modularity.rb +++ b/cookbooks/fb_dnf/resources/modularity.rb @@ -24,8 +24,8 @@ node['fb_dnf']['modules'].each do |name, mod| template "#{DEFAULTS_DIR}/#{name}.yaml" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' source 'fb_modules.yaml.erb' variables({ :name => name, :module => mod }) @@ -37,8 +37,8 @@ "for module '#{name}'" end template "#{MODS_DIR}/#{name}.module" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' source 'fb_modules.module.erb' variables({ :name => name, :module => mod }) diff --git a/cookbooks/fb_dnsmasq/recipes/default.rb b/cookbooks/fb_dnsmasq/recipes/default.rb index 5f0030bd1..9d7ce39ba 100644 --- a/cookbooks/fb_dnsmasq/recipes/default.rb +++ b/cookbooks/fb_dnsmasq/recipes/default.rb @@ -28,8 +28,8 @@ template '/etc/dnsmasq.conf' do source 'dnsmasq.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' verify 'dnsmasq --test -C %{path}' notifies :restart, 'service[dnsmasq]' diff --git a/cookbooks/fb_dracut/recipes/default.rb b/cookbooks/fb_dracut/recipes/default.rb index dd2cee7f4..60069f05f 100644 --- a/cookbooks/fb_dracut/recipes/default.rb +++ b/cookbooks/fb_dracut/recipes/default.rb @@ -27,8 +27,8 @@ template '/etc/dracut.conf.d/ZZ-chef.conf' do not_if { node['fb_dracut']['disable'] } source 'dracut.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, 'execute[rebuild all initramfs]' end diff --git a/cookbooks/fb_e2fsprogs/recipes/default.rb b/cookbooks/fb_e2fsprogs/recipes/default.rb index b5200d13a..1ed3bdb78 100644 --- a/cookbooks/fb_e2fsprogs/recipes/default.rb +++ b/cookbooks/fb_e2fsprogs/recipes/default.rb @@ -29,8 +29,8 @@ }.each do |cmd| template "/etc/#{cmd}.conf" do source 'e2fsprogs.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :command => cmd, diff --git a/cookbooks/fb_ebtables/recipes/default.rb b/cookbooks/fb_ebtables/recipes/default.rb index 9233f5599..1002cd3aa 100644 --- a/cookbooks/fb_ebtables/recipes/default.rb +++ b/cookbooks/fb_ebtables/recipes/default.rb @@ -40,7 +40,7 @@ template '/etc/sysconfig/ebtables-config' do source 'ebtables-config.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0600' end diff --git a/cookbooks/fb_fstab/recipes/default.rb b/cookbooks/fb_fstab/recipes/default.rb index 4d271a4bb..28b9e319c 100644 --- a/cookbooks/fb_fstab/recipes/default.rb +++ b/cookbooks/fb_fstab/recipes/default.rb @@ -26,8 +26,8 @@ # ensure permissions file FB::Fstab::BASE_FILENAME do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0444' end @@ -110,8 +110,8 @@ template '/etc/fstab' do source 'fstab.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # On systemd hosts we use the generated mount units to mount filesystems # so it's important we ask it to regenerate them when we edit fstab diff --git a/cookbooks/fb_grub/recipes/config.rb b/cookbooks/fb_grub/recipes/config.rb index 4e36d0885..136ffa054 100644 --- a/cookbooks/fb_grub/recipes/config.rb +++ b/cookbooks/fb_grub/recipes/config.rb @@ -24,15 +24,15 @@ directory 'efi_vendor_dir' do # rubocop:disable Chef/Meta/RequireOwnerGroupMode mode is controlled by mount options only_if { node.efi? } path lazy { node['fb_grub']['_efi_vendor_dir'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group end # GRUB 1 directory grub_base_dir do only_if { node['fb_grub']['version'] == 1 } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -43,8 +43,8 @@ end path lazy { node['fb_grub']['_grub_config'] } source 'grub.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode node.efi? ? '0700' : '0644' end @@ -57,16 +57,16 @@ end path '/boot/grub/grub.conf' source 'grub.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode node.efi? ? '0700' : '0644' end # GRUB 2 directory grub2_base_dir do only_if { node['fb_grub']['version'] == 2 } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -89,8 +89,8 @@ end path lazy { node['fb_grub']["_grub2_config_#{type}"] } source 'grub2.cfg.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group # No "mode" for EFI since mode is determined by mount options, # not files if type == 'bios' diff --git a/cookbooks/fb_hddtemp/recipes/default.rb b/cookbooks/fb_hddtemp/recipes/default.rb index e9c069fe6..ba148d828 100644 --- a/cookbooks/fb_hddtemp/recipes/default.rb +++ b/cookbooks/fb_hddtemp/recipes/default.rb @@ -34,8 +34,8 @@ template "#{sysconfig}/hddtemp" do source 'hddtemp.