diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-02-18 11:07:39 -0500 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2014-02-18 11:07:39 -0500 |
commit | 5623d425ef12a40fdb923181456676e0089cd785 (patch) | |
tree | 4a1ecfcbab0af16031a3b06aeca7aab43f648d28 /src/lib/Bcfg2/Server | |
parent | a9f17d383460d0894e3a101c133be472f300ba94 (diff) | |
parent | 304cf13f4988312a4ec6ac14fff79bc74737e3ee (diff) | |
download | bcfg2-5623d425ef12a40fdb923181456676e0089cd785.tar.gz bcfg2-5623d425ef12a40fdb923181456676e0089cd785.tar.bz2 bcfg2-5623d425ef12a40fdb923181456676e0089cd785.zip |
Merge pull request #156 from irconan/default-acls
Support ACLs without a specific user/group
Diffstat (limited to 'src/lib/Bcfg2/Server')
-rw-r--r-- | src/lib/Bcfg2/Server/Lint/RequiredAttrs.py | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py b/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py index e49779a10..1d12ee461 100644 --- a/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py +++ b/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py @@ -129,12 +129,30 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin): @classmethod def Errors(cls): - return {"unknown-entry-type": "error", + return {"missing-elements": "error", + "unknown-entry-type": "error", "unknown-entry-tag": "error", "required-attrs-missing": "error", "required-attr-format": "error", "extra-attrs": "warning"} + def check_default_acl(self, path): + """ Check that a default ACL contains either no entries or minimum + required entries """ + defaults = 0 + if path.xpath("ACL[@type='default' and @scope='user' and @user='']"): + defaults += 1 + if path.xpath("ACL[@type='default' and @scope='group' and @group='']"): + defaults += 1 + if path.xpath("ACL[@type='default' and @scope='other']"): + defaults += 1 + if defaults > 0 and defaults < 3: + self.LintError( + "missing-elements", + "A Path must have either no default ACLs or at" + " least default:user::, default:group:: and" + " default:other::") + def check_packages(self): """ Check Packages sources for Source entries with missing attributes. """ @@ -234,6 +252,9 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin): required_attrs['major'] = is_device_mode required_attrs['minor'] = is_device_mode + if tag == 'Path': + self.check_default_acl(entry) + if tag == 'ACL' and 'scope' in required_attrs: required_attrs[entry.get('scope')] = is_username |