From fc86a0813130503249a1f4208eadbcea60954220 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 23 Feb 2011 21:36:34 -0300 Subject: Trying to keep the right permissions and ownership at /etc/puppet --- manifests/puppet.pp | 23 +++++++++++++++++++++++ manifests/puppetd.pp | 9 ++++++++- manifests/puppetmasterd.pp | 22 ++++++++++++++++++++++ 3 files changed, 53 insertions(+), 1 deletion(-) diff --git a/manifests/puppet.pp b/manifests/puppet.pp index 51a355b..5dd5dd9 100644 --- a/manifests/puppet.pp +++ b/manifests/puppet.pp @@ -19,6 +19,29 @@ class puppet { owner => puppet, group => puppet, mode => 0640, + require => User["puppet"], + } + + file { "/etc/puppet/manifests": + ensure => directory, + owner => puppet, + group => puppet, + recurse => inf, + require => User["puppet"], + } + + file { "/etc/puppet/modules": + ensure => directory, + owner => puppet, + group => puppet, + recurse => inf, + require => User["puppet"], + } + + file { "/etc/puppet/templates": + ensure => directory, + owner => puppet, + group => puppet, recurse => inf, require => User["puppet"], } diff --git a/manifests/puppetd.pp b/manifests/puppetd.pp index 0fcba46..7e2b33b 100644 --- a/manifests/puppetd.pp +++ b/manifests/puppetd.pp @@ -42,10 +42,17 @@ class puppetd inherits puppet { file { "/etc/puppet/puppet.conf": ensure => file, owner => puppet, - group => root, + group => puppet, mode => 0640, content => template("puppet/puppet-node.conf.erb"), } + } else { + file { "/etc/puppet/puppet.conf": + ensure => file, + owner => puppet, + group => puppet, + mode => 0640, + } } # cron rule to restart puppet minutes after puppetmaster is restarted diff --git a/manifests/puppetmasterd.pp b/manifests/puppetmasterd.pp index a961cad..f542f1f 100644 --- a/manifests/puppetmasterd.pp +++ b/manifests/puppetmasterd.pp @@ -53,6 +53,28 @@ class puppetmasterd { notify => Service['puppetmaster'], } + file { "/etc/puppet/files": + ensure => directory, + owner => puppet, + group => puppet, + recurse => inf, + require => User["puppet"], + } + + file { "/etc/puppet/auth.conf": + ensure => file, + owner => puppet, + group => puppet, + require => User["puppet"], + } + + file { "/etc/puppet/fileserver.conf": + ensure => file, + owner => puppet, + group => puppet, + require => User["puppet"], + } + case $puppetmaster_servertype { 'mongrel': { include nginx::puppetmaster -- cgit v1.2.3