diff --git a/cookbooks/boxcutter_site_settings/recipes/remap_users.rb b/cookbooks/boxcutter_site_settings/recipes/remap_users.rb index 99adb99..96dd57d 100644 --- a/cookbooks/boxcutter_site_settings/recipes/remap_users.rb +++ b/cookbooks/boxcutter_site_settings/recipes/remap_users.rb @@ -16,12 +16,12 @@ # See the License for the specific language governing permissions and # limitations under the License. -if node.centos? - FB::Users::GID_MAP.delete('nogroup') - FB::Users::GID_MAP['nobody'] = { - 'gid' => 65534, - } -end +# if node.centos? +# FB::Users::GID_MAP.delete('nogroup') +# FB::Users::GID_MAP['nobody'] = { +# 'gid' => 65534, +# } +# end FB::Users::UID_MAP.each do |user_name, desired_user_data| puts "MISCHA: node['root_user']=#{node['root_user']}, node.root_user=#{node.root_user}" diff --git a/cookbooks/boxcutter_site_settings/recipes/users.rb b/cookbooks/boxcutter_site_settings/recipes/users.rb index 4a88202..d97066c 100644 --- a/cookbooks/boxcutter_site_settings/recipes/users.rb +++ b/cookbooks/boxcutter_site_settings/recipes/users.rb @@ -46,4 +46,14 @@ 'gid' => 'nogroup', 'home' => '/nonexistent', 'action' => :add, + 'only_if' => proc { node.ubuntu? } +} + +node.default['fb_users']['users']['nobody'] = { + 'comment' => 'Kernel Overflow User', + 'shell' => '/usr/sbin/nologin', + 'gid' => '65534', + 'home' => '/', + 'action' => :add, + 'only_if' => proc { node.centos? } } diff --git a/cookbooks/boxcutter_users/libraries/default.rb b/cookbooks/boxcutter_users/libraries/default.rb index 18a90ad..e2038e3 100644 --- a/cookbooks/boxcutter_users/libraries/default.rb +++ b/cookbooks/boxcutter_users/libraries/default.rb @@ -1,6 +1,6 @@ module FB class Users - UID_MAP = { # rubocop:disable Style/MutableConstant + UID_MAP = { # system 'root' => { 'uid' => 0, @@ -48,9 +48,9 @@ class Users 'uid' => 65534, 'comment' => 'nobody', }, - } + }.freeze - GID_MAP = { # rubocop:disable Style/MutableConstant + GID_MAP = { 'root' => { 'gid' => 0, 'system' => true,