Fix the Solaris POSIX acl fix

For setfacl on Solaris we need to specify permissions like r-x. For chmod, we need to specify them as rx (r-x means to make the file readable and *not* executable)
author: Toshio Kuratomi <a.badger@gmail.com> 2016-11-22 12:16:04 -0800
committer: Toshio Kuratomi <a.badger@gmail.com> 2016-11-22 12:36:43 -0800
commit: 255a5b5d75f996b48f8d8f4ee0786ff30d1742ff (patch)
tree: 627d1cdc4f2f41d4388079cc97c4d18782d7f8fd
parent: d5910ebdae9eab24a43a15ed8b1f11e8c3f290c5 (diff)
download: ansible-255a5b5d75f996b48f8d8f4ee0786ff30d1742ff.tar.gz
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/ansible/plugins/action/__init__.py b/lib/ansible/plugins/action/__init__.py
index d00d3c3639..509d8b3382 100644
--- a/lib/ansible/plugins/action/__init__.py
+++ b/lib/ansible/plugins/action/__init__.py
@@ -358,14 +358,16 @@ class ActionBase(with_metaclass(ABCMeta, object)):
             # Try to use file system acls to make the files readable for sudo'd
             # user
             if execute:
-                mode = 'r-x'
+                chmod_mode = 'rx'
+                setfacl_mode = 'r-x'
             else:
+                chmod_mode = 'rX'
                 ### Note: this form fails silently on freebsd.  We currently
                 # never call _fixup_perms2() with execute=False but if we
                 # start to we'll have to fix this.
-                mode = 'r-X'
+                setfacl_mode = 'r-X'
 
-            res = self._remote_set_user_facl(remote_paths, self._play_context.become_user, mode)
+            res = self._remote_set_user_facl(remote_paths, self._play_context.become_user, setfacl_mode)
             if res['rc'] != 0:
                 # File system acls failed; let's try to use chown next
                 # Set executable bit first as on some systems an
@@ -387,7 +389,7 @@ class ActionBase(with_metaclass(ABCMeta, object)):
                         display.warning('Using world-readable permissions for temporary files Ansible needs to create when becoming an unprivileged user.'
                                 ' This may be insecure. For information on securing this, see'
                                 ' https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user')
-                        res = self._remote_chmod(remote_paths, 'a+%s' % mode)
+                        res = self._remote_chmod(remote_paths, 'a+%s' % chmod_mode)
                         if res['rc'] != 0:
                             raise AnsibleError('Failed to set file mode on remote files (rc: {0}, err: {1})'.format(res['rc'], to_native(res['stderr'])))
                     else:
author	Toshio Kuratomi <a.badger@gmail.com>	2016-11-22 12:16:04 -0800
committer	Toshio Kuratomi <a.badger@gmail.com>	2016-11-22 12:36:43 -0800
commit	255a5b5d75f996b48f8d8f4ee0786ff30d1742ff (patch)
tree	627d1cdc4f2f41d4388079cc97c4d18782d7f8fd
parent	d5910ebdae9eab24a43a15ed8b1f11e8c3f290c5 (diff)
download	ansible-255a5b5d75f996b48f8d8f4ee0786ff30d1742ff.tar.gz