Merge lp:~cjwatson/charms/precise/squid-forwardproxy/umask into lp:~canonical-launchpad-branches/charms/precise/squid-forwardproxy/trunk

Proposed by Colin Watson
Status: Merged
Merged at revision: 38
Proposed branch: lp:~cjwatson/charms/precise/squid-forwardproxy/umask
Merge into: lp:~canonical-launchpad-branches/charms/precise/squid-forwardproxy/trunk
Diff against target: 24 lines (+7/-0)
2 files modified
config.yaml (+5/-0)
templates/main_config.template (+2/-0)
To merge this branch: bzr merge lp:~cjwatson/charms/precise/squid-forwardproxy/umask
Reviewer Review Type Date Requested Status
Colin Watson Approve
Review via email:

Commit message

Allow specifying a umask other than squid's default of 027.

Description of the change

Allow specifying a umask other than squid's default of 027.

The default umask is reasonable in many environments, but in the case where the system's main purpose is squid and anyone who has access to the system at all ought to be able to read its logs, it just makes things unnecessarily awkward.

To post a comment you must log in.
Revision history for this message
Colin Watson (cjwatson) wrote :

I'm going to go ahead with this. The target branch is just used by mojo-lp-snap-proxy right now, and it's easy enough to undo if people don't like this approach.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'config.yaml'
--- config.yaml 2016-03-30 14:11:35 +0000
+++ config.yaml 2016-07-05 11:28:09 +0000
@@ -94,3 +94,8 @@
94 '[{dstdomain: [], src: [,]}, {"!port": [80], http_access: deny}, {url_regex: ["https?://[^/]+[.]internal(/.*)?"], src: []}]'94 '[{dstdomain: [], src: [,]}, {"!port": [80], http_access: deny}, {url_regex: ["https?://[^/]+[.]internal(/.*)?"], src: []}]'
95 NOTE: you can use the following oneliner to verify your YAML string:95 NOTE: you can use the following oneliner to verify your YAML string:
96 python -c 'import yaml;import sys;print yaml.dump(yaml.load(sys.argv[1]))' '<string>'96 python -c 'import yaml;import sys;print yaml.dump(yaml.load(sys.argv[1]))' '<string>'
97 umask:
98 type: string
99 default: '027'
100 description: >
101 Minimum umask which should be enforced while the proxy is running.
=== modified file 'templates/main_config.template'
--- templates/main_config.template 2015-09-28 02:42:41 +0000
+++ templates/main_config.template 2016-07-05 11:28:09 +0000
@@ -19,6 +19,8 @@
19snmp_incoming_address {{ config.my_ip_address }}19snmp_incoming_address {{ config.my_ip_address }}
20{% endif %}20{% endif %}
22umask {{ config.umask }}
22logformat combined {{ config.log_format }}24logformat combined {{ config.log_format }}
23access_log /var/log/squid3/access.log combined25access_log /var/log/squid3/access.log combined


People subscribed via source and target branches

to all changes: