Affects Version/s: None
Fix Version/s: None
QA Risk Assessment:Needs Assessment
Puppet Version: 5.5.3
Puppet Server Version: 5.3.3
OS Name/Version: RHEL 7
We're managing /etc/puppetlabs/code/environments/production by r10k with a dedicated non-root user for security reasons.
Now the puppet-agent package owns /etc/puppetlabs/code/environments and some files and folders below.
On every puppet-agent upgrade directories in the production env will be owned and grouped into root again and r10k has no more permissions to change.
Also files marked as config-files get added with *.rpmnew extension owned by root. But these can be deleted if the containing directories are owned by the non-root user.
List of files and directories owned by puppet-agent rpm:
puppet-agent should not reset owner/group of directories in /etc/puppetlabs/code/environments
puppet-agent rpm upgrade resets ownership and group of directories in /etc/puppetlabs/code/environments/production