Don't assume user's primary group name is the same as username

In certain environments, a user's primary group doesn't necessarily
match that of their username.  This change updates various playbooks to
make use of the `ansible_user_gid` fact instead.

This change also makes ownership explicit by using `ansible_user_uid`
instead of `ansible_user` or `ansible_user_id`, where appropriate.

Change-Id: Ifc2ea7d95ec90e91791ccb10772b15d991379479
Story: 2002770
Task: 22636
This commit is contained in:
Nick Jones 2018-07-02 09:52:19 +01:00
parent bb28786069
commit 5265993134
No known key found for this signature in database
GPG Key ID: F6D24C8669938334
10 changed files with 30 additions and 27 deletions

View File

@ -28,10 +28,10 @@
file:
path: "{{ kolla_build_log_path }}"
state: touch
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
- name: Login to docker registry
docker_login:
registry_url: "{{ kolla_docker_registry or omit }}"

View File

@ -22,6 +22,9 @@
include_role:
name: deactivate-virtualenv
- name: Gather facts
setup:
- name: Ensure the python-virtualenv package is installed
package:
name: python-virtualenv
@ -32,8 +35,8 @@
file:
path: "{{ virtualenv_path }}"
state: directory
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
mode: 0755
# Check whether the virtualenv directory is a subdirectory of the
# global virtualenv directory.
@ -44,8 +47,8 @@
file:
path: "{{ virtualenv }}"
state: directory
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
mode: 0700
become: True

View File

@ -73,8 +73,8 @@
file:
path: "{{ image_cache_path }}"
state: directory
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
when: >-
not image_cache_stat.stat.exists or

View File

@ -3,8 +3,8 @@
file:
path: "{{ inspection_store_config_path }}"
state: directory
owner: "{{ ansible_env.USER }}"
group: "{{ ansible_env.USER }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
mode: 0750
become: True

View File

@ -3,8 +3,8 @@
file:
path: "{{ ipa_images_cache_path }}"
state: directory
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
- name: Ensure Ironic Python Agent (IPA) images are downloaded

View File

@ -3,8 +3,8 @@
file:
path: "{{ item }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
mode: 0750
become: True
with_items:

View File

@ -20,8 +20,8 @@
file:
path: "{{ kolla_ansible_source_path | dirname }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
when: kolla_ansible_ctl_install_type == 'source'
@ -36,8 +36,8 @@
file:
path: "{{ kolla_ansible_venv | dirname }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
when: kolla_ansible_venv is not none

View File

@ -3,8 +3,8 @@
file:
path: "{{ item }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
mode: 0750
become: True
with_items:

View File

@ -22,8 +22,8 @@
file:
path: "{{ kolla_source_path | dirname }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
when: kolla_ctl_install_type == 'source'
@ -38,8 +38,8 @@
file:
path: "{{ kolla_venv | dirname }}"
state: directory
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
when: kolla_venv is not none

View File

@ -17,8 +17,8 @@
file:
path: "{{ image_cache_path }}"
state: directory
owner: "{{ ansible_env.USER }}"
group: "{{ ansible_env.USER }}"
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
# The user data script is used to bring up the network interfaces that will