Skip to content

Commit 77b0033

Browse files
bastelfreakbastelfreak
authored
Merge pull request #835 from wyardley/wyardley-703
[fix] ownership and permissions on conf files
2 parents eafe833 + 5e5116a commit 77b0033

File tree

3 files changed

+39
-13
lines changed

3 files changed

+39
-13
lines changed

manifests/config.pp

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -146,23 +146,23 @@
146146
147147
file { '/etc/rabbitmq':
148148
ensure => directory,
149-
owner => '0',
150-
group => '0',
151-
mode => '0755',
149+
owner => $rabbitmq_user,
150+
group => $rabbitmq_group,
151+
mode => '2755',
152152
}
153153
154154
file { '/etc/rabbitmq/ssl':
155155
ensure => directory,
156-
owner => '0',
157-
group => '0',
158-
mode => '0755',
156+
owner => $rabbitmq_user,
157+
group => $rabbitmq_group,
158+
mode => '2750',
159159
}
160160
161161
file { 'rabbitmq.config':
162162
ensure => file,
163163
path => $config_path,
164164
content => template($config),
165-
owner => '0',
165+
owner => $rabbitmq_user,
166166
group => $rabbitmq_group,
167167
mode => '0640',
168168
}
@@ -171,7 +171,7 @@
171171
ensure => file,
172172
path => $env_config_path,
173173
content => template($env_config),
174-
owner => '0',
174+
owner => $rabbitmq_user,
175175
group => $rabbitmq_group,
176176
mode => '0640',
177177
}
@@ -180,7 +180,7 @@
180180
ensure => file,
181181
path => $inetrc_config_path,
182182
content => template($inetrc_config),
183-
owner => '0',
183+
owner => $rabbitmq_user,
184184
group => $rabbitmq_group,
185185
mode => '0640',
186186
}
@@ -190,7 +190,7 @@
190190
ensure => file,
191191
path => '/etc/rabbitmq/enabled_plugins',
192192
content => template('rabbitmq/enabled_plugins.erb'),
193-
owner => '0',
193+
owner => $rabbitmq_user,
194194
group => $rabbitmq_group,
195195
mode => '0640',
196196
require => File['/etc/rabbitmq'],
@@ -202,7 +202,7 @@
202202
ensure => file,
203203
path => '/etc/rabbitmq/rabbitmqadmin.conf',
204204
content => template('rabbitmq/rabbitmqadmin.conf.erb'),
205-
owner => '0',
205+
owner => $rabbitmq_user,
206206
group => $rabbitmq_group,
207207
mode => '0640',
208208
require => File['/etc/rabbitmq'],

spec/acceptance/class_spec.rb

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,19 @@ class { 'erlang': epel_enable => true}
3737
it { is_expected.to be_enabled }
3838
it { is_expected.to be_running }
3939
end
40+
41+
describe file('/etc/rabbitmq') do
42+
it { is_expected.to be_directory }
43+
it { is_expected.to be_owned_by 'rabbitmq' }
44+
it { is_expected.to be_grouped_into 'rabbitmq' }
45+
end
46+
47+
describe file('/etc/rabbitmq/ssl') do
48+
it { is_expected.to be_directory }
49+
it { is_expected.to be_owned_by 'rabbitmq' }
50+
it { is_expected.to be_grouped_into 'rabbitmq' }
51+
it { is_expected.not_to be_readable.by('others') }
52+
end
4053
end
4154

4255
context 'disable and stop service' do

spec/classes/rabbitmq_spec.rb

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -310,21 +310,34 @@
310310
it {
311311
is_expected.to contain_file('/etc/rabbitmq').with(
312312
'ensure' => 'directory',
313-
'mode' => '0755'
313+
'owner' => 'rabbitmq',
314+
'group' => 'rabbitmq',
315+
'mode' => '2755'
314316
)
315317
}
316318
end
317319

318320
describe 'manages configuration file correctly' do
319321
it {
320322
is_expected.to contain_file('rabbitmq.config').with(
321-
'owner' => '0',
323+
'owner' => 'rabbitmq',
322324
'group' => 'rabbitmq',
323325
'mode' => '0640'
324326
)
325327
}
326328
end
327329

330+
describe 'manages SSL directory correctly' do
331+
it {
332+
is_expected.to contain_file('/etc/rabbitmq/ssl').with(
333+
'ensure' => 'directory',
334+
'owner' => 'rabbitmq',
335+
'group' => 'rabbitmq',
336+
'mode' => '2750'
337+
)
338+
}
339+
end
340+
328341
describe 'does not contain pre-ranch settings with default config' do
329342
it do
330343
is_expected.to contain_file('rabbitmq.config'). \

0 commit comments

Comments
 (0)