Skip to content

ENT-10961, CFE-1840: Files promise can now modify immutable bit in file system attributes #5752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 20 commits into
base: master
Choose a base branch
from
Draft

ENT-10961, CFE-1840: Files promise can now modify immutable bit in file system attributes #5752

wants to merge 20 commits into from

Conversation

larsewi
Copy link
Contributor

@larsewi larsewi commented Apr 1, 2025
edited by nickanderson
Loading

TODO:

  • handle content attribute
  • handle copy_from attribute
  • handle delete attribute
  • handle edit_line attribute
  • handle edit_xml attribute
  • handle perms attribute
  • handle touch attribute
  • handle edit_template attribute
  • handle acl attribute
  • handle transformer attribute
  • handle create attribute
  • handle delete attribute
  • handle rename attribute

Is there any other ones that I've missed?

larsewi added 4 commits April 1, 2025 13:58
@larsewi
Added utility functions to override immutable bit
e27e62d 
Ticket: ENT-10961
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Added body syntax for controlling file system attributes
68a4017 
Added syntax for `body fsattrs` with a boolean constraint `immutable`.
It currently does nothing, but this will change in following commits.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Files promise can now modify immutable bit in file system attributes
972ba84 
Ticket: ENT-10961, CFE-1840
Changelog: Title
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Added acceptance test for setting/clearing immutable bit
a04ecb4 
Ticket: CFE-1840, ENT-10961
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi larsewi mentioned this pull request Apr 1, 2025
Closed
@larsewi
Added argument to NOOP OverrideImmutable functions
d1e9796 
Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@cf-bottom
Copy link

Thank you for submitting a PR! Maybe @craigcomstock can review this?

larsewi added 2 commits April 2, 2025 13:06
@larsewi
Combined OverrideImmutable[Commit|Abort] functions
3f8a644 
Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Content attribute can now override immutable bit
0955a07 
The content attribute of the files promise can now override the
immutable bit.

Ticket: ENT-10961, CFE-1840
Changelog: Commit
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi larsewi force-pushed the override-immutable branch from bdd1918 to 69b1f52 Compare April 3, 2025 14:26
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 3, 2025
View reviewed changes
@larsewi larsewi force-pushed the override-immutable branch from 87802e4 to ecfb13a Compare April 3, 2025 15:23
larsewi added 7 commits April 3, 2025 18:17
@larsewi
Acceptance test: override immutable bit with content
1813d4c 
Added acceptance test to test that the content attribute of the files
promise can override the immutable bit.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Acceptance test: override immutable bit with copy_from
92ace13 
Added acceptance test to test that the copy_from attribute of the files
promise can override the immutable bit of the destination file.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Store override_immutable variable in EvalContext
887ec4b 
This way we don't have to explicitly pass it to a gazillion functions.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Added function to override immutable bit and rename file
0847f0f 
Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
copy_from attribute can now override immutable bit
aa26cb1 
The copy_from attribute of the files promise can now override the
immutable bit.

Ticket: ENT-10961, CFE-1840
Changelog: Commit
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Acceptance test: override immutable bit with delete
66f78ef 
Added acceptance test to test that the delete attribute of the files
promise can override the immutable bit of the destination file.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Added function to override immutable bit and delete file
b46f991 
Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi larsewi force-pushed the override-immutable branch 2 times, most recently from a894452 to 6b68852 Compare April 4, 2025 09:30
larsewi added 4 commits April 4, 2025 12:01
@larsewi
delete attribute can now override immutable bit
2abbb50 
The delete attribute of the files promise can now override the immutable
bit.

Ticket: ENT-10961, CFE-1840
Changelog: Commit
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Acceptance test: override immutable bit with edit_line
2818e3a 
Added acceptance test to test that the edit_line attribute of the files
promise can override the immutable bit of the destination file.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
edit_line and edit_xml attributes can now override immutable bit
3411b44 
The edit_line and edit_xml attributes of the files promise can now
override the immutable bit.

Ticket: ENT-10961, CFE-1840
Changelog: Commit
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Acceptance test: override immutable bit with edit_xml
672d59a 
Added acceptance test to test that the edit_xml attribute of the files
promise can override the immutable bit of the destination file.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi larsewi force-pushed the override-immutable branch from 6b68852 to 672d59a Compare April 4, 2025 12:20
larsewi added 2 commits April 4, 2025 16:27
@larsewi
Acceptance test: override immutable bit with perms
31737d5 
Added acceptance test to test that the perms attribute of the files
promise can override the immutable bit of the destination file.

For some reason it just works. I don't know why? Maybe it was indirectly
fixed by previous commits?. IDK. But hey! It's Friday at 3:24 pm, so I
will not ask any further questions. Instead, I'll add a changelog string
in this commit and pretend that I intentionally fixed it.

Ticket: ENT-10961, CFE-1840
Changelog: The perms attribute of the files promise can now override the immutable bit.
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi
Acceptance test: override immutable bit with touch
578286c 
Added acceptance test to test that the touch attribute of the files
promise can override the immutable bit of the destination file.

Ticket: ENT-10961, CFE-1840
Signed-off-by: Lars Erik Wik <[email protected]>
@larsewi larsewi force-pushed the override-immutable branch from 06b3676 to 578286c Compare April 4, 2025 15:13
@nickanderson
Copy link
Member

nickanderson commented Apr 8, 2025
edited
Loading

MMM, the transformer attribute comes to mind.

  bundle agent __main__
  {
    files:
        "/tmp/example.txt"
          content => "Hello World";
  
        "/tmp/example.txt"
          transformer => "/usr/bin/gzip $(this.promiser)";
  
    reports:
        "$(with)" with => join( ",", lsdir( "/tmp", "example.*", "true" ));
  }

Looking at the files promise docs I imagine that create would also be affected:

bundle agent __main__
{
  vars:
      "check_file" string => "/tmp/check-file.txt";

  files:
      "$(check_file)"
        handle => "create_file",
        create => "true",
        if => "file_absent_report_kept";

   reports:
      "$(check_file) does not exist"
        classes => results( "namespace", "file_absent_report" );

      "$(check_file) was repaired"
        depends_on => { "create_file" };

      "$(check_file) exists"
        if => fileexists( "/tmp/check-file.txt" );
}

R: /tmp/check-file.txt does not exist
R: /tmp/check-file.txt was repaired
R: /tmp/check-file.txt exists

And the delete attribute would seem to be affected as well.

And rename too

bundle agent __main__
{
  files:
    "/tmp/example.txt"
      content => "Disable me!";

    "/tmp/example.txt"
      rename => default:disable;
}
# For reference:
# body rename disable
# # @brief Disable the file
# {
#         disable => "true";
# }

   info: Created file '/tmp/example.txt', mode 0600
   info: Updated file '/tmp/example.txt' with content 'Disable me!'
warning: File object '/tmp/example.txt' exists, contrary to promise
   info: Changed permissions of '/tmp/example.txt' to 'mode 0600'
   info: Disabled file '/tmp/example.txt' by renaming to '/tmp/example.txt.cfdisabled' with mode 0600

I added them to the description.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@larsewi @cf-bottom @nickanderson