Fix #17, ensure the keyfile is writable before creating a user #25
Conversation
| File.open(config[:filename], "w") do |f| | ||
| ui.msg "File #{config[:filename]} exists and can be written to." | ||
| end | ||
| rescue Errno::ENOENT |
There was a problem hiding this comment.
You likely want to rescue Errno::EACCES as well if we are worried about permissions.
|
Passed manual testing: |
|
Thanks for the comments @stevendanna. I like it a lot better now. The new version has also passed manual testing. |
| @@ -54,6 +54,14 @@ def run | |||
| :password => password | |||
| } | |||
|
|
|||
| # Check the file before creating the user so the api is more transactional. | |||
| if config[:filename] | |||
| unless File.writable?(config[:filename]), "w") | |||
There was a problem hiding this comment.
I'm confused on how this works for you.
irb(main):002:0> File.writable?("foo", "w")
ArgumentError: wrong number of arguments (2 for 1)
from (irb):2:in `writable?'
Unfortunately, if the file doesn't exist, I believe that will return false even if the directory is writable:
File.writable?("./nothinghere")
=> false
I couldn't find a function in the File class that does this, but I think you need something like:
File.exist?(config[:filename]) ? File.writable?(config[:filename]) : File.writable?(File.dirname(config[:filename]))
|
Thank you again @stevendanna. I was more careful with this test: root@default-ubuntu-1204:/# chef-server-ctl user-create foo3 f3 oo foo3@test.com testtest --filename ./foo/file4.key |
|
👍 Looks good to me. |
chef/chef-server#17 is the related issue.
This just ensures the file exists and is writable before creating the user.
Requires manual testing.