Directory resource (recursive) not changing ownership below top level


#1

I have a recipe and in it I am trying to change the ownership
recursively of an existing directory, subdirectory and files. I
thought the Directory resource would be what I should use. However, it
only changes the top level directory… How could I do this
idempotently if the directory resource doesn’t work?

directory “/var/spool/postfix” do

owner “postfix”

group “root”

mode “0755”

recursive true

action :create

end

Randy


#2

execute chmod?

On Fri, Jan 27, 2012 at 8:56 AM, Van Fossan,Randy vanfossr@oclc.org wrote:

I have a recipe and in it I am trying to change the ownership recursively
of an existing directory, subdirectory and files. I thought the Directory
resource would be what I should use. However, it only changes the top
level directory… How could I do this idempotently if the directory
resource doesn’t work?****



directory “/var/spool/postfix” do****

owner “postfix”****

group “root”****

mode “0755”****

recursive true****

action :create****

end****


Randy****


#3

Thanks Edward…

That is what I am doing now. Although, I do not believe that is
idempotent (forces changes even if it already correct) and is more
resource intensive (I think) than using the directory resource…??

From: ejsarge@gmail.com [mailto:ejsarge@gmail.com] On Behalf Of Edward
Sargisson
Sent: Friday, January 27, 2012 12:04 PM
To: chef@lists.opscode.com
Subject: [chef] Re: directory resource (recursive) not changing
ownership below top level

execute chmod?

On Fri, Jan 27, 2012 at 8:56 AM, Van Fossan,Randy vanfossr@oclc.org
wrote:

I have a recipe and in it I am trying to change the ownership
recursively of an existing directory, subdirectory and files. I
thought the Directory resource would be what I should use. However, it
only changes the top level directory… How could I do this
idempotently if the directory resource doesn’t work?

directory “/var/spool/postfix” do

owner “postfix”

group “root”

mode “0755”

recursive true

action :create

end

Randy


#4

It’s still idempotent. Once chmod is run then your desired files have the
desired permissions.
Sure, it will run again and again on each chef-client run but that’s just
not being efficient - not actually breach of idempotency.

My guess is that the recursive part of the directory resource is about
creating the directories to get to that point - not to set permissions
below it.

On Fri, Jan 27, 2012 at 10:10 AM, Van Fossan,Randy vanfossr@oclc.orgwrote:

Thanks Edward…****


That is what I am doing now. Although, I do not believe that is
idempotent (forces changes even if it already correct) and is more
resource intensive (I think) than using the directory resource…??****


From: ejsarge@gmail.com [mailto:ejsarge@gmail.com] On Behalf Of Edward
Sargisson
Sent: Friday, January 27, 2012 12:04 PM
To: chef@lists.opscode.com
Subject: [chef] Re: directory resource (recursive) not changing
ownership below top level
**


execute chmod?****

On Fri, Jan 27, 2012 at 8:56 AM, Van Fossan,Randy vanfossr@oclc.org
wrote:****

I have a recipe and in it I am trying to change the ownership recursively
of an existing directory, subdirectory and files. I thought the Directory
resource would be what I should use. However, it only changes the top
level directory… How could I do this idempotently if the directory
resource doesn’t work?****



directory “/var/spool/postfix” do****

owner “postfix”****

group “root”****

mode “0755”****

recursive true****

action :create****

end****


Randy****



#5

If you’re worried, you could implement a not_if clause to check if the
chmod needs to happen. However, Edward is right, my understanding is
that recursive just creates directories. It intentionally doesn’t try
to set ownership on things above the specified target even if it
creates them. One reason is, you could recursively create directories
an unknown number of levels deep; how do you know what to set the
perms to at each level? What level do you stop at? The top is going to
be / and you surely don’t wanna change that, but hard to say where
you’d wanna start below it. If you need to set permissions at multiple
levels, I would include them all explicitly like:

["/var",
"/var/spool",
"/var/spool/postfix"].each do |dir|
directory dir do
owner "postfix"
group "root"
mode "0755"
action :create
end
end

KC

On Fri, Jan 27, 2012 at 10:15 AM, Edward Sargisson esarge@pobox.com wrote:

It’s still idempotent. Once chmod is run then your desired files have the
desired permissions.
Sure, it will run again and again on each chef-client run but that’s just
not being efficient - not actually breach of idempotency.

My guess is that the recursive part of the directory resource is about
creating the directories to get to that point - not to set permissions below
it.

On Fri, Jan 27, 2012 at 10:10 AM, Van Fossan,Randy vanfossr@oclc.org
wrote:

Thanks Edward…

That is what I am doing now. Although, I do not believe that is
idempotent (forces changes even if it already correct) and is more resource
intensive (I think) than using the directory resource…??

From: ejsarge@gmail.com [mailto:ejsarge@gmail.com] On Behalf Of Edward
Sargisson
Sent: Friday, January 27, 2012 12:04 PM
To: chef@lists.opscode.com
Subject: [chef] Re: directory resource (recursive) not changing ownership
below top level

execute chmod?

On Fri, Jan 27, 2012 at 8:56 AM, Van Fossan,Randy vanfossr@oclc.org
wrote:

I have a recipe and in it I am trying to change the ownership recursively
of an existing directory, subdirectory and files. I thought the Directory
resource would be what I should use. However, it only changes the top
level directory… How could I do this idempotently if the directory
resource doesn’t work?

directory “/var/spool/postfix” do

owner “postfix”

group “root”

mode “0755”

recursive true

action :create

end

Randy