From 88c984694e9fa304c00f4a96bee6fa053300fe71 Mon Sep 17 00:00:00 2001
From: Ian Wienand <iwienand@redhat.com>
Date: Fri, 5 Nov 2021 09:39:29 +1100
Subject: [PATCH] refstack: don't chown db directory

See I8d8ce5c62c660875d5c6eed54c686996576ec9df; mariadb containers
chown this to their internal user, we don't want to reset it.

Change-Id: If33a26438c6aa63d0ef0e02bdad6a643070be922
---
 playbooks/roles/refstack/tasks/main.yaml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/playbooks/roles/refstack/tasks/main.yaml b/playbooks/roles/refstack/tasks/main.yaml
index 938f28fc8e..5c7d4067bb 100644
--- a/playbooks/roles/refstack/tasks/main.yaml
+++ b/playbooks/roles/refstack/tasks/main.yaml
@@ -70,13 +70,14 @@
     group: root
     mode: 0755
 
+# NOTE(ianw) This deliberately does not set owner/group/mode, as the
+# mariadb container chowns this directory to be owned by a
+# container-internal user and drops root privileges.  We don't want to
+# reset this from outside the container.
 - name: Create refstack db storage area
   file:
     state: directory
     path: /var/lib/refstack/db
-    owner: root
-    group: root
-    mode: 0755
 
 - name: Copy hound robots.txt
   copy: