Issue #3176 has been updated by James Turnbull. Status changed from Unreviewed to Needs design decision Assigned to set to Luke Kanies
---------------------------------------- Feature #3176: Extend the File type to manage filesystem capabilities http://projects.reductivelabs.com/issues/3176 Author: Andrew Pollock Status: Needs design decision Priority: Normal Assigned to: Luke Kanies Category: file Target version: Affected version: 0.25.4 Keywords: Branch: It's starting to sound like Linux's capabilities are going to be the next Big Thing. Puppet should be able to enforce various capabilities on files. I imagine something like file "/usr/sbin/tcpdump": { capabilities => [ "CAP_NET_RAW" ], } which would do the equivalent of running setcap cap_net_raw=ep /usr/sbin/tcpdump I don't see evidence of Ruby bindings for libcap2 at this time. See capabilities(7) for more information. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
