Grid環境構築用のChefリポジトリです。
リビジョン | 3eaeb6c34a185f606f302d4e264a9d392d6b4240 (tree) |
---|---|
日時 | 2017-01-04 23:07:46 |
作者 | whitestar <whitestar@gaea...> |
コミッター | whitestar |
adds the platform_utils::subid recipe.
@@ -1 +1,2 @@ | ||
1 | 1 | ~FC001 |
2 | +~FC014 |
@@ -1,6 +1,10 @@ | ||
1 | 1 | platform_utils CHANGELOG |
2 | 2 | ======================== |
3 | 3 | |
4 | +0.3.0 | |
5 | +----- | |
6 | +- adds the `platform_utils::subid` recipe. | |
7 | + | |
4 | 8 | 0.2.0 |
5 | 9 | ----- |
6 | 10 | - adds the `platform_utils::sudo` recipe. |
@@ -14,6 +14,7 @@ This cookbook provides platform utility recipes. | ||
14 | 14 | - [Recipes](#recipes) |
15 | 15 | - [platform_utils::default](#platform_utilsdefault) |
16 | 16 | - [platform_utils::platform_update](#platform_utilsplatform_update) |
17 | + - [platform_utils::subid](#platform_utilssubid) | |
17 | 18 | - [platform_utils::sudo](#platform_utilssudo) |
18 | 19 | - [License and Authors](#license-and-authors) |
19 | 20 |
@@ -37,6 +38,7 @@ This cookbook provides platform utility recipes. | ||
37 | 38 | |`['platform_utils']['platform_update']['timer']`|Symbol|update execution timing.|`:delayed`| |
38 | 39 | |`['platform_utils']['platform_update']['apt-get']['command']`|String|apt-get upgrade/dist-upgrade command string.|`'apt-get upgrade -y'`| |
39 | 40 | |`['platform_utils']['platform_update']['yum']['command']`|String|yum update command string.|`'yum update -y'`| |
41 | +|`['platform_utils']['platform_update']['subid']['users']`|Array|Subordinate user (=group) names.|`[]`| | |
40 | 42 | |`['platform_utils']['platform_update']['sudo']['sudoers.d']`|Hash|sudoers file configurations.|`{}` See `attributes/default.rb`| |
41 | 43 | |`['platform_utils']['platform_update']['sudo']['group']['members']`|Array|Members appended to the `sudo` group.|`[]`| |
42 | 44 |
@@ -52,6 +54,10 @@ This recipe does nothing. | ||
52 | 54 | |
53 | 55 | This recipe updates the platform. |
54 | 56 | |
57 | +#### platform_utils::subid | |
58 | + | |
59 | +This recipe sets up the `/etc/subuid` and the `/etc/subgid`. | |
60 | + | |
55 | 61 | #### platform_utils::sudo |
56 | 62 | |
57 | 63 | This recipe sets up sudo. |
@@ -22,6 +22,8 @@ default['platform_utils']['platform_update']['timer'] = :delayed | ||
22 | 22 | default['platform_utils']['platform_update']['apt-get']['command'] = 'apt-get upgrade -y' |
23 | 23 | default['platform_utils']['platform_update']['yum']['command'] = 'yum update -y' |
24 | 24 | |
25 | +default['platform_utils']['subid']['users'] = [] | |
26 | + | |
25 | 27 | default['platform_utils']['sudo']['sudoers.d'] = { |
26 | 28 | #'file_name' => [ |
27 | 29 | # 'each_line', |
@@ -5,7 +5,7 @@ maintainer_email '' | ||
5 | 5 | license 'Apache 2.0' |
6 | 6 | description 'Platform Utilities' |
7 | 7 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
8 | -version '0.2.0' | |
8 | +version '0.3.0' | |
9 | 9 | source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git' |
10 | 10 | issues_url 'https://osdn.jp/projects/metasearch/ticket' |
11 | 11 |
@@ -0,0 +1,78 @@ | ||
1 | +# | |
2 | +# Cookbook Name:: platform_utils | |
3 | +# Recipe:: subid | |
4 | +# | |
5 | +# Copyright 2017, whitestar | |
6 | +# | |
7 | +# Licensed under the Apache License, Version 2.0 (the "License"); | |
8 | +# you may not use this file except in compliance with the License. | |
9 | +# You may obtain a copy of the License at | |
10 | +# | |
11 | +# http://www.apache.org/licenses/LICENSE-2.0 | |
12 | +# | |
13 | +# Unless required by applicable law or agreed to in writing, software | |
14 | +# distributed under the License is distributed on an "AS IS" BASIS, | |
15 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
16 | +# See the License for the specific language governing permissions and | |
17 | +# limitations under the License. | |
18 | +# | |
19 | + | |
20 | +subid_files = [ | |
21 | + '/etc/subuid', | |
22 | + '/etc/subgid', | |
23 | +] | |
24 | + | |
25 | +subid_files.each {|subid_file| | |
26 | + file subid_file do | |
27 | + owner 'root' | |
28 | + group 'root' | |
29 | + mode '0644' | |
30 | + action :touch | |
31 | + not_if { File.exist?(subid_file) } | |
32 | + end | |
33 | +} | |
34 | + | |
35 | +this_recipe = self | |
36 | +node['platform_utils']['subid']['users'].each {|uname| | |
37 | + ruby_block "adds_subid_entries_#{uname}" do | |
38 | + action :run | |
39 | + not_if "cat /etc/subuid | grep #{uname}" | |
40 | + not_if "cat /etc/subgid | grep #{uname}" | |
41 | + notifies :restart, 'service[docker]' | |
42 | + block do | |
43 | + subid_files.each {|subid_file| | |
44 | + max_start_id = 100_000 | |
45 | + offset = 0 | |
46 | + already_exist = false | |
47 | + | |
48 | + begin | |
49 | + File.open(subid_file) {|file| | |
50 | + file.each_line {|line| | |
51 | + entry = line.split(':') | |
52 | + if entry[0] == uname | |
53 | + already_exist = true | |
54 | + break | |
55 | + end | |
56 | + if entry[1].to_i >= max_start_id | |
57 | + max_start_id = entry[1].to_i | |
58 | + offset = entry[2].to_i | |
59 | + end | |
60 | + } | |
61 | + } | |
62 | + | |
63 | + if already_exist | |
64 | + this_recipe.log "#{uname} already exists in #{subid_file}" | |
65 | + else | |
66 | + File.open(subid_file, 'a') {|file| | |
67 | + entry_str = "#{uname}:#{max_start_id + offset}:65536" | |
68 | + this_recipe.log "#{uname} (#{entry_str}) is added in #{subid_file}" | |
69 | + file.puts entry_str | |
70 | + } | |
71 | + end | |
72 | + rescue IOError => e | |
73 | + puts e | |
74 | + end | |
75 | + } | |
76 | + end | |
77 | + end | |
78 | +} |