Fix #239 local_user permission denied (#497)

* fix local user permission denied

* fix offenses

* fix specs

Author: thde

lib/facter/docker.rb

@@ -2,6 +2,7 @@
 
 require 'facter'
 require 'json'
+require 'etc'
 
 Facter.add(:docker_systemroot) do
   confine osfamily: :windows
@@ -31,6 +32,17 @@
   end
 end
 
+Facter.add(:docker_home_dirs) do
+  confine kernel: 'Linux'
+  setcode do
+    home_dirs = {}
+    Etc.passwd do |user|
+      home_dirs[user.name] = user.dir
+    end
+    home_dirs
+  end
+end
+
 docker_command = if Facter.value(:kernel) == 'windows'
                    'powershell -NoProfile -NonInteractive -NoLogo -ExecutionPolicy Bypass -c docker'
                  else

manifests/registry.pp

@@ -61,6 +61,7 @@
     $exec_provider = undef
     $password_env = "\${password}"
     $exec_user = $local_user
+    $local_user_home = $facts['docker_home_dirs'][$local_user]
   }
 
   if $ensure == 'present' {
@@ -103,11 +104,13 @@
         Undef   => pw_hash($docker_auth, 'SHA-512', $local_user_strip),
         default => $pass_hash
       }
-      $_auth_command = "${auth_cmd} || rm -f \"/root/registry-auth-puppet_receipt_${server_strip}_${local_user}\""
+      $_auth_command = "${auth_cmd} || rm -f \"/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}\""
 
-      file { "/root/registry-auth-puppet_receipt_${server_strip}_${local_user}":
+      file { "/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}":
         ensure  => $ensure,
         content => $_pass_hash,
+        owner   => $local_user,
+        group   => $local_user,
         notify  => Exec["${title} auth"],
       }
     } else {

spec/defines/registry_spec.rb

@@ -10,6 +10,9 @@
       lsbdistcodename: 'jessie',
       kernelrelease: '3.2.0-4-amd64',
       operatingsystemmajrelease: '8',
+      docker_home_dirs: {
+        root: '/root',
+      },
     }
   end
   let(:params) { { 'version' => '17.06', 'pass_hash' => 'test1234', 'receipt' => false } }