diff --git a/pillar.example b/pillar.example index 256303a..c9f1cbe 100644 --- a/pillar.example +++ b/pillar.example @@ -119,6 +119,11 @@ users: # should be a salt fileserver path either with or without 'salt://' # if not present, it defaults to 'salt://users/files/user/ source: users/files/default + # You can specify octal mode for files and symlinks that will be copied. Since version 2016.11.0 + # it's possible to use 'keep' for file_mode, to preserve file original mode, thus you can save + # execution bit for example. + file_mode: keep + sym_mode: 640 ## Absent user cuser: diff --git a/users/user_files.sls b/users/user_files.sls index 461628b..dc654fe 100644 --- a/users/user_files.sls +++ b/users/user_files.sls @@ -9,6 +9,8 @@ include: {%- set user_files = salt['pillar.get'](('users:' ~ username ~ ':user_files'), {'enabled': False}) -%} {%- set user_group = salt['pillar.get'](('users:' ~ username ~ ':prime_group:name'), username) -%} {%- set user_home = salt['pillar.get'](('users:' ~ username ~ ':home'), current.get('home', '/home/' ~ username )) -%} +{%- set user_files_file_mode = salt['pillar.get'](('users:' ~ username ~ ':user_files:file_mode'), False) -%} +{%- set user_files_sym_mode = salt['pillar.get'](('users:' ~ username ~ ':user_files:sym_mode'), False) -%} {%- if user_files.enabled -%} {%- if user_files.source is defined -%} @@ -35,6 +37,12 @@ users_userfiles_{{ username }}_recursive: - user: {{ username }} - group: {{ user_group }} - clean: False + {% if user_files_file_mode -%} + - file_mode: {{ user_files_file_mode }} + {% endif -%} + {% if user_files_sym_mode -%} + - sym_mode: {{ user_files_sym_mode }} + {% endif -%} - include_empty: True - keep_symlinks: True - require: