summary |
shortlog |
log |
commit | commitdiff |
review |
tree
raw |
patch |
inline | side by side (from parent 1:
dcb7116)
Files created by the apt module are mode writable by the
owner. Because those files are managed by Puppet, they should really
not be writable by anyone, even root. While root can bypass those
warnings, having files readonly does provide an immediate and reliable
indication that a file should not be edited on site, on top of the
usual top of file warnings.
This also fixes a problem with sources.list.d being non-executable,
which Puppet seems to ignore, but seems better to keep consistent.
path => $::apt::sources_list,
owner => root,
group => root,
path => $::apt::sources_list,
owner => root,
group => root,
notify => Class['apt::update'],
}
notify => Class['apt::update'],
}
path => $::apt::sources_list_d,
owner => root,
group => root,
path => $::apt::sources_list_d,
owner => root,
group => root,
purge => $_purge['sources.list.d'],
recurse => $_purge['sources.list.d'],
notify => Class['apt::update'],
purge => $_purge['sources.list.d'],
recurse => $_purge['sources.list.d'],
notify => Class['apt::update'],
path => $::apt::preferences,
owner => root,
group => root,
path => $::apt::preferences,
owner => root,
group => root,
notify => Class['apt::update'],
}
notify => Class['apt::update'],
}
path => $::apt::preferences_d,
owner => root,
group => root,
path => $::apt::preferences_d,
owner => root,
group => root,
purge => $_purge['preferences.d'],
recurse => $_purge['preferences.d'],
notify => Class['apt::update'],
purge => $_purge['preferences.d'],
recurse => $_purge['preferences.d'],
notify => Class['apt::update'],
ensure => $auth_conf_ensure,
owner => $auth_conf_owner,
group => 'root',
ensure => $auth_conf_ensure,
owner => $auth_conf_owner,
group => 'root',
content => "${confheadertmp}${auth_conf_tmp}",
notify => Class['apt::update'],
}
content => "${confheadertmp}${auth_conf_tmp}",
notify => Class['apt::update'],
}
ensure => $ensure,
owner => 'root',
group => 'root',
ensure => $ensure,
owner => 'root',
group => 'root',
content => $content,
source => $source,
notify => $_notify,
content => $content,
source => $source,
notify => $_notify,
path: '/etc/apt/sources.list',
owner: 'root',
group: 'root',
path: '/etc/apt/sources.list',
owner: 'root',
group: 'root',
notify: 'Class[Apt::Update]' }
sources_list_d = { ensure: 'directory',
path: '/etc/apt/sources.list.d',
owner: 'root',
group: 'root',
notify: 'Class[Apt::Update]' }
sources_list_d = { ensure: 'directory',
path: '/etc/apt/sources.list.d',
owner: 'root',
group: 'root',
purge: false,
recurse: false,
notify: 'Class[Apt::Update]' }
purge: false,
recurse: false,
notify: 'Class[Apt::Update]' }
path: '/etc/apt/preferences',
owner: 'root',
group: 'root',
path: '/etc/apt/preferences',
owner: 'root',
group: 'root',
notify: 'Class[Apt::Update]' }
preferences_d = { ensure: 'directory',
path: '/etc/apt/preferences.d',
owner: 'root',
group: 'root',
notify: 'Class[Apt::Update]' }
preferences_d = { ensure: 'directory',
path: '/etc/apt/preferences.d',
owner: 'root',
group: 'root',
purge: false,
recurse: false,
notify: 'Class[Apt::Update]' }
purge: false,
recurse: false,
notify: 'Class[Apt::Update]' }
it 'lays down /etc/apt/apt.conf.d/15update-stamp' do
is_expected.to contain_file('/etc/apt/apt.conf.d/15update-stamp').with(group: 'root',
it 'lays down /etc/apt/apt.conf.d/15update-stamp' do
is_expected.to contain_file('/etc/apt/apt.conf.d/15update-stamp').with(group: 'root',
owner: 'root').with_content(
%r{APT::Update::Post-Invoke-Success {"touch /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true";};},
)
owner: 'root').with_content(
%r{APT::Update::Post-Invoke-Success {"touch /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true";};},
)
is_expected.to contain_file('/etc/apt/auth.conf').with(ensure: 'present',
owner: auth_conf_owner,
group: 'root',
is_expected.to contain_file('/etc/apt/auth.conf').with(ensure: 'present',
owner: auth_conf_owner,
group: 'root',
notify: 'Class[Apt::Update]',
content: auth_conf_content)
}
notify: 'Class[Apt::Update]',
content: auth_conf_content)
}
'content' => %r{Apt::Install-Recommends 0;\nApt::AutoRemove::InstallRecommends 1;},
'owner' => 'root',
'group' => 'root',
'content' => %r{Apt::Install-Recommends 0;\nApt::AutoRemove::InstallRecommends 1;},
'owner' => 'root',
'group' => 'root',
}
context 'with notify_update = true (default)' do
}
context 'with notify_update = true (default)' do
is_expected.to contain_file(filename).with('ensure' => 'absent',
'owner' => 'root',
'group' => 'root',
is_expected.to contain_file(filename).with('ensure' => 'absent',
'owner' => 'root',
'group' => 'root',
is_expected.to contain_file('/etc/apt/apt.conf.d/50teddybear').that_notifies('Class[Apt::Update]').with(ensure: 'file',
owner: 'root',
group: 'root',
is_expected.to contain_file('/etc/apt/apt.conf.d/50teddybear').that_notifies('Class[Apt::Update]').with(ensure: 'file',
owner: 'root',
group: 'root',
source: params[:source].to_s)
}
end
source: params[:source].to_s)
}
end
is_expected.to contain_file('/etc/apt/apt.conf.d/50teddybear').that_notifies('Class[Apt::Update]').with(ensure: 'file',
owner: 'root',
group: 'root',
is_expected.to contain_file('/etc/apt/apt.conf.d/50teddybear').that_notifies('Class[Apt::Update]').with(ensure: 'file',
owner: 'root',
group: 'root',
content: params[:content].to_s)
}
end
content: params[:content].to_s)
}
end