Ensuring permissions of non-managed file
21 views
Skip to first unread message
John Hicks
Feb 5, 2016, 5:44:39 AM2/5/16
to Salt-users
I've read the file state docs but I can't see a way to check/set the ownership and permissions of a non-managed file?
For example, we recently had a situation where a binary within a software package that should have been owned by root (mode 4750) had it's owner changed by mistake as an Ops guy thought all binaries in the dir should be owned by the package user. So, I want to add a state that will ensure this file is owned by root with the right mode but I don't want to push it out from a file source location.
Should this be an enhancement to file.exists maybe to assert a file exists and has the right permissions, etc?
Regards,
John
Dmitry Golubenko
Feb 5, 2016, 6:04:46 AM2/5/16
to salt-...@googlegroups.com
В Птн, 05/02/2016 в 02:44 -0800, John Hicks пишет:
/tmp/test:
file.managed:
- mode: 4750
user and group defaults to root. at least when minion runs as root
>
>
> Should this be an enhancement to file.exists maybe to assert a file
> exists and has the right permissions, etc?
>
>
> Regards,
> John
> --
> You received this message because you are subscribed to the Google
> Groups "Salt-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to salt-users+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
> I've read the file state docs but I can't see a way to check/set the
> ownership and permissions of a non-managed file?
>
>
> For example, we recently had a situation where a binary within a
> software package that should have been owned by root (mode 4750) had
> it's owner changed by mistake as an Ops guy thought all binaries in
> the dir should be owned by the package user. So, I want to add a state
> that will ensure this file is owned by root with the right mode but I
> don't want to push it out from a file source location.
just omit source arg in file.managed.
> ownership and permissions of a non-managed file?
>
>
> For example, we recently had a situation where a binary within a
> software package that should have been owned by root (mode 4750) had
> it's owner changed by mistake as an Ops guy thought all binaries in
> the dir should be owned by the package user. So, I want to add a state
> that will ensure this file is owned by root with the right mode but I
> don't want to push it out from a file source location.
/tmp/test:
file.managed:
- mode: 4750
user and group defaults to root. at least when minion runs as root
>
>
> Should this be an enhancement to file.exists maybe to assert a file
> exists and has the right permissions, etc?
>
>
> Regards,
> John
> You received this message because you are subscribed to the Google
> Groups "Salt-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to salt-users+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
John Hicks
Feb 5, 2016, 10:32:29 AM2/5/16
to Salt-users
I read the docs and it implies that leaving the source off results in an empty file - "If source is left blank or None
(use ~ in YAML), the file will be created as an empty file and
the content will not be managed".
If you saying that if the file already exists (and is is not empty) and you omit the source parameter, that the other management operations occur but no content replacement is done then it looks like the docs need updating.
Thanks!
Megan Wilhite
Feb 5, 2016, 12:30:26 PM2/5/16
to Salt-users
John,
Dmitry is correct that you just need to leave the source argument off. I just tested this and it works fine with a file that already exists. I dont think the docs are incorrect but could use some clarification.
"If source is left blank or None (use ~ in YAML), the file will be created as an empty file and the content will not be managed".
The above documentation is correct if the file does not already exist. I think we can definitely had some clarification in there if a file already exists.
Megan Wilhite
Feb 5, 2016, 5:46:46 PM2/5/16
to Salt-users
I just created a PR that I hope clarifies this: https://github.com/saltstack/salt/pull/30955
Reply all
Reply to author
Forward
0 new messages