From 4b06eaf83e137ddeba2ce498e141ad87413761c0 Mon Sep 17 00:00:00 2001
From: Michael Gugino <mgugino@redhat.com>
Date: Tue, 9 Jan 2018 16:01:58 -0500
Subject: Chmod temp dirs created on localhost

After remove become:no statements on local_action tasks,
we need to ensure that the proper file permssions are
applied to local temp directories.

This reason for this is that the 'fetch' module
does not use 'become' for the localhost, just the remote
host.

Additionally, users may not wish for the localhost to
become during a fetch.  local_action will execute with
whatever permissions are specified in inventory or via
cli.
---
 .../common/openshift-cluster/upgrades/create_service_signer_cert.yml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'playbooks/common')

diff --git a/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml b/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
index 00a731cb0..ef8233b67 100644
--- a/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
+++ b/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml
@@ -10,6 +10,11 @@
     changed_when: false
     when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
 
+  - name: Chmod local temp directory
+    local_action: command chmod 777 "{{ local_cert_sync_tmpdir.stdout }}"
+    changed_when: false
+    when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool)
+
 - name: Create service signer certificate
   hosts: oo_first_master
   tasks:
-- 
cgit v1.2.3