This feature is only a very small detail, but it’s fun to chat about, so will post a reply anyway.
Find a way to rearchitect so that you understand what directories you need to control and explicitly control them.
In our case the first directory is known, it is writable, and the fix that I posted last time works: the simplest solution is to create a bash resource, and run “mkdir -p”. (with user/group set on the bash resource). Done. Or multiple standard chef dir resources.
But when provisioning code from developers, you don’t necessarily know in advance a particular dir depth, and would like to handle arbitrary/unknown cases with the recursive flag, it’s a convenience method.
If you are logged in as the ‘test’ user and run chef-client
Most of the chef supermarket cookbooks are non-trivial and must have permissions to install packages and so on, right? It’s pretty standard to run chef-client as root. "The default configuration of the chef-client assumes that it is run as the root user."
At the same time, the fact it’s run as root, isn’t meant to strongly convey a datapoint, that we definitely prefer all files to be owned by the same user who is running chef-client. Ok, as a default permission, yes. But it should be easily over-ridden. And that’s what the user and group properties of the resource are for. In this context, running chef-client is different from running a plain old bash command, because in the latter case, there is a more reasonable assumption that you want the user/group values of the executing user to be applied, whereas chef-client almost always has to be run as root, but it doesn’t imply that you intend everything in the cookbooks to be owned by root. The root/root ownership should be more of a “weak default value”, than a “strong default value”, and easily over-ridden, because chef-client sort of has to be run as root.
the one edge case where the recursive attribute is wrong
the 1% of the time
The percentages should be swapped, with 1% applying to the current implementation. How often do actually prefer and expect the intermediate dirs to be root instead of the assigned user/group property? the cookbook author never specified ‘root’, that is merely a coincidence, an accident, because you have to run chef as root.