diff options
19 files changed, 108 insertions, 110 deletions
diff --git a/doc/appendix/guides/centos.txt b/doc/appendix/guides/centos.txt index 50334ccbc..5a2d1bed0 100644 --- a/doc/appendix/guides/centos.txt +++ b/doc/appendix/guides/centos.txt @@ -497,7 +497,7 @@ file that looks like the following: .. code-block:: xml <FileInfo> - <Info owner='root' group='root' perms='0644' important='true'/> + <Info owner='root' group='root' mode='0644' important='true'/> </FileInfo> Now, running the client shows only unmanaged Service entries. Woohoo! diff --git a/doc/appendix/guides/converging_rhel5.txt b/doc/appendix/guides/converging_rhel5.txt index 1b52e198d..d6883c778 100644 --- a/doc/appendix/guides/converging_rhel5.txt +++ b/doc/appendix/guides/converging_rhel5.txt @@ -65,8 +65,8 @@ For a "Package" .. code-block:: xml <Rules priority="0"> - <Directory name="/etc/cron.hourly" group="root" owner="root" perms="0700" /> - <Directory name="/etc/cron.daily" group="root" owner="root" perms="0700" /> + <Directory name="/etc/cron.hourly" group="root" owner="root" mode="0700" /> + <Directory name="/etc/cron.daily" group="root" owner="root" mode="0700" /> </Rules> * Multiple instances @@ -111,9 +111,9 @@ For a "Path" <FileInfo> <Group name='webserver'> - <Info owner='root' group='root' perms='0652'/> + <Info owner='root' group='root' mode='0652'/> </Group> - <Info owner='root' group='sys' perms='0651'/> + <Info owner='root' group='sys' mode='0651'/> </FileInfo> Other troubleshooting tools diff --git a/doc/development/client-driver.txt b/doc/development/client-driver.txt index c42d2b964..67bbd0dce 100644 --- a/doc/development/client-driver.txt +++ b/doc/development/client-driver.txt @@ -34,7 +34,7 @@ an existing driver, and the process that was used to create it. * In the failure path, the current state of failing entry attributes should be set in the entry, to aid in auditing. (For example, if a file should be mode 644, and is currently - mode 600, then set attribute current_perms='600' in the input + mode 600, then set attribute current_mode='600' in the input entry) #. Add installation support. This method should return True/False diff --git a/doc/server/configuration.txt b/doc/server/configuration.txt index 6cf082cd8..2c5879ff0 100644 --- a/doc/server/configuration.txt +++ b/doc/server/configuration.txt @@ -54,7 +54,7 @@ is stored in a VCS and checked out onto the Bcfg2 server by a script running as the ``bcfg2`` user), then you would want to ``chown`` and ``chmod`` ``/var/lib/bcfg2`` rather than ``/var/lib/bcfg2/*``. Note also that the recursive ``chmod`` will change permissions on any files -that are using ``perms="inherit"`` in :ref:`server-info`. +that are using ``mode="inherit"`` in :ref:`server-info`. The Bcfg2 server also needs to be able to read its SSL certificate, key and the SSL CA certificate: diff --git a/doc/server/info.txt b/doc/server/info.txt index 34b5fcd7d..ddadd4e79 100644 --- a/doc/server/info.txt +++ b/doc/server/info.txt @@ -31,9 +31,9 @@ An ``info.xml`` file consists of a ``<FileInfo>`` tag containing an +------------+-------------------+----------------------------------+---------+ | group | Any valid group | Sets group of the file | root | +------------+-------------------+----------------------------------+---------+ -| perms | Numeric file mode | Sets the permissions of the file | 0644 | -| | | 'inherit' | (or inherits from the files on | | -| | | disk if set to 'inherit') | | +| mode | Numeric file mode | Sets the mode of the file (or | 0644 | +| | | 'inherit' | inherits from the files on disk | | +| | | if set to 'inherit') | | +------------+-------------------+----------------------------------+---------+ | secontext | A valid SELinux | Sets the SELinux context of the | default | | | context string or | file, or sets to the default | | @@ -56,7 +56,7 @@ A sample info file for CGI script on a web server might look like: .. code-block:: xml <FileInfo> - <Info owner="www" group="www" perms="0755"/> + <Info owner="www" group="www" mode="0755"/> </FileInfo> Back to the fstab example again, our final ``Cfg/etc/fstab/`` directory @@ -85,12 +85,12 @@ The following specifies a different global set of permissions <FileInfo> <Client name='foo.example.com'> - <Info