Issue cegeka#36 - further updates to permissions and default logdir

LarkIT · Jan 5, 2017 · c115575 · c115575
1 parent 019e553
commit c115575
Showing 1 changed file with 11 additions and 9 deletions.
diff --git a/manifests/instance/sftp.pp b/manifests/instance/sftp.pp
@@ -6,7 +6,7 @@
   $server_name='sFTP server',
   $server_ident='sFTP server ready',
   $server_admin='root@server',
-  $logdir=undef,
+  $logdir='/var/log',
   $max_clients='45',
   $max_loginattempts='3',
   $default_root='~',
@@ -46,25 +46,27 @@
   if ! defined(File["${logdir}/proftpd"]) {
     file { "${logdir}/proftpd":
       ensure => directory,
-      owner  => 'proftpd',
-      group  => 'proftpd',
+      owner  => $proftpd::proftpd_user,
+      group  => $proftpd::proftpd_group,
+      mode   => '0750',
     }
 
   }
 
   if ! defined(File["${logdir}/proftpd/sftp"]) {
     file { "${logdir}/proftpd/sftp":
       ensure  => directory,
-      owner   => 'proftpd',
-      group   => 'proftpd',
+      owner   => $proftpd::proftpd_user,
+      group   => $proftpd::proftpd_group,
+      mode    => '0750',
       require => File["${logdir}/proftpd"],
       notify  => Class['proftpd::service']
     }
   }
 
   file { "/etc/proftpd/sites.d/${vhost_name}.conf":
     ensure  => file,
-    owner   => root,
+    owner   => 'root',
     group   => $proftpd::proftpd_group,
     mode    => '0640',
     content => template("${module_name}/sites.d/sftp.conf.erb"),
@@ -73,7 +75,7 @@
 
   file { "/etc/proftpd/users.d/${vhost_name}.conf":
     ensure  => file,
-    owner   => root,
+    owner   => 'root',
     group   => $proftpd::proftpd_group,
     mode    => '0640',
     content => template("${module_name}/users.d/users.conf.erb"),
@@ -83,15 +85,15 @@
   if $authentication == 'file' {
     file { "/etc/proftpd/users.d/${vhost_name}.passwd":
       ensure  => file,
-      owner   => root,
+      owner   => 'root',
       group   => $proftpd::proftpd_group,
       mode    => '0640',
       replace => false
     }
 
     file { "/etc/proftpd/users.d/${vhost_name}.group":
       ensure  => file,
-      owner   => root,
+      owner   => 'root',
       group   => $proftpd::proftpd_group,
       mode    => '0640',
       replace => false