The following is a standalone policy that will create the file /home/mark/tmp/test_plain and the directory /home/mark/tmp/test_dir/ and set permissions on both.

code
body common control

{
      bundlesequence  => { "example"  };
}


bundle agent example

{
  files:

      "/home/mark/tmp/test_plain" 

The promiser specifies the path and name of the file.

code
      perms => system,
      create => "true";

The perms attribute sets the file permissions as defined in the system body below. The create attribute makes sure that the files exists. If it doesn't, CFEngine will create it.

code
      "/home/mark/tmp/test_dir/." 

      perms => system,
      create => "true";

The trailing /. in the filename tells CFEngine that the promiser is a directory.

code
}


body perms system

{
      mode  => "0640";
}

This body sets permissions to "0640"

This policy can be found in /var/cfengine/share/doc/examples/create_filedir.cf and downloaded directly from github.

Example output:

command
cf-agent -f unit_create_filedir.cf -I
output
2013-06-08T14:56:26-0700     info: /example/files/'/home/mark/tmp/test_plain': Created file '/home/mark/tmp/test_plain', mode 0640
2013-06-08T14:56:26-0700     info: /example/files/'/home/mark/tmp/test_dir/.': Created directory '/home/mark/tmp/test_dir/.'
2013-06-08T14:56:26-0700     info: /example/files/'/home/mark/tmp/test_dir/.': Object '/home/mark/tmp/test_dir' had permission 0755, changed it to 0750