diff options
author | Krakowitzer, Merritt <merritt@krakowitzer.com> | 2014-07-23 15:02:17 +0200 |
---|---|---|
committer | Krakowitzer, Merritt <merritt@krakowitzer.com> | 2014-07-23 15:02:17 +0200 |
commit | fae89b62ac7d7cd24a5e2eb59e6c44f052476327 (patch) | |
tree | abc54722241f26e9f4522cf9f9a09ed2ad7f030b | |
parent | 881d3b94c1574aced6d384de228c0ec4d59d66b5 (diff) |
Fix Issue #92
setting the perm_file => '0640', and perm_dir => '0750', params do not take effect.
As they are overridden by the umask of the the rsyslog process. This is typically set by RHEL rsyslog init script. This can be resolved by setting the $Umask paramater to 0000.
It is well documented here:
http://www.rsyslog.com/doc/rsconf1_filecreatemode.html
-rw-r--r-- | manifests/init.pp | 1 | ||||
-rw-r--r-- | manifests/params.pp | 1 | ||||
-rw-r--r-- | templates/rsyslog.conf.erb | 1 |
3 files changed, 3 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index f0b2cd2..6cd0da8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -27,6 +27,7 @@ class rsyslog ( $log_user = $rsyslog::params::log_user, $log_group = $rsyslog::params::log_group, $log_style = $rsyslog::params::log_style, + $umask = $rsyslog::params::umask, $perm_file = $rsyslog::params::perm_file, $perm_dir = $rsyslog::params::perm_dir, $spool_dir = $rsyslog::params::spool_dir, diff --git a/manifests/params.pp b/manifests/params.pp index f4cd74b..b0014d2 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -109,6 +109,7 @@ class rsyslog::params { $log_user = 'root' $log_group = 'root' $log_style = 'redhat' + $umask = '0000' $perm_file = '0600' $perm_dir = '0750' $spool_dir = '/var/lib/rsyslog' diff --git a/templates/rsyslog.conf.erb b/templates/rsyslog.conf.erb index 1e5e1f6..ef2a05e 100644 --- a/templates/rsyslog.conf.erb +++ b/templates/rsyslog.conf.erb @@ -26,6 +26,7 @@ $DirGroup <%= scope.lookupvar('rsyslog::log_group') %> $DirCreateMode <%= scope.lookupvar('rsyslog::perm_dir') %> $PrivDropToUser <%= scope.lookupvar('rsyslog::run_user') %> $PrivDropToGroup <%= scope.lookupvar('rsyslog::run_group') %> +$Umask <%= scope.lookupvar('rsyslog::umask') %> # # Include all config files in <%= scope.lookupvar('rsyslog::rsyslog_d') %> |