From 28721e46e406fb2bda36ae13b5211ebf97884ae1 Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Thu, 23 Aug 2018 17:27:49 -0400 Subject: [PATCH] Create nodepool_user_home_mode variable and default the value to 0755. Change-Id: I2d5374c49d682a0e8b565e61d280e73fc4619863 Signed-off-by: Paul Belanger --- defaults/main.yaml | 1 + molecule/tests/test_role.py | 2 +- tasks/pre.yaml | 10 ++++++++-- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/defaults/main.yaml b/defaults/main.yaml index 1bd7317..902f20c 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -23,6 +23,7 @@ nodepool_task_manager: nodepool_user_name: nodepool nodepool_user_group: nodepool nodepool_user_home: /var/lib/nodepool +nodepool_user_home_mode: 0755 # nodepool_user_shell: nodepool_file_nodepool_yaml_dest: /etc/nodepool/nodepool.yaml diff --git a/molecule/tests/test_role.py b/molecule/tests/test_role.py index 6b87e65..f3364f2 100644 --- a/molecule/tests/test_role.py +++ b/molecule/tests/test_role.py @@ -27,7 +27,7 @@ def test_nodepool_user(host): assert f.is_directory assert f.user == 'nodepool' assert f.group == 'nodepool' - # TODO(pabelanger): Validate mode + assert f.mode == 0o755 def test_nodepool_config(host): diff --git a/tasks/pre.yaml b/tasks/pre.yaml index 067f9de..1b5da65 100644 --- a/tasks/pre.yaml +++ b/tasks/pre.yaml @@ -12,12 +12,12 @@ # License for the specific language governing permissions and limitations # under the License. --- -- name: Create group account. +- name: Create group account become: true group: name: "{{ nodepool_user_group }}" -- name: Create user account. +- name: Create user account become: true user: createhome: true @@ -25,3 +25,9 @@ home: "{{ nodepool_user_home }}" name: "{{ nodepool_user_name }}" shell: "{{ nodepool_user_shell|default(omit) }}" + +- name: Set permissions on home directory + become: true + file: + path: "{{ nodepool_user_home }}" + mode: "{{ nodepool_user_home_mode }}"