- From: Matt Ray <
>
- To:
- Subject: [chef] Re: Re: Re: Template resource: default value for mode attribute?
- Date: Fri, 3 Jun 2011 16:19:41 -0500
Reverted my edit then. Does this behavior go for File, Template,
Remote_File and Cookbook_File? If so should we note it in File
Distribution page?
http://wiki.opscode.com/display/chef/File+Distribution#FileDistribution-FileSpecificity
Thanks,
Matt Ray
Senior Technical Evangelist | Opscode Inc.
| (512) 731-2218
Twitter, IRC, GitHub: mattray
On Fri, Jun 3, 2011 at 2:27 PM, Adam Jacob
<
>
wrote:
>
This is not always the default - it's going to be a reflection of the
>
user who runs chef's umask. Most operating systems will have this be
>
0600, but not all of them will - so you can't rely on it as a general
>
rule.
>
>
Adam
>
>
On Fri, Jun 3, 2011 at 7:43 AM, Matt Ray
>
<
>
>
wrote:
>
> I verified this and I've updated the Template entry on the Resources
>
> page to reflect the default.
>
> http://wiki.opscode.com/display/chef/Resources#Resources-Template
>
>
>
> Thanks,
>
> Matt Ray
>
> Senior Technical Evangelist | Opscode Inc.
>
>
>
> | (512) 731-2218
>
> Twitter, IRC, GitHub: mattray
>
>
>
>
>
>
>
> On Thu, Jun 2, 2011 at 9:34 PM, Faiz Kazi
>
> <
>
>
> wrote:
>
>>
>
>> It appears that if one does not specify a mode,
>
>> files generated/overwritten by template resources
>
>> end up having permissions like -rw------- (0600).
>
>>
>
>> This seems like a sane default. But maybe the
>
>> documentation should make this explicit.
>
>> Right now, the template resource wiki page
>
>> http://wiki.opscode.com/display/chef/Resources#Resources-Template
>
>> reads:
>
>>
>
>> Attribute: mode
>
>> Description: "The octal mode of the file - 0755"
>
>> Default Value: (nothing here)
>
>>
>
>> Take for example the simple case of managing /etc/hosts.
>
>> This file usually has permissions -rw-r--r--.
>
>>
>
>> template '/etc/hosts'
>
>> source 'hosts.erb'
>
>> end
>
>>
>
>> .. will overwrite /etc/hosts as expected, but if one
>
>> forgets to pass in the mode attribute, '/etc/hosts'
>
>> ends up as readable only by root (i.e., -rw-------).
>
>>
>
>> This is not really a major problem (I simply make sure
>
>> to pass in a mode explicitly).
>
>> but as a suggestion:
>
>>
>
>> (1) For existing files that get 'templated',
>
>> chef-client could just leave the permissions untouched.
>
>>
>
>> OR
>
>>
>
>> (2) Fix the docs to make it very clear that unless
>
>> one specifies a mode explicitly, the file
>
>> created/overwritten by the template will end up
>
>> with the default mode (and that the default
>
>> mode is 0600, not 0755)
>
>>
>
>>
>
>> For the record, I'm still running 0.9.16.
>
>>
>
>> Thanks,
>
>> Faiz
>
>>
>
>>
>
>>
>
>>
>
>
>
>
>
>
--
>
Opscode, Inc.
>
Adam Jacob, Chief Product Officer
>
T: (206) 619-7151 E:
>
>
Archive powered by MHonArc 2.6.16.