Puppet: System Administration Automated

Support

Ticket #748 (new enhancement)

Opened 1 year ago

Last modified 6 months ago

The default file permissions should be stronger when running puppet.

Reported by: peiriannydd Assigned to: luke
Priority: normal Milestone:
Component: settings Version: 0.23.1
Severity: normal Keywords: configuration.rb, permissions
Cc: Triage Stage: Accepted
Attached Patches: Code Complexity: Unknown

Description

Modified the modes and ownerships in configuration.rb to try and enforce least privilege within the Puppet system.

Please note the fine differences in some cases, particularly ssldir, that provide puppet access to the files via the puppet group but only allow root to own the files.

This seems to work but may need to be tested more thoroughly in a larger environment.

Attachments

puppet-0.23.1_Tightened_Config.patch (9.3 kB) - added by peiriannydd on 08/01/07 22:29:00.

Change History

08/01/07 22:29:00 changed by peiriannydd

  • attachment puppet-0.23.1_Tightened_Config.patch added.

08/05/07 21:16:30 changed by luke

  • stage changed from Unreviewed to Accepted.

04/24/08 07:54:04 changed by luke

  • component changed from library to settings.