Document the format for Unix permissions

2017-01-13 10:22:01 +01:00 · 2017-01-13 10:22:01 +01:00 · fba4316e09
parent dcd50fdbcf
commit fba4316e09
1 changed files with 15 additions and 0 deletions
--- a/CONVENTIONS.md
+++ b/CONVENTIONS.md
@ -187,3 +187,18 @@ The source file or template shouldn't to be prefixed for ordering (eg. `z-` or `
 When making a role or a task the necessary packages must be installed explicitly.

 For example for the "mysql" role we obviously need the MySQL packages, but we also need the "apg" package to generate new passwords. This package is installed by "evolinux-base" but the "mysql" role can be executed on a fresh server.
+
+## Caveats
+
+### Unix permissions must be written as String values
+
+Many modules have a `mode` attribute to specify the permissions on the files or directories. We can use the symbolic notation (`u+rwx` or `u=rw,g=r,o=r`) or the octal notation (`755`).
+
+It is not clearly documented but when using the octal notation, we **MUST** use a String format, and not a Numeric format (or whatever Python types). Examples :
+
+* `mode: 755` → Bad!
+* `mode: 1777` → Bad!
+* `mode: "755"` → Good
+* `mode: "1777"` → Good
+
+This is most probably due to the way Python deals with numeric values and cotal vs. decimal based integers. The String type guarantees that the proper value is used.