opendev/system-config
Code Issues Proposed changes

Fix gerrit config file permissions.

Browse Source 
Match what gerrit init creates; otherwise, gerrit init will
delete and recreate the secure config file, losing the database
password in the process.

Change-Id: Ic1632fe3b24a0e4498b2415029e8a1db0fd1dfe2
This commit is contained in:
James E. Blair 2012-04-24 07:36:24 -07:00
parent 269d8459db
commit 69bc0c1061
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules/gerrit/manifests/init.pp
View File

@ -226,10 +226,11 @@ class gerrit($virtual_hostname='',
} }
} }
# Gerrit sets these permissions in 'init'; don't fight them.
file { '/home/gerrit2/review_site/etc/gerrit.config': file { '/home/gerrit2/review_site/etc/gerrit.config':
owner => 'root', owner => 'gerrit2',
group => 'root', group => 'gerrit2',
mode => 444, mode => 644,
ensure => 'present', ensure => 'present',
content => template('gerrit/gerrit.config.erb'), content => template('gerrit/gerrit.config.erb'),
replace => 'true', replace => 'true',
@ -290,10 +291,13 @@ class gerrit($virtual_hostname='',
require => User['gerrit2'] require => User['gerrit2']
} }
# Gerrit sets these permissions in 'init'; don't fight them. If
# these permissions aren't set correctly, gerrit init will write a
# new secure.config file and lose the mysql password.
file { '/home/gerrit2/review_site/etc/secure.config': file { '/home/gerrit2/review_site/etc/secure.config':
owner => 'root', owner => 'gerrit2',
group => 'gerrit2', group => 'gerrit2',
mode => 440, mode => 600,
ensure => 'present', ensure => 'present',
source => 'file:///root/secret-files/secure.config', source => 'file:///root/secret-files/secure.config',
replace => 'true', replace => 'true',