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[hddtemp]' end diff --git a/cookbooks/fb_hostconf/recipes/default.rb b/cookbooks/fb_hostconf/recipes/default.rb index 5f798ef9a..e7f338b42 100644 --- a/cookbooks/fb_hostconf/recipes/default.rb +++ b/cookbooks/fb_hostconf/recipes/default.rb @@ -21,7 +21,7 @@ template '/etc/host.conf' do only_if { node.centos? } source 'host.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_hostname/recipes/default.rb b/cookbooks/fb_hostname/recipes/default.rb index ab2b8272a..33ac0229b 100644 --- a/cookbooks/fb_hostname/recipes/default.rb +++ b/cookbooks/fb_hostname/recipes/default.rb @@ -47,8 +47,8 @@ file '/etc/hostname' do only_if { node.linux? && node['fb_hostname']['hostname'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' content lazy { node['fb_hostname']['hostname'] } end diff --git a/cookbooks/fb_iproute/recipes/rt_protos.rb b/cookbooks/fb_iproute/recipes/rt_protos.rb index 1802677ca..d0219852e 100644 --- a/cookbooks/fb_iproute/recipes/rt_protos.rb +++ b/cookbooks/fb_iproute/recipes/rt_protos.rb @@ -21,16 +21,16 @@ directory '/etc/iproute2' do only_if { node['fb_iproute']['rt_protos_ids'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' action :create end directory rt_protos_d_dir do only_if { node['fb_iproute']['rt_protos_ids'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' action :create end @@ -38,7 +38,7 @@ template "#{rt_protos_d_dir}/chef.conf" do only_if { node['fb_iproute']['rt_protos_ids'] } source 'rt_protos.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_ipset/recipes/default.rb b/cookbooks/fb_ipset/recipes/default.rb index 87c991ee7..b9b67df12 100644 --- a/cookbooks/fb_ipset/recipes/default.rb +++ b/cookbooks/fb_ipset/recipes/default.rb @@ -28,8 +28,8 @@ cookbook_file '/etc/init.d/ipset' do only_if { node['fb_ipset']['enable'] } source 'ipset-init' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -46,8 +46,8 @@ end directory '/etc/ipset' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_ipset/resources/default.rb b/cookbooks/fb_ipset/resources/default.rb index dd42c24b8..6523edd4a 100644 --- a/cookbooks/fb_ipset/resources/default.rb +++ b/cookbooks/fb_ipset/resources/default.rb @@ -26,8 +26,8 @@ def ipset_save(state_file) ipset_save_output.run_command.error! file state_file do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0600' content ipset_save_output.stdout end diff --git a/cookbooks/fb_iptables/recipes/default.rb b/cookbooks/fb_iptables/recipes/default.rb index fb97aa337..b2df72224 100644 --- a/cookbooks/fb_iptables/recipes/default.rb +++ b/cookbooks/fb_iptables/recipes/default.rb @@ -74,8 +74,8 @@ ## iptables ## template '/etc/fb_iptables.conf' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :iptables_config_dir => iptables_config_dir, @@ -87,22 +87,22 @@ # DO NOT MAKE THIS A TEMPLATE! USE THE CONFIG FILE TEMPLATED ABOVE!! cookbook_file '/usr/sbin/fb_iptables_reload' do source 'fb_iptables_reload.sh' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end template "#{iptables_config_dir}/iptables-config" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0640' variables(:ipversion => 4) end template iptables_rules do source 'iptables.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0640' variables(:ip => 4) verify do |path| @@ -123,16 +123,16 @@ template "#{iptables_config_dir}/ip6tables-config" do source 'iptables-config.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0640' variables(:ipversion => 6) end template ip6tables_rules do source 'iptables.