Adds the option of setting the key file's ownership

diff --git a/providers/client.rb b/providers/client.rb
index 7d01c200f2817f58bf372178888c30b4a493203a..98bf333f8f64e095daefd4e0ca060e5f82568c25 100644 (file)
--- a/providers/client.rb
+++ b/providers/client.rb
@@ -9,6 +9,9 @@ action :add do
   filename = @current_resource.filename
   keyname = @current_resource.keyname
   caps = @new_resource.caps.map { |k, v| "#{k} '#{v}'" }.join(' ')
+  owner = @new_resource.owner
+  group = @new_resource.group
+  mode = @new_resource.mode
   if ! @current_resource.caps_match
     converge_by("Set caps for #{@new_resource}") do
       auth_set_key(keyname, caps)
@@ -17,18 +20,18 @@ action :add do
       # update the key in the file
       file filename do
         content file_content
-        owner 'root'
-        group 'root'
-        mode '640'
+        owner owner
+        group group
+        mode mode
       end
     end
   else
     # make sure the file matches what the cluster thinks
     file filename do
       content file_content
-      owner 'root'
-      group 'root'
-      mode '640'
+      owner owner
+      group group
+      mode mode
     end
   end
 

diff --git a/resources/client.rb b/resources/client.rb
index e8af62aff8250a3405f4baed376f21509c17dc98..023e6c2fd2001815dcf4673183138983ca858569 100644 (file)
--- a/resources/client.rb
+++ b/resources/client.rb
@@ -16,4 +16,9 @@ attribute :keyname, :kind_of => String
 # defaults to /etc/ceph/ceph.client.#{name}.#{hostname}.secret if not as_keyring
 attribute :filename, :kind_of => String
 
+# key file access creds
+attribute :owner, :kind_of => String, :default => 'root'
+attribute :group, :kind_of => String, :default => 'root'
+attribute :mode, :kind_of => Integer, :default => 00640
+
 attr_accessor :key, :caps_match