--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/e1fc47ce-52a1-4f61-b4df-c0353312c65cn%40googlegroups.com.
to learn further into what brad is saying here
here is an example that also uses import_yaml so you only have a yaml file to maintain to change which files get hardened
{% import_yaml "hard_file/files.yaml" as files %}
{% for file in files %}
harden_filepermissions__{{ file.filename }}:
file.managed:
- name: {{ file.filename }}
- mode: {{ file.filemode }}
- replace: False
- onlyif:
- fun: file.file_exists
path: {{file.filename}}
{% endfor %}
and the yaml file it loads [for testing]
root@salt00:/srv/salt/hard_file# cat files.yaml
- filename: /tmp/test1
filemode: "0600"
user: root
group: root
- filename: /tmp/test2
filemode: "0600"
user: root
group: root
and the results of the above when only /tmp/test1 exists
local:
----------
ID: harden_filepermissions__/tmp/test1
Function: file.managed
Name: /tmp/test1
Result: True
Comment:
Started: 18:45:22.886965
Duration: 3078.46 ms
Changes:
----------
mode:
0600
----------
ID: harden_filepermissions__/tmp/test2
Function: file.managed
Name: /tmp/test2
Result: True
Comment: onlyif condition is false
Started: 18:45:25.965703
Duration: 11.909 ms
Changes:
Summary for local
------------
Succeeded: 2 (changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 3.090 s
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/bd3b5399-b5f5-4036-9bfe-72afde40e8c9n%40googlegroups.com.