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0640' variables(:ip => 6) verify do |path| diff --git a/cookbooks/fb_kernel/recipes/bls.rb b/cookbooks/fb_kernel/recipes/bls.rb index 89c5d2a04..b7238173a 100644 --- a/cookbooks/fb_kernel/recipes/bls.rb +++ b/cookbooks/fb_kernel/recipes/bls.rb @@ -21,16 +21,16 @@ directory 'loader' do only_if { node['fb_kernel']['manage_bls_configs'] } path lazy { File.join(node['fb_kernel']['boot_path'], 'loader') } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end directory 'loader/entries' do only_if { node['fb_kernel']['manage_bls_configs'] } path lazy { File.join(node['fb_kernel']['boot_path'], 'loader', 'entries') } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_kernel/resources/bls_entries.rb b/cookbooks/fb_kernel/resources/bls_entries.rb index 75eae04cb..d02007bf4 100644 --- a/cookbooks/fb_kernel/resources/bls_entries.rb +++ b/cookbooks/fb_kernel/resources/bls_entries.rb @@ -27,8 +27,8 @@ template bls_entry do source 'bls-entry.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :kernel => name, diff --git a/cookbooks/fb_ldconfig/recipes/default.rb b/cookbooks/fb_ldconfig/recipes/default.rb index 9eb6867bf..44bd053de 100644 --- a/cookbooks/fb_ldconfig/recipes/default.rb +++ b/cookbooks/fb_ldconfig/recipes/default.rb @@ -29,8 +29,8 @@ cookbook_file '/etc/ld.so.conf' do source 'ld.so.conf' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # immediately because stuff in the run probably needs this notifies :run, 'execute[ldconfig]', :immediately @@ -38,8 +38,8 @@ template '/etc/ld.so.conf.d/chef.conf' do source 'ld.so.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # immediately because stuff in the run probably needs this notifies :run, 'execute[ldconfig]', :immediately diff --git a/cookbooks/fb_logrotate/recipes/default.rb b/cookbooks/fb_logrotate/recipes/default.rb index 3c0cd08b5..f467885f7 100644 --- a/cookbooks/fb_logrotate/recipes/default.rb +++ b/cookbooks/fb_logrotate/recipes/default.rb @@ -109,8 +109,8 @@ template '/etc/logrotate.d/fb_logrotate.conf' do source 'fb_logrotate.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end @@ -131,8 +131,8 @@ template service_logrotate do source 'logrotate.service.erb' mode '0644' - owner 'root' - group 'root' + owner node.root_user + group node.root_group notifies :run, 'execute[logrotate reload systemd]', :immediately end @@ -140,8 +140,8 @@ template timer_logrotate do source 'logrotate.timer.erb' mode '0644' - owner 'root' - group 'root' + owner node.root_user + group node.root_group notifies :run, 'execute[logrotate reload systemd]', :immediately end @@ -161,15 +161,15 @@ template cron_logrotate do source 'logrotate_rpm_cron_override.erb' mode '0755' - owner 'root' - group 'root' + owner node.root_user + group node.root_group end else # Fall back to the job RPM comes with CentOS7 RPM cookbook_file cron_logrotate do source 'logrotate.cron.daily' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' action :create end diff --git a/cookbooks/fb_mlocate/recipes/default.rb b/cookbooks/fb_mlocate/recipes/default.rb index a302bb9e3..366c41058 100644 --- a/cookbooks/fb_mlocate/recipes/default.rb +++ b/cookbooks/fb_mlocate/recipes/default.rb @@ -34,8 +34,8 @@ template conf_path do only_if { node['fb_mlocate']['want_mlocate'] } source 'updatedb.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' action :create end diff --git a/cookbooks/fb_modprobe/recipes/default.rb b/cookbooks/fb_modprobe/recipes/default.rb index cbeb6ce98..cf7404d30 100644 --- a/cookbooks/fb_modprobe/recipes/default.rb +++ b/cookbooks/fb_modprobe/recipes/default.rb @@ -25,8 +25,8 @@ end directory '/etc/modprobe.d' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -41,32 +41,32 @@ template '/etc/modprobe.d/fb_modprobe.conf' do source 'fb_modprobe.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end if node.systemd? template '/etc/modules-load.d/chef.conf' do source 'modules-load.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, 'execute[load modules]' end else directory '/etc/sysconfig/modules' do only_if { node.centos? && !node.systemd? } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end template '/etc/sysconfig/modules/fb.modules' do only_if { node.centos? && !node.systemd? } source 'fb.modules.