Browse Source

Fix permissions for galera role ca cert

Previous permissions prevented clustercheck from accessing the galera ca
certificate as it's run as user nobody.

Change-Id: I87e15a0c7b7344014f42cced22ffc1e8d3cee487
Closes-Bug: #1819384
changes/01/642301/1
mb 6 months ago
parent
commit
9f147645bb
2 changed files with 3 additions and 1 deletions
  1. 2
    1
      tasks/galera_ssl.yml
  2. 1
    0
      tasks/galera_ssl_self_signed.yml

+ 2
- 1
tasks/galera_ssl.yml View File

@@ -19,7 +19,7 @@
19 19
     state: "directory"
20 20
     owner: "mysql"
21 21
     group: "mysql"
22
-    mode: "0750"
22
+    mode: "0755"
23 23
 
24 24
 - include_tasks: galera_ssl_self_signed.yml
25 25
   when:
@@ -37,6 +37,7 @@
37 37
   with_items:
38 38
     - src: "{{ galera_user_ssl_ca_cert }}"
39 39
       dest: "{{ galera_ssl_ca_cert }}"
40
+      mode: "0644"
40 41
     - src: "{{ galera_user_ssl_cert }}"
41 42
       dest: "{{ galera_ssl_cert }}"
42 43
     - src: "{{ galera_user_ssl_key }}"

+ 1
- 0
tasks/galera_ssl_self_signed.yml View File

@@ -128,6 +128,7 @@
128 128
   with_items:
129 129
     - key: "galera_server_ca_cert"
130 130
       dest: "{{ galera_ssl_ca_cert }}"
131
+      mode: "0644"
131 132
     - key: "galera_server_private_key"
132 133
       dest: "{{ galera_ssl_key }}"
133 134
     - key: "galera_server_cert"

Loading…
Cancel
Save