fix sed command

[dsa-puppet.git] / modules / ssl / manifests / init.pp

diff --git a/modules/ssl/manifests/init.pp b/modules/ssl/manifests/init.pp
index 30cc261c0200de5681f72c509f2829438540596c..bc4ae9f095159068ea2cec74d1a011b367ca873e 100644 (file)
--- a/modules/ssl/manifests/init.pp
+++ b/modules/ssl/manifests/init.pp
@@ -16,7 +16,7 @@ class ssl {
        file { '/etc/ssl/servicecerts':
                ensure   => directory,
                source   => 'puppet:///modules/ssl/servicecerts/',
-               mode     => '0644',
+               mode     => '0644', # this works; otherwise all files are +x
                purge    => true,
                recurse  => true,
                force    => true,
@@ -25,7 +25,7 @@ class ssl {
        file { '/etc/ssl/debian':
                ensure   => directory,
                source   => 'puppet:///files/empty/',
-               mode     => '0644',
+               mode     => '0644', # this works; otherwise all files are +x
                purge    => true,
                recurse  => true,
                force    => true,
@@ -85,12 +85,13 @@ class ssl {
                notify      => Exec['refresh_normal_hashes'], # see NOTE 1
        }
        exec { 'modify_configuration':
-               command     => "sed -i -e 's#!${cacert}#${cacert}' ${caconf}",
+               command     => "sed -i -e 's#!${cacert}#${cacert}#' ${caconf}",
                onlyif      => "grep -Fqx '!${cacert}' ${caconf}",
                notify      => Exec['refresh_normal_hashes'],
                require     => Package['ca-certificates'],
        }
        exec { 'refresh_debian_hashes':
+               command     => 'c_rehash /etc/ssl/debian/certs',
                refreshonly => true,
                require     => Package['openssl'],
        }