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end end diff --git a/cookbooks/fb_motd/resources/update_motd.rb b/cookbooks/fb_motd/resources/update_motd.rb index b327e8008..092c537a3 100644 --- a/cookbooks/fb_motd/resources/update_motd.rb +++ b/cookbooks/fb_motd/resources/update_motd.rb @@ -41,8 +41,8 @@ end file motd do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode allow ? '0755' : '0644' end end diff --git a/cookbooks/fb_network_scripts/recipes/default.rb b/cookbooks/fb_network_scripts/recipes/default.rb index a5825dc9b..bfdabbe0b 100644 --- a/cookbooks/fb_network_scripts/recipes/default.rb +++ b/cookbooks/fb_network_scripts/recipes/default.rb @@ -44,8 +44,8 @@ template '/etc/sysconfig/network' do only_if { ['rhel', 'fedora'].include?(node['platform_family']) } source 'network.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' if node.firstboot_any_phase? notifies :restart, 'service[network]' @@ -62,8 +62,8 @@ if node.centos? directory '/dev/net' do only_if { node['fb_network_scripts']['enable_tun'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -85,8 +85,8 @@ # Workaround for https://github.com/fedora-sysv/initscripts/issues/296 cookbook_file '/sbin/ifup-pre-local' do source 'ifup-pre-local' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -200,8 +200,8 @@ # the provider. template '/sbin/ifup-local' do source 'ifup-local.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' notifies :run, 'whyrun_safe_ruby_block[trigger re-run of ifup-local]', :immediately diff --git a/cookbooks/fb_network_scripts/resources/redhat_interface.rb b/cookbooks/fb_network_scripts/resources/redhat_interface.rb index 1746d32b9..11546bf36 100644 --- a/cookbooks/fb_network_scripts/resources/redhat_interface.rb +++ b/cookbooks/fb_network_scripts/resources/redhat_interface.rb @@ -208,8 +208,8 @@ def stop(interface) t.run_action(:create) t = template "#{ifcfg_file}-range" do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' source 'ifcfg-range.erb' variables({ diff --git a/cookbooks/fb_networkd/recipes/default.rb b/cookbooks/fb_networkd/recipes/default.rb index 37eab94c4..70877c715 100644 --- a/cookbooks/fb_networkd/recipes/default.rb +++ b/cookbooks/fb_networkd/recipes/default.rb @@ -74,8 +74,8 @@ if node.centos? directory '/dev/net' do only_if { node['fb_networkd']['enable_tun'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_nscd/recipes/default.rb b/cookbooks/fb_nscd/recipes/default.rb index ebda5d17d..124f60fc0 100644 --- a/cookbooks/fb_nscd/recipes/default.rb +++ b/cookbooks/fb_nscd/recipes/default.rb @@ -22,8 +22,8 @@ template '/etc/nscd.conf' do only_if { FB::Nscd.nscd_enabled?(node) } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' source 'nscd.conf.erb' notifies :restart, 'service[nscd]', :immediately diff --git a/cookbooks/fb_nsswitch/recipes/default.rb b/cookbooks/fb_nsswitch/recipes/default.rb index bf0f746b4..74d2b5552 100644 --- a/cookbooks/fb_nsswitch/recipes/default.rb +++ b/cookbooks/fb_nsswitch/recipes/default.rb @@ -20,7 +20,7 @@ template '/etc/nsswitch.conf' do source 'nsswitch.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_postfix/recipes/default.rb b/cookbooks/fb_postfix/recipes/default.rb index b06fda93c..9ec20be53 100644 --- a/cookbooks/fb_postfix/recipes/default.rb +++ b/cookbooks/fb_postfix/recipes/default.rb @@ -33,8 +33,8 @@ template '/etc/postfix/main.cf' do source 'main.cf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # We restart here instead of reloading because some main.cf changes require # a full restart (e.g. inet_interfaces) @@ -48,8 +48,8 @@ }.each do |file| template "/etc/postfix/#{file}" do source 'line_config.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :reload, 'service[postfix]' variables( @@ -73,8 +73,8 @@ template '/etc/postfix/aliases' do source 'aliases.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, "execute[postalias #{map_type}:/etc/postfix/aliases]", :immediately notifies :reload, 'service[postfix]' @@ -82,16 +82,16 @@ template '/etc/postfix/master.cf' do mode '0644' - owner 'root' - group 'root' + owner node.root_user + group node.root_group source 'master.cf.erb' notifies :restart, 'service[postfix]' end template '/etc/postfix/custom_headers.regexp' do mode '0644' - owner 'root' - group 'root' + owner node.root_user + group node.root_group source 'custom_headers.regexp.erb' notifies :reload, 'service[postfix]' end @@ -115,8 +115,8 @@ template text_map do source 'db_file.