From: Jesse Wolfe <[email protected]> Add a flag "manage_internal_file_permissions" which is enabled by default. Disabling this flag prevents Puppet from managing the owner, group, or mode of files created from Puppet::Util::Settings::FileSetting
I think this is a wide enough net to follow Luke's suggestion of "disable management of everything", and it certainly satisfies the requests I'm aware of, but if I've missed anything, let me know. Signed-off-by: Jesse Wolfe <[email protected]> Signed-off-by: James Turnbull <[email protected]> --- lib/puppet/defaults.rb | 4 ++++ lib/puppet/util/settings/file_setting.rb | 11 +++++++---- spec/unit/util/settings/file_setting.rb | 25 +++++++++++++++++++++++++ 3 files changed, 36 insertions(+), 4 deletions(-) diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb index 9d992dd..590de83 100644 --- a/lib/puppet/defaults.rb +++ b/lib/puppet/defaults.rb @@ -86,6 +86,10 @@ module Puppet :mkusers => [false, "Whether to create the necessary user and group that puppetd will run as."], + :manage_internal_file_permissions => [true, + "Whether Puppet should manage the owner, group, and mode of files + it uses internally" + ], :path => {:default => "none", :desc => "The shell search path. Defaults to whatever is inherited from the parent process.", diff --git a/lib/puppet/util/settings/file_setting.rb b/lib/puppet/util/settings/file_setting.rb index 573628f..2dfbcf4 100644 --- a/lib/puppet/util/settings/file_setting.rb +++ b/lib/puppet/util/settings/file_setting.rb @@ -89,11 +89,14 @@ class Puppet::Util::Settings::FileSetting < Puppet::Util::Settings::Setting return nil if path =~ /^\/dev/ resource = Puppet::Resource.new(:file, path) - resource[:mode] = self.mode if self.mode - if Puppet.features.root? - resource[:owner] = self.owner if self.owner - resource[:group] = self.group if self.group + if Puppet[:manage_internal_file_permissions] + resource[:mode] = self.mode if self.mode + + if Puppet.features.root? + resource[:owner] = self.owner if self.owner + resource[:group] = self.group if self.group + end end resource[:ensure] = type diff --git a/spec/unit/util/settings/file_setting.rb b/spec/unit/util/settings/file_setting.rb index 74d68fb..dfe4d25 100755 --- a/spec/unit/util/settings/file_setting.rb +++ b/spec/unit/util/settings/file_setting.rb @@ -169,18 +169,43 @@ describe Puppet::Util::Settings::FileSetting do @file.to_resource[:mode].should == 0755 end + it "should not set the mode on a the file if manage_internal_file_permissions is disabled" do + Puppet[:manage_internal_file_permissions] = false + + @file.stubs(:mode).returns(0755) + + @file.to_resource[:mode].should == nil + end + it "should set the owner if running as root and the owner is provided" do Puppet.features.expects(:root?).returns true @file.stubs(:owner).returns "foo" @file.to_resource[:owner].should == "foo" end + it "should not set the owner if manage_internal_file_permissions is disabled" do + Puppet[:manage_internal_file_permissions] = false + Puppet.features.stubs(:root?).returns true + @file.stubs(:owner).returns "foo" + + @file.to_resource[:owner].should == nil + end + it "should set the group if running as root and the group is provided" do Puppet.features.expects(:root?).returns true @file.stubs(:group).returns "foo" @file.to_resource[:group].should == "foo" end + it "should not set the group if manage_internal_file_permissions is disabled" do + Puppet[:manage_internal_file_permissions] = false + Puppet.features.stubs(:root?).returns true + @file.stubs(:group).returns "foo" + + @file.to_resource[:group].should == nil + end + + it "should not set owner if not running as root" do Puppet.features.expects(:root?).returns false @file.stubs(:owner).returns "foo" -- 1.6.5.2
-- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
