library/roles/dnet_user_services_perms: Manage the case of existing files inside the directories where we set ACLs.
This commit is contained in:
parent
20ad4bcf6e
commit
29f67d04bb
|
@ -13,8 +13,9 @@ dnet_log_directories:
|
||||||
|
|
||||||
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
|
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
|
||||||
#dnet_users_data_directories:
|
#dnet_users_data_directories:
|
||||||
# - { name: '/data/1', create: 'True' }
|
# - { name: '/data/1', create: True }
|
||||||
# - { name: '/data/2', create: 'False' }
|
# - { name: '/data/2', create: False, file: False }
|
||||||
|
# - { name: '/data/bah', create: False, file: True }
|
||||||
|
|
||||||
# Define the following array when you want to add commands to the sudoers file
|
# Define the following array when you want to add commands to the sudoers file
|
||||||
#dnet_sudo_commands:
|
#dnet_sudo_commands:
|
||||||
|
|
|
@ -2,16 +2,24 @@
|
||||||
- name: Create the users dnet data dirs
|
- name: Create the users dnet data dirs
|
||||||
file: name={{ item.name }} state=directory owner=root group={{ dnet_group }} mode=0750
|
file: name={{ item.name }} state=directory owner=root group={{ dnet_group }} mode=0750
|
||||||
with_items: dnet_users_data_directories
|
with_items: dnet_users_data_directories
|
||||||
when: item.create
|
when: item.create and not item.file
|
||||||
tags: [ 'dnet', 'users' ]
|
tags: [ 'dnet', 'users' ]
|
||||||
|
|
||||||
- name: Set the read/write permissions on the users dnet data dirs
|
- name: Set the read/write/access permissions on the users dnet data dirs
|
||||||
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present
|
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present
|
||||||
with_items: dnet_users_data_directories
|
with_items: dnet_users_data_directories
|
||||||
|
when: not item.file
|
||||||
tags: [ 'dnet', 'users' ]
|
tags: [ 'dnet', 'users' ]
|
||||||
|
|
||||||
- name: Set the default read/write permissions on the users dnet data dirs
|
- name: Set the default read/write/access permissions on the users dnet data dirs
|
||||||
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
|
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
|
||||||
with_items: dnet_users_data_directories
|
with_items: dnet_users_data_directories
|
||||||
|
when: not item.file
|
||||||
|
tags: [ 'dnet', 'users' ]
|
||||||
|
|
||||||
|
- name: Set the read/write permissions on pre-existing files inside the users dnet data dirs
|
||||||
|
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rw state=present
|
||||||
|
with_items: dnet_users_data_directories
|
||||||
|
when: item.file
|
||||||
tags: [ 'dnet', 'users' ]
|
tags: [ 'dnet', 'users' ]
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue