mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-26 22:51:23 -07:00
Fix the Solaris POSIX acl fix
For setfacl on Solaris we need to specify permissions like r-x. For chmod, we need to specify them as rx (r-x means to make the file readable and *not* executable)
This commit is contained in:
parent
d5910ebdae
commit
255a5b5d75
1 changed files with 6 additions and 4 deletions
|
@ -358,14 +358,16 @@ class ActionBase(with_metaclass(ABCMeta, object)):
|
||||||
# Try to use file system acls to make the files readable for sudo'd
|
# Try to use file system acls to make the files readable for sudo'd
|
||||||
# user
|
# user
|
||||||
if execute:
|
if execute:
|
||||||
mode = 'r-x'
|
chmod_mode = 'rx'
|
||||||
|
setfacl_mode = 'r-x'
|
||||||
else:
|
else:
|
||||||
|
chmod_mode = 'rX'
|
||||||
### Note: this form fails silently on freebsd. We currently
|
### Note: this form fails silently on freebsd. We currently
|
||||||
# never call _fixup_perms2() with execute=False but if we
|
# never call _fixup_perms2() with execute=False but if we
|
||||||
# start to we'll have to fix this.
|
# start to we'll have to fix this.
|
||||||
mode = 'r-X'
|
setfacl_mode = 'r-X'
|
||||||
|
|
||||||
res = self._remote_set_user_facl(remote_paths, self._play_context.become_user, mode)
|
res = self._remote_set_user_facl(remote_paths, self._play_context.become_user, setfacl_mode)
|
||||||
if res['rc'] != 0:
|
if res['rc'] != 0:
|
||||||
# File system acls failed; let's try to use chown next
|
# File system acls failed; let's try to use chown next
|
||||||
# Set executable bit first as on some systems an
|
# Set executable bit first as on some systems an
|
||||||
|
@ -387,7 +389,7 @@ class ActionBase(with_metaclass(ABCMeta, object)):
|
||||||
display.warning('Using world-readable permissions for temporary files Ansible needs to create when becoming an unprivileged user.'
|
display.warning('Using world-readable permissions for temporary files Ansible needs to create when becoming an unprivileged user.'
|
||||||
' This may be insecure. For information on securing this, see'
|
' This may be insecure. For information on securing this, see'
|
||||||
' https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user')
|
' https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user')
|
||||||
res = self._remote_chmod(remote_paths, 'a+%s' % mode)
|
res = self._remote_chmod(remote_paths, 'a+%s' % chmod_mode)
|
||||||
if res['rc'] != 0:
|
if res['rc'] != 0:
|
||||||
raise AnsibleError('Failed to set file mode on remote files (rc: {0}, err: {1})'.format(res['rc'], to_native(res['stderr'])))
|
raise AnsibleError('Failed to set file mode on remote files (rc: {0}, err: {1})'.format(res['rc'], to_native(res['stderr'])))
|
||||||
else:
|
else:
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue