On Thu, Sep 24, 2015 at 7:25 AM, jmp242 <[email protected]> wrote:
> So per my previous post, I'm now trying to replace the file POSIX
> permissions with ACLs. I'm apparently missing something though. I want to
> replicate what I had before in the new supported method, i.e.:
>
> owner => 'SYSTEM',
> group => 'Administrators',
> mode => '0775',
>
>
> So I tried doing:
> acl { 'chocolatey.config':
> target =>
> 'C:/ProgramData/chocolatey/config/chocolatey.config',
> purge => false,
> permissions => [
> {
> identity => 'SYSTEM',
> rights => [
> 'full'],
> perm_type => 'allow',
> child_types => 'all',
> affects => 'all'
> }
> ,
> {
> identity => 'Administrators',
> rights => [
> 'full'],
> perm_type => 'allow',
> child_types => 'all',
> affects => 'all'
> }
> ,
> {
> identity => 'Users',
> rights => [
> 'read',
> 'execute'],
> perm_type => 'allow',
> child_types => 'all',
> affects => 'all'
> }
> ],
> owner => 'SYSTEM', # Creator_Owner specific, doesn't manage
> unless specified
> group => 'Administrators', # Creator_Group specific,
> doesn't manage unless specified
> inherit_parent_permissions => true,
> require => File['chocolatey.config'],
> }
>
>
> As I understand the documentation, this seems to map, mind you - being far
> more verbose and complicated - to the original permissions.
>
Sure, it's a LOT more verbose if you add all of the defaults in. Leaving
out the defaults and considering that acl already does autorequires on a
file with the same path (we'll leave the requires in), this looks a lot
better:
acl { 'c:/ProgramData/chocolatey/config/chocolatey.config':
permissions => [
{ identity => 'SYSTEM', rights => ['full']},
{ identity => 'Administrators', rights => ['full']},
{ identity => 'Users', rights => ['read', 'execute']},
require => File['chocolatey.config'],
}
> However, I get errors:
> Could not evaluate: The parameter is incorrect. - ReportEvent
>
> This doesn't really help me figure out what I did wrong here...
>
Not really sure what caused this. Might be good to see this with a `--debug
--trace --verbose` run to see what may be causing the issue.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/a49f14bc-6804-4ba8-a033-752a6da2a9cb%40googlegroups.com
> <https://groups.google.com/d/msgid/puppet-users/a49f14bc-6804-4ba8-a033-752a6da2a9cb%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Rob Reynolds
Developer, Puppet Labs
*PuppetConf 2015 <http://2015.puppetconf.com/>** is right around the
corner! Join us October 5-9 in Portland, OR. **Register now
<https://puppetconf2015.eventbrite.com/>**.*
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAMJiBK45VpjwwUeUb%2BbVYJC8cLEyQt-50QJEiJcWV-jthEvJGA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
