summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/User.hs
diff options
context:
space:
mode:
authorJoey Hess2015-12-05 17:52:43 -0400
committerJoey Hess2015-12-05 17:53:16 -0400
commit12548bae3d8feecce6a322162d91b827289ae824 (patch)
tree45f5ec5131817aab5133c9c1e4dbcf3364953e76 /src/Propellor/Property/User.hs
parentb816e40e2618a8932144bceb7c7039adc5c44c11 (diff)
UncheckedProperty for cmdProperty et al
* Properties that run an arbitrary command, such as cmdProperty and scriptProperty are converted to use UncheckedProperty, since they cannot tell on their own if the command truely made a change or not. (API Change) Transition guide: - When GHC complains about an UncheckedProperty, add: `assume` MadeChange - Since these properties used to always return MadeChange, that change is always safe to make. - Or, if you know that the command should modifiy a file, use: `changesFile` filename * A few properties have had their Result improved, for example Apt.buldDep and Apt.autoRemove now check if a change was made or not.
Diffstat (limited to 'src/Propellor/Property/User.hs')
-rw-r--r--src/Propellor/Property/User.hs57
1 files changed, 36 insertions, 21 deletions
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index 564be82d..84d20e62 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -8,20 +8,28 @@ import qualified Propellor.Property.File as File
data Eep = YesReallyDeleteHome
accountFor :: User -> Property NoInfo
-accountFor user@(User u) = check (isNothing <$> catchMaybeIO (homedir user)) $ cmdProperty "adduser"
- [ "--disabled-password"
- , "--gecos", ""
- , u
- ]
- `describe` ("account for " ++ u)
+accountFor user@(User u) = check nohomedir $
+ cmdProperty "adduser"
+ [ "--disabled-password"
+ , "--gecos", ""
+ , u
+ ]
+ `assume` MadeChange
+ `describe` ("account for " ++ u)
+ where
+ nohomedir = isNothing <$> catchMaybeIO (homedir user)
-- | Removes user home directory!! Use with caution.
nuked :: User -> Eep -> Property NoInfo
-nuked user@(User u) _ = check (isJust <$> catchMaybeIO (homedir user)) $ cmdProperty "userdel"
- [ "-r"
- , u
- ]
- `describe` ("nuked user " ++ u)
+nuked user@(User u) _ = check hashomedir $
+ cmdProperty "userdel"
+ [ "-r"
+ , u
+ ]
+ `assume` MadeChange
+ `describe` ("nuked user " ++ u)
+ where
+ hashomedir = isJust <$> catchMaybeIO (homedir user)
-- | Only ensures that the user has some password set. It may or may
-- not be a password from the PrivData.
@@ -75,11 +83,13 @@ chpasswd (User user) v ps = makeChange $ withHandle StdinHandle createProcessSuc
hClose h
lockedPassword :: User -> Property NoInfo
-lockedPassword user@(User u) = check (not <$> isLockedPassword user) $ cmdProperty "passwd"
- [ "--lock"
- , u
- ]
- `describe` ("locked " ++ u ++ " password")
+lockedPassword user@(User u) = check (not <$> isLockedPassword user) $
+ cmdProperty "passwd"
+ [ "--lock"
+ , u
+ ]
+ `assume` MadeChange
+ `describe` ("locked " ++ u ++ " password")
data PasswordStatus = NoPassword | LockedPassword | HasPassword
deriving (Eq)
@@ -99,11 +109,13 @@ homedir :: User -> IO FilePath
homedir (User user) = homeDirectory <$> getUserEntryForName user
hasGroup :: User -> Group -> Property NoInfo
-hasGroup (User user) (Group group') = check test $ cmdProperty "adduser"
- [ user
- , group'
- ]
- `describe` unwords ["user", user, "in group", group']
+hasGroup (User user) (Group group') = check test $
+ cmdProperty "adduser"
+ [ user
+ , group'
+ ]
+ `assume` MadeChange
+ `describe` unwords ["user", user, "in group", group']
where
test = not . elem group' . words <$> readProcess "groups" [user]
@@ -140,9 +152,11 @@ hasDesktopGroups user@(User u) = property desc $ do
shadowConfig :: Bool -> Property NoInfo
shadowConfig True = check (not <$> shadowExists) $
cmdProperty "shadowconfig" ["on"]
+ `assume` MadeChange
`describe` "shadow passwords enabled"
shadowConfig False = check shadowExists $
cmdProperty "shadowconfig" ["off"]
+ `assume` MadeChange
`describe` "shadow passwords disabled"
shadowExists :: IO Bool
@@ -156,6 +170,7 @@ hasLoginShell user loginshell = shellSetTo user loginshell `requires` shellEnabl
shellSetTo :: User -> FilePath -> Property NoInfo
shellSetTo (User u) loginshell = check needchangeshell $
cmdProperty "chsh" ["--shell", loginshell, u]
+ `assume` MadeChange
`describe` (u ++ " has login shell " ++ loginshell)
where
needchangeshell = do