From f16ac1911ddf86eee5ce8b620647cb93b0b7c386 Mon Sep 17 00:00:00 2001
From: Jason Staten <jstaten07@gmail.com>
Date: Wed, 16 Jan 2013 20:46:23 -0700
Subject: [PATCH 1/3] Set permissions on existing directory

Previously, an existing directory would not have its permissions
modified by the __directory type. This change removes exiting early when
$state_is matches $state_should
---
 cdist/conf/type/__directory/gencode-remote | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote
index 21f4c5b6..e9023b60 100755
--- a/cdist/conf/type/__directory/gencode-remote
+++ b/cdist/conf/type/__directory/gencode-remote
@@ -21,8 +21,6 @@
 state_should="present"
 [ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
 state_is="$(cat "$__object/explorer/state")"
-[ "$state_should" = "$state_is" ] && exit 0
-
 destination="/$__object_id"
 
 mkdiropt=""
@@ -32,7 +30,9 @@ recursive=""
 
 case "$state_should" in
     present)
-        echo mkdir $mkdiropt \"$destination\"
+        if [ "$state_is" != "present" ]; then
+          echo mkdir $mkdiropt \"$destination\"
+        fi
 
         # Mode settings
         if [ -f "$__object/parameter/mode" ]; then
@@ -50,7 +50,9 @@ case "$state_should" in
         fi
     ;;
     absent)
-        echo rm -rf \"$destination\"
+        if [ "$state_is" != "absent" ]; then
+          echo rm -rf \"$destination\"
+        fi
     ;;
     *)
         echo "Unknown state: $state_should" >&2

From fc1a9ed27bc805bf0c4d75b39f715cf11e1c1f65 Mon Sep 17 00:00:00 2001
From: Jason Staten <jstaten07@gmail.com>
Date: Thu, 24 Jan 2013 22:37:52 -0700
Subject: [PATCH 2/3] directory permission explorers

The group, mode, and owner are now pulled from a explorers. If the
desired value matches the existing value, then no code is executed.

If the recursive flag is set, the permissions are applied every run.
---
 cdist/conf/type/__directory/explorer/group | 28 +++++++++++++++++++
 cdist/conf/type/__directory/explorer/mode  | 28 +++++++++++++++++++
 cdist/conf/type/__directory/explorer/owner | 28 +++++++++++++++++++
 cdist/conf/type/__directory/gencode-remote | 31 +++++++++++++---------
 4 files changed, 102 insertions(+), 13 deletions(-)
 create mode 100644 cdist/conf/type/__directory/explorer/group
 create mode 100644 cdist/conf/type/__directory/explorer/mode
 create mode 100644 cdist/conf/type/__directory/explorer/owner

diff --git a/cdist/conf/type/__directory/explorer/group b/cdist/conf/type/__directory/explorer/group
new file mode 100644
index 00000000..b14794e3
--- /dev/null
+++ b/cdist/conf/type/__directory/explorer/group
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see <http://www.gnu.org/licenses/>.
+#
+#
+# Check whether file exists or not
+#
+
+destination="/$__object_id"
+
+if [ -e "$destination" ]; then
+  stat -c "%G" "$destination"
+fi
diff --git a/cdist/conf/type/__directory/explorer/mode b/cdist/conf/type/__directory/explorer/mode
new file mode 100644
index 00000000..3ffa497e
--- /dev/null
+++ b/cdist/conf/type/__directory/explorer/mode
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see <http://www.gnu.org/licenses/>.
+#
+#
+# Check whether file exists or not
+#
+
+destination="/$__object_id"
+
+if [ -e "$destination" ]; then
+  stat -c "%a" "$destination"
+fi
diff --git a/cdist/conf/type/__directory/explorer/owner b/cdist/conf/type/__directory/explorer/owner
new file mode 100644
index 00000000..a691ac1b
--- /dev/null
+++ b/cdist/conf/type/__directory/explorer/owner
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# 2011 Nico Schottelius (nico-cdist at schottelius.org)
+#
+# This file is part of cdist.
+#
+# cdist is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# cdist is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with cdist. If not, see <http://www.gnu.org/licenses/>.
+#
+#
+# Check whether file exists or not
+#
+
+destination="/$__object_id"
+
+if [ -e "$destination" ]; then
+  stat -c "%U" "$destination"
+fi
diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote
index e9023b60..154a46b5 100755
--- a/cdist/conf/type/__directory/gencode-remote
+++ b/cdist/conf/type/__directory/gencode-remote
@@ -18,35 +18,40 @@
 # along with cdist. If not, see <http://www.gnu.org/licenses/>.
 #
 
