Fix mv destination file path for /etc/bind
- Force Package[bind] to be installed before moving /etc/bind into the $chroot_dir - Fix recursive permissions for /var/bind9/chroot/** directories (so that user bind can cross those directories if they belong to root)
This commit is contained in:
committed by
Cedric DEFORTIS
parent
16f2f22c4b
commit
1ea5d96d6b
@@ -14,7 +14,7 @@ class bind::chroot::manual(
|
||||
"${::bind::defaults::chroot_dir}/var/cache",
|
||||
"${::bind::defaults::chroot_dir}/var/run"]:
|
||||
ensure => directory,
|
||||
mode => '0660',
|
||||
mode => '0661',
|
||||
require => Exec['mkdir-p-$chroot_dir'],
|
||||
}
|
||||
|
||||
@@ -48,13 +48,13 @@ class bind::chroot::manual(
|
||||
require => [ Exec['mknod-dev-null'], Exec['mknod-dev-random'], Exec['mknod-dev-urandom'] ],
|
||||
}
|
||||
exec { 'mv-etc-bind-into-jailed-etc':
|
||||
command => "mv ${::bind::defaults::confdir} ${::bind::defaults::chroot_dir}",
|
||||
command => "mv ${::bind::defaults::confdir} ${::bind::defaults::chroot_dir}${::bind::defaults::confdir}",
|
||||
path => ['/bin', '/usr/bin'],
|
||||
unless => "test -d ${::bind::defaults::chroot_dir}${::bind::defaults::confdir}",
|
||||
require => [ File["${::bind::defaults::chroot_dir}/etc"] ]
|
||||
require => [ Package['bind'], File["${::bind::defaults::chroot_dir}/etc"] ],
|
||||
}
|
||||
-> file { '/etc/bind':
|
||||
ensure => link,
|
||||
target => "${::bind::defaults::chroot_dir}${::bind::defaults::confdir}",
|
||||
}
|
||||
#-> file { '/etc/bind':
|
||||
# ensure => link,
|
||||
# target => "${::bind::defaults::chroot_dir}/${::bind::defaults::confdir}",
|
||||
#}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user