[patch] Allow all signers to read the key to upload signed rpms
Kevin Fenzi
kevin at tummy.com
Thu Aug 5 23:44:35 UTC 2010
On Thu, 5 Aug 2010 12:37:00 -0500
Dennis Gilmore <dennis at ausil.us> wrote:
> diff --git a/manifests/services/pkgsigner.pp
> b/manifests/services/pkgsigner.pp
> index 11af55c..4449934 100644
> ---
> a/manifests/services/pkgsigner.pp
> +++ b/manifests/services/pkgsigner.pp
> @@
> -17,7 +17,7 @@ class pkgsigner {
>
> folder { "/etc/pki/pkgsigner/":
>
> owner => 'root',
> - group => 'jkeating',
> + group =>
> 'signers',
> mode => '0750',
> source => "blank/"
> }
> @@
> -25,7 +25,7 @@ class pkgsigner {
> cert {
> '/etc/pki/pkgsigner/pkgsigner.pem':
> source =>
> 'secure/pkgsigner_key_and_cert.pem',
> owner => 'root',
> -
> group => 'jkeating',
> + group => 'signers',
> mode => '440'
>
> }
>
> @@ -45,7 +45,7 @@ class epel-pkgsigner {
>
> folder {
> "/etc/pki/pkgsigner/":
> owner => 'root',
> - group =>
> 'jkeating',
> + group => 'signers',
> mode => '0750',
>
> source => "blank/"
> }
> @@ -53,7 +53,7 @@ class epel-pkgsigner {
> cert
> { '/etc/pki/pkgsigner/pkgsigner.pem':
> source =>
> 'secure/pkgsigner_key_and_cert.pem',
> owner => 'root',
> -
> group => 'jkeating',
> + group => 'signers',
> mode => '440'
>
> }
Looks good to me, +1
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20100805/9fa58242/attachment.bin
More information about the infrastructure
mailing list