search

gini / puppet-archive

Puppet Module to download and extract tar.gz, tar.bz2, tar.xz, and zip archives
6 stars 22 forks source link

Running extract as a different user #22

Open swapsn opened 10 years ago

swapsn commented 10 years ago

I am running into a issue where puppet is running as root, but the tar extract should run as a different (non-root) user, so that the permissions on extracted files are correct.

I am using the following patch locally. Let me know what you think.

diff --git a/manifests/extract.pp b/manifests/extract.pp
index fec7335..c14fece 100644
--- a/manifests/extract.pp
+++ b/manifests/extract.pp
@@ -35,7 +35,8 @@ define archive::extract (
   $extension        = 'tar.gz',
   $timeout          = 120,
   $strip_components = 0,
-  $exec_path        = ['/usr/local/bin', '/usr/bin', '/bin']) {
+  $exec_path        = ['/usr/local/bin', '/usr/bin', '/bin'],
+  $user             = undef) {

   if $root_dir != '' {
     $extract_dir = "${target}/${root_dir}"
@@ -67,7 +68,8 @@ define archive::extract (
         command => $unpack_command,
         path    => $exec_path,
         creates => $extract_dir,
-        timeout => $timeout
+        timeout => $timeout,
+       user    => $user
       }
     }
     absent: {
diff --git a/manifests/init.pp b/manifests/init.pp
index 948011b..c70148d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -22,6 +22,7 @@
 # - *$proxy: HTTP proxy in the form of "hostname:port"; e.g. "myproxy:8080"
 # - *$dependency_class: Puppet class which installs the required programs (curl, tar, unzip)
 # - *$exec_path: Path being searched for all Exec resources, default: ['/usr/local/bin', '/usr/bin', '/bin']
+# - *$user: Username to use while extracting
 #
 # Example usage:
 #
@@ -57,7 +58,8 @@ define archive (
   $password         = undef,
   $proxy            = undef,
   $dependency_class = Class['archive::prerequisites'],
-  $exec_path        = ['/usr/local/bin', '/usr/bin', '/bin']) {
+  $exec_path        = ['/usr/local/bin', '/usr/bin', '/bin'],
+  $user             = undef) {

   archive::download {"${name}.${extension}":
     ensure          => $ensure,
@@ -86,6 +88,7 @@ define archive (
     timeout          => $timeout,
     strip_components => $strip_components,
     exec_path        => $exec_path,
-    require          => Archive::Download["${name}.${extension}"]
+    require          => Archive::Download["${name}.${extension}"],
+    user             => $user
   }
 }
davidmpaz commented 10 years ago

Thanks! this did come handy to me. It would be nice to have it in main stream. Cheers