diff options
author | varac <varacanero@zeromail.org> | 2016-01-08 12:12:07 +0100 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2016-01-08 12:12:07 +0100 |
commit | 1241fb2f62733b8b8b561f9746505f23cd81e3be (patch) | |
tree | e90017aef14a386536a9cd6d97c0fe794f2f437e /puppet/modules/site_config/manifests | |
parent | 986a0ac73585d8f8427c6fa4818cbc662b59cef3 (diff) |
[bug] Make /etc/leap world-readable
Under jessie, leap-mx is started by systemd now, not as a forked
proc by twistd anymore. Therefore leap-mx (the user the mx proc runs
as) needs direct access to it's config file under /etc/leap/mx.conf.
Before, twistd would start as root, read the config and then fork an mx
proc as unprivileged leap-mx user.
- Tested: [quetzal]
- Resolves: #7782
Diffstat (limited to 'puppet/modules/site_config/manifests')
-rw-r--r-- | puppet/modules/site_config/manifests/files.pp | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/puppet/modules/site_config/manifests/files.pp b/puppet/modules/site_config/manifests/files.pp index 684d3ad0..d2ef8a98 100644 --- a/puppet/modules/site_config/manifests/files.pp +++ b/puppet/modules/site_config/manifests/files.pp @@ -1,3 +1,4 @@ +# set up core leap files and directories class site_config::files { file { @@ -7,15 +8,15 @@ class site_config::files { group => 'root', mode => '0711'; - '/var/lib/leap': + [ '/etc/leap', '/var/lib/leap']: ensure => directory, - owner => root, + owner => 'root', group => 'root', mode => '0755'; '/var/log/leap': ensure => directory, - owner => root, + owner => 'root', group => 'adm', mode => '0750'; } |