Permissions should be set based on the "base file", since derived files
.customtt.tt2 or .customtt.tt2.web01a often have been created or copied
without the right permissions, whereas the base file usually has the
right permissions (at least if unmodified since shipped from the .deb
file, which if it happens it's usually a mistake).
This has been detected as an actual problem in several customers
upgrades when generating files like 'monitrc' with the wrong
permissions, and then 'monit' refusing to start, causing significant
headaches and waste of time.
Even if this is not always the cause, the problem comes often from
having .customtt files with different permissions (created new or copied
from other hosts or personal laptops from Ops/Support). In the past
there were .postbuild files to control the final ownership and/or
permissions of the file generated, so this problem was avoided, but at
some point most of them were deleted in commit
f65ae16579a62768dde0936d61e38af50550de6f (the solution favoured was to
control this at the repo/.deb and file level).
The corner cases will be dealt with with other extra measures, like
re-establishing those .postbuild files for the known and more dangerous
cases. But as a starting point, the permissions to be used for the
final file should be based on those of the "base file", and not these
.customtt files, for the reasons mentioned above.
Change-Id: I793cc68e8b962371c7b1d5192564da4b4d45bb8c
ngcpcfg - central and templated based Configuration Management System for NGCP
ngcp-ngcpcfg is a Configuration Management System providing central
configuration and template based handling of configuration
files, featuring handling of local configuration changes and
updates as well as synchronisation between servers.
NGCP is the Sipwise NGCP (Sipwise Next Generation Communication Platform),
visit Sipwise.org for further information.
Manuel Montecelo
02673fd15a
