I am only speaking for windows permissions: > >> >> But if you push the directory with recurse => true, what permissions >> would files get in that case? Permissions of the file on the master, or >> default permission for that scope? >> > On Windows the answer is the permissions on the endpoint (no modification). Permissions are never copied from src to dest. Particularly sourcing from *nix, I would end up with a box of chocolateys I don't want to eat.
> > > I think you're confusing two unrelated dimensions. Whether the resource > is recursive or not, if no mode (uid/gid) is declared for it then Puppet > should not modify the mode (uid/gid) of *existing files* as part of > managing that resource. This is standard Puppet behavior, and users should > be able to rely on it. There are functional reasons to want it, too. > No - don't want it. no mode, no perm change. Standard windows inheritance model. > > There is a completely separate question of what Puppet should do when it > *creates > a new file*: if the resource declaration does not specify a mode > (uid/gid) then Puppet either must choose one by some other means. Its > current behavior is to use the properties of the source file, which I > actually think is fine, though issue 5240 raises questions about that > behavior. > > Negative - not fine for windows. Never want the source mode to end up on the target. Bad settings = takeown = bad. > Recursive File resources have long been a problematic area for Puppet. > That's not a flaw in Puppet (unless you consider recursive Files themselves > to be a misfeature); rather, it's inherent in the problem. The whole point > of recursive File resources is to manage a bunch of files without declaring > all the properties of each one individually. But then, you're not > declaring the properties of each one individually. If you want fine > control then you need something that carries all the needed data. The best > alternative in most cases is either to manage Files separately or to > package them up and manage them via the Package. > > On windows inheritance model works nicely. The security.rb and mode interpretation should not be applicable on windows. We need to rewrite perms to respect ntfs. > > John > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/jnCsosOdCsAJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
