Skip to content

Set owner of server config.ini to root #358

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 31, 2023
Merged

Set owner of server config.ini to root #358

merged 1 commit into from
Jul 31, 2023

Conversation

ekohl
Copy link
Contributor

@ekohl ekohl commented Sep 16, 2022

The puppetdb user doesn't need to write to the config (it's managed by Puppet after all) so setting the owner to root and using the group to only read is safer.

It is also closer to packaging, which ensures the owner is root after a package update. Ideally packaging would use the same group and mode as well so there isn't an event after a package update, but this change at least trims it down from 3 changes to 2.

@ekohl ekohl requested a review from a team as a code owner September 16, 2022 10:18
@puppet-community-rangefinder
Copy link

puppetdb::server::global is a class

that may have no external impact to Forge modules.

This module is declared in 33 of 579 indexed public Puppetfiles.

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

@ekohl
Copy link
Contributor Author

ekohl commented Sep 16, 2022

It is also closer to packaging, which ensures the owner is root after a package update. Ideally packaging would use the same group and mode as well so there isn't an event after a package update, but this change at least trims it down from 3 changes to 2.

Any idea where the RPM spec for this is so I can submit a PR?

@ekohl
Set owner of server config.ini to root
010bf13 
The puppetdb user doesn't need to write to the config (it's managed by
Puppet after all) so setting the owner to root and using the group to
only read is safer.

It is also closer to packaging, which ensures the owner is root after a
package update. Ideally packaging would use the same group and mode as
well so there isn't an event after a package update, but this change at
least trims it down from 3 changes to 2.
@ekohl ekohl force-pushed the set-owner-to-root branch from bfe7799 to 010bf13 Compare July 31, 2023 08:43
@bastelfreak bastelfreak merged commit d34409b into puppetlabs:main Jul 31, 2023
@ekohl ekohl deleted the set-owner-to-root branch July 31, 2023 11:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bastelfreak bastelfreak bastelfreak approved these changes

@smortex smortex Awaiting requested review from smortex smortex is a code owner

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ekohl @bastelfreak @smortex