owner='root' group='root' perms='0652'/> + <Info owner='root' group='root' mode='0652'/> </Client> <Group name='webserver'> - <Info owner='root' group='root' perms='0652'/> + <Info owner='root' group='root' mode='0652'/> </Group> - <Info owner='root' group='sys' perms='0651'/> + <Info owner='root' group='sys' mode='0651'/> </FileInfo> .. versionadded:: 1.2.0 @@ -100,10 +100,10 @@ of permissions depending on the path of the file:: <FileInfo> <Path name="/etc/bcfg2-web.conf"> - <Info owner="root" group="apache" perms="0640"/> + <Info owner="root" group="apache" mode="0640"/> </Path> <Path name="/etc/bcfg2-web.conf" negate="true"> - <Info owner="root" group="root" perms="0600"/> + <Info owner="root" group="root" mode="0600"/> </Path> </FileInfo> @@ -130,7 +130,7 @@ An example ``:info`` or ``info`` file would look like:: owner: www group: www - perms: 0755 + mode: 0755 All attributes allowed on the ``<Info>`` tag of an ``info.xml`` file can be used in an ``:info`` or ``info`` file. diff --git a/doc/server/plugins/generators/examples/cheetah/simple.txt b/doc/server/plugins/generators/examples/cheetah/simple.txt index fd6048e84..409f1b474 100644 --- a/doc/server/plugins/generators/examples/cheetah/simple.txt +++ b/doc/server/plugins/generators/examples/cheetah/simple.txt @@ -32,7 +32,7 @@ Output .. code-block:: xml - <Path type="file" name="/foo" owner="root" perms="0644" group="root"> + <Path type="file" name="/foo" owner="root" mode="0644" group="root"> Hostname is topaz.mcs.anl.gov Filename is /foo Template is /var/lib/bcfg2/Cfg/foo/foo.cheetah diff --git a/doc/server/plugins/generators/examples/genshi/test.txt b/doc/server/plugins/generators/examples/genshi/test.txt index 03d0becd9..26fc995be 100644 --- a/doc/server/plugins/generators/examples/genshi/test.txt +++ b/doc/server/plugins/generators/examples/genshi/test.txt @@ -79,7 +79,7 @@ When the above file is saved as ``Cfg/test/test.genshi`` and generated with ``bcfg2-info buildfile /test test.hostname.org``, the results look like this (below reformatted a little bit to fit in 80 columns):: - <Path type="file" name="/test" owner="root" perms="644" encoding="ascii" group="root" paranoid="false"> + <Path type="file" name="/test" owner="root" mode="644" encoding="ascii" group="root" paranoid="false"> Hostname is test.hostname.org Groups: diff --git a/doc/server/plugins/generators/rules.txt b/doc/server/plugins/generators/rules.txt index 7cc345a68..7b8b7a6c9 100644 --- a/doc/server/plugins/generators/rules.txt +++ b/doc/server/plugins/generators/rules.txt @@ -265,7 +265,7 @@ directory +-----------+------------------------------+------------+ | Name | Description | Values | +===========+==============================+============+ -| perms | Permissions of the directory | String | +| mode | File mode of the directory | String | +-----------+------------------------------+------------+ | owner | Owner of the directory | String | +-----------+------------------------------+------------+ @@ -285,8 +285,6 @@ hardlink +===========+==============================+========+ | to | File to link to | String | +-----------+------------------------------+--------+ -| perms | Permissions of the directory | String | -+-----------+------------------------------+--------+ | owner | Owner of the directory | String | +-----------+------------------------------+--------+ | group | Group Owner of the directory | String | @@ -312,7 +310,7 @@ permissions +-----------+--------------------------+--------+ | Name | Description | Values | +===========+==========================+========+ -| perms | Permissions of the file. | String | +| mode | Mode of the file. | String | +-----------+--------------------------+--------+ | owner | Owner of the file. | String | +-----------+--------------------------+--------+ @@ -343,7 +341,7 @@ child ``<ACL>`` tags. For instance: .. code-block:: xml <Path name="/etc/foo" type="directory" owner="root" group="root" - perms="0775"> + mode="0775"> <ACL type="default" scope="user" user="foouser" perms="rw"/> <ACL type="default" scope="group" group="users" perms="rx"/> </Path> @@ -384,7 +382,7 @@ on a file than those specified in the ``perms`` attribute on the .. code-block:: xml - <Path name="/etc/foo" perms="0644" group="root" owner="root"> + <Path name="/etc/foo" mode="0644" group="root" owner="root"> <ACL type="access" scope="user" user="foouser" perms="rwx"/> </Path> @@ -544,20 +542,20 @@ how to assign Rules to a host's literal configuration. .. code-block:: xml <Rules priority="0"> - <Path type='directory' group="root" name="/autonfs" owner="root" perms="0755"/> - <Path type='directory' group="utmp" name="/var/run/screen" owner="root" perms="0775"/> - <Path type='directory' group="root" name="/autonfs/stage" owner="root" perms="0755"/> - <Path type='directory' group="root" name="/exports" owner="root" perms="0755"/> - <Path type='directory' name="/etc/condor" owner="root" group="root" perms="0755"/> - <Path type='directory' name="/logs" group="wwwtrans" owner="root" perms="0775"/> - <Path type='directory' name="/mnt" group="root" owner="root" perms="0755"/> - <Path type='directory' name="/my" owner="root" group="root" perms="0755"/> - <Path type='directory' name="/my/bin" owner="root" group="root" perms="0755"/> - <Path type='directory' name="/nfs" owner="root" group="root" perms="0755"/> - <Path type='directory' name="/sandbox" perms="0777" owner="root" group="root"/> - <Path type='directory' name="/software" group="root" owner="root" perms="0755"/> - <Path type='permissions' perms="0555" group="audio" owner="root" name="/dev/dsp"/> - <Path type='permissions' perms="0555" group="audio" owner="root" name="/dev/mixer"/> + <Path type='directory' group="root" name="/autonfs" owner="root" mode="0755"/> + <Path type='directory' group="utmp" name="/var/run/screen" owner="root" mode="0775"/> + <Path type='directory' group="root" name="/autonfs/stage" owner="root" mode="0755"/> + <Path type='directory' group="root" name="/exports" owner="root" mode="0755"/> + <Path type='directory' name="/etc/condor" owner="root" group="root" mode="0755"/> + <Path type='directory' name="/logs" group="wwwtrans" owner="root" mode="0775"/> + <Path type='directory' name="/mnt" group="root" owner="root" mode="0755"/> + <Path type='directory' name="/my" owner="root" group="root" mode="0755"/> + <Path type='directory' name="/my/bin" owner="root" group="root" mode="0755"/> + <Path type='directory' name="/nfs" owner="root" group="root" mode="0755"/> + <Path type='directory' name="/sandbox" mode="0777" owner="root" group="root"/> + <Path type='directory' name="/software" group="root" owner="root" mode="0755"/> + <Path type='permissions' mode="0555" group="audio" owner="root" name="/dev/dsp"/> + <Path type='permissions' mode="0555" group="audio" owner="root" name="/dev/mixer"/> <Path type='symlink' name="/bin/whatami" to="/mcs/adm/bin/whatami"/> <Path type='symlink' name="/chibahomes" to="/nfs/chiba-homefarm"/> <Path type='symlink' name="/home" to="/nfs/mcs-homefarm"/> diff --git a/doc/server/plugins/generators/sshbase.txt b/doc/server/plugins/generators/sshbase.txt index b62a4a454..2b6c8640b 100644 --- a/doc/server/plugins/generators/sshbase.txt +++ b/doc/server/plugins/generators/sshbase.txt @@ -132,28 +132,28 @@ control the permissions and other metadata for the keys and <FileInfo> <Path name="/etc/ssh/ssh_host_dsa_key"> - <Info owner="root" group="wheel" perms="0660"/> + <Info owner="root" group="wheel" mode="0660"/> </Path> <Path name="/etc/ssh/ssh_host_dsa_key.pub"> - <Info owner="root" group="wheel" perms="0664"/> + <Info owner="root" group="wheel" mode="0664"/> </Path> </FileInfo> Default permissions are as follows: -+----------------------------------+-------+-------+-------+-----------+----------+----------+ -| File | owner | group | perms | sensitive | paranoid | encoding | -+==================================+=======+=======+=======+===========+==========+==========+ -| ssh_known_hosts | root | root | 0644 | false | false | None | -+----------------------------------+-------+-------+-------+-----------+----------+----------+ -| ssh_host_key | root | root | 0600 | false | false | base64 | -+----------------------------------+-------+-------+-------+-----------+----------+----------+ -| ssh_host_key.pub | root | root | 0644 | false | false | base64 | -+----------------------------------+-------+-------+-------+-----------+----------+----------+ -| ssh_host_[rsa|dsa|ecdsa]_key | root | root | 0600 | false | false | None | -+----------------------------------+-------+-------+-------+-----------+----------+----------+ -| ssh_host_[rsa|dsa|ecdsa]_key.pub | root | root | 0644 | false | false | None | -+----------------------------------+-------+-------+-------+-----------+----------+----------+ ++----------------------------------+-------+-------+------+-----------+----------+----------+ +| File | owner | group | mode | sensitive | paranoid | encoding | ++==================================+=======+=======+======+===========+==========+==========+ +| ssh_known_hosts | root | root | 0644 | false | false | None | ++----------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_key | root | root | 0600 | false | false | base64 | ++----------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_key.pub | root | root | 0644 | false | false | base64 | ++----------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_[rsa|dsa|ecdsa]_key | root | root | 0600 | false | false | None | ++----------------------------------+-------+-------+------+-----------+----------+----------+ +| ssh_host_[rsa|dsa|ecdsa]_key.pub | root | root | 0644 | false | false | None | ++----------------------------------+-------+-------+------+-----------+----------+----------+ Note that the ``sensitive`` attribute is false, even for private keys, in order to permit :ref:`pulling with bcfg2-admin diff --git a/doc/server/plugins/generators/tcheetah.txt b/doc/server/plugins/generators/tcheetah.txt index 894b35d31..ab147ce56 100644 --- a/doc/server/plugins/generators/tcheetah.txt +++ b/doc/server/plugins/generators/tcheetah.txt @@ -129,7 +129,7 @@ directory. Below is a simple example a file ``/foo``. .. code-block:: none - perms: 624 + mode: 624 Output ------ @@ -141,7 +141,7 @@ current client probe state. .. code-block:: xml - <Path type="file" name="/foo" owner="root" perms="0624" group="root"> + <Path type="file" name="/foo" owner="root" mode="0624" group="root"> Hostname is topaz.mcs.anl.gov Filename is /foo Template is /var/lib/bcfg2/TCheetah/foo/template diff --git a/doc/server/plugins/generators/tgenshi.txt b/doc/server/plugins/generators/tgenshi.txt index 5e0a7f1b5..43a02f253 100644 --- a/doc/server/plugins/generators/tgenshi.txt +++ b/doc/server/plugins/generators/tgenshi.txt @@ -92,7 +92,7 @@ Produces: .. code-block:: xml - <Path type="file" name="/bar.conf" owner="root" perms="0644" group="root">client is ypbound workstation + <Path type="file" name="/bar.conf" owner="root" mode="0644" group="root">client is ypbound workstation client is a desktop, but not an ubuntu desktop </Path> diff --git a/doc/server/plugins/structures/bundler/torque.txt b/doc/server/plugins/structures/bundler/torque.txt index 44e186541..32e6d4c30 100644 --- a/doc/server/plugins/structures/bundler/torque.txt +++ b/doc/server/plugins/structures/bundler/torque.txt @@ -14,9 +14,9 @@ A longer Bundle that includes many group-specific entries. <Bundle name='torque' version='1.0'> <Service name='nfs'/> <Service name='nfslock'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/spool'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/undelivered'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/spool'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/undelivered'/> <Path name='/var/spool/torque/pbs_environment'/> <Path name='/var/spool/torque/torque.server'/> <Path name='/var/spool/torque/server_name'/> @@ -24,11 +24,11 @@ A longer Bundle that includes many group-specific entries. <Group name='torque-mom'> <Service name='torque_mom'/> <Path name='/etc/init.d/torque_mom'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/aux'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/checkpoint'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/mom_logs'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/mom_priv'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/mom_priv/jobs'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/aux'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/checkpoint'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/mom_logs'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/mom_priv'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/mom_priv/jobs'/> <Path name='/var/spool/torque/mom_priv/config'/> <Path