diff options
| author | Micah Anderson <micah@riseup.net> | 2013-02-25 14:59:10 -0500 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2013-02-25 14:59:10 -0500 |
| commit | 1396a9ebeb26fd3fa0635dbc6c51537d23c14fd9 (patch) | |
| tree | 6561dcab1d86caae2eb1f66bc50970318566d9ed | |
| parent | e4c08ad09b96794ea70ce337c574568e4e52297b (diff) | |
set the owner/group and mode of the chroot directory properly
"It is important to ensure that <jail_dir> is both empty and unwritable to
anyone."
reference: http://cbonte.github.com/haproxy-dconv/configuration-1.4.html#3-chroot
| -rw-r--r-- | manifests/init.pp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index a0c191d..7815769 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -113,7 +113,11 @@ class haproxy ( } file { $global_options['chroot']: - ensure => directory, + ensure => directory, + owner => $global_options['user'], + group => $global_options['group'], + mode => '0550', + require => Package['haproxy'] } } |