Skip to content

Commit

Permalink
Ensure the permissions of a new redis-sentinel.conf
Browse files Browse the repository at this point in the history
Without these changes a from-scratch redis-sentinel.conf can be
created that is not writable by the redis user, as such the sentinel
server will exit immediately after starting.

This change ensures the permissions of the *.puppet file and then
preserves those permissions upon copy. Unfortunately the copied-to
file is hard to test in the spec files, so verification in test is
no longer available. It works properly in manual testing.
  • Loading branch information
cdent committed Jan 5, 2015
1 parent f814240 commit b820d82
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 10 deletions.
8 changes: 3 additions & 5 deletions manifests/sentinel.pp
Original file line number Diff line number Diff line change
Expand Up @@ -136,16 +136,14 @@
file {
$config_file_orig:
ensure => present,
content => template($conf_template);

$config_file:
owner => $service_user,
group => $service_group,
mode => $config_file_mode;
mode => $config_file_mode,
content => template($conf_template);
}

exec {
"cp ${config_file_orig} ${config_file}":
"cp -p ${config_file_orig} ${config_file}":
path => '/usr/bin:/bin',
subscribe => File[$config_file_orig],
notify => Service[$service_name],
Expand Down
7 changes: 2 additions & 5 deletions spec/classes/redis_sentinel_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,12 @@

it { should contain_file('/etc/redis/redis-sentinel.conf.puppet').with(
'ensure' => 'present',
'mode' => '0644',
'owner' => 'redis',
'content' => $expected_noparams_content
)
}

it { should contain_file('/etc/redis/redis-sentinel.conf').with(
'mode' => '0644'
)
}

it { should contain_service('redis-sentinel').with(
'ensure' => 'running',
'enable' => 'true',
Expand Down

0 comments on commit b820d82

Please sign in to comment.