From a477cd90223be571c39a21a695ab5a3d9b800346 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 17 Aug 2022 11:29:21 +0100 Subject: [PATCH] Fix use of become_user by installing acl package Change-Id: I69bf810632d09eddaa3983ae56e833debe9fd03b --- ansible/roles/dev-tools/defaults/main.yml | 3 +++ ansible/roles/pip/tasks/pip_conf.yml | 9 --------- .../notes/install-acl-package-0f21c110cd07537c.yaml | 6 ++++++ 3 files changed, 9 insertions(+), 9 deletions(-) create mode 100644 releasenotes/notes/install-acl-package-0f21c110cd07537c.yaml diff --git a/ansible/roles/dev-tools/defaults/main.yml b/ansible/roles/dev-tools/defaults/main.yml index bcae9cbf9..eb61072c7 100644 --- a/ansible/roles/dev-tools/defaults/main.yml +++ b/ansible/roles/dev-tools/defaults/main.yml @@ -1,6 +1,9 @@ --- # List of default packages to install. dev_tools_packages_default: + # NOTE(mgoddard): The acl package is required for the setfacl command, used by + # become_user. + - acl - bash-completion - tcpdump - vim diff --git a/ansible/roles/pip/tasks/pip_conf.yml b/ansible/roles/pip/tasks/pip_conf.yml index ce164f365..6d473da0e 100644 --- a/ansible/roles/pip/tasks/pip_conf.yml +++ b/ansible/roles/pip/tasks/pip_conf.yml @@ -1,13 +1,4 @@ --- -# NOTE(mgoddard): The acl package is required for the setfacl command, used by -# become_user. -- name: Ensure acl package is installed - package: - name: acl - cache_valid_time: "{{ apt_cache_valid_time if ansible_facts.os_family == 'Debian' else omit }}" - update_cache: "{{ True if ansible_facts.os_family == 'Debian' else omit }}" - become: true - - name: Create local .pip directory file: path: "~{{ item }}/.pip" diff --git a/releasenotes/notes/install-acl-package-0f21c110cd07537c.yaml b/releasenotes/notes/install-acl-package-0f21c110cd07537c.yaml new file mode 100644 index 000000000..d67d8f860 --- /dev/null +++ b/releasenotes/notes/install-acl-package-0f21c110cd07537c.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes an issue where a custom playbook using `become_user` could fail when + setting permissions on temporary files. The `acl` package is now installed + on all systems by default.