Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-6024

Restrict which files are inlined within the per-environment directory

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • PUP 4.4.0
    • None
    • Not Needed
    • Restrict which files we consider to be inlineable to be consistent with puppetserver.

    Description

      Currently puppet's catalog terminus will inline metadata for anything within the per-environment code directory. However, puppetserver's ACL will only allow static content to be retrieved if the path is of the form $codedir/environments/<environment>/modules/*/files/**.

      Usually that is the case. However, if a user specifies a environment.conf with a custom modulepath, then it's possible for the resolved file path to be of the form $codedir/environments/<environment>/site/role/**, where role is interpreted as the module name. As a result, we will inline file metadata, but puppetserver will refuse to serve file content.

      We need to be more restrictive and only inline metadata for files of the form:

      $codedir/environments/<environment>/*/<module>/files/**.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              josh Josh Cooper
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support