Hi folks,
I was discussing this ticket with Dan DeLeo on irc and we thought it
would be a good idea to get feedback from a larger audience.
Have a look at the example at http://tickets.opscode.com/browse/CHEF-1621.
The user was expecting:
777 ldm:ldm /data
777 ldm:ldm /data/realtime
777 ldm:ldm /data/realtime/fetched
777 ldm:ldm /data/realtime/fetched/radar
Here’s what chef did:
755 root:root /data
755 root:root /data/realtime
755 root:root /data/realtime/fetched
777 ldm:ldm /data/realtime/fetched/radar
The current chef behavior makes sense to me. Here are a couple of reasons why:
-
As the directory being defined is /data/realtime/fetched/radar, I
would not expect chef to touch the ownership or permissions on
anything above it. I would however expect chef to create the required
parent directories if they did not exist in order to satisfy the
desired state. -
If chef modified the permissions/ownership for the entire
structure, this could have adverse effects if there were additional
directories defined under /data, or /data/realtime or
/data/realtime/fetched. If /data/foo existed for example. In my
opinion, this would be counterintuitive behavior.
I agree with the ticket submitter that the docs aren’t 100% clear on
this and should probably be updated.
I would love to hear additional thoughts on this.
-Tommy