Issue #14857 has been updated by Stefan Schulte.
Puppet will already fix ownership/group membership of files that are managed
with puppet (`owner` and `group` property). And in my opinion puppet should
**not** try to correct already existing files that are not under puppet
control. Let's say you have mounted an NFS share with files owned by group
`foo`. Now someone creates a group `bar` but accidentally with foo's gid. If
puppet now corrects the manually created group `bar` you don't want to change
the group on all files on NFS. This may not be an ideal example but I just want
to point out that puppet running through the filesystem and changing ownerships
may not always what you want/expect.
It may only be safe to do that in the user's homedirectory and in fact `usermod
-g/-u` already does that for you (at least on linux):
<pre>
-g, --gid GROUP
The group name or number of the users new initial login group. The
group must exist.
Any file from the users home directory owned by the previous primary
group of the user will be owned
by this new group.
The group ownership of files outside of the users home directory
must be fixed manually.
</pre>
So in my opinion changing gid/uid does always include manual intervention but I
guess it is a valid request to show a warning message when puppet updates gid
or uid that you have to fix ownership of files that you are not managing with
puppet.
----------------------------------------
Bug #14857: gid on files and directories don't change if group's gid is changed
https://projects.puppetlabs.com/issues/14857#change-64701
Author: jist anidiot
Status: Unreviewed
Priority: Normal
Assignee:
Category:
Target version:
Affected Puppet version: 2.7.12
Keywords:
Branch:
Problem: Someone created a group on a RHEL 5 box manually (in my specific case
it was in conjunction with a user). Puppet comes along and changes that's
group's gid (as well as the uid for the user). However all the files and
directories that had that group do not get updated with the new gid (as an
aside the uid does seem to get changed). I would think a gid id change for a
group should result in something similar as a uid change for a user.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