name='/var/spool/torque/mom_priv/prologue'/> <Path name='/var/spool/torque/mom_priv/epilogue'/> @@ -36,14 +36,14 @@ A longer Bundle that includes many group-specific entries. <Group name='torque-server'> <Service name='torque_server'/> <Path name='/etc/init.d/torque_server'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_logs'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/accounting'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/acl_groups'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/acl_hosts'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/acl_svr'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/acl_users'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/jobs'/> - <BoundPath type='directory' owner='root' group='root' perms='0755' name='/var/spool/torque/server_priv/queues'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_logs'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/accounting'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/acl_groups'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/acl_hosts'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/acl_svr'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/acl_users'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/jobs'/> + <BoundPath type='directory' owner='root' group='root' mode='0755' name='/var/spool/torque/server_priv/queues'/> </Group> </Bundle> diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/Directory.py b/src/lib/Bcfg2/Client/Tools/POSIX/Directory.py index 9aa8e7fa1..9b0b998bb 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/Directory.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/Directory.py @@ -10,7 +10,7 @@ from Bcfg2.Client.Tools.POSIX.base import POSIXTool class POSIXDirectory(POSIXTool): """ Handle <Path type='directory' ...> entries """ - __req__ = ['name', 'perms', 'owner', 'group'] + __req__ = ['name', 'mode', 'owner', 'group'] def verify(self, entry, modlist): ondisk = self._exists(entry) diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/File.py b/src/lib/Bcfg2/Client/Tools/POSIX/File.py index 40aade818..5842c4e1f 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/File.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/File.py @@ -12,7 +12,7 @@ from Bcfg2.Compat import unicode, b64encode, b64decode # pylint: disable=W0622 class POSIXFile(POSIXTool): """ Handle <Path type='file' ...> entries """ - __req__ = ['name', 'perms', 'owner', 'group'] + __req__ = ['name', 'mode', 'owner', 'group'] def fully_specified(self, entry): return entry.text is not None or entry.get('empty', 'false') == 'true' diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/Permissions.py b/src/lib/Bcfg2/Client/Tools/POSIX/Permissions.py index 5859f844a..d575dbab0 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/Permissions.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/Permissions.py @@ -5,4 +5,4 @@ from Bcfg2.Client.Tools.POSIX.base import POSIXTool class POSIXPermissions(POSIXTool): """ Handle <Path type='permissions' ...> entries """ - __req__ = ['name', 'perms', 'owner', 'group'] + __req__ = ['name', 'mode', 'owner', 'group'] diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/base.py b/src/lib/Bcfg2/Client/Tools/POSIX/base.py index 07d4ab015..8c9e5a1f5 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/base.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/base.py @@ -113,16 +113,16 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): path) rv = False - if entry.get("perms"): - wanted_perms = int(entry.get('perms'), 8) + if entry.get("mode"): + wanted_mode = int(entry.get('mode'), 8) if entry.get('dev_type'): - wanted_perms |= device_map[entry.get('dev_type')] + wanted_mode |= device_map[entry.get('dev_type')] try: - self.logger.debug("POSIX: Setting permissions on %s to %s" % - (path, oct(wanted_perms))) - os.chmod(path, wanted_perms) + self.logger.debug("POSIX: Setting mode on %s to %s" % + (path, oct(wanted_mode))) + os.chmod(path, wanted_mode) except (OSError, KeyError): - self.logger.error('POSIX: Failed to change permissions on %s' % + self.logger.error('POSIX: Failed to change mode on %s' % path) rv = False @@ -426,12 +426,12 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): group = None try: - perms = oct(ondisk[stat.ST_MODE])[-4:] + mode = oct(ondisk[stat.ST_MODE])[-4:] except (OSError, KeyError, TypeError): err = sys.exc_info()[1] self.logger.debug("POSIX: Could not get current permissions of " "%s: %s" % (path, err)) - perms = None + mode = None if HAS_SELINUX: try: @@ -448,17 +448,17 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): acls = self._list_file_acls(path) else: acls = None - return (ondisk, owner, group, perms, secontext, acls) + return (ondisk, owner, group, mode, secontext, acls) def _verify_metadata(self, entry, path=None): # pylint: disable=R0912 - """ generic method to verify perms, owner, group, secontext, acls, + """ generic method to verify mode, owner, group, secontext, acls, and mtime """ # allow setting an alternate path for recursive permissions checking if path is None: path = entry.get('name') attrib = dict() ondisk, attrib['current_owner'], attrib['current_group'], \ - attrib['current_perms'], attrib['current_secontext'] = \ + attrib['current_mode'], attrib['current_secontext'] = \ self._gather_data(path)[0:5] if not ondisk: @@ -473,17 +473,17 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): # symlink and hardlink entries, which have SELinux contexts # but not other permissions, optional secontext and mtime # attrs, and so on. - wanted_owner, wanted_group, wanted_perms, mtime = None, None, None, -1 + wanted_owner, wanted_group, wanted_mode, mtime = None, None, None, -1 if entry.get('mtime', '-1') != '-1': mtime = str(ondisk[stat.ST_MTIME]) if entry.get("owner"): wanted_owner = str(self._norm_entry_uid(entry)) if entry.get("group"): wanted_group = str(self._norm_entry_gid(entry)) - if entry.get("perms"): - while len(entry.get('perms', '')) < 4: - entry.set('perms', '0' + entry.get('perms', '')) - wanted_perms = int(entry.get('perms'), 8) + if entry.get("mode"): + while len(entry.get('mode', '')) < 4: + entry.set('mode', '0' + entry.get('mode', '')) + wanted_mode = int(entry.get('mode'), 8) errors = [] if wanted_owner and attrib['current_owner'] != wanted_owner: @@ -496,11 +496,11 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): "Current group is %s but should be %s" % (path, attrib['current_group'], entry.get('group'))) - if (wanted_perms and - oct(int(attrib['current_perms'], 8)) != oct(wanted_perms)): + if (wanted_mode and + oct(int(attrib['current_mode'], 8)) != oct(wanted_mode)): errors.append("Permissions for path %s are incorrect. " "Current permissions are %s but should be %s" % - (path, attrib['current_perms'], entry.get('perms'))) + (path, attrib['current_mode'], entry.get('mode'))) if entry.get('mtime'): attrib['current_mtime'] = mtime diff --git a/src/lib/Bcfg2/Client/Tools/SELinux.py b/src/lib/Bcfg2/Client/Tools/SELinux.py index ce49bfb82..5ac96f999 100644 --- a/src/lib/Bcfg2/Client/Tools/SELinux.py +++ b/src/lib/Bcfg2/Client/Tools/SELinux.py @@ -789,7 +789,7 @@ class SELinuxModuleHandler(SELinuxEntryHandler): filesystem """ pathentry = copy.deepcopy(entry) pathentry.set("name", self._filepath(pathentry)) - pathentry.set("perms", "0644") + pathentry.set("mode", "0644") pathentry.set("owner", "root") pathentry.set("group", "root") pathentry.set("secontext", "__default__") diff --git a/src/lib/Bcfg2/Reporting/templates/config_items/item.html b/src/lib/Bcfg2/Reporting/templates/config_items/item.html index 4c2e9c2ae..1eb2956f4 100644 --- a/src/lib/Bcfg2/Reporting/templates/config_items/item.html +++ b/src/lib/Bcfg2/Reporting/templates/config_items/item.html @@ -58,9 +58,9 @@ div.entry_list h3 { <tr><td style='text-align: right'><b>Group</b></td><td>{{item.target_perms.group}}</td> <td>{{item.current_perms.group}}</td></tr> {% endif %} - {% if item.current_perms.perms %} + {% if item.current_perms.mode%} <tr><td style='text-align: right'><b>Perms</b></td><td>{{item.target_perms.perms}}</td> - <td>{{item.current_perms.perms}}</td></tr> + <td>{{item.current_perms.mode}}</td></tr> {% endif %} {% endif %} {% if item.status_problem %} diff --git a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py index 39c0b02d0..332722074 100644 --- a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py +++ b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIX/Testbase.py @@ -205,7 +205,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_set_acls.assert_called_with(entry, path=entry.get("name")) entry = lxml.etree.Element("Path", name="/etc/foo", owner="owner", - group="group", perms="644", type="file") + group="group", mode="644", type="file") mock_norm_uid.return_value = 10 mock_norm_gid.return_value = 100 @@ -215,7 +215,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_norm_gid.assert_called_with(entry) mock_chown.assert_called_with(entry.get("name"), 10, 100) mock_chmod.assert_called_with(entry.get("name"), - int(entry.get("perms"), 8)) + int(entry.get("mode"), 8)) self.assertFalse(mock_utime.called) mock_set_secontext.assert_called_with(entry, path=entry.get("name")) mock_set_acls.assert_called_with(entry, path=entry.get("name")) @@ -228,7 +228,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_norm_gid.assert_called_with(entry) mock_chown.assert_called_with(entry.get("name"), 10, 100) mock_chmod.assert_called_with(entry.get("name"), - int(entry.get("perms"), 8)) + int(entry.get("mode"), 8)) mock_utime.assert_called_with(entry.get("name"), (mtime, mtime)) mock_set_secontext.assert_called_with(entry, path=entry.get("name")) mock_set_acls.assert_called_with(entry, path=entry.get("name")) @@ -238,7 +238,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_norm_uid.assert_called_with(entry) mock_norm_gid.assert_called_with(entry) mock_chown.assert_called_with('/etc/bar', 10, 100) - mock_chmod.assert_called_with('/etc/bar', int(entry.get("perms"), 8)) + mock_chmod.assert_called_with('/etc/bar', int(entry.get("mode"), 8)) mock_utime.assert_called_with(entry.get("name"), (mtime, mtime)) mock_set_secontext.assert_called_with(entry, path='/etc/bar') mock_set_acls.assert_called_with(entry, path='/etc/bar') @@ -258,7 +258,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_norm_gid.assert_called_with(entry) mock_chown.assert_called_with(entry.get("name"), 0, 0) mock_chmod.assert_called_with(entry.get("name"), - int(entry.get("perms"), 8) | list(device_map.values())[0]) + int(entry.get("mode"), 8) | list(device_map.values())[0]) mock_utime.assert_called_with(entry.get("name"), (mtime, mtime)) mock_set_secontext.assert_called_with(entry, path=entry.get("name")) mock_set_acls.assert_called_with(entry, path=entry.get("name")) @@ -274,7 +274,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_norm_gid.assert_called_with(entry) mock_chown.assert_called_with(entry.get("name"), 10, 100) mock_chmod.assert_called_with(entry.get("name"), - int(entry.get("perms"), 8)) + int(entry.get("mode"), 8)) mock_utime.assert_called_with(entry.get("name"), (mtime, mtime)) mock_set_secontext.assert_called_with(entry, path=entry.get("name")) mock_set_acls.assert_called_with(entry, path=entry.get("name")) @@ -292,7 +292,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_norm_gid.assert_called_with(entry) mock_chown.assert_called_with(entry.get("name"), 10, 100) mock_chmod.assert_called_with(entry.get("name"), - int(entry.get("perms"), 8)) + int(entry.get("mode"), 8)) mock_utime.assert_called_with(entry.get("name"), (mtime, mtime)) mock_set_secontext.assert_called_with(entry, path=entry.get("name")) mock_set_acls.assert_called_with(entry, path=entry.get("name")) @@ -624,7 +624,7 @@ class TestPOSIXTool(Bcfg2TestCase): mock_gather_data, mock_verify_acls, mock_matchpathcon): entry = lxml.etree.Element("Path", name="/test", type="file", - group="group", owner="user", perms="664", + group="group", owner="user", mode="664", secontext='etc_t') # _verify_metadata() mutates the entry, so we keep a backup so we # can start fresh every time @@ -646,7 +646,7 @@ class TestPOSIXTool(Bcfg2TestCase): # expected data. tuple of attr, return value index, value expected = [('current_owner', 1, '0'), ('current_group', 2, '10'), - ('current_perms', 3, '0664'), + ('current_mode', 3, '0664'), ('current_secontext', 4, 'etc_t')] mock_norm_uid.return_value = 0 mock_norm_gid.return_value = 10 @@ -702,7 +702,7 @@ class TestPOSIXTool(Bcfg2TestCase): # return value index, new (failing) value failures = [('current_owner', 1, '10'), ('current_group', 2, '100'), - ('current_perms', 3, '0660')] + ('current_mode', 3, '0660')] if HAS_SELINUX: failures.append(('current_secontext', 4, 'root_t')) |