diff options
author | Toshio Kuratomi <a.badger@gmail.com> | 2016-11-22 12:16:04 -0800 |
---|---|---|
committer | Toshio Kuratomi <a.badger@gmail.com> | 2016-11-22 12:36:43 -0800 |
commit | 255a5b5d75f996b48f8d8f4ee0786ff30d1742ff (patch) | |
tree | 627d1cdc4f2f41d4388079cc97c4d18782d7f8fd | |
parent | d5910ebdae9eab24a43a15ed8b1f11e8c3f290c5 (diff) | |
download | ansible-255a5b5d75f996b48f8d8f4ee0786ff30d1742ff.tar.gz |
Fix the Solaris POSIX acl fix
For setfacl on Solaris we need to specify permissions like r-x.
For chmod, we need to specify them as rx (r-x means to make the file
readable and *not* executable)
-rw-r--r-- | lib/ansible/plugins/action/__init__.py | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/ansible/plugins/action/__init__.py b/lib/ansible/plugins/action/__init__.py index d00d3c3639..509d8b3382 100644 --- a/lib/ansible/plugins/action/__init__.py +++ b/lib/ansible/plugins/action/__init__.py @@ -358,14 +358,16 @@ class ActionBase(with_metaclass(ABCMeta, object)): # Try to use file system acls to make the files readable for sudo'd # user if execute: - mode = 'r-x' + chmod_mode = 'rx' + setfacl_mode = 'r-x' else: + chmod_mode = 'rX' ### Note: this form fails silently on freebsd. We currently # never call _fixup_perms2() with execute=False but if we # start to we'll have to fix this. - mode = 'r-X' + setfacl_mode = 'r-X' - res = self._remote_set_user_facl(remote_paths, self._play_context.become_user, mode) + res = self._remote_set_user_facl(remote_paths, self._play_context.become_user, setfacl_mode) if res['rc'] != 0: # File system acls failed; let's try to use chown next # Set executable bit first as on some systems an @@ -387,7 +389,7 @@ class ActionBase(with_metaclass(ABCMeta, object)): display.warning('Using world-readable permissions for temporary files Ansible needs to create when becoming an unprivileged user.' ' This may be insecure. For information on securing this, see' ' https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user') - res = self._remote_chmod(remote_paths, 'a+%s' % mode) + res = self._remote_chmod(remote_paths, 'a+%s' % chmod_mode) if res['rc'] != 0: raise AnsibleError('Failed to set file mode on remote files (rc: {0}, err: {1})'.format(res['rc'], to_native(res['stderr']))) else: |