From 059d1ad4e003f047fb8f1244c13a7198df4018fb Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Fri, 13 Sep 2013 18:52:59 +0000 Subject: [PATCH] Make ci-launch directory readable by admin users Commit 5ae5e6cc added puppetry for /root/ci-launch on the Puppet master server, but set permissions on it too restrictive for users launching new servers to be able to read the files within it. * launch/README: Note that the user following these directions should also be in the admin group. * modules/openstack_project/manifests/puppetmaster.pp: Set group ownership of /root/ci-launch to admin so members of that group will be able to read the files within it. Change-Id: I6c657eb4311b27ce329f249df3e60c2b902677ae --- launch/README | 7 ++++--- modules/openstack_project/manifests/puppetmaster.pp | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/launch/README b/launch/README index 33786596e1..80189c825b 100644 --- a/launch/README +++ b/launch/README @@ -2,10 +2,11 @@ Create Server ============= Note that these instructions assume you're working from this -directory on an updated local clone of the repository on the puppetmaster, and -that your account is a member of the puppet and salt groups for access -to their respective keys:: +directory on an updated local clone of the repository on the +puppetmaster, and that your account is a member of the admin, puppet +and salt groups for access to their respective keys:: + sudo adduser $(whoami) admin sudo adduser $(whoami) puppet sudo adduser $(whoami) salt diff --git a/modules/openstack_project/manifests/puppetmaster.pp b/modules/openstack_project/manifests/puppetmaster.pp index 539f52f601..8203d9b7cf 100644 --- a/modules/openstack_project/manifests/puppetmaster.pp +++ b/modules/openstack_project/manifests/puppetmaster.pp @@ -46,7 +46,7 @@ class openstack_project::puppetmaster ( file { '/root/ci-launch': ensure => directory, owner => 'root', - group => 'root', + group => 'admin', mode => '0750', }