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group if text_map_rel == 'sasl_passwd' mode '0600' sensitive true diff --git a/cookbooks/fb_profile/recipes/default.rb b/cookbooks/fb_profile/recipes/default.rb index 1d4df3540..52dbefa2b 100644 --- a/cookbooks/fb_profile/recipes/default.rb +++ b/cookbooks/fb_profile/recipes/default.rb @@ -41,8 +41,8 @@ # So this is the bashrc from debian/ubuntu with that extra bit in there if node.debian? || node.ubuntu? cookbook_file '/etc/bash.bashrc' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' source 'debian.bashrc' end diff --git a/cookbooks/fb_reprepro/recipes/default.rb b/cookbooks/fb_reprepro/recipes/default.rb index e1ce12b94..7be1d480b 100644 --- a/cookbooks/fb_reprepro/recipes/default.rb +++ b/cookbooks/fb_reprepro/recipes/default.rb @@ -76,8 +76,8 @@ "#{node['fb_reprepro']['options']['basedir']}/conf/#{conffile}" end source 'config.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => conffile, @@ -91,7 +91,7 @@ "#{node['fb_reprepro']['options']['basedir']}/conf/options" end source 'options.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_resolv/recipes/default.rb b/cookbooks/fb_resolv/recipes/default.rb index 76ee0a435..40158984a 100644 --- a/cookbooks/fb_resolv/recipes/default.rb +++ b/cookbooks/fb_resolv/recipes/default.rb @@ -24,7 +24,7 @@ template '/etc/resolv.conf' do source 'resolv.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_rpm/recipes/default.rb b/cookbooks/fb_rpm/recipes/default.rb index 126d809ee..1636e8986 100644 --- a/cookbooks/fb_rpm/recipes/default.rb +++ b/cookbooks/fb_rpm/recipes/default.rb @@ -25,8 +25,8 @@ include_recipe 'fb_rpm::packages' directory '/etc/rpm' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -40,8 +40,8 @@ template '/etc/rpm/macros' do source 'macros.erb' variables :overrides => {} - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_rsync/recipes/secure_client.rb b/cookbooks/fb_rsync/recipes/secure_client.rb index 335966bc5..84fc659fa 100644 --- a/cookbooks/fb_rsync/recipes/secure_client.rb +++ b/cookbooks/fb_rsync/recipes/secure_client.rb @@ -22,8 +22,8 @@ include_recipe 'fb_rsync::stunnel' template '/usr/local/libexec/rsync-ssl-stunnel' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' source 'rsync-ssl-stunnel.erb' end diff --git a/cookbooks/fb_rsync/recipes/secure_server.rb b/cookbooks/fb_rsync/recipes/secure_server.rb index 16f774b9b..35fc05452 100644 --- a/cookbooks/fb_rsync/recipes/secure_server.rb +++ b/cookbooks/fb_rsync/recipes/secure_server.rb @@ -48,10 +48,10 @@ end template '/etc/stunnel/stunnel_rsyncd.conf' do - group 'root' + group node.root_group mode '0644' notifies :restart, 'service[stunnel_rsyncd start]' - owner 'root' + owner node.root_user source 'stunnel_rsyncd.conf.erb' end diff --git a/cookbooks/fb_rsync/recipes/server.rb b/cookbooks/fb_rsync/recipes/server.rb index 21785b4c5..f23456aee 100644 --- a/cookbooks/fb_rsync/recipes/server.rb +++ b/cookbooks/fb_rsync/recipes/server.rb @@ -24,18 +24,18 @@ # In lieu of running rsync via xinetd we use a simple init script cookbook_file '/etc/init.d/rsyncd' do not_if { node.systemd? } - group 'root' + group node.root_group mode '0755' - owner 'root' + owner node.root_user source 'rsyncd.init' end # This is the default config everywhere template '/etc/rsyncd.conf' do - group 'root' + group node.root_group mode '0644' notifies :restart, 'service[rsyncd start]' - owner 'root' + owner node.root_user source 'rsyncd.conf.erb' end diff --git a/cookbooks/fb_securetty/recipes/default.rb b/cookbooks/fb_securetty/recipes/default.rb index f94aea95d..91ca62e2e 100644 --- a/cookbooks/fb_securetty/recipes/default.rb +++ b/cookbooks/fb_securetty/recipes/default.rb @@ -20,7 +20,7 @@ template '/etc/securetty' do source 'securetty.