Révision 0b7bcb5d
Align filemode on RedHat to distro default
The RPM acutally ships the configuration and directory with
0600/0700 while this module sets the mode to 0640/0750.
However, this has the drawback that on new nftables RPM versions,
we are setting it back to the modules mode and triggering an nft
validate.
| manifests/chain.pp | ||
|---|---|---|
| 15 | 15 |
path => "/etc/nftables/puppet-preflight/${table}-chain-${chain}.nft",
|
| 16 | 16 |
owner => root, |
| 17 | 17 |
group => root, |
| 18 |
mode => '0640',
|
|
| 18 |
mode => $nftables::default_config_mode,
|
|
| 19 | 19 |
ensure_newline => true, |
| 20 | 20 |
require => Package['nftables'], |
| 21 | 21 |
} ~> Exec['nft validate'] -> file {
|
| ... | ... | |
| 24 | 24 |
source => "/etc/nftables/puppet-preflight/${table}-chain-${chain}.nft",
|
| 25 | 25 |
owner => root, |
| 26 | 26 |
group => root, |
| 27 |
mode => '0640',
|
|
| 27 |
mode => $nftables::default_config_mode,
|
|
| 28 | 28 |
} ~> Service['nftables'] |
| 29 | 29 |
|
| 30 | 30 |
concat::fragment {
|
Formats disponibles : Unified diff