Jira (PUP-7394) Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

[Ethan Brown (JIRA)]

Ethan Brown created an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows) Issue Type: Bug Assignee: Unassigned Created: 2017/03/23 2:09 PM Priority: Normal Reporter: Ethan Brown Assuming a file does not yet exist, a call to FileUtils.replace_file like the following will fail: Puppet::Util.replace_file('/tmp/foo', 0440) { |of| FileUtils.copy_stream(StringIO.new("\u1234"), of) } With an error like: Errno::EACCES: Permission denied @ rb_sysopen - /tmp/foo20170323-24678-rg0fn9 from /usr/local/opt/rbenv/versions/2.1.9/lib/ruby/2.1.0/fileutils.rb:494:in `initialize' This is because the replace_file code will use permissions of an existing file should it exist, but will try to chmod a file *before* yielding it back in the block if it does not yet exist. Therefore it is impossible to create a new read-only file like you might normally with Ruby itself like: File.open('/tmp/foo.txt', 'w+', 0440) { |fh| fh.write('hello world') } # => 11 Also note that the code path on Windows is slightly different and does not exhibit the same problem. Add Comment

This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe)

[Geoff Nichols (JIRA)]

Geoff Nichols updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Geoff Nichols Fix Version/s: PUP 5.y

Add Comment

[Geoff Nichols (JIRA)]

Geoff Nichols updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Geoff Nichols Sprint: Agent  Triage  Ready for Engineering

Add Comment

[Geoff Nichols (JIRA)]

Geoff Nichols updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Geoff Nichols Story Points: 3

Add Comment

[Ethan Brown (JIRA)]

Ethan Brown updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Ethan Brown Labels: triaged

Add Comment

[Jorie Tappa (JIRA)]

Jorie Tappa assigned an issue to Jorie Tappa

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Jorie Tappa Assignee: Jorie Tappa

Add Comment

This message was sent by Atlassian JIRA (v7.0.2#70111-sha1:88534db)

[Jorie Tappa (JIRA)]

Jorie Tappa updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Jorie Tappa Fix Version/s: PUP 5.y Fix Version/s: PUP 5.4.0

Add Comment

[Jorie Tappa (JIRA)]

Jorie Tappa updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Jorie Tappa Sub-team: Coremunity Story Points: 3 Sprint: Platform Core KANBAN

Add Comment

[Josh Cooper (JIRA)]

Josh Cooper commented on PUP-7394

Re: Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows) Merged to master in https://github.com/puppetlabs/puppet/commit/70e54bbd921a81d0e392e0d0aa646c181c826473

Add Comment

[Melissa Stone (JIRA)]

Melissa Stone assigned an issue to Melissa Stone

Puppet / PUP-7394

Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Melissa Stone Assignee: Jorie Tappa Melissa Stone

Add Comment

[Melissa Stone (JIRA)]

Melissa Stone commented on PUP-7394

Re: Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows) I manually verified this code change in both windows and non-windows, and it is behaving as expected

Add Comment

[Kenn Hussey (JIRA)]

Kenn Hussey commented on PUP-7394

Re: Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Jorie Tappa please add release notes for this issue, if needed. Thanks!

Add Comment

This message was sent by Atlassian JIRA (v7.5.1#75006-sha1:7df2574)

[Jorie Tappa (JIRA)]

Jorie Tappa updated an issue

Puppet / PUP-7394

Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: Jorie Tappa Release Notes Summary: When replacing an existing file, Puppet::Util.replace_file would set the temp file's permissions to be that of the existing file or the provided default permissions. This was done originally because the temp file was created with insecure file permissions, but using the existing file's mode meant that Puppet couldn't write to the temporary file if the file it was trying to replace was read-only. This is no longer necessary, because Puppet::FileSystem::Uniquefile creates temporary files with mode 0600. Release Notes: Bug Fix

Add Comment

[John Duarte (JIRA)]

John Duarte updated an issue

Puppet / PUP-7394 Puppet::Util.replace_file cannot be used to create a read-only file (on non-Windows)

Change By: John Duarte QA Risk Assessment: Needs Assessment No Action

Add Comment

This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)