Forum: Cfengine Help
Subject: Re: Setting perms on home directory files
Author: Beto
Link to topic: https://cfengine.com/forum/read.php?3,17127,17532#msg-17532
I'm not sure what files you're suggesting using file_select for but my solution
above doesn't use any shell commands. I did have to change the readstringarray
pattern slightly to include root and all uids above 199, with exceptions, into
the array:
#########################################################
#
# Check home file ownership and perms
bundle agent home_ownership
{
vars:
# Put all users in /etc/passwd into the array "HomeDir", excluding
entries
# with a uid 1-199, nobody (-2), oracle (204), applmgr (205) hpsmh
(430),
# nfsnobody (65534, 4294967294) and ids (1000). Note: the pattern
"[*x]"
# is used in the password field due to incorrect results on linux
systems
# when ".*" was used.
"HomeDirn" int => readstringarray(
"HomeDir",
"/etc/passwd",
".*:[*x]:([1-9]|\d{2}|1\d{1,2}|-2|204|205|430|65534|4294967294|1000):.*",
":",
"300",
"12000"
);
"HomeUsr" slist => getindices("HomeDir");
files:
any::
"$(HomeDir[$(HomeUsr)][5])"
perms =>
mog("o-rwx,g-w","$(HomeDir[$(HomeUsr)][2])","$(HomeDir[$(HomeUsr)][3])"),
depth_search => recurse("inf");
}
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
