summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/User.hs
diff options
context:
space:
mode:
authorJoey Hess2015-12-06 14:24:44 -0400
committerJoey Hess2015-12-06 14:24:44 -0400
commit030f13f2d0501c9fb42c8f1efa0a15fa63c94d67 (patch)
treef81cbf9524d258daea72ab09866a6a8fe526c827 /src/Propellor/Property/User.hs
parent94f91a44810dc3a1eca95c843e3c444cbbe87006 (diff)
allow using `check` on a UncheckedProperty, which yields a Property
Diffstat (limited to 'src/Propellor/Property/User.hs')
-rw-r--r--src/Propellor/Property/User.hs56
1 files changed, 25 insertions, 31 deletions
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index 84d20e62..ea88a1b3 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -8,28 +8,26 @@ import qualified Propellor.Property.File as File
data Eep = YesReallyDeleteHome
accountFor :: User -> Property NoInfo
-accountFor user@(User u) = check nohomedir $
- cmdProperty "adduser"
+accountFor user@(User u) = check nohomedir go
+ `describe` ("account for " ++ u)
+ where
+ nohomedir = isNothing <$> catchMaybeIO (homedir user)
+ go = cmdProperty "adduser"
[ "--disabled-password"
, "--gecos", ""
, u
]
- `assume` MadeChange
- `describe` ("account for " ++ u)
- where
- nohomedir = isNothing <$> catchMaybeIO (homedir user)
-- | Removes user home directory!! Use with caution.
nuked :: User -> Eep -> Property NoInfo
-nuked user@(User u) _ = check hashomedir $
- cmdProperty "userdel"
+nuked user@(User u) _ = check hashomedir go
+ `describe` ("nuked user " ++ u)
+ where
+ hashomedir = isJust <$> catchMaybeIO (homedir user)
+ go = cmdProperty "userdel"
[ "-r"
, u
]
- `assume` MadeChange
- `describe` ("nuked user " ++ u)
- where
- hashomedir = isJust <$> catchMaybeIO (homedir user)
-- | Only ensures that the user has some password set. It may or may
-- not be a password from the PrivData.
@@ -83,13 +81,13 @@ chpasswd (User user) v ps = makeChange $ withHandle StdinHandle createProcessSuc
hClose h
lockedPassword :: User -> Property NoInfo
-lockedPassword user@(User u) = check (not <$> isLockedPassword user) $
- cmdProperty "passwd"
+lockedPassword user@(User u) = check (not <$> isLockedPassword user) go
+ `describe` ("locked " ++ u ++ " password")
+ where
+ go = cmdProperty "passwd"
[ "--lock"
, u
]
- `assume` MadeChange
- `describe` ("locked " ++ u ++ " password")
data PasswordStatus = NoPassword | LockedPassword | HasPassword
deriving (Eq)
@@ -109,15 +107,14 @@ homedir :: User -> IO FilePath
homedir (User user) = homeDirectory <$> getUserEntryForName user
hasGroup :: User -> Group -> Property NoInfo
-hasGroup (User user) (Group group') = check test $
- cmdProperty "adduser"
+hasGroup (User user) (Group group') = check test go
+ `describe` unwords ["user", user, "in group", group']
+ where
+ test = not . elem group' . words <$> readProcess "groups" [user]
+ go = cmdProperty "adduser"
[ user
, group'
]
- `assume` MadeChange
- `describe` unwords ["user", user, "in group", group']
- where
- test = not . elem group' . words <$> readProcess "groups" [user]
-- | Gives a user access to the secondary groups, including audio and
-- video, that the OS installer normally gives a desktop user access to.
@@ -150,13 +147,11 @@ hasDesktopGroups user@(User u) = property desc $ do
-- | Controls whether shadow passwords are enabled or not.
shadowConfig :: Bool -> Property NoInfo
-shadowConfig True = check (not <$> shadowExists) $
- cmdProperty "shadowconfig" ["on"]
- `assume` MadeChange
+shadowConfig True = check (not <$> shadowExists)
+ (cmdProperty "shadowconfig" ["on"])
`describe` "shadow passwords enabled"
-shadowConfig False = check shadowExists $
- cmdProperty "shadowconfig" ["off"]
- `assume` MadeChange
+shadowConfig False = check shadowExists
+ (cmdProperty "shadowconfig" ["off"])
`describe` "shadow passwords disabled"
shadowExists :: IO Bool
@@ -168,9 +163,8 @@ hasLoginShell :: User -> FilePath -> Property NoInfo
hasLoginShell user loginshell = shellSetTo user loginshell `requires` shellEnabled loginshell
shellSetTo :: User -> FilePath -> Property NoInfo
-shellSetTo (User u) loginshell = check needchangeshell $
- cmdProperty "chsh" ["--shell", loginshell, u]
- `assume` MadeChange
+shellSetTo (User u) loginshell = check needchangeshell
+ (cmdProperty "chsh" ["--shell", loginshell, u])
`describe` (u ++ " has login shell " ++ loginshell)
where
needchangeshell = do