summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2016-01-08 12:12:07 +0100
committervarac <varacanero@zeromail.org>2016-01-08 12:12:07 +0100
commit1241fb2f62733b8b8b561f9746505f23cd81e3be (patch)
treee90017aef14a386536a9cd6d97c0fe794f2f437e /puppet
parent986a0ac73585d8f8427c6fa4818cbc662b59cef3 (diff)
[bug] Make /etc/leap world-readable
Under jessie, leap-mx is started by systemd now, not as a forked proc by twistd anymore. Therefore leap-mx (the user the mx proc runs as) needs direct access to it's config file under /etc/leap/mx.conf. Before, twistd would start as root, read the config and then fork an mx proc as unprivileged leap-mx user. - Tested: [quetzal] - Resolves: #7782
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_config/manifests/files.pp7
1 files changed, 4 insertions, 3 deletions
diff --git a/puppet/modules/site_config/manifests/files.pp b/puppet/modules/site_config/manifests/files.pp
index 684d3ad0..d2ef8a98 100644
--- a/puppet/modules/site_config/manifests/files.pp
+++ b/puppet/modules/site_config/manifests/files.pp
@@ -1,3 +1,4 @@
+# set up core leap files and directories
class site_config::files {
file {
@@ -7,15 +8,15 @@ class site_config::files {
group => 'root',
mode => '0711';
- '/var/lib/leap':
+ [ '/etc/leap', '/var/lib/leap']:
ensure => directory,
- owner => root,
+ owner => 'root',
group => 'root',
mode => '0755';
'/var/log/leap':
ensure => directory,
- owner => root,
+ owner => 'root',
group => 'adm',
mode => '0750';
}