Relax passgen UID/GID logic (#275)

op-ct · web-flow · commit d1cd591b7974 · 2022-07-08T09:07:14.000-05:00
* Relax passgen UID/GID logic

* Bump versioned assets
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,8 @@
+* Thu Jul 07 2022 Chris Tessmer <chris.tessmer@onyxpoint.com> - 4.10.4
+- Fixed
+  - If the user/group Puppet's settings doesn't exist on the OS,
+    passgen's file ownership falls back to the owner of the compiler's process
+
 * Fri Jun 24 2022 Trevor Vaughan <tvaughan@sicura.us> - 4.10.3
 - Fixed
   - Allow `assert_optional_dependency` to handle extended version strings
diff --git a/lib/puppet/functions/simplib/passgen/legacy/passgen.rb b/lib/puppet/functions/simplib/passgen/legacy/passgen.rb
@@ -61,8 +61,26 @@ def passgen(identifier, modifier_hash={})
     scope = closure_scope
 
     settings = {}
-    settings['user'] = modifier_hash['user'] || Puppet.settings[:user]
-    settings['group'] = modifier_hash['group'] || Puppet.settings[:group]
+
+    user = modifier_hash['user'] || Puppet.settings[:user]
+    group = modifier_hash['group'] || Puppet.settings[:group]
+    begin
+      Etc.getpwnam(user)
+    rescue ArgumentError
+      debug_msg = "simpkv::passgen (legacy): Puppet user '#{user}' not found on system, "
+      user = Etc.getpwuid(Process.uid).name
+      debug_msg += "defaulting to process owner uid (#{user})"
+    end
+    begin
+      Etc.getgrnam(group)
+    rescue ArgumentError
+      debug_msg = "simpkv::passgen (legacy): Puppet group '#{group}' not found on system, "
+      group = Etc.getgrgid(Process.gid).name
+      debug_msg += "defaulting to process owner gid (#{group})"
+    end
+    settings['user'] = user
+    settings['group'] = group
+
     settings['keydir'] = File.join(Puppet.settings[:vardir], 'simp',
       'environments', scope.lookupvar('::environment'),
       'simp_autofiles', 'gen_passwd'
@@ -355,4 +373,4 @@ def lockdown_stored_password_perms(settings)
       fail(err_msg)
     end
   end
-end
+end
diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "simp-simplib",
-  "version": "4.10.3",
+  "version": "4.10.4",
   "author": "SIMP Team",
   "summary": "A collection of common SIMP functions, facts, and types",
   "license": "Apache-2.0",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "simp-simplib",`
`3`		`- "version": "4.10.3",`
	`3`	`+ "version": "4.10.4",`
`4`	`4`	`"author": "SIMP Team",`
`5`	`5`	`"summary": "A collection of common SIMP functions, facts, and types",`
`6`	`6`	`"license": "Apache-2.0",`