summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSean Whitton2019-04-09 18:57:49 -0700
committerJoey Hess2019-04-09 22:24:56 -0400
commitcbef4290484f42217a6f26ef04aefaaaa6998add (patch)
tree3dcb1b8dc082a78369f88b0b8be6b04f0f8f9d13 /src
parentdd5cb6b03fe77ce7c4e46467048336c62d31b7a3 (diff)
Add User.ownsWithPrimaryGroup
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/User.hs12
1 files changed, 12 insertions, 0 deletions
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index f6bc2c4b..2e2d2c0a 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -148,6 +148,10 @@ isLockedPassword user = (== LockedPassword) <$> getPasswordStatus user
homedir :: User -> IO FilePath
homedir (User user) = homeDirectory <$> getUserEntryForName user
+primaryGroup :: User -> IO Group
+primaryGroup (User u) = Group <$> groupName <$>
+ (getGroupEntryForID =<< (userGroupID <$> getUserEntryForName u))
+
hasGroup :: User -> Group -> Property DebianLike
hasGroup (User user) (Group group') = tightenTargets $ check test go
`describe` unwords ["user", user, "in group", group']
@@ -188,6 +192,14 @@ hasDesktopGroups user@(User u) = property' desc $ \o -> do
, "lpadmin"
]
+-- | Ensures that a file is owned by a user, and also by that user's primary
+-- group.
+ownsWithPrimaryGroup :: User -> FilePath -> Property UnixLike
+ownsWithPrimaryGroup user@(User u) f =
+ property' (f ++ " has owner " ++ u) $ \w -> do
+ group <- liftIO $ primaryGroup user
+ ensureProperty w $ File.ownerGroup f user group
+
-- | Controls whether shadow passwords are enabled or not.
shadowConfig :: Bool -> Property DebianLike
shadowConfig True = tightenTargets $ check (not <$> shadowExists)