From 7e67d35c3d0d19f2b78b15e04812fa8af2709cae Mon Sep 17 00:00:00 2001 From: Francesco Pantano Date: Thu, 4 Mar 2021 10:30:52 +0100 Subject: [PATCH] Ensure $HOME dir exists and has the right owner/group This changes adds an additional task to make sure the output of the useradd module is consistent when the HOME dir for a given user is created. In particular this tasks ensure the HOME dir has the right owner/group associated to the user that has been created. Closes-Bug: #1917856 Change-Id: I64846594123b9d5f333082b3f7714186713caffb --- tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml | 1 + .../roles/tripleo_create_admin/tasks/create_user.yml | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml b/tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml index 93074d315..9a26869ec 100644 --- a/tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml +++ b/tripleo_ansible/playbooks/cli-enable-ssh-admin.yaml @@ -78,6 +78,7 @@ state: directory mode: "0700" owner: "{{ ansible_user }}" + group: "{{ ansible_user }}" become: true - name: Ensure ssh key pair diff --git a/tripleo_ansible/roles/tripleo_create_admin/tasks/create_user.yml b/tripleo_ansible/roles/tripleo_create_admin/tasks/create_user.yml index 36ba5bfc7..9e7f4fbe6 100644 --- a/tripleo_ansible/roles/tripleo_create_admin/tasks/create_user.yml +++ b/tripleo_ansible/roles/tripleo_create_admin/tasks/create_user.yml @@ -27,6 +27,15 @@ {{ tripleo_admin_user }} ALL=(ALL) NOPASSWD:ALL mode: 0440 +# workaround for https://bugs.launchpad.net/tripleo/+bug/1917856 +- name: ensure home dir has the right owner/group for user {{ tripleo_admin_user }} + file: + path: /home/{{ tripleo_admin_user }} + state: directory + owner: '{{ tripleo_admin_user }}' + group: '{{ tripleo_admin_user }}' + mode: 0700 + - name: ensure .ssh dir exists for user {{ tripleo_admin_user }} file: path: /home/{{ tripleo_admin_user }}/.ssh