Chef Infra Client 15.7.30 Released!

Hey Everyone,

Today we released Chef Infra Client 15.7.30. This new release comes with tons of great community enhancements for resources, an important security fix to our embedded OpenSSL and new helpers for identifying Windows systems.

Updated Resources


The archive_file resource will now only change ownership on files and directories that were part of the archive itself. This prevents changing permissions on important high level directories such as /etc or /bin when you extract a file into those directories. Thanks for this fix, @bobchaos.

cron and cron_d

The cron and cron_d resources now include a timeout property, which allows you to configure actions to perform when a job times out. This property accepts a hash of timeout configuration options:

  • preserve-status: true/false with a default of false
  • foreground: true/false with a default of false
  • kill-after: Integer for the timeout in seconds
  • signal: String or Integer to send to the process such as HUP


The launchd resource has been updated to properly capitalize HardResourceLimits. Thanks for this fix, @rb2k.


The sudo resource no longer fails on the second Chef Infra Client run when using a Cmnd_Alias. Thanks for reporting this issue, @Rudikza.


The user resource on AIX no longer forces the user to change the password after Chef Infra Client modifies the password. Thanks for this fix, @Triodes.

The user resource on macOS 10.15 has received several important fixes to improve logging and prevent failures.


The windows_task resource is now idempotent when a system is joined to a domain and the job runs under a local user account.


The x509_certificate resource now includes a new renew_before_expiry property that allows you to auto renew certicates a specified number of days before they expire. Thanks @julienhuon for this improvement.

Additional Recipe Helpers

We have added new helpers for identifying Windows releases that can be used in any part of your cookbooks.


Returns true if the system is a Windows Workstation edition.


Returns true if the system is a Windows Server edition.


Returns true if the system is a Windows Server Core edition.

Notable Changes and Fixes

  • knife upload and knife cookbook upload will now generate a metadata.json file from metadata.rb when uploading a cookbook to the Chef Infra Server.
  • A bug in knife bootstrap behavior that caused failures when bootstrapping Windows hosts from non-Windows hosts and vice versa has been resolved.
  • The existing system path is now preserved when bootstrapping Windows nodes. Thanks for this fix, @Xorima.
  • Ohai now properly returns the drive name on Windows and includes new drive_type fields to allow you to determine the type of attached disk. Thanks for this improvement @sshock.
  • Ohai has been updated to properly return DMI data to Chef Infra Client. Thanks for troubleshooting this, @zmscwx and @Sliim.

Platform Support

  • Chef Infra Clients packages are no longer produced for Windows 2008 R2 as this release reached its end of life on Jan 14th, 2020.
  • Chef Infra Client packages are no longer produced for RHEL 6 on the s390x platform. Builds will continue to be published for RHEL 7 on the s390x platform.

Security Updates


OpenSSL has been updated to 1.0.2u to resolve CVE-2019-1551

Get the Build

As always, you can download binaries directly from or by using the mixlib-install command-line utility:

$ mixlib-install download chef -v 15.7.30

Alternatively, you can install Chef Infra Client using one of the following command options:

# In Shell
$ curl | sudo bash -s -- -P chef -v 15.7.30

# In Windows Powershell
. { iwr -useb } | iex; install -project chef -version 15.7.30

If you want to give this version a spin in Test Kitchen, create or add the following to your kitchen.yml file:

  product_name: chef
  product_version: 15.7.30


It took awhile, but I have new unofficial Raspberry Pi Chef 15.7.32 and Cinc 32-bit ARM client builds if you're interested.