crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Les commandes ne sont plus passées par un shell dans les Actions, on appelle bash explicitement

Browse source
This commit is contained in:
Pierre-Elliott Bécue 2015-05-10 15:21:24 +02:00
parent fb85a3f792
commit c1e5577c59
1 changed files with 4 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Rules/secrets.xml
View file

@ -3,19 +3,17 @@
<Group name="secrets-acl">
<Action name="setfacl-secrets" timing="post"
when="modified" status="check"
command="
setfacl -m u:www-data:rx /etc/crans/secrets;
command="bash -c 'setfacl -m u:www-data:rx /etc/crans/secrets;
setfacl -m u:www-data:r /etc/crans/secrets/trigger-generate;
setfacl -m u:www-data:r /etc/crans/secrets/secrets.py /etc/crans/secrets/dhcp.py /etc/crans/secrets/icecast-token"/>
setfacl -m u:www-data:r /etc/crans/secrets/secrets.py /etc/crans/secrets/dhcp.py /etc/crans/secrets/icecast-token'"/>
</Group>
<Action name="setfacl-secrets-freerad" timing="post"
when="modified" status="check"
command="
setfacl -m u:freerad:rx /etc/crans/;
command="bash -c 'setfacl -m u:freerad:rx /etc/crans/;
setfacl -m u:freerad:rx /etc/crans/secrets;
setfacl -m u:freerad:r /etc/crans/secrets/dhcp.py;
setfacl -m u:freerad:r /etc/crans/secrets/secrets.py;
setfacl -m u:freerad:r /etc/crans/secrets/trigger-generate.pub;
setfacl -m m::r /etc/crans/secrets/trigger-generate;
setfacl -m u:freerad:r /etc/crans/secrets/trigger-generate; "/>
setfacl -m u:freerad:r /etc/crans/secrets/trigger-generate;'"/>
</Rules>