Project

General

Profile

Actions
Copy link

Bug #21419

closed

Reverse logic of setfacl_etc_dhcp and setfacl_var_lib_dhcp

Added by Lukas Pramuk about 7 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ewoud Kohl van Wijngaarden
Category:
-
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
1477545
Pull request:
https://github.com/theforeman/puppet-foreman_proxy/pull/386
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

setfacl installer code is working but with reverse logic, see:

1. Set ACL
  1. setfacl -R -m u:foreman-proxy:rx /var/lib/dhcpd /etc/dhcp
  1. satellite-installer -v
    ...
    [ WARN 2017-10-22 06:48:16 verbose] /Stage[main]/Foreman_proxy::Proxydhcp/Exec[setfacl_etc_dhcp]/returns: executed successfully
    [ WARN 2017-10-22 06:48:16 verbose] /Stage[main]/Dhcp/Concat[/etc/dhcp/dhcpd.conf]/File[/etc/dhcp/dhcpd.conf]/mode: mode changed '0654' to '0644'
    [ INFO 2017-10-22 06:48:16 verbose] Concat[/etc/dhcp/dhcpd.conf]: Scheduling refresh of Service[dhcpd]
    ...

when acl is present installer sets it !!!

2. Remove ACL
  1. setfacl -R -x u:foreman-proxy /var/lib/dhcpd /etc/dhcp
  1. satellite-installer -v
    ...
    <no exec of setfacl_etc_dhcp>
    ...

when acl is not set installer doesn't set it !!!

Moreover, setfacl_var_lib_dhcp has typo!!!

onlyif  => "getfacl -p /var/lib/dhcp | grep user:${::foreman_proxy::user}:r-x"

/var/lib/dhcp doesn't exist it should be /var/lib/dhcpd

Related issues 1 (0 open1 closed)

Related to Installer - Bug #20683: Upgrade of dhcpd always breaks permissionsClosedEric Helms08/21/2017Actions
Actions
Copy link

Also available in: Atom PDF