[PUP-661] Remove broken macauthorization provider from core types - Puppet Tickets

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Duplicate
Affects Version/s: None
Fix Version/s: PUP 6.0.0
Component/s: None
Labels:
- breaking
- macos
- redmine
- removal
- type_and_provider

Template:
customfield_10700 18234
Epic Link:
Puppet 6.0.0 Removals
Team:
Platform OS

CS Priority:
Reviewed

Description

Update 12/22: Based on comments from Allister and Nigel this should be removed from core types. That may need to wait until Puppet 5 for semver reasons.

In OS X 10.9, `/etc/authorization` has been "deprecated"; as of the GM, the update will move `/etc/authorization` to `/etc/authorization.deprecated`.

There is now `/System/Library/Security/authorization.plist` but it seems to just be the defaults; changing a right with the `security authorizationdb` command doesn't change that file, but instead updates a sqlite db at `/var/db/auth.db`.

I did some quick testing, and just changing `AuthDB` in `puppet/provider/macauthorization/macauthorization.rb` isn't enough because the provider reads the plist to determine current state, but in the 10.9 world the current state is reflected in the `auth.db` file (or the output of `security authorizationdb` commands) so even when a right change is applied, puppet doesn't know.

Attachments

Issue Links

duplicates

PUP-8850 Remove type/provider code from puppet

Resolved

relates to

PUP-8573 Extract macdslocal type/provider into a module

Closed

clones

(#22830) macauthorization provider is broken on 10.9 (mavericks)

Activity

People

Assignee:

Unassigned

Reporter:

redmine.exporter

Votes:

1 Vote for this issue

Watchers:

9 Start watching this issue

Dates

Created:

2013/11/05 9:31 AM

Updated:

2018/07/03 2:58 PM

Resolved:

2018/07/03 2:58 PM