On Mon, Jul 27, 2009 at 11:01:16PM +0200, Peter Meier wrote: > > Is there a consistent culture or policy in the Puppet community to > > override explicit security configurations? It must be explicitly > > avoided in an audit, if that's the case. If there is no policy, > > perhaps we should define one? > > the only existing culture is that for file resources directories > automatically get the execute bit. I don't yet see why you'd like to > have a directory without the execute flag set, maybe you can explain?
On a slight tangent, how about having 755 on a directory but (for example) having 700 or 600 recursively on all the managed directories and files underneath it (and maybe different ownership as well). There are valid reasons for wanting to do this but the last time I tried it, I found it impossible with puppet. Maybe I should look again to see what I missed. -- Bruce I object to intellect without discipline. I object to power without constructive purpose. -- Spock --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
