Skip to content

Commit 0816712

Browse files
Thomas-GelfThomas-Gelf
committed
module: allow to configure module user/group
Motivation: for security reasons they shouldn't belong to the Wildfly user. Also, when installing Wildfly via RPM the current implementation fails on `mkdir -p`, as the `modules` directory belongs to root. I didn't want to change file ownership handling throughout the whole module. So this fix allows those who depend on RPMs and those who want to not grant the web server write access to it's binaries the possibility to achieve that goal.
1 parent 4c118ff commit 0816712

File tree

1 file changed

+6
-14
lines changed

1 file changed

+6
-14
lines changed

manifests/config/module.pp

Lines changed: 6 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,9 @@
1111
String $template = 'wildfly/module.xml',
1212
Optional[Boolean] $system = true,
1313
Optional[Array] $dependencies = [],
14-
Optional[String] $custom_file = undef) {
14+
Optional[String] $custom_file = undef,
15+
Optional[String] $user = $::wildfly::user,
16+
Optional[String] $group = $::wildfly::user) {
1517

1618
require wildfly::install
1719

@@ -22,8 +24,8 @@
2224
}
2325

2426
File {
25-
owner => $wildfly::user,
26-
group => $wildfly::group
27+
owner => $user,
28+
group => $group,
2729
}
2830

2931
$dir_path = "${wildfly::dirname}/modules/${module_dir}/${namespace_path}/main"
@@ -32,14 +34,12 @@
3234
path => ['/bin','/usr/bin', '/sbin'],
3335
command => "mkdir -p ${dir_path}",
3436
unless => "test -d ${dir_path}",
35-
user => $wildfly::user,
37+
user => $user,
3638
before => [File[$dir_path]],
3739
}
3840

3941
file { $dir_path:
4042
ensure => directory,
41-
owner => $wildfly::user,
42-
group => $wildfly::group,
4343
}
4444

4545
if $source == '.' {
@@ -54,8 +54,6 @@
5454
/^(file:|puppet:)/: {
5555
file { "${dir_path}/${file_name}":
5656
ensure => file,
57-
owner => $::wildfly::user,
58-
group => $::wildfly::group,
5957
mode => '0655',
6058
source => $source
6159
}
@@ -71,8 +69,6 @@
7169

7270
file { "${dir_path}/${file_name}":
7371
ensure => file,
74-
owner => $::wildfly::user,
75-
group => $::wildfly::group,
7672
mode => '0655',
7773
require => Exec["download module from ${source}"],
7874
}
@@ -82,8 +78,6 @@
8278
if $custom_file {
8379
file { "${dir_path}/module.xml":
8480
ensure => file,
85-
owner => $wildfly::user,
86-
group => $wildfly::group,
8781
content => file($custom_file),
8882
}
8983
} else {
@@ -95,8 +89,6 @@
9589

9690
file { "${dir_path}/module.xml":
9791
ensure => file,
98-
owner => $wildfly::user,
99-
group => $wildfly::group,
10092
content => epp($template, $params),
10193
}
10294
}

0 commit comments

Comments
 (0)