Do not change permissions for /usr/local/etc/sudoers.d/ and don't delete /usr/local/etc/sudoers.d/.keep-me

[elofu17]

Hi!

This is not an issue, but it generates lots of puppet-report mail spam from all my FreeBSD nodes every time the sudo port has been updated.

"Notice: /Stage[main]/Sudo/File[/usr/local/etc/sudoers.d/]/mode: mode changed '0750' to '0550'"

Since this directory is owned by root, I don't see the point of changing the mode from 7 to 5. Better leave it at 750 and be spared a lot of puppet report changes.

The same thing goes for the file /usr/local/etc/sudoers.d/.keep-me I have no idea what this file is for, but puppet removes it every time the sudo port has been updated. If the file don't have to be removed, please leave it to avoid unneccesary puppet changes and reports.

[saz]

This is partially fixed in the current master by adding an option to specify dir and file modes.

Can you please provide the information, which group and owner the .keep-me file has by default?

[elofu17]

root wheel