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0600' end diff --git a/cookbooks/fb_storage/recipes/default.rb b/cookbooks/fb_storage/recipes/default.rb index b5c284e87..97420d307 100644 --- a/cookbooks/fb_storage/recipes/default.rb +++ b/cookbooks/fb_storage/recipes/default.rb @@ -20,22 +20,22 @@ cookbook_file '/sbin/mount.rtxfs' do only_if { node.centos? } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end # fsck for XFS with realtime devices (rtxfs filesystem type) cookbook_file '/sbin/fsck.rtxfs' do only_if { node.centos? } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end directory FB::Storage::REPLACED_DISKS_DIR do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -47,8 +47,8 @@ /run/systemd/system-generators }.each do |dir| directory dir do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end end @@ -236,14 +236,14 @@ # and we've been asked to create this node['fb_storage']['manage_mdadm_conf'] end - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end file '/var/chef/storage_api_active' do not_if { node['fb_storage']['devices'].empty? } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end diff --git a/cookbooks/fb_stunnel/recipes/default.rb b/cookbooks/fb_stunnel/recipes/default.rb index 09e23f28c..3eb2cd24f 100644 --- a/cookbooks/fb_stunnel/recipes/default.rb +++ b/cookbooks/fb_stunnel/recipes/default.rb @@ -37,22 +37,22 @@ if node.centos? && node.systemd? cookbook_file '/etc/systemd/system/stunnel.service' do source 'stunnel.service' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, 'fb_systemd_reload[system instance]', :immediately end end directory '/etc/stunnel' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end template '/etc/stunnel/fb_tunnel.conf' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[stunnel]' end @@ -68,8 +68,8 @@ template sysconfig do source 'sysconfig.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[stunnel]' end diff --git a/cookbooks/fb_swap/recipes/before_fb_fstab.rb b/cookbooks/fb_swap/recipes/before_fb_fstab.rb index c9a71f561..ab6c39bfc 100644 --- a/cookbooks/fb_swap/recipes/before_fb_fstab.rb +++ b/cookbooks/fb_swap/recipes/before_fb_fstab.rb @@ -35,8 +35,8 @@ template '/usr/local/libexec/manage-additional-swap-file' do source 'manage-additional-swap-file.sh.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group # read/execute for root, read only for everyone else. mode '0544' notifies :run, 'execute[manage-additional-swap-file]', :immediately @@ -81,8 +81,8 @@ manage_unit = "manage-swap-#{type}.service" template "/etc/systemd/system/#{manage_unit}" do source "#{manage_unit}.erb" - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, 'fb_systemd_reload[system instance]', :immediately notifies :restart, "service[#{manage_unit}]" @@ -148,8 +148,8 @@ template '/usr/local/libexec/manage-swap-file' do source 'manage-swap-file.sh.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group # read/execute for root, read only for everyone else. mode '0544' notifies :restart, 'service[manage-swap-file.service]', :immediately diff --git a/cookbooks/fb_sysfs/recipes/default.rb b/cookbooks/fb_sysfs/recipes/default.rb index 45b136059..ff982452e 100644 --- a/cookbooks/fb_sysfs/recipes/default.rb +++ b/cookbooks/fb_sysfs/recipes/default.rb @@ -1,7 +1,7 @@ template '/etc/sysfs_files_on_boot' do source 'sysfs_on_boot.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables(:resource_hash=> lazy { node['fb_sysfs']['_set_on_boot'] }) delayed_action :create @@ -10,8 +10,8 @@ template '/usr/local/bin/set_sysfs_on_boot.py' do source 'set_sysfs_on_boot.py.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' action :create end diff --git a/cookbooks/fb_systemd/recipes/boot.rb b/cookbooks/fb_systemd/recipes/boot.rb index 110c73401..a21522ea5 100644 --- a/cookbooks/fb_systemd/recipes/boot.rb +++ b/cookbooks/fb_systemd/recipes/boot.rb @@ -23,8 +23,8 @@ node['fb_systemd']['boot']['enable'] && node['fb_systemd']['boot']['path'] end path lazy { "#{node['fb_systemd']['boot']['path']}/loader" } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -34,8 +34,8 @@ end path lazy { "#{node['fb_systemd']['boot']['path']}/loader/loader.conf" } source 'loader.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end @@ -44,8 +44,8 @@ node['fb_systemd']['boot']['enable'] && node['fb_systemd']['boot']['path'] end path lazy { "#{node['fb_systemd']['boot']['path']}/loader/entries" } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_systemd/recipes/default.rb b/cookbooks/fb_systemd/recipes/default.rb index 2311c8087..31c2c0143 100644 --- a/cookbooks/fb_systemd/recipes/default.rb +++ b/cookbooks/fb_systemd/recipes/default.rb @@ -40,8 +40,8 @@ template '/etc/systemd/system.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'system', @@ -52,8 +52,8 @@ template '/etc/systemd/user.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'user', @@ -64,8 +64,8 @@ template '/etc/systemd/coredump.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'coredump', @@ -129,8 +129,8 @@ template '/etc/tmpfiles.d/chef.conf' do source 'tmpfiles.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :run, 'execute[process tmpfiles]', :immediately end @@ -141,22 +141,22 @@ end directory '/etc/systemd/system-preset' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end template '/etc/systemd/system-preset/00-fb_systemd.preset' do source 'preset.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' end directory '/etc/systemd/user/default.target.wants' do only_if { node['fb_systemd']['manage_default_target'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_systemd/recipes/journal-remote.rb b/cookbooks/fb_systemd/recipes/journal-remote.rb index e3996c9a3..ec583248e 100644 --- a/cookbooks/fb_systemd/recipes/journal-remote.rb +++ b/cookbooks/fb_systemd/recipes/journal-remote.rb @@ -20,8 +20,8 @@ template '/etc/systemd/journal-remote.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'journal-remote', diff --git a/cookbooks/fb_systemd/recipes/journal-upload.rb b/cookbooks/fb_systemd/recipes/journal-upload.rb index 87a926bb2..a694647d0 100644 --- a/cookbooks/fb_systemd/recipes/journal-upload.rb +++ b/cookbooks/fb_systemd/recipes/journal-upload.rb @@ -20,8 +20,8 @@ template '/etc/systemd/journal-upload.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'journal-upload', diff --git a/cookbooks/fb_systemd/recipes/journald.rb b/cookbooks/fb_systemd/recipes/journald.rb index 3bdfb5121..91bf5bf16 100644 --- a/cookbooks/fb_systemd/recipes/journald.rb +++ b/cookbooks/fb_systemd/recipes/journald.rb @@ -20,8 +20,8 @@ template '/etc/systemd/journald.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'journald', diff --git a/cookbooks/fb_systemd/recipes/logind.rb b/cookbooks/fb_systemd/recipes/logind.rb index a3a76d011..5e84cfb82 100644 --- a/cookbooks/fb_systemd/recipes/logind.rb +++ b/cookbooks/fb_systemd/recipes/logind.rb @@ -20,8 +20,8 @@ template '/etc/systemd/logind.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'logind', diff --git a/cookbooks/fb_systemd/recipes/resolved.rb b/cookbooks/fb_systemd/recipes/resolved.rb index 455907565..622e8ebb1 100644 --- a/cookbooks/fb_systemd/recipes/resolved.rb +++ b/cookbooks/fb_systemd/recipes/resolved.rb @@ -20,8 +20,8 @@ template '/etc/systemd/resolved.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'resolved', diff --git a/cookbooks/fb_systemd/recipes/timesyncd.rb b/cookbooks/fb_systemd/recipes/timesyncd.rb index 4e3056b22..4ba89ee8a 100644 --- a/cookbooks/fb_systemd/recipes/timesyncd.rb +++ b/cookbooks/fb_systemd/recipes/timesyncd.rb @@ -20,8 +20,8 @@ template '/etc/systemd/timesyncd.conf' do source 'systemd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :config => 'timesyncd', diff --git a/cookbooks/fb_systemd/recipes/udevd.rb b/cookbooks/fb_systemd/recipes/udevd.rb index b4560c54f..44012bdd1 100644 --- a/cookbooks/fb_systemd/recipes/udevd.rb +++ b/cookbooks/fb_systemd/recipes/udevd.rb @@ -42,15 +42,15 @@ end directory '/etc/udev/hwdb.d' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end template '/etc/udev/hwdb.d/00-chef.hwdb' do source 'hwdb.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # we use :immediately here because this is a critical service notifies :run, 'execute[update hwdb]', :immediately @@ -58,8 +58,8 @@ template '/etc/udev/udev.conf' do source 'udev.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # we use :immediately here because this is a critical service notifies :run, 'execute[reload udev]', :immediately @@ -71,8 +71,8 @@ template '/etc/udev/rules.d/99-chef.rules' do source 'rules.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # we use :immediately here because this is a critical service notifies :run, 'execute[reload udev]', :immediately diff --git a/cookbooks/fb_systemd/resources/loader_entries.rb b/cookbooks/fb_systemd/resources/loader_entries.rb index 0dc2a0948..794a1afc3 100644 --- a/cookbooks/fb_systemd/resources/loader_entries.rb +++ b/cookbooks/fb_systemd/resources/loader_entries.rb @@ -33,8 +33,8 @@ entries.each_key do |entry| template "#{esp_path}/loader/entries/fb_systemd_#{entry}.conf" do source 'loader-entry.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :entry => entry, diff --git a/cookbooks/fb_systemd/resources/override.rb b/cookbooks/fb_systemd/resources/override.rb index 59997db28..df77a8f0c 100644 --- a/cookbooks/fb_systemd/resources/override.rb +++ b/cookbooks/fb_systemd/resources/override.rb @@ -58,8 +58,8 @@ def get_reload_resource override_file = "#{FB::Systemd.sanitize(new_resource.override_name)}.conf" directory override_dir do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end @@ -71,8 +71,8 @@ def get_reload_resource cookbook 'fb_systemd' source 'systemd-override.conf.erb' end - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' # ... and rely on content to populate the override unless new_resource.source diff --git a/cookbooks/fb_timers/recipes/default.rb b/cookbooks/fb_timers/recipes/default.rb index d9363204e..7bd5a14a0 100644 --- a/cookbooks/fb_timers/recipes/default.rb +++ b/cookbooks/fb_timers/recipes/default.rb @@ -25,8 +25,8 @@ # The default timer location directory '/etc/systemd/timers' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' action :create end @@ -38,8 +38,8 @@ path lazy { node['fb_timers']['_timer_path'] } - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' action :create only_if do @@ -54,8 +54,8 @@ content "This directory is managed by the chef cookbook fb_timers.\n" + 'DO NOT put unit files here; they will be deleted.' mode '0644' - owner 'root' - group 'root' + owner node.root_user + group node.root_group end fb_timers_setup 'fb_timers system setup' diff --git a/cookbooks/fb_timers/resources/setup.rb b/cookbooks/fb_timers/resources/setup.rb index db5aa68e6..e4a01c670 100644 --- a/cookbooks/fb_timers/resources/setup.rb +++ b/cookbooks/fb_timers/resources/setup.rb @@ -140,8 +140,8 @@ template filename do source "#{type}.erb" mode '0644' - owner 'root' - group 'root' + owner node.root_user + group node.root_group # Use of variables within templates is heavily discouraged. # It's safe to use here since it's in a provider and isn't used # directly. @@ -180,8 +180,8 @@ FB::Version.new(node['packages']['systemd'][ 'version']) <= FB::Version.new('201') end - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_vsftpd/recipes/default.rb b/cookbooks/fb_vsftpd/recipes/default.rb index 1ebdb1877..67a077e74 100644 --- a/cookbooks/fb_vsftpd/recipes/default.rb +++ b/cookbooks/fb_vsftpd/recipes/default.rb @@ -39,16 +39,16 @@ template "#{prefix}/vsftpd.conf" do source 'vsftpd.conf.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[vsftpd]' end template "#{prefix}/ftpusers" do source 'ftpusers.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[vsftpd]' variables( @@ -58,8 +58,8 @@ template user_list do source 'ftpusers.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' notifies :restart, 'service[vsftpd]' variables( diff --git a/cookbooks/fb_yum_repos/recipes/default.rb b/cookbooks/fb_yum_repos/recipes/default.rb index 287d92a31..9b97ad32b 100644 --- a/cookbooks/fb_yum_repos/recipes/default.rb +++ b/cookbooks/fb_yum_repos/recipes/default.rb @@ -45,8 +45,8 @@ end directory '/etc/yum.repos.d' do - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0755' end diff --git a/cookbooks/fb_yum_repos/resources/default.rb b/cookbooks/fb_yum_repos/resources/default.rb index 65fc5726e..34c1669f9 100644 --- a/cookbooks/fb_yum_repos/resources/default.rb +++ b/cookbooks/fb_yum_repos/resources/default.rb @@ -46,8 +46,8 @@ template ::File.join(YUM_REPOS_D, "#{group}.repo") do source 'yum.repo.erb' - owner 'root' - group 'root' + owner node.root_user + group node.root_group mode '0644' variables( :group_name => group,