Issue #8192 has been updated by Lee Lowder.
This is easily worked around by quoting the mode, which is what the current docs recommend doing anyways. It also avoids any confusion between strings, decimals and octals. ---------------------------------------- Bug #8192: puppet breaking setuid bit on group change https://projects.puppetlabs.com/issues/8192#change-87693 * Author: Jan-Frode Myklebust * Status: Accepted * Priority: Normal * Assignee: Daniel Pittman * Category: file * Target version: * Affected Puppet version: 0.22.1 * Keywords: * Branch: ---------------------------------------- We have a puppet module that's trying to manage owner, group and setuid bit on /bin/nice: file { "/bin/nice": owner => root, group => root, mode => 6555, } If the mode is correct, but group is wrong, puppet will fix the group and lose the setuid bit: # chgrp bin /bin/nice # chmod 6555 /bin/nice # ls -l /bin/nice -r-sr-sr-x 1 root bin 23424 Jan 26 17:12 /bin/nice # pkill -USR1 puppet Jun 29 22:26:29 xsp4 puppetd[21024]: Caught USR1; calling reload Jun 29 22:26:32 xsp4 puppetd[21024]: (/Stage[main]/SomeSystem::Nice/File[/bin/nice]/group) group changed 'bin' to 'root' Jun 29 22:26:33 xsp4 puppetd[21024]: Finished catalog run in 1.86 seconds # ls -l /bin/nice -r-xr-xr-x 1 root root 23424 Jan 26 17:12 /bin/nice And puppet then needs a second run to fix the setuid bit: # pkill -USR1 puppet Jun 29 22:26:44 xsp4 puppetd[21024]: (/Stage[main]/SomeSystem::Nice/File[/bin/nice]/mode) mode changed '555' to '6555' # ls -l /bin/nice -r-sr-sr-x 1 root root 23424 Jan 26 17:12 /bin/nice This has only been tested on v0.25.4 on RHEL5. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
