diff --git a/manifests/init.pp b/manifests/init.pp index 36aa21a9..d507be4e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -237,12 +237,12 @@ exec { 'nftables_running_state_check': command => 'echo "reloading nftables"', path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], - unless => "/usr/bin/test -s /var/tmp/nftables_hash -a \"$(nft -s list ruleset | sha1sum)\" = \"$(cat ${inmem_rules_hash_file})\"", + unless => "/usr/bin/test -s ${inmem_rules_hash_file} -a \"$(nft -s list ruleset | sha1sum)\" = \"$(cat ${inmem_rules_hash_file})\"", notify => Service['nftables'], } # Generate nftables_hash upon any changes from the nftables service - exec { 'generate_nftables_hash': + exec { 'nftables_generate_hash': command => "nft -s list ruleset | sha1sum > ${inmem_rules_hash_file}", path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], subscribe => Service['nftables'], diff --git a/spec/classes/nftables_spec.rb b/spec/classes/nftables_spec.rb index c9bb4648..ddae2df3 100644 --- a/spec/classes/nftables_spec.rb +++ b/spec/classes/nftables_spec.rb @@ -135,7 +135,7 @@ } it { - expect(subject).not_to contain_exec('generate_ntfables_hash') + expect(subject).not_to contain_exec('nftables_generate_hash') } it { @@ -323,11 +323,11 @@ is_expected.to contain_exec('nftables_running_state_check').with( command: %r{^echo "reloading nftables"$}, notify: 'Service[nftables]', - unless: %r{^/usr/bin/test -s /var/tmp/nftables_hash -a "\$\(nft -s list ruleset \| sha1sum\)" = "\$\(cat /foo/bar\)"$} + unless: %r{^/usr/bin/test -s /foo/bar -a "\$\(nft -s list ruleset \| sha1sum\)" = "\$\(cat /foo/bar\)"$} ) } it { - is_expected.to contain_exec('generate_nftables_hash').with( + is_expected.to contain_exec('nftables_generate_hash').with( command: %r{^nft -s list ruleset \| sha1sum > /foo/bar$}, subscribe: 'Service[nftables]', refreshonly: true,