Hi Neil,
I think the reason for this is that the correct mode-string is always
a scalar, a short string, while the correct owners/groups can
potentially be long lists.
Printing valid owners/groups could thus lead to messy output.
I'm therefore reluctant to call this a bug, but thanks for letting us know.
--
Regards,
Eystein
2009/12/7 <nwat...@symcor.com>:
> When a file permissions/ownership promise is set to warn only Cf gives
> full information regarding permissions but does not detail what is wrong
> with ownership. See below.
>
> [r...@unxxhd01 inputs]# ls -l /tmp/foo
> -rw-r--r-- 1 root root 0 Dec 7 14:13 /tmp/foo
>
> !! File /tmp/foo is owned by [root], group [root] <<<<------ Missing
> 'should be'.
> I: Made in version 'not specified' of './bar.cf' near line 18
> I: Comment:
>
> !! /tmp/foo has permission 644 - [should be 600]
> I: Made in version 'not specified' of './bar.cf' near line 18
> I: Comment:
>
>
> Test case:
>
> ######################
> body common control {
> bundlesequence => { "test" };
> }
>
> bundle common g {
> classes:
>
> "all" expression => "any";
> }
>
> bundle agent test {
>
> files:
>
> any::
> "/tmp/foo"
> action => warn_now,
> perms => system(
> "0600",
> "nwatson",
> "bin"
> ),
> classes => cdefine(
> "/tmp/foo_kept",
> "/tmp/foo_repaired",
> "/tmp/foo_failed"
> );
>
> reports:
>
> all::
>
> "/tmp/foo perms correct.",
> ifvarclass => canonify("/tmp/foo_kept");
>
> "WARNING: /tmp/foo perms fixed.",
> ifvarclass => canonify("/tmp/foo_repaired");
>
> "ALARM: /tmp/foo perms could not be fixed.",
> ifvarclass => canonify("/tmp/foo_failed");
> }
>
>
> body classes cdefine (k,r,f){
> promise_kept => {canonify("${k}")};
> promise_repaired => {canonify("${r}")};
> repair_failed => {canonify("${f}")};
> }
> body perms system(p,u,g) {
> mode => "${p}";
> owners => { "${u}" };
> groups => { "${g}" };
> }
> body action warn_now{
> action_policy => "warn";
> log_level => "inform";
> background => "true";
> }
>
> Sincerely,
> --
> Neil Watson
> 416-673-3465
>
>
>
> CONFIDENTIALITY WARNING
> This communication, including any attachments, is for the exclusive use of
> addressee and may contain proprietary and/or confidential information. If you
> are not the intended recipient, any use, copying, disclosure, dissemination
> or distribution is strictly prohibited. If you are not the intended
> recipient, please notify the sender immediately by return e-mail, delete this
> communication and destroy all copies.
>
> AVERTISSEMENT RELATIF À LA CONFIDENTIALITÉ
> Ce message, ainsi que les pièces qui y sont jointes, est destiné à l’usage
> exclusif de la personne à laquelle il s’adresse et peut contenir de
> l’information personnelle ou confidentielle. Si le lecteur de ce message n’en
> est pas le destinataire, nous l’avisons par la présente que toute diffusion,
> distribution, reproduction ou utilisation de son contenu est strictement
> interdite. Veuillez avertir sur-le-champ l’expéditeur par retour de courrier
> électronique et supprimez ce message ainsi que toutes les pièces jointes.
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
>
>
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