-state_should="present"
-[ -f "$__object/parameter/state" ] && state_should="$(cat "$__object/parameter/state")"
-state_is="$(cat "$__object/explorer/state")"
 destination="/$__object_id"
 
-mkdiropt=""
-[ -f "$__object/parameter/parents" ] && mkdiropt="-p"
-recursive=""
+state_is="$(cat "$__object/explorer/state")"
+owner_is="$(cat "$__object/explorer/owner")"
+group_is="$(cat "$__object/explorer/group")"
+mode_is="$(cat "$__object/explorer/mode")"
+
+state_should="present"
+[ -f "$__object/parameter/state" ]     && state_should="$(cat "$__object/parameter/state")"
+[ -f "$__object/parameter/mode" ]      && mode="$(cat "$__object/parameter/mode")"
+[ -f "$__object/parameter/owner" ]     && owner="$(cat "$__object/parameter/owner")"
+[ -f "$__object/parameter/group" ]     && group="$(cat "$__object/parameter/group")"
+[ -f "$__object/parameter/parents" ]   && mkdiropt="-p"
 [ -f "$__object/parameter/recursive" ] && recursive="-R"
 
 case "$state_should" in
     present)
         if [ "$state_is" != "present" ]; then
-          echo mkdir $mkdiropt \"$destination\"
+            echo mkdir $mkdiropt \"$destination\"
         fi
 
         # Mode settings
-        if [ -f "$__object/parameter/mode" ]; then
-            echo chmod \"$(cat "$__object/parameter/mode")\" \"$destination\"
+        if [ "$mode" ] && [ "$mode_is" != "$mode" -o -n "$recursive" ]; then
+            echo chmod $recursive \"$mode\" \"$destination\"
         fi
 
         # Group
-        if [ -f "$__object/parameter/group" ]; then
-            echo chgrp $recursive \"$(cat "$__object/parameter/group")\" \"$destination\"
+        if [ "$group" ] && [ "$group_is" != "$group" -o -n "$recursive" ]; then
+            echo chgrp $recursive \"$group\" \"$destination\"
         fi
 
         # Owner
-        if [ -f "$__object/parameter/owner" ]; then
-            echo chown $recursive \"$(cat "$__object/parameter/owner")\" \"$destination\"
+        if [ "$owner" ] && [ "$owner_is" != "$owner" -o -n "$recursive" ]; then
+            echo chown $recursive \"$owner\" \"$destination\"
         fi
     ;;
     absent)

From 919707d6f9baaa71df2caef817c77e2a7c90ec0f Mon Sep 17 00:00:00 2001
From: Jason Staten <jstaten07@gmail.com>
Date: Mon, 28 Jan 2013 10:06:04 -0700
Subject: [PATCH 3/3] Initialize variables to empty string

Set mode, group, etc. to an empty string to ensure that no external
environment variables can leak in.
---
 cdist/conf/type/__directory/gencode-remote | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cdist/conf/type/__directory/gencode-remote b/cdist/conf/type/__directory/gencode-remote
index 154a46b5..f46a5967 100755
--- a/cdist/conf/type/__directory/gencode-remote
+++ b/cdist/conf/type/__directory/gencode-remote
@@ -27,10 +27,15 @@ mode_is="$(cat "$__object/explorer/mode")"
 
 state_should="present"
 [ -f "$__object/parameter/state" ]     && state_should="$(cat "$__object/parameter/state")"
+mode=""
 [ -f "$__object/parameter/mode" ]      && mode="$(cat "$__object/parameter/mode")"
+owner=""
 [ -f "$__object/parameter/owner" ]     && owner="$(cat "$__object/parameter/owner")"
+group=""
 [ -f "$__object/parameter/group" ]     && group="$(cat "$__object/parameter/group")"
+mkdiropt=""
 [ -f "$__object/parameter/parents" ]   && mkdiropt="-p"
+recursive=""
 [ -f "$__object/parameter/recursive" ] && recursive="-R"
 
 case "$state_should" in