Issue #5240 has been reported by Markus Falb.
----------------------------------------
Bug #5240: Default ownership
https://projects.puppetlabs.com/issues/5240
Author: Markus Falb
Status: Unreviewed
Priority: Normal
Assignee:
Category: file
Target version:
Affected Puppet version: 0.25.5
Keywords:
Branch:
file { "/bla/bla.txt":
ensure => file,
source => "puppet:///bla/bla.txt",
}
The file on puppetmaster belongs to user x with uid y and it is created on the
client with uid y whatever user this translates to.
A user for uid y may or may not exists on the client. uids/gids on puppetmaster
and puppetd are not necessarily synchronised. If I forget to set a ownership
explicitly possibly unrelated users on the client may access files. This
behaviour is potentially unsecure.
On puppetmaster (note the -n switch):
#$ ls -n bla.txt
-rw-r--r-- 1 502 301 4 8 Nov 16:25 bla.txt
The result on the client (user/group does not exist):
#$ ls -l bla.txt
-rw-r--r-- 1 502 301 4 Nov 8 16:39 bla.txt
Expected behaviour: I would like to rely on reasonable defaults. When no
user/group is explicitly defined, files should be created with ownership of the
user puppet runs as:
#$ ls -l bla.txt
-rw-r--r-- 1 root root 4 Nov 8 16:39 bla.txt
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
