Révision 0b7bcb5d
Align filemode on RedHat to distro default
The RPM acutally ships the configuration and directory with
0600/0700 while this module sets the mode to 0640/0750.
However, this has the drawback that on new nftables RPM versions,
we are setting it back to the modules mode and triggering an nft
validate.
| spec/defines/config_spec.rb | ||
|---|---|---|
| 12 | 12 |
facts |
| 13 | 13 |
end |
| 14 | 14 |
|
| 15 |
nft_mode = case facts[:os]['family'] |
|
| 16 |
when 'RedHat' |
|
| 17 |
'0600' |
|
| 18 |
else |
|
| 19 |
'0640' |
|
| 20 |
end |
|
| 21 |
|
|
| 15 | 22 |
context 'with source and content both unset' do |
| 16 | 23 |
it { is_expected.to compile }
|
| 17 | 24 |
it { is_expected.to contain_concat('nftables-FOO-BAR') }
|
| ... | ... | |
| 20 | 27 |
expect(subject).to contain_concat('nftables-FOO-BAR').with(
|
| 21 | 28 |
path: '/etc/nftables/puppet-preflight/custom-FOO-BAR.nft', |
| 22 | 29 |
ensure_newline: true, |
| 23 |
mode: '0640'
|
|
| 30 |
mode: nft_mode
|
|
| 24 | 31 |
) |
| 25 | 32 |
} |
| 26 | 33 |
|
| ... | ... | |
| 30 | 37 |
expect(subject).to contain_file('/etc/nftables/puppet/custom-FOO-BAR.nft').with(
|
| 31 | 38 |
ensure: 'file', |
| 32 | 39 |
source: '/etc/nftables/puppet-preflight/custom-FOO-BAR.nft', |
| 33 |
mode: '0640'
|
|
| 40 |
mode: nft_mode
|
|
| 34 | 41 |
) |
| 35 | 42 |
} |
| 36 | 43 |
|
| ... | ... | |
| 86 | 93 |
expect(subject).to contain_concat('nftables-FOO-BAR').with(
|
| 87 | 94 |
path: '/etc/nftables/puppet-preflight/custom-FOO-BAR.nft', |
| 88 | 95 |
ensure_newline: true, |
| 89 |
mode: '0640'
|
|
| 96 |
mode: nft_mode
|
|
| 90 | 97 |
) |
| 91 | 98 |
} |
| 92 | 99 |
|
| ... | ... | |
| 96 | 103 |
expect(subject).to contain_file('/etc/nftables/puppet/custom-FOO-BAR.nft').with(
|
| 97 | 104 |
ensure: 'file', |
| 98 | 105 |
source: '/etc/nftables/puppet-preflight/custom-FOO-BAR.nft', |
| 99 |
mode: '0640'
|
|
| 106 |
mode: nft_mode
|
|
| 100 | 107 |
) |
| 101 | 108 |
} |
| 102 | 109 |
|
Formats disponibles : Unified diff