diff options
| author | Luke Kanies <luke@madstop.com> | 2009-08-19 17:49:04 -0700 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2009-08-24 11:36:23 +1000 |
| commit | ea417d60915fcb68aeebaf750abb57cb5604fe6d (patch) | |
| tree | b7099e28b24aec71a8a86ee67ade0adf2b4f8dbd /spec | |
| parent | a49915ad928e01aa1a5505ae52125fac6f4f2744 (diff) | |
| download | puppet-ea417d60915fcb68aeebaf750abb57cb5604fe6d.tar.gz puppet-ea417d60915fcb68aeebaf750abb57cb5604fe6d.tar.xz puppet-ea417d60915fcb68aeebaf750abb57cb5604fe6d.zip | |
Fixing #2460 - puppetmasterd can now read the cert and key
This follows on to the previous commits which made Puppet
resilient to the service user being absent. This just
changes the default owner of all of the cert-related files
to now be the service user, which means that on the server
all of these files will be owned by that user and on
the client, at least when the service user does not exist,
they will be owned by root.
Signed-off-by: Luke Kanies <luke@madstop.com>
Diffstat (limited to 'spec')
| -rwxr-xr-x | spec/integration/defaults.rb | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/spec/integration/defaults.rb b/spec/integration/defaults.rb index 35ac3b12b..c38a1a14b 100755 --- a/spec/integration/defaults.rb +++ b/spec/integration/defaults.rb @@ -55,6 +55,16 @@ describe "Puppet defaults" do Puppet.settings.setting(:rundir).group.should be_nil end + it "should specify that the host private key should be owned by the service user" do + Puppet.settings.stubs(:service_user_available?).returns true + Puppet.settings.setting(:hostprivkey).owner.should == Puppet.settings[:user] + end + + it "should specify that the host certificate should be owned by the service user" do + Puppet.settings.stubs(:service_user_available?).returns true + Puppet.settings.setting(:hostcert).owner.should == Puppet.settings[:user] + end + it "should use a bind address of ''" do Puppet.settings[:bindaddress].should == "" end |