Sane default file permissions

doas.conf(5) is not an executable format, so `a+x` makes no sense. It contains privileged commands/information by design, so `o+r` is questionable. Use `u=rw,g=r,o=` to match OpenBSD's /etc/examples/doas.conf suggestion.
cirrax · Jun 5, 2023 · e5faf46 · e5faf46
1 parent 933a199
commit e5faf46
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -25,7 +25,7 @@
   Hash   $entries    = {},
   String $owner      = 'root',
   String $group      = 'wheel',
-  String $mode       = '0555',
+  String $mode       = '0600',
 ) {
   concat { $configfile:
     owner        => $owner,