From fae89b62ac7d7cd24a5e2eb59e6c44f052476327 Mon Sep 17 00:00:00 2001 From: "Krakowitzer, Merritt" Date: Wed, 23 Jul 2014 15:02:17 +0200 Subject: Fix Issue #92 setting the perm_file => '0640', and perm_dir => '0750', params do not take effect. As they are overridden by the umask of the the rsyslog process. This is typically set by RHEL rsyslog init script. This can be resolved by setting the $Umask paramater to 0000. It is well documented here: http://www.rsyslog.com/doc/rsconf1_filecreatemode.html --- manifests/init.pp | 1 + manifests/params.pp | 1 + templates/rsyslog.conf.erb | 1 + 3 files changed, 3 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index f0b2cd2..6cd0da8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -27,6 +27,7 @@ class rsyslog ( $log_user = $rsyslog::params::log_user, $log_group = $rsyslog::params::log_group, $log_style = $rsyslog::params::log_style, + $umask = $rsyslog::params::umask, $perm_file = $rsyslog::params::perm_file, $perm_dir = $rsyslog::params::perm_dir, $spool_dir = $rsyslog::params::spool_dir, diff --git a/manifests/params.pp b/manifests/params.pp index f4cd74b..b0014d2 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -109,6 +109,7 @@ class rsyslog::params { $log_user = 'root' $log_group = 'root' $log_style = 'redhat' + $umask = '0000' $perm_file = '0600' $perm_dir = '0750' $spool_dir = '/var/lib/rsyslog' diff --git a/templates/rsyslog.conf.erb b/templates/rsyslog.conf.erb index 1e5e1f6..ef2a05e 100644 --- a/templates/rsyslog.conf.erb +++ b/templates/rsyslog.conf.erb @@ -26,6 +26,7 @@ $DirGroup <%= scope.lookupvar('rsyslog::log_group') %> $DirCreateMode <%= scope.lookupvar('rsyslog::perm_dir') %> $PrivDropToUser <%= scope.lookupvar('rsyslog::run_user') %> $PrivDropToGroup <%= scope.lookupvar('rsyslog::run_group') %> +$Umask <%= scope.lookupvar('rsyslog::umask') %> # # Include all config files in <%= scope.lookupvar('rsyslog::rsyslog_d') %> -- cgit